last executing test programs: 10m57.110483787s ago: executing program 1 (id=9214): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000880)=ANY=[@ANYBLOB="7a0af8ff7525736cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000f700000000b2595285fa97ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5956fc4a33ca263e2b5d47b2b00000000b1a297cfddd73f30f2382f6c2d3ffdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000010000800db583620ce7243d1aebdb638d91dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc70bb30d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e3841bef895c5a637b0bf2eac3cb07b74a72291a1a2b523dd81b6651b1ee29e999bb004823ebcd8c65743f31f84b263ab9b3426692d01ad194f302d7a658e90000000001000000b6b2f25ddb8c640ab321a402058c92cdfbea882b0b18914781ceb10814cf4ee23ddb79fff5eb156e0a000000000000f2bd164a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8fdf3bc282deb43a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0aa390d0da6972ed719d7e0efb2bb713d1890e317c8de105c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b9c66200349e62d4d0ab1a1dc51907c980000cfb215af2c1a3c22243cce23b00000a857d61b0d66c3f6da8aed31027c33204ea0fa0620111920d3f24980e9995a510bd87b06440a0a26130098b901c53a02cfbfd8bcbdec9f34542c3c9652adefde555ecd28ebc88082bab431ee3e1adb5b0ad14c79dd4411ecc96c512f3b72a9b3a0c3e07ec6b427bdc0bf3963e9f802a5feab82a989db62d8d1339f842b3f593d6c24fe015ec63c658ba7c4fae17514f802709ab4fa5caa932d4b65a5ecfc422899513ddde6ec04974f9981a8c155c26e2e3b8f2d0da70e524832ab04dec9ce66a62ceffbb15b1857c93666fe043a266a451f9a1e1f054211b9ae566b58f4f356c7a4"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x2800000002000000, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0xa00, 0x4000000}, 0x28) 10m56.455631544s ago: executing program 1 (id=9221): r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0xb4b, 0x20440) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000000140)={0xfffffff7}) 10m56.122695047s ago: executing program 1 (id=9224): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000030000000000000001000000850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x100, 0x50, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000002c0)='./cgroup/cgroup.procs\x00', &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x200001a5}}, 0x40) 10m55.732446641s ago: executing program 1 (id=9227): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x2000004, &(0x7f0000000500)=ANY=[@ANYBLOB="00e3078fbb81fca067351e718b1742354077ee6bdefb8addaf7c0c235850b66dac0ba564a370a77264f1a57d44c84efc49fa6c64b9351ea8fd59a458a7791fedcc466b0eab6ca6dd32fcc642517fa3219450b91e3118bf2b9d3cfa562ea44c058252d29181c81c637c6ba7d179122eee61e5c9f68165b6abd469da8d90c0632f7265bb040411d5748c475bb33a7ce77afb2ea533f1653d8cb67dad989bb0a1c16881f0d91d6cbd3751c289aecf4a00"/185, @ANYBLOB="b12398658f5ec6488081d04c33b5a507b1cac8c4376c1895046a1e6e068e53d002eb4279796b4c014f4febee026f87bd0eea7d27598f7ff2687552fdd651", @ANYRESOCT=0x0, @ANYRES64], 0x1, 0x497, &(0x7f0000002480)="$eJzs281vG8Ufx/HPbGJnk/b3w31yC6qEJSSKiiix05I+gRRa0iL1gbYJAqEWhcYJVhMnitOqraCtxKFHoEggJA7l0AtCVZHgAgcOcOM/4MKtBy6YEycQms2sd+26JK0fEjfvl5R4vPv17uzM7OysdywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC9/MpQf9Ysdy4AAEA7HTt1sj/H9R8AgFVlhPt/AACA1cTI0ycy+uHTsjkavF/gHykUz18cPThc/2O9JvhkVxBv//xsbmDnrhcGd4ev//35Zntcx0+NDGUOzEzPzuVLpfx4ZrRYODsznl/yFhr9fK3tQQFkps+dH5+YKGVyOwaqVl9M3e1Zk07tG0zvfzqMHT04PHwqFtOdeOi93+N+I/ykPF2XUfnj2+aYJE+Nl8UibafVeoOD2B4cxOjB4eBApgpjxXm70oQF4VWXSTIsozbURUM2SjZfJtmce7aEPJVktCldNscldYXl8GzwxfDiG/Cako0HZvN5WlJGHVBnK1iPPO2S0Y09Kb1myyys/27p/eXOHFquW55uy2jbS2VzIugP7Plku80jr2deLU7MxGKNcWdUp18f2mmF902+PB0LzviyObncmUHb2cHSaRntHLkQjCsUjEsf2zd46PBIfISxeZHt2NgdLr2Ua3IiNnQwyzSGAAAAAAAAAB51vvGC7+I+/8YP3mfcMyCsEsbT8zL683A5eDQen5fQFZvfUdHpz35am/9e/8DM7KW5wuS783XX9/lD75Tm58bO1l+tXnvyVX0dvtg8hgYljKfdMrr6z51ovylj064biHZ0a3+UN9/UrA3azf8X5rOEzxD2Dm+Op+tm+QGej6XcfumfgOYwxtOQjCa+3+LmfvTpnj7IxX0roz9ubnVxXtIGhadpKvjvTxSm8v029icZffl3GBtMM9MaF7shis3aWE9GHx2tjl3rYjdGsTkbe0hGP5+pH7spih2wsR/IaPb3TBjbZ2OfdLHpKHbH2Zmp8ZYV8Apn+/8rMlr/YsaEdenKy3WzXZXYW+9F/f212g3dp89vtP9PxZZdc+3wrm2vZ7YEbS9or1799npdRl9/t9XFLbSVpFu/Lvgftdc3ZDT5S3Vsn4tdH8Vml1ywHcLW/9syyhXvVMrG1b+rgdj1P1b/T9S2jhbV/7rYspTbb09zDh2SSpcunxubmsrPkSBBYgmJHq2IbCySCPvlh9/OMndMaAt7/f9MRm+e+LUy3nHXfzesjsZ/f12Jrv97azfUouv/+tiyvW40kuiW/Pnp2URa8kuXLj9XmB6bzE/miwO57J7+PTsHs4lkOLaLUg0X1SMp4e7VLnz4VeX+rHr8V3/831e7oRbV/waXzXCfUSfVlMNf9Wz9/yajt368U7mPtvV/sxJRPf4P77OeeWrhtXJ+tqj+N8aWpdx+/9eE4wYAAAAAAAAAAAAAAACATpcwnm7IyD/dbcLfRi1l/t89P5hq0fyvdGzZeJt+r9BwoQJAB/Dk6QsZbVPZXLUL1kpH4694pP0bAAD//3VdHM0=") mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x80, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 10m54.87491319s ago: executing program 1 (id=9237): r0 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0) ioctl$I2C_SLAVE(r0, 0x703, 0x68) 10m54.1520396s ago: executing program 1 (id=9246): capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001900)=ANY=[@ANYBLOB="b700000017000000bfa30000000000000703000028feffff7a0af0fff8ffffff61a4f0ff0000000035040100000002000f300000000000003404000001ed0a0065040000170000801f400000000000007b0a00fe000000002c04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efefb202ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff0c710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf1dbf6d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040bef29b66e3858d051c096e37c4f46010400000000c3da29faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d0cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931481747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885769754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8269b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347932a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd23834a50d7eb8e327fb5db12cbd6a9efe8e671c4f251fe3bf440cabdfe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa2c910fb8de24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f8089322d84ac523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe91c921ac1476027772c87d1767e31a3446cd57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c828c02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007f00a292dd3b856faa4b7e66e1b64505e65900839df71a97d4d05d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b530500d8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb6f5137bd9b075f1488d22230592a79000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462aa2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783fefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9be0bdd37220e316f2297743dd4731614a50c16c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe9c350a5c554a387de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119d2a673bdae05779208409e6cf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8a9d3374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bd0c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c7963c2ba910969f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21d24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a4ee271e35ed9eed636338f1835fc957729d63dc1bfc7b772cbe536c2d3aff27c22f9a2f876512616a5bdaf22a16e19d1b5f52abb40b433983d0cf50234de659c1a397ce901000000caae1bcfdce33dae6adc260321702f239c25ab181390e7dc8c1e5b1cf3b4fef1cd5c44a89b5e5d8314e02f4673ded90bce9a4025b0232eec970f7aa17f175a14e8dc8de9bac0006b98a8283eee5665f3aede28228e0468dbcf8b776fe4c629d3af183a7cba5adf77f23d31f9d5a183c0da4e95f75b1496a9fa46a06e4e1f5a8438d49dbd493ba2482ce0073db0ccfcd9ecddb02c9df4f980422c54406c2cf3e4c8917311a0bda89e660a997af2b9bf7707afbae0e6891455f21028e5ca0f00213ffbae10f04977c03a778eb9b3b3b1fa01566b09b5aadca2ba800964237cfff9819957a14913d87969391c23952e9d513fb9b6f95fd5dbf0"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x11}, 0x48) 10m53.311679223s ago: executing program 32 (id=9246): capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001900)=ANY=[@ANYBLOB="b700000017000000bfa30000000000000703000028feffff7a0af0fff8ffffff61a4f0ff0000000035040100000002000f300000000000003404000001ed0a0065040000170000801f400000000000007b0a00fe000000002c04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efefb202ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff0c710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf1dbf6d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040bef29b66e3858d051c096e37c4f46010400000000c3da29faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d0cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931481747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885769754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8269b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347932a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd23834a50d7eb8e327fb5db12cbd6a9efe8e671c4f251fe3bf440cabdfe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa2c910fb8de24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f8089322d84ac523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe91c921ac1476027772c87d1767e31a3446cd57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c828c02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007f00a292dd3b856faa4b7e66e1b64505e65900839df71a97d4d05d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b530500d8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb6f5137bd9b075f1488d22230592a79000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462aa2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783fefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9be0bdd37220e316f2297743dd4731614a50c16c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe9c350a5c554a387de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119d2a673bdae05779208409e6cf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8a9d3374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bd0c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c7963c2ba910969f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21d24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a4ee271e35ed9eed636338f1835fc957729d63dc1bfc7b772cbe536c2d3aff27c22f9a2f876512616a5bdaf22a16e19d1b5f52abb40b433983d0cf50234de659c1a397ce901000000caae1bcfdce33dae6adc260321702f239c25ab181390e7dc8c1e5b1cf3b4fef1cd5c44a89b5e5d8314e02f4673ded90bce9a4025b0232eec970f7aa17f175a14e8dc8de9bac0006b98a8283eee5665f3aede28228e0468dbcf8b776fe4c629d3af183a7cba5adf77f23d31f9d5a183c0da4e95f75b1496a9fa46a06e4e1f5a8438d49dbd493ba2482ce0073db0ccfcd9ecddb02c9df4f980422c54406c2cf3e4c8917311a0bda89e660a997af2b9bf7707afbae0e6891455f21028e5ca0f00213ffbae10f04977c03a778eb9b3b3b1fa01566b09b5aadca2ba800964237cfff9819957a14913d87969391c23952e9d513fb9b6f95fd5dbf0"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x11}, 0x48) 1m42.904735412s ago: executing program 5 (id=15931): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x35451d7003101a08, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) 1m42.395220461s ago: executing program 5 (id=15939): r0 = socket$netlink(0x10, 0x3, 0x15) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) 1m42.030001932s ago: executing program 5 (id=15943): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x3c1, 0x3, 0x358, 0x0, 0x4c, 0x1a, 0x160, 0x73, 0x288, 0x258, 0x258, 0x288, 0x258, 0x3, 0x0, {[{{@ipv6={@private0, @local, [], [], 'wg2\x00', 'macvlan1\x00', {}, {}, 0x73}, 0x0, 0x118, 0x160, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x2, 0x0, 0x7}}, @common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x0, {@ipv4=@remote, 'team_slave_1\x00'}}}, {{@uncond, 0x0, 0xf8, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@icmp6={{0x28}, {0x0, "e1f6"}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3b8) 1m41.68899204s ago: executing program 5 (id=15947): syz_mount_image$erofs(&(0x7f0000000140), &(0x7f0000000000)='./file2\x00', 0x300000c, &(0x7f0000000080)=ANY=[], 0xfe, 0x26e, &(0x7f0000000640)="$eJzsmL1rFEEYxp+Z/bicpyE2FjYWBlQk97HXpAkSQbASIfGr0sOsIWbNwd0K3oHEYGOjnYVgY+E/YBEwVQo7/QMCWqggKHiFhY3Nynzs7uR27261zfsrJs+9887MOw+zbxEQBHFg+frl9+en5+eXwYDDmEVJx79bAGNKcyP/04v7Z58vXHj55uPrdxvTD3fiuKX/iiVRZCxgwNSY820Au4sWNpOTktViCrP6xzK40D+EvgKOMzp+DQxVrW+B46rWPhhuaH3X0G2RX63eWQv86u12sCJEXQwNMXhiaOpUJy5isMWwooNRZIEZ9XP011tB4He6vUTYeq6XnRohomhcTmJsDg5cDBa5rBW707JC4eL1J4+3RCj2pq78kzTA0dD7NcGwpOPzKAlvADxSlhj3P27H9xcOpKgqs7f981bmiolJ959SYuFXbo54kEJ8QKfL9h062lAXShydK+R+RsRuD0/NZCLjBZe2DO3jxP51e32him5o/est1NORwh7xFllq5jnt7cSdK+Z1Kna3179U9BbPygAKFe/qaoanSjkVOplIgVvkCEutOjbYeZ/N+SZF3MmSl5k6FrHJR7Di78cp+NSD+EMMNv/rqQd+p4z+Oi/uWKnwR7S3rfpH9IrhFNL+YRv9oxbaqHV7/bm1e61Vf9Xf8LxmqZJ0PL9ekx062/iSfliW/emQsb+T3yrhchcPWmHYaajRZS7KCMOOJ397xmeztN3+eVMvC3ERwMn0WDfZ0cqW5aocLnOFOp1NQmVEhQRBEARBEARBEARBEARBEMPMGPoEmPwvqGDvCFDW8Wg/3mUZ/RsAAP//9IMvBQ==") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 1m41.227509478s ago: executing program 5 (id=15952): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0xd8, 0x30, 0xffff, 0x0, 0x0, {}, [{0xc4, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x1, 0x0, 0x0, 0x0, 0x31}, 0xfffffffe, 0x7}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_gact={0x54, 0x2, 0x0, 0x0, {{0x9}, {0x39, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x9, 0x6, 0xfffffffffffffffc, 0x57d, 0x3}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x18a0, 0x6}}]}, {0x4}, {0xc, 0x3, {0x20}}, {0xc}}}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x40044}, 0x0) 1m40.328502753s ago: executing program 5 (id=15957): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) copy_file_range(r0, 0x0, r0, 0x0, 0xaf6, 0x0) 1m39.770523942s ago: executing program 33 (id=15957): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) copy_file_range(r0, 0x0, r0, 0x0, 0xaf6, 0x0) 4.31842848s ago: executing program 6 (id=17024): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200c}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_FORWARD_DELAY={0x8, 0x1, 0x19}, @IFLA_BR_STP_STATE={0x8, 0x5, 0x1}]}}}]}, 0x44}}, 0x0) 3.930657258s ago: executing program 6 (id=17030): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b7020000b0ffffffbfa30000000000000703000000feffff7a0af0ff8f00000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x23) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r0, 0x702, 0xe98, 0x0, &(0x7f0000000380)="e460334470d8d400eb00c15286dd", 0x0, 0xfffffff7, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.801104992s ago: executing program 7 (id=17044): syz_mount_image$iso9660(&(0x7f00000001c0), &(0x7f0000000280)='./file1\x00', 0x14806, &(0x7f0000000b40)=ANY=[], 0xfd, 0x71d, &(0x7f00000002c0)="$eJzs3V1v3FgZB/D/mfdMIVSAqlWVbU5TkFIRZj2T7VSjgITxeBLDzHhkTyCRkFaFJquokwJtkejctLmBRVq+AHd7wwUfYiUuEBf7LeAKpBUICbECISOfY89Lxp4kTZp22f8v2h3HfnzO8bHXzzpjH4OIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIggrKZhVAXaTnd7R6azmp7biX/JYma5Li2P23ri9rw682G9gAj/QamEN/TsN748DrkW/msFS/q3JZTCjxKGV65d3fhSLhOvP6fBLwJpBQok1/X46fDBvcFg79EpCs8itfjXETLpy3LxxKbddXzX6ZibtnR8VzbqdeOtrZYvW07b9nf9vt2Rlmdn+q4nV63bstporEu7sntrEWiabTueeffrNcOoy+8U9Y4GUPGtLafddrqbKiZcHMbcle//QAfYZkfK/YPB3vpEw54l9XEYVE3YisxkcBhUO6lPakatVq3WatX6ncadu4aRm5lhhIQxgpmICz9o6VPmYk/gROeQsZr/Mf4kgDZK6GIbO5CJPxaa8OCik7I8Euf/DOy59U7m/yUgTI5L+fHi61D5/4b+7UZa/k9pi4RUKyQtESnzz/aTVy2SeIynGOIB7mGAAfbw6ALKlpDL5y6hYEQ9ObufktcopcTP/9mEjS4c+HDhoAMTm/g8ZDRHooE66jDwDrbQgg+JFhy0YcPHLnz0YYdHVCGs2YaJPlx4kFiFhduQqKKBBtYhYaOCXbjYRhebaMLEv4Ig2MeB6vf1qD3PE7YCcVA1ZSOKyMXH3R5qc7Y2Lf//8JleO8r/BvP/Z5U+Dor646N5MUSvgSC6/j+j5ZfTGiIiIiIiIiJ6GYT6jl2ob+XfBBCg5bRtYyqm+MpaR0REREREREQXQSAoYglC35WPNyFmr/+JiIiIiIiI6NNNqGfsBICyuqlfjB+XOs0fAbKX0EQiIiIiIiIiOif15P+NAhCou/yXIU66/s9dbgOJiIiIiIiI6NzemxhjP5eNxtgN4q/1MwCW/1wUH/6tCC8vjno7XxGHZrjEPIxiZu4A6Leui8VooF71UfiooJdY9pKIapPAP+O/PoQ+3k8e6/95oAkhvGMNKGQnC0hpgMC1qxv1XPQb3sdNvcrNaLjb+8MM1BI9onC55bTtiuW2N6owzcVM397p/+zhwc8Bb7Sd+weDvcqPfjy4r9pyFM46OgwLfTbVnExyZ4zb8kSNt6CeuUga3XgBrbjKX3U7ZaHqNeLtz8I8zExWNG8H1BcAvZW/wIreZyuBji0PRwP/CmBZDf5QrWyEO2xq6728GLeienzLk3ZEypaXVCtu6Zhbq7f0R9wnYTkZUfpaFqhVZvfBVCtqk604uS/E34/1//xWQJTCvlgPW/H7sKBjrfj+h3rl9d5OPDzGaVoxcxQQEb0q++MspAYxnxljP04P8Unt9HkHOSA6y+ns/l76m3yCKH/E2f3JbwKdobJALvpuIrmWOK8gPKOvClVOQX9JkbuecEY3Kp8EQWAuljB5Rv9vEMQbZMzPblN5/SgIguNn9N+N34EUNXumFf8OgmCjqjLJr49l1Q/CFT5Izap+u5ZFCUU8OfyJGgA/9O7eu3sPa7X1uvG2YdypIa/+VyH6yIK5h4iIZpz8jh0VkZkTId7GTV3Gzft//aqemsp4X4xuKVDeAga4jzUsh9e44TVnYqll7OOb/9C3Iazpq1Zgpaw/y0N57epGuPYo9kDk1Bte1lKv6lQu1bHq9obaKPaPX4hXmc7U49j1S9gTREREl2clfpXPsTwMTOV/TOf/0lT+X8Oqjli9nnjdXZ64pXAtvjoeXdIPrxwlxlZPbvy3LrgziIiIPiNs72NR7v9SeJ7Te6faaFTN/pYtPdf6rvSc5qYtnW7f9qwts7tpy57n9l3Lbcueh6KzYPvS3+71XK8vW64ne67v7Kg3v8vo1e/R9/7we23b9G1pud2+afVl0/Et2dv+dtvxt2xPrez3bMtpOZbZd9yu9N1tz7IrUvq2PRHoNO1u32k54WRX9jynY3q78ntue7tjy6btW57T67u6wLgup9tyvY4qtoLgzC86JCIi+n/0+Onwwb3BYO/R8YmF8NJczzlCSszsRCGhQI4RRERE9JoZp+szrFR6iQ0iIiIiIiIiIiIiIiIiIiIiIiIiIiIiIqIZJz/Sd8aJfNLDgsBozk8Xozl4jvEjhjPlCJy3PZ94f8iHNbzI6pmzVho/EjHMAkgNXhjNibt/MuboLJXiKvDC/fOXzwFX1BzoObkLPABmnx+9qJLjEYsTY76xrxemra4WJi4qjvZF7uL/cwgnHv52dpEItyIIgmD+6sXpPiyc/ngOO+tRYc4uWDjh+LnMsxARvQr/CwAA///SlDIY") stat(&(0x7f0000000ac0)='./file1\x00', &(0x7f0000000b00)) 2.396920339s ago: executing program 6 (id=17048): r0 = open(&(0x7f0000000040)='./file0\x00', 0x101b41, 0x27) fcntl$lock(r0, 0x25, &(0x7f00000002c0)) 2.052480425s ago: executing program 0 (id=17053): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0x437, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, 0x0, 0x40489}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_6RD_RELAY_PREFIX={0x8}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @rand_addr=0x64010100}]}}}]}, 0x40}}, 0x0) 2.051641439s ago: executing program 6 (id=17054): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r0, &(0x7f0000001380), &(0x7f0000000000)=""/10, 0x2}, 0x20) 1.985477002s ago: executing program 7 (id=17055): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) bind$x25(r0, &(0x7f0000000400)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1, 0x10}}, 0x12) 1.782022392s ago: executing program 2 (id=17056): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001940)={0x20, 0x48, 0x1, 0x0, 0x0, {0xa, 0x0, 0x6e80}, [@typed={0x8, 0x100, 0x0, 0x0, @u32}, @nested={0x4, 0x2}]}, 0x20}}, 0x20048800) 1.684313822s ago: executing program 6 (id=17058): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="8000000010000104000000000000000000010000", @ANYRES32=0x0, @ANYBLOB="080c0000000000004c0012800b00010067726574617000003c0002800500160002000000080006000000000005000900fc000000080007006401010206000300ff7f00000500160001000000060011004e24000005001000090000000a0001"], 0x80}}, 0x0) 1.65857107s ago: executing program 7 (id=17059): r0 = socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000004c0)=@nat={'nat\x00', 0x670, 0x2, 0x338, 0x98, 0x140, 0xfeffffff, 0x1e8, 0x140, 0x2a0, 0x2a0, 0xffffffff, 0x2a0, 0x2a0, 0x5, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'veth1_to_team\x00', {}, {}, 0x8}, 0x0, 0x70, 0x98}, @common=@inet=@TCPMSS={0x28}}, {{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @loopback, @loopback, @icmp_id}}}}, {{@ip={@loopback, @rand_addr, 0x0, 0x0, 'lo\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id=0x66}}}}, {{@uncond, 0x0, 0x70, 0xb8}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv6=@rand_addr=' \x01\x00', @ipv4=@dev}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x398) 1.610042934s ago: executing program 4 (id=17060): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000000)={0x0, {{0x2, 0x0, @multicast2}}, 0x0, 0x0, [{{0x2, 0x4e24, @empty}}, {{0x2, 0x4e21, @loopback}}, {{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {{0x2, 0x4e24, @private=0xa010101}}, {{0x2, 0x4e24, @loopback}}]}, 0xfda3) 1.497109273s ago: executing program 2 (id=17061): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x891e, &(0x7f0000000000)={'wlan1\x00', @random="010000201000"}) 1.474913321s ago: executing program 3 (id=17062): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000640)=@newsa={0x180, 0x10, 0x1, 0x8000000, 0x0, {{@in=@multicast1, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4e22, 0x9, 0x0, 0x0, 0x0, 0x20}, {@in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x33}, @in=@local, {0x0, 0x9, 0x200, 0x400000000000, 0x0, 0x3, 0x4, 0xffffffffffffffff}, {0x5680000000}, {0x10, 0x6, 0x2}, 0x0, 0x0, 0xa, 0x1}, [@algo_auth={0x48, 0x1, {{'sha256\x00'}}}, @algo_crypt={0x48, 0x2, {{'cbc-aes-neonbs\x00'}}}]}, 0x180}}, 0x0) 1.375957044s ago: executing program 7 (id=17063): name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000700), 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x119080) 1.374676704s ago: executing program 0 (id=17064): r0 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x1262, 0x0) 1.372377372s ago: executing program 6 (id=17065): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) mlockall(0x3) 1.333742458s ago: executing program 4 (id=17066): set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) 1.198754538s ago: executing program 3 (id=17067): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$IP_VS_SO_GET_INFO(r0, 0x0, 0x12, 0x0, &(0x7f0000000240)) 1.174447269s ago: executing program 2 (id=17068): syz_mount_image$cramfs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000400)=ANY=[], 0xfe, 0x15a, &(0x7f00000001c0)="$eJzs0D9rWlEYx/HvufdctVSxpRak0Cp0sZWCf2i3UrylUodWaOnSSbC3raBYKrRuVUq2DEJWh5CsIZBXoNEhJCRL8iayuAUyJpx7TUIIvoI8n0X8Pef5PXDfvT7IKK68bbd+/fY6He9b+lP1Q/nz8WhUMnkIulvX5sH7cQl+ohlrmPXBxNOYw/dG07Pq7ab5PytBGHDvYnIHiF/ccxOavoY8wX7mKUwe+u8sbmZeEcffe6TBjQdZDjhr3An67geZ6TsBbFAqND/22Gapkk09UNAdZjc39j7u71ZePH/jLRfKg2fRpJ39B2u4KrIz/XFkz7dMhfktFgqvirm8xctDv7A3QL+P/oGvCrTps/D7QiSf6C/wX8GKf2u2rWLAZPW02gpffuveXzsNKjWs15LOei1xz8LOaBYJJpGFcyGEEEIIIYQQQgghhBBCCCGEELfYeQAAAP//TSFM+Q==") creat(&(0x7f00000002c0)='./file0\x00', 0x0) 1.105512883s ago: executing program 7 (id=17069): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x18, 0x2e, 0x1, 0xf0bd26, 0x25dfdbfc, {0x4}, [@nested={0x4, 0xd}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) 1.10494096s ago: executing program 0 (id=17070): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) getsockopt$sock_buf(r0, 0x1, 0xa, 0x0, &(0x7f0000000280)) 1.037000953s ago: executing program 4 (id=17071): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x90, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x68, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x30, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_DATA={0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x104}, 0x1, 0x0, 0x0, 0x80}, 0x0) 864.954548ms ago: executing program 3 (id=17072): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x541b, 0x0) 803.555455ms ago: executing program 0 (id=17073): r0 = io_uring_setup(0x37a9, &(0x7f0000000100)={0x0, 0x2775, 0x10, 0x2, 0x43ca}) io_uring_register$IORING_REGISTER_FILE_ALLOC_RANGE(r0, 0x19, &(0x7f0000000240)={0x7, 0xfffffff7, 0xfbe4}, 0x4000000) 779.689571ms ago: executing program 4 (id=17074): r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x602) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000040)={0x80, 0x6, 0x103, 0x8000, 0x0, 0x0, 0x0}) 740.929708ms ago: executing program 2 (id=17075): timer_create(0x8, 0x0, &(0x7f0000bbdffc)=0x0) timer_settime(r0, 0x0, &(0x7f00000000c0)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) 565.938995ms ago: executing program 3 (id=17076): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x70bd29, 0x0, {0x2, 0x20, 0x20, 0x5, 0x0, 0x3}, [@RTA_UID={0x8}]}, 0x24}}, 0x0) 523.954636ms ago: executing program 0 (id=17077): r0 = syz_open_dev$radio(&(0x7f0000000000), 0x2, 0x2) poll(&(0x7f00000000c0)=[{r0, 0x4000}], 0x1, 0x7) 523.313971ms ago: executing program 4 (id=17078): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0x437, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, 0x0, 0x40489}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_6RD_RELAY_PREFIX={0x8}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @rand_addr=0x64010100}]}}}]}, 0x40}}, 0x0) 494.812342ms ago: executing program 7 (id=17079): syz_usb_control_io$hid(0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB="40309f00000044932b2fd80072c498df4f9b6b770b0200ce5b849cd6b53540a433be3048ed5b8c2141f80fa53717bd5fce"], 0x0, 0x0, 0x0, 0x0}) syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000c113a3202a11010011d80102030109022400010000c0080904530002058d9d0009050f0200020500ff090582"], 0x0) 416.786309ms ago: executing program 2 (id=17080): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0xa, 0x0, &(0x7f0000000040)) 248.298748ms ago: executing program 3 (id=17081): syz_mount_image$hfs(&(0x7f00000007c0), &(0x7f0000000000)='./file1\x00', 0x30008c0, &(0x7f0000000980)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030373737372c6469725f756d61736b3d30303030303030303030303030303030303030303030302c696f636861727365743d69736f383835392d362c636f6465706167653d63703835352c63726561746f723d4ddd71752c00eeabc72a9832436950c6116498dda8be60a94746ea68766f63d1d63944fbda2a9337439b37b6f2a694ba98f40070d09c3890bd28a2018f1adfe1e0a630020a9cac1a43800a70a9328ddb2a2f2e207da7cd3caf243b39eaff4966b7aa97cb6cc7d2cfc59e7a976de0a00d23c7ffaaa056cc4f8bc7b4c0f9a21db642b3e832e30a90ba1b9e7933b77c60f6a1b9ca9128f0a2d0e23373c9d15c79865bae97ddd82b98001b6aa9c5390e4deaf5f0ee492c6842b1c08486e479a889491459a257e9d4083634dac6cd58520f72e6c2f11bbd5b03655bb1863b16f3", @ANYBLOB="11f4579be01e435c584a33c63f8173f96bc4546035804d47be19163bd9e589bfdd0a9e6804495a4e4d83804e78ac5a72446295afd79de3fd6a02932a26ab4045133c371e56b0d48544db3c7db23a432f837b93f89b6f223cd1f6731d407ffdb1dd9467f5cd2d6c4e8b9d4f50d338ac91501a4bb780c4723929e22f55254546facc4f0284e644e6", @ANYRES8, @ANYRESHEX=0x0], 0x11, 0x314, &(0x7f0000000b80)="$eJzs3U1rE08cB/Dv7KZN+m/pf7UVwYNINWAvovUiXiIlL8KTqE0KxSWitviAYBVPIvbu3aNXX4N4UQTP9eRJPHiqBxmZh2SfN6lmd1P9fsCy2dmZ/e3OzlPALIjon7Xa3n11/ov6JwAXLvDsIuAAaAA1AEdwtLHV29zY9LudvIJcHK+bXAImp0gcs9brpmVtwOawPPWphrnwPiqGlPLS56qDoMrp1i/d6M4Tuieo29apExsVxZfl8f6zfJsBsF1EMBMlv6bEHvZwD/OlhUNERBNJmPHdseP8nJ2/Ow7QtIOJSpu48f937VUdQOFkbmpo/NerLClUvf+vk4L1nl7CqXSnv0pMK+t17PNU7PM0zNMTmV2KYatKHYszs77hd8+s3fQ7Dp6gZYUOW9R/O/bxtCLR1hNFL6WsTXMMSpvJPESkzyhn9TVMqWtYMfHfBRCJfyH3jAUQ78QHcUV4eInOYP5Xk0JVk64pL1ZTJv6z2SXqq/TUUbDdRqvVciKHHNInOWbPYA25ygbcrDNO2zIjXxB4w+LUuQ7HcpmrOzck10JqrhW9vQwnI9diJJe6mvUN/232qUohXojLYglf8Qbt0PzfUfE1kWyZoYc+aDWiaYYCfcdV64zWbEitaXsiPXJsfdp9aPYnm8vgLiYbrPUjv0+jfXiO67iA+Tv3H9xwfb97W21c89XjqjcGe27N2Q2/O/UUCCdNyga2gz11SC1xcH9QKjOw5bEWqPqPlCTVsHrf+3tUKxtW4KM/jUf1A4XeutkRrmJ/G/2uazwFtt+P50HqTxsiST+llCU2oh17Z+JJ1XRLVK6g0kc7PmWqQwebqlJh1n/BeqVmJnvqj5c6Tx/xiwBbolRz7MEKLsgrzYwcwH85K7i0YjNXcMk1V2LNqNdcJ08Dp0Y/o2fj/EuINj7iKr//JyIiIiIiIiIiIiIiIiIiIiIiIiI6aMr4zzBVXyMRERERERERERERERERERERERERERER0UG32oD53Wv03/+L0d7/G38Vi2t+Enws7//d6YHv/yUq3q8AAAD///B/c8c=") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) 224.304704ms ago: executing program 0 (id=17082): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180), 0x202, 0x0) ioctl$FBIOBLANK(r0, 0x4611, 0x0) 139.240483ms ago: executing program 2 (id=17083): r0 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000580)=@mangle={'mangle\x00', 0x44, 0x6, 0x438, 0x270, 0x0, 0x270, 0x270, 0x0, 0x3a0, 0x3a0, 0x3a0, 0x3a0, 0x3a0, 0x6, 0x0, {[{{@ip={@broadcast, @dev={0xac, 0x14, 0x14, 0x14}, 0xff, 0xff000000, 'batadv_slave_1\x00', 'bridge_slave_0\x00', {0x59e9ca6af987edf9}, {0xff}, 0xda, 0x3}, 0x0, 0x70, 0x98}, @TTL={0x28, 'TTL\x00', 0x0, {0x1, 0xa}}}, {{@ip={@loopback, @local, 0x0, 0x0, 'wg2\x00', 'veth0_virt_wifi\x00', {0xff}, {0xff}, 0x6, 0x0, 0x42}, 0x0, 0xc0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x1}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x7fff, 0x3, @multicast2, 0x4e22}}}, {{@uncond, 0x0, 0xc0, 0xe8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x4}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x10, 0xfc}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x498) 9.373933ms ago: executing program 3 (id=17084): pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) ioctl$FIONREAD(r0, 0x541b, 0xfffffffffffffffe) 0s ago: executing program 4 (id=17085): r0 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000000)) ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f00000000c0)={0x60, 0x2, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00002c5000/0x3000)=nil, 0x6, 0x0, 0x0, 0x5, 0x12, 0x5, 0x4c, 0x46}) kernel console output (not intermixed with test programs): ge from 0 to 32768 [ 1721.776130][ T9682] xfs: Deprecated parameter 'attr2' [ 1721.791634][ T9722] loop2: detected capacity change from 0 to 128 [ 1721.794678][ T9720] team0 (unregistering): Port device team_slave_0 removed [ 1721.818844][ T9682] XFS: attr2 mount option is deprecated. [ 1721.836126][ T9682] xfs: Deprecated parameter 'attr2' [ 1721.840485][ T9720] team0 (unregistering): Port device team_slave_1 removed [ 1721.847181][ T9682] XFS: attr2 mount option is deprecated. [ 1721.947673][ T9720] team0 (unregistering): Port device netdevsim1 removed [ 1722.016257][ T9682] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1722.181505][ T9682] XFS (loop0): Ending clean mount [ 1722.271733][ T9682] XFS (loop0): Quotacheck needed: Please wait. [ 1722.659232][ T9682] XFS (loop0): Quotacheck: Done. [ 1722.674775][ T9743] loop6: detected capacity change from 0 to 4096 [ 1722.708395][ T6019] usb 5-1: new high-speed USB device number 97 using dummy_hcd [ 1722.823555][ T9743] ntfs3(loop6): ino=19, mi_enum_attr [ 1722.850097][ T9743] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 1722.886945][ T6019] usb 5-1: Using ep0 maxpacket: 16 [ 1722.932247][ T5834] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1722.935357][ T6019] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 1722.950168][ T6019] usb 5-1: config 0 has no interface number 0 [ 1722.962074][ T6019] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 1722.971542][ T6019] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 1722.980518][ T6019] usb 5-1: Product: syz [ 1722.997491][ T6019] usb 5-1: SerialNumber: syz [ 1723.006757][ T6019] usb 5-1: config 0 descriptor?? [ 1723.039577][ T6019] cm109 5-1:0.8: invalid payload size 32, expected 4 [ 1723.080830][ T6019] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input102 [ 1723.388381][ T4992] usb 5-1: USB disconnect, device number 97 [ 1723.403288][ C1] cm109_urb_ctl_callback: 6 callbacks suppressed [ 1723.403319][ C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1723.416643][ C1] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 1723.685819][ T4992] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 1724.169542][ T9774] loop5: detected capacity change from 0 to 512 [ 1724.197439][ T9774] EXT4-fs: Ignoring removed orlov option [ 1724.228116][ T9774] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 1724.270561][ T9774] EXT4-fs error (device loop5): ext4_ext_check_inode:521: inode #16: comm syz.5.15460: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 28(0), depth 0(0) [ 1724.289343][ T9774] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 1724.308083][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 1724.323789][ C1] EXT4-fs (loop5): initial error at time 2000526206: ext4_ext_check_inode:521: inode 16 [ 1724.333635][ C1] EXT4-fs (loop5): last error at time 2000526206: ext4_ext_check_inode:521: inode 16 [ 1724.344398][ T9774] EXT4-fs error (device loop5): ext4_orphan_get:1400: comm syz.5.15460: couldn't read orphan inode 16 (err -117) [ 1724.357394][ T9774] loop5: lost filesystem error report for type 5 error -117 [ 1724.357920][ T9774] EXT4-fs (loop5): 1 orphan inode deleted [ 1724.378054][ T9774] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1724.405499][ T6019] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 1724.459963][ T4992] usb 1-1: new high-speed USB device number 105 using dummy_hcd [ 1724.519193][ T5847] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1724.607617][ T6019] usb 7-1: Using ep0 maxpacket: 16 [ 1724.615120][ T6019] usb 7-1: unable to get BOS descriptor or descriptor too short [ 1724.633067][ T6019] usb 7-1: config 1 has an invalid interface number: 93 but max is 0 [ 1724.652500][ T4992] usb 1-1: unable to get BOS descriptor or descriptor too short [ 1724.667063][ T6019] usb 7-1: config 1 has no interface number 0 [ 1724.681883][ T4992] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1724.695852][ T6019] usb 7-1: config 1 interface 93 has no altsetting 0 [ 1724.720507][ T4992] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1724.728652][ T6019] usb 7-1: New USB device found, idVendor=2c7c, idProduct=0203, bcdDevice=56.2a [ 1724.761183][ T6019] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1724.767838][ T4992] usb 1-1: string descriptor 0 read error: -22 [ 1724.779566][ T6019] usb 7-1: Product: syz [ 1724.790195][ T6019] usb 7-1: Manufacturer: syz [ 1724.803258][ T4992] usb 1-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice= 0.40 [ 1724.817420][ T6019] usb 7-1: SerialNumber: syz [ 1724.840385][ T4992] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1724.927443][ T4992] usb 1-1: selecting invalid altsetting 1 [ 1724.956066][ T4992] usb 1-1: unit 3 not found! [ 1725.100334][ T6019] option 7-1:1.93: GSM modem (1-port) converter detected [ 1725.139045][ T4992] usb 1-1: cannot request logical cluster ID: 0 (err: -5) [ 1725.156390][ T6019] usb 7-1: GSM modem (1-port) converter now attached to ttyUSB0 [ 1725.171531][ T4992] usb 1-1: invalid MIXER UNIT descriptor 6 [ 1725.217264][ T6019] usb 7-1: USB disconnect, device number 17 [ 1725.277965][ T6019] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0 [ 1725.347513][ T6019] option 7-1:1.93: device disconnected [ 1725.498175][ T4992] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -5 [ 1725.538256][ T4992] usb 1-1: USB disconnect, device number 105 [ 1725.697764][ T9817] loop5: detected capacity change from 0 to 64 [ 1726.286327][ T6019] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 1726.319142][ T9831] netlink: 180 bytes leftover after parsing attributes in process `syz.5.15486'. [ 1726.504854][ T6019] usb 7-1: Using ep0 maxpacket: 8 [ 1726.520823][T27351] usb 3-1: new high-speed USB device number 90 using dummy_hcd [ 1726.531883][ T6019] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1726.569563][ T6019] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1726.605490][ T6019] usb 7-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1726.643089][ T6019] usb 7-1: config 0 interface 0 has no altsetting 0 [ 1726.671303][ T6019] usb 7-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 1726.691898][T27351] usb 3-1: Using ep0 maxpacket: 32 [ 1726.703436][ T6019] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1726.718073][T27351] usb 3-1: config 0 has an invalid interface number: 110 but max is 0 [ 1726.729026][ T6019] usb 7-1: Product: syz [ 1726.741966][ T6019] usb 7-1: Manufacturer: syz [ 1726.752100][T27351] usb 3-1: config 0 has no interface number 0 [ 1726.760633][ T6019] usb 7-1: SerialNumber: syz [ 1726.776096][T27351] usb 3-1: config 0 interface 110 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1726.794623][ T6019] usb 7-1: config 0 descriptor?? [ 1726.818599][T27351] usb 3-1: config 0 interface 110 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B [ 1726.825526][ T6019] snd_usb_toneport 7-1:0.0: Line 6 TonePort UX2 found [ 1726.873149][T27351] usb 3-1: config 0 interface 110 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024 [ 1726.919877][T27351] usb 3-1: config 0 interface 110 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1726.957108][T27351] usb 3-1: config 0 interface 110 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 1726.988993][T27351] usb 3-1: config 0 interface 110 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 1727.033120][T27351] usb 3-1: config 0 interface 110 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 1727.080629][ T6019] snd_usb_toneport 7-1:0.0: cannot get proper max packet size [ 1727.087452][T27351] usb 3-1: New USB device found, idVendor=04fc, idProduct=0231, bcdDevice=6f.a9 [ 1727.105664][ T6019] snd_usb_toneport 7-1:0.0: Line 6 TonePort UX2 now disconnected [ 1727.129805][T27351] usb 3-1: New USB device strings: Mfr=1, Product=237, SerialNumber=2 [ 1727.146649][ T6019] snd_usb_toneport 7-1:0.0: probe with driver snd_usb_toneport failed with error -22 [ 1727.161389][T27351] usb 3-1: Product: syz [ 1727.180567][T27351] usb 3-1: Manufacturer: syz [ 1727.199861][T27351] usb 3-1: SerialNumber: syz [ 1727.229540][T27351] usb 3-1: config 0 descriptor?? [ 1727.267192][T27351] spcp8x5 3-1:0.110: SPCP8x5 converter detected [ 1727.307370][T27351] usb 3-1: SPCP8x5 converter now attached to ttyUSB0 [ 1727.379253][ T6019] usb 7-1: USB disconnect, device number 18 [ 1727.579303][T27351] usb 3-1: USB disconnect, device number 90 [ 1727.631463][T27351] SPCP8x5 ttyUSB0: SPCP8x5 converter now disconnected from ttyUSB0 [ 1727.656571][T27351] spcp8x5 3-1:0.110: device disconnected [ 1727.753281][ T9843] loop0: detected capacity change from 0 to 32768 [ 1727.772362][ T9843] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.15492 (9843) [ 1727.818826][ T9843] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1727.859872][ T9843] BTRFS info (device loop0): using sha256 checksum algorithm [ 1728.083791][ T9843] BTRFS info (device loop0): enabling ssd optimizations [ 1728.127651][ T9843] BTRFS info (device loop0): turning on async discard [ 1728.184922][ T9843] BTRFS info (device loop0): enabling free space tree [ 1728.442971][ T9892] overlayfs: workdir and upperdir must be separate subtrees [ 1728.461232][ T5834] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1728.806633][ T9898] CIFS mount error: No usable UNC path provided in device string! [ 1728.806633][ T9898] [ 1728.854945][ T9898] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1729.290999][ T9867] loop3: detected capacity change from 0 to 32768 [ 1729.329942][ T9867] xfs: Deprecated parameter 'attr2' [ 1729.357501][ T9867] XFS: attr2 mount option is deprecated. [ 1729.388167][ T9867] xfs: Deprecated parameter 'attr2' [ 1729.420647][ T9867] XFS: attr2 mount option is deprecated. [ 1729.530118][ T9867] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1729.644970][ T9924] loop2: detected capacity change from 0 to 4096 [ 1729.708772][ T9935] loop6: detected capacity change from 0 to 64 [ 1729.779834][ T9867] XFS (loop3): Ending clean mount [ 1729.798893][ T9936] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1729.818278][ T9867] XFS (loop3): Quotacheck needed: Please wait. [ 1729.874588][ T9924] NILFS error (device loop2): nilfs_find_entry: dir 2 size 2147487744 exceeds block count 1 [ 1729.978696][ T9924] Remounting filesystem read-only [ 1730.129324][ T9867] XFS (loop3): Quotacheck: Done. [ 1730.184664][ T9940] netlink: 2 bytes leftover after parsing attributes in process `syz.0.15528'. [ 1730.287642][ T5843] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 1730.494465][ T5840] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1731.069234][ T9934] loop5: detected capacity change from 0 to 32768 [ 1731.118872][ T9934] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.15524 (9934) [ 1731.203480][ T9934] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1731.251272][ T9934] BTRFS info (device loop5): using sha256 checksum algorithm [ 1731.416716][ T9934] BTRFS info (device loop5): enabling ssd optimizations [ 1731.466853][ T9934] BTRFS info (device loop5): turning on async discard [ 1731.482269][ T9980] loop3: detected capacity change from 0 to 512 [ 1731.514523][ T9934] BTRFS info (device loop5): enabling free space tree [ 1731.610929][ T9980] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1731.756154][ T5847] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1732.139873][ T5840] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1732.426594][T10011] 9pnet: Found fid 0 not clunked [ 1732.686630][T10018] dlm: non-version read from control device 36 [ 1732.828382][T10024] netlink: 'syz.4.15560': attribute type 1 has an invalid length. [ 1732.875740][T10024] netlink: 'syz.4.15560': attribute type 1 has an invalid length. [ 1733.141629][T10033] netlink: 20 bytes leftover after parsing attributes in process `syz.2.15565'. [ 1733.162246][T10030] loop6: detected capacity change from 0 to 1024 [ 1733.199636][T10030] hfsplus: invalid length 256 has been corrected to 255 [ 1733.228838][T10030] hfsplus: invalid length 256 has been corrected to 255 [ 1733.252522][T10034] loop3: detected capacity change from 0 to 2048 [ 1733.291612][T10034] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1733.297389][T10039] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 1733.344702][T10030] hfsplus: invalid length 256 has been corrected to 255 [ 1733.386919][T10030] hfsplus: invalid length 256 has been corrected to 255 [ 1733.403604][T10030] hfsplus: invalid length 256 has been corrected to 255 [ 1733.412029][T10042] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1733.439972][T10030] hfsplus: xattr search failed [ 1733.493722][T10044] loop5: detected capacity change from 0 to 512 [ 1733.513622][T10044] EXT4-fs: Ignoring removed oldalloc option [ 1733.532510][T10044] EXT4-fs (loop5): filesystem is read-only [ 1733.540499][T10030] hfsplus: invalid length 256 has been corrected to 255 [ 1733.554650][T10044] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 1733.559038][T10040] bond4: entered promiscuous mode [ 1733.619248][T10044] EXT4-fs (loop5): filesystem is read-only [ 1733.634741][T10040] 8021q: adding VLAN 0 to HW filter on device bond4 [ 1733.641706][T10044] EXT4-fs (loop5): orphan cleanup on readonly fs [ 1733.678983][T10049] netlink: 72 bytes leftover after parsing attributes in process `syz.0.15572'. [ 1733.697868][T10044] EXT4-fs error (device loop5): ext4_validate_block_bitmap:440: comm syz.5.15571: bg 0: block 64: padding at end of block bitmap is not set [ 1733.793819][T10044] loop5: lost filesystem error report for type 5 error -117 [ 1733.794340][T10044] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 1733.801754][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 1733.801789][ C0] EXT4-fs (loop5): initial error at time 2000526215: ext4_validate_block_bitmap:440 [ 1733.801833][ C0] EXT4-fs (loop5): last error at time 2000526215: ext4_validate_block_bitmap:440 [ 1733.853039][T10044] loop5: lost filesystem error report for type 5 error -117 [ 1733.859270][T10044] EXT4-fs (loop5): 1 orphan inode deleted [ 1733.949663][ T1342] hfsplus: invalid length 256 has been corrected to 255 [ 1733.964071][T10044] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1734.299312][T10063] bridge2: the hash_elasticity option has been deprecated and is always 16 [ 1734.307729][ T5847] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1734.467280][T10068] netlink: 1004 bytes leftover after parsing attributes in process `syz.5.15581'. [ 1735.299669][T10096] loop0: detected capacity change from 0 to 16 [ 1735.382006][T10096] erofs (device loop0): mounted with root inode @ nid 36. [ 1735.647565][T10104] loop5: detected capacity change from 0 to 128 [ 1735.759704][T10109] loop0: detected capacity change from 0 to 64 [ 1735.816964][T10109] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. Mounting read-only. [ 1735.867063][T10109] hfs: filesystem is marked locked, mounting read-only. [ 1736.478175][T10090] loop2: detected capacity change from 0 to 32768 [ 1736.508479][T10090] xfs: Deprecated parameter 'attr2' [ 1736.508681][T10120] ipt_ECN: cannot use operation on non-tcp rule [ 1736.536073][T10090] XFS: attr2 mount option is deprecated. [ 1736.553586][T10122] 9pnet: Found fid 0 not clunked [ 1736.563231][T10090] xfs: Deprecated parameter 'attr2' [ 1736.586941][T10090] XFS: attr2 mount option is deprecated. [ 1736.642471][T10090] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1736.670192][T10093] loop4: detected capacity change from 0 to 32768 [ 1736.730026][T10131] loop0: detected capacity change from 0 to 512 [ 1736.754904][T10090] XFS (loop2): Ending clean mount [ 1736.755096][T10131] EXT4-fs: Ignoring removed i_version option [ 1736.790706][T10090] XFS (loop2): Quotacheck needed: Please wait. [ 1736.829247][T10131] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1736.899920][T10131] EXT4-fs error (device loop0): ext4_validate_block_bitmap:440: comm syz.0.15610: bg 0: block 384: padding at end of block bitmap is not set [ 1736.929790][T10131] loop0: lost filesystem error report for type 5 error -117 [ 1736.939058][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 1736.952907][ C1] EXT4-fs (loop0): initial error at time 2000526218: ext4_validate_block_bitmap:440 [ 1736.962358][ C1] EXT4-fs (loop0): last error at time 2000526218: ext4_validate_block_bitmap:440 [ 1737.009817][T10131] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 1737.024037][T10131] loop0: lost filesystem error report for type 5 error -117 [ 1737.042684][T10131] EXT4-fs error (device loop0): ext4_clear_blocks:874: inode #11: comm syz.0.15610: attempt to clear invalid blocks 983260 len 1 [ 1737.067454][T10131] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1737.082766][T10131] EXT4-fs error (device loop0): __ext4_get_inode_loc:4884: comm syz.0.15610: Invalid inode table block 0 in block_group 0 [ 1737.116778][T10131] loop0: lost filesystem error report for type 5 error -117 [ 1737.120504][T10131] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 1737.177196][T10144] geneve3: entered promiscuous mode [ 1737.181722][T10131] loop0: lost filesystem error report for type 5 error -117 [ 1737.182933][T10131] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem [ 1737.214953][T10144] geneve3: entered allmulticast mode [ 1737.243311][T10090] XFS (loop2): Quotacheck: Done. [ 1737.249655][T10131] loop0: lost filesystem error report for type 5 error -117 [ 1737.251044][T10131] EXT4-fs error (device loop0): __ext4_get_inode_loc:4884: comm syz.0.15610: Invalid inode table block 0 in block_group 0 [ 1737.388308][T10131] loop0: lost filesystem error report for type 5 error -117 [ 1737.391592][T10131] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 1737.481574][T10131] loop0: lost filesystem error report for type 5 error -117 [ 1737.483381][T10131] EXT4-fs error (device loop0): ext4_truncate:4690: inode #11: comm syz.0.15610: mark_inode_dirty error [ 1737.547804][T10131] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1737.549180][T10131] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem [ 1737.606889][T10131] loop0: lost filesystem error report for type 5 error -117 [ 1737.607532][T10131] EXT4-fs (loop0): 1 truncate cleaned up [ 1737.659511][ T5843] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1737.694404][T10131] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1737.757601][T10158] netlink: 'syz.5.15623': attribute type 6 has an invalid length. [ 1737.936874][T10131] EXT4-fs error (device loop0): ext4_read_inode_bitmap:138: comm syz.0.15610: Invalid inode bitmap blk 0 in block_group 0 [ 1738.276343][ T5834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1738.334004][T10173] netlink: 'syz.5.15629': attribute type 7 has an invalid length. [ 1738.402178][T10173] : entered promiscuous mode [ 1739.406788][T10164] loop4: detected capacity change from 0 to 32768 [ 1740.071442][T10217] loop3: detected capacity change from 0 to 8 [ 1740.211616][T10217] SQUASHFS error: Unable to read directory block [2c0:35] [ 1740.230493][T10217] SQUASHFS error: Unable to read directory block [2c0:35] [ 1740.452953][T10226] loop4: detected capacity change from 0 to 64 [ 1740.516886][T10228] netlink: 8 bytes leftover after parsing attributes in process `syz.2.15655'. [ 1740.785556][T10234] loop5: detected capacity change from 0 to 2048 [ 1740.862523][T10234] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1740.866350][T10197] loop0: detected capacity change from 0 to 32768 [ 1740.935677][T27351] usb 4-1: new high-speed USB device number 95 using dummy_hcd [ 1740.964545][T10197] XFS (loop0): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 1741.138745][T27351] usb 4-1: Using ep0 maxpacket: 8 [ 1741.149981][T10197] XFS (loop0): Ending clean mount [ 1741.162283][T27351] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1741.193761][T27351] usb 4-1: config 8 has an invalid interface number: 61 but max is 2 [ 1741.223656][T27351] usb 4-1: config 8 has 1 interface, different from the descriptor's value: 3 [ 1741.243285][T27351] usb 4-1: config 8 has no interface number 0 [ 1741.285524][T27351] usb 4-1: config 8 interface 61 altsetting 8 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1741.345108][T27351] usb 4-1: config 8 interface 61 altsetting 8 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1741.398911][T27351] usb 4-1: config 8 interface 61 has no altsetting 0 [ 1741.425312][ T5834] XFS (loop0): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 1741.433025][T27351] usb 4-1: New USB device found, idVendor=057c, idProduct=2200, bcdDevice=e9.1f [ 1741.491322][T27351] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1741.551980][T27351] usb 4-1: Product: syz [ 1741.585626][T27351] usb 4-1: Manufacturer: syz [ 1741.617446][T27351] usb 4-1: SerialNumber: syz [ 1741.679518][T10256] loop5: detected capacity change from 0 to 2048 [ 1741.745987][T10260] netlink: 28 bytes leftover after parsing attributes in process `syz.6.15668'. [ 1741.777009][T10260] netlink: 28 bytes leftover after parsing attributes in process `syz.6.15668'. [ 1741.786000][T10256] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1741.973270][T10256] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.15665: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 1741.979449][T27351] bfusb 4-1:8.61: probe with driver bfusb failed with error -5 [ 1742.097947][T27351] usb 4-1: USB disconnect, device number 95 [ 1742.148783][T10256] EXT4-fs (loop5): Remounting filesystem read-only [ 1742.332822][ T5847] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1742.727106][T10289] loop5: detected capacity change from 0 to 128 [ 1742.758070][T10289] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 1742.805123][T10289] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1743.468503][T27351] usb 4-1: new high-speed USB device number 96 using dummy_hcd [ 1743.674190][T27351] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1743.718773][T27351] usb 4-1: config 220 has 2 interfaces, different from the descriptor's value: 3 [ 1743.760844][T27351] usb 4-1: config 220 interface 1 altsetting 5 endpoint 0x89 has an invalid bInterval 52, changing to 7 [ 1743.797429][T27351] usb 4-1: config 220 interface 1 altsetting 5 endpoint 0x89 has invalid maxpacket 9272, setting to 1024 [ 1743.837244][T27351] usb 4-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12 [ 1743.850884][T10281] loop6: detected capacity change from 0 to 32768 [ 1743.891791][T27351] usb 4-1: config 220 interface 0 has no altsetting 0 [ 1743.926334][T27351] usb 4-1: config 220 interface 1 has no altsetting 0 [ 1743.930556][T10281] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1743.959134][T27351] usb 4-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=6c.b9 [ 1743.979538][T27351] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1743.995540][T27351] usb 4-1: Product: syz [ 1744.002731][T27351] usb 4-1: Manufacturer: syz [ 1744.007373][T27351] usb 4-1: SerialNumber: syz [ 1744.078772][T10281] XFS (loop6): Ending clean mount [ 1744.288496][T27351] usb 4-1: selecting invalid altsetting 0 [ 1744.308915][T27351] uvcvideo 4-1:220.0: probe with driver uvcvideo failed with error -22 [ 1744.371755][T27351] usb 4-1: selecting invalid altsetting 0 [ 1744.410146][T27351] usbtest 4-1:220.1: probe with driver usbtest failed with error -22 [ 1744.436981][T27606] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1744.498626][T27351] usb 4-1: USB disconnect, device number 96 [ 1745.261351][T10365] loop3: detected capacity change from 0 to 2048 [ 1745.349149][T10365] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1745.487004][ T30] audit: type=1800 audit(2000526226.249:355): pid=10365 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.15713" name="file1" dev="loop3" ino=1367 res=0 errno=0 [ 1745.830510][T10379] loop5: detected capacity change from 0 to 512 [ 1746.161792][ T6019] usb 4-1: new high-speed USB device number 97 using dummy_hcd [ 1746.345065][ T6019] usb 4-1: Using ep0 maxpacket: 8 [ 1746.372220][ T6019] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 1746.399275][ T6019] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1746.423620][ T6019] usb 4-1: Product: syz [ 1746.440371][ T6019] usb 4-1: Manufacturer: syz [ 1746.458114][ T6019] usb 4-1: SerialNumber: syz [ 1746.497099][ T6019] usb 4-1: config 0 descriptor?? [ 1746.530737][ T6019] gspca_main: sq930x-2.14.0 probing 2770:930c [ 1746.769291][T10373] loop6: detected capacity change from 0 to 32768 [ 1746.798418][T10373] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.15717 (10373) [ 1746.849428][T10373] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1746.884303][T10373] BTRFS info (device loop6): using crc32c checksum algorithm [ 1746.969661][ T6019] gspca_sq930x: ucbus_write failed -71 [ 1746.975625][ T6019] sq930x 4-1:0.0: probe with driver sq930x failed with error -71 [ 1746.989100][ T6019] usb 4-1: USB disconnect, device number 97 [ 1747.110461][T10373] BTRFS info (device loop6): enabling ssd optimizations [ 1747.161835][T10373] BTRFS info (device loop6): turning on flush-on-commit [ 1747.197738][T10373] BTRFS info (device loop6): enabling free space tree [ 1747.223948][T10373] BTRFS info (device loop6): enabling auto defrag [ 1747.241500][T10373] BTRFS info (device loop6): use lzo compression, level 1 [ 1747.259656][T10373] BTRFS info (device loop6): max_inline set to 4096 [ 1747.757106][T27606] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1748.339735][T10404] loop2: detected capacity change from 0 to 40427 [ 1748.380099][T10404] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1748.403361][T10454] netlink: 'syz.3.15747': attribute type 1 has an invalid length. [ 1748.421634][T10404] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1748.488557][T10404] F2FS-fs (loop2): invalid crc_offset: 33558524 [ 1748.943016][T10404] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1749.078161][T10404] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1749.130730][T10404] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1749.169918][T10475] netlink: 32 bytes leftover after parsing attributes in process `syz.4.15756'. [ 1749.695924][T10487] libceph: secret too big 289 [ 1749.826871][ T6021] usb 6-1: new high-speed USB device number 95 using dummy_hcd [ 1750.045206][ T6021] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1750.086291][ T6021] usb 6-1: config 220 has 2 interfaces, different from the descriptor's value: 3 [ 1750.135895][ T6021] usb 6-1: config 220 interface 1 altsetting 5 endpoint 0x89 has an invalid bInterval 52, changing to 7 [ 1750.181666][ T6021] usb 6-1: config 220 interface 1 altsetting 5 endpoint 0x89 has invalid maxpacket 9272, setting to 1024 [ 1750.219451][ T6021] usb 6-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12 [ 1750.264807][ T6021] usb 6-1: config 220 interface 0 has no altsetting 0 [ 1750.292413][ T6021] usb 6-1: config 220 interface 1 has no altsetting 0 [ 1750.323731][ T6021] usb 6-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=6c.b9 [ 1750.356105][ T6021] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1750.378483][ T6021] usb 6-1: Product: syz [ 1750.392885][ T6021] usb 6-1: Manufacturer: syz [ 1750.410503][ T6021] usb 6-1: SerialNumber: syz [ 1750.481246][T10499] openvswitch: netlink: Duplicate key (type 21). [ 1750.701039][ T6021] usb 6-1: selecting invalid altsetting 0 [ 1750.729812][ T6021] uvcvideo 6-1:220.0: probe with driver uvcvideo failed with error -22 [ 1750.800862][ T6021] usb 6-1: selecting invalid altsetting 0 [ 1750.806660][ T6021] usbtest 6-1:220.1: probe with driver usbtest failed with error -22 [ 1750.841424][T10511] IPv6: NLM_F_CREATE should be specified when creating new route [ 1750.860036][ T6021] usb 6-1: USB disconnect, device number 95 [ 1751.082795][T10514] loop6: detected capacity change from 0 to 164 [ 1751.122068][T10517] loop0: detected capacity change from 0 to 256 [ 1751.197400][T10521] IPv6: sit2: Disabled Multicast RS [ 1751.695216][T10539] netlink: 'syz.6.15788': attribute type 2 has an invalid length. [ 1751.727062][T10539] netlink: 'syz.6.15788': attribute type 1 has an invalid length. [ 1751.887019][T10541] CIFS: iocharset name too long [ 1752.343232][T10559] netlink: 20 bytes leftover after parsing attributes in process `syz.6.15798'. [ 1752.386301][T10559] netlink: 276 bytes leftover after parsing attributes in process `syz.6.15798'. [ 1752.496771][T10561] loop2: detected capacity change from 0 to 256 [ 1752.962961][T10531] loop0: detected capacity change from 0 to 32768 [ 1753.123009][T10531] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 1753.187180][ T30] audit: type=1400 audit(2000526233.455:356): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=10583 comm="syz.3.15809" [ 1753.590263][ T5834] ocfs2: Unmounting device (7,0) on (node local) [ 1754.409787][T10625] loop0: detected capacity change from 0 to 128 [ 1754.491979][T10625] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 1754.541543][T10625] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1755.217624][T10652] xt_hl: Unknown Hop Limit match mode: 206 [ 1755.746146][T10627] loop2: detected capacity change from 0 to 32768 [ 1755.831525][T10627] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 1756.165381][T10677] loop0: detected capacity change from 0 to 512 [ 1756.221470][T10677] EXT4-fs (loop0): Test dummy encryption mode enabled [ 1756.257562][T10677] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e064e0ad, mo2=0002] [ 1756.258429][ T5843] ocfs2: Unmounting device (7,2) on (node local) [ 1756.302726][T10677] System zones: 1-12 [ 1756.372963][T10677] EXT4-fs (loop0): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1756.606472][T10677] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 1756.624715][T10641] loop5: detected capacity change from 0 to 40427 [ 1756.652072][T10677] EXT4-fs error (device loop0): __ext4_add_entry:2412: inode #2: comm syz.0.15854: Directory hole found for htree leaf block 0 [ 1756.671155][T10641] F2FS-fs (loop5): Fix alignment : internally, start(4096) end(16896) block(12288) [ 1756.690812][T10677] EXT4-fs (loop0): Remounting filesystem read-only [ 1756.709546][T10641] F2FS-fs (loop5): invalid crc value [ 1756.881766][ T5834] EXT4-fs (loop0): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 1757.061000][ T6021] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 1757.129239][T10641] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 1757.197525][T10641] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 1757.232118][ T6021] usb 7-1: Using ep0 maxpacket: 16 [ 1757.248724][ T6021] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1757.287547][ T6021] usb 7-1: config 0 interface 0 has no altsetting 0 [ 1757.300499][ T6021] usb 7-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 1757.316742][T10667] loop3: detected capacity change from 0 to 32768 [ 1757.321344][ T6021] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1757.349834][T10641] F2FS-fs (loop5): Try to recover all the superblocks, ret: 0 [ 1757.362860][ T6021] usb 7-1: config 0 descriptor?? [ 1757.388756][T10667] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1757.397611][ T6021] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 1757.526318][T10667] XFS (loop3): Ending clean mount [ 1757.605282][ T6019] usb 7-1: USB disconnect, device number 19 [ 1757.772355][ T5840] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1758.370933][T10726] ip6t_srh: unknown srh match flags 5F28 [ 1759.155979][T10749] loop3: detected capacity change from 0 to 16 [ 1759.221855][T10749] erofs (device loop3): DAX unsupported by block device. Turning off DAX. [ 1759.792227][T10765] openvswitch: netlink: IP tunnel dst address not specified [ 1760.068738][T10749] erofs (device loop3): mounted with root inode @ nid 36. [ 1760.226973][ T51] erofs (device loop3): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 9000 [ 1760.240332][T10749] erofs (device loop3): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 4096 [ 1760.291477][T10749] erofs (device loop3): read error -117 @ 0 of nid 89 [ 1760.302708][T10735] loop2: detected capacity change from 0 to 40427 [ 1760.315447][ T30] audit: type=1800 audit(2000526240.127:357): pid=10749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.15882" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 1760.347317][T10735] F2FS-fs (loop2): Fix alignment : internally, start(4096) end(16896) block(12288) [ 1760.376927][T10735] F2FS-fs (loop2): invalid crc value [ 1760.478896][T10787] loop5: detected capacity change from 0 to 128 [ 1760.491131][ T6021] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 1760.567394][T10787] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1760.610316][T10790] loop4: detected capacity change from 0 to 764 [ 1760.628543][T10787] ext4 filesystem being mounted at /2715/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1760.672305][T10790] Symlink component flag not implemented [ 1760.679015][T10790] Symlink component flag not implemented [ 1760.695464][ T6021] usb 7-1: Using ep0 maxpacket: 16 [ 1760.724504][ T6021] usb 7-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 1760.775533][ T6021] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1760.813338][ T6021] usb 7-1: Product: syz [ 1760.825225][T10735] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 1760.843952][ T6021] usb 7-1: Manufacturer: syz [ 1760.851881][ T6021] usb 7-1: SerialNumber: syz [ 1760.866103][ T5847] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1760.876099][ T6021] usb 7-1: config 0 descriptor?? [ 1760.906613][ T6021] visor 7-1:0.0: Sony Clie 3.5 converter detected [ 1760.950018][T10735] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1761.089858][T10735] F2FS-fs (loop2): Try to recover all the superblocks, ret: 0 [ 1761.141999][ T6021] usb 7-1: clie_3_5_startup: get config number bad return length: 0 [ 1761.159183][ T6021] visor 7-1:0.0: probe with driver visor failed with error -5 [ 1761.167193][T10799] netlink: 76 bytes leftover after parsing attributes in process `syz.5.15903'. [ 1761.409571][ T6021] usb 7-1: USB disconnect, device number 20 [ 1761.767830][T10814] loop0: detected capacity change from 0 to 256 [ 1761.895678][T10818] openvswitch: netlink: IP tunnel TTL not specified. [ 1762.155115][T10823] loop0: detected capacity change from 0 to 1024 [ 1762.273379][T10827] loop3: detected capacity change from 0 to 256 [ 1762.432118][T10827] FAT-fs (loop3): Directory bread(block 64) failed [ 1762.466038][T10827] FAT-fs (loop3): Directory bread(block 65) failed [ 1762.501854][T10827] FAT-fs (loop3): Directory bread(block 66) failed [ 1762.538611][T10827] FAT-fs (loop3): Directory bread(block 67) failed [ 1762.567718][T10827] FAT-fs (loop3): Directory bread(block 68) failed [ 1762.603240][T10827] FAT-fs (loop3): Directory bread(block 69) failed [ 1762.632497][T10827] FAT-fs (loop3): Directory bread(block 70) failed [ 1762.668371][T10827] FAT-fs (loop3): Directory bread(block 71) failed [ 1762.702429][T10827] FAT-fs (loop3): Directory bread(block 72) failed [ 1762.740105][T10827] FAT-fs (loop3): Directory bread(block 73) failed [ 1763.003405][ T30] audit: type=1800 audit(2000526242.635:358): pid=10827 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.15919" name="bus" dev="loop3" ino=1048841 res=0 errno=0 [ 1763.385689][T10862] loop3: detected capacity change from 0 to 16 [ 1763.437891][T10862] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 1763.510057][T10861] loop2: detected capacity change from 0 to 2048 [ 1763.568561][T10861] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1763.961816][T10874] xt_l2tp: v2 doesn't support IP mode [ 1764.297654][T10884] loop5: detected capacity change from 0 to 16 [ 1764.360361][T10884] erofs (device loop5): mounted with root inode @ nid 36. [ 1764.423134][T10884] erofs (device loop5): invalid h_shared_count 83 @ nid 46 [ 1764.480259][T10890] netlink: 'syz.6.15950': attribute type 3 has an invalid length. [ 1764.513364][T10890] netlink: 'syz.6.15950': attribute type 3 has an invalid length. [ 1764.541233][T10890] netlink: 16 bytes leftover after parsing attributes in process `syz.6.15950'. [ 1764.573300][ T4992] usb 3-1: new high-speed USB device number 91 using dummy_hcd [ 1764.648462][T10892] loop0: detected capacity change from 0 to 64 [ 1764.671192][ T5847] erofs (device loop5): invalid h_shared_count 83 @ nid 46 [ 1764.720219][T10858] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1764.746303][T10858] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1764.759757][ T4992] usb 3-1: Using ep0 maxpacket: 16 [ 1764.780167][ T4992] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1764.788959][T10858] F2FS-fs (loop4): invalid crc_offset: 33558524 [ 1764.800950][ T4992] usb 3-1: config 1 has an invalid interface number: 237 but max is 0 [ 1764.828491][ T4992] usb 3-1: config 1 has no interface number 0 [ 1764.853585][ T4992] usb 3-1: config 1 interface 237 has no altsetting 0 [ 1764.885749][ T4992] usb 3-1: string descriptor 0 read error: -22 [ 1764.903739][ T4992] usb 3-1: New USB device found, idVendor=045e, idProduct=0445, bcdDevice=87.ed [ 1764.915983][T10897] Symlink component flag not implemented [ 1764.945692][ T4992] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1764.946780][T10897] Symlink component flag not implemented [ 1764.996423][ T4992] ipaq 3-1:1.237: PocketPC PDA converter detected [ 1765.070388][ T5847] bridge0: port 1(syz_tun) entered disabled state [ 1765.147070][T10858] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1765.209482][ T5847] syz_tun (unregistering): left allmulticast mode [ 1765.238936][ T5847] syz_tun (unregistering): left promiscuous mode [ 1765.246028][ T4992] usb 3-1: PocketPC PDA converter now attached to ttyUSB0 [ 1765.263606][ T5847] bridge0: port 1(syz_tun) entered disabled state [ 1765.280055][T10858] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1765.315226][T10858] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1765.529180][ T4992] usb 3-1: USB disconnect, device number 91 [ 1765.577121][ T4992] ipaq ttyUSB0: PocketPC PDA converter now disconnected from ttyUSB0 [ 1765.621552][ T4992] ipaq 3-1:1.237: device disconnected [ 1765.767194][ T49] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1765.953435][ T49] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1766.130810][ T49] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1766.503090][ T49] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1766.639052][ T6918] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1766.677107][ T6918] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1766.695441][ T6918] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1766.703558][ T6918] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1766.712853][ T6918] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1767.529373][ T49] pimreg: left allmulticast mode [ 1768.356330][T10921] set_capacity_and_notify: 2 callbacks suppressed [ 1768.356358][T10921] loop0: detected capacity change from 0 to 40427 [ 1768.416252][T10921] F2FS-fs (loop0): Fix alignment : internally, start(4096) end(16896) block(12288) [ 1768.445893][T10921] F2FS-fs (loop0): invalid crc value [ 1768.457345][T10929] loop6: detected capacity change from 0 to 32768 [ 1768.610904][T10929] jfs_strtoUCS: char2uni returned -22. [ 1768.652601][T10929] charset = utf8, char = 0xc5 [ 1768.827525][T10960] ipt_REJECT: TCP_RESET invalid for non-tcp [ 1768.892763][T10921] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 1768.999809][ T6918] Bluetooth: hci4: command tx timeout [ 1769.022897][T10921] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1769.089668][ T49] .` (unregistering): (slave bond_slave_0): Releasing backup interface [ 1769.188151][ T49] .` (unregistering): (slave bond_slave_1): Releasing backup interface [ 1769.211100][T10921] F2FS-fs (loop0): Try to recover all the superblocks, ret: 0 [ 1769.235356][ T49] .` (unregistering): Released all slaves [ 1769.297547][ T49] bond0 (unregistering): Released all slaves [ 1769.442874][T10964] ip6tnl1: entered promiscuous mode [ 1769.516985][ T5290] 8021q: adding VLAN 0 to HW filter on device eth5 [ 1769.551170][T10972] loop4: detected capacity change from 0 to 2048 [ 1769.611189][T10972] NILFS (loop4): invalid segment: Magic number mismatch [ 1769.640144][T10972] NILFS (loop4): trying rollback from an earlier position [ 1769.691859][ T49] : left promiscuous mode [ 1769.730684][T10972] NILFS (loop4): recovery complete [ 1769.788566][T10978] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1770.793586][T10916] xfrm0 speed is unknown, defaulting to 1000 [ 1771.222631][ T6918] Bluetooth: hci4: command tx timeout [ 1771.431354][T11012] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 1771.999344][T11028] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15998'. [ 1772.251487][ T5290] 8021q: adding VLAN 0 to HW filter on device eth6 [ 1772.339901][ T30] audit: type=1107 audit(2000526251.366:359): pid=11033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 1772.803128][T11050] xt_limit: Overflow, try lower: 167772/2147483648 [ 1773.392632][ T49] hsr_slave_1: left promiscuous mode [ 1773.442650][ T6918] Bluetooth: hci4: command tx timeout [ 1773.449910][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1773.488626][T11064] tmpfs: Bad value for 'mpol' [ 1773.510214][ T49] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1773.526247][T11043] Bluetooth: hci0: Opcode 0x0401 failed: -4 [ 1773.573957][T11068] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 1773.583622][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1773.591524][ T49] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1773.807252][ T49] veth1_macvtap: left promiscuous mode [ 1773.829888][ T49] veth0_macvtap: left promiscuous mode [ 1773.833528][T11046] loop2: detected capacity change from 0 to 32768 [ 1773.968329][T11046] jfs_create: dtInsert returned -EIO [ 1774.000639][T11046] ERROR: (device loop2): txAbort: [ 1774.000639][T11046] [ 1774.056422][T11046] ERROR: (device loop2): remounting filesystem as read-only [ 1774.570701][T11096] loop3: detected capacity change from 0 to 256 [ 1774.587065][T11096] vfat: Deprecated parameter 'posix' [ 1774.597892][T11096] FAT-fs: "posix" option is obsolete, not supported now [ 1774.741778][T11099] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1775.022229][T11104] loop2: detected capacity change from 0 to 512 [ 1775.058448][T11104] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 1775.122304][T11104] UDF-fs: error (device loop2): udf_read_inode: (ino 19) failed ident=264 [ 1775.665508][ T6918] Bluetooth: hci4: command tx timeout [ 1775.705467][ T5290] 8021q: adding VLAN 0 to HW filter on device eth7 [ 1776.082108][ T6021] usb 3-1: new low-speed USB device number 92 using dummy_hcd [ 1776.129575][T10916] bridge0: port 1(bridge_slave_0) entered blocking state [ 1776.146321][T10916] bridge0: port 1(bridge_slave_0) entered disabled state [ 1776.160475][T10916] bridge_slave_0: entered allmulticast mode [ 1776.185303][T10916] bridge_slave_0: entered promiscuous mode [ 1776.212186][T10916] bridge0: port 2(bridge_slave_1) entered blocking state [ 1776.244129][T10916] bridge0: port 2(bridge_slave_1) entered disabled state [ 1776.262611][T10916] bridge_slave_1: entered allmulticast mode [ 1776.323583][ T6021] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1776.326611][T10916] bridge_slave_1: entered promiscuous mode [ 1776.346421][ T6021] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 1776.361286][ T6021] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8 [ 1776.373354][ T6021] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 1776.411737][ T6021] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1776.461498][T11142] netlink: 24 bytes leftover after parsing attributes in process `syz.0.16043'. [ 1776.478097][T11142] netlink: 24 bytes leftover after parsing attributes in process `syz.0.16043'. [ 1776.487581][T11120] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1776.513388][ T4992] usb 4-1: new high-speed USB device number 98 using dummy_hcd [ 1776.522915][T11144] netlink: 'syz.4.16044': attribute type 3 has an invalid length. [ 1776.544220][ T6021] hub 3-1:1.0: bad descriptor, ignoring hub [ 1776.560145][T11144] netlink: 'syz.4.16044': attribute type 1 has an invalid length. [ 1776.581342][ T6021] hub 3-1:1.0: probe with driver hub failed with error -5 [ 1776.594025][T11144] netlink: 224 bytes leftover after parsing attributes in process `syz.4.16044'. [ 1776.647630][ T6021] cdc_wdm 3-1:1.0: skipping garbage [ 1776.664003][ T6021] cdc_wdm 3-1:1.0: skipping garbage [ 1776.679817][T10916] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1776.696032][ T4992] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1776.720340][T10916] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1776.731290][ T6021] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 1776.740467][ T4992] usb 4-1: config 114 has an invalid interface number: 240 but max is 0 [ 1776.756842][ T6021] cdc_wdm 3-1:1.0: Unknown control protocol [ 1776.778984][ T4992] usb 4-1: config 114 has no interface number 0 [ 1776.808791][ T4992] usb 4-1: config 114 interface 240 altsetting 232 bulk endpoint 0x1 has invalid maxpacket 1023 [ 1776.831242][ T6021] usb 3-1: USB disconnect, device number 92 [ 1776.846719][T11149] loop0: detected capacity change from 0 to 512 [ 1776.864125][ T4992] usb 4-1: config 114 interface 240 altsetting 232 has an endpoint descriptor with address 0xCA, changing to 0x8A [ 1776.893671][T11149] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1776.914709][ T4992] usb 4-1: config 114 interface 240 altsetting 232 bulk endpoint 0x8A has invalid maxpacket 16 [ 1776.937898][ T4992] usb 4-1: config 114 interface 240 has no altsetting 0 [ 1776.960632][T11149] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.16046: inode #15: comm syz.0.16046: iget: illegal inode # [ 1776.990627][T11149] loop0: lost filesystem error report for type 5 error -117 [ 1776.998902][T11149] EXT4-fs (loop0): Remounting filesystem read-only [ 1777.006311][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 1777.006345][ C1] EXT4-fs (loop0): initial error at time 2000526255: ext4_orphan_get:1397 [ 1777.006389][ C1] EXT4-fs (loop0): last error at time 2000526255: ext4_orphan_get:1397 [ 1777.013748][ T4992] usb 4-1: string descriptor 0 read error: -22 [ 1777.023120][T11149] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1777.066510][T10916] team0: Port device team_slave_0 added [ 1777.097000][T10916] team0: Port device team_slave_1 added [ 1777.101514][ T4992] usb 4-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice= 6.38 [ 1777.154254][ T4992] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1777.227695][T11139] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 1777.253052][T11139] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 1777.261109][T10916] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1777.310445][ T4992] ir_usb 4-1:114.240: IR Dongle converter detected [ 1777.312323][T10916] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1777.399483][T11160] netlink: 4 bytes leftover after parsing attributes in process `syz.4.16049'. [ 1777.464840][T10916] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1777.484257][ T5834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1777.486388][T10916] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1777.570630][T10916] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1777.600511][ T4992] usb 4-1: IR Dongle converter now attached to ttyUSB0 [ 1777.684886][T10916] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1777.919482][ T4992] usb 4-1: USB disconnect, device number 98 [ 1778.013007][ T4992] ir-usb ttyUSB0: IR Dongle converter now disconnected from ttyUSB0 [ 1778.062678][ T4992] ir_usb 4-1:114.240: device disconnected [ 1778.099753][T10916] hsr_slave_0: entered promiscuous mode [ 1778.132607][T10916] hsr_slave_1: entered promiscuous mode [ 1778.174001][T10916] debugfs: 'hsr0' already exists in 'hsr' [ 1778.203264][T10916] Cannot create hsr debugfs directory [ 1778.945482][ T5290] 8021q: adding VLAN 0 to HW filter on device eth8 [ 1779.114996][T11186] Bluetooth: hci0: Opcode 0x0401 failed: -4 [ 1779.234631][T11205] tmpfs: Bad value for 'mpol' [ 1779.522593][T11183] loop4: detected capacity change from 0 to 40427 [ 1779.574055][T11183] F2FS-fs (loop4): Fix alignment : internally, start(4096) end(16896) block(12288) [ 1779.626179][T11183] F2FS-fs (loop4): invalid crc value [ 1779.787434][T11216] bond4 (unregistering): Released all slaves [ 1779.911116][T11225] 9p: Unknown Cache mode or invalid value fscach [ 1780.043468][T11183] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 1780.147874][T11183] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1780.235857][T10916] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1780.296454][T10916] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1780.339700][T11183] F2FS-fs (loop4): Try to recover all the superblocks, ret: 0 [ 1780.339900][T10916] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1780.429426][T10916] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1780.473279][T10916] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1780.511062][T10916] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1780.555905][T10916] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1780.618795][T10916] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1780.947567][T11213] loop6: detected capacity change from 0 to 32768 [ 1780.956560][ T4992] usb 3-1: new high-speed USB device number 93 using dummy_hcd [ 1781.066361][T10916] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1781.070344][T11213] find_entry called with index = 0 [ 1781.134189][T11213] read_mapping_page failed! [ 1781.149223][ T4992] usb 3-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config [ 1781.151209][T10916] 8021q: adding VLAN 0 to HW filter on device team0 [ 1781.168469][T11213] ERROR: (device loop6): txAbort: [ 1781.168469][T11213] [ 1781.187956][ T4992] usb 3-1: New USB device found, idVendor=0979, idProduct=0227, bcdDevice=6f.50 [ 1781.242696][T31231] bridge0: port 1(bridge_slave_0) entered blocking state [ 1781.249956][T31231] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1781.284052][ T4992] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1781.318942][ T4992] usb 3-1: Product: syz [ 1781.346120][ T4992] usb 3-1: Manufacturer: syz [ 1781.364315][T31231] bridge0: port 2(bridge_slave_1) entered blocking state [ 1781.371498][T31231] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1781.395905][ T4992] usb 3-1: SerialNumber: syz [ 1781.492434][T11258] netlink: 20 bytes leftover after parsing attributes in process `syz.0.16084'. [ 1781.539541][T11260] ptrace attach of "ci-upstream-kasan-badwrites-root/syz-executor exec"[5840] was attempted by ""[11260] [ 1781.697396][ T4992] gspca_main: jl2005bcd-2.14.0 probing 0979:0227 [ 1781.726452][ T4992] command write [95] error -22 [ 1781.766059][ T4992] usb 3-1: USB disconnect, device number 93 [ 1782.326245][T11275] loop4: detected capacity change from 0 to 2048 [ 1782.435337][T11275] NILFS (loop4): corrupt root inode [ 1782.595016][T11286] loop0: detected capacity change from 0 to 512 [ 1782.648471][T11290] netlink: 'syz.2.16096': attribute type 21 has an invalid length. [ 1782.665818][T11286] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1782.706622][T11290] netlink: 164 bytes leftover after parsing attributes in process `syz.2.16096'. [ 1782.810865][T11286] EXT4-fs warning (device loop0): dx_probe:836: inode #2: comm syz.0.16094: Unimplemented hash flags: 0x0001 [ 1782.858167][T11286] EXT4-fs warning (device loop0): dx_probe:933: inode #2: comm syz.0.16094: Corrupt directory, running e2fsck is recommended [ 1783.345284][ T5834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1783.380661][ T6021] usb 3-1: new high-speed USB device number 94 using dummy_hcd [ 1783.507864][T11314] loop4: detected capacity change from 0 to 164 [ 1783.622927][ T6021] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1783.654970][ T6021] usb 3-1: config 114 has an invalid interface number: 240 but max is 0 [ 1783.694514][ T6021] usb 3-1: config 114 has no interface number 0 [ 1783.726114][ T6021] usb 3-1: config 114 interface 240 altsetting 232 bulk endpoint 0x1 has invalid maxpacket 1023 [ 1783.777916][ T6021] usb 3-1: config 114 interface 240 altsetting 232 has an endpoint descriptor with address 0xCA, changing to 0x8A [ 1783.817526][ T6021] usb 3-1: config 114 interface 240 altsetting 232 bulk endpoint 0x8A has invalid maxpacket 16 [ 1783.836711][T10916] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1783.858970][ T6021] usb 3-1: config 114 interface 240 has no altsetting 0 [ 1783.914691][ T6021] usb 3-1: string descriptor 0 read error: -22 [ 1783.927104][ T6021] usb 3-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice= 6.38 [ 1783.964044][ T6021] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1784.017603][T11304] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1784.043369][T11304] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1784.070630][ T6021] ir_usb 3-1:114.240: IR Dongle converter detected [ 1784.257482][T27351] usb 1-1: new high-speed USB device number 106 using dummy_hcd [ 1784.317414][ T6021] usb 3-1: IR Dongle converter now attached to ttyUSB0 [ 1784.429082][T27351] usb 1-1: Using ep0 maxpacket: 16 [ 1784.460950][T27351] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 1784.482244][T27351] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 1784.521848][T27351] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 1784.561783][T27351] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 1784.599312][T27351] usb 1-1: New USB device found, idVendor=0586, idProduct=1500, bcdDevice=2e.97 [ 1784.612748][ T6021] usb 3-1: USB disconnect, device number 94 [ 1784.628592][T11311] loop6: detected capacity change from 0 to 32768 [ 1784.636671][T27351] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1784.656963][T27351] usb 1-1: Product: syz [ 1784.673116][T27351] usb 1-1: Manufacturer: syz [ 1784.686845][T27351] usb 1-1: SerialNumber: syz [ 1784.702238][T11342] netlink: 20 bytes leftover after parsing attributes in process `syz.4.16114'. [ 1784.718494][ T6021] ir-usb ttyUSB0: IR Dongle converter now disconnected from ttyUSB0 [ 1784.734370][T11342] netlink: 16 bytes leftover after parsing attributes in process `syz.4.16114'. [ 1784.743851][T27351] usb 1-1: config 0 descriptor?? [ 1784.755157][ T6021] ir_usb 3-1:114.240: device disconnected [ 1784.764097][T27351] omninet 1-1:0.0: ZyXEL - omni.net usb converter detected [ 1784.781560][T11342] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1784.784764][T11311] JBD2: Ignoring recovery information on journal [ 1784.806972][T27351] usb 1-1: ZyXEL - omni.net usb converter now attached to ttyUSB0 [ 1784.922931][T11311] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 1784.998385][T27351] usb 1-1: USB disconnect, device number 106 [ 1785.096637][T10916] veth0_vlan: entered promiscuous mode [ 1785.109366][T27351] omninet ttyUSB0: ZyXEL - omni.net usb converter now disconnected from ttyUSB0 [ 1785.138756][T27351] omninet 1-1:0.0: device disconnected [ 1785.142660][T11311] OCFS2: ERROR (device loop6): ocfs2_xattr_find_entry: corrupted xattr entries [ 1785.145062][T11311] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 1785.157308][T10916] veth1_vlan: entered promiscuous mode [ 1785.186709][T11311] OCFS2: Returning error to the calling process. [ 1785.210184][T11348] loop4: detected capacity change from 0 to 512 [ 1785.231113][T11311] (syz.6.16105,11311,1):ocfs2_setattr:1306 ERROR: status = -117 [ 1785.279508][T11348] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1785.307296][T10916] veth0_macvtap: entered promiscuous mode [ 1785.331404][T11348] EXT4-fs warning (device loop4): dx_probe:836: inode #2: comm syz.4.16116: Unimplemented hash flags: 0x0001 [ 1785.404052][T10916] veth1_macvtap: entered promiscuous mode [ 1785.414821][T11348] EXT4-fs warning (device loop4): dx_probe:933: inode #2: comm syz.4.16116: Corrupt directory, running e2fsck is recommended [ 1785.559215][T10916] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1785.647842][T10916] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1785.665277][T27606] ocfs2: Unmounting device (7,6) on (node local) [ 1785.676426][T11356] openvswitch: netlink: Unexpected mask (mask=20840, allowed=10048) [ 1785.707584][T31219] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1785.782270][T31219] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1785.810769][ T5848] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1785.881853][T31219] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1785.955003][T31223] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1785.973256][ T30] audit: type=1326 audit(2000526264.121:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11362 comm="syz.2.16124" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439199ce59 code=0x7ffc0000 [ 1786.149220][ T30] audit: type=1326 audit(2000526264.140:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11362 comm="syz.2.16124" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439199ce59 code=0x7ffc0000 [ 1786.197135][T11368] MPI: mpi too large (124808 bits) [ 1786.300683][ T30] audit: type=1326 audit(2000526264.140:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11362 comm="syz.2.16124" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f439199ce59 code=0x7ffc0000 [ 1786.385615][ T30] audit: type=1326 audit(2000526264.140:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11362 comm="syz.2.16124" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439199ce59 code=0x7ffc0000 [ 1786.412607][ T30] audit: type=1326 audit(2000526264.140:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11362 comm="syz.2.16124" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439199ce59 code=0x7ffc0000 [ 1786.470640][T31223] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1786.506445][T31223] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1786.685755][T31223] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1786.703797][T11381] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1786.719239][T31223] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1786.790157][T11384] loop3: detected capacity change from 0 to 16 [ 1786.874161][T11384] erofs (device loop3): mounted with root inode @ nid 36. [ 1786.890450][T11387] loop6: detected capacity change from 0 to 64 [ 1786.930392][T11384] syz.3.16129: attempt to access beyond end of device [ 1786.930392][T11384] loop3: rw=524288, sector=671088648, nr_sectors = 8 limit=16 [ 1786.978411][T11384] syz.3.16129: attempt to access beyond end of device [ 1786.978411][T11384] loop3: rw=0, sector=671088648, nr_sectors = 8 limit=16 [ 1786.994483][T11392] loop2: detected capacity change from 0 to 512 [ 1787.007911][T11384] erofs (device loop3): read error -5 @ 0 of nid 89 [ 1787.017913][ T30] audit: type=1800 audit(2000526265.122:365): pid=11384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.16129" name="file3" dev="loop3" ino=89 res=0 errno=0 [ 1787.026517][T11392] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1787.099798][T11392] EXT4-fs warning (device loop2): dx_probe:836: inode #2: comm syz.2.16135: Unimplemented hash flags: 0x0001 [ 1787.186642][T11392] EXT4-fs warning (device loop2): dx_probe:933: inode #2: comm syz.2.16135: Corrupt directory, running e2fsck is recommended [ 1787.433758][T11399] tc_dump_action: action bad kind [ 1787.591052][T16807] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 1787.772751][T16807] usb 8-1: Using ep0 maxpacket: 32 [ 1787.794961][T16807] usb 8-1: New USB device found, idVendor=0458, idProduct=7005, bcdDevice=1a.51 [ 1787.845056][T16807] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1787.872054][ T5843] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1787.875844][T16807] usb 8-1: Product: syz [ 1787.899066][T16807] usb 8-1: Manufacturer: syz [ 1787.909200][T16807] usb 8-1: SerialNumber: syz [ 1787.936102][T16807] usb 8-1: config 0 descriptor?? [ 1787.970085][T16807] gspca_main: sn9c2028-2.14.0 probing 0458:7005 [ 1788.232277][T16807] gspca_sn9c2028: read1 error -71 [ 1788.253945][T16807] gspca_sn9c2028: read1 error -71 [ 1788.290385][T16807] gspca_sn9c2028: read1 error -71 [ 1788.309046][T16807] sn9c2028 8-1:0.0: probe with driver sn9c2028 failed with error -71 [ 1788.340552][T16807] usb 8-1: USB disconnect, device number 2 [ 1788.369560][T11423] PKCS8: Unsupported PKCS#8 version [ 1788.725320][T11405] loop3: detected capacity change from 0 to 32768 [ 1788.743066][T11405] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.16140 (11405) [ 1788.786178][T11405] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1788.802111][T11405] BTRFS info (device loop3): using sha256 checksum algorithm [ 1788.906852][T11405] BTRFS info (device loop3): enabling ssd optimizations [ 1788.924371][T11405] BTRFS info (device loop3): turning on async discard [ 1788.939254][T11405] BTRFS info (device loop3): enabling free space tree [ 1789.185784][ T5840] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1789.209668][T11454] loop7: detected capacity change from 0 to 64 [ 1790.076505][T11431] loop0: detected capacity change from 0 to 32768 [ 1790.199029][T11431] find_entry called with index = 0 [ 1790.229612][T11431] read_mapping_page failed! [ 1790.252463][T11431] ERROR: (device loop0): txAbort: [ 1790.252463][T11431] [ 1790.476400][T11428] loop2: detected capacity change from 0 to 40427 [ 1790.538548][T11428] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1790.593710][T11428] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1790.655806][T11428] F2FS-fs (loop2): invalid crc value [ 1791.175361][T11428] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1791.343077][T11428] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1791.375545][T11428] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1791.446287][T11505] loop4: detected capacity change from 0 to 1024 [ 1791.481976][T11505] EXT4-fs: Ignoring removed orlov option [ 1791.615652][T11505] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1791.946628][T11476] loop3: detected capacity change from 0 to 32768 [ 1792.020851][ T5848] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1792.074244][T11476] JBD2: Ignoring recovery information on journal [ 1792.296033][T11476] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 1792.562321][T11476] OCFS2: ERROR (device loop3): ocfs2_xattr_find_entry: corrupted xattr entries [ 1792.562363][T11476] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 1792.653503][T11476] OCFS2: Returning error to the calling process. [ 1792.682364][T11476] (syz.3.16166,11476,1):ocfs2_setattr:1306 ERROR: status = -117 [ 1793.052074][ T5840] ocfs2: Unmounting device (7,3) on (node local) [ 1793.225952][T11497] loop6: detected capacity change from 0 to 40427 [ 1793.274561][T11497] F2FS-fs (loop6): build fault injection rate: 14 [ 1793.321401][T11497] F2FS-fs (loop6): build fault injection type: 0xe4 [ 1793.363997][T11497] F2FS-fs (loop6): invalid crc value [ 1793.426864][T11497] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of __f2fs_build_free_nids+0x1fe/0x1060 [ 1793.855824][T11497] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1794.020517][T11497] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 1794.034208][T11560] netlink: zone id is out of range [ 1794.050252][T11560] netlink: zone id is out of range [ 1794.063092][T11560] netlink: zone id is out of range [ 1794.081642][T11560] netlink: zone id is out of range [ 1794.099360][T11560] netlink: zone id is out of range [ 1794.118641][T11560] netlink: zone id is out of range [ 1794.147757][T11560] netlink: zone id is out of range [ 1794.183057][T11560] netlink: zone id is out of range [ 1794.225531][T11560] netlink: zone id is out of range [ 1794.237663][T11560] netlink: zone id is out of range [ 1794.739315][T27606] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of commit_checkpoint+0xa0/0x540 [ 1794.802618][T11542] loop0: detected capacity change from 0 to 32768 [ 1794.833576][T11579] loop7: detected capacity change from 0 to 2048 [ 1794.996182][T11579] NILFS (loop7): corrupt root inode [ 1795.026783][ T117] ERROR: (device loop0): diFree: numfree > numinos [ 1795.026783][ T117] [ 1795.090155][ T117] ERROR: (device loop0): remounting filesystem as read-only [ 1796.006523][T11608] loop2: detected capacity change from 0 to 2048 [ 1796.008988][T11613] netlink: 'syz.4.16216': attribute type 2 has an invalid length. [ 1796.082692][T11616] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16217'. [ 1796.109313][T11608] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1796.211078][ T30] audit: type=1800 audit(2000526273.722:366): pid=11608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.16214" name="file1" dev="loop2" ino=1367 res=0 errno=0 [ 1796.879563][T11634] loop0: detected capacity change from 0 to 2048 [ 1796.950116][T11634] NILFS (loop0): corrupt root inode [ 1797.120407][T11641] loop4: detected capacity change from 0 to 4096 [ 1797.265429][T11641] ntfs3(loop4): Failed to initialize $Extend/$ObjId. [ 1797.611064][T11658] loop7: detected capacity change from 0 to 2048 [ 1797.805617][T11667] CIFS mount error: No usable UNC path provided in device string! [ 1797.805617][T11667] [ 1797.828514][T11665] loop6: detected capacity change from 0 to 512 [ 1797.895339][T11665] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1797.913764][T11667] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1797.937944][T11665] EXT4-fs warning (device loop6): dx_probe:836: inode #2: comm syz.6.16237: Unimplemented hash flags: 0x0001 [ 1797.939483][T11674] bond0: (slave bond_slave_1): Error: Device is in use and cannot be enslaved [ 1798.042054][T11665] EXT4-fs warning (device loop6): dx_probe:933: inode #2: comm syz.6.16237: Corrupt directory, running e2fsck is recommended [ 1798.110216][T11673] veth8: entered promiscuous mode [ 1798.157198][T11673] veth8: entered allmulticast mode [ 1798.574414][T27606] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1798.749219][T11694] loop0: detected capacity change from 0 to 64 [ 1798.788502][T11695] loop4: detected capacity change from 0 to 764 [ 1798.935469][T11699] loop6: detected capacity change from 0 to 1024 [ 1798.966129][T11699] EXT4-fs: Ignoring removed bh option [ 1799.071823][T11699] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1799.250851][T11711] loop4: detected capacity change from 0 to 512 [ 1799.345276][T11711] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1799.431991][T11711] ext4 filesystem being mounted at /2671/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1799.603594][T27606] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1799.992822][ T5848] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1800.511108][T11747] loop7: detected capacity change from 0 to 512 [ 1800.593376][T11747] EXT4-fs (loop7): write access unavailable, skipping orphan cleanup [ 1800.682422][T11747] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1800.779294][T11747] EXT4-fs warning (device loop7): dx_probe:836: inode #2: comm syz.7.16261: Unimplemented hash flags: 0x0001 [ 1800.820234][T11757] loop2: detected capacity change from 0 to 164 [ 1800.849939][T11747] EXT4-fs warning (device loop7): dx_probe:933: inode #2: comm syz.7.16261: Corrupt directory, running e2fsck is recommended [ 1801.075545][T11718] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1801.238256][T11718] XFS (loop3): Ending clean mount [ 1801.460401][T10916] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1801.477333][ T5840] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1802.177378][T11795] raw_sendmsg: syz.7.16284 forgot to set AF_INET. Fix it! [ 1802.258716][T11745] JBD2: Ignoring recovery information on journal [ 1802.397096][T11745] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 1802.538041][T11806] netlink: 108 bytes leftover after parsing attributes in process `syz.2.16286'. [ 1802.658672][T11745] OCFS2: ERROR (device loop0): ocfs2_xattr_find_entry: corrupted xattr entries [ 1802.658715][T11745] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 1802.737178][T11745] OCFS2: Returning error to the calling process. [ 1802.773064][T11745] (syz.0.16275,11745,0):ocfs2_setattr:1306 ERROR: status = -117 [ 1802.995250][ T5834] ocfs2: Unmounting device (7,0) on (node local) [ 1803.439359][T11812] set_capacity_and_notify: 2 callbacks suppressed [ 1803.439388][T11812] loop3: detected capacity change from 0 to 32768 [ 1803.476214][T11812] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1803.576282][T11812] XFS (loop3): Ending clean mount [ 1803.738321][ T5840] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1803.895607][T11847] netlink: 12 bytes leftover after parsing attributes in process `syz.6.16293'. [ 1803.992255][T11846] gtp0: entered promiscuous mode [ 1804.021367][T11846] gtp0: entered allmulticast mode [ 1804.390298][T11854] loop6: detected capacity change from 0 to 2048 [ 1804.468739][T11854] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1804.769028][T11868] netlink: 32 bytes leftover after parsing attributes in process `syz.7.16300'. [ 1804.770893][T11866] loop3: detected capacity change from 0 to 512 [ 1804.947799][T11866] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1805.005711][T11866] EXT4-fs warning (device loop3): dx_probe:836: inode #2: comm syz.3.16290: Unimplemented hash flags: 0x0001 [ 1805.080846][T11866] EXT4-fs warning (device loop3): dx_probe:933: inode #2: comm syz.3.16290: Corrupt directory, running e2fsck is recommended [ 1805.574114][ T5840] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1805.618697][ T2169] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 1805.785122][T11845] loop0: detected capacity change from 0 to 40427 [ 1805.823127][ T2169] usb 7-1: Using ep0 maxpacket: 16 [ 1805.847261][ T2169] usb 7-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 1805.872067][T11845] F2FS-fs (loop0): build fault injection rate: 14 [ 1805.887875][ T2169] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1805.900294][T11845] F2FS-fs (loop0): build fault injection type: 0xe4 [ 1805.921763][ T2169] usb 7-1: Product: syz [ 1805.936282][T11845] F2FS-fs (loop0): invalid crc value [ 1805.946156][ T2169] usb 7-1: Manufacturer: syz [ 1805.964611][ T2169] usb 7-1: SerialNumber: syz [ 1806.008875][ T2169] usb 7-1: config 0 descriptor?? [ 1806.037806][T11845] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of __f2fs_build_free_nids+0x1fe/0x1060 [ 1806.295149][ T2169] speedtch 7-1:0.0: speedtch_bind: data interface not found! [ 1806.328121][ T2169] speedtch 7-1:0.0: usbatm_usb_probe: bind failed: -19! [ 1806.454431][T11845] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1806.546077][ T2169] usb 7-1: USB disconnect, device number 21 [ 1806.587904][T11845] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1806.744209][T11863] loop4: detected capacity change from 0 to 40427 [ 1806.791000][T11863] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1806.837728][T11863] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1806.890860][T11863] F2FS-fs (loop4): invalid crc value [ 1807.091938][ T5834] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of commit_checkpoint+0xa0/0x540 [ 1807.256087][T11863] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1807.367638][T11863] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1807.395090][T11863] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1808.453880][T11953] netlink: 'syz.6.16351': attribute type 2 has an invalid length. [ 1808.980227][T11967] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16344'. [ 1808.986488][T11966] loop7: detected capacity change from 0 to 512 [ 1809.020515][T11967] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16344'. [ 1809.049909][T11966] EXT4-fs (loop7): write access unavailable, skipping orphan cleanup [ 1809.083427][T11966] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1809.119393][T11966] EXT4-fs warning (device loop7): dx_probe:836: inode #2: comm syz.7.16343: Unimplemented hash flags: 0x0001 [ 1809.199397][T11966] EXT4-fs warning (device loop7): dx_probe:933: inode #2: comm syz.7.16343: Corrupt directory, running e2fsck is recommended [ 1809.444907][T11980] netlink: 'syz.4.16348': attribute type 2 has an invalid length. [ 1809.516559][T11982] xt_cgroup: path and classid specified [ 1809.590238][T10916] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1809.636696][T11946] loop2: detected capacity change from 0 to 40427 [ 1809.684426][T11946] F2FS-fs (loop2): build fault injection rate: 14 [ 1809.736039][T11946] F2FS-fs (loop2): build fault injection type: 0xe4 [ 1809.773536][T11946] F2FS-fs (loop2): invalid crc value [ 1809.840118][T11946] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of __f2fs_build_free_nids+0x1fe/0x1060 [ 1810.179767][T11946] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1810.348559][T11946] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1810.657341][T12016] loop6: detected capacity change from 0 to 512 [ 1810.753061][T12020] loop4: detected capacity change from 0 to 1024 [ 1810.767422][T12016] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1810.828337][ T5843] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of commit_checkpoint+0xa0/0x540 [ 1810.893884][T12016] EXT4-fs warning (device loop6): dx_probe:836: inode #2: comm syz.6.16365: Unimplemented hash flags: 0x0001 [ 1810.951832][T12016] EXT4-fs warning (device loop6): dx_probe:933: inode #2: comm syz.6.16365: Corrupt directory, running e2fsck is recommended [ 1811.269494][T12028] netlink: 'syz.0.16370': attribute type 12 has an invalid length. [ 1811.293267][T12028] netlink: 132 bytes leftover after parsing attributes in process `syz.0.16370'. [ 1811.341977][T12011] loop7: detected capacity change from 0 to 32768 [ 1811.445952][T27606] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1812.085530][T12048] ip6t_REJECT: ECHOREPLY is not supported [ 1812.189524][T12053] kAFS: unable to lookup cell 'syz@' [ 1813.258918][T12087] loop4: detected capacity change from 0 to 16 [ 1813.323032][T12087] erofs (device loop4): mounted with root inode @ nid 36. [ 1813.353532][T12090] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1813.366364][T12090] IPv6: NLM_F_CREATE should be set when creating new route [ 1813.373618][T12090] IPv6: NLM_F_CREATE should be set when creating new route [ 1813.441449][T12054] loop6: detected capacity change from 0 to 32768 [ 1813.464547][T12054] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.16379 (12054) [ 1813.505358][T12087] syz.4.16396: attempt to access beyond end of device [ 1813.505358][T12087] loop4: rw=0, sector=0, nr_sectors = 1025 limit=16 [ 1813.549918][T12054] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1813.593707][T12054] BTRFS info (device loop6): using sha256 checksum algorithm [ 1813.626609][T12087] erofs (device loop4): read error -5 @ 0 of nid 36 [ 1813.753045][T12054] BTRFS info (device loop6): enabling ssd optimizations [ 1813.804377][T12054] BTRFS info (device loop6): turning on async discard [ 1813.842880][T12054] BTRFS info (device loop6): enabling free space tree [ 1814.146500][T27606] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1814.456854][T12133] netlink: 'syz.4.16411': attribute type 1 has an invalid length. [ 1814.662696][T12136] usb usb9: check_ctrlrecip: process 12136 (syz.6.16407) requesting ep 01 but needs 81 [ 1814.711266][T12136] usb usb9: usbfs: process 12136 (syz.6.16407) did not claim interface 0 before use [ 1815.213206][T12154] loop0: detected capacity change from 0 to 256 [ 1815.276108][T12156] net_ratelimit: 64 callbacks suppressed [ 1815.276135][T12156] openvswitch: netlink: IP tunnel dst address not specified [ 1815.640162][T12166] loop2: detected capacity change from 0 to 256 [ 1815.712910][T12166] exfat: Deprecated parameter 'utf8' [ 1815.785679][T12166] exfat: Deprecated parameter 'utf8' [ 1815.877468][T12166] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 1816.200656][T28097] usb 1-1: new high-speed USB device number 107 using dummy_hcd [ 1816.406350][T12193] loop3: detected capacity change from 0 to 512 [ 1816.406969][T28097] usb 1-1: config 10 has an invalid descriptor of length 0, skipping remainder of the config [ 1816.451840][T28097] usb 1-1: config 10 interface 0 altsetting 178 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1816.490105][T28097] usb 1-1: config 10 interface 0 has no altsetting 0 [ 1816.514045][T28097] usb 1-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=da.47 [ 1816.523604][T28097] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1816.529680][T12193] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1816.532397][T28097] usb 1-1: Product: syz [ 1816.548260][T28097] usb 1-1: Manufacturer: syz [ 1816.553275][T28097] usb 1-1: SerialNumber: syz [ 1816.603962][T12193] EXT4-fs warning (device loop3): dx_probe:836: inode #2: comm syz.3.16434: Unimplemented hash flags: 0x0001 [ 1816.625009][T12193] EXT4-fs warning (device loop3): dx_probe:933: inode #2: comm syz.3.16434: Corrupt directory, running e2fsck is recommended [ 1816.853547][T28097] ims_pcu 1-1:10.0: probe with driver ims_pcu failed with error -22 [ 1816.939215][T28097] usb 1-1: USB disconnect, device number 107 [ 1817.063111][ T5840] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1817.606443][T12231] misc userio: Invalid payload size [ 1818.100322][T27351] usb 1-1: new high-speed USB device number 108 using dummy_hcd [ 1818.148508][T12251] loop7: detected capacity change from 0 to 512 [ 1818.191791][T12251] EXT4-fs (loop7): write access unavailable, skipping orphan cleanup [ 1818.258614][T12251] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1818.293295][T27351] usb 1-1: Using ep0 maxpacket: 8 [ 1818.314705][T12258] nbd: illegal input index 2958377 [ 1818.331124][T27351] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1818.386179][T27351] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82 [ 1818.415276][T12251] EXT4-fs warning (device loop7): dx_probe:836: inode #2: comm syz.7.16455: Unimplemented hash flags: 0x0001 [ 1818.450763][T27351] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1818.472250][T12251] EXT4-fs warning (device loop7): dx_probe:933: inode #2: comm syz.7.16455: Corrupt directory, running e2fsck is recommended [ 1818.532863][T27351] usb 1-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1 [ 1818.598214][T27351] usb 1-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3 [ 1818.643033][T27351] usb 1-1: Product: syz [ 1818.663745][T27351] usb 1-1: Manufacturer: syz [ 1818.688262][T27351] usb 1-1: SerialNumber: syz [ 1818.719065][T27351] usb 1-1: config 0 descriptor?? [ 1818.840221][T12271] loop6: detected capacity change from 0 to 1024 [ 1818.877093][T12271] EXT4-fs: Ignoring removed orlov option [ 1818.970432][T10916] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1819.011351][T12271] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1819.023436][T27351] rc_core: IR keymap rc-imon-rsc not found [ 1819.023463][T27351] Registered IR keymap rc-empty [ 1819.024761][T27351] rc rc0: iMON Station as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 1819.065614][T27351] input: iMON Station as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input106 [ 1819.138344][T27351] usb 1-1: USB disconnect, device number 108 [ 1819.171185][T12271] EXT4-fs error (device loop6): ext4_free_inode:354: comm syz.6.16462: bit already cleared for inode 13 [ 1819.356352][T12286] loop4: detected capacity change from 0 to 2048 [ 1819.448205][T27606] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1819.474297][T12293] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1820.699259][T12287] loop2: detected capacity change from 0 to 32768 [ 1821.073915][T12296] loop7: detected capacity change from 0 to 32768 [ 1821.125841][ T2169] usb 1-1: new full-speed USB device number 109 using dummy_hcd [ 1821.224151][T12334] netlink: 12 bytes leftover after parsing attributes in process `syz.6.16489'. [ 1821.333732][ T2169] usb 1-1: config 0 has an invalid interface number: 96 but max is 0 [ 1821.371524][ T2169] usb 1-1: config 0 has no interface number 0 [ 1821.401882][ T2169] usb 1-1: config 0 interface 96 altsetting 3 endpoint 0x88 has an invalid bInterval 0, changing to 10 [ 1821.467576][ T2169] usb 1-1: config 0 interface 96 altsetting 3 endpoint 0x88 has invalid wMaxPacketSize 0 [ 1821.515593][ T2169] usb 1-1: config 0 interface 96 has no altsetting 0 [ 1821.549614][ T2169] usb 1-1: New USB device found, idVendor=0b57, idProduct=6a8d, bcdDevice=33.74 [ 1821.590276][ T2169] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1821.620872][ T2169] usb 1-1: Product: syz [ 1821.638182][ T2169] usb 1-1: Manufacturer: syz [ 1821.657511][ T2169] usb 1-1: SerialNumber: syz [ 1821.699822][ T2169] usb 1-1: config 0 descriptor?? [ 1821.991980][T12352] loop4: detected capacity change from 0 to 512 [ 1822.057282][T12352] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1822.177657][ T2169] usb 1-1: USB disconnect, device number 109 [ 1822.242107][T12352] EXT4-fs warning (device loop4): dx_probe:836: inode #2: comm syz.4.16495: Unimplemented hash flags: 0x0001 [ 1822.321104][T12352] EXT4-fs warning (device loop4): dx_probe:933: inode #2: comm syz.4.16495: Corrupt directory, running e2fsck is recommended [ 1822.697311][T12374] netlink: 4 bytes leftover after parsing attributes in process `syz.6.16503'. [ 1822.789127][ T5848] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1823.246858][T12412] netlink: 'syz.6.16507': attribute type 13 has an invalid length. [ 1823.345382][T12412] netlink: 'syz.6.16507': attribute type 17 has an invalid length. [ 1823.414169][T12420] netlink: 28 bytes leftover after parsing attributes in process `syz.0.16509'. [ 1824.115610][T12412] dummy0: left promiscuous mode [ 1824.161183][T12412] dummy0: left allmulticast mode [ 1824.218570][T12412] batadv0: left promiscuous mode [ 1824.251806][T12412] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1824.496392][T12412] geneve1: left promiscuous mode [ 1824.517061][T12412] netdevsim netdevsim6 netdevsim0: left promiscuous mode [ 1824.533945][T12412] netdevsim netdevsim6 netdevsim0: left allmulticast mode [ 1824.647849][T12423] loop2: detected capacity change from 0 to 32768 [ 1824.658668][T12412] bond1: left allmulticast mode [ 1824.669608][T12412] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1824.702476][T12412] A link change request failed with some changes committed already. Interface geneve2 may have been left with an inconsistent configuration, please check. [ 1824.730458][T12423] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1825.004990][T12423] XFS (loop2): Ending clean mount [ 1825.478480][T12461] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1825.558808][ T5843] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1826.192649][T12479] loop6: detected capacity change from 0 to 1024 [ 1826.295793][ T2169] usb 4-1: new high-speed USB device number 99 using dummy_hcd [ 1826.490092][ T2169] usb 4-1: Using ep0 maxpacket: 8 [ 1826.510930][T28097] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 1826.535057][ T2169] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 1826.579492][ T2169] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1826.614307][ T2169] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1826.657295][ T2169] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 1826.706367][ T2169] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1826.737249][T28097] usb 8-1: unable to get BOS descriptor or descriptor too short [ 1826.759543][ T2169] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 1826.781675][T28097] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1826.800942][ T2169] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1826.817631][T28097] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 32 [ 1826.852743][ T2169] usb 4-1: config 0 descriptor?? [ 1826.862645][T28097] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1826.887007][T12477] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1826.906901][T12495] loop2: detected capacity change from 0 to 2048 [ 1826.910220][T28097] usb 8-1: New USB device found, idVendor=09e8, idProduct=0062, bcdDevice= 0.40 [ 1826.934186][T28097] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1826.974450][T12495] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1826.993755][T28097] usb 8-1: Product: syz [ 1827.011567][T28097] usb 8-1: Manufacturer: syz [ 1827.043188][T28097] usb 8-1: SerialNumber: syz [ 1827.116483][T12482] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22 [ 1827.403022][ T30] audit: type=1326 audit(2000526302.910:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12507 comm="syz.4.16549" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1827d9ce59 code=0x7ffc0000 [ 1827.415736][T28097] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 1827.478338][ T30] audit: type=1326 audit(2000526302.938:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12507 comm="syz.4.16549" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1827d9ce59 code=0x7ffc0000 [ 1827.562157][T11369] usb 4-1: USB disconnect, device number 99 [ 1827.573086][ T6918] Bluetooth: hci6: Opcode 0x0c03 failed: -19 [ 1827.607397][ T30] audit: type=1326 audit(2000526302.938:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12507 comm="syz.4.16549" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1827d9ce59 code=0x7ffc0000 [ 1827.684557][ T30] audit: type=1326 audit(2000526302.947:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12507 comm="syz.4.16549" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1827d9ce59 code=0x7ffc0000 [ 1827.686244][T12513] pim6reg: left allmulticast mode [ 1827.810159][ T30] audit: type=1326 audit(2000526302.947:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12507 comm="syz.4.16549" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7f1827d9ce59 code=0x7ffc0000 [ 1827.856641][ T30] audit: type=1326 audit(2000526302.947:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12507 comm="syz.4.16549" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1827d9ce59 code=0x7ffc0000 [ 1827.889942][ T30] audit: type=1326 audit(2000526302.947:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12507 comm="syz.4.16549" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f1827d9ce59 code=0x7ffc0000 [ 1827.919295][ T30] audit: type=1326 audit(2000526302.947:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12507 comm="syz.4.16549" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f1827d9ce59 code=0x7ffc0000 [ 1827.953469][T28097] usb 8-1: USB disconnect, device number 3 [ 1828.237366][ T5790] udevd[5790]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1828.978708][T12542] loop2: detected capacity change from 0 to 4096 [ 1829.079762][T12542] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1829.680034][ T5843] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1830.406625][T12580] loop6: detected capacity change from 0 to 2048 [ 1830.485394][T12580] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1831.010434][T12598] netlink: 12 bytes leftover after parsing attributes in process `syz.0.16604'. [ 1831.263518][T12599] loop7: detected capacity change from 0 to 4096 [ 1831.428785][T12599] ntfs3(loop7): ino=19, mi_enum_attr [ 1831.916898][T27351] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 1832.098886][T27351] usb 7-1: Using ep0 maxpacket: 8 [ 1832.137400][T27351] usb 7-1: unable to get BOS descriptor or descriptor too short [ 1832.152117][T12622] xfrm0 speed is unknown, defaulting to 1000 [ 1832.174192][T27351] usb 7-1: config 7 has an invalid interface number: 58 but max is 0 [ 1832.205876][T27351] usb 7-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 1832.242461][T27351] usb 7-1: config 7 has no interface number 0 [ 1832.262619][T27351] usb 7-1: New USB device found, idVendor=1498, idProduct=a090, bcdDevice=48.0f [ 1832.286684][T27351] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1832.309258][T27351] usb 7-1: Product: syz [ 1832.313592][T27351] usb 7-1: Manufacturer: syz [ 1832.318216][T27351] usb 7-1: SerialNumber: syz [ 1832.367784][T12633] loop4: detected capacity change from 0 to 4096 [ 1832.466890][T12633] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1832.500609][T12639] new mount options do not match the existing superblock, will be ignored [ 1832.607866][T27351] usb 7-1: USB disconnect, device number 22 [ 1832.703251][T12641] netlink: 'syz.7.16613': attribute type 9 has an invalid length. [ 1832.842088][ T5848] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1834.145969][T12679] SET target dimension over the limit! [ 1834.386801][T11369] usb 1-1: new full-speed USB device number 110 using dummy_hcd [ 1834.590415][T11369] usb 1-1: config 5 has an invalid interface number: 123 but max is 0 [ 1834.621704][T11369] usb 1-1: config 5 has no interface number 0 [ 1834.650192][T11369] usb 1-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B [ 1834.695028][T11369] usb 1-1: config 5 interface 123 altsetting 7 endpoint 0x5 has invalid maxpacket 512, setting to 64 [ 1834.742017][T11369] usb 1-1: config 5 interface 123 has no altsetting 0 [ 1834.779314][T12701] QAT: Device 7 not found [ 1834.793657][T11369] usb 1-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7 [ 1834.818099][T11369] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1834.843294][T11369] usb 1-1: Product: syz [ 1834.858694][T11369] usb 1-1: Manufacturer: syz [ 1834.885018][T11369] usb 1-1: SerialNumber: syz [ 1834.915988][T12676] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1834.981539][T12706] CIFS mount error: No usable UNC path provided in device string! [ 1834.981539][T12706] [ 1835.016513][T12706] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1835.232541][T11369] comedi comedi5: driver 'ni6501' has successfully auto-configured 'ni6501'. [ 1835.279789][T11369] usb 1-1: USB disconnect, device number 110 [ 1835.348852][T12718] netlink: 'syz.6.16652': attribute type 92 has an invalid length. [ 1836.409026][T12761] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 1836.748911][T12767] loop0: detected capacity change from 0 to 4096 [ 1836.782975][T12777] netlink: 8 bytes leftover after parsing attributes in process `syz.7.16679'. [ 1836.848082][T12767] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 1836.948005][T12767] ntfs3(loop0): Failed to load $Extend (-22). [ 1836.989247][T12767] ntfs3(loop0): Failed to initialize $Extend. [ 1837.213176][T12791] loop2: detected capacity change from 0 to 128 [ 1837.260988][T12791] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 1837.341312][T12791] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1837.497237][T12798] netlink: 'syz.0.16687': attribute type 21 has an invalid length. [ 1837.550595][T12798] netlink: 156 bytes leftover after parsing attributes in process `syz.0.16687'. [ 1837.758690][T12799] loop7: detected capacity change from 0 to 4096 [ 1837.892648][T12805] netlink: 'syz.2.16692': attribute type 3 has an invalid length. [ 1837.903257][T12805] netlink: 224 bytes leftover after parsing attributes in process `syz.2.16692'. [ 1837.909291][T12807] loop0: detected capacity change from 0 to 8 [ 1838.287157][T11369] usb 4-1: new high-speed USB device number 100 using dummy_hcd [ 1838.441135][T12820] loop4: detected capacity change from 0 to 4096 [ 1838.467931][T11369] usb 4-1: config 0 has an invalid interface number: 50 but max is 0 [ 1838.502383][T11369] usb 4-1: config 0 has no interface number 0 [ 1838.519416][T11369] usb 4-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1838.567467][T11369] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc [ 1838.599013][T11369] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1838.642708][T11369] usb 4-1: Product: syz [ 1838.662882][T11369] usb 4-1: Manufacturer: syz [ 1838.671996][T12820] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 1838.681388][T11369] usb 4-1: SerialNumber: syz [ 1838.695491][T12820] ntfs3(loop4): Failed to load $Extend (-22). [ 1838.704047][T11369] usb 4-1: config 0 descriptor?? [ 1838.720931][T12820] ntfs3(loop4): Failed to initialize $Extend. [ 1838.752309][T11369] yurex 4-1:0.50: USB YUREX device now attached to Yurex #0 [ 1838.798645][T12820] ntfs3(loop4): ino=5, "/" indx_read_ra [ 1838.986093][ T5848] ntfs3(loop4): ino=9, ntfs_sync_fs failed, -22. [ 1839.186476][T11369] usb 4-1: USB disconnect, device number 100 [ 1839.260302][T11369] yurex 4-1:0.50: USB YUREX #0 now disconnected [ 1839.632340][T12858] loop6: detected capacity change from 0 to 256 [ 1839.668568][T12858] exfat: Deprecated parameter 'utf8' [ 1839.718203][T12858] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe3908169, utbl_chksum : 0xe619d30d) [ 1840.094423][ T30] audit: type=1326 audit(2000526314.776:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.7.16726" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5e79ce59 code=0x7ffc0000 [ 1840.237363][ T30] audit: type=1326 audit(2000526314.776:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.7.16726" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5e79ce59 code=0x7ffc0000 [ 1840.313828][ T30] audit: type=1326 audit(2000526314.832:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.7.16726" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5e79ce59 code=0x7ffc0000 [ 1840.346767][ T30] audit: type=1326 audit(2000526314.832:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.7.16726" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5e79ce59 code=0x7ffc0000 [ 1840.407319][ T30] audit: type=1326 audit(2000526314.860:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.7.16726" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7f3d5e79ce59 code=0x7ffc0000 [ 1840.434049][ T30] audit: type=1326 audit(2000526314.860:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.7.16726" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5e79ce59 code=0x7ffc0000 [ 1840.460342][ T30] audit: type=1326 audit(2000526314.860:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.7.16726" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5e79ce59 code=0x7ffc0000 [ 1840.581911][ T30] audit: type=1326 audit(2000526314.860:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.7.16726" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3d5e79ce59 code=0x7ffc0000 [ 1840.620497][ T30] audit: type=1326 audit(2000526314.860:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12872 comm="syz.7.16726" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f3d5e79ce59 code=0x7ffc0000 [ 1840.805692][T12895] loop0: detected capacity change from 0 to 64 [ 1841.028617][ T30] audit: type=1326 audit(2000526315.656:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12899 comm="syz.6.16739" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ff679ce59 code=0x7ffc0000 [ 1841.115181][T12905] openvswitch: netlink: VXLAN extension message has 16 unknown bytes. [ 1841.231574][T12909] netlink: 'syz.7.16743': attribute type 7 has an invalid length. [ 1842.020318][T12939] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 1842.105714][T12941] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:11d2:0:5efe:150.125.240.108, load rds_tcp or rds_rdma? [ 1842.211425][T12945] netlink: 4975 bytes leftover after parsing attributes in process `syz.4.16761'. [ 1842.238912][T12945] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1842.745892][T12961] autofs4:pid:12961:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(768.1), cmd(0xc0189375) [ 1842.810093][T12961] autofs4:pid:12961:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189375) [ 1842.850694][T12969] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16773'. [ 1842.902240][T28097] usb 5-1: new high-speed USB device number 98 using dummy_hcd [ 1843.073824][T12977] netlink: 412 bytes leftover after parsing attributes in process `syz.3.16776'. [ 1843.085756][T28097] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 1843.113850][T28097] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 1843.154757][T28097] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121 [ 1843.197254][T28097] usb 5-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 1843.230055][T28097] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1843.250687][T28097] usb 5-1: Product: syz [ 1843.261515][T28097] usb 5-1: Manufacturer: syz [ 1843.283154][T28097] usb 5-1: SerialNumber: syz [ 1843.329476][T11256] usb 8-1: new full-speed USB device number 4 using dummy_hcd [ 1843.340921][T28097] usb 5-1: config 0 descriptor?? [ 1843.360791][T12959] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 1843.386685][T12959] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 1843.441528][T28097] usb 5-1: ucan: probing device on interface #0 [ 1843.537744][T11256] usb 8-1: unable to get BOS descriptor or descriptor too short [ 1843.559082][T11256] usb 8-1: not running at top speed; connect to a high speed hub [ 1843.581978][T12991] xt_l2tp: unknown flags: 10 [ 1843.588530][T11256] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1843.610718][T11256] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 1843.643055][T11256] usb 8-1: too many endpoints for config 1 interface 1 altsetting 23: 170, using maximum allowed: 30 [ 1843.668814][T11256] usb 8-1: config 1 interface 1 altsetting 23 has 0 endpoint descriptors, different from the interface descriptor's value: 170 [ 1843.720337][T11256] usb 8-1: config 1 interface 1 has no altsetting 0 [ 1843.738418][T11256] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1843.751633][T11256] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 1843.768475][T11256] usb 8-1: Product: syz [ 1843.784129][T11256] usb 8-1: Manufacturer: syz [ 1843.803904][T11256] usb 8-1: SerialNumber: syz [ 1843.852432][T12975] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22 [ 1843.921420][T28097] usb 5-1: ucan: failed to retrieve device info [ 1843.941831][T28097] usb 5-1: ucan: probe failed; try to update the device firmware [ 1844.005640][T28097] usb 5-1: USB disconnect, device number 98 [ 1844.114157][T11256] cdc_acm 8-1:1.0: probe with driver cdc_acm failed with error -22 [ 1844.204340][T11256] usb 8-1: USB disconnect, device number 4 [ 1844.247793][T13009] loop3: detected capacity change from 0 to 1024 [ 1844.286112][T13009] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 1845.092290][T13001] loop0: detected capacity change from 0 to 32768 [ 1845.161818][T13001] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 1845.226786][T13001] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1845.399382][T13001] XFS (loop0): Ending clean mount [ 1845.544215][T13052] sctp: [Deprecated]: syz.4.16810 (pid 13052) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1845.544215][T13052] Use struct sctp_sack_info instead [ 1845.660234][ T5834] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1846.102549][T13072] loop2: detected capacity change from 0 to 64 [ 1846.298701][T13070] loop0: detected capacity change from 0 to 4096 [ 1846.414111][T13081] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1846.652663][T11256] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 1846.689835][T13087] loop3: detected capacity change from 0 to 2048 [ 1846.789540][T13092] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1846.840913][T13095] netlink: 'syz.0.16841': attribute type 21 has an invalid length. [ 1846.866200][T13095] netlink: 'syz.0.16841': attribute type 1 has an invalid length. [ 1846.876378][T11256] usb 7-1: Using ep0 maxpacket: 32 [ 1846.903767][T11256] usb 7-1: config 0 has an invalid interface number: 86 but max is 0 [ 1846.939789][T11256] usb 7-1: config 0 has no interface number 0 [ 1846.971986][T11256] usb 7-1: config 0 interface 86 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023 [ 1847.036978][T11256] usb 7-1: config 0 interface 86 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 255 [ 1847.060184][T13100] openvswitch: netlink: Message has 4 unknown bytes. [ 1847.099816][T11256] usb 7-1: config 0 interface 86 has no altsetting 0 [ 1847.161022][T11256] usb 7-1: New USB device found, idVendor=8086, idProduct=0b63, bcdDevice=6a.32 [ 1847.210047][T11256] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1847.248931][T11256] usb 7-1: Product: syz [ 1847.271738][T11256] usb 7-1: Manufacturer: syz [ 1847.292612][T11256] usb 7-1: SerialNumber: syz [ 1847.321213][T11256] usb 7-1: config 0 descriptor?? [ 1847.339551][T13080] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1847.355605][T13080] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1847.490249][T28097] usb 3-1: new high-speed USB device number 95 using dummy_hcd [ 1847.660414][T11256] ljca 7-1:0.86: probe with driver ljca failed with error -71 [ 1847.680272][T28097] usb 3-1: Using ep0 maxpacket: 32 [ 1847.694634][T13118] loop7: detected capacity change from 0 to 64 [ 1847.710446][T28097] usb 3-1: New USB device found, idVendor=1a86, idProduct=752d, bcdDevice= 0.40 [ 1847.730802][T28097] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1847.745834][T11256] usb 7-1: USB disconnect, device number 23 [ 1847.756586][T28097] usb 3-1: Product: syz [ 1847.761351][T28097] usb 3-1: Manufacturer: syz [ 1847.777994][T28097] usb 3-1: SerialNumber: syz [ 1848.048314][T28097] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 1848.071736][T28097] snd-usb-audio 3-1:1.1: probe with driver snd-usb-audio failed with error -2 [ 1848.116250][T28097] usb 3-1: USB disconnect, device number 95 [ 1848.128711][T27351] usb 4-1: new high-speed USB device number 101 using dummy_hcd [ 1848.321197][T27351] usb 4-1: Using ep0 maxpacket: 8 [ 1848.357121][T27351] usb 4-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4 [ 1848.395564][T27351] usb 4-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 1848.436842][T27351] usb 4-1: Product: syz [ 1848.448913][T27351] usb 4-1: Manufacturer: syz [ 1848.463118][T27351] usb 4-1: SerialNumber: syz [ 1848.487914][T27351] usb 4-1: config 0 descriptor?? [ 1848.515208][T27351] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd [ 1848.822633][T13149] netlink: 20 bytes leftover after parsing attributes in process `syz.2.16857'. [ 1848.828474][T13151] netlink: 104 bytes leftover after parsing attributes in process `syz.7.16858'. [ 1848.979821][T27351] gspca_zc3xx: reg_r err -71 [ 1849.007018][T27351] gspca_zc3xx 4-1:0.0: probe with driver gspca_zc3xx failed with error -71 [ 1849.044638][T27351] usb 4-1: USB disconnect, device number 101 [ 1850.382422][T13207] loop3: detected capacity change from 0 to 64 [ 1850.456239][T13203] bond3: Removing last ns target with arp_interval on [ 1850.480632][T13199] loop4: detected capacity change from 0 to 4096 [ 1850.522867][T13199] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 1850.590388][T13199] ntfs3(loop4): Failed to load $Extend (-22). [ 1850.620181][T13199] ntfs3(loop4): Failed to initialize $Extend. [ 1851.045409][T27351] usb 4-1: new full-speed USB device number 102 using dummy_hcd [ 1851.253017][T27351] usb 4-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d [ 1851.289777][T27351] usb 4-1: New USB device strings: Mfr=1, Product=12, SerialNumber=3 [ 1851.322252][T27351] usb 4-1: Product: syz [ 1851.340098][T27351] usb 4-1: Manufacturer: syz [ 1851.357254][T27351] usb 4-1: SerialNumber: syz [ 1851.428048][T27351] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state. [ 1851.431933][T13231] xfrm0 speed is unknown, defaulting to 1000 [ 1851.475266][T13237] netlink: 'syz.0.16900': attribute type 10 has an invalid length. [ 1851.542248][T13237] team0: Device 5ÿ is up. Set it down before adding it as a team port [ 1851.846714][T27351] vp7045: USB control message 'in' went wrong. [ 1851.878190][T27351] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 1851.941905][T27351] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19) [ 1852.034439][T27351] usb 4-1: USB disconnect, device number 102 [ 1852.734175][T13274] netlink: 'syz.3.16915': attribute type 13 has an invalid length. [ 1852.785707][T13274] netlink: 'syz.3.16915': attribute type 17 has an invalid length. [ 1853.235648][T13274] bridge0: port 3(syz_tun) entered blocking state [ 1853.242274][T13274] bridge0: port 3(syz_tun) entered forwarding state [ 1853.300310][T13274] bridge0: left allmulticast mode [ 1853.329314][T13274] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1853.402362][T27351] usb 8-1: new full-speed USB device number 5 using dummy_hcd [ 1853.418893][T13274] 8021q: adding VLAN 0 to HW filter on device team0 [ 1853.505962][T13274] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1853.525077][T13296] netlink: 'syz.0.16926': attribute type 1 has an invalid length. [ 1853.543541][T13296] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16926'. [ 1853.612850][T27351] usb 8-1: config 5 has an invalid interface number: 123 but max is 0 [ 1853.628459][T27351] usb 8-1: config 5 has no interface number 0 [ 1853.639148][T27351] usb 8-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B [ 1853.657333][T27351] usb 8-1: config 5 interface 123 altsetting 7 endpoint 0x5 has invalid maxpacket 512, setting to 64 [ 1853.679270][T27351] usb 8-1: config 5 interface 123 has no altsetting 0 [ 1853.706932][T27351] usb 8-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7 [ 1853.710250][T13274] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1853.723346][T27351] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1853.741727][T27351] usb 8-1: Product: syz [ 1853.753026][T27351] usb 8-1: Manufacturer: syz [ 1853.763526][T13274] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1853.766493][T27351] usb 8-1: SerialNumber: syz [ 1853.776714][T13274] xfrm0: left promiscuous mode [ 1853.785344][T13274] xfrm0: left allmulticast mode [ 1853.800965][T13286] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 1853.813389][T13274] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1853.832385][T13274] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1853.898405][T13274] veth0_macvtap: left promiscuous mode [ 1853.906758][T13274] veth0_macvtap: entered promiscuous mode [ 1853.924687][T13274] macsec0: left promiscuous mode [ 1853.933963][T13274] macsec0: left allmulticast mode [ 1853.951213][T13274] veth1_macvtap: left allmulticast mode [ 1853.965355][T13274] netdevsim netdevsim3 : left promiscuous mode [ 1853.972070][T13274] 8021q: adding VLAN 0 to HW filter on device  [ 1853.992881][T13274] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1854.005992][T13274] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1854.031222][T13274] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1854.063174][T13274] mac80211_hwsim hwsim2 wlan0: left promiscuous mode [ 1854.071626][T27351] comedi comedi5: driver 'ni6501' has successfully auto-configured 'ni6501'. [ 1854.080949][T13274] mac80211_hwsim hwsim2 wlan0: left allmulticast mode [ 1854.086147][T27351] usb 8-1: USB disconnect, device number 5 [ 1854.116063][T13274] bridge2: left promiscuous mode [ 1854.170468][T13274] bridge3: left promiscuous mode [ 1854.178830][T13274] bridge3: left allmulticast mode [ 1854.208645][T13274] bridge4: left promiscuous mode [ 1854.220973][T13274] bridge4: left allmulticast mode [ 1854.235983][T13274] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 1854.253863][T13274] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1854.264658][T13274] xfrm1: left allmulticast mode [ 1854.278241][T13274] bond2: left allmulticast mode [ 1854.293801][T13274] 8021q: adding VLAN 0 to HW filter on device bond3 [ 1854.351103][T31226] bridge0: port 1(bridge_slave_0) entered blocking state [ 1854.358464][T31226] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1854.371761][T31226] bridge0: port 2(bridge_slave_1) entered blocking state [ 1854.379091][T31226] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1854.521823][T31219] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1855.084329][T27351] usb 5-1: new high-speed USB device number 99 using dummy_hcd [ 1855.093015][T11369] usb 1-1: new high-speed USB device number 111 using dummy_hcd [ 1855.270203][T11369] usb 1-1: unable to get BOS descriptor or descriptor too short [ 1855.282345][T27351] usb 5-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 1855.310121][T11369] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1855.319909][T13337] xfrm0 speed is unknown, defaulting to 1000 [ 1855.324768][T27351] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1855.348248][T11369] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 32 [ 1855.365513][T27351] usb 5-1: Product: syz [ 1855.375835][T27351] usb 5-1: Manufacturer: syz [ 1855.381341][T11369] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1855.394555][T27351] usb 5-1: SerialNumber: syz [ 1855.403016][T27351] usb 5-1: config 0 descriptor?? [ 1855.417062][T11369] usb 1-1: New USB device found, idVendor=09e8, idProduct=0062, bcdDevice= 0.40 [ 1855.429699][T27351] i2c-tiny-usb 5-1:0.0: version 6d.cc found at bus 005 address 099 [ 1855.438214][T11369] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1855.450502][T11369] usb 1-1: Product: syz [ 1855.454988][T11369] usb 1-1: Manufacturer: syz [ 1855.460453][T11369] usb 1-1: SerialNumber: syz [ 1855.514360][T13324] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1855.829348][T11369] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 1855.851533][T27351] (null): failure reading functionality [ 1855.912605][T27351] i2c i2c-1: failure reading functionality [ 1855.973494][T27351] i2c i2c-1: connected i2c-tiny-usb device [ 1856.010252][T27351] usb 5-1: USB disconnect, device number 99 [ 1856.109614][T11369] usb 1-1: USB disconnect, device number 111 [ 1856.368082][T28097] usb 4-1: new high-speed USB device number 103 using dummy_hcd [ 1856.403143][ T6402] udevd[6402]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1856.588500][T28097] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1856.640451][T28097] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1856.704302][T13364] netlink: 'syz.2.16961': attribute type 61 has an invalid length. [ 1856.721989][T28097] usb 4-1: Product: syz [ 1856.751366][T28097] usb 4-1: Manufacturer: syz [ 1856.773910][T28097] usb 4-1: SerialNumber: syz [ 1856.848666][T28097] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1856.890552][ T2169] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1857.092703][T13375] binder: 13374:13375 ioctl 40046210 0 returned -14 [ 1857.130937][T13377] loop4: detected capacity change from 0 to 64 [ 1857.161800][ C1] usb 4-1: ath9k_htc: invalid pkt_len (ffef) [ 1857.176187][T13371] loop2: detected capacity change from 0 to 4096 [ 1857.218807][T13371] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 1857.364072][T13371] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 1857.476232][T28097] usb 4-1: USB disconnect, device number 103 [ 1857.601795][T12401] ntfs3(loop2): ino=3, ntfs3_write_inode failed, -22. [ 1857.621124][T12401] ntfs3(loop2): ino=5, mi_enum_attr [ 1857.660274][T12401] ntfs3(loop2): ino=5, mi_enum_attr [ 1857.696302][ T5843] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 1857.711410][T13385] xfrm0 speed is unknown, defaulting to 1000 [ 1857.725479][ T5843] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 1857.742456][ T5843] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 1857.775620][T12401] ntfs3(loop2): ino=3, ntfs3_write_inode failed, -22. [ 1858.087170][ T2169] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 1858.098900][ T2169] ath9k_htc: Failed to initialize the device [ 1858.108759][T28097] usb 4-1: ath9k_htc: USB layer deinitialized [ 1858.204407][T13392] xt_hashlimit: overflow, rate too high: 0 [ 1858.241147][T13391] loop6: detected capacity change from 0 to 4096 [ 1858.418209][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1858.685317][ T2169] usb 5-1: new high-speed USB device number 100 using dummy_hcd [ 1858.876320][T13406] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1858.909611][ T2169] usb 5-1: Using ep0 maxpacket: 8 [ 1858.925250][ T2169] usb 5-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config [ 1858.988495][ T2169] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 97, changing to 7 [ 1859.008539][ T2169] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 24929, setting to 1024 [ 1859.068664][ T2169] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 1859.107225][ T2169] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40 [ 1859.140246][ T2169] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1859.176563][ T2169] usb 5-1: Product: syz [ 1859.182837][ T2169] usb 5-1: Manufacturer: syz [ 1859.208523][ T2169] usb 5-1: SerialNumber: syz [ 1859.263757][ T2169] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22 [ 1859.306983][ T2169] usbtest 5-1:1.0: Linux user mode ISO test driver [ 1859.328177][ T2169] usbtest 5-1:1.0: high-speed {control iso-in} tests (+alt) [ 1859.498690][ T2169] usb 5-1: USB disconnect, device number 100 [ 1860.601277][T13463] loop7: detected capacity change from 0 to 256 [ 1860.888641][T13471] netlink: 'syz.0.17011': attribute type 1 has an invalid length. [ 1861.226885][T13487] openvswitch: netlink: Key type 31 is not supported [ 1861.271081][T13483] xfrm0 speed is unknown, defaulting to 1000 [ 1862.078154][T13512] loop4: detected capacity change from 0 to 64 [ 1862.078363][T13508] loop3: detected capacity change from 0 to 1024 [ 1862.327831][T13517] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 1862.654987][T13526] loop2: detected capacity change from 0 to 736 [ 1862.903380][T13526] rock: directory entry would overflow storage [ 1862.943203][T13526] rock: sig=0x3b10, size=4, remaining=3 [ 1863.017146][T13534] loop4: detected capacity change from 0 to 512 [ 1863.047790][T13534] EXT4-fs: Ignoring removed oldalloc option [ 1863.115284][T13536] netlink: 'syz.0.17043': attribute type 1 has an invalid length. [ 1863.166056][T13534] EXT4-fs error (device loop4): ext4_iget_extra_inode:5127: inode #15: comm syz.4.17037: corrupted in-inode xattr: invalid ea_ino [ 1863.237373][T13534] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1863.237953][T13534] EXT4-fs (loop4): Remounting filesystem read-only [ 1863.247218][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 1863.247254][ C0] EXT4-fs (loop4): initial error at time 2000526592: ext4_iget_extra_inode:5127: inode 15 [ 1863.247310][ C0] EXT4-fs (loop4): last error at time 2000526592: ext4_iget_extra_inode:5127: inode 15 [ 1863.375950][T13534] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1863.456117][T13542] loop7: detected capacity change from 0 to 164 [ 1863.505207][T13542] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1863.574843][T13542] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1863.628293][T13542] Symlink component flag not implemented [ 1863.672249][T13542] Symlink component flag not implemented [ 1863.698486][ T5848] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1863.711927][T13542] Symlink component flag not implemented (7) [ 1863.711951][T13542] Symlink component flag not implemented (116) [ 1863.896744][T13553] netlink: 12 bytes leftover after parsing attributes in process `syz.2.17051'. [ 1864.857740][T13591] loop2: detected capacity change from 0 to 16 [ 1864.889383][T13591] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 1865.653583][T13618] loop3: detected capacity change from 0 to 64 [ 1865.679200][T13618] hfs: unable to locate alternate MDB [ 1865.709014][T13618] hfs: continuing without an alternate MDB [ 1865.758468][T11369] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 1865.761834][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 1865.761857][ T30] audit: type=1800 audit(2000526594.800:393): pid=13618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.17081" name="file1" dev="loop3" ino=22 res=0 errno=0 [ 1865.838281][T12397] [ 1865.838299][T12397] ====================================================== [ 1865.838314][T12397] WARNING: possible circular locking dependency detected [ 1865.838335][T12397] syzkaller #0 Tainted: G L [ 1865.838358][T12397] ------------------------------------------------------ [ 1865.838372][T12397] kworker/u8:6/12397 is trying to acquire lock: [ 1865.838394][T12397] ffff88807ac53930 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xa6/0xcf0 [ 1865.838508][T12397] [ 1865.838508][T12397] but task is already holding lock: [ 1865.838521][T12397] ffff888079b480a8 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x273/0x330 [ 1865.838624][T12397] [ 1865.838624][T12397] which lock already depends on the new lock. [ 1865.838624][T12397] [ 1865.838639][T12397] [ 1865.838639][T12397] the existing dependency chain (in reverse order) is: [ 1865.838654][T12397] [ 1865.838654][T12397] -> #1 (&tree->tree_lock/1){+.+.}-{4:4}: [ 1865.838719][T12397] __mutex_lock+0x1a4/0x1b10 [ 1865.838779][T12397] hfs_find_init+0x273/0x330 [ 1865.838823][T12397] hfs_ext_read_extent+0x19d/0x9d0 [ 1865.838879][T12397] hfs_get_block+0x576/0x830 [ 1865.838943][T12397] block_read_full_folio+0x36c/0x8e0 [ 1865.839007][T12397] filemap_read_folio+0xfc/0x3b0 [ 1865.839051][T12397] do_read_cache_folio+0x2d7/0x6b0 [ 1865.839104][T12397] read_cache_page+0x5b/0x1b0 [ 1865.839154][T12397] __hfs_bnode_create+0x718/0x9a0 [ 1865.839199][T12397] hfs_bnode_find+0x2d5/0xd30 [ 1865.839248][T12397] hfs_brec_find+0x39d/0x620 [ 1865.839291][T12397] hfs_brec_read+0x26/0x120 [ 1865.839335][T12397] hfs_cat_find_brec+0xdc/0x2a0 [ 1865.839389][T12397] hfs_fill_super+0x58d/0x7e0 [ 1865.839428][T12397] get_tree_bdev_flags+0x38c/0x620 [ 1865.839486][T12397] vfs_get_tree+0x92/0x320 [ 1865.839534][T12397] path_mount+0x7d0/0x23d0 [ 1865.839576][T12397] __x64_sys_mount+0x293/0x310 [ 1865.839620][T12397] do_syscall_64+0x115/0x870 [ 1865.839673][T12397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1865.839712][T12397] [ 1865.839712][T12397] -> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}: [ 1865.839767][T12397] __lock_acquire+0x14b8/0x2630 [ 1865.839806][T12397] lock_acquire+0x1b1/0x370 [ 1865.839844][T12397] __mutex_lock+0x1a4/0x1b10 [ 1865.839898][T12397] hfs_extend_file+0xa6/0xcf0 [ 1865.839957][T12397] hfs_bmap_reserve+0x2ab/0x3a0 [ 1865.840007][T12397] __hfs_ext_write_extent+0x3c4/0x510 [ 1865.840063][T12397] hfs_ext_write_extent+0x1b7/0x200 [ 1865.840118][T12397] hfs_write_inode+0xce/0xab0 [ 1865.840151][T12397] __writeback_single_inode+0xcd4/0x1350 [ 1865.840210][T12397] writeback_sb_inodes+0x766/0x1c60 [ 1865.840268][T12397] wb_writeback+0x1bf/0xb90 [ 1865.840322][T12397] wb_workfn+0x14f/0xc00 [ 1865.840376][T12397] process_one_work+0xa0e/0x1980 [ 1865.840417][T12397] worker_thread+0x5ef/0xe50 [ 1865.840457][T12397] kthread+0x370/0x450 [ 1865.840493][T12397] ret_from_fork+0x72b/0xd50 [ 1865.840532][T12397] ret_from_fork_asm+0x1a/0x30 [ 1865.840580][T12397] [ 1865.840580][T12397] other info that might help us debug this: [ 1865.840580][T12397] [ 1865.840592][T12397] Possible unsafe locking scenario: [ 1865.840592][T12397] [ 1865.840604][T12397] CPU0 CPU1 [ 1865.840616][T12397] ---- ---- [ 1865.840628][T12397] lock(&tree->tree_lock/1); [ 1865.840664][T12397] lock(&HFS_I(tree->inode)->extents_lock); [ 1865.840695][T12397] lock(&tree->tree_lock/1); [ 1865.840733][T12397] lock(&HFS_I(tree->inode)->extents_lock); [ 1865.840762][T12397] [ 1865.840762][T12397] *** DEADLOCK *** [ 1865.840762][T12397] [ 1865.840772][T12397] 3 locks held by kworker/u8:6/12397: [ 1865.840794][T12397] #0: ffff888020adf940 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x12d6/0x1980 [ 1865.840892][T12397] #1: ffffc900056a7d08 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x973/0x1980 [ 1865.840992][T12397] #2: ffff888079b480a8 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x273/0x330 [ 1865.841096][T12397] [ 1865.841096][T12397] stack backtrace: [ 1865.841117][T12397] CPU: 0 UID: 0 PID: 12397 Comm: kworker/u8:6 Tainted: G L syzkaller #0 PREEMPT(full) [ 1865.841169][T12397] Tainted: [L]=SOFTLOCKUP [ 1865.841183][T12397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1865.841210][T12397] Workqueue: writeback wb_workfn (flush-7:3) [ 1865.841277][T12397] Call Trace: [ 1865.841289][T12397] [ 1865.841302][T12397] dump_stack_lvl+0x100/0x190 [ 1865.841341][T12397] print_circular_bug.cold+0x178/0x1c7 [ 1865.841407][T12397] check_noncircular+0x146/0x160 [ 1865.841445][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.841502][T12397] __lock_acquire+0x14b8/0x2630 [ 1865.841550][T12397] ? __pfx_stack_trace_save+0x10/0x10 [ 1865.841616][T12397] lock_acquire+0x1b1/0x370 [ 1865.841657][T12397] ? hfs_extend_file+0xa6/0xcf0 [ 1865.841718][T12397] ? __pfx___might_resched+0x10/0x10 [ 1865.841767][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.841814][T12397] ? add_lock_to_list+0x99/0x110 [ 1865.841877][T12397] __mutex_lock+0x1a4/0x1b10 [ 1865.841939][T12397] ? hfs_extend_file+0xa6/0xcf0 [ 1865.841997][T12397] ? hfs_extend_file+0xa6/0xcf0 [ 1865.842059][T12397] ? hfs_write_inode+0xce/0xab0 [ 1865.842093][T12397] ? __writeback_single_inode+0xcd4/0x1350 [ 1865.842156][T12397] ? __pfx___mutex_lock+0x10/0x10 [ 1865.842215][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.842262][T12397] ? lock_acquire+0x1b1/0x370 [ 1865.842308][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.842355][T12397] ? trace_contention_end+0x122/0x170 [ 1865.842403][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.842454][T12397] ? hfs_extend_file+0xa6/0xcf0 [ 1865.842511][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.842558][T12397] hfs_extend_file+0xa6/0xcf0 [ 1865.842619][T12397] ? __pfx_hfs_extend_file+0x10/0x10 [ 1865.842678][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.842734][T12397] hfs_bmap_reserve+0x2ab/0x3a0 [ 1865.842794][T12397] __hfs_ext_write_extent+0x3c4/0x510 [ 1865.842853][T12397] ? hfs_find_init+0x273/0x330 [ 1865.842896][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.842951][T12397] hfs_ext_write_extent+0x1b7/0x200 [ 1865.843013][T12397] ? __pfx_hfs_ext_write_extent+0x10/0x10 [ 1865.843079][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.843126][T12397] ? __mpage_writepages+0x1a8/0x210 [ 1865.843165][T12397] ? __pfx___mpage_writepages+0x10/0x10 [ 1865.843204][T12397] hfs_write_inode+0xce/0xab0 [ 1865.843241][T12397] ? __pfx_hfs_write_inode+0x10/0x10 [ 1865.843276][T12397] ? __lock_acquire+0x4a5/0x2630 [ 1865.843333][T12397] ? __writeback_single_inode+0x454/0x1350 [ 1865.843395][T12397] ? __writeback_single_inode+0x454/0x1350 [ 1865.843455][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.843509][T12397] __writeback_single_inode+0xcd4/0x1350 [ 1865.843575][T12397] ? __pfx___writeback_single_inode+0x10/0x10 [ 1865.843636][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.843683][T12397] ? do_raw_spin_unlock+0x145/0x1e0 [ 1865.843734][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.843786][T12397] writeback_sb_inodes+0x766/0x1c60 [ 1865.843859][T12397] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 1865.843923][T12397] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1865.843976][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.844057][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.844105][T12397] ? rcu_is_watching+0x12/0xc0 [ 1865.844159][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.844205][T12397] ? queue_io+0x287/0x540 [ 1865.844257][T12397] wb_writeback+0x1bf/0xb90 [ 1865.844323][T12397] ? __pfx_wb_writeback+0x10/0x10 [ 1865.844389][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.844435][T12397] ? mark_held_locks+0x40/0x70 [ 1865.844477][T12397] ? _raw_spin_unlock_irq+0x23/0x50 [ 1865.844532][T12397] wb_workfn+0x14f/0xc00 [ 1865.844593][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.844640][T12397] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1865.844694][T12397] ? __pfx_wb_workfn+0x10/0x10 [ 1865.844756][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.844806][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.844855][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.844902][T12397] ? rcu_is_watching+0x12/0xc0 [ 1865.844958][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.845009][T12397] process_one_work+0xa0e/0x1980 [ 1865.845065][T12397] ? __pfx_process_one_work+0x10/0x10 [ 1865.845107][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.845163][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.845216][T12397] worker_thread+0x5ef/0xe50 [ 1865.845270][T12397] ? kthread+0x13a/0x450 [ 1865.845308][T12397] ? __pfx_worker_thread+0x10/0x10 [ 1865.845350][T12397] kthread+0x370/0x450 [ 1865.845387][T12397] ? __pfx_kthread+0x10/0x10 [ 1865.845428][T12397] ret_from_fork+0x72b/0xd50 [ 1865.845473][T12397] ? __pfx_ret_from_fork+0x10/0x10 [ 1865.845515][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.845562][T12397] ? rcu_is_watching+0x12/0xc0 [ 1865.845615][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.845662][T12397] ? __switch_to+0x800/0x1100 [ 1865.845714][T12397] ? __switch_to_asm+0x39/0x70 [ 1865.845764][T12397] ? __pfx_kthread+0x10/0x10 [ 1865.845805][T12397] ret_from_fork_asm+0x1a/0x30 [ 1865.845868][T12397] [ 1865.848391][T13622] xt_TPROXY: Can be used only with -p tcp or -p udp [ 1865.866213][T12397] hfs: new node 0 already hashed? [ 1865.866849][T12397] ------------[ cut here ]------------ [ 1865.866866][T12397] 1 [ 1865.866875][T12397] WARNING: fs/hfs/bnode.c:520 at hfs_bnode_create.cold+0x41/0x49, CPU#0: kworker/u8:6/12397 [ 1865.866954][T12397] Modules linked in: [ 1865.866985][T12397] CPU: 0 UID: 0 PID: 12397 Comm: kworker/u8:6 Tainted: G L syzkaller #0 PREEMPT(full) [ 1865.867042][T12397] Tainted: [L]=SOFTLOCKUP [ 1865.867058][T12397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1865.867086][T12397] Workqueue: writeback wb_workfn (flush-7:3) [ 1865.867175][T12397] RIP: 0010:hfs_bnode_create.cold+0x41/0x49 [ 1865.867225][T12397] Code: f5 84 63 0a e9 a7 3d d1 01 e8 7b 12 e1 00 4c 89 f7 e8 e3 84 63 0a e8 6e 12 e1 00 89 ee 48 c7 c7 80 e7 d1 8b e8 40 e1 fa ff 90 <0f> 0b 90 e9 a9 40 d1 01 e8 52 12 e1 00 e8 0d 4b 4d 00 e9 05 43 d1 [ 1865.867274][T12397] RSP: 0018:ffffc900056a7020 EFLAGS: 00010282 [ 1865.867306][T12397] RAX: 000000000000001f RBX: ffff8880377f8e00 RCX: 0000000000000000 [ 1865.867333][T12397] RDX: 000000000000001f RSI: ffffffff81e71a69 RDI: fffff52000ad4df5 [ 1865.867361][T12397] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 1865.867387][T12397] R10: 0000000080000000 R11: 0000000000000003 R12: dffffc0000000000 [ 1865.867422][T12397] R13: ffff888079b48000 R14: ffff888079b480d8 R15: 0000000000000000 [ 1865.867452][T12397] FS: 0000000000000000(0000) GS:ffff888124384000(0000) knlGS:0000000000000000 [ 1865.867488][T12397] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1865.867516][T12397] CR2: 00007ffeec447d90 CR3: 00000000261d0000 CR4: 0000000000350ef0 [ 1865.867544][T12397] Call Trace: [ 1865.867558][T12397] [ 1865.867572][T12397] ? _raw_spin_unlock+0x28/0x50 [ 1865.867638][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.867704][T12397] ? hfs_bnode_put+0x208/0x480 [ 1865.867762][T12397] hfs_bmap_alloc+0x5a7/0x6b0 [ 1865.867823][T12397] ? __pfx_hfs_bmap_alloc+0x10/0x10 [ 1865.867891][T12397] ? __asan_memcpy+0x3c/0x60 [ 1865.867943][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.867992][T12397] ? hfs_bnode_read.part.0+0x298/0x330 [ 1865.868044][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.868093][T12397] ? folio_mark_accessed+0xf3/0x1040 [ 1865.868154][T12397] hfs_btree_inc_height.isra.0+0xff/0x820 [ 1865.868211][T12397] ? rcu_is_watching+0x12/0xc0 [ 1865.868267][T12397] ? __pfx_hfs_btree_inc_height.isra.0+0x10/0x10 [ 1865.868327][T12397] ? do_raw_spin_unlock+0x145/0x1e0 [ 1865.868382][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.868430][T12397] ? _raw_spin_unlock+0x28/0x50 [ 1865.868481][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.868529][T12397] ? hfs_bnode_put+0x208/0x480 [ 1865.868585][T12397] hfs_brec_insert+0x8ba/0xc20 [ 1865.868648][T12397] ? __pfx_hfs_brec_insert+0x10/0x10 [ 1865.868704][T12397] ? hfs_bmap_reserve+0x2c5/0x3a0 [ 1865.868766][T12397] __hfs_ext_write_extent+0x3ef/0x510 [ 1865.868827][T12397] ? hfs_find_init+0x273/0x330 [ 1865.868872][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.868929][T12397] hfs_ext_write_extent+0x1b7/0x200 [ 1865.868991][T12397] ? __pfx_hfs_ext_write_extent+0x10/0x10 [ 1865.869057][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.869103][T12397] ? __mpage_writepages+0x1a8/0x210 [ 1865.869142][T12397] ? __pfx___mpage_writepages+0x10/0x10 [ 1865.869182][T12397] hfs_write_inode+0xce/0xab0 [ 1865.869219][T12397] ? __pfx_hfs_write_inode+0x10/0x10 [ 1865.869255][T12397] ? __lock_acquire+0x4a5/0x2630 [ 1865.869313][T12397] ? __writeback_single_inode+0x454/0x1350 [ 1865.869374][T12397] ? __writeback_single_inode+0x454/0x1350 [ 1865.869453][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.869509][T12397] __writeback_single_inode+0xcd4/0x1350 [ 1865.869602][T12397] ? __pfx___writeback_single_inode+0x10/0x10 [ 1865.869665][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.869714][T12397] ? do_raw_spin_unlock+0x145/0x1e0 [ 1865.869768][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.869821][T12397] writeback_sb_inodes+0x766/0x1c60 [ 1865.869896][T12397] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 1865.869963][T12397] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1865.870018][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.870121][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.870170][T12397] ? rcu_is_watching+0x12/0xc0 [ 1865.870222][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.870270][T12397] ? queue_io+0x287/0x540 [ 1865.870324][T12397] wb_writeback+0x1bf/0xb90 [ 1865.870391][T12397] ? __pfx_wb_writeback+0x10/0x10 [ 1865.870459][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.870508][T12397] ? mark_held_locks+0x40/0x70 [ 1865.870551][T12397] ? _raw_spin_unlock_irq+0x23/0x50 [ 1865.870607][T12397] wb_workfn+0x14f/0xc00 [ 1865.870670][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.870719][T12397] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1865.870776][T12397] ? __pfx_wb_workfn+0x10/0x10 [ 1865.870839][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.870891][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.870947][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.870995][T12397] ? rcu_is_watching+0x12/0xc0 [ 1865.871049][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.871103][T12397] process_one_work+0xa0e/0x1980 [ 1865.871175][T12397] ? __pfx_process_one_work+0x10/0x10 [ 1865.871236][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.871294][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.871347][T12397] worker_thread+0x5ef/0xe50 [ 1865.871402][T12397] ? kthread+0x13a/0x450 [ 1865.871441][T12397] ? __pfx_worker_thread+0x10/0x10 [ 1865.871486][T12397] kthread+0x370/0x450 [ 1865.871525][T12397] ? __pfx_kthread+0x10/0x10 [ 1865.871568][T12397] ret_from_fork+0x72b/0xd50 [ 1865.871615][T12397] ? __pfx_ret_from_fork+0x10/0x10 [ 1865.871660][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.871708][T12397] ? rcu_is_watching+0x12/0xc0 [ 1865.871762][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.871811][T12397] ? __switch_to+0x800/0x1100 [ 1865.871865][T12397] ? __switch_to_asm+0x39/0x70 [ 1865.871924][T12397] ? __pfx_kthread+0x10/0x10 [ 1865.871966][T12397] ret_from_fork_asm+0x1a/0x30 [ 1865.872032][T12397] [ 1865.872049][T12397] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1865.872080][T12397] CPU: 0 UID: 0 PID: 12397 Comm: kworker/u8:6 Tainted: G L syzkaller #0 PREEMPT(full) [ 1865.872135][T12397] Tainted: [L]=SOFTLOCKUP [ 1865.872151][T12397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1865.872179][T12397] Workqueue: writeback wb_workfn (flush-7:3) [ 1865.872259][T12397] Call Trace: [ 1865.872271][T12397] [ 1865.872287][T12397] dump_stack_lvl+0x100/0x190 [ 1865.872325][T12397] vpanic+0x552/0x970 [ 1865.872368][T12397] ? __pfx_vpanic+0x10/0x10 [ 1865.872405][T12397] ? lock_release+0x245/0x310 [ 1865.872456][T12397] panic+0xd1/0xe0 [ 1865.872492][T12397] ? __pfx_panic+0x10/0x10 [ 1865.872541][T12397] ? check_panic_on_warn+0x1f/0x90 [ 1865.872584][T12397] check_panic_on_warn.cold+0x19/0x34 [ 1865.872626][T12397] ? hfs_bnode_create.cold+0x41/0x49 [ 1865.872672][T12397] __warn.cold+0x191/0x328 [ 1865.872715][T12397] __report_bug+0x296/0x3d0 [ 1865.872768][T12397] ? hfs_bnode_create.cold+0x41/0x49 [ 1865.872817][T12397] ? __pfx___report_bug+0x10/0x10 [ 1865.872871][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.872924][T12397] ? rcu_is_watching+0x12/0xc0 [ 1865.872979][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.873027][T12397] ? preempt_count_add+0x76/0x150 [ 1865.873079][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.873130][T12397] ? __wake_up_klogd+0xe2/0x140 [ 1865.873179][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.873248][T12397] ? vprintk_emit+0x1c9/0x6b0 [ 1865.873308][T12397] ? __pfx_vprintk_emit+0x10/0x10 [ 1865.873372][T12397] ? hfs_bnode_create.cold+0x41/0x49 [ 1865.873419][T12397] report_bug+0xb2/0x220 [ 1865.873472][T12397] ? hfs_bnode_create.cold+0x41/0x49 [ 1865.873521][T12397] handle_bug+0x16a/0x2a0 [ 1865.873558][T12397] exc_invalid_op+0x17/0x50 [ 1865.873596][T12397] asm_exc_invalid_op+0x1a/0x20 [ 1865.873634][T12397] RIP: 0010:hfs_bnode_create.cold+0x41/0x49 [ 1865.873683][T12397] Code: f5 84 63 0a e9 a7 3d d1 01 e8 7b 12 e1 00 4c 89 f7 e8 e3 84 63 0a e8 6e 12 e1 00 89 ee 48 c7 c7 80 e7 d1 8b e8 40 e1 fa ff 90 <0f> 0b 90 e9 a9 40 d1 01 e8 52 12 e1 00 e8 0d 4b 4d 00 e9 05 43 d1 [ 1865.873722][T12397] RSP: 0018:ffffc900056a7020 EFLAGS: 00010282 [ 1865.873753][T12397] RAX: 000000000000001f RBX: ffff8880377f8e00 RCX: 0000000000000000 [ 1865.873780][T12397] RDX: 000000000000001f RSI: ffffffff81e71a69 RDI: fffff52000ad4df5 [ 1865.873807][T12397] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 1865.873833][T12397] R10: 0000000080000000 R11: 0000000000000003 R12: dffffc0000000000 [ 1865.873860][T12397] R13: ffff888079b48000 R14: ffff888079b480d8 R15: 0000000000000000 [ 1865.873895][T12397] ? vprintk_emit+0x1c9/0x6b0 [ 1865.873962][T12397] ? _raw_spin_unlock+0x28/0x50 [ 1865.874011][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.874060][T12397] ? hfs_bnode_put+0x208/0x480 [ 1865.874116][T12397] hfs_bmap_alloc+0x5a7/0x6b0 [ 1865.874177][T12397] ? __pfx_hfs_bmap_alloc+0x10/0x10 [ 1865.874232][T12397] ? __asan_memcpy+0x3c/0x60 [ 1865.874278][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.874326][T12397] ? hfs_bnode_read.part.0+0x298/0x330 [ 1865.874377][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.874426][T12397] ? folio_mark_accessed+0xf3/0x1040 [ 1865.874486][T12397] hfs_btree_inc_height.isra.0+0xff/0x820 [ 1865.874542][T12397] ? rcu_is_watching+0x12/0xc0 [ 1865.874597][T12397] ? __pfx_hfs_btree_inc_height.isra.0+0x10/0x10 [ 1865.874658][T12397] ? do_raw_spin_unlock+0x145/0x1e0 [ 1865.874713][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.874761][T12397] ? _raw_spin_unlock+0x28/0x50 [ 1865.874810][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.874859][T12397] ? hfs_bnode_put+0x208/0x480 [ 1865.874919][T12397] hfs_brec_insert+0x8ba/0xc20 [ 1865.874983][T12397] ? __pfx_hfs_brec_insert+0x10/0x10 [ 1865.875039][T12397] ? hfs_bmap_reserve+0x2c5/0x3a0 [ 1865.875101][T12397] __hfs_ext_write_extent+0x3ef/0x510 [ 1865.875161][T12397] ? hfs_find_init+0x273/0x330 [ 1865.875206][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.875258][T12397] hfs_ext_write_extent+0x1b7/0x200 [ 1865.875321][T12397] ? __pfx_hfs_ext_write_extent+0x10/0x10 [ 1865.875388][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.875437][T12397] ? __mpage_writepages+0x1a8/0x210 [ 1865.875476][T12397] ? __pfx___mpage_writepages+0x10/0x10 [ 1865.875518][T12397] hfs_write_inode+0xce/0xab0 [ 1865.875556][T12397] ? __pfx_hfs_write_inode+0x10/0x10 [ 1865.875594][T12397] ? __lock_acquire+0x4a5/0x2630 [ 1865.875653][T12397] ? __writeback_single_inode+0x454/0x1350 [ 1865.875715][T12397] ? __writeback_single_inode+0x454/0x1350 [ 1865.875778][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.875834][T12397] __writeback_single_inode+0xcd4/0x1350 [ 1865.875902][T12397] ? __pfx___writeback_single_inode+0x10/0x10 [ 1865.875970][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.876018][T12397] ? do_raw_spin_unlock+0x145/0x1e0 [ 1865.876072][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.876124][T12397] writeback_sb_inodes+0x766/0x1c60 [ 1865.876199][T12397] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 1865.876260][T12397] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1865.876315][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.876397][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.876445][T12397] ? rcu_is_watching+0x12/0xc0 [ 1865.876499][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.876548][T12397] ? queue_io+0x287/0x540 [ 1865.876601][T12397] wb_writeback+0x1bf/0xb90 [ 1865.876668][T12397] ? __pfx_wb_writeback+0x10/0x10 [ 1865.876736][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.876784][T12397] ? mark_held_locks+0x40/0x70 [ 1865.876827][T12397] ? _raw_spin_unlock_irq+0x23/0x50 [ 1865.876884][T12397] wb_workfn+0x14f/0xc00 [ 1865.876952][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.877001][T12397] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1865.877056][T12397] ? __pfx_wb_workfn+0x10/0x10 [ 1865.877119][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.877171][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.877221][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.877269][T12397] ? rcu_is_watching+0x12/0xc0 [ 1865.877323][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.877376][T12397] process_one_work+0xa0e/0x1980 [ 1865.877433][T12397] ? __pfx_process_one_work+0x10/0x10 [ 1865.877478][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.877535][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.877588][T12397] worker_thread+0x5ef/0xe50 [ 1865.877643][T12397] ? kthread+0x13a/0x450 [ 1865.877682][T12397] ? __pfx_worker_thread+0x10/0x10 [ 1865.877726][T12397] kthread+0x370/0x450 [ 1865.877765][T12397] ? __pfx_kthread+0x10/0x10 [ 1865.877808][T12397] ret_from_fork+0x72b/0xd50 [ 1865.877853][T12397] ? __pfx_ret_from_fork+0x10/0x10 [ 1865.877897][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.877951][T12397] ? rcu_is_watching+0x12/0xc0 [ 1865.878006][T12397] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1865.878054][T12397] ? __switch_to+0x800/0x1100 [ 1865.878108][T12397] ? __switch_to_asm+0x39/0x70 [ 1865.878159][T12397] ? __pfx_kthread+0x10/0x10 [ 1865.878202][T12397] ret_from_fork_asm+0x1a/0x30 [ 1865.878267][T12397] [ 1865.878516][T12397] Kernel Offset: disabled