last executing test programs: 14.088650563s ago: executing program 0 (id=1183): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) process_madvise(r1, &(0x7f0000001a40)=[{&(0x7f0000000240)='[', 0x1}], 0x1, 0x17, 0x0) 13.500273383s ago: executing program 0 (id=1188): r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000500), 0x8, 0x0) r1 = syz_io_uring_setup(0x2, &(0x7f0000000580)={0x0, 0x8b2, 0x13500, 0x0, 0x304}, &(0x7f0000000240), &(0x7f0000001880), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r1, 0x21, &(0x7f0000000440)=r0, 0x1) 12.373616181s ago: executing program 0 (id=1193): syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000000)={[{@rodir}, {@shortname_winnt}, {@uni_xlateno}, {@fat=@sys_immutable}, {@uni_xlate}, {@fat=@uid}, {@utf8}, {@uni_xlateno}, {@shortname_winnt}, {@utf8}, {@shortname_win95}, {@uni_xlate}, {@shortname_lower}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'koi8-u'}}]}, 0x1, 0x33f, &(0x7f0000000340)="$eJzs3U9oHGUUAPC3nSSbBmr2IBQ9rd4EKU3Eg54SSoViDlpZ/Hdxsal/smshiwvxkO1eFI+KF0FP3nrQY8/iQcSbB69WkKp4sbdCxZHdmezO/kmaQjdV+/sdwuN939t538ywOwnJl9fWYuvCfFy8ceN6LC6WYm7tzFrcLEUljkUSmcsBAPyf3EzT+DPN3H72x0t70cKM+wIAZqf/+f/GiWGifC+7AQCOwkHf/xceBZ6bWnxppq0BADMy8fn/6Mjw2I/55wa/EwAA/He98PIrz65vRJyvVhcjmh+0a+1aPD0cX78Yb0UjNuN0LMdfEdmDQva00Pv6zLmNs6erPb9WotaraNcimp12LXtSWE/69eVYieWo5PXpoD7p1a/066sRcbnTP340S+3afCzlx/9pKTZjNZbjwYn6iHMbZ1er+QvUmnv1nYhuLO4totf/qViOH16PS9GIC9GrHfa/u1Ktnkk3RurbV8r9eQAAAAAAAAAAAAAAAAAAAAAAMAunqgOVwf43abPTfv/8+ITKyP44tWw43x+om+0PlJb3duf5MBnfH2h0f552bS6O3dOVAwAAAAAAAAAAAAAAAAAAwL9Ha2ch6o3G5nZr572tYtApZN757stvjsf4nLeTYSbmspcbmZPnolCVxKA8HZSnycicPEgihpOvXB10XJxTHqxiorwXlCeGSnlP9UbjxCO/fDat6u9hJomJ0zIalPLjF4aaD2SpA6r2D1ZvM+damqb7le9+OlkVpYi5iQt3N4Jvr7/50BOtk0/2M1/nmz489vjyi9c++eL3rXoj8lPTaCxst0oHX6aDgqRw/5Ty81yacidMD7rDTHe7tVNPfvzjpYc/+n5scjK9sbSYeXf/Y301nlnIgl6bh1np/JSbf3rw6q3B3XvnF+7k52v1q7s//3bYqsKbxPhGHYsLd+fNBwAAAAAAAAAAAAAAAAAAGFH4W/E78NTzs+sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI7e8P//F4LuROYwwa1OTA6VN7db+x78+JEuFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA+9g/AQAA//+5LXSM") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x80000, 0x0) getdents64(r0, &(0x7f0000000080)=""/4096, 0x1000) 11.363705373s ago: executing program 1 (id=1196): prctl$PR_CAPBSET_DROP(0x18, 0x0) capset(&(0x7f00000020c0)={0x19980330}, &(0x7f0000002100)={0x0, 0x3, 0xf4, 0x10, 0x80, 0x7}) capset(&(0x7f00000021c0)={0x20071026}, &(0x7f0000002200)={0x1, 0x9, 0x81, 0xf, 0x52d, 0x8000}) 10.621227293s ago: executing program 1 (id=1199): r0 = syz_open_dev$media(&(0x7f00000000c0), 0x103, 0x0) ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, &(0x7f0000000080)=0xffffffffffffffff) ioctl$MEDIA_REQUEST_IOC_QUEUE(r1, 0x7c80, 0x0) 9.81919184s ago: executing program 1 (id=1203): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/fscaps', 0x80100, 0x0) fsetxattr$security_capability(r0, &(0x7f0000000000), 0x0, 0x0, 0x1) fgetxattr(r0, &(0x7f0000000000)=ANY=[], 0x0, 0x3) 9.241915128s ago: executing program 0 (id=1204): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]}) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f00000000c0)={0x0, 0x0, r1}) 9.184667998s ago: executing program 4 (id=1205): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900038073797a3200000000140000001100014707"], 0x7c}, 0x1, 0x0, 0x0, 0x25}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x6000000, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0) 8.891127435s ago: executing program 1 (id=1207): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x160b, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @reject={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}, 0x1, 0x0, 0x0, 0x850}, 0x4040080) 8.61427475s ago: executing program 2 (id=1208): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x81, 0x20, 0x9, 0x0, 0x1}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000840)={{r0}, &(0x7f00000007c0), &(0x7f0000000800)}, 0x20) bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x5, r0}, 0x38) 8.269623917s ago: executing program 0 (id=1209): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x33c, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000080)={0x0, 0x8, 0x2, {0x2, @sliced={0x0, [0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}}}) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000440)=@userptr={0x0, 0x2, 0x4, 0x408, 0x3, {}, {0x0, 0x1, 0x0, 0x0, 0xff, 0x14, "c4363c16"}, 0x1, 0x2, {0x0}, 0x7000000}) 7.880641959s ago: executing program 1 (id=1210): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x800, &(0x7f00000017c0)={[{@iocharset={'iocharset', 0x3d, 'macgreek'}}, {@umask={'umask', 0x3d, 0x4}}, {@namecase}, {@namecase}, {@fmask={'fmask', 0x3d, 0x8}}, {@discard}, {@keep_last_dots}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@allow_utime={'allow_utime', 0x3d, 0x3}}, {@errors_continue}]}, 0x1, 0x1528, &(0x7f0000000280)="$eJzs3AuYT9X6OPD3XWvtMSS+TXIZ1lrv5ptclkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqz/M+FxOnX+p/M7/XKe37yf59mP9X73ftd+9/f9XvbeZubbrkNrNaldvRERwX8EL/yTBACxADAQAPICQAAA5ePKx2Wtzykx6T/bCftzPZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/D9/+yMv///D8ksM/bLNWWu6wYQ80dTuP/ZG/f//6zgj2zE/c/euP/ZVeyVLoD9F+D3f3aQ45+u4f5nb9x/xrKzK33/+UovEPkvew6O5LzQmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AaX+ZAoBL4ytdF2OMMcYYY4wxxv48PseVroAxxhhjjDHGGGP/+xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGUiAG6Es3ATl4GYoD7dABbgVKkIlqAxV4DaoCrdDNbgDqsOdUANqQi2oDXdBHbgb6sI9UA/uhfpwHzSA+6EhPACN4EFoDA9BE3gYmsIj0AyaQwtoCa3+R/nPQ094AXpBb0iCPtAXXoR+0B8GwEswEF6GQfAKDIZXIRmGwFB4DYbB6zAc3oARMBJGwZswGt6CMTAWxsF4SIEJMBHehknwDkyGd2EKTIVUmAbT4T2YATNhFrwPs+EDmANzYR7MhzT4EBbAQkiHj2ARfAwZsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAI74VPYBbthD3wGe+HzfzP/1D/kd0NAQIECFSqMwRiMxVjMhbkwN+bGPJgHIxjBOIzDfJgP82N+LIgFMR7jsQgWQYMGCQmLYlGMYhSLY3EsgSWwFJZChw4TMAHL4k1YDstheSyPFbACVsRKWAmrYBWsilWxGlbD6lgda2ANrIW18C68C/tgXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yD7bAdtsf22AE7YCImYkfsiJ2wE3bGztgFu2BX7IrdsDt2z3w+B+AL+AL2xhqiD/bFvtgPk3MMwJfwJXwZB+Er+Aq+isk4BIfia/gavo7D8SSOwJE4CkdhVfEWjsGxSGI8pmAKTsSJOAknYVah7+JUTMVpOB2n4wyciTPxfZyNH+AHOBfn4nxMwzRcgAsxHdNxEZ7CDFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9BBYCf4m7cjcm4F/fiPtyH+3E/HsADmImZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/DZ+K8bf1JydTKILEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEPpFP5Bf5RUFRUMSLeFFEFBFGGEEijAEAERVRUVwUFyVECVFKlBJOOJEgEkRZUVaUE+VEeXGLqCBuFRVFJdHWVRFVRFXRzlUTd4jqorqoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqI+0VD0QcH4IMiqzNNxBBsKoZiM9FcyIufYK3FcGwj2op24nExEkdgB9HaJYqnREcxBjuJv4mx+IzoIsZjV/Gc6Ca6ix7iedFTtHG9RG8xGfuIvmIq9hP9xQDxkpiBNcX7ODtnLfGqSBZDxFDxmpiPr4vh4g0xQowUo8SbYrR4S4wRY8U4MV6kiAlionhbTBLviMniXTFFTBWpYpqYLt4TM8RMMUu8L2aLD8QcMVfME/NFmvhQLBALRbr4SCwSH4sMsVgsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQn4id4lOxS+wWe8RnYq/4XOwTX4j94ktxQHwlMsXX4qD4RhwS34rD4jtxRHwvjopj4rj4QZwQP4qT4pQ4Lc6Is+IncU78LM4LL0CiFFJKJQMZI3PIWJlT5pJXydwyuPjsXiPj5LUyn7xO5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyellc3iBLyJKylCwtnSwjE+SNsqy8SZaTN8vy8hZZQd4qK8pKsrKsIm+TVeXtEiIX9lFD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6iy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeW/zH/7d/IH/7L3jXKT3Cy3yK1ym9wud8hP5E65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbKTHlQHpSH5CF5WB6WR+QReVQek2fkD/KE/FGelKfkKXlGnpVn5bmLzwEoVEJJpVSgYlQOFatyqlzqKpVbXa3yqLwqoq5RcepalU9dp/KrAqqgKqTiVWFVRGlllFWkQlVUFVNRdT1efMGoUqq0cqqMSlA3/jv5qri6QZVQJX+Vf6m+pH9SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC42PRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ329G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di96U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc6qKd1+ZBfZj22GDWCJXWqX2eV2hV15qVaf1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzjr+A7b7+wR+709ao/Z4/YHe8L+qC5lZx37D/Zne956C4QEJElRQDGUg2IpJ+Wiqyg3XU15KC9F6BqKo2spH11H+akAFaRCFE+FqQhpMmSJKKSiVIyidD1dKq8UlSZHZSiBbqSydBOVo5upPN1CFehWqkiVqDJVoduoKt1O1egOqk53Ug2qSbWoNt1Fdehuqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDNqTi2oJbWiR6k1PUZtqC21o8epPT1BHehJSqSnqCM9TZ3ob9SZnqEu9Cx1peeoG3WnHvQ89aQXqBf1piTqQ33pRepH/WkAvUQD6WUaRK/QYHqVkmkIDaXXaBi9TsPpDRpBI2kUvUmj6S0aQ2NpHI2nFJpAE+ltmkTv0GR6l6bQVEqlaTSd3qMZNJNm0fs0mz6gOTSX5tF8SqMPaQEtpHT6iBbRx5RBi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQJ7STPqVdtJv20Ge0lz6nffQF7acv6QB9RZn0NR2kb+gQfUuH6Tvfm76no3SMjtMPdIJ+pJN0ik7TGTpLP9E5+pnOkycIMRShDFUYhDFhjjA2zBnmCq8Kc4dXh3nCvGEkvCaMC68N84XXhfnDAmHBsFAYHxYOi4Q6NKENKQzDomGxMBpeHxYPbwhLhCXDUmHp0IVlwoTwxrBseFNYLrw5LB/eElYIbw0rhpXCh++tEt4WVg1vD6uFd4TVwzvDGmHNsFZYO7wrrBPeHdYN7wnrhfeG5cL7wgbh/WHD8IGwUfhg2Dh8KGwSPhw2DR8Jm4XNwxZhy7BV+GjYOnwsbBO2DduFj4ftwyfCDuGTYWL4VNgxfPqX9fct/Ofrk8I+Yd/wxfDF0Pt75Lzo/Gha9MPogujCaHr0o+ii6MfRjOji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iboxqj3tXOAQyecdMoFLsblcLEup8vlrnK53dUuj8vrIu4aF+eudfncdS6/K+AKukIu3hV2RZx2xllHLnRFXTEXdde74u4GV8KVdKVcaedcGZfgWrpWrpVr7R5zbVxb18497h53T7gn3JPuSfeU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ15YS9z3Bw3z81zaS7NLXBZ54zpbpFb5DJchlvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vl816Y1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5Mi7kSmRqZHUyLTI9Mh7kRmRmZFZkfcjsyMfROZE5kbmReZH0iIfRhZEFkbSIx9FFkU+jmREFkeWRJZGlkWWR7wvvCX0RX0xH/XX++L+Bl/Cl/SlfGnvfBmf4G/0Zf1Nvpy/2Zf3t/gK/lZf0Vfylf0jvplv7lv4lr6Vf9S39o/5Nr6tb+cf9+39E76Df9In+qd8R/+07+T/5jv7Z3wX/6zv6p/z3Xx338M/73v6F3wv39sn+T6+r3/R9/P9/QD/kh/oX/aD/Ct+sH/VJ/shfqh/zQ/zr/vh/g0/wo/0o2Le9KMvXSLDeJ/iJ/iJ/m0/yb/jJ/t3/RQ/1af6aX66f8/P8DP9LP++n+0/8HP8XD/Pz/dp/kO/wC/06f4jv8h/7DP84ks3lf0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dv+J3+k/9bv8br/Hf+b3+s/9Pv+F3++/9Af8Vz7Tf+0P+m/8If+tP+y/80f89/6oP+aP+x/8Cf+jP+lP+dP+jD/rf/Ln/M/+PP/OGmOMMcbYHzLh8lD8es2F2/l9fidH/N3GfQHg6q2FMv9+fdYZ5br8F8b9RXz7CAA81bvrg5eWGjWSkpIubpshISg2F+DS/wRliYHL8WJoB09AIrSFsr9bf3/R/Sz9i/mjtwDk+rucWLgcX57/CwBM+p35H3181IIK4em4/8/8cwFKFLuckxMux4uh3S/3V9pCuX9Sf4HW/6L+nF+mALT5u5zccDm+XH8CPAZPQ+KvtmSMMcYYY4wxxi7oLyp3vnT9eeknPn/v+jxeXc7JAZfjf3V9zhhjjDHGGGOMsSvvme49nnw0MbFt539/UO1/lPWHB03hf2tmHvzuwHuAS48oAPgPJwTIGsi/8ig2/yX7Sr741vnHVcvO+AD+O1r5Zwyu8AcTY4wxxhhj7E93+aT/14+rK1UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf0Vf07sSh8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9vwAAAP//kfb+pw==") mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) 7.68042864s ago: executing program 4 (id=1212): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8709, &(0x7f00000000c0)={[{@abort}, {@noinit_itable}, {@stripe}, {@errors_remount}, {@journal_dev, 0x0}, {@jqfmt_vfsold}, {@nojournal_checksum}, {@journal_checksum}, {@grpjquota}, {@resgid}, {@bsdgroups}, {@grpjquota_path={'grpjquota', 0x3d, './file0'}}, {@oldalloc}, {@jqfmt_vfsv1}, {@init_itable}, {@noquota}, {@dax_always}], [{@obj_role={'obj_role', 0x3d, 'q\xd2\xf1\x86\x02\xe0E(\xf8N\xab\x03xuq\xddx\xc1\xff\xacp\x7f\xf4\xa8\xed\xb5\xa9\xb6\xdb\x1b\xce\xdd\'\x03~6\xcb&3\x13h\x97\xcb[Ay\x95I\xf2\xdf\xdd\xff\xff\xff\xff\xff\xff\xff\xff\x1fK0\tJ\x00\x98J\x80\x16I5n}\x18\'PN\xdb\t\xfc\xd6\x0f\xad\x17\xe0\xc7\xee+\xb2\x18\x02\x00\x00\x00\x00\x00\x00\x00\xa3'}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}], 0x2c}, 0x1, 0x50a, &(0x7f0000000e40)="$eJzs3E1vVFUfAPD/nU4pfaBP+/C88vLIKBqJRkrL68IFEE3YmGg0Bpe1LQQpYGhNgDRSjIHEhYZP4MvOxE/gRt0YNS40biFujQkx3YAuzDV35k6Z9nbaYeyLpb9fMtNz7j137vnfe0/nnHtmJoB1q5I9JRGbI+JmRPTWsrMLVGp/7k5PDv86PTmcRJq++EtSLXdnenK4XrS+3aZapvrSpbeT2F7cbdf4pctnhsbGRi/kC/onSnnq7NCp0VOj5wYPH96/r/vQwcEDczbtbCvOrE53tr15fsfW46/ceG74xI1Xv/4kq2+ar2+Mo6av+ryh5T10FJZUojL7WDZ4rPWqrwk9DemknD2XVq8ytCy7ast5q7oZvdFRzdX0xrNvrWrlgGWVpmnaVVg68142lTZKktoGaXo1BR4ASax2DYDVUX+jvzOdjVQnh4vj4Afb7aNRHQFlcd/NH7U15eoIttJXGxu1d9dhcf+KiBNTv72fPWLe+xCZYg8NAKBdnx+NuH6s1u+oP2prSvGfhnJ/z+eG+iLiHxGxJSL+mfdf/h1RLfvfiPhfwzY9LcwCVObki/2f77vzRGN3dclk/b+n87mt2f2/mZr3deS5nmr8ncnJ02Oje/Njsjs6u7L8QPGlZzptXzzzw3vN9l9p6P9lj2z/9b5gXo+fy3O6fyNDE0NLdTRuX60e2CvF+JMoJ/VUxNaI2NbG62fH7PQTH+9otn5W/Fmchfjfbf7i5TYqNEf6YcTjtfM/FXPij3z+L6nOT559vX/80uWnTjfOTw4cOjh4oH9jjI3u7a9fFUXffHft+TxZGEYscP7rTWNZJ9Ky8/+3ea//mZnLviw1M187fv/7uHbretMxZbvX/4bkpWq6Pj97cWhi4sJAxIZkqrh88N62F4e6Z5XP4t+9a/72vyXi9w/y7bZHRHYR/z8iHoqInXndH46IRyJi1wLxf3Xs0deaDSEXj395ZfGP3Nf5b5Y48m3E/Ks6znz5aWHH71QK8XdGs/O/v5ranS8ZGZrYuFhcC9W0MfGnDyAAAACsATsjYnMkpT35jabNUSrt2ROxaeYOyvjEkyfPv3FupPYdgb7oLNXvdPU23A8dyO8NZ/lsq8GGfLZ+X/W+cZqmaXeWz8bv3T0RL3y2uuHDurapSfvP/FT8SgvwoLmvebRm32gD1qS57f9Wy1su/QcygJW1BJ+jAdYo7R/Wr5bbf+EjjP5zwFpXnqchX4m4uzq1AVbSfO/iLxeWHFmRugArSy8e1q/2278PA8Ba5/0f1qWWviTfRmLL8QXKJOXl2WnzRCkW/hWAvoj6knqfZuEX/LEUsTQ17FjSSLtnndPSvGU2xlLsK0qLlimXW/8hhpVNlP4a1agluiJikat35mK7Uk9cXu6KVRvBR/f+U/gNSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYG36IwAA//+xydip") r0 = open(&(0x7f00000000c0)='.\x00', 0x48800, 0x50) getdents(r0, 0x0, 0x0) 7.496978617s ago: executing program 2 (id=1213): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), r0) sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000001a40)={0x38, r1, 0x1, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x5, 0x20}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x4}]}]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000004}, 0x20000040) 7.291860232s ago: executing program 0 (id=1214): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_DISABLE_QUIRKS(r1, 0x4068aea3, &(0x7f00000000c0)={0x74, 0x0, 0x13}) 6.633104775s ago: executing program 2 (id=1215): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000001040)='ns/net\x00') sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002340)=@newlink={0x3c, 0x10, 0xffffffffffffffff, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x54a31, 0x823}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_NET_NS_FD={0x8, 0x1c, r1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004080}, 0x8ae257a062cc3564) 5.702724774s ago: executing program 1 (id=1217): r0 = socket$inet6(0xa, 0x3, 0xff) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x10, @remote, 0x9}, 0x1c) 4.632568168s ago: executing program 4 (id=1219): syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x4000, &(0x7f0000000080)={[{@gid}, {@file_umask={'file_umask', 0x3d, 0x3}}, {@part={'part', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp437'}}]}, 0x1, 0x344, &(0x7f0000000980)="$eJzs3U9r1EwcB/DvJLvb7LOlT2wrBU9SLXgqbT0oHrRI8eIb8CDF2m6hNFbQCloQq2cRb4Lg0Ztn0begF/ENKB4Kiie9FA9GZjLJJutMNk233db9fsDd7Gb+/CaZSWZaakBEfevi3KeXp7fkP1EF4AI4BzgAPKAC4CjGvDtr6x0LcpMtgSin+CvN4lrTlNWDzqH58lMFg+nvaG+EYRh+tu/+cl69/di/gKgnRHoEpzjAABw1EtV+b98j2xubsl39JnWGxTa2cRdDvQyHiIh6T9//HX2XGNTzd8cBJvQ8/LDf/zPzm+3exXEgJPd/J/ocCnl8/le75HpvZT1oLkVLOHn2nXiVaCrL2CdCFzW9qd4dwG2kplypWsxULE59eSVoTm6qAh7hgpZKNqpelxA3RCaFLVod0bhhbZojr+35GqoNVdmGGUv8I3k1GhfAb7/hmbm6+fcFYhLvxAcxL3w8x1Iy/6uEQh4cdXz8tqESxT9lL1G10o9SZVrZCv+IquRYfAbevGq1sm47rh5cGYuJLEW0z9/9OM6nNXsuDCP7Y4WoddP21qlcI0BF6M7VyjWTJPplzDXaXld9uRo0JxdvBrZO313GFZ14Iq6IcXzHa8yl5v+OTD0B+8jMjHKhUuqekdueikppOY8ZagDfKD4yq4VT/usuGU90m6/Zj49xHWcxdPvexupCEDRv9X4jHiolsx/vcjxRR9TdUX4j31Np4MkN2Qm7VunvMAyNuyooWI4cpKXDiAbUmRetJm+sLgh9zdtdA+WVs23XrD0xgFkA+pv4ilCm9gdJrgFdoF8w+095ttU35g4ZR7UPAySuKrPLxUChkVIvUenl+6sLQemrER0irZOOsavJBFnijwb7hJx3iWj9l1qvTKmrjnzxc9Y/YafCUyVOW1ZAw+r1v2QFp3RYczXsK7hGvNFhzXXiFHCylq3RQVzjw/ZifR0nDuJvJXf+qwwxh4+4xkFORERERERERERERERERERERERERHTY7PSvEcr8OUG2xq0+/I83iIiIiIiIiIiIiIiIiIiIiIiIiIiIiIh2p/X83+T5LjXT83/zntSkuNETYrxuPP/XLfD8X7FZrIFEZPUnAAD//2/CX5Q=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r0, 0x0, 0x0) 4.2408073s ago: executing program 2 (id=1220): timer_create(0x7, 0x0, &(0x7f0000000040)=0x0) timer_settime(r0, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x3938700}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000c40), &(0x7f0000000c80)) 3.787861894s ago: executing program 3 (id=1221): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000006b00)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r0, 0x1, 0x10, &(0x7f0000000400), 0x4) sendmsg$unix(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="ef", 0x1}], 0x1, &(0x7f0000000540)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0], 0x18, 0x200040c0}, 0xa4ff) 2.969282168s ago: executing program 2 (id=1222): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x19f, &(0x7f00000000c0)={[{@sysvgroups}, {@noblock_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x514}}, {@grpjquota}, {@stripe={'stripe', 0x3d, 0x7}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@grpid}, {@errors_remount}]}, 0x80, 0x550, &(0x7f0000000a00)="$eJzs3c9vHFcdAPDvTLxufji1SzlAJUqBoqSCrOOathaHEiQEp0qIcg/G3lhW1t7IXrexFQnnL0BCCBCc4MIFiT8ACUXiwhEhRYIzSEUgBA4ckIBMNbNjx7VnnY272fWPz0eazJs3P77vzWbG82aeZgI4tV6KiGsR8TDLslciYrzMT8shNjtDvtyDrTtz+ZBElr39jySSMm97W0k5vlCudjYivvG1iG8n++Ourm/cnG02Gyvl9GR76dbk6vrGlcWl2YXGQmN5enrq9Zk3Zl6bubp704d2MSLe/MpffvDdn3/1zV9//t0/X//b5bzaMVbO312PJ5DvopGDFugUvFbsi235CiuHCHZUjRQ1LJ2rWiLLsuxhlu7KuTuQkgEAsFd+TfaRiPh0RLwS43Hm4MtZAAAA4BjKvjQW/0s6T2gqjHbJBwAAAI6RtOgDm6T1si/AWKRpvd7pw/vROJ82W6vtz91orS3P3//xWERMRC29sdhsXC37Ck9ELcmnp4r0o+lX90xPR8RzEfH98XPFdH2u1Zwf9s0PAAAAOCUu7Gn//3u80/4HAAAATpiJ/VnpMMoBAAAAPD0V7X8AAADghNH+BwAAgBPt62+9lQ/Z9vev599ZX7vZeufKfGP1Zn1pba4+11q5VV9otRaKd/Yt7V73TMX2mq3WrS/E8trtyXZjtT25ur5xfam1tty+vviBT2ADAAAAA/TcJ+/9MYmIzS+eK4bc6LALBQzEyE4qKccVR/+fnu2M3xtQoYCBqLqHv9d7zwygIMDAjRxqrayX0wZwxNWGXQBg6JLHzO/aeed35fhT/S0PAADQf5c+3v35/8HfANj0iQA45hzEcHrteZCXjQ+rIMDAFc//e+3w62IBTpRaTz0AgZPsQz//f6wse6ICAQAAfTdWDElaL2/vjUWa1usRF4vPAtSSG4vNxtWIeDYi/jBeeyafnirWTB7bZgAAAAAAAAAAAAAAAAAAAAAAAAAAOrIsiewg1w6cCwAAABwDEelfk9903uV/afzlsb33B0aT/xSfBB6NiHd/8vYPb8+22ytTef4/d/LbPyrzXx3GHQwAAABgr+12+nY7HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD66cHWnbkHW3ey/27dmRtk3L9/OSImduIXQ2fOSJwtxmejFhHn/5XEyK71kog404f4m3cj4mNV8ZO8WDshq+Kfe/rxY6LcC1XxL/QhPpxm9/Lzz7Wq4y+Nl4px9fE3EvGB6cPqfv6LnfPfmS7H/8UeY7xw/5eTXePfjXhhpPr8sx0/2Rc/KcdpT/G/9c2NjW7zsp9GXIrq+LujTbaXbk2urm9cWVyaXWgsNJanp6den3lj5rWZq5M3FpuN8t/KGN/7xK8eHlT/813iT3Stf6dML/dU+4j/37+99XyXv1d5/MufqYj/25+VS+yPn5bb+myZzudf2k5vdtK7vfiL3794UP3nH9W/1tvv34l5+eBqP/oB+3GgAAB9s7q+cXO22WysHIdE7TBr5a30qlnPl3vgwxds9KjsH4knTHynrxvMsizr8j/qXkT0sp0kjsJuKRLDPS8BAAD99+iif9glAQAAAAAAAAAAAAAAAAAAgNOrj+8MG618zV7FmwU2d1KJNwMDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEfG+wEAAP//tYHb7A==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x80) open_by_handle_at(r0, &(0x7f0000000080)=@shmem={0xc, 0x1, {0x2, 0x2}}, 0x36e5476d) 2.738016999s ago: executing program 4 (id=1223): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r0, &(0x7f0000000880)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x6d1}, 0x1c, &(0x7f0000000800)=[{&(0x7f00000002c0)='n', 0x1}], 0x1}}], 0x1, 0x20004801) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x4e21, 0x74e, @private2={0xfc, 0x2, '\x00', 0x1}, 0x5}}, 0xfffffffc, 0x1, 0x2, 0x2, 0x11, 0xf7, 0xfd}, &(0x7f0000000080)=0x9c) 2.519466085s ago: executing program 3 (id=1224): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8983, &(0x7f0000000000)={0x6, 'veth0_vlan\x00', {0x2}, 0x101}) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000080)={0x0, 'veth0_vlan\x00', {0x1}, 0x1}) 1.763800304s ago: executing program 3 (id=1225): r0 = syz_open_dev$sg(&(0x7f0000000080), 0x6f5e, 0xa0001) capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x200000, 0x200000, 0x7}) ioctl$SG_IO(r0, 0x2285, &(0x7f00000000c0)={0x53, 0xfffffffffffffffc, 0x7, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000280)="ba01a9be653322", 0x0, 0x101006, 0x0, 0x3, 0x0}) 1.357131747s ago: executing program 4 (id=1226): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@newlink={0x70, 0x10, 0x401, 0x5, 0x3, {0x0, 0x0, 0x0, 0x0, 0x503}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x10, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x308, {0x10005, 0xb}}]}, @IFLA_VLAN_ID={0x6, 0x1, 0x3}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0x2, 0xe}}, @IFLA_VLAN_EGRESS_QOS={0x10, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfffffffa}}]}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x70}, 0x1, 0x0, 0x0, 0x20004800}, 0x4000000) 1.097100031s ago: executing program 2 (id=1227): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000884, &(0x7f0000000700)={[{@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'iso8859-7'}}, {@shortname_win95}, {@shortname_win95}, {@fat=@sys_immutable}, {@shortname_winnt}, {@shortname_winnt}, {@shortname_win95}, {@fat=@check_normal}, {@fat=@codepage={'codepage', 0x3d, '861'}}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@numtail}, {@rodir}, {@uni_xlateno}, {@shortname_win95}, {@utf8no}]}, 0x2, 0x289, &(0x7f00000001c0)="$eJzs3c1qA1UUAOAzzaRJdJEsXInQAV24Kq1P0CIVxIKgZKEutNgUpAmFFgJVMXblE7hx6/O4EV/AB1Dc2YU4ks7kTyctkbQp+n2bHs69J/fM3KHtZm4+eWVwfnpxdXbz5c/RbCaxdRAHcZtEJ7Zi4uuo9NOv1XkA4Jm7zfP4LS80itT14oz6ksp069GbAwAexfzf/033AgA8jfc/+PCdw+Pjo/eyrBkx+GbYTaL4WYwfnsVn0Y9e7EU7/ojIp4r4rbePjyLNxjrx2mA07I4rBx//UH7+4S8Rd/X70Y5Odf1+VpirHw279XihXP+gH713v492vFRd/8as/jYv66O7Ha+/Otf/brTjx0/jIvpxGsX/OpP6r/az7M3829+/+GicHdcno2G3EacLdyqvPfXeAAAAAAAAAAAAAAAAAAAAAADw37WbTXUWz9+ZHPx/z/g95wON5s7n2cuyLE+K+bP6NF5OI93ktQMAAAAAAAAAAAAAAAAAAMBzcXX9+flJv9+7XGswea2/Yij+XMw0ImLJ56QPr7WzaodRK1vrJxGrXVc9GneVD0+urXjHWuN+epdJGuvbgmSaac0P7USx1jjTKoK5zGpLfPfPjWvGXTB5us5PkmWbOwmaVQ/JGoK84vGrLa3a/numVV5BxeTWPatvv/ives7bS4aSiKhPb2Y51KqeXF/vPXy630EAAAAAAAAAAAAAAAAAAEBh9tJvxeDNBhoCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA2Yff//CsGoLF42J6+NgzTKzIYvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+BvwIAAP//XAxp4w==") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f00000004c0)=""/144, 0x90) 1.061107108s ago: executing program 3 (id=1228): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001840), r0) sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f0000001a40)={0x0, 0x0, &(0x7f0000001a00)={&(0x7f0000001880)={0x34, r1, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0x20, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x0, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x20048080}, 0x8094) 594.749741ms ago: executing program 4 (id=1229): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000000)=0x4, 0x4) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0xe) 525.841485ms ago: executing program 3 (id=1230): r0 = syz_clone(0x91, 0x0, 0xd5cc402235073f75, 0x0, 0x0, 0x0) r1 = gettid() kcmp(r0, r1, 0x5, 0xffffffffffffffff, 0xffffffffffffffff) 0s ago: executing program 3 (id=1231): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023892) kernel console output (not intermixed with test programs): 2'. [ 221.562191][ T6439] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 221.650796][ T6448] netlink: 'syz.1.213': attribute type 9 has an invalid length. [ 221.726855][ T6448] netlink: 4848 bytes leftover after parsing attributes in process `syz.1.213'. [ 221.826637][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.217978][ T6459] netlink: 'syz.2.215': attribute type 5 has an invalid length. [ 222.571488][ T5829] kernel read not supported for file /comedi3 (pid: 5829 comm: kworker/0:3) [ 223.152009][ T6474] loop0: detected capacity change from 0 to 256 [ 223.251802][ T29] audit: type=1326 audit(1775805524.911:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6475 comm="syz.3.226" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd50279c819 code=0x0 [ 223.414792][ T6474] FAT-fs (loop0): Directory bread(block 64) failed [ 223.456242][ T6474] FAT-fs (loop0): Directory bread(block 65) failed [ 223.478803][ T6474] FAT-fs (loop0): Directory bread(block 66) failed [ 223.492664][ T6474] FAT-fs (loop0): Directory bread(block 67) failed [ 223.510614][ T6474] FAT-fs (loop0): Directory bread(block 68) failed [ 223.517352][ T6474] FAT-fs (loop0): Directory bread(block 69) failed [ 223.567014][ T6474] FAT-fs (loop0): Directory bread(block 70) failed [ 223.591771][ T6474] FAT-fs (loop0): Directory bread(block 71) failed [ 223.613186][ T6474] FAT-fs (loop0): Directory bread(block 72) failed [ 223.639866][ T6474] FAT-fs (loop0): Directory bread(block 73) failed [ 223.644633][ T6483] GUP no longer grows the stack in syz.4.229 (6483): 200000005000-200000008000 (200000004000) [ 223.707575][ T6483] CPU: 0 UID: 0 PID: 6483 Comm: syz.4.229 Not tainted syzkaller #0 PREEMPT(full) [ 223.707711][ T6483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 223.707808][ T6483] Call Trace: [ 223.707859][ T6483] [ 223.707907][ T6483] __dump_stack+0x26/0x30 [ 223.708069][ T6483] dump_stack_lvl+0x14c/0x1c0 [ 223.708227][ T6483] dump_stack+0x1e/0x25 [ 223.708364][ T6483] __get_user_pages+0x44ea/0x5f00 [ 223.708532][ T6483] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 223.708667][ T6483] ? __pfx_kmsan_get_metadata+0x10/0x10 [ 223.708816][ T6483] ? update_cfs_rq_load_avg+0x747/0x8c0 [ 223.709005][ T6483] ? kmsan_get_metadata+0xf1/0x160 [ 223.709144][ T6483] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 223.709343][ T6483] __gup_longterm_locked+0x1862/0x2660 [ 223.709505][ T6483] ? gup_fast_fallback+0x731/0x3b40 [ 223.709682][ T6483] ? filter_irq_stacks+0x49/0x190 [ 223.709859][ T6483] ? stack_depot_save_flags+0x35/0x790 [ 223.710013][ T6483] ? kmsan_get_metadata+0xf1/0x160 [ 223.710137][ T6483] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 223.710315][ T6483] ? kmsan_get_metadata+0xf1/0x160 [ 223.710433][ T6483] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 223.710570][ T6483] gup_fast_fallback+0x3476/0x3b40 [ 223.710767][ T6483] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 223.710908][ T6483] ? gup_fast_fallback+0x3b31/0x3b40 [ 223.711070][ T6483] ? filter_irq_stacks+0x49/0x190 [ 223.711242][ T6483] ? kmsan_get_metadata+0xf1/0x160 [ 223.711373][ T6483] ? kmsan_get_metadata+0xf1/0x160 [ 223.711504][ T6483] get_user_pages_fast+0xb7/0x120 [ 223.711680][ T6483] get_futex_key+0xd07/0x1ee0 [ 223.711832][ T6483] ? kmsan_get_metadata+0xf1/0x160 [ 223.711958][ T6483] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 223.712122][ T6483] futex_wait_setup+0x71/0x8f0 [ 223.712248][ T6483] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 223.712431][ T6483] ? kmsan_get_metadata+0xf1/0x160 [ 223.712557][ T6483] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 223.712699][ T6483] __futex_wait+0xe0/0x450 [ 223.712829][ T6483] ? __pfx_futex_wake_mark+0x10/0x10 [ 223.713036][ T6483] futex_wait+0xd5/0x360 [ 223.713147][ T6483] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 223.713327][ T6483] ? kmsan_get_metadata+0xf1/0x160 [ 223.713468][ T6483] do_futex+0x3a4/0x480 [ 223.713634][ T6483] __se_sys_futex+0x5b8/0x740 [ 223.713799][ T6483] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 223.713986][ T6483] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 223.714128][ T6483] __x64_sys_futex+0x114/0x1a0 [ 223.714314][ T6483] x64_sys_call+0x2c48/0x3ea0 [ 223.714479][ T6483] do_syscall_64+0x134/0xf80 [ 223.714643][ T6483] ? clear_bhb_loop+0x50/0xa0 [ 223.714793][ T6483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.714941][ T6483] RIP: 0033:0x7f2ef319c819 [ 223.715048][ T6483] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 223.715165][ T6483] RSP: 002b:00007f2ef13f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 223.715292][ T6483] RAX: ffffffffffffffda RBX: 00007f2ef3415fa0 RCX: 00007f2ef319c819 [ 223.715388][ T6483] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000004000 [ 223.715470][ T6483] RBP: 00007f2ef3232c91 R08: 0000000000000000 R09: 0000000000000001 [ 223.715553][ T6483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 223.715631][ T6483] R13: 00007f2ef3416038 R14: 00007f2ef3415fa0 R15: 00007ffda5c5e868 [ 223.715796][ T6483] [ 224.233022][ T6474] syz.0.225: attempt to access beyond end of device [ 224.233022][ T6474] loop0: rw=8390659, sector=1224, nr_sectors = 32 limit=256 [ 224.541169][ T6489] netlink: 12 bytes leftover after parsing attributes in process `syz.3.232'. [ 224.671436][ T6487] loop1: detected capacity change from 0 to 1024 [ 225.147635][ T5829] kernel read not supported for file /107/net/unix (pid: 5829 comm: kworker/0:3) [ 226.838317][ T6521] netlink: 8 bytes leftover after parsing attributes in process `syz.4.246'. [ 227.054734][ T6521] gretap0: entered promiscuous mode [ 227.234793][ T6529] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 227.266353][ T6528] loop2: detected capacity change from 0 to 512 [ 227.359916][ T6528] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 227.556820][ T6528] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.249: invalid indirect mapped block 4294967295 (level 1) [ 227.669964][ T6528] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 227.679609][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 227.695990][ C1] EXT4-fs (loop2): initial error at time 1775805529: ext4_free_branches:1023: inode 11 [ 227.706161][ C1] EXT4-fs (loop2): last error at time 1775805529: ext4_free_branches:1023: inode 11 [ 227.720728][ T6528] EXT4-fs (loop2): Remounting filesystem read-only [ 227.780385][ T6528] EXT4-fs (loop2): 2 truncates cleaned up [ 227.821419][ T6528] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 227.994856][ T6528] EXT4-fs warning (device loop2): empty_inline_dir:1785: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60 [ 228.470594][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.413481][ T6555] loop4: detected capacity change from 0 to 2048 [ 229.458031][ T6555] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 229.592962][ T6560] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 230.008796][ T6563] netlink: 24 bytes leftover after parsing attributes in process `syz.1.265'. [ 231.228422][ T6576] loop0: detected capacity change from 0 to 1024 [ 231.353904][ T6576] hfsplus: b-tree write err: -5, ino 2 [ 231.642558][ T6584] loop1: detected capacity change from 0 to 1024 [ 231.803912][ T1134] hfsplus: b-tree write err: -5, ino 25 [ 231.835459][ T1134] hfsplus: b-tree write err: -5, ino 4 [ 231.859873][ T1134] hfsplus: b-tree write err: -5, ino 2 [ 231.865837][ T1134] hfsplus: b-tree write err: -5, ino 26 [ 232.608241][ T6596] loop2: detected capacity change from 0 to 512 [ 232.640582][ T6590] loop3: detected capacity change from 0 to 4096 [ 232.723412][ T6596] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.281: inode has both inline data and extents flags [ 232.849357][ T6596] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 232.859393][ T6596] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.281: couldn't read orphan inode 15 (err -117) [ 232.859655][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 232.887649][ C0] EXT4-fs (loop2): initial error at time 1775805534: ext4_orphan_get:1397: inode 15 [ 232.897511][ C0] EXT4-fs (loop2): last error at time 1775805534: ext4_orphan_get:1397: inode 15 [ 232.948072][ T6596] loop2: lost filesystem error report for type 5 error -117 [ 232.973041][ T6596] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 233.094559][ T6590] ntfs3(loop3): Failed to initialize $Extend/$ObjId. [ 233.374335][ T6596] EXT4-fs: Ignoring removed bh option [ 233.444392][ T6596] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 233.454080][ T6604] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 233.991805][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.107373][ T6630] loop3: detected capacity change from 0 to 256 [ 236.174226][ T6630] exfat: Deprecated parameter 'namecase' [ 236.228274][ T6630] exfat: Deprecated parameter 'utf8' [ 236.348713][ T6637] loop2: detected capacity change from 0 to 512 [ 236.413925][ T6630] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 236.487614][ T6637] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 236.524305][ T6637] EXT4-fs error (device loop2): ext4_iget_extra_inode:5040: inode #15: comm syz.2.300: corrupted in-inode xattr: e_value size too large [ 236.630122][ T6637] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 236.639626][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 236.655835][ C0] EXT4-fs (loop2): initial error at time 1775805538: ext4_iget_extra_inode:5040: inode 15 [ 236.666324][ C0] EXT4-fs (loop2): last error at time 1775805538: ext4_iget_extra_inode:5040: inode 15 [ 236.678528][ T6637] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.300: couldn't read orphan inode 15 (err -117) [ 236.709403][ T6637] loop2: lost filesystem error report for type 5 error -117 [ 236.714149][ T6637] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 236.859841][ T11] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 236.899752][ T5829] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 237.030097][ T11] usb 2-1: Using ep0 maxpacket: 16 [ 237.057356][ T11] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 237.089835][ T5829] usb 5-1: Using ep0 maxpacket: 8 [ 237.097282][ T11] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 237.101862][ T6647] sg_write: data in/out 422876/114 bytes for SCSI command 0x0-- guessing data in; [ 237.101862][ T6647] program syz.3.304 not setting count and/or reply_len properly [ 237.139926][ T5829] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 237.157448][ T11] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 237.182662][ T5829] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 237.250494][ T11] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 237.272960][ T5829] usb 5-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00 [ 237.301016][ T11] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 237.304348][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.325131][ T5829] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 237.351237][ T11] usb 2-1: config 0 descriptor?? [ 237.411783][ T5829] usb 5-1: config 0 descriptor?? [ 237.884220][ T11] microsoft 0003:045E:07DA.0002: unbalanced collection at end of report description [ 237.948340][ T11] microsoft 0003:045E:07DA.0002: parse failed [ 237.961326][ T5829] logitech 0003:046D:C294.0003: unknown main item tag 0x0 [ 237.997474][ T5829] logitech 0003:046D:C294.0003: unknown main item tag 0x4 [ 238.006966][ T11] microsoft 0003:045E:07DA.0002: probe with driver microsoft failed with error -22 [ 238.051064][ T5829] logitech 0003:046D:C294.0003: reserved main item tag 0xd [ 238.089797][ T5829] logitech 0003:046D:C294.0003: item fetching failed at offset 38/41 [ 238.101421][ T11] usb 2-1: USB disconnect, device number 2 [ 238.157186][ T5829] logitech 0003:046D:C294.0003: parse failed [ 238.239048][ T5829] logitech 0003:046D:C294.0003: probe with driver logitech failed with error -22 [ 238.296470][ T5829] usb 5-1: USB disconnect, device number 2 [ 238.550200][ T5905] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 238.760034][ T5905] usb 4-1: Using ep0 maxpacket: 16 [ 238.792965][ T5905] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 238.856776][ T5905] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0 [ 238.900155][ T5905] usb 4-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 238.959746][ T5905] usb 4-1: config 0 interface 0 has no altsetting 0 [ 238.981061][ T5905] usb 4-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00 [ 239.028808][ T5905] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 239.073746][ T5905] usb 4-1: config 0 descriptor?? [ 239.345364][ T6668] loop0: detected capacity change from 0 to 64 [ 239.578751][ T5905] mcp2200 0003:04D8:00DF.0004: USB HID v0.00 Device [HID 04d8:00df] on usb-dummy_hcd.3-1/input0 [ 239.763976][ T5905] usb 4-1: USB disconnect, device number 4 [ 240.598350][ T5905] kernel read not supported for file /sysvipc/msg (pid: 5905 comm: kworker/0:6) [ 241.952052][ T6700] loop3: detected capacity change from 0 to 128 [ 242.057810][ T6700] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 242.088802][ T6700] ext4 filesystem being mounted at /62/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 242.206171][ T5779] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 242.923902][ T6719] loop0: detected capacity change from 0 to 128 [ 242.948017][ T6719] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 242.949323][ T6719] ext4 filesystem being mounted at /68/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 243.274737][ T6719] EXT4-fs (loop0): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 243.685895][ T5781] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 243.853122][ T6725] loop1: detected capacity change from 0 to 4096 [ 243.889231][ T6731] netlink: 36 bytes leftover after parsing attributes in process `syz.3.342'. [ 244.072583][ T6733] loop4: detected capacity change from 0 to 256 [ 244.075820][ T6735] netlink: 'syz.0.353': attribute type 13 has an invalid length. [ 244.088429][ T6735] netlink: 164 bytes leftover after parsing attributes in process `syz.0.353'. [ 244.125706][ T6735] syz_tun: refused to change device tx_queue_len [ 244.525200][ T6733] FAT-fs (loop4): Directory bread(block 64) failed [ 244.573698][ T6733] FAT-fs (loop4): Directory bread(block 65) failed [ 244.596219][ T6733] FAT-fs (loop4): Directory bread(block 66) failed [ 244.673061][ T6733] FAT-fs (loop4): Directory bread(block 67) failed [ 244.684136][ T6733] FAT-fs (loop4): Directory bread(block 68) failed [ 244.707178][ T6740] Bluetooth: MGMT ver 1.23 [ 244.715887][ T6733] FAT-fs (loop4): Directory bread(block 69) failed [ 244.767108][ T6733] FAT-fs (loop4): Directory bread(block 70) failed [ 244.822505][ T6733] FAT-fs (loop4): Directory bread(block 71) failed [ 244.888227][ T6733] FAT-fs (loop4): Directory bread(block 72) failed [ 244.924264][ T6733] FAT-fs (loop4): Directory bread(block 73) failed [ 245.265063][ T6733] syz.4.343: attempt to access beyond end of device [ 245.265063][ T6733] loop4: rw=8390659, sector=1224, nr_sectors = 32 limit=256 [ 246.281299][ T6761] loop0: detected capacity change from 0 to 256 [ 246.340429][ T6761] exfat: Deprecated parameter 'utf8' [ 246.557091][ T6761] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 246.629331][ T6764] loop2: detected capacity change from 0 to 256 [ 246.665408][ T6764] exfat: Deprecated parameter 'utf8' [ 246.713186][ T6764] exfat: Deprecated parameter 'namecase' [ 246.757295][ T6764] exfat: Deprecated parameter 'namecase' [ 246.821814][ T6764] exfat: Deprecated parameter 'utf8' [ 247.041724][ T6764] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0x6a70c931, utbl_chksum : 0xe619d30d) [ 247.094620][ T6764] exFAT-fs (loop2): failed to test first cluster bit of root dir(5) [ 249.552340][ T5834] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 249.747313][ T5834] usb 5-1: Using ep0 maxpacket: 32 [ 249.766226][ T5834] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 249.808814][ T5834] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 249.827360][ T6816] loop0: detected capacity change from 0 to 128 [ 249.831990][ T6815] loop2: detected capacity change from 0 to 512 [ 249.862615][ T5834] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 249.902775][ T5834] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 249.929745][ T5834] usb 5-1: Product: syz [ 249.931925][ T6815] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 249.943553][ T5834] usb 5-1: Manufacturer: syz [ 249.996162][ T6812] loop3: detected capacity change from 0 to 4096 [ 249.997657][ T6816] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985 [ 250.043329][ T5834] hub 5-1:4.0: USB hub found [ 250.080817][ T6816] ; already mounted read-only [ 250.103676][ T6816] hpfs: filesystem error: improperly stopped [ 250.130129][ T6816] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 250.157035][ T6815] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 250.175562][ T6816] hpfs: You really don't want any checks? You are crazy... [ 250.191510][ T6816] hpfs: hpfs_map_sector(): read error [ 250.206649][ T6816] hpfs: code page support is disabled [ 250.217509][ T6816] hpfs: hpfs_map_4sectors(): unaligned read [ 250.231432][ T6816] hpfs: hpfs_map_4sectors(): unaligned read [ 250.237810][ T6822] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 250.242199][ T5834] hub 5-1:4.0: 2 ports detected [ 250.273734][ T6815] ext4 filesystem being mounted at /76/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 250.285723][ T6816] hpfs: filesystem error: unable to find root dir [ 250.506495][ T5834] hub 5-1:4.0: hub_hub_status failed (err = -71) [ 250.540295][ T5834] hub 5-1:4.0: config failed, can't get hub status (err -71) [ 250.615502][ T5834] usb 5-1: USB disconnect, device number 3 [ 250.787203][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.164445][ T6826] loop0: detected capacity change from 0 to 1024 [ 251.287914][ T6826] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a055c01c, mo2=0002] [ 251.320643][ T6826] System zones: 0-1, 3-36 [ 251.395406][ T6826] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 251.517928][ T6835] loop1: detected capacity change from 0 to 64 [ 251.768425][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.747995][ T6850] loop4: detected capacity change from 0 to 128 [ 252.797529][ T6850] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 252.832586][ T6850] hpfs: filesystem error: improperly stopped [ 252.855077][ T6850] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 252.889904][ T6850] hpfs: You really don't want any checks? You are crazy... [ 252.939392][ T6850] hpfs: Code page index out of array [ 252.955349][ T6850] hpfs: code page support is disabled [ 252.981272][ T6850] hpfs: hpfs_map_4sectors(): unaligned read [ 253.012410][ T6850] hpfs: hpfs_map_4sectors(): unaligned read [ 253.038214][ T6850] hpfs: filesystem error: unable to find root dir [ 253.108604][ T6850] hpfs: hpfs_map_4sectors(): unaligned read [ 253.223658][ T5905] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 253.432288][ T5905] usb 1-1: Using ep0 maxpacket: 8 [ 253.474467][ T5905] usb 1-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 253.532431][ T5905] usb 1-1: config 0 interface 0 has no altsetting 0 [ 253.562019][ T5905] usb 1-1: New USB device found, idVendor=172f, idProduct=0037, bcdDevice= 0.00 [ 253.580261][ T5905] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 253.641567][ T5905] usb 1-1: config 0 descriptor?? [ 254.211229][ T5905] waltop 0003:172F:0037.0005: unknown main item tag 0x2 [ 254.242137][ T5905] waltop 0003:172F:0037.0005: unknown main item tag 0x0 [ 254.289740][ T5905] waltop 0003:172F:0037.0005: unexpected long global item [ 254.390319][ T5905] waltop 0003:172F:0037.0005: probe with driver waltop failed with error -22 [ 254.478584][ T5905] usb 1-1: USB disconnect, device number 2 [ 255.043226][ T29] audit: type=1326 audit(1775805556.701:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6873 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694459c819 code=0x7ffc0000 [ 255.170022][ T29] audit: type=1326 audit(1775805556.731:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6873 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694459c819 code=0x7ffc0000 [ 255.170237][ T29] audit: type=1326 audit(1775805556.731:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6873 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694459c819 code=0x7ffc0000 [ 255.170437][ T29] audit: type=1326 audit(1775805556.731:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6873 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7f694459c819 code=0x7ffc0000 [ 255.170638][ T29] audit: type=1326 audit(1775805556.731:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6873 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694459c819 code=0x7ffc0000 [ 255.170838][ T29] audit: type=1326 audit(1775805556.731:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6873 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694459c819 code=0x7ffc0000 [ 255.171047][ T29] audit: type=1326 audit(1775805556.731:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6873 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694459c819 code=0x7ffc0000 [ 255.171247][ T29] audit: type=1326 audit(1775805556.731:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6873 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f694459c819 code=0x7ffc0000 [ 255.171448][ T29] audit: type=1326 audit(1775805556.731:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6873 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f694459c819 code=0x7ffc0000 [ 255.440984][ T6882] netlink: 43 bytes leftover after parsing attributes in process `syz.0.407'. [ 255.441072][ T6882] netlink: 28 bytes leftover after parsing attributes in process `syz.0.407'. [ 255.554176][ T6886] loop2: detected capacity change from 0 to 256 [ 255.601823][ T6886] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 256.313271][ T6893] loop3: detected capacity change from 0 to 1024 [ 256.492257][ T6893] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 257.055915][ T5779] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.363149][ T6910] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 258.974660][ T6938] loop2: detected capacity change from 0 to 256 [ 259.106887][ T6940] loop3: detected capacity change from 0 to 1024 [ 259.645517][ T6940] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 259.806365][ T6949] loop4: detected capacity change from 0 to 1024 [ 259.826415][ T6940] EXT4-fs (loop3): resizing filesystem from 512 to 0 blocks [ 259.875942][ T6940] EXT4-fs warning (device loop3): ext4_resize_fs:2041: can't shrink FS - resize aborted [ 260.121102][ T6949] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 260.189916][ T6957] usb usb7: check_ctrlrecip: process 6957 (syz.1.439) requesting ep 01 but needs 81 [ 260.200731][ T6957] usb usb7: usbfs: process 6957 (syz.1.439) did not claim interface 0 before use [ 260.400243][ T5829] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 260.439899][ T5779] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.515965][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.621162][ T5829] usb 1-1: Using ep0 maxpacket: 8 [ 260.645676][ T5829] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 260.697433][ T5829] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 260.741447][ T5829] usb 1-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00 [ 260.757768][ T5829] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 260.812082][ T5829] usb 1-1: config 0 descriptor?? [ 261.255797][ T5829] logitech 0003:046D:C294.0006: unknown main item tag 0x0 [ 261.293623][ T5829] logitech 0003:046D:C294.0006: unknown main item tag 0x4 [ 261.331014][ T5829] logitech 0003:046D:C294.0006: reserved main item tag 0xd [ 261.359381][ T5829] logitech 0003:046D:C294.0006: item fetching failed at offset 38/41 [ 261.384526][ T5829] logitech 0003:046D:C294.0006: parse failed [ 261.430362][ T5829] logitech 0003:046D:C294.0006: probe with driver logitech failed with error -22 [ 261.442277][ T6963] loop1: detected capacity change from 0 to 2048 [ 261.496005][ T6963] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 261.526660][ T5829] usb 1-1: USB disconnect, device number 3 [ 261.610557][ T6970] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 262.145351][ T6975] netlink: 'syz.2.447': attribute type 3 has an invalid length. [ 262.927687][ T6977] loop0: detected capacity change from 0 to 4096 [ 263.149908][ T6988] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 263.251017][ T29] audit: type=1800 audit(1775805564.911:19): pid=6977 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.449" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 264.199774][ T40] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 264.390350][ T40] usb 4-1: Using ep0 maxpacket: 8 [ 264.401296][ T40] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 264.416526][ T40] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 264.461636][ T40] usb 4-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00 [ 264.479642][ T40] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 264.574192][ T40] usb 4-1: config 0 descriptor?? [ 264.872968][ T7009] loop4: detected capacity change from 0 to 1764 [ 265.060480][ T40] logitech 0003:046D:C294.0007: unknown main item tag 0x0 [ 265.112579][ T40] logitech 0003:046D:C294.0007: unknown main item tag 0x4 [ 265.129820][ T40] logitech 0003:046D:C294.0007: reserved main item tag 0xd [ 265.189829][ T40] logitech 0003:046D:C294.0007: item fetching failed at offset 38/41 [ 265.232975][ T40] logitech 0003:046D:C294.0007: parse failed [ 265.272648][ T40] logitech 0003:046D:C294.0007: probe with driver logitech failed with error -22 [ 265.364035][ T7016] loop0: detected capacity change from 0 to 256 [ 265.380686][ T40] usb 4-1: USB disconnect, device number 5 [ 265.454859][ T7016] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 265.528621][ T7016] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512 [ 265.568538][ T7016] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 265.594189][ T7016] UDF-fs: Scanning with blocksize 512 failed [ 265.595928][ T7020] loop4: detected capacity change from 0 to 64 [ 265.638655][ T7016] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 265.694796][ T7016] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 265.708729][ T7020] minix_free_block (loop4:21): bit already cleared [ 266.035237][ T7024] loop1: detected capacity change from 0 to 512 [ 266.095777][ T7024] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e040e018, mo2=0002] [ 266.172695][ T7024] System zones: 1-12 [ 266.178397][ T7027] loop4: detected capacity change from 0 to 1024 [ 266.224471][ T7024] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #12: comm syz.1.469: missing EA_INODE flag [ 266.279014][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.285901][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.304592][ T7024] loop1: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 266.309398][ T7024] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.469: error while reading EA inode 12 err=-117 [ 266.309726][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 266.338432][ C0] EXT4-fs (loop1): initial error at time 1775805567: ext4_xattr_inode_iget:441: inode 12 [ 266.348799][ C0] EXT4-fs (loop1): last error at time 1775805567: ext4_xattr_inode_iget:441: inode 12 [ 266.362798][ T7024] loop1: lost filesystem error report for type 5 error -117 [ 266.371570][ T7024] EXT4-fs (loop1): 1 orphan inode deleted [ 266.381369][ T7027] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 266.448400][ T7024] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 266.908798][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 266.939029][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.176555][ T7041] netlink: 104 bytes leftover after parsing attributes in process `syz.0.478'. [ 267.532776][ T7044] loop1: detected capacity change from 0 to 2048 [ 267.729871][ T7054] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 268.597423][ T7061] loop4: detected capacity change from 0 to 1024 [ 268.770462][ T5829] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 268.784546][ T7067] CUSE: unknown device info "ìŠxóKJ +ßãÛ¤2Lh¸änLþ1Õîì8­¨×0º©®(À3Õ¶ië" [ 268.821092][ T7061] hfsplus: bad catalog entry type [ 268.858109][ T7067] CUSE: unknown device info "Ù®,°ð<Ö_e¤FÀÆ" [ 268.932717][ T7067] CUSE: unknown device info "3ÜŸ•,²¥Ì˜õ" [ 268.966124][ T7067] CUSE: unknown device info "Jô©Ð2S Zûü !e/ëÅúãõž‘­J½+-n´¸a4¼¿\Nšÿä4¨ô" [ 268.979964][ T5829] usb 2-1: Using ep0 maxpacket: 8 [ 269.031706][ T5829] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 269.032958][ T7067] CUSE: unknown device info "´ƒ [ 269.032958][ T7067] f𳦧ìýzóÚXÁS! [ 269.032958][ T7067] „Aäx¡Ùjª½T¾Ç”¨åw— üæšxRÉQ÷®(hÒj pødY0¨Æ|M?2JÿúIšvö^RÎ@´å" [ 269.099862][ T7067] CUSE: unknown device info "!ToÛ}Ý&|L+U²®oæõϲ±„Ð"–¨FstVµ:׌E• gJºî‹ÂÁ<@cÁ”²ûŽ4ÊTáM˜­_“ž@±/íËV ™¨º§{»‡ò" [ 269.117233][ T5829] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 269.179885][ T5829] usb 2-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00 [ 269.192218][ T143] hfsplus: b-tree write err: -5, ino 25 [ 269.273877][ T143] hfsplus: b-tree write err: -5, ino 4 [ 269.278155][ T7067] CUSE: unknown device info "ÊþwlU~‘ÄÎV¥ß¶âݸFsºXý,xækƒÅq¾é/òQ]Ñ3•ÞH" [ 269.288821][ T5829] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.291641][ T143] hfsplus: b-tree write err: -5, ino 2 [ 269.362837][ T5829] usb 2-1: config 0 descriptor?? [ 269.389919][ T7067] CUSE: zero length info key specified [ 269.826995][ T5829] logitech 0003:046D:C294.0008: unknown main item tag 0x0 [ 269.891063][ T5829] logitech 0003:046D:C294.0008: unknown main item tag 0x4 [ 269.935540][ T5829] logitech 0003:046D:C294.0008: reserved main item tag 0xd [ 269.970094][ T5829] logitech 0003:046D:C294.0008: item fetching failed at offset 38/41 [ 269.995155][ T5829] logitech 0003:046D:C294.0008: parse failed [ 270.040520][ T5829] logitech 0003:046D:C294.0008: probe with driver logitech failed with error -22 [ 270.128174][ T5829] usb 2-1: USB disconnect, device number 3 [ 270.866260][ T7082] loop0: detected capacity change from 0 to 4096 [ 270.969866][ T7082] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 271.027753][ T7082] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 4096) [ 271.145845][ T7093] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 271.168920][ T7091] warning: `syz.1.497' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 271.186586][ T5829] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 271.370661][ T5829] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 271.429267][ T5829] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 271.499759][ T5829] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 271.544617][ T5829] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 271.599672][ T7088] loop4: detected capacity change from 0 to 2048 [ 271.635337][ T7088] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 271.644799][ T5829] usb 3-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 271.722945][ T5829] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.770302][ T5829] usb 3-1: Product: syz [ 271.774660][ T5829] usb 3-1: Manufacturer: syz [ 271.813537][ T5829] usb 3-1: SerialNumber: syz [ 271.853496][ T5829] usb 3-1: config 0 descriptor?? [ 271.887391][ T5829] ums-isd200 3-1:0.0: USB Mass Storage device detected [ 272.194266][ T5829] scsi host1: usb-storage 3-1:0.0 [ 272.444633][ T5829] usb 3-1: USB disconnect, device number 3 [ 272.669834][ T7101] loop0: detected capacity change from 0 to 2048 [ 272.747678][ T6046] udevd[6046]: incorrect nilfs2 checksum on /dev/loop4 [ 272.775522][ T7098] loop3: detected capacity change from 0 to 32768 [ 272.796653][ T7098] BTRFS warning: excessive commit interval 2147483648, use with care [ 272.808299][ T7098] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.501 (7098) [ 272.830083][ T7101] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xa1 != 0xd4 [ 272.905589][ T7098] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 272.919155][ T7098] BTRFS info (device loop3): using crc32c checksum algorithm [ 272.927153][ T7098] BTRFS error (device loop3): ignoresuperflags must be used with ro mount option [ 272.936943][ T7098] BTRFS error (device loop3): open_ctree failed: -22 [ 272.960679][ T7101] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 274.029957][ T40] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 274.227188][ T40] usb 4-1: Using ep0 maxpacket: 8 [ 274.258805][ T40] usb 4-1: config index 0 descriptor too short (expected 30, got 18) [ 274.307067][ T40] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 274.365462][ T40] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 274.408490][ T40] usb 4-1: Product: syz [ 274.435692][ T40] usb 4-1: Manufacturer: syz [ 274.456446][ T7122] loop4: detected capacity change from 0 to 512 [ 274.456684][ T40] usb 4-1: SerialNumber: syz [ 274.541643][ T40] usb 4-1: config 0 descriptor?? [ 274.555373][ T7124] loop0: detected capacity change from 0 to 512 [ 274.567437][ T40] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 274.595878][ T40] usb 4-1: setting power ON [ 274.601556][ T40] dvb-usb: bulk message failed: -22 (2/0) [ 274.645116][ T7122] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.648587][ T40] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 274.676799][ T40] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 274.689350][ T40] usb 4-1: media controller created [ 274.718381][ T7124] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.764837][ T7114] dvb-usb: bulk message failed: -22 (3/0) [ 274.766204][ T40] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 274.784481][ T7124] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 274.817521][ T7133] loop1: detected capacity change from 0 to 128 [ 274.838615][ T7114] dvb-usb: bulk message failed: -22 (4/0) [ 274.870051][ T7114] cxusb: i2c read failed [ 274.892884][ T40] usb 4-1: selecting invalid altsetting 6 [ 274.915241][ T40] usb 4-1: digital interface selection failed (-22) [ 274.948349][ T40] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 274.974093][ T40] usb 4-1: setting power OFF [ 274.978871][ T40] dvb-usb: bulk message failed: -22 (2/0) [ 274.996321][ T40] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 274.996733][ T7133] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 275.029928][ T40] (NULL device *): no alternate interface [ 275.077718][ T7133] ext4 filesystem being mounted at /105/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 275.299258][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.311748][ T40] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 275.314982][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.328504][ T40] usb 4-1: USB disconnect, device number 6 [ 276.032210][ T5778] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 277.238490][ T7158] loop2: detected capacity change from 0 to 64 [ 277.332722][ T7158] syz.2.526: attempt to access beyond end of device [ 277.332722][ T7158] loop2: rw=8388608, sector=1024, nr_sectors = 2 limit=64 [ 277.403193][ T7158] Buffer I/O error on dev loop2, logical block 512, async page read [ 277.473332][ T7158] syz.2.526: attempt to access beyond end of device [ 277.473332][ T7158] loop2: rw=8388608, sector=113152, nr_sectors = 2 limit=64 [ 277.561100][ T7158] Buffer I/O error on dev loop2, logical block 56576, async page read [ 277.648264][ T7155] loop3: detected capacity change from 0 to 4096 [ 277.877750][ T7165] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 277.982315][ T7155] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 278.061106][ T7155] Remounting filesystem read-only [ 278.102019][ T7155] NILFS (loop3): the device already has a read-only mount. [ 278.381246][ T7170] loop4: detected capacity change from 0 to 64 [ 279.117798][ T7182] loop4: detected capacity change from 0 to 16 [ 279.214814][ T7182] erofs (device loop4): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 279.218259][ T7184] loop3: detected capacity change from 0 to 512 [ 279.305608][ T7184] EXT4-fs: Ignoring removed nomblk_io_submit option [ 279.331275][ T7182] erofs (device loop4): mounted with root inode @ nid 36. [ 279.364737][ T7184] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 279.389091][ T7184] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 279.525578][ T7182] syz.4.536: attempt to access beyond end of device [ 279.525578][ T7182] loop4: rw=0, sector=0, nr_sectors = 1025 limit=16 [ 279.616514][ T7186] syz.4.536: attempt to access beyond end of device [ 279.616514][ T7186] loop4: rw=0, sector=0, nr_sectors = 1025 limit=16 [ 279.650729][ T7184] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4222: comm syz.3.533: Allocating blocks 41-42 which overlap fs metadata [ 279.702864][ T7182] erofs (device loop4): read error -5 @ 0 of nid 36 [ 279.722780][ T7186] erofs (device loop4): read error -5 @ 0 of nid 36 [ 279.770277][ T7184] loop3: lost filesystem error report for type 5 error -117 [ 279.779561][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 279.793819][ C0] EXT4-fs (loop3): initial error at time 1775805581: ext4_mb_mark_diskspace_used:4222 [ 279.804093][ C0] EXT4-fs (loop3): last error at time 1775805581: ext4_mb_mark_diskspace_used:4222 [ 279.814778][ T7184] EXT4-fs (loop3): Remounting filesystem read-only [ 279.823451][ T7184] Quota error (device loop3): write_blk: dquota write failed [ 279.841372][ T7184] Quota error (device loop3): find_free_dqentry: Can't write quota data block 5 [ 279.889349][ T7184] Quota error (device loop3): write_blk: dquota write failed [ 279.918847][ T7184] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 280.029993][ T7184] EXT4-fs (loop3): 1 truncate cleaned up [ 280.048726][ T7184] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 280.625813][ T5779] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.659014][ T7203] loop4: detected capacity change from 0 to 256 [ 281.037551][ T7210] loop3: detected capacity change from 0 to 128 [ 281.077345][ T7210] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 281.156381][ T7203] FAT-fs (loop4): Directory bread(block 64) failed [ 281.197047][ T7203] FAT-fs (loop4): Directory bread(block 65) failed [ 281.210417][ T7203] FAT-fs (loop4): Directory bread(block 66) failed [ 281.217238][ T7203] FAT-fs (loop4): Directory bread(block 67) failed [ 281.259989][ T7203] FAT-fs (loop4): Directory bread(block 68) failed [ 281.266796][ T7203] FAT-fs (loop4): Directory bread(block 69) failed [ 281.274066][ T7210] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 281.314634][ T7203] FAT-fs (loop4): Directory bread(block 70) failed [ 281.347236][ T7203] FAT-fs (loop4): Directory bread(block 71) failed [ 281.372626][ T7203] FAT-fs (loop4): Directory bread(block 72) failed [ 281.442355][ T7203] FAT-fs (loop4): Directory bread(block 73) failed [ 282.879713][ T5829] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 283.104739][ T5829] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 283.167802][ T5829] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 283.212146][ T5829] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 283.292464][ T5829] usb 4-1: New USB device found, idVendor=056a, idProduct=0010, bcdDevice= 0.00 [ 283.329826][ T5829] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.400269][ T5829] usb 4-1: config 0 descriptor?? [ 283.932602][ T5829] wacom 0003:056A:0010.0009: Unknown device_type for 'HID 056a:0010'. Assuming pen. [ 283.975003][ T5829] wacom 0003:056A:0010.0009: hidraw0: USB HID v0.00 Device [HID 056a:0010] on usb-dummy_hcd.3-1/input0 [ 284.032989][ T5829] input: Wacom Graphire Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0010.0009/input/input6 [ 284.176870][ T7250] netlink: 20 bytes leftover after parsing attributes in process `syz.2.565'. [ 284.284109][ T5829] usb 4-1: USB disconnect, device number 7 [ 284.580583][ T7256] netlink: 8 bytes leftover after parsing attributes in process `syz.1.568'. [ 284.997863][ T7257] fido_id[7257]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 285.093539][ T7261] loop4: detected capacity change from 0 to 1024 [ 285.547005][ T1134] hfsplus: b-tree write err: -5, ino 25 [ 285.580701][ T1134] hfsplus: b-tree write err: -5, ino 4 [ 285.586663][ T1134] hfsplus: b-tree write err: -5, ino 2 [ 285.803727][ T7271] netlink: 24 bytes leftover after parsing attributes in process `syz.2.574'. [ 286.027041][ T7273] loop4: detected capacity change from 0 to 1024 [ 286.209033][ T7273] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 286.583790][ T7285] netlink: 12 bytes leftover after parsing attributes in process `syz.2.579'. [ 286.644711][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.829840][ T5829] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 287.034634][ T5829] usb 4-1: Using ep0 maxpacket: 32 [ 287.084150][ T5829] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 287.116815][ T5829] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 287.174024][ T5829] usb 4-1: config 0 has no interface number 0 [ 287.239824][ T5829] usb 4-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping [ 287.304604][ T5829] usb 4-1: config 0 interface 1 has no altsetting 0 [ 287.375375][ T5829] usb 4-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a [ 287.409719][ T5829] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 287.418458][ T5829] usb 4-1: Product: syz [ 287.464266][ T5829] usb 4-1: Manufacturer: syz [ 287.469184][ T5829] usb 4-1: SerialNumber: syz [ 287.542256][ T5829] usb 4-1: config 0 descriptor?? [ 287.800498][ T5791] Bluetooth: hci2: unexpected event for opcode 0x0016 [ 287.807582][ T5829] cx231xx 4-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces [ 287.975506][ T5829] cx231xx 4-1:0.1: Not found matching IAD interface [ 288.029070][ T5829] usb 4-1: USB disconnect, device number 8 [ 288.176367][ T7299] loop0: detected capacity change from 0 to 2048 [ 288.312509][ T7303] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 288.485366][ T7299] NILFS error (device loop0): nilfs_check_folio: bad entry in directory #2: directory entry across blocks - offset=0, inode=2, rec_len=1040, name_len=1 [ 288.546468][ T7299] Remounting filesystem read-only [ 288.824504][ T5790] Bluetooth: hci0: command 0x0406 tx timeout [ 288.830513][ T5791] Bluetooth: hci1: command 0x0406 tx timeout [ 288.836920][ T5791] Bluetooth: hci4: command 0x0406 tx timeout [ 288.936207][ T7311] loop1: detected capacity change from 0 to 1024 [ 288.949887][ T40] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 288.956384][ T7311] EXT4-fs: inline encryption not supported [ 289.073789][ T7311] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 289.089177][ T7311] ext4 filesystem being mounted at /123/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 289.104608][ T7315] netlink: 8 bytes leftover after parsing attributes in process `syz.3.592'. [ 289.174543][ T40] usb 3-1: Using ep0 maxpacket: 16 [ 289.295970][ T40] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 289.309767][ T40] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 289.356901][ T40] usb 3-1: Product: syz [ 289.392799][ T40] usb 3-1: Manufacturer: syz [ 289.397717][ T40] usb 3-1: SerialNumber: syz [ 289.490285][ T40] usb 3-1: config 0 descriptor?? [ 289.519272][ T40] visor 3-1:0.0: Sony Clie 3.5 converter detected [ 289.605337][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 289.821283][ T40] usb 3-1: clie_3_5_startup: get config number bad return length: 0 [ 289.901893][ T40] visor 3-1:0.0: probe with driver visor failed with error -5 [ 290.054159][ T40] usb 3-1: USB disconnect, device number 4 [ 290.569095][ T7322] loop3: detected capacity change from 0 to 32768 [ 290.657253][ T7326] loop4: detected capacity change from 0 to 512 [ 290.667691][ T7322] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 290.676301][ T7322] gfs2: fsid=syz:syz: Now mounting FS (format 1802)... [ 290.735488][ T7322] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 1 19, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 398 [ 290.757251][ T7322] gfs2: fsid=syz:syz.0: G: s:SH n:2/13 f:aqonN t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 290.768874][ T7322] gfs2: fsid=syz:syz.0: H: s:SH f:eEcH e:0 p:0 [(none)] init_inodes+0x124/0x510 [ 290.778908][ T7322] gfs2: fsid=syz:syz.0: I: n:1/19 t:8 f:0x00 d:0x00000000 s:0 p:0 [ 290.787280][ T7322] CPU: 0 UID: 0 PID: 7322 Comm: syz.3.595 Not tainted syzkaller #0 PREEMPT(full) [ 290.787414][ T7322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 290.787498][ T7322] Call Trace: [ 290.787550][ T7322] [ 290.787597][ T7322] __dump_stack+0x26/0x30 [ 290.787754][ T7322] dump_stack_lvl+0x14c/0x1c0 [ 290.787909][ T7322] dump_stack+0x1e/0x25 [ 290.788047][ T7322] gfs2_withdraw+0xd5/0x270 [ 290.788235][ T7322] gfs2_consist_inode_i+0x1a9/0x240 [ 290.788440][ T7322] inode_go_instantiate+0x13bf/0x1ea0 [ 290.788675][ T7322] ? __pfx_inode_go_instantiate+0x10/0x10 [ 290.788852][ T7322] gfs2_instantiate+0x24f/0x4b0 [ 290.788993][ T7322] gfs2_glock_wait+0x26a/0x3b0 [ 290.789150][ T7322] gfs2_glock_nq+0x152f/0x2d40 [ 290.789291][ T7322] ? kmsan_get_metadata+0xf1/0x160 [ 290.789468][ T7322] init_journal+0x1308/0x3970 [ 290.789630][ T7322] ? init_inodes+0x124/0x510 [ 290.789761][ T7322] ? init_inodes+0x124/0x510 [ 290.789884][ T7322] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 290.790027][ T7322] init_inodes+0x124/0x510 [ 290.790160][ T7322] gfs2_fill_super+0x3518/0x3ff0 [ 290.790289][ T7322] ? init_locking+0xed/0x500 [ 290.790450][ T7322] get_tree_bdev_flags+0x6e6/0x920 [ 290.790626][ T7322] ? __pfx_gfs2_fill_super+0x10/0x10 [ 290.790760][ T7322] ? __pfx_gfs2_fill_super+0x10/0x10 [ 290.790882][ T7322] ? __pfx_gfs2_get_tree+0x10/0x10 [ 290.791006][ T7322] get_tree_bdev+0x38/0x50 [ 290.791177][ T7322] gfs2_get_tree+0x57/0x350 [ 290.791305][ T7322] ? __pfx_gfs2_get_tree+0x10/0x10 [ 290.791429][ T7322] vfs_get_tree+0xb3/0x5d0 [ 290.791606][ T7322] do_new_mount+0x885/0x1dd0 [ 290.791726][ T7322] ? apparmor_capable+0x2a2/0x380 [ 290.791901][ T7322] ? kmsan_get_metadata+0xf1/0x160 [ 290.792021][ T7322] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 290.792182][ T7322] path_mount+0x7a2/0x20b0 [ 290.792316][ T7322] ? user_path_at+0x1fc/0x330 [ 290.792486][ T7322] __se_sys_mount+0x704/0x7f0 [ 290.792619][ T7322] ? kmsan_get_metadata+0xf1/0x160 [ 290.792770][ T7322] __x64_sys_mount+0xe4/0x150 [ 290.792914][ T7322] x64_sys_call+0x39f0/0x3ea0 [ 290.793121][ T7322] do_syscall_64+0x134/0xf80 [ 290.793293][ T7322] ? clear_bhb_loop+0x50/0xa0 [ 290.793431][ T7322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.793574][ T7322] RIP: 0033:0x7fd50279da8a [ 290.793672][ T7322] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 290.793782][ T7322] RSP: 002b:00007fd5036c3e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 290.793905][ T7322] RAX: ffffffffffffffda RBX: 00007fd5036c3ee0 RCX: 00007fd50279da8a [ 290.793998][ T7322] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007fd5036c3ea0 [ 290.794091][ T7322] RBP: 0000200000000400 R08: 00007fd5036c3ee0 R09: 0000000000210401 [ 290.794185][ T7322] R10: 0000000000210401 R11: 0000000000000246 R12: 0000200000012500 [ 290.794271][ T7322] R13: 00007fd5036c3ea0 R14: 000000000001263f R15: 0000200000000000 [ 290.794395][ T7322] [ 291.090509][ T7322] gfs2: fsid=syz:syz.0: can't acquire journal inode glock: -5 [ 291.478125][ T7326] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 291.504692][ T7330] vlan2: entered promiscuous mode [ 291.522797][ T7326] ext4 filesystem being mounted at /117/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 291.573474][ T7330] bridge0: entered promiscuous mode [ 291.581770][ T7326] EXT4-fs error (device loop4): ext4_get_first_dir_block:3538: inode #12: comm syz.4.599: directory missing '.' [ 291.660110][ T7326] EXT4-fs (loop4): Remounting filesystem read-only [ 291.939214][ T7340] netlink: 4 bytes leftover after parsing attributes in process `syz.0.603'. [ 292.000137][ T7340] netlink: 17 bytes leftover after parsing attributes in process `syz.0.603'. [ 292.178056][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 294.207818][ T7374] netlink: 184 bytes leftover after parsing attributes in process `syz.1.619'. [ 294.949807][ T40] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 295.148027][ T40] usb 5-1: config 0 has an invalid interface number: 175 but max is 0 [ 295.191246][ T40] usb 5-1: config 0 has no interface number 0 [ 295.217163][ T40] usb 5-1: config 0 interface 175 altsetting 8 has 0 endpoint descriptors, different from the interface descriptor's value: 8 [ 295.263478][ T7391] netlink: 4 bytes leftover after parsing attributes in process `syz.3.627'. [ 295.275643][ T40] usb 5-1: config 0 interface 175 has no altsetting 0 [ 295.298305][ T40] usb 5-1: New USB device found, idVendor=0fc5, idProduct=1227, bcdDevice=da.8e [ 295.342615][ T40] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 295.352737][ T40] usb 5-1: Product: syz [ 295.368190][ T40] usb 5-1: Manufacturer: syz [ 295.397080][ T40] usb 5-1: SerialNumber: syz [ 295.466300][ T40] usb 5-1: config 0 descriptor?? [ 295.711545][ T40] hub 5-1:0.175: bad descriptor, ignoring hub [ 295.732184][ T40] hub 5-1:0.175: probe with driver hub failed with error -5 [ 295.754616][ T40] usbsevseg 5-1:0.175: USB 7 Segment device now attached [ 295.831478][ T40] usb 5-1: USB disconnect, device number 4 [ 295.838542][ T40] usbsevseg 5-1:0.175: USB 7 Segment now disconnected [ 295.967840][ T7398] loop3: detected capacity change from 0 to 1024 [ 296.049294][ T7398] EXT4-fs: Ignoring removed orlov option [ 296.059065][ T7398] EXT4-fs (loop3): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 296.170395][ T7398] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 296.352526][ T5831] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 296.564495][ T5831] usb 2-1: New USB device found, idVendor=057b, idProduct=0000, bcdDevice= 0.00 [ 296.596655][ T5831] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 296.677403][ T5831] usb-storage 2-1:32.0: USB Mass Storage device detected [ 296.754104][ T5779] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.773715][ T5831] usb-storage 2-1:32.0: Quirks match for vid 057b pid 0000: 1 [ 297.040119][ T5831] usb 2-1: USB disconnect, device number 4 [ 297.398129][ T7420] loop3: detected capacity change from 0 to 512 [ 297.409039][ T7420] EXT4-fs: Ignoring removed nobh option [ 297.449126][ T7420] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 297.475607][ T7422] loop0: detected capacity change from 0 to 64 [ 297.625650][ T7420] EXT4-fs (loop3): 1 truncate cleaned up [ 297.711170][ T7420] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 298.151768][ T7427] loop4: detected capacity change from 0 to 256 [ 298.275303][ T5779] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.539933][ T7427] FAT-fs (loop4): Directory bread(block 64) failed [ 298.562459][ T7427] FAT-fs (loop4): Directory bread(block 65) failed [ 298.610084][ T7427] FAT-fs (loop4): Directory bread(block 66) failed [ 298.635983][ T7427] FAT-fs (loop4): Directory bread(block 67) failed [ 298.698418][ T5831] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 298.712512][ T7427] FAT-fs (loop4): Directory bread(block 68) failed [ 298.719352][ T7427] FAT-fs (loop4): Directory bread(block 69) failed [ 298.778454][ T7427] FAT-fs (loop4): Directory bread(block 70) failed [ 298.860200][ T7427] FAT-fs (loop4): Directory bread(block 71) failed [ 298.867113][ T7427] FAT-fs (loop4): Directory bread(block 72) failed [ 298.920753][ T5831] usb 1-1: config 0 has an invalid interface number: 16 but max is 0 [ 298.961882][ T7427] FAT-fs (loop4): Directory bread(block 73) failed [ 298.965537][ T5831] usb 1-1: config 0 has no interface number 0 [ 299.026088][ T5831] usb 1-1: too many endpoints for config 0 interface 16 altsetting 144: 127, using maximum allowed: 30 [ 299.112096][ T5831] usb 1-1: config 0 interface 16 altsetting 144 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 299.138312][ T5831] usb 1-1: config 0 interface 16 altsetting 144 endpoint 0x81 has invalid wMaxPacketSize 0 [ 299.167649][ T7427] syz.4.643: attempt to access beyond end of device [ 299.167649][ T7427] loop4: rw=8390659, sector=1224, nr_sectors = 544 limit=256 [ 299.193534][ T5831] usb 1-1: config 0 interface 16 altsetting 144 has 1 endpoint descriptor, different from the interface descriptor's value: 127 [ 299.269831][ T5831] usb 1-1: config 0 interface 16 has no altsetting 0 [ 299.287140][ T5831] usb 1-1: New USB device found, idVendor=5543, idProduct=004d, bcdDevice= 0.00 [ 299.321792][ T5831] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.391450][ T5831] usb 1-1: config 0 descriptor?? [ 299.496686][ T7441] loop3: detected capacity change from 0 to 1024 [ 299.646141][ T7441] hfsplus: bad catalog entry type [ 299.885838][ T5831] uclogic 0003:5543:004D.000A: interface is invalid, ignoring [ 300.042570][ T57] hfsplus: b-tree write err: -5, ino 25 [ 300.092920][ T5831] usb 1-1: USB disconnect, device number 4 [ 300.102906][ T57] hfsplus: b-tree write err: -5, ino 4 [ 300.108930][ T57] hfsplus: b-tree write err: -5, ino 2 [ 301.013493][ T7455] netlink: 'syz.1.656': attribute type 11 has an invalid length. [ 301.044968][ T7455] netlink: 44 bytes leftover after parsing attributes in process `syz.1.656'. [ 301.184130][ T7460] bridge0: port 2(bridge_slave_1) entered disabled state [ 301.193836][ T7460] bridge0: port 1(bridge_slave_0) entered disabled state [ 301.787889][ T7467] loop2: detected capacity change from 0 to 512 [ 301.849091][ T7467] EXT4-fs: Ignoring removed oldalloc option [ 301.918207][ T7467] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 302.034563][ T7467] EXT4-fs error (device loop2): ext4_iget_extra_inode:5040: inode #11: comm syz.2.661: corrupted in-inode xattr: invalid ea_ino [ 302.096995][ T7467] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 302.122358][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 302.138309][ C1] EXT4-fs (loop2): initial error at time 1775805603: ext4_iget_extra_inode:5040: inode 11 [ 302.148711][ C1] EXT4-fs (loop2): last error at time 1775805603: ext4_iget_extra_inode:5040: inode 11 [ 302.216170][ T7467] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.661: couldn't read orphan inode 11 (err -117) [ 302.233069][ T7467] loop2: lost filesystem error report for type 5 error -117 [ 302.251667][ T7467] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 302.715539][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 302.959184][ T7486] loop4: detected capacity change from 0 to 512 [ 303.079034][ T7486] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 303.149924][ T7486] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 303.170249][ T7486] System zones: 0-1, 15-15, 18-18, 34-34 [ 303.177173][ T7486] EXT4-fs (loop4): orphan cleanup on readonly fs [ 303.295976][ T7486] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0 [ 303.372785][ T7486] EXT4-fs warning (device loop4): ext4_enable_quotas:7261: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 303.489231][ T7486] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 303.503342][ T7497] loop1: detected capacity change from 0 to 128 [ 303.544032][ T7497] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 303.588205][ T7486] EXT4-fs (loop4): 1 truncate cleaned up [ 303.653994][ T7486] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 303.698829][ T7497] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 303.875623][ T7500] loop2: detected capacity change from 0 to 64 [ 304.102806][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 304.621478][ T7506] netlink: 24 bytes leftover after parsing attributes in process `syz.4.678'. [ 305.427852][ T7523] loop3: detected capacity change from 0 to 164 [ 305.480993][ T7523] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet. [ 305.982538][ T5831] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 306.149955][ T5831] usb 2-1: Using ep0 maxpacket: 8 [ 306.215397][ T5831] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 306.289932][ T5831] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 306.299048][ T5831] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 306.402404][ T5831] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 306.443184][ T5831] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 306.526609][ T5831] hub 2-1:1.0: bad descriptor, ignoring hub [ 306.562411][ T5831] hub 2-1:1.0: probe with driver hub failed with error -5 [ 306.643949][ T7536] loop4: detected capacity change from 0 to 2048 [ 306.812303][ T7536] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 307.041732][ T5831] usb 2-1: USB disconnect, device number 5 [ 307.409954][ T5831] usb 2-1: new low-speed USB device number 6 using dummy_hcd [ 307.635810][ T7549] loop0: detected capacity change from 0 to 256 [ 307.674491][ T5831] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 307.744320][ T5831] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 307.778053][ T5831] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 307.840863][ T5831] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 307.893292][ T5831] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 307.924144][ T7553] loop2: detected capacity change from 0 to 764 [ 308.003477][ T5831] hub 2-1:1.0: bad descriptor, ignoring hub [ 308.084454][ T5831] hub 2-1:1.0: probe with driver hub failed with error -5 [ 308.188135][ T5831] usb 2-1: USB disconnect, device number 6 [ 309.847800][ T7579] loop3: detected capacity change from 0 to 4096 [ 309.928866][ T7585] loop0: detected capacity change from 0 to 1024 [ 310.070651][ T7590] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 310.706311][ T7595] netlink: 12 bytes leftover after parsing attributes in process `syz.2.717'. [ 311.072108][ T7599] loop0: detected capacity change from 0 to 256 [ 311.649354][ T7607] loop2: detected capacity change from 0 to 512 [ 311.743364][ T7607] EXT4-fs: Ignoring removed nomblk_io_submit option [ 311.844722][ T7607] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 311.864075][ T7607] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002] [ 311.913109][ T7614] netlink: 332 bytes leftover after parsing attributes in process `syz.0.725'. [ 311.923144][ T7614] netlink: 'syz.0.725': attribute type 9 has an invalid length. [ 311.931209][ T7614] netlink: 108 bytes leftover after parsing attributes in process `syz.0.725'. [ 311.940259][ T7607] EXT4-fs (loop2): orphan cleanup on readonly fs [ 311.940449][ T7607] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0 [ 311.940597][ T7607] EXT4-fs warning (device loop2): ext4_enable_quotas:7261: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 311.949127][ T7614] netlink: 32 bytes leftover after parsing attributes in process `syz.0.725'. [ 312.049642][ T7607] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 312.121125][ T7607] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.722: bg 0: block 40: padding at end of block bitmap is not set [ 312.240093][ T7607] loop2: lost filesystem error report for type 5 error -117 [ 312.244091][ T7607] EXT4-fs (loop2): Remounting filesystem read-only [ 312.251887][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 312.251990][ C0] EXT4-fs (loop2): initial error at time 1775805613: ext4_validate_block_bitmap:441 [ 312.252109][ C0] EXT4-fs (loop2): last error at time 1775805613: ext4_validate_block_bitmap:441 [ 312.457874][ T7607] EXT4-fs (loop2): 1 truncate cleaned up [ 312.618766][ T7607] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 313.148058][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 313.722241][ T7638] loop4: detected capacity change from 0 to 16 [ 313.754026][ T7635] loop1: detected capacity change from 0 to 1024 [ 313.780714][ T7638] erofs (device loop4): mounted with root inode @ nid 36. [ 313.902888][ T7640] loop3: detected capacity change from 0 to 512 [ 313.972612][ T7640] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 314.132769][ T7640] EXT4-fs (loop3): 2 truncates cleaned up [ 314.242325][ T7640] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 314.260547][ T7644] netlink: 4 bytes leftover after parsing attributes in process `syz.0.739'. [ 314.357169][ T7642] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 314.445858][ T7640] EXT4-fs error (device loop3): ext4_inlinedir_to_tree:1332: inode #12: block 7: comm syz.3.737: path /137/file0/file0: bad entry in directory: directory entry overrun - offset=196864, inode=4278190093, rec_len=196860, size=60 fake=0 [ 314.498027][ T7640] EXT4-fs (loop3): Remounting filesystem read-only [ 314.501732][ T7642] EXT4-fs (loop3): Remounting filesystem read-only [ 314.853144][ T7650] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 315.043676][ T7655] netlink: 8 bytes leftover after parsing attributes in process `syz.2.744'. [ 315.065285][ T5779] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 316.104523][ T5776] Bluetooth: hci0: unexpected event for opcode 0x2042 [ 316.622125][ T29] audit: type=1326 audit(1775805618.271:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50279c819 code=0x7ffc0000 [ 316.743222][ T29] audit: type=1326 audit(1775805618.311:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50279c819 code=0x7ffc0000 [ 316.865940][ T29] audit: type=1326 audit(1775805618.351:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50279c819 code=0x7ffc0000 [ 316.978726][ T29] audit: type=1326 audit(1775805618.351:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50279c819 code=0x7ffc0000 [ 316.982375][ T7685] netlink: 'syz.2.758': attribute type 1 has an invalid length. [ 317.110076][ T29] audit: type=1326 audit(1775805618.351:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fd50279c819 code=0x7ffc0000 [ 317.208906][ T29] audit: type=1326 audit(1775805618.351:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50279c819 code=0x7ffc0000 [ 317.317954][ T29] audit: type=1326 audit(1775805618.351:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50279c819 code=0x7ffc0000 [ 317.422689][ T29] audit: type=1326 audit(1775805618.361:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50279c819 code=0x7ffc0000 [ 317.575465][ T29] audit: type=1326 audit(1775805618.361:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50279c819 code=0x7ffc0000 [ 317.769893][ T29] audit: type=1326 audit(1775805618.361:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7fd50279c819 code=0x7ffc0000 [ 317.858918][ T29] audit: type=1326 audit(1775805618.361:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50279c819 code=0x7ffc0000 [ 317.940463][ T29] audit: type=1326 audit(1775805618.361:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd50279c819 code=0x7ffc0000 [ 318.041746][ T29] audit: type=1326 audit(1775805618.381:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fd50279c819 code=0x7ffc0000 [ 318.118911][ T7704] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 318.128754][ T7704] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 318.172296][ T7704] overlayfs: missing 'lowerdir' [ 318.629833][ T40] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 318.832308][ T40] usb 1-1: Using ep0 maxpacket: 32 [ 318.846296][ T40] usb 1-1: config 0 has an invalid interface number: 51 but max is 0 [ 318.879751][ T40] usb 1-1: config 0 has no interface number 0 [ 318.927681][ T40] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 318.984180][ T40] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 319.024006][ T40] usb 1-1: Product: syz [ 319.028376][ T40] usb 1-1: Manufacturer: syz [ 319.056602][ T7717] loop2: detected capacity change from 0 to 256 [ 319.062412][ T40] usb 1-1: SerialNumber: syz [ 319.152461][ T40] usb 1-1: config 0 descriptor?? [ 319.198432][ T40] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 319.360274][ T7722] netlink: 332 bytes leftover after parsing attributes in process `syz.4.775'. [ 319.466243][ T7722] netlink: 'syz.4.775': attribute type 9 has an invalid length. [ 319.498281][ T40] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 319.617761][ T7722] netlink: 108 bytes leftover after parsing attributes in process `syz.4.775'. [ 319.690375][ T7722] netlink: 32 bytes leftover after parsing attributes in process `syz.4.775'. [ 319.751855][ T7727] loop3: detected capacity change from 0 to 64 [ 319.795032][ T40] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 319.876483][ C1] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 319.957188][ T40] usb 1-1: USB disconnect, device number 5 [ 320.016605][ T40] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 320.084367][ T7729] mkiss: ax0: crc mode is auto. [ 320.152234][ T40] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 320.182560][ T5776] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 320.206115][ T5776] Bluetooth: hci0: Injecting HCI hardware error event [ 320.213945][ T5776] Bluetooth: hci0: hardware error 0x00 [ 320.226754][ T40] quatech2 1-1:0.51: device disconnected [ 321.107285][ T7743] loop0: detected capacity change from 0 to 64 [ 321.257148][ T7745] loop4: detected capacity change from 0 to 512 [ 321.326322][ T7745] EXT4-fs: Ignoring removed orlov option [ 321.380954][ T7745] EXT4-fs: Ignoring removed bh option [ 321.430199][ T7745] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 321.510604][ T7745] EXT4-fs (loop4): orphan cleanup on readonly fs [ 321.650224][ T7745] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.785: bg 0: block 248: padding at end of block bitmap is not set [ 321.703891][ T7745] loop4: lost filesystem error report for type 5 error -117 [ 321.706013][ T7745] EXT4-fs error (device loop4): ext4_acquire_dquot:7026: comm syz.4.785: Failed to acquire dquot type 1 [ 321.713758][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 321.713844][ C1] EXT4-fs (loop4): last error at time 1775805623: ext4_validate_block_bitmap:441 [ 321.902389][ T7745] loop4: lost filesystem error report for type 5 error -117 [ 321.950814][ T7745] EXT4-fs (loop4): 1 truncate cleaned up [ 321.985792][ T7752] loop1: detected capacity change from 0 to 128 [ 322.014527][ T7745] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 322.035817][ T7752] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 322.075079][ T7752] hpfs: filesystem error: improperly stopped [ 322.100167][ T7752] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 322.126267][ T7745] EXT4-fs: Ignoring removed orlov option [ 322.135523][ T7752] hpfs: You really don't want any checks? You are crazy... [ 322.156510][ T7745] EXT4-fs: Ignoring removed bh option [ 322.164276][ T7752] hpfs: Code page index out of array [ 322.180147][ T7752] hpfs: code page support is disabled [ 322.196965][ T7745] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 322.213271][ T7752] hpfs: hpfs_map_4sectors(): unaligned read [ 322.258457][ T7745] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 322.273044][ T7759] loop2: detected capacity change from 0 to 256 [ 322.289316][ T7752] hpfs: hpfs_map_4sectors(): unaligned read [ 322.296085][ T7752] hpfs: filesystem error: unable to find root dir [ 322.316083][ T7759] exfat: Deprecated parameter 'namecase' [ 322.323149][ T7745] EXT4-fs error (device loop4): __ext4_remount:6829: comm syz.4.785: Abort forced by user [ 322.330349][ T7759] exfat: Deprecated parameter 'namecase' [ 322.362061][ T5776] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 322.411278][ T7745] EXT4-fs (loop4): Remounting filesystem read-only [ 322.420348][ T7763] loop0: detected capacity change from 0 to 1024 [ 322.437950][ T7745] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 322.456968][ T7745] ext4 filesystem being remounted at /155/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 322.487527][ T7759] exFAT-fs (loop2): failed to load upcase table (idx : 0x00000c00, chksum : 0x54b6a122, utbl_chksum : 0xe619d30d) [ 322.826729][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.783832][ T7788] loop1: detected capacity change from 0 to 4096 [ 324.841713][ T7788] EXT4-fs: Ignoring removed orlov option [ 324.917822][ T7788] EXT4-fs (loop1): Test dummy encryption mode enabled [ 324.978947][ T7788] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 325.026831][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 325.026909][ T29] audit: type=1800 audit(1775805626.681:34): pid=7788 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.802" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 325.093753][ T7788] fs-verity (loop1, inode 15): Unknown hash algorithm number: 0 [ 325.146621][ T7792] loop4: detected capacity change from 0 to 4096 [ 325.199021][ T7801] loop3: detected capacity change from 0 to 1024 [ 325.239950][ T7792] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 325.466524][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.605442][ T7792] ntfs3(loop4): ino=19, mi_enum_attr [ 325.653946][ T7792] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 325.783773][ T7792] ntfs3(loop4): failed to convert "c46c" to macturkish [ 325.806641][ T7800] loop2: detected capacity change from 0 to 4096 [ 325.811914][ T7792] ntfs3(loop4): ino=20, mi_enum_attr [ 326.578079][ T7807] xt_hashlimit: size too large, truncated to 1048576 [ 326.626378][ T7810] netlink: 8 bytes leftover after parsing attributes in process `syz.0.811'. [ 326.843282][ T7814] netlink: 8 bytes leftover after parsing attributes in process `syz.1.812'. [ 327.738265][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.750844][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 328.135748][ T7831] veth0_to_bond: entered allmulticast mode [ 328.378251][ T7830] loop0: detected capacity change from 0 to 2048 [ 328.548505][ T7830] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 330.404695][ T7858] loop1: detected capacity change from 0 to 2048 [ 330.492686][ T7858] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 330.912591][ T7864] loop3: detected capacity change from 0 to 512 [ 330.996018][ T7864] EXT4-fs: Ignoring removed mblk_io_submit option [ 331.083907][ T7864] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 331.174487][ T7864] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e028, mo2=0002] [ 331.200728][ T7864] EXT4-fs (loop3): orphan cleanup on readonly fs [ 331.264601][ T7864] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.835: bg 0: block 361: padding at end of block bitmap is not set [ 331.359781][ T7864] loop3: lost filesystem error report for type 5 error -117 [ 331.369640][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 331.384097][ C0] EXT4-fs (loop3): initial error at time 1775805633: ext4_validate_block_bitmap:441 [ 331.393949][ C0] EXT4-fs (loop3): last error at time 1775805633: ext4_validate_block_bitmap:441 [ 331.433904][ T7864] EXT4-fs (loop3): Remounting filesystem read-only [ 331.480273][ T7864] EXT4-fs (loop3): 1 truncate cleaned up [ 331.499116][ T7864] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 331.564706][ T7871] loop4: detected capacity change from 0 to 512 [ 331.610053][ T7864] EXT4-fs warning (device loop3): dx_probe:861: inode #2: comm syz.3.835: dx entry: limit 0 != root limit 125 [ 331.630238][ T7871] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 331.656110][ T7864] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.835: Corrupt directory, running e2fsck is recommended [ 331.692445][ T7873] loop2: detected capacity change from 0 to 256 [ 331.747155][ T7871] EXT4-fs (loop4): 1 truncate cleaned up [ 331.798872][ T7871] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 332.053723][ T7871] EXT4-fs warning (device loop4): ext4_group_extend:1890: can't read last block, resize aborted [ 332.163039][ T5779] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 332.572055][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 333.290767][ T7892] block nbd1: NBD_DISCONNECT [ 333.322657][ T7895] loop2: detected capacity change from 0 to 64 [ 333.526385][ T7890] loop3: detected capacity change from 0 to 4096 [ 333.557676][ T7899] loop4: detected capacity change from 0 to 256 [ 333.633846][ T7890] EXT4-fs (loop3): Test dummy encryption mode enabled [ 333.742419][ T7890] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 333.977419][ T7899] FAT-fs (loop4): Directory bread(block 64) failed [ 333.983354][ T7890] EXT4-fs: Can't set or change test_dummy_encryption on remount [ 334.004328][ T7899] FAT-fs (loop4): Directory bread(block 65) failed [ 334.055052][ T7899] FAT-fs (loop4): Directory bread(block 66) failed [ 334.082826][ T7899] FAT-fs (loop4): Directory bread(block 67) failed [ 334.122445][ T7899] FAT-fs (loop4): Directory bread(block 68) failed [ 334.143344][ T7899] FAT-fs (loop4): Directory bread(block 69) failed [ 334.175143][ T7899] FAT-fs (loop4): Directory bread(block 70) failed [ 334.231806][ T7899] FAT-fs (loop4): Directory bread(block 71) failed [ 334.264364][ T7899] FAT-fs (loop4): Directory bread(block 72) failed [ 334.304658][ T7899] FAT-fs (loop4): Directory bread(block 73) failed [ 334.335428][ T5779] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 334.603642][ T7912] netlink: 332 bytes leftover after parsing attributes in process `syz.0.857'. [ 334.719809][ T7912] netlink: 'syz.0.857': attribute type 9 has an invalid length. [ 334.727646][ T7912] netlink: 108 bytes leftover after parsing attributes in process `syz.0.857'. [ 334.750179][ T7912] netlink: 32 bytes leftover after parsing attributes in process `syz.0.857'. [ 335.369721][ T40] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 335.602602][ T40] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 335.632408][ T40] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 335.650005][ T40] usb 3-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 335.717074][ T40] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.817330][ T40] usb 3-1: config 0 descriptor?? [ 335.888572][ T40] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 335.947849][ T40] dvb-usb: bulk message failed: -22 (3/0) [ 336.079919][ T40] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 336.150704][ T7921] dvb-usb: bulk message failed: -22 (2/0) [ 336.193654][ T40] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 336.224717][ T40] usb 3-1: media controller created [ 336.306943][ T40] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 336.486930][ T40] dvb-usb: bulk message failed: -22 (6/0) [ 336.552548][ T40] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 336.616961][ T40] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input9 [ 336.675268][ T40] dvb-usb: schedule remote query interval to 150 msecs. [ 336.696685][ T40] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 336.773894][ T40] usb 3-1: USB disconnect, device number 5 [ 336.966794][ T40] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 337.378087][ T7943] bond0: (slave bond_slave_1): Releasing backup interface [ 337.404279][ T7944] binder: 7942:7944 ioctl c00c620f 200000000100 returned -22 [ 338.065665][ T7954] loop2: detected capacity change from 0 to 256 [ 338.223145][ T7954] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 339.049270][ T7965] loop1: detected capacity change from 0 to 2048 [ 339.189048][ T5966] loop1: p1 < > p4 [ 339.218238][ T5966] loop1: p4 size 722688 extends beyond EOD, truncated [ 339.302821][ T7965] loop1: p1 < > p4 [ 339.389518][ T7965] loop1: p4 size 722688 extends beyond EOD, truncated [ 340.835823][ T7986] loop3: detected capacity change from 0 to 4096 [ 341.332024][ T8000] loop0: detected capacity change from 0 to 512 [ 341.373253][ T8000] EXT4-fs: Ignoring removed nobh option [ 341.480472][ T6046] udevd[6046]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 341.503601][ T8004] netlink: 'syz.4.898': attribute type 3 has an invalid length. [ 341.512226][ T8000] fscrypt (loop0, inode 2): Error -61 getting encryption context [ 341.520551][ T8000] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -61 [ 341.531982][ T8000] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #13: comm syz.0.896: inode has both inline data and extents flags [ 341.553753][ T5966] udevd[5966]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 341.553758][ T8000] loop0: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 341.554983][ T8000] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.896: couldn't read orphan inode 13 (err -117) [ 341.564461][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 341.564556][ C0] EXT4-fs (loop0): initial error at time 1775805643: ext4_orphan_get:1397: inode 13 [ 341.564710][ C0] EXT4-fs (loop0): last error at time 1775805643: ext4_orphan_get:1397: inode 13 [ 341.670268][ T8000] loop0: lost filesystem error report for type 5 error -117 [ 341.692132][ T8000] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 341.822707][ T8005] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 341.920137][ T8000] fscrypt (loop0, inode 2): Error -61 getting encryption context [ 342.048946][ T5966] udevd[5966]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 342.065468][ T6046] udevd[6046]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 342.284818][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 342.971025][ T8018] loop0: detected capacity change from 0 to 1024 [ 344.514456][ T8042] netlink: 16 bytes leftover after parsing attributes in process `syz.0.915'. [ 344.529371][ T8040] loop4: detected capacity change from 0 to 1024 [ 344.580386][ T8040] EXT4-fs: inline encryption not supported [ 344.600685][ T8044] QAT: Invalid ioctl 1075883590 [ 344.626829][ T8044] QAT: Invalid ioctl 1075883590 [ 344.648786][ T8044] QAT: Invalid ioctl 1075883590 [ 344.688064][ T8044] QAT: Invalid ioctl 1075883590 [ 344.701684][ T8044] QAT: Invalid ioctl 1075883590 [ 344.718567][ T8044] QAT: Invalid ioctl 1075883590 [ 344.772180][ T8040] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 344.779054][ T8044] QAT: Invalid ioctl 1075883590 [ 344.819898][ T8044] QAT: Invalid ioctl 1075883590 [ 344.825267][ T8044] QAT: Invalid ioctl 1075883590 [ 344.841989][ T8044] QAT: Invalid ioctl 1075883590 [ 344.911682][ T8040] ext4 filesystem being mounted at /181/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 345.129662][ T40] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 345.172470][ T8054] loop2: detected capacity change from 0 to 256 [ 345.269855][ T8054] exFAT-fs (loop2): failed to test first cluster bit of root dir(5) [ 345.306967][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 345.347815][ T40] usb 4-1: config 220 has an invalid interface number: 76 but max is 2 [ 345.393372][ T40] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 345.426658][ T40] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 345.468599][ T40] usb 4-1: config 220 has no interface number 2 [ 345.512888][ T40] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 345.545972][ T40] usb 4-1: config 220 interface 0 has no altsetting 0 [ 345.567379][ T40] usb 4-1: config 220 interface 76 has no altsetting 0 [ 345.606063][ T40] usb 4-1: config 220 interface 1 has no altsetting 0 [ 345.628214][ T40] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 345.663849][ T40] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 345.759973][ T40] usb 4-1: Product: syz [ 345.764437][ T40] usb 4-1: Manufacturer: syz [ 345.769281][ T40] usb 4-1: SerialNumber: syz [ 346.136778][ T40] uvcvideo 4-1:220.1: Unknown video format 00000000-0000-0000-0000-000200000000 [ 346.170142][ T40] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 346.192413][ T40] uvcvideo 4-1:220.0: No valid video chain found. [ 346.199293][ T40] usb 4-1: selecting invalid altsetting 0 [ 346.351260][ T40] usb 4-1: selecting invalid altsetting 0 [ 346.390181][ T40] usbtest 4-1:220.1: probe with driver usbtest failed with error -22 [ 346.453831][ T40] usb 4-1: USB disconnect, device number 9 [ 346.508665][ T8066] loop0: detected capacity change from 0 to 2048 [ 346.683229][ T8066] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 347.093652][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 347.704476][ T8083] loop1: detected capacity change from 0 to 1024 [ 348.206800][ T1145] hfsplus: b-tree write err: -5, ino 25 [ 348.303701][ T1145] hfsplus: b-tree write err: -5, ino 4 [ 348.322864][ T1145] hfsplus: b-tree write err: -5, ino 2 [ 348.369979][ T1145] hfsplus: b-tree write err: -5, ino 20 [ 348.490065][ T8093] Bluetooth: MGMT ver 1.23 [ 349.136130][ T8103] loop3: detected capacity change from 0 to 256 [ 349.370273][ T8103] FAT-fs (loop3): Directory bread(block 64) failed [ 349.424323][ T8103] FAT-fs (loop3): Directory bread(block 65) failed [ 349.433205][ T8103] FAT-fs (loop3): Directory bread(block 66) failed [ 349.454509][ T8103] FAT-fs (loop3): Directory bread(block 67) failed [ 349.488393][ T8103] FAT-fs (loop3): Directory bread(block 68) failed [ 349.528712][ T8103] FAT-fs (loop3): Directory bread(block 69) failed [ 349.591324][ T8103] FAT-fs (loop3): Directory bread(block 70) failed [ 349.598070][ T8103] FAT-fs (loop3): Directory bread(block 71) failed [ 349.643421][ T8103] FAT-fs (loop3): Directory bread(block 72) failed [ 349.672418][ T40] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 349.696668][ T8103] FAT-fs (loop3): Directory bread(block 73) failed [ 349.884832][ T40] usb 3-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 349.942702][ T40] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64 [ 350.004162][ T40] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 350.101820][ T40] usb 3-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 350.138842][ T40] usb 3-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 350.184203][ T40] usb 3-1: Product: syz [ 350.188602][ T40] usb 3-1: Manufacturer: syz [ 350.203289][ T40] usb 3-1: SerialNumber: syz [ 350.230183][ T8109] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 350.293225][ T40] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input11 [ 350.381046][ C0] appletouch 3-1:1.0: atp_complete: usb_submit_urb failed with result -1 [ 350.450744][ C0] appletouch 3-1:1.0: atp_complete: usb_submit_urb failed with result -1 [ 350.532686][ T40] usb 3-1: USB disconnect, device number 6 [ 350.602954][ T8120] netlink: 12 bytes leftover after parsing attributes in process `syz.0.950'. [ 350.670058][ T40] appletouch 3-1:1.0: input: appletouch disconnected [ 351.384706][ T8126] loop4: detected capacity change from 0 to 1024 [ 351.553989][ T8126] hfsplus: size 25, res 24, name_len 13 [ 351.668112][ T8134] netlink: 8 bytes leftover after parsing attributes in process `syz.0.956'. [ 351.744229][ T8134] netlink: 4 bytes leftover after parsing attributes in process `syz.0.956'. [ 351.790060][ T8134] netlink: 'syz.0.956': attribute type 19 has an invalid length. [ 351.798342][ T8134] netlink: 'syz.0.956': attribute type 20 has an invalid length. [ 351.918249][ T1145] hfsplus: b-tree write err: -5, ino 8 [ 352.822404][ T29] audit: type=1326 audit(1775805654.471:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8151 comm="syz.0.964" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f89d8b9c819 code=0x0 [ 354.328565][ T8178] loop1: detected capacity change from 0 to 512 [ 354.372716][ T8178] EXT4-fs: Ignoring removed nomblk_io_submit option [ 354.403552][ T8178] EXT4-fs: Ignoring removed mblk_io_submit option [ 354.514449][ T8178] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 354.562329][ T8178] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 354.644775][ T8178] EXT4-fs (loop1): 1 truncate cleaned up [ 354.684972][ T8178] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 354.756613][ T8182] loop2: detected capacity change from 0 to 2048 [ 354.965409][ T8189] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 354.984625][ T8178] EXT4-fs: can't change dax mount option while remounting [ 355.378535][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.450762][ T8196] netlink: 8 bytes leftover after parsing attributes in process `syz.3.981'. [ 355.465897][ T8196] netlink: 8 bytes leftover after parsing attributes in process `syz.3.981'. [ 355.763079][ T29] audit: type=1800 audit(1775805657.401:36): pid=8188 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.4.979" name="/newroot/193/bus" dev="tmpfs" ino=1020 res=0 errno=0 [ 355.934496][ T8199] loop2: detected capacity change from 0 to 512 [ 355.976108][ T8199] EXT4-fs (loop2): Test dummy encryption mode enabled [ 356.000522][ T8201] loop1: detected capacity change from 0 to 512 [ 356.023357][ T8199] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 356.127863][ T8199] EXT4-fs error (device loop2): ext4_orphan_get:1423: comm syz.2.983: bad orphan inode 131083 [ 356.186407][ T8199] loop2: lost filesystem error report for type 5 error -117 [ 356.228669][ T8199] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 356.272980][ T8201] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 356.376963][ T8201] ext4 filesystem being mounted at /200/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 356.891653][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 357.255474][ T8199] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-lib)))" [ 357.354175][ T8199] overlayfs: upper fs needs to support d_type. [ 357.448985][ T8223] loop4: detected capacity change from 0 to 64 [ 357.518839][ T8199] fscrypt (loop2): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 357.630298][ T8199] overlayfs: upper fs does not support tmpfile. [ 357.638470][ T8199] fscrypt (loop2): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 358.248924][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 358.656243][ T8241] netlink: 28 bytes leftover after parsing attributes in process `syz.2.994'. [ 359.567108][ T8250] loop0: detected capacity change from 0 to 1024 [ 359.670577][ T11] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 359.869565][ T11] usb 5-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 254, changing to 11 [ 359.960483][ T11] usb 5-1: config 0 interface 0 has no altsetting 0 [ 359.967557][ T11] usb 5-1: New USB device found, idVendor=28bd, idProduct=1903, bcdDevice= 0.00 [ 360.054084][ T11] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.143233][ T11] usb 5-1: config 0 descriptor?? [ 360.726838][ T8261] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 360.815641][ T11] input: HID 28bd:1903 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:28BD:1903.000B/input/input12 [ 360.849779][ T5829] usb 4-1: new full-speed USB device number 10 using dummy_hcd [ 360.911440][ T11] uclogic 0003:28BD:1903.000B: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:1903] on usb-dummy_hcd.4-1/input0 [ 361.046339][ T11] usb 5-1: USB disconnect, device number 5 [ 361.062443][ T5829] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 361.093055][ T8261] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 361.115538][ T5829] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 361.167056][ T5829] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00 [ 361.214535][ T5829] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 361.255323][ T5829] usb 4-1: SerialNumber: syz [ 361.338524][ T8261] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 361.446736][ T5829] usb 4-1: 0:2 : does not exist [ 361.724676][ T8268] fido_id[8268]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 361.743393][ T8261] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 361.830574][ T8274] loop4: detected capacity change from 0 to 128 [ 361.848627][ T40] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 361.942405][ T8274] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only [ 361.987880][ T8274] hpfs: filesystem error: improperly stopped [ 361.996060][ T8274] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 362.010904][ T8274] hpfs: Proceeding, but your filesystem could be corrupted if you delete files or directories [ 362.024505][ T8274] hpfs: You really don't want any checks? You are crazy... [ 362.039855][ T40] usb 2-1: Using ep0 maxpacket: 16 [ 362.086434][ T8274] hpfs: hpfs_map_sector(): read error [ 362.103857][ T40] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 362.116499][ T8274] hpfs: code page support is disabled [ 362.134771][ T40] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 362.148029][ T5829] usb 4-1: USB disconnect, device number 10 [ 362.171377][ T8274] hpfs: hpfs_map_4sectors(): unaligned read [ 362.209754][ T40] usb 2-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00 [ 362.234481][ T8274] hpfs: hpfs_map_4sectors(): unaligned read [ 362.242447][ T40] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 362.250822][ T1134] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.274217][ T8274] hpfs: filesystem error: unable to find root dir [ 362.316128][ T7139] udevd[7139]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 362.365433][ T40] usb 2-1: config 0 descriptor?? [ 362.423774][ T1134] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.527920][ T1134] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.718350][ T56] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.878149][ T40] ntrig 0003:1B96:0008.000C: unbalanced collection at end of report description [ 362.953026][ T40] ntrig 0003:1B96:0008.000C: parse failed [ 362.959330][ T40] ntrig 0003:1B96:0008.000C: probe with driver ntrig failed with error -22 [ 363.095622][ T40] usb 2-1: USB disconnect, device number 7 [ 363.245246][ T8283] loop2: detected capacity change from 0 to 256 [ 363.297766][ T8284] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1016'. [ 363.317744][ T8283] exfat: Deprecated parameter 'utf8' [ 363.367008][ T8283] exfat: Deprecated parameter 'namecase' [ 363.407770][ T8283] exfat: Deprecated parameter 'namecase' [ 363.430513][ T8283] exfat: Deprecated parameter 'utf8' [ 363.526638][ T8283] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d) [ 363.590809][ T8283] exFAT-fs (loop2): failed to test first cluster bit of root dir(5) [ 363.682840][ T8288] loop3: detected capacity change from 0 to 64 [ 365.164233][ T8301] loop0: detected capacity change from 0 to 32768 [ 365.180356][ T8301] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1024 (8301) [ 365.214799][ T8301] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 365.226387][ T8301] BTRFS info (device loop0): using sha256 checksum algorithm [ 365.234344][ T8301] BTRFS error (device loop0): ignoredatacsums must be used with ro mount option [ 365.243898][ T8301] BTRFS error (device loop0): open_ctree failed: -22 [ 365.620272][ T5785] Bluetooth: hci3: command 0x0406 tx timeout [ 365.798405][ T8312] loop4: detected capacity change from 0 to 512 [ 365.954761][ T8312] EXT4-fs (loop4): 1 truncate cleaned up [ 365.981813][ T8312] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 366.147509][ T8320] loop1: detected capacity change from 0 to 1024 [ 366.196868][ T8320] EXT4-fs: Ignoring removed bh option [ 366.242923][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 366.322962][ T8320] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 367.224126][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.359086][ T8335] loop4: detected capacity change from 0 to 512 [ 367.567002][ T8335] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 367.801924][ T5774] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 367.937849][ T8336] loop3: detected capacity change from 0 to 4096 [ 368.027814][ T8345] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1042'. [ 368.161188][ T8345] team_slave_0: entered promiscuous mode [ 368.167232][ T8345] team_slave_1: entered promiscuous mode [ 368.261844][ T8345] macvtap1: entered promiscuous mode [ 368.267362][ T8345] team0: entered promiscuous mode [ 368.392963][ T8345] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 368.586509][ T8349] loop2: detected capacity change from 0 to 1024 [ 368.655652][ T8349] EXT4-fs (loop2): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 368.775658][ T8336] ntfs3(loop3): ino=21, The size of extended attributes must not exceed 64KiB [ 368.939291][ T8349] EXT4-fs error (device loop2): ext4_map_blocks:786: inode #3: block 2: comm syz.2.1044: lblock 2 mapped to illegal pblock 2 (length 1) [ 369.019752][ T8349] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 369.029599][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 369.045531][ C0] EXT4-fs (loop2): initial error at time 1775805670: ext4_map_blocks:786: inode 3: block 2 [ 369.056079][ C0] EXT4-fs (loop2): last error at time 1775805670: ext4_map_blocks:786: inode 3: block 2 [ 369.068036][ T8349] EXT4-fs (loop2): Remounting filesystem read-only [ 369.099984][ T8349] Quota error (device loop2): qtree_write_dquot: dquota write failed [ 369.120058][ T8349] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 369.129310][ T8349] EXT4-fs (loop2): 1 orphan inode deleted [ 369.183847][ T8349] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 369.294322][ T8358] loop0: detected capacity change from 0 to 256 [ 369.423359][ T8358] exFAT-fs (loop0): failed to test first cluster bit of root dir(5) [ 369.796266][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.910322][ T8366] loop4: detected capacity change from 0 to 8 [ 370.002816][ T8364] loop1: detected capacity change from 0 to 1024 [ 370.073895][ T8364] EXT4-fs: Ignoring removed bh option [ 370.234606][ T8364] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 370.652700][ T8374] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1053'. [ 370.754980][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 371.378007][ T8384] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 371.430079][ T8384] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 371.943730][ T8395] loop2: detected capacity change from 0 to 256 [ 372.017156][ T8393] loop1: detected capacity change from 0 to 256 [ 372.122781][ T8393] exFAT-fs (loop1): failed to test first cluster bit of root dir(5) [ 372.300072][ T8395] FAT-fs (loop2): Directory bread(block 64) failed [ 372.306945][ T8395] FAT-fs (loop2): Directory bread(block 65) failed [ 372.343838][ T8395] FAT-fs (loop2): Directory bread(block 66) failed [ 372.369816][ T8395] FAT-fs (loop2): Directory bread(block 67) failed [ 372.376884][ T8395] FAT-fs (loop2): Directory bread(block 68) failed [ 372.422827][ T8395] FAT-fs (loop2): Directory bread(block 69) failed [ 372.479995][ T8395] FAT-fs (loop2): Directory bread(block 70) failed [ 372.491214][ T8395] FAT-fs (loop2): Directory bread(block 71) failed [ 372.498354][ T8395] FAT-fs (loop2): Directory bread(block 72) failed [ 372.541791][ T8395] FAT-fs (loop2): Directory bread(block 73) failed [ 372.581829][ T40] usb 4-1: new low-speed USB device number 11 using dummy_hcd [ 372.640368][ T5831] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 372.788602][ T40] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 372.814197][ T8403] loop1: detected capacity change from 0 to 512 [ 372.836371][ T40] usb 4-1: config 0 has no interface number 0 [ 372.863985][ T5831] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 372.885303][ T40] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 372.955310][ T5831] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 372.970667][ T8403] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 373.267936][ T8403] EXT4-fs (loop1): 1 truncate cleaned up [ 373.282504][ T8403] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 373.498661][ T40] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 373.517219][ T5831] usb 5-1: config 0 descriptor?? [ 373.523082][ T40] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 373.533123][ T40] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 373.574636][ T40] usb 4-1: config 0 descriptor?? [ 373.580758][ T5831] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 373.592392][ T8399] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 373.655816][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 373.682304][ T40] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 373.936097][ T40] usb 4-1: USB disconnect, device number 11 [ 373.999948][ T5831] gspca_cpia1: usb_control_msg 03, error -32 [ 374.030735][ T5831] gspca_cpia1: usb_control_msg 03, error -71 [ 374.049171][ T5831] gspca_cpia1: usb_control_msg 01, error -71 [ 374.132494][ T5831] cpia1 5-1:0.0: only firmware version 1 is supported (got: 0) [ 374.191630][ T5831] usb 5-1: USB disconnect, device number 6 [ 374.207297][ T8409] loop1: detected capacity change from 0 to 1024 [ 374.566822][ T72] hfsplus: b-tree write err: -5, ino 25 [ 374.606898][ T72] hfsplus: b-tree write err: -5, ino 4 [ 374.651976][ T72] hfsplus: b-tree write err: -5, ino 2 [ 375.103169][ T8411] loop2: detected capacity change from 0 to 32768 [ 375.113215][ T8411] xfs: Deprecated parameter 'attr2' [ 375.118795][ T8411] XFS: attr2 mount option is deprecated. [ 375.125343][ T8411] XFS (loop2): sunit and swidth options incompatible with the noalign option [ 376.151941][ T8431] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1077'. [ 376.886632][ T11] IPVS: starting estimator thread 0... [ 376.980255][ T8448] IPVS: using max 240 ests per chain, 12000 per kthread [ 377.771684][ T8457] block nbd4: Unsupported socket: should be TCP or UNIX. [ 378.161070][ T8461] netlink: 268 bytes leftover after parsing attributes in process `syz.2.1090'. [ 378.210034][ T8461] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1090'. [ 378.531059][ T5831] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 378.762371][ T5831] usb 4-1: Using ep0 maxpacket: 32 [ 378.787779][ T5831] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 378.858276][ T5831] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 378.860224][ T8477] loop4: detected capacity change from 0 to 1024 [ 378.905665][ T5831] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 378.931163][ T5831] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 378.955416][ T8477] EXT4-fs: inline encryption not supported [ 378.964221][ T5831] usb 4-1: Product: syz [ 379.013897][ T5831] usb 4-1: Manufacturer: syz [ 379.064349][ T8477] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 379.097473][ T8477] ext4 filesystem being mounted at /218/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 379.136946][ T5831] hub 4-1:4.0: USB hub found [ 379.220273][ T8480] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 379.307103][ T5831] hub 4-1:4.0: 3 ports detected [ 379.518935][ T5831] hub 4-1:4.0: hub_hub_status failed (err = -71) [ 379.553990][ T5831] hub 4-1:4.0: config failed, can't get hub status (err -71) [ 379.569058][ T8486] loop1: detected capacity change from 0 to 736 [ 379.614147][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 379.721717][ T5831] usb 4-1: USB disconnect, device number 12 [ 380.046110][ T8490] loop0: detected capacity change from 0 to 256 [ 380.356353][ T8490] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 380.546611][ T8490] exFAT-fs (loop0): start_clu is invalid cluster(0xffffffff) [ 380.808919][ T8498] loop4: detected capacity change from 0 to 1024 [ 381.248479][ T29] audit: type=1326 audit(1775805682.881:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8505 comm="syz.0.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d8b9c819 code=0x7ffc0000 [ 381.345918][ T29] audit: type=1326 audit(1775805682.881:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8505 comm="syz.0.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d8b9c819 code=0x7ffc0000 [ 381.460335][ T29] audit: type=1326 audit(1775805682.931:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8505 comm="syz.0.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d8b9c819 code=0x7ffc0000 [ 381.569695][ T29] audit: type=1326 audit(1775805682.931:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8505 comm="syz.0.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d8b9c819 code=0x7ffc0000 [ 381.686136][ T29] audit: type=1326 audit(1775805682.931:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8505 comm="syz.0.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f89d8b9c819 code=0x7ffc0000 [ 381.694543][ T8509] ptrace attach of "./syz-executor exec"[5774] was attempted by " [ 381.711325][ T8511] loop3: detected capacity change from 0 to 256 [ 381.870565][ T29] audit: type=1326 audit(1775805682.931:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8505 comm="syz.0.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d8b9c819 code=0x7ffc0000 [ 382.034085][ T29] audit: type=1326 audit(1775805682.931:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8505 comm="syz.0.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d8b9c819 code=0x7ffc0000 [ 382.127320][ T29] audit: type=1326 audit(1775805682.931:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8505 comm="syz.0.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d8b9c819 code=0x7ffc0000 [ 382.165304][ T29] audit: type=1326 audit(1775805682.941:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8505 comm="syz.0.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f89d8b9c819 code=0x7ffc0000 [ 382.199605][ T29] audit: type=1326 audit(1775805682.941:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8505 comm="syz.0.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d8b9c819 code=0x7ffc0000 [ 383.635486][ T8539] loop3: detected capacity change from 0 to 64 [ 383.861670][ T8529] loop2: detected capacity change from 0 to 32768 [ 383.871261][ T8529] gfs2: Bad value for 'errors' [ 384.063179][ T8541] mkiss: ax0: crc mode is auto. [ 384.953241][ T8550] loop2: detected capacity change from 0 to 2048 [ 385.057801][ T8559] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 385.901862][ T8571] loop4: detected capacity change from 0 to 512 [ 386.023907][ T8571] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 386.117203][ T8571] ext4 filesystem being mounted at /228/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 386.151645][ T8580] loop0: detected capacity change from 0 to 512 [ 386.192673][ T8580] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 386.304558][ T8580] EXT4-fs (loop0): 1 truncate cleaned up [ 386.366063][ T8580] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 386.612725][ T8569] loop2: detected capacity change from 0 to 4096 [ 386.866107][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 386.971183][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 387.214646][ T8586] loop3: detected capacity change from 0 to 256 [ 387.272451][ T8586] exfat: Deprecated parameter 'namecase' [ 387.319012][ T8586] exfat: Deprecated parameter 'utf8' [ 387.532828][ T8586] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xffade8b4, utbl_chksum : 0xe619d30d) [ 388.455809][ T8599] loop4: detected capacity change from 0 to 256 [ 388.563034][ T8599] exfat: Deprecated parameter 'namecase' [ 388.646442][ T8599] exfat: Deprecated parameter 'utf8' [ 388.939916][ T8599] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xea424414, utbl_chksum : 0xe619d30d) [ 388.973387][ T8604] loop0: detected capacity change from 0 to 512 [ 389.049862][ T8604] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 389.163004][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 389.169895][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 389.974409][ T8608] loop1: detected capacity change from 0 to 32768 [ 390.078132][ T8604] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #17: comm syz.0.1166: casefold flag without casefold feature [ 390.092763][ T8604] loop0: lost file I/O error report for ino 17 type 5 pos 0x0 len 0x0 error -117 [ 390.095595][ T8604] EXT4-fs (loop0): Remounting filesystem read-only [ 390.105259][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 390.105355][ C1] EXT4-fs (loop0): initial error at time 1775805691: ext4_orphan_get:1397: inode 17 [ 390.105511][ C1] EXT4-fs (loop0): last error at time 1775805691: ext4_orphan_get:1397: inode 17 [ 390.160426][ T8604] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 390.709654][ T11] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 390.742100][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 390.934538][ T11] usb 4-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33 [ 390.979611][ T11] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 391.023597][ T11] usb 4-1: config 0 descriptor?? [ 391.166169][ T11] gspca_main: sunplus-2.14.0 probing 055f:c420 [ 391.786990][ T11] gspca_sunplus: reg_w_riv err -71 [ 391.810585][ T11] sunplus 4-1:0.0: probe with driver sunplus failed with error -71 [ 391.901828][ T11] usb 4-1: USB disconnect, device number 13 [ 392.113985][ T8629] loop0: detected capacity change from 0 to 512 [ 392.322799][ T8629] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 392.372422][ T40] usb 2-1: new full-speed USB device number 8 using dummy_hcd [ 392.594456][ T40] usb 2-1: too many endpoints for config 0 interface 0 altsetting 254: 253, using maximum allowed: 30 [ 392.632666][ T40] usb 2-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 392.708916][ T40] usb 2-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 392.749022][ T40] usb 2-1: config 0 interface 0 altsetting 254 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 392.781191][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.839737][ T40] usb 2-1: config 0 interface 0 has no altsetting 0 [ 392.846903][ T40] usb 2-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00 [ 392.930173][ T40] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 392.956885][ T40] usb 2-1: config 0 descriptor?? [ 393.534193][ T8642] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1173'. [ 393.534917][ T40] hid-alps 0003:044E:120C.000D: hidraw0: USB HID v0.04 Device [HID 044e:120c] on usb-dummy_hcd.1-1/input0 [ 393.570015][ T8642] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1173'. [ 393.579197][ T8642] netlink: 31 bytes leftover after parsing attributes in process `syz.3.1173'. [ 393.657140][ T8642] netlink: 'syz.3.1173': attribute type 3 has an invalid length. [ 393.688843][ T40] usb 2-1: USB disconnect, device number 8 [ 393.698926][ T8642] netlink: 'syz.3.1173': attribute type 2 has an invalid length. [ 393.748361][ T8642] netlink: 31 bytes leftover after parsing attributes in process `syz.3.1173'. [ 393.768067][ T8642] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1173'. [ 394.471772][ T8649] fido_id[8649]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 394.750299][ T8656] loop3: detected capacity change from 0 to 2048 [ 394.775709][ T8660] loop1: detected capacity change from 0 to 64 [ 394.902391][ T8663] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 396.867005][ T8686] loop0: detected capacity change from 0 to 256 [ 396.884761][ T8684] loop3: detected capacity change from 0 to 512 [ 396.912494][ T11] kernel read not supported for file /vcs (pid: 11 comm: kworker/0:1) [ 397.350634][ T8686] FAT-fs (loop0): Directory bread(block 64) failed [ 397.357570][ T8686] FAT-fs (loop0): Directory bread(block 65) failed [ 397.485301][ T8686] FAT-fs (loop0): Directory bread(block 66) failed [ 397.580055][ T8686] FAT-fs (loop0): Directory bread(block 67) failed [ 397.587119][ T8686] FAT-fs (loop0): Directory bread(block 68) failed [ 397.699987][ T8686] FAT-fs (loop0): Directory bread(block 69) failed [ 397.707023][ T8686] FAT-fs (loop0): Directory bread(block 70) failed [ 397.878472][ T8686] FAT-fs (loop0): Directory bread(block 71) failed [ 397.951363][ T8686] FAT-fs (loop0): Directory bread(block 72) failed [ 397.958101][ T8686] FAT-fs (loop0): Directory bread(block 73) failed [ 398.925487][ T8702] netlink: 'syz.3.1201': attribute type 3 has an invalid length. [ 398.980148][ T8702] netlink: 16066 bytes leftover after parsing attributes in process `syz.3.1201'. [ 401.444054][ T8723] loop1: detected capacity change from 0 to 256 [ 401.522690][ T8723] exfat: Deprecated parameter 'namecase' [ 401.610649][ T8723] exfat: Deprecated parameter 'namecase' [ 401.812094][ T8723] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 401.929238][ T8729] loop4: detected capacity change from 0 to 512 [ 402.215729][ T8729] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 402.373227][ T8729] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e02c, mo2=0102] [ 402.462435][ T8729] System zones: 1-12 [ 402.467216][ T8729] EXT4-fs (loop4): orphan cleanup on readonly fs [ 402.679883][ T8729] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1212: bg 0: block 361: padding at end of block bitmap is not set [ 402.932755][ T8729] loop4: lost filesystem error report for type 5 error -117 [ 402.996030][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 403.010362][ C1] EXT4-fs (loop4): initial error at time 1775805704: ext4_validate_block_bitmap:441 [ 403.020273][ C1] EXT4-fs (loop4): last error at time 1775805704: ext4_validate_block_bitmap:441 [ 403.040693][ T8729] EXT4-fs (loop4): Remounting filesystem read-only [ 403.140085][ T8729] EXT4-fs (loop4): 1 truncate cleaned up [ 403.286054][ T8729] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 404.287691][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 405.383015][ T8743] loop4: detected capacity change from 0 to 64 [ 406.362285][ T8748] loop2: detected capacity change from 0 to 512 [ 406.455147][ T8748] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 406.534037][ T8748] EXT4-fs (loop2): orphan cleanup on readonly fs [ 406.578313][ T8748] EXT4-fs error (device loop2): ext4_quota_enable:7213: comm syz.2.1222: Bad quota inum: 2, type: 2 [ 406.651231][ T8748] loop2: lost filesystem error report for type 5 error -117 [ 406.654584][ T8748] EXT4-fs (loop2): Remounting filesystem read-only [ 406.662563][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 406.662655][ C0] EXT4-fs (loop2): last error at time 1775805708: ext4_quota_enable:7213 [ 406.990406][ T8748] EXT4-fs warning (device loop2): ext4_enable_quotas:7261: Failed to enable quota tracking (type=2, err=-117, ino=2). Please run e2fsck to fix. [ 407.057152][ T8748] EXT4-fs (loop2): Cannot turn on quotas: error -117 [ 407.208199][ T8748] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 407.820866][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 407.900718][ T8757] vlan2: entered promiscuous mode [ 407.948814][ T8757] bridge0: entered promiscuous mode [ 408.052435][ T8759] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1228'. [ 409.864380][ T1145] ===================================================== [ 409.872444][ T1145] BUG: KMSAN: uninit-value in n_tty_lookahead_flow_ctrl+0x37c/0x740 [ 409.881316][ T1145] n_tty_lookahead_flow_ctrl+0x37c/0x740 [ 409.887615][ T1145] tty_port_default_lookahead_buf+0x146/0x200 [ 409.895699][ T1145] flush_to_ldisc+0x808/0xe40 [ 409.901889][ T1145] process_scheduled_works+0xb82/0x1e80 [ 409.908364][ T1145] worker_thread+0xee4/0x1590 [ 409.913927][ T1145] kthread+0x53f/0x600 [ 409.923420][ T1145] ret_from_fork+0x20f/0x910 [ 409.928833][ T1145] ret_from_fork_asm+0x1a/0x30 [ 409.934403][ T1145] [ 409.937250][ T1145] Uninit was created at: [ 409.942333][ T1145] __kmalloc_noprof+0x486/0x1680 [ 409.947972][ T1145] __tty_buffer_request_room+0x3d4/0x7a0 [ 409.954608][ T1145] __tty_insert_flip_string_flags+0x157/0x6e0 [ 409.961429][ T1145] uart_insert_char+0x368/0x930 [ 409.966950][ T1145] serial8250_read_char+0x1ba/0x670 [ 409.974982][ T1145] serial8250_handle_irq_locked+0x6d4/0xa40 [ 409.981945][ T1145] serial8250_handle_irq+0x187/0x730 [ 409.987966][ T1145] serial8250_default_handle_irq+0x116/0x370 [ 409.994823][ T1145] serial8250_interrupt+0xcb/0x420 [ 410.001672][ T1145] __handle_irq_event_percpu+0x13c/0xf90 [ 410.008051][ T1145] handle_irq_event+0xe0/0x2a0 [ 410.013836][ T1145] handle_edge_irq+0x2a9/0xb30 [ 410.019354][ T1145] __common_interrupt+0x9d/0x180 [ 410.025083][ T1145] common_interrupt+0x94/0xb0 [ 410.030717][ T1145] asm_common_interrupt+0x2b/0x40 [ 410.036420][ T1145] [ 410.039329][ T1145] CPU: 0 UID: 0 PID: 1145 Comm: kworker/u8:9 Not tainted syzkaller #0 PREEMPT(full) [ 410.049966][ T1145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 410.060955][ T1145] Workqueue: events_unbound flush_to_ldisc [ 410.067493][ T1145] ===================================================== [ 410.075891][ T1145] Disabling lock debugging due to kernel taint [ 410.397219][ T8769] loop2: detected capacity change from 0 to 256 [ 411.275681][ T1145] Kernel panic - not syncing: kmsan.panic set ... [ 411.282370][ T1145] CPU: 0 UID: 0 PID: 1145 Comm: kworker/u8:9 Tainted: G B syzkaller #0 PREEMPT(full) [ 411.293984][ T1145] Tainted: [B]=BAD_PAGE [ 411.298228][ T1145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 411.308499][ T1145] Workqueue: events_unbound flush_to_ldisc [ 411.314501][ T1145] Call Trace: [ 411.317992][ T1145] [ 411.321021][ T1145] __dump_stack+0x26/0x30 [ 411.325534][ T1145] dump_stack_lvl+0x50/0x1c0 [ 411.330287][ T1145] ? dump_stack+0x12/0x25 [ 411.334789][ T1145] dump_stack+0x1e/0x25 [ 411.339116][ T1145] vpanic+0x7b4/0x1430 [ 411.343384][ T1145] panic+0x15d/0x160 [ 411.347522][ T1145] kmsan_report+0x31a/0x320 [ 411.352336][ T1145] ? __msan_warning+0x1b/0x30 [ 411.357245][ T1145] ? n_tty_lookahead_flow_ctrl+0x37c/0x740 [ 411.363286][ T1145] ? tty_port_default_lookahead_buf+0x146/0x200 [ 411.369831][ T1145] ? flush_to_ldisc+0x808/0xe40 [ 411.374934][ T1145] ? process_scheduled_works+0xb82/0x1e80 [ 411.381820][ T1145] ? worker_thread+0xee4/0x1590 [ 411.386954][ T1145] ? kthread+0x53f/0x600 [ 411.391557][ T1145] ? ret_from_fork+0x20f/0x910 [ 411.396679][ T1145] ? ret_from_fork_asm+0x1a/0x30 [ 411.401887][ T1145] ? up_read+0x6a/0xf0 [ 411.406099][ T1145] ? n_tty_receive_buf_common+0x2408/0x2610 [ 411.412357][ T1145] ? wakeup_preempt_fair+0xe62/0x1460 [ 411.417934][ T1145] ? kmsan_get_metadata+0xf1/0x160 [ 411.423492][ T1145] __msan_warning+0x1b/0x30 [ 411.428300][ T1145] n_tty_lookahead_flow_ctrl+0x37c/0x740 [ 411.434220][ T1145] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 411.440226][ T1145] ? __pfx_n_tty_lookahead_flow_ctrl+0x10/0x10 [ 411.446596][ T1145] tty_port_default_lookahead_buf+0x146/0x200 [ 411.452860][ T1145] flush_to_ldisc+0x808/0xe40 [ 411.457807][ T1145] ? __pfx_tty_port_default_lookahead_buf+0x10/0x10 [ 411.464584][ T1145] ? __pfx_flush_to_ldisc+0x10/0x10 [ 411.470007][ T1145] process_scheduled_works+0xb82/0x1e80 [ 411.475988][ T1145] worker_thread+0xee4/0x1590 [ 411.480878][ T1145] kthread+0x53f/0x600 [ 411.485331][ T1145] ? __pfx_worker_thread+0x10/0x10 [ 411.490640][ T1145] ? __pfx_kthread+0x10/0x10 [ 411.495508][ T1145] ret_from_fork+0x20f/0x910 [ 411.500361][ T1145] ? __switch_to+0x51c/0x750 [ 411.505159][ T1145] ? __pfx_kthread+0x10/0x10 [ 411.510024][ T1145] ret_from_fork_asm+0x1a/0x30 [ 411.515026][ T1145] [ 411.518768][ T1145] Kernel Offset: disabled [ 411.523418][ T1145] Rebooting in 86400 seconds..