last executing test programs: 1.817885441s ago: executing program 3 (id=3851): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_netdev_private(r0, 0x8942, &(0x7f0000000a00)="4749c2368bb8dd2c7f17323cf53a") 1.587379812s ago: executing program 3 (id=3856): setresuid(0xee01, 0xee00, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="184f000008000000d4000000f10000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x1, 0x473, &(0x7f0000000280)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff60}, 0x48) 1.485647726s ago: executing program 3 (id=3859): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a88000/0x2000)=nil, 0x3) 1.361983341s ago: executing program 3 (id=3863): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000340)=@newsa={0x184, 0x10, 0x713, 0xffffffff, 0x0, {{@in=@loopback, @in=@broadcast}, {@in6=@remote, 0x0, 0x32}, @in6=@mcast1, {0x0, 0x0, 0x0, 0x0, 0x2b5}, {0x0, 0x5}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}, 0x0, 0x2}}]}, 0x184}, 0x1, 0x0, 0x0, 0x24008880}, 0x0) 1.090201303s ago: executing program 1 (id=3872): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@ipv4_newrule={0x28, 0x1e, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7}, [@FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x1ff}]}, 0x28}}, 0x4000000) 1.001738407s ago: executing program 3 (id=3874): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x38, &(0x7f0000000380)=[@in6={0xa, 0x4e23, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x2}, @in6={0xa, 0x4e23, 0x9, @ipv4={'\x00', '\xff\xff', @empty}, 0x1}]}, &(0x7f0000000180)=0x10) 954.495139ms ago: executing program 3 (id=3876): syz_usb_connect(0x3, 0x3f, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0x32, 0x53, 0x26, 0x20, 0x424, 0x9908, 0x2e38, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x81, 0x3c, 0x20, 0x0, [{{0x9, 0x4, 0xf9, 0xf7, 0x3, 0x88, 0x3, 0xd9, 0x1, [], [{{0x9, 0x5, 0x8, 0x2, 0x200, 0x6, 0x8, 0x7}}, {{0x9, 0x5, 0x81, 0x2, 0x20, 0x9, 0x6, 0x7}}, {{0x9, 0x5, 0xa, 0x8, 0x0, 0x0, 0xa5, 0x5}}]}}]}}]}}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0}) syz_usb_connect(0x3, 0x608, &(0x7f0000000400)={{0x12, 0x1, 0x201, 0xff, 0x66, 0xd2, 0x8, 0x644, 0x8020, 0x9426, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f6, 0x2, 0x9, 0x8, 0x80, 0x6, [{{0x9, 0x4, 0xee, 0x7, 0xd, 0x2, 0xb1, 0xde, 0x7, [@hid_hid={0x9, 0x21, 0x6, 0xff, 0x1, {0x22, 0x532}}, @generic={0xc8, 0x21, "d69bef2c21a32ef6bbfff1bfd030d0a6f74f9c67add9cf20551f2a2d3d588158fc9e2c8bbba6cd57edb2ee8b37f6423dfbdf1dc2bf9a4800da7334dc766049eec8585c67e2c2d74f2c2fea5e7075533b5427d41b594d87b02713c6272dde218c31f66a8e97237a9baf72e7c30ba36fd4603fb4e0dd983f4989c52b52eabc654bf240cdae58421b34df25f3c198ed19c9d837e7f426f09c98a9350cd257649178d5a70faf6ba12945e0789c1cf3c0390824fa1ee87fe76c1267808e86512737d2488e628c1e55"}], [{{0x9, 0x5, 0x9, 0x0, 0x400, 0x7, 0xde, 0x7, [@generic={0x50, 0x30, "f224e77a31c9e1a2fc203513f7e358e487945fc62d716c86b71e2c6bb4e264592959bef61abb3515e90d0ce1997138a9f8a1f3194245aba8958e6eb89f9b9bd247845d52f90b921591f16d96bf39"}, @generic={0x1a, 0x22, "b1febd5a2b80d4ec6c0408bea671cbf31d8613cba41874f3"}]}}, {{0x9, 0x5, 0xc, 0x3, 0x200, 0x5, 0x0, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0xfa, 0x1}, @generic={0xbb, 0x6, "3a48cfbd44cb2c67f7c237739442308146c708cfcef78046d306f289490243d60efe95051e683636bec83a9153d94173e5b67a0bdaa305e9188d98126667c2362f2653e10457e24c29e290e94db90333a89d24fbc1f3e0bc6da27db6338bd6092b93faeea3f8ec8c6fc0195295ca79aefa0af55a1248f52b4310e70a906a1361394f19371e5162460370a77a46f3b1a65d7460e5b8e14792fa97673311b4829ca6f509f4a6ffbd8fcb69e17f2d6b2f3db02882bb99b0181fb3"}]}}, {{0x9, 0x5, 0xa, 0x3e95fe3052b1860c, 0x3ff, 0x9, 0x7, 0x8}}, {{0x9, 0x5, 0x4, 0x10, 0x400, 0x3, 0x5, 0xa}}, {{0x9, 0x5, 0x4, 0x8921b6c9b1630e2f, 0x0, 0x4, 0x4, 0xfc}}, {{0x9, 0x5, 0x2, 0xc, 0x8, 0x1, 0x0, 0x4}}, {{0x9, 0x5, 0x8, 0x0, 0x20, 0xd, 0x0, 0x4, [@generic={0x92, 0x10, "e4d39771d0b447458cb6f7c8136daadc8ec94150d32d82f6ee10060002b674969bef6bd844a7fc130473251e5334f7c8f30a75eea78565fc4b08344b322c2c5ad658b761653b7d385684e11383cc5c289df17e4426abeb3104a8c8988252cca629aee84e7edad20ac274c08e703abe87a1bab0017dd962864fb6d210eeb02d0637d03ee0dbe1c1adbe597025f20233a1"}]}}, {{0x9, 0x5, 0x0, 0x10, 0x8, 0x2, 0x16, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x47, 0x89, 0x6}, @generic={0xec, 0x30, "09201d0c79d9eca720f8bbada7417517e5b3959679a8434a794d7fb241b8dbefa767f46fd3b6a18ba5f994040c0b75698309c4fa8143a7b0fa04da26c8f2bce9ea0bbef2b8c7ffc6865739d643868b79c3676fb27734d80fcfd1adf5dd6ef65e628da940e91272bb23729d2efeb1d3af7ffa5fa76f30bfaf570cd03244efe65073cba3406f86ab34f487233e75c7d40e2e7365ee65ad45ed944446ac6297506604b166a914ed07bb7c1433aa13107aca5312a4db3549c0c86a01f822317ae025ea6b4bd40ff8a9895d105395e8bae9c23a5dfcf5ee375f36aa42aa3359d5154717c6a07fed71332a3e89"}]}}, {{0x9, 0x5, 0x6, 0x0, 0x10, 0xed, 0x7f, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x0, 0x3}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x40, 0x2}]}}, {{0x9, 0x5, 0x5, 0x2, 0x8, 0xcb, 0xcc, 0x2, [@generic={0xf0, 0xa, "73f7878972bde97ff02cd7c7d69b38e722c5a920a97e392bd19bdfb2d820cc87871e6a832b14c0fdf24519154d35295ad8fd1435ff328fadd9b506dc60b605bb1130f6664fbea29e63b207b618a73cb16a53ff6bad48a308dbe19bce70940d01c56a1c390b5bef73dc26b589ff2150b90fefe36995f2f5975ccf7be9db466167a4a259f00c2c55b939f18766fe106e258f009db6cfe28976e9d4e242239321ead163f3ae00a365fc103ea630876b301bd01106e684b433efded5ded9e477b01a9a1c12db13b5fcd299bd306052b26f1d6029fa170ed53c3a030620dc00f3af77eb77ca54af1b869dc6acf7aa475a"}]}}, {{0x9, 0x5, 0x67917ef915706de4, 0x4, 0x3ff, 0x5, 0x8, 0x6, [@generic={0x79, 0x30, "93b6a52c986e4cdebc4ece7d9c6ded6a22cbb9dd1353bba17f88c0f75ad40c0ed00d5402fe508f7ed13eee555a41bbe5fa3769d4a2a7c2c54ac2c3adc9f7f62dd516dc75a7389330dc0eab64e288d77a7d1950fdb850922dd222b641af7c8ef42fce8da1dbd889397f1caf607f20a219ecffc5caa0be62"}]}}, {{0x9, 0x5, 0xc, 0x4, 0x3ff, 0x15, 0xfd, 0x6, [@generic={0x4, 0x1, "e550"}]}}, {{0x9, 0x5, 0x2, 0x0, 0x8, 0x3, 0x7, 0x4}}]}}, {{0x9, 0x4, 0xb1, 0x9, 0x1, 0x47, 0x6c, 0x1, 0x34, [@cdc_ecm={{0xb, 0x24, 0x6, 0x0, 0x0, "5a4db918e76e"}, {0x5, 0x24, 0x0, 0x4}, {0xd, 0x24, 0xf, 0x1, 0x9a27, 0x0, 0x4, 0x7}, [@mdlm={0x15}, @acm={0x4, 0x24, 0x2, 0xe}, @country_functional={0x12, 0x24, 0x7, 0x2, 0xb26b, [0x7f, 0xe, 0x4, 0x7ff, 0x7fff, 0xfffa]}, @obex={0x5, 0x24, 0x15, 0x6}, @network_terminal={0x7, 0x24, 0xa, 0x5, 0x5, 0x2, 0x7f}, @country_functional={0xc, 0x24, 0x7, 0x7, 0x5ce, [0x7, 0x8, 0xa]}]}], [{{0x9, 0x5, 0xf, 0x10, 0x20, 0xdc, 0x3, 0xb9}}]}}]}}]}}, &(0x7f0000000b40)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x300, 0x0, 0x9, 0x3, 0x0, 0x7f}, 0x36, &(0x7f0000000080)={0x5, 0xf, 0x36, 0x3, [@ssp_cap={0x1c, 0x10, 0xa, 0xd, 0x4, 0x6, 0x0, 0x7, [0x30, 0xff00f0, 0x3f00, 0xff1f40]}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x4, 0x2, 0xf3, 0x843}, @wireless={0xb, 0x10, 0x1, 0x4, 0x22, 0xe, 0xe9, 0x40, 0x21}]}, 0x5, [{0x100, &(0x7f00000000c0)=@string={0x100, 0x3, "7e3641cedffa6d53216d86fe40980ba83bba5004a9b84179af092fbe234a6ff7fd512f4fee309a1b0d126f7b22934269da02b8ed2c94a84dd9a314be639396ae105d42d1afeadad9459869b9025147ade96c6bba6f3d138b25e6926f98e6e6cd5ff9f40de47e89ddb96951b3b9f0337c1766dd9bc74dbe219b3322affb4a5ca4af64c6931b93aa9463a7534e268347280fcd957003e6f066597c91d8b2517094d005137bf617bc3ffc8d0333c1605e522769390021146a848aa605fee21115b1f08c3cb6649566fe0a0b2a2fc49f2acd5a0fc61c5d22849e6680ff049d08bf679080bcf33d4c78d6b7b248af9452f65d0dad5826dbcb5d526f51a0eea655"}}, {0x8b, &(0x7f00000001c0)=@string={0x8b, 0x3, "c059a79105cd4b04ac5424a8a6237991f2d085d0464cdf99991ed1c5856356a9f099aed411b808607c18a274f334c7c4d3ac8e2d662ba3a8974aaebe1c6810bcee409647c0a3e0ac602d73c3fe7242ce50d3e13f8e82308447232a044107934018ec17dfc8b8e5b94d5fbea549a754a669c20554327893e52130d80872873b9c7c153f1085c1b25e22"}}, {0x85, &(0x7f0000000280)=@string={0x85, 0x3, "9e8bd9f277bff20064581269024afc531abf448e603d4957ee3cee850094ba285ecaefebe7d160c60e89912ded65bf88ae08819942fb24af8ae8f4e5593ca6648ff9ecbd94d33d2e0cc67bcec46970cfe5c2b1a347c468881be32f7a575af084051c0b008d92d9c7db22ea0e189663a764b9b12bee8fb3efebbc98e0ca364436e49084"}}, {0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x180c}}, {0xd9, &(0x7f0000000a40)=@string={0xd9, 0x3, "677566edb6f782462cbc0b4bbc5786bdbbf830c8633b6d20ec96e2fde7b646f1310630a281d6351ad1408777d0094b25732526324897c594b17d258024f97b3f4135b310ad4b413561fb082ec5df2fd33ffb5798ead02e908fd1e8a4dd98cfb5a39bd7a494995c206144e70f08b47242e3744028c811bd8de929d571c2b6ab7c5d6bc66f3ac4cc50048a6a1e5a63b1af3468bfd52e82a2eb6230e95ed4d46bcef4b31d6caf6d74c58bca17c24381606a7c266649d0cf58649757d23ae33f42fdeb0a2a221580672936e4825aedfe16ed783d6555c69794"}}]}) 830.038874ms ago: executing program 1 (id=3878): mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) mbind(&(0x7f0000ff9000/0x7000)=nil, 0x7000, 0x4, 0x0, 0x0, 0x1) 645.938132ms ago: executing program 0 (id=3884): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020692500000000000020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d000000850000005000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0xffffffffffffff93, 0x0, 0x0, 0x3, 0x0, 0x960}, 0x13) 645.841512ms ago: executing program 4 (id=3885): r0 = syz_open_dev$video(&(0x7f0000000040), 0xa8, 0x0) ioctl$VIDIOC_G_CROP(r0, 0xc014563b, &(0x7f0000000340)={0xe, {0xffffff15, 0x9558, 0x9, 0xffffffff}}) 602.908544ms ago: executing program 1 (id=3886): r0 = fsopen(&(0x7f00000001c0)='devpts\x00', 0x1) fsconfig$FSCONFIG_SET_PATH(r0, 0x3, 0x0, 0x0, 0xffffffffffffffff) 593.278245ms ago: executing program 4 (id=3887): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x338, 0x138, 0x4c, 0x1a, 0x0, 0x73, 0x268, 0x258, 0x258, 0x268, 0x258, 0x3, 0x0, {[{{@uncond, 0x0, 0x108, 0x138, 0x0, {}, [@common=@inet=@socket1={{0x28}}, @common=@unspec=@connbytes={{0x38}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0xa}}, {{@uncond, 0x0, 0xf8, 0x130, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{}, {0x1, 0x3}, {0x4, 0x0, 0x4}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x398) 533.945727ms ago: executing program 0 (id=3889): r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000009c0), 0x183106, 0x0) read$msr(r0, 0x0, 0x0) 530.841817ms ago: executing program 1 (id=3899): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x3}]}, @IFLA_GROUP={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048054}, 0x0) 522.369768ms ago: executing program 2 (id=3890): mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0) ppoll(&(0x7f00000010c0)=[{}], 0x1, 0x0, 0x0, 0x0) 468.02964ms ago: executing program 4 (id=3891): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000ec0)=@raw={'raw\x00', 0x3c1, 0x3, 0x450, 0x0, 0x150, 0x150, 0x2b0, 0xf8010000, 0x380, 0x238, 0x238, 0x380, 0x238, 0x3, 0x0, {[{{@ipv6={@mcast1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, [], [], 'team_slave_0\x00', 'hsr0\x00', {}, {}, 0x84}, 0x0, 0x248, 0x2b0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'batadv0\x00', {0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x4}}}, @common=@inet=@sctp={{0x148}, {[], [], [], 0x0, [], 0x10000}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}, {{@ipv6={@empty, @mcast1, [], [], 'batadv_slave_0\x00', 'gre0\x00'}, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b0) 429.284221ms ago: executing program 2 (id=3892): r0 = syz_open_dev$radio(&(0x7f0000000540), 0x0, 0x2) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000600)={0x980000, 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0}) 373.823124ms ago: executing program 0 (id=3893): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$inet_int(r0, 0x0, 0x21, 0x0, &(0x7f0000000100)) 359.939795ms ago: executing program 4 (id=3894): r0 = syz_init_net_socket$ax25(0x3, 0x3, 0xcf) ioctl$SIOCAX25CTLCON(r0, 0x89e8, 0x0) 316.368766ms ago: executing program 0 (id=3895): r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) sendto$llc(r0, 0x0, 0x0, 0x4, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x1, 0xb1, 0x0, @broadcast}, 0x10) 305.851987ms ago: executing program 2 (id=3896): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_int(r0, 0x29, 0x19, 0x0, 0x0) 263.903849ms ago: executing program 4 (id=3897): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x810412, &(0x7f00000005c0)=ANY=[], 0x4, 0x1ef, &(0x7f00000001c0)="$eJzsmb+LE0EUx78z2dvcnSLYWNhYeOKJ3mZ3T+WaQ06wF+781Rm8TYhuEklWSAKCwSaNpYVg6z9gYZHKws7OVgsVBAtTWq/M7OzuZDcJKwoRfB+42e+8fTtv3tzyDSQgCOK/5euXn5+fXd05uADgKDZQVvHvpTSHa/mfXjw6/3z32svXH1+9ax17PM6uxwCEYfH6awDe7pUQRNMna5n7G+p6AJ7oG+A4p/QtMJxR+i44birtgeGO0vc13Y4L+J51r+0f1hq+Z4vBEYNbK2XqGwAmQ4ZDAKuytzBkkZR0+4MHVd/3OlmxEsZ1creKCBPp44vOT+5vj2NXzcX+xP/r9ujpUMwtFbe183PA4Si9DYZ9pXdQhmVZ6ZFo/Z800vX1M8o1wPItgf1+/39FHN+ailxZyjZMLKV3EnNF7hUVppVETkzG77VkQIpv/8rmi4gj05HYrXLJH9b/rFZsUjNzUn9iBnBW8ycDRuIflaD5sNLtD7YazWrdq3st192+bF+07UtuRRpRNC7wv1XpT+va+itzck1molcNgo7TA4KOk8zdaEwbwP6b9g/5DJf+x7F5OlpDvCqy7fLsGkz9cXkVajP7kUIQBEEQBEEQBEEQBEEQBFGY0dTsFJj8FjT6oSqWOdzrMvtXAAAA//+7YV3R") mount$fuseblk(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x280, 0x0) 263.076069ms ago: executing program 1 (id=3908): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=@newsa={0x188, 0x10, 0x713, 0x0, 0x0, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@private=0xa010102}, {@in=@local, 0x4d5, 0x33}, @in6=@loopback, {0x3, 0x0, 0x0, 0x800, 0x0, 0x4}, {}, {0x0, 0x20}, 0x0, 0x0, 0x2}, [@algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}, @algo_aead={0x4c, 0x12, {{'essiv(aegis128-aesni,sha224-generic)\x00'}}}]}, 0x188}}, 0x40) 166.079613ms ago: executing program 2 (id=3898): symlink(&(0x7f0000000dc0)='./file1\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') readlinkat(0xffffffffffffff9c, &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffffff, 0xb4) 165.890583ms ago: executing program 0 (id=3900): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1a, 0x0, &(0x7f0000001100)=0x8) 165.713133ms ago: executing program 1 (id=3901): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x800400, &(0x7f00000009c0)={[{@quota}]}, 0x1, 0x4f3, &(0x7f0000000a00)="$eJzs3c9rXFsdAPDvnSRt0uY5eeri+cD3iq+SFu1M0tg2uCgVxF1BrfsYkkkImWRCZtI2oZQU/wBBRBeuXLkR/AME6cZ9EQq6FxGl2FYXLtSRO3PHxnQmGV4nM+3k84HTe+6P3O/3dDq399x7yAng1LoQEbciYiQiLkdEPtuey0rsN0t63MsXD5bSkkS9fudvSSTZtta5kmx5Pvux8Yj4bnJgxwHV3b31xXK5tJ2tF2sbW8Xq7t6VtY3F1dJqaXNubvb6/I35a/MzPWvrzW/++Sc//MW3bv7mq/f+uPDXSw/TtCazfQfb0UvNpo81/i5aRiNi+ySCDcBI1p6xLo8/e8L5AABwtPQe/7MR8aXG/X8+Rhp3cwAAAMAwqScR/0oi6gAAAMDQyjXGwCa5QjYWYDJyuUKhOYb383EuV65Ua19ZqexsLjfHyk7FWG5lrVyaycYKT8VYkq7PNuqv1q8eWp+LiPcj4sf5iWTlbJQKS5Xy8qAffgAAAMApcf5Q//8f+Wb/HwAAABgyU4NOAAAAADhx+v8AAAAw/Dr2/xOTAQAAAMAQ+Pbt22mpt+a/Xr67u7NeuXtluVRdL2zsLBWWKttbhdVKZbVcKixVNo47X7lS2fpabO7cL9ZK1Vqxuru3sFHZ2awtNOb1Xih1O080AAAA0Dvvf/z4D0lE7H99olFSZ7J9+uow3HLHHzJxoJ6cZC5Af40MOgFgYD7dAF/DgmEYHNfHf16v9ykTYFCO69iPd9rxpPe5AAAAJ2P6C53f/wPDrYv3/23c6nkeQP95/w+nlzf5cHoZ4w+82ft/g4QAAOBdMNkoSa6QvQucjFyuUIh4rzEtwFiyslYuzUTEZyLi9/mxs+n67KCTBgAAAAAAAAAAAAAAAAAAAAAAAIB3TL2eRP2wM69vAgAAAN5dEbm/JNn8X9P5i5OHnw+cSf6Zbywj4t7P7vz0/mKttj2bbn+efzVrWLb9at8fXwAAAACp3/7/aquf3urHAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAP1ZPmcunliwdL/Qz87BsRMRWRxm2V5p7RGG8sx2MsIs79PYnRAz+X5jvSg/j7jyLig3bxkzStmMqyOBw/FxETA45/vgfx4TR7nF5/brX7/uXiQmPZ/vs3mpU39exCp+tf7n/Xv5EO17/3uozx4dNfFTvGfxTx4Wj7608rftIh/iddxv/+9/b2Ou2r/zxiOtrHPxirWNvYKlZ3966sbSyullZLm3Nzs9fnb8xfm58prqyVS9mfbWP86Iu//s9R7T/XIf7UMe2/2GX7//30/ovPvbb14dVW/EuftP/8Pzgifvpv4svZ/wPp/ulWfb9ZP+ijX/7uo6Pav9yh/cd9/pe6bP/l7/zgT10eCgD0QXV3b32xXC5tH1l5Escf079K6z7kbcknvRdKKzf7F7T16KGXZ/44Pd+JJj8Rb8XnpdJNZYAXJQAA4ES8uukfdCYAAAAAAAAAAAAAAAAAAABwevXj14kNuo0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN34bwAAAP//tfDGOw==") symlink(&(0x7f0000000b00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000940)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 142.116884ms ago: executing program 0 (id=3902): futex(&(0x7f000000cffc)=0x4, 0xb, 0x4, 0x0, &(0x7f0000000000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000), 0x0) 109.634065ms ago: executing program 2 (id=3903): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0xc0, 0x49, 0x7fff0000}]}) times(0x0) 3.69756ms ago: executing program 4 (id=3904): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}, @IFLA_XDP_FLAGS={0x3, 0x3, 0x4}]}, @IFLA_GROUP={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048054}, 0x0) 0s ago: executing program 2 (id=3905): openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') kernel console output (not intermixed with test programs): 8757] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 176.330969][ T8750] EXT4-fs (loop1): Remounting filesystem read-only [ 176.360114][ T8750] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6178: Corrupt filesystem [ 176.378259][ T8750] EXT4-fs (loop1): Remounting filesystem read-only [ 176.402339][ T8728] XFS (loop2): Mounting V5 Filesystem [ 176.414716][ T8750] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #11: comm syz.1.2089: attempt to clear invalid blocks 983260 len 1 [ 176.444854][ T8720] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 176.471358][ T8750] EXT4-fs (loop1): Remounting filesystem read-only [ 176.534591][ T8750] EXT4-fs error (device loop1): __ext4_get_inode_loc:4327: comm syz.1.2089: Invalid inode table block 0 in block_group 0 [ 176.589971][ T8728] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 176.619211][ T8750] EXT4-fs (loop1): Remounting filesystem read-only [ 176.634400][ T8750] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5850: Corrupt filesystem [ 176.669121][ T8750] EXT4-fs (loop1): Remounting filesystem read-only [ 176.685824][ T8750] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem [ 176.713212][ T8750] EXT4-fs (loop1): Remounting filesystem read-only [ 176.735023][ T8750] EXT4-fs error (device loop1): __ext4_get_inode_loc:4327: comm syz.1.2089: Invalid inode table block 0 in block_group 0 [ 176.773674][ T8750] EXT4-fs (loop1): Remounting filesystem read-only [ 176.795803][ T8750] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5850: Corrupt filesystem [ 176.838284][ T8728] XFS (loop2): Starting recovery (logdev: internal) [ 176.851147][ T8750] EXT4-fs (loop1): Remounting filesystem read-only [ 176.872569][ T8750] EXT4-fs error (device loop1): ext4_truncate:4279: inode #11: comm syz.1.2089: mark_inode_dirty error [ 176.920567][ T8750] EXT4-fs (loop1): Remounting filesystem read-only [ 176.936494][ T8750] EXT4-fs error (device loop1) in ext4_process_orphan:343: Corrupt filesystem [ 176.951164][ T8728] XFS (loop2): Ending recovery (logdev: internal) [ 176.960454][ T8782] ieee802154 phy1 wpan1: encryption failed: -22 [ 176.973408][ T8728] XFS (loop2): AG 0: Corrupt btree 5 pointer at level 1 index 0. [ 177.013009][ T8750] EXT4-fs (loop1): Remounting filesystem read-only [ 177.047228][ T8728] XFS (loop2): Failed to initialize disk quotas. [ 177.065109][ T8750] EXT4-fs (loop1): 1 truncate cleaned up [ 177.100133][ T8750] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,grpquota,max_dir_size_kb=0x00000000000001ff,noblock_validity,. Quota mode: writeback. [ 177.120453][ T8785] netlink: 'syz.4.2101': attribute type 21 has an invalid length. [ 177.206351][ T8785] IPv6: NLM_F_CREATE should be specified when creating new route [ 177.208186][ T8728] XFS (loop2): AG 0: Corrupt btree 5 pointer at level 1 index 0. [ 177.315023][ T8793] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2105'. [ 177.365331][ T8793] netlink: 112 bytes leftover after parsing attributes in process `syz.4.2105'. [ 177.368204][ T8750] EXT4-fs error (device loop1): __ext4_get_inode_loc:4327: comm syz.1.2089: Invalid inode table block 0 in block_group 0 [ 177.427900][ T4192] XFS (loop2): Unmounting Filesystem [ 177.525047][ T8750] EXT4-fs (loop1): Remounting filesystem read-only [ 177.889645][ T8805] xt_NFQUEUE: number of total queues is 0 [ 178.147439][ C1] net_ratelimit: 5804 callbacks suppressed [ 178.147463][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 178.165747][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 178.178360][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 178.190743][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 178.203364][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 178.215924][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 178.228269][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 178.240706][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 178.253075][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 178.265771][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 178.345582][ T8822] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2117'. [ 178.434170][ T8825] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2120'. [ 178.498122][ T8789] loop3: detected capacity change from 0 to 32768 [ 178.507926][ T8825] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2120'. [ 178.515885][ T8832] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2123'. [ 178.555779][ T8825] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2120'. [ 178.795445][ T8850] x_tables: unsorted underflow at hook 2 [ 179.193936][ T8868] loop0: detected capacity change from 0 to 512 [ 179.287716][ T8868] EXT4-fs (loop0): Ignoring removed bh option [ 179.294477][ T8868] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 179.368868][ T8870] No such timeout policy "syz0" [ 179.386984][ T8868] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 179.472830][ T8874] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 179.473928][ T8868] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 179.508238][ T8868] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 179.520329][ T8868] EXT4-fs (loop0): mounted filesystem without journal. Opts: discard,bh,noblock_validity,,errors=continue. Quota mode: none. [ 179.603693][ T8874] overlayfs: missing 'lowerdir' [ 179.683884][ T8880] loop1: detected capacity change from 0 to 164 [ 179.743142][ T8882] netlink: 'syz.4.2148': attribute type 11 has an invalid length. [ 179.803225][ T8880] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 179.877849][ T8789] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.2103 (8789) [ 179.909959][ T8885] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 180.038007][ T8789] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 180.066884][ T8789] BTRFS info (device loop3): force clearing of disk cache [ 180.093301][ T8789] BTRFS info (device loop3): enabling auto defrag [ 180.106961][ T8789] BTRFS info (device loop3): max_inline at 0 [ 180.113008][ T8789] BTRFS info (device loop3): enabling disk space caching [ 180.142144][ T8789] BTRFS info (device loop3): disk space caching is enabled [ 180.187095][ T8789] BTRFS info (device loop3): has skinny extents [ 180.358687][ T8896] loop4: detected capacity change from 0 to 4096 [ 180.419615][ T8789] BTRFS error (device loop3): open_ctree failed: -12 [ 180.464530][ T8896] NILFS: invalid option "cp=0x00aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa": too large checkpoint number [ 180.554696][ T8925] ip6t_srh: unknown srh invflags 4000 [ 180.724730][ T8940] loop2: detected capacity change from 0 to 1024 [ 180.922759][ T8940] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 180.940925][ T8940] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (49802!=20869) [ 181.015058][ T8940] EXT4-fs error (device loop2): ext4_get_journal_inode:5160: inode #5: comm syz.2.2165: unexpected bad inode w/o EXT4_IGET_BAD [ 181.058530][ T8944] loop0: detected capacity change from 0 to 4096 [ 181.074227][ T8940] EXT4-fs (loop2): no journal found [ 181.079575][ T8940] EXT4-fs (loop2): can't get journal size [ 181.103759][ T8940] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,stripe=0x0000000000000002,norecovery,min_batch_time=0x000000000000071d,quota,,errors=continue. Quota mode: writeback. [ 181.454906][ T8976] device bridge3 entered promiscuous mode [ 181.536739][ T8928] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 181.550695][ T8944] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 181.618125][ T8944] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 181.957452][ T8928] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 181.986870][ T8928] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 182.014780][ T8928] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 182.073020][ T8928] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 182.130143][ T8928] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 182.198091][ T8928] usb 5-1: config 0 descriptor?? [ 182.283256][ T9015] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2200'. [ 182.307317][ T8928] hub 5-1:0.0: USB hub found [ 182.416030][ T9024] netlink: 180 bytes leftover after parsing attributes in process `syz.3.2204'. [ 182.499538][ T9028] loop1: detected capacity change from 0 to 164 [ 182.513145][ T8928] hub 5-1:0.0: 14 ports detected [ 182.518973][ T9024] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2204'. [ 182.547079][ T8928] hub 5-1:0.0: insufficient power available to use all downstream ports [ 182.732818][ T8928] hub 5-1:0.0: hub_hub_status failed (err = -71) [ 182.749655][ T8928] hub 5-1:0.0: config failed, can't get hub status (err -71) [ 182.794042][ T9047] netlink: 'syz.3.2217': attribute type 2 has an invalid length. [ 182.808092][ T8928] usb 5-1: USB disconnect, device number 14 [ 182.818121][ T9047] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2217'. [ 182.874728][ T9052] loop2: detected capacity change from 0 to 256 [ 183.000212][ T9052] FAT-fs (loop2): Directory bread(block 64) failed [ 183.019161][ T9052] FAT-fs (loop2): Directory bread(block 65) failed [ 183.026359][ T9052] FAT-fs (loop2): Directory bread(block 66) failed [ 183.050789][ T9052] FAT-fs (loop2): Directory bread(block 67) failed [ 183.068052][ T9052] FAT-fs (loop2): Directory bread(block 68) failed [ 183.075279][ T9052] FAT-fs (loop2): Directory bread(block 69) failed [ 183.088764][ T9052] FAT-fs (loop2): Directory bread(block 70) failed [ 183.095480][ T9052] FAT-fs (loop2): Directory bread(block 71) failed [ 183.112636][ T9052] FAT-fs (loop2): Directory bread(block 72) failed [ 183.122432][ T9052] FAT-fs (loop2): Directory bread(block 73) failed [ 183.156846][ C1] net_ratelimit: 6440 callbacks suppressed [ 183.156865][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 183.175409][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 183.187776][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 183.200639][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 183.212993][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 183.225577][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 183.238263][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 183.251079][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 183.263573][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 183.275982][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 183.333169][ T9068] netlink: 'syz.3.2229': attribute type 9 has an invalid length. [ 183.381457][ T9068] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2229'. [ 183.865998][ T9112] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2248'. [ 183.895444][ T9112] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2248'. [ 183.911513][ T9115] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2251'. [ 183.981561][ T9118] autofs4:pid:9118:autofs_fill_super: called with bogus options [ 184.009154][ T9121] netlink: 160 bytes leftover after parsing attributes in process `syz.2.2252'. [ 184.262740][ T9138] loop2: detected capacity change from 0 to 512 [ 184.289398][ T9140] xt_CT: You must specify a L4 protocol and not use inversions on it [ 184.593981][ T9154] kAFS: unparsable volume name [ 184.621645][ T9158] loop3: detected capacity change from 0 to 256 [ 184.643391][ T9028] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 185.205981][ T9186] loop0: detected capacity change from 0 to 8192 [ 185.268261][ T9186] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 185.296688][ T9186] REISERFS (device loop0): using ordered data mode [ 185.313980][ T9186] reiserfs: using flush barriers [ 185.329103][ T9186] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 185.353839][ T9186] REISERFS (device loop0): checking transaction log (loop0) [ 185.485298][ T9138] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 185.520488][ T9138] EXT4-fs (loop2): orphan cleanup on readonly fs [ 185.539416][ T9138] EXT4-fs error (device loop2): mb_free_blocks:1860: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 185.551872][ T9198] loop4: detected capacity change from 0 to 256 [ 185.565631][ T9138] EXT4-fs error (device loop2): ext4_do_update_inode:5218: inode #11: comm syz.2.2260: corrupted inode contents [ 185.582973][ T9138] EXT4-fs error (device loop2): ext4_dirty_inode:6054: inode #11: comm syz.2.2260: mark_inode_dirty error [ 185.599163][ T9138] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.2260: invalid indirect mapped block 327680 (level 0) [ 185.614583][ T9138] EXT4-fs error (device loop2): ext4_do_update_inode:5218: inode #11: comm syz.2.2260: corrupted inode contents [ 185.642244][ T9186] REISERFS (device loop0): Using tea hash to sort names [ 185.667221][ T9186] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 185.706903][ T9138] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem [ 185.752869][ T9138] EXT4-fs error (device loop2): ext4_do_update_inode:5218: inode #11: comm syz.2.2260: corrupted inode contents [ 185.837306][ T9138] EXT4-fs error (device loop2): ext4_truncate:4279: inode #11: comm syz.2.2260: mark_inode_dirty error [ 185.871576][ T9138] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem [ 185.882924][ T9202] loop1: detected capacity change from 0 to 2048 [ 185.902934][ T9138] EXT4-fs (loop2): 1 truncate cleaned up [ 185.909469][ T9138] EXT4-fs (loop2): mounted filesystem without journal. Opts: init_itable,grpjquota=,,errors=continue. Quota mode: none. [ 186.015875][ T9202] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 186.168092][ T4264] usb 5-1: new full-speed USB device number 15 using dummy_hcd [ 186.252841][ T9211] loop0: detected capacity change from 0 to 256 [ 186.556710][ T9211] FAT-fs (loop0): Directory bread(block 64) failed [ 186.567156][ T4264] usb 5-1: config 0 has an invalid interface number: 110 but max is 0 [ 186.578641][ T9211] FAT-fs (loop0): Directory bread(block 65) failed [ 186.578742][ T9211] FAT-fs (loop0): Directory bread(block 66) failed [ 186.578772][ T9211] FAT-fs (loop0): Directory bread(block 67) failed [ 186.578872][ T9211] FAT-fs (loop0): Directory bread(block 68) failed [ 186.578903][ T9211] FAT-fs (loop0): Directory bread(block 69) failed [ 186.578972][ T9211] FAT-fs (loop0): Directory bread(block 70) failed [ 186.579000][ T9211] FAT-fs (loop0): Directory bread(block 71) failed [ 186.579061][ T9211] FAT-fs (loop0): Directory bread(block 72) failed [ 186.579088][ T9211] FAT-fs (loop0): Directory bread(block 73) failed [ 186.595783][ T4264] usb 5-1: config 0 has no interface number 0 [ 186.596444][ T4264] usb 5-1: config 0 interface 110 has no altsetting 0 [ 186.658347][ T9235] loop2: detected capacity change from 0 to 64 [ 186.777395][ T4264] usb 5-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=af.55 [ 186.807461][ T9239] loop1: detected capacity change from 0 to 2048 [ 186.874023][ T4264] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.913213][ T4264] usb 5-1: Product: syz [ 186.924392][ T4264] usb 5-1: Manufacturer: syz [ 186.933585][ T4264] usb 5-1: SerialNumber: syz [ 186.955417][ T4264] usb 5-1: config 0 descriptor?? [ 187.237533][ T4264] cdc_subset: probe of 5-1:0.110 failed with error -22 [ 187.298492][ T9239] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 187.392626][ T8929] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 187.400412][ T8928] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 187.494253][ T4264] usb 5-1: USB disconnect, device number 15 [ 187.827297][ T8928] usb 1-1: config 0 has an invalid interface number: 241 but max is 0 [ 187.835837][ T8929] usb 4-1: config 202 has an invalid interface number: 153 but max is 0 [ 187.854301][ T8928] usb 1-1: config 0 has no interface number 0 [ 187.867335][ T8929] usb 4-1: config 202 has no interface number 0 [ 187.914368][ T8928] usb 1-1: config 0 interface 241 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 187.925328][ T8929] usb 4-1: too many endpoints for config 202 interface 153 altsetting 71: 176, using maximum allowed: 30 [ 187.983434][ T8928] usb 1-1: config 0 interface 241 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0 [ 187.995677][ T8929] usb 4-1: config 202 interface 153 altsetting 71 has 0 endpoint descriptors, different from the interface descriptor's value: 176 [ 188.076916][ T8929] usb 4-1: config 202 interface 153 has no altsetting 0 [ 188.166892][ C1] net_ratelimit: 6737 callbacks suppressed [ 188.166909][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 188.185130][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 188.197527][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 188.209951][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 188.222678][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 188.235041][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 188.247666][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 188.257582][ T8928] usb 1-1: New USB device found, idVendor=0675, idProduct=1688, bcdDevice=d1.c7 [ 188.260468][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 188.281066][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 188.293670][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 188.315920][ T8928] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 188.324442][ T8929] usb 4-1: New USB device found, idVendor=1199, idProduct=6832, bcdDevice=9c.50 [ 188.331893][ T9278] netlink: 'syz.4.2328': attribute type 3 has an invalid length. [ 188.371433][ T9278] netlink: 114680 bytes leftover after parsing attributes in process `syz.4.2328'. [ 188.375180][ T8929] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 188.395401][ T8928] usb 1-1: Product: syz [ 188.424174][ T8928] usb 1-1: Manufacturer: syz [ 188.452110][ T8928] usb 1-1: SerialNumber: syz [ 188.457069][ T8929] usb 4-1: Product: syz [ 188.471216][ T8929] usb 4-1: Manufacturer: syz [ 188.471831][ C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 188.483734][ T8928] usb 1-1: config 0 descriptor?? [ 188.520678][ T8929] usb 4-1: SerialNumber: syz [ 188.618424][ T8929] hub 4-1:202.153: bad descriptor, ignoring hub [ 188.654053][ T8929] hub: probe of 4-1:202.153 failed with error -5 [ 188.708751][ T8929] sierra 4-1:202.153: Sierra USB modem converter detected [ 188.731084][ T9288] loop1: detected capacity change from 0 to 16 [ 188.811625][ T9288] erofs: (device loop1): mounted with root inode @ nid 36. [ 188.869488][ T8928] HFC-S_USB: probe of 1-1:0.241 failed with error -5 [ 188.909492][ T8929] usb 4-1: USB disconnect, device number 9 [ 188.915747][ T8929] sierra 4-1:202.153: device disconnected [ 188.919734][ T9288] erofs: (device loop1): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 188.935025][ T8928] usb 1-1: USB disconnect, device number 12 [ 188.957904][ T4187] erofs: (device loop1): z_erofs_lz4_decompress: failed to decompress 6887 in[4096, 0] out[8192] [ 189.017292][ T4243] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 189.030758][ T9288] erofs: (device loop1): z_erofs_readahead: readahead error at page 10 @ nid 89 [ 189.073557][ T9288] erofs: (device loop1): z_erofs_readahead: readahead error at page 9 @ nid 89 [ 189.125629][ T9288] erofs: (device loop1): z_erofs_readahead: readahead error at page 8 @ nid 89 [ 189.187112][ T9288] erofs: (device loop1): z_erofs_readahead: readahead error at page 7 @ nid 89 [ 189.270609][ T9292] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2335'. [ 189.292451][ T9288] erofs: (device loop1): z_erofs_readahead: readahead error at page 6 @ nid 89 [ 189.310957][ T9288] erofs: (device loop1): z_erofs_readahead: readahead error at page 5 @ nid 89 [ 189.326591][ T9288] erofs: (device loop1): z_erofs_readahead: readahead error at page 4 @ nid 89 [ 189.339212][ T9288] erofs: (device loop1): z_erofs_lz4_decompress: failed to decompress 6887 in[4096, 0] out[8192] [ 189.427038][ T26] audit: type=1800 audit(1764165739.330:13): pid=9288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2333" name="file2" dev="loop1" ino=89 res=0 errno=0 [ 189.455680][ T4243] usb 5-1: Using ep0 maxpacket: 32 [ 189.540718][ T9298] loop0: detected capacity change from 0 to 1024 [ 189.595801][ T9298] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 189.669888][ T4243] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 189.699881][ T4243] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.740888][ T4243] usb 5-1: config 0 descriptor?? [ 189.839071][ T4243] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 189.845548][ T9306] netlink: 'syz.1.2341': attribute type 10 has an invalid length. [ 189.853498][ T9309] netlink: 10 bytes leftover after parsing attributes in process `syz.0.2343'. [ 189.866997][ T9306] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2341'. [ 189.889222][ T9306] device ipvlan1 entered promiscuous mode [ 189.907628][ T9306] bridge0: port 3(ipvlan1) entered blocking state [ 189.947907][ T9306] bridge0: port 3(ipvlan1) entered disabled state [ 190.292591][ T4243] gspca_vc032x: reg_w err -71 [ 190.302510][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.308183][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.342532][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.348233][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.360718][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.401067][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.406403][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.426907][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.446116][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.467824][ T9329] loop3: detected capacity change from 0 to 64 [ 190.509367][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.522381][ T9323] loop1: detected capacity change from 0 to 4096 [ 190.528622][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.534021][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.558720][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.564046][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.578014][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.599954][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.605272][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.610329][ T9323] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 190.618934][ T4243] gspca_vc032x: I2c Bus Busy Wait 00 [ 190.645240][ T4243] gspca_vc032x: Unknown sensor... [ 190.650748][ T4243] vc032x: probe of 5-1:0.0 failed with error -22 [ 190.731932][ T4243] usb 5-1: USB disconnect, device number 16 [ 191.545635][ T9357] loop0: detected capacity change from 0 to 4096 [ 191.624509][ T9370] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2373'. [ 191.753701][ T9379] genirq: Flags mismatch irq 4. 00000000 (aio_iiro_16) vs. 00000000 (ttyS0) [ 192.268277][ T9420] loop1: detected capacity change from 0 to 8 [ 192.335016][ T9420] SQUASHFS error: Unable to read inode 0xa7 [ 192.371777][ T9422] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2398'. [ 192.399314][ T9422] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2398'. [ 192.416751][ T9422] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2398'. [ 192.513252][ T9424] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.2399'. [ 192.740851][ T9442] netlink: 'syz.4.2407': attribute type 75 has an invalid length. [ 192.880797][ T9357] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 192.954189][ T4243] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 193.171626][ T9357] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 193.177006][ C1] net_ratelimit: 6540 callbacks suppressed [ 193.177024][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 193.196792][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 193.208951][ T9357] ntfs3: loop0: ntfs_set_state r=3 failed, -22. [ 193.209456][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 193.227679][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 193.240167][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 193.252585][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 193.265368][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 193.277828][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 193.290584][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 193.303541][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 193.362964][ T9465] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2418'. [ 193.380235][ T5313] ntfs3: loop0: ntfs3_write_inode r=3 failed, -22. [ 193.423701][ T4182] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22. [ 193.431555][ T4182] ntfs3: loop0: ntfs_evict_inode r=3 failed, -22. [ 193.447348][ T9465] netlink: 31 bytes leftover after parsing attributes in process `syz.3.2418'. [ 193.457657][ T9465] netlink: 'syz.3.2418': attribute type 3 has an invalid length. [ 193.481466][ T9465] netlink: 'syz.3.2418': attribute type 2 has an invalid length. [ 193.511429][ T9465] netlink: 31 bytes leftover after parsing attributes in process `syz.3.2418'. [ 193.663535][ T9473] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2424'. [ 193.734552][ T4243] usb 2-1: config index 0 descriptor too short (expected 65207, got 72) [ 193.989455][ T4243] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 194.036869][ T4243] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.043088][ T4264] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 194.062887][ T4243] usb 2-1: Product: syz [ 194.076114][ T4243] usb 2-1: Manufacturer: syz [ 194.089977][ T4243] usb 2-1: SerialNumber: syz [ 194.150776][ T4243] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 194.212711][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.357000][ T4264] usb 4-1: Using ep0 maxpacket: 32 [ 194.507048][ T4264] usb 4-1: config 0 has an invalid interface number: 166 but max is 0 [ 194.547532][ T4264] usb 4-1: config 0 has no interface number 0 [ 194.574270][ T4264] usb 4-1: config 0 interface 166 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 16 [ 194.729301][ T9519] loop0: detected capacity change from 0 to 4096 [ 194.807602][ T4264] usb 4-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=19.a8 [ 194.834486][ T4264] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.861239][ T4264] usb 4-1: Product: syz [ 194.874080][ T4264] usb 4-1: Manufacturer: syz [ 194.888605][ T9531] netlink: 84 bytes leftover after parsing attributes in process `syz.4.2452'. [ 194.903648][ T4264] usb 4-1: SerialNumber: syz [ 194.912977][ T4264] usb 4-1: config 0 descriptor?? [ 194.944185][ T9519] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 194.957305][ T9480] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 194.982496][ T23] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 194.999501][ T4264] ti_usb_3410_5052 4-1:0.166: TI USB 3410 1 port adapter converter detected [ 195.029791][ T9535] netlink: 'syz.2.2463': attribute type 5 has an invalid length. [ 195.055710][ T4264] ti_usb_3410_5052 4-1:0.166: missing endpoints [ 195.074690][ T9535] device ip6erspan0 entered promiscuous mode [ 195.088488][ T9519] ntfs3: loop0: Failed to load $Extend. [ 195.274936][ T9537] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2454'. [ 195.371338][ T4191] usb 4-1: USB disconnect, device number 10 [ 195.397679][ T9537] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2454'. [ 195.507149][ T4243] usb 2-1: USB disconnect, device number 13 [ 195.613007][ T9541] loop0: detected capacity change from 0 to 1764 [ 196.098816][ T23] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 196.105820][ T23] ath9k_htc: Failed to initialize the device [ 196.117256][ T4243] usb 2-1: ath9k_htc: USB layer deinitialized [ 196.705602][ T9566] loop3: detected capacity change from 0 to 4096 [ 196.880534][ T9587] loop4: detected capacity change from 0 to 1764 [ 196.973116][ T9598] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2483'. [ 196.995111][ T9587] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 197.023908][ T9598] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2483'. [ 197.111286][ T9566] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 197.232706][ T9611] loop1: detected capacity change from 0 to 64 [ 197.770076][ T9640] loop3: detected capacity change from 0 to 16 [ 197.967056][ T9651] device gtp0 entered promiscuous mode [ 198.034669][ T9649] loop4: detected capacity change from 0 to 4096 [ 198.114723][ T9649] EXT4-fs (loop4): Ignoring removed bh option [ 198.149213][ T9649] EXT4-fs (loop4): Test dummy encryption mode enabled [ 198.187213][ C1] net_ratelimit: 6695 callbacks suppressed [ 198.187232][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 198.205997][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 198.218488][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 198.225733][ T9649] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 198.231044][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 198.251176][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 198.263589][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 198.276309][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 198.276410][ T9649] System zones: [ 198.288636][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 198.304574][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 198.315119][ T9649] 0-5 [ 198.317206][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 198.324022][ T9649] [ 198.359014][ T9649] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug,delalloc,bh,test_dummy_encryption,nodiscard,min_batch_time=0x0000000000000004,acl,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback. [ 198.458212][ T9649] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 198.536410][ T9640] erofs: (device loop3): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 11417) [ 198.817073][ T9681] netlink: 1076 bytes leftover after parsing attributes in process `syz.0.2522'. [ 199.471735][ T9707] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2533'. [ 200.115888][ T9759] netlink: 'syz.1.2544': attribute type 1 has an invalid length. [ 200.128716][ T9760] loop4: detected capacity change from 0 to 164 [ 200.464919][ T9775] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2552'. [ 200.535094][ T9777] loop0: detected capacity change from 0 to 1024 [ 200.661376][ T9760] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 201.536128][ T9782] loop1: detected capacity change from 0 to 32768 [ 201.561797][ T9782] XFS: noikeep mount option is deprecated. [ 201.654445][ T9782] XFS (loop1): Mounting V5 Filesystem [ 201.663930][ T9784] loop3: detected capacity change from 0 to 32768 [ 201.822775][ T9818] overlayfs: option "workdir=./file1\" is useless in a non-upper mount, ignore [ 201.883490][ T9818] overlayfs: missing 'lowerdir' [ 201.926048][ T9784] XFS (loop3): Mounting V5 filesystem in no-recovery mode. Filesystem will be inconsistent. [ 201.947829][ T9782] XFS (loop1): Ending clean mount [ 201.957094][ T9782] XFS (loop1): Quotacheck needed: Please wait. [ 202.038171][ T4185] XFS (loop3): Unmounting Filesystem [ 202.209694][ T9782] XFS (loop1): Quotacheck: Done. [ 202.305872][ T4186] XFS (loop1): Unmounting Filesystem [ 202.749647][ T9840] loop3: detected capacity change from 0 to 64 [ 203.217196][ C1] net_ratelimit: 4827 callbacks suppressed [ 203.217215][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 203.235413][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 203.248042][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 203.260385][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 203.272824][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 203.285508][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 203.297883][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 203.310300][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 203.322832][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 203.335489][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 203.603268][ T9879] netlink: 22 bytes leftover after parsing attributes in process `syz.1.2595'. [ 203.674176][ T9879] netlink: 22 bytes leftover after parsing attributes in process `syz.1.2595'. [ 203.724316][ T9879] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2595'. [ 204.047101][ T9907] netlink: 'syz.0.2609': attribute type 28 has an invalid length. [ 204.095714][ T9907] netlink: 'syz.0.2609': attribute type 3 has an invalid length. [ 204.115973][ T9907] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2609'. [ 204.278337][ T9917] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 204.398919][ T9917] CIFS mount error: No usable UNC path provided in device string! [ 204.398919][ T9917] [ 204.437266][ T9917] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 205.025603][ T9949] loop1: detected capacity change from 0 to 64 [ 205.205698][ T9962] delete_channel: no stack [ 205.364662][ T9973] netlink: 10 bytes leftover after parsing attributes in process `syz.4.2640'. [ 205.547971][ T9975] loop0: detected capacity change from 0 to 4096 [ 205.589192][ T9985] No such timeout policy "syz1" [ 205.616426][ T9975] EXT4-fs (loop0): Test dummy encryption mode enabled [ 205.695914][ T9975] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,norecovery,nodioread_nolock,test_dummy_encryption,nogrpid,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback. [ 205.808218][ T8929] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 205.932795][ T9975] syz.0.2643 (9975) used greatest stack depth: 18880 bytes left [ 206.118991][ T9995] loop4: detected capacity change from 0 to 32768 [ 206.217973][ T8929] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 206.233041][ T8929] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7 [ 206.303063][ T9995] XFS (loop4): Mounting V5 Filesystem [ 206.407193][ T8929] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 206.426246][ T8929] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 206.468094][ T8929] usb 4-1: Product: syz [ 206.477298][ T8929] usb 4-1: Manufacturer: syz [ 206.481970][ T8929] usb 4-1: SerialNumber: syz [ 206.500459][ T9995] XFS (loop4): Ending clean mount [ 206.507901][ T8929] usb 4-1: config 0 descriptor?? [ 206.521250][ T9995] XFS (loop4): Quotacheck needed: Please wait. [ 206.601529][ T9995] XFS (loop4): Quotacheck: Done. [ 206.640263][T10033] loop0: detected capacity change from 0 to 4096 [ 206.673807][ T7770] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 206.700030][ T4188] XFS (loop4): Unmounting Filesystem [ 206.843238][ T8929] usb 4-1: USB disconnect, device number 11 [ 207.004740][ T7770] usb 3-1: Using ep0 maxpacket: 16 [ 207.165302][T10033] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 207.182542][ T7770] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 207.425690][ T7770] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55 [ 207.454759][ T7770] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 207.471509][ T7770] usb 3-1: Product: syz [ 207.475811][ T7770] usb 3-1: Manufacturer: syz [ 207.488906][T10033] ntfs3: loop0: failed to convert "c46c" to macinuit [ 207.492500][ T7770] usb 3-1: SerialNumber: syz [ 207.520204][T10043] netlink: 'syz.4.2671': attribute type 21 has an invalid length. [ 207.554948][ T7770] usb 3-1: config 0 descriptor?? [ 207.695047][T10035] loop1: detected capacity change from 0 to 32768 [ 207.709424][ T7770] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 207.835111][T10035] add_index: next_index = 0. Resetting! [ 207.887314][T10035] find_entry called with index >= next_index [ 207.913377][T10060] loop4: detected capacity change from 0 to 512 [ 207.929178][T10035] find_entry called with index >= next_index [ 207.967131][ T9736] usb 3-1: Failed to submit usb control message: -71 [ 207.975910][ T9736] usb 3-1: unable to send the bmi data to the device: -71 [ 207.988692][ T23] usb 3-1: USB disconnect, device number 15 [ 208.018654][ T9736] usb 3-1: unable to get target info from device [ 208.045872][ T9736] usb 3-1: could not get target info (-71) [ 208.062841][ T9736] usb 3-1: could not probe fw (-71) [ 208.107575][T10060] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 208.196949][T10060] ext4 filesystem being mounted at /493/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 208.227785][ T4976] udevd[4976]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 208.232982][ C1] net_ratelimit: 7222 callbacks suppressed [ 208.233001][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 208.262375][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 208.275080][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 208.287506][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 208.300165][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 208.312995][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 208.325582][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 208.338172][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 208.350506][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 208.362881][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 208.397503][ T7770] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 208.795667][T10082] dlm: no locking on control device [ 208.815785][ T7770] usb 1-1: Using ep0 maxpacket: 32 [ 208.883122][T10083] device netdevsim0 entered promiscuous mode [ 208.973146][T10089] loop4: detected capacity change from 0 to 1024 [ 208.975074][T10086] netlink: 'syz.3.2690': attribute type 1 has an invalid length. [ 209.016916][T10088] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2689'. [ 209.071779][ T7770] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 209.086986][T10089] EXT4-fs (loop4): Ignoring removed bh option [ 209.095901][T10089] EXT4-fs (loop4): inline encryption not supported [ 209.106892][ T7770] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 209.250817][T10089] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 209.402658][ T7770] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 209.413018][ T7770] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 209.432205][ T7770] usb 1-1: Product: syz [ 209.436405][ T7770] usb 1-1: Manufacturer: syz [ 209.462958][T10089] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #3: block 2: comm syz.4.2691: lblock 2 mapped to illegal pblock 2 (length 1) [ 209.490171][T10089] Quota error (device loop4): qtree_write_dquot: dquota write failed [ 209.502736][T10089] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #3: block 48: comm syz.4.2691: lblock 0 mapped to illegal pblock 48 (length 1) [ 209.553340][T10109] loop1: detected capacity change from 0 to 2048 [ 209.615990][ T7770] hub 1-1:4.0: USB hub found [ 209.658733][T10089] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 209.706688][T10089] EXT4-fs error (device loop4): ext4_acquire_dquot:6209: comm syz.4.2691: Failed to acquire dquot type 0 [ 209.730814][T10089] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5850: Corrupt filesystem [ 209.769520][T10089] EXT4-fs error (device loop4): ext4_evict_inode:282: inode #11: comm syz.4.2691: mark_inode_dirty error [ 209.776662][T10109] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 209.855452][ T7770] hub 1-1:4.0: config failed, hub doesn't have any ports! (err -19) [ 209.883798][T10089] EXT4-fs warning (device loop4): ext4_evict_inode:285: couldn't mark inode dirty (err -117) [ 209.898200][T10117] netlink: 'syz.2.2703': attribute type 12 has an invalid length. [ 209.981108][T10089] EXT4-fs (loop4): 1 orphan inode deleted [ 210.033832][ T9751] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #3: block 1: comm kworker/u4:13: lblock 1 mapped to illegal pblock 1 (length 1) [ 210.039726][T10089] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrquota,noblock_validity,bh,max_batch_time=0x00000000000008c9,debug,inlinecrypt,,errors=continue. Quota mode: writeback. [ 210.067056][ T9751] Quota error (device loop4): remove_tree: Can't read quota data block 1 [ 210.082581][ T9751] EXT4-fs error (device loop4): ext4_release_dquot:6245: comm kworker/u4:13: Failed to release dquot type 0 [ 210.256900][ T7772] usb 1-1: USB disconnect, device number 13 [ 210.357653][ T9751] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #3: block 2: comm kworker/u4:13: lblock 2 mapped to illegal pblock 2 (length 1) [ 210.394521][ T9751] Quota error (device loop4): qtree_write_dquot: dquota write failed [ 210.433859][ T9751] EXT4-fs error (device loop4): ext4_write_dquot:6189: comm kworker/u4:13: Failed to commit dquot type 0 [ 210.514208][ T9751] Quota error (device loop4): dquot_write_dquot: Can't write quota structure (error -117). Quota may get out of sync! [ 210.537569][ T4188] EXT4-fs error (device loop4): __ext4_get_inode_loc:4327: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 210.598527][ T4188] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5850: Corrupt filesystem [ 210.647383][ T4188] EXT4-fs error (device loop4): ext4_quota_off:6515: inode #3: comm syz-executor: mark_inode_dirty error [ 210.655353][T10133] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2713'. [ 210.738681][T10137] loop0: detected capacity change from 0 to 1024 [ 210.859879][T10137] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 210.915783][T10137] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 211.035791][T10137] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 211.044249][T10137] System zones: 0-1, 3-36 [ 211.125955][T10137] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 211.146011][ C0] vkms_vblank_simulate: vblank timer overrun [ 211.338909][T10176] bond0: (slave ip_vti0): Error: Device can not be enslaved while up [ 211.492632][T10184] x_tables: unsorted entry at hook 1 [ 211.606911][ T8928] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 211.700755][T10199] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 211.708828][T10199] IPv6: NLM_F_CREATE should be set when creating new route [ 211.716097][T10199] IPv6: NLM_F_CREATE should be set when creating new route [ 211.997253][ T8928] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 212.031176][ T8928] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 212.046092][T10218] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551614) [ 212.115892][T10218] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 212.147267][ T8928] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 212.202979][ T8928] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67 [ 212.227260][ T8928] usb 5-1: SerialNumber: syz [ 212.539462][ T8928] usb 5-1: 0:2 : does not exist [ 212.598804][ T8928] usb 5-1: USB disconnect, device number 17 [ 212.811301][ T8929] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 212.905010][ T4980] udevd[4980]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 213.056892][ T8929] usb 4-1: Using ep0 maxpacket: 32 [ 213.207024][ T8929] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 213.237198][ C1] net_ratelimit: 5544 callbacks suppressed [ 213.237216][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 213.248619][ T8929] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 213.255597][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 213.277697][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 213.289975][ T8929] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 213.290121][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 213.315514][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 213.328104][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 213.340753][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 213.353651][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 213.366042][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 213.378689][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 213.440530][T10222] loop0: detected capacity change from 0 to 32768 [ 213.542261][ T8929] usb 4-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 213.568437][ T8929] usb 4-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 213.591153][ T8929] usb 4-1: Product: syz [ 213.601699][T10258] netlink: 'syz.4.2771': attribute type 2 has an invalid length. [ 213.605603][ T8929] usb 4-1: Manufacturer: syz [ 213.614493][T10258] netlink: 'syz.4.2771': attribute type 3 has an invalid length. [ 213.622389][ T8929] usb 4-1: SerialNumber: syz [ 213.699747][ T8929] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input12 [ 214.010150][ T8929] usb 4-1: USB disconnect, device number 12 [ 214.040852][ T8929] appletouch 4-1:1.0: input: appletouch disconnected [ 214.353375][T10262] loop1: detected capacity change from 0 to 32768 [ 214.360307][T10290] No such timeout policy "syz1" [ 214.487992][T10262] XFS (loop1): Mounting V5 Filesystem [ 214.516683][T10302] netlink: 'syz.2.2791': attribute type 11 has an invalid length. [ 214.524671][T10302] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2791'. [ 214.672672][T10262] XFS (loop1): Ending clean mount [ 214.782045][ T4186] XFS (loop1): Unmounting Filesystem [ 215.099301][T10335] SET target dimension over the limit! [ 215.278709][T10222] XFS (loop0): Mounting V5 Filesystem [ 215.349390][T10222] XFS (loop0): log mount failed [ 216.015218][T10376] netlink: 'syz.2.2826': attribute type 8 has an invalid length. [ 216.304474][T10386] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2831'. [ 216.355682][T10386] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2831'. [ 216.383303][ T8929] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 216.395441][T10386] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2831'. [ 216.463810][ T8928] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 216.503407][T10395] netlink: 'syz.3.2834': attribute type 1 has an invalid length. [ 216.527201][T10395] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2834'. [ 216.697612][ T8929] usb 1-1: Using ep0 maxpacket: 8 [ 216.775358][T10408] loop1: detected capacity change from 0 to 512 [ 216.829681][ T8929] usb 1-1: config 0 has an invalid interface number: 52 but max is 0 [ 216.848553][ T8929] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 216.859716][ T8928] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 216.876858][ T8928] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 216.906028][ T8929] usb 1-1: config 0 has no interface number 0 [ 216.922814][ T8929] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 216.935180][ T8928] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 216.955282][ T8928] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.965436][ T8929] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0 [ 216.995943][ T8929] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 217.009671][T10382] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 217.046854][ T8929] usb 1-1: config 0 interface 52 has no altsetting 0 [ 217.078150][T10408] EXT4-fs (loop1): Ignoring removed bh option [ 217.101714][T10408] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 217.187285][ T8929] usb 1-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 217.201885][ T8929] usb 1-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 217.211271][ T8929] usb 1-1: Product: syz [ 217.215676][ T8929] usb 1-1: SerialNumber: syz [ 217.227266][ T8929] usb 1-1: config 0 descriptor?? [ 217.284394][T10408] EXT4-fs (loop1): 1 truncate cleaned up [ 217.291316][T10408] EXT4-fs (loop1): mounted filesystem without journal. Opts: noload,max_dir_size_kb=0x0000000000000007,bh,noload,data_err=ignore,usrjquota=,,errors=continue. Quota mode: none. [ 217.537071][ T8928] aiptek 3-1:17.0: Aiptek using 400 ms programming speed [ 217.545800][ T8928] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input13 [ 217.557415][ T8929] input: syz (Stick) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.52/input/input14 [ 217.592546][ T3545] synaptics_usb 1-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 217.643898][ T4371] synaptics_usb 1-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 217.662134][ T8928] usb 3-1: USB disconnect, device number 16 [ 217.668143][ C0] aiptek 3-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 217.752292][ T3545] synaptics_usb 1-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 217.806017][ T3545] synaptics_usb 1-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 217.821659][ T23] usb 1-1: USB disconnect, device number 14 [ 217.835785][ T3545] synaptics_usb 1-1:0.52: synusb_open - usb_submit_urb failed, error: -19 [ 217.951837][T10443] loop4: detected capacity change from 0 to 128 [ 218.006475][T10438] loop1: detected capacity change from 0 to 8192 [ 218.248552][ C1] net_ratelimit: 7286 callbacks suppressed [ 218.248571][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 218.266872][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 218.279263][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 218.291697][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 218.304535][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 218.316923][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 218.329612][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 218.342483][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 218.354843][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 218.367440][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 218.495332][T10438] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 218.504599][T10438] REISERFS (device loop1): using ordered data mode [ 218.534597][T10438] reiserfs: using flush barriers [ 218.643327][T10498] loop0: detected capacity change from 0 to 512 [ 218.643782][T10438] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 218.650128][T10495] netlink: 'syz.2.2876': attribute type 10 has an invalid length. [ 218.698146][T10499] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2878'. [ 218.711666][T10438] REISERFS (device loop1): checking transaction log (loop1) [ 218.796427][T10438] REISERFS (device loop1): Using rupasov hash to sort names [ 218.810597][T10495] device veth0_vlan left promiscuous mode [ 218.844533][T10438] REISERFS (device loop1): using 3.5.x disk format [ 218.859361][T10498] EXT4-fs (loop0): mounted filesystem without journal. Opts: noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 218.861400][T10438] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 218.873418][T10498] ext4 filesystem being mounted at /563/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 218.941029][T10495] device veth0_vlan entered promiscuous mode [ 218.967406][T10438] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 218.995108][T10495] team0: Device veth0_vlan failed to register rx_handler [ 219.029943][T10438] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 219.067623][T10438] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2) [ 219.187061][ T8928] usb 1-1: new full-speed USB device number 15 using dummy_hcd [ 219.198821][T10438] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 219.314075][T10515] xt_recent: Unsupported userspace flags (000000b1) [ 219.316085][T10438] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 219.417743][T10438] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 219.637378][ T8928] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 219.684021][ T8928] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 200, setting to 64 [ 219.732756][ T8928] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 10 [ 219.764337][ T8928] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 219.794374][ T8928] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 219.840993][ T8928] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 219.863740][ T8928] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.914898][ T8928] usb 1-1: config 0 descriptor?? [ 219.969390][T10498] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 220.236762][ T8928] usb 1-1: USB disconnect, device number 15 [ 221.642475][T10607] loop4: detected capacity change from 0 to 8192 [ 221.699645][T10583] loop1: detected capacity change from 0 to 32768 [ 221.854646][T10607] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 221.923673][T10607] REISERFS (device loop4): using ordered data mode [ 221.946934][T10607] reiserfs: using flush barriers [ 221.969421][T10607] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 222.006741][T10607] REISERFS (device loop4): checking transaction log (loop4) [ 222.058332][T10583] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 222.205934][T10643] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2944'. [ 222.259181][T10607] REISERFS (device loop4): Using r5 hash to sort names [ 222.324519][T10607] REISERFS (device loop4): using 3.5.x disk format [ 222.351517][T10607] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 222.469615][T10583] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 222.606462][T10583] (syz.1.2915,10583,1):ocfs2_read_blocks:239 ERROR: status = -12 [ 222.616440][T10583] (syz.1.2915,10583,1):ocfs2_xattr_block_find:2835 ERROR: status = -12 [ 222.827335][ T4186] ocfs2: Unmounting device (7,1) on (node local) [ 222.854580][T10661] loop0: detected capacity change from 0 to 8 [ 222.917899][ T23] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 222.957225][T10661] SQUASHFS error: zlib decompression failed, data probably corrupt [ 222.987739][T10661] SQUASHFS error: Failed to read block 0x9b: -5 [ 223.037825][T10661] SQUASHFS error: Unable to read metadata cache entry [99] [ 223.045045][T10661] SQUASHFS error: Unable to read inode 0x127 [ 223.257038][ C1] net_ratelimit: 5501 callbacks suppressed [ 223.257060][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 223.320364][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 223.333086][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 223.345484][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 223.358388][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 223.371215][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 223.383599][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 223.396211][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 223.408545][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 223.420921][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 223.549573][ T23] usb 4-1: Using ep0 maxpacket: 8 [ 223.567006][ T8931] Bluetooth: hci0: command 0x0401 tx timeout [ 223.746667][ T23] usb 4-1: config 0 has an invalid interface number: 78 but max is 0 [ 223.754826][ T23] usb 4-1: config 0 has no interface number 0 [ 223.854840][ T7772] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 224.035239][ T23] usb 4-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice=f0.21 [ 224.124932][ T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 224.183963][ T23] usb 4-1: Product: syz [ 224.216109][ T23] usb 4-1: Manufacturer: syz [ 224.221038][ T23] usb 4-1: SerialNumber: syz [ 224.273650][ T23] usb 4-1: config 0 descriptor?? [ 224.435192][T10668] loop4: detected capacity change from 0 to 40427 [ 224.541207][T10668] F2FS-fs (loop4): Invalid log sectors per block(0) log sectorsize(9) [ 224.596857][T10668] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 224.627316][ T23] usbhid 4-1:0.78: couldn't find an input interrupt endpoint [ 224.648116][T10668] F2FS-fs (loop4): invalid crc value [ 224.664444][ T23] usb 4-1: USB disconnect, device number 13 [ 224.668395][T10668] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 224.776427][ T7772] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 224.796694][ T7772] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 224.822026][ T7772] usb 3-1: Product: syz [ 224.871547][ T4243] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 224.881256][ T7772] usb 3-1: Manufacturer: syz [ 224.885884][ T7772] usb 3-1: SerialNumber: syz [ 225.017658][ T7772] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 225.096996][T10668] F2FS-fs (loop4): recover fsync data on readonly fs [ 225.105782][T10668] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 225.118716][T10668] F2FS-fs (loop4): Try to recover 1th superblock, ret: -30 [ 225.126146][T10668] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 225.218455][T10709] loop1: detected capacity change from 0 to 8 [ 225.341840][T10668] F2FS-fs (loop4): Try to recover all the superblocks, ret: 0 [ 225.491644][ T4243] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 225.499824][ T4243] usb 1-1: config 0 has no interface number 0 [ 225.758679][ T4243] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 225.786867][ T4243] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 225.794914][ T4243] usb 1-1: Product: syz [ 225.823546][ T4243] usb 1-1: Manufacturer: syz [ 225.850053][ T4243] usb 1-1: SerialNumber: syz [ 225.883929][ T4243] usb 1-1: config 0 descriptor?? [ 226.045143][ T23] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 226.180938][ T4243] dvb_usb_ec168: probe of 1-1:0.1 failed with error -71 [ 226.255362][ T4243] usb 1-1: USB disconnect, device number 16 [ 226.539470][ T8931] usb 3-1: USB disconnect, device number 17 [ 226.725290][T10741] loop4: detected capacity change from 0 to 1764 [ 226.773856][T10741] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 226.836717][T10748] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2993'. [ 226.885142][T10748] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2993'. [ 227.175995][ T23] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 227.196982][ T23] ath9k_htc: Failed to initialize the device [ 227.229490][ T8931] usb 3-1: ath9k_htc: USB layer deinitialized [ 227.480230][T10777] tmpfs: Bad value for 'mpol' [ 227.772893][T10793] netlink: 'syz.0.3014': attribute type 13 has an invalid length. [ 227.818087][T10793] netlink: 'syz.0.3014': attribute type 17 has an invalid length. [ 227.857090][T10793] netlink: 'syz.0.3014': attribute type 27 has an invalid length. [ 227.868256][T10797] netlink: 'syz.1.3017': attribute type 3 has an invalid length. [ 227.938330][T10797] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.3017'. [ 228.239865][T10817] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 2 [ 228.267274][ C1] net_ratelimit: 6042 callbacks suppressed [ 228.267302][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 228.285469][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 228.298058][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 228.310883][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 228.323343][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 228.335945][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 228.348261][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 228.360625][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 228.373277][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 228.385652][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 228.842728][T10845] netlink: 272 bytes leftover after parsing attributes in process `syz.0.3041'. [ 229.045897][T10856] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3047'. [ 229.217717][T10863] loop0: detected capacity change from 0 to 24 [ 229.276346][T10866] cifs: Unknown parameter 'h}# [ 229.276346][T10866] [bIT&:"1:ӭ'4,Zz-#F<]%gC [ 229.276346][T10866] SȘȞZ6' [ 229.393615][T10869] loop1: detected capacity change from 0 to 256 [ 229.848860][T10889] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3063'. [ 230.267002][ T8928] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 230.537265][ T8928] usb 4-1: Using ep0 maxpacket: 32 [ 230.640883][T10929] netlink: 'syz.4.3083': attribute type 3 has an invalid length. [ 230.820087][T10941] xt_TPROXY: Can be used only with -p tcp or -p udp [ 230.831355][T10869] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 230.887275][ T8928] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=67.fe [ 230.902066][ T8928] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 230.909277][T10943] loop4: detected capacity change from 0 to 64 [ 230.938367][ T8928] usb 4-1: Product: syz [ 230.952872][ T8928] usb 4-1: Manufacturer: syz [ 230.966330][ T8928] usb 4-1: SerialNumber: syz [ 230.982542][ T8928] usb 4-1: config 0 descriptor?? [ 231.109435][T10949] loop0: detected capacity change from 0 to 64 [ 231.273136][ T8928] snd-usb-6fire 4-1:0.0: unknown device firmware state received from device: [ 231.296095][ T8928] 00 00 00 00 00 00 00 00 [ 231.311410][ T8928] snd-usb-6fire: probe of 4-1:0.0 failed with error -5 [ 231.505149][T10963] netlink: 'syz.0.3101': attribute type 2 has an invalid length. [ 231.526943][ T4191] usb 4-1: USB disconnect, device number 14 [ 231.713970][T10973] netlink: 'syz.0.3105': attribute type 7 has an invalid length. [ 231.757245][T10973] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3105'. [ 231.957593][T10987] loop4: detected capacity change from 0 to 128 [ 232.047039][T10990] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3113'. [ 232.364166][T10987] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 232.441309][T10987] ext4 filesystem being mounted at /575/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 232.472274][T10987] EXT4-fs warning (device loop4): ext4_group_extend:1847: will only finish group (8193 blocks, 8129 new) [ 232.561836][T10987] EXT4-fs warning (device loop4): ext4_group_extend:1852: can't read last block, resize aborted [ 232.600261][T11019] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 19971 - 0 [ 232.650149][T11019] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 232.814943][T11031] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3132'. [ 232.882582][T11025] loop0: detected capacity change from 0 to 4096 [ 233.206926][T11025] ntfs: (device loop0): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1. [ 233.298369][ C1] net_ratelimit: 7335 callbacks suppressed [ 233.298388][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 233.316634][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 233.329526][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 233.342405][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 233.354904][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 233.368031][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 233.380360][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 233.385137][T11064] overlayfs: unrecognized mount option "\" or missing value [ 233.392744][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 233.412573][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 233.424964][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 233.469161][T11025] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing. [ 233.506499][T11025] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 233.597037][T11025] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 233.688131][T11025] ntfs: volume version 3.1. [ 233.707454][T11025] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 233.757629][T11025] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 233.836885][ T7772] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 233.850606][T11025] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated. Mounting read-only. Run chkdsk. [ 234.049004][T11025] ntfs: (device loop0): ntfs_read_locked_index_inode(): $INDEX_ROOT attribute is missing. [ 234.144989][T11025] ntfs: (device loop0): ntfs_read_locked_index_inode(): Failed with error code -2 while reading index inode (mft_no 0x0, name_len 2. [ 234.209602][T11025] ntfs: (device loop0): load_and_init_quota(): Failed to load $Quota/$Q index. [ 234.262223][ T7772] usb 5-1: Using ep0 maxpacket: 32 [ 234.371306][ T7770] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 234.440536][ T7772] usb 5-1: config 0 has an invalid interface number: 184 but max is 0 [ 234.492666][ T7772] usb 5-1: config 0 has no interface number 0 [ 234.510288][ T7772] usb 5-1: config 0 interface 184 has no altsetting 0 [ 234.651579][ T4264] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 234.777954][ T7772] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 234.802619][ T7772] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 234.829532][ T7772] usb 5-1: Product: syz [ 234.833747][ T7772] usb 5-1: Manufacturer: syz [ 234.873789][ T7772] usb 5-1: SerialNumber: syz [ 234.888860][ T7772] usb 5-1: config 0 descriptor?? [ 234.914517][T11108] loop1: detected capacity change from 0 to 64 [ 234.967756][ T7772] smsc75xx v1.0.0 [ 234.988102][ T7770] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 235.011613][ T7770] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 235.038771][ T7770] usb 4-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 235.064401][T11108] hfs: request for non-existent node -117440513 in B*Tree [ 235.076172][ T7770] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.084275][T11108] hfs: request for non-existent node -117440513 in B*Tree [ 235.172045][T11081] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 235.244597][ T7772] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71 [ 235.256865][ T7772] smsc75xx: probe of 5-1:0.184 failed with error -71 [ 235.258778][ T4264] usb 3-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5 [ 235.314031][ T7772] usb 5-1: USB disconnect, device number 18 [ 235.315199][ T4264] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.338154][ T4264] usb 3-1: Product: syz [ 235.345808][ T4264] usb 3-1: Manufacturer: syz [ 235.353417][T11104] loop0: detected capacity change from 0 to 32768 [ 235.360014][ T4264] usb 3-1: SerialNumber: syz [ 235.376631][ T4264] usb 3-1: config 0 descriptor?? [ 235.405447][T11104] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.3168 (11104) [ 235.438947][ T4264] gspca_main: sq905c-2.14.0 probing 2770:9052 [ 235.489762][T11104] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 235.499401][T11104] BTRFS info (device loop0): force zlib compression, level 3 [ 235.509508][T11104] BTRFS info (device loop0): force clearing of disk cache [ 235.516747][T11104] BTRFS info (device loop0): setting nodatasum [ 235.525825][T11104] BTRFS info (device loop0): allowing degraded mounts [ 235.533041][T11104] BTRFS info (device loop0): enabling disk space caching [ 235.554551][T11104] BTRFS info (device loop0): disk space caching is enabled [ 235.569744][T11104] BTRFS info (device loop0): has skinny extents [ 235.714443][ T7770] aiptek 4-1:17.0: Aiptek using 400 ms programming speed [ 235.739835][ T7770] input: Aiptek as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:17.0/input/input15 [ 235.836202][ T7770] usb 4-1: USB disconnect, device number 15 [ 235.865015][T11104] BTRFS info (device loop0): clearing free space tree [ 235.882721][ T4264] gspca_sq905c: sq905c_read: usb_control_msg failed (-71) [ 235.898556][T11104] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 235.917033][T11104] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 235.936601][ T4264] sq905c 3-1:0.0: Reading version command failed [ 235.963574][ T4264] sq905c: probe of 3-1:0.0 failed with error -71 [ 236.004902][ T4264] usb 3-1: USB disconnect, device number 18 [ 236.024094][T11131] loop4: detected capacity change from 0 to 4096 [ 236.725562][T11153] loop1: detected capacity change from 0 to 2048 [ 236.823429][T11131] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 236.860800][T11153] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 236.943066][T11164] netlink: 120 bytes leftover after parsing attributes in process `syz.3.3189'. [ 237.047957][T11165] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 237.166893][T11131] ntfs3: loop4: failed to convert "c46c" to macgaelic [ 237.267737][T11175] netlink: 'syz.3.3194': attribute type 1 has an invalid length. [ 237.372279][T11179] raw_sendmsg: syz.0.3197 forgot to set AF_INET. Fix it! [ 237.655149][T11204] loop1: detected capacity change from 0 to 256 [ 237.741506][T11204] FAT-fs (loop1): Directory bread(block 64) failed [ 237.776996][T11204] FAT-fs (loop1): Directory bread(block 65) failed [ 237.806963][T11204] FAT-fs (loop1): Directory bread(block 66) failed [ 237.837103][T11204] FAT-fs (loop1): Directory bread(block 67) failed [ 237.875809][T11204] FAT-fs (loop1): Directory bread(block 68) failed [ 237.912461][T11204] FAT-fs (loop1): Directory bread(block 69) failed [ 237.930749][T11204] FAT-fs (loop1): Directory bread(block 70) failed [ 237.953887][T11204] FAT-fs (loop1): Directory bread(block 71) failed [ 237.984349][T11204] FAT-fs (loop1): Directory bread(block 72) failed [ 238.003097][T11204] FAT-fs (loop1): Directory bread(block 73) failed [ 238.294817][T11236] loop4: detected capacity change from 0 to 8 [ 238.306916][ C1] net_ratelimit: 6640 callbacks suppressed [ 238.306935][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 238.325461][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 238.338417][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.350798][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.364067][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 238.376428][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.388825][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.401574][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.413961][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 238.426416][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 238.524708][T11236] SQUASHFS error: Unable to read inode 0xe3 [ 238.537907][T11249] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 239.257224][ T4244] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 239.522957][T11289] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3248'. [ 239.546982][ T4244] usb 1-1: Using ep0 maxpacket: 16 [ 239.779888][T11277] loop4: detected capacity change from 0 to 32768 [ 239.837261][ T4244] usb 1-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 239.856619][ T4244] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 239.884160][ T4244] usb 1-1: Product: syz [ 239.892592][ T4244] usb 1-1: Manufacturer: syz [ 239.908936][ T4244] usb 1-1: SerialNumber: syz [ 239.924705][ T4244] usb 1-1: config 0 descriptor?? [ 240.210835][ T4244] speedtch 1-1:0.0: speedtch_bind: data interface not found! [ 240.228592][ T4244] speedtch 1-1:0.0: usbatm_usb_probe: bind failed: -19! [ 240.356291][T11313] tc_dump_action: action bad kind [ 240.432560][ T4244] usb 1-1: USB disconnect, device number 17 [ 240.482372][T11321] loop1: detected capacity change from 0 to 1024 [ 240.551386][T11277] [ 240.551386][T11277] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 240.551386][T11277] [ 240.569128][T11321] EXT4-fs (loop1): Ignoring removed bh option [ 240.655642][T11277] ERROR: (device loop4): diWrite: ixpxd invalid [ 240.655642][T11277] [ 240.695559][T11321] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x000000000000000a,data_err=ignore,grpquota,abort,user_xattr,bh,errors=remount-ro,. Quota mode: writeback. [ 240.723420][T11333] nftables ruleset with unbound chain [ 240.857210][T11277] ERROR: (device loop4): txCommit: [ 240.857210][T11277] [ 240.946138][T11336] netlink: 'syz.2.3269': attribute type 2 has an invalid length. [ 241.019968][T11336] netlink: 'syz.2.3269': attribute type 1 has an invalid length. [ 241.034903][ T4188] [ 241.034903][ T4188] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 241.034903][ T4188] [ 241.106596][ T4188] [ 241.106596][ T4188] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 241.106596][ T4188] [ 241.129847][T11336] netlink: 152 bytes leftover after parsing attributes in process `syz.2.3269'. [ 241.368563][T11350] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3277'. [ 241.503110][T11355] loop0: detected capacity change from 0 to 2048 [ 241.648383][T11360] netlink: 'syz.4.3283': attribute type 21 has an invalid length. [ 241.676036][T11355] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 241.707039][T11355] UDF-fs: Scanning with blocksize 512 failed [ 241.759607][T11355] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 242.318797][T11388] overlayfs: workdir and upperdir must be separate subtrees [ 242.753771][T11410] IPv6: sit1: Disabled Multicast RS [ 242.986692][ T8928] usb 5-1: new full-speed USB device number 19 using dummy_hcd [ 243.014428][T11423] netlink: 'syz.2.3313': attribute type 3 has an invalid length. [ 243.316844][ C1] net_ratelimit: 5785 callbacks suppressed [ 243.316860][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 243.335439][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 243.348016][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 243.360754][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 243.373735][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.386125][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.398786][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 243.411141][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.423511][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.436159][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 243.456098][T11439] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3321'. [ 243.497241][ T8928] usb 5-1: unable to get BOS descriptor or descriptor too short [ 243.563817][ T8928] usb 5-1: not running at top speed; connect to a high speed hub [ 243.689504][ T8928] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 243.723265][ T8928] usb 5-1: config 1 interface 0 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 243.745562][ T8928] usb 5-1: config 1 interface 0 has no altsetting 0 [ 243.927230][ T8928] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 243.944249][ T8928] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 243.959657][T11455] netlink: 212912 bytes leftover after parsing attributes in process `syz.1.3329'. [ 243.960379][ T8928] usb 5-1: Product: syz [ 243.992065][ T8928] usb 5-1: Manufacturer: syz [ 244.031426][ T8928] usb 5-1: SerialNumber: syz [ 244.135839][T11463] loop1: detected capacity change from 0 to 256 [ 244.348031][ T8928] usb 5-1: bad CDC descriptors [ 244.384716][ T8928] usb 5-1: USB disconnect, device number 19 [ 244.507034][ T4244] usb 4-1: new full-speed USB device number 16 using dummy_hcd [ 244.928830][T11487] loop0: detected capacity change from 0 to 4096 [ 244.967157][ T4244] usb 4-1: unable to get BOS descriptor or descriptor too short [ 245.017074][ T4244] usb 4-1: not running at top speed; connect to a high speed hub [ 245.129955][ T4244] usb 4-1: config 1 interface 0 altsetting 8 endpoint 0x1 has invalid maxpacket 1023, setting to 64 [ 245.159955][ T4244] usb 4-1: config 1 interface 0 has no altsetting 0 [ 245.237124][ T4244] usb 4-1: language id specifier not provided by device, defaulting to English [ 245.411002][ T4244] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 245.443843][ T4244] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 245.456476][ T4244] usb 4-1: Product: syz [ 245.466878][ T4244] usb 4-1: Manufacturer: 晹ⱴ䙜穈쉆ᓧ⇯䫼¬횒錅᦬蜼ꍯඨㇻ곌鵄ʀ嵩⋵걆ꪱ솃腢񈱋 [ 245.467378][T11489] loop4: detected capacity change from 0 to 32768 [ 245.478989][ T4244] usb 4-1: SerialNumber: syz [ 245.527291][T11469] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 245.559048][T11489] [ 245.559048][T11489] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 245.559048][T11489] [ 245.606770][ T4188] [ 245.606770][ T4188] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 245.606770][ T4188] [ 245.628091][ T4188] [ 245.628091][ T4188] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 245.628091][ T4188] [ 245.871849][T11500] ptrace attach of "./syz-executor exec"[4188] was attempted by "./syz-executor exec"[11500] [ 245.877334][ T4244] usb 4-1: USB disconnect, device number 16 [ 246.301102][T11524] loop1: detected capacity change from 0 to 1024 [ 246.318490][T11487] __ntfs_error: 1 callbacks suppressed [ 246.318507][T11487] ntfs: (device loop0): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1. [ 246.437644][T11524] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 246.501705][T11487] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing. [ 246.511209][T11487] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 246.574427][T11487] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 246.625625][T11487] ntfs: volume version 3.1. [ 246.663927][T11487] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 246.705596][T11487] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 246.747290][T11487] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated. Mounting read-only. Run chkdsk. [ 246.797400][T11487] ntfs: (device loop0): ntfs_read_locked_index_inode(): $INDEX_ROOT attribute is missing. [ 246.833726][T11487] ntfs: (device loop0): ntfs_read_locked_index_inode(): Failed with error code -2 while reading index inode (mft_no 0x0, name_len 2. [ 246.906894][T11487] ntfs: (device loop0): load_and_init_quota(): Failed to load $Quota/$Q index. [ 247.708843][ T7772] usb 1-1: new low-speed USB device number 18 using dummy_hcd [ 247.786743][T11587] loop1: detected capacity change from 0 to 256 [ 247.896112][T11587] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 247.986420][T11587] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 248.274915][ T7772] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 248.284273][ T7772] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 248.327218][ C1] net_ratelimit: 7291 callbacks suppressed [ 248.327234][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 248.346181][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 248.358628][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 248.371361][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 248.383786][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 248.396208][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 248.408974][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 248.421426][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 248.433909][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 248.446405][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:10:10:41:df:2d, vlan:0) [ 248.508481][ T7772] usb 1-1: config 0 descriptor?? [ 248.795076][ T7772] asix 1-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 249.026951][ T7772] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 249.041309][ T7772] asix 1-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 249.092869][ T7772] asix: probe of 1-1:0.0 failed with error -71 [ 249.163182][ T7772] usb 1-1: USB disconnect, device number 18 [ 249.321398][T11635] netlink: 100 bytes leftover after parsing attributes in process `syz.2.3413'. [ 249.331353][ T4244] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 249.537419][T11615] loop1: detected capacity change from 0 to 32768 [ 249.617101][ T4244] usb 5-1: Using ep0 maxpacket: 32 [ 249.801724][ T4244] usb 5-1: unable to get BOS descriptor or descriptor too short [ 249.923388][ T4244] usb 5-1: config 3 has an invalid interface number: 224 but max is 0 [ 249.935932][T11663] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 249.950443][ T4244] usb 5-1: config 3 has no interface number 0 [ 249.956778][ T4244] usb 5-1: config 3 interface 224 altsetting 9 endpoint 0x7 has invalid maxpacket 1024, setting to 64 [ 249.979986][T11663] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 249.980997][ T7770] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 249.993668][ T4244] usb 5-1: config 3 interface 224 has no altsetting 0 [ 250.002559][T11663] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 250.037995][T11663] device veth0_to_bridge left promiscuous mode [ 250.044306][T11663] bridge0: port 3(veth0_to_bridge) entered disabled state [ 250.060167][T11615] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 250.071373][T11663] device bridge_slave_0 left promiscuous mode [ 250.093047][T11663] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.114825][T11663] device bridge_slave_1 left promiscuous mode [ 250.123862][T11663] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.134806][T11615] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 250.153510][T11663] bond0: (slave bond_slave_0): Releasing backup interface [ 250.166528][T11615] (syz.1.3402,11615,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=0, inode=970662608961, rec_len=0, name_len=0 [ 250.194012][T11615] (syz.1.3402,11615,0):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2 [ 250.217352][T11615] (syz.1.3402,11615,1):ocfs2_mknod:298 ERROR: status = -2 [ 250.224753][T11615] (syz.1.3402,11615,1):ocfs2_mknod:502 ERROR: status = -2 [ 250.232758][T11615] (syz.1.3402,11615,1):ocfs2_create:676 ERROR: status = -2 [ 250.242559][T11663] bond0: (slave bond_slave_1): Releasing backup interface [ 250.250634][ T4244] usb 5-1: New USB device found, idVendor=1199, idProduct=9055, bcdDevice=35.1f [ 250.263518][ T4186] ocfs2: Unmounting device (7,1) on (node local) [ 250.270252][ T4244] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 250.276912][ T7770] usb 4-1: Using ep0 maxpacket: 16 [ 250.290577][ T4244] usb 5-1: Product: syz [ 250.294899][ T4244] usb 5-1: Manufacturer: syz [ 250.314497][ T4244] usb 5-1: SerialNumber: syz [ 250.329326][T11669] x_tables: duplicate underflow at hook 1 [ 250.405139][ T7770] usb 4-1: config 0 has no interfaces? [ 250.426700][T11663] team0: Port device team_slave_0 removed [ 250.484683][T11663] team0: Port device team_slave_1 removed [ 250.485459][T11671] loop1: detected capacity change from 0 to 4096 [ 250.497457][ T7770] usb 4-1: config 0 has no interfaces? [ 250.503978][T11663] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 250.524034][T11663] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 250.534118][T11663] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 250.541925][T11663] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 250.577524][T11671] ntfs: volume version 3.1. [ 250.579795][ T7770] usb 4-1: config 0 has no interfaces? [ 250.657166][ T7770] usb 4-1: string descriptor 0 read error: -71 [ 250.667723][ T4244] rndis_host 5-1:3.224: invalid descriptor buffer length [ 250.670046][ T7770] usb 4-1: New USB device found, idVendor=0403, idProduct=e80c, bcdDevice=fb.ba [ 250.674806][ T4244] usb 5-1: bad CDC descriptors [ 250.708046][ T7770] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 250.725687][ T7770] usb 4-1: rejected 3 configurations due to insufficient available bus power [ 250.741788][ T7770] usb 4-1: no configuration chosen from 3 choices [ 250.761048][ T7770] usb 4-1: USB disconnect, device number 17 [ 250.801141][ T4244] usb 5-1: USB disconnect, device number 20 [ 250.970044][T11681] loop1: detected capacity change from 0 to 2048 [ 251.024581][T11681] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 251.556944][T11712] xt_bpf: check failed: parse error [ 251.991988][T11741] loop1: detected capacity change from 0 to 2048 [ 252.138003][T11741] UDF-fs: error (device loop1): udf_verify_fi: directory (ino 1376) has entry where CRC length (28) does not match entry length (24) [ 252.499122][T11763] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3476'. [ 252.683692][T11723] loop4: detected capacity change from 0 to 32768 [ 252.814891][T11723] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.3455 (11723) [ 252.837735][T11778] syz.0.3483 (11778): /proc/11776/oom_adj is deprecated, please use /proc/11776/oom_score_adj instead. [ 252.864255][T11723] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 252.883578][T11723] BTRFS info (device loop4): using free space tree [ 252.913359][T11723] BTRFS info (device loop4): has skinny extents [ 252.970292][T11786] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3486'. [ 253.258092][T11723] BTRFS info (device loop4): enabling ssd optimizations [ 253.644619][T11825] loop1: detected capacity change from 0 to 1024 [ 253.708267][T11828] loop0: detected capacity change from 0 to 512 [ 253.767669][T11825] EXT4-fs (loop1): mounted filesystem without journal. Opts: discard,data_err=ignore,,errors=continue. Quota mode: none. [ 253.838975][T11828] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 253.879013][T11828] ext4 filesystem being mounted at /665/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 253.953254][T11828] EXT4-fs error (device loop0): ext4_xattr_block_get:546: inode #15: comm syz.0.3499: corrupted xattr block 32 [ 254.305067][T11853] loop1: detected capacity change from 0 to 4096 [ 254.384834][T11853] ntfs3: loop1: ino=3, Correct links count -> 2. [ 254.391091][T11870] netlink: 'syz.0.3511': attribute type 1 has an invalid length. [ 254.420790][T11870] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3511'. [ 255.386232][T11943] xt_TCPMSS: Only works on TCP SYN packets [ 255.524884][T11954] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.564007][T11960] loop4: detected capacity change from 0 to 164 [ 255.659602][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.675601][T11960] Unable to read rock-ridge attributes [ 255.683956][T11967] netlink: 'syz.2.3560': attribute type 10 has an invalid length. [ 255.704365][T11960] Unable to read rock-ridge attributes [ 255.714786][T11960] attempt to access beyond end of device [ 255.714786][T11960] loop4: rw=524288, want=263332, limit=164 [ 255.735921][T11967] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3560'. [ 255.752970][T11960] attempt to access beyond end of device [ 255.752970][T11960] loop4: rw=0, want=263332, limit=164 [ 255.781697][T11967] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.793601][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 255.793614][ T26] audit: type=1800 audit(1764165805.710:14): pid=11960 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3555" name="file0" dev="loop4" ino=1862 res=0 errno=0 [ 255.837032][T11967] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.867760][T11967] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.896921][T11967] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.933522][T11967] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.960443][T11967] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.974462][T11967] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.983695][T11967] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.030842][T11967] team0: Port device geneve0 added [ 256.057416][T11989] tc_dump_action: action bad kind [ 256.152596][T11995] hsr0: VLAN not yet supported [ 256.366619][T12016] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3583'. [ 256.416988][T12016] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3583'. [ 256.438534][T12023] xt_CT: You must specify a L4 protocol and not use inversions on it [ 256.457543][T12016] net_ratelimit: 2430 callbacks suppressed [ 256.457560][T12016] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check. [ 256.675287][T12036] netlink: 'syz.0.3594': attribute type 1 has an invalid length. [ 256.715445][T12036] netlink: 232 bytes leftover after parsing attributes in process `syz.0.3594'. [ 256.835086][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 256.882953][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 256.923012][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 256.950960][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 256.991657][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.036592][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.077091][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.103817][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.120362][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.135730][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.152260][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.168799][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.185726][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.201495][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.218040][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.234387][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.249746][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.266303][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.281744][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.298426][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.314435][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.329895][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.345385][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.353151][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.360897][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.368714][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.376221][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.383874][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.389817][ T8926] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 257.391667][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.406470][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.420867][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.436218][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.452636][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.476959][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.492182][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.501864][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.516960][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.528408][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.543948][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.555958][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.559661][T12061] loop1: detected capacity change from 0 to 32768 [ 257.569782][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.569809][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.569830][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.569850][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.569870][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.569890][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.569911][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.569931][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.569952][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.569971][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.569991][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.570011][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.570031][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.570051][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.570071][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.570091][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.570111][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.570130][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.570149][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.570169][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.666985][ T8926] usb 5-1: Using ep0 maxpacket: 32 [ 257.675815][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.734363][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.741926][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.749490][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.766951][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.780812][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.791147][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.802046][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.809701][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.823899][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.831441][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.836276][ T8926] usb 5-1: config 0 has an invalid interface number: 247 but max is 0 [ 257.844892][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.856910][ T8926] usb 5-1: config 0 has no interface number 0 [ 257.873591][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.894625][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.916883][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.924350][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.946906][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.954340][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.976951][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 257.984378][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 258.000854][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 258.009115][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 258.012000][T12083] netlink: 'syz.1.3612': attribute type 4 has an invalid length. [ 258.016545][ T7772] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 258.023698][ T7772] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.03 Device [syz1] on syz1 [ 258.025167][ T8926] usb 5-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b [ 258.075812][ T8926] usb 5-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0 [ 258.096684][ T8926] usb 5-1: Product: syz [ 258.150482][T12085] loop1: detected capacity change from 0 to 64 [ 258.177181][ T8926] usb 5-1: Manufacturer: syz [ 258.186328][ T8926] usb 5-1: config 0 descriptor?? [ 258.348844][T12091] loop0: detected capacity change from 0 to 256 [ 258.482318][ T8926] usb 5-1: USB disconnect, device number 21 [ 258.508093][ T4244] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 258.556529][T12092] fido_id[12092]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 258.632287][T12104] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 258.666991][ T7772] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 258.780830][T12108] netlink: 'syz.2.3628': attribute type 3 has an invalid length. [ 258.875031][T12112] device bond2 entered promiscuous mode [ 258.882919][T12112] 8021q: adding VLAN 0 to HW filter on device bond2 [ 258.906968][ T7772] usb 2-1: Using ep0 maxpacket: 32 [ 258.937290][ T4244] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 258.948456][ T4244] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 258.965211][ T4244] usb 4-1: config 0 descriptor?? [ 259.009095][ T4244] cp210x 4-1:0.0: cp210x converter detected [ 259.027312][ T7772] usb 2-1: config 0 interface 0 has no altsetting 0 [ 259.044102][ T7772] usb 2-1: New USB device found, idVendor=2040, idProduct=c603, bcdDevice= 1.8e [ 259.058792][ T7772] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.086478][T12127] loop0: detected capacity change from 0 to 128 [ 259.105824][ T7772] usb 2-1: config 0 descriptor?? [ 259.150329][T12127] attempt to access beyond end of device [ 259.150329][T12127] loop0: rw=0, want=6491538, limit=128 [ 259.164452][ T7772] usb 2-1: dvb_usb_v2: found a 'Hauppauge 126xxx ATSC+' in warm state [ 259.205847][ T7772] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 259.218364][T12127] Buffer I/O error on dev loop0, logical block 3245768, async page read [ 259.237379][ T7772] dvbdev: DVB: registering new adapter (Hauppauge 126xxx ATSC+) [ 259.266930][ T7772] usb 2-1: media controller created [ 259.280423][ T4182] sysv_free_block: flc_count > flc_size [ 259.286955][ T7772] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 259.303043][ T4182] sysv_free_block: flc_count > flc_size [ 259.354147][ T4182] sysv_free_block: flc_count > flc_size [ 259.367530][ T4182] sysv_free_block: flc_count > flc_size [ 259.373911][ T4182] sysv_free_block: flc_count > flc_size [ 259.386277][ T4182] sysv_free_block: flc_count > flc_size [ 259.387790][ T7772] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 259.392263][ T4182] sysv_free_block: flc_count > flc_size [ 259.402011][ T7772] error writing reg: 0xff, val: 0x00 [ 259.413850][ T4182] sysv_free_block: flc_count > flc_size [ 259.426374][ T4182] sysv_free_block: flc_count > flc_size [ 259.438374][ T4182] sysv_free_block: flc_count > flc_size [ 259.469846][ T4244] usb 4-1: cp210x converter now attached to ttyUSB0 [ 259.472621][ T7772] dvb_usb_mxl111sf: probe of 2-1:0.0 failed with error -22 [ 259.476587][ T4182] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 259.500348][ T4244] usb 4-1: USB disconnect, device number 18 [ 259.543033][ T4244] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 259.570342][ T4244] cp210x 4-1:0.0: device disconnected [ 259.605737][ T7772] usb 2-1: USB disconnect, device number 14 [ 259.751924][T12131] loop4: detected capacity change from 0 to 32768 [ 259.856571][T12131] XFS (loop4): Mounting V5 Filesystem [ 260.076758][T12131] XFS (loop4): Ending clean mount [ 260.086358][T12131] XFS (loop4): Quotacheck needed: Please wait. [ 260.222418][T12131] XFS (loop4): Quotacheck: Done. [ 260.265287][T12131] loop4: Can't mount, would change RO state [ 260.354853][ T4188] XFS (loop4): Unmounting Filesystem [ 260.356614][T12180] loop1: detected capacity change from 0 to 2048 [ 260.457665][T12185] netlink: 9412 bytes leftover after parsing attributes in process `syz.0.3659'. [ 260.504718][T12180] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 261.029681][T12204] 9pnet: Insufficient options for proto=fd [ 261.107010][T11846] usb 2-1: new full-speed USB device number 15 using dummy_hcd [ 261.321989][T12216] loop4: detected capacity change from 0 to 1024 [ 261.467126][T11846] usb 2-1: config 0 has an invalid interface number: 229 but max is 0 [ 261.477722][T11846] usb 2-1: config 0 has no interface number 0 [ 261.484050][T11846] usb 2-1: config 0 interface 229 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 261.547866][ T9751] hfsplus: b-tree write err: -5, ino 4 [ 261.717151][T11846] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=1f.38 [ 261.776976][T11846] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 261.783024][T12240] xt_l2tp: missing protocol rule (udp|l2tpip) [ 261.784998][T11846] usb 2-1: Product: syz [ 261.816912][T11846] usb 2-1: Manufacturer: syz [ 261.822518][T11846] usb 2-1: SerialNumber: syz [ 261.854993][T11846] usb 2-1: config 0 descriptor?? [ 262.158376][T11846] usb 2-1: USB disconnect, device number 15 [ 262.316947][T12272] vim2m vim2m.0: Fourcc format (0x31384142) invalid. [ 262.506100][T12284] loop4: detected capacity change from 0 to 512 [ 262.644179][T12284] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 262.668158][T12297] ieee802154 phy1 wpan1: encryption failed: -22 [ 262.712048][T12284] EXT4-fs (loop4): orphan cleanup on readonly fs [ 262.750545][T12284] EXT4-fs warning (device loop4): ext4_enable_quotas:6461: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 262.780116][T12284] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 262.793494][T12303] device ipvlan1 left promiscuous mode [ 262.861270][T12284] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #16: comm syz.4.3704: inode has both inline data and extents flags [ 262.936308][T12284] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.3704: couldn't read orphan inode 16 (err -117) [ 262.971548][T12284] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 263.013186][T12324] netlink: 'syz.1.3723': attribute type 1 has an invalid length. [ 263.037174][T12284] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 263.064187][T12324] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3723'. [ 263.102373][T12324] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3723'. [ 263.312786][T12347] loop0: detected capacity change from 0 to 256 [ 263.438860][T12347] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 263.475665][T12347] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 263.671595][T12377] loop0: detected capacity change from 0 to 512 [ 263.825371][T12377] EXT4-fs error (device loop0): ext4_orphan_get:1427: comm syz.0.3747: bad orphan inode 13 [ 263.903365][T12377] ext4_test_bit(bit=12, block=4) = 1 [ 263.926970][T12377] is_bad_inode(inode)=0 [ 263.931470][T12377] NEXT_ORPHAN(inode)=0 [ 263.966324][T12377] max_ino=32 [ 264.011452][T12377] i_nlink=1 [ 264.014684][T12377] EXT4-fs (loop0): mounted filesystem without journal. Opts: usrjquota=,stripe=0x0000000000000007,,errors=continue. Quota mode: none. [ 264.099763][T12377] EXT4-fs warning (device loop0): dx_probe:845: inode #2: comm syz.0.3747: Hash code is SIPHASH, but hash not in dirent [ 264.133643][T12416] cifs: Unknown parameter 'no'aN[Gzob,er;%j [ 264.133643][T12416] z,@qJ#"h/.W1ȱnNC"C׈E)8+' [ 264.149035][T12377] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.3747: Corrupt directory, running e2fsck is recommended [ 264.172940][T12377] EXT4-fs warning (device loop0): dx_probe:845: inode #2: comm syz.0.3747: Hash code is SIPHASH, but hash not in dirent [ 264.239369][T12377] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.3747: Corrupt directory, running e2fsck is recommended [ 264.280978][T12422] loop1: detected capacity change from 0 to 256 [ 264.370940][T12422] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 264.416630][T12422] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 264.426916][ T7772] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 264.474769][T12422] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 264.705207][T12446] netlink: 100 bytes leftover after parsing attributes in process `syz.0.3783'. [ 264.797079][ T7772] usb 4-1: config 0 has an invalid interface number: 83 but max is 0 [ 264.815427][ T7772] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 264.850308][ T7772] usb 4-1: config 0 has no interface number 0 [ 264.867148][ T7772] usb 4-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=39.61 [ 264.876521][ T7772] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 264.977341][ T7772] usb 4-1: config 0 descriptor?? [ 265.031112][ T7772] ttusbir 4-1:0.83: cannot find expected altsetting [ 265.152551][T12464] PKCS8: Unsupported PKCS#8 version [ 265.242338][ T8928] usb 4-1: USB disconnect, device number 19 [ 265.314520][T12468] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3794'. [ 265.373894][T12468] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3794'. [ 265.620011][T12477] device ip6tnl3 entered promiscuous mode [ 265.796435][T12481] dlm: no locking on control device [ 265.886963][ C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 266.220675][T12499] loop1: detected capacity change from 0 to 2048 [ 266.347527][T12499] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 266.418264][T12499] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 266.625882][T12484] loop4: detected capacity change from 0 to 32768 [ 266.714763][T12484] (syz.4.3801,12484,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 266.716181][T12527] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 266.756521][T12484] (syz.4.3801,12484,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 266.764932][T12527] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 266.785109][T12527] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 266.797759][T12527] device bridge_slave_0 left promiscuous mode [ 266.832118][T12527] bridge0: port 1(bridge_slave_0) entered disabled state [ 266.872330][T12527] device bridge_slave_1 left promiscuous mode [ 266.874714][T12484] JBD2: Ignoring recovery information on journal [ 266.891639][T12527] bridge0: port 2(bridge_slave_1) entered disabled state [ 266.917318][T12527] bond0: (slave bond_slave_0): Releasing backup interface [ 266.947705][T12527] bond0: (slave bond_slave_1): Releasing backup interface [ 266.958141][T11830] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 266.980436][T12484] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 267.032876][T12527] team0: Port device team_slave_0 removed [ 267.054905][T12527] team0: Port device team_slave_1 removed [ 267.061635][T12527] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 267.074892][T12527] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 267.086251][T12527] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 267.096562][T12527] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 267.137544][T12527] team0: Port device wlan1 removed [ 267.197067][T11830] usb 3-1: Using ep0 maxpacket: 32 [ 267.206381][ T4188] ocfs2: Unmounting device (7,4) on (node local) [ 267.367331][T11830] usb 3-1: unable to get BOS descriptor or descriptor too short [ 267.447135][T11830] usb 3-1: config 3 has an invalid interface number: 224 but max is 0 [ 267.455483][T11830] usb 3-1: config 3 has no interface number 0 [ 267.496911][T11830] usb 3-1: config 3 interface 224 altsetting 9 endpoint 0x7 has invalid maxpacket 1024, setting to 64 [ 267.522636][T11830] usb 3-1: config 3 interface 224 has no altsetting 0 [ 267.662343][T12562] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3836'. [ 267.697129][T11830] usb 3-1: New USB device found, idVendor=1199, idProduct=9055, bcdDevice=35.1f [ 267.697163][T11830] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 267.697185][T11830] usb 3-1: Product: syz [ 267.697200][T11830] usb 3-1: Manufacturer: syz [ 267.697215][T11830] usb 3-1: SerialNumber: syz [ 267.966468][T12575] loop4: detected capacity change from 0 to 764 [ 268.017623][T11830] rndis_host 3-1:3.224: invalid descriptor buffer length [ 268.024701][T11830] usb 3-1: bad CDC descriptors [ 268.084199][T11830] usb 3-1: USB disconnect, device number 19 [ 268.243370][T12549] loop1: detected capacity change from 0 to 32768 [ 268.288422][T12593] xt_bpf: check failed: parse error [ 268.370106][T12549] ERROR: (device loop1): dtSearch: stack overrun! [ 268.370106][T12549] [ 268.430800][T12549] ERROR: (device loop1): remounting filesystem as read-only [ 268.464280][T12549] btstack dump: [ 268.474307][T12549] bn = 0, index = 4 [ 268.500089][T12549] bn = 0, index = 4 [ 268.509423][T12549] bn = 0, index = 4 [ 268.541510][T12549] bn = 0, index = 4 [ 268.576901][T12549] bn = 0, index = 4 [ 268.580773][T12549] bn = 0, index = 4 [ 268.584854][T12549] bn = 0, index = 4 [ 268.618087][T12549] bn = 0, index = 0 [ 268.621966][T12549] jfs_lookup: dtSearch returned -5 [ 268.950823][T12632] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3870'. [ 269.036191][T12635] netlink: 'syz.1.3872': attribute type 12 has an invalid length. [ 269.054768][T12641] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3875'. [ 269.297056][T11830] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 269.529502][T12672] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 269.546942][T11830] usb 4-1: Using ep0 maxpacket: 32 [ 269.552477][T12672] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 269.574412][T12672] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 269.717067][T11830] usb 4-1: unable to get BOS descriptor or descriptor too short [ 269.754789][T12691] loop4: detected capacity change from 0 to 16 [ 269.797176][T11830] usb 4-1: config 129 has an invalid interface number: 249 but max is 0 [ 269.804523][T12696] loop1: detected capacity change from 0 to 512 [ 269.824117][T12691] erofs: (device loop4): mounted with root inode @ nid 36. [ 269.843598][T11830] usb 4-1: config 129 has no interface number 0 [ 269.853187][T11830] usb 4-1: config 129 interface 249 altsetting 247 bulk endpoint 0x81 has invalid maxpacket 32 [ 269.864908][T12691] erofs: (device loop4): find_target_block_classic: corrupted dir block 0 @ nid 36 [ 269.875222][T11830] usb 4-1: config 129 interface 249 altsetting 247 endpoint 0xA has invalid wMaxPacketSize 0 [ 269.954384][T11830] usb 4-1: config 129 interface 249 has no altsetting 0 [ 269.961702][T12696] EXT4-fs (loop1): mounted filesystem without journal. Opts: quota,,errors=continue. Quota mode: writeback. [ 269.993747][T12696] ext4 filesystem being mounted at /726/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 270.052163][T12708] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3904'. [ 270.067528][T12708] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3904'. [ 270.076516][T12696] [ 270.078864][T12696] ====================================================== [ 270.085879][T12696] WARNING: possible circular locking dependency detected [ 270.091216][T12708] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3904'. [ 270.092910][T12696] syzkaller #0 Not tainted [ 270.092922][T12696] ------------------------------------------------------ [ 270.102321][T12708] device gretap0 left promiscuous mode [ 270.106248][T12696] syz.1.3901/12696 is trying to acquire lock: [ 270.106263][T12696] ffff88806258a968 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_commit+0x5a/0x410 [ 270.114647][T12708] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3904'. [ 270.118760][T12696] [ 270.118760][T12696] but task is already holding lock: [ 270.118769][T12696] ffff888075313450 (&ei->i_data_sem){++++}-{3:3}, at: ext4_map_blocks+0x8b2/0x1b30 [ 270.125552][T12708] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3904'. [ 270.133772][T12696] [ 270.133772][T12696] which lock already depends on the new lock. [ 270.133772][T12696] [ 270.133782][T12696] [ 270.133782][T12696] the existing dependency chain (in reverse order) is: [ 270.133787][T12696] [ 270.133787][T12696] -> #5 (&ei->i_data_sem){++++}-{3:3}: [ 270.133811][T12696] down_write+0x38/0x60 [ 270.133834][T12696] ext4_truncate+0x96d/0x10d0 [ 270.133850][T12696] ext4_setattr+0xffe/0x19e0 [ 270.133864][T12696] notify_change+0xbcd/0xee0 [ 270.133883][T12696] do_truncate+0x197/0x220 [ 270.133900][T12696] do_sys_ftruncate+0x31b/0x3d0 [ 270.133918][T12696] do_syscall_64+0x4c/0xa0 [ 270.133934][T12696] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 270.133953][T12696] [ 270.133953][T12696] -> #4 (jbd2_handle){++++}-{0:0}: [ 270.133973][T12696] start_this_handle+0x1338/0x15a0 [ 270.133988][T12696] jbd2__journal_start+0x2b7/0x5a0 [ 270.144403][T12708] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3904'. [ 270.150385][T12696] jbd2_journal_start+0x26/0x30 [ 270.150408][T12696] ocfs2_start_trans+0x374/0x6c0 [ 270.160725][T12708] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3904'. [ 270.168606][T12696] ocfs2_mknod+0xe2f/0x22b0 [ 270.168632][T12696] ocfs2_create+0x192/0x410 [ 270.168645][T12696] path_openat+0x11e1/0x2f30 [ 270.168662][T12696] do_filp_open+0x1b3/0x3e0 [ 270.184894][T12708] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 270.188043][T12696] do_sys_openat2+0x142/0x4a0 [ 270.188071][T12696] __x64_sys_openat+0x135/0x160 [ 270.188088][T12696] do_syscall_64+0x4c/0xa0 [ 270.188104][T12696] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 270.188122][T12696] [ 270.188122][T12696] -> #3 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 270.188151][T12696] down_read+0x44/0x2e0 [ 270.188169][T12696] ocfs2_start_trans+0x368/0x6c0 [ 270.188189][T12696] ocfs2_mknod+0xe2f/0x22b0 [ 270.188204][T12696] ocfs2_create+0x192/0x410 [ 270.188221][T12696] path_openat+0x11e1/0x2f30 [ 270.188238][T12696] do_filp_open+0x1b3/0x3e0 [ 270.188255][T12696] do_sys_openat2+0x142/0x4a0 [ 270.188274][T12696] __x64_sys_openat+0x135/0x160 [ 270.188294][T12696] do_syscall_64+0x4c/0xa0 [ 270.188309][T12696] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 270.188381][T12696] [ 270.188381][T12696] -> #2 (sb_internal#2){.+.+}-{0:0}: [ 270.188411][T12696] ocfs2_start_trans+0x269/0x6c0 [ 270.188432][T12696] ocfs2_acquire_dquot+0x677/0xaf0 [ 270.188446][T12696] dqget+0x778/0xeb0 [ 270.196666][T12708] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 270.200710][T12696] dquot_set_dqblk+0x27/0xf90 [ 270.200735][T12696] quota_setquota+0x4ac/0x530 [ 270.200753][T12696] __se_sys_quotactl+0x295/0x6c0 [ 270.206199][T12708] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 270.211010][T12696] do_syscall_64+0x4c/0xa0 [ 270.211028][T12696] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 270.211045][T12696] [ 270.211045][T12696] -> #1 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3} [ 270.216422][T12708] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 270.221050][T12696] : [ 270.221055][T12696] down_write+0x38/0x60 [ 270.221076][T12696] ocfs2_create_local_dquot+0x194/0x1750 [ 270.229335][T12708] chnl_net:chnl_net_open(): err: Unable to register and open device, Err:-19 [ 270.231356][T12696] ocfs2_acquire_dquot+0x7cb/0xaf0 [ 270.231378][T12696] dqget+0x778/0xeb0 [ 270.237903][T12708] caif:caif_disconnect_client(): nothing to disconnect [ 270.245019][T12696] dquot_set_dqblk+0x27/0xf90 [ 270.245042][T12696] quota_setquota+0x4ac/0x530 [ 270.523314][T12696] __se_sys_quotactl+0x295/0x6c0 [ 270.528770][T12696] do_syscall_64+0x4c/0xa0 [ 270.533693][T12696] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 270.540095][T12696] [ 270.540095][T12696] -> #0 (&dquot->dq_lock){+.+.}-{3:3}: [ 270.547727][T12696] __lock_acquire+0x2c33/0x7c60 [ 270.553085][T12696] lock_acquire+0x197/0x3f0 [ 270.558100][T12696] __mutex_lock_common+0x1eb/0x2390 [ 270.563820][T12696] mutex_lock_nested+0x17/0x20 [ 270.569090][T12696] dquot_commit+0x5a/0x410 [ 270.574010][T12696] ext4_write_dquot+0x1f0/0x360 [ 270.579369][T12696] mark_all_dquot_dirty+0xf9/0x400 [ 270.585030][T12696] __dquot_alloc_space+0x5d0/0xe20 [ 270.590646][T12696] ext4_mb_new_blocks+0xf68/0x4940 [ 270.596265][T12696] ext4_ext_map_blocks+0x191a/0x6650 [ 270.602056][T12696] ext4_map_blocks+0x981/0x1b30 [ 270.607408][T12696] _ext4_get_block+0x1d7/0x4e0 [ 270.612685][T12696] ext4_block_write_begin+0x60f/0x1210 [ 270.618746][T12696] ext4_write_begin+0x6c2/0x15c0 [ 270.624185][T12696] ext4_da_write_begin+0x435/0xb30 [ 270.629885][T12696] __page_symlink+0xf6/0x1f0 [ 270.634984][T12696] ext4_symlink+0x880/0xcc0 [ 270.639989][T12696] vfs_symlink+0x247/0x3d0 [ 270.644907][T12696] do_symlinkat+0x1be/0x6c0 [ 270.649911][T12696] __x64_sys_symlink+0x7a/0x90 [ 270.655181][T12696] do_syscall_64+0x4c/0xa0 [ 270.660103][T12696] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 270.666500][T12696] [ 270.666500][T12696] other info that might help us debug this: [ 270.666500][T12696] [ 270.676706][T12696] Chain exists of: [ 270.676706][T12696] &dquot->dq_lock --> jbd2_handle --> &ei->i_data_sem [ 270.676706][T12696] [ 270.689378][T12696] Possible unsafe locking scenario: [ 270.689378][T12696] [ 270.696805][T12696] CPU0 CPU1 [ 270.702148][T12696] ---- ---- [ 270.707494][T12696] lock(&ei->i_data_sem); [ 270.711896][T12696] lock(jbd2_handle); [ 270.718465][T12696] lock(&ei->i_data_sem); [ 270.725382][T12696] lock(&dquot->dq_lock); [ 270.729775][T12696] [ 270.729775][T12696] *** DEADLOCK *** [ 270.729775][T12696] [ 270.737983][T12696] 4 locks held by syz.1.3901/12696: [ 270.743174][T12696] #0: ffff888056326460 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90 [ 270.752315][T12696] #1: ffff8880751d35c8 (&type->i_mutex_dir_key#4/1){+.+.}-{3:3}, at: filename_create+0x1f2/0x450 [ 270.762925][T12696] #2: ffff888075313450 (&ei->i_data_sem){++++}-{3:3}, at: ext4_map_blocks+0x8b2/0x1b30 [ 270.772650][T12696] #3: ffffffff8c23f118 (dquot_srcu){....}-{0:0}, at: rcu_lock_acquire+0x5/0x30 [ 270.781681][T12696] [ 270.781681][T12696] stack backtrace: [ 270.787636][T12696] CPU: 1 PID: 12696 Comm: syz.1.3901 Not tainted syzkaller #0 [ 270.795161][T12696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 270.805208][T12696] Call Trace: [ 270.808487][T12696] [ 270.811412][T12696] dump_stack_lvl+0x168/0x230 [ 270.816079][T12696] ? load_image+0x3b0/0x3b0 [ 270.820564][T12696] ? show_regs_print_info+0x20/0x20 [ 270.825747][T12696] ? print_circular_bug+0x12b/0x1a0 [ 270.830926][T12696] check_noncircular+0x274/0x310 [ 270.835844][T12696] ? add_chain_block+0x940/0x940 [ 270.840762][T12696] ? lockdep_lock+0xdc/0x1e0 [ 270.845335][T12696] ? mark_lock+0x94/0x320 [ 270.849647][T12696] __lock_acquire+0x2c33/0x7c60 [ 270.854489][T12696] ? verify_lock_unused+0x140/0x140 [ 270.859670][T12696] ? mark_lock+0x94/0x320 [ 270.863996][T12696] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 270.869978][T12696] ? lock_chain_count+0x20/0x20 [ 270.874824][T12696] lock_acquire+0x197/0x3f0 [ 270.879314][T12696] ? dquot_commit+0x5a/0x410 [ 270.883891][T12696] ? finish_task_switch+0x12f/0x640 [ 270.889076][T12696] ? __might_sleep+0xf0/0xf0 [ 270.893654][T12696] ? read_lock_is_recursive+0x10/0x10 [ 270.899014][T12696] ? __schedule+0x11c3/0x4390 [ 270.903679][T12696] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 270.909646][T12696] ? dquot_commit+0x5a/0x410 [ 270.914260][T12696] __mutex_lock_common+0x1eb/0x2390 [ 270.919561][T12696] ? dquot_commit+0x5a/0x410 [ 270.924141][T12696] ? __might_sleep+0xf0/0xf0 [ 270.928713][T12696] ? mutex_lock_io_nested+0x60/0x60 [ 270.933899][T12696] ? preempt_schedule+0xa7/0xb0 [ 270.938734][T12696] mutex_lock_nested+0x17/0x20 [ 270.943483][T12696] dquot_commit+0x5a/0x410 [ 270.947889][T12696] ? __ext4_journal_start_sb+0x1bd/0x360 [ 270.953941][T12696] ext4_write_dquot+0x1f0/0x360 [ 270.958778][T12696] mark_all_dquot_dirty+0xf9/0x400 [ 270.963877][T12696] __dquot_alloc_space+0x5d0/0xe20 [ 270.969005][T12696] ext4_mb_new_blocks+0xf68/0x4940 [ 270.974117][T12696] ? ext4_mb_pa_callback+0xd0/0xd0 [ 270.979215][T12696] ? ext4_ext_check_overlap+0x15f/0x560 [ 270.984746][T12696] ? ext4_inode_to_goal_block+0x313/0x450 [ 270.990457][T12696] ext4_ext_map_blocks+0x191a/0x6650 [ 270.995749][T12696] ? rcu_lock_release+0x5/0x20 [ 271.000519][T12696] ? mark_lock+0x94/0x320 [ 271.004844][T12696] ? ext4_ext_release+0x10/0x10 [ 271.009692][T12696] ? rwsem_write_trylock+0x12f/0x1b0 [ 271.014985][T12696] ext4_map_blocks+0x981/0x1b30 [ 271.019843][T12696] ? ext4_issue_zeroout+0x250/0x250 [ 271.025156][T12696] _ext4_get_block+0x1d7/0x4e0 [ 271.029950][T12696] ? ext4_get_block+0x40/0x40 [ 271.034632][T12696] ext4_block_write_begin+0x60f/0x1210 [ 271.040095][T12696] ? ext4_es_is_delayed+0x40/0x40 [ 271.045111][T12696] ? ext4_print_free_blocks+0x390/0x390 [ 271.050645][T12696] ? __ext4_journal_start_sb+0x1bd/0x360 [ 271.056268][T12696] ext4_write_begin+0x6c2/0x15c0 [ 271.061206][T12696] ? ext4_readahead+0x110/0x110 [ 271.066058][T12696] ? __ext4_mark_inode_dirty+0x4d5/0x700 [ 271.071686][T12696] ext4_da_write_begin+0x435/0xb30 [ 271.076782][T12696] ? trace_ext4_allocate_inode+0x84/0x1d0 [ 271.082496][T12696] ? ext4_set_page_dirty+0x320/0x320 [ 271.087780][T12696] ? ext4_orphan_add+0x124/0x11e0 [ 271.092793][T12696] ? pagecache_write_begin+0x33/0xa0 [ 271.098062][T12696] __page_symlink+0xf6/0x1f0 [ 271.102816][T12696] ? page_readlink+0x1a0/0x1a0 [ 271.107565][T12696] ? __ext4_journal_stop+0x30/0x190 [ 271.112837][T12696] ? ext4_symlink+0x74b/0xcc0 [ 271.117496][T12696] ext4_symlink+0x880/0xcc0 [ 271.121984][T12696] ? lookup_one_qstr_excl+0x11c/0x240 [ 271.127342][T12696] ? ext4_unlink+0x500/0x500 [ 271.131913][T12696] ? inode_permission+0xef/0x480 [ 271.136841][T12696] ? bpf_lsm_inode_symlink+0x5/0x10 [ 271.142021][T12696] ? security_inode_symlink+0xb2/0x100 [ 271.147465][T12696] vfs_symlink+0x247/0x3d0 [ 271.151868][T12696] do_symlinkat+0x1be/0x6c0 [ 271.156351][T12696] ? __check_object_size+0x30c/0x410 [ 271.161627][T12696] ? vfs_symlink+0x3d0/0x3d0 [ 271.166202][T12696] ? getname_flags+0x1fe/0x500 [ 271.170951][T12696] __x64_sys_symlink+0x7a/0x90 [ 271.175704][T12696] do_syscall_64+0x4c/0xa0 [ 271.180104][T12696] ? clear_bhb_loop+0x30/0x80 [ 271.184763][T12696] ? clear_bhb_loop+0x30/0x80 [ 271.189422][T12696] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 271.195300][T12696] RIP: 0033:0x7f57d763f749 [ 271.199709][T12696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 271.219302][T12696] RSP: 002b:00007f57d58a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 271.227701][T12696] RAX: ffffffffffffffda RBX: 00007f57d7895fa0 RCX: 00007f57d763f749 [ 271.235661][T12696] RDX: 0000000000000000 RSI: 0000200000000940 RDI: 0000200000000b00 [ 271.243616][T12696] RBP: 00007f57d76c3f91 R08: 0000000000000000 R09: 0000000000000000 [ 271.251571][T12696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 271.259526][T12696] R13: 00007f57d7896038 R14: 00007f57d7895fa0 R15: 00007fffcbed83a8 [ 271.267486][T12696] [ 271.276870][T12708] chnl_net:chnl_flowctrl_cb(): NET flowctrl func called flow: CLOSE/DEINIT [ 271.312222][T12696] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz.1.3901: bg 0: block 18: invalid block bitmap [ 271.312753][T12708] chnl_net:chnl_net_open(): state disconnected [ 271.344906][T12708] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 271.361809][T11830] usb 4-1: New USB device found, idVendor=0424, idProduct=9908, bcdDevice=2e.38 [ 271.370990][T11830] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.382838][T11830] usb 4-1: Product: syz [ 271.387251][T11830] usb 4-1: Manufacturer: syz [ 271.391857][T11830] usb 4-1: SerialNumber: syz [ 271.417274][T12643] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 271.639579][T12643] udc-core: couldn't find an available UDC or it's busy [ 271.646527][T12643] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 271.727376][T11830] smsc95xx v2.0.0 [ 271.747178][T11830] smsc95xx 4-1:129.249 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71 [ 271.758728][T11830] smsc95xx: probe of 4-1:129.249 failed with error -71 [ 271.768160][T11830] usb 4-1: USB disconnect, device number 20