last executing test programs: 3.963091114s ago: executing program 2 (id=1405): ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x0, @remote}, {0x2, 0x4e23, @loopback}, 0x1d7, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x4, 0x8}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 3.874393008s ago: executing program 2 (id=1407): r0 = socket$inet6(0xa, 0x80003, 0xff) setsockopt$inet6_int(r0, 0x29, 0x16, &(0x7f0000fcb000), 0x4) r1 = socket$inet6(0xa, 0x3, 0xff) setsockopt$inet6_int(r1, 0x29, 0x16, &(0x7f0000fcb000), 0x4) setsockopt$inet6_int(r1, 0x29, 0x16, &(0x7f0000fcb000)=0x80, 0x4) 3.83800022s ago: executing program 2 (id=1409): setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @dev={0xfe, 0x80, '\x00', 0x29}, 0x1}, 0x1c) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000002940)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x56e, 0x10c, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x50, 0x0, "", [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x29}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0xfc, 0xe9}}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000002c0)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="9e1b6c0000"], 0x0, 0x0, 0x0, 0x0}, 0x0) 2.936500048s ago: executing program 4 (id=1415): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000003"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r2, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 2.8844421s ago: executing program 4 (id=1416): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000100)={{0x58000, 0x0, 0xf000, 0x0, 0x7, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, {0x0, 0xddccb000, 0xa, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, {0x0, 0xdddd8000, 0xd, 0x8, 0x2, 0x4, 0x81, 0x0, 0x80, 0xe, 0x4, 0x3}, {0x10b002, 0x2000, 0xc, 0xfd, 0x80, 0x0, 0x3}, {0x1000, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x1, 0x1c, 0x1a, 0xa8}, {0x10000, 0xd000, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfc, 0x86, 0xfe}, {0xeeee8000, 0x30000, 0xa, 0x0, 0x7, 0x0, 0x0, 0x80, 0x0, 0x4}, {0xd000, 0xeeee8000, 0x3, 0x82, 0x0, 0x10, 0x4, 0xe}, {0x6000}, {0x1, 0xfffe}, 0xe0000009, 0x0, 0x0, 0x10, 0x1, 0x0, 0x900, [0x0, 0x0, 0x10000, 0x5]}) syz_usb_connect$cdc_ecm(0x2, 0x5a, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000020000102505a1a440000000010109024800010100000109040000ff02020000052406000005240000000d240f010024130005240102ff032413"], 0x0) 1.888131292s ago: executing program 0 (id=1424): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040000000800000008"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000004340)={0x6, 0xd, &(0x7f00000007c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000000}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}, @call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc) 1.744988529s ago: executing program 3 (id=1426): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000280)={0x4, 0x4, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x6, 0x6, 0x4, 0x80}, 0xe) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000340)={r1, @in6={{0xa, 0x4e23, 0x200, @remote, 0x3}}, [0x1200000000000, 0x1, 0x7, 0x3, 0xec, 0x2, 0x5, 0x1578, 0x7, 0x100000001, 0x1, 0x5, 0x9, 0x3, 0x4492]}, &(0x7f0000000440)=0x100) 1.73881006s ago: executing program 0 (id=1436): syz_mount_image$vfat(&(0x7f0000000300), &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRESHEX=0x0], 0x4, 0x1296, &(0x7f0000001b80)="$eJzs3c9rY0UcAPBv2nQ37bpN1XV1F8RBL4qQ3fbgyUuRXRArSrULKghvbaoh6Q+aUEgRt548Cf4Zoh69CeI/0IsXz4Ig0ovHPYhP2qRr0/SX/Qny+VwyzMx35jud18ALb3gbr341X59rVuayVgwUClFcGoriwxQpBmIwOtbipXu//PrsO++9/8bk1NSd6ZTuTr47/kpKafS5Hz/49Lvnf2pduff96A+XY31sYOPPid/Wr6/f2Pj726g1U62ZFhZbKUv3Fxdb2f1GNc3WmvVKSm83qlmzmmoLzepyT/tcY3FpqZ2yhdmrI0vL1WYzZQvtVK+2U6uQWsvtlH2c1RZSpVJJV0eCk5j55mGe5xF5PhSXIs/zfDhG4ko8FldjNMoxFo/HE/FkXIun4no8Hc/Eja1eF503AAAAAAAAAAAAAAAAAAAA/L8ccv6/4Pw/AAAAAAAAAAAAAAAAAAAAnL3d5/+LEd7/DwAAAAAAAAAAAAAAAAAAAOfskPf/7zr//7Lz/wAAAAAAAAAAAAAAAAAAAHAWSp2P6ZRKEfNfrMyszHQ+O/WTc1GLRlTjdpTjr9g6/d/RKd99ferO7bRlLG7NP+jGP1iZGeyNHx8qx1hhz/jx4YhIKfXGX46RnfETUY5re88/0Zl/V3wpXnxhM/7zTnwlyvHzR7EYjZiNKHRXvxX/2XhKr701Ndwbf3Oz374Gz3hbAAAA4DRV0iP99+9r3U6d9lJve6epe3+euj0LB/w+sOv+vBg3ixe1arY126v1rNGoLh+zcGn/cS6dbOS+QiEisthZMzry+/Tm5EccZ/tyO6V8dhQGjxF1/DSGDu5zgj2N4pH/mKv10lFSPfrudJNf212TlyN21Nz68M36oeP88fWOmlKc9nbvVRh4tNKB7mWWNdaOfLHFWp6faYZ9/4zD7dX65YOi9v/OKJzxdxLn599Nv+hMAAAAAAAAAAAA+C/2fPpvOCL6ngf8pK9m+/Hw3vD+kfef/ctzWCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+hs8cA") syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800000, 0x0, 0x0, 0x0, &(0x7f0000000080)) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_mems\x00', 0x275a, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x0) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 1.633775365s ago: executing program 3 (id=1427): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000380)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha1\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0) 1.581232118s ago: executing program 2 (id=1429): mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) setresuid(0x0, 0x0, 0xee00) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000060000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) llistxattr(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) 1.507648342s ago: executing program 1 (id=1430): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f00000000c0)={0x60001, 0x2}, 0x8) bind$bt_sco(r0, &(0x7f0000000400), 0x8) listen(r0, 0x0) shutdown(r0, 0x0) 1.421349946s ago: executing program 2 (id=1431): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81) writev(r1, &(0x7f0000000380)=[{&(0x7f0000000100)="cfed", 0x2}, {0x0, 0x4000}], 0x2) 1.362521449s ago: executing program 1 (id=1432): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) getpid() r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x32, &(0x7f0000000f00)=0x1000000, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) 1.321092082s ago: executing program 3 (id=1433): syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030303030322c71756965742c756d61736b3d30303030303030303030303030303030303030303030332c706172743d3078303030303030303030303030303432302c636f6465706167653d757466382c71756965742c696f636861727365743d6d61636963656c616e642c63726561746f723db6b72a1e2c7569643d", @ANYRESHEX=0x0, @ANYRESDEC=0x0], 0x4, 0x343, &(0x7f0000000600)="$eJzs3U1r1E4cB/DvZJ//Lf3HtlLxWC14Km09KCIo0ptvwIMUa7uF0ljBVrCiuHoW8SAIgkdvnkVvnvUivgE99VAEQS9FpJGZzCSTbZJ9aLvp0u8Hut1k5+E3s5lkphIDIjqyrsx+e3N2U/68+Kh3XQAcAFWgCOA4xqp3V9eX1736YlZBBZVD/ggEOcWuNAur9aSsMp/Koblyq4hBex8dDN/3/e8tU/3qSSyUH6FG8G4OUNGjU31e7XlkXWmkNMdOUOlZNIeF1SViG9u4h6E8wyEiovzp67+jrxKDev7uOMCEnof30/XfsFcQsQnBNvDg/97Hc2iE138n2PaF7B/VIyJa76klnOxDx6wSk8pKPCb8qLvLCI6s2BcgWq0qVSxObWnZq082VAFPcEmzko2q10WYhihp0ZaDX+MJa9MMWW3PNqDaUJJtKKXEP9JxjR+28NLarEVv5z63EZP4JL6IOeHiFRbD+V/RF7JzVP+4sTJN/FMtWukGqWKtjEbfMVXJSfMNvH8btbKW1q9VFGQsSWQponn+7po4n5fTc2E4flLQrZtOb53KNZKYaybc/pOYa7Q5V22p5NUnF257mX9K2TeJSyDxTFwT4/iBd5i15v+OTD2B9JEZG+VCpdRHRmZ7iiplyvcYowbwrY5GJgF//UCH2Z7iJs5jaG3j/sq859Xv5P/GDJUe1IU20gQHoj4c5R7520qDqnxTAqD3/NxzYDu+7yd+VMQ+tL1sQrVijqUpqaaeex02WZ1mG8HmHju8EfSh9dHl9MTRaVPuMWeEDitV2R+FueTVopPsv3XtaxvJB6SwIiwf7AAxVc173onwiyug0tZIqXVR6dWHK/NeN+ci6jfWeBm7vnUx73Co9+S8SwTrP2u9MqXOOvLFzViNtJx1WCVOp6yAhtXrf+2t4MJiU+eJA+aNV5/JWnOdOgOcbqrRganxcXOxro4Th/FfJStJYdWycohZfMUN/v2fiIiIiIiIiIiIiIiIiIiIiIiIiKjfdHo3QvrtBDv6PqTkOzEim0fwP94gIiIiIiIiIiIiIiIiIiIiIiIiIiIiItqb6Pm/6glgheDRNTk//7fQxvN/zXMpiKhr/wIAAP//igxm9A==") openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000080)=""/49, 0x31) getdents(r0, 0xfffffffffffffffd, 0x58) 1.270332934s ago: executing program 1 (id=1434): r0 = semget$private(0x0, 0x6, 0x0) semtimedop(r0, &(0x7f0000000040)=[{0x4, 0x80, 0x1800}, {0x4, 0x400, 0x1000}], 0x2, &(0x7f0000000080)={0x0, 0x3938700}) semop(r0, &(0x7f0000000140)=[{0x0, 0xffff}, {0x0, 0x1, 0x1800}], 0x2) semop(r0, &(0x7f00000000c0)=[{0x4}, {0x1}], 0x2) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000000)) 1.174102409s ago: executing program 0 (id=1435): syz_80211_inject_frame(0x0, 0x0, 0x262) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb44b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334583239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bf4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc508afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd360000000000000000ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c97a088a22e8b15c3e233db00002e30d46a0024d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c29c5c0ed5bcdf510c3c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ced92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f68fa8d7c2dfb28e1f05e46b0933c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d588afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda6900002a070886df42b27098773b45198b4a34ac97febd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d63521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07afef12ef060cd4403a099f32468f658000b4082d43e12186195cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea209b53b230ef0f2ab85cbdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bd3339403004b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab900000000000000000000d71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdbf24a0c5441ce046078492b53467cfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89cb349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb15f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c00c57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137df47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b558982016b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8b49e3d0168bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85a3009a5d30f479e293a3302e11350ea857b37e76ca3f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c8ffe0d508dcee3070e8b42ac38545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b217eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4444e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24000000000000000000000000000000000000cd3211b3842b68a4eddca2eae28529e97a98d7ec3fd902df1ba8fc2ad2377e72d4e7aeacbbccef5614cd965511558f40720025c022bc9c213e407f6bc4b673c55aa8e729299a37fd6339acd906ac861ba56c9fa9b8b12b5e68a3cdadb906355e1f1d336a243172affe50d0fb36c3718a7498eed3d398f405a34d494414e87ef1ce1845510d43d00171d6b4b762f89564c22d542a119878709cd6822c3a3eb47a849b0737929fe9e1eecd1bff5a2b9880e2a6d8a3b3b7e88a673c96cda4455eff1c530db0e6598a2686aa09aeaf0f1aed95aeb8b0a2cc5ca31c0f56285cc05f7090a0e0583cf540d18cd8817e685c7b4ff176178ac1234f23e54445ec20b2689832d78409897a0307e89ebcd5f4ba042a3d10237a5a8a9a6eda36d2f337dc54537b80e8433341b135b4c5bb0173ffde46ccd260e1d4f2c51e8b07bb256f1317912cb1fc9e491e0bb9109e475cc795c23ad9f4f0042c5e9c655a4d865bc4a266e6a1d3d2b7ee53be9efb33a98933b5ba74ee3ac8d34b6af8c1fdbffade3abc80842b74354162f5b994ab5254cb068bc5e2ae242a1d37d0d49947c9317fa1a46c9e259ce0e1f9db992c53f7830a5e8f4fac6b187eb9f15ba61f730f86d7d7b63bbc7a1d9ff37e87a90a14e0655304da069f9009b62717649b6c6af94fcba713f8ee6fcce25aef44d009966614b61be9369ffc589a79051b0a0000000000000003ebd34c41afe268c33c9322c3a783772aec998f51a6e70fb932a8019e72ef5ab127bb30c79ebfd867441083546305fb39449c40a166ea389a6b77b7c87f66e8bf5806726b8fc50b943627314803a12c33312dce0a10f852da3e000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x0, &(0x7f0000000480)="b9ff03076844268cb89e14f088a847", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) 1.030499577s ago: executing program 4 (id=1437): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000000a499d0000000000000000020000010900010073797a310000000008000240000000030400060014000000110001"], 0x54}}, 0x0) sendmsg$NFT_MSG_GETTABLE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000010a0101000000000000080002"], 0x14}, 0x1, 0x0, 0x0, 0x400c895}, 0x24000800) 860.078375ms ago: executing program 3 (id=1438): capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x1000, 0x10ffff, 0xfffffffd}) r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$SCSI_IOCTL_GET_PCI(r1, 0x5393, &(0x7f0000000000)) 822.319968ms ago: executing program 4 (id=1439): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil) syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone3(&(0x7f00000004c0)={0x84004400, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58) 705.943854ms ago: executing program 3 (id=1440): unshare(0x6020400) r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x88) fsconfig$FSCONFIG_SET_PATH(r1, 0x3, &(0x7f0000000040)='\xbc}-${$\x00', &(0x7f0000000080)='./file0\x00', r1) 573.797491ms ago: executing program 3 (id=1441): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r0, &(0x7f0000000340)='g', 0x1, 0x24000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x9}, 0x1c) shutdown(r0, 0x1) sendmmsg$inet6(r0, &(0x7f0000000400)=[{{&(0x7f00000000c0)={0xa, 0x4e21, 0x7fffffff, @empty, 0x4}, 0x1c, &(0x7f0000000800)=[{&(0x7f0000000100)="66b530278f8421691a976b94335e40c5d25a9b", 0x13}], 0x1}}], 0x1, 0x20008080) 444.244037ms ago: executing program 4 (id=1442): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)=@vmx={0x4, 0x0, 0x2080, {0x0, 0x0, {}, 0x0, 0x2}, {"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e7ffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000427e58970000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00"}}) 314.423774ms ago: executing program 1 (id=1443): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01dfffffff9a26000000210000000c00018008000100", @ANYRES32=r1], 0x20}, 0x1, 0x0, 0x0, 0x4000c00}, 0x0) 276.940546ms ago: executing program 1 (id=1444): r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000002180), 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x140000000) mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x32874000) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4) ioctl$ASHMEM_SET_NAME(r0, 0x7709, &(0x7f0000000300)='\x00\x00\x00\x06\x00\x00\x03\x00\x00x\x92\x12\xbc\x00\x00\xbb\x0642\x9c\x1a\xd1\xcbx\xb0\xd6\x1e\x10gQ\xca\x0e;\xf7\'\x8c\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn\x05\x00\x00\x00-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \xac\xc4K\x03\xfa\x13Vz\xbf\xe3c\x8d \x0f\xb1\xe9\xf2oci(\xcb\x82\x05\xfe[H\xaf\x01\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafd%\xf1\xdbjE\x01\xd1sD5hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\x851Y9OB\xdeB\xe1\x02-&\"1hS\x92\xe4$-\x02\x00\xe4\x8e\"\x85\xc9x\xef\x81E.r\x89\xe5\x00\x9e\x97\x96\xb8j\x81\xf0\xdca\xfb\xa6\xff\xff\xff\xff\x00\x00\x00\x00d\xf0\xf1j\x11\x12\xc0\xbb\xfdq~#\xf7\xa8\"$,\xf4\x84|\x89o\x00<\xa6-\xb0\xd3\x80\xbe\xcf\a\x00\xfc\xa6\xb1\x05\x94\x84l\xbfA\xeb\xd8\t\x00\x00\x00CvNhx461\x04N<\xedV\xcet\xaa~\xf3j\x94\xec\x92\x86uY\xf6\xb5\t?,~\xa67\\\xb9\xc9K\xf8\x9d\x96\xc0\xb5\xc7wF\x99\x12\x97T\x90.\x9c\xe3\x9a\xf1\xb9\x9c\x13\xbc\x19\xde/\xaahB\t\x97\a03\xcd\xb3\xc8\xd5l\x14!\xf9Xg2\x1d\xeeB\xccT\x0e\xd8\xef\xc8\xe9\xb4\xf3l\xc3\xf2\x998\xc8\xc2|2\xee\xb4W\x99f.\xeb\xe9\x05\xcbkz3+\xdd\xe1*8\x95@0t0\xad\xe3#\xd7\x19\xe7Q\xdfmI\xe5\x1e\xe4\x87\xc9\x8f\xa7\xe0\xd9v\xf6\x01\x9d\x8f`,\x1a8\x81I\x86l\x8f2\r:\xc1\x02\xd6Z%\xa7Ks\x8bUolS\x05\xbe\x97\x1fGe\x94\xa6\xa3\xab\xdb\r\x17\xff[\xb1\x00\xff\x7f\x00\x00\x00\x00') 225.643358ms ago: executing program 4 (id=1445): r0 = gettid() timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f0000000180)=[{&(0x7f0000000040)=""/4, 0x4}], 0x1, 0x1, 0x4) 156.509882ms ago: executing program 0 (id=1446): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x24000154}, 0x20000050) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a20000000000a01080000000000000000010000090900010073797a3100000000d0000000030a030000000000000000000100000a0900010073797a31000000000900030073797a300000009b5400030062930f94ec5004c16d7649cc1c7f56dee275950c65f0df84"], 0x118}, 0x1, 0x0, 0x0, 0x24000144}, 0x20000050) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2400c000}, 0x20008800) 155.807442ms ago: executing program 2 (id=1447): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x21081e, &(0x7f0000000000)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000080)={'#! ', './file1'}, 0xb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r0, 0x0) pipe(&(0x7f0000000040)) 125.585884ms ago: executing program 1 (id=1448): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0) syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, &(0x7f0000000380)=ANY=[@ANYBLOB="c60009"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000001640)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0xb, "c165ec24"}]}}, 0x0}, 0x0) syz_open_dev$hidraw(0x0, 0x0, 0x0) 65.859177ms ago: executing program 0 (id=1449): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000280), 0x3000c11, &(0x7f00000000c0)=ANY=[@ANYBLOB='mp']) r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x2}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0x400}]}}]}, 0x40}}, 0x0) 0s ago: executing program 0 (id=1450): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0xc, 0x0, 0x0, 0xff, "810000cc2b000000000000fa25ffff00ffffff"}) r1 = syz_open_pts(r0, 0x2000) io_setup(0x1, &(0x7f0000002500)=0x0) io_submit(r2, 0x1, &(0x7f0000000400)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x5, r1, 0x0}]) kernel console output (not intermixed with test programs): xPacketSize 0 [ 141.604053][ T6107] loop1: detected capacity change from 0 to 256 [ 141.640825][ T6107] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 141.646620][ T6100] loop0: detected capacity change from 0 to 32768 [ 141.731350][ T6100] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.640 (6100) [ 141.745272][ T4490] usb 4-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9 [ 141.754556][ T4490] usb 4-1: New USB device strings: Mfr=154, Product=4, SerialNumber=3 [ 141.789965][ T4490] usb 4-1: Product: syz [ 141.800970][ T4490] usb 4-1: Manufacturer: syz [ 141.812722][ T4490] usb 4-1: SerialNumber: syz [ 141.836156][ T6100] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 141.845167][ T4354] uclogic 0003:256C:006D.0007: failed retrieving string descriptor #100: -71 [ 141.854105][ T4354] uclogic 0003:256C:006D.0007: failed retrieving pen parameters: -71 [ 141.879389][ T4490] usb 4-1: config 0 descriptor?? [ 141.884860][ T6100] BTRFS info (device loop0): setting nodatacow, compression disabled [ 141.917423][ T4354] uclogic 0003:256C:006D.0007: failed probing pen v1 parameters: -71 [ 141.919289][ T6100] BTRFS info (device loop0): enabling auto defrag [ 141.937905][ T4490] input: KB Gear Tablet as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input9 [ 141.959372][ T4354] uclogic 0003:256C:006D.0007: failed probing parameters: -71 [ 141.970202][ T6100] BTRFS info (device loop0): max_inline at 0 [ 141.973603][ T4354] uclogic: probe of 0003:256C:006D.0007 failed with error -71 [ 142.025445][ T4354] usb 3-1: USB disconnect, device number 7 [ 142.029927][ T6100] BTRFS info (device loop0): using free space tree [ 142.073459][ T4352] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 142.076722][ T6100] BTRFS info (device loop0): has skinny extents [ 142.157456][ T4352] usb 4-1: USB disconnect, device number 7 [ 142.246031][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 142.254320][ T4304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 142.280500][ T6130] loop4: detected capacity change from 0 to 128 [ 142.400978][ T6138] netlink: 4 bytes leftover after parsing attributes in process `syz.4.652'. [ 142.469407][ T6143] input: syz0 as /devices/virtual/input/input10 [ 142.645978][ T6154] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 142.661650][ T6154] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 142.680283][ T6154] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 142.716212][ T6154] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 142.812892][ T6154] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 143.567537][ T6185] netlink: 'syz.0.669': attribute type 10 has an invalid length. [ 143.666388][ T6185] device syz_tun entered promiscuous mode [ 143.718409][ T6185] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 143.720769][ T6193] loop4: detected capacity change from 0 to 256 [ 143.782453][ T6193] exfat: Deprecated parameter 'utf8' [ 143.808130][ T6193] exfat: Deprecated parameter 'namecase' [ 143.888771][ T6193] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001fe89, chksum : 0xf974f890, utbl_chksum : 0xe619d30d) [ 143.998798][ T6201] loop1: detected capacity change from 0 to 512 [ 144.115096][ T6201] EXT4-fs error (device loop1): ext4_orphan_get:1406: inode #15: comm syz.1.676: inode has both inline data and extents flags [ 144.241679][ T6201] EXT4-fs error (device loop1): ext4_orphan_get:1411: comm syz.1.676: couldn't read orphan inode 15 (err -117) [ 144.300087][ T6201] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 144.440867][ T6204] loop4: detected capacity change from 0 to 8192 [ 144.550252][ T6204] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 144.671811][ T6204] REISERFS (device loop4): using ordered data mode [ 144.718414][ T6204] reiserfs: using flush barriers [ 144.791026][ T6204] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 144.839414][ T6192] loop2: detected capacity change from 0 to 32768 [ 144.852002][ T6204] REISERFS (device loop4): checking transaction log (loop4) [ 144.996598][ T6192] JBD2: Ignoring recovery information on journal [ 145.004596][ T6192] jbd2_journal_bmap: journal block not found at offset 32 on loop2-75 [ 145.098635][ T6192] JBD2: bad block at offset 32 [ 145.135361][ T6208] loop3: detected capacity change from 0 to 32768 [ 145.197187][ T6192] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 145.267419][ T6204] REISERFS (device loop4): Using tea hash to sort names [ 145.284315][ T6204] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 145.447548][ T4195] ocfs2: Unmounting device (7,2) on (node local) [ 145.537027][ T6209] loop0: detected capacity change from 0 to 40427 [ 145.546098][ T26] audit: type=1800 audit(1777289924.729:11): pid=6204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.678" name="file1" dev="loop4" ino=4 res=0 errno=0 [ 145.601029][ T6221] loop1: detected capacity change from 0 to 64 [ 145.635950][ T6209] F2FS-fs (loop0): build fault injection attr: rate: 14, type: 0x1ffff [ 145.644504][ T6209] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0xe4 [ 145.679446][ T6209] F2FS-fs (loop0): invalid crc value [ 145.754395][ T6209] F2FS-fs (loop0): Found nat_bits in checkpoint [ 145.891690][ T6209] F2FS-fs (loop0) : inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x43c/0xaa0 [ 146.021856][ T6209] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 146.128022][ T6209] F2FS-fs (loop0) : inject no more block in inc_valid_node_count of f2fs_new_node_page+0x185/0x8f0 [ 146.233356][ T6209] F2FS-fs (loop0) : inject alloc nid in f2fs_alloc_nid of f2fs_new_inode+0x118/0x1130 [ 146.246280][ T4354] net_ratelimit: 13 callbacks suppressed [ 146.246310][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 146.357549][ T5120] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 146.391316][ T4187] attempt to access beyond end of device [ 146.391316][ T4187] loop0: rw=2049, want=45104, limit=40427 [ 146.405593][ T4232] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 146.476705][ T4199] Bluetooth: hci4: link tx timeout [ 146.482460][ T4199] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 146.491415][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 146.587826][ T5116] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 146.723685][ T6257] loop4: detected capacity change from 0 to 64 [ 146.745234][ T5120] usb 2-1: config 0 has no interfaces? [ 146.751228][ T5120] usb 2-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47 [ 146.769998][ T5120] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 146.783122][ T5120] usb 2-1: config 0 descriptor?? [ 147.187119][ T5120] usb 2-1: USB disconnect, device number 5 [ 147.295543][ T4352] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 147.535795][ T4352] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 147.544490][ T4354] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 147.686631][ T5120] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 147.756336][ T6299] loop1: detected capacity change from 0 to 64 [ 147.815262][ T4354] usb 5-1: Using ep0 maxpacket: 8 [ 147.965155][ T4354] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 147.984284][ T4354] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 148.000540][ T4354] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 148.029028][ T6301] netlink: 12 bytes leftover after parsing attributes in process `syz.1.716'. [ 148.038649][ T4354] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 148.053300][ T4354] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 148.081293][ T6301] netlink: 12 bytes leftover after parsing attributes in process `syz.1.716'. [ 148.085588][ T4354] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 148.099767][ T4354] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.341974][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 148.343083][ T5116] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 148.373832][ T4256] tipc: Subscription rejected, illegal request [ 148.395079][ T4354] usb 5-1: usb_control_msg returned -32 [ 148.400793][ T4354] usbtmc 5-1:16.0: can't read capabilities [ 148.460991][ T6319] overlayfs: failed to set xattr on upper [ 148.497960][ T6319] overlayfs: ...falling back to index=off,metacopy=off. [ 148.546201][ T6317] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 148.575443][ T4229] Bluetooth: hci4: command 0x0406 tx timeout [ 148.759736][ T6326] loop1: detected capacity change from 0 to 2048 [ 148.865111][ T6327] usbtmc 5-1:16.0: usb_bulk_msg returned -71 [ 148.877213][ T6326] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 148.939856][ T6326] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 149.043098][ T4229] usb 5-1: USB disconnect, device number 6 [ 149.128795][ T6338] netlink: 20 bytes leftover after parsing attributes in process `syz.1.733'. [ 149.145200][ T6338] netlink: 28 bytes leftover after parsing attributes in process `syz.1.733'. [ 150.134957][ T6341] loop0: detected capacity change from 0 to 32768 [ 150.305909][ T6341] XFS (loop0): Mounting V5 Filesystem [ 150.461245][ T6341] XFS (loop0): Ending clean mount [ 150.465669][ T6355] loop3: detected capacity change from 0 to 32768 [ 150.473535][ T6341] XFS (loop0): Quotacheck needed: Please wait. [ 150.483600][ T6355] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.741 (6355) [ 150.515075][ T6355] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 150.536862][ T6355] BTRFS info (device loop3): using free space tree [ 150.543580][ T6355] BTRFS info (device loop3): has skinny extents [ 150.664094][ T6355] BTRFS info (device loop3): enabling ssd optimizations [ 150.728003][ T6363] loop2: detected capacity change from 0 to 40427 [ 150.747560][ T6363] F2FS-fs (loop2): Invalid SB checksum offset: 0 [ 150.755195][ T6363] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 150.844191][ T6363] F2FS-fs (loop2): invalid crc value [ 150.895330][ T6341] XFS (loop0): Quotacheck: Done. [ 150.933174][ T6363] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 151.268199][ T6353] loop1: detected capacity change from 0 to 32768 [ 151.274726][ T6363] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 151.284015][ T6363] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 151.302203][ T6363] attempt to access beyond end of device [ 151.302203][ T6363] loop2: rw=2049, want=45104, limit=40427 [ 151.329219][ T6405] netlink: 4 bytes leftover after parsing attributes in process `syz.4.753'. [ 151.390805][ T6406] netlink: 4 bytes leftover after parsing attributes in process `syz.4.753'. [ 151.516435][ T4187] XFS (loop0): Unmounting Filesystem [ 151.522420][ T4195] attempt to access beyond end of device [ 151.522420][ T4195] loop2: rw=2049, want=45112, limit=40427 [ 151.534174][ T5114] net_ratelimit: 6 callbacks suppressed [ 151.534225][ T5114] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 151.537047][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 151.550366][ T6353] JBD2: Ignoring recovery information on journal [ 151.667629][ T6353] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 151.728867][ T6409] loop3: detected capacity change from 0 to 1024 [ 151.736852][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 151.763620][ T6412] loop4: detected capacity change from 0 to 512 [ 152.015592][ T6412] EXT4-fs (loop4): mounted filesystem without journal. Opts: lazytime,errors=remount-ro,. Quota mode: writeback. [ 152.063840][ T6409] hfsplus: unable to load nls mapping "cp43²ô΃ÍMn[™ªñ¶>7" [ 152.104456][ T6409] hfsplus: unable to parse mount options [ 152.131165][ T6412] ext4 filesystem being mounted at /162/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 152.363623][ T6418] device macvtap1 entered promiscuous mode [ 152.468407][ T4184] ocfs2: Unmounting device (7,1) on (node local) [ 152.542112][ T6423] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 152.555799][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 152.616892][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 152.642490][ T6423] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 152.645350][ T5108] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 152.783410][ T6430] loop3: detected capacity change from 0 to 512 [ 152.805541][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 152.912210][ T6430] EXT4-fs (loop3): 1 truncate cleaned up [ 152.944253][ T6425] loop4: detected capacity change from 0 to 8192 [ 152.949929][ T6433] netlink: 104 bytes leftover after parsing attributes in process `syz.0.761'. [ 152.975046][ T6430] EXT4-fs (loop3): mounted filesystem without journal. Opts: noload,stripe=0x000000000000030c,jqfmt=vfsv1,nojournal_checksum,jqfmt=vfsv1,usrjquota=,,errors=continue. Quota mode: none. [ 153.012044][ T6435] loop0: detected capacity change from 0 to 256 [ 153.121576][ T6437] loop1: detected capacity change from 0 to 64 [ 153.175664][ T6425] syz.4.759 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 153.686208][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 153.787076][ T6451] loop3: detected capacity change from 0 to 4096 [ 154.328507][ T6449] loop4: detected capacity change from 0 to 32768 [ 154.364828][ T6449] JBD2: Ignoring recovery information on journal [ 154.447337][ T6449] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 154.465217][ T5108] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 154.714978][ T5108] usb 3-1: Using ep0 maxpacket: 8 [ 154.835059][ T5108] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 154.848024][ T5108] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 154.862741][ T4188] ocfs2: Unmounting device (7,4) on (node local) [ 154.881586][ T5108] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 154.902461][ T5108] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 154.924665][ T5108] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 154.953098][ T5108] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 154.973133][ T5108] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 155.255059][ T5108] usb 3-1: usb_control_msg returned -32 [ 155.260857][ T5108] usbtmc 3-1:16.0: can't read capabilities [ 155.685329][ T6473] usbtmc 3-1:16.0: usb_bulk_msg returned -71 [ 155.927131][ T5108] usb 3-1: USB disconnect, device number 8 [ 155.943002][ T6484] set_capacity_and_notify: 1 callbacks suppressed [ 155.943020][ T6484] loop1: detected capacity change from 0 to 64 [ 156.634272][ T6495] loop2: detected capacity change from 0 to 256 [ 156.690282][ T6479] loop0: detected capacity change from 0 to 131072 [ 156.698208][ T23] net_ratelimit: 12 callbacks suppressed [ 156.698224][ T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 156.712585][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 156.738574][ T6479] F2FS-fs (loop0): Wrong CP boundary, start(512) end(1536) blocks(0) [ 156.739437][ T6495] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 156.746912][ T6479] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 156.769249][ T6479] F2FS-fs (loop0): invalid crc value [ 156.792819][ T6479] F2FS-fs (loop0): Found nat_bits in checkpoint [ 156.837805][ T6479] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 156.845408][ T6479] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 156.914251][ T26] audit: type=1800 audit(1777289936.089:12): pid=6479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.778" name="file2" dev="loop0" ino=8 res=0 errno=0 [ 157.026533][ T26] audit: type=1800 audit(1777289936.209:13): pid=6495 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.787" name="file1" dev="loop2" ino=1048621 res=0 errno=0 [ 157.124512][ T6495] FAT-fs (loop2): error, corrupted file size (i_pos 196, 16779264) [ 157.199015][ T6495] FAT-fs (loop2): Filesystem has been set read-only [ 157.238702][ T6495] FAT-fs (loop2): error, corrupted file size (i_pos 196, 16779008) [ 157.285315][ T5114] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 157.285748][ T6495] FAT-fs (loop2): error, corrupted file size (i_pos 196, 16779008) [ 157.365381][ T6511] loop4: detected capacity change from 0 to 512 [ 157.461335][ T6515] netlink: 8 bytes leftover after parsing attributes in process `syz.3.795'. [ 157.505805][ T6515] netlink: 'syz.3.795': attribute type 1 has an invalid length. [ 157.506496][ T6511] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 157.552296][ T6515] netlink: 'syz.3.795': attribute type 2 has an invalid length. [ 157.596782][ T6511] ext4 filesystem being mounted at /171/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 157.644834][ T5114] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 157.775715][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 157.779948][ T6523] loop3: detected capacity change from 0 to 512 [ 157.784361][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 157.803053][ T6525] loop2: detected capacity change from 0 to 256 [ 157.903271][ T6523] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 158.067713][ T6511] Quota error (device loop4): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 158.137570][ T6511] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 158.265032][ T6511] EXT4-fs error (device loop4): ext4_acquire_dquot:6236: comm syz.4.793: Failed to acquire dquot type 0 [ 158.383015][ T6537] loop1: detected capacity change from 0 to 128 [ 158.394692][ T6511] overlayfs: failed to verify origin (/, ino=2, err=-117) [ 158.427604][ T6543] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 158.446500][ T6511] overlayfs: failed to verify upper root origin [ 158.465126][ T6537] EXT4-fs (loop1): Ignoring removed bh option [ 158.503426][ T6537] EXT4-fs (loop1): mounted filesystem without journal. Opts: bh,,errors=continue. Quota mode: none. [ 158.661063][ T6550] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 158.669454][ T6537] ext4 filesystem being mounted at /161/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 158.669652][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 158.725449][ T4228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 158.749304][ T6537] EXT4-fs (loop1): shut down requested (1) [ 159.001292][ T6565] loop0: detected capacity change from 0 to 512 [ 159.037251][ T6568] sctp: [Deprecated]: syz.3.809 (pid 6568) Use of int in max_burst socket option deprecated. [ 159.037251][ T6568] Use struct sctp_assoc_value instead [ 159.061545][ T6565] EXT4-fs (loop0): mounted filesystem without journal. Opts: lazytime,errors=remount-ro,. Quota mode: writeback. [ 159.097836][ T6565] ext4 filesystem being mounted at /147/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 159.188822][ T6574] loop2: detected capacity change from 0 to 256 [ 159.214992][ T4228] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 159.225178][ T5114] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 159.287540][ T6576] netlink: 68 bytes leftover after parsing attributes in process `syz.3.810'. [ 159.410115][ T6581] loop3: detected capacity change from 0 to 256 [ 159.455043][ T4228] usb 2-1: Using ep0 maxpacket: 16 [ 159.472091][ T5114] usb 5-1: Using ep0 maxpacket: 32 [ 159.581262][ T4228] usb 2-1: unable to get BOS descriptor or descriptor too short [ 159.595293][ T5114] usb 5-1: config 0 has an invalid interface number: 132 but max is 0 [ 159.617835][ T5114] usb 5-1: config 0 has no interface number 0 [ 159.624085][ T5114] usb 5-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 159.675305][ T4228] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 159.685895][ T4228] usb 2-1: can't read configurations, error -71 [ 159.815245][ T5114] usb 5-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5 [ 159.846036][ T5114] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 159.874492][ T5114] usb 5-1: Product: syz [ 159.889682][ T5114] usb 5-1: Manufacturer: syz [ 159.894399][ T5114] usb 5-1: SerialNumber: syz [ 159.900501][ T6595] EXT4-fs (loop2): Mount option "journal_ioprio=0x0000000000000006" incompatible with ext2 [ 159.927387][ T5114] usb 5-1: config 0 descriptor?? [ 159.987699][ T5114] em28xx 5-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132) [ 160.000826][ T5114] em28xx 5-1:0.132: Video interface 132 found: [ 160.274415][ T4185] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22. [ 160.291854][ T4185] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 160.415118][ T5114] em28xx 5-1:0.132: unknown em28xx chip ID (0) [ 160.441847][ T6582] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.823 (6582) [ 160.543911][ T6582] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 160.629136][ T6582] BTRFS info (device loop0): using free space tree [ 160.658847][ T6582] BTRFS info (device loop0): has skinny extents [ 160.721906][ T6627] af_packet: tpacket_rcv: packet too big, clamped from 54 to 4294967286. macoff=82 [ 160.862101][ T6582] BTRFS info (device loop0): enabling ssd optimizations [ 160.885695][ T5114] em28xx 5-1:0.132: reading from i2c device at 0xa0 failed: couldn't get the received message from the bridge (error=-5) [ 160.920148][ T5114] em28xx 5-1:0.132: board has no eeprom [ 161.015025][ T5114] em28xx 5-1:0.132: Identified as Leadtek Winfast USB II (card=7) [ 161.028494][ T5114] em28xx 5-1:0.132: analog set to bulk mode. [ 161.065240][ T5114] usb 5-1: USB disconnect, device number 7 [ 161.071941][ T5114] em28xx 5-1:0.132: Disconnecting em28xx [ 161.115551][ T4228] em28xx 5-1:0.132: Registering V4L2 extension [ 161.336697][ T6653] set_capacity_and_notify: 3 callbacks suppressed [ 161.336715][ T6653] loop3: detected capacity change from 0 to 64 [ 161.431993][ T4228] em28xx 5-1:0.132: Config register raw data: 0xffffffed [ 161.453835][ T4228] em28xx 5-1:0.132: AC97 chip type couldn't be determined [ 161.459391][ T6636] loop2: detected capacity change from 0 to 32768 [ 161.491140][ T4228] em28xx 5-1:0.132: No AC97 audio processor [ 161.561008][ T6636] XFS (loop2): Mounting V5 Filesystem [ 161.621665][ T4228] usb 5-1: Decoder not found [ 161.676320][ T4228] em28xx 5-1:0.132: failed to create media graph [ 161.688323][ T6636] XFS (loop2): Ending clean mount [ 161.711593][ T6636] XFS (loop2): Quotacheck needed: Please wait. [ 161.740427][ T4228] em28xx 5-1:0.132: V4L2 device video103 deregistered [ 161.820452][ T4228] em28xx 5-1:0.132: Remote control support is not available for this card. [ 161.837550][ T5114] em28xx 5-1:0.132: Closing input extension [ 161.879828][ T5114] em28xx 5-1:0.132: Freeing device [ 162.003680][ T6651] loop1: detected capacity change from 0 to 40427 [ 162.015641][ T23] net_ratelimit: 13 callbacks suppressed [ 162.015661][ T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 162.030040][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 162.149085][ T6651] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 162.157543][ T6651] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 162.200126][ T6651] F2FS-fs (loop1): invalid crc value [ 162.253547][ T6651] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 162.327142][ T5118] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 162.364488][ T6651] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 162.377278][ T6636] XFS (loop2): Quotacheck: Done. [ 162.379237][ T6651] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 162.545003][ T4354] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 162.582419][ T6651] attempt to access beyond end of device [ 162.582419][ T6651] loop1: rw=2049, want=45104, limit=40427 [ 162.591425][ T4195] XFS (loop2): Unmounting Filesystem [ 162.614165][ T6683] netlink: 'syz.3.837': attribute type 11 has an invalid length. [ 162.662821][ T4184] attempt to access beyond end of device [ 162.662821][ T4184] loop1: rw=2049, want=45112, limit=40427 [ 163.295070][ T4231] usb 4-1: new full-speed USB device number 8 using dummy_hcd [ 163.355539][ T6696] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 163.363897][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 163.665351][ T4231] usb 4-1: config 150 has an invalid interface number: 204 but max is 1 [ 163.683632][ T4231] usb 4-1: config 150 has no interface number 0 [ 163.709198][ T4231] usb 4-1: config 150 interface 204 has no altsetting 0 [ 163.876886][ T6689] loop0: detected capacity change from 0 to 131072 [ 163.886405][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 163.895340][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 163.903877][ T5118] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 163.915316][ T4231] usb 4-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb [ 163.924413][ T4231] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.005103][ T4354] usb 5-1: unable to get BOS descriptor or descriptor too short [ 164.019760][ T4231] usb 4-1: Product: syz [ 164.023985][ T4231] usb 4-1: Manufacturer: syz [ 164.072000][ T4231] usb 4-1: SerialNumber: syz [ 164.153230][ T6689] XFS (loop0): Mounting V5 Filesystem [ 164.305523][ T4354] usb 5-1: New USB device found, idVendor=0e41, idProduct=5057, bcdDevice= 0.40 [ 164.315042][ T4354] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.323232][ T4354] usb 5-1: Product: syz [ 164.327650][ T4354] usb 5-1: Manufacturer: syz [ 164.332438][ T4354] usb 5-1: SerialNumber: syz [ 164.410778][ T6689] XFS (loop0): Starting recovery (logdev: internal) [ 164.417606][ T4231] xr_serial 4-1:150.204: xr_serial converter detected [ 164.450132][ T6689] XFS (loop0): Ending recovery (logdev: internal) [ 164.599227][ T4187] XFS (loop0): Unmounting Filesystem [ 164.717923][ T6698] loop2: detected capacity change from 0 to 32768 [ 164.761831][ T6721] device veth1_macvtap left promiscuous mode [ 164.768702][ T6721] device macsec0 entered promiscuous mode [ 164.835169][ T6723] device veth1_macvtap entered promiscuous mode [ 164.867655][ T6698] XFS (loop2): Mounting V5 Filesystem [ 164.976164][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 164.998805][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 165.000185][ T6698] XFS (loop2): Ending clean mount [ 165.019037][ T6723] device macsec0 left promiscuous mode [ 165.057858][ T6698] XFS (loop2): Quotacheck needed: Please wait. [ 165.076864][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 165.096585][ T4354] usb 5-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 165.189716][ T6698] XFS (loop2): Quotacheck: Done. [ 165.291063][ T4231] xr_serial ttyUSB0: Failed to set reg 0x0e: -71 [ 165.305209][ T4354] usb 5-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 165.305282][ T4231] xr_serial: probe of ttyUSB0 failed with error -71 [ 165.388454][ T4231] usb 4-1: USB disconnect, device number 8 [ 165.426222][ T4231] xr_serial 4-1:150.204: device disconnected [ 165.516586][ T4195] XFS (loop2): Unmounting Filesystem [ 165.539901][ T4354] usb 5-1: USB disconnect, device number 8 [ 165.879182][ T4202] udevd[4202]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 166.434232][ T6752] loop0: detected capacity change from 0 to 1024 [ 166.498458][ T6752] EXT4-fs (loop0): Ignoring removed bh option [ 166.564351][ T6752] EXT4-fs (loop0): mounted filesystem without journal. Opts: nouid32,nodioread_nolock,noquota,delalloc,journal_dev=0x0000000000000009,commit=0x0000000000000000,usrquota,bh,,errors=continue. Quota mode: writeback. [ 166.585380][ T6752] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 166.685482][ T6757] loop2: detected capacity change from 0 to 2048 [ 166.706076][ T6752] EXT4-fs error (device loop0): ext4_map_blocks:741: inode #15: comm syz.0.857: lblock 0 mapped to illegal pblock 0 (length 6) [ 166.737558][ T6758] EXT4-fs error (device loop0): ext4_ext_remove_space:2929: inode #15: comm syz.0.857: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 166.771643][ T6752] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117 [ 166.775401][ T6758] EXT4-fs error (device loop0) in ext4_setattr:5645: Corrupt filesystem [ 166.832044][ T6752] EXT4-fs (loop0): This should not happen!! Data will be lost [ 166.832044][ T6752] [ 166.898428][ T6757] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_lock,,errors=continue. Quota mode: none. [ 166.990648][ T6748] loop4: detected capacity change from 0 to 32768 [ 167.045543][ T4490] net_ratelimit: 6 callbacks suppressed [ 167.045562][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.060454][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.124469][ T26] audit: type=1800 audit(1777289946.299:14): pid=6757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.858" name="file1" dev="loop2" ino=19 res=0 errno=0 [ 167.175864][ T4376] EXT4-fs error (device loop0): ext4_map_blocks:741: inode #15: block 8: comm kworker/u4:7: lblock 8 mapped to illegal pblock 8 (length 8) [ 167.240512][ T4376] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 167.243746][ T6737] loop1: detected capacity change from 0 to 32768 [ 167.253562][ T4376] EXT4-fs (loop0): This should not happen!! Data will be lost [ 167.253562][ T4376] [ 167.542477][ T6777] loop2: detected capacity change from 0 to 512 [ 167.823556][ T6777] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 167.875135][ T6777] ext4 filesystem being mounted at /171/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 168.068373][ T6777] Quota error (device loop2): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 168.095704][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 168.252834][ T6777] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 168.333707][ T6777] EXT4-fs error (device loop2): ext4_acquire_dquot:6236: comm syz.2.867: Failed to acquire dquot type 0 [ 168.469494][ T6777] overlayfs: failed to verify origin (/, ino=2, err=-117) [ 168.525734][ T6777] overlayfs: failed to verify upper root origin [ 168.665232][ T6785] loop3: detected capacity change from 0 to 131072 [ 168.676148][ T6077] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 168.680447][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 168.710278][ T6785] F2FS-fs (loop3): Wrong CP boundary, start(512) end(1536) blocks(0) [ 168.718569][ T6785] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 168.779521][ T6785] F2FS-fs (loop3): invalid crc value [ 168.834991][ T5118] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 168.860397][ T6785] F2FS-fs (loop3): Found nat_bits in checkpoint [ 168.872708][ T6795] loop6: detected capacity change from 0 to 7 [ 168.935924][ T6785] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 168.943126][ T6785] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 168.976113][ T6795] Dev loop6: unable to read RDB block 7 [ 168.995357][ T6795] loop6: AHDI p3 p4 [ 168.999338][ T6795] loop6: partition table partially beyond EOD, truncated [ 169.053562][ T26] audit: type=1800 audit(1777289948.229:15): pid=6785 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.870" name="file2" dev="loop3" ino=8 res=0 errno=0 [ 169.055701][ T6795] loop6: p3 start 2427370299 is beyond EOD, [ 169.135371][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 169.212045][ T6795] truncated [ 169.295263][ T5118] usb 5-1: unable to get BOS descriptor or descriptor too short [ 169.343773][ T3561] Dev loop6: unable to read RDB block 7 [ 169.356856][ T3561] loop6: AHDI p3 p4 [ 169.360813][ T3561] loop6: partition table partially beyond EOD, truncated [ 169.373744][ T3561] loop6: p3 start 2427370299 is beyond EOD, truncated [ 169.375309][ T5118] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 169.454847][ T5118] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 169.529669][ T6811] Invalid argument reading file caps for ./file0 [ 169.537737][ T6808] loop2: detected capacity change from 0 to 2048 [ 169.615231][ T5118] usb 5-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice= 0.40 [ 169.635146][ T5118] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 169.643906][ T6808] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 169.667245][ T5118] usb 5-1: Product: syz [ 169.671667][ T5118] usb 5-1: Manufacturer: syz [ 169.685975][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 169.700709][ T6808] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 169.751382][ T5118] usb 5-1: SerialNumber: syz [ 169.765049][ T6814] netlink: 8 bytes leftover after parsing attributes in process `syz.0.882'. [ 169.841246][ T6814] netlink: 'syz.0.882': attribute type 5 has an invalid length. [ 169.900529][ T6814] netlink: 12 bytes leftover after parsing attributes in process `syz.0.882'. [ 169.962764][ T6814] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 169.971931][ T6814] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 169.980707][ T6814] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 169.989647][ T6814] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 170.005307][ T4304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 170.085998][ T6816] netlink: 8 bytes leftover after parsing attributes in process `syz.0.882'. [ 170.138834][ T6816] netlink: 'syz.0.882': attribute type 5 has an invalid length. [ 170.175265][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 170.175413][ T6816] netlink: 12 bytes leftover after parsing attributes in process `syz.0.882'. [ 170.377473][ T6825] syz.0.886 (6825): attempted to duplicate a private mapping with mremap. This is not supported. [ 170.650675][ T6828] loop3: detected capacity change from 0 to 4096 [ 170.672745][ T5118] usb 5-1: USB disconnect, device number 9 [ 170.721054][ T6828] EXT4-fs (loop3): inline encryption not supported [ 170.735444][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 170.755617][ T6828] EXT4-fs (loop3): Test dummy encryption mode enabled [ 170.782991][ T6828] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 170.805074][ T6828] System zones: 0-5 [ 170.834303][ T6817] loop1: detected capacity change from 0 to 32768 [ 170.837787][ T6828] EXT4-fs (loop3): mounted filesystem without journal. Opts: debug,delalloc,inlinecrypt,test_dummy_encryption,errors=continue,errors=continue,delalloc,barrier,,errors=continue. Quota mode: writeback. [ 170.928905][ T6817] (syz.1.883,6817,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 170.968378][ T6817] (syz.1.883,6817,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 171.024265][ T6817] JBD2: Ignoring recovery information on journal [ 171.342536][ T6830] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 171.355752][ T6830] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 171.393835][ T6830] F2FS-fs (loop2): invalid crc value [ 171.399578][ T6817] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 171.472812][ T6830] F2FS-fs (loop2): Found nat_bits in checkpoint [ 171.676477][ T6830] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 171.683591][ T6830] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 171.818732][ T4184] ocfs2: Unmounting device (7,1) on (node local) [ 172.042100][ T6872] attempt to access beyond end of device [ 172.042100][ T6872] loop2: rw=10241, want=45104, limit=40427 [ 172.137732][ T6847] set_capacity_and_notify: 1 callbacks suppressed [ 172.137749][ T6847] loop3: detected capacity change from 0 to 32768 [ 172.206544][ T154] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 172.254354][ T154] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 172.273131][ T6847] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.888 (6847) [ 172.278948][ T6880] netlink: 4 bytes leftover after parsing attributes in process `syz.1.893'. [ 172.311660][ T6847] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 172.335337][ T4490] net_ratelimit: 3 callbacks suppressed [ 172.335353][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 172.390232][ T6847] BTRFS info (device loop3): using free space tree [ 172.405042][ T6847] BTRFS info (device loop3): has skinny extents [ 172.709191][ T6900] loop1: detected capacity change from 0 to 2048 [ 172.787416][ T6847] BTRFS info (device loop3): enabling ssd optimizations [ 172.815570][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 172.875012][ T6919] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 172.970822][ T6921] loop0: detected capacity change from 0 to 2048 [ 173.063891][ T5118] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 173.381979][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 173.392380][ T6934] device syzkaller1 entered promiscuous mode [ 173.541120][ T6938] loop1: detected capacity change from 0 to 256 [ 173.636937][ T6938] exfat: Deprecated parameter 'utf8' [ 173.696069][ T6938] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe3908169, utbl_chksum : 0xe619d30d) [ 173.897565][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 173.925876][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 174.109814][ T6952] device syzkaller1 entered promiscuous mode [ 174.320711][ T6967] loop3: detected capacity change from 0 to 512 [ 174.415513][ T1108] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 174.442760][ T6967] EXT4-fs (loop3): inline encryption not supported [ 174.448084][ T6975] block nbd0: NBD_DISCONNECT [ 174.452932][ T6967] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 174.476034][ T6975] block nbd0: Send disconnect failed -32 [ 174.484639][ T6974] loop4: detected capacity change from 0 to 2048 [ 174.498791][ T6967] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002] [ 174.512940][ T6967] System zones: 1-12 [ 174.516891][ T6978] block nbd0: Disconnected due to user request. [ 174.516950][ T6978] block nbd0: shutting down sockets [ 174.552951][ T6967] EXT4-fs (loop3): 1 truncate cleaned up [ 174.565509][ T6967] EXT4-fs (loop3): mounted filesystem without journal. Opts: nolazytime,inlinecrypt,debug,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 174.594759][ T6974] EXT4-fs (loop4): mounted filesystem without journal. Opts: min_batch_time=0x000000000000002d,mb_optimize_scan=0x0000000000000001,noblock_validity,,errors=continue. Quota mode: none. [ 174.749607][ T26] audit: type=1800 audit(1777289953.929:16): pid=6974 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.924" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 174.778471][ T6986] block nbd3: shutting down sockets [ 174.849645][ T4228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 174.958746][ T6993] loop3: detected capacity change from 0 to 128 [ 175.001164][ T1108] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 175.070721][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.109609][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.139087][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.155389][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.182772][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.210972][ T4228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 175.216645][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.240319][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.273927][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.283000][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.327805][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.385939][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.400650][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.415043][ T7008] netlink: 12 bytes leftover after parsing attributes in process `syz.0.937'. [ 175.432197][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.463940][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.486335][ T7010] loop2: detected capacity change from 0 to 1024 [ 175.507358][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.517966][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.527622][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.540517][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.572120][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.600411][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.672446][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.705524][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.729631][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.750916][ T144] hfsplus: b-tree write err: -5, ino 25 [ 175.758529][ T144] hfsplus: b-tree write err: -5, ino 4 [ 175.764246][ T144] hfsplus: b-tree write err: -5, ino 2 [ 175.787545][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.818956][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.830850][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.876499][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.910451][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.934433][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.943174][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.952655][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.963017][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 175.983638][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.002688][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.014177][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.039889][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.049064][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.058423][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.073495][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.091715][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.100851][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.109565][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.118656][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.139410][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.148868][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.162754][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.165082][ T1108] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 176.188550][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.202700][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.217800][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.229273][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.243118][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.254565][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.281590][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.290537][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.299306][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.322420][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.333813][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.344036][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.359152][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.363074][ T7035] loop4: detected capacity change from 0 to 4096 [ 176.369029][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.374654][ T4351] usb 1-1: new low-speed USB device number 7 using dummy_hcd [ 176.388681][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.395600][ T7035] ntfs3: Unknown parameter 'nocase' [ 176.402927][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.434345][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.445567][ T1108] usb 3-1: Using ep0 maxpacket: 16 [ 176.449715][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.459496][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.468409][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.477536][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.486767][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.502331][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.524987][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.533590][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.545329][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.554432][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.563183][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.571812][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.585243][ T1108] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 199, changing to 11 [ 176.586654][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.611669][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.620626][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.624950][ T1108] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid maxpacket 8467, setting to 1024 [ 176.634655][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.660298][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.669183][ T1108] usb 3-1: config 0 interface 0 has no altsetting 0 [ 176.671254][ T6993] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 550) [ 176.676817][ T1108] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 176.694173][ T1108] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.724940][ T26] audit: type=1800 audit(1777289955.899:17): pid=6993 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.930" name="file2" dev="loop3" ino=1048633 res=0 errno=0 [ 176.746708][ T1108] usb 3-1: config 0 descriptor?? [ 176.816704][ T4351] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 176.865107][ T4351] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16, setting to 8 [ 176.896417][ T4351] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 176.938997][ T7035] loop4: detected capacity change from 0 to 32768 [ 176.945778][ T4351] usb 1-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00 [ 176.966340][ T4351] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.981441][ T4351] usb 1-1: config 0 descriptor?? [ 177.005560][ T7029] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 177.036986][ T7035] XFS (loop4): Mounting V5 Filesystem [ 177.152986][ T7035] XFS (loop4): Ending clean mount [ 177.202882][ T4185] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22. [ 177.216073][ T1108] hid (null): nested delimiters [ 177.221440][ T1108] hid (null): unknown global tag 0x24 [ 177.227665][ T1108] hid (null): report_id 14061 is invalid [ 177.233538][ T1108] hid (null): report_id 0 is invalid [ 177.238974][ T1108] hid (null): report_id 0 is invalid [ 177.247025][ T1108] hid (null): report_id 3563899904 is invalid [ 177.252895][ T4185] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 177.253274][ T1108] hid (null): bogus close delimiter [ 177.296540][ T1108] hid (null): bogus close delimiter [ 177.325064][ T1108] hid (null): unknown global tag 0xa0 [ 177.330516][ T1108] hid (null): global environment stack overflow [ 177.338057][ T1108] hid (null): invalid report_size -1234934214 [ 177.344362][ T1108] hid (null): global environment stack overflow [ 177.352647][ T1108] hid (null): unknown global tag 0xd [ 177.358738][ T1108] hid (null): unknown global tag 0xc [ 177.364347][ T1108] hid (null): unknown global tag 0xc [ 177.370815][ T1108] hid (null): unknown global tag 0xd [ 177.424254][ T4188] XFS (loop4): Unmounting Filesystem [ 177.480323][ T4351] petalynx 0003:18B1:0037.0009: ignoring exceeding usage max [ 177.496301][ T4351] petalynx 0003:18B1:0037.0009: usage index exceeded [ 177.503083][ T4351] petalynx 0003:18B1:0037.0009: item 0 4 2 0 parsing failed [ 177.513344][ T4351] petalynx 0003:18B1:0037.0009: parse failed [ 177.519523][ T4351] petalynx: probe of 0003:18B1:0037.0009 failed with error -22 [ 177.538243][ T4356] net_ratelimit: 6 callbacks suppressed [ 177.538260][ T4356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 177.636964][ T4233] usb 3-1: USB disconnect, device number 9 [ 177.711758][ T4356] usb 1-1: USB disconnect, device number 7 [ 177.846215][ T7064] netlink: 16 bytes leftover after parsing attributes in process `syz.4.955'. [ 177.901433][ T4351] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 177.925421][ T4228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 177.937664][ T7068] netlink: 'syz.4.959': attribute type 3 has an invalid length. [ 177.948692][ T7068] netlink: 'syz.4.959': attribute type 7 has an invalid length. [ 177.957149][ T7068] netlink: 198628 bytes leftover after parsing attributes in process `syz.4.959'. [ 178.002796][ T7070] input: syz0 as /devices/virtual/input/input12 [ 178.523098][ T7078] netlink: 36 bytes leftover after parsing attributes in process `syz.0.966'. [ 178.990467][ T5878] IPv6: ADDRCONF(NETDEV_CHANGE): macsec1: link becomes ready [ 178.995511][ T7072] set_capacity_and_notify: 1 callbacks suppressed [ 178.995527][ T7072] loop4: detected capacity change from 0 to 131072 [ 179.018894][ T4233] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 179.063652][ T7072] F2FS-fs (loop4): Invalid log sectorsize (67108873) [ 179.070530][ T7072] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 179.085286][ T4351] usb 2-1: Using ep0 maxpacket: 32 [ 179.095146][ T7072] F2FS-fs (loop4): invalid crc value [ 179.118878][ T5878] IPv6: ADDRCONF(NETDEV_CHANGE): macsec2: link becomes ready [ 179.158666][ T7072] F2FS-fs (loop4): Found nat_bits in checkpoint [ 179.205889][ T7072] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 179.210566][ T7104] loop2: detected capacity change from 0 to 128 [ 179.213699][ T7072] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 179.245989][ T4351] usb 2-1: config 0 has an invalid interface number: 67 but max is 0 [ 179.254540][ T4351] usb 2-1: config 0 has no interface number 0 [ 179.259390][ T7105] loop3: detected capacity change from 0 to 256 [ 179.392695][ T7108] sctp: [Deprecated]: syz.0.975 (pid 7108) Use of struct sctp_assoc_value in delayed_ack socket option. [ 179.392695][ T7108] Use struct sctp_sack_info instead [ 179.413673][ T7105] FAT-fs (loop3): Directory bread(block 64) failed [ 179.442783][ T7105] FAT-fs (loop3): Directory bread(block 65) failed [ 179.475368][ T4351] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 179.486737][ T7105] FAT-fs (loop3): Directory bread(block 66) failed [ 179.492832][ T4351] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 179.503738][ T7105] FAT-fs (loop3): Directory bread(block 67) failed [ 179.510713][ T7105] FAT-fs (loop3): Directory bread(block 68) failed [ 179.527361][ T4351] usb 2-1: Product: syz [ 179.537218][ T4351] usb 2-1: Manufacturer: syz [ 179.546475][ T4351] usb 2-1: SerialNumber: syz [ 179.556999][ T7105] FAT-fs (loop3): Directory bread(block 69) failed [ 179.565518][ T7105] FAT-fs (loop3): Directory bread(block 70) failed [ 179.569890][ T4351] usb 2-1: config 0 descriptor?? [ 179.577981][ T7105] FAT-fs (loop3): Directory bread(block 71) failed [ 179.584735][ T7105] FAT-fs (loop3): Directory bread(block 72) failed [ 179.593020][ T7105] FAT-fs (loop3): Directory bread(block 73) failed [ 179.636115][ T4351] smsc95xx v2.0.0 [ 179.760155][ T7112] loop2: detected capacity change from 0 to 4096 [ 179.875092][ T4233] usb 5-1: new full-speed USB device number 10 using dummy_hcd [ 179.901414][ T7112] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 180.015191][ T4304] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 180.085814][ T1108] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 180.094357][ T1108] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 180.200560][ T7118] loop0: detected capacity change from 0 to 1024 [ 180.259021][ T7118] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 180.268902][ T4304] usb 4-1: Using ep0 maxpacket: 16 [ 180.275469][ T4233] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 180.288642][ T4233] usb 5-1: config 0 has no interface number 0 [ 180.298015][ T7118] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 180.305330][ T4233] usb 5-1: config 0 interface 1 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 180.364019][ T7118] EXT4-fs (loop0): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x0000000000000009,commit=0x0000000000000005,debug_want_extra_isize=0x0000000000000080,dioread_nolock,nodelalloc,noblock_validity,nomblk_io_submit,,errors=continue. Quota mode: none. [ 180.370877][ T4233] usb 5-1: config 0 interface 1 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0 [ 180.399961][ T4233] usb 5-1: config 0 interface 1 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 180.413308][ T4304] usb 4-1: config 1 has an invalid descriptor of length 122, skipping remainder of the config [ 180.413522][ T4233] usb 5-1: config 0 interface 1 has no altsetting 0 [ 180.429671][ T4304] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 180.430761][ T4233] usb 5-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00 [ 180.449199][ T4233] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 180.459069][ T4233] usb 5-1: config 0 descriptor?? [ 180.631091][ T4304] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 180.645108][ T4304] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 180.653165][ T4304] usb 4-1: Product: syz [ 180.660889][ T4304] usb 4-1: Manufacturer: syz [ 180.666379][ T4304] usb 4-1: SerialNumber: syz [ 180.732567][ T4351] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71 [ 180.746025][ T4351] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 180.775269][ T4351] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 180.787236][ T4351] smsc95xx: probe of 2-1:0.67 failed with error -71 [ 180.799073][ T4351] usb 2-1: USB disconnect, device number 8 [ 180.965460][ T4231] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 180.985146][ T4228] usb 3-1: new full-speed USB device number 10 using dummy_hcd [ 181.005220][ T4304] usb 4-1: 0:2 : does not exist [ 181.054369][ T4304] usb 4-1: USB disconnect, device number 9 [ 181.125249][ T4231] Bluetooth: hci1: command 0x0406 tx timeout [ 181.125686][ T4351] Bluetooth: hci3: command 0x0406 tx timeout [ 181.141352][ T4231] Bluetooth: hci2: command 0x0406 tx timeout [ 181.146572][ T4351] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 181.156631][ T4233] uclogic 0003:145F:0212.000A: failed retrieving string descriptor #100: -71 [ 181.165958][ T4233] uclogic 0003:145F:0212.000A: failed retrieving pen parameters: -71 [ 181.174138][ T4233] uclogic 0003:145F:0212.000A: pen probing failed: -71 [ 181.181069][ T4233] uclogic 0003:145F:0212.000A: failed probing parameters: -71 [ 181.188707][ T4233] uclogic: probe of 0003:145F:0212.000A failed with error -71 [ 181.205715][ T4233] usb 5-1: USB disconnect, device number 10 [ 181.211961][ T4351] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 181.285860][ T4313] udevd[4313]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 181.347135][ T7136] netlink: 104 bytes leftover after parsing attributes in process `syz.1.986'. [ 181.349518][ T4228] usb 3-1: config 0 has no interfaces? [ 181.384406][ T4228] usb 3-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47 [ 181.395440][ T4228] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.409690][ T4228] usb 3-1: config 0 descriptor?? [ 181.687233][ T7149] block nbd1: NBD_DISCONNECT [ 181.693265][ T7149] block nbd1: Send disconnect failed -32 [ 181.706959][ T7149] block nbd1: Disconnected due to user request. [ 181.723979][ T7149] block nbd1: shutting down sockets [ 181.798454][ T7155] loop3: detected capacity change from 0 to 128 [ 181.880113][ T7155] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 181.924589][ T7158] loop4: detected capacity change from 0 to 512 [ 181.932009][ T7155] ext4 filesystem being mounted at /198/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 181.937734][ T4228] usb 3-1: USB disconnect, device number 10 [ 182.176374][ T4233] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 182.209332][ T4304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 183.215618][ T4233] net_ratelimit: 1 callbacks suppressed [ 183.215635][ T4233] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 183.301478][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 183.462675][ T7205] loop4: detected capacity change from 0 to 4096 [ 183.502186][ T7178] loop3: detected capacity change from 0 to 40427 [ 183.569836][ T7178] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 183.589920][ T7178] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 183.629695][ T7205] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 183.649645][ T7178] F2FS-fs (loop3): invalid crc value [ 183.688502][ T7187] loop2: detected capacity change from 0 to 32768 [ 183.746768][ T7178] F2FS-fs (loop3): Found nat_bits in checkpoint [ 183.871382][ T7187] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop2 scanned by syz.2.1008 (7187) [ 183.900980][ T7205] ntfs3: loop4: failed to convert "076c" to cp932 [ 183.961754][ T7187] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 184.015153][ T5118] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 184.052957][ T7178] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 184.068076][ T7187] BTRFS info (device loop2): using free space tree [ 184.105014][ T7178] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 184.150391][ T7187] BTRFS info (device loop2): has skinny extents [ 184.175861][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 184.189366][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 184.202589][ T5118] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 184.248213][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 184.330501][ T1108] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 184.390872][ T7178] attempt to access beyond end of device [ 184.390872][ T7178] loop3: rw=10241, want=45104, limit=40427 [ 184.603622][ T154] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 184.615171][ T7187] BTRFS info (device loop2): enabling ssd optimizations [ 184.645470][ T154] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 184.807944][ T4228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 184.933181][ T7207] loop1: detected capacity change from 0 to 40427 [ 184.973155][ T7207] F2FS-fs (loop1): Corrupted extension count (64 + 1 > 64) [ 184.991525][ T7207] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 185.048302][ T7207] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x6 [ 185.128045][ T7207] F2FS-fs (loop1): invalid crc value [ 185.158516][ T7207] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 185.205321][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 185.375226][ T7207] F2FS-fs (loop1): Start checkpoint disabled! [ 185.420610][ T7207] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 185.495184][ T7207] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 185.563940][ T7207] attempt to access beyond end of device [ 185.563940][ T7207] loop1: rw=2049, want=45104, limit=40427 [ 185.595459][ T7214] loop4: detected capacity change from 0 to 32768 [ 185.694972][ T7249] loop0: detected capacity change from 0 to 2048 [ 185.766672][ T1380] attempt to access beyond end of device [ 185.766672][ T1380] loop1: rw=1, want=45112, limit=40427 [ 185.783551][ T1380] attempt to access beyond end of device [ 185.783551][ T1380] loop1: rw=2049, want=45120, limit=40427 [ 185.821360][ T7249] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 185.880097][ T7214] XFS (loop4): Mounting V5 Filesystem [ 185.907322][ T7249] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 186.150439][ T7214] XFS (loop4): Ending clean mount [ 186.345585][ T4188] XFS (loop4): Unmounting Filesystem [ 186.644596][ T7246] loop3: detected capacity change from 0 to 32768 [ 186.735255][ T5118] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 186.870501][ T7256] loop1: detected capacity change from 0 to 32768 [ 186.881402][ T7246] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 187.004978][ T5118] usb 1-1: Using ep0 maxpacket: 8 [ 187.009115][ T7256] XFS (loop1): Mounting V5 Filesystem [ 187.096457][ T4185] (syz-executor,4185,0):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72 [ 187.118208][ T7256] XFS (loop1): Ending clean mount [ 187.120957][ T4185] ocfs2: Unmounting device (7,3) on (node local) [ 187.130096][ T5118] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 187.150229][ T5118] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 187.180699][ T5118] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 187.208520][ T5118] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 187.224490][ T5118] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 187.247220][ T5118] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 187.260911][ T5118] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 187.575134][ T5118] usb 1-1: usb_control_msg returned -32 [ 187.580923][ T5118] usbtmc 1-1:16.0: can't read capabilities [ 187.666272][ T4184] XFS (loop1): Unmounting Filesystem [ 187.818441][ T7301] loop3: detected capacity change from 0 to 512 [ 187.942714][ T7301] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 188.079654][ T7301] System zones: 1-12 [ 188.105038][ T7303] usbtmc 1-1:16.0: control status returned 0 [ 188.155888][ T7301] EXT4-fs error (device loop3): ext4_iget_extra_inode:4573: inode #15: comm syz.3.1042: corrupted in-inode xattr [ 188.187931][ T7301] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.1042: couldn't read orphan inode 15 (err -117) [ 188.211366][ T7301] EXT4-fs (loop3): mounted filesystem without journal. Opts: block_validity,minixdf,noblock_validity,lazytime,noauto_da_alloc,block_validity,init_itable=0x0000000000000009,debug,usrjquota=,nolazytime,norecovery,,errors=continue. Quota mode: none. [ 188.353486][ T4354] usb 1-1: USB disconnect, device number 8 [ 188.598134][ T4356] net_ratelimit: 10 callbacks suppressed [ 188.598155][ T4356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 188.612550][ T4236] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 188.904617][ T7305] loop2: detected capacity change from 0 to 131072 [ 188.914333][ T5118] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 188.945535][ T7305] XFS: ikeep mount option is deprecated. [ 188.949532][ T7315] block nbd1: shutting down sockets [ 188.980645][ T7314] loop4: detected capacity change from 0 to 4096 [ 189.004846][ T7312] block nbd1: NBD_DISCONNECT [ 189.019618][ T7312] block nbd1: Send disconnect failed -32 [ 189.033038][ T7314] ntfs: (device loop4): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 189.085831][ T7305] XFS (loop2): Mounting V5 Filesystem [ 189.135328][ T7314] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 189.183647][ T7314] ntfs: (device loop4): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 189.196922][ T7305] XFS (loop2): Starting recovery (logdev: internal) [ 189.212826][ T7314] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 189.231897][ T7314] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 189.276902][ T7305] XFS (loop2): Ending recovery (logdev: internal) [ 189.291757][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 189.292898][ T4304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 189.315230][ T4231] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 189.337968][ T4272] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 189.352696][ T4356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 189.357690][ T7314] ntfs: volume version 3.1. [ 189.366225][ T4231] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 189.384691][ T7314] ntfs: (device loop4): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 189.426016][ T7314] ntfs: (device loop4): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 189.475608][ T7314] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 189.520526][ T7314] ntfs: (device loop4): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 189.552967][ T4195] XFS (loop2): Unmounting Filesystem [ 189.597095][ T7314] ntfs: (device loop4): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 189.612435][ T4356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 190.057478][ T7348] loop0: detected capacity change from 0 to 2048 [ 190.194407][ T7348] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 190.212185][ T7348] ext4 filesystem being mounted at /210/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 190.233483][ T7360] loop3: detected capacity change from 0 to 256 [ 190.308805][ T7360] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d) [ 190.337274][ T7348] EXT4-fs (loop0): shut down requested (0) [ 190.881043][ T7356] loop4: detected capacity change from 0 to 32768 [ 191.375130][ T7384] vcan0: tx drop: invalid sa for name 0x0000000000000002 [ 191.458974][ T7387] loop2: detected capacity change from 0 to 16 [ 192.391851][ T7400] loop3: detected capacity change from 0 to 32768 [ 192.448918][ T7378] loop1: detected capacity change from 0 to 40427 [ 192.527653][ T7400] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 192.588771][ T7405] loop0: detected capacity change from 0 to 32768 [ 192.613096][ T7378] F2FS-fs (loop1): invalid crc value [ 192.676290][ T7378] F2FS-fs (loop1): Found nat_bits in checkpoint [ 192.793051][ T4185] ocfs2: Unmounting device (7,3) on (node local) [ 193.045129][ T7378] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 193.174107][ T7421] loop3: detected capacity change from 0 to 1024 [ 193.222451][ T4184] attempt to access beyond end of device [ 193.222451][ T4184] loop1: rw=2049, want=45104, limit=40427 [ 193.478841][ T9] hfsplus: b-tree write err: -5, ino 25 [ 193.484682][ T9] hfsplus: b-tree write err: -5, ino 4 [ 193.508741][ T9] hfsplus: b-tree write err: -5, ino 2 [ 193.748246][ T7418] loop4: detected capacity change from 0 to 40427 [ 193.768874][ T4304] net_ratelimit: 9 callbacks suppressed [ 193.768890][ T4304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 193.793627][ T4356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 193.805151][ T7418] F2FS-fs (loop4): invalid crc value [ 193.823265][ T7428] loop3: detected capacity change from 0 to 4096 [ 193.844612][ T7418] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 193.857579][ T1380] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 193.867005][ T4356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 193.884029][ T4228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 193.895779][ T4304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 194.006265][ T7434] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 194.035871][ T7435] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 194.049551][ T7418] F2FS-fs (loop4): Start checkpoint disabled! [ 194.059166][ T7434] hpfs: filesystem error: improperly stopped [ 194.076043][ T7434] hpfs: You really don't want any checks? You are crazy... [ 194.119544][ T7434] hpfs: hpfs_map_sector(): read error [ 194.128865][ T7418] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 194.184298][ T7434] hpfs: code page support is disabled [ 194.220888][ T26] kauditd_printk_skb: 6 callbacks suppressed [ 194.220906][ T26] audit: type=1804 audit(1777289973.399:18): pid=7418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1085" name="/newroot/226/bus/bus" dev="loop4" ino=10 res=1 errno=0 [ 194.285114][ T7434] hpfs: hpfs_map_4sectors(): unaligned read [ 194.291123][ T7434] hpfs: hpfs_map_4sectors(): unaligned read [ 194.335831][ T7434] hpfs: filesystem error: unable to find root dir [ 194.370106][ T7418] attempt to access beyond end of device [ 194.370106][ T7418] loop4: rw=10241, want=45104, limit=40427 [ 194.398077][ T7418] attempt to access beyond end of device [ 194.398077][ T7418] loop4: rw=2049, want=45104, limit=40427 [ 194.412648][ T1431] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.412754][ T1431] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.413221][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 194.415708][ T4304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 194.602544][ T144] attempt to access beyond end of device [ 194.602544][ T144] loop4: rw=2049, want=45112, limit=40427 [ 194.816139][ T4356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 194.835241][ T4229] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 194.866629][ T7450] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 194.886298][ T4356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 195.020446][ T7450] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,norecovery,min_batch_time=0x0000000000000001,nojournal_checksum,debug_want_extra_isize=0x0000000000000080,nodelalloc,errors=remount-ro,acl,auto_da_alloc=0x0000000000000343,jqfmt=vfsold,barrier=0x00000000000000. Quota mode: none. [ 195.315139][ T4229] usb 3-1: unable to get BOS descriptor or descriptor too short [ 195.339427][ T7462] netlink: 'syz.4.1097': attribute type 3 has an invalid length. [ 195.381227][ T7462] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1097'. [ 195.426290][ T4229] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7 [ 195.645253][ T4229] usb 3-1: New USB device found, idVendor=0582, idProduct=004c, bcdDevice= 0.40 [ 195.681280][ T4229] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 195.699962][ T4229] usb 3-1: Product: syz [ 195.704236][ T4229] usb 3-1: Manufacturer: syz [ 195.730376][ T4229] usb 3-1: SerialNumber: syz [ 195.853302][ T7460] set_capacity_and_notify: 2 callbacks suppressed [ 195.853320][ T7460] loop0: detected capacity change from 0 to 32768 [ 195.977918][ T7460] XFS (loop0): Mounting V5 Filesystem [ 196.017799][ T4229] usb 3-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 196.029077][ T7464] loop3: detected capacity change from 0 to 32768 [ 196.184160][ T7464] JBD2: Ignoring recovery information on journal [ 196.236260][ T7460] XFS (loop0): Ending clean mount [ 196.248919][ T4229] usb 3-1: 2:1 : unknown format tag 0x4 is detected. processed as MPEG. [ 196.261543][ T7464] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 196.265586][ T4229] usb 3-1: found format II with max.bitrate = 4, frame size=7372 [ 196.494260][ T4187] XFS (loop0): Unmounting Filesystem [ 196.611530][ T4185] ocfs2: Unmounting device (7,3) on (node local) [ 196.685757][ T4229] usb 3-1: 2:1 : unknown format tag 0x4 is detected. processed as MPEG. [ 196.697229][ T4229] usb 3-1: found format II with max.bitrate = 4, frame size=7372 [ 196.905174][ T4229] usb 3-1: parse_audio_format_rates_v2v3(): unable to retrieve number of sample rates (clock 0) [ 196.971611][ T4229] usb 3-1: USB disconnect, device number 11 [ 197.102207][ T7501] loop0: detected capacity change from 0 to 4096 [ 197.232189][ T7507] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 197.246592][ T4202] udevd[4202]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 197.834358][ T7526] loop2: detected capacity change from 0 to 512 [ 198.012601][ T7526] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,,errors=continue. Quota mode: writeback. [ 198.057456][ T7526] ext4 filesystem being mounted at /213/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 198.263794][ T7526] EXT4-fs (loop2): re-mounted. Opts: grpquota,nogrpid,quota,. Quota mode: writeback. [ 198.424678][ T7516] loop4: detected capacity change from 0 to 131072 [ 198.483177][ T7516] F2FS-fs (loop4): Test dummy encryption mode enabled [ 198.493152][ T7516] F2FS-fs (loop4): invalid crc value [ 198.515589][ T7516] F2FS-fs (loop4): Found nat_bits in checkpoint [ 198.576862][ T7516] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 198.885251][ T4304] net_ratelimit: 11 callbacks suppressed [ 198.885270][ T4304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 198.954362][ T7516] fscrypt (loop4, inode 10): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))") [ 199.034990][ T7542] fscrypt (loop4, inode 11): Error allocating 'xts(aes)' transform: -4 [ 199.088604][ T7543] loop2: detected capacity change from 0 to 4096 [ 199.111883][ T7522] loop1: detected capacity change from 0 to 32768 [ 199.154211][ T7543] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 199.175116][ C0] vkms_vblank_simulate: vblank timer overrun [ 199.276870][ T7543] ntfs: (device loop2): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 199.333841][ T7522] JBD2: Ignoring recovery information on journal [ 199.375303][ T7543] ntfs: (device loop2): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 199.445310][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 199.481674][ T4356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 199.499708][ T7543] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 199.509612][ T7522] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 199.529759][ T4231] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 199.529980][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 199.546666][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 199.568801][ T7543] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 199.633873][ T144] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 199.646614][ T5118] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 199.655646][ T7543] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 199.664447][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 199.681687][ T7543] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 199.716380][ T7538] loop0: detected capacity change from 0 to 32768 [ 199.738100][ T7522] (syz.1.1122,7522,1):ocfs2_remove_inode_range:1797 ERROR: status = -22 [ 199.773228][ T7522] (syz.1.1122,7522,1):__ocfs2_change_file_space:2048 ERROR: status = -22 [ 199.785987][ T7543] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 199.829762][ T7543] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 199.856146][ T7543] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 199.870676][ T7543] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 199.891429][ T7538] XFS (loop0): Mounting V5 Filesystem [ 199.900130][ T7543] ntfs: volume version 3.1. [ 200.019048][ T7538] XFS (loop0): Ending clean mount [ 200.033043][ T4184] ocfs2: Unmounting device (7,1) on (node local) [ 200.043446][ T7538] XFS (loop0): Quotacheck needed: Please wait. [ 200.218804][ T7538] XFS (loop0): Quotacheck: Done. [ 200.389312][ T7559] loop3: detected capacity change from 0 to 32768 [ 200.393977][ T4187] XFS (loop0): Unmounting Filesystem [ 200.486332][ T4231] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 200.569394][ T7559] XFS (loop3): Mounting V5 Filesystem [ 200.846240][ T7559] XFS (loop3): Ending clean mount [ 201.015674][ T4185] XFS (loop3): Unmounting Filesystem [ 201.123324][ T7575] loop1: detected capacity change from 0 to 40427 [ 201.157532][ T4231] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 201.249889][ T7575] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 201.290077][ T7575] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 201.315443][ T7575] F2FS-fs (loop1): invalid crc value [ 201.352988][ T7604] loop0: detected capacity change from 0 to 256 [ 201.367155][ T7575] F2FS-fs (loop1): Found nat_bits in checkpoint [ 201.443267][ T7604] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d) [ 201.457461][ T4231] usb 5-1: Using ep0 maxpacket: 16 [ 201.568630][ T7575] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 201.576522][ T4231] usb 5-1: config 0 has no interfaces? [ 201.589677][ T7575] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 201.735324][ T4231] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55 [ 201.754791][ T4231] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.791690][ T4231] usb 5-1: Product: syz [ 201.798768][ T7604] exFAT-fs (loop0): error, invalid size(size(11) > aligned(9223372036854777344) [ 201.798768][ T7604] [ 201.815045][ T4231] usb 5-1: Manufacturer: syz [ 201.847260][ T4231] usb 5-1: SerialNumber: syz [ 201.872117][ T4231] usb 5-1: config 0 descriptor?? [ 201.892125][ T7604] exFAT-fs (loop0): Filesystem has been set read-only [ 201.945312][ T7623] loop3: detected capacity change from 0 to 256 [ 202.011005][ T7623] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001ff8a, chksum : 0xa6267692, utbl_chksum : 0xe619d30d) [ 202.156772][ T4229] usb 5-1: USB disconnect, device number 11 [ 202.306900][ T7632] loop0: detected capacity change from 0 to 1024 [ 202.356311][ T7632] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 202.429521][ T7632] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,norecovery,min_batch_time=0x0000000000000001,nojournal_checksum,debug_want_extra_isize=0x0000000000000080,nodelalloc,errors=remount-ro,acl,auto_da_alloc=0x0000000000000343,jqfmt=vfsold,barrier=0x00000000000000. Quota mode: none. [ 202.458316][ C0] vkms_vblank_simulate: vblank timer overrun [ 202.593666][ T7644] device syzkaller1 entered promiscuous mode [ 202.950773][ T7649] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1159'. [ 203.109207][ T7650] loop2: detected capacity change from 0 to 4096 [ 203.209114][ T7656] loop4: detected capacity change from 0 to 256 [ 203.295089][ T7657] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 203.517497][ T7642] loop3: detected capacity change from 0 to 131072 [ 203.548776][ T7642] F2FS-fs (loop3): Test dummy encryption mode enabled [ 203.561211][ T7660] NILFS (loop2): nilfs_sufile_do_free: segment 9 is already clean [ 203.567843][ T7656] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e06c6e, utbl_chksum : 0xe619d30d) [ 203.680174][ T7642] F2FS-fs (loop3): Found nat_bits in checkpoint [ 203.742288][ T7642] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b [ 203.890186][ T7642] syz.3.1156 (pid 7642) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 203.904256][ T7669] device syzkaller1 entered promiscuous mode [ 204.169440][ T7678] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1171'. [ 204.588744][ T7691] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1176'. [ 204.663769][ T4229] net_ratelimit: 10 callbacks suppressed [ 204.663791][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.725580][ T4236] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.734052][ T4356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.751221][ T1380] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.806568][ T5118] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.866141][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.989089][ T7698] loop4: detected capacity change from 0 to 64 [ 205.382003][ T1380] attempt to access beyond end of device [ 205.382003][ T1380] loop4: rw=1, want=268435470, limit=64 [ 205.437603][ T1380] Buffer I/O error on dev loop4, logical block 134217734, lost async page write [ 205.667347][ T7709] loop2: detected capacity change from 0 to 128 [ 205.798267][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 205.807865][ T4356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 205.839466][ T7709] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 205.876465][ T7715] loop3: detected capacity change from 0 to 128 [ 205.888476][ T7709] FAT-fs (loop2): Filesystem has been set read-only [ 205.935361][ T7717] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 206.400940][ T7720] loop4: detected capacity change from 0 to 4096 [ 206.572161][ T7702] loop0: detected capacity change from 0 to 32768 [ 206.624104][ T6077] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 206.629985][ T7726] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1190'. [ 206.702909][ T7726] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1190'. [ 206.723100][ T7702] XFS (loop0): Mounting V5 Filesystem [ 206.805288][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 206.875667][ T7702] XFS (loop0): Ending clean mount [ 207.115790][ T4187] XFS (loop0): Unmounting Filesystem [ 207.255946][ T7745] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 207.444037][ T7741] loop2: detected capacity change from 0 to 8192 [ 207.572600][ T7741] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 207.622701][ T7741] REISERFS (device loop2): using ordered data mode [ 207.705118][ T7741] reiserfs: using flush barriers [ 207.725715][ T7741] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 207.803365][ T7741] REISERFS (device loop2): checking transaction log (loop2) [ 207.861926][ T7753] loop3: detected capacity change from 0 to 256 [ 207.970753][ T7753] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e06c6e, utbl_chksum : 0xe619d30d) [ 208.205988][ T7741] REISERFS (device loop2): Using tea hash to sort names [ 208.225397][ T7741] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 208.265306][ T7741] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 208.284211][ T7741] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 208.297617][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 208.297635][ T26] audit: type=1326 audit(1777289987.479:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7756 comm="syz.0.1200" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f82e720cdd9 code=0x0 [ 208.370445][ T7741] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 4) not found (pos 2) [ 208.407683][ T7741] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 208.437791][ T7760] device syzkaller1 entered promiscuous mode [ 208.558000][ T7747] loop4: detected capacity change from 0 to 32768 [ 208.752448][ T7747] XFS (loop4): Mounting V5 Filesystem [ 208.848063][ T7747] XFS (loop4): Ending clean mount [ 209.074760][ T4188] XFS (loop4): Unmounting Filesystem [ 209.326509][ T7778] loop0: detected capacity change from 0 to 4096 [ 209.427845][ T7778] EXT4-fs (loop0): mounted filesystem without journal. Opts: mb_optimize_scan=0x0000000000000000,init_itable,bsdgroups,,errors=continue. Quota mode: writeback. [ 209.751947][ T6077] net_ratelimit: 8 callbacks suppressed [ 209.751966][ T6077] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.779494][ T4228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.788175][ T5116] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.978639][ T7785] MD5 Hash mismatch for [fe88::105]:20004->[fe80::aa]:20002 L3 index 0 [ 209.997720][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 210.007174][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 210.182011][ T7780] loop2: detected capacity change from 0 to 32768 [ 210.232945][ T7789] loop4: detected capacity change from 0 to 4096 [ 210.298982][ T7780] [ 210.298982][ T7780] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 210.298982][ T7780] [ 210.309889][ T6077] usb 1-1: new low-speed USB device number 9 using dummy_hcd [ 210.387405][ T7780] ERROR: (device loop2): diWrite: ixpxd invalid [ 210.387405][ T7780] [ 210.445569][ T7780] ERROR: (device loop2): txCommit: [ 210.445569][ T7780] [ 210.598414][ T4376] ERROR: (device loop2): diWrite: ixpxd invalid [ 210.598414][ T4376] [ 210.611400][ T4188] ntfs3: loop4: ntfs_evict_inode r=5 failed, -22. [ 210.622274][ T4188] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 210.632535][ T4376] ERROR: (device loop2): txCommit: [ 210.632535][ T4376] [ 210.667535][ T4376] jfs_write_inode: jfs_commit_inode failed! [ 210.680535][ T4195] [ 210.680535][ T4195] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 210.680535][ T4195] [ 210.694056][ T4195] [ 210.694056][ T4195] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 210.694056][ T4195] [ 210.735337][ T6077] usb 1-1: unable to get BOS descriptor or descriptor too short [ 210.825238][ T6077] usb 1-1: config 8 has an invalid interface number: 206 but max is 0 [ 210.840631][ T6077] usb 1-1: config 8 has no interface number 0 [ 210.849531][ T6077] usb 1-1: config 8 interface 206 has no altsetting 0 [ 210.965680][ T4228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 211.045635][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 211.054057][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 211.115237][ T6077] usb 1-1: string descriptor 0 read error: -22 [ 211.126040][ T6077] usb 1-1: New USB device found, idVendor=093b, idProduct=a102, bcdDevice= 0.01 [ 211.172321][ T6077] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 211.250268][ T6077] go7007: probe of 1-1:8.206 failed with error -12 [ 211.373040][ T7795] loop3: detected capacity change from 0 to 32768 [ 211.492530][ T7821] loop2: detected capacity change from 0 to 128 [ 211.521139][ T6077] usb 1-1: USB disconnect, device number 9 [ 211.521749][ T7795] XFS (loop3): Mounting V5 Filesystem [ 211.725481][ T7795] XFS (loop3): Ending clean mount [ 211.814138][ T7806] loop4: detected capacity change from 0 to 32768 [ 211.820242][ T7795] XFS (loop3): User initiated shutdown received. [ 211.845686][ T7795] XFS (loop3): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x6d/0x150 (fs/xfs/xfs_fsops.c:491). Shutting down filesystem. [ 211.903211][ T7806] (syz.4.1215,7806,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 211.940571][ T7806] (syz.4.1215,7806,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 211.959403][ T7795] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 211.967403][ T7836] loop2: detected capacity change from 0 to 1024 [ 211.988688][ T7806] (syz.4.1215,7806,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 212.049278][ T7806] (syz.4.1215,7806,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 212.065877][ T7806] JBD2: Ignoring recovery information on journal [ 212.069541][ T4185] XFS (loop3): Unmounting Filesystem [ 212.095501][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 212.156020][ T7806] (syz.4.1215,7806,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 212.217308][ T26] audit: type=1800 audit(1777289991.399:21): pid=7836 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1224" name="file1" dev="loop2" ino=20 res=0 errno=0 [ 212.228804][ T7806] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 212.326702][ T7806] (syz.4.1215,7806,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 212.350633][ T7806] (syz.4.1215,7806,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC. [ 212.366501][ T1380] hfsplus: b-tree write err: -5, ino 25 [ 212.372369][ T1380] hfsplus: b-tree write err: -5, ino 4 [ 212.410776][ T1380] hfsplus: b-tree write err: -5, ino 2 [ 212.434449][ T1380] hfsplus: b-tree write err: -5, ino 26 [ 212.632003][ T7806] (syz.4.1215,7806,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x2c7b5077, computed 0x4d558a87. Applying ECC. [ 212.670007][ T7806] (syz.4.1215,7806,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x2c7b5077, computed 0x5d2751af [ 212.689607][ T7806] (syz.4.1215,7806,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 212.704668][ T7806] (syz.4.1215,7806,1):ocfs2_quota_read:201 ERROR: status = -5 [ 212.760622][ T7806] Quota error (device loop4): find_next_id: Can't read quota tree block 5 [ 212.801539][ T7806] (syz.4.1215,7806,1):ocfs2_get_next_id:909 ERROR: status = -5 [ 212.804137][ T7856] loop2: detected capacity change from 0 to 512 [ 212.912544][ T7858] device syzkaller1 entered promiscuous mode [ 212.914682][ T7856] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c01c, mo2=0002] [ 212.945733][ T4188] ocfs2: Unmounting device (7,4) on (node local) [ 212.952514][ T7856] System zones: 0-2, 18-18, 34-35 [ 212.993562][ T7856] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 213.035135][ T7856] ext4 filesystem being mounted at /241/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 213.465016][ T4354] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 213.725131][ T4354] usb 4-1: Using ep0 maxpacket: 16 [ 213.845124][ T4354] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 213.856707][ T4354] usb 4-1: config 0 has no interface number 0 [ 214.061377][ T4354] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 214.075546][ T4354] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.100364][ T4354] usb 4-1: Product: syz [ 214.110420][ T4354] usb 4-1: Manufacturer: syz [ 214.127571][ T4354] usb 4-1: SerialNumber: syz [ 214.154821][ T4354] usb 4-1: config 0 descriptor?? [ 214.164550][ T7897] netlink: 'syz.1.1251': attribute type 4 has an invalid length. [ 214.195212][ T7897] netlink: 'syz.1.1251': attribute type 7 has an invalid length. [ 214.212698][ T7897] netlink: 198628 bytes leftover after parsing attributes in process `syz.1.1251'. [ 214.230059][ T4354] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 214.473129][ T7911] device syzkaller1 entered promiscuous mode [ 214.726385][ T7917] loop2: detected capacity change from 0 to 4096 [ 214.753044][ T7917] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled [ 214.763130][ T7917] EXT4-fs (loop2): Test dummy encryption mode enabled [ 214.793797][ T7917] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,nombcache,user_xattr,test_dummy_encryption,,errors=continue. Quota mode: writeback. [ 214.830244][ T7917] EXT4-fs (loop2): shut down requested (1) [ 214.849423][ T7917] EXT4-fs warning (device loop2): ext4_empty_dir:3156: inode #12: comm syz.2.1260: directory missing '..' [ 214.986271][ T7923] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1262'. [ 215.025838][ T7923] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1262'. [ 215.053888][ T7922] loop2: detected capacity change from 0 to 64 [ 215.217446][ T4236] net_ratelimit: 8 callbacks suppressed [ 215.217466][ T4236] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 215.234170][ T4356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 215.245681][ T7922] Trying to free block not in datazone [ 215.294304][ T4354] gspca_spca1528: reg_w err -71 [ 215.315740][ T4354] spca1528: probe of 4-1:0.1 failed with error -71 [ 215.352552][ T4354] usb 4-1: USB disconnect, device number 10 [ 215.384963][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 215.655126][ T4236] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 215.845441][ T5116] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 215.902534][ T7950] device syzkaller1 entered promiscuous mode [ 215.974951][ T4236] usb 5-1: Using ep0 maxpacket: 8 [ 216.079056][ T7955] netlink: 'syz.3.1273': attribute type 4 has an invalid length. [ 216.095224][ T4236] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 216.103483][ T4236] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 216.132080][ T4236] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 216.133718][ T7956] netlink: 'syz.3.1273': attribute type 17 has an invalid length. [ 216.194904][ T4236] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 216.217603][ T7956] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 216.234923][ T4236] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 216.276062][ T4236] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 216.323761][ T4236] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.366153][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 216.405538][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 216.625055][ T4236] usb 5-1: usb_control_msg returned -32 [ 216.630858][ T4236] usbtmc 5-1:16.0: can't read capabilities [ 217.041508][ T7977] usb 5-1: usbtmc_ioctl_clear_out_halt returned -32 [ 217.456148][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 217.465304][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 217.474379][ T4236] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 217.648151][ T7967] loop1: detected capacity change from 0 to 40427 [ 217.758206][ T7967] F2FS-fs (loop1): invalid crc value [ 217.787458][ T7967] F2FS-fs (loop1): Found nat_bits in checkpoint [ 217.932308][ T7967] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 217.956564][ T4196] block nbd2: Receive control failed (result -32) [ 217.969835][ T7980] block nbd2: shutting down sockets [ 218.054353][ T7996] loop0: detected capacity change from 0 to 2048 [ 218.078878][ T7990] attempt to access beyond end of device [ 218.078878][ T7990] loop1: rw=2049, want=45104, limit=40427 [ 218.151287][ T7996] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 218.223310][ T7999] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1290'. [ 218.397814][ T4228] usb 5-1: USB disconnect, device number 12 [ 218.525447][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 218.612478][ T8008] device hsr0 entered promiscuous mode [ 218.619796][ T8008] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1296'. [ 218.709661][ T8008] device hsr_slave_0 left promiscuous mode [ 218.745278][ T8008] device hsr_slave_1 left promiscuous mode [ 218.839810][ T8008] device hsr0 left promiscuous mode [ 219.462813][ T8032] loop4: detected capacity change from 0 to 4096 [ 219.465074][ T8043] netlink: 'syz.3.1309': attribute type 10 has an invalid length. [ 219.556912][ T8032] EXT4-fs (loop4): mounted filesystem without journal. Opts: mb_optimize_scan=0x0000000000000000,init_itable,bsdgroups,,errors=continue. Quota mode: writeback. [ 219.638176][ T8043] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 219.699883][ T8043] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 219.765844][ T8051] input: syz0 as /devices/virtual/input/input13 [ 219.809936][ T8046] netlink: 'syz.3.1309': attribute type 10 has an invalid length. [ 219.910618][ T8046] 8021q: adding VLAN 0 to HW filter on device bond0 [ 220.018956][ T8046] team0: Port device bond0 added [ 220.516671][ T8059] loop3: detected capacity change from 0 to 64 [ 220.898868][ T4354] net_ratelimit: 6 callbacks suppressed [ 220.898890][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 220.944639][ T8053] loop2: detected capacity change from 0 to 131072 [ 221.014982][ T8053] XFS: ikeep mount option is deprecated. [ 221.184430][ T8053] XFS (loop2): Mounting V5 Filesystem [ 221.450408][ T8053] XFS (loop2): Starting recovery (logdev: internal) [ 221.450715][ T8081] device ipvlan2 entered promiscuous mode [ 221.528150][ T8053] XFS (loop2): Ending recovery (logdev: internal) [ 221.555537][ T8081] team0: Device ipvlan2 failed to register rx_handler [ 221.611843][ T4195] XFS (loop2): Unmounting Filesystem [ 221.618829][ T8057] loop4: detected capacity change from 0 to 32768 [ 221.724609][ T8057] XFS (loop4): Mounting V5 Filesystem [ 221.833372][ T8057] XFS (loop4): Ending clean mount [ 221.864113][ T8071] loop3: detected capacity change from 0 to 32768 [ 221.928311][ T4228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 221.939302][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 221.948525][ T8057] XFS (loop4): Quotacheck needed: Please wait. [ 222.084011][ T8057] XFS (loop4): Quotacheck: Done. [ 222.090911][ T8071] add_index: next_index = 0. Resetting! [ 222.098093][ T8096] loop1: detected capacity change from 0 to 1024 [ 222.106829][ T8071] non-latin1 character 0x3ff found in JFS file name [ 222.113494][ T8071] mount with iocharset=utf8 to access [ 222.229618][ T4188] XFS (loop4): Unmounting Filesystem [ 222.384625][ T9] hfsplus: request for non-existent node 33554434 in B*Tree [ 222.433748][ T9] hfsplus: request for non-existent node 33554434 in B*Tree [ 222.645536][ T8104] loop3: detected capacity change from 0 to 64 [ 222.848168][ T8104] attempt to access beyond end of device [ 222.848168][ T8104] loop3: rw=0, want=1026, limit=64 [ 222.964222][ T8104] Buffer I/O error on dev loop3, logical block 512, async page read [ 222.977198][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 223.013084][ T8104] attempt to access beyond end of device [ 223.013084][ T8104] loop3: rw=0, want=113154, limit=64 [ 223.034462][ T8104] Buffer I/O error on dev loop3, logical block 56576, async page read [ 223.299242][ T8113] loop3: detected capacity change from 0 to 256 [ 223.464224][ T8114] loop4: detected capacity change from 0 to 4096 [ 223.574609][ T8114] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512) [ 223.993131][ T8108] loop1: detected capacity change from 0 to 32768 [ 224.016030][ T4356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.152525][ T8125] loop2: detected capacity change from 0 to 4096 [ 224.187257][ T8108] ERROR: (device loop1): dbAlloc: unable to allocate blocks [ 224.187257][ T8108] [ 224.220001][ T8108] ERROR: (device loop1): remounting filesystem as read-only [ 224.594408][ T4195] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22. [ 224.635049][ T4195] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 224.863739][ T5116] kernel write not supported for file /input/mouse0 (pid: 5116 comm: kworker/0:13) [ 224.970208][ T8139] loop0: detected capacity change from 0 to 8192 [ 224.984569][ T4228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.056550][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.103082][ T8139] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 225.153330][ T8127] loop3: detected capacity change from 0 to 32768 [ 225.168704][ T8139] REISERFS (device loop0): using ordered data mode [ 225.175883][ T8139] reiserfs: using flush barriers [ 225.226362][ T8139] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 225.241887][ T8151] loop1: detected capacity change from 0 to 128 [ 225.312543][ T8139] REISERFS (device loop0): checking transaction log (loop0) [ 225.363533][ T8151] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only [ 225.386453][ T8139] REISERFS (device loop0): Using r5 hash to sort names [ 225.408606][ T8139] REISERFS (device loop0): using 3.5.x disk format [ 225.417717][ T8139] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 225.445222][ T8151] hpfs: filesystem error: improperly stopped [ 225.451277][ T8151] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 225.509993][ T8151] hpfs: Proceeding, but your filesystem could be corrupted if you delete files or directories [ 225.555008][ T8151] hpfs: You really don't want any checks? You are crazy... [ 225.582935][ T8151] hpfs: hpfs_map_sector(): read error [ 225.603059][ T8151] hpfs: code page support is disabled [ 225.663062][ T8151] hpfs: hpfs_map_4sectors(): unaligned read [ 225.669441][ T8151] hpfs: hpfs_map_4sectors(): unaligned read [ 225.702726][ T8151] hpfs: filesystem error: unable to find root dir [ 225.995733][ T8159] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1352'. [ 226.003577][ T8134] loop4: detected capacity change from 0 to 40427 [ 226.055147][ T8159] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1352'. [ 226.085693][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 226.104361][ T8159] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1352'. [ 226.115398][ T8134] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x1ffff [ 226.134778][ T8159] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1352'. [ 226.148405][ T8134] F2FS-fs (loop4): invalid crc value [ 226.205081][ T8134] F2FS-fs (loop4): Found nat_bits in checkpoint [ 226.336680][ T8134] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 226.435032][ T4229] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 226.441774][ T8173] loop2: detected capacity change from 0 to 764 [ 226.559488][ T4188] attempt to access beyond end of device [ 226.559488][ T4188] loop4: rw=2049, want=45104, limit=40427 [ 226.825419][ T4229] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 226.856539][ T4229] usb 4-1: config 0 has no interfaces? [ 227.026599][ T8161] loop0: detected capacity change from 0 to 32768 [ 227.065382][ T4229] usb 4-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5 [ 227.114199][ T4229] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 227.124363][ T8161] find_entry called with index >= next_index [ 227.135140][ T8161] find_entry called with index >= next_index [ 227.141830][ T8161] find_entry called with index >= next_index [ 227.148864][ T4229] usb 4-1: Product: syz [ 227.154226][ T4229] usb 4-1: Manufacturer: syz [ 227.160028][ T8161] find_entry called with index >= next_index [ 227.177940][ T4229] usb 4-1: SerialNumber: syz [ 227.183953][ T8161] find_entry called with index >= next_index [ 227.203542][ T4229] usb 4-1: config 0 descriptor?? [ 227.208699][ T8161] add_index: next_index = 0. Resetting! [ 227.215962][ T8161] find_entry called with index >= next_index [ 227.241414][ T4236] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 227.275888][ T8161] find_entry called with index >= next_index [ 227.282078][ T8161] find_entry called with index >= next_index [ 227.329183][ T26] audit: type=1800 audit(1777290006.509:22): pid=8161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1350" name="file1" dev="loop0" ino=4 res=0 errno=0 [ 227.393223][ T8161] find_entry called with index >= next_index [ 227.435090][ T8161] find_entry called with index >= next_index [ 227.441682][ T8161] find_entry called with index >= next_index [ 227.493450][ T4236] usb 4-1: USB disconnect, device number 11 [ 227.665246][ T8182] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 227.674521][ T8182] REISERFS (device loop2): using ordered data mode [ 227.756034][ T8194] EXT4-fs (loop1): 1 truncate cleaned up [ 227.761861][ T8194] EXT4-fs (loop1): mounted filesystem without journal. Opts: noload,stripe=0x000000000000030c,jqfmt=vfsv1,nojournal_checksum,jqfmt=vfsv1,usrjquota=,,errors=continue. Quota mode: none. [ 227.767936][ T8182] reiserfs: using flush barriers [ 227.794929][ T8182] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 227.815850][ T8182] REISERFS (device loop2): checking transaction log (loop2) [ 227.841036][ T26] audit: type=1804 audit(1777290007.019:23): pid=8194 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1365" name="/newroot/281/file1/file1" dev="loop1" ino=15 res=1 errno=0 [ 227.857769][ T8182] REISERFS (device loop2): Using r5 hash to sort names [ 227.934276][ T8182] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 228.015364][ T6077] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 228.256049][ T4354] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 228.321949][ T8197] set_capacity_and_notify: 3 callbacks suppressed [ 228.321967][ T8197] loop4: detected capacity change from 0 to 32768 [ 228.379085][ T8197] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.1367 (8197) [ 228.437903][ T8197] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 228.470270][ T8197] BTRFS info (device loop4): using free space tree [ 228.489094][ T8197] BTRFS info (device loop4): has skinny extents [ 228.629797][ T8228] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1375'. [ 228.732531][ T8236] netlink: 'syz.1.1376': attribute type 11 has an invalid length. [ 228.815806][ T8197] BTRFS info (device loop4): enabling ssd optimizations [ 228.825166][ T8243] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 228.845464][ T8243] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 228.909538][ T8243] overlayfs: failed to resolve './file1/file0': -2 [ 228.965303][ T6077] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.001338][ T8248] loop1: detected capacity change from 0 to 4096 [ 229.140358][ T8248] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 229.140984][ T8248] ntfs3: loop1: Failed to load $Extend. [ 229.216274][ T8248] ntfs3: loop1: ino=1b, "file0" directory corrupted [ 229.398872][ T8216] loop3: detected capacity change from 0 to 32768 [ 229.603078][ T8216] XFS (loop3): Mounting V5 Filesystem [ 229.643057][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.886168][ T8216] XFS (loop3): Ending clean mount [ 230.034674][ T4185] XFS (loop3): Unmounting Filesystem [ 230.136726][ T8260] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 230.180062][ T4186] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 230.595413][ T4186] usb 5-1: config 0 has an invalid interface number: 255 but max is 0 [ 230.603851][ T4186] usb 5-1: config 0 has no interface number 0 [ 230.610288][ T8260] usb 2-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config [ 230.621824][ T8260] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 230.633112][ T4186] usb 5-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30 [ 230.648093][ T8260] usb 2-1: config 1 has no interface number 0 [ 230.654263][ T8260] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 230.671281][ T4186] usb 5-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 230.684764][ T8260] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 230.701855][ T4186] usb 5-1: config 0 interface 255 has no altsetting 0 [ 230.708832][ T4186] usb 5-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 230.724764][ T8260] usb 2-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 230.734100][ T4186] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 230.748410][ T8260] usb 2-1: too many endpoints for config 1 interface 1 altsetting 1: 48, using maximum allowed: 30 [ 230.771237][ T4186] usb 5-1: config 0 descriptor?? [ 230.782479][ T8260] usb 2-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 48 [ 230.803271][ T4352] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 230.836235][ T4186] ums-realtek 5-1:0.255: USB Mass Storage device detected [ 230.848919][ T8298] loop3: detected capacity change from 0 to 32768 [ 230.940366][ T8298] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.1396 (8298) [ 230.967479][ T8298] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 230.980568][ T8298] BTRFS info (device loop3): using free space tree [ 230.985302][ T8260] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 230.987884][ T8298] BTRFS info (device loop3): has skinny extents [ 230.996895][ T8260] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 231.011315][ T8260] usb 2-1: Product: syz [ 231.015805][ T8260] usb 2-1: Manufacturer: syz [ 231.020638][ T8260] usb 2-1: SerialNumber: syz [ 231.050427][ T6077] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 231.065277][ T8268] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 231.089593][ T4186] usb 5-1: USB disconnect, device number 13 [ 231.153597][ T8298] BTRFS info (device loop3): enabling ssd optimizations [ 231.650982][ T8330] loop4: detected capacity change from 0 to 2048 [ 231.729648][ T8330] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 231.838042][ T8260] cdc_ncm 2-1:1.1: bind() failure [ 231.855014][ T5120] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 231.863415][ T8260] usb 2-1: USB disconnect, device number 9 [ 231.903157][ T4352] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 232.015097][ T13] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 232.245360][ T5120] usb 4-1: config index 0 descriptor too short (expected 8292, got 100) [ 232.265432][ T5120] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 232.294939][ T5120] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 232.310742][ T5120] usb 4-1: config 1 has no interface number 0 [ 232.317289][ T5120] usb 4-1: too many endpoints for config 1 interface 1 altsetting 0: 222, using maximum allowed: 30 [ 232.329691][ T5120] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 232.340984][ T5120] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 222 [ 232.355250][ T5120] usb 4-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 232.364411][ T5120] usb 4-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 232.535330][ T5120] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=17.40 [ 232.549009][ T5120] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 232.554953][ T8260] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 232.560177][ T5120] usb 4-1: Product: syz [ 232.573852][ T5120] usb 4-1: Manufacturer: syz [ 232.583405][ T13] usb 1-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 232.599377][ T13] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 232.607787][ T5120] usb 4-1: SerialNumber: syz [ 232.615538][ T13] usb 1-1: Product: syz [ 232.627579][ T13] usb 1-1: Manufacturer: syz [ 232.632523][ T13] usb 1-1: SerialNumber: syz [ 232.838893][ T8260] usb 3-1: Using ep0 maxpacket: 16 [ 232.844200][ T8362] loop1: detected capacity change from 0 to 256 [ 232.931837][ T8362] FAT-fs (loop1): Directory bread(block 64) failed [ 232.944610][ T8362] FAT-fs (loop1): Directory bread(block 65) failed [ 232.953206][ T8362] FAT-fs (loop1): Directory bread(block 66) failed [ 232.960411][ T8362] FAT-fs (loop1): Directory bread(block 67) failed [ 232.967237][ T8362] FAT-fs (loop1): Directory bread(block 68) failed [ 232.974108][ T8362] FAT-fs (loop1): Directory bread(block 69) failed [ 232.981481][ T4352] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 232.984389][ T8362] FAT-fs (loop1): Directory bread(block 70) failed [ 232.990610][ T8260] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 232.996895][ T8362] FAT-fs (loop1): Directory bread(block 71) failed [ 233.013926][ T8260] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 233.014567][ T8362] FAT-fs (loop1): Directory bread(block 72) failed [ 233.024725][ T8260] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 233.031306][ T8362] FAT-fs (loop1): Directory bread(block 73) failed [ 233.049366][ T8260] usb 3-1: New USB device found, idVendor=056e, idProduct=010c, bcdDevice= 0.00 [ 233.060100][ T8260] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 233.071644][ T8260] usb 3-1: config 0 descriptor?? [ 233.340584][ T8370] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 233.368937][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 233.475002][ T4352] usb 5-1: new full-speed USB device number 14 using dummy_hcd [ 233.535824][ T5120] cdc_ncm 4-1:1.1: bind() failure [ 233.576867][ T8260] elecom 0003:056E:010C.000B: unknown main item tag 0x0 [ 233.609089][ T8260] elecom 0003:056E:010C.000B: unknown main item tag 0x0 [ 233.625201][ T8260] elecom 0003:056E:010C.000B: item fetching failed at offset 2/41 [ 233.638136][ T8260] elecom: probe of 0003:056E:010C.000B failed with error -22 [ 233.742196][ T5120] usb 4-1: USB disconnect, device number 12 [ 233.872707][ T8260] usb 3-1: USB disconnect, device number 12 [ 233.915089][ T4352] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 233.923838][ T4352] usb 5-1: config 1 has an invalid descriptor of length 176, skipping remainder of the config [ 233.954957][ T4352] usb 5-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 233.984964][ T4352] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 234.027567][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 234.086017][ T4304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 234.125197][ T4352] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 234.136831][ T4352] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 234.145203][ T4352] usb 5-1: SerialNumber: syz [ 234.206113][ T4352] cdc_acm 5-1:1.0: skipping garbage [ 234.211389][ T4352] cdc_acm 5-1:1.0: skipping garbage [ 234.243745][ T4352] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 234.269363][ T4352] cdc_acm 5-1:1.0: This needs exactly 3 endpoints [ 234.289056][ T4352] cdc_acm: probe of 5-1:1.0 failed with error -22 [ 234.406261][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 234.417215][ T4352] usb 5-1: USB disconnect, device number 14 [ 234.639872][ T8391] loop0: detected capacity change from 0 to 8192 [ 234.719252][ T4304] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 234.778308][ T4304] hid-generic 0000:0000:0000.000C: hidraw0: HID v0.00 Device [syz1] on syz0 [ 234.809160][ T8405] loop3: detected capacity change from 0 to 64 [ 234.925500][ T8405] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. mounting read-only. [ 234.945118][ T13] rtl8150 1-1:1.0: couldn't reset the device [ 234.952695][ T13] rtl8150: probe of 1-1:1.0 failed with error -5 [ 234.997341][ T8405] hfs: filesystem is marked locked, mounting read-only. [ 235.055183][ T13] usb 1-1: USB disconnect, device number 10 [ 235.095299][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 235.295252][ C1] sd 0:0:1:0: tag#2008 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 235.305237][ C1] sd 0:0:1:0: tag#2008 CDB: Write(6) 0a 00 00 00 05 00 00 00 02 00 00 00 [ 235.317584][ T8413] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 235.445281][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 235.535849][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 235.952212][ T8438] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1446'. [ 235.971194][ T8439] loop2: detected capacity change from 0 to 512 [ 236.020445][ T8443] tmpfs: Unknown parameter 'mp' [ 236.027520][ T8443] sch_fq: defrate 1024 ignored. [ 236.042584][ T8439] EXT4-fs (loop2): Journaled quota options ignored when QUOTA feature is enabled [ 236.117528][ T8439] EXT4-fs (loop2): mounted filesystem without journal. Opts: usrjquota=./file1,nogrpid,quota,,errors=continue. Quota mode: writeback. [ 236.143020][ T8439] ext4 filesystem being mounted at /292/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 236.181877][ T8439] [ 236.184267][ T8439] ====================================================== [ 236.191295][ T8439] WARNING: possible circular locking dependency detected [ 236.198312][ T8439] syzkaller #0 Not tainted [ 236.202733][ T8439] ------------------------------------------------------ [ 236.209791][ T8439] syz.2.1447/8439 is trying to acquire lock: [ 236.215774][ T8439] ffff888062674b28 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_commit+0x5a/0x410 [ 236.224754][ T8439] [ 236.224754][ T8439] but task is already holding lock: [ 236.232118][ T8439] ffff88805ec6be48 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x8bf/0x1b30 [ 236.241609][ T8439] [ 236.241609][ T8439] which lock already depends on the new lock. [ 236.241609][ T8439] [ 236.252019][ T8439] [ 236.252019][ T8439] the existing dependency chain (in reverse order) is: [ 236.261115][ T8439] [ 236.261115][ T8439] -> #2 (&ei->i_data_sem/2){++++}-{3:3}: [ 236.269116][ T8439] down_read+0x44/0x2e0 [ 236.273800][ T8439] ext4_map_blocks+0x33c/0x1b30 [ 236.279174][ T8439] ext4_getblk+0x176/0x670 [ 236.284109][ T8439] ext4_bread+0x26/0x180 [ 236.288878][ T8439] ext4_quota_read+0x1b3/0x3a0 [ 236.294161][ T8439] find_tree_dqentry+0x188/0xb30 [ 236.299619][ T8439] find_tree_dqentry+0x3eb/0xb30 [ 236.305076][ T8439] find_tree_dqentry+0x3eb/0xb30 [ 236.310537][ T8439] find_tree_dqentry+0x3eb/0xb30 [ 236.315989][ T8439] qtree_read_dquot+0x13c/0x680 [ 236.321359][ T8439] v2_read_dquot+0xc0/0x110 [ 236.326384][ T8439] dquot_acquire+0x152/0x520 [ 236.331499][ T8439] ext4_acquire_dquot+0x2d9/0x4a0 [ 236.337141][ T8439] dqget+0x778/0xeb0 [ 236.341562][ T8439] __dquot_initialize+0x333/0xcd0 [ 236.347120][ T8439] ext4_process_orphan+0x54/0x300 [ 236.352756][ T8439] ext4_orphan_cleanup+0xad2/0x1320 [ 236.358473][ T8439] ext4_fill_super+0x8d6e/0x94f0 [ 236.363933][ T8439] mount_bdev+0x287/0x3c0 [ 236.368783][ T8439] legacy_get_tree+0xe6/0x180 [ 236.373984][ T8439] vfs_get_tree+0x88/0x270 [ 236.378921][ T8439] do_new_mount+0x24a/0xa40 [ 236.384132][ T8439] __se_sys_mount+0x2e3/0x3d0 [ 236.389327][ T8439] do_syscall_64+0x4c/0xa0 [ 236.394264][ T8439] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 236.400682][ T8439] [ 236.400682][ T8439] -> #1 (&s->s_dquot.dqio_sem){++++}-{3:3}: [ 236.408760][ T8439] down_read+0x44/0x2e0 [ 236.413439][ T8439] v2_read_dquot+0x4a/0x110 [ 236.418553][ T8439] dquot_acquire+0x152/0x520 [ 236.423667][ T8439] ext4_acquire_dquot+0x2d9/0x4a0 [ 236.429219][ T8439] dqget+0x778/0xeb0 [ 236.433729][ T8439] __dquot_initialize+0x333/0xcd0 [ 236.439278][ T8439] ext4_process_orphan+0x54/0x300 [ 236.444823][ T8439] ext4_orphan_cleanup+0xad2/0x1320 [ 236.450542][ T8439] ext4_fill_super+0x8d6e/0x94f0 [ 236.456121][ T8439] mount_bdev+0x287/0x3c0 [ 236.460984][ T8439] legacy_get_tree+0xe6/0x180 [ 236.466181][ T8439] vfs_get_tree+0x88/0x270 [ 236.471152][ T8439] do_new_mount+0x24a/0xa40 [ 236.476176][ T8439] __se_sys_mount+0x2e3/0x3d0 [ 236.481375][ T8439] do_syscall_64+0x4c/0xa0 [ 236.486311][ T8439] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 236.492724][ T8439] [ 236.492724][ T8439] -> #0 (&dquot->dq_lock){+.+.}-{3:3}: [ 236.500372][ T8439] __lock_acquire+0x2c42/0x7d10 [ 236.505745][ T8439] lock_acquire+0x19e/0x400 [ 236.510766][ T8439] __mutex_lock_common+0x1e3/0x2400 [ 236.516485][ T8439] mutex_lock_nested+0x17/0x20 [ 236.521777][ T8439] dquot_commit+0x5a/0x410 [ 236.526799][ T8439] ext4_write_dquot+0x1f0/0x360 [ 236.532174][ T8439] mark_all_dquot_dirty+0xf9/0x400 [ 236.537902][ T8439] __dquot_alloc_space+0x5d0/0xe20 [ 236.543536][ T8439] ext4_mb_new_blocks+0xfb1/0x4820 [ 236.549262][ T8439] ext4_ext_map_blocks+0x18ab/0x65e0 [ 236.555071][ T8439] ext4_map_blocks+0x98e/0x1b30 [ 236.560441][ T8439] _ext4_get_block+0x1e7/0x540 [ 236.565722][ T8439] ext4_block_write_begin+0x61b/0x1220 [ 236.571701][ T8439] ext4_write_begin+0x6c8/0x15d0 [ 236.577155][ T8439] ext4_da_write_begin+0x43b/0xb40 [ 236.582786][ T8439] generic_perform_write+0x2b6/0x550 [ 236.588587][ T8439] ext4_buffered_write_iter+0x25f/0x3b0 [ 236.594651][ T8439] ext4_file_write_iter+0x74d/0x1700 [ 236.600539][ T8439] vfs_write+0x745/0xd60 [ 236.605299][ T8439] ksys_write+0x152/0x260 [ 236.610145][ T8439] do_syscall_64+0x4c/0xa0 [ 236.615080][ T8439] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 236.621497][ T8439] [ 236.621497][ T8439] other info that might help us debug this: [ 236.621497][ T8439] [ 236.631719][ T8439] Chain exists of: [ 236.631719][ T8439] &dquot->dq_lock --> &s->s_dquot.dqio_sem --> &ei->i_data_sem/2 [ 236.631719][ T8439] [ 236.645365][ T8439] Possible unsafe locking scenario: [ 236.645365][ T8439] [ 236.652806][ T8439] CPU0 CPU1 [ 236.658221][ T8439] ---- ---- [ 236.663583][ T8439] lock(&ei->i_data_sem/2); [ 236.668179][ T8439] lock(&s->s_dquot.dqio_sem); [ 236.675544][ T8439] lock(&ei->i_data_sem/2); [ 236.682657][ T8439] lock(&dquot->dq_lock); [ 236.687091][ T8439] [ 236.687091][ T8439] *** DEADLOCK *** [ 236.687091][ T8439] [ 236.695230][ T8439] 5 locks held by syz.2.1447/8439: [ 236.700341][ T8439] #0: ffff88807648fc70 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2bf/0x370 [ 236.709571][ T8439] #1: ffff888077426460 (sb_writers#5){++++}-{0:0}, at: vfs_write+0x295/0xd60 [ 236.718538][ T8439] #2: ffff88805ec6bfc0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: ext4_buffered_write_iter+0xa6/0x3b0 [ 236.729854][ T8439] #3: ffff88805ec6be48 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x8bf/0x1b30 [ 236.739776][ T8439] #4: ffffffff8c4415f8 (dquot_srcu){....}-{0:0}, at: rcu_lock_acquire+0x5/0x30 [ 236.748835][ T8439] [ 236.748835][ T8439] stack backtrace: [ 236.754802][ T8439] CPU: 0 PID: 8439 Comm: syz.2.1447 Not tainted syzkaller #0 [ 236.762263][ T8439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 236.772334][ T8439] Call Trace: [ 236.775745][ T8439] [ 236.778870][ T8439] dump_stack_lvl+0x188/0x250 [ 236.783567][ T8439] ? load_image+0x400/0x400 [ 236.788081][ T8439] ? show_regs_print_info+0x20/0x20 [ 236.793289][ T8439] ? print_circular_bug+0x12b/0x1a0 [ 236.798489][ T8439] check_noncircular+0x296/0x330 [ 236.803429][ T8439] ? add_chain_block+0x940/0x940 [ 236.808373][ T8439] ? lockdep_lock+0xf1/0x1f0 [ 236.812965][ T8439] ? mark_lock+0x94/0x320 [ 236.817292][ T8439] __lock_acquire+0x2c42/0x7d10 [ 236.822174][ T8439] ? add_chain_block+0x940/0x940 [ 236.827160][ T8439] ? lockdep_lock+0xf1/0x1f0 [ 236.831761][ T8439] ? verify_lock_unused+0x140/0x140 [ 236.836960][ T8439] ? lockdep_unlock+0x143/0x2e0 [ 236.841815][ T8439] ? mark_lock+0x94/0x320 [ 236.846152][ T8439] ? __lock_acquire+0x13bc/0x7d10 [ 236.851270][ T8439] lock_acquire+0x19e/0x400 [ 236.855776][ T8439] ? dquot_commit+0x5a/0x410 [ 236.860371][ T8439] ? __might_sleep+0xf0/0xf0 [ 236.864995][ T8439] ? read_lock_is_recursive+0x10/0x10 [ 236.870376][ T8439] ? dquot_commit+0x5a/0x410 [ 236.874999][ T8439] __mutex_lock_common+0x1e3/0x2400 [ 236.880205][ T8439] ? dquot_commit+0x5a/0x410 [ 236.884808][ T8439] ? __might_sleep+0xf0/0xf0 [ 236.889404][ T8439] ? mutex_lock_io_nested+0x60/0x60 [ 236.894611][ T8439] mutex_lock_nested+0x17/0x20 [ 236.899376][ T8439] dquot_commit+0x5a/0x410 [ 236.903881][ T8439] ? __ext4_journal_start_sb+0x1bd/0x360 [ 236.909968][ T8439] ext4_write_dquot+0x1f0/0x360 [ 236.914823][ T8439] mark_all_dquot_dirty+0xf9/0x400 [ 236.919941][ T8439] __dquot_alloc_space+0x5d0/0xe20 [ 236.925072][ T8439] ext4_mb_new_blocks+0xfb1/0x4820 [ 236.930214][ T8439] ? memset+0x1e/0x40 [ 236.934200][ T8439] ? ext4_mb_pa_callback+0xd0/0xd0 [ 236.939327][ T8439] ? ext4_ext_check_overlap+0x15f/0x560 [ 236.944906][ T8439] ? ext4_inode_to_goal_block+0x313/0x450 [ 236.950722][ T8439] ext4_ext_map_blocks+0x18ab/0x65e0 [ 236.956048][ T8439] ? ext4_ext_release+0x10/0x10 [ 236.960905][ T8439] ? rwsem_write_trylock+0x135/0x1c0 [ 236.966197][ T8439] ext4_map_blocks+0x98e/0x1b30 [ 236.971058][ T8439] ? ext4_issue_zeroout+0x250/0x250 [ 236.976257][ T8439] _ext4_get_block+0x1e7/0x540 [ 236.981021][ T8439] ? ext4_get_block+0x40/0x40 [ 236.985702][ T8439] ext4_block_write_begin+0x61b/0x1220 [ 236.991256][ T8439] ? ext4_es_is_delayed+0x40/0x40 [ 236.996285][ T8439] ? ext4_print_free_blocks+0x390/0x390 [ 237.001838][ T8439] ? __ext4_journal_start_sb+0x1bd/0x360 [ 237.007670][ T8439] ext4_write_begin+0x6c8/0x15d0 [ 237.012616][ T8439] ? ext4_readahead+0x110/0x110 [ 237.017467][ T8439] ? seqcount_lockdep_reader_access+0x127/0x1d0 [ 237.023711][ T8439] ? lockdep_hardirqs_on+0x94/0x140 [ 237.028928][ T8439] ext4_da_write_begin+0x43b/0xb40 [ 237.034159][ T8439] ? ext4_initxattrs+0x110/0x110 [ 237.039121][ T8439] ? ktime_get_coarse_real_ts64+0x10c/0x120 [ 237.045125][ T8439] ? ext4_set_page_dirty+0x320/0x320 [ 237.050511][ T8439] generic_perform_write+0x2b6/0x550 [ 237.055818][ T8439] ? dentry_needs_remove_privs+0xf0/0xf0 [ 237.061479][ T8439] ? grab_cache_page_write_begin+0xa0/0xa0 [ 237.067288][ T8439] ? ext4_write_checks+0x24b/0x2c0 [ 237.072425][ T8439] ext4_buffered_write_iter+0x25f/0x3b0 [ 237.078085][ T8439] ext4_file_write_iter+0x74d/0x1700 [ 237.083467][ T8439] ? rcu_read_lock_any_held+0xb0/0x130 [ 237.088925][ T8439] ? ext4_file_read_iter+0x700/0x700 [ 237.094224][ T8439] ? end_current_label_crit_section+0x14b/0x170 [ 237.100559][ T8439] ? memset+0x1e/0x40 [ 237.104543][ T8439] ? iov_iter_init+0xb4/0x170 [ 237.109220][ T8439] vfs_write+0x745/0xd60 [ 237.113478][ T8439] ? file_end_write+0x250/0x250 [ 237.118326][ T8439] ? __fget_files+0x40f/0x480 [ 237.123015][ T8439] ? mutex_lock_nested+0x17/0x20 [ 237.127968][ T8439] ? __fdget_pos+0x2bf/0x370 [ 237.132554][ T8439] ? ksys_write+0x71/0x260 [ 237.137057][ T8439] ksys_write+0x152/0x260 [ 237.141390][ T8439] ? __ia32_sys_read+0x80/0x80 [ 237.146255][ T8439] ? lockdep_hardirqs_on+0x94/0x140 [ 237.151477][ T8439] do_syscall_64+0x4c/0xa0 [ 237.155919][ T8439] ? clear_bhb_loop+0x30/0x80 [ 237.160604][ T8439] ? clear_bhb_loop+0x30/0x80 [ 237.165319][ T8439] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 237.171233][ T8439] RIP: 0033:0x7fde2c3f5dd9 [ 237.175676][ T8439] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 237.195288][ T8439] RSP: 002b:00007fde2a64f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 237.203709][ T8439] RAX: ffffffffffffffda RBX: 00007fde2c66efa0 RCX: 00007fde2c3f5dd9 [ 237.211681][ T8439] RDX: 000000000000000b RSI: 0000200000000080 RDI: 0000000000000004 [ 237.219659][ T8439] RBP: 00007fde2c48bd69 R08: 0000000000000000 R09: 0000000000000000 [ 237.227714][ T8439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 237.235682][ T8439] R13: 00007fde2c66f038 R14: 00007fde2c66efa0 R15: 00007ffffe34ee38 [ 237.243670][ T8439] [ 237.247391][ C0] net_ratelimit: 1 callbacks suppressed [ 237.247406][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 237.262107][ T4186] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 237.270374][ T4186] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 237.314995][ T4490] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 237.584953][ T4490] usb 2-1: Using ep0 maxpacket: 32 [ 237.725533][ T4490] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 237.736496][ T4490] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 237.746305][ T4490] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 237.755357][ T4490] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 237.764671][ T4490] usb 2-1: config 0 descriptor?? [ 237.816484][ T4490] hub 2-1:0.0: USB hub found [ 238.025030][ T4490] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 238.335720][ T4352] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 238.456440][ T4490] hid-generic 0003:046D:C31C.000D: item fetching failed at offset 0/1 [ 238.465922][ T4490] hid-generic: probe of 0003:046D:C31C.000D failed with error -22 [ 238.565179][ T4304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 238.775635][ T13] usb 2-1: USB disconnect, device number 10 [ 239.365561][ T4352] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 239.374174][ T154] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 239.382839][ T4352] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 239.391391][ T4352] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.335155][ T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 242.485535][ T4490] net_ratelimit: 2 callbacks suppressed [ 242.485562][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 243.377059][ T4304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 243.525359][ T4186] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 244.565575][ T4186] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 245.608947][ T4490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog