last executing test programs: 14m40.063774961s ago: executing program 3 (id=8643): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x48, &(0x7f0000000540)=ANY=[@ANYBLOB="4d48d997"], 0x8) 14m39.799416207s ago: executing program 3 (id=8646): r0 = syz_open_dev$sndpcmp(&(0x7f0000001500), 0x0, 0x101000) ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(r0, 0x40184152, 0x0) 14m39.605338588s ago: executing program 3 (id=8649): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0xa0602, 0x0) ioctl$sock_TIOCINQ(r0, 0x541b, 0x0) 14m39.380643111s ago: executing program 3 (id=8652): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x2000004, &(0x7f0000000500)=ANY=[@ANYBLOB="00e3078fbb81fca067351e718b1742354077ee6bdefb8addaf7c0c235850b66dac0ba564a370a77264f1a57d44c84efc49fa6c64b9351ea8fd59a458a7791fedcc466b0eab6ca6dd32fcc642517fa3219450b91e3118bf2b9d3cfa562ea44c058252d29181c81c637c6ba7d179122eee61e5c9f68165b6abd469da8d90c0632f7265bb040411d5748c475bb33a7ce77afb2ea533f1653d8cb67dad989bb0a1c16881f0d91d6cbd3751c289aecf4a00"/185, @ANYBLOB="b12398658f5ec6488081d04c33b5a507b1cac8c4376c1895046a1e6e068e53d002eb4279796b4c014f4febee026f87bd0eea7d27598f7ff2687552fdd651", @ANYRESOCT=0x0, @ANYRES64], 0x1, 0x497, &(0x7f0000002480)="$eJzs281vG8Ufx/HPbGJnk/b3w31yC6qEJSSKiiix05I+gRRa0iL1gbYJAqEWhcYJVhMnitOqraCtxKFHoEggJA7l0AtCVZHgAgcOcOM/4MKtBy6YEycQms2sd+26JK0fEjfvl5R4vPv17uzM7OysdywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC9/MpQf9Ysdy4AAEA7HTt1sj/H9R8AgFVlhPt/AACA1cTI0ycy+uHTsjkavF/gHykUz18cPThc/2O9JvhkVxBv//xsbmDnrhcGd4ev//35Zntcx0+NDGUOzEzPzuVLpfx4ZrRYODsznl/yFhr9fK3tQQFkps+dH5+YKGVyOwaqVl9M3e1Zk07tG0zvfzqMHT04PHwqFtOdeOi93+N+I/ykPF2XUfnj2+aYJE+Nl8UibafVeoOD2B4cxOjB4eBApgpjxXm70oQF4VWXSTIsozbURUM2SjZfJtmce7aEPJVktCldNscldYXl8GzwxfDiG/Cako0HZvN5WlJGHVBnK1iPPO2S0Y09Kb1myyys/27p/eXOHFquW55uy2jbS2VzIugP7Plku80jr2deLU7MxGKNcWdUp18f2mmF902+PB0LzviyObncmUHb2cHSaRntHLkQjCsUjEsf2zd46PBIfISxeZHt2NgdLr2Ua3IiNnQwyzSGAAAAAAAAAB51vvGC7+I+/8YP3mfcMyCsEsbT8zL683A5eDQen5fQFZvfUdHpz35am/9e/8DM7KW5wuS783XX9/lD75Tm58bO1l+tXnvyVX0dvtg8hgYljKfdMrr6z51ovylj064biHZ0a3+UN9/UrA3azf8X5rOEzxD2Dm+Op+tm+QGej6XcfumfgOYwxtOQjCa+3+LmfvTpnj7IxX0roz9ubnVxXtIGhadpKvjvTxSm8v029icZffl3GBtMM9MaF7shis3aWE9GHx2tjl3rYjdGsTkbe0hGP5+pH7spih2wsR/IaPb3TBjbZ2OfdLHpKHbH2Zmp8ZYV8Apn+/8rMlr/YsaEdenKy3WzXZXYW+9F/f212g3dp89vtP9PxZZdc+3wrm2vZ7YEbS9or1799npdRl9/t9XFLbSVpFu/Lvgftdc3ZDT5S3Vsn4tdH8Vml1ywHcLW/9syyhXvVMrG1b+rgdj1P1b/T9S2jhbV/7rYspTbb09zDh2SSpcunxubmsrPkSBBYgmJHq2IbCySCPvlh9/OMndMaAt7/f9MRm+e+LUy3nHXfzesjsZ/f12Jrv97azfUouv/+tiyvW40kuiW/Pnp2URa8kuXLj9XmB6bzE/miwO57J7+PTsHs4lkOLaLUg0X1SMp4e7VLnz4VeX+rHr8V3/831e7oRbV/waXzXCfUSfVlMNf9Wz9/yajt368U7mPtvV/sxJRPf4P77OeeWrhtXJ+tqj+N8aWpdx+/9eE4wYAAAAAAAAAAAAAAACATpcwnm7IyD/dbcLfRi1l/t89P5hq0fyvdGzZeJt+r9BwoQJAB/Dk6QsZbVPZXLUL1kpH4694pP0bAAD//3VdHM0=") mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x80, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 14m38.932467717s ago: executing program 3 (id=8659): r0 = socket$kcm(0x2, 0x1, 0x84) setsockopt$sock_attach_bpf(r0, 0x84, 0x25, &(0x7f0000000080), 0x928c8b02834ac9f) 14m37.905939728s ago: executing program 3 (id=8671): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000180)) 14m37.280954934s ago: executing program 32 (id=8671): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000180)) 6m7.316267378s ago: executing program 2 (id=15346): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000680)=ANY=[@ANYBLOB="14000000690001"], 0x14}], 0x1}, 0x0) 6m7.183741376s ago: executing program 2 (id=15347): r0 = socket(0x8000000010, 0x2, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x28}, 0x1, 0x0, 0x0, 0x890}, 0x8014) 6m7.072055073s ago: executing program 2 (id=15348): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x15, 0x0, 0x0) 6m6.923117851s ago: executing program 2 (id=15349): syz_mount_image$exfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002a00)={[{@dmask={'dmask', 0x3d, 0x8}}, {@namecase}, {@dmask={'dmask', 0x3d, 0x6}}, {@utf8}, {@dmask={'dmask', 0x3d, 0x80}}, {@keep_last_dots}, {@keep_last_dots}, {@sys_tz}, {@namecase}, {@keep_last_dots}]}, 0x1, 0x153b, &(0x7f0000000340)="$eJzs3AucTlXXAPC19t5nDImnSS7D3nsdnuSyTZLkkiSXJEmSJLeEpEleSUgMIUlDEpLLkMQQksvEpHG/3y8JSdIkSUhuyf5+E37qrb73/b73/fL+vln/3+/87DXnrH3WedZznuecg/m269BaTWpXb0RE8C/BC38kAUAsAAwEgLwAEABA+bjycYAB5JSY9K/thP17PZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/x1z/+Bn///x+Hv//9HMsuM/XJNmeu6AcT8sync/+yN+///VvDPbMT9z964/9lV7JUugP0H4PM/O8jxp2u4/9kb95+x7OxKP3++0gtE/sNegyM5LzTmrzp+xhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsL3DaX6YA4NL4StfFGGOMMcYYY4yxfx+f40pXwBhjjDHGGGOMsf97CAIkKAggBnJALOSEXCAA4GrIA3khAtdAHFwL+eA6yA8FoCAUgngoDEVAgwELBCEUhWIQheuhONwAJaAklILS4KAMJMCNUBZugnJwM5SHW6AC3AoVoRJUhipwG1SF26Ea3AHV4U6oATWhFtSGu6AO3A114R6oB/dCfbgPGsD90BAegEbwIDSGh6AJPAxN4RFoBs2hBbSEVv+r/OehJ7wAvaA3JEEf6AsvQj/oDwPgJRgIL8MgeAUGw6uQDENgKLwGw+B1GA5vwAgYCaPgTRgNb8EYGAvjYDykwASYCG/DJHgHJsO7MAWmQipMg+nwHsyAmTAL3ofZ8AHMgbkwD+ZDGnwIC2AhpMNHsAg+hgxYDEtgKSyD5bACVsIqWA1rYC2sg/WwATbCJtgMW2ArbIPtsAM+gZ3wKeyC3bAHPoO98Pmv8gGSfunnf5d/6u/yuyEgoECBChXGYAzGYizmwlyYG3NjHsyDEYxgHMZhPsyH+TE/FsSCGI/xWASLoEGDhIRFsShGMYrFsTiWwBJYCkuhQ4cJmIBl8SYsh+WwPJbHClgBK2IlrIRVsApWxapYDathdayONbAG1sJaeBfehX2wLtbFelgP62P9S4+nsBE2wsbYGJtgE2yKTbEZNsMW2AJbYStsja2xDbbBdtgO22N77IAdMBETsSN2xE7YCTtjZ+yCXbArdsVu2B27Zz6fA/AFfAF7Yw3RB/tiX+yHyTkG4Ev4Er6Mg/AVfAVfxWQcgkPxNXwNX8fheBJH4EgchaOwqngLx+BYJDEeUzAFJ+JEnISTMKvQd3EqpuI0nI7TcQbOxJn4Ps7GD/ADnItzcT6mYRouwIWYjum4CE9hBi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+gAsBPcTfuxmTci3txH+7D/bgfD+ABzMRMPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hs/NeNPym5OhlEFiWUiBExIlbEilwil8gtcos8Io+IiIiIE3Ein8gn8ov8oqAoKOJFvCgiiggjjCARxgCAiIqoKC6KixKihCglSgknnEgQCaKsKCvKiXKivLhFVBC3ioqikmjrqogqoqpo56qJO0R1UV3UEDVFLVFb1BZ1RB1RV9QV9UQ9UV/UFw3E/aKh6IMD8EGR1ZkmYgg2FUOxmWgu5MVPsNZiOLYRbUU78bgYiSOwg2jtEsVToqMYg53E38RYfEZ0EeOxq3hOdBPdRQ/xvOgp2rheoreYjH1EXzEV+4n+YoB4SczAmuJ9nJ2zlnhVJIshYqh4TczH18Vw8YYYIUaKUeJNMVq8JcaIsWKcGC9SxAQxUbwtJol3xGTxrpgipopUMU1MF++JGWKmmCXeF7PFB2KOmCvmifkiTXwoFoiFIl18JBaJj0WGWCyWiKVimVguVoiVYpVYLdaItWKdWC82iI1ik9gstoitYpvYLnaIT8RO8anYJXaLPeIzsVd8LvaJL8R+8aU4IL4SmeJrcVB8Iw6Jb8Vh8Z04Ir4XR8UxcVz8IE6IH8VJcUqcFmfEWfGTOCd+FueFFyBRCimlkoGMkTlkrMwpc8mrZG4ZXHx1r5Fx8lqZT14n88sCsqAsJONlYVlEammklSRDWVQWk1F5vSwub5AlZElZSpaWTpaRCfJGWVbeJMvJm2V5eYusIG+VFWUlWVlWkbfJqvJ2CZEL+6gha8pasra8SybB3bKuvEfWk/fK+vI+2UDeLxvKB2Qj+aBsLB+STeTDsql8RDaTzWUL2VK2ko/K1vIx2Ua2le3k47K9fEJ2kE/KRPmU7Cj9xbfIM7KLfFZ2lc/JbrK77CF/luell71kbwl9QPaVL8p+sr8cEAsA8mU5SL4iB8tXZbIcIofK1+Qw+bocLt+QI+RIOUq+KUfLt+QYOVaOk+NlipwgJ8q35ST5jpws35VT5FSZKqfJAXLgLzPNkvIf5r/9B/mDf9n7RrlJbpZb5Fa5TW6XO+QncqfcKXfJXXKP3CP3yr1yn9wn98v98oA8IDNlpjwoD8pD8pA8LA/LI/KIPCqPyTPyB3lC/ihPylPylDwjz8qz8tzF1wAUKqGkUipQMSqHilU5VS51lcqtrlZ5VF4VUdeoOHWtyqeuU/lVAVVQFVLxqrAqorQyyipSoSqqiqmouh4vvmFUKVVaOVVGJagb/yf5qri6QZVQJX+Tf6m+pD+pr5VqpVqr1qqNaqPaqXaqvWqvOqgOKlElqo6qo+qkOqnOqrPqorqorqqr6qa6qR6qh+qpeqpeqpdKUkmqr3pR9VP91QD1khqoXlaD1CA1WA1WySpZDVVD1TA1TA1Xw9UINUKNUqPUaDVajVFj1Dg1TqWoFDVRTVST1CQ1WU1WU9QUlapS1XQ1Xc1QM9QsNUvNVrPVHDVHzVPzVJpKUwvUApWu0tUitUhlqMVqsVqqlqrlarlaqVaq1Wq1WqvWqvVqvcpQm9QmtUVtUdvUNrVD7VA71U61S+1Se9QetVftVfvUPrVf7VcH1AGVqTLVQXVQHVKH1GF1WB1RR9RRdVQdV8fVCXVCnVQn1Wl1Wp1VZ9U5dU6dV+ezLvsCEYhABSqICWKC2CA2yBXkCnIHuYM8QZ4gEkSCuCAuyBdcF+QPCgQFg0JBfFA4KBLowAQ2EBebHg2uD4oHNwQlgpJBqaB04IIyQUJwY1A2uCkoF9wclA9uCSoEtwYVg0pB5aBKcFtQNbg9qBbcEVQP7gxqBDWDWkHt4K6gTnB3UDe4J6gX3BvUD+4LGgT3Bw2DB4JGwYNB4+ChoEnwcNA0eCRoFjQPWgQtg1b/4vxZp/zl+b0/WeAx10v31km6j+6rX9T9dH89QL+kB+qX9SD9ih6sX9XJeogeql/Tw/Trerh+Q4/QI/Uo/aYerd/SY/RYPU6P1yl6gp6o39aT9Dt6sn5XT9FTdaqepqfr9/QMPVPP0u/r2foDPUfP1fP0fJ2mP9QL9EKdrj/Si/THOkMv1kv0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/Qneqf+VO/Su/Ue/Zneqz/X+/QXer/+Uh/QX+lM/bU+qL/Rh/S3+rD+Th/R3+uj+pg+rn/QJ/SP+qQ+pU/rM/qs/kmf0z/r89pnXdxnfb0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSafyWfym/ymoClo4k28KWKKmCxkyBQ1RU3URE1xU9yUMCVMKVPKOONMgkkwZU1ZU86UM+VNeVPBVDAVTUVT2VQ2t5nbzO3mdnOHucPcae40NU1NU9vUNnVMHVPX1DX1TD1T39Q3DUwD09A0NI1MI9PYNDZNTBPT1DQ1zUwz08K0MK1MK9PatDZtTBvTzrQz7U1708F0MIkm0XQ0HU0n08l0Np1NF9PFdDVdTTfTzfQwPUxP09P0Mr1MkkkyfU1f08/0MwPMADPQDDSDzCAz2Aw2ySbZDDVDzTAzzAw3w80IM9KMyrpQNW+ZMWasGWfGmxSTYiaaiWaSmWQmm8lmipliUk2qmW6mmxlmhpllZpnZZraZY+aYeWaeSTNpZoFZYNJNullkFpkMk2GWmCVmmVlmVpgVZpVZZdaYNWYdrDMbzAazyWwyW8wWs81sMzvMDrPT7DS7zC6zx+wxe81es8/sM/vNfnPAHDCZJtMcNAfNIXPIHDaHzRFzxBw1R81xc9ycMCfMSXPSnDanzVlT4OL3pTexNqfNZa+yue3VNo/Na/8+LmgL2Xhb2Bax2ua3BX4TG2ttCVvSlrKlrbNlbIK98XdxRVvJVrZV7G22qr3dVvtdXMfebevae2w9e6+tbe/6TVzf3mcb2IdtQ0QA29w2ti1tE/uwbWofsc1sc9vCtrTt7RO2g33SJtqnbEf79O/iBXahXWVX2zV2rd1ld9vT9ow9ZL+1Z+1PtpftbQfal+0g+4odbF+1yXbI7+JR9k072r5lx9ixdpwd/7t4ip1qU+00O92+Z2fYmb+L0+yHdrZNt3PsXDvPzv8lzqop3X5kF9mPbYYNYIldapfZ5XaFXXmpVp/Xrrcb7Ea7035qt9itdpvdbndcuhC2u+0e+5ndaz+3B+03dr/90h6wh22m/fqXOOv4Dtvv7BH7vT1qj9nj9gd7wv6oLmVnHfsP9md73noLhAQkSVFAMZSDYikn5aKrKDddTXkoL0XoGoqjaykfXUf5qQAVpEIUT4WpCGkyZIkopKJUjKJ0PV0qrxSVJkdlKIFupLJ0E5Wjm6k83UIV6FaqSJWoMlWh26gq3U7V6A6qTndSDapJtag23UV16G6qS/dQPbqX6tN91IDup4b0ADWiB6kxPURN6GFqSo9QM2pOLagltaJHqTU9Rm2oLbWjx6k9PUEd6ElKpKeoIz1Nnehv1JmeoS70LHWl56gbdace9Dz1pBeoF/WmJOpDfelF6kf9aQC9RAPpZRpEr9BgepWSaQgNpddoGL1Ow+kNGkEjaRS9SaPpLRpDY2kcjacUmkAT6W2aRO/QZHqXptBUSqVpNJ3eoxk0k2bR+zSbPqA5NJfm0XxKow9pAS2kdPqIFtHHlEGLaQktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtAntJM+pV20m/bQZ7SXPqd99AXtpy/pAH1FmfQ1HaRv6BB9S4fpO9+bvqejdIyO0w90gn6kk3SKTtMZOks/0Tn6mc6TJwgxFKEMVRiEMWGOMDbMGeYKrwpzh1eHecK8YSS8JowLrw3zhdeF+cMCYcGwUBgfFg6LhDo0oQ0pDMOiYbEwGl4fFg9vCEuEJcNSYenQhWXChPDGsGx4U1guvDksH94SVghvDSuGlcKH760S3hZWDW8Pq4V3hNXDO8MaYc2wVlg7vCusE94d1g3vCeuF94blwvvCBuH9YcPwgbBR+GDYOHwobBI+HDYNHwmbhc3DFmHLsFX4aNg6fCxsE7YN24WPh+3DJ8IO4ZNhYvhU2DF8+pf19y388/VJYZ+wb/hi+GLo/T1yXnR+NC36YXRBdGE0PfpRdFH042hGdHF0SXRpdFl0eXRFdGV0VXR1dE10bXRddH10Q3Rj1PvaOcChE0465QIX43K4WJfT5XJXudzuapfH5XURd42Lc9e6fO46l98VcAVdIRfvCrsiTjvjrCMXuqKumIu6611xd4Mr4Uq6Uq60c66MS3AtXSvXyrV2j7k2rq1r5x53j7sn3BPuSfeke8p1dE+7Tu5vrrN7xnVxz7pn3XOum+vuerjnXU83Ic+FczLJ9XV9XT/Xzw1wA9xAN9ANcoPcYDfYJbtkN9QNdcPcMDfcDXcj3Ag3yo1yo91oN8aNcePcOJfiUtxEN9FNcpPcZDfZTXFTXKpLddPddDfDzXBVZ17Yyxw3x81z81yaS3MLXNY1Y7pb5Ba5DJfhlrglbplb5la4FW6VW+XWuDVunVvnNrgNbpPb5La4LW6b2+Z2uB1up9vpdvm8FyZ1e90+t8/td/vdAfeVy3Rfu4PuG3fIfesOu+/cEfe9O+qOuePuB3fC/ehOulPutDvjzrqf3Dn3szvvvEuJTIhMjLwdmRR5JzI58m5kSmRqJDUyLTI98l5kRmRmZFbk/cjsyAeROZG5kXmR+ZG0yIeRBZGFkfTIR5FFkY8jGZHFkSWRpZFlkeUR7wtvCX1RX8xH/fW+uL/Bl/AlfSlf2jtfxif4G31Zf5Mv52/25f0tvoK/1Vf0lXxl/4hv5pv7Fr6lb+Uf9a39Y76Nb+vb+cd9e/+E7+Cf9In+Kd/RP+07+b/5zv4Z38U/67v653w339338M/7nv4F38v39km+j+/rX/T9fH8/wL/kB/qX/SD/ih/sX/XJfogf6l/zw/zrfrh/w4/wI/2omDf96Eu3yDDep/gJfqJ/20/y7/jJ/l0/xU/1qX6an+7f8zP8TD/Lv+9n+w/8HD/Xz/PzfZr/0C/wC326/8gv8h/7DL/40kNlv8Kv9Kv8ar/Gr/Xr/Hq/wW/0m/xmv8Vv9dv8dr/Df+J3+k/9Lr/b7/Gf+b3+c7/Pf+H3+y/9Af+Vz/Rf+4P+G3/If+sP++/8Ef+9P+qP+eP+B3/C/+hP+lP+tD/jz/qf/Dn/sz/P/2eNMcYYY+yfMuHyUPx2zYXH+X3+IEf8auO+AHD11kKZv16fdUW5Lv+FcX8R3z4CAE/17vrgpaVGjaSkpIvbZkgIis0FuPQ3QVli4HK8GNrBE5AIbaHsH9bfX3Q/S/9g/ugtALl+lRMLl+PL838BgEl/MP+jj49aUCE8HfffzD8XoESxyzk54XK8GNr98nylLZT7k/oLtP6T+vHi/Dm/TAFo86uc3HA5vlx/AjwGT0Pib7ZkjDHGGGOMMcYu6C8qd750/3npX3z+0f15vLqckwMux//o/pwxxhhjjDHGGGNX3jPdezz5aGJi287/80G1/1XWPz1oCv9XM/PgDwfeA1z6iQKAf3FCgKyB/CuPYvNfsq/ki6fO369adsYH8J/Ryn/H4Ap/MDHGGGOMMcb+7S5f9P/25+pKFcQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjGVDf8WvE7vSx8gYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xdaf8VAAD//3aq+3A=") mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) 6m6.572529882s ago: executing program 2 (id=15351): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newtaction={0x98, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x84, 0x1, [@m_tunnel_key={0x80, 0x1, 0x0, 0x0, {{0xf}, {0x50, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xe, @initdev={0xac, 0x1e, 0x0, 0x0}}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @empty}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @empty}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x98}}, 0x0) 6m6.279618549s ago: executing program 2 (id=15354): r0 = syz_open_dev$vim2m(&(0x7f0000003800), 0x7, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x44, 0x1, 0x7, "6906007722366ccee4ba568eb4f80102f5372f2c74f6024305f11fd3454ad23d", 0x32314d4e}) 6m5.776483798s ago: executing program 33 (id=15354): r0 = syz_open_dev$vim2m(&(0x7f0000003800), 0x7, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x44, 0x1, 0x7, "6906007722366ccee4ba568eb4f80102f5372f2c74f6024305f11fd3454ad23d", 0x32314d4e}) 1.615003315s ago: executing program 1 (id=20151): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0x78b, @mcast1}, 0x1c) 1.527382011s ago: executing program 4 (id=20153): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x7, 0x0, 0x2, 0x0, 0xfffffffd, 0x900, 0x0, 0xffffff80}}) 1.500050072s ago: executing program 0 (id=20154): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x0, 0x0, @loopback={0xffffff91}}, 0x1c) 1.393631188s ago: executing program 1 (id=20155): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x7, 0x0, 0x7fff0003}]}) select(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2}) 1.36288295s ago: executing program 4 (id=20156): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f0000000200), 0x4) 1.261849226s ago: executing program 1 (id=20158): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f00000001c0)='./file1\x00', 0x20008c0, &(0x7f0000000200)={[{@utf8}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@iocharset={'iocharset', 0x3d, 'cp869'}}, {@fat=@check_strict}, {@shortname_lower}, {@uni_xlate}, {@fat=@showexec}, {@uni_xlate}, {@utf8no}, {@shortname_lower}, {@shortname_win95}, {@utf8}, {@shortname_lower}]}, 0x81, 0x350, &(0x7f0000000580)="$eJzs3U9oW3UcAPBv9tKkHcz2IAwF4elN0LJWPOipZXQwzEUl+OcgBtepNHXQYLA7NKsX8Sh41JM3D3rwsLMIinjz4NUJMhUPutvA4ZMkL81Lk3adkM3i53MI331/329+v7c8mtfX5tdXV2LjwkxcvHHjeszOlqK8cnYlbpZiIZIYuBLjKhNyAMDxcDPL4s+s74gtpSkvCQCYst77/+unCpl3vz6sPvPuDwDHXv79/9xhNbMHDVyaypIAgCkbu///yMhwZfRH/eXCbwUAAMfV8y+9/MxqLeK5NJ2N2HyvXW/X4+nh+OrFeDOasR5nYj5uRfQvFLoPpd7jufO1tTNpmnbil4Wodzva9YjNTrvev1JYTXr91ViK+VjI+/OrjSzLknNf1NaW0p6IuNLpzR+bpXZ9Jk7m8/94MtZjOdK4f6w/4nxtbTnNn6C+OejvROwO71t0178Y8/H9a3EpmnEhur2Dy5ra2s5Smp7NaiP97Xq1V9d34B0QAAAAAAAAAAAAAAAAAAAAAAD4VxbTPQt7+99kw/17FhcnjPf2x+n35/sD7fb3B8qqWWTZH+88Xn8/iZH9gfbvz9Oul+PEvT10AAAAAAAAAAAAAAAAAAAA+M9obVei0Wyub7W2L28Ug85Wa/tERHQzb3372VdzMV5zm6Ccz1EYSvPU5Y1GlgyKs2SkJg+S7uSDzKdX91ZcrKnuHcXEZVQPHmo2Tz3880fDzEPJ4Jn/HtYkMfkAk33LKAab9/WXdCf/UXvB8m1qrmVZdlD7zivjXVGKKN/5C3d4kHWDb66/8cATrdNP9jJfZn2PPjb/wrUPP/lto9Hszhy9V7Cy1bqVbTTyf08+2Q4OksL5U4p+UCqeCeXD2ndHM43kh99ffPCD7442e1bMvD2hJukfzuf7hyr9oLvMfUNzk+aamXDyTyE4/fFK4+rOT78etavwRcJGHQAAAAAAAAAAAAAAAAAAcFcUPiueyz/sO3NY11PPTn9lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD3DP/+fyHYHcscJfirE+ND1fWtVkTlXh8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/c/8EAAD//9HQbnk=") openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0) 1.175439531s ago: executing program 0 (id=20159): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4400000010000304000300"/20, @ANYRES32=0x0, @ANYBLOB="000000000100000014001280090001007663616e00000000", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}}, 0x8000) 1.150301673s ago: executing program 4 (id=20160): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000d40)=@nat={'nat\x00', 0x670, 0x5, 0x490, 0xf8, 0xf8, 0xfeffffff, 0x220, 0x2f0, 0x3f8, 0x3f8, 0xffffffff, 0x3f8, 0x3f8, 0x5, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'veth1_to_team\x00', {}, {}, 0x6}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@inet=@tcp={{0x30}}, @common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x2}}]}, @common=@inet=@TCPMSS={0x28}}, {{@uncond, 0x0, 0xf0, 0x128, 0x0, {}, [@common=@set={{0x40}}, @common=@set={{0x40}, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}}}]}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @broadcast, @remote, @icmp_id}}}}, {{@ip={@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'vlan0\x00'}, 0x0, 0x98, 0xd0, 0x0, {}, [@common=@ttl={{0x28}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id}}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, 0x0, 0x0, 'pim6reg0\x00', 'wlan0\x00'}, 0x0, 0xc0, 0x108, 0x0, {}, [@common=@osf={{0x50}, {'syz1\x00'}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv6=@private2, @ipv4=@local}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4f0) 1.070135978s ago: executing program 5 (id=20161): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000080)={0x0, 'bond0\x00'}) 903.976737ms ago: executing program 4 (id=20162): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x800, &(0x7f0000000100)=ANY=[@ANYBLOB='iocharset=iso8859-9,utf8,dmask=00000000000000000000011,utf8,errors=remount-ro,utf8,fmask=00000000000000000000001,errors=remount-ro,iocharset=iso8859-5,gid=', @ANYRESHEX=0x0, @ANYBLOB="0002"], 0x1, 0x1548, &(0x7f0000000380)="$eJzs3AuYTdX7OPD3XWvtMSSdJrkMa613c5LLMkmSS5JckiRJktwSkib5SkJiyC1pSEJyGZLLEJLLxKRxv98vCU2SJklCckvW/1H8fftVv++lvl/P85v38zz7sd6z9rv22vOeM2fvdZz5psvQmo1rVWtIRPCn4C//JAFALAAMBIBrACAAgHJx5eIu9OeUmPTnDsL+Wg+lXukZsCuJ65+9cf2zN65/9sb1z964/tkb1z974/pnb1x/xrKzzdMLXstb9t14/T874/f//0OySo/9Ym3p67sCxPyzKVz/7I3r/39W8M/sxPXP3rj+2VXslZ4A+yvN/vfS+PWfHeT4wx6uf/bG9WcsO/t5HTgnXPF16Cu1QSR7fwZypZ9/jDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayh9P+MgUAl9pXel6MMcYYY4wxxhj76/gcV3oGjDHGGGOMMcYY+89DECBBQQAxkANiISfkAgEAV0MeuAYicC3EwXWQF66HfJAfCkBBiIdCUBg0GLBAEEIRKApRuAGKwY1QHEpASSgFDkpDAtwEZeBmKAu3QDm4FcrDbVABKkIlqAy3QxW4A6rCnVAN7oLqUANqQi24G2rDPVAH7oW6cB/Ug/uhPjwADeBBaAgPQSN4GBrDI9AEHoWm0AyaQwto+W/lvwA94EXoCb0gCXpDH3gJ+kI/6A8DYCC8DIPgFRgMr0IyDIGh8BoMg9dhOLwBI2AkjII3YTS8BWNgLIyD8ZACE2AivA2T4B2YDFNgKkyDVJgOM+BdmAmzYDa8B3PgfZgL82A+LIA0+AAWwiJIhw9hMXwEGbAElsIyWA4rYCWsgtWwBtbCuh/7wgbYCJtgM2yBrbANtsMO2Akfwy74BHbDntfnAUAmfPZH+bD+d/NPXcqHvfApZEJXBAQUKFChwhiMwViMxVyYC3NjbsyDeTCCEYzDOMyLeTEf5sMCWADjMR4LY2E0aJCQsAgWwShGsRgWw+JYHEtiSXToMAETsAzejGWxLJbDclgey2MFrIgVsTJWxipYBatiVayG1bA6VseaWBPvxruxN9bBOlgX62I9rHdpeQobYkNshI2wMTbGJtgEm2JTbI7NsSW2xFbYCltja2yLbbEdtsP22B4TMRE7YAfsiB2xE3bCztgZu2AX7IrdsFvWCzkAX8QXsRdWF72xD/bBvpicoz8OwAH4Mg7CV/AVfBWTcQgOxdfwNXwdh+NJHIEjcRSOwiriLRyDY5HEeEzBFJyIE3ESTsLJOAWn4DRMxek4A2fgTJyFs/A9nIPv4/s4D+fhAkzDNFyIizAd03ExnsIMXIJLcRkuxxW4HFfhalyFa3EdrsUNuAE34SbcgltwG27DHbgDP0YFgJ/gHtyDyZiJmbgP9+F+3I8H8ABmYRYexIN4CA/hYTyMR/AIHsVjeByP4Qk8gSfxFJ7G03gWz+I5fC7+q0Yfl1iTDOICJZSIETEiVsSKXCKXyC1yizwij4iIiIgTcSKvyCvyiXyigCgg4kW8KCwKCyOMIBHGAICIiqgoJoqJ4qK4KClKCiecSBAJoowoI8qKsqKcuFWUF7eJCqKiaOMqi8qiimjrqoo7RTVRTVQXNURNUUvUErVFbVFH1BF1RV1RT9QT9cUDooHojf3xIXGhMo3FEGwihmJT0UzIi7/BWonh2Fq0EW3FE2IkjsD2opVLFE+LDmIMdhR/E2PxWdFZjMcu4nnRVXQT3cULoodo7XqKXmIy9hZ9xDTsK/qJ/mKAmIk1xHs4J2dN8apIFkPEUPGaWICvi+HiDTFCjBSjxJtitHhLjBFjxTgxXqSICWKieFtMEu+IyWKKmCqmiVQxXcwQ74qZYpaYLd4Tc8T7Yq6YJ+aLBSJNfCAWikUiXXwoFouPRIZYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu9ghdoqPxS7xidgt9oi94lORKT4T+8TnYr/4QhwQX4os8ZU4KL4Wh8Q34rD4VhwR34mj4pg4Lr4XJ8QP4qQ4JU6LM+Ks+FGcEz+J88ILkCiFlFLJQMbIHDJW5pS55FUytwwu/nSvlXHyOplXXi/zyfyygCwo42UhWVhqaaSVJENZRBaVUXmDLCZvlMVlCVlSlpJOlpYJ8iZZRt4sy8pbZDl5qywvb5MVZEVZSVaWt8sq8g4JkV+OUV3WkDVlLXm3TIJ7ZB15r6wr75P15P2yvnxANpAPyobyIdlIPiwby0dkE/mobCqbyeayhWwpH5Ot5OOytWwj28onZDv5pGwvn5KJ8mnZQfqLT5FnZWf5nOwin5ddZTfZXf4kz0sve8peEnqD7CNfkn1lP9lfDpAD5ctykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZTpFT5TSZKqfL/hdHmi3lP8x/+3fyB/989E1ys9wit8ptcrvcIXfKj+UuuUvulrvlXrlXZspMuU/uk/vlfnlAHpBZMkselAflIXlIHpaH5RF5RB6Vx+QZ+b08IX+QJ+UpeUqekWflWXnu4s8AFCqhpFIqUDEqh4pVOVUudZXKra5WedQ1KqKuVXHqOpVXXa/yqfyqgCqo4lUhVVhpZZRVpEJVRBVVUXUDXnzCqJKqlHKqtEpQN/0r+aqYulEVVyV+lX9pfkl/ML+WqqVqpVqp1qq1aqvaqnaqnWqv2qtElag6qA6qo+qoOqlOqrPqrLqoLqqr6qq6q+6qh+qheqqeKkklqT7qJdVX9VP91QA1UL2sBqlBarAarJJVshqqhqphapgaroarEWqEGqVGqdFqtBqjxqhxapxKUSlqopqoJqlJarKarKaqqSpVpaoZaoaaqWaq2Wq2mqPmqLlqrpqv5qs0laYWqoUqXaWrxWqxylBL1BK1TC1TK9QKtUqtUmvUGrVOrVMb1AaVoTarzWqr2qq2q+1qp9qpdqldarfarfaqvSpTZap9ap/ar/arA+qAylJZ6qA6qA6pQ+qwOqyOqCPqqDqqjqvj6oQ6oU6qk+q0Oq3OqrPqnDqnzqvzFy77AhGIQAUqiAligtggNsgV5ApyB7mDPEGeIBJEgrggLsgbXB/kC/IHBYKCQXxQKCgc6MAENhAXix4NbgiKBTcGxYMSQcmgVOCC0kFCzMXO4JagXHBrUD64LagQVAwqBZWD24MqwR1B1eDOoFpwV1A9qBHUDGoFdwe1g3uCOsG9Qd3gvqBecH9QP3ggaBA8GDQMHgoaBQ8HjYNHgibBo0HToFnQPGgRtAxuDsr+ZeN7fzL/466n7qWTdG/dR7+k++p+ur8eoAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erKeoqfqaTpVT9cz9Lt6pp6lZ+v39Bz9vp6r5+n5eoFO0x/ohXqRTtcf6sX6I52hl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q536J36Y71Lf6J36z16r/5UZ+rP9D79ud6vv9AH9Jc6S3+lD+qv9SH9jT6sv9VH9Hf6qD6mj+vv9Qn9gz6pT+nT+ow+q3/U5/RP+rz2Fy7uL7y9G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emr8lr8pl8poApYOJNvClsCpsLyJApYoqYqImaYqaYKW6Km5KmpHHGmQSTYMqYMqasKWvKmXKmvClvKpgKppKpZG43t5s7zB3mTnOnucvcZWqYGqaWqWVqm9qmjqlj6pq6pp6pZ+qb+qaBaWAamoamkWlkGpvGpolpYpqapqa5aW5ampamlWllWpvWpq1pa9qZdqa9aW8STaLpYDqYjqaj6WQ6mc6ms+liupiupqvpbrqbHqaH6Wl6miSTZPqYPqav6Wv6m/5moBloBplBZrAZbJJNshlqhpphZpgZboabEWakGXXhQtW8ZcaYsWacGW9STIqZaCaaSWaSmWwmm6lmqkk1qWaGmWFmmplmtplt5pg5Zq6Za+ab+SbNpJmFZqFJN+lmsVlsMkyGWWqWmuVmuVlpVprVZrVZa9aa9bDebDQbzWaz2Ww1W812s93sNDvNLrPL7Da7zV6z12SaTLPP7DP7zX5zwBwwWSbLHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81Zk//i+6U3sTanzWWvsrnt1TaPvcb+z7iALWjjbSFb2Gqbz+b/VWystcVtCVvSlrLOlrYJ9qbfxBVsRVvJVra32yr2Dlv1N3Fte4+tY++1de19tpa9+1dxPXu/rW8fsQ0QAWwz28i2sI3tI7aJfdQ2tc1sc9vCtrNP2vb2KZton7Yd7DO/iRfaRXa1XWPX2nV2t91jT9sz9pD9xp61P9qetpcdaF+2g+wrdrB91SbbIb+JR9k37Wj7lh1jx9pxdvxv4ql2mk210+0M+66daWf9Jk6zH9g5Nt3OtfPsfLvg5/jCnNLth3ax/chm2ACW2mV2uV1hV9pV/3+uy+wGu9FusrvsJ3ar3Wa32x1256ULYbvH7rWf2kz7mT1ov7b77Rf2gD1ss+xXP8cXzu+w/dYesd/Zo/aYPW6/tyfsD+pS9oVz/97+ZM9bb4GQgCQpCiiGclAs5aRcdBXlpqspD11DEbqW4ug6ykvXUz7KTwWoIMVTISpMmgxZIgqpCBWlKN1Al6ZXkkqRo9KUQDdRGbqZytItVI5upfJ0G1WgilSJKtPtVIXuoKp0J1Wju6g61aCaVIvuptp0D9Whe6ku3Uf16H6qTw9QA3qQGtJD1Igepsb0CDWhR6kpNaPm1IJa0mPUih6n1tSG2tIT1I6epPb0FCXS09SBnqGO9DfqRM9SZ3qOutDz1JW6UXd6gXrQi9STelES9aY+9BL1pX7UnwbQQHqZBtErNJhepWQaQkPpNRpGr9NweoNG0EgaRW/SaHqLxtBYGkfjKYUm0ER6mybROzSZptBUmkapNJ1m0Ls0k2bRbHqP5tD7NJfm0XxaQGn0AS2kRZROH9Ji+ogyaAktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtBO+ph20Se0m/bQXvqUMukz2kef0376gg7Ql5RFX9FB+poO0Td0mL71veg7OkrH6Dh9TyfoBzpJp+g0naGz9COdo5/oPHmCEEMRylCFQRgT5ghjw5xhrvCqMHd4dZgnvCaMhNeGceF1Yd7w+jBfmD8sEBYM48NCYeFQhya0IYVhWCQsGkbDG8Ji4Y1h8bBEWDIsFbqwdJgQ3hSWCW8Oy4a3hOXCW8Py4W1hhbBi+Mh9lcPbwyrhHWHV8M6wWnhXWD2sEdYMa4V3h7XDe8I64b1h3fC+sGx4f1g/fCBsED4YNgwfChuFD4eNw0fCJuGjYdOwWdg8bBG2DB8LW4WPh63DNmHb8ImwXfhk2D58KkwMnw47hM/83H//oj/uTwp7h33Cl8KXQu/vlfOjC6Jp0Q+iC6OLounRD6OLox9FM6JLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohujm6Le18oBDp1w0ikXuBiXw8W6nC6Xu8rldle7PO4aF3HXujh3ncvrrnf5XH5XwBV08a6QK+y0M846cqEr4oq6qLvBFXM3uuKuhCvpSjnnSrsE18K1dC1dK/e4a+3auLbuCfeEe9I96Z5yT7mnXQf3jOvo/uY6uWddZ/ece84977q6bq67e8H1cBPy/PKaTHJ9XB/X1/V1/V1/N9ANdIPcIDfYDXbJLtkNdUPdMDfMDXfD3Qg3wo1yo9xoN9qNcWPcODfOpbgUN9FNdJPcJDfZTXZT3VSX6lLdDDfDzXQzXZVZvxxlrpvr5rv5Ls2luYXuwjVjulvsFrsMl+GWuqVuuVvuVrqVbrVb7da6tW69W+82uo1us9vstrqtbrvb7na6nW6X2+V2+2t+GdRlun1un9vv9rsD7kuX5b5yB93X7pD7xh1237oj7jt31B1zx9337oT7wZ10p9xpd8addT+6c+4nd955lxKZEJkYeTsyKfJOZHJkSmRqZFokNTI9MiPybmRmZFZkduS9yJzI+5G5kXmR+ZEFkbTIB5GFkUWR9MiHkcWRjyIZkSWRpZFlkeWRFRHvC20NfRFf1Ef9Db6Yv9EX9yV8SV/KO1/aJ/ibfBl/sy/rb/Hl/K2+vL/NV/AVfSX/qG/qm/nmvoVv6R/zrfzjvrVv49v6J3w7/6Rv75/yif5p38E/4zv6v/lO/lnf2T/nu/jnfVffzXf3L/ge/kXf0/fySb637+Nf8n19P9/fD/AD/ct+kH/FD/av+mQ/xA/1r/lh/nU/3L/hR/iRflTMm370pVtkGO9T/AQ/0b/tJ/l3/GQ/xU/103yqn+5n+Hf9TD/Lz/bv+Tn+fT/Xz/Pz/QKf5j/wC/0in+4/9Iv9Rz7DL7m0qOxX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+m1+u9/hd/qP/S7/id/t9/i9/lOf6T/z+/znfr//wh/wX/os/5U/6L/2h/w3/rD/1h/x3/mj/pg/7r/3J/wP/qQ/5U/7M/6s/9Gf8z/58/ydNcYYY4yxf8qEy03x655flvN7/06O+Lud+wDA1dsKZv19/4UryvX5fmn3E/HtIgDwdK8uD13aqldPSkq6uG+GhKDoPIBLnwRd8POy8cV4CbSFJyER2kCZ351/P9HtLP2D8aO3AuT6u5xYuBxfHv9zAEz6nfEfe2LUwvLh6bj/Zfx5AMWLXs7JCZfjJdD25/WVNlD2D+afv9U/mH/OL1IAWv9dTm64HF+efwI8Ds9A4q/2ZIwxxhhjjDHGftFPVOp06f7z0v/4/L3783h1OScHXI7/0f05Y4wxxhhjjDHGrrxnu3V/6rFL39x7LDGxTaefH/lnGlX/lZ3/9UYT+E+NzI3fbXgPcOkRBQB/ckCACw353zyLLf+VYyVffLX8z67lZ3wA3Ytd/NLjX3fQ2D9fi3+ncaV+IzHGGGOMMcb+Uy5f9P/6cXWlJsQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjGVD/40/J3alz5ExxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhi70v5fAAAA//8XnvpB") fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x1ff) 894.090608ms ago: executing program 5 (id=20163): r0 = syz_open_dev$vim2m(&(0x7f0000000240), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000780)={0x1, @pix={0x5, 0x64ed, 0x56555958, 0x6, 0xd, 0x7, 0x7, 0x9, 0x1, 0x2, 0x0, 0x3}}) 843.565491ms ago: executing program 0 (id=20164): r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, &(0x7f0000000100)=@in4={0x21, 0x1, 0x2f, 0x10, {0x2, 0x4e20, @broadcast}}, 0x24) 683.39607ms ago: executing program 5 (id=20165): r0 = syz_open_dev$usbfs(&(0x7f0000000400), 0x205, 0x2581) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000100)=@urb_type_control={0x2, {0x1, 0x1}, 0x1, 0x40, 0x0, 0x0, 0x9, 0x3, 0x0, 0x1, 0x7, 0x0}) 628.221594ms ago: executing program 0 (id=20166): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002300)={0x1c, 0x34, 0x107, 0xffffffff, 0xfffffffa, {0x1, 0x7c}, [@nested={0x8, 0x7, 0x0, 0x1, [@nested={0x4, 0x74}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) 513.79459ms ago: executing program 1 (id=20167): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'wlan1\x00', &(0x7f0000000140)=@ethtool_eee={0x44, 0x4, 0x9, 0x7, 0x1, 0x0, 0x5, 0x80000000, [0x6, 0x1]}}) 443.299585ms ago: executing program 5 (id=20168): mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) add_key$user(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xffffffffffffffff) 385.050218ms ago: executing program 0 (id=20169): syz_mount_image$hfs(&(0x7f00000007c0), &(0x7f0000000000)='./file1\x00', 0x30008c0, &(0x7f0000000040)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030373737372c6469725f756d61736b3d30303030303030303030303030303030303030303030302c696f636861727365743d69736f383835392d362c636f6465706167653d63703835352c63726561746f723d4ddd71752c00eeabc72a9832436950c6116498dda8be60a94746ea68766f63d1d63944fbda2a9337439b37b6f2a694ba98f40070d09c3890bd28a2018f1adfe1e0a630020a9cac1a43800a70a9328ddb2a2f2e207da7cd3caf243b39eaff4966b7aa97cb6cc7d2cfc59e7a976de0a00d23c7ffaaa056cc4f8bc7b4c0f9a21db642b3e832e30a90ba1b9e7933b77c60f6a1b9ca9128f0a2d0e23373c9d15c79865bae97ddd82b98001b6aa9c5390e4deaf5f0ee492c6842b1c08486e479a889491459a257e9d4083634dac6cd58520f72e6c2f11bbd5b03655bb1863b16f3", @ANYBLOB="11f4579be01e435c584a33c63f8173f96bc4546035804d47be19163bd9e589bfdd0a9e6804495a4e4d83804e78ac5a72446295afd79de3fd6a02932a26ab4045133c371e56b0d48544db3c7db23a432f837b93f89b6f223cd1f6731d407ffdcedd9467f5cd2d6c4e8b3043614238ac91501a4bb780c4723929e22f55254546facc4f0284e644e6", @ANYRES8, @ANYRESDEC=0x0], 0x11, 0x31b, &(0x7f0000000240)="$eJzs3T1rFE8cB/Dv7F5yl3+O/FcTESxEogHTiMZGbE7CvQgrUXMXCC4naoIPCEaxEjG9vaWtr0FsFME6VlZiYRULGZmHvX3e2+jt3UW/H/DY3dmZ/e3NzlMwWRDRP2u1vfvq/Bf1TwAuXODZRcAB0ABqAI7gaGOrt7mx6Xc7RQW5OF43uQRMTpE6Z63XzcragM1heWqvhmb0GFVDSnnp87iDoLHTrV+6we6M/jyhe4K6bZ06sTHGGLM83n+Wb+rmtqsIZqIU15TYwx7uNZsjC4eIiCaSMOO7Y8f5pp2/Ow6wZAcTlTZx4//v2ht3AJWThalm/MdcsPKSQtX7/zopXO/pJZxKd4JVYlZZrxP7U4n9aZinx40FMGhVqWNxZtY3/O6ZtZt+x8ETtKzIaQv6s2MfTysWbT1V9GLG2rRAv7SZ3FNE9oxyVt/DlLqHFRP/XQCx+OcLr1gB8U58EFeEh5fo6PpXalKoatI15SVqysR/Nr9EfZeeOgu222i1Wk7slEP6IsfsFawBd9mIhxE1bcuM/YDAGxSnznU4kcvc3bkBueYzc63o7WU4ObkWYrnU3axv+G/zLzUS4oW4LBbxFW/Q7te/aj6u6eqTLTPy0IetRiyZoUB/46p1xms2orZkeyI9cmx92n1ojqebS/9bTDdY60dxn0b78BzXcQFzd+4/uOH6fve22rjmq8dVb/SP3GraDb879RSIJk3KBrbDI3VILXVyMCiNMrDloRao+o+MJNWwet+DI6qVDSrw0Z/Go/qBSr+62RJ3sb+NoOsaToHt98N5kIJpQyzpp5RyhI1ox07Ykklj65lohMJKL3d+xlSHDjZVpcKs/8L1Ss1M9tSHlzlPL/mDAFuiVHPs/gouzCvNjBzAfwUruKxic1dw6TVXas2o11wnTwOnyl/Rs3H+JUQbH3E1Mv8nIiIiIiIiIiIiIiIiIiIiIiIiIqIDodpfMKih/P8sJyIiIiIiIiIiIiIiIiIiIiIiIiIiIiKiPKsNmL97jeD9vyj3/t/kq1hc8yfBh/L+350e+P5four9CgAA//8sNHMW") syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x20020c0, 0x0, 0x1, 0x0, &(0x7f0000001a00)) 370.083109ms ago: executing program 4 (id=20170): ioperm(0x0, 0x9, 0x5) bpf$ENABLE_STATS(0x20, 0x0, 0x0) 231.148837ms ago: executing program 5 (id=20171): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000c00)={0x118, 0x30, 0x1, 0x4, 0x25dfdbfc, "", [@nested={0x105, 0xf2, 0x0, 0x1, [@typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c", @typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac0a}, @typed={0x8, 0x28, 0x0, 0x0, @fd}]}]}, 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0) 230.553257ms ago: executing program 4 (id=20172): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x5, 0x3, 0x84, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50) bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x6c, r0, 0x0, 0x6c}, 0x38) 217.424358ms ago: executing program 1 (id=20173): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003780)=@newchain={0x24, 0x1e, 0x1, 0x0, 0x8000, {0x0, 0x0, 0x0, 0x0, {0x0, 0x5}, {0xe, 0xf}, {0xe, 0xb}}}, 0x24}}, 0x44004) 748.821µs ago: executing program 0 (id=20174): r0 = syz_open_dev$vbi(&(0x7f0000000100), 0x1, 0x2) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205648, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f905, 0xffffbfff, '\x00', @string=&(0x7f0000000180)=0xa3}}) 586.681µs ago: executing program 5 (id=20175): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000), &(0x7f0000000040)=0xd) 0s ago: executing program 1 (id=20176): r0 = socket$inet6(0xa, 0x80001, 0x0) getsockopt$bt_hci(r0, 0x0, 0x60, &(0x7f00001e3000)=""/30, &(0x7f0000d23000)=0x44) kernel console output (not intermixed with test programs): quest for non-existent node 3 in B*Tree [ 1869.800689][T15015] hfsplus: request for non-existent node 3 in B*Tree [ 1869.830865][ T28] audit: type=1326 audit(2000000363.440:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15011 comm="syz.1.18403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1869.845740][T15015] hfsplus: invalid length 28418 has been corrected to 255 [ 1869.906645][ T28] audit: type=1326 audit(2000000363.440:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15011 comm="syz.1.18403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1869.945781][T15015] hfsplus: invalid length 28418 has been corrected to 255 [ 1870.999379][ T28] audit: type=1326 audit(2000000364.770:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15058 comm="syz.1.18427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1871.031475][ T28] audit: type=1326 audit(2000000364.770:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15058 comm="syz.1.18427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1871.146240][ T28] audit: type=1326 audit(2000000364.800:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15058 comm="syz.1.18427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1871.209268][ T28] audit: type=1326 audit(2000000364.800:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15058 comm="syz.1.18427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1871.272296][ T28] audit: type=1326 audit(2000000364.800:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15058 comm="syz.1.18427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1871.503970][T15079] xt_policy: neither incoming nor outgoing policy selected [ 1871.684902][T15084] loop1: detected capacity change from 0 to 256 [ 1871.762083][T15084] FAT-fs (loop1): Directory bread(block 64) failed [ 1871.783756][T15084] FAT-fs (loop1): Directory bread(block 65) failed [ 1871.794004][T15084] FAT-fs (loop1): Directory bread(block 66) failed [ 1871.802691][T15088] loop5: detected capacity change from 0 to 128 [ 1871.809717][T15084] FAT-fs (loop1): Directory bread(block 67) failed [ 1871.810197][T15086] loop4: detected capacity change from 0 to 1024 [ 1871.841535][T15088] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1871.859541][T15084] FAT-fs (loop1): Directory bread(block 68) failed [ 1871.868066][T15088] ext4 filesystem being mounted at /738/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1871.892691][T15084] FAT-fs (loop1): Directory bread(block 69) failed [ 1871.909878][ T134] hfsplus: b-tree write err: -5, ino 4 [ 1871.923577][T15088] EXT4-fs warning (device loop5): verify_group_input:151: Cannot add at group 49 (only 1 groups) [ 1871.948930][T15084] FAT-fs (loop1): Directory bread(block 70) failed [ 1871.993276][T15084] FAT-fs (loop1): Directory bread(block 71) failed [ 1872.047583][T15084] FAT-fs (loop1): Directory bread(block 72) failed [ 1872.054199][T15084] FAT-fs (loop1): Directory bread(block 73) failed [ 1872.088414][ T8195] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1872.414936][T15104] netlink: 4 bytes leftover after parsing attributes in process `syz.0.18449'. [ 1872.640527][T15115] syz.0.18453: attempt to access beyond end of device [ 1872.640527][T15115] nbd0: rw=2048, sector=18446744073709551608, nr_sectors = 8 limit=0 [ 1873.270710][T15137] loop0: detected capacity change from 0 to 1024 [ 1873.308219][T15139] netlink: 209844 bytes leftover after parsing attributes in process `syz.5.18465'. [ 1873.337872][T15137] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1873.365976][ T5817] usb 5-1: new high-speed USB device number 47 using dummy_hcd [ 1873.379030][T15137] EXT4-fs warning (device loop0): ext4_rmdir:3243: inode #11: comm syz.0.18464: empty directory 'file1' has too many links (111) [ 1873.507375][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1873.545950][ T5817] usb 5-1: Using ep0 maxpacket: 8 [ 1873.570273][ T5817] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1873.613610][ T5817] usb 5-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e [ 1873.650721][ T5817] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1873.673696][ T5817] usb 5-1: Product: syz [ 1873.705851][ T5817] usb 5-1: Manufacturer: syz [ 1873.710524][ T5817] usb 5-1: SerialNumber: syz [ 1873.733331][ T5817] usb 5-1: config 0 descriptor?? [ 1873.754313][ T5817] streamzap 5-1:0.0: streamzap_probe: endpoint doesn't match input device 0203 [ 1873.991390][ T5817] usb 5-1: USB disconnect, device number 47 [ 1874.118291][T15160] loop1: detected capacity change from 0 to 256 [ 1874.601167][T15148] loop5: detected capacity change from 0 to 40427 [ 1874.616336][T15148] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 1874.625394][T15148] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 1874.698232][T15148] F2FS-fs (loop5): Found nat_bits in checkpoint [ 1874.767931][T15178] loop4: detected capacity change from 0 to 512 [ 1874.775883][T15176] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1874.806689][T15178] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1874.890573][T15178] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended [ 1874.905250][T15148] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 1874.913238][T15148] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 1874.946578][T15178] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1875.025895][T15178] ext4 filesystem being mounted at /2350/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1875.295866][T25597] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1876.061916][T15189] loop1: detected capacity change from 0 to 32768 [ 1876.126491][T15189] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 1876.156132][T15189] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 1876.189235][T15189] BTRFS info (device loop1): turning off barriers [ 1876.209122][T15189] BTRFS info (device loop1): disabling log replay at mount time [ 1876.235799][T15189] BTRFS info (device loop1): trying to use backup root at mount time [ 1876.245589][T15189] BTRFS info (device loop1): force zlib compression, level 3 [ 1876.254102][T15189] BTRFS info (device loop1): setting nodatasum [ 1876.308658][T15189] BTRFS info (device loop1): enabling auto defrag [ 1876.315164][T15189] BTRFS info (device loop1): using free space tree [ 1876.360496][T15189] workqueue: max_active 2097158 requested for btrfs-worker is out of range, clamping between 1 and 512 [ 1876.381715][T15189] workqueue: max_active 2097158 requested for btrfs-delalloc is out of range, clamping between 1 and 512 [ 1876.433184][T15189] workqueue: max_active 2097158 requested for btrfs-endio is out of range, clamping between 1 and 512 [ 1876.523929][T15189] workqueue: max_active 2097158 requested for btrfs-endio-meta is out of range, clamping between 1 and 512 [ 1876.566059][T15189] workqueue: max_active 2097158 requested for btrfs-rmw is out of range, clamping between 1 and 512 [ 1876.616157][T15189] workqueue: max_active 2097158 requested for btrfs-endio-write is out of range, clamping between 1 and 512 [ 1876.629144][T15189] workqueue: max_active 2097158 requested for btrfs-compressed-write is out of range, clamping between 1 and 512 [ 1876.786828][T15189] BTRFS info (device loop1): auto enabling async discard [ 1876.806748][T15249] netlink: 32 bytes leftover after parsing attributes in process `syz.0.18507'. [ 1877.003737][T15189] BTRFS error (device loop1: state M): nologreplay must be used with ro mount option [ 1877.096330][ T5777] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 1878.020621][T15276] loop1: detected capacity change from 0 to 1024 [ 1878.057945][T15276] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1878.154288][T15276] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1878.239018][T15251] loop5: detected capacity change from 0 to 32768 [ 1878.366935][T15251] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1878.471284][ T5777] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1878.529689][T15251] XFS (loop5): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 1878.704716][T15251] XFS (loop5): Starting recovery (logdev: internal) [ 1878.771496][T15251] XFS (loop5): Ending recovery (logdev: internal) [ 1878.816875][T15251] XFS (loop5): AG 0: Corrupt btree 5 pointer at level 1 index 0. [ 1878.824817][T15251] XFS (loop5): Failed to initialize disk quotas. [ 1879.040262][T15251] XFS (loop5): AG 0: Corrupt btree 5 pointer at level 1 index 0. [ 1879.236949][ T8195] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1879.263796][T15313] loop0: detected capacity change from 0 to 256 [ 1879.987814][T15331] loop5: detected capacity change from 0 to 1024 [ 1880.234920][T15339] loop0: detected capacity change from 0 to 8 [ 1880.316201][T15339] SQUASHFS error: zlib decompression failed, data probably corrupt [ 1880.324199][T15339] SQUASHFS error: Failed to read block 0x4de: -5 [ 1880.352035][T15339] SQUASHFS error: zlib decompression failed, data probably corrupt [ 1880.400287][T15339] SQUASHFS error: Failed to read block 0x4df: -5 [ 1880.408492][T15339] SQUASHFS error: zlib decompression failed, data probably corrupt [ 1880.431616][T15339] SQUASHFS error: Failed to read block 0x4e0: -5 [ 1880.450310][T15339] SQUASHFS error: zlib decompression failed, data probably corrupt [ 1880.466293][T15339] SQUASHFS error: Failed to read block 0x4de: -5 [ 1880.485989][ T28] audit: type=1800 audit(2000000374.250:579): pid=15339 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.18546" name="file1" dev="loop0" ino=5 res=0 errno=0 [ 1881.183823][T15337] loop4: detected capacity change from 0 to 32768 [ 1881.233064][T15337] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1881.250844][T15365] ip6erspan0: entered allmulticast mode [ 1881.372735][T15337] XFS (loop4): Ending clean mount [ 1881.417118][T15337] XFS (loop4): Quotacheck needed: Please wait. [ 1881.585552][T15377] netlink: 16 bytes leftover after parsing attributes in process `syz.1.18561'. [ 1881.606018][T15337] XFS (loop4): Quotacheck: Done. [ 1881.612351][T15377] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18561'. [ 1881.707134][T15377] ip6gretap2: entered allmulticast mode [ 1881.754513][T25597] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1881.782256][T15353] loop5: detected capacity change from 0 to 32768 [ 1881.847569][T15353] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1882.070818][T15353] XFS (loop5): Ending clean mount [ 1882.276771][ T8195] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1882.365794][T15391] netlink: 60 bytes leftover after parsing attributes in process `syz.1.18565'. [ 1882.483589][T15393] netlink: 40 bytes leftover after parsing attributes in process `syz.4.18563'. [ 1882.726094][T15397] netlink: 'syz.4.18568': attribute type 12 has an invalid length. [ 1882.832846][T15379] loop0: detected capacity change from 0 to 32768 [ 1882.897096][T15379] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 1882.908190][T15379] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 1882.966258][T15379] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 1883.015861][ T5817] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 1883.022709][ T5817] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 1883.237959][ T5817] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 215ms [ 1883.255788][ T5817] gfs2: fsid=syz:syz.0: jid=0: Done [ 1883.261467][T15408] loop5: detected capacity change from 0 to 4096 [ 1883.274829][T15379] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 1883.292866][T15408] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 1883.427686][T15408] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 1883.469144][T15408] ntfs3: loop5: mft corrupted [ 1883.473987][T15408] ntfs3: loop5: Failed to load $Extend (-22). [ 1883.497398][T15408] ntfs3: loop5: Failed to initialize $Extend. [ 1883.734297][T15408] ntfs3: loop5: ino=1b, "file0" failed to parse mft record [ 1883.755746][T15408] ntfs3: loop5: ino=1b, "file0" attr_set_size [ 1885.279484][T15460] loop0: detected capacity change from 0 to 8 [ 1885.478501][T15464] cgroup: Invalid name [ 1885.554584][T15432] loop1: detected capacity change from 0 to 40427 [ 1885.581399][T15432] F2FS-fs (loop1): Corrupted extension count (64 + 1 > 64) [ 1885.605759][T15432] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1885.679760][T15432] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1885.885409][T15432] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1885.935874][T15432] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1886.207612][T15488] netlink: 'syz.0.18609': attribute type 6 has an invalid length. [ 1886.215518][T15488] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.18609'. [ 1886.247818][ T49] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1886.773952][T15506] netlink: 292 bytes leftover after parsing attributes in process `syz.0.18619'. [ 1886.865516][T15508] netlink: 209820 bytes leftover after parsing attributes in process `syz.5.18620'. [ 1886.876140][T15504] loop4: detected capacity change from 0 to 4096 [ 1887.082327][T15504] ntfs3: loop4: ino=5, "/" directory corrupted [ 1887.088754][T15504] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 1887.209830][T15513] loop5: detected capacity change from 0 to 128 [ 1887.231712][T15513] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 1887.253170][T15515] loop1: detected capacity change from 0 to 128 [ 1887.279981][T15513] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1887.340427][T15515] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1887.401856][T15515] ext4 filesystem being mounted at /4658/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1887.505273][T15515] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:406: inode #2: comm syz.1.18612: No space for directory leaf checksum. Please run e2fsck -D. [ 1887.546751][T15515] EXT4-fs error (device loop1): __ext4_find_entry:1696: inode #2: comm syz.1.18612: checksumming directory block 0 [ 1887.615925][ T4491] usb 5-1: new high-speed USB device number 48 using dummy_hcd [ 1887.731934][ T5777] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1887.758924][T15531] netlink: 4 bytes leftover after parsing attributes in process `syz.5.18629'. [ 1887.840436][ T4491] usb 5-1: config index 0 descriptor too short (expected 93, got 72) [ 1887.866758][ T4491] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1887.901259][ T4491] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1887.926953][ T4491] usb 5-1: Product: syz [ 1887.931200][ T4491] usb 5-1: Manufacturer: syz [ 1887.952282][ T4491] usb 5-1: SerialNumber: syz [ 1887.983211][ T4491] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1888.010452][ T8] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1888.174580][T15539] loop1: detected capacity change from 0 to 512 [ 1888.192742][T15539] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1) [ 1888.223127][T15541] netlink: 128 bytes leftover after parsing attributes in process `syz.5.18634'. [ 1888.241545][T15541] netlink: 28 bytes leftover after parsing attributes in process `syz.5.18634'. [ 1888.268850][T15539] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1888.408396][ T1138] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1) [ 1888.791041][ T4491] usb 5-1: USB disconnect, device number 48 [ 1889.126436][ T8] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 1889.148473][ T8] ath9k_htc: Failed to initialize the device [ 1889.178003][ T4491] usb 5-1: ath9k_htc: USB layer deinitialized [ 1889.243569][T15568] loop1: detected capacity change from 0 to 8 [ 1890.389712][T15598] netlink: 32 bytes leftover after parsing attributes in process `syz.1.18662'. [ 1890.485936][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1890.593651][T15585] loop4: detected capacity change from 0 to 32768 [ 1890.613917][T15573] loop5: detected capacity change from 0 to 40427 [ 1890.620810][T15604] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1890.634886][T15573] F2FS-fs (loop5): Corrupted extension count (64 + 1 > 64) [ 1890.650294][T15585] (syz.4.18656,15585,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1890.681750][T15573] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 1890.707061][T15585] (syz.4.18656,15585,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1890.742549][T15573] F2FS-fs (loop5): Found nat_bits in checkpoint [ 1890.797988][T15585] JBD2: Ignoring recovery information on journal [ 1890.977329][T15585] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 1891.058379][T15573] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 1891.065499][T15573] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 1891.079263][T15618] netlink: 80 bytes leftover after parsing attributes in process `syz.1.18670'. [ 1891.090413][T15618] netlink: 12 bytes leftover after parsing attributes in process `syz.1.18670'. [ 1891.108000][T15618] netlink: 20 bytes leftover after parsing attributes in process `syz.1.18670'. [ 1891.387675][T15624] 8021q: adding VLAN 0 to HW filter on device bond9 [ 1891.407020][T25597] ocfs2: Unmounting device (7,4) on (node local) [ 1891.721161][T15631] ieee802154 phy0 wpan0: encryption failed: -90 [ 1892.621387][T15655] netlink: 'syz.1.18687': attribute type 10 has an invalid length. [ 1892.645973][T15655] netlink: 2 bytes leftover after parsing attributes in process `syz.1.18687'. [ 1892.665791][T15655] bond0: entered promiscuous mode [ 1892.719889][T15655] bridge0: port 1(bond0) entered blocking state [ 1892.736176][T15655] bridge0: port 1(bond0) entered disabled state [ 1892.742686][T15655] bond0: entered allmulticast mode [ 1892.861877][ T28] audit: type=1326 audit(2000000386.630:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15660 comm="syz.5.18690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd53ed9aeb9 code=0x7ffc0000 [ 1892.941342][ T28] audit: type=1326 audit(2000000386.630:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15660 comm="syz.5.18690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd53ed9aeb9 code=0x7ffc0000 [ 1892.963809][ C1] vkms_vblank_simulate: vblank timer overrun [ 1892.971092][ T28] audit: type=1326 audit(2000000386.680:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15660 comm="syz.5.18690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fd53ed9aeb9 code=0x7ffc0000 [ 1892.996368][ T28] audit: type=1326 audit(2000000386.680:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15660 comm="syz.5.18690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd53ed9aeb9 code=0x7ffc0000 [ 1893.035727][ T28] audit: type=1326 audit(2000000386.680:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15660 comm="syz.5.18690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd53ed9aeb9 code=0x7ffc0000 [ 1893.207025][T15669] loop5: detected capacity change from 0 to 256 [ 1893.330832][T15669] FAT-fs (loop5): Directory bread(block 64) failed [ 1893.342659][T15647] loop4: detected capacity change from 0 to 32768 [ 1893.366553][T15669] FAT-fs (loop5): Directory bread(block 65) failed [ 1893.373269][T15669] FAT-fs (loop5): Directory bread(block 66) failed [ 1893.434336][T15669] FAT-fs (loop5): Directory bread(block 67) failed [ 1893.464284][T15669] FAT-fs (loop5): Directory bread(block 68) failed [ 1893.473182][T15647] jfs_strtoUCS: char2uni returned -22. [ 1893.489191][T15647] charset = iso8859-6, char = 0xfc [ 1893.500094][T15669] FAT-fs (loop5): Directory bread(block 69) failed [ 1893.516687][T15669] FAT-fs (loop5): Directory bread(block 70) failed [ 1893.526600][T15669] FAT-fs (loop5): Directory bread(block 71) failed [ 1893.533271][T15669] FAT-fs (loop5): Directory bread(block 72) failed [ 1893.546047][T15677] comedi comedi4: bad chanlist[0]=0x032c0000 chan=0 range length=2 [ 1893.555223][T15669] FAT-fs (loop5): Directory bread(block 73) failed [ 1894.113596][T15691] loop5: detected capacity change from 0 to 1024 [ 1894.130712][ T5671] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 1894.212697][T15691] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1894.346000][ T5671] usb 2-1: Using ep0 maxpacket: 32 [ 1894.368075][ T5671] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1894.385526][T15691] EXT4-fs error (device loop5): ext4_empty_dir:3166: inode #11: block 623: comm syz.5.18704: Attempting to read directory block (623) that is past i_size (638464) [ 1894.402866][T15691] EXT4-fs (loop5): Remounting filesystem read-only [ 1894.409451][ T5671] usb 2-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0 [ 1894.409486][ T5671] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1894.414514][ T5671] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 1894.455430][ T5671] usb 2-1: New USB device strings: Mfr=229, Product=1, SerialNumber=3 [ 1894.484183][ T5671] usb 2-1: Product: syz [ 1894.497994][ T5671] usb 2-1: Manufacturer: syz [ 1894.508759][ T5671] usb 2-1: SerialNumber: syz [ 1894.538553][ T5671] usb 2-1: config 0 descriptor?? [ 1894.551348][ T8195] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1894.970098][ T5671] gs_usb 2-1:0.0: Couldn't get device config: (err=-71) [ 1894.985757][ T5671] gs_usb: probe of 2-1:0.0 failed with error -71 [ 1895.016099][ T5671] usb 2-1: USB disconnect, device number 33 [ 1895.220999][T15720] loop4: detected capacity change from 0 to 4096 [ 1895.427067][T15729] sp0: Synchronizing with TNC [ 1895.484340][T15728] [U] è [ 1896.400638][T15762] loop4: detected capacity change from 0 to 8 [ 1896.525476][T15760] loop5: detected capacity change from 0 to 4096 [ 1896.544049][T15760] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 1896.682679][T15760] ntfs3: loop5: Failed to initialize $Extend/$Reparse. [ 1897.707321][T15808] bridge8: entered promiscuous mode [ 1897.716720][T15807] loop4: detected capacity change from 0 to 256 [ 1897.854395][T15810] loop5: detected capacity change from 0 to 128 [ 1897.977977][T15810] FAT-fs (loop5): Directory bread(block 32) failed [ 1897.984597][T15810] FAT-fs (loop5): Directory bread(block 33) failed [ 1898.044007][T15810] FAT-fs (loop5): Directory bread(block 34) failed [ 1898.051244][T15810] FAT-fs (loop5): Directory bread(block 35) failed [ 1898.095944][T15810] FAT-fs (loop5): Directory bread(block 36) failed [ 1898.102558][T15810] FAT-fs (loop5): Directory bread(block 37) failed [ 1898.124147][T15810] FAT-fs (loop5): Directory bread(block 38) failed [ 1898.148477][T15810] FAT-fs (loop5): Directory bread(block 39) failed [ 1898.155167][T15810] FAT-fs (loop5): Directory bread(block 40) failed [ 1898.198810][T15810] FAT-fs (loop5): Directory bread(block 41) failed [ 1898.511444][T15810] syz.5.18763: attempt to access beyond end of device [ 1898.511444][T15810] loop5: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 1898.557827][T15810] FAT-fs (loop5): Filesystem has been set read-only [ 1898.564695][T15832] netlink: 'syz.1.18773': attribute type 5 has an invalid length. [ 1898.582009][T15830] loop4: detected capacity change from 0 to 2048 [ 1898.588816][T15810] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 1898.630676][T15830] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 1898.753338][ T28] audit: type=1326 audit(2000000392.520:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.1.18774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1898.835783][ T28] audit: type=1326 audit(2000000392.520:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.1.18774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1898.878800][ T28] audit: type=1326 audit(2000000392.520:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.1.18774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1898.925725][ T28] audit: type=1326 audit(2000000392.520:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.1.18774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1898.975025][ T28] audit: type=1326 audit(2000000392.520:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.1.18774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1898.997991][ T4491] usb 5-1: new high-speed USB device number 49 using dummy_hcd [ 1899.014438][ T28] audit: type=1326 audit(2000000392.580:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.1.18774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1899.046984][ T28] audit: type=1326 audit(2000000392.580:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.1.18774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f85a815b78e code=0x7ffc0000 [ 1899.080274][ T28] audit: type=1326 audit(2000000392.580:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.1.18774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f85a815b78e code=0x7ffc0000 [ 1899.107983][ T28] audit: type=1326 audit(2000000392.580:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.1.18774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f85a815b78e code=0x7ffc0000 [ 1899.138362][ T28] audit: type=1326 audit(2000000392.580:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15833 comm="syz.1.18774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f85a815b78e code=0x7ffc0000 [ 1899.222462][T15840] loop5: detected capacity change from 0 to 512 [ 1899.236006][ T4491] usb 5-1: Using ep0 maxpacket: 8 [ 1899.247147][ T4491] usb 5-1: config 7 has an invalid interface number: 143 but max is 1 [ 1899.255513][ T4491] usb 5-1: config 7 has an invalid interface number: 217 but max is 1 [ 1899.264398][ T4491] usb 5-1: config 7 has an invalid descriptor of length 229, skipping remainder of the config [ 1899.270877][T15840] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1899.285659][ T4491] usb 5-1: config 7 has no interface number 0 [ 1899.293248][ T4491] usb 5-1: config 7 has no interface number 1 [ 1899.299708][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1899.307751][ T4491] usb 5-1: too many endpoints for config 7 interface 217 altsetting 0: 255, using maximum allowed: 30 [ 1899.318857][ T4491] usb 5-1: config 7 interface 217 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 1899.332445][ T4491] usb 5-1: config 7 interface 143 has no altsetting 0 [ 1899.340705][T15840] ext4 filesystem being mounted at /811/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1899.352990][ T4491] usb 5-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=ba.35 [ 1899.362280][ T4491] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1899.370584][ T4491] usb 5-1: Product: syz [ 1899.374790][ T4491] usb 5-1: Manufacturer: syz [ 1899.379738][ T4491] usb 5-1: SerialNumber: syz [ 1899.415173][T15840] EXT4-fs error (device loop5): ext4_acquire_dquot:6949: comm syz.5.18777: Failed to acquire dquot type 0 [ 1899.449626][T15828] loop0: detected capacity change from 0 to 40427 [ 1899.453733][T15840] EXT4-fs (loop5): Remounting filesystem read-only [ 1899.475926][T15828] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 1899.495751][T15828] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 1899.517986][T15828] F2FS-fs (loop0): invalid crc value [ 1899.537721][ T8195] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1899.552270][T15828] F2FS-fs (loop0): Found nat_bits in checkpoint [ 1899.607272][ T4491] qmi_wwan: probe of 5-1:7.143 failed with error -22 [ 1899.672586][ T4491] usb 5-1: USB disconnect, device number 49 [ 1899.753621][T15828] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 1899.778801][T15828] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1899.787983][T15849] netlink: 20 bytes leftover after parsing attributes in process `syz.5.18778'. [ 1899.826051][T15849] netlink: 20 bytes leftover after parsing attributes in process `syz.5.18778'. [ 1899.879016][T15828] syz.0.18770: attempt to access beyond end of device [ 1899.879016][T15828] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1900.062661][T15855] netlink: 8 bytes leftover after parsing attributes in process `syz.5.18781'. [ 1900.143440][T15857] xt_ecn: cannot match TCP bits for non-tcp packets [ 1900.886275][ T787] usb 5-1: new high-speed USB device number 50 using dummy_hcd [ 1901.075721][ T787] usb 5-1: Using ep0 maxpacket: 16 [ 1901.083911][ T787] usb 5-1: config 0 has an invalid interface number: 105 but max is 0 [ 1901.095705][ T787] usb 5-1: config 0 has an invalid descriptor of length 214, skipping remainder of the config [ 1901.115737][ T787] usb 5-1: config 0 has no interface number 0 [ 1901.129568][ T787] usb 5-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28 [ 1901.138980][ T787] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1901.167681][ T787] usb 5-1: Product: syz [ 1901.172037][ T787] usb 5-1: Manufacturer: syz [ 1901.182206][ T787] usb 5-1: SerialNumber: syz [ 1901.196561][ T787] usb 5-1: config 0 descriptor?? [ 1901.296975][T15887] loop0: detected capacity change from 0 to 764 [ 1901.474608][ T9] usb 5-1: USB disconnect, device number 50 [ 1901.625370][T15875] loop5: detected capacity change from 0 to 32768 [ 1901.646697][T15875] (syz.5.18792,15875,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1901.687603][T15875] (syz.5.18792,15875,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1901.721431][T15875] (syz.5.18792,15875,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC. [ 1901.748307][T15898] loop0: detected capacity change from 0 to 1764 [ 1901.751960][T15875] JBD2: Ignoring recovery information on journal [ 1901.785913][ T787] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 1901.828116][T15875] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1901.943093][T15875] (syz.5.18792,15875,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x2c7b5077, computed 0x28030c75. Applying ECC. [ 1901.964057][T15875] (syz.5.18792,15875,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x2c7b5077, computed 0x28d1d8ae [ 1901.982110][T15875] (syz.5.18792,15875,0):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 1901.994237][T15875] (syz.5.18792,15875,0):ocfs2_quota_read:201 ERROR: status = -5 [ 1901.997721][ T787] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1902.007330][T15875] (syz.5.18792,15875,0):ocfs2_get_next_id:909 ERROR: status = -5 [ 1902.022219][ T787] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1902.047406][ T787] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1902.065486][ T787] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67 [ 1902.084192][ T787] usb 2-1: SerialNumber: syz [ 1902.228864][ T8195] ocfs2: Unmounting device (7,5) on (node local) [ 1902.341855][ T787] usb 2-1: 0:2 : does not exist [ 1902.401024][ T787] usb 2-1: USB disconnect, device number 34 [ 1902.522138][ T6656] udevd[6656]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1902.846598][T15923] tmpfs: Bad value for 'mpol' [ 1903.095879][T15931] netlink: 'syz.5.18818': attribute type 1 has an invalid length. [ 1903.103776][T15931] netlink: 'syz.5.18818': attribute type 2 has an invalid length. [ 1904.162766][T15967] netlink: 12 bytes leftover after parsing attributes in process `syz.5.18836'. [ 1904.344462][T15939] loop4: detected capacity change from 0 to 40427 [ 1904.384386][T15939] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1904.402756][T15975] ptrace attach of "./syz-executor exec"[8195] was attempted by "./syz-executor exec"[15975] [ 1904.412689][T15939] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1904.489580][T15939] F2FS-fs (loop4): invalid crc value [ 1904.528234][T15939] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1904.710338][T15939] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1904.733814][T15939] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1904.909865][T15939] syz.4.18822: attempt to access beyond end of device [ 1904.909865][T15939] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1905.010016][T15995] loop1: detected capacity change from 0 to 512 [ 1905.028985][T15995] EXT4-fs: Ignoring removed orlov option [ 1905.057376][T15995] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1905.108548][T15995] EXT4-fs (loop1): orphan cleanup on readonly fs [ 1905.133373][T15997] bridge0: port 1(bridge_slave_0) entered disabled state [ 1905.136888][T15995] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.18848: bg 0: block 248: padding at end of block bitmap is not set [ 1905.155138][T15997] bridge0: port 2(bridge_slave_1) entered disabled state [ 1905.195918][T15995] __quota_error: 196 callbacks suppressed [ 1905.195939][T15995] Quota error (device loop1): write_blk: dquota write failed [ 1905.235950][T15995] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 1905.305876][T15995] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.18848: Failed to acquire dquot type 1 [ 1905.396624][T15995] EXT4-fs (loop1): 1 truncate cleaned up [ 1905.415667][T15995] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1905.482562][T15995] EXT4-fs: Ignoring removed orlov option [ 1905.516022][T15995] EXT4-fs: can't change dax mount option while remounting [ 1905.585759][ T5671] usb 6-1: new full-speed USB device number 15 using dummy_hcd [ 1905.631051][ T5777] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1905.782523][ T5671] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1905.815766][ T5671] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1905.846339][ T5671] usb 6-1: config 0 descriptor?? [ 1905.939281][T16014] veth0_vlan: left promiscuous mode [ 1905.944577][T16014] vlan1: entered allmulticast mode [ 1906.095247][T16016] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18858'. [ 1906.119795][T16018] loop0: detected capacity change from 0 to 256 [ 1906.289663][ T5671] [drm:udl_init] *ERROR* Selecting channel failed [ 1906.317976][ T5671] [drm] Initialized udl 0.0.1 20120220 for 6-1:0.0 on minor 2 [ 1906.352967][ T5671] [drm] Initialized udl on minor 2 [ 1906.373719][ T5671] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1906.393336][ T5671] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 1906.408997][ T787] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1906.427864][ T787] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 1906.453904][ T5671] usb 6-1: USB disconnect, device number 15 [ 1906.561113][T16028] netlink: 12 bytes leftover after parsing attributes in process `syz.1.18864'. [ 1906.975401][T16041] sit0: entered promiscuous mode [ 1907.028400][T16041] netlink: 'syz.4.18870': attribute type 1 has an invalid length. [ 1907.075754][T16041] netlink: 1 bytes leftover after parsing attributes in process `syz.4.18870'. [ 1907.137584][T16047] netlink: 'syz.5.18873': attribute type 3 has an invalid length. [ 1907.145481][T16047] netlink: 'syz.5.18873': attribute type 1 has an invalid length. [ 1907.153995][T16047] netlink: 216 bytes leftover after parsing attributes in process `syz.5.18873'. [ 1907.163465][T16047] NCSI netlink: No device for ifindex 33022 [ 1907.217690][T16049] ip6t_rpfilter: unknown options [ 1907.816418][ T9] usb 2-1: new full-speed USB device number 35 using dummy_hcd [ 1907.983767][T16079] loop5: detected capacity change from 0 to 64 [ 1907.998651][T16079] hfs: unable to locate alternate MDB [ 1908.019144][ T9] usb 2-1: config 0 has an invalid interface number: 110 but max is 0 [ 1908.027345][T16079] hfs: continuing without an alternate MDB [ 1908.040090][ T9] usb 2-1: config 0 has no interface number 0 [ 1908.046845][ T9] usb 2-1: config 0 interface 110 has no altsetting 0 [ 1908.059848][ T9] usb 2-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=af.55 [ 1908.079210][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1908.096196][ T9] usb 2-1: Product: syz [ 1908.100673][ T9] usb 2-1: Manufacturer: syz [ 1908.105536][ T9] usb 2-1: SerialNumber: syz [ 1908.131150][ T9] usb 2-1: config 0 descriptor?? [ 1908.245273][T16083] gtp0: entered promiscuous mode [ 1908.255205][T16083] gtp0: entered allmulticast mode [ 1908.379876][ T9] cdc_subset: probe of 2-1:0.110 failed with error -22 [ 1908.419470][T16087] netlink: 24 bytes leftover after parsing attributes in process `syz.4.18893'. [ 1908.633939][ T9] usb 2-1: USB disconnect, device number 35 [ 1908.769815][T16099] netlink: 12 bytes leftover after parsing attributes in process `syz.5.18899'. [ 1908.791416][T16099] netlink: 60 bytes leftover after parsing attributes in process `syz.5.18899'. [ 1908.885510][T16101] netlink: 'syz.0.18900': attribute type 6 has an invalid length. [ 1909.199623][T16115] netlink: 'syz.0.18907': attribute type 30 has an invalid length. [ 1909.230857][T16115] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode balance-alb(6) [ 1909.418239][T16121] loop4: detected capacity change from 0 to 256 [ 1909.504065][T16121] FAT-fs (loop4): Directory bread(block 64) failed [ 1909.523174][T16121] FAT-fs (loop4): Directory bread(block 65) failed [ 1909.536957][T16121] FAT-fs (loop4): Directory bread(block 66) failed [ 1909.550804][T16121] FAT-fs (loop4): Directory bread(block 67) failed [ 1909.558083][T16121] FAT-fs (loop4): Directory bread(block 68) failed [ 1909.571496][T16121] FAT-fs (loop4): Directory bread(block 69) failed [ 1909.578856][T16121] FAT-fs (loop4): Directory bread(block 70) failed [ 1909.586881][T16121] FAT-fs (loop4): Directory bread(block 71) failed [ 1909.593688][T16121] FAT-fs (loop4): Directory bread(block 72) failed [ 1909.600918][T16121] FAT-fs (loop4): Directory bread(block 73) failed [ 1910.215850][T16152] netlink: 20 bytes leftover after parsing attributes in process `syz.4.18924'. [ 1910.325832][ T787] usb 1-1: new full-speed USB device number 24 using dummy_hcd [ 1910.507851][ T787] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1910.525767][ T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1910.545031][ T787] usb 1-1: config 0 descriptor?? [ 1910.846219][T16161] loop4: detected capacity change from 0 to 32768 [ 1910.893775][T16161] ERROR: (device loop4): dbAlloc: the hint is outside the map [ 1910.893775][T16161] [ 1910.905200][T16161] ialloc: diAlloc returned -5! [ 1910.988642][ T787] [drm:udl_init] *ERROR* Selecting channel failed [ 1911.025319][ T787] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 1911.034678][ T787] [drm] Initialized udl on minor 2 [ 1911.075887][ T787] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1911.111129][ T787] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 1911.140736][ T5817] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1911.156021][ T787] usb 1-1: USB disconnect, device number 24 [ 1911.164960][ T5817] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 1911.301126][ T9] usb 5-1: new high-speed USB device number 51 using dummy_hcd [ 1911.381176][T16166] loop5: detected capacity change from 0 to 32768 [ 1911.438527][T16166] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1911.505868][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 1911.514772][ T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 1911.585933][ T9] usb 5-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 1911.631553][T16166] XFS (loop5): Ending clean mount [ 1911.646000][ T9] usb 5-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 1911.680016][ T9] usb 5-1: Product: syz [ 1911.684251][ T9] usb 5-1: Manufacturer: syz [ 1911.710453][ T9] usb 5-1: SerialNumber: syz [ 1911.994294][ T9] usb 5-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 1912.014465][ T9] usb 5-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 1912.027682][ T8195] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1912.045161][ T9] usb 5-1: Handspring Visor / Palm OS: Number of ports: 2 [ 1912.204359][ T9] usb 5-1: palm_os_3_probe - error -71 getting bytes available request [ 1912.231341][ T9] visor 5-1:1.0: Handspring Visor / Palm OS converter detected [ 1912.284141][ T9] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 1912.318188][ T9] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 1912.347945][ T9] usb 5-1: USB disconnect, device number 51 [ 1912.376833][ T9] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 1912.505478][ T9] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 1912.541984][ T9] visor 5-1:1.0: device disconnected [ 1912.572972][T16204] loop0: detected capacity change from 0 to 1024 [ 1912.775324][ T11] hfsplus: b-tree write err: -5, ino 4 [ 1913.047369][T16218] netlink: 44 bytes leftover after parsing attributes in process `syz.5.18947'. [ 1913.235819][ T9] usb 2-1: new full-speed USB device number 36 using dummy_hcd [ 1913.427976][ T9] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1913.446669][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1913.492132][ T9] usb 2-1: config 0 descriptor?? [ 1913.701159][T16240] netlink: 300 bytes leftover after parsing attributes in process `syz.4.18960'. [ 1913.705273][ T28] audit: type=1326 audit(2000000407.470:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16241 comm="syz.0.18961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba72d9aeb9 code=0x7ffc0000 [ 1913.784554][ T28] audit: type=1326 audit(2000000407.510:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16241 comm="syz.0.18961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba72d9aeb9 code=0x7ffc0000 [ 1913.816332][ T28] audit: type=1326 audit(2000000407.510:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16241 comm="syz.0.18961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7fba72d9aeb9 code=0x7ffc0000 [ 1913.885512][ T28] audit: type=1326 audit(2000000407.510:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16241 comm="syz.0.18961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba72d9aeb9 code=0x7ffc0000 [ 1913.932652][T16246] netlink: 'syz.5.18962': attribute type 1 has an invalid length. [ 1913.942712][ T9] [drm:udl_init] *ERROR* Selecting channel failed [ 1913.944267][ T28] audit: type=1326 audit(2000000407.510:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16241 comm="syz.0.18961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba72d9aeb9 code=0x7ffc0000 [ 1913.979557][T16246] netlink: 224 bytes leftover after parsing attributes in process `syz.5.18962'. [ 1913.980075][ T9] [drm] Initialized udl 0.0.1 20120220 for 2-1:0.0 on minor 2 [ 1914.084998][T16248] loop0: detected capacity change from 0 to 4096 [ 1914.091573][ T9] [drm] Initialized udl on minor 2 [ 1914.092596][ T9] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1914.119858][T16248] EXT4-fs: Ignoring removed mblk_io_submit option [ 1914.125983][ T9] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 1914.135180][T16184] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1914.166137][T16184] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1914.170446][T16248] EXT4-fs (loop0): Test dummy encryption mode enabled [ 1914.175519][T16184] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 1914.189509][ T9] usb 2-1: USB disconnect, device number 36 [ 1914.231661][T16250] loop5: detected capacity change from 0 to 256 [ 1914.241571][T16248] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1914.578775][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1915.245813][T16282] netlink: 'syz.1.18979': attribute type 1 has an invalid length. [ 1915.250477][T16281] (unnamed net_device) (uninitialized): option arp_validate: mode dependency failed, not supported in mode 802.3ad(4) [ 1915.257180][T16282] netlink: 480 bytes leftover after parsing attributes in process `syz.1.18979'. [ 1915.307055][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1915.313601][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 1915.449411][T16285] loop4: detected capacity change from 0 to 1024 [ 1915.546386][T16289] netlink: 'syz.1.18983': attribute type 3 has an invalid length. [ 1915.554275][T16289] netlink: 'syz.1.18983': attribute type 27 has an invalid length. [ 1915.556458][T16287] loop0: detected capacity change from 0 to 512 [ 1915.702321][T16287] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1915.736188][T16287] ext4 filesystem being mounted at /4867/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1915.820875][T16287] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 1915.840443][T16270] loop5: detected capacity change from 0 to 32768 [ 1915.855823][T16287] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 64512 [ 1915.879811][T16287] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.18982: Failed to acquire dquot type 0 [ 1915.946454][T16270] add_index: next_index = 0. Resetting! [ 1915.974519][T16270] find_entry called with index >= next_index [ 1915.992627][T16270] find_entry called with index >= next_index [ 1916.013949][T16270] find_entry called with index >= next_index [ 1916.022976][T16270] find_entry called with index >= next_index [ 1916.031293][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1916.259087][T16301] loop4: detected capacity change from 0 to 2048 [ 1916.310324][T16301] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 1916.337661][T16301] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1916.565830][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1916.737230][T16316] bridge6: entered promiscuous mode [ 1917.800324][T16355] netlink: 11 bytes leftover after parsing attributes in process `syz.0.19014'. [ 1917.979562][T16362] xt_bpf: check failed: parse error [ 1919.058872][T16407] netlink: 84 bytes leftover after parsing attributes in process `syz.1.19038'. [ 1919.208750][T16411] cgroup: Invalid name [ 1919.558400][ T5817] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 1919.750889][ T5817] usb 2-1: Using ep0 maxpacket: 16 [ 1919.777803][ T5817] usb 2-1: config 0 has no interfaces? [ 1919.806570][ T5817] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1919.825765][ T5817] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1919.844529][ T5817] usb 2-1: Product: syz [ 1919.859140][ T5817] usb 2-1: Manufacturer: syz [ 1919.863803][ T5817] usb 2-1: SerialNumber: syz [ 1919.897297][ T5817] r8152-cfgselector 2-1: config 0 descriptor?? [ 1919.932150][T16433] netlink: 8 bytes leftover after parsing attributes in process `syz.5.19051'. [ 1919.967141][T16414] loop4: detected capacity change from 0 to 32768 [ 1920.031995][T16414] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1920.131238][ T5817] usbip-host 2-1: 2-1 is not in match_busid table... skip! [ 1920.160453][T16414] XFS (loop4): Ending clean mount [ 1920.333290][T25597] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1920.373296][ T5817] usb 2-1: USB disconnect, device number 37 [ 1921.000465][T16464] netlink: 8 bytes leftover after parsing attributes in process `syz.0.19062'. [ 1922.491500][T16517] netlink: 8 bytes leftover after parsing attributes in process `syz.4.19088'. [ 1922.880389][T16530] loop4: detected capacity change from 0 to 256 [ 1922.975865][T16530] FAT-fs (loop4): Directory bread(block 64) failed [ 1922.982497][T16530] FAT-fs (loop4): Directory bread(block 65) failed [ 1923.025075][T16530] FAT-fs (loop4): Directory bread(block 66) failed [ 1923.051525][T16530] FAT-fs (loop4): Directory bread(block 67) failed [ 1923.080825][T16530] FAT-fs (loop4): Directory bread(block 68) failed [ 1923.101202][T16530] FAT-fs (loop4): Directory bread(block 69) failed [ 1923.120753][T16530] FAT-fs (loop4): Directory bread(block 70) failed [ 1923.144221][T16530] FAT-fs (loop4): Directory bread(block 71) failed [ 1923.170611][T16530] FAT-fs (loop4): Directory bread(block 72) failed [ 1923.195828][T16530] FAT-fs (loop4): Directory bread(block 73) failed [ 1923.903771][T16565] loop4: detected capacity change from 0 to 64 [ 1923.917699][T16565] hfs: unable to locate alternate MDB [ 1923.924859][T16567] trusted_key: encrypted_key: keyword 'load±|óÊ“.V§í' not recognized [ 1923.933793][T16565] hfs: continuing without an alternate MDB [ 1923.997116][ T6656] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1924.912616][T16592] loop5: detected capacity change from 0 to 4096 [ 1924.932640][T16592] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 1925.142018][T16608] netlink: 8 bytes leftover after parsing attributes in process `syz.1.19130'. [ 1925.148071][T16592] ntfs3: loop5: failed to convert "c46c" to maccroatian [ 1925.577863][T16619] netlink: 'syz.4.19135': attribute type 3 has an invalid length. [ 1925.592813][T16619] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 1926.063063][T16603] loop0: detected capacity change from 0 to 32768 [ 1926.195278][T16635] macvtap0: entered allmulticast mode [ 1926.200897][T16635] veth0_macvtap: entered allmulticast mode [ 1926.255550][T16603] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1926.468710][T16603] XFS (loop0): Ending clean mount [ 1926.772427][ T5767] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1926.952255][T16621] loop1: detected capacity change from 0 to 32768 [ 1926.961819][T16651] netlink: 88 bytes leftover after parsing attributes in process `syz.5.19146'. [ 1927.001848][T16621] XFS: attr2 mount option is deprecated. [ 1927.097384][T16621] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1927.211473][T16663] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 1927.252614][T16665] netlink: 28 bytes leftover after parsing attributes in process `syz.4.19149'. [ 1927.275845][T16665] netlink: 108 bytes leftover after parsing attributes in process `syz.4.19149'. [ 1927.285342][T16665] netlink: 28 bytes leftover after parsing attributes in process `syz.4.19149'. [ 1927.307534][T16665] netlink: 108 bytes leftover after parsing attributes in process `syz.4.19149'. [ 1927.340315][T16665] netlink: 84 bytes leftover after parsing attributes in process `syz.4.19149'. [ 1927.350334][T16621] XFS (loop1): Ending clean mount [ 1927.425051][T16621] XFS (loop1): Quotacheck needed: Please wait. [ 1927.562932][T16621] XFS (loop1): Quotacheck: Done. [ 1927.694883][ T5777] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1928.359891][T16687] netlink: 4 bytes leftover after parsing attributes in process `syz.0.19158'. [ 1928.460641][T16671] loop4: detected capacity change from 0 to 32768 [ 1928.534581][T16671] ERROR: (device loop4): dtSearch: DT_GETPAGE: dtree page corrupt [ 1928.534581][T16671] [ 1928.568949][T16671] ERROR: (device loop4): remounting filesystem as read-only [ 1928.592640][T16671] jfs_lookup: dtSearch returned -5 [ 1929.688357][T16724] netlink: 'syz.1.19177': attribute type 1 has an invalid length. [ 1929.706173][T16724] netlink: 224 bytes leftover after parsing attributes in process `syz.1.19177'. [ 1929.726035][T16724] netlink: 8 bytes leftover after parsing attributes in process `syz.1.19177'. [ 1929.970388][T16732] netlink: 'syz.5.19182': attribute type 10 has an invalid length. [ 1930.033332][T16732] team0: Port device bridge0 added [ 1930.489407][T16750] IPv6: Can't replace route, no match found [ 1930.605810][ T787] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 1930.805833][ T787] usb 2-1: Using ep0 maxpacket: 16 [ 1930.818070][ T787] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1930.832147][T16738] loop0: detected capacity change from 0 to 32768 [ 1930.848599][ T787] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1930.877737][ T787] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1930.901064][ T787] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1930.919185][ T787] usb 2-1: Product: syz [ 1930.924636][ T787] usb 2-1: Manufacturer: syz [ 1930.930944][ T787] usb 2-1: SerialNumber: syz [ 1930.959583][T16738] JBD2: Ignoring recovery information on journal [ 1931.203586][T16738] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 1931.225219][T16774] netlink: 'syz.5.19201': attribute type 10 has an invalid length. [ 1931.282731][T16774] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 1931.436320][T16738] OCFS2: ERROR (device loop0): int ocfs2_xattr_find_entry(struct inode *, int, const char *, struct ocfs2_xattr_search *): corrupted xattr entries [ 1931.436535][T16738] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 1931.466058][T16738] OCFS2: File system is now read-only. [ 1931.471587][T16738] (syz.0.19184,16738,0):ocfs2_calc_xattr_init:638 ERROR: status = -117 [ 1931.473170][ T787] usb 2-1: cannot find UAC_HEADER [ 1931.496256][T16738] (syz.0.19184,16738,0):ocfs2_mknod:334 ERROR: status = -117 [ 1931.504337][T16738] (syz.0.19184,16738,0):ocfs2_mknod:502 ERROR: status = -117 [ 1931.519089][T16738] (syz.0.19184,16738,0):ocfs2_mkdir:659 ERROR: status = -117 [ 1931.558988][ T787] snd-usb-audio: probe of 2-1:1.0 failed with error -22 [ 1931.596369][ T787] usb 2-1: USB disconnect, device number 38 [ 1931.643776][ T6656] udevd[6656]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1931.741701][ T5767] ocfs2: Unmounting device (7,0) on (node local) [ 1932.085231][T16790] loop0: detected capacity change from 0 to 512 [ 1932.110542][T16790] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 1932.147627][T16790] EXT4-fs (loop0): Errors on filesystem, clearing orphan list. [ 1932.165908][T16183] usb 5-1: new high-speed USB device number 52 using dummy_hcd [ 1932.181900][T16790] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1932.320674][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1932.405944][T16183] usb 5-1: Using ep0 maxpacket: 32 [ 1932.431617][T16183] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1932.458781][T16183] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 1932.486429][T16183] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1932.494487][T16183] usb 5-1: Product: syz [ 1932.515665][T16183] usb 5-1: Manufacturer: syz [ 1932.520336][T16183] usb 5-1: SerialNumber: syz [ 1932.536473][T16183] usb 5-1: config 0 descriptor?? [ 1932.547850][T16183] usb 5-1: bad CDC descriptors [ 1932.553238][T16183] usb 5-1: unsupported MDLM descriptors [ 1932.780968][T16810] loop1: detected capacity change from 0 to 128 [ 1932.799967][T16184] usb 5-1: USB disconnect, device number 52 [ 1932.812624][T16810] FAT-fs (loop1): Directory bread(block 162) failed [ 1932.812665][T16810] FAT-fs (loop1): Directory bread(block 163) failed [ 1932.812692][T16810] FAT-fs (loop1): Directory bread(block 164) failed [ 1932.812720][T16810] FAT-fs (loop1): Directory bread(block 165) failed [ 1932.812747][T16810] FAT-fs (loop1): Directory bread(block 166) failed [ 1932.812774][T16810] FAT-fs (loop1): Directory bread(block 167) failed [ 1932.812801][T16810] FAT-fs (loop1): Directory bread(block 168) failed [ 1932.812828][T16810] FAT-fs (loop1): Directory bread(block 169) failed [ 1932.832176][T16810] FAT-fs (loop1): Directory bread(block 162) failed [ 1932.832296][T16810] FAT-fs (loop1): Directory bread(block 163) failed [ 1932.832920][T16810] syz.1.19218: attempt to access beyond end of device [ 1932.832920][T16810] loop1: rw=3, sector=226, nr_sectors = 6 limit=128 [ 1932.833259][T16810] syz.1.19218: attempt to access beyond end of device [ 1932.833259][T16810] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 1932.982574][T16814] tc_dump_action: action bad kind [ 1933.384965][T16825] loop0: detected capacity change from 0 to 512 [ 1933.420362][T16825] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1933.475878][T16825] EXT4-fs (loop0): filesystem is read-only [ 1933.505570][T16825] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 1933.541229][T16825] EXT4-fs (loop0): filesystem is read-only [ 1933.593745][T16825] EXT4-fs (loop0): orphan cleanup on readonly fs [ 1933.606176][T16825] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #16: comm syz.0.19226: iget: bad i_size value: 648518346341360424 [ 1933.609043][T16825] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.19226: couldn't read orphan inode 16 (err -117) [ 1933.749273][T16825] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1933.947824][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1934.220890][T16845] ip6tnl3: entered allmulticast mode [ 1934.236470][T16847] netlink: 'syz.4.19236': attribute type 21 has an invalid length. [ 1934.244506][T16847] netlink: 'syz.4.19236': attribute type 1 has an invalid length. [ 1934.466676][T16855] ieee802154 phy0 wpan0: encryption failed: -90 [ 1934.902263][T16865] loop4: detected capacity change from 0 to 4096 [ 1934.933776][T16865] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 1935.353969][T16887] loop0: detected capacity change from 0 to 512 [ 1935.452636][T16887] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:478: comm syz.0.19254: Invalid block bitmap block 0 in block_group 0 [ 1935.563696][T16887] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6653: Corrupt filesystem [ 1935.591945][T16887] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.19254: attempt to clear invalid blocks 983261 len 1 [ 1935.616978][T16899] CIFS mount error: No usable UNC path provided in device string! [ 1935.616978][T16899] [ 1935.629762][T16899] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1935.648695][T16887] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.19254: invalid indirect mapped block 2683928664 (level 0) [ 1935.682072][T16887] EXT4-fs error (device loop0): __ext4_get_inode_loc:4489: comm syz.0.19254: Invalid inode table block 0 in block_group 0 [ 1935.714964][T16887] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 1935.742815][T16887] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem [ 1935.752142][T16887] EXT4-fs error (device loop0): __ext4_get_inode_loc:4489: comm syz.0.19254: Invalid inode table block 0 in block_group 0 [ 1935.788576][T16887] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 1935.828033][T16887] EXT4-fs error (device loop0): ext4_truncate:4294: inode #13: comm syz.0.19254: mark_inode_dirty error [ 1935.845982][T16905] netlink: 84 bytes leftover after parsing attributes in process `syz.1.19263'. [ 1935.900323][T16887] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem [ 1935.921924][T16887] EXT4-fs error (device loop0): __ext4_get_inode_loc:4489: comm syz.0.19254: Invalid inode table block 0 in block_group 0 [ 1935.975244][T16887] EXT4-fs (loop0): 1 truncate cleaned up [ 1936.025212][T16887] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1936.101078][T16887] EXT4-fs error (device loop0): __ext4_get_inode_loc:4489: comm syz.0.19254: Invalid inode table block 0 in block_group 0 [ 1936.170049][T16887] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 1936.255179][T16917] loop4: detected capacity change from 0 to 16 [ 1936.300012][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1936.313229][T16917] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 1936.681359][T16926] loop5: detected capacity change from 0 to 8192 [ 1936.691547][T16926] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1936.713820][T16926] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 1936.723290][ T787] usb 2-1: new high-speed USB device number 39 using dummy_hcd [ 1936.734588][T16926] REISERFS (device loop5): using ordered data mode [ 1936.741575][T16926] reiserfs: using flush barriers [ 1936.757215][T16926] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1936.778159][T16926] REISERFS (device loop5): checking transaction log (loop5) [ 1936.803449][T16926] REISERFS (device loop5): Using r5 hash to sort names [ 1936.850679][T16926] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 1936.912039][ T787] usb 2-1: Using ep0 maxpacket: 16 [ 1936.986060][ T787] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 1936.996009][ T787] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 52, changing to 9 [ 1937.030750][ T787] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid maxpacket 8241, setting to 1024 [ 1937.068901][ T787] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1937.091982][ T787] usb 2-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 1937.101383][ T787] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1937.125471][ T787] usb 2-1: Product: syz [ 1937.145487][ T787] usb 2-1: Manufacturer: syz [ 1937.156207][ T787] usb 2-1: SerialNumber: syz [ 1937.183547][ T787] usb 2-1: config 0 descriptor?? [ 1937.290623][T16944] : renamed from veth0_to_bond (while UP) [ 1937.460713][ T787] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input109 [ 1937.741880][ C0] synaptics_usb 2-1:0.0: synusb_irq - usb_submit_urb failed with result: -19 [ 1937.741888][ T787] usb 2-1: USB disconnect, device number 39 [ 1937.993984][T16940] loop5: detected capacity change from 0 to 32768 [ 1938.049150][T16940] JBD2: Ignoring recovery information on journal [ 1938.102188][T16940] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1938.215098][ T2908] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1938.253444][ T2908] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1938.426135][T16940] OCFS2: ERROR (device loop5): int ocfs2_xattr_find_entry(struct inode *, int, const char *, struct ocfs2_xattr_search *): corrupted xattr entries [ 1938.426174][T16940] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 1938.502962][T16967] loop0: detected capacity change from 0 to 4096 [ 1938.539376][T16967] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 1938.552786][T16971] x_tables: duplicate underflow at hook 1 [ 1938.576822][T16940] OCFS2: File system is now read-only. [ 1938.582408][T16940] (syz.5.19280,16940,0):ocfs2_calc_xattr_init:638 ERROR: status = -117 [ 1938.590994][T16940] (syz.5.19280,16940,0):ocfs2_mknod:334 ERROR: status = -117 [ 1938.598616][T16940] (syz.5.19280,16940,0):ocfs2_mknod:502 ERROR: status = -117 [ 1938.608326][T16940] (syz.5.19280,16940,0):ocfs2_mkdir:659 ERROR: status = -117 [ 1938.638766][T16967] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 1938.700966][T16967] ntfs3: loop0: volume is dirty and "force" flag is not set! [ 1938.896352][ T8195] ocfs2: Unmounting device (7,5) on (node local) [ 1939.091783][T16978] loop1: detected capacity change from 0 to 256 [ 1939.122964][T16978] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1939.542989][T16966] loop4: detected capacity change from 0 to 40427 [ 1939.575761][T16966] F2FS-fs (loop4): build fault injection attr: rate: 684, type: 0x7ffff [ 1939.602393][T16966] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0x35f7 [ 1939.627134][T16966] F2FS-fs (loop4): Image doesn't support compression [ 1939.646188][T16966] F2FS-fs (loop4): invalid crc value [ 1939.673659][T16966] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1939.815889][T16966] F2FS-fs (loop4): Start checkpoint disabled! [ 1939.829461][T16966] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 1939.938180][T16966] syz.4.19292: attempt to access beyond end of device [ 1939.938180][T16966] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1940.242393][T31242] kworker/u4:2: attempt to access beyond end of device [ 1940.242393][T31242] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 1940.279221][T31242] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 1940.310992][T31242] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 1940.429981][T16983] loop5: detected capacity change from 0 to 32768 [ 1940.441294][T16999] loop0: detected capacity change from 0 to 512 [ 1940.449838][T16983] XFS: attr2 mount option is deprecated. [ 1940.451877][T16999] EXT4-fs: Ignoring removed bh option [ 1940.486690][T16999] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 1940.502823][T16999] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 1940.552326][T16999] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 1940.590880][T16999] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 1940.616045][T16983] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1940.662523][T16999] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1940.700019][T16993] loop1: detected capacity change from 0 to 32768 [ 1940.746151][T16993] JBD2: Ignoring recovery information on journal [ 1940.801238][T16983] XFS (loop5): Ending clean mount [ 1940.834093][T16983] XFS (loop5): Quotacheck needed: Please wait. [ 1940.857770][T16993] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 1940.967009][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1941.060768][T16983] XFS (loop5): Quotacheck: Done. [ 1941.224385][T16993] OCFS2: ERROR (device loop1): int ocfs2_xattr_find_entry(struct inode *, int, const char *, struct ocfs2_xattr_search *): corrupted xattr entries [ 1941.224423][T16993] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 1941.262948][T16993] OCFS2: File system is now read-only. [ 1941.271362][T16993] (syz.1.19304,16993,0):ocfs2_calc_xattr_init:638 ERROR: status = -117 [ 1941.284079][T16993] (syz.1.19304,16993,0):ocfs2_mknod:334 ERROR: status = -117 [ 1941.310931][T16993] (syz.1.19304,16993,0):ocfs2_mknod:502 ERROR: status = -117 [ 1941.362444][T16993] (syz.1.19304,16993,0):ocfs2_mkdir:659 ERROR: status = -117 [ 1941.383325][ T8195] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1941.556507][T17019] loop0: detected capacity change from 0 to 8192 [ 1941.598215][ T5777] ocfs2: Unmounting device (7,1) on (node local) [ 1941.671633][T17019] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 1941.703705][T17019] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 1941.735778][T17019] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 1941.744456][T17019] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 1941.825890][T17019] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 1941.846104][T17019] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 1941.854780][T17019] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 1941.916378][T17019] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 1941.945804][T17019] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 1941.954610][T17019] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 1941.973563][T17019] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 1942.005905][ T28] audit: type=1800 audit(2000000435.770:793): pid=17019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.19310" name="file2" dev="loop0" ino=1048795 res=0 errno=0 [ 1942.217170][T17026] loop1: detected capacity change from 0 to 256 [ 1942.254210][T17021] loop4: detected capacity change from 0 to 32768 [ 1942.298306][T17021] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1942.382927][T17026] FAT-fs (loop1): Directory bread(block 64) failed [ 1942.421747][T17026] FAT-fs (loop1): Directory bread(block 65) failed [ 1942.438141][T17026] FAT-fs (loop1): Directory bread(block 66) failed [ 1942.456795][T17026] FAT-fs (loop1): Directory bread(block 67) failed [ 1942.463501][T17026] FAT-fs (loop1): Directory bread(block 68) failed [ 1942.497615][T17026] FAT-fs (loop1): Directory bread(block 69) failed [ 1942.524679][T17026] FAT-fs (loop1): Directory bread(block 70) failed [ 1942.524829][T17021] XFS (loop4): Ending clean mount [ 1942.532195][T17026] FAT-fs (loop1): Directory bread(block 71) failed [ 1942.543283][T17026] FAT-fs (loop1): Directory bread(block 72) failed [ 1942.586780][T17021] XFS (loop4): Quotacheck needed: Please wait. [ 1942.607823][T17026] FAT-fs (loop1): Directory bread(block 73) failed [ 1942.685427][T17021] XFS (loop4): Quotacheck: Done. [ 1943.025110][T25597] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1943.303725][T17050] ax25_connect(): syz.1.19321 uses autobind, please contact jreuter@yaina.de [ 1943.731452][T17062] loop4: detected capacity change from 0 to 16 [ 1943.739268][T17058] : left promiscuous mode [ 1943.750836][T17062] erofs: (device loop4): mounted with root inode @ nid 36. [ 1943.760112][T17058] bridge_slave_1: left promiscuous mode [ 1943.812609][T17058] net veth1_virt_wifi ÿÿÿÿÿÿ: left promiscuous mode [ 1943.835040][T17058] vlan0: left promiscuous mode [ 1943.850840][T17058] macvlan0: left promiscuous mode [ 1943.884798][T17058] veth0_macvtap: left promiscuous mode [ 1943.918957][T17058] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 1943.978283][T17058] bridge3: left promiscuous mode [ 1943.983487][T17058] bridge4: left promiscuous mode [ 1943.987521][T17066] 9pnet: Found fid 0 not clunked [ 1944.026485][T17058] gretap1: left promiscuous mode [ 1944.052460][T17058] veth5: left promiscuous mode [ 1944.064332][T17058] geneve2: left promiscuous mode [ 1944.097075][T17058] bridge8: left promiscuous mode [ 1944.632398][T17086] loop0: detected capacity change from 0 to 512 [ 1944.664731][T17086] EXT4-fs: Ignoring removed nobh option [ 1944.717435][T17086] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1944.761141][T17086] ext4 filesystem being mounted at /4968/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1945.009694][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1945.090908][T17072] loop4: detected capacity change from 0 to 32768 [ 1945.280928][T17072] UFO tlock:0xffffc9000284a168 [ 1946.556666][T17144] loop4: detected capacity change from 0 to 256 [ 1946.571630][T17146] SET target dimension over the limit! [ 1946.630019][T17144] FAT-fs (loop4): Directory bread(block 64) failed [ 1946.653057][T17144] FAT-fs (loop4): Directory bread(block 65) failed [ 1946.676077][T17144] FAT-fs (loop4): Directory bread(block 66) failed [ 1946.693131][T17144] FAT-fs (loop4): Directory bread(block 67) failed [ 1946.726048][T17144] FAT-fs (loop4): Directory bread(block 68) failed [ 1946.741572][T17144] FAT-fs (loop4): Directory bread(block 69) failed [ 1946.763316][T17144] FAT-fs (loop4): Directory bread(block 70) failed [ 1946.783718][T17144] FAT-fs (loop4): Directory bread(block 71) failed [ 1946.800240][T17144] FAT-fs (loop4): Directory bread(block 72) failed [ 1946.835954][T17144] FAT-fs (loop4): Directory bread(block 73) failed [ 1946.849467][T17152] netlink: 'syz.0.19372': attribute type 41 has an invalid length. [ 1947.255970][T17160] netlink: 'syz.5.19375': attribute type 3 has an invalid length. [ 1947.363570][T17140] loop1: detected capacity change from 0 to 32768 [ 1947.449303][T17140] (syz.1.19367,17140,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1947.498544][T17140] (syz.1.19367,17140,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1947.610206][T17140] JBD2: Ignoring recovery information on journal [ 1947.654830][T17172] batadv0: left promiscuous mode [ 1947.699465][T17172] bond1: left promiscuous mode [ 1947.705871][T17172] bridge4: left promiscuous mode [ 1947.754618][T17140] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 1948.147507][ T5777] ocfs2: Unmounting device (7,1) on (node local) [ 1948.519312][T17196] netlink: 12 bytes leftover after parsing attributes in process `syz.4.19391'. [ 1948.959068][T17214] comedi comedi0: pcl730: a I/O base address must be specified [ 1949.100763][T17216] netlink: 'syz.1.19400': attribute type 2 has an invalid length. [ 1949.141558][T17222] overlay: Unknown parameter '\' [ 1949.362939][T17228] netlink: 'syz.1.19406': attribute type 1 has an invalid length. [ 1949.639541][T17239] netlink: 'syz.0.19413': attribute type 1 has an invalid length. [ 1949.777685][T17244] netlink: 'syz.0.19414': attribute type 153 has an invalid length. [ 1949.795935][T17244] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.19414'. [ 1949.796173][T16183] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 1949.812410][T17246] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1949.991616][T17251] netlink: 'syz.0.19417': attribute type 4 has an invalid length. [ 1950.005220][T17251] netlink: 152 bytes leftover after parsing attributes in process `syz.0.19417'. [ 1950.033721][T16183] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1950.045855][T16183] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1950.078941][T16183] usb 2-1: Product: syz [ 1950.085988][T16183] usb 2-1: Manufacturer: syz [ 1950.103568][T16183] usb 2-1: SerialNumber: syz [ 1950.129084][T16183] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1950.189975][ T9] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1950.485856][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1950.648015][ T787] usb 2-1: USB disconnect, device number 40 [ 1951.315878][ T9] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 1951.323003][ T9] ath9k_htc: Failed to initialize the device [ 1951.344010][T17292] xt_TCPMSS: Only works on TCP SYN packets [ 1951.369067][ T787] usb 2-1: ath9k_htc: USB layer deinitialized [ 1951.543622][T17302] loop4: detected capacity change from 0 to 64 [ 1951.586014][ T28] audit: type=1326 audit(2000000445.340:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17299 comm="syz.0.19441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba72d9aeb9 code=0x7ffc0000 [ 1951.608514][ C1] vkms_vblank_simulate: vblank timer overrun [ 1951.665866][ T28] audit: type=1326 audit(2000000445.340:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17299 comm="syz.0.19441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba72d9aeb9 code=0x7ffc0000 [ 1951.688357][ C1] vkms_vblank_simulate: vblank timer overrun [ 1951.699105][T17304] netlink: 'syz.5.19443': attribute type 5 has an invalid length. [ 1951.755746][ T28] audit: type=1326 audit(2000000445.350:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17299 comm="syz.0.19441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=218 compat=0 ip=0x7fba72d9aeb9 code=0x7ffc0000 [ 1951.840371][ T28] audit: type=1326 audit(2000000445.350:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17299 comm="syz.0.19441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba72d9aeb9 code=0x7ffc0000 [ 1951.934772][ T28] audit: type=1326 audit(2000000445.350:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17299 comm="syz.0.19441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba72d9aeb9 code=0x7ffc0000 [ 1951.957279][ C1] vkms_vblank_simulate: vblank timer overrun [ 1953.075715][ T787] usb 2-1: new high-speed USB device number 41 using dummy_hcd [ 1953.092779][T17358] loop5: detected capacity change from 0 to 8 [ 1953.185388][T17358] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1953.226485][T17358] SQUASHFS error: Failed to read block 0x1dd: -5 [ 1953.242716][T17358] SQUASHFS error: Unable to read metadata cache entry [1db] [ 1953.258693][ T787] usb 2-1: config 0 has an invalid interface number: 120 but max is 0 [ 1953.260518][T17358] SQUASHFS error: Unable to read inode 0xa7 [ 1953.280481][ T787] usb 2-1: config 0 has no interface number 0 [ 1953.289118][ T787] usb 2-1: config 0 interface 120 has no altsetting 0 [ 1953.311273][ T787] usb 2-1: New USB device found, idVendor=13d8, idProduct=0010, bcdDevice=8f.72 [ 1953.337208][ T787] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1953.370734][ T787] usb 2-1: Product: syz [ 1953.374958][ T787] usb 2-1: Manufacturer: syz [ 1953.398960][ T787] usb 2-1: SerialNumber: syz [ 1953.416808][ T787] usb 2-1: config 0 descriptor?? [ 1953.660933][ T787] comedi comedi5: could not switch to alternate setting 1 [ 1953.674664][ T787] usbduxfast 2-1:0.120: driver 'usbduxfast' failed to auto-configure device. [ 1953.729362][ T787] usb 2-1: USB disconnect, device number 41 [ 1953.816392][T17378] loop0: detected capacity change from 0 to 512 [ 1953.842321][T17380] netlink: 'syz.4.19480': attribute type 5 has an invalid length. [ 1953.857822][T17380] netlink: 'syz.4.19480': attribute type 11 has an invalid length. [ 1953.930411][T17378] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1953.978597][T17378] ext4 filesystem being mounted at /5009/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1954.052826][T17378] Quota error (device loop0): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 1954.071622][T17378] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 1954.087680][T17378] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.19479: Failed to acquire dquot type 0 [ 1954.202084][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1954.453306][T17399] netlink: 184 bytes leftover after parsing attributes in process `syz.4.19489'. [ 1954.719025][T17411] netlink: 96 bytes leftover after parsing attributes in process `syz.0.19493'. [ 1955.293915][T17429] loop5: detected capacity change from 0 to 1764 [ 1955.939583][T17455] loop4: detected capacity change from 0 to 128 [ 1956.040723][T17455] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 1956.050670][T17457] loop0: detected capacity change from 0 to 256 [ 1956.336187][T17465] netlink: 'syz.1.19521': attribute type 5 has an invalid length. [ 1956.430691][T17465] : entered promiscuous mode [ 1957.631260][T17507] loop1: detected capacity change from 0 to 256 [ 1957.655723][ T5671] usb 6-1: new full-speed USB device number 16 using dummy_hcd [ 1957.721092][T17507] FAT-fs (loop1): Directory bread(block 64) failed [ 1957.737538][T17507] FAT-fs (loop1): Directory bread(block 65) failed [ 1957.755037][T17507] FAT-fs (loop1): Directory bread(block 66) failed [ 1957.766630][T17507] FAT-fs (loop1): Directory bread(block 67) failed [ 1957.791862][T17507] FAT-fs (loop1): Directory bread(block 68) failed [ 1957.808844][T17507] FAT-fs (loop1): Directory bread(block 69) failed [ 1957.827016][T17507] FAT-fs (loop1): Directory bread(block 70) failed [ 1957.833596][T17507] FAT-fs (loop1): Directory bread(block 71) failed [ 1957.858465][T17507] FAT-fs (loop1): Directory bread(block 72) failed [ 1957.870652][ T5671] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 1957.885774][T17507] FAT-fs (loop1): Directory bread(block 73) failed [ 1957.892422][ T5671] usb 6-1: config 179 has no interface number 0 [ 1957.912860][ T5671] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10 [ 1957.936150][ T5671] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 64 [ 1957.957750][ T5671] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 1957.985690][ T5671] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 45824, setting to 64 [ 1957.997147][ T5671] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1958.010711][ T5671] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 1958.020404][ T5671] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1958.038418][T17499] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1958.046400][T17499] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1958.094005][T17491] loop0: detected capacity change from 0 to 40427 [ 1958.144782][T17491] F2FS-fs (loop0): invalid crc value [ 1958.187925][T17491] F2FS-fs (loop0): Found nat_bits in checkpoint [ 1958.436187][T17491] F2FS-fs (loop0): Start checkpoint disabled! [ 1958.534810][T17491] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 1958.781577][ T9] usb 6-1: USB disconnect, device number 16 [ 1958.781622][ C1] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 1958.796058][ C1] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1958.807998][ C1] vkms_vblank_simulate: vblank timer overrun [ 1958.921299][T17505] loop4: detected capacity change from 0 to 32768 [ 1958.977356][T17505] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 1959.010060][T17505] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 1959.110874][T17505] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 1959.253483][T17524] kAFS: No cell specified [ 1959.415554][T17505] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 1959.578800][T17533] tmpfs: Bad value for 'mpol' [ 1960.165813][T16183] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 1960.193788][T17549] ./file0: Can't lookup blockdev [ 1960.357213][T16183] usb 1-1: Using ep0 maxpacket: 8 [ 1960.364629][T16183] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1960.397966][T16183] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 1960.424135][T16183] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 1960.437773][T16183] usb 1-1: SerialNumber: syz [ 1960.453129][T16183] usb 1-1: config 0 descriptor?? [ 1960.479446][T16183] usb 1-1: Found UVC 0.00 device (05ac:8501) [ 1960.505887][T16183] usb 1-1: Failed to create links for entity 255 [ 1960.512345][T16183] usb 1-1: Failed to register entities (-22). [ 1960.764568][ T5671] usb 1-1: USB disconnect, device number 25 [ 1960.799016][T17570] PKCS7: Unknown OID: [4] 0.0 [ 1960.824145][T17570] PKCS7: Only support pkcs7_signedData type [ 1961.424440][T17587] netlink: 9412 bytes leftover after parsing attributes in process `syz.5.19580'. [ 1961.678557][ T5671] usb 5-1: new high-speed USB device number 53 using dummy_hcd [ 1961.876023][ T5671] usb 5-1: Using ep0 maxpacket: 16 [ 1961.914487][ T5671] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 1961.952580][ T5671] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1961.990772][ T5671] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1962.003021][T17603] loop0: detected capacity change from 0 to 64 [ 1962.030781][ T5671] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1962.056051][ T5671] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1962.064099][ T5671] usb 5-1: Product: syz [ 1962.083065][ T5671] usb 5-1: Manufacturer: syz [ 1962.092635][ T5671] usb 5-1: SerialNumber: syz [ 1962.362610][ T5671] usb 5-1: 0:2 : does not exist [ 1962.383933][ T5671] usb 5-1: 1:0: cannot get min/max values for control 4 (id 1) [ 1962.430760][ T5671] usb 5-1: USB disconnect, device number 53 [ 1962.445944][T16183] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 1962.472522][ T6656] udevd[6656]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1962.603325][T17581] syz.1.19577 (17581): drop_caches: 2 [ 1962.658279][T17603] syz.0.19585: attempt to access beyond end of device [ 1962.658279][T17603] loop0: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 1962.672829][T16183] usb 6-1: Using ep0 maxpacket: 16 [ 1962.698962][T17603] Buffer I/O error on dev loop0, logical block 134217734, async page read [ 1962.709302][T16183] usb 6-1: config 0 has an invalid interface number: 8 but max is 0 [ 1962.727880][T16183] usb 6-1: config 0 has no interface number 0 [ 1962.743587][T17607] loop1: detected capacity change from 0 to 1024 [ 1962.750882][T16183] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 208, changing to 11 [ 1962.769981][T16183] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 25296, setting to 1024 [ 1962.805149][T16183] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 1962.823527][T17607] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1962.826496][T16183] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 1962.843966][T16183] usb 6-1: Product: syz [ 1962.849599][T16183] usb 6-1: SerialNumber: syz [ 1962.869636][T16183] usb 6-1: config 0 descriptor?? [ 1962.880888][T16183] cm109 6-1:0.8: invalid payload size 1024, expected 4 [ 1962.897696][T16183] input: CM109 USB driver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.8/input/input111 [ 1962.945271][ T5777] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1963.486767][ C0] cm109 6-1:0.8: cm109_urb_irq_callback: urb status -71 [ 1963.494212][ C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1963.501586][ C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1963.506228][ T5817] usb 6-1: USB disconnect, device number 17 [ 1963.508546][ C0] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 1963.615155][ T5817] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 1963.986737][ T9] usb 1-1: new full-speed USB device number 26 using dummy_hcd [ 1964.235421][ T9] usb 1-1: config index 0 descriptor too short (expected 69, got 36) [ 1964.255732][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1964.279688][ T9] usb 1-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89 [ 1964.296878][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1964.324897][ T9] usb 1-1: Product: syz [ 1964.330893][ T9] usb 1-1: Manufacturer: syz [ 1964.335531][ T9] usb 1-1: SerialNumber: syz [ 1964.354673][ T9] usb 1-1: config 0 descriptor?? [ 1964.368264][T17652] loop5: detected capacity change from 0 to 64 [ 1964.400704][ T9] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622 [ 1964.509606][T17656] binder: 17655:17656 unknown command 1074553619 [ 1964.539509][T17656] binder: 17655:17656 ioctl c0306201 200000000540 returned -22 [ 1964.838105][ T9] gspca_pac7302: reg_w() failed i: 78 v: 00 error -71 [ 1964.853869][ T9] gspca_pac7302: probe of 1-1:0.0 failed with error -71 [ 1964.886035][ T9] usb 1-1: USB disconnect, device number 26 [ 1964.983089][T17670] loop4: detected capacity change from 0 to 512 [ 1965.017371][T17670] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 1965.053792][T17670] EXT4-fs (loop4): 1 truncate cleaned up [ 1965.087245][T17670] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1965.321498][T25597] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1965.465902][T17684] netlink: 76 bytes leftover after parsing attributes in process `syz.5.19624'. [ 1965.574554][T17688] netlink: 'syz.4.19623': attribute type 1 has an invalid length. [ 1965.611211][T17688] netlink: 112860 bytes leftover after parsing attributes in process `syz.4.19623'. [ 1965.902624][T17702] netlink: 'syz.4.19632': attribute type 10 has an invalid length. [ 1965.915776][ T9] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 1966.056013][T16184] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 1966.106057][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 1966.122854][ T9] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 1966.144990][ T9] usb 6-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 1966.176576][ T9] usb 6-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 1966.190789][ T9] usb 6-1: Product: syz [ 1966.200917][ T9] usb 6-1: Manufacturer: syz [ 1966.211085][ T9] usb 6-1: SerialNumber: syz [ 1966.262638][T16184] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1966.275696][T16184] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1966.293778][T16184] usb 2-1: Product: syz [ 1966.309379][T16184] usb 2-1: Manufacturer: syz [ 1966.314117][T16184] usb 2-1: SerialNumber: syz [ 1966.344061][T16184] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1966.379345][T16183] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1966.469324][ T9] usb 6-1: Handspring Visor / Palm OS: No valid connect info available [ 1966.505627][ T9] usb 6-1: Handspring Visor / Palm OS: port 205, is for unknown use [ 1966.522363][ T9] usb 6-1: Handspring Visor / Palm OS: port 0, is for unknown use [ 1966.555863][ T9] usb 6-1: Handspring Visor / Palm OS: Number of ports: 2 [ 1966.685964][ C0] usb 2-1: ath: unknown panic pattern! [ 1966.696000][ T9] usb 6-1: palm_os_3_probe - error -71 getting bytes available request [ 1966.704437][ T9] visor 6-1:1.0: Handspring Visor / Palm OS converter detected [ 1966.746635][ T9] usb 6-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 1966.780422][ T9] usb 6-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 1966.802283][T17724] netlink: 28 bytes leftover after parsing attributes in process `syz.0.19643'. [ 1966.815263][ T9] usb 6-1: USB disconnect, device number 18 [ 1966.850440][ T9] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 1966.875052][ T9] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 1966.887877][ T787] usb 2-1: USB disconnect, device number 42 [ 1966.898714][ T9] visor 6-1:1.0: device disconnected [ 1967.285736][ T5817] usb 5-1: new high-speed USB device number 54 using dummy_hcd [ 1967.431013][T17745] comedi comedi0: dac02: I/O port conflict (0x3,8) [ 1967.450571][T16183] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 1967.469069][T16183] ath9k_htc: Failed to initialize the device [ 1967.484485][ T787] usb 2-1: ath9k_htc: USB layer deinitialized [ 1967.506794][ T5817] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00 [ 1967.539432][ T5817] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 1967.565863][ T5817] usb 5-1: Product: syz [ 1967.570131][ T5817] usb 5-1: SerialNumber: syz [ 1967.606964][ T5817] usb 5-1: config 0 descriptor?? [ 1967.862072][ T5817] hso 5-1:0.0: Failed to find BULK IN ep [ 1968.004089][ T28] audit: type=1800 audit(2000000461.770:799): pid=17751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.5.19656" name="/newroot/1044/file0" dev="tmpfs" ino=5323 res=0 errno=0 [ 1968.133607][ T5817] usb 5-1: USB disconnect, device number 54 [ 1968.201574][T17768] binder: Bad value for 'stats' [ 1968.390462][T17771] loop1: detected capacity change from 0 to 4096 [ 1968.433968][T17771] ntfs: (device loop1): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 1968.445273][T17771] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing. [ 1968.460863][T17771] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 1968.475834][T17771] ntfs: (device loop1): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 1968.543339][T17771] ntfs: volume version 3.1. [ 1968.653354][T17780] netlink: 129384 bytes leftover after parsing attributes in process `syz.0.19669'. [ 1968.688568][T17771] ntfs: (device loop1): ntfs_attr_find(): Inode is corrupt. Run chkdsk. [ 1968.726153][T17771] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x40 as bad. Run chkdsk. [ 1969.596253][T17812] netlink: 'syz.4.19684': attribute type 5 has an invalid length. [ 1969.693738][T17810] loop0: detected capacity change from 0 to 4096 [ 1969.801119][T17810] ntfs: volume version 3.1. [ 1969.815415][T17820] loop5: detected capacity change from 0 to 1024 [ 1969.965850][T17810] ntfs: (device loop0): ntfs_truncate(): Inode 0x43 has unknown attribute type 0x80. Aborting truncate. [ 1970.082943][T17826] loop1: detected capacity change from 0 to 256 [ 1970.700193][T17846] Cannot find del_set index 4 as target [ 1970.901884][T17853] loop5: detected capacity change from 0 to 1024 [ 1970.940581][T17853] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1970.990726][T17853] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 1971.041346][T17853] EXT4-fs (loop5): orphan cleanup on readonly fs [ 1971.067436][T17853] EXT4-fs error (device loop5): ext4_free_blocks:6692: comm syz.5.19705: Freeing blocks not in datazone - block = 0, count = 4096 [ 1971.086181][T17853] EXT4-fs (loop5): 1 orphan inode deleted [ 1971.113555][T17853] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1971.147849][T17863] loop4: detected capacity change from 0 to 4096 [ 1971.193296][T17863] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 1971.298717][ T8195] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1971.322054][T17863] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 1971.637786][T17869] netlink: 12 bytes leftover after parsing attributes in process `syz.0.19712'. [ 1971.671104][T17869] netlink: 'syz.0.19712': attribute type 1 has an invalid length. [ 1971.693075][T17869] netlink: 12 bytes leftover after parsing attributes in process `syz.0.19712'. [ 1971.705334][T17874] "syz.5.19715" (17874) uses obsolete ecb(arc4) skcipher [ 1971.713435][T17875] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1971.922609][ T28] audit: type=1400 audit(2000000465.690:800): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=3A3A0AE10CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A552C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=17876 comm="syz.0.19717" [ 1972.127666][T17887] loop5: detected capacity change from 0 to 16 [ 1972.177660][T17887] erofs: (device loop5): mounted with root inode @ nid 36. [ 1972.223032][T17887] erofs: (device loop5): erofs_find_target_block: corrupted dir block 0 @ nid 36 [ 1972.321333][T17891] gtp0: entered promiscuous mode [ 1972.351940][T17891] gtp0: entered allmulticast mode [ 1972.654166][T17902] loop4: detected capacity change from 0 to 16 [ 1972.683288][T17902] erofs: (device loop4): mounted with root inode @ nid 36. [ 1972.732176][T17902] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 1972.800279][T17902] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -10 in[58, 4038] out[1851] [ 1972.829610][T17902] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 1973.113842][T17879] loop1: detected capacity change from 0 to 32768 [ 1973.175547][T17879] JBD2: Ignoring recovery information on journal [ 1973.323901][T17879] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 1973.661805][ T28] audit: type=1800 audit(2000000467.430:801): pid=17879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.19716" name="file0" dev="loop1" ino=17058 res=0 errno=0 [ 1973.913868][ T5777] ocfs2: Unmounting device (7,1) on (node local) [ 1974.757178][T17952] loop4: detected capacity change from 0 to 4096 [ 1974.791315][T17952] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 1974.848159][T17929] loop0: detected capacity change from 0 to 32768 [ 1974.866573][T17956] delete_channel: no stack [ 1974.908695][T17929] ERROR: (device loop0): dbAlloc: the hint is outside the map [ 1974.908695][T17929] [ 1974.923882][T17952] ntfs3: loop4: ino=3, ntfs_set_state failed, -22. [ 1974.966109][T17952] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 1975.028189][ T2908] read_mapping_page failed! [ 1975.032765][ T2908] ERROR: (device loop0): txCommit: [ 1975.032765][ T2908] [ 1975.068868][ T2908] jfs_write_inode: jfs_commit_inode failed! [ 1975.483388][T17966] loop0: detected capacity change from 0 to 256 [ 1975.893444][T17960] syz.5.19754 (17960): drop_caches: 2 [ 1975.893656][ T2908] ntfs3: loop4: ino=3, ntfs3_write_inode failed, -22. [ 1975.929022][T25597] ntfs3: loop4: ino=3, ntfs_set_state failed, -22. [ 1975.952377][T17966] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001034b, chksum : 0x6322ccb6, utbl_chksum : 0xe619d30d) [ 1975.970499][T25597] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 1975.979789][T25597] ntfs3: loop4: ino=3, ntfs_set_state failed, -22. [ 1976.027265][ T11] ntfs3: loop4: ino=3, ntfs3_write_inode failed, -22. [ 1976.221764][T17974] xfrm0 speed is unknown, defaulting to 1000 [ 1976.731650][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1976.738323][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 1976.834465][T18001] loop0: detected capacity change from 0 to 512 [ 1976.895430][T18001] EXT4-fs (loop0): orphan cleanup on readonly fs [ 1976.912447][T18006] netlink: 14 bytes leftover after parsing attributes in process `syz.4.19777'. [ 1976.955865][T18001] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13 [ 1976.964462][T18001] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 1976.979524][T18001] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.19775: attempt to clear invalid blocks 2 len 1 [ 1977.026487][T18001] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.19775: invalid indirect mapped block 1819239214 (level 0) [ 1977.138056][T18001] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.19775: invalid indirect mapped block 1819239214 (level 1) [ 1977.189548][T18001] EXT4-fs (loop0): 1 truncate cleaned up [ 1977.217925][T18001] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1977.295843][T18001] EXT4-fs error (device loop0): __ext4_remount:6752: comm syz.0.19775: Abort forced by user [ 1977.321597][T18017] bridge0: port 3(bond0) entered blocking state [ 1977.345870][T18017] bridge0: port 3(bond0) entered disabled state [ 1977.348229][T18001] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000. [ 1977.352378][T18017] bond0: entered allmulticast mode [ 1977.378033][T18017] bond_slave_0: entered allmulticast mode [ 1977.383845][T18017] bond_slave_1: entered allmulticast mode [ 1977.405989][T18017] netdevsim netdevsim5 netdevsim0: entered allmulticast mode [ 1977.415828][T18017] bond0: entered promiscuous mode [ 1977.428912][T18017] bond_slave_0: entered promiscuous mode [ 1977.440685][T18017] bond_slave_1: entered promiscuous mode [ 1977.448428][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1977.463859][T18017] netdevsim netdevsim5 netdevsim0: entered promiscuous mode [ 1977.907836][T18036] loop5: detected capacity change from 0 to 256 [ 1978.178695][T18046] loop5: detected capacity change from 0 to 512 [ 1978.243569][T18046] EXT4-fs (loop5): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1978.488341][ T8195] EXT4-fs (loop5): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 1978.796134][T16183] usb 2-1: new high-speed USB device number 43 using dummy_hcd [ 1978.856599][T18068] netlink: 'syz.0.19806': attribute type 46 has an invalid length. [ 1978.881293][T18070] SET target dimension over the limit! [ 1979.002432][T16183] usb 2-1: Using ep0 maxpacket: 32 [ 1979.024973][T16183] usb 2-1: config 1 interface 0 altsetting 14 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1979.057712][T16183] usb 2-1: config 1 interface 0 altsetting 14 bulk endpoint 0x82 has invalid maxpacket 0 [ 1979.073703][T16183] usb 2-1: config 1 interface 0 altsetting 14 endpoint 0x3 has invalid maxpacket 1600, setting to 1024 [ 1979.082902][T18076] loop5: detected capacity change from 0 to 256 [ 1979.089127][T16183] usb 2-1: config 1 interface 0 altsetting 14 bulk endpoint 0x3 has invalid maxpacket 1024 [ 1979.111983][T16183] usb 2-1: config 1 interface 0 has no altsetting 0 [ 1979.128280][T16183] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1979.141875][T16183] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1979.152974][T16183] usb 2-1: Product: syz [ 1979.162819][T16183] usb 2-1: Manufacturer: syz [ 1979.168957][T16183] usb 2-1: SerialNumber: syz [ 1979.206231][T18061] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1979.345923][T16184] usb 5-1: new full-speed USB device number 55 using dummy_hcd [ 1979.467505][T16183] cdc_ether: probe of 2-1:1.0 failed with error -22 [ 1979.497590][T16183] usb 2-1: USB disconnect, device number 43 [ 1979.540107][T16184] usb 5-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 1979.562074][T16184] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1979.603770][T16184] usb 5-1: config 0 descriptor?? [ 1979.625117][T16184] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 1980.051924][T16184] gp8psk: usb out operation failed. [ 1980.068538][T16184] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 1980.105070][T16184] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 1980.127144][T16184] usb 5-1: USB disconnect, device number 55 [ 1980.853970][T18124] loop0: detected capacity change from 0 to 4096 [ 1980.880957][T18132] netlink: 'syz.5.19837': attribute type 3 has an invalid length. [ 1980.939611][T18124] ntfs: (device loop0): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 1980.976137][T18124] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x4 as bad. Run chkdsk. [ 1981.010061][T18124] ntfs: (device loop0): load_and_init_attrdef(): Failed to initialize attribute definition table. [ 1981.042727][T18124] ntfs: (device loop0): ntfs_fill_super(): Failed to load system files. [ 1982.531662][T18184] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1982.607703][T18163] loop4: detected capacity change from 0 to 32768 [ 1982.623586][T18163] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 10 [ 1982.675833][ T6656] I/O error, dev loop4, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1983.522887][T18215] netlink: 20 bytes leftover after parsing attributes in process `syz.4.19876'. [ 1984.067082][T18231] netlink: 3 bytes leftover after parsing attributes in process `syz.5.19884'. [ 1984.595836][T18250] libceph: resolve '0.' (ret=-3): failed [ 1984.719210][T18255] Non-string source [ 1985.428693][T18282] loop1: detected capacity change from 0 to 1024 [ 1985.433815][T18285] netlink: 16 bytes leftover after parsing attributes in process `syz.0.19911'. [ 1985.730510][T18293] netlink: 52 bytes leftover after parsing attributes in process `syz.5.19915'. [ 1985.873178][T18297] netlink: 8 bytes leftover after parsing attributes in process `syz.0.19917'. [ 1985.901886][T18297] ip6tnl4: entered allmulticast mode [ 1986.324283][T18313] ipt_ECN: cannot use operation on non-tcp rule [ 1986.394879][T18315] loop4: detected capacity change from 0 to 1024 [ 1986.452102][T18315] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1986.529365][T18315] EXT4-fs error (device loop4): ext4_empty_dir:3145: inode #11: block 32: comm syz.4.19926: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=695563, rec_len=0, size=1024 fake=1 [ 1986.634713][T18315] EXT4-fs (loop4): Remounting filesystem read-only [ 1986.652842][T18315] EXT4-fs warning (device loop4): ext4_empty_dir:3147: inode #11: comm syz.4.19926: directory missing '.' [ 1986.709594][T25597] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1986.766409][T16184] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 1986.960216][T16184] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 1986.982193][T16184] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1986.990685][ T9] usb 2-1: new high-speed USB device number 44 using dummy_hcd [ 1987.009772][T16184] usb 6-1: config 0 descriptor?? [ 1987.222694][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 1987.237443][ T9] usb 2-1: config 0 has an invalid interface number: 52 but max is 0 [ 1987.255672][ T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1987.293799][ T9] usb 2-1: config 0 has no interface number 0 [ 1987.300396][ T9] usb 2-1: config 0 interface 52 has no altsetting 0 [ 1987.329783][ T9] usb 2-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 1987.374145][ T9] usb 2-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0 [ 1987.396148][ T9] usb 2-1: Manufacturer: syz [ 1987.417280][ T9] usb 2-1: config 0 descriptor?? [ 1987.433956][ T9] hub 2-1:0.52: bad descriptor, ignoring hub [ 1987.457448][T16184] ath6kl: Failed to read usb control message: -71 [ 1987.463983][T16184] ath6kl: Unable to read the bmi data from the device: -71 [ 1987.474464][ T9] hub: probe of 2-1:0.52 failed with error -5 [ 1987.509492][T16184] ath6kl: Unable to recv target info: -71 [ 1987.532616][T16184] ath6kl: Failed to init ath6kl core: -71 [ 1987.564358][T16184] ath6kl_usb: probe of 6-1:0.0 failed with error -71 [ 1987.594795][T16184] usb 6-1: USB disconnect, device number 19 [ 1987.719635][T18350] loop0: detected capacity change from 0 to 4096 [ 1987.790094][T18350] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1987.822473][T18344] loop4: detected capacity change from 0 to 32768 [ 1987.925358][T18344] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1988.111074][T18361] IPv6: sit1: Disabled Multicast RS [ 1988.125955][ T5817] usb 2-1: USB disconnect, device number 44 [ 1988.158963][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1988.200737][T18344] XFS (loop4): Ending clean mount [ 1988.462133][T25597] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1988.625249][T18368] loop0: detected capacity change from 0 to 256 [ 1988.863619][T18370] xt_CT: No such helper "snmp_trap" [ 1989.631382][T18403] binder: 18402:18403 ioctl 40046210 0 returned -14 [ 1989.939256][T18413] ip6t_srh: unknown srh match flags 4001 [ 1989.945623][ T28] audit: type=1326 audit(2000000483.710:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18414 comm="syz.1.19966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1990.050556][ T28] audit: type=1326 audit(2000000483.710:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18414 comm="syz.1.19966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1990.130564][ T28] audit: type=1326 audit(2000000483.750:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18414 comm="syz.1.19966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1990.142261][T18422] netlink: 'syz.1.19971': attribute type 1 has an invalid length. [ 1990.191130][T18422] netlink: 'syz.1.19971': attribute type 3 has an invalid length. [ 1990.195862][ T28] audit: type=1326 audit(2000000483.750:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18414 comm="syz.1.19966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1990.220001][T18422] netlink: 224 bytes leftover after parsing attributes in process `syz.1.19971'. [ 1990.255175][ T28] audit: type=1326 audit(2000000483.750:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18414 comm="syz.1.19966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a819aeb9 code=0x7ffc0000 [ 1990.445778][ T9] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 1990.504039][T18429] netlink: 256 bytes leftover after parsing attributes in process `syz.1.19974'. [ 1990.545880][ T787] usb 5-1: new full-speed USB device number 56 using dummy_hcd [ 1990.623409][T18417] loop5: detected capacity change from 0 to 32768 [ 1990.653211][ T9] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1990.672682][T18417] [ 1990.672682][T18417] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1990.672682][T18417] [ 1990.697573][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1990.729891][ T9] usb 1-1: config 0 descriptor?? [ 1990.741183][ T787] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1990.767822][ T787] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1990.795770][ T787] usb 5-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice= 1.00 [ 1990.815208][ T787] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1990.838496][ T787] usb 5-1: config 0 descriptor?? [ 1990.847566][ T787] xbox_remote_probe: endpoint_in message size==0? [ 1990.875215][ T1138] [ 1990.875215][ T1138] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1990.875215][ T1138] [ 1990.889889][ T1138] [ 1990.889889][ T1138] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1990.889889][ T1138] [ 1990.904086][ T112] [ 1990.904086][ T112] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1990.904086][ T112] [ 1990.919577][ T8195] [ 1990.919577][ T8195] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1990.919577][ T8195] [ 1990.931811][ T8195] [ 1990.931811][ T8195] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1990.931811][ T8195] [ 1991.003063][ T9] [drm] vendor descriptor length:6 data:06 5f 01 ff 00 00 00 00 00 00 00 [ 1991.027224][ T9] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 1991.065320][ T787] usbhid 5-1:0.0: can't add hid device: -71 [ 1991.081768][ T787] usbhid: probe of 5-1:0.0 failed with error -71 [ 1991.106238][ T787] usb 5-1: USB disconnect, device number 56 [ 1991.204289][ T9] [drm:udl_init] *ERROR* Selecting channel failed [ 1991.254021][ T9] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 1991.281389][ T9] [drm] Initialized udl on minor 2 [ 1991.291122][ T9] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1991.307343][ T9] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 1991.326603][T16184] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1991.340664][ T9] usb 1-1: USB disconnect, device number 27 [ 1991.349494][T16184] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 1991.504246][T18433] loop1: detected capacity change from 0 to 32768 [ 1991.581787][T18439] netlink: 220 bytes leftover after parsing attributes in process `syz.5.19979'. [ 1991.591446][T18439] netlink: 8 bytes leftover after parsing attributes in process `syz.5.19979'. [ 1991.591736][T18433] ERROR: (device loop1): dbFindCtl: Corrupt dmapctl page [ 1991.591736][T18433] [ 1991.612506][T18439] tc_dump_action: action bad kind [ 1991.653503][T18433] ERROR: (device loop1): remounting filesystem as read-only [ 1991.745261][T18441] loop4: detected capacity change from 0 to 256 [ 1992.178464][T18451] netlink: 'syz.5.19986': attribute type 3 has an invalid length. [ 1992.206062][T18451] netlink: 'syz.5.19986': attribute type 1 has an invalid length. [ 1992.265704][ T9] usb 5-1: new high-speed USB device number 57 using dummy_hcd [ 1992.401684][T18461] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.19990'. [ 1992.406023][T18460] netlink: 132 bytes leftover after parsing attributes in process `syz.1.19989'. [ 1992.465706][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 1992.482708][ T9] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1992.513509][ T9] usb 5-1: config 128 has an invalid interface number: 127 but max is 3 [ 1992.525770][ T9] usb 5-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config [ 1992.551663][ T9] usb 5-1: config 128 has 1 interface, different from the descriptor's value: 4 [ 1992.569917][ T9] usb 5-1: config 128 has no interface number 0 [ 1992.598492][ T9] usb 5-1: config 128 interface 127 altsetting 14 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 1992.626866][ T9] usb 5-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1992.659988][ T9] usb 5-1: config 128 interface 127 has no altsetting 0 [ 1992.670360][ T9] usb 5-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55 [ 1992.696684][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1992.704735][ T9] usb 5-1: Product: syz [ 1992.723956][ T9] usb 5-1: Manufacturer: syz [ 1992.732270][ T9] usb 5-1: SerialNumber: syz [ 1993.038076][ T9] usb 5-1: USB disconnect, device number 57 [ 1993.099031][ T6656] udevd[6656]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:128.127/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1993.284197][T18487] loop1: detected capacity change from 0 to 64 [ 1993.849371][ T28] audit: type=1400 audit(2000000487.620:807): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=18502 comm="syz.4.20011" [ 1994.327445][T18517] loop1: detected capacity change from 0 to 2048 [ 1994.368730][T18517] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1994.641326][T18497] loop0: detected capacity change from 0 to 32768 [ 1994.767191][T18497] ea_get: invalid extended attribute [ 1994.780538][T18497] ffff8880581ce8f0: 04 00 00 00 .... [ 1995.079932][T18537] netlink: 40 bytes leftover after parsing attributes in process `syz.1.20029'. [ 1995.117770][T18539] x_tables: unsorted entry at hook 3 [ 1995.156211][T18541] netlink: 24 bytes leftover after parsing attributes in process `syz.4.20030'. [ 1995.613496][T18543] loop0: detected capacity change from 0 to 8192 [ 1995.701322][T18543] loop0: p1 < > p2 p4 < p5 > [ 1995.714230][T18543] loop0: partition table partially beyond EOD, truncated [ 1995.736179][T18543] loop0: p1 start 524299 is beyond EOD, truncated [ 1995.763621][T18543] loop0: p2 size 16128 extends beyond EOD, truncated [ 1995.778597][T18543] loop0: p5 size 16128 extends beyond EOD, truncated [ 1995.795929][T16184] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 1996.025673][T16184] usb 1-1: Using ep0 maxpacket: 16 [ 1996.078762][T18568] loop4: detected capacity change from 0 to 2048 [ 1996.086097][T16184] usb 1-1: config 1 has an invalid interface descriptor of length 8, skipping [ 1996.095017][T16184] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1996.157999][T16184] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 3 [ 1996.182385][T18568] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1996.214051][T16184] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1996.245725][T16184] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1996.254169][T16184] usb 1-1: Product: syz [ 1996.273047][T18568] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh [ 1996.285669][T16184] usb 1-1: Manufacturer: syz [ 1996.290318][T16184] usb 1-1: SerialNumber: syz [ 1996.661144][T16184] usb 1-1: USB disconnect, device number 28 [ 1996.853921][T18589] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 8, id = 0 [ 1996.871037][T18590] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 8, id = 1 [ 1996.901477][T18591] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 8, id = 2 [ 1996.912370][T18593] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 8, id = 3 [ 1996.925895][T18594] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 8, id = 4 [ 1996.939946][T18595] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 8, id = 5 [ 1996.960274][T18597] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 8, id = 6 [ 1996.981477][T18598] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 8, id = 7 [ 1997.027236][T18600] loop5: detected capacity change from 0 to 256 [ 1997.369231][T18608] overlayfs: conflicting options: nfs_export=on,index=off [ 1997.542755][T18613] veth0_to_bridge: left allmulticast mode [ 1997.581641][T18613] veth0_to_bridge: left promiscuous mode [ 1997.593176][T18613] bridge0: port 1(veth0_to_bridge) entered disabled state [ 1997.703909][T18618] loop5: detected capacity change from 0 to 1764 [ 1997.773306][T18618] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 1998.421484][T18644] bond0: Unable to set up delay as MII monitoring is disabled [ 1998.604071][T18650] loop0: detected capacity change from 0 to 64 [ 1998.827877][T18658] ieee802154 phy0 wpan0: encryption failed: -90 [ 1998.903572][T18661] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only [ 1999.246932][T18674] loop5: detected capacity change from 0 to 1764 [ 1999.256598][T16183] usb 5-1: new high-speed USB device number 58 using dummy_hcd [ 1999.350599][T18674] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1999.465887][T16183] usb 5-1: Using ep0 maxpacket: 16 [ 1999.478293][T16183] usb 5-1: config 0 has an invalid interface number: 223 but max is 0 [ 1999.505829][T16183] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1999.554304][T16183] usb 5-1: config 0 has no interface number 0 [ 1999.586327][T16183] usb 5-1: config 0 interface 223 altsetting 1 endpoint 0x7 has an invalid bInterval 0, changing to 7 [ 1999.596162][T18682] netlink: 44 bytes leftover after parsing attributes in process `syz.1.20095'. [ 1999.606043][T16183] usb 5-1: config 0 interface 223 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 1999.632498][T16183] usb 5-1: config 0 interface 223 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1999.673633][T16183] usb 5-1: config 0 interface 223 has no altsetting 0 [ 1999.689669][T16183] usb 5-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 1999.706398][T16183] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1999.730755][T16183] usb 5-1: Product: syz [ 1999.734997][T16183] usb 5-1: Manufacturer: syz [ 1999.745703][T16183] usb 5-1: SerialNumber: syz [ 1999.768867][T16183] usb 5-1: config 0 descriptor?? [ 2000.263235][T16183] usb 5-1: USB disconnect, device number 58 [ 2000.978259][T18732] netlink: 'syz.4.20119': attribute type 2 has an invalid length. [ 2001.005868][T18732] netlink: 'syz.4.20119': attribute type 1 has an invalid length. [ 2001.049837][T18726] loop1: detected capacity change from 0 to 4096 [ 2001.075334][T18726] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 2001.245677][T18726] ntfs3: loop1: failed to convert "c46c" to macroman [ 2001.883819][T18749] loop0: detected capacity change from 0 to 4096 [ 2001.918715][T18749] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 2001.979384][T18749] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 2002.051528][T18731] loop5: detected capacity change from 0 to 32768 [ 2002.071291][T18731] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop5 scanned by syz.5.20118 (18731) [ 2002.111179][T18731] BTRFS info (device loop5): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 2002.145966][T18731] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm [ 2002.185407][T18731] BTRFS info (device loop5): turning off barriers [ 2002.202362][T18731] BTRFS info (device loop5): enabling all of the rescue options [ 2002.233262][T18731] BTRFS info (device loop5): ignoring data csums [ 2002.255699][T18731] BTRFS info (device loop5): ignoring bad roots [ 2002.262017][T18731] BTRFS info (device loop5): disabling log replay at mount time [ 2002.272508][T18731] BTRFS info (device loop5): disabling tree log [ 2002.279911][T18731] BTRFS info (device loop5): turning on flush-on-commit [ 2002.320923][T18731] BTRFS info (device loop5): using free space tree [ 2002.382568][T18769] usb usb8: usbfs: process 18769 (syz.0.20133) did not claim interface 0 before use [ 2002.526407][T18731] BTRFS info (device loop5: state C): enabling ssd optimizations [ 2003.001004][ T8195] BTRFS info (device loop5: state C): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 2003.062540][T18800] netlink: 'syz.1.20143': attribute type 5 has an invalid length. [ 2004.060408][T18829] loop1: detected capacity change from 0 to 256 [ 2004.092043][T18832] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20159'. [ 2004.115722][T18832] netlink: 4 bytes leftover after parsing attributes in process `syz.0.20159'. [ 2004.198088][T18834] set match dimension is over the limit! [ 2004.233660][T18829] FAT-fs (loop1): Directory bread(block 64) failed [ 2004.262730][T18829] FAT-fs (loop1): Directory bread(block 65) failed [ 2004.286106][T18829] FAT-fs (loop1): Directory bread(block 66) failed [ 2004.292716][T18829] FAT-fs (loop1): Directory bread(block 67) failed [ 2004.322290][T18829] FAT-fs (loop1): Directory bread(block 68) failed [ 2004.346942][T18829] FAT-fs (loop1): Directory bread(block 69) failed [ 2004.353654][T18829] FAT-fs (loop1): Directory bread(block 70) failed [ 2004.405917][T18829] FAT-fs (loop1): Directory bread(block 71) failed [ 2004.423652][T18829] FAT-fs (loop1): Directory bread(block 72) failed [ 2004.446971][T18829] FAT-fs (loop1): Directory bread(block 73) failed [ 2004.454111][T18840] loop4: detected capacity change from 0 to 256 [ 2004.480265][T18840] exfat: Deprecated parameter 'utf8' [ 2004.534537][T18840] exfat: Deprecated parameter 'utf8' [ 2004.562222][T18840] exfat: Deprecated parameter 'utf8' [ 2004.629215][T18844] usb usb7: usbfs: process 18844 (syz.5.20165) did not claim interface 0 before use [ 2004.654767][T18840] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 2005.014573][T18854] loop0: detected capacity change from 0 to 64 [ 2005.052156][T18854] hfs: unable to locate alternate MDB [ 2005.071123][T18854] hfs: continuing without an alternate MDB [ 2005.082139][T18857] netlink: 240 bytes leftover after parsing attributes in process `syz.5.20171'. [ 2005.239353][ T49] [ 2005.241748][ T49] ====================================================== [ 2005.248791][ T49] WARNING: possible circular locking dependency detected [ 2005.255833][ T49] syzkaller #0 Not tainted [ 2005.260276][ T49] ------------------------------------------------------ [ 2005.267319][ T49] kworker/u4:3/49 is trying to acquire lock: [ 2005.273317][ T49] ffff88802ddef5f8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xff/0x1380 [ 2005.284156][ T49] [ 2005.284156][ T49] but task is already holding lock: [ 2005.291544][ T49] ffff8880257280b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0 [ 2005.300937][ T49] [ 2005.300937][ T49] which lock already depends on the new lock. [ 2005.300937][ T49] [ 2005.311374][ T49] [ 2005.311374][ T49] the existing dependency chain (in reverse order) is: [ 2005.320414][ T49] [ 2005.320414][ T49] -> #1 (&tree->tree_lock/1){+.+.}-{3:3}: [ 2005.328372][ T49] __mutex_lock+0x136/0xcc0 [ 2005.333441][ T49] hfs_find_init+0x17e/0x1f0 [ 2005.338593][ T49] hfs_extend_file+0x361/0x1380 [ 2005.344004][ T49] hfs_bmap_reserve+0x107/0x430 [ 2005.349407][ T49] hfs_cat_create+0x1fe/0x6b0 [ 2005.354635][ T49] hfs_create+0x66/0xd0 [ 2005.359339][ T49] path_openat+0x12a0/0x3230 [ 2005.364474][ T49] do_filp_open+0x1f5/0x430 [ 2005.369531][ T49] do_sys_openat2+0x134/0x1d0 [ 2005.374760][ T49] __x64_sys_creat+0x90/0xb0 [ 2005.379903][ T49] do_syscall_64+0x55/0xa0 [ 2005.384878][ T49] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 2005.391327][ T49] [ 2005.391327][ T49] -> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}: [ 2005.400575][ T49] __lock_acquire+0x2df1/0x7d40 [ 2005.405990][ T49] lock_acquire+0x19e/0x420 [ 2005.411043][ T49] __mutex_lock+0x136/0xcc0 [ 2005.416106][ T49] hfs_extend_file+0xff/0x1380 [ 2005.421419][ T49] hfs_bmap_reserve+0x107/0x430 [ 2005.426824][ T49] __hfs_ext_write_extent+0x1fa/0x470 [ 2005.432753][ T49] hfs_ext_write_extent+0x17f/0x210 [ 2005.438509][ T49] hfs_write_inode+0xdc/0x880 [ 2005.443732][ T49] __writeback_single_inode+0x705/0xec0 [ 2005.449834][ T49] writeback_sb_inodes+0x7cd/0xf50 [ 2005.455508][ T49] wb_writeback+0x46a/0xbf0 [ 2005.460566][ T49] wb_workfn+0x400/0xe60 [ 2005.465363][ T49] process_scheduled_works+0xa5d/0x15d0 [ 2005.471466][ T49] worker_thread+0xa55/0xfc0 [ 2005.476609][ T49] kthread+0x2fa/0x390 [ 2005.481231][ T49] ret_from_fork+0x48/0x80 [ 2005.486198][ T49] ret_from_fork_asm+0x11/0x20 [ 2005.491512][ T49] [ 2005.491512][ T49] other info that might help us debug this: [ 2005.491512][ T49] [ 2005.501761][ T49] Possible unsafe locking scenario: [ 2005.501761][ T49] [ 2005.509237][ T49] CPU0 CPU1 [ 2005.514629][ T49] ---- ---- [ 2005.520014][ T49] lock(&tree->tree_lock/1); [ 2005.524731][ T49] lock(&HFS_I(tree->inode)->extents_lock); [ 2005.533255][ T49] lock(&tree->tree_lock/1); [ 2005.540465][ T49] lock(&HFS_I(tree->inode)->extents_lock); [ 2005.546480][ T49] [ 2005.546480][ T49] *** DEADLOCK *** [ 2005.546480][ T49] [ 2005.554650][ T49] 3 locks held by kworker/u4:3/49: [ 2005.559785][ T49] #0: ffff88801de74d38 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 2005.571066][ T49] #1: ffffc90000ba7d00 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 2005.583563][ T49] #2: ffff8880257280b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0 [ 2005.593376][ T49] [ 2005.593376][ T49] stack backtrace: [ 2005.599285][ T49] CPU: 0 PID: 49 Comm: kworker/u4:3 Not tainted syzkaller #0 [ 2005.606683][ T49] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2005.616765][ T49] Workqueue: writeback wb_workfn (flush-7:0) [ 2005.622803][ T49] Call Trace: [ 2005.626108][ T49] [ 2005.629063][ T49] dump_stack_lvl+0x18c/0x250 [ 2005.633782][ T49] ? load_image+0x400/0x400 [ 2005.638320][ T49] ? show_regs_print_info+0x20/0x20 [ 2005.643564][ T49] ? print_circular_bug+0x12b/0x1a0 [ 2005.648804][ T49] check_noncircular+0x2fc/0x400 [ 2005.653860][ T49] ? look_up_lock_class+0x75/0x140 [ 2005.659007][ T49] ? print_deadlock_bug+0x5d0/0x5d0 [ 2005.664935][ T49] ? lockdep_lock+0xf5/0x230 [ 2005.669571][ T49] ? _find_first_zero_bit+0xd3/0x100 [ 2005.674886][ T49] __lock_acquire+0x2df1/0x7d40 [ 2005.679773][ T49] ? arch_stack_walk+0x16e/0x190 [ 2005.684748][ T49] ? ret_from_fork_asm+0x11/0x20 [ 2005.689725][ T49] ? verify_lock_unused+0x140/0x140 [ 2005.694966][ T49] ? stack_trace_save+0xaa/0x100 [ 2005.699938][ T49] ? stack_trace_snprint+0xf0/0xf0 [ 2005.705095][ T49] ? check_noncircular+0x18a/0x400 [ 2005.707226][T18882] netlink: 8 bytes leftover after parsing attributes in process `syz.1.20180'. [ 2005.710225][ T49] ? print_deadlock_bug+0x5d0/0x5d0 [ 2005.720046][T18882] netlink: 'syz.1.20180': attribute type 1 has an invalid length. [ 2005.724351][ T49] lock_acquire+0x19e/0x420 [ 2005.732935][T18882] netlink: 'syz.1.20180': attribute type 2 has an invalid length. [ 2005.736640][ T49] ? hfs_extend_file+0xff/0x1380 [ 2005.736670][ T49] ? __might_sleep+0xe0/0xe0 [ 2005.736695][ T49] ? read_lock_is_recursive+0x20/0x20 [ 2005.736723][ T49] __mutex_lock+0x136/0xcc0 [ 2005.745223][T18882] netlink: 120 bytes leftover after parsing attributes in process `syz.1.20180'. [ 2005.749470][ T49] ? hfs_extend_file+0xff/0x1380 [ 2005.749497][ T49] ? verify_lock_unused+0x140/0x140 [ 2005.749519][ T49] ? hfs_extend_file+0xff/0x1380 [ 2005.788252][ T49] ? mutex_lock_nested+0x20/0x20 [ 2005.793244][ T49] hfs_extend_file+0xff/0x1380 [ 2005.798043][ T49] ? hfs_ext_write_extent+0x152/0x210 [ 2005.803450][ T49] ? hfs_write_inode+0xdc/0x880 [ 2005.808336][ T49] ? hfs_get_block+0xc50/0xc50 [ 2005.813127][ T49] ? trace_raw_output_contention_end+0xd0/0xd0 [ 2005.819301][ T49] ? rcu_is_watching+0x15/0xb0 [ 2005.824063][ T49] ? trace_contention_end+0x39/0xe0 [ 2005.829254][ T49] ? __asan_memset+0x22/0x40 [ 2005.833863][ T49] ? hfs_brec_find+0x19b/0x500 [ 2005.838644][ T49] ? hfs_find_init+0x17e/0x1f0 [ 2005.843417][ T49] hfs_bmap_reserve+0x107/0x430 [ 2005.848282][ T49] __hfs_ext_write_extent+0x1fa/0x470 [ 2005.853647][ T49] hfs_ext_write_extent+0x17f/0x210 [ 2005.858837][ T49] ? verify_lock_unused+0x140/0x140 [ 2005.864029][ T49] ? hfs_ext_find_block+0x190/0x190 [ 2005.869220][ T49] ? blk_start_plug+0x51/0x1a0 [ 2005.873977][ T49] hfs_write_inode+0xdc/0x880 [ 2005.878650][ T49] ? hfs_inode_write_fork+0x1a0/0x1a0 [ 2005.884013][ T49] ? __writeback_single_inode+0x48d/0xec0 [ 2005.889727][ T49] ? __lock_acquire+0x7d40/0x7d40 [ 2005.894742][ T49] ? do_raw_spin_lock+0x11f/0x2c0 [ 2005.899762][ T49] ? __rwlock_init+0x150/0x150 [ 2005.904540][ T49] __writeback_single_inode+0x705/0xec0 [ 2005.910086][ T49] writeback_sb_inodes+0x7cd/0xf50 [ 2005.915198][ T49] ? queue_io+0x550/0x550 [ 2005.919527][ T49] ? rcu_is_watching+0x15/0xb0 [ 2005.924286][ T49] wb_writeback+0x46a/0xbf0 [ 2005.928789][ T49] ? queue_io+0x3b1/0x550 [ 2005.933112][ T49] ? percpu_ref_tryget+0x250/0x250 [ 2005.938221][ T49] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 2005.944195][ T49] ? _raw_spin_unlock_irq+0x23/0x50 [ 2005.949388][ T49] wb_workfn+0x400/0xe60 [ 2005.953624][ T49] ? try_to_wake_up+0x70a/0x1190 [ 2005.958560][ T49] ? inode_wait_for_writeback+0x230/0x230 [ 2005.964277][ T49] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 2005.970251][ T49] ? read_lock_is_recursive+0x20/0x20 [ 2005.975640][ T49] ? _raw_spin_unlock_irq+0x23/0x50 [ 2005.980855][ T49] ? process_scheduled_works+0x96f/0x15d0 [ 2005.986586][ T49] ? process_scheduled_works+0x96f/0x15d0 [ 2005.992302][ T49] process_scheduled_works+0xa5d/0x15d0 [ 2005.997853][ T49] ? assign_work+0x430/0x430 [ 2006.002439][ T49] ? assign_work+0x3d0/0x430 [ 2006.007033][ T49] worker_thread+0xa55/0xfc0 [ 2006.011644][ T49] kthread+0x2fa/0x390 [ 2006.015719][ T49] ? pr_cont_work+0x560/0x560 [ 2006.020413][ T49] ? kthread_blkcg+0xd0/0xd0 [ 2006.024993][ T49] ret_from_fork+0x48/0x80 [ 2006.029409][ T49] ? kthread_blkcg+0xd0/0xd0 [ 2006.033989][ T49] ret_from_fork_asm+0x11/0x20 [ 2006.038760][ T49]