last executing test programs: 2m36.104415132s ago: executing program 0 (id=149): r0 = socket$l2tp6(0xa, 0x2, 0x73) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a8, 0x190, 0x111, 0x4b4, 0x190, 0x700, 0x2d8, 0x278, 0x278, 0x2d8, 0x278, 0x3, 0x0, {[{{@ipv6={@mcast2, @empty, [], [0x0, 0x0, 0xffffff00], 'vlan0\x00', 'team_slave_0\x00', {}, {0xff}, 0x88}, 0x0, 0x128, 0x190, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe]}}, @common=@ah={{0x30}, {[0x4d5, 0x4d4], 0x101, 0x6, 0x6}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1, [], [], 'geneve1\x00', 'erspan0\x00'}, 0x0, 0xe0, 0x148, 0x0, {}, [@common=@unspec=@statistic={{0x38}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x5, 0x0, 0x0, 'syz0\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x408) 2m35.840578351s ago: executing program 0 (id=154): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x882) write$sndseq(r0, &(0x7f0000000240)=[{0xff, 0x9, 0x0, 0xfd, @time={0x6, 0x99}, {0x10}, {0x80}, @queue={0x0, {0x8df5, 0x20000b}}}], 0x1c) 2m35.484092828s ago: executing program 0 (id=160): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000000)) 2m35.174860213s ago: executing program 0 (id=162): r0 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000500)=""/135, &(0x7f0000000140)=0x87) 2m34.645369725s ago: executing program 0 (id=169): syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="005901e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRESDEC, @ANYRESHEX, @ANYRESOCT, @ANYRES16, @ANYRES8, @ANYBLOB="eae535d4c5cd41b584d3bdb8d3fb3e37666220165c8aec9c235bc9af137d4058a50551a5b228bbbcf6cd1275ef3732adfeaebdf711988cbe9d1da671f8bbaac371392e227f548006163fc9aaf3d55e97410ccacb7df3444c03ac4170da3fbc69ae1c8a590318a7a33a774debbcc54bb6d6025bc65458b94791d5a8bcd898b75cce569e2c6fd55928c5084aab22c8196fb436916cff76302fd8c4b69ca674271f5db630ffad103ad9286287759d0d5470d0b54f701a713e8803665b87799065f31bb0cff21d9c109c1fbfffb640facdacd569f158f694c34ffb4c405b186aa90e8be7b47c56e6e439ae953605d89c131c711ff56f0adb96e5ee0d269b4cfc9d089794f60bdd06e845b5ffdccfefee032ecfd92f6cba5920130f685e807f88de4a2e595ea37f39a92dcbaeb2de15dab62a5a199d4666578eb1707e88ebb0b98140fdb62d60005fd6721f18a2054b2ba2ed308813164f8dbc7e1d26a11a707adc6978a25cca2fca5d62e51794447f656b92f8372ebf98934a0bc057b901080da81ef02ccfa18a29c9b82c90fd38eb554b83428948f3608cd8fd5845bed25a0d96b146f09bd4cce20efc1ecc7bf64bd88e7a460b372a298cb776eb1d78cc334da71dc6056b2d1119cdad3af9092a42c184e9d487076399f0be65a442fdc06901089e6b5178ecb57aa4b98ff1f538696e8510551dbb5cbd36b125efa2a3e719f22b96eeec80a178dae9c894a7dd170419c33817baedfc132cde868a1c55192b9c8a332772fc40fed9f6fee1aea0e2001752caeb58afb55ea7c421cd0eb5e6ea301f8e2f6b68484849f5d3e7bd1b4aa865d2cd049dfc773bb4281f5f8dd2a3f1563c8cd3655dd9e391424151dadf7415afb242cb99b9b9541b6780beafc6a8c2c0bd109749dde1e8535040d8d2cda8393abaa6cdae24e13917e867d6d301f6f39619bcbd70acc747e093ef3c22f0b1a8b8a4d8bd11bc19c7102e11a8603d563507423c96d1653a42d02ff1ee390934927f037d2022cbbf86cb605e82e2b6e2c2fa1d523f72b47738f318836defed1f898271bdd4fcbe7863e5aa7c7e468d9bad908de3c6851c696df710da87771840f46e63fc4c3d5d9b13b663ed2fef2e56a8690cdee9e6ac0a9824c9fe458ad29614f9485f9c18caf2d5c229f24a220ab84daa26ddb2a0d4059b43e073b703148d82fe4d91ae24db7224df2ee4e10d596846466d6a62faa9da7d24f9dd1e3b5cc291f4840b6603d1173204a452a9b05a5efcf4f9e09c2a3c38f2fd49322e718ddc8278ea182a359043387705c0be61be7e62ba7bb85dfa0f24400f89087f78d84d2296844944d186fb55045eb016dd3d602c85211d7b19dbebe3247313283da5bcbba09a3a74c590fdce8cdbef49a73b11413a9df4aaefc356e94f838cef801ba2380d7e5fdc8865140311f071c82bc1482c2033b8ad70d08a5a71e1c949f93cd8743b0bd4eefdaf45f5246efcf800444c8e9b8c2a01b76b6eb4e0639ee7381971172c53e165f14946fb56896e40424a3b981d97b4b01504806d797bb9e3405a7326d2ba7bfa6efc923c4c68d0165aea2d80ae953c7e2ec6534d0da7c28bbe255d81097e84254ff7bd065caa84fa7455885e1b28ab7d6243d0f02903860049935a764ebfe5384bdf9ae0b71f1641e457780da2071a84937dd88d2e4aec7ddaab66e335887f555a724ad9692ee996521ccaa35e2358aea1ab6a8c9845af8af552520fdec7ecb635d230074aa532c3efe6677c79b1328451a779501eccb4c11750744cfce16ba2ced0fc6dd2b75a5ff1770f3851c93bcf8850adf496012d94b8dd6a00d1f9f0c96989979b89838a29875072e0b678a2a55338f21625165c350134d7cb9119ac4dcc77f13a153fe6819d1bdc6b357e93531a68813913daf65d2e62d4bd09da6bb16e8d686518f6faff70dc0804b4b6810117d8698a4d27f0482f9adf9be3aae179dbcad90ab1fbd6b1ba15cdc78ee7686bd15a8fe1cf5af00fcc0a6981a77ac5c3485518921a1b4ea90b02e0059c2c71850d517bddc12bd61a5571da765a34b53e5f06a2b8bb122bf9d642f1ad50a0eb7afe34ef6fd2474d25f314adbf276a895b80b8de6e31eaee5fe4544f4709bf6416f26ec52d517dd3a350cb68df6791dc671495e0f056de8b158095b32ec8b43f65b1f3110cf7da37d2383e99a5bd9a0e0d5684a5b15246170bd11909ef22ee740aa5556dbc0f9dacc8ce440c137bf0ec673651067ef1146004701376116986c49b10226141bea12f679c3f53eaea945b1bb92e6c922a85a2221f768ff4f1c188dc82f9e8d947e140f43c4950430f88a47fb15dcd8ef8491ff08d7b287b280eab99e44a7fba6d4fe20fcb2c2cfa1a6f4d59b51755e66a3d9a325a08a286185c2bdac8c8c2910ed3ff8e047f28b2bf1827e0829f8ec8459241300583f1880c96b2e405b253af5f7e9ee91e34c3fa2cd5c53a71bc3b4b1a5741c17a7b73c8e7d3e8ec9e51a90772b8eb38f23fcb9e07eff8b0f68d4f7d4d68bfb8fbc8d90be681166fe5ed220e3a425c65c0e678e8b7470a99d7fccc7a3be07189ee02e1f8c81549b0b8c0113ef602d10d5d2429e8b60fa5aaddd55cb86141609bae35c185c5ad743d0fb0a1244ba6d67755e46073f3d428926c0d9033f8180120deab78a4b42664e36b6723039457195bff897760ede28bf2661a95715dd20bc744ae2a06bcb12ef8b7a373f3a5557f20256446ba95d45b7810d68494f954d1802aa8986279adc368c2365168c0619bc8952ec6ac60840d9968302edb8809d36f6b0c83dc6941193fb8eb2adcef36db70cbe51fd533ee108eaedebc05ab363058feecfb51e294419695019d0ba50a660ecbe3fd1b43ac973141b7e4c423c062f63ad24468ca79740502716b10a823821429d53f34409cc0757587a5de21663c33a8b194c988a3c209cec76b9fc18805649d9cc109635271c968972f4328e561b562ad6c32a71b269718a303ae3635e5b06717152817a11589d3efa0f803d7bb560c08132827333ada867d1a870e2feb3a5e7851363fc333bb681018764aab63eb740978994f62ec3147d4d6a40e099ada0c50c1a5f6a8196549be226508055aef349c76af40596f6c9b7217423628bb6dc07d9382f6d4c87c962ec97bee6384ba3e2522b76ee8619093500a75bcc8fd0fb9bb5093650ec0ca9c867a22260e2668ecf46047e3df87f5d82d992a558e45fb852be616c030edf6aeeae70848403dc1166e6a16776e8660f90449f297224f667563850480f259f6a59039b1a3ea5488971b5e4bcbf380c527c937055dbf4f5a676bacc09f4dde33c50a1286f6024980df1064a9dc4b3f101b129fa1fc141e54f52d4b7322a0cb1c2567205016f5ede0794122fcaa2d11fa77f5fddb3a5f3c7b3d85f0cb6f32cd11d752f755687fb8d93d40711a4c8873ec7c794f0f781bb9c10f9df22fa8f40cca06a48c37e66ea4480fcdd686526be62915ebe36e0bdf7dafd3940f698469ecdc792ca6105a37499a19382247a85bb734e4ba325dd307be8444b5860f99f9dbc7aa28c26747c89041bde3c10c459406786e10792078a52f4bcc32aff61b3f5798cb5dc2927f260f70a41d8e5fc38498b02d0053a86ae408d2efdc1aca9a8508ef9128dfd1fc6a92ba72f940ee469a3111e2cf6c28e77e5a206db6f09139db812fa4e4cfe33c8d184e4763bd8e54e0e473346215b8905d101463dd2ca855747c81c7ffd6c2625e0b59273a9516ec96a5cd8d9078c974980a16b6b87563986ba287821cd41f417792e42dd24e796e313b9cd943f1b9dd6ee35676ff4ad46dbd52db83abbc78f5dad11b6e7bd09a4ace8c246d0a52c36dcb1f0c6025f6ed2868f4b918b6e4e645c63689b7e7bc369dbe44725993b3b43f4572a7136b6e610adc161f45fc307c0937f2338ebc4fd571852b229b80ccd071e1a29c927f88b8b45efa503691758125d29463e742e2ef508babf30ae39ff8bb3a94cfee379f84348c002fdef77b410bee9f47f8119388b3fc159b409b9d9c9af97a4b75c38ca5fc0665cd975df293370de64714cefdd470c1d05a5d3e0f257182889d7a2d797ebf42d6935d1c6b5ef8cd1e2783cef3a316dbd4768510f26ee5b1c481bcac3e1608458d4b5ec6411cb3c921a131140440561931ca51b92231de91d1f950d992eec74c6500a6ecc9e8bc26eec367dba82720accd6dee234db88c132ec649baeef23a16ebb18c8e5b68b95aac984d8322a01b39636baf16911e458242730ea8b22c686bd01bc451e91c34f81fafe88485bbe97ec99299940ca897c3f802d080ecf8ca7e5032c728b8b33f162ab26a6805db239b88103c19ff8160a28268f8f7ac66593c67251fb0f3fa3004d5ad08107f48e0ecc1e4e910554f49ca72e3fd7e212d828fc3c0c40203e4642a3a372f36cfd13a037fd4dd107d6b386659b379c4c41813c8599cb71fd08e4b80f22dbb088d3d0257f30493b1c4d54201a00e049d998d291ecb659e65e2eed9776b367afc9b84b03957701bcbef289b0eea8e5722a63e1bd748d5af209c5ebff7df185d0d68e7ceabbf9a63bba55946cd3b52a09383fd9b9d2d956dc4e5af16986c5600dfd0db89e0e478420557d001c3716350c3e6ba0bbec1e5888435d296d8666f455d22205ea407a95eb60bc68a184e95ae3259f3783c594d3e550c018369df677ea11a37c757a3bd3c19eb257f5e228ad760562e431754a0c620004548962c3a4fb42d49259dafc1b9d365323fa2ace81876728a24f70b06e1198d5f863bfd00a04d5393b3adb15f4191d374c607c7ccb6b7ef84303454b6655392a23dccca41f55cb314a3bfbb637f57178cc9df4fe0645a8dc1ca0386d1fb0ff2cfc3e149991f97264d893fba0b013c027ce753c3e1f907a2988b1507eecd0e5e26368155ff5c55f616ffec31a613be450ee048955a46d68c272aa53f1db6ce199e2765f4be20933799d96f13b3a65f33cb60da1929023ff5d820172c423f83210a992264a37854033cd43c88129fabb5146367d2b748d84be96dc3a4ad95279ec7ed78dcb57056597a9f46a948708b0e9915b22f28216d94554db2082f4b9782a5802bf6700ef9017168a68304b6573f46c78a0a3be302e096b4f5b87313a2ef9a2b5f51956d9e315b08ee89a59aeec225227f3ece808c451e1103df7887f944138af1b93235bc93121fb84591d065d5f245c035c238a1c30d510be5db14725148919e8d57f1e3a36ead8be870e2505e3c9935c4461741c4a8dc4dff7e0e042167a7228bf218c9d8dd9c0be9e5ff4a79968d8f34cfc3206e0ade5889e9c5e44c918ed3755063d4148e7f1da9d2ce7aa45b9fc873f85cb92160b8a4d5b219884d0c43cc1194259ec4a6127887470d2fabbc1983b1bcc51e931f131d1238333c09740b43802fc5b1c01a942c5d08693b81e59429cb7d49f454f517cddc160d563a243182083008f2481e35312b4b35a2688468f18f4733f4b40d2f298c0b88ec2ad51e2efa509905233e3bbb9e172a1e697ab379f500c8c791aa97623bc8faa7f0468e02e6bc6f9bc40c75b4c01b92731fc371ad7c90928bead62a74580bb2d0aa1d8972fa857766ebe8aa00cd9eae79a591ea3e87a5ce636dc865b992c98a6fafe478973665936ad477558dac400fe179e86e6fef41aa074d0812f0c14f3992edb76358d02a2b763512ca9abc0940dd711670deb4d9abf196de9106efa5e1c14a673de86193908206ab9f72afd6ef1b05355f06ad0b9bc83750bb196654566b56e13e6e820d12bc34920b45c3"], 0x1, 0x200, &(0x7f0000006140)="$eJzsUr9rFEEU/mZ37tzThBxyIIogSvBHkdxmo/FHoWBjUEEQhRgQPO4u8XDjj+yB3nHgWqWwERQhQSwESQoL8R9wQW3ERiHYhUhaU6SwkYSVN/tmb88/INV8xX4z8958731v53bwINgBYGujUwWKIEiU8P2XgARwQKgj1OyEHebLzHmOX7ASjpj/Mm+dbE9MAqJxaGXMivbUDooi+kp/vq6iioGbOP360rsfV3Mvlnevv/1I+Revtz5AHKkNvHn1/tn5+X4lL25MZnXsaP+CQ0IAnm9OrKzKvXZJazXCZSqdg8bLKQh3wQEw/Hlo/qzb/9RizaDVvlPx/fpscO6JhXVV6udGp0qLWwBiAvsbB5DNIftLnENn+yRwDYCNOM2R6KLcnLlfDlrtocZMZbo+Xb/reaNj7nHXPeGVpxp+3aUvwNXUdZ4giI8BoN9UoBaEiu+i2Cbn7EQvSIf6CtO496XA7RfQqeb1r/udXikgU0/b0iwQsS1H9QFllSwfBo32YSgyp4NKRUIZG4eAzZsRmekvqeWowPCne35tDuSNry1Cphoja8ilGy+7GT2lHWKOeRB2zygWmdeY9YvWL1UqBYsvHQ2BPB5Vms04jh9jqQ9XviUROpv18ukqnZcaGFku2r3mzvy37y4MDAwMDAwMDAwMDAy2H/8CAAD//xZelnI=") open(&(0x7f0000000140)='./file2\x00', 0x0, 0x0) 2m33.587892361s ago: executing program 0 (id=183): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB="0202000910000000000100000000000005000600000000000a00000000000000fe800000000000000000018000000000000000000000000002000100000000000000fb000000000005000500000000000a00000000000000fe8000000000000000000000000000bb00000000000000000100080000000000010014"], 0x80}, 0x1, 0x7}, 0x0) 2m18.391247711s ago: executing program 32 (id=183): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB="0202000910000000000100000000000005000600000000000a00000000000000fe800000000000000000018000000000000000000000000002000100000000000000fb000000000005000500000000000a00000000000000fe8000000000000000000000000000bb00000000000000000100080000000000010014"], 0x80}, 0x1, 0x7}, 0x0) 3.283552491s ago: executing program 1 (id=2186): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000040)="2e00000011008188040f46ecdb4cb9cca7480ef42b000081e3bd6efb010511000b0003000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x400c040) 2.908138397s ago: executing program 1 (id=2192): mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x769f00b363895638, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 2.745706343s ago: executing program 1 (id=2195): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001080)={0x14, 0x2d, 0x301, 0x270bd26, 0x25dfdbfa, {0x6}}, 0x14}}, 0x0) 2.539132908s ago: executing program 1 (id=2200): syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="52010000fd9e1a40f30c74933bbc0000000109021b0001040000000904000065d4695e000905", @ANYBLOB="e1", @ANYRESOCT], 0x0) socket$can_raw(0x1d, 0x3, 0x1) 1.892154491s ago: executing program 5 (id=2210): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, 0x0, 0x0) 1.729866642s ago: executing program 6 (id=2212): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000040)={0x2, 0x283, {0xffffffffffffffff}, {0xffffffffffffffff}, 0xb, 0x80}) 1.705177889s ago: executing program 2 (id=2213): fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000000)='::,\n-&\xf5\xcc\xd7\x06f\xcdY\xb9\xc7\x9d\xb2a\r\xd7\xef\xc5\x112i\x88\n\x13.\xd6\xfa\xd5?\xc7\xfd&\x8d*\xbb\xa7&,\xe9\xa3\'\x91>C\x1b\x15\x87\xeb\xfe\x1c\x9d\\C\xfeI\'\xae\x8fKHq\x89\x83\xbb\x9dC\xd6Hy\x04\xa4\xb6\x88\xdb\xa1b\xae\xa7\x87\xcc\xc7\xa4\xdc\n:///\x00\x00\x00\x85^\x00\x0f\bu\x01\xab\x8c\x95?\x90\x8d_r\xe7\r\'-06,\xff\x84x\'+\xd5\xd4?[e\x19\xa3\\J\xe9\x8a\xb9\xe4r\x93\xb3\xd3J \x06\x03\xae', 0xfeffffff00000000) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/mem_sleep', 0x141a82, 0x0) 1.7010982s ago: executing program 4 (id=2214): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000006a0083130000000000000000040000000000000008000e0000000000080005"], 0x28}}, 0x0) 1.589209244s ago: executing program 5 (id=2215): r0 = socket$can_j1939(0x1d, 0x2, 0x7) bind$inet6(r0, &(0x7f0000000040)={0x1d, 0x4e24, 0x2, @remote, 0x2}, 0x1c) 1.510552854s ago: executing program 3 (id=2216): r0 = io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x6967, 0x2, 0x3, 0x28b}) io_uring_register$IORING_REGISTER_FILES(r0, 0x1e, 0x0, 0x0) 1.488404931s ago: executing program 4 (id=2217): r0 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_ifreq(r0, 0x8991, &(0x7f0000000080)={'ip_vti0\x00', @ifru_addrs=@sco}) 1.481276216s ago: executing program 2 (id=2218): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 1.465535664s ago: executing program 6 (id=2219): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000480)=[@in6={0xa, 0x4e24, 0x18000, @dev={0xfe, 0x80, '\x00', 0xd}, 0x80000000}]}, &(0x7f0000000080)=0x10) 1.297302291s ago: executing program 4 (id=2220): r0 = socket$caif_stream(0x25, 0x1, 0x4) connect(r0, &(0x7f0000000000)=@ethernet={0x1, @local}, 0x80) 1.258378242s ago: executing program 5 (id=2221): r0 = syz_open_dev$vbi(&(0x7f0000002100), 0x1, 0x2) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000180)={0xfffffffc, 0x5, 0x1}) 1.139802359s ago: executing program 3 (id=2222): r0 = syz_open_dev$admmidi(&(0x7f0000000280), 0x2, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r0, 0xc0385720, &(0x7f00000001c0)={0x1}) 1.124301051s ago: executing program 4 (id=2223): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400400142603600e122f00160006000400a8000600200003400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x0) 1.12367247s ago: executing program 2 (id=2224): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448e0, &(0x7f00000003c0)) 1.10660299s ago: executing program 6 (id=2225): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000040)='./file1\x00', 0xa18c14, &(0x7f0000000140)={[{@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'macgaelic'}}, {@shortname_winnt}, {@fat=@debug}, {@shortname_lower}, {@fat=@check_strict}, {@uni_xlateno}, {@fat=@gid}, {@shortname_lower}, {@shortname_mixed}, {@rodir}, {@uni_xlateno}, {@numtail}]}, 0x81, 0x29b, &(0x7f0000000580)="$eJzs3c9qK1UYAPBv0iRNVEgWrkRwQBeuwr33CW6QChezUrLQjV5sC5KEQgMB/2Dsyr3gynfwHXwAN76BC5eCO7sQR5KZSdI0bY3EVOrvt5kvc74v509OWyjMyUevjgbHZ+PTiy9+jkYjicrTeBqXSbSjEqWvAgB4SC6zLH7LcnflVqMeEVmreFXZw/AAgH/BNn//AYCH4b33P3in2+sdvZumjYjR15N+Evk1b++exicxjJN4FK34IyJbyOOXnvWOopqm5T8DJs3oR4w+/LF43f01Yl7/OFrRXq+vF1npXLwxmk76s55n11q8kER0syRPeRKteDkiq0XxJvnl7We9oyfp9fro1+PN178rxv/nSXSiFT99HGcxjOP5Wyzrv3ycpm9l3/7+eT6DfkQynfQP53lL2cFePhAAAAAAAAAAAAAAAAAAAAAAAP4XOulCe/X8nPI0wE5nc/uN5wMVJ/xMV87XeZSmaXmMz6Rfi7y+Gq9Uo3p/MwcAAAAAAAAAAAAAAAAAAID/jvGnnw2eD4cn51eCH7JZ0Lw1Zz2ortwpH+u/u2pzMPg+YvuqvxPEQTG0YXKti6Rs2kFfh9skNzd1GpWb1rA6jHzw32w/sNd2NcFbg3J3DZ4ncUdyY/MmWdl15TY8HydbbMhsw9Id3FhV39Hc6y/+0/LmxoWazbi2WMyrVY3ZJ7lyp7bjn5Q1yc5/9wAAAAAAAAAAAAAAAAAAAFctH/qNX641XtzLkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg75bf/78Ior1+Zz2YFsXzO5Xbkw/Pxxu6be95mgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxwfwUAAP//5OlVhQ==") openat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x105042, 0x130) 855.562172ms ago: executing program 3 (id=2226): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x95}}}, &(0x7f0000000200)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 811.109654ms ago: executing program 2 (id=2227): ioperm(0x284, 0x7f, 0xe3) clock_getres(0xfffffffffffffff5, 0x0) 711.877922ms ago: executing program 5 (id=2228): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000013c0)={0x2, 0x80020000, 0x2, {0x5, @vbi={0x5, 0x7fffffff, 0x6, 0x3447504d, [0x9316, 0x5], [0xfffffffe, 0xe4c], 0x108}}, 0xfffffffe}) 657.345616ms ago: executing program 4 (id=2229): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3d, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffdbd}]}) getrlimit(0x0, &(0x7f0000000480)) 646.651121ms ago: executing program 6 (id=2230): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCGPTPEER(r0, 0x5441, 0x4) 550.862639ms ago: executing program 5 (id=2231): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x41}, @call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 530.95379ms ago: executing program 1 (id=2232): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000c80)={{0x80, 0x80}, 'port1\x00', 0xc8, 0x10, 0x0, 0x6, 0x0, 0x4000, 0x0, 0xbf, 0x4}) 527.755616ms ago: executing program 3 (id=2233): ioperm(0x3, 0x4, 0x1000008) msgctl$MSG_STAT(0x0, 0xb, 0x0) 527.243909ms ago: executing program 2 (id=2234): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x101, 0x0) ioctl$VIDIOC_S_STD(r0, 0xc0405627, &(0x7f0000000480)=0x1) 350.803108ms ago: executing program 4 (id=2235): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000009e602206d0414c340000000000109022400010400a000090480000103010100093700086ce82201000905815f"], 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="00020c0000000c0002cd"], 0x0, 0x0, 0x0}, 0x0) 309.856097ms ago: executing program 6 (id=2236): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_DYNSET_SET_ID={0x8}, @NFTA_DYNSET_OP={0x8}, @NFTA_DYNSET_SREG_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xd8}}, 0x0) 289.379257ms ago: executing program 2 (id=2237): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x48, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x7}, @IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xd}}]}}}]}, 0x48}}, 0x0) 242.438471ms ago: executing program 3 (id=2238): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits', 0x0, 0x0) fremovexattr(r0, &(0x7f0000000580)=@known='trusted.overlay.impure\x00') 191.160761ms ago: executing program 1 (id=2239): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x18, 0x24, 0x301, 0x0, 0x80, {0x11}, [@nested={0x4, 0x12f}]}, 0x18}, 0x1, 0x0, 0x0, 0x4}, 0x0) 105.414003ms ago: executing program 5 (id=2240): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001ac0)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002f40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001e80)=[{0x10, 0x10a, 0x1}, {0x408, 0x1, 0x1, "51e1f4b36a65d720251aaa0f26b4e225cefa9b8e7f015291b063bda387500c131da732ccaccc467441de8189fcaa4a89782a0048b6525bb4f697dd48d9b40526afc92056815c99ab81f536c62afdc7fe6906b5f4e0c242090863853d38ea5541e7385192e1dc2cd348821d6fa3bb6d6ff90a3f0fd783121cc3179fbd408cc568052f73214b9c7cd46a4ff12a584b9db36a25b4ce28eb82f1b1d9bb65f66f80b668bb72d2f3be7295763d58e18496f8144eadbe7a0008d5742eeb0774618a8b4934933025517014e345c0ee3b7cdbaf2dac06587f7dd7d26e72893ae03aa56d9fa5cddf889cdb0b9914fbad44326c3b19cc738ab115531984f195d0f16076395887e210cf8727045bc646c6a06292fb56a7f2814446941160916f0f28d330a243950aa5ac36c8e4bce9c4ecd4ba23346ccb6a78de8d70c5a99d9e1818c4dff465a65884773ae7d30cfe074b63a9c5c4672e9ed203c24711cbd62368ecd1a75f9d61612d1a3ca527c87e572ac3bfbb502466eed5e66a777065a60ef8647354308d80a1b43c82c7c4ec5a5979beb00f8f116949b3c5663164860d8c455b85e13e10f2026c0832eaa990a8dd6a2804fa48efe741e41a730763c5baddaab4b65f6102f901dad67e8cc8283618662081694b570b102f12e8e53ca1cbee62cd51969438e1c00325cfdaad7981b238a988851f2fa225d18b577a122b549864ff300bcaf29123fc76bcb90c5a68a95526a864edd94a7de47e89655842025232bd3193ca01a1c282730eee0cafe7761b9ff41c1a0708e9c044f331221b1f7abd89519295e9a38517d6cbabb891d8c431a5c2db9b341511626452384f34565f38d7a2cecb164823513d699a6837e681338ea1b4cc2e97fdf0ac1c8e37d72b3bfab113cccf6ecc98ba82b2b1ecb1432798f50ebedda9b880ea6a8fdd7cbb8337a15373b6353eda89a0352200dde67b435370594ce0a816a8f74dcb75f4b2f42d1aa2125a3b2f2838d3c6f6a0dbab47d84c4d6f23cf5b0c3911b15991a88c3fd5d6a6ac46d250867f317baf64b9a7f0bc18ba19ef4aff5e968e2c1051cb5e523d172f18083c87eb15f8c449c90f8869ad7ae896282018a04f9dfd7e922e3b466f1eb6b034ae226d7ba336ee9d489e02f08dae98e0c17707fa42004ae05d7e392257564461bcc0d5e8715c1ffeca3717ccbef0f68cab615c2d362d29e52fa926a9b5911bfc34231726e0e98b5794167b1c009b6a9e257209ca6898d17bfbfaa6f6a906bf43f861383da92675004b209c1810b5d448389bd9447648f2775a89505c405cd4032383023df7255262ea7bc3cf9a4b18371e64dcac8d637d33ccb409e4302517b8ea410a43c233f2f23d720a1ef0da5e637ea21dfd1e3e3e670581ba3f3cc0a19fb14ffdc07593791d7d03e5b99487b63b573b9a"}], 0x418}, 0x8840) 12.76556ms ago: executing program 3 (id=2241): r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x6) getsockopt$ax25_int(r0, 0x101, 0x0, &(0x7f0000000e00), &(0x7f0000002180)=0x4) 0s ago: executing program 6 (id=2242): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9}, [@printk={@i, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}, @call={0x85, 0x0, 0x0, 0xf}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001b40)={r0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) kernel console output (not intermixed with test programs): comm="syz.6.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95f638e969 code=0x7ffc0000 [ 145.529858][ T7209] loop6: detected capacity change from 0 to 8 [ 145.601776][ T7209] SQUASHFS error: lzo decompression failed, data probably corrupt [ 145.611868][ T7212] 9pnet_fd: Insufficient options for proto=fd [ 145.630594][ T30] audit: type=1326 audit(1748217328.748:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7200 comm="syz.6.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95f638e969 code=0x7ffc0000 [ 145.656492][ T7209] SQUASHFS error: Failed to read block 0x1c0: -5 [ 145.675538][ T7209] SQUASHFS error: Unable to read metadata cache entry [1be] [ 145.741218][ T7218] loop1: detected capacity change from 0 to 764 [ 145.797989][ T7218] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 145.854288][ T7221] trusted_key: encrypted_key: master key parameter is missing [ 146.559150][ T7252] netlink: 'syz.6.599': attribute type 1 has an invalid length. [ 146.641202][ T7252] netlink: 224 bytes leftover after parsing attributes in process `syz.6.599'. [ 146.838551][ T7261] netlink: 8 bytes leftover after parsing attributes in process `syz.2.602'. [ 147.366296][ T7281] veth1_to_team: entered promiscuous mode [ 147.462666][ T7281] A link change request failed with some changes committed already. Interface veth1_to_team may have been left with an inconsistent configuration, please check. [ 147.811762][ T7293] loop5: detected capacity change from 0 to 8 [ 147.882492][ T7293] SQUASHFS error: Failed to read block 0x4de: -5 [ 147.927638][ T7293] SQUASHFS error: Failed to read block 0x4de: -5 [ 147.990604][ T30] audit: type=1800 audit(1748217331.538:23): pid=7293 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.619" name="file1" dev="loop5" ino=5 res=0 errno=0 [ 148.518760][ T7314] loop1: detected capacity change from 0 to 16 [ 148.575025][ T7314] erofs (device loop1): mounted with root inode @ nid 36. [ 148.664515][ T7319] netlink: 830 bytes leftover after parsing attributes in process `syz.5.632'. [ 148.670043][ T7264] loop6: detected capacity change from 0 to 32768 [ 149.204516][ T7264] bcachefs (baafa011-d992-4344-aaf9-4ff0e0bec0ff): Using encoding defined by superblock: utf8-12.1.0 [ 149.439986][ T7264] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=/dev/loop6,noinodes_use_key_cache,fsck,norecovery,nojournal_transaction_names [ 149.439986][ T7264] allowing incompatible features above 0.0: (unknown version) [ 149.563848][ T7264] bcachefs (loop6): recovering from clean shutdown, journal seq 13 [ 149.613202][ T7264] bcachefs (loop6): Version upgrade required: [ 149.613202][ T7264] Version upgrade from 0.32: (unknown version) to 1.7: mi_btree_bitmap incomplete [ 149.613202][ T7264] Doing incompatible version upgrade from 0.32: (unknown version) to 1.25: extent_flags [ 149.613202][ T7264] running recovery passes: check_allocations,check_extents_to_backpointers,check_snapshots,check_subvols,check_inodes,check_dirents,set_fs_needs_rebalance [ 149.801408][ T5894] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 149.875476][ T7264] bcachefs (loop6): accounting_read... done [ 149.899982][ T7264] bcachefs (loop6): alloc_read... done [ 149.917366][ T7264] bcachefs (loop6): snapshots_read... done [ 149.924435][ T7361] netlink: 224 bytes leftover after parsing attributes in process `syz.5.648'. [ 149.934697][ T7264] bcachefs (loop6): done starting filesystem [ 150.013126][ T5894] usb 3-1: config 0 has an invalid interface number: 81 but max is 0 [ 150.040199][ T5894] usb 3-1: config 0 has no interface number 0 [ 150.057744][ T5894] usb 3-1: config 0 interface 81 altsetting 6 endpoint 0x1 has invalid maxpacket 512, setting to 64 [ 150.083905][ T6849] bcachefs (loop6): shutting down [ 150.112186][ T5894] usb 3-1: config 0 interface 81 has no altsetting 0 [ 150.138972][ T5894] usb 3-1: New USB device found, idVendor=07b0, idProduct=0006, bcdDevice=40.a8 [ 150.178871][ T5894] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.215716][ T5894] usb 3-1: Product: syz [ 150.220031][ T5894] usb 3-1: Manufacturer: syz [ 150.241640][ T5894] usb 3-1: SerialNumber: syz [ 150.268248][ T5894] usb 3-1: config 0 descriptor?? [ 150.285533][ T7350] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 150.344925][ T6849] bcachefs (loop6): shutdown complete [ 150.542532][ T5894] HFC-S_USB 3-1:0.81: probe with driver HFC-S_USB failed with error -5 [ 150.606651][ T5894] usb 3-1: USB disconnect, device number 5 [ 151.376250][ T7367] loop1: detected capacity change from 0 to 32768 [ 151.441652][ T7367] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 151.454399][ T7367] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 151.477919][ T7399] warning: `syz.3.667' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 151.623431][ T7367] XFS (loop1): Ending clean mount [ 151.706845][ T7416] netlink: 24 bytes leftover after parsing attributes in process `syz.3.673'. [ 151.715881][ T7416] netlink: 24 bytes leftover after parsing attributes in process `syz.3.673'. [ 151.759807][ T7367] XFS (loop1): Quotacheck needed: Please wait. [ 151.908971][ T7367] XFS (loop1): Quotacheck: Done. [ 152.061977][ T7418] loop5: detected capacity change from 0 to 4096 [ 152.112330][ T7418] EXT4-fs: Ignoring removed nomblk_io_submit option [ 152.167498][ T7418] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 152.179500][ T5826] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 152.206191][ T7418] EXT4-fs (loop5): Test dummy encryption mode enabled [ 152.311162][ T972] usb 4-1: new full-speed USB device number 4 using dummy_hcd [ 152.315909][ T7418] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 152.451699][ T7418] EXT4-fs: Ignoring removed nomblk_io_submit option [ 152.499698][ T7418] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 152.516372][ T972] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 4 [ 152.584179][ T972] usb 4-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 152.591362][ T7418] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 152.632285][ T972] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 152.646519][ T972] usb 4-1: Product: syz [ 152.650747][ T972] usb 4-1: Manufacturer: syz [ 152.686694][ T972] usb 4-1: SerialNumber: syz [ 152.721486][ T972] usb 4-1: config 0 descriptor?? [ 152.781893][ T972] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input7 [ 152.803253][ T5823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.894104][ T7428] loop4: detected capacity change from 0 to 32768 [ 152.928250][ T7428] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.678 (7428) [ 152.998133][ T7428] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 153.040778][ T969] usb 4-1: USB disconnect, device number 4 [ 153.048980][ T7428] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 153.116740][ T7428] BTRFS info (device loop4): disk space caching is enabled [ 153.147230][ T7428] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 153.423795][ T7434] loop2: detected capacity change from 0 to 32768 [ 153.430647][ T7428] BTRFS info (device loop4): rebuilding free space tree [ 153.453928][ T7434] BTRFS: device /dev/loop2 (7:2) using temp-fsid 5f1106bf-ea2d-443a-9d22-4453d94e8cb6 [ 153.496712][ T7434] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.681 (7434) [ 153.570153][ T7428] BTRFS info (device loop4): disabling free space tree [ 153.613685][ T7428] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 153.662704][ T7434] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 153.681099][ T7428] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 153.757822][ T7434] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 153.831958][ T7434] BTRFS info (device loop2): using free-space-tree [ 153.982343][ T7465] loop3: detected capacity change from 0 to 512 [ 154.115323][ T5989] IPVS: starting estimator thread 0... [ 154.181785][ T5825] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 154.271187][ T7483] IPVS: using max 23 ests per chain, 55200 per kthread [ 154.361348][ T7494] loop1: detected capacity change from 0 to 512 [ 154.362697][ T7465] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 154.411317][ T7465] ext4 filesystem being mounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 154.484557][ T7494] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 154.558125][ T7494] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 154.616772][ T7494] System zones: 0-1, 15-15, 18-18, 34-34 [ 154.623027][ T5822] BTRFS info (device loop2): last unmount of filesystem 5f1106bf-ea2d-443a-9d22-4453d94e8cb6 [ 154.672974][ T7494] EXT4-fs (loop1): orphan cleanup on readonly fs [ 154.680422][ T7494] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0 [ 154.760691][ T5821] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.770577][ T7494] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 154.809153][ T7494] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 154.872559][ T7494] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.693: bad orphan inode 16 [ 154.982321][ T7494] ext4_test_bit(bit=15, block=18) = 1 [ 154.992756][ T7494] is_bad_inode(inode)=0 [ 154.996927][ T7494] NEXT_ORPHAN(inode)=0 [ 155.029949][ T7494] max_ino=32 [ 155.058504][ T7494] i_nlink=2 [ 155.126555][ T7494] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 155.150927][ T7511] loop6: detected capacity change from 0 to 64 [ 155.605733][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.727161][ T7523] loop2: detected capacity change from 0 to 1024 [ 155.745327][ T7526] loop6: detected capacity change from 0 to 256 [ 155.759999][ T7524] netlink: 'syz.3.704': attribute type 6 has an invalid length. [ 155.876577][ T7524] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.704'. [ 156.024383][ T53] hfsplus: b-tree write err: -5, ino 4 [ 156.700953][ T7546] loop5: detected capacity change from 0 to 512 [ 156.735238][ T7546] EXT4-fs: Ignoring removed oldalloc option [ 156.822742][ T7546] EXT4-fs (loop5): 1 truncate cleaned up [ 156.909780][ T7546] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 157.019154][ T7546] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.715: invalid indirect mapped block 234881024 (level 0) [ 157.210677][ T7546] EXT4-fs (loop5): Remounting filesystem read-only [ 157.321122][ T7568] tc_dump_action: action bad kind [ 157.427558][ T5823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.504238][ T7574] netlink: 'syz.3.727': attribute type 1 has an invalid length. [ 157.595467][ T7577] netlink: 8 bytes leftover after parsing attributes in process `syz.2.730'. [ 157.777931][ T7532] loop1: detected capacity change from 0 to 32768 [ 157.834264][ T7532] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.705 (7532) [ 157.931587][ T7532] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 157.973613][ T7532] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 158.068680][ T7532] BTRFS info (device loop1): disk space caching is enabled [ 158.121218][ T7532] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 158.166018][ T7596] netlink: 12 bytes leftover after parsing attributes in process `syz.4.739'. [ 158.622889][ T5826] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 158.810199][ T7628] loop6: detected capacity change from 0 to 16 [ 158.863631][ T7628] erofs (device loop6): mounted with root inode @ nid 36. [ 158.917842][ T7632] loop2: detected capacity change from 0 to 512 [ 158.993324][ T7632] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 159.038773][ T7638] IPv6: sit1: Disabled Multicast RS [ 159.121217][ T7632] EXT4-fs (loop2): 1 truncate cleaned up [ 159.182826][ T7632] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 159.240695][ T7644] netlink: 'syz.3.753': attribute type 49 has an invalid length. [ 159.383220][ T7632] EXT4-fs error (device loop2): ext4_generic_delete_entry:2670: inode #2: block 13: comm syz.2.750: bad entry in directory: inode out of bounds - offset=44, inode=32780, rec_len=16, size=1024 fake=0 [ 159.496421][ T7652] netlink: 23 bytes leftover after parsing attributes in process `syz.1.757'. [ 159.528034][ T7632] EXT4-fs (loop2): Remounting filesystem read-only [ 159.621386][ T7652] caif0: entered allmulticast mode [ 159.753550][ T7657] netlink: 32 bytes leftover after parsing attributes in process `syz.5.760'. [ 159.797901][ T5822] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.859001][ T30] audit: type=1400 audit(1748217343.388:24): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A2F2F2603 pid=7658 comm="syz.6.762" [ 160.351651][ T7669] loop4: detected capacity change from 0 to 4096 [ 160.378729][ T7669] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 160.489466][ T7679] netlink: 48 bytes leftover after parsing attributes in process `syz.6.771'. [ 160.528778][ T7669] ntfs3(loop4): ino=19, mi_enum_attr [ 160.554046][ T7669] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 160.655294][ T7686] xt_CT: You must specify a L4 protocol and not use inversions on it [ 160.989192][ T7696] Illegal XDP return value 7696 on prog (id 35) dev N/A, expect packet loss! [ 161.080347][ T7694] loop5: detected capacity change from 0 to 2048 [ 161.098768][ T7698] netlink: 16 bytes leftover after parsing attributes in process `syz.4.781'. [ 161.129262][ T7694] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 161.191635][ T7702] loop2: detected capacity change from 0 to 512 [ 161.235278][ T7705] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 161.343884][ T7702] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 161.399227][ T972] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 161.411464][ T7702] ext4 filesystem being mounted at /148/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 161.491549][ T7702] Quota error (device loop2): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 161.537075][ T7702] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 161.571304][ T7702] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.783: Failed to acquire dquot type 0 [ 161.632198][ T972] usb 2-1: Using ep0 maxpacket: 8 [ 161.642840][ T972] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 161.661172][ T972] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 161.689605][ T972] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 161.721489][ T972] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 161.734507][ T972] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 161.743793][ T972] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 161.788755][ T972] usb 2-1: SerialNumber: syz [ 161.800826][ T5822] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 161.840502][ T7704] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 161.879849][ T972] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22 [ 161.945392][ T972] usb-storage 2-1:1.0: USB Mass Storage device detected [ 162.040168][ T972] usb-storage 2-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 162.085686][ T972] scsi host1: usb-storage 2-1:1.0 [ 162.404001][ T7729] netlink: 17 bytes leftover after parsing attributes in process `syz.6.793'. [ 162.431418][ T7729] netlink: zone id is out of range [ 162.444273][ T7729] netlink: zone id is out of range [ 162.464317][ T7729] netlink: zone id is out of range [ 162.474458][ T7729] netlink: zone id is out of range [ 162.487559][ T7710] loop4: detected capacity change from 0 to 32768 [ 162.499879][ T7729] netlink: zone id is out of range [ 162.522953][ T7729] netlink: zone id is out of range [ 162.529464][ T7710] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.785 (7710) [ 162.534574][ T7729] netlink: zone id is out of range [ 162.584261][ T7729] netlink: zone id is out of range [ 162.606275][ T7729] netlink: zone id is out of range [ 162.624897][ T7729] netlink: zone id is out of range [ 162.635087][ T7710] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 162.698673][ T7710] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 162.747528][ T7710] BTRFS info (device loop4): using free-space-tree [ 162.880738][ T7751] x_tables: duplicate entry at hook 3 [ 162.961606][ T7756] netlink: 8 bytes leftover after parsing attributes in process `syz.3.800'. [ 163.238915][ T7767] loop6: detected capacity change from 0 to 256 [ 163.253062][ T5825] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 163.289322][ T7767] FAT-fs (loop6): bogus logical sector size 2238 [ 163.309250][ T7721] usb 2-1: reset high-speed USB device number 6 using dummy_hcd [ 163.311919][ T7769] netlink: 'syz.2.805': attribute type 6 has an invalid length. [ 163.329926][ T7767] FAT-fs (loop6): Can't find a valid FAT filesystem [ 163.393743][ T7769] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.805'. [ 163.393785][ T7767] binder: Bad value for 'stats' [ 163.725840][ T972] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 163.934916][ T972] usb 6-1: Using ep0 maxpacket: 8 [ 163.976773][ T972] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 164.026396][ T972] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 164.063717][ T972] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.075127][ T7787] netlink: 60 bytes leftover after parsing attributes in process `syz.4.813'. [ 164.107646][ T972] usb 6-1: Product: syz [ 164.112124][ T7787] netlink: 60 bytes leftover after parsing attributes in process `syz.4.813'. [ 164.143893][ T972] usb 6-1: Manufacturer: syz [ 164.146294][ T5989] usb 2-1: USB disconnect, device number 6 [ 164.148484][ T972] usb 6-1: SerialNumber: syz [ 164.176698][ T972] usb 6-1: bad CDC descriptors [ 164.249866][ T7789] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 164.292113][ T7789] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 164.371858][ T7789] overlayfs: missing 'lowerdir' [ 164.420236][ T972] usb 6-1: USB disconnect, device number 3 [ 164.921541][ T7802] netlink: 268 bytes leftover after parsing attributes in process `syz.1.822'. [ 164.991735][ T7802] netlink: 268 bytes leftover after parsing attributes in process `syz.1.822'. [ 165.127942][ T7779] loop6: detected capacity change from 0 to 32768 [ 165.320550][ T7812] loop5: detected capacity change from 0 to 512 [ 165.382429][ T7779] JBD2: Ignoring recovery information on journal [ 165.488561][ T7812] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 165.600331][ T7812] ext4 filesystem being mounted at /140/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 165.722978][ T7779] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 165.915948][ T5823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.973261][ T7779] OCFS2: ERROR (device loop6): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 73 has 4294901761 used bits but only 0 total [ 166.002375][ T7838] netlink: 16 bytes leftover after parsing attributes in process `syz.3.838'. [ 166.056534][ T7779] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 166.099264][ T7779] OCFS2: File system is now read-only. [ 166.147589][ T7779] (syz.6.810,7779,0):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30 [ 166.207694][ T7844] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 166.209694][ T7779] (syz.6.810,7779,0):ocfs2_claim_metadata:2088 ERROR: status = -30 [ 166.244065][ T7844] overlayfs: missing 'lowerdir' [ 166.269413][ T7779] (syz.6.810,7779,0):ocfs2_claim_metadata:2101 ERROR: status = -30 [ 166.310232][ T7779] (syz.6.810,7779,0):ocfs2_dx_dir_attach_index:2328 ERROR: status = -30 [ 166.339163][ T7779] (syz.6.810,7779,0):ocfs2_expand_inline_dir:3021 ERROR: status = -30 [ 166.358615][ T7779] (syz.6.810,7779,0):ocfs2_extend_dir:3203 ERROR: status = -30 [ 166.416226][ T7779] (syz.6.810,7779,0):ocfs2_prepare_dir_for_insert:4308 ERROR: status = -30 [ 166.454330][ T7779] (syz.6.810,7779,0):ocfs2_mknod:298 ERROR: status = -30 [ 166.491720][ T7779] (syz.6.810,7779,0):ocfs2_mknod:502 ERROR: status = -30 [ 166.498795][ T7779] (syz.6.810,7779,0):ocfs2_mkdir:658 ERROR: status = -30 [ 166.748794][ T7779] syz.6.810 (7779) used greatest stack depth: 19064 bytes left [ 166.853302][ T6849] ocfs2: Unmounting device (7,6) on (node local) [ 166.884503][ T7867] loop1: detected capacity change from 0 to 512 [ 166.945213][ T7867] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 166.979896][ T7867] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 167.098844][ T7867] EXT4-fs (loop1): 1 truncate cleaned up [ 167.129490][ T7867] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.330766][ T7867] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 167.591757][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.621528][ T7889] loop3: detected capacity change from 0 to 64 [ 167.727427][ T7889] syz.3.862: attempt to access beyond end of device [ 167.727427][ T7889] loop3: rw=2049, sector=268435468, nr_sectors = 2 limit=64 [ 168.053701][ T7901] netlink: 'syz.2.867': attribute type 1 has an invalid length. [ 168.111317][ T7901] netlink: 224 bytes leftover after parsing attributes in process `syz.2.867'. [ 168.172297][ T7901] netlink: 8 bytes leftover after parsing attributes in process `syz.2.867'. [ 168.469444][ T7915] loop1: detected capacity change from 0 to 512 [ 168.549868][ T7915] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.875: bad orphan inode 15 [ 168.661113][ T7915] ext4_test_bit(bit=14, block=5) = 0 [ 168.737632][ T7915] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 168.871728][ T7915] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7987 vs 220 free clusters [ 168.927925][ T7935] loop6: detected capacity change from 0 to 64 [ 168.947034][ T7915] EXT4-fs error (device loop1): ext4_free_inode:354: comm syz.1.875: bit already cleared for inode 13 [ 169.367538][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.541863][ T7945] loop5: detected capacity change from 0 to 4096 [ 169.574804][ T7955] netlink: 40 bytes leftover after parsing attributes in process `syz.1.891'. [ 169.640999][ T7945] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 169.647485][ T7957] netlink: 'syz.6.895': attribute type 2 has an invalid length. [ 169.679994][ T7945] ntfs3(loop5): ino=9, ntfs_sync_fs failed, -22. [ 169.873224][ T5823] ntfs3(loop5): ino=9, ntfs_sync_fs failed, -22. [ 170.091637][ T7971] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 170.131455][ T7973] mmap: syz.5.901 (7973) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 170.279150][ T7971] bond1: entered promiscuous mode [ 170.284369][ T7971] bond1: entered allmulticast mode [ 170.289901][ T7971] 8021q: adding VLAN 0 to HW filter on device bond1 [ 171.182093][ T8010] netlink: 12 bytes leftover after parsing attributes in process `syz.5.921'. [ 171.222892][ T8012] loop6: detected capacity change from 0 to 16 [ 171.301633][ T8012] erofs: DAX unsupported by block device. Turning off DAX. [ 171.388024][ T8012] erofs (device loop6): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 171.460688][ T8012] erofs (device loop6): mounted with root inode @ nid 36. [ 171.478219][ T8020] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes [ 171.504728][ T8012] syz.6.922: attempt to access beyond end of device [ 171.504728][ T8012] loop6: rw=0, sector=131157, nr_sectors = 1 limit=16 [ 171.544597][ T8022] SET target dimension over the limit! [ 171.593854][ T8012] erofs (device loop6): read error -5 @ 0 of nid 36 [ 171.608894][ T8026] loop1: detected capacity change from 0 to 256 [ 171.626641][ T8026] exfat: Deprecated parameter 'namecase' [ 171.790571][ T8026] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 171.845428][ T8032] netlink: 'syz.5.932': attribute type 16 has an invalid length. [ 171.901413][ T8032] netlink: 'syz.5.932': attribute type 17 has an invalid length. [ 172.029780][ T8032] net_ratelimit: 75 callbacks suppressed [ 172.029792][ T8032] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 172.065375][ T8034] netlink: 84 bytes leftover after parsing attributes in process `syz.4.934'. [ 172.081963][ T8034] netlink: 84 bytes leftover after parsing attributes in process `syz.4.934'. [ 172.712984][ T8062] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 172.801250][ T8065] ªªªªª»: renamed from hsr0 (while UP) [ 173.131684][ T969] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 173.323265][ T969] usb 7-1: Using ep0 maxpacket: 16 [ 173.358566][ T969] usb 7-1: config index 0 descriptor too short (expected 16456, got 72) [ 173.387915][ T969] usb 7-1: config 0 has an invalid interface number: 125 but max is 1 [ 173.411954][ T8084] loop4: detected capacity change from 0 to 2048 [ 173.431303][ T969] usb 7-1: config 0 has an invalid interface number: 125 but max is 1 [ 173.465162][ T8084] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 173.481265][ T969] usb 7-1: config 0 has an invalid interface number: 125 but max is 1 [ 173.537664][ T969] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 173.558173][ T969] usb 7-1: config 0 has no interface number 0 [ 173.571098][ T969] usb 7-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 173.615931][ T969] usb 7-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 173.677746][ T969] usb 7-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 173.745498][ T969] usb 7-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 173.761197][ T24] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 173.776346][ T969] usb 7-1: config 0 interface 125 has no altsetting 0 [ 173.791685][ T969] usb 7-1: config 0 interface 125 has no altsetting 2 [ 173.811571][ T969] usb 7-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 173.828343][ T969] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 173.881189][ T969] usb 7-1: Product: syz [ 173.890522][ T969] usb 7-1: Manufacturer: syz [ 173.904880][ T969] usb 7-1: SerialNumber: syz [ 173.928567][ T969] usb 7-1: config 0 descriptor?? [ 173.929866][ T24] usb 3-1: Using ep0 maxpacket: 32 [ 173.969158][ T24] usb 3-1: config 0 interface 0 has no altsetting 0 [ 173.978342][ T969] usb 7-1: selecting invalid altsetting 2 [ 173.985405][ T24] usb 3-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 174.026379][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 174.095730][ T24] usb 3-1: Product: syz [ 174.100033][ T24] usb 3-1: Manufacturer: syz [ 174.137569][ T24] usb 3-1: SerialNumber: syz [ 174.164494][ T24] usb 3-1: config 0 descriptor?? [ 174.193650][ T30] audit: type=1326 audit(1748217357.748:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8105 comm="syz.4.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d14d8e969 code=0x7ffc0000 [ 174.271723][ T24] gs_usb 3-1:0.0: Required endpoints not found [ 174.307237][ T30] audit: type=1326 audit(1748217357.778:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8105 comm="syz.4.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d14d8e969 code=0x7ffc0000 [ 174.382116][ C0] usb 7-1: async_complete: urb error -71 [ 174.387930][ C0] usb 7-1: async_complete: urb error -71 [ 174.391281][ T24] usb 3-1: USB disconnect, device number 6 [ 174.393657][ C0] usb 7-1: async_complete: urb error -71 [ 174.412500][ T30] audit: type=1326 audit(1748217357.778:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8105 comm="syz.4.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f1d14d8e969 code=0x7ffc0000 [ 174.452875][ T969] get_1284_register: usb error -71 [ 174.461274][ T969] uss720 7-1:0.125: probe with driver uss720 failed with error -71 [ 174.536647][ T30] audit: type=1326 audit(1748217357.778:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8105 comm="syz.4.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d14d8e969 code=0x7ffc0000 [ 174.582056][ T969] usb 7-1: USB disconnect, device number 2 [ 174.604169][ T30] audit: type=1326 audit(1748217357.778:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8105 comm="syz.4.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d14d8e969 code=0x7ffc0000 [ 175.220199][ T8139] netlink: 8 bytes leftover after parsing attributes in process `syz.2.985'. [ 175.631984][ T8157] netlink: 3 bytes leftover after parsing attributes in process `syz.5.994'. [ 175.645922][ T8155] loop1: detected capacity change from 0 to 1024 [ 175.766227][ T8155] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 175.944891][ T8155] EXT4-fs error (device loop1): ext4_empty_dir:3107: inode #11: block 623: comm syz.1.993: Attempting to read directory block (623) that is past i_size (638464) [ 176.198192][ T8176] loop4: detected capacity change from 0 to 512 [ 176.250699][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.267052][ T8176] EXT4-fs (loop4): Test dummy encryption mode enabled [ 176.319981][ T8176] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 176.341267][ T8180] openvswitch: netlink: Message has 4 unknown bytes. [ 176.348095][ T8180] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 176.373587][ T8176] EXT4-fs (loop4): 1 truncate cleaned up [ 176.448530][ T8176] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 176.674190][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.660596][ T24] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 177.735064][ T8191] loop1: detected capacity change from 0 to 32768 [ 177.829526][ T8191] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1004 (8191) [ 177.840180][ T24] usb 4-1: Using ep0 maxpacket: 16 [ 177.906384][ T24] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 177.917025][ T24] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 177.929405][ T8191] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 177.948379][ T24] usb 4-1: config 0 has no interface number 0 [ 177.978141][ T8229] loop4: detected capacity change from 0 to 512 [ 177.986423][ T8191] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 177.997391][ T24] usb 4-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 178.013051][ T8191] BTRFS info (device loop1): using free-space-tree [ 178.052160][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 178.060221][ T24] usb 4-1: Product: syz [ 178.069606][ T8229] EXT4-fs (loop4): Test dummy encryption mode enabled [ 178.112387][ T8229] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 178.143286][ T8229] EXT4-fs (loop4): 1 truncate cleaned up [ 178.144934][ T24] usb 4-1: Manufacturer: syz [ 178.158075][ T8229] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 178.191354][ T24] usb 4-1: SerialNumber: syz [ 178.202617][ T24] usb 4-1: config 0 descriptor?? [ 178.216128][ T24] usb 4-1: Found UVC 0.00 device syz (046d:08f3) [ 178.225750][ T24] usb 4-1: No valid video chain found. [ 178.516444][ T24] usb 4-1: USB disconnect, device number 5 [ 178.574990][ T5826] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 178.800633][ T8229] fscrypt (loop4): Missing crypto API support for AES-256-CBC-CTS (API name: "cts(cbc(aes))") [ 179.090241][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.130567][ T8209] loop2: detected capacity change from 0 to 32768 [ 179.314537][ T8209] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 179.448213][ T8283] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 179.587308][ T8209] XFS (loop2): Ending clean mount [ 179.639876][ T8209] XFS (loop2): Quotacheck needed: Please wait. [ 179.733533][ T8209] XFS (loop2): Quotacheck: Done. [ 179.989998][ T5822] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 180.420372][ T8305] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1051'. [ 180.468079][ T8305] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 180.770860][ T8313] netlink: 'syz.1.1054': attribute type 1 has an invalid length. [ 180.810296][ T8313] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1054'. [ 180.866469][ T8313] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1054'. [ 181.091269][ T8324] netlink: 348 bytes leftover after parsing attributes in process `syz.6.1059'. [ 181.111002][ T8322] netlink: 'syz.2.1058': attribute type 3 has an invalid length. [ 181.371376][ T8330] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1062'. [ 181.416582][ T8298] loop5: detected capacity change from 0 to 32768 [ 181.471592][ T8298] bcachefs (/dev/loop5): error reading default superblock: checksum error, type none: got should be [ 181.544709][ T8298] bcachefs (/dev/loop5): error validating superblock: Invalid superblock section replicas_v0: invalid device 254 in entry user: 1/1 [254] [ 181.544709][ T8298] replicas_v0 (size 24): [ 181.544709][ T8298] btree: 1 [0] journal: 1 [0] user: 1 [254] (unknown data_type 255): 255 [255 255 255 255 255 108 1 0 0 6 0 0 0 0 0 0 0 0 0 0 0 10 0 0 0 0 0 0 0 1 0 1 249 0 0 0 0 8 0 0 0 0 0 0 0 1 0 2 0 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 5 0 0 0 0 0 0 0 179 0 0 0 1 0 0 1 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 2 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 3 5 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 6 0 0 0 0 11 0 0 0 0 0 0 3 1 1 0 0 0 0 0 2 0 0 0 6 0 0 0 0 0 0 0 0 0 0 0 2 1 1 0 0 0 0 0 2 0 0 0 6 0 0 0 16 0 0 0 0 0 0 0 4 1 1 0 0 0 0 0 33 0 0 0 8 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 83 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 25 0] [ 181.544709][ T8298] [ 181.733275][ T8298] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry [ 181.954787][ T8344] sctp: [Deprecated]: syz.2.1070 (pid 8344) Use of int in max_burst socket option. [ 181.954787][ T8344] Use struct sctp_assoc_value instead [ 182.224838][ T8312] loop4: detected capacity change from 0 to 32768 [ 182.356144][ T8312] JBD2: Ignoring recovery information on journal [ 182.473976][ T8353] loop3: detected capacity change from 0 to 4096 [ 182.498046][ T8312] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 182.588873][ T8353] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 182.632345][ T8312] (syz.4.1055,8312,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry too close to end - offset=32, inode=17057, rec_len=280, name_len=10 [ 182.751187][ T8312] (syz.4.1055,8312,0):ocfs2_prepare_dir_for_insert:4294 ERROR: status = -2 [ 182.801117][ T8312] (syz.4.1055,8312,0):ocfs2_mknod:298 ERROR: status = -2 [ 182.808200][ T8312] (syz.4.1055,8312,0):ocfs2_mknod:502 ERROR: status = -2 [ 182.889240][ T8312] (syz.4.1055,8312,0):ocfs2_create:675 ERROR: status = -2 [ 182.924646][ T8373] loop5: detected capacity change from 0 to 128 [ 183.157537][ T5825] ocfs2: Unmounting device (7,4) on (node local) [ 183.184277][ T8373] FAT-fs (loop5): Directory bread(block 32) failed [ 183.190852][ T8373] FAT-fs (loop5): Directory bread(block 33) failed [ 183.200878][ T8383] loop1: detected capacity change from 0 to 64 [ 183.252637][ T8373] FAT-fs (loop5): Directory bread(block 34) failed [ 183.290647][ T8373] FAT-fs (loop5): Directory bread(block 35) failed [ 183.301696][ T8383] Trying to free block not in datazone [ 183.346412][ T8373] FAT-fs (loop5): Directory bread(block 36) failed [ 183.361607][ T8383] Trying to free block not in datazone [ 183.391226][ T8373] FAT-fs (loop5): Directory bread(block 37) failed [ 183.398523][ T8373] FAT-fs (loop5): Directory bread(block 38) failed [ 183.413432][ T8395] loop6: detected capacity change from 0 to 64 [ 183.469194][ T8373] FAT-fs (loop5): Directory bread(block 39) failed [ 183.508658][ T8373] FAT-fs (loop5): Directory bread(block 40) failed [ 183.538504][ T8373] FAT-fs (loop5): Directory bread(block 41) failed [ 183.560767][ T8401] loop3: detected capacity change from 0 to 256 [ 183.561656][ T8395] syz.6.1089: attempt to access beyond end of device [ 183.561656][ T8395] loop6: rw=0, sector=130062, nr_sectors = 2 limit=64 [ 183.638667][ T8401] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 183.662127][ T8395] Buffer I/O error on dev loop6, logical block 65031, async page read [ 183.899655][ T8373] syz.5.1083: attempt to access beyond end of device [ 183.899655][ T8373] loop5: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 183.971879][ T8373] FAT-fs (loop5): Filesystem has been set read-only [ 184.010099][ T8373] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 184.044013][ T8412] loop2: detected capacity change from 0 to 256 [ 184.214443][ T8412] FAT-fs (loop2): Directory bread(block 64) failed [ 184.241086][ T8412] FAT-fs (loop2): Directory bread(block 65) failed [ 184.255407][ T8412] FAT-fs (loop2): Directory bread(block 66) failed [ 184.310233][ T8412] FAT-fs (loop2): Directory bread(block 67) failed [ 184.335405][ T8422] loop6: detected capacity change from 0 to 4096 [ 184.376422][ T8412] FAT-fs (loop2): Directory bread(block 68) failed [ 184.384666][ T8422] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512). [ 184.401387][ T8412] FAT-fs (loop2): Directory bread(block 69) failed [ 184.408096][ T8412] FAT-fs (loop2): Directory bread(block 70) failed [ 184.469820][ T8412] FAT-fs (loop2): Directory bread(block 71) failed [ 184.490985][ T8412] FAT-fs (loop2): Directory bread(block 72) failed [ 184.499050][ T8412] FAT-fs (loop2): Directory bread(block 73) failed [ 184.550440][ T8422] ntfs3(loop6): ino=1a, mi_enum_attr [ 184.580669][ T8422] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 184.700326][ T972] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 184.729098][ T8422] ntfs3(loop6): ino=1e, "file1" ntfs_sync_inode failed, -22. [ 184.916907][ T972] usb 2-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac [ 184.940083][ T67] ntfs3(loop6): ino=1e, ntfs3_write_inode failed, -22. [ 184.951298][ T972] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 184.989178][ T972] usb 2-1: Product: syz [ 185.004241][ T972] usb 2-1: Manufacturer: syz [ 185.008869][ T972] usb 2-1: SerialNumber: syz [ 185.097386][ T972] usb 2-1: config 0 descriptor?? [ 185.144705][ T972] gspca_main: sunplus-2.14.0 probing 055f:c230 [ 185.551471][ T972] gspca_sunplus: reg_r err -71 [ 185.556379][ T972] sunplus 2-1:0.0: probe with driver sunplus failed with error -71 [ 185.663056][ T972] usb 2-1: USB disconnect, device number 7 [ 186.380056][ T8571] loop4: detected capacity change from 0 to 8 [ 186.430663][ T8562] loop1: detected capacity change from 0 to 4096 [ 186.580635][ T8581] netlink: 256 bytes leftover after parsing attributes in process `syz.5.1129'. [ 186.621170][ T8584] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 186.806785][ T8562] NILFS (loop1): nilfs_palloc_commit_free_entry (ino=6): entry number 15 already freed [ 186.871643][ T8593] netlink: 'syz.2.1132': attribute type 1 has an invalid length. [ 187.018376][ T8596] loop6: detected capacity change from 0 to 1764 [ 187.520041][ T8633] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1141'. [ 187.612136][ T8637] program syz.6.1140 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 187.691596][ T972] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 187.910881][ T972] usb 2-1: config 0 has no interfaces? [ 187.933975][ T972] usb 2-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c [ 187.992899][ T972] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 188.021166][ T972] usb 2-1: Product: syz [ 188.025359][ T972] usb 2-1: Manufacturer: syz [ 188.046782][ T972] usb 2-1: SerialNumber: syz [ 188.142272][ T972] usb 2-1: config 0 descriptor?? [ 188.354836][ T972] usb 2-1: USB disconnect, device number 8 [ 188.457327][ T5895] IPVS: starting estimator thread 0... [ 188.561453][ T8689] IPVS: using max 24 ests per chain, 57600 per kthread [ 188.717898][ T8704] netlink: 'syz.6.1162': attribute type 10 has an invalid length. [ 188.747062][ T8704] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1162'. [ 188.793899][ T8704] batman_adv: batadv0: Adding interface: vlan1 [ 188.818744][ T8704] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.844251][ C0] vkms_vblank_simulate: vblank timer overrun [ 188.861314][ T8704] batman_adv: batadv0: Interface activated: vlan1 [ 189.001519][ T969] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 189.068092][ T8721] binder: 8719:8721 ioctl c0306201 200000000100 returned -14 [ 189.084186][ T8724] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1167'. [ 189.207341][ T969] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 189.247984][ T969] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 189.276590][ T969] usb 3-1: Product: syz [ 189.280826][ T969] usb 3-1: Manufacturer: syz [ 189.299323][ T969] usb 3-1: SerialNumber: syz [ 189.310466][ T8733] macvtap0: entered allmulticast mode [ 189.318766][ T969] usb 3-1: config 0 descriptor?? [ 189.357230][ T8733] veth0_macvtap: entered allmulticast mode [ 189.366158][ T969] ch341 3-1:0.0: ch341-uart converter detected [ 189.595528][ T969] usb 3-1: failed to receive control message: -71 [ 189.609270][ T8746] loop1: detected capacity change from 0 to 1024 [ 189.641668][ T969] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 189.711443][ T969] usb 3-1: USB disconnect, device number 7 [ 189.720761][ T969] ch341 3-1:0.0: device disconnected [ 190.551226][ T8803] netlink: 'syz.6.1188': attribute type 21 has an invalid length. [ 190.941318][ T8823] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1193'. [ 191.116933][ T8838] netlink: 52 bytes leftover after parsing attributes in process `syz.6.1196'. [ 191.527563][ T8859] syz.1.1205: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 191.591224][ T8859] CPU: 0 UID: 0 PID: 8859 Comm: syz.1.1205 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 191.591275][ T8859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 191.591296][ T8859] Call Trace: [ 191.591310][ T8859] [ 191.591323][ T8859] dump_stack_lvl+0x189/0x250 [ 191.591379][ T8859] ? __pfx_dump_stack_lvl+0x10/0x10 [ 191.591431][ T8859] ? __pfx__printk+0x10/0x10 [ 191.591461][ T8859] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 191.591499][ T8859] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 191.591537][ T8859] ? srso_alias_return_thunk+0x5/0xfbef5 [ 191.591576][ T8859] ? cpuset_print_current_mems_allowed+0x2ee/0x360 [ 191.591623][ T8859] warn_alloc+0x214/0x310 [ 191.591695][ T8859] ? __pfx_warn_alloc+0x10/0x10 [ 191.591747][ T8859] ? kasan_save_track+0x4f/0x80 [ 191.591789][ T8859] ? __kmalloc_cache_noprof+0x230/0x3d0 [ 191.591843][ T8859] ? xskq_create+0x56/0x170 [ 191.591893][ T8859] ? __x64_sys_setsockopt+0x18b/0x220 [ 191.591946][ T8859] ? do_syscall_64+0xf6/0x210 [ 191.591996][ T8859] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.592058][ T8859] __vmalloc_node_range_noprof+0x125/0x12c0 [ 191.592174][ T8859] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 191.592229][ T8859] ? xskq_create+0x56/0x170 [ 191.592279][ T8859] ? __kasan_kmalloc+0x93/0xb0 [ 191.592329][ T8859] ? srso_alias_return_thunk+0x5/0xfbef5 [ 191.592393][ T8859] vmalloc_user_noprof+0x74/0x80 [ 191.592447][ T8859] ? xskq_create+0xbf/0x170 [ 191.592491][ T8859] xskq_create+0xbf/0x170 [ 191.592540][ T8859] xsk_init_queue+0xb0/0x110 [ 191.592577][ T8859] xsk_setsockopt+0x43f/0x710 [ 191.592620][ T8859] ? __pfx_xsk_setsockopt+0x10/0x10 [ 191.592658][ T8859] ? srso_alias_return_thunk+0x5/0xfbef5 [ 191.592700][ T8859] ? srso_alias_return_thunk+0x5/0xfbef5 [ 191.592745][ T8859] ? srso_alias_return_thunk+0x5/0xfbef5 [ 191.592781][ T8859] ? srso_alias_return_thunk+0x5/0xfbef5 [ 191.592820][ T8859] ? __pfx_xsk_setsockopt+0x10/0x10 [ 191.592869][ T8859] do_sock_setsockopt+0x25a/0x3e0 [ 191.592922][ T8859] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 191.592966][ T8859] ? __fget_files+0x2a/0x420 [ 191.593021][ T8859] ? srso_alias_return_thunk+0x5/0xfbef5 [ 191.593054][ T8859] ? __fget_files+0x3a0/0x420 [ 191.593095][ T8859] ? __fget_files+0x2a/0x420 [ 191.593152][ T8859] __x64_sys_setsockopt+0x18b/0x220 [ 191.593200][ T8859] do_syscall_64+0xf6/0x210 [ 191.593242][ T8859] ? srso_alias_return_thunk+0x5/0xfbef5 [ 191.593278][ T8859] ? exc_page_fault+0x91/0x110 [ 191.593321][ T8859] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.593353][ T8859] RIP: 0033:0x7ffa0078e969 [ 191.593381][ T8859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 191.593407][ T8859] RSP: 002b:00007ffa015fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 191.593434][ T8859] RAX: ffffffffffffffda RBX: 00007ffa009b5fa0 RCX: 00007ffa0078e969 [ 191.593455][ T8859] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 191.593474][ T8859] RBP: 00007ffa00810ab1 R08: 0000000000000004 R09: 0000000000000000 [ 191.593491][ T8859] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 191.593511][ T8859] R13: 0000000000000000 R14: 00007ffa009b5fa0 R15: 00007ffcdd5034b8 [ 191.593555][ T8859] [ 191.599239][ T8859] Mem-Info: [ 191.983562][ T8859] active_anon:6501 inactive_anon:0 isolated_anon:0 [ 191.983562][ T8859] active_file:1428 inactive_file:40181 isolated_file:0 [ 191.983562][ T8859] unevictable:768 dirty:458 writeback:0 [ 191.983562][ T8859] slab_reclaimable:10622 slab_unreclaimable:105271 [ 191.983562][ T8859] mapped:40369 shmem:1362 pagetables:1129 [ 191.983562][ T8859] sec_pagetables:0 bounce:0 [ 191.983562][ T8859] kernel_misc_reclaimable:0 [ 191.983562][ T8859] free:1313530 free_pcp:294 free_cma:0 [ 192.145987][ T8859] Node 0 active_anon:26004kB inactive_anon:0kB active_file:5712kB inactive_file:160520kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:161476kB dirty:1828kB writeback:0kB shmem:3912kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11532kB pagetables:4616kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 192.238441][ T8859] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 192.298962][ T8889] netdevsim netdevsim5: Direct firmware load for ..€ failed with error -2 [ 192.339756][ T8889] netdevsim netdevsim5: Falling back to sysfs fallback for: ..€ [ 192.347838][ T8859] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 192.457750][ T8859] lowmem_reserve[]: 0 2504 2504 2504 2504 [ 192.479485][ T8859] Node 0 DMA32 free:1320824kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB active_anon:26072kB inactive_anon:0kB active_file:5712kB inactive_file:160428kB unevictable:1536kB writepending:1848kB present:3129332kB managed:2564104kB mlocked:0kB bounce:0kB free_pcp:1236kB local_pcp:748kB free_cma:0kB [ 192.607020][ T8859] lowmem_reserve[]: 0 0 0 0 0 [ 192.636979][ T8859] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:96kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 192.701801][ T8859] lowmem_reserve[]: 0 0 0 0 0 [ 192.718156][ T8859] Node 1 Normal free:3917264kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 192.722007][ T30] audit: type=1326 audit(1748217376.268:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8908 comm="syz.6.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95f638e969 code=0x50000 [ 192.790874][ T8859] lowmem_reserve[]: 0 0 0 0 0 [ 192.801734][ T8910] kAFS: No cell specified [ 192.822310][ T8859] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 192.850698][ T8859] Node 0 DMA32: 247*4kB (UME) 278*8kB (UME) 213*16kB (UME) 208*32kB (UME) 300*64kB (UME) 229*128kB (UME) 149*256kB (UM) 90*512kB (UME) 41*1024kB (UME) 9*2048kB (UME) 272*4096kB (UM) = 1320540kB [ 192.946316][ T30] audit: type=1326 audit(1748217376.318:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8908 comm="syz.6.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95f638e969 code=0x50000 [ 192.946537][ T8859] Node 0 [ 193.059081][ T30] audit: type=1326 audit(1748217376.328:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8908 comm="syz.6.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95f638e969 code=0x50000 [ 193.071278][ T8859] Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 193.208340][ T30] audit: type=1326 audit(1748217376.328:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8908 comm="syz.6.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95f638e969 code=0x50000 [ 193.223945][ T8859] Node 1 Normal: 230*4kB (UME) 57*8kB (UME) 57*16kB (UME) 217*32kB (UME) 105*64kB (UME) 35*128kB (UME) 12*256kB (UM) 7*512kB (UM) 5*1024kB (UME) 1*2048kB (E) 948*4096kB (M) = 3917264kB [ 193.325894][ T30] audit: type=1326 audit(1748217376.328:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8908 comm="syz.6.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95f638e969 code=0x50000 [ 193.361588][ T8859] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 193.390622][ T8859] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 193.430789][ T8859] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 193.439443][ T30] audit: type=1326 audit(1748217376.328:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8908 comm="syz.6.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95f638e969 code=0x50000 [ 193.472329][ T8859] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 193.521615][ T8859] 42948 total pagecache pages [ 193.545415][ T8859] 0 pages in swap cache [ 193.549614][ T8859] Free swap = 124996kB [ 193.551122][ T30] audit: type=1326 audit(1748217376.328:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8908 comm="syz.6.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95f638e969 code=0x50000 [ 193.596766][ T8859] Total swap = 124996kB [ 193.600974][ T8859] 2097051 pages RAM [ 193.636702][ T8859] 0 pages HighMem/MovableOnly [ 193.666549][ T8859] 424367 pages reserved [ 193.681327][ T30] audit: type=1326 audit(1748217376.328:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8908 comm="syz.6.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95f638e969 code=0x50000 [ 193.698894][ T8859] 0 pages cma reserved [ 193.711715][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.722846][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.753708][ T30] audit: type=1326 audit(1748217376.328:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8908 comm="syz.6.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95f638e969 code=0x50000 [ 193.760168][ T8946] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1232'. [ 193.861228][ T30] audit: type=1326 audit(1748217376.328:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8908 comm="syz.6.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95f638e969 code=0x50000 [ 193.868014][ T8946] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 193.966902][ T8946] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 194.082477][ T8958] No such timeout policy "syz0" [ 194.171010][ T8961] loop5: detected capacity change from 0 to 2048 [ 194.234535][ T8961] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found! [ 194.278338][ T8961] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 194.620632][ T8981] loop1: detected capacity change from 0 to 256 [ 194.795217][ T8989] loop3: detected capacity change from 0 to 2048 [ 194.811406][ T8995] netlink: 'syz.4.1247': attribute type 10 has an invalid length. [ 194.834012][ T8996] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1245'. [ 194.859196][ T8981] FAT-fs (loop1): Directory bread(block 64) failed [ 194.881160][ T8981] FAT-fs (loop1): Directory bread(block 65) failed [ 194.914992][ T8995] 8021q: adding VLAN 0 to HW filter on device bond0 [ 194.924487][ T8981] FAT-fs (loop1): Directory bread(block 66) failed [ 194.931136][ T8999] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 194.978271][ T8995] team0: Port device bond0 added [ 194.986906][ T8981] FAT-fs (loop1): Directory bread(block 67) failed [ 195.007674][ T8981] FAT-fs (loop1): Directory bread(block 68) failed [ 195.050878][ T8981] FAT-fs (loop1): Directory bread(block 69) failed [ 195.101534][ T8981] FAT-fs (loop1): Directory bread(block 70) failed [ 195.108100][ T8981] FAT-fs (loop1): Directory bread(block 71) failed [ 195.170622][ T8981] FAT-fs (loop1): Directory bread(block 72) failed [ 195.259051][ T8981] FAT-fs (loop1): Directory bread(block 73) failed [ 195.288987][ T8999] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 18446744071753620032 [ 195.345270][ T8999] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=16) [ 195.367449][ T8999] Remounting filesystem read-only [ 195.377150][ T5821] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer [ 195.563010][ T5894] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 195.748416][ T5894] usb 5-1: unable to get BOS descriptor or descriptor too short [ 195.784464][ T5894] usb 5-1: config 3 has an invalid interface number: 14 but max is 0 [ 195.828569][ T5894] usb 5-1: config 3 has no interface number 0 [ 195.861287][ T5894] usb 5-1: config 3 interface 14 has no altsetting 0 [ 195.933879][ T5894] usb 5-1: New USB device found, idVendor=045e, idProduct=02ae, bcdDevice=b8.0f [ 195.973891][ T5894] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 195.994477][ T5894] usb 5-1: Product: syz [ 195.998906][ T5894] usb 5-1: Manufacturer: syz [ 196.004307][ T9047] xt_hashlimit: size too large, truncated to 1048576 [ 196.010163][ T5894] usb 5-1: SerialNumber: syz [ 196.407186][ T5894] gspca_main: kinect-2.14.0 probing 045e:02ae [ 196.464123][ T9071] loop3: detected capacity change from 0 to 256 [ 196.489086][ T5894] usb 5-1: USB disconnect, device number 4 [ 196.599490][ T9071] FAT-fs (loop3): Directory bread(block 64) failed [ 196.619491][ T9071] FAT-fs (loop3): Directory bread(block 65) failed [ 196.636728][ T9071] FAT-fs (loop3): Directory bread(block 66) failed [ 196.657018][ T9071] FAT-fs (loop3): Directory bread(block 67) failed [ 196.669889][ T9071] FAT-fs (loop3): Directory bread(block 68) failed [ 196.711103][ T9071] FAT-fs (loop3): Directory bread(block 69) failed [ 196.719758][ T9071] FAT-fs (loop3): Directory bread(block 70) failed [ 196.746654][ T9071] FAT-fs (loop3): Directory bread(block 71) failed [ 196.758486][ T9071] FAT-fs (loop3): Directory bread(block 72) failed [ 196.767852][ T9071] FAT-fs (loop3): Directory bread(block 73) failed [ 196.852201][ T5895] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 197.033075][ T5895] usb 3-1: Using ep0 maxpacket: 32 [ 197.064573][ T5895] usb 3-1: config 4 has an invalid interface number: 128 but max is 0 [ 197.119829][ T5895] usb 3-1: config 4 has no interface number 0 [ 197.148669][ T5895] usb 3-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.191152][ T5895] usb 3-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.213636][ T5895] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 197.260815][ T5895] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.331320][ T5895] hub 3-1:4.128: USB hub found [ 197.530837][ T5895] hub 3-1:4.128: config failed, hub has too many ports! (err -19) [ 197.885628][ T9162] loop4: detected capacity change from 0 to 128 [ 197.892652][ T5895] usb 3-1: USB disconnect, device number 8 [ 197.932033][ T9162] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978) [ 197.991920][ T9162] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 198.069830][ T9162] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:376: inode #2: comm syz.4.1288: No space for directory leaf checksum. Please run e2fsck -D. [ 198.072060][ T9154] loop3: detected capacity change from 0 to 4096 [ 198.151346][ T9162] EXT4-fs error (device loop4): __ext4_find_entry:1628: inode #2: comm syz.4.1288: checksumming directory block 0 [ 198.210554][ T9172] loop1: detected capacity change from 0 to 4096 [ 198.384009][ T9185] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 198.466303][ T5825] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 199.114873][ T9222] loop4: detected capacity change from 0 to 8 [ 199.139657][ T9222] SQUASHFS error: Unable to read inode 0xe3 [ 200.174086][ T9274] loop2: detected capacity change from 0 to 2048 [ 200.249282][ T9274] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 200.252686][ T9282] loop6: detected capacity change from 0 to 16 [ 200.373608][ T9282] erofs (device loop6): mounted with root inode @ nid 36. [ 200.390658][ T9288] netlink: 'syz.5.1324': attribute type 10 has an invalid length. [ 200.433794][ T9288] netdevsim netdevsim5 netdevsim0: entered promiscuous mode [ 200.683837][ T9231] loop1: detected capacity change from 0 to 32768 [ 200.794338][ T9231] JBD2: Ignoring recovery information on journal [ 201.081706][ T9231] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 201.467417][ T5826] ocfs2: Unmounting device (7,1) on (node local) [ 201.576401][ T9343] 9p: Unknown access argument ?: -22 [ 202.283101][ T30] kauditd_printk_skb: 1181 callbacks suppressed [ 202.283126][ T30] audit: type=1326 audit(1748217385.838:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9384 comm="syz.6.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95f638e969 code=0x7ffc0000 [ 202.301331][ T9376] loop1: detected capacity change from 0 to 2048 [ 202.418738][ T30] audit: type=1326 audit(1748217385.838:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9384 comm="syz.6.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95f638e969 code=0x7ffc0000 [ 202.441114][ C1] vkms_vblank_simulate: vblank timer overrun [ 202.496009][ T9376] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 202.542207][ T30] audit: type=1326 audit(1748217385.888:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9384 comm="syz.6.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f95f638e969 code=0x7ffc0000 [ 202.643817][ T30] audit: type=1326 audit(1748217385.958:1224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9384 comm="syz.6.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95f638e969 code=0x7ffc0000 [ 202.927943][ T9411] netlink: 'syz.6.1357': attribute type 10 has an invalid length. [ 203.076002][ T9420] netlink: 'syz.4.1362': attribute type 5 has an invalid length. [ 203.095026][ T9411] 8021q: adding VLAN 0 to HW filter on device bond0 [ 203.189302][ T9411] team0: Port device bond0 added [ 203.274394][ T9420] ip6erspan0: entered promiscuous mode [ 203.349031][ T9429] loop1: detected capacity change from 0 to 256 [ 203.408872][ T9429] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 203.619363][ T9443] netlink: 512 bytes leftover after parsing attributes in process `syz.2.1370'. [ 203.767795][ T9391] loop3: detected capacity change from 0 to 32768 [ 203.780491][ T9391] btrfs: Deprecated parameter 'usebackuproot' [ 203.780516][ T9391] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 203.795865][ T9391] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1354 (9391) [ 203.832117][ T9391] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 203.832213][ T9391] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm [ 203.832246][ T9391] BTRFS info (device loop3): using free-space-tree [ 203.977453][ T67] BTRFS warning (device loop3): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x26333c6f level 0 [ 203.977738][ T9391] BTRFS warning (device loop3): couldn't read tree root [ 203.977765][ T9391] BTRFS warning (device loop3): try to load backup roots slot 1 [ 203.978456][ T1104] BTRFS warning (device loop3): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x78ca8373 level 0 [ 203.978578][ T9391] BTRFS warning (device loop3): couldn't read tree root [ 203.978601][ T9391] BTRFS warning (device loop3): try to load backup roots slot 2 [ 203.979072][ T1104] BTRFS error (device loop3): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 203.979208][ T9391] BTRFS warning (device loop3): couldn't read tree root [ 203.979228][ T9391] BTRFS warning (device loop3): try to load backup roots slot 3 [ 204.013669][ T9391] BTRFS info (device loop3): rebuilding free space tree [ 204.057112][ T9391] BTRFS info (device loop3): checking UUID tree [ 204.691721][ T30] audit: type=1800 audit(1748217388.208:1225): pid=9391 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1354" name="file1" dev="loop3" ino=257 res=0 errno=0 [ 204.895541][ T9524] loop4: detected capacity change from 0 to 1024 [ 204.914948][ T5821] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 205.285531][ T36] hfsplus: b-tree write err: -5, ino 4 [ 205.514374][ T5927] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 205.731356][ T5927] usb 6-1: Using ep0 maxpacket: 16 [ 205.761530][ T5927] usb 6-1: config 0 interface 0 has no altsetting 0 [ 205.775667][ T5927] usb 6-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82 [ 205.812004][ T5927] usb 6-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10 [ 205.841008][ T5927] usb 6-1: Product: syz [ 205.875148][ T5927] usb 6-1: Manufacturer: syz [ 205.898556][ T5927] usb 6-1: SerialNumber: syz [ 205.931359][ T5894] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 206.032661][ T5927] usb 6-1: config 0 descriptor?? [ 206.162578][ T5894] usb 4-1: config 0 has an invalid interface number: 225 but max is 0 [ 206.199804][ T5894] usb 4-1: config 0 has no interface number 0 [ 206.254685][ T5894] usb 4-1: New USB device found, idVendor=14ea, idProduct=ab11, bcdDevice=4a.d2 [ 206.289474][ T5894] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 206.328840][ T5894] usb 4-1: Product: syz [ 206.351145][ T5894] usb 4-1: Manufacturer: syz [ 206.355808][ T5894] usb 4-1: SerialNumber: syz [ 206.393053][ T5927] snd-usb-audio 6-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 206.416644][ T5894] usb 4-1: config 0 descriptor?? [ 206.523935][ T5927] usb 6-1: USB disconnect, device number 4 [ 206.566659][ T6496] udevd[6496]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 206.625159][ T9534] loop1: detected capacity change from 0 to 32768 [ 206.673354][ T9534] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1387 (9534) [ 206.715297][ T5894] asix 4-1:0.225 (unnamed net_device) (uninitialized): invalid hw address, using random [ 206.819678][ T9534] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 206.885524][ T9534] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 206.906634][ T5894] asix 4-1:0.225 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 206.952876][ T9534] BTRFS info (device loop1): using free-space-tree [ 206.960460][ T5894] asix 4-1:0.225 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 207.003451][ T5894] asix 4-1:0.225: probe with driver asix failed with error -71 [ 207.082525][ T5894] usb 4-1: USB disconnect, device number 6 [ 207.156677][ T9623] loop6: detected capacity change from 0 to 2048 [ 207.221957][ T9623] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 207.978322][ T5826] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 208.313600][ T9685] xt_addrtype: ipv6 does not support BROADCAST matching [ 208.406812][ T30] audit: type=1326 audit(1748217391.958:1226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9688 comm="syz.3.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1f258e969 code=0x7ffc0000 [ 208.515388][ T30] audit: type=1326 audit(1748217391.958:1227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9688 comm="syz.3.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1f258e969 code=0x7ffc0000 [ 208.669166][ T30] audit: type=1326 audit(1748217391.998:1228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9688 comm="syz.3.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7fc1f258e969 code=0x7ffc0000 [ 208.669227][ T30] audit: type=1326 audit(1748217391.998:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9688 comm="syz.3.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1f258e969 code=0x7ffc0000 [ 208.669278][ T30] audit: type=1326 audit(1748217391.998:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9688 comm="syz.3.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1f258e969 code=0x7ffc0000 [ 208.758624][ T9711] netdevsim netdevsim3 ªªªªª»: renamed from netdevsim0 (while UP) [ 209.002815][ T9714] loop6: detected capacity change from 0 to 256 [ 209.183804][ T9726] netlink: 'syz.3.1430': attribute type 27 has an invalid length. [ 209.192705][ T9714] FAT-fs (loop6): error, fat_free: invalid cluster chain (i_pos 196) [ 209.192764][ T9714] FAT-fs (loop6): Filesystem has been set read-only [ 209.340376][ T9729] loop4: detected capacity change from 0 to 16 [ 209.571955][ T9729] erofs (device loop4): mounted with root inode @ nid 36. [ 209.641517][ T6849] FAT-fs (loop6): error, fat_free: invalid cluster chain (i_pos 196) [ 209.662301][ T9729] erofs (device loop4): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 209.749057][ T9729] erofs (device loop4): failed to decompress -46 in[60, 4036] out[1851] [ 209.787823][ T9746] loop5: detected capacity change from 0 to 512 [ 209.801119][ T9729] erofs (device loop4): read error -117 @ 43 of nid 36 [ 209.930205][ T9746] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.1435: bad orphan inode 13 [ 210.000733][ T9746] ext4_test_bit(bit=12, block=4) = 1 [ 210.031275][ T9746] is_bad_inode(inode)=0 [ 210.049761][ T9746] NEXT_ORPHAN(inode)=0 [ 210.084541][ T9746] max_ino=32 [ 210.087800][ T9746] i_nlink=1 [ 210.144549][ T9746] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 210.301376][ T9746] EXT4-fs warning (device loop5): dx_probe:803: inode #2: comm syz.5.1435: Unrecognised inode hash code 20 [ 210.372148][ T9746] EXT4-fs warning (device loop5): dx_probe:936: inode #2: comm syz.5.1435: Corrupt directory, running e2fsck is recommended [ 210.448513][ T9746] EXT4-fs warning (device loop5): dx_probe:803: inode #2: comm syz.5.1435: Unrecognised inode hash code 20 [ 210.468022][ T9779] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1444'. [ 210.506632][ T9779] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1444'. [ 210.561178][ T9746] EXT4-fs warning (device loop5): dx_probe:936: inode #2: comm syz.5.1435: Corrupt directory, running e2fsck is recommended [ 210.830175][ T5823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.082308][ T9810] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1454'. [ 211.097209][ T30] audit: type=1400 audit(1748217394.648:1231): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A273A02 pid=9800 comm="syz.6.1452" [ 211.111120][ T9810] tc_dump_action: action bad kind [ 212.125807][ T30] audit: type=1326 audit(1748217395.678:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9895 comm="syz.1.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0078e969 code=0x7ffc0000 [ 212.175457][ T5894] usb 5-1: new low-speed USB device number 5 using dummy_hcd [ 212.235240][ T30] audit: type=1326 audit(1748217395.678:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9895 comm="syz.1.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0078e969 code=0x7ffc0000 [ 212.257958][ C1] vkms_vblank_simulate: vblank timer overrun [ 212.356367][ T30] audit: type=1326 audit(1748217395.678:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9895 comm="syz.1.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7ffa0078e969 code=0x7ffc0000 [ 212.387615][ T5894] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 64, setting to 8 [ 212.435623][ T9910] C: renamed from team_slave_0 (while UP) [ 212.436222][ T5894] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 is Bulk; changing to Interrupt [ 212.465267][ T9912] loop1: detected capacity change from 0 to 128 [ 212.473013][ T30] audit: type=1326 audit(1748217395.678:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9895 comm="syz.1.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa0078e969 code=0x7ffc0000 [ 212.504488][ T5894] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 is Bulk; changing to Interrupt [ 212.520167][ T9910] netlink: 'syz.2.1474': attribute type 3 has an invalid length. [ 212.539975][ T5894] usb 5-1: string descriptor 0 read error: -22 [ 212.548468][ T5894] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 212.570216][ T5894] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.585907][ T9910] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1474'. [ 212.593741][ T9881] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 212.634921][ T9912] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 212.670997][ T9910] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 212.739366][ T9926] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1477'. [ 212.752110][ T9912] ext4 filesystem being mounted at /224/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 212.761103][ T9926] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1477'. [ 212.774285][ T9926] netlink: 492 bytes leftover after parsing attributes in process `syz.3.1477'. [ 212.828771][ T5894] cdc_ncm 5-1:1.0: bind() failure [ 212.868196][ T5894] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 212.908550][ T5894] cdc_ncm 5-1:1.1: bind() failure [ 212.948088][ T5894] usb 5-1: USB disconnect, device number 5 [ 213.008697][ T5826] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 213.105625][ T9943] loop5: detected capacity change from 0 to 16 [ 213.130833][ T9943] erofs (device loop5): mounted with root inode @ nid 36. [ 213.351230][ T9] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 213.438820][ T9956] loop1: detected capacity change from 0 to 1764 [ 213.490310][ T9956] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 213.529833][ T9] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF4, changing to 0x84 [ 213.568009][ T9] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1023 [ 213.641114][ T9] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x66, changing to 0x6 [ 213.667027][ T9966] loop4: detected capacity change from 0 to 512 [ 213.676529][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 213.705435][ T9] usb 4-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 213.720094][ T9966] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 213.767448][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.789860][ T9] usb 4-1: Product: syz [ 213.799122][ T9] usb 4-1: Manufacturer: syz [ 213.810609][ T9] usb 4-1: SerialNumber: syz [ 213.835187][ T9966] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #17: comm syz.4.1485: iget: bad i_size value: -6917529027641081756 [ 213.858826][ T9] usb 4-1: config 0 descriptor?? [ 213.900056][ T9940] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 213.960640][ T9] usb 4-1: ucan: probing device on interface #0 [ 213.970541][ T9966] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1485: couldn't read orphan inode 17 (err -117) [ 214.022863][ T9] usb 4-1: ucan: invalid endpoint configuration [ 214.059395][ T9] usb 4-1: ucan: probe failed; try to update the device firmware [ 214.084710][ T9966] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 214.218981][ T5927] usb 4-1: USB disconnect, device number 7 [ 214.335702][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 214.442164][ T9960] loop5: detected capacity change from 0 to 32768 [ 214.476764][ T9922] loop6: detected capacity change from 0 to 32768 [ 214.631505][ T9960] ERROR: (device loop5): dbAlloc: unable to allocate blocks [ 214.631505][ T9960] [ 214.741844][T10014] x_tables: ip_tables: osf match: only valid for protocol 6 [ 214.927632][ T9922] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 215.021174][ T5895] usb 3-1: new full-speed USB device number 9 using dummy_hcd [ 215.251128][ T5895] usb 3-1: unable to get BOS descriptor or descriptor too short [ 215.281314][ T5895] usb 3-1: not running at top speed; connect to a high speed hub [ 215.351173][ T5895] usb 3-1: config 5 has an invalid interface number: 101 but max is 0 [ 215.359419][ T5895] usb 3-1: config 5 has no interface number 0 [ 215.429811][ T5895] usb 3-1: config 5 interface 101 has no altsetting 0 [ 215.439288][ T9922] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 215.439288][ T9922] allowing incompatible features above 0.0: (unknown version) [ 215.514937][ T5895] usb 3-1: New USB device found, idVendor=0403, idProduct=e0f7, bcdDevice=78.34 [ 215.543749][ T5895] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 215.570462][ T9922] bcachefs (loop6): initializing new filesystem [ 215.580546][ T5895] usb 3-1: Product: syz [ 215.598693][ T5895] usb 3-1: Manufacturer: syz [ 215.631459][ T5895] usb 3-1: SerialNumber: syz [ 215.642484][ T9922] bcachefs (loop6): going read-write [ 215.705389][ T9922] bcachefs (loop6): bch2_copygc_start(): error creating copygc thread EINTR [ 215.771145][ T9922] bcachefs (loop6): __bch2_fs_read_write(): error error starting copygc thread EINTR [ 215.814741][T10064] netlink: 'syz.3.1506': attribute type 1 has an invalid length. [ 215.855416][T10053] loop1: detected capacity change from 0 to 4096 [ 215.862206][ T9922] bcachefs (loop6): going read-only [ 215.897297][ T5895] ftdi_sio 3-1:5.101: FTDI USB Serial Device converter detected [ 215.912637][ T9922] bcachefs (loop6): finished waiting for writes to stop [ 215.920604][ T9922] bcachefs (loop6): flushing journal and stopping allocators, journal seq 0 [ 215.957852][ T5895] ftdi_sio ttyUSB0: unknown device type: 0x7834 [ 216.031771][ T5895] usb 3-1: USB disconnect, device number 9 [ 216.048900][ T5895] ftdi_sio 3-1:5.101: device disconnected [ 216.106244][ T9922] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 0 [ 216.129239][T10053] ntfs3(loop1): ino=b, mi_enum_attr [ 216.170445][T10053] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 216.212246][T10053] ntfs3(loop1): Failed to load $Extend (-22). [ 216.218384][T10053] ntfs3(loop1): Failed to initialize $Extend. [ 216.255116][ T5835] Bluetooth: hci2: command 0x0406 tx timeout [ 216.261685][ T5836] Bluetooth: hci4: command 0x0406 tx timeout [ 216.262628][ T5133] Bluetooth: hci0: command 0x0406 tx timeout [ 216.268343][ T5836] Bluetooth: hci1: command 0x0406 tx timeout [ 216.275136][ T5133] Bluetooth: hci5: command 0x0406 tx timeout [ 216.281162][ T5836] Bluetooth: hci3: command 0x0406 tx timeout [ 216.373338][ T9922] bcachefs (loop6): unclean shutdown complete, journal seq 1 [ 216.568488][ T9922] bcachefs (loop6): done going read-only, filesystem not clean [ 216.599918][ T9922] bcachefs (loop6): bch2_fs_initialize(): error EINTR [ 216.630797][ T9922] bcachefs (loop6): bch2_fs_start(): error starting filesystem EINTR [ 216.670006][T10111] loop5: detected capacity change from 0 to 1764 [ 216.687968][ T9922] bcachefs (loop6): shutting down [ 216.813336][T10111] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 216.848880][T10125] xt_cgroup: path and classid specified [ 216.922458][ T9922] bcachefs (loop6): shutdown complete [ 218.293210][T10124] loop4: detected capacity change from 0 to 32768 [ 219.186283][T10242] netlink: 'syz.5.1552': attribute type 1 has an invalid length. [ 219.235719][T10242] netlink: 'syz.5.1552': attribute type 3 has an invalid length. [ 219.235757][T10242] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1552'. [ 219.235776][T10242] NCSI netlink: No device for ifindex 0 [ 219.313606][ T9] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 219.487574][ T9] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 219.500211][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 219.508856][ T9] usb 3-1: Product: syz [ 219.514890][ T9] usb 3-1: Manufacturer: syz [ 219.519567][ T9] usb 3-1: SerialNumber: syz [ 219.540480][ T9] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 219.605012][T10124] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 219.638836][ T5894] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 219.790965][T10124] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io [ 219.790965][T10124] allowing incompatible features above 0.0: (unknown version) [ 219.881894][T10124] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 219.890141][T10124] bcachefs (loop4): Version upgrade required: [ 219.890141][T10124] Version upgrade from 0.26: lru_v2 to 1.7: mi_btree_bitmap incomplete [ 219.890141][T10124] Doing incompatible version upgrade from 0.26: lru_v2 to 1.25: extent_flags [ 219.890141][T10124] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 219.985167][T10259] loop1: detected capacity change from 0 to 16 [ 220.018924][T10259] erofs (device loop1): mounted with root inode @ nid 36. [ 220.065868][T10239] loop3: detected capacity change from 0 to 32768 [ 220.106185][T10124] bcachefs (loop4): dropping and reconstructing all alloc info [ 220.179021][T10124] bcachefs (loop4): accounting_read... [ 220.207455][T10239] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1553 (10239) [ 220.252625][T10124] done [ 220.255443][T10124] bcachefs (loop4): alloc_read... done [ 220.277442][ T969] usb 3-1: USB disconnect, device number 10 [ 220.296652][ T9922] bcachefs: bch2_fs_get_tree() error: EINTR [ 220.305017][T10124] bcachefs (loop4): snapshots_read... done [ 220.321555][T10239] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 220.332522][T10124] bcachefs (loop4): done starting filesystem [ 220.361495][T10239] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 220.396706][T10239] BTRFS info (device loop3): using free-space-tree [ 220.452445][ T5825] bcachefs (loop4): shutting down [ 220.689332][ T5825] bcachefs (loop4): shutdown complete [ 220.698917][T10249] loop5: detected capacity change from 0 to 32768 [ 220.735656][ T5894] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 220.774904][ T5894] ath9k_htc: Failed to initialize the device [ 220.791526][T10249] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1554 (10249) [ 220.840731][ T969] usb 3-1: ath9k_htc: USB layer deinitialized [ 220.875911][ T5821] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 220.936938][T10249] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 220.987443][T10249] BTRFS info (device loop5): using crc32c (crc32c-x86_64) checksum algorithm [ 221.008196][T10306] vivid-000: disconnect [ 221.044561][T10305] vivid-000: reconnect [ 221.073307][T10249] BTRFS info (device loop5): using free-space-tree [ 221.484957][T10335] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1565'. [ 221.512915][T10339] xt_CT: You must specify a L4 protocol and not use inversions on it [ 221.560742][T10333] loop2: detected capacity change from 0 to 2048 [ 221.619689][T10333] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 221.662038][T10333] UDF-fs: Scanning with blocksize 512 failed [ 221.750584][T10333] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 221.935343][ T5823] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 222.874033][T10386] bridge2: entered promiscuous mode [ 223.012972][T10396] loop6: detected capacity change from 0 to 256 [ 223.486673][ T969] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 223.560304][T10426] loop1: detected capacity change from 0 to 512 [ 223.711113][ T969] usb 6-1: Using ep0 maxpacket: 8 [ 223.755089][ T969] usb 6-1: New USB device found, idVendor=0458, idProduct=7003, bcdDevice=7a.1a [ 223.767199][T10426] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 223.783951][ T969] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 223.804077][ T969] usb 6-1: Product: syz [ 223.808329][ T969] usb 6-1: Manufacturer: syz [ 223.844796][ T969] usb 6-1: SerialNumber: syz [ 223.849762][T10426] ext4 filesystem being mounted at /253/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 223.884050][ T969] usb 6-1: config 0 descriptor?? [ 223.943731][ T969] gspca_main: sn9c2028-2.14.0 probing 0458:7003 [ 223.954967][T10426] Quota error (device loop1): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 224.043515][T10426] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 224.081264][T10426] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.1591: Failed to acquire dquot type 0 [ 224.307203][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 224.308698][ T969] gspca_sn9c2028: read1 error -71 [ 224.338547][T10454] netlink: 'syz.2.1597': attribute type 1 has an invalid length. [ 224.363395][ T969] gspca_sn9c2028: read1 error -71 [ 224.368946][ T969] sn9c2028 6-1:0.0: probe with driver sn9c2028 failed with error -71 [ 224.390579][T10454] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1597'. [ 224.441635][ T969] usb 6-1: USB disconnect, device number 5 [ 225.112054][T10430] loop3: detected capacity change from 0 to 40427 [ 225.238892][T10497] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 225.328199][T10497] CIFS mount error: No usable UNC path provided in device string! [ 225.328199][T10497] [ 225.431598][T10497] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 225.651652][T10430] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 225.734681][T10520] loop2: detected capacity change from 0 to 2048 [ 225.843192][T10520] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 226.184439][T10533] loop4: detected capacity change from 0 to 4096 [ 226.368213][T10544] loop1: detected capacity change from 0 to 256 [ 226.700244][T10558] binder: 10557:10558 ioctl c0046209 100000000000000 returned -22 [ 227.579207][T10608] bridge0: port 1(bridge_slave_0) entered forwarding state [ 227.938416][T10626] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 227.995479][T10615] loop5: detected capacity change from 0 to 4096 [ 228.208016][T10643] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 228.471270][T10655] netlink: 'syz.2.1652': attribute type 7 has an invalid length. [ 228.676020][T10671] openvswitch: netlink: EtherType 0 is less than min 600 [ 228.722559][ T5927] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 228.918422][ T5927] usb 5-1: unable to get BOS descriptor or descriptor too short [ 228.937803][ T5927] usb 5-1: not running at top speed; connect to a high speed hub [ 228.954504][T10675] loop2: detected capacity change from 0 to 4096 [ 228.976744][T10675] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 228.987998][ T5927] usb 5-1: config 8 has an invalid interface number: 96 but max is 0 [ 229.025254][ T5927] usb 5-1: config 8 has no interface number 0 [ 229.057538][ T5927] usb 5-1: config 8 interface 96 altsetting 6 endpoint 0x5 has invalid wMaxPacketSize 0 [ 229.117850][ T5927] usb 5-1: config 8 interface 96 has no altsetting 0 [ 229.148149][ T5927] usb 5-1: New USB device found, idVendor=04e8, idProduct=6889, bcdDevice=e2.e7 [ 229.178961][ T5927] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 229.226970][ T5927] usb 5-1: Product: syz [ 229.244001][ T5927] usb 5-1: Manufacturer: syz [ 229.271636][ T5927] usb 5-1: SerialNumber: syz [ 229.563711][ T5927] kalmia 5-1:8.96: probe with driver kalmia failed with error -22 [ 229.582411][ T5927] option 5-1:8.96: GSM modem (1-port) converter detected [ 229.599880][ T5927] usb 5-1: USB disconnect, device number 6 [ 229.614086][ T5927] option 5-1:8.96: device disconnected [ 229.938595][ T30] audit: type=1326 audit(1748217413.478:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10739 comm="syz.3.1673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1f258e969 code=0x7ffc0000 [ 230.034449][ T30] audit: type=1326 audit(1748217413.518:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10739 comm="syz.3.1673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1f258e969 code=0x7ffc0000 [ 230.165866][ T30] audit: type=1326 audit(1748217413.518:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10739 comm="syz.3.1673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7fc1f258e969 code=0x7ffc0000 [ 230.239193][ T30] audit: type=1326 audit(1748217413.518:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10739 comm="syz.3.1673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1f258e969 code=0x7ffc0000 [ 230.291267][ T30] audit: type=1326 audit(1748217413.518:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10739 comm="syz.3.1673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1f258e969 code=0x7ffc0000 [ 230.398796][T10763] AppArmor: change_hat: Invalid input '0' [ 230.806344][T10787] loop2: detected capacity change from 0 to 1024 [ 230.865962][T10787] hfsplus: keylen 65060 too large [ 230.878210][T10787] hfsplus: xattr searching failed [ 230.939077][T10794] loop5: detected capacity change from 0 to 64 [ 231.265631][T10813] loop6: detected capacity change from 0 to 256 [ 231.704913][T10840] loop5: detected capacity change from 0 to 1024 [ 231.732768][T10843] Zero length message leads to an empty skb [ 231.787353][T10840] overlay: filesystem on ./file0 not supported [ 231.966750][ T13] hfsplus: b-tree write err: -5, ino 4 [ 232.089672][T10863] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 232.211693][T10870] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1712'. [ 232.280757][T10870] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1712'. [ 232.352228][T10876] (unnamed net_device) (uninitialized): up delay (15) is not a multiple of miimon (100), value rounded to 0 ms [ 232.558124][T10876] bond2: entered promiscuous mode [ 232.609047][T10921] loop6: detected capacity change from 0 to 16 [ 232.639975][T10921] erofs (device loop6): mounted with root inode @ nid 36. [ 232.744866][T10921] erofs (device loop6): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 232.783961][T10921] erofs (device loop6): failed to decompress -11 in[52, 4044] out[1851] [ 232.811337][T10921] erofs (device loop6): read error -117 @ 43 of nid 36 [ 232.866409][T10934] loop3: detected capacity change from 0 to 128 [ 232.917158][T10934] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 233.055721][T10934] ext4 filesystem being mounted at /331/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 233.188832][T10951] loop5: detected capacity change from 0 to 64 [ 233.340600][ T5821] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 233.718537][T10926] loop4: detected capacity change from 0 to 32768 [ 233.796375][T10926] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1720 (10926) [ 233.895810][T10926] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 233.960544][T10926] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 233.996656][T10926] BTRFS info (device loop4): using free-space-tree [ 234.041902][T10994] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 234.256150][T11018] loop3: detected capacity change from 0 to 2048 [ 234.298047][T11017] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 234.433058][T11018] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 234.567364][T11018] ext4 filesystem being mounted at /335/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 234.623580][ T5825] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 234.731565][T11018] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1743: bg 0: block 345: padding at end of block bitmap is not set [ 235.098830][ T5821] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.303231][T11050] loop2: detected capacity change from 0 to 4096 [ 235.342599][T11050] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 235.346600][T11059] loop5: detected capacity change from 0 to 2048 [ 235.457432][T11050] ntfs3(loop2): ino=1a, mi_enum_attr [ 235.473446][T11059] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 235.487676][T11050] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 235.578390][T11050] ntfs3(loop2): ino=1e, "file1" ntfs3_write_inode failed, -22. [ 235.615103][T11059] UDF-fs: error (device loop5): udf_fiiter_advance_blk: extent after position 232 not allocated in directory (ino 1376) [ 236.359686][T11114] loop1: detected capacity change from 0 to 64 [ 236.695342][T11133] loop3: detected capacity change from 0 to 128 [ 236.773275][T11133] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 236.791343][ T5894] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 236.833844][T11133] FAT-fs (loop3): Filesystem has been set read-only [ 237.011741][ T5821] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 237.011840][ T5894] usb 3-1: config 0 has an invalid interface number: 41 but max is 0 [ 237.067708][ T5894] usb 3-1: config 0 has no interface number 0 [ 237.091636][ T5894] usb 3-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c [ 237.111452][ T5894] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 237.119510][ T5894] usb 3-1: Product: syz [ 237.171306][ T5894] usb 3-1: Manufacturer: syz [ 237.175992][ T5894] usb 3-1: SerialNumber: syz [ 237.216332][ T5894] usb 3-1: config 0 descriptor?? [ 237.283903][ T5894] ims_pcu 3-1:0.41: probe with driver ims_pcu failed with error -22 [ 237.540282][ T5894] usb 3-1: USB disconnect, device number 11 [ 237.862232][T11110] loop4: detected capacity change from 0 to 32768 [ 237.963200][T11110] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 238.097244][T11214] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1795'. [ 238.106358][T11214] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1795'. [ 238.203406][T11110] XFS (loop4): Ending clean mount [ 238.271372][T11110] XFS (loop4): Quotacheck needed: Please wait. [ 238.381846][T11110] XFS (loop4): Quotacheck: Done. [ 238.633429][ T5825] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 238.653984][T11236] vlan1: entered promiscuous mode [ 239.538455][T11286] xt_HMARK: spi-set and port-set can't be combined [ 239.586236][T11287] netlink: 'syz.1.1817': attribute type 2 has an invalid length. [ 239.650433][T11287] netlink: 'syz.1.1817': attribute type 1 has an invalid length. [ 239.701619][T11287] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1817'. [ 239.933769][T11309] loop2: detected capacity change from 0 to 64 [ 241.881203][T11409] netlink: 'syz.2.1853': attribute type 4 has an invalid length. [ 241.904982][T11409] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.1853'. [ 241.915059][T11411] nfs: Deprecated parameter 'nointr' [ 242.654666][ T5989] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 242.661402][T11456] loop4: detected capacity change from 0 to 1024 [ 242.851523][ T5989] usb 4-1: Using ep0 maxpacket: 16 [ 242.921368][ T5989] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 242.930475][ T5989] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 242.939057][ T12] hfsplus: b-tree write err: -5, ino 4 [ 242.939268][T11462] loop1: detected capacity change from 0 to 4096 [ 242.987298][ T5989] usb 4-1: Product: syz [ 243.003521][ T5989] usb 4-1: Manufacturer: syz [ 243.008147][ T5989] usb 4-1: SerialNumber: syz [ 243.013163][T11462] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512). [ 243.076073][ T5989] r8152-cfgselector 4-1: Unknown version 0x0000 [ 243.085266][ T5989] r8152-cfgselector 4-1: config 0 descriptor?? [ 243.299069][T11486] loop4: detected capacity change from 0 to 4096 [ 243.308270][T11486] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 243.514763][T11486] ntfs3(loop4): ino=3, ntfs_set_state failed, -22. [ 243.560679][ T5894] r8152-cfgselector 4-1: USB disconnect, device number 8 [ 243.605022][T11500] loop6: detected capacity change from 0 to 1024 [ 243.704517][ T1104] ntfs3(loop4): ino=3, ntfs3_write_inode failed, -22. [ 243.726125][ T5825] ntfs3(loop4): ino=3, ntfs_set_state failed, -22. [ 243.742502][T11502] gtp0: entered promiscuous mode [ 243.771673][ T5825] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 243.783200][T11502] gtp0: entered allmulticast mode [ 243.811129][ T5825] ntfs3(loop4): ino=3, ntfs_set_state failed, -22. [ 243.842229][ T67] ntfs3(loop4): ino=3, ntfs3_write_inode failed, -22. [ 244.496039][T11547] loop5: detected capacity change from 0 to 1024 [ 244.853461][T11565] netlink: 'syz.2.1902': attribute type 3 has an invalid length. [ 244.908907][T11565] netlink: 228 bytes leftover after parsing attributes in process `syz.2.1902'. [ 244.943164][T11574] xt_cgroup: xt_cgroup: no path or classid specified [ 244.951840][T11565] NCSI netlink: No device for ifindex 0 [ 245.228796][T11587] @ÿ: renamed from veth0_vlan (while UP) [ 245.551406][T11605] loop2: detected capacity change from 0 to 256 [ 245.622810][T11613] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1918'. [ 245.687754][T11605] FAT-fs (loop2): Directory bread(block 64) failed [ 245.717931][T11605] FAT-fs (loop2): Directory bread(block 65) failed [ 245.738363][T11605] FAT-fs (loop2): Directory bread(block 66) failed [ 245.756635][T11605] FAT-fs (loop2): Directory bread(block 67) failed [ 245.777660][T11605] FAT-fs (loop2): Directory bread(block 68) failed [ 245.860991][T11605] FAT-fs (loop2): Directory bread(block 69) failed [ 245.867943][T11605] FAT-fs (loop2): Directory bread(block 70) failed [ 245.957163][T11605] FAT-fs (loop2): Directory bread(block 71) failed [ 246.017489][T11605] FAT-fs (loop2): Directory bread(block 72) failed [ 246.026701][T11630] loop4: detected capacity change from 0 to 256 [ 246.061382][T11605] FAT-fs (loop2): Directory bread(block 73) failed [ 246.155261][T11635] netlink: 'syz.3.1925': attribute type 1 has an invalid length. [ 246.164273][T11630] FAT-fs (loop4): Directory bread(block 64) failed [ 246.170814][T11630] FAT-fs (loop4): Directory bread(block 65) failed [ 246.183408][T11635] netlink: 228 bytes leftover after parsing attributes in process `syz.3.1925'. [ 246.199412][T11630] FAT-fs (loop4): Directory bread(block 66) failed [ 246.207221][T11630] FAT-fs (loop4): Directory bread(block 67) failed [ 246.214164][T11630] FAT-fs (loop4): Directory bread(block 68) failed [ 246.220738][T11630] FAT-fs (loop4): Directory bread(block 69) failed [ 246.228434][T11630] FAT-fs (loop4): Directory bread(block 70) failed [ 246.235213][T11630] FAT-fs (loop4): Directory bread(block 71) failed [ 246.242211][T11630] FAT-fs (loop4): Directory bread(block 72) failed [ 246.267193][T11630] FAT-fs (loop4): Directory bread(block 73) failed [ 246.515807][T11643] loop1: detected capacity change from 0 to 2048 [ 246.643076][T11655] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 247.064492][T11614] loop6: detected capacity change from 0 to 32768 [ 247.229372][T11614] ocfs2: Slot 0 on device (7,6) was already allocated to this node! [ 247.350959][T11614] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 247.498496][T11690] bond1: entered promiscuous mode [ 247.523628][T11690] bond1: entered allmulticast mode [ 247.552353][T11690] 8021q: adding VLAN 0 to HW filter on device bond1 [ 247.603755][ T6849] ocfs2: Unmounting device (7,6) on (node local) [ 247.622289][T11737] netlink: 'syz.3.1944': attribute type 6 has an invalid length. [ 247.654654][T11738] nvme_fabrics: unknown parameter or missing value 'ó' in ctrl creation request [ 247.939810][T11750] netlink: 'syz.1.1948': attribute type 2 has an invalid length. [ 247.982568][T11743] loop2: detected capacity change from 0 to 4096 [ 248.161701][T11764] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 248.183418][T11743] syz.2.1947: attempt to access beyond end of device [ 248.183418][T11743] loop2: rw=524288, sector=2097320, nr_sectors = 8 limit=4096 [ 248.276965][T11769] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1954'. [ 248.319566][T11743] syz.2.1947: attempt to access beyond end of device [ 248.319566][T11743] loop2: rw=0, sector=2097320, nr_sectors = 8 limit=4096 [ 248.336854][T11769] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1954'. [ 248.451146][ T30] audit: type=1800 audit(1748217431.998:1241): pid=11743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1947" name="file2" dev="loop2" ino=16 res=0 errno=0 [ 248.541300][T11769] vxcan3: entered promiscuous mode [ 248.546495][T11769] vxcan3: entered allmulticast mode [ 248.891859][ T55] Bluetooth: hci5: unexpected event for opcode 0x0401 [ 249.340323][T11823] loop2: detected capacity change from 0 to 64 [ 249.433722][T11823] syz.2.1959: attempt to access beyond end of device [ 249.433722][T11823] loop2: rw=0, sector=65534, nr_sectors = 2 limit=64 [ 249.491459][T11823] Buffer I/O error on dev loop2, logical block 32767, async page read [ 249.511528][ T24] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 249.546853][T11823] syz.2.1959: attempt to access beyond end of device [ 249.546853][T11823] loop2: rw=0, sector=65534, nr_sectors = 2 limit=64 [ 249.604350][T11823] Buffer I/O error on dev loop2, logical block 32767, async page read [ 249.715495][ T24] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 249.739103][ T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 249.765259][T11841] netlink: set zone limit has 8 unknown bytes [ 249.791363][ T24] usb 6-1: Product: syz [ 249.806120][ T24] usb 6-1: Manufacturer: syz [ 249.810758][ T24] usb 6-1: SerialNumber: syz [ 249.877205][ T24] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 249.924546][ T5927] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 250.450707][ T969] usb 6-1: USB disconnect, device number 6 [ 250.683868][T11893] loop2: detected capacity change from 0 to 1024 [ 250.730199][T11893] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 250.817866][T11893] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 250.867133][T11893] EXT4-fs (loop2): orphan cleanup on readonly fs [ 250.901439][T11893] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 251.033716][T11893] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 251.041438][T11893] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.1989: Freeing blocks not in datazone - block = 0, count = 4096 [ 251.065397][ T5927] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 251.106595][ T5927] ath9k_htc: Failed to initialize the device [ 251.160607][T11893] EXT4-fs (loop2): 1 orphan inode deleted [ 251.191128][ T969] usb 6-1: ath9k_htc: USB layer deinitialized [ 251.202570][T11893] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 251.369965][T11893] EXT4-fs error (device loop2): ext4_search_dir:1476: inode #2: block 16: comm syz.2.1989: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 251.559536][T11936] loop3: detected capacity change from 0 to 4096 [ 251.664910][ T5822] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.712816][T11936] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 251.793487][T11957] program syz.6.2005 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 252.018871][ T5821] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.205356][T11985] ip6gretap1: entered promiscuous mode [ 252.317020][T11991] netlink: 'syz.3.2013': attribute type 1 has an invalid length. [ 252.488552][T12004] lo: entered promiscuous mode [ 252.510211][T12004] lo: entered allmulticast mode [ 252.554088][T12004] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 252.634309][T12011] loop1: detected capacity change from 0 to 1024 [ 252.664502][ T5989] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 252.799732][T12011] hfsplus: inconsistency in B*Tree (128,1,255,1,0) [ 252.859783][T12018] loop2: detected capacity change from 0 to 512 [ 252.873224][ T5989] usb 7-1: Using ep0 maxpacket: 16 [ 252.898110][ T5989] usb 7-1: config 0 has an invalid interface number: 35 but max is 0 [ 252.928629][ T5989] usb 7-1: config 0 has no interface number 0 [ 252.971986][ T5989] usb 7-1: config 0 interface 35 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 7 [ 252.992541][T12018] EXT4-fs (loop2): Test dummy encryption mode enabled [ 253.033166][ T5989] usb 7-1: config 0 interface 35 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 [ 253.063305][T12018] EXT4-fs error (device loop2): __ext4_iget:5025: inode #11: block 1: comm syz.2.2021: invalid block [ 253.063840][ T5989] usb 7-1: New USB device found, idVendor=07d0, idProduct=4101, bcdDevice=ec.5c [ 253.083654][ T5989] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 253.094737][ T5989] usb 7-1: Product: syz [ 253.098954][ T5989] usb 7-1: Manufacturer: syz [ 253.104157][ T5989] usb 7-1: SerialNumber: syz [ 253.110442][T12026] cgroup: No subsys list or none specified [ 253.132149][ T5989] usb 7-1: config 0 descriptor?? [ 253.140114][ T5989] cypress_m8 7-1:0.35: Nokia CA-42 V2 Adapter converter detected [ 253.147100][T12018] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.2021: couldn't read orphan inode 11 (err -117) [ 253.190036][T12028] loop5: detected capacity change from 0 to 512 [ 253.243103][T12018] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 253.278146][T12028] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 253.326597][T12028] EXT4-fs (loop5): orphan cleanup on readonly fs [ 253.373276][T12028] EXT4-fs warning (device loop5): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 253.383095][ T5989] usb 7-1: Nokia CA-42 V2 Adapter converter now attached to ttyUSB0 [ 253.451178][T12028] EXT4-fs (loop5): Cannot turn on quotas: error -22 [ 253.457910][T12028] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.2024: bad orphan inode 768 [ 253.556531][T12028] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 253.580416][ T5989] usb 7-1: USB disconnect, device number 3 [ 253.593644][ T5822] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 253.658246][ T5989] nokiaca42v2 ttyUSB0: Nokia CA-42 V2 Adapter converter now disconnected from ttyUSB0 [ 253.720569][ T5989] cypress_m8 7-1:0.35: device disconnected [ 253.733540][T12028] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended [ 253.801259][T12028] EXT4-fs warning (device loop5): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 253.948331][T12071] openvswitch: netlink: Flow actions attr not present in new flow. [ 253.953000][T12064] loop2: detected capacity change from 0 to 2048 [ 254.020211][T12023] loop4: detected capacity change from 0 to 32768 [ 254.052092][T12073] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 254.072611][ T5823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.112236][T12064] NILFS error (device loop2): nilfs_lookup: deleted inode referenced: 12 [ 254.178249][T12064] Remounting filesystem read-only [ 254.271916][T12086] loop1: detected capacity change from 0 to 2048 [ 254.310028][T12023] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 254.376868][T12023] (syz.4.2022,12023,0):ocfs2_mknod:502 ERROR: status = -2 [ 254.417506][T12023] (syz.4.2022,12023,0):ocfs2_create:675 ERROR: status = -2 [ 254.654685][ T5825] (syz-executor,5825,0):ocfs2_inode_is_valid_to_delete:866 ERROR: Skipping delete of root inode. [ 254.713724][ T5825] ocfs2: Unmounting device (7,4) on (node local) [ 254.995809][T12122] loop2: detected capacity change from 0 to 256 [ 255.113724][T12127] loop1: detected capacity change from 0 to 64 [ 255.136275][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.191477][T12131] binder: 12128:12131 ioctl 40046205 0 returned -22 [ 255.231364][T12122] FAT-fs (loop2): Directory bread(block 64) failed [ 255.271223][T12122] FAT-fs (loop2): Directory bread(block 65) failed [ 255.292651][T12122] FAT-fs (loop2): Directory bread(block 66) failed [ 255.299192][T12122] FAT-fs (loop2): Directory bread(block 67) failed [ 255.341400][T12122] FAT-fs (loop2): Directory bread(block 68) failed [ 255.347959][T12122] FAT-fs (loop2): Directory bread(block 69) failed [ 255.401351][T12122] FAT-fs (loop2): Directory bread(block 70) failed [ 255.407942][T12122] FAT-fs (loop2): Directory bread(block 71) failed [ 255.471314][T12122] FAT-fs (loop2): Directory bread(block 72) failed [ 255.472223][T12139] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2040'. [ 255.477864][T12122] FAT-fs (loop2): Directory bread(block 73) failed [ 255.536187][T12144] netlink: 4328 bytes leftover after parsing attributes in process `syz.6.2050'. [ 255.653066][T12153] Unsupported ieee802154 address type: 0 [ 255.859529][T12163] netlink: 'syz.1.2056': attribute type 10 has an invalid length. [ 255.896542][T12163] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2056'. [ 255.973944][T12163] ipvlan1: entered promiscuous mode [ 256.021218][T12163] ipvlan1: entered allmulticast mode [ 256.069757][T12163] veth0_vlan: entered allmulticast mode [ 256.092790][T12163] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 256.326125][T12186] loop4: detected capacity change from 0 to 64 [ 256.389077][T12186] Trying to free block not in datazone [ 256.389116][T12186] Trying to free block not in datazone [ 256.389127][T12186] Trying to free block not in datazone [ 256.389138][T12186] Trying to free block not in datazone [ 256.389149][T12186] minix_free_block (loop4:6): bit already cleared [ 256.389216][T12186] Trying to free block not in datazone [ 256.389244][T12186] Trying to free block not in datazone [ 257.169292][T12233] loop1: detected capacity change from 0 to 2048 [ 257.201122][ T5895] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 257.212375][ T5841] Bluetooth: hci6: command 0x0406 tx timeout [ 257.248175][T12241] loop3: detected capacity change from 0 to 256 [ 257.317584][T12233] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 257.421176][ T5895] usb 5-1: Using ep0 maxpacket: 16 [ 257.438100][T12233] EXT4-fs (loop1): Online resizing not supported with bigalloc [ 257.451480][ T5895] usb 5-1: config 0 has an invalid interface number: 251 but max is 0 [ 257.491167][ T5895] usb 5-1: config 0 has no interface number 0 [ 257.522851][ T5895] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 257.565728][ T5895] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 257.604577][ T5895] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 257.641417][ T5895] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 257.663972][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.673640][ T5895] usb 5-1: Product: syz [ 257.677844][ T5895] usb 5-1: Manufacturer: syz [ 257.709058][ T5895] usb 5-1: SerialNumber: syz [ 257.753772][ T5895] usb 5-1: config 0 descriptor?? [ 257.760799][T12220] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 257.792921][T12220] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 257.970672][T12275] loop2: detected capacity change from 0 to 1024 [ 258.082178][T12220] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 258.105835][T12275] fuse: Bad value for 'fd' [ 258.141336][T12220] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 258.403384][ T5895] asix 5-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 258.441413][ T5895] asix 5-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -71 [ 258.491468][ T5895] asix 5-1:0.251: probe with driver asix failed with error -5 [ 258.547851][ T5895] usb 5-1: USB disconnect, device number 7 [ 258.685365][T12322] loop1: detected capacity change from 0 to 64 [ 259.023098][T12340] Cannot find del_set index 4 as target [ 259.270635][T12348] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2104'. [ 259.565020][T12362] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2109'. [ 259.852879][T12374] loop4: detected capacity change from 0 to 16 [ 259.860275][T12374] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 259.936308][ T5965] udevd[5965]: incorrect cramfs checksum on /dev/loop4 [ 260.049109][T12383] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2115'. [ 260.114114][T12383] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2115'. [ 260.127455][T12330] loop5: detected capacity change from 0 to 32768 [ 260.131879][ T5965] udevd[5965]: incorrect cramfs checksum on /dev/loop4 [ 260.170553][T12330] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2099 (12330) [ 260.259342][T12330] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 260.341264][T12330] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 260.350607][T12330] BTRFS info (device loop5): using free-space-tree [ 260.404989][T12339] loop6: detected capacity change from 0 to 32768 [ 260.424266][T12339] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2102 (12339) [ 260.537945][T12339] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 260.592856][T12339] BTRFS info (device loop6): using crc32c (crc32c-x86_64) checksum algorithm [ 260.663743][T12339] BTRFS info (device loop6): using free-space-tree [ 261.002579][T12455] netlink: 'syz.1.2126': attribute type 10 has an invalid length. [ 261.022079][T12455] veth1_macvtap: left promiscuous mode [ 261.069671][T12455] bridge0: port 3(macsec0) entered blocking state [ 261.111337][T12455] bridge0: port 3(macsec0) entered disabled state [ 261.118028][T12455] macsec0: entered allmulticast mode [ 261.203290][T12455] macsec0: entered promiscuous mode [ 261.271869][T12461] loop3: detected capacity change from 0 to 2048 [ 261.315847][T12461] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=26504, location=26504 [ 261.409758][T12461] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 261.464803][ T5823] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 261.684033][ T6849] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 261.790458][T12470] loop1: detected capacity change from 0 to 2048 [ 262.003339][T12470] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 262.157936][T12470] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 262.217520][T12470] EXT4-fs (loop1): Remounting filesystem read-only [ 262.371101][T12499] Cannot find del_set index 1 as target [ 262.499506][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 263.000310][T12534] loop4: detected capacity change from 0 to 64 [ 263.107032][ T30] audit: type=1800 audit(1748217446.658:1242): pid=12534 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2147" name="file2" dev="loop4" ino=6 res=0 errno=0 [ 263.484324][T12559] No source specified [ 263.506386][T12556] loop3: detected capacity change from 0 to 1024 [ 263.761338][T12570] openvswitch: netlink: Actions may not be safe on all matching packets [ 264.143905][T12589] (unnamed net_device) (uninitialized): option arp_validate: mode dependency failed, not supported in mode balance-alb(6) [ 264.589336][T12608] loop4: detected capacity change from 0 to 1024 [ 264.626235][T12608] EXT4-fs: Ignoring removed nomblk_io_submit option [ 264.651098][ T30] audit: type=1326 audit(1748217448.198:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12615 comm="syz.2.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2688f8e969 code=0x7ffc0000 [ 264.672101][T12608] EXT4-fs (loop4): stripe (4) is not aligned with cluster size (16), stripe is disabled [ 264.778614][T12608] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 264.812326][ T30] audit: type=1326 audit(1748217448.198:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12615 comm="syz.2.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2688f8e969 code=0x7ffc0000 [ 264.835680][ T30] audit: type=1326 audit(1748217448.238:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12615 comm="syz.2.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7f2688f8e969 code=0x7ffc0000 [ 264.862060][ T30] audit: type=1326 audit(1748217448.238:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12615 comm="syz.2.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2688f8e969 code=0x7ffc0000 [ 264.886786][ T30] audit: type=1326 audit(1748217448.238:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12615 comm="syz.2.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2688f8e969 code=0x7ffc0000 [ 264.949476][T12633] QAT: failed to copy from user. [ 265.083233][T12637] loop2: detected capacity change from 0 to 512 [ 265.122135][T12637] EXT4-fs: Ignoring removed bh option [ 265.144778][T12637] EXT4-fs: Ignoring removed mblk_io_submit option [ 265.179456][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.252563][T12637] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 265.351367][T12637] ext4 filesystem being mounted at /394/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 265.568215][T12661] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2186'. [ 265.649951][ T5822] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.898150][T12685] dlm: Unknown command passed to DLM device : 11 [ 265.898150][T12685] [ 266.343759][T12698] bond2: entered allmulticast mode [ 266.517885][T12752] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2204'. [ 266.579604][ T5989] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 266.591465][T12752] netlink: 43 bytes leftover after parsing attributes in process `syz.4.2204'. [ 266.627585][T12752] netlink: 'syz.4.2204': attribute type 5 has an invalid length. [ 266.678996][T12752] netlink: 43 bytes leftover after parsing attributes in process `syz.4.2204'. [ 266.719125][T12763] netlink: 'syz.6.2208': attribute type 3 has an invalid length. [ 266.750997][T12763] netlink: 'syz.6.2208': attribute type 1 has an invalid length. [ 266.787586][ T5989] usb 2-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30 [ 266.851205][ T5989] usb 2-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xE1, changing to 0x81 [ 266.901090][ T5989] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64 [ 266.961261][ T5989] usb 2-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101 [ 267.021155][ T5989] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 267.085160][ T5989] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 267.410113][ T5989] ath6kl: Failed to submit usb control message: -71 [ 267.446210][ T5989] ath6kl: unable to send the bmi data to the device: -71 [ 267.475062][ T5989] ath6kl: Unable to send get target info: -71 [ 267.541298][ T5989] ath6kl: Failed to init ath6kl core: -71 [ 267.562060][ T5989] ath6kl_usb 2-1:4.0: probe with driver ath6kl_usb failed with error -71 [ 267.613712][ T5989] usb 2-1: USB disconnect, device number 9 [ 267.640327][T12815] netlink: 'syz.4.2223': attribute type 21 has an invalid length. [ 267.668895][T12818] loop6: detected capacity change from 0 to 256 [ 267.683792][T12815] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2223'. [ 267.727763][T12815] netlink: 'syz.4.2223': attribute type 4 has an invalid length. [ 267.754675][T12815] netlink: 3 bytes leftover after parsing attributes in process `syz.4.2223'. [ 267.831753][ T30] audit: type=1800 audit(1748217451.358:1248): pid=12818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2225" name="file1" dev="loop6" ino=1048627 res=0 errno=0 [ 268.579524][ T31] INFO: task syz-executor:5824 blocked for more than 143 seconds. [ 268.587939][ T31] Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 [ 268.596010][T12875] netlink: 'syz.1.2239': attribute type 303 has an invalid length. [ 268.616852][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 268.644560][ T31] task:syz-executor state:D stack:22232 pid:5824 tgid:5824 ppid:1 task_flags:0x400140 flags:0x00004006 [ 268.681154][ T5895] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 268.683704][ T31] Call Trace: [ 268.725214][ T31] [ 268.736834][ T31] __schedule+0x16e2/0x4cd0 [ 268.768639][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.792706][ T31] ? schedule+0x165/0x360 [ 268.807250][ T31] ? __lock_acquire+0xaac/0xd20 [ 268.824007][ T31] ? __pfx___schedule+0x10/0x10 [ 268.837203][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.845542][ T5895] usb 5-1: Using ep0 maxpacket: 32 [ 268.850755][ T31] ? schedule+0x91/0x360 [ 268.855470][ T31] schedule+0x165/0x360 [ 268.859759][ T31] io_schedule+0x81/0xe0 [ 268.864652][ T31] folio_wait_bit_common+0x6b0/0xb90 [ 268.870072][ T31] ? __pfx_folio_wait_bit_common+0x10/0x10 [ 268.870461][ T5895] usb 5-1: config 4 has an invalid interface number: 128 but max is 0 [ 268.888145][ T31] ? __pfx_wake_page_function+0x10/0x10 [ 268.898771][ T31] ? folios_put_refs+0x559/0x640 [ 268.904222][ T31] ? __pfx_find_lock_entries+0x10/0x10 [ 268.917862][ T5895] usb 5-1: config 4 has no interface number 0 [ 268.923391][ T31] __filemap_get_folio+0x139/0xaf0 [ 268.928639][ T5895] usb 5-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 268.940307][ T5895] usb 5-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 268.950654][ T5895] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 268.952434][ T31] truncate_inode_pages_range+0x3ed/0xda0 [ 268.968096][ T5895] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.976567][ T31] ? evict+0x847/0x9c0 [ 268.976678][ T31] ? evict_inodes+0x636/0x6c0 [ 268.976713][ T31] ? generic_shutdown_super+0x9a/0x2c0 [ 268.976739][ T31] ? kill_block_super+0x44/0x90 [ 268.976768][ T31] ? deactivate_locked_super+0xbc/0x130 [ 268.976796][ T31] ? __pfx_truncate_inode_pages_range+0x10/0x10 [ 269.005210][ T5895] hub 5-1:4.128: USB hub found [ 269.028697][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.034993][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.040656][ T31] ? __lock_acquire+0xaac/0xd20 [ 269.050676][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 269.058492][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 269.068759][ T31] evict+0x517/0x9c0 [ 269.072796][ T31] ? __pfx_evict+0x10/0x10 [ 269.077250][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.086867][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.092604][ T31] ? do_raw_spin_unlock+0x122/0x240 [ 269.097850][ T31] evict_inodes+0x636/0x6c0 [ 269.102572][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.108249][ T31] ? __pfx_evict_inodes+0x10/0x10 [ 269.113488][ T31] generic_shutdown_super+0x9a/0x2c0 [ 269.118812][ T31] kill_block_super+0x44/0x90 [ 269.127514][ T31] deactivate_locked_super+0xbc/0x130 [ 269.134621][ T31] cleanup_mnt+0x425/0x4c0 [ 269.139072][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.147718][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 269.153037][ T31] task_work_run+0x1d4/0x260 [ 269.157668][ T31] ? __pfx_task_work_run+0x10/0x10 [ 269.162952][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.168630][ T31] resume_user_mode_work+0x5e/0x80 [ 269.173874][ T31] syscall_exit_to_user_mode+0x9a/0x120 [ 269.179458][ T31] do_syscall_64+0x103/0x210 [ 269.186047][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.192852][ T31] ? exc_page_fault+0x91/0x110 [ 269.197640][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.203694][ T31] RIP: 0033:0x7fc1c438fc97 [ 269.208128][ T31] RSP: 002b:00007ffd1f564948 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 269.217450][ T31] RAX: 0000000000000000 RBX: 00007fc1c441089d RCX: 00007fc1c438fc97 [ 269.223094][ T5895] hub 5-1:4.128: 2 ports detected [ 269.225522][ T31] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd1f564a00 [ 269.238742][ T5895] hub 5-1:4.128: Using single TT (err -22) [ 269.246364][ T31] RBP: 00007ffd1f564a00 R08: 0000000000000000 R09: 0000000000000000 [ 269.259563][ T31] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd1f565a90 [ 269.269168][ T31] R13: 00007fc1c441089d R14: 000000000001c0dd R15: 00007ffd1f565ad0 [ 269.280937][ T31] [ 269.285639][ T31] [ 269.285639][ T31] Showing all locks held in the system: [ 269.307581][ T31] 1 lock held by khungtaskd/31: [ 269.331085][ T31] #0: ffffffff8df3dee0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 269.347461][ T31] 2 locks held by getty/5580: [ 269.353388][ T31] #0: ffff88803057e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 269.368630][ T31] #1: ffffc900030062f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 269.378889][ T31] 1 lock held by syz-executor/5824: [ 269.384426][ T31] #0: ffff8880539720e0 (&type->s_umount_key#62){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0 [ 269.396575][ T31] 6 locks held by kworker/1:4/5895: [ 269.401868][ T31] #0: ffff8881446c4948 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b1/0x17a0 [ 269.413407][ T31] #1: ffffc90004377c60 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ec/0x17a0 [ 269.425406][ T31] #2: ffff888144b8c198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a00 [ 269.434511][ T31] #3: ffff888027e26198 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x400 [ 269.443915][ T31] #4: ffff888055094160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x400 [ 269.444301][ T5895] hub 5-1:4.128: hub_hub_status failed (err = -71) [ 269.453286][ T31] #5: ffff888055092098 (&hub->status_mutex){+.+.}-{4:4}, at: hub_hub_status+0x38/0x570 [ 269.453393][ T31] 1 lock held by udevd/5965: [ 269.453416][ T31] 2 locks held by syz.4.2235/12857: [ 269.453438][ T31] [ 269.453447][ T31] ============================================= [ 269.453447][ T31] [ 269.453463][ T31] NMI backtrace for cpu 0 [ 269.453479][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 269.453511][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 269.453524][ T31] Call Trace: [ 269.453533][ T31] [ 269.453543][ T31] dump_stack_lvl+0x189/0x250 [ 269.453583][ T31] ? __wake_up_klogd+0xd9/0x110 [ 269.453614][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.453645][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 269.453683][ T31] ? __pfx__printk+0x10/0x10 [ 269.453727][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 269.453766][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 269.453790][ T31] ? _printk+0xcf/0x120 [ 269.453822][ T31] ? __pfx__printk+0x10/0x10 [ 269.453851][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 269.453882][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 269.453914][ T31] watchdog+0xfee/0x1030 [ 269.453952][ T31] ? watchdog+0x1de/0x1030 [ 269.453996][ T31] kthread+0x711/0x8a0 [ 269.454033][ T31] ? __pfx_watchdog+0x10/0x10 [ 269.454066][ T31] ? __pfx_kthread+0x10/0x10 [ 269.454097][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.454129][ T31] ? __pfx_kthread+0x10/0x10 [ 269.454159][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 269.454188][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.454217][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 269.454251][ T31] ? __pfx_kthread+0x10/0x10 [ 269.454283][ T31] ret_from_fork+0x4e/0x80 [ 269.454309][ T31] ? __pfx_kthread+0x10/0x10 [ 269.454342][ T31] ret_from_fork_asm+0x1a/0x30 [ 269.454383][ T31] [ 269.454416][ T31] Sending NMI from CPU 0 to CPUs 1: [ 269.479931][ T5895] hub 5-1:4.128: config failed, can't get hub status (err -71) [ 269.479996][ C1] NMI backtrace for cpu 1 [ 269.480012][ C1] CPU: 1 UID: 0 PID: 5895 Comm: kworker/1:4 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 269.480038][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 269.480053][ C1] Workqueue: usb_hub_wq hub_event [ 269.480090][ C1] RIP: 0010:kasan_check_range+0x14/0x2b0 [ 269.480123][ C1] Code: cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 b0 01 48 85 f6 0f 84 b8 01 00 00 55 41 57 41 56 <41> 55 41 54 53 4c 8d 04 37 49 39 f8 0f 82 6c 02 00 00 49 89 f9 49 [ 269.480142][ C1] RSP: 0018:ffffc90004376258 EFLAGS: 00000202 [ 269.480159][ C1] RAX: 0000000000003501 RBX: 1ffffffff1bcabd0 RCX: ffffffff81a243f0 [ 269.480175][ C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8de34bb0 [ 269.480189][ C1] RBP: ffffffff8de34bb0 R08: 0000000000000000 R09: 1ffff9200086ecb6 [ 269.480204][ C1] R10: dffffc0000000000 R11: fffff5200086ecb7 R12: ffffffff8de19e80 [ 269.480221][ C1] R13: 00000000ffffffff R14: 00000000ffffe000 R15: 000000000000000d [ 269.480238][ C1] FS: 0000000000000000(0000) GS:ffff8881261c2000(0000) knlGS:0000000000000000 [ 269.480256][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 269.480271][ C1] CR2: 0000001b2fd1bff8 CR3: 000000005b5b9000 CR4: 0000000000350ef0 [ 269.480288][ C1] Call Trace: [ 269.480296][ C1] [ 269.480308][ C1] desc_read+0x110/0x3f0 [ 269.480334][ C1] _prb_read_valid+0x608/0xa90 [ 269.480353][ C1] ? desc_read+0x1b8/0x3f0 [ 269.480383][ C1] ? __pfx__prb_read_valid+0x10/0x10 [ 269.480408][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.480434][ C1] ? this_cpu_in_panic+0x4f/0x80 [ 269.480465][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.480493][ C1] prb_read_valid+0x3c/0x60 [ 269.480514][ C1] printk_get_next_message+0x15c/0x7b0 [ 269.480546][ C1] ? __pfx_printk_get_next_message+0x10/0x10 [ 269.480569][ C1] ? format_decode+0x5ee/0xe30 [ 269.480593][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.480617][ C1] ? __lock_acquire+0xaac/0xd20 [ 269.480654][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.480683][ C1] ? console_flush_all+0x476/0xc40 [ 269.480711][ C1] console_flush_all+0x4ca/0xc40 [ 269.480737][ C1] ? console_flush_all+0x13a/0xc40 [ 269.480762][ C1] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 269.480791][ C1] ? __pfx_console_flush_all+0x10/0x10 [ 269.480822][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.480846][ C1] ? is_printk_cpu_sync_owner+0x32/0x40 [ 269.480877][ C1] console_unlock+0xc4/0x270 [ 269.480900][ C1] ? __pfx_console_unlock+0x10/0x10 [ 269.480925][ C1] ? vprintk_emit+0x444/0x7a0 [ 269.480944][ C1] ? vprintk_emit+0x444/0x7a0 [ 269.480966][ C1] vprintk_emit+0x5b7/0x7a0 [ 269.480990][ C1] ? vprintk_emit+0x444/0x7a0 [ 269.481012][ C1] ? __pfx_vprintk_emit+0x10/0x10 [ 269.481036][ C1] ? stack_trace_save+0x9c/0xe0 [ 269.481063][ C1] ? __pfx_snprintf+0x10/0x10 [ 269.481087][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.481111][ C1] ? dev_vprintk_emit+0x337/0x3f0 [ 269.481149][ C1] dev_vprintk_emit+0x337/0x3f0 [ 269.481183][ C1] ? __pfx_dev_vprintk_emit+0x10/0x10 [ 269.481214][ C1] ? device_add+0x7b6/0xb50 [ 269.481244][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.481268][ C1] ? dev_printk_emit+0xe0/0x130 [ 269.481305][ C1] dev_printk_emit+0xe0/0x130 [ 269.481344][ C1] ? __pfx_dev_printk_emit+0x10/0x10 [ 269.481379][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.481403][ C1] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 269.481433][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.481457][ C1] ? __dev_printk+0x131/0x190 [ 269.481487][ C1] _dev_err+0x10a/0x160 [ 269.481524][ C1] ? __pfx__dev_err+0x10/0x10 [ 269.481561][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.481591][ C1] hub_probe+0x1325/0x36e0 [ 269.481636][ C1] ? __pfx_hub_probe+0x10/0x10 [ 269.481669][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 269.481692][ C1] ? ktime_get_mono_fast_ns+0x2af/0x2d0 [ 269.481718][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.481743][ C1] ? pm_runtime_enable+0x1f3/0x340 [ 269.481773][ C1] usb_probe_interface+0x644/0xbc0 [ 269.481803][ C1] ? __pfx_usb_probe_interface+0x10/0x10 [ 269.481823][ C1] really_probe+0x26d/0x9a0 [ 269.481858][ C1] __driver_probe_device+0x18c/0x2f0 [ 269.481889][ C1] driver_probe_device+0x4f/0x430 [ 269.481922][ C1] __device_attach_driver+0x2ce/0x530 [ 269.481955][ C1] bus_for_each_drv+0x251/0x2e0 [ 269.481978][ C1] ? __pfx___device_attach_driver+0x10/0x10 [ 269.482048][ C1] ? __pfx_bus_for_each_drv+0x10/0x10 [ 269.482068][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.482097][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.482125][ C1] __device_attach+0x2b8/0x400 [ 269.482155][ C1] ? __pfx___device_attach+0x10/0x10 [ 269.482185][ C1] ? do_raw_spin_unlock+0x122/0x240 [ 269.482215][ C1] bus_probe_device+0x185/0x260 [ 269.482239][ C1] device_add+0x7b6/0xb50 [ 269.482268][ C1] usb_set_configuration+0x1a87/0x20e0 [ 269.482321][ C1] usb_generic_driver_probe+0x8d/0x150 [ 269.482356][ C1] usb_probe_device+0x1c4/0x390 [ 269.482379][ C1] ? __pfx_usb_probe_device+0x10/0x10 [ 269.482398][ C1] really_probe+0x26d/0x9a0 [ 269.482437][ C1] __driver_probe_device+0x18c/0x2f0 [ 269.482470][ C1] driver_probe_device+0x4f/0x430 [ 269.482503][ C1] __device_attach_driver+0x2ce/0x530 [ 269.482536][ C1] bus_for_each_drv+0x251/0x2e0 [ 269.482557][ C1] ? __pfx___device_attach_driver+0x10/0x10 [ 269.482588][ C1] ? __pfx_bus_for_each_drv+0x10/0x10 [ 269.482610][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.482638][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.482665][ C1] __device_attach+0x2b8/0x400 [ 269.482695][ C1] ? __pfx___device_attach+0x10/0x10 [ 269.482726][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.482750][ C1] ? do_raw_spin_unlock+0x122/0x240 [ 269.482778][ C1] bus_probe_device+0x185/0x260 [ 269.482802][ C1] device_add+0x7b6/0xb50 [ 269.482831][ C1] usb_new_device+0xa39/0x16c0 [ 269.482868][ C1] ? __pfx_usb_new_device+0x10/0x10 [ 269.482897][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 269.482921][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.482945][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 269.482973][ C1] hub_event+0x2941/0x4a00 [ 269.483008][ C1] ? do_raw_spin_unlock+0x122/0x240 [ 269.483069][ C1] ? __pfx_hub_event+0x10/0x10 [ 269.483101][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.483127][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.483155][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 269.483177][ C1] ? process_scheduled_works+0x9ec/0x17a0 [ 269.483198][ C1] ? process_scheduled_works+0x9ec/0x17a0 [ 269.483219][ C1] process_scheduled_works+0xade/0x17a0 [ 269.483260][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 269.483300][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.483330][ C1] worker_thread+0x8a0/0xda0 [ 269.483361][ C1] ? __kthread_parkme+0x7b/0x200 [ 269.483390][ C1] kthread+0x711/0x8a0 [ 269.483422][ C1] ? __pfx_worker_thread+0x10/0x10 [ 269.483443][ C1] ? __pfx_kthread+0x10/0x10 [ 269.483468][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.483494][ C1] ? __pfx_kthread+0x10/0x10 [ 269.483519][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 269.483542][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.483566][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 269.483592][ C1] ? __pfx_kthread+0x10/0x10 [ 269.483620][ C1] ret_from_fork+0x4e/0x80 [ 269.483643][ C1] ? __pfx_kthread+0x10/0x10 [ 269.483668][ C1] ret_from_fork_asm+0x1a/0x30 [ 269.483700][ C1] [ 269.495258][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 269.495279][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 269.495310][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 269.495325][ T31] Call Trace: [ 269.495335][ T31] [ 269.495346][ T31] dump_stack_lvl+0x99/0x250 [ 269.495390][ T31] ? __asan_memcpy+0x40/0x70 [ 269.495417][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 269.495453][ T31] ? __pfx__printk+0x10/0x10 [ 269.495487][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.495521][ T31] panic+0x2db/0x790 [ 269.495555][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.495590][ T31] ? __pfx_panic+0x10/0x10 [ 269.495621][ T31] ? tick_nohz_tick_stopped+0x86/0xb0 [ 269.495653][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.495681][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 269.495710][ T31] ? nmi_trigger_cpumask_backtrace+0x2b6/0x300 [ 269.495747][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.495780][ T31] watchdog+0x102d/0x1030 [ 269.495815][ T31] ? watchdog+0x1de/0x1030 [ 269.495857][ T31] kthread+0x711/0x8a0 [ 269.495892][ T31] ? __pfx_watchdog+0x10/0x10 [ 269.495927][ T31] ? __pfx_kthread+0x10/0x10 [ 269.495956][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.495986][ T31] ? __pfx_kthread+0x10/0x10 [ 269.496015][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 269.496042][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 269.496069][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 269.496101][ T31] ? __pfx_kthread+0x10/0x10 [ 269.496131][ T31] ret_from_fork+0x4e/0x80 [ 269.496156][ T31] ? __pfx_kthread+0x10/0x10 [ 269.496186][ T31] ret_from_fork_asm+0x1a/0x30 [ 269.496229][ T31] [ 269.496473][ T31] Kernel Offset: disabled