last executing test programs: 12m28.780378925s ago: executing program 4 (id=8145): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SCAUSEDIAG(r0, 0x89ec, &(0x7f0000000380)={0x5, 0x14}) 12m28.362826674s ago: executing program 4 (id=8148): setfsgid(0xee00) setresgid(0x0, 0x0, 0xffffffffffffffff) 12m27.987665062s ago: executing program 4 (id=8153): r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x121040, 0x0) ioctl$SOUND_MIXER_READ_VOLUME(r0, 0x40086603, &(0x7f0000000040)) 12m27.532849866s ago: executing program 4 (id=8159): syz_mount_image$erofs(&(0x7f0000000140), &(0x7f0000000000)='./file2\x00', 0x300000c, &(0x7f0000000080)=ANY=[], 0xfe, 0x26e, &(0x7f0000000640)="$eJzsmL1rFEEYxp+Z/bicpyE2FjYWBlQk97HXpAkSQbASIfGr0sOsIWbNwd0K3oHEYGOjnYVgY+E/YBEwVQo7/QMCWqggKHiFhY3Nynzs7uR27261zfsrJs+9887MOw+zbxEQBHFg+frl9+en5+eXwYDDmEVJx79bAGNKcyP/04v7Z58vXHj55uPrdxvTD3fiuKX/iiVRZCxgwNSY820Au4sWNpOTktViCrP6xzK40D+EvgKOMzp+DQxVrW+B46rWPhhuaH3X0G2RX63eWQv86u12sCJEXQwNMXhiaOpUJy5isMWwooNRZIEZ9XP011tB4He6vUTYeq6XnRohomhcTmJsDg5cDBa5rBW707JC4eL1J4+3RCj2pq78kzTA0dD7NcGwpOPzKAlvADxSlhj3P27H9xcOpKgqs7f981bmiolJ959SYuFXbo54kEJ8QKfL9h062lAXShydK+R+RsRuD0/NZCLjBZe2DO3jxP51e32him5o/est1NORwh7xFllq5jnt7cSdK+Z1Kna3179U9BbPygAKFe/qaoanSjkVOplIgVvkCEutOjbYeZ/N+SZF3MmSl5k6FrHJR7Di78cp+NSD+EMMNv/rqQd+p4z+Oi/uWKnwR7S3rfpH9IrhFNL+YRv9oxbaqHV7/bm1e61Vf9Xf8LxmqZJ0PL9ekx062/iSfliW/emQsb+T3yrhchcPWmHYaajRZS7KCMOOJ397xmeztN3+eVMvC3ERwMn0WDfZ0cqW5aocLnOFOp1NQmVEhQRBEARBEARBEARBEARBEMPMGPoEmPwvqGDvCFDW8Wg/3mUZ/RsAAP//9IMvBQ==") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 12m26.787889988s ago: executing program 4 (id=8169): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000800)=@getae={0xdc, 0x1f, 0x1, 0x70bd28, 0x25dfdbfe, {{@in=@loopback, 0x4d2, 0x2, 0x2b}, @in=@private=0xa010102, 0x9}, [@mark={0xc, 0x15, {0x35075b, 0x5e89}}, @policy_type={0xa}, @tmpl={0x84, 0x5, [{{@in6=@mcast1, 0x4d5, 0x33}, 0x2, @in6=@private2, 0x3502, 0x0, 0x3, 0xf7, 0x8001, 0x40, 0x101}, {{@in=@local, 0x4d2, 0x2b}, 0xe, @in=@remote, 0x3505, 0x3, 0x0, 0x80, 0x8, 0x6, 0x7}]}]}, 0xdc}, 0x1, 0x0, 0x0, 0x20040840}, 0x4000010) 12m25.682120243s ago: executing program 4 (id=8181): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x802, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x2, 0x0, &(0x7f0000000380)="59a8"}) 12m24.817120462s ago: executing program 32 (id=8181): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x802, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x2, 0x0, &(0x7f0000000380)="59a8"}) 9m40.933523398s ago: executing program 1 (id=9892): r0 = socket$igmp6(0xa, 0x3, 0x2) getsockopt$MRT6(r0, 0x29, 0xce, 0x0, 0x0) 9m40.625194711s ago: executing program 1 (id=9898): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x8, 0x6, &(0x7f0000006680)) ioprio_set$pid(0x3, 0x0, 0x2000) 9m40.267475775s ago: executing program 1 (id=9903): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@ipv4_newnexthop={0x18, 0x5e, 0x103, 0x0, 0x25dfdbfb, {0x2, 0x0, 0x1, 0x0, 0x12}}, 0x18}, 0x1, 0x0, 0x0, 0x200444c1}, 0x20004040) 9m39.903852745s ago: executing program 1 (id=9907): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x2000004, &(0x7f0000000500)=ANY=[@ANYBLOB="00e3078fbb81fca067351e718b1742354077ee6bdefb8addaf7c0c235850b66dac0ba564a370a77264f1a57d44c84efc49fa6c64b9351ea8fd59a458a7791fedcc466b0eab6ca6dd32fcc642517fa3219450b91e3118bf2b9d3cfa562ea44c058252d29181c81c637c6ba7d179122eee61e5c9f68165b6abd469da8d90c0632f7265bb040411d5748c475bb33a7ce77afb2ea533f1653d8cb67dad989bb0a1c16881f0d91d6cbd3751c289aecf4a00"/185, @ANYBLOB="b12398658f5ec6488081d04c33b5a507b1cac8c4376c1895046a1e6e068e53d002eb4279796b4c014f4febee026f87bd0eea7d27598f7ff2687552fdd651", @ANYRESOCT=0x0, @ANYRES64], 0x1, 0x497, &(0x7f0000002480)="$eJzs281vG8Ufx/HPbGJnk/b3w31yC6qEJSSKiiix05I+gRRa0iL1gbYJAqEWhcYJVhMnitOqraCtxKFHoEggJA7l0AtCVZHgAgcOcOM/4MKtBy6YEycQms2sd+26JK0fEjfvl5R4vPv17uzM7OysdywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC9/MpQf9Ysdy4AAEA7HTt1sj/H9R8AgFVlhPt/AACA1cTI0ycy+uHTsjkavF/gHykUz18cPThc/2O9JvhkVxBv//xsbmDnrhcGd4ev//35Zntcx0+NDGUOzEzPzuVLpfx4ZrRYODsznl/yFhr9fK3tQQFkps+dH5+YKGVyOwaqVl9M3e1Zk07tG0zvfzqMHT04PHwqFtOdeOi93+N+I/ykPF2XUfnj2+aYJE+Nl8UibafVeoOD2B4cxOjB4eBApgpjxXm70oQF4VWXSTIsozbURUM2SjZfJtmce7aEPJVktCldNscldYXl8GzwxfDiG/Cako0HZvN5WlJGHVBnK1iPPO2S0Y09Kb1myyys/27p/eXOHFquW55uy2jbS2VzIugP7Plku80jr2deLU7MxGKNcWdUp18f2mmF902+PB0LzviyObncmUHb2cHSaRntHLkQjCsUjEsf2zd46PBIfISxeZHt2NgdLr2Ua3IiNnQwyzSGAAAAAAAAAB51vvGC7+I+/8YP3mfcMyCsEsbT8zL683A5eDQen5fQFZvfUdHpz35am/9e/8DM7KW5wuS783XX9/lD75Tm58bO1l+tXnvyVX0dvtg8hgYljKfdMrr6z51ovylj064biHZ0a3+UN9/UrA3azf8X5rOEzxD2Dm+Op+tm+QGej6XcfumfgOYwxtOQjCa+3+LmfvTpnj7IxX0roz9ubnVxXtIGhadpKvjvTxSm8v029icZffl3GBtMM9MaF7shis3aWE9GHx2tjl3rYjdGsTkbe0hGP5+pH7spih2wsR/IaPb3TBjbZ2OfdLHpKHbH2Zmp8ZYV8Apn+/8rMlr/YsaEdenKy3WzXZXYW+9F/f212g3dp89vtP9PxZZdc+3wrm2vZ7YEbS9or1799npdRl9/t9XFLbSVpFu/Lvgftdc3ZDT5S3Vsn4tdH8Vml1ywHcLW/9syyhXvVMrG1b+rgdj1P1b/T9S2jhbV/7rYspTbb09zDh2SSpcunxubmsrPkSBBYgmJHq2IbCySCPvlh9/OMndMaAt7/f9MRm+e+LUy3nHXfzesjsZ/f12Jrv97azfUouv/+tiyvW40kuiW/Pnp2URa8kuXLj9XmB6bzE/miwO57J7+PTsHs4lkOLaLUg0X1SMp4e7VLnz4VeX+rHr8V3/831e7oRbV/waXzXCfUSfVlMNf9Wz9/yajt368U7mPtvV/sxJRPf4P77OeeWrhtXJ+tqj+N8aWpdx+/9eE4wYAAAAAAAAAAAAAAACATpcwnm7IyD/dbcLfRi1l/t89P5hq0fyvdGzZeJt+r9BwoQJAB/Dk6QsZbVPZXLUL1kpH4694pP0bAAD//3VdHM0=") mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x80, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 9m38.911076546s ago: executing program 1 (id=9918): r0 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x5) ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f00000000c0)) 9m38.14776831s ago: executing program 1 (id=9922): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000040)={0x1, 0x0, 0x800, 0x1, 0xad9}) 9m37.426809544s ago: executing program 33 (id=9922): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000040)={0x1, 0x0, 0x800, 0x1, 0xad9}) 5.340763826s ago: executing program 6 (id=16151): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000880)=ANY=[@ANYBLOB="14040000100001002cbd7000fedbdf25070000000200000008000000", @ANYRES32=r0, @ANYBLOB="f4031a80f0032d80"], 0x414}], 0x1}, 0x0) 4.688068022s ago: executing program 6 (id=16159): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x114, 0x2e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x104, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x16}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82", @typed={0x4, 0xe9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0) 3.997003262s ago: executing program 6 (id=16164): syz_mount_image$bfs(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x808010, &(0x7f00000002c0)=ANY=[], 0x1, 0x9b, &(0x7f0000000000)="$eJzs0s3NAQEQBuD324/gYBtw0IEatCKO3JyIREVaUYJECW7isrJhIyjAT54nmZlM3sscZnfeDlIm1SapniyWq9lkfu3p58E4/IIiSSdJN8mwvO/J4fYFyf64njZVJ3+nJgEAAL5JkVE9/l+TVpJekvYbrgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4HJcAAAD//yc5MPk=") mknod(&(0x7f0000000180)='./bus\x00', 0xc000, 0x100) 3.297658103s ago: executing program 6 (id=16175): r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc0045540, &(0x7f0000000080)=0x2) 2.945995846s ago: executing program 2 (id=16179): mkdir(&(0x7f0000000200)='./file1\x00', 0x0) setxattr$security_evm(&(0x7f0000000240)='./file1\x00', &(0x7f00000002c0), &(0x7f0000000340)=@v2={0x5, 0x3, 0x11}, 0x9, 0x0) 2.818321127s ago: executing program 6 (id=16181): flock(0xffffffffffffffff, 0x5) syz_usb_connect(0x2, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000001018610f4205ae06d6c010203010902240001010010000904690202ff5aa30009050402100000fa000905820240"], 0x0) 2.590901155s ago: executing program 2 (id=16183): creat(&(0x7f0000000100)='./bus\x00', 0x8c) mount$nfs(&(0x7f0000000000)='^)&\x00', &(0x7f0000000180)='./bus\x00', &(0x7f00000001c0), 0x2, &(0x7f00000002c0)={[{'\x00'}]}) 2.436599512s ago: executing program 2 (id=16185): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)={0xcc, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0xb}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @local}}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x20000}, @CTA_NAT_SRC={0x38, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MAXIP={0x14, 0x5, @remote}, @CTA_NAT_V6_MINIP={0x14, 0x4, @empty}, @CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e21}]}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x20004804}, 0x0) 2.169097611s ago: executing program 2 (id=16188): r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) read$FUSE(r0, &(0x7f00000024c0)={0x2020}, 0xfffffec1) 2.125394932s ago: executing program 7 (id=16190): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000500)=@newlink={0x48, 0x10, 0x1, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2180, 0x10d36}, [@IFLA_IFNAME={0x14, 0x3, 'netdevsim0\x00'}, @IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_TRUST={0xc, 0x9, {0x4, 0x8}}]}]}]}, 0x48}}, 0x0) 1.90825484s ago: executing program 0 (id=16191): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$UHID_INPUT2(r0, &(0x7f0000000040), 0x6) 1.860149453s ago: executing program 5 (id=16192): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000080)={0xa1, 0x0, 0x802, 0x0, 0x0, 0x4, 0x0}) 1.818660527s ago: executing program 3 (id=16193): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x25dfdbfc, {0x7a, 0x0, 0x0, 0x0, 0x0, 0x4600}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_LAST_MEMBER_CNT={0x8, 0x31, 0x9}]}}}]}, 0x3c}}, 0x4094) 1.664513303s ago: executing program 7 (id=16194): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1bfde, 0xe1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_HELLO_TIME={0x8, 0x2, 0x4}]}}}]}, 0x3c}}, 0x0) 1.56439002s ago: executing program 0 (id=16195): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000cc0)=@newtaction={0x84, 0x30, 0x12f, 0x0, 0x0, {0x0, 0x0, 0x1be}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x5c, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x4}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x0, 0x700}}}}]}]}, 0x84}}, 0x0) 1.521477592s ago: executing program 5 (id=16196): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x400) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000180)={0x0, 0x58}) 1.375195979s ago: executing program 3 (id=16197): r0 = socket$l2tp6(0xa, 0x2, 0x73) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @mcast1, 0x8}, 0x1c) 1.261408852s ago: executing program 0 (id=16198): r0 = fsopen(&(0x7f0000000380)='binfmt_misc\x00', 0x0) close(r0) 1.22501277s ago: executing program 5 (id=16199): r0 = io_uring_setup(0x1a03, &(0x7f0000000080)={0x0, 0x10007e4b, 0x1000, 0x3, 0x162}) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x1ef6e3}], 0x100000000000011a) 1.079781265s ago: executing program 7 (id=16200): setresgid(0xee00, 0xee01, 0x0) setregid(0xffffffffffffffff, 0x0) 1.036256221s ago: executing program 3 (id=16201): r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0) ioctl$TIOCGSID(r0, 0x5429, 0x0) 976.290977ms ago: executing program 6 (id=16202): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90647, 0x180}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_NUM_PEER_NOTIF={0x5, 0x10, 0xfe}, @IFLA_BOND_AD_LACP_RATE={0x5, 0x15, 0x1}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x690}, 0x20048040) 969.840957ms ago: executing program 0 (id=16203): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_ACTIVATE(r0, 0x4b44, 0x10000000000004) 830.317358ms ago: executing program 2 (id=16204): syz_mount_image$hfs(&(0x7f00000007c0), &(0x7f0000000000)='./file1\x00', 0x30008c0, &(0x7f0000000980)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030373737372c6469725f756d61736b3d30303030303030303030303030303030303030303030302c696f636861727365743d69736f383835392d362c636f6465706167653d63703835352c63726561746f723d4ddd71752c00eeabc72a9832436950c6116498dda8be60a94746ea68766f63d1d63944fbda2a9337439b37b6f2a694ba98f40070d09c3890bd28a2018f1adfe1e0a630020a9cac1a43800a70a9328ddb2a2f2e207da7cd3caf243b39eaff4966b7aa97cb6cc7d2cfc59e7a976de0a00d23c7ffaaa056cc4f8bc7b4c0f9a21db642b3e832e30a90ba1b9e7933b77c60f6a1b9ca9128f0a2d0e23373c9d15c79865bae97ddd82b98001b6aa9c5390e4deaf5f0ee492c6842b1c08486e479a889491459a257e9d4083634dac6cd58520f72e6c2f11bbd5b03655bb1863b16f3", @ANYBLOB="11f4579be01e435c584a33c63f8173f96bc4546035804d47be19163bd9e589bfdd0a9e6804495a4e4d83804e78ac5a72446295afd79de3fd6a02932a26ab4045133c371e56b0d48544db3c7db23a432f837b93f89b6f223cd1f6731d407ffdb1dd9467f5cd2d6c4e8b9d4f50d338ac91501a4bb780c4723929e22f55254546facc4f0284e644e6", @ANYRES8, @ANYRESHEX=0x0], 0x11, 0x314, &(0x7f0000000b80)="$eJzs3U1rE08cB/Dv7KZN+m/pf7UVwYNINWAvovUiXiIlL8KTqE0KxSWitviAYBVPIvbu3aNXX4N4UQTP9eRJPHiqBxmZh2SfN6lmd1P9fsCy2dmZ/e3OzlPALIjon7Xa3n11/ov6JwAXLvDsIuAAaAA1AEdwtLHV29zY9LudvIJcHK+bXAImp0gcs9brpmVtwOawPPWphrnwPiqGlPLS56qDoMrp1i/d6M4Tuieo29apExsVxZfl8f6zfJsBsF1EMBMlv6bEHvZwD/OlhUNERBNJmPHdseP8nJ2/Ow7QtIOJSpu48f937VUdQOFkbmpo/NerLClUvf+vk4L1nl7CqXSnv0pMK+t17PNU7PM0zNMTmV2KYatKHYszs77hd8+s3fQ7Dp6gZYUOW9R/O/bxtCLR1hNFL6WsTXMMSpvJPESkzyhn9TVMqWtYMfHfBRCJfyH3jAUQ78QHcUV4eInOYP5Xk0JVk64pL1ZTJv6z2SXqq/TUUbDdRqvVciKHHNInOWbPYA25ygbcrDNO2zIjXxB4w+LUuQ7HcpmrOzck10JqrhW9vQwnI9diJJe6mvUN/232qUohXojLYglf8Qbt0PzfUfE1kWyZoYc+aDWiaYYCfcdV64zWbEitaXsiPXJsfdp9aPYnm8vgLiYbrPUjv0+jfXiO67iA+Tv3H9xwfb97W21c89XjqjcGe27N2Q2/O/UUCCdNyga2gz11SC1xcH9QKjOw5bEWqPqPlCTVsHrf+3tUKxtW4KM/jUf1A4XeutkRrmJ/G/2uazwFtt+P50HqTxsiST+llCU2oh17Z+JJ1XRLVK6g0kc7PmWqQwebqlJh1n/BeqVmJnvqj5c6Tx/xiwBbolRz7MEKLsgrzYwcwH85K7i0YjNXcMk1V2LNqNdcJ08Dp0Y/o2fj/EuINj7iKr//JyIiIiIiIiIiIiIiIiIiIiIiIiI6aMr4zzBVXyMRERERERERERERERERERERERERERER0UG32oD53Wv03/+L0d7/G38Vi2t+Enws7//d6YHv/yUq3q8AAAD///B/c8c=") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) 825.521892ms ago: executing program 3 (id=16205): r0 = socket(0xa, 0x3, 0xff) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback={0xff00000000000000}}, 0x1c) 747.780576ms ago: executing program 7 (id=16206): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x58, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x3}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000805}, 0x800) 686.26791ms ago: executing program 5 (id=16207): r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0) ioctl$RTC_IRQP_READ(r0, 0x8008700b, 0x0) 565.147431ms ago: executing program 0 (id=16208): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[@ANYBLOB="540100001800010027bd7000fddbdf251d0107001e0106000701ff02ff71ec6d721744cd5200080000f8cfcad4c4ec6511ec028c5028564abce83afe14c93e15e556c2baed7f897fe841c155a2b2a4b9f3052995cdf66a9c7922ff0300005b6c67281f1519cd7c32c2bf7563b9452575505da99ea128d37616896be8764a2c78edbad5bde7a5e405bdc893770338925f824bd24689c0d11a5568fc3aaa9ad0d7766d8ea8d3bf1006e3df494e2f373148ecb4adafdd39874e9808b118301f1e76054a64c6d243523f5de7b347f3b740e105d0ed18fae7289635301ebd8949268090b3bcd4cbed5f1cfe93cff41a9630882f96defe9e8ea850370fac3fe301953a8abaafa1f121e590f74e28233f4129d4587eee87ec5d42c3ef0619022c035c8d03000000000000002a5e15c8a95d29e5b2ea000008000500fd01f50f15000300030000200503000054831bdbae1d82b30700"], 0x154}}, 0x240448c8) 524.553688ms ago: executing program 7 (id=16209): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x2, 0x6, 0x540, 0x1e8, 0x2d0, 0x2d0, 0xf8, 0x1e8, 0x470, 0x470, 0x470, 0x470, 0x470, 0x6, 0x0, {[{{@ipv6={@mcast2, @ipv4={'\x00', '\xff\xff', @remote}, [0x0, 0xff, 0xff000000, 0xff000000], [0x0, 0xffffff00, 0xffffff00, 0xffffffff], 'gretap0\x00', 'batadv_slave_0\x00', {}, {0xff}, 0x2b, 0x5, 0x1, 0x18}, 0x0, 0xd0, 0xf8, 0x0, {0x7a00000010000000}, [@inet=@rpfilter={{0x28}, {0x1}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@dev={0xac, 0x14, 0x14, 0x2f}, @ipv4=@multicast1, 0x2a, 0xe, 0x2}}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0xb4}, @initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}, [0xff], [0xffffff00], '\x00', 'bond_slave_0\x00'}, 0x0, 0xa8, 0xe8, 0x48000000}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0xb, 0x1, {0x400}}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @HL={0x28, 'HL\x00', 0x0, {0x2, 0xf}}}, {{@ipv6={@mcast1, @private0, [0xff000000, 0xffffff, 0x0, 0xffffff00], [0xffffff00, 0xffffff00, 0xff, 0xff000000], 'pim6reg1\x00', 'hsr0\x00', {}, {}, 0x6c, 0x80, 0x5, 0x61}, 0x0, 0xa8, 0xd0}, @HL={0x28, 'HL\x00', 0x0, {0x0, 0x4}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5a0) 432.95669ms ago: executing program 3 (id=16210): r0 = syz_open_dev$I2C(&(0x7f0000000140), 0x5fc8, 0x200) ioctl$I2C_SLAVE_FORCE(r0, 0x706, 0xb) 419.249402ms ago: executing program 5 (id=16211): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x22000) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f0000000040)={0x7a, 0x81, 0x2}) 210.817898ms ago: executing program 5 (id=16212): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000280), &(0x7f00000003c0), 0x2000000}, 0x20) 187.902595ms ago: executing program 7 (id=16213): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000240)={0x3c, 0x25, 0x1, 0x70bd2c, 0x25dfdbfe, {0xb}, [@nested={0x28, 0xe, 0x0, 0x1, [@nested={0x4, 0x7d}, @generic="ed083ef6b5175e0bd5221d2c4c3ba91942a470eae40e0cbed516f822ad21dd39"]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000004) 144.300961ms ago: executing program 0 (id=16214): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001d00)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8fff7ff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b70500000000e000720a23fe000000008500000012000000b70000000000000095000000000000004e6258941c823b7505608556ba4ababb42684e890d31ae450400373a0a5447a801b8c1c4f0c4bd97c6555e61345400f9bd42abeb9ade0105000000000000a21902ff07000094a2b51c21df74924f5436a6ed89b98f75e800230c49c90fe1336481f3b92a63336c36fcd745d61d7739c6554ca201000000bebbe8282f8b1e26407437a397bf8f50e87ed4d27adfd876bffc402887781979461c4363bc5c9b6202ea471428197ef88bc333fbcec0ea4334f1ddb9d679ae95a90fd41d528f58d305000000435883df6c10ce86188c92292b2d0226082960be682836bdff8b0971f2a5405e453228e7b1005bd73479358a90df3e481947de6453736aa572158af6ea63d6d418fbbd2bba050000001da000ef78df03000000d19913a5fb03c79dac2e489f68127892658115e7ffb588a71dffffff951b8535167ab8069a2c92a3aa18e22517000026637b4c34bf2d0aa304ed42bf70480e9e97203fd169411f37fddd1f7fbe16dbbc0f307bceb5064f388a0350c3dc928b0e638b1e2b2a9d25264233e5d45eb377f56b95241024dbe30f67191c2b56b70328d6d3215dfffe5d89af1d10599bd494d921d1fb2db99b6aba0fa978f41eb1d4c553e5a9326ed550c13f8dd36716a899a1e79234294707c5312b924d142c17b20bb80ee202222c03fa84ccc374e717f694018630366397266090a82343aedfbf7afe892390c2eb775b0d16073da2229958db05de7df6ab7600004000010000006d8081cb3bf251d906c00da0e23b50465f8394820be571e3592d0000c7ef10fdc462e7040e7074ec43aa461fc54401a76406db718d4efd6c1bd10ce1d087cf9bba461162555a95524c84df0952d32093082b7aa71304e0d2d9ec310d1b676b378a5879e47941de1a28c3a8f400000000000000000e032b7d2badd0bc6617a859b7ac273b6304555f664469cec152030f06cc0ca1765838eb5590264736fbccfc3a8f4e3b10daf6a275daf5db2dac7096fe8ac8876acaad043663b3b0fedb05e6d31408fa20140c9d2db1c59ac8a3ce28e489d67d87d3a107ccea3007f58f2c5017e8807107f79ac50cc1d4f546b4443d137eb706b71b1767a10cca7a7c82b76c96e874aff249f36329a6526b354b6e674b08f7ef492b804c4b08fb10de807d79fd782027318cd7632e22d2faa16209272b39b5ec8d239832ea02cc88e249a2e77753a58987547571fbc8de747faab724bebb6401412b496e078fcb6c78ab447e871b76a8b0506f49594aa1d610567e14d739a60ff3ce04d0d2e5681e787c7e1ad25467bb81f2f440128207fe07a83759ec30cf9e0a3fd3f2fcee97fe8d273f8e712a8a64eaf2d89a1fa44554357fcd7ab531ff7a41c27164fca430a62d015b477de61853f5ee2e25b00a63642ec32ece2ff3bb5883deb895f52a923b5c744d8dccdd6a09ded8b90f1eeda8e6e884a4f090edb6ab9fc8107846508d51f3735493d5860cf80200ce31b92eb3563d485b5a7d192092d7a9fd2bc67d305d1d4573aad5f6501d1cd27657ce17330402dacb78d72d776330711645eed7d4c292f4448733c0826c4eb950f3d40457f82d7f792d106518f6bde874aff9e2bea7d73f74bebeeacfc700000000000000000000d40d73be47803297db004264c8c70b7761b22a7114a078a87d63d63b0c9dcc263a5b773bfeba212abef4181ad9e4872e328c0f105d51e3d167a2b717051d7681ba04552eeba18a000000b22b50d76d85040c9000ea68a528049a60d5e26b20455194f4be3b8466fd66d0e6cefcff7891c485d61cb66f4076cd60a22733cb00cf7cc12ca7d9bb864c0e650236a79a5c85349a9b1e6bbc3bace197e72490c566431cd3a08e9d1b641c1ba1f661d01573b904c3fa1427370fa15cecd294ac21fefe3d161fdf58e8bc5957ef145839f4370176e1be88d2e3516a1998c1621a00b4438b85a4dfee6f61827a1e50e158038b037dfda3ffb35069e41fc740ae720800de53948f176c3c15f3a529c02434b920d87f12a6e3420a2fdcb3559e7a5b1ddbb06b7a5977f63bfac701e673bf626d126b213c92e7169a930beb8d76f9db34e8098bea301baa96916d6458c923866dc192928b320738d1b298fb55f2a64500000000000000000000000000509885a38d9d995a46817e7ff7acddcc5f9253c63f86baf33f92820c9ff497cf76b6482c3ab53fb6ecea6d220b91b99b2fb4279ab09ae0645ab92df309000000000000a4868411948f8e3e259b717d722a1eebd3f6860a17f1ae9e10a1178f6aef4951b192d13e9600c1f700ca7b1d127e451034469bf2a8f93dbae6ad8e932e431dc18323794156238625bb9c45c5a76a68a8646e701b29a71ffbd854f50f195823106a5625ff94221f1f04c72525b50aae69081de9626de9847bf53475d90642d9730101d80b1b0000000000000000822b0641698d60160d9157548302dd2636d12c431f96728ae4a45361e6d47a1c4a52d67c0f0a62585c09fcfd70d0f249f87c44b47283c1c6f2430d70c751e4ada9b646e6e7c1719faee476d88a2943c71a21db55b7497dd7ed385ac2e8cb916390a3a0ed52e7371e1a141e69afa07b46ac20f3521fb251b72c82ee1c7eb4f67c0deed5618d0db925ce7a7c50a99835544c540f5d528587d1a26e78df1bc9a8e4d90c57d0b8122eae7b23e4456624f5337c16c42648c7a3d0b799ad409befe0cbe2aa781ba826918df7aa80dff4f62258e54419629eb1d37de7f6a3512bd618781d1ad3a4d4b0da44df9f9a93f0487f79a9b16dfa6f68b06ce6a96ca344d194cded05702c2300d1a4f451b33830765f8131f6c28fada65701851bba089b8a8347900e72d68cea965feb6a06225dd3f0e135323a5bde3b43c9d242b73abf9e05336af040a4a6bb5918146393f1d50705c1d1e986bf2f690de51ee8727d37339df5391db535bb1e9bb3e5dadb6e5a2bb4faa2dcbc6ca9b40ac96e448b9dadeb08fc2cf3a960f22bf20b9e967b7a75687372b8e3edc543896c360674d901a7f56b07ba1479b46eea3d94026a9c7e670ab40bb2c1ca1a7c90299361239bef773140af974c7efc285a64633d21513481b3ac62dec9fa3e8ce6156d76b82baa145bc550b0ccbc0934ccfea45292caa2f0654fe18dc0669a4f2af9fa232a293ad94261f55675cc686db72783a6bacc0df6a1ea943ae266af112f35319980cd681811a369e0d03cf7d22bed7cbe1afe498b88942b1bf7edae441a0d0d88fce65cb4e848793a28cbd7373f6acd3b5a48c034e487750388929d37fa3165f205dab3be5f3e5781a84298687cbf02dcaf0e14a2b260293f349d076eb75a2ddc5382d106f0beea02aa45018fe36d1176cf7704383b6922d10dc80bc7feca3982ae232d4bb47c722c83a7cf6ee8832f038b072eb803a47cd7f753e80c9f6eedb8"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1d4}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x300f000, 0xe, 0x0, &(0x7f0000000080)="0069c2704ade28eddb0000200000", 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) 107.848977ms ago: executing program 3 (id=16215): r0 = syz_io_uring_setup(0x45, &(0x7f0000000300)={0x0, 0x0, 0x40, 0x2, 0x18}, &(0x7f0000000100), &(0x7f00000000c0), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x22, &(0x7f0000000200)={&(0x7f0000001000)={[{0x0, 0x0, 0x1}]}, 0x1}, 0x1) 0s ago: executing program 2 (id=16216): r0 = socket(0xa, 0x3, 0x1) ioctl$PPPOEIOCDFWD(r0, 0x541b, 0xf0ff1f00000000) kernel console output (not intermixed with test programs): luetooth: unknown link type 128 [ 1815.931811][ T8765] netlink: 4 bytes leftover after parsing attributes in process `syz.7.14869'. [ 1815.941542][ T8765] openvswitch: netlink: Unexpected mask (mask=c0, allowed=10048) [ 1816.002382][ T8770] loop3: detected capacity change from 0 to 64 [ 1816.024244][ T8770] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 1816.264924][ T8774] openvswitch: netlink: Tunnel attr 3 has unexpected len 0 expected 1 [ 1816.696978][ T8780] loop3: detected capacity change from 0 to 4096 [ 1816.730374][ T8780] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 1816.899659][ T8780] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 1816.918816][ T29] usb 3-1: new high-speed USB device number 83 using dummy_hcd [ 1816.934800][ T8780] ntfs3(loop3): mft corrupted [ 1816.953820][ T8780] ntfs3(loop3): Failed to load $Extend (-22). [ 1816.979751][ T8780] ntfs3(loop3): Failed to initialize $Extend. [ 1817.085803][ T8780] ntfs3(loop3): ino=1e, mi_enum_attr [ 1817.109575][ T8780] ntfs3(loop3): ino=1e, mi_enum_attr [ 1817.127705][ T29] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1817.177373][ T29] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1817.209091][ T29] usb 3-1: Product: syz [ 1817.224468][ T29] usb 3-1: Manufacturer: syz [ 1817.242600][ T29] usb 3-1: SerialNumber: syz [ 1817.314703][ T29] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1817.436633][T24930] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1818.117964][ T8806] loop0: detected capacity change from 0 to 24 [ 1818.158930][T29200] Bluetooth: hci3: command 0x0406 tx timeout [ 1818.247751][ T29] usb 3-1: USB disconnect, device number 83 [ 1818.333655][ T8778] loop5: detected capacity change from 0 to 32768 [ 1818.487165][ T8778] ea_get: invalid extended attribute [ 1818.520388][ T8778] ffff888055ace4b8: 04 00 00 00 .... [ 1818.596963][ T24] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 1818.693113][T24930] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 1818.717049][T24930] ath9k_htc: Failed to initialize the device [ 1818.745941][ T29] usb 3-1: ath9k_htc: USB layer deinitialized [ 1818.798090][ T24] usb 7-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 1818.843240][ T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1818.873181][ T24] usb 7-1: Product: syz [ 1818.892268][ T24] usb 7-1: Manufacturer: syz [ 1818.910581][ T24] usb 7-1: SerialNumber: syz [ 1819.110193][ T5773] usb 4-1: new full-speed USB device number 85 using dummy_hcd [ 1819.209170][ T24] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO [ 1819.253902][ T24] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71 [ 1819.297508][ T24] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 1819.315060][ T5773] usb 4-1: not running at top speed; connect to a high speed hub [ 1819.349584][ T5773] usb 4-1: config 2 has an invalid interface number: 195 but max is 0 [ 1819.353611][ T24] lan78xx 7-1:1.0: probe with driver lan78xx failed with error -71 [ 1819.380832][ T5773] usb 4-1: config 2 has no interface number 0 [ 1819.410721][ T5773] usb 4-1: config 2 interface 195 has no altsetting 0 [ 1819.420491][ T8834] netlink: 'syz.0.14895': attribute type 1 has an invalid length. [ 1819.464171][ T5773] usb 4-1: string descriptor 0 read error: -22 [ 1819.480232][ T24] usb 7-1: USB disconnect, device number 17 [ 1819.499878][ T5773] usb 4-1: New USB device found, idVendor=041e, idProduct=401d, bcdDevice=c8.6b [ 1819.518582][ T8834] netlink: 244 bytes leftover after parsing attributes in process `syz.0.14895'. [ 1819.538615][ T5773] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1819.622933][ T5773] gspca_main: spca505-2.14.0 probing 041e:401d [ 1819.942826][ T8846] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14901'. [ 1820.046909][ T8848] nbd: couldn't find a device at index 17 [ 1820.076220][ T5773] gspca_spca505: reg write: error -71 [ 1820.097844][ T5773] spca505 4-1:2.195: probe with driver spca505 failed with error -5 [ 1820.153431][ T5773] usb 4-1: USB disconnect, device number 85 [ 1820.181865][ T8850] loop6: detected capacity change from 0 to 512 [ 1820.223146][ T8850] EXT4-fs: Ignoring removed oldalloc option [ 1820.280153][ T8850] EXT4-fs error (device loop6): ext4_iget_extra_inode:5127: inode #15: comm syz.6.14904: corrupted in-inode xattr: invalid ea_ino [ 1820.325091][ T8860] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 1820.338010][ T8850] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1820.349187][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 1820.365176][ C0] EXT4-fs (loop6): initial error at time 2000525402: ext4_iget_extra_inode:5127: inode 15 [ 1820.375433][ C0] EXT4-fs (loop6): last error at time 2000525402: ext4_iget_extra_inode:5127: inode 15 [ 1820.375834][ T8850] EXT4-fs (loop6): Remounting filesystem read-only [ 1820.478512][ T8850] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1820.593421][ T8868] loop5: detected capacity change from 0 to 256 [ 1820.665772][ T8868] FAT-fs (loop5): Directory bread(block 64) failed [ 1820.682338][ T8868] FAT-fs (loop5): Directory bread(block 65) failed [ 1820.689039][ T8870] sit2: entered promiscuous mode [ 1820.727834][ T8868] FAT-fs (loop5): Directory bread(block 66) failed [ 1820.755513][ T8868] FAT-fs (loop5): Directory bread(block 67) failed [ 1820.766445][ T8868] FAT-fs (loop5): Directory bread(block 68) failed [ 1820.797149][ T8868] FAT-fs (loop5): Directory bread(block 69) failed [ 1820.836020][ T8868] FAT-fs (loop5): Directory bread(block 70) failed [ 1820.857945][T25335] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1820.878620][ T8868] FAT-fs (loop5): Directory bread(block 71) failed [ 1820.883998][ T8867] loop2: detected capacity change from 0 to 4096 [ 1820.956396][ T8868] FAT-fs (loop5): Directory bread(block 72) failed [ 1820.987159][ T8868] FAT-fs (loop5): Directory bread(block 73) failed [ 1820.994258][ T8867] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 1821.269749][ T8878] netlink: 5 bytes leftover after parsing attributes in process `syz.3.14917'. [ 1821.384081][ T8878] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1821.689451][ T1308] ieee802154 phy1 wpan1: encryption failed: -22 [ 1821.762334][ T8890] netlink: 16 bytes leftover after parsing attributes in process `syz.0.14921'. [ 1822.451694][ T8904] loop5: detected capacity change from 0 to 4096 [ 1822.487605][ T8904] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1822.531835][ T8904] NILFS (loop5): mounting unchecked fs [ 1822.561686][ T8904] NILFS (loop5): recovery required for readonly filesystem [ 1822.595480][ T8904] NILFS (loop5): write access will be enabled during recovery [ 1822.725479][ T8904] NILFS (loop5): norecovery option specified, skipping roll-forward recovery [ 1822.746189][ T8025] udevd[8025]: incorrect nilfs2 checksum on /dev/loop5 [ 1822.904392][ T8904] NILFS (loop5): couldn't remount because the filesystem is in an incomplete recovery state [ 1822.997588][ T8927] loop7: detected capacity change from 0 to 128 [ 1823.007782][ T8928] netlink: 12 bytes leftover after parsing attributes in process `syz.0.14937'. [ 1823.055316][ T8928] netlink: 15 bytes leftover after parsing attributes in process `syz.0.14937'. [ 1823.461591][ T8941] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 1823.463266][ T8939] loop2: detected capacity change from 0 to 512 [ 1823.536663][ T8939] EXT4-fs: Ignoring removed nobh option [ 1823.576909][ T8939] EXT4-fs: Ignoring removed bh option [ 1823.598525][ T8939] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1823.669501][ T8939] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback. [ 1823.684719][ T8939] ext4 filesystem being mounted at /2547/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1823.760590][ T8939] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 1823.773339][ T8939] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 1823.783011][ T8939] EXT4-fs error (device loop2): ext4_acquire_dquot:7032: comm syz.2.14944: Failed to acquire dquot type 0 [ 1823.876254][T24930] usb 4-1: new high-speed USB device number 86 using dummy_hcd [ 1823.994134][ T5626] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0007-000000000000. [ 1824.085442][T24930] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1824.109567][T24930] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 1824.177038][T24930] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1824.238476][T24930] usb 4-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5 [ 1824.287419][T24930] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1824.323743][T24930] usb 4-1: Product: syz [ 1824.348379][T24930] usb 4-1: Manufacturer: syz [ 1824.357765][ T24] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 1824.376254][T24930] usb 4-1: SerialNumber: syz [ 1824.379719][ T8964] loop5: detected capacity change from 0 to 1764 [ 1824.413676][T24930] usb 4-1: config 0 descriptor?? [ 1824.457295][T24930] uvcvideo 4-1:0.0: probe with driver uvcvideo failed with error -22 [ 1824.540374][ T24] usb 7-1: Using ep0 maxpacket: 32 [ 1824.570109][ T24] usb 7-1: config 0 has an invalid interface number: 110 but max is 0 [ 1824.595888][ T8970] openvswitch: netlink: IP tunnel dst address not specified [ 1824.601038][ T24] usb 7-1: config 0 has no interface number 0 [ 1824.624951][ T24] usb 7-1: config 0 interface 110 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1824.662679][ T24] usb 7-1: config 0 interface 110 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B [ 1824.694525][ T8973] openvswitch: netlink: Message has 1 unknown bytes. [ 1824.723465][ T24] usb 7-1: config 0 interface 110 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024 [ 1824.740502][ T8973] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1824.769302][T24930] usb 4-1: USB disconnect, device number 86 [ 1824.786973][ T24] usb 7-1: config 0 interface 110 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1824.816933][ T24] usb 7-1: config 0 interface 110 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 1824.855514][ T24] usb 7-1: config 0 interface 110 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 1824.889882][ T24] usb 7-1: config 0 interface 110 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 1824.923610][ T8974] loop0: detected capacity change from 0 to 4096 [ 1824.937615][ T24] usb 7-1: New USB device found, idVendor=04fc, idProduct=0231, bcdDevice=6f.a9 [ 1824.961663][ T24] usb 7-1: New USB device strings: Mfr=1, Product=237, SerialNumber=2 [ 1824.981113][ T24] usb 7-1: Product: syz [ 1824.991929][ T24] usb 7-1: Manufacturer: syz [ 1825.002695][ T24] usb 7-1: SerialNumber: syz [ 1825.042073][ T24] usb 7-1: config 0 descriptor?? [ 1825.066282][ T8974] ntfs3(loop0): Failed to initialize $Extend/$ObjId. [ 1825.085065][ T24] spcp8x5 7-1:0.110: SPCP8x5 converter detected [ 1825.123071][ T24] usb 7-1: SPCP8x5 converter now attached to ttyUSB0 [ 1825.160910][ T8982] loop5: detected capacity change from 0 to 512 [ 1825.247589][ T8982] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1825.358464][ T8982] ext4 filesystem being mounted at /2562/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1825.484328][ T8982] EXT4-fs error (device loop5): ext4_lookup:1785: inode #12: comm syz.5.14963: iget: bad i_size value: 2533274857506816 [ 1825.510819][ T24] usb 7-1: USB disconnect, device number 18 [ 1825.571475][ T24] SPCP8x5 ttyUSB0: SPCP8x5 converter now disconnected from ttyUSB0 [ 1825.617380][ T24] spcp8x5 7-1:0.110: device disconnected [ 1825.767497][ T5632] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1825.976062][ T8999] loop7: detected capacity change from 0 to 2048 [ 1826.416318][ T9018] loop3: detected capacity change from 0 to 512 [ 1826.437066][ T9018] EXT4-fs: Ignoring removed orlov option [ 1826.495460][ T9018] EXT4-fs: Ignoring removed bh option [ 1826.538643][ T9018] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1826.601152][ T9018] EXT4-fs (loop3): orphan cleanup on readonly fs [ 1826.758946][ T9018] EXT4-fs error (device loop3): ext4_validate_block_bitmap:440: comm syz.3.14978: bg 0: block 248: padding at end of block bitmap is not set [ 1826.853471][ T9018] loop3: lost filesystem error report for type 5 error -117 [ 1826.854372][ T9018] Quota error (device loop3): write_blk: dquota write failed [ 1826.868467][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 1826.876359][ C0] EXT4-fs (loop3): last error at time 2000525408: ext4_validate_block_bitmap:440 [ 1826.916534][ T9018] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 1826.966475][ T9018] EXT4-fs error (device loop3): ext4_acquire_dquot:7032: comm syz.3.14978: Failed to acquire dquot type 1 [ 1827.034797][ T9018] loop3: lost filesystem error report for type 5 error -117 [ 1827.040306][ T9018] EXT4-fs (loop3): 1 truncate cleaned up [ 1827.144223][ T9018] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1827.300017][ T9018] EXT4-fs: Ignoring removed orlov option [ 1827.326901][ T9018] EXT4-fs: Ignoring removed bh option [ 1827.363540][ T9018] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1827.405655][ T9018] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 1827.461323][ T9018] EXT4-fs error (device loop3): __ext4_remount:6837: comm syz.3.14978: Abort forced by user [ 1827.501148][ T9018] EXT4-fs (loop3): Remounting filesystem read-only [ 1827.522340][ T9018] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 1827.550747][ T9018] ext4 filesystem being remounted at /2459/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1827.651924][ T24] usb 6-1: new full-speed USB device number 74 using dummy_hcd [ 1827.742047][ T5635] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1827.860314][ T24] usb 6-1: not running at top speed; connect to a high speed hub [ 1827.914680][ T24] usb 6-1: config 65 has an invalid descriptor of length 0, skipping remainder of the config [ 1827.953229][ T24] usb 6-1: config 65 has 2 interfaces, different from the descriptor's value: 3 [ 1827.995116][ T24] usb 6-1: too many endpoints for config 65 interface 1 altsetting 255: 255, using maximum allowed: 30 [ 1828.048753][ T24] usb 6-1: config 65 interface 1 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 1828.105750][ T24] usb 6-1: config 65 interface 1 has no altsetting 0 [ 1828.155166][ T24] usb 6-1: New USB device found, idVendor=0bda, idProduct=4014, bcdDevice= 0.40 [ 1828.173262][ T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1828.193065][ T24] usb 6-1: Product: syz [ 1828.198105][ T24] usb 6-1: Manufacturer: syz [ 1828.215271][ T24] usb 6-1: SerialNumber: syz [ 1828.269968][ T24] usb 6-1: 0:2 : does not exist [ 1828.275310][ T24] usb 6-1: unit 130 not found! [ 1828.484429][ T9072] loop3: detected capacity change from 0 to 256 [ 1828.515500][ T9072] exfat: Deprecated parameter 'utf8' [ 1828.545454][ T9072] exfat: Deprecated parameter 'utf8' [ 1828.569288][ T9077] ÿ: renamed from dummy0 (while UP) [ 1828.575012][ T9072] exfat: Deprecated parameter 'utf8' [ 1828.637677][ T9072] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 1828.685510][ T24] usb 6-1: USB disconnect, device number 74 [ 1828.893633][ T9081] loop2: detected capacity change from 0 to 512 [ 1828.963403][ T9081] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 1829.021229][ T8025] udevd[8025]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:65.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1829.074893][ T9081] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4221: comm syz.2.15007: Allocating blocks 41-42 which overlap fs metadata [ 1829.182630][ T9081] loop2: lost filesystem error report for type 5 error -117 [ 1829.185883][ T9081] EXT4-fs (loop2): Remounting filesystem read-only [ 1829.193921][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 1829.193957][ C1] EXT4-fs (loop2): initial error at time 2000525410: ext4_mb_mark_diskspace_used:4221 [ 1829.194002][ C1] EXT4-fs (loop2): last error at time 2000525410: ext4_mb_mark_diskspace_used:4221 [ 1829.228418][ T9081] Quota error (device loop2): write_blk: dquota write failed [ 1829.229115][ T9088] loop3: detected capacity change from 0 to 512 [ 1829.235946][ T9081] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5 [ 1829.236283][ T9081] Quota error (device loop2): write_blk: dquota write failed [ 1829.236422][ T9081] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 1829.270241][ T9081] EXT4-fs (loop2): 1 truncate cleaned up [ 1829.278253][ T9081] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1829.329802][ T9088] EXT4-fs: inline encryption not supported [ 1829.377161][ T9088] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1829.428782][ T9088] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 1829.524303][ T9088] Quota error (device loop3): do_insert_tree: Free block already used in tree: block 1 [ 1829.598432][ T9088] Quota error (device loop3): qtree_write_dquot: Error -5 occurred while creating quota [ 1829.612048][ T5626] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1829.656131][ T9088] EXT4-fs error (device loop3): ext4_acquire_dquot:7032: comm syz.3.15009: Failed to acquire dquot type 1 [ 1829.712693][ T9088] loop3: lost filesystem error report for type 5 error -5 [ 1829.713323][ T9088] EXT4-fs (loop3): Remounting filesystem read-only [ 1829.727394][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 1829.727433][ C1] EXT4-fs (loop3): initial error at time 2000525410: ext4_acquire_dquot:7032 [ 1829.727478][ C1] EXT4-fs (loop3): last error at time 2000525410: ext4_acquire_dquot:7032 [ 1829.788925][ T9088] EXT4-fs (loop3): 1 truncate cleaned up [ 1829.856507][ T9088] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1829.965966][ T9104] netlink: 'syz.2.15014': attribute type 7 has an invalid length. [ 1830.141964][ T5635] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1830.937471][ T9126] loop0: detected capacity change from 0 to 4096 [ 1830.979239][ T9126] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 1831.082853][ T9126] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 1831.403756][ T9145] netlink: 8 bytes leftover after parsing attributes in process `syz.5.15037'. [ 1831.446093][ T9145] netlink: 8 bytes leftover after parsing attributes in process `syz.5.15037'. [ 1831.740713][ T9154] netlink: 'syz.3.15040': attribute type 10 has an invalid length. [ 1831.787827][ T9154] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1831.860021][ T9160] loop0: detected capacity change from 0 to 2048 [ 1831.884135][ T9160] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1832.002139][ T9161] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1832.234274][ T9169] netlink: 12 bytes leftover after parsing attributes in process `syz.3.15048'. [ 1832.263100][ T9160] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 3044605952 [ 1832.273035][ T9169] netlink: 15 bytes leftover after parsing attributes in process `syz.3.15048'. [ 1832.317200][ T9160] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=15) [ 1832.419163][ T9160] Remounting filesystem read-only [ 1832.438054][ T9160] NILFS (loop0): error -5 truncating bmap (ino=15) [ 1832.622190][ T5627] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 1832.966832][ T9188] loop2: detected capacity change from 0 to 256 [ 1832.995783][ T9188] exfat: Deprecated parameter 'utf8' [ 1833.020697][ T9188] exfat: Deprecated parameter 'utf8' [ 1833.042356][ T9188] exfat: Deprecated parameter 'utf8' [ 1833.078269][ T9188] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 1833.838069][ T9216] openvswitch: netlink: Missing key (keys=40, expected=100) [ 1833.852510][ T9213] netlink: 12 bytes leftover after parsing attributes in process `syz.7.15070'. [ 1833.917984][ T9213] netlink: 15 bytes leftover after parsing attributes in process `syz.7.15070'. [ 1833.968567][ T9217] loop2: detected capacity change from 0 to 2048 [ 1833.969601][ T9219] netlink: 8 bytes leftover after parsing attributes in process `syz.3.15073'. [ 1834.009328][ T9217] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1834.069463][ T9217] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1834.709517][ T9199] loop0: detected capacity change from 0 to 32768 [ 1834.722972][ T9232] loop3: detected capacity change from 0 to 1764 [ 1835.324618][ T9250] loop7: detected capacity change from 0 to 256 [ 1836.085725][ T9276] loop5: detected capacity change from 0 to 256 [ 1836.276610][ T9276] FAT-fs (loop5): Directory bread(block 64) failed [ 1836.302900][ T9276] FAT-fs (loop5): Directory bread(block 65) failed [ 1836.323453][ T9276] FAT-fs (loop5): Directory bread(block 66) failed [ 1836.356335][ T9276] FAT-fs (loop5): Directory bread(block 67) failed [ 1836.383566][ T9276] FAT-fs (loop5): Directory bread(block 68) failed [ 1836.408201][ T9276] FAT-fs (loop5): Directory bread(block 69) failed [ 1836.436557][ T9276] FAT-fs (loop5): Directory bread(block 70) failed [ 1836.467428][ T9276] FAT-fs (loop5): Directory bread(block 71) failed [ 1836.495291][ T9276] FAT-fs (loop5): Directory bread(block 72) failed [ 1836.521140][ T9276] FAT-fs (loop5): Directory bread(block 73) failed [ 1836.915505][ T9286] netlink: 'syz.6.15106': attribute type 11 has an invalid length. [ 1837.061080][ T9293] netlink: 'syz.5.15108': attribute type 41 has an invalid length. [ 1837.545922][ T9305] netlink: 12 bytes leftover after parsing attributes in process `syz.6.15115'. [ 1837.588073][ T9305] netlink: 15 bytes leftover after parsing attributes in process `syz.6.15115'. [ 1837.604459][ T9275] loop2: detected capacity change from 0 to 32768 [ 1837.712934][ T9275] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 1838.009496][ T9318] fuse: blksize only supported for fuseblk [ 1838.083355][ T9321] netlink: 'syz.5.15122': attribute type 1 has an invalid length. [ 1838.170705][ T9323] loop0: detected capacity change from 0 to 64 [ 1838.288176][ T5626] ocfs2: Unmounting device (7,2) on (node local) [ 1838.820601][ T9335] loop0: detected capacity change from 0 to 2048 [ 1838.869332][ T9335] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1838.928852][ T9335] NILFS (loop0): mounting unchecked fs [ 1838.991621][ T9335] NILFS (loop0): recovery complete [ 1839.023462][ T9344] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1839.170406][ T9346] netlink: 'syz.6.15134': attribute type 11 has an invalid length. [ 1839.430484][ T9351] netlink: 108 bytes leftover after parsing attributes in process `syz.2.15136'. [ 1839.530914][ T9351] netlink: 108 bytes leftover after parsing attributes in process `syz.2.15136'. [ 1840.006183][ T9360] bond4: peer notification delay (23) is not a multiple of miimon (100), value rounded to 0 ms [ 1840.053711][ T9360] 8021q: adding VLAN 0 to HW filter on device bond4 [ 1840.786599][ T9394] loop5: detected capacity change from 0 to 512 [ 1840.898967][ T9394] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1840.929013][ T9394] ext4 filesystem being mounted at /2596/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1840.949427][ T9394] fscrypt (loop5, inode 15): Error -61 getting encryption context [ 1840.993674][ T5632] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1841.232569][ T9410] program syz.7.15164 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1841.681227][ T24] usb 4-1: new high-speed USB device number 87 using dummy_hcd [ 1841.699899][ T9428] netlink: 'syz.0.15173': attribute type 21 has an invalid length. [ 1841.711220][ T9428] netlink: 128 bytes leftover after parsing attributes in process `syz.0.15173'. [ 1841.744484][ T9428] netlink: 'syz.0.15173': attribute type 5 has an invalid length. [ 1841.745406][ T9430] loop6: detected capacity change from 0 to 16 [ 1841.796400][ T9428] netlink: 'syz.0.15173': attribute type 6 has an invalid length. [ 1841.798497][ T9430] erofs (device loop6): mounted with root inode @ nid 36. [ 1841.851741][ T9428] netlink: 3 bytes leftover after parsing attributes in process `syz.0.15173'. [ 1841.864277][ T24] usb 4-1: Using ep0 maxpacket: 16 [ 1841.876926][ T9430] syz.6.15174: attempt to access beyond end of device [ 1841.876926][ T9430] loop6: rw=524288, sector=671088648, nr_sectors = 8 limit=16 [ 1841.893437][ T24] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00 [ 1841.906333][ T9436] netlink: 'syz.5.15187': attribute type 2 has an invalid length. [ 1841.922115][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1841.935395][ T9430] syz.6.15174: attempt to access beyond end of device [ 1841.935395][ T9430] loop6: rw=0, sector=671088648, nr_sectors = 8 limit=16 [ 1841.959615][ T24] usb 4-1: config 0 descriptor?? [ 1841.987217][ T24] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 1841.995503][ T9430] erofs (device loop6): read error -5 @ 0 of nid 89 [ 1842.030948][ T30] audit: type=1800 audit(2000525422.380:338): pid=9430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.15174" name="file3" dev="loop6" ino=89 res=0 errno=0 [ 1842.235770][ T24] usb 4-1: Detected FT232B [ 1842.451407][ T24] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 1842.490448][ T24] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 1842.518918][ T24] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 1842.556278][ T24] usb 4-1: USB disconnect, device number 87 [ 1842.711348][ T24] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 1842.759202][ T24] ftdi_sio 4-1:0.0: device disconnected [ 1842.839294][ T9460] binder: 9458:9460 ioctl c0046209 9999999999999999 returned -22 [ 1843.445854][ T24] usb 6-1: new high-speed USB device number 75 using dummy_hcd [ 1843.637976][ T24] usb 6-1: Using ep0 maxpacket: 32 [ 1843.659148][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1843.698286][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1843.732760][ T24] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1843.769164][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1843.831113][ T24] usb 6-1: config 0 descriptor?? [ 1843.862287][ T24] hub 6-1:0.0: USB hub found [ 1844.100096][ T24] hub 6-1:0.0: 29 ports detected [ 1844.119813][ T9496] netlink: 148 bytes leftover after parsing attributes in process `syz.0.15207'. [ 1844.127475][ T24] hub 6-1:0.0: insufficient power available to use all downstream ports [ 1844.152708][ T9496] netlink: 56 bytes leftover after parsing attributes in process `syz.0.15207'. [ 1844.195173][ T9496] netlink: 'syz.0.15207': attribute type 1 has an invalid length. [ 1844.312255][ T9473] loop6: detected capacity change from 0 to 32768 [ 1844.332342][ T24] hub 6-1:0.0: hub_hub_status failed (err = -71) [ 1844.355702][ T9473] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.15195 (9473) [ 1844.380165][ T24] hub 6-1:0.0: config failed, can't get hub status (err -71) [ 1844.411836][ T24] usbhid 6-1:0.0: can't add hid device: -71 [ 1844.422380][ T9473] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1844.438597][ T24] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 1844.456860][ T9473] BTRFS info (device loop6): using sha256 checksum algorithm [ 1844.497257][ T24] usb 6-1: USB disconnect, device number 75 [ 1844.534747][ T5773] usb 3-1: new full-speed USB device number 84 using dummy_hcd [ 1844.628058][ T9473] BTRFS info (device loop6): enabling ssd optimizations [ 1844.641980][ T9473] BTRFS info (device loop6): turning on async discard [ 1844.649868][ T9522] netlink: 256 bytes leftover after parsing attributes in process `syz.7.15213'. [ 1844.698129][ T9473] BTRFS info (device loop6): enabling free space tree [ 1844.765570][ T5773] usb 3-1: config index 0 descriptor too short (expected 86, got 68) [ 1844.790954][ T5773] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1844.835371][ T5773] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1844.867515][ T5773] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 1844.877245][ T5773] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1844.898237][ T5773] usb 3-1: SerialNumber: syz [ 1845.035084][ T5773] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22 [ 1845.072668][ T5773] usb-storage 3-1:1.0: USB Mass Storage device detected [ 1845.097192][ T9531] binder: 9530:9531 ioctl c0046209 0 returned -22 [ 1845.159270][ T5773] usb-storage 3-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 1845.179567][ T5773] scsi host1: usb-storage 3-1:1.0 [ 1845.203036][T25335] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1845.313744][ T9536] loop0: detected capacity change from 0 to 512 [ 1845.373801][ T9536] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 1845.448186][ T9536] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 1845.513622][ T9536] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 1845.594123][ T9536] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e02c, mo2=0006] [ 1845.688983][ T9536] System zones: 0-2, 18-18, 34-35 [ 1845.833272][ T9536] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1846.138765][ T5627] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1846.773466][ T24] usb 3-1: USB disconnect, device number 84 [ 1846.942102][ T9562] loop5: detected capacity change from 0 to 512 [ 1847.012656][ T9562] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1847.303371][ T9548] loop6: detected capacity change from 0 to 32768 [ 1848.082956][ T9580] netlink: 256 bytes leftover after parsing attributes in process `syz.2.15238'. [ 1848.427435][ T30] audit: type=1326 audit(2000525428.369:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.2.15243" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72a359ce59 code=0x7ffc0000 [ 1848.514582][ T30] audit: type=1326 audit(2000525428.397:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.2.15243" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72a359ce59 code=0x7ffc0000 [ 1848.619667][ T30] audit: type=1326 audit(2000525428.397:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.2.15243" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72a359ce59 code=0x7ffc0000 [ 1848.712310][ T30] audit: type=1326 audit(2000525428.397:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.2.15243" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7f72a359ce59 code=0x7ffc0000 [ 1848.767223][ T5773] usb 1-1: new full-speed USB device number 72 using dummy_hcd [ 1848.772883][ T30] audit: type=1326 audit(2000525428.397:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.2.15243" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72a359ce59 code=0x7ffc0000 [ 1848.828310][ T9606] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1848.887948][ T30] audit: type=1326 audit(2000525428.406:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.2.15243" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72a359ce59 code=0x7ffc0000 [ 1848.930117][ T30] audit: type=1326 audit(2000525428.406:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.2.15243" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72a359ce59 code=0x7ffc0000 [ 1848.983550][ T5773] usb 1-1: unable to get BOS descriptor or descriptor too short [ 1849.017169][ T5773] usb 1-1: not running at top speed; connect to a high speed hub [ 1849.060045][ T5773] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1849.060091][ T5773] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1849.062941][ T5773] usb 1-1: New USB device found, idVendor=200c, idProduct=1018, bcdDevice= 0.40 [ 1849.090532][ T30] audit: type=1326 audit(2000525428.406:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.2.15243" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f72a359ce59 code=0x7ffc0000 [ 1849.181353][ T30] audit: type=1326 audit(2000525428.406:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.2.15243" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f72a359ce59 code=0x7ffc0000 [ 1849.191886][ T5773] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1849.296433][ T5773] usb 1-1: Product: syz [ 1849.311047][ T5773] usb 1-1: Manufacturer: syz [ 1849.323003][ T5773] usb 1-1: SerialNumber: syz [ 1849.536052][ T9623] loop7: detected capacity change from 0 to 512 [ 1849.605771][ T5773] usb 1-1: 3:0: failed to get current value for ch 0 (-71) [ 1849.850997][ T5773] usb 1-1: USB disconnect, device number 72 [ 1849.998244][ T9639] netlink: 168 bytes leftover after parsing attributes in process `syz.2.15267'. [ 1850.030491][ T9639] netlink: 31 bytes leftover after parsing attributes in process `syz.2.15267'. [ 1850.119085][ T9639] netlink: 31 bytes leftover after parsing attributes in process `syz.2.15267'. [ 1850.614601][ T9657] loop5: detected capacity change from 0 to 64 [ 1850.752944][ T9663] netlink: 20 bytes leftover after parsing attributes in process `syz.2.15279'. [ 1850.915029][ T5781] usb 1-1: new high-speed USB device number 73 using dummy_hcd [ 1851.075362][ T24] usb 4-1: new full-speed USB device number 88 using dummy_hcd [ 1851.126319][ T9673] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15284'. [ 1851.138232][ T5781] usb 1-1: unable to get BOS descriptor or descriptor too short [ 1851.167089][ T5781] usb 1-1: New USB device found, idVendor=04b4, idProduct=9320, bcdDevice= 0.40 [ 1851.190571][ T5781] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1851.210200][ T5781] usb 1-1: Product: syz [ 1851.223747][ T5781] usb 1-1: Manufacturer: syz [ 1851.237128][ T5781] usb 1-1: SerialNumber: syz [ 1851.263464][ T5781] usb 1-1: Audio class v2/v3 interfaces need an interface association [ 1851.272060][ T24] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1851.318775][ T24] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1851.359675][ T24] usb 4-1: New USB device found, idVendor=2b73, idProduct=001b, bcdDevice= 0.40 [ 1851.382098][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1851.409583][ T24] usb 4-1: Product: syz [ 1851.424258][ T24] usb 4-1: Manufacturer: syz [ 1851.440121][ T24] usb 4-1: SerialNumber: syz [ 1851.465967][ T5781] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 1851.481920][ T24] usb 4-1: cannot find UAC_HEADER [ 1851.628821][ T5781] snd-usb-hiface 1-1:1.0: probe with driver snd-usb-hiface failed with error -22 [ 1851.652119][ T24] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 1851.745317][ T5781] usb 1-1: can't set first interface for hiFace device. [ 1851.766506][ T5781] snd-usb-hiface 1-1:1.1: probe with driver snd-usb-hiface failed with error -5 [ 1851.784969][ T5773] usb 4-1: USB disconnect, device number 88 [ 1851.821930][ T5781] usb 1-1: can't set first interface for hiFace device. [ 1851.840691][ T5781] snd-usb-hiface 1-1:1.2: probe with driver snd-usb-hiface failed with error -5 [ 1851.867997][ T5781] usb 1-1: USB disconnect, device number 73 [ 1851.884828][ T9687] loop2: detected capacity change from 0 to 2048 [ 1851.947165][ T9688] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1851.983834][ T9687] NILFS error (device loop2): nilfs_check_folio: bad entry in directory #2: unaligned directory entry - offset=104, inode=18446744073709551376, rec_len=255, name_len=5 [ 1852.011863][ T8025] udevd[8025]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1852.056452][ T9687] Remounting filesystem read-only [ 1852.089652][ T5968] udevd[5968]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1852.321576][ T9677] loop6: detected capacity change from 0 to 40427 [ 1852.332798][ T9677] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12 [ 1852.350679][ T9677] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 1852.383474][ T9677] F2FS-fs (loop6): invalid crc value [ 1852.665762][ T9677] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1852.766679][ T9706] Invalid option length (1047916) for dns_resolver key [ 1852.819361][ T9677] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 1852.845795][ T9677] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 1852.881911][ T5781] usb 4-1: new high-speed USB device number 89 using dummy_hcd [ 1853.084666][ T5781] usb 4-1: Using ep0 maxpacket: 16 [ 1853.126992][ T5781] usb 4-1: config 166 has an invalid interface number: 177 but max is 1 [ 1853.157023][ T5781] usb 4-1: config 166 has an invalid interface number: 34 but max is 1 [ 1853.202392][ T5781] usb 4-1: config 166 has no interface number 0 [ 1853.221677][ T5781] usb 4-1: config 166 has no interface number 1 [ 1853.241454][ T5781] usb 4-1: config 166 interface 177 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 1853.271255][ T5781] usb 4-1: config 166 interface 177 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 1853.301071][ T5781] usb 4-1: config 166 interface 34 altsetting 1 has a duplicate endpoint with address 0x9, skipping [ 1853.301164][ T9720] netlink: 12 bytes leftover after parsing attributes in process `syz.5.15305'. [ 1853.324391][ T5781] usb 4-1: config 166 interface 34 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86 [ 1853.367857][ T5781] usb 4-1: config 166 interface 34 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024 [ 1853.390558][ T5781] usb 4-1: config 166 interface 34 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024 [ 1853.414194][ T5781] usb 4-1: config 166 interface 34 altsetting 1 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1853.450719][ T5781] usb 4-1: config 166 interface 34 altsetting 1 endpoint 0x85 has invalid wMaxPacketSize 0 [ 1853.469776][ T5781] usb 4-1: config 166 interface 34 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4 [ 1853.502529][ T5781] usb 4-1: config 166 interface 177 has no altsetting 0 [ 1853.510021][ T5781] usb 4-1: config 166 interface 34 has no altsetting 0 [ 1853.527461][ T5781] usb 4-1: New USB device found, idVendor=0bda, idProduct=0138, bcdDevice=30.12 [ 1853.552932][ T5781] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1853.589446][ T5781] usb 4-1: Product: syz [ 1853.620499][ T5781] usb 4-1: Manufacturer: syz [ 1853.634203][ T5781] usb 4-1: SerialNumber: syz [ 1853.707370][ T9728] loop0: detected capacity change from 0 to 64 [ 1853.932920][ T5781] ums-realtek 4-1:166.177: USB Mass Storage device detected [ 1854.118091][ T5781] ums-realtek 4-1:166.34: USB Mass Storage device detected [ 1854.238897][ T5781] ums-realtek 4-1:166.34: probe with driver ums-realtek failed with error -5 [ 1854.257588][ T5781] uvcvideo 4-1:166.34: Found UVC 0.00 device syz (0bda:0138) [ 1854.265467][ T5781] uvcvideo 4-1:166.34: No valid video chain found. [ 1854.307791][ T5781] usb 4-1: USB disconnect, device number 89 [ 1854.401919][ T9744] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 1854.419624][ T9744] overlayfs: missing 'lowerdir' [ 1855.236439][ T9766] loop2: detected capacity change from 0 to 512 [ 1855.315808][ T9766] EXT4-fs: inline encryption not supported [ 1855.438707][ T9766] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1855.471094][ T9766] ext4 filesystem being mounted at /2615/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1855.686719][ T5781] usb 6-1: new high-speed USB device number 76 using dummy_hcd [ 1855.791521][ T5626] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1855.877813][ T5781] usb 6-1: Using ep0 maxpacket: 32 [ 1855.899556][ T5781] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1855.919571][ T5781] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 1855.953399][ T5781] usb 6-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 1855.974733][ T5781] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1856.002244][ T5781] usb 6-1: Product: syz [ 1856.016864][ T5781] usb 6-1: Manufacturer: syz [ 1856.036738][ T5781] usb 6-1: SerialNumber: syz [ 1856.043211][ T9787] libceph: resolve '0' (ret=-3): failed [ 1856.309809][ T5781] usb 6-1: Invalid number of CPorts: 0 [ 1856.333236][ T5781] es2_ap_driver 6-1:7.0: probe with driver es2_ap_driver failed with error -22 [ 1856.391197][ T9768] loop7: detected capacity change from 0 to 32768 [ 1856.418281][ T9795] netlink: 'syz.3.15338': attribute type 61 has an invalid length. [ 1856.483635][ T9768] BTRFS: device fsid db05bf05-c4f4-4d41-ba1f-eb57295b561b devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.15328 (9768) [ 1856.553123][ T9768] BTRFS error: failed to open device for path /dev/loop7 with flags 0x23: -13 [ 1856.596547][ T9797] netlink: 24 bytes leftover after parsing attributes in process `syz.2.15340'. [ 1856.615838][ T5781] usb 6-1: USB disconnect, device number 76 [ 1856.942995][ T9806] netlink: 76 bytes leftover after parsing attributes in process `syz.2.15344'. [ 1857.125233][ T9781] loop6: detected capacity change from 0 to 40427 [ 1857.162688][ T9781] F2FS-fs (loop6): invalid crc value [ 1857.556651][ T9821] qrtr: Invalid version 0 [ 1857.823366][ T9823] bond3: up delay (2) is not a multiple of miimon (80), value rounded to 0 ms [ 1857.835909][ T9781] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1857.848489][ T9818] loop2: detected capacity change from 0 to 4096 [ 1857.885495][ T9823] bond3: entered promiscuous mode [ 1857.915774][ T9823] 8021q: adding VLAN 0 to HW filter on device bond3 [ 1857.991373][ T9827] netlink: 'syz.3.15353': attribute type 12 has an invalid length. [ 1857.999512][ T9781] F2FS-fs (loop6): Start checkpoint disabled! [ 1858.242094][ T9781] F2FS-fs (loop6): f2fs_disable_checkpoint() finish, err:0 [ 1858.264409][ T9781] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6 [ 1858.872968][ T9851] loop0: detected capacity change from 0 to 256 [ 1858.924972][ T9851] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1858.945116][ T9847] loop5: detected capacity change from 0 to 4096 [ 1859.022630][ T9847] ntfs3(loop5): ino=0, mi_enum_attr [ 1859.037825][ T9851] exFAT-fs (loop0): valid_size(150994954) is greater than size(10) [ 1859.111956][ T9847] ntfs3(loop5): ino=0, mi_enum_attr [ 1859.144230][ T9847] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 1859.228904][ T9847] ntfs3(loop5): ino=0, mi_enum_attr [ 1860.038923][ T9874] netlink: 24 bytes leftover after parsing attributes in process `syz.2.15375'. [ 1860.187169][ T30] audit: type=1400 audit(2000525439.372:348): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=9879 comm="syz.6.15378" [ 1860.240281][ T9882] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes. [ 1860.499311][ T9888] loop6: detected capacity change from 0 to 1024 [ 1861.200205][ T9907] bond4: up delay (2) is not a multiple of miimon (80), value rounded to 0 ms [ 1861.211000][ T9907] bond4: entered promiscuous mode [ 1861.223746][ T9907] 8021q: adding VLAN 0 to HW filter on device bond4 [ 1861.237132][ T9893] Process accounting resumed [ 1861.739655][ T9920] loop0: detected capacity change from 0 to 16 [ 1861.776258][ T9920] erofs (device loop0): mounted with root inode @ nid 36. [ 1862.044696][ T9922] loop2: detected capacity change from 0 to 4096 [ 1862.240976][ T9922] kAFS: unable to lookup cell '}1&fo3Š™ÄÌâbñ&1«˜ML³‹9ěŜâ-b.ñV1·x›˜G¼]Ì+æó‹wˆÄ‚b!±°XD,*ï‹‹%ĻĒâÝb)±´XF,+–Ë‹ÄŠb%±²XE¬*V«‹÷ˆ5Äšb-±¶XG¬+Öë‹Ä†b#ñ^±±ØDl*Þ'6-Ä–b+±µØFl+¶Û‹ÄŽb'±³ØEì*v»‹=Äžâb/±·ØGì+öû‹ććÅâ#â q°8D*‡‹‰#Ä‘â(q´8F|\+>!ŽÇ‹ĉâ$q²8E|Rœ*N§‹O‰3ħřâ,q¶8Gœ+>#Οç‹Ï‰ Ä…â"q±¸D|^\*¾ ._—‹/‰+Ä•â*ñeññUqµøš¸F|]\+¾!®ß׋Ä·ÄâÛâ&ñq³¸E|W|OÜ*¾/n?·‹;Äâ.q·¸GÜ+î?÷‹ăâ!ñ°xD<*~$?‹Ÿˆ'ÄOÅÏÄÏÅ“ââ)ñKñ´ø•xFüZ<+~#~+~'~/þ žÏ‹ÄÅ‹âOâÏâ/â%ñ²H$Fb%Nâ%A%I’%ER%MÒ%C2%K²%Gr%Oò¥˜”AºAÊ(e’2K7JY¤›¤¬R6)AÊ.ån–rJ·H¹¤[¥ÜÒmRév)¯”OÊ/Ý! [ 1862.240976][ T9922] J…¤ÂR©¨TLºS*.•î’JJwK¥¤ÒR©¬TN*/U*J•¤ÊR©ªTMª.Ý#ÕjJµ¤ÚR©®TOª/5J¤{¥ÆR©©tŸÔLº_j.µZJ­¤ÖR©­ÔNj/u' [ 1862.520295][ T30] audit: type=1326 audit(2000525441.552:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9938 comm="syz.5.15407" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc384d9ce59 code=0x7ffc0000 [ 1862.520393][ T30] audit: type=1326 audit(2000525441.552:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9938 comm="syz.5.15407" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc384d9ce59 code=0x7ffc0000 [ 1862.520475][ T30] audit: type=1326 audit(2000525441.552:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9938 comm="syz.5.15407" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc384d9ce59 code=0x7ffc0000 [ 1862.539906][ T30] audit: type=1326 audit(2000525441.571:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9938 comm="syz.5.15407" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc384d9ce59 code=0x7ffc0000 [ 1862.540336][ T30] audit: type=1326 audit(2000525441.571:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9938 comm="syz.5.15407" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc384d9ce59 code=0x7ffc0000 [ 1862.558336][ T30] audit: type=1326 audit(2000525441.590:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9938 comm="syz.5.15407" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7fc384d9ce59 code=0x7ffc0000 [ 1862.558432][ T30] audit: type=1326 audit(2000525441.590:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9938 comm="syz.5.15407" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc384d9ce59 code=0x7ffc0000 [ 1862.558529][ T30] audit: type=1326 audit(2000525441.590:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9938 comm="syz.5.15407" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc384d9ce59 code=0x7ffc0000 [ 1862.565906][ T30] audit: type=1326 audit(2000525441.590:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9938 comm="syz.5.15407" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fc384d9ce59 code=0x7ffc0000 [ 1862.681247][ T9905] loop6: detected capacity change from 0 to 32768 [ 1862.753789][ T9905] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1863.002081][ T9954] netlink: 'syz.5.15411': attribute type 1 has an invalid length. [ 1863.259904][ T9905] XFS (loop6): Ending clean mount [ 1863.264233][ T9905] XFS (loop6): Quotacheck needed: Please wait. [ 1863.699159][ T9972] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15418'. [ 1863.716817][ T9973] loop5: detected capacity change from 0 to 1024 [ 1863.734634][ T9972] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15418'. [ 1863.778834][ T9905] XFS (loop6): Quotacheck: Done. [ 1863.842446][ T9973] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1863.946874][ T9982] loop2: detected capacity change from 0 to 256 [ 1863.961042][ T9982] exfat: Deprecated parameter 'namecase' [ 1863.968098][ T9973] tmpfs: Bad value for 'mpol' [ 1863.973120][ T9982] exfat: Deprecated parameter 'namecase' [ 1863.983257][ T9982] exfat: Deprecated parameter 'utf8' [ 1864.043468][ T9982] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d) [ 1864.159514][ T5632] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1864.201045][T25335] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1864.840012][T10002] openvswitch: netlink: VXLAN extension message has 1 unknown bytes. [ 1864.892731][T10003] openvswitch: netlink: IPv6 tunnel dst address is zero [ 1865.254017][T10009] CIFS: bad ip= option (%‹R¯HÖe'ì»Ë /Ïâµüë1ýC¸ £~—1W–쯑ë¨eþxEA®ÁþeSb{~Rð) [ 1865.308929][T10012] autofs4:pid:10012:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374) [ 1865.909791][ T9995] loop2: detected capacity change from 0 to 32768 [ 1865.973906][T10030] IPv6: NLM_F_CREATE should be specified when creating new route [ 1866.018761][T10031] loop3: detected capacity change from 0 to 2048 [ 1866.044893][T10031] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 1866.078738][T10031] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 1866.246788][T10031] befs: (loop3): No write support. Marking filesystem read-only [ 1866.280886][T10038] openvswitch: netlink: Unexpected mask (mask=200240, allowed=10048) [ 1866.295071][T10031] befs: (loop3): unable to read superblock [ 1866.528865][T10046] netlink: 'syz.5.15453': attribute type 1 has an invalid length. [ 1866.694488][T10049] loop7: detected capacity change from 0 to 1024 [ 1866.789552][T10054] loop3: detected capacity change from 0 to 1024 [ 1866.866707][T10054] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 1867.240140][T10057] Process accounting resumed [ 1867.450894][T10072] netlink: 212 bytes leftover after parsing attributes in process `syz.7.15465'. [ 1867.499615][T10074] netlink: 'syz.0.15466': attribute type 2 has an invalid length. [ 1868.185777][ T5781] usb 6-1: new high-speed USB device number 77 using dummy_hcd [ 1868.389237][ T5781] usb 6-1: Using ep0 maxpacket: 32 [ 1868.422762][T24930] Process accounting resumed [ 1868.428679][ T5781] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1868.430083][ T5781] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1868.441728][ T5781] usb 6-1: New USB device found, idVendor=3b82, idProduct=00eb, bcdDevice= 0.40 [ 1868.522414][ T5781] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=8 [ 1868.559785][ T5781] usb 6-1: Product: syz [ 1868.565735][ T5781] usb 6-1: Manufacturer: syz [ 1868.576344][T10105] syz.0.15481: vmalloc error: size 18446744073699066186, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 1868.582794][ T5781] usb 6-1: SerialNumber: syz [ 1868.614953][T10105] CPU: 0 UID: 0 PID: 10105 Comm: syz.0.15481 Tainted: G L syzkaller #0 PREEMPT(full) [ 1868.615016][T10105] Tainted: [L]=SOFTLOCKUP [ 1868.615031][T10105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1868.615055][T10105] Call Trace: [ 1868.615069][T10105] [ 1868.615085][T10105] dump_stack_lvl+0x100/0x190 [ 1868.615140][T10105] warn_alloc.cold+0x95/0x1c1 [ 1868.615184][T10105] ? __pfx_warn_alloc+0x10/0x10 [ 1868.615232][T10105] ? do_syscall_64+0x10b/0x860 [ 1868.615273][T10105] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1868.615325][T10105] ? __lock_acquire+0x4a5/0x2630 [ 1868.615385][T10105] ? __UNIQUE_ID_modinfo_719+0x63e563c8/0xffffffffffeca27e [ 1868.615449][T10105] ? __UNIQUE_ID_modinfo_719+0x63e563c8/0xffffffffffeca27e [ 1868.615503][T10105] __vmalloc_node_range_noprof+0x136c/0x1630 [ 1868.615548][T10105] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1868.615608][T10105] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1868.615655][T10105] ? rcu_is_watching+0x12/0xc0 [ 1868.615711][T10105] ? __UNIQUE_ID_modinfo_719+0x63e563c8/0xffffffffffeca27e [ 1868.615764][T10105] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1868.615810][T10105] ? trace_contention_end+0x122/0x170 [ 1868.615864][T10105] ? dvb_demux_do_ioctl+0x9e0/0x1200 [ 1868.615917][T10105] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1868.615967][T10105] ? dvb_demux_do_ioctl+0x929/0x1200 [ 1868.616016][T10105] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1868.616066][T10105] ? lockdep_hardirqs_on+0x78/0x100 [ 1868.616106][T10105] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1868.616155][T10105] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1868.616202][T10105] ? find_held_lock+0x2b/0x80 [ 1868.616265][T10105] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1868.616307][T10105] ? __pfx___mutex_lock+0x10/0x10 [ 1868.616358][T10105] ? tomoyo_path_number_perm+0x188/0x580 [ 1868.616410][T10105] ? __UNIQUE_ID_modinfo_719+0x63e563c8/0xffffffffffeca27e [ 1868.616467][T10105] ? dvb_demux_do_ioctl+0x9e0/0x1200 [ 1868.616544][T10105] __vmalloc_node_noprof+0xad/0xf0 [ 1868.616591][T10105] ? dvb_demux_do_ioctl+0x9e0/0x1200 [ 1868.616642][T10105] ? __UNIQUE_ID_modinfo_719+0x63e563c8/0xffffffffffeca27e [ 1868.616702][T10105] dvb_demux_do_ioctl+0x9e0/0x1200 [ 1868.616755][T10105] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1868.616801][T10105] ? do_vfs_ioctl+0x226/0x13e0 [ 1868.616864][T10105] ? __UNIQUE_ID_modinfo_719+0x63e563c8/0xffffffffffeca27e [ 1868.616916][T10105] dvb_usercopy+0x167/0x340 [ 1868.616958][T10105] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 1868.617009][T10105] ? __UNIQUE_ID_modinfo_719+0x63e563c8/0xffffffffffeca27e [ 1868.617065][T10105] ? __pfx_dvb_usercopy+0x10/0x10 [ 1868.617128][T10105] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1868.617176][T10105] ? __fget_files+0x21f/0x3d0 [ 1868.617223][T10105] ? __UNIQUE_ID_modinfo_719+0x63e563c8/0xffffffffffeca27e [ 1868.617279][T10105] ? __UNIQUE_ID_modinfo_719+0x63e563c8/0xffffffffffeca27e [ 1868.617333][T10105] dvb_demux_ioctl+0x29/0x40 [ 1868.617377][T10105] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 1868.617425][T10105] __x64_sys_ioctl+0x18e/0x210 [ 1868.617489][T10105] do_syscall_64+0x10b/0x860 [ 1868.617536][T10105] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1868.617575][T10105] RIP: 0033:0x7fceea79ce59 [ 1868.617618][T10105] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1868.617657][T10105] RSP: 002b:00007fceeb58f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1868.617694][T10105] RAX: ffffffffffffffda RBX: 00007fceeaa15fa0 RCX: 00007fceea79ce59 [ 1868.617721][T10105] RDX: ffffffffff60014a RSI: 0000000000006f2d RDI: 0000000000000003 [ 1868.617746][T10105] RBP: 00007fceea832d6f R08: 0000000000000000 R09: 0000000000000000 [ 1868.617770][T10105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1868.617794][T10105] R13: 00007fceeaa16038 R14: 00007fceeaa15fa0 R15: 00007ffc8b45e9e8 [ 1868.617835][T10105] ? __UNIQUE_ID_modinfo_719+0x63e563c8/0xffffffffffeca27e [ 1868.617901][T10105] [ 1869.025989][T10076] loop6: detected capacity change from 0 to 32768 [ 1869.027166][T10105] Mem-Info: [ 1869.081150][T10105] active_anon:13485 inactive_anon:0 isolated_anon:0 [ 1869.081150][T10105] active_file:10831 inactive_file:9138 isolated_file:0 [ 1869.081150][T10105] unevictable:768 dirty:474 writeback:0 [ 1869.081150][T10105] slab_reclaimable:7682 slab_unreclaimable:196325 [ 1869.081150][T10105] mapped:36271 shmem:5427 pagetables:1639 [ 1869.081150][T10105] sec_pagetables:0 bounce:0 [ 1869.081150][T10105] kernel_misc_reclaimable:0 [ 1869.081150][T10105] free:1211990 free_pcp:8773 free_cma:0 [ 1869.081966][T10076] BTRFS: device fsid db05bf05-c4f4-4d41-ba1f-eb57295b561b devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.15468 (10076) [ 1869.185668][T10103] loop3: detected capacity change from 0 to 4096 [ 1869.248801][T10105] Node 0 active_anon:55012kB inactive_anon:0kB active_file:43324kB inactive_file:36448kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:145064kB dirty:1940kB writeback:0kB shmem:22204kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13432kB pagetables:6336kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 1869.285841][T10105] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 1869.320704][T10105] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1869.352647][T10105] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 1869.358677][T10105] Node 0 DMA32 free:886460kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:55612kB inactive_anon:0kB active_file:43324kB inactive_file:36848kB unevictable:1536kB writepending:1940kB zspages:0kB present:3129332kB managed:2537136kB mlocked:0kB bounce:0kB free_pcp:26552kB local_pcp:18920kB free_cma:0kB [ 1869.393500][T10105] lowmem_reserve[]: 0 0 1 1 1 [ 1869.398371][T10105] Node 0 Normal free:0kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1092kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 1869.429342][T10105] lowmem_reserve[]: 0 0 0 0 0 [ 1869.434327][T10105] Node 1 Normal free:3944124kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:8192kB local_pcp:4096kB free_cma:0kB [ 1869.467475][T10105] lowmem_reserve[]: 0 0 0 0 0 [ 1869.472992][T10105] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 1869.498989][T10105] Node 0 DMA32: 4207*4kB (UE) 6178*8kB (UME) 4305*16kB (UME) 317*32kB (UME) 265*64kB (UME) 568*128kB (UME) 496*256kB (UME) 266*512kB (UME) 101*1024kB (UME) 19*2048kB (UM) 60*4096kB (UM) = 886204kB [ 1869.520624][T10105] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1869.533284][T10105] Node 1 Normal: 9*4kB (UM) 11*8kB (UM) 12*16kB (UM) 10*32kB (UM) 9*64kB (UM) 8*128kB (UM) 4*256kB (UM) 3*512kB (UM) 3*1024kB (UM) 0*2048kB 961*4096kB (M) = 3944124kB [ 1869.551560][T10105] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1869.575484][T10105] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1869.587700][T10076] BTRFS info (device loop6): first mount of filesystem db05bf05-c4f4-4d41-ba1f-eb57295b561b [ 1869.590748][ T5781] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 1869.617600][ T5781] usb 6-1: MIDIStreaming interface descriptor not found [ 1869.626725][T10105] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1869.655790][T10076] BTRFS info (device loop6): using xxhash64 checksum algorithm [ 1869.660574][T10105] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 1869.668267][T10103] kAFS: unable to lookup cell '}1&fo3Š™ÄÌâbñ&1«˜ML³‹9ěŜâ-b.ñV1·x›˜G¼]Ì+æó‹wˆÄ‚b!±°XD,*ï‹‹%ĻĒâÝb)±´XF,+–Ë‹ÄŠb%±²XE¬*V«‹÷ˆ5Äšb-±¶XG¬+Öë‹Ä†b#ñ^±±ØDl*Þ'6-Ä–b+±µØFl+¶Û‹ÄŽb'±³ØEì*v»‹=Äžâb/±·ØGì+öû‹ććÅâ#â q°8D*‡‹‰#Ä‘â(q´8F|\+>!ŽÇ‹ĉâ$q²8E|Rœ*N§‹O‰3ħřâ,q¶8Gœ+>#Οç‹Ï‰ Ä…â"q±¸D|^\*¾ ._—‹/‰+Ä•â*ñeññUqµøš¸F|]\+¾!®ß׋Ä·ÄâÛâ&ñq³¸E|W|OÜ*¾/n?·‹;Äâ.q·¸GÜ+î?÷‹ăâ!ñ°xD<*~$?‹Ÿˆ'ÄOÅÏÄÏÅ“ââ)ñKñ´ø•xFüZ<+~#~+~'~/þ žÏ‹ÄÅ‹âOâÏâ/â%ñ²H$Fb%Nâ%A%I’%ER%MÒ%C2%K²%Gr%Oò¥˜”AºAÊ(e’2K7JY¤›¤¬R6)AÊ.ån–rJ·H¹¤[¥ÜÒmRév)¯”OÊ/Ý! [ 1869.668267][T10103] J…¤ÂR©¨TLºS*.•î’JJwK¥¤ÒR©¬TN*/U*J•¤ÊR©ªTMª.Ý#ÕjJµ¤ÚR©®TOª/5J¤{¥ÆR©©tŸÔLº_j.µZJ­¤ÖR©­ÔNj/u' [ 1869.695863][T10105] 25597 total pagecache pages [ 1869.851382][T10105] 0 pages in swap cache [ 1869.873884][T10105] Free swap = 124996kB [ 1869.936136][ T5781] usb 6-1: USB disconnect, device number 77 [ 1869.964293][T10105] Total swap = 124996kB [ 1869.978231][T10105] 2097051 pages RAM [ 1870.001891][T10076] BTRFS info (device loop6): enabling ssd optimizations [ 1870.015433][T10105] 0 pages HighMem/MovableOnly [ 1870.051435][T10105] 430879 pages reserved [ 1870.056135][T10076] BTRFS info (device loop6): turning on async discard [ 1870.075363][T10076] BTRFS info (device loop6): enabling free space tree [ 1870.078977][T10105] 0 pages cma reserved [ 1870.122853][ T5920] udevd[5920]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1870.476862][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 1870.476893][ T30] audit: type=1326 audit(2000525449.001:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10136 comm="syz.0.15489" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceea79ce59 code=0x7ffc0000 [ 1870.633160][ T30] audit: type=1326 audit(2000525449.001:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10136 comm="syz.0.15489" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceea79ce59 code=0x7ffc0000 [ 1870.777314][ T30] audit: type=1326 audit(2000525449.057:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10136 comm="syz.0.15489" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7fceea79ce59 code=0x7ffc0000 [ 1870.932663][ T30] audit: type=1326 audit(2000525449.066:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10136 comm="syz.0.15489" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceea79ce59 code=0x7ffc0000 [ 1871.067977][ T30] audit: type=1326 audit(2000525449.066:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10136 comm="syz.0.15489" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceea79ce59 code=0x7ffc0000 [ 1871.318132][T25335] BTRFS info (device loop6): last unmount of filesystem db05bf05-c4f4-4d41-ba1f-eb57295b561b [ 1871.816308][T10166] loop3: detected capacity change from 0 to 64 [ 1872.213574][T10171] loop2: detected capacity change from 0 to 64 [ 1872.265813][T10174] netlink: 24 bytes leftover after parsing attributes in process `syz.0.15506'. [ 1872.405868][T10140] loop7: detected capacity change from 0 to 32768 [ 1872.505734][T10140] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.15491 (10140) [ 1872.556261][T10178] netlink: 8 bytes leftover after parsing attributes in process `syz.5.15509'. [ 1872.647446][T10140] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1872.692861][T10140] BTRFS info (device loop7): using sha256 checksum algorithm [ 1872.725362][T10180] loop6: detected capacity change from 0 to 256 [ 1872.751172][T10180] exfat: Deprecated parameter 'utf8' [ 1872.784355][T10180] exfat: Deprecated parameter 'namecase' [ 1872.812170][T10180] exfat: Deprecated parameter 'utf8' [ 1872.897718][T10180] exfat: Deprecated parameter 'namecase' [ 1873.041357][T10140] BTRFS info (device loop7): enabling ssd optimizations [ 1873.096427][T10180] exFAT-fs (loop6): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d) [ 1873.110021][T10140] BTRFS info (device loop7): turning on async discard [ 1873.155525][T10140] BTRFS info (device loop7): enabling free space tree [ 1873.555889][T29442] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1874.854789][T10244] netlink: 'syz.5.15534': attribute type 21 has an invalid length. [ 1874.899540][T10244] netlink: 168 bytes leftover after parsing attributes in process `syz.5.15534'. [ 1875.690708][T10218] loop0: detected capacity change from 0 to 32768 [ 1875.716872][T10218] xfs: Deprecated parameter 'attr2' [ 1875.734680][T10218] XFS: attr2 mount option is deprecated. [ 1875.741471][T10218] xfs: Deprecated parameter 'attr2' [ 1875.753300][T10218] XFS: attr2 mount option is deprecated. [ 1875.794271][T10218] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1875.824020][T10218] XFS (loop0): Ending clean mount [ 1875.917357][T10218] XFS (loop0): Quotacheck needed: Please wait. [ 1876.489244][T10290] loop7: detected capacity change from 0 to 1164 [ 1876.541072][T10218] XFS (loop0): Quotacheck: Done. [ 1876.782794][T10296] loop6: detected capacity change from 0 to 4096 [ 1876.912185][T10301] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1877.324438][ T5627] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1877.670663][T10317] netlink: 'syz.6.15567': attribute type 1 has an invalid length. [ 1878.425998][T10329] m1Ie5nè‹Ò: entered promiscuous mode [ 1878.470970][T10335] netlink: 'syz.5.15575': attribute type 3 has an invalid length. [ 1878.495563][T10335] netlink: 'syz.5.15575': attribute type 3 has an invalid length. [ 1878.707122][T10338] loop3: detected capacity change from 0 to 1024 [ 1879.240823][T10357] openvswitch: netlink: Missing key (keys=40, expected=80) [ 1879.311322][T24930] usb 6-1: new high-speed USB device number 78 using dummy_hcd [ 1879.478303][T24930] usb 6-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1879.478381][T24930] usb 6-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 1879.478427][T24930] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1879.532163][T24930] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 1879.792716][T10369] m1Ie5nè‹Ò: entered promiscuous mode [ 1880.563862][T10389] loop2: detected capacity change from 0 to 4096 [ 1880.897380][T24930] gspca_stv0680: usb_control_msg error 2, request = 0x6, error = -71 [ 1880.934276][T24930] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 1880.965829][T24930] stv0680 6-1:4.0: last error: 86, command = 0x78 [ 1880.987116][T24930] usb 6-1: USB disconnect, device number 78 [ 1881.523493][ T29] usb 4-1: new high-speed USB device number 90 using dummy_hcd [ 1881.705397][ T29] usb 4-1: Using ep0 maxpacket: 32 [ 1881.718780][ T29] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 255, changing to 7 [ 1881.734994][T24930] usb 7-1: new full-speed USB device number 19 using dummy_hcd [ 1881.764492][ T29] usb 4-1: New USB device found, idVendor=0644, idProduct=800e, bcdDevice= 0.40 [ 1881.780003][ T29] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1881.797458][ T29] usb 4-1: Product: syz [ 1881.811955][ T29] usb 4-1: Manufacturer: syz [ 1881.817016][ T29] usb 4-1: SerialNumber: syz [ 1881.848151][ T29] usb 4-1: Audio class v2/v3 interfaces need an interface association [ 1881.921441][T24930] usb 7-1: config 0 has an invalid interface number: 20 but max is 0 [ 1881.952729][T24930] usb 7-1: config 0 has no interface number 0 [ 1881.985851][T24930] usb 7-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 1882.032055][T24930] usb 7-1: config 0 interface 20 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1882.052097][T24930] usb 7-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 1882.082442][ T29] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 1882.096037][T24930] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1882.104772][T24930] usb 7-1: Product: syz [ 1882.115476][T24930] usb 7-1: Manufacturer: syz [ 1882.121364][T24930] usb 7-1: SerialNumber: syz [ 1882.174545][T24930] usb 7-1: config 0 descriptor?? [ 1882.191954][T10421] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22 [ 1882.220438][T24930] usb-storage 7-1:0.20: USB Mass Storage device detected [ 1882.241404][T24930] usb-storage 7-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 1882.349889][ T29] usb 4-1: us122l: couldn't allocate write buffer [ 1882.361248][T10445] m1Ie5nè‹Ò: entered promiscuous mode [ 1882.362943][T10447] ptrace attach of "ci-upstream-kasan-badwrites-root/syz-executor exec"[5627] was attempted by ""[10447] [ 1882.378515][ T29] snd-usb-us122l 4-1:1.1: probe with driver snd-usb-us122l failed with error -22 [ 1882.453350][T24930] scsi host1: usb-storage 7-1:0.20 [ 1882.519118][ T29] usb 4-1: USB disconnect, device number 90 [ 1882.641492][ T8025] udevd[8025]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1882.766789][ T5773] usb 7-1: USB disconnect, device number 19 [ 1882.872702][T10458] loop0: detected capacity change from 0 to 512 [ 1883.275250][T10464] QAT: Stopping all acceleration devices. [ 1883.636910][T10475] ipvlan0: entered promiscuous mode [ 1883.647006][T10475] ipvlan0: entered allmulticast mode [ 1883.657592][T10475] veth0_vlan: entered allmulticast mode [ 1883.682282][ T29] usb 6-1: new high-speed USB device number 79 using dummy_hcd [ 1883.879461][ T29] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1883.911414][ T29] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1883.934497][ T29] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1883.968157][ T29] usb 6-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1883.994632][ T29] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1884.028785][T10482] loop0: detected capacity change from 0 to 4096 [ 1884.038581][ T29] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1884.071847][ T29] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1884.099514][ T29] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1884.120521][ T29] usb 6-1: Product: syz [ 1884.132076][ T29] usb 6-1: Manufacturer: syz [ 1884.158908][T10482] ntfs3(loop0): Failed to load $Extend (-22). [ 1884.171156][ T29] cdc_wdm 6-1:1.0: skipping garbage [ 1884.179326][T10482] ntfs3(loop0): Failed to initialize $Extend. [ 1884.197372][ T29] cdc_wdm 6-1:1.0: skipping garbage [ 1884.343414][ T29] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 1884.397516][ T29] cdc_wdm 6-1:1.0: Unknown control protocol [ 1884.452233][ T29] usb 6-1: USB disconnect, device number 79 [ 1884.810502][T10502] loop3: detected capacity change from 0 to 2048 [ 1884.882239][T10502] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1884.973111][T10507] loop6: detected capacity change from 0 to 1024 [ 1885.025193][T10507] EXT4-fs: inline encryption not supported [ 1885.106460][T10507] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 1885.160470][T10507] ext4 filesystem being mounted at /1240/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1885.357758][T25335] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 1886.062625][T10543] openvswitch: netlink: Unexpected mask (mask=4000040, allowed=10048) [ 1886.327047][T10549] loop7: detected capacity change from 0 to 1024 [ 1886.405901][T10553] netdevsim netdevsim5 netdevsim0: entered promiscuous mode [ 1886.434732][T10553] netdevsim netdevsim5 netdevsim0: left allmulticast mode [ 1886.464913][T10553] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1886.820161][T10563] loop0: detected capacity change from 0 to 1024 [ 1886.903482][T10570] dlm: Unknown command passed to DLM device : 128 [ 1886.903482][T10570] [ 1887.238989][T10577] netlink: 8 bytes leftover after parsing attributes in process `syz.3.15690'. [ 1887.302157][T10583] loop6: detected capacity change from 0 to 16 [ 1887.354157][ T1308] ieee802154 phy1 wpan1: encryption failed: -22 [ 1887.437343][T10583] erofs (device loop6): mounted with root inode @ nid 36. [ 1887.494067][T10583] erofs (device loop6): compressed inode (nid 83) is invalid in a plain filesystem [ 1888.252859][T10603] loop6: detected capacity change from 0 to 4096 [ 1888.296453][T10603] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 1888.424019][T10603] ntfs3(loop6): ino=19, mi_enum_attr [ 1888.443117][T10603] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 1888.664306][T10622] xt_recent: Unsupported userspace flags (000000de) [ 1888.771905][T10616] loop7: detected capacity change from 0 to 4096 [ 1889.099327][T10634] netlink: 'syz.5.15720': attribute type 4 has an invalid length. [ 1889.288791][T10638] xt_l2tp: missing protocol rule (udp|l2tpip) [ 1889.921603][T10657] usb usb5: usbfs: process 10657 (syz.6.15731) did not claim interface 0 before use [ 1890.261069][T10667] loop6: detected capacity change from 0 to 64 [ 1890.625444][ T30] audit: type=1326 audit(2000525467.845:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.7.15740" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd7b9ce59 code=0x7ffc0000 [ 1890.757351][ T30] audit: type=1326 audit(2000525467.845:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.7.15740" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd7b9ce59 code=0x7ffc0000 [ 1890.872730][ T30] audit: type=1326 audit(2000525467.883:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.7.15740" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd7b9ce59 code=0x7ffc0000 [ 1890.938312][T10683] loop5: detected capacity change from 0 to 1024 [ 1890.972347][ T30] audit: type=1326 audit(2000525467.883:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.7.15740" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd7b9ce59 code=0x7ffc0000 [ 1891.030119][T10689] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:11d2:0:5efe:150.125.240.108, load rds_tcp or rds_rdma? [ 1891.043633][ T30] audit: type=1326 audit(2000525467.883:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.7.15740" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7fbfd7b9ce59 code=0x7ffc0000 [ 1891.043726][ T30] audit: type=1326 audit(2000525467.883:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.7.15740" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd7b9ce59 code=0x7ffc0000 [ 1891.293359][ T30] audit: type=1326 audit(2000525467.883:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.7.15740" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fbfd7b9ce59 code=0x7ffc0000 [ 1891.403264][ T30] audit: type=1326 audit(2000525467.883:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.7.15740" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fbfd7b9ce59 code=0x7ffc0000 [ 1891.675163][T10656] loop0: detected capacity change from 0 to 32768 [ 1891.721415][T10656] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1891.777217][T10656] XFS (loop0): Ending clean mount [ 1891.924472][T10721] netlink: 4 bytes leftover after parsing attributes in process `syz.3.15759'. [ 1892.004093][ T5627] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1892.732369][T10737] loop5: detected capacity change from 0 to 1024 [ 1893.258539][T10751] vivid-000: disconnect [ 1893.348820][T10747] vivid-000: reconnect [ 1893.558645][ T30] audit: type=1326 audit(2000525470.596:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10756 comm="syz.7.15775" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd7b9ce59 code=0x7ffc0000 [ 1893.584411][ T5781] usb 1-1: new full-speed USB device number 74 using dummy_hcd [ 1893.671056][ T30] audit: type=1326 audit(2000525470.643:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10756 comm="syz.7.15775" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd7b9ce59 code=0x7ffc0000 [ 1893.803529][ T5781] usb 1-1: config 0 has an invalid interface number: 20 but max is 0 [ 1893.822676][ T5781] usb 1-1: config 0 has no interface number 0 [ 1893.841786][ T5781] usb 1-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 1893.885950][ T5781] usb 1-1: config 0 interface 20 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1893.930003][ T5781] usb 1-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 1893.949922][ T5781] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1893.978686][ T5781] usb 1-1: Product: syz [ 1893.994074][ T5781] usb 1-1: Manufacturer: syz [ 1894.005437][ T5781] usb 1-1: SerialNumber: syz [ 1894.035785][ T5781] usb 1-1: config 0 descriptor?? [ 1894.063604][T10754] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1894.083409][T10763] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1894.097985][ T5781] usb-storage 1-1:0.20: USB Mass Storage device detected [ 1894.133015][ T5781] usb-storage 1-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 1894.207424][T10768] loop2: detected capacity change from 0 to 4096 [ 1894.225857][T10734] loop3: detected capacity change from 0 to 32768 [ 1894.262556][T10768] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1894.271448][T10775] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 2198483648 out of range (51000000..2150000000) [ 1894.302818][T10768] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0103] [ 1894.356308][ T5781] scsi host1: usb-storage 1-1:0.20 [ 1894.362309][T10768] System zones: 0-5 [ 1894.393657][T10734] JBD2: Ignoring recovery information on journal [ 1894.425861][T10768] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1894.533606][T10734] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 1894.657509][T10787] netlink: 'syz.6.15785': attribute type 11 has an invalid length. [ 1894.697874][T10787] netlink: 224 bytes leftover after parsing attributes in process `syz.6.15785'. [ 1894.737088][T24930] usb 1-1: USB disconnect, device number 74 [ 1894.870745][ T5626] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1895.253442][T10796] loop6: detected capacity change from 0 to 2048 [ 1895.312784][T10734] Process accounting paused [ 1895.312837][T10796] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1895.536951][ T5635] ocfs2: Unmounting device (7,3) on (node local) [ 1895.738676][T10806] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15797'. [ 1895.780050][T10806] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15797'. [ 1895.842195][T10806] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15797'. [ 1895.885980][T10806] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15797'. [ 1895.916759][T10815] loop7: detected capacity change from 0 to 1024 [ 1895.927135][T10806] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15797'. [ 1895.987683][T10806] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15797'. [ 1896.034044][T10806] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15797'. [ 1896.035200][T10814] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 1896.086388][T10806] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15797'. [ 1896.115620][T10806] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15797'. [ 1896.509029][T10829] CIFS mount error: No usable UNC path provided in device string! [ 1896.509029][T10829] [ 1896.594864][T10829] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1896.690119][T24930] usb 4-1: new high-speed USB device number 91 using dummy_hcd [ 1896.892278][T24930] usb 4-1: Using ep0 maxpacket: 32 [ 1896.911978][T24930] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1896.938404][T10840] loop5: detected capacity change from 0 to 2048 [ 1896.952214][T24930] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1897.002133][T10840] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1897.015104][T24930] usb 4-1: New USB device found, idVendor=3b82, idProduct=00eb, bcdDevice= 0.40 [ 1897.039187][T24930] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=8 [ 1897.073057][T24930] usb 4-1: Product: syz [ 1897.088707][T24930] usb 4-1: Manufacturer: syz [ 1897.108905][T24930] usb 4-1: SerialNumber: syz [ 1897.400614][T24930] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 1897.423920][T24930] usb 4-1: MIDIStreaming interface descriptor not found [ 1897.675948][T10861] /dev/nullb0: Can't open blockdev [ 1897.690444][T24930] usb 4-1: USB disconnect, device number 91 [ 1897.940055][T11542] udevd[11542]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1898.060178][T10871] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 1898.215134][T10875] usb usb7: usbfs: process 10875 (syz.0.15828) did not claim interface 0 before use [ 1898.559916][T10889] xt_hashlimit: max too large, truncated to 1048576 [ 1898.905854][T10901] loop0: detected capacity change from 0 to 64 [ 1899.106308][T10905] netlink: 'syz.3.15845': attribute type 3 has an invalid length. [ 1899.392830][ T5781] usb 3-1: new high-speed USB device number 85 using dummy_hcd [ 1899.431277][T10918] loop5: detected capacity change from 0 to 256 [ 1899.512049][T10918] FAT-fs (loop5): Directory bread(block 64) failed [ 1899.528728][T10918] FAT-fs (loop5): Directory bread(block 65) failed [ 1899.563201][T10918] FAT-fs (loop5): Directory bread(block 66) failed [ 1899.576706][ T5781] usb 3-1: Using ep0 maxpacket: 32 [ 1899.601369][T10918] FAT-fs (loop5): Directory bread(block 67) failed [ 1899.621413][ T5781] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1899.634700][T10918] FAT-fs (loop5): Directory bread(block 68) failed [ 1899.649437][ T5781] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1899.665336][T10918] FAT-fs (loop5): Directory bread(block 69) failed [ 1899.687004][T10918] FAT-fs (loop5): Directory bread(block 70) failed [ 1899.705920][ T5781] usb 3-1: New USB device found, idVendor=3b82, idProduct=00eb, bcdDevice= 0.40 [ 1899.731981][T10918] FAT-fs (loop5): Directory bread(block 71) failed [ 1899.746684][ T5781] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=8 [ 1899.767045][T10918] FAT-fs (loop5): Directory bread(block 72) failed [ 1899.776821][ T5781] usb 3-1: Product: syz [ 1899.786867][ T5781] usb 3-1: Manufacturer: syz [ 1899.798806][ T5781] usb 3-1: SerialNumber: syz [ 1899.824508][T10918] FAT-fs (loop5): Directory bread(block 73) failed [ 1899.916851][T10928] loop6: detected capacity change from 0 to 512 [ 1899.928776][T10928] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1900.094610][ T5781] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 1900.104644][ T5781] usb 3-1: MIDIStreaming interface descriptor not found [ 1900.144018][T10928] EXT4-fs error (device loop6): mb_free_blocks:2046: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 1900.173626][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 1900.180262][ C0] EXT4-fs (loop6): initial error at time 2000525476: mb_free_blocks:2046: inode 11: block 64 [ 1900.190594][ C0] EXT4-fs (loop6): last error at time 2000525476: mb_free_blocks:2046: inode 11: block 64 [ 1900.224028][T10928] EXT4-fs error (device loop6): ext4_do_update_inode:5690: inode #11: comm syz.6.15854: corrupted inode contents [ 1900.305350][T10928] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1900.309659][T10928] EXT4-fs error (device loop6): ext4_dirty_inode:6587: inode #11: comm syz.6.15854: mark_inode_dirty error [ 1900.400362][ T5781] usb 3-1: USB disconnect, device number 85 [ 1900.408615][T10928] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1900.410969][T10928] EXT4-fs error (device loop6): ext4_free_branches:1020: inode #11: comm syz.6.15854: invalid indirect mapped block 1 (level 1) [ 1900.450683][T10928] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1900.451936][T10928] EXT4-fs error (device loop6): ext4_do_update_inode:5690: inode #11: comm syz.6.15854: corrupted inode contents [ 1900.609192][T10928] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1900.609846][T10928] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem [ 1900.640856][T11542] udevd[11542]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1900.713948][T10928] loop6: lost filesystem error report for type 5 error -117 [ 1900.714523][T10928] EXT4-fs error (device loop6): ext4_do_update_inode:5690: inode #11: comm syz.6.15854: corrupted inode contents [ 1900.783376][T10928] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1900.783993][T10928] EXT4-fs error (device loop6): ext4_truncate:4690: inode #11: comm syz.6.15854: mark_inode_dirty error [ 1900.847002][T10928] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1900.847580][T10928] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem [ 1900.874738][T10909] Process accounting paused [ 1900.912998][T10928] loop6: lost filesystem error report for type 5 error -117 [ 1900.913675][T10928] EXT4-fs (loop6): 1 truncate cleaned up [ 1901.003945][T10928] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1901.100476][T10955] xt_policy: too many policy elements [ 1901.200497][T10928] EXT4-fs error (device loop6): ext4_find_dest_de:2049: inode #2: block 13: comm syz.6.15854: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0 [ 1901.363176][T10961] netlink: 'syz.5.15869': attribute type 3 has an invalid length. [ 1901.403594][T25335] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1901.555204][T10969] __nla_validate_parse: 12 callbacks suppressed [ 1901.555235][T10969] netlink: 12 bytes leftover after parsing attributes in process `syz.7.15885'. [ 1901.734248][T10978] netlink: 16 bytes leftover after parsing attributes in process `syz.3.15877'. [ 1902.053185][T10989] tmpfs: Bad value for 'mpol' [ 1902.069410][T10982] bridge4: the hash_elasticity option has been deprecated and is always 16 [ 1902.674649][ T5781] usb 4-1: new high-speed USB device number 92 using dummy_hcd [ 1902.856523][ T5781] usb 4-1: Using ep0 maxpacket: 32 [ 1902.864335][T11011] netlink: 8 bytes leftover after parsing attributes in process `syz.6.15893'. [ 1902.893122][ T5781] usb 4-1: config 155 has an invalid interface number: 1 but max is 0 [ 1902.917389][T11009] loop0: detected capacity change from 0 to 2048 [ 1902.926824][ T5781] usb 4-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config [ 1902.958530][T11009] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xa1 != 0xd4 [ 1902.980238][ T5781] usb 4-1: config 155 has 2 interfaces, different from the descriptor's value: 1 [ 1903.034446][ T5781] usb 4-1: config 155 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 11 [ 1903.043733][T11009] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1903.099324][ T5781] usb 4-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30 [ 1903.128799][ T5781] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1903.141737][T11015] netlink: 'syz.2.15895': attribute type 1 has an invalid length. [ 1903.169688][ T5781] usb 4-1: Product: syz [ 1903.190257][ T5781] usb 4-1: Manufacturer: syz [ 1903.217453][ T5781] usb 4-1: SerialNumber: syz [ 1903.277127][ T5781] imon:imon_find_endpoints: no valid input (IR) endpoint found [ 1903.309914][ T5781] imon 4-1:155.0: unable to initialize intf0, err -19 [ 1903.340495][ T5781] imon:imon_probe: failed to initialize context! [ 1903.347893][T10974] loop5: detected capacity change from 0 to 40427 [ 1903.364769][ T5781] imon 4-1:155.0: unable to register, err -19 [ 1903.404318][ T5781] imon 4-1:155.1: inconsistent driver matching [ 1903.421474][T10974] F2FS-fs (loop5): invalid crc value [ 1903.439359][ T5781] imon 4-1:155.1: unable to register, err -22 [ 1903.471306][ T5781] imon 4-1:155.1: probe with driver imon failed with error -22 [ 1903.517223][T11022] openvswitch: netlink: Unexpected mask (mask=40040, allowed=10048) [ 1903.537199][ T5781] usb 4-1: USB disconnect, device number 92 [ 1903.626736][T11026] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1903.879209][T10974] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1904.127270][T10974] F2FS-fs (loop5): Start checkpoint disabled! [ 1904.423336][T10974] F2FS-fs (loop5): f2fs_disable_checkpoint() finish, err:0 [ 1904.445124][T10974] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 1904.834624][T11062] loop2: detected capacity change from 0 to 24 [ 1904.883389][T11062] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 1904.970786][T11062] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1904.979087][T30473] kworker/u8:12: attempt to access beyond end of device [ 1904.979087][T30473] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1905.112324][T30473] CPU: 1 UID: 0 PID: 30473 Comm: kworker/u8:12 Tainted: G L syzkaller #0 PREEMPT(full) [ 1905.112384][T30473] Tainted: [L]=SOFTLOCKUP [ 1905.112398][T30473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1905.112425][T30473] Workqueue: writeback wb_workfn (flush-7:5) [ 1905.112503][T30473] Call Trace: [ 1905.112517][T30473] [ 1905.112532][T30473] dump_stack_lvl+0x100/0x190 [ 1905.112580][T30473] f2fs_stop_checkpoint+0x600/0x9b0 [ 1905.112623][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.112673][T30473] ? errseq_set+0xe3/0x150 [ 1905.112721][T30473] ? errseq_set+0xe3/0x150 [ 1905.112764][T30473] f2fs_write_end_io+0xf59/0x1340 [ 1905.112817][T30473] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 1905.112875][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.112934][T30473] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 1905.112978][T30473] bio_endio+0x78f/0x8f0 [ 1905.113043][T30473] submit_bio_noacct+0x64c/0x2000 [ 1905.113103][T30473] f2fs_submit_write_bio+0x135/0x340 [ 1905.113175][T30473] __submit_merged_bio+0x331/0x780 [ 1905.113228][T30473] __submit_merged_write_cond+0x3fe/0x510 [ 1905.113283][T30473] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 1905.113341][T30473] ? __pfx___might_resched+0x10/0x10 [ 1905.113403][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.113462][T30473] f2fs_write_cache_pages+0x20e9/0x2630 [ 1905.113541][T30473] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 1905.113593][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.113651][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.113700][T30473] ? kfree_skbmem+0x19f/0x210 [ 1905.113766][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.113814][T30473] ? sk_skb_reason_drop+0x114/0x1b0 [ 1905.113876][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.113925][T30473] ? sit_tunnel_xmit+0x29e/0x2080 [ 1905.113990][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.114038][T30473] ? __lock_acquire+0x4a5/0x2630 [ 1905.114144][T30473] ? unwind_next_frame+0x3be/0x2090 [ 1905.114204][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.114259][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.114307][T30473] ? rcu_is_watching+0x12/0xc0 [ 1905.114374][T30473] f2fs_write_data_pages+0x799/0x16d0 [ 1905.114442][T30473] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1905.114493][T30473] ? __lock_acquire+0x4a5/0x2630 [ 1905.114552][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.114656][T30473] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1905.114714][T30473] do_writepages+0x278/0x600 [ 1905.114760][T30473] ? __pfx_do_writepages+0x10/0x10 [ 1905.114799][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.114860][T30473] __writeback_single_inode+0x164/0x1350 [ 1905.114924][T30473] ? find_held_lock+0x2b/0x80 [ 1905.114989][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.115039][T30473] ? __pfx___writeback_single_inode+0x10/0x10 [ 1905.115103][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.115149][T30473] ? do_raw_spin_unlock+0x145/0x1e0 [ 1905.115206][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.115263][T30473] writeback_sb_inodes+0x766/0x1c60 [ 1905.115358][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.115415][T30473] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 1905.115562][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.115613][T30473] ? rcu_is_watching+0x12/0xc0 [ 1905.115675][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.115722][T30473] ? queue_io+0x287/0x540 [ 1905.115779][T30473] wb_writeback+0x1bf/0xb90 [ 1905.115862][T30473] ? __pfx_wb_writeback+0x10/0x10 [ 1905.115937][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.115985][T30473] ? mark_held_locks+0x40/0x70 [ 1905.116032][T30473] ? _raw_spin_unlock_irq+0x23/0x50 [ 1905.116102][T30473] wb_workfn+0x14f/0xc00 [ 1905.116247][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.116299][T30473] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1905.116366][T30473] ? __pfx_wb_workfn+0x10/0x10 [ 1905.116433][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.116486][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.116563][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.116610][T30473] ? rcu_is_watching+0x12/0xc0 [ 1905.116668][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.116724][T30473] process_one_work+0xa0e/0x1980 [ 1905.116797][T30473] ? __pfx_process_one_work+0x10/0x10 [ 1905.116851][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.116916][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.116972][T30473] worker_thread+0x5ef/0xe50 [ 1905.117034][T30473] ? __pfx_worker_thread+0x10/0x10 [ 1905.117087][T30473] ? kthread+0x13a/0x450 [ 1905.117128][T30473] ? __pfx_worker_thread+0x10/0x10 [ 1905.117176][T30473] kthread+0x370/0x450 [ 1905.117218][T30473] ? __pfx_kthread+0x10/0x10 [ 1905.117264][T30473] ret_from_fork+0x72b/0xd50 [ 1905.117314][T30473] ? __pfx_ret_from_fork+0x10/0x10 [ 1905.117362][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1905.117407][T30473] ? __switch_to+0x800/0x1100 [ 1905.117465][T30473] ? __switch_to_asm+0x39/0x70 [ 1905.117524][T30473] ? __pfx_kthread+0x10/0x10 [ 1905.117578][T30473] ret_from_fork_asm+0x1a/0x30 [ 1905.117666][T30473] [ 1905.611787][T30473] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 1906.750280][T11091] ieee802154 phy1 wpan1: encryption failed: -22 [ 1906.884561][T11095] netlink: 4 bytes leftover after parsing attributes in process `syz.7.15933'. [ 1907.690384][T11121] bad cache= option: no%e [ 1907.690384][T11121] [ 1907.737878][T11121] CIFS: VFS: bad cache= option: no%e [ 1907.796928][T11119] loop6: detected capacity change from 0 to 2048 [ 1907.958443][T11119] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 1908.141990][T11119] EXT4-fs error (device loop6): ext4_find_inline_data_nolock:168: inode #12: comm syz.6.15945: inline data xattr refers to an external xattr inode [ 1908.420703][T25335] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 1908.652119][T11142] loop3: detected capacity change from 0 to 2048 [ 1908.734541][T11142] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1908.878759][T11154] netlink: 'syz.2.15961': attribute type 4 has an invalid length. [ 1908.985613][T11117] loop7: detected capacity change from 0 to 32768 [ 1909.040304][T11117] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.15944 (11117) [ 1909.084891][T11117] BTRFS error: failed to open device for path /dev/loop7 with flags 0x23: -13 [ 1909.548412][T11170] ieee802154 phy1 wpan1: encryption failed: -22 [ 1909.614133][T11169] loop6: detected capacity change from 0 to 2048 [ 1909.700818][T11169] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1910.005308][ T5781] usb 6-1: new full-speed USB device number 80 using dummy_hcd [ 1910.167169][T25335] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1910.217831][ T5781] usb 6-1: config 0 has an invalid interface number: 104 but max is 1 [ 1910.260110][ T5781] usb 6-1: config 0 has an invalid interface number: 104 but max is 1 [ 1910.309561][ T5781] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 1910.353780][ T5781] usb 6-1: config 0 has no interface number 0 [ 1910.389341][ T5781] usb 6-1: config 0 interface 104 altsetting 0 endpoint 0x8 has invalid maxpacket 12288, setting to 64 [ 1910.457366][ T5781] usb 6-1: config 0 interface 104 has no altsetting 1 [ 1910.492139][ T5781] usb 6-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice= 0.00 [ 1910.505663][T11194] autofs4:pid:11194:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(768.1), cmd(0xc0189375) [ 1910.533519][ T5781] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1910.538309][T11194] autofs4:pid:11194:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189375) [ 1910.555532][ T5781] usb 6-1: Product: syz [ 1910.574290][ T5781] usb 6-1: Manufacturer: syz [ 1910.585564][ T5781] usb 6-1: SerialNumber: syz [ 1910.622461][ T5781] usb 6-1: config 0 descriptor?? [ 1910.673924][ T5781] asix 6-1:0.104: probe with driver asix failed with error -22 [ 1910.866520][T11203] netlink: 'syz.2.15984': attribute type 1 has an invalid length. [ 1910.897343][T11207] netlink: 'syz.7.15985': attribute type 1 has an invalid length. [ 1910.955163][T11207] netlink: 288 bytes leftover after parsing attributes in process `syz.7.15985'. [ 1911.005282][ T5781] usb 6-1: USB disconnect, device number 80 [ 1911.720250][T11223] netlink: 520 bytes leftover after parsing attributes in process `syz.0.15994'. [ 1911.870066][T11225] 9pnet: Found fid 0 not clunked [ 1911.885474][T11227] loop3: detected capacity change from 0 to 512 [ 1911.895295][T11191] loop6: detected capacity change from 0 to 40427 [ 1911.914295][T11227] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 1911.935980][T11191] F2FS-fs (loop6): invalid crc value [ 1911.943034][T11227] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1911.974191][T11227] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 1912.015352][T11227] System zones: 0-2, 18-18, 34-35 [ 1912.025367][T11227] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1912.042934][T11227] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1912.290625][T11231] loop0: detected capacity change from 0 to 4096 [ 1912.378769][T11191] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1912.403671][T11231] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 1912.444075][T11231] ntfs3(loop0): ino=3, ntfs_set_state failed, -22. [ 1912.474116][T11231] ntfs3(loop0): Failed to initialize $Extend/$ObjId. [ 1912.536790][T11191] F2FS-fs (loop6): Start checkpoint disabled! [ 1912.701505][T11191] F2FS-fs (loop6): f2fs_disable_checkpoint() finish, err:0 [ 1912.709673][T30486] ntfs3(loop0): ino=3, ntfs3_write_inode failed, -22. [ 1912.717335][T11191] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6 [ 1913.048202][T30473] kworker/u8:12: attempt to access beyond end of device [ 1913.048202][T30473] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1913.123254][T30473] CPU: 1 UID: 0 PID: 30473 Comm: kworker/u8:12 Tainted: G L syzkaller #0 PREEMPT(full) [ 1913.123318][T30473] Tainted: [L]=SOFTLOCKUP [ 1913.123333][T30473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1913.123360][T30473] Workqueue: writeback wb_workfn (flush-7:6) [ 1913.123436][T30473] Call Trace: [ 1913.123449][T30473] [ 1913.123463][T30473] dump_stack_lvl+0x100/0x190 [ 1913.123507][T30473] f2fs_stop_checkpoint+0x600/0x9b0 [ 1913.123556][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.123602][T30473] ? errseq_set+0xe3/0x150 [ 1913.123645][T30473] ? errseq_set+0xe3/0x150 [ 1913.123688][T30473] f2fs_write_end_io+0xf59/0x1340 [ 1913.123737][T30473] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 1913.123786][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.123842][T30473] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 1913.123886][T30473] bio_endio+0x78f/0x8f0 [ 1913.123949][T30473] submit_bio_noacct+0x64c/0x2000 [ 1913.124008][T30473] f2fs_submit_write_bio+0x135/0x340 [ 1913.124078][T30473] __submit_merged_bio+0x331/0x780 [ 1913.124129][T30473] __submit_merged_write_cond+0x3fe/0x510 [ 1913.124184][T30473] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 1913.124241][T30473] ? __pfx___might_resched+0x10/0x10 [ 1913.124298][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.124354][T30473] f2fs_write_cache_pages+0x20e9/0x2630 [ 1913.124439][T30473] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 1913.124501][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.124558][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.124614][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.124662][T30473] ? __lock_acquire+0x4a5/0x2630 [ 1913.124754][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.124801][T30473] ? do_raw_spin_unlock+0x145/0x1e0 [ 1913.124900][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.124948][T30473] ? find_held_lock+0x2b/0x80 [ 1913.125010][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.125058][T30473] ? rcu_is_watching+0x12/0xc0 [ 1913.125124][T30473] f2fs_write_data_pages+0x799/0x16d0 [ 1913.125178][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.125225][T30473] ? trace_f2fs_writepages.constprop.0+0x75/0x230 [ 1913.125296][T30473] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1913.125357][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.125411][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.125460][T30473] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1913.125517][T30473] do_writepages+0x278/0x600 [ 1913.125568][T30473] ? __pfx_do_writepages+0x10/0x10 [ 1913.125608][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.125663][T30473] __writeback_single_inode+0x164/0x1350 [ 1913.125726][T30473] ? find_held_lock+0x2b/0x80 [ 1913.125790][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.125840][T30473] ? __pfx___writeback_single_inode+0x10/0x10 [ 1913.125903][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.125947][T30473] ? do_raw_spin_unlock+0x145/0x1e0 [ 1913.126005][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.126061][T30473] writeback_sb_inodes+0x766/0x1c60 [ 1913.126148][T30473] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 1913.126210][T30473] ? do_raw_spin_lock+0x128/0x260 [ 1913.126267][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.126372][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.126419][T30473] ? rcu_is_watching+0x12/0xc0 [ 1913.126476][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.126523][T30473] ? queue_io+0x287/0x540 [ 1913.126591][T30473] wb_writeback+0x1bf/0xb90 [ 1913.126671][T30473] ? __pfx_wb_writeback+0x10/0x10 [ 1913.126748][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.126794][T30473] ? mark_held_locks+0x40/0x70 [ 1913.126840][T30473] ? _raw_spin_unlock_irq+0x23/0x50 [ 1913.126909][T30473] wb_workfn+0x14f/0xc00 [ 1913.126976][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.127023][T30473] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1913.127089][T30473] ? __pfx_wb_workfn+0x10/0x10 [ 1913.127155][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.127207][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.127258][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.127305][T30473] ? rcu_is_watching+0x12/0xc0 [ 1913.127360][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.127415][T30473] process_one_work+0xa0e/0x1980 [ 1913.127487][T30473] ? __pfx_process_one_work+0x10/0x10 [ 1913.127534][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.127610][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.127665][T30473] worker_thread+0x5ef/0xe50 [ 1913.127727][T30473] ? __pfx_worker_thread+0x10/0x10 [ 1913.127778][T30473] ? kthread+0x13a/0x450 [ 1913.127820][T30473] ? __pfx_worker_thread+0x10/0x10 [ 1913.127875][T30473] kthread+0x370/0x450 [ 1913.127917][T30473] ? __pfx_kthread+0x10/0x10 [ 1913.127963][T30473] ret_from_fork+0x72b/0xd50 [ 1913.128013][T30473] ? __pfx_ret_from_fork+0x10/0x10 [ 1913.128060][T30473] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1913.128106][T30473] ? __switch_to+0x800/0x1100 [ 1913.128160][T30473] ? __switch_to_asm+0x39/0x70 [ 1913.128212][T30473] ? __pfx_kthread+0x10/0x10 [ 1913.128258][T30473] ret_from_fork_asm+0x1a/0x30 [ 1913.128336][T30473] [ 1913.157014][T11244] loop3: detected capacity change from 0 to 2048 [ 1913.286586][T30473] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 1913.693416][T11244] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1913.758715][ T30] kauditd_printk_skb: 7 callbacks suppressed [ 1913.758743][ T30] audit: type=1800 audit(2000525489.497:381): pid=11244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.16003" name="file1" dev="loop3" ino=1367 res=0 errno=0 [ 1913.995232][T11235] loop2: detected capacity change from 0 to 32768 [ 1914.032471][T11252] bond4: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0) [ 1914.104664][T11235] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1914.120335][T11252] bond4 (unregistering): Released all slaves [ 1914.197935][T11268] netlink: 'syz.5.16012': attribute type 1 has an invalid length. [ 1914.209653][T11268] netlink: 'syz.5.16012': attribute type 3 has an invalid length. [ 1914.217927][T11268] netlink: 224 bytes leftover after parsing attributes in process `syz.5.16012'. [ 1914.222231][T11235] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x50. [ 1914.313046][T11270] loop5: detected capacity change from 0 to 256 [ 1914.373435][T11235] XFS (loop2): Tail block (0x29) overwrite detected. Updated to 0x30 [ 1914.417998][T11235] XFS (loop2): Ending clean mount [ 1914.550775][T11270] FAT-fs (loop5): Directory bread(block 64) failed [ 1914.589962][T11270] FAT-fs (loop5): Directory bread(block 65) failed [ 1914.611051][T11270] FAT-fs (loop5): Directory bread(block 66) failed [ 1914.656546][T11270] FAT-fs (loop5): Directory bread(block 67) failed [ 1914.704097][T11270] FAT-fs (loop5): Directory bread(block 68) failed [ 1914.738318][T11270] FAT-fs (loop5): Directory bread(block 69) failed [ 1914.758000][T11270] FAT-fs (loop5): Directory bread(block 70) failed [ 1914.764987][T11270] FAT-fs (loop5): Directory bread(block 71) failed [ 1914.816743][T11270] FAT-fs (loop5): Directory bread(block 72) failed [ 1914.850193][T11270] FAT-fs (loop5): Directory bread(block 73) failed [ 1914.886851][T11274] loop3: detected capacity change from 0 to 2048 [ 1914.928349][ T5626] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1914.962321][T11274] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1915.605048][T11286] loop3: detected capacity change from 0 to 1024 [ 1915.633155][T11286] EXT4-fs: Ignoring removed bh option [ 1915.711150][T11286] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1915.873012][ T24] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 1916.064994][ T24] usb 7-1: Using ep0 maxpacket: 8 [ 1916.089467][ T24] usb 7-1: config 0 has an invalid interface number: 55 but max is 0 [ 1916.108803][ T24] usb 7-1: config 0 has no interface number 0 [ 1916.121064][T11286] EXT4-fs error (device loop3): ext4_get_first_dir_block:3548: inode #11: comm syz.3.16021: directory missing '.' [ 1916.152813][ T24] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1916.195648][ T24] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 1916.215208][T11286] EXT4-fs (loop3): Remounting filesystem read-only [ 1916.278823][ T24] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1916.280612][T11298] loop5: detected capacity change from 0 to 512 [ 1916.305546][ T24] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 1916.329774][T11298] EXT4-fs: Ignoring removed bh option [ 1916.349941][T11298] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 1916.352767][ T24] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 1916.408406][T11298] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 1916.436430][ T24] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 1916.466018][ T5635] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1916.475758][T11298] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended [ 1916.482477][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1916.501928][T11298] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 1916.637962][ T24] usb 7-1: config 0 descriptor?? [ 1916.664698][T11298] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1916.694042][ T24] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 1916.939563][ T5632] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1917.153534][T11287] ldusb 7-1:0.55: Couldn't submit interrupt_in_urb -90 [ 1917.205890][ T5773] usb 7-1: USB disconnect, device number 20 [ 1917.238703][ T5773] ldusb 7-1:0.55: LD USB Device #0 now disconnected [ 1917.550455][ T5781] usb 3-1: new high-speed USB device number 86 using dummy_hcd [ 1917.756556][ T5781] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1917.789846][ T5781] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1917.830370][ T5781] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1917.865947][ T5781] usb 3-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice= 0.40 [ 1917.897645][ T5781] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1917.926498][ T5781] usb 3-1: Product: syz [ 1917.944153][ T5781] usb 3-1: Manufacturer: syz [ 1917.973421][ T5781] usb 3-1: SerialNumber: syz [ 1918.035465][ T5781] usb 3-1: selecting invalid altsetting 1 [ 1918.058733][ T5781] usb 3-1: unit 6 not found! [ 1918.240959][T11319] loop0: detected capacity change from 0 to 32768 [ 1918.296834][T11319] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1918.409794][T11319] XFS (loop0): Ending clean mount [ 1918.469217][ T5781] usb 3-1: 2:0: cannot get min/max values for control 1 (id 2) [ 1918.708562][T11329] loop7: detected capacity change from 0 to 32768 [ 1918.730352][T11360] loop6: detected capacity change from 0 to 512 [ 1918.766049][ T5781] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 1918.782665][T11362] loop3: detected capacity change from 0 to 8 [ 1918.811163][ T5781] usb 3-1: USB disconnect, device number 86 [ 1918.831539][ T5627] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1918.837114][T11360] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1918.868755][T11360] ext4 filesystem being mounted at /1298/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1918.960245][T11362] SQUASHFS error: Failed to read block 0x8f: -5 [ 1919.018840][ T30] audit: type=1800 audit(2000525494.410:382): pid=11362 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.16049" name="file1" dev="loop3" ino=5 res=0 errno=0 [ 1919.033613][T11360] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1314: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 1919.116763][ T8025] udevd[8025]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1919.617765][T25335] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1919.750876][T11374] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1919.766792][T11373] loop2: detected capacity change from 0 to 2048 [ 1919.824295][T11373] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 160: 0xa1 != 0xd4 [ 1919.869151][T11373] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1919.896691][T11378] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16057'. [ 1921.220073][T11411] IPv6: NLM_F_CREATE should be specified when creating new route [ 1921.375656][T11413] netlink: 92 bytes leftover after parsing attributes in process `syz.6.16073'. [ 1921.659284][T30471] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1921.695691][T30471] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1921.900233][T24930] usb 3-1: new high-speed USB device number 87 using dummy_hcd [ 1922.151199][T24930] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1922.194915][T24930] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1922.238073][T24930] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1922.268150][T30471] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1922.305760][T24930] usb 3-1: New USB device found, idVendor=04b4, idProduct=0384, bcdDevice= 0.40 [ 1922.342085][T24930] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1922.342821][T30471] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1922.386669][T24930] usb 3-1: Product: syz [ 1922.418224][T24930] usb 3-1: Manufacturer: syz [ 1922.429326][T11442] loop0: detected capacity change from 0 to 16 [ 1922.448541][T24930] usb 3-1: SerialNumber: syz [ 1922.538069][T11442] erofs (device loop0): mounted with root inode @ nid 36. [ 1922.833515][T24930] snd-usb-hiface 3-1:1.0: probe with driver snd-usb-hiface failed with error -22 [ 1922.858829][T11451] loop6: detected capacity change from 0 to 512 [ 1922.911048][T11451] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 1923.029041][T11451] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002] [ 1923.077184][T11451] EXT4-fs (loop6): orphan cleanup on readonly fs [ 1923.102558][T11451] EXT4-fs error (device loop6): ext4_orphan_get:1397: inode #13: comm syz.6.16087: iget: bad i_size value: 12154761577498 [ 1923.103954][T24930] usb 3-1: USB disconnect, device number 87 [ 1923.165425][T11451] loop6: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 1923.167783][T11451] EXT4-fs error (device loop6): ext4_orphan_get:1400: comm syz.6.16087: couldn't read orphan inode 13 (err -117) [ 1923.177265][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 1923.177305][ C0] EXT4-fs (loop6): initial error at time 2000525498: ext4_orphan_get:1397: inode 13 [ 1923.177364][ C0] EXT4-fs (loop6): last error at time 2000525498: ext4_orphan_get:1397: inode 13 [ 1923.227487][T11451] loop6: lost filesystem error report for type 5 error -117 [ 1923.230697][T11451] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1923.254572][T11463] netlink: 20 bytes leftover after parsing attributes in process `syz.3.16093'. [ 1923.497175][T11451] EXT4-fs warning (device loop6): dx_probe:859: inode #2: comm syz.6.16087: dx entry: limit 65535 != root limit 120 [ 1923.557089][T11451] EXT4-fs warning (device loop6): dx_probe:933: inode #2: comm syz.6.16087: Corrupt directory, running e2fsck is recommended [ 1923.658308][T11473] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16097'. [ 1923.717972][T11475] netlink: 'syz.7.16098': attribute type 1 has an invalid length. [ 1923.771129][T11475] netlink: 244 bytes leftover after parsing attributes in process `syz.7.16098'. [ 1923.842426][T25335] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1924.135530][T11485] netlink: 'syz.2.16103': attribute type 2 has an invalid length. [ 1924.174076][T11485] netlink: 224 bytes leftover after parsing attributes in process `syz.2.16103'. [ 1924.613086][T11505] ieee802154 phy1 wpan1: encryption failed: -22 [ 1924.876178][ T5773] usb 1-1: new high-speed USB device number 75 using dummy_hcd [ 1924.879394][T11515] netlink: 12 bytes leftover after parsing attributes in process `syz.5.16113'. [ 1925.023280][T11517] macvtap0: entered promiscuous mode [ 1925.090267][ T5773] usb 1-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 1925.138710][ T5773] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1925.174574][ T5773] usb 1-1: Product: syz [ 1925.190858][ T5773] usb 1-1: Manufacturer: syz [ 1925.212260][ T5773] usb 1-1: SerialNumber: syz [ 1925.262728][ T5773] usb 1-1: config 0 descriptor?? [ 1925.770788][ T5773] usb 1-1: f81604_write: reg: 105 data: 0 failed: -EPROTO [ 1925.819405][ T5773] f81604 1-1:0.0: Setting termination of CH#0 failed: -EPROTO [ 1925.851018][ T5773] f81604 1-1:0.0: probe with driver f81604 failed with error -71 [ 1925.920375][ T5773] usb 1-1: USB disconnect, device number 75 [ 1926.562703][T11567] xt_connbytes: Forcing CT accounting to be enabled [ 1926.838505][T24930] usb 4-1: new full-speed USB device number 93 using dummy_hcd [ 1926.871788][T11576] loop5: detected capacity change from 0 to 64 [ 1927.043289][T24930] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1927.084141][T24930] usb 4-1: not running at top speed; connect to a high speed hub [ 1927.132632][T24930] usb 4-1: config 197 has an invalid interface number: 211 but max is 0 [ 1927.164419][T24930] usb 4-1: config 197 has no interface number 0 [ 1927.192277][T24930] usb 4-1: config 197 interface 211 has no altsetting 0 [ 1927.236160][T24930] usb 4-1: New USB device found, idVendor=064b, idProduct=7825, bcdDevice=3f.c6 [ 1927.297116][T24930] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1927.301079][T11586] loop2: detected capacity change from 0 to 256 [ 1927.326284][T24930] usb 4-1: Product: syz [ 1927.344684][T24930] usb 4-1: Manufacturer: syz [ 1927.364727][T24930] usb 4-1: SerialNumber: syz [ 1927.469677][T11586] FAT-fs (loop2): Directory bread(block 64) failed [ 1927.515865][T11586] FAT-fs (loop2): Directory bread(block 65) failed [ 1927.563115][T11586] FAT-fs (loop2): Directory bread(block 66) failed [ 1927.604595][T11586] FAT-fs (loop2): Directory bread(block 67) failed [ 1927.657556][T11586] FAT-fs (loop2): Directory bread(block 68) failed [ 1927.682158][T24930] upd78f0730 4-1:197.211: upd78f0730 converter detected [ 1927.686362][T11586] FAT-fs (loop2): Directory bread(block 69) failed [ 1927.737099][T11586] FAT-fs (loop2): Directory bread(block 70) failed [ 1927.782417][T24930] usb 4-1: upd78f0730 converter now attached to ttyUSB0 [ 1927.785617][T11586] FAT-fs (loop2): Directory bread(block 71) failed [ 1927.833930][T24930] usb 4-1: USB disconnect, device number 93 [ 1927.845074][T11586] FAT-fs (loop2): Directory bread(block 72) failed [ 1927.876826][T24930] upd78f0730 ttyUSB0: upd78f0730 converter now disconnected from ttyUSB0 [ 1927.879744][T11586] FAT-fs (loop2): Directory bread(block 73) failed [ 1927.933039][T24930] upd78f0730 4-1:197.211: device disconnected [ 1927.942509][T11600] IPv6: sit1: Disabled Multicast RS [ 1927.969082][T11600] sit1: entered allmulticast mode [ 1928.073071][T11561] loop7: detected capacity change from 0 to 32768 [ 1928.522807][T11569] Process accounting resumed [ 1928.532614][T11607] netlink: 1004 bytes leftover after parsing attributes in process `syz.6.16151'. [ 1928.919554][T11622] loop5: detected capacity change from 0 to 1024 [ 1928.923757][T11621] bond3: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0) [ 1928.948724][T11621] bond3 (unregistering): Released all slaves [ 1929.063540][T11625] netdevsim netdevsim7 netdevsim0: entered allmulticast mode [ 1929.065238][T11630] netlink: 'syz.6.16159': attribute type 11 has an invalid length. [ 1929.128399][T11630] netlink: 224 bytes leftover after parsing attributes in process `syz.6.16159'. [ 1929.683088][T11642] loop6: detected capacity change from 0 to 64 [ 1929.737600][T11643] loop0: detected capacity change from 0 to 1024 [ 1929.801560][T11643] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 1930.028008][T11651] loop7: detected capacity change from 0 to 256 [ 1930.586188][T11668] loop5: detected capacity change from 0 to 512 [ 1930.681940][T11668] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1930.778662][T11668] ext4 filesystem being mounted at /2781/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1930.822109][T11675] bond6: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0) [ 1930.846383][T11675] bond6 (unregistering): Released all slaves [ 1931.111512][T24930] usb 7-1: new full-speed USB device number 21 using dummy_hcd [ 1931.162829][ T5632] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1931.304947][T24930] usb 7-1: config 1 has an invalid interface number: 105 but max is 0 [ 1931.327632][T24930] usb 7-1: config 1 has no interface number 0 [ 1931.343557][T24930] usb 7-1: config 1 interface 105 has no altsetting 0 [ 1931.362301][T24930] usb 7-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 1931.389520][T24930] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1931.414650][T24930] usb 7-1: Product: syz [ 1931.432504][T24930] usb 7-1: Manufacturer: syz [ 1931.439988][T24930] usb 7-1: SerialNumber: syz [ 1931.512460][T11696] netdevsim netdevsim7 netdevsim0: entered promiscuous mode [ 1931.696981][T24930] aqc111 7-1:1.105: probe with driver aqc111 failed with error -71 [ 1931.761862][T24930] usb 7-1: USB disconnect, device number 21 [ 1931.774561][T11700] usb usb9: usbfs: process 11700 (syz.5.16192) did not claim interface 0 before use [ 1932.883319][T11721] bond4: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0) [ 1932.914190][T11731] loop2: detected capacity change from 0 to 64 [ 1932.923179][T11721] bond4 (unregistering): Released all slaves [ 1932.959846][T11731] hfs: unable to locate alternate MDB [ 1932.982780][T11731] hfs: continuing without an alternate MDB [ 1933.226375][ T30] audit: type=1800 audit(2000525507.715:383): pid=11731 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.16204" name="file1" dev="loop2" ino=22 res=0 errno=0 [ 1933.382639][T11731] Process accounting resumed [ 1933.420253][T30471] [ 1933.422728][T30471] ====================================================== [ 1933.429779][T30471] WARNING: possible circular locking dependency detected [ 1933.436835][T30471] syzkaller #0 Tainted: G L [ 1933.442858][T30471] ------------------------------------------------------ [ 1933.449891][T30471] kworker/u8:11/30471 is trying to acquire lock: [ 1933.456229][T30471] ffff888050b62030 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xa6/0xcf0 [ 1933.467016][T30471] [ 1933.467016][T30471] but task is already holding lock: [ 1933.474389][T30471] ffff88807dd960a8 (&tree->tree_lock#2/1){+.+.}-{4:4}, at: hfs_find_init+0x273/0x330 [ 1933.483968][T30471] [ 1933.483968][T30471] which lock already depends on the new lock. [ 1933.483968][T30471] [ 1933.494384][T30471] [ 1933.494384][T30471] the existing dependency chain (in reverse order) is: [ 1933.503403][T30471] [ 1933.503403][T30471] -> #1 (&tree->tree_lock#2/1){+.+.}-{4:4}: [ 1933.511546][T30471] __mutex_lock+0x1a4/0x1b10 [ 1933.516823][T30471] hfs_find_init+0x273/0x330 [ 1933.521977][T30471] hfs_ext_read_extent+0x19d/0x9d0 [ 1933.527654][T30471] hfs_get_block+0x576/0x830 [ 1933.532892][T30471] block_read_full_folio+0x36c/0x8e0 [ 1933.538744][T30471] filemap_read_folio+0xfc/0x3b0 [ 1933.544341][T30471] do_read_cache_folio+0x2d7/0x6b0 [ 1933.550009][T30471] read_cache_page+0x5b/0x1b0 [ 1933.555242][T30471] __hfs_bnode_create+0x718/0x9a0 [ 1933.560822][T30471] hfs_bnode_find+0x2d5/0xd30 [ 1933.566072][T30471] hfs_brec_find+0x39d/0x620 [ 1933.571242][T30471] hfs_brec_read+0x26/0x120 [ 1933.576305][T30471] hfs_cat_find_brec+0xdc/0x2a0 [ 1933.581752][T30471] hfs_fill_super+0x58d/0x7e0 [ 1933.587018][T30471] get_tree_bdev_flags+0x38c/0x620 [ 1933.592777][T30471] vfs_get_tree+0x92/0x320 [ 1933.597969][T30471] path_mount+0x7d0/0x23d0 [ 1933.602940][T30471] __x64_sys_mount+0x293/0x310 [ 1933.608253][T30471] do_syscall_64+0x10b/0x860 [ 1933.613377][T30471] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1933.619804][T30471] [ 1933.619804][T30471] -> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}: [ 1933.629060][T30471] __lock_acquire+0x14b8/0x2630 [ 1933.634469][T30471] lock_acquire+0x1b1/0x370 [ 1933.639699][T30471] __mutex_lock+0x1a4/0x1b10 [ 1933.644841][T30471] hfs_extend_file+0xa6/0xcf0 [ 1933.650109][T30471] hfs_bmap_reserve+0x2ab/0x3a0 [ 1933.655628][T30471] __hfs_ext_write_extent+0x3c4/0x510 [ 1933.661602][T30471] hfs_ext_write_extent+0x1b7/0x200 [ 1933.667364][T30471] hfs_write_inode+0xce/0xab0 [ 1933.672577][T30471] __writeback_single_inode+0xcd4/0x1350 [ 1933.678776][T30471] writeback_sb_inodes+0x766/0x1c60 [ 1933.684536][T30471] wb_writeback+0x1bf/0xb90 [ 1933.689698][T30471] wb_workfn+0x14f/0xc00 [ 1933.694538][T30471] process_one_work+0xa0e/0x1980 [ 1933.700052][T30471] worker_thread+0x5ef/0xe50 [ 1933.705298][T30471] kthread+0x370/0x450 [ 1933.709908][T30471] ret_from_fork+0x72b/0xd50 [ 1933.715128][T30471] ret_from_fork_asm+0x1a/0x30 [ 1933.720511][T30471] [ 1933.720511][T30471] other info that might help us debug this: [ 1933.720511][T30471] [ 1933.730752][T30471] Possible unsafe locking scenario: [ 1933.730752][T30471] [ 1933.738204][T30471] CPU0 CPU1 [ 1933.743563][T30471] ---- ---- [ 1933.749067][T30471] lock(&tree->tree_lock#2/1); [ 1933.753955][T30471] lock(&HFS_I(tree->inode)->extents_lock); [ 1933.762502][T30471] lock(&tree->tree_lock#2/1); [ 1933.770022][T30471] lock(&HFS_I(tree->inode)->extents_lock); [ 1933.776121][T30471] [ 1933.776121][T30471] *** DEADLOCK *** [ 1933.776121][T30471] [ 1933.784268][T30471] 3 locks held by kworker/u8:11/30471: [ 1933.789731][T30471] #0: ffff888020ad1140 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x12d6/0x1980 [ 1933.800510][T30471] #1: ffffc90004c87d08 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x973/0x1980 [ 1933.812506][T30471] #2: ffff88807dd960a8 (&tree->tree_lock#2/1){+.+.}-{4:4}, at: hfs_find_init+0x273/0x330 [ 1933.822527][T30471] [ 1933.822527][T30471] stack backtrace: [ 1933.828542][T30471] CPU: 0 UID: 0 PID: 30471 Comm: kworker/u8:11 Tainted: G L syzkaller #0 PREEMPT(full) [ 1933.828597][T30471] Tainted: [L]=SOFTLOCKUP [ 1933.828610][T30471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1933.828636][T30471] Workqueue: writeback wb_workfn (flush-7:2) [ 1933.828708][T30471] Call Trace: [ 1933.828722][T30471] [ 1933.828737][T30471] dump_stack_lvl+0x100/0x190 [ 1933.828778][T30471] print_circular_bug.cold+0x178/0x1c7 [ 1933.828847][T30471] check_noncircular+0x146/0x160 [ 1933.828886][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.828939][T30471] __lock_acquire+0x14b8/0x2630 [ 1933.828987][T30471] ? __pfx_stack_trace_save+0x10/0x10 [ 1933.829026][T30471] lock_acquire+0x1b1/0x370 [ 1933.829068][T30471] ? hfs_extend_file+0xa6/0xcf0 [ 1933.829129][T30471] ? __pfx___might_resched+0x10/0x10 [ 1933.829179][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.829223][T30471] ? add_lock_to_list+0x99/0x110 [ 1933.829259][T30471] __mutex_lock+0x1a4/0x1b10 [ 1933.829298][T30471] ? hfs_extend_file+0xa6/0xcf0 [ 1933.829355][T30471] ? hfs_extend_file+0xa6/0xcf0 [ 1933.829414][T30471] ? hfs_write_inode+0xce/0xab0 [ 1933.829448][T30471] ? __writeback_single_inode+0xcd4/0x1350 [ 1933.829509][T30471] ? __pfx___mutex_lock+0x10/0x10 [ 1933.829547][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.829590][T30471] ? lock_acquire+0x1b1/0x370 [ 1933.829637][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.829681][T30471] ? trace_contention_end+0x122/0x170 [ 1933.829729][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.829777][T30471] ? hfs_extend_file+0xa6/0xcf0 [ 1933.829839][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.829883][T30471] hfs_extend_file+0xa6/0xcf0 [ 1933.829944][T30471] ? __pfx_hfs_extend_file+0x10/0x10 [ 1933.830001][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.830053][T30471] hfs_bmap_reserve+0x2ab/0x3a0 [ 1933.830111][T30471] __hfs_ext_write_extent+0x3c4/0x510 [ 1933.830168][T30471] ? hfs_find_init+0x273/0x330 [ 1933.830209][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.830256][T30471] hfs_ext_write_extent+0x1b7/0x200 [ 1933.830315][T30471] ? __pfx_hfs_ext_write_extent+0x10/0x10 [ 1933.830379][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.830423][T30471] ? __mpage_writepages+0x1a8/0x210 [ 1933.830460][T30471] ? __pfx___mpage_writepages+0x10/0x10 [ 1933.830508][T30471] hfs_write_inode+0xce/0xab0 [ 1933.830548][T30471] ? __pfx_hfs_write_inode+0x10/0x10 [ 1933.830583][T30471] ? __lock_acquire+0x4a5/0x2630 [ 1933.830640][T30471] ? __writeback_single_inode+0x454/0x1350 [ 1933.830698][T30471] ? __writeback_single_inode+0x454/0x1350 [ 1933.830756][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.830806][T30471] __writeback_single_inode+0xcd4/0x1350 [ 1933.830876][T30471] ? __pfx___writeback_single_inode+0x10/0x10 [ 1933.830935][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.830979][T30471] ? do_raw_spin_unlock+0x145/0x1e0 [ 1933.831031][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.831079][T30471] writeback_sb_inodes+0x766/0x1c60 [ 1933.831148][T30471] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 1933.831205][T30471] ? arch_stack_walk+0x94/0xf0 [ 1933.831287][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.831330][T30471] ? rcu_is_watching+0x12/0xc0 [ 1933.831384][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.831428][T30471] ? queue_io+0x287/0x540 [ 1933.831478][T30471] wb_writeback+0x1bf/0xb90 [ 1933.831541][T30471] ? __pfx_wb_writeback+0x10/0x10 [ 1933.831604][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.831648][T30471] ? mark_held_locks+0x40/0x70 [ 1933.831690][T30471] ? _raw_spin_unlock_irq+0x23/0x50 [ 1933.831749][T30471] wb_workfn+0x14f/0xc00 [ 1933.831808][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.831857][T30471] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1933.831917][T30471] ? __pfx_wb_workfn+0x10/0x10 [ 1933.831976][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.832022][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.832067][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.832111][T30471] ? rcu_is_watching+0x12/0xc0 [ 1933.832164][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.832212][T30471] process_one_work+0xa0e/0x1980 [ 1933.832268][T30471] ? __pfx_process_one_work+0x10/0x10 [ 1933.832312][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.832363][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.832411][T30471] worker_thread+0x5ef/0xe50 [ 1933.832462][T30471] ? __pfx_worker_thread+0x10/0x10 [ 1933.832508][T30471] ? kthread+0x13a/0x450 [ 1933.832545][T30471] ? __pfx_worker_thread+0x10/0x10 [ 1933.832589][T30471] kthread+0x370/0x450 [ 1933.832627][T30471] ? __pfx_kthread+0x10/0x10 [ 1933.832668][T30471] ret_from_fork+0x72b/0xd50 [ 1933.832713][T30471] ? __pfx_ret_from_fork+0x10/0x10 [ 1933.832756][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1933.832800][T30471] ? __switch_to+0x800/0x1100 [ 1933.832857][T30471] ? __switch_to_asm+0x39/0x70 [ 1933.832906][T30471] ? __pfx_kthread+0x10/0x10 [ 1933.832953][T30471] ret_from_fork_asm+0x1a/0x30 [ 1933.833089][T30471] [ 1934.406965][T30471] hfs: new node 0 already hashed? [ 1934.412917][T30471] ------------[ cut here ]------------ [ 1934.418929][T30471] 1 [ 1934.418947][T30471] WARNING: fs/hfs/bnode.c:520 at hfs_bnode_create.cold+0x41/0x49, CPU#0: kworker/u8:11/30471 [ 1934.433051][T30471] Modules linked in: [ 1934.438015][T30471] CPU: 0 UID: 0 PID: 30471 Comm: kworker/u8:11 Tainted: G L syzkaller #0 PREEMPT(full) [ 1934.449580][T30471] Tainted: [L]=SOFTLOCKUP [ 1934.453926][T30471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1934.464459][T30471] Workqueue: writeback wb_workfn (flush-7:2) [ 1934.470928][T30471] RIP: 0010:hfs_bnode_create.cold+0x41/0x49 [ 1934.476852][T30471] Code: a5 71 65 0a e9 07 4b d1 01 e8 6b 22 e1 00 4c 89 f7 e8 93 71 65 0a e8 5e 22 e1 00 89 ee 48 c7 c7 80 e9 d1 8b e8 b0 df fa ff 90 <0f> 0b 90 e9 09 4e d1 01 e8 42 22 e1 00 e8 6d 5c 4d 00 e9 65 50 d1 [ 1934.496881][T30471] RSP: 0018:ffffc90004c87020 EFLAGS: 00010282 [ 1934.503647][T30471] RAX: 000000000000001f RBX: ffff888028766e00 RCX: 0000000000000000 [ 1934.511910][T30471] RDX: 000000000000001f RSI: ffffffff81e72d69 RDI: fffff52000990df5 [ 1934.520013][T30471] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 1934.528056][T30471] R10: 0000000080000000 R11: 77656e203a736668 R12: dffffc0000000000 [ 1934.536133][T30471] R13: ffff88807dd96000 R14: ffff88807dd960d8 R15: 0000000000000000 [ 1934.544238][T30471] FS: 0000000000000000(0000) GS:ffff88812436a000(0000) knlGS:0000000000000000 [ 1934.553252][T30471] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1934.559895][T30471] CR2: 00007ff3499e8158 CR3: 000000004d41e000 CR4: 0000000000350ef0 [ 1934.568036][T30471] Call Trace: [ 1934.571375][T30471] [ 1934.574329][T30471] ? _raw_spin_unlock+0x28/0x50 [ 1934.579333][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.585014][T30471] ? hfs_bnode_put+0x208/0x480 [ 1934.589877][T30471] hfs_bmap_alloc+0x5a7/0x6b0 [ 1934.594616][T30471] ? __pfx_hfs_bmap_alloc+0x10/0x10 [ 1934.599909][T30471] ? __asan_memcpy+0x3c/0x60 [ 1934.604536][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.610245][T30471] ? hfs_bnode_read.part.0+0x298/0x330 [ 1934.615753][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.621535][T30471] ? folio_mark_accessed+0xf3/0x1040 [ 1934.626911][T30471] hfs_btree_inc_height.isra.0+0xff/0x820 [ 1934.633000][T30471] ? rcu_is_watching+0x12/0xc0 [ 1934.637832][T30471] ? __pfx_hfs_btree_inc_height.isra.0+0x10/0x10 [ 1934.644393][T30471] ? do_raw_spin_unlock+0x145/0x1e0 [ 1934.650423][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.656155][T30471] ? _raw_spin_unlock+0x28/0x50 [ 1934.661209][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.666949][T30471] ? hfs_bnode_put+0x208/0x480 [ 1934.671898][T30471] hfs_brec_insert+0x8ba/0xc20 [ 1934.676862][T30471] ? __pfx_hfs_brec_insert+0x10/0x10 [ 1934.682242][T30471] ? hfs_bmap_reserve+0x2c5/0x3a0 [ 1934.687359][T30471] __hfs_ext_write_extent+0x3ef/0x510 [ 1934.692895][T30471] ? hfs_find_init+0x273/0x330 [ 1934.697764][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.703472][T30471] hfs_ext_write_extent+0x1b7/0x200 [ 1934.708746][T30471] ? __pfx_hfs_ext_write_extent+0x10/0x10 [ 1934.714706][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.720424][T30471] ? __mpage_writepages+0x1a8/0x210 [ 1934.725792][T30471] ? __pfx___mpage_writepages+0x10/0x10 [ 1934.731415][T30471] hfs_write_inode+0xce/0xab0 [ 1934.737048][T30471] ? __pfx_hfs_write_inode+0x10/0x10 [ 1934.742474][T30471] ? __lock_acquire+0x4a5/0x2630 [ 1934.747518][T30471] ? __writeback_single_inode+0x454/0x1350 [ 1934.753413][T30471] ? __writeback_single_inode+0x454/0x1350 [ 1934.759307][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.765208][T30471] __writeback_single_inode+0xcd4/0x1350 [ 1934.771052][T30471] ? __pfx___writeback_single_inode+0x10/0x10 [ 1934.777218][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.782935][T30471] ? do_raw_spin_unlock+0x145/0x1e0 [ 1934.788227][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.793968][T30471] writeback_sb_inodes+0x766/0x1c60 [ 1934.799251][T30471] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 1934.805099][T30471] ? arch_stack_walk+0x94/0xf0 [ 1934.809977][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.815747][T30471] ? rcu_is_watching+0x12/0xc0 [ 1934.820796][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.826546][T30471] ? queue_io+0x287/0x540 [ 1934.831225][T30471] wb_writeback+0x1bf/0xb90 [ 1934.835883][T30471] ? __pfx_wb_writeback+0x10/0x10 [ 1934.841016][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.846756][T30471] ? mark_held_locks+0x40/0x70 [ 1934.851571][T30471] ? _raw_spin_unlock_irq+0x23/0x50 [ 1934.857029][T30471] wb_workfn+0x14f/0xc00 [ 1934.861696][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.867413][T30471] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1934.873322][T30471] ? __pfx_wb_workfn+0x10/0x10 [ 1934.878174][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.883872][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.889601][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.895296][T30471] ? rcu_is_watching+0x12/0xc0 [ 1934.900166][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.905895][T30471] process_one_work+0xa0e/0x1980 [ 1934.910999][T30471] ? __pfx_process_one_work+0x10/0x10 [ 1934.916537][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.922319][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.928057][T30471] worker_thread+0x5ef/0xe50 [ 1934.932700][T30471] ? __pfx_worker_thread+0x10/0x10 [ 1934.937859][T30471] ? kthread+0x13a/0x450 [ 1934.942170][T30471] ? __pfx_worker_thread+0x10/0x10 [ 1934.947369][T30471] kthread+0x370/0x450 [ 1934.951546][T30471] ? __pfx_kthread+0x10/0x10 [ 1934.956175][T30471] ret_from_fork+0x72b/0xd50 [ 1934.960879][T30471] ? __pfx_ret_from_fork+0x10/0x10 [ 1934.966087][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1934.971831][T30471] ? __switch_to+0x800/0x1100 [ 1934.976578][T30471] ? __switch_to_asm+0x39/0x70 [ 1934.981488][T30471] ? __pfx_kthread+0x10/0x10 [ 1934.986116][T30471] ret_from_fork_asm+0x1a/0x30 [ 1934.990914][T30471] [ 1934.993994][T30471] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1935.001388][T30471] CPU: 0 UID: 0 PID: 30471 Comm: kworker/u8:11 Tainted: G L syzkaller #0 PREEMPT(full) [ 1935.012638][T30471] Tainted: [L]=SOFTLOCKUP [ 1935.016971][T30471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1935.027125][T30471] Workqueue: writeback wb_workfn (flush-7:2) [ 1935.033152][T30471] Call Trace: [ 1935.036460][T30471] [ 1935.039388][T30471] dump_stack_lvl+0x100/0x190 [ 1935.044092][T30471] vpanic+0x552/0x970 [ 1935.048144][T30471] ? __pfx_vpanic+0x10/0x10 [ 1935.052761][T30471] ? lock_release+0x245/0x310 [ 1935.057481][T30471] panic+0xd1/0xe0 [ 1935.061243][T30471] ? __pfx_panic+0x10/0x10 [ 1935.065717][T30471] ? check_panic_on_warn+0x1f/0x90 [ 1935.070976][T30471] check_panic_on_warn.cold+0x19/0x34 [ 1935.076377][T30471] ? hfs_bnode_create.cold+0x41/0x49 [ 1935.081693][T30471] __warn.cold+0x191/0x328 [ 1935.086134][T30471] __report_bug+0x296/0x3d0 [ 1935.090975][T30471] ? hfs_bnode_create.cold+0x41/0x49 [ 1935.096291][T30471] ? __pfx___report_bug+0x10/0x10 [ 1935.101441][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.107277][T30471] ? irq_work_queue+0xce/0x100 [ 1935.112159][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.117813][T30471] ? __wake_up_klogd+0xe2/0x140 [ 1935.122721][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.128376][T30471] ? vprintk_emit+0x1c9/0x6b0 [ 1935.133093][T30471] ? __pfx_vprintk_emit+0x10/0x10 [ 1935.138158][T30471] ? hfs_bnode_create.cold+0x41/0x49 [ 1935.143465][T30471] report_bug+0xb2/0x220 [ 1935.147783][T30471] ? hfs_bnode_create.cold+0x41/0x49 [ 1935.153087][T30471] handle_bug+0x16a/0x2a0 [ 1935.157462][T30471] exc_invalid_op+0x17/0x50 [ 1935.162116][T30471] asm_exc_invalid_op+0x1a/0x20 [ 1935.167029][T30471] RIP: 0010:hfs_bnode_create.cold+0x41/0x49 [ 1935.172956][T30471] Code: a5 71 65 0a e9 07 4b d1 01 e8 6b 22 e1 00 4c 89 f7 e8 93 71 65 0a e8 5e 22 e1 00 89 ee 48 c7 c7 80 e9 d1 8b e8 b0 df fa ff 90 <0f> 0b 90 e9 09 4e d1 01 e8 42 22 e1 00 e8 6d 5c 4d 00 e9 65 50 d1 [ 1935.192870][T30471] RSP: 0018:ffffc90004c87020 EFLAGS: 00010282 [ 1935.198963][T30471] RAX: 000000000000001f RBX: ffff888028766e00 RCX: 0000000000000000 [ 1935.206942][T30471] RDX: 000000000000001f RSI: ffffffff81e72d69 RDI: fffff52000990df5 [ 1935.214938][T30471] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 1935.223193][T30471] R10: 0000000080000000 R11: 77656e203a736668 R12: dffffc0000000000 [ 1935.231301][T30471] R13: ffff88807dd96000 R14: ffff88807dd960d8 R15: 0000000000000000 [ 1935.239294][T30471] ? vprintk_emit+0x1c9/0x6b0 [ 1935.244016][T30471] ? _raw_spin_unlock+0x28/0x50 [ 1935.248899][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.254559][T30471] ? hfs_bnode_put+0x208/0x480 [ 1935.259440][T30471] hfs_bmap_alloc+0x5a7/0x6b0 [ 1935.264165][T30471] ? __pfx_hfs_bmap_alloc+0x10/0x10 [ 1935.269391][T30471] ? __asan_memcpy+0x3c/0x60 [ 1935.274321][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.280111][T30471] ? hfs_bnode_read.part.0+0x298/0x330 [ 1935.285611][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.291798][T30471] ? folio_mark_accessed+0xf3/0x1040 [ 1935.297123][T30471] hfs_btree_inc_height.isra.0+0xff/0x820 [ 1935.302879][T30471] ? rcu_is_watching+0x12/0xc0 [ 1935.307767][T30471] ? __pfx_hfs_btree_inc_height.isra.0+0x10/0x10 [ 1935.314131][T30471] ? do_raw_spin_unlock+0x145/0x1e0 [ 1935.319364][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.325023][T30471] ? _raw_spin_unlock+0x28/0x50 [ 1935.329920][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.335724][T30471] ? hfs_bnode_put+0x208/0x480 [ 1935.340545][T30471] hfs_brec_insert+0x8ba/0xc20 [ 1935.345902][T30471] ? __pfx_hfs_brec_insert+0x10/0x10 [ 1935.351242][T30471] ? hfs_bmap_reserve+0x2c5/0x3a0 [ 1935.356475][T30471] __hfs_ext_write_extent+0x3ef/0x510 [ 1935.362033][T30471] ? hfs_find_init+0x273/0x330 [ 1935.366907][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.372759][T30471] hfs_ext_write_extent+0x1b7/0x200 [ 1935.378008][T30471] ? __pfx_hfs_ext_write_extent+0x10/0x10 [ 1935.383770][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.389427][T30471] ? __mpage_writepages+0x1a8/0x210 [ 1935.394667][T30471] ? __pfx___mpage_writepages+0x10/0x10 [ 1935.400255][T30471] hfs_write_inode+0xce/0xab0 [ 1935.404965][T30471] ? __pfx_hfs_write_inode+0x10/0x10 [ 1935.410275][T30471] ? __lock_acquire+0x4a5/0x2630 [ 1935.415249][T30471] ? __writeback_single_inode+0x454/0x1350 [ 1935.421091][T30471] ? __writeback_single_inode+0x454/0x1350 [ 1935.426943][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.432734][T30471] __writeback_single_inode+0xcd4/0x1350 [ 1935.438428][T30471] ? __pfx___writeback_single_inode+0x10/0x10 [ 1935.444550][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.450217][T30471] ? do_raw_spin_unlock+0x145/0x1e0 [ 1935.455453][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.461119][T30471] writeback_sb_inodes+0x766/0x1c60 [ 1935.466377][T30471] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 1935.472058][T30471] ? arch_stack_walk+0x94/0xf0 [ 1935.477008][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.482757][T30471] ? rcu_is_watching+0x12/0xc0 [ 1935.487658][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.493445][T30471] ? queue_io+0x287/0x540 [ 1935.497824][T30471] wb_writeback+0x1bf/0xb90 [ 1935.502396][T30471] ? __pfx_wb_writeback+0x10/0x10 [ 1935.507469][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.513128][T30471] ? mark_held_locks+0x40/0x70 [ 1935.517915][T30471] ? _raw_spin_unlock_irq+0x23/0x50 [ 1935.523234][T30471] wb_workfn+0x14f/0xc00 [ 1935.527517][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.533256][T30471] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1935.539105][T30471] ? __pfx_wb_workfn+0x10/0x10 [ 1935.543911][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.549749][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.555462][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.561123][T30471] ? rcu_is_watching+0x12/0xc0 [ 1935.565932][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.571688][T30471] process_one_work+0xa0e/0x1980 [ 1935.576669][T30471] ? __pfx_process_one_work+0x10/0x10 [ 1935.582064][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.587726][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.593396][T30471] worker_thread+0x5ef/0xe50 [ 1935.598025][T30471] ? __pfx_worker_thread+0x10/0x10 [ 1935.603338][T30471] ? kthread+0x13a/0x450 [ 1935.607614][T30471] ? __pfx_worker_thread+0x10/0x10 [ 1935.612780][T30471] kthread+0x370/0x450 [ 1935.616888][T30471] ? __pfx_kthread+0x10/0x10 [ 1935.621608][T30471] ret_from_fork+0x72b/0xd50 [ 1935.626405][T30471] ? __pfx_ret_from_fork+0x10/0x10 [ 1935.631547][T30471] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1935.637216][T30471] ? __switch_to+0x800/0x1100 [ 1935.642014][T30471] ? __switch_to_asm+0x39/0x70 [ 1935.646902][T30471] ? __pfx_kthread+0x10/0x10 [ 1935.651513][T30471] ret_from_fork_asm+0x1a/0x30 [ 1935.656324][T30471] [ 1935.659951][T30471] Kernel Offset: disabled [ 1935.664336][T30471] Rebooting in 86400 seconds..