last executing test programs:

2.542794232s ago: executing program 3 (id=8541):
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
syz_usb_connect(0x2, 0x239, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e388d640697a01006ba8010203010902270201020010000904"], 0x0)

1.160692138s ago: executing program 2 (id=8555):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001840)=@newsa={0xf0, 0x10, 0x1, 0x70bd27, 0x0, {{@in6=@private1, @in=@private, 0x800, 0x0, 0x2, 0x0, 0x0, 0x0, 0xa0}, {@in6=@remote, 0x0, 0x32}, @in6=@loopback, {0x3, 0x6}, {0x200000}, {0x401}, 0x70bd28, 0x0, 0xa, 0x0, 0x0, 0xcd}}, 0xf0}}, 0x4000000)

986.671132ms ago: executing program 2 (id=8557):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000ffff00000000020000000900020073797a31000000000500010006000000280007"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0xc4)

981.449462ms ago: executing program 1 (id=8558):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
recvmmsg(r0, &(0x7f0000001f40)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x40000001, 0x0)

893.487444ms ago: executing program 3 (id=8559):
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x6, 0x4, 0x1000, 0x345b}, 0x50)

862.308844ms ago: executing program 0 (id=8560):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000003100)={0x0, 0x8, 0x2}, &(0x7f0000003140)=0x8)

795.421325ms ago: executing program 1 (id=8561):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000000c0)={0x47, 0x1, 0x2, "1c13ebdaf2f20d558000", 0x47314356})

763.229146ms ago: executing program 2 (id=8562):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/route\x00')
pread64(r0, &(0x7f0000000000)=""/65, 0x41, 0x7bdb)

724.039187ms ago: executing program 0 (id=8563):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x9c, 0xc, 0xa, 0x201, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x70, 0x3, 0x0, 0x1, [{0x6c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x60, 0xb, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc}]}}}, {0x2c, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x3}]}}}, {0x10, 0x1, 0x0, 0x1, @dup={{0x8}, @val={0x4}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x120}}, 0x0)

690.079377ms ago: executing program 3 (id=8564):
socket$inet6(0xa, 0x200000000003, 0x87)
syz_emit_ethernet(0x56, &(0x7f0000000080)={@local, @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00', 0x20, 0x2b, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @local, {[@hopopts={0x87}, @routing={0x3b, 0x0, 0x2, 0x0, 0x700}], {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x0)

571.64762ms ago: executing program 1 (id=8565):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
connect$802154_dgram(r0, &(0x7f0000000000)={0x10, @short}, 0x2)

560.4876ms ago: executing program 0 (id=8566):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f0000000140)=@newtaction={0x6c, 0x30, 0x1, 0x4000, 0x25dfdbfd, {}, [{0x58, 0x1, [@m_mpls={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x4}}, @TCA_MPLS_PROTO={0x6, 0x4, 0x1}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)

541.62945ms ago: executing program 2 (id=8567):
ioperm(0x1ff, 0x8, 0x5)
futex(0xfffffffffffffffc, 0x3, 0xfffffffe, 0x0, 0x0, 0x2)

469.654742ms ago: executing program 3 (id=8568):
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000000)={0xf0f03c, 0x4})

393.966813ms ago: executing program 0 (id=8569):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0x5, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x2e}, @call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x28, 0xe80, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

338.915184ms ago: executing program 1 (id=8570):
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x5, &(0x7f0000000000)=0x9, 0x8, 0x0)
mremap(&(0x7f00003dc000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000042c000/0x3000)=nil)

264.571856ms ago: executing program 2 (id=8571):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r0, 0x560a, 0x0)

255.085416ms ago: executing program 3 (id=8572):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000001800010000000000000000000200000000000006000000000c00090008000000", @ANYRES32, @ANYBLOB="08000400", @ANYRES32, @ANYBLOB="080005"], 0x38}}, 0x0)

243.342366ms ago: executing program 0 (id=8573):
r0 = socket(0x10, 0x2, 0x0)
write(r0, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)

158.160808ms ago: executing program 1 (id=8574):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000440)={0x1, 0x1, 0x9, 0x8, 0x1f6, 0x0})

120.564898ms ago: executing program 2 (id=8575):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000300)={0x54, 0x2, 0x6, 0x3, 0x0, 0x0, {0x3, 0x0, 0x8}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_SIZE={0x8, 0x17, 0x1, 0x0, 0x1}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}]}, 0x54}}, 0x0)

53.58217ms ago: executing program 3 (id=8576):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000009c0)=@allocspi={0x1e0, 0x16, 0x1, 0x0, 0x0, {{{@in, @in6=@private2, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@local, 0x0, 0x33}, @in=@broadcast, {0x5, 0x1}, {0x0, 0x4}, {0x0, 0x1}, 0x0, 0x0, 0xa}, 0x5, 0x5}, [@lastused={0xc, 0xf, 0x10000}, @user_kmaddress={0x2c, 0x13, {@in6=@remote, @in=@remote}}, @algo_comp={0x9b, 0x3, {{'deflate\x00'}, 0x298, "3c0341649a63368b2c7d951d4c9d4d838e14fb146a6579800c75fc8a1d1c5cb1c378c355d3ebf3b458d2c6026c019f9df8d998af143622d3a62828128cb0627ed9b7d096eb49c972d31a7b8551094f4ad35c27"}}, @srcaddr={0x14, 0xd, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x1}, 0x4000080)

49.53063ms ago: executing program 0 (id=8577):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f00000002c0)={'sit0\x00', &(0x7f0000000140)=@ethtool_cmd={0x2e, 0x0, 0x3, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, [0x0, 0x8]}})

0s ago: executing program 1 (id=8578):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)

kernel console output (not intermixed with test programs):

to enabling async discard
[ 1030.000217][T22596] loop1: detected capacity change from 0 to 32768
[ 1030.041042][T22596] BTRFS: device fsid 5ac8a51e-da3a-4998-8e66-e1df06b87bc8 devid 1 transid 8 /dev/loop1 scanned by syz.1.7204 (22596)
[ 1030.105961][T22618] loop3: detected capacity change from 0 to 2
[ 1030.127288][T22596] BTRFS info (device loop1): first mount of filesystem 5ac8a51e-da3a-4998-8e66-e1df06b87bc8
[ 1030.139435][T22618] MTD: Attempt to mount non-MTD device "/dev/loop3"
[ 1030.163770][T22596] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[ 1030.173761][T22619] loop2: detected capacity change from 0 to 1024
[ 1030.202678][T22596] BTRFS info (device loop1): using free space tree
[ 1030.294798][ T5856] BTRFS info (device loop0): last unmount of filesystem 18898830-c59e-4026-919d-fe1055706c2c
[ 1030.412492][T22634] loop3: detected capacity change from 0 to 64
[ 1030.514221][T22596] BTRFS info (device loop1): enabling ssd optimizations
[ 1030.539750][T22596] BTRFS info (device loop1): auto enabling async discard
[ 1030.648233][T22640] loop2: detected capacity change from 0 to 64
[ 1030.804353][T22643] loop3: detected capacity change from 0 to 64
[ 1030.830761][ T5851] BTRFS info (device loop1): last unmount of filesystem 5ac8a51e-da3a-4998-8e66-e1df06b87bc8
[ 1034.103237][T22652] loop0: detected capacity change from 0 to 1024
[ 1034.412786][T22654] loop0: detected capacity change from 0 to 128
[ 1034.879376][T22660] loop3: detected capacity change from 0 to 512
[ 1035.244103][T22662] loop1: detected capacity change from 0 to 2048
[ 1035.460612][T22666] loop3: detected capacity change from 0 to 128
[ 1036.901033][T22668] loop1: detected capacity change from 0 to 32768
[ 1036.955309][T22668] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1036.981577][T22668] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1037.075469][T22668] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 1ms
[ 1037.125623][    T9] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1037.163188][    T9] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1037.367066][    T9] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 218ms
[ 1037.392093][    T9] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1037.407061][T22668] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1037.833722][T22675] loop2: detected capacity change from 0 to 256
[ 1038.093852][T22677] loop2: detected capacity change from 0 to 512
[ 1039.306899][T22683] loop1: detected capacity change from 0 to 256
[ 1039.674767][T22685] loop1: detected capacity change from 0 to 2048
[ 1039.765968][T22687] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1039.841225][T22688] loop3: detected capacity change from 0 to 2048
[ 1040.352900][T22692] loop3: detected capacity change from 0 to 4096
[ 1040.384386][T22692] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[ 1040.873406][T22694] loop3: detected capacity change from 0 to 4096
[ 1041.335647][T22690] loop1: detected capacity change from 0 to 32768
[ 1041.405590][T22690] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1041.441418][T22690] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1041.454463][T22696] loop3: detected capacity change from 0 to 4096
[ 1041.471100][T22696] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[ 1041.609631][T22690] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[ 1041.639807][    T9] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1041.655714][    T9] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1041.885412][    T9] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 246ms
[ 1041.914111][    T9] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1041.930621][T22690] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1042.121369][T22700] loop3: detected capacity change from 0 to 4096
[ 1042.140345][T22700] ntfs: (device loop3): parse_ntfs_boot_sector(): Sector size (256) is smaller than the device block size (512).  This is not supported.  Sorry.
[ 1042.191674][T22700] ntfs: (device loop3): ntfs_fill_super(): Unsupported NTFS filesystem.
[ 1042.330144][T22704] loop0: detected capacity change from 0 to 4096
[ 1042.481136][T22708] loop3: detected capacity change from 0 to 512
[ 1042.579480][T22706] loop2: detected capacity change from 0 to 4096
[ 1042.723985][T22706] ntfs: volume version 3.1.
[ 1042.962413][T22711] loop0: detected capacity change from 0 to 4096
[ 1043.120381][T22711] ntfs: volume version 3.1.
[ 1043.165112][T22716] loop2: detected capacity change from 0 to 4096
[ 1043.237266][T22717] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1043.612197][T22719] loop0: detected capacity change from 0 to 2048
[ 1043.683850][T22723] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1043.941792][T22714] loop3: detected capacity change from 0 to 32768
[ 1044.113778][T22726] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1044.437668][T22721] loop2: detected capacity change from 0 to 32768
[ 1044.454559][T22721] (syz.2.7243,22721,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[ 1044.492247][T22721] (syz.2.7243,22721,1):ocfs2_fill_super:1178 ERROR: status = -22
[ 1044.781427][T22725] loop0: detected capacity change from 0 to 32768
[ 1044.799840][T22725] (syz.0.7244,22725,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[ 1044.844718][T22725] (syz.0.7244,22725,0):ocfs2_fill_super:1178 ERROR: status = -22
[ 1045.699066][T22730] loop3: detected capacity change from 0 to 32768
[ 1045.711665][T22735] loop1: detected capacity change from 0 to 4096
[ 1045.724693][T22730] (syz.3.7245,22730,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[ 1045.751467][T22730] (syz.3.7245,22730,0):ocfs2_fill_super:1178 ERROR: status = -22
[ 1045.846142][T22736] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1046.303243][T22733] loop0: detected capacity change from 0 to 32768
[ 1046.323388][T22733] (syz.0.7247,22733,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[ 1046.364285][T22733] (syz.0.7247,22733,1):ocfs2_fill_super:1178 ERROR: status = -22
[ 1046.780474][T22728] loop2: detected capacity change from 0 to 65536
[ 1046.805765][T22728] (syz.2.7246,22728,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[ 1046.844245][T22728] (syz.2.7246,22728,0):ocfs2_fill_super:1178 ERROR: status = -22
[ 1047.562171][T22743] loop0: detected capacity change from 0 to 32768
[ 1047.590689][T22743] (syz.0.7251,22743,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[ 1047.638519][T22743] (syz.0.7251,22743,0):ocfs2_fill_super:1178 ERROR: status = -22
[ 1048.135471][T22746] loop2: detected capacity change from 0 to 32768
[ 1048.176763][T22746] (syz.2.7252,22746,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[ 1048.225455][T22746] (syz.2.7252,22746,1):ocfs2_fill_super:1178 ERROR: status = -22
[ 1048.652093][T22750] loop2: detected capacity change from 0 to 8192
[ 1048.687346][T22750] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 1048.720669][T22750] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[ 1048.730315][T22750] REISERFS (device loop2): using ordered data mode
[ 1048.739250][T22750] reiserfs: using flush barriers
[ 1048.754613][T22750] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 1048.793663][T22750] REISERFS (device loop2): checking transaction log (loop2)
[ 1048.955049][T22750] REISERFS (device loop2): Using rupasov hash to sort names
[ 1048.975171][T22750] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[ 1049.471681][T22755] loop2: detected capacity change from 0 to 4096
[ 1049.489841][T22755] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512).
[ 1049.909112][T22748] loop0: detected capacity change from 0 to 65536
[ 1050.101926][T22760] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1053.620150][T22768] syz.2.7262: attempt to access beyond end of device
[ 1053.620150][T22768] loop2: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1053.663832][T22768] SQUASHFS error: Failed to read block 0x0: -5
[ 1053.670099][T22768] unable to read squashfs_super_block
[ 1053.911802][T22770] loop2: detected capacity change from 0 to 8
[ 1054.299477][T22773] loop2: detected capacity change from 0 to 1
[ 1054.307784][T22774] loop0: detected capacity change from 0 to 8
[ 1054.322597][T22773] syz.2.7264: attempt to access beyond end of device
[ 1054.322597][T22773] loop2: rw=2048, sector=0, nr_sectors = 8 limit=1
[ 1054.384220][T22773] SQUASHFS error: Failed to read block 0x0: -5
[ 1054.408883][T22773] unable to read squashfs_super_block
[ 1054.800977][T22776] loop0: detected capacity change from 0 to 8192
[ 1054.832324][T22776] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[ 1055.328530][T22780] loop0: detected capacity change from 0 to 128
[ 1055.354598][T22780] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1055.381722][T22780] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1055.598261][T22782] loop0: detected capacity change from 0 to 256
[ 1055.643166][T22782] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1055.675796][T22782] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[ 1055.713761][T22782] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[ 1055.742170][T22782] UDF-fs: Scanning with blocksize 512 failed
[ 1055.762099][T22782] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1055.802704][T22782] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1056.063361][T22784] loop0: detected capacity change from 0 to 256
[ 1056.066869][T22778] loop2: detected capacity change from 0 to 32768
[ 1056.081657][T22784] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1056.112584][T22778] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz"
[ 1056.139131][T22784] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[ 1056.154889][T22778] dlm: no local IP address has been set
[ 1056.160502][T22778] dlm: cannot start dlm midcomms -107
[ 1056.180055][T22784] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[ 1056.187927][T22784] UDF-fs: Scanning with blocksize 512 failed
[ 1056.194792][T22778] gfs2: fsid=syz:syz: dlm_new_lockspace error -107
[ 1056.212905][T22784] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1056.260592][T22784] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1056.513117][T22787] loop2: detected capacity change from 0 to 512
[ 1056.550937][T22789] loop0: detected capacity change from 0 to 512
[ 1056.564330][T22787] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[ 1056.590183][T22787] UDF-fs: Scanning with blocksize 512 failed
[ 1056.621897][T22789] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[ 1056.627637][T22787] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[ 1056.641449][T22789] UDF-fs: Scanning with blocksize 512 failed
[ 1056.672092][T22789] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[ 1056.681187][T22787] UDF-fs: Scanning with blocksize 1024 failed
[ 1056.707043][T22787] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[ 1056.720706][T22789] UDF-fs: Scanning with blocksize 1024 failed
[ 1056.725883][T22787] UDF-fs: Scanning with blocksize 2048 failed
[ 1056.742878][T22789] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[ 1056.766937][T22789] UDF-fs: Scanning with blocksize 2048 failed
[ 1056.793578][T22787] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[ 1056.794370][T22789] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1056.834453][T22787] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1056.908915][T22789] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1056.941624][T22791] loop3: detected capacity change from 0 to 512
[ 1056.984380][T22791] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[ 1057.001082][T22791] UDF-fs: Scanning with blocksize 512 failed
[ 1057.021662][T22791] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[ 1057.046044][T22791] UDF-fs: Scanning with blocksize 1024 failed
[ 1057.072620][T22791] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[ 1057.105906][T22793] loop1: detected capacity change from 0 to 128
[ 1057.112733][T22791] UDF-fs: Scanning with blocksize 2048 failed
[ 1057.126746][T22791] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[ 1057.175004][T22793] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[ 1057.200964][T22793] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1057.229624][T22791] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1057.320525][T22797] loop0: detected capacity change from 0 to 128
[ 1057.373170][T22797] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1057.467487][T22797] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1057.500631][T22799] loop1: detected capacity change from 0 to 128
[ 1057.788855][T22803] loop0: detected capacity change from 0 to 256
[ 1058.286540][T22807] loop0: detected capacity change from 0 to 8192
[ 1058.525191][T22801] loop3: detected capacity change from 0 to 32768
[ 1058.575982][T22801] (syz.3.7278,22801,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[ 1058.609477][T22801] (syz.3.7278,22801,1):ocfs2_fill_super:1178 ERROR: status = -22
[ 1058.787312][T22809] loop0: detected capacity change from 0 to 8192
[ 1059.559495][T22805] loop1: detected capacity change from 0 to 65536
[ 1059.607220][T22815] loop0: detected capacity change from 0 to 8192
[ 1059.635335][T22815] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[ 1059.669242][T22815] UDF-fs: Scanning with blocksize 512 failed
[ 1059.706520][T22815] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[ 1059.721683][T22815] UDF-fs: Scanning with blocksize 1024 failed
[ 1059.748730][T22815] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[ 1059.769538][T22816] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1059.782720][T22815] UDF-fs: Scanning with blocksize 2048 failed
[ 1059.825695][T22815] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1060.205002][T22820] loop0: detected capacity change from 0 to 2048
[ 1060.424198][T22823] loop2: detected capacity change from 0 to 128
[ 1060.623853][T22826] loop0: detected capacity change from 0 to 128
[ 1060.756367][T22828] loop2: detected capacity change from 0 to 128
[ 1061.078090][T22830] loop0: detected capacity change from 0 to 2048
[ 1061.108524][T22824] loop1: detected capacity change from 0 to 16384
[ 1061.159271][T22824] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[ 1061.175154][T22824] UDF-fs: Scanning with blocksize 512 failed
[ 1061.243124][T22824] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[ 1061.265709][T22824] UDF-fs: Scanning with blocksize 1024 failed
[ 1061.285649][T22824] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[ 1061.312454][T22824] UDF-fs: Scanning with blocksize 2048 failed
[ 1061.338233][T22824] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1062.065412][T22832] loop2: detected capacity change from 0 to 32768
[ 1063.036403][T22838] loop3: detected capacity change from 0 to 32768
[ 1063.112270][T22838] XFS (loop3): Mounting V5 Filesystem 41ca08f1-94d2-48aa-bd9e-c0e7c187d3a2
[ 1063.384872][T22840] loop2: detected capacity change from 0 to 32768
[ 1063.492411][T22840] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1063.494030][T22838] XFS (loop3): Ending clean mount
[ 1063.668016][T22840] XFS (loop2): Ending clean mount
[ 1063.802295][ T5848] XFS (loop3): Unmounting Filesystem 41ca08f1-94d2-48aa-bd9e-c0e7c187d3a2
[ 1063.893764][ T5855] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1064.580599][T22860] loop3: detected capacity change from 0 to 2048
[ 1064.687629][T22860]  loop3: p2 p3 p7
[ 1065.110549][T15184] udevd[15184]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[ 1065.125379][ T6082] udevd[6082]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[ 1065.149721][ T8859] udevd[8859]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory
[ 1065.272478][T22858] loop2: detected capacity change from 0 to 32768
[ 1065.337705][T22858] XFS (loop2): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[ 1065.569532][T22858] XFS (loop2): Ending clean mount
[ 1065.707727][ T5855] XFS (loop2): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[ 1066.172473][T22862] loop3: detected capacity change from 0 to 32768
[ 1066.312676][T22862] XFS (loop3): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[ 1066.421479][T22864] loop0: detected capacity change from 0 to 65536
[ 1066.483661][T22862] XFS (loop3): Ending clean mount
[ 1066.539139][T22864] XFS (loop0): Mounting V5 Filesystem e4654a66-62e5-4963-a81e-012d9d4871af
[ 1066.688379][ T5848] XFS (loop3): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[ 1066.720307][T22864] XFS (loop0): Ending clean mount
[ 1066.891241][ T5856] XFS (loop0): Unmounting Filesystem e4654a66-62e5-4963-a81e-012d9d4871af
[ 1067.146098][T22876] loop1: detected capacity change from 0 to 32768
[ 1067.193921][T22876] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[ 1067.316353][T22876] XFS (loop1): Ending clean mount
[ 1067.471893][ T5851] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[ 1068.052330][T22906] loop1: detected capacity change from 0 to 512
[ 1068.092646][T22906] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[ 1068.112376][T22906] UDF-fs: Scanning with blocksize 512 failed
[ 1068.131443][T22906] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[ 1068.153552][T22906] UDF-fs: Scanning with blocksize 1024 failed
[ 1068.185913][T22906] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[ 1068.211143][T22906] UDF-fs: Scanning with blocksize 2048 failed
[ 1068.268878][T22906] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[ 1068.307348][T22906] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1069.171124][T22902] loop3: detected capacity change from 0 to 65536
[ 1069.234848][T22902] XFS (loop3): Deprecated V4 format (crc=0) not supported by kernel.
[ 1074.157080][T12463] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[ 1074.357382][T12463] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1074.381163][T12463] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1074.405487][T12463] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1074.415495][T12463] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1074.436969][T12463] usb 4-1: SerialNumber: syz
[ 1074.460065][T12463] usb 4-1: 0:2 : does not exist
[ 1074.856933][T12463] usb 4-1: USB disconnect, device number 5
[ 1075.925362][T22951] netlink: 'syz.3.7326': attribute type 10 has an invalid length.
[ 1075.935709][T22951] netlink: 156 bytes leftover after parsing attributes in process `syz.3.7326'.
[ 1076.150783][T22957] UBIFS error (pid: 22957): cannot open "./file0", error -22
[ 1076.191755][T22959] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7330'.
[ 1076.233809][T22959] netlink: 32 bytes leftover after parsing attributes in process `syz.3.7330'.
[ 1076.244960][T22959] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7330'.
[ 1076.264105][T22959] netlink: 2 bytes leftover after parsing attributes in process `syz.3.7330'.
[ 1076.286116][ T5910] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[ 1076.301385][T22959] netlink: 32 bytes leftover after parsing attributes in process `syz.3.7330'.
[ 1076.472946][ T5910] usb 1-1: Using ep0 maxpacket: 8
[ 1076.490388][ T5910] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1076.507363][ T5910] usb 1-1: config 8 interface 0 altsetting 7 bulk endpoint 0x83 has invalid maxpacket 255
[ 1076.525234][ T5910] usb 1-1: config 8 interface 0 has no altsetting 0
[ 1076.555282][ T5910] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5
[ 1076.575251][ T5910] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1076.608283][ T5910] usb 1-1: Product: syz
[ 1076.612550][ T5910] usb 1-1: Manufacturer: syz
[ 1076.636265][ T5910] usb 1-1: SerialNumber: syz
[ 1076.663260][T22955] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1076.891288][    C1] sd 0:0:1:0: [sda] tag#8106 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[ 1076.901825][    C1] sd 0:0:1:0: [sda] tag#8106 CDB: Read(6) 08 00 9f d1 fe de
[ 1076.948274][ T5910] usb 1-1: Quirk or no altest; falling back to MIDI 1.0
[ 1076.993043][ T5910] usb 1-1: selecting invalid altsetting 0
[ 1077.061862][ T5910] usb 1-1: USB disconnect, device number 5
[ 1077.261473][   T28] audit: type=1326 audit(1759217773.188:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22988 comm="syz.2.7345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7822f8eec9 code=0x7ffc0000
[ 1077.323538][   T28] audit: type=1326 audit(1759217773.188:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22988 comm="syz.2.7345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7822f8eec9 code=0x7ffc0000
[ 1077.411868][   T28] audit: type=1326 audit(1759217773.220:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22988 comm="syz.2.7345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f7822f8eec9 code=0x7ffc0000
[ 1077.473142][   T28] audit: type=1326 audit(1759217773.220:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22988 comm="syz.2.7345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7822f8eec9 code=0x7ffc0000
[ 1077.495524][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1077.824852][T23004] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7353'.
[ 1078.293684][T23026] ip6t_srh: unknown srh match flags  4001
[ 1078.631996][T23038] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7368'.
[ 1078.728766][T23042] netlink: 'syz.0.7370': attribute type 21 has an invalid length.
[ 1078.749127][T23042] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7370'.
[ 1078.902963][T23048] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1079.284153][T23064] loop1: detected capacity change from 0 to 8
[ 1079.574578][T23073] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 1079.662688][T23076] loop3: detected capacity change from 0 to 2048
[ 1079.713081][T23076] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1079.764534][T23076] ext4 filesystem being mounted at /1869/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1079.816500][T23083] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7390'.
[ 1080.029315][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1080.641050][T23107] loop1: detected capacity change from 0 to 512
[ 1080.712511][T23107] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1080.743009][T23107] ext4 filesystem being mounted at /1776/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1080.755548][ T5937] usb 3-1: new full-speed USB device number 25 using dummy_hcd
[ 1080.833776][T23107] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[ 1080.895382][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1081.000486][ T5937] usb 3-1: config 0 has an invalid interface number: 110 but max is 0
[ 1081.018991][ T5937] usb 3-1: config 0 has no interface number 0
[ 1081.051213][ T5937] usb 3-1: config 0 interface 110 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1081.076524][ T5937] usb 3-1: config 0 interface 110 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1081.109085][ T5937] usb 3-1: config 0 interface 110 has no altsetting 0
[ 1081.147416][ T5937] usb 3-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=af.55
[ 1081.173152][ T5937] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1081.182465][ T5937] usb 3-1: Product: syz
[ 1081.187271][ T5937] usb 3-1: Manufacturer: syz
[ 1081.197086][ T5937] usb 3-1: SerialNumber: syz
[ 1081.206805][ T5937] usb 3-1: config 0 descriptor??
[ 1081.452919][ T5937] cdc_subset: probe of 3-1:0.110 failed with error -22
[ 1081.453760][T23105] loop0: detected capacity change from 0 to 32768
[ 1081.536710][T23105] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1081.671082][T12463] usb 3-1: USB disconnect, device number 25
[ 1081.788124][T23105] XFS (loop0): Ending clean mount
[ 1082.023962][ T5856] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1082.028555][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[ 1082.039095][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[ 1082.228978][T23137] loop1: detected capacity change from 0 to 32768
[ 1082.244956][T23137] 
[ 1082.244956][T23137]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1082.244956][T23137] 
[ 1082.324726][T23143] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7415'.
[ 1082.341743][T23137] ERROR: (device loop1): dbAlloc: the hint is outside the map
[ 1082.341743][T23137] 
[ 1082.377640][T23143] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7415'.
[ 1082.491956][T18600] read_mapping_page failed!
[ 1082.497149][T18600] ERROR: (device loop1): txCommit: 
[ 1082.497149][T18600] 
[ 1082.525071][T18600] jfs_write_inode: jfs_commit_inode failed!
[ 1082.567514][ T5851] 
[ 1082.567514][ T5851]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1082.567514][ T5851] 
[ 1082.619437][ T5851] 
[ 1082.619437][ T5851]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1082.619437][ T5851] 
[ 1082.684870][T23151] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7413'.
[ 1082.718185][T23151] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7413'.
[ 1082.750137][T23151] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7413'.
[ 1082.796578][T23151] netlink: 2 bytes leftover after parsing attributes in process `syz.0.7413'.
[ 1082.820052][T23151] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7413'.
[ 1083.087987][T23163] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 1083.297520][T23169] netlink: 'syz.3.7428': attribute type 21 has an invalid length.
[ 1083.315887][T23169] netlink: 'syz.3.7428': attribute type 1 has an invalid length.
[ 1083.343112][T23171] xt_l2tp: invalid flags combination: c
[ 1083.503710][T23177] loop3: detected capacity change from 0 to 764
[ 1083.526540][T23179] netlink: 'syz.2.7432': attribute type 1 has an invalid length.
[ 1083.541286][T23177] rock: directory entry would overflow storage
[ 1083.546526][T23179] netlink: 'syz.2.7432': attribute type 1 has an invalid length.
[ 1083.548649][T23177] rock: sig=0x4654, size=5, remaining=4
[ 1083.586009][T23177] isofs: Unable to find the ".." directory for NFS.
[ 1083.683958][ T5937] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1083.741711][T23184] loop2: detected capacity change from 0 to 8
[ 1083.818233][T23184] SQUASHFS error: Failed to read block 0x1ec: -5
[ 1083.845300][T23184] SQUASHFS error: Unable to read metadata cache entry [1ea]
[ 1083.880028][ T5937] usb 2-1: Using ep0 maxpacket: 8
[ 1083.911597][ T5937] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1083.936379][ T5937] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1083.952040][ T5937] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1083.960224][T23190] xt_hashlimit: max too large, truncated to 1048576
[ 1083.967826][T23191] netlink: 'syz.3.7437': attribute type 2 has an invalid length.
[ 1083.971233][ T5937] usb 2-1: Product: syz
[ 1083.985317][ T5937] usb 2-1: Manufacturer: syz
[ 1084.003950][ T5937] usb 2-1: SerialNumber: syz
[ 1084.278809][ T5937] usb 2-1: Invalid connection information received from device
[ 1084.306343][T23200] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7442'.
[ 1084.463368][T23206] syz.3.7445: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[ 1084.525316][T12463] usb 2-1: USB disconnect, device number 20
[ 1084.547901][T23206] CPU: 1 PID: 23206 Comm: syz.3.7445 Not tainted syzkaller #0
[ 1084.555441][T23206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1084.565592][T23206] Call Trace:
[ 1084.568925][T23206]  <TASK>
[ 1084.571912][T23206]  dump_stack_lvl+0x16c/0x230
[ 1084.576655][T23206]  ? show_regs_print_info+0x20/0x20
[ 1084.581909][T23206]  ? load_image+0x3b0/0x3b0
[ 1084.586540][T23206]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1084.593015][T23206]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[ 1084.599574][T23206]  warn_alloc+0x210/0x300
[ 1084.604071][T23206]  ? stack_trace_save+0x9c/0xe0
[ 1084.608977][T23206]  ? zone_watermark_ok_safe+0x230/0x230
[ 1084.614593][T23206]  ? kasan_set_track+0x5f/0x70
[ 1084.619407][T23206]  ? kasan_set_track+0x4e/0x70
[ 1084.624223][T23206]  ? __kasan_kmalloc+0x8f/0xa0
[ 1084.629038][T23206]  ? xsk_init_queue+0xb0/0x110
[ 1084.633847][T23206]  ? xsk_setsockopt+0x43c/0x6f0
[ 1084.638748][T23206]  ? do_sock_setsockopt+0x175/0x1a0
[ 1084.644017][T23206]  ? __x64_sys_setsockopt+0x184/0x200
[ 1084.649577][T23206]  __vmalloc_node_range+0x126/0x1320
[ 1084.654948][T23206]  ? free_vm_area+0x50/0x50
[ 1084.659518][T23206]  vmalloc_user+0x74/0x80
[ 1084.663902][T23206]  ? xskq_create+0xbf/0x170
[ 1084.668458][T23206]  xskq_create+0xbf/0x170
[ 1084.672841][T23206]  xsk_init_queue+0xb0/0x110
[ 1084.677494][T23206]  xsk_setsockopt+0x43c/0x6f0
[ 1084.682225][T23206]  ? xsk_poll+0x670/0x670
[ 1084.686611][T23206]  ? __fget_files+0x28/0x4d0
[ 1084.691258][T23206]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[ 1084.696852][T23206]  ? security_socket_setsockopt+0x7e/0xa0
[ 1084.702627][T23206]  ? xsk_poll+0x670/0x670
[ 1084.707007][T23206]  do_sock_setsockopt+0x175/0x1a0
[ 1084.712088][T23206]  ? __fdget+0x180/0x210
[ 1084.716388][T23206]  __x64_sys_setsockopt+0x184/0x200
[ 1084.721658][T23206]  do_syscall_64+0x55/0xb0
[ 1084.726120][T23206]  ? clear_bhb_loop+0x40/0x90
[ 1084.730846][T23206]  ? clear_bhb_loop+0x40/0x90
[ 1084.735582][T23206]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1084.741556][T23206] RIP: 0033:0x7f37c3b8eec9
[ 1084.746021][T23206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1084.765681][T23206] RSP: 002b:00007f37c1df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1084.774156][T23206] RAX: ffffffffffffffda RBX: 00007f37c3de5fa0 RCX: 00007f37c3b8eec9
[ 1084.782180][T23206] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[ 1084.790203][T23206] RBP: 00007f37c3c11f91 R08: 0000000000000004 R09: 0000000000000000
[ 1084.798233][T23206] R10: 0000200000000500 R11: 0000000000000246 R12: 0000000000000000
[ 1084.806255][T23206] R13: 00007f37c3de6038 R14: 00007f37c3de5fa0 R15: 00007fff3b897d88
[ 1084.814301][T23206]  </TASK>
[ 1084.821008][T23206] Mem-Info:
[ 1084.824187][T23206] active_anon:8827 inactive_anon:0 isolated_anon:0
[ 1084.824187][T23206]  active_file:11775 inactive_file:42602 isolated_file:0
[ 1084.824187][T23206]  unevictable:768 dirty:342 writeback:0
[ 1084.824187][T23206]  slab_reclaimable:11512 slab_unreclaimable:92750
[ 1084.824187][T23206]  mapped:25788 shmem:1373 pagetables:659
[ 1084.824187][T23206]  sec_pagetables:0 bounce:0
[ 1084.824187][T23206]  kernel_misc_reclaimable:0
[ 1084.824187][T23206]  free:1337288 free_pcp:7760 free_cma:0
[ 1084.873941][T23206] Node 0 active_anon:35308kB inactive_anon:0kB active_file:47100kB inactive_file:170212kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:103152kB dirty:1364kB writeback:0kB shmem:3956kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11028kB pagetables:2636kB sec_pagetables:0kB all_unreclaimable? no
[ 1084.910464][T23206] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1084.952555][T23206] Node 0 DMA free:15356kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1085.014266][T23215] warning: `syz.2.7448' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[ 1085.016610][T23206] lowmem_reserve[]: 0 2525 2526 2526 2526
[ 1085.049071][T23206] Node 0 DMA32 free:1430344kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:35360kB inactive_anon:0kB active_file:47100kB inactive_file:168876kB unevictable:1536kB writepending:1364kB present:3129332kB managed:2589600kB mlocked:0kB bounce:0kB free_pcp:19576kB local_pcp:18920kB free_cma:0kB
[ 1085.088327][T23206] lowmem_reserve[]: 0 0 1 1 1
[ 1085.098198][T23206] Node 0 Normal free:0kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1336kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1085.158193][T23206] lowmem_reserve[]: 0 0 0 0 0
[ 1085.177836][T23206] Node 1 Normal free:3903452kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:11072kB local_pcp:9312kB free_cma:0kB
[ 1085.290567][T23206] lowmem_reserve[]: 0 0 0 0 0
[ 1085.327349][T23206] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15356kB
[ 1085.359970][T23206] Node 0 DMA32: 512*4kB (UME) 1054*8kB (UME) 894*16kB (UME) 493*32kB (UME) 298*64kB (UME) 141*128kB (UME) 75*256kB (UME) 63*512kB (UM) 40*1024kB (UM) 7*2048kB (UM) 303*4096kB (UM) = 1425520kB
[ 1085.425505][T23206] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1085.474839][T23206] Node 1 Normal: 261*4kB (UME) 61*8kB (UME) 38*16kB (UME) 218*32kB (UME) 83*64kB (UME) 19*128kB (UME) 5*256kB (UM) 1*512kB (U) 2*1024kB (UE) 2*2048kB (UE) 947*4096kB (M) = 3903708kB
[ 1085.503855][T23206] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1085.515393][T23206] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1085.525888][T23206] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1085.540688][T23206] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1085.573680][T23206] 53521 total pagecache pages
[ 1085.582865][T23206] 0 pages in swap cache
[ 1085.587071][T23206] Free swap  = 124996kB
[ 1085.610521][T23206] Total swap = 124996kB
[ 1085.616007][T23206] 2097051 pages RAM
[ 1085.620540][T23206] 0 pages HighMem/MovableOnly
[ 1085.625459][T23206] 416137 pages reserved
[ 1085.636758][T23206] 0 pages cma reserved
[ 1086.024625][T23245] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7465'.
[ 1086.053090][T23247] loop2: detected capacity change from 0 to 64
[ 1086.058314][T23245] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1086.067771][T23245] IPv6: NLM_F_CREATE should be set when creating new route
[ 1086.075492][T23245] IPv6: NLM_F_CREATE should be set when creating new route
[ 1086.339480][T23255] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1086.443680][T23257] loop1: detected capacity change from 0 to 2048
[ 1086.466574][T23259] xt_hashlimit: max too large, truncated to 1048576
[ 1086.501351][T23257] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1086.745096][T23266] netlink: 'syz.0.7473': attribute type 10 has an invalid length.
[ 1086.762822][T23266] netlink: 156 bytes leftover after parsing attributes in process `syz.0.7473'.
[ 1086.888299][T23271] vivid-003: =================  START STATUS  =================
[ 1086.944659][T23271] vivid-003: RDS Tx I/O Mode: Controls
[ 1086.957178][T23271] vivid-003: RDS Program ID: 32904
[ 1086.969953][T23271] vivid-003: RDS Program Type: 3
[ 1086.988205][T23271] vivid-003: RDS PS Name: VIVID-TX
[ 1086.997287][T23271] vivid-003: RDS Radio Text: This is a VIVID default Radio Text template text, change at will
[ 1087.026053][T23271] vivid-003: RDS Stereo: true
[ 1087.035808][T23271] vivid-003: RDS Artificial Head: false
[ 1087.046201][T23271] vivid-003: RDS Compressed: false
[ 1087.051440][T23271] vivid-003: RDS Dynamic PTY: false
[ 1087.079168][T23277] netlink: 772 bytes leftover after parsing attributes in process `syz.0.7481'.
[ 1087.091272][T23271] vivid-003: RDS Traffic Announcement: false
[ 1087.103509][T23271] vivid-003: RDS Traffic Program: true
[ 1087.109190][T23271] vivid-003: RDS Music: true
[ 1087.127653][T23271] vivid-003: ==================  END STATUS  ==================
[ 1087.696947][T23299] binder: 23298:23299 ioctl c00c6211 0 returned -14
[ 1087.846591][T23305] netlink: 'syz.1.7495': attribute type 1 has an invalid length.
[ 1087.965723][T23310] loop0: detected capacity change from 0 to 64
[ 1088.122575][T23315] loop2: detected capacity change from 0 to 64
[ 1088.220543][T23315] hfs: unable to locate alternate MDB
[ 1088.242273][T23315] hfs: continuing without an alternate MDB
[ 1088.554155][T23329] netlink: 'syz.2.7505': attribute type 10 has an invalid length.
[ 1088.592688][T23329] netlink: 156 bytes leftover after parsing attributes in process `syz.2.7505'.
[ 1088.650403][T23331] netlink: 180 bytes leftover after parsing attributes in process `syz.0.7507'.
[ 1088.700628][T23335] netlink: 56 bytes leftover after parsing attributes in process `syz.3.7509'.
[ 1088.730717][T23335] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7509'.
[ 1088.750342][T23335] netlink: 31 bytes leftover after parsing attributes in process `syz.3.7509'.
[ 1088.788224][T23335] netlink: 'syz.3.7509': attribute type 2 has an invalid length.
[ 1088.825712][T23335] netlink: 31 bytes leftover after parsing attributes in process `syz.3.7509'.
[ 1089.101319][T23349] comedi comedi2: pcmmio: I/O port conflict (0xff,32)
[ 1089.514906][T23364] loop2: detected capacity change from 0 to 128
[ 1089.576902][T23367] netlink: 'syz.1.7524': attribute type 21 has an invalid length.
[ 1089.597431][T23367] netlink: 164 bytes leftover after parsing attributes in process `syz.1.7524'.
[ 1089.622785][T23364] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1089.685941][T23364] ext4 filesystem being mounted at /1808/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1089.845210][ T5855] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1090.005382][T23381] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1090.102438][T23385] loop2: detected capacity change from 0 to 1024
[ 1090.215051][T23385] Quota error (device loop2): do_check_range: Getting block 64 out of range 1-5
[ 1090.257309][T23385] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[ 1090.267859][T23385] EXT4-fs error (device loop2): ext4_acquire_dquot:6940: comm syz.2.7530: Failed to acquire dquot type 0
[ 1090.284472][T23385] EXT4-fs error (device loop2): mb_free_blocks:1938: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[ 1090.304211][T23385] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #13: comm syz.2.7530: corrupted inode contents
[ 1090.373255][T23385] EXT4-fs error (device loop2): ext4_dirty_inode:6106: inode #13: comm syz.2.7530: mark_inode_dirty error
[ 1090.412920][T23385] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #13: comm syz.2.7530: corrupted inode contents
[ 1090.474619][T23399] loop1: detected capacity change from 0 to 256
[ 1090.498928][T23385] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #13: comm syz.2.7530: mark_inode_dirty error
[ 1090.528400][T23401] netlink: 'syz.0.7537': attribute type 1 has an invalid length.
[ 1090.537607][T23385] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #13: comm syz.2.7530: corrupted inode contents
[ 1090.540719][T23401] netlink: 232 bytes leftover after parsing attributes in process `syz.0.7537'.
[ 1090.555745][ T5821] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[ 1090.567565][T23385] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[ 1090.585069][T23385] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #13: comm syz.2.7530: corrupted inode contents
[ 1090.598902][T23385] EXT4-fs error (device loop2): ext4_truncate:4288: inode #13: comm syz.2.7530: mark_inode_dirty error
[ 1090.631689][T23385] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[ 1090.683648][T23385] EXT4-fs (loop2): 1 truncate cleaned up
[ 1090.690888][T23385] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1090.760031][ T5821] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1090.782226][ T5821] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x61, skipping
[ 1090.798070][T23385] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 1090.827407][ T5821] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 10
[ 1090.853044][ T5821] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 255, setting to 64
[ 1090.885854][ T5821] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[ 1090.935147][ T5855] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1090.935310][ T5821] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1090.956327][ T5821] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1090.966612][ T5821] usb 4-1: Manufacturer: syz
[ 1090.988327][ T5821] usb 4-1: config 0 descriptor??
[ 1091.040968][T23409] binder: 23408:23409 ioctl c018620b 0 returned -14
[ 1091.136622][T23413] loop0: detected capacity change from 0 to 64
[ 1091.159356][T23413] hfs: unable to locate alternate MDB
[ 1091.164812][T23413] hfs: continuing without an alternate MDB
[ 1091.265654][ T5910] usb 4-1: USB disconnect, device number 6
[ 1091.773364][T23427] netlink: 88 bytes leftover after parsing attributes in process `syz.1.7552'.
[ 1092.333835][T23440] netlink: 'syz.1.7558': attribute type 1 has an invalid length.
[ 1092.354889][T23440] netlink: 232 bytes leftover after parsing attributes in process `syz.1.7558'.
[ 1092.640607][T23449] loop2: detected capacity change from 0 to 64
[ 1093.064163][T23457] overlayfs: missing 'lowerdir'
[ 1093.073476][T23459] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7568'.
[ 1093.112929][T23437] loop3: detected capacity change from 0 to 32768
[ 1093.246773][T23437] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[ 1093.305271][T23437] (syz.3.7557,23437,1):ocfs2_read_blocks_sync:112 ERROR: status = -12
[ 1093.351807][T23437] (syz.3.7557,23437,1):ocfs2_get_suballoc_slot_bit:2709 ERROR: read block 3229604089285250693 failed -12
[ 1093.392306][T23437] (syz.3.7557,23437,0):ocfs2_get_suballoc_slot_bit:2741 ERROR: status = -12
[ 1093.429519][T23437] (syz.3.7557,23437,0):ocfs2_test_inode_bit:2823 ERROR: get alloc slot and bit failed -12
[ 1093.486687][T23471] loop2: detected capacity change from 0 to 512
[ 1093.499110][T23437] (syz.3.7557,23437,0):ocfs2_test_inode_bit:2864 ERROR: status = -12
[ 1093.534056][T23437] (syz.3.7557,23437,0):ocfs2_get_dentry:78 ERROR: test inode bit failed -12
[ 1093.536153][T23471] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1093.628739][T23471] EXT4-fs (loop2): 1 truncate cleaned up
[ 1093.642462][T23471] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1093.709798][ T5848] (syz-executor,5848,0):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72
[ 1093.749804][T23471] cifs: Unknown parameter 'dioread_lock'
[ 1093.773462][ T5848] ocfs2: Unmounting device (7,3) on (node local)
[ 1093.904093][ T5855] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1094.043564][T23485] ieee802154 phy0 wpan0: encryption failed: -22
[ 1094.277332][T23491] xt_HMARK: spi-set and port-set can't be combined
[ 1094.329419][T23488] loop1: detected capacity change from 0 to 4096
[ 1094.424874][T23495] tmpfs: Group quota block hardlimit too large.
[ 1094.456096][T23497] loop0: detected capacity change from 0 to 16
[ 1094.485912][T23497] erofs: (device loop0): mounted with root inode @ nid 36.
[ 1094.571533][T23499] loop3: detected capacity change from 0 to 1024
[ 1094.628156][T23488] ntfs3: loop1: ino=5, "/" directory corrupted
[ 1094.666612][T23488] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[ 1094.689603][T23499] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1094.749974][T23499] EXT4-fs warning (device loop3): ext4_empty_dir:3156: inode #11: comm syz.3.7585: directory missing '..'
[ 1094.965326][T23509] loop1: detected capacity change from 0 to 256
[ 1095.017556][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1096.090420][T23517] loop3: detected capacity change from 0 to 32768
[ 1096.116088][T23517] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop3 scanned by syz.3.7590 (23517)
[ 1096.157619][T23517] BTRFS info (device loop3): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[ 1096.178105][T23517] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[ 1096.201810][T23517] BTRFS info (device loop3): enabling ssd optimizations
[ 1096.226856][T23517] BTRFS info (device loop3): not using ssd optimizations
[ 1096.250527][T23517] BTRFS info (device loop3): turning off barriers
[ 1096.270104][T23517] BTRFS info (device loop3): using free space tree
[ 1096.610202][T23527] loop0: detected capacity change from 0 to 32768
[ 1096.710186][ T5848] BTRFS info (device loop3): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[ 1096.760591][T23527] find_entry called with index >= next_index
[ 1096.786958][T23527] find_entry called with index >= next_index
[ 1096.793360][T23527] find_entry called with index >= next_index
[ 1097.077359][T23564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7607'.
[ 1097.107210][T23564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7607'.
[ 1097.118430][T23531] loop2: detected capacity change from 0 to 40427
[ 1097.144684][T23531] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1097.157479][T23564] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1097.193811][T23531] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1097.246120][T23531] F2FS-fs (loop2): invalid crc value
[ 1097.347337][T23531] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1097.691969][T23531] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1097.727354][T23531] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1097.950336][ T5910] IPVS: starting estimator thread 0...
[ 1098.052494][T23587] IPVS: using max 17 ests per chain, 40800 per kthread
[ 1098.089783][   T23] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 1098.294371][   T23] usb 2-1: Using ep0 maxpacket: 16
[ 1098.314646][   T23] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1098.343532][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1098.374934][   T23] usb 2-1: Product: syz
[ 1098.387392][   T23] usb 2-1: Manufacturer: syz
[ 1098.396669][   T23] usb 2-1: SerialNumber: syz
[ 1098.416506][   T23] r8152-cfgselector 2-1: config 0 descriptor??
[ 1098.790839][T23608] loop2: detected capacity change from 0 to 4096
[ 1098.833720][   T23] r8152-cfgselector 2-1: Unknown version 0x0000
[ 1098.849855][   T23] r8152-cfgselector 2-1: USB disconnect, device number 21
[ 1099.599689][   T23] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[ 1099.813619][   T23] usb 4-1: Using ep0 maxpacket: 8
[ 1099.833020][   T23] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[ 1099.841358][   T23] usb 4-1: config 179 has no interface number 0
[ 1099.876302][   T23] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[ 1099.891146][   T23] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[ 1099.907132][   T23] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1099.920578][T23643] loop2: detected capacity change from 0 to 16
[ 1099.936395][   T23] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1099.955863][T23643] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1099.968303][   T23] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1099.989246][   T23] usb 4-1: config 179 interface 65 has no altsetting 0
[ 1100.012796][T23643] erofs: (device loop2): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36
[ 1100.026087][   T23] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[ 1100.042357][T23643] erofs: (device loop2): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535
[ 1100.054079][   T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1100.065881][ T5854] Bluetooth: hci1: command 0x0406 tx timeout
[ 1100.068625][T23643] erofs: (device loop2): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36
[ 1100.089554][T23643] erofs: (device loop2): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535
[ 1100.100565][T23643] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 72 of nid 36
[ 1100.148264][   T23] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input75
[ 1100.427966][ T5910] usb 4-1: USB disconnect, device number 7
[ 1100.436646][ T5910] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[ 1100.718383][T23641] loop0: detected capacity change from 0 to 32768
[ 1100.758905][T23641] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1100.881387][T23641] XFS (loop0): Ending clean mount
[ 1101.100464][T23647] loop1: detected capacity change from 0 to 40427
[ 1101.128952][ T5856] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1101.135404][T23647] F2FS-fs (loop1): invalid crc value
[ 1101.170425][T23647] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1101.400560][T23676] sock: sock_timestamping_bind_phc: sock not bind to device
[ 1101.493369][T23647] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1102.100558][T23695] tmpfs: User quota inode hardlimit too large.
[ 1102.634362][T23708] loop3: detected capacity change from 0 to 4096
[ 1102.703319][T23713] loop0: detected capacity change from 0 to 2048
[ 1102.782211][T23708] ntfs3: loop3: ino=5, "/" directory corrupted
[ 1102.783563][T23716] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1103.165099][   T28] audit: type=1326 audit(1759217800.990:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23721 comm="syz.0.7675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444bf8eec9 code=0x7ffc0000
[ 1103.248318][   T28] audit: type=1326 audit(1759217800.990:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23721 comm="syz.0.7675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444bf8eec9 code=0x7ffc0000
[ 1103.308390][   T28] audit: type=1326 audit(1759217801.022:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23721 comm="syz.0.7675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f444bf90de7 code=0x7ffc0000
[ 1103.384251][   T28] audit: type=1326 audit(1759217801.022:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23721 comm="syz.0.7675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f444bf90d5c code=0x7ffc0000
[ 1103.439284][T23698] loop1: detected capacity change from 0 to 32768
[ 1103.461453][T23730] loop2: detected capacity change from 0 to 512
[ 1103.467449][T23698] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.7664 (23698)
[ 1103.468586][   T28] audit: type=1326 audit(1759217801.022:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23721 comm="syz.0.7675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f444bf90c94 code=0x7ffc0000
[ 1103.510953][T23698] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1103.523742][T23698] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[ 1103.532898][T23698] BTRFS info (device loop1): turning on async discard
[ 1103.539721][T23698] BTRFS info (device loop1): using free space tree
[ 1103.564590][   T28] audit: type=1326 audit(1759217801.022:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23721 comm="syz.0.7675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f444bf90c94 code=0x7ffc0000
[ 1103.587360][   T28] audit: type=1326 audit(1759217801.022:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23721 comm="syz.0.7675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f444bf8db2a code=0x7ffc0000
[ 1103.658018][T23730] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1103.690915][T23730] ext4 filesystem being mounted at /1850/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1103.700833][   T28] audit: type=1326 audit(1759217801.022:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23721 comm="syz.0.7675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444bf8eec9 code=0x7ffc0000
[ 1103.792653][T23750] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1103.859224][T23750] netlink: 1 bytes leftover after parsing attributes in process `syz.0.7681'.
[ 1103.882184][ T5855] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1103.891730][T23698] BTRFS info (device loop1): enabling ssd optimizations
[ 1104.240967][ T5851] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1104.437282][T23770] lo: entered promiscuous mode
[ 1104.476028][T23771] ALSA: mixer_oss: invalid OSS volume 'u'
[ 1104.576336][T23770] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1104.839000][T23776] loop0: detected capacity change from 0 to 4096
[ 1104.923654][T23782] netlink: 'syz.2.7695': attribute type 11 has an invalid length.
[ 1106.050664][T23792] loop1: detected capacity change from 0 to 32768
[ 1106.066009][T23792] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop1 scanned by syz.1.7700 (23792)
[ 1106.091826][T23792] BTRFS info (device loop1): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[ 1106.111493][T23792] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[ 1106.137272][T23792] BTRFS info (device loop1): enabling ssd optimizations
[ 1106.145365][T23792] BTRFS info (device loop1): not using ssd optimizations
[ 1106.158208][T23792] BTRFS info (device loop1): turning off barriers
[ 1106.169967][T23792] BTRFS info (device loop1): using free space tree
[ 1106.451486][ T5851] BTRFS info (device loop1): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[ 1106.705158][T23842] overlayfs: empty lowerdir
[ 1106.795073][T23844] loop3: detected capacity change from 0 to 764
[ 1106.869375][T23844] Symlink component flag not implemented
[ 1106.885866][T23844] Symlink component flag not implemented
[ 1106.944989][T23844] Symlink component flag not implemented (128)
[ 1106.967382][T23844] Symlink component flag not implemented (122)
[ 1107.550886][T23854] loop2: detected capacity change from 0 to 1024
[ 1107.936779][T23871] netlink: 'syz.1.7731': attribute type 9 has an invalid length.
[ 1108.127097][   T23] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[ 1108.307928][   T23] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1108.334763][   T23] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1108.357894][   T23] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1108.377344][   T23] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1108.385908][   T23] usb 1-1: Product: syz
[ 1108.394273][   T23] usb 1-1: Manufacturer: syz
[ 1108.400082][   T23] usb 1-1: SerialNumber: syz
[ 1108.416707][   T23] usb 1-1: config 0 descriptor??
[ 1108.428797][   T23] usb 1-1: selecting invalid altsetting 0
[ 1108.445225][T23886] loop2: detected capacity change from 0 to 64
[ 1108.776755][T23878] loop1: detected capacity change from 0 to 32768
[ 1108.789845][ T5937] usb 1-1: USB disconnect, device number 6
[ 1108.844408][T23878] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[ 1108.906777][T23878] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[ 1108.921110][   T28] audit: type=1326 audit(1759217807.171:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23895 comm="syz.2.7741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7822f8eec9 code=0x7ffc0000
[ 1108.999494][   T28] audit: type=1326 audit(1759217807.171:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23895 comm="syz.2.7741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7822f8eec9 code=0x7ffc0000
[ 1109.060545][T23878] (syz.1.7733,23878,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is too small for name_len - offset=0, inode=65, rec_len=16, name_len=9
[ 1109.109099][T23878] (syz.1.7733,23878,0):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2
[ 1109.114702][   T28] audit: type=1326 audit(1759217807.203:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23895 comm="syz.2.7741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f7822f8eec9 code=0x7ffc0000
[ 1109.128967][T23878] (syz.1.7733,23878,0):ocfs2_mknod:298 ERROR: status = -2
[ 1109.200740][T23878] (syz.1.7733,23878,0):ocfs2_mknod:502 ERROR: status = -2
[ 1109.207899][   T28] audit: type=1326 audit(1759217807.203:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23895 comm="syz.2.7741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7822f8eec9 code=0x7ffc0000
[ 1109.207954][   T28] audit: type=1326 audit(1759217807.203:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23895 comm="syz.2.7741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7822f8eec9 code=0x7ffc0000
[ 1109.270959][T23878] (syz.1.7733,23878,0):ocfs2_mkdir:659 ERROR: status = -2
[ 1109.315135][ T5851] ocfs2: Unmounting device (7,1) on (node local)
[ 1109.464100][T23906] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7745'.
[ 1109.534802][   T28] audit: type=1326 audit(1759217807.825:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23907 comm="syz.0.7747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444bf8eec9 code=0x7ffc0000
[ 1109.618127][   T28] audit: type=1326 audit(1759217807.825:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23907 comm="syz.0.7747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444bf8eec9 code=0x7ffc0000
[ 1109.701438][   T28] audit: type=1326 audit(1759217807.836:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23907 comm="syz.0.7747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f444bf8eec9 code=0x7ffc0000
[ 1109.804467][   T28] audit: type=1326 audit(1759217807.836:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23907 comm="syz.0.7747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444bf8eec9 code=0x7ffc0000
[ 1110.018364][T23923] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7755'.
[ 1110.110020][T23925] loop0: detected capacity change from 0 to 1024
[ 1110.230914][T23927] loop3: detected capacity change from 0 to 2048
[ 1110.285057][T23927] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1110.331641][T23927] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #12: comm syz.3.7756: inline data xattr refers to an external xattr inode
[ 1110.363915][T23927] EXT4-fs (loop3): Remounting filesystem read-only
[ 1110.459091][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1110.928384][T23951] loop2: detected capacity change from 0 to 1024
[ 1111.023290][T23951] hfsplus: xattr searching failed
[ 1111.531074][T23973] netlink: 'syz.2.7777': attribute type 1 has an invalid length.
[ 1111.558421][T23973] netlink: 'syz.2.7777': attribute type 2 has an invalid length.
[ 1111.594291][T23973] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7777'.
[ 1111.614278][T23969] loop0: detected capacity change from 0 to 8192
[ 1111.651197][T23969] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 1111.679587][T23969] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[ 1111.705348][T23969] REISERFS (device loop0): using ordered data mode
[ 1111.711967][T23969] reiserfs: using flush barriers
[ 1111.732625][T23969] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 1111.757665][T23969] REISERFS (device loop0): checking transaction log (loop0)
[ 1111.901918][T23969] REISERFS (device loop0): Using r5 hash to sort names
[ 1111.909264][T23969] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[ 1112.552541][T24005] loop3: detected capacity change from 0 to 256
[ 1112.939634][T24021] loop3: detected capacity change from 0 to 1024
[ 1114.368269][T24071] Illegal XDP return value 4294967274 on prog  (id 448) dev N/A, expect packet loss!
[ 1114.601455][T24081] loop3: detected capacity change from 0 to 1024
[ 1114.652894][T24077] loop2: detected capacity change from 0 to 4096
[ 1114.776312][T24085] loop1: detected capacity change from 0 to 256
[ 1114.800466][T24085] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1114.878283][T24085] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d)
[ 1114.917066][T24087] loop0: detected capacity change from 0 to 128
[ 1114.975907][T24077] ntfs3: loop2: try to read out of volume at offset 0x3fffffc7000
[ 1115.031307][T24087] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1115.120341][T24087] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1115.442021][T24095] loop1: detected capacity change from 0 to 1024
[ 1115.517922][    T9] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[ 1115.540273][T24095] hfsplus: xattr searching failed
[ 1115.712936][    T9] usb 4-1: Using ep0 maxpacket: 32
[ 1115.731182][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1115.750058][    T9] usb 4-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[ 1115.772521][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1115.797263][    T9] usb 4-1: Product: syz
[ 1115.801551][    T9] usb 4-1: Manufacturer: syz
[ 1115.817114][    T9] usb 4-1: SerialNumber: syz
[ 1115.846298][    T9] usb 4-1: config 0 descriptor??
[ 1115.864001][    T9] cdc_ether 4-1:0.0: skipping garbage
[ 1115.869455][    T9] cdc_ether 4-1:0.0: skipping garbage
[ 1115.890918][    T9] usb 4-1: bad CDC descriptors
[ 1115.896443][    T9] usb 4-1: unsupported MDLM descriptors
[ 1115.966691][T24111] loop1: detected capacity change from 0 to 64
[ 1115.997042][T24111] MINIX-fs: mounting file system with errors, running fsck is recommended
[ 1116.047851][   T28] audit: type=1800 audit(1759217814.810:49): pid=24111 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.7846" name="file1" dev="loop1" ino=8 res=0 errno=0
[ 1116.082363][T12463] usb 4-1: USB disconnect, device number 8
[ 1116.527874][T24120] loop1: detected capacity change from 0 to 64
[ 1117.627735][T24154] netlink: 'syz.1.7867': attribute type 1 has an invalid length.
[ 1117.817763][T24160] loop0: detected capacity change from 0 to 64
[ 1117.915690][T24164] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7872'.
[ 1118.437047][T24176] loop1: detected capacity change from 0 to 4096
[ 1118.733473][T24176] ntfs3: loop1: try to read out of volume at offset 0x3fffffc7000
[ 1118.881622][    T9] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[ 1119.074269][    T9] usb 1-1: config 0 has an invalid interface number: 69 but max is 0
[ 1119.096211][    T9] usb 1-1: config 0 has no interface number 0
[ 1119.123919][    T9] usb 1-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023
[ 1119.149666][    T9] usb 1-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1119.184689][    T9] usb 1-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[ 1119.193973][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1119.212812][    T9] usb 1-1: Product: syz
[ 1119.218698][    T9] usb 1-1: Manufacturer: syz
[ 1119.229613][    T9] usb 1-1: SerialNumber: syz
[ 1119.250136][    T9] usb 1-1: config 0 descriptor??
[ 1119.264117][T24185] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1119.284261][    T9] cyberjack 1-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[ 1119.313809][    T9] usb 1-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[ 1119.659276][T24213] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.7898'.
[ 1119.769216][    T9] usb 1-1: USB disconnect, device number 7
[ 1119.801976][    T9] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[ 1119.829626][    T9] cyberjack 1-1:0.69: device disconnected
[ 1120.185937][T24231] loop2: detected capacity change from 0 to 64
[ 1120.241751][T24233] netlink: 128 bytes leftover after parsing attributes in process `syz.1.7906'.
[ 1120.250844][T24233] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 1120.523802][T24241] loop0: detected capacity change from 0 to 256
[ 1120.539334][T24243] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma?
[ 1120.647397][T24241] FAT-fs (loop0): Directory bread(block 64) failed
[ 1120.675017][T24241] FAT-fs (loop0): Directory bread(block 65) failed
[ 1120.705760][T24241] FAT-fs (loop0): Directory bread(block 66) failed
[ 1120.735584][T24241] FAT-fs (loop0): Directory bread(block 67) failed
[ 1120.755253][T24241] FAT-fs (loop0): Directory bread(block 68) failed
[ 1120.779670][T24241] FAT-fs (loop0): Directory bread(block 69) failed
[ 1120.794157][T24241] FAT-fs (loop0): Directory bread(block 70) failed
[ 1120.811199][T24241] FAT-fs (loop0): Directory bread(block 71) failed
[ 1120.817910][T24241] FAT-fs (loop0): Directory bread(block 72) failed
[ 1120.840252][T24241] FAT-fs (loop0): Directory bread(block 73) failed
[ 1120.872628][T24252] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (6)
[ 1121.051035][T24255] loop2: detected capacity change from 0 to 512
[ 1121.139527][T24255] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.7917: iget: bad i_size value: 38620345925642
[ 1121.261708][T24255] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.7917: couldn't read orphan inode 15 (err -117)
[ 1121.360770][T24255] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1121.677505][T24259] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[ 1121.723500][   T23] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[ 1121.911177][   T23] usb 3-1: config 27 interface 0 altsetting 0 has an invalid endpoint with address 0x98, skipping
[ 1121.935575][   T23] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 47025, setting to 1024
[ 1121.952161][   T23] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[ 1121.964446][   T23] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1121.980986][   T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1122.014066][T24255] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1122.038431][   T23] usb 3-1: Quirk or no altest; falling back to MIDI 1.0
[ 1122.086437][   T23] usb 3-1: invalid MIDI in EP 0
[ 1122.218076][   T28] audit: type=1326 audit(1759217821.420:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24296 comm="syz.1.7937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72a938eec9 code=0x7ffc0000
[ 1122.267682][ T6012] udevd[6012]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1122.307771][   T28] audit: type=1326 audit(1759217821.420:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24296 comm="syz.1.7937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72a938eec9 code=0x7ffc0000
[ 1122.310187][   T23] snd-usb-audio: probe of 3-1:27.0 failed with error -22
[ 1122.373337][T24297] loop1: detected capacity change from 0 to 2048
[ 1122.379629][   T28] audit: type=1326 audit(1759217821.485:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24296 comm="syz.1.7937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f72a938eec9 code=0x7ffc0000
[ 1122.397071][   T23] usb 3-1: USB disconnect, device number 26
[ 1122.456033][T24301] loop3: detected capacity change from 0 to 16
[ 1122.462825][T24297] Alternate GPT is invalid, using primary GPT.
[ 1122.469179][T24297]  loop1: p2 p3 p7
[ 1122.497339][T24301] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1122.508839][   T28] audit: type=1326 audit(1759217821.485:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24296 comm="syz.1.7937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f72a938ef03 code=0x7ffc0000
[ 1122.569296][   T28] audit: type=1326 audit(1759217821.495:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24296 comm="syz.1.7937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f72a938d97f code=0x7ffc0000
[ 1122.661075][   T28] audit: type=1326 audit(1759217821.603:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24296 comm="syz.1.7937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f72a938ef57 code=0x7ffc0000
[ 1122.686618][T24303] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check.
[ 1122.805025][   T28] audit: type=1326 audit(1759217821.603:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24296 comm="syz.1.7937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f72a938d710 code=0x7ffc0000
[ 1122.886646][   T28] audit: type=1326 audit(1759217821.603:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24296 comm="syz.1.7937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f72a938eacb code=0x7ffc0000
[ 1122.967417][   T28] audit: type=1326 audit(1759217821.613:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24296 comm="syz.1.7937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f72a938db2a code=0x7ffc0000
[ 1122.998729][T15184] udevd[15184]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[ 1123.022179][ T6082] udevd[6082]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[ 1123.049085][ T8859] udevd[8859]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory
[ 1123.075116][   T28] audit: type=1326 audit(1759217821.613:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24296 comm="syz.1.7937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f72a938eacb code=0x7ffc0000
[ 1123.095869][T24311] netlink: 'syz.1.7944': attribute type 1 has an invalid length.
[ 1123.134561][ T5855] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1123.145738][T24311] netlink: 224 bytes leftover after parsing attributes in process `syz.1.7944'.
[ 1123.317129][T24315] dlm: no local IP address has been set
[ 1123.326355][T24315] dlm: cannot start dlm midcomms -107
[ 1123.574295][T24327] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.7949'.
[ 1124.031085][T24338] loop3: detected capacity change from 0 to 256
[ 1124.091351][T24341] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7959'.
[ 1124.315259][T24324] loop0: detected capacity change from 0 to 32768
[ 1124.341768][T24324] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.7951 (24324)
[ 1124.407872][T24324] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1124.442986][T24324] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 1124.491472][T24324] BTRFS info (device loop0): using free space tree
[ 1124.528783][T24354] kernel profiling enabled (shift: 17)
[ 1124.620396][T24324] BTRFS info (device loop0): enabling ssd optimizations
[ 1124.633698][T24324] BTRFS info (device loop0): auto enabling async discard
[ 1124.787956][T24374] loop3: detected capacity change from 0 to 256
[ 1124.792240][T24375] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.7966'.
[ 1124.846708][T24374] exfat: Deprecated parameter 'utf8'
[ 1124.868404][T24374] exfat: Deprecated parameter 'namecase'
[ 1124.875657][ T5856] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1124.902960][T24374] exfat: Deprecated parameter 'utf8'
[ 1125.026775][T24374] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[ 1125.729854][T24393] loop2: detected capacity change from 0 to 128
[ 1126.749371][T24430] loop2: detected capacity change from 0 to 256
[ 1127.137835][T24413] loop3: detected capacity change from 0 to 32768
[ 1127.688194][    T9] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[ 1127.856354][    T9] usb 1-1: Using ep0 maxpacket: 8
[ 1127.876105][    T9] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1127.894187][    T9] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1127.919078][    T9] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1127.934867][    T9] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1127.945483][    T9] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1127.963530][    T9] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1127.972742][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1128.412259][ T5910] usb 1-1: USB disconnect, device number 8
[ 1129.001859][T24496] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8003'.
[ 1129.018953][T24495] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.8001'.
[ 1129.165827][T24499] loop1: detected capacity change from 0 to 512
[ 1129.197570][T24499] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1129.298663][T24499] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1129.361485][T24499] ext4 filesystem being mounted at /1936/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1129.440164][    T9] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[ 1129.499847][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1129.534658][T24511] netlink: 36 bytes leftover after parsing attributes in process `syz.3.8010'.
[ 1129.559740][T24511] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8010'.
[ 1129.574502][T24511] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8010'.
[ 1129.621379][    T9] usb 3-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 1129.630990][T12463] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[ 1129.648175][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1129.690323][    T9] usb 3-1: config 0 descriptor??
[ 1129.721827][T24515] netlink: 'syz.3.8012': attribute type 21 has an invalid length.
[ 1129.824830][T12463] usb 1-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[ 1129.852577][T12463] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1129.875512][T12463] usb 1-1: Product: syz
[ 1129.882079][T12463] usb 1-1: Manufacturer: syz
[ 1129.886844][T12463] usb 1-1: SerialNumber: syz
[ 1129.906080][T12463] usb 1-1: config 0 descriptor??
[ 1129.916937][T12463] i2c-tiny-usb 1-1:0.0: version 6d.cc found at bus 001 address 009
[ 1130.091679][    T9] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1130.129791][    T9] asix 3-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[ 1130.156107][    T9] asix: probe of 3-1:0.0 failed with error -71
[ 1130.183313][    T9] usb 3-1: USB disconnect, device number 27
[ 1130.187411][T24529] loop1: detected capacity change from 0 to 512
[ 1130.242914][T24529] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1130.293879][T24529] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended
[ 1130.353058][T24529] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84fc01c, mo2=0102]
[ 1130.363484][T12463]  (null): failure reading functionality
[ 1130.375800][T12463] i2c i2c-3: failure reading functionality
[ 1130.385039][T12463] i2c i2c-3: connected i2c-tiny-usb device
[ 1130.398201][T12463] usb 1-1: USB disconnect, device number 9
[ 1130.399776][T24529] System zones: 0-2, 18-18, 34-34
[ 1130.450834][T24529] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.8019: iget: bad i_size value: 360287970189639680
[ 1130.493822][T24529] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.8019: couldn't read orphan inode 15 (err -117)
[ 1130.524443][T24529] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1130.614367][T24538] netlink: 'syz.3.8023': attribute type 10 has an invalid length.
[ 1130.625204][T24529] EXT4-fs error (device loop1): ext4_find_dest_de:2115: inode #2: block 3: comm syz.1.8019: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1
[ 1130.643110][T24538] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8023'.
[ 1130.659305][T24538] veth0_vlan: entered allmulticast mode
[ 1130.666161][T24538] bridge0: port 3(veth0_vlan) entered blocking state
[ 1130.674049][T24538] bridge0: port 3(veth0_vlan) entered disabled state
[ 1130.699893][T24538] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[ 1130.750688][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1130.794913][T24540] xt_hashlimit: size too large, truncated to 1048576
[ 1131.660889][T24553] loop1: detected capacity change from 0 to 32768
[ 1131.678199][T24553] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.8029 (24553)
[ 1131.705918][T24569] netlink: 'syz.0.8038': attribute type 10 has an invalid length.
[ 1131.717138][T24569] macvlan0: entered promiscuous mode
[ 1131.722506][T24569] macvlan0: entered allmulticast mode
[ 1131.751049][T24553] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1131.791480][T24569] veth1_vlan: entered allmulticast mode
[ 1131.804786][T24553] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[ 1131.830757][T24553] BTRFS info (device loop1): enabling auto defrag
[ 1131.843108][T24569] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[ 1131.856032][T24553] BTRFS info (device loop1): force clearing of disk cache
[ 1131.872862][T24553] BTRFS info (device loop1): max_inline at 0
[ 1131.890460][T24553] BTRFS info (device loop1): turning on sync discard
[ 1131.934907][T24553] BTRFS info (device loop1): using free space tree
[ 1132.117757][T24553] BTRFS info (device loop1): enabling ssd optimizations
[ 1132.168384][T24553] BTRFS info (device loop1): rebuilding free space tree
[ 1132.405192][ T5854] Bluetooth: hci0: unexpected event for opcode 0x0c22
[ 1132.572438][ T5851] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1132.775929][T24607] loop3: detected capacity change from 0 to 64
[ 1132.776731][   T23] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[ 1133.000759][   T23] usb 3-1: Using ep0 maxpacket: 32
[ 1133.015673][T24611] loop0: detected capacity change from 0 to 2048
[ 1133.027399][   T23] usb 3-1: config 0 has an invalid interface number: 35 but max is 0
[ 1133.054816][   T23] usb 3-1: config 0 has no interface number 0
[ 1133.067513][   T23] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[ 1133.092573][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1133.102412][T24612] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1133.142691][   T23] usb 3-1: Product: syz
[ 1133.146935][   T23] usb 3-1: Manufacturer: syz
[ 1133.163434][   T23] usb 3-1: SerialNumber: syz
[ 1133.175360][   T23] usb 3-1: config 0 descriptor??
[ 1133.214129][T24611] CPU: 0 PID: 24611 Comm: syz.0.8052 Not tainted syzkaller #0
[ 1133.222247][T24611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1133.232372][T24611] Call Trace:
[ 1133.235702][T24611]  <TASK>
[ 1133.238682][T24611]  dump_stack_lvl+0x16c/0x230
[ 1133.243426][T24611]  ? show_regs_print_info+0x20/0x20
[ 1133.249079][T24611]  ? kmem_cache_alloc+0x14d/0x2e0
[ 1133.254269][T24611]  ? __asan_memset+0x22/0x40
[ 1133.258934][T24611]  ? nilfs_btree_alloc_path+0x5e5/0x600
[ 1133.264566][T24611]  nilfs_btree_last_key+0x489/0x610
[ 1133.269830][T24611]  nilfs_bmap_last_key+0x74/0x120
[ 1133.274911][T24611]  nilfs_truncate_bmap+0xff/0x340
[ 1133.280083][T24611]  ? nilfs_update_inode+0x1d0/0x1d0
[ 1133.285347][T24611]  ? block_truncate_page+0x168/0x9f0
[ 1133.290699][T24611]  ? nilfs_inode_sub_blocks+0xe0/0xe0
[ 1133.296169][T24611]  nilfs_truncate+0x267/0x4a0
[ 1133.300904][T24611]  ? nilfs_write_failed+0xa0/0xa0
[ 1133.305999][T24611]  nilfs_setattr+0x211/0x2b0
[ 1133.310667][T24611]  ? nilfs_clear_inode+0x280/0x280
[ 1133.315934][T24611]  ? is_bad_inode+0xd/0x40
[ 1133.320408][T24611]  ? evm_inode_setattr+0x94/0x6a0
[ 1133.325504][T24611]  ? bpf_lsm_inode_setattr+0x9/0x10
[ 1133.330779][T24611]  ? try_break_deleg+0x79/0x120
[ 1133.335689][T24611]  ? nilfs_clear_inode+0x280/0x280
[ 1133.340875][T24611]  notify_change+0xb0d/0xe10
[ 1133.345543][T24611]  do_truncate+0x19b/0x220
[ 1133.350025][T24611]  ? put_page_bootmem+0x2c0/0x2c0
[ 1133.355109][T24611]  ? apparmor_file_truncate+0x23f/0x2d0
[ 1133.360723][T24611]  ? ima_bprm_check+0x1f0/0x1f0
[ 1133.366085][T24611]  path_openat+0x298c/0x3190
[ 1133.370782][T24611]  ? do_filp_open+0x3d0/0x3d0
[ 1133.375546][T24611]  do_filp_open+0x1c5/0x3d0
[ 1133.380117][T24611]  ? vfs_tmpfile+0x490/0x490
[ 1133.384881][T24611]  ? _raw_spin_unlock+0x28/0x40
[ 1133.389774][T24611]  ? alloc_fd+0x58f/0x630
[ 1133.390204][   T23] radio-si470x 3-1:0.35: this is not a si470x device.
[ 1133.394143][T24611]  do_sys_openat2+0x12c/0x1c0
[ 1133.394236][T24611]  ? do_sys_open+0xe0/0xe0
[ 1133.410156][T24611]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 1133.416197][T24611]  ? lock_chain_count+0x20/0x20
[ 1133.421117][T24611]  __x64_sys_creat+0x90/0xb0
[ 1133.425775][T24611]  do_syscall_64+0x55/0xb0
[ 1133.430251][T24611]  ? clear_bhb_loop+0x40/0x90
[ 1133.435005][T24611]  ? clear_bhb_loop+0x40/0x90
[ 1133.440372][T24611]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1133.446552][T24611] RIP: 0033:0x7f444bf8eec9
[ 1133.451011][T24611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1133.471103][T24611] RSP: 002b:00007f444cdb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[ 1133.479589][T24611] RAX: ffffffffffffffda RBX: 00007f444c1e5fa0 RCX: 00007f444bf8eec9
[ 1133.487602][T24611] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000200000000100
[ 1133.495710][T24611] RBP: 00007f444c011f91 R08: 0000000000000000 R09: 0000000000000000
[ 1133.503730][T24611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1133.511752][T24611] R13: 00007f444c1e6038 R14: 00007f444c1e5fa0 R15: 00007ffdb07d2218
[ 1133.519795][T24611]  </TASK>
[ 1133.545135][T24611] NILFS (loop0): btree level mismatch (ino=16): 1 != 7
[ 1133.552478][T24611] NILFS error (device loop0): nilfs_bmap_last_key: broken bmap (inode number=16)
[ 1133.571840][T24611] Remounting filesystem read-only
[ 1133.577044][T24611] NILFS (loop0): error -5 truncating bmap (ino=16)
[ 1133.589961][   T23] radio-raremono 3-1:0.35: this is not Thanko's Raremono.
[ 1133.612376][   T23] usb 3-1: USB disconnect, device number 28
[ 1133.714448][ T5856] NILFS (loop0): discard dirty page: offset=4096, ino=6
[ 1133.737641][ T5856] NILFS (loop0): discard dirty block: blocknr=39, size=1024
[ 1133.745005][ T5856] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[ 1133.773508][ T5856] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[ 1133.791957][ T5856] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[ 1133.814810][ T5856] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer
[ 1133.969152][T24628] xfrm0: entered promiscuous mode
[ 1133.988197][T24628] xfrm0: entered allmulticast mode
[ 1134.720988][T24654] loop2: detected capacity change from 0 to 2048
[ 1134.744269][T24654] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[ 1134.826634][T24654] UDF-fs: unknown compression code (0)
[ 1134.920511][T24658] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1134.946943][T24658] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1134.954288][T24658] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1135.186898][T24667] netlink: 666 bytes leftover after parsing attributes in process `syz.1.8076'.
[ 1135.266775][T24669] loop0: detected capacity change from 0 to 256
[ 1135.375604][T24669] FAT-fs (loop0): Directory bread(block 64) failed
[ 1135.408483][T24669] FAT-fs (loop0): Directory bread(block 65) failed
[ 1135.428016][T24669] FAT-fs (loop0): Directory bread(block 66) failed
[ 1135.448542][T24669] FAT-fs (loop0): Directory bread(block 67) failed
[ 1135.458057][T24669] FAT-fs (loop0): Directory bread(block 68) failed
[ 1135.474928][T24669] FAT-fs (loop0): Directory bread(block 69) failed
[ 1135.483601][T24675] netlink: 'syz.2.8080': attribute type 10 has an invalid length.
[ 1135.495656][T24669] FAT-fs (loop0): Directory bread(block 70) failed
[ 1135.504495][T24669] FAT-fs (loop0): Directory bread(block 71) failed
[ 1135.544802][T24669] FAT-fs (loop0): Directory bread(block 72) failed
[ 1135.551419][T24669] FAT-fs (loop0): Directory bread(block 73) failed
[ 1135.576956][T24675] team0: Port device syz_tun added
[ 1135.964495][T24685] loop3: detected capacity change from 0 to 256
[ 1135.981260][T24685] exfat: Deprecated parameter 'utf8'
[ 1136.026066][T24685] exfat: Deprecated parameter 'utf8'
[ 1136.101064][T24685] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1136.340744][T24673] loop1: detected capacity change from 0 to 32768
[ 1136.372977][T24673] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 scanned by syz.1.8079 (24673)
[ 1136.414808][T24695] overlay: Unknown parameter '\'
[ 1136.454760][T24673] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1136.477471][T24673] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[ 1136.500947][T24673] BTRFS info (device loop1): force zlib compression, level 3
[ 1136.525117][T24673] BTRFS info (device loop1): force clearing of disk cache
[ 1136.553217][T24673] BTRFS info (device loop1): turning off barriers
[ 1136.602691][T24673] BTRFS info (device loop1): doing ref verification
[ 1136.644191][T24673] BTRFS info (device loop1): enabling disk space caching
[ 1136.672602][T24673] BTRFS info (device loop1): disk space caching is enabled
[ 1136.869888][T24673] BTRFS info (device loop1): enabling ssd optimizations
[ 1136.887105][T24673] BTRFS info (device loop1): auto enabling async discard
[ 1136.927635][T24673] BTRFS info (device loop1): rebuilding free space tree
[ 1136.944720][T24721] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[ 1137.017511][T24673] BTRFS info (device loop1): disabling free space tree
[ 1137.034646][T24673] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1137.057426][T24673] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1137.329446][ T5851] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1138.598899][T24770] loop0: detected capacity change from 0 to 256
[ 1138.620871][T24771] netlink: 156 bytes leftover after parsing attributes in process `syz.2.8118'.
[ 1138.672314][T24770] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1139.287742][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[ 1139.294331][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[ 1139.991510][T24824] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8144'.
[ 1140.314831][T24837] loop3: detected capacity change from 0 to 512
[ 1140.392102][T24837] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1140.450824][T24837] ext4 filesystem being mounted at /2072/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1140.503019][T24843] netlink: 'syz.2.8153': attribute type 1 has an invalid length.
[ 1140.511107][T24843] netlink: 244 bytes leftover after parsing attributes in process `syz.2.8153'.
[ 1140.625936][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1140.726956][T24850] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8157'.
[ 1141.050668][T24862] loop2: detected capacity change from 0 to 2048
[ 1141.082220][T24862] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1141.130263][T24865] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1141.191322][T24862] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[ 1141.204802][T24862] NILFS error (device loop2): nilfs_bmap_last_key: broken bmap (inode number=16)
[ 1141.245653][T24862] Remounting filesystem read-only
[ 1141.257345][T24862] NILFS (loop2): error -5 truncating bmap (ino=16)
[ 1141.349857][ T5855] NILFS (loop2): discard dirty page: offset=4096, ino=6
[ 1141.358512][ T5855] NILFS (loop2): discard dirty block: blocknr=39, size=1024
[ 1141.366409][ T5855] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[ 1141.376242][ T5855] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[ 1141.406485][ T5855] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[ 1141.425781][ T5855] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer
[ 1141.576392][T24873] loop2: detected capacity change from 0 to 64
[ 1141.627387][T24857] loop3: detected capacity change from 0 to 32768
[ 1141.647963][T24857] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.8156 (24857)
[ 1141.722117][T24857] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1141.780156][T24857] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[ 1141.819205][T24857] BTRFS info (device loop3): force zlib compression, level 3
[ 1141.844295][T24857] BTRFS info (device loop3): force clearing of disk cache
[ 1141.867259][T24857] BTRFS info (device loop3): turning off barriers
[ 1141.888450][T24857] BTRFS info (device loop3): doing ref verification
[ 1141.909529][T24857] BTRFS info (device loop3): enabling disk space caching
[ 1141.918955][T24879] netlink: 'syz.2.8170': attribute type 3 has an invalid length.
[ 1141.944839][T24857] BTRFS info (device loop3): disk space caching is enabled
[ 1142.127162][T24857] BTRFS info (device loop3): enabling ssd optimizations
[ 1142.170941][T24857] BTRFS info (device loop3): auto enabling async discard
[ 1142.209299][T24857] BTRFS info (device loop3): rebuilding free space tree
[ 1142.285335][T24857] BTRFS info (device loop3): disabling free space tree
[ 1142.305882][T24857] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1142.336067][T24857] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1142.644767][ T5848] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1143.209516][T24901] loop2: detected capacity change from 0 to 32768
[ 1143.279106][T24913] netlink: 'syz.0.8179': attribute type 27 has an invalid length.
[ 1143.348726][T24903] loop1: detected capacity change from 0 to 32768
[ 1143.366179][T24901] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1143.394684][T24903] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.8174 (24903)
[ 1143.636860][T24903] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1143.662765][T24901] XFS (loop2): Ending clean mount
[ 1143.679320][T24903] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[ 1143.696178][T24903] BTRFS info (device loop1): enabling auto defrag
[ 1143.708996][T24903] BTRFS info (device loop1): setting nodatasum
[ 1143.715236][T24903] BTRFS info (device loop1): turning on flush-on-commit
[ 1143.776111][T24903] BTRFS info (device loop1): doing ref verification
[ 1143.782800][T24903] BTRFS info (device loop1): allowing degraded mounts
[ 1143.806791][   T28] kauditd_printk_skb: 23 callbacks suppressed
[ 1143.806807][   T28] audit: type=1326 audit(1759217844.597:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24927 comm="syz.3.8182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37c3b8eec9 code=0x7ffc0000
[ 1143.836046][T24903] BTRFS info (device loop1): force clearing of disk cache
[ 1143.869105][T24903] BTRFS info (device loop1): enabling ssd optimizations
[ 1143.876160][T24903] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8)
[ 1143.920919][   T28] audit: type=1326 audit(1759217844.651:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24927 comm="syz.3.8182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37c3b8eec9 code=0x7ffc0000
[ 1143.943765][T24903] BTRFS info (device loop1): use lzo compression, level 0
[ 1143.952119][T24903] BTRFS info (device loop1): using free space tree
[ 1143.959608][   T28] audit: type=1326 audit(1759217844.651:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24927 comm="syz.3.8182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f37c3b8eec9 code=0x7ffc0000
[ 1143.961907][ T5855] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1144.049710][   T28] audit: type=1326 audit(1759217844.651:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24927 comm="syz.3.8182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37c3b8eec9 code=0x7ffc0000
[ 1144.286727][T24903] BTRFS info (device loop1): auto enabling async discard
[ 1144.344411][T24903] BTRFS info (device loop1): rebuilding free space tree
[ 1144.373612][ T5910] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[ 1144.603362][ T5910] usb 1-1: Using ep0 maxpacket: 32
[ 1144.614633][ T5910] usb 1-1: config 0 has an invalid interface number: 119 but max is 0
[ 1144.629512][ T5851] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1144.640483][ T5910] usb 1-1: config 0 has no interface number 0
[ 1144.665829][ T5910] usb 1-1: New USB device found, idVendor=0458, idProduct=7003, bcdDevice=d9.19
[ 1144.677409][ T5910] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1144.685456][ T5910] usb 1-1: Product: syz
[ 1144.705728][ T5910] usb 1-1: Manufacturer: syz
[ 1144.713348][ T5910] usb 1-1: SerialNumber: syz
[ 1144.734915][ T5910] usb 1-1: config 0 descriptor??
[ 1144.755289][ T5910] gspca_main: sn9c2028-2.14.0 probing 0458:7003
[ 1145.117691][T24952] loop3: detected capacity change from 0 to 32768
[ 1145.173220][ T5910] gspca_sn9c2028: read1 error -71
[ 1145.188332][T24952] (syz.3.8187,24952,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1145.210694][ T5910] gspca_sn9c2028: read1 error -71
[ 1145.215873][ T5910] sn9c2028: probe of 1-1:0.119 failed with error -71
[ 1145.241673][T24952] (syz.3.8187,24952,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1145.259981][ T5910] usb 1-1: USB disconnect, device number 10
[ 1145.319333][T24952] JBD2: Ignoring recovery information on journal
[ 1145.468806][T24952] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[ 1145.617520][T24971] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1145.647264][T24971] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1146.024160][ T5848] ocfs2: Unmounting device (7,3) on (node local)
[ 1146.610156][T24997] loop1: detected capacity change from 0 to 64
[ 1146.638356][T24999] netlink: 44 bytes leftover after parsing attributes in process `syz.3.8208'.
[ 1147.771145][T25006] loop3: detected capacity change from 0 to 40427
[ 1147.804680][T25006] F2FS-fs (loop3): Unrecognized mount option "ÿÿÿÿ" or missing value
[ 1147.867058][T25006] F2FS-fs (loop3): invalid crc value
[ 1147.914978][T25006] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1148.186572][T25006] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1148.188814][T25048] loop2: detected capacity change from 0 to 512
[ 1148.285775][T25048] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1148.335979][T25048] ext4 filesystem being mounted at /1984/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1148.562325][ T5855] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1148.984441][T25072] loop1: detected capacity change from 0 to 1024
[ 1149.012425][T25072] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1149.115786][T25072] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1149.267641][T25072] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[ 1149.433487][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1149.877535][T25104] netlink: 'syz.0.8255': attribute type 40 has an invalid length.
[ 1150.069791][T25110] netlink: 'syz.2.8257': attribute type 27 has an invalid length.
[ 1150.368114][T25119] loop0: detected capacity change from 0 to 256
[ 1150.404671][T25119] exfat: Unknown parameter '0xffffffffffffffff'
[ 1150.667520][T25128] loop3: detected capacity change from 0 to 1024
[ 1150.736441][ T5937] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[ 1150.887650][   T11] hfsplus: b-tree write err: -5, ino 4
[ 1150.941244][ T5937] usb 1-1: Using ep0 maxpacket: 16
[ 1150.948674][ T5937] usb 1-1: config 0 has an invalid interface number: 64 but max is 0
[ 1150.986972][ T5937] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1151.013839][ T5937] usb 1-1: config 0 has no interface number 0
[ 1151.029100][ T5937] usb 1-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= 0.5b
[ 1151.061237][ T5937] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1151.079391][ T5937] usb 1-1: config 0 descriptor??
[ 1151.098310][ T5937] usb 1-1: Found UVC 0.00 device <unnamed> (0bd3:0555)
[ 1151.136522][ T5937] usb 1-1: No valid video chain found.
[ 1151.221934][T25143] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8276'.
[ 1151.274577][T25146] loop3: detected capacity change from 0 to 1024
[ 1151.292222][T25146] EXT4-fs: Ignoring removed bh option
[ 1151.312994][T25146] EXT4-fs: inline encryption not supported
[ 1151.337127][ T5937] usb 1-1: USB disconnect, device number 11
[ 1151.368477][T25146] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1151.423778][T25146] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000]
[ 1151.469453][T25146] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 2: comm syz.3.8277: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1151.497620][T25146] Quota error (device loop3): qtree_write_dquot: dquota write failed
[ 1151.516067][T25146] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 48: comm syz.3.8277: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1151.532473][T25146] Quota error (device loop3): v2_write_file_info: Can't write info structure
[ 1151.568049][T25146] EXT4-fs error (device loop3): ext4_acquire_dquot:6940: comm syz.3.8277: Failed to acquire dquot type 0
[ 1151.600460][T25146] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5902: Corrupt filesystem
[ 1151.635008][T25146] EXT4-fs error (device loop3): ext4_evict_inode:252: inode #11: comm syz.3.8277: mark_inode_dirty error
[ 1151.689798][T25146] EXT4-fs warning (device loop3): ext4_evict_inode:255: couldn't mark inode dirty (err -117)
[ 1151.705065][T25146] EXT4-fs (loop3): 1 orphan inode deleted
[ 1151.715517][T25146] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1151.730392][   T11] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:0: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1151.774975][   T11] Quota error (device loop3): remove_tree: Can't read quota data block 1
[ 1151.794954][   T11] EXT4-fs error (device loop3): ext4_release_dquot:6976: comm kworker/u4:0: Failed to release dquot type 0
[ 1151.860121][   T11] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 2: comm kworker/u4:0: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1151.906412][   T11] Quota error (device loop3): qtree_write_dquot: dquota write failed
[ 1151.912567][T25158] loop2: detected capacity change from 0 to 1024
[ 1151.932582][   T11] EXT4-fs error (device loop3): ext4_write_dquot:6920: comm kworker/u4:0: Failed to commit dquot type 0
[ 1151.945557][T25158] EXT4-fs: Ignoring removed bh option
[ 1151.975604][T25158] EXT4-fs: inline encryption not supported
[ 1151.996191][   T11] Quota error (device loop3): dquot_write_dquot: Can't write quota structure (error -117). Quota may get out of sync!
[ 1152.001497][T25158] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1152.034507][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1152.067989][T25158] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #3: block 2: comm syz.2.8282: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1152.091138][ T5848] EXT4-fs error (device loop3): __ext4_get_inode_loc:4483: comm syz-executor: Invalid inode table block 1 in block_group 0
[ 1152.113812][ T5848] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5902: Corrupt filesystem
[ 1152.124793][T25158] Quota error (device loop2): qtree_write_dquot: dquota write failed
[ 1152.132972][T25158] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #3: block 48: comm syz.2.8282: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1152.147543][ T5848] EXT4-fs error (device loop3): ext4_quota_off:7224: inode #3: comm syz-executor: mark_inode_dirty error
[ 1152.161615][T25158] Quota error (device loop2): v2_write_file_info: Can't write info structure
[ 1152.171877][T25158] EXT4-fs error (device loop2): ext4_acquire_dquot:6940: comm syz.2.8282: Failed to acquire dquot type 0
[ 1152.203467][T25158] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5902: Corrupt filesystem
[ 1152.217096][T25164] ip6t_srh: unknown srh invflags 7D00
[ 1152.245659][T25158] EXT4-fs error (device loop2): ext4_evict_inode:252: inode #11: comm syz.2.8282: mark_inode_dirty error
[ 1152.274382][T25158] EXT4-fs warning (device loop2): ext4_evict_inode:255: couldn't mark inode dirty (err -117)
[ 1152.315086][T25158] EXT4-fs (loop2): 1 orphan inode deleted
[ 1152.334412][   T59] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:5: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1152.354630][T25158] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1152.376620][T25149] loop1: detected capacity change from 0 to 32768
[ 1152.377140][T25167] netlink: 'syz.3.8284': attribute type 10 has an invalid length.
[ 1152.390716][   T59] Quota error (device loop2): remove_tree: Can't read quota data block 1
[ 1152.390916][   T59] EXT4-fs error (device loop2): ext4_release_dquot:6976: comm kworker/u4:5: Failed to release dquot type 0
[ 1152.408980][T25149] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.8278 (25149)
[ 1152.434502][T25158] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1152.449927][T25167] macvlan0: entered promiscuous mode
[ 1152.461438][T25158] EXT4-fs error (device loop2): __ext4_get_inode_loc:4483: comm syz.2.8282: Invalid inode table block 1 in block_group 0
[ 1152.461892][T25167] macvlan0: entered allmulticast mode
[ 1152.490621][T25149] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1152.507241][T25158] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5902: Corrupt filesystem
[ 1152.515481][T25149] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[ 1152.557759][T25158] EXT4-fs error (device loop2): ext4_quota_off:7224: inode #3: comm syz.2.8282: mark_inode_dirty error
[ 1152.562780][T25167] veth1_vlan: entered allmulticast mode
[ 1152.576305][T25149] BTRFS info (device loop1): using free space tree
[ 1152.594222][T25167] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[ 1152.836963][T25149] BTRFS info (device loop1): enabling ssd optimizations
[ 1152.844193][T25149] BTRFS info (device loop1): auto enabling async discard
[ 1152.963352][T25192] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8290'.
[ 1153.002240][T25192] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1153.181468][ T5851] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1153.258684][T25199] loop2: detected capacity change from 0 to 256
[ 1153.282576][T25200] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8295'.
[ 1153.522666][T25205] tmpfs: Bad value for 'mpol'
[ 1153.632284][ T6082] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 10 /dev/loop1 scanned by udevd (6082)
[ 1154.310372][T25227] netlink: 'syz.2.8307': attribute type 7 has an invalid length.
[ 1154.335340][T25231] netlink: 'syz.1.8309': attribute type 1 has an invalid length.
[ 1154.344774][T25227] netlink: 'syz.2.8307': attribute type 8 has an invalid length.
[ 1154.353418][T25231] netlink: 232 bytes leftover after parsing attributes in process `syz.1.8309'.
[ 1154.545607][T25235] tmpfs: Bad value for 'mpol'
[ 1154.782315][T25243] gre1: entered allmulticast mode
[ 1155.135823][T25256] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8322'.
[ 1155.163962][T25256] netlink: 540 bytes leftover after parsing attributes in process `syz.1.8322'.
[ 1155.178187][T25256] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8322'.
[ 1155.255590][T12463] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[ 1155.435326][T12463] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1155.456803][T12463] usb 1-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[ 1155.474556][T25267] loop1: detected capacity change from 0 to 512
[ 1155.479474][T12463] usb 1-1: New USB device strings: Mfr=32, Product=0, SerialNumber=9
[ 1155.502852][T12463] usb 1-1: Manufacturer: syz
[ 1155.522186][T12463] usb 1-1: SerialNumber: syz
[ 1155.528849][T25267] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1155.543046][T25267] ext4 filesystem being mounted at /2008/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1155.555741][T12463] usb 1-1: config 0 descriptor??
[ 1155.604712][T25267] EXT4-fs error (device loop1): ext4_empty_dir:3139: inode #12: comm syz.1.8326: Directory hole found for htree leaf block 0
[ 1155.641036][T25267] EXT4-fs (loop1): Remounting filesystem read-only
[ 1155.737158][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1155.758881][   T59] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1155.790539][T12463] usb 1-1: USB disconnect, device number 12
[ 1155.798824][   T59] Quota error (device loop1): write_blk: dquota write failed
[ 1155.823504][   T59] Quota error (device loop1): free_dqentry: Can't write quota data block 5
[ 1155.852507][   T59] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1156.094729][ T5913] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[ 1156.290157][ T5913] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[ 1156.318093][ T5913] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1156.326173][ T5913] usb 3-1: Product: syz
[ 1156.359785][ T5913] usb 3-1: Manufacturer: syz
[ 1156.366817][ T5913] usb 3-1: SerialNumber: syz
[ 1156.384370][ T5913] usb 3-1: config 0 descriptor??
[ 1156.626962][ T5913] hso 3-1:0.0: Failed to find INT IN ep
[ 1156.633148][ T5913] usb-storage 3-1:0.0: USB Mass Storage device detected
[ 1156.689953][T25308] tmpfs: Bad value for 'mpol'
[ 1156.849304][ T5937] usb 3-1: USB disconnect, device number 29
[ 1156.905833][T25318] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8349'.
[ 1157.521524][T12463] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 1157.706590][T12463] usb 4-1: Using ep0 maxpacket: 16
[ 1157.717156][T12463] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1157.732818][T25348] loop1: detected capacity change from 0 to 128
[ 1157.742478][T12463] usb 4-1: config 0 has no interface number 0
[ 1157.761726][T12463] usb 4-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88
[ 1157.779172][T25348] FAT-fs (loop1): Directory bread(block 414) failed
[ 1157.787861][T12463] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1157.802983][T25348] FAT-fs (loop1): Directory bread(block 415) failed
[ 1157.821754][T25348] FAT-fs (loop1): Directory bread(block 416) failed
[ 1157.832180][T12463] usb 4-1: Product: syz
[ 1157.836404][T12463] usb 4-1: Manufacturer: syz
[ 1157.841458][T25348] FAT-fs (loop1): Directory bread(block 417) failed
[ 1157.848415][T12463] usb 4-1: SerialNumber: syz
[ 1157.854358][T25348] FAT-fs (loop1): Directory bread(block 418) failed
[ 1157.875962][T12463] usb 4-1: config 0 descriptor??
[ 1157.896482][T25348] FAT-fs (loop1): Directory bread(block 419) failed
[ 1157.909559][T25348] FAT-fs (loop1): Directory bread(block 420) failed
[ 1157.917927][T25348] FAT-fs (loop1): Directory bread(block 421) failed
[ 1157.947451][T25348] FAT-fs (loop1): Directory bread(block 414) failed
[ 1157.955204][T25348] FAT-fs (loop1): Directory bread(block 415) failed
[ 1157.978588][T25348] syz.1.8364: attempt to access beyond end of device
[ 1157.978588][T25348] loop1: rw=3, sector=478, nr_sectors = 2 limit=128
[ 1157.997569][T25348] syz.1.8364: attempt to access beyond end of device
[ 1157.997569][T25348] loop1: rw=2051, sector=480, nr_sectors = 6 limit=128
[ 1158.077936][T12463] usb 4-1: selecting invalid altsetting 1
[ 1158.094159][T25354] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[ 1158.117621][T12463] speedtch 4-1:0.1: speedtch_bind: setting interface to  1 failed (-22)!
[ 1158.145525][T12463] speedtch 4-1:0.1: usbatm_usb_probe: bind failed: -22!
[ 1158.145584][T12463] speedtch: probe of 4-1:0.1 failed with error -22
[ 1158.149865][T12463] usb 4-1: USB disconnect, device number 9
[ 1158.410849][   T28] kauditd_printk_skb: 2 callbacks suppressed
[ 1158.410866][   T28] audit: type=1326 audit(1759217860.274:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25361 comm="syz.2.8371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7822f8eec9 code=0x7ffc0000
[ 1158.439262][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1158.473144][   T28] audit: type=1326 audit(1759217860.274:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25361 comm="syz.2.8371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7822f8eec9 code=0x7ffc0000
[ 1158.534029][   T28] audit: type=1326 audit(1759217860.296:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25361 comm="syz.2.8371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f7822f8eec9 code=0x7ffc0000
[ 1158.595492][   T28] audit: type=1326 audit(1759217860.296:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25361 comm="syz.2.8371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7822f8eec9 code=0x7ffc0000
[ 1158.663880][   T28] audit: type=1326 audit(1759217860.296:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25361 comm="syz.2.8371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7822f8eec9 code=0x7ffc0000
[ 1158.862886][T25377] netlink: 'syz.0.8379': attribute type 3 has an invalid length.
[ 1159.071529][T25386] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8381'.
[ 1160.006456][T25425] netlink: 'syz.1.8402': attribute type 29 has an invalid length.
[ 1160.018332][T25425] netlink: 'syz.1.8402': attribute type 29 has an invalid length.
[ 1160.021768][T25426] loop2: detected capacity change from 0 to 128
[ 1160.069144][T25426] sysv_free_block: flc_count > flc_size
[ 1160.101845][T25426] sysv_free_block: flc_count > flc_size
[ 1160.119849][T25426] sysv_free_block: flc_count > flc_size
[ 1160.125491][T25426] sysv_free_block: flc_count > flc_size
[ 1160.160154][T25426] sysv_free_block: flc_count > flc_size
[ 1160.165784][T25426] sysv_free_block: flc_count > flc_size
[ 1160.222403][T25426] sysv_free_block: flc_count > flc_size
[ 1160.246953][T25426] sysv_free_block: flc_count > flc_size
[ 1160.263088][T25426] sysv_free_block: flc_count > flc_size
[ 1160.297403][T25426] sysv_free_block: flc_count > flc_size
[ 1160.306302][T25426] sysv_free_inode: inode 0,1,2 or nonexistent inode
[ 1161.070491][T25461] loop1: detected capacity change from 0 to 256
[ 1161.113400][T25461] exfat: Deprecated parameter 'namecase'
[ 1161.171791][T25461] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[ 1161.522566][T25443] loop2: detected capacity change from 0 to 32768
[ 1161.568482][T25443] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.8409 (25443)
[ 1161.640933][T25443] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1161.685551][T25443] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[ 1161.718721][T25443] BTRFS info (device loop2): force zlib compression, level 3
[ 1161.741551][T25443] BTRFS info (device loop2): force clearing of disk cache
[ 1161.779279][T25443] BTRFS info (device loop2): disabling tree log
[ 1161.788312][T25443] BTRFS info (device loop2): enabling disk space caching
[ 1161.817670][T25443] BTRFS info (device loop2): disk space caching is enabled
[ 1162.059370][T25443] BTRFS info (device loop2): enabling ssd optimizations
[ 1162.066480][T25443] BTRFS info (device loop2): auto enabling async discard
[ 1162.197225][T25443] BTRFS info (device loop2: state M): force clearing of disk cache
[ 1162.218692][T25443] BTRFS info (device loop2: state M): rebuilding free space tree
[ 1162.337788][T25443] BTRFS info (device loop2: state M): disabling free space tree
[ 1162.358703][T25443] BTRFS info (device loop2: state M): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1162.389288][T25443] BTRFS info (device loop2: state M): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1162.594203][ T5855] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1163.287953][T25533] netlink: 32 bytes leftover after parsing attributes in process `syz.2.8439'.
[ 1163.360843][T25535] loop1: detected capacity change from 0 to 8
[ 1163.505916][T25539] netlink: 32 bytes leftover after parsing attributes in process `syz.2.8447'.
[ 1163.517984][T25537] loop0: detected capacity change from 0 to 2048
[ 1163.520462][T25539] netlink: 32 bytes leftover after parsing attributes in process `syz.2.8447'.
[ 1163.573335][T25537] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1163.637768][T25540] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1163.736985][T25537] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[ 1163.770100][T25537] NILFS error (device loop0): nilfs_bmap_last_key: broken bmap (inode number=16)
[ 1163.809774][T25537] Remounting filesystem read-only
[ 1163.831956][T25537] NILFS (loop0): error -5 truncating bmap (ino=16)
[ 1163.942679][ T5856] NILFS (loop0): discard dirty page: offset=4096, ino=6
[ 1163.949708][ T5856] NILFS (loop0): discard dirty block: blocknr=39, size=1024
[ 1163.969670][ T5856] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[ 1163.980806][ T5856] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[ 1164.004014][ T5856] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[ 1164.023884][ T5856] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer
[ 1164.531782][T25566] loop3: detected capacity change from 0 to 8
[ 1164.552244][T25567] loop0: detected capacity change from 0 to 512
[ 1164.595045][T25567] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1164.657297][T25567] EXT4-fs (loop0): 1 truncate cleaned up
[ 1164.664661][T25567] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1164.708615][T25542] loop1: detected capacity change from 0 to 32768
[ 1164.813310][ T5856] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1165.561848][T25598] loop2: detected capacity change from 0 to 128
[ 1165.611235][T25598] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[ 1165.775604][ T5855] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1166.287075][T25618] Cannot find del_set index 2 as target
[ 1166.555647][T25629] loop0: detected capacity change from 0 to 1024
[ 1166.641800][T25629] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[ 1166.717681][T25629] ext4 filesystem being mounted at /2211/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1166.934779][ T5856] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[ 1167.460024][T25638] loop2: detected capacity change from 0 to 32768
[ 1167.481567][T25652] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8497'.
[ 1167.502277][T25638] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.8491 (25638)
[ 1167.538786][T25638] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1167.572568][T25638] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[ 1167.613320][T25638] BTRFS info (device loop2): force zlib compression, level 3
[ 1167.650630][T25638] BTRFS info (device loop2): setting nodatasum
[ 1167.663861][T25638] BTRFS info (device loop2): max_inline at 0
[ 1167.688481][T25638] BTRFS info (device loop2): using free space tree
[ 1167.824334][T25638] BTRFS info (device loop2): auto enabling async discard
[ 1168.119893][ T5855] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1168.924898][T25708] loop1: detected capacity change from 0 to 1024
[ 1169.526231][T25726] loop0: detected capacity change from 0 to 16
[ 1169.571264][T25726] MTD: Attempt to mount non-MTD device "/dev/loop0"
[ 1170.099660][T25718] loop1: detected capacity change from 0 to 32768
[ 1170.167434][T25718] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[ 1170.260053][T25718] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[ 1170.552317][ T5851] ocfs2: Unmounting device (7,1) on (node local)
[ 1170.662607][T25748] loop2: detected capacity change from 0 to 16
[ 1170.722986][T25748] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1170.819765][T25743] loop0: detected capacity change from 0 to 32768
[ 1170.866709][T25743] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.8532 (25743)
[ 1170.921371][T25743] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1170.961763][T25756] loop2: detected capacity change from 0 to 16
[ 1170.973564][T25743] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[ 1171.008707][T25756] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1171.052096][T25743] BTRFS info (device loop0): force zlib compression, level 3
[ 1171.052129][T25743] BTRFS info (device loop0): force clearing of disk cache
[ 1171.052159][T25743] BTRFS info (device loop0): disabling tree log
[ 1171.052179][T25743] BTRFS info (device loop0): enabling disk space caching
[ 1171.052197][T25743] BTRFS info (device loop0): disk space caching is enabled
[ 1171.354086][T25743] BTRFS info (device loop0): enabling ssd optimizations
[ 1171.391696][T25743] BTRFS info (device loop0): auto enabling async discard
[ 1171.515536][T25743] BTRFS info (device loop0: state M): force clearing of disk cache
[ 1171.518039][   T23] usb 4-1: new full-speed USB device number 10 using dummy_hcd
[ 1171.524309][T25743] BTRFS info (device loop0: state M): rebuilding free space tree
[ 1171.566970][T25743] BTRFS info (device loop0: state M): disabling free space tree
[ 1171.578890][T25743] BTRFS info (device loop0: state M): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1171.630126][T25743] BTRFS info (device loop0: state M): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1171.742765][T25786] netlink: 'syz.2.8545': attribute type 21 has an invalid length.
[ 1171.751542][   T23] usb 4-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[ 1171.769639][   T23] usb 4-1: config 2 interface 0 has no altsetting 0
[ 1171.782601][T25786] netlink: 164 bytes leftover after parsing attributes in process `syz.2.8545'.
[ 1171.800085][ T5856] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1171.805064][   T23] usb 4-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b
[ 1171.843963][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1171.866764][   T23] usb 4-1: Product: syz
[ 1171.870999][   T23] usb 4-1: Manufacturer: syz
[ 1171.892275][   T23] usb 4-1: SerialNumber: syz
[ 1171.953151][   T23] usb 4-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state
[ 1171.980418][   T23] usb 4-1: selecting invalid altsetting 0
[ 1172.041347][   T23] usb 4-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter)
[ 1172.256023][ T5910] usb 4-1: USB disconnect, device number 10
[ 1173.827043][T25851] ==================================================================
[ 1173.835173][T25851] BUG: KASAN: slab-use-after-free in xfrm_alloc_spi+0x598/0x11f0
[ 1173.842942][T25851] Read of size 4 at addr ffff8880267b04a0 by task syz.3.8576/25851
[ 1173.850869][T25851] 
[ 1173.853229][T25851] CPU: 0 PID: 25851 Comm: syz.3.8576 Not tainted syzkaller #0
[ 1173.860723][T25851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1173.870803][T25851] Call Trace:
[ 1173.874363][T25851]  <TASK>
[ 1173.877303][T25851]  dump_stack_lvl+0x16c/0x230
[ 1173.882002][T25851]  ? __lock_acquire+0x7c80/0x7c80
[ 1173.887040][T25851]  ? show_regs_print_info+0x20/0x20
[ 1173.892267][T25851]  ? load_image+0x3b0/0x3b0
[ 1173.896786][T25851]  ? __virt_addr_valid+0x469/0x540
[ 1173.901925][T25851]  print_report+0xac/0x220
[ 1173.906816][T25851]  ? xfrm_alloc_spi+0x598/0x11f0
[ 1173.912031][T25851]  kasan_report+0x117/0x150
[ 1173.916555][T25851]  ? xfrm_alloc_spi+0x598/0x11f0
[ 1173.921546][T25851]  xfrm_alloc_spi+0x598/0x11f0
[ 1173.926352][T25851]  ? xfrm_alloc_spi+0x2a1/0x11f0
[ 1173.931314][T25851]  ? verify_spi_info+0x120/0x120
[ 1173.936890][T25851]  ? xfrm_find_acq+0x79/0x90
[ 1173.941602][T25851]  xfrm_alloc_userspi+0x5d1/0xa90
[ 1173.946641][T25851]  ? end_current_label_crit_section+0x170/0x170
[ 1173.952906][T25851]  ? apparmor_capable+0x137/0x1a0
[ 1173.957948][T25851]  ? xfrm_dump_policy_done+0x90/0x90
[ 1173.963251][T25851]  ? __nla_parse+0x40/0x50
[ 1173.967709][T25851]  xfrm_user_rcv_msg+0x596/0x870
[ 1173.972666][T25851]  ? lockdep_hardirqs_on+0x98/0x150
[ 1173.977914][T25851]  ? xfrm_netlink_rcv+0x90/0x90
[ 1173.982794][T25851]  ? __local_bh_enable_ip+0x12e/0x1c0
[ 1173.988188][T25851]  ? __dev_queue_xmit+0x245/0x35a0
[ 1173.993317][T25851]  ? __mutex_trylock_common+0x153/0x250
[ 1173.998913][T25851]  netlink_rcv_skb+0x216/0x480
[ 1174.003746][T25851]  ? xfrm_netlink_rcv+0x90/0x90
[ 1174.008656][T25851]  ? netlink_ack+0x1110/0x1110
[ 1174.013472][T25851]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1174.018785][T25851]  ? __lock_acquire+0x7c80/0x7c80
[ 1174.023849][T25851]  xfrm_netlink_rcv+0x79/0x90
[ 1174.028661][T25851]  netlink_unicast+0x751/0x8d0
[ 1174.033481][T25851]  netlink_sendmsg+0x8c1/0xbe0
[ 1174.038362][T25851]  ? netlink_getsockopt+0x580/0x580
[ 1174.043583][T25851]  ? aa_sock_msg_perm+0x94/0x150
[ 1174.048634][T25851]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1174.053942][T25851]  ? security_socket_sendmsg+0x80/0xa0
[ 1174.059410][T25851]  ? netlink_getsockopt+0x580/0x580
[ 1174.064636][T25851]  ____sys_sendmsg+0x5bf/0x950
[ 1174.069523][T25851]  ? __asan_memset+0x22/0x40
[ 1174.074137][T25851]  ? __sys_sendmsg_sock+0x30/0x30
[ 1174.079184][T25851]  ? __import_iovec+0x5f2/0x860
[ 1174.084064][T25851]  ? import_iovec+0x73/0xa0
[ 1174.088593][T25851]  ___sys_sendmsg+0x220/0x290
[ 1174.093295][T25851]  ? __sys_sendmsg+0x270/0x270
[ 1174.098104][T25851]  __se_sys_sendmsg+0x1a5/0x270
[ 1174.102982][T25851]  ? __x64_sys_sendmsg+0x80/0x80
[ 1174.108035][T25851]  ? lockdep_hardirqs_on+0x98/0x150
[ 1174.113260][T25851]  do_syscall_64+0x55/0xb0
[ 1174.117711][T25851]  ? clear_bhb_loop+0x40/0x90
[ 1174.122408][T25851]  ? clear_bhb_loop+0x40/0x90
[ 1174.127111][T25851]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1174.133053][T25851] RIP: 0033:0x7f37c3b8eec9
[ 1174.137507][T25851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1174.157314][T25851] RSP: 002b:00007f37c1df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1174.165840][T25851] RAX: ffffffffffffffda RBX: 00007f37c3de5fa0 RCX: 00007f37c3b8eec9
[ 1174.173827][T25851] RDX: 0000000004000080 RSI: 0000200000000540 RDI: 0000000000000003
[ 1174.181811][T25851] RBP: 00007f37c3c11f91 R08: 0000000000000000 R09: 0000000000000000
[ 1174.189800][T25851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1174.197787][T25851] R13: 00007f37c3de6038 R14: 00007f37c3de5fa0 R15: 00007fff3b897d88
[ 1174.205783][T25851]  </TASK>
[ 1174.208811][T25851] 
[ 1174.211157][T25851] Allocated by task 24164:
[ 1174.215603][T25851]  kasan_set_track+0x4e/0x70
[ 1174.220210][T25851]  __kasan_slab_alloc+0x6c/0x80
[ 1174.225078][T25851]  slab_post_alloc_hook+0x6e/0x4d0
[ 1174.230323][T25851]  kmem_cache_alloc+0x11e/0x2e0
[ 1174.235194][T25851]  xfrm_state_alloc+0x22/0x2a0
[ 1174.239970][T25851]  __find_acq_core+0x7d8/0x19d0
[ 1174.244832][T25851]  xfrm_find_acq+0x6a/0x90
[ 1174.249312][T25851]  xfrm_alloc_userspi+0x57a/0xa90
[ 1174.254346][T25851]  xfrm_user_rcv_msg+0x596/0x870
[ 1174.259331][T25851]  netlink_rcv_skb+0x216/0x480
[ 1174.264105][T25851]  xfrm_netlink_rcv+0x79/0x90
[ 1174.268788][T25851]  netlink_unicast+0x751/0x8d0
[ 1174.273907][T25851]  netlink_sendmsg+0x8c1/0xbe0
[ 1174.278690][T25851]  ____sys_sendmsg+0x5bf/0x950
[ 1174.283478][T25851]  ___sys_sendmsg+0x220/0x290
[ 1174.288210][T25851]  __se_sys_sendmsg+0x1a5/0x270
[ 1174.293104][T25851]  do_syscall_64+0x55/0xb0
[ 1174.297715][T25851]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1174.303632][T25851] 
[ 1174.305964][T25851] The buggy address belongs to the object at ffff8880267b0400
[ 1174.305964][T25851]  which belongs to the cache xfrm_state of size 848
[ 1174.319946][T25851] The buggy address is located 160 bytes inside of
[ 1174.319946][T25851]  freed 848-byte region [ffff8880267b0400, ffff8880267b0750)
[ 1174.333762][T25851] 
[ 1174.336113][T25851] The buggy address belongs to the physical page:
[ 1174.342548][T25851] page:ffffea000099ec00 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880267b0400 pfn:0x267b0
[ 1174.354016][T25851] head:ffffea000099ec00 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1174.362952][T25851] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1174.370940][T25851] page_type: 0xffffffff()
[ 1174.375287][T25851] raw: 00fff00000000840 ffff88814068ca00 dead000000000122 0000000000000000
[ 1174.383886][T25851] raw: ffff8880267b0400 000000008010000e 00000001ffffffff 0000000000000000
[ 1174.392477][T25851] page dumped because: kasan: bad access detected
[ 1174.398898][T25851] page_owner tracks the page as allocated
[ 1174.404617][T25851] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 23277, tgid 23276 (syz.0.7481), ts 1087117950030, free_ts 1085344114441
[ 1174.425668][T25851]  post_alloc_hook+0x1cd/0x210
[ 1174.430467][T25851]  get_page_from_freelist+0x195c/0x19f0
[ 1174.436053][T25851]  __alloc_pages+0x1e3/0x460
[ 1174.440689][T25851]  alloc_slab_page+0x5d/0x170
[ 1174.445402][T25851]  new_slab+0x87/0x2e0
[ 1174.449517][T25851]  ___slab_alloc+0xc6d/0x1300
[ 1174.454241][T25851]  kmem_cache_alloc+0x1b7/0x2e0
[ 1174.459128][T25851]  xfrm_state_alloc+0x22/0x2a0
[ 1174.463903][T25851]  __find_acq_core+0x7d8/0x19d0
[ 1174.468792][T25851]  xfrm_find_acq+0x6a/0x90
[ 1174.473223][T25851]  xfrm_alloc_userspi+0x57a/0xa90
[ 1174.478441][T25851]  xfrm_user_rcv_msg+0x596/0x870
[ 1174.483387][T25851]  netlink_rcv_skb+0x216/0x480
[ 1174.488166][T25851]  xfrm_netlink_rcv+0x79/0x90
[ 1174.492852][T25851]  netlink_unicast+0x751/0x8d0
[ 1174.497635][T25851]  netlink_sendmsg+0x8c1/0xbe0
[ 1174.502425][T25851] page last free stack trace:
[ 1174.507102][T25851]  free_unref_page_prepare+0x7ce/0x8e0
[ 1174.512602][T25851]  free_unref_page+0x32/0x2e0
[ 1174.517299][T25851]  free_large_kmalloc+0x101/0x1a0
[ 1174.522345][T25851]  bpf_check+0x62c6/0xe970
[ 1174.526777][T25851]  bpf_prog_load+0x11cb/0x16d0
[ 1174.531576][T25851]  __sys_bpf+0x55a/0x800
[ 1174.535828][T25851]  __x64_sys_bpf+0x7c/0x90
[ 1174.540264][T25851]  do_syscall_64+0x55/0xb0
[ 1174.544693][T25851]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1174.550605][T25851] 
[ 1174.552933][T25851] Memory state around the buggy address:
[ 1174.558572][T25851]  ffff8880267b0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1174.566736][T25851]  ffff8880267b0400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1174.574808][T25851] >ffff8880267b0480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1174.582871][T25851]                                ^
[ 1174.587985][T25851]  ffff8880267b0500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1174.596067][T25851]  ffff8880267b0580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1174.604147][T25851] ==================================================================
[ 1174.612434][T25851] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1174.619661][T25851] CPU: 0 PID: 25851 Comm: syz.3.8576 Not tainted syzkaller #0
[ 1174.627151][T25851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1174.637504][T25851] Call Trace:
[ 1174.640827][T25851]  <TASK>
[ 1174.643789][T25851]  dump_stack_lvl+0x16c/0x230
[ 1174.648600][T25851]  ? show_regs_print_info+0x20/0x20
[ 1174.653840][T25851]  ? load_image+0x3b0/0x3b0
[ 1174.658400][T25851]  panic+0x2c0/0x710
[ 1174.662351][T25851]  ? bpf_jit_dump+0xd0/0xd0
[ 1174.666894][T25851]  ? _raw_spin_unlock_irqrestore+0xa9/0x110
[ 1174.672818][T25851]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 1174.678740][T25851]  ? _raw_spin_unlock+0x40/0x40
[ 1174.683628][T25851]  ? print_memory_metadata+0x314/0x400
[ 1174.689131][T25851]  ? xfrm_alloc_spi+0x598/0x11f0
[ 1174.694174][T25851]  check_panic_on_warn+0x84/0xa0
[ 1174.699157][T25851]  ? xfrm_alloc_spi+0x598/0x11f0
[ 1174.704138][T25851]  end_report+0x6f/0x140
[ 1174.708463][T25851]  kasan_report+0x128/0x150
[ 1174.713009][T25851]  ? xfrm_alloc_spi+0x598/0x11f0
[ 1174.717994][T25851]  xfrm_alloc_spi+0x598/0x11f0
[ 1174.722806][T25851]  ? xfrm_alloc_spi+0x2a1/0x11f0
[ 1174.727766][T25851]  ? verify_spi_info+0x120/0x120
[ 1174.732727][T25851]  ? xfrm_find_acq+0x79/0x90
[ 1174.737341][T25851]  xfrm_alloc_userspi+0x5d1/0xa90
[ 1174.742382][T25851]  ? end_current_label_crit_section+0x170/0x170
[ 1174.748641][T25851]  ? apparmor_capable+0x137/0x1a0
[ 1174.753681][T25851]  ? xfrm_dump_policy_done+0x90/0x90
[ 1174.758992][T25851]  ? __nla_parse+0x40/0x50
[ 1174.763432][T25851]  xfrm_user_rcv_msg+0x596/0x870
[ 1174.768387][T25851]  ? lockdep_hardirqs_on+0x98/0x150
[ 1174.773604][T25851]  ? xfrm_netlink_rcv+0x90/0x90
[ 1174.778459][T25851]  ? __local_bh_enable_ip+0x12e/0x1c0
[ 1174.783859][T25851]  ? __dev_queue_xmit+0x245/0x35a0
[ 1174.788991][T25851]  ? __mutex_trylock_common+0x153/0x250
[ 1174.794569][T25851]  netlink_rcv_skb+0x216/0x480
[ 1174.799354][T25851]  ? xfrm_netlink_rcv+0x90/0x90
[ 1174.804218][T25851]  ? netlink_ack+0x1110/0x1110
[ 1174.809001][T25851]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1174.814301][T25851]  ? __lock_acquire+0x7c80/0x7c80
[ 1174.819345][T25851]  xfrm_netlink_rcv+0x79/0x90
[ 1174.824062][T25851]  netlink_unicast+0x751/0x8d0
[ 1174.828869][T25851]  netlink_sendmsg+0x8c1/0xbe0
[ 1174.833664][T25851]  ? netlink_getsockopt+0x580/0x580
[ 1174.838876][T25851]  ? aa_sock_msg_perm+0x94/0x150
[ 1174.843829][T25851]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1174.849133][T25851]  ? security_socket_sendmsg+0x80/0xa0
[ 1174.854610][T25851]  ? netlink_getsockopt+0x580/0x580
[ 1174.859821][T25851]  ____sys_sendmsg+0x5bf/0x950
[ 1174.864620][T25851]  ? __asan_memset+0x22/0x40
[ 1174.869225][T25851]  ? __sys_sendmsg_sock+0x30/0x30
[ 1174.874296][T25851]  ? __import_iovec+0x5f2/0x860
[ 1174.879181][T25851]  ? import_iovec+0x73/0xa0
[ 1174.883720][T25851]  ___sys_sendmsg+0x220/0x290
[ 1174.888421][T25851]  ? __sys_sendmsg+0x270/0x270
[ 1174.893357][T25851]  __se_sys_sendmsg+0x1a5/0x270
[ 1174.898267][T25851]  ? __x64_sys_sendmsg+0x80/0x80
[ 1174.903269][T25851]  ? lockdep_hardirqs_on+0x98/0x150
[ 1174.908498][T25851]  do_syscall_64+0x55/0xb0
[ 1174.912933][T25851]  ? clear_bhb_loop+0x40/0x90
[ 1174.917620][T25851]  ? clear_bhb_loop+0x40/0x90
[ 1174.922313][T25851]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1174.928229][T25851] RIP: 0033:0x7f37c3b8eec9
[ 1174.932655][T25851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1174.952276][T25851] RSP: 002b:00007f37c1df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1174.960701][T25851] RAX: ffffffffffffffda RBX: 00007f37c3de5fa0 RCX: 00007f37c3b8eec9
[ 1174.968686][T25851] RDX: 0000000004000080 RSI: 0000200000000540 RDI: 0000000000000003
[ 1174.976674][T25851] RBP: 00007f37c3c11f91 R08: 0000000000000000 R09: 0000000000000000
[ 1174.984659][T25851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1174.992674][T25851] R13: 00007f37c3de6038 R14: 00007f37c3de5fa0 R15: 00007fff3b897d88
[ 1175.000673][T25851]  </TASK>
[ 1175.004232][T25851] Kernel Offset: disabled
[ 1175.008563][T25851] Rebooting in 86400 seconds..