last executing test programs: 1.987482545s ago: executing program 3 (id=12410): syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000340)='./file1\x00', 0x1804810, &(0x7f0000000100)=ANY=[], 0xf9, 0x6a2, &(0x7f0000001680)="$eJzs3c1vHGcdB/DvbBzHm5bgpkkbUKVajQSIiMSOlYK5EBBCOUSoKgfOVuI0VjZpcVzkVog6vF576B9QDrkgTkjcIxUOXODWG/KxEhKXXmpOi2Z21l7v2u5uXtZO+Xyi9fPMPPM885vfszu7O441Af5vXTmXiQcpcuXc1bVyeeP+fGvj/vztbj3JsSTryUSSRpLis3a7/VFyOSm2hin6ygEfLC+8/vGnG590libqR7V9Y79+fert1vtWr3fXzSQ5UpePYMd41x55vGIr8stJztYlHLijSdo7/Ozvz2619Gju1ntqLDECT1bRed8cMJ0cr1/o5eeA7jtvY7zRDe/YkNv1f4IAAACAp80w34G/vJnNrBUnxhAOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfCGsd+7/367vG1jU9/cvy2ImRff+/5P1utT1w+Xl0TZ/8KTiAAAAAAAAAIAxenkzm1nLie5yu6h+5/9KtXCq+vlM3s7dLGUl57OWxaxmNSuZSzJdd2rU5erK3BA9L/b0LE2uLa6urlwcjG2qd6H+TwlpPr5jBwAAAAAAAIAvkF/lyvbv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DAokiOdIsW9ntXTaUwkmUoyWa5YT/7ZrT/NHhx0AAAAADAGx5LNrOVEd7ld5FSSF6prAFN5O3eymuWsppWlXK+uC3S+9Tc27s+3Nu7P3y4fg+N+/z8jhVGNmM61h933fKbaopkbWa7WnM+1vJlWrqdR9SydqePpjtoT11SSe2VMxfdqQ0Z2vS7LI3+/Ko8MbvTeSAe7lxEvpkxXGTm6lZHZenbKbDzXnZndZqgYNbD+Pc2lsRXsqb49TSaftTvK5u41pDOj5Px4T6C/Gwz46qjxPz79mbjY8+x7Yb+cl77+lz/9dLaujzwHB6z7pK8mNc3BTMz3ZOLFYTJxs3Xn1s0bd889bZkYMFtl4vTW8pX8KD/JuczktaxkOT/PYlazlJn8sKot1pNf9Lzk98jU5R1Lr31eJJP1M7QzWaPF9ErV90SW8+O8metZyqvVv4uZy7dzKZey0DPDp/ef4epM29jjTNv+0q7Bn/1GXWkm+X1dHg5lXp/ryWvvOXe6autds52lk0NkacT3o4mv1pVyH7+uy8OhPxNzPZl4vj8TUzu6/qE6rdxt3bm1cnPxreF2d/L9ulK+jn6bzBzsiWSyr36ynKxqaeezo2x7fte2uart1FZbY6Dt9FZb55W6vucrdbL+DDc40sWq7cVd2+artjM9bbt93gLg0Dv+zeOTzX83/9H8sPmb5s3m1akfHPvOsZcmc/SvR787MXvka42Xij/nw/xy+/s/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw8O6+8+6txVZraaVTmUxSVdrt9ns7m0atTNR7eMjuj1DJzL+eKfe8S1P3dmZjjOcrzybjO/bDWvlvu92u1xR7bPPHvw2RqLmMI+b6RobtJ7iLRpI9mo7WT9KHHHnz8QR/MOcjYHwurN5+68Ldd9791vLtxTeW3li6s3Dp0sLswqVX5y/cWG4tzXZ+HnSUwJOw/aa/W+vU+AMCAAAAAAAAAAAAPtc4/vzjoI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeLpdOZeJBykyN3t+tlzeuD/fKh/d+vaWE0kaSYpfJMVHSbPbMN0zXLHXfj5YXnj94083Ptkea6K7fWO/fsNZrx+ZSXKkU957XONdq8t9FfsdQrF1hJeTnK1LOHD/CwAA//+YkQhW") rmdir(&(0x7f0000000380)='./file1\x00') 1.598280859s ago: executing program 3 (id=12416): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000010000b7080000000000087b8ae8ff00000000b7080000000000107b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000002000000b705000008000000850000005e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0xa, 0xff6, &(0x7f0000001e00)=""/4086, 0x0, 0xe}, 0x94) 1.390866038s ago: executing program 3 (id=12419): r0 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2) ioctl$FE_SET_PROPERTY(r0, 0x40106f52, &(0x7f0000000000)={0x8, &(0x7f00000000c0)=[{0x11}]}) 1.333849893s ago: executing program 2 (id=12421): r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) write$P9_RGETATTR(r0, &(0x7f0000002a80)={0xa0, 0x19, 0x2, {0x1004, {0x8, 0x3, 0x4}, 0x13b, 0x0, 0x0, 0xfffffffffffffff8, 0x8000000000000000, 0x8, 0xfff, 0x4, 0x800, 0x9e5, 0x3ff, 0xffffffffffffffff, 0xff, 0x3ff, 0x101, 0x1000, 0x10001, 0x4}}, 0xa0) 1.200858624s ago: executing program 1 (id=12423): r0 = openat$ubi_ctrl(0xffffff9c, &(0x7f0000000000), 0x403, 0x0) ioctl$sock_TIOCINQ(r0, 0x541b, 0x0) 1.200274094s ago: executing program 3 (id=12424): r0 = socket$inet6(0xa, 0x3, 0xff) bind$inet6(r0, 0x0, 0x0) 1.151651349s ago: executing program 2 (id=12425): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffcb9}]}) syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x3200004, &(0x7f0000000900)={[{}, {}, {@nls={'nls', 0x3d, 'iso8859-7'}}, {@uid}, {@type={'type', 0x3d, "826d7417"}}, {@force}]}, 0x3, 0x6b9, &(0x7f0000000240)="$eJzs3U1sHGcZB/D/bJx1Nkip26ZtQEi1GqmCRiR2ViVBQmpACOUQoQguvVqJ01jZpJXtorRCZAMUJE6cUA8cilA49IQQQionRDkjIXHh5BuHSNw45AAYzezsem1vHDuOvab9/aTJvLPv1zOP52N37GgDfGpdfD2Huyly8dSl2+X2yr12Z+Ve+2a/nGQySSOZ6K1StJLi4+RCeks+W75YD1c8bJ5X739UTLz/Ybu3NVEvVfvGVv02GdmymxwZbBxKMt0r/nvbw24ar1qqca6sjfeYikHcZcJO9hMH47a6SXetsvHI7ts/b4ED607vvrnJVHI0vbtr+T4g9dXh0VeG8dvy2tTdvzgAAABgr4z8LD/sqQd5kNs5tj/hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwCdD0fvOwKJeGv3ydIr+9/83h75TvznmcHfpvWvV6ttPjTsQAAAAAAAAANiVFx/kQW7nWH97tah+5/9StXG8+vczeTtLmc9iTud25rKc5SxmNsnU0EDN23PLy4uzwz2rPxJY+nnKnqurq3fqnmdH9jy7Pq7uxkBH/aXBpkYAAAAAAAAA8Kn1g1xc+/0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcBEVyqLeqluP98lQaE0mOJGkW04PmzbEG+wT8cdwBAAAAwN5r1etjxX97hdWi+sz/fPW5/0jezq0sZyHL6WQ+V6tnAb1P/Y2/dtudlXvtm+WyeeCv/XNHcVQjpvfsYfTMM1WL5wY9Luab+U5OZTqXs5iFfDdzWc58pvONqjSXIlP104uplXut9GPdHO+FdVuXN8b24lC5jO9EFUkr17JQxXY6V5r90Bt1uxNDs/2+mWyY8W6ZneK12jZzdLVel3v0s3p9MExVe354kJGZOvdlNp4ezvvm3O/wONk402wag2dQx9dmKTc3zvRYOT9ar8tc/3hvc77DR2nrM9H9abnVP/qe3zrnyRf/9qfL1xu3bly/tnTq4BxGj2njMdEeysQL28pEp8xEdxeZOLKb+J+cZp2N3lV0Z1fLl6q+x7KQb+XNXM18zmUmszmfmXwlZ9PO2aG8Prd1XqtzrbGzc+3kF+pCeU/6ydC9ad9MPqyizOvTQ3kdvtJNVXXDr6xl6ZltZKloZnSW/j4ylInP1YVyjh8O3XHGb5CJxtq1uR/ds1tn4pf/WU2y1Ll1Y/H63FvbnO/lel2etu+tvzb/6ons0M7Vu1seL8+UP6z0bhvDR0dZ92y/bt2RM1vVHR/Urb/PNZupzude3aPO1HKk5++OGqlX98LIWdpV3YmhunXvcvJmOoN3IQAcYEdfOdps3W/9pfVB60et661LR74+eX7y880c/vPEHw79pvHrxleLV/JBvp9j444UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+CZbeeffGXKczv3gAC2k84QHvjqzqp6L3SvNg7PtWhcP7O+mhnTSe3OqI+m2SLbo3x5HMVpID8DOd62RiH+aazIiqS4NXWkljEE+SGwfkC+6AvXBm+eZbZ5beefdLCzfn3ph/Y/7W2fPnXjvX/vLsnTPXFjrzM71/xx0lsBfW3gaMOxIAAAAAAAAAAABgu3bz3wn+cWl7jUdMW3THsK8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/6eLr+dwN0VmZ07PlNsr99qdcumX11pOJGkkKb6XFB8nF9JbMjU0XPGweV69/9EvXn7/w/baWBP99o0N/X73r9XVHe5Ft14yneRQvX60yW2Nd2VovO4OA+spBntYJuxkP3Ewbv8LAAD///zfBvQ=") 1.078390855s ago: executing program 0 (id=12426): r0 = openat$rdma_cm(0xffffff9c, &(0x7f0000000240), 0x2, 0x0) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r0, &(0x7f00000004c0)={0x5, 0x10, 0xc7, {0x0, 0xffffffffffffffff, 0x1}}, 0x18) 1.027433749s ago: executing program 1 (id=12427): r0 = socket(0xa, 0x1, 0x0) getsockopt(r0, 0x1, 0x2f, &(0x7f0000000380)=""/14, &(0x7f0000000a00)=0xe) 950.361136ms ago: executing program 3 (id=12428): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000140)={'batadv0\x00', &(0x7f0000000000)=@ethtool_stats}) 914.901569ms ago: executing program 0 (id=12429): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8924, &(0x7f0000000140)={'bridge0\x00', 0x1}) 799.655329ms ago: executing program 2 (id=12430): r0 = socket(0x2b, 0x80801, 0x1) ioctl$sock_inet_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000040)) 793.64726ms ago: executing program 3 (id=12431): r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0) write$UHID_INPUT(r0, &(0x7f0000001c40)={0x8, {"45707fe6c13ec0bd03e5ecc69c764fabe1f326e479445fcb5b205f8c3b622124e794bd8e155f4d904619803fd30c7c202046abd5cd2a26aeb32d246533b18dbb112bba54737fa3db4899cfbf40d3f0c487e58766cf9c7b78842142fb94c1a1c94a4b98b0cf1fed922cdbea0b164200d9f958ecd17c75d4b852a384e41367b0298b005bb13c7050e0342de230db20f9a86fe5fff6fff420f03ec7bb88747480857ed08bd7b1c7d178945f1af284d8ca636101edf9c287491e9a33df027ba595b273a8ed5aa6e64d7d3b218b76dc3566398b63e3a8dd3de57079ca6118e08a919f343ead86112d5dea53d5318814f9ddf14081758874653d15a71d0a4b7b18910a03e474208e31ca08e010c28aaa46ecc7c466cb8a06ee6047ca4ae798dc67f6e612afb9aca11097fec86fd5f12ffc6d43e70d749ed8962f2c9d7e88c49cad8b6af5ffca7d38eecafe276f318fdc229937052dee824a11519c054b9716a45703baef71e935632522ac184812313296a6599384899e8015ca5812cd608882ed02e8bc602bb3fb28b7e2bf2128e9fbe97a1e27e074586c6ebb0449ae67c56a96a0b0fcddadb770e57ef7377fed2191d519f222f8a8ce060cbeaa0428c835884f62fca487cd834ad600a5f68c28840878f9f519238abac8ab71c985bd0cdfb5bb1448cb8bb34a59ae512f2deee1f404e0d0c603c615a09be57ef4b94005ee0ef906239d56fa9f310b1be21098ac02db6302c4950496fdbc249d8ffd7cd19e7e26464e712c3184182b57546ae65b77ce55edeae4ee690a0db16b5c26977d36a3369c58ee48588f0ba502f4b584ccfe2e0f60b861930f24db34307ccfb6bf8139b0f8dea88413afc00bcf5582f211348df402e4ae1556627ac3f07dcc77d44d9454ba8eed51139ffdcea61172920c3494ff0d222e6836f8de22d66b10e3875b9b89a48c4ae134e7d81049039d186ea8995b5a289584437c54eb5d03197a7b81e2339f633dbba878eef49eeb85ee34df7789295c5491584af81f8f53487b713becb9a285f674d4c72b188ba6f767ede8ffae64842ecb82b33e799e90f7e977556884664e978e9dc7686c5d1253d4328ac7d95c67258a4fbc267a29b515f09a27a87015756c825f3ce309a2d8b089f2aed4e560d2b154d40ec1fe9cd01ecbfe3b025ff4222891757b376a9cbf325820912f8027ddd963d1ccf549baa912c0cf4817bf1a639dd5b39e56a63d108d914169c72577bc45730e1a9e20529a9f6a8aee9c83da159467c2f77212c1b9eda16804490198a29c61efec362dfa448ffa56a8e120690222f8e56ee6a820feda4173637e34c1aab938637ff82aad4f4f352f12ff9c164a9a7ebaa7a17797764b2bacae18898c33e8c759298eb94db0b8e676b6cc7971e6bd80445472af014f7470656d2566d7ca656acd4135e61dd4545f2d587ea05e6161db82f298bd71d610e50a092b817789473f5da3d32716613a1b09bbda29d501eff30e9993271f20423e74a2a0a1662f99f73c27e855d32796bc68a769e92e2b5d659f2ebd132dc9bfffbf031cd225f7e83e321160b65e55ff38462e8a36a4c533d30302d8102bcb41bec2abab1984b06733d370c2f3363a8d5e30c08f0e74e9e876f72745f574bc80fbe25943896ebe04fe72cfa9de6ee8506ad70c3be65a86eaf4f1fb913821afc85cf985b841d8ca96321dc1a31724f0b599c2ad147713692ecde7238ac87f2f426169bc060281c460f0e1346a92f464ee1f794002d3187a84fc6757f735cbbf42c41a0bb5d99ca04ef3792276491a1232fbcc00f7caf321ac9951a6517eeabaedc207c6b4d9c8f4e5a458d7def6c08a508b66ed3ccae5b544f0b84c9871129c4f6efa804404852993483d06b9227a689cb37a605b43265ca46ebe674073fbca8f83a56856cd6d5cf6e018dea75ca325b2365527888321bc8686069a7dbdc8b22a32c20e07e79eca4f83902a7d02c641bbdbe66a1bc18ff132c770b67964cce6c3800c05a5f0e0253ebd85b825e1c692887e36e4b938ac97507979aa39459ea04070fb078c63c334eabbc1e6444ce1336f98a41045d2a576a049d07368e027b182f6038ad38c3359dd3de78544dc621f9acd4f0540e117162c22e753462c4be2065724c3429b75b4db74e89d84f2795aba986dfc2b1fdcbe98346260cb9748f454a65f4b35b874ac5910184ad0fece39f01cd50663ca2462729f4cfa4e756c0cb6fc397f77c8fdcd7c9e194705e522ca83c625c7fab6ea43aad89db0b6ba71eed901209fc7330e8bc671aff44e5e48502abddc2409b52ece3779d3b19c1832b30abd3f81a9ff0c68fce42ad9c1941f03ce33ed9d37dce98dbe5e1d23519d22087f307e870c82f028e96fef580c4c8c62a32c2776eed31c3d8bddeb43cc53ab8592478253b6de3095d6828bd960989b9ed9879f863d3128f708eebe99f7701823f232444f2ac9830da973b993679e1bb510b2b6939847751cd0d4642d7bb899e21a7c26938fae9f1b149ff19032b5149b4cde635fa99c2160a8cd6f7ad6a5a242b6b31e253e04ea72f1b6f60677ef87fd8e175373c24822a3794134a3124f2e109a59d9db08e48f845254d4b68c42da5b2b2f3c3c528f4281cae4f5117cd0a4658e9ed1dba09656393623fb13fad1cda4eaa602176aba55ba251817017338193512318390fed2a914739050b1a85ca3833f71aa7c4c8fb45158b530c24bd4316f72c9b432a1bd067cd6fc64d646cc06bfbbf990dacb32de9496a8d730cc07171ce548957d435b2f121ea4bb939f70785ebce86f0ad6d89bb71cdc1d0897284ac5d09b95a76ddbfc787a98193b9cbdb1d3ffd89d5f10b9bbb5d41a2a33f73385df351db85c83786db3da558d890f414b21615160dfcb3b46f0958d492bd6d056550c48e5f0c26dd10c1c6ab3b4c6b7d911db5ac463f8e37a8bbcc2295fe79fa109f491a126fff6a1ffe161c7787f746fc8ddea5f19bd20fabca63aa81ae2d725e0b250f27fd7c8431ef6b2827904f62b5ffefc9bfdfb7d55ef6d9883c6ab43c5214b4af237d0df67afcb3d62e80041720952e837e65a22351cb3bf8a9e271568597f79f12144495d31ef72fc36a86e9eb4359790aee88c00b05473ac1a90b8bbe0c0db99570dd9bda506469c258e145841d9c26c9f32722a678cf25657acd124831cfc6a1809e341989b46b6df9db72b18f8be39cd845669bad697bc6bd9bec531047d5fa9e201e1a525c372367f8495280c5d93a62f9fb6f890c59959dcbac7de68e3a417befcd11c722067aac4726e2fdcabce2321ea64d9fbda04ab25dedbcb441faaef2d7bf024fe765591fd0354b2bcaa243a6d741272d4458e433118568944047eeec85d3b0f5b98cbdad0f77371be15af9c1bf928eceb652c581fa638e2131c22d901e6f047a5649ffab5324054389ebeb47ff283e0f0ffe074382e520c632bc440cbeaa68770877516e101709489bcb643b187cb2715e58479074cd32d53077331453fc537d34f87a7ec5e5da686c2f304116394e2bd1e480f5da74a6b725d526b71dc869df8dda3feb44f5463f4c678b6a8be34994ecb0902b3cf269de1adf0da8b8ad340b63a6d0237df7e812b94572adbc196784dfcf33e3e97a17b71a2dad7015fb2d59d4c5838ca551984c7d8ee7bf05ab3edf89029ffd20e373fcb72523bff1e63df721416a068d7b2daa3e17fbba8e831c53e29a94dc483e289cf7406a7b2da28ecc761cf9d847d39b7daa5e34a2a0e4dd19ca5c4a1ab274c7fb9a3057109ec0644579f1af210f8b8133dd87f1abd7c71ac09cfc38699573b35e6d9c5bdaa21f16442b87860e9a7f62ff7c2458160c6a64dc218a258ee06e222e47b3b8e0cf5a5c2d9985f886f32abd129ee056fae9b2e32d0571532eab27fa8f079f9c3e378125f2020064850cfb19c53aa44ad8da6f83a5d827bcb131da9d4dde6e8bd0005ef240c4a02b17051845c35725bd8668c3b27b46355febbf2bf3e5dc5ec650499669cbfe921815396d87b3ede410d492cc73ec7f3a40409eed9358131f1f75e31f24e34af6fc7b6fe2730fd043fd69269d939772e7fef5f2e08b657038a61bc8a8d5688b16029d15aacefe6631a364769d3b9b261bbac584c5ba29b7fbda146fc2ac0f1044f89141a57292b87c7275c6ec6011e5b4b40d1ebc4fc32e7c7ac96aea170225e60c189ed09f8df0a143232bd93c6a9d0fba9783f303b3375b10dde9cd501e68df3734f6278a0389418578834e1912806f07e2fa715bfed4bc707559ee3d4966f51cb652b06b747ae2d79b56759035f01953e76a2dc14c817eb0f97332e68c1d3995dcd84b2329194299944cb2c050991c409fe447ed764a9a3a1182bc30f773b0b415c1898460150c9fec8987c24ba07f87f299d014bd89049b3e9d0c9bf1c6bf159545e52cdfcf9e799b593cb411a3db12396dc9c09ddeddfcb6165a99074e531b7ceddaf344baf2e65225203da537cf09fc073d61d92c13a1c95f93e70050b99850272d0227a89faadfbfae923501b0321984b59229b7dc3c646bf4e381534fcb31783c568deb1a36f95c873df99ccab25446c77d96de6b2c70d5baa5b27786e8027b2f70be117bfdc1b2c6d72a6ab2f9e9a9ce231443d0621448e78393142f90177e7bb52976c668583c64beca45af5ea23a060ec910c6cd89ba7cb9cbbd7627ee56dd2d4d60d994cd63e81f181642b8864afa797aecc22358eea8d059d681a333caa15a8c56918523d465e94668d6ef5f3dcc089bffb13ad76dbf79c44c14f494fda3a55f61c3ed659e20a274297360576fd3230b3e4b7e79ea5b7d78c1def22741a38d17b39c646579d8d5df4cae4eca98d1c0df9371532fe89efc2c375fe433699ee14fcd4cf84495d380663aa10a374dba851536b8159deee491ed2c0e2b920bf7c5627db54562f1ff9c56795245be220391d6b681360fa221efc91faf57d80f15b5e3d881cfa30e1145dbde325c6cc8254938a9eb906d846ec5f76f63443b8f2c50db90b6563900a8f97947c82caec3ce4ee3a5e19fc3324376e4b041b7ed82d9940f7a63f9f962f6d746cb781dbbe16a90649881a77e8ac40677e74d87beadc50df2bc624aa6a707cb50c8ee749db526903f38d706df0201bf503b759d320fa940838ec74c914d0de569ed9ffc6eb2cee026ce22cd50a884bccfadbf503892930c4c4dd7efcb3caaac1695027ed66f3f29c7a1edade721bac0599ff0c400542d31d5dc235ddca7bada9cabcf427e038e5c6a54687b955131c547155036401c7a9a44b3b0437edaa30635b84e37996bcc8594307a6b6bbd8b06daa994cf238925485cd9ace35b3fdfd72788199b6f0570eed2078a4b2f36f511a68566927389ca5ce1c854cb500c2693d7a7917cc8f1215608b7dd2ab22de43a5cc91309a4db2a4c29fdeceaec4a604d13af72a60ea50070626aa6d4cfa418b95edda37a88db5218a1e096436a3551ee712ae137217cd0e941c31e86839e3a9aef8058f5f3196a5006f5a13f3343c0cbf50f9a27c7481e62614a4c51071df6c9a2e0058e534be00c510052e03148c79cc31256359b330c0de91e6130ce741d0472a838463987b9cb80693701825d0af139207f4ff1dc5cb92187170acb8c217f26b1a0544021a8ddce3e31de19b603a5eeca75a7a6234f75d890322a2dca481bc814ba65893cf8e4492094dfe534936a4378e85f680559f4ebce2cccdbea2c0c1e776c4cf50df6b0bc2effcee0f2c76b5c478f9dd02e0eef9399ddf2ba449e03cfd5d33388b0b683c3ce0d301ca1ba4ab", 0x1000}}, 0x1006) 793.08409ms ago: executing program 1 (id=12432): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000015c0)={0x60, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x44, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x1}]}, 0x60}, 0x1, 0x0, 0x0, 0x4041}, 0x0) 691.400989ms ago: executing program 0 (id=12433): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f00000000c0)={0xc}) 591.012408ms ago: executing program 1 (id=12434): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x115}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPVLAN_MODE={0x6}, @IFLA_IPVLAN_FLAGS={0x6, 0x2, 0x3}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x28001}, 0x8000002) 512.571995ms ago: executing program 0 (id=12435): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000780)=@setlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4280}, [@IFLA_IFNAME={0x14, 0x3, 'wlan0\x00'}, @IFLA_MASTER={0x8, 0x3a}, @IFLA_PORT_SELF={0x4}]}, 0x40}}, 0x0) 432.887812ms ago: executing program 2 (id=12436): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000011c0)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x1, 0x0, 0x0, {{0xf}, {0x34, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @remote}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0) 288.857864ms ago: executing program 2 (id=12437): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@newlink={0x4c, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x8097, 0x2021}, [@IFLA_LINKINFO={0x1a, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x3}, @IFLA_VLAN_ID={0x6, 0x1, 0x1}]}}}, @IFLA_LINK={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x8000002) 261.488967ms ago: executing program 0 (id=12438): r0 = syz_open_dev$video4linux(&(0x7f0000000540), 0x0, 0x100) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r0, 0xc040564a, &(0x7f0000000580)={0x91, 0x0, 0x200f, 0x8, 0x5, 0x0, 0xcab}) 250.841698ms ago: executing program 1 (id=12439): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ioctl$FS_IOC_GETFSLABEL(r0, 0x800452d2, 0xffffffffffffffff) 42.226826ms ago: executing program 2 (id=12440): syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x2000400, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6465706167653d63703835322c006fb691d2737b705dc556d65d9df1cb7dba7e22e9401baeb7cec264b4e5364639fd3f79a413496cbbb807f395fd1fa1b9b784390a296f41cd1a0d6fe36ee520f4e84b336e780abd660b52e8e0821bb6db0d3823e1a16d8daa1b5613f213c29a616e2ef7bbce58232e3aa6ed2a6744cf109759d8496b14211ce6643490d484408e16eede91d78ef35b7e90df199605a94fe0527e93cb7b2a98be7d4ddee04c980658d34ab783479a07adc05722c7fc5058352dc1e6ed8f0685e0a3a445d76146412c95e4715118847084a5baa5a7e1eec512c152d9feee0b7cfc2a14a3d980d6a37926d88c7c32c4b2531e78e0c8693ded07ac17c49a8bc4cfe434b818197f66a1cc56b4f14d97aa438500000000000000083020c8347647eda9ce76f38c28d3cd37153352d5efe5785c9f19a9527869f4642d1d29a7ea10e3da51121d309e4a7a7fdaccfa203a1fa4fd61722e386806c161545e2d00c2f6e07081dd61822e8e83bd4f9cab70f728f56f48f597966cc35d2a6d000000004000"/402], 0x1, 0x2f5, &(0x7f00000007c0)="$eJzs3U9v00gYx/Hf2Emb/lHrbbtaaS+76m6l3Uu1XTggLkEoV+6cENCkUkVURFsk4EJAHBEvgDtvgRfBBcQbgBMnXkBvRjOeuE5jOw1tkga+H6lhGM/Yz2BPPI8lagH4aV1vfHpz6Yv9MVKoUNJVKZBUkyqSftVvtYd7h7uH7VYzdw+zyR+h62F/jJKepq/p9l4rbw+2n+shVX1VRRUt+jqMUBzH1z6fpmFn9LFgctzsV2YGeoGd4Mk8dNtrE4htFDrSH5OOYdzCTNkc6UiPtDTBcAAAF4C//wf+NrHoqoyCQNrwt/2puv+HA7YfjSmOMbnc7quKSztk7v9udRcb+0+27DYd53suhbPbg26WeJpgTiwhNaPkyuo5J6Y8q/SxBHM7uxVtbj9TM9Bz1b1MszX32Uwu3a4B0a7n5KYlivdW1Y35ZDS5CVI3pJ3ddsulySfj70irwx3x7Mw788HcMpFeq5mu/yqxsafJnanoxJkKqjb+/4r3uOB62VbyaX+9Xg/621V+90fwBoyyNmAS/6L0AUEnjaAsTnfsFfU+VkhGtzWg12peryj9W0GvtZ5eob8SNrfvt4su+hHqDtG8MjfNur7qrRqZ9X9g49tQZmaWfdUb19JfGcl4ZvJbVlzLqO/OcTxd/kwj8GaHHhukIZ+WvdRdXdHSweMn98J2u7VvC3dyCg8W942vqb6QctuMvhCqpI06xzWx9TSOM23saAv3HI8y+H/PYz/2C9UV7PdHuslOn7xedpalNcG4T9N5F0pO3EQLjfcquyCnpxDHUsGmUX1N4SI5MN2T7ivmJhwQxs2uu0yS/7mVvF/VuRTJfkQl6/SCJHM5LWX2uJVmcL1LwRX3OT9UBrdQnMFljvh/Qc7ocq6//pH+zlQalR4x8nH+IExDH3Wb5/8AAAAAAAAAAAAAAAAAAADTZhz/02DSYwQAAAAAAAAAAAAAAAAAAAAAYNp91/t/835HvHv/b3TW9/86Ee//BcbiWwAAAP//QFh1rQ==") syz_mount_image$exfat(0x0, &(0x7f0000000300)='./bus\x00', 0x448c, 0x0, 0x0, 0x0, &(0x7f0000000300)) 38.640496ms ago: executing program 0 (id=12441): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000380)=0x3) 0s ago: executing program 1 (id=12442): r0 = syz_open_dev$vim2m(&(0x7f0000000340), 0x4000, 0x2) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000080)={0x0, 0x31435750, 0x0, @stepwise={0x5, 0x1, 0x7, 0x8, 0x4}}) kernel console output (not intermixed with test programs): : Product: syz [ 760.648195][ T5801] usb 3-1: Manufacturer: syz [ 760.652857][ T5801] usb 3-1: SerialNumber: syz [ 760.672564][ T5801] usb 3-1: config 0 descriptor?? [ 760.693776][ T5801] hub 3-1:0.132: bad descriptor, ignoring hub [ 760.724490][ T5801] hub: probe of 3-1:0.132 failed with error -5 [ 760.759702][ T5801] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.132/input/input48 [ 761.540870][ T968] usb 3-1: USB disconnect, device number 61 [ 761.720511][ T3653] loop3: detected capacity change from 0 to 136 [ 761.749952][ T3658] xt_NFQUEUE: number of queues (65532) out of range (got 66665) [ 761.809062][ T3653] Symlink component flag not implemented [ 761.931715][ T3664] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 762.052297][ T3670] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 762.070537][ T3670] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 762.080983][ T3670] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 762.095085][ T3670] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 762.112560][ T3670] geneve4: entered promiscuous mode [ 762.135193][ T3670] geneve4: entered allmulticast mode [ 762.191623][ T3670] netdevsim netdevsim0 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 762.225051][ T3670] netdevsim netdevsim0 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 762.234084][ T3670] netdevsim netdevsim0 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 762.265118][ T3670] netdevsim netdevsim0 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 763.609768][ T3758] loop0: detected capacity change from 0 to 128 [ 763.702195][ T3758] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 763.724555][ T3758] FAT-fs (loop0): Filesystem has been set read-only [ 764.003284][ T3781] Non-string source [ 764.066072][ T3739] loop3: detected capacity change from 0 to 32768 [ 764.085144][ T40] usb 3-1: new full-speed USB device number 62 using dummy_hcd [ 764.085960][ T3739] XFS: attr2 mount option is deprecated. [ 764.133934][ T3739] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 764.219387][ T3739] XFS (loop3): Ending clean mount [ 764.251076][ T3739] XFS (loop3): Quotacheck needed: Please wait. [ 764.290458][ T40] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 764.333418][ T40] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 764.385149][ T40] usb 3-1: Product: syz [ 764.400223][ T40] usb 3-1: Manufacturer: syz [ 764.404892][ T40] usb 3-1: SerialNumber: syz [ 764.444121][ T40] usb 3-1: config 0 descriptor?? [ 764.468674][ T40] gspca_main: sq930x-2.14.0 probing 2770:930c [ 764.483464][ T3739] XFS (loop3): Quotacheck: Done. [ 764.666682][ T3817] RDS: rds_bind could not find a transport for 2001::2, load rds_tcp or rds_rdma? [ 764.790517][ T5763] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 764.907233][ T40] gspca_sq930x: ucbus_write failed -71 [ 764.918355][ T40] sq930x: probe of 3-1:0.0 failed with error -71 [ 764.944628][ T40] usb 3-1: USB disconnect, device number 62 [ 766.570789][ T3894] loop0: detected capacity change from 0 to 16 [ 766.587816][ T3894] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 766.635234][ T5801] usb 4-1: new high-speed USB device number 51 using dummy_hcd [ 766.848652][ T5801] usb 4-1: Using ep0 maxpacket: 32 [ 766.868976][ T5801] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 766.903324][ T5801] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 766.922470][ T5801] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 766.955036][ T5801] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 766.975773][ T5801] usb 4-1: Product: syz [ 766.980084][ T5801] usb 4-1: Manufacturer: syz [ 767.001478][ T5801] hub 4-1:4.0: USB hub found [ 767.081268][ T27] kauditd_printk_skb: 7 callbacks suppressed [ 767.081284][ T27] audit: type=1326 audit(2000000388.660:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3925 comm="syz.2.10688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5e19c629 code=0x7ffc0000 [ 767.114397][ T27] audit: type=1326 audit(2000000388.660:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3925 comm="syz.2.10688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5e19c629 code=0x7ffc0000 [ 767.143443][ T27] audit: type=1326 audit(2000000388.720:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3925 comm="syz.2.10688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f2d5e19c629 code=0x7ffc0000 [ 767.173901][ T27] audit: type=1326 audit(2000000388.720:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3925 comm="syz.2.10688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5e19c629 code=0x7ffc0000 [ 767.224225][ T5801] hub 4-1:4.0: config failed, hub has too many ports! (err -19) [ 767.269581][ T27] audit: type=1326 audit(2000000388.720:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3925 comm="syz.2.10688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5e19c629 code=0x7ffc0000 [ 767.409710][ T3933] loop2: detected capacity change from 0 to 8192 [ 767.422015][ T3933] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 767.452650][ T3933] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 767.517153][ T3933] REISERFS (device loop2): using ordered data mode [ 767.523906][ T3933] reiserfs: using flush barriers [ 767.547244][ T3933] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 767.564832][ T3933] REISERFS (device loop2): checking transaction log (loop2) [ 767.573320][ T5801] usb 4-1: USB disconnect, device number 51 [ 767.595184][ T3933] REISERFS (device loop2): Using tea hash to sort names [ 767.602669][ T3933] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 767.605354][ T3947] netlink: 'syz.0.10693': attribute type 5 has an invalid length. [ 769.701837][ T4064] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10732'. [ 769.853714][ T4072] QAT: failed to copy from user cfg_data. [ 770.476111][ T4110] loop0: detected capacity change from 0 to 128 [ 770.666238][ T5820] usb 2-1: new high-speed USB device number 51 using dummy_hcd [ 770.837626][ T4131] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10753'. [ 770.865256][ T5820] usb 2-1: Using ep0 maxpacket: 8 [ 770.887260][ T5820] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 770.909746][ T5820] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 770.931112][ T5820] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 770.951104][ T5820] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 770.963233][ T5820] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 770.993172][ T5820] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 771.015689][ T5820] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 771.102682][ T4115] loop3: detected capacity change from 0 to 32768 [ 771.151858][ T4146] loop2: detected capacity change from 0 to 256 [ 771.187468][ T4146] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010895, chksum : 0x816c887a, utbl_chksum : 0xe619d30d) [ 771.199841][ T40] usb 1-1: new high-speed USB device number 58 using dummy_hcd [ 771.223330][ T4115] find_entry called with index = 0 [ 771.256810][ T4115] read_mapping_page failed! [ 771.265467][ T4115] ERROR: (device loop3): txCommit: [ 771.265467][ T4115] [ 771.326760][ T4115] ERROR: (device loop3): remounting filesystem as read-only [ 771.405706][ T40] usb 1-1: Using ep0 maxpacket: 32 [ 771.439551][ T40] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 771.475599][ T40] usb 1-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 771.505013][ T40] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 771.517320][ T968] usb 2-1: USB disconnect, device number 51 [ 771.545831][ T40] usb 1-1: Product: syz [ 771.550053][ T40] usb 1-1: Manufacturer: syz [ 771.554662][ T40] usb 1-1: SerialNumber: syz [ 771.571406][ T40] usb 1-1: config 0 descriptor?? [ 771.581447][ T40] cdc_ether: probe of 1-1:0.0 failed with error -22 [ 771.600492][ T40] usb 1-1: unsupported MDLM descriptors [ 771.797982][ T4182] tmpfs: Bad value for 'grpquota_block_hardlimit' [ 771.833422][ T968] usb 1-1: USB disconnect, device number 58 [ 772.088002][ T4200] loop3: detected capacity change from 0 to 4096 [ 772.161196][ T4200] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 772.188989][ T4200] UDF-fs: Scanning with blocksize 512 failed [ 772.260433][ T4200] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 772.342954][ T4200] UDF-fs: error (device loop3): udf_fiiter_advance_blk: extent after position 0 not allocated in directory (ino 1328) [ 772.729093][ T4229] loop0: detected capacity change from 0 to 128 [ 772.837409][ T4229] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 773.699480][ T4284] netlink: 'syz.3.10789': attribute type 4 has an invalid length. [ 773.733053][ T4284] netlink: 152 bytes leftover after parsing attributes in process `syz.3.10789'. [ 773.763112][ T4285] loop2: detected capacity change from 0 to 2048 [ 773.772613][ T4284] .`: renamed from bond0 (while UP) [ 773.794740][ T4285] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=27485, location=27485 [ 773.859874][ T4285] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 774.227685][ T4311] loop3: detected capacity change from 0 to 16 [ 774.263542][ T4311] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 774.336134][ T5776] udevd[5776]: incorrect cramfs checksum on /dev/loop3 [ 774.431294][ T5776] udevd[5776]: incorrect cramfs checksum on /dev/loop3 [ 774.485937][ T5820] usb 1-1: new high-speed USB device number 59 using dummy_hcd [ 774.697220][ T5820] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 774.741524][ T5820] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 774.754008][ T5820] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 774.774657][ T5820] usb 1-1: config 1 interface 1 has no altsetting 0 [ 774.812515][ T5820] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 774.816065][ T5802] usb 4-1: new high-speed USB device number 52 using dummy_hcd [ 774.831275][ T5820] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 774.852762][ T5820] usb 1-1: Product: syz [ 774.870593][ T5820] usb 1-1: Manufacturer: syz [ 774.879677][ T5820] usb 1-1: SerialNumber: syz [ 775.027480][ T5802] usb 4-1: config 0 has an invalid interface number: 50 but max is 0 [ 775.036113][ T5802] usb 4-1: config 0 has no interface number 0 [ 775.055106][ T5802] usb 4-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 775.076722][ T5802] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc [ 775.104799][ T5802] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 775.137141][ T5802] usb 4-1: Product: syz [ 775.139525][ T5820] usb 1-1: selecting invalid altsetting 0 [ 775.143555][ T5802] usb 4-1: Manufacturer: syz [ 775.166514][ T5802] usb 4-1: SerialNumber: syz [ 775.172537][ T5820] usb 1-1: selecting invalid altsetting 0 [ 775.192077][ T5820] cdc_ncm 1-1:1.0: bind() failure [ 775.219207][ T5820] usb 1-1: selecting invalid altsetting 0 [ 775.221329][ T5802] usb 4-1: config 0 descriptor?? [ 775.237447][ T5820] cdc_ncm: probe of 1-1:1.1 failed with error -22 [ 775.272093][ T5820] usb 1-1: selecting invalid altsetting 0 [ 775.282102][ T5820] cdc_mbim: probe of 1-1:1.1 failed with error -22 [ 775.289009][ T5802] yurex 4-1:0.50: USB YUREX device now attached to Yurex #0 [ 775.322700][ T4370] loop2: detected capacity change from 0 to 256 [ 775.335684][ T5820] usb 1-1: selecting invalid altsetting 0 [ 775.353491][ T5820] usbtest: probe of 1-1:1.1 failed with error -22 [ 775.375096][ T4370] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 775.427664][ T5820] usb 1-1: USB disconnect, device number 59 [ 775.787622][ T5820] usb 4-1: USB disconnect, device number 52 [ 775.816214][ T5820] yurex 4-1:0.50: USB YUREX #0 now disconnected [ 776.226126][ T4417] loop2: detected capacity change from 0 to 4096 [ 776.668814][ T4438] Timeout policy `syz1' can only be used by L3 protocol number 2561 [ 777.439090][ T4513] loop3: detected capacity change from 0 to 2048 [ 777.443315][ T4505] loop2: detected capacity change from 0 to 4096 [ 777.476023][ T4505] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 777.488976][ T4513] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=66359, location=66359 [ 777.523472][ T4505] ntfs3: loop2: Failed to load $MFT (-2). [ 777.551505][ T4513] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 778.302051][ T4510] loop0: detected capacity change from 0 to 32768 [ 778.493102][ T4510] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 778.666673][ T4573] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10856'. [ 778.724607][ T4510] XFS (loop0): Ending clean mount [ 778.837289][ T5761] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 778.945034][ T5802] usb 2-1: new high-speed USB device number 52 using dummy_hcd [ 779.125132][ T5801] usb 3-1: new high-speed USB device number 63 using dummy_hcd [ 779.145099][ T5802] usb 2-1: Using ep0 maxpacket: 32 [ 779.153362][ T5802] usb 2-1: unable to get BOS descriptor or descriptor too short [ 779.176726][ T5802] usb 2-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 779.197708][ T5802] usb 2-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 779.218614][ T5802] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 779.231883][ T5802] usb 2-1: Product: syz [ 779.233118][ T4593] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10859'. [ 779.236581][ T5802] usb 2-1: Manufacturer: syz [ 779.251293][ T5802] usb 2-1: SerialNumber: syz [ 779.315056][ T5801] usb 3-1: Using ep0 maxpacket: 8 [ 779.322937][ T5801] usb 3-1: unable to get BOS descriptor or descriptor too short [ 779.333034][ T5801] usb 3-1: config 8 has an invalid interface number: 61 but max is 2 [ 779.341536][ T5801] usb 3-1: config 8 has 1 interface, different from the descriptor's value: 3 [ 779.350995][ T5801] usb 3-1: config 8 has no interface number 0 [ 779.365330][ T5801] usb 3-1: config 8 interface 61 altsetting 8 endpoint 0x9 has invalid wMaxPacketSize 0 [ 779.385180][ T5801] usb 3-1: config 8 interface 61 altsetting 8 endpoint 0x5 has invalid wMaxPacketSize 0 [ 779.404864][ T5801] usb 3-1: config 8 interface 61 has no altsetting 0 [ 779.422635][ T5801] usb 3-1: New USB device found, idVendor=057c, idProduct=2200, bcdDevice=e9.1f [ 779.435313][ T5801] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 779.444529][ T4582] loop3: detected capacity change from 0 to 32768 [ 779.447426][ T5801] usb 3-1: Product: syz [ 779.505315][ T5801] usb 3-1: Manufacturer: syz [ 779.509998][ T5801] usb 3-1: SerialNumber: syz [ 779.526679][ T4582] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 779.533835][ T5802] usb 2-1: Invalid number of CPorts: 0 [ 779.545831][ T5802] es2_ap_driver: probe of 2-1:7.0 failed with error -22 [ 779.672599][ T4613] loop0: detected capacity change from 0 to 4096 [ 779.689828][ T4613] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 779.741266][ T5801] bfusb: probe of 3-1:8.61 failed with error -5 [ 779.780839][ T5801] usb 3-1: USB disconnect, device number 63 [ 779.790961][ T4613] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 779.824195][ T5802] usb 2-1: USB disconnect, device number 52 [ 779.856725][ T4582] XFS (loop3): Ending clean mount [ 779.976350][ T5763] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 780.897622][ T4676] netlink: 'syz.2.10875': attribute type 1 has an invalid length. [ 780.910710][ T4676] netlink: 232 bytes leftover after parsing attributes in process `syz.2.10875'. [ 781.015156][ T5820] usb 2-1: new high-speed USB device number 53 using dummy_hcd [ 781.226937][ T5820] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 781.245591][ T5820] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 781.263902][ T5820] usb 2-1: Product: syz [ 781.274021][ T5820] usb 2-1: Manufacturer: syz [ 781.284745][ T5820] usb 2-1: SerialNumber: syz [ 781.341438][ T5820] usb 2-1: config 0 descriptor?? [ 781.589363][ T5820] hso 2-1:0.0: Can't find BULK IN endpoint [ 781.609759][ T5820] usb-storage 2-1:0.0: USB Mass Storage device detected [ 781.826756][ T5820] usb 2-1: USB disconnect, device number 53 [ 781.874637][ T4735] loop3: detected capacity change from 0 to 256 [ 781.913439][ T4735] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x68d18d75, utbl_chksum : 0xe619d30d) [ 782.007219][ T4735] exFAT-fs (loop3): error, invalid access to FAT (entry 0x00000008) bogus content (0x00080000) [ 782.037939][ T4735] exFAT-fs (loop3): Filesystem has been set read-only [ 782.206905][ T4751] netlink: 80 bytes leftover after parsing attributes in process `syz.3.10894'. [ 782.270526][ T4754] ieee802154 phy0 wpan0: encryption failed: -22 [ 782.334476][ T4716] loop2: detected capacity change from 0 to 40427 [ 782.350365][ T4757] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10896'. [ 782.363053][ T4716] F2FS-fs (loop2): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288) [ 782.398147][ T4716] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 782.423688][ T4716] F2FS-fs (loop2): heap/no_heap options were deprecated [ 782.436217][ T4716] F2FS-fs (loop2): invalid crc value [ 782.445197][ T4716] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 782.483693][ T4716] F2FS-fs (loop2): Found nat_bits in checkpoint [ 782.500355][ T4766] netlink: 3 bytes leftover after parsing attributes in process `syz.1.10898'. [ 782.626444][ T4770] loop3: detected capacity change from 0 to 128 [ 782.671750][ T4770] EXT4-fs (loop3): Test dummy encryption mode enabled [ 782.724271][ T4770] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 782.745316][ T4776] ipvlan0: entered promiscuous mode [ 782.765982][ T4770] ext4 filesystem being mounted at /2735/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 782.786356][ T4716] F2FS-fs (loop2): Try to recover 2th superblock, ret: -30 [ 782.793763][ T4716] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 783.006081][ T5763] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 783.415256][ T4801] netlink: 20 bytes leftover after parsing attributes in process `syz.3.10908'. [ 783.973244][ T4834] loop2: detected capacity change from 0 to 256 [ 784.044770][ T4834] FAT-fs (loop2): Directory bread(block 64) failed [ 784.061909][ T4834] FAT-fs (loop2): Directory bread(block 65) failed [ 784.072738][ T4834] FAT-fs (loop2): Directory bread(block 66) failed [ 784.101725][ T4834] FAT-fs (loop2): Directory bread(block 67) failed [ 784.147681][ T4834] FAT-fs (loop2): Directory bread(block 68) failed [ 784.173147][ T4834] FAT-fs (loop2): Directory bread(block 69) failed [ 784.192578][ T4845] netlink: 'syz.1.10922': attribute type 10 has an invalid length. [ 784.201403][ T4834] FAT-fs (loop2): Directory bread(block 70) failed [ 784.214839][ T4845] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 784.219201][ T4834] FAT-fs (loop2): Directory bread(block 71) failed [ 784.232060][ T4845] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 784.241502][ T4834] FAT-fs (loop2): Directory bread(block 72) failed [ 784.248433][ T4845] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 784.264166][ T4834] FAT-fs (loop2): Directory bread(block 73) failed [ 784.265068][ T4845] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 784.629403][ T4865] netlink: 'syz.2.10924': attribute type 1 has an invalid length. [ 784.969164][ T4882] AppArmor: change_hat: Invalid input '' [ 785.001293][ T4880] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10932'. [ 785.044667][ T4886] netlink: 48 bytes leftover after parsing attributes in process `syz.1.10933'. [ 785.392347][ T4861] loop3: detected capacity change from 0 to 32768 [ 785.481649][ T4861] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 785.492341][ T4912] netlink: 168 bytes leftover after parsing attributes in process `syz.0.10939'. [ 785.698947][ T4861] XFS (loop3): Ending clean mount [ 785.745796][ T4861] XFS (loop3): Quotacheck needed: Please wait. [ 785.955185][ T4861] XFS (loop3): Quotacheck: Done. [ 786.130222][ T5763] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 786.456490][ T4957] loop0: detected capacity change from 0 to 2048 [ 786.490674][ T4957] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 786.863197][ T4976] dlm: Unknown command passed to DLM device : 11 [ 786.863197][ T4976] [ 786.879239][ T4975] netlink: 'syz.0.10954': attribute type 5 has an invalid length. [ 787.086721][ T5020] xt_hashlimit: size too large, truncated to 1048576 [ 787.148992][ T5024] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10958'. [ 787.420786][ T5039] gretap1: entered promiscuous mode [ 787.535240][ T8] usb 2-1: new high-speed USB device number 54 using dummy_hcd [ 787.735164][ T8] usb 2-1: Using ep0 maxpacket: 8 [ 787.745152][ T8] usb 2-1: unable to get BOS descriptor or descriptor too short [ 787.764645][ T8] usb 2-1: config 1 has an invalid interface number: 6 but max is 2 [ 787.775123][ T8] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 787.793127][ T8] usb 2-1: config 1 has 4 interfaces, different from the descriptor's value: 3 [ 787.816964][ T8] usb 2-1: config 1 has no interface number 3 [ 787.835152][ T8] usb 2-1: too many endpoints for config 1 interface 6 altsetting 29: 147, using maximum allowed: 30 [ 787.839427][ T5067] loop2: detected capacity change from 0 to 2048 [ 787.855121][ T8] usb 2-1: config 1 interface 6 altsetting 29 has an invalid endpoint descriptor of length 4, skipping [ 787.877364][ T5062] loop0: detected capacity change from 0 to 4096 [ 787.879056][ T8] usb 2-1: config 1 interface 6 altsetting 29 has 1 endpoint descriptor, different from the interface descriptor's value: 147 [ 787.914691][ T5062] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 787.936937][ T5067] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 787.953889][ T8] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 202, changing to 7 [ 787.994583][ T8] usb 2-1: config 1 interface 6 has no altsetting 0 [ 788.018479][ T8] usb 2-1: config 1 interface 1 has no altsetting 0 [ 788.051985][ T8] usb 2-1: string descriptor 0 read error: -22 [ 788.060183][ T5062] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 788.065469][ T8] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 788.105665][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 788.148274][ T8] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor [ 788.187885][ T8] usb 2-1: 2:1: invalid format type 0x1001 is detected, processed as PCM [ 788.209068][ T8] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 788.412114][ T5105] openvswitch: netlink: Actions may not be safe on all matching packets [ 788.742518][ T5802] usb 2-1: USB disconnect, device number 54 [ 788.756652][ T5130] netlink: 'syz.0.10984': attribute type 1 has an invalid length. [ 788.780070][ T5130] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.10984'. [ 789.026940][ T5161] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10989'. [ 789.926519][ T5802] usb 1-1: new full-speed USB device number 60 using dummy_hcd [ 790.079958][ T5226] netlink: 'syz.3.11010': attribute type 1 has an invalid length. [ 790.114473][ T5226] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11010'. [ 790.137382][ T5802] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 790.170057][ T5802] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x61, skipping [ 790.214852][ T5802] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 10 [ 790.242229][ T5802] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 255, setting to 64 [ 790.263729][ T5802] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 790.316085][ T5802] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 790.336222][ T5802] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 790.367385][ T5802] usb 1-1: Manufacturer: syz [ 790.406440][ T5802] usb 1-1: config 0 descriptor?? [ 790.547447][ T5253] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.11018'. [ 790.636512][ T8] usb 1-1: USB disconnect, device number 60 [ 790.760657][ T5270] netlink: 344 bytes leftover after parsing attributes in process `syz.1.11022'. [ 791.747301][ T5322] netlink: 'syz.0.11040': attribute type 21 has an invalid length. [ 791.783662][ T5322] netlink: 132 bytes leftover after parsing attributes in process `syz.0.11040'. [ 792.732325][ T5334] loop0: detected capacity change from 0 to 32768 [ 792.799563][ T5334] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 793.070503][ T5392] loop3: detected capacity change from 0 to 1764 [ 793.164750][ T5392] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 793.207179][ T5761] ocfs2: Unmounting device (7,0) on (node local) [ 793.356815][ T5409] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11064'. [ 793.405264][ T5409] netlink: 20 bytes leftover after parsing attributes in process `syz.0.11064'. [ 793.465470][ T5416] netlink: 248 bytes leftover after parsing attributes in process `syz.1.11068'. [ 793.535229][ T968] usb 3-1: new high-speed USB device number 64 using dummy_hcd [ 793.743098][ T968] usb 3-1: Using ep0 maxpacket: 8 [ 793.757010][ T968] usb 3-1: config 1 has an invalid interface number: 128 but max is 1 [ 793.767577][ T968] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 793.815063][ T968] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 793.834441][ T968] usb 3-1: config 1 has no interface number 0 [ 793.844380][ T968] usb 3-1: config 1 interface 128 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 793.874470][ T968] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 793.891114][ T968] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 793.900965][ T968] usb 3-1: Product: syz [ 793.905536][ T968] usb 3-1: Manufacturer: syz [ 793.910172][ T968] usb 3-1: SerialNumber: syz [ 793.946603][ T968] cdc_wdm 3-1:1.128: skipping garbage [ 793.965041][ T968] cdc_wdm 3-1:1.128: invalid descriptor buffer length [ 793.989775][ T968] cdc_wdm: probe of 3-1:1.128 failed with error -22 [ 794.229577][ T5820] usb 3-1: USB disconnect, device number 64 [ 794.609806][ T5487] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 795.098494][ T5514] netlink: 666 bytes leftover after parsing attributes in process `syz.2.11096'. [ 795.262407][ T5517] loop3: detected capacity change from 0 to 4096 [ 795.297456][ T5517] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 795.395796][ T5517] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 797.279715][ T5635] cgroup: Bad value for 'name' [ 797.311706][ T5601] loop2: detected capacity change from 0 to 32768 [ 797.427614][ T5601] syz.2.11122: attempt to access beyond end of device [ 797.427614][ T5601] loop14: rw=0, sector=8, nr_sectors = 8 limit=0 [ 797.486191][ T5601] lbmIODone: I/O error in JFS log [ 797.495042][ T5601] *** Log Format Error ! *** [ 797.509004][ T5601] lmLogInit: exit(-22) [ 797.513434][ T5601] lmLogOpen: exit(-22) [ 797.795849][ T5656] loop0: detected capacity change from 0 to 8 [ 797.836192][ T5656] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 797.920812][ T5656] cramfs: Error -3 while decompressing! [ 797.985093][ T5656] cramfs: ffffffff973f4348(18)->ffff88805350b000(4096) [ 798.035243][ T5656] cramfs: Error -3 while decompressing! [ 798.064480][ T5656] cramfs: ffffffff973f4348(18)->ffff88805350b000(4096) [ 798.085142][ T40] usb 3-1: new high-speed USB device number 65 using dummy_hcd [ 798.103166][ T27] audit: type=1800 audit(2000000024.919:543): pid=5656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.11141" name="file1" dev="loop0" ino=324 res=0 errno=0 [ 798.291976][ T40] usb 3-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1 [ 798.315091][ T40] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 798.355261][ T40] usb 3-1: Product: syz [ 798.365033][ T40] usb 3-1: Manufacturer: syz [ 798.369703][ T40] usb 3-1: SerialNumber: syz [ 798.406248][ T40] usb 3-1: config 0 descriptor?? [ 798.445660][ T5694] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (2878) [ 798.455587][ T5694] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255 [ 798.644710][ T40] int51x1: probe of 3-1:0.0 failed with error -22 [ 798.673269][ T968] usb 1-1: new high-speed USB device number 61 using dummy_hcd [ 798.849752][ T40] usb 3-1: USB disconnect, device number 65 [ 798.895388][ T968] usb 1-1: Using ep0 maxpacket: 8 [ 798.911622][ T968] usb 1-1: unable to get BOS descriptor or descriptor too short [ 798.927065][ T968] usb 1-1: config 1 has an invalid interface number: 6 but max is 2 [ 798.955194][ T968] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 798.974158][ T968] usb 1-1: config 1 has 4 interfaces, different from the descriptor's value: 3 [ 799.005789][ T968] usb 1-1: config 1 has no interface number 3 [ 799.012344][ T968] usb 1-1: too many endpoints for config 1 interface 6 altsetting 29: 147, using maximum allowed: 30 [ 799.057137][ T968] usb 1-1: config 1 interface 6 altsetting 29 has an invalid endpoint descriptor of length 4, skipping [ 799.081902][ T968] usb 1-1: config 1 interface 6 altsetting 29 has 1 endpoint descriptor, different from the interface descriptor's value: 147 [ 799.115130][ T968] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 202, changing to 7 [ 799.129647][ T968] usb 1-1: config 1 interface 6 has no altsetting 0 [ 799.141550][ T968] usb 1-1: config 1 interface 1 has no altsetting 0 [ 799.156536][ T968] usb 1-1: string descriptor 0 read error: -22 [ 799.162915][ T968] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 799.173217][ T968] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 799.212054][ T968] usb 1-1: 2:1 : no or invalid class specific endpoint descriptor [ 799.241625][ T968] usb 1-1: 2:1: invalid format type 0x1001 is detected, processed as PCM [ 799.254576][ T968] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 799.309023][ T5739] netlink: 28 bytes leftover after parsing attributes in process `syz.1.11161'. [ 799.318668][ T5739] netlink: 28 bytes leftover after parsing attributes in process `syz.1.11161'. [ 799.329340][ T5739] netlink: 52 bytes leftover after parsing attributes in process `syz.1.11161'. [ 799.753173][ T968] usb 1-1: USB disconnect, device number 61 [ 799.785075][ T8] usb 2-1: new high-speed USB device number 55 using dummy_hcd [ 799.995432][ T8] usb 2-1: Using ep0 maxpacket: 32 [ 800.028241][ T8] usb 2-1: New USB device found, idVendor=04e8, idProduct=6601, bcdDevice=81.9b [ 800.045534][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 800.064224][ T8] usb 2-1: Product: syz [ 800.068645][ T8] usb 2-1: Manufacturer: syz [ 800.073287][ T8] usb 2-1: SerialNumber: syz [ 800.091218][ T5840] loop3: detected capacity change from 0 to 4096 [ 800.131278][ T5843] loop2: detected capacity change from 0 to 2048 [ 800.152353][ T5843] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 800.319327][ T8] visor 2-1:1.0: Handspring Visor / Palm OS converter detected [ 800.369419][ T8] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 800.416436][ T8] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 800.544735][ T8] usb 2-1: USB disconnect, device number 55 [ 800.585717][ T8] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 800.654470][ T8] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 800.675220][ T5880] netlink: 'syz.0.11179': attribute type 3 has an invalid length. [ 800.684180][ T5880] netlink: 'syz.0.11179': attribute type 1 has an invalid length. [ 800.703267][ T8] visor 2-1:1.0: device disconnected [ 800.705633][ T5880] netlink: 220 bytes leftover after parsing attributes in process `syz.0.11179'. [ 801.077361][ T5913] loop3: detected capacity change from 0 to 128 [ 801.168835][ T5913] FAT-fs (loop3): Directory bread(block 524322) failed [ 801.192301][ T5913] FAT-fs (loop3): Directory bread(block 524323) failed [ 801.212180][ T5913] FAT-fs (loop3): Directory bread(block 524324) failed [ 801.245031][ T5913] FAT-fs (loop3): Directory bread(block 524325) failed [ 801.262931][ T5913] FAT-fs (loop3): Directory bread(block 524326) failed [ 801.273068][ T5913] FAT-fs (loop3): Directory bread(block 524327) failed [ 801.315123][ T5913] FAT-fs (loop3): Directory bread(block 524328) failed [ 801.322080][ T5913] FAT-fs (loop3): Directory bread(block 524329) failed [ 801.417778][ T5926] loop0: detected capacity change from 0 to 2048 [ 801.461442][ T5931] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 801.546820][ T5926] CPU: 1 PID: 5926 Comm: syz.0.11190 Not tainted syzkaller #0 [ 801.555213][ T5926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 801.565308][ T5926] Call Trace: [ 801.568614][ T5926] [ 801.571564][ T5926] dump_stack_lvl+0x18c/0x250 [ 801.576289][ T5926] ? rcu_is_watching+0x15/0xb0 [ 801.581095][ T5926] ? show_regs_print_info+0x20/0x20 [ 801.586347][ T5926] nilfs_btree_last_key+0x4e6/0x660 [ 801.591593][ T5926] nilfs_bmap_last_key+0x74/0x120 [ 801.596653][ T5926] nilfs_truncate_bmap+0x109/0x320 [ 801.601805][ T5926] ? nilfs_update_inode+0x1d0/0x1d0 [ 801.607030][ T5926] ? block_truncate_page+0x168/0x9f0 [ 801.612323][ T5926] ? nilfs_inode_sub_blocks+0xe0/0xe0 [ 801.617702][ T5926] nilfs_truncate+0x276/0x4c0 [ 801.622387][ T5926] ? nilfs_write_failed+0xa0/0xa0 [ 801.627427][ T5926] nilfs_setattr+0x211/0x2c0 [ 801.632022][ T5926] ? nilfs_clear_inode+0x280/0x280 [ 801.637142][ T5926] ? is_bad_inode+0xd/0x40 [ 801.641556][ T5926] ? evm_inode_setattr+0x94/0x6a0 [ 801.646581][ T5926] ? bpf_lsm_inode_setattr+0x9/0x10 [ 801.651772][ T5926] ? try_break_deleg+0x79/0x120 [ 801.656617][ T5926] ? nilfs_clear_inode+0x280/0x280 [ 801.661731][ T5926] notify_change+0xb0d/0xe10 [ 801.666327][ T5926] do_truncate+0x1b0/0x240 [ 801.670744][ T5926] ? put_page_bootmem+0x2c0/0x2c0 [ 801.675776][ T5926] ? bpf_lsm_path_truncate+0x9/0x10 [ 801.681062][ T5926] vfs_truncate+0x266/0x300 [ 801.685591][ T5926] do_sys_truncate+0xf6/0x1c0 [ 801.690265][ T5926] ? lock_chain_count+0x20/0x20 [ 801.695225][ T5926] ? break_lease+0xd0/0xd0 [ 801.699646][ T5926] ? lockdep_hardirqs_on+0x98/0x150 [ 801.704849][ T5926] do_syscall_64+0x55/0xa0 [ 801.709270][ T5926] ? clear_bhb_loop+0x40/0x90 [ 801.713948][ T5926] ? clear_bhb_loop+0x40/0x90 [ 801.718623][ T5926] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 801.724531][ T5926] RIP: 0033:0x7f349c19c629 [ 801.728955][ T5926] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 801.748577][ T5926] RSP: 002b:00007f349d099028 EFLAGS: 00000246 ORIG_RAX: 000000000000004c [ 801.756995][ T5926] RAX: ffffffffffffffda RBX: 00007f349c415fa0 RCX: 00007f349c19c629 [ 801.764965][ T5926] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000200 [ 801.772934][ T5926] RBP: 00007f349c232b39 R08: 0000000000000000 R09: 0000000000000000 [ 801.780902][ T5926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 801.788870][ T5926] R13: 00007f349c416038 R14: 00007f349c415fa0 R15: 00007fffd3eba038 [ 801.796855][ T5926] [ 801.835207][ T5934] ieee802154 phy0 wpan0: encryption failed: -22 [ 801.892573][ T5926] NILFS (loop0): btree level mismatch (ino=16): 1 != 7 [ 801.927787][ T5926] NILFS error (device loop0): nilfs_bmap_last_key: broken bmap (inode number=16) [ 801.975131][ T5926] Remounting filesystem read-only [ 802.035013][ T5926] NILFS (loop0): error -5 truncating bmap (ino=16) [ 802.094749][ T5761] NILFS (loop0): discard dirty page: offset=4096, ino=6 [ 802.117685][ T5761] NILFS (loop0): discard dirty block: blocknr=39, size=1024 [ 802.128368][ T5916] loop2: detected capacity change from 0 to 32768 [ 802.143630][ T5761] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 802.183511][ T5761] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 802.206776][ T5761] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 802.218055][ T5761] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 802.290846][ T5916] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 802.510883][ T5955] netlink: 156 bytes leftover after parsing attributes in process `syz.3.11197'. [ 802.535976][ T5760] ocfs2: Unmounting device (7,2) on (node local) [ 802.694406][ T5959] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11199'. [ 803.852366][ T5979] loop0: detected capacity change from 0 to 32768 [ 803.900853][ T5979] ERROR: (device loop0): dbAllocAG: Corrupt dmapctl page [ 803.900853][ T5979] [ 803.939491][ T5979] ERROR: (device loop0): remounting filesystem as read-only [ 803.987997][ T6018] loop3: detected capacity change from 0 to 8 [ 804.043694][ T6018] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 804.112902][ T6018] cramfs: Error -3 while decompressing! [ 804.140167][ T6018] cramfs: ffffffff973f8348(18)->ffff88805a34a000(4096) [ 804.175156][ T6018] cramfs: Error -3 while decompressing! [ 804.191182][ T6018] cramfs: ffffffff973f8348(18)->ffff88805a34a000(4096) [ 804.213791][ T27] audit: type=1800 audit(2000000031.039:544): pid=6018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.11216" name="file1" dev="loop3" ino=324 res=0 errno=0 [ 804.215168][ T6029] comedi comedi1: dt2801: I/O port conflict (0x21,2) [ 804.701050][ T6046] loop3: detected capacity change from 0 to 256 [ 804.736131][ T6046] exfat: Deprecated parameter 'namecase' [ 804.741890][ T6046] exfat: Deprecated parameter 'namecase' [ 804.884816][ T6046] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 805.421305][ T6044] loop0: detected capacity change from 0 to 32768 [ 805.494148][ T27] audit: type=1326 audit(2000000032.319:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6070 comm="syz.3.11238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 805.526684][ T6044] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 805.601886][ T27] audit: type=1326 audit(2000000032.349:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6070 comm="syz.3.11238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 805.624278][ C0] vkms_vblank_simulate: vblank timer overrun [ 805.662417][ T6044] XFS (loop0): Ending clean mount [ 805.670374][ T6044] XFS (loop0): Quotacheck needed: Please wait. [ 805.719012][ T27] audit: type=1326 audit(2000000032.359:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6070 comm="syz.3.11238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 805.720356][ T6050] loop2: detected capacity change from 0 to 40427 [ 805.741397][ C0] vkms_vblank_simulate: vblank timer overrun [ 805.777751][ T27] audit: type=1326 audit(2000000032.359:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6070 comm="syz.3.11238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 805.823841][ T6050] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 805.852159][ T6050] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 805.895080][ T27] audit: type=1326 audit(2000000032.359:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6070 comm="syz.3.11238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 805.917811][ T6044] XFS (loop0): Quotacheck: Done. [ 805.966563][ T6050] F2FS-fs (loop2): invalid crc value [ 805.982279][ T27] audit: type=1326 audit(2000000032.729:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6088 comm="syz.3.11232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 806.004729][ C0] vkms_vblank_simulate: vblank timer overrun [ 806.037278][ T6050] F2FS-fs (loop2): Found nat_bits in checkpoint [ 806.115131][ T27] audit: type=1326 audit(2000000032.729:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6088 comm="syz.3.11232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 806.137689][ C0] vkms_vblank_simulate: vblank timer overrun [ 806.143980][ T5761] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 806.216664][ T27] audit: type=1326 audit(2000000032.769:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6088 comm="syz.3.11232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 806.239076][ C0] vkms_vblank_simulate: vblank timer overrun [ 806.287990][ T27] audit: type=1326 audit(2000000032.769:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6088 comm="syz.3.11232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 806.328606][ T6050] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 806.356998][ T6050] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 806.620915][ T79] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 806.651878][ T79] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 806.809944][ T5801] usb 4-1: new high-speed USB device number 53 using dummy_hcd [ 807.035399][ T5801] usb 4-1: Using ep0 maxpacket: 8 [ 807.042919][ T5801] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 807.072513][ T5801] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 807.116188][ T5801] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 807.144203][ T5801] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 807.173248][ T5801] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 807.211663][ T5801] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 807.241779][ T5801] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 807.268237][ T5801] usb 4-1: config 0 descriptor?? [ 807.274397][ T6108] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 807.719911][ T5767] Bluetooth: hci4: Opcode 0x0c03 failed: -71 [ 807.734525][ T968] usb 4-1: USB disconnect, device number 53 [ 808.165374][ T5801] usb 3-1: new high-speed USB device number 66 using dummy_hcd [ 808.376397][ T5801] usb 3-1: config 1 has an invalid interface number: 28 but max is 0 [ 808.384772][ T5801] usb 3-1: config 1 has no interface number 0 [ 808.410785][ T5801] usb 3-1: config 1 interface 28 altsetting 2 endpoint 0x4 has invalid wMaxPacketSize 0 [ 808.429272][ T5801] usb 3-1: config 1 interface 28 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 0 [ 808.452917][ T5801] usb 3-1: config 1 interface 28 altsetting 2 bulk endpoint 0x81 has invalid maxpacket 64 [ 808.493158][ T5801] usb 3-1: config 1 interface 28 has no altsetting 0 [ 808.504045][ T5801] usb 3-1: New USB device found, idVendor=045e, idProduct=0473, bcdDevice=e4.34 [ 808.518798][ T5801] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 808.567523][ T5801] usb 3-1: Product: syz [ 808.571977][ T5801] usb 3-1: Manufacturer: syz [ 808.586097][ T5801] usb 3-1: SerialNumber: syz [ 808.597619][ T6176] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 808.631224][ T5801] ipaq 3-1:1.28: PocketPC PDA converter detected [ 808.967672][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.974461][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 808.992417][ T5801] usb 3-1: PocketPC PDA converter now attached to ttyUSB0 [ 809.034608][ T6216] loop0: detected capacity change from 0 to 4096 [ 809.043958][ T6223] binder: 6214:6223 ioctl c018620c 0 returned -14 [ 809.074236][ T6216] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 809.172516][ T6216] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 809.183001][ T40] usb 3-1: USB disconnect, device number 66 [ 809.222009][ T40] ipaq ttyUSB0: PocketPC PDA converter now disconnected from ttyUSB0 [ 809.256410][ T40] ipaq 3-1:1.28: device disconnected [ 809.403748][ T6245] ieee802154 phy0 wpan0: encryption failed: -22 [ 810.020727][ T6276] loop3: detected capacity change from 0 to 2048 [ 810.055511][ T6282] netlink: 'syz.0.11281': attribute type 10 has an invalid length. [ 810.087840][ T6282] bridge0: port 2(bridge_slave_1) entered disabled state [ 810.127867][ T6276] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 810.148358][ T6282] bridge0: port 2(bridge_slave_1) entered blocking state [ 810.156162][ T6282] bridge0: port 2(bridge_slave_1) entered forwarding state [ 810.230317][ T6282] team0: Port device bridge0 added [ 810.673974][ T6311] netlink: 'syz.2.11289': attribute type 9 has an invalid length. [ 810.687800][ T6311] netlink: 154020 bytes leftover after parsing attributes in process `syz.2.11289'. [ 811.104767][ T6332] loop0: detected capacity change from 0 to 2048 [ 811.128714][ T6332] EXT4-fs: Ignoring removed nomblk_io_submit option [ 811.141962][ T6332] EXT4-fs: Ignoring removed nobh option [ 811.240888][ T6332] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 811.243078][ T6338] loop2: detected capacity change from 0 to 4096 [ 811.274972][ T6338] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 811.357973][ T6338] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 811.366950][ T6332] EXT4-fs error (device loop0): empty_inline_dir:1867: inode #12: block 5: comm syz.0.11302: bad entry in directory: directory entry overrun - offset=4, inode=13, rec_len=7952, size=60 fake=0 [ 811.464515][ T6332] EXT4-fs (loop0): Remounting filesystem read-only [ 811.502353][ T6332] EXT4-fs warning (device loop0): empty_inline_dir:1874: bad inline directory (dir #12) - inode 13, rec_len 7952, name_len 0inline size 60 [ 811.697359][ T5761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 811.743777][ T6358] loop3: detected capacity change from 0 to 4096 [ 811.848950][ T6358] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 811.893647][ T6358] ntfs3: loop3: Failed to load $Extend (-22). [ 811.916034][ T6358] ntfs3: loop3: Failed to initialize $Extend. [ 812.423897][ T6396] xt_l2tp: missing protocol rule (udp|l2tpip) [ 812.487489][ T6390] loop0: detected capacity change from 0 to 4096 [ 812.525151][ T6390] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 812.547182][ T6391] loop2: detected capacity change from 0 to 4096 [ 812.576788][ T6391] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 812.604402][ T6403] binfmt_misc: register: failed to install interpreter file ./file0 [ 812.685315][ T6390] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 812.721303][ T6391] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 813.262870][ T6427] netlink: 148 bytes leftover after parsing attributes in process `syz.3.11320'. [ 813.319801][ T6427] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 813.388998][ T6428] loop2: detected capacity change from 0 to 4096 [ 813.518631][ T6428] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 813.556847][ T6428] ntfs3: loop2: Failed to load $Extend (-22). [ 813.592512][ T6428] ntfs3: loop2: Failed to initialize $Extend. [ 813.846908][ T6459] netlink: 'syz.3.11329': attribute type 10 has an invalid length. [ 813.855909][ T6455] netlink: 'syz.0.11330': attribute type 2 has an invalid length. [ 813.871590][ T6459] bridge0: port 1(netdevsim2) entered disabled state [ 813.891418][ T6459] bridge0: port 1(netdevsim2) entered blocking state [ 813.900706][ T6459] bridge0: port 1(netdevsim2) entered forwarding state [ 813.958260][ T5801] usb 2-1: new high-speed USB device number 56 using dummy_hcd [ 814.045858][ T6465] loop2: detected capacity change from 0 to 1024 [ 814.047504][ T6459] team0: Port device bridge0 added [ 814.175242][ T5801] usb 2-1: Using ep0 maxpacket: 8 [ 814.188952][ T5801] usb 2-1: config 2 has an invalid interface number: 31 but max is 0 [ 814.198042][ T5801] usb 2-1: config 2 has no interface number 0 [ 814.204204][ T5801] usb 2-1: config 2 interface 31 has no altsetting 0 [ 814.255090][ T5801] usb 2-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f [ 814.274411][ T5801] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 814.293005][ T5801] usb 2-1: Product: syz [ 814.308249][ T5801] usb 2-1: Manufacturer: syz [ 814.313006][ T5801] usb 2-1: SerialNumber: syz [ 814.772704][ T5801] ch9200: probe of 2-1:2.31 failed with error -22 [ 814.794908][ T5801] usb 2-1: USB disconnect, device number 56 [ 815.098728][ T6505] loop0: detected capacity change from 0 to 4096 [ 815.137743][ T6505] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 815.145732][ T6505] ntfs3: loop0: Failed to load $Extend (-22). [ 815.152079][ T6505] ntfs3: loop0: Failed to initialize $Extend. [ 815.255068][T24920] usb 3-1: new high-speed USB device number 67 using dummy_hcd [ 815.376269][ T968] usb 4-1: new high-speed USB device number 54 using dummy_hcd [ 815.457117][T24920] usb 3-1: config 220 has an invalid interface number: 76 but max is 2 [ 815.475021][T24920] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 815.501957][T24920] usb 3-1: config 220 has no interface number 2 [ 815.502618][ T6529] loop0: detected capacity change from 0 to 4096 [ 815.520346][T24920] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 815.564490][T24920] usb 3-1: config 220 interface 0 has no altsetting 0 [ 815.573008][T24920] usb 3-1: config 220 interface 76 has no altsetting 0 [ 815.590039][T24920] usb 3-1: config 220 interface 1 has no altsetting 0 [ 815.609046][ T968] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 815.628621][T24920] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 815.636142][ T968] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 815.647462][T24920] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 815.666160][T24920] usb 3-1: Product: syz [ 815.670659][ T968] usb 4-1: Product: syz [ 815.674853][ T968] usb 4-1: Manufacturer: syz [ 815.684178][T24920] usb 3-1: Manufacturer: syz [ 815.690058][ T968] usb 4-1: SerialNumber: syz [ 815.695436][T24920] usb 3-1: SerialNumber: syz [ 815.745283][ T968] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 815.780433][ T5802] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 815.955719][T24920] usb 3-1: selecting invalid altsetting 0 [ 815.984796][T24920] usb 3-1: Found UVC 7.01 device syz (8086:0b07) [ 816.001678][T24920] usb 3-1: No valid video chain found. [ 816.026849][T24920] usb 3-1: selecting invalid altsetting 0 [ 816.043565][T24920] usbtest: probe of 3-1:220.1 failed with error -22 [ 816.096826][T24920] usb 3-1: USB disconnect, device number 67 [ 816.211621][ T5801] usb 4-1: USB disconnect, device number 54 [ 816.217277][ C1] dummy_hcd dummy_hcd.3: timer fired with no URBs pending? [ 816.328782][ T6568] usb usb8: usbfs: process 6568 (syz.1.11352) did not claim interface 0 before use [ 816.436649][ T6576] netlink: 'syz.1.11354': attribute type 10 has an invalid length. [ 816.452151][ T6576] bridge0: port 2(bridge_slave_1) entered disabled state [ 816.459717][ T6576] bridge0: port 1(bridge_slave_0) entered disabled state [ 816.487590][ T6576] bridge0: port 2(bridge_slave_1) entered blocking state [ 816.495376][ T6576] bridge0: port 2(bridge_slave_1) entered forwarding state [ 816.505254][ T6576] bridge0: port 1(bridge_slave_0) entered blocking state [ 816.514480][ T6576] bridge0: port 1(bridge_slave_0) entered forwarding state [ 816.599341][ T6576] team0: Port device bridge0 added [ 816.719356][ T6588] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11358'. [ 816.729191][ T6588] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11358'. [ 816.851079][ T5802] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 816.869820][ T5802] ath9k_htc: Failed to initialize the device [ 816.888773][ T6597] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11360'. [ 816.897912][ T5801] usb 4-1: ath9k_htc: USB layer deinitialized [ 816.898471][ T6597] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11360'. [ 816.915386][T24920] usb 3-1: new high-speed USB device number 68 using dummy_hcd [ 816.962199][ T6601] loop0: detected capacity change from 0 to 512 [ 816.992731][ T6601] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 817.020966][ T6601] EXT4-fs (loop0): orphan cleanup on readonly fs [ 817.052372][ T6601] __quota_error: 1 callbacks suppressed [ 817.052390][ T6601] Quota error (device loop0): find_block_dqentry: Quota for id 0 referenced but not present [ 817.105227][ T6601] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 817.114725][ T6601] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.11362: Failed to acquire dquot type 1 [ 817.130195][T24920] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 817.143794][T24920] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 817.153679][ T6601] EXT4-fs (loop0): Remounting filesystem read-only [ 817.163120][ T6601] EXT4-fs (loop0): 1 truncate cleaned up [ 817.173668][T24920] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 817.186771][ T6601] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 817.218577][T24920] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 817.248202][T24920] usb 3-1: config 0 descriptor?? [ 817.384412][ T5761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 817.474523][T24920] usbhid 3-1:0.0: can't add hid device: -71 [ 817.493335][T24920] usbhid: probe of 3-1:0.0 failed with error -71 [ 817.544336][T24920] usb 3-1: USB disconnect, device number 68 [ 818.123725][ T6668] loop0: detected capacity change from 0 to 64 [ 818.153363][ T6668] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing [ 818.226099][ T968] usb 4-1: new high-speed USB device number 55 using dummy_hcd [ 818.314831][ T6677] netlink: 14 bytes leftover after parsing attributes in process `syz.1.11381'. [ 818.435320][ T968] usb 4-1: Using ep0 maxpacket: 32 [ 818.448381][ T968] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 818.460357][ T968] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 818.479994][ T968] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 818.519836][ T968] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 818.533051][ T968] usb 4-1: Product: syz [ 818.539913][ T968] usb 4-1: Manufacturer: syz [ 818.546375][ T6677] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 818.570645][ T968] hub 4-1:4.0: USB hub found [ 818.621701][ T6677] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 818.637863][ T6677] bond0 (unregistering): Released all slaves [ 818.793307][ T968] hub 4-1:4.0: 5 ports detected [ 818.805574][ T968] hub 4-1:4.0: insufficient power available to use all downstream ports [ 818.995715][ T968] hub 4-1:4.0: hub_hub_status failed (err = -71) [ 819.002248][ T968] hub 4-1:4.0: config failed, can't get hub status (err -71) [ 819.096457][ T968] usb 4-1: USB disconnect, device number 55 [ 819.179351][ T6715] xfrm0 speed is unknown, defaulting to 1000 [ 819.589061][ T6723] loop2: detected capacity change from 0 to 32768 [ 819.759600][ T6723] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 820.239636][ T5760] ocfs2: Unmounting device (7,2) on (node local) [ 820.583611][ T6801] netlink: 'syz.2.11406': attribute type 11 has an invalid length. [ 820.770520][ T6812] netlink: 24 bytes leftover after parsing attributes in process `syz.2.11409'. [ 820.988612][ T6829] netlink: 'syz.2.11413': attribute type 1 has an invalid length. [ 821.008070][ T6829] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11413'. [ 821.287051][ T6839] loop3: detected capacity change from 0 to 4096 [ 821.334232][ T6839] ntfs: (device loop3): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1. [ 821.467027][ T6839] ntfs: volume version 3.1. [ 821.732729][ T27] audit: type=1326 audit(2000000048.559:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6856 comm="syz.2.11422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5e19c629 code=0x7ffc0000 [ 821.760241][ T27] audit: type=1326 audit(2000000048.559:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6856 comm="syz.2.11422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5e19c629 code=0x7ffc0000 [ 821.845920][ T27] audit: type=1326 audit(2000000048.589:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6856 comm="syz.2.11422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7f2d5e19c629 code=0x7ffc0000 [ 821.906034][ T27] audit: type=1326 audit(2000000048.589:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6856 comm="syz.2.11422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5e19c629 code=0x7ffc0000 [ 822.009505][ T27] audit: type=1326 audit(2000000048.589:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6856 comm="syz.2.11422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5e19c629 code=0x7ffc0000 [ 823.344607][ T6942] ip6gre4: entered promiscuous mode [ 823.469044][ T6947] loop3: detected capacity change from 0 to 2048 [ 823.523071][ T6947] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=2362, location=2362 [ 823.575594][ T6947] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 823.602421][ T6947] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 823.639907][ T6947] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 823.975201][T24920] usb 1-1: new high-speed USB device number 62 using dummy_hcd [ 824.176886][T24920] usb 1-1: config 1 has an invalid interface number: 213 but max is 0 [ 824.191975][T24920] usb 1-1: config 1 has no interface number 0 [ 824.211057][T24920] usb 1-1: config 1 interface 213 has no altsetting 0 [ 824.230469][T24920] usb 1-1: New USB device found, idVendor=0499, idProduct=5002, bcdDevice=2a.7a [ 824.244808][T24920] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 824.258719][T24920] usb 1-1: Product: syz [ 824.269489][T24920] usb 1-1: Manufacturer: 濦턁닫鼮㴩횠茶瞤歜ง๡䳲敯𿌼 [ 824.280599][T24920] usb 1-1: SerialNumber: syz [ 824.346074][ T27] audit: type=1326 audit(2000000051.179:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6985 comm="syz.2.11460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5e19c629 code=0x7ffc0000 [ 824.423171][ T27] audit: type=1326 audit(2000000051.179:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6985 comm="syz.2.11460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5e19c629 code=0x7ffc0000 [ 824.473176][ T27] audit: type=1326 audit(2000000051.179:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6985 comm="syz.2.11460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f2d5e19c629 code=0x7ffc0000 [ 824.498982][ T27] audit: type=1326 audit(2000000051.179:563): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=6985 comm="syz.2.11460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5e19c629 code=0x7ffc0000 [ 824.537069][T24920] usb 1-1: Quirk or no altest; falling back to MIDI 1.0 [ 824.567070][ T6990] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11461'. [ 824.585295][ T27] audit: type=1326 audit(2000000051.179:564): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=6985 comm="syz.2.11460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d5e19c629 code=0x7ffc0000 [ 824.634038][T24920] snd-usb-audio: probe of 1-1:1.213 failed with error -2 [ 824.661722][T24920] usb 1-1: USB disconnect, device number 62 [ 824.710199][ T5776] udevd[5776]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.213/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 824.835542][ T7009] netlink: 'syz.1.11463': attribute type 1 has an invalid length. [ 824.843797][ T7009] netlink: 224 bytes leftover after parsing attributes in process `syz.1.11463'. [ 825.367920][ T7046] loop2: detected capacity change from 0 to 64 [ 825.985925][ T7079] netlink: 'syz.1.11482': attribute type 3 has an invalid length. [ 826.016422][ T7079] netlink: 'syz.1.11482': attribute type 1 has an invalid length. [ 826.024310][ T7079] netlink: 216 bytes leftover after parsing attributes in process `syz.1.11482'. [ 826.066639][ T7079] NCSI netlink: No device for ifindex 33022 [ 826.217966][ T7099] netlink: 14 bytes leftover after parsing attributes in process `syz.0.11487'. [ 826.381145][ T7099] bond0 (unregistering): (slave 30): Releasing backup interface [ 826.413193][ T7108] loop3: detected capacity change from 0 to 2048 [ 826.438456][ T7099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 826.440408][ T7108] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 826.485811][ T7099] bond0 (unregistering): Released all slaves [ 826.545584][ T5802] usb 2-1: new high-speed USB device number 57 using dummy_hcd [ 826.735134][ T5802] usb 2-1: Using ep0 maxpacket: 16 [ 826.769726][ T5802] usb 2-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 826.795130][ T5802] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 826.809343][ T5802] usb 2-1: Product: syz [ 826.813672][ T5802] usb 2-1: Manufacturer: syz [ 826.818916][ T5802] usb 2-1: SerialNumber: syz [ 826.860274][ T5802] usb 2-1: config 0 descriptor?? [ 826.903707][ T5802] ums-onetouch 2-1:0.0: USB Mass Storage device detected [ 826.944863][ T7143] x_tables: unsorted underflow at hook 3 [ 827.090166][ T5802] usb 2-1: USB disconnect, device number 57 [ 827.362426][ T7171] loop2: detected capacity change from 0 to 2048 [ 827.382364][ T7171] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=2362, location=2362 [ 827.386418][ T7176] loop0: detected capacity change from 0 to 1024 [ 827.438812][ T7171] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 827.450243][ T7176] EXT4-fs: Ignoring removed nomblk_io_submit option [ 827.468608][ T7171] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 827.496034][ T7171] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 827.538428][ T7176] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 827.656927][ T7176] VFS: Lookup of 'file0' in ext4 loop0 would have caused loop [ 827.788898][ T5761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 828.298719][ T7225] netlink: 'syz.2.11517': attribute type 33 has an invalid length. [ 828.344172][ T7225] netlink: 152 bytes leftover after parsing attributes in process `syz.2.11517'. [ 828.373318][ T7225] `: renamed from team0 (while UP) [ 828.610141][ T7239] loop2: detected capacity change from 0 to 2048 [ 828.663997][ T7239] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 828.666904][ T7243] loop0: detected capacity change from 0 to 16 [ 828.697389][ T7243] erofs: (device loop0): mounted with root inode @ nid 36. [ 828.738981][ T7249] netlink: 14 bytes leftover after parsing attributes in process `syz.3.11523'. [ 828.746697][ T7243] erofs: (device loop0): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 32768 [ 828.784162][ T7243] erofs: (device loop0): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 32768 [ 828.820151][ T7243] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 32811 of nid 36 [ 828.926572][ T7256] loop2: detected capacity change from 0 to 64 [ 828.950667][ T7249] .` (unregistering): (slave bond_slave_0): Releasing backup interface [ 829.025410][ T7249] bond_slave_0: left promiscuous mode [ 829.069951][ T7249] .` (unregistering): (slave bond_slave_1): Releasing backup interface [ 829.093270][ T7249] bond_slave_1: left promiscuous mode [ 829.112367][ T7249] .` (unregistering): Released all slaves [ 829.675229][ T7287] loop3: detected capacity change from 0 to 4096 [ 829.790205][ T7287] ntfs: volume version 3.1. [ 830.129099][ T7320] netlink: 14 bytes leftover after parsing attributes in process `syz.2.11544'. [ 830.326555][ T7320] bond0 (unregistering): Released all slaves [ 830.615090][ T5801] usb 1-1: new high-speed USB device number 63 using dummy_hcd [ 830.644272][ T7352] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11553'. [ 830.717545][ T7352] batadv1: entered promiscuous mode [ 830.730516][ T7352] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 830.827043][ T5801] usb 1-1: config 0 has an invalid interface number: 122 but max is 0 [ 830.853762][ T5801] usb 1-1: config 0 has no interface number 0 [ 830.895798][ T5801] usb 1-1: config 0 interface 122 has no altsetting 0 [ 830.932458][ T5801] usb 1-1: New USB device found, idVendor=13d3, idProduct=3219, bcdDevice=7a.67 [ 830.966917][ T5801] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 830.987453][ T5801] usb 1-1: Product: syz [ 830.991667][ T5801] usb 1-1: Manufacturer: syz [ 831.004868][ T5801] usb 1-1: SerialNumber: syz [ 831.021358][ T5801] usb 1-1: config 0 descriptor?? [ 831.486680][ T7396] xt_socket: unknown flags 0x58 [ 831.557110][ T8] usb 1-1: USB disconnect, device number 63 [ 831.563545][ T8] dvb-usb: generic DVB-USB module successfully deinitialized and disconnected. [ 831.763461][ T7417] netlink: 'syz.2.11571': attribute type 1 has an invalid length. [ 831.779904][ T7417] netlink: 244 bytes leftover after parsing attributes in process `syz.2.11571'. [ 831.793628][ T7417] NCSI netlink: No device for ifindex 0 [ 832.225086][ T7440] netlink: 14 bytes leftover after parsing attributes in process `syz.2.11579'. [ 832.831834][ T7476] loop3: detected capacity change from 0 to 256 [ 832.866035][ T7476] exfat: Deprecated parameter 'utf8' [ 832.907947][ T7476] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 833.701677][ T7522] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 833.915326][ T7533] netlink: 'syz.3.11609': attribute type 8 has an invalid length. [ 834.271598][ T7556] netlink: 'syz.2.11615': attribute type 13 has an invalid length. [ 834.459929][ T7562] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11619'. [ 834.479616][ T7562] netlink: 'syz.1.11619': attribute type 1 has an invalid length. [ 834.499671][ T7562] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11619'. [ 834.680132][ T7573] loop3: detected capacity change from 0 to 512 [ 835.000084][ T7551] loop0: detected capacity change from 0 to 32768 [ 835.114470][ T7596] netlink: 'syz.3.11628': attribute type 15 has an invalid length. [ 835.141968][ T7596] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11628'. [ 835.155915][ T7551] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 835.397401][ T5761] ocfs2: Unmounting device (7,0) on (node local) [ 835.655283][ T7621] netlink: 'syz.1.11637': attribute type 30 has an invalid length. [ 836.035735][ T40] usb 1-1: new high-speed USB device number 64 using dummy_hcd [ 836.255396][ T40] usb 1-1: Using ep0 maxpacket: 16 [ 836.271716][ T40] usb 1-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 836.295506][ T40] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 836.303746][ T40] usb 1-1: Product: syz [ 836.345722][ T40] usb 1-1: Manufacturer: syz [ 836.350409][ T40] usb 1-1: SerialNumber: syz [ 836.366510][ T40] usb 1-1: config 0 descriptor?? [ 836.375225][ T40] ums-onetouch 1-1:0.0: USB Mass Storage device detected [ 836.399518][ T7691] bond8: entered promiscuous mode [ 836.632083][ T40] usb 1-1: USB disconnect, device number 64 [ 837.040254][ T7771] loop2: detected capacity change from 0 to 512 [ 837.116996][ T7771] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 837.140390][ T7771] ext4 filesystem being mounted at /2857/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 837.243365][ T7771] EXT4-fs error (device loop2): ext4_get_first_dir_block:3584: inode #12: comm syz.2.11658: Attempting to read directory block (0) that is past i_size (3) [ 837.301629][ T7771] EXT4-fs (loop2): Remounting filesystem read-only [ 837.517717][ T5760] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 837.569555][ T4630] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 837.605105][ T4630] Quota error (device loop2): write_blk: dquota write failed [ 837.612538][ T4630] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries [ 837.652110][ T4630] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 837.683700][ T4630] Quota error (device loop2): write_blk: dquota write failed [ 837.720754][ T4630] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list [ 837.722062][ T7805] loop3: detected capacity change from 0 to 512 [ 837.755187][ T4630] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started [ 837.774293][ T7805] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 837.788369][ T4630] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 839.051049][ T7874] loop0: detected capacity change from 0 to 8 [ 839.086559][ T7874] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 839.114034][T11713] udevd[11713]: incorrect cramfs checksum on /dev/loop0 [ 839.147614][ T7874] cramfs: Error -3 while decompressing! [ 839.153286][ T7874] cramfs: ffffffff973f4368(26)->ffff88805666a000(4096) [ 839.185106][ T7874] cramfs: Error -3 while decompressing! [ 839.202552][ T7874] cramfs: ffffffff973f4382(26)->ffff88805666b000(4096) [ 839.223842][T11713] udevd[11713]: incorrect cramfs checksum on /dev/loop0 [ 839.225139][ T7874] cramfs: Error -3 while decompressing! [ 839.281101][ T7874] cramfs: ffffffff973f439c(16)->ffff888075528000(4096) [ 839.297906][ T7874] cramfs: Error -3 while decompressing! [ 839.311069][ T7874] cramfs: ffffffff973f4368(26)->ffff88805666a000(4096) [ 839.868591][ T7868] loop2: detected capacity change from 0 to 32768 [ 839.983491][T11713] I/O error, dev loop2, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 840.279572][ T7920] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11702'. [ 840.353622][ T7920] batadv2: entered promiscuous mode [ 840.374472][ T7920] 8021q: adding VLAN 0 to HW filter on device batadv2 [ 840.779400][ T7939] loop0: detected capacity change from 0 to 256 [ 840.918327][ T7939] FAT-fs (loop0): Directory bread(block 64) failed [ 840.935066][ T7939] FAT-fs (loop0): Directory bread(block 65) failed [ 840.965170][ T7939] FAT-fs (loop0): Directory bread(block 66) failed [ 840.976313][ T7939] FAT-fs (loop0): Directory bread(block 67) failed [ 840.982987][ T7939] FAT-fs (loop0): Directory bread(block 68) failed [ 841.005118][ T7939] FAT-fs (loop0): Directory bread(block 69) failed [ 841.015638][ T7939] FAT-fs (loop0): Directory bread(block 70) failed [ 841.040413][ T7939] FAT-fs (loop0): Directory bread(block 71) failed [ 841.052852][ T7939] FAT-fs (loop0): Directory bread(block 72) failed [ 841.063370][ T7939] FAT-fs (loop0): Directory bread(block 73) failed [ 841.425157][ T7966] loop2: detected capacity change from 0 to 16 [ 841.468053][ T7966] erofs: (device loop2): mounted with root inode @ nid 36. [ 841.588993][ T7976] netlink: 'syz.1.11718': attribute type 21 has an invalid length. [ 841.615135][ T7976] netlink: 132 bytes leftover after parsing attributes in process `syz.1.11718'. [ 841.691952][ T7986] loop0: detected capacity change from 0 to 256 [ 842.246637][ T8018] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11730'. [ 842.388515][ T8025] binder: Bad value for 'stats' [ 842.590129][ T8037] sit0: entered promiscuous mode [ 842.614264][ T8037] netlink: 'syz.3.11737': attribute type 1 has an invalid length. [ 842.684787][ T8037] netlink: 1 bytes leftover after parsing attributes in process `syz.3.11737'. [ 842.733088][ T8042] loop0: detected capacity change from 0 to 16 [ 842.798625][ T8042] erofs: (device loop0): mounted with root inode @ nid 36. [ 842.900585][ T8042] syz.0.11739: attempt to access beyond end of device [ 842.900585][ T8042] loop0: rw=524288, sector=131758, nr_sectors = 2 limit=16 [ 842.952721][ T8042] syz.0.11739: attempt to access beyond end of device [ 842.952721][ T8042] loop0: rw=524288, sector=74, nr_sectors = 2 limit=16 [ 842.987271][ T8042] syz.0.11739: attempt to access beyond end of device [ 842.987271][ T8042] loop0: rw=524288, sector=262336, nr_sectors = 2 limit=16 [ 843.154233][ T8068] loop0: detected capacity change from 0 to 1764 [ 843.161530][ T8071] loop3: detected capacity change from 0 to 16 [ 843.178618][ T8071] erofs: (device loop3): mounted with root inode @ nid 36. [ 843.186374][ T5801] usb 3-1: new high-speed USB device number 69 using dummy_hcd [ 843.214752][ T8071] syz.3.11745: attempt to access beyond end of device [ 843.214752][ T8071] loop3: rw=0, sector=15300821024, nr_sectors = 8 limit=16 [ 843.224395][ T8068] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 843.229192][ T8071] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 72 of nid 36 [ 843.255920][ T968] usb 2-1: new high-speed USB device number 58 using dummy_hcd [ 843.375734][ T5801] usb 3-1: Using ep0 maxpacket: 32 [ 843.417595][ T5801] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=67.fe [ 843.443935][ T5801] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 843.462060][ T5801] usb 3-1: Product: syz [ 843.469041][ T5801] usb 3-1: Manufacturer: syz [ 843.473842][ T5801] usb 3-1: SerialNumber: syz [ 843.491591][ T5801] usb 3-1: config 0 descriptor?? [ 843.495463][ T968] usb 2-1: too many configurations: 37, using maximum allowed: 8 [ 843.578900][ T968] usb 2-1: string descriptor 0 read error: -71 [ 843.585442][ T968] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 843.606974][ T968] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 843.646807][ T968] usb 2-1: can't set config #1, error -71 [ 843.665418][ T968] usb 2-1: USB disconnect, device number 58 [ 843.743677][ T5801] snd-usb-6fire 3-1:0.0: unknown device firmware state received from device: [ 843.761216][ T5801] eb aa 3b 80 9b e4 7a f0 [ 843.771698][ T5801] snd-usb-6fire: probe of 3-1:0.0 failed with error -5 [ 843.936478][ T8114] loop0: detected capacity change from 0 to 128 [ 844.002737][ T5801] usb 3-1: USB disconnect, device number 69 [ 844.934254][ T8176] openvswitch: netlink: Flow actions attr not present in new flow. [ 844.995575][ T8178] tmpfs: Bad value for 'mpol' [ 845.178317][ T8187] bridge9: entered allmulticast mode [ 845.185226][ T8190] netlink: 'syz.2.11775': attribute type 3 has an invalid length. [ 845.207959][ T8190] netlink: 'syz.2.11775': attribute type 27 has an invalid length. [ 845.212107][ T8192] netlink: 'syz.0.11776': attribute type 9 has an invalid length. [ 845.398186][ T27] audit: type=1326 audit(2000000072.229:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8200 comm="syz.3.11779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 845.420738][ C0] vkms_vblank_simulate: vblank timer overrun [ 845.467631][ T8204] loop0: detected capacity change from 0 to 16 [ 845.493639][ T8204] erofs: (device loop0): mounted with root inode @ nid 36. [ 845.513691][ T27] audit: type=1326 audit(2000000072.269:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8200 comm="syz.3.11779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 845.541351][ T8204] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD1 format 8 for nid 89, please upgrade kernel [ 845.565572][ T8204] erofs: (device loop0): z_erofs_readahead: readahead error at folio 2 @ nid 89 [ 845.585096][ T8204] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD1 format 8 for nid 89, please upgrade kernel [ 845.607127][ T27] audit: type=1326 audit(2000000072.269:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8200 comm="syz.3.11779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 845.643976][ T8204] erofs: (device loop0): z_erofs_readahead: readahead error at folio 1 @ nid 89 [ 845.675407][ T8204] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD1 format 8 for nid 89, please upgrade kernel [ 845.677052][ T8216] loop3: detected capacity change from 0 to 128 [ 845.690065][ T27] audit: type=1326 audit(2000000072.269:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8200 comm="syz.3.11779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f423a39c392 code=0x7ffc0000 [ 845.716904][ T8204] erofs: (device loop0): z_erofs_readahead: readahead error at folio 0 @ nid 89 [ 845.762302][ T8204] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD1 format 8 for nid 89, please upgrade kernel [ 845.783435][ T27] audit: type=1326 audit(2000000072.269:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8200 comm="syz.3.11779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f423a39c392 code=0x7ffc0000 [ 845.817972][ T8204] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD1 format 8 for nid 89, please upgrade kernel [ 845.881946][ T8204] erofs: (device loop0): z_erofs_read_folio: read error -95 @ 0 of nid 89 [ 845.895094][ T27] audit: type=1326 audit(2000000072.269:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8200 comm="syz.3.11779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 845.961610][ T27] audit: type=1800 audit(2000000072.769:571): pid=8204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.11780" name="file2" dev="loop0" ino=89 res=0 errno=0 [ 846.209967][ T8236] netlink: 40 bytes leftover after parsing attributes in process `syz.0.11788'. [ 846.400252][ T8250] netlink: 128 bytes leftover after parsing attributes in process `syz.0.11793'. [ 846.409800][ T8250] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 846.502260][ T8255] autofs4:pid:8255:autofs_fill_super: called with bogus options [ 846.585052][ T5801] usb 4-1: new high-speed USB device number 56 using dummy_hcd [ 846.714159][ T8265] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11798'. [ 846.819234][ T5801] usb 4-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 846.836597][ T5801] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 846.855060][ T5801] usb 4-1: Product: syz [ 846.862478][ T5801] usb 4-1: Manufacturer: syz [ 846.876216][ T5801] usb 4-1: SerialNumber: syz [ 846.888891][ T5801] usb 4-1: config 0 descriptor?? [ 846.910727][ T5801] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 847.333416][ T968] usb 4-1: USB disconnect, device number 56 [ 847.376383][ T8301] netlink: 'syz.0.11808': attribute type 63 has an invalid length. [ 847.626926][ T8318] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11813'. [ 847.666117][ T8318] openvswitch: netlink: Missing key (keys=40, expected=80) [ 847.694453][ T8323] tmpfs: Bad value for 'mpol' [ 848.542136][ T8348] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11825'. [ 848.931857][ T8344] loop3: detected capacity change from 0 to 32768 [ 848.965324][ T5802] usb 3-1: new high-speed USB device number 70 using dummy_hcd [ 849.057536][ T8344] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 849.178169][ T5802] usb 3-1: config 220 has an invalid interface number: 76 but max is 2 [ 849.212254][ T5802] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 849.248056][ T8344] XFS (loop3): Ending clean mount [ 849.273824][ T5802] usb 3-1: config 220 has no interface number 2 [ 849.293288][ T5802] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 849.309079][ T5802] usb 3-1: config 220 interface 0 has no altsetting 0 [ 849.317209][ T5802] usb 3-1: config 220 interface 76 has no altsetting 0 [ 849.334370][ T5802] usb 3-1: config 220 interface 1 has no altsetting 0 [ 849.358158][ T5802] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 849.383796][ T5802] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 849.392621][ T5763] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 849.415060][ T5802] usb 3-1: Product: syz [ 849.419335][ T5802] usb 3-1: Manufacturer: syz [ 849.439014][ T5802] usb 3-1: SerialNumber: syz [ 849.757350][ T5802] usb 3-1: selecting invalid altsetting 0 [ 849.763985][ T5802] usb 3-1: Found UVC 7.01 device syz (8086:0b07) [ 849.791789][ T5802] usb 3-1: No valid video chain found. [ 849.823270][ T5802] usb 3-1: selecting invalid altsetting 0 [ 849.845048][ T5802] usbtest: probe of 3-1:220.1 failed with error -22 [ 849.893393][ T5802] usb 3-1: USB disconnect, device number 70 [ 850.049409][ T8414] netlink: 'syz.0.11839': attribute type 24 has an invalid length. [ 850.062362][ T8415] netlink: 128 bytes leftover after parsing attributes in process `syz.3.11834'. [ 850.072315][ T8415] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 850.426750][ T8425] loop3: detected capacity change from 0 to 4096 [ 850.466778][ T8425] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 850.493867][ T8425] ntfs3: loop3: RAW NTFS volume: Filesystem size 0.00 Gb > volume size 0.00 Gb. Mount in read-only. [ 850.807466][ T8450] kernel read not supported for file / N7âW)s!Qfsl{Tr)rO2:">͟v|ղDvc֠6xc: (pid: 8450 comm: syz.1.11852) [ 850.869944][ T27] audit: type=1800 audit(2000000077.699:572): pid=8450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.11852" name=20019C4EFC1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C03E95CD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=86935 res=0 errno=0 [ 851.243195][ T8473] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode [ 851.253231][ T8473] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 851.434785][ T8482] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 851.471475][ T8484] netlink: 'syz.2.11864': attribute type 10 has an invalid length. [ 851.914387][ T8509] loop3: detected capacity change from 0 to 128 [ 851.946189][ T8509] EXT4-fs: Ignoring removed nobh option [ 851.983708][ T8509] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 852.025270][ T8509] ext4 filesystem being mounted at /3003/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 852.111031][ T8520] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.11875'. [ 852.121131][ T8520] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 852.129545][ T8520] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 852.248131][ T5763] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 853.182246][ T8576] netlink: 20 bytes leftover after parsing attributes in process `syz.0.11894'. [ 853.372859][ T8589] netlink: 'syz.0.11898': attribute type 32 has an invalid length. [ 853.774086][ T8607] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11907'. [ 854.255054][ T5802] usb 4-1: new high-speed USB device number 57 using dummy_hcd [ 854.290576][ T8633] loop2: detected capacity change from 0 to 2048 [ 854.369111][ T8633] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 854.452851][ T5802] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 854.476512][ T5802] usb 4-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3 [ 854.505141][ T5802] usb 4-1: Product: syz [ 854.520348][ T5802] usb 4-1: Manufacturer: syz [ 854.539993][ T5802] usb 4-1: SerialNumber: syz [ 854.571375][ T5802] usb 4-1: config 0 descriptor?? [ 854.593097][ T5802] ch341 4-1:0.0: ch341-uart converter detected [ 854.706102][ T8] usb 2-1: new high-speed USB device number 59 using dummy_hcd [ 854.905151][ T8] usb 2-1: Using ep0 maxpacket: 32 [ 854.917131][ T8] usb 2-1: config 0 has an invalid interface number: 244 but max is 0 [ 854.942085][ T8] usb 2-1: config 0 has no interface number 0 [ 854.959054][ T8] usb 2-1: config 0 interface 244 has no altsetting 0 [ 854.995295][ T8] usb 2-1: New USB device found, idVendor=0e41, idProduct=4750, bcdDevice=26.9c [ 855.004423][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 855.014369][ T5802] usb 4-1: failed to send control message: -71 [ 855.033155][ T8] usb 2-1: Product: syz [ 855.035194][ T5802] ch341-uart: probe of ttyUSB0 failed with error -71 [ 855.038833][ T8] usb 2-1: Manufacturer: syz [ 855.065107][ T8] usb 2-1: SerialNumber: syz [ 855.065818][ T5802] usb 4-1: USB disconnect, device number 57 [ 855.088684][ T8] usb 2-1: config 0 descriptor?? [ 855.103150][ T5802] ch341 4-1:0.0: device disconnected [ 855.113923][ T8] snd_usb_toneport 2-1:0.244: Line 6 GuitarPort found [ 855.340558][ T8] snd_usb_toneport 2-1:0.244: cannot get proper max packet size [ 855.362800][ T8] snd_usb_toneport 2-1:0.244: Line 6 GuitarPort now disconnected [ 855.387494][ T8] snd_usb_toneport: probe of 2-1:0.244 failed with error -22 [ 855.463939][ T8658] loop0: detected capacity change from 0 to 32768 [ 855.522820][ T8658] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 855.536629][ T8658] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 855.603061][ T5802] usb 2-1: USB disconnect, device number 59 [ 855.646433][ T8658] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 855.787038][ T8709] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.11932'. [ 855.831252][ T8658] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 856.382130][ T8743] xt_CT: You must specify a L4 protocol and not use inversions on it [ 856.625741][ T8753] netlink: 40 bytes leftover after parsing attributes in process `syz.0.11944'. [ 856.904240][ T27] audit: type=1326 audit(2000000083.729:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8767 comm="syz.1.11949" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa65499c629 code=0x0 [ 857.357057][ T8798] 9pnet_fd: Insufficient options for proto=fd [ 857.658582][ T8814] netlink: 'syz.1.11964': attribute type 2 has an invalid length. [ 857.675083][ T8814] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11964'. [ 858.298167][ T8850] (null): rxe_set_mtu: Set mtu to 4096 [ 858.303893][ T8850] lo speed is unknown, defaulting to 1000 [ 858.344129][ T8850] lo speed is unknown, defaulting to 1000 [ 858.370554][ T8850] lo speed is unknown, defaulting to 1000 [ 858.575951][ T8865] program syz.1.11981 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 858.613501][ T8867] netlink: 'syz.2.11983': attribute type 7 has an invalid length. [ 858.627254][ T8867] netlink: 'syz.2.11983': attribute type 8 has an invalid length. [ 858.980103][ T8850] infiniband syz0: set active [ 858.986873][ T8850] infiniband syz0: added lo [ 858.992115][ T968] lo speed is unknown, defaulting to 1000 [ 859.186661][ T8850] RDS/IB: syz0: added [ 859.190778][ T8850] smc: adding ib device syz0 with port count 1 [ 859.223418][ T8850] smc: ib device syz0 port 1 has pnetid [ 859.241208][ T968] lo speed is unknown, defaulting to 1000 [ 859.281732][ T8850] lo speed is unknown, defaulting to 1000 [ 859.883453][ T8850] lo speed is unknown, defaulting to 1000 [ 860.481799][ T8850] lo speed is unknown, defaulting to 1000 [ 860.952004][ T8850] lo speed is unknown, defaulting to 1000 [ 861.243379][ T8994] openvswitch: netlink: EtherType 0 is less than min 600 [ 862.027256][ T9029] bond0: entered allmulticast mode [ 862.249122][ T9079] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.12040'. [ 862.455055][ T5802] usb 2-1: new high-speed USB device number 60 using dummy_hcd [ 862.655012][ T5802] usb 2-1: Using ep0 maxpacket: 8 [ 862.662836][ T5802] usb 2-1: config 0 interface 0 has no altsetting 0 [ 862.675145][ T5802] usb 2-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 862.705008][ T5802] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 862.715068][ T8] usb 1-1: new high-speed USB device number 65 using dummy_hcd [ 862.722548][ T5802] usb 2-1: Product: syz [ 862.728424][ T5802] usb 2-1: Manufacturer: syz [ 862.733131][ T5802] usb 2-1: SerialNumber: syz [ 862.759536][ T5802] usb 2-1: config 0 descriptor?? [ 862.787965][ T5802] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 found [ 862.918877][ T8] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 862.934972][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 862.963330][ T8] usb 1-1: Product: syz [ 862.980044][ T8] usb 1-1: Manufacturer: syz [ 862.984683][ T8] usb 1-1: SerialNumber: syz [ 863.011694][ T8] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 863.014971][ T5802] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 now disconnected [ 863.045412][ T5801] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 863.071993][ T5802] snd_usb_toneport: probe of 2-1:0.0 failed with error -22 [ 863.165235][ T27] audit: type=1400 audit(2000000089.989:574): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147C8A3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 863.289787][T24920] usb 2-1: USB disconnect, device number 60 [ 863.444695][ T9132] loop2: detected capacity change from 0 to 164 [ 863.481703][ T5802] usb 1-1: USB disconnect, device number 65 [ 863.520960][ T9132] Unable to read rock-ridge attributes [ 863.560636][ T9132] Unable to read rock-ridge attributes [ 863.586265][ T9132] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 864.125343][ T5801] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 864.145166][ T5801] ath9k_htc: Failed to initialize the device [ 864.203259][ T5802] usb 1-1: ath9k_htc: USB layer deinitialized [ 864.332661][ T9182] loop0: detected capacity change from 0 to 256 [ 864.381085][ T9182] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d) [ 864.580333][ T9191] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.12068'. [ 864.988940][ T9211] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12072'. [ 864.990010][ T9213] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12073'. [ 865.025572][ T9215] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12074'. [ 865.412839][ T9166] loop3: detected capacity change from 0 to 32768 [ 865.435443][ T9166] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 865.455577][ T9166] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 865.588473][ T9166] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 865.809602][ T9166] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 866.922683][ T9252] loop0: detected capacity change from 0 to 32768 [ 867.343180][ T9268] loop3: detected capacity change from 0 to 32768 [ 867.402828][ T9268] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.12085 (9268) [ 867.440988][ T9268] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 867.462436][ T9268] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 867.496123][ T9268] BTRFS info (device loop3): using free space tree [ 867.609575][ T9298] program syz.0.12093 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 867.626442][ T9268] BTRFS info (device loop3): enabling ssd optimizations [ 867.656061][ T9268] BTRFS info (device loop3): auto enabling async discard [ 868.056719][ T5763] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 868.877258][ T9287] loop2: detected capacity change from 0 to 32768 [ 868.936783][ T9287] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 869.007235][ T9287] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 869.054709][ T9287] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 869.166329][ T9287] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 869.425767][ T9373] netlink: 176 bytes leftover after parsing attributes in process `syz.3.12113'. [ 869.528736][ T9377] loop3: detected capacity change from 0 to 1764 [ 870.290380][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.311058][ T9414] loop0: detected capacity change from 0 to 1024 [ 870.525301][T24920] usb 2-1: new high-speed USB device number 61 using dummy_hcd [ 870.725864][T24920] usb 2-1: Using ep0 maxpacket: 8 [ 870.763877][T24920] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 870.787638][T24920] usb 2-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 870.816242][T24920] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 870.824469][T24920] usb 2-1: SerialNumber: syz [ 870.873702][T24920] usb 2-1: config 0 descriptor?? [ 870.904889][T24920] usb 2-1: Found UVC 0.00 device (05ac:8501) [ 870.946984][T24920] usb 2-1: Failed to create links for entity 255 [ 870.953403][T24920] usb 2-1: Failed to register entities (-22). [ 871.146908][T24920] usb 2-1: USB disconnect, device number 61 [ 871.521980][ T9508] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12146'. [ 871.701004][ T40] usb 4-1: new high-speed USB device number 58 using dummy_hcd [ 871.916643][ T40] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 871.951024][ T40] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 871.985285][ T40] usb 4-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53 [ 872.015057][ T40] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 872.042471][ T40] usb 4-1: config 0 descriptor?? [ 872.049877][ T9527] loop2: detected capacity change from 0 to 4096 [ 872.088872][ T9538] loop0: detected capacity change from 0 to 764 [ 872.134380][ T9527] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 872.151873][ T9527] ntfs3: loop2: Failed to load $Extend (-22). [ 872.179256][ T9527] ntfs3: loop2: Failed to initialize $Extend. [ 872.323692][ T9496] loop3: detected capacity change from 0 to 1024 [ 872.452293][ T5801] usb 4-1: USB disconnect, device number 58 [ 872.691467][ T9565] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 872.731504][ T9565] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 872.750218][ T9565] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 872.764861][ T9565] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 872.784415][ T9565] geneve4: entered promiscuous mode [ 873.078736][ T1124] hfsplus: b-tree write err: -5, ino 4 [ 873.500435][ T9602] netlink: 'syz.0.12171': attribute type 10 has an invalid length. [ 873.525158][T24920] usb 4-1: new high-speed USB device number 59 using dummy_hcd [ 873.533206][ T9602] netlink: 40 bytes leftover after parsing attributes in process `syz.0.12171'. [ 873.583456][ T9602] net veth1_virt_wifi virt_wifi0: entered promiscuous mode [ 873.617146][ T9602] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 873.645472][ T9602] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check. [ 873.705113][T24920] usb 4-1: Using ep0 maxpacket: 16 [ 873.731204][T24920] usb 4-1: config 0 has an invalid interface number: 34 but max is 0 [ 873.751599][T24920] usb 4-1: config 0 has no interface number 0 [ 873.771527][T24920] usb 4-1: config 0 interface 34 altsetting 0 bulk endpoint 0xA has invalid maxpacket 1023 [ 873.794231][ T9615] xt_TCPMSS: Only works on TCP SYN packets [ 873.809708][T24920] usb 4-1: config 0 interface 34 altsetting 0 endpoint 0x82 has invalid maxpacket 1104, setting to 1024 [ 873.848936][T24920] usb 4-1: config 0 interface 34 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 873.878005][T24920] usb 4-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73 [ 873.905049][T24920] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 873.925037][T24920] usb 4-1: Product: syz [ 873.929256][T24920] usb 4-1: Manufacturer: syz [ 873.943694][T24920] usb 4-1: SerialNumber: syz [ 873.966611][T24920] usb 4-1: config 0 descriptor?? [ 873.980450][ T9592] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 873.988445][ T9621] libceph: resolve '@e2OAqcz' (ret=-3): failed [ 874.005251][ T9592] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 874.295471][ T9592] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 874.325373][ T9592] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 874.565164][T24920] asix 4-1:0.34 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 874.621166][T24920] asix: probe of 4-1:0.34 failed with error -71 [ 874.665999][T24920] usb 4-1: USB disconnect, device number 59 [ 874.727552][ T9664] netlink: 68 bytes leftover after parsing attributes in process `syz.0.12188'. [ 875.085159][ T5801] usb 3-1: new high-speed USB device number 71 using dummy_hcd [ 875.147340][ T5802] usb 1-1: new high-speed USB device number 66 using dummy_hcd [ 875.285105][ T5801] usb 3-1: Using ep0 maxpacket: 32 [ 875.292241][ T5801] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 875.312703][ T5801] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 875.342056][ T5801] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 875.365485][ T5802] usb 1-1: Using ep0 maxpacket: 16 [ 875.377682][ T5801] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 875.382464][ T5802] usb 1-1: config index 0 descriptor too short (expected 65, got 36) [ 875.403515][ T5801] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 875.425922][ T5802] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 875.453995][ T5801] usb 3-1: Product: syz [ 875.461046][ T5802] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 875.473254][ T5801] usb 3-1: Manufacturer: syz [ 875.488582][ T5801] usb 3-1: SerialNumber: syz [ 875.494824][ T5802] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 875.515589][ T5801] cdc_ncm 3-1:1.0: skipping garbage [ 875.541242][ T5801] cdc_ncm 3-1:1.0: skipping garbage [ 875.551362][ T5801] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found [ 875.555089][ T5802] usb 1-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 875.575128][ T5801] cdc_ncm 3-1:1.0: bind() failure [ 875.614992][ T5802] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 875.644564][ T5802] usb 1-1: config 0 descriptor?? [ 875.695301][ T5802] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input50 [ 875.738965][ T5121] pxrc 1-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 875.805306][ T5121] pxrc 1-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 875.853639][ T8] usb 3-1: USB disconnect, device number 71 [ 875.916394][ T5755] pxrc 1-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 875.953866][ T5121] pxrc 1-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 876.019478][ T5121] pxrc 1-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 876.047788][ T9675] pxrc 1-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 876.073940][ T5121] pxrc 1-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 876.083698][ T968] usb 1-1: USB disconnect, device number 66 [ 876.433055][ T9738] ipip0: entered promiscuous mode [ 877.027824][ T9765] netlink: 'syz.1.12209': attribute type 13 has an invalid length. [ 877.062191][ T9765] netlink: 'syz.1.12209': attribute type 27 has an invalid length. [ 877.123256][ T9770] loop3: detected capacity change from 0 to 256 [ 877.164303][ T9770] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d) [ 877.199783][ T9773] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12213'. [ 877.239115][ T9773] netlink: 312 bytes leftover after parsing attributes in process `syz.0.12213'. [ 877.274419][ T9773] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12213'. [ 877.615536][ T9793] xt_l2tp: missing protocol rule (udp|l2tpip) [ 878.015137][ T9820] netlink: 'syz.1.12227': attribute type 3 has an invalid length. [ 878.175056][ T8] usb 1-1: new high-speed USB device number 67 using dummy_hcd [ 878.384793][ T9840] dlm: non-version read from control device 3 [ 878.395000][ T8] usb 1-1: Using ep0 maxpacket: 8 [ 878.433996][ T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 878.461275][ T8] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 878.490416][ T8] usb 1-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52 [ 878.524113][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 878.552123][ T8] usb 1-1: Product: syz [ 878.565083][ T8] usb 1-1: Manufacturer: syz [ 878.569834][ T8] usb 1-1: SerialNumber: syz [ 878.596849][ T8] usb 1-1: config 0 descriptor?? [ 878.869175][ T9859] loop2: detected capacity change from 0 to 4096 [ 878.890495][ T9859] EXT4-fs (loop2): Test dummy encryption mode enabled [ 878.929102][ T9859] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 878.977792][ T9859] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 879.063535][ T8] usb 1-1: USB disconnect, device number 67 [ 879.256272][ T9888] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12246'. [ 879.705365][ T9911] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on [ 880.114858][ T9965] netlink: 28 bytes leftover after parsing attributes in process `syz.3.12261'. [ 880.137652][ T9965] netlink: 28 bytes leftover after parsing attributes in process `syz.3.12261'. [ 880.169065][ T9965] netlink: 'syz.3.12261': attribute type 6 has an invalid length. [ 880.215085][T24920] usb 2-1: new high-speed USB device number 62 using dummy_hcd [ 880.407312][T24920] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7 [ 880.428762][T24920] usb 2-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82 [ 880.459358][T24920] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 880.477773][ T9925] loop2: detected capacity change from 0 to 32768 [ 880.496451][T24920] usb 2-1: config 0 descriptor?? [ 880.512057][T24920] smsusb:smsusb_probe: board id=8, interface number 0 [ 880.535152][T24920] smsusb:smsusb_probe: Device initialized with return code -19 [ 880.544179][ T9925] (syz.2.12258,9925,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 880.580715][ T9925] (syz.2.12258,9925,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 880.660165][ T9925] JBD2: Ignoring recovery information on journal [ 880.751413][ T5802] usb 2-1: USB disconnect, device number 62 [ 880.758802][ T9925] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 881.002511][ T9967] loop0: detected capacity change from 0 to 32768 [ 881.052519][ T9967] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 881.121052][ T9967] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 881.158100][ T5760] ocfs2: Unmounting device (7,2) on (node local) [ 881.189064][ T9981] loop3: detected capacity change from 0 to 32768 [ 881.211372][ T9981] (syz.3.12265,9981,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 881.246802][ T9981] (syz.3.12265,9981,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 881.282556][ T9981] JBD2: Ignoring recovery information on journal [ 881.340162][ T9981] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 881.398985][ T5761] ocfs2: Unmounting device (7,0) on (node local) [ 881.949769][ T5763] ocfs2: Unmounting device (7,3) on (node local) [ 883.115225][T10078] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12290'. [ 883.295609][T10086] block nbd2: NBD_DISCONNECT [ 883.587980][T10096] loop2: detected capacity change from 0 to 4096 [ 883.643654][T10096] ntfs: (device loop2): check_mft_mirror(): Incomplete multi sector transfer detected in mft record 2. [ 883.672840][T10096] ntfs: (device loop2): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 883.700680][T10107] netlink: 'syz.3.12298': attribute type 24 has an invalid length. [ 883.726216][T10107] netlink: 32 bytes leftover after parsing attributes in process `syz.3.12298'. [ 883.765191][ T5802] usb 1-1: new high-speed USB device number 68 using dummy_hcd [ 883.784574][T10096] ntfs: volume version 3.1. [ 883.811925][T10096] ntfs: (device loop2): map_mft_record_page(): Mft record 0x2 is corrupt. Run chkdsk. [ 883.825828][T10096] ntfs: (device loop2): map_mft_record(): Failed with error code 5. [ 883.843140][T10096] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x2 as bad. Run chkdsk. [ 883.865220][T10096] ntfs: (device loop2): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 883.975139][ T5802] usb 1-1: Using ep0 maxpacket: 8 [ 883.985147][T10096] ntfs: (device loop2): ntfs_read_locked_inode(): Index block size (0) < NTFS_BLOCK_SIZE (512) is not supported. Sorry. [ 883.991444][ T5802] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 884.013165][T10096] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -95. Marking corrupt inode 0x40 as bad. Run chkdsk. [ 884.055438][ T5802] usb 1-1: New USB device found, idVendor=0e8d, idProduct=2000, bcdDevice=21.c6 [ 884.101722][ T5802] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 884.133941][ T5802] usb 1-1: config 0 descriptor?? [ 884.338845][T10135] loop3: detected capacity change from 0 to 256 [ 884.393466][ T8] usb 1-1: USB disconnect, device number 68 [ 884.474221][T10135] FAT-fs (loop3): Directory bread(block 64) failed [ 884.495159][T10135] FAT-fs (loop3): Directory bread(block 65) failed [ 884.502344][T10135] FAT-fs (loop3): Directory bread(block 66) failed [ 884.515307][T10135] FAT-fs (loop3): Directory bread(block 67) failed [ 884.532198][T10135] FAT-fs (loop3): Directory bread(block 68) failed [ 884.541322][T10135] FAT-fs (loop3): Directory bread(block 69) failed [ 884.548685][T10135] FAT-fs (loop3): Directory bread(block 70) failed [ 884.565433][T10135] FAT-fs (loop3): Directory bread(block 71) failed [ 884.573591][T10135] FAT-fs (loop3): Directory bread(block 72) failed [ 884.590236][T10135] FAT-fs (loop3): Directory bread(block 73) failed [ 884.625281][ T5820] usb 2-1: new full-speed USB device number 63 using dummy_hcd [ 884.788319][T10149] loop2: detected capacity change from 0 to 32768 [ 884.801279][T10149] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 11 [ 884.833297][ T5820] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64 [ 884.852975][ T5820] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid maxpacket 42769, setting to 64 [ 884.875077][ T5820] usb 2-1: config 0 interface 0 has no altsetting 0 [ 884.884476][ T5820] usb 2-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 884.902619][ T5820] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 884.910838][ T5820] usb 2-1: Product: syz [ 884.923259][ T5820] usb 2-1: Manufacturer: syz [ 884.928570][ T5820] usb 2-1: SerialNumber: syz [ 884.944616][ T5820] usb 2-1: config 0 descriptor?? [ 884.979911][ T5820] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 found [ 884.984651][ T5776] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 11 [ 885.184331][ T5820] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 now disconnected [ 885.239162][ T5820] snd_usb_toneport: probe of 2-1:0.0 failed with error -22 [ 885.461841][ T5820] usb 2-1: USB disconnect, device number 63 [ 885.495233][ T5802] usb 3-1: new full-speed USB device number 72 using dummy_hcd [ 885.511647][ T27] audit: type=1326 audit(2000000112.339:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10187 comm="syz.3.12313" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f423a39c629 code=0x0 [ 885.684289][T10166] loop0: detected capacity change from 0 to 32768 [ 885.705470][T10166] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.12309 (10166) [ 885.730349][ T5802] usb 3-1: config 3 has an invalid interface number: 106 but max is 0 [ 885.739948][ T5802] usb 3-1: config 3 has no interface number 0 [ 885.746821][ T5802] usb 3-1: config 3 interface 106 altsetting 243 endpoint 0xD has invalid wMaxPacketSize 0 [ 885.760691][T10166] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 885.789505][ T5802] usb 3-1: config 3 interface 106 altsetting 243 endpoint 0xE has invalid maxpacket 1024, setting to 1023 [ 885.802754][T10166] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 885.820560][T10166] BTRFS info (device loop0): using free space tree [ 885.829096][ T5802] usb 3-1: config 3 interface 106 has no altsetting 0 [ 885.864672][ T5802] usb 3-1: New USB device found, idVendor=fff0, idProduct=fff0, bcdDevice=b7.6a [ 885.875140][ T5802] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 885.883608][ T5802] usb 3-1: Product: syz [ 885.888970][ T5802] usb 3-1: Manufacturer: syz [ 885.895169][ T5802] usb 3-1: SerialNumber: syz [ 885.902226][T10206] loop3: detected capacity change from 0 to 64 [ 885.966795][T10166] BTRFS info (device loop0): enabling ssd optimizations [ 885.991435][T10166] BTRFS info (device loop0): auto enabling async discard [ 886.149827][ T5802] usbtest 3-1:3.106: usb test device [ 886.165023][ T5802] usbtest 3-1:3.106: full-speed {control in/out bulk-out iso-out} tests (+alt) [ 886.206344][ T5761] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 886.264870][T10229] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12318'. [ 886.421280][ T8] usb 3-1: USB disconnect, device number 72 [ 886.550879][T10251] loop0: detected capacity change from 0 to 512 [ 886.617349][T10251] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 886.679625][T10255] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12322'. [ 886.703453][ T5820] usb 4-1: new high-speed USB device number 60 using dummy_hcd [ 886.711182][T10255] netlink: 24 bytes leftover after parsing attributes in process `syz.1.12322'. [ 886.770384][T10251] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 886.805225][T10251] ext4 filesystem being mounted at /3045/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 886.913465][ T5761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 886.937098][ T5820] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 886.979535][ T5820] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 887.047409][ T5820] usb 4-1: config 0 descriptor?? [ 887.081618][ T5820] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 887.270913][T10277] loop0: detected capacity change from 0 to 256 [ 887.298192][T10277] exfat: Deprecated parameter 'namecase' [ 887.367201][T10277] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 887.477472][ T5820] gspca_stv06xx: I2C: Read error writing address: -71 [ 887.510809][ T5820] usb 4-1: USB disconnect, device number 60 [ 888.165450][T10330] SET target dimension over the limit! [ 888.181946][T10323] loop2: detected capacity change from 0 to 4096 [ 888.236537][T10323] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 888.345123][T10323] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 888.775418][T10361] SET target dimension over the limit! [ 888.787269][T10360] netlink: 'syz.2.12352': attribute type 64 has an invalid length. [ 888.808616][T10360] netlink: 20 bytes leftover after parsing attributes in process `syz.2.12352'. [ 888.846892][T10360] netlink: 'syz.2.12352': attribute type 64 has an invalid length. [ 888.896322][T10360] netlink: 20 bytes leftover after parsing attributes in process `syz.2.12352'. [ 889.065155][T10374] befs: (loop0): No write support. Marking filesystem read-only [ 889.083044][T10374] syz.0.12356: attempt to access beyond end of device [ 889.083044][T10374] loop0: rw=0, sector=0, nr_sectors = 2 limit=0 [ 889.129756][T10374] befs: (loop0): unable to read superblock [ 889.196436][T10380] loop3: detected capacity change from 0 to 512 [ 889.254033][T10380] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 889.290622][T10380] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 889.315643][T10380] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 889.326560][T10380] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 889.334643][T10380] System zones: 0-2, 18-18, 34-35 [ 889.374419][T10380] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 889.443704][T10393] loop2: detected capacity change from 0 to 64 [ 889.486906][ T5763] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 889.506014][T10393] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing [ 890.243223][T10427] loop2: detected capacity change from 0 to 512 [ 890.365604][T10427] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 890.463649][T10427] ext4 filesystem being mounted at /3046/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 890.600948][T10427] EXT4-fs error (device loop2): ext4_get_first_dir_block:3606: inode #12: comm syz.2.12371: directory missing '..' [ 890.656641][T10455] : renamed from veth0_to_bond (while UP) [ 890.726348][ T5760] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 891.176766][ T27] audit: type=1326 audit(2000000117.999:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10476 comm="syz.3.12386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 891.253649][ T27] audit: type=1326 audit(2000000117.999:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10476 comm="syz.3.12386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 891.335960][ T27] audit: type=1326 audit(2000000118.069:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10476 comm="syz.3.12386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 891.411067][ T27] audit: type=1326 audit(2000000118.069:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10476 comm="syz.3.12386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 891.474505][T10491] Sensor A: ================= START STATUS ================= [ 891.482411][T10494] netlink: 'syz.0.12391': attribute type 8 has an invalid length. [ 891.509180][ T27] audit: type=1326 audit(2000000118.069:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10476 comm="syz.3.12386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f423a39c629 code=0x7ffc0000 [ 891.510408][T10491] Sensor A: Test Pattern: 75% Colorbar [ 891.552096][T10494] bridge5: entered promiscuous mode [ 891.555047][T10491] Sensor A: Show Information: All [ 891.588219][T10491] Sensor A: Vertical Flip: true [ 891.598236][T10491] Sensor A: Horizontal Flip: false [ 891.635416][T10491] Sensor A: Brightness: 128 [ 891.653808][T10491] Sensor A: Contrast: 128 [ 891.675906][T10491] Sensor A: Hue: 0 [ 891.679849][T10491] Sensor A: Saturation: 128 [ 891.691712][T10491] Sensor A: ================== END STATUS ================== [ 891.975937][T10519] netlink: 'syz.0.12400': attribute type 2 has an invalid length. [ 892.187053][T10532] loop0: detected capacity change from 0 to 16 [ 892.238479][T10532] erofs: (device loop0): mounted with root inode @ nid 36. [ 892.289569][T10532] syz.0.12404: attempt to access beyond end of device [ 892.289569][T10532] loop0: rw=524288, sector=1342177272, nr_sectors = 32 limit=16 [ 892.322360][T10532] syz.0.12404: attempt to access beyond end of device [ 892.322360][T10532] loop0: rw=0, sector=1342177272, nr_sectors = 32 limit=16 [ 892.360817][T10543] xt_bpf: check failed: parse error [ 892.402010][ T27] audit: type=1800 audit(2000000119.219:581): pid=10532 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.12404" name="file1" dev="loop0" ino=86 res=0 errno=0 [ 892.612091][T10553] loop3: detected capacity change from 0 to 1024 [ 893.155238][T10583] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 893.254276][T10593] set match dimension is over the limit! [ 893.497602][T10602] loop2: detected capacity change from 0 to 1024 [ 893.669769][ T2945] hfsplus: b-tree write err: -5, ino 4 [ 893.758972][T10622] [U]  [ 893.762621][T10622] [U] K{ [ 893.779163][T10622] [U] t 1ŠFfˊ`GJgo/mC [ 893.799457][T10622] [U] tؖ/,~Ĝj}8'o1"7-JQKWq5c%"H12YX``+(!(z'tXlnIgjݭp~7!" (5Ob̓J [ 893.845039][T10622] [U] k\&}66XHX .`a$40|϶9ި U4Vbz}wMTQΦr 4 [ 893.865069][T10622] [U] ".h6"k[J4In[Z(C|T]z{3c=x4w)\TXJSH{q;칢t+gd.˂>ywUhfNhl]S2\g%O&z)'pul_< ذ`ұT;_"(u{7j2X /'cIHcճV=Ai%wEs RjgrhIa6-DV i"n Asc~48c*OO5/J~wvK+3Y)Mvyq潀DTrOtpem%fejA5T_-X~^aaۂq [ 893.935121][T10622] [U] +wG?]'a: )' B>tf/<'U'hi.+]e.-ɿ%>2`^U8F.63+A«g3p6:^0tv'EtYCnrϩnPj ;Z8!\Aʖ2$­wi.#/Bai`4jdy@zgW5˿B ٜNy"vI2 [ 894.006904][T10633] mac80211_hwsim hwsim8 wlan0: left promiscuous mode [ 894.015627][T10622] [U] T_K5tYJ9c$brLNul 9w|G"ʃ%C؝q 3qN^HP*$ .7yӱ2 [ 894.037582][T10622] [U] ? h*37鍾^#Q"0~ (oX Lb,'v=CSGS0ւ`ه=1(p#2DO*Ƀ [ 894.051555][T10633] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode [ 894.063688][T10622] [U] sgGud-{|&2Lc_!`oz֥B%>rwSsH"yA4O.Y䏄RTԶB[+/<>{q_՝LX8U{Z)7?rR;crhײڣ1>)Măt(aϝ}9ڥJ*Mќġ'Lq DW=|q ÆW;5Ž!dBx`/E`ƦMX"\ [ 894.246016][T10640] netlink: 10 bytes leftover after parsing attributes in process `syz.2.12437'. [ 894.335096][T10622] [U] {; ٘_o2)o.2W2yx_ HPϱSD:]{ [ 894.362472][T10622] [U] I,> 51^1N4oǶ'0?֒i9w._.WaV`)Zc6GiӹaXL[F*OW)+'\n[K@2Ǭp"^` [ 894.417734][T10622] [U] 22Ʃx?0;3u [ 894.455160][T10622] [U] ޜsObx8W4(~/KUԖoQe+G-ygY_>v3.hә]̈́2)D, D~d+w; A\FPȘ|$)KؐIɿkYT^R癵A=#ܜ aet1ݯ4K.e"RS|s:>p r"z#P!KY"}FN84hޱosߙ̫%Dlwm [ 894.488711][T10648] loop2: detected capacity change from 0 to 64 [ 894.519304][T10648] [ 894.521691][T10648] ====================================================== [ 894.528719][T10648] WARNING: possible circular locking dependency detected [ 894.535743][T10648] syzkaller #0 Not tainted [ 894.540161][T10648] ------------------------------------------------------ [ 894.547188][T10648] syz.2.12440/10648 is trying to acquire lock: [ 894.553333][T10648] ffff88805cb620b0 (&tree->tree_lock#2/1){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0 [ 894.562842][T10648] [ 894.562842][T10648] but task is already holding lock: [ 894.570199][T10648] ffff88802f9f6278 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xff/0x1380 [ 894.580987][T10648] [ 894.580987][T10648] which lock already depends on the new lock. [ 894.580987][T10648] [ 894.591473][T10648] [ 894.591473][T10648] the existing dependency chain (in reverse order) is: [ 894.600480][T10648] [ 894.600480][T10648] -> #1 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}: [ 894.609865][T10648] __mutex_lock+0x136/0xcc0 [ 894.614914][T10648] hfs_extend_file+0xff/0x1380 [ 894.620265][T10648] hfs_bmap_reserve+0x107/0x430 [ 894.625646][T10648] __hfs_ext_write_extent+0x1fa/0x470 [ 894.631535][T10648] hfs_ext_write_extent+0x17f/0x210 [ 894.637336][T10648] hfs_write_inode+0xdc/0x880 [ 894.642553][T10648] __writeback_single_inode+0x705/0xec0 [ 894.648639][T10648] writeback_sb_inodes+0x7cd/0xf50 [ 894.654281][T10648] wb_writeback+0x46a/0xbf0 [ 894.659314][T10648] wb_workfn+0x400/0xe60 [ 894.664214][T10648] process_scheduled_works+0xa5d/0x15d0 [ 894.670297][T10648] worker_thread+0xa55/0xfc0 [ 894.675430][T10648] kthread+0x2fa/0x390 [ 894.680022][T10648] ret_from_fork+0x48/0x80 [ 894.684965][T10648] ret_from_fork_asm+0x11/0x20 [ 894.690270][T10648] [ 894.690270][T10648] -> #0 (&tree->tree_lock#2/1){+.+.}-{3:3}: [ 894.698554][T10648] __lock_acquire+0x2df1/0x7d40 [ 894.704191][T10648] lock_acquire+0x19e/0x420 [ 894.709242][T10648] __mutex_lock+0x136/0xcc0 [ 894.714290][T10648] hfs_find_init+0x17e/0x1f0 [ 894.719408][T10648] hfs_extend_file+0x361/0x1380 [ 894.724853][T10648] hfs_bmap_reserve+0x107/0x430 [ 894.730324][T10648] hfs_cat_create+0x1fe/0x6b0 [ 894.735534][T10648] hfs_mkdir+0x6c/0xe0 [ 894.740172][T10648] vfs_mkdir+0x296/0x440 [ 894.744941][T10648] do_mkdirat+0x1dc/0x450 [ 894.749798][T10648] __x64_sys_mkdirat+0x89/0xa0 [ 894.755074][T10648] do_syscall_64+0x55/0xa0 [ 894.760061][T10648] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 894.766499][T10648] [ 894.766499][T10648] other info that might help us debug this: [ 894.766499][T10648] [ 894.776735][T10648] Possible unsafe locking scenario: [ 894.776735][T10648] [ 894.784184][T10648] CPU0 CPU1 [ 894.789541][T10648] ---- ---- [ 894.794891][T10648] lock(&HFS_I(tree->inode)->extents_lock); [ 894.800864][T10648] lock(&tree->tree_lock#2/1); [ 894.808243][T10648] lock(&HFS_I(tree->inode)->extents_lock); [ 894.816757][T10648] lock(&tree->tree_lock#2/1); [ 894.821618][T10648] [ 894.821618][T10648] *** DEADLOCK *** [ 894.821618][T10648] [ 894.829761][T10648] 4 locks held by syz.2.12440/10648: [ 894.835057][T10648] #0: ffff888024d3e418 (sb_writers#23){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 894.844305][T10648] #1: ffff88802f9f6ab8 (&type->i_mutex_dir_key#14/1){+.+.}-{3:3}, at: filename_create+0x20c/0x480 [ 894.855007][T10648] #2: ffff88807f6fe0b0 (&tree->tree_lock#2){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0 [ 894.864776][T10648] #3: ffff88802f9f6278 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xff/0x1380 [ 894.876019][T10648] [ 894.876019][T10648] stack backtrace: [ 894.881990][T10648] CPU: 1 PID: 10648 Comm: syz.2.12440 Not tainted syzkaller #0 [ 894.889553][T10648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 894.899641][T10648] Call Trace: [ 894.902919][T10648] [ 894.905926][T10648] dump_stack_lvl+0x18c/0x250 [ 894.910606][T10648] ? load_image+0x400/0x400 [ 894.915101][T10648] ? show_regs_print_info+0x20/0x20 [ 894.920300][T10648] ? print_circular_bug+0x12b/0x1a0 [ 894.925495][T10648] check_noncircular+0x2fc/0x400 [ 894.930447][T10648] ? look_up_lock_class+0x75/0x140 [ 894.935579][T10648] ? print_deadlock_bug+0x5d0/0x5d0 [ 894.940786][T10648] ? lockdep_lock+0xf5/0x230 [ 894.945391][T10648] ? _find_first_zero_bit+0xd3/0x100 [ 894.950684][T10648] __lock_acquire+0x2df1/0x7d40 [ 894.955542][T10648] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 894.961429][T10648] ? verify_lock_unused+0x140/0x140 [ 894.966630][T10648] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 894.972538][T10648] ? _raw_spin_unlock+0x40/0x40 [ 894.977412][T10648] ? stack_trace_save+0xaa/0x100 [ 894.982460][T10648] ? stack_trace_snprint+0xf0/0xf0 [ 894.987584][T10648] lock_acquire+0x19e/0x420 [ 894.992087][T10648] ? hfs_find_init+0x17e/0x1f0 [ 894.996888][T10648] ? hfs_extend_file+0x361/0x1380 [ 895.001907][T10648] ? hfs_bmap_reserve+0x107/0x430 [ 895.006929][T10648] ? do_syscall_64+0x55/0xa0 [ 895.011519][T10648] ? __might_sleep+0xe0/0xe0 [ 895.016105][T10648] ? read_lock_is_recursive+0x20/0x20 [ 895.021473][T10648] __mutex_lock+0x136/0xcc0 [ 895.025976][T10648] ? hfs_find_init+0x17e/0x1f0 [ 895.030828][T10648] ? hfs_find_init+0x17e/0x1f0 [ 895.035589][T10648] ? mutex_lock_nested+0x20/0x20 [ 895.040570][T10648] ? __kmem_cache_alloc_node+0x13a/0x250 [ 895.046222][T10648] ? hfs_find_init+0xa7/0x1f0 [ 895.050916][T10648] ? hfs_find_init+0xa7/0x1f0 [ 895.055597][T10648] ? __kmalloc+0xe2/0x230 [ 895.059927][T10648] hfs_find_init+0x17e/0x1f0 [ 895.064538][T10648] hfs_extend_file+0x361/0x1380 [ 895.069418][T10648] ? hfs_get_block+0xc50/0xc50 [ 895.074205][T10648] ? rcu_is_watching+0x15/0xb0 [ 895.078995][T10648] ? trace_contention_end+0x39/0xe0 [ 895.084213][T10648] ? __mutex_lock+0x315/0xcc0 [ 895.088932][T10648] ? mutex_lock_nested+0x20/0x20 [ 895.093904][T10648] hfs_bmap_reserve+0x107/0x430 [ 895.098961][T10648] hfs_cat_create+0x1fe/0x6b0 [ 895.103645][T10648] ? hfs_cat_build_key+0x170/0x170 [ 895.108777][T10648] ? _raw_spin_unlock+0x28/0x40 [ 895.113670][T10648] ? hfs_new_inode+0x92d/0xc00 [ 895.118454][T10648] hfs_mkdir+0x6c/0xe0 [ 895.122559][T10648] vfs_mkdir+0x296/0x440 [ 895.126814][T10648] do_mkdirat+0x1dc/0x450 [ 895.131138][T10648] ? vfs_mkdir+0x440/0x440 [ 895.135549][T10648] __x64_sys_mkdirat+0x89/0xa0 [ 895.140326][T10648] do_syscall_64+0x55/0xa0 [ 895.144811][T10648] ? clear_bhb_loop+0x40/0x90 [ 895.149522][T10648] ? clear_bhb_loop+0x40/0x90 [ 895.154204][T10648] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 895.160093][T10648] RIP: 0033:0x7f2d5e19b507 [ 895.164499][T10648] Code: 00 66 90 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 db f7 ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 895.184111][T10648] RSP: 002b:00007f2d5efdee58 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 895.192519][T10648] RAX: ffffffffffffffda RBX: 00007f2d5efdeee0 RCX: 00007f2d5e19b507 [ 895.200503][T10648] RDX: 00000000000001ff RSI: 0000200000000300 RDI: 00000000ffffff9c [ 895.208485][T10648] RBP: 0000000000000000 R08: 0000200000000300 R09: 0000000000000000 [ 895.216463][T10648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000300 [ 895.224450][T10648] R13: 00007f2d5efdeea0 R14: 0000000000000000 R15: 0000000000000000 [ 895.232541][T10648] [ 895.245510][T10622] [U] [['xn' ,mr/1D=!Dx91BwRlfKZ#` l؛˜b~m [ 895.287829][T10648] hfs: request for non-existent node 327680 in B*Tree [ 895.295200][T10622] [U] L>d+d"5h3<iR=F^fnvDOIO:U>Y [ 895.295571][T10648] hfs: request for non-existent node 327680 in B*Tree [ 895.330590][T10622] [U] 'B6v20瞥׌"t8{9FW]쩍 [ 895.337075][T10622] [U] 72uC6τI]8ctۨQSkYI |V'TV/g$[ 9kh`"}[^=0]%̂TF_v4C [ 895.350527][T10622] [U] ec [ 895.353685][T10622] [U] |<:^3$7nK~-@?/mtl۾Iw@g~t{P+$jp| IRipm Y 8tV,l, [ 895.366784][T10622] [U] K)0~ʪiP'fzr @B]5{ʼ'8ƥFUTqUdǩK;70c[yYCذmL8T͚5rxW xoQhVi'8L