last executing test programs: 2m45.568028104s ago: executing program 2 (id=7481): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r0, 0x1, 0xf, &(0x7f0000000040), 0x4) 2m45.330073458s ago: executing program 2 (id=7486): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c0000000800124000000000050005000a000000050004000000000010000300686173683a6970"], 0x5c}, 0x1, 0x0, 0x0, 0x80}, 0x0) 2m45.074252563s ago: executing program 2 (id=7492): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x41}, @call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x3100, 0x0, &(0x7f0000000140), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 2m44.77435116s ago: executing program 2 (id=7496): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) getsockopt$bt_BT_POWER(r0, 0x112, 0x4, 0x0, &(0x7f0000000000)) 2m44.42675781s ago: executing program 2 (id=7502): syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="005901e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRESDEC, @ANYRESHEX, @ANYRESOCT, @ANYRES16, @ANYRES8, @ANYBLOB="eae535d4c5cd41b584d3bdb8d3fb3e37666220165c8aec9c235bc9af137d4058a50551a5b228bbbcf6cd1275ef3732adfeaebdf711988cbe9d1da671f8bbaac371392e227f548006163fc9aaf3d55e97410ccacb7df3444c03ac4170da3fbc69ae1c8a590318a7a33a774debbcc54bb6d6025bc65458b94791d5a8bcd898b75cce569e2c6fd55928c5084aab22c8196fb436916cff76302fd8c4b69ca674271f5db630ffad103ad9286287759d0d5470d0b54f701a713e8803665b87799065f31bb0cff21d9c109c1fbfffb640facdacd569f158f694c34ffb4c405b186aa90e8be7b47c56e6e439ae953605d89c131c711ff56f0adb96e5ee0d269b4cfc9d089794f60bdd06e845b5ffdccfefee032ecfd92f6cba5920130f685e807f88de4a2e595ea37f39a92dcbaeb2de15dab62a5a199d4666578eb1707e88ebb0b98140fdb62d60005fd6721f18a2054b2ba2ed308813164f8dbc7e1d26a11a707adc6978a25cca2fca5d62e51794447f656b92f8372ebf98934a0bc057b901080da81ef02ccfa18a29c9b82c90fd38eb554b83428948f3608cd8fd5845bed25a0d96b146f09bd4cce20efc1ecc7bf64bd88e7a460b372a298cb776eb1d78cc334da71dc6056b2d1119cdad3af9092a42c184e9d487076399f0be65a442fdc06901089e6b5178ecb57aa4b98ff1f538696e8510551dbb5cbd36b125efa2a3e719f22b96eeec80a178dae9c894a7dd170419c33817baedfc132cde868a1c55192b9c8a332772fc40fed9f6fee1aea0e2001752caeb58afb55ea7c421cd0eb5e6ea301f8e2f6b68484849f5d3e7bd1b4aa865d2cd049dfc773bb4281f5f8dd2a3f1563c8cd3655dd9e391424151dadf7415afb242cb99b9b9541b6780beafc6a8c2c0bd109749dde1e8535040d8d2cda8393abaa6cdae24e13917e867d6d301f6f39619bcbd70acc747e093ef3c22f0b1a8b8a4d8bd11bc19c7102e11a8603d563507423c96d1653a42d02ff1ee390934927f037d2022cbbf86cb605e82e2b6e2c2fa1d523f72b47738f318836defed1f898271bdd4fcbe7863e5aa7c7e468d9bad908de3c6851c696df710da87771840f46e63fc4c3d5d9b13b663ed2fef2e56a8690cdee9e6ac0a9824c9fe458ad29614f9485f9c18caf2d5c229f24a220ab84daa26ddb2a0d4059b43e073b703148d82fe4d91ae24db7224df2ee4e10d596846466d6a62faa9da7d24f9dd1e3b5cc291f4840b6603d1173204a452a9b05a5efcf4f9e09c2a3c38f2fd49322e718ddc8278ea182a359043387705c0be61be7e62ba7bb85dfa0f24400f89087f78d84d2296844944d186fb55045eb016dd3d602c85211d7b19dbebe3247313283da5bcbba09a3a74c590fdce8cdbef49a73b11413a9df4aaefc356e94f838cef801ba2380d7e5fdc8865140311f071c82bc1482c2033b8ad70d08a5a71e1c949f93cd8743b0bd4eefdaf45f5246efcf800444c8e9b8c2a01b76b6eb4e0639ee7381971172c53e165f14946fb56896e40424a3b981d97b4b01504806d797bb9e3405a7326d2ba7bfa6efc923c4c68d0165aea2d80ae953c7e2ec6534d0da7c28bbe255d81097e84254ff7bd065caa84fa7455885e1b28ab7d6243d0f02903860049935a764ebfe5384bdf9ae0b71f1641e457780da2071a84937dd88d2e4aec7ddaab66e335887f555a724ad9692ee996521ccaa35e2358aea1ab6a8c9845af8af552520fdec7ecb635d230074aa532c3efe6677c79b1328451a779501eccb4c11750744cfce16ba2ced0fc6dd2b75a5ff1770f3851c93bcf8850adf496012d94b8dd6a00d1f9f0c96989979b89838a29875072e0b678a2a55338f21625165c350134d7cb9119ac4dcc77f13a153fe6819d1bdc6b357e93531a68813913daf65d2e62d4bd09da6bb16e8d686518f6faff70dc0804b4b6810117d8698a4d27f0482f9adf9be3aae179dbcad90ab1fbd6b1ba15cdc78ee7686bd15a8fe1cf5af00fcc0a6981a77ac5c3485518921a1b4ea90b02e0059c2c71850d517bddc12bd61a5571da765a34b53e5f06a2b8bb122bf9d642f1ad50a0eb7afe34ef6fd2474d25f314adbf276a895b80b8de6e31eaee5fe4544f4709bf6416f26ec52d517dd3a350cb68df6791dc671495e0f056de8b158095b32ec8b43f65b1f3110cf7da37d2383e99a5bd9a0e0d5684a5b15246170bd11909ef22ee740aa5556dbc0f9dacc8ce440c137bf0ec673651067ef1146004701376116986c49b10226141bea12f679c3f53eaea945b1bb92e6c922a85a2221f768ff4f1c188dc82f9e8d947e140f43c4950430f88a47fb15dcd8ef8491ff08d7b287b280eab99e44a7fba6d4fe20fcb2c2cfa1a6f4d59b51755e66a3d9a325a08a286185c2bdac8c8c2910ed3ff8e047f28b2bf1827e0829f8ec8459241300583f1880c96b2e405b253af5f7e9ee91e34c3fa2cd5c53a71bc3b4b1a5741c17a7b73c8e7d3e8ec9e51a90772b8eb38f23fcb9e07eff8b0f68d4f7d4d68bfb8fbc8d90be681166fe5ed220e3a425c65c0e678e8b7470a99d7fccc7a3be07189ee02e1f8c81549b0b8c0113ef602d10d5d2429e8b60fa5aaddd55cb86141609bae35c185c5ad743d0fb0a1244ba6d67755e46073f3d428926c0d9033f8180120deab78a4b42664e36b6723039457195bff897760ede28bf2661a95715dd20bc744ae2a06bcb12ef8b7a373f3a5557f20256446ba95d45b7810d68494f954d1802aa8986279adc368c2365168c0619bc8952ec6ac60840d9968302edb8809d36f6b0c83dc6941193fb8eb2adcef36db70cbe51fd533ee108eaedebc05ab363058feecfb51e294419695019d0ba50a660ecbe3fd1b43ac973141b7e4c423c062f63ad24468ca79740502716b10a823821429d53f34409cc0757587a5de21663c33a8b194c988a3c209cec76b9fc18805649d9cc109635271c968972f4328e561b562ad6c32a71b269718a303ae3635e5b06717152817a11589d3efa0f803d7bb560c08132827333ada867d1a870e2feb3a5e7851363fc333bb681018764aab63eb740978994f62ec3147d4d6a40e099ada0c50c1a5f6a8196549be226508055aef349c76af40596f6c9b7217423628bb6dc07d9382f6d4c87c962ec97bee6384ba3e2522b76ee8619093500a75bcc8fd0fb9bb5093650ec0ca9c867a22260e2668ecf46047e3df87f5d82d992a558e45fb852be616c030edf6aeeae70848403dc1166e6a16776e8660f90449f297224f667563850480f259f6a59039b1a3ea5488971b5e4bcbf380c527c937055dbf4f5a676bacc09f4dde33c50a1286f6024980df1064a9dc4b3f101b129fa1fc141e54f52d4b7322a0cb1c2567205016f5ede0794122fcaa2d11fa77f5fddb3a5f3c7b3d85f0cb6f32cd11d752f755687fb8d93d40711a4c8873ec7c794f0f781bb9c10f9df22fa8f40cca06a48c37e66ea4480fcdd686526be62915ebe36e0bdf7dafd3940f698469ecdc792ca6105a37499a19382247a85bb734e4ba325dd307be8444b5860f99f9dbc7aa28c26747c89041bde3c10c459406786e10792078a52f4bcc32aff61b3f5798cb5dc2927f260f70a41d8e5fc38498b02d0053a86ae408d2efdc1aca9a8508ef9128dfd1fc6a92ba72f940ee469a3111e2cf6c28e77e5a206db6f09139db812fa4e4cfe33c8d184e4763bd8e54e0e473346215b8905d101463dd2ca855747c81c7ffd6c2625e0b59273a9516ec96a5cd8d9078c974980a16b6b87563986ba287821cd41f417792e42dd24e796e313b9cd943f1b9dd6ee35676ff4ad46dbd52db83abbc78f5dad11b6e7bd09a4ace8c246d0a52c36dcb1f0c6025f6ed2868f4b918b6e4e645c63689b7e7bc369dbe44725993b3b43f4572a7136b6e610adc161f45fc307c0937f2338ebc4fd571852b229b80ccd071e1a29c927f88b8b45efa503691758125d29463e742e2ef508babf30ae39ff8bb3a94cfee379f84348c002fdef77b410bee9f47f8119388b3fc159b409b9d9c9af97a4b75c38ca5fc0665cd975df293370de64714cefdd470c1d05a5d3e0f257182889d7a2d797ebf42d6935d1c6b5ef8cd1e2783cef3a316dbd4768510f26ee5b1c481bcac3e1608458d4b5ec6411cb3c921a131140440561931ca51b92231de91d1f950d992eec74c6500a6ecc9e8bc26eec367dba82720accd6dee234db88c132ec649baeef23a16ebb18c8e5b68b95aac984d8322a01b39636baf16911e458242730ea8b22c686bd01bc451e91c34f81fafe88485bbe97ec99299940ca897c3f802d080ecf8ca7e5032c728b8b33f162ab26a6805db239b88103c19ff8160a28268f8f7ac66593c67251fb0f3fa3004d5ad08107f48e0ecc1e4e910554f49ca72e3fd7e212d828fc3c0c40203e4642a3a372f36cfd13a037fd4dd107d6b386659b379c4c41813c8599cb71fd08e4b80f22dbb088d3d0257f30493b1c4d54201a00e049d998d291ecb659e65e2eed9776b367afc9b84b03957701bcbef289b0eea8e5722a63e1bd748d5af209c5ebff7df185d0d68e7ceabbf9a63bba55946cd3b52a09383fd9b9d2d956dc4e5af16986c5600dfd0db89e0e478420557d001c3716350c3e6ba0bbec1e5888435d296d8666f455d22205ea407a95eb60bc68a184e95ae3259f3783c594d3e550c018369df677ea11a37c757a3bd3c19eb257f5e228ad760562e431754a0c620004548962c3a4fb42d49259dafc1b9d365323fa2ace81876728a24f70b06e1198d5f863bfd00a04d5393b3adb15f4191d374c607c7ccb6b7ef84303454b6655392a23dccca41f55cb314a3bfbb637f57178cc9df4fe0645a8dc1ca0386d1fb0ff2cfc3e149991f97264d893fba0b013c027ce753c3e1f907a2988b1507eecd0e5e26368155ff5c55f616ffec31a613be450ee048955a46d68c272aa53f1db6ce199e2765f4be20933799d96f13b3a65f33cb60da1929023ff5d820172c423f83210a992264a37854033cd43c88129fabb5146367d2b748d84be96dc3a4ad95279ec7ed78dcb57056597a9f46a948708b0e9915b22f28216d94554db2082f4b9782a5802bf6700ef9017168a68304b6573f46c78a0a3be302e096b4f5b87313a2ef9a2b5f51956d9e315b08ee89a59aeec225227f3ece808c451e1103df7887f944138af1b93235bc93121fb84591d065d5f245c035c238a1c30d510be5db14725148919e8d57f1e3a36ead8be870e2505e3c9935c4461741c4a8dc4dff7e0e042167a7228bf218c9d8dd9c0be9e5ff4a79968d8f34cfc3206e0ade5889e9c5e44c918ed3755063d4148e7f1da9d2ce7aa45b9fc873f85cb92160b8a4d5b219884d0c43cc1194259ec4a6127887470d2fabbc1983b1bcc51e931f131d1238333c09740b43802fc5b1c01a942c5d08693b81e59429cb7d49f454f517cddc160d563a243182083008f2481e35312b4b35a2688468f18f4733f4b40d2f298c0b88ec2ad51e2efa509905233e3bbb9e172a1e697ab379f500c8c791aa97623bc8faa7f0468e02e6bc6f9bc40c75b4c01b92731fc371ad7c90928bead62a74580bb2d0aa1d8972fa857766ebe8aa00cd9eae79a591ea3e87a5ce636dc865b992c98a6fafe478973665936ad477558dac400fe179e86e6fef41aa074d0812f0c14f3992edb76358d02a2b763512ca9abc0940dd711670deb4d9abf196de9106efa5e1c14a673de86193908206ab9f72afd6ef1b05355f06ad0b9bc83750bb196654566b56e13e6e820d12bc34920b45c3"], 0xfd, 0x200, &(0x7f00000002c0)="$eJzskr9rFEEUx7+zO3fuaUIOORBFEDVoLJLbbDT+KBRsDCoIohADgsfdJS5u/JE90DsOXKsUNoIiJIiFIElhIf4DLqiN2CgEuxBJnSKFjSSsvNm3mwnY28ynuO/NvLfvve/M3A4fhDsAbK5360AZhEQF338JSAAHhNpCw07VYb3MWuT4BSvVmPUP6+bJzvgEIPxDy6NWvKdxUJTRU/n9dQV19N3E6deX3v24WnixtHvt7UfKv3i9/QHiaKPvzav3z87P9ary4saEXseO9887VAjA843x5RW5165ktfxoiVoXkPFyEsKddwAMfR6cO+v2PrW4Ztju3KkFQXMmPPfEwppq9XO9W6c/twAkBPsbA6DnkP1FzqG9fRK4BsBGkudIbFFtTd+vhu3OoD9dm2pONe963sioe9x1T3jVST9ouvQLcDf1OZ8gSI8BoGsq0QhCxXdRbINzdmI7VIfmivK496XE45fQrRe1qxs4jHRb65fZylQgZluOmgPKKlk+Ajrah5HQdvtVFQllbAwCNi+GpTZf2stRgaFP94LGLMgbf7YAmdcYXkUhX3j6YuRU5hCzrP3YujFigXWVNXvR2UuVqoLF73kgAop4VGu1kiR5jMUeXPmWRmhvxivm/8qRfmDUtWxvN3fG/setGAwGg8FgMBgMBsN/4m8AAAD//4Hjlpw=") open(&(0x7f0000000140)='./file2\x00', 0x0, 0x0) 2m43.184832403s ago: executing program 2 (id=7519): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000100)=@multiplanar_mmap={0x100, 0x8, 0x4, 0x0, 0x4, {0x0, 0xea60}, {0x1, 0x1, 0x0, 0x8, 0x8, 0x2, "15a151dd"}, 0x0, 0x1, {0x0}, 0x3}) 2m26.836937835s ago: executing program 32 (id=7519): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000100)=@multiplanar_mmap={0x100, 0x8, 0x4, 0x0, 0x4, {0x0, 0xea60}, {0x1, 0x1, 0x0, 0x8, 0x8, 0x2, "15a151dd"}, 0x0, 0x1, {0x0}, 0x3}) 2.244842399s ago: executing program 0 (id=9787): syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000040)='./file0\x00', 0x8000, &(0x7f0000000a80)={[{@fat=@codepage={'codepage', 0x3d, '850'}}, {@shortname_winnt}, {@shortname_mixed}, {@shortname_lower}, {@shortname_lower}, {@shortname_mixed}, {@iocharset={'iocharset', 0x3d, 'macromanian'}}, {@fat=@debug}, {@shortname_lower}, {@shortname_mixed}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'cp866'}}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'macgaelic'}}, {@utf8no}]}, 0x2a, 0x368, &(0x7f0000000b80)="$eJzs3T1sW1UUAODj2rHTSCEekCqYDBsSqpogBmBJVBWpIgMUWfwtWDTlJzaVYmEpGeJmATGCWJBADGwdYGDojBgQYmNgpUiogFjoFqkVD9nv+d+mQSUpVb9vqI7Ovcf3+L1XO3myb15djc3zc3Hh+vVrMT+fi8Lq6dXYz0U5jkU+UpdiisK0JABwN9hPkvgzSd169ocLvah4yH0BAIen+/7/+uIgUbqT3QAAR+GAv/8/OzV78dDaAgAO0X503v+35vqJh0eGx27zF/qfCQAA7l7Pv/TyM2vrEecqlfmIxnutaqsaTw7G1y7Em1GPjTgVS7EYkd4oSO8WdP59+uz6mVOVjl/LUe1UtKoRjXarmv6ksJbv1pdiOZainNUnvfrId+qXu/WViLjU7q4fjVyrOhcL2fo/LcRGrMRS3D9en0ScXT+zUskeoNro1bcj9mK+20E5uv2fjKX44bW4GPU4H921+/3vLlcqp5P1kfrW5VJ33iyf+fwjAAAAAAAAAAAAAAAAAAAAAAC34WSlr9zf/yZptFvvnhufUB7ZH6eaDmf7A+119we6mZR6u/O8nx/fH2h0f55WtRDH7ugzBwAAAAAAAAAAAAAAAAAAgP+P5nYxavX6xlZze2dzOGgPZd7+7otvjsf4nLfyg0wU0ocbmZPlYqgqH/3ypF+e5EfmZEE+YjD58pV+x8NzSv1nsdPbTGD4cUrp0FAml/VUq9cXH/rlk4lFt3c2/xpk8jFxWEaD3OSijfvS1D9UzQ5WbjHnapIks8p3P56silxEYeLE3U5QzIJvr73xwGPNE493h77ONn145NGlF65+9Pnvm7V6ZIemXi9uNW8mB1uiPdJqpKdgcG3ksuOcm3IlTA/2Bpm9reZ2Lf/jHy8++MH3Y5PzMa28c/EMMu/MXuvL8UwxDTptHuSozk25+KcET31Ve+VG/+r992fwxKertSu7P/82Y07MZyeslxl6kUj/bxX/0xceAAAAAAAAAAAAAAAAAABgwtDXrQ8k/e71E88dblcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLQGf/9/KNibyBwkuNGOyaHSxlZz5uLHj/SpAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwD/s7AAD//0ToZuw=") open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0) 1.558811779s ago: executing program 4 (id=9785): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x18, 0x29, 0x9, 0x70bd27, 0x0, {0x4}, [@typed={0x4, 0x18, 0x0, 0x0, @binary}]}, 0x18}, 0x1, 0x0, 0x0, 0x4042806}, 0x84) 1.424436547s ago: executing program 1 (id=9798): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8, 0x1, 0x1, 0x0, 0x1000000}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}], {0x14, 0x10}}, 0x88}}, 0x0) 1.359209311s ago: executing program 5 (id=9788): syz_mount_image$minix(&(0x7f0000002580), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f00000025c0)=ANY=[], 0x6, 0x236, &(0x7f0000000800)="$eJzs3D1PU1Ecx/HffWgpKGBEHYwmRCO6SH2YHIy6MfEGmAhUJV4jig4QE2FRBxMmNxcnExMHR2NwM06+AAcTNw2RoYmTA9fcch9oT2l7yaW15ftZOPf8zuE+pKf9l0srAPvWdY3KkqV8sHGicGh1xOr0IQFoEz/8uen6CTsKAfS224OdPgIAnbFxQ3p1RvpdfjwjJx+VBUEF8H1d0trYMy0rzO0+SW++Sm5cP2ysSMfdMLcK6q+tL15LZ6P51oBRfwTzB+L8wLakP87PnY72f1CDGtJwLkgOayTMZ+P5x5rWO26q6ggAgN5kabxZ3nCArZtzXunCjnmukl+UlJdTJ89X8ks7zt/KL8fbfXFr6uXko4/+1c0gH5+55802PA8AJnsX6//byaTtNFn/brz+q9W+TwDQfguLS3emPc9/IlUapQdhT9iI/iKQ9DjGmEwa0T2HFgZHdyiNKPgd23occ/rqmHnu2Z2FnRzYsKS9uVD/cUN1oh8TW9ck7rH34spXNU79+vt0/sX7D60MfpdyF3b8qJtaK5VrxsiWoh5l/wAYNVbBtFdobbq17Pspd1r36SL554BCxk9EANqu+PDufHFhcen8XPDu/FYpF73gT/xcr1T2xcb1PYDulbzo10tXjB6/enPy85c/5Stvn+9iz9ckfTJvCAIAAAAAAAAAAAAAgNSO6Gi6CXw9EAAAANC1zE//3B/K+iNZnT5HAAAAAAAAAAAAAAAAAAB6zb8AAAD//zR7B8g=") truncate(&(0x7f0000000080)='./file2\x00', 0x2328) 1.295945954s ago: executing program 0 (id=9789): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002280), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file0\x00', 0x0, &(0x7f00000031c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0) 1.232901118s ago: executing program 3 (id=9790): r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r0, 0x10d, 0x9c, &(0x7f0000000200), &(0x7f0000000040)=0x4) 1.232784458s ago: executing program 4 (id=9791): r0 = io_uring_setup(0x1ddd, &(0x7f0000000440)={0x0, 0x40000000, 0x0, 0x1, 0x8}) io_uring_register$IORING_UNREGISTER_PBUF_RING(r0, 0x17, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x300}, 0x1) 1.172274501s ago: executing program 1 (id=9792): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000b00)="d8000000180081064e81f782db44b904021d080400007c09e8fe55a10a0015c0050014260360ab1208000f0000000401a80016001100014003000300036010faccfdeb1d40696d936980b925b35381df6486338260de280e900094007134cf6ee08000a0e408e858ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40d", 0xd8}], 0x1}, 0x0) 1.014727111s ago: executing program 5 (id=9793): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) msgsnd(0x0, 0xfffffffffffffffe, 0x0, 0x0) 1.008607331s ago: executing program 3 (id=9794): r0 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f0000000580)={0x0, 0x2000, 0x80, 0x3231564e, 0x3, [0x2], [0x2161, 0xfffffffc], [0x0, 0x0, 0x9], [0x4fdd, 0x2000000000]}) 957.660764ms ago: executing program 0 (id=9796): openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x28042, 0x0) syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x1008000, &(0x7f0000000300)=ANY=[], 0xfe, 0x5dd, &(0x7f0000000680)="$eJzs3cFvHFcdB/Dvrp3NOkip4yZtQJWwilQhLJJdWyIpF6AUZKEKVeLA2SJOYmWTVvYWuT1AQBwqTv0TysH/AOJYJB9oj3Dq2ahHJO6+uZrZWXttb107dryb5vORZt9782be/t5vZiczu4oc4Lm1OJfJzdSyOPfWetHe2ljobG0sPOzXk1xMUk+aSWrF6n8k+SJ5nN6Sb/c7BspDPv+kee+zjz79sNdqVku5fe2o/Y5nN5bpXqxleVbjzZ96vP0znEkye7r44Gzs9P13aPcpP5cAwDirJRPD1k8nl6qb9eI5oHdX3LvHfqY9HnUAAAAAcA5e2M521nN51HEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAs6T6+/+1aqn367Op9f/+f6Nal6o+fqaPv+nm04wDAAAAAAAAAM7Jd7eznfVc7rd3auVv/q+Wjavl67fyXtaynNXcyHqW0k03q2kf+J29sb7U7a62j7Hn/NA9589nvgAAAAAAAADwDfXnLO79/g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOOglkz0inK52q9Ppz6ZpJmkUWz3OPlPv/4s2xx1AAAAAHAOXtjOdtZzud/eqZXP/C+Vz/3NvJdH6WYl3XSynDvldwHFU39Rbix0tjYWHhbL4XF/9v8ThdFIUk/vu4fh73y93GIqd7NSrrmR3+WddHIn9XLPwvV+PMPj+lMRU+0nlWNGdqcqixn/qirHw3SZkQu7GWlVsRXZuHJ0Jk54dA6+Uzv13W9+rj6FnF+qymI+b451zucHzr6Xjs5EMvPbv96633n04P7dtbnxmdITOpiJhYFMvPxcZaJVZuLabnsxv8xvMpfZvJ3VrOT3WUo3y5nNm2VtqTqfi9eJozP1032tt78ukkZ1XHpX0ZPF9Gq57+Ws5Nd5J3fKI9rKrdzKfH6U19Pad4SvDY37jztVd/mpr5/sU/+971eVC0l+UZXjocjrlYG8Dl5zp8u+wTV7WZo5+2vj5HeqSnH2vDF218YrB/6V6GfixaMz8bfyxFnrPHqwen/p3WO+32tVWWTg54cysTNx6gk9seJ8mSkOVtnaf3YUfS8O7WuXfVd3++qH+q7t9n3dJ7VR3cMdHmm+7Ht5aF9vv+sDfcPutwAYe5d+cKkx9b+pf099PPWXqftTbzXfuHj74iuNXPjXhR9PtiZeq79S+3s+zh/2nv8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAnt/b+Bw+WOp3lVZVTVupJxiAMFZUzqYz6ygQ8bTe7D9+9ufb+Bz9cebh0b/ne8qPXW7dvt9vtW62bd1c6y9XrqKMEAM7S3k3/qCMBAAAAAAAAAAAAAAC+ynn8d+JRzxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhmW5zL5GZqabdutIr21sZCp1j69b0tm0lqReWfSb5IHqe3ZHpguNpXvc/nnzTvffbRpx/ujdXsb187ar/j2RdL/UBMpx1v/tTj7c1wNslMVcLIfRkAAP//eU0DaA==") 957.595844ms ago: executing program 4 (id=9797): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) 826.866242ms ago: executing program 1 (id=9799): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'tunl0\x00', &(0x7f0000000440)={'syztnl0\x00', 0x0, 0x0, 0xb3, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x23, 0x14, 0x68, 0xfffc, 0x8, 0x5e55b37311de6d89, 0x0, @local, @multicast1}}}}) 826.198802ms ago: executing program 5 (id=9800): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x60, 0x2, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}, @IPSET_ATTR_MAXELEM={0x8}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x60}}, 0x0) 724.670677ms ago: executing program 3 (id=9801): r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0xb, 0x102) readv(r0, &(0x7f0000000340)=[{&(0x7f0000000100)=""/14, 0xe}, {0x0, 0x12}], 0x2) 642.401863ms ago: executing program 4 (id=9802): r0 = socket(0x10, 0x3, 0x0) sendmmsg$inet(r0, &(0x7f0000000380)=[{{&(0x7f0000000200)={0x2, 0x4e24, @private=0xa010102}, 0x7, &(0x7f0000000340)=[{&(0x7f00000002c0)="4533518e23a4ab142f47801437cab99d4c4c1f76d69aa705ec2117a3f5808ff2e1c1f3aadffbb521c234644546582c4f3ddae45374326918871ecb6e8dadb6cb28cbb5a901892f271456", 0x4a}, {&(0x7f0000000240)=':', 0x1}], 0x2, &(0x7f0000000400)=[@ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_ttl={{0x14, 0x0, 0x2, 0x9}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x4671}}], 0x60}}], 0x1, 0x20000000) 570.150207ms ago: executing program 1 (id=9803): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000001c0)=@generic={&(0x7f0000000140)='./file0\x00', r0}, 0x18) 569.235447ms ago: executing program 0 (id=9804): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@ipv6_newnexthop={0x1c, 0x68, 0x309, 0x70bd29, 0x0, {}, [@NHA_FDB={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040801}, 0x4000) 511.00756ms ago: executing program 5 (id=9805): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f00000000c0)) 396.209377ms ago: executing program 1 (id=9806): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000100), &(0x7f0000000240)=0x4) 396.140177ms ago: executing program 3 (id=9807): r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x84, 0x16, 0x0, &(0x7f0000001440)) 319.260111ms ago: executing program 4 (id=9808): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2c8, 0x130, 0x12, 0x60a, 0x130, 0x202, 0x1f8, 0x2e8, 0x2e8, 0x1f8, 0x2c0, 0x4, 0x0, {[{{@ipv6={@remote, @mcast2, [], [0x0, 0x0, 0xffffffff], 'netpci0\x00', 'xfrm0\x00'}, 0x0, 0x108, 0x130, 0x0, {}, [@common=@unspec=@statistic={{0x38}}, @inet=@rpfilter={{0x28}, {0x1}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff, 0xfe}, {0xffffffffffffffff, 0xf9}}}}, {{@ipv6={@private2, @loopback, [], [0xff], 'vxcan1\x00', 'geneve0\x00'}, 0x0, 0xa8, 0xc8}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x328) 318.450311ms ago: executing program 0 (id=9818): r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r0, &(0x7f00000002c0)={&(0x7f0000000380)={0x8, 0x4e22, @broadcast}, 0x10, &(0x7f00000001c0)=[{0x0, 0x27}, {&(0x7f0000000800)="08003b117c123a3d", 0x8}], 0x2}, 0x20008890) 242.754806ms ago: executing program 5 (id=9809): r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x2000, 0x0) ioctl$COMEDI_CMDTEST(r0, 0x8050640a, &(0x7f0000000240)={0x1, 0x80, 0x2, 0x10000006, 0x4, 0x30, 0xffffffff, 0x4, 0x80, 0x7fff, 0x10, 0x5, &(0x7f0000000100)=[0x1], 0x1, 0x0}) 241.100476ms ago: executing program 3 (id=9810): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000000)={0x0, 0x223e000, 0x800, 0x1, 0x1}, 0x20) 110.423614ms ago: executing program 1 (id=9811): r0 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000140)={{0x2, 0x4000, @multicast2}, {0x0, @remote}, 0x0, {0x2, 0x0, @broadcast}, 'wg1\x00'}) 71.993786ms ago: executing program 0 (id=9812): r0 = socket$inet(0x2, 0xa, 0x0) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000100)) 68.847206ms ago: executing program 3 (id=9813): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000034000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000008300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 8.95335ms ago: executing program 5 (id=9814): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000d00)=@nat={'nat\x00', 0x19, 0x11, 0x90, [0x200000000c40, 0x0, 0x0, 0x200000000c70, 0x200000000ca0], 0x0, 0x0, &(0x7f0000000c40)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108) 0s ago: executing program 4 (id=9815): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x25dfdbfc, {{@in, @in6=@remote, 0x0, 0x4, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x200000000000}, 0x0, 0xfffffffd, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) kernel console output (not intermixed with test programs): ][T22592] jfs_strtoUCS: char2uni returned -22. [ 920.424939][T22592] charset = euc-jp, char = 0xd4 [ 920.722007][T22634] netlink: 296 bytes leftover after parsing attributes in process `syz.3.8165'. [ 921.402165][ T5098] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 921.633681][ T5098] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 921.661483][ T5098] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 921.681211][ T5098] usb 6-1: Product: syz [ 921.688952][ T5098] usb 6-1: Manufacturer: syz [ 921.695322][ T5098] usb 6-1: SerialNumber: syz [ 921.731155][ T5098] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 921.815778][ T5098] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 922.083787][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 922.083804][ T26] audit: type=1326 audit(1903.022:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22683 comm="syz.4.8189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97b0b9aeb9 code=0x7ffc0000 [ 922.111919][ C0] vkms_vblank_simulate: vblank timer overrun [ 922.194108][ T26] audit: type=1326 audit(1903.022:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22683 comm="syz.4.8189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97b0b9aeb9 code=0x7ffc0000 [ 922.251530][T22686] device  entered promiscuous mode [ 922.294109][ T26] audit: type=1326 audit(1903.077:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22683 comm="syz.4.8189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f97b0b9aeb9 code=0x7ffc0000 [ 922.378536][ T4320] usb 6-1: USB disconnect, device number 2 [ 922.398597][ T26] audit: type=1326 audit(1903.077:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22683 comm="syz.4.8189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97b0b9aeb9 code=0x7ffc0000 [ 922.420542][ C0] vkms_vblank_simulate: vblank timer overrun [ 922.474803][ T26] audit: type=1326 audit(1903.077:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22683 comm="syz.4.8189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97b0b9aeb9 code=0x7ffc0000 [ 922.681733][T22697] netlink: 176 bytes leftover after parsing attributes in process `syz.4.8195'. [ 923.005742][ T5098] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 923.012826][ T5098] ath9k_htc: Failed to initialize the device [ 923.076136][ T4320] usb 6-1: ath9k_htc: USB layer deinitialized [ 923.189079][T22719] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8206'. [ 923.355619][T22722] netlink: 272 bytes leftover after parsing attributes in process `syz.1.8207'. [ 923.462971][T22727] overlayfs: conflicting options: userxattr,redirect_dir=on [ 923.498593][T22729] netlink: 48 bytes leftover after parsing attributes in process `syz.0.8211'. [ 923.554849][T22729] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8211'. [ 923.597036][T22731] netlink: 'syz.5.8212': attribute type 21 has an invalid length. [ 924.104952][T22711] loop4: detected capacity change from 0 to 32768 [ 924.238902][T22711] XFS (loop4): Mounting V5 Filesystem [ 924.391973][T22711] XFS (loop4): Ending clean mount [ 924.421825][T22711] XFS (loop4): Quotacheck needed: Please wait. [ 924.595521][T22711] XFS (loop4): Quotacheck: Done. [ 924.745693][T22769] loop3: detected capacity change from 0 to 1024 [ 924.838224][ T4280] XFS (loop4): Unmounting Filesystem [ 924.941863][T22771] device  entered promiscuous mode [ 925.726205][T22792] sctp: [Deprecated]: syz.0.8238 (pid 22792) Use of struct sctp_assoc_value in delayed_ack socket option. [ 925.726205][T22792] Use struct sctp_sack_info instead [ 926.452540][T22818] device xfrm0 entered promiscuous mode [ 926.691535][ T27] usb 2-1: new full-speed USB device number 23 using dummy_hcd [ 926.919151][ T27] usb 2-1: config 0 has an invalid interface number: 168 but max is 0 [ 926.938499][ T27] usb 2-1: config 0 has no interface number 0 [ 926.945263][ T27] usb 2-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06 [ 926.993377][ T27] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 927.016117][ T27] usb 2-1: config 0 descriptor?? [ 927.063241][T22831] loop0: detected capacity change from 0 to 256 [ 927.152665][T22831] exfat: Deprecated parameter 'namecase' [ 927.200584][T22831] exfat: Deprecated parameter 'utf8' [ 927.206261][T22835] netlink: 'syz.5.8258': attribute type 49 has an invalid length. [ 927.215694][T22831] exfat: Deprecated parameter 'utf8' [ 927.231130][T22831] exfat: Deprecated parameter 'namecase' [ 927.244426][ T27] usb 2-1: string descriptor 0 read error: -71 [ 927.257980][ T27] usb-storage 2-1:0.168: USB Mass Storage device detected [ 927.287786][T22831] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x5f26ded4, utbl_chksum : 0xe619d30d) [ 927.300436][T22835] netlink: 'syz.5.8258': attribute type 49 has an invalid length. [ 927.319552][ T27] usb-storage 2-1:0.168: Quirks match for vid 05ab pid 0060: 2 [ 927.378677][ T27] usb 2-1: USB disconnect, device number 23 [ 928.213931][ T9991] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 928.376616][T22877] __nla_validate_parse: 1 callbacks suppressed [ 928.376635][T22877] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8278'. [ 928.433814][ T9991] usb 1-1: Using ep0 maxpacket: 8 [ 928.450363][ T9991] usb 1-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 928.498143][ T9991] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 928.519617][ T9991] usb 1-1: Product: syz [ 928.525200][T22883] I/O error, dev loop3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 928.542423][ T9991] usb 1-1: Manufacturer: syz [ 928.547124][ T9991] usb 1-1: SerialNumber: syz [ 928.564960][T22883] I/O error, dev loop3, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 928.576743][ T9991] usb 1-1: config 0 descriptor?? [ 928.592411][ T9991] gspca_main: sq930x-2.14.0 probing 2770:930c [ 928.603022][T22883] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 928.640175][T22883] I/O error, dev loop3, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 928.655343][T22883] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 928.704442][T22883] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 928.726202][T22883] UDF-fs: Scanning with blocksize 512 failed [ 928.733311][T22883] I/O error, dev loop3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 928.796223][T22883] I/O error, dev loop3, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 928.847304][T22883] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 928.858734][T22883] I/O error, dev loop3, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 928.869493][T22883] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 928.882291][T22883] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 928.890486][T22883] UDF-fs: Scanning with blocksize 1024 failed [ 928.897601][T22883] I/O error, dev loop3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 928.917402][T22892] usb usb9: usbfs: process 22892 (syz.4.8285) did not claim interface 0 before use [ 928.943494][T22883] I/O error, dev loop3, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 928.986272][T22883] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 929.019677][T22883] I/O error, dev loop3, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 929.030181][ T9991] gspca_sq930x: ucbus_write failed -71 [ 929.035977][ T9991] sq930x: probe of 1-1:0.0 failed with error -71 [ 929.059198][ T9991] usb 1-1: USB disconnect, device number 14 [ 929.073085][T22883] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 929.093706][T22883] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 929.101783][T22883] UDF-fs: Scanning with blocksize 2048 failed [ 929.118198][T22883] I/O error, dev loop3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 929.134508][T22883] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 929.181515][T22883] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 929.201919][T22883] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 929.221514][T22883] UDF-fs: Scanning with blocksize 4096 failed [ 929.235789][T22883] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1) [ 929.274925][ T26] audit: type=1326 audit(1909.667:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22901 comm="syz.1.8290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 929.332951][ T26] audit: type=1326 audit(1909.667:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22901 comm="syz.1.8290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 929.354815][ C0] vkms_vblank_simulate: vblank timer overrun [ 929.437653][ T26] audit: type=1326 audit(1909.695:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22901 comm="syz.1.8290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 929.522925][ T26] audit: type=1326 audit(1909.695:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22901 comm="syz.1.8290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 929.603787][ T26] audit: type=1326 audit(1909.695:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22901 comm="syz.1.8290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 929.625674][ C0] vkms_vblank_simulate: vblank timer overrun [ 929.712188][T22912] netlink: 224 bytes leftover after parsing attributes in process `syz.4.8295'. [ 929.856125][T22920] loop1: detected capacity change from 0 to 128 [ 929.930884][T22920] FAT-fs (loop1): error, corrupted directory (invalid entries) [ 929.994171][T22920] FAT-fs (loop1): Filesystem has been set read-only [ 930.037487][T22924] netlink: 'syz.4.8301': attribute type 21 has an invalid length. [ 931.067069][T22965] JFS: discard option not supported on device [ 931.073537][T22965] Mount JFS Failure: -22 [ 931.096403][T22965] jfs_mount failed w/return code = -22 [ 931.516851][T22981] netlink: 'syz.5.8329': attribute type 7 has an invalid length. [ 931.547711][T22981] netlink: 'syz.5.8329': attribute type 8 has an invalid length. [ 932.043089][T23003] netlink: 'syz.5.8339': attribute type 10 has an invalid length. [ 932.065918][T23003] netlink: 40 bytes leftover after parsing attributes in process `syz.5.8339'. [ 932.095618][T23003] device dummy0 entered promiscuous mode [ 932.102494][T23003] bridge0: port 3(dummy0) entered blocking state [ 932.143037][T23003] bridge0: port 3(dummy0) entered disabled state [ 932.197545][T23003] bridge0: port 3(dummy0) entered blocking state [ 932.204093][T23003] bridge0: port 3(dummy0) entered forwarding state [ 932.868768][T23031] x_tables: duplicate underflow at hook 3 [ 933.107557][T23039] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8356'. [ 933.154479][T23011] loop3: detected capacity change from 0 to 32768 [ 933.724924][ T27] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 933.825246][T23059] netlink: 44 bytes leftover after parsing attributes in process `syz.3.8367'. [ 933.853275][T23060] tmpfs: Bad value for 'mpol' [ 933.939212][ T27] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 933.968603][ T27] usb 6-1: config 0 has no interface number 0 [ 934.002894][T23056] loop4: detected capacity change from 0 to 4096 [ 934.039722][ T27] usb 6-1: New USB device found, idVendor=2639, idProduct=0012, bcdDevice=65.b5 [ 934.063265][T23056] ntfs: (device loop4): check_mft_mirror(): Incomplete multi sector transfer detected in mft record 2. [ 934.086581][ T27] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 934.100247][T23056] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 934.130627][ T27] usb 6-1: Product: syz [ 934.144921][ T27] usb 6-1: Manufacturer: syz [ 934.149625][ T27] usb 6-1: SerialNumber: syz [ 934.187308][ T27] usb 6-1: config 0 descriptor?? [ 934.214092][ T27] xsens_mt 6-1:0.1: xsens_mt converter detected [ 934.243628][ T27] usb 6-1: xsens_mt converter now attached to ttyUSB0 [ 934.258404][T23056] ntfs: volume version 3.1. [ 934.268945][T23056] ntfs: (device loop4): map_mft_record_page(): Mft record 0x2 is corrupt. Run chkdsk. [ 934.327512][T23056] ntfs: (device loop4): map_mft_record(): Failed with error code 5. [ 934.335609][T23056] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x2 as bad. Run chkdsk. [ 934.440587][ T27] usb 6-1: USB disconnect, device number 3 [ 934.452574][ T27] xsens_mt ttyUSB0: xsens_mt converter now disconnected from ttyUSB0 [ 934.486915][ T27] xsens_mt 6-1:0.1: device disconnected [ 935.470792][T23094] xt_hashlimit: size too large, truncated to 1048576 [ 935.549918][T23096] device vlan0 entered promiscuous mode [ 935.556414][T23094] xt_hashlimit: invalid interval [ 936.249609][T23119] loop3: detected capacity change from 0 to 64 [ 936.313899][T23119] syz.3.8394: attempt to access beyond end of device [ 936.313899][T23119] loop3: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 936.364248][T23119] Buffer I/O error on dev loop3, logical block 134217734, async page read [ 936.606953][T23124] loop5: detected capacity change from 0 to 1024 [ 936.789658][ T4327] kworker/dying (4327) used greatest stack depth: 15536 bytes left [ 937.401102][T23149] loop5: detected capacity change from 0 to 64 [ 937.463608][T23149] syz.5.8410: attempt to access beyond end of device [ 937.463608][T23149] loop5: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 937.554766][T23149] Buffer I/O error on dev loop5, logical block 134217734, async page read [ 937.826257][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 937.826274][ T26] audit: type=1326 audit(1917.559:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23156 comm="syz.1.8413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 937.935124][ T26] audit: type=1326 audit(1917.559:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23156 comm="syz.1.8413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 938.039822][ T26] audit: type=1326 audit(1917.614:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23156 comm="syz.1.8413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 938.151935][ T26] audit: type=1326 audit(1917.614:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23156 comm="syz.1.8413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 938.239031][ T26] audit: type=1326 audit(1917.614:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23156 comm="syz.1.8413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 938.701766][T23182] device ip6gre2 entered promiscuous mode [ 939.026906][T23192] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma? [ 939.279312][T23200] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 939.606139][T23212] loop4: detected capacity change from 0 to 1024 [ 939.613349][T23212] EXT4-fs: Ignoring removed orlov option [ 939.710701][T23212] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 939.918542][T23221] loop3: detected capacity change from 0 to 64 [ 939.990537][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 940.215790][T23232] RDS: rds_bind could not find a transport for 0:0:4::1, load rds_tcp or rds_rdma? [ 940.950668][T23260] loop0: detected capacity change from 0 to 256 [ 941.005897][T23260] FAT-fs (loop0): Directory bread(block 64) failed [ 941.023132][ T5098] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 941.064358][T23260] FAT-fs (loop0): Directory bread(block 65) failed [ 941.071507][T23260] FAT-fs (loop0): Directory bread(block 66) failed [ 941.087941][T23260] FAT-fs (loop0): Directory bread(block 67) failed [ 941.109805][T23260] FAT-fs (loop0): Directory bread(block 68) failed [ 941.138439][T23260] FAT-fs (loop0): Directory bread(block 69) failed [ 941.171290][T23260] FAT-fs (loop0): Directory bread(block 70) failed [ 941.193081][T23260] FAT-fs (loop0): Directory bread(block 71) failed [ 941.225944][T23260] FAT-fs (loop0): Directory bread(block 72) failed [ 941.257151][T23260] FAT-fs (loop0): Directory bread(block 73) failed [ 941.277962][ T5098] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 941.301579][ T5098] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 941.339116][T23270] loop5: detected capacity change from 0 to 64 [ 941.346528][ T5098] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 941.377286][ T5098] usb 4-1: Product: syz [ 941.397735][ T5098] usb 4-1: Manufacturer: syz [ 941.415530][ T5098] usb 4-1: SerialNumber: syz [ 941.435725][ T5098] usb 4-1: config 0 descriptor?? [ 941.443409][T23270] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. mounting read-only. [ 941.497063][T23270] hfs: filesystem is marked locked, mounting read-only. [ 941.696072][ T5098] snd-usb-audio: probe of 4-1:0.0 failed with error -2 [ 941.777763][ T4396] udevd[4396]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 941.885130][ T9995] usb 4-1: USB disconnect, device number 13 [ 942.553709][T23310] netlink: 68 bytes leftover after parsing attributes in process `syz.5.8487'. [ 942.688266][T23311] loop1: detected capacity change from 0 to 4096 [ 942.706509][T23313] device batadv1 entered promiscuous mode [ 942.722101][T23311] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 942.767342][T23317] netlink: 1244 bytes leftover after parsing attributes in process `syz.0.8491'. [ 942.848391][T23311] ntfs3: loop1: ino=0, attr_set_size [ 943.193012][T23321] loop4: detected capacity change from 0 to 4096 [ 943.249789][T23321] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 944.086883][ T26] audit: type=1326 audit(1923.337:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23352 comm="syz.5.8509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 944.167585][ T26] audit: type=1326 audit(1923.337:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23352 comm="syz.5.8509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 944.291628][ T26] audit: type=1326 audit(1923.383:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23352 comm="syz.5.8509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 944.313512][ C0] vkms_vblank_simulate: vblank timer overrun [ 944.401067][ T26] audit: type=1326 audit(1923.383:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23352 comm="syz.5.8509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 944.455391][ T26] audit: type=1326 audit(1923.383:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23352 comm="syz.5.8509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 944.724252][T23376] netlink: 'syz.3.8521': attribute type 3 has an invalid length. [ 944.786053][T23381] netlink: 'syz.5.8520': attribute type 2 has an invalid length. [ 945.035372][T23389] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8528'. [ 945.207933][T23397] loop1: detected capacity change from 0 to 128 [ 945.296205][T23397] FAT-fs (loop1): Directory bread(block 32) failed [ 945.345817][T23397] FAT-fs (loop1): Directory bread(block 33) failed [ 945.356969][T23397] FAT-fs (loop1): Directory bread(block 34) failed [ 945.363593][T23397] FAT-fs (loop1): Directory bread(block 35) failed [ 945.399618][T23397] FAT-fs (loop1): Directory bread(block 36) failed [ 945.436640][T23397] FAT-fs (loop1): Directory bread(block 37) failed [ 945.467059][T23397] FAT-fs (loop1): Directory bread(block 38) failed [ 945.473695][T23397] FAT-fs (loop1): Directory bread(block 39) failed [ 945.519438][T23397] FAT-fs (loop1): Directory bread(block 40) failed [ 945.557442][T23397] FAT-fs (loop1): Directory bread(block 41) failed [ 945.873200][T23397] syz.1.8530: attempt to access beyond end of device [ 945.873200][T23397] loop1: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 945.953131][T23397] FAT-fs (loop1): Filesystem has been set read-only [ 945.960403][T23397] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 946.067277][T23423] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8544'. [ 946.120709][T23423] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8544'. [ 946.141943][T23423] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 946.213210][T23423] 8021q: adding VLAN 0 to HW filter on device bond4 [ 946.252429][T23430] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8549'. [ 946.545716][T23440] loop1: detected capacity change from 0 to 256 [ 946.633143][T23440] FAT-fs (loop1): Directory bread(block 64) failed [ 946.660284][T23440] FAT-fs (loop1): Directory bread(block 65) failed [ 946.688679][T23440] FAT-fs (loop1): Directory bread(block 66) failed [ 946.723061][T23440] FAT-fs (loop1): Directory bread(block 67) failed [ 946.751245][T23440] FAT-fs (loop1): Directory bread(block 68) failed [ 946.764537][T23449] loop0: detected capacity change from 0 to 512 [ 946.774200][T23440] FAT-fs (loop1): Directory bread(block 69) failed [ 946.803242][T23440] FAT-fs (loop1): Directory bread(block 70) failed [ 946.825096][T23440] FAT-fs (loop1): Directory bread(block 71) failed [ 946.847775][T23449] EXT4-fs (loop0): Test dummy encryption mode enabled [ 946.870417][T23440] FAT-fs (loop1): Directory bread(block 72) failed [ 946.889467][T23440] FAT-fs (loop1): Directory bread(block 73) failed [ 946.896619][T23449] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e01c, mo2=0002] [ 946.977347][T23449] System zones: 1-12 [ 947.023365][T23449] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.8556: Directory hole found for htree index block 0 [ 947.042182][T23449] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -117 [ 947.050901][T23449] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.8556: Directory hole found for htree index block 0 [ 947.108325][T23449] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117 [ 947.151515][T23449] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 947.214679][T23449] EXT4-fs (loop0): re-mounted. Quota mode: writeback. [ 947.311674][T23463] netlink: 'syz.1.8562': attribute type 41 has an invalid length. [ 947.350605][T23463] netlink: 'syz.1.8562': attribute type 41 has an invalid length. [ 947.392172][ T4267] EXT4-fs (loop0): unmounting filesystem. [ 947.475554][T23467] netlink: 28 bytes leftover after parsing attributes in process `syz.5.8564'. [ 947.529738][T23467] netlink: 28 bytes leftover after parsing attributes in process `syz.5.8564'. [ 947.765966][T23479] device ip6gretap1 entered promiscuous mode [ 947.894587][ T27] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 948.021920][ T5098] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 948.064486][T23489] loop0: detected capacity change from 0 to 4096 [ 948.085570][T23489] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 948.132166][ T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 948.161241][ T27] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 948.188102][T23489] ntfs3: loop0: ino=1b, "file0" attr_set_size [ 948.198936][ T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 948.212387][T23489] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 948.223150][T23495] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8578'. [ 948.232965][ T27] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 948.248482][T23495] (unnamed net_device) (uninitialized): option use_carrier: invalid value (4) [ 948.257781][ T5098] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 948.260053][ T27] usb 4-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 948.278401][ T5098] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 948.298651][T23494] netlink: 24 bytes leftover after parsing attributes in process `syz.5.8577'. [ 948.299388][ T5098] usb 2-1: Product: syz [ 948.317064][ T5098] usb 2-1: Manufacturer: syz [ 948.321768][ T5098] usb 2-1: SerialNumber: syz [ 948.331091][ T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 948.343940][ T5098] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 948.365066][ T27] usb 4-1: Product: syz [ 948.390414][ T27] usb 4-1: Manufacturer: syz [ 948.391217][ T5098] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 948.395094][ T27] usb 4-1: SerialNumber: syz [ 948.456506][ T27] usb 4-1: config 0 descriptor?? [ 948.491127][ T27] ums-isd200 4-1:0.0: USB Mass Storage device detected [ 948.642001][ C0] usb 2-1: ath9k_htc: invalid pkt_len (ffd7) [ 948.733029][ T27] ums-isd200: probe of 4-1:0.0 failed with error -22 [ 948.882890][ T8338] usb 2-1: USB disconnect, device number 24 [ 948.966265][ T4320] usb 4-1: USB disconnect, device number 14 [ 949.193297][T23519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8589'. [ 949.397916][ T125] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 949.603799][ T125] usb 5-1: Using ep0 maxpacket: 16 [ 949.614696][ T5098] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 949.622544][ T5098] ath9k_htc: Failed to initialize the device [ 949.630922][ T125] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 949.653143][ T8338] usb 2-1: ath9k_htc: USB layer deinitialized [ 949.659694][ T125] usb 5-1: config 0 has no interface number 0 [ 949.688020][ T125] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 949.715421][ T125] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 949.731373][T23540] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8599'. [ 949.743773][ T125] usb 5-1: Product: syz [ 949.752616][ T125] usb 5-1: Manufacturer: syz [ 949.761871][ T125] usb 5-1: SerialNumber: syz [ 949.792123][ T125] usb 5-1: config 0 descriptor?? [ 949.810451][ T125] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 950.246373][ T125] gspca_spca1528: reg_w err -71 [ 950.276824][ T125] spca1528: probe of 5-1:0.1 failed with error -71 [ 950.289940][ T125] usb 5-1: USB disconnect, device number 10 [ 950.728126][ T26] audit: type=1326 audit(1929.466:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23567 comm="syz.1.8613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 950.795535][ T26] audit: type=1326 audit(1929.466:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23567 comm="syz.1.8613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 950.893657][ T26] audit: type=1326 audit(1929.493:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23567 comm="syz.1.8613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=279 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 950.957848][ T26] audit: type=1326 audit(1929.493:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23567 comm="syz.1.8613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 951.044718][ T26] audit: type=1326 audit(1929.493:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23567 comm="syz.1.8613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 951.066587][ C0] vkms_vblank_simulate: vblank timer overrun [ 951.073950][T23556] loop3: detected capacity change from 0 to 32768 [ 951.140554][T23556] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 scanned by syz.3.8607 (23556) [ 951.202392][T23579] loop1: detected capacity change from 0 to 512 [ 951.209039][T23556] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 951.225384][T23580] loop0: detected capacity change from 0 to 64 [ 951.246044][T23556] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 951.262262][T23579] EXT4-fs: Ignoring removed mblk_io_submit option [ 951.268806][T23579] EXT4-fs: Ignoring removed bh option [ 951.293200][T23556] BTRFS info (device loop3): setting nodatasum [ 951.301205][T23580] Trying to free block not in datazone [ 951.311853][T23556] BTRFS info (device loop3): using free space tree [ 951.331056][T23580] Trying to free block not in datazone [ 951.341304][T23580] Trying to free block not in datazone [ 951.359338][T23580] Trying to free block not in datazone [ 951.360382][T23579] EXT4-fs (loop1): orphan cleanup on readonly fs [ 951.370864][T23580] Trying to free block not in datazone [ 951.387978][T23580] Trying to free block not in datazone [ 951.393865][T23580] Trying to free block not in datazone [ 951.399558][T23580] Trying to free block not in datazone [ 951.405557][T23580] Trying to free block not in datazone [ 951.411259][T23580] Trying to free block not in datazone [ 951.417200][T23580] Trying to free block not in datazone [ 951.423234][T23580] Trying to free block not in datazone [ 951.429480][T23580] Trying to free block not in datazone [ 951.436149][T23580] Trying to free block not in datazone [ 951.442077][T23580] Trying to free block not in datazone [ 951.448718][T23580] Trying to free block not in datazone [ 951.454564][T23580] Trying to free block not in datazone [ 951.461014][T23580] Trying to free block not in datazone [ 951.466885][T23580] Trying to free block not in datazone [ 951.473221][T23580] Trying to free block not in datazone [ 951.473437][T23582] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8620'. [ 951.479576][T23580] Trying to free block not in datazone [ 951.493772][T23580] Trying to free block not in datazone [ 951.499288][T23580] Trying to free block not in datazone [ 951.505921][T23580] Trying to free block not in datazone [ 951.511722][T23580] Trying to free block not in datazone [ 951.517282][T23580] Trying to free block not in datazone [ 951.523137][T23580] Trying to free block not in datazone [ 951.528925][T23580] Trying to free block not in datazone [ 951.541076][T23580] Trying to free block not in datazone [ 951.546906][T23580] Trying to free block not in datazone [ 951.552572][T23580] Trying to free block not in datazone [ 951.557947][T23579] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.8619: bad orphan inode 14 [ 951.594824][T23580] Trying to free block not in datazone [ 951.627116][T23579] ext4_test_bit(bit=13, block=18) = 1 [ 951.645749][T23580] Trying to free block not in datazone [ 951.651753][T23579] is_bad_inode(inode)=0 [ 951.653848][T23580] Trying to free block not in datazone [ 951.656026][T23579] NEXT_ORPHAN(inode)=0 [ 951.661701][T23580] Trying to free block not in datazone [ 951.672964][T23580] Trying to free block not in datazone [ 951.684600][T23580] Trying to free block not in datazone [ 951.690203][T23580] Trying to free block not in datazone [ 951.716418][T23579] max_ino=32 [ 951.719715][T23579] i_nlink=1 [ 951.723014][T23579] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 951.743222][T23556] BTRFS info (device loop3): enabling ssd optimizations [ 951.774173][T23580] Trying to free block not in datazone [ 951.782515][ T4268] EXT4-fs (loop1): unmounting filesystem. [ 951.789041][T23580] Trying to free block not in datazone [ 951.814285][T23580] Trying to free block not in datazone [ 951.819971][T23580] Trying to free block not in datazone [ 951.858647][T23580] Trying to free block not in datazone [ 951.884689][T23571] loop5: detected capacity change from 0 to 32768 [ 951.891827][T23580] Trying to free block not in datazone [ 951.932285][T23580] Trying to free block not in datazone [ 951.950815][T23580] Trying to free block not in datazone [ 951.976178][T23580] Trying to free block not in datazone [ 952.005730][T23580] Trying to free block not in datazone [ 952.033104][T23580] Trying to free block not in datazone [ 952.063457][T23580] Trying to free block not in datazone [ 952.091503][T23580] Trying to free block not in datazone [ 952.118030][T23580] Trying to free block not in datazone [ 952.172398][T23580] Trying to free block not in datazone [ 952.196606][T10918] read_mapping_page failed! [ 952.201781][T10918] ERROR: (device loop5): txCommit: [ 952.201781][T10918] [ 952.238847][T23580] Trying to free block not in datazone [ 952.244487][T23580] Trying to free block not in datazone [ 952.245096][T10918] ERROR: (device loop5): remounting filesystem as read-only [ 952.250131][T23580] Trying to free block not in datazone [ 952.250143][T23580] Trying to free block not in datazone [ 952.250150][T23580] Trying to free block not in datazone [ 952.250158][T23580] Trying to free block not in datazone [ 952.250166][T23580] Trying to free block not in datazone [ 952.250174][T23580] Trying to free block not in datazone [ 952.250180][T23580] Trying to free block not in datazone [ 952.250189][T23580] Trying to free block not in datazone [ 952.250197][T23580] Trying to free block not in datazone [ 952.250205][T23580] Trying to free block not in datazone [ 952.250212][T23580] Trying to free block not in datazone [ 952.250220][T23580] Trying to free block not in datazone [ 952.250228][T23580] Trying to free block not in datazone [ 952.250236][T23580] Trying to free block not in datazone [ 952.250243][T23580] Trying to free block not in datazone [ 952.250251][T23580] Trying to free block not in datazone [ 952.250259][T23580] Trying to free block not in datazone [ 952.250268][T23580] Trying to free block not in datazone [ 952.250276][T23580] Trying to free block not in datazone [ 952.250284][T23580] Trying to free block not in datazone [ 952.250293][T23580] Trying to free block not in datazone [ 952.250300][T23580] Trying to free block not in datazone [ 952.250308][T23580] Trying to free block not in datazone [ 952.250316][T23580] Trying to free block not in datazone [ 952.250323][T23580] Trying to free block not in datazone [ 952.250332][T23580] Trying to free block not in datazone [ 952.250347][T23580] Trying to free block not in datazone [ 952.332673][T10918] jfs_write_inode: jfs_commit_inode failed! [ 952.428296][ T4269] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 952.440887][T23604] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8621'. [ 952.450756][T23580] Trying to free block not in datazone [ 952.507064][T23580] Trying to free block not in datazone [ 952.572171][T23580] Trying to free block not in datazone [ 952.577723][T23580] Trying to free block not in datazone [ 952.649507][T23580] Trying to free block not in datazone [ 952.655049][T23580] Trying to free block not in datazone [ 952.810553][T23580] Trying to free block not in datazone [ 952.852866][T23580] Trying to free block not in datazone [ 952.907933][T23580] Trying to free block not in datazone [ 952.925951][T23580] Trying to free block not in datazone [ 952.949482][T23580] Trying to free block not in datazone [ 952.973776][T23580] Trying to free block not in datazone [ 952.979424][T23580] Trying to free block not in datazone [ 953.016701][T23580] Trying to free block not in datazone [ 953.022293][T23580] Trying to free block not in datazone [ 953.057126][T23580] Trying to free block not in datazone [ 953.093087][T23580] Trying to free block not in datazone [ 953.098722][T23580] Trying to free block not in datazone [ 953.142052][T23580] Trying to free block not in datazone [ 953.163465][T23580] Trying to free block not in datazone [ 953.167832][ T26] audit: type=1326 audit(1931.718:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23617 comm="syz.5.8624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 953.181827][T23580] Trying to free block not in datazone [ 953.263315][T23580] Trying to free block not in datazone [ 953.274280][ T26] audit: type=1326 audit(1931.745:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23617 comm="syz.5.8624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 953.302254][T23580] Trying to free block not in datazone [ 953.330123][T23580] Trying to free block not in datazone [ 953.372842][T23580] Trying to free block not in datazone [ 953.383938][ T26] audit: type=1326 audit(1931.745:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23617 comm="syz.5.8624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=446 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 953.433320][T23580] Trying to free block not in datazone [ 953.444262][T23580] Trying to free block not in datazone [ 953.475942][T23580] Trying to free block not in datazone [ 953.503459][ T26] audit: type=1326 audit(1931.755:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23617 comm="syz.5.8624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 953.527095][T23580] Trying to free block not in datazone [ 953.532624][T23580] Trying to free block not in datazone [ 953.570311][T23580] Trying to free block not in datazone [ 953.586088][T23629] loop1: detected capacity change from 0 to 64 [ 953.587135][T23580] Trying to free block not in datazone [ 953.609228][ T26] audit: type=1326 audit(1931.755:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23617 comm="syz.5.8624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 953.661100][T23580] Trying to free block not in datazone [ 953.681833][T23580] Trying to free block not in datazone [ 953.687390][T23580] Trying to free block not in datazone [ 953.743452][T23580] Trying to free block not in datazone [ 953.749081][T23580] Trying to free block not in datazone [ 953.783857][T23580] Trying to free block not in datazone [ 953.805284][T23580] Trying to free block not in datazone [ 953.845677][T23580] Trying to free block not in datazone [ 953.867542][T23580] Trying to free block not in datazone [ 953.889076][T23580] Trying to free block not in datazone [ 953.904951][T23580] Trying to free block not in datazone [ 953.917006][T23580] Trying to free block not in datazone [ 953.927112][T23580] Trying to free block not in datazone [ 953.932640][T23580] Trying to free block not in datazone [ 953.977488][T23580] Trying to free block not in datazone [ 953.988441][T23580] Trying to free block not in datazone [ 954.002393][T23580] Trying to free block not in datazone [ 954.013662][T23580] Trying to free block not in datazone [ 954.030303][T23580] Trying to free block not in datazone [ 954.067360][T23580] Trying to free block not in datazone [ 954.073902][T23580] Trying to free block not in datazone [ 954.080697][T23580] Trying to free block not in datazone [ 954.089143][T23580] Trying to free block not in datazone [ 954.094649][T23580] Trying to free block not in datazone [ 954.143269][T23580] Trying to free block not in datazone [ 954.149936][T23580] Trying to free block not in datazone [ 954.217625][T23580] Trying to free block not in datazone [ 954.223779][T23580] Trying to free block not in datazone [ 954.234595][T23580] Trying to free block not in datazone [ 954.240133][T23580] Trying to free block not in datazone [ 954.287657][T23580] Trying to free block not in datazone [ 954.293207][T23580] Trying to free block not in datazone [ 954.324121][T23580] Trying to free block not in datazone [ 954.361785][T23580] Trying to free block not in datazone [ 954.378452][T23580] Trying to free block not in datazone [ 954.390199][T23580] Trying to free block not in datazone [ 954.414955][T23580] Trying to free block not in datazone [ 954.420500][T23580] Trying to free block not in datazone [ 954.445127][T23580] Trying to free block not in datazone [ 954.462617][T23580] Trying to free block not in datazone [ 954.479071][T23580] Trying to free block not in datazone [ 954.490141][T23580] Trying to free block not in datazone [ 954.544415][T23580] Trying to free block not in datazone [ 954.550054][T23580] Trying to free block not in datazone [ 954.559021][T23649] netlink: 'syz.1.8643': attribute type 1 has an invalid length. [ 954.583215][T23622] loop4: detected capacity change from 0 to 32768 [ 954.596318][T23649] netlink: 52 bytes leftover after parsing attributes in process `syz.1.8643'. [ 954.605658][T23580] Trying to free block not in datazone [ 954.645574][T23580] Trying to free block not in datazone [ 954.661636][T23580] Trying to free block not in datazone [ 954.674981][T23580] Trying to free block not in datazone [ 954.687590][T23580] Trying to free block not in datazone [ 954.717586][T23580] Trying to free block not in datazone [ 954.723143][T23580] Trying to free block not in datazone [ 954.762717][T23580] Trying to free block not in datazone [ 954.768359][T23580] Trying to free block not in datazone [ 954.795729][T23580] Trying to free block not in datazone [ 954.801277][T23580] Trying to free block not in datazone [ 954.879987][T23580] Trying to free block not in datazone [ 954.885717][T23580] Trying to free block not in datazone [ 954.911912][T23580] Trying to free block not in datazone [ 954.923254][T23580] Trying to free block not in datazone [ 954.928777][T23580] Trying to free block not in datazone [ 954.955721][T23580] Trying to free block not in datazone [ 954.972292][T23580] Trying to free block not in datazone [ 954.982547][T23580] Trying to free block not in datazone [ 954.999137][T23580] Trying to free block not in datazone [ 955.015694][T23580] Trying to free block not in datazone [ 955.025715][T23655] loop3: detected capacity change from 0 to 4096 [ 955.036172][T23580] Trying to free block not in datazone [ 955.041722][T23580] Trying to free block not in datazone [ 955.074706][T23655] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 955.103822][T23580] Trying to free block not in datazone [ 955.110037][T23580] Trying to free block not in datazone [ 955.115550][T23580] Trying to free block not in datazone [ 955.169891][T23580] Trying to free block not in datazone [ 955.204080][T23580] Trying to free block not in datazone [ 955.210303][T23580] Trying to free block not in datazone [ 955.238525][T23580] Trying to free block not in datazone [ 955.246198][T23580] Trying to free block not in datazone [ 955.296818][T23580] Trying to free block not in datazone [ 955.312832][T23665] device sit0 entered promiscuous mode [ 955.321961][T23580] Trying to free block not in datazone [ 955.334539][T23580] Trying to free block not in datazone [ 955.358624][T23665] netlink: 1 bytes leftover after parsing attributes in process `syz.5.8651'. [ 955.367540][T23580] Trying to free block not in datazone [ 955.367553][T23580] Trying to free block not in datazone [ 955.367561][T23580] Trying to free block not in datazone [ 955.367568][T23580] Trying to free block not in datazone [ 955.367575][T23580] Trying to free block not in datazone [ 955.367583][T23580] Trying to free block not in datazone [ 955.367590][T23580] Trying to free block not in datazone [ 955.367598][T23580] Trying to free block not in datazone [ 955.367606][T23580] Trying to free block not in datazone [ 955.367614][T23580] Trying to free block not in datazone [ 955.367621][T23580] Trying to free block not in datazone [ 955.367628][T23580] Trying to free block not in datazone [ 955.367635][T23580] Trying to free block not in datazone [ 955.367642][T23580] Trying to free block not in datazone [ 955.367649][T23580] Trying to free block not in datazone [ 955.367656][T23580] Trying to free block not in datazone [ 955.367664][T23580] Trying to free block not in datazone [ 955.367671][T23580] Trying to free block not in datazone [ 955.367679][T23580] Trying to free block not in datazone [ 955.400767][T23580] Trying to free block not in datazone [ 955.400779][T23580] Trying to free block not in datazone [ 955.400788][T23580] Trying to free block not in datazone [ 955.400796][T23580] Trying to free block not in datazone [ 955.400803][T23580] Trying to free block not in datazone [ 955.400811][T23580] Trying to free block not in datazone [ 955.400818][T23580] Trying to free block not in datazone [ 955.400825][T23580] Trying to free block not in datazone [ 955.400833][T23580] Trying to free block not in datazone [ 955.400841][T23580] Trying to free block not in datazone [ 955.400849][T23580] Trying to free block not in datazone [ 955.400857][T23580] Trying to free block not in datazone [ 955.400865][T23580] Trying to free block not in datazone [ 955.400873][T23580] Trying to free block not in datazone [ 955.400880][T23580] Trying to free block not in datazone [ 955.400888][T23580] Trying to free block not in datazone [ 955.400896][T23580] Trying to free block not in datazone [ 955.400904][T23580] Trying to free block not in datazone [ 955.400912][T23580] Trying to free block not in datazone [ 955.806936][T23674] No such timeout policy "syz0" [ 956.128026][T23683] tmpfs: Bad value for 'mpol' [ 956.164383][T23580] Trying to free block not in datazone [ 956.175206][T23580] Trying to free block not in datazone [ 956.202387][T23580] Trying to free block not in datazone [ 956.207956][T23580] Trying to free block not in datazone [ 956.216575][T23580] Trying to free block not in datazone [ 956.222105][T23580] Trying to free block not in datazone [ 956.273276][T23580] Trying to free block not in datazone [ 956.280549][T23580] Trying to free block not in datazone [ 956.286067][T23580] Trying to free block not in datazone [ 956.318877][T23580] Trying to free block not in datazone [ 956.338519][T23580] Trying to free block not in datazone [ 956.339683][T23688] loop3: detected capacity change from 0 to 1024 [ 956.353742][T23580] Trying to free block not in datazone [ 956.359265][T23580] Trying to free block not in datazone [ 956.373734][T23580] Trying to free block not in datazone [ 956.380559][T23580] Trying to free block not in datazone [ 956.396677][T23580] Trying to free block not in datazone [ 956.405815][T23580] Trying to free block not in datazone [ 956.424544][T23580] Trying to free block not in datazone [ 956.447682][T23580] Trying to free block not in datazone [ 956.464932][T23580] Trying to free block not in datazone [ 956.471390][T23580] Trying to free block not in datazone [ 956.512467][T23580] Trying to free block not in datazone [ 956.523588][T23580] Trying to free block not in datazone [ 956.556740][T23580] Trying to free block not in datazone [ 956.602537][T23580] Trying to free block not in datazone [ 956.620605][T23580] Trying to free block not in datazone [ 956.637306][ T56] hfsplus: b-tree write err: -5, ino 4 [ 956.839390][T23703] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 956.881087][T23703] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 956.938561][ T27] usb 2-1: new full-speed USB device number 25 using dummy_hcd [ 957.161779][ T27] usb 2-1: config 0 has an invalid interface number: 52 but max is 0 [ 957.183516][ T27] usb 2-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config [ 957.211679][T23715] loop3: detected capacity change from 0 to 16 [ 957.231151][T23715] erofs: (device loop3): mounted with root inode @ nid 36. [ 957.240925][ T27] usb 2-1: config 0 has no interface number 0 [ 957.262831][ T27] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 30768, setting to 64 [ 957.274684][T23717] nfs: Deprecated parameter 'nointr' [ 957.302339][ T27] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 957.337710][ T27] usb 2-1: config 0 interface 52 has no altsetting 0 [ 957.376417][ T27] usb 2-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 957.396953][ T27] usb 2-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0 [ 957.433387][ T27] usb 2-1: Manufacturer: syz [ 957.452654][ T27] usb 2-1: config 0 descriptor?? [ 957.492504][ T27] hub 2-1:0.52: bad descriptor, ignoring hub [ 957.498594][ T27] hub: probe of 2-1:0.52 failed with error -5 [ 957.574131][T23729] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 957.691206][ T27] input: syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.52/input/input42 [ 957.717981][T23731] loop4: detected capacity change from 0 to 1024 [ 957.960387][T23737] ieee802154 phy0 wpan0: encryption failed: -22 [ 958.065411][ T9991] usb 2-1: USB disconnect, device number 25 [ 958.222684][T23741] loop4: detected capacity change from 0 to 4096 [ 958.253211][T23741] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 958.293928][ T125] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 958.330793][T23741] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 958.509611][ T125] usb 1-1: Using ep0 maxpacket: 16 [ 958.520709][ T125] usb 1-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 958.560245][ T125] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 958.590587][ T125] usb 1-1: Product: syz [ 958.594831][ T125] usb 1-1: Manufacturer: syz [ 958.626818][ T125] usb 1-1: SerialNumber: syz [ 958.663613][ T125] usb 1-1: config 0 descriptor?? [ 958.696215][ T125] visor 1-1:0.0: Sony Clie 3.5 converter detected [ 959.151136][ T125] usb 1-1: clie_3_5_startup: get interface number failed: -71 [ 959.158806][ T125] visor: probe of 1-1:0.0 failed with error -71 [ 959.216080][ T125] usb 1-1: USB disconnect, device number 15 [ 959.290579][T23777] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (34) [ 959.858179][T23801] netlink: 'syz.4.8719': attribute type 2 has an invalid length. [ 960.064369][T23810] loop5: detected capacity change from 0 to 512 [ 960.126044][T23810] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 960.177600][T23810] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002] [ 960.233314][T23810] EXT4-fs (loop5): orphan cleanup on readonly fs [ 960.239737][T23810] EXT4-fs error (device loop5): ext4_orphan_get:1425: comm syz.5.8723: bad orphan inode 267 [ 960.335391][T23810] EXT4-fs (loop5): Remounting filesystem read-only [ 960.343376][T23810] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 960.401867][T23810] EXT4-fs warning (device loop5): dx_probe:893: inode #2: comm syz.5.8723: dx entry: limit 0 != root limit 125 [ 960.462732][T23810] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.8723: Corrupt directory, running e2fsck is recommended [ 960.646141][T21754] EXT4-fs (loop5): unmounting filesystem. [ 960.664152][T23831] ip6t_srh: unknown srh match flags 5294 [ 960.814658][T23836] loop4: detected capacity change from 0 to 512 [ 960.863908][T23836] EXT4-fs: Ignoring removed i_version option [ 960.911317][T23836] EXT4-fs: Ignoring removed nomblk_io_submit option [ 960.958908][T23836] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 961.016649][T23836] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 961.058144][T23836] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 961.096539][T23836] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 961.105133][T23836] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=c000e11c, mo2=0000] [ 961.121300][T23836] EXT4-fs (loop4): too many log groups per flexible block group [ 961.136565][T23836] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 961.145775][T23836] EXT4-fs (loop4): mount failed [ 961.578791][T23863] netlink: 'syz.3.8749': attribute type 5 has an invalid length. [ 961.771249][T23872] ieee802154 phy0 wpan0: encryption failed: -90 [ 961.954759][ T9995] usb 2-1: new full-speed USB device number 26 using dummy_hcd [ 962.138058][T23887] loop3: detected capacity change from 0 to 256 [ 962.162451][ T9995] usb 2-1: config 0 has an invalid interface number: 3 but max is 2 [ 962.181227][ T9995] usb 2-1: config 0 has an invalid interface number: 176 but max is 2 [ 962.199785][T23889] netlink: 25 bytes leftover after parsing attributes in process `syz.5.8762'. [ 962.222579][ T9995] usb 2-1: config 0 has no interface number 1 [ 962.248422][ T9995] usb 2-1: config 0 has no interface number 2 [ 962.260534][T23887] FAT-fs (loop3): Directory bread(block 64) failed [ 962.278183][T23887] FAT-fs (loop3): Directory bread(block 65) failed [ 962.288235][ T9995] usb 2-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac [ 962.322123][T23887] FAT-fs (loop3): Directory bread(block 66) failed [ 962.329257][ T9995] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 962.338472][T23891] loop4: detected capacity change from 0 to 1024 [ 962.351106][T23887] FAT-fs (loop3): Directory bread(block 67) failed [ 962.368657][ T9995] usb 2-1: config 0 descriptor?? [ 962.383167][T23887] FAT-fs (loop3): Directory bread(block 68) failed [ 962.418961][T23887] FAT-fs (loop3): Directory bread(block 69) failed [ 962.438442][T23887] FAT-fs (loop3): Directory bread(block 70) failed [ 962.476689][T23887] FAT-fs (loop3): Directory bread(block 71) failed [ 962.505517][T23887] FAT-fs (loop3): Directory bread(block 72) failed [ 962.527142][T23887] FAT-fs (loop3): Directory bread(block 73) failed [ 962.620251][ T9995] usb 2-1: Could not set interface, error -71 [ 962.674318][ T9995] usb 2-1: USB disconnect, device number 26 [ 962.712750][ T26] audit: type=1800 audit(1940.523:169): pid=23887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.8761" name="bus" dev="loop3" ino=1048631 res=0 errno=0 [ 963.117648][T23893] loop0: detected capacity change from 0 to 32768 [ 963.239364][T23893] read_mapping_page failed! [ 963.645198][T23921] netlink: 'syz.5.8778': attribute type 10 has an invalid length. [ 963.755741][T23921] device wlan1 entered promiscuous mode [ 963.762399][T23921] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 964.218663][T23945] sctp: [Deprecated]: syz.3.8789 (pid 23945) Use of int in max_burst socket option. [ 964.218663][T23945] Use struct sctp_assoc_value instead [ 964.404001][T23949] SET target dimension over the limit! [ 965.400015][ T125] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 965.531149][T23998] loop3: detected capacity change from 0 to 512 [ 965.566580][T23998] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 965.616667][ T125] usb 6-1: Using ep0 maxpacket: 32 [ 965.626047][ T125] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 965.653768][T23998] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.8816: bad orphan inode 131083 [ 965.671516][T23998] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 965.723189][ T125] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 965.744422][T23998] EXT4-fs error (device loop3): ext4_find_dest_de:2115: inode #2: block 13: comm syz.3.8816: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=2, rec_len=65535, size=1024 fake=1 [ 965.785372][ T125] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 965.812596][ T125] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 965.869337][ T125] usb 6-1: config 0 descriptor?? [ 965.899399][ T125] hub 6-1:0.0: USB hub found [ 965.951579][ T4269] EXT4-fs (loop3): unmounting filesystem. [ 966.102817][ T125] hub 6-1:0.0: 1 port detected [ 966.325757][ T125] hub 6-1:0.0: hub_hub_status failed (err = -71) [ 966.335764][ T125] hub 6-1:0.0: config failed, can't get hub status (err -71) [ 966.381521][ T125] usbhid 6-1:0.0: can't add hid device: -71 [ 966.387873][ T125] usbhid: probe of 6-1:0.0 failed with error -71 [ 966.418451][ T9995] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 966.440728][ T125] usb 6-1: USB disconnect, device number 4 [ 966.629533][ T9995] usb 4-1: Using ep0 maxpacket: 32 [ 966.643867][ T9995] usb 4-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 966.675319][ T9995] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 966.694745][ T9995] usb 4-1: Product: syz [ 966.705632][ T9995] usb 4-1: Manufacturer: syz [ 966.712808][ T9995] usb 4-1: SerialNumber: syz [ 966.719380][ T9995] usb 4-1: config 0 descriptor?? [ 966.728507][ T9995] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 966.948467][ T9995] gspca_ov534_9: reg_w failed -71 [ 967.091812][T24046] loop5: detected capacity change from 0 to 2048 [ 967.121196][T24046] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=26504, location=26504 [ 967.160408][T24046] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 967.331777][T24054] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8842'. [ 967.510806][T24062] device netdevsim0 entered promiscuous mode [ 967.517335][ T9995] gspca_ov534_9: Unknown sensor 0000 [ 967.517403][ T9995] ov534_9: probe of 4-1:0.0 failed with error -22 [ 967.554023][ T9995] usb 4-1: USB disconnect, device number 15 [ 967.572884][T24062] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 967.986885][T24078] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8854'. [ 968.068952][T24080] loop5: detected capacity change from 0 to 256 [ 968.162024][T24083] netlink: 44 bytes leftover after parsing attributes in process `syz.3.8856'. [ 968.179084][T24080] FAT-fs (loop5): Directory bread(block 64) failed [ 968.189917][T24080] FAT-fs (loop5): Directory bread(block 65) failed [ 968.200986][T24083] tc_dump_action: action bad kind [ 968.211915][T24080] FAT-fs (loop5): Directory bread(block 66) failed [ 968.271465][T24080] FAT-fs (loop5): Directory bread(block 67) failed [ 968.282143][T24080] FAT-fs (loop5): Directory bread(block 68) failed [ 968.323442][T24080] FAT-fs (loop5): Directory bread(block 69) failed [ 968.336154][T24080] FAT-fs (loop5): Directory bread(block 70) failed [ 968.356116][T24080] FAT-fs (loop5): Directory bread(block 71) failed [ 968.378638][T24088] mkiss: ax0: crc mode is auto. [ 968.386077][T24080] FAT-fs (loop5): Directory bread(block 72) failed [ 968.444709][T24080] FAT-fs (loop5): Directory bread(block 73) failed [ 968.481613][T24093] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 968.552283][T24093] Error parsing options; rc = [-22] [ 968.638341][T24091] loop1: detected capacity change from 0 to 4096 [ 968.946375][T24105] loop3: detected capacity change from 0 to 64 [ 969.076768][T24100] 9pnet: Could not find request transport: 0xffffffffffffffff [ 969.372949][T24119] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8871'. [ 969.684394][T24131] ptrace attach of "./syz-executor exec"[4267] was attempted by ""[24131] [ 969.807092][T24133] x_tables: unsorted entry at hook 2 [ 969.832655][T24135] netlink: 136 bytes leftover after parsing attributes in process `syz.5.8882'. [ 969.843796][ T26] audit: type=1326 audit(1947.113:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24136 comm="syz.1.8881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 969.896328][T24135] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 969.917967][ T26] audit: type=1326 audit(1947.132:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24136 comm="syz.1.8881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 970.023063][ T26] audit: type=1326 audit(1947.141:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24136 comm="syz.1.8881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 970.102439][ T26] audit: type=1326 audit(1947.141:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24136 comm="syz.1.8881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 970.232440][ T26] audit: type=1326 audit(1947.141:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24136 comm="syz.1.8881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 970.313011][T24144] loop4: detected capacity change from 0 to 4096 [ 970.327126][T24150] netlink: 'syz.5.8889': attribute type 1 has an invalid length. [ 970.359789][T24150] netlink: 'syz.5.8889': attribute type 2 has an invalid length. [ 970.369760][T24144] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 970.476705][T24148] loop3: detected capacity change from 0 to 4096 [ 970.493374][T24148] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 970.610855][T24148] ntfs3: loop3: failed to convert "c46c" to cp850 [ 970.743014][T24160] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.8894'. [ 970.795542][T24160] netlink: zone id is out of range [ 970.820180][T24160] netlink: del zone limit has 4 unknown bytes [ 970.995453][T24164] loop5: detected capacity change from 0 to 2048 [ 971.039454][T24164] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found! [ 971.107089][T24171] (unnamed net_device) (uninitialized): option arp_validate: mode dependency failed, not supported in mode balance-alb(6) [ 971.359131][T24179] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8903'. [ 971.838886][T24197] netlink: 14 bytes leftover after parsing attributes in process `syz.5.8913'. [ 972.081424][T24197] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 972.111958][T24197] device bond_slave_0 left promiscuous mode [ 972.158460][T24197] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 972.186709][T24197] device bond_slave_1 left promiscuous mode [ 972.252550][T24197] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 972.288563][T24197] device wlan1 left promiscuous mode [ 972.339647][T24197] bond0 (unregistering): Released all slaves [ 972.564684][T24224] netlink: 36 bytes leftover after parsing attributes in process `syz.3.8925'. [ 972.621197][T24224] device bridge2 entered promiscuous mode [ 973.014627][T24241] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 973.029944][ T26] audit: type=1326 audit(1950.058:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24240 comm="syz.5.8934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 973.063425][T24241] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 973.110894][ T26] audit: type=1326 audit(1950.058:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24240 comm="syz.5.8934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 973.129890][T24241] overlayfs: missing 'lowerdir' [ 973.177467][ T26] audit: type=1326 audit(1950.076:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24240 comm="syz.5.8934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 973.228128][T24248] loop4: detected capacity change from 0 to 128 [ 973.288581][ T26] audit: type=1326 audit(1950.076:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24240 comm="syz.5.8934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 973.327741][T24248] EXT4-fs: Ignoring removed nobh option [ 973.365770][T24251] netlink: 'syz.0.8940': attribute type 10 has an invalid length. [ 973.385275][ T26] audit: type=1326 audit(1950.076:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24240 comm="syz.5.8934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 973.503178][T24252] loop5: detected capacity change from 0 to 4096 [ 973.512097][T24252] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 973.543670][T24248] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 973.782629][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 973.923010][T24266] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8946'. [ 973.939160][ T9995] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 973.966615][T24251] team0 (unregistering): Port device team_slave_0 removed [ 974.045111][T24251] team0 (unregistering): Port device team_slave_1 removed [ 974.079491][T24251] team0 (unregistering): Port device netdevsim0 removed [ 974.125144][T24270] loop3: detected capacity change from 0 to 512 [ 974.164935][ T9995] usb 2-1: Using ep0 maxpacket: 8 [ 974.173454][ T9995] usb 2-1: unable to get BOS descriptor set [ 974.208394][T24270] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 974.218642][ T9995] usb 2-1: config 0 has an invalid interface number: 125 but max is 0 [ 974.305635][ T9995] usb 2-1: config 0 has no interface number 0 [ 974.311857][ T9995] usb 2-1: config 0 interface 125 has no altsetting 0 [ 974.369109][ T9995] usb 2-1: New USB device found, idVendor=17dc, idProduct=0202, bcdDevice=8a.dd [ 974.400121][ T9995] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 974.433513][ T9995] usb 2-1: Product: syz [ 974.439223][ T9995] usb 2-1: Manufacturer: syz [ 974.443894][ T9995] usb 2-1: SerialNumber: syz [ 974.479804][ T9995] usb 2-1: config 0 descriptor?? [ 974.485188][ T4269] EXT4-fs (loop3): unmounting filesystem. [ 974.499224][ T9995] hub 2-1:0.125: bad descriptor, ignoring hub [ 974.522726][ T27] usb 6-1: new full-speed USB device number 5 using dummy_hcd [ 974.546879][ T9995] hub: probe of 2-1:0.125 failed with error -5 [ 974.555547][ T9995] usb 2-1: Found UVC 0.00 device syz (17dc:0202) [ 974.562263][ T9995] usb 2-1: No valid video chain found. [ 974.665542][T24285] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 974.741035][ T27] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 974.774210][ T27] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 974.795661][ T27] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 974.815089][ T27] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 974.823348][ T27] usb 6-1: Product: syz [ 974.834341][ T27] usb 6-1: Manufacturer: syz [ 974.845301][ T27] usb 6-1: SerialNumber: syz [ 974.861346][ T27] usb 6-1: config 0 descriptor?? [ 974.893529][ T9995] usb 2-1: USB disconnect, device number 27 [ 974.907520][ T27] usb 6-1: 0:0 : invalid sync pipe. bmAttributes 00, bLength 9, bSynchAddress 00 [ 974.939572][ T5098] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 975.180687][ T5098] usb 5-1: config 4 has an invalid interface number: 28 but max is 0 [ 975.205141][ T5098] usb 5-1: config 4 has no interface number 0 [ 975.224969][ T5098] usb 5-1: New USB device found, idVendor=05ac, idProduct=0245, bcdDevice= a.3a [ 975.244920][T24286] loop3: detected capacity change from 0 to 32768 [ 975.258525][ T5098] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 975.285552][ T5098] usb 5-1: Product: syz [ 975.314786][ T5098] usb 5-1: Manufacturer: syz [ 975.319474][ T5098] usb 5-1: SerialNumber: syz [ 975.361470][ T27] usb 6-1: USB disconnect, device number 5 [ 975.365650][ T5098] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:4.28/input/input46 [ 975.564743][ T3622] bcm5974 5-1:4.28: could not read from device [ 975.580184][ T5098] bcm5974 5-1:4.28: could not read from device [ 975.624546][ T3622] bcm5974 5-1:4.28: could not read from device [ 975.662271][ T5098] input: failed to attach handler mousedev to device input46, error: -5 [ 975.693776][ T3622] bcm5974 5-1:4.28: could not read from device [ 975.703912][ T5098] usb 5-1: USB disconnect, device number 11 [ 975.711753][ T3622] bcm5974 5-1:4.28: could not read from device [ 976.354072][T24322] dlm: non-version read from control device 36 [ 976.471000][T24320] loop0: detected capacity change from 0 to 4096 [ 976.863601][T24335] xt_l2tp: wrong L2TP version: 0 [ 977.169913][T24345] Unknown options in mask b7f2 [ 977.327456][T24348] loop4: detected capacity change from 0 to 4096 [ 977.461161][T24348] ntfs3: Cannot use different iocharset when remounting! [ 977.551025][T24326] loop1: detected capacity change from 0 to 32768 [ 979.274742][T24404] netlink: 'syz.4.9012': attribute type 10 has an invalid length. [ 979.401054][T24404] team0: Port device syz_tun added [ 979.734160][T24421] loop3: detected capacity change from 0 to 8 [ 980.166786][T24435] loop5: detected capacity change from 0 to 2048 [ 980.189676][T24435] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 980.213421][T24435] UDF-fs: error (device loop5): udf_fiiter_advance_blk: extent after position 188 not allocated in directory (ino 1376) [ 980.233752][T24435] UDF-fs: error (device loop5): udf_verify_fi: directory (ino 1376) has entry at pos 188 with unaligned lenght of impUse field [ 980.418907][T24443] netlink: 772 bytes leftover after parsing attributes in process `syz.4.9032'. [ 981.022588][T24465] netlink: 52 bytes leftover after parsing attributes in process `syz.3.9041'. [ 981.103711][T24432] loop0: detected capacity change from 0 to 32768 [ 981.147212][T24432] [ 981.147212][T24432] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 981.147212][T24432] [ 981.237255][T24432] ERROR: (device loop0): xtTruncate_pmap: XT_GETPAGE: xtree page corrupt [ 981.237255][T24432] [ 981.301342][T24432] ERROR: (device loop0): jfs_unlink: [ 981.301342][T24432] [ 981.476120][ T4267] ERROR: (device loop0): xtTruncate: XT_GETPAGE: xtree page corrupt [ 981.476120][ T4267] [ 981.513859][ T56] ERROR: (device loop0): diWrite: ixpxd invalid [ 981.513859][ T56] [ 981.566554][ T56] ERROR: (device loop0): txCommit: [ 981.566554][ T56] [ 981.574043][ T56] jfs_write_inode: jfs_commit_inode failed! [ 981.597876][ T4267] [ 981.597876][ T4267] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 981.597876][ T4267] [ 981.619866][ T4267] [ 981.619866][ T4267] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 981.619866][ T4267] [ 981.667037][ T9989] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 981.892113][ T9989] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 981.916106][ T9989] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 981.947378][ T9989] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 981.977229][ T9989] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 981.994297][ T9989] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 982.029815][ T9989] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 982.096304][ T9989] usb 4-1: config 0 descriptor?? [ 982.325350][ T9989] hdpvr 4-1:0.0: firmware version 0x3 dated 3;¨“Ã~&X^€œ wÒΖŠÒ¥ g/ƒNÐ `žxè$«·¯=å"Ü— [ 982.355499][ T9989] hdpvr 4-1:0.0: untested firmware, the driver might not work. [ 982.518822][T24504] loop5: detected capacity change from 0 to 512 [ 982.523759][T24508] loop0: detected capacity change from 0 to 16 [ 982.540345][T24504] EXT4-fs: Ignoring removed orlov option [ 982.550935][T24504] EXT4-fs: Ignoring removed nobh option [ 982.572303][ T9989] hdpvr 4-1:0.0: device init failed [ 982.577811][ T9989] hdpvr: probe of 4-1:0.0 failed with error -12 [ 982.604207][T24504] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 982.615052][T24508] erofs: (device loop0): mounted with root inode @ nid 36. [ 982.635205][ T9989] usb 4-1: USB disconnect, device number 16 [ 982.751058][T24504] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.9063: bg 0: block 248: padding at end of block bitmap is not set [ 982.765820][T24508] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 982.826950][T24504] Quota error (device loop5): write_blk: dquota write failed [ 982.842083][T24504] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 982.864406][T24504] EXT4-fs error (device loop5): ext4_acquire_dquot:6835: comm syz.5.9063: Failed to acquire dquot type 1 [ 982.885971][T24504] EXT4-fs (loop5): 1 truncate cleaned up [ 982.892777][T24504] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 982.923383][T24504] EXT4-fs: Ignoring removed orlov option [ 982.929356][T24504] EXT4-fs: Ignoring removed nobh option [ 982.958715][T24504] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 982.983040][T24504] EXT4-fs error (device loop5): __ext4_remount:6644: comm syz.5.9063: Abort forced by user [ 983.005836][T24504] EXT4-fs (loop5): Remounting filesystem read-only [ 983.026810][T24491] loop1: detected capacity change from 0 to 32768 [ 983.028141][T24504] EXT4-fs (loop5): re-mounted. Quota mode: writeback. [ 983.051265][T24515] loop0: detected capacity change from 0 to 64 [ 983.124807][T24515] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing [ 983.159425][T24491] XFS (loop1): Mounting V5 Filesystem [ 983.232122][T21754] EXT4-fs (loop5): unmounting filesystem. [ 983.246599][T24491] XFS (loop1): Metadata CRC error detected at xfs_agf_read_verify+0x192/0x250, xfs_agf block 0x1 [ 983.287404][T24491] XFS (loop1): Unmount and run xfs_repair [ 983.293257][T24491] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 983.300969][T24491] 00000000: 58 41 47 46 00 00 00 00 00 00 00 00 00 00 10 00 XAGF............ [ 983.311167][T24491] 00000010: 00 00 00 01 00 00 00 02 00 00 00 00 00 00 00 01 ................ [ 983.320694][T24491] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04 ................ [ 983.330076][T24491] 00000030: 00 00 00 04 00 00 0b a2 00 00 0b a0 00 00 00 00 ................ [ 983.339904][T24491] 00000040: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 983.350333][T24491] 00000050: 00 00 00 00 00 00 00 01 00 00 00 05 00 00 00 01 ................ [ 983.382420][T24491] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 983.398112][T24491] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 983.441076][T24491] XFS (loop1): metadata I/O error in "xfs_read_agf+0x2b6/0x630" at daddr 0x1 len 1 error 74 [ 983.490706][T24491] XFS (loop1): Error -117 reserving per-AG metadata reserve pool. [ 983.532601][T24491] XFS (loop1): Corruption of in-memory data (0x8) detected at xfs_fs_reserve_ag_blocks+0x1c6/0x1f0 (fs/xfs/xfs_fsops.c:587). Shutting down filesystem. [ 983.590927][T24491] XFS (loop1): Please unmount the filesystem and rectify the problem(s) [ 983.599365][T24491] XFS (loop1): Ending clean mount [ 983.639357][T24491] XFS (loop1): Failed to initialize disk quotas. [ 983.734931][T24533] loop4: detected capacity change from 0 to 2048 [ 983.788212][T24533] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 983.885155][ T4268] XFS (loop1): Unmounting Filesystem [ 983.894824][T24540] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 985.091889][T24569] loop3: detected capacity change from 0 to 4096 [ 985.164881][T24578] program syz.5.9093 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 985.285333][T24582] loop4: detected capacity change from 0 to 512 [ 985.321650][T24582] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 985.394943][T24582] EXT4-fs error (device loop4): ext4_empty_dir:3145: inode #12: block 32: comm syz.4.9095: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 985.441638][T24582] EXT4-fs warning (device loop4): ext4_empty_dir:3147: inode #12: comm syz.4.9095: directory missing '.' [ 985.728507][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 986.447759][T24618] loop0: detected capacity change from 0 to 512 [ 986.508684][T24625] overlayfs: missing 'lowerdir' [ 986.514658][T24624] xt_hashlimit: size too large, truncated to 1048576 [ 986.536852][T24626] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9116'. [ 986.558086][T24618] EXT4-fs: Ignoring removed nobh option [ 986.724549][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 986.731119][ T1273] ieee802154 phy1 wpan1: encryption failed: -22 [ 986.742389][T24618] EXT4-fs error (device loop0): ext4_do_update_inode:5272: inode #16: comm syz.0.9112: corrupted inode contents [ 986.827437][T24618] EXT4-fs (loop0): Remounting filesystem read-only [ 986.874714][T24618] EXT4-fs error (device loop0): ext4_dirty_inode:6137: inode #16: comm syz.0.9112: mark_inode_dirty error [ 986.890310][T24618] EXT4-fs (loop0): Remounting filesystem read-only [ 986.917342][T24618] EXT4-fs error (device loop0): ext4_do_update_inode:5272: inode #16: comm syz.0.9112: corrupted inode contents [ 986.967455][T24618] EXT4-fs (loop0): Remounting filesystem read-only [ 986.978474][T24618] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm syz.0.9112: mark_inode_dirty error [ 987.023412][T24618] EXT4-fs (loop0): Remounting filesystem read-only [ 987.046848][T24618] EXT4-fs error (device loop0): ext4_do_update_inode:5272: inode #16: comm syz.0.9112: corrupted inode contents [ 987.100978][T24618] EXT4-fs (loop0): Remounting filesystem read-only [ 987.111873][T24618] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem [ 987.131925][T24618] EXT4-fs (loop0): Remounting filesystem read-only [ 987.142456][T24618] EXT4-fs error (device loop0): ext4_do_update_inode:5272: inode #16: comm syz.0.9112: corrupted inode contents [ 987.182580][T24618] EXT4-fs (loop0): Remounting filesystem read-only [ 987.199427][T24618] EXT4-fs error (device loop0): ext4_truncate:4318: inode #16: comm syz.0.9112: mark_inode_dirty error [ 987.258880][T24618] EXT4-fs (loop0): Remounting filesystem read-only [ 987.277050][T24618] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem [ 987.303406][T24618] EXT4-fs (loop0): Remounting filesystem read-only [ 987.312879][T24618] EXT4-fs (loop0): 1 truncate cleaned up [ 987.319717][T24618] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 987.335988][ T46] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 987.376896][ T46] EXT4-fs error (device loop0): ext4_release_dquot:6871: comm kworker/u4:3: Failed to release dquot type 1 [ 987.419228][ T46] EXT4-fs (loop0): Remounting filesystem read-only [ 987.444247][T24618] EXT4-fs error (device loop0): ext4_empty_dir:3177: inode #12: block 13: comm syz.0.9112: bad entry in directory: inode out of bounds - offset=24, inode=33554445, rec_len=16, size=4096 fake=0 [ 987.473695][T24618] EXT4-fs (loop0): Remounting filesystem read-only [ 987.565890][ T4267] EXT4-fs (loop0): unmounting filesystem. [ 987.581569][ T56] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 987.616157][T24643] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 987.621621][ T56] EXT4-fs error (device loop0): ext4_release_dquot:6871: comm kworker/u4:4: Failed to release dquot type 1 [ 987.683055][ T56] EXT4-fs (loop0): Remounting filesystem read-only [ 987.831379][T24648] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9127'. [ 988.334362][T24670] loop1: detected capacity change from 0 to 128 [ 988.401982][T24670] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 988.544108][T24670] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:406: inode #2: comm syz.1.9137: No space for directory leaf checksum. Please run e2fsck -D. [ 988.638464][T24670] EXT4-fs error (device loop1): __ext4_find_entry:1696: inode #2: comm syz.1.9137: checksumming directory block 0 [ 988.736974][ T4320] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 988.804356][ T4268] EXT4-fs (loop1): unmounting filesystem. [ 988.827824][T24687] netlink: 2 bytes leftover after parsing attributes in process `syz.5.9145'. [ 988.963495][ T4320] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00 [ 988.974302][ T4320] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 988.995948][ T4320] usb 1-1: Product: syz [ 989.001784][ T4320] usb 1-1: SerialNumber: syz [ 989.032047][ T4320] usb 1-1: config 0 descriptor?? [ 989.261303][ T4320] hso 1-1:0.0: Failed to find BULK IN ep [ 989.481937][ T27] usb 1-1: USB disconnect, device number 16 [ 990.328963][T24733] loop0: detected capacity change from 0 to 512 [ 990.439270][T24742] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9170'. [ 990.457700][T24709] loop4: detected capacity change from 0 to 32768 [ 990.487232][T24733] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 990.498994][T24742] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9170'. [ 990.527088][T24709] ERROR: (device loop4): xtSearch: XT_GETPAGE: xtree page corrupt [ 990.527088][T24709] [ 990.559334][T24709] xtLookup: xtSearch returned -5 [ 990.564460][T24709] free_index: error reading directory table [ 990.612618][T24709] ERROR: (device loop4): xtSearch: XT_GETPAGE: xtree page corrupt [ 990.612618][T24709] [ 990.637690][T24733] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 990.676302][T24709] xtLookup: xtSearch returned -5 [ 990.713982][T24709] free_index: error reading directory table [ 990.723906][T24733] Quota error (device loop0): write_blk: dquota write failed [ 990.739007][T24709] ERROR: (device loop4): xtSearch: XT_GETPAGE: xtree page corrupt [ 990.739007][T24709] [ 990.763313][T24733] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota [ 990.785490][T24709] xtLookup: xtSearch returned -5 [ 990.790865][T24709] free_index: error reading directory table [ 990.901503][T24733] EXT4-fs error (device loop0): ext4_acquire_dquot:6835: comm syz.0.9167: Failed to acquire dquot type 1 [ 991.038224][ T4267] EXT4-fs (loop0): unmounting filesystem. [ 991.085350][T24754] netlink: 'syz.4.9176': attribute type 5 has an invalid length. [ 991.544968][T24771] netlink: 'syz.3.9183': attribute type 2 has an invalid length. [ 991.601653][T24771] netlink: 'syz.3.9183': attribute type 8 has an invalid length. [ 991.632352][T24771] netlink: 132 bytes leftover after parsing attributes in process `syz.3.9183'. [ 991.769763][T24776] loop1: detected capacity change from 0 to 2048 [ 991.871638][T24781] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 991.872011][T24778] netlink: 240 bytes leftover after parsing attributes in process `syz.0.9188'. [ 991.922953][T24782] loop4: detected capacity change from 0 to 16 [ 991.977124][T24782] erofs: (device loop4): mounted with root inode @ nid 36. [ 992.042135][T24782] erofs: (device loop4): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 992.112898][T16297] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress 7514 in[4096, 0] out[8192] [ 992.129769][T24782] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress 7514 in[4096, 0] out[8192] [ 992.173637][ T26] audit: type=1800 audit(1967.724:180): pid=24782 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.9190" name="file3" dev="loop4" ino=89 res=0 errno=0 [ 992.260690][T24781] NILFS (loop1): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 992.314843][T24781] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=4) [ 992.363613][T24781] Remounting filesystem read-only [ 992.375840][T24793] loop3: detected capacity change from 0 to 512 [ 992.398996][ T4268] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer [ 992.528918][T24793] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 992.751013][ T4269] EXT4-fs (loop3): unmounting filesystem. [ 993.177380][T24821] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9207'. [ 993.529127][T24829] loop3: detected capacity change from 0 to 4096 [ 993.568029][T24836] loop1: detected capacity change from 0 to 512 [ 993.604721][T24837] loop4: detected capacity change from 0 to 512 [ 993.637802][T24829] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 993.660442][T24836] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 993.692958][T24829] ntfs3: loop3: Failed to load $Extend. [ 993.741048][T24836] Quota error (device loop1): do_check_range: Getting dqdh_next_free 2741 out of range 0-6 [ 993.808957][T24837] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 993.843429][T24836] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 993.889010][T24836] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.9215: Failed to acquire dquot type 0 [ 994.067928][ T4280] EXT4-fs (loop4): unmounting filesystem. [ 994.074098][T24850] loop5: detected capacity change from 0 to 256 [ 994.123410][ T4268] EXT4-fs (loop1): unmounting filesystem. [ 994.171905][T24850] exfat: Deprecated parameter 'utf8' [ 994.200322][T24854] netlink: 45 bytes leftover after parsing attributes in process `syz.3.9223'. [ 994.209655][T24850] exfat: Deprecated parameter 'utf8' [ 994.255608][T24850] exfat: Deprecated parameter 'utf8' [ 994.341705][T24850] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 994.615097][T24865] loop1: detected capacity change from 0 to 512 [ 994.734915][T24871] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 994.770783][T24865] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 994.782901][T24865] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 994.847453][T24865] System zones: 0-1, 15-15, 18-18, 34-34 [ 994.854472][T24865] EXT4-fs (loop1): orphan cleanup on readonly fs [ 994.861215][T24865] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0 [ 994.870772][T24865] EXT4-fs warning (device loop1): ext4_enable_quotas:7087: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 994.885628][T24865] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 994.899181][T24865] EXT4-fs (loop1): 1 truncate cleaned up [ 994.912399][T24865] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 994.940557][T24865] fscrypt (loop1, inode 16): Error -61 getting encryption context [ 994.982954][T24876] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9233'. [ 995.077112][ T4268] EXT4-fs (loop1): unmounting filesystem. [ 995.360975][T24886] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9238'. [ 995.540718][T24860] loop3: detected capacity change from 0 to 32768 [ 995.607856][T24860] (syz.3.9226,24860,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 995.646240][T24860] (syz.3.9226,24860,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 995.714803][T24860] JBD2: Ignoring recovery information on journal [ 995.769145][T24901] xt_bpf: check failed: parse error [ 995.775164][T24899] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9245'. [ 995.836144][T24860] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 995.876707][ T9991] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 996.091581][ T9991] usb 5-1: New USB device found, idVendor=2c42, idProduct=1602, bcdDevice=da.64 [ 996.103126][ T4269] ocfs2: Unmounting device (7,3) on (node local) [ 996.135811][ T9991] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 996.169297][ T9991] usb 5-1: Product: syz [ 996.173545][ T9991] usb 5-1: Manufacturer: syz [ 996.197712][ T9991] usb 5-1: SerialNumber: syz [ 996.241934][ T9991] usb 5-1: config 0 descriptor?? [ 996.263318][ T9991] hub 5-1:0.0: bad descriptor, ignoring hub [ 996.289036][ T9991] hub: probe of 5-1:0.0 failed with error -5 [ 996.295808][ T9991] f81232 5-1:0.0: f81534a converter detected [ 996.493453][ T9991] usb 5-1: f81534a converter now attached to ttyUSB0 [ 996.786290][T24933] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9258'. [ 996.846116][ T9991] usb 5-1: USB disconnect, device number 12 [ 996.859885][ T9991] f81534a ttyUSB0: f81534a converter now disconnected from ttyUSB0 [ 996.905346][ T9991] f81232 5-1:0.0: device disconnected [ 997.015209][T24930] loop5: detected capacity change from 0 to 4096 [ 997.034034][T24930] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 997.132653][T24930] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 997.730093][T24953] loop1: detected capacity change from 0 to 4096 [ 997.760428][T24953] ntfs3: loop1: ino=3, Correct links count -> 2. [ 998.320854][T24978] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 999.118844][T25011] loop4: detected capacity change from 0 to 128 [ 1001.026689][T25082] Timeout policy `syz0' can only be used by L3 protocol number 37632 [ 1001.266304][T25092] loop1: detected capacity change from 0 to 8 [ 1001.413065][T25092] SQUASHFS error: Failed to read block 0x1ec: -5 [ 1001.420564][T25092] SQUASHFS error: Unable to read metadata cache entry [1ea] [ 1001.716984][ T125] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 1001.795825][T25112] loop0: detected capacity change from 0 to 256 [ 1001.848662][T25112] FAT-fs (loop0): Directory bread(block 64) failed [ 1001.886696][T25112] FAT-fs (loop0): Directory bread(block 65) failed [ 1001.906867][T25112] FAT-fs (loop0): Directory bread(block 66) failed [ 1001.933677][T25112] FAT-fs (loop0): Directory bread(block 67) failed [ 1001.940396][T25112] FAT-fs (loop0): Directory bread(block 68) failed [ 1001.954908][ T125] usb 6-1: Using ep0 maxpacket: 8 [ 1001.962014][ T125] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64 [ 1001.980417][T25112] FAT-fs (loop0): Directory bread(block 69) failed [ 1001.997986][ T125] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1002.007698][ T125] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1002.014685][T25112] FAT-fs (loop0): Directory bread(block 70) failed [ 1002.021734][T25112] FAT-fs (loop0): Directory bread(block 71) failed [ 1002.042995][T25112] FAT-fs (loop0): Directory bread(block 72) failed [ 1002.050672][ T125] usb 6-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 1002.060075][T25112] FAT-fs (loop0): Directory bread(block 73) failed [ 1002.073760][ T125] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1002.082255][ T125] usb 6-1: Product: syz [ 1002.108399][T25116] loop3: detected capacity change from 0 to 1024 [ 1002.125022][ T125] usb 6-1: Manufacturer: syz [ 1002.151851][ T125] usb 6-1: SerialNumber: syz [ 1002.194706][ T125] usb 6-1: config 0 descriptor?? [ 1002.227982][ T125] snd_usb_toneport 6-1:0.0: Line 6 TonePort UX2 found [ 1002.443305][ T125] snd_usb_toneport 6-1:0.0: cannot get proper max packet size [ 1002.451038][ T125] snd_usb_toneport 6-1:0.0: Line 6 TonePort UX2 now disconnected [ 1002.497757][ T125] snd_usb_toneport: probe of 6-1:0.0 failed with error -22 [ 1002.643014][T25106] loop4: detected capacity change from 0 to 32768 [ 1002.667994][ T9991] usb 6-1: USB disconnect, device number 6 [ 1002.687512][T25106] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz.4.9346 (25106) [ 1002.751937][T25128] loop1: detected capacity change from 0 to 512 [ 1002.777548][T25106] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 1002.831544][T25106] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 1002.860792][T25106] BTRFS info (device loop4): turning off barriers [ 1002.875645][T25106] BTRFS info (device loop4): enabling ssd optimizations [ 1002.882825][T25106] BTRFS info (device loop4): using spread ssd allocation scheme [ 1002.891558][T25106] BTRFS info (device loop4): enabling auto defrag [ 1002.898365][T25106] BTRFS info (device loop4): not using ssd optimizations [ 1002.906978][T25128] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1002.924112][T25106] BTRFS info (device loop4): not using spread ssd allocation scheme [ 1002.965511][T25106] BTRFS info (device loop4): ignoring data csums [ 1003.006786][T25106] BTRFS info (device loop4): force zlib compression, level 3 [ 1003.047136][T25106] BTRFS info (device loop4): enabling ssd optimizations [ 1003.086654][T25106] BTRFS info (device loop4): using spread ssd allocation scheme [ 1003.125205][T25106] BTRFS info (device loop4): using free space tree [ 1003.211540][ T125] usb 2-1: new full-speed USB device number 28 using dummy_hcd [ 1003.305280][T25156] netlink: 'syz.0.9363': attribute type 4 has an invalid length. [ 1003.351349][T25161] loop5: detected capacity change from 0 to 128 [ 1003.409359][ T125] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1003.437140][ T125] usb 2-1: not running at top speed; connect to a high speed hub [ 1003.448292][T25161] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1003.457238][ T9991] usb 4-1: new full-speed USB device number 17 using dummy_hcd [ 1003.459086][ T125] usb 2-1: config 1 has an invalid descriptor of length 252, skipping remainder of the config [ 1003.476447][ T125] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 1003.490589][ T125] usb 2-1: too many endpoints for config 1 interface 1 altsetting 143: 86, using maximum allowed: 30 [ 1003.514016][T25161] EXT4-fs (loop5): resizing filesystem from 64 to 2 blocks [ 1003.544572][ T125] usb 2-1: config 1 interface 1 altsetting 143 has 0 endpoint descriptors, different from the interface descriptor's value: 86 [ 1003.551395][T25161] EXT4-fs warning (device loop5): ext4_resize_fs:2051: can't shrink FS - resize aborted [ 1003.618147][ T125] usb 2-1: config 1 interface 1 has no altsetting 0 [ 1003.629343][T25166] loop0: detected capacity change from 0 to 4096 [ 1003.643302][T25166] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 1003.665995][ T125] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1003.688506][ T125] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 1003.696692][ T125] usb 2-1: Product: syz [ 1003.706030][ T125] usb 2-1: Manufacturer: syz [ 1003.710962][ T9991] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 4 [ 1003.715067][ T125] usb 2-1: SerialNumber: syz [ 1003.740968][ T9991] usb 4-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 1003.748621][T25128] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1003.757584][ T9991] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1003.767173][ T9991] usb 4-1: Product: syz [ 1003.771480][ T9991] usb 4-1: Manufacturer: syz [ 1003.776669][ T9991] usb 4-1: SerialNumber: syz [ 1003.803532][ T9991] usb 4-1: config 0 descriptor?? [ 1003.820306][T21754] EXT4-fs (loop5): unmounting filesystem. [ 1003.870418][ T9991] hub 4-1:0.0: bad descriptor, ignoring hub [ 1003.885102][ T9991] hub: probe of 4-1:0.0 failed with error -5 [ 1003.900089][T25166] ntfs3: loop0: failed to convert "c46c" to cp437 [ 1003.917146][ T9991] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input47 [ 1004.012050][ T4280] BTRFS info (device loop4: state C): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 1004.032292][ T125] cdc_acm: probe of 2-1:1.0 failed with error -22 [ 1004.103977][ T125] usb 2-1: USB disconnect, device number 28 [ 1004.355993][ T4396] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by udevd (4396) [ 1004.768535][ T4268] EXT4-fs (loop1): unmounting filesystem. [ 1004.952406][ T125] usb 4-1: USB disconnect, device number 17 [ 1005.040309][T25190] netlink: 40 bytes leftover after parsing attributes in process `syz.0.9375'. [ 1005.916476][T25217] loop3: detected capacity change from 0 to 256 [ 1005.996780][ T4396] blk_print_req_error: 2 callbacks suppressed [ 1005.996808][ T4396] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1006.188604][T25217] loop3: detected capacity change from 0 to 4096 [ 1006.195778][ T4396] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1006.212998][T25217] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1006.281235][T25217] ntfs: (device loop3): parse_options(): Option iocharset is deprecated. Please use option nls= in the future. [ 1006.299385][T23623] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 1006.312286][T25227] loop0: detected capacity change from 0 to 1764 [ 1006.325741][T25217] ntfs: (device loop3): parse_options(): Unrecognized mount option uni_xlate. [ 1006.370491][T25217] ntfs: (device loop3): parse_options(): Unrecognized mount option uni_xlate. [ 1006.415043][T25217] ntfs: (device loop3): parse_options(): Unrecognized mount option shortname. [ 1006.461744][T25217] ntfs: (device loop3): parse_options(): Unrecognized mount option shortname. [ 1006.503564][T25217] ntfs: (device loop3): parse_options(): Unrecognized mount option uni_xlate. [ 1006.516126][T23623] usb 5-1: config 0 has an invalid interface number: 117 but max is 0 [ 1006.525795][T23623] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1006.568843][T25217] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1006.613682][T25217] ntfs: (device loop3): parse_options(): Unrecognized mount option tz. [ 1006.613762][T23623] usb 5-1: config 0 has no interface number 0 [ 1006.622466][T25217] ntfs: (device loop3): parse_options(): Unrecognized mount option shortname. [ 1006.700913][T23623] usb 5-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 1006.740343][T23623] usb 5-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1006.818753][T23623] usb 5-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 1006.869673][T23623] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1006.922366][T23623] usb 5-1: Product: syz [ 1006.930045][T23623] usb 5-1: Manufacturer: syz [ 1006.934754][T23623] usb 5-1: SerialNumber: syz [ 1006.984360][T23623] usb 5-1: config 0 descriptor?? [ 1007.054463][T25244] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 1007.433606][T23623] usbtouchscreen: probe of 5-1:0.117 failed with error -71 [ 1007.476529][T23623] usb 5-1: USB disconnect, device number 13 [ 1007.500776][T25257] ieee802154 phy0 wpan0: encryption failed: -22 [ 1007.766140][T25271] netlink: set zone limit has 4 unknown bytes [ 1008.321627][T25284] loop5: detected capacity change from 0 to 4096 [ 1008.359172][T25284] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 1008.465768][T25284] ntfs3: loop5: ntfs_set_state r=3 failed, -22. [ 1008.552717][ T5098] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 1008.600120][T25293] x_tables: unsorted entry at hook 1 [ 1008.619164][ T4296] ntfs3: loop5: ntfs3_write_inode r=3 failed, -22. [ 1008.629203][T21754] ntfs3: loop5: ntfs_set_state r=3 failed, -22. [ 1008.647858][T21754] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 1008.668583][T21754] ntfs3: loop5: ntfs_set_state r=3 failed, -22. [ 1008.690642][ T33] ntfs3: loop5: ntfs3_write_inode r=3 failed, -22. [ 1008.701564][T21754] ntfs3: loop5: ntfs_evict_inode r=5 failed, -22. [ 1008.732625][T25269] loop1: detected capacity change from 0 to 32768 [ 1008.738388][T21754] ntfs3: loop5: ntfs_evict_inode r=3 failed, -22. [ 1008.771529][ T5098] usb 1-1: config 0 has no interfaces? [ 1008.782622][ T5098] usb 1-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 1008.821865][ T5098] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1008.851917][ T5098] usb 1-1: Product: syz [ 1008.865547][ T5098] usb 1-1: Manufacturer: syz [ 1008.873384][ T5098] usb 1-1: SerialNumber: syz [ 1008.899698][ T5098] r8152-cfgselector 1-1: config 0 descriptor?? [ 1008.919902][T25269] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 1009.132740][ T4268] ocfs2: Unmounting device (7,1) on (node local) [ 1009.166845][T25306] netlink: 'syz.4.9431': attribute type 1 has an invalid length. [ 1009.182083][ T5098] usbip-host 1-1: 1-1 is not in match_busid table... skip! [ 1009.202997][T25306] netlink: 'syz.4.9431': attribute type 2 has an invalid length. [ 1009.400979][T23623] usb 1-1: USB disconnect, device number 17 [ 1010.233298][T25336] netlink: 'syz.1.9446': attribute type 15 has an invalid length. [ 1010.276195][T25336] netlink: 25 bytes leftover after parsing attributes in process `syz.1.9446'. [ 1010.384642][T25342] x_tables: unsorted underflow at hook 4 [ 1010.476286][T25310] loop5: detected capacity change from 0 to 32768 [ 1010.613971][T25310] XFS (loop5): Mounting V5 Filesystem [ 1010.702910][T25357] ax25_connect(): syz.0.9453 uses autobind, please contact jreuter@yaina.de [ 1010.837698][T25310] XFS (loop5): Ending clean mount [ 1011.045358][T21754] XFS (loop5): Unmounting Filesystem [ 1011.611595][T25385] netlink: 36 bytes leftover after parsing attributes in process `syz.0.9467'. [ 1012.261253][T25407] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9477'. [ 1012.273990][T25403] loop4: detected capacity change from 0 to 4096 [ 1012.304531][T25403] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 1012.468467][T25411] loop5: detected capacity change from 0 to 1764 [ 1013.151483][T25425] loop5: detected capacity change from 0 to 4096 [ 1013.241852][T25425] __ntfs_warning: 7 callbacks suppressed [ 1013.241868][T25425] ntfs: (device loop5): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1013.394796][T25425] ntfs: (device loop5): ntfs_read_locked_inode(): Corrupt standard information attribute in inode. [ 1013.445992][T25425] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1013.490280][T25425] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1013.570314][T25425] ntfs: volume version 3.1. [ 1013.580983][T25425] syz.5.9486: attempt to access beyond end of device [ 1013.580983][T25425] loop5: rw=0, sector=36178056, nr_sectors = 4 limit=4096 [ 1013.628745][T25425] ntfs: (device loop5): ntfs_end_buffer_async_read(): Buffer I/O error, logical block 0x8a0222. [ 1013.677921][T25425] syz.5.9486: attempt to access beyond end of device [ 1013.677921][T25425] loop5: rw=0, sector=36178060, nr_sectors = 4 limit=4096 [ 1013.717232][T25425] ntfs: (device loop5): ntfs_end_buffer_async_read(): Buffer I/O error, logical block 0x8a0223. [ 1013.735809][T25425] ntfs: (device loop5): ntfs_lookup_inode_by_name(): Failed to map directory index page, error 5. [ 1013.793448][T25425] ntfs: (device loop5): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 1013.856796][T25425] ntfs: (device loop5): load_system_files(): Failed to determine if Windows is hibernated. Mounting read-only. Run chkdsk. [ 1013.910854][T25446] netlink: 36 bytes leftover after parsing attributes in process `syz.4.9496'. [ 1013.946056][T25425] syz.5.9486: attempt to access beyond end of device [ 1013.946056][T25425] loop5: rw=0, sector=36178056, nr_sectors = 4 limit=4096 [ 1013.984539][T25425] ntfs: (device loop5): ntfs_end_buffer_async_read(): Buffer I/O error, logical block 0x8a0222. [ 1014.044806][T25425] syz.5.9486: attempt to access beyond end of device [ 1014.044806][T25425] loop5: rw=0, sector=36178060, nr_sectors = 4 limit=4096 [ 1014.075889][T25417] loop3: detected capacity change from 0 to 40427 [ 1014.170854][T25417] F2FS-fs (loop3): Corrupted extension count (64 + 1 > 64) [ 1014.197422][T25452] netlink: 88 bytes leftover after parsing attributes in process `syz.1.9499'. [ 1014.240748][T25417] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1014.334536][T25417] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1014.543860][T25417] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1014.565697][T25417] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1014.581859][T25467] sctp: [Deprecated]: syz.0.9505 (pid 25467) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1014.581859][T25467] Use struct sctp_sack_info instead [ 1014.984198][T25479] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9509'. [ 1015.013564][T25480] loop1: detected capacity change from 0 to 164 [ 1015.048491][T25480] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1016.028415][ T125] usb 1-1: new low-speed USB device number 18 using dummy_hcd [ 1016.087832][T25508] loop1: detected capacity change from 0 to 2048 [ 1016.130412][T25508] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1016.251308][ T125] usb 1-1: unable to get BOS descriptor or descriptor too short [ 1016.268138][ T125] usb 1-1: config 7 has an invalid interface number: 199 but max is 0 [ 1016.322252][ T125] usb 1-1: config 7 has no interface number 0 [ 1016.328497][ T125] usb 1-1: config 7 interface 199 has no altsetting 0 [ 1016.364505][T25518] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 1016.375458][ T125] usb 1-1: string descriptor 0 read error: -22 [ 1016.397047][ T125] usb 1-1: New USB device found, idVendor=0c45, idProduct=6282, bcdDevice=cb.15 [ 1016.407357][T25518] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 1016.423992][ T125] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1016.442387][T25518] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1016.488118][ T125] gspca_main: gspca_sn9c20x-2.14.0 probing 0c45:6282 [ 1016.561113][T25524] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 1016.922751][T25536] loop4: detected capacity change from 0 to 64 [ 1016.929071][ T125] gspca_sn9c20x: Write register 1001 failed -71 [ 1016.929093][ T125] gspca_sn9c20x: Device initialization failed [ 1016.929142][ T125] gspca_sn9c20x: probe of 1-1:7.199 failed with error -71 [ 1016.939525][ T125] usb 1-1: USB disconnect, device number 18 [ 1017.057537][T23623] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 1017.087318][T25538] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9540'. [ 1017.131097][T25540] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 1017.289831][T23623] usb 4-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 1017.309261][T23623] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1017.319343][T23623] usb 4-1: Product: syz [ 1017.323978][T23623] usb 4-1: Manufacturer: syz [ 1017.360917][T23623] usb 4-1: SerialNumber: syz [ 1017.383850][T23623] usb 4-1: config 0 descriptor?? [ 1017.614822][T23623] hso 4-1:0.0: Can't find BULK IN endpoint [ 1017.632434][T23623] usb-storage 4-1:0.0: USB Mass Storage device detected [ 1017.834913][T23623] usb 4-1: USB disconnect, device number 18 [ 1017.946054][ T9992] usb 5-1: new full-speed USB device number 14 using dummy_hcd [ 1018.081304][T25572] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9555'. [ 1018.155717][ T9992] usb 5-1: config 0 has an invalid interface number: 207 but max is 0 [ 1018.194564][ T9992] usb 5-1: config 0 has no interface number 0 [ 1018.231869][ T9992] usb 5-1: New USB device found, idVendor=12d1, idProduct=ed56, bcdDevice=46.dd [ 1018.260861][ T9992] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1018.272513][ T9992] usb 5-1: Product: syz [ 1018.276775][ T9992] usb 5-1: Manufacturer: syz [ 1018.296554][ T9992] usb 5-1: SerialNumber: syz [ 1018.337768][ T9992] usb 5-1: config 0 descriptor?? [ 1018.369653][ T9992] qmi_wwan 5-1:0.207: bogus CDC Union: master=0, slave=1 [ 1018.575489][ T9992] qmi_wwan: probe of 5-1:0.207 failed with error -22 [ 1018.804053][ T9992] usb 5-1: USB disconnect, device number 14 [ 1018.903273][T25594] loop0: detected capacity change from 0 to 128 [ 1018.958718][T25594] EXT4-fs (loop0): Test dummy encryption mode enabled [ 1019.016257][T25594] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1019.047252][T25594] EXT4-fs (loop0): re-mounted. Quota mode: none. [ 1019.096654][ T4267] EXT4-fs (loop0): unmounting filesystem. [ 1020.225152][T25646] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 1020.320015][T25646] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready [ 1020.327596][T25646] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 1021.220494][T25682] IPv6: NLM_F_CREATE should be specified when creating new route [ 1021.249688][ T26] kauditd_printk_skb: 11 callbacks suppressed [ 1021.249704][ T26] audit: type=1326 audit(1994.555:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25683 comm="syz.1.9610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 1021.277798][ C0] vkms_vblank_simulate: vblank timer overrun [ 1021.382995][ T26] audit: type=1326 audit(1994.592:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25683 comm="syz.1.9610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 1021.445623][ T26] audit: type=1326 audit(1994.611:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25683 comm="syz.1.9610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 1021.571687][ T26] audit: type=1326 audit(1994.611:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25683 comm="syz.1.9610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 1021.665891][ T26] audit: type=1326 audit(1994.611:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25683 comm="syz.1.9610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 1021.713743][T25696] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9616'. [ 1021.742614][ T26] audit: type=1326 audit(1994.611:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25683 comm="syz.1.9610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 1021.786731][ T26] audit: type=1326 audit(1994.611:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25683 comm="syz.1.9610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 1021.834050][ T26] audit: type=1326 audit(1994.611:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25683 comm="syz.1.9610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 1021.930063][ T26] audit: type=1326 audit(1994.611:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25683 comm="syz.1.9610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f0d4159aeb9 code=0x7ffc0000 [ 1022.027865][ T4256] usb 1-1: new full-speed USB device number 19 using dummy_hcd [ 1022.129687][T25676] loop3: detected capacity change from 0 to 32768 [ 1022.208585][T25676] XFS (loop3): Mounting V5 Filesystem [ 1022.238658][ T4256] usb 1-1: config 1 interface 0 altsetting 255 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1022.248993][T16297] Bluetooth: hci5: command 0x0406 tx timeout [ 1022.270923][ T4256] usb 1-1: config 1 interface 0 altsetting 255 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 1022.301402][ T4256] usb 1-1: config 1 interface 0 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1022.311483][ T4256] usb 1-1: config 1 interface 0 altsetting 255 endpoint 0x3 has invalid maxpacket 29797, setting to 64 [ 1022.337511][ T4256] usb 1-1: config 1 interface 0 has no altsetting 0 [ 1022.346048][ T4256] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1022.366004][ T4256] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1022.374552][ T4256] usb 1-1: SerialNumber: syz [ 1022.411230][T25695] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1022.424008][ T4256] cdc_acm 1-1:1.0: Control and data interfaces are not separated! [ 1022.475468][T25676] XFS (loop3): Ending clean mount [ 1022.577136][ T4269] XFS (loop3): Unmounting Filesystem [ 1022.715684][ T9992] usb 1-1: USB disconnect, device number 19 [ 1023.452335][T25736] loop4: detected capacity change from 0 to 1024 [ 1023.660400][ T46] hfsplus: b-tree write err: -5, ino 4 [ 1023.713191][T25744] comedi comedi1: c6xdigio: I/O port conflict (0x2,3) [ 1024.194225][T25763] loop3: detected capacity change from 0 to 736 [ 1024.379883][T25763] rock: directory entry would overflow storage [ 1024.425381][T25763] rock: sig=0x3b10, size=4, remaining=3 [ 1025.085037][T25796] 8021q: VLANs not supported on hsr0 [ 1025.368289][T25807] loop3: detected capacity change from 0 to 1764 [ 1025.452278][T25807] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1026.548491][ T4256] usb 5-1: new full-speed USB device number 15 using dummy_hcd [ 1026.557684][T25854] xt_hashlimit: overflow, try lower: 5/0 [ 1026.745355][ T4256] usb 5-1: too many configurations: 227, using maximum allowed: 8 [ 1026.784196][ T4256] usb 5-1: New USB device found, idVendor=055d, idProduct=9000, bcdDevice=31.44 [ 1026.816767][ T4256] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1026.846567][ T4256] usb 5-1: config 0 descriptor?? [ 1026.869031][ T4256] pwc: Samsung MPC-C10 USB webcam detected. [ 1026.903967][ T4256] pwc: Warning: more than 1 configuration available. [ 1026.938633][ T125] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 1027.077307][ T4256] pwc: send_video_command error -71 [ 1027.084941][ T4256] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 1027.118277][ T4256] Philips webcam: probe of 5-1:0.0 failed with error -71 [ 1027.147148][ T4256] usb 5-1: USB disconnect, device number 15 [ 1027.170746][ T26] audit: type=1326 audit(2000.029:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25872 comm="syz.5.9701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 1027.175520][ T125] usb 2-1: config 0 has an invalid interface number: 255 but max is 0 [ 1027.220425][ T26] audit: type=1326 audit(2000.057:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25872 comm="syz.5.9701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 1027.261053][ T125] usb 2-1: config 0 has no interface number 0 [ 1027.280746][ T125] usb 2-1: config 0 interface 255 has no altsetting 0 [ 1027.292252][ T26] audit: type=1326 audit(2000.057:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25872 comm="syz.5.9701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 1027.300715][ T125] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1027.367533][ T125] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1027.385346][ T26] audit: type=1326 audit(2000.057:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25872 comm="syz.5.9701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 1027.412195][T25876] tmpfs: Bad value for 'mpol' [ 1027.423268][ T125] usb 2-1: config 0 descriptor?? [ 1027.449777][ T26] audit: type=1326 audit(2000.057:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25872 comm="syz.5.9701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05c1b9aeb9 code=0x7ffc0000 [ 1027.451436][ T125] cp210x 2-1:0.255: cp210x converter detected [ 1027.471652][ C0] vkms_vblank_simulate: vblank timer overrun [ 1027.725635][T25866] loop0: detected capacity change from 0 to 32768 [ 1027.766987][T25866] (syz.0.9695,25866,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1027.798101][T25866] (syz.0.9695,25866,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1027.887421][T25866] JBD2: Ignoring recovery information on journal [ 1027.906442][T25889] cgroup: none used incorrectly [ 1027.916931][ T125] cp210x 2-1:0.255: failed to get vendor val 0x000e size 3: -71 [ 1027.937420][ T125] usb 2-1: cp210x converter now attached to ttyUSB0 [ 1027.959127][ T125] usb 2-1: USB disconnect, device number 29 [ 1027.968048][ T125] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1027.976795][ T125] cp210x 2-1:0.255: device disconnected [ 1028.107645][T25866] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 1028.117433][ T26] audit: type=1326 audit(2000.906:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25893 comm="syz.4.9710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97b0b9aeb9 code=0x7ffc0000 [ 1028.194773][ T26] audit: type=1326 audit(2000.906:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25893 comm="syz.4.9710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f97b0b9c747 code=0x7ffc0000 [ 1028.289720][ T26] audit: type=1326 audit(2000.906:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25893 comm="syz.4.9710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f97b0b5b78e code=0x7ffc0000 [ 1028.317186][T25896] openvswitch: netlink: IP tunnel dst address not specified [ 1028.360567][ T26] audit: type=1326 audit(2000.924:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25893 comm="syz.4.9710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f97b0b5b78e code=0x7ffc0000 [ 1028.383616][ T26] audit: type=1326 audit(2000.924:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25893 comm="syz.4.9710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f97b0b5b78e code=0x7ffc0000 [ 1028.431834][T25900] binfmt_misc: register: failed to install interpreter file ./file0 [ 1028.502412][ T4267] ocfs2: Unmounting device (7,0) on (node local) [ 1028.731383][T25908] netlink: 'syz.4.9718': attribute type 12 has an invalid length. [ 1029.077191][T25912] loop5: detected capacity change from 0 to 4096 [ 1029.169201][T25912] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 1029.221991][T25912] ntfs3: loop5: Failed to load $MFT. [ 1029.315598][T25924] loop0: detected capacity change from 0 to 1764 [ 1029.424825][T25924] gfs2: Unexpected value for 'discard' [ 1029.885464][T25941] netlink: 'syz.1.9731': attribute type 39 has an invalid length. [ 1029.893423][T25941] netlink: 'syz.1.9731': attribute type 33 has an invalid length. [ 1029.945197][T25941] netlink: 36 bytes leftover after parsing attributes in process `syz.1.9731'. [ 1030.171191][T25915] loop4: detected capacity change from 0 to 32768 [ 1030.206354][T25952] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9736'. [ 1030.259906][T25915] XFS (loop4): Mounting V5 Filesystem [ 1030.297206][ T4256] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 1030.409859][T25963] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 1030.487397][T25915] XFS (loop4): Ending clean mount [ 1030.502973][ T4256] usb 6-1: Using ep0 maxpacket: 8 [ 1030.511216][ T4256] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1030.538994][T25915] XFS (loop4): Quotacheck needed: Please wait. [ 1030.558389][ T4256] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 1030.600884][ T4256] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1030.643454][ T4256] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid maxpacket 65535, setting to 1024 [ 1030.693101][ T4256] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1024 [ 1030.719622][T25915] XFS (loop4): Quotacheck: Done. [ 1030.765362][ T4256] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 1030.801655][ T4256] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 1030.840811][ T4256] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 1030.880450][ T4280] XFS (loop4): Unmounting Filesystem [ 1030.893693][ T4256] usb 6-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84 [ 1030.922811][ T4256] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1030.949054][ T4256] usb 6-1: Product: syz [ 1030.960762][ T4256] usb 6-1: Manufacturer: syz [ 1030.976287][ T4256] usb 6-1: SerialNumber: syz [ 1030.989338][ T4256] usb 6-1: config 0 descriptor?? [ 1031.001399][T25946] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1031.248537][ T4589] udevd[4589]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1031.292391][ T5098] usb 6-1: USB disconnect, device number 7 [ 1031.442275][T25985] xt_hashlimit: overflow, try lower: 18446744073709551615/9 [ 1031.488714][T25987] Unsupported ieee802154 address type: 0 [ 1032.185938][T26015] loop1: detected capacity change from 0 to 256 [ 1032.193327][T26011] loop5: detected capacity change from 0 to 2048 [ 1032.246965][T26015] FAT-fs (loop1): Directory bread(block 64) failed [ 1032.260443][T26011] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1032.290636][T26015] FAT-fs (loop1): Directory bread(block 65) failed [ 1032.297355][T26015] FAT-fs (loop1): Directory bread(block 66) failed [ 1032.341473][T26015] FAT-fs (loop1): Directory bread(block 67) failed [ 1032.370192][T26015] FAT-fs (loop1): Directory bread(block 68) failed [ 1032.409858][T26015] FAT-fs (loop1): Directory bread(block 69) failed [ 1032.416602][T26015] FAT-fs (loop1): Directory bread(block 70) failed [ 1032.479239][T26015] FAT-fs (loop1): Directory bread(block 71) failed [ 1032.494413][T26015] FAT-fs (loop1): Directory bread(block 72) failed [ 1032.518413][T26015] FAT-fs (loop1): Directory bread(block 73) failed [ 1032.722012][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 1032.722030][ T26] audit: type=1800 audit(2005.142:211): pid=26015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.9764" name="bus" dev="loop1" ino=1048636 res=0 errno=0 [ 1033.097033][T26043] loop0: detected capacity change from 0 to 256 [ 1033.215980][T26043] FAT-fs (loop0): Directory bread(block 64) failed [ 1033.248344][T26043] FAT-fs (loop0): Directory bread(block 65) failed [ 1033.272836][T26043] FAT-fs (loop0): Directory bread(block 66) failed [ 1033.320006][T26043] FAT-fs (loop0): Directory bread(block 67) failed [ 1033.326717][T26043] FAT-fs (loop0): Directory bread(block 68) failed [ 1033.341908][T26043] FAT-fs (loop0): Directory bread(block 69) failed [ 1033.389013][T26049] loop3: detected capacity change from 0 to 1024 [ 1033.406568][T26043] FAT-fs (loop0): Directory bread(block 70) failed [ 1033.413192][T26043] FAT-fs (loop0): Directory bread(block 71) failed [ 1033.459365][T26043] FAT-fs (loop0): Directory bread(block 72) failed [ 1033.500797][T26043] FAT-fs (loop0): Directory bread(block 73) failed [ 1033.693763][ T26] audit: type=1800 audit(2006.047:212): pid=26043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.9787" name="bus" dev="loop0" ino=1048637 res=0 errno=0 [ 1033.952230][T26067] loop5: detected capacity change from 0 to 64 [ 1034.148078][T26074] netlink: 'syz.1.9792': attribute type 21 has an invalid length. [ 1034.193909][T26074] netlink: 144 bytes leftover after parsing attributes in process `syz.1.9792'. [ 1034.405970][T26081] netlink: 'syz.4.9797': attribute type 10 has an invalid length. [ 1034.434828][T26081] device wlan1 entered promiscuous mode [ 1034.447528][T26083] loop0: detected capacity change from 0 to 1024 [ 1034.454880][T26081] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 1034.964279][T26101] sctp: [Deprecated]: syz.1.9806 (pid 26101) Use of int in max_burst socket option. [ 1034.964279][T26101] Use struct sctp_assoc_value instead [ 1035.100295][T26109] SET target dimension over the limit! [ 1035.250851][ T28] INFO: task syz-executor:4273 blocked for more than 143 seconds. [ 1035.258797][ T28] Not tainted syzkaller #0 [ 1035.291493][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1035.331776][ T28] task:syz-executor state:D stack:22064 pid:4273 ppid:1 flags:0x00004004 [ 1035.352543][ T28] Call Trace: [ 1035.355977][ T28] [ 1035.380668][ T28] __schedule+0x11d1/0x40e0 [ 1035.385304][ T28] ? mark_lock+0x94/0x320 [ 1035.395469][ T28] ? __sched_text_start+0x8/0x8 [ 1035.401138][ T28] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 1035.407221][ T28] ? lock_chain_count+0x20/0x20 [ 1035.423639][ T28] ? _raw_spin_lock_irq+0xb7/0xf0 [ 1035.428899][ T28] ? _raw_spin_lock_irqsave+0x100/0x100 [ 1035.434989][ T28] schedule+0xb9/0x180 [ 1035.439152][ T28] io_schedule+0x7c/0xd0 [ 1035.454061][ T28] folio_wait_bit_common+0x70a/0xfa0 [ 1035.463810][ T28] ? folio_wait_bit+0x30/0x30 [ 1035.470572][ T28] ? migration_entry_wait_on_locked+0xe90/0xe90 [ 1035.496953][ T28] ? folio_mapping+0x1ba/0x4d0 [ 1035.502156][ T28] truncate_inode_pages_range+0x9fe/0x1090 [ 1035.531464][ T28] ? mapping_evict_folio+0x520/0x520 [ 1035.536872][ T28] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 1035.543815][ T28] ? _raw_spin_unlock_irq+0x1f/0x40 [ 1035.549114][ T28] ? lockdep_hardirqs_on+0x94/0x140 [ 1035.554793][ T28] evict+0x4dc/0x8d0 [ 1035.558780][ T28] ? proc_nr_inodes+0x2f0/0x2f0 [ 1035.564051][ T28] ? do_raw_spin_unlock+0x11d/0x230 [ 1035.569322][ T28] ? do_raw_spin_unlock+0x11d/0x230 [ 1035.575099][ T28] evict_inodes+0x60c/0x6a0 [ 1035.579678][ T28] ? clear_inode+0x150/0x150 [ 1035.584738][ T28] generic_shutdown_super+0x93/0x340 [ 1035.590089][ T28] kill_block_super+0x7c/0xe0 [ 1035.595168][ T28] deactivate_locked_super+0x93/0xf0 [ 1035.600654][ T28] cleanup_mnt+0x42c/0x4b0 [ 1035.605142][ T28] ? lockdep_hardirqs_on+0x94/0x140 [ 1035.610492][ T28] task_work_run+0x1d0/0x260 [ 1035.616154][ T28] ? task_work_cancel+0x220/0x220 [ 1035.621450][ T28] ? exit_to_user_mode_loop+0x3b/0x110 [ 1035.626992][ T28] exit_to_user_mode_loop+0xe6/0x110 [ 1035.632645][ T28] exit_to_user_mode_prepare+0xee/0x180 [ 1035.638655][ T28] syscall_exit_to_user_mode+0x16/0x40 [ 1035.644173][ T28] do_syscall_64+0x58/0xa0 [ 1035.648664][ T28] ? clear_bhb_loop+0x60/0xb0 [ 1035.653840][ T28] ? clear_bhb_loop+0x60/0xb0 [ 1035.658567][ T28] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1035.664962][ T28] RIP: 0033:0x7f31b519c117 [ 1035.669441][ T28] RSP: 002b:00007ffc4b5e58f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1035.678281][ T28] RAX: 0000000000000000 RBX: 00007f31b520471f RCX: 00007f31b519c117 [ 1035.686704][ T28] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc4b5e59b0 [ 1035.695422][ T28] RBP: 00007ffc4b5e59b0 R08: 00007ffc4b5e69b0 R09: 00000000ffffffff [ 1035.704122][ T28] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc4b5e6a40 [ 1035.712170][ T28] R13: 00007f31b520471f R14: 00000000000c98ce R15: 00007ffc4b5e6a80 [ 1035.720607][ T28] [ 1035.736110][ T28] [ 1035.736110][ T28] Showing all locks held in the system: [ 1035.743912][ T28] 3 locks held by kworker/u4:0/9: [ 1035.757733][ T28] #0: ffff888017479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7b0/0x1160 [ 1035.781095][ T28] #1: ffffc900000e7d00 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_one_work+0x7b0/0x1160 [ 1035.792590][ T28] #2: ffffffff8cb331c0 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x48/0x600 [ 1035.802981][ T28] 1 lock held by rcu_tasks_kthre/12: [ 1035.808349][ T28] #0: ffffffff8cb2dfb0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00 [ 1035.833373][ T28] 1 lock held by rcu_tasks_trace/13: [ 1035.838764][ T28] #0: ffffffff8cb2e7d0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00 [ 1035.852547][ T28] 1 lock held by khungtaskd/28: [ 1035.861040][ T28] #0: ffffffff8cb2d620 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 [ 1035.871759][ T28] 1 lock held by udevd/3637: [ 1035.876429][ T28] 2 locks held by getty/4027: [ 1035.881626][ T28] #0: ffff88814d19f098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 1035.891999][ T28] #1: ffffc9000327b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x429/0x1390 [ 1035.913145][ T28] 1 lock held by syz-executor/4273: [ 1035.918428][ T28] #0: ffff88807863e0e0 (&type->s_umount_key#101){+.+.}-{3:3}, at: deactivate_super+0xa0/0xd0 [ 1035.929061][ T28] [ 1035.935240][ T28] ============================================= [ 1035.935240][ T28] [ 1035.945341][ T28] NMI backtrace for cpu 1 [ 1035.949746][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted syzkaller #0 [ 1035.956984][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1035.967112][ T28] Call Trace: [ 1035.970422][ T28] [ 1035.973380][ T28] dump_stack_lvl+0x188/0x24e [ 1035.978101][ T28] ? irq_work_queue+0xb8/0x140 [ 1035.982916][ T28] ? show_regs_print_info+0x12/0x12 [ 1035.988144][ T28] ? load_image+0x400/0x400 [ 1035.992681][ T28] ? vprintk_emit+0x59f/0x6a0 [ 1035.997407][ T28] ? printk_sprint+0x460/0x460 [ 1036.002242][ T28] nmi_cpu_backtrace+0x3e6/0x460 [ 1036.007237][ T28] ? nmi_trigger_cpumask_backtrace+0x450/0x450 [ 1036.013446][ T28] ? _printk+0xda/0x130 [ 1036.017647][ T28] ? load_image+0x400/0x400 [ 1036.022205][ T28] ? load_image+0x400/0x400 [ 1036.026754][ T28] ? nmi_trigger_cpumask_backtrace+0xf3/0x450 [ 1036.032867][ T28] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 1036.038992][ T28] nmi_trigger_cpumask_backtrace+0x1d4/0x450 [ 1036.045051][ T28] watchdog+0xeee/0xf30 [ 1036.049232][ T28] ? watchdog+0x1ed/0xf30 [ 1036.053583][ T28] kthread+0x29d/0x330 [ 1036.057681][ T28] ? hungtask_pm_notify+0x40/0x40 [ 1036.062741][ T28] ? kthread_blkcg+0xd0/0xd0 [ 1036.067385][ T28] ret_from_fork+0x1f/0x30 [ 1036.071845][ T28] [ 1036.075632][ T28] Sending NMI from CPU 1 to CPUs 0: [ 1036.080897][ C0] NMI backtrace for cpu 0 [ 1036.080909][ C0] CPU: 0 PID: 10918 Comm: kworker/u4:8 Not tainted syzkaller #0 [ 1036.080927][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1036.080938][ C0] Workqueue: events_unbound nsim_dev_trap_report_work [ 1036.080972][ C0] RIP: 0010:unwind_next_frame+0x1/0x20b0 [ 1036.080996][ C0] Code: 31 c0 5b 41 5e 41 5f c3 89 d9 80 e1 07 80 c1 03 38 c1 7c 97 48 89 df e8 7d 44 9a 00 eb 8d 66 2e 0f 1f 84 00 00 00 00 00 90 55 <41> 57 41 56 41 55 41 54 53 48 81 ec a0 00 00 00 48 89 fb 49 be 00 [ 1036.081011][ C0] RSP: 0018:ffffc9000ddd7678 EFLAGS: 00000202 [ 1036.081025][ C0] RAX: 0000000000000001 RBX: ffffc9000ddd7740 RCX: 0000000080000000 [ 1036.081038][ C0] RDX: dffffc0000000000 RSI: ffffffff8155a542 RDI: ffffc9000ddd7688 [ 1036.081051][ C0] RBP: ffffc9000ddd7710 R08: ffffc9000ddd7750 R09: 0000000000000006 [ 1036.081064][ C0] R10: dffffc0000000000 R11: fffff52001bbaedd R12: ffff88802f3e0000 [ 1036.081077][ C0] R13: ffff88814014a500 R14: ffffffff81712560 R15: ffffc9000ddd7688 [ 1036.081090][ C0] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 1036.081105][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1036.081117][ C0] CR2: 00007f9c1dde4198 CR3: 0000000075489000 CR4: 00000000003506f0 [ 1036.081133][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1036.081143][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1036.081154][ C0] Call Trace: [ 1036.081160][ C0] [ 1036.081166][ C0] arch_stack_walk+0x10c/0x140 [ 1036.081190][ C0] ? process_one_work+0x8a2/0x1160 [ 1036.081213][ C0] stack_trace_save+0xa6/0xf0 [ 1036.081235][ C0] ? stack_trace_snprint+0xf0/0xf0 [ 1036.081258][ C0] ? stack_trace_save+0xa6/0xf0 [ 1036.081280][ C0] ? memset+0x1e/0x40 [ 1036.081296][ C0] kasan_set_track+0x4b/0x70 [ 1036.081319][ C0] ? kasan_set_track+0x4b/0x70 [ 1036.081340][ C0] ? __kasan_slab_alloc+0x6b/0x80 [ 1036.081363][ C0] ? slab_post_alloc_hook+0x4b/0x480 [ 1036.081382][ C0] ? kmem_cache_alloc_node+0x14d/0x320 [ 1036.081399][ C0] ? __alloc_skb+0xfc/0x7e0 [ 1036.081422][ C0] ? nsim_dev_trap_report_work+0x28f/0xaf0 [ 1036.081444][ C0] ? process_one_work+0x8a2/0x1160 [ 1036.081486][ C0] __kasan_slab_alloc+0x6b/0x80 [ 1036.081511][ C0] slab_post_alloc_hook+0x4b/0x480 [ 1036.081533][ C0] kmem_cache_alloc_node+0x14d/0x320 [ 1036.081552][ C0] ? __alloc_skb+0xfc/0x7e0 [ 1036.081577][ C0] __alloc_skb+0xfc/0x7e0 [ 1036.081598][ C0] ? kmem_cache_free+0xf7/0x290 [ 1036.081618][ C0] nsim_dev_trap_report_work+0x28f/0xaf0 [ 1036.081654][ C0] ? process_one_work+0x7b0/0x1160 [ 1036.081673][ C0] process_one_work+0x8a2/0x1160 [ 1036.081700][ C0] ? worker_detach_from_pool+0x240/0x240 [ 1036.081724][ C0] ? _raw_spin_lock_irq+0xb7/0xf0 [ 1036.081751][ C0] ? _raw_spin_lock_irqsave+0x100/0x100 [ 1036.081780][ C0] ? kthread_data+0x4b/0xc0 [ 1036.081808][ C0] worker_thread+0xaa2/0x1270 [ 1036.081837][ C0] ? __kthread_parkme+0x162/0x1c0 [ 1036.081866][ C0] kthread+0x29d/0x330 [ 1036.081890][ C0] ? worker_clr_flags+0x1a0/0x1a0 [ 1036.081910][ C0] ? kthread_blkcg+0xd0/0xd0 [ 1036.081937][ C0] ret_from_fork+0x1f/0x30 [ 1036.081974][ C0] [ 1036.114078][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 1036.114130][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted syzkaller #0 [ 1036.114209][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1036.114259][ T28] Call Trace: [ 1036.114274][ T28] [ 1036.114306][ T28] dump_stack_lvl+0x188/0x24e [ 1036.114397][ T28] ? memcpy+0x3c/0x60 [ 1036.114462][ T28] ? show_regs_print_info+0x12/0x12 [ 1036.114541][ T28] ? load_image+0x400/0x400 [ 1036.114630][ T28] panic+0x2e5/0x730 [ 1036.114717][ T28] ? schedule_preempt_disabled+0x20/0x20 [ 1036.114824][ T28] ? bpf_jit_dump+0xd0/0xd0 [ 1036.114909][ T28] ? __irq_work_queue_local+0x12c/0x190 [ 1036.115015][ T28] ? nmi_trigger_cpumask_backtrace+0x35b/0x450 [ 1036.115107][ T28] ? nmi_trigger_cpumask_backtrace+0x360/0x450 [ 1036.115194][ T28] watchdog+0xf2d/0xf30 [ 1036.115273][ T28] ? watchdog+0x1ed/0xf30 [ 1036.115358][ T28] kthread+0x29d/0x330 [ 1036.115438][ T28] ? hungtask_pm_notify+0x40/0x40 [ 1036.115511][ T28] ? kthread_blkcg+0xd0/0xd0 [ 1036.115629][ T28] ret_from_fork+0x1f/0x30 [ 1036.115748][ T28] [ 1036.117574][ T28] Kernel Offset: disabled [ 1036.507774][ T28] Rebooting in 86400 seconds..