last executing test programs: 2.909287895s ago: executing program 0 (id=4965): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@ipv4_newroute={0x34, 0x18, 0x1, 0x70bd2d, 0x25dfdbfe, {0x2, 0x14, 0x14, 0x0, 0xff, 0x0, 0xfe, 0xb, 0xa00}, [@RTA_NH_ID={0x8, 0x1e, 0x1000}, @RTA_ENCAP={0x10, 0x16, 0x0, 0x1, @LWTUNNEL_IP6_ID={0xc, 0x1, 0x100000000}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40804}, 0x4) 2.626894136s ago: executing program 0 (id=4970): r0 = epoll_create1(0x0) epoll_pwait(r0, 0xfffffffffffffffc, 0x40, 0x8000005, 0x0, 0x0) 2.41423141s ago: executing program 0 (id=4975): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0) preadv(r0, &(0x7f00000015c0)=[{&(0x7f00000002c0)=""/4094, 0xffe}], 0x1, 0xf0, 0x3) 2.281362995s ago: executing program 0 (id=4977): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000d00)=ANY=[@ANYBLOB="18020000000000000000000000008000850000006100000085000000d000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r0, 0x0, 0xe, 0x0, &(0x7f0000000480)="9a35f8783baeed403bd575836c02", 0x0, 0x2200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) 2.038552049s ago: executing program 0 (id=4983): r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) 1.796428888s ago: executing program 3 (id=4986): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f0000005e40)="17000000020001000003d68c5ee17688a20032f1010300ecff3f0200000300000a000000009afc5ad9485bbb6a880000d6c8db0000dba67e060b80000a0000f10607bdff59100ac45761407a681f009cee4a5acb3da400001fb700674f19b44e09f9315033bf79ac2dff060115003901000000000000ea000000000000000009ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c61e5c83f1ba2112ce68bf17a6e000"/184, 0xb8) 1.6018132s ago: executing program 3 (id=4989): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)={0x118, 0x2f, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x107, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @multicast2}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be", @typed={0x8, 0xe9, 0x0, 0x0, @ipv4=@remote}]}]}, 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0) 1.528678784s ago: executing program 1 (id=4990): r0 = syz_open_dev$usbfs(&(0x7f0000000500), 0x77, 0x141341) ioctl$USBDEVFS_GETDRIVER(r0, 0x41045508, &(0x7f0000000000)={0x517, "188f3ad5d2c1f1392241256746a6e4eaa988329c2eb4cc4c38abf287881d7671994cb6f9feb417ba9155d0b659e3ff558383cf40f6c5a5a55a01c5231f1008f010cda6d330c023e9ff73f15dc15611331901d36a35f1c756e26e197d4eced6a9a8cc782a476fec04c5ff5e611ff27c6d975f223a1bbe7b4ecf7f585b44d9710285f7fb9b6288a7eb77f6c875dffdfd425c7a656b07688e96c27f52a83ad46aab80a1b6e4437c777803b8725ef5bf21d9cc9b3eee71de8776a7e24e6d931fe04534fabab19b33fbf3f56c7899a039b4ab5a87ad9b52ace87a4d45cc42e63eef9fffbe2f3f52fb52620c16be9d46b7c3267b3dc429099b4f52c20e032da4aa301d"}) 1.348745129s ago: executing program 1 (id=4991): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x6, 0x0, &(0x7f0000000200)) 1.27249385s ago: executing program 2 (id=4992): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="30000000400007012bbd700000000000017c00000400c28014000180060006000806000006001700843b0000040002"], 0x30}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) 1.01245873s ago: executing program 4 (id=4993): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000001d80)={'bond_slave_1\x00', &(0x7f0000001d40)=@ethtool_cmd={0x15, 0x9, 0x3, 0x0, 0x9, 0x0, 0x0, 0xb, 0x80, 0x0, 0x4b59, 0xa, 0x0, 0x0, 0x1}}) 983.876168ms ago: executing program 2 (id=4994): r0 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000000)={0x30, 0x4, 0x0, {0x1, 0x6, 0x8, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, 0x30) 983.582406ms ago: executing program 1 (id=4995): syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000102c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa11000001"], 0x0) syz_emit_ethernet(0x52, &(0x7f0000000340)={@broadcast, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x1c, 0x2c, 0xff, @remote, @local, {[@routing={0x8, 0x0, 0x0, 0xe}], {{0x8000, 0x4e23, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x6}}}}}}}, 0x0) 963.586696ms ago: executing program 3 (id=4996): r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x2a242, 0x0) write$USERIO_CMD_SEND_INTERRUPT(r0, &(0x7f0000000440)={0x2, 0xfa}, 0x2) 784.578557ms ago: executing program 2 (id=4997): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0xb, 0x4, 0x7ffcfffe}]}) set_mempolicy(0x2, 0xfffffffffffffffc, 0x3800) 748.132707ms ago: executing program 3 (id=4998): r0 = socket$inet(0x2, 0x1, 0x0) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f00000001c0)={'nat\x00', 0x0, 0x0, 0x90, [0x4, 0x80, 0xffffffffffffffc0, 0xfff, 0xfffffffffffffff7, 0xd], 0x600, 0x0, 0x0}, &(0x7f0000000240)=0x108) 733.714398ms ago: executing program 0 (id=4999): r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x73, 0x86, 0x40, 0x20, 0xc72, 0x14, 0x39ac, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0xa, [{{0x9, 0x4, 0x1d, 0xf3, 0x0, 0x71, 0x6c, 0x75}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000600)={0x84, &(0x7f0000000080)=ANY=[@ANYBLOB="4009850000000000000027d91646b8d2"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 692.650117ms ago: executing program 1 (id=5000): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0xf4, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0x9, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x2c, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MAXIP={0x14, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @loopback}]}, @CTA_NAT_DST={0x64, 0xd, 0x0, 0x1, [@CTA_NAT_PROTO={0x14, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e20}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e24}]}, @CTA_NAT_PROTO={0x1c, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e24}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e24}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e22}]}, @CTA_NAT_V4_MINIP={0x0, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, @CTA_NAT_V6_MINIP={0x14, 0x4, @loopback}, @CTA_NAT_V4_MINIP={0x8, 0x1, @private=0xa0100ff}]}]}, 0xf4}}, 0x0) 625.681924ms ago: executing program 4 (id=5001): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x2, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x39, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r0, 0xffffffffffffffff, 0x39, 0x0, @val=@uprobe_multi={0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x100000}}, 0x40) 566.144761ms ago: executing program 2 (id=5002): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x60, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x8}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x11, 0x1, 0x0, 0x80}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}}, 0x0) 446.461881ms ago: executing program 4 (id=5003): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)={0x20, 0x2, 0x7, 0x3, 0x0, 0x0, {0xa, 0x0, 0x3}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x44000}, 0x8000) 432.532382ms ago: executing program 3 (id=5004): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r0, 0x11b, 0x6, 0x0, 0x0) 325.838804ms ago: executing program 2 (id=5005): syz_mount_image$hfs(&(0x7f00000007c0), &(0x7f0000000000)='./file1\x00', 0x30008c0, &(0x7f0000000040)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030373737372c6469725f756d61736b3d30303030303030303030303030303030303030303030302c696f636861727365743d69736f383835392d362c636f6465706167653d63703835352c63726561746f723d4ddd71752c00eeabc72a9832436950c6116498dda8be60a94746ea68766f63d1d63944fbda2a9337439b37b6f2a694ba98f40070d09c3890bd28a2018f1adfe1e0a630020a9cac1a43800a70a9328ddb2a2f2e207da7cd3caf243b39eaff4966b7aa97cb6cc7d2cfc59e7a976de0a00d23c7ffaaa056cc4f8bc7b4c0f9a21db642b3e832e30a90ba1b9e7933b77c60f6a1b9ca9128f0a2d0e23373c9d15c79865bae97ddd82b98001b6aa9c5390e4deaf5f0ee492c6842b1c08486e479a889491459a257e9d4083634dac6cd58520f72e6c2f11bbd5b03655bb1863b16f3", @ANYBLOB="11f4579be01e435c584a33c63f8173f96bc4546035804d47be19163bd9e589bfdd0a9e6804495a4e4d83804e78ac5a72446295afd79de3fd6a02932a26ab4045133c371e56b0d48544db3c7db23a432f837b93f89b6f223cd1f6731d407ffdcedd9467f5cd2d6c4e8b3043614238ac91501a4bb780c4723929e22f55254546facc4f0284e644e6", @ANYRES8, @ANYRESDEC=0x0], 0x11, 0x31b, &(0x7f0000000240)="$eJzs3T1rFE8cB/Dv7F5yl3+O/FcTESxEogHTiMZGbE7CvQgrUXMXCC4naoIPCEaxEjG9vaWtr0FsFME6VlZiYRULGZmHvX3e2+jt3UW/H/DY3dmZ/e3NzlMwWRDRP2u1vfvq/Bf1TwAuXODZRcAB0ABqAI7gaGOrt7mx6Xc7RQW5OF43uQRMTpE6Z63XzcragM1heWqvhmb0GFVDSnnp87iDoLHTrV+6we6M/jyhe4K6bZ06sTHGGLM83n+Wb+rmtqsIZqIU15TYwx7uNZsjC4eIiCaSMOO7Y8f5pp2/Ow6wZAcTlTZx4//v2ht3AJWThalm/MdcsPKSQtX7/zopXO/pJZxKd4JVYlZZrxP7U4n9aZinx40FMGhVqWNxZtY3/O6ZtZt+x8ETtKzIaQv6s2MfTysWbT1V9GLG2rRAv7SZ3FNE9oxyVt/DlLqHFRP/XQCx+OcLr1gB8U58EFeEh5fo6PpXalKoatI15SVqysR/Nr9EfZeeOgu222i1Wk7slEP6IsfsFawBd9mIhxE1bcuM/YDAGxSnznU4kcvc3bkBueYzc63o7WU4ObkWYrnU3axv+G/zLzUS4oW4LBbxFW/Q7te/aj6u6eqTLTPy0IetRiyZoUB/46p1xms2orZkeyI9cmx92n1ojqebS/9bTDdY60dxn0b78BzXcQFzd+4/uOH6fve22rjmq8dVb/SP3GraDb879RSIJk3KBrbDI3VILXVyMCiNMrDloRao+o+MJNWwet+DI6qVDSrw0Z/Go/qBSr+62RJ3sb+NoOsaToHt98N5kIJpQyzpp5RyhI1ox07Ykklj65lohMJKL3d+xlSHDjZVpcKs/8L1Ss1M9tSHlzlPL/mDAFuiVHPs/gouzCvNjBzAfwUruKxic1dw6TVXas2o11wnTwOnyl/Rs3H+JUQbH3E1Mv8nIiIiIiIiIiIiIiIiIiIiIiIiIqIDodpfMKih/P8sJyIiIiIiIiIiIiIiIiIiIiIiIiIiIiKiPKsNmL97jeD9vyj3/t/kq1hc8yfBh/L+350e+P5four9CgAA//8sNHMW") syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x20020c0, 0x0, 0x1, 0x0, &(0x7f0000001a00)) 310.03226ms ago: executing program 1 (id=5006): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x8, 0x0) 288.771919ms ago: executing program 4 (id=5007): r0 = socket$inet_sctp(0x2, 0x5, 0x84) ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000000880)={'ipvlan0\x00', {0x2, 0x4e20, @empty}}) 273.112864ms ago: executing program 3 (id=5008): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x400448e1, &(0x7f0000000240)={0x1, 0xfffe, "be4108"}) 127.444556ms ago: executing program 1 (id=5009): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0) 126.309854ms ago: executing program 4 (id=5010): r0 = socket$inet_udp(0x2, 0x2, 0x0) sendto$inet(r0, &(0x7f0000000300)="af141c", 0x3, 0x240088f4, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) 1.304851ms ago: executing program 2 (id=5011): r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x2000000f5, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000003c0)={0x1, @pix_mp={0xfffffffe, 0xffff8000, 0x35314142, 0x8, 0x3, [{0x5, 0x6}, {0xc00}, {0x3, 0x5d63}, {0x14, 0x5}, {0x9, 0x4000069a}, {0x7, 0x2}, {0x2, 0x5}, {0x4, 0x17}], 0x77, 0x2, 0x8, 0x2, 0x4}}) 0s ago: executing program 4 (id=5012): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="180000000f140111"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x1004) kernel console output (not intermixed with test programs): 5108] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 465.929774][T15154] loop3: detected capacity change from 0 to 1024 [ 465.939181][T15154] EXT4-fs: Ignoring removed oldalloc option [ 465.992037][T15108] XFS (loop0): Ending clean mount [ 466.025954][T15154] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 466.065506][T15108] XFS (loop0): Quotacheck needed: Please wait. [ 466.092700][T15154] EXT4-fs error (device loop3): ext4_get_first_dir_block:3550: inode #11: comm syz.3.3915: directory missing '..' [ 466.161049][T15108] XFS (loop0): Quotacheck: Done. [ 466.240089][T15136] loop4: detected capacity change from 0 to 32768 [ 466.246783][ T5901] usb 3-1: new high-speed USB device number 104 using dummy_hcd [ 466.259529][ T5828] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 466.308086][T15136] JBD2: Ignoring recovery information on journal [ 466.322969][ T5820] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 466.392178][ T5901] usb 3-1: Using ep0 maxpacket: 32 [ 466.426597][ T5901] usb 3-1: config 0 has an invalid interface number: 85 but max is 0 [ 466.439011][T15136] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 466.474095][ T5901] usb 3-1: config 0 has no interface number 0 [ 466.491356][ T5901] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 466.531343][ T5901] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0 [ 466.542411][ T5901] usb 3-1: config 0 interface 85 has no altsetting 0 [ 466.561018][ T5901] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 466.589366][ T5901] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 466.626667][ T5901] usb 3-1: Product: syz [ 466.630873][ T5901] usb 3-1: Manufacturer: syz [ 466.660987][ T5901] usb 3-1: SerialNumber: syz [ 466.685072][ T5823] ocfs2: Unmounting device (7,4) on (node local) [ 466.698194][ T5901] usb 3-1: config 0 descriptor?? [ 467.106655][ T5901] appletouch 3-1:0.85: Failed to request geyser raw mode [ 467.118384][ T5901] appletouch 3-1:0.85: probe with driver appletouch failed with error -5 [ 467.158221][T15185] loop4: detected capacity change from 0 to 1024 [ 467.234367][ T5901] usb 3-1: USB disconnect, device number 104 [ 467.313236][T15189] loop1: detected capacity change from 0 to 2048 [ 467.317185][ T13] hfsplus: b-tree write err: -5, ino 8 [ 467.390667][T15189] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 467.532497][T15197] ip6gre1: entered allmulticast mode [ 467.777011][T15210] xt_cluster: node mask cannot exceed total number of nodes [ 468.074751][T15224] netlink: 'syz.4.3946': attribute type 21 has an invalid length. [ 468.280098][T15233] loop3: detected capacity change from 0 to 2048 [ 468.369931][T15233] UDF-fs: error (device loop3): udf_fiiter_advance_blk: extent after position 0 not allocated in directory (ino 1376) [ 468.375763][T15241] delete_channel: no stack [ 468.388655][T15239] loop0: detected capacity change from 0 to 128 [ 468.401035][T15231] loop2: detected capacity change from 0 to 4096 [ 468.448541][T15231] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 468.484192][T15239] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 468.583555][T15239] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 468.596708][T15231] ntfs3(loop2): Inode r=19 is not in use! [ 468.650245][T15231] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 468.665061][T15231] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 468.738260][T15249] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 468.753839][T15231] ntfs3(loop2): ino=1b, mi_enum_attr [ 468.762097][T15231] ntfs3(loop2): ino=1b, mi_enum_attr [ 469.183297][T15269] loop0: detected capacity change from 0 to 1024 [ 469.264744][T15269] hfsplus: inconsistency in B*Tree (128,1,255,1,0) [ 469.291096][T15269] hfsplus: xattr searching failed [ 469.312733][T15269] syz.0.3969: attempt to access beyond end of device [ 469.312733][T15269] loop0: rw=8388608, sector=917504, nr_sectors = 2 limit=1024 [ 469.364538][T15269] Buffer I/O error on dev loop0, logical block 458752, async page read [ 469.411817][T15269] hfsplus: unable to mark blocks free: error -5 [ 469.439036][T15269] hfsplus: can't free extent: start 131, count 1 [ 469.475445][T15282] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3975'. [ 469.660602][T15286] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3979'. [ 469.900549][T15298] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT [ 470.014820][T15300] netlink: 'syz.0.3984': attribute type 21 has an invalid length. [ 470.044800][T15300] netlink: 168 bytes leftover after parsing attributes in process `syz.0.3984'. [ 470.112156][T15273] loop1: detected capacity change from 0 to 32768 [ 470.158194][T15308] netlink: 'syz.4.3989': attribute type 62 has an invalid length. [ 470.252168][T15310] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3988'. [ 470.489645][T15320] loop3: detected capacity change from 0 to 256 [ 470.552304][T15320] FAT-fs (loop3): Directory bread(block 64) failed [ 470.580817][T15320] FAT-fs (loop3): Directory bread(block 65) failed [ 470.605841][T15320] FAT-fs (loop3): Directory bread(block 66) failed [ 470.634002][T15320] FAT-fs (loop3): Directory bread(block 67) failed [ 470.660138][T15320] FAT-fs (loop3): Directory bread(block 68) failed [ 470.666725][T15320] FAT-fs (loop3): Directory bread(block 69) failed [ 470.713906][T15320] FAT-fs (loop3): Directory bread(block 70) failed [ 470.731784][T15320] FAT-fs (loop3): Directory bread(block 71) failed [ 470.761687][T15320] FAT-fs (loop3): Directory bread(block 72) failed [ 470.782400][T15320] FAT-fs (loop3): Directory bread(block 73) failed [ 470.857517][T15330] xt_hashlimit: max too large, truncated to 1048576 [ 470.916793][T15338] ./file0: Can't open blockdev [ 471.059742][T15340] loop4: detected capacity change from 0 to 2048 [ 471.150531][T15340] NILFS (loop4): invalid segment: Magic number mismatch [ 471.186872][T15340] NILFS (loop4): trying rollback from an earlier position [ 471.262514][T15346] loop2: detected capacity change from 0 to 1024 [ 471.272688][T15340] NILFS (loop4): recovery complete [ 471.324576][T15351] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 471.450257][T15346] hfsplus: bad catalog entry used to create inode [ 471.734443][ T58] hfsplus: b-tree write err: -5, ino 4 [ 473.211298][T15413] comedi comedi1: Minor 1094349763 is invalid! [ 473.410480][T15420] loop0: detected capacity change from 0 to 256 [ 473.459732][T15420] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 473.483897][T15420] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 473.558049][T15420] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 473.604333][T15420] exFAT-fs (loop0): failed to load alloc-bitmap [ 473.634574][T15420] exFAT-fs (loop0): failed to recognize exfat type [ 473.905356][ T5951] usb 1-1: new high-speed USB device number 109 using dummy_hcd [ 474.067917][ T5951] usb 1-1: Using ep0 maxpacket: 8 [ 474.105453][ T5951] usb 1-1: unable to get BOS descriptor or descriptor too short [ 474.122442][ T5951] usb 1-1: config 4 has an invalid interface number: 147 but max is 0 [ 474.140828][ T5951] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 474.181682][ T5951] usb 1-1: config 4 has no interface number 0 [ 474.202272][ T5885] usb 2-1: new high-speed USB device number 114 using dummy_hcd [ 474.213249][ T5951] usb 1-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 474.231821][ T5951] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 474.243643][ T5951] usb 1-1: Product: syz [ 474.247838][ T5951] usb 1-1: Manufacturer: syz [ 474.260137][ T5951] usb 1-1: SerialNumber: syz [ 474.361121][ T794] usb 5-1: new high-speed USB device number 106 using dummy_hcd [ 474.380127][ T5885] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 474.397279][ T5885] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 474.415455][ T5885] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 474.428858][ T5885] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 474.444267][ T5885] usb 2-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 474.454631][ T5885] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 474.455507][T15454] loop2: detected capacity change from 0 to 1024 [ 474.482478][ T5885] usb 2-1: config 0 descriptor?? [ 474.509363][ T5951] uvcvideo 1-1:4.147: Found multiple Units with ID 6 [ 474.526249][ T794] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 474.532266][ T5951] uvcvideo 1-1:4.147: Found UVC 0.00 device syz (04f2:b746) [ 474.555436][T15456] netlink: 'syz.3.4061': attribute type 3 has an invalid length. [ 474.564853][ T794] usb 5-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 474.574058][ T5951] uvcvideo 1-1:4.147: Entity type for entity Output 33017 was not initialized! [ 474.595506][ T5951] uvcvideo 1-1:4.147: Failed to create links for entity 33017 [ 474.602713][ T794] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 474.618348][ T5951] uvcvideo 1-1:4.147: Failed to register entities (-22). [ 474.644744][ T794] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 474.652422][ T5951] usb 1-1: USB disconnect, device number 109 [ 474.698043][T15454] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 474.725489][ T5885] hdpvr 2-1:0.0: firmware version 0x1e dated [ 474.856557][ T5821] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 474.924797][T15465] program syz.3.4065 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 474.935846][ T5885] hdpvr 2-1:0.0: device init failed [ 474.954585][ T5885] hdpvr 2-1:0.0: probe with driver hdpvr failed with error -12 [ 475.002409][ T5885] usb 2-1: USB disconnect, device number 114 [ 475.511171][ T5885] usb 3-1: new high-speed USB device number 105 using dummy_hcd [ 475.647595][ T794] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -32 [ 475.674760][ T794] stv0680 5-1:4.0: STV(e): camera ping failed!! [ 475.685492][T15467] loop3: detected capacity change from 0 to 40427 [ 475.692268][ T794] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 475.721154][ T794] stv0680 5-1:4.0: last error: 0, command = 0x0 [ 475.721635][ T5885] usb 3-1: Using ep0 maxpacket: 16 [ 475.730711][T15467] F2FS-fs (loop3): Image doesn't support compression [ 475.745533][ T794] usb 5-1: USB disconnect, device number 106 [ 475.767430][T15467] F2FS-fs (loop3): build fault injection rate: 690 [ 475.769546][ T5885] usb 3-1: config 0 has an invalid interface number: 132 but max is 0 [ 475.797185][T15467] F2FS-fs (loop3): invalid crc value [ 475.823938][ T5885] usb 3-1: config 0 has no interface number 0 [ 475.870641][ T5885] usb 3-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 475.879742][ T5885] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 475.897417][ T5885] usb 3-1: Product: syz [ 475.919630][ T5885] usb 3-1: Manufacturer: syz [ 475.934415][ T5885] usb 3-1: SerialNumber: syz [ 475.964919][ T5885] usb 3-1: config 0 descriptor?? [ 475.988797][ T5885] hub 3-1:0.132: bad descriptor, ignoring hub [ 476.000902][ T5885] hub 3-1:0.132: probe with driver hub failed with error -5 [ 476.022830][ T5885] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.132/input/input43 [ 476.023210][T15467] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 476.073585][T15467] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 476.192941][T15467] F2FS-fs (loop3): Image doesn't support compression [ 476.256686][T15467] F2FS-fs (loop3): build fault injection rate: 690 [ 476.288207][T15495] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4077'. [ 476.307870][T15495] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4077'. [ 476.512525][ T30] audit: type=1326 audit(2016777674.657:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15499 comm="syz.4.4081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f299aeb9 code=0x7ffc0000 [ 476.631261][ T30] audit: type=1326 audit(2016777674.657:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15499 comm="syz.4.4081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f299aeb9 code=0x7ffc0000 [ 476.698093][ T30] audit: type=1326 audit(2016777674.700:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15499 comm="syz.4.4081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46f299aeb9 code=0x7ffc0000 [ 476.698409][T15505] loop4: detected capacity change from 0 to 256 [ 476.768788][ T30] audit: type=1326 audit(2016777674.700:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15499 comm="syz.4.4081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f299aeb9 code=0x7ffc0000 [ 476.839446][ T30] audit: type=1326 audit(2016777674.700:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15499 comm="syz.4.4081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f299aeb9 code=0x7ffc0000 [ 476.840811][T15505] FAT-fs (loop4): Directory bread(block 64) failed [ 476.912655][T15505] FAT-fs (loop4): Directory bread(block 65) failed [ 476.922536][T15510] Driver unsupported XDP return value 0 on prog (id 256) dev N/A, expect packet loss! [ 476.928473][T15505] FAT-fs (loop4): Directory bread(block 66) failed [ 476.940997][T15505] FAT-fs (loop4): Directory bread(block 67) failed [ 476.947954][T15505] FAT-fs (loop4): Directory bread(block 68) failed [ 476.955013][T15505] FAT-fs (loop4): Directory bread(block 69) failed [ 476.964720][T15505] FAT-fs (loop4): Directory bread(block 70) failed [ 476.972391][T15505] FAT-fs (loop4): Directory bread(block 71) failed [ 477.004754][T15505] FAT-fs (loop4): Directory bread(block 72) failed [ 477.013005][T15505] FAT-fs (loop4): Directory bread(block 73) failed [ 477.368864][T15531] loop3: detected capacity change from 0 to 64 [ 477.431973][ T30] audit: type=1326 audit(2016777675.644:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15533 comm="syz.0.4096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7259aeb9 code=0x7ffc0000 [ 477.503687][ T30] audit: type=1326 audit(2016777675.687:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15533 comm="syz.0.4096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7259aeb9 code=0x7ffc0000 [ 477.533242][T15531] minix: block size(59136) > page size(4096) not supported by filesystem [ 477.571223][ T30] audit: type=1326 audit(2016777675.687:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15533 comm="syz.0.4096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f5c7259aeb9 code=0x7ffc0000 [ 477.657843][ T30] audit: type=1326 audit(2016777675.687:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15533 comm="syz.0.4096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7259aeb9 code=0x7ffc0000 [ 477.790639][ T30] audit: type=1326 audit(2016777675.687:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15533 comm="syz.0.4096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7259aeb9 code=0x7ffc0000 [ 477.952518][T15554] netlink: 516 bytes leftover after parsing attributes in process `syz.3.4105'. [ 477.980070][T15555] openvswitch: netlink: IP tunnel dst address not specified [ 478.008563][T15557] netlink: 'syz.4.4107': attribute type 21 has an invalid length. [ 478.048233][T15557] IPv6: NLM_F_CREATE should be specified when creating new route [ 478.073505][T15557] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4107'. [ 478.516261][T15547] loop0: detected capacity change from 0 to 32768 [ 478.576764][T15579] netlink: 'syz.1.4118': attribute type 21 has an invalid length. [ 478.620790][T15579] netlink: 128 bytes leftover after parsing attributes in process `syz.1.4118'. [ 478.671770][T15579] netlink: 'syz.1.4118': attribute type 5 has an invalid length. [ 478.709507][T15579] netlink: 3 bytes leftover after parsing attributes in process `syz.1.4118'. [ 478.898906][T15588] loop1: detected capacity change from 0 to 1024 [ 478.949216][T15588] hfsplus: catalog name length corrupted [ 479.100173][ T1107] hfsplus: b-tree write err: -5, ino 4 [ 479.142947][T15595] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 479.201732][T15598] netlink: 'syz.0.4128': attribute type 33 has an invalid length. [ 479.235247][T15598] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4128'. [ 479.244426][T15598] `: renamed from team0 (while UP) [ 479.354405][T15596] loop2: detected capacity change from 0 to 8192 [ 479.445332][T15596] process 'syz.2.4126' launched './file2' with NULL argv: empty string added [ 479.462917][T15604] loop0: detected capacity change from 0 to 512 [ 479.495805][T15596] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 479.515660][T15596] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 479.531910][T15606] mac80211_hwsim hwsim5 @: renamed from wlan1 (while UP) [ 479.535819][T15604] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #11: comm syz.0.4131: ea_inode with extended attributes [ 479.561047][T15596] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 479.601862][T15580] loop4: detected capacity change from 0 to 40427 [ 479.608150][T15596] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 479.623544][T15604] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 479.623627][T15580] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 479.626589][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 479.646349][ C1] EXT4-fs (loop0): initial error at time 2016777677: ext4_xattr_inode_iget:441: inode 11 [ 479.653087][T15596] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 479.656337][ C1] EXT4-fs (loop0): last error at time 2016777677: ext4_xattr_inode_iget:441: inode 11 [ 479.657753][T15604] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.4131: error while reading EA inode 11 err=-117 [ 479.696485][T15604] loop0: lost filesystem error report for type 5 error -117 [ 479.697456][T15580] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 479.729472][T15604] EXT4-fs (loop0): 1 orphan inode deleted [ 479.736902][T15604] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 479.760812][T15596] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 479.785376][T15596] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 479.798002][T15580] F2FS-fs (loop4): build fault injection rate: 17008 [ 479.814381][T15596] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 479.841703][T15580] F2FS-fs (loop4): invalid crc value [ 479.850701][T15596] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 479.878020][T15596] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 479.886672][T15596] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1043) [ 479.939546][ T865] usb 3-1: USB disconnect, device number 105 [ 480.096150][T15580] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 480.108495][ T5820] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 480.114757][T15580] F2FS-fs (loop4): Start checkpoint disabled! [ 480.158981][T15580] F2FS-fs (loop4): f2fs_disable_checkpoint() finish, err:0 [ 480.222397][T15580] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 480.288913][T15580] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 480.317924][T15627] comedi comedi0: comedi_bond: 4:2 attached, 32 channels from 1 devices [ 480.468299][ T58] kworker/u8:4: attempt to access beyond end of device [ 480.468299][ T58] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 480.506753][ T58] CPU: 1 UID: 0 PID: 58 Comm: kworker/u8:4 Not tainted syzkaller #0 PREEMPT(full) [ 480.506780][ T58] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 480.506821][ T58] Workqueue: writeback wb_workfn (flush-7:4) [ 480.506902][ T58] Call Trace: [ 480.506999][ T58] [ 480.507060][ T58] dump_stack_lvl+0xe8/0x150 [ 480.507123][ T58] f2fs_handle_critical_error+0x37c/0x540 [ 480.507155][ T58] f2fs_write_end_io+0xcdb/0xff0 [ 480.507198][ T58] __submit_merged_bio+0x256/0x700 [ 480.507226][ T58] __submit_merged_write_cond+0x3c3/0x4e0 [ 480.507255][ T58] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 480.507326][ T58] f2fs_write_data_pages+0x2975/0x35e0 [ 480.507386][ T58] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 480.507449][ T58] ? __lock_acquire+0x6b5/0x2cf0 [ 480.507559][ T58] ? unwind_next_frame+0xa5/0x23c0 [ 480.507642][ T58] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 480.507666][ T58] do_writepages+0x32e/0x550 [ 480.507726][ T58] ? reacquire_held_locks+0x104/0x190 [ 480.507748][ T58] ? writeback_sb_inodes+0x43d/0x19a0 [ 480.507774][ T58] __writeback_single_inode+0x133/0x11a0 [ 480.507797][ T58] ? do_raw_spin_unlock+0xf5/0x210 [ 480.507818][ T58] writeback_sb_inodes+0x944/0x19a0 [ 480.507861][ T58] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 480.507879][ T58] ? do_raw_spin_lock+0x12b/0x2f0 [ 480.507935][ T58] ? rcu_is_watching+0x15/0xb0 [ 480.508006][ T58] wb_writeback+0x456/0xb70 [ 480.508030][ T58] ? queue_io+0x241/0x4a0 [ 480.508057][ T58] ? __pfx_wb_writeback+0x10/0x10 [ 480.508075][ T58] ? do_raw_spin_lock+0x12b/0x2f0 [ 480.508106][ T58] wb_workfn+0x414/0xf50 [ 480.508125][ T58] ? look_up_lock_class+0x57/0x110 [ 480.508159][ T58] ? __pfx_wb_workfn+0x10/0x10 [ 480.508181][ T58] ? do_raw_spin_lock+0x12b/0x2f0 [ 480.508200][ T58] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 480.508236][ T58] ? process_one_work+0x87c/0x1650 [ 480.508283][ T58] process_one_work+0x949/0x1650 [ 480.508322][ T58] ? __pfx_process_one_work+0x10/0x10 [ 480.508339][ T58] ? do_raw_spin_lock+0x12b/0x2f0 [ 480.508368][ T58] worker_thread+0xb46/0x1140 [ 480.508409][ T58] kthread+0x388/0x470 [ 480.508427][ T58] ? __pfx_worker_thread+0x10/0x10 [ 480.508445][ T58] ? __pfx_kthread+0x10/0x10 [ 480.508462][ T58] ret_from_fork+0x51e/0xb90 [ 480.508488][ T58] ? __pfx_ret_from_fork+0x10/0x10 [ 480.508515][ T58] ? __switch_to+0xc7d/0x1450 [ 480.508607][ T58] ? __pfx_kthread+0x10/0x10 [ 480.508623][ T58] ret_from_fork_asm+0x1a/0x30 [ 480.508660][ T58] [ 480.509209][ T58] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 481.060640][T15646] x_tables: ip_tables: RATEEST.0 target: invalid size 32 (kernel) != (user) 0 [ 481.083239][T15649] ip6t_srh: unknown srh invflags 4000 [ 481.084037][T15635] loop2: detected capacity change from 0 to 32768 [ 481.138067][T15635] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 481.166951][T15635] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 481.192577][T15635] gfs2: fsid=syz:syz.0: journal 0 mapped with 9 extents in 0ms [ 481.204561][ T5901] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 481.212332][ T5901] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 481.332109][ T5901] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 128ms [ 481.342942][ T5901] gfs2: fsid=syz:syz.0: jid=0: Done [ 481.348212][T15635] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 481.564359][T15659] loop3: detected capacity change from 0 to 4096 [ 481.636415][T15635] gfs2: fsid=syz:syz.0: found 1 quota changes [ 481.783460][T15665] loop4: detected capacity change from 0 to 4096 [ 481.850230][T15635] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 11 2339, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 398 [ 481.904428][T15635] gfs2: fsid=syz:syz.0: G: s:EX n:2/923 f:aqonN t:EX d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 481.936949][T15665] ntfs3(loop4): new label is too long [ 481.990569][T15635] gfs2: fsid=syz:syz.0: H: s:EX f:H e:0 p:15635 [syz.2.4142] gfs2_quota_sync+0x370/0x470 [ 481.993842][T15647] loop0: detected capacity change from 0 to 32768 [ 482.021687][T15635] gfs2: fsid=syz:syz.0: I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0 [ 482.035146][T15635] CPU: 1 UID: 0 PID: 15635 Comm: syz.2.4142 Not tainted syzkaller #0 PREEMPT(full) [ 482.035176][T15635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 482.035190][T15635] Call Trace: [ 482.035199][T15635] [ 482.035208][T15635] dump_stack_lvl+0xe8/0x150 [ 482.035242][T15635] gfs2_withdraw+0xc3/0x1b0 [ 482.035270][T15635] inode_go_instantiate+0xab4/0x1220 [ 482.035297][T15635] ? preempt_schedule_common+0x82/0xd0 [ 482.035364][T15635] ? __pfx_inode_go_instantiate+0x10/0x10 [ 482.035399][T15635] gfs2_instantiate+0x168/0x220 [ 482.035436][T15635] gfs2_glock_wait+0x1d4/0x2a0 [ 482.035464][T15635] do_sync+0x49a/0xcb0 [ 482.035489][T15635] ? _raw_spin_unlock+0x28/0x50 [ 482.035535][T15635] ? gfs2_quota_sync+0x370/0x470 [ 482.035571][T15635] ? __pfx_do_sync+0x10/0x10 [ 482.035609][T15635] ? gfs2_quota_sync+0x370/0x470 [ 482.035640][T15635] ? do_raw_spin_unlock+0xf5/0x210 [ 482.035665][T15635] gfs2_quota_sync+0x370/0x470 [ 482.035699][T15635] gfs2_sync_fs+0x4c/0xb0 [ 482.035724][T15635] sync_filesystem+0xee/0x230 [ 482.035793][T15635] gfs2_reconfigure+0xbb/0xb20 [ 482.035815][T15635] ? _raw_spin_unlock+0x28/0x50 [ 482.035835][T15635] ? sb_prepare_remount_readonly+0x471/0x4b0 [ 482.035893][T15635] reconfigure_super+0x227/0x8a0 [ 482.035966][T15635] path_mount+0xdc5/0x10e0 [ 482.036055][T15635] ? user_path_at+0xd4/0x160 [ 482.036103][T15635] __se_sys_mount+0x31d/0x420 [ 482.036139][T15635] ? __pfx___se_sys_mount+0x10/0x10 [ 482.036181][T15635] ? __x64_sys_mount+0x20/0xc0 [ 482.036211][T15635] do_syscall_64+0x14d/0xf80 [ 482.036236][T15635] ? trace_irq_disable+0x3b/0x150 [ 482.036306][T15635] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.036328][T15635] ? clear_bhb_loop+0x40/0x90 [ 482.036353][T15635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.036375][T15635] RIP: 0033:0x7f587479aeb9 [ 482.036434][T15635] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 482.036484][T15635] RSP: 002b:00007f5875721028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 482.036535][T15635] RAX: ffffffffffffffda RBX: 00007f5874a15fa0 RCX: 00007f587479aeb9 [ 482.036551][T15635] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000000 [ 482.036565][T15635] RBP: 00007f5874808c1f R08: 0000000000000000 R09: 0000000000000000 [ 482.036579][T15635] R10: 0000000000000021 R11: 0000000000000246 R12: 0000000000000000 [ 482.036593][T15635] R13: 00007f5874a16038 R14: 00007f5874a15fa0 R15: 00007fff1ed76788 [ 482.036627][T15635] [ 482.039469][T15635] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 482.112536][T15647] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4149 (15647) [ 482.138466][ T5901] gfs2: fsid=syz:syz.0: file system withdrawn [ 482.345168][T15674] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 482.385671][T15647] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 482.435579][T15647] BTRFS info (device loop0): using sha256 checksum algorithm [ 482.656842][T15698] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4166'. [ 482.667544][T15698] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4166'. [ 482.688493][T15647] BTRFS info (device loop0): enabling ssd optimizations [ 482.749670][T15647] BTRFS info (device loop0): turning on async discard [ 482.786432][T15647] BTRFS info (device loop0): enabling free space tree [ 482.880118][T15705] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4169'. [ 482.893602][T15707] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4170'. [ 483.022930][ T5820] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 483.192761][T15718] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4175'. [ 483.572842][T15732] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 483.811909][T15740] netlink: 'syz.2.4185': attribute type 13 has an invalid length. [ 483.987169][T15750] loop3: detected capacity change from 0 to 16 [ 484.074304][T15750] erofs (device loop3): mounted with root inode @ nid 36. [ 484.340054][T15768] loop2: detected capacity change from 0 to 1024 [ 484.486073][T15774] loop0: detected capacity change from 0 to 1024 [ 484.551732][T15778] Unsupported ieee802154 address type: 0 [ 484.595689][T15774] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 484.607720][T15782] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 484.643297][T15774] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 484.718730][T15774] EXT4-fs (loop0): orphan cleanup on readonly fs [ 484.775063][T15774] EXT4-fs error (device loop0): ext4_map_blocks:776: inode #3: block 2: comm syz.0.4202: lblock 2 mapped to illegal pblock 2 (length 1) [ 484.807936][T15774] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 484.824773][T15774] __quota_error: 1 callbacks suppressed [ 484.824869][T15774] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 484.834048][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 484.834075][ C1] EXT4-fs (loop0): initial error at time 2016777683: ext4_map_blocks:776: inode 3: block 2 [ 484.834119][ C1] EXT4-fs (loop0): last error at time 2016777683: ext4_map_blocks:776: inode 3: block 2 [ 484.858783][T15788] bond1: option downdelay: invalid value (18446744073709551615) [ 484.885827][T15788] bond1: option downdelay: allowed values 0 - 2147483647 [ 484.894273][T15774] EXT4-fs error (device loop0): ext4_map_blocks:776: inode #3: block 48: comm syz.0.4202: lblock 0 mapped to illegal pblock 48 (length 1) [ 484.908555][T15774] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 484.910582][T15774] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 484.936143][T15788] bond1 (unregistering): Released all slaves [ 484.946791][T15774] EXT4-fs error (device loop0): ext4_acquire_dquot:7003: comm syz.0.4202: Failed to acquire dquot type 0 [ 484.946826][T15774] loop0: lost filesystem error report for type 5 error -117 [ 484.947157][T15774] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 484.947247][T15774] loop0: lost filesystem error report for type 5 error -117 [ 484.947470][T15774] EXT4-fs error (device loop0): ext4_evict_inode:255: inode #11: comm syz.0.4202: mark_inode_dirty error [ 484.947517][T15774] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 484.947715][T15774] EXT4-fs warning (device loop0): ext4_evict_inode:258: couldn't mark inode dirty (err -117) [ 484.947789][T15774] EXT4-fs (loop0): 1 orphan inode deleted [ 484.979494][ T1107] EXT4-fs error (device loop0): ext4_map_blocks:776: inode #3: block 1: comm kworker/u8:7: lblock 1 mapped to illegal pblock 1 (length 1) [ 484.979532][ T1107] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 484.992222][ T1107] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 484.992270][ T1107] EXT4-fs error (device loop0): ext4_release_dquot:7039: comm kworker/u8:7: Failed to release dquot type 0 [ 484.992305][ T1107] loop0: lost filesystem error report for type 5 error -117 [ 484.994421][T15774] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 485.189980][T15774] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 485.231844][T15774] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 485.329953][ T5820] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 485.825730][T15830] SET target dimension over the limit! [ 485.893461][T15832] netlink: 92 bytes leftover after parsing attributes in process `syz.4.4228'. [ 485.919592][T15835] loop3: detected capacity change from 0 to 8 [ 485.972237][T15838] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4231'. [ 486.169819][T15844] sctp: [Deprecated]: syz.0.4234 (pid 15844) Use of struct sctp_assoc_value in delayed_ack socket option. [ 486.169819][T15844] Use struct sctp_sack_info instead [ 486.246049][ T30] audit: type=1326 audit(2016777685.107:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15847 comm="syz.1.4236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f4f9aeb9 code=0x7ffc0000 [ 486.327586][ T30] audit: type=1326 audit(2016777685.107:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15847 comm="syz.1.4236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f4f9aeb9 code=0x7ffc0000 [ 486.430350][ T30] audit: type=1326 audit(2016777685.139:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15847 comm="syz.1.4236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=123 compat=0 ip=0x7f25f4f9aeb9 code=0x7ffc0000 [ 486.470117][T15858] netlink: 208 bytes leftover after parsing attributes in process `syz.1.4240'. [ 486.480783][T15857] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4241'. [ 486.483335][ T30] audit: type=1326 audit(2016777685.139:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15847 comm="syz.1.4236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f4f9aeb9 code=0x7ffc0000 [ 486.513036][T15857] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4241'. [ 486.526637][T15854] loop0: detected capacity change from 0 to 4096 [ 486.551596][T15854] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 486.566831][ T30] audit: type=1326 audit(2016777685.139:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15847 comm="syz.1.4236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f4f9aeb9 code=0x7ffc0000 [ 486.579311][T15815] loop2: detected capacity change from 0 to 32768 [ 486.656461][T15854] ntfs3(loop0): ino=19, mi_enum_attr [ 486.684750][T15854] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 486.710523][T15815] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 486.801782][T15872] loop4: detected capacity change from 0 to 512 [ 486.810274][T15815] XFS (loop2): Ending clean mount [ 486.828525][T15876] loop3: detected capacity change from 0 to 256 [ 486.857423][T15815] XFS (loop2): Quotacheck needed: Please wait. [ 487.001625][T15872] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 487.021801][T15815] XFS (loop2): Quotacheck: Done. [ 487.063258][T15872] ext4 filesystem being mounted at /838/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 487.189580][T15872] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 487.237865][ T5821] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 487.361493][ T5823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 487.498042][T15898] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4256'. [ 487.558553][T15901] netlink: 'syz.0.4258': attribute type 8 has an invalid length. [ 487.922420][T15907] loop1: detected capacity change from 0 to 4096 [ 487.972284][T15913] loop0: detected capacity change from 0 to 2048 [ 487.995024][T15907] ntfs3(loop1): ino=b, Correct links count -> 1. [ 488.053063][T15907] ntfs3(loop1): ino=18, mi_enum_attr [ 488.059597][T15907] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 488.099575][T15913] NILFS error (device loop0): nilfs_check_folio: bad entry in directory #2: unaligned directory entry - offset=0, inode=18446736377128157191, rec_len=65535, name_len=255 [ 488.200444][T15921] ip6gre1: entered allmulticast mode [ 488.327439][T15923] loop4: detected capacity change from 0 to 256 [ 488.805400][T15936] loop3: detected capacity change from 0 to 4096 [ 488.828348][T15911] loop2: detected capacity change from 0 to 32768 [ 488.842248][T15941] SET target dimension over the limit! [ 488.862013][T15911] btrfs: Deprecated parameter 'usebackuproot' [ 488.880595][T15911] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 488.900546][T15911] BTRFS info: device /dev/loop2 (7:2) using temp-fsid 67e246a5-f573-457f-a003-335c96dab086 [ 488.910784][T15911] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4262 (15911) [ 488.951071][T15936] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 488.963938][T15911] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 489.040548][T15911] BTRFS info (device loop2): using crc32c checksum algorithm [ 489.153154][ T3476] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0x32b4fbab level 0 [ 489.213074][T15911] BTRFS error (device loop2): failed to load root extent [ 489.258781][ T5828] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 489.282401][T15911] BTRFS warning (device loop2): try to load backup roots slot 1 [ 489.381439][T15911] BTRFS info (device loop2): setting nodatasum [ 489.422666][T15911] BTRFS info (device loop2): disabling tree log [ 489.428988][T15911] BTRFS info (device loop2): turning on flush-on-commit [ 489.431844][ T29] usb 2-1: new high-speed USB device number 115 using dummy_hcd [ 489.462433][T15911] BTRFS info (device loop2): turning on async discard [ 489.490889][T15911] BTRFS info (device loop2): enabling free space tree [ 489.528228][T15911] BTRFS info (device loop2): force clearing of disk cache [ 489.553187][T15911] BTRFS info (device loop2): trying to use backup root at mount time [ 489.609954][ T29] usb 2-1: Using ep0 maxpacket: 16 [ 489.618158][T15977] openvswitch: netlink: Missing key (keys=40, expected=80) [ 489.643563][ T29] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 489.681324][ T29] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 489.691170][ T5821] BTRFS info (device loop2): last unmount of filesystem 67e246a5-f573-457f-a003-335c96dab086 [ 489.716069][ T29] usb 2-1: Product: syz [ 489.738178][ T29] usb 2-1: Manufacturer: syz [ 489.745127][ T29] usb 2-1: SerialNumber: syz [ 489.790530][ T29] r8152-cfgselector 2-1: Unknown version 0x0000 [ 489.799217][T15957] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4281 (15957) [ 489.800017][ T29] r8152-cfgselector 2-1: config 0 descriptor?? [ 489.875868][T15957] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 489.905267][T15957] BTRFS info (device loop0): using xxhash64 checksum algorithm [ 489.930473][T15984] PKCS7: Unknown OID: [5] (bad) [ 489.934878][T15957] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 489.943652][T15984] PKCS7: Only support pkcs7_signedData type [ 490.127583][T15957] BTRFS info (device loop0): rebuilding free space tree [ 490.216281][T15957] BTRFS info (device loop0): disabling free space tree [ 490.243436][T15957] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 490.280336][T15957] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 490.281274][ T865] r8152-cfgselector 2-1: USB disconnect, device number 115 [ 490.333931][T15957] BTRFS info (device loop0): allowing degraded mounts [ 490.389968][T15957] BTRFS info (device loop0): enabling ssd optimizations [ 490.433347][T15957] BTRFS info (device loop0): turning on async discard [ 490.457030][T15957] BTRFS info (device loop0): enabling disk space caching [ 490.490862][T15957] BTRFS info (device loop0): force clearing of disk cache [ 490.513841][T15957] BTRFS info (device loop0): use zlib compression, level 3 [ 490.643996][T16021] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 490.798411][T15957] BTRFS info (device loop0): balance: start -f -susage=0..2,drange=11..18446744073709551614,limit=67076096..0 [ 490.908854][T15957] BTRFS info (device loop0): balance: ended with status: 0 [ 491.115122][ T5820] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 491.260164][T16037] set_capacity_and_notify: 2 callbacks suppressed [ 491.260237][T16037] loop2: detected capacity change from 0 to 2048 [ 491.326800][T16037] udf: Unknown parameter 'shortan$uid˝forget' [ 491.389788][T16037] cifs: Unknown parameter 'anchor' [ 491.394981][T16037] CIFS mount error: No usable UNC path provided in device string! [ 491.394981][T16037] [ 491.472745][T16047] loop4: detected capacity change from 0 to 256 [ 491.480418][T16037] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 491.541178][T16052] netlink: 'syz.1.4311': attribute type 1 has an invalid length. [ 491.570163][T16047] FAT-fs (loop4): Directory bread(block 64) failed [ 491.584314][T16052] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4311'. [ 491.595732][T16047] FAT-fs (loop4): Directory bread(block 65) failed [ 491.602372][T16047] FAT-fs (loop4): Directory bread(block 66) failed [ 491.672355][T16047] FAT-fs (loop4): Directory bread(block 67) failed [ 491.708081][T16049] loop0: detected capacity change from 0 to 4096 [ 491.740979][T16047] FAT-fs (loop4): Directory bread(block 68) failed [ 491.799149][T16049] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 491.805232][T16047] FAT-fs (loop4): Directory bread(block 69) failed [ 491.836484][T16047] FAT-fs (loop4): Directory bread(block 70) failed [ 491.841908][T16059] program syz.3.4315 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 491.845578][T16047] FAT-fs (loop4): Directory bread(block 71) failed [ 491.929281][T16047] FAT-fs (loop4): Directory bread(block 72) failed [ 491.938675][T16047] FAT-fs (loop4): Directory bread(block 73) failed [ 491.996204][ T5820] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 492.089471][T16065] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4318'. [ 492.306695][T16074] loop0: detected capacity change from 0 to 512 [ 492.365678][T16074] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 492.396006][T16074] ext4 filesystem being mounted at /880/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 492.426113][ T865] usb 3-1: new high-speed USB device number 106 using dummy_hcd [ 492.616042][ T5820] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 492.632403][ T865] usb 3-1: Using ep0 maxpacket: 32 [ 492.688158][ T865] usb 3-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15 [ 492.703138][ T865] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 492.726996][T16095] loop4: detected capacity change from 0 to 256 [ 492.735590][ T865] usb 3-1: Product: syz [ 492.739787][ T865] usb 3-1: Manufacturer: syz [ 492.758976][ T865] usb 3-1: SerialNumber: syz [ 492.764958][T16095] exfat: Deprecated parameter 'namecase' [ 492.788909][ T865] usb 3-1: config 0 descriptor?? [ 492.799703][T16095] exfat: Deprecated parameter 'utf8' [ 492.821581][T16095] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 492.894491][T16101] loop3: detected capacity change from 0 to 1024 [ 492.960418][T16101] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 492.988400][ T865] RobotFuzz Open Source InterFace, OSIF 3-1:0.0: version d4.15 found at bus 003 address 106 [ 493.149456][T16110] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4339'. [ 493.175223][ T865] usb 3-1: USB disconnect, device number 106 [ 493.448690][T16120] loop1: detected capacity change from 0 to 256 [ 493.478849][T16120] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 493.591205][T16125] syz.4.4348 uses obsolete (PF_INET,SOCK_PACKET) [ 493.702734][T16127] loop3: detected capacity change from 0 to 2048 [ 493.725184][T16127] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 493.780358][T16132] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 493.843906][T16135] netlink: 'syz.2.4351': attribute type 2 has an invalid length. [ 493.878963][T16135] netlink: 228 bytes leftover after parsing attributes in process `syz.2.4351'. [ 494.142646][T16117] loop0: detected capacity change from 0 to 32768 [ 494.186396][T16117] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4343 (16117) [ 494.213093][T16117] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 494.213142][T16117] BTRFS info (device loop0): using sha256 checksum algorithm [ 494.213201][T16117] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 494.371247][T16117] BTRFS info (device loop0): rebuilding free space tree [ 494.446718][T16117] BTRFS info (device loop0): disabling free space tree [ 494.446785][T16117] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 494.446834][T16117] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 494.542531][T16117] BTRFS info (device loop0): enabling ssd optimizations [ 494.542608][T16117] BTRFS info (device loop0): enabling disk space caching [ 494.542665][T16117] BTRFS info (device loop0): force clearing of disk cache [ 494.542683][T16117] BTRFS info (device loop0): enabling auto defrag [ 494.542707][T16117] BTRFS info (device loop0): max_inline set to 0 [ 494.712695][ T5820] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 494.917994][ T30] audit: type=1326 audit(2016777694.409:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.0.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7259aeb9 code=0x7ffc0000 [ 495.022693][T16185] netlink: 'syz.4.4369': attribute type 10 has an invalid length. [ 495.034356][ T30] audit: type=1326 audit(2016777694.409:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.0.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7259aeb9 code=0x7ffc0000 [ 495.100268][ T30] audit: type=1326 audit(2016777694.452:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.0.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7f5c7259aeb9 code=0x7ffc0000 [ 495.157059][ T30] audit: type=1326 audit(2016777694.452:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.0.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7259aeb9 code=0x7ffc0000 [ 495.206804][ T30] audit: type=1326 audit(2016777694.452:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.0.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7259aeb9 code=0x7ffc0000 [ 495.248653][T16185] team0: Port device syz_tun added [ 495.389786][ T30] audit: type=1326 audit(2016777694.902:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16192 comm="syz.3.4373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fed19aeb9 code=0x7ffc0000 [ 495.478979][T16199] random: crng reseeded on system resumption [ 495.487911][ T30] audit: type=1326 audit(2016777694.902:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16192 comm="syz.3.4373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fed19aeb9 code=0x7ffc0000 [ 495.562990][ T30] audit: type=1326 audit(2016777694.945:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16192 comm="syz.3.4373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7f7fed19aeb9 code=0x7ffc0000 [ 495.601945][T16202] xt_TCPMSS: Only works on TCP SYN packets [ 495.691604][ T30] audit: type=1326 audit(2016777694.945:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16192 comm="syz.3.4373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fed19aeb9 code=0x7ffc0000 [ 495.735605][ T30] audit: type=1326 audit(2016777694.945:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16192 comm="syz.3.4373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fed19aeb9 code=0x7ffc0000 [ 495.803962][T16176] loop1: detected capacity change from 0 to 32768 [ 495.868720][T16176] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4365 (16176) [ 495.951368][T16176] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 495.982067][T16209] FAT-fs (loop0): Directory bread(block 64) failed [ 496.014252][T16176] BTRFS info (device loop1): using sha256 checksum algorithm [ 496.022371][T16213] vim2m vim2m.0: Fourcc format (0x31384142) invalid. [ 496.033847][T16209] FAT-fs (loop0): Directory bread(block 65) failed [ 496.061602][T16209] FAT-fs (loop0): Directory bread(block 66) failed [ 496.093403][T16209] FAT-fs (loop0): Directory bread(block 67) failed [ 496.107348][T16209] FAT-fs (loop0): Directory bread(block 68) failed [ 496.116048][T16209] FAT-fs (loop0): Directory bread(block 69) failed [ 496.133692][T16209] FAT-fs (loop0): Directory bread(block 70) failed [ 496.146343][T16209] FAT-fs (loop0): Directory bread(block 71) failed [ 496.179875][T16209] FAT-fs (loop0): Directory bread(block 72) failed [ 496.219678][T16176] BTRFS info (device loop1): enabling ssd optimizations [ 496.226823][T16176] BTRFS info (device loop1): turning on async discard [ 496.233617][T16176] BTRFS info (device loop1): enabling free space tree [ 496.241129][T16209] FAT-fs (loop0): Directory bread(block 73) failed [ 496.311480][T16235] tmpfs: Bad value for 'mpol' [ 496.403468][ T5822] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 496.921497][T16258] bond1: entered allmulticast mode [ 496.928197][T16258] 8021q: adding VLAN 0 to HW filter on device bond1 [ 498.225922][T16321] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 498.480892][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 498.487733][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 498.803799][T16353] set_capacity_and_notify: 1 callbacks suppressed [ 498.803818][T16353] loop2: detected capacity change from 0 to 8 [ 499.333632][T16377] loop2: detected capacity change from 0 to 64 [ 499.484855][T16333] loop0: detected capacity change from 0 to 32768 [ 499.505737][T16382] loop3: detected capacity change from 0 to 512 [ 499.528379][T16333] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4424 (16333) [ 499.610742][T16333] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 499.665358][T16333] BTRFS info (device loop0): using sha256 checksum algorithm [ 499.699751][T16382] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 499.796354][T16382] ext4 filesystem being mounted at /908/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 499.930646][T16333] BTRFS info (device loop0): enabling ssd optimizations [ 499.938771][T16333] BTRFS info (device loop0): turning on async discard [ 499.992398][T16333] BTRFS info (device loop0): enabling free space tree [ 500.094484][ T5828] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 500.205071][ T5820] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 500.492307][T16432] x_tables: ip_tables: osf match: only valid for protocol 6 [ 500.712122][ T865] usb 5-1: new high-speed USB device number 107 using dummy_hcd [ 500.732096][T16441] loop1: detected capacity change from 0 to 512 [ 500.756368][ T5951] usb 1-1: new high-speed USB device number 110 using dummy_hcd [ 500.784225][T16441] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 500.821956][T16441] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 500.877588][ T865] usb 5-1: Using ep0 maxpacket: 32 [ 500.923567][ T865] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 500.934423][ T5951] usb 1-1: Using ep0 maxpacket: 32 [ 500.952219][T16441] EXT4-fs (loop1): 1 truncate cleaned up [ 500.968993][ T5951] usb 1-1: config 0 has an invalid interface number: 146 but max is 0 [ 501.000988][T16441] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 501.009131][ T5951] usb 1-1: config 0 has no interface number 0 [ 501.022165][ T865] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 501.042152][ T865] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 501.061258][ T5951] usb 1-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 501.072422][ T865] usb 5-1: Product: syz [ 501.077341][ T865] usb 5-1: Manufacturer: syz [ 501.081959][ T865] usb 5-1: SerialNumber: syz [ 501.086719][ T5951] usb 1-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 501.106098][ T865] usb 5-1: config 0 descriptor?? [ 501.117660][ T5951] usb 1-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024 [ 501.133298][ T865] usb 5-1: bad CDC descriptors [ 501.142993][T16453] loop2: detected capacity change from 0 to 256 [ 501.151760][ T865] usb 5-1: unsupported MDLM descriptors [ 501.157554][ T5951] usb 1-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024 [ 501.172878][ T5951] usb 1-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82 [ 501.176702][ T5822] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 501.205181][T16453] exfat: Deprecated parameter 'namecase' [ 501.239750][ T5951] usb 1-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 501.241328][T16453] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 501.265068][ T5951] usb 1-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 501.311931][ T5951] usb 1-1: config 0 interface 146 altsetting 0 endpoint 0x1 has invalid maxpacket 29557, setting to 1024 [ 501.339959][T16453] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d) [ 501.367422][ T10] usb 5-1: USB disconnect, device number 107 [ 501.388854][ T5951] usb 1-1: config 0 interface 146 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024 [ 501.414449][ T5951] usb 1-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 501.471044][ T5951] usb 1-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95 [ 501.492663][ T5951] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 501.512034][ T5951] usb 1-1: Product: syz [ 501.516269][ T5951] usb 1-1: Manufacturer: syz [ 501.528827][ T5951] usb 1-1: SerialNumber: syz [ 501.575049][ T5951] usb 1-1: config 0 descriptor?? [ 501.586274][T16435] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 501.603265][T16435] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 501.645375][ T5951] microtek usb (rev 0.4.3): will this work? Response EP is not usually 3 [ 501.668596][ T5951] microtek usb (rev 0.4.3): will this work? Image data EP is not usually 2 [ 501.672112][T16466] loop3: detected capacity change from 0 to 1024 [ 501.701805][ T5951] scsi host1: microtekX6 [ 501.734260][T16466] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 501.746744][T16466] ext4 filesystem being mounted at /912/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 501.796730][T16466] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4472: bg 0: block 112: padding at end of block bitmap is not set [ 501.933080][T16466] EXT4-fs (loop3): Remounting filesystem read-only [ 501.956649][ T865] usb 1-1: USB disconnect, device number 110 [ 502.074780][ T5828] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 502.370569][T16491] xt_TCPMSS: Only works on TCP SYN packets [ 502.979325][T16522] Cannot find del_set index 0 as target [ 502.993213][T16525] netlink: 'syz.3.4500': attribute type 32 has an invalid length. [ 503.063999][T16519] loop0: detected capacity change from 0 to 4096 [ 503.077508][T16519] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 503.100713][T16519] ntfs3(loop0): ino=3, mi_enum_attr [ 503.159878][T16531] loop1: detected capacity change from 0 to 512 [ 503.388708][T16538] loop3: detected capacity change from 0 to 256 [ 503.399879][T16540] netlink: 45 bytes leftover after parsing attributes in process `syz.2.4505'. [ 503.469576][T16538] FAT-fs (loop3): Directory bread(block 64) failed [ 503.476159][T16538] FAT-fs (loop3): Directory bread(block 65) failed [ 503.541792][T16538] FAT-fs (loop3): Directory bread(block 66) failed [ 503.583702][T16538] FAT-fs (loop3): Directory bread(block 67) failed [ 503.599365][T16538] FAT-fs (loop3): Directory bread(block 68) failed [ 503.621895][T16538] FAT-fs (loop3): Directory bread(block 69) failed [ 503.643390][T16549] loop2: detected capacity change from 0 to 512 [ 503.654218][T16538] FAT-fs (loop3): Directory bread(block 70) failed [ 503.664819][ T30] audit: type=1326 audit(2016777703.797:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16546 comm="syz.1.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f4f9aeb9 code=0x7ffc0000 [ 503.682445][T16538] FAT-fs (loop3): Directory bread(block 71) failed [ 503.707018][T16549] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e01c, mo2=0002] [ 503.720304][T16538] FAT-fs (loop3): Directory bread(block 72) failed [ 503.730865][T16538] FAT-fs (loop3): Directory bread(block 73) failed [ 503.744787][T16554] netlink: 'syz.4.4514': attribute type 7 has an invalid length. [ 503.757737][ T30] audit: type=1326 audit(2016777703.797:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16546 comm="syz.1.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f4f9aeb9 code=0x7ffc0000 [ 503.768416][T16549] System zones: [ 503.780442][ T30] audit: type=1326 audit(2016777703.818:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16546 comm="syz.1.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f25f4f9aeb9 code=0x7ffc0000 [ 503.810357][ T30] audit: type=1326 audit(2016777735.828:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16546 comm="syz.1.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f4f9aeb9 code=0x7ffc0000 [ 503.841204][ T30] audit: type=1326 audit(2016777735.828:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16546 comm="syz.1.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f4f9aeb9 code=0x7ffc0000 [ 503.864993][T16549] 1-12 [ 503.893683][T16549] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.4512: Directory hole found for htree index block 0 [ 503.907525][T16549] loop2: lost file I/O error report for ino 2 type 5 pos 0x0 len 0x0 error -117 [ 503.909008][T16549] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 503.918367][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 503.918391][ C0] EXT4-fs (loop2): initial error at time 2016777736: dx_probe:791: inode 2 [ 503.918419][ C0] EXT4-fs (loop2): last error at time 2016777736: dx_probe:791: inode 2 [ 503.954028][T16549] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.4512: Directory hole found for htree index block 0 [ 503.986058][T16549] loop2: lost file I/O error report for ino 2 type 5 pos 0x0 len 0x0 error -117 [ 503.986529][T16549] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 504.058115][T16549] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 504.111076][T16563] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 504.232260][T16549] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.4512: Directory hole found for htree index block 0 [ 504.357485][ T5821] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 504.447158][T16580] netlink: 'syz.1.4525': attribute type 1 has an invalid length. [ 504.497272][T16580] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4525'. [ 504.657318][T16592] netlink: 'syz.3.4532': attribute type 2 has an invalid length. [ 504.677502][T16593] loop2: detected capacity change from 0 to 512 [ 504.725525][T16593] EXT4-fs: Ignoring removed nomblk_io_submit option [ 504.803418][T16593] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 504.858663][T16603] netlink: zone id is out of range [ 504.861221][T16593] ext4 filesystem being mounted at /933/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 505.001740][T16593] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 505.072172][T16593] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 505.110920][T16593] EXT4-fs error (device loop2): ext4_acquire_dquot:7003: comm syz.2.4530: Failed to acquire dquot type 1 [ 505.241014][ T5821] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 505.330988][ T30] audit: type=1400 audit(2016777737.577:79): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AA009F5 pid=16624 comm="syz.3.4547" [ 505.754928][T16648] loop3: detected capacity change from 0 to 64 [ 505.851448][T16648] syz.3.4558: attempt to access beyond end of device [ 505.851448][T16648] loop3: rw=8388608, sector=268435468, nr_sectors = 2 limit=64 [ 505.904167][T16648] Buffer I/O error on dev loop3, logical block 134217734, async page read [ 506.054262][T16648] Trying to free block not in datazone [ 506.309783][T16664] xt_CT: No such helper "snmp_trap" [ 507.106735][T16711] netlink: 'syz.3.4588': attribute type 4 has an invalid length. [ 507.126328][T16711] netlink: 152 bytes leftover after parsing attributes in process `syz.3.4588'. [ 507.198844][T16711] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 507.587861][T16731] loop4: detected capacity change from 0 to 4096 [ 507.619503][T16738] 8021q: adding VLAN 0 to HW filter on device bond0 [ 507.637912][T16738] bond0: (slave ip6tnl0): The slave device specified does not support setting the MAC address [ 507.687229][T16742] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 507.706940][T16738] bond0: (slave ip6tnl0): Error -95 calling set_mac_address [ 507.820297][T16731] NILFS (loop4): nilfs_palloc_commit_free_entry (ino=6): entry number 15 already freed [ 507.952236][T16752] loop0: detected capacity change from 0 to 1024 [ 508.077466][T16758] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4608'. [ 508.132232][T16758] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4608'. [ 508.175217][ T48] hfsplus: b-tree write err: -5, ino 4 [ 508.703002][T16781] loop2: detected capacity change from 0 to 8192 [ 508.826873][T16785] loop0: detected capacity change from 0 to 4096 [ 508.886254][T16785] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 509.049813][T16785] ntfs3(loop0): ino=3, ntfs_set_state failed, -22. [ 509.096031][T16785] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 509.188388][T16785] ntfs3(loop0): ino=1e, mi_enum_attr [ 509.207783][T16785] ntfs3(loop0): ino=1e, mi_enum_attr [ 509.235879][T16808] bond0: (slave gre0): The slave device specified does not support setting the MAC address [ 509.250032][T16785] ntfs3(loop0): ino=1e, mi_enum_attr [ 509.277665][T16808] bond0: (slave gre0): Error -95 calling set_mac_address [ 509.412968][ T58] ntfs3(loop0): ino=3, ntfs3_write_inode failed, -22. [ 509.422278][ T5820] ntfs3(loop0): ino=3, ntfs_set_state failed, -22. [ 509.443514][ T5820] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 509.459823][ T5820] ntfs3(loop0): ino=3, ntfs_set_state failed, -22. [ 509.531594][T16822] loop1: detected capacity change from 0 to 64 [ 509.572236][T16822] minix: block size(59136) > page size(4096) not supported by filesystem [ 509.672735][T16822] Trying to free block not in datazone [ 509.740139][T16822] Trying to free block not in datazone [ 509.745651][T16822] Trying to free block not in datazone [ 509.791749][T16822] Trying to free block not in datazone [ 509.831824][T16822] Trying to free block not in datazone [ 509.850776][T16822] Trying to free block not in datazone [ 509.889816][T16822] Trying to free block not in datazone [ 509.895339][T16822] Trying to free block not in datazone [ 509.912199][T16837] 9pnet_fd: Insufficient options for proto=fd [ 509.924843][T16822] Trying to free block not in datazone [ 509.943987][T16839] loop0: detected capacity change from 0 to 512 [ 509.960264][T16822] Trying to free block not in datazone [ 509.974136][T16822] Trying to free block not in datazone [ 509.989880][T16822] Trying to free block not in datazone [ 509.997149][T16841] tmpfs: Bad value for 'mpol' [ 510.042759][T16822] Trying to free block not in datazone [ 510.066358][T16822] Trying to free block not in datazone [ 510.103297][T16822] Trying to free block not in datazone [ 510.124899][T16822] Trying to free block not in datazone [ 510.141436][T16822] Trying to free block not in datazone [ 510.198736][T16822] Trying to free block not in datazone [ 510.204253][T16822] Trying to free block not in datazone [ 510.242227][T16822] Trying to free block not in datazone [ 510.263659][T16848] loop0: detected capacity change from 0 to 64 [ 510.290448][T16822] Trying to free block not in datazone [ 510.316034][T16822] Trying to free block not in datazone [ 510.336868][T16813] loop4: detected capacity change from 0 to 32768 [ 510.346007][T16822] Trying to free block not in datazone [ 510.351513][T16822] Trying to free block not in datazone [ 510.404494][T16813] ERROR: (device loop4): xtSearch: xt_getpage: xtree page corrupt [ 510.404494][T16813] [ 510.422183][T16822] Trying to free block not in datazone [ 510.442663][T16822] Trying to free block not in datazone [ 510.448776][T16822] Trying to free block not in datazone [ 510.477695][T16813] ERROR: (device loop4): remounting filesystem as read-only [ 510.478037][T16822] Trying to free block not in datazone [ 510.538572][T16822] Trying to free block not in datazone [ 510.549150][T16813] xtLookup: xtSearch returned -5 [ 510.560819][T16822] Trying to free block not in datazone [ 510.566344][T16822] Trying to free block not in datazone [ 510.620979][T16822] Trying to free block not in datazone [ 510.648305][T16822] Trying to free block not in datazone [ 510.673027][T16822] Trying to free block not in datazone [ 510.716660][T16822] Trying to free block not in datazone [ 510.750144][T16822] Trying to free block not in datazone [ 510.766749][T16822] Trying to free block not in datazone [ 510.772265][T16822] Trying to free block not in datazone [ 510.818893][T16822] Trying to free block not in datazone [ 510.828828][T16822] Trying to free block not in datazone [ 510.844959][T16822] Trying to free block not in datazone [ 510.870602][T16822] Trying to free block not in datazone [ 510.876145][T16822] Trying to free block not in datazone [ 510.924738][T16822] Trying to free block not in datazone [ 510.930255][T16822] Trying to free block not in datazone [ 510.989724][T16822] Trying to free block not in datazone [ 510.995252][T16822] Trying to free block not in datazone [ 511.038358][T16822] Trying to free block not in datazone [ 511.043900][T16822] Trying to free block not in datazone [ 511.112361][T16822] Trying to free block not in datazone [ 511.134969][T16822] Trying to free block not in datazone [ 511.166540][T16822] Trying to free block not in datazone [ 511.185209][T16822] Trying to free block not in datazone [ 511.190727][T16822] Trying to free block not in datazone [ 511.222552][T16822] Trying to free block not in datazone [ 511.228093][T16822] Trying to free block not in datazone [ 511.240994][T16822] Trying to free block not in datazone [ 511.261515][T16822] Trying to free block not in datazone [ 511.307878][T16822] Trying to free block not in datazone [ 511.333444][T16822] Trying to free block not in datazone [ 511.362085][T16822] Trying to free block not in datazone [ 511.367579][T16822] Trying to free block not in datazone [ 511.395955][T16822] Trying to free block not in datazone [ 511.427557][T16822] Trying to free block not in datazone [ 511.439502][T16822] Trying to free block not in datazone [ 511.444998][T16822] Trying to free block not in datazone [ 511.480125][T16822] Trying to free block not in datazone [ 511.483969][T16880] loop0: detected capacity change from 0 to 4096 [ 511.498797][T16822] Trying to free block not in datazone [ 511.503830][T16849] loop2: detected capacity change from 0 to 32768 [ 511.514356][T16822] Trying to free block not in datazone [ 511.519846][T16822] Trying to free block not in datazone [ 511.526692][T16880] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 511.562538][T16822] Trying to free block not in datazone [ 511.569089][T16822] Trying to free block not in datazone [ 511.575378][T16822] Trying to free block not in datazone [ 511.582294][T16822] Trying to free block not in datazone [ 511.585416][T16849] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 511.587935][T16822] Trying to free block not in datazone [ 511.602128][T16822] Trying to free block not in datazone [ 511.610647][T16822] Trying to free block not in datazone [ 511.616410][T16822] Trying to free block not in datazone [ 511.621917][T16822] Trying to free block not in datazone [ 511.627577][T16822] Trying to free block not in datazone [ 511.633109][T16822] Trying to free block not in datazone [ 511.638808][T16822] Trying to free block not in datazone [ 511.644478][T16822] Trying to free block not in datazone [ 511.651078][T16822] Trying to free block not in datazone [ 511.656548][T16822] Trying to free block not in datazone [ 511.662172][T16822] Trying to free block not in datazone [ 511.671798][T16822] Trying to free block not in datazone [ 511.679023][T16822] Trying to free block not in datazone [ 511.685145][T16822] Trying to free block not in datazone [ 511.690677][T16822] Trying to free block not in datazone [ 511.704608][T16822] Trying to free block not in datazone [ 511.710270][T16822] Trying to free block not in datazone [ 511.711758][T16880] ntfs3(loop0): ino=19, mi_enum_attr [ 511.715998][T16822] Trying to free block not in datazone [ 511.726869][T16822] Trying to free block not in datazone [ 511.732943][T16822] Trying to free block not in datazone [ 511.739821][T16822] Trying to free block not in datazone [ 511.747505][T16822] Trying to free block not in datazone [ 511.753295][T16822] Trying to free block not in datazone [ 511.758864][T16822] Trying to free block not in datazone [ 511.764254][T16880] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 511.764525][T16822] Trying to free block not in datazone [ 511.776949][T16822] Trying to free block not in datazone [ 511.783660][T16822] Trying to free block not in datazone [ 511.785790][T16849] XFS (loop2): Ending clean mount [ 511.789285][T16822] Trying to free block not in datazone [ 511.799862][T16822] Trying to free block not in datazone [ 511.805352][T16822] Trying to free block not in datazone [ 511.811769][T16822] Trying to free block not in datazone [ 511.817246][T16822] Trying to free block not in datazone [ 511.822937][T16822] Trying to free block not in datazone [ 511.828503][T16822] Trying to free block not in datazone [ 511.834098][T16822] Trying to free block not in datazone [ 511.834971][T16899] netlink: 'syz.4.4656': attribute type 1 has an invalid length. [ 511.840704][T16822] Trying to free block not in datazone [ 511.854265][T16822] Trying to free block not in datazone [ 511.859801][T16822] Trying to free block not in datazone [ 511.865421][T16822] Trying to free block not in datazone [ 511.870999][T16822] Trying to free block not in datazone [ 511.876732][T16822] Trying to free block not in datazone [ 511.882223][T16822] Trying to free block not in datazone [ 511.888444][T16822] Trying to free block not in datazone [ 511.894210][T16899] netlink: 'syz.4.4656': attribute type 2 has an invalid length. [ 511.904839][T16899] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4656'. [ 511.919724][T16822] Trying to free block not in datazone [ 511.926391][T16849] XFS (loop2): Quotacheck needed: Please wait. [ 511.942459][T16822] Trying to free block not in datazone [ 511.948289][T16880] ntfs3(loop0): failed to convert "c46c" to iso8859-6 [ 511.956487][T16822] Trying to free block not in datazone [ 511.995137][T16822] Trying to free block not in datazone [ 512.012606][T16849] XFS (loop2): Quotacheck: Done. [ 512.021529][T16822] Trying to free block not in datazone [ 512.026653][T16880] ntfs3(loop0): ino=20, mi_enum_attr [ 512.035459][T16822] Trying to free block not in datazone [ 512.041015][T16822] Trying to free block not in datazone [ 512.065643][T16822] Trying to free block not in datazone [ 512.093104][T16822] Trying to free block not in datazone [ 512.117245][T16822] Trying to free block not in datazone [ 512.122730][T16822] Trying to free block not in datazone [ 512.165107][T16822] Trying to free block not in datazone [ 512.194242][T16904] loop4: detected capacity change from 0 to 64 [ 512.201184][T16822] Trying to free block not in datazone [ 512.227519][T16822] Trying to free block not in datazone [ 512.276079][T16822] Trying to free block not in datazone [ 512.281576][T16822] Trying to free block not in datazone [ 512.309362][T16822] Trying to free block not in datazone [ 512.329675][ T5821] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 512.359190][T16822] Trying to free block not in datazone [ 512.396786][T16822] Trying to free block not in datazone [ 512.402295][T16822] Trying to free block not in datazone [ 512.435057][T16822] Trying to free block not in datazone [ 512.440638][T16822] Trying to free block not in datazone [ 512.481594][T16822] Trying to free block not in datazone [ 512.487099][T16822] Trying to free block not in datazone [ 512.553254][T16822] Trying to free block not in datazone [ 512.602283][T16822] Trying to free block not in datazone [ 512.607787][T16822] Trying to free block not in datazone [ 512.647765][ T865] usb 1-1: new high-speed USB device number 111 using dummy_hcd [ 512.657857][T16822] Trying to free block not in datazone [ 512.663376][T16822] Trying to free block not in datazone [ 512.705759][T16822] Trying to free block not in datazone [ 512.712209][T16822] Trying to free block not in datazone [ 512.729929][T16822] Trying to free block not in datazone [ 512.745583][T16822] Trying to free block not in datazone [ 512.759035][T16822] Trying to free block not in datazone [ 512.784013][T16822] Trying to free block not in datazone [ 512.817044][ T865] usb 1-1: Using ep0 maxpacket: 32 [ 512.832912][T16822] Trying to free block not in datazone [ 512.842168][ T865] usb 1-1: unable to get BOS descriptor or descriptor too short [ 512.863346][T16822] Trying to free block not in datazone [ 512.871963][ T865] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 512.885861][T16921] loop2: detected capacity change from 0 to 164 [ 512.890585][T16822] Trying to free block not in datazone [ 512.903529][ T865] usb 1-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 512.919747][T16822] Trying to free block not in datazone [ 512.920521][T16921] Unable to read rock-ridge attributes [ 512.932980][ T865] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 512.946347][T16822] Trying to free block not in datazone [ 512.961813][ T865] usb 1-1: Product: syz [ 512.971627][T16822] Trying to free block not in datazone [ 512.976790][T16921] Unable to read rock-ridge attributes [ 512.977240][ T865] usb 1-1: Manufacturer: syz [ 512.992169][T16921] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 512.998371][T16822] Trying to free block not in datazone [ 513.008737][ T865] usb 1-1: SerialNumber: syz [ 513.020742][T16822] Trying to free block not in datazone [ 513.026222][T16822] Trying to free block not in datazone [ 513.050840][T16822] Trying to free block not in datazone [ 513.064415][T16822] Trying to free block not in datazone [ 513.077043][T16822] Trying to free block not in datazone [ 513.095362][T16822] Trying to free block not in datazone [ 513.100880][T16822] Trying to free block not in datazone [ 513.132417][T16822] Trying to free block not in datazone [ 513.138052][T16822] Trying to free block not in datazone [ 513.150964][T16822] Trying to free block not in datazone [ 513.156468][T16822] Trying to free block not in datazone [ 513.178915][T16822] Trying to free block not in datazone [ 513.188317][T16822] Trying to free block not in datazone [ 513.193827][T16822] Trying to free block not in datazone [ 513.223796][T16822] Trying to free block not in datazone [ 513.235355][ T865] usb 1-1: Limiting number of CPorts to U8_MAX [ 513.260108][T16822] Trying to free block not in datazone [ 513.274322][ T865] usb 1-1: Not enough endpoints found in device, aborting! [ 513.280821][T16933] openvswitch: netlink: ufid size 24 bytes exceeds the range (1, 16) [ 513.300158][T16822] Trying to free block not in datazone [ 513.330402][T16822] Trying to free block not in datazone [ 513.335904][T16822] Trying to free block not in datazone [ 513.363503][T16822] Trying to free block not in datazone [ 513.412321][T16822] Trying to free block not in datazone [ 513.417833][T16822] Trying to free block not in datazone [ 513.464989][ T865] usb 1-1: USB disconnect, device number 111 [ 513.467922][T16822] Trying to free block not in datazone [ 513.500242][T16822] Trying to free block not in datazone [ 513.520359][T16822] Trying to free block not in datazone [ 513.521360][T16937] x_tables: ip6_tables: sctp match: only valid for protocol 132 [ 513.527307][T16941] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4675'. [ 513.545129][T16822] Trying to free block not in datazone [ 513.550607][T16822] Trying to free block not in datazone [ 513.568578][T16822] Trying to free block not in datazone [ 513.574861][T16822] Trying to free block not in datazone [ 513.589627][T16822] Trying to free block not in datazone [ 513.617304][T16822] Trying to free block not in datazone [ 513.622838][T16822] Trying to free block not in datazone [ 513.669813][T16822] Trying to free block not in datazone [ 513.690700][T16822] Trying to free block not in datazone [ 513.700015][T16822] Trying to free block not in datazone [ 513.725375][T16822] Trying to free block not in datazone [ 513.740732][T16822] Trying to free block not in datazone [ 513.746259][T16822] Trying to free block not in datazone [ 513.753035][T16947] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4678'. [ 513.755821][T16822] Trying to free block not in datazone [ 513.755833][T16822] Trying to free block not in datazone [ 513.755840][T16822] Trying to free block not in datazone [ 513.755847][T16822] Trying to free block not in datazone [ 513.755855][T16822] Trying to free block not in datazone [ 513.840325][T16822] Trying to free block not in datazone [ 513.854674][T16822] Trying to free block not in datazone [ 513.866932][T16822] Trying to free block not in datazone [ 513.895433][T16822] Trying to free block not in datazone [ 513.905140][T16822] Trying to free block not in datazone [ 513.925061][T16822] Trying to free block not in datazone [ 513.931118][T16822] Trying to free block not in datazone [ 513.946646][T16822] Trying to free block not in datazone [ 513.960578][T16822] Trying to free block not in datazone [ 513.967641][T16822] Trying to free block not in datazone [ 513.981185][T16822] Trying to free block not in datazone [ 514.018320][T16822] Trying to free block not in datazone [ 514.023823][T16822] Trying to free block not in datazone [ 514.064470][T16822] Trying to free block not in datazone [ 514.072323][T16822] Trying to free block not in datazone [ 514.092531][T16822] Trying to free block not in datazone [ 514.101976][ T865] usb 4-1: new high-speed USB device number 107 using dummy_hcd [ 514.126140][T16822] Trying to free block not in datazone [ 514.151444][T16822] Trying to free block not in datazone [ 514.176828][T16822] Trying to free block not in datazone [ 514.183461][T16822] Trying to free block not in datazone [ 514.206768][T16822] Trying to free block not in datazone [ 514.222146][T16822] Trying to free block not in datazone [ 514.237429][T16958] loop0: detected capacity change from 0 to 4096 [ 514.244789][T16822] Trying to free block not in datazone [ 514.250281][T16822] Trying to free block not in datazone [ 514.260227][ T865] usb 4-1: Using ep0 maxpacket: 16 [ 514.265976][T16822] Trying to free block not in datazone [ 514.289113][T16822] Trying to free block not in datazone [ 514.304924][ T865] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 514.323503][T16822] Trying to free block not in datazone [ 514.329390][ T865] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 514.352663][T16822] Trying to free block not in datazone [ 514.357047][ T865] usb 4-1: Product: syz [ 514.372674][ T865] usb 4-1: Manufacturer: syz [ 514.377522][ T865] usb 4-1: SerialNumber: syz [ 514.377617][T16822] Trying to free block not in datazone [ 514.407283][T16822] Trying to free block not in datazone [ 514.408432][ T865] r8152-cfgselector 4-1: Unknown version 0x0000 [ 514.436709][ T865] r8152-cfgselector 4-1: config 0 descriptor?? [ 514.452955][T16822] Trying to free block not in datazone [ 514.468320][T16822] Trying to free block not in datazone [ 514.484074][T16822] Trying to free block not in datazone [ 514.512585][T16822] Trying to free block not in datazone [ 514.537653][T16822] Trying to free block not in datazone [ 514.560748][T16822] Trying to free block not in datazone [ 514.579952][T16822] Trying to free block not in datazone [ 514.585573][T16822] Trying to free block not in datazone [ 514.621775][T16822] Trying to free block not in datazone [ 514.661612][T16822] Trying to free block not in datazone [ 514.667228][T16822] Trying to free block not in datazone [ 514.695829][T16822] Trying to free block not in datazone [ 514.717809][T16822] Trying to free block not in datazone [ 514.723751][T16822] Trying to free block not in datazone [ 514.773062][T16822] Trying to free block not in datazone [ 514.799964][T16822] Trying to free block not in datazone [ 514.806422][T16822] Trying to free block not in datazone [ 514.819238][T16822] Trying to free block not in datazone [ 514.828757][T16822] Trying to free block not in datazone [ 514.857019][T16822] Trying to free block not in datazone [ 514.862528][T16822] Trying to free block not in datazone [ 514.913053][T16822] Trying to free block not in datazone [ 514.926589][ T5901] r8152-cfgselector 4-1: USB disconnect, device number 107 [ 514.950627][T16822] Trying to free block not in datazone [ 515.216310][T17005] loop2: detected capacity change from 0 to 256 [ 515.266643][T17005] exfat: Deprecated parameter 'namecase' [ 515.292495][T17005] exfat: Deprecated parameter 'utf8' [ 515.352605][T17005] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 515.507970][T17014] netlink: 'syz.0.4704': attribute type 10 has an invalid length. [ 515.563152][T17014] `: Device xfrm0 is of different type [ 515.711555][T17016] loop4: detected capacity change from 0 to 4096 [ 515.723883][T17025] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4709'. [ 515.748157][T17026] overlayfs: failed to resolve './file2': -2 [ 515.770023][T17025] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4709'. [ 515.789655][T17016] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 515.835652][T17030] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4711'. [ 515.903074][T17016] ntfs3(loop4): ino=1a, mi_enum_attr [ 515.926028][T17016] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 515.973918][T17016] ntfs3(loop4): ino=1a, mi_enum_attr [ 515.993653][T17016] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 516.034945][T17016] ntfs3(loop4): ino=1b, mi_enum_attr [ 516.046890][T17016] ntfs3(loop4): ino=1b, mi_enum_attr [ 516.070540][T17036] loop3: detected capacity change from 0 to 256 [ 516.131462][T17038] loop2: detected capacity change from 0 to 256 [ 516.143230][T17036] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 516.176436][T17036] FAT-fs (loop3): Filesystem has been set read-only [ 516.204867][T17036] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 516.248106][T17036] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 516.295534][T17036] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 516.327137][T17038] FAT-fs (loop2): Directory bread(block 64) failed [ 516.334291][T17036] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 516.355532][T17036] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 516.364505][T17038] FAT-fs (loop2): Directory bread(block 65) failed [ 516.378139][T17038] FAT-fs (loop2): Directory bread(block 66) failed [ 516.388771][T17036] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 516.406825][T17038] FAT-fs (loop2): Directory bread(block 67) failed [ 516.425189][T17038] FAT-fs (loop2): Directory bread(block 68) failed [ 516.450331][T17036] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 516.462304][ T30] audit: type=1800 audit(2016777749.519:80): pid=17036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4715" name="file1" dev="loop3" ino=1048626 res=0 errno=0 [ 516.483740][T17038] FAT-fs (loop2): Directory bread(block 69) failed [ 516.497657][T17038] FAT-fs (loop2): Directory bread(block 70) failed [ 516.510804][T17038] FAT-fs (loop2): Directory bread(block 71) failed [ 516.519445][T17038] FAT-fs (loop2): Directory bread(block 72) failed [ 516.530279][T17038] FAT-fs (loop2): Directory bread(block 73) failed [ 516.922325][T17054] loop0: detected capacity change from 0 to 4096 [ 516.986633][T17054] ntfs3(loop0): ino=b, mi_enum_attr [ 517.003114][T17042] loop1: detected capacity change from 0 to 32768 [ 517.004828][T17054] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 517.025492][T17042] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4717 (17042) [ 517.069129][T17054] ntfs3(loop0): Failed to load $Extend (-22). [ 517.079566][T17054] ntfs3(loop0): Failed to initialize $Extend. [ 517.132744][T17056] loop2: detected capacity change from 0 to 4096 [ 517.183338][T17042] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 517.184212][T17044] loop4: detected capacity change from 0 to 32768 [ 517.225722][ T30] audit: type=1800 audit(2016777750.346:81): pid=17054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4723" name="file1" dev="loop0" ino=30 res=0 errno=0 [ 517.243428][T17042] BTRFS info (device loop1): using xxhash64 checksum algorithm [ 517.322613][T17056] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 517.322692][T17042] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 517.649483][T17050] loop3: detected capacity change from 0 to 32768 [ 517.663091][T17042] BTRFS info (device loop1): rebuilding free space tree [ 517.753485][T17042] BTRFS info (device loop1): disabling free space tree [ 517.789487][T17042] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 517.815021][T17050] syz.3.4721: attempt to access beyond end of device [ 517.815021][T17050] loop3: rw=8388609, sector=4680032, nr_sectors = 8 limit=32768 [ 517.849597][T17042] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 517.954623][T17042] BTRFS info (device loop1): allowing degraded mounts [ 518.002537][T17050] metapage_write_end_io: I/O error [ 518.020753][T17042] BTRFS info (device loop1): enabling ssd optimizations [ 518.029771][T17050] ERROR: (device loop3): release_metapage: metapage_write_one() failed [ 518.029771][T17050] [ 518.081139][T17042] BTRFS info (device loop1): turning on async discard [ 518.087947][T17042] BTRFS info (device loop1): enabling disk space caching [ 518.105237][T17050] ERROR: (device loop3): remounting filesystem as read-only [ 518.149910][T17050] blkno = 8ed2c, nblocks = 1 [ 518.164672][T17042] BTRFS info (device loop1): force clearing of disk cache [ 518.184289][T17050] ERROR: (device loop3): dbUpdatePMap: blocks are outside the map [ 518.184289][T17050] [ 518.196086][T17042] BTRFS info (device loop1): use zlib compression, level 3 [ 518.403914][ T1107] hfsplus: b-tree write err: -5, ino 4 [ 518.437972][ T111] blkno = 8ed2c, nblocks = 4 [ 518.442605][ T111] ERROR: (device loop3): dbUpdatePMap: blocks are outside the map [ 518.442605][ T111] [ 518.473166][ T5828] syz-executor: attempt to access beyond end of device [ 518.473166][ T5828] loop3: rw=8388609, sector=4680032, nr_sectors = 8 limit=32768 [ 518.521944][ T5828] metapage_write_end_io: I/O error [ 518.527319][ T5828] JFS: metapage_get_blocks failed [ 518.555337][ T5828] JFS: metapage_get_blocks failed [ 518.564896][T17042] BTRFS info (device loop1): balance: start -f -susage=0..2,drange=11..18446744073709551614,limit=67076096..0 [ 518.572498][ T5828] JFS: metapage_get_blocks failed [ 518.585626][T17087] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4731'. [ 518.597310][ T5828] JFS: metapage_get_blocks failed [ 518.605761][T17087] netlink: 224 bytes leftover after parsing attributes in process `syz.0.4731'. [ 518.618693][T17042] BTRFS info (device loop1): balance: ended with status: 0 [ 518.710760][ T5822] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 519.532849][T17117] syz.4.4747 (17117): drop_caches: 0 [ 519.665722][ T794] usb 2-1: new high-speed USB device number 116 using dummy_hcd [ 519.703453][T17124] netlink: 'syz.3.4750': attribute type 32 has an invalid length. [ 519.815119][ T794] usb 2-1: Using ep0 maxpacket: 16 [ 519.844218][ T794] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 519.878241][ T794] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 519.894226][ T794] usb 2-1: Product: syz [ 519.899271][ T794] usb 2-1: Manufacturer: syz [ 519.904099][ T794] usb 2-1: SerialNumber: syz [ 519.926985][ T794] r8152-cfgselector 2-1: Unknown version 0x0000 [ 519.952972][ T794] r8152-cfgselector 2-1: config 0 descriptor?? [ 520.151298][T17110] set_capacity_and_notify: 1 callbacks suppressed [ 520.151318][T17110] loop2: detected capacity change from 0 to 32768 [ 520.230001][T17110] syz.2.4744: attempt to access beyond end of device [ 520.230001][T17110] loop2: rw=8388609, sector=4680032, nr_sectors = 8 limit=32768 [ 520.276468][T17110] metapage_write_end_io: I/O error [ 520.297552][T17110] ERROR: (device loop2): release_metapage: metapage_write_one() failed [ 520.297552][T17110] [ 520.370499][ T794] r8152-cfgselector 2-1: USB disconnect, device number 116 [ 520.388186][T17110] ERROR: (device loop2): remounting filesystem as read-only [ 520.405239][T17110] blkno = 8ed2c, nblocks = 1 [ 520.414468][T17110] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map [ 520.414468][T17110] [ 520.499174][ T110] blkno = 8ed2c, nblocks = 4 [ 520.504504][ T110] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map [ 520.504504][ T110] [ 520.518505][ T5821] syz-executor: attempt to access beyond end of device [ 520.518505][ T5821] loop2: rw=8388609, sector=4680032, nr_sectors = 8 limit=32768 [ 520.539031][ T5821] metapage_write_end_io: I/O error [ 520.547638][ T5821] JFS: metapage_get_blocks failed [ 520.553146][ T5821] JFS: metapage_get_blocks failed [ 520.558663][ T5821] JFS: metapage_get_blocks failed [ 520.564193][ T5821] JFS: metapage_get_blocks failed [ 520.638937][T17154] No such timeout policy "syz1" [ 520.799718][T17161] bond1 (unregistering): Released all slaves [ 521.442194][T17190] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT [ 521.538938][ T794] usb 4-1: new high-speed USB device number 108 using dummy_hcd [ 521.652958][T17196] netlink: 666 bytes leftover after parsing attributes in process `syz.1.4782'. [ 521.683802][T17173] loop0: detected capacity change from 0 to 32768 [ 521.707143][ T794] usb 4-1: Using ep0 maxpacket: 16 [ 521.719017][ T794] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 521.738693][ T794] usb 4-1: config 0 has no interface number 0 [ 521.748527][T17173] syz.0.4771: attempt to access beyond end of device [ 521.748527][T17173] loop0: rw=8388609, sector=4680032, nr_sectors = 8 limit=32768 [ 521.765277][ T794] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 521.772202][T17173] metapage_write_end_io: I/O error [ 521.792623][T17173] ERROR: (device loop0): release_metapage: metapage_write_one() failed [ 521.792623][T17173] [ 521.793621][ T794] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 521.813871][T17173] ERROR: (device loop0): remounting filesystem as read-only [ 521.837340][ T865] usb 3-1: new full-speed USB device number 107 using dummy_hcd [ 521.845709][ T794] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 521.846051][T17173] blkno = 8ed2c, nblocks = 1 [ 521.865723][ T794] usb 4-1: Product: syz [ 521.869538][T17173] ERROR: (device loop0): dbUpdatePMap: blocks are outside the map [ 521.869538][T17173] [ 521.869922][ T794] usb 4-1: SerialNumber: syz [ 521.922807][ T794] usb 4-1: config 0 descriptor?? [ 521.942403][ T794] cm109 4-1:0.8: invalid payload size 208, expected 4 [ 521.968190][ T794] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input44 [ 521.991916][ T111] blkno = 8ed2c, nblocks = 4 [ 521.996875][ T111] ERROR: (device loop0): dbUpdatePMap: blocks are outside the map [ 521.996875][ T111] [ 522.010792][T17189] loop4: detected capacity change from 0 to 32768 [ 522.021028][ T5820] syz-executor: attempt to access beyond end of device [ 522.021028][ T5820] loop0: rw=8388609, sector=4680032, nr_sectors = 8 limit=32768 [ 522.042752][ T865] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 522.065526][ T865] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 522.077452][T17189] ERROR: (device loop4): dtSearch: DT_GETPAGE: dtree page corrupt [ 522.077452][T17189] [ 522.090834][ T5820] metapage_write_end_io: I/O error [ 522.102480][ T5820] JFS: metapage_get_blocks failed [ 522.119455][ T5820] JFS: metapage_get_blocks failed [ 522.124537][ T5820] JFS: metapage_get_blocks failed [ 522.142000][ T865] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 522.159674][T17189] ERROR: (device loop4): remounting filesystem as read-only [ 522.172432][ T5820] JFS: metapage_get_blocks failed [ 522.181507][ T865] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 522.197086][T17189] jfs_lookup: dtSearch returned -5 [ 522.210002][ T865] usb 3-1: Product: syz [ 522.221814][ T865] usb 3-1: Manufacturer: syz [ 522.257465][ T865] usb 3-1: SerialNumber: syz [ 522.386765][T17204] loop1: detected capacity change from 0 to 2048 [ 522.411040][T17204] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 522.422519][T17206] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 522.486986][ C1] cm109 4-1:0.8: cm109_urb_irq_callback: urb status -71 [ 522.492984][T17194] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 522.494494][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 522.508898][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 522.516171][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 522.525155][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 522.532873][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 522.540515][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 522.547899][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 522.555051][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 522.562212][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 522.564136][ T10] usb 4-1: USB disconnect, device number 108 [ 522.569172][ C1] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 522.659594][ T10] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 522.735399][ T865] cdc_ncm 3-1:1.0: bind() failure [ 522.773443][ T865] cdc_ncm 3-1:1.1: probe with driver cdc_ncm failed with error -71 [ 522.810407][ T865] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71 [ 522.834135][ T865] usbtest 3-1:1.1: probe with driver usbtest failed with error -71 [ 522.862546][ T865] usb 3-1: USB disconnect, device number 107 [ 523.092482][T17218] loop0: detected capacity change from 0 to 512 [ 523.191093][T17218] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 523.263022][T17218] ext4 filesystem being mounted at /961/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 523.274511][T17208] loop4: detected capacity change from 0 to 32768 [ 523.322527][T17208] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4789 (17208) [ 523.365699][T17218] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #15: comm syz.0.4792: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled [ 523.416912][T17208] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 523.466504][T17218] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.4792: bg 0: block 18: invalid block bitmap [ 523.467836][T17208] BTRFS info (device loop4): using xxhash64 checksum algorithm [ 523.507503][T17218] Quota error (device loop0): write_blk: dquota write failed [ 523.524298][T17208] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 523.550109][T17218] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 523.601848][T17218] EXT4-fs error (device loop0): ext4_acquire_dquot:7003: comm syz.0.4792: Failed to acquire dquot type 1 [ 523.737750][T17246] loop2: detected capacity change from 0 to 256 [ 523.770400][T17208] BTRFS info (device loop4): rebuilding free space tree [ 523.780491][ T5820] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 523.849123][T17208] BTRFS info (device loop4): disabling free space tree [ 523.883276][T17246] FAT-fs (loop2): Directory bread(block 64) failed [ 523.887309][T17208] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 523.900154][T17246] FAT-fs (loop2): Directory bread(block 65) failed [ 523.930039][T17246] FAT-fs (loop2): Directory bread(block 66) failed [ 523.938819][T17208] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 523.976979][T17246] FAT-fs (loop2): Directory bread(block 67) failed [ 524.014323][T17208] BTRFS info (device loop4): allowing degraded mounts [ 524.021634][T17246] FAT-fs (loop2): Directory bread(block 68) failed [ 524.045840][T17246] FAT-fs (loop2): Directory bread(block 69) failed [ 524.045903][T17254] netlink: 'syz.3.4802': attribute type 1 has an invalid length. [ 524.060487][T17246] FAT-fs (loop2): Directory bread(block 70) failed [ 524.060522][T17246] FAT-fs (loop2): Directory bread(block 71) failed [ 524.060598][T17246] FAT-fs (loop2): Directory bread(block 72) failed [ 524.060622][T17246] FAT-fs (loop2): Directory bread(block 73) failed [ 524.094167][T17208] BTRFS info (device loop4): enabling ssd optimizations [ 524.101145][T17208] BTRFS info (device loop4): turning on async discard [ 524.121313][T17254] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4802'. [ 524.147035][T17208] BTRFS info (device loop4): enabling disk space caching [ 524.205258][T17208] BTRFS info (device loop4): force clearing of disk cache [ 524.242715][T17208] BTRFS info (device loop4): use zlib compression, level 3 [ 524.392727][T17208] BTRFS info (device loop4): balance: start -f -susage=0..2,drange=11..18446744073709551614,limit=67076096..0 [ 524.440341][T17208] BTRFS info (device loop4): balance: ended with status: 0 [ 524.573490][T17269] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 524.607818][ T5823] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 524.775572][T17277] netlink: 'syz.2.4814': attribute type 1 has an invalid length. [ 524.796966][T17277] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 524.942508][ T30] audit: type=1326 audit(2016777758.629:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17281 comm="syz.3.4816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fed19aeb9 code=0x7ffc0000 [ 525.015473][ T30] audit: type=1326 audit(2016777758.629:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17281 comm="syz.3.4816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f7fed19aeb9 code=0x7ffc0000 [ 525.098788][ T30] audit: type=1326 audit(2016777758.629:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17281 comm="syz.3.4816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fed19aeb9 code=0x7ffc0000 [ 525.168382][ T30] audit: type=1326 audit(2016777758.629:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17281 comm="syz.3.4816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fed19aeb9 code=0x7ffc0000 [ 525.183209][T17286] loop2: detected capacity change from 0 to 4096 [ 525.223675][T17292] loop4: detected capacity change from 0 to 256 [ 525.231540][ T30] audit: type=1326 audit(2016777758.844:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17287 comm="syz.3.4819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fed19aeb9 code=0x7ffc0000 [ 525.282292][T17286] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 525.341229][ T30] audit: type=1326 audit(2016777758.844:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17287 comm="syz.3.4819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fed19aeb9 code=0x7ffc0000 [ 525.371807][ T30] audit: type=1326 audit(2016777758.844:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17287 comm="syz.3.4819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fed19aeb9 code=0x7ffc0000 [ 525.395602][ T30] audit: type=1326 audit(2016777758.844:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17287 comm="syz.3.4819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f7fed19aeb9 code=0x7ffc0000 [ 525.421047][T17286] ntfs3(loop2): ino=1a, mi_enum_attr [ 525.445820][T17286] ntfs3(loop2): ino=1a, mi_enum_attr [ 525.463896][T17292] FAT-fs (loop4): Directory bread(block 64) failed [ 525.490118][T17286] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 525.509277][T17292] FAT-fs (loop4): Directory bread(block 65) failed [ 525.515936][T17292] FAT-fs (loop4): Directory bread(block 66) failed [ 525.555305][T17292] FAT-fs (loop4): Directory bread(block 67) failed [ 525.562067][T17292] FAT-fs (loop4): Directory bread(block 68) failed [ 525.576983][T17286] ntfs3(loop2): ino=5, "/" indx_read_ra [ 525.588682][T17292] FAT-fs (loop4): Directory bread(block 69) failed [ 525.604993][T17300] loop0: detected capacity change from 0 to 8 [ 525.618634][T17292] FAT-fs (loop4): Directory bread(block 70) failed [ 525.643045][T17292] FAT-fs (loop4): Directory bread(block 71) failed [ 525.668951][T17292] FAT-fs (loop4): Directory bread(block 72) failed [ 525.702372][T17292] FAT-fs (loop4): Directory bread(block 73) failed [ 525.882213][T17306] loop3: detected capacity change from 0 to 512 [ 525.975350][T17306] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 525.998906][T17306] EXT4-fs (loop3): orphan cleanup on readonly fs [ 526.012420][T17306] EXT4-fs error (device loop3): ext4_acquire_dquot:7003: comm syz.3.4828: Failed to acquire dquot type 1 [ 526.072047][T17306] loop3: lost filesystem error report for type 5 error -5 [ 526.077090][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 526.090740][ C1] EXT4-fs (loop3): initial error at time 2016777759: ext4_acquire_dquot:7003 [ 526.099589][ C1] EXT4-fs (loop3): last error at time 2016777759: ext4_acquire_dquot:7003 [ 526.114206][T17306] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4828: bg 0: block 40: padding at end of block bitmap is not set [ 526.142852][T17306] loop3: lost filesystem error report for type 5 error -117 [ 526.144373][T17306] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6687: Corrupt filesystem [ 526.226224][T17306] loop3: lost filesystem error report for type 5 error -117 [ 526.230002][T17306] EXT4-fs (loop3): 1 truncate cleaned up [ 526.266513][T17306] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 526.424713][ T5828] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 526.669155][T17336] loop3: detected capacity change from 0 to 512 [ 526.762097][T17336] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 526.783363][T17336] ext4 filesystem being mounted at /986/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 526.836355][T17308] loop0: detected capacity change from 0 to 32768 [ 526.871622][ T5828] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 526.875817][T17308] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4827 (17308) [ 526.972625][T17308] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 527.044454][T17308] BTRFS info (device loop0): using sha256 checksum algorithm [ 527.228110][T17308] BTRFS info (device loop0): enabling ssd optimizations [ 527.259129][T17308] BTRFS info (device loop0): turning on async discard [ 527.312553][T17308] BTRFS info (device loop0): enabling free space tree [ 527.395917][T17338] loop2: detected capacity change from 0 to 32768 [ 527.577118][T17338] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 527.637309][T17391] loop1: detected capacity change from 0 to 512 [ 527.651918][T17387] program syz.3.4854 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 527.672785][ T5820] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 527.704512][T17338] XFS (loop2): Ending clean mount [ 527.740822][T17338] XFS (loop2): Quotacheck needed: Please wait. [ 527.761143][T17391] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.4853: inode has both inline data and extents flags [ 527.779708][T17391] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 527.783141][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 527.798965][ C0] EXT4-fs (loop1): initial error at time 2016777761: ext4_orphan_get:1391: inode 15 [ 527.808590][ C0] EXT4-fs (loop1): last error at time 2016777761: ext4_orphan_get:1391: inode 15 [ 527.812166][T17391] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.4853: couldn't read orphan inode 15 (err -117) [ 527.862129][T17391] loop1: lost filesystem error report for type 5 error -117 [ 527.867701][T17391] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 527.967262][T17338] XFS (loop2): Quotacheck: Done. [ 527.990627][ T5822] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 528.196257][ T5821] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 528.225440][T17398] loop1: detected capacity change from 0 to 256 [ 528.333275][T17375] loop4: detected capacity change from 0 to 40427 [ 528.374014][T17375] F2FS-fs (loop4): invalid crc value [ 528.423168][T17398] FAT-fs (loop1): Directory bread(block 64) failed [ 528.455650][T17403] netlink: 236 bytes leftover after parsing attributes in process `syz.3.4860'. [ 528.482664][T17398] FAT-fs (loop1): Directory bread(block 65) failed [ 528.510325][T17398] FAT-fs (loop1): Directory bread(block 66) failed [ 528.516907][T17398] FAT-fs (loop1): Directory bread(block 67) failed [ 528.590237][T17398] FAT-fs (loop1): Directory bread(block 68) failed [ 528.638643][T17398] FAT-fs (loop1): Directory bread(block 69) failed [ 528.659014][T17398] FAT-fs (loop1): Directory bread(block 70) failed [ 528.688688][T17398] FAT-fs (loop1): Directory bread(block 71) failed [ 528.695367][T17398] FAT-fs (loop1): Directory bread(block 72) failed [ 528.702594][T17375] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 528.726222][T17398] FAT-fs (loop1): Directory bread(block 73) failed [ 528.737545][T17375] F2FS-fs (loop4): Start checkpoint disabled! [ 528.768192][T17375] F2FS-fs (loop4): f2fs_disable_checkpoint() finish, err:0 [ 528.818731][T17375] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 529.089786][ T6033] loop2: p1 p2 p3 < > p4 < p5 p6 > [ 529.095053][ T6033] loop2: partition table partially beyond EOD, truncated [ 529.123503][ T6033] loop2: p1 start 30976 is beyond EOD, truncated [ 529.149375][ T6033] loop2: p2 size 16128 extends beyond EOD, truncated [ 529.172416][ T6033] loop2: p3 start 327168 is beyond EOD, truncated [ 529.182149][ T6033] loop2: p5 start 30976 is beyond EOD, truncated [ 529.188753][ T6033] loop2: p6 size 16128 extends beyond EOD, truncated [ 529.242262][T17412] loop2: p1 p2 p3 < > p4 < p5 p6 > [ 529.247774][T17412] loop2: partition table partially beyond EOD, truncated [ 529.255703][T17412] loop2: p1 start 30976 is beyond EOD, truncated [ 529.275451][T17412] loop2: p2 size 16128 extends beyond EOD, truncated [ 529.304950][T17412] loop2: p3 start 327168 is beyond EOD, truncated [ 529.332369][T17412] loop2: p5 start 30976 is beyond EOD, truncated [ 529.338761][T17412] loop2: p6 size 16128 extends beyond EOD, truncated [ 529.757983][ T6115] udevd[6115]: inotify_add_watch(7, /dev/loop2p6, 10) failed: No such file or directory [ 529.765331][T13723] udevd[13723]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 529.776467][ T5871] udevd[5871]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 529.781553][T17409] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 529.885773][ T6115] udevd[6115]: inotify_add_watch(7, /dev/loop2p6, 10) failed: No such file or directory [ 529.910971][ T5871] udevd[5871]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 529.924454][T13723] udevd[13723]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 529.958643][ T30] kauditd_printk_skb: 10 callbacks suppressed [ 529.958660][ T30] audit: type=1326 audit(2016777764.005:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17448 comm="syz.1.4877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f4f9aeb9 code=0x7ffc0000 [ 530.008380][T17409] XFS (loop3): Ending clean mount [ 530.020763][ T30] audit: type=1326 audit(2016777764.037:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17448 comm="syz.1.4877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f4f9aeb9 code=0x7ffc0000 [ 530.045108][T17449] set_capacity_and_notify: 2 callbacks suppressed [ 530.045126][T17449] loop1: detected capacity change from 0 to 512 [ 530.051737][T17409] XFS (loop3): Quotacheck needed: Please wait. [ 530.097596][T17449] EXT4-fs: Ignoring removed mblk_io_submit option [ 530.115729][ T30] audit: type=1326 audit(2016777764.037:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17448 comm="syz.1.4877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f4f9aeb9 code=0x7ffc0000 [ 530.139411][T17449] EXT4-fs: inline encryption not supported [ 530.155615][T17449] EXT4-fs: Ignoring removed mblk_io_submit option [ 530.175556][T17449] EXT4-fs (loop1): Test dummy encryption mode enabled [ 530.185301][T17409] XFS (loop3): Quotacheck: Done. [ 530.220690][ T30] audit: type=1326 audit(2016777764.048:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17448 comm="syz.1.4877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f25f4f9aeb9 code=0x7ffc0000 [ 530.244994][T17449] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 530.263379][T17425] loop0: detected capacity change from 0 to 32768 [ 530.300545][T17449] EXT4-fs (loop1): 1 truncate cleaned up [ 530.307946][T17449] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 530.327219][ T30] audit: type=1326 audit(2016777764.048:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17448 comm="syz.1.4877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f25f4f9ac22 code=0x7ffc0000 [ 530.350459][ T30] audit: type=1326 audit(2016777764.048:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17448 comm="syz.1.4877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f25f4f5b78e code=0x7ffc0000 [ 530.356141][T17425] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 530.375224][ T30] audit: type=1326 audit(2016777764.048:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17448 comm="syz.1.4877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f25f4f9ace7 code=0x7ffc0000 [ 530.427099][ T30] audit: type=1326 audit(2016777764.048:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17448 comm="syz.1.4877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f25f4f5b78e code=0x7ffc0000 [ 530.429039][T17425] JBD2: Ignoring recovery information on journal [ 530.450740][ T30] audit: type=1326 audit(2016777764.059:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17448 comm="syz.1.4877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25f4f9aeb9 code=0x7ffc0000 [ 530.480347][ T30] audit: type=1326 audit(2016777764.059:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17448 comm="syz.1.4877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f25f4f9ab4b code=0x7ffc0000 [ 530.510251][ T5828] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 530.532019][ T5822] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 530.604627][T17425] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 531.022708][T17468] loop3: detected capacity change from 0 to 164 [ 531.043366][T17468] rock: directory entry would overflow storage [ 531.077703][T17468] rock: sig=0x66, size=4, remaining=3 [ 531.153305][T17468] rock: directory entry would overflow storage [ 531.194090][T17468] rock: sig=0x66, size=4, remaining=3 [ 531.269290][ T5820] ocfs2: Unmounting device (7,0) on (node local) [ 531.285334][T17451] loop2: detected capacity change from 0 to 32768 [ 531.316491][T17451] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4879 (17451) [ 531.410713][T17451] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 531.434990][T17451] BTRFS info (device loop2): using sha256 checksum algorithm [ 531.548425][T17487] loop4: detected capacity change from 0 to 8 [ 531.665896][T17451] BTRFS info (device loop2): enabling ssd optimizations [ 531.733474][T17451] BTRFS info (device loop2): turning on async discard [ 531.753485][T17451] BTRFS info (device loop2): enabling free space tree [ 531.923678][T17476] loop3: detected capacity change from 0 to 32768 [ 531.947825][ T5821] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 531.961501][T17476] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4890 (17476) [ 532.027211][T17476] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 532.050264][T17509] netlink: 'syz.1.4899': attribute type 7 has an invalid length. [ 532.066539][T17476] BTRFS info (device loop3): using xxhash64 checksum algorithm [ 532.334275][T17476] BTRFS info (device loop3): enabling ssd optimizations [ 532.358574][T17476] BTRFS info (device loop3): turning on async discard [ 532.365407][T17476] BTRFS info (device loop3): enabling free space tree [ 532.591864][ T5828] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 532.646707][T17540] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 532.992082][T17547] loop0: detected capacity change from 0 to 2048 [ 533.051423][T17547] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 533.108648][T17547] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 533.495945][T17562] loop0: detected capacity change from 0 to 1764 [ 533.504743][T17527] loop4: detected capacity change from 0 to 32768 [ 533.515846][T17566] loop1: detected capacity change from 0 to 2048 [ 533.574403][T17527] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 533.575509][T17566] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 533.825235][T17527] XFS (loop4): Ending clean mount [ 534.030063][ T5823] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 534.177264][ T865] usb 1-1: new high-speed USB device number 112 using dummy_hcd [ 534.327109][T17599] netlink: 'syz.2.4932': attribute type 46 has an invalid length. [ 534.394735][ T865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 534.408699][ T865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 170, changing to 7 [ 534.557689][ T865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid maxpacket 24589, setting to 1024 [ 534.601841][T17607] xt_CT: You must specify a L4 protocol and not use inversions on it [ 534.737229][ T865] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 534.760357][ T865] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 534.794933][ T865] usb 1-1: Product: syz [ 534.799169][ T865] usb 1-1: Manufacturer: syz [ 534.825239][ T865] usb 1-1: SerialNumber: syz [ 534.846292][ T865] usb 1-1: config 0 descriptor?? [ 534.883279][ T865] usb 1-1: 0:0 : invalid sync pipe. bmAttributes e5, bLength 9, bSynchAddress a9 [ 535.223372][ T865] usb 1-1: USB disconnect, device number 112 [ 535.316303][T17628] loop4: detected capacity change from 0 to 1024 [ 535.333218][T17628] EXT4-fs: Ignoring removed mblk_io_submit option [ 535.341372][T17628] EXT4-fs: inline encryption not supported [ 535.360281][T17628] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 535.374659][T17632] x_tables: duplicate underflow at hook 4 [ 535.384493][ T6116] udevd[6116]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 535.453834][T17628] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.4945: bad orphan inode 11 [ 535.518642][T17628] loop4: lost filesystem error report for type 5 error -117 [ 535.527489][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 535.541379][ C1] EXT4-fs (loop4): initial error at time 2016777769: ext4_orphan_get:1417 [ 535.549953][ C1] EXT4-fs (loop4): last error at time 2016777769: ext4_orphan_get:1417 [ 535.558724][T17628] EXT4-fs (loop4): Remounting filesystem read-only [ 535.565347][T17628] ext4_test_bit(bit=10, block=4) = 1 [ 535.617508][T17628] is_bad_inode(inode)=0 [ 535.637915][T17628] NEXT_ORPHAN(inode)=3254779904 [ 535.657851][T17628] max_ino=32 [ 535.661092][T17628] i_nlink=0 [ 535.709524][T17628] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 535.922736][ T5823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 536.033791][T17652] loop0: detected capacity change from 0 to 512 [ 536.068804][T17652] EXT4-fs: Ignoring removed orlov option [ 536.151529][T17652] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 536.166959][T17652] ext4 filesystem being mounted at /991/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 536.409505][ T5820] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 536.628049][T17674] xt_policy: input policy not valid in POSTROUTING and OUTPUT [ 537.570546][T17684] Bluetooth: hci0: Opcode 0x0c20 failed: -4 [ 537.743954][T17716] loop4: detected capacity change from 0 to 512 [ 537.874139][T17716] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 538.074459][T17724] netlink: 'syz.3.4989': attribute type 1 has an invalid length. [ 538.093730][T17726] openvswitch: netlink: Missing key (keys=800040, expected=2000) [ 538.111382][T17724] netlink: 228 bytes leftover after parsing attributes in process `syz.3.4989'. [ 538.121412][T17716] ext4 filesystem being mounted at /999/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 538.307134][ T5823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 538.426034][T17732] misc userio: The device must be registered before sending interrupts [ 538.616312][ T30] kauditd_printk_skb: 11 callbacks suppressed [ 538.616329][ T30] audit: type=1326 audit(2016777773.298:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17737 comm="syz.2.4997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f587479aeb9 code=0x7ffc0000 [ 538.725185][ T5827] Bluetooth: hci0: command 0x0406 tx timeout [ 538.755805][ T30] audit: type=1326 audit(2016777773.351:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17737 comm="syz.2.4997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7f587479aeb9 code=0x7ffc0000 [ 538.764470][T17746] netlink: 48 bytes leftover after parsing attributes in process `syz.1.5000'. [ 538.809356][ T30] audit: type=1326 audit(2016777773.351:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17737 comm="syz.2.4997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f587479aeb9 code=0x7ffc0000 [ 538.891861][ T30] audit: type=1326 audit(2016777773.351:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17737 comm="syz.2.4997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f587479aeb9 code=0x7ffc0000 [ 538.928869][ T794] usb 1-1: new full-speed USB device number 113 using dummy_hcd [ 539.088042][T17759] loop2: detected capacity change from 0 to 64 [ 539.098840][ T794] usb 1-1: config 0 has an invalid interface number: 29 but max is 0 [ 539.126567][ T794] usb 1-1: config 0 has no interface number 0 [ 539.134146][T17759] hfs: unable to locate alternate MDB [ 539.152955][T17759] hfs: continuing without an alternate MDB [ 539.173043][ T794] usb 1-1: config 0 interface 29 has no altsetting 0 [ 539.200626][ T794] usb 1-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac [ 539.235755][ T794] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 539.275039][ T794] usb 1-1: Product: syz [ 539.280776][ T794] usb 1-1: Manufacturer: syz [ 539.288744][ T36] [ 539.291138][ T36] ====================================================== [ 539.298645][ T36] WARNING: possible circular locking dependency detected [ 539.305732][ T36] syzkaller #0 Not tainted [ 539.310148][ T36] ------------------------------------------------------ [ 539.317168][ T36] kworker/u8:2/36 is trying to acquire lock: [ 539.323149][ T36] ffff888052571af8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xf2/0x15e0 [ 539.334216][ T36] [ 539.334216][ T36] but task is already holding lock: [ 539.341580][ T36] ffff88802a7620b0 (&tree->tree_lock#2/1){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x300 [ 539.351203][ T36] [ 539.351203][ T36] which lock already depends on the new lock. [ 539.351203][ T36] [ 539.361590][ T36] [ 539.361590][ T36] the existing dependency chain (in reverse order) is: [ 539.370587][ T36] [ 539.370587][ T36] -> #1 (&tree->tree_lock#2/1){+.+.}-{4:4}: [ 539.378719][ T36] __mutex_lock+0x19f/0x1300 [ 539.383821][ T36] hfs_find_init+0x18e/0x300 [ 539.388921][ T36] hfs_get_block+0x556/0xc50 [ 539.394103][ T36] block_read_full_folio+0x29f/0x830 [ 539.399970][ T36] filemap_read_folio+0x137/0x3b0 [ 539.405535][ T36] do_read_cache_folio+0x358/0x590 [ 539.411153][ T36] read_cache_page+0x5d/0x170 [ 539.416333][ T36] __hfs_bnode_create+0x4b9/0x980 [ 539.421865][ T36] hfs_bnode_find+0x211/0xd40 [ 539.427049][ T36] hfs_brec_find+0x17b/0x510 [ 539.432147][ T36] hfs_brec_read+0x24/0x110 [ 539.437158][ T36] hfs_cat_find_brec+0x177/0x3f0 [ 539.442597][ T36] hfs_fill_super+0x4ff/0x770 [ 539.447800][ T36] get_tree_bdev_flags+0x431/0x4f0 [ 539.453455][ T36] vfs_get_tree+0x92/0x2a0 [ 539.458372][ T36] do_new_mount+0x341/0xd30 [ 539.463379][ T36] __se_sys_mount+0x31d/0x420 [ 539.468560][ T36] do_syscall_64+0x14d/0xf80 [ 539.473651][ T36] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 539.480048][ T36] [ 539.480048][ T36] -> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}: [ 539.489242][ T36] __lock_acquire+0x15a5/0x2cf0 [ 539.494601][ T36] lock_acquire+0xf0/0x2e0 [ 539.499519][ T36] __mutex_lock+0x19f/0x1300 [ 539.504611][ T36] hfs_extend_file+0xf2/0x15e0 [ 539.509877][ T36] hfs_bmap_reserve+0x107/0x430 [ 539.515226][ T36] __hfs_ext_write_extent+0x1fa/0x470 [ 539.521105][ T36] hfs_ext_write_extent+0x17e/0x210 [ 539.526877][ T36] hfs_write_inode+0x117/0x960 [ 539.532141][ T36] __writeback_single_inode+0x75a/0x11a0 [ 539.538288][ T36] writeback_sb_inodes+0x944/0x19a0 [ 539.543989][ T36] wb_writeback+0x456/0xb70 [ 539.549029][ T36] wb_workfn+0x414/0xf50 [ 539.553771][ T36] process_one_work+0x949/0x1650 [ 539.559211][ T36] worker_thread+0xb46/0x1140 [ 539.564393][ T36] kthread+0x388/0x470 [ 539.568961][ T36] ret_from_fork+0x51e/0xb90 [ 539.574056][ T36] ret_from_fork_asm+0x1a/0x30 [ 539.579329][ T36] [ 539.579329][ T36] other info that might help us debug this: [ 539.579329][ T36] [ 539.589531][ T36] Possible unsafe locking scenario: [ 539.589531][ T36] [ 539.596973][ T36] CPU0 CPU1 [ 539.602390][ T36] ---- ---- [ 539.607731][ T36] lock(&tree->tree_lock#2/1); [ 539.612583][ T36] lock(&HFS_I(tree->inode)->extents_lock); [ 539.621066][ T36] lock(&tree->tree_lock#2/1); [ 539.628434][ T36] lock(&HFS_I(tree->inode)->extents_lock); [ 539.634409][ T36] [ 539.634409][ T36] *** DEADLOCK *** [ 539.634409][ T36] [ 539.642540][ T36] 3 locks held by kworker/u8:2/36: [ 539.647641][ T36] #0: ffff888020ac8948 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x855/0x1650 [ 539.658425][ T36] #1: ffffc90000ac7c40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x87c/0x1650 [ 539.670244][ T36] #2: ffff88802a7620b0 (&tree->tree_lock#2/1){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x300 [ 539.680164][ T36] [ 539.680164][ T36] stack backtrace: [ 539.686033][ T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted syzkaller #0 PREEMPT(full) [ 539.686049][ T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 539.686059][ T36] Workqueue: writeback wb_workfn (flush-7:2) [ 539.686077][ T36] Call Trace: [ 539.686087][ T36] [ 539.686094][ T36] dump_stack_lvl+0xe8/0x150 [ 539.686113][ T36] print_circular_bug+0x2e1/0x300 [ 539.686134][ T36] check_noncircular+0x12e/0x150 [ 539.686154][ T36] __lock_acquire+0x15a5/0x2cf0 [ 539.686170][ T36] ? unwind_next_frame+0x1aaf/0x23c0 [ 539.686191][ T36] ? unwind_next_frame+0xa5/0x23c0 [ 539.686209][ T36] ? ret_from_fork_asm+0x1a/0x30 [ 539.686225][ T36] ? ret_from_fork_asm+0x1a/0x30 [ 539.686244][ T36] lock_acquire+0xf0/0x2e0 [ 539.686259][ T36] ? hfs_extend_file+0xf2/0x15e0 [ 539.686291][ T36] __mutex_lock+0x19f/0x1300 [ 539.686309][ T36] ? hfs_extend_file+0xf2/0x15e0 [ 539.686322][ T36] ? check_path+0x21/0x40 [ 539.686338][ T36] ? check_noncircular+0xda/0x150 [ 539.686356][ T36] ? add_lock_to_list+0xc7/0x100 [ 539.686372][ T36] ? hfs_extend_file+0xf2/0x15e0 [ 539.686386][ T36] ? __pfx___mutex_lock+0x10/0x10 [ 539.686449][ T36] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 539.686468][ T36] hfs_extend_file+0xf2/0x15e0 [ 539.686483][ T36] ? __pfx___mutex_trylock_common+0x10/0x10 [ 539.686532][ T36] ? __pfx_hfs_extend_file+0x10/0x10 [ 539.686545][ T36] ? trace_contention_end+0x3d/0x150 [ 539.686563][ T36] ? __mutex_lock+0x319/0x1300 [ 539.686581][ T36] ? __asan_memset+0x22/0x50 [ 539.686655][ T36] ? hfs_brec_find+0x19a/0x510 [ 539.686673][ T36] hfs_bmap_reserve+0x107/0x430 [ 539.686690][ T36] __hfs_ext_write_extent+0x1fa/0x470 [ 539.686706][ T36] hfs_ext_write_extent+0x17e/0x210 [ 539.686720][ T36] ? __pfx_hfs_ext_write_extent+0x10/0x10 [ 539.686739][ T36] hfs_write_inode+0x117/0x960 [ 539.686754][ T36] ? __pfx_hfs_write_inode+0x10/0x10 [ 539.686770][ T36] ? __pfx_hfs_writepages+0x10/0x10 [ 539.686787][ T36] ? do_raw_spin_unlock+0xf5/0x210 [ 539.686801][ T36] __writeback_single_inode+0x75a/0x11a0 [ 539.686820][ T36] writeback_sb_inodes+0x944/0x19a0 [ 539.686843][ T36] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 539.686857][ T36] ? do_raw_spin_lock+0x12b/0x2f0 [ 539.686881][ T36] ? rcu_is_watching+0x15/0xb0 [ 539.686900][ T36] wb_writeback+0x456/0xb70 [ 539.686916][ T36] ? queue_io+0x241/0x4a0 [ 539.686933][ T36] ? __pfx_wb_writeback+0x10/0x10 [ 539.686946][ T36] ? do_raw_spin_lock+0x12b/0x2f0 [ 539.686964][ T36] wb_workfn+0x414/0xf50 [ 539.686977][ T36] ? look_up_lock_class+0x57/0x110 [ 539.686996][ T36] ? __pfx_wb_workfn+0x10/0x10 [ 539.687009][ T36] ? do_raw_spin_lock+0x12b/0x2f0 [ 539.687022][ T36] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 539.687042][ T36] ? process_one_work+0x87c/0x1650 [ 539.687058][ T36] process_one_work+0x949/0x1650 [ 539.687079][ T36] ? __pfx_process_one_work+0x10/0x10 [ 539.687094][ T36] ? do_raw_spin_lock+0x12b/0x2f0 [ 539.687111][ T36] worker_thread+0xb46/0x1140 [ 539.687130][ T36] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 539.687148][ T36] kthread+0x388/0x470 [ 539.687160][ T36] ? __pfx_worker_thread+0x10/0x10 [ 539.687175][ T36] ? __pfx_kthread+0x10/0x10 [ 539.687187][ T36] ret_from_fork+0x51e/0xb90 [ 539.687205][ T36] ? __pfx_ret_from_fork+0x10/0x10 [ 539.687219][ T36] ? __switch_to+0xc7d/0x1450 [ 539.687236][ T36] ? __pfx_kthread+0x10/0x10 [ 539.687248][ T36] ret_from_fork_asm+0x1a/0x30 [ 539.687270][ T36] [ 540.027913][T17760] Bluetooth: hci1: Opcode 0x080f failed: -4 [ 540.058591][T17768] loop4: detected capacity change from 0 to 256 [ 540.208085][ T794] usb 1-1: SerialNumber: syz [ 540.214354][ T794] usb 1-1: config 0 descriptor?? [ 540.409344][ T794] peak_usb 1-1:0.29: PEAK-System PCAN-USB X6 v184 fw v210.0.0 (2 channels) [ 540.596719][ T794] peak_usb 1-1:0.29 can0: unable to request usb[type=2 value=5] err=-71 [ 540.605651][ T794] peak_usb 1-1:0.29: unable to tell PCAN-USB X6 driver is loaded (err -71) [ 540.662936][ T794] peak_usb 1-1:0.29: probe with driver peak_usb failed with error -71 [ 540.673788][ T794] usb 1-1: USB disconnect, device number 113 [ 541.035416][ T5827] Bluetooth: hci1: command 0x0406 tx timeout