last executing test programs: 7.388183546s ago: executing program 3 (id=3173): r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="1201000000000040411215500000000000010902240001000000c609040007020300010009210000050122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x3, "0b3cbf15"}]}}, 0x0}, 0x0) 4.967814184s ago: executing program 3 (id=3187): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=@ipv6_newrule={0x38, 0x20, 0x1, 0x70bd2d, 0x25dfdbfc, {0xa, 0x0, 0x20, 0x0, 0x9, 0x0, 0x0, 0x1, 0x2801e}, [@FRA_SRC={0x14, 0x2, @private2}, @FIB_RULE_POLICY=@FRA_DPORT_RANGE={0x8, 0x18, {0x4e22, 0x4e22}}]}, 0x38}}, 0x480d0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000a00)=ANY=[@ANYBLOB="5c0000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000003c0012800b000100697036746e6c00002c00028014000300200100000000faffffffffffffff000114000200fc02"], 0x5c}, 0x1, 0x0, 0x0, 0x50}, 0x0) 4.433825715s ago: executing program 3 (id=3191): syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f0000000240)={[{@nogrpid}, {@min_batch_time}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@test_dummy_encryption}]}, 0x3, 0x45c, &(0x7f0000000580)="$eJzs282PU1UbAPDndlq+eWdegh98qKNoJH7MMAMiCzcaTVxoYqILdDfODAQpjGHGRAjR0RhcGhIX7ojuTPwLXOnGKCsTt7o3JMSwAVnV3PbeoS1tKbW0YH+/pNNzem/nPM/ce3rPPWcawMiaTH8kEVsi4veIGK9VG3eYrD1du3J2/u8rZ+eTqFTe/Cup7nf1ytn5fNdC9rw5+51RjCh8lsSuFu0unz5zfK5cXjyV1adXTrw/vXz6zLPHTswdXTy6eHL20KED+2eePzj7XF/yTPO6uvOjpd07Xn37/Ovzh8+/+8t3SZ5/Ux59Mtlp4xOVSp+bG66tdeWkGN98NcRY6N5YrZtGqdr/x2OsWqsZj1c+HWpwwB1VqVQq97ffvFoB/sOSGHYEwHDkF/r0/jd/DGjocVe4/GLtBijN+1r2qG0prs1nlJrub/tpMiIOr16/kD7izsxDAAA0+CEd/zzTavxXiPp5of9laygTEfH/iNgWEQcjYntE3BdR3feBiHjwNttvXiS5efxTuNRTYl1Kx38vZGtbjeO/fPQXE2NZbWs1/1Jy5Fh5cV/2N9kbpfVpfaZDGz++/NsX7bZVx3+lrLJ6/ULafj4WzOK4VFzf+J6FuZW5XvNtdvmTiJ3FVvknaysBSUTsiIidPbZx7Klvd7fbVj/+Pdwy/w6KPQZUp/J1xJO1478aTfnnks7rk9Mbory4bzo/K2528ddzb7Rr/1/l3wfp8d/U8vxfM5HUr9cu334b5/74vO09za3zb33+r0veqpbzo/Th3MrKqZmIdclrtaDrX5+98d68nu+f5r93T+v+vy17T9rGrohIT+KHIuLhiHgki/3RiHgsIvZ0yP/nlx5/r/f8G2zo0ExP0vwXWh7/tfO/6fjfKKyL5ldaF8aO//R9Q6MTt5N/evwPVEt7s1e6+fzrJq7ezmYAAAC49xQiYkskham1cqEwNVX7H/7tsalQXlpeefrI0gcnF2rfEZiIUiGf6Rqvmw+dyW7r8/psU31/Nm/85djGan1qfqm8MOzkYcRtbtP/U3+ODTs64I7rwzoacI/S/2F06f8wuvR/GF0t+v/G7PnioGMBBqvV9f/jIcQBDF5T/7fsByPE/T+Mrm76/zsDiAMYPNd/GEnLG+PWX5JXULipEIVudk6ya8vdEbNC94VhfzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xz8BAAD//xpK4OY=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x400c6615, 0x0) 3.269880268s ago: executing program 3 (id=3201): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000100)='./bus\x00', 0x1210080, &(0x7f0000000900)={[{@creator={'creator', 0x3d, "51905197"}}, {@file_umask={'file_umask', 0x3d, 0x8}}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@creator={'creator', 0x3d, "0de07c34"}}, {@codepage={'codepage', 0x3d, 'cp874'}}, {@dir_umask}, {}, {@dir_umask={'dir_umask', 0x3d, 0x200}}, {@uid}, {@umask={'umask', 0x3d, 0x16}}]}, 0x7, 0x318, &(0x7f00000004c0)="$eJzs3U1rE08cB/Dv7CZp8m/pf20rBY/VgqfS1oPixSLFi2/AgxRrm0LpWkEraEGMnkW8CYJHb55F34JexDegpx7Ek16CB1dmZmcf0tnNQ9tsQr4faJrszsNvdnayMynpgohG1tXVb28vHMgfUQbgArgMOACqQAnAacxWH+zube/59c28glyVQ/4I6JziUJqN3botq8yncoQ8+aqEieQ2OhlBEATf26b61ZdYqDhCj/1DHGAsHJ1qf7XvkZ2Mhm7XaEn0sGiiiYeYLDIcIiIqXnj9d8KrxEQ4f3ccYD6chw/79T81v2kWF8dAiK7/jn4dCHl8/le74vWeWsLJ3nfMKtFWlvWcCOLDXYE+s1IdINqtKlUsTm1r268vNFQBz3AllEg2ox43YRqiZEVb0b/mLGvTHHltzzeu2lCWbVjOiH+66xo//sAre3VrnzuISXwSX8Sa8PAam9H8rxQIeXDU8fFaekrHv5hdomqlp1OlWhmv30+pSs6YHvjwLm5lLeu4VuHKWGxkKaJ1/u6ZOF9WsnNhCumPFXTrlrJbp3JNW3MtR6//WHPNtOaqbZX9+sLGXT/3o5RjY13RiRfihpjDT7zHamL+78jU88gemalRLlTK8MzIbU9JpczoxxQ1gO90NTJJuWbt6HzPcRuXMHn/0f7Ouu/X7xX/xAyVAYlHn4jh6Si3yN+JNKjKJ2UAx1bp3yAIrLtK6EeTy6qpF9/ETd7fWRcN/fJoVaARFWh2rWQnBrACINxi3hF6qf1JlGssLrCj7L9lb6st9hPSRNWHE9JUldrlYqyjkVLrodLrj3fW/Z7eiWjIxJ2O2ZtFB0NFkPMuodd/ifXKonrXkQ9ezmokaFd4osSljBXQlHr8r7MVXFRs5jxx3Dxps+Y6ex4411KjA1Pj09ZivTBODOJfJbv/U4ZYxVfc4uf/RERERERERERERERERERERERERETDpttvI/TydYJ0jQcj+I83iIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiOJnH/X8BVd4ypFH7/X7eD+/+a+1IQUc/+BQAA//8KX2Ch") sync() syz_mount_image$msdos(&(0x7f0000000800), &(0x7f0000000840)='.\x00', 0x204086a, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, &(0x7f00000007c0)) 3.153955618s ago: executing program 2 (id=3202): syz_clone(0x2344600, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)="46b92d90205d413e1aef7e884497491b902d711f09") r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c0200001900010000000000000000000a0101000000000000000000000000000a01010100000000000000000000000000000003000000000a00000008000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fcffffffffffffff0000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000001e0000000000000001000000040000000000000000000000fdffffffffffffff0600000000000000040000000000000000000100000000008401050020010000000000000000000000000001000000002b00000000000000fc010000000000000000000000000001000000000000ff000000000000000000000000000000000000000000000000000000000100000000320000000000000000000000000000000000ffffac1e0001feffbfff0000000000000000000000000700000000000000000000000000000000000001000000003c00000002000000fe8800000000000000000000000001010100000001030000000000000000000009000000ff020000000000000000000000000001000000003200000002000000200100000000000000000000000000010000000000000000000000000300000000000000e0000002000000000000000000000000000000002b00000002"], 0x23c}, 0x1, 0x0, 0x0, 0x40005}, 0x8000000) 3.134116239s ago: executing program 4 (id=3203): mlockall(0x7) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x0) 3.008985037s ago: executing program 0 (id=3204): syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000200)='./file0\x00', 0x18000, &(0x7f0000000000)=ANY=[@ANYRES8=0x0, @ANYRES8, @ANYRES64, @ANYRESDEC, @ANYRES32, @ANYRES32], 0x1, 0x2ee, &(0x7f00000009c0)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1") openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40140, 0x1) getxattr(&(0x7f0000005140)='./file0\x00', &(0x7f0000005180)=@known='system.posix_acl_access\x00', 0x0, 0x0) 2.869851619s ago: executing program 1 (id=3205): r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xd) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000300)=0x3) 2.399484605s ago: executing program 0 (id=3206): syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000001480)=ANY=[@ANYBLOB='utf8,utf8,uid=', @ANYRESHEX=0xee01, @ANYBLOB=',iocharset=cp949,errors=remount-ro,utf8,errors=remount-ro,dmask=00000000000000000000003,time_offset=0x0000000000000006,gid=', @ANYRESHEX=0xee00, @ANYBLOB="2c00073bc934e6304a61a825679f7f47435e772a77a77e69b5db166a9f7745d7245b08574a58340594"], 0x1, 0x1544, &(0x7f0000001740)="$eJzs3AmcjlX7OPDrOufcY0zS0yTLcM65bp5kOSZJsiTJkiRJkmRLSJrklYTEkC1pSEKyDMkyhGSZmDT2fV8SkqRJkpBsyfl/FK/61fvW+3vfN79/ru/nc3/mXM+5r3Of+7mee+5llq86DqrWoHrlekQE/xb86UsyAMQCQD8AuAoAAgAoHV86/lx/donJ/95G2H/WA2mXegbsUuL6X964/pc3rv/ljet/eeP6X964/pc3rv/ljevP2OVsw5R8V/Ny+S7/7vN/eaHBz///P8Tn/7+QrBKjPltV4tpOADF/NIXr/5eU54+uyPX/ywr+yEpc/8sb1/8vK/s/7479s+bB/g/j4/9ykO0f9nD9L29cf8YuZ5f6+fN/f5H/tB8il8N78E/2nzHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYY+xOc9BcpALjQvtTzYowxxhhjjDHG2H+Oz3apZ8AYY4wxxhhjjLH/PgQBEhQEEAPZIBayQxwIALgScsJVEIGrIR6ugVxwLeSGPJAX8kEC5IcCoMGABYIQCkIhiMJ1UBiuhyJQFIpBcXBQAhLhBigJN0IpuAlKw81QBm6BslAOykMFuBUqwm1QCW6HynAHVIGqUA2qw51QA+6CmnA31IJ7oDbcC3XgPqgL90M9eADqw4PQAB6ChvAwNILG0ASaQrP/Vf5z0BWeh27QHZKhB/SEF6AX9IY+0Bf6wYvQH16CAfAypMBAGASvwGB4FYbAazAUhsFweB1GwBswEkbBaBgDqTAWxsGbMB7eggkwESbBZEiDKTAV3oZpMB1mwDswE96FWTAb5sBcSIf3YB7Mhwx4HxbAB5AJC2ERLIYlsBSWwXJYASthFayGNbAW1sF62AAbYRNshi2wFbbBh7AdPoIdsBN2/b1+/0r+iZ/lfwy7oRMCAgoUqFBhDMZgLMZiHMZhDsyBOTEnRjCC8RiPuTAX5sbcmBfzYgImYAEsgAYNEhIWxIIYxSgWxsJYBItgMSyGDh0mYiKWxBuxFJbC0lgay2AZLIvlsBxWwApYEStiJayElbEyVsEqWA2r4Z14J/bAmlgTa2EtrI21LzyewnpYD+tjfWyADbAhNsRG2AibYBNshs2wOTbHFtgCW2ErbI2tsQ22wSRMwrbYFtthO2yP7bEDdsCO2BE7YWfsnPVcNsDn8XnsjlVED+yJPbEXpmTrg32xL76I/fElfAlfxhQciIPwFXwFX8UheByH4jAcjsOxongDR+IoJDEGUzEVx+E4HI/jcQJOxIk4GdNwCk7FqTgNp+N0fAdn4rv4Ls7G2TgX0zEd5+F8zMAMXIAnMBMX4iJcjEtwKS7B5bgCl+MqXI2rcC2uxfW4HjfiRtyMm3ErbsUPUQHgR7gTd2IK7sbduAf34F7ci/twH2ZhFu7H/XgAD+BBPIiH8BAexiN4FI/gMTyGx/EEnsSTeBpP4xl8JuGL+h8WXZkC4hwllIgRMSJWxIo4ESdyiBwip8gpIiIi4kW8yCVyidwit8gr8ooEkSAKiALCCCNIhDEAIKIiKgqLwqKIKCKKiWLCCScSRaIoKUqKUqKUKC1uFmXELaKsKCdaugqigqgoWrlK4nZRWVQWVURVUU1UF9VFDVFD1BQ1RS1RS9QWtUUdcZ+oK3pgH3xAnKtMAzEQG4pB2Eg0FvL8EdBcDMEWoqVoJR4Tw3AothHNXZJ4UrQVI7Gd+JsYhU+LDmIMdhTPik6is+ginhNdRQvXTXQXE7CH6CkmYy/RW/QRfcU0rCrewZnZq4mXRYoYKAaJV8RcfFUMEa+JoWKYGC5eFyPEG2KkGCVGizEiVYwV48SbYrx4S0wQE8UkMVmkiSliqnhbTBPTxQzxjpgp3hWzxGwxR8wV6eI9MU/MFxnifbFAfCAyxUKxSCwWS8RSsUwsFyvESrFKrBZrxFqxTqwXG8RGsUlsFlvEVrFNfCi2i4/EDrFT7BIfi93iE7FHfCr2is/EPvG5yBJfiP3iS3FAfCUOiq/FIfGNOCyOiKPiW3FMfCeOixPipDglTovvxRnxgzgrvACJUkgplQxkjMwmY2V2GSevkDlkcP7dvVrGy2tkLnmtzC3zyLwyn0yQ+WUBqaWRVpIMZUFZSEbldbKwvF4WkUVlMVlcOllCJsobZEl5oywlb5Kl5c2yjLxFlpXlZHlZQd4qK8rbJER+2kYVWVVWk9XlnTIZ7pI15d2ylrxH1pb3yjryPllX3i/ryQdkffmgbCAfkg3lw7KRbCybyKaymXxENpePyhaypWwlH5Ot5eOyjXxCJsknZVvpz39EnpYd5DOyo3xWdpKdZRf5gzwrvewmu0voAbKnfEH2kr1lH9lX9pMvyv7yJTlAvixT5EA5SL4iB8tX5RD5mhwqh8nh8nU5Qr4hR8pRcrQcI1PlWDlOvinHy7fkBDlRTpKTZZqcIvucH2mGlL+b/+bP88+deuUUOeDHra+XG+RGuUlullvkVrlNfii3y+1yh9whd8ldcrfcLffIPXKv3Cv3yX0yS2bJ/XK/PCAPyIPyoDwkD8nD8og8Jb+Vx+R38rg8IU/IU/K0PC3PnH8PQKESSiqlAhWjsqlYlV3FqStUDnWlyqmuUhF1tYpX16hc6lqVW+VReVU+laDyqwJKK6OsIhWqgqqQiqrr8PwHRhVTxZVTJVSiuuFfyVeF1fWqiCr6i/wL80v+B/Nrppqp5qq5aqFaqFaqlWqtWqs2qo1KUkmqrWqr2ql2qr1qrzqoDqqj6qg6qU6qi+qiuqquqpvqppJVsuqpXlC9VG/VR/VV/dSLqr/qrwaoASpFpahBapAarAarIWqIGqqGquFquBqhRqiRaqQarUarVJWqxqlxarwaryaoCWqSmqTSVJqaqqaqaWqamqFmqJlqppqlZqk5ao5KV+lqnpqnMlSGWqAWqEy1UC1Ui9VitVQtVcvVcrVSrVSr1Wq1Vq1VmWqD2qA2qU1qi9qitqltarvarnaoHWqX2qV2q91qj9qj9qq9ap/ap7JUltqv9qsD6oA6qA6qQ+qQOqwOq6PqqDqmjqnj6rg6qU6q0+q0OqPOqLPqrIJAgAhEoAIVxAQxQWwQG8QFcUGOIEeQM8gZRIJIEB/EB7mCa4PcQZ4gb5AvSAjyBwUCHZjABuJ80aPBdUHh4PqgSFA0KBYUD1xQIkgMbghKBjcGpYKbgtLBzUGZ4JagbFAuKB9UCG4NKga3BZWC24PKwR1BlaBqUC2oHtwZ1AjuCmoGdwe1gnuC2sG9QZ3gvqBucH9QL3ggqB88GDQIHgoaBg8HjYLGQZOgadDsPzq+98fzPOq66e46WffQPfULupfurfvovrqfflH31y/pAfplnaIH6kH6FT1Yv6qH6Nf0UD1MD9ev6xH6DT1Sj9Kj9RidqsfqcfpNPV6/pSfoiXqSnqzT9BQ9Vb+tp+npeoZ+R8/U7+pZeraeo+fqdP2enqfn6wz9vl6gP9CZeqFepBfrJXqpXqaX6xV6pV6lV+s1eq1ep9frDXqj3qQ36y16q96mP9Tb9Ud6h96pd+mP9W79id6jP9V79Wd6n/5cZ+kv9H79pT6gv9IH9df6kP5GH9ZH9FH9rT6mv9PH9Ql9Up/Sp/X3+oz+QZ/V/tzF/bnTu1FGmRgTY2JNrIkzcSaHyWFympwmYiIm3sSbXCaXyW1ym7wmr0kwCaaAKWDOIUOmoClooiZqCpvCpogpYoqZYsYZZxJNoilpSppSppQpbUqbMqaMKWvKmvKmvLnV3GpuM7eZ283t5g5zh6lqqprqprqpYWqYmqamqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpkmpolpZpqZ5qa5aWFamFamlWltWps2po1JMkmmrWlr2pl2pr1pbzqYDqaj6Wg6mU6mi+liupquppvpZpJNsulpeppeppfpY/qYfqaf6W/6mwFmgEkxKWaQGWQGm8FmiBlihpphZvi5C1XzhhlpRpnRZoxJNalmnBlnxpvxZoKZYCaZSSbNpJmpZqqZZqaZGWaGmWlmmllmlplj5ph0k27mmXkmw2SYBWaByTSZZpFZZJaYJWaZWWZWmBVmlVll1sAas86sMxvMBrPJbDJbzBazzWwz2812s8PsMLvMLrPb7DZ7zB6z1+w1+8w+k2WyzH6z3xwwB8xBc9AcMofMYXPYHDVHzTFzzBw3x81Jc9KcNnnOny+9ibXZbZy9wuawV9qc9ir7P+O8Np9NsPltAattbpvnF7Gx1haxRW0xW9w6W8Im2ht+FZe15Wx5W8Heaiva22ylX8U17F22pr3b1rL32Or2zl/Ete29to59yNZFBLCNbX3b1DawD9mG9mHbyDa2TWxT29o+btvYJ2ySfdK2tU/9Kp5n59sVdqVdZVfbHXanPWlP2QP2K3vafm+72e62n33R9rcv2QH2ZZtiB/4qHm5ftyPsG3akHWVH2zG/iifZyTbNTrFT7dt2mp3+qzjdvmdn2gw7y862c+zcH+Nzc8qw79sF9gObaQNYZBfbJXapXWaX/32ui+1au86ut9vtR3aT3Wy32K1224ULYbvT7rIf2932E7vffmn32s/sPnvQZtkvfozP7d9B+7U9ZL+xh+0Re9R+a4/Z79SF7HP7/q39wZ613gIhAUlSFFAMZaNYyk5xdAXloCspJ11FEbqa4ukaykXXUm7KQ3kpHyVQfipAmgxZIgqpIBWiKF1HF6ZXjIqToxKUSDdQSbqRStFNVJpupjJ0C5WlclSeKtCtVJFuo0p0O1WmO6gKVaVqVJ3upBp0F9Wku6kW3UO16V6qQ/dRXbqf6tEDVJ8epAb0EDWkh6kRNaYm1JSa0SPUnB6lFtSSWtFj1Joepzb0BCXRk9SWnqJ29DdqT09TB3qGOtKz1Ik6Uxd6jrrS89SNulMy9aCe9AL1ot7Uh/pSP3qR+tNLNIBephQaSIPoFRpMr9IQeo2G0jAaTq/TCHqDRtIoGk1jKJXG0jh6k8bTWzSBJtIkmkxpNIWm0ts0jabTDHqHZtK7NItm0xyaS+n0Hs2j+ZRB79MC+oAyaSEtosW0hJbSMlpOK2glraLVtIbW0jpaTxtoI22izbSFttI2+pC200e0g3bSLvqYdtMntIc+pb30Ge2jzymLvqD99CUdoK/oIH3tu9M3dJiO0FH6lo7Rd3ScTtBJOkWn6Xs6Qz/QWfIEIYYilKEKgzAmzBbGhtnDuPCKMEd4ZZgzvCqMhFeH8eE1Ya7w2jB3mCfMG+YLE8L8YYFQhya0IYVhWDAsFEZjrgsLh9eHRcKiYbGweOjCEmFieENYMrwxLBXeFJYObw7LhLeEZcNy4UP3VAhvDSuGt4WVwtvDyuEdYZWwalgtrB7eGdYI7wprhneHtcJ7wlLhvWGd8L6wbnh/WC98IKwfPhg2CB8KG4YPh43CxmGTsGnYLHwkbB4+GrYIW4atwsfC1uHjYZvwiTApfDJsGz71Y/+98/9xf3LYI+wZvhC+EHp/t5wTnRtNj74XnRedH82Ivh9dEP0gmhldGF0UXRxdEl0aXRZdHl0RXRldFV0dXRNdG10XXR/1vno2cOiEk065wMW4bC7WZXdx7gqXw13pcrqrXMRd7eLdNS6Xu9bldnlcXpfPJbj8roDTzjjryIWuoCvkou46V9hd74q4oq6YK+6cK+ESXVPXzDVzzd2jroVr6Vq5x9xj7nH3uHvCPeGedG3dU66d+5tr7552Hdwz7hn3rOvkOrsu7jnX1Y3N+dMxmex6up6ul+vl+rg+rp/r5/q7/m6AG+BSXIob5Aa5wW6wG+KGuKFuqBvuhrsRboQb6Ua60W60S3Wpbpwb58a78W6Cm+AmuUkuzaW5qW6qm+amuYrTf9rKLDfLzXFzXLpLd/PcuWvGDLfALXCZLtMtcovcErfELXPL3Aq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29x2t93t8Ff9NKjb7fa4PW6v2+v2uc9dlvvC7XdfugPuK3fQfe0OuW/cYXfEHXXfumPuO3fcnXAn3Sl32n3vzrgf3FnnXWpkbGRc5M3I+MhbkQmRiZFJkcmRtMiUyNTI25FpkemRGZF3IjMj70ZmRWZH5kTmRtIj70XmReZHMiLvRxZEPohkRhZGFkUWR5ZElka8z78p9AV9IR/11/nC/npfxBf1xXxx73wJn+hv8CX9jb6Uv8mX9jf7Mv4WX9aX8+X9w76Rb+yb+Ka+mX/EN/eP+ha+pW/lH/Ot/eO+jX/CJ/knfVv/lG/n/+bb+6d9B/+M7+if9Z18Z9/FP+e7+ud9N9/dJ/sevqd/wffyvX0f39f38y/6/v4lP8C/7FP8QD/Iv+IH+1f9EP+aH+qH+eExr/sRF26RYYxP9WP9OP+mH+/f8hP8RD/JT/Zpfoqf6t/20/x0P8O/42f6d/0sP9vP8XN9un/Pz/PzfYZ/3y/wH/hMv/DCQ0m/zC/3K/xKv8qv9mv8Wr/Or/cb/Ea/yW/2W/xWv81/6Lf7j/wOv9Pv8h/73f4Tv8d/6vf6z/w+/7nP8l/4/f5Lf8B/5Q/6r/0h/40/7I/4o/5bf8x/54/7E/6kP+VP++/9Gf+DP8t/s8YYY4wx9oeMvdgUv+z56XF+j9/IET9buScAXLk5X9bP+89dUa7J/VO7t0hoHQGAJ7t3fODCUqVKcnLy+XUzJQSFZgNc+EnQOTFwMV4IreBxSIKWUPI3599bdD5NvzN+9GaAuJ/lxMLF+OL4nwJg8m+M/8hjw+eVCU/G/5PxZwMUKXQxJztcjBdCqx+fr7SEUv9g/nma/878s3+WCtDiZzk54GJ8cf6J8Cg8BUm/WJMxxhhjjDHGGPtJb1G+/YX7zwu/8flb9+cJ6mJONrgY/979OWOMMcYYY4wxxi69pzt3eeKRpKSW7f/1RqX/VdYfbjSE/9bI3PjNhvcAF15RAPBvDghwriH/zL3Y+KdsK+X8ofM/u5ac8gH83yjlbzUGXAHw+yuP/vsrl/gbE2OMMcYYY+w/7uLV/y9fV5dqQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2GXoz/jfY5d6HxljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLFL7f8FAAD//y1m/Y0=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$FITRIM(r0, 0xc0185879, 0x0) 2.214152496s ago: executing program 1 (id=3207): bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) r0 = syz_open_dev$vbi(&(0x7f0000000100), 0x1, 0x2) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205648, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f908, 0xffffbfff, '\x00', @string=&(0x7f0000000180)=0xa3}}) 2.161922844s ago: executing program 2 (id=3208): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) recvfrom(r0, 0x0, 0x62, 0x527d88dd03d0199c, &(0x7f00000000c0)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x2, 0x1, 0x3, 0x2, {0xa, 0x4e20, 0x5, @dev={0xfe, 0x80, '\x00', 0x1f}, 0xffbff800}}}, 0x80) syz_emit_ethernet(0x46, &(0x7f00000004c0)={@random="576b71bcaf90", @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x9, 0x6, '\x00', 0x10, 0x3a, 0xff, @private1, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x9, 0xf16, 0xb41b, 0x67c}}}}}}, 0x0) 2.117377145s ago: executing program 3 (id=3209): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f00000002c0), 0x45, 0x7b1, &(0x7f0000000c80)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b) 2.060800326s ago: executing program 4 (id=3210): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)={0x34, r1, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x20009085}, 0x40040c0) 1.773453745s ago: executing program 1 (id=3211): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x60, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [{@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x2}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}]}, 0x60}, 0x1, 0x0, 0x0, 0xe954c00a53b512e6}, 0x20044004) 1.757710146s ago: executing program 0 (id=3212): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000bc0)='./file0\x00', 0x101c04a, &(0x7f0000000400)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c666d61736b3d30303030303030303030303030303030303030303036362c696f636861727365743d69736f383835392d312c6572726f72733d636f6e74696e75652c756e695f786c6174653d302c696f636861727365743d61736369692c726f6469722c73686f72746e616d653d6d697865642c756e695f786c6174653d302c757466383d302c757466383d302c756e695f786c6174653d312c64656275672c756e695f786c6174653d312c666d61736b3d30303030303030303030303030303030303030303030332c6e6f63617365aec489af6ba9723d4b17106f6d47b9ade1c253d4e3b08066427cae9f41fd1e1dd25a22ec22ad6e8bf6f67e052de91b544f2f4541f87a0c0b36e8d444150b35c110bda57fe7a9c06ba087cc975447082aaf95213301f3e04b70ea67a8aa0d582ca1a9525dba7116d80f126f782a78428b878fc79c0be9ad98cb6950995e6edba78e5301e8c8e69cc85beceb8b54f84a84787815ef9a18f1fe1c81b4c1830102f7e3236e2533e486ecb46ee53991c5bfe6289a474582b2e57741fd8de78f42097851bee74d4201c7767e0e0f4b34523150639b1291441ad01f2f72ed3679d7bca0e8b4e0689f883196af0d0dfe7344f276c1b4bd333882cf7879248ad423e3f21cd0cae2309519f9d40df23cf05d9c8d8f9d07da771ea1e3bcd8478fb989f770da17f700000000000000"], 0x6, 0x2c0, &(0x7f0000000900)="$eJzs3U9rK1UUAPAz+TOJukgWrkRwQBeuHu+9rZsUeQ/ErnxkoS60+FqQJggtFKri2JVbNy78DILgB3HjNxDcCu6sUBiZyaRJ2pg2palof79Fe3vnnLlnboZ2WujJx6+O959nsXfy5a/R7SbRGMQgTpPoRyOmvo4Fg28DAPgvOy2K+KOYWCcviYju5soCADboej//W7PhT3dSFgCwQc/e/+Ddre3tJ+9lWTeejr85Gpa/2ZefJ8e39uLTGMVuPIxenEVUDwrtqJ4WyuHToijyVlbqxxvj/GhYZo4/+rk+/9bv9R8LSv3q4/nTRpX/zvaTR9nEXH5e1vFivf6gXP9x9OLl8+SF/MdL8mOYxpuvz9X/IHrxyyfxWYzieVXELP+rR1n2dvHdn198WJZX5if50bBTxc0UzTt8WQAAAAAAAAAAAAAAAAAAAAAA+J97UPfO6UTVv6ecqvvvNM/KL9qRTfUX+/NM8qetfRb6AxVFkVftcib9dR5mWVbUgbP8VrzSmm8sCAAAAAAAAAAAAAAAAAAAAPfX4fHn+zuj0e7BrQym3QBaEfHXs4ibnmcwN/NarA7u1GvujEaNergY05qfieY0JolYWUZ5Ebe0LVcNXrhUcz344cd1T9i9Oqa9fK3D4+ZNX6/84sz07trfSZbvYSemM9160e/TiFlMGtdcPf2nQ0Wsc/ulSw/11t6N9KVqkK+IiWRVYW/9Ntm5eia5eBVptatL09v1YC79wr1xrfs5upP0y98rEt06AAAAAAAAAAAAAAAAAABgo2b//bvk4MnK1EbR2VhZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCnZu//v8Ygj4h2fYIrgtM4OPyXLxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB74O8AAAD//0aWVl0=") mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000540)={{}, {0x77359400}}, 0x0) 1.679012141s ago: executing program 2 (id=3213): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000018010000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000003000000b70400000200000085000000a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 1.62879478s ago: executing program 4 (id=3214): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0) ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f00000000c0)={0x1, 0x2}) ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000140)={0x1, 0x1, 0x0, 0xfffffffe}) 1.304732717s ago: executing program 1 (id=3215): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4001, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000000)) 1.255282528s ago: executing program 0 (id=3216): syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x6}, @hci_rp_read_voice_setting={{0x10}, {0x0, 0xb1}}}}, 0x9) recvmsg(0xffffffffffffffff, 0x0, 0x2000) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) 1.174428822s ago: executing program 4 (id=3217): r0 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108) setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000200)={0x0, {{0xa, 0x2, 0x52, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108) 1.13125418s ago: executing program 2 (id=3218): r0 = socket$packet(0x11, 0x2, 0x300) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) getsockopt$packet_buf(r0, 0x107, 0x17, 0x0, &(0x7f0000000680)) 831.742309ms ago: executing program 0 (id=3219): pipe(&(0x7f00000001c0)={0xffffffffffffffff}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) splice(r0, 0x0, r1, 0x0, 0x80, 0x4) 825.275288ms ago: executing program 1 (id=3220): syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000001280)='./file0\x00', 0x1000000, &(0x7f00000012c0)={[{@nodots}, {@nodots}, {@fat=@gid}, {@nodots}, {@nodots}, {@fat=@nocase}, {@dots}, {@fat=@fmask={'fmask', 0x3d, 0x34a5}}, {@nodots}, {@fat=@flush}, {@dots}]}, 0x1, 0x26b, &(0x7f0000000700)="$eJzs3c9qE0EcB/Bf/jTZFtSepYcFL55EfYMgFYSAUM29gdZLW4TtJXrKYwi+gY/j0cfoqbdIu4sx2+I/tk7T/Xyg7I/97jAzDWRymEn2d06ODt6fvlt8+xRZlkc/Yh7nEdvRjV6UOtW1e1kPYhBL8wAA1s3e3nSUegw0qHP1VlGMphsRMbySTb78p1EBAAAAAAAAAADQsP2dk+7f7v//mf3/ALB+7P+/+4piNN2qPr+tsv8fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASOd8sXiw+MVf6vEBAM2z/gNA+1j/AaB9rP8A0D5v7ldFnmcRZ/PZZDYpr+Xtl6/Gu0/zS9vLVmez2WSjqse7z8o8r+dbVfvn1+aDePyozC+yF6/HtXwYBzc5cQAAAAAAAAAAAAAAAAAAALhFnuQ/1M7398r84oFhXJNnEZ9Xvh+gdn6/Hw/7v+2+1+xsAAAAAAAAAAAAAAAAAAAAYD2dfvh4ND0+PixaW3ztRSTrPTrly5D6n1ArNuMfWmW3bRZrVPQi4nAY/ViNNiOiyb7e3vvzh1O/MwEAAAAAAAAAAAAAAAAAQPssD/2mHgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAApLP8/f+bK1LPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiH7wEAAP//eFKFPA==") mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200) 781.054177ms ago: executing program 4 (id=3221): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000110000000040100"}) 718.508273ms ago: executing program 2 (id=3222): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) listen(r0, 0x5) sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfffffffffffffd58, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 283.830539ms ago: executing program 3 (id=3223): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000e80)='./file1\x00', 0x0, &(0x7f0000000240)={[{@utf8}, {@uni_xlateno}, {@fat=@check_strict}, {@utf8no}, {@utf8no}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'cp775'}}, {@shortname_winnt}, {@uni_xlateno}, {@shortname_winnt}, {@fat=@codepage={'codepage', 0x3d, '852'}}, {@utf8}, {@fat=@usefree}, {@uni_xlate}, {@uni_xlate}, {@utf8no}, {@shortname_win95}]}, 0xfd, 0x2a8, &(0x7f0000000580)="$eJzs3c9qK1UcB/DfpGkSdZEsXInigC5cXW7vE6RIL1zMSslCXah4b0GaILRQ8A/GrgRXblz6BILQnS/hxjfwAQR3dlE4MslMk9Q07UDT+ufz2fT0nPOd8zuTaUsXOfnw5fHB0zz2T778LTqdLBr96MdZFr1oROXrWNL/LgCAf7OzlOKPNFMnl0VEZ3NlAQAbVPvv/+nGSwIANuydd997a3cw2Hs7zzvxePzN8bD4z774Ohvf3Y9PYhTP4mF04zwiXZi1H6eUJs280IvXx5PjYZEcf/BLef3d3yOm+Z3oRm/atZx/MtjbyWcW8pOijufL9ftF/lF048UV6z8Z7D1akY9hK954baH+B9GNXz+OT2MUT6dFzPNf7eT5m+n7P794vyivyGeT42F7Om8ubd3xSwMAAAAAAAAAAAAAAAAAAAAAwH/Yg/LsnHZMz+8pusrzd7bOi2+2I6/0ls/nmeWz6kKXzgeapPihOl/nYZ7nqZw4zzfjpWY072fXAAAAAAAAAAAAAAAAAAAA8M9y9NnnBx+NRs8Ob6VRnQZQva2//nVOp6n+Qs+rsT7Vnq/VKJtrloitak4WsbaeYhO3dFuuazx3Vc0//lT3gp3r52wXa3VucRfVy73QE1VPtvoeti8md6qH5OeqJ6WUWnHD1VtXDaVaj19r5VC39t1ovTBtTNbMieyqwr59Zf5zWQ5ll3fRWrrPS43tsrEQv/Rs1Hqe//67InNaBwAAAAAAAAAAAAAAAAAAbNT8Tb8rBk/WRhupvbGyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBOzT//v0ZjUoZvMLkVh0f3vEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+B/4KAAD//+KpXP8=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000200)=""/85, 0xaa) 278.600371ms ago: executing program 2 (id=3224): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x22882, 0x0) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000e40)='\b', 0x17ff}], 0x5) ioctl$TIOCSERGETLSR(r0, 0x5459, &(0x7f0000000000)) 276.049096ms ago: executing program 4 (id=3225): r0 = socket(0x10, 0x3, 0x0) syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r0) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000005200010a"], 0x14}}, 0x0) 181.001868ms ago: executing program 0 (id=3226): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x4, 0xffff, 0x0, 0x1}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xc, 0x4, 0x4, 0x7, 0x0, r0}, 0x50) bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000400)={r1, 0x58, &(0x7f00000000c0)}, 0x10) 0s ago: executing program 1 (id=3227): r0 = socket(0x840000000002, 0x3, 0xff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000480)='veth1\x00', 0x10) sendmmsg$inet(r0, &(0x7f00000029c0)=[{{&(0x7f0000000000)={0x2, 0x4e24, @private=0xa010102}, 0x10, &(0x7f0000002540)=[{&(0x7f0000000180)="5022896266c8baeb43d5e917a1c1ac6cc87defdc", 0x14}, {0x0}], 0x2}}], 0x1, 0x20016b94) kernel console output (not intermixed with test programs): nk: 'syz.2.1457': attribute type 6 has an invalid length. [ 373.281696][ T5834] usb 2-1: not running at top speed; connect to a high speed hub [ 373.322058][ T5834] usb 2-1: config 129 has an invalid interface number: 35 but max is 0 [ 373.334154][ T10] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 373.347715][ T5834] usb 2-1: config 129 has no interface number 0 [ 373.387633][ T5834] usb 2-1: config 129 interface 35 has no altsetting 0 [ 373.423449][ T5834] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0102, bcdDevice=26.99 [ 373.455059][ T5834] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 373.463260][ T5834] usb 2-1: Product: syz [ 373.488670][ T5834] usb 2-1: Manufacturer: syz [ 373.493458][ T5834] usb 2-1: SerialNumber: syz [ 373.524830][ T10] usb 1-1: Using ep0 maxpacket: 16 [ 373.584433][ T10] usb 1-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 373.614691][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 373.622887][ T10] usb 1-1: Product: syz [ 373.692872][ T10] usb 1-1: Manufacturer: syz [ 373.713572][ T10] usb 1-1: SerialNumber: syz [ 373.727990][ T10] usb 1-1: config 0 descriptor?? [ 373.760095][ T10] ssu100 1-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 373.790614][ T5834] usb_ehset_test 2-1:129.35: probe with driver usb_ehset_test failed with error -32 [ 373.836283][ T5834] usb 2-1: USB disconnect, device number 7 [ 373.893661][ T9102] netlink: 336 bytes leftover after parsing attributes in process `syz.3.1460'. [ 374.237059][ T10] ssu100 1-1:0.0: probe with driver ssu100 failed with error -71 [ 374.270858][ T10] usb 1-1: USB disconnect, device number 7 [ 374.689075][ T5834] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 374.836913][ T9114] fuse: Invalid rootmode [ 374.888838][ T5834] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7 [ 374.913995][ T5834] usb 4-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82 [ 374.941927][ T5834] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 374.986148][ T5834] usb 4-1: config 0 descriptor?? [ 375.060237][ T5834] smsusb:smsusb_probe: board id=8, interface number 0 [ 375.092762][ T5834] smsusb:smsusb_probe: Device initialized with return code -19 [ 375.438845][ T5834] usb 4-1: USB disconnect, device number 6 [ 375.903409][ T9133] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1475'. [ 377.567395][ T9168] xt_TPROXY: Can be used only with -p tcp or -p udp [ 378.386152][ T9179] xt_CT: No such helper "netbios-ns" [ 378.564724][ T9188] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 380.368715][ T9228] netlink: 'syz.3.1521': attribute type 10 has an invalid length. [ 382.514980][ T9274] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 382.654613][ T9274] CIFS mount error: No usable UNC path provided in device string! [ 382.654613][ T9274] [ 382.689598][ T9274] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 383.024118][ T9] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 383.210233][ T9] usb 1-1: too many configurations: 65, using maximum allowed: 8 [ 383.227910][ T9] usb 1-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config [ 383.257197][ T9] usb 1-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config [ 383.298918][ T9288] loop1: detected capacity change from 0 to 2048 [ 383.387701][ T9] usb 1-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config [ 383.408436][ T9] usb 1-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config [ 383.458502][ T9] usb 1-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config [ 383.464611][ T9288] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 383.491787][ T9] usb 1-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config [ 383.525496][ T9] usb 1-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config [ 383.555187][ T9] usb 1-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config [ 383.560169][ T9295] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 2: invalid block bitmap [ 383.567228][ T9] usb 1-1: New USB device found, idVendor=046d, idProduct=08b8, bcdDevice=ee.8d [ 383.611606][ T9288] EXT4-fs error (device loop1): ext4_find_extent:904: inode #2: comm syz.1.1549: inode has invalid extent depth: 7 [ 383.627919][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 383.729172][ T9] pwc: Logitech QuickCam detected (reserved ID). [ 383.768020][ T9] pwc: Warning: more than 1 configuration available. [ 384.121161][ T9] pwc: send_video_command error -71 [ 384.123570][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 384.144209][ T9] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 384.152205][ T9] Philips webcam 1-1:250.0: probe with driver Philips webcam failed with error -71 [ 384.208404][ T9] usb 1-1: USB disconnect, device number 8 [ 384.752456][ T9307] bridge_slave_0: left allmulticast mode [ 384.761678][ T9307] bridge_slave_0: left promiscuous mode [ 384.801205][ T9307] bridge0: port 1(bridge_slave_0) entered disabled state [ 384.922022][ T9307] bridge_slave_1: left allmulticast mode [ 384.970294][ T9307] bridge_slave_1: left promiscuous mode [ 384.991594][ T9307] bridge0: port 2(bridge_slave_1) entered disabled state [ 385.039791][ T9307] bond0: (slave bond_slave_0): Releasing backup interface [ 385.107700][ T9307] bond0: (slave bond_slave_1): Releasing backup interface [ 385.202795][ T9307] team0: Port device team_slave_0 removed [ 385.245742][ T9307] team0: Port device team_slave_1 removed [ 385.257124][ T9307] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 385.265031][ T9307] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 385.282927][ T9307] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 385.299964][ T9307] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 385.332733][ T9319] loop3: detected capacity change from 0 to 64 [ 385.398153][ T9307] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 385.700337][ T9317] loop4: detected capacity change from 0 to 4096 [ 385.750258][ T9317] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 386.052510][ T9317] ntfs3(loop4): ino=19, mi_enum_attr [ 386.069047][ T9317] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 386.124510][ T9325] No source specified [ 386.146002][ T9317] ntfs3(loop4): failed to convert "c46c" to iso8859-13 [ 386.193570][ T9317] ntfs3(loop4): ino=20, mi_enum_attr [ 388.347147][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 388.353887][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 389.083596][ T9371] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 389.247602][ T9374] loop3: detected capacity change from 0 to 64 [ 389.274568][ T9377] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1592'. [ 389.334771][ T9377] veth0_macvtap: left promiscuous mode [ 389.684328][ T9381] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967295 > 32) [ 389.794395][ T9383] mmap: syz.2.1595 (9383): VmData 37466112 exceed data ulimit 6. Update limits or use boot option ignore_rlimit_data. [ 390.001761][ T9385] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1596'. [ 390.443490][ T9393] loop2: detected capacity change from 0 to 1024 [ 390.754171][ T9] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 390.924925][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 390.974133][ T9] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 7.00 [ 391.017108][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 391.049368][ T9] usb 2-1: Product: syz [ 391.082163][ T9] usb 2-1: Manufacturer: syz [ 391.102156][ T9] usb 2-1: SerialNumber: syz [ 391.150444][ T9] usb 2-1: config 0 descriptor?? [ 391.183586][ T9] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 391.248214][ T9] usb 2-1: Detected FT2232H [ 391.286291][ T9406] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1606'. [ 391.322865][ T9406] netlink: 312 bytes leftover after parsing attributes in process `syz.3.1606'. [ 391.464608][ T9] ftdi_sio ttyUSB0: Unable to read latency timer: -121 [ 391.684331][ T9] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 391.730924][ T9] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 391.784968][ T9411] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1609'. [ 391.809507][ T9] usb 2-1: USB disconnect, device number 8 [ 391.865783][ T9] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 391.903258][ T9] ftdi_sio 2-1:0.0: device disconnected [ 392.449965][ T29] audit: type=1326 audit(1775656131.133:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9421 comm="syz.0.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75819c819 code=0x7ffc0000 [ 392.607731][ T29] audit: type=1326 audit(1775656131.223:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9421 comm="syz.0.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7ff75819c819 code=0x7ffc0000 [ 392.729829][ T29] audit: type=1326 audit(1775656131.223:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9421 comm="syz.0.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75819c819 code=0x7ffc0000 [ 392.814114][ T29] audit: type=1326 audit(1775656131.223:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9421 comm="syz.0.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75819c819 code=0x7ffc0000 [ 393.014355][ T9433] netlink: 'syz.0.1620': attribute type 3 has an invalid length. [ 394.185275][ T9453] netlink: 'syz.4.1629': attribute type 1 has an invalid length. [ 394.764513][ T9463] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1635'. [ 395.744700][ T9479] PKCS8: Unsupported PKCS#8 version [ 396.971181][ T9500] netlink: 5044 bytes leftover after parsing attributes in process `syz.4.1653'. [ 397.822489][ T9512] dvmrp1: entered allmulticast mode [ 398.850857][ T9531] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1668'. [ 398.891703][ T9531] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1668'. [ 401.022946][ T9571] loop3: detected capacity change from 0 to 22 [ 401.222934][ T9571] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 401.652445][ T9577] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 402.558556][ T9589] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1696'. [ 402.750869][ T9593] loop2: detected capacity change from 0 to 1024 [ 402.917350][ T9593] hfsplus: inconsistency in B*Tree (9,1,255,1,0) [ 403.274150][ T53] hfsplus: b-tree write err: -5, ino 25 [ 403.290761][ T53] hfsplus: b-tree write err: -5, ino 4 [ 403.304068][ T53] hfsplus: b-tree write err: -5, ino 2 [ 403.690683][ T9607] loop2: detected capacity change from 0 to 16 [ 403.759572][ T9607] erofs (device loop2): mounted with root inode @ nid 36. [ 403.860564][ T5777] erofs (device loop2): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 9000 [ 403.879438][ T9607] erofs (device loop2): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 9000 [ 403.917453][ T9607] erofs (device loop2): read error -117 @ 2 of nid 89 [ 403.978435][ T29] audit: type=1800 audit(1775656142.683:89): pid=9607 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1704" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 404.512862][ T9621] netlink: 'syz.3.1713': attribute type 1 has an invalid length. [ 405.224232][ T30] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 405.414447][ T30] usb 2-1: Using ep0 maxpacket: 32 [ 405.444031][ T30] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 405.456869][ T9642] xt_TCPMSS: Only works on TCP SYN packets [ 405.484182][ T30] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 405.538562][ T30] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 405.554715][ T30] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 405.578999][ T30] usb 2-1: Product: syz [ 405.583336][ T30] usb 2-1: Manufacturer: syz [ 405.670525][ T30] hub 2-1:4.0: USB hub found [ 405.885591][ T30] hub 2-1:4.0: config failed, hub doesn't have any ports! (err -19) [ 406.234722][ T5834] usb 2-1: USB disconnect, device number 9 [ 406.863488][ T29] audit: type=1326 audit(1775656145.553:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9667 comm="syz.0.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75819c819 code=0x7ffc0000 [ 406.993995][ T29] audit: type=1326 audit(1775656145.553:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9667 comm="syz.0.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75819c819 code=0x7ffc0000 [ 407.093609][ T29] audit: type=1326 audit(1775656145.603:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9667 comm="syz.0.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7ff75819c819 code=0x7ffc0000 [ 407.205742][ T29] audit: type=1326 audit(1775656145.603:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9667 comm="syz.0.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75819c819 code=0x7ffc0000 [ 407.298081][ T29] audit: type=1326 audit(1775656145.603:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9667 comm="syz.0.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75819c819 code=0x7ffc0000 [ 407.483484][ T9681] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.1742'. [ 407.609108][ T9684] loop2: detected capacity change from 0 to 16 [ 407.704034][ T9684] erofs (device loop2): mounted with root inode @ nid 36. [ 407.766882][ T9684] erofs (device loop2): readahead error at folio 2 @ nid 89 [ 407.794564][ T9684] erofs (device loop2): readahead error at folio 1 @ nid 89 [ 407.802992][ T9684] syz.2.1743: attempt to access beyond end of device [ 407.802992][ T9684] loop2: rw=524288, sector=537395200, nr_sectors = 8 limit=16 [ 407.922601][ T9684] syz.2.1743: attempt to access beyond end of device [ 407.922601][ T9684] loop2: rw=0, sector=537395200, nr_sectors = 8 limit=16 [ 408.004594][ T9684] erofs (device loop2): read error -5 @ 1 of nid 89 [ 408.023078][ T29] audit: type=1800 audit(1775656146.723:95): pid=9684 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1743" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 408.036120][ T9691] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 408.158580][ T9693] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 408.960770][ T9697] loop4: detected capacity change from 0 to 4096 [ 409.022297][ T9697] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 409.395327][ T9697] ntfs3(loop4): ino=19, mi_enum_attr [ 409.524182][ T9697] ntfs3(loop4): failed to convert "c46c" to cp869 [ 409.544062][ T9697] ntfs3(loop4): ino=20, mi_enum_attr [ 410.221529][ T9725] Illegal XDP return value 2866789176 on prog (id 40) dev N/A, expect packet loss! [ 410.836465][ T9739] loop1: detected capacity change from 0 to 256 [ 411.005193][ T9739] FAT-fs (loop1): Directory bread(block 64) failed [ 411.054195][ T9739] FAT-fs (loop1): Directory bread(block 65) failed [ 411.082654][ T9739] FAT-fs (loop1): Directory bread(block 66) failed [ 411.114019][ T9739] FAT-fs (loop1): Directory bread(block 67) failed [ 411.120864][ T9739] FAT-fs (loop1): Directory bread(block 68) failed [ 411.172730][ T9743] loop2: detected capacity change from 0 to 512 [ 411.184015][ T9739] FAT-fs (loop1): Directory bread(block 69) failed [ 411.224790][ T9739] FAT-fs (loop1): Directory bread(block 70) failed [ 411.231511][ T9739] FAT-fs (loop1): Directory bread(block 71) failed [ 411.311136][ T9739] FAT-fs (loop1): Directory bread(block 72) failed [ 411.336424][ T9743] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 411.354033][ T9739] FAT-fs (loop1): Directory bread(block 73) failed [ 411.381369][ T9743] ext4 filesystem being mounted at /347/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 411.877359][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 412.088805][ T9757] bridge_slave_0: left allmulticast mode [ 412.128258][ T9757] bridge0: port 1(bridge_slave_0) entered disabled state [ 412.229067][ T9757] bridge_slave_1: left allmulticast mode [ 412.241032][ T9757] bridge_slave_1: left promiscuous mode [ 412.264844][ T9757] bridge0: port 2(bridge_slave_1) entered disabled state [ 412.524308][ T9757] team0: Port device team_slave_0 removed [ 412.669954][ T9757] team0: Port device team_slave_1 removed [ 412.720846][ T9757] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 412.755995][ T9757] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 412.802722][ T9757] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 412.846285][ T9757] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 412.897180][ T9772] loop1: detected capacity change from 0 to 1024 [ 412.907187][ T9757] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 413.192143][ T9776] mmap: syz.3.1788 (9776) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 413.949517][ T9786] loop2: detected capacity change from 0 to 2048 [ 414.084854][ T9786] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 414.089136][ T30] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 414.283982][ T30] usb 5-1: Using ep0 maxpacket: 32 [ 414.310514][ T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 52, changing to 9 [ 414.353579][ T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 8241, setting to 1024 [ 414.410564][ T30] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16 [ 414.467705][ T30] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 414.479447][ T30] usb 5-1: Product: syz [ 414.484787][ T30] usb 5-1: Manufacturer: syz [ 414.491158][ T30] usb 5-1: SerialNumber: syz [ 414.521624][ T30] usb 5-1: config 0 descriptor?? [ 414.576684][ T30] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 414.757511][ T9803] loop2: detected capacity change from 0 to 512 [ 414.799340][ T5827] usb 5-1: USB disconnect, device number 10 [ 414.807972][ T1048] usb 5-1: Failed to submit usb control message: -71 [ 414.815101][ T1048] usb 5-1: unable to send the bmi data to the device: -71 [ 414.827915][ T1048] usb 5-1: unable to get target info from device [ 414.845900][ T1048] usb 5-1: could not get target info (-71) [ 414.851928][ T1048] usb 5-1: could not probe fw (-71) [ 414.854008][ T9803] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 414.993189][ T9803] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1799: bg 0: block 384: padding at end of block bitmap is not set [ 415.061914][ T9807] bridge_slave_0: left allmulticast mode [ 415.068909][ T9807] bridge_slave_0: left promiscuous mode [ 415.079558][ T9807] bridge0: port 1(bridge_slave_0) entered disabled state [ 415.107364][ T9803] loop2: lost filesystem error report for type 5 error -117 [ 415.113843][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 415.127829][ C0] EXT4-fs (loop2): initial error at time 1775656153: ext4_validate_block_bitmap:441 [ 415.137480][ C0] EXT4-fs (loop2): last error at time 1775656153: ext4_validate_block_bitmap:441 [ 415.166268][ T9803] EXT4-fs (loop2): Remounting filesystem read-only [ 415.180459][ T9807] bridge_slave_1: left allmulticast mode [ 415.196105][ T9803] EXT4-fs (loop2): 1 truncate cleaned up [ 415.242054][ T9807] bridge_slave_1: left promiscuous mode [ 415.250819][ T9803] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 415.266347][ T9807] bridge0: port 2(bridge_slave_1) entered disabled state [ 415.388666][ T9807] bond0: (slave bond_slave_0): Releasing backup interface [ 415.517457][ T9807] bond0: (slave bond_slave_1): Releasing backup interface [ 415.601794][ T9807] team0: Port device team_slave_0 removed [ 415.661967][ T9807] team0: Port device team_slave_1 removed [ 415.671076][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 415.707079][ T9807] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 415.813975][ T9807] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 415.895875][ T9819] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1806'. [ 415.908091][ T9819] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1806'. [ 415.941656][ T9813] loop1: detected capacity change from 0 to 4096 [ 415.957265][ T9807] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 416.018283][ T9807] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 416.092440][ T9807] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 416.434053][ T5827] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 416.647599][ T5827] usb 1-1: Using ep0 maxpacket: 8 [ 416.664383][ T5827] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 416.700490][ T5827] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 416.743295][ T5827] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 416.788886][ T5827] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 416.842248][ T5827] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 416.894044][ T5827] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 416.928868][ T5827] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 416.973322][ T5827] usb 1-1: config 0 descriptor?? [ 416.997267][ T9823] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 417.439929][ T9838] QAT: Stopping all acceleration devices. [ 417.515886][ T5777] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 417.519806][ T30] usb 1-1: USB disconnect, device number 9 [ 418.439313][ T9849] bridge_slave_0: left allmulticast mode [ 418.458372][ T9849] bridge_slave_0: left promiscuous mode [ 418.473387][ T9849] bridge0: port 1(bridge_slave_0) entered disabled state [ 418.532534][ T9849] bridge_slave_1: left allmulticast mode [ 418.549475][ T9849] bridge_slave_1: left promiscuous mode [ 418.567011][ T9849] bridge0: port 2(bridge_slave_1) entered disabled state [ 418.631955][ T9849] bond0: (slave bond_slave_0): Releasing backup interface [ 418.672484][ T9849] bond0: (slave bond_slave_1): Releasing backup interface [ 418.808345][ T9849] team0: Port device team_slave_0 removed [ 418.866686][ T9849] team0: Port device team_slave_1 removed [ 418.891240][ T9849] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 418.911068][ T9849] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 418.939828][ T9849] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 418.974287][ T9849] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 419.021577][ T9849] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 421.385624][ T9910] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1853'. [ 421.396231][ T9912] netlink: 'syz.4.1852': attribute type 15 has an invalid length. [ 421.414805][ T9912] netlink: 723 bytes leftover after parsing attributes in process `syz.4.1852'. [ 423.044016][ T5827] usb 4-1: new full-speed USB device number 7 using dummy_hcd [ 423.281941][ T5827] usb 4-1: unable to get BOS descriptor or descriptor too short [ 423.296738][ T5827] usb 4-1: not running at top speed; connect to a high speed hub [ 423.331303][ T5827] usb 4-1: config 5 has an invalid interface number: 246 but max is 0 [ 423.356289][ T5827] usb 4-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config [ 423.403882][ T5827] usb 4-1: config 5 has no interface number 0 [ 423.410175][ T5827] usb 4-1: config 5 interface 246 altsetting 4 endpoint 0x3 has an invalid bInterval 0, changing to 4 [ 423.466860][ T5827] usb 4-1: config 5 interface 246 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 423.523968][ T5827] usb 4-1: config 5 interface 246 has no altsetting 0 [ 423.585262][ T5827] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=f5.e4 [ 423.614589][ T5827] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 423.622785][ T5827] usb 4-1: Product: syz [ 423.653926][ T5827] usb 4-1: Manufacturer: syz [ 423.658710][ T5827] usb 4-1: SerialNumber: syz [ 424.032057][ T5827] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 424.051634][ T9963] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1876'. [ 424.052575][ T12] usb 4-1: Failed to submit usb control message: -71 [ 424.080084][ T5827] usb 4-1: USB disconnect, device number 7 [ 424.097660][ T12] usb 4-1: unable to send the bmi data to the device: -71 [ 424.131077][ T12] usb 4-1: unable to get target info from device [ 424.174527][ T12] usb 4-1: could not get target info (-71) [ 424.195184][ T12] usb 4-1: could not probe fw (-71) [ 424.276130][ T5986] udevd[5986]: setting mode of /dev/bus/usb/004/007 to 020664 failed: No such file or directory [ 424.308319][ T5986] udevd[5986]: setting owner of /dev/bus/usb/004/007 to uid=0, gid=0 failed: No such file or directory [ 425.421967][ T9985] loop4: detected capacity change from 0 to 64 [ 426.286129][ T9995] loop3: detected capacity change from 0 to 1764 [ 426.422743][ T9995] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 427.041622][T10013] loop3: detected capacity change from 0 to 256 [ 427.318565][T10013] FAT-fs (loop3): Directory bread(block 64) failed [ 427.354348][T10013] FAT-fs (loop3): Directory bread(block 65) failed [ 427.361213][T10013] FAT-fs (loop3): Directory bread(block 66) failed [ 427.429198][T10013] FAT-fs (loop3): Directory bread(block 67) failed [ 427.471032][T10013] FAT-fs (loop3): Directory bread(block 68) failed [ 427.524035][T10013] FAT-fs (loop3): Directory bread(block 69) failed [ 427.530923][T10013] FAT-fs (loop3): Directory bread(block 70) failed [ 427.595210][T10013] FAT-fs (loop3): Directory bread(block 71) failed [ 427.640449][T10013] FAT-fs (loop3): Directory bread(block 72) failed [ 427.685056][T10013] FAT-fs (loop3): Directory bread(block 73) failed [ 428.054448][T10033] loop1: detected capacity change from 0 to 16 [ 428.066326][T10033] erofs (device loop1): mounted with root inode @ nid 36. [ 429.455907][T10062] overlayfs: cannot append lower layer [ 430.215903][T10076] netlink: 228 bytes leftover after parsing attributes in process `syz.0.1931'. [ 430.679837][T10085] loop3: detected capacity change from 0 to 64 [ 430.714633][T10086] netlink: 'syz.0.1937': attribute type 21 has an invalid length. [ 430.820541][T10085] hfs: request for non-existent node 1025 in B*Tree [ 430.860180][T10085] hfs: request for non-existent node 1025 in B*Tree [ 430.900235][T10079] loop4: detected capacity change from 0 to 4096 [ 431.098108][T10079] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 431.235336][ T30] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 431.277643][T10079] ntfs3(loop4): Failed to load $Extend (-22). [ 431.308739][T10079] ntfs3(loop4): Failed to initialize $Extend. [ 431.414082][ T30] usb 3-1: Using ep0 maxpacket: 16 [ 431.446884][ T30] usb 3-1: config index 0 descriptor too short (expected 51443, got 18) [ 431.510984][ T30] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 431.551277][ T30] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 431.580946][T10098] netlink: 'syz.0.1943': attribute type 2 has an invalid length. [ 431.587001][ T30] usb 3-1: Product: syz [ 431.604597][T10098] netlink: 'syz.0.1943': attribute type 8 has an invalid length. [ 431.624052][ T30] usb 3-1: Manufacturer: syz [ 431.633434][T10098] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1943'. [ 431.639457][ T30] usb 3-1: SerialNumber: syz [ 431.694276][ T30] r8152-cfgselector 3-1: Unknown version 0x0000 [ 431.700748][ T30] r8152-cfgselector 3-1: config 0 descriptor?? [ 432.254155][ T5827] r8152-cfgselector 3-1: USB disconnect, device number 8 [ 433.205492][ T5827] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 433.374654][ T5827] usb 2-1: unable to get BOS descriptor or descriptor too short [ 433.389033][ T5827] usb 2-1: not running at top speed; connect to a high speed hub [ 433.402575][ T5827] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 433.437191][ T5827] usb 2-1: string descriptor 0 read error: -22 [ 433.444789][ T5827] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 433.455879][ T5827] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 433.709346][ T5827] usb 2-1: USB disconnect, device number 10 [ 433.718268][T10128] xt_TPROXY: Can be used only with -p tcp or -p udp [ 433.732566][ T29] audit: type=1326 audit(1775656172.433:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10129 comm="syz.2.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 433.812155][ T29] audit: type=1326 audit(1775656172.473:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10129 comm="syz.2.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 433.946067][ T29] audit: type=1326 audit(1775656172.493:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10129 comm="syz.2.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 434.044324][ T29] audit: type=1326 audit(1775656172.503:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10129 comm="syz.2.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 434.165378][ T29] audit: type=1326 audit(1775656172.503:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10129 comm="syz.2.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 435.487662][T10164] netlink: 'syz.2.1975': attribute type 1 has an invalid length. [ 437.116383][T10194] bridge_slave_0: left allmulticast mode [ 437.164684][T10194] bridge_slave_0: left promiscuous mode [ 437.194789][T10194] bridge0: port 1(bridge_slave_0) entered disabled state [ 437.305946][T10194] bridge_slave_1: left allmulticast mode [ 437.311787][T10194] bridge_slave_1: left promiscuous mode [ 437.352320][T10194] bridge0: port 2(bridge_slave_1) entered disabled state [ 437.479089][T10194] bond0: (slave bond_slave_0): Releasing backup interface [ 437.576018][T10194] bond0: (slave bond_slave_1): Releasing backup interface [ 437.681453][T10194] team0: Port device team_slave_0 removed [ 437.769360][T10194] team0: Port device team_slave_1 removed [ 437.788912][T10194] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 437.797798][T10194] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 437.829240][T10194] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 437.881934][T10194] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 437.922658][T10194] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 438.151569][T10210] netlink: ct family unspecified [ 438.188211][T10210] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 438.265381][T10212] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1997'. [ 438.587248][T10220] usb usb1: usbfs: process 10220 (syz.0.2002) did not claim interface 0 before use [ 439.202512][T10231] loop4: detected capacity change from 0 to 64 [ 442.364746][T10287] netlink: 'syz.3.2035': attribute type 2 has an invalid length. [ 442.575760][T10292] loop2: detected capacity change from 0 to 256 [ 442.767496][T10292] FAT-fs (loop2): Directory bread(block 64) failed [ 442.810143][T10292] FAT-fs (loop2): Directory bread(block 65) failed [ 442.834277][T10292] FAT-fs (loop2): Directory bread(block 66) failed [ 442.854264][T10292] FAT-fs (loop2): Directory bread(block 67) failed [ 442.874246][T10292] FAT-fs (loop2): Directory bread(block 68) failed [ 442.880970][T10292] FAT-fs (loop2): Directory bread(block 69) failed [ 442.922918][T10292] FAT-fs (loop2): Directory bread(block 70) failed [ 442.943385][T10292] FAT-fs (loop2): Directory bread(block 71) failed [ 442.975303][T10292] FAT-fs (loop2): Directory bread(block 72) failed [ 443.003676][T10299] loop1: detected capacity change from 0 to 16 [ 443.004148][T10292] FAT-fs (loop2): Directory bread(block 73) failed [ 443.692142][T10308] loop1: detected capacity change from 0 to 128 [ 443.847980][T10308] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 443.957693][T10308] ext4 filesystem being mounted at /406/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 444.418990][ T5786] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 445.316635][ T30] usb 1-1: new full-speed USB device number 10 using dummy_hcd [ 445.510931][ T30] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 445.556748][ T30] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 445.614287][ T30] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 445.654193][ T30] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 445.714783][ T30] hub 1-1:4.0: USB hub found [ 445.923015][ T30] hub 1-1:4.0: 4 ports detected [ 445.941666][ T30] usb 1-1: selecting invalid altsetting 1 [ 446.001092][ T30] hub 1-1:4.0: Using single TT (err -22) [ 446.067139][ T30] hub 1-1:4.0: insufficient power available to use all downstream ports [ 446.127696][ T30] hub 1-1:4.0: hub_hub_status failed (err = -71) [ 446.163261][ T30] hub 1-1:4.0: config failed, can't get hub status (err -71) [ 446.275706][ T30] usb 1-1: USB disconnect, device number 10 [ 446.600609][T10356] loop1: detected capacity change from 0 to 512 [ 447.230636][T10367] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2073'. [ 447.285052][T10367] netlink: 11 bytes leftover after parsing attributes in process `syz.1.2073'. [ 447.353428][T10367] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2073'. [ 447.475602][ T5827] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 447.664013][ T5827] usb 1-1: Using ep0 maxpacket: 16 [ 447.702727][ T5827] usb 1-1: config index 0 descriptor too short (expected 16456, got 72) [ 447.742428][ T5827] usb 1-1: config 0 has an invalid interface number: 125 but max is 1 [ 447.788062][ T5827] usb 1-1: config 0 has an invalid interface number: 125 but max is 1 [ 447.806395][ T5827] usb 1-1: config 0 has an invalid interface number: 125 but max is 1 [ 447.864037][ T5827] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 447.873128][ T5827] usb 1-1: config 0 has no interface number 0 [ 447.904470][ T5827] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 447.924050][ T5827] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 447.974018][ T5827] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 448.034418][ T5827] usb 1-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 448.090781][ T5827] usb 1-1: config 0 interface 125 has no altsetting 0 [ 448.094362][T10381] xt_HMARK: spi-set and port-set can't be combined [ 448.113333][ T5827] usb 1-1: config 0 interface 125 has no altsetting 2 [ 448.155824][ T5827] usb 1-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 448.186875][ T5827] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 448.219695][ T5827] usb 1-1: Product: syz [ 448.243939][ T5827] usb 1-1: Manufacturer: syz [ 448.249042][ T5827] usb 1-1: SerialNumber: syz [ 448.288663][ T5827] usb 1-1: config 0 descriptor?? [ 448.349616][ T5827] usb 1-1: selecting invalid altsetting 2 [ 448.661227][T10389] loop2: detected capacity change from 0 to 1024 [ 448.709351][T10391] dlm: no locking on control device [ 448.725703][T10389] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 448.754095][T10389] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 448.785062][ C0] usb 1-1: async_complete: urb error -71 [ 448.791241][ C0] usb 1-1: async_complete: urb error -71 [ 448.797397][ C0] usb 1-1: async_complete: urb error -71 [ 448.804009][ T5827] get_1284_register: usb error -71 [ 448.817648][ T5827] usb 1-1: USB disconnect, device number 11 [ 449.406551][T10398] loop1: detected capacity change from 0 to 1024 [ 449.648707][T10398] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 449.796923][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 449.803533][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 450.067907][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 450.121681][T10389] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 450.434576][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 450.722868][ T29] audit: type=1107 audit(1775656189.423:101): pid=10418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 451.490739][T10436] loop1: detected capacity change from 0 to 256 [ 451.605406][T10430] loop2: detected capacity change from 0 to 4096 [ 451.641725][T10430] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 451.867839][T10436] FAT-fs (loop1): Directory bread(block 64) failed [ 451.890451][T10436] FAT-fs (loop1): Directory bread(block 65) failed [ 451.921085][T10436] FAT-fs (loop1): Directory bread(block 66) failed [ 451.951641][T10430] ntfs3(loop2): ino=19, mi_enum_attr [ 451.961765][T10436] FAT-fs (loop1): Directory bread(block 67) failed [ 451.986335][T10430] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 452.018239][T10436] FAT-fs (loop1): Directory bread(block 68) failed [ 452.027732][T10436] FAT-fs (loop1): Directory bread(block 69) failed [ 452.074480][T10436] FAT-fs (loop1): Directory bread(block 70) failed [ 452.085283][T10436] FAT-fs (loop1): Directory bread(block 71) failed [ 452.108551][T10430] ntfs3(loop2): failed to convert "c46c" to cp866 [ 452.115593][T10436] FAT-fs (loop1): Directory bread(block 72) failed [ 452.135176][T10430] ntfs3(loop2): ino=20, mi_enum_attr [ 452.141246][T10436] FAT-fs (loop1): Directory bread(block 73) failed [ 452.231227][T10442] loop4: detected capacity change from 0 to 2048 [ 452.421897][T10442] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 452.575080][T10446] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2107'. [ 452.596137][ T5787] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 452.879935][T10450] loop2: detected capacity change from 0 to 1024 [ 452.976557][T10450] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 453.079698][T10450] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 453.165333][T10450] EXT4-fs (loop2): orphan cleanup on readonly fs [ 453.255591][T10450] Quota error (device loop2): do_check_range: Getting dqdh_entries 512 out of range 0-14 [ 453.314833][T10450] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 453.357248][T10450] EXT4-fs error (device loop2): ext4_acquire_dquot:7026: comm syz.2.2109: Failed to acquire dquot type 0 [ 453.434164][T10450] loop2: lost filesystem error report for type 5 error -117 [ 453.441387][T10450] Quota error (device loop2): do_check_range: Getting dqdh_entries 512 out of range 0-14 [ 453.449153][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 453.449236][ C0] EXT4-fs (loop2): initial error at time 1775656192: ext4_acquire_dquot:7026 [ 453.449349][ C0] EXT4-fs (loop2): last error at time 1775656192: ext4_acquire_dquot:7026 [ 453.574403][T10450] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 453.630381][T10450] EXT4-fs error (device loop2): ext4_acquire_dquot:7026: comm syz.2.2109: Failed to acquire dquot type 0 [ 453.704812][T10450] loop2: lost filesystem error report for type 5 error -117 [ 453.734168][T10450] EXT4-fs error (device loop2): ext4_free_blocks:6724: comm syz.2.2109: Freeing blocks not in datazone - block = 0, count = 4096 [ 453.813908][T10450] loop2: lost filesystem error report for type 5 error -117 [ 453.826246][T10450] Quota error (device loop2): do_check_range: Getting dqdh_entries 512 out of range 0-14 [ 453.904425][T10450] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 453.974160][T10450] EXT4-fs error (device loop2): ext4_acquire_dquot:7026: comm syz.2.2109: Failed to acquire dquot type 0 [ 454.029398][T10450] loop2: lost filesystem error report for type 5 error -117 [ 454.030333][T10450] EXT4-fs (loop2): 1 orphan inode deleted [ 454.109220][T10450] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 454.403526][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 455.201673][ T29] audit: type=1400 audit(1775656193.903:102): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=10490 comm="syz.1.2128" [ 456.147790][T10509] loop1: detected capacity change from 0 to 128 [ 456.233779][T10509] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 456.874375][T10517] loop1: detected capacity change from 0 to 512 [ 457.000310][T10517] FAT-fs (loop1): Directory bread(block 199916) failed [ 457.034162][T10525] Cannot find del_set index 4 as target [ 457.044062][T10524] xt_TPROXY: Can be used only with -p tcp or -p udp [ 457.054233][T10517] FAT-fs (loop1): Directory bread(block 199917) failed [ 457.084039][T10517] FAT-fs (loop1): Directory bread(block 199918) failed [ 457.091172][T10517] FAT-fs (loop1): Directory bread(block 199919) failed [ 457.143954][T10517] FAT-fs (loop1): Directory bread(block 199920) failed [ 457.172101][T10517] FAT-fs (loop1): Directory bread(block 199921) failed [ 457.202853][T10517] FAT-fs (loop1): Directory bread(block 199922) failed [ 457.244228][T10517] FAT-fs (loop1): Directory bread(block 199923) failed [ 457.290569][T10517] FAT-fs (loop1): Directory bread(block 199916) failed [ 457.334365][T10517] FAT-fs (loop1): Directory bread(block 199917) failed [ 457.768983][T10528] bond1: Removing last ns target with arp_interval on [ 458.517073][T10550] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2157'. [ 458.526830][T10548] netlink: 260 bytes leftover after parsing attributes in process `syz.4.2155'. [ 459.364676][T10560] loop3: detected capacity change from 0 to 512 [ 459.413511][T10560] EXT4-fs: Ignoring removed bh option [ 459.469128][T10560] EXT4-fs: inline encryption not supported [ 459.513200][T10560] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 459.703180][T10560] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 459.828483][T10560] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2161: bg 0: block 248: padding at end of block bitmap is not set [ 459.944168][T10560] loop3: lost filesystem error report for type 5 error -117 [ 459.953849][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 459.968058][ C1] EXT4-fs (loop3): last error at time 1775656198: ext4_validate_block_bitmap:441 [ 459.994832][T10560] Quota error (device loop3): write_blk: dquota write failed [ 460.120761][T10560] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 460.274250][T10560] EXT4-fs error (device loop3): ext4_acquire_dquot:7026: comm syz.3.2161: Failed to acquire dquot type 1 [ 460.340778][T10560] loop3: lost filesystem error report for type 5 error -28 [ 460.364448][T10560] EXT4-fs (loop3): 1 truncate cleaned up [ 460.450472][T10560] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback. [ 460.502443][T10581] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2170'. [ 461.114414][T10560] syz.3.2161 (10560) used greatest stack depth: 2832 bytes left [ 461.248494][ T53] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-5 [ 461.296353][ T53] EXT4-fs error (device loop3): ext4_release_dquot:7062: comm kworker/u8:3: Failed to release dquot type 1 [ 461.298634][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0008-000000000000. [ 461.347404][ T53] loop3: lost filesystem error report for type 5 error -117 [ 462.074496][T10608] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2184'. [ 462.124535][T10611] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2185'. [ 462.190299][T10611] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2185'. [ 462.247775][T10611] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2185'. [ 462.311063][T10611] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2185'. [ 462.383908][T10611] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2185'. [ 462.435997][T10611] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2185'. [ 462.599409][ T29] audit: type=1326 audit(1775656201.293:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10616 comm="syz.2.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 462.664769][ T29] audit: type=1326 audit(1775656201.293:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10616 comm="syz.2.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 462.758650][ T29] audit: type=1326 audit(1775656201.333:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10616 comm="syz.2.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 462.874584][ T29] audit: type=1326 audit(1775656201.333:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10616 comm="syz.2.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 462.966632][ T29] audit: type=1326 audit(1775656201.343:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10616 comm="syz.2.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=179 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 463.072412][ T29] audit: type=1326 audit(1775656201.343:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10616 comm="syz.2.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 463.167835][ T29] audit: type=1326 audit(1775656201.343:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10616 comm="syz.2.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 463.334324][T10624] xt_CT: No such helper "pptp" [ 463.436163][ T9] usb 5-1: new full-speed USB device number 11 using dummy_hcd [ 463.597866][T10634] overlayfs: workdir and upperdir must be separate subtrees [ 463.633017][ T9] usb 5-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 463.659824][ T9] usb 5-1: config 2 interface 0 has no altsetting 0 [ 463.687513][ T9] usb 5-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b [ 463.706954][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 463.758253][ T9] usb 5-1: Product: syz [ 463.789144][ T9] usb 5-1: Manufacturer: syz [ 463.824111][ T9] usb 5-1: SerialNumber: syz [ 463.857333][ T9] usb 5-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state [ 463.869507][ T9] usb 5-1: selecting invalid altsetting 0 [ 463.885527][ T9] usb 5-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter) [ 464.081912][ T30] usb 5-1: USB disconnect, device number 11 [ 464.665119][T10649] loop3: detected capacity change from 0 to 1024 [ 465.367110][ T30] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 465.569509][ T30] usb 1-1: config index 0 descriptor too short (expected 1572, got 36) [ 465.603898][ T30] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 465.661150][ T30] usb 1-1: New USB device found, idVendor=05ac, idProduct=0238, bcdDevice= 0.40 [ 465.694847][ T30] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 465.709852][ T30] usb 1-1: Product: syz [ 465.731388][ T30] usb 1-1: Manufacturer: syz [ 465.742909][ T30] usb 1-1: SerialNumber: syz [ 465.763528][T10667] loop1: detected capacity change from 0 to 512 [ 465.789659][ T30] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input15 [ 465.868056][T10667] EXT4-fs (loop1): orphan cleanup on readonly fs [ 465.871897][T10669] __nla_validate_parse: 24 callbacks suppressed [ 465.872027][T10669] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2210'. [ 465.948262][T10667] EXT4-fs warning (device loop1): ext4_xattr_inode_get:560: inode #11: comm syz.1.2212: EA inode hash validation failed [ 465.987636][ T5116] bcm5974 1-1:1.0: could not read from device [ 465.997887][ T30] bcm5974 1-1:1.0: could not read from device [ 466.016599][ T5116] bcm5974 1-1:1.0: could not read from device [ 466.034923][T10667] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 466.064963][T10667] EXT4-fs error (device loop1): ext4_do_update_inode:5602: inode #15: comm syz.1.2212: corrupted inode contents [ 466.099653][T10667] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 466.101724][T10667] EXT4-fs error (device loop1): ext4_dirty_inode:6495: inode #15: comm syz.1.2212: mark_inode_dirty error [ 466.111586][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 466.111671][ C1] EXT4-fs (loop1): initial error at time 1775656204: ext4_do_update_inode:5602: inode 15 [ 466.111812][ C1] EXT4-fs (loop1): last error at time 1775656204: ext4_do_update_inode:5602: inode 15 [ 466.207253][T10667] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 466.209225][T10667] EXT4-fs error (device loop1): ext4_do_update_inode:5602: inode #15: comm syz.1.2212: corrupted inode contents [ 466.245253][ T30] input: failed to attach handler mousedev to device input15, error: -5 [ 466.284320][ T5116] bcm5974 1-1:1.0: could not read from device [ 466.311566][ T30] usb 1-1: USB disconnect, device number 12 [ 466.319856][T10667] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 466.339675][T10667] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2999: inode #15: comm syz.1.2212: mark_inode_dirty error [ 466.394712][T10667] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 466.395870][T10667] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3002: inode #15: comm syz.1.2212: mark inode dirty (error -117) [ 466.421981][ T5116] bcm5974 1-1:1.0: could not read from device [ 466.450492][T10667] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 466.451685][T10667] EXT4-fs warning (device loop1): ext4_evict_inode:285: xattr delete (err -117) [ 466.464052][ T9] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 466.479898][T10667] EXT4-fs (loop1): 1 orphan inode deleted [ 466.514947][T10667] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 466.588313][T10676] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2216'. [ 466.684186][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 466.725111][ T9] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x2 has invalid wMaxPacketSize 0 [ 466.743847][ T9] usb 3-1: config 0 interface 0 has no altsetting 0 [ 466.764159][ T9] usb 3-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00 [ 466.800533][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 466.858715][ T9] usb 3-1: config 0 descriptor?? [ 466.945781][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 467.176834][ T9] usbhid 3-1:0.0: can't add hid device: -71 [ 467.183410][ T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 467.276443][T10683] netlink: 'syz.4.2220': attribute type 3 has an invalid length. [ 467.288249][ T9] usb 3-1: USB disconnect, device number 9 [ 468.196280][T10702] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2228'. [ 468.299166][T10699] loop1: detected capacity change from 0 to 764 [ 468.363005][T10699] rock: directory entry would overflow storage [ 468.389923][T10699] rock: sig=0x4654, size=5, remaining=4 [ 468.995079][T10712] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2234'. [ 470.329183][T10735] QAT: Invalid ioctl 21531 [ 470.475008][T10740] netlink: 'syz.1.2248': attribute type 5 has an invalid length. [ 471.239427][T10752] netlink: 'syz.4.2255': attribute type 21 has an invalid length. [ 471.294590][T10752] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2255'. [ 471.364418][T10752] netlink: 3 bytes leftover after parsing attributes in process `syz.4.2255'. [ 471.370597][T10757] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2256'. [ 473.036687][T10782] loop1: detected capacity change from 0 to 1024 [ 473.448067][ T13] hfsplus: b-tree write err: -5, ino 25 [ 473.494473][ T13] hfsplus: b-tree write err: -5, ino 4 [ 473.500365][ T13] hfsplus: b-tree write err: -5, ino 2 [ 473.534196][ T13] hfsplus: b-tree write err: -5, ino 22 [ 477.138785][T10856] loop3: detected capacity change from 0 to 1764 [ 478.618536][T10889] IPVS: set_ctl: invalid protocol: 41 100.1.1.2:8 [ 479.508270][T10907] openvswitch: netlink: IP tunnel dst address not specified [ 480.040827][T10917] loop2: detected capacity change from 0 to 512 [ 480.216872][T10917] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 480.244735][T10917] ext4 filesystem being mounted at /465/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 480.342649][T10915] loop1: detected capacity change from 0 to 8192 [ 480.411312][T10917] EXT4-fs error (device loop2): ext4_empty_dir:3078: inode #12: comm syz.2.2335: Directory hole found for htree leaf block 0 [ 480.443905][T10915] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 480.452614][T10915] FAT-fs (loop1): Filesystem has been set read-only [ 480.750136][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 480.751652][T10926] loop3: detected capacity change from 0 to 1024 [ 480.871180][T10926] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945) [ 481.002220][T10926] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 481.128235][T10926] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 481.246901][T10926] EXT4-fs (loop3): orphan cleanup on readonly fs [ 481.402468][T10926] EXT4-fs error (device loop3): ext4_read_inode_bitmap:167: comm syz.3.2338: Inode bitmap for bg 0 marked uninitialized [ 481.489406][T10926] loop3: lost filesystem error report for type 5 error -117 [ 481.493814][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 481.507807][ C0] EXT4-fs (loop3): initial error at time 1775656220: ext4_read_inode_bitmap:167 [ 481.517450][ C0] EXT4-fs (loop3): last error at time 1775656220: ext4_read_inode_bitmap:167 [ 481.528849][T10926] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 481.658787][T10926] EXT4-fs error (device loop3): ext4_search_dir:1474: inode #2: block 16: comm syz.3.2338: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 482.165503][T10947] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2348'. [ 482.265266][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 482.437201][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 482.437273][ T29] audit: type=1326 audit(1775656221.123:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10953 comm="syz.2.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 482.584257][ T29] audit: type=1326 audit(1775656221.193:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10953 comm="syz.2.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=453 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 482.652521][ T29] audit: type=1326 audit(1775656221.193:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10953 comm="syz.2.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 482.720495][ T29] audit: type=1326 audit(1775656221.193:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10953 comm="syz.2.2351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 482.781495][T10958] geneve3: entered promiscuous mode [ 482.807690][ T13] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 482.872045][ T13] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 482.927077][ T13] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 482.964295][ T13] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 483.266794][T10966] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2357'. [ 484.430718][T10988] loop2: detected capacity change from 0 to 512 [ 484.587349][T10988] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 484.602171][T10988] ext4 filesystem being mounted at /472/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 484.644533][T10988] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #15: comm syz.2.2368: corrupted xattr block 33: invalid header [ 484.659946][T10988] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #15: comm syz.2.2368: corrupted xattr block 33: invalid header [ 484.714690][T10988] fscrypt (loop2, inode 15): Error -117 getting encryption context [ 484.885102][T10996] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2370'. [ 484.934616][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 485.528035][T11008] netlink: 'syz.4.2376': attribute type 1 has an invalid length. [ 486.372584][T11014] loop1: detected capacity change from 0 to 4096 [ 486.380684][T11022] comedi comedi1: comedi_parport: I/O port conflict (0xff,3) [ 486.697383][T11014] ntfs3(loop1): ino=b, mi_enum_attr [ 486.702810][T11014] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 486.783650][T11014] ntfs3(loop1): Failed to load $Extend (-22). [ 486.790298][T11014] ntfs3(loop1): Failed to initialize $Extend. [ 486.986588][T11026] IPv6: Can't replace route, no match found [ 487.541758][T11033] bond3: option mode: invalid value (254) [ 487.555713][T11033] bond3 (unregistering): Released all slaves [ 488.975690][T11065] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2404'. [ 491.205619][ T5827] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 491.401441][ T5827] usb 3-1: Using ep0 maxpacket: 16 [ 491.478177][ T5827] usb 3-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25 [ 491.504135][ T5827] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 491.512359][ T5827] usb 3-1: Product: syz [ 491.536005][ T5827] usb 3-1: Manufacturer: syz [ 491.540822][ T5827] usb 3-1: SerialNumber: syz [ 491.576522][ T5827] usb 3-1: config 0 descriptor?? [ 491.794687][ T5827] uvcvideo 3-1:0.0: Found UVC 0.00 device syz (046d:0721) [ 491.821168][ T5827] uvcvideo 3-1:0.0: No valid video chain found. [ 491.891198][ T5827] usb 3-1: USB disconnect, device number 10 [ 491.897748][ T10] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 492.082762][ T10] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 492.112947][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 492.182489][ T10] usb 2-1: config 0 descriptor?? [ 492.681558][ T10] usb 2-1: Cannot set MAC address [ 492.694548][T11136] xt_connbytes: Forcing CT accounting to be enabled [ 492.698944][ T10] MOSCHIP usb-ethernet driver 2-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 492.727523][T11136] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'nat' [ 492.745307][T11138] netlink: 112 bytes leftover after parsing attributes in process `syz.0.2437'. [ 492.782949][T11138] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2437'. [ 492.871364][ T10] usb 2-1: USB disconnect, device number 11 [ 492.953180][T11140] sctp: [Deprecated]: syz.2.2438 (pid 11140) Use of int in max_burst socket option deprecated. [ 492.953180][T11140] Use struct sctp_assoc_value instead [ 493.264753][T11146] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2440'. [ 493.709718][T11147] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 494.544610][T11167] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2451'. [ 494.688884][T11173] loop1: detected capacity change from 0 to 512 [ 494.723094][T11173] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 494.788336][T11173] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.2454: Invalid inode bitmap blk 4 in block_group 0 [ 494.817050][T11173] loop1: lost filesystem error report for type 5 error -117 [ 494.823928][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 494.838054][ C1] EXT4-fs (loop1): initial error at time 1775656233: ext4_read_inode_bitmap:139 [ 494.847390][ C1] EXT4-fs (loop1): last error at time 1775656233: ext4_read_inode_bitmap:139 [ 494.865334][T11173] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 495.070005][T11178] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 495.293049][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 495.483374][T11185] loop4: detected capacity change from 0 to 16 [ 495.544498][T11185] erofs (device loop4): mounted with root inode @ nid 36. [ 495.593941][T11187] bridge2: the hash_elasticity option has been deprecated and is always 16 [ 495.636146][T11187] bridge2: entered promiscuous mode [ 495.662786][T11187] bridge2: entered allmulticast mode [ 496.069612][T11198] syz.0.2465 uses obsolete (PF_INET,SOCK_PACKET) [ 496.125928][T11197] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2466'. [ 496.946575][T11213] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2473'. [ 497.661985][T11232] overlay: Unknown parameter '²´Ú «8ú%¢ØÌ ^”Û’ ²Þ_ éwÝê¿Ö`Ê%åMóŽö•Úhc7ª?>Õá¹ù' [ 498.444681][T11242] loop4: detected capacity change from 0 to 512 [ 498.478311][T11242] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 498.735494][T11242] FAT-fs (loop4): error, invalid access to FAT (entry 0x0fffff00) [ 498.743520][T11242] FAT-fs (loop4): Filesystem has been set read-only [ 499.759193][T11267] ip6tnl1: entered allmulticast mode [ 499.765358][T11257] loop1: detected capacity change from 0 to 4096 [ 500.087437][T11271] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2501'. [ 500.196078][T11257] overlayfs: unescaped trailing colons in lowerdir mount option. [ 501.024956][T11286] loop2: detected capacity change from 0 to 64 [ 501.694676][T11298] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2516'. [ 502.194326][T11308] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2520'. [ 502.321858][T11314] netlink: 'syz.1.2523': attribute type 58 has an invalid length. [ 502.659444][T11321] loop1: detected capacity change from 0 to 8 [ 502.666428][T11320] netlink: 'syz.3.2527': attribute type 1 has an invalid length. [ 502.694018][T11320] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2527'. [ 502.714785][ T5834] usb 5-1: new full-speed USB device number 12 using dummy_hcd [ 502.764066][T11320] netlink: 'syz.3.2527': attribute type 1 has an invalid length. [ 502.924970][ T5834] usb 5-1: config 8 has an invalid interface number: 223 but max is 0 [ 502.933358][ T5834] usb 5-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config [ 503.015284][ T5834] usb 5-1: config 8 has no interface number 0 [ 503.021654][ T5834] usb 5-1: config 8 interface 223 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 503.101653][ T5834] usb 5-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d [ 503.135755][ T5834] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 503.154353][ T5834] usb 5-1: Product: syz [ 503.158697][ T5834] usb 5-1: Manufacturer: syz [ 503.163458][ T5834] usb 5-1: SerialNumber: syz [ 503.536439][ T5834] usb 5-1: USB disconnect, device number 12 [ 503.683218][T11339] loop2: detected capacity change from 0 to 64 [ 503.776930][T11339] syz.2.2533: attempt to access beyond end of device [ 503.776930][T11339] loop2: rw=8388608, sector=268435468, nr_sectors = 2 limit=64 [ 503.837290][T11339] Buffer I/O error on dev loop2, logical block 134217734, async page read [ 503.898432][T11339] Trying to free block not in datazone [ 504.244179][ T5834] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 504.457056][ T5834] usb 4-1: Using ep0 maxpacket: 32 [ 504.504846][ T5834] usb 4-1: config index 0 descriptor too short (expected 35577, got 27) [ 504.513419][ T5834] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 504.544060][ T5834] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 504.553287][ T5834] usb 4-1: config 1 has no interface number 0 [ 504.562630][ T5834] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 504.588049][ T5834] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 504.608801][ T5834] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 504.650561][ T5834] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 504.681427][ T5834] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 504.730492][ T5834] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found [ 504.961895][T11356] loop1: detected capacity change from 0 to 512 [ 504.980331][ T5834] snd_usb_pod 4-1:1.1: cannot start listening: -90 [ 504.994250][ T5834] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected [ 505.024784][ T5834] snd_usb_pod 4-1:1.1: probe with driver snd_usb_pod failed with error -90 [ 505.054164][T11356] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 505.142620][T11356] EXT4-fs (loop1): 1 truncate cleaned up [ 505.188427][ T5834] usb 4-1: USB disconnect, device number 8 [ 505.245207][T11356] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 505.345776][T11356] EXT4-fs error (device loop1): ext4_generic_delete_entry:2666: inode #2: block 13: comm syz.1.2543: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 505.406594][T11356] EXT4-fs (loop1): Remounting filesystem read-only [ 505.443968][T11356] EXT4-fs warning (device loop1): ext4_rename_delete:3729: inode #2: comm syz.1.2543: Deleting old file: nlink 4, error=-117 [ 505.702395][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 506.502725][T11386] openvswitch: netlink: IP tunnel attribute has 1620 unknown bytes. [ 507.535473][T11405] misc userio: Invalid payload size [ 507.704022][T11394] loop1: detected capacity change from 0 to 8192 [ 507.988230][T11394] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 2068) [ 508.048233][T11412] delete_channel: no stack [ 508.058125][T11394] FAT-fs (loop1): Filesystem has been set read-only [ 508.090823][T11394] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 2068) [ 508.164223][T11394] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 2068) [ 508.656077][T11425] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2576'. [ 508.784552][T11425] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 509.463841][ T9] usb 2-1: new full-speed USB device number 12 using dummy_hcd [ 509.719549][ T9] usb 2-1: config index 0 descriptor too short (expected 35577, got 27) [ 509.739245][ T9] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 509.764394][ T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 509.789726][ T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 509.824255][ T9] usb 2-1: config 1 has no interface number 0 [ 509.860224][ T9] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 509.886220][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 509.972435][ T9] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found [ 510.200861][ T9] snd_usb_pod 2-1:1.1: endpoint not available, using fallback values [ 510.233969][ T9] snd_usb_pod 2-1:1.1: invalid control EP [ 510.239881][ T9] snd_usb_pod 2-1:1.1: cannot start listening: -22 [ 510.262808][ T9] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected [ 510.280323][ T9] snd_usb_pod 2-1:1.1: probe with driver snd_usb_pod failed with error -22 [ 510.408517][ T9] usb 2-1: USB disconnect, device number 12 [ 510.414509][ T5834] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 510.599684][ T5834] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 510.629193][ T5834] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 510.658289][ T5834] usb 1-1: Product: syz [ 510.684129][ T5834] usb 1-1: Manufacturer: syz [ 510.688984][ T5834] usb 1-1: SerialNumber: syz [ 510.768031][ T5834] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 510.779616][T11460] loop3: detected capacity change from 0 to 2048 [ 510.810969][T11325] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 510.881357][T11465] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 510.949417][T11464] netlink: 'syz.4.2594': attribute type 4 has an invalid length. [ 511.041797][T11460] NILFS error (device loop3): nilfs_lookup: deleted inode referenced: 12 [ 511.110386][T11460] Remounting filesystem read-only [ 511.175208][ C1] usb 1-1: ath: unknown panic pattern! [ 511.227218][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 511.234626][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 511.401821][ T9] usb 1-1: USB disconnect, device number 13 [ 511.751382][T11471] batadv0: entered allmulticast mode [ 511.785969][T11471] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 512.014256][T11325] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 512.043387][T11325] ath9k_htc: Failed to initialize the device [ 512.110290][ T9] usb 1-1: ath9k_htc: USB layer deinitialized [ 513.338912][T11503] loop1: detected capacity change from 0 to 256 [ 513.485963][T11503] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 513.637860][T11508] netlink: 6 bytes leftover after parsing attributes in process `syz.4.2616'. [ 514.416448][T11521] loop3: detected capacity change from 0 to 512 [ 514.481756][T11521] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 514.546935][T11521] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 514.624240][T11521] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 514.632976][T11521] System zones: 0-1, 15-15, 18-18, 34-34 [ 514.640571][T11521] EXT4-fs (loop3): orphan cleanup on readonly fs [ 514.647816][T11521] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0 [ 514.657796][T11521] EXT4-fs warning (device loop3): ext4_enable_quotas:7261: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 514.672975][T11521] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 514.693135][T11521] EXT4-fs (loop3): 1 truncate cleaned up [ 514.712538][T11521] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 515.066904][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 515.568076][T11536] loop2: detected capacity change from 0 to 4096 [ 515.638566][T11536] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 516.599039][T11562] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2641'. [ 516.637515][T11562] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2641'. [ 516.684528][ T29] audit: type=1326 audit(1775656255.383:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11563 comm="syz.3.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff179c819 code=0x7ffc0000 [ 516.773979][ T29] audit: type=1326 audit(1775656255.423:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11563 comm="syz.3.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff179c819 code=0x7ffc0000 [ 516.873949][ T29] audit: type=1326 audit(1775656255.433:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11563 comm="syz.3.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f2ff179c819 code=0x7ffc0000 [ 516.993132][ T29] audit: type=1326 audit(1775656255.433:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11563 comm="syz.3.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff179c819 code=0x7ffc0000 [ 517.035549][ T29] audit: type=1326 audit(1775656255.433:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11563 comm="syz.3.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff179c819 code=0x7ffc0000 [ 517.228363][T11574] netlink: 'syz.3.2649': attribute type 8 has an invalid length. [ 517.776859][T11580] bridge2: entered allmulticast mode [ 518.732198][T11602] overlayfs: workdir and upperdir must reside under the same mount [ 518.785587][T11596] loop2: detected capacity change from 0 to 4096 [ 519.036621][T11596] ntfs3(loop2): ino=5, mi_enum_attr [ 519.042112][T11596] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 519.506618][T11614] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2668'. [ 519.555965][T11614] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2668'. [ 519.826738][T11610] loop1: detected capacity change from 0 to 4096 [ 519.911154][T11610] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 519.974681][T11610] ntfs3(loop1): Failed to load $MFT (-22). [ 520.338691][T11626] netlink: 332 bytes leftover after parsing attributes in process `syz.4.2674'. [ 521.614535][T11645] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2683'. [ 521.649078][T11645] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2683'. [ 522.467386][T11658] fuse: blksize only supported for fuseblk [ 523.334118][T11673] loop4: detected capacity change from 0 to 512 [ 523.411198][T11673] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 523.514266][T11673] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002] [ 523.522959][T11673] EXT4-fs (loop4): orphan cleanup on readonly fs [ 523.591220][T11673] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #13: comm syz.4.2697: iget: bad i_size value: 12154761577498 [ 523.619421][T11676] loop3: detected capacity change from 0 to 1764 [ 523.627097][T11673] loop4: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 523.630392][T11673] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.2697: couldn't read orphan inode 13 (err -117) [ 523.640023][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 523.640113][ C1] EXT4-fs (loop4): initial error at time 1775656262: ext4_orphan_get:1397: inode 13 [ 523.640268][ C1] EXT4-fs (loop4): last error at time 1775656262: ext4_orphan_get:1397: inode 13 [ 523.735758][T11676] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 523.753874][T11673] loop4: lost filesystem error report for type 5 error -117 [ 523.757299][T11673] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 523.870672][T11673] EXT4-fs warning (device loop4): dx_probe:861: inode #2: comm syz.4.2697: dx entry: limit 65535 != root limit 120 [ 523.954026][T11673] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.2697: Corrupt directory, running e2fsck is recommended [ 524.099379][T11686] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2703'. [ 524.138972][T11688] @ÿ: renamed from bond_slave_0 [ 524.277780][ T5787] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 524.384086][T11690] loop3: detected capacity change from 0 to 1024 [ 524.438635][T11690] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 524.454277][T11690] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869) [ 524.550955][T11690] EXT4-fs (loop3): invalid journal inode [ 524.585097][T11694] netlink: 'syz.2.2707': attribute type 10 has an invalid length. [ 524.594174][T11690] EXT4-fs (loop3): can't get journal size [ 524.602226][T11694] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2707'. [ 524.632462][T11694] virt_wifi0: entered promiscuous mode [ 524.640416][T11690] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 524.738452][ T29] audit: type=1326 audit(1775656263.443:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11696 comm="syz.1.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b6e39c819 code=0x7ffc0000 [ 524.853887][ T29] audit: type=1326 audit(1775656263.443:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11696 comm="syz.1.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b6e39c819 code=0x7ffc0000 [ 524.974215][ T29] audit: type=1326 audit(1775656263.443:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11696 comm="syz.1.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b6e39c819 code=0x7ffc0000 [ 525.056395][ T29] audit: type=1326 audit(1775656263.453:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11696 comm="syz.1.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b6e39c819 code=0x7ffc0000 [ 525.085302][ T29] audit: type=1326 audit(1775656263.453:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11696 comm="syz.1.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f2b6e39c819 code=0x7ffc0000 [ 525.140190][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 525.184200][ T29] audit: type=1326 audit(1775656263.453:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11696 comm="syz.1.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b6e39c819 code=0x7ffc0000 [ 525.296914][ T29] audit: type=1326 audit(1775656263.453:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11696 comm="syz.1.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b6e39c819 code=0x7ffc0000 [ 525.409151][ T29] audit: type=1326 audit(1775656263.453:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11696 comm="syz.1.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b6e39c819 code=0x7ffc0000 [ 525.497591][ T29] audit: type=1326 audit(1775656263.453:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11696 comm="syz.1.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f2b6e39c819 code=0x7ffc0000 [ 525.620045][ T29] audit: type=1326 audit(1775656263.453:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11696 comm="syz.1.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f2b6e39c819 code=0x7ffc0000 [ 526.038266][ T9] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 526.229492][ T9] usb 5-1: config 0 has an invalid interface number: 117 but max is 0 [ 526.243165][ T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 526.259701][T11722] x_tables: unsorted entry at hook 3 [ 526.280395][ T9] usb 5-1: config 0 has no interface number 0 [ 526.314536][ T9] usb 5-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 526.344516][ T9] usb 5-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 526.401614][ T9] usb 5-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 526.442806][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 526.469889][ T9] usb 5-1: Product: syz [ 526.486968][ T9] usb 5-1: Manufacturer: syz [ 526.491755][ T9] usb 5-1: SerialNumber: syz [ 526.559398][ T9] usb 5-1: config 0 descriptor?? [ 527.103118][ T5827] usb 5-1: USB disconnect, device number 13 [ 527.685364][T11751] loop2: detected capacity change from 0 to 1764 [ 527.852028][ T5827] usb 2-1: new full-speed USB device number 13 using dummy_hcd [ 528.072624][ T5827] usb 2-1: config 0 has an invalid interface number: 20 but max is 0 [ 528.099478][ T5827] usb 2-1: config 0 has no interface number 0 [ 528.112683][ T5827] usb 2-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 528.139370][ T5827] usb 2-1: config 0 interface 20 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 528.180879][T11756] xt_CT: You must specify a L4 protocol and not use inversions on it [ 528.183062][ T5827] usb 2-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 528.240554][ T5827] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 528.261426][ T5827] usb 2-1: Product: syz [ 528.280050][ T5827] usb 2-1: Manufacturer: syz [ 528.290292][ T5827] usb 2-1: SerialNumber: syz [ 528.356791][ T5827] usb 2-1: config 0 descriptor?? [ 528.364360][T11750] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 528.396318][ T5827] usb-storage 2-1:0.20: USB Mass Storage device detected [ 528.405214][T11760] netlink: 'syz.2.2739': attribute type 17 has an invalid length. [ 528.436345][ T5827] usb-storage 2-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 528.444313][T11760] netlink: 'syz.2.2739': attribute type 16 has an invalid length. [ 528.452277][T11760] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2739'. [ 528.613273][ T5827] scsi host1: usb-storage 2-1:0.20 [ 528.756855][T11767] loop4: detected capacity change from 0 to 2048 [ 528.786909][T11764] loop3: detected capacity change from 0 to 2048 [ 528.830163][T11767] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 528.843166][T11325] usb 2-1: USB disconnect, device number 13 [ 528.852947][T11764] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 529.774850][T11781] netlink: 'syz.1.2748': attribute type 21 has an invalid length. [ 530.734060][ T5827] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 530.909188][ T5827] usb 5-1: Using ep0 maxpacket: 8 [ 530.942251][ T5827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 530.973983][ T5827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 531.014000][ T5827] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 531.038414][ T5827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 531.070956][ T5827] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 531.083471][T11805] loop2: detected capacity change from 0 to 1764 [ 531.094094][ T5827] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 531.115070][ T5827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 531.197293][ T5827] usb 5-1: config 0 descriptor?? [ 531.210805][T11798] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 531.573564][T11813] Bluetooth: hci5: unexpected event 0x10 length: 71 > 1 [ 531.777588][ T5827] usb 5-1: USB disconnect, device number 14 [ 531.784053][ T49] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 531.784468][ T49] Bluetooth: hci5: hardware error 0x51 [ 532.861658][T11832] netlink: 'syz.4.2773': attribute type 39 has an invalid length. [ 533.614545][T11848] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6 [ 534.026084][T11856] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2785'. [ 534.551065][T11868] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2791'. [ 534.624374][T11868] netlink: 196 bytes leftover after parsing attributes in process `syz.3.2791'. [ 534.654660][T11868] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2791'. [ 534.689531][T11868] netlink: 196 bytes leftover after parsing attributes in process `syz.3.2791'. [ 535.206060][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 535.206131][ T29] audit: type=1326 audit(1775656273.913:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11879 comm="syz.2.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 535.323006][ T29] audit: type=1326 audit(1775656273.913:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11879 comm="syz.2.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 535.413380][ T29] audit: type=1326 audit(1775656273.953:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11879 comm="syz.2.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=267 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 535.525479][ T29] audit: type=1326 audit(1775656273.953:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11879 comm="syz.2.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 535.525697][ T29] audit: type=1326 audit(1775656273.953:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11879 comm="syz.2.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee1d9c819 code=0x7ffc0000 [ 535.574454][T11888] loop3: detected capacity change from 0 to 64 [ 535.906748][T11891] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2802'. [ 536.821789][T11910] libceph: resolve '0..' (ret=-3): failed [ 537.022722][T11917] loop2: detected capacity change from 0 to 64 [ 537.621272][T11925] loop4: detected capacity change from 0 to 136 [ 537.780040][T11925] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 537.822082][ T29] audit: type=1326 audit(1775656276.523:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11926 comm="syz.0.2820" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff75819c819 code=0x0 [ 537.933164][T11933] x_tables: ip6_tables: sctp match: only valid for protocol 132 [ 538.221011][T11935] loop2: detected capacity change from 0 to 256 [ 538.404831][ T29] audit: type=1400 audit(1775656277.113:140): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=11938 comm="syz.4.2825" [ 538.916171][T11947] batadv1: entered promiscuous mode [ 538.945019][T11947] batadv1: entered allmulticast mode [ 539.321971][ T9] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 539.517338][ T9] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 539.557653][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 539.616831][ T9] usb 3-1: config 0 descriptor?? [ 539.694589][T11963] netlink: 'syz.3.2838': attribute type 58 has an invalid length. [ 539.786280][T11966] loop4: detected capacity change from 0 to 64 [ 539.866547][T11969] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 540.154289][ T9] ath6kl: Failed to submit usb control message: -71 [ 540.161198][ T9] ath6kl: unable to send the bmi data to the device: -71 [ 540.186999][ T9] ath6kl: Unable to send get target info: -71 [ 540.204926][ T9] ath6kl: Failed to init ath6kl core: -71 [ 540.257979][ T9] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 540.378652][ T9] usb 3-1: USB disconnect, device number 11 [ 540.462755][T11973] loop4: detected capacity change from 0 to 64 [ 540.999794][T11974] loop3: detected capacity change from 0 to 4096 [ 541.075503][T11974] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 541.465356][T11974] ntfs3(loop3): ino=19, mi_enum_attr [ 541.504194][T11974] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 541.863075][T12002] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2853'. [ 542.805991][T11994] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 543.032158][T11994] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 543.064740][T11994] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 543.098254][T11994] usb 5-1: Product: syz [ 543.102612][T11994] usb 5-1: Manufacturer: syz [ 543.124433][T11994] usb 5-1: SerialNumber: syz [ 543.158383][T11994] usb 5-1: config 0 descriptor?? [ 543.435603][T11994] usb-storage 5-1:0.0: USB Mass Storage device detected [ 543.669344][T12026] usb 5-1: USB disconnect, device number 15 [ 543.833196][T11996] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check. [ 543.870624][ T1311] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 543.924053][ T1311] netdevsim netdevsim0 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 543.933283][ T1311] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 544.013969][ T1311] netdevsim netdevsim0 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 544.034591][ T1311] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 544.088573][ T1311] netdevsim netdevsim0 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 544.146320][ T1311] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 544.193875][ T1311] netdevsim netdevsim0 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 544.331549][T12040] loop2: detected capacity change from 0 to 256 [ 544.412189][T12040] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x5955b8de, utbl_chksum : 0xe619d30d) [ 544.524532][T12040] exFAT-fs (loop2): error, data size is invalid(150994954) [ 544.532356][T12040] exFAT-fs (loop2): Filesystem has been set read-only [ 544.704392][T12047] netlink: 'syz.3.2866': attribute type 7 has an invalid length. [ 545.208751][T12054] loop2: detected capacity change from 0 to 128 [ 546.954823][T12090] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 547.014112][T12090] block device autoloading is deprecated and will be removed. [ 547.125229][T12094] loop2: detected capacity change from 0 to 128 [ 547.190661][T12094] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0002] [ 547.222146][T12094] System zones: 1-3, 19-19, 35-36 [ 547.286282][T12094] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 547.372884][T12094] ext4 filesystem being mounted at /573/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 547.841790][ T5775] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 548.676246][T12126] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2904'. [ 548.814764][T12132] netlink: 176 bytes leftover after parsing attributes in process `syz.2.2908'. [ 548.985872][T12033] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 549.070338][T12134] deleting an unspecified loop device is not supported. [ 549.134169][T12138] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2911'. [ 549.173997][T12033] usb 4-1: Using ep0 maxpacket: 16 [ 549.212522][T12033] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 549.243902][T12033] usb 4-1: config 0 has no interface number 0 [ 549.250187][T12033] usb 4-1: config 0 interface 1 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89 [ 549.298265][T12033] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 549.328150][T12140] netlink: zone id is out of range [ 549.339271][T12033] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 549.359790][T12140] netlink: zone id is out of range [ 549.371921][T12033] usb 4-1: New USB device found, idVendor=1a86, idProduct=752d, bcdDevice=2d.4d [ 549.381397][T12140] netlink: zone id is out of range [ 549.396541][T12033] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 549.405769][T12140] netlink: zone id is out of range [ 549.411010][T12140] netlink: zone id is out of range [ 549.416654][T12033] usb 4-1: Product: syz [ 549.420978][T12033] usb 4-1: Manufacturer: syz [ 549.429337][T12033] usb 4-1: SerialNumber: syz [ 549.436262][T12140] netlink: zone id is out of range [ 549.441506][T12140] netlink: zone id is out of range [ 549.466724][T12033] usb 4-1: config 0 descriptor?? [ 549.502906][T12033] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 549.524768][T12140] netlink: zone id is out of range [ 549.530398][T12140] netlink: zone id is out of range [ 549.544262][T12140] netlink: zone id is out of range [ 550.023619][T12151] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2918'. [ 550.111452][T12033] snd-usb-audio 4-1:0.1: probe with driver snd-usb-audio failed with error -12 [ 550.164868][T12128] loop3: detected capacity change from 0 to 4096 [ 550.291572][T12153] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 550.341515][T11325] usb 4-1: USB disconnect, device number 9 [ 550.536569][ T6617] udevd[6617]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.1/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 551.703862][T12175] loop4: detected capacity change from 0 to 512 [ 551.834816][T12175] EXT4-fs warning (device loop4): dx_probe:801: inode #2: comm syz.4.2929: Unrecognised inode hash code 255 [ 551.863984][T12175] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.2929: Corrupt directory, running e2fsck is recommended [ 552.069309][T12175] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 552.131627][T12175] EXT4-fs error (device loop4): ext4_iget_extra_inode:5040: inode #15: comm syz.4.2929: corrupted in-inode xattr: invalid ea_ino [ 552.213521][T12175] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 552.223756][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 552.223939][T12188] sctp: [Deprecated]: syz.0.2935 (pid 12188) Use of int in max_burst socket option deprecated. [ 552.223939][T12188] Use struct sctp_assoc_value instead [ 552.233033][ C0] EXT4-fs (loop4): initial error at time 1775656290: ext4_iget_extra_inode:5040: inode 15 [ 552.233198][ C0] EXT4-fs (loop4): last error at time 1775656290: ext4_iget_extra_inode:5040: inode 15 [ 552.236347][T12175] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.2929: couldn't read orphan inode 15 (err -117) [ 552.368008][T12175] loop4: lost filesystem error report for type 5 error -117 [ 552.385698][T12175] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 552.649976][T12197] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 552.669854][ T5787] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 553.354601][T11325] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 553.547905][T11325] usb 2-1: Using ep0 maxpacket: 8 [ 553.576503][T11325] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 553.594823][T11325] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89 [ 553.613890][T11325] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 553.634222][T11325] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 59391, setting to 1024 [ 553.653547][T11325] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 553.668879][T11325] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 553.732542][T11325] usb 2-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8 [ 553.775861][T11325] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 553.805651][T11325] usb 2-1: Product: syz [ 553.810045][T11325] usb 2-1: Manufacturer: syz [ 553.823911][T11325] usb 2-1: SerialNumber: syz [ 553.857045][T11325] usb 2-1: config 0 descriptor?? [ 553.865364][T12204] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 554.356578][ T29] audit: type=1800 audit(1775656293.063:141): pid=12227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2953" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 554.797876][T12233] loop3: detected capacity change from 0 to 2048 [ 554.871847][T12239] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 554.949632][T12233] NILFS (loop3): bad btree node (ino=16, blocknr=12): level = 0, flags = 0x0, nchildren = 0 [ 554.978361][T12233] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 555.006647][T12233] Remounting filesystem read-only [ 555.023400][T12233] NILFS (loop3): bad btree node (ino=16, blocknr=12): level = 0, flags = 0x0, nchildren = 0 [ 555.044235][T12233] NILFS error (device loop3): nilfs_bmap_last_key: broken bmap (inode number=16) [ 555.099618][T12233] NILFS (loop3): error -5 truncating bmap (ino=16) [ 555.387018][ T5778] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer [ 555.567800][T11325] rc_core: IR keymap rc-snapstream-firefly not found [ 555.583959][T11325] Registered IR keymap rc-empty [ 555.591349][T11325] rc rc0: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 555.685996][T11325] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input21 [ 555.851615][T11325] input: syz syz mouse as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input22 [ 555.890058][T12256] tc_dump_action: action bad kind [ 556.105466][ C1] ati_remote 2-1:0.0: ati_remote_irq_in: usb_submit_urb()=-19 [ 556.113162][T11325] usb 2-1: USB disconnect, device number 14 [ 556.994430][T12000] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 557.234314][T12000] usb 2-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 557.243593][T12000] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 557.314190][T12000] usb 2-1: Product: syz [ 557.318550][T12000] usb 2-1: Manufacturer: syz [ 557.323305][T12000] usb 2-1: SerialNumber: syz [ 557.369358][T12000] usb 2-1: config 0 descriptor?? [ 557.446447][T12000] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 557.488477][T12000] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 557.536717][T12000] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 557.574011][T12000] usb 2-1: media controller created [ 557.675685][T12272] dvb-usb: bulk message failed: -22 (7/0) [ 557.779276][T12000] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 558.147868][T12292] loop4: detected capacity change from 0 to 64 [ 558.183024][T12294] ieee802154 phy0 wpan0: encryption failed: -22 [ 558.347244][T12000] DVB: Unable to find symbol mt352_attach() [ 558.592722][T12000] DVB: Unable to find symbol nxt6000_attach() [ 558.609962][T12000] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 558.661863][T12000] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input23 [ 558.689535][T12000] dvb-usb: schedule remote query interval to 1000 msecs. [ 558.709218][T12000] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 558.743266][T12000] dvb-usb: bulk message failed: -22 (7/0) [ 558.765506][T12000] dvb-usb: bulk message failed: -22 (7/0) [ 558.808312][T12000] usb 2-1: USB disconnect, device number 15 [ 559.220006][T12000] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 559.528455][T12309] loop4: detected capacity change from 0 to 1024 [ 559.674689][T12309] hfsplus: bad catalog entry type [ 560.213445][T12321] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2996'. [ 560.542688][T12325] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2999'. [ 560.588115][T12325] Zero length message leads to an empty skb [ 560.695241][T12330] loop4: detected capacity change from 0 to 512 [ 560.781363][T12330] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 560.875639][T12330] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it [ 560.963958][T12330] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.3000: Corrupt directory, running e2fsck is recommended [ 561.072817][T12330] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 561.111387][T12330] EXT4-fs error (device loop4): ext4_iget_extra_inode:5040: inode #15: comm syz.4.3000: corrupted in-inode xattr: invalid ea_ino [ 561.183991][T12330] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 561.185413][T12330] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.3000: couldn't read orphan inode 15 (err -117) [ 561.194982][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 561.195072][ C1] EXT4-fs (loop4): initial error at time 1775656299: ext4_iget_extra_inode:5040: inode 15 [ 561.195237][ C1] EXT4-fs (loop4): last error at time 1775656299: ext4_iget_extra_inode:5040: inode 15 [ 561.270372][T12330] loop4: lost filesystem error report for type 5 error -117 [ 561.273317][T12330] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 561.518131][T12330] EXT4-fs: Cannot specify journal on remount [ 561.732358][T12350] loop2: detected capacity change from 0 to 512 [ 561.783579][ T5787] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 561.874371][T12351] mkiss: ax0: crc mode is auto. [ 563.256555][T12380] loop3: detected capacity change from 0 to 512 [ 563.307489][T12380] EXT4-fs: Ignoring removed nobh option [ 563.334758][T12380] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 563.386236][T12380] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 563.403918][T12000] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 563.415293][T12380] EXT4-fs (loop3): 1 truncate cleaned up [ 563.462741][T12380] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 563.588801][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 563.598698][T12000] usb 2-1: Using ep0 maxpacket: 32 [ 563.647795][T12000] usb 2-1: New USB device found, idVendor=2040, idProduct=d900, bcdDevice=a9.2c [ 563.678078][T12000] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 563.709590][T12000] usb 2-1: Product: syz [ 563.723253][T12000] usb 2-1: Manufacturer: syz [ 563.740722][T12000] usb 2-1: SerialNumber: syz [ 563.779422][T12000] usb 2-1: config 0 descriptor?? [ 563.825772][T12000] dvb-usb: found a 'Hauppauge MAX S2 or WinTV NOVA HD USB2.0' in warm state. [ 563.874243][T12000] dw2102: su3000_power_ctrl: 1, initialized 0 [ 563.891014][T12000] dvb-usb: bulk message failed: -22 (2/0) [ 563.934223][T12000] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 563.997063][T12000] dvbdev: DVB: registering new adapter (Hauppauge MAX S2 or WinTV NOVA HD USB2.0) [ 564.023083][T12379] dvb-usb: bulk message failed: -22 (3/0) [ 564.029804][T12000] usb 2-1: media controller created [ 564.068184][T12379] dw2102: i2c transfer failed. [ 564.079010][T12000] dvb-usb: bulk message failed: -22 (6/0) [ 564.101662][T12000] dw2102: i2c transfer failed. [ 564.117786][T12000] dvb-usb: bulk message failed: -22 (6/0) [ 564.134250][T12000] dw2102: i2c transfer failed. [ 564.144902][T12000] dvb-usb: bulk message failed: -22 (6/0) [ 564.175490][T12000] dw2102: i2c transfer failed. [ 564.180403][T12000] dvb-usb: bulk message failed: -22 (6/0) [ 564.202079][T12000] dw2102: i2c transfer failed. [ 564.228383][T12000] dvb-usb: bulk message failed: -22 (6/0) [ 564.248348][T12000] dw2102: i2c transfer failed. [ 564.264442][T12000] dvb-usb: bulk message failed: -22 (6/0) [ 564.284368][T12000] dw2102: i2c transfer failed. [ 564.289264][T12000] dvb-usb: MAC address: 02:02:02:02:02:02 [ 564.443170][T12000] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 564.632647][T12000] dvb-usb: bulk message failed: -22 (3/0) [ 564.672848][T12000] dw2102: command 0x0e transfer failed. [ 564.689505][T12000] dvb-usb: bulk message failed: -22 (3/0) [ 564.711216][T12000] dw2102: command 0x0e transfer failed. [ 564.753552][T12404] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3033'. [ 564.834320][T12404] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3033'. [ 564.835461][T12406] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 565.046845][T12000] dvb-usb: bulk message failed: -22 (3/0) [ 565.076470][T12000] dw2102: command 0x0e transfer failed. [ 565.097992][T12000] dvb-usb: bulk message failed: -22 (3/0) [ 565.113964][T12000] dw2102: command 0x0e transfer failed. [ 565.124090][T12000] dvb-usb: bulk message failed: -22 (1/0) [ 565.162744][T12000] dw2102: command 0x51 transfer failed. [ 565.490245][T12000] DVB: Unable to find symbol ds3000_attach() [ 565.520068][T12414] loop3: detected capacity change from 0 to 1024 [ 565.530955][T12000] dvb-usb: no frontend was attached by 'Hauppauge MAX S2 or WinTV NOVA HD USB2.0' [ 565.675636][T12417] xt_hashlimit: size too large, truncated to 1048576 [ 565.932310][ T12] hfsplus: b-tree write err: -5, ino 25 [ 565.943861][T12000] rc_core: IR keymap rc-su3000 not found [ 565.949651][T12000] Registered IR keymap rc-empty [ 566.005312][ T12] hfsplus: b-tree write err: -5, ino 4 [ 566.011128][ T12] hfsplus: b-tree write err: -5, ino 2 [ 566.049542][T12000] rc rc0: Hauppauge MAX S2 or WinTV NOVA HD USB2.0 as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0 [ 566.110466][T12000] input: Hauppauge MAX S2 or WinTV NOVA HD USB2.0 as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0/input24 [ 566.187839][T12000] dvb-usb: schedule remote query interval to 150 msecs. [ 566.225834][T12000] dw2102: su3000_power_ctrl: 0, initialized 1 [ 566.262999][T12000] dvb-usb: Hauppauge MAX S2 or WinTV NOVA HD USB2.0 successfully initialized and connected. [ 566.306243][T12000] usb 2-1: USB disconnect, device number 16 [ 566.834832][T12000] dvb-usb: Hauppauge MAX S2 or WinTV NOVA HD USB2. successfully deinitialized and disconnected. [ 567.116003][T12439] netlink: 'syz.4.3049': attribute type 4 has an invalid length. [ 567.152329][T12439] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.3049'. [ 567.557101][T12437] loop3: detected capacity change from 0 to 4096 [ 567.605495][T12437] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 569.064396][T12000] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 569.267129][T12000] usb 4-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 569.309216][T12000] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 569.335455][T12000] usb 4-1: Product: syz [ 569.339800][T12000] usb 4-1: Manufacturer: syz [ 569.360939][ T29] audit: type=1326 audit(1775656308.063:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.4.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c5eb9c819 code=0x7ffc0000 [ 569.364998][T12000] usb 4-1: SerialNumber: syz [ 569.415032][ T29] audit: type=1326 audit(1775656308.063:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.4.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f7c5eb59511 code=0x7ffc0000 [ 569.449575][T12466] loop2: detected capacity change from 0 to 256 [ 569.459638][ T29] audit: type=1326 audit(1775656308.063:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.4.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f7c5eb9d609 code=0x7ffc0000 [ 569.492667][T12457] loop1: detected capacity change from 0 to 8192 [ 569.509462][T12466] exfat: Deprecated parameter 'utf8' [ 569.522765][T12466] exfat: Deprecated parameter 'namecase' [ 569.532538][ T29] audit: type=1326 audit(1775656308.093:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.4.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f7c5eb58c6c code=0x7ffc0000 [ 569.562306][ T29] audit: type=1326 audit(1775656308.093:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.4.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f7c5eb58cce code=0x7ffc0000 [ 569.576220][T12000] usb 4-1: config 0 descriptor?? [ 569.646612][T12466] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36a12e94, utbl_chksum : 0xe619d30d) [ 569.652891][T12000] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 569.721453][ T29] audit: type=1326 audit(1775656308.093:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.4.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c5eb9c819 code=0x7ffc0000 [ 569.756765][T12000] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 569.813061][ T29] audit: type=1326 audit(1775656308.103:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.4.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c5eb9c819 code=0x7ffc0000 [ 569.825709][T12000] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 569.872414][T12458] dvb-usb: bulk message failed: -22 (7/0) [ 569.926303][ T29] audit: type=1326 audit(1775656308.113:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.4.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f7c5eb5957b code=0x7ffc0000 [ 569.929444][T12000] usb 4-1: media controller created [ 570.059230][ T29] audit: type=1326 audit(1775656308.113:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.4.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c5eb9c819 code=0x7ffc0000 [ 570.143899][ T29] audit: type=1326 audit(1775656308.113:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.4.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7c5eb9c4ab code=0x7ffc0000 [ 570.331497][T12000] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 570.908792][T12000] DVB: Unable to find symbol mt352_attach() [ 571.011924][T12489] loop2: detected capacity change from 0 to 256 [ 571.294647][T12000] DVB: Unable to find symbol nxt6000_attach() [ 571.300868][T12000] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 571.411475][T12000] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input25 [ 571.462443][T12000] dvb-usb: schedule remote query interval to 1000 msecs. [ 571.510508][T12000] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 571.556140][T12000] dvb-usb: bulk message failed: -22 (7/0) [ 571.562030][T12000] dvb-usb: bulk message failed: -22 (7/0) [ 571.668818][T12000] usb 4-1: USB disconnect, device number 10 [ 572.212740][T12000] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 572.667533][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 572.677175][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 572.790124][T12511] loop1: detected capacity change from 0 to 4096 [ 572.903620][T12520] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 573.067952][T12522] loop4: detected capacity change from 0 to 1024 [ 574.583526][T12554] loop3: detected capacity change from 0 to 256 [ 575.479196][T12566] [U] ^C [ 575.559927][T12569] loop3: detected capacity change from 0 to 256 [ 575.591338][T12569] exfat: Deprecated parameter 'utf8' [ 575.627648][T12569] exfat: Deprecated parameter 'utf8' [ 575.669335][T12569] exfat: Deprecated parameter 'utf8' [ 575.825902][T12569] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 576.560132][T12589] loop3: detected capacity change from 0 to 2048 [ 576.626047][T12589] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 576.695268][T12589] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 577.488901][T12601] loop1: detected capacity change from 0 to 512 [ 577.538111][T12601] ext4: Bad value for 'resgid' [ 577.557050][T12601] ext4: Bad value for 'resgid' [ 578.368692][T12613] loop3: detected capacity change from 0 to 512 [ 578.562497][T12613] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.3127: couldn't read orphan inode 26 (err -116) [ 578.636244][T12613] loop3: lost filesystem error report for type 5 error -116 [ 578.639420][T12613] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 578.747053][T12626] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.3132'. [ 578.764691][T12613] ext4 filesystem being mounted at /599/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 579.054440][T12630] netlink: 'syz.4.3134': attribute type 3 has an invalid length. [ 579.106560][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 580.321411][T12650] loop2: detected capacity change from 0 to 1024 [ 580.413182][T12650] hfsplus: bad catalog entry type [ 580.569780][T12648] loop4: detected capacity change from 0 to 4096 [ 580.960322][ T1048] hfsplus: b-tree write err: -5, ino 25 [ 580.991853][ T1048] hfsplus: b-tree write err: -5, ino 4 [ 581.016022][ T1048] hfsplus: b-tree write err: -5, ino 2 [ 581.552987][T12664] loop1: detected capacity change from 0 to 64 [ 582.245291][T12672] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3155'. [ 582.271917][T12672] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3155'. [ 582.313875][T12672] netlink: 'syz.1.3155': attribute type 14 has an invalid length. [ 582.354722][T12672] netlink: 'syz.1.3155': attribute type 13 has an invalid length. [ 583.343933][T11325] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 583.537993][T11325] usb 1-1: Using ep0 maxpacket: 32 [ 583.559648][T11325] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 583.592337][T11325] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 583.623609][T11325] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 583.671745][T11325] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 583.697940][T12699] loop1: detected capacity change from 0 to 1024 [ 583.716664][T11325] usb 1-1: config 0 descriptor?? [ 583.737400][T11325] hub 1-1:0.0: USB hub found [ 583.978525][T11325] hub 1-1:0.0: 29 ports detected [ 584.001350][T11325] hub 1-1:0.0: insufficient power available to use all downstream ports [ 584.421038][T12707] loop1: detected capacity change from 0 to 1024 [ 584.478003][T12707] EXT4-fs: Ignoring removed mblk_io_submit option [ 584.489602][T11325] usb 1-1: USB disconnect, device number 14 [ 584.508768][T12707] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 584.534443][T12707] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 584.616197][T12707] EXT4-fs error (device loop1): ext4_ext_check_inode:521: inode #11: comm syz.1.3172: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 584.687827][T12707] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 584.688656][T12707] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.3172: couldn't read orphan inode 11 (err -117) [ 584.698281][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 584.698367][ C0] EXT4-fs (loop1): initial error at time 1775656323: ext4_ext_check_inode:521: inode 11 [ 584.698522][ C0] EXT4-fs (loop1): last error at time 1775656323: ext4_ext_check_inode:521: inode 11 [ 584.766560][T12707] loop1: lost filesystem error report for type 5 error -117 [ 584.779582][T12707] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 584.807917][T12713] loop4: detected capacity change from 0 to 256 [ 584.874188][T12033] usb 4-1: new full-speed USB device number 11 using dummy_hcd [ 585.015238][T12707] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.3172: Invalid block bitmap block 0 in block_group 0 [ 585.057236][T12707] __quota_error: 11 callbacks suppressed [ 585.057320][T12707] Quota error (device loop1): write_blk: dquota write failed [ 585.098791][T12033] usb 4-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 585.125903][T12033] usb 4-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0 [ 585.137313][T12707] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 585.139953][T12033] usb 4-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 585.170919][T12716] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 585.196433][T12033] usb 4-1: config 0 interface 0 has no altsetting 0 [ 585.203310][T12033] usb 4-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00 [ 585.214737][T12707] EXT4-fs error (device loop1): ext4_acquire_dquot:7026: comm syz.1.3172: Failed to acquire dquot type 0 [ 585.233232][T12033] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 585.306383][T12033] usb 4-1: config 0 descriptor?? [ 585.637189][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 585.832982][T12033] holtek 0003:1241:5015.0001: hidraw0: USB HID v0.00 Device [HID 1241:5015] on usb-dummy_hcd.3-1/input0 [ 585.866335][T12033] holtek 0003:1241:5015.0001: no inputs found [ 586.035072][T12033] usb 4-1: USB disconnect, device number 11 [ 586.724218][T12033] IPVS: starting estimator thread 0... [ 586.865814][T12741] IPVS: using max 240 ests per chain, 12000 per kthread [ 586.944987][T12734] fido_id[12734]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 587.167082][T12751] comedi comedi3: pcmmio: I/O port conflict (0x8006,32) [ 587.611708][T12753] loop3: detected capacity change from 0 to 512 [ 587.627110][T12758] vivid-000: disconnect [ 587.642837][T12755] vivid-000: reconnect [ 587.658315][T12753] EXT4-fs (loop3): Test dummy encryption mode enabled [ 587.670577][T12761] netlink: 'syz.0.3195': attribute type 9 has an invalid length. [ 587.683904][T12753] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 587.704059][T12761] netlink: 4848 bytes leftover after parsing attributes in process `syz.0.3195'. [ 587.788719][T12753] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 587.851772][T12760] loop2: detected capacity change from 0 to 4096 [ 587.855715][T12753] EXT4-fs (loop3): orphan cleanup on readonly fs [ 587.920151][T12753] EXT4-fs error (device loop3): xattr_find_entry:337: inode #15: comm syz.3.3191: corrupted xattr entries [ 587.967851][T12753] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 587.968560][T12753] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 587.978107][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 587.978194][ C1] EXT4-fs (loop3): initial error at time 1775656326: xattr_find_entry:337: inode 15 [ 587.978349][ C1] EXT4-fs (loop3): last error at time 1775656326: xattr_find_entry:337: inode 15 [ 588.037286][T12753] EXT4-fs (loop3): 1 orphan inode deleted [ 588.124509][T12753] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 588.137946][T12767] net_ratelimit: 9 callbacks suppressed [ 588.138017][T12767] openvswitch: netlink: Actions may not be safe on all matching packets [ 588.526856][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 588.880363][T12779] loop3: detected capacity change from 0 to 64 [ 590.255998][T12798] loop3: detected capacity change from 0 to 2048 [ 590.382805][T12798] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 590.915787][T12798] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3209: bg 0: block 234: padding at end of block bitmap is not set [ 590.964841][T12798] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 426 with error 28 [ 590.983252][T12798] EXT4-fs (loop3): This should not happen!! Data will be lost [ 590.983252][T12798] [ 591.006488][T12798] EXT4-fs (loop3): Total free blocks count 0 [ 591.012646][T12798] EXT4-fs (loop3): Free/Dirty block details [ 591.020273][T12798] EXT4-fs (loop3): free_blocks=0 [ 591.026548][T12798] EXT4-fs (loop3): dirty_blocks=432 [ 591.031918][T12798] EXT4-fs (loop3): Block reservation details [ 591.039599][T12798] EXT4-fs (loop3): i_reserved_data_blocks=27 [ 591.287040][T12823] loop1: detected capacity change from 0 to 512 [ 591.453270][ T5778] EXT4-fs warning (device loop3): ext4_evict_inode:195: inode #18: comm syz-executor: data will be lost [ 591.605432][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 591.758477][ T12] ===================================================== [ 591.765873][ T12] BUG: KMSAN: uninit-value in n_tty_receive_buf_closing+0x77e/0xf00 [ 591.774454][ T12] n_tty_receive_buf_closing+0x77e/0xf00 [ 591.780281][ T12] n_tty_receive_buf_common+0x19c6/0x2610 [ 591.786339][ T12] n_tty_receive_buf2+0x4c/0x60 [ 591.791446][ T12] tty_ldisc_receive_buf+0xc6/0x2c0 [ 591.796934][ T12] tty_port_default_receive_buf+0xd7/0x1a0 [ 591.802897][ T12] flush_to_ldisc+0x43e/0xe40 [ 591.808050][ T12] process_scheduled_works+0xb82/0x1e80 [ 591.813889][ T12] worker_thread+0xee4/0x1590 [ 591.818717][ T12] kthread+0x53f/0x600 [ 591.823009][ T12] ret_from_fork+0x20f/0x910 [ 591.827908][ T12] ret_from_fork_asm+0x1a/0x30 [ 591.832834][ T12] [ 591.835553][ T12] Uninit was created at: [ 591.840050][ T12] __kmalloc_noprof+0x486/0x1680 [ 591.845262][ T12] __tty_buffer_request_room+0x3d4/0x7a0 [ 591.851042][ T12] __tty_insert_flip_string_flags+0x157/0x6e0 [ 591.857526][ T12] uart_insert_char+0x368/0x930 [ 591.862540][ T12] serial8250_read_char+0x1ba/0x670 [ 591.868181][ T12] serial8250_handle_irq_locked+0x6d4/0xa40 [ 591.874501][ T12] serial8250_handle_irq+0x187/0x730 [ 591.879980][ T12] serial8250_default_handle_irq+0x116/0x370 [ 591.886377][ T12] serial8250_interrupt+0xcb/0x420 [ 591.891711][ T12] __handle_irq_event_percpu+0x13c/0xf90 [ 591.897714][ T12] handle_irq_event+0xe0/0x2a0 [ 591.902607][ T12] handle_edge_irq+0x2a9/0xb30 [ 591.907778][ T12] __common_interrupt+0x9d/0x180 [ 591.912862][ T12] common_interrupt+0x94/0xb0 [ 591.917865][ T12] asm_common_interrupt+0x2b/0x40 [ 591.923073][ T12] [ 591.925805][ T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted syzkaller #0 PREEMPT(full) [ 591.935473][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 591.946379][ T12] Workqueue: events_unbound flush_to_ldisc [ 591.953524][ T12] ===================================================== [ 591.961246][ T12] Disabling lock debugging due to kernel taint [ 592.215720][ T12] Kernel panic - not syncing: kmsan.panic set ... [ 592.222313][ T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:0 Tainted: G B syzkaller #0 PREEMPT(full) [ 592.233417][ T12] Tainted: [B]=BAD_PAGE [ 592.237668][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 592.247852][ T12] Workqueue: events_unbound flush_to_ldisc [ 592.253830][ T12] Call Trace: [ 592.257191][ T12] [ 592.260197][ T12] __dump_stack+0x26/0x30 [ 592.264680][ T12] dump_stack_lvl+0x50/0x1c0 [ 592.269412][ T12] ? dump_stack+0x12/0x25 [ 592.273883][ T12] dump_stack+0x1e/0x25 [ 592.278173][ T12] vpanic+0x7b4/0x1430 [ 592.282421][ T12] panic+0x15d/0x160 [ 592.286516][ T12] kmsan_report+0x31a/0x320 [ 592.291218][ T12] ? __msan_warning+0x1b/0x30 [ 592.296057][ T12] ? n_tty_receive_buf_closing+0x77e/0xf00 [ 592.302038][ T12] ? n_tty_receive_buf_common+0x19c6/0x2610 [ 592.308094][ T12] ? n_tty_receive_buf2+0x4c/0x60 [ 592.313271][ T12] ? tty_ldisc_receive_buf+0xc6/0x2c0 [ 592.318774][ T12] ? tty_port_default_receive_buf+0xd7/0x1a0 [ 592.324892][ T12] ? flush_to_ldisc+0x43e/0xe40 [ 592.329858][ T12] ? process_scheduled_works+0xb82/0x1e80 [ 592.335713][ T12] ? worker_thread+0xee4/0x1590 [ 592.340698][ T12] ? kthread+0x53f/0x600 [ 592.345088][ T12] ? ret_from_fork+0x20f/0x910 [ 592.349992][ T12] ? ret_from_fork_asm+0x1a/0x30 [ 592.355084][ T12] ? __update_load_avg_cfs_rq+0xe9/0x1060 [ 592.360970][ T12] ? kmsan_get_metadata+0xf1/0x160 [ 592.366209][ T12] ? kmsan_get_metadata+0xf1/0x160 [ 592.371443][ T12] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 592.377395][ T12] ? kmsan_get_metadata+0x40/0x160 [ 592.382658][ T12] ? update_cfs_rq_load_avg+0x747/0x8c0 [ 592.388399][ T12] ? kmsan_get_metadata+0xf1/0x160 [ 592.393638][ T12] ? kmsan_get_metadata+0xf1/0x160 [ 592.398887][ T12] __msan_warning+0x1b/0x30 [ 592.403566][ T12] n_tty_receive_buf_closing+0x77e/0xf00 [ 592.409417][ T12] n_tty_receive_buf_common+0x19c6/0x2610 [ 592.415387][ T12] n_tty_receive_buf2+0x4c/0x60 [ 592.420390][ T12] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 592.426085][ T12] tty_ldisc_receive_buf+0xc6/0x2c0 [ 592.431429][ T12] tty_port_default_receive_buf+0xd7/0x1a0 [ 592.437388][ T12] flush_to_ldisc+0x43e/0xe40 [ 592.442204][ T12] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 592.448768][ T12] ? __pfx_flush_to_ldisc+0x10/0x10 [ 592.454094][ T12] process_scheduled_works+0xb82/0x1e80 [ 592.459847][ T12] worker_thread+0xee4/0x1590 [ 592.464696][ T12] kthread+0x53f/0x600 [ 592.468921][ T12] ? __pfx_worker_thread+0x10/0x10 [ 592.474184][ T12] ? __pfx_kthread+0x10/0x10 [ 592.478933][ T12] ret_from_fork+0x20f/0x910 [ 592.483661][ T12] ? __switch_to+0x51c/0x750 [ 592.488430][ T12] ? __pfx_kthread+0x10/0x10 [ 592.493176][ T12] ret_from_fork_asm+0x1a/0x30 [ 592.498128][ T12] [ 592.501634][ T12] Kernel Offset: disabled [ 592.505997][ T12] Rebooting in 86400 seconds..