last executing test programs: 2m17.736332773s ago: executing program 5 (id=3178): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r0, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x4000000}}], 0xf00, 0x4c42bb4f92, 0x0) shutdown(r0, 0x0) 2m17.169403596s ago: executing program 5 (id=3182): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) ioctl$IOMMU_TEST_OP_MD_CHECK_REFS(r0, 0x3ba0, &(0x7f0000000880)={0x48, 0x4, 0x0, 0x0, 0x1000, &(0x7f0000ffc000), 0x1}) 2m16.787346762s ago: executing program 5 (id=3187): r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000000)) ioctl$EVIOCGRAB(r0, 0x40044590, 0x0) 2m16.40577698s ago: executing program 5 (id=3189): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680)={[{@test_dummy_encryption}, {@init_itable}, {@noload}]}, 0x3, 0x470, &(0x7f0000000dc0)="$eJzs3M1vG0UbAPBn13H65k0hoZSvlo9AQVQIkqYt0AMHQCBxKBISHOBoJaEqTQtqgkSrSKQcygkhJO6II/8CJ7ggxAmJK9xRpQr1QsvJaL27iZ3YTtPYcYt/P8ntM/vhmce7Y8/u2AlgaE1l/yQReyPi94iYyIutG0zl/12/tjJ349rKXBL1+tt/JY3t/r62MlduWu433lyIJA62qXfpwsUztcXFhfNFeWb57EczSxcuPnf6bO3UwqmFc0dPnDh+bPbFF44+35M8xyMtojfe++rNk1+05L8hjx6Z6rbyqXq9x9UN1l1N8cgA28H2VIrjVW30/4moNB29iXj9s7XCpwNqINA39Xq9Pt559Wod+A9LorWsy8OwKD/oy+vfdtfBL/dt9DF4V1/JL4CyvK8Xj3zNyNodg+qG69temoqId1f/+SZ7RH/uQwAAtPghG/88m412Vuayscf6+CON+5u2u7uYG5qMiHsiYl9E3BvnYn9E3BfR2PaBiHhwm/U3TZI0hpmbxz/plVtO7iZk47+Xirmt1vFfOfqLyUqjdCEvRDV5//TiwpHiNTkc1T1ZebZLHT++9tuXndY1j/+yR1Z/ORYs2nFlZE/rPvO15dqtZ9zq6qWIAyPt8k/WZgKSiHgoIg60e4J06zpOP/Pdw53WbZ1/Fz2YaKp/G/F0fvxXY0P+paT7/OTM/2Jx4chMeVZs9suvl9/qVP+O8u+B7Pj/v+35v5b/ZNI8X7u0/Tou//F5x2uaqWoRbOP8X60t10aTdxrxaLHsk9ry8vnZiNHkZN7o5uVH1/cty+X2Wf6HD7Xv//ti/ZU4GBHZSfxIRDwaEY8Vx+7xiHgiIg51yf/nV5/8YOOysTL/2+D4z2/r+K8Ho9G6JG2zTRZUzvz0fUulk+thkf+N7u9/xxvR4WLJzbz/bW5F+2Cnrx8AAADcCdKI2BtJOr0Wp+n0dP4d/v351Hfm43Pz+W8EJqOalne6Jpruh84Wl/V5+VJE5F8tKNcfi7Rx3/jrylijPD334eL8QDMHxjv0/8yflUG3Dug7P9iC4aX/w/Dq2v+ru9cOYPdt6v9d+/yevrYF2F1tPv/HBtEOYPe1G//7ez8wHDb0f9N+METc/4fhpf/D8NL/YSgtjcXWP5LvGpTPdIu7bxVMROy0hYMJonpbNKNvQaR9r2K0v6dW34LkDmzzpmBw70kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99G8AAAD//1KFzjw=") syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2029c1b, 0x0, 0x1, 0x0, &(0x7f0000000080)) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 2m15.359284249s ago: executing program 5 (id=3197): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='veth0_to_hsr\x00', 0x10) bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x4, 0x0, 0x3, r0}, 0x10) 2m14.445276017s ago: executing program 5 (id=3208): r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x4c, r0, 0x1, 0x70bd27, 0x0, {0x41}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xfffffffffffffda6}, {0x5, 0x87}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40040}, 0x4040000) 2m13.963095319s ago: executing program 32 (id=3208): r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x4c, r0, 0x1, 0x70bd27, 0x0, {0x41}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xfffffffffffffda6}, {0x5, 0x87}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40040}, 0x4040000) 5.479055354s ago: executing program 1 (id=4349): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000140)={[{@minixdf}, {@noblock_validity}, {@nobarrier}, {@noload}, {@barrier_val={'barrier', 0x3d, 0x6}}, {@usrquota}]}, 0x1, 0x5a3, &(0x7f00000002c0)="$eJzs3T1sG3UbAPDnznHTj7xv+krvK72gDhUgFamqk/QDClO7IipV6oDEApHjRlWcuIodaKJIpHuF6IAAdSkbDIwgBgbEwsjKwseMVNEIpKYDGDk+p2nqFCfEMcS/n3TJ/3939vP8fX7OvtOdHEDfOtr4k0Y8EREXk4jhdcsGIlt4tLneyvJi8f7yYjGJev3Sz0kkEXFvebHYWj/J/h+KiKWI+H9EfJWPOJ6uPeW+VqM6vzA1Xi6XZrP+SG366kh1fuHElenxydJkaebU8y+cOXv6zNjJsfXp3q+v7+W3NtYb3998+8Y3L92++fEnR5aK744ncS6GsmXrx7GTmq9JPs5tmH+6G8F6KOl1AmxLLqvzRin9L4Yjl1V9O/X1O4fBXUkP6KL6YER9zbom0AcSRQ99qvU9oHH825p28/vHnfPNA5BG3JXlxeJb0Yo/0Dw3EftXj00O/pI8dGTSON48vJuJsictXY+I0YGBR9//Sfb+277RnUiQrvryfHNDPbr907X9T7TZ/wy1zp3+Ra3930q2/1tpEz+3yf7vYocxfnv1xw82jX99MJ5sGz9Zi5+0iZ9GxOsdxr/1yudnN1tW/zDiWLSP35I8/vzwyOUr5dJo82/bGF8cO/Li5uOPOLhJ/OY52/2riawf/74sp7TD8X/29adPLT0m/rNPP377t3v9D0TEOx3G/8+9j17ebNmd68ndxreArW7/JPJxu8P4z507+l3WdNYQAAAAAAAAAAB2ULp6LVuSFtbaaVooNO/h/W8cTMuVau345crczETzmrfDkU9bV1oNN/tJoz+WXY/b6p/c0D+VywLmDqz2C8VKeaLHYwcAAAAAAAAAAAAAAAAAAIC/i0Mb7v//Nbd6///Gn6sG9qrNf/Ib2OvUP/Svh+s/6VkewO7z+Q99q67+oX+pf+hf6h/6l/qH/tW2/g/sfh7A7vP5D/1L/QMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChMdXvLy8WG/2Jgfm5qcobJyZK1anC9FyxUKzMXi1MViqT5VKhWJn+s+dLKpWrozEzd22kVqrWRqrzC69NV+ZmWr8pWsp3fUQAAAAAAAAAAAAAAAAAAADwzzO0OiVpISLf7KdpoRDxr4g4nERy+Uq5NBoR/46Ib3P5wUZ/rNdJAwAAAAAAAAAAAAAAAAAAwB5TnV+YGi+XS7PdawxkoTp71A+1ruYzsJWVI2JpZ9NoPOOWH5XPXsDubqY+aeQ6fB/2faOHOyUAAAAAAAAAAAAAAAAAAOhTD2767fQRv3c3IQAAAAAAAAAAAAAAAAAAAOhL6U9JRDSmY8PPDG1cui9Zya3+j4g3b11679p4rTY71ph/d21+7f1s/sle5A90qlWnaUQ06hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4oDq/MDVeLpdmt9kY7GCdXo8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDv+CAAA//9bQM66") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0) pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfe39}], 0x1, 0xe7b, 0x0, 0x0) 4.562529684s ago: executing program 1 (id=4357): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x28011, r0, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x0, 0x3938700}, 0x0) 3.973414377s ago: executing program 1 (id=4365): r0 = syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000105804105000000000000109022d00010700000009040005050300000009210002080122940309058103000000000009050203"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0) 3.740171573s ago: executing program 4 (id=4368): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0x0) getsockopt$inet6_int(r0, 0x29, 0x46, 0x0, &(0x7f0000000140)) 3.638895343s ago: executing program 2 (id=4369): syz_mount_image$iso9660(&(0x7f0000002900), &(0x7f0000000000)='./file0\x00', 0x2, &(0x7f00000002c0)=ANY=[], 0x1, 0x5b1, &(0x7f0000001000)="$eJzs3MFv29YZAPDHxK4NBwsGFGvSNEDZtIfsEFeSFwdGBywaTdtsJVEg5cI5DcXiZMHsblg2YMmly6VDgQ077bz1utOO+6d62T/ggRLlybIzuWkbZcDvB8TvUfzI9z2C4QcRIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEKJks9FoRqGT9Xb34udLNou8e7y0EKbXj/f3rxPNCYsTf0MUQlT9C8vL4eroo6uv/zf2B9WfG+HKaOlKWK6a5fD00hvf/+D1hQvVhotRdCqLl+3xk6e//OTgYP83X2Obo6Ojz6rZfIdpvTTbaS8r86zb3k7jrMzjjfX1xvs7W2W8lXXS8l45SLtxUqTtQV7EN5O7IYSNtThdvZfv9rY32500vpn8MG5ubNy51Wo01uMPV/tpuyjz3vsfrpbJTtbpZL3tYUy1+lbr7XCnOhE/ygbxIG134/jBo4P9tVlJVkHN8wS1ZgW1Gq1Ws9lqNddvb9y+02gs12fr8QcLjSlhepOF+Z+0vHSv1SfKcGF8jXvtW7uIwws6Sv4y7xQAAACA71g0vMceDe/LXx32trJO2jgRcxTNLT0AAADgWzD8an+lvgEQwtUQnf7+DwAAAPx/+/u4c+YzdiGKQtlfisaPqvT33osO21WvfXhx9NHF6T0Otq5Fl+udDJv1hXopSa9Hb46C3hxHf1U3D57/rN8/Q5VHVBSL0bNvlkD4U7g2irl2f9TeH68ZzXZlK+ukq0ne+aAZ2u3LFwbp3uB3nz76fQhFcXTxi173chQePDrYX/35rw7uD3N5Vu3l2WH9C4lTP5Q4mctSmMjlt8fPPdYzvnvyyC8Ob8RUs/6i110ZjduYnP+F0eYXvsb8Pw9vjWLeWhm1Kyfnv1yN2Vw9Y/aTWTT7e+8t1YOdc+ZTWVwfxVy/OTyx3r1Zr1mcyKI1K4vW5PF/oWNxnMW7J7KYPBZrs7JY+4ZZAMzLg+kqdKr+n6q7L3CV+x/VvRqlKuEzq/svZo7yeXhnFPPOtYW6Il0MYeqK3ph1RW+cs66HcHYW/wg3/vbXEHbDjXHw82psNe6fT1TV6PDLaoMvT4/7h1FT/vvhzqWqs3T46/DG4ydPbz06/OTh/sP9T1uttfXGjxqN262wOJxG3ag9AJwhLb6KVgZ/jIoi6/+subHRbA920rjIk4/iItvcTuOsN0iLZKfd207jfpEP8iTvVJ2Ps820jMvdfj+vKklexP28zPaGb36J61e/lGm33RtkSdnvpO0yjZO8N2gng3gzK5O4v/vTTlbupEW8lRdx2U+TbCtL2oMs78Vlvlsk6Wocl2k6EZhtpkefhZBV3V7cL7Juu7gXf5x3drtpvJlW1bI/yKNQ7XA8VtbbyovucLer8z7YAPCKeBzqN9gdv8ru8U/Gq56cWnVmJyzPiJnzFAGAKdNVemneCQEAAAAAAAAAAAAAAKdMPq734/qVPud77O+V7dy9dNaqt+ef2GQnhLDwCqShc87O8quRxmL93/ZF9xOFEGYHf6+KmedVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADO9p8AAAD//0n5kWY=") mremap(&(0x7f0000bfd000/0x400000)=nil, 0x400000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[@ANYBLOB="20000000020000001d"], 0x0) 3.422646791s ago: executing program 4 (id=4373): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x0, 0x5, 0xfffffffe, 0x0, 0xfffffff3}) ioctl$TIOCSTI(r0, 0x5412, 0x0) 3.036276511s ago: executing program 4 (id=4377): r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000000000020ef0e01000000000300010902240001000080000904000001f2ff0100092100000001220500090581083f"], 0x0) syz_usb_control_io$lan78xx(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) 2.848359217s ago: executing program 2 (id=4378): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}}) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f4, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000240)={'ip_vti0\x00', 0x0, 0x0, 0x80, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x29, 0x0, @rand_addr, @rand_addr=0x64010102}}}}) 2.793302365s ago: executing program 3 (id=4380): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0xc0001, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) ioctl$TCSETS(r0, 0x40384708, &(0x7f0000000040)={0xf58, 0x1, 0xd8, 0x7ff, 0x6, "3eccd255694c4e08060000000000000027ff01"}) 2.470878879s ago: executing program 3 (id=4382): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/address_bits', 0x0, 0x0) fchown(r0, 0x0, 0x0) 2.422696686s ago: executing program 2 (id=4383): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x80, &(0x7f00000001c0)=ANY=[@ANYBLOB='nodecompose,decompose,gid=', @ANYRESHEX=0x0, @ANYBLOB=',force,umask=00000000000003000000400,gid=', @ANYRESHEX=0x0, @ANYBLOB=',nls=macceltic,\x00', @ANYRES64, @ANYRESOCT], 0x44, 0x6fd, &(0x7f0000000500)="$eJzs3U1sHGf9B/DvrNcbbyq57nv/fyHFakQEDSR2TEmQkAgVQjlUKBKXXk3iNFacNLJdlESIuEDhCCeUQw9FKBx6Qj0gFXFAlDMSEleUeyTuEQcWzeysvV6/rRs7TsLnI83OMzPPy29+eWb2LdYG+J917u2MrqTIueNv3Si3792dWbh3d+Zqr5zkUJJG0uyuUlxLis+Ss+ku+b9yZ91dsdU4b9z/9MNjdz6e6W4166Wq39iu3ZrONiOs1Esmk4zU611qbtXfhby5ob/bu+q6WI27TNjRXuLgoHU2WNlN8yGuW+BxdzsZGd1k/0RyOMlY/Tog9d2h8YjD23O7ussBAADAY2iYN+fPPsiD3Mj4IwgHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnhpFMtJdVUujV55M0fv9/1a9r9RqHXC82/vKDsc/uPSIAgEAAAAAAACAffFJ/cX9kQd5kBsZ7+3vFNV3/q9VGy9Wj8/kvSxlLos5kRuZzXKWs5jpZHS8r8PWjdnl5cXpjS1/nbJlp9O5Xbc8lWRiQ8tTWwTa2OMTBwAAAAAAAICn009yLuMHHQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPQrkpHuqlpe7JUn0mgmGUvSKuutJH/qlZ9kfz7oAAAAAGCf9b15Hy/+0y10iuo9/8vV+/6xvJdrWc58lrOQuVysPgvoNmz8fWVm4d7dmavlsrHvb/9r16E0kozk/S1GnqpqvLTa4ly+m+/neCZzPouZzw8zm+XMZTLt8iQymyIT7e6nFxO9ODeP9+y6rfODsR0Z2H61iqSdS5mvYjuRC610PzapzqEc89W+0f7QSgZGfL/MTvGt2pA5upikXZd/VX8uU+s8O2Qf+2OiOvPR1YxMlbmvs/Hc9rnf5TwZHGk6jXLuVGl/cW2UcnNwpF7Of7CbnB/ursbKh5+vz/le2+VHaYOZOJVGPfuSl9fn/PoX7zy/vvGX//GX85cb165cvrR0fB9P6WFM7lRhtFcYzMRMXyZe2X721ZlYKDOxMnwmRgd3jA3bcn+16mxUt6Ih75bfqUqzea1vCr6bi5nL6UxlOmcylW/kVGZWZ1i5vLQur82Zq+tzUl1rjY33t/Y2wR/9Ul+lX+xQ+dEq8/JcX17773QT1bF6z9lfZqpv9j2//ezb9bNAOf7/1+VyjJ+uPuM8DtZlor4396J7YftM/KZTPi4tXLuyeHn2+pDjHavX5WX7wfp782+Hj3rw2X0vlPOlvOM2q60qJ+3efCmPvbAa7fp8tepvXLrtGhuOvbR6bCLjmc/3trxSW/VruI09dY+90n/sn2t3zlb9+qZ3bN2rnLybhepVyMazBeCxcvj1w632/fbf2h+1f9a+3H5r7M1DZw59oZXRvzb/OPL7xu8a3yxez0f5ccYPOlIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgaLN28dWV2YWFucbWQscE9D1toDY7VSTJE8zR2rHP3meHCyESy/VhFXWjt7bk/iYV2Bvb0fmHpYXv+ZPt/99ZDB19sMp/3uFDmYU867HS6Sa32dEZ20bzZa7V5nWaWxnJltmhucnUfWrsKMnFlduHfnXXN2+m7ZICn3Mnlq9dPLt289dX5q7PvzL0zd+3UmdNnTs98ffprJy/NL8xNdR8POkpgPyzdvDWyye4Nv3QLAAAAAAAAAAAAPD7q//2//Ln/mKG5Q53W4tLmIx951KcKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPKHOvZ3RlRSZnjoxVW7fuzuzUC698lrNZpJGkuJHSfFZcjbdJRN93RVbjfPG/U8/PHbn45m1vpq9+o3t2g1npV4ymWSkXu/s0CbdbOzvQl9/K58rvGL1DMuEHe0lDg7afwMAAP//6lP2Ew==") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x23) getdents(r0, &(0x7f0000001fc0)=""/184, 0x20002078) 2.395198676s ago: executing program 6 (id=4384): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000280)={0xaa, 0x28}) ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000876000/0x4000)=nil, 0x4000}, 0x4}) 1.898520672s ago: executing program 0 (id=4386): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff) sendmsg$NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="379500000000de9136b55f"], 0x1c}}, 0x0) 1.871098319s ago: executing program 3 (id=4387): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000c40)={0x5, 0x5, 0x0, 'queue1\x00', 0x200000}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000040)={0x0, 0x7a120, 0x5f, {0xd, 0x100}, 0x5, 0x2}) 1.845190781s ago: executing program 6 (id=4388): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) write$UHID_CREATE(r0, &(0x7f0000000080)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000040)=""/15, 0xf, 0xa0, 0x6, 0x3, 0x5, 0x1635}}, 0x120) write$UHID_INPUT(r0, &(0x7f0000002080)={0xc, {"a2e3ad21ed0d52f91b5d390887f70e06d038e7ff7fc6e5539b3272298b089b07081b4d090890e0878f0e1ac6e7049b3366959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b39070d075d0936cd3b78130d9b61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c9000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdc80c47ee4f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78ff95b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af0000807e0000000002d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b4051db55e0510a6e4114a53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a6d8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251a4523a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 1.653581671s ago: executing program 2 (id=4389): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f00000001c0)={0x5813}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="240000001e008d2a2abd7000fbdbdf250a000000", @ANYRES32=0x0, @ANYBLOB="0000ab"], 0x24}}, 0x0) 1.404472745s ago: executing program 3 (id=4390): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f00000001c0)={0x5813}, 0x10) sendmsg$nl_route(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="240000001e008d2a00000000000000e1c0f2"], 0x24}, 0x1, 0x0, 0x0, 0x10008000}, 0x14048010) 1.362033149s ago: executing program 6 (id=4391): r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000001440)=0x8) read$dsp(r0, &(0x7f00000002c0)=""/4096, 0x1000) 1.282065122s ago: executing program 0 (id=4392): r0 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000b80)) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000040)) 1.241271514s ago: executing program 1 (id=4393): bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ff"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x94) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000006d85500001e0a05010000000000000000070000000900020073797a31000000000900010073797a3000000000ac55038014000080100001800a0001"], 0x565c}}, 0x0) 1.124977908s ago: executing program 2 (id=4394): rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0) r0 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 1.017739229s ago: executing program 4 (id=4395): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000280)={0xffffffffffffffff}, 0x106, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}, 0x2000000000001005, 0x19dff}}}, 0x90) 1.006238919s ago: executing program 3 (id=4396): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1018e58, &(0x7f00000005c0)={[{@nodioread_nolock}, {@noblock_validity}, {@data_err_ignore}, {@errors_remount}, {@nodiscard}, {@stripe={'stripe', 0x3d, 0x4}}, {@noauto_da_alloc}]}, 0x6, 0x61f, &(0x7f0000000b00)="$eJzs3c9rXNUeAPDvncmkSZv30j4ej9fyHi/wFi1I00wtVt3Y1oVdFCzYhYiLhiapodMfNCmYWGgKLhQURNyKdOM/4F66dyeCunMtVJGKikpH7syddDKZSdIkM9Pmfj5wM/ece2fO+c6dM/fce3PmBpBbY+mfQsT+iAfnk4jRpmUjUV84lq13/6ebF9IpiWr1lR+TSLK8xvpJ9rgnSwxFxJenIv5RXF3u3MLipclKte5WxJH5y9eOzC0sHp69PHlx+uL0lfLRZ48dn3iufKy8LXHuyR5Pn3n5P++//cYzM19VDidxIs6V3pqKlji2y1iMxYMsxOb8gYg4ns60eV+eNDsghFwrZp/HUkT8K0ajWEvVjcbse32tHNBV1WJEFcipRPuHnGr0AxrH9hs7Dj7X5V5J79w7WT8AWh3/QP3cSAzVjo1230+ajowGauc29m5D+WkZf9488HE6xYrzEL8ub52BbSink6XbEfHvdvEntbrtrUWaxl9YUY8kIiYiYjCr34tbqEPSNN+N8zBr2Wz8hYg4kT2m+ac2Wf5YS7rX8QOQT3dPZjvypTT1cP+X9j0a/Z9Y1f+pXxtq3XdtRr/3f537f439/VDtHHmhpR+W9lnOtn/JUmvGd++e/rBT+c39v3RKy2/0BXvh3u2IAy3xv5MGm/V/0viTNts/XeX8iY2V8dLXP5zutKzf8VfvRBxse/zzsFeazrVenxzOlpWPlY/MzFamJ+p/25bx+Revf9qp/H7Hn27/3R3ib9r+hdbnpe/JtQ2W8dnZO5c7LRtZN/7C94NJ/XhzMMt5c3J+/no5YjA5k61Sv5BVyz+6dl0a6zReI43/0P/bt/8Vn//bK19nuPGVuQHXXr10v9OyzWz/povJD6obrEMnafxT62//Ve0/zftgOXVrzTJ+ee3GfzstWyv+4S3GBgAAAAAAAHlTqF2DTQrjy/OFwvh4fbzsP2N3oXJ1bv6pmas3rkxFHKr9P2Sp0LjSPVpPJ2m6nP0/bCN9tCX9dETsi4iPisO19PiFq5WpfgcPAAAAAAAAAAAAAAAAAAAAj4k92fj/xn2qfy7Wx/8DOdHNG8wBjzftH/Kr1v5X3eIJyAP7f8gv7R/yS/uH/NL+Ib+0f8gv7R/yS/uH/NL+AQAAAGBH2ve/u98mEbH0/HBtSg1my4wIgp2t1O8KAH1T7HcFgL5ZvvSvsw+5s6H+/+/ZjwN2vzpAHyTtMmudg+rajf9u22cCAAAAAAAAAAAAAF1wcH/78f+JscGw4xn2B/m1hfH/fjoAnnB++h/yyzE+sN4o/qFOC4z/BwAAAAAAAAAAAICeGalNSWE8Gws8EoXC+HjE3yJib5SSmdnK9ERE/D0ivimWdqXpcr8rDQAAAAAAAAAAAAAAAAAAADvM3MLipclKZfp688wfq3J29kzjLqg9KOuFeMRnRdL7t2U4IpZzShGPWufuzezKPrZbeZ2BuYXF5LdqTRKxFI9PgFuKa5tn1v3qGOzqFxMAAAAAAAAAAAAAAAAAAORQ09jj9g580uMaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvPbz/f/dm+h0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBk+isAAP//GjM9YA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f00000000c0)=0x5) 958.377772ms ago: executing program 6 (id=4397): madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x17) madvise(&(0x7f0000e95000/0x4000)=nil, 0x4000, 0x66) 877.215235ms ago: executing program 0 (id=4398): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000100)={0xffffffffffffffff}, 0x106, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000080)={0x13, 0x10, 0xfa00, {&(0x7f0000000580), r1, 0x2}}, 0x18) 857.710733ms ago: executing program 1 (id=4399): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xf}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_DQ_RATE_ESTIMATOR={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c) 731.226918ms ago: executing program 2 (id=4400): r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000b80)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4d8, 0xc002, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0xd422bd676d3863b7, 0x0, {0x9, 0x21, 0x0, 0x8, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x6}}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f00000003c0)={0x0, 0x22, 0x7, {[@global=@item_012={0x0, 0x1, 0x4}, @local=@item_012={0x0, 0x2, 0x9}, @local=@item_4={0x3, 0x2, 0x8, 'tF4E'}]}}, 0x0}, 0x0) 620.357133ms ago: executing program 4 (id=4401): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TCXONC(r0, 0x540a, 0x2) 577.966163ms ago: executing program 0 (id=4413): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x3c, r1, 0x1, 0x0, 0xfffffffc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xfffffffffffffdad}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20008844}, 0x200400c0) 561.272579ms ago: executing program 1 (id=4402): syz_usb_connect(0x3, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xee, 0x97, 0x8a, 0x40, 0x16ca, 0x1502, 0xa925, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x7e, 0x24, 0x5}}]}}]}}, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0x541b, 0x0) 541.655361ms ago: executing program 6 (id=4403): r0 = socket$kcm(0xa, 0x5, 0x0) setsockopt$sock_attach_bpf(r0, 0x29, 0x21, &(0x7f0000000100), 0x120) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000001640)=@l2tp6={0xa, 0x0, 0x2, @private2}, 0x80, &(0x7f00000029c0)=[{&(0x7f00000000c0)="83", 0x1}], 0x1}, 0x851) 356.512373ms ago: executing program 0 (id=4404): r0 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)={0x98, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa, 0x0, 0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_LABELS={0x4}]}, 0x98}}, 0x0) 338.613216ms ago: executing program 4 (id=4405): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'dummy0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x1703}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0) 171.886149ms ago: executing program 6 (id=4406): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000680)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x100cc9a, &(0x7f0000000080)=ANY=[@ANYRES32=0x0], 0x1, 0x2af, &(0x7f0000000240)="$eJzs3UFr1E4Yx/HfJNvt/v8tNbYVQTxVBU+lrRcRRJF9B148idrdQnGpoBXUi9Vz8eCxd9+CL8KTeBa8efIFFDxEZpI0yW6S3XbZxq3fD3TJJvMk83SyyTwLSwTgn3Wv/ePTjZ/2z0i+fKkpyZPUkhqSLuhi6+XO7vZur9up2pHvIuyfURRpBtps7nSLQm2ci4gF9l1D85l1zeIgjKv1/dghPv/8s8eEYRgWrPek2exon5WR36u7AzUzhzrUbN29AADUzc3+o4m/L/nz8fzd86Rr8W3fbk/v/9N7A/0dRuruR63c/f+VFpLKKzR2fM+5TWm950o4u91LqsTKnXrFq5vxNj/XgWFVpeuL99/Wdq+7uvms1/H0XndimWbL7rWTP3i2t+8Gd71SUJtWGCn3I28zJ9acy2HG5rBR0v+l8Y/ozJRu6RsV88V8NQ9NoAN13PhbjdDYYXIjFfSNVNT/NeWL9AyXZRC1KsnyvIu+lC/kK7P01deNrGa8z0Y2+SDtZ0XUYl8WUXbrQ6KWCqM2hkQt90elZ3N55KSZD+aBWdEvfVb7aPztWeJHl/rhn0zbxrWMz4zKfBquZeDuJ/Gnbu9yYcuSqwcmYl9PdFMLL16/efq41+s+Z2G0heQ6+7f050QLyUlw6kf33cJHSXXkvr96e8um7dYonuJO9KAazNTXiOGNcY6e3HdO3vkarkk4demgHzOweCqI6eO5r/9d/ZepV9bcZM2+BBXz9KFFdGaP6yW1waJ7/b+8gssx7quHufIKbtSa68p16WrJEdsHA7sN4n5OtbtKvsIxbX3To8z8HwAAAAAAAAAAAAAAAAAAAFNhvJ83hGH684aWyhrXnSMAAAAAAAAAAAAAAAAAAAAAANNu8Pm/ulXr83/vK3qXf/4vgAn4EwAA////Xngs") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000001980)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa10100000009b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad7c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af801034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0xd35}}, 0x1006) 5.132827ms ago: executing program 3 (id=4407): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f00000004c0)=0x7ffffffd, 0x4) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x1c, &(0x7f0000000340)=[@in6={0xa, 0x4e24, 0xa, @ipv4={'\x00', '\xff\xff', @empty}, 0x7f}]}, &(0x7f0000000140)=0x10) 0s ago: executing program 0 (id=4408): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000300)={[{@test_dummy_encryption}, {@init_itable}, {@journal_dev={'journal_dev', 0x3d, 0x2}}]}, 0x3, 0x470, &(0x7f0000000880)="$eJzs3M1vG0UbAPBn13H65k0hoZSvlo9AQVQIkqYt0AMHQCBxKBISHOBoJaEqTQtqgkSrSKQcygkhJO6II/8CJ7ggxAmJK9xRpQr1QsvJaL27iZ3YTtPYcYt/P8ntM/vhmce7Y8/u2AlgaE1l/yQReyPi94iYyIutG0zl/12/tjJ349rKXBL1+tt/JY3t/r62MlduWu433lyIJA62qXfpwsUztcXFhfNFeWb57EczSxcuPnf6bO3UwqmFc0dPnDh+bPbFF44+35M8xyMtojfe++rNk1+05L8hjx6Z6rbyqXq9x9UN1l1N8cgA28H2VIrjVW30/4moNB29iXj9s7XCpwNqINA39Xq9Pt559Wod+A9LorWsy8OwKD/oy+vfdtfBL/dt9DF4V1/JL4CyvK8Xj3zNyNodg+qG69temoqId1f/+SZ7RH/uQwAAtPghG/88m412Vuayscf6+CON+5u2u7uYG5qMiHsiYl9E3BvnYn9E3BfR2PaBiHhwm/U3TZI0hpmbxz/plVtO7iZk47+Xirmt1vFfOfqLyUqjdCEvRDV5//TiwpHiNTkc1T1ZebZLHT++9tuXndY1j/+yR1Z/ORYs2nFlZE/rPvO15dqtZ9zq6qWIAyPt8k/WZgKSiHgoIg60e4J06zpOP/Pdw53WbZ1/Fz2YaKp/G/F0fvxXY0P+paT7/OTM/2Jx4chMeVZs9suvl9/qVP+O8u+B7Pj/v+35v5b/ZNI8X7u0/Tou//F5x2uaqWoRbOP8X60t10aTdxrxaLHsk9ry8vnZiNHkZN7o5uVH1/cty+X2Wf6HD7Xv//ti/ZU4GBHZSfxIRDwaEY8Vx+7xiHgiIg51yf/nV5/8YOOysTL/2+D4z2/r+K8Ho9G6JG2zTRZUzvz0fUulk+thkf+N7u9/xxvR4WLJzbz/bW5F+2Cnrx8AAADcCdKI2BtJOr0Wp+n0dP4d/v351Hfm43Pz+W8EJqOalne6Jpruh84Wl/V5+VJE5F8tKNcfi7Rx3/jrylijPD334eL8QDMHxjv0/8yflUG3Dug7P9iC4aX/w/Dq2v+ru9cOYPdt6v9d+/yevrYF2F1tPv/HBtEOYPe1G//7ez8wHDb0f9N+METc/4fhpf/D8NL/YSgtjcXWP5LvGpTPdIu7bxVMROy0hYMJonpbNKNvQaR9r2K0v6dW34LkDmzzpmBw70kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99G8AAAD//1KFzjw=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, 0x0) kernel console output (not intermixed with test programs): 56A:00D3.0017/input/input24 [ 440.874433][T14220] loop0: detected capacity change from 0 to 32768 [ 440.988614][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 441.013690][ T5989] usb 4-1: USB disconnect, device number 22 [ 441.187012][T14251] fido_id[14251]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory [ 441.380355][T14237] loop6: detected capacity change from 0 to 32768 [ 441.429863][T14237] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.3578 (14237) [ 441.562586][T14237] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 441.597509][ T30] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 441.612414][T14237] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm [ 441.652381][T14237] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 441.782565][ T30] usb 2-1: Using ep0 maxpacket: 16 [ 441.824136][ T30] usb 2-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 441.872342][ T30] usb 2-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 441.881674][ T30] usb 2-1: Product: syz [ 441.949159][T14237] BTRFS info (device loop6): rebuilding free space tree [ 441.964082][ T30] usb 2-1: Manufacturer: syz [ 441.982334][ T30] usb 2-1: SerialNumber: syz [ 442.035438][ T30] usb 2-1: config 0 descriptor?? [ 442.054342][T14237] BTRFS info (device loop6): disabling free space tree [ 442.092453][T14237] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 442.130877][T14237] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 442.236070][T14237] BTRFS info (device loop6): enabling ssd optimizations [ 442.292329][T14237] BTRFS info (device loop6): enabling disk space caching [ 442.341251][T14237] BTRFS info (device loop6): force clearing of disk cache [ 442.390774][T14237] BTRFS info (device loop6): enabling auto defrag [ 442.418022][T14237] BTRFS info (device loop6): max_inline set to 0 [ 442.418165][ T9] usb 2-1: USB disconnect, device number 24 [ 442.870462][T13232] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 443.537287][T14319] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3608'. [ 443.791652][T14323] usb usb8: usbfs: process 14323 (syz.1.3611) did not claim interface 1 before use [ 443.965532][T14330] loop0: detected capacity change from 0 to 512 [ 444.104722][T14330] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 444.157243][T14330] ext4 filesystem being mounted at /621/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 444.358582][ T5837] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 444.476075][T14356] loop6: detected capacity change from 0 to 64 [ 444.754798][T14365] loop4: detected capacity change from 0 to 512 [ 444.783726][T14365] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 444.803105][ T5930] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 444.837016][T14365] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 444.996963][ T5930] usb 4-1: Using ep0 maxpacket: 8 [ 445.012003][ T5930] usb 4-1: config 0 interface 0 has no altsetting 0 [ 445.026281][ T5930] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 445.072531][ T5930] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 445.099068][ T5930] usb 4-1: config 0 descriptor?? [ 445.122661][ T30] usb 3-1: new full-speed USB device number 22 using dummy_hcd [ 445.167498][ T5828] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 445.295226][ T30] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 445.362952][ T30] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 445.420581][ T30] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 445.493607][ T30] usb 3-1: New USB device found, idVendor=045e, idProduct=789d, bcdDevice= 0.4f [ 445.540008][ T30] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 445.601261][ T5930] savu 0003:1E7D:2D5A.0018: unknown main item tag 0x0 [ 445.625282][ T5930] savu 0003:1E7D:2D5A.0018: hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0 [ 445.645261][ T30] usb 3-1: config 0 descriptor?? [ 445.695193][T14387] loop6: detected capacity change from 0 to 1024 [ 445.726326][T14387] EXT4-fs: Ignoring removed bh option [ 445.886773][T13735] usb 4-1: USB disconnect, device number 23 [ 445.960237][T14387] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 446.000360][T14389] fido_id[14389]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory [ 446.160071][ T30] hid-generic 0003:045E:789D.0019: unknown main item tag 0x0 [ 446.199310][ T30] hid-generic 0003:045E:789D.0019: unknown main item tag 0x0 [ 446.222612][ T30] hid-generic 0003:045E:789D.0019: unknown main item tag 0x0 [ 446.243111][ T30] hid-generic 0003:045E:789D.0019: unknown main item tag 0x0 [ 446.260995][ T30] hid-generic 0003:045E:789D.0019: unknown main item tag 0x0 [ 446.287306][T13232] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 446.303911][ T30] hid-generic 0003:045E:789D.0019: unbalanced collection at end of report description [ 446.332886][ T30] hid-generic 0003:045E:789D.0019: probe with driver hid-generic failed with error -22 [ 446.350433][ T30] usb 3-1: USB disconnect, device number 22 [ 446.457841][ T791] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 446.498342][T14404] UHID_CREATE from different security context by process 80 (syz.6.3643), this is not allowed. [ 446.632545][ T791] usb 1-1: Using ep0 maxpacket: 16 [ 446.658182][ T791] usb 1-1: config 0 has no interfaces? [ 446.663998][T14407] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve1, syncid = 10802, id = 0 [ 446.683262][ T791] usb 1-1: string descriptor 0 read error: -71 [ 446.698800][ T791] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 446.708433][ T791] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 446.739145][ T791] usb 1-1: config 0 descriptor?? [ 446.763530][ T791] usb 1-1: can't set config #0, error -71 [ 446.774401][ T791] usb 1-1: USB disconnect, device number 17 [ 446.881488][T14413] tipc: Started in network mode [ 446.904746][T14413] tipc: Node identity ac1414aa, cluster identity 4711 [ 446.933618][T14413] tipc: Enabled bearer , priority 7 [ 447.101631][T14417] loop1: detected capacity change from 0 to 256 [ 447.187186][T14417] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 447.419231][T14426] loop0: detected capacity change from 0 to 512 [ 447.524327][T14423] loop3: detected capacity change from 0 to 4096 [ 448.067117][ T791] tipc: Node number set to 2886997162 [ 448.415160][T14449] syz.6.3650 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 448.452578][T14447] tipc: Started in network mode [ 448.502522][T14447] tipc: Node identity ac1414aa, cluster identity 4711 [ 448.503305][T14447] tipc: Enabled bearer , priority 7 [ 448.852340][ T791] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 448.993193][ T31] audit: type=1326 audit(1769990423.894:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14463 comm="syz.3.3670" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f744079aeb9 code=0x0 [ 449.042732][ T791] usb 3-1: Using ep0 maxpacket: 8 [ 449.083213][ T791] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 449.105475][ T791] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 449.123354][ T791] usb 3-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00 [ 449.148751][ T791] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 449.203342][ T791] usb 3-1: config 0 descriptor?? [ 449.420704][T14475] veth1_macvtap: left promiscuous mode [ 449.430018][T14475] macsec0: entered promiscuous mode [ 449.622497][ T30] tipc: Node number set to 2886997162 [ 449.646874][ T791] cherry 0003:046A:0027.001A: unknown main item tag 0x0 [ 449.665617][ T791] cherry 0003:046A:0027.001A: unknown main item tag 0x0 [ 449.692397][ T791] cherry 0003:046A:0027.001A: unknown main item tag 0x0 [ 449.699481][ T791] cherry 0003:046A:0027.001A: item fetching failed at offset 14/69 [ 449.730071][ T791] cherry 0003:046A:0027.001A: probe with driver cherry failed with error -22 [ 449.760855][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 449.772332][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 449.908600][ T791] usb 3-1: USB disconnect, device number 23 [ 450.003335][T14466] loop1: detected capacity change from 0 to 32768 [ 450.028355][T14466] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 450.090477][T14466] XFS (loop1): Ending clean mount [ 450.164759][T14497] tipc: Started in network mode [ 450.169880][T14497] tipc: Node identity ac1414aa, cluster identity 4711 [ 450.179370][T14497] tipc: Enabled bearer , priority 7 [ 450.191157][T14466] XFS (loop1): User initiated shutdown received. [ 450.215973][T14466] XFS (loop1): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x139/0x1a0 (fs/xfs/xfs_fsops.c:475). Shutting down filesystem. [ 450.242922][T14466] XFS (loop1): Please unmount the filesystem and rectify the problem(s) [ 450.540821][ T5826] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 450.643832][T14506] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3685'. [ 450.762417][ T5989] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 450.966165][ T5989] usb 5-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 451.010265][ T5989] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 451.094127][ T5989] usb 5-1: Product: syz [ 451.098428][ T5989] usb 5-1: Manufacturer: syz [ 451.152439][ T5989] usb 5-1: SerialNumber: syz [ 451.174705][ T5989] usb 5-1: config 0 descriptor?? [ 451.215676][ T5989] i2c-tiny-usb 5-1:0.0: version 6d.cc found at bus 005 address 021 [ 451.304004][ T5930] tipc: Node number set to 2886997162 [ 451.422407][ T9] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 451.617352][ T9] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 451.642433][ T9] usb 4-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 451.651640][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 451.765187][ T9] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 451.814164][ T5989] i2c i2c-1: failure reading functionality [ 451.837698][ T5989] i2c i2c-1: connected i2c-tiny-usb device [ 451.865782][ T5989] usb 5-1: USB disconnect, device number 21 [ 452.283506][T14522] loop0: detected capacity change from 0 to 32768 [ 452.300613][T14522] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3694 (14522) [ 452.353854][T14522] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 452.425023][T14522] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm [ 452.437384][T14545] loop6: detected capacity change from 0 to 764 [ 452.485983][T14545] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 452.652931][T14522] BTRFS info (device loop0): enabling ssd optimizations [ 452.659966][T14522] BTRFS info (device loop0): turning on flush-on-commit [ 452.717448][T14522] BTRFS info (device loop0): enabling free space tree [ 452.744312][T14522] BTRFS info (device loop0): enabling auto defrag [ 452.765448][T14522] BTRFS info (device loop0): use lzo compression, level 1 [ 452.805091][T14522] BTRFS info (device loop0): max_inline set to 4096 [ 452.880875][ T9] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -32 [ 452.910118][ T9] stv0680 4-1:4.0: STV(e): camera ping failed!! [ 452.982433][ T9] stv0680 4-1:4.0: last error: 0, command = 0x0 [ 453.105295][T14571] loop2: detected capacity change from 0 to 128 [ 453.123044][ T5837] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 453.224714][ T9] usb 4-1: USB disconnect, device number 24 [ 453.305535][T14571] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 453.377211][T14571] ext4 filesystem being mounted at /634/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 453.584550][ T9] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 453.646154][ T5827] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 453.866938][ T9] usb 5-1: New USB device found, idVendor=0c70, idProduct=f010, bcdDevice= 0.00 [ 453.876550][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 453.903468][ T9] usb 5-1: config 0 descriptor?? [ 454.358840][ T9] aquacomputer_d5next 0003:0C70:F010.001B: hidraw0: USB HID vff.fd Device [HID 0c70:f010] on usb-dummy_hcd.4-1/input0 [ 454.569915][T14603] loop6: detected capacity change from 0 to 1024 [ 454.605555][ T9] usb 5-1: USB disconnect, device number 22 [ 454.742392][T14603] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 454.789413][T14606] fido_id[14606]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 454.850821][T14603] EXT4-fs error (device loop6): ext4_search_dir:1473: inode #12: block 7: comm syz.6.3724: bad entry in directory: inode out of bounds - offset=0, inode=150994957, rec_len=16, size=56 fake=0 [ 455.112079][T13232] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 455.154129][T14622] loop1: detected capacity change from 0 to 256 [ 455.174157][T14622] exfat: Deprecated parameter 'namecase' [ 455.184959][T14622] exfat: Deprecated parameter 'namecase' [ 455.258587][T14622] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 455.361139][ T31] audit: type=1326 audit(1769990430.264:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14604 comm="syz.0.3725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5781f9aeb9 code=0x7fc00000 [ 455.727105][T14636] loop1: detected capacity change from 0 to 512 [ 455.822441][T14636] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 455.925033][T14636] EXT4-fs (loop1): 1 truncate cleaned up [ 456.002847][ T5989] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 456.037648][T14636] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 456.123807][T14636] EXT4-fs error (device loop1): ext4_generic_delete_entry:2665: inode #2: block 13: comm syz.1.3737: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 456.192362][ T5989] usb 3-1: Using ep0 maxpacket: 32 [ 456.205424][ T5989] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 456.223678][ T5989] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 456.233505][T14636] EXT4-fs error (device loop1) in ext4_delete_entry:2737: Corrupt filesystem [ 456.276558][T14652] net_ratelimit: 66 callbacks suppressed [ 456.276593][T14652] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 456.288854][T14652] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 456.298894][T14652] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 456.305428][T14652] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 456.331287][T14652] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 456.337871][T14652] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 456.340943][ T5989] usb 3-1: config 0 descriptor?? [ 456.355150][T14652] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 456.361690][T14652] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 456.367366][ T5989] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 456.374705][T14652] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 456.381487][T14652] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 456.414994][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 456.492564][ T791] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 456.682794][ T791] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 456.717469][ T791] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 456.752525][ T791] usb 1-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 456.786286][ T791] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 456.845189][ T791] usb 1-1: config 0 descriptor?? [ 456.906281][T14662] loop1: detected capacity change from 0 to 512 [ 456.940843][T14662] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 456.989362][T14662] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002] [ 457.001310][ T5989] gspca_nw80x: reg_w err -71 [ 457.008098][ T5989] nw80x 3-1:0.0: probe with driver nw80x failed with error -71 [ 457.049069][T14662] System zones: 1-12 [ 457.052390][ T5807] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 457.075778][ T5989] usb 3-1: USB disconnect, device number 24 [ 457.086323][T14662] EXT4-fs (loop1): 1 truncate cleaned up [ 457.106419][T14662] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 457.132042][T14662] EXT4-fs warning (device loop1): ext4_group_add:1735: No reserved GDT blocks, can't resize [ 457.189536][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 457.212764][ T5807] usb 4-1: Using ep0 maxpacket: 32 [ 457.255455][ T5807] usb 4-1: New USB device found, idVendor=1039, idProduct=2120, bcdDevice= 2.a7 [ 457.271355][ T5807] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 457.293836][ T5807] usb 4-1: Product: syz [ 457.296572][ T791] hid-steam 0003:28DE:1142.001C: unknown main item tag 0x0 [ 457.298077][ T5807] usb 4-1: Manufacturer: syz [ 457.320200][ T5807] usb 4-1: SerialNumber: syz [ 457.326501][ T791] hid-steam 0003:28DE:1142.001C: unknown main item tag 0x0 [ 457.336545][T14648] loop4: detected capacity change from 0 to 32768 [ 457.359638][ T5807] usb 4-1: config 0 descriptor?? [ 457.362296][ T791] hid-steam 0003:28DE:1142.001C: unknown main item tag 0x0 [ 457.413776][ T791] hid-steam 0003:28DE:1142.001C: unknown main item tag 0x0 [ 457.421332][T14648] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 457.430361][ T791] hid-steam 0003:28DE:1142.001C: unknown main item tag 0x0 [ 457.461824][T14674] tuvҫ: renamed from lo (while UP) [ 457.465129][ T791] hid-steam 0003:28DE:1142.001C: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.0-1/input0 [ 457.579069][ T791] usb 1-1: USB disconnect, device number 18 [ 457.694186][ T5807] usb 4-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2120) Rev (0X2A7): Eagle II [ 457.850383][T14680] fido_id[14680]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 457.978638][T14648] XFS (loop4): Ending clean mount [ 458.035492][T14648] XFS (loop4): Quotacheck needed: Please wait. [ 458.255576][T14648] XFS (loop4): Quotacheck: Done. [ 458.357021][ T5807] usb 4-1: reset high-speed USB device number 25 using dummy_hcd [ 458.555347][ T5828] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 458.765417][T14699] loop6: detected capacity change from 0 to 4096 [ 458.895007][ T5807] usb 4-1: [UEAGLE-ATM] interface 1 not found [ 458.901176][ T5807] ueagle-atm 4-1:0.0: usbatm_usb_probe: bind failed: -19! [ 458.919706][T14705] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 459.004742][ T5807] usb 4-1: USB disconnect, device number 25 [ 459.420724][T14715] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3769'. [ 459.777752][T14725] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3773'. [ 460.084925][ T791] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 460.173437][T14740] loop1: detected capacity change from 0 to 256 [ 460.223658][T14740] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 460.282339][ T791] usb 5-1: Using ep0 maxpacket: 8 [ 460.304645][ T791] usb 5-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb [ 460.318274][T14740] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 460.362474][ T791] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 460.408908][ T791] usb 5-1: Product: syz [ 460.425332][ T791] usb 5-1: Manufacturer: syz [ 460.430010][ T791] usb 5-1: SerialNumber: syz [ 460.453500][T14747] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3782'. [ 460.628349][T14751] loop3: detected capacity change from 0 to 128 [ 460.683871][T14751] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 460.857820][T14751] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 460.902603][ T791] mxuport 5-1:254.0: mxuport_recv_ctrl_urb - short read (0 / 4) [ 460.910447][ T791] mxuport 5-1:254.0: probe with driver mxuport failed with error -5 [ 460.955199][T14755] loop1: detected capacity change from 0 to 512 [ 461.011009][T14755] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 461.130741][ T5930] usb 5-1: USB disconnect, device number 23 [ 461.191892][T14755] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1134: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 461.224608][T14755] EXT4-fs error (device loop1): ext4_validate_block_bitmap:440: comm syz.1.3785: bg 0: block 248: padding at end of block bitmap is not set [ 461.318396][T14755] Quota error (device loop1): write_blk: dquota write failed [ 461.349165][T14755] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 461.382843][T14755] EXT4-fs error (device loop1): ext4_acquire_dquot:6984: comm syz.1.3785: Failed to acquire dquot type 1 [ 461.437500][T14755] EXT4-fs (loop1): 1 truncate cleaned up [ 461.465719][T14755] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback. [ 461.480313][T14738] loop6: detected capacity change from 0 to 32768 [ 461.534074][T14738] JBD2: Ignoring recovery information on journal [ 461.654244][T14738] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 461.687383][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0008-000000000000. [ 461.945871][T14771] loop1: detected capacity change from 0 to 128 [ 462.076020][T14771] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 462.128338][T14771] ext4 filesystem being mounted at /598/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 462.217383][T14771] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:375: inode #2: comm syz.1.3792: No space for directory leaf checksum. Please run e2fsck -D. [ 462.282378][T14771] EXT4-fs error (device loop1): htree_dirblock_to_tree:1051: inode #2: comm syz.1.3792: Directory block failed checksum [ 462.304307][T13232] ocfs2: Unmounting device (7,6) on (node local) [ 462.385794][T14749] loop0: detected capacity change from 0 to 40427 [ 462.462445][T14749] F2FS-fs: heap/no_heap options were deprecated [ 462.507100][T14749] F2FS-fs: heap/no_heap options were deprecated [ 462.544778][T14749] F2FS-fs (loop0): Image doesn't support compression [ 462.548690][ T5826] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 462.643171][T14749] F2FS-fs (loop0): invalid crc value [ 463.023104][ T5807] usb 5-1: new full-speed USB device number 24 using dummy_hcd [ 463.061440][T14749] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 463.145521][T14749] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 463.221103][T14800] loop6: detected capacity change from 0 to 2048 [ 463.242783][ T5807] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 463.283368][ T5807] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 463.343299][ T5807] usb 5-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00 [ 463.359241][T14800] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 463.371570][ T5807] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 463.391688][T14749] syz.0.3783: attempt to access beyond end of device [ 463.391688][T14749] loop0: rw=2049, sector=77824, nr_sectors = 8 limit=40427 [ 463.424066][ T5807] usb 5-1: config 0 descriptor?? [ 463.430259][T14793] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 463.455263][T14804] PKCS8: Unsupported PKCS#8 version [ 463.525065][T14749] syz.0.3783: attempt to access beyond end of device [ 463.525065][T14749] loop0: rw=2049, sector=77848, nr_sectors = 24 limit=40427 [ 463.610547][T14749] syz.0.3783: attempt to access beyond end of device [ 463.610547][T14749] loop0: rw=2049, sector=77880, nr_sectors = 16 limit=40427 [ 463.628420][T14808] loop3: detected capacity change from 0 to 2048 [ 463.676189][T13232] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 463.689527][T14749] syz.0.3783: attempt to access beyond end of device [ 463.689527][T14749] loop0: rw=2049, sector=77920, nr_sectors = 16 limit=40427 [ 463.708678][T14749] syz.0.3783: attempt to access beyond end of device [ 463.708678][T14749] loop0: rw=2049, sector=77944, nr_sectors = 16 limit=40427 [ 463.724884][T14808] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842e01c, mo2=0082] [ 463.734817][T14808] System zones: 0-7 [ 463.741277][T14808] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 463.792908][T14749] syz.0.3783: attempt to access beyond end of device [ 463.792908][T14749] loop0: rw=2049, sector=77992, nr_sectors = 24 limit=40427 [ 463.831850][T14749] syz.0.3783: attempt to access beyond end of device [ 463.831850][T14749] loop0: rw=2049, sector=78048, nr_sectors = 8 limit=40427 [ 463.887717][T14749] syz.0.3783: attempt to access beyond end of device [ 463.887717][T14749] loop0: rw=2049, sector=78072, nr_sectors = 16 limit=40427 [ 463.909368][T14749] syz.0.3783: attempt to access beyond end of device [ 463.909368][T14749] loop0: rw=2049, sector=78120, nr_sectors = 8 limit=40427 [ 463.937418][ T5807] hkems 0003:2006:0118.001D: item fetching failed at offset 5/7 [ 463.955781][ T5838] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 463.969196][T14812] loop2: detected capacity change from 0 to 1024 [ 463.978896][ T5807] hkems 0003:2006:0118.001D: parse failed [ 464.002821][ T5807] hkems 0003:2006:0118.001D: probe with driver hkems failed with error -22 [ 464.085478][ T5837] syz-executor: attempt to access beyond end of device [ 464.085478][ T5837] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 464.143603][T14791] loop1: detected capacity change from 0 to 32768 [ 464.181061][T14791] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3801 (14791) [ 464.201252][ T5837] CPU: 0 UID: 0 PID: 5837 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 464.201316][ T5837] Tainted: [L]=SOFTLOCKUP [ 464.201331][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 464.201354][ T5837] Call Trace: [ 464.201366][ T5837] [ 464.201380][ T5837] dump_stack_lvl+0x100/0x190 [ 464.201436][ T5837] f2fs_handle_critical_error+0x5d7/0x970 [ 464.201501][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.201549][ T5837] ? f2fs_build_fault_attr+0x53/0x1f0 [ 464.201613][ T5837] f2fs_write_end_io+0xc24/0xf00 [ 464.201677][ T5837] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 464.201745][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.201800][ T5837] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 464.201861][ T5837] bio_endio+0x755/0x8b0 [ 464.201923][ T5837] submit_bio_noacct+0x1b7/0x1e80 [ 464.201982][ T5837] __submit_merged_bio+0x331/0x6f0 [ 464.202049][ T5837] __submit_merged_write_cond+0x31a/0x3f0 [ 464.202123][ T5837] f2fs_write_cache_pages+0x21c8/0x2720 [ 464.202198][ T5837] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 464.202241][ T5837] ? __lock_acquire+0x4a5/0x2630 [ 464.202312][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.202360][ T5837] ? __lock_acquire+0x4a5/0x2630 [ 464.202470][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.202517][ T5837] ? check_irq_usage+0xe5/0x810 [ 464.202575][ T5837] ? bpf_ksym_find+0x124/0x1c0 [ 464.202676][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.202721][ T5837] ? __mod_zone_page_state+0xe2/0x190 [ 464.202778][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.202834][ T5837] f2fs_write_data_pages+0x5a7/0x1060 [ 464.202891][ T5837] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 464.202931][ T5837] ? check_noncircular+0x97/0x160 [ 464.203010][ T5837] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 464.203054][ T5837] do_writepages+0x278/0x600 [ 464.203111][ T5837] ? __pfx_do_writepages+0x10/0x10 [ 464.203159][ T5837] ? do_raw_spin_unlock+0x145/0x1e0 [ 464.203199][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.203246][ T5837] ? _raw_spin_unlock+0x28/0x50 [ 464.203293][ T5837] filemap_writeback+0x22d/0x2e0 [ 464.203350][ T5837] ? __pfx_filemap_writeback+0x10/0x10 [ 464.203455][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.203502][ T5837] ? find_held_lock+0x2b/0x80 [ 464.203549][ T5837] ? f2fs_sync_dirty_inodes+0x3a7/0x940 [ 464.203596][ T5837] ? f2fs_sync_dirty_inodes+0x3a7/0x940 [ 464.203642][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.203701][ T5837] f2fs_sync_dirty_inodes+0x46a/0x940 [ 464.203767][ T5837] block_operations+0x2a6/0xfc0 [ 464.203824][ T5837] ? __pfx_block_operations+0x10/0x10 [ 464.203869][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.203916][ T5837] ? kasan_save_stack+0x3f/0x50 [ 464.203984][ T5837] ? kasan_save_stack+0x30/0x50 [ 464.204098][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.204149][ T5837] ? ktime_get+0x200/0x300 [ 464.204206][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.204260][ T5837] ? lockdep_hardirqs_on+0x78/0x100 [ 464.204310][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.204358][ T5837] ? rcu_is_watching+0x12/0xc0 [ 464.204414][ T5837] f2fs_write_checkpoint+0x47d/0x5240 [ 464.204469][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.204517][ T5837] ? kfree+0x1c7/0x690 [ 464.204567][ T5837] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 464.204612][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.204658][ T5837] ? f2fs_stop_gc_thread+0x79/0xd0 [ 464.204710][ T5837] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 464.204768][ T5837] kill_f2fs_super+0x3d0/0x480 [ 464.204818][ T5837] ? __pfx_kill_f2fs_super+0x10/0x10 [ 464.204881][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.204953][ T5837] deactivate_locked_super+0xc1/0x1b0 [ 464.205012][ T5837] deactivate_super+0xe7/0x110 [ 464.205067][ T5837] cleanup_mnt+0x21f/0x450 [ 464.205131][ T5837] task_work_run+0x150/0x240 [ 464.205176][ T5837] ? __pfx_task_work_run+0x10/0x10 [ 464.205219][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 464.205264][ T5837] ? __x64_sys_umount+0x124/0x1a0 [ 464.205312][ T5837] exit_to_user_mode_loop+0x100/0x4b0 [ 464.205352][ T5837] ? rcu_is_watching+0x12/0xc0 [ 464.205404][ T5837] do_syscall_64+0x4fe/0xf80 [ 464.205458][ T5837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 464.205498][ T5837] RIP: 0033:0x7f5781f9c117 [ 464.205529][ T5837] Code: a2 c7 05 7c 94 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 464.205567][ T5837] RSP: 002b:00007ffcf003bea8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 464.205605][ T5837] RAX: 0000000000000000 RBX: 00007f578200471f RCX: 00007f5781f9c117 [ 464.205631][ T5837] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcf003bf60 [ 464.205654][ T5837] RBP: 00007ffcf003bf60 R08: 00007ffcf003cf60 R09: 00000000ffffffff [ 464.205681][ T5837] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcf003cff0 [ 464.205705][ T5837] R13: 00007f578200471f R14: 0000000000071320 R15: 00007ffcf003d030 [ 464.205757][ T5837] [ 464.724126][ T5807] usb 5-1: USB disconnect, device number 24 [ 464.776801][T14791] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 464.787222][T14791] BTRFS info (device loop1): using blake2b (blake2b-256-lib) checksum algorithm [ 464.792967][ T5837] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 465.173685][T14791] BTRFS info (device loop1): setting nodatasum [ 465.179934][T14791] BTRFS info (device loop1): enabling ssd optimizations [ 465.296486][T14791] BTRFS info (device loop1): turning on async discard [ 465.364632][T14791] BTRFS info (device loop1): enabling free space tree [ 465.642424][T14841] netlink: 'syz.4.3816': attribute type 1 has an invalid length. [ 465.650264][T14841] netlink: 'syz.4.3816': attribute type 2 has an invalid length. [ 465.772393][T14841] netlink: 'syz.4.3816': attribute type 1 has an invalid length. [ 465.802432][T14841] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3816'. [ 465.917745][ T5826] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 466.627050][T14857] netlink: 'syz.0.3811': attribute type 62 has an invalid length. [ 466.921770][T14864] PKCS8: Unsupported PKCS#8 version [ 467.171665][T14873] set_capacity_and_notify: 1 callbacks suppressed [ 467.171695][T14873] loop2: detected capacity change from 0 to 4096 [ 467.264603][T14876] loop6: detected capacity change from 0 to 256 [ 467.276112][ T5930] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 467.312447][T14876] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 467.326766][T14873] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 467.368702][T14873] ntfs3(loop2): Failed to load $Extend (-22). [ 467.391840][T14873] ntfs3(loop2): Failed to initialize $Extend. [ 467.465508][ T5930] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 467.493950][ T5930] usb 1-1: New USB device found, idVendor=0079, idProduct=1846, bcdDevice= 0.00 [ 467.542284][ T5930] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 467.592090][ T5930] usb 1-1: config 0 descriptor?? [ 467.661560][ T5836] Bluetooth: hci5: unexpected event for opcode 0x0c26 [ 467.902591][T14888] genirq: Flags mismatch irq 4. 00200000 (aio_iiro_16) vs. 00200080 (ttyS0) [ 467.971726][T14891] loop4: detected capacity change from 0 to 64 [ 468.042926][ T31] audit: type=1800 audit(1769990442.944:227): pid=14891 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3840" name="bus" dev="loop4" ino=22 res=0 errno=0 [ 468.142939][ T5930] hid_mf 0003:0079:1846.001E: hidraw0: USB HID v0.00 Device [HID 0079:1846] on usb-dummy_hcd.0-1/input0 [ 468.209076][ T5930] hid_mf 0003:0079:1846.001E: Invalid report, this should never happen! [ 468.242325][ T5930] hid_mf 0003:0079:1846.001E: Force feedback init failed. [ 468.292865][T14892] loop3: detected capacity change from 0 to 4096 [ 468.427227][ T30] usb 1-1: USB disconnect, device number 19 [ 468.580285][T14899] fido_id[14899]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 468.619654][T14892] ntfs3(loop3): failed to convert "0000" to iso8859-14 [ 468.647288][T14892] ntfs3(loop3): failed to convert name for inode 1e. [ 468.683963][T14892] ntfs3(loop3): ino=1f, mi_enum_attr [ 468.689350][T14892] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 468.730458][T14905] PKCS8: Unsupported PKCS#8 version [ 469.503338][T14927] loop3: detected capacity change from 0 to 512 [ 469.632422][ T9] usb 3-1: new full-speed USB device number 25 using dummy_hcd [ 469.701272][T14927] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.3857: Parent and EA inode have the same ino 15 [ 469.773697][T14927] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.3857: Parent and EA inode have the same ino 15 [ 469.823580][T14927] EXT4-fs (loop3): 1 orphan inode deleted [ 469.845330][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 469.865494][ T30] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 469.865632][ T9] usb 3-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00 [ 469.907397][T14927] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 469.932337][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 469.962058][ T9] usb 3-1: config 0 descriptor?? [ 469.984480][T14937] loop6: detected capacity change from 0 to 4096 [ 470.009141][T14927] EXT4-fs warning (device loop3): __ext4_unlink:3275: inode #15: comm syz.3.3857: Deleting file 'file1' with no links [ 470.060721][ T30] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 470.084139][ T30] usb 5-1: config 0 has no interface number 0 [ 470.107835][T14944] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 470.113223][ T30] usb 5-1: too many endpoints for config 0 interface 8 altsetting 0: 254, using maximum allowed: 30 [ 470.201090][ T30] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 470.257213][ T30] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 470.266726][T14937] syz.6.3862: attempt to access beyond end of device [ 470.266726][T14937] loop6: rw=8388608, sector=26388279066816, nr_sectors = 8 limit=4096 [ 470.278582][ T5838] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 470.305667][ T30] usb 5-1: config 0 interface 8 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254 [ 470.308836][T14937] NILFS (loop6): I/O error reading meta-data file (ino=6, block-offset=1) [ 470.369385][ T30] usb 5-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00 [ 470.405658][ T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 470.493174][ T30] usb 5-1: config 0 descriptor?? [ 470.638937][ T9] input: HID 054c:03d5 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:054C:03D5.001F/input/input27 [ 470.805133][ T9] sony 0003:054C:03D5.001F: input,hidraw0: USB HID v0.00 Joystick [HID 054c:03d5] on usb-dummy_hcd.2-1/input0 [ 470.914743][ T9] usb 3-1: USB disconnect, device number 25 [ 471.009538][ T30] uclogic 0003:5543:0781.0020: unknown main item tag 0x0 [ 471.085332][ T30] uclogic 0003:5543:0781.0020: unknown main item tag 0x0 [ 471.094157][T14959] [U] V3Fپ"S/4:XTZWTLW= [ 471.115826][ T30] uclogic 0003:5543:0781.0020: unknown main item tag 0x0 [ 471.137655][T14959] [U] J"E:" [ 471.142398][ T30] uclogic 0003:5543:0781.0020: unknown main item tag 0x0 [ 471.159532][ T30] uclogic 0003:5543:0781.0020: unknown main item tag 0x0 [ 471.166257][T14959] [U] [ 471.191622][ T30] uclogic 0003:5543:0781.0020: unknown main item tag 0x0 [ 471.230853][ T30] uclogic 0003:5543:0781.0020: unknown main item tag 0x0 [ 471.280394][ T30] uclogic 0003:5543:0781.0020: hidraw0: USB HID v0.00 Device [HID 5543:0781] on usb-dummy_hcd.4-1/input8 [ 471.287381][T14955] fido_id[14955]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 471.366239][ T30] usb 5-1: USB disconnect, device number 25 [ 471.744303][T14974] loop6: detected capacity change from 0 to 128 [ 471.782935][T14974] FAT-fs (loop6): Directory bread(block 162) failed [ 471.817831][T14974] FAT-fs (loop6): Directory bread(block 163) failed [ 471.839908][T14974] FAT-fs (loop6): Directory bread(block 164) failed [ 471.855735][T14974] FAT-fs (loop6): Directory bread(block 165) failed [ 471.902432][T14974] FAT-fs (loop6): Directory bread(block 166) failed [ 471.944578][T14974] FAT-fs (loop6): Directory bread(block 167) failed [ 471.962432][T14974] FAT-fs (loop6): Directory bread(block 168) failed [ 471.996026][T14974] FAT-fs (loop6): Directory bread(block 169) failed [ 472.038038][T14973] fido_id[14973]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 472.068932][T14974] FAT-fs (loop6): Directory bread(block 162) failed [ 472.104662][T14974] FAT-fs (loop6): Directory bread(block 163) failed [ 472.128942][T14980] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3880'. [ 472.176389][T14974] syz.6.3877: attempt to access beyond end of device [ 472.176389][T14974] loop6: rw=8388611, sector=226, nr_sectors = 6 limit=128 [ 472.245517][T14974] syz.6.3877: attempt to access beyond end of device [ 472.245517][T14974] loop6: rw=8390659, sector=232, nr_sectors = 2 limit=128 [ 472.426530][T14971] net_ratelimit: 66 callbacks suppressed [ 472.426570][T14971] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 473.136670][T14992] loop0: detected capacity change from 0 to 32768 [ 473.179834][T14992] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 473.188935][T14992] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 473.249946][T14992] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 473.267280][ T9] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 473.278271][ T9] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 473.391500][ T9] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 113ms [ 473.446159][ T9] gfs2: fsid=syz:syz.0: jid=0: Done [ 473.495750][T14992] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 473.692632][ T30] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 473.902863][ T30] usb 7-1: Using ep0 maxpacket: 16 [ 473.921997][ T30] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 473.945807][ T30] usb 7-1: config 0 interface 0 has no altsetting 0 [ 473.961457][ T30] usb 7-1: New USB device found, idVendor=15c2, idProduct=0041, bcdDevice=1f.20 [ 473.974512][ T30] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 473.988823][ T30] usb 7-1: Product: syz [ 474.006855][ T30] usb 7-1: Manufacturer: syz [ 474.026077][ T30] usb 7-1: SerialNumber: syz [ 474.064884][ T30] usb 7-1: config 0 descriptor?? [ 474.357313][ T30] input: iMON Panel, Knob and Mouse(15c2:0041) as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input28 [ 474.717369][ C1] imon 7-1:0.0: imon usb_rx_callback_intf0: status(-71) [ 474.753609][ T30] imon:send_packet: packet tx failed (-71) [ 474.792718][ T30] imon 7-1:0.0: panel buttons/knobs setup failed [ 475.002399][ T30] rc_core: IR keymap rc-imon-pad not found [ 475.014723][T15042] loop0: detected capacity change from 0 to 1024 [ 475.032648][ T30] Registered IR keymap rc-empty [ 475.037670][ T30] imon 7-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 475.077510][ T30] imon 7-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 475.124675][ T30] imon:send_packet: packet tx failed (-71) [ 475.160851][ T30] imon 7-1:0.0: remote input dev register failed [ 475.202563][ T30] imon 7-1:0.0: imon_init_intf0: rc device setup failed [ 475.311205][ T50] hfsplus: b-tree write err: -5, ino 4 [ 475.436533][ T30] imon 7-1:0.0: unable to initialize intf0, err 0 [ 475.467481][ T30] imon:imon_probe: failed to initialize context! [ 475.494335][ T30] imon 7-1:0.0: unable to register, err -19 [ 475.594484][ T30] usb 7-1: USB disconnect, device number 3 [ 476.058336][T15072] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3923'. [ 476.986061][T15058] loop6: detected capacity change from 0 to 131072 [ 477.007917][T15058] F2FS-fs (loop6): QUOTA feature is enabled, so ignore qf_name [ 477.018333][T15058] F2FS-fs (loop6): build fault injection rate: 7 [ 477.024819][T15058] F2FS-fs (loop6): build fault injection type: 0x40004 [ 477.032637][T15058] F2FS-fs (loop6): invalid crc value [ 477.081714][T15058] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of read_compacted_summaries+0x17d/0xdc0 [ 477.097575][T15058] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of f2fs_build_segment_manager+0x3401/0xa1b0 [ 477.117508][T15058] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of f2fs_build_segment_manager+0x36c4/0xa1b0 [ 477.129938][T15058] F2FS-fs (loop6): Current segment's next free block offset is inconsistent with bitmap, logtype:4, segno:1, type:0, next_blkoff:6, blkofs:6 [ 477.150283][T15058] F2FS-fs (loop6): Failed to initialize F2FS segment manager (-117) [ 477.422609][ T31] audit: type=1326 audit(1769990452.284:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15094 comm="syz.1.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fbd59aeb9 code=0x7ffc0000 [ 477.559005][T15092] loop0: detected capacity change from 0 to 4096 [ 477.571344][ T31] audit: type=1326 audit(1769990452.284:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15094 comm="syz.1.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fbd59aeb9 code=0x7ffc0000 [ 477.659256][T15099] loop3: detected capacity change from 0 to 1024 [ 477.744344][T15099] EXT4-fs: Ignoring removed nomblk_io_submit option [ 477.761172][ T31] audit: type=1326 audit(1769990452.304:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15094 comm="syz.1.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fbd59aeb9 code=0x7ffc0000 [ 477.802522][T15101] loop2: detected capacity change from 0 to 512 [ 477.815661][T15092] ntfs3(loop0): MFT: r=19, expect seq=1 instead of a48d! [ 477.854622][T15092] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 477.876813][T15099] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 477.924099][ T31] audit: type=1326 audit(1769990452.314:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15094 comm="syz.1.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=199 compat=0 ip=0x7f6fbd59aeb9 code=0x7ffc0000 [ 478.017752][T15106] netlink: 'syz.1.3936': attribute type 2 has an invalid length. [ 478.065677][ T31] audit: type=1326 audit(1769990452.314:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15094 comm="syz.1.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fbd59aeb9 code=0x7ffc0000 [ 478.072440][T15106] netlink: 244 bytes leftover after parsing attributes in process `syz.1.3936'. [ 478.176493][ T31] audit: type=1326 audit(1769990452.314:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15094 comm="syz.1.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fbd59aeb9 code=0x7ffc0000 [ 478.271750][ T31] audit: type=1326 audit(1769990452.314:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15094 comm="syz.1.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fbd59aeb9 code=0x7ffc0000 [ 478.329146][ T5838] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 478.362751][ T31] audit: type=1326 audit(1769990452.314:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15094 comm="syz.1.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f6fbd59aeb9 code=0x7ffc0000 [ 478.480053][ T31] audit: type=1326 audit(1769990452.314:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15094 comm="syz.1.3932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f6fbd59aeb9 code=0x7ffc0000 [ 478.778182][T15123] binder: 15121:15123 ioctl c018620c 200000000240 returned -22 [ 478.786980][T15122] loop1: detected capacity change from 0 to 1024 [ 478.859470][T15122] EXT4-fs: Ignoring removed orlov option [ 478.957751][ T5930] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 479.054310][T15122] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 479.172451][ T5930] usb 4-1: Using ep0 maxpacket: 8 [ 479.211246][ T5930] usb 4-1: unable to get BOS descriptor or descriptor too short [ 479.247947][ T5930] usb 4-1: config 4 interface 0 has no altsetting 0 [ 479.305117][ T5930] usb 4-1: string descriptor 0 read error: -22 [ 479.325280][ T5930] usb 4-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05 [ 479.384655][ T5930] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 479.432100][ T5930] usb 4-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state [ 479.562084][ T5930] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 479.603181][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 479.635977][ T5930] dvbdev: DVB: registering new adapter (Sigmatek DVB-110) [ 479.658021][ T5930] usb 4-1: media controller created [ 479.776833][ T5930] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 479.952584][ T5930] zl10353_read_register: readreg error (reg=127, ret==0) [ 480.162106][ T5930] usb 4-1: USB disconnect, device number 26 [ 480.237443][T15151] loop6: detected capacity change from 0 to 4096 [ 480.524226][T15151] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 480.773256][T15163] netlink: 'syz.3.3963': attribute type 32 has an invalid length. [ 480.781136][T15163] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3963'. [ 480.851321][T15165] loop1: detected capacity change from 0 to 128 [ 480.904408][T15165] EXT4-fs: Ignoring removed nomblk_io_submit option [ 480.916816][T15165] EXT4-fs (loop1): Test dummy encryption mode enabled [ 480.966602][T15163] bond2: Setting coupled_control to off (0) [ 481.000850][T15165] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 481.076774][T15165] ext4 filesystem being mounted at /629/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 481.322432][ T30] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 481.329514][ T5826] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 481.385953][T15144] loop4: detected capacity change from 0 to 40427 [ 481.437605][T15144] F2FS-fs (loop4): build fault injection rate: 771 [ 481.468627][T15144] F2FS-fs (loop4): invalid crc value [ 481.549742][ T30] usb 7-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d [ 481.575191][ T30] usb 7-1: New USB device strings: Mfr=1, Product=12, SerialNumber=3 [ 481.627305][ T30] usb 7-1: Product: syz [ 481.653220][ T30] usb 7-1: Manufacturer: syz [ 481.657899][ T30] usb 7-1: SerialNumber: syz [ 481.695840][T15184] loop1: detected capacity change from 0 to 64 [ 481.757567][ T30] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state. [ 481.880101][T15144] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 481.938337][T15144] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 482.177853][ T30] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 482.204067][T15191] netlink: 652 bytes leftover after parsing attributes in process `syz.0.3975'. [ 482.216844][T15193] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 482.219404][ T30] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19) [ 482.244767][T15191] netlink: 120 bytes leftover after parsing attributes in process `syz.0.3975'. [ 482.295183][ T5828] syz-executor: attempt to access beyond end of device [ 482.295183][ T5828] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 482.327221][ T5828] CPU: 0 UID: 0 PID: 5828 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 482.327282][ T5828] Tainted: [L]=SOFTLOCKUP [ 482.327296][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 482.327320][ T5828] Call Trace: [ 482.327332][ T5828] [ 482.327346][ T5828] dump_stack_lvl+0x100/0x190 [ 482.327405][ T5828] f2fs_handle_critical_error+0x5d7/0x970 [ 482.327472][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.327520][ T5828] ? f2fs_build_fault_attr+0x53/0x1f0 [ 482.327585][ T5828] f2fs_write_end_io+0xc24/0xf00 [ 482.327654][ T5828] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 482.327723][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.327781][ T5828] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 482.327844][ T5828] bio_endio+0x755/0x8b0 [ 482.327911][ T5828] submit_bio_noacct+0x1b7/0x1e80 [ 482.327968][ T5828] __submit_merged_bio+0x331/0x6f0 [ 482.328044][ T5828] __submit_merged_write_cond+0x31a/0x3f0 [ 482.328123][ T5828] f2fs_write_cache_pages+0x21c8/0x2720 [ 482.328196][ T5828] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 482.328240][ T5828] ? __lock_acquire+0x4a5/0x2630 [ 482.328315][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.328361][ T5828] ? __lock_acquire+0x4a5/0x2630 [ 482.328527][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.328574][ T5828] ? __mod_zone_page_state+0xe2/0x190 [ 482.328634][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.328690][ T5828] f2fs_write_data_pages+0x5a7/0x1060 [ 482.328747][ T5828] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 482.328801][ T5828] ? do_writepages+0x4b5/0x600 [ 482.328850][ T5828] ? do_writepages+0x4b5/0x600 [ 482.328897][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.328948][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.328999][ T5828] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 482.329047][ T5828] do_writepages+0x278/0x600 [ 482.329104][ T5828] ? __pfx_do_writepages+0x10/0x10 [ 482.329152][ T5828] ? do_raw_spin_unlock+0x145/0x1e0 [ 482.329196][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.329242][ T5828] ? _raw_spin_unlock+0x28/0x50 [ 482.329291][ T5828] filemap_writeback+0x22d/0x2e0 [ 482.329349][ T5828] ? __pfx_filemap_writeback+0x10/0x10 [ 482.329466][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.329511][ T5828] ? find_held_lock+0x2b/0x80 [ 482.329559][ T5828] ? f2fs_sync_dirty_inodes+0x3a7/0x940 [ 482.329605][ T5828] ? f2fs_sync_dirty_inodes+0x3a7/0x940 [ 482.329650][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.329711][ T5828] f2fs_sync_dirty_inodes+0x46a/0x940 [ 482.329780][ T5828] block_operations+0x2a6/0xfc0 [ 482.329839][ T5828] ? __pfx_block_operations+0x10/0x10 [ 482.329883][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.329928][ T5828] ? kasan_save_stack+0x3f/0x50 [ 482.329993][ T5828] ? kasan_save_stack+0x30/0x50 [ 482.330115][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.330164][ T5828] ? ktime_get+0x200/0x300 [ 482.330218][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.330264][ T5828] ? lockdep_hardirqs_on+0x78/0x100 [ 482.330314][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.330360][ T5828] ? rcu_is_watching+0x12/0xc0 [ 482.330420][ T5828] f2fs_write_checkpoint+0x47d/0x5240 [ 482.330478][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.330523][ T5828] ? kfree+0x1c7/0x690 [ 482.330573][ T5828] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 482.330616][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.330662][ T5828] ? f2fs_stop_gc_thread+0x79/0xd0 [ 482.330715][ T5828] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 482.330774][ T5828] kill_f2fs_super+0x3d0/0x480 [ 482.330823][ T5828] ? __pfx_kill_f2fs_super+0x10/0x10 [ 482.330892][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.330956][ T5828] deactivate_locked_super+0xc1/0x1b0 [ 482.331021][ T5828] deactivate_super+0xe7/0x110 [ 482.331080][ T5828] cleanup_mnt+0x21f/0x450 [ 482.331147][ T5828] task_work_run+0x150/0x240 [ 482.331194][ T5828] ? __pfx_task_work_run+0x10/0x10 [ 482.331237][ T5828] ? srso_alias_return_thunk+0x5/0xfbef5 [ 482.331283][ T5828] ? __x64_sys_umount+0x124/0x1a0 [ 482.331333][ T5828] exit_to_user_mode_loop+0x100/0x4b0 [ 482.331372][ T5828] ? rcu_is_watching+0x12/0xc0 [ 482.331425][ T5828] do_syscall_64+0x4fe/0xf80 [ 482.331480][ T5828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.331520][ T5828] RIP: 0033:0x7efdb1f9c117 [ 482.331551][ T5828] Code: a2 c7 05 7c 94 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 482.331589][ T5828] RSP: 002b:00007ffcf9693078 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 482.331626][ T5828] RAX: 0000000000000000 RBX: 00007efdb200471f RCX: 00007efdb1f9c117 [ 482.331652][ T5828] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcf9693130 [ 482.331676][ T5828] RBP: 00007ffcf9693130 R08: 00007ffcf9694130 R09: 00000000ffffffff [ 482.331701][ T5828] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcf96941c0 [ 482.331725][ T5828] R13: 00007efdb200471f R14: 0000000000075b38 R15: 00007ffcf9694200 [ 482.331781][ T5828] [ 482.829422][ T5989] usb 7-1: USB disconnect, device number 4 [ 482.856249][ T5828] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 483.121044][T15200] loop1: detected capacity change from 0 to 256 [ 483.147709][T15176] loop3: detected capacity change from 0 to 32768 [ 483.160536][T15176] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3968 (15176) [ 483.186250][T15176] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 483.218511][T15200] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 256) [ 483.248695][T15176] BTRFS info (device loop3): using blake2b (blake2b-256-lib) checksum algorithm [ 483.352878][ T5930] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 483.373524][T15203] bridge0: entered promiscuous mode [ 483.411301][T15203] macsec2: entered promiscuous mode [ 483.492735][T15176] BTRFS info (device loop3): setting nodatasum [ 483.542399][T15176] BTRFS info (device loop3): enabling ssd optimizations [ 483.552306][ T5930] usb 1-1: Using ep0 maxpacket: 16 [ 483.575554][ T5930] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 483.591211][T15176] BTRFS info (device loop3): turning on async discard [ 483.607389][ T5930] usb 1-1: New USB device found, idVendor=04b4, idProduct=07b1, bcdDevice= 0.00 [ 483.622650][T15176] BTRFS info (device loop3): enabling free space tree [ 483.634295][T15221] loop1: detected capacity change from 0 to 256 [ 483.662466][ T5930] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 483.705960][ T5930] usb 1-1: config 0 descriptor?? [ 483.750184][T15221] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 484.113859][ T5838] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 484.132340][ T30] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 484.208461][T15226] loop2: detected capacity change from 0 to 4096 [ 484.224655][ T5930] cypress 0003:04B4:07B1.0021: hidraw0: USB HID v0.05 Device [HID 04b4:07b1] on usb-dummy_hcd.0-1/input0 [ 484.269218][T15228] netlink: 'syz.6.3986': attribute type 1 has an invalid length. [ 484.302786][T15228] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 484.312017][ T30] usb 2-1: Using ep0 maxpacket: 32 [ 484.324108][ T30] usb 2-1: config 4 has an invalid interface number: 128 but max is 0 [ 484.401438][ T30] usb 2-1: config 4 has no interface number 0 [ 484.452422][ T30] usb 2-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 484.485112][ T791] usb 1-1: USB disconnect, device number 20 [ 484.527796][ T30] usb 2-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 484.569281][ T30] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 484.627004][T15231] fido_id[15231]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 484.641480][ T30] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.750876][ T30] hub 2-1:4.128: USB hub found [ 484.945897][ T30] hub 2-1:4.128: 2 ports detected [ 484.951060][ T30] hub 2-1:4.128: Using single TT (err -22) [ 485.168240][ T30] hub 2-1:4.128: hub_hub_status failed (err = -71) [ 485.185183][ T30] hub 2-1:4.128: config failed, can't get hub status (err -71) [ 485.287144][ T30] usb 2-1: USB disconnect, device number 25 [ 486.182432][ T30] usb 3-1: new full-speed USB device number 26 using dummy_hcd [ 486.364553][ T30] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 486.412268][ T30] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 486.466652][ T30] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 486.520488][ T30] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 486.572783][ T30] usb 3-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00 [ 486.583115][ T30] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 486.589931][T15269] loop3: detected capacity change from 0 to 8192 [ 486.608395][T15247] loop0: detected capacity change from 0 to 32768 [ 486.608951][ T30] usb 3-1: config 0 descriptor?? [ 486.653223][T15269] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 486.727334][T15271] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 486.729050][T15247] [ 486.729050][T15247] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 486.729050][T15247] [ 486.851699][T15249] loop4: detected capacity change from 0 to 32768 [ 487.001138][T15249] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 487.108800][ T30] hid-u2fzero 0003:10C4:8ACF.0022: item fetching failed at offset 3/5 [ 487.133817][ T30] hid-u2fzero 0003:10C4:8ACF.0022: probe with driver hid-u2fzero failed with error -22 [ 487.229666][ T5837] [ 487.229666][ T5837] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 487.229666][ T5837] [ 487.334293][T15249] XFS (loop4): Ending clean mount [ 487.358721][ T5837] [ 487.358721][ T5837] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 487.358721][ T5837] [ 487.455783][ T5930] usb 3-1: USB disconnect, device number 26 [ 487.637696][ T5828] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 488.307929][T15304] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4019'. [ 488.535209][T15311] loop1: detected capacity change from 0 to 256 [ 488.641876][T15311] FAT-fs (loop1): Directory bread(block 64) failed [ 488.659278][T15311] FAT-fs (loop1): Directory bread(block 65) failed [ 488.669496][T15315] vivid-003: disconnect [ 488.690374][T15311] FAT-fs (loop1): Directory bread(block 66) failed [ 488.697913][T15317] loop4: detected capacity change from 0 to 128 [ 488.700902][T15314] vivid-003: reconnect [ 488.717613][T15311] FAT-fs (loop1): Directory bread(block 67) failed [ 488.719239][T15317] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 488.738179][T15311] FAT-fs (loop1): Directory bread(block 68) failed [ 488.767841][T15317] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 488.772314][T15311] FAT-fs (loop1): Directory bread(block 69) failed [ 488.815567][T15311] FAT-fs (loop1): Directory bread(block 70) failed [ 488.822172][T15311] FAT-fs (loop1): Directory bread(block 71) failed [ 488.862417][T15311] FAT-fs (loop1): Directory bread(block 72) failed [ 488.894231][T15311] FAT-fs (loop1): Directory bread(block 73) failed [ 489.082087][T14201] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 489.581567][T15333] netlink: 260 bytes leftover after parsing attributes in process `syz.1.4029'. [ 489.633306][T15333] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4029'. [ 489.983660][T15345] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 490.012931][T15309] loop3: detected capacity change from 0 to 40427 [ 490.080475][T15309] F2FS-fs (loop3): invalid crc value [ 490.427919][T15309] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 490.462904][T15309] F2FS-fs (loop3): Start checkpoint disabled! [ 490.548543][T15309] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0 [ 490.561740][T15309] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 490.621437][T15359] raw_sendmsg: syz.6.4044 forgot to set AF_INET. Fix it! [ 490.806032][T15365] loop4: detected capacity change from 0 to 64 [ 490.952552][ T5930] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 491.146005][ T5930] usb 1-1: config 0 has an invalid interface number: 69 but max is 0 [ 491.167098][ T5930] usb 1-1: config 0 has no interface number 0 [ 491.187030][ T5930] usb 1-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 491.224457][ T5930] usb 1-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 491.236832][ T30] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 491.293935][ T5930] usb 1-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 491.332454][ T5930] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 491.341667][ T5930] usb 1-1: Product: syz [ 491.382987][ T5930] usb 1-1: Manufacturer: syz [ 491.398124][ T5930] usb 1-1: SerialNumber: syz [ 491.402954][ T30] usb 3-1: Using ep0 maxpacket: 8 [ 491.425847][ T30] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 491.443713][ T5930] usb 1-1: config 0 descriptor?? [ 491.473653][T15361] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 491.484621][ T30] usb 3-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b [ 491.495963][ T5930] cyberjack 1-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 491.515639][ T30] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 491.552275][ T30] usb 3-1: Product: syz [ 491.557354][ T5930] usb 1-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 491.567874][ T30] usb 3-1: Manufacturer: syz [ 491.580746][ T30] usb 3-1: SerialNumber: syz [ 491.613015][ T30] usb 3-1: config 0 descriptor?? [ 491.636446][ T30] gspca_main: stk014-2.14.0 probing 05e1:0893 [ 491.664651][ T30] usb 3-1: selecting invalid altsetting 1 [ 491.733981][ C1] cyberjack ttyUSB0: cyberjack_read_int_callback - failed resubmitting read urb, error -22 [ 491.935603][ T9] usb 1-1: USB disconnect, device number 21 [ 491.978522][ T9] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 492.009217][ T9] cyberjack 1-1:0.69: device disconnected [ 492.119607][ T5930] usb 3-1: USB disconnect, device number 27 [ 492.162390][ T5989] usb 7-1: new full-speed USB device number 5 using dummy_hcd [ 492.280218][T15395] netlink: 'syz.1.4060': attribute type 3 has an invalid length. [ 492.322361][ T5807] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 492.354508][ T5989] usb 7-1: config 0 interface 0 altsetting 237 endpoint 0x81 has invalid wMaxPacketSize 0 [ 492.373319][ T5989] usb 7-1: config 0 interface 0 has no altsetting 0 [ 492.380217][ T5989] usb 7-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 492.390690][ T5989] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 492.469438][ T5989] usb 7-1: config 0 descriptor?? [ 492.492500][ T5807] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 492.517830][ T5807] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 492.543183][ T5807] usb 5-1: New USB device found, idVendor=0c70, idProduct=f00d, bcdDevice= 0.00 [ 492.563128][ T5807] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 492.606817][ T5807] usb 5-1: config 0 descriptor?? [ 492.890143][T15403] loop2: detected capacity change from 0 to 512 [ 492.938796][ T5989] sony 0003:054C:024B.0023: unbalanced delimiter at end of report description [ 492.958380][T15403] EXT4-fs: Ignoring removed nomblk_io_submit option [ 492.979268][ T5989] sony 0003:054C:024B.0023: parse failed [ 493.019358][ T5989] sony 0003:054C:024B.0023: probe with driver sony failed with error -22 [ 493.056505][ T5807] aquacomputer_d5next 0003:0C70:F00D.0024: reserved main item tag 0xe [ 493.065041][T15403] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 493.094095][T15393] loop3: detected capacity change from 0 to 32768 [ 493.119515][T15403] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002] [ 493.131714][T15403] EXT4-fs (loop2): orphan cleanup on readonly fs [ 493.139056][T15403] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0 [ 493.149424][T15403] EXT4-fs warning (device loop2): ext4_enable_quotas:7217: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 493.165432][T15403] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 493.193290][ T5807] aquacomputer_d5next 0003:0C70:F00D.0024: hidraw0: USB HID v40.00 Device [HID 0c70:f00d] on usb-dummy_hcd.4-1/input0 [ 493.222476][T15403] EXT4-fs error (device loop2): ext4_validate_block_bitmap:440: comm syz.2.4064: bg 0: block 40: padding at end of block bitmap is not set [ 493.276878][ T9] usb 7-1: USB disconnect, device number 5 [ 493.330521][T15403] EXT4-fs (loop2): Remounting filesystem read-only [ 493.368559][T15403] EXT4-fs (loop2): 1 truncate cleaned up [ 493.423369][T15403] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 493.478965][ T5807] usb 5-1: USB disconnect, device number 26 [ 493.591883][T15407] fido_id[15407]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 493.686456][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 493.992666][ T5807] usb 2-1: new full-speed USB device number 26 using dummy_hcd [ 494.206492][ T5807] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 494.250450][ T5807] usb 2-1: config 0 has no interface number 0 [ 494.274593][ T5807] usb 2-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 494.302304][ T5807] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 494.317729][ T5807] usb 2-1: Product: syz [ 494.322067][ T5807] usb 2-1: Manufacturer: syz [ 494.326908][ T5807] usb 2-1: SerialNumber: syz [ 494.344535][ T5807] usb 2-1: config 0 descriptor?? [ 494.365709][ T5807] usb 2-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 494.401625][ T5807] usb 2-1: selecting invalid altsetting 1 [ 494.437024][ T5807] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 494.458428][ T5807] usb 2-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter) [ 494.597799][ T5807] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 494.635445][ T5807] usb 2-1: USB disconnect, device number 26 [ 494.942894][ T791] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 495.132668][ T791] usb 3-1: config 220 has an invalid interface number: 76 but max is 2 [ 495.141718][ T791] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 495.176997][ T791] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 495.188625][ T791] usb 3-1: config 220 has no interface number 2 [ 495.199240][ T791] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 495.242369][ T791] usb 3-1: config 220 interface 0 has no altsetting 0 [ 495.249874][ T791] usb 3-1: config 220 interface 76 has no altsetting 0 [ 495.267938][ T791] usb 3-1: config 220 interface 1 has no altsetting 0 [ 495.308281][ T791] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 495.327761][ T791] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 495.358813][ T791] usb 3-1: Product: syz [ 495.372637][ T791] usb 3-1: Manufacturer: syz [ 495.382463][ T791] usb 3-1: SerialNumber: syz [ 495.461961][ T31] audit: type=1326 audit(1769990470.369:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15451 comm="syz.3.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f744079aeb9 code=0x7ffc0000 [ 495.563244][T15448] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 495.592812][T15453] loop3: detected capacity change from 0 to 512 [ 495.598529][ T31] audit: type=1326 audit(1769990470.369:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15451 comm="syz.3.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f744079aeb9 code=0x7ffc0000 [ 495.627323][T15453] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 495.685677][ T31] audit: type=1326 audit(1769990470.449:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15451 comm="syz.3.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f744079aeb9 code=0x7ffc0000 [ 495.749268][ T791] usb 3-1: selecting invalid altsetting 0 [ 495.766602][T15453] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 495.803311][ T791] uvcvideo 3-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 495.811058][T15453] ext4 filesystem being mounted at /663/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 495.821685][ T31] audit: type=1326 audit(1769990470.449:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15451 comm="syz.3.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f744079ac22 code=0x7ffc0000 [ 495.845653][ T791] uvcvideo 3-1:220.0: No valid video chain found. [ 495.854089][ T31] audit: type=1326 audit(1769990470.459:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15451 comm="syz.3.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f744075b78e code=0x7ffc0000 [ 495.877560][ T31] audit: type=1326 audit(1769990470.469:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15451 comm="syz.3.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f744079ace7 code=0x7ffc0000 [ 495.914989][ T791] usb 3-1: selecting invalid altsetting 0 [ 495.920805][ T791] usbtest 3-1:220.1: probe with driver usbtest failed with error -22 [ 495.965357][ T31] audit: type=1326 audit(1769990470.469:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15451 comm="syz.3.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f744075b78e code=0x7ffc0000 [ 495.972775][ T791] usb 3-1: USB disconnect, device number 28 [ 496.058107][ T31] audit: type=1326 audit(1769990470.469:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15451 comm="syz.3.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f744079ab4b code=0x7ffc0000 [ 496.159575][ T5838] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 496.184926][ T31] audit: type=1326 audit(1769990470.539:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15451 comm="syz.3.4085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f744075b78e code=0x7ffc0000 [ 496.240933][T15462] loop4: detected capacity change from 0 to 1024 [ 496.483999][T15442] loop0: detected capacity change from 0 to 32768 [ 496.521542][ T1072] hfsplus: b-tree write err: -5, ino 4 [ 496.700556][T15469] loop6: detected capacity change from 0 to 1024 [ 496.743282][T15469] EXT4-fs (loop6): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 496.828478][T15469] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 2: comm syz.6.4092: lblock 2 mapped to illegal pblock 2 (length 1) [ 496.942978][T15469] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 48: comm syz.6.4092: lblock 0 mapped to illegal pblock 48 (length 1) [ 496.973065][T15469] EXT4-fs error (device loop6): ext4_acquire_dquot:6984: comm syz.6.4092: Failed to acquire dquot type 0 [ 496.994883][T15479] loop2: detected capacity change from 0 to 256 [ 497.033937][T15469] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6298: Corrupt filesystem [ 497.071880][T15479] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 497.094040][T15469] EXT4-fs error (device loop6): ext4_evict_inode:253: inode #11: comm syz.6.4092: mark_inode_dirty error [ 497.144630][T15469] EXT4-fs warning (device loop6): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 497.174701][T15469] EXT4-fs (loop6): 1 orphan inode deleted [ 497.195295][T14201] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1) [ 497.219280][T15469] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 497.253787][T14201] EXT4-fs error (device loop6): ext4_release_dquot:7020: comm kworker/u8:4: Failed to release dquot type 0 [ 497.417848][T15469] EXT4-fs error (device loop6): __ext4_get_inode_loc:4829: comm syz.6.4092: Invalid inode table block 1 in block_group 0 [ 497.546131][T15469] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6298: Corrupt filesystem [ 497.667525][T15487] sd 0:0:1:0: device reset [ 497.775476][T13232] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 497.859240][T13232] EXT4-fs error (device loop6): __ext4_get_inode_loc:4829: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 497.937622][T13232] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6298: Corrupt filesystem [ 497.997318][T13232] EXT4-fs error (device loop6): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error [ 498.347780][T15477] loop3: detected capacity change from 0 to 32768 [ 498.428142][T15477] JBD2: Ignoring recovery information on journal [ 498.572352][ T5934] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 498.576381][T15477] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 498.743055][ T5934] usb 3-1: Using ep0 maxpacket: 32 [ 498.758148][ T5934] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 498.803348][ T5934] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 498.864290][ T5934] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 498.915986][ T5934] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 498.947581][ T5934] usb 3-1: config 0 descriptor?? [ 499.085896][ T5838] ocfs2: Unmounting device (7,3) on (node local) [ 499.438620][ T5934] kone 0003:1E7D:2CED.0025: item fetching failed at offset 1/5 [ 499.489777][ T5934] kone 0003:1E7D:2CED.0025: parse failed [ 499.574616][ T5934] kone 0003:1E7D:2CED.0025: probe with driver kone failed with error -22 [ 499.649599][ T5934] usb 3-1: USB disconnect, device number 29 [ 499.838652][T15536] netlink: 256 bytes leftover after parsing attributes in process `syz.3.4117'. [ 500.031632][T15543] loop4: detected capacity change from 0 to 1024 [ 500.407927][T14201] hfsplus: b-tree write err: -5, ino 4 [ 500.437000][T15553] loop6: detected capacity change from 0 to 256 [ 500.490339][T15553] exfat: Deprecated parameter 'namecase' [ 500.572933][T15553] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 500.739337][T15554] loop0: detected capacity change from 0 to 4096 [ 500.936548][T15554] ntfs3(loop0): failed to convert "0080" to cp855 [ 500.962863][ T9] usb 5-1: new full-speed USB device number 27 using dummy_hcd [ 501.199317][ T9] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 501.243444][ T9] usb 5-1: config 0 has no interface number 0 [ 501.286627][ T9] usb 5-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 501.305269][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 501.336807][ T9] usb 5-1: Product: syz [ 501.341061][ T9] usb 5-1: Manufacturer: syz [ 501.374222][ T9] usb 5-1: SerialNumber: syz [ 501.413073][ T9] usb 5-1: config 0 descriptor?? [ 501.459147][ T9] usb 5-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 501.487540][ T9] usb 5-1: selecting invalid altsetting 1 [ 501.493582][ T9] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 501.518834][ T9] usb 5-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter) [ 501.539694][T15576] loop6: detected capacity change from 0 to 4096 [ 501.704678][ T9] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 501.792633][ T9] usb 5-1: USB disconnect, device number 27 [ 501.809987][T15581] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 501.821153][ T5836] Bluetooth: hci4: unexpected event for opcode 0x0c2d [ 501.951672][T15576] NILFS error (device loop6): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 502.029306][T15576] Remounting filesystem read-only [ 502.184575][T13232] NILFS (loop6): disposed unprocessed dirty file(s) when detaching log writer [ 502.640708][T15573] loop3: detected capacity change from 0 to 32768 [ 502.652420][ T30] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 502.696376][T15573] JBD2: Ignoring recovery information on journal [ 502.824472][ T30] usb 7-1: Using ep0 maxpacket: 8 [ 502.877653][ T30] usb 7-1: config index 0 descriptor too short (expected 30, got 18) [ 502.901725][ T30] usb 7-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 502.914349][T15573] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 502.950561][ T30] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 503.005603][ T30] usb 7-1: Product: syz [ 503.026187][ T30] usb 7-1: Manufacturer: syz [ 503.030869][ T30] usb 7-1: SerialNumber: syz [ 503.085503][ T30] usb 7-1: config 0 descriptor?? [ 503.128562][ T30] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 503.152394][ T30] usb 7-1: setting power ON [ 503.158104][ T30] dvb-usb: bulk message failed: -22 (2/0) [ 503.224567][ T30] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 503.253645][ T30] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 503.272869][ T30] usb 7-1: media controller created [ 503.349888][ T30] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 503.365405][T15590] dvb-usb: bulk message failed: -22 (3/0) [ 503.372049][T15590] cxusb: i2c rd: len=1792 is too big! [ 503.372049][T15590] [ 503.389055][T15588] loop1: detected capacity change from 0 to 32768 [ 503.398279][ T5838] ocfs2: Unmounting device (7,3) on (node local) [ 503.484238][ T30] usb 7-1: selecting invalid altsetting 6 [ 503.490766][ T30] usb 7-1: digital interface selection failed (-22) [ 503.572356][ T30] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 503.609069][ T30] usb 7-1: setting power OFF [ 503.658400][ T30] dvb-usb: bulk message failed: -22 (2/0) [ 503.688183][ T30] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 503.737711][ T30] (NULL device *): no alternate interface [ 503.904794][ T30] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 504.011229][ T30] usb 7-1: USB disconnect, device number 6 [ 504.435504][T15628] loop1: detected capacity change from 0 to 1024 [ 504.523072][T15628] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 504.665241][T15628] EXT4-fs: Ignoring sb option on remount [ 504.723857][ T30] usb 1-1: new full-speed USB device number 22 using dummy_hcd [ 504.732657][T15628] EXT4-fs: Ignoring removed orlov option [ 504.774393][T15628] EXT4-fs: Ignoring removed nomblk_io_submit option [ 504.812421][T15628] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 504.821677][T15638] loop6: detected capacity change from 0 to 2048 [ 504.821954][T15628] EXT4-fs: Remounting fs w/o journal so ignoring data_err option [ 504.851713][T15640] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4168'. [ 504.854466][T15628] EXT4-fs: can't change dax mount option while remounting [ 504.880224][T15638] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024) [ 504.925416][ T30] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 504.944493][ T30] usb 1-1: config 0 has no interface number 0 [ 504.964661][T15641] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 504.966076][T15612] loop3: detected capacity change from 0 to 32768 [ 504.995487][ T30] usb 1-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 505.022816][ T30] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 505.069108][ T30] usb 1-1: Product: syz [ 505.089467][ T30] usb 1-1: Manufacturer: syz [ 505.105716][T15643] loop2: detected capacity change from 0 to 256 [ 505.108017][ T30] usb 1-1: SerialNumber: syz [ 505.170097][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 505.195299][ T30] usb 1-1: config 0 descriptor?? [ 505.251078][T15643] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 505.255556][ T30] usb 1-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 505.307916][ T30] usb 1-1: selecting invalid altsetting 1 [ 505.345381][ T30] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 505.411446][ T30] usb 1-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter) [ 505.488605][ T30] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 505.546380][ T30] usb 1-1: USB disconnect, device number 22 [ 505.782605][T15649] loop6: detected capacity change from 0 to 128 [ 505.790257][T15649] EXT4-fs: Ignoring removed nobh option [ 505.847359][T15649] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 505.870032][T15649] ext4 filesystem being mounted at /136/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 506.114666][T15649] EXT4-fs warning (device loop6): ext4_group_extend:1862: can't shrink FS - resize aborted [ 506.436708][T13232] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 506.711670][T15675] loop4: detected capacity change from 0 to 1024 [ 506.774384][T15680] xt_l2tp: invalid flags combination: 0 [ 506.781427][T15675] EXT4-fs: inline encryption not supported [ 506.908970][T15675] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 507.242830][T15675] EXT4-fs: Ignoring removed orlov option [ 507.278173][T15675] EXT4-fs (loop4): can't enable nombcache during remount [ 507.480307][ T5828] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 507.765910][T15709] loop6: detected capacity change from 0 to 1024 [ 507.830549][T15709] hfsplus: bad catalog entry type [ 507.896905][T15716] loop0: detected capacity change from 0 to 128 [ 507.946074][T15716] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only [ 507.978729][T15720] loop3: detected capacity change from 0 to 512 [ 507.985663][T15719] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4202'. [ 508.004457][ T5942] hfsplus: b-tree write err: -5, ino 4 [ 508.014262][T15716] hpfs: filesystem error: improperly stopped [ 508.020367][T15716] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 508.073701][T15716] hpfs: Proceeding, but your filesystem could be corrupted if you delete files or directories [ 508.143778][T15716] hpfs: You really don't want any checks? You are crazy... [ 508.176057][T15720] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 508.200344][T15716] hpfs: hpfs_map_sector(): read error [ 508.254600][T15716] hpfs: code page support is disabled [ 508.297441][T15720] ext4 filesystem being mounted at /677/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 508.353138][T15716] hpfs: hpfs_map_4sectors(): unaligned read [ 508.431115][T15716] hpfs: hpfs_map_4sectors(): unaligned read [ 508.447399][T15728] loop6: detected capacity change from 0 to 2048 [ 508.462844][T15716] hpfs: filesystem error: unable to find root dir [ 508.494063][T15731] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 508.577158][T15720] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #2: comm syz.3.4203: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 508.683124][T15733] loop4: detected capacity change from 0 to 256 [ 508.719943][T15733] exfat: Deprecated parameter 'utf8' [ 508.798961][T15728] NILFS error (device loop6): nilfs_dotdot: directory #12 missing '..' [ 508.823734][T15733] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d) [ 508.910161][ T5838] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 508.922895][T15728] Remounting filesystem read-only [ 509.086709][T15737] [U]  [ 509.103333][T15737] [U] K{ [ 509.106649][T15737] [U] T 1ŠFFˊ`GJǘGO/MC [ 509.131517][T13232] NILFS (loop6): disposed unprocessed dirty file(s) when detaching log writer [ 509.172416][T15737] [U] Tؖ/,~ĜJ}8'O1"7-΂JQKWQ5C%"H12YX`ȼ`+(¿!(Z'TXLNIGJݭP~7!"ب (5OBܤ̓J [ 509.220903][ T5934] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 509.235320][T15739] loop3: detected capacity change from 0 to 1024 [ 509.258762][T15737] [U] K\&}66XHX Ե.`A$40|϶9ި U4ĮVBZ}WMTQΦR 4 [ 509.310031][T15737] [U] ".H6"KÇ[J4IN[Z(C|T]Z{3C=XԞ˅4W)\TXJSH{Q;̹T+G߮D.˂>YWUHFNHL]S2\G%O&Z)К'PUL_< ذҮ`ұTޜ;_"(U{7J2X /'CIHCճV=AI%WES RJΜGR͡HIA6-DV I"Nƨ ASC~48C*OO5/ߜJ~WVK+3Y)MVYQƽDTROTPEM%FEJA5T_-X~^AAۂҘQ [ 509.420951][ T5934] usb 2-1: Using ep0 maxpacket: 8 [ 509.449603][ T5934] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 509.453348][T15737] [U] +WG?]'A: )' B>TF/<'U'HI.+]E.-ɿ߿%>2`^U8F.63+A«G3P6:^0TV'ETYCNRϩNPJ ;Zۑ8!\مAʖ2$е­WI.#/BAI`4JDY@ZGW5˿B ٜNY"VI2 [ 509.482346][ T5934] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 509.502855][ T1143] hfsplus: b-tree write err: -5, ino 4 [ 509.519164][ T5934] usb 2-1: Product: syz [ 509.550257][ T5934] usb 2-1: Manufacturer: syz [ 509.558415][T15737] [U] ܾ4B`˗HT_K5TYJ9C$BRLNUL 9W|G"ʃ%ڶC؝Q 3QN^HP*$ .7Yӱ2 [ 509.570324][ T5934] usb 2-1: SerialNumber: syz [ 509.609492][ T5934] usb 2-1: config 0 descriptor?? [ 509.619097][T15737] [U] ? H*3͝7ɍ^#Q"0~ (OX LB,'V=CSGS0ւ`ه=1(ξP#2DO*Ƀ [ 509.641196][T15727] loop2: detected capacity change from 0 to 32768 [ 509.677159][ T5934] gspca_main: se401-2.14.0 probing 047d:5003 [ 509.689182][T15737] [U] SGGUD-{|&ѐ2LC_!`OZ֥B%>RѶWχݎSSH"YA4O.YďRTԶB[+/<>{Q_՝LX8U{Zؐ)7?RR;CRHײڣ1>)Mă‰T(Aϝ}9ڥJ*Mќġ'LQ DWظ=|Q ÆW;5Ž!DBX`ɧ/E`Ʀ\ [ 510.028909][T15737] [U] MX"{; ե٘_O2)O.2W2ʲYX_ HPϱSD:]{Ƚ [ 510.029640][T15751] random: crng reseeded on system resumption [ 510.095433][T15737] [U] I,>Ӥ 51^1N4OǶ'0?֒I9W._.WAV`)ZC6GIӹAXL[F*OW)+'\N[K@2ǬP"^` ؿ [ 510.132806][ T5934] gspca_se401: Bayer format not supported! [ 510.164711][T15737] [U] 22Ʃ۩X?0;3U [ 510.169953][T15737] [U] ޜƍSOBX8W4(~/KUԖOQE+G-YGY_>V3.Hә]̈́2)D, D~D+W; A\FPȘ|$)KؐIɿKYT^RǙA=#ܜ ͿAET1ݯ4K.E"RS|ПS:>P R"Zڭ#P!KY"}FN84ܳHޱOS̫%DLWMƲ [ 510.272523][T15737] [U] [['XN' ,MR/1D=!DX91BWǻRLFK̤Z#`̑ L؛˜B~M [ 510.291161][T15737] [U] L>сD+D"5ʍH3<IR=F^FNVDOIO:U>Y [ 510.327612][T15737] [U] 'B6V20ķǞ׌"T8{9FW]̩ [ 510.372950][T15737] [U] 72މUC6τI]8CTۨQSKYI¹ |V'TV/G$[ 9KH`"ܑ}[^=0]%̂TF_V4C [ 510.416424][T15737] [U] EC [ 510.444611][ T5930] usb 2-1: USB disconnect, device number 27 [ 510.450876][T15737] [U] |<:^3$7NK~-@?/MTL۾IWȬ@G~T{P+$JP| IRIӍPM Y ڔ8TV,L, [ 510.496858][T15737] [U] K)0~ܳʪIP'FҜZR @B]5{ʼ'8ƥFUTQUDǩK;7ͪ0C[YYCذML8T͚5RXW XOQHVI'8L [ 510.743862][T15759] trusted_key: encrypted_key: keylen parameter is missing [ 511.204325][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 511.211665][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 511.622583][T15787] sp0: Synchronizing with TNC [ 511.664795][T15791] loop6: detected capacity change from 0 to 512 [ 511.810561][T15791] EXT4-fs error (device loop6): ext4_iget_extra_inode:5072: inode #15: comm syz.6.4236: corrupted in-inode xattr: invalid ea_ino [ 511.921411][T15791] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.4236: couldn't read orphan inode 15 (err -117) [ 511.933220][T15796] option changes via remount are deprecated (pid=15795 comm=syz.4.4237) [ 511.955476][T15791] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 512.205680][T15800] loop0: detected capacity change from 0 to 128 [ 512.219704][T15791] EXT4-fs: Ignoring removed orlov option [ 512.235444][T15791] EXT4-fs: can't change dax mount option while remounting [ 512.280765][T15802] openvswitch: netlink: Missing key (keys=40, expected=100) [ 512.313834][T15800] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 512.395069][T15800] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 512.408380][T13232] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 512.598356][T15781] loop2: detected capacity change from 0 to 32768 [ 512.611017][T15803] overlayfs: failed to create directory ./bus/work (errno: 28); mounting read-only [ 512.678545][T15803] overlayfs: failed to get uuid (/file0, err=-95); falling back to uuid=null. [ 513.887583][T15827] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4251'. [ 514.635857][T15843] loop3: detected capacity change from 0 to 1024 [ 514.695651][ T6238] udevd[6238]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 515.339718][ T5934] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 515.757174][T15868] loop1: detected capacity change from 0 to 2048 [ 515.864559][T15871] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 515.907844][T15864] loop0: detected capacity change from 0 to 32768 [ 515.937260][ T5934] usb 7-1: Using ep0 maxpacket: 8 [ 515.953076][ T5934] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E [ 515.965910][ T5934] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 515.976029][ T5934] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 515.986684][T15868] NILFS error (device loop1): nilfs_dotdot: directory #12 missing '..' [ 516.001593][T15868] Remounting filesystem read-only [ 516.001869][T15864] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 516.016885][T15864] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 516.039123][T15864] gfs2: fsid=syz:syz.s: fatal: filesystem consistency error - inode = 1 71, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 442 [ 516.054246][T15864] gfs2: fsid=syz:syz.s: G: s:SH n:2/47 f:aqonN t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 516.063671][T15864] gfs2: fsid=syz:syz.s: H: s:SH f:eEcH e:0 p:15864 [syz.0.4268] init_inodes+0xf43/0x2760 [ 516.075285][T15864] gfs2: fsid=syz:syz.s: I: n:1/71 t:8 f:0x00 d:0x00000200 s:8388608 p:0 [ 516.084745][T15864] CPU: 0 UID: 0 PID: 15864 Comm: syz.0.4268 Tainted: G L syzkaller #0 PREEMPT(full) [ 516.084825][T15864] Tainted: [L]=SOFTLOCKUP [ 516.084844][T15864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 516.084874][T15864] Call Trace: [ 516.084888][T15864] [ 516.084906][T15864] dump_stack_lvl+0x100/0x190 [ 516.084972][T15864] gfs2_withdraw.cold+0xa/0xed [ 516.085061][T15864] inode_go_instantiate+0xee4/0x1310 [ 516.085128][T15864] ? __pfx_inode_go_instantiate+0x10/0x10 [ 516.085182][T15864] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 516.085261][T15864] gfs2_instantiate+0x16c/0x250 [ 516.085337][T15864] gfs2_glock_wait+0x214/0x330 [ 516.085413][T15864] ? __pfx_gfs2_glock_wait+0x10/0x10 [ 516.085491][T15864] ? srso_alias_return_thunk+0x5/0xfbef5 [ 516.085561][T15864] gfs2_glock_nq+0xa03/0x14f0 [ 516.085612][T15864] ? srso_alias_return_thunk+0x5/0xfbef5 [ 516.085682][T15864] check_journal_clean+0x123/0x2b0 [ 516.085730][T15864] ? __pfx_gfs2_lookupi+0x10/0x10 [ 516.085799][T15864] ? __pfx_check_journal_clean+0x10/0x10 [ 516.085867][T15864] ? srso_alias_return_thunk+0x5/0xfbef5 [ 516.085928][T15864] ? do_raw_spin_lock+0x128/0x260 [ 516.085982][T15864] ? srso_alias_return_thunk+0x5/0xfbef5 [ 516.086042][T15864] ? find_held_lock+0x2b/0x80 [ 516.086112][T15864] ? init_inodes+0xf43/0x2760 [ 516.086167][T15864] ? srso_alias_return_thunk+0x5/0xfbef5 [ 516.086228][T15864] ? do_raw_spin_unlock+0x145/0x1e0 [ 516.086287][T15864] ? srso_alias_return_thunk+0x5/0xfbef5 [ 516.086347][T15864] ? _raw_spin_unlock+0x28/0x50 [ 516.086399][T15864] ? gfs2_jdesc_find+0xbf/0x100 [ 516.086468][T15864] init_inodes+0xf43/0x2760 [ 516.086545][T15864] ? __pfx_init_inodes+0x10/0x10 [ 516.086611][T15864] ? gfs2_fill_super+0x1d3d/0x2d00 [ 516.086667][T15864] ? init_sb+0xb83/0xfd0 [ 516.086730][T15864] ? __pfx_snprintf+0x10/0x10 [ 516.086812][T15864] ? gfs2_fill_super+0x1d3d/0x2d00 [ 516.086875][T15864] ? srso_alias_return_thunk+0x5/0xfbef5 [ 516.086937][T15864] gfs2_fill_super+0x1d3d/0x2d00 [ 516.086993][T15864] ? __pfx_vsnprintf+0x10/0x10 [ 516.087072][T15864] ? __pfx_gfs2_fill_super+0x10/0x10 [ 516.087130][T15864] ? __pfx_snprintf+0x10/0x10 [ 516.087189][T15864] ? gfs2_fill_super+0x19ba/0x2d00 [ 516.087244][T15864] ? find_held_lock+0x2b/0x80 [ 516.087308][T15864] ? srso_alias_return_thunk+0x5/0xfbef5 [ 516.087369][T15864] ? set_blocksize+0x403/0x510 [ 516.087418][T15864] ? setup_bdev_super+0x337/0x730 [ 516.087493][T15864] ? srso_alias_return_thunk+0x5/0xfbef5 [ 516.087554][T15864] ? sb_set_blocksize+0x1fe/0x290 [ 516.087617][T15864] ? get_tree_bdev_flags+0x38c/0x620 [ 516.087696][T15864] get_tree_bdev_flags+0x38c/0x620 [ 516.087773][T15864] ? __pfx_gfs2_fill_super+0x10/0x10 [ 516.087845][T15864] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 516.087923][T15864] ? vfs_parse_fs_qstr+0x144/0x1c0 [ 516.087985][T15864] ? srso_alias_return_thunk+0x5/0xfbef5 [ 516.088053][T15864] ? srso_alias_return_thunk+0x5/0xfbef5 [ 516.088113][T15864] ? apparmor_capable+0x1d7/0x4e0 [ 516.088187][T15864] gfs2_get_tree+0x4e/0x280 [ 516.088244][T15864] vfs_get_tree+0x92/0x320 [ 516.088306][T15864] ? srso_alias_return_thunk+0x5/0xfbef5 [ 516.088371][T15864] path_mount+0x7d0/0x23c0 [ 516.088437][T15864] ? __pfx_path_mount+0x10/0x10 [ 516.088492][T15864] ? kmem_cache_free+0x143/0x720 [ 516.088567][T15864] ? strncpy_from_user+0x19d/0x2d0 [ 516.088637][T15864] ? putname+0xf5/0x1a0 [ 516.088695][T15864] ? srso_alias_return_thunk+0x5/0xfbef5 [ 516.088756][T15864] ? putname+0xfa/0x1a0 [ 516.088811][T15864] ? __x64_sys_mount+0x293/0x310 [ 516.088873][T15864] ? srso_alias_return_thunk+0x5/0xfbef5 [ 516.088932][T15864] __x64_sys_mount+0x293/0x310 [ 516.088992][T15864] ? __pfx___x64_sys_mount+0x10/0x10 [ 516.089069][T15864] do_syscall_64+0xc9/0xf80 [ 516.089142][T15864] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 516.089193][T15864] RIP: 0033:0x7f5781f9c14a [ 516.089234][T15864] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 516.089287][T15864] RSP: 002b:00007f5782f22e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 516.089333][T15864] RAX: ffffffffffffffda RBX: 00007f5782f22ee0 RCX: 00007f5781f9c14a [ 516.089367][T15864] RDX: 0000200000000000 RSI: 0000200000037f80 RDI: 00007f5782f22ea0 [ 516.089399][T15864] RBP: 0000200000000000 R08: 00007f5782f22ee0 R09: 0000000000000010 [ 516.089432][T15864] R10: 0000000000000010 R11: 0000000000000246 R12: 0000200000037f80 [ 516.089464][T15864] R13: 00007f5782f22ea0 R14: 0000000000037f6a R15: 0000200000000040 [ 516.089528][T15864] [ 516.534026][T15864] gfs2: fsid=syz:syz.s: Error -5 locking journal for spectator mount. [ 516.658853][ T5826] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 516.677994][ T5934] usb 7-1: New USB device found, idVendor=187f, idProduct=0200, bcdDevice=6b.ad [ 516.687204][ T5934] usb 7-1: New USB device strings: Mfr=55, Product=237, SerialNumber=3 [ 516.695604][ T5934] usb 7-1: Product: syz [ 516.699866][ T5934] usb 7-1: Manufacturer: syz [ 516.704494][ T5934] usb 7-1: SerialNumber: syz [ 516.713994][ T5934] usb 7-1: config 0 descriptor?? [ 516.724856][ T5934] smsusb:smsusb_probe: board id=2, interface number 0 [ 516.736724][ T5934] smsusb:smsusb_probe: Device initialized with return code -19 [ 516.791788][T15845] loop2: detected capacity change from 0 to 40427 [ 516.900364][T15845] F2FS-fs (loop2): Invalid SB checksum offset: 0 [ 516.977974][T15845] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 517.069185][T15845] F2FS-fs (loop2): invalid crc value [ 517.076320][ T30] usb 7-1: USB disconnect, device number 7 [ 517.189375][T15886] futex_wake_op: syz.0.4275 tries to shift op by 32; fix this program [ 517.194978][ T31] kauditd_printk_skb: 14 callbacks suppressed [ 517.195005][ T31] audit: type=1326 audit(1769990748.104:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15887 comm="syz.1.4273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fbd59aeb9 code=0x7ffc0000 [ 517.378053][ T31] audit: type=1326 audit(1769990748.165:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15887 comm="syz.1.4273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f6fbd59aeb9 code=0x7ffc0000 [ 517.487245][ T31] audit: type=1326 audit(1769990748.165:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15887 comm="syz.1.4273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fbd59aeb9 code=0x7ffc0000 [ 517.571210][T15845] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 517.598097][T15892] loop4: detected capacity change from 0 to 128 [ 517.631964][ T31] audit: type=1326 audit(1769990748.165:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15887 comm="syz.1.4273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fbd59aeb9 code=0x7ffc0000 [ 517.701811][ T31] audit: type=1326 audit(1769990748.165:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15887 comm="syz.1.4273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=86 compat=0 ip=0x7f6fbd59aeb9 code=0x7ffc0000 [ 517.770496][ T31] audit: type=1326 audit(1769990748.175:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15887 comm="syz.1.4273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fbd59aeb9 code=0x7ffc0000 [ 518.013891][T15900] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 518.400646][ T5930] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 518.588036][ T5930] usb 1-1: New USB device found, idVendor=16ca, idProduct=1502, bcdDevice=a9.25 [ 518.604241][ T5930] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 518.621865][ T5930] usb 1-1: Product: syz [ 518.636732][ T5930] usb 1-1: Manufacturer: syz [ 518.639813][T13735] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 518.641397][ T5930] usb 1-1: SerialNumber: syz [ 518.655924][ T30] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 518.685363][ T5930] usb 1-1: config 0 descriptor?? [ 518.798958][T13735] usb 2-1: Using ep0 maxpacket: 16 [ 518.809174][T13735] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 518.809539][ T30] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 518.831947][T13735] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 518.849566][T13735] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 518.856402][ T30] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 518.862750][ T5934] usb 7-1: new full-speed USB device number 8 using dummy_hcd [ 518.884785][ T30] usb 4-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.00 [ 518.894726][ T30] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 518.915815][T13735] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 518.924956][T13735] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 518.954224][T13735] usb 2-1: config 0 descriptor?? [ 518.995027][ T30] usb 4-1: config 0 descriptor?? [ 519.075386][ T5930] usb 1-1: USB disconnect, device number 23 [ 519.097709][ T5934] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 519.125360][ T5934] usb 7-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00 [ 519.149601][ T5934] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 519.177130][ T5934] usb 7-1: config 0 descriptor?? [ 519.197891][T15920] raw-gadget.3 gadget.6: fail, usb_ep_enable returned -22 [ 519.322509][T15930] loop2: detected capacity change from 0 to 2048 [ 519.368414][T15930] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 519.414657][T13735] microsoft 0003:045E:07DA.0026: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 519.454263][T13735] microsoft 0003:045E:07DA.0026: no inputs found [ 519.462851][T13735] microsoft 0003:045E:07DA.0026: could not initialize ff, continuing anyway [ 519.483906][ T30] kye 0003:0458:5012.0027: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 519.515077][T15930] UDF-fs: error (device loop2): udf_fiiter_advance_blk: extent after position 232 not allocated in directory (ino 1376) [ 519.546835][ T30] kye 0003:0458:5012.0027: hidraw1: USB HID v0.00 Device [HID 0458:5012] on usb-dummy_hcd.3-1/input0 [ 519.575461][ T30] kye 0003:0458:5012.0027: tablet-enabling feature report not found [ 519.608785][ T30] kye 0003:0458:5012.0027: tablet enabling failed [ 519.826902][ T5934] razer 0003:1532:010E.0028: hidraw1: USB HID v1.01 Device [HID 1532:010e] on usb-dummy_hcd.6-1/input0 [ 519.827582][ T30] usb 2-1: USB disconnect, device number 28 [ 519.918056][ T5934] usb 7-1: USB disconnect, device number 8 [ 520.090027][ T30] usb 4-1: USB disconnect, device number 27 [ 520.375550][T15943] fido_id[15943]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 520.442307][T15947] can0: slcan on ptm0. [ 520.585512][T15946] can0 (unregistered): slcan off ptm0. [ 520.666116][T15953] loop1: detected capacity change from 0 to 256 [ 520.699749][T15953] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 520.757472][T15953] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512 [ 520.818396][T15953] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 520.854818][T15953] UDF-fs: Scanning with blocksize 512 failed [ 520.949990][T15953] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 521.064769][T15953] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 521.076750][T15966] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4311'. [ 521.164648][ T30] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 521.329585][T15972] loop0: detected capacity change from 0 to 65 [ 521.334221][T15974] loop4: detected capacity change from 0 to 64 [ 521.367758][ T30] usb 3-1: Using ep0 maxpacket: 16 [ 521.376448][T15972] BFS-fs: bfs_fill_super(): NOTE: filesystem loop0 was created with 512 inodes, the real maximum is 511, mounting anyway [ 521.382253][ T30] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 521.518851][T15974] syz.4.4315: attempt to access beyond end of device [ 521.518851][T15974] loop4: rw=8390657, sector=65, nr_sectors = 1 limit=64 [ 521.523164][ T30] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 521.618274][T15974] Buffer I/O error on dev loop4, logical block 65, lost async page write [ 521.649384][ T31] audit: type=1326 audit(1769990752.567:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15976 comm="syz.6.4318" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f172199aeb9 code=0x0 [ 521.672293][ T30] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 521.692682][T15974] syz.4.4315: attempt to access beyond end of device [ 521.692682][T15974] loop4: rw=8390657, sector=66, nr_sectors = 1 limit=64 [ 521.730877][T15974] Buffer I/O error on dev loop4, logical block 66, lost async page write [ 521.734675][ T30] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 521.767920][T15974] syz.4.4315: attempt to access beyond end of device [ 521.767920][T15974] loop4: rw=8390657, sector=67, nr_sectors = 1 limit=64 [ 521.794988][ T30] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 521.846940][T15974] Buffer I/O error on dev loop4, logical block 67, lost async page write [ 521.851064][ T30] usb 3-1: config 0 descriptor?? [ 521.892219][T15974] syz.4.4315: attempt to access beyond end of device [ 521.892219][T15974] loop4: rw=8390657, sector=68, nr_sectors = 1 limit=64 [ 521.944740][T15974] Buffer I/O error on dev loop4, logical block 68, lost async page write [ 521.974866][T15974] syz.4.4315: attempt to access beyond end of device [ 521.974866][T15974] loop4: rw=8390657, sector=72, nr_sectors = 1 limit=64 [ 522.034430][T15974] Buffer I/O error on dev loop4, logical block 72, lost async page write [ 522.043012][T15974] syz.4.4315: attempt to access beyond end of device [ 522.043012][T15974] loop4: rw=8390657, sector=73, nr_sectors = 1 limit=64 [ 522.121266][T15974] Buffer I/O error on dev loop4, logical block 73, lost async page write [ 522.187765][T15974] syz.4.4315: attempt to access beyond end of device [ 522.187765][T15974] loop4: rw=8390657, sector=76, nr_sectors = 1 limit=64 [ 522.318807][T15974] Buffer I/O error on dev loop4, logical block 76, lost async page write [ 522.332271][ T30] microsoft 0003:045E:07DA.0029: unknown main item tag 0x2 [ 522.357112][T15974] syz.4.4315: attempt to access beyond end of device [ 522.357112][T15974] loop4: rw=8390657, sector=77, nr_sectors = 1 limit=64 [ 522.370922][ T30] microsoft 0003:045E:07DA.0029: item 0 2 0 11 parsing failed [ 522.371861][ T30] microsoft 0003:045E:07DA.0029: parse failed [ 522.434360][ T30] microsoft 0003:045E:07DA.0029: probe with driver microsoft failed with error -22 [ 522.504166][T15974] Buffer I/O error on dev loop4, logical block 77, lost async page write [ 522.557878][T15974] syz.4.4315: attempt to access beyond end of device [ 522.557878][T15974] loop4: rw=2049, sector=78, nr_sectors = 95 limit=64 [ 523.022545][ T30] usb 3-1: USB disconnect, device number 30 [ 523.297275][T16020] [U] [ 523.300642][T16020] [U] [ 523.303385][T16020] [U] [ 523.306129][T16020] [U] [ 523.308902][T16020] [U] [ 523.311642][T16020] [U] [ 523.314393][T16020] [U] [ 523.317129][T16020] [U] [ 523.338644][ T5933] usb 7-1: new full-speed USB device number 9 using dummy_hcd [ 523.383461][T16020] [U] [ 523.386269][T16020] [U] [ 523.389019][T16020] [U] [ 523.421664][T16022] loop4: detected capacity change from 0 to 1024 [ 523.436604][T16018] [U] [ 523.504773][ T5847] Bluetooth: hci3: command 0x0406 tx timeout [ 523.535941][ T5933] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 523.643740][ T5933] usb 7-1: New USB device found, idVendor=056a, idProduct=00d7, bcdDevice= 0.00 [ 523.652880][ T5933] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 523.725506][ T37] hfsplus: b-tree write err: -5, ino 4 [ 523.745467][ T5933] usb 7-1: config 0 descriptor?? [ 523.843794][T16030] loop0: detected capacity change from 0 to 1024 [ 523.958004][T16030] hfsplus: bad catalog entry type [ 524.198286][ T1072] hfsplus: b-tree write err: -5, ino 4 [ 524.218476][ T5933] hid (null): unknown global tag 0xe [ 524.241078][ T5933] wacom 0003:056A:00D7.002A: unknown main item tag 0x0 [ 524.293755][ T5933] wacom 0003:056A:00D7.002A: unknown global tag 0xe [ 524.336110][ T5933] wacom 0003:056A:00D7.002A: item 0 1 1 14 parsing failed [ 524.363804][ T5933] wacom 0003:056A:00D7.002A: parse failed [ 524.369756][ T5933] wacom 0003:056A:00D7.002A: probe with driver wacom failed with error -22 [ 524.473604][ T5933] usb 7-1: USB disconnect, device number 9 [ 524.495643][T16041] loop2: detected capacity change from 0 to 4096 [ 524.611618][T16041] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 524.653107][T16041] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 524.739041][T16052] loop1: detected capacity change from 0 to 1024 [ 524.747742][T16053] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4352'. [ 524.768138][T16053] netlink: 35 bytes leftover after parsing attributes in process `syz.3.4352'. [ 524.786008][T16040] ntfs3(loop2): ino=1e, "file1" attr_set_size [ 524.803397][T16053] netlink: 'syz.3.4352': attribute type 5 has an invalid length. [ 524.821693][T16052] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback. [ 524.833001][T16053] netlink: 'syz.3.4352': attribute type 6 has an invalid length. [ 524.873324][T16053] netlink: 35 bytes leftover after parsing attributes in process `syz.3.4352'. [ 524.918356][T16052] ext4 filesystem being mounted at /699/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 524.982612][ T1072] ntfs3(loop2): ino=3, ntfs3_write_inode failed, -22. [ 524.991143][ T5827] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 525.009926][ T5827] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 525.018276][T16060] EXT4-fs error (device loop1): ext4_validate_block_bitmap:440: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 525.054768][T16052] EXT4-fs error (device loop1): ext4_validate_block_bitmap:440: comm syz.1.4349: bg 0: block 112: padding at end of block bitmap is not set [ 525.077355][ T5827] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 525.091239][ T1072] ntfs3(loop2): ino=3, ntfs3_write_inode failed, -22. [ 525.121456][T16052] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117 [ 525.177215][T16052] EXT4-fs (loop1): This should not happen!! Data will be lost [ 525.177215][T16052] [ 525.374115][ T37] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 36 with error 117 [ 525.422847][ T37] EXT4-fs (loop1): This should not happen!! Data will be lost [ 525.422847][ T37] [ 525.466557][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 525.557384][T16068] loop6: detected capacity change from 0 to 4096 [ 525.607834][T16068] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 525.945260][T13232] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 526.355562][ T30] usb 2-1: new full-speed USB device number 29 using dummy_hcd [ 526.457303][T16097] loop2: detected capacity change from 0 to 736 [ 526.560630][ T30] usb 2-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 526.599869][ T30] usb 2-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 526.657122][ T30] usb 2-1: config 7 interface 0 altsetting 5 endpoint 0x2 has an invalid bInterval 0, changing to 10 [ 526.678472][T16097] rock: directory entry would overflow storage [ 526.709338][T16097] rock: sig=0x3b10, size=4, remaining=3 [ 526.723890][ T30] usb 2-1: config 7 interface 0 altsetting 5 endpoint 0x2 has invalid wMaxPacketSize 0 [ 526.782012][ T30] usb 2-1: config 7 interface 0 altsetting 5 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 526.841830][ T30] usb 2-1: config 7 interface 0 has no altsetting 0 [ 526.875526][ T30] usb 2-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00 [ 526.902883][T16107] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4374'. [ 526.915720][ T30] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 526.992495][T16109] IPVS: stopping master sync thread 14407 ... [ 527.322886][ T5934] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 527.487686][ T30] input: HID 0458:5010 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:7.0/0003:0458:5010.002B/input/input31 [ 527.513124][ T5934] usb 5-1: Using ep0 maxpacket: 32 [ 527.564398][ T5934] usb 5-1: New USB device found, idVendor=0eef, idProduct=0001, bcdDevice= 0.00 [ 527.573845][ T5934] usb 5-1: New USB device strings: Mfr=0, Product=3, SerialNumber=0 [ 527.592237][ T5934] usb 5-1: Product: syz [ 527.612746][ T5934] usb 5-1: config 0 descriptor?? [ 527.747632][ T31] audit: type=1326 audit(1769990758.660:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16124 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f744079aeb9 code=0x7ffc0000 [ 527.844433][T16123] loop2: detected capacity change from 0 to 1024 [ 527.871327][ T31] audit: type=1326 audit(1769990758.690:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16124 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f744079aeb9 code=0x7ffc0000 [ 527.892800][ T30] kye 0003:0458:5010.002B: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.1-1/input0 [ 527.938024][T16123] hfsplus: bad catalog entry type [ 527.972652][ T5934] input: syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input32 [ 528.012327][ T31] audit: type=1326 audit(1769990758.710:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16124 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f744079aeb9 code=0x7ffc0000 [ 528.026664][ T30] usb 2-1: USB disconnect, device number 29 [ 528.091664][ T5934] usb 5-1: USB disconnect, device number 28 [ 528.148259][ T31] audit: type=1326 audit(1769990758.720:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16124 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f744079aeb9 code=0x7ffc0000 [ 528.249528][ T5942] hfsplus: b-tree write err: -5, ino 4 [ 528.285405][ T31] audit: type=1326 audit(1769990758.720:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16124 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7f744079aeb9 code=0x7ffc0000 [ 528.360138][T16130] fido_id[16130]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory [ 528.377875][T16136] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4386'. [ 528.405933][ T31] audit: type=1326 audit(1769990758.730:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16124 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f744079aeb9 code=0x7ffc0000 [ 528.499902][ T31] audit: type=1326 audit(1769990758.730:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16124 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f744079aeb9 code=0x7ffc0000 [ 529.137003][T16153] loop3: detected capacity change from 0 to 1024 [ 529.214952][T16153] EXT4-fs (loop3): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 529.334467][T16153] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 2: comm syz.3.4396: lblock 2 mapped to illegal pblock 2 (length 1) [ 529.364730][T16164] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4413'. [ 529.422890][T16153] EXT4-fs (loop3): Remounting filesystem read-only [ 529.429492][T16153] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 529.497484][T16153] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 529.544332][T16153] EXT4-fs (loop3): 1 orphan inode deleted [ 529.571358][ T9] usb 3-1: new full-speed USB device number 31 using dummy_hcd [ 529.581595][ T5847] Bluetooth: hci4: command 0x0406 tx timeout [ 529.637604][T16153] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 529.704649][T16172] macsec2: entered promiscuous mode [ 529.709960][T16172] dummy0: entered promiscuous mode [ 529.760407][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 529.780757][ T5930] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 529.789050][T16172] macsec2: entered allmulticast mode [ 529.795816][ T9] usb 3-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00 [ 529.829597][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 529.831787][T16172] dummy0: entered allmulticast mode [ 529.884725][ T5838] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 529.896838][T16176] loop6: detected capacity change from 0 to 64 [ 529.907655][T16172] dummy0: left allmulticast mode [ 529.915638][ T9] usb 3-1: config 0 descriptor?? [ 529.939449][T16172] dummy0: left promiscuous mode [ 529.972791][ T5930] usb 2-1: New USB device found, idVendor=16ca, idProduct=1502, bcdDevice=a9.25 [ 529.990243][ T5930] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 530.017057][ T5930] usb 2-1: Product: syz [ 530.078649][T16176] [ 530.081045][T16176] ====================================================== [ 530.088078][T16176] WARNING: possible circular locking dependency detected [ 530.095123][T16176] syzkaller #0 Tainted: G L [ 530.101131][T16176] ------------------------------------------------------ [ 530.108178][T16176] syz.6.4406/16176 is trying to acquire lock: [ 530.114266][T16176] ffff88803117bb78 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xa6/0xcf0 [ 530.125084][T16176] [ 530.125084][T16176] but task is already holding lock: [ 530.132483][T16176] ffff88807912e0b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x273/0x330 [ 530.142103][T16176] [ 530.142103][T16176] which lock already depends on the new lock. [ 530.142103][T16176] [ 530.152551][T16176] [ 530.152551][T16176] the existing dependency chain (in reverse order) is: [ 530.161604][T16176] [ 530.161604][T16176] -> #1 (&tree->tree_lock/1){+.+.}-{4:4}: [ 530.169619][T16176] __mutex_lock+0x1a2/0x1b90 [ 530.174804][T16176] hfs_find_init+0x273/0x330 [ 530.179986][T16176] hfs_ext_read_extent+0x19d/0x9d0 [ 530.185684][T16176] hfs_extend_file+0x4ff/0xcf0 [ 530.191031][T16176] hfs_bmap_reserve+0x2ab/0x3a0 [ 530.196512][T16176] hfs_cat_create+0x348/0x980 [ 530.201768][T16176] hfs_mkdir+0x6f/0xe0 [ 530.206421][T16176] vfs_mkdir+0x729/0xb50 [ 530.211396][T16176] do_mkdirat+0x435/0x590 [ 530.216324][T16176] __x64_sys_mkdirat+0x112/0x170 [ 530.221853][T16176] do_syscall_64+0xc9/0xf80 [ 530.226947][T16176] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 530.233413][T16176] [ 530.233413][T16176] -> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}: [ 530.242696][T16176] __lock_acquire+0x14b8/0x2630 [ 530.248162][T16176] lock_acquire+0x17c/0x330 [ 530.253279][T16176] __mutex_lock+0x1a2/0x1b90 [ 530.258452][T16176] hfs_extend_file+0xa6/0xcf0 [ 530.263693][T16176] hfs_bmap_reserve+0x2ab/0x3a0 [ 530.269144][T16176] __hfs_ext_write_extent+0x3c4/0x510 [ 530.275059][T16176] hfs_ext_write_extent+0x1b7/0x200 [ 530.280974][T16176] hfs_write_inode+0xce/0xab0 [ 530.286191][T16176] __writeback_single_inode+0xde2/0x13c0 [ 530.292381][T16176] writeback_single_inode+0x4d3/0xf30 [ 530.298315][T16176] write_inode_now+0x174/0x1f0 [ 530.303634][T16176] hfs_file_fsync+0xa7/0x190 [ 530.308764][T16176] vfs_fsync_range+0x142/0x230 [ 530.314063][T16176] generic_file_write_iter+0x30a/0x3d0 [ 530.320067][T16176] vfs_write+0x6ac/0x1070 [ 530.324952][T16176] ksys_write+0x12a/0x250 [ 530.329830][T16176] do_syscall_64+0xc9/0xf80 [ 530.334881][T16176] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 530.341318][T16176] [ 530.341318][T16176] other info that might help us debug this: [ 530.341318][T16176] [ 530.351545][T16176] Possible unsafe locking scenario: [ 530.351545][T16176] [ 530.358989][T16176] CPU0 CPU1 [ 530.364351][T16176] ---- ---- [ 530.369712][T16176] lock(&tree->tree_lock/1); [ 530.374416][T16176] lock(&HFS_I(tree->inode)->extents_lock); [ 530.382933][T16176] lock(&tree->tree_lock/1); [ 530.390156][T16176] lock(&HFS_I(tree->inode)->extents_lock); [ 530.396152][T16176] [ 530.396152][T16176] *** DEADLOCK *** [ 530.396152][T16176] [ 530.404296][T16176] 4 locks held by syz.6.4406/16176: [ 530.409491][T16176] #0: ffff888078a06d38 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2aa/0x380 [ 530.418624][T16176] #1: ffff888021b0a420 (sb_writers#12){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 530.427789][T16176] #2: ffff88803117c3a0 (&sb->s_type->i_mutex_key#42){+.+.}-{4:4}, at: hfs_file_fsync+0x9d/0x190 [ 530.438400][T16176] #3: ffff88807912e0b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x273/0x330 [ 530.448246][T16176] [ 530.448246][T16176] stack backtrace: [ 530.454150][T16176] CPU: 1 UID: 0 PID: 16176 Comm: syz.6.4406 Tainted: G L syzkaller #0 PREEMPT(full) [ 530.454203][T16176] Tainted: [L]=SOFTLOCKUP [ 530.454217][T16176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 530.454242][T16176] Call Trace: [ 530.454254][T16176] [ 530.454269][T16176] dump_stack_lvl+0x100/0x190 [ 530.454320][T16176] print_circular_bug.cold+0x178/0x1c7 [ 530.454387][T16176] check_noncircular+0x146/0x160 [ 530.454444][T16176] ? srso_alias_return_thunk+0x5/0xfbef5 [ 530.454499][T16176] __lock_acquire+0x14b8/0x2630 [ 530.454564][T16176] ? __pfx_stack_trace_save+0x10/0x10 [ 530.454622][T16176] lock_acquire+0x17c/0x330 [ 530.454679][T16176] ? hfs_extend_file+0xa6/0xcf0 [ 530.454719][T16176] ? __pfx___might_resched+0x10/0x10 [ 530.454760][T16176] ? srso_alias_return_thunk+0x5/0xfbef5 [ 530.454804][T16176] ? add_lock_to_list+0x99/0x110 [ 530.454859][T16176] __mutex_lock+0x1a2/0x1b90 [ 530.454909][T16176] ? hfs_extend_file+0xa6/0xcf0 [ 530.454949][T16176] ? hfs_extend_file+0xa6/0xcf0 [ 530.454986][T16176] ? hfs_file_fsync+0xa7/0x190 [ 530.455022][T16176] ? vfs_fsync_range+0x142/0x230 [ 530.455066][T16176] ? __pfx___mutex_lock+0x10/0x10 [ 530.455112][T16176] ? srso_alias_return_thunk+0x5/0xfbef5 [ 530.455155][T16176] ? lock_acquire+0x17c/0x330 [ 530.455211][T16176] ? srso_alias_return_thunk+0x5/0xfbef5 [ 530.455257][T16176] ? __pfx___might_resched+0x10/0x10 [ 530.455298][T16176] ? srso_alias_return_thunk+0x5/0xfbef5 [ 530.455342][T16176] ? trace_contention_end+0xd6/0x110 [ 530.455377][T16176] ? srso_alias_return_thunk+0x5/0xfbef5 [ 530.455420][T16176] ? __mutex_lock+0x26a/0x1b90 [ 530.455469][T16176] ? hfs_extend_file+0xa6/0xcf0 [ 530.455505][T16176] ? srso_alias_return_thunk+0x5/0xfbef5 [ 530.455547][T16176] hfs_extend_file+0xa6/0xcf0 [ 530.455586][T16176] ? __pfx_hfs_extend_file+0x10/0x10 [ 530.455624][T16176] ? srso_alias_return_thunk+0x5/0xfbef5 [ 530.455675][T16176] hfs_bmap_reserve+0x2ab/0x3a0 [ 530.455745][T16176] __hfs_ext_write_extent+0x3c4/0x510 [ 530.455784][T16176] ? hfs_find_init+0x273/0x330 [ 530.455834][T16176] ? srso_alias_return_thunk+0x5/0xfbef5 [ 530.455881][T16176] hfs_ext_write_extent+0x1b7/0x200 [ 530.455921][T16176] ? __pfx_hfs_ext_write_extent+0x10/0x10 [ 530.455964][T16176] ? srso_alias_return_thunk+0x5/0xfbef5 [ 530.456007][T16176] ? mpage_writepages+0x177/0x1e0 [ 530.456068][T16176] ? __mod_zone_page_state+0xe2/0x190 [ 530.456125][T16176] ? __pfx_mpage_writepages+0x10/0x10 [ 530.456183][T16176] hfs_write_inode+0xce/0xab0 [ 530.456227][T16176] ? __pfx_hfs_write_inode+0x10/0x10 [ 530.456267][T16176] ? __lock_acquire+0x4a5/0x2630 [ 530.456331][T16176] ? __pfx_folios_put_refs+0x10/0x10 [ 530.456375][T16176] ? __writeback_single_inode+0x454/0x13c0 [ 530.456433][T16176] ? __writeback_single_inode+0x454/0x13c0 [ 530.456485][T16176] ? srso_alias_return_thunk+0x5/0xfbef5 [ 530.456534][T16176] __writeback_single_inode+0xde2/0x13c0 [ 530.456591][T16176] ? __pfx___writeback_single_inode+0x10/0x10 [ 530.456642][T16176] ? srso_alias_return_thunk+0x5/0xfbef5 [ 530.456685][T16176] ? do_raw_spin_unlock+0x145/0x1e0 [ 530.456727][T16176] ? srso_alias_return_thunk+0x5/0xfbef5 [ 530.456774][T16176] writeback_single_inode+0x4d3/0xf30 [ 530.456831][T16176] ? srso_alias_return_thunk+0x5/0xfbef5 [ 530.456879][T16176] write_inode_now+0x174/0x1f0 [ 530.456932][T16176] ? __pfx_write_inode_now+0x10/0x10 [ 530.457013][T16176] ? srso_alias_return_thunk+0x5/0xfbef5 [ 530.457056][T16176] ? down_write+0x146/0x1f0 [ 530.457105][T16176] ? __pfx_down_write+0x10/0x10 [ 530.457160][T16176] ? __pfx_hfs_file_fsync+0x10/0x10 [ 530.457198][T16176] hfs_file_fsync+0xa7/0x190 [ 530.457237][T16176] vfs_fsync_range+0x142/0x230 [ 530.457275][T16176] ? srso_alias_return_thunk+0x5/0xfbef5 [ 530.457322][T16176] generic_file_write_iter+0x30a/0x3d0 [ 530.457368][T16176] vfs_write+0x6ac/0x1070 [ 530.457429][T16176] ? __pfx_generic_file_write_iter+0x10/0x10 [ 530.457473][T16176] ? __pfx_vfs_write+0x10/0x10 [ 530.457524][T16176] ? find_held_lock+0x2b/0x80 [ 530.457585][T16176] ksys_write+0x12a/0x250 [ 530.457639][T16176] ? __pfx_ksys_write+0x10/0x10 [ 530.457701][T16176] do_syscall_64+0xc9/0xf80 [ 530.457752][T16176] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 530.457789][T16176] RIP: 0033:0x7f172199aeb9 [ 530.457821][T16176] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 530.457859][T16176] RSP: 002b:00007f1722796028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 530.457894][T16176] RAX: ffffffffffffffda RBX: 00007f1721c15fa0 RCX: 00007f172199aeb9 [ 530.457919][T16176] RDX: 0000000000001006 RSI: 0000200000001980 RDI: 0000000000000004 [ 530.457942][T16176] RBP: 00007f1721a08c1f R08: 0000000000000000 R09: 0000000000000000 [ 530.457966][T16176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 530.457990][T16176] R13: 00007f1721c16038 R14: 00007f1721c15fa0 R15: 00007ffcb3a8e278 [ 530.458028][T16176] [ 530.938423][ T5930] usb 2-1: Manufacturer: syz [ 530.943130][ T5930] usb 2-1: SerialNumber: syz [ 530.955158][T16178] loop0: detected capacity change from 0 to 512 [ 530.971789][T16178] EXT4-fs (loop0): Test dummy encryption mode enabled [ 530.978674][T16178] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 531.035435][ T5930] usb 2-1: config 0 descriptor?? [ 531.070107][ T9] hid-picolcd 0003:04D8:C002.002C: No report with id 0x11 found [ 531.085409][T16178] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.4408: bad orphan inode 131083 [ 531.112924][T16178] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 531.209557][ T5807] usb 3-1: USB disconnect, device number 31 [ 531.242095][ T5837] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 531.323929][ T9] usb 2-1: USB disconnect, device number 30 [ 531.660697][ T5847] Bluetooth: hci4: command 0x0406 tx timeout