last executing test programs: 3.402245162s ago: executing program 1 (id=17378): unshare(0x20000600) syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000001040)={[{@volume={'volume', 0x3d, 0x139}}, {@nostrict}, {@uid_forget}, {@lastblock={'lastblock', 0x3d, 0x222}}, {@nostrict}, {}, {@umask={'umask', 0x3d, 0x697}}, {@mode={'mode', 0x3d, 0x5b60}}, {@uid}, {@session={'session', 0x3d, 0x3}}, {@dmode={'dmode', 0x3d, 0xe}}], [{@measure}, {@euid_lt}, {@euid_gt}, {@mask={'mask', 0x3d, 'MAY_EXEC'}}, {@dont_measure}, {@smackfsdef={'smackfsdef', 0x3d, '\\'}}, {@appraise_type}, {@euid_lt}]}, 0x1, 0xc43, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl46nTaZsOhh9AYAOCBuDz21VNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+9ILQ+e7eak98wH199pn4rWxKxcbL8/enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvn5r8vr1hcaZ589u2nx74P3+J44PXBh69uQz3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORornvvfT1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnzn2Fq6mt/6UZ2HL1YDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/iji1Ujxs3dOxLV8n6nuNV+IeLXMH0S8VeZLEan8YpyLeG+b7xGPploU8efl9b+wliar+0H3vnLpa42vzFyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcSnI8Ur//ZH1bjiqMalH7sw9PsDv9w7ZvzpD9lPWfb5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsWL755Iy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaERPRyZX+h906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDUn4r4fqRo/EHzzrpaRKTq344T5S/nonm4zE9Gc6jMl6J5MWerylrzWw+h/exOXyrix5Giv/72nQuer39f59Odr0G89c2NT5+pdfJQd+PA+/1PHD92YWjkc0/vtJy2a8DgpfbMrduN8eGRkbGe1bV89E/2rBvIxy32putExMIbb77emp6emr//hfIrsIvqj9BCqn1cemqhWojagWjGw+n7JvWHdYNiX5XP//cixW+/++/dB37n+V+PX+p8uvOEj5//ycbz/8WtO7rH539ta738/C+f6ds9/5/sWfdi/t1IXy2ivnhzru94RH3hjTdPtm+2bkzdmJo5d+rUl4eGvnz2VN/hiPr19vRUz9KenC4AAAAAAAAAAAAAAACABycV8buRovXjtdSIiNvVeK2BC0PPnnzmUByqxlttGrf92tiVi42XZ2/OzU8tLExNNsZn2tdmJ6fu9XD1arjX+PDIvnTmQx3Z5/Yfqb88O/fGfPvGHy5uu/1o/eLVhcX51rXtN8eRKCKavWsGqwaPD49UjZ5ut2aqqqPbDqb/6PpSEf8RKa6da6TP53V5/P/WEf6bxv8vbd3RHo7//9zRjfF/n+gpWh4zpSJ+Hil+6y+ejs9X7Twad52zXO5vIsXg+c/mcnG4LNdtQ+e9Ap2RgWXZ/4kU//CLzWW74yGf3Ch7+iOd3EdAef2PRYrv/9l349fzus3vf9j++h/duqN9ev/DUz3rjm56X8Guu06+/icjxUtPvh2/Ua35vw98/0f33RsnOoU33s+xT9f/V3vWDeTj/uZedR4AAAAAAAAAAOAR1peK+NtI8cORWnohr7uXv/83uXVH+/T3vz7Vs25yb+Yr+tCFXZ9UAAAAADgg+lIRP4kUNxbfvjOGevP4757xn7+zMf5zOG3ZWv05369U7w3Yyz//6zWQjzux+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dQnqvH8kzvOp74SKV75r+dyuXS8LNedB36g+rV+eXbm5MXp6dl6LLauTk81xuZa16bKuk9FirW//myuW1Tzq3fnm+/M8b4xF/t8pBj5u27Zzlzs3bnJn9ooe7os+4lI8Z9/v7lsnpo6zx1dlT1Tlv2rSPH1f9q+7PGNsmfLst+NFD/6eqNb9mhZtvt+1E9tlH3+2myxD1cFAAAAAAAAAAAAAAAAAACAj5u+VMSfRor/vrl8Zyx/nv+/r+dj5a1v9sz3v8Xtap7/gWr+/52W72f+/+q9Aks7HRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5PKYp4M1LMXV5LK/3l5476pfbMrdvjwyPbVzuSqpqHqvLlT/30mbPnvvTC0PlufnD9vfbpeG3sysXGy7M35+anFhamJhvjM+1rs5NT97yH3dbfarA6AY2br9+avH59oXHm+bObNt8eeL//ieMDF4aePflMt+z48MjIWE+ZWt99H/0uaYf1h6OIv4wUz33vp+mH/RFF7P5cfMh3Z78dqToxWHVifHik6sh0uzWzWG4c7Z6IIqLRU6nZPUcP4FrsSjNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbfvbu+KOL1SPGdY2vpn/sjDnXPwxcvj3311Jmd21HsYx/vQdnORl/EcvEIXLMDrD+K+MdI8bN3TsS/9EfUovMTX4h4tcwfRLwVneudyi/GuYj3tvke8WiqRRH/W17/C2vpnf7yftC9r1z6WuMrM9dne8p27yuP/PPhQTrg96Z6FPGj6o6/lv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxYpXnz3RKrGB98ZU9yeudG40ro63RnW1x371x0zvb6+vt5InWzmnMi5lHM550rO1ZxR5Po5m2XW19cn8uelnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ2DwAAAAAAAAAAAAAAAAAAeLwU1T8pvv2NtbTe35lfeiI6uWI+0Mfe/wcAAP//dsP5HA==") 2.555692751s ago: executing program 1 (id=17388): r0 = socket$kcm(0x11, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000600)=@hci={0x1f, 0x2f89, 0x31}, 0x80, 0x0}, 0x0) 2.416493679s ago: executing program 1 (id=17392): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000f8ffffff00000000000000008500000036000000850000000500000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000040)="f7edad00"/14, 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 2.185824743s ago: executing program 1 (id=17397): r0 = syz_usb_connect(0x0, 0x48, &(0x7f0000000000)=ANY=[@ANYBLOB="120100004e4aa92082051600578e01020301090236000200000000090400f50003ed02000905030000000000000904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) 1.555804169s ago: executing program 3 (id=17407): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) preadv2(r0, &(0x7f0000019080)=[{&(0x7f0000019100)=""/133, 0x85}], 0x1, 0xf, 0xba3f, 0x8) 1.309614274s ago: executing program 3 (id=17410): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_int(r0, 0x0, 0x33, 0x0, 0x0) 1.142415373s ago: executing program 0 (id=17412): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0xa73a, 0x70, 0x6, 0x0, 0x1, 0x9}, 0x50) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r0, 0x0}, 0x1c) 1.111746005s ago: executing program 3 (id=17413): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x1010000, &(0x7f0000000240)={[{@iocharset={'iocharset', 0x3d, 'cp864'}}, {@iocharset={'iocharset', 0x3d, 'ascii'}}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@iocharset={'iocharset', 0x3d, 'maccenteuro'}}, {@utf8}, {@utf8no}, {@uni_xlate}, {@uni_xlateno}, {@shortname_winnt}, {@shortname_winnt}, {@fat=@codepage={'codepage', 0x3d, '737'}}, {@utf8no}, {@uni_xlate}, {@utf8no}, {@fat=@check_strict}, {@iocharset={'iocharset', 0x3d, 'cp932'}}]}, 0x1, 0x36b, &(0x7f0000000500)="$eJzs3U1oY0UcAPB/+tKkXdD2JgpC9CZo2e5NL7ZIFxZ7UQl+HMTgdlWSKrRYbA+b1oPiUfCoJ28KevAgHkVQxJsHr64gq+JB97bg4kjy8vGapN3uYivF3w+aTGfmP/N/HySv4WX6wlI0L07HpWvXrsbMTCnKS48txfVSzEcWfbsxrjKhDgA4Ha6nFH+m3GjbzOSQ0gmkBQAco+77/0sRUYv5vObNrw/rn7z7A8Cp1/v7f/awPgd8DhDx2rGkBAAcs7HP/+/f11zp/pT7v5YLdwUAAKfVU88+9/jyasSTtdpMxPrbW/WtejwybF++FK9EK9bibMzFjYj8QqHzUOo+nr+wunK2Vqu145f5qEfEVC+wnl8pLGfd+GosxlzM9+J7Vxsppez8Z6sri7WuiNhtd+eP9dJWfTrO9Ob/8UysDS88+oN0nyIurK6cq/UGqK/349sRe8MbFTr5L8RcfP/iYJiU+ncwrq5cXuwnPYzfqlfj4mAvHPgJCAAAAAAAAAAAAAAAAAAAAAAA3JaF2sD8YP2c1HnOV8pZWJjQ3l0fJ4/vrQ+0l68PlKopUvrjjYfq72Sxb32g0fV5tiwkCAAAAAAAAAAAAAAAAAAAAAOb25VotFprG5vbO81iob2xuT0VEZ2aV7/95KvZGO9zk0I5n6IaMZii1pt2p9lIWb9zyiLGw7PO5P2ajz4fZFzsUx1sxcQ0qgc3tVp33Pfz+8Oae7P+yH8P+2QxeQOzQhqPjoy8fmee0q3sqEHhXLGmOj77lZRSoeatYvjl58cHjFJE+dYP3E5zKg7ukzqFb66+fHd/7ze+TLkHHpx7+sp7H/7WbLQ6M0f3CFY2Nm+kZqPU73yE2XvDpe4hGJ4bpcgLpeKZUD5swL39NY3sh9+fuefd7462E1Kx5vXO+TzSJ8s359PR8Epe6KQ50jQ7DJ/ubURrbXrCyX+zwm0c07s++OLjlH769chTDE2NvWyU/p1XHwAAAAAAAAAAAAAAAAAAoKjwXfHel67becP0YVEPP3FC6QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiRj+//9CYW83RmqOUvirPSGquraxGVH5rzcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/uX8CAAD//3wwZok=") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x1) 1.02214927s ago: executing program 0 (id=17414): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000009c0)=@nat={'nat\x00', 0x670, 0x5, 0x480, 0x218, 0xf0, 0xfeffffff, 0x218, 0x218, 0x3e8, 0x3e8, 0xffffffff, 0x3e8, 0x3e8, 0x5, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0xffffffff, 0x0, 'veth0_to_bond\x00', 'caif0\x00', {}, {}, 0x6}, 0x0, 0xc8, 0xf0, 0x0, {}, [@common=@inet=@socket3={{0x28}, 0x2}, @common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x10}}]}, @common=@inet=@TCPMSS={0x28}}, {{@uncond, 0x0, 0xf0, 0x128, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x0, 0x0, 0x6]}}}, @common=@set={{0x40}}]}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0xc, @local, @multicast2, @gre_key, @gre_key=0x8001}}}}, {{@ip={@loopback, @rand_addr, 0x0, 0x0, 'lo\x00', 'ip6tnl0\x00'}, 0x0, 0xc0, 0xf8, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x2, 0x5, [0x4e24, 0x4e23, 0x4e24, 0x4e21, 0x4e24, 0x4e23, 0x4e25, 0x4e20, 0x4e20, 0x4e23, 0x4e21, 0x4e24, 0x4e21, 0x4e23], [0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1]}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id}}}}, {{@ip={@broadcast, @broadcast, 0x0, 0x0, 'pim6reg0\x00', 'wlan0\x00'}, 0x0, 0x90, 0xd8, 0x0, {}, [@common=@socket0={{0x20}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv6=@private2, @ipv4=@dev, @port, @gre_key}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4e0) 983.803273ms ago: executing program 2 (id=17415): r0 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x11, @loopback, 0x0, 0x0, 'lblcr\x00', 0x32, 0x0, 0xfffffffc}, 0x2c) 742.348417ms ago: executing program 2 (id=17416): r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r0, 0x10d, 0xd4, &(0x7f0000000000), &(0x7f0000000240)=0x4) 735.671307ms ago: executing program 0 (id=17417): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x121342, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) 553.176338ms ago: executing program 2 (id=17418): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000340)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x0, 0x30, 0x30, 0x0, @in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, @ib={0x1b, 0xfffd, 0x0, {'\x00\a\x00'}, 0x800000, 0x40000000, 0x8}}}, 0x118) 506.80134ms ago: executing program 0 (id=17419): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_ADD(r0, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f00000011c0)={0x268, 0x0, 0x5, 0x401, 0x0, 0x0, {0x3, 0x0, 0x3}, [{{0x254, 0x1, {{0x2, 0x8}, 0xd0, 0x53, 0x4, 0x4ab, 0x1d, 'syz1\x00', "0a4d7c03d98b4aaf490edd807204461a20ae4d4e8a4428857f3a5b4bdabfe5e4", "da85b7253095392784e8d65c6b563112e1c292038a93005253bdf09526ae9b98", [{0x9, 0x81, {0x3}}, {0x5, 0x8, {0x2, 0xa85}}, {0x4, 0x0, {0x0, 0x6}}, {0x38f6, 0xab, {0x3, 0xfffffffb}}, {0x1, 0x1, {0x0, 0x616}}, {0x6, 0x87}, {0x2, 0x8, {0x3, 0x5}}, {0xd, 0x5, {0x0, 0x80}}, {0x7, 0x3, {0x2, 0x401}}, {0x9, 0x6, {0x2, 0x8}}, {0x1ff, 0x1, {0x2}}, {0x0, 0x0, {0x0, 0x9}}, {0x8001, 0xaa, {0x0, 0x7}}, {0x7, 0xf, {0x1, 0xab6}}, {0x9, 0x200, {0x3, 0xa03}}, {0xa93c, 0x1, {0x2, 0x8}}, {0x0, 0x4, {0x2, 0x1}}, {0x7fff, 0x401, {0x2, 0xff}}, {0x5, 0x0, {0x2}}, {0x4, 0x2, {0x3, 0x8}}, {0x2, 0x8, {0x3, 0x1}}, {0x5, 0x9, {0x2, 0x2}}, {0x3, 0x3, {0x3, 0x9}}, {0x2b, 0x1, {0x1, 0x200}}, {0xf6, 0x10, {0x3}}, {0x7, 0x0, {0x0, 0x7}}, {0x8000, 0x10, {0x2, 0x8}}, {0x13e, 0x3, {0x2, 0x7fffffff}}, {0xfc00, 0x6, {0x2}}, {0xfff, 0xfff, {0x2, 0x6}}, {0x0, 0x6, {0x1}}, {0x8, 0x3, {0x2, 0x5}}, {0xffff, 0x40, {0x0, 0x3ff}}, {0xffff, 0x3, {0x1, 0x7}}, {0xc2, 0x4}, {0x5, 0xffff, {0x3, 0x7}}, {0x6, 0x3ff, {0x3, 0x4}}, {0xc000, 0x6, {0x2, 0x6}}, {0x5, 0xc, {0x3, 0x3}}, {0x6, 0xa54, {0x0, 0x2}}]}}}]}, 0x268}, 0x1, 0x0, 0x0, 0x8000000}, 0x4000000) 475.788732ms ago: executing program 3 (id=17420): r0 = socket$kcm(0x2b, 0x1, 0x0) setsockopt$sock_attach_bpf(r0, 0x6, 0xd, 0xfffffffffffffffe, 0x60) 413.532606ms ago: executing program 2 (id=17421): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDDELIO(r0, 0x4b35, 0x3c7) 269.194444ms ago: executing program 0 (id=17422): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5}, @IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x58}}, 0x0) 268.480584ms ago: executing program 2 (id=17423): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14004051}}, {{&(0x7f00000000c0)=@file={0x1, './cgroup\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x40080}}], 0x2, 0x0) 239.005966ms ago: executing program 1 (id=17424): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="600000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0131010000000000400012800e00010069703665727370616e0000002c0002801400050000000000000000000000ffff7f00000108001500b9c20a0804001200050016"], 0x60}}, 0x0) 227.442987ms ago: executing program 3 (id=17425): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x58, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5, 0x14, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}]}, 0x58}}, 0x0) 86.393555ms ago: executing program 2 (id=17426): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000300)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x22000c0, &(0x7f0000000080)={[{@codepage={'codepage', 0x3d, 'cp437'}}, {@dir_umask={'dir_umask', 0x3d, 0x14a}}]}, 0x4, 0x335, &(0x7f0000000880)="$eJzs3U1r1E4cB/DvJNnd7L+l/9hWCp6kWvBU2npQvFikePENeJBibbdQGitoBS2I1bOIN0Hw6M2z6FvQi/gG9NSDeNJL8WBkJpPN7DqTfehDWvb7AXdjMg+/STLJzC7bgIgG1pWFr2/O78h/ogLAB3AJ8ACEQADgJCbC+xubHQvym0sCaU7xT5rljYYtawidIy8pQIBhYx0dkCRJkm8dU/08lFioPMLswQYPqOneqbaHhx7ZwdhO2zVYjCMsdrGLBxgpMxwiIiqfqKm7g6fvEsN6/O55wJQehx/3+3/L+Ga3vDiOhOb930v/nwi5f/5Xm+R8b20zbqykUzh59L1slmgry3pOJPnuriI9s/whY8hl1GKnYvHqq2txY3pbFfAUlzUj2bh6XUHWEMUVbTV9m7TMTQsUtb3YkGpDRbZhzhH/WFGN1gnwh+94aa9u8VMXMYmP4rNYFBFeYaU5/gsSIXeO2j9RW1dJ459xl6haGaWpWlqZh39CVXIqOwLv3+atrLv2a2ifkUAfR9E+fo+yOF9U3bkwitaPFdLWzbpbp3KNAYFQswYz11wz0W9rrvH2uuqrlbgxvXwndp30+8u6/8RzcV1M4gfeYcEY/3sy9RTcPbOllwuVUp8Zhe0JVMqoi2hVB77dU88k5aqzo7g9wy1cxMi9h1vrS3HcuFv+QtZV+sx+ep/jSU9EfTrKNfLdSINQLlQA7Fulf5IksW4K0HuBPnoNo6KaeuF13uSt9SWhr3l7a6C8crZtmncnBjAPQK/Jrgj91P64mauWF9hV9l/yaKs19hMyi+oQOkhWVcsmH7Wuekq9j0qvPVpfijteQY7xVIAy+UHHxI2yg6EyyHGXSOd/xnxlRl115EtUMP9JOhVulDjrmAGNqtf/upvBNYt1jhOHsoUOc64z54CzbTV6yGp80l5spOPEUfxWsvevMsQCvuAmP/8nIiIiIiIiIiIiIiIiIiIiIiIiIjpuev01Qj8/J2itcWcA//AGEREREREREREREREREREREREREREREdHeGM//BXz1xJiq7fm/RU9qUvz0gQDh3p//i8jv4vm/YruHVhKRzd8AAAD//+GuXfk=") syz_mount_image$fuse(0x0, &(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4000, 0x0, 0x0, 0x0, 0x0) 45.576897ms ago: executing program 0 (id=17427): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x10000, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0xc, 0x1, 0x3, "90ec130c566327bf25fa595321b2a4ef45f07a0bf4519563728b9540968ca259", 0x20385655}) 16.468939ms ago: executing program 3 (id=17428): r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000140)={0x84, 0x81, 0x4, 0x3, 0x13, "b893a58663e28c84ecbf5c2ebbe6c95b6a794d"}) 0s ago: executing program 1 (id=17429): r0 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a3000000000080041007369770014"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0) kernel console output (not intermixed with test programs): w route [ 1382.437274][ T5767] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1382.648362][ T788] usb 3-1: new high-speed USB device number 91 using dummy_hcd [ 1382.858255][ T788] usb 3-1: config 27 interface 0 altsetting 0 has an invalid endpoint with address 0x98, skipping [ 1382.874086][ T788] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 47025, setting to 1024 [ 1382.906430][ T788] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024 [ 1382.937351][ T788] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1382.968029][ T788] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1383.029920][ T8198] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1383.041307][ T788] usb 3-1: Quirk or no altest; falling back to MIDI 1.0 [ 1383.075510][ T788] usb 3-1: invalid MIDI in EP 0 [ 1383.266732][ T788] snd-usb-audio: probe of 3-1:27.0 failed with error -22 [ 1383.305665][ T788] usb 3-1: USB disconnect, device number 91 [ 1383.328010][T23246] usb 2-1: new full-speed USB device number 94 using dummy_hcd [ 1383.543954][T23246] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1383.561937][T23246] usb 2-1: not running at top speed; connect to a high speed hub [ 1383.582401][T23246] usb 2-1: config 0 has an invalid interface number: 88 but max is 0 [ 1383.608074][T23246] usb 2-1: config 0 has no interface number 0 [ 1383.624577][T23246] usb 2-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 10 [ 1383.671049][T23246] usb 2-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0 [ 1383.697214][T23246] usb 2-1: config 0 interface 88 has no altsetting 0 [ 1383.709318][T23246] usb 2-1: string descriptor 0 read error: -22 [ 1383.715685][T23246] usb 2-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31 [ 1383.727280][T23246] usb 2-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3 [ 1383.745248][T23246] usb 2-1: config 0 descriptor?? [ 1383.774063][T23246] input: USB Acecad Flair Tablet 0460:0004 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.88/input/input65 [ 1383.866654][T23246] input: failed to attach handler mousedev to device input65, error: -5 [ 1384.078802][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1384.138265][ T5956] udevd[5956]: Error opening device "/dev/input/event4": Input/output error [ 1384.143677][T23246] usb 2-1: USB disconnect, device number 94 [ 1384.178215][ T5956] udevd[5956]: Unable to EVIOCGABS device "/dev/input/event4" [ 1384.192050][ T5956] udevd[5956]: Unable to EVIOCGABS device "/dev/input/event4" [ 1384.227912][ T5956] udevd[5956]: Assertion 'close_nointr(fd) != -EBADF' failed at util.c:228, function safe_close(). Aborting. [ 1384.319910][ T5137] udevd[5137]: worker [5956] terminated by signal 6 (Aborted) [ 1384.327624][ T5137] udevd[5137]: worker [5956] failed while handling '/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.88/input/input65/event4' [ 1384.563983][ T8258] loop2: detected capacity change from 0 to 1024 [ 1384.574665][ T8258] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1384.619971][ T8258] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1384.708383][ T8258] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #11: comm syz.2.15573: missing EA_INODE flag [ 1384.764324][ T8258] EXT4-fs (loop2): Remounting filesystem read-only [ 1384.905471][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1385.095127][ T8275] loop1: detected capacity change from 0 to 128 [ 1385.117219][ T8275] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 1385.146002][ T8275] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 1385.207850][T23246] usb 1-1: new high-speed USB device number 96 using dummy_hcd [ 1385.215883][ T8275] EXT4-fs (loop1): ext4_remount: Checksum for group 0 failed (30846!=65535) [ 1385.335426][ T5767] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1385.400138][T23246] usb 1-1: Using ep0 maxpacket: 8 [ 1385.430616][T23246] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1385.433612][ T8284] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.15584'. [ 1385.452902][ T8284] openvswitch: netlink: Key type 2832 is out of range max 32 [ 1385.471874][T23246] usb 1-1: New USB device found, idVendor=0421, idProduct=798f, bcdDevice=86.54 [ 1385.481735][ T28] audit: type=1326 audit(2000000684.231:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8285 comm="syz.1.15583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1385.522201][T23246] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1385.531036][ T28] audit: type=1326 audit(2000000684.231:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8285 comm="syz.1.15583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1385.534473][T23246] usb 1-1: Product: syz [ 1385.553485][ C1] vkms_vblank_simulate: vblank timer overrun [ 1385.586043][T23246] usb 1-1: Manufacturer: syz [ 1385.593117][ T28] audit: type=1326 audit(2000000684.241:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8285 comm="syz.1.15583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1385.598591][T23246] usb 1-1: SerialNumber: syz [ 1385.615473][ C1] vkms_vblank_simulate: vblank timer overrun [ 1385.657889][T23251] usb 3-1: new high-speed USB device number 92 using dummy_hcd [ 1385.669913][ T28] audit: type=1326 audit(2000000684.241:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8285 comm="syz.1.15583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1385.686971][T23246] usb 1-1: config 0 descriptor?? [ 1385.709238][ T28] audit: type=1326 audit(2000000684.241:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8285 comm="syz.1.15583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1385.711465][T23246] cdc_phonet 1-1:0.0: invalid descriptor buffer length [ 1385.753317][T23246] cdc_phonet: probe of 1-1:0.0 failed with error -22 [ 1385.851877][T23251] usb 3-1: config 0 has an invalid interface number: 170 but max is 0 [ 1385.868787][T23251] usb 3-1: config 0 has no interface number 0 [ 1385.874983][T23251] usb 3-1: config 0 interface 170 altsetting 100 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1385.899767][T23251] usb 3-1: config 0 interface 170 has no altsetting 0 [ 1385.906878][T23251] usb 3-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 1385.934344][T23251] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1385.994452][T23251] usb 3-1: config 0 descriptor?? [ 1386.014666][ T788] usb 1-1: USB disconnect, device number 96 [ 1386.033941][ T8294] loop1: detected capacity change from 0 to 512 [ 1386.062537][ T8294] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 1386.095045][ T8294] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.15588: bg 0: block 255: padding at end of block bitmap is not set [ 1386.128508][ T8294] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6653: Corrupt filesystem [ 1386.147560][ T8294] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.15588: invalid indirect mapped block 1 (level 1) [ 1386.185959][ T8294] EXT4-fs (loop1): 1 truncate cleaned up [ 1386.193795][ T8294] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1386.232522][T23251] usb 3-1: string descriptor 0 read error: -71 [ 1386.240283][T23251] ums-realtek 3-1:0.170: USB Mass Storage device detected [ 1386.326902][T23251] usb 3-1: unknown interface protocol 0x83, assuming v1 [ 1386.343342][T23251] usb 3-1: cannot find UAC_HEADER [ 1386.412630][T23251] snd-usb-audio: probe of 3-1:0.170 failed with error -22 [ 1386.439370][T23251] usb 3-1: USB disconnect, device number 92 [ 1386.468304][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1386.649737][ T8299] netlink: 92 bytes leftover after parsing attributes in process `syz.1.15589'. [ 1386.673647][ T8299] netlink: 40 bytes leftover after parsing attributes in process `syz.1.15589'. [ 1386.776434][ T8303] netlink: 44 bytes leftover after parsing attributes in process `syz.3.15591'. [ 1387.070454][ T8312] loop3: detected capacity change from 0 to 64 [ 1387.896124][ T8345] loop0: detected capacity change from 0 to 128 [ 1387.999922][ T8345] FAT-fs (loop0): error, invalid access to FAT (entry 0x0fff0000) [ 1388.041556][ T8345] FAT-fs (loop0): Filesystem has been set read-only [ 1388.173110][ T8354] usb usb8: usbfs: interface 0 claimed by hub while 'syz.1.15614' sets config #0 [ 1388.335715][ T8357] loop0: detected capacity change from 0 to 64 [ 1388.416240][ T8357] Trying to free block not in datazone [ 1388.736896][ T8372] (unnamed net_device) (uninitialized): option lacp_active: invalid value (2) [ 1388.862781][ T8374] 9pnet_fd: Insufficient options for proto=fd [ 1388.945197][ T8379] IPv6: NLM_F_CREATE should be specified when creating new route [ 1388.963443][ T8379] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1388.970865][ T8379] IPv6: NLM_F_CREATE should be set when creating new route [ 1389.090467][ T8383] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15632'. [ 1389.122021][ T8386] loop1: detected capacity change from 0 to 256 [ 1389.179015][ T8388] loop2: detected capacity change from 0 to 256 [ 1389.289804][ T8386] FAT-fs (loop1): Directory bread(block 64) failed [ 1389.296426][ T8386] FAT-fs (loop1): Directory bread(block 65) failed [ 1389.315465][ T8391] loop0: detected capacity change from 0 to 512 [ 1389.329306][ T8386] FAT-fs (loop1): Directory bread(block 66) failed [ 1389.336115][ T8386] FAT-fs (loop1): Directory bread(block 67) failed [ 1389.398344][ T8386] FAT-fs (loop1): Directory bread(block 68) failed [ 1389.405056][ T8386] FAT-fs (loop1): Directory bread(block 69) failed [ 1389.432724][ T8386] FAT-fs (loop1): Directory bread(block 70) failed [ 1389.445026][ T8386] FAT-fs (loop1): Directory bread(block 71) failed [ 1389.461696][ T8386] FAT-fs (loop1): Directory bread(block 72) failed [ 1389.489719][ T8386] FAT-fs (loop1): Directory bread(block 73) failed [ 1389.520256][ T8394] loop2: detected capacity change from 0 to 64 [ 1389.933698][ T8404] xt_hashlimit: invalid rate [ 1390.382365][ T8419] cgroup: name respecified [ 1390.594303][ T8427] loop3: detected capacity change from 0 to 1024 [ 1390.846868][ T8435] overlayfs: missing 'workdir' [ 1390.960600][ T8440] netlink: 4 bytes leftover after parsing attributes in process `syz.1.15659'. [ 1391.477284][ T28] audit: type=1326 audit(2000000690.231:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8456 comm="syz.2.15675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1391.543131][ T28] audit: type=1326 audit(2000000690.231:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8456 comm="syz.2.15675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1391.627480][ T28] audit: type=1326 audit(2000000690.231:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8456 comm="syz.2.15675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1391.707425][ T28] audit: type=1326 audit(2000000690.231:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8456 comm="syz.2.15675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1391.825214][ T8471] netlink: 'syz.2.15673': attribute type 2 has an invalid length. [ 1391.848082][ T8471] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1392.064053][ T8479] loop2: detected capacity change from 0 to 16 [ 1392.083975][ T8479] erofs: (device loop2): mounted with root inode @ nid 36. [ 1392.147451][ T8479] syz.2.15678: attempt to access beyond end of device [ 1392.147451][ T8479] loop2: rw=0, sector=32, nr_sectors = 8 limit=16 [ 1392.538105][ T8493] netlink: 'syz.0.15685': attribute type 2 has an invalid length. [ 1392.862791][ T8505] bridge12: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 1393.275409][ T8520] netlink: 12 bytes leftover after parsing attributes in process `syz.0.15698'. [ 1393.776450][ T8533] loop1: detected capacity change from 0 to 4096 [ 1393.924643][ T8523] loop2: detected capacity change from 0 to 32768 [ 1394.079776][ T8541] netlink: 'syz.3.15708': attribute type 1 has an invalid length. [ 1394.839028][ T28] audit: type=1326 audit(2000000693.581:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8561 comm="syz.3.15719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3e79aeb9 code=0x7ffc0000 [ 1394.927898][ T28] audit: type=1326 audit(2000000693.581:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8561 comm="syz.3.15719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3e79aeb9 code=0x7ffc0000 [ 1394.994080][ T8570] loop1: detected capacity change from 0 to 256 [ 1395.034358][ T28] audit: type=1326 audit(2000000693.671:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8561 comm="syz.3.15719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f2d3e79aeb9 code=0x7ffc0000 [ 1395.046367][ T8570] FAT-fs (loop1): Directory bread(block 64) failed [ 1395.077888][ T8572] netlink: 12 bytes leftover after parsing attributes in process `syz.3.15723'. [ 1395.082942][ T8570] FAT-fs (loop1): Directory bread(block 65) failed [ 1395.094461][ T8572] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 1395.138475][ T28] audit: type=1326 audit(2000000693.671:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8561 comm="syz.3.15719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3e79aeb9 code=0x7ffc0000 [ 1395.175645][ T8570] FAT-fs (loop1): Directory bread(block 66) failed [ 1395.184115][ T8570] FAT-fs (loop1): Directory bread(block 67) failed [ 1395.211601][ T8570] FAT-fs (loop1): Directory bread(block 68) failed [ 1395.227829][ T8570] FAT-fs (loop1): Directory bread(block 69) failed [ 1395.234616][ T8570] FAT-fs (loop1): Directory bread(block 70) failed [ 1395.252174][ T8570] FAT-fs (loop1): Directory bread(block 71) failed [ 1395.255377][ T8577] netlink: 32 bytes leftover after parsing attributes in process `syz.0.15724'. [ 1395.260141][ T8570] FAT-fs (loop1): Directory bread(block 72) failed [ 1395.275060][ T8570] FAT-fs (loop1): Directory bread(block 73) failed [ 1395.298171][ T8578] tmpfs: Bad value for 'grpquota_block_hardlimit' [ 1395.520698][ T28] audit: type=1800 audit(2000000694.281:551): pid=8570 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.15722" name="bus" dev="loop1" ino=1048776 res=0 errno=0 [ 1395.742801][ T8591] loop2: detected capacity change from 0 to 2048 [ 1395.792412][ T8591] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1395.883874][ T8598] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1396.368061][ T788] usb 4-1: new full-speed USB device number 104 using dummy_hcd [ 1396.565374][ T788] usb 4-1: config 0 has an invalid interface number: 52 but max is 0 [ 1396.573862][ T788] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1396.595188][ T788] usb 4-1: config 0 has no interface number 0 [ 1396.621999][ T788] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 10 [ 1396.667925][ T788] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0 [ 1396.687014][ T788] usb 4-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1396.717908][ T788] usb 4-1: config 0 interface 52 has no altsetting 0 [ 1396.729464][ T788] usb 4-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice= 0.00 [ 1396.756880][ T788] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=35 [ 1396.771811][ T8627] loop0: detected capacity change from 0 to 256 [ 1396.786593][ T788] usb 4-1: SerialNumber: syz [ 1396.795509][ T788] usb 4-1: config 0 descriptor?? [ 1397.013087][ T8633] loop2: detected capacity change from 0 to 1024 [ 1397.059258][ T788] synaptics_usb 4-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 1397.073255][ T788] synaptics_usb: probe of 4-1:0.52 failed with error -5 [ 1397.296213][T14660] usb 4-1: USB disconnect, device number 104 [ 1398.477552][ T28] audit: type=1400 audit(2000000697.231:552): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=8681 comm="syz.1.15777" [ 1398.578091][T23251] usb 4-1: new high-speed USB device number 105 using dummy_hcd [ 1398.772769][T23251] usb 4-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 1398.806347][T23251] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1398.827769][T23251] usb 4-1: Product: syz [ 1398.828011][ T8696] netlink: 'syz.1.15782': attribute type 1 has an invalid length. [ 1398.831987][T23251] usb 4-1: Manufacturer: syz [ 1398.832012][T23251] usb 4-1: SerialNumber: syz [ 1398.836035][T23251] usb 4-1: config 0 descriptor?? [ 1398.879280][T23251] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 1399.212082][ T28] audit: type=1326 audit(2000000697.971:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.1.15787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1399.258048][T14660] usb 3-1: new full-speed USB device number 93 using dummy_hcd [ 1399.265812][ T28] audit: type=1326 audit(2000000697.971:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.1.15787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1399.287900][T23251] usb 4-1: USB disconnect, device number 105 [ 1399.323607][ T28] audit: type=1326 audit(2000000697.971:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.1.15787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1399.372618][ T28] audit: type=1326 audit(2000000697.971:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8703 comm="syz.1.15787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1399.430609][ T8692] loop0: detected capacity change from 0 to 32768 [ 1399.453704][ T8692] (syz.0.15781,8692,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1399.471397][ T8692] (syz.0.15781,8692,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1399.501437][T14660] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1399.530695][T14660] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1399.545592][T14660] usb 3-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice= 1.00 [ 1399.558599][T14660] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1399.587674][ T8692] JBD2: Ignoring recovery information on journal [ 1399.609545][T14660] usb 3-1: config 0 descriptor?? [ 1399.660549][T14660] xbox_remote_probe: endpoint_in message size==0? [ 1399.686146][ T8692] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 1399.855196][T14660] usbhid 3-1:0.0: can't add hid device: -71 [ 1399.864848][T14660] usbhid: probe of 3-1:0.0 failed with error -71 [ 1399.897493][T14660] usb 3-1: USB disconnect, device number 93 [ 1400.005855][ T28] audit: type=1326 audit(2000000698.761:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8717 comm="syz.1.15794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1400.036699][ T28] audit: type=1326 audit(2000000698.761:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8717 comm="syz.1.15794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1400.074038][ T28] audit: type=1326 audit(2000000698.791:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8717 comm="syz.1.15794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1400.104186][ T28] audit: type=1326 audit(2000000698.791:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8717 comm="syz.1.15794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1400.140045][ T28] audit: type=1326 audit(2000000698.821:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8717 comm="syz.1.15794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1400.213031][ T8722] loop3: detected capacity change from 0 to 256 [ 1400.246690][ T5769] ocfs2: Unmounting device (7,0) on (node local) [ 1400.317984][ T8722] FAT-fs (loop3): Directory bread(block 64) failed [ 1400.328037][ T8722] FAT-fs (loop3): Directory bread(block 65) failed [ 1400.344717][ T8722] FAT-fs (loop3): Directory bread(block 66) failed [ 1400.366446][ T8722] FAT-fs (loop3): Directory bread(block 67) failed [ 1400.402834][ T8722] FAT-fs (loop3): Directory bread(block 68) failed [ 1400.463508][ T8722] FAT-fs (loop3): Directory bread(block 69) failed [ 1400.484634][ T8722] FAT-fs (loop3): Directory bread(block 70) failed [ 1400.503392][ T8722] FAT-fs (loop3): Directory bread(block 71) failed [ 1400.518879][ T8722] FAT-fs (loop3): Directory bread(block 72) failed [ 1400.545859][ T8722] FAT-fs (loop3): Directory bread(block 73) failed [ 1400.871945][ T8730] loop0: detected capacity change from 0 to 2048 [ 1400.925728][ T8730] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1401.378865][ T8746] libceph: resolve '. [ 1401.378865][ T8746] #)|.زf͹Dza×ïÅ2sˆoÖw¿úÕ?£'Ê%ÐKAq‰f»CÖê¨Âz¿e­Sb3L)Hyúo¤¶ÿÿÿÿÿÿÿ÷ǤÜYšM¤¨ìó¤h‡E$ [ 1401.378865][ T8746] ' (ret=-3): failed [ 1402.221495][ T8743] loop2: detected capacity change from 0 to 32768 [ 1402.434541][ T8750] loop1: detected capacity change from 0 to 32768 [ 1402.566561][ T8750] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1402.849834][ T8750] XFS (loop1): Ending clean mount [ 1402.889170][ T8750] XFS (loop1): Quotacheck needed: Please wait. [ 1403.028057][ T8750] XFS (loop1): Quotacheck: Done. [ 1403.206862][ T5767] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1403.991381][ T8821] loop1: detected capacity change from 0 to 64 [ 1404.806182][ T8853] loop1: detected capacity change from 0 to 164 [ 1404.884254][ T4452] ip6_tunnel: ip6gretap4 xmit: Local address not yet configured! [ 1404.953676][ T8857] loop3: detected capacity change from 0 to 1024 [ 1405.128203][ T2888] ip6_tunnel: ip6gretap4 xmit: Local address not yet configured! [ 1405.194939][T29595] hfsplus: b-tree write err: -5, ino 4 [ 1405.598683][ T8877] netlink: 'syz.1.15868': attribute type 8 has an invalid length. [ 1405.708075][T23251] usb 1-1: new high-speed USB device number 97 using dummy_hcd [ 1405.799095][T14660] ip6_tunnel: ip6gretap4 xmit: Local address not yet configured! [ 1405.918864][T23251] usb 1-1: config 0 has an invalid interface number: 117 but max is 0 [ 1405.927210][T23251] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1405.965659][T23251] usb 1-1: config 0 has no interface number 0 [ 1405.973640][T23251] usb 1-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 1406.015029][T23251] usb 1-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1406.038773][T23251] usb 1-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 1406.055346][T23251] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1406.064156][T23251] usb 1-1: Product: syz [ 1406.075021][T23251] usb 1-1: Manufacturer: syz [ 1406.080016][T23251] usb 1-1: SerialNumber: syz [ 1406.091799][T23251] usb 1-1: config 0 descriptor?? [ 1406.200026][ T67] ip6_tunnel: ip6gretap4 xmit: Local address not yet configured! [ 1406.230519][ T67] ip6_tunnel: ip6gretap4 xmit: Local address not yet configured! [ 1406.513939][T23251] usbtouchscreen: probe of 1-1:0.117 failed with error -71 [ 1406.552863][T23251] usb 1-1: USB disconnect, device number 97 [ 1406.584512][ T8907] loop2: detected capacity change from 0 to 4096 [ 1406.606328][ T8907] __ntfs_warning: 308 callbacks suppressed [ 1406.606348][ T8907] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1406.637880][ T4452] usb 4-1: new full-speed USB device number 106 using dummy_hcd [ 1406.656806][ T8907] ntfs: (device loop2): ntfs_read_locked_inode(): Corrupt standard information attribute in inode. [ 1406.668900][ T8907] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1406.683507][ T8907] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1406.704009][ T8907] ntfs: volume version 3.1. [ 1406.836153][ T4452] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1406.845218][ T4452] usb 4-1: not running at top speed; connect to a high speed hub [ 1406.848080][ T5771] ntfs: (device loop2): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 1406.854685][ T4452] usb 4-1: config 0 has an invalid interface number: 88 but max is 0 [ 1406.894098][ T4452] usb 4-1: config 0 has no interface number 0 [ 1406.904272][ T4452] usb 4-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 10 [ 1406.918142][T14660] ip6_tunnel: ip6gretap4 xmit: Local address not yet configured! [ 1406.957409][ T4452] usb 4-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0 [ 1406.973216][ T4452] usb 4-1: config 0 interface 88 has no altsetting 0 [ 1406.988400][ T4452] usb 4-1: string descriptor 0 read error: -22 [ 1406.995665][ T4452] usb 4-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31 [ 1407.016102][ T4452] usb 4-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3 [ 1407.056274][ T4452] usb 4-1: config 0 descriptor?? [ 1407.118957][ T4452] input: USB Acecad Flair Tablet 0460:0004 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.88/input/input68 [ 1407.249424][ T4452] input: failed to attach handler mousedev to device input68, error: -5 [ 1407.431196][ T4452] usb 4-1: USB disconnect, device number 106 [ 1407.469463][ T6788] udevd[6788]: Error opening device "/dev/input/event4": No such device [ 1407.498483][ T6788] udevd[6788]: Unable to EVIOCGABS device "/dev/input/event4" [ 1407.499061][ T8929] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.15894'. [ 1407.516381][ T6788] udevd[6788]: Unable to EVIOCGABS device "/dev/input/event4" [ 1407.547912][ T8929] openvswitch: netlink: Key type 2832 is out of range max 32 [ 1407.777913][ T788] usb 1-1: new high-speed USB device number 98 using dummy_hcd [ 1407.864652][ T8941] loop1: detected capacity change from 0 to 1024 [ 1407.876003][ T8941] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1407.927377][ T8941] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1407.988478][ T788] usb 1-1: config 0 has an invalid interface number: 69 but max is 0 [ 1408.007500][ T788] usb 1-1: config 0 has no interface number 0 [ 1408.030681][ T788] usb 1-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 1408.055667][ T8941] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #11: comm syz.1.15900: missing EA_INODE flag [ 1408.091998][ T788] usb 1-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1408.104244][ T8941] EXT4-fs (loop1): Remounting filesystem read-only [ 1408.145473][ T788] usb 1-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 1408.165580][ T788] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1408.177938][ T788] usb 1-1: Product: syz [ 1408.182187][ T788] usb 1-1: Manufacturer: syz [ 1408.186817][ T788] usb 1-1: SerialNumber: syz [ 1408.218588][ T788] usb 1-1: config 0 descriptor?? [ 1408.224629][ T8927] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1408.254154][ T788] cyberjack 1-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 1408.297541][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1408.318429][ T788] usb 1-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 1408.448583][ T8958] netlink: 64 bytes leftover after parsing attributes in process `syz.2.15908'. [ 1408.517530][ T8960] loop1: detected capacity change from 0 to 256 [ 1408.609884][ C1] cyberjack ttyUSB0: cyberjack_read_int_callback - failed resubmitting read urb, error -22 [ 1408.637956][ T8962] x_tables: duplicate underflow at hook 1 [ 1408.638286][ T8960] FAT-fs (loop1): Directory bread(block 64) failed [ 1408.658777][ T8960] FAT-fs (loop1): Directory bread(block 65) failed [ 1408.665737][ T8960] FAT-fs (loop1): Directory bread(block 66) failed [ 1408.673209][ T8960] FAT-fs (loop1): Directory bread(block 67) failed [ 1408.681355][ T8960] FAT-fs (loop1): Directory bread(block 68) failed [ 1408.689368][ T8960] FAT-fs (loop1): Directory bread(block 69) failed [ 1408.696196][ T8960] FAT-fs (loop1): Directory bread(block 70) failed [ 1408.703602][ T8960] FAT-fs (loop1): Directory bread(block 71) failed [ 1408.724949][ T8960] FAT-fs (loop1): Directory bread(block 72) failed [ 1408.739081][ T8960] FAT-fs (loop1): Directory bread(block 73) failed [ 1408.748344][ T28] audit: type=1400 audit(2000000707.501:870): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147C8A3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 1408.813176][ T788] usb 1-1: USB disconnect, device number 98 [ 1408.979301][ T788] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 1408.990919][ T788] cyberjack 1-1:0.69: device disconnected [ 1409.180859][ T8970] xfrm0 speed is unknown, defaulting to 1000 [ 1409.220146][ T8970] C speed is unknown, defaulting to 1000 [ 1409.304461][ T8975] netlink: 80 bytes leftover after parsing attributes in process `syz.1.15916'. [ 1410.198145][ C1] ip6_tunnel: ip6gretap4 xmit: Local address not yet configured! [ 1410.289992][ T9003] loop3: detected capacity change from 0 to 128 [ 1410.342781][ T9003] FAT-fs (loop3): error, invalid access to FAT (entry 0x0fff0000) [ 1410.374777][ T9003] FAT-fs (loop3): Filesystem has been set read-only [ 1410.709427][ T9012] loop1: detected capacity change from 0 to 4096 [ 1410.737840][ T9012] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 1411.426109][ T9024] (unnamed net_device) (uninitialized): option lacp_active: invalid value (2) [ 1411.543801][ T9013] loop3: detected capacity change from 0 to 32768 [ 1411.614158][ T9013] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1411.766977][ T9020] loop0: detected capacity change from 0 to 32768 [ 1411.808513][ T9013] XFS (loop3): Ending clean mount [ 1411.910321][ T9020] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1411.910423][ T9013] XFS (loop3): Quotacheck needed: Please wait. [ 1412.119450][ T9013] XFS (loop3): Quotacheck: Done. [ 1412.130415][ T9020] XFS (loop0): Ending clean mount [ 1412.182102][ T9020] XFS (loop0): Quotacheck needed: Please wait. [ 1412.356303][ T9020] XFS (loop0): Quotacheck: Done. [ 1412.466698][ T5773] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1412.680252][ T5769] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1412.966506][ T9068] block nbd3: NBD_DISCONNECT [ 1413.506029][ T9088] netlink: 4 bytes leftover after parsing attributes in process `syz.1.15963'. [ 1414.074436][ T9108] overlayfs: missing 'workdir' [ 1414.082481][ T9106] netlink: 16 bytes leftover after parsing attributes in process `syz.3.15972'. [ 1416.367860][ T788] usb 4-1: new high-speed USB device number 107 using dummy_hcd [ 1416.391348][ T9155] loop1: detected capacity change from 0 to 32768 [ 1416.448719][ T9179] netlink: 24 bytes leftover after parsing attributes in process `syz.2.16006'. [ 1416.475753][ T9155] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode. [ 1416.569990][ T788] usb 4-1: config 0 has an invalid interface number: 170 but max is 0 [ 1416.578592][ T788] usb 4-1: config 0 has no interface number 0 [ 1416.584800][ T788] usb 4-1: config 0 interface 170 altsetting 100 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1416.608687][ T788] usb 4-1: config 0 interface 170 has no altsetting 0 [ 1416.615995][ T788] usb 4-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 1416.626168][ T788] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1416.640199][ T788] usb 4-1: config 0 descriptor?? [ 1416.799148][ T5767] (syz-executor,5767,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 76 [ 1416.867159][ T788] usb 4-1: string descriptor 0 read error: -71 [ 1416.883989][ T788] ums-realtek 4-1:0.170: USB Mass Storage device detected [ 1416.914730][ T5767] ocfs2: Unmounting device (7,1) on (node local) [ 1416.965616][ T788] usb 4-1: unknown interface protocol 0x83, assuming v1 [ 1416.993576][ T788] usb 4-1: cannot find UAC_HEADER [ 1417.094034][ T9175] loop0: detected capacity change from 0 to 32768 [ 1417.117100][ T788] snd-usb-audio: probe of 4-1:0.170 failed with error -22 [ 1417.164652][ T788] usb 4-1: USB disconnect, device number 107 [ 1417.201230][ T9175] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1417.447195][ T9201] loop1: detected capacity change from 0 to 1024 [ 1417.455169][ T9201] EXT4-fs: Ignoring removed mblk_io_submit option [ 1417.462686][ T9201] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1417.505312][ T9203] netlink: 12 bytes leftover after parsing attributes in process `syz.2.16013'. [ 1417.511752][ T9201] EXT4-fs error (device loop1): ext4_orphan_get:1424: comm syz.1.16009: bad orphan inode 11 [ 1417.538856][ T9201] ext4_test_bit(bit=10, block=4) = 1 [ 1417.544347][ T9201] is_bad_inode(inode)=0 [ 1417.549401][ T9201] NEXT_ORPHAN(inode)=3254779904 [ 1417.554820][ T9201] max_ino=32 [ 1417.559664][ T9201] i_nlink=0 [ 1417.564931][ T9201] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 2: comm syz.1.16009: lblock 2 mapped to illegal pblock 2 (length 1) [ 1417.578217][ T9175] XFS (loop0): Ending clean mount [ 1417.588302][ T9201] Quota error (device loop1): qtree_write_dquot: dquota write failed [ 1417.668126][ T9201] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 48: comm syz.1.16009: lblock 0 mapped to illegal pblock 48 (length 1) [ 1417.668297][ T9175] XFS (loop0): Quotacheck needed: Please wait. [ 1417.696031][ T9207] netlink: 'syz.2.16014': attribute type 2 has an invalid length. [ 1417.713235][ T9201] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 1417.727476][ T9201] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.16009: Failed to acquire dquot type 0 [ 1417.812680][ T9175] XFS (loop0): Quotacheck: Done. [ 1417.820901][ T9201] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 1417.839124][ T9201] EXT4-fs error (device loop1): ext4_evict_inode:252: inode #11: comm syz.1.16009: mark_inode_dirty error [ 1417.865195][ T9201] EXT4-fs warning (device loop1): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 1417.899576][ T9201] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1418.057822][ T3549] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:9: lblock 1 mapped to illegal pblock 1 (length 1) [ 1418.133697][ T5769] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1418.145995][ T3549] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 1418.169448][ T3549] EXT4-fs error (device loop1): ext4_release_dquot:6985: comm kworker/u4:9: Failed to release dquot type 0 [ 1418.182413][ T9213] loop3: detected capacity change from 0 to 4096 [ 1418.194624][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1418.225225][ T5767] EXT4-fs error (device loop1): __ext4_get_inode_loc:4489: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 1418.255836][ T5767] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 1418.276750][ T9216] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1418.316494][ T5767] EXT4-fs error (device loop1): ext4_quota_off:7233: inode #3: comm syz-executor: mark_inode_dirty error [ 1418.355220][ T9213] syz.3.16017: attempt to access beyond end of device [ 1418.355220][ T9213] loop3: rw=0, sector=26388279066816, nr_sectors = 8 limit=4096 [ 1418.453433][ T9213] NILFS (loop3): I/O error reading meta-data file (ino=6, block-offset=1) [ 1418.518014][ C1] ip6_tunnel: ip6gretap4 xmit: Local address not yet configured! [ 1419.351714][ T9246] loop3: detected capacity change from 0 to 16 [ 1419.400542][ T9246] erofs: (device loop3): mounted with root inode @ nid 36. [ 1419.456179][ T9246] erofs: (device loop3): z_erofs_fill_inode_lazy: unknown HEAD1 format 8 for nid 89, please upgrade kernel [ 1419.497888][ T9246] erofs: (device loop3): z_erofs_readahead: readahead error at folio 2 @ nid 89 [ 1419.526613][ T9246] erofs: (device loop3): z_erofs_fill_inode_lazy: unknown HEAD1 format 8 for nid 89, please upgrade kernel [ 1419.557310][ T9246] erofs: (device loop3): z_erofs_readahead: readahead error at folio 1 @ nid 89 [ 1419.598059][ T9246] erofs: (device loop3): z_erofs_fill_inode_lazy: unknown HEAD1 format 8 for nid 89, please upgrade kernel [ 1419.620551][ T9246] erofs: (device loop3): z_erofs_readahead: readahead error at folio 0 @ nid 89 [ 1419.647994][ T9246] erofs: (device loop3): z_erofs_fill_inode_lazy: unknown HEAD1 format 8 for nid 89, please upgrade kernel [ 1419.692270][ T9246] erofs: (device loop3): z_erofs_fill_inode_lazy: unknown HEAD1 format 8 for nid 89, please upgrade kernel [ 1419.750374][ T9246] erofs: (device loop3): z_erofs_read_folio: read error -95 @ 0 of nid 89 [ 1419.797254][ T28] audit: type=1800 audit(2000000718.531:871): pid=9246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.16033" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 1419.858600][ T9260] comedi comedi0: multiq3: I/O port conflict (0x3,16) [ 1420.043711][ T9266] loop3: detected capacity change from 0 to 64 [ 1420.211037][ T9270] loop0: detected capacity change from 0 to 2048 [ 1420.232359][ T9270] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1420.235975][ T9272] bridge8: entered promiscuous mode [ 1420.295494][ T9272] bridge8: entered allmulticast mode [ 1420.302193][ T9275] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1420.648391][ T9283] xt_HMARK: spi-set and port-set can't be combined [ 1421.463897][ T9311] loop1: detected capacity change from 0 to 1024 [ 1421.809841][ T9321] loop0: detected capacity change from 0 to 512 [ 1421.817191][ T9321] EXT4-fs: Ignoring removed i_version option [ 1421.902410][ T9321] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1421.962405][ T9321] EXT4-fs (loop0): 1 truncate cleaned up [ 1422.003892][ T9321] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1422.088531][ T9332] Unsupported ieee802154 address type: 0 [ 1422.169120][ T9321] EXT4-fs warning (device loop0): verify_group_input:151: Cannot add at group 1029 (only 1 groups) [ 1422.256447][ T9338] netlink: 'syz.2.16077': attribute type 1 has an invalid length. [ 1422.281596][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1422.459899][ T9344] loop0: detected capacity change from 0 to 8 [ 1422.467132][ T9344] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 1422.500235][ T5955] udevd[5955]: incorrect cramfs checksum on /dev/loop0 [ 1422.538739][ T9344] cramfs: Error -5 while decompressing! [ 1422.544373][ T9344] cramfs: ffffffff973f8368(26)->ffff888069bca000(4096) [ 1422.566767][ T9344] cramfs: Error -3 while decompressing! [ 1422.572731][ T9344] cramfs: ffffffff973f8382(26)->ffff888056e13000(4096) [ 1422.594967][ T9344] cramfs: Error -3 while decompressing! [ 1422.607780][ T9344] cramfs: ffffffff973f839c(16)->ffff888054409000(4096) [ 1422.638206][ T9344] cramfs: Error -5 while decompressing! [ 1422.653915][ T9344] cramfs: ffffffff973f8368(26)->ffff888069bca000(4096) [ 1422.687146][ T28] audit: type=1800 audit(2000000721.441:872): pid=9344 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.16079" name="file2" dev="loop0" ino=348 res=0 errno=0 [ 1422.728014][ T9352] comedi comedi1: c6xdigio: I/O port conflict (0x2,3) [ 1422.982236][ T9362] netlink: 'syz.3.16088': attribute type 21 has an invalid length. [ 1422.991173][ T9362] netlink: 132 bytes leftover after parsing attributes in process `syz.3.16088'. [ 1423.001722][ T9362] netlink: 20 bytes leftover after parsing attributes in process `syz.3.16088'. [ 1423.201711][ T9368] netlink: 'syz.0.16092': attribute type 5 has an invalid length. [ 1423.642769][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 1423.679229][ T9383] bond7: entered allmulticast mode [ 1423.684883][ T9383] 8021q: adding VLAN 0 to HW filter on device bond7 [ 1424.554024][ T9421] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16117'. [ 1424.581155][ T9421] netlink: 7 bytes leftover after parsing attributes in process `syz.2.16117'. [ 1424.667852][ T4452] usb 2-1: new high-speed USB device number 95 using dummy_hcd [ 1424.880042][ T4452] usb 2-1: config 0 has an invalid interface number: 244 but max is 0 [ 1424.892281][ T4452] usb 2-1: config 0 has no interface number 0 [ 1424.913308][ T4452] usb 2-1: New USB device found, idVendor=05f9, idProduct=ffff, bcdDevice=92.c2 [ 1424.927854][ T4452] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1424.946144][ T4452] usb 2-1: Product: syz [ 1424.967827][ T4452] usb 2-1: Manufacturer: syz [ 1424.978317][ T4452] usb 2-1: SerialNumber: syz [ 1425.004481][ T4452] usb 2-1: config 0 descriptor?? [ 1425.046826][ T4452] usbserial_generic 2-1:0.244: The "generic" usb-serial driver is only for testing and one-off prototypes. [ 1425.086952][ T4452] usbserial_generic 2-1:0.244: Tell linux-usb@vger.kernel.org to add your device to a proper driver. [ 1425.121557][ T4452] usbserial_generic 2-1:0.244: device has no bulk endpoints [ 1425.139349][ T4452] safe_serial 2-1:0.244: safe_serial converter detected [ 1425.160404][ T4452] safe_serial: probe of 2-1:0.244 failed with error -22 [ 1425.215105][ T9441] nvme_fabrics: missing parameter 'transport=%s' [ 1425.222043][ T9441] nvme_fabrics: missing parameter 'nqn=%s' [ 1425.258296][ T4452] usb 2-1: USB disconnect, device number 95 [ 1425.449139][ T9452] netlink: 96 bytes leftover after parsing attributes in process `syz.0.16133'. [ 1425.614469][ T9458] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16136'. [ 1425.940777][ T9470] overlay: Bad value for 'metacopy' [ 1426.373642][ T28] audit: type=1326 audit(2000000725.131:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9483 comm="syz.2.16149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1426.458383][ T28] audit: type=1326 audit(2000000725.131:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9483 comm="syz.2.16149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1426.490305][ T9489] loop3: detected capacity change from 0 to 512 [ 1426.505932][ T9489] EXT4-fs: Ignoring removed i_version option [ 1426.525788][ T28] audit: type=1326 audit(2000000725.131:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9483 comm="syz.2.16149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1426.554525][ T28] audit: type=1326 audit(2000000725.161:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9483 comm="syz.2.16149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1426.600851][ T9489] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1426.644012][ T9489] EXT4-fs (loop3): 1 truncate cleaned up [ 1426.655353][ T28] audit: type=1326 audit(2000000725.161:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9483 comm="syz.2.16149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1426.659456][ T9489] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1426.699870][ T28] audit: type=1326 audit(2000000725.211:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9483 comm="syz.2.16149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa97535b78e code=0x7ffc0000 [ 1426.764183][ T9489] EXT4-fs warning (device loop3): verify_group_input:151: Cannot add at group 1029 (only 1 groups) [ 1426.807647][ T28] audit: type=1326 audit(2000000725.211:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9483 comm="syz.2.16149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa97535b78e code=0x7ffc0000 [ 1426.856157][ T28] audit: type=1326 audit(2000000725.211:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9483 comm="syz.2.16149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa97535b78e code=0x7ffc0000 [ 1426.885923][ T28] audit: type=1326 audit(2000000725.211:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9483 comm="syz.2.16149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa97535b78e code=0x7ffc0000 [ 1426.930209][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1427.113428][ T9504] loop0: detected capacity change from 0 to 2048 [ 1427.166623][ T9507] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1427.297902][ T2731] usb 2-1: new high-speed USB device number 96 using dummy_hcd [ 1427.366007][ T9512] loop2: detected capacity change from 0 to 64 [ 1427.506849][ T2731] usb 2-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 1427.542731][ T2731] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1427.570651][ T2731] usb 2-1: Product: syz [ 1427.574902][ T2731] usb 2-1: Manufacturer: syz [ 1427.589755][ T2731] usb 2-1: SerialNumber: syz [ 1427.620087][ T2731] usb 2-1: config 0 descriptor?? [ 1427.639172][ T2731] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 1427.672324][ T9519] netlink: 12 bytes leftover after parsing attributes in process `syz.2.16165'. [ 1427.818102][ T788] usb 4-1: new high-speed USB device number 108 using dummy_hcd [ 1428.009874][ T788] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 1428.027166][ T788] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 1428.057066][ T788] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1428.097531][ T788] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1428.120094][ T788] usb 4-1: config 1 has no interface number 1 [ 1428.126367][ T788] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1428.136269][T23246] usb 2-1: USB disconnect, device number 96 [ 1428.175385][ T788] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1428.208621][ T788] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1428.217626][ T788] usb 4-1: Product: syz [ 1428.230701][ T788] usb 4-1: Manufacturer: syz [ 1428.233130][ T9538] loop2: detected capacity change from 0 to 64 [ 1428.235341][ T788] usb 4-1: SerialNumber: syz [ 1428.242607][ T9537] cifs: Unknown parameter 'ÿÿITäŒ&¬æ:ÅèÙ"‚Õëï1:ºÃÃÓ­'Ä4,Zz-#FÇ<æõ]%gCžÊ [ 1428.242607][ T9537] SÃȘØÈžZ§6ŸÂ' [ 1428.291715][ T9538] hfs: filesystem is marked locked, mounting read-only. [ 1428.336917][ T9538] hfs: filesystem is marked locked, leaving read-only. [ 1428.515125][ T788] usb 4-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0 [ 1428.530060][ T788] usb 4-1: MIDIStreaming interface descriptor not found [ 1428.580622][ T788] usb 4-1: USB disconnect, device number 108 [ 1428.920432][ T5758] udevd[5758]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1429.606980][ T9574] IPv6: NLM_F_CREATE should be specified when creating new route [ 1430.382462][ T9604] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16205'. [ 1430.398172][ T9604] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1431.048280][ T9631] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16219'. [ 1431.151489][ T9629] loop0: detected capacity change from 0 to 4096 [ 1431.155126][ T9635] netlink: 'syz.2.16221': attribute type 2 has an invalid length. [ 1431.198140][ T9629] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 1431.348393][ T9629] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 1431.376885][ T9641] netlink: 209820 bytes leftover after parsing attributes in process `syz.2.16224'. [ 1431.416802][ T28] kauditd_printk_skb: 148 callbacks suppressed [ 1431.416818][ T28] audit: type=1400 audit(2000000730.171:1030): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147C8A3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F0 [ 1431.907031][ T9653] loop0: detected capacity change from 0 to 4096 [ 1431.958294][ T28] audit: type=1326 audit(2000000730.661:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9660 comm="syz.2.16232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1432.035852][ T28] audit: type=1326 audit(2000000730.661:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9660 comm="syz.2.16232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1432.080532][ T9653] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1432.207568][ T28] audit: type=1326 audit(2000000730.661:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9660 comm="syz.2.16232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1432.309017][ T28] audit: type=1326 audit(2000000730.661:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9660 comm="syz.2.16232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1432.309478][ T9653] ntfs: (device loop0): ntfs_read_locked_inode(): Corrupt standard information attribute in inode. [ 1432.400230][ T9673] loop1: detected capacity change from 0 to 256 [ 1432.431731][ T9653] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1432.488119][ T9653] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1432.535847][ T9653] ntfs: volume version 3.1. [ 1432.562786][ T9673] FAT-fs (loop1): Directory bread(block 64) failed [ 1432.589228][ T9673] FAT-fs (loop1): Directory bread(block 65) failed [ 1432.622722][ T9673] FAT-fs (loop1): Directory bread(block 66) failed [ 1432.647923][ T9673] FAT-fs (loop1): Directory bread(block 67) failed [ 1432.658254][ T9673] FAT-fs (loop1): Directory bread(block 68) failed [ 1432.664852][ T9673] FAT-fs (loop1): Directory bread(block 69) failed [ 1432.708078][ T9673] FAT-fs (loop1): Directory bread(block 70) failed [ 1432.714788][ T9673] FAT-fs (loop1): Directory bread(block 71) failed [ 1432.725520][ T9673] FAT-fs (loop1): Directory bread(block 72) failed [ 1432.746295][ T9673] FAT-fs (loop1): Directory bread(block 73) failed [ 1432.803334][ T5769] ntfs: (device loop0): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 1433.139837][ T9690] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16246'. [ 1433.277921][T23246] usb 3-1: new high-speed USB device number 94 using dummy_hcd [ 1433.346515][ T9698] loop0: detected capacity change from 0 to 2048 [ 1433.397268][ T9698] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1433.462025][ T9701] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1433.489391][T23246] usb 3-1: config 0 has an invalid interface number: 117 but max is 0 [ 1433.517833][T23246] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1433.549927][T23246] usb 3-1: config 0 has no interface number 0 [ 1433.556100][T23246] usb 3-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 1433.612014][T23246] usb 3-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1433.633250][ T9705] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16254'. [ 1433.665943][T23246] usb 3-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 1433.679871][T23246] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1433.697970][T23246] usb 3-1: Product: syz [ 1433.702293][T23246] usb 3-1: Manufacturer: syz [ 1433.717126][T23246] usb 3-1: SerialNumber: syz [ 1433.735348][T23246] usb 3-1: config 0 descriptor?? [ 1433.878144][ C1] ip6_tunnel: ip6gretap4 xmit: Local address not yet configured! [ 1434.240699][T23246] usbtouchscreen: probe of 3-1:0.117 failed with error -71 [ 1434.292781][T23246] usb 3-1: USB disconnect, device number 94 [ 1434.391397][ T9723] openvswitch: netlink: Actions may not be safe on all matching packets [ 1434.647159][ T9731] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16266'. [ 1434.662769][ T9731] dummy0: left allmulticast mode [ 1434.672846][ T9731] dummy0: left promiscuous mode [ 1434.680531][ T9731] bridge0: port 3(dummy0) entered disabled state [ 1434.711513][ T9731] bond0: left allmulticast mode [ 1434.726914][ T9731] bond_slave_0: left allmulticast mode [ 1434.733515][ T9731] bond_slave_1: left allmulticast mode [ 1434.771561][ T9731] netdevsim netdevsim3 netdevsim0: left allmulticast mode [ 1434.786838][ T9731] macvlan0: left allmulticast mode [ 1434.793537][ T9731] bond0: left promiscuous mode [ 1434.805653][ T9731] bond_slave_0: left promiscuous mode [ 1434.812330][ T9731] bond_slave_1: left promiscuous mode [ 1434.825143][ T9731] netdevsim netdevsim3 netdevsim0: left promiscuous mode [ 1434.833814][ T9731] bridge0: port 1(bond0) entered disabled state [ 1434.841121][ T9734] xt_TCPMSS: Only works on TCP SYN packets [ 1434.935161][ T9731] bridge_slave_1: left allmulticast mode [ 1434.949773][ T9731] bridge_slave_1: left promiscuous mode [ 1434.976808][ T9731] bridge0: port 2(bridge_slave_1) entered disabled state [ 1435.865157][ T9767] binder: binder_mmap: 9763 200000001000-20000000b000 bad vm_flags failed -1 [ 1436.293258][ T9751] loop1: detected capacity change from 0 to 32768 [ 1436.364700][ T9751] ERROR: (device loop1): dbAllocAG: Corrupt dmapctl page [ 1436.364700][ T9751] [ 1436.390307][ T9751] ERROR: (device loop1): remounting filesystem as read-only [ 1436.639329][ T9781] loop3: detected capacity change from 0 to 4096 [ 1436.688387][ T9781] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 1436.751600][ T9791] loop2: detected capacity change from 0 to 1024 [ 1436.862728][ T9781] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 1436.991789][ T3549] hfsplus: b-tree write err: -5, ino 4 [ 1438.931632][ T9848] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT [ 1439.423029][ T9866] loop0: detected capacity change from 0 to 64 [ 1439.476368][ T9868] loop2: detected capacity change from 0 to 512 [ 1439.552727][ T9868] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 1439.568160][ T9868] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 1439.578617][ T9868] System zones: 0-1, 15-15, 18-18, 34-34 [ 1439.584878][ T9868] EXT4-fs (loop2): orphan cleanup on readonly fs [ 1439.592046][ T9868] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0 [ 1439.602447][ T9868] EXT4-fs warning (device loop2): ext4_enable_quotas:7184: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 1439.617737][ T9868] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 1439.630346][ T9868] EXT4-fs (loop2): 1 truncate cleaned up [ 1439.638580][ T9868] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1439.668271][ T9868] fscrypt (loop2, inode 16): Error -61 getting encryption context [ 1439.780552][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1440.181826][T23246] usb 1-1: new high-speed USB device number 99 using dummy_hcd [ 1440.399710][T23246] usb 1-1: Using ep0 maxpacket: 16 [ 1440.413825][T23246] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1440.431194][T23246] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1440.443457][T23246] usb 1-1: Product: syz [ 1440.452752][T23246] usb 1-1: Manufacturer: syz [ 1440.465062][T23246] usb 1-1: SerialNumber: syz [ 1440.488007][T23246] r8152-cfgselector 1-1: config 0 descriptor?? [ 1440.768677][T23246] usbip-host 1-1: 1-1 is not in match_busid table... skip! [ 1441.009331][ T788] usb 1-1: USB disconnect, device number 99 [ 1441.434675][ T9923] netlink: 129384 bytes leftover after parsing attributes in process `syz.2.16360'. [ 1441.582383][ T9909] loop3: detected capacity change from 0 to 32768 [ 1441.688375][ T9909] ERROR: (device loop3): diAllocBit: iag inconsistent [ 1441.688375][ T9909] [ 1441.739486][ T9909] ERROR: (device loop3): remounting filesystem as read-only [ 1441.747124][ T9909] ialloc: diAlloc returned -5! [ 1441.917955][ T9935] IPVS: set_ctl: invalid protocol: 0 255.255.255.255:20002 [ 1442.411861][ T9945] loop3: detected capacity change from 0 to 4096 [ 1442.683398][ T9957] loop2: detected capacity change from 0 to 64 [ 1442.901842][ T9964] loop1: detected capacity change from 0 to 256 [ 1443.036225][ T9964] FAT-fs (loop1): Directory bread(block 64) failed [ 1443.067606][ T9964] FAT-fs (loop1): Directory bread(block 65) failed [ 1443.098404][ T9968] netlink: 72 bytes leftover after parsing attributes in process `syz.3.16382'. [ 1443.109861][ T9964] FAT-fs (loop1): Directory bread(block 66) failed [ 1443.116743][ T9964] FAT-fs (loop1): Directory bread(block 67) failed [ 1443.138774][ T9968] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16382'. [ 1443.161656][ T9964] FAT-fs (loop1): Directory bread(block 68) failed [ 1443.168768][ T9969] netdevsim netdevsim2 netdevsim0: left promiscuous mode [ 1443.177868][ T9968] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16382'. [ 1443.187039][ T9964] FAT-fs (loop1): Directory bread(block 69) failed [ 1443.195754][ T9964] FAT-fs (loop1): Directory bread(block 70) failed [ 1443.215823][ T9964] FAT-fs (loop1): Directory bread(block 71) failed [ 1443.236219][ T9964] FAT-fs (loop1): Directory bread(block 72) failed [ 1443.256290][ T9964] FAT-fs (loop1): Directory bread(block 73) failed [ 1443.403853][ T9977] netlink: 'syz.2.16386': attribute type 3 has an invalid length. [ 1443.412546][ T9975] netlink: 'syz.3.16385': attribute type 1 has an invalid length. [ 1443.584263][ T9979] loop0: detected capacity change from 0 to 1024 [ 1443.805489][ T9985] loop2: detected capacity change from 0 to 1764 [ 1443.824332][ T36] hfsplus: b-tree write err: -5, ino 4 [ 1444.470910][T10007] netlink: 'syz.3.16401': attribute type 1 has an invalid length. [ 1444.734669][T10016] loop3: detected capacity change from 0 to 2048 [ 1444.806962][T10016] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 1444.889447][T10016] EXT4-fs error (device loop3): ext4_iget_extra_inode:4732: inode #12: comm syz.3.16406: corrupted in-inode xattr: e_value size too large [ 1445.090891][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 1445.312026][T10036] netlink: 20 bytes leftover after parsing attributes in process `syz.3.16411'. [ 1445.913701][T10052] loop2: detected capacity change from 0 to 4096 [ 1445.987229][T10052] ntfs: volume version 3.1. [ 1446.103056][T10060] netlink: 220 bytes leftover after parsing attributes in process `syz.3.16427'. [ 1446.133424][T10060] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16427'. [ 1446.166559][T10060] tc_dump_action: action bad kind [ 1446.453708][T10069] loop0: detected capacity change from 0 to 8 [ 1446.743705][T10072] loop2: detected capacity change from 0 to 1764 [ 1446.814700][ T5955] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1446.825233][T10056] loop1: detected capacity change from 0 to 32768 [ 1446.988165][T14660] usb 4-1: new full-speed USB device number 109 using dummy_hcd [ 1447.138472][T23246] usb 3-1: new high-speed USB device number 95 using dummy_hcd [ 1447.181485][T14660] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 10 [ 1447.206819][T14660] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1447.242458][T14660] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66 [ 1447.257887][T14660] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1447.272669][T14660] usb 4-1: Product: syz [ 1447.284935][T14660] usb 4-1: Manufacturer: syz [ 1447.289929][T14660] usb 4-1: SerialNumber: syz [ 1447.309357][T14660] usb 4-1: config 0 descriptor?? [ 1447.338775][T14660] snd-usb-audio: probe of 4-1:0.0 failed with error -90 [ 1447.360297][T23246] usb 3-1: config 0 interface 0 altsetting 60 endpoint 0xE has invalid maxpacket 1023, setting to 64 [ 1447.409045][T23246] usb 3-1: config 0 interface 0 altsetting 60 endpoint 0xD has invalid maxpacket 65278, setting to 1024 [ 1447.442945][T23246] usb 3-1: config 0 interface 0 altsetting 60 bulk endpoint 0xD has invalid maxpacket 1024 [ 1447.457243][T23246] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1447.469381][T23246] usb 3-1: New USB device found, idVendor=2294, idProduct=425a, bcdDevice=ae.ad [ 1447.500246][T23246] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1447.520980][T23246] usb 3-1: config 0 descriptor?? [ 1447.527287][T10072] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 1447.572842][T14660] usb 4-1: USB disconnect, device number 109 [ 1447.748265][T23246] usb 3-1: string descriptor 0 read error: -71 [ 1447.779879][T23246] usb 3-1: ucan: probing device on interface #0 [ 1447.786413][T23246] usb 3-1: ucan: invalid endpoint configuration [ 1447.814225][T23246] usb 3-1: ucan: probe failed; try to update the device firmware [ 1447.852006][T23246] usb 3-1: USB disconnect, device number 95 [ 1448.014211][T10088] loop0: detected capacity change from 0 to 32768 [ 1448.050492][T10088] ialloc: diAlloc returned -17! [ 1448.360611][T10104] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16447'. [ 1448.394528][T10104] netlink: 'syz.0.16447': attribute type 1 has an invalid length. [ 1448.417930][T10104] netlink: 'syz.0.16447': attribute type 2 has an invalid length. [ 1448.444906][T10104] netlink: 120 bytes leftover after parsing attributes in process `syz.0.16447'. [ 1448.607882][T23246] usb 4-1: new high-speed USB device number 110 using dummy_hcd [ 1448.820197][T10117] netlink: 96 bytes leftover after parsing attributes in process `syz.1.16454'. [ 1448.856274][T23246] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1448.882418][T23246] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1448.895722][T23246] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1448.910717][T23246] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1448.920769][T23246] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1448.982878][T23246] usb 4-1: config 0 descriptor?? [ 1449.011523][T23246] hub 4-1:0.0: USB hub found [ 1449.193452][T10129] loop1: detected capacity change from 0 to 256 [ 1449.229522][T23246] hub 4-1:0.0: 9 ports detected [ 1449.237169][T10129] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1449.242997][T23246] hub 4-1:0.0: insufficient power available to use all downstream ports [ 1449.337627][T10133] loop0: detected capacity change from 0 to 256 [ 1449.424466][T10133] FAT-fs (loop0): Directory bread(block 64) failed [ 1449.426013][T23246] hub 4-1:0.0: hub_hub_status failed (err = -71) [ 1449.455783][T23246] hub 4-1:0.0: config failed, can't get hub status (err -71) [ 1449.483412][T10133] FAT-fs (loop0): Directory bread(block 65) failed [ 1449.510032][T10133] FAT-fs (loop0): Directory bread(block 66) failed [ 1449.516731][T10133] FAT-fs (loop0): Directory bread(block 67) failed [ 1449.545188][T23246] usb 4-1: USB disconnect, device number 110 [ 1449.545316][T10133] FAT-fs (loop0): Directory bread(block 68) failed [ 1449.606253][T10133] FAT-fs (loop0): Directory bread(block 69) failed [ 1449.632104][T10133] FAT-fs (loop0): Directory bread(block 70) failed [ 1449.645662][T10133] FAT-fs (loop0): Directory bread(block 71) failed [ 1449.659416][T10135] loop2: detected capacity change from 0 to 4096 [ 1449.668075][T10133] FAT-fs (loop0): Directory bread(block 72) failed [ 1449.676732][T10135] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 1449.689490][T10133] FAT-fs (loop0): Directory bread(block 73) failed [ 1449.732171][T10139] netlink: 'syz.1.16464': attribute type 10 has an invalid length. [ 1450.199301][T10147] binder: BC_ATTEMPT_ACQUIRE not supported [ 1450.214555][T10147] binder: 10146:10147 ioctl c0306201 2000000003c0 returned -22 [ 1451.045797][T10145] loop2: detected capacity change from 0 to 32768 [ 1451.112775][T10145] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1451.274590][T10145] XFS (loop2): Ending clean mount [ 1451.315105][T10145] XFS (loop2): Quotacheck needed: Please wait. [ 1451.487138][T10145] XFS (loop2): Quotacheck: Done. [ 1451.757837][ T5771] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1452.477124][T10191] loop3: detected capacity change from 0 to 32768 [ 1453.092658][T10204] loop1: detected capacity change from 0 to 32768 [ 1453.173583][T10204] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 1453.294628][T10204] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 1453.401461][T10204] (syz.1.16494,10204,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 1453.427818][T10204] (syz.1.16494,10204,0):ocfs2_xattr_block_find:2831 ERROR: status = -12 [ 1453.509009][T10238] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16509'. [ 1453.737357][T10244] loop0: detected capacity change from 0 to 64 [ 1453.755199][ T5767] ocfs2: Unmounting device (7,1) on (node local) [ 1454.243353][T10256] loop3: detected capacity change from 0 to 1024 [ 1454.308043][T10256] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 1454.870019][T10272] loop3: detected capacity change from 0 to 4096 [ 1454.901972][T10272] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 0) do not match. Run ntfsfix or chkdsk. [ 1454.956513][T10272] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 1455.016188][T10272] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing. [ 1455.033798][T10272] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1455.102270][T10272] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1455.149057][T10272] ntfs: volume version 0.0. [ 1455.153635][T10272] ntfs: (device loop3): load_system_files(): Disabling sparse support due to NTFS volume version 0.0 (need at least version 3.0). [ 1455.196688][T10272] ntfs: (device loop3): ntfs_read_locked_inode(): Inode is not in use! [ 1455.214826][T10272] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x2 as bad. Run chkdsk. [ 1455.266706][T10272] ntfs: (device loop3): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 1455.393613][T10272] ntfs: (device loop3): ntfs_read_locked_inode(): $INDEX_ROOT attribute is missing. [ 1455.587431][T10298] delete_channel: no stack [ 1456.147506][T10321] sctp: [Deprecated]: syz.2.16549 (pid 10321) Use of int in max_burst socket option. [ 1456.147506][T10321] Use struct sctp_assoc_value instead [ 1456.391521][T10320] loop3: detected capacity change from 0 to 4096 [ 1456.454944][T10329] loop0: detected capacity change from 0 to 256 [ 1456.475910][T10329] exfat: Deprecated parameter 'utf8' [ 1456.519136][T10320] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 1456.545228][T10329] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 1456.697496][T10338] loop2: detected capacity change from 0 to 256 [ 1456.834051][T10338] FAT-fs (loop2): Directory bread(block 64) failed [ 1456.862250][T10338] FAT-fs (loop2): Directory bread(block 65) failed [ 1456.889934][T10338] FAT-fs (loop2): Directory bread(block 66) failed [ 1456.907853][T10338] FAT-fs (loop2): Directory bread(block 67) failed [ 1456.926510][T10338] FAT-fs (loop2): Directory bread(block 68) failed [ 1456.973164][T10338] FAT-fs (loop2): Directory bread(block 69) failed [ 1456.998684][T10338] FAT-fs (loop2): Directory bread(block 70) failed [ 1457.005405][T10338] FAT-fs (loop2): Directory bread(block 71) failed [ 1457.048651][T10338] FAT-fs (loop2): Directory bread(block 72) failed [ 1457.055292][T10338] FAT-fs (loop2): Directory bread(block 73) failed [ 1457.166339][T10348] openvswitch: netlink: Actions may not be safe on all matching packets [ 1457.512453][T10356] program syz.1.16566 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1457.524028][T10360] loop2: detected capacity change from 0 to 64 [ 1457.557092][T10360] hfs: unable to locate alternate MDB [ 1457.589874][T10360] hfs: continuing without an alternate MDB [ 1457.614817][T10362] loop0: detected capacity change from 0 to 512 [ 1457.689623][T10362] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0022] [ 1457.753581][T10362] System zones: 1-12 [ 1457.757087][T10368] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode balance-tlb(5) [ 1457.775975][T10362] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.16569: Directory hole found for htree index block 0 [ 1457.821514][T10362] EXT4-fs (loop0): Remounting filesystem read-only [ 1457.860763][T10362] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -117 [ 1457.900506][T10362] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117 [ 1457.949197][T10362] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1458.057416][T10362] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000. [ 1458.189514][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1458.336446][T10384] netlink: 52 bytes leftover after parsing attributes in process `syz.3.16580'. [ 1458.567944][T10390] loop3: detected capacity change from 0 to 1024 [ 1458.686246][T10390] hfsplus: inconsistency in B*Tree (128,1,255,1,0) [ 1458.714128][T10390] hfsplus: xattr searching failed [ 1458.782045][T10390] hfsplus: inconsistency in B*Tree (128,1,255,1,0) [ 1458.799938][T10400] netlink: 'syz.0.16587': attribute type 5 has an invalid length. [ 1458.837902][T10390] hfsplus: xattr searching failed [ 1459.711827][T10430] loop3: detected capacity change from 0 to 1024 [ 1459.835932][ T36] hfsplus: b-tree write err: -5, ino 4 [ 1460.266872][T10445] bond13: entered allmulticast mode [ 1461.233599][T10482] loop0: detected capacity change from 0 to 2048 [ 1461.297213][T10482] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1462.403553][T10488] loop3: detected capacity change from 0 to 32768 [ 1462.465711][T10488] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1462.678064][T10535] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16655'. [ 1462.729727][T10488] XFS (loop3): Ending clean mount [ 1462.947531][ T5773] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1463.636344][T10531] loop0: detected capacity change from 0 to 32768 [ 1463.688285][T10531] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 1463.736842][T10531] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 1463.833410][T10531] ocfs2: Unmounting device (7,0) on (node local) [ 1464.236298][T10563] loop2: detected capacity change from 0 to 1024 [ 1464.397420][T10562] loop1: detected capacity change from 0 to 4096 [ 1464.426503][T10545] loop3: detected capacity change from 0 to 32768 [ 1464.538655][T10545] ERROR: (device loop3): dbAllocAG: Corrupt dmapctl page [ 1464.538655][T10545] [ 1464.577618][T10545] ERROR: (device loop3): remounting filesystem as read-only [ 1465.092965][T10581] overlayfs: missing 'lowerdir' [ 1465.098158][T14660] usb 3-1: new high-speed USB device number 96 using dummy_hcd [ 1465.237973][ C1] ip6_tunnel: ip6gretap4 xmit: Local address not yet configured! [ 1465.277779][T14660] usb 3-1: Using ep0 maxpacket: 16 [ 1465.324224][T14660] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1465.345120][T14660] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1465.367767][T14660] usb 3-1: Product: syz [ 1465.385662][T14660] usb 3-1: Manufacturer: syz [ 1465.405893][T14660] usb 3-1: SerialNumber: syz [ 1465.422312][T14660] r8152-cfgselector 3-1: config 0 descriptor?? [ 1465.660925][T14660] usbip-host 3-1: 3-1 is not in match_busid table... skip! [ 1465.686823][T10598] netlink: 24 bytes leftover after parsing attributes in process `syz.3.16679'. [ 1465.822300][T10602] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1465.897609][T14660] usb 3-1: USB disconnect, device number 96 [ 1467.094070][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 1467.094089][ T28] audit: type=1326 audit(2000000765.851:1039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10648 comm="syz.1.16706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1467.099571][T10647] loop3: detected capacity change from 0 to 512 [ 1467.107886][ T28] audit: type=1326 audit(2000000765.851:1040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10648 comm="syz.1.16706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1467.147733][T10651] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16704'. [ 1467.209915][T10653] binder: 10652:10653 ioctl c018620c 200000000100 returned -22 [ 1467.217881][ T28] audit: type=1326 audit(2000000765.891:1041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10648 comm="syz.1.16706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=148 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1467.217935][ T28] audit: type=1326 audit(2000000765.891:1042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10648 comm="syz.1.16706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1467.217980][ T28] audit: type=1326 audit(2000000765.891:1043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10648 comm="syz.1.16706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1467.278219][T10647] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1467.353904][T10647] ext4 filesystem being mounted at /3991/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 1467.513799][T10647] Quota error (device loop3): write_blk: dquota write failed [ 1467.528553][T10647] Quota error (device loop3): find_free_dqentry: Can't write quota data block 5 [ 1467.548215][T10647] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 1467.578080][T10647] EXT4-fs error (device loop3): ext4_acquire_dquot:6949: comm syz.3.16703: Failed to acquire dquot type 1 [ 1467.621410][ T28] audit: type=1800 audit(2000000766.381:1044): pid=10647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.16703" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 1467.810179][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1468.025923][T10675] overlayfs: cannot append lower layer [ 1468.078342][T10678] xt_l2tp: invalid flags combination: 0 [ 1468.388031][T10689] loop3: detected capacity change from 0 to 64 [ 1468.409386][T10691] netlink: 220 bytes leftover after parsing attributes in process `syz.1.16723'. [ 1468.456637][T10691] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16723'. [ 1468.480847][T10691] tc_dump_action: action bad kind [ 1468.497886][T10692] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16721'. [ 1468.867447][T10704] ..0ˆ: renamed from veth0_to_hsr (while UP) [ 1469.466673][T10724] netlink: 'syz.0.16740': attribute type 21 has an invalid length. [ 1469.489105][T10724] netlink: 128 bytes leftover after parsing attributes in process `syz.0.16740'. [ 1469.509170][T10724] netlink: 'syz.0.16740': attribute type 4 has an invalid length. [ 1469.517192][T10724] netlink: 'syz.0.16740': attribute type 5 has an invalid length. [ 1469.525760][T10724] netlink: 3 bytes leftover after parsing attributes in process `syz.0.16740'. [ 1469.700345][T10733] loop1: detected capacity change from 0 to 8 [ 1469.870183][T10738] netlink: 'syz.2.16747': attribute type 21 has an invalid length. [ 1469.918129][T10738] netlink: 164 bytes leftover after parsing attributes in process `syz.2.16747'. [ 1470.026595][T10741] delete_channel: no stack [ 1470.329278][T10750] nvme_fabrics: missing parameter 'transport=%s' [ 1470.335963][T10750] nvme_fabrics: missing parameter 'nqn=%s' [ 1470.418177][T10757] netlink: 20 bytes leftover after parsing attributes in process `syz.3.16755'. [ 1470.532140][T10761] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16757'. [ 1470.734635][T10767] loop2: detected capacity change from 0 to 512 [ 1470.765509][T10767] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0022] [ 1470.790520][T10767] System zones: 1-12 [ 1470.805985][T10774] loop3: detected capacity change from 0 to 64 [ 1470.811240][T10767] EXT4-fs error (device loop2): dx_probe:823: inode #2: comm syz.2.16763: Directory hole found for htree index block 0 [ 1470.878231][T10767] EXT4-fs (loop2): Remounting filesystem read-only [ 1470.885181][T10767] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 1470.895370][T10767] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 1470.906559][T10767] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1470.946276][T10767] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. [ 1471.066665][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1471.613115][T10796] binder: BC_ATTEMPT_ACQUIRE not supported [ 1471.625024][T10796] binder: 10795:10796 ioctl c0306201 2000000003c0 returned -22 [ 1471.826120][T10806] loop1: detected capacity change from 0 to 512 [ 1471.856003][T10806] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0022] [ 1471.879760][T10806] System zones: 1-12 [ 1471.884172][T10806] EXT4-fs error (device loop1): dx_probe:823: inode #2: comm syz.1.16778: Directory hole found for htree index block 0 [ 1471.927227][T10806] EXT4-fs (loop1): Remounting filesystem read-only [ 1471.933861][T10811] loop2: detected capacity change from 0 to 2048 [ 1471.954962][T10806] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 1471.990186][T10806] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 1471.996107][T10813] loop0: detected capacity change from 0 to 16 [ 1472.029033][T10813] erofs: (device loop0): mounted with root inode @ nid 36. [ 1472.036602][T10811] loop2: p1 p3 < > p4 < p5 > [ 1472.040584][T10806] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1472.043767][T10811] loop2: partition table partially beyond EOD, [ 1472.063877][T10813] erofs: (device loop0): z_erofs_read_folio: read error -95 @ 8200 of nid 36 [ 1472.080852][T10811] truncated [ 1472.084226][T10811] loop2: p1 size 33024 extends beyond EOD, truncated [ 1472.093878][T10811] loop2: p3 start 4284289 is beyond EOD, truncated [ 1472.122626][T10811] loop2: p5 size 33024 extends beyond EOD, truncated [ 1472.304537][T10806] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 1472.505831][T10821] loop3: detected capacity change from 0 to 164 [ 1472.515664][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1472.811899][ T5955] udevd[5955]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 1472.826066][ T5760] udevd[5760]: inotify_add_watch(7, /dev/loop2p5, 10) failed: No such file or directory [ 1472.842390][ T6788] udevd[6788]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 1472.944825][T10832] loop0: detected capacity change from 0 to 64 [ 1473.036974][T10832] syz.0.16800: attempt to access beyond end of device [ 1473.036974][T10832] loop0: rw=0, sector=1024, nr_sectors = 2 limit=64 [ 1473.099267][T10832] Buffer I/O error on dev loop0, logical block 512, async page read [ 1473.119173][T10832] syz.0.16800: attempt to access beyond end of device [ 1473.119173][T10832] loop0: rw=0, sector=113152, nr_sectors = 2 limit=64 [ 1473.194429][T10832] Buffer I/O error on dev loop0, logical block 56576, async page read [ 1473.791272][T10855] loop2: detected capacity change from 0 to 64 [ 1474.071917][T10863] netlink: 'syz.3.16807': attribute type 20 has an invalid length. [ 1474.150214][T10841] loop1: detected capacity change from 0 to 32768 [ 1474.488783][T10875] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 1474.704270][T10881] __vm_enough_memory: pid: 10881, comm: syz.0.16824, not enough memory for the allocation [ 1474.726737][T10882] binder: Bad value for 'stats' [ 1474.787797][T14660] usb 2-1: new high-speed USB device number 97 using dummy_hcd [ 1474.936319][T10886] netlink: 'syz.2.16817': attribute type 1 has an invalid length. [ 1474.954886][T10886] netlink: 154788 bytes leftover after parsing attributes in process `syz.2.16817'. [ 1474.988942][T14660] usb 2-1: too many configurations: 37, using maximum allowed: 8 [ 1475.145156][T14660] usb 2-1: string descriptor 0 read error: -71 [ 1475.152540][T14660] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1475.174712][T14660] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1475.198435][T14660] usb 2-1: can't set config #1, error -71 [ 1475.223735][T14660] usb 2-1: USB disconnect, device number 97 [ 1475.460274][T10903] loop2: detected capacity change from 0 to 1024 [ 1475.500691][T10903] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 1476.528056][T10942] netlink: 'syz.2.16843': attribute type 75 has an invalid length. [ 1476.637995][T10946] xt_hashlimit: size too large, truncated to 1048576 [ 1476.697266][T10948] loop3: detected capacity change from 0 to 256 [ 1476.775867][T10948] FAT-fs (loop3): Directory bread(block 64) failed [ 1476.819396][T10948] FAT-fs (loop3): Directory bread(block 65) failed [ 1476.837428][T10948] FAT-fs (loop3): Directory bread(block 66) failed [ 1476.855699][T10948] FAT-fs (loop3): Directory bread(block 67) failed [ 1476.869216][T10948] FAT-fs (loop3): Directory bread(block 68) failed [ 1476.878198][T10948] FAT-fs (loop3): Directory bread(block 69) failed [ 1476.886918][T10948] FAT-fs (loop3): Directory bread(block 70) failed [ 1476.897940][T10948] FAT-fs (loop3): Directory bread(block 71) failed [ 1476.904722][T10948] FAT-fs (loop3): Directory bread(block 72) failed [ 1476.906207][T10950] loop2: detected capacity change from 0 to 4096 [ 1476.932562][T10948] FAT-fs (loop3): Directory bread(block 73) failed [ 1476.957980][T10950] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 1477.341060][T10960] loop0: detected capacity change from 0 to 64 [ 1477.363690][T10960] hfs: unable to locate alternate MDB [ 1477.384606][T10960] hfs: continuing without an alternate MDB [ 1477.479804][T10966] loop3: detected capacity change from 0 to 16 [ 1477.519164][T10966] erofs: (device loop3): mounted with root inode @ nid 36. [ 1477.568117][T10966] syz.3.16855: attempt to access beyond end of device [ 1477.568117][T10966] loop3: rw=0, sector=34359736320, nr_sectors = 8 limit=16 [ 1478.553435][T11003] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 1478.858400][T11014] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode balance-tlb(5) [ 1479.215524][T11026] cgroup2: Unknown parameter 'memory_hugetlb_accounting' [ 1479.388038][T11034] netlink: 'syz.1.16890': attribute type 1 has an invalid length. [ 1480.192145][T11066] netlink: 292 bytes leftover after parsing attributes in process `syz.1.16904'. [ 1480.565642][T11079] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16912'. [ 1480.998574][T11094] loop2: detected capacity change from 0 to 2048 [ 1481.059128][T11094] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1481.868288][ T4452] usb 1-1: new high-speed USB device number 100 using dummy_hcd [ 1482.071343][ T4452] usb 1-1: config 0 has an invalid interface number: 120 but max is 0 [ 1482.088119][ T4452] usb 1-1: config 0 has no interface number 0 [ 1482.103087][ T4452] usb 1-1: config 0 interface 120 has no altsetting 0 [ 1482.132388][ T4452] usb 1-1: New USB device found, idVendor=13d8, idProduct=0010, bcdDevice=8f.72 [ 1482.148162][ T4452] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1482.166942][ T4452] usb 1-1: Product: syz [ 1482.186953][ T4452] usb 1-1: Manufacturer: syz [ 1482.193919][ T4452] usb 1-1: SerialNumber: syz [ 1482.218610][ T4452] usb 1-1: config 0 descriptor?? [ 1482.225309][T11136] netlink: 128 bytes leftover after parsing attributes in process `syz.2.16941'. [ 1482.235032][T11136] netlink: 28 bytes leftover after parsing attributes in process `syz.2.16941'. [ 1482.287321][T11138] netlink: 'syz.1.16942': attribute type 1 has an invalid length. [ 1482.307934][T11138] netlink: 228 bytes leftover after parsing attributes in process `syz.1.16942'. [ 1482.338008][T23246] usb 4-1: new high-speed USB device number 111 using dummy_hcd [ 1482.460384][T11142] netlink: 'syz.1.16944': attribute type 11 has an invalid length. [ 1482.486297][ T4452] comedi comedi5: could not switch to alternate setting 1 [ 1482.502727][ T4452] usbduxfast 1-1:0.120: driver 'usbduxfast' failed to auto-configure device. [ 1482.530860][ T4452] usb 1-1: USB disconnect, device number 100 [ 1482.536755][T23246] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1482.556128][T23246] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1482.597926][T23246] usb 4-1: Product: syz [ 1482.602256][T23246] usb 4-1: Manufacturer: syz [ 1482.606897][T23246] usb 4-1: SerialNumber: syz [ 1482.646213][T23246] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1482.670430][T23251] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1482.778396][ T2731] usb 3-1: new high-speed USB device number 97 using dummy_hcd [ 1482.933504][T11152] xt_TCPMSS: Only works on TCP SYN packets [ 1482.939750][ C0] usb 4-1: ath: unknown panic pattern! [ 1482.988074][ T2731] usb 3-1: Using ep0 maxpacket: 32 [ 1483.010938][ T2731] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1483.023762][ T2731] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1483.034305][ T2731] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1483.043715][ T2731] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1483.068970][ T2731] usb 3-1: config 0 descriptor?? [ 1483.096877][ T2731] hub 3-1:0.0: USB hub found [ 1483.142833][ T4452] usb 4-1: USB disconnect, device number 111 [ 1483.328279][ T2731] hub 3-1:0.0: 1 port detected [ 1483.530441][ T2731] hub 3-1:0.0: hub_hub_status failed (err = -71) [ 1483.547287][ T2731] hub 3-1:0.0: config failed, can't get hub status (err -71) [ 1483.565686][ T2731] usbhid 3-1:0.0: can't add hid device: -71 [ 1483.574764][ T2731] usbhid: probe of 3-1:0.0 failed with error -71 [ 1483.643008][ T2731] usb 3-1: USB disconnect, device number 97 [ 1483.734014][T23251] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 1483.785225][T23251] ath9k_htc: Failed to initialize the device [ 1483.808123][ T4452] usb 4-1: ath9k_htc: USB layer deinitialized [ 1484.360072][T11194] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16969'. [ 1484.813204][T11213] loop1: detected capacity change from 0 to 256 [ 1484.832169][T11209] loop2: detected capacity change from 0 to 1024 [ 1484.972289][T11213] FAT-fs (loop1): Directory bread(block 64) failed [ 1485.017966][T11213] FAT-fs (loop1): Directory bread(block 65) failed [ 1485.055836][T11213] FAT-fs (loop1): Directory bread(block 66) failed [ 1485.072597][T11213] FAT-fs (loop1): Directory bread(block 67) failed [ 1485.101645][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 1485.106351][T11213] FAT-fs (loop1): Directory bread(block 68) failed [ 1485.135710][T11213] FAT-fs (loop1): Directory bread(block 69) failed [ 1485.167947][T11213] FAT-fs (loop1): Directory bread(block 70) failed [ 1485.174614][T11213] FAT-fs (loop1): Directory bread(block 71) failed [ 1485.223266][ T28] audit: type=1326 audit(2000000783.971:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11219 comm="syz.3.16983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3e79aeb9 code=0x7ffc0000 [ 1485.251846][T11213] FAT-fs (loop1): Directory bread(block 72) failed [ 1485.281736][T11213] FAT-fs (loop1): Directory bread(block 73) failed [ 1485.327870][ T28] audit: type=1326 audit(2000000783.971:1046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11219 comm="syz.3.16983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3e79aeb9 code=0x7ffc0000 [ 1485.431826][ T28] audit: type=1326 audit(2000000783.981:1047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11219 comm="syz.3.16983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7f2d3e79aeb9 code=0x7ffc0000 [ 1485.531943][ T28] audit: type=1326 audit(2000000783.981:1048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11219 comm="syz.3.16983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3e79aeb9 code=0x7ffc0000 [ 1486.846104][T11275] loop3: detected capacity change from 0 to 4096 [ 1486.879713][T11275] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 1487.045615][T11284] loop0: detected capacity change from 0 to 512 [ 1487.128927][T11284] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1487.207829][T11284] ext4 filesystem being mounted at /4247/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 1487.363726][T11284] Quota error (device loop0): write_blk: dquota write failed [ 1487.382412][T11284] Quota error (device loop0): find_free_dqentry: Can't write quota data block 5 [ 1487.412390][T11284] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota [ 1487.436580][T11284] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.17010: Failed to acquire dquot type 1 [ 1487.507938][ T28] audit: type=1800 audit(2000000786.261:1049): pid=11284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.17010" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 1487.644376][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1487.859461][T11309] loop0: detected capacity change from 0 to 64 [ 1487.975751][T11307] loop2: detected capacity change from 0 to 4096 [ 1488.182505][T11316] netlink: 16 bytes leftover after parsing attributes in process `syz.3.17024'. [ 1488.247991][T11319] No such timeout policy "syz0" [ 1489.124748][ T28] audit: type=1326 audit(2000000787.881:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11345 comm="syz.1.17040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1489.204120][ T28] audit: type=1326 audit(2000000787.881:1051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11345 comm="syz.1.17040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1820f9aeb9 code=0x7ffc0000 [ 1489.371493][T11356] loop0: detected capacity change from 0 to 1024 [ 1489.389770][T11357] loop1: detected capacity change from 0 to 2048 [ 1489.442837][T11357] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1489.514334][ T2910] hfsplus: b-tree write err: -5, ino 4 [ 1489.587934][T14660] usb 4-1: new high-speed USB device number 112 using dummy_hcd [ 1489.666320][T11363] netdevsim netdevsim2: Direct firmware load for  failed with error -2 [ 1489.691195][T11363] netdevsim netdevsim2: Falling back to sysfs fallback for:  [ 1489.780602][T14660] usb 4-1: config 0 has an invalid interface number: 120 but max is 0 [ 1489.796023][T14660] usb 4-1: config 0 has no interface number 0 [ 1489.820067][T14660] usb 4-1: config 0 interface 120 has no altsetting 0 [ 1489.833228][T14660] usb 4-1: New USB device found, idVendor=13d8, idProduct=0010, bcdDevice=8f.72 [ 1489.853031][T14660] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1489.867568][T14660] usb 4-1: Product: syz [ 1489.872465][T14660] usb 4-1: Manufacturer: syz [ 1489.895789][T14660] usb 4-1: SerialNumber: syz [ 1489.910950][T14660] usb 4-1: config 0 descriptor?? [ 1490.093951][T11375] loop1: detected capacity change from 0 to 64 [ 1490.189810][ C1] raw-gadget.0 gadget.3: ignoring, device is not running [ 1490.244298][T14660] comedi comedi5: could not switch to alternate setting 1 [ 1490.258654][T14660] usbduxfast 4-1:0.120: driver 'usbduxfast' failed to auto-configure device. [ 1490.293576][T14660] usb 4-1: USB disconnect, device number 112 [ 1490.563080][T11385] loop1: detected capacity change from 0 to 256 [ 1490.579617][T11387] loop0: detected capacity change from 0 to 64 [ 1491.223554][T11403] loop2: detected capacity change from 0 to 164 [ 1491.582285][T11411] FAT-fs (loop3): Directory bread(block 64) failed [ 1491.614514][T11411] FAT-fs (loop3): Directory bread(block 65) failed [ 1491.624728][T11411] FAT-fs (loop3): Directory bread(block 66) failed [ 1491.638107][T11411] FAT-fs (loop3): Directory bread(block 67) failed [ 1491.655110][T11411] FAT-fs (loop3): Directory bread(block 68) failed [ 1491.694538][T11411] FAT-fs (loop3): Directory bread(block 69) failed [ 1491.719074][T11411] FAT-fs (loop3): Directory bread(block 70) failed [ 1491.746116][T11411] FAT-fs (loop3): Directory bread(block 71) failed [ 1491.765407][T11411] FAT-fs (loop3): Directory bread(block 72) failed [ 1491.778249][T14660] usb 3-1: new high-speed USB device number 98 using dummy_hcd [ 1491.782514][T11411] FAT-fs (loop3): Directory bread(block 73) failed [ 1491.807229][T11421] vivid-002: disconnect [ 1491.818280][T11420] vivid-002: reconnect [ 1491.982551][T14660] usb 3-1: config 0 has an invalid interface number: 120 but max is 0 [ 1491.997785][T14660] usb 3-1: config 0 has no interface number 0 [ 1492.004010][T14660] usb 3-1: config 0 interface 120 has no altsetting 0 [ 1492.020751][T14660] usb 3-1: New USB device found, idVendor=13d8, idProduct=0010, bcdDevice=8f.72 [ 1492.037917][T14660] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1492.054204][T14660] usb 3-1: Product: syz [ 1492.064011][T14660] usb 3-1: Manufacturer: syz [ 1492.074139][T14660] usb 3-1: SerialNumber: syz [ 1492.109212][T14660] usb 3-1: config 0 descriptor?? [ 1492.380522][T14660] comedi comedi5: could not switch to alternate setting 1 [ 1492.415486][T14660] usbduxfast 3-1:0.120: driver 'usbduxfast' failed to auto-configure device. [ 1492.456237][T14660] usb 3-1: USB disconnect, device number 98 [ 1492.728459][T11423] set_capacity_and_notify: 1 callbacks suppressed [ 1492.728479][T11423] loop0: detected capacity change from 0 to 32768 [ 1492.754675][T11423] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.17078 (11423) [ 1492.805418][T11423] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1492.829389][T11423] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 1492.843104][T11423] BTRFS info (device loop0): force zlib compression, level 3 [ 1492.853218][T11423] BTRFS info (device loop0): turning on flush-on-commit [ 1492.867976][T11423] BTRFS info (device loop0): max_inline at 4096 [ 1492.874345][T11423] BTRFS info (device loop0): using free space tree [ 1492.928279][ T4452] usb 2-1: new high-speed USB device number 98 using dummy_hcd [ 1493.027969][T11423] BTRFS info (device loop0): enabling ssd optimizations [ 1493.059066][T11423] BTRFS info (device loop0): auto enabling async discard [ 1493.083286][T11461] loop2: detected capacity change from 0 to 64 [ 1493.122805][ T4452] usb 2-1: Using ep0 maxpacket: 32 [ 1493.150757][T11423] BTRFS error (device loop0): balance: mixed groups data and metadata options must be the same [ 1493.163432][ T4452] usb 2-1: config index 0 descriptor too short (expected 35577, got 27) [ 1493.188196][ T4452] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 1493.197324][T11461] hfs: inconsistency in B*Tree (1,0,1,0,3) [ 1493.206392][ T4452] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 1493.221584][ T4452] usb 2-1: config 1 has no interface number 0 [ 1493.228577][ T4452] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1493.247226][ T4452] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 1493.260539][ T788] usb 4-1: new high-speed USB device number 113 using dummy_hcd [ 1493.278135][ T4452] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 1493.288147][ T4452] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1493.303469][ T4452] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found [ 1493.324602][ T5769] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1493.471564][ T788] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 1493.500077][ T788] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1493.531915][ T4452] snd_usb_pod 2-1:1.1: invalid control EP [ 1493.556743][ T788] usb 4-1: config 0 descriptor?? [ 1493.563056][ T4452] snd_usb_pod 2-1:1.1: cannot start listening: -22 [ 1493.579885][ T788] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 1493.598107][ T4452] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected [ 1493.606007][ T4452] snd_usb_pod: probe of 2-1:1.1 failed with error -22 [ 1493.610985][ T6788] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 9 /dev/loop0 scanned by udevd (6788) [ 1493.661282][T11467] nfs: Unknown parameter 'ntext' [ 1493.742572][ T2731] usb 2-1: USB disconnect, device number 98 [ 1494.052431][ T788] gspca_stv06xx: I2C: Read error writing address: -71 [ 1494.098994][ T788] usb 4-1: USB disconnect, device number 113 [ 1494.182531][T11474] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 1494.315396][T11478] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 1494.337920][T11478] netdevsim netdevsim2 netdevsim0: left allmulticast mode [ 1494.878236][T11494] netlink: 24 bytes leftover after parsing attributes in process `syz.0.17105'. [ 1494.899115][T11494] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 1494.989545][T11500] loop3: detected capacity change from 0 to 256 [ 1495.016141][T11500] FAT-fs (loop3): "posix" option is obsolete, not supported now [ 1495.092259][T11503] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17110'. [ 1495.146727][T11503] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17110'. [ 1495.182512][T11503] netlink: 4 bytes leftover after parsing attributes in process `syz.0.17110'. [ 1495.425534][T11512] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 1495.432125][T11512] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 1495.478381][T11512] vhci_hcd vhci_hcd.0: Device attached [ 1495.489537][T11513] vhci_hcd: connection closed [ 1495.491936][ T36] vhci_hcd: stop threads [ 1495.508726][T11517] netlink: 'syz.0.17115': attribute type 1 has an invalid length. [ 1495.522114][ T36] vhci_hcd: release socket [ 1495.526613][ T36] vhci_hcd: disconnect device [ 1495.980981][T11532] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.17124'. [ 1496.329453][T11542] netlink: 16 bytes leftover after parsing attributes in process `syz.1.17128'. [ 1496.475004][T11546] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed [ 1496.605031][T11551] netlink: 28 bytes leftover after parsing attributes in process `syz.0.17132'. [ 1496.747780][T11557] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 1497.199314][T11571] ieee802154 phy1 wpan1: encryption failed: -22 [ 1497.259594][ T28] kauditd_printk_skb: 3 callbacks suppressed [ 1497.259614][ T28] audit: type=1326 audit(2000000796.001:1055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11572 comm="syz.2.17143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1497.337745][ T28] audit: type=1326 audit(2000000796.001:1056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11572 comm="syz.2.17143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1497.420675][T11576] netlink: 'syz.1.17144': attribute type 9 has an invalid length. [ 1497.437883][ T28] audit: type=1326 audit(2000000796.051:1057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11572 comm="syz.2.17143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1497.484110][T11576] netlink: 154020 bytes leftover after parsing attributes in process `syz.1.17144'. [ 1497.519423][ T28] audit: type=1326 audit(2000000796.051:1058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11572 comm="syz.2.17143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1497.550470][T11579] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 1497.573315][T11579] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1497.589851][ T28] audit: type=1326 audit(2000000796.051:1059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11572 comm="syz.2.17143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1497.613005][T11582] netlink: 'syz.2.17147': attribute type 2 has an invalid length. [ 1497.643351][T11582] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17147'. [ 1497.977166][T11595] netlink: 28 bytes leftover after parsing attributes in process `syz.3.17154'. [ 1498.176264][T11599] xt_TPROXY: Can be used only with -p tcp or -p udp [ 1498.278539][T11603] IPv6: Can't replace route, no match found [ 1498.377805][T11607] loop1: detected capacity change from 0 to 1024 [ 1498.389132][T11607] EXT4-fs: Ignoring removed bh option [ 1498.454903][T11607] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1498.532320][T11607] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1498.671581][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1498.777127][ C1] vkms_vblank_simulate: vblank timer overrun [ 1499.387176][T11637] loop0: detected capacity change from 0 to 1024 [ 1499.598465][T11641] loop3: detected capacity change from 0 to 4096 [ 1499.599703][T29595] hfsplus: b-tree write err: -5, ino 4 [ 1499.639290][T11645] netlink: 'syz.2.17179': attribute type 5 has an invalid length. [ 1499.666467][T11646] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1499.781617][T11648] netlink: 'syz.1.17180': attribute type 2 has an invalid length. [ 1500.022259][T11650] loop0: detected capacity change from 0 to 4096 [ 1500.325808][T11660] __nla_validate_parse: 1 callbacks suppressed [ 1500.325828][T11660] netlink: 12 bytes leftover after parsing attributes in process `syz.1.17185'. [ 1500.370752][T11660] (unnamed net_device) (uninitialized): option ad_actor_system: mode dependency failed, not supported in mode balance-rr(0) [ 1500.649114][T11670] netlink: 4 bytes leftover after parsing attributes in process `syz.1.17190'. [ 1501.176609][T11688] loop2: detected capacity change from 0 to 512 [ 1501.181665][T11691] dlm: plock device version mismatch: kernel (1.2.0), user (1.8192.0) [ 1501.194303][T11688] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1501.248516][T11688] EXT4-fs (loop2): filesystem is read-only [ 1501.254499][T11688] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 1501.262195][T11686] loop3: detected capacity change from 0 to 4096 [ 1501.332663][T11688] EXT4-fs (loop2): filesystem is read-only [ 1501.361941][T11688] EXT4-fs (loop2): orphan cleanup on readonly fs [ 1501.424150][T11688] EXT4-fs error (device loop2): ext4_orphan_get:1398: inode #16: comm syz.2.17199: iget: bad i_size value: 648518346341360424 [ 1501.468943][T11699] tmpfs: Bad value for 'mpol' [ 1501.519097][T11688] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.17199: couldn't read orphan inode 16 (err -117) [ 1501.587594][T11688] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1501.822594][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1502.381873][T11721] ALSA: mixer_oss: invalid OSS volume 'u' [ 1502.478090][T11728] No source specified [ 1502.584259][T11732] netlink: 44 bytes leftover after parsing attributes in process `syz.2.17220'. [ 1502.927185][T11746] netlink: 28 bytes leftover after parsing attributes in process `syz.0.17227'. [ 1502.936672][T11746] netlink: 28 bytes leftover after parsing attributes in process `syz.0.17227'. [ 1502.956535][T11746] netlink: 36 bytes leftover after parsing attributes in process `syz.0.17227'. [ 1503.058048][ T9] usb 4-1: new high-speed USB device number 114 using dummy_hcd [ 1503.238978][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 1503.280433][ T9] usb 4-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 1503.302653][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1503.329498][ T9] usb 4-1: Product: syz [ 1503.333739][ T9] usb 4-1: Manufacturer: syz [ 1503.352747][ T9] usb 4-1: SerialNumber: syz [ 1503.390842][ T9] usb 4-1: config 0 descriptor?? [ 1503.646113][ T9] speedtch 4-1:0.0: speedtch_bind: wrong device class 68 [ 1503.683470][ T9] speedtch 4-1:0.0: usbatm_usb_probe: bind failed: -19! [ 1503.735313][T11772] netlink: 200 bytes leftover after parsing attributes in process `syz.0.17239'. [ 1503.853060][ T9] usb 4-1: USB disconnect, device number 114 [ 1504.238178][ T4452] usb 1-1: new high-speed USB device number 101 using dummy_hcd [ 1504.357292][T11794] autofs4:pid:11794:autofs_fill_super: called with bogus options [ 1504.358060][T11796] loop2: detected capacity change from 0 to 256 [ 1504.447898][ T4452] usb 1-1: Using ep0 maxpacket: 8 [ 1504.455412][ T4452] usb 1-1: config 2 has an invalid interface number: 31 but max is 0 [ 1504.475188][ T4452] usb 1-1: config 2 has no interface number 0 [ 1504.495343][ T4452] usb 1-1: config 2 interface 31 has no altsetting 0 [ 1504.530926][ T4452] usb 1-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f [ 1504.554730][ T4452] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1504.580706][ T4452] usb 1-1: Product: syz [ 1504.585036][ T4452] usb 1-1: Manufacturer: syz [ 1504.625599][ T4452] usb 1-1: SerialNumber: syz [ 1504.651404][T11802] 8021q: VLANs not supported on lo [ 1505.032971][T11814] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17261'. [ 1505.098299][ T28] audit: type=1326 audit(2000000803.851:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11815 comm="syz.2.17262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1505.136092][ T4452] ch9200: probe of 1-1:2.31 failed with error -22 [ 1505.168286][ T4452] usb 1-1: USB disconnect, device number 101 [ 1505.177334][ T28] audit: type=1326 audit(2000000803.851:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11815 comm="syz.2.17262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1505.276748][T11819] loop3: detected capacity change from 0 to 512 [ 1505.277399][ T28] audit: type=1326 audit(2000000803.861:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11815 comm="syz.2.17262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1505.319561][ T28] audit: type=1326 audit(2000000803.861:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11815 comm="syz.2.17262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1505.351490][ T28] audit: type=1326 audit(2000000803.861:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11815 comm="syz.2.17262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1505.400707][T11819] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1505.428032][T11819] ext4 filesystem being mounted at /4116/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1505.545553][T11819] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #15: comm syz.3.17264: corrupted xattr block 33: e_value out of bounds [ 1505.632608][T11828] loop1: detected capacity change from 0 to 4096 [ 1505.663597][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1505.667561][ T28] audit: type=1326 audit(2000000804.421:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11830 comm="syz.2.17268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1505.747842][ T28] audit: type=1326 audit(2000000804.421:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11830 comm="syz.2.17268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1505.857837][ T28] audit: type=1326 audit(2000000804.461:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11830 comm="syz.2.17268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1505.983806][ T28] audit: type=1326 audit(2000000804.461:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11830 comm="syz.2.17268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1506.025139][ T28] audit: type=1326 audit(2000000804.461:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11830 comm="syz.2.17268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa97539aeb9 code=0x7ffc0000 [ 1506.245822][T11846] mac80211_hwsim hwsim12 wlan0: entered promiscuous mode [ 1506.265642][T11846] mac80211_hwsim hwsim12 wlan0: left allmulticast mode [ 1507.002318][T11870] bond7: entered promiscuous mode [ 1507.035109][T11873] loop1: detected capacity change from 0 to 512 [ 1507.118875][T11873] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1507.139036][T11873] EXT4-fs: Ignoring removed i_version option [ 1507.168268][T11873] EXT4-fs (loop1): 1 orphan inode deleted [ 1507.189525][T11873] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1507.202250][T11881] netlink: 12 bytes leftover after parsing attributes in process `syz.3.17291'. [ 1507.351473][T11887] netlink: 'syz.0.17294': attribute type 1 has an invalid length. [ 1507.598080][ T2731] usb 2-1: new full-speed USB device number 99 using dummy_hcd [ 1507.717350][T11897] netlink: 156 bytes leftover after parsing attributes in process `syz.0.17299'. [ 1507.781029][T11895] loop2: detected capacity change from 0 to 4096 [ 1507.795566][T11895] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 1507.799762][ T2731] usb 2-1: config 0 has an invalid interface number: 120 but max is 0 [ 1507.844635][ T2731] usb 2-1: config 0 has no interface number 0 [ 1507.864932][ T2731] usb 2-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid maxpacket 12349, setting to 64 [ 1507.901489][T11895] ntfs3: loop2: ino=1e, "file1" failed to parse mft record [ 1507.911755][ T2731] usb 2-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58 [ 1507.929623][T11895] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 1507.941516][ T2731] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1507.979618][ T2731] usb 2-1: config 0 descriptor?? [ 1507.987069][T11895] ntfs3: loop2: ino=1e, "file1" attr_set_size [ 1508.001002][T11873] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1508.015746][ T2731] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.120/input/input70 [ 1508.104801][ C1] usbtouchscreen 2-1:0.120: usbtouch_irq - usb_submit_urb failed with result: -1 [ 1508.127491][T11901] loop3: detected capacity change from 0 to 4096 [ 1508.165398][ C1] usbtouchscreen 2-1:0.120: usbtouch_irq - usb_submit_urb failed with result: -1 [ 1508.273951][T11901] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1508.314896][T11907] loop0: detected capacity change from 0 to 16 [ 1508.337522][T11907] erofs: (device loop0): mounted with root inode @ nid 36. [ 1508.396958][T11907] erofs: (device loop0): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 32768 [ 1508.438026][T11907] erofs: (device loop0): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 32768 [ 1508.482687][ T4452] usb 2-1: USB disconnect, device number 99 [ 1508.489221][T11907] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 32811 of nid 36 [ 1508.541837][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1508.660464][T11911] loop2: detected capacity change from 0 to 16 [ 1508.692257][T11911] erofs: (device loop2): mounted with root inode @ nid 36. [ 1509.117239][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1509.967950][ T788] usb 2-1: new low-speed USB device number 100 using dummy_hcd [ 1510.135416][T11957] netlink: 40 bytes leftover after parsing attributes in process `syz.2.17327'. [ 1510.166591][ T788] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 1510.179009][ T788] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1510.191559][ T788] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1510.212170][ T788] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1510.233870][ T788] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1510.267150][ T788] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 1510.285406][ T788] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1510.353269][ T788] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1510.383763][ T788] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1510.435653][ T788] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1510.467419][ T788] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 1510.487395][ T788] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1510.507792][ T788] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1510.527923][ T788] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1510.567932][ T788] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1510.610434][ T788] usb 2-1: string descriptor 0 read error: -22 [ 1510.637434][ T788] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 1510.652728][ T788] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1510.717204][ T788] adutux 2-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 1510.993231][T11979] loop0: detected capacity change from 0 to 1024 [ 1511.029008][T11979] EXT4-fs: Ignoring removed mblk_io_submit option [ 1511.053790][ T788] usb 2-1: USB disconnect, device number 100 [ 1511.068936][T11979] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1511.112888][T11979] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1511.267436][T11991] netlink: 'syz.2.17343': attribute type 2 has an invalid length. [ 1511.286736][T11991] netlink: 'syz.2.17343': attribute type 8 has an invalid length. [ 1511.295335][T11991] netlink: 132 bytes leftover after parsing attributes in process `syz.2.17343'. [ 1511.367951][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1511.723071][T12003] netlink: 44 bytes leftover after parsing attributes in process `syz.2.17349'. [ 1511.737587][T12003] netlink: 43 bytes leftover after parsing attributes in process `syz.2.17349'. [ 1511.755352][T12003] netlink: 'syz.2.17349': attribute type 6 has an invalid length. [ 1511.791346][T12003] netlink: 'syz.2.17349': attribute type 5 has an invalid length. [ 1511.807599][T12003] netlink: 43 bytes leftover after parsing attributes in process `syz.2.17349'. [ 1512.082536][T12015] netlink: 'syz.0.17355': attribute type 1 has an invalid length. [ 1512.115889][T12015] netlink: 'syz.0.17355': attribute type 3 has an invalid length. [ 1512.119671][T12017] netlink: 72 bytes leftover after parsing attributes in process `syz.3.17356'. [ 1512.156488][T12015] netlink: 224 bytes leftover after parsing attributes in process `syz.0.17355'. [ 1512.388462][T12025] loop0: detected capacity change from 0 to 256 [ 1512.589772][T12030] loop3: detected capacity change from 0 to 8 [ 1512.633402][T12030] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 1512.716770][T12030] cramfs: Error -3 while decompressing! [ 1512.754808][T12030] cramfs: ffffffff973f4348(18)->ffff888075a6a000(4096) [ 1512.787450][T12030] cramfs: Error -3 while decompressing! [ 1512.795324][T12030] cramfs: ffffffff973f4348(18)->ffff888075a6a000(4096) [ 1512.826980][ T28] audit: type=1800 audit(2000000811.581:1070): pid=12030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.17363" name="file1" dev="loop3" ino=324 res=0 errno=0 [ 1513.284198][T12051] netlink: 'syz.1.17373': attribute type 6 has an invalid length. [ 1513.591526][T12061] loop1: detected capacity change from 0 to 2048 [ 1513.619755][T12065] netlink: 14 bytes leftover after parsing attributes in process `syz.3.17380'. [ 1513.634814][T12061] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 1513.673540][T12061] UDF-fs: Scanning with blocksize 512 failed [ 1513.685525][T12067] netlink: 40 bytes leftover after parsing attributes in process `syz.2.17381'. [ 1513.727967][T12061] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 1513.735775][T12061] UDF-fs: Scanning with blocksize 1024 failed [ 1513.817494][T12069] ipvlan0: entered promiscuous mode [ 1513.825891][T12061] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=515, location=515 [ 1513.864039][T12061] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 1513.907312][T12061] UDF-fs: Scanning with blocksize 2048 failed [ 1513.915506][T12061] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=259, location=259 [ 1513.945287][T12061] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=515, location=515 [ 1513.965286][T12061] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 1513.973678][T12061] UDF-fs: Scanning with blocksize 4096 failed [ 1513.980496][T12061] UDF-fs: warning (device loop1): udf_fill_super: No partition found (1) [ 1515.027792][ T4452] usb 2-1: new high-speed USB device number 101 using dummy_hcd [ 1515.069488][T12111] loop3: detected capacity change from 0 to 128 [ 1515.091757][T12112] netlink: 'syz.2.17402': attribute type 1 has an invalid length. [ 1515.102378][T12111] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 1515.239096][ T4452] usb 2-1: Using ep0 maxpacket: 32 [ 1515.256740][ T4452] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1515.274195][T12117] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: invalid value (6) [ 1515.287489][ T4452] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 1515.309698][ T4452] usb 2-1: config 0 interface 0 altsetting 245 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1515.373802][ T4452] usb 2-1: config 0 interface 0 has no altsetting 1 [ 1515.387120][ T4452] usb 2-1: New USB device found, idVendor=0582, idProduct=0016, bcdDevice=8e.57 [ 1515.410151][ T4452] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1515.428001][ T4452] usb 2-1: Product: syz [ 1515.432918][ T4452] usb 2-1: Manufacturer: syz [ 1515.437558][ T4452] usb 2-1: SerialNumber: syz [ 1515.467146][ T4452] usb 2-1: config 0 descriptor?? [ 1515.541276][T12124] program syz.0.17409 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1515.794672][T12132] loop3: detected capacity change from 0 to 256 [ 1515.833096][T12132] FAT-fs (loop3): Directory bread(block 64) failed [ 1515.852592][T12132] FAT-fs (loop3): Directory bread(block 65) failed [ 1515.864351][T12132] FAT-fs (loop3): Directory bread(block 66) failed [ 1515.886853][T12132] FAT-fs (loop3): Directory bread(block 67) failed [ 1515.905013][T12132] FAT-fs (loop3): Directory bread(block 68) failed [ 1515.934487][ T4452] usb 2-1: USB disconnect, device number 101 [ 1515.947473][T12132] FAT-fs (loop3): Directory bread(block 69) failed [ 1515.951136][ T2731] IPVS: starting estimator thread 0... [ 1515.960135][T12135] xt_TCPMSS: Only works on TCP SYN packets [ 1515.975759][T12132] FAT-fs (loop3): Directory bread(block 70) failed [ 1516.004172][T12132] FAT-fs (loop3): Directory bread(block 71) failed [ 1516.024706][T12132] FAT-fs (loop3): Directory bread(block 72) failed [ 1516.034711][T12132] FAT-fs (loop3): Directory bread(block 73) failed [ 1516.081759][T12137] IPVS: using max 17 ests per chain, 40800 per kthread [ 1516.675103][T12156] netlink: 'syz.1.17424': attribute type 5 has an invalid length. [ 1516.815583][T12159] loop2: detected capacity change from 0 to 64 [ 1516.881098][T12159] [ 1516.883505][T12159] ====================================================== [ 1516.890567][T12159] WARNING: possible circular locking dependency detected [ 1516.897706][T12159] syzkaller #0 Not tainted [ 1516.902328][T12159] ------------------------------------------------------ [ 1516.909480][T12159] syz.2.17426/12159 is trying to acquire lock: [ 1516.915852][T12159] ffff88807f7700b0 (&tree->tree_lock#2/1){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0 [ 1516.925685][T12159] [ 1516.925685][T12159] but task is already holding lock: [ 1516.933170][T12159] ffff88802f12c878 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xff/0x1380 [ 1516.944201][T12159] [ 1516.944201][T12159] which lock already depends on the new lock. [ 1516.944201][T12159] [ 1516.954835][T12159] [ 1516.954835][T12159] the existing dependency chain (in reverse order) is: [ 1516.963889][T12159] [ 1516.963889][T12159] -> #1 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}: [ 1516.973149][T12159] __mutex_lock+0x136/0xcc0 [ 1516.978216][T12159] hfs_extend_file+0xff/0x1380 [ 1516.983540][T12159] hfs_bmap_reserve+0x107/0x430 [ 1516.988917][T12159] __hfs_ext_write_extent+0x1fa/0x470 [ 1516.994811][T12159] hfs_ext_write_extent+0x17f/0x210 [ 1517.000851][T12159] hfs_write_inode+0xdc/0x880 [ 1517.006097][T12159] __writeback_single_inode+0x705/0xec0 [ 1517.012289][T12159] writeback_sb_inodes+0x7cd/0xf50 [ 1517.017946][T12159] wb_writeback+0x46a/0xbf0 [ 1517.023120][T12159] wb_workfn+0x400/0xe60 [ 1517.027931][T12159] process_scheduled_works+0xa5d/0x15d0 [ 1517.034065][T12159] worker_thread+0xa55/0xfc0 [ 1517.039220][T12159] kthread+0x2fa/0x390 [ 1517.043850][T12159] ret_from_fork+0x48/0x80 [ 1517.048919][T12159] ret_from_fork_asm+0x11/0x20 [ 1517.054333][T12159] [ 1517.054333][T12159] -> #0 (&tree->tree_lock#2/1){+.+.}-{3:3}: [ 1517.062491][T12159] __lock_acquire+0x2df1/0x7d40 [ 1517.067922][T12159] lock_acquire+0x19e/0x420 [ 1517.073452][T12159] __mutex_lock+0x136/0xcc0 [ 1517.078534][T12159] hfs_find_init+0x17e/0x1f0 [ 1517.083711][T12159] hfs_extend_file+0x361/0x1380 [ 1517.089199][T12159] hfs_bmap_reserve+0x107/0x430 [ 1517.094614][T12159] hfs_cat_create+0x1fe/0x6b0 [ 1517.099858][T12159] hfs_mkdir+0x6c/0xe0 [ 1517.104491][T12159] vfs_mkdir+0x296/0x440 [ 1517.109339][T12159] do_mkdirat+0x1dc/0x450 [ 1517.114264][T12159] __x64_sys_mkdirat+0x89/0xa0 [ 1517.119677][T12159] do_syscall_64+0x55/0xa0 [ 1517.124644][T12171] netlink: 'syz.1.17431': attribute type 7 has an invalid length. [ 1517.132567][T12159] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1517.139122][T12159] [ 1517.139122][T12159] other info that might help us debug this: [ 1517.139122][T12159] [ 1517.149387][T12159] Possible unsafe locking scenario: [ 1517.149387][T12159] [ 1517.156868][T12159] CPU0 CPU1 [ 1517.162261][T12159] ---- ---- [ 1517.167656][T12159] lock(&HFS_I(tree->inode)->extents_lock); [ 1517.173770][T12159] lock(&tree->tree_lock#2/1); [ 1517.181215][T12159] lock(&HFS_I(tree->inode)->extents_lock); [ 1517.189850][T12159] lock(&tree->tree_lock#2/1); [ 1517.194758][T12159] [ 1517.194758][T12159] *** DEADLOCK *** [ 1517.194758][T12159] [ 1517.202935][T12159] 4 locks held by syz.2.17426/12159: [ 1517.208255][T12159] #0: ffff88807efe4418 (sb_writers#21){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 1517.217570][T12159] #1: ffff88802f12eab8 (&type->i_mutex_dir_key#13/1){+.+.}-{3:3}, at: filename_create+0x20c/0x480 [ 1517.228366][T12159] #2: ffff88807c6900b0 (&tree->tree_lock#2){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0 [ 1517.238295][T12159] #3: ffff88802f12c878 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xff/0x1380 [ 1517.249860][T12159] [ 1517.249860][T12159] stack backtrace: [ 1517.255946][T12159] CPU: 0 PID: 12159 Comm: syz.2.17426 Not tainted syzkaller #0 [ 1517.263617][T12159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1517.273722][T12159] Call Trace: [ 1517.277040][T12159] [ 1517.280007][T12159] dump_stack_lvl+0x18c/0x250 [ 1517.284737][T12159] ? load_image+0x400/0x400 [ 1517.289289][T12159] ? show_regs_print_info+0x20/0x20 [ 1517.294546][T12159] ? print_circular_bug+0x12b/0x1a0 [ 1517.294710][T12178] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17435'. [ 1517.299770][T12159] check_noncircular+0x2fc/0x400 [ 1517.299803][T12159] ? look_up_lock_class+0x75/0x140 [ 1517.299829][T12159] ? print_deadlock_bug+0x5d0/0x5d0 [ 1517.299852][T12159] ? lockdep_lock+0xf5/0x230 [ 1517.299876][T12159] ? _find_first_zero_bit+0xd3/0x100 [ 1517.299898][T12159] __lock_acquire+0x2df1/0x7d40 [ 1517.299933][T12159] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 1517.310330][T12178] netlink: 'syz.3.17435': attribute type 8 has an invalid length. [ 1517.313893][T12159] ? verify_lock_unused+0x140/0x140 [ 1517.358365][T12159] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 1517.364313][T12159] ? _raw_spin_unlock+0x40/0x40 [ 1517.369245][T12159] ? stack_trace_save+0xaa/0x100 [ 1517.374335][T12159] ? stack_trace_snprint+0xf0/0xf0 [ 1517.379495][T12159] lock_acquire+0x19e/0x420 [ 1517.384044][T12159] ? hfs_find_init+0x17e/0x1f0 [ 1517.388857][T12159] ? hfs_extend_file+0x361/0x1380 [ 1517.393926][T12159] ? hfs_bmap_reserve+0x107/0x430 [ 1517.399077][T12159] ? do_syscall_64+0x55/0xa0 [ 1517.403721][T12159] ? __might_sleep+0xe0/0xe0 [ 1517.408452][T12159] ? read_lock_is_recursive+0x20/0x20 [ 1517.413878][T12159] __mutex_lock+0x136/0xcc0 [ 1517.418433][T12159] ? hfs_find_init+0x17e/0x1f0 [ 1517.423245][T12159] ? hfs_find_init+0x17e/0x1f0 [ 1517.428156][T12159] ? mutex_lock_nested+0x20/0x20 [ 1517.433225][T12159] ? __kmem_cache_alloc_node+0x13a/0x250 [ 1517.438921][T12159] ? hfs_find_init+0xa7/0x1f0 [ 1517.444519][T12159] ? hfs_find_init+0xa7/0x1f0 [ 1517.449336][T12159] ? __kmalloc+0xe2/0x230 [ 1517.453716][T12159] hfs_find_init+0x17e/0x1f0 [ 1517.458358][T12159] hfs_extend_file+0x361/0x1380 [ 1517.463257][T12159] ? hfs_get_block+0xc50/0xc50 [ 1517.468059][T12159] ? rcu_is_watching+0x15/0xb0 [ 1517.472864][T12159] ? trace_contention_end+0x39/0xe0 [ 1517.478098][T12159] ? __mutex_lock+0x315/0xcc0 [ 1517.482838][T12159] ? mutex_lock_nested+0x20/0x20 [ 1517.487830][T12159] hfs_bmap_reserve+0x107/0x430 [ 1517.492741][T12159] hfs_cat_create+0x1fe/0x6b0 [ 1517.497511][T12159] ? hfs_cat_build_key+0x170/0x170 [ 1517.502676][T12159] ? _raw_spin_unlock+0x28/0x40 [ 1517.507574][T12159] ? hfs_new_inode+0x92d/0xc00 [ 1517.512378][T12159] hfs_mkdir+0x6c/0xe0 [ 1517.516489][T12159] vfs_mkdir+0x296/0x440 [ 1517.520775][T12159] do_mkdirat+0x1dc/0x450 [ 1517.525142][T12159] ? vfs_mkdir+0x440/0x440 [ 1517.529599][T12159] __x64_sys_mkdirat+0x89/0xa0 [ 1517.534407][T12159] do_syscall_64+0x55/0xa0 [ 1517.538868][T12159] ? clear_bhb_loop+0x40/0x90 [ 1517.543766][T12159] ? clear_bhb_loop+0x40/0x90 [ 1517.548475][T12159] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1517.554381][T12159] RIP: 0033:0x7fa975399d97 [ 1517.558797][T12159] Code: 00 66 90 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 db f7 ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1517.578625][T12159] RSP: 002b:00007fa976222e58 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1517.587046][T12159] RAX: ffffffffffffffda RBX: 00007fa976222ee0 RCX: 00007fa975399d97 [ 1517.595148][T12159] RDX: 00000000000001ff RSI: 00002000000001c0 RDI: 00000000ffffff9c [ 1517.603187][T12159] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1517.611155][T12159] R10: 0000000000000000 R11: 0000000000000246 R12: 00002000000001c0 [ 1517.619161][T12159] R13: 00007fa976222ea0 R14: 0000000000000000 R15: 0000000000000000 [ 1517.627150][T12159]