last executing test programs: 1.329450893s ago: executing program 1 (id=2767): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) sendto(r0, 0x0, 0x0, 0x4081, 0x0, 0x0) 1.329329373s ago: executing program 3 (id=2768): r0 = syz_mount_image$iso9660(&(0x7f00000001c0), &(0x7f0000000280)='./file0\x00', 0x14806, &(0x7f0000000080)=ANY=[], 0x0, 0x702, &(0x7f0000001140)="$eJzs3V2P21gZB/D/STJJJoWqAlStqm7ndMpKUzGkTmabKipIGOckY0jiyPbAjIS0KnRmNWqmQFskmpt2bniRli/A3d5wwYdYiQuu9lvAFUgrEBJiBUJGPrbzMnEykzbtbNn/b7Qbx358/Phl/axn7GMQERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERhNUwjIpA2+7u7MrZrIbrdJIvWUxNj1pbwc1o4Oa8Za6EywVE+A+KRbwVjX7rK6OQy+G/1nE1+nYVxfCjiMGFy5fufjmXSeafk/CLwKINPn46eHCv399/dIbYLBZu/jwhc4agluranmN3zJaStufIeq1m3NpuerJpt5W35/mqIy1XZXzHlRvWTVmp17ekKu85O91Ww2yrZOSdr1cNoya/U4h2NICyZ23b7bbdbemYcHIYc0d+8IMoQJkdKQ8O+/tbY/k8S9vGYVAlJfnMeHAYVD1tdatGtVqpVKuV2u367TuGkZsaYYSEMYSpiKUftPSGWe4JnOglZKzGf4w/CaCNIrrYwS5k6o+FBlw46MyYHkvq/zu31Nzljtf/pMqvjCZfga7/16Jv12bV/xm5SEg9Q9oUMWP8Yj8rOiOJx3iKAR7gHvroYx+PltC2hFx76RbyRrwll5LPzJ8WFLqw4cGBjQ5MtPBFyHiMRB011GDgPWyjCQ8STdhoQ8HDHjz4UOERlQ8zVTDhw4ELiQ1YuAmJCuqoYwsSCmXswcEOumihARP/CoLgAId6u2/F+TxPWWskQZUZK1FALjnu9lGds7az6v8Pn0Vzx/XfYP3/vIqOg0L08fG8GKLPgCC+/l/Q2qvJhoiIiIiIiIheBaF/+y70X+XfBhCgabeVMRFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIierMJ/YydAFDSN/WL0eNSZ/klQPY1pEhEREREREREL0k/+X8tDwT6Lv81iIWu/4mIiIiIiIjoDfCrsT72c9m4j90g+bN+BsDanwvio78V4K6I497uV8WRGU4xj+KYqTsA/OYVcTHuqFd/5AHob5a6KuKlSeCfyW8fQp8cpPf1/zyICCHcEwnks+MNzEhAhEuu5eJv+ADXo1mux/3M3x9koKdEPQqXmnZblS2nfbcC07yY8dWu/7OHhz8H3OF6Hhz298s/+nH/vs7lOBx1fBQ2+mwinUz6xhjl8kT3t6CfuUjr3XgVzWSRv+52SkIv10jWPwvzKDO+oHk7oLYKRGv5C6xH+2w9iGJLg2GP+wJY050/VMp6l02svbsiRllUTq552o6YseZFncWNKObGxo3oI9kmYTsZUfxaFqiWp/fBRBbV8SxO3xbi7ye2//wsIIrhttgKs/hD2NCJLL7/UTTzVm836R7jLFlMHQVEROflYFSFdCfmU33sJ+UhOamdve4gB8RnuRnVfbSUIK4fSXV/8tsgqlBZIBf/bSJ9KUldQXhG3xC6nXzUoXvuSsoZ3Sh/GgSBebGI8TP6f4MgWSFjgep2HATByTP670fvQIrTnsri30EQ3K3oSvKbE1X1w3CGD2cu12tXsyiigCdHP9Ed4Ife339//2G1ulUz3jWM21Ws6P9ViD+yYO0hIqIpp79jR0dk5kSId3E9auP6/b++Ew1NVLwvxbcUaLeAPu5jM3mFwFp6qyUc4Jv/iG5D2IyuWoH1UvRZGsjLl+6GV7XD2EOR02942Zx5VadraRSrb2+oDmOT9w6dvAIcxW694r1ARET0eq3PqMPARP3HZP0vTtT/TWxEERtXUq+7S2O3FG4mV8fDS/rBhePU2MrpyX9ryRuDiIjoc0K5n4iS/0vhunbvvUq9XjH9bSVdx/qudO1GS0m76yvX2ja7LSV7ruM7ltOWPRcFe1V50tvp9RzXl03HlT3Hs3f1m99l/Op3T3XMrm9bXq+tTE9Jy+n6puXLhu1Zsrfz7bbtbStXz+z1lGU3bcv0bacrPWfHtVRZSk+psUC7obq+3bTDwa7suXbHdPfk95z2TkfJhvIs1+75TtRgsiy723Tcjm62jGDhFx0SERH9P3r8dPDgXr+//+jkwGp4aR6NOcaMmOmBfEqD7COIiIjoM2ZUrheYqfgKEyIiIiIiIiIiIiIiIiIiIiIiIiIiIiIioimnP9K34MBK2sOCwHDMTy/GY/Aco0cMp9oReNl8PnX/qDv2e5HZM4suNHkkYvDg4znBq8MxyeYfjzleZKG4BLzw9vnLF4ALegyiMbklHgDTz48uq+Wkx+LUmG8cRBNnza4npk4qDPdFbvn/OYQDD383PUmEaxEEQTB/9sLkNsyf/XgON9aj/JxdsHrK8fM6z0JEdB7+FwAA//9NXDc5") futimesat(r0, 0x0, 0x0) 1.195559874s ago: executing program 1 (id=2770): r0 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0) read(r0, 0x0, 0x0) 1.079567454s ago: executing program 3 (id=2771): keyctl$set_reqkey_keyring(0xe, 0x1) keyctl$set_reqkey_keyring(0xe, 0x1) 1.078896224s ago: executing program 0 (id=2772): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='coredump_filter\x00') readv(r0, &(0x7f0000000780)=[{&(0x7f0000000300)=""/41, 0x29}], 0x1) 1.078856754s ago: executing program 2 (id=2773): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioctl$SNDCTL_DSP_POST(r0, 0x5008, 0x0) 1.035449107s ago: executing program 1 (id=2774): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000ac0)={0x1, 0x7}) 906.121557ms ago: executing program 1 (id=2775): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000f40)={'batadv_slave_1\x00', {0x2, 0x4e24, @multicast2}}) 895.761358ms ago: executing program 0 (id=2776): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@newlink={0x50, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE={0x8, 0x2, @broadcast}, @IFLA_GENEVE_REMOTE6={0x14, 0x7, @loopback}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x4001}, 0x0) 855.822152ms ago: executing program 2 (id=2777): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000002700)={'gretap0\x00', &(0x7f00000026c0)=@ethtool_ringparam={0x10, 0x2, 0x2, 0x6, 0x2, 0x8, 0x6, 0x2, 0x6}}) 737.526481ms ago: executing program 0 (id=2778): r0 = socket(0xa, 0x1, 0x0) getsockopt(r0, 0x0, 0x40, &(0x7f0000b3ffac)=""/84, &(0x7f0000001ffc)=0x54) 737.446641ms ago: executing program 3 (id=2779): r0 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$6lowpan_control(r0, &(0x7f0000000040)='connect aa:aa:aa:aa:aa:10 1', 0x1b) 731.662571ms ago: executing program 1 (id=2780): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) 689.288675ms ago: executing program 2 (id=2781): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@ipv4_delroute={0x28, 0x19, 0x1, 0x70bd2d, 0x25dfdbf8, {0x2, 0x20, 0x20, 0x0, 0xff, 0x2, 0xff, 0x2, 0x1800}, [@RTA_DST={0x8, 0x1, @local}, @RTA_METRICS={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x44050}, 0x1000) 483.972691ms ago: executing program 1 (id=2782): syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1e}, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x2, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @remote, @broadcast}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x86dd}, {0x0, 0x0, 0x0, 0x0, 0x11}}}}}}, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000220edf104c05c10687c20102030109022400010000ae0009040000024f69960009050f029d82297200090582"], 0x0) 483.796311ms ago: executing program 2 (id=2783): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000ac0)={0x1, 0x7}) 483.043451ms ago: executing program 3 (id=2790): r0 = syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x11, &(0x7f0000000500)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@noblock_validity}, {@noload}, {@data_writeback}]}, 0x0, 0x631, &(0x7f0000001940)="$eJzs3c1vVFUbAPDn3k6/3/edQt6ouJBGYyBRWlrAEGMC3bgiBD92riotBBkooTVaJLFNcGNi3LgwceVC/C+UxK0Lty7cuDIkxBgWYlDG3Jk7ZTrt9Hs6pf39kmnvnTtzzrlNn3nOnDnnTgB71mD2I404EBHXkohi3bFC5AcHq4+7/8fN89ktiXL5rd+TuPlxMldfVpL/7s+f/E8xkp/SiP0dS+udnr1xebxUmrye7w/PXLk2PD1748ilK+MXJy9OXh19ZfTkieMnTo4c3dT55VX/nf04c+u9D4qfnn3nm68eJiPf/nI2idPxKH9Adl6Nz+3eVM3Z32wwylUPFh1II05usuyd4s9i7f+kojv7h0gK7WwR65FGxKmI6IyIp6MYHfE4WIvxyRttbRzQUuUkKjlqsAzsPUk0PXSpJ3+RWKqnpW0CtkOtH1B7b7/c++Cl0lZ2SYBtcm+sOlZXjf3OiKjFf6E6Nhg9lbGBvvtJ/ThPZaxvcyNzVVkdP/5w9lZ2iybjcEBrzM3XRrkb839Sic2BqL4H6LufLvpsYCzvBaT55wRvNha8xsHzwYZ98Q/bZ24+Ip7J839XrBj/9fk/zWO3Fv/vbrB+8Q8AAAAAAABb585YRLy83Py/dGH+T9cy83/6I+L0FtS/+ud/6d18I9mC6oA698YiXlt2/u/CHN+Bjnzvv5X5AJ3JhUulyaMR8b+IOByd3dn+SEO59TOEj3y2/8tm9dfP/8tuWf21uYB5SXcLDXOJJsZnxjd73kDEvfmIZyvzfw/m9yye/5Pl/2SZ/J/F97U11rH/xdvnmh1bPf6BVil/HXFo2fz/uLudrHx9juFKf2C41itY6rmPPv+uWf3iH9ony/99K8d/d1J/vZ7p9ZXfFRHHZgvlZsc32v/vSt7uqJWf+XB8Zub6SERXcmbp/aPrazPsVrV4qMVLFv+HX1h5/G+h/18Xh70RMbfGOp961P9rs2PyP7RPFv8TK+f/4uL8v/6N0dsD3zer/9ya8v/xSk4/nN9j/A/qLb0ex1oDtC3NBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAnXBoR/4kkHVrYTtOhoYj+iPh/9KWlqemZly5MvX91IjtW+f7/tPZNv8XqflL7/v+Buv3Rhv1jEbEvIr7o6K3sD52fKk20++QBAAAAAAAAAAAAAAAAAABgh+ivrPkvdzeu/8/81tHu1gEtV8h/i3fYewobfma5e0sbAmy7jcc/8CSbX1f8d7a0LcD2ax7/Dx6WKxrufv35lrcJ2B76/7B3bTD+fVwAu4D8D3vVGsf0elrdDqAd5H8AAAAAANhV9h2883MSEXOv9lZuma78WG9bWwa0WtruBgBtYw4v7F2FqXa3AGgXC/qBZGHrr8bF/hXNZ/8nrWkQAAAAAAAAAAAAALDEoQPN1/9bGwC728rr/83th91shfX/ywW/ywXALtL8qz/kftjtvMcHVsv21v8DAAAAAAAAAAAAwA7Qc+PyeKk0eX169snbOLUzmrG+jbnxzZVT7t4JZ7F441FrSu6MiJ1xgluwkQVbqTRZLkes/uDaJTja2Ob2viwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACP/RsAAP//w6wgNA==") ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000080)=0x6) 400.796838ms ago: executing program 0 (id=2784): r0 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0) read(r0, 0x0, 0x0) 195.075574ms ago: executing program 3 (id=2785): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioctl$SNDCTL_DSP_POST(r0, 0x5008, 0x0) 194.257874ms ago: executing program 0 (id=2794): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') pread64(r0, &(0x7f0000000480)=""/209, 0xd1, 0x2) 193.196355ms ago: executing program 2 (id=2795): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) getpeername(r0, 0x0, 0x0) 666.47µs ago: executing program 0 (id=2786): keyctl$set_reqkey_keyring(0xe, 0x1) keyctl$set_reqkey_keyring(0xe, 0x1) 547.77µs ago: executing program 2 (id=2787): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000600)=@newsa={0x148, 0x10, 0x1, 0x0, 0x0, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@private0, 0x0, 0x6c}, @in6=@remote, {}, {}, {}, 0x0, 0x0, 0xa, 0x0, 0x0, 0x40}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @XFRMA_SET_MARK={0x8}, @XFRMA_IF_ID={0x8}]}, 0x148}}, 0x0) 0s ago: executing program 3 (id=2788): syz_mount_image$minix(&(0x7f0000000100), &(0x7f00000066c0)='./file1\x00', 0x1810002, &(0x7f0000000240)=ANY=[@ANYBLOB="002ecbc55fe6d6100837adda58fa7d10ab54aee93b992510be054d731ab7da7e75676e729a84f3b6a90100db5e477dbfee9ea3db9e2cdf0af3e9f7718732aaccc2158ad1dc498162eb5e87e3ec955164b6a97fb2a48d7a569258274a727cb0c7227e8f51529264e568b34e6f7ee018b3562d8fdd26e1b83ab2b09862ea8ac241fca01893c02becc286b2b17bd8c515b3dd02562333f6a7273bc91c9841bf3cb673bc8942336c5cebffbb08f82ba108af50c8dabb9628fc8e59c207395f370146898f1f3400f50f5e0566363558fe2c744cbebda08fe49b2155b62fcbb938b0d78d5e36b5e6b7d1c01f8b6423066333a94bb51f311c1d70dc272c6528d8057273e9bffbc8747d7c8a65b368828d39c69fc42125281702192328142ebb5b396e66db522ca6f2ae2ca64ab0d9d3f0eeb890d6b5a376ab004afb2ccc83293222ce378ef0e8d88e873ee168d615985aaabc293ce789dd163747e965405c11730f23faf8053fb37e93d5a54cdce54c1ce09598258ec5892938c5a16cf0c548695c973b45a0bc95feff28efd824744057c5da581fe9215d1a9e358a9da84b4ceb0f586c2ddbabbe2347dd728b8e05ecf90b4c7c9861ce1af7709c9babcdc2bdc5c8d70b1cb2b9fb072175a8496a48942dc2755a5ed6296745ec0810e42050e657b2c0965d423077136da0140277053c8ce91d0000000000000000000000f81a60f8321a29d95e555edc5822e904e5b3821224bb704efb9aea0f736fa06f46b1023fc644c7879a6315e96f6695f65fef95d6dbf22d80c068a20fc98bad02dbeb3c9f478063d2f2f8fd5e8af7a5d5937e5626c71efa3369e99787e78597c01acfa3b273102993abd03263ae4115a65254d32c517eddeb58bbc458d025fdc566906ac145a9db74f46d10805e6c7560f6740cf29445f6aec713655cdd27032c6413f342d8e76782bdc2d96870cf7e84d15838c48aa6af77086acec169846791fbb50b0f648adbc6f4058870827efcf4da44b43c62f3", @ANYRESHEX, @ANYRES64=0x0, @ANYRESOCT, @ANYRESDEC=0x0, @ANYRES16, @ANYRES32=0x0, @ANYBLOB="2da97369bd5bd2a022e4fea628166430fb7a26dae38cd827ad7f8cff5d2246bdd2cc0e8101b9631aa9db6c88c4ea13a8fbc6a23601da47409ecba43e29d90521e4a37f2f57fa7ce2366b5b89b5b9529791fb53b47e83c2014cd5779926a7dd8a0de70a50b2baf658b32d6d108efa8d3b6101762c8308a5b3351fd14516c9c33e6c6bd15e956f84604a27325b8ebb315aff3e39aa98ba22dffb1b6a7c1acafedad4ef237de4595f77f679e98e9dcbf01dc5bcbd5c199b9e95c24b", @ANYRES32, @ANYRES8=0x0, @ANYRES32], 0x1, 0x1d8, &(0x7f0000001a40)="$eJzs20lu02AYxvHHTmy3ZZ42rJBYwIYY0kjQHT0AF2BXtaaqcAFRNq0qQTfcg2Ow4yZcoJXoCYw8VMYhdjwodob/T2rzxvHj74uU1/kcJQKwsm5H/w0ZsqIqCIKvjyS9fSOpXxi1W5kggJkJjLjpM6y0tMcfi61NSAFYOL0/k7c7uQ3+86owOQsAi+xiuxetA34Z0u/L093zy1MjXhl8K7V+uNg2pV5yJ85Hf7a0Vip/Fg/3sC+d/5N3lD2AkTOd4Eecf6Jsfr3U7NPxN8byG9OC4SVT6MyMbp4+zuavSbou6Yakm5JuJddadyTdnTD+3tj4D0rOH2gifPUNMltKtW02PyjYwSnOh93z7sD3nlcaNWUl+Rc183aSHzbMb9bMO0l+sPvR38vd63XNowPFzP/6v5qp/Z8r/fiwSf/3K/S/VXMMYFkdHZ+83/F973P1wqyVoliV4mohGW4JT9PTU987n3N7xfp8TCO/6PjEBGDm3C+Hn9yj45NnB4c7+96+92E42no12hyOXm650brcbbI6BzDP0jf9cvsXfyUIAAAAAAAAAAAAAAB04Z6k+11PAgAAAEAr2vg5UdfPEQAAAAAAAAAAAAAAAAAAAFgWfwMAAP//azU4cQ==") mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x182) kernel console output (not intermixed with test programs): .919322][ T7402] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 125.933772][ T7402] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 125.951888][ T27] audit: type=1800 audit(1756461239.840:21): pid=7402 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.715" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 126.040742][ T7402] syz.1.715 (7402) used greatest stack depth: 19888 bytes left [ 126.477596][ T7428] loop2: detected capacity change from 0 to 256 [ 126.544425][ T7428] FAT-fs (loop2): Directory bread(block 64) failed [ 126.560606][ T7428] FAT-fs (loop2): Directory bread(block 65) failed [ 126.582976][ T7428] FAT-fs (loop2): Directory bread(block 66) failed [ 126.604547][ T7428] FAT-fs (loop2): Directory bread(block 67) failed [ 126.616428][ T7428] FAT-fs (loop2): Directory bread(block 68) failed [ 126.643579][ T7428] FAT-fs (loop2): Directory bread(block 69) failed [ 126.662741][ T7428] FAT-fs (loop2): Directory bread(block 70) failed [ 126.688300][ T7428] FAT-fs (loop2): Directory bread(block 71) failed [ 126.696390][ T7428] FAT-fs (loop2): Directory bread(block 72) failed [ 126.718601][ T7428] FAT-fs (loop2): Directory bread(block 73) failed [ 126.765310][ T7437] netlink: 48 bytes leftover after parsing attributes in process `syz.0.731'. [ 126.985582][ T7439] netlink: 14 bytes leftover after parsing attributes in process `syz.1.733'. [ 127.019976][ T7442] loop0: detected capacity change from 0 to 64 [ 127.226125][ T7447] loop2: detected capacity change from 0 to 8 [ 127.283372][ T7449] netlink: 8 bytes leftover after parsing attributes in process `syz.1.738'. [ 127.346444][ T7449] netlink: 8 bytes leftover after parsing attributes in process `syz.1.738'. [ 127.977964][ T5864] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 128.113369][ T27] audit: type=1326 audit(1756461242.010:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7478 comm="syz.2.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512b18ebe9 code=0x7ffc0000 [ 128.138316][ T5775] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 128.145738][ T27] audit: type=1326 audit(1756461242.010:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7478 comm="syz.2.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512b18ebe9 code=0x7ffc0000 [ 128.180909][ T27] audit: type=1326 audit(1756461242.040:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7478 comm="syz.2.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f512b18ebe9 code=0x7ffc0000 [ 128.205876][ T27] audit: type=1326 audit(1756461242.040:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7478 comm="syz.2.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512b18ebe9 code=0x7ffc0000 [ 128.235862][ T5864] usb 1-1: Using ep0 maxpacket: 32 [ 128.267979][ T5864] usb 1-1: config 0 has an invalid interface number: 35 but max is 0 [ 128.282797][ T5864] usb 1-1: config 0 has no interface number 0 [ 128.291926][ T27] audit: type=1326 audit(1756461242.040:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7478 comm="syz.2.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512b18ebe9 code=0x7ffc0000 [ 128.326389][ T5864] usb 1-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 128.341425][ T5864] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 128.348627][ T5775] usb 4-1: Using ep0 maxpacket: 8 [ 128.350837][ T5864] usb 1-1: Product: syz [ 128.364683][ T5864] usb 1-1: Manufacturer: syz [ 128.369340][ T5775] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 128.369396][ T5775] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 128.369420][ T5775] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.372468][ T5775] usb 4-1: config 0 descriptor?? [ 128.385739][ T5864] usb 1-1: SerialNumber: syz [ 128.421737][ T5864] usb 1-1: config 0 descriptor?? [ 128.431951][ T5775] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 128.451434][ T5864] radio-si470x 1-1:0.35: could not find interrupt in endpoint [ 128.488185][ T5864] radio-si470x: probe of 1-1:0.35 failed with error -5 [ 128.681001][ T5864] radio-raremono 1-1:0.35: Thanko's Raremono connected: (10C4:818A) [ 128.844976][ T5775] gspca_vc032x: reg_w err -71 [ 128.854117][ T5775] vc032x: probe of 4-1:0.0 failed with error -71 [ 128.864111][ T5775] usb 4-1: USB disconnect, device number 7 [ 128.883717][ T5864] radio-raremono 1-1:0.35: raremono_cmd_main failed (-71) [ 128.914785][ T5864] radio-raremono 1-1:0.35: V4L2 device registered as radio48 [ 128.944170][ T5864] usb 1-1: USB disconnect, device number 6 [ 128.964558][ T5864] radio-raremono 1-1:0.35: Thanko's Raremono disconnected [ 129.254674][ T7506] loop2: detected capacity change from 0 to 512 [ 129.283000][ T7506] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 129.296969][ T7506] EXT4-fs (loop2): orphan cleanup on readonly fs [ 129.308131][ T7506] Quota error (device loop2): do_check_range: Getting block 196613 out of range 1-5 [ 129.319040][ T7506] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 129.329165][ T7506] EXT4-fs error (device loop2): ext4_acquire_dquot:6940: comm syz.2.766: Failed to acquire dquot type 1 [ 129.346877][ T7506] EXT4-fs (loop2): 1 truncate cleaned up [ 129.363977][ T7506] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 129.709112][ T5775] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 129.779322][ T7519] Cannot find add_set index 0 as target [ 129.879067][ T7523] loop1: detected capacity change from 0 to 8 [ 129.897937][ T5775] usb 3-1: Using ep0 maxpacket: 32 [ 129.906682][ T5775] usb 3-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0 [ 129.929608][ T5775] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.956298][ T5775] usb 3-1: config 0 descriptor?? [ 129.981094][ T5775] rndis_host: probe of 3-1:0.0 failed with error -22 [ 130.241361][ T5775] usb 3-1: USB disconnect, device number 4 [ 130.323904][ T7537] loop3: detected capacity change from 0 to 512 [ 130.345004][ T7537] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 130.364713][ T7539] (unnamed net_device) (uninitialized): option downdelay: invalid value (18446744073709551609) [ 130.390156][ T7539] (unnamed net_device) (uninitialized): option downdelay: allowed values 0 - 2147483647 [ 130.400544][ T7537] EXT4-fs warning (device loop3): dx_probe:869: inode #2: comm syz.3.782: Unimplemented hash flags: 0x0001 [ 130.414342][ T7537] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.782: Corrupt directory, running e2fsck is recommended [ 130.478771][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.686832][ T7544] loop0: detected capacity change from 0 to 4096 [ 130.735312][ T7544] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 130.869928][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.913181][ T5864] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 130.958410][ T7552] loop3: detected capacity change from 0 to 256 [ 130.971811][ T7544] ntfs3: loop0: ino=5, "/" directory corrupted [ 130.980173][ T7552] exfat: Deprecated parameter 'utf8' [ 130.985592][ T7552] exfat: Deprecated parameter 'utf8' [ 130.988502][ T7544] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 131.039814][ T7544] ntfs3: loop0: ino=5, "/" directory corrupted [ 131.068521][ T7552] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x7bac8b1f, utbl_chksum : 0xe619d30d) [ 131.130555][ T5864] usb 2-1: Using ep0 maxpacket: 16 [ 131.143876][ T5864] usb 2-1: config index 0 descriptor too short (expected 16456, got 72) [ 131.154250][ T5864] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 131.173346][ T5864] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 131.185108][ T5864] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 131.211532][ T5864] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 131.246094][ T5864] usb 2-1: config 0 has no interface number 0 [ 131.262682][ T5864] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 131.308314][ T5864] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 131.329794][ T5864] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 131.350620][ T5864] usb 2-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 131.392711][ T5864] usb 2-1: config 0 interface 125 has no altsetting 0 [ 131.409344][ T7558] netlink: 20 bytes leftover after parsing attributes in process `syz.0.791'. [ 131.430611][ T5864] usb 2-1: config 0 interface 125 has no altsetting 2 [ 131.455459][ T5864] usb 2-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 131.466339][ T5864] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 131.488244][ T5864] usb 2-1: Product: syz [ 131.492480][ T5864] usb 2-1: Manufacturer: syz [ 131.497114][ T5864] usb 2-1: SerialNumber: syz [ 131.525172][ T5864] usb 2-1: config 0 descriptor?? [ 131.537690][ T7564] netlink: 'syz.2.794': attribute type 3 has an invalid length. [ 131.542916][ T5864] usb 2-1: selecting invalid altsetting 2 [ 131.562431][ T7564] netlink: 'syz.2.794': attribute type 3 has an invalid length. [ 131.597238][ T7564] netlink: 'syz.2.794': attribute type 3 has an invalid length. [ 131.634368][ T7564] netlink: 'syz.2.794': attribute type 3 has an invalid length. [ 131.658515][ T7564] netlink: 'syz.2.794': attribute type 3 has an invalid length. [ 131.677055][ T7564] netlink: 'syz.2.794': attribute type 3 has an invalid length. [ 131.688331][ T7564] netlink: 'syz.2.794': attribute type 3 has an invalid length. [ 131.713434][ T7564] netlink: 'syz.2.794': attribute type 3 has an invalid length. [ 131.728541][ T7564] netlink: 'syz.2.794': attribute type 3 has an invalid length. [ 131.745812][ T7564] netlink: 'syz.2.794': attribute type 3 has an invalid length. [ 131.989907][ C0] usb 2-1: async_complete: urb error -71 [ 131.995725][ C0] usb 2-1: async_complete: urb error -71 [ 132.001516][ C0] usb 2-1: async_complete: urb error -71 [ 132.038807][ T5864] get_1284_register: usb error -71 [ 132.048898][ T5864] uss720: probe of 2-1:0.125 failed with error -71 [ 132.085691][ T5864] usb 2-1: USB disconnect, device number 4 [ 132.245869][ T7584] team0: Port device dummy0 added [ 132.426452][ T7590] PM: Enabling pm_trace changes system date and time during resume. [ 132.426452][ T7590] PM: Correct system time has to be restored manually after resume. [ 132.704948][ T1280] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.711574][ T1280] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.808481][ T7602] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 133.145902][ T7618] x_tables: duplicate entry at hook 3 [ 133.327913][ T7622] libceph: resolve '400' (ret=-3): failed [ 133.329725][ T7625] xt_hashlimit: max too large, truncated to 1048576 [ 133.654433][ T7635] netlink: 24 bytes leftover after parsing attributes in process `syz.2.829'. [ 133.752513][ T7641] netlink: 11 bytes leftover after parsing attributes in process `syz.3.832'. [ 133.897714][ T7645] loop2: detected capacity change from 0 to 8 [ 134.273249][ T7657] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 134.299291][ T7657] xt_TPROXY: Can be used only with -p tcp or -p udp [ 134.535344][ T7665] ieee802154 phy0 wpan0: encryption failed: -22 [ 134.547129][ T7669] capability: warning: `syz.0.846' uses 32-bit capabilities (legacy support in use) [ 134.682821][ T7675] SET target dimension over the limit! [ 135.036113][ T7689] xt_hashlimit: overflow, try lower: 18446744073709551614/15680 [ 135.889333][ T7718] loop3: detected capacity change from 0 to 512 [ 135.919583][ T7718] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 135.988902][ T7718] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 136.017937][ T7718] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84fc01c, mo2=0102] [ 136.026228][ T7718] System zones: 0-2, 18-18, 34-34 [ 136.077733][ T7718] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.869: iget: bad i_size value: 360287970189639680 [ 136.113192][ T7718] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.869: couldn't read orphan inode 15 (err -117) [ 136.132003][ T7718] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.220818][ T7718] EXT4-fs error (device loop3): ext4_find_dest_de:2115: inode #2: block 3: comm syz.3.869: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1 [ 136.239546][ C1] vkms_vblank_simulate: vblank timer overrun [ 136.445099][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.728556][ T7741] netlink: 20 bytes leftover after parsing attributes in process `syz.3.878'. [ 136.737487][ T7741] netlink: 16 bytes leftover after parsing attributes in process `syz.3.878'. [ 136.917436][ T7748] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 136.992754][ T7727] loop0: detected capacity change from 0 to 32768 [ 137.154364][ T7727] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 137.277301][ T7727] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 137.793901][ T7777] program syz.2.894 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 137.888904][ T5791] ocfs2: Unmounting device (7,0) on (node local) [ 139.244065][ T7815] validate_nla: 43 callbacks suppressed [ 139.244083][ T7815] netlink: 'syz.1.914': attribute type 4 has an invalid length. [ 139.278356][ T7815] netlink: 152 bytes leftover after parsing attributes in process `syz.1.914'. [ 139.344194][ T7815] .`: renamed from bond0 (while UP) [ 139.983028][ T7841] loop2: detected capacity change from 0 to 512 [ 140.014615][ T7841] EXT4-fs: Ignoring removed nobh option [ 140.100443][ T7841] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #16: comm syz.2.925: corrupted inode contents [ 140.126739][ T7841] EXT4-fs (loop2): Remounting filesystem read-only [ 140.174509][ T7841] EXT4-fs (loop2): 1 truncate cleaned up [ 140.188477][ T1129] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 140.206787][ T7841] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.221908][ T7841] ext4 filesystem being mounted at /265/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 140.241177][ T1129] Quota error (device loop2): write_blk: dquota write failed [ 140.263465][ T1129] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries [ 140.290169][ T1129] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 140.307910][ T1129] Quota error (device loop2): write_blk: dquota write failed [ 140.326630][ T1129] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list [ 140.374066][ T1129] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started [ 140.397559][ T1129] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 140.415126][ T1129] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 140.467724][ T7857] Lens B: ================= START STATUS ================= [ 140.475439][ T7857] Lens B: Focus, Absolute: 0 [ 140.484382][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.494628][ T7857] Lens B: ================== END STATUS ================== [ 140.784176][ T7869] loop3: detected capacity change from 0 to 512 [ 140.803550][ T7869] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 140.821051][ T7869] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #16: comm syz.3.939: invalid indirect mapped block 83886080 (level 1) [ 140.863952][ T7869] EXT4-fs (loop3): Remounting filesystem read-only [ 140.880073][ T7869] EXT4-fs (loop3): 1 orphan inode deleted [ 140.886869][ T7869] EXT4-fs (loop3): 1 truncate cleaned up [ 140.894952][ T7869] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.902998][ T7875] netlink: 88 bytes leftover after parsing attributes in process `syz.0.941'. [ 141.107365][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.501017][ T7896] loop3: detected capacity change from 0 to 512 [ 141.529659][ T7896] EXT4-fs: Ignoring removed i_version option [ 141.544516][ T7896] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 141.621585][ T7896] EXT4-fs (loop3): 1 truncate cleaned up [ 141.668855][ T7896] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 141.678047][ T7902] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.954'. [ 141.806582][ T7896] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.951: corrupted in-inode xattr: overlapping e_value [ 141.889715][ T7896] EXT4-fs warning (device loop3): ext4_xattr_set_entry:1781: inode #15: comm syz.3.951: unable to update i_inline_off [ 141.915620][ T7896] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 142.023153][ T7911] netlink: 12 bytes leftover after parsing attributes in process `syz.0.958'. [ 142.051932][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.069255][ T7911] netlink: 'syz.0.958': attribute type 1 has an invalid length. [ 142.081560][ T7911] netlink: 'syz.0.958': attribute type 2 has an invalid length. [ 142.138679][ T7911] netlink: 4 bytes leftover after parsing attributes in process `syz.0.958'. [ 142.589551][ T7932] loop2: detected capacity change from 0 to 256 [ 142.641125][ T7932] FAT-fs (loop2): Directory bread(block 64) failed [ 142.653843][ T7932] FAT-fs (loop2): Directory bread(block 65) failed [ 142.658114][ T7933] smb3: Unexpected value for 'rdma' [ 142.673984][ T7932] FAT-fs (loop2): Directory bread(block 66) failed [ 142.692452][ T7932] FAT-fs (loop2): Directory bread(block 67) failed [ 142.718069][ T7932] FAT-fs (loop2): Directory bread(block 68) failed [ 142.724782][ T7932] FAT-fs (loop2): Directory bread(block 69) failed [ 142.760084][ T7932] FAT-fs (loop2): Directory bread(block 70) failed [ 142.766726][ T7932] FAT-fs (loop2): Directory bread(block 71) failed [ 142.778632][ T7932] FAT-fs (loop2): Directory bread(block 72) failed [ 142.785330][ T7932] FAT-fs (loop2): Directory bread(block 73) failed [ 143.401070][ T7957] loop0: detected capacity change from 0 to 256 [ 143.480642][ T7957] FAT-fs (loop0): Directory bread(block 64) failed [ 143.497083][ T7957] FAT-fs (loop0): Directory bread(block 65) failed [ 143.524520][ T7957] FAT-fs (loop0): Directory bread(block 66) failed [ 143.540252][ T7957] FAT-fs (loop0): Directory bread(block 67) failed [ 143.561924][ T7957] FAT-fs (loop0): Directory bread(block 68) failed [ 143.583791][ T7957] FAT-fs (loop0): Directory bread(block 69) failed [ 143.603337][ T7957] FAT-fs (loop0): Directory bread(block 70) failed [ 143.622023][ T7957] FAT-fs (loop0): Directory bread(block 71) failed [ 143.652083][ T7957] FAT-fs (loop0): Directory bread(block 72) failed [ 143.674568][ T7957] FAT-fs (loop0): Directory bread(block 73) failed [ 144.418066][ T27] audit: type=1326 audit(1756461258.310:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7989 comm="syz.2.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512b18ebe9 code=0x7ffc0000 [ 144.479866][ T27] audit: type=1326 audit(1756461258.310:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7989 comm="syz.2.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512b18ebe9 code=0x7ffc0000 [ 144.534687][ T27] audit: type=1326 audit(1756461258.340:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7989 comm="syz.2.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f512b18ebe9 code=0x7ffc0000 [ 144.582066][ T5775] usb 4-1: new full-speed USB device number 8 using dummy_hcd [ 144.591837][ T27] audit: type=1326 audit(1756461258.340:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7989 comm="syz.2.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512b18ebe9 code=0x7ffc0000 [ 144.677401][ T7996] loop2: detected capacity change from 0 to 512 [ 144.749393][ T7996] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 144.801835][ T7996] ext4 filesystem being mounted at /284/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 144.802271][ T5775] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 10 [ 144.865407][ T5775] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 144.891990][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.898161][ T8005] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 144.913285][ T8005] IPv6: NLM_F_CREATE should be set when creating new route [ 144.926068][ T5775] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66 [ 144.976754][ T5775] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.976784][ T5775] usb 4-1: Product: syz [ 144.976798][ T5775] usb 4-1: Manufacturer: syz [ 144.976813][ T5775] usb 4-1: SerialNumber: syz [ 144.987539][ T5775] usb 4-1: config 0 descriptor?? [ 144.996504][ T5775] snd-usb-audio: probe of 4-1:0.0 failed with error -90 [ 145.276028][ T23] usb 4-1: USB disconnect, device number 8 [ 145.379370][ T8017] loop2: detected capacity change from 0 to 64 [ 145.470187][ T8020] loop0: detected capacity change from 0 to 256 [ 145.492060][ T8017] syz.2.1008: attempt to access beyond end of device [ 145.492060][ T8017] loop2: rw=0, sector=3072, nr_sectors = 2 limit=64 [ 145.928182][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 145.928200][ T27] audit: type=1326 audit(1756461259.820:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8029 comm="syz.1.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 145.929234][ T8030] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1015'. [ 145.944449][ T27] audit: type=1326 audit(1756461259.820:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8029 comm="syz.1.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 146.067985][ T27] audit: type=1326 audit(1756461259.830:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8029 comm="syz.1.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 146.167868][ T27] audit: type=1326 audit(1756461259.830:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8029 comm="syz.1.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 146.270875][ T27] audit: type=1326 audit(1756461259.830:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8029 comm="syz.1.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 147.401463][ T8049] loop2: detected capacity change from 0 to 32768 [ 147.525140][ T8049] jfs_mkdir: dtInsert returned -EIO [ 147.547886][ T8049] ERROR: (device loop2): jfs_mkdir: [ 147.547886][ T8049] [ 147.571644][ T8049] ERROR: (device loop2): remounting filesystem as read-only [ 147.709180][ T8088] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1042'. [ 147.761994][ T8089] loop1: detected capacity change from 0 to 2048 [ 147.811657][ T8087] loop3: detected capacity change from 0 to 4096 [ 147.857383][ T8089] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 147.901791][ T8087] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 148.209198][ T8087] ntfs3: loop3: failed to convert "c46c" to iso8859-2 [ 148.566419][ T27] audit: type=1326 audit(1756461262.460:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8105 comm="syz.3.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 148.637039][ T27] audit: type=1326 audit(1756461262.460:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8105 comm="syz.3.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 148.718158][ T27] audit: type=1326 audit(1756461262.480:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8105 comm="syz.3.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 148.731109][ T8111] SET target dimension over the limit! [ 148.788954][ T27] audit: type=1326 audit(1756461262.480:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8105 comm="syz.3.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 148.853187][ T8113] netlink: 'syz.3.1056': attribute type 1 has an invalid length. [ 148.861071][ T27] audit: type=1326 audit(1756461262.480:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8105 comm="syz.3.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 148.904604][ T8113] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1056'. [ 149.029702][ T8115] loop2: detected capacity change from 0 to 4096 [ 149.092213][ T8115] ntfs: volume version 3.1. [ 149.106616][ T8119] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1059'. [ 149.132134][ T8119] veth4: entered allmulticast mode [ 149.174534][ T8120] delete_channel: no stack [ 149.394834][ T8127] unsupported nla_type 39 [ 150.408600][ T8164] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 150.448789][ T8164] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 150.623366][ T8174] loop2: detected capacity change from 0 to 16 [ 150.690909][ T8174] erofs: (device loop2): mounted with root inode @ nid 36. [ 150.762907][ T8174] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 32811 of nid 36 [ 151.836721][ T8221] loop2: detected capacity change from 0 to 256 [ 151.870593][ T8221] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 151.875237][ T8219] loop0: detected capacity change from 0 to 1764 [ 152.606010][ T8246] geneve2: entered allmulticast mode [ 152.614161][ T8244] loop3: detected capacity change from 0 to 2048 [ 152.644741][ T8244] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 152.748051][ T8] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 152.966074][ T8] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 152.998098][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.010005][ T8] usb 2-1: config 0 descriptor?? [ 153.237107][ T8] [drm] vendor descriptor length:6 data:06 5f 01 00 00 00 00 00 00 00 00 [ 153.271471][ T8] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 153.448064][ T8] [drm:udl_init] *ERROR* Selecting channel failed [ 153.508371][ T8] [drm] Initialized udl 0.0.1 20120220 for 2-1:0.0 on minor 2 [ 153.526169][ T8] [drm] Initialized udl on minor 2 [ 153.560766][ T8] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 153.599555][ T8] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 153.617146][ T786] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 153.630344][ T8] usb 2-1: USB disconnect, device number 5 [ 153.637469][ T786] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 153.972902][ T8281] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1138'. [ 154.034356][ T8283] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1139'. [ 154.156138][ T8285] loop0: detected capacity change from 0 to 2048 [ 154.179828][ T8285] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 154.232050][ T8285] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 154.453119][ T8285] EXT4-fs error (device loop0): empty_inline_dir:1857: inode #12: block 9: comm syz.0.1140: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=13, rec_len=21, size=60 fake=0 [ 154.501674][ T8285] EXT4-fs (loop0): Remounting filesystem read-only [ 154.508617][ T8285] EXT4-fs warning (device loop0): empty_inline_dir:1864: bad inline directory (dir #12) - inode 13, rec_len 21, name_len 5inline size 60 [ 154.599750][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.604025][ T8277] loop3: detected capacity change from 0 to 32768 [ 155.212523][ T8315] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1154'. [ 155.230401][ T27] kauditd_printk_skb: 6 callbacks suppressed [ 155.230418][ T27] audit: type=1400 audit(1756461269.130:47): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=26260A3A0CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A2F2C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=8316 comm="syz.0.1155" [ 155.463753][ T8325] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1158'. [ 155.522511][ T8325] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1158'. [ 155.788687][ T8] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 156.037992][ T8] usb 2-1: Using ep0 maxpacket: 16 [ 156.053670][ T8] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 156.071367][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid maxpacket 262, setting to 64 [ 156.110408][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 156.146180][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 156.175992][ T8] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 156.206220][ T8] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 156.230730][ T8] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 156.235937][ T8347] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1170'. [ 156.247644][ T8] usb 2-1: Manufacturer: syz [ 156.276421][ T8] usb 2-1: config 0 descriptor?? [ 156.470806][ T8353] xt_CT: You must specify a L4 protocol and not use inversions on it [ 156.619755][ T23] usb 2-1: USB disconnect, device number 6 [ 157.141605][ T8376] loop3: detected capacity change from 0 to 736 [ 158.451128][ T8423] loop0: detected capacity change from 0 to 256 [ 158.579872][ T8423] FAT-fs (loop0): Directory bread(block 64) failed [ 158.603196][ T8423] FAT-fs (loop0): Directory bread(block 65) failed [ 158.630678][ T8423] FAT-fs (loop0): Directory bread(block 66) failed [ 158.647929][ T8423] FAT-fs (loop0): Directory bread(block 67) failed [ 158.662857][ T8423] FAT-fs (loop0): Directory bread(block 68) failed [ 158.670006][ T8429] xt_ecn: cannot match TCP bits for non-tcp packets [ 158.706940][ T8423] FAT-fs (loop0): Directory bread(block 69) failed [ 158.726951][ T8423] FAT-fs (loop0): Directory bread(block 70) failed [ 158.740459][ T8431] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1211'. [ 158.747121][ T8423] FAT-fs (loop0): Directory bread(block 71) failed [ 158.769877][ T8423] FAT-fs (loop0): Directory bread(block 72) failed [ 158.787941][ T8423] FAT-fs (loop0): Directory bread(block 73) failed [ 159.369685][ T8448] cgroup: none used incorrectly [ 159.758679][ T8459] loop0: detected capacity change from 0 to 64 [ 159.997668][ T8466] netlink: 'syz.3.1228': attribute type 13 has an invalid length. [ 160.075266][ T8466] gretap0: refused to change device tx_queue_len [ 160.093092][ T8466] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 160.120777][ T8469] loop0: detected capacity change from 0 to 2048 [ 160.195062][ T8472] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 160.323868][ T8469] NILFS error (device loop0): nilfs_check_page: bad entry in directory #2: rec_len is too small for name_len - offset=16, inode=2, rec_len=16, name_len=255 [ 160.396501][ T8469] Remounting filesystem read-only [ 160.572203][ T8457] loop1: detected capacity change from 0 to 32768 [ 160.613557][ T8457] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.1224 (8457) [ 160.725329][ T8480] loop0: detected capacity change from 0 to 16 [ 160.729318][ T8457] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 160.770576][ T8480] erofs: (device loop0): mounted with root inode @ nid 36. [ 160.788239][ T8457] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 160.808675][ T8457] BTRFS info (device loop1): using free space tree [ 160.849851][ T8480] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 160.953564][ T8480] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 161.160389][ T8457] BTRFS info (device loop1): enabling ssd optimizations [ 161.206108][ T8457] BTRFS info (device loop1): auto enabling async discard [ 161.276871][ T8500] loop2: detected capacity change from 0 to 1764 [ 161.387432][ T8500] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 161.390528][ T8506] loop0: detected capacity change from 0 to 64 [ 161.522123][ T8506] Bad inode number on dev loop0: 6 is out of range [ 161.661422][ T5783] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 161.825543][ T8512] geneve2: entered promiscuous mode [ 161.867567][ T8512] geneve2: entered allmulticast mode [ 162.087309][ T8520] loop0: detected capacity change from 0 to 128 [ 162.184378][ T8520] FAT-fs (loop0): Directory bread(block 162) failed [ 162.225960][ T8520] FAT-fs (loop0): Directory bread(block 163) failed [ 162.260142][ T8520] FAT-fs (loop0): Directory bread(block 164) failed [ 162.266922][ T8520] FAT-fs (loop0): Directory bread(block 165) failed [ 162.290531][ T8520] FAT-fs (loop0): Directory bread(block 166) failed [ 162.304541][ T8524] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1250'. [ 162.321135][ T8520] FAT-fs (loop0): Directory bread(block 167) failed [ 162.342189][ T8520] FAT-fs (loop0): Directory bread(block 168) failed [ 162.349490][ T8520] FAT-fs (loop0): Directory bread(block 169) failed [ 162.438107][ T8520] FAT-fs (loop0): Directory bread(block 162) failed [ 162.445346][ T8520] FAT-fs (loop0): Directory bread(block 163) failed [ 162.492384][ T8520] syz.0.1248: attempt to access beyond end of device [ 162.492384][ T8520] loop0: rw=3, sector=226, nr_sectors = 6 limit=128 [ 162.526046][ T8520] syz.0.1248: attempt to access beyond end of device [ 162.526046][ T8520] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 163.156782][ T8546] loop2: detected capacity change from 0 to 4096 [ 163.227947][ T8557] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 163.320942][ T8546] NILFS (loop2): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 163.359366][ T8546] NILFS error (device loop2): nilfs_bmap_truncate: broken bmap (inode number=12) [ 163.407991][ T8546] Remounting filesystem read-only [ 163.435918][ T8546] NILFS (loop2): error -5 truncating bmap (ino=12) [ 163.573935][ T5786] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 163.608256][ T5786] NILFS (loop2): discard dirty page: offset=0, ino=2 [ 163.615021][ T5786] NILFS (loop2): discard dirty block: blocknr=14, size=4096 [ 163.633083][ T5786] NILFS (loop2): discard dirty page: offset=0, ino=6 [ 163.640390][ T5786] NILFS (loop2): discard dirty block: blocknr=23, size=4096 [ 163.647976][ T5786] NILFS (loop2): discard dirty page: offset=4096, ino=6 [ 163.667881][ T5786] NILFS (loop2): discard dirty block: blocknr=24, size=4096 [ 163.675261][ T5786] NILFS (loop2): discard dirty page: offset=8192, ino=6 [ 163.706347][ T5786] NILFS (loop2): discard dirty block: blocknr=25, size=4096 [ 163.718345][ T8569] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1272'. [ 164.113749][ T8583] loop0: detected capacity change from 0 to 128 [ 164.159977][ T8583] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 164.211052][ T8583] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: writeback. [ 164.323660][ T8583] EXT4-fs error (device loop0): __ext4_find_entry:1696: inode #2: comm syz.0.1278: checksumming directory block 0 [ 164.378241][ T8590] loop1: detected capacity change from 0 to 512 [ 164.402010][ T27] audit: type=1326 audit(1756461278.300:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8591 comm="syz.3.1282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 164.408983][ T8592] syz.3.1282 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 164.436881][ T27] audit: type=1326 audit(1756461278.300:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8591 comm="syz.3.1282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 164.461704][ T5791] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 164.578054][ T27] audit: type=1326 audit(1756461278.300:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8591 comm="syz.3.1282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 164.662889][ T27] audit: type=1326 audit(1756461278.380:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8591 comm="syz.3.1282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 164.738607][ T27] audit: type=1326 audit(1756461278.380:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8591 comm="syz.3.1282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 165.192778][ T8614] loop1: detected capacity change from 0 to 256 [ 166.647824][ T27] audit: type=1326 audit(1756461280.540:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8668 comm="syz.1.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 166.657911][ T8666] loop3: detected capacity change from 0 to 4096 [ 166.698859][ T8666] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 166.716165][ T27] audit: type=1326 audit(1756461280.540:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8668 comm="syz.1.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 166.719482][ C0] vkms_vblank_simulate: vblank timer overrun [ 166.762358][ T8666] ntfs: (device loop3): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1. [ 166.825870][ T8666] ntfs: (device loop3): ntfs_mapping_pairs_decompress(): Corrupt attribute. deltaxcn = 0x1, max_cluster = 0x0 [ 166.884245][ T8666] ntfs: volume version 3.1. [ 167.625515][ T8699] loop3: detected capacity change from 0 to 1024 [ 167.641879][ T8699] EXT4-fs: Ignoring removed bh option [ 167.704344][ T8706] loop0: detected capacity change from 0 to 64 [ 167.711822][ T8699] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 168.043449][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 168.053164][ T8714] devtmpfs: Cannot enable quota on remount [ 168.195442][ T8720] netlink: 200 bytes leftover after parsing attributes in process `syz.3.1342'. [ 168.558092][ T8733] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1349'. [ 168.600138][ T8733] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1349'. [ 168.616887][ T8733] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1349'. [ 169.442726][ T8758] loop2: detected capacity change from 0 to 4096 [ 169.671214][ T8774] loop1: detected capacity change from 0 to 256 [ 169.775400][ T8774] FAT-fs (loop1): Directory bread(block 64) failed [ 169.812287][ T8774] FAT-fs (loop1): Directory bread(block 65) failed [ 169.874114][ T8774] FAT-fs (loop1): Directory bread(block 66) failed [ 169.911523][ T8774] FAT-fs (loop1): Directory bread(block 67) failed [ 169.942137][ T8774] FAT-fs (loop1): Directory bread(block 68) failed [ 169.970357][ T8779] loop3: detected capacity change from 0 to 16 [ 169.973199][ T8774] FAT-fs (loop1): Directory bread(block 69) failed [ 170.004497][ T8779] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 170.018063][ T8774] FAT-fs (loop1): Directory bread(block 70) failed [ 170.044123][ T8774] FAT-fs (loop1): Directory bread(block 71) failed [ 170.044393][ T8779] cramfs: empty filesystem [ 170.079093][ T8774] FAT-fs (loop1): Directory bread(block 72) failed [ 170.085707][ T8774] FAT-fs (loop1): Directory bread(block 73) failed [ 170.571604][ T8789] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1374'. [ 170.588825][ T8789] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1374'. [ 170.616579][ T8789] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1374'. [ 170.633792][ T8787] loop3: detected capacity change from 0 to 4096 [ 170.672768][ T8787] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 170.826759][ T8787] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 170.989106][ T8787] ntfs3: loop3: failed to convert "c46c" to euc-jp [ 171.453223][ T8812] loop2: detected capacity change from 0 to 256 [ 171.514205][ T8812] exfat: Deprecated parameter 'namecase' [ 171.563327][ T8812] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 171.598072][ T8817] xt_CT: You must specify a L4 protocol and not use inversions on it [ 171.902738][ T8828] netlink: 'syz.0.1388': attribute type 8 has an invalid length. [ 172.145833][ T8838] loop1: detected capacity change from 0 to 16 [ 172.146737][ T8839] batadv_slave_0: left promiscuous mode [ 172.194249][ T8839] batadv_slave_0: left allmulticast mode [ 172.195630][ T8838] erofs: (device loop1): mounted with root inode @ nid 36. [ 172.216090][ T8839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 172.358051][ T5793] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 172.514412][ T8850] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1396'. [ 172.568346][ T5793] usb 4-1: Using ep0 maxpacket: 32 [ 172.576162][ T5793] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 172.625348][ T5793] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 172.666814][ T5793] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 172.685726][ T5793] usb 4-1: Product: syz [ 172.696421][ T5793] usb 4-1: Manufacturer: syz [ 172.716124][ T5793] usb 4-1: SerialNumber: syz [ 172.750398][ T5793] usb 4-1: config 0 descriptor?? [ 172.777130][ T5793] quatech2 4-1:0.0: Quatech 2nd gen USB to Serial Driver converter detected [ 173.022620][ T5793] usb 4-1: qt2_setup_urbs - submit read urb failed -8 [ 173.037539][ T5793] quatech2: probe of 4-1:0.0 failed with error -8 [ 173.085362][ T8870] loop0: detected capacity change from 0 to 1024 [ 173.289657][ T787] usb 4-1: USB disconnect, device number 9 [ 173.433806][ T8882] ufs: You didn't specify the type of your ufs filesystem [ 173.433806][ T8882] [ 173.433806][ T8882] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 173.433806][ T8882] [ 173.433806][ T8882] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 173.486281][ T8882] ufs: ufstype=old is supported read-only [ 173.494444][ T8882] syz.0.1407: attempt to access beyond end of device [ 173.494444][ T8882] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0 [ 173.628083][ T5831] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 173.843122][ T5831] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 173.894941][ T5831] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.949376][ T5831] usb 3-1: config 0 descriptor?? [ 174.185615][ T5831] [drm] vendor descriptor length:6 data:06 5f 01 00 00 00 00 00 00 00 00 [ 174.218125][ T5831] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 174.287653][ T8907] loop1: detected capacity change from 0 to 2048 [ 174.345904][ T8913] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 174.407987][ T5831] [drm:udl_init] *ERROR* Selecting channel failed [ 174.422064][ T8907] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 174.455832][ T5831] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2 [ 174.497916][ T8907] Remounting filesystem read-only [ 174.508368][ T5831] [drm] Initialized udl on minor 2 [ 174.516579][ T5831] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 174.532196][ T5831] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 174.561772][ T787] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 174.573938][ T5831] usb 3-1: USB disconnect, device number 5 [ 174.591553][ T787] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 174.690255][ T5783] NILFS (loop1): discard dirty page: offset=4096, ino=6 [ 174.698038][ T5783] NILFS (loop1): discard dirty block: blocknr=39, size=1024 [ 174.705383][ T5783] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 174.742927][ T5783] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 174.763700][ T5783] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 174.788472][ T5783] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 174.830887][ T5783] NILFS (loop1): discard dirty page: offset=0, ino=3 [ 174.837680][ T5783] NILFS (loop1): discard dirty block: blocknr=42, size=1024 [ 174.857556][ T5783] NILFS (loop1): discard dirty block: blocknr=43, size=1024 [ 174.876322][ T5783] NILFS (loop1): discard dirty block: blocknr=44, size=1024 [ 174.894984][ T5783] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 175.615596][ T8956] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1430'. [ 175.686779][ T8956] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1430'. [ 176.074338][ T8977] nft_compat: unsupported protocol 1 [ 176.423855][ T8991] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 176.436897][ T8991] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 176.513664][ T8988] loop2: detected capacity change from 0 to 4096 [ 176.540613][ T8988] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 177.153546][ T8982] loop3: detected capacity change from 0 to 32768 [ 177.165595][ T8982] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.1441 (8982) [ 177.227351][ T8982] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 177.248013][ T8982] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 177.270233][ T8982] BTRFS info (device loop3): using free space tree [ 177.534710][ T8982] BTRFS info (device loop3): enabling ssd optimizations [ 177.552512][ T8982] BTRFS info (device loop3): auto enabling async discard [ 177.826807][ T5790] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 178.470197][ T9063] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1462'. [ 178.895945][ T9076] gtp0: entered promiscuous mode [ 179.077280][ T9082] loop0: detected capacity change from 0 to 1024 [ 179.466255][ T9098] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1481'. [ 179.675297][ T9104] loop1: detected capacity change from 0 to 128 [ 179.856576][ T9108] SET target dimension over the limit! [ 180.081396][ T9110] 8021q: adding VLAN 0 to HW filter on device bond2 [ 180.108901][ T9088] loop2: detected capacity change from 0 to 32768 [ 180.202458][ T9088] ERROR: (device loop2): dtSearch: DT_GETPAGE: dtree page corrupt [ 180.202458][ T9088] [ 180.250018][ T9088] ERROR: (device loop2): remounting filesystem as read-only [ 180.270564][ T9088] jfs_lookup: dtSearch returned -5 [ 180.683713][ T9106] loop3: detected capacity change from 0 to 32768 [ 180.807451][ T9106] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 181.040469][ T9106] XFS (loop3): Ending clean mount [ 181.202683][ T5790] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 181.664138][ T9153] loop3: detected capacity change from 0 to 2048 [ 181.706923][ T9153] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 181.986906][ T27] kauditd_printk_skb: 20 callbacks suppressed [ 181.986923][ T27] audit: type=1326 audit(1756461295.880:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9162 comm="syz.2.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512b18ebe9 code=0x7ffc0000 [ 182.064007][ T27] audit: type=1326 audit(1756461295.920:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9162 comm="syz.2.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512b18ebe9 code=0x7ffc0000 [ 182.137942][ T9169] dlm: Unknown command passed to DLM device : 11 [ 182.137942][ T9169] [ 182.141969][ T27] audit: type=1326 audit(1756461295.920:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9162 comm="syz.2.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f512b18ebe9 code=0x7ffc0000 [ 182.179792][ T27] audit: type=1326 audit(1756461295.920:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9162 comm="syz.2.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512b18ebe9 code=0x7ffc0000 [ 182.259016][ T27] audit: type=1326 audit(1756461295.930:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9166 comm="syz.1.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 182.305929][ T27] audit: type=1326 audit(1756461295.930:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9166 comm="syz.1.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 182.389522][ T27] audit: type=1326 audit(1756461295.940:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9166 comm="syz.1.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 182.437989][ T27] audit: type=1326 audit(1756461295.940:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9166 comm="syz.1.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 182.511346][ T27] audit: type=1326 audit(1756461295.940:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9166 comm="syz.1.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 182.592693][ T9184] loop1: detected capacity change from 0 to 512 [ 182.810750][ T9184] EXT4-fs (loop1): Test dummy encryption mode enabled [ 182.829449][ T9184] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 182.877027][ T9184] EXT4-fs (loop1): Errors on filesystem, clearing orphan list. [ 182.906873][ T9184] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 183.025053][ T9184] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 183.139047][ T5783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.301982][ T9213] ieee802154 phy0 wpan0: encryption failed: -22 [ 183.520585][ T9221] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1534'. [ 183.530843][ T9220] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1535'. [ 183.624706][ T9223] loop2: detected capacity change from 0 to 256 [ 183.653546][ T9223] FAT-fs (loop2): Directory bread(block 64) failed [ 183.667248][ T9223] FAT-fs (loop2): Directory bread(block 65) failed [ 183.675413][ T9223] FAT-fs (loop2): Directory bread(block 66) failed [ 183.695503][ T9223] FAT-fs (loop2): Directory bread(block 67) failed [ 183.705262][ T9223] FAT-fs (loop2): Directory bread(block 68) failed [ 183.730218][ T9223] FAT-fs (loop2): Directory bread(block 69) failed [ 183.737021][ T9223] FAT-fs (loop2): Directory bread(block 70) failed [ 183.757172][ T9223] FAT-fs (loop2): Directory bread(block 71) failed [ 183.770532][ T9223] FAT-fs (loop2): Directory bread(block 72) failed [ 183.787618][ T9223] FAT-fs (loop2): Directory bread(block 73) failed [ 184.389427][ T9225] loop1: detected capacity change from 0 to 32768 [ 184.430732][ T9225] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.1536 (9225) [ 184.461701][ T9217] loop3: detected capacity change from 0 to 32768 [ 184.477038][ T9225] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 184.508822][ T9225] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 184.535816][ T9225] BTRFS info (device loop1): using free space tree [ 184.544538][ T9217] jfs_strtoUCS: char2uni returned -22. [ 184.552133][ T9217] charset = cp874, char = 0xfc [ 184.557707][ T9217] jfs_strtoUCS: char2uni returned -22. [ 184.563763][ T9217] charset = cp874, char = 0xfc [ 184.613852][ T9244] netlink: 'syz.0.1543': attribute type 6 has an invalid length. [ 184.623784][ T9244] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1543'. [ 184.687156][ T9225] BTRFS info (device loop1): enabling ssd optimizations [ 184.722048][ T9225] BTRFS info (device loop1): auto enabling async discard [ 185.488831][ T5783] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 186.078400][ T8] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 186.270041][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 186.277609][ T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 186.298091][ T8] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 186.338362][ T8] usb 3-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 186.387031][ T8] usb 3-1: config 0 interface 0 has no altsetting 0 [ 186.412229][ T8] usb 3-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 186.431649][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.467875][ T8] usb 3-1: Product: syz [ 186.487858][ T8] usb 3-1: Manufacturer: syz [ 186.507830][ T8] usb 3-1: SerialNumber: syz [ 186.535615][ T8] usb 3-1: config 0 descriptor?? [ 187.083125][ T5793] usb 3-1: USB disconnect, device number 6 [ 187.522794][ T9347] netlink: 'syz.0.1581': attribute type 1 has an invalid length. [ 187.522822][ T9347] netlink: 216 bytes leftover after parsing attributes in process `syz.0.1581'. [ 188.243359][ T9387] netlink: 'syz.3.1593': attribute type 32 has an invalid length. [ 188.694389][ T9416] loop1: detected capacity change from 0 to 512 [ 188.857494][ T9424] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1607'. [ 188.878958][ T9424] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1607'. [ 188.915476][ T9424] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1607'. [ 189.388540][ T9449] binder: 9448:9449 ioctl c018620c 2000000001c0 returned -22 [ 190.109914][ T9485] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1628'. [ 190.145896][ T9488] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 190.951146][ T9523] loop1: detected capacity change from 0 to 256 [ 190.974467][ T9523] exfat: Deprecated parameter 'utf8' [ 190.998033][ T9523] exfat: Deprecated parameter 'utf8' [ 191.032751][ T9523] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d) [ 191.195663][ T9533] x_tables: unsorted entry at hook 2 [ 191.211909][ T9535] netlink: 388 bytes leftover after parsing attributes in process `syz.0.1646'. [ 191.601239][ T9559] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1654'. [ 191.785508][ T9570] loop2: detected capacity change from 0 to 512 [ 191.883945][ T9570] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 191.968464][ T9570] ext4 filesystem being mounted at /459/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 192.098769][ T9570] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz.2.1657: corrupted xattr block 33: overlapping e_value [ 192.284680][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.063563][ T9644] binder: 9642:9644 ioctl c00c6211 ffffffffffffffff returned -14 [ 193.081122][ T9646] loop0: detected capacity change from 0 to 64 [ 194.052897][ T9696] loop3: detected capacity change from 0 to 2048 [ 194.117462][ T9707] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 194.159710][ T1280] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.166092][ T1280] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.956599][ T9755] tc_dump_action: action bad kind [ 195.164721][ T9770] kernel read not supported for file /!selinuxwk1m9ɞ*T#jYmVvm(p-QZ#{ (pid: 9770 comm: syz.2.1724) [ 195.227877][ T8] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 195.440343][ T8] usb 4-1: config 0 has an invalid interface number: 199 but max is 1 [ 195.472692][ T8] usb 4-1: config 0 has no interface number 1 [ 195.498023][ T8] usb 4-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 195.510628][ T8] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 195.524068][ T8] usb 4-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 195.537036][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 195.559266][ T8] usb 4-1: SerialNumber: syz [ 195.574628][ T8] usb 4-1: config 0 descriptor?? [ 195.574822][ T9788] loop0: detected capacity change from 0 to 512 [ 195.617459][ T8] usb 4-1: Found UVC 0.00 device (0002:0000) [ 195.636247][ T9788] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 195.639432][ T8] usb 4-1: No valid video chain found. [ 195.744051][ T9788] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 195.822949][ T9788] ext4 filesystem being mounted at /431/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 195.903939][ T787] usb 4-1: USB disconnect, device number 10 [ 195.935173][ T9788] Quota error (device loop0): do_check_range: Getting dqdh_prev_free 1792 out of range 0-6 [ 195.967966][ T9788] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 196.007945][ T9788] EXT4-fs error (device loop0): ext4_acquire_dquot:6940: comm syz.0.1730: Failed to acquire dquot type 1 [ 196.126854][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 196.285892][ T9836] loop1: detected capacity change from 0 to 8 [ 196.342949][ T9836] SQUASHFS error: Failed to read block 0x1ec: -5 [ 196.354589][ T9836] SQUASHFS error: Unable to read metadata cache entry [1ea] [ 197.070185][ T9874] netlink: 'syz.2.1752': attribute type 3 has an invalid length. [ 197.464205][ T9892] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1759'. [ 197.473561][ T9892] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1759'. [ 197.533331][ T9849] loop1: detected capacity change from 0 to 32768 [ 197.610436][ T9849] find_entry called with index = 0 [ 197.629892][ T9849] find_entry called with index = 0 [ 197.857350][ T27] audit: type=1326 audit(1756461311.750:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9905 comm="syz.3.1764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 197.963024][ T27] audit: type=1326 audit(1756461311.750:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9905 comm="syz.3.1764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 198.035577][ T27] audit: type=1326 audit(1756461311.800:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9905 comm="syz.3.1764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 198.096749][ T9921] mmap: syz.3.1768 (9921) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 198.117828][ T27] audit: type=1326 audit(1756461311.800:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9905 comm="syz.3.1764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 198.187921][ T27] audit: type=1326 audit(1756461311.800:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9905 comm="syz.3.1764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 198.404889][ T9935] loop0: detected capacity change from 0 to 512 [ 198.416422][ T9935] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 198.465659][ T9935] EXT4-fs (loop0): 1 truncate cleaned up [ 198.529419][ T9935] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 198.595006][ T9942] vlan0: entered promiscuous mode [ 198.699781][ T9935] EXT4-fs error (device loop0): ext4_get_verity_descriptor_location:298: inode #15: comm syz.0.1772: verity file has no extents [ 198.724142][ T9935] fs-verity (loop0, inode 15): Error -117 getting verity descriptor size [ 198.806711][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.659544][T10043] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1806'. [ 201.327085][T10079] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1818'. [ 201.343701][T10082] vlan0: entered promiscuous mode [ 201.722587][T10101] netlink: 'syz.0.1823': attribute type 3 has an invalid length. [ 202.001508][T10113] netlink: 'syz.0.1832': attribute type 1 has an invalid length. [ 202.022715][T10113] netlink: 154788 bytes leftover after parsing attributes in process `syz.0.1832'. [ 202.975783][T10172] loop3: detected capacity change from 0 to 128 [ 203.272923][T10190] netlink: 'syz.1.1852': attribute type 3 has an invalid length. [ 203.626928][T10207] 8021q: adding VLAN 0 to HW filter on device bond1 [ 203.958287][T10261] loop2: detected capacity change from 0 to 256 [ 204.062942][T10261] FAT-fs (loop2): Directory bread(block 64) failed [ 204.088187][ T27] audit: type=1326 audit(1756461317.970:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10268 comm="syz.1.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 204.115845][T10261] FAT-fs (loop2): Directory bread(block 65) failed [ 204.161613][ T27] audit: type=1326 audit(1756461317.970:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10268 comm="syz.1.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 204.184737][T10261] FAT-fs (loop2): Directory bread(block 66) failed [ 204.228373][T10261] FAT-fs (loop2): Directory bread(block 67) failed [ 204.235933][ T27] audit: type=1326 audit(1756461318.030:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10268 comm="syz.1.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 204.238053][T10261] FAT-fs (loop2): Directory bread(block 68) failed [ 204.258259][ C1] vkms_vblank_simulate: vblank timer overrun [ 204.289591][T10261] FAT-fs (loop2): Directory bread(block 69) failed [ 204.296675][T10261] FAT-fs (loop2): Directory bread(block 70) failed [ 204.311993][T10261] FAT-fs (loop2): Directory bread(block 71) failed [ 204.336445][ T27] audit: type=1326 audit(1756461318.030:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10268 comm="syz.1.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 204.366900][T10261] FAT-fs (loop2): Directory bread(block 72) failed [ 204.385228][T10261] FAT-fs (loop2): Directory bread(block 73) failed [ 204.437790][ T27] audit: type=1326 audit(1756461318.030:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10268 comm="syz.1.1868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 204.517707][ T27] audit: type=1326 audit(1756461318.100:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10275 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b058ebe9 code=0x7ffc0000 [ 204.567904][ T27] audit: type=1326 audit(1756461318.100:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10275 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b058ebe9 code=0x7ffc0000 [ 204.591557][ T27] audit: type=1326 audit(1756461318.110:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10275 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fb2b058ebe9 code=0x7ffc0000 [ 204.615164][ T27] audit: type=1326 audit(1756461318.110:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10275 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b058ebe9 code=0x7ffc0000 [ 204.694434][T10289] 8021q: adding VLAN 0 to HW filter on device bond1 [ 205.005019][T10340] netlink: 'syz.3.1879': attribute type 1 has an invalid length. [ 205.034921][T10340] netlink: 154788 bytes leftover after parsing attributes in process `syz.3.1879'. [ 205.248654][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.278209][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.291822][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.300934][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.314062][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.324987][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.355709][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.365238][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.379768][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.394016][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.410132][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.428156][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.436695][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.457971][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.486311][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.517915][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.527050][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.535559][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.552758][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.561293][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.594563][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.618240][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.632516][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.661224][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.703938][T10377] 8021q: adding VLAN 0 to HW filter on device bond1 [ 205.715884][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.737150][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.796339][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.837850][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.874200][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.889882][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.908450][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.916504][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.936821][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.948337][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.957290][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 205.996031][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 206.017629][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 206.039068][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 206.046895][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 206.083645][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 206.098092][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 206.105910][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 206.146829][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 206.183593][ T5793] hid-generic 0000:007F:FFFFFFFE.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 206.362295][T10434] fido_id[10434]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 206.411408][T10444] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1899'. [ 206.622083][T10455] program syz.1.1903 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 206.844249][T10468] loop1: detected capacity change from 0 to 256 [ 206.888787][T10468] exfat: Deprecated parameter 'utf8' [ 206.916650][T10468] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 206.937241][T10477] loop0: detected capacity change from 0 to 256 [ 207.015293][T10477] FAT-fs (loop0): Directory bread(block 64) failed [ 207.045290][T10477] FAT-fs (loop0): Directory bread(block 65) failed [ 207.073342][T10477] FAT-fs (loop0): Directory bread(block 66) failed [ 207.113904][T10477] FAT-fs (loop0): Directory bread(block 67) failed [ 207.123035][T10477] FAT-fs (loop0): Directory bread(block 68) failed [ 207.141730][T10477] FAT-fs (loop0): Directory bread(block 69) failed [ 207.156752][T10477] FAT-fs (loop0): Directory bread(block 70) failed [ 207.183976][T10477] FAT-fs (loop0): Directory bread(block 71) failed [ 207.204200][T10477] FAT-fs (loop0): Directory bread(block 72) failed [ 207.223796][T10477] FAT-fs (loop0): Directory bread(block 73) failed [ 208.637786][T10559] loop3: detected capacity change from 0 to 512 [ 208.664578][T10559] EXT4-fs (loop3): Test dummy encryption mode enabled [ 208.706377][T10559] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 208.736290][T10567] loop0: detected capacity change from 0 to 512 [ 208.740361][T10559] EXT4-fs (loop3): Errors on filesystem, clearing orphan list. [ 208.772742][T10524] loop2: detected capacity change from 0 to 32768 [ 208.795624][T10559] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 208.840610][T10524] jfs_strtoUCS: char2uni returned -22. [ 208.846143][T10524] charset = cp874, char = 0xfc [ 208.851448][T10524] jfs_strtoUCS: char2uni returned -22. [ 208.857434][T10524] charset = cp874, char = 0xfc [ 208.891780][T10567] Quota error (device loop0): dq_insert_tree: Quota tree root isn't allocated! [ 208.942920][T10567] EXT4-fs error (device loop0): ext4_acquire_dquot:6940: comm syz.0.1937: Failed to acquire dquot type 0 [ 209.009694][T10567] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.1937: bg 0: block 64: padding at end of block bitmap is not set [ 209.071353][T10567] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 209.081667][T10559] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 209.106349][T10567] EXT4-fs (loop0): 1 truncate cleaned up [ 209.124976][T10567] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 209.162040][T10567] ext4 filesystem being mounted at /479/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 209.244145][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.492272][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.653071][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 209.653089][ T27] audit: type=1326 audit(1756461323.540:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10603 comm="syz.3.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 209.738784][ T27] audit: type=1326 audit(1756461323.540:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10603 comm="syz.3.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 209.807034][ T27] audit: type=1326 audit(1756461323.560:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10603 comm="syz.3.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 209.874059][T10613] AppArmor: change_hat: Invalid input '0' [ 209.878758][ T27] audit: type=1326 audit(1756461323.560:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10603 comm="syz.3.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 209.948057][ T27] audit: type=1326 audit(1756461323.560:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10603 comm="syz.3.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8bb58ebe9 code=0x7ffc0000 [ 210.171077][T10630] loop0: detected capacity change from 0 to 512 [ 210.189223][T10630] EXT4-fs (loop0): Test dummy encryption mode enabled [ 210.211191][T10630] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 210.254586][T10630] EXT4-fs (loop0): Errors on filesystem, clearing orphan list. [ 210.293242][T10630] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 210.308153][T10593] loop1: detected capacity change from 0 to 32768 [ 210.380612][T10630] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 210.389419][T10593] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 210.407896][ T23] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 210.495089][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.618491][ T23] usb 4-1: Using ep0 maxpacket: 16 [ 210.638289][ T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 33437, setting to 1024 [ 210.646249][T10593] XFS (loop1): Ending clean mount [ 210.667888][ T23] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 1024 [ 210.693399][ T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 2269, setting to 1024 [ 210.727939][ T23] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 210.798611][ T23] usb 4-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87 [ 210.812916][ T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 210.813707][ T5783] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 210.847852][ T23] usb 4-1: Product: syz [ 210.852085][ T23] usb 4-1: Manufacturer: syz [ 210.856714][ T23] usb 4-1: SerialNumber: syz [ 210.920798][ T23] usb 4-1: config 0 descriptor?? [ 210.926942][T10622] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 210.959413][T10622] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 210.995286][ C1] port100 4-1:0.0: NFC: Urb failure (status -71) [ 211.008696][ C1] port100 4-1:0.0: NFC: Urb failure (status -71) [ 211.033270][ T23] port100 4-1:0.0: NFC: Could not get supported command types [ 211.340207][ T787] usb 4-1: USB disconnect, device number 11 [ 211.398807][T10681] sock: sock_timestamping_bind_phc: sock not bind to device [ 211.425615][T10690] loop1: detected capacity change from 0 to 1024 [ 211.453754][T10690] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 211.533628][ T5783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.588911][T10699] netlink: 'syz.0.1967': attribute type 10 has an invalid length. [ 211.641795][T10699] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 211.874698][T10712] loop0: detected capacity change from 0 to 2048 [ 211.943012][T10719] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 211.972468][T10721] xt_addrtype: ipv6 does not support BROADCAST matching [ 212.485091][T10746] kernel read not supported for file /!selinuxwk1m9ɞ*T#jYmVvm(p-QZ#{ (pid: 10746 comm: syz.1.1988) [ 212.682034][T10757] loop3: detected capacity change from 0 to 8 [ 212.752215][T10757] SQUASHFS error: Failed to read block 0x1ec: -5 [ 212.779181][T10757] SQUASHFS error: Unable to read metadata cache entry [1ea] [ 213.232270][T10787] loop3: detected capacity change from 0 to 1024 [ 213.800216][T10821] netlink: 'syz.2.2003': attribute type 32 has an invalid length. [ 214.007268][T10832] netlink: 'syz.1.2006': attribute type 6 has an invalid length. [ 214.045336][T10832] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2006'. [ 214.936314][T10877] netlink: 'syz.3.2021': attribute type 6 has an invalid length. [ 214.967029][T10877] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2021'. [ 215.093963][T10853] loop2: detected capacity change from 0 to 32768 [ 215.157033][T10853] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 215.254881][T10853] XFS (loop2): Ending clean mount [ 215.298675][T10853] XFS (loop2): Quotacheck needed: Please wait. [ 215.457832][T10853] XFS (loop2): Quotacheck: Done. [ 215.731346][ T5786] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 216.037239][T10921] netlink: 'syz.1.2033': attribute type 21 has an invalid length. [ 216.737605][T10911] loop3: detected capacity change from 0 to 32768 [ 216.756501][T10911] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.2028 (10911) [ 216.823350][T10911] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 216.861029][T10911] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 216.897305][T10911] BTRFS info (device loop3): using free space tree [ 216.926832][T10957] loop2: detected capacity change from 0 to 2048 [ 216.966514][T10957] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 217.077906][T10911] BTRFS info (device loop3): enabling ssd optimizations [ 217.131560][T10911] BTRFS info (device loop3): auto enabling async discard [ 217.529023][ T5790] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 217.720150][T11003] loop0: detected capacity change from 0 to 2364 [ 218.891788][T11069] loop1: detected capacity change from 0 to 2048 [ 218.957934][T11080] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 219.007566][T11069] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 219.083661][T11069] Remounting filesystem read-only [ 219.788720][T11125] loop2: detected capacity change from 0 to 64 [ 219.825230][ T27] audit: type=1326 audit(1756461333.720:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11127 comm="syz.1.2088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 219.914969][ T27] audit: type=1326 audit(1756461333.770:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11127 comm="syz.1.2088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 220.007843][ T27] audit: type=1326 audit(1756461333.770:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11127 comm="syz.1.2088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 220.099412][ T27] audit: type=1326 audit(1756461333.770:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11127 comm="syz.1.2088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 220.187683][T11147] netlink: 'syz.2.2094': attribute type 1 has an invalid length. [ 220.251575][T11150] syz.1.2095: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 220.308146][T11150] CPU: 1 PID: 11150 Comm: syz.1.2095 Not tainted syzkaller #0 [ 220.315688][T11150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 220.325974][T11150] Call Trace: [ 220.329375][T11150] [ 220.332340][T11150] dump_stack_lvl+0x16c/0x230 [ 220.337067][T11150] ? show_regs_print_info+0x20/0x20 [ 220.342307][T11150] ? load_image+0x3b0/0x3b0 [ 220.346857][T11150] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 220.353317][T11150] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 220.359963][T11150] warn_alloc+0x210/0x300 [ 220.364507][T11150] ? stack_trace_save+0x9c/0xe0 [ 220.369407][T11150] ? zone_watermark_ok_safe+0x230/0x230 [ 220.374979][T11150] ? kasan_set_track+0x5f/0x70 [ 220.379758][T11150] ? kasan_set_track+0x4e/0x70 [ 220.384531][T11150] ? __kasan_kmalloc+0x8f/0xa0 [ 220.389304][T11150] ? xsk_init_queue+0xb0/0x110 [ 220.394163][T11150] ? xsk_setsockopt+0x43c/0x6f0 [ 220.399023][T11150] ? do_sock_setsockopt+0x175/0x1a0 [ 220.404241][T11150] ? __x64_sys_setsockopt+0x184/0x200 [ 220.409636][T11150] __vmalloc_node_range+0x126/0x1320 [ 220.414966][T11150] ? free_vm_area+0x50/0x50 [ 220.419499][T11150] vmalloc_user+0x74/0x80 [ 220.423843][T11150] ? xskq_create+0xbf/0x170 [ 220.428350][T11150] xskq_create+0xbf/0x170 [ 220.432698][T11150] xsk_init_queue+0xb0/0x110 [ 220.437297][T11150] xsk_setsockopt+0x43c/0x6f0 [ 220.441986][T11150] ? xsk_poll+0x670/0x670 [ 220.446326][T11150] ? __fget_files+0x28/0x4d0 [ 220.450932][T11150] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 220.456487][T11150] ? security_socket_setsockopt+0x7e/0xa0 [ 220.462208][T11150] ? xsk_poll+0x670/0x670 [ 220.466551][T11150] do_sock_setsockopt+0x175/0x1a0 [ 220.471588][T11150] ? __fdget+0x180/0x210 [ 220.475845][T11150] __x64_sys_setsockopt+0x184/0x200 [ 220.481060][T11150] do_syscall_64+0x55/0xb0 [ 220.485529][T11150] ? clear_bhb_loop+0x40/0x90 [ 220.490216][T11150] ? clear_bhb_loop+0x40/0x90 [ 220.494921][T11150] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 220.500919][T11150] RIP: 0033:0x7f391258ebe9 [ 220.505433][T11150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 220.525269][T11150] RSP: 002b:00007f39134c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 220.533700][T11150] RAX: ffffffffffffffda RBX: 00007f39127b5fa0 RCX: 00007f391258ebe9 [ 220.541772][T11150] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 220.549749][T11150] RBP: 00007f3912611e19 R08: 0000000000000004 R09: 0000000000000000 [ 220.557729][T11150] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 220.565709][T11150] R13: 00007f39127b6038 R14: 00007f39127b5fa0 R15: 00007ffc4c0486a8 [ 220.573712][T11150] [ 220.607889][T11150] Mem-Info: [ 220.611075][T11150] active_anon:5763 inactive_anon:0 isolated_anon:0 [ 220.611075][T11150] active_file:1004 inactive_file:40313 isolated_file:0 [ 220.611075][T11150] unevictable:768 dirty:272 writeback:0 [ 220.611075][T11150] slab_reclaimable:10314 slab_unreclaimable:92697 [ 220.611075][T11150] mapped:24749 shmem:1361 pagetables:606 [ 220.611075][T11150] sec_pagetables:0 bounce:0 [ 220.611075][T11150] kernel_misc_reclaimable:0 [ 220.611075][T11150] free:1365172 free_pcp:8285 free_cma:0 [ 220.707794][T11150] Node 0 active_anon:26016kB inactive_anon:0kB active_file:4016kB inactive_file:161080kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98996kB dirty:1096kB writeback:0kB shmem:6640kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11488kB pagetables:2664kB sec_pagetables:0kB all_unreclaimable? no [ 220.771317][T11150] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 220.817775][T11150] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 220.863203][T11150] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 220.877416][T11166] tmpfs: Bad value for 'mpol' [ 220.887849][T11150] Node 0 DMA32 free:1546640kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:30124kB inactive_anon:0kB active_file:4016kB inactive_file:159736kB unevictable:1536kB writepending:1100kB present:3129332kB managed:2589592kB mlocked:0kB bounce:0kB free_pcp:9356kB local_pcp:3728kB free_cma:0kB [ 220.935682][T11150] lowmem_reserve[]: 0 0 1 1 1 [ 220.977875][T11150] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 221.011017][T11150] lowmem_reserve[]: 0 0 0 0 0 [ 221.016433][T11150] Node 1 Normal free:3892116kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:22744kB local_pcp:8700kB free_cma:0kB [ 221.051277][T11150] lowmem_reserve[]: 0 0 0 0 0 [ 221.056189][T11150] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 221.123749][T11150] Node 0 DMA32: 476*4kB (UE) 522*8kB (UE) 168*16kB (UE) 199*32kB (UME) 115*64kB (UME) 62*128kB (UME) 29*256kB (UME) 19*512kB (UME) 11*1024kB (UME) 10*2048kB (UM) 357*4096kB (UM) = 1541600kB [ 221.160481][T11174] binfmt_misc: register: failed to install interpreter file ./bus [ 221.168055][T11150] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 221.197862][T11150] Node 1 Normal: 177*4kB (UE) 58*8kB (UE) 38*16kB (UE) 55*32kB (UE) 13*64kB (UME) 3*128kB (UME) 1*256kB (M) 0*512kB 0*1024kB 0*2048kB 949*4096kB (ME) = 3892116kB [ 221.204795][T11140] loop3: detected capacity change from 0 to 32768 [ 221.234779][T11150] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 221.268797][T11140] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 221.287347][T11150] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 221.309103][T11150] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 221.318952][T11150] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 221.332836][T11150] 46674 total pagecache pages [ 221.337569][T11150] 0 pages in swap cache [ 221.343641][T11150] Free swap = 124996kB [ 221.347993][T11150] Total swap = 124996kB [ 221.352554][T11150] 2097051 pages RAM [ 221.356787][T11150] 0 pages HighMem/MovableOnly [ 221.362169][T11150] 416139 pages reserved [ 221.366361][T11150] 0 pages cma reserved [ 221.403113][T11182] netlink: 388 bytes leftover after parsing attributes in process `syz.2.2106'. [ 221.432698][T11140] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 222.120662][T11207] overlayfs: overlapping lowerdir path [ 222.505427][ T5790] ocfs2: Unmounting device (7,3) on (node local) [ 224.033721][T11296] binder: 11295:11296 ioctl c00c6211 ffffffffffffffff returned -14 [ 224.227115][T11310] binfmt_misc: register: failed to install interpreter file ./file0 [ 224.587439][T11322] loop3: detected capacity change from 0 to 4096 [ 224.610991][T11322] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 224.635958][T11328] veth3: entered promiscuous mode [ 224.643388][T11328] veth3: entered allmulticast mode [ 224.669870][T11322] ntfs: volume version 3.1. [ 224.736936][T11322] ntfs: (device loop3): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 224.776164][T11322] ntfs: (device loop3): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5). [ 224.828440][T11322] ntfs: (device loop3): ntfs_cluster_alloc(): Failed to map page. [ 224.837991][T11322] ntfs: (device loop3): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -5). [ 224.866136][T11322] ntfs: (device loop3): ntfs_attr_extend_allocation(): Cannot extend allocation of inode 0x44, attribute type 0x80, because the allocation of clusters failed with error code -5. [ 225.294966][T11366] loop1: detected capacity change from 0 to 2048 [ 225.303918][T11363] loop3: detected capacity change from 0 to 2048 [ 225.345313][T11373] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 225.393652][T11363] loop3: p1 < > p3 [ 225.411408][T11363] loop3: p3 size 134217728 extends beyond EOD, truncated [ 225.659172][T11388] loop2: detected capacity change from 0 to 64 [ 225.745117][T11393] netlink: 'syz.3.2166': attribute type 1 has an invalid length. [ 225.853192][ T6761] udevd[6761]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 225.869852][ T5776] udevd[5776]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 226.648293][ T786] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 226.709736][T11451] netlink: 'syz.1.2182': attribute type 1 has an invalid length. [ 226.864751][ T786] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 226.883533][ T786] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.895405][ T786] usb 4-1: Product: syz [ 226.915502][ T786] usb 4-1: Manufacturer: syz [ 226.954073][ T786] usb 4-1: SerialNumber: syz [ 226.980777][ T786] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 227.004217][ T5864] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 227.371625][ C0] usb 4-1: ath: unknown panic pattern! [ 227.638814][ T786] usb 4-1: USB disconnect, device number 12 [ 227.812918][T11509] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2198'. [ 227.822601][T11509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 227.849101][T11509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 227.859433][T11509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 227.870187][T11509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 227.880344][T11509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 227.891136][T11509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 227.903883][T11509] batadv_slave_1: entered promiscuous mode [ 227.963344][T11517] loop2: detected capacity change from 0 to 64 [ 228.058595][ T5864] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 228.080745][T11523] netlink: 'syz.0.2211': attribute type 1 has an invalid length. [ 228.081125][ T5864] ath9k_htc: Failed to initialize the device [ 228.135367][ T786] usb 4-1: ath9k_htc: USB layer deinitialized [ 229.578772][T11612] xt_limit: Overflow, try lower: 65536/2147483648 [ 229.626243][T11617] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 230.253421][T11655] netlink: 'syz.1.2243': attribute type 15 has an invalid length. [ 230.271687][T11655] netlink: 666 bytes leftover after parsing attributes in process `syz.1.2243'. [ 230.684861][ T786] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 230.884159][T11685] loop3: detected capacity change from 0 to 8192 [ 230.902395][ T786] usb 3-1: config 0 has an invalid interface number: 199 but max is 1 [ 230.920984][ T786] usb 3-1: config 0 has no interface number 1 [ 230.934526][T11685] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 230.937950][ T786] usb 3-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 230.963487][ T786] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 230.976905][T11685] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 230.986634][T11685] REISERFS (device loop3): using ordered data mode [ 231.010200][ T786] usb 3-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 231.020476][ T786] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 231.028734][T11685] reiserfs: using flush barriers [ 231.036393][ T786] usb 3-1: SerialNumber: syz [ 231.038383][T11685] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 231.043452][ T786] usb 3-1: config 0 descriptor?? [ 231.066327][ T786] usb 3-1: Found UVC 0.00 device (0002:0000) [ 231.071759][T11698] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2256'. [ 231.099375][T11685] REISERFS (device loop3): checking transaction log (loop3) [ 231.137863][ T786] usb 3-1: No valid video chain found. [ 231.184103][T11685] REISERFS (device loop3): Using r5 hash to sort names [ 231.223422][T11685] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 231.245308][T11709] erofs: (device nbd1): erofs_read_superblock: cannot find valid erofs superblock [ 231.441331][ T787] usb 3-1: USB disconnect, device number 7 [ 231.802727][T11737] loop3: detected capacity change from 0 to 256 [ 232.195640][T11756] netlink: 'syz.3.2269': attribute type 7 has an invalid length. [ 232.216031][T11756] netlink: 140 bytes leftover after parsing attributes in process `syz.3.2269'. [ 233.087821][T11749] loop0: detected capacity change from 0 to 40427 [ 233.119252][ T5864] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 233.170551][T11749] F2FS-fs (loop0): Found nat_bits in checkpoint [ 233.206942][T11805] loop2: detected capacity change from 0 to 2048 [ 233.280844][T11805] loop2: p1 p2 < > p3 < p5 p6 > p4 [ 233.286131][T11805] loop2: partition table partially beyond EOD, truncated [ 233.294351][T11749] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 233.320086][T11805] loop2: p2 start 4278190080 is beyond EOD, truncated [ 233.343324][ T5864] usb 2-1: config 0 has an invalid interface number: 199 but max is 1 [ 233.359736][T11805] loop2: p4 size 8192 extends beyond EOD, truncated [ 233.366469][ T5864] usb 2-1: config 0 has no interface number 1 [ 233.381621][ T5864] usb 2-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 233.408585][T11805] loop2: p6 size 8192 extends beyond EOD, truncated [ 233.427255][ T5864] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 233.488186][ T5864] usb 2-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 233.516978][ T5864] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 233.552190][ T5864] usb 2-1: SerialNumber: syz [ 233.580027][ T5864] usb 2-1: config 0 descriptor?? [ 233.640517][ T5864] usb 2-1: Found UVC 0.00 device (0002:0000) [ 233.647464][ T5864] usb 2-1: No valid video chain found. [ 233.933960][ T5908] udevd[5908]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 233.949146][ T5775] usb 2-1: USB disconnect, device number 7 [ 233.978974][ T6761] udevd[6761]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 233.984141][ T7188] udevd[7188]: inotify_add_watch(7, /dev/loop2p6, 10) failed: No such file or directory [ 233.989437][ T7186] udevd[7186]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 234.010587][ T7181] udevd[7181]: inotify_add_watch(7, /dev/loop2p5, 10) failed: No such file or directory [ 234.382288][T11871] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2294'. [ 234.468588][T11875] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2295'. [ 234.496226][T11875] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2295'. [ 234.516701][T11875] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2295'. [ 234.808268][ T5775] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 235.017909][ T5775] usb 4-1: Using ep0 maxpacket: 16 [ 235.035518][ T5775] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 235.058755][ T5775] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 235.087847][ T5775] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 235.125422][ T5775] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice=4f.14 [ 235.137822][ T5775] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.156297][ T5775] usb 4-1: Product: syz [ 235.166457][ T5775] usb 4-1: Manufacturer: syz [ 235.176621][ T5775] usb 4-1: SerialNumber: syz [ 235.205482][ T5775] usb 4-1: config 0 descriptor?? [ 235.221089][T11880] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 235.239863][ T5775] mceusb 4-1:0.0: mceusb_dev_probe: device setup failed! [ 235.266850][ T5775] mceusb: probe of 4-1:0.0 failed with error -12 [ 235.290580][T11906] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2304'. [ 235.358694][T11892] loop0: detected capacity change from 0 to 32768 [ 235.413677][T11892] ERROR: (device loop0): xtTruncate: XT_GETPAGE: xtree page corrupt [ 235.413677][T11892] [ 235.442701][ T5775] usb 4-1: USB disconnect, device number 13 [ 235.474874][T11892] ERROR: (device loop0): remounting filesystem as read-only [ 235.900924][T11925] loop1: detected capacity change from 0 to 1024 [ 235.987315][T11889] loop2: detected capacity change from 0 to 65536 [ 236.106978][T11889] XFS (loop2): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 236.110010][T11943] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2309'. [ 236.149909][T11943] netlink: 112 bytes leftover after parsing attributes in process `syz.1.2309'. [ 236.221180][T11889] XFS (loop2): Ending clean mount [ 236.231977][T11889] XFS (loop2): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 236.872925][T11947] loop3: detected capacity change from 0 to 32768 [ 236.933389][T11947] ERROR: (device loop3): dbAlloc: unable to allocate blocks [ 236.933389][T11947] [ 236.960876][T11947] ERROR: (device loop3): remounting filesystem as read-only [ 236.979342][T11947] jfs_create: dtInsert returned -EIO [ 236.993249][T11947] ERROR: (device loop3): jfs_create: [ 236.993249][T11947] [ 237.083899][T11973] netlink: 7 bytes leftover after parsing attributes in process `syz.1.2316'. [ 237.096249][T11973] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2316'. [ 237.496988][T11997] nvme_fabrics: unknown parameter or missing value 'V' in ctrl creation request [ 237.837328][T12010] loop1: detected capacity change from 0 to 4096 [ 237.853747][T12010] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 237.889104][T12010] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 237.919431][T12010] ntfs3: loop1: Failed to load $Extend (-22). [ 237.936662][T12010] ntfs3: loop1: Failed to initialize $Extend. [ 238.067689][T12025] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2331'. [ 238.658005][ T787] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 238.850592][T12073] i2c i2c-0: Invalid block write size 252 [ 238.858361][ T787] usb 3-1: Using ep0 maxpacket: 16 [ 238.866569][ T787] usb 3-1: config 0 has an invalid interface number: 8 but max is 0 [ 238.875839][ T787] usb 3-1: config 0 has no interface number 0 [ 238.882341][ T787] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 208, changing to 11 [ 238.904464][ T787] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 25296, setting to 1024 [ 238.944104][ T787] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 238.975712][ T787] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 239.017949][ T787] usb 3-1: Product: syz [ 239.022191][ T787] usb 3-1: SerialNumber: syz [ 239.049143][ T787] usb 3-1: config 0 descriptor?? [ 239.087081][ T787] cm109 3-1:0.8: invalid payload size 1024, expected 4 [ 239.126262][ T787] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input7 [ 239.133296][T12088] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 239.389778][T12100] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes [ 239.503165][T12103] __nla_validate_parse: 2 callbacks suppressed [ 239.503184][T12103] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2352'. [ 239.528634][ C1] cm109 3-1:0.8: cm109_urb_irq_callback: urb status -71 [ 239.530830][ T5793] usb 3-1: USB disconnect, device number 8 [ 239.535638][ C1] cm109 3-1:0.8: cm109_urb_irq_callback: usb_submit_urb (urb_ctl) failed -19 [ 239.597448][ T5793] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 239.954146][T12127] loop3: detected capacity change from 0 to 64 [ 240.018946][T12084] loop0: detected capacity change from 0 to 40427 [ 240.064519][T12084] F2FS-fs (loop0): invalid crc value [ 240.102928][T12084] F2FS-fs (loop0): Found nat_bits in checkpoint [ 240.338362][T12084] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 240.401243][T12145] veth3: entered allmulticast mode [ 240.501040][T12166] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2363'. [ 240.637015][T12170] netlink: 'syz.1.2364': attribute type 3 has an invalid length. [ 240.672040][T12173] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2366'. [ 240.686502][T12170] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2364'. [ 241.660409][T12212] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma? [ 241.849750][T12218] netlink: 148 bytes leftover after parsing attributes in process `syz.2.2379'. [ 242.060941][T12232] netlink: 1 bytes leftover after parsing attributes in process `syz.3.2382'. [ 242.506011][T12264] Zero length message leads to an empty skb [ 242.583340][ T5775] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 242.662174][T12272] loop0: detected capacity change from 0 to 256 [ 242.767912][ T5775] usb 2-1: Using ep0 maxpacket: 32 [ 242.790479][ T5775] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 242.851159][ T5775] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 242.884931][ T5775] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 242.928150][ T5775] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 242.936584][ T5775] usb 2-1: Product: syz [ 242.966626][ T5775] usb 2-1: Manufacturer: syz [ 242.977131][ T5775] hub 2-1:4.0: USB hub found [ 243.034711][T12295] loop2: detected capacity change from 0 to 256 [ 243.090277][T12295] FAT-fs (loop2): Directory bread(block 64) failed [ 243.140481][T12295] FAT-fs (loop2): Directory bread(block 65) failed [ 243.147297][T12295] FAT-fs (loop2): Directory bread(block 66) failed [ 243.174212][T12295] FAT-fs (loop2): Directory bread(block 67) failed [ 243.200758][ T5775] hub 2-1:4.0: config failed, hub has too many ports! (err -19) [ 243.208860][T12295] FAT-fs (loop2): Directory bread(block 68) failed [ 243.231476][T12295] FAT-fs (loop2): Directory bread(block 69) failed [ 243.248053][T12295] FAT-fs (loop2): Directory bread(block 70) failed [ 243.254674][T12295] FAT-fs (loop2): Directory bread(block 71) failed [ 243.296625][T12295] FAT-fs (loop2): Directory bread(block 72) failed [ 243.307186][T12295] FAT-fs (loop2): Directory bread(block 73) failed [ 243.528450][ T5851] usb 2-1: USB disconnect, device number 8 [ 243.738817][T12338] loop3: detected capacity change from 0 to 256 [ 243.807334][T12338] FAT-fs (loop3): Directory bread(block 64) failed [ 243.818060][T12338] FAT-fs (loop3): Directory bread(block 65) failed [ 243.824781][T12338] FAT-fs (loop3): Directory bread(block 66) failed [ 243.854060][T12338] FAT-fs (loop3): Directory bread(block 67) failed [ 243.878176][T12338] FAT-fs (loop3): Directory bread(block 68) failed [ 243.884807][T12338] FAT-fs (loop3): Directory bread(block 69) failed [ 243.901075][T12338] FAT-fs (loop3): Directory bread(block 70) failed [ 243.908173][T12338] FAT-fs (loop3): Directory bread(block 71) failed [ 243.928671][T12338] FAT-fs (loop3): Directory bread(block 72) failed [ 243.935363][T12338] FAT-fs (loop3): Directory bread(block 73) failed [ 244.986487][T12368] loop2: detected capacity change from 0 to 32768 [ 245.002453][T12368] XFS: ikeep mount option is deprecated. [ 245.065255][T12368] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 245.257341][T12368] XFS (loop2): Ending clean mount [ 245.284377][T12368] XFS (loop2): Quotacheck needed: Please wait. [ 245.393483][T12368] XFS (loop2): Quotacheck: Done. [ 245.572143][ T5786] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 246.062209][T12451] loop3: detected capacity change from 0 to 16 [ 246.100222][T12451] erofs: (device loop3): mounted with root inode @ nid 36. [ 246.437945][ T787] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 246.610622][T12485] netlink: 115 bytes leftover after parsing attributes in process `syz.3.2446'. [ 246.636663][ T787] usb 3-1: Using ep0 maxpacket: 16 [ 246.655075][ T787] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 246.677864][ T787] usb 3-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 246.689861][T12487] loop0: detected capacity change from 0 to 128 [ 246.712254][ T787] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 246.742110][ T787] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 246.777401][ T787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 246.793388][ T787] usb 3-1: SerialNumber: syz [ 246.821788][ T787] cdc_acm 3-1:1.0: skipping garbage [ 247.034867][ T787] usb 3-1: USB disconnect, device number 9 [ 247.200003][T12526] loop0: detected capacity change from 0 to 128 [ 247.241775][T12526] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 247.441718][T12531] loop1: detected capacity change from 0 to 4096 [ 247.506543][T12531] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 247.586000][T12542] loop3: detected capacity change from 0 to 4096 [ 247.608227][T12542] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 247.654360][T12531] ntfs3: loop1: ino=3, ntfs_set_state failed, -22. [ 247.671316][T12531] ntfs3: loop1: Failed to initialize $Extend/$Reparse. [ 247.834529][T12551] loop2: detected capacity change from 0 to 2048 [ 247.903088][ T2982] ntfs3: loop1: ino=3, ntfs3_write_inode failed, -22. [ 247.924302][T12551] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 247.925951][ T5783] ntfs3: loop1: ino=3, ntfs_set_state failed, -22. [ 247.978860][ T5783] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 248.006329][ T5783] ntfs3: loop1: ino=3, ntfs_set_state failed, -22. [ 248.020730][ T2982] ntfs3: loop1: ino=3, ntfs3_write_inode failed, -22. [ 248.682889][T12597] sctp: [Deprecated]: syz.3.2475 (pid 12597) Use of int in max_burst socket option deprecated. [ 248.682889][T12597] Use struct sctp_assoc_value instead [ 248.934416][T12607] loop3: detected capacity change from 0 to 1024 [ 249.007437][T12607] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 249.273921][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.854285][T12662] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2496'. [ 249.863853][T12662] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2496'. [ 249.874192][T12662] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2496'. [ 250.047900][T12670] netlink: 25 bytes leftover after parsing attributes in process `syz.3.2497'. [ 250.207184][T12676] overlayfs: conflicting options: userxattr,metacopy=on [ 250.242273][T12679] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 250.245671][T12635] loop0: detected capacity change from 0 to 32768 [ 250.274704][T12679] overlayfs: missing 'lowerdir' [ 250.303641][T12635] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.2486 (12635) [ 250.325787][T12635] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 250.358731][T12635] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 250.401907][T12635] BTRFS info (device loop0): using free space tree [ 250.511621][T12705] openvswitch: netlink: Actions may not be safe on all matching packets [ 250.650444][T12635] BTRFS info (device loop0): enabling ssd optimizations [ 250.676821][T12635] BTRFS info (device loop0): auto enabling async discard [ 250.924440][T12717] loop3: detected capacity change from 0 to 4096 [ 250.951499][T12717] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 251.000290][ T5791] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 251.229406][T12717] ntfs3: loop3: failed to convert "c46c" to cp862 [ 251.412323][T12744] netlink: 'syz.0.2517': attribute type 1 has an invalid length. [ 251.939798][T12769] loop2: detected capacity change from 0 to 16 [ 251.979128][T12769] erofs: (device loop2): mounted with root inode @ nid 36. [ 252.801223][T12817] ip6t_srh: unknown srh match flags 4000 [ 252.956500][T12827] devtmpfs: Unknown parameter 'GPL' [ 253.211032][T12842] program syz.2.2549 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 253.781127][T12875] program syz.3.2561 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 253.867962][T12880] netlink: 'syz.0.2562': attribute type 7 has an invalid length. [ 253.989561][T12884] IPVS: set_ctl: invalid protocol: 58 255.255.255.255:20003 [ 254.521267][T12918] loop2: detected capacity change from 0 to 512 [ 254.570281][T12918] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 254.624732][T12918] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.2573: iget: bad i_size value: 360287970189639690 [ 254.646519][T12918] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.2573: couldn't read orphan inode 15 (err -117) [ 254.839181][T12918] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.853575][T12918] ext2 filesystem being mounted at /684/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 254.927577][T12918] EXT4-fs error (device loop2): ext4_add_entry:2486: inode #2: comm syz.2.2573: Directory hole found for htree leaf block 0 [ 255.151340][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.522337][T12970] loop2: detected capacity change from 0 to 256 [ 255.546508][T12970] exfat: Deprecated parameter 'utf8' [ 255.583681][ T1280] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.590400][ T1280] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.654343][T12970] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 255.655109][T12978] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2595'. [ 256.180538][T13005] netlink: 'syz.1.2611': attribute type 8 has an invalid length. [ 256.513452][T13025] loop3: detected capacity change from 0 to 256 [ 256.523445][T13025] exfat: Deprecated parameter 'utf8' [ 256.625994][T13025] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 257.924791][T13059] loop1: detected capacity change from 0 to 32768 [ 257.951988][T13095] loop2: detected capacity change from 0 to 512 [ 257.984864][T13059] XFS (loop1): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 258.020878][T13095] Quota error (device loop2): dq_insert_tree: Quota tree root isn't allocated! [ 258.054670][T13095] Quota error (device loop2): qtree_write_dquot: Error -5 occurred while creating quota [ 258.075826][T13095] EXT4-fs error (device loop2): ext4_acquire_dquot:6940: comm syz.2.2635: Failed to acquire dquot type 0 [ 258.094745][T13095] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.2635: bg 0: block 64: padding at end of block bitmap is not set [ 258.116337][T13095] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 258.136605][T13095] EXT4-fs (loop2): 1 truncate cleaned up [ 258.157553][T13095] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.170705][T13095] ext4 filesystem being mounted at /697/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 258.236108][T13059] XFS (loop1): Starting recovery (logdev: internal) [ 258.246186][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.334033][T13059] XFS (loop1): Ending recovery (logdev: internal) [ 258.457071][ T5783] XFS (loop1): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 258.510831][ T27] audit: type=1326 audit(1756461372.410:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13127 comm="syz.0.2639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b058ebe9 code=0x7ffc0000 [ 258.512557][T13126] loop3: detected capacity change from 0 to 512 [ 258.566974][ T27] audit: type=1326 audit(1756461372.440:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13127 comm="syz.0.2639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b058ebe9 code=0x7ffc0000 [ 258.616491][T13126] Quota error (device loop3): dq_insert_tree: Quota tree root isn't allocated! [ 258.663561][ T27] audit: type=1326 audit(1756461372.440:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13127 comm="syz.0.2639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fb2b058ebe9 code=0x7ffc0000 [ 258.674060][T13126] Quota error (device loop3): qtree_write_dquot: Error -5 occurred while creating quota [ 258.695886][T13126] EXT4-fs error (device loop3): ext4_acquire_dquot:6940: comm syz.3.2648: Failed to acquire dquot type 0 [ 258.765443][T13126] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.2648: bg 0: block 64: padding at end of block bitmap is not set [ 258.817489][ T27] audit: type=1326 audit(1756461372.440:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13127 comm="syz.0.2639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b058ebe9 code=0x7ffc0000 [ 258.863062][T13126] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 258.896985][T13126] EXT4-fs (loop3): 1 truncate cleaned up [ 258.938466][T13144] AppArmor: change_hat: Invalid input '0' [ 258.952908][ T27] audit: type=1326 audit(1756461372.440:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13127 comm="syz.0.2639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2b058ebe9 code=0x7ffc0000 [ 258.983257][T13126] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 259.016965][T13126] ext4 filesystem being mounted at /622/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 259.291930][ T27] audit: type=1326 audit(1756461373.190:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13156 comm="syz.1.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f391258ebe9 code=0x7ffc0000 [ 259.320059][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.693525][T13179] AppArmor: change_hat: Invalid input '0' [ 259.926126][T13194] netlink: 'syz.2.2672': attribute type 29 has an invalid length. [ 259.984756][T13198] loop1: detected capacity change from 0 to 512 [ 260.056090][T13198] EXT4-fs error (device loop1): ext4_acquire_dquot:6940: comm syz.1.2661: Failed to acquire dquot type 0 [ 260.149529][T13198] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.2661: bg 0: block 64: padding at end of block bitmap is not set [ 260.180634][T13198] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 260.256492][T13198] EXT4-fs (loop1): 1 truncate cleaned up [ 260.269571][T13198] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 260.283114][T13198] ext4 filesystem being mounted at /671/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 260.458289][ T5783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.135578][T13259] loop2: detected capacity change from 0 to 512 [ 261.274116][T13259] EXT4-fs error (device loop2): ext4_acquire_dquot:6940: comm syz.2.2684: Failed to acquire dquot type 0 [ 261.333766][T13259] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.2684: bg 0: block 64: padding at end of block bitmap is not set [ 261.391739][T13259] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 261.431751][T13259] EXT4-fs (loop2): 1 truncate cleaned up [ 261.449138][T13259] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 261.481792][T13259] ext4 filesystem being mounted at /709/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 261.683530][T13284] loop3: detected capacity change from 0 to 256 [ 261.700301][T13284] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 261.730684][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.743887][T13284] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 261.798297][T13284] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 261.806539][T13284] UDF-fs: Scanning with blocksize 512 failed [ 261.840119][T13284] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 261.919339][T13284] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 262.036906][T13295] loop2: detected capacity change from 0 to 1024 [ 262.102826][T13295] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 262.120694][T13295] ext4 filesystem being mounted at /710/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 262.230290][T13295] EXT4-fs error (device loop2): ext4_get_first_dir_block:3606: inode #12: comm syz.2.2694: directory missing '..' [ 262.415677][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 262.503526][T13316] bridge_slave_0: left allmulticast mode [ 262.570218][T13316] bridge0: port 1(bridge_slave_0) entered disabled state [ 262.820573][T13333] batadv0: entered promiscuous mode [ 262.834309][T13336] loop0: detected capacity change from 0 to 1024 [ 263.389825][T13367] (null): rxe_set_mtu: Set mtu to 1024 [ 263.644360][T13376] RDS: rds_bind could not find a transport for 0:0:200::1, load rds_tcp or rds_rdma? [ 263.897100][T13385] loop0: detected capacity change from 0 to 2048 [ 263.941551][T13385] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 264.064582][T13367] infiniband syz!: set active [ 264.097838][T13367] infiniband syz!: added team_slave_0 [ 264.175791][T13401] netlink: 'syz.3.2726': attribute type 10 has an invalid length. [ 264.214645][T13401] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 264.280256][T13367] RDS/IB: syz!: added [ 264.285626][T13367] smc: adding ib device syz! with port count 1 [ 264.348295][T13367] smc: ib device syz! port 1 has pnetid [ 264.408867][T13407] loop2: detected capacity change from 0 to 2048 [ 264.464735][T13420] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 265.107964][T13444] loop2: detected capacity change from 0 to 1024 [ 265.163249][T13444] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 265.236724][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.322407][T13453] sock: sock_timestamping_bind_phc: sock not bind to device [ 265.583246][T13465] xt_addrtype: ipv6 does not support BROADCAST matching [ 265.868401][T13474] loop3: detected capacity change from 0 to 2048 [ 265.893074][T13476] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 266.045720][T13482] netlink: 'syz.1.2753': attribute type 10 has an invalid length. [ 266.079327][T13482] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 266.262615][T13492] loop3: detected capacity change from 0 to 1024 [ 266.305474][T13492] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 266.421341][T13504] sock: sock_timestamping_bind_phc: sock not bind to device [ 266.551584][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 266.557554][T13510] xt_addrtype: ipv6 does not support BROADCAST matching [ 267.324114][T13557] loop3: detected capacity change from 0 to 164 [ 267.349690][T13557] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 268.153955][T13610] loop3: detected capacity change from 0 to 1024 [ 268.189993][T13610] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 268.209489][T13610] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 268.221576][T13610] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 268.235159][T13610] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #3: comm syz.3.2790: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 2, max 15(4), depth 0(0) [ 268.276133][T13610] EXT4-fs (loop3): no journal found [ 268.286050][T13610] EXT4-fs (loop3): can't get journal size [ 268.302649][T13610] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 268.358700][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.417965][ T5864] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 268.555778][T13629] ================================================================== [ 268.563909][T13629] BUG: KASAN: slab-use-after-free in __xfrm_state_lookup+0x6b2/0x8d0 [ 268.572031][T13629] Read of size 2 at addr ffff888025d64d22 by task syz.2.2787/13629 [ 268.579952][T13629] [ 268.582300][T13629] CPU: 1 PID: 13629 Comm: syz.2.2787 Not tainted syzkaller #0 [ 268.589789][T13629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 268.599872][T13629] Call Trace: [ 268.603172][T13629] [ 268.606137][T13629] dump_stack_lvl+0x16c/0x230 [ 268.610122][T13633] loop3: detected capacity change from 0 to 64 [ 268.610835][T13629] ? __lock_acquire+0x7c80/0x7c80 [ 268.610866][T13629] ? show_regs_print_info+0x20/0x20 [ 268.627273][T13629] ? load_image+0x3b0/0x3b0 [ 268.631821][T13629] ? __virt_addr_valid+0x469/0x540 [ 268.636360][T13633] syz.3.2788: attempt to access beyond end of device [ 268.636360][T13633] loop3: rw=0, sector=16777216, nr_sectors = 2 limit=64 [ 268.636953][T13629] print_report+0xac/0x220 [ 268.636981][T13629] ? __xfrm_state_lookup+0x6b2/0x8d0 [ 268.637001][T13629] kasan_report+0x117/0x150 [ 268.665204][T13629] ? __xfrm_state_lookup+0x6b2/0x8d0 [ 268.670536][T13629] __xfrm_state_lookup+0x6b2/0x8d0 [ 268.675687][T13629] ? xfrm_state_lookup+0x1a0/0x1a0 [ 268.680844][T13629] ? ipcomp6_init_state+0x272/0x7f0 [ 268.684058][ T5864] usb 2-1: Using ep0 maxpacket: 16 [ 268.686059][T13629] ? xfrm_state_add+0xf6/0xe20 [ 268.686088][T13629] xfrm_state_add+0x25e/0xe20 [ 268.700058][ T5864] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 33437, setting to 1024 [ 268.700673][T13629] ? xfrm_init_replay+0xdc/0x2a0 [ 268.700708][T13629] xfrm_add_sa+0x26f7/0x30a0 [ 268.721306][T13629] ? xfrm_user_rcv_msg+0x870/0x870 [ 268.726407][T13633] Buffer I/O error on dev loop3, logical block 8388608, async page read [ 268.726439][T13629] ? __nla_parse+0x40/0x50 [ 268.737304][ T5864] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 1024 [ 268.739177][T13629] xfrm_user_rcv_msg+0x596/0x870 [ 268.739214][T13629] ? lockdep_hardirqs_on+0x98/0x150 [ 268.739243][T13629] ? xfrm_netlink_rcv+0x90/0x90 [ 268.764271][T13629] ? __local_bh_enable_ip+0x12e/0x1c0 [ 268.765654][T13633] syz.3.2788: attempt to access beyond end of device [ 268.765654][T13633] loop3: rw=0, sector=16777216, nr_sectors = 2 limit=64 [ 268.769670][T13629] ? __dev_queue_xmit+0x245/0x35a0 [ 268.769702][T13629] ? __mutex_trylock_common+0x153/0x250 [ 268.769736][T13629] netlink_rcv_skb+0x216/0x480 [ 268.787744][ T5864] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 2269, setting to 1024 [ 268.788292][T13629] ? xfrm_netlink_rcv+0x90/0x90 [ 268.788330][T13629] ? netlink_ack+0x1110/0x1110 [ 268.799629][ T5864] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 268.809651][T13629] ? netlink_deliver_tap+0x2e/0x1b0 [ 268.809685][T13629] ? __lock_acquire+0x7c80/0x7c80 [ 268.809711][T13629] xfrm_netlink_rcv+0x79/0x90 [ 268.809741][T13629] netlink_unicast+0x751/0x8d0 [ 268.809767][T13629] netlink_sendmsg+0x8c1/0xbe0 [ 268.809794][T13629] ? netlink_getsockopt+0x580/0x580 [ 268.809817][T13629] ? aa_sock_msg_perm+0x94/0x150 [ 268.809838][T13629] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 268.809860][T13629] ? security_socket_sendmsg+0x80/0xa0 [ 268.809880][T13629] ? netlink_getsockopt+0x580/0x580 [ 268.809903][T13629] ____sys_sendmsg+0x5bf/0x950 [ 268.809933][T13629] ? __asan_memset+0x22/0x40 [ 268.809957][T13629] ? __sys_sendmsg_sock+0x30/0x30 [ 268.809982][T13629] ? __import_iovec+0x5f2/0x860 [ 268.810012][T13629] ? import_iovec+0x73/0xa0 [ 268.810040][T13629] ___sys_sendmsg+0x220/0x290 [ 268.810067][T13629] ? __sys_sendmsg+0x270/0x270 [ 268.810114][T13629] __se_sys_sendmsg+0x1a5/0x270 [ 268.810141][T13629] ? __x64_sys_sendmsg+0x80/0x80 [ 268.810174][T13629] ? lockdep_hardirqs_on+0x98/0x150 [ 268.810202][T13629] do_syscall_64+0x55/0xb0 [ 268.810223][T13629] ? clear_bhb_loop+0x40/0x90 [ 268.810242][T13629] ? clear_bhb_loop+0x40/0x90 [ 268.810261][T13629] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 268.810291][T13629] RIP: 0033:0x7f512b18ebe9 [ 268.810310][T13629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.810328][T13629] RSP: 002b:00007f51293f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 268.810350][T13629] RAX: ffffffffffffffda RBX: 00007f512b3b5fa0 RCX: 00007f512b18ebe9 [ 268.810364][T13629] RDX: 0000000000000000 RSI: 00002000000035c0 RDI: 0000000000000003 [ 268.810377][T13629] RBP: 00007f512b211e19 R08: 0000000000000000 R09: 0000000000000000 [ 268.810398][T13629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 268.810409][T13629] R13: 00007f512b3b6038 R14: 00007f512b3b5fa0 R15: 00007ffdb036ee28 [ 268.810430][T13629] [ 268.810437][T13629] [ 268.810442][T13629] Allocated by task 8532: [ 268.810452][T13629] kasan_set_track+0x4e/0x70 [ 268.838116][T13633] Buffer I/O error on dev loop3, logical block 8388608, async page read [ 268.840259][T13629] __kasan_slab_alloc+0x6c/0x80 [ 268.840285][T13629] slab_post_alloc_hook+0x6e/0x4d0 [ 268.840310][T13629] kmem_cache_alloc+0x11e/0x2e0 [ 268.840333][T13629] xfrm_state_alloc+0x22/0x2a0 [ 268.880622][ T5864] usb 2-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87 [ 268.880655][ T5864] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.885398][T13629] xfrm_add_sa+0xfe5/0x30a0 [ 268.885425][T13629] xfrm_user_rcv_msg+0x596/0x870 [ 268.885441][T13629] netlink_rcv_skb+0x216/0x480 [ 268.885460][T13629] xfrm_netlink_rcv+0x79/0x90 [ 268.895957][ T5864] usb 2-1: Product: syz [ 268.900027][T13629] netlink_unicast+0x751/0x8d0 [ 268.900057][T13629] netlink_sendmsg+0x8c1/0xbe0 [ 268.900076][T13629] ____sys_sendmsg+0x5bf/0x950 [ 268.900098][T13629] ___sys_sendmsg+0x220/0x290 [ 268.929850][ T5864] usb 2-1: Manufacturer: syz [ 268.933717][T13629] __se_sys_sendmsg+0x1a5/0x270 [ 268.933746][T13629] do_syscall_64+0x55/0xb0 [ 268.950045][ T5864] usb 2-1: SerialNumber: syz [ 268.953404][T13629] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 268.953441][T13629] [ 268.953447][T13629] The buggy address belongs to the object at ffff888025d64c00 [ 268.953447][T13629] which belongs to the cache xfrm_state of size 848 [ 269.056365][ T5864] usb 2-1: config 0 descriptor?? [ 269.058886][T13629] The buggy address is located 290 bytes inside of [ 269.058886][T13629] freed 848-byte region [ffff888025d64c00, ffff888025d64f50) [ 269.058913][T13629] [ 269.058917][T13629] The buggy address belongs to the physical page: [ 269.058925][T13629] page:ffffea0000975900 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888025d65c00 pfn:0x25d64 [ 269.058949][T13629] head:ffffea0000975900 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 269.065267][T13604] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 269.072723][T13629] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 269.093288][T13604] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 269.094891][T13629] page_type: 0xffffffff() [ 269.109929][ C0] port100 2-1:0.0: NFC: Urb failure (status -71) [ 269.113361][T13629] raw: 00fff00000000840 ffff888141ada280 dead000000000122 0000000000000000 [ 269.118286][ C0] port100 2-1:0.0: NFC: Urb failure (status -71) [ 269.122810][T13629] raw: ffff888025d65c00 0000000080100008 00000001ffffffff 0000000000000000 [ 269.129688][ T5864] port100 2-1:0.0: NFC: Could not get supported command types [ 269.132316][T13629] page dumped because: kasan: bad access detected [ 269.132329][T13629] page_owner tracks the page as allocated [ 269.132336][T13629] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6406, tgid 6405 (syz.0.253), ts 93898460911, free_ts 93678398690 [ 269.307933][T13629] post_alloc_hook+0x1cd/0x210 [ 269.312744][T13629] get_page_from_freelist+0x195c/0x19f0 [ 269.318336][T13629] __alloc_pages+0x1e3/0x460 [ 269.322967][T13629] alloc_slab_page+0x5d/0x170 [ 269.327676][T13629] new_slab+0x87/0x2e0 [ 269.331780][T13629] ___slab_alloc+0xc6d/0x12f0 [ 269.336485][T13629] kmem_cache_alloc+0x1b7/0x2e0 [ 269.341370][T13629] xfrm_state_alloc+0x22/0x2a0 [ 269.346164][T13629] pfkey_add+0x6e1/0x2da0 [ 269.350539][T13629] pfkey_sendmsg+0xbed/0x1050 [ 269.355768][T13629] ____sys_sendmsg+0x5bf/0x950 [ 269.360555][T13629] ___sys_sendmsg+0x220/0x290 [ 269.365263][T13629] __se_sys_sendmsg+0x1a5/0x270 [ 269.370161][T13629] do_syscall_64+0x55/0xb0 [ 269.374611][T13629] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 269.380545][T13629] page last free stack trace: [ 269.383417][ T5864] usb 2-1: USB disconnect, device number 9 [ 269.385227][T13629] free_unref_page_prepare+0x7ce/0x8e0 [ 269.385261][T13629] free_unref_page+0x32/0x2e0 [ 269.401253][T13629] free_large_kmalloc+0x101/0x1a0 [ 269.406315][T13629] bpf_check+0x62c6/0xe970 [ 269.410763][T13629] bpf_prog_load+0x11cb/0x16d0 [ 269.415556][T13629] __sys_bpf+0x55a/0x800 [ 269.419831][T13629] __x64_sys_bpf+0x7c/0x90 [ 269.424277][T13629] do_syscall_64+0x55/0xb0 [ 269.428726][T13629] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 269.434748][T13629] [ 269.437097][T13629] Memory state around the buggy address: [ 269.442743][T13629] ffff888025d64c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 269.450832][T13629] ffff888025d64c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 269.458924][T13629] >ffff888025d64d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 269.467023][T13629] ^ [ 269.472219][T13629] ffff888025d64d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 269.480260][T13629] ffff888025d64e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 269.488315][T13629] ================================================================== [ 269.496489][T13629] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 269.503688][T13629] CPU: 1 PID: 13629 Comm: syz.2.2787 Not tainted syzkaller #0 [ 269.511125][T13629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 269.521159][T13629] Call Trace: [ 269.524421][T13629] [ 269.527346][T13629] dump_stack_lvl+0x16c/0x230 [ 269.532033][T13629] ? show_regs_print_info+0x20/0x20 [ 269.537319][T13629] ? load_image+0x3b0/0x3b0 [ 269.541830][T13629] panic+0x2c0/0x710 [ 269.545742][T13629] ? bpf_jit_dump+0xd0/0xd0 [ 269.550239][T13629] ? _raw_spin_unlock_irqrestore+0xa9/0x110 [ 269.556128][T13629] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 269.562022][T13629] ? _raw_spin_unlock+0x40/0x40 [ 269.566861][T13629] ? print_memory_metadata+0x314/0x400 [ 269.572299][T13629] ? __xfrm_state_lookup+0x6b2/0x8d0 [ 269.577566][T13629] check_panic_on_warn+0x84/0xa0 [ 269.582494][T13629] ? __xfrm_state_lookup+0x6b2/0x8d0 [ 269.587788][T13629] end_report+0x6f/0x140 [ 269.592149][T13629] kasan_report+0x128/0x150 [ 269.596678][T13629] ? __xfrm_state_lookup+0x6b2/0x8d0 [ 269.601954][T13629] __xfrm_state_lookup+0x6b2/0x8d0 [ 269.607075][T13629] ? xfrm_state_lookup+0x1a0/0x1a0 [ 269.612226][T13629] ? ipcomp6_init_state+0x272/0x7f0 [ 269.617434][T13629] ? xfrm_state_add+0xf6/0xe20 [ 269.622245][T13629] xfrm_state_add+0x25e/0xe20 [ 269.626959][T13629] ? xfrm_init_replay+0xdc/0x2a0 [ 269.631906][T13629] xfrm_add_sa+0x26f7/0x30a0 [ 269.636478][T13629] ? xfrm_user_rcv_msg+0x870/0x870 [ 269.641591][T13629] ? __nla_parse+0x40/0x50 [ 269.646030][T13629] xfrm_user_rcv_msg+0x596/0x870 [ 269.650956][T13629] ? lockdep_hardirqs_on+0x98/0x150 [ 269.656140][T13629] ? xfrm_netlink_rcv+0x90/0x90 [ 269.661030][T13629] ? __local_bh_enable_ip+0x12e/0x1c0 [ 269.666392][T13629] ? __dev_queue_xmit+0x245/0x35a0 [ 269.671493][T13629] ? __mutex_trylock_common+0x153/0x250 [ 269.677020][T13629] netlink_rcv_skb+0x216/0x480 [ 269.681771][T13629] ? xfrm_netlink_rcv+0x90/0x90 [ 269.686628][T13629] ? netlink_ack+0x1110/0x1110 [ 269.691429][T13629] ? netlink_deliver_tap+0x2e/0x1b0 [ 269.696765][T13629] ? __lock_acquire+0x7c80/0x7c80 [ 269.701774][T13629] xfrm_netlink_rcv+0x79/0x90 [ 269.706449][T13629] netlink_unicast+0x751/0x8d0 [ 269.711204][T13629] netlink_sendmsg+0x8c1/0xbe0 [ 269.715952][T13629] ? netlink_getsockopt+0x580/0x580 [ 269.721133][T13629] ? aa_sock_msg_perm+0x94/0x150 [ 269.726051][T13629] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 269.731319][T13629] ? security_socket_sendmsg+0x80/0xa0 [ 269.736756][T13629] ? netlink_getsockopt+0x580/0x580 [ 269.741950][T13629] ____sys_sendmsg+0x5bf/0x950 [ 269.746750][T13629] ? __asan_memset+0x22/0x40 [ 269.751333][T13629] ? __sys_sendmsg_sock+0x30/0x30 [ 269.756345][T13629] ? __import_iovec+0x5f2/0x860 [ 269.761199][T13629] ? import_iovec+0x73/0xa0 [ 269.765717][T13629] ___sys_sendmsg+0x220/0x290 [ 269.770392][T13629] ? __sys_sendmsg+0x270/0x270 [ 269.775153][T13629] __se_sys_sendmsg+0x1a5/0x270 [ 269.779998][T13629] ? __x64_sys_sendmsg+0x80/0x80 [ 269.784938][T13629] ? lockdep_hardirqs_on+0x98/0x150 [ 269.790141][T13629] do_syscall_64+0x55/0xb0 [ 269.794591][T13629] ? clear_bhb_loop+0x40/0x90 [ 269.799278][T13629] ? clear_bhb_loop+0x40/0x90 [ 269.803935][T13629] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 269.809813][T13629] RIP: 0033:0x7f512b18ebe9 [ 269.814210][T13629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 269.833813][T13629] RSP: 002b:00007f51293f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 269.842255][T13629] RAX: ffffffffffffffda RBX: 00007f512b3b5fa0 RCX: 00007f512b18ebe9 [ 269.850241][T13629] RDX: 0000000000000000 RSI: 00002000000035c0 RDI: 0000000000000003 [ 269.858224][T13629] RBP: 00007f512b211e19 R08: 0000000000000000 R09: 0000000000000000 [ 269.866216][T13629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 269.874304][T13629] R13: 00007f512b3b6038 R14: 00007f512b3b5fa0 R15: 00007ffdb036ee28 [ 269.882275][T13629] [ 269.885500][T13629] Kernel Offset: disabled [ 269.889805][T13629] Rebooting in 86400 seconds..