last executing test programs: 2m46.817344333s ago: executing program 1 (id=7235): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ec}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20) 2m46.628447234s ago: executing program 1 (id=7237): r0 = socket$inet6(0xa, 0x2, 0x0) getsockopt$inet6_buf(r0, 0x29, 0x45, 0x0, &(0x7f0000000000)) 2m46.497969292s ago: executing program 1 (id=7240): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000003c0), &(0x7f0000000400)=0x8) 2m46.338109241s ago: executing program 1 (id=7243): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000003c0)={[{@barrier}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xf}}, {@noquota}, {@barrier}, {@auto_da_alloc}, {@nodioread_nolock}, {@minixdf}]}, 0x1, 0x59c, &(0x7f0000001840)="$eJzs3U9oHGUbAPBnZrNN/+T70g++Dz6lh6JChdJN0j9aPbVXsVDoQfCiYbMNJZtsySbahIDpvYg9iEov9aYHj4oHD+LFo1cvimeh2KDQ9KArm51N03S3bmI2W7O/H0z2fWdm93nfmX3e7AwzTAB962j9TxrxVERcTCKGNywbiGzh0cZ6qytLxfsrS8UkarVLvySRRMS9laVic/0kez0UEcsR8f+I+CYfcTxd/8h9zUJ1YXFqvFwuzWb1kbnpqyPVhcUTV6bHJ0uTpZlTL7505uzpM2MnxzY2935tYy2/tb7e+PHmuze+e+X2zU8/O7JcfH88iXMxlC3b2I+d1Ngm+Ti3af7pbgTroaTXDWBbclme11PpfzEcuSzrW6ltHBwGd6V5QBfVBiNq6zYUgT6QSHroU83fAfXj3+a0m78/7pxvHIDU466uLBXfiWb8gca5idi/dmxy8NfkoSOT+vHm4d1sKHvS8vWIGB0YePT7n2Tfv+0b3YkG0lVfn2/sqEf3f7o+/kSL8Weoee70b2qOf6vZ+LfaIn6uzfh3scMYv7/+00dt418fjKdbxk/W4yct4qcR8WaH8W+99uXZdstqH0cci9bxm5LHnx8euXylXBpt/G0Z46tjR15u3/+Ig23iN87Z7l9ryMb+78valHbY/y++/fyZ5cfEf/7Zx+//Vtv/QES812H8/9z75NV2y+5cT+7WfwVsdf8nkY/bHcZ/4dzRH7Kis4YAAAAAAAAAALCD0rVr2ZK0sF5O00KhcQ/vf+NgWq5U545frszPTDSueTsc+bR5pdVwo57U62PZ9bjN+slN9VO5LGDuwFq9UKyUJ3rcdwAAAAAAAAAAAAAAAAAAAHhSHNp0//9vubX7/zc/rhrYq9o/8hvY6+Q/9K+H8z/pWTuA3ef/P/StmvyH/iX/oX/Jf+hf8h/6l/yH/iX/oX/JfwAAAAAAAAAAAAAAAAAAAAAAAAAA6IqLFy7Up9r9laVivT4xsDA/VXnrxESpOlWYni8WipXZq4XJSmWyXCoUK9N/9XlJpXJ1NGbmr43MlapzI9WFxTemK/MzzWeKlvJd7xEAAAAAAAAAAAAAAAAAAAD88wytTUlaiMg36mlaKET8KyIOJ5FcvlIujUbEvyPi+1x+sF4f63WjAQAAAAAAAAAAAAAAAAAAYI+pLixOjZfLpdnuFQayUF0M0XlhYCsrR8Tyzjaj/olbflc+24A93nR7o5B7Mr6HT36hh4MSAAAAAAAAAAAAAAAAAAD0qQc3/Xb6jj+62yAAAAAAAAAAAAAAAAAAAADoS+nPSUTUp2PDzw1tXrovWc2tvUbE27cufXBtfG5udqw+/+76/LkPs/kne9F+oFPNPE0jop7HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAPVhcWp8XK5NLvNwmAH6/S6jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADb8WcAAAD//y4WzlE=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) 2m46.061664037s ago: executing program 1 (id=7246): r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) write$binfmt_aout(r0, &(0x7f0000000580)=ANY=[@ANYBLOB="0304"], 0x8) 2m44.473858959s ago: executing program 1 (id=7272): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009e173610ef171e7206de010203010902120001000000000904"], 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000005d00)={0x2c, &(0x7f0000000640)={0x0, 0x14, 0x4, "cd1b3172"}, 0x0, 0x0, 0x0, 0x0}) 2m44.103000041s ago: executing program 32 (id=7272): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009e173610ef171e7206de010203010902120001000000000904"], 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000005d00)={0x2c, &(0x7f0000000640)={0x0, 0x14, 0x4, "cd1b3172"}, 0x0, 0x0, 0x0, 0x0}) 2m28.067742788s ago: executing program 2 (id=7410): r0 = fanotify_init(0x1, 0x2) write$binfmt_aout(r0, &(0x7f00000011c0)=ANY=[@ANYBLOB='\x00\x00\x00\x001'], 0x20) 2m27.87017894s ago: executing program 2 (id=7412): syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x0, 0x0, &(0x7f0000002b80), 0x41000004, &(0x7f0000000040)) 2m27.618248174s ago: executing program 2 (id=7414): r0 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2) ioctl$FE_SET_PROPERTY(r0, 0x40106f52, &(0x7f0000000000)={0x2e, &(0x7f0000000140)=[{0x1e, '\x00', @buffer={"f587bd5ad5df34e51501eaeaf1f7a1416c68c33ca58c3362f1bb3a7b8959ed24", 0x20}, 0xfff9}]}) 2m27.312716802s ago: executing program 2 (id=7418): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x10000, 0x0) ioctl$VIDIOC_QUERYSTD(r0, 0x8008563f, 0x0) 2m27.071285986s ago: executing program 2 (id=7423): syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000001180)=ANY=[], 0x1, 0x17c, &(0x7f0000000380)="$eJzskr9OAkEQxr+9O/5oFDWxooGC+KdQjkONnZbY29lI4ETiocKRKITijDEUFsbSJ+A1THwBLYwPQE1BrM2ZvZ3bLL6C+yvu2/l2ZnZ2c+d+208B+JkOajhEhIkMPhiDBSDHhDcxhD6TfpI+CcE75R2Rf0+a9Xv9JAC+nceKMC6qnud28gC+I09a/sGdgUnU6ms6qPHFKYAwDEPu1QGejgUlxwTQVnKyFrAaXSKUORYNsA6g2G1dF/1ef6vZqjbchnvpmOU9e8e2d53iWdNzbfFlyhF0FXDdBJBKQ8L3EwAeKJ7HLEwZjfbZHE5kbTJ+www9IExZayi1sTK8yrlSSsUx1sDHugmWFLcQdbEQXakCBpOCkqXMJ85KRxvbtSuvPgQDi8tGsGSP0hgJGThqUN4PsChaDallgbRCOiIdk+b+/DJWwL+PFG0EQBK31W63U+KPJFYsXjnSc5YD9cH4qS/G7OXeDGg0Go1Go9FoNBrNf+c3AAD//8PfdhM=") execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0) 2m26.086114853s ago: executing program 2 (id=7437): r0 = socket(0x40000000015, 0x5, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @mcast2={0xff, 0x5}, 0x33}, 0x1c) 2m10.999243835s ago: executing program 33 (id=7437): r0 = socket(0x40000000015, 0x5, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @mcast2={0xff, 0x5}, 0x33}, 0x1c) 2.836045846s ago: executing program 4 (id=9256): capset(&(0x7f00000000c0)={0x19980330}, &(0x7f00000001c0)={0x0, 0x80000000, 0x1, 0x0, 0x0, 0x1}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee6, 0x6170, 0xffffffffffffffff, 0xf565d000) 2.554125172s ago: executing program 4 (id=9261): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000780)=@security={'security\x00', 0xe, 0x4, 0x478, 0xffffffff, 0xf0, 0x2c0, 0x2c0, 0xffffffff, 0xffffffff, 0x3d8, 0x3d8, 0x3d8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@private2={0xfc, 0x2, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0x0, 0xff000000, 0xffffff00, 0xffffffff], [0x0, 0x0, 0xff000000, 0xffffff00], 'veth0\x00', 'syz_tun\x00', {}, {}, 0x2b, 0x3b, 0x2, 0x8}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@empty, 'ip6tnl0\x00', {0x3}}}}, {{@ipv6={@remote, @mcast1, [0xffffff00, 0xff000000, 0x0, 0xff], [0xffffffff, 0xff000000, 0x0, 0xffffffff], 'geneve1\x00', 'gre0\x00', {}, {}, 0x8, 0xa, 0x3, 0x4d}, 0x0, 0xa8, 0x1d0}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x6, 'system_u:object_r:sshd_key_t:s0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00', @loopback, [0x0, 0x0, 0xffffff00], [0xffffffff, 0xff00007f, 0xff, 0xff000000], 'veth1_to_batadv\x00', 'bond_slave_0\x00', {}, {}, 0x3b, 0x5, 0x2, 0x81}, 0x0, 0xa8, 0xe8}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x5, 0x24, "71c898e3867ff05941ab67a4c0e4a42170ada2918d01489c9f7459012975"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4d8) 2.446834649s ago: executing program 4 (id=9263): r0 = memfd_create(&(0x7f0000000480)='\xd1\xbd\x01\x9b\xd4\n\xa6\xb7\xa9kE\x10Bx\xd0\x05\xe9\xd57\xc9\xc3\tC8\xa0F\x91\x9e\x98\x17\xa9\xb7\xc5\xac\xafv\xff\x81/\x00\x98\x89\xeb\xb1Ot\xc5h\xc4f\xdf\x832\xc3\x9bW\x89<7\xf9\xfc\xf8\x89\x1e\xe5\xf6.\xa0\xfc\xc7\xf3\x01,\x17\xd4\xec3\x17\xe8x\xca?H\x813\xc0o57d\x82 \x89K\x14Dr\xe4\xc0K2\xd7\x12bu\x9ao\xf8H\xa6\xbf\xea\x11T\xcf*\x10\x9d', 0x4) fstatfs(r0, &(0x7f00000003c0)=""/146) 2.315106306s ago: executing program 4 (id=9267): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_QBUF(r0, 0xc058565d, &(0x7f0000000200)=@multiplanar_mmap={0x4, 0x8, 0x4, 0x1, 0x70, {0x77359400}, {0x5, 0x0, 0x1, 0x2, 0x37, 0x7, "c2f39dc8"}, 0x7, 0x1, {0x0}, 0xffff}) 2.106868708s ago: executing program 4 (id=9269): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e7cc6120c4108a81ad7d0102030109021b00010000c00509042300010300000009058503"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000dc0)={0x44, &(0x7f0000000bc0)={0x0, 0x15, 0x3, "c39242"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.455877116s ago: executing program 0 (id=9278): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000002240)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000f0ffffff7a0af0ff0020000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26ffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c1f860d050d694cc7806d294d3665016a7b29da0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d40887c58559b7dcb98a6273b8c651e57f727041c62cea5b7bd24d9f679e4fbe948dfb4cc4a389469608241630459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b83720eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb89872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebed161980f2fde4f9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc3600040543a34b195c6a8fc054282cd41b264906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e4bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af41000000000000007f5ab0d534b8d63e4ca3be71f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733097f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99e85b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5359dbdfbf31a562395020becaf3fd1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4b28288e78980c1184d8223edbc4bf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b5524642c248aa813edaa626f0000000000000000000000000000000003ba5bac34b611569a451564d3a5400f9097ffe7a37e765bc652be71ee24250d6d9cf19878dd62c53062d6000c409de6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89ad07963acbd4dd4dc5b4552591edde7a22ad06f7567e6fec2f65011b579bf609d61a3ff4d6f490824bb035995449fc34106ae6889f036d67b6aaee784f855ebc746ac871b5d2031ac0a252ac1f86e93e245f3793cea80b6de773899d49d11d3b1ed79163b111c976cf840a2ef6214a43338fba8c9edb6be26e68fcc5d47ed74a66ce8aba726ab955b9b32ab1890e84a5e2d7476252af25e5c95c5a8b2b1b5c8a2645b017d23c0f169d6ab529cc889bb07889d9e155114cf3e26a50c527ec6d4021cd2cacfea6d7e41e39e26b3967cad65c648b170f12ea9cc69dcee64be0c27b1f4f7f5ce3e62c35602c9d2921326891901661c85b9ee4a0a0b9636bef4c23788494f094abb91ed813b42828aa93105896e0aee851a8087e169a1d69e841257d9053d0cdc3a6ac4f12084cc6470abebe8b344b1f56690a2687b428686c854c21831da277e8b8a21b7b91a46d22ba083eca7b1f8268048cde7d6f237dca42035881b29ca9c8c2937971821b613894297ff6f7796053a4de1fd77e180cc22b205d43bb4a1b59962c1f605ea1b74587100e8d579f157cb45561c357f9976cec6a43388b3049a0d9c171ff6145266ba119d00000000001ef3794a930eb12f3a6215c510bf0bca70c127e9c70cc7bef921249a7f18a0034ce3264a9e96656b47233e2ed7c76520e649c3fd550bdafd77c5cd72b4446d3e157ddd97e7622a6891fb739acd3b2cdaf65ac78490f0641be6e8c6f55bf3d228786895ff5fd5970faacd8a5025aca0aa1931f477ba06aa60051298c8bf7f3b399194f98dc3f4e8513ad06da09dc393c1284515986b8c70ac69512f6c0c04f42edb3a097a11f2ab480e3e391abffae097752300576337c6dd24c4a98280684aa1fe8c7b43ee8bce05fe979b34da18cdb44dbb030b8009cd3b3b44fd8e7b534acd3f1839cb54817668ab446d3d47848429ea831a57f26c8b05dedddceb24483f8f998b05c3ddf85c3799c9000000000000000000000000001e57cf839eb3150d6a076fb7b86fae98dbb46014f483aecb4ec4f0877371bcae8912c78aff857c669760f0e55041563c5c3e8ee4a0eef885fd43fe34a1febc82370d1d07fdfe705ada4764320889000000000000000000000000000000a790af4fc17872b55b10db99e212d18193235659df45627da300959eafc8bfb44f70d250f8f2e86532700254c9a8b14999f59c8b9034c4bb2448eaeff5db21d4a7f3d974790d4c3cba7c402f50585b9289d86400679e5c2bcacb2841ca074d51fdb4a29e84d72b6c996cfbee06aa52cd632e82ba068e8e1572ef2eb414ba5fccfc3c03e64df6a9cc3936c604aa2c0e2ec7b777475023f29b146af003472ce146a5ff997ba53c51026c0096154f9280a34bbf21d66f57a250b5397766122fc86950ce5252e96868cd04df54764cf2082153d6cedd8aaf9700c734aa4a1cb33a2e0a13c5687be4de327511bff9816d13c3219dac1c1535f10243db6f96960ea6a621f5e1b7babbedf0a6bf0cf74123d2e78d01be2b048883a2459eec630fb0293d28d9799fd3a792caff693fd9f002f14c43fb5a1051cc686b7f114d7927eed559bdf2e8ddea3e61d5d942b63fe90230b2e1948fc563ef94d437281671d2fe5032d2a091fa842b0af2e116ba"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x2f00020b, 0xf, 0x0, &(0x7f0000000280)="b90000580300"/15, 0x0, 0x7515, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.075964698s ago: executing program 0 (id=9280): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$sock_ifreq(r0, 0x891d, 0x0) 902.799408ms ago: executing program 5 (id=9282): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000008c0)={0x10000}) 880.264699ms ago: executing program 0 (id=9283): r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480), 0x2001, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) 694.29537ms ago: executing program 0 (id=9285): r0 = socket(0x10, 0x803, 0x0) setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f0000000040)=0x3, 0x4) 693.46762ms ago: executing program 5 (id=9286): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x4e23, @rand_addr=0x64010101}, {0x2, 0x4e23, @multicast1}, 0x6, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x7, 0x4}) 647.855922ms ago: executing program 3 (id=9287): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000001c0)={0x1, &(0x7f0000000000)=[{0x6, 0x3, 0x1, 0x7fff0001}]}) flistxattr(r0, 0x0, 0x0) 528.364809ms ago: executing program 3 (id=9288): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000000)={'ip6tnl0\x00', {0x2, 0x4e24, @empty}}) 459.642253ms ago: executing program 0 (id=9289): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000040000000000000000000000850000002c000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f00000001c0)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002300)={r0, 0x18000000000002a0, 0x12, 0x0, &(0x7f00000002c0)="b900e6c1af3ee7df01ffe000000000000000", 0x0, 0xe40, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 459.026703ms ago: executing program 5 (id=9290): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SWAP(r0, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000001880)={&(0x7f0000001840)={0x1c, 0x6, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40) 359.862009ms ago: executing program 3 (id=9291): r0 = syz_open_dev$vim2m(&(0x7f0000000240), 0x8000, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000300)={0xa, @raw_data="1f4fb1af9eeeacbe25d4f44d5304c5f7803bad8262c8baab9b8556cab12c0c53aa8dda46cba79cca9e6962e57b468a58140cf9e37b53a323716f00164aece5c779276e16b94655d06781ab034eeeb6da6c861eebb0608e61c262ece57294766cded98679e8e97920eda356bef938f6a73db9e88a30816e31f31a8269df12681d9f7a3d98b7ffb32478a9973892ce4ea8c67a84b9b357b26f4de78d737f2a7da17bbbff996b07d5c213041d6bb7797c3b0e07bd28da6940ff32466e260f08c047a60ec57885e67661"}) 277.580644ms ago: executing program 0 (id=9292): syz_emit_ethernet(0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000080046000028000000000011"], 0x0) syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0) 276.654154ms ago: executing program 5 (id=9293): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x6, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405668, &(0x7f0000000180)={0x3517, 0x1, 0x1, "0000087aba10fd00000000008000"}) 201.375979ms ago: executing program 3 (id=9294): r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, 0x0, &(0x7f0000000100)) 146.614601ms ago: executing program 5 (id=9295): r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) pwrite64(r0, 0x0, 0x0, 0x4) 70.288706ms ago: executing program 3 (id=9296): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003700)=ANY=[@ANYBLOB="2000000076000d0b20cf6e52c200000000f6b1000000000008000a"], 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x0) 23.788979ms ago: executing program 4 (id=9297): setreuid(0x0, 0xee00) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000003702000020febfff7a0af0fff8ff00f869a4f0ff00000000b70600001218d1fe2d640500000000002404000000ffffffd404000040000000b7040000100000206a07f0ff000000008500000044000000b70000000a00000095000000000000006458c2c62fca868f0399d909a63396c113943219aab9d607000000cb3924b611f5969f62c28b22edf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa8a23f1740637c48468766af54043000000ec44631ac2622cdcae18c3d14bfbe96dd87235b44174f7c034318508f49f09781dc7a2cfbb9a0f119e31975f551557f05dc2dc2739e2e735d0ab961dac07f4f6d8aa1c3f16765d427c0e01000000fe4c16737d50d2a4bfc463450d524eacf2b734b0289c7a3a16eeca71296746681d61af491e4fa734318e0d72b8dbbc2b2b869af2f87903000000b6ecc7de09a2257e908cd92e664fa7aba7f07474863333c460e34caf0806a7e2575a56fba3eadd8efbd5dae6c024585d972b1bf8c4e872bba38160be9e92b6ddb90fc51b894917b50876b5708e64e70f7d8225da90ce9bc019084873ed07c0c59c4ba053fe77e0d37ccc3318da2e9fefaf025527e734ed1de5d12b4c56ca3b03dc121086061d1f26821a428d28eefa22ead6a3dab9388da53263b81ebe6be197a48a63440000a356240c4e2df57457000100000000000000000000008d2516510b29804b3cc034c19cef0d773f01064709edd63a185cbab8456c25283b9514b220fe401503ff536478088eb9fd932a0703a7bf9ea40429b2d49177824f210a69f8e5227fd32e7d5a2c7ecf57ac64509224090000000000000096e5a55d2c805bf725b9d14756c8cfa292aae0872866cf9fe063317741a0db9081d4393a7f9bcc0917d60a11b4a9ece831660ce625de441cef915eba31255d163f7033045ceb97f8ea006efc5b84f75ca1fb74c9faef444eb12f46b435de87feb2f7f2d7fb659395e4b38178b5c67e6ac100000000000000001b2e77bd5de136fa1bec1a26c622bb9662d9ee70147acc5605aa2318855cb8b918000000c5f265dcb5dce05f94ea051c4e8dcdf37d01ad7aff64f84ce32b841c799f47c2949725285fc50f1dd3f5e264023082eec752704c1f598151aa7d29e0d79522df196278acf327a74777d1f658f50c27020198770ff8ebef9df1b750d56d4d195ad7a267c46b3348b0e03ed33b5bca13cafc304dc6da78d20f029742d8d2f36acfdd331081ca00c1d5c8b7bed2ef603d6e7f1764246aab2d7d531559a971939a038055ac28625ec837f824ff537cd67993a3589be73a18680da50287b9e962b1a0235c290346a21ca5de55c49c78e411c791617000ef8df75411a5d300000000000000e0ffffff004deb8d49806823655735bd6deb49edb2e42f4ed9e6e9080366660b847bf03c144f6796920726dcf29e9a6c808459e82cbb0000000000000000000000000000000000006b5530865aaa7aa6171f66f2bca881a4201588427bb65ed3d5e7a74e9b5ece44067d4a9875a310bc7ec42b844b9eb3c9083560ef5c92b8a01188d615efbf70893d2eaf76517e990021fa5020a71023bca1194ad87cade480ba3dce8f57294e31ca24a8d181210bb6d18ff2c58293c2e314a7447ed3a1c870908aa8e3b33e6a94c7381bce9fa71dcbb758451f247e38d80d66e03d7564a5cddfaf06574b05cefb2670f30c2d501ee625ce3ffc08f15b53d28ce552c1807bc6866f06098a0e5517068aa48f2a82496fe83ee85218fe7f52b48742c7055f2a144c13e9c54be60b0a4f979ef7eb216897875946dc6ca1571930b1cf7c93de103f5289f782ae538e02612c717a76c787a873936eb8dcf1bfe581cc8ef965a0424bc140939e3274e251e519d188f6af680402c49458065dccfcb4f0d4f2ec9cf6fb3cf0a1807e34fb8d0108007734c1d2bc6a9d32d2560a88bad976b6000100002b712e632eeca810fb73fc8aaef94acf8bde18b9149cadc688254eabbe91f943592ccf68e717bcc6852828bd621e3a9dcb1cc6f1a6d1915200d95087838c2dc0a002c3aa554f725b965714144652cdc14761b0236f1a05b7f50f4149057e63d713103b5a6c2919161efc165a2e6981d76d29c95ad9f180135fb8962f59495fd33be3a6d35274941790bc1bd9da5e9c67c39de2c9f6fe35b8f528edbd8ea2a77dccdc3fe247feb121d9440a3ea9012a9d23a7e3110b0f25c5f8bf803d688de4d92b5dfdbd69fb8b426b55c10ba01b5f18b10cce8de3369300000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffff8d}, 0x48) 7.917659ms ago: executing program 5 (id=9298): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@newlink={0x54, 0x10, 0x1, 0x170bd27, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2100}, [@IFLA_GROUP={0x8}, @IFLA_AF_SPEC={0x2c, 0x1a, 0x0, 0x1, [@AF_INET={0x20, 0x2, 0x0, 0x1, {0x1c, 0x1, 0x0, 0x1, [{0x8, 0x1a, 0x0, 0x0, 0x4}, {0x8, 0xd, 0x0, 0x0, 0x101}, {0x18, 0x6, 0x0, 0x0, 0x1}]}}, @AF_INET={0x8, 0x2, 0x0, 0x1, {0x4}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 0s ago: executing program 3 (id=9299): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000480)={'ip6gre0\x00', 0x0}) kernel console output (not intermixed with test programs): mode [ 737.258719][T23226] veth1_macvtap: entered promiscuous mode [ 737.358802][T23226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 737.390732][T23226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 737.394807][T23397] loop4: detected capacity change from 0 to 40427 [ 737.436275][T23226] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 737.469829][T23397] F2FS-fs (loop4): invalid crc value [ 737.508285][T23439] loop3: detected capacity change from 0 to 64 [ 737.521821][T23397] F2FS-fs (loop4): Mismatch valid blocks 2 vs. 3 [ 737.531273][T23226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 737.566428][T23226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 737.595469][T23397] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-117) [ 737.612101][T23439] Trying to free block not in datazone [ 737.631489][T23226] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 737.656273][T23439] Trying to free block not in datazone [ 737.684400][T23439] Trying to free block not in datazone [ 737.697366][T23226] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 737.726604][T23439] Trying to free block not in datazone [ 737.742059][T23226] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 737.766481][T23439] minix_free_block (loop3:6): bit already cleared [ 737.781893][T23226] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 737.797925][T23439] Trying to free block not in datazone [ 737.806170][T23226] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 737.820062][T23439] Trying to free block not in datazone [ 738.138215][ T4803] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 738.195796][ T4803] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 738.269896][T23456] netlink: 'syz.0.7704': attribute type 1 has an invalid length. [ 738.305950][ T1133] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 738.314504][T20189] Bluetooth: hci4: command tx timeout [ 738.343879][ T1133] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 738.656943][T23467] kAFS: unparsable volume name [ 739.201318][T23491] ieee802154 phy1 wpan1: encryption failed: -22 [ 739.428938][T23498] loop5: detected capacity change from 0 to 256 [ 739.457855][T23498] exfat: Deprecated parameter 'namecase' [ 739.519936][T23498] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 740.088928][T23518] loop4: detected capacity change from 0 to 2048 [ 740.163830][T23524] loop5: detected capacity change from 0 to 256 [ 740.165610][T23518] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 740.178382][T23524] exfat: Deprecated parameter 'utf8' [ 740.188246][T23524] exfat: Deprecated parameter 'namecase' [ 740.262649][T23524] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xda15a085, utbl_chksum : 0xe619d30d) [ 740.275786][T22248] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 740.336514][T23527] netlink: 'syz.0.7737': attribute type 8 has an invalid length. [ 741.150819][ T27] audit: type=1326 audit(2000000206.610:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23554 comm="syz.3.7743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 741.172775][T23557] loop4: detected capacity change from 0 to 64 [ 741.216300][ T27] audit: type=1326 audit(2000000206.610:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23554 comm="syz.3.7743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 741.264613][T10059] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 741.283919][ T27] audit: type=1326 audit(2000000206.650:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23554 comm="syz.3.7743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 741.354155][ T27] audit: type=1326 audit(2000000206.650:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23554 comm="syz.3.7743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 741.406500][ T27] audit: type=1326 audit(2000000206.650:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23554 comm="syz.3.7743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 741.478705][T10059] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 741.526448][T10059] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 741.553681][T10059] usb 6-1: config 0 descriptor?? [ 741.777659][T10059] [drm] vendor descriptor length:6 data:06 5f 00 00 00 00 00 00 00 00 00 [ 741.786167][T10059] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 742.003837][T10059] [drm:udl_init] *ERROR* Selecting channel failed [ 742.027886][T23570] loop3: detected capacity change from 0 to 4096 [ 742.056587][T23570] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 742.079255][T10059] [drm] Initialized udl 0.0.1 20120220 for 6-1:0.0 on minor 2 [ 742.094957][T10059] [drm] Initialized udl on minor 2 [ 742.122511][T10059] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 742.146709][T20189] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 742.146816][T20189] Bluetooth: hci1: Malformed LE Event: 0x0d [ 742.147529][T10059] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 742.231150][ T1189] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 742.252737][T10059] usb 6-1: USB disconnect, device number 2 [ 742.265402][ T1189] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 742.444259][T23577] loop0: detected capacity change from 0 to 16 [ 742.468970][T23577] erofs: (device loop0): mounted with root inode @ nid 36. [ 742.490429][T23577] syz.0.7752: attempt to access beyond end of device [ 742.490429][T23577] loop0: rw=0, sector=1936876908, nr_sectors = 1 limit=16 [ 742.515533][T23577] syz.0.7752: attempt to access beyond end of device [ 742.515533][T23577] loop0: rw=0, sector=3955228672, nr_sectors = 1 limit=16 [ 742.642774][ T27] audit: type=1326 audit(2000000208.100:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23579 comm="syz.0.7754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 742.742234][T23582] netlink: 'syz.3.7755': attribute type 9 has an invalid length. [ 742.747240][ T27] audit: type=1326 audit(2000000208.120:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23579 comm="syz.0.7754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 742.782273][T23582] netlink: 911 bytes leftover after parsing attributes in process `syz.3.7755'. [ 742.826764][ T27] audit: type=1326 audit(2000000208.150:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23579 comm="syz.0.7754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 742.876460][T23584] xt_l2tp: missing protocol rule (udp|l2tpip) [ 742.882844][ T27] audit: type=1326 audit(2000000208.150:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23579 comm="syz.0.7754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 742.966631][ T27] audit: type=1326 audit(2000000208.150:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23579 comm="syz.0.7754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 743.150102][T23595] netlink: 'syz.3.7759': attribute type 5 has an invalid length. [ 743.556591][T23612] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7769'. [ 743.891775][T23620] loop4: detected capacity change from 0 to 1024 [ 743.964532][T23620] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 744.069843][T23620] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 623: comm syz.4.7774: Attempting to read directory block (623) that is past i_size (638464) [ 744.105285][T23620] EXT4-fs (loop4): Remounting filesystem read-only [ 744.138022][T23624] loop3: detected capacity change from 0 to 4096 [ 744.189007][T22248] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 744.199776][T23624] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 744.413756][T23609] loop0: detected capacity change from 0 to 32768 [ 744.459850][T23609] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.7768 (23609) [ 744.525140][T23609] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 744.565668][T23609] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 744.588242][T23609] BTRFS info (device loop0): using free space tree [ 744.814885][T23609] BTRFS info (device loop0): enabling ssd optimizations [ 744.835586][T23609] BTRFS info (device loop0): auto enabling async discard [ 745.146897][ T5767] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 745.482084][T23673] bond2: entered promiscuous mode [ 745.489442][T23673] 8021q: adding VLAN 0 to HW filter on device bond2 [ 745.973350][T23687] loop4: detected capacity change from 0 to 4096 [ 746.098030][T23695] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 746.109828][T23687] NILFS error (device loop4): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 746.173508][T23687] Remounting filesystem read-only [ 746.278812][T23687] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=2) [ 746.306705][T23687] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=2) [ 746.661496][T23705] loop4: detected capacity change from 0 to 512 [ 746.840639][T23705] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 746.873374][T23705] ext4 filesystem being mounted at /109/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 746.966669][T23705] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #15: comm syz.4.7806: corrupted xattr block 33: invalid ea_ino [ 747.013365][T23694] loop0: detected capacity change from 0 to 32768 [ 747.029731][T23705] fscrypt (loop4, inode 15): Error -117 getting encryption context [ 747.053003][T23720] loop3: detected capacity change from 0 to 1024 [ 747.100821][T23720] hfsplus: failed to load extents file [ 747.132035][T23694] JBD2: Ignoring recovery information on journal [ 747.225557][T22248] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 747.273501][T23694] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 747.473775][T23694] (syz.0.7801,23694,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=16, inode=7755761508285415489, rec_len=30044, name_len=0 [ 747.523928][T23694] (syz.0.7801,23694,0):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2 [ 747.536560][T23726] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.545297][ T27] audit: type=1326 audit(2000000213.000:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23727 comm="syz.3.7815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 747.566971][T23694] (syz.0.7801,23694,0):ocfs2_mknod:298 ERROR: status = -2 [ 747.587544][T23694] (syz.0.7801,23694,0):ocfs2_mknod:502 ERROR: status = -2 [ 747.606567][T23694] (syz.0.7801,23694,0):ocfs2_create:676 ERROR: status = -2 [ 747.628834][ T27] audit: type=1326 audit(2000000213.030:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23727 comm="syz.3.7815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 747.703220][ T27] audit: type=1326 audit(2000000213.060:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23727 comm="syz.3.7815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 747.739300][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.748823][ T27] audit: type=1326 audit(2000000213.060:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23727 comm="syz.3.7815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 747.865612][T23716] loop5: detected capacity change from 0 to 32768 [ 747.906179][ T5767] ocfs2: Unmounting device (7,0) on (node local) [ 747.939618][T23716] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 748.245728][T23716] XFS (loop5): Ending clean mount [ 748.275343][T23716] XFS (loop5): Quotacheck needed: Please wait. [ 748.336485][T23716] XFS (loop5): Quotacheck: Done. [ 748.673654][T23226] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 748.972061][T23759] libceph: resolve '0.' (ret=-3): failed [ 749.108715][T23761] loop0: detected capacity change from 0 to 256 [ 749.230762][T23763] xt_nfacct: accounting object `syz1' does not exist [ 749.250684][T23766] netlink: 'syz.3.7830': attribute type 2 has an invalid length. [ 749.334746][T23767] netlink: 'syz.5.7824': attribute type 1 has an invalid length. [ 749.579412][T23778] loop5: detected capacity change from 0 to 256 [ 749.637805][T23778] exfat: Deprecated parameter 'namecase' [ 749.690518][T23778] exfat: Deprecated parameter 'namecase' [ 749.763323][T23778] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 749.946214][ T27] audit: type=1400 audit(2000000215.400:334): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=23790 comm="syz.0.7841" [ 750.214199][T23799] ax25_connect(): syz.4.7845 uses autobind, please contact jreuter@yaina.de [ 750.290452][T23803] binder: 23802:23803 ioctl c00c6211 ffffffffffffffff returned -14 [ 750.407537][T10060] usb 1-1: new high-speed USB device number 43 using dummy_hcd [ 750.641146][T10060] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 750.651047][T10060] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 750.662395][T23815] netlink: 'syz.4.7854': attribute type 15 has an invalid length. [ 750.681647][T10060] usb 1-1: config 0 descriptor?? [ 750.694413][T23809] loop3: detected capacity change from 0 to 4096 [ 750.903272][T23809] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 750.931063][T10060] [drm] vendor descriptor length:6 data:06 5f 00 00 00 00 00 00 00 00 00 [ 750.949900][T10060] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 751.058908][T23823] trusted_key: encrypted_key: master key parameter is missing [ 751.074821][T23809] ntfs3: loop3: ino=9, ntfs_sync_fs failed, -22. [ 751.141701][T10060] [drm:udl_init] *ERROR* Selecting channel failed [ 751.229048][T10060] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 751.236739][ T5769] ntfs3: loop3: ino=9, ntfs_sync_fs failed, -22. [ 751.268179][T10060] [drm] Initialized udl on minor 2 [ 751.288368][T10060] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 751.313068][T10060] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 751.326838][T23829] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7860'. [ 751.344310][ T1189] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 751.363134][ T1189] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 751.373336][T23829] netlink: 140 bytes leftover after parsing attributes in process `syz.4.7860'. [ 751.383083][T10060] usb 1-1: USB disconnect, device number 43 [ 751.456962][T23831] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7861'. [ 751.547107][T23835] netlink: 14 bytes leftover after parsing attributes in process `syz.4.7863'. [ 751.705329][T23840] loop5: detected capacity change from 0 to 1024 [ 751.816145][T23840] hfsplus: bad catalog entry type [ 751.973339][ T32] hfsplus: b-tree write err: -5, ino 4 [ 752.307368][T23859] vim2m vim2m.0: Fourcc format (0x47425247) invalid. [ 752.426710][T10060] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 752.646532][T10060] usb 5-1: Using ep0 maxpacket: 16 [ 752.679877][T10060] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 752.691227][T10060] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 752.716484][T10060] usb 5-1: Product: syz [ 752.720717][T10060] usb 5-1: Manufacturer: syz [ 752.745675][T10060] usb 5-1: SerialNumber: syz [ 752.767438][T10060] r8152-cfgselector 5-1: config 0 descriptor?? [ 752.883543][T23873] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7882'. [ 752.941628][T23855] loop3: detected capacity change from 0 to 32768 [ 753.084942][T23855] ERROR: (device loop3): dbAllocNext: Corrupt dmap page [ 753.084942][T23855] [ 753.214797][T10060] r8152-cfgselector 5-1: Unknown version 0x0000 [ 753.236749][T10060] r8152-cfgselector 5-1: USB disconnect, device number 4 [ 753.256897][T23879] syz.5.7885 uses old SIOCAX25GETINFO [ 753.345786][T23883] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 754.182072][T10060] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 754.220364][T23915] loop5: detected capacity change from 0 to 64 [ 754.403854][T10060] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 754.447110][T23917] loop0: detected capacity change from 0 to 4096 [ 754.456454][T10060] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 31, changing to 7 [ 754.476468][T23917] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 754.500177][T10060] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 754.549411][T10060] usb 5-1: language id specifier not provided by device, defaulting to English [ 754.616027][T10060] usb 5-1: New USB device found, idVendor=2013, idProduct=0251, bcdDevice=e8.6e [ 754.641120][T10060] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 754.649592][T23917] ntfs3: loop0: failed to convert "c46c" to cp869 [ 754.666806][T10060] usb 5-1: Manufacturer: ‰ [ 754.676626][T10060] usb 5-1: SerialNumber: syz [ 754.706296][T10060] usb 5-1: config 0 descriptor?? [ 754.728274][T10060] em28xx 5-1:0.0: New device ‰ @ 480 Mbps (2013:0251, interface 0, class 0) [ 754.748134][T23923] loop3: detected capacity change from 0 to 4096 [ 754.755629][T10060] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class) [ 754.779691][T23923] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 754.780630][T23925] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7908'. [ 754.947963][T23923] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 755.037240][T10060] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 755.046560][T10060] em28xx 5-1:0.0: Config register raw data: 0xfffffffb [ 755.069494][T10060] em28xx 5-1:0.0: AC97 chip type couldn't be determined [ 755.083645][T23931] loop5: detected capacity change from 0 to 256 [ 755.093376][T10060] em28xx 5-1:0.0: No AC97 audio processor [ 755.146615][T10060] usb 5-1: USB disconnect, device number 5 [ 755.153454][T10060] em28xx 5-1:0.0: Disconnecting em28xx [ 755.217177][T10060] em28xx 5-1:0.0: Freeing device [ 755.597020][T23943] loop5: detected capacity change from 0 to 512 [ 755.652332][T23943] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 755.685545][T23943] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000. [ 755.872774][T23226] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 756.611067][T23984] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 756.862338][T23995] netlink: 'syz.0.7940': attribute type 21 has an invalid length. [ 757.083743][T24003] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7943'. [ 757.093041][T24003] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7943'. [ 757.106589][ T1189] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 757.331663][ T1189] usb 5-1: Using ep0 maxpacket: 8 [ 757.342965][ T1189] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 757.365097][ T1189] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 757.387530][ T1189] usb 5-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52 [ 757.406475][ T1189] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 757.424411][ T1189] usb 5-1: Product: syz [ 757.428759][ T1189] usb 5-1: Manufacturer: syz [ 757.433425][ T1189] usb 5-1: SerialNumber: syz [ 757.465644][ T1189] usb 5-1: config 0 descriptor?? [ 757.516818][T24017] netlink: 68 bytes leftover after parsing attributes in process `syz.3.7950'. [ 757.931220][ T1189] usb 5-1: USB disconnect, device number 6 [ 757.965516][T24030] netlink: 292 bytes leftover after parsing attributes in process `syz.0.7958'. [ 758.188311][T24040] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7962'. [ 758.198600][T24040] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7962'. [ 758.214623][T24040] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7962'. [ 758.548639][T24054] IPVS: set_ctl: invalid protocol: 233 172.30.1.5:20001 [ 758.706500][T10060] usb 1-1: new high-speed USB device number 44 using dummy_hcd [ 758.845721][T24056] loop4: detected capacity change from 0 to 32768 [ 758.852429][T10059] usb 4-1: new full-speed USB device number 54 using dummy_hcd [ 758.885276][T24056] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 758.906688][T10060] usb 1-1: Using ep0 maxpacket: 8 [ 758.919214][T10060] usb 1-1: config 0 has an invalid interface number: 52 but max is 0 [ 758.929199][T24056] (syz.4.7970,24056,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len % 4 != 0 - offset=0, inode=0, rec_len=49, name_len=1 [ 758.944149][T10060] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 758.954989][T24056] (syz.4.7970,24056,0):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2 [ 758.963815][T10060] usb 1-1: config 0 has no interface number 0 [ 758.970181][T10060] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 758.979414][T24056] (syz.4.7970,24056,1):ocfs2_symlink:1867 ERROR: status = -2 [ 758.981876][T10060] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 759.002092][T10060] usb 1-1: config 0 interface 52 has no altsetting 0 [ 759.009545][T24056] (syz.4.7970,24056,0):ocfs2_symlink:2068 ERROR: status = -2 [ 759.018267][T10060] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 759.027517][T10060] usb 1-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0 [ 759.035774][T10060] usb 1-1: Manufacturer: syz [ 759.056033][T10060] usb 1-1: config 0 descriptor?? [ 759.063045][T10059] usb 4-1: config 8 has an invalid interface number: 223 but max is 0 [ 759.073041][T10060] hub 1-1:0.52: bad descriptor, ignoring hub [ 759.086382][T10059] usb 4-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config [ 759.107600][T10060] hub: probe of 1-1:0.52 failed with error -5 [ 759.117685][T10059] usb 4-1: config 8 has no interface number 0 [ 759.123878][T10059] usb 4-1: config 8 interface 223 altsetting 0 endpoint 0x7 has invalid maxpacket 512, setting to 64 [ 759.184051][T10059] usb 4-1: config 8 interface 223 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 759.218907][T10059] usb 4-1: New USB device found, idVendor=a6eb, idProduct=7458, bcdDevice=2d.4d [ 759.235788][T22248] ocfs2: Unmounting device (7,4) on (node local) [ 759.238982][T10059] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 759.288188][T10059] usb 4-1: Product: syz [ 759.314092][T10060] input: syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.52/input/input47 [ 759.326229][T10059] usb 4-1: Manufacturer: syz [ 759.336546][T10059] usb 4-1: SerialNumber: syz [ 759.638504][T10059] usb 4-1: USB disconnect, device number 54 [ 759.748925][T24068] loop4: detected capacity change from 0 to 1764 [ 759.787022][T10060] usb 1-1: USB disconnect, device number 44 [ 759.812687][T24070] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7976'. [ 759.834579][T24070] netlink: 19 bytes leftover after parsing attributes in process `syz.5.7976'. [ 760.340878][T24084] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7983'. [ 760.756695][T24074] loop5: detected capacity change from 0 to 32768 [ 761.135917][T24110] loop4: detected capacity change from 0 to 512 [ 761.267567][ T2131] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 761.297954][T24110] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 761.360236][T24110] ext4 filesystem being mounted at /154/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 761.459820][ T2131] usb 6-1: Using ep0 maxpacket: 32 [ 761.481377][ T2131] usb 6-1: config 0 has an invalid interface number: 85 but max is 0 [ 761.499349][ T2131] usb 6-1: config 0 has no interface number 0 [ 761.516576][T24110] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0 [ 761.539332][ T2131] usb 6-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 761.555969][T24110] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 761.570471][ T2131] usb 6-1: config 0 interface 85 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0 [ 761.590628][T24110] EXT4-fs error (device loop4): ext4_acquire_dquot:6949: comm syz.4.7995: Failed to acquire dquot type 0 [ 761.603447][ T2131] usb 6-1: config 0 interface 85 has no altsetting 0 [ 761.616981][ T2131] usb 6-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 761.633447][ T2131] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 761.642502][ T2131] usb 6-1: Product: syz [ 761.647123][ T2131] usb 6-1: Manufacturer: syz [ 761.651758][ T2131] usb 6-1: SerialNumber: syz [ 761.685369][ T2131] usb 6-1: config 0 descriptor?? [ 761.737729][T22248] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 761.856800][T24125] netlink: 'syz.0.8003': attribute type 1 has an invalid length. [ 762.153631][ T2131] appletouch 6-1:0.85: Failed to request geyser raw mode [ 762.177668][ T2131] appletouch: probe of 6-1:0.85 failed with error -5 [ 762.216755][ T2131] usb 6-1: USB disconnect, device number 3 [ 762.647583][T10059] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 762.677371][ T27] audit: type=1326 audit(2000000228.130:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24150 comm="syz.0.8013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 762.719932][ T27] audit: type=1326 audit(2000000228.130:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24150 comm="syz.0.8013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 762.771601][ T27] audit: type=1326 audit(2000000228.130:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24150 comm="syz.0.8013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=109 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 762.806487][ T27] audit: type=1326 audit(2000000228.130:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24150 comm="syz.0.8013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 762.884449][T10059] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 762.904011][T10059] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 762.929354][T10059] usb 5-1: config 0 descriptor?? [ 762.969822][T24157] __nla_validate_parse: 1 callbacks suppressed [ 762.969866][T24157] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8016'. [ 763.166487][T10059] [drm] vendor descriptor length:6 data:06 5f 00 00 00 00 00 00 00 00 00 [ 763.174990][T10059] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 763.259023][T24167] loop0: detected capacity change from 0 to 128 [ 763.289866][T24167] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 763.346863][T24167] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 763.376975][T10059] [drm:udl_init] *ERROR* Selecting channel failed [ 763.457374][T10059] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2 [ 763.484272][T10059] [drm] Initialized udl on minor 2 [ 763.515172][T10059] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 763.565497][T10059] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 763.580235][T10060] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 763.643080][T10059] usb 5-1: USB disconnect, device number 7 [ 763.652508][T10060] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 763.677149][T24174] netlink: 132 bytes leftover after parsing attributes in process `syz.3.8024'. [ 763.711396][T10060] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 763.803281][T24177] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 764.060959][T24181] loop0: detected capacity change from 0 to 4096 [ 764.119126][T24181] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 764.467053][T24193] loop3: detected capacity change from 0 to 256 [ 764.595704][T24200] loop4: detected capacity change from 0 to 16 [ 764.638962][T24193] FAT-fs (loop3): Directory bread(block 64) failed [ 764.646768][T24200] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 764.654662][T24200] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 764.677584][T24193] FAT-fs (loop3): Directory bread(block 65) failed [ 764.687150][T24193] FAT-fs (loop3): Directory bread(block 66) failed [ 764.693736][T24193] FAT-fs (loop3): Directory bread(block 67) failed [ 764.746820][T24193] FAT-fs (loop3): Directory bread(block 68) failed [ 764.753430][T24193] FAT-fs (loop3): Directory bread(block 69) failed [ 764.786312][T24193] FAT-fs (loop3): Directory bread(block 70) failed [ 764.816467][T24193] FAT-fs (loop3): Directory bread(block 71) failed [ 764.823176][T24193] FAT-fs (loop3): Directory bread(block 72) failed [ 764.837041][T24193] FAT-fs (loop3): Directory bread(block 73) failed [ 765.098087][T24211] loop5: detected capacity change from 0 to 1024 [ 765.237545][T24200] erofs: DAX unsupported by block device. Turning off DAX. [ 765.255192][T24213] loop0: detected capacity change from 0 to 512 [ 765.275978][T24200] erofs: (device loop4): mounted with root inode @ nid 36. [ 765.354833][T24213] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.8043: corrupted in-inode xattr: invalid ea_ino [ 765.417091][T24213] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.8043: couldn't read orphan inode 15 (err -117) [ 765.440834][T24220] netlink: 76 bytes leftover after parsing attributes in process `syz.5.8045'. [ 765.498772][T20189] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -4045 in[4096, 0] out[9000] [ 765.517447][T24213] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 765.531647][T24200] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -4045 in[4096, 0] out[8192] [ 765.588467][ T27] audit: type=1800 audit(2000000231.050:339): pid=24200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.8037" name="file2" dev="loop4" ino=89 res=0 errno=0 [ 765.745138][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 765.950952][T24230] loop0: detected capacity change from 0 to 2048 [ 765.998353][ T27] audit: type=1326 audit(2000000231.460:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24231 comm="syz.5.8051" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2e8259bf79 code=0x0 [ 766.028193][T24230] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 766.512045][T24244] loop5: detected capacity change from 0 to 4096 [ 766.545627][T24244] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 766.626481][ T2131] usb 4-1: new high-speed USB device number 55 using dummy_hcd [ 766.637439][T24250] netlink: 392 bytes leftover after parsing attributes in process `syz.0.8059'. [ 766.700088][T24252] netlink: 'syz.4.8060': attribute type 58 has an invalid length. [ 766.738167][T24244] ntfs3: loop5: failed to convert "c46c" to iso8859-9 [ 766.816465][ T2131] usb 4-1: Using ep0 maxpacket: 8 [ 766.833380][ T2131] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64 [ 766.863256][ T2131] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0 [ 766.874258][ T2131] usb 4-1: config 0 interface 0 has no altsetting 0 [ 766.887299][ T2131] usb 4-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 766.906078][ T2131] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 766.925143][ T2131] usb 4-1: Product: syz [ 766.935242][ T2131] usb 4-1: Manufacturer: syz [ 766.945344][ T2131] usb 4-1: SerialNumber: syz [ 766.959488][ T2131] usb 4-1: config 0 descriptor?? [ 766.982158][ T2131] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 found [ 767.219852][ T2131] snd_usb_toneport 4-1:0.0: cannot get proper max packet size [ 767.226516][T24264] IPv6: NLM_F_CREATE should be specified when creating new route [ 767.257019][ T2131] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 now disconnected [ 767.297201][ T2131] snd_usb_toneport: probe of 4-1:0.0 failed with error -22 [ 767.364451][T24268] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8068'. [ 767.476965][ T2131] usb 4-1: USB disconnect, device number 55 [ 767.612836][T24278] netlink: 240 bytes leftover after parsing attributes in process `syz.0.8073'. [ 767.985080][T24286] loop5: detected capacity change from 0 to 4096 [ 768.016726][T24286] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 768.218758][T24286] ntfs3: loop5: failed to convert "c46c" to cp862 [ 768.353373][ T27] audit: type=1326 audit(2000000233.810:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24302 comm="syz.3.8085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 768.378864][T24303] syz.3.8085 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 768.399837][ T27] audit: type=1326 audit(2000000233.810:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24302 comm="syz.3.8085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 768.445185][ T27] audit: type=1326 audit(2000000233.840:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24302 comm="syz.3.8085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 768.469789][ T27] audit: type=1326 audit(2000000233.860:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24302 comm="syz.3.8085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 768.562927][ T27] audit: type=1326 audit(2000000233.860:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24302 comm="syz.3.8085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 768.739793][T24315] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 768.906626][ T28] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 768.971153][T24322] netlink: 800 bytes leftover after parsing attributes in process `syz.3.8094'. [ 768.981518][T24322] netlink: 1301 bytes leftover after parsing attributes in process `syz.3.8094'. [ 769.088325][ T28] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 769.106636][T10059] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 769.109890][ T28] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 2047, setting to 1024 [ 769.146397][ T28] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 769.168179][ T28] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 769.177511][ T28] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 769.185561][ T28] usb 5-1: SerialNumber: syz [ 769.193717][T24311] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 769.308439][T10059] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 769.326487][T10059] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 769.346966][T10059] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 769.356058][T10059] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67 [ 769.372193][T10059] usb 6-1: SerialNumber: syz [ 769.418752][T24311] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 769.519779][T24324] loop3: detected capacity change from 0 to 32768 [ 769.554929][T24324] (syz.3.8095,24324,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 769.604696][T24324] (syz.3.8095,24324,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 769.636768][T10059] usb 6-1: 0:2 : does not exist [ 769.651664][T24324] JBD2: Ignoring recovery information on journal [ 769.673719][ T28] cdc_ether: probe of 5-1:1.0 failed with error -71 [ 769.692827][ T28] usb 5-1: USB disconnect, device number 8 [ 769.745409][T24324] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 769.767099][T10059] usb 6-1: USB disconnect, device number 4 [ 769.813279][ T5771] udevd[5771]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 770.013651][ T5769] ocfs2: Unmounting device (7,3) on (node local) [ 770.323852][T24338] loop4: detected capacity change from 0 to 128 [ 770.341594][T24336] loop3: detected capacity change from 0 to 1024 [ 770.438766][T24336] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 770.515899][T24345] ieee802154 phy1 wpan1: encryption failed: -90 [ 770.546489][T24336] ext4 filesystem being mounted at /2008/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 770.649938][T24334] loop0: detected capacity change from 0 to 32768 [ 770.662841][T24349] netlink: 144 bytes leftover after parsing attributes in process `syz.4.8103'. [ 770.713454][T24334] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 770.791760][T24349] team0: Port device team_slave_0 removed [ 770.798691][T24349] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 770.846288][T24334] XFS (loop0): Ending clean mount [ 770.936478][T10059] usb 4-1: new high-speed USB device number 56 using dummy_hcd [ 771.016889][T24361] kernel read not supported for file /  (pid: 24361 comm: syz.5.8107) [ 771.026305][ T5767] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 771.044404][ T27] audit: type=1800 audit(2000000236.500:346): pid=24361 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.8107" name=200120 dev="mqueue" ino=63733 res=0 errno=0 [ 771.176499][T10059] usb 4-1: Using ep0 maxpacket: 8 [ 771.206573][T10059] usb 4-1: config 4 has an invalid interface number: 244 but max is 0 [ 771.225036][T10059] usb 4-1: config 4 has no interface number 0 [ 771.249574][T10059] usb 4-1: config 4 interface 244 altsetting 1 endpoint 0x1 has an invalid bInterval 41, changing to 7 [ 771.284929][T10059] usb 4-1: config 4 interface 244 altsetting 1 endpoint 0x2 has invalid maxpacket 65267, setting to 1024 [ 771.336387][T10059] usb 4-1: config 4 interface 244 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 1024 [ 771.373193][T10059] usb 4-1: config 4 interface 244 has no altsetting 0 [ 771.394373][T10059] usb 4-1: New USB device found, idVendor=05ac, idProduct=fa33, bcdDevice=cb.aa [ 771.406663][T10059] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 771.477043][T10059] usb 4-1: Product: syz [ 771.481288][T10059] usb 4-1: Manufacturer: syz [ 771.485925][T10059] usb 4-1: SerialNumber: syz [ 771.558449][T24336] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 771.600565][T24371] netlink: 'syz.4.8113': attribute type 10 has an invalid length. [ 771.822708][T10059] ipheth 4-1:4.244: Unable to find endpoints [ 771.846086][T10059] usb 4-1: USB disconnect, device number 56 [ 771.946540][T24382] netlink: 144 bytes leftover after parsing attributes in process `syz.0.8117'. [ 771.955849][T24382] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 772.144784][T24388] netlink: 'syz.0.8120': attribute type 1 has an invalid length. [ 772.424527][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 772.687767][T24402] vivid-007: disconnect [ 772.707904][T24401] vivid-007: reconnect [ 772.730132][T24400] loop0: detected capacity change from 0 to 4096 [ 772.816536][T24386] loop5: detected capacity change from 0 to 32768 [ 772.974985][T24386] jfs_lookup: iget failed on inum 4 [ 773.399998][T24420] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8137'. [ 773.425884][T24420] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8137'. [ 773.630348][T24426] loop3: detected capacity change from 0 to 64 [ 773.906612][T24434] loop5: detected capacity change from 0 to 1024 [ 774.137251][T24416] loop0: detected capacity change from 0 to 32768 [ 774.174730][T24416] [ 774.174730][T24416] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 774.174730][T24416] [ 774.285024][T24416] [ 774.285024][T24416] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 774.285024][T24416] [ 774.285139][T24416] [ 774.285139][T24416] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 774.285139][T24416] [ 774.285155][T24416] [ 774.285155][T24416] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 774.285155][T24416] [ 774.370237][ T112] [ 774.370237][ T112] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 774.370237][ T112] [ 774.413769][ T5767] [ 774.413769][ T5767] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 774.413769][ T5767] [ 774.448065][ T5767] [ 774.448065][ T5767] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 774.448065][ T5767] [ 775.545509][T24486] loop5: detected capacity change from 0 to 8 [ 775.578641][T24486] SQUASHFS error: lzo decompression failed, data probably corrupt [ 775.596499][T24488] netlink: 14 bytes leftover after parsing attributes in process `syz.0.8170'. [ 775.607282][T24486] SQUASHFS error: Failed to read block 0x28d: -5 [ 775.632008][T24488] hsr_slave_0: left promiscuous mode [ 775.634519][T24486] SQUASHFS error: Unable to read metadata cache entry [28b] [ 775.654185][T24486] SQUASHFS error: Unable to read inode 0x11f [ 775.671796][T24488] hsr_slave_1: left promiscuous mode [ 775.684722][ T5771] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 776.213754][T24478] loop4: detected capacity change from 0 to 32768 [ 776.241149][T24478] (syz.4.8165,24478,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 776.294653][T24478] (syz.4.8165,24478,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 776.425737][T24478] JBD2: Ignoring recovery information on journal [ 776.575525][T24478] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 776.637122][T24518] netlink: 180 bytes leftover after parsing attributes in process `syz.3.8182'. [ 776.658422][T24516] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 776.999313][T22248] ocfs2: Unmounting device (7,4) on (node local) [ 777.046538][T24528] ipvlan0: entered promiscuous mode [ 777.144420][ T27] audit: type=1326 audit(2000000242.600:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24532 comm="syz.0.8191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 777.275107][ T27] audit: type=1326 audit(2000000242.630:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24532 comm="syz.0.8191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 777.373804][ T27] audit: type=1326 audit(2000000242.640:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24532 comm="syz.0.8191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 777.462434][ T27] audit: type=1326 audit(2000000242.640:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24532 comm="syz.0.8191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 777.498388][ T27] audit: type=1326 audit(2000000242.640:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24532 comm="syz.0.8191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 777.595422][T24547] netlink: 224 bytes leftover after parsing attributes in process `syz.0.8197'. [ 777.898386][T24557] __vm_enough_memory: pid: 24557, comm: syz.4.8202, not enough memory for the allocation [ 778.121036][T24563] loop0: detected capacity change from 0 to 4096 [ 778.198240][T24563] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 778.349193][T24572] netlink: 'syz.5.8209': attribute type 3 has an invalid length. [ 778.408911][T24573] vcan0: entered promiscuous mode [ 778.440594][T24573] A link change request failed with some changes committed already. Interface vcan0 may have been left with an inconsistent configuration, please check. [ 779.204833][T24605] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8224'. [ 779.211937][T24604] loop5: detected capacity change from 0 to 256 [ 779.245868][T24604] exfat: Deprecated parameter 'utf8' [ 779.254969][T24604] exfat: Deprecated parameter 'namecase' [ 779.284048][T24604] exFAT-fs (loop5): failed to load upcase table (idx : 0x00012153, chksum : 0x8fca712e, utbl_chksum : 0xe619d30d) [ 779.900746][T24629] overlay: Unknown parameter '\' [ 780.043935][T24635] loop4: detected capacity change from 0 to 764 [ 780.107668][T24635] rock: directory entry would overflow storage [ 780.113878][T24635] rock: sig=0x4654, size=5, remaining=4 [ 780.174416][T24640] loop3: detected capacity change from 0 to 128 [ 780.200190][T24640] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 780.415565][T24646] netlink: 56 bytes leftover after parsing attributes in process `syz.4.8245'. [ 781.023729][T24668] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8256'. [ 781.052324][T24668] vlan0: entered promiscuous mode [ 781.236459][T24676] netlink: 666 bytes leftover after parsing attributes in process `syz.0.8260'. [ 781.403728][T24682] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8263'. [ 781.436504][T24682] netlink: 36 bytes leftover after parsing attributes in process `syz.3.8263'. [ 781.673032][T24694] C: renamed from team_slave_0 [ 781.737778][T24694] netlink: 'syz.3.8268': attribute type 1 has an invalid length. [ 781.745615][T24694] netlink: 152 bytes leftover after parsing attributes in process `syz.3.8268'. [ 781.776702][T24697] xt_CT: You must specify a L4 protocol and not use inversions on it [ 781.816486][T24694] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 781.845734][T24701] loop4: detected capacity change from 0 to 256 [ 781.854992][T24701] exfat: Deprecated parameter 'namecase' [ 781.861117][T24701] exfat: Deprecated parameter 'namecase' [ 781.867237][T24701] exfat: Deprecated parameter 'utf8' [ 781.931178][T24701] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 782.067649][T24705] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8274'. [ 782.377161][T24715] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8278'. [ 782.562972][T24721] loop3: detected capacity change from 0 to 512 [ 782.615010][T24721] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 782.679314][T24721] EXT4-fs (loop3): 1 truncate cleaned up [ 782.725885][T24721] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 782.740953][T24703] loop5: detected capacity change from 0 to 32768 [ 782.773213][T24721] EXT4-fs error (device loop3): ext4_add_entry:2486: inode #2: comm syz.3.8282: Directory hole found for htree leaf block 0 [ 782.834008][T24721] EXT4-fs (loop3): Remounting filesystem read-only [ 782.843843][T24703] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 782.961265][T24703] XFS (loop5): Ending clean mount [ 782.973661][T24703] XFS (loop5): Quotacheck needed: Please wait. [ 782.997571][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 783.053433][T24739] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8286'. [ 783.094731][T24739] ip6tnl1: entered allmulticast mode [ 783.170217][T24703] XFS (loop5): Quotacheck: Done. [ 783.245324][T24741] loop0: detected capacity change from 0 to 256 [ 783.267346][T23226] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 783.278152][T24741] exfat: Deprecated parameter 'utf8' [ 783.300459][T24741] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x0b7b651d, utbl_chksum : 0xe619d30d) [ 784.185541][T24771] syz.5.8302: attempt to access beyond end of device [ 784.185541][T24771] loop11: rw=0, sector=0, nr_sectors = 1 limit=0 [ 784.205665][T24771] FAT-fs (loop11): unable to read boot sector [ 784.398023][T24778] netlink: 44 bytes leftover after parsing attributes in process `syz.0.8305'. [ 784.630902][T24789] tipc: Trying to set illegal importance in message [ 784.826234][T24797] loop3: detected capacity change from 0 to 8 [ 784.900847][T24797] SQUASHFS error: Failed to read block 0x6fc: -5 [ 784.916491][T24797] SQUASHFS error: Unable to read metadata cache entry [6fa] [ 785.324196][T24813] loop4: detected capacity change from 0 to 128 [ 785.362549][T24813] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 785.423516][T24813] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 785.461553][ T27] audit: type=1800 audit(2000000250.900:352): pid=24801 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.5.8317" name="/newroot/143/file0" dev="tmpfs" ino=753 res=0 errno=0 [ 785.524053][T24815] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8322'. [ 786.576915][T24853] loop0: detected capacity change from 0 to 4096 [ 786.613193][T24858] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 786.682747][T24853] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 786.756483][T24853] Remounting filesystem read-only [ 786.801698][ T27] audit: type=1326 audit(2000000252.260:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24861 comm="syz.3.8344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 786.886468][ T27] audit: type=1326 audit(2000000252.260:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24861 comm="syz.3.8344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 786.975222][ T27] audit: type=1326 audit(2000000252.260:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24861 comm="syz.3.8344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 787.007769][T24868] netlink: 'syz.5.8347': attribute type 6 has an invalid length. [ 787.047906][ T27] audit: type=1326 audit(2000000252.260:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24861 comm="syz.3.8344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 787.070282][ C1] vkms_vblank_simulate: vblank timer overrun [ 787.243238][T24875] ieee802154 phy1 wpan1: encryption failed: -22 [ 788.194192][T24917] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 788.200698][ T8170] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 788.263563][T24919] loop3: detected capacity change from 0 to 8 [ 788.277533][T24919] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 788.341075][ T5771] udevd[5771]: incorrect cramfs checksum on /dev/loop3 [ 788.361929][T24919] cramfs: Error -5 while decompressing! [ 788.376464][T24919] cramfs: ffffffff973f8382(26)->ffff888059ee8000(4096) [ 788.392967][ T8170] usb 6-1: unable to get BOS descriptor or descriptor too short [ 788.393963][T24919] cramfs: Error -3 while decompressing! [ 788.423085][ T8170] usb 6-1: config 129 has an invalid interface number: 135 but max is 0 [ 788.427163][T24919] cramfs: ffffffff973f839c(16)->ffff888058819000(4096) [ 788.434428][ T5771] udevd[5771]: incorrect cramfs checksum on /dev/loop3 [ 788.452640][ T8170] usb 6-1: config 129 has an invalid interface number: 5 but max is 0 [ 788.461093][T24919] cramfs: Error -5 while decompressing! [ 788.462882][ T8170] usb 6-1: config 129 has 2 interfaces, different from the descriptor's value: 1 [ 788.480020][T24919] cramfs: ffffffff973f8382(26)->ffff888059ee8000(4096) [ 788.492658][ T8170] usb 6-1: config 129 has no interface number 0 [ 788.500453][ T27] audit: type=1800 audit(2000000253.960:357): pid=24919 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.8371" name="file2" dev="loop3" ino=348 res=0 errno=0 [ 788.520217][ C1] vkms_vblank_simulate: vblank timer overrun [ 788.526942][ T8170] usb 6-1: config 129 has no interface number 1 [ 788.533281][ T8170] usb 6-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5 [ 788.557210][ T8170] usb 6-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30 [ 788.575994][ T8170] usb 6-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37 [ 788.598675][ T8170] usb 6-1: config 129 interface 135 has no altsetting 0 [ 788.605903][ T8170] usb 6-1: config 129 interface 5 has no altsetting 0 [ 788.643701][ T8170] usb 6-1: string descriptor 0 read error: -22 [ 788.655022][ T8170] usb 6-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00 [ 788.695077][ T8170] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 788.707340][T24929] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 788.765750][ T8170] usb 6-1: Quirk or no altest; falling back to MIDI 1.0 [ 788.790465][ T8170] usb 6-1: MIDIStreaming interface descriptor not found [ 788.907535][T24935] Cannot find del_set index 2 as target [ 789.127225][ T1189] usb 6-1: USB disconnect, device number 5 [ 789.663256][T24964] No source specified [ 789.914356][T24974] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 790.185647][T24986] IPv6: Can't replace route, no match found [ 790.395743][T24994] __nla_validate_parse: 3 callbacks suppressed [ 790.395760][T24994] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8407'. [ 790.529491][T24998] netlink: 'syz.5.8409': attribute type 1 has an invalid length. [ 790.546457][T10060] usb 1-1: new high-speed USB device number 45 using dummy_hcd [ 790.563805][T24998] netlink: 232 bytes leftover after parsing attributes in process `syz.5.8409'. [ 790.686699][T25004] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8412'. [ 790.760461][T10060] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 790.785048][T10060] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 790.807706][T10060] usb 1-1: Product: syz [ 790.811950][T10060] usb 1-1: Manufacturer: syz [ 790.821227][T10060] usb 1-1: SerialNumber: syz [ 790.831981][T10060] usb 1-1: config 0 descriptor?? [ 791.077955][T10060] hso 1-1:0.0: Failed to find BULK IN ep [ 791.109682][T10060] usb-storage 1-1:0.0: USB Mass Storage device detected [ 791.273598][T10060] usb 1-1: USB disconnect, device number 45 [ 791.453562][T25036] 9pnet_fd: Insufficient options for proto=fd [ 791.512787][T25039] netlink: 32 bytes leftover after parsing attributes in process `syz.3.8428'. [ 791.523038][T25039] netlink: 32 bytes leftover after parsing attributes in process `syz.3.8428'. [ 792.166033][T25063] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8440'. [ 792.396421][T10060] usb 1-1: new full-speed USB device number 46 using dummy_hcd [ 792.604516][T25080] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8449'. [ 792.618626][T10060] usb 1-1: config index 0 descriptor too short (expected 61256, got 72) [ 792.634614][T10060] usb 1-1: config 1 has an invalid interface number: 0 but max is -1 [ 792.642955][T10060] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 792.666435][T10060] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 0 [ 792.700921][T10060] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22 [ 792.745019][T10060] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 792.774992][T10060] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 792.797873][T10060] usb 1-1: SerialNumber: syz [ 792.819399][T10060] cdc_acm 1-1:1.0: Control and data interfaces are not separated! [ 792.844079][T25087] loop3: detected capacity change from 0 to 1024 [ 792.851141][T10060] cdc_acm 1-1:1.0: This needs exactly 3 endpoints [ 792.857673][T10060] cdc_acm: probe of 1-1:1.0 failed with error -22 [ 792.872700][T25087] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 793.005539][T25091] program syz.4.8453 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 793.062812][T10060] usb 1-1: USB disconnect, device number 46 [ 793.742516][T25112] loop4: detected capacity change from 0 to 4096 [ 793.777886][T25112] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 793.854546][T25112] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 793.997114][T25112] ntfs3: loop4: failed to convert "c46c" to macinuit [ 794.072955][T25122] netlink: 'syz.3.8469': attribute type 5 has an invalid length. [ 794.502802][T25138] netlink: 'syz.3.8478': attribute type 10 has an invalid length. [ 794.556691][T25138] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8478'. [ 794.580475][T25142] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8479'. [ 794.581569][T25138] netlink: 'syz.3.8478': attribute type 10 has an invalid length. [ 794.619179][T25138] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8478'. [ 795.792234][T25154] loop5: detected capacity change from 0 to 32768 [ 795.842451][T25154] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 795.909326][ T27] audit: type=1326 audit(2000000261.370:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25194 comm="syz.0.8501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 795.956970][ T27] audit: type=1326 audit(2000000261.390:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25194 comm="syz.0.8501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 795.990156][T25154] XFS (loop5): Ending clean mount [ 796.027381][ T27] audit: type=1326 audit(2000000261.390:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25194 comm="syz.0.8501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 796.076482][T25197] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8502'. [ 796.085530][ T27] audit: type=1326 audit(2000000261.390:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25194 comm="syz.0.8501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 796.146445][ T27] audit: type=1326 audit(2000000261.390:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25194 comm="syz.0.8501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2dc19bf79 code=0x7ffc0000 [ 796.186740][ T8170] usb 4-1: new high-speed USB device number 57 using dummy_hcd [ 796.246539][T23226] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 796.386751][ T8170] usb 4-1: Using ep0 maxpacket: 16 [ 796.405530][ T8170] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 796.436702][ T8170] usb 4-1: config 0 descriptor has 1 excess byte, ignoring [ 796.443985][ T8170] usb 4-1: config 0 has no interface number 0 [ 796.479398][ T8170] usb 4-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 796.496507][ T8170] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 796.504648][ T8170] usb 4-1: Product: syz [ 796.548665][ T8170] usb 4-1: Manufacturer: syz [ 796.553348][ T8170] usb 4-1: SerialNumber: syz [ 796.593723][ T8170] usb 4-1: config 0 descriptor?? [ 796.619710][ T8170] usb 4-1: Found UVC 0.00 device syz (046d:08f3) [ 796.626135][ T8170] usb 4-1: No valid video chain found. [ 796.737541][T25179] loop4: detected capacity change from 0 to 32768 [ 796.877384][T10059] usb 4-1: USB disconnect, device number 57 [ 797.403986][T25223] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8515'. [ 797.830499][T25211] loop5: detected capacity change from 0 to 32768 [ 797.866772][T25211] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop5 scanned by syz.5.8509 (25211) [ 797.944843][T25211] BTRFS info (device loop5): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 797.974073][T25211] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 797.985746][T25211] BTRFS info (device loop5): turning on flush-on-commit [ 797.994114][T25211] BTRFS info (device loop5): turning off barriers [ 798.001549][T25211] BTRFS info (device loop5): turning on sync discard [ 798.014304][T25211] BTRFS info (device loop5): using free space tree [ 798.146482][T10059] usb 1-1: new high-speed USB device number 47 using dummy_hcd [ 798.155394][ T27] audit: type=1326 audit(2000000263.610:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25255 comm="syz.4.8526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f914719bf79 code=0x7ffc0000 [ 798.221802][ T27] audit: type=1326 audit(2000000263.610:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25255 comm="syz.4.8526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f914719bf79 code=0x7ffc0000 [ 798.272593][ T27] audit: type=1326 audit(2000000263.670:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25255 comm="syz.4.8526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f914719bf79 code=0x7ffc0000 [ 798.354044][ T27] audit: type=1326 audit(2000000263.670:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25255 comm="syz.4.8526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f914719bf79 code=0x7ffc0000 [ 798.376506][ C0] vkms_vblank_simulate: vblank timer overrun [ 798.414761][T10059] usb 1-1: Using ep0 maxpacket: 16 [ 798.433159][T10059] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 798.452022][T10059] usb 1-1: config 0 has no interface number 0 [ 798.479543][T10059] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 208, changing to 11 [ 798.495635][T23226] BTRFS info (device loop5): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 798.511584][T10059] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 25296, setting to 1024 [ 798.544958][T10059] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 798.584971][T10059] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 798.600699][T10059] usb 1-1: Product: syz [ 798.605148][T10059] usb 1-1: SerialNumber: syz [ 798.649568][T10059] usb 1-1: config 0 descriptor?? [ 798.659867][T10059] cm109 1-1:0.8: invalid payload size 1024, expected 4 [ 798.694207][T10059] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input50 [ 798.968143][T25276] netlink: 'syz.3.8533': attribute type 1 has an invalid length. [ 798.982654][T25276] netlink: 'syz.3.8533': attribute type 3 has an invalid length. [ 799.009828][T25276] netlink: 224 bytes leftover after parsing attributes in process `syz.3.8533'. [ 799.047002][T25276] NCSI netlink: No device for ifindex 0 [ 799.237274][ C0] cm109 1-1:0.8: cm109_urb_irq_callback: urb status -71 [ 799.248076][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 799.255283][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 799.262472][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 799.269710][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 799.277056][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 799.285961][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 799.293177][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 799.301272][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 799.308508][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 799.315707][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 799.336652][T10059] usb 1-1: USB disconnect, device number 47 [ 799.342661][ C0] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 799.386883][T10059] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 799.936578][T25300] netlink: 72 bytes leftover after parsing attributes in process `syz.3.8545'. [ 799.945632][T25300] netlink: 172 bytes leftover after parsing attributes in process `syz.3.8545'. [ 800.528654][T25325] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 800.576670][T10059] usb 1-1: new high-speed USB device number 48 using dummy_hcd [ 800.776425][T10059] usb 1-1: Using ep0 maxpacket: 16 [ 800.783882][T10059] usb 1-1: config 254 has an invalid interface number: 235 but max is 0 [ 800.796402][T10059] usb 1-1: config 254 has no interface number 0 [ 800.806874][T10059] usb 1-1: config 254 interface 235 altsetting 2 bulk endpoint 0x6 has invalid maxpacket 32 [ 800.826606][T10059] usb 1-1: config 254 interface 235 has no altsetting 0 [ 800.850279][T10059] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=2b.f1 [ 800.866426][T10059] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=5 [ 800.884735][T10059] usb 1-1: Product: syz [ 800.896788][T10059] usb 1-1: Manufacturer: syz [ 800.901441][T10059] usb 1-1: SerialNumber: syz [ 800.948215][T25318] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 801.015883][T25335] netlink: 'syz.3.8562': attribute type 21 has an invalid length. [ 801.090134][T25314] loop4: detected capacity change from 0 to 32768 [ 801.126502][T25314] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.8552 (25314) [ 801.184373][T10059] usbtest 1-1:254.235: couldn't get endpoints, -71 [ 801.194712][T25314] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 801.205543][T10059] usbtest: probe of 1-1:254.235 failed with error -71 [ 801.215685][T25314] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 801.244749][T10059] usb 1-1: USB disconnect, device number 48 [ 801.250998][T25314] BTRFS info (device loop4): enabling auto defrag [ 801.281157][T25314] BTRFS info (device loop4): use no compression [ 801.309249][ T8170] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 801.309781][T25314] BTRFS info (device loop4): force clearing of disk cache [ 801.340635][T25314] BTRFS info (device loop4): max_inline at 4096 [ 801.351280][T25314] BTRFS info (device loop4): disabling free space tree [ 801.370345][T25341] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8565'. [ 801.467636][T25314] BTRFS info (device loop4): enabling ssd optimizations [ 801.484759][T25314] BTRFS info (device loop4): auto enabling async discard [ 801.527231][T25314] BTRFS info (device loop4): rebuilding free space tree [ 801.561398][ T8170] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 801.571087][T25314] BTRFS info (device loop4): disabling free space tree [ 801.596843][ T8170] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 801.604906][ T8170] usb 6-1: Product: syz [ 801.616492][T25314] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 801.626193][T25314] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 801.642310][ T8170] usb 6-1: Manufacturer: syz [ 801.647065][ T8170] usb 6-1: SerialNumber: syz [ 801.673238][ T8170] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 801.741160][ T28] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 801.970008][T22248] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 801.981528][ C1] usb 6-1: ath: unknown panic pattern! [ 802.187533][T10060] usb 6-1: USB disconnect, device number 6 [ 802.366364][T25376] netlink: 'syz.0.8574': attribute type 1 has an invalid length. [ 802.796463][ T28] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 802.803591][ T28] ath9k_htc: Failed to initialize the device [ 802.881843][T10060] usb 6-1: ath9k_htc: USB layer deinitialized [ 803.011769][T25394] netlink: 256 bytes leftover after parsing attributes in process `syz.0.8582'. [ 803.129397][T25396] : renamed from team_slave_1 (while UP) [ 803.326574][T25404] netlink: 56 bytes leftover after parsing attributes in process `syz.4.8587'. [ 803.930404][T25426] loop5: detected capacity change from 0 to 65 [ 803.949183][T25426] BFS-fs: bfs_fill_super(): loop5 is unclean, continuing [ 803.973233][T25426] BFS-fs: bfs_fill_super(): NOTE: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway [ 804.034352][T25398] loop3: detected capacity change from 0 to 32768 [ 804.076999][T25398] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.8584 (25398) [ 804.146767][T25398] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 804.171999][T25430] ip6erspan0: entered promiscuous mode [ 804.191565][T25398] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 804.219019][T25398] BTRFS info (device loop3): force zlib compression, level 3 [ 804.235789][T25398] BTRFS info (device loop3): force clearing of disk cache [ 804.250000][T25398] BTRFS info (device loop3): setting nodatasum [ 804.256302][T25398] BTRFS info (device loop3): allowing degraded mounts [ 804.283995][T25398] BTRFS info (device loop3): enabling disk space caching [ 804.325399][T25398] BTRFS info (device loop3): disk space caching is enabled [ 804.570394][T25398] BTRFS info (device loop3): auto enabling async discard [ 804.656960][T25398] BTRFS info (device loop3): rebuilding free space tree [ 804.741057][T25398] BTRFS info (device loop3): disabling free space tree [ 804.773204][T25398] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 804.796531][T25466] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 804.803845][T25466] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 804.821647][T25398] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 804.854552][T25466] vhci_hcd vhci_hcd.0: Device attached [ 804.881208][T25469] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(6) [ 804.887814][T25469] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 804.897523][T25469] vhci_hcd vhci_hcd.0: Device attached [ 804.959147][T25470] vhci_hcd: connection closed [ 804.970395][T25473] loop0: detected capacity change from 0 to 1024 [ 804.973634][ T1133] vhci_hcd: stop threads [ 804.996680][T25467] vhci_hcd: connection closed [ 805.028734][ T1133] vhci_hcd: release socket [ 805.048319][ T1133] vhci_hcd: disconnect device [ 805.066481][T10060] vhci_hcd: vhci_device speed not set [ 805.070047][ T1133] vhci_hcd: stop threads [ 805.090677][ T1133] vhci_hcd: release socket [ 805.095577][T25473] hfsplus: can't free extent [ 805.107274][ T1133] vhci_hcd: disconnect device [ 805.157590][T10060] usb 41-1: new full-speed USB device number 2 using vhci_hcd [ 805.165293][T10060] usb 41-1: enqueue for inactive port 0 [ 805.178375][ T5769] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 805.313739][T10060] vhci_hcd: vhci_device speed not set [ 805.606692][T10059] usb 1-1: new high-speed USB device number 49 using dummy_hcd [ 805.689793][T25487] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8616'. [ 805.718976][T25487] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 805.825364][T10059] usb 1-1: Using ep0 maxpacket: 32 [ 805.864931][T25492] lo speed is unknown, defaulting to 1000 [ 805.871306][T25492] lo speed is unknown, defaulting to 1000 [ 805.896990][T10059] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 805.905451][T10059] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 805.925576][T25492] lo speed is unknown, defaulting to 1000 [ 805.941057][T10059] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 805.975745][T10059] usb 1-1: config 1 has no interface number 0 [ 805.993943][T10059] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 806.011792][T25492] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 806.073795][T10059] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 806.115833][T10059] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 806.149808][T25492] lo speed is unknown, defaulting to 1000 [ 806.155401][T10059] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 806.178036][T25492] lo speed is unknown, defaulting to 1000 [ 806.193612][T25492] lo speed is unknown, defaulting to 1000 [ 806.225944][T25492] lo speed is unknown, defaulting to 1000 [ 806.243661][T10059] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [ 806.262059][T25492] lo speed is unknown, defaulting to 1000 [ 806.313134][T25497] loop4: detected capacity change from 0 to 4096 [ 806.366297][T25497] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 806.387703][T25497] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 806.460174][T10059] snd_usb_pod 1-1:1.1: invalid control EP [ 806.476166][T10059] snd_usb_pod 1-1:1.1: cannot start listening: -22 [ 806.492513][T10059] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected [ 806.526852][T10059] snd_usb_pod: probe of 1-1:1.1 failed with error -22 [ 806.704576][T10059] usb 1-1: USB disconnect, device number 49 [ 806.804292][T25506] netlink: 'syz.4.8626': attribute type 32 has an invalid length. [ 806.812803][T25506] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8626'. [ 806.822464][T25506] (unnamed net_device) (uninitialized): option coupled_control: mode dependency failed, not supported in mode balance-rr(0) [ 807.026124][T25498] loop5: detected capacity change from 0 to 32768 [ 807.065438][T25498] JBD2: Ignoring recovery information on journal [ 807.147335][T25498] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 807.267669][T25520] tmpfs: Unknown parameter 'func' [ 807.407070][T25524] bridge4: entered promiscuous mode [ 807.582998][T23226] ocfs2: Unmounting device (7,5) on (node local) [ 808.258583][T25530] loop0: detected capacity change from 0 to 32768 [ 808.285668][T25530] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.8638 (25530) [ 808.332438][T25530] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 808.345834][T25530] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 808.355580][T25530] BTRFS info (device loop0): force zlib compression, level 3 [ 808.363516][T25530] BTRFS info (device loop0): force clearing of disk cache [ 808.371172][T25530] BTRFS info (device loop0): setting nodatasum [ 808.391194][T25530] BTRFS info (device loop0): allowing degraded mounts [ 808.416650][T25530] BTRFS info (device loop0): enabling disk space caching [ 808.428870][T25530] BTRFS info (device loop0): disk space caching is enabled [ 808.455843][T25526] loop4: detected capacity change from 0 to 32768 [ 808.524140][T25526] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 808.555357][T25530] BTRFS info (device loop0): auto enabling async discard [ 808.581626][T25530] BTRFS info (device loop0): rebuilding free space tree [ 808.676078][T25526] XFS (loop4): Ending clean mount [ 808.681694][T10060] usb 4-1: new high-speed USB device number 58 using dummy_hcd [ 808.692363][T25530] BTRFS info (device loop0): disabling free space tree [ 808.721878][T25526] XFS (loop4): Quotacheck needed: Please wait. [ 808.737456][T25530] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 808.788085][T25530] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 808.876465][T10060] usb 4-1: Using ep0 maxpacket: 8 [ 808.883327][T25526] XFS (loop4): Quotacheck: Done. [ 808.896714][T10060] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 808.916094][T10060] usb 4-1: config 179 has no interface number 0 [ 808.925584][T10060] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 808.947202][T10060] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 808.974037][T10060] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 808.996155][T10060] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 809.021265][ T5767] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 809.036386][T10060] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 809.095091][T10060] usb 4-1: config 179 interface 65 has no altsetting 0 [ 809.112664][T10060] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 809.121780][ T8170] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 809.154616][T10060] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 809.179857][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.205674][ T5786] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 11 /dev/loop0 scanned by udevd (5786) [ 809.235082][T22248] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 809.267990][T10060] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input51 [ 809.318038][ T8170] usb 6-1: Using ep0 maxpacket: 16 [ 809.328605][ T8170] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 809.351271][ T8170] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 809.384576][ T8170] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 809.398131][ T5122] input input51: unable to receive magic message: -110 [ 809.405479][ T8170] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 809.428825][ T8170] usb 6-1: Product: syz [ 809.433055][ T8170] usb 6-1: Manufacturer: syz [ 809.438298][ T8170] usb 6-1: SerialNumber: syz [ 809.450055][ T5122] input input51: unable to receive magic message: -32 [ 809.485920][ T5122] input input51: unable to receive magic message: -32 [ 809.533651][ T5122] input input51: unable to receive magic message: -32 [ 809.646456][ T5122] input input51: unable to receive magic message: -32 [ 809.707254][ T5122] input input51: unable to receive magic message: -32 [ 809.737047][ T8170] usb 6-1: cannot find UAC_HEADER [ 809.811624][T10059] usb 4-1: USB disconnect, device number 58 [ 809.817905][ C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 809.853608][T10059] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 809.920885][ T8170] snd-usb-audio: probe of 6-1:1.0 failed with error -22 [ 809.953453][ T8170] usb 6-1: USB disconnect, device number 7 [ 809.998868][ T5771] udevd[5771]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 810.340253][T25577] loop0: detected capacity change from 0 to 32768 [ 810.366565][T25577] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.8648 (25577) [ 810.447328][T25577] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 810.487046][T25577] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 810.495817][T25577] BTRFS info (device loop0): enabling auto defrag [ 810.543159][T25577] BTRFS info (device loop0): use no compression [ 810.567810][T25577] BTRFS info (device loop0): force clearing of disk cache [ 810.582871][T25577] BTRFS info (device loop0): max_inline at 4096 [ 810.596715][T25577] BTRFS info (device loop0): disabling free space tree [ 810.629051][T25588] netlink: 180 bytes leftover after parsing attributes in process `syz.5.8651'. [ 810.647278][T25584] netlink: 'syz.3.8653': attribute type 1 has an invalid length. [ 810.677898][T25584] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8653'. [ 810.801023][T25601] netlink: 'syz.4.8654': attribute type 2 has an invalid length. [ 810.816690][T25577] BTRFS info (device loop0): enabling ssd optimizations [ 810.826499][T25577] BTRFS info (device loop0): auto enabling async discard [ 810.841187][T25601] netlink: 224 bytes leftover after parsing attributes in process `syz.4.8654'. [ 810.886900][T25577] BTRFS info (device loop0): rebuilding free space tree [ 810.970568][T25577] BTRFS info (device loop0): disabling free space tree [ 810.985526][T25577] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 811.013222][T25577] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 811.380715][ T5767] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 811.503766][T25627] loop4: detected capacity change from 0 to 1024 [ 811.564032][ T5771] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 12 /dev/loop0 scanned by udevd (5771) [ 811.937028][ T8170] usb 4-1: new high-speed USB device number 59 using dummy_hcd [ 811.976766][T10060] usb 1-1: new low-speed USB device number 50 using dummy_hcd [ 812.150361][ T8170] usb 4-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1 [ 812.174966][ T8170] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 812.187600][T10060] usb 1-1: config index 0 descriptor too short (expected 1307, got 27) [ 812.204141][ T8170] usb 4-1: Product: syz [ 812.204573][T10060] usb 1-1: config 0 has an invalid interface number: 0 but max is -1 [ 812.226409][ T8170] usb 4-1: Manufacturer: syz [ 812.234932][T10060] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 812.256543][ T8170] usb 4-1: SerialNumber: syz [ 812.267454][T10060] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 812.284839][T10060] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 812.297496][ T8170] usb 4-1: config 0 descriptor?? [ 812.303900][T10060] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 812.320131][T10060] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 812.357771][T10060] usb 1-1: string descriptor 0 read error: -22 [ 812.364459][T10060] usb 1-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 812.387908][T10060] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 812.427227][T10060] usb 1-1: config 0 descriptor?? [ 812.448842][T10060] hub 1-1:0.0: bad descriptor, ignoring hub [ 812.472066][T10060] hub: probe of 1-1:0.0 failed with error -5 [ 812.491239][T10060] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input52 [ 812.546669][ T8170] int51x1: probe of 4-1:0.0 failed with error -22 [ 812.688915][T10059] usb 1-1: USB disconnect, device number 50 [ 812.783706][ T8170] usb 4-1: USB disconnect, device number 59 [ 812.949375][T25644] loop4: detected capacity change from 0 to 32768 [ 812.969233][T25644] [ 812.969233][T25644] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 812.969233][T25644] [ 813.064609][ T1085] [ 813.064609][ T1085] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 813.064609][ T1085] [ 813.095817][T25646] loop5: detected capacity change from 0 to 32768 [ 813.102654][ T1085] [ 813.102654][ T1085] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 813.102654][ T1085] [ 813.114930][T22248] [ 813.114930][T22248] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 813.114930][T22248] [ 813.128074][T25646] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 12 [ 813.144245][T22248] [ 813.144245][T22248] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 813.144245][T22248] [ 813.161161][ T113] [ 813.161161][ T113] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 813.161161][ T113] [ 813.395106][ T5786] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 12 [ 813.856237][T25664] bridge0: port 1(netdevsim2) entered blocking state [ 813.890612][T25664] bridge0: port 1(netdevsim2) entered disabled state [ 813.898418][T25664] netdevsim netdevsim0 netdevsim2: entered allmulticast mode [ 813.921220][T25664] netdevsim netdevsim0 netdevsim2: entered promiscuous mode [ 814.820209][T25672] loop0: detected capacity change from 0 to 32768 [ 815.241375][T25703] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8703'. [ 815.346713][T25706] comedi comedi4: bad chanlist[0]=0x00400003 chan=3 range length=2 [ 815.906785][T25726] loop5: detected capacity change from 0 to 64 [ 816.397617][ T27] audit: type=1326 audit(2000000281.860:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25737 comm="syz.3.8720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 816.476930][ T27] audit: type=1326 audit(2000000281.860:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25737 comm="syz.3.8720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 816.538066][T25742] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8722'. [ 816.557172][ T27] audit: type=1326 audit(2000000281.890:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25737 comm="syz.3.8720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 816.583844][ T27] audit: type=1326 audit(2000000281.890:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25737 comm="syz.3.8720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 816.705867][T25746] netlink: 48 bytes leftover after parsing attributes in process `syz.5.8724'. [ 816.870012][T25720] loop0: detected capacity change from 0 to 40427 [ 816.894800][T25720] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 816.917566][T25720] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 816.947858][T25720] F2FS-fs (loop0): invalid crc value [ 816.984632][T25720] F2FS-fs (loop0): Found nat_bits in checkpoint [ 817.080396][T25761] loop3: detected capacity change from 0 to 128 [ 817.129054][T25720] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 817.146501][T25720] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 817.155042][T25761] FAT-fs (loop3): Directory bread(block 162) failed [ 817.177847][T25761] FAT-fs (loop3): Directory bread(block 163) failed [ 817.198714][T25761] FAT-fs (loop3): Directory bread(block 164) failed [ 817.209816][T25761] FAT-fs (loop3): Directory bread(block 165) failed [ 817.224552][T25761] FAT-fs (loop3): Directory bread(block 166) failed [ 817.242537][T25761] FAT-fs (loop3): Directory bread(block 167) failed [ 817.264121][T25761] FAT-fs (loop3): Directory bread(block 168) failed [ 817.297301][T25761] FAT-fs (loop3): Directory bread(block 169) failed [ 817.335267][ T27] audit: type=1800 audit(2000000282.780:371): pid=25720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.8710" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 817.366660][T25761] FAT-fs (loop3): Directory bread(block 162) failed [ 817.381619][T25761] FAT-fs (loop3): Directory bread(block 163) failed [ 817.420185][T25761] syz.3.8729: attempt to access beyond end of device [ 817.420185][T25761] loop3: rw=3, sector=226, nr_sectors = 6 limit=128 [ 817.457875][T25761] syz.3.8729: attempt to access beyond end of device [ 817.457875][T25761] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 817.513764][ T5767] syz-executor: attempt to access beyond end of device [ 817.513764][ T5767] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 817.559654][ T5767] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 818.078099][T25779] xt_CT: No such helper "pptp" [ 818.785683][T25808] QAT: failed to copy from user cfg_data. [ 818.896819][T25813] netlink: 'syz.3.8754': attribute type 4 has an invalid length. [ 819.174928][T25824] netlink: 'syz.5.8760': attribute type 1 has an invalid length. [ 819.206184][T25824] netlink: 224 bytes leftover after parsing attributes in process `syz.5.8760'. [ 819.428752][T25832] ip6erspan0: entered allmulticast mode [ 819.588196][T25840] netlink: 'syz.3.8768': attribute type 21 has an invalid length. [ 819.603934][T25840] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8768'. [ 819.636838][T25842] netlink: 'syz.5.8769': attribute type 4 has an invalid length. [ 819.938655][T25854] loop4: detected capacity change from 0 to 512 [ 819.959144][T25854] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 820.021347][T25854] EXT4-fs (loop4): 1 truncate cleaned up [ 820.075848][T25854] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 820.173130][T25864] sock: sock_timestamping_bind_phc: sock not bind to device [ 820.190668][T25854] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 820.198890][T10060] usb 1-1: new high-speed USB device number 51 using dummy_hcd [ 820.335760][T22248] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 820.433858][T10060] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 820.453866][T10060] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 820.474483][T10060] usb 1-1: Product: syz [ 820.480120][T10060] usb 1-1: Manufacturer: syz [ 820.489724][T10060] usb 1-1: SerialNumber: syz [ 820.526523][T10060] usb 1-1: config 0 descriptor?? [ 820.749483][T10060] hso 1-1:0.0: Failed to find BULK IN ep [ 820.767136][T10060] usb-storage 1-1:0.0: USB Mass Storage device detected [ 820.872404][T10059] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 820.978199][T25884] No such timeout policy "syz0" [ 820.986656][T10060] usb 1-1: USB disconnect, device number 51 [ 821.040938][T25868] loop3: detected capacity change from 0 to 32768 [ 821.078919][T10059] usb 6-1: config 220 has an invalid interface number: 76 but max is 2 [ 821.089042][T10059] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 821.100818][T10059] usb 6-1: config 220 has no interface number 2 [ 821.108891][T10059] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 821.123084][T10059] usb 6-1: config 220 interface 0 has no altsetting 0 [ 821.132621][T10059] usb 6-1: config 220 interface 76 has no altsetting 0 [ 821.140846][T25868] (syz.3.8781,25868,0):ocfs2_find_slot:468 ERROR: no free slots available! [ 821.149720][T25868] (syz.3.8781,25868,0):ocfs2_mount_volume:1807 ERROR: status = -22 [ 821.158798][T10059] usb 6-1: config 220 interface 1 has no altsetting 0 [ 821.169816][T25868] (syz.3.8781,25868,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 821.170298][T10059] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 821.197324][T10059] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 821.225867][T10059] usb 6-1: Product: syz [ 821.235946][T10059] usb 6-1: Manufacturer: syz [ 821.241404][T25868] NILFS (loop3): couldn't find nilfs on the device [ 821.248698][T10059] usb 6-1: SerialNumber: syz [ 821.368836][T25887] loop4: detected capacity change from 0 to 4096 [ 821.381903][T25887] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 821.491197][T10059] usb 6-1: selecting invalid altsetting 0 [ 821.506972][T10059] usb 6-1: Found UVC 7.01 device syz (8086:0b07) [ 821.536599][T25887] ntfs3: loop4: failed to convert "c46c" to cp866 [ 821.545138][T10059] usb 6-1: No valid video chain found. [ 821.591703][T10059] usb 6-1: selecting invalid altsetting 0 [ 821.615571][T10059] usbtest: probe of 6-1:220.1 failed with error -22 [ 821.663324][T10059] usb 6-1: USB disconnect, device number 8 [ 821.957541][T25895] loop4: detected capacity change from 0 to 4096 [ 822.010233][T25895] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 822.167032][T25908] netlink: 'syz.3.8799': attribute type 1 has an invalid length. [ 822.175176][T25908] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8799'. [ 822.304752][T22248] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 822.333947][T25904] loop0: detected capacity change from 0 to 4096 [ 822.370729][T25904] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 822.468862][T25914] netlink: 'syz.5.8803': attribute type 10 has an invalid length. [ 822.493926][T25904] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 822.581488][T25916] Cannot find del_set index 0 as target [ 822.961328][T25928] loop5: detected capacity change from 0 to 1024 [ 823.341228][T25940] loop4: detected capacity change from 0 to 1024 [ 823.356022][T25940] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 823.392064][T25940] hfsplus: filesystem is marked journaled, leaving read-only. [ 823.392071][T25942] loop5: detected capacity change from 0 to 128 [ 823.403863][T25942] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 823.440876][T25942] hpfs: filesystem error: improperly stopped [ 823.447545][T25942] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 823.455428][T25942] hpfs: You really don't want any checks? You are crazy... [ 823.465033][T25942] hpfs: hpfs_map_sector(): read error [ 823.470910][T25942] hpfs: code page support is disabled [ 823.477232][T25942] hpfs: hpfs_map_4sectors(): unaligned read [ 823.483386][T25942] hpfs: hpfs_map_4sectors(): unaligned read [ 823.492561][T25942] hpfs: filesystem error: unable to find root dir [ 823.536824][ T2131] usb 4-1: new high-speed USB device number 60 using dummy_hcd [ 823.762364][ T2131] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 823.782056][ T2131] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 823.817427][ T2131] usb 4-1: config 0 descriptor?? [ 823.854700][ T2131] cp210x 4-1:0.0: cp210x converter detected [ 823.976026][T25954] loop4: detected capacity change from 0 to 1024 [ 824.010042][T25954] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 824.072955][ T2131] usb 4-1: cp210x converter now attached to ttyUSB0 [ 824.182006][T25961] loop5: detected capacity change from 0 to 256 [ 824.241539][T25961] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 824.274809][ T2131] usb 4-1: USB disconnect, device number 60 [ 824.289797][T22248] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 824.310241][ T2131] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 824.344470][ T2131] cp210x 4-1:0.0: device disconnected [ 824.652284][T25967] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 824.927832][T25950] loop0: detected capacity change from 0 to 40427 [ 824.959170][T25950] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 824.993046][T25950] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 825.031439][T25950] F2FS-fs (loop0): invalid crc value [ 825.071770][T25950] F2FS-fs (loop0): Found nat_bits in checkpoint [ 825.255869][T25950] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 825.283624][T25950] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 825.846274][T25974] loop4: detected capacity change from 0 to 32768 [ 826.176495][T25993] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 827.235347][T26005] loop3: detected capacity change from 0 to 32768 [ 827.286225][T26005] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.8841 (26005) [ 827.343240][T26005] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 827.361351][ T27] audit: type=1326 audit(2000000292.820:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26025 comm="syz.5.8853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e8259bf79 code=0x7ffc0000 [ 827.389693][T26005] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 827.445738][T26005] BTRFS info (device loop3): force zlib compression, level 3 [ 827.464008][ T27] audit: type=1326 audit(2000000292.840:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26025 comm="syz.5.8853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e8259bf79 code=0x7ffc0000 [ 827.490450][T26005] BTRFS info (device loop3): force clearing of disk cache [ 827.507477][T26005] BTRFS info (device loop3): setting nodatasum [ 827.513736][T26005] BTRFS info (device loop3): use zlib compression, level 3 [ 827.536427][ T27] audit: type=1326 audit(2000000292.860:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26025 comm="syz.5.8853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7f2e8259bf79 code=0x7ffc0000 [ 827.566448][T26005] BTRFS info (device loop3): allowing degraded mounts [ 827.573317][T26005] BTRFS info (device loop3): enabling disk space caching [ 827.612794][T26005] BTRFS info (device loop3): disk space caching is enabled [ 827.626469][ T27] audit: type=1326 audit(2000000292.860:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26025 comm="syz.5.8853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e8259bf79 code=0x7ffc0000 [ 827.828831][T26005] BTRFS info (device loop3): enabling ssd optimizations [ 827.835841][T26005] BTRFS info (device loop3): auto enabling async discard [ 827.852639][T26016] loop0: detected capacity change from 0 to 32768 [ 827.884366][T26005] BTRFS info (device loop3): rebuilding free space tree [ 827.909558][T26005] BTRFS info (device loop3): disabling free space tree [ 827.937159][T26005] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 827.971521][T26005] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 828.059401][T26016] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 828.205265][T26016] XFS (loop0): Ending clean mount [ 828.232338][T26016] XFS (loop0): Quotacheck needed: Please wait. [ 828.251950][T26064] loop4: detected capacity change from 0 to 1024 [ 828.284124][ T5769] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 828.430111][T26016] XFS (loop0): Quotacheck: Done. [ 828.467967][ T5771] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 11 /dev/loop3 scanned by udevd (5771) [ 828.685454][ T5767] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 829.640532][T26100] loop3: detected capacity change from 0 to 1764 [ 829.781880][T26100] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 830.124431][T26117] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8879'. [ 830.173819][T26119] loop5: detected capacity change from 0 to 64 [ 830.509171][T26129] netlink: 176 bytes leftover after parsing attributes in process `syz.3.8886'. [ 830.581946][T26132] IPv6: NLM_F_CREATE should be specified when creating new route [ 830.616520][T26132] netlink: 1 bytes leftover after parsing attributes in process `syz.5.8884'. [ 831.760547][T26182] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8910'. [ 831.786479][T26182] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8910'. [ 832.037907][T26190] netlink: 'syz.4.8915': attribute type 1 has an invalid length. [ 832.046215][T26190] netlink: 224 bytes leftover after parsing attributes in process `syz.4.8915'. [ 832.430948][T26202] gtp0: entered promiscuous mode [ 832.452671][T26202] gtp0: entered allmulticast mode [ 832.664712][T26209] loop5: detected capacity change from 0 to 1024 [ 833.108095][ T27] audit: type=1326 audit(2000000298.570:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26218 comm="syz.3.8929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 833.175797][ T27] audit: type=1326 audit(2000000298.590:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26218 comm="syz.3.8929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 833.256508][ T27] audit: type=1326 audit(2000000298.600:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26218 comm="syz.3.8929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 833.294324][T26205] loop4: detected capacity change from 0 to 32768 [ 833.303636][ T27] audit: type=1326 audit(2000000298.600:379): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=26218 comm="syz.3.8929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 833.331611][ T27] audit: type=1326 audit(2000000298.600:380): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=26218 comm="syz.3.8929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 833.433462][T26205] JBD2: Ignoring recovery information on journal [ 833.599291][T26205] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 833.790677][T26244] bond7: entered allmulticast mode [ 834.102978][T22248] ocfs2: Unmounting device (7,4) on (node local) [ 834.284218][T26259] openvswitch: netlink: Actions may not be safe on all matching packets [ 834.387527][T26261] usb usb7: usbfs: process 26261 (syz.0.8949) did not claim interface 0 before use [ 834.543113][T26267] loop0: detected capacity change from 0 to 64 [ 834.727618][ T2131] usb 4-1: new high-speed USB device number 61 using dummy_hcd [ 834.841453][T26277] loop4: detected capacity change from 0 to 256 [ 834.949360][ T2131] usb 4-1: config index 0 descriptor too short (expected 39, got 27) [ 834.969703][ T2131] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 834.994123][ T2131] usb 4-1: config 0 interface 0 has no altsetting 0 [ 835.023954][ T2131] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 835.053711][ T2131] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 835.072070][ T2131] usb 4-1: Product: syz [ 835.089956][ T2131] usb 4-1: Manufacturer: syz [ 835.105304][ T2131] usb 4-1: SerialNumber: syz [ 835.147505][ T2131] usb 4-1: config 0 descriptor?? [ 835.163017][ T2131] hub 4-1:0.0: bad descriptor, ignoring hub [ 835.180967][ T2131] hub: probe of 4-1:0.0 failed with error -5 [ 835.209725][ T2131] usb 4-1: selecting invalid altsetting 0 [ 835.503231][T26296] ksmbd: Unknown IPC event: 10, ignore. [ 835.576457][T10060] usb 1-1: new high-speed USB device number 52 using dummy_hcd [ 835.656903][ T2131] usb 4-1: USB disconnect, device number 61 [ 835.769081][T10060] usb 1-1: Using ep0 maxpacket: 32 [ 835.780127][T10060] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 835.803372][T10060] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 835.824782][T10060] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 835.839903][T10060] usb 1-1: Product: syz [ 835.844122][T10060] usb 1-1: Manufacturer: syz [ 835.856394][T10060] usb 1-1: SerialNumber: syz [ 835.863487][T10060] usb 1-1: config 0 descriptor?? [ 835.883243][T10060] quatech2 1-1:0.0: Quatech 2nd gen USB to Serial Driver converter detected [ 835.966165][T26302] loop4: detected capacity change from 0 to 4096 [ 835.995886][T26293] loop5: detected capacity change from 0 to 32768 [ 836.090992][T10060] usb 1-1: qt2_setup_urbs - submit read urb failed -8 [ 836.096109][T26293] find_entry called with index >= next_index [ 836.110402][T10060] quatech2: probe of 1-1:0.0 failed with error -8 [ 836.122544][T26293] find_entry called with index >= next_index [ 836.175846][T26293] find_entry called with index >= next_index [ 836.308716][T10060] usb 1-1: USB disconnect, device number 52 [ 836.971126][T26328] loop0: detected capacity change from 0 to 47 [ 837.595897][T26349] loop3: detected capacity change from 0 to 2048 [ 837.676870][T26354] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 837.716551][T26356] netlink: 132 bytes leftover after parsing attributes in process `syz.4.8994'. [ 837.768967][T26349] NILFS error (device loop3): nilfs_lookup: deleted inode referenced: 12 [ 837.823969][T26349] Remounting filesystem read-only [ 838.128157][T26366] netdevsim netdevsim5: Direct firmware load for / [ 838.128157][T26366] failed with error -2 [ 838.176445][T26366] netdevsim netdevsim5: Falling back to sysfs fallback for: / [ 838.176445][T26366] [ 838.302858][ T27] audit: type=1326 audit(2000000303.760:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26371 comm="syz.3.9002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 838.350626][ T27] audit: type=1326 audit(2000000303.760:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26371 comm="syz.3.9002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 838.410395][ T27] audit: type=1326 audit(2000000303.790:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26371 comm="syz.3.9002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 838.446536][ T27] audit: type=1326 audit(2000000303.790:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26371 comm="syz.3.9002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 838.496486][ T27] audit: type=1326 audit(2000000303.810:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26371 comm="syz.3.9002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 838.570751][T26377] loop4: detected capacity change from 0 to 64 [ 838.575544][ T27] audit: type=1326 audit(2000000303.840:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26371 comm="syz.3.9002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2a5615c84e code=0x7ffc0000 [ 838.634965][T26377] syz.4.9004: attempt to access beyond end of device [ 838.634965][T26377] loop4: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 838.657011][ T27] audit: type=1326 audit(2000000303.850:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26371 comm="syz.3.9002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2a5615c84e code=0x7ffc0000 [ 838.694815][T26377] Buffer I/O error on dev loop4, logical block 134217734, async page read [ 838.707656][ T27] audit: type=1326 audit(2000000303.850:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26371 comm="syz.3.9002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2a5615c84e code=0x7ffc0000 [ 838.747283][ T27] audit: type=1326 audit(2000000303.850:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26371 comm="syz.3.9002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2a5615c84e code=0x7ffc0000 [ 838.770445][ T27] audit: type=1326 audit(2000000303.850:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26371 comm="syz.3.9002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2a5615c84e code=0x7ffc0000 [ 839.748835][T26413] netlink: 'syz.5.9020': attribute type 1 has an invalid length. [ 839.934256][T26419] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9023'. [ 840.192076][T26430] loop4: detected capacity change from 0 to 1024 [ 840.304061][T26430] hfsplus: catalog name length corrupted [ 840.487331][T26439] batadv1: entered allmulticast mode [ 840.518408][T26439] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 840.854072][T26454] loop3: detected capacity change from 0 to 64 [ 841.564638][T26472] loop0: detected capacity change from 0 to 1024 [ 841.678768][ T32] hfsplus: b-tree write err: -5, ino 4 [ 841.953450][T26484] openvswitch: netlink: Actions may not be safe on all matching packets [ 841.985799][T26450] loop4: detected capacity change from 0 to 40427 [ 842.026447][T26450] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 842.054297][T26450] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 842.087491][T26450] F2FS-fs (loop4): heap/no_heap options were deprecated [ 842.128586][T26450] F2FS-fs (loop4): invalid crc value [ 842.189674][T26450] F2FS-fs (loop4): Found nat_bits in checkpoint [ 842.310818][T26496] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9059'. [ 842.368194][T26450] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 842.370834][T26496] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9059'. [ 842.390482][T26450] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 842.638806][T22248] syz-executor: attempt to access beyond end of device [ 842.638806][T22248] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 842.675856][T22248] F2FS-fs (loop4): Remounting filesystem read-only [ 842.799949][T26511] loop0: detected capacity change from 0 to 64 [ 843.146800][T26520] netlink: 460 bytes leftover after parsing attributes in process `syz.5.9072'. [ 843.352243][T26527] loop0: detected capacity change from 0 to 256 [ 843.550769][T26527] FAT-fs (loop0): Directory bread(block 64) failed [ 843.586372][T26527] FAT-fs (loop0): Directory bread(block 65) failed [ 843.593119][T26527] FAT-fs (loop0): Directory bread(block 66) failed [ 843.617667][T26527] FAT-fs (loop0): Directory bread(block 67) failed [ 843.624488][T26527] FAT-fs (loop0): Directory bread(block 68) failed [ 843.643947][T26527] FAT-fs (loop0): Directory bread(block 69) failed [ 843.656548][T26527] FAT-fs (loop0): Directory bread(block 70) failed [ 843.663280][T26527] FAT-fs (loop0): Directory bread(block 71) failed [ 843.716621][T26527] FAT-fs (loop0): Directory bread(block 72) failed [ 843.723317][T26527] FAT-fs (loop0): Directory bread(block 73) failed [ 843.824527][T26533] loop3: detected capacity change from 0 to 1764 [ 844.008522][T26533] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 844.089970][T26542] loop5: detected capacity change from 0 to 2048 [ 844.154252][T26542] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 844.262815][T26544] i2c i2c-0: Invalid block write size 252 [ 844.788013][T26538] loop4: detected capacity change from 0 to 32768 [ 844.809904][T26538] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 11 [ 844.906990][T10059] usb 1-1: new high-speed USB device number 53 using dummy_hcd [ 844.950304][ T5771] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 11 [ 845.096577][T10059] usb 1-1: Using ep0 maxpacket: 16 [ 845.111125][T10059] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 7.00 [ 845.133457][T10059] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 845.144360][T26552] loop5: detected capacity change from 0 to 32768 [ 845.158107][T10059] usb 1-1: Product: syz [ 845.166458][T10059] usb 1-1: Manufacturer: syz [ 845.171119][T10059] usb 1-1: SerialNumber: syz [ 845.207664][T10059] usb 1-1: config 0 descriptor?? [ 845.222843][T10059] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 845.247242][T10059] usb 1-1: Detected FT2232H [ 845.306729][ T2131] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 845.421605][T10059] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 845.453979][T10059] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 845.469586][T10059] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 845.484520][T10059] usb 1-1: USB disconnect, device number 53 [ 845.494322][T10059] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 845.514843][T10059] ftdi_sio 1-1:0.0: device disconnected [ 845.528843][ T2131] usb 5-1: config index 0 descriptor too short (expected 39, got 27) [ 845.547947][ T2131] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 845.585011][ T2131] usb 5-1: config 0 interface 0 has no altsetting 0 [ 845.620444][ T2131] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 845.637691][ T2131] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 845.645916][ T2131] usb 5-1: Product: syz [ 845.653199][ T2131] usb 5-1: Manufacturer: syz [ 845.658889][ T2131] usb 5-1: SerialNumber: syz [ 845.666040][ T2131] usb 5-1: config 0 descriptor?? [ 845.673877][ T2131] hub 5-1:0.0: bad descriptor, ignoring hub [ 845.703622][ T2131] hub: probe of 5-1:0.0 failed with error -5 [ 845.725758][ T2131] usb 5-1: selecting invalid altsetting 0 [ 846.157259][ T28] usb 5-1: USB disconnect, device number 9 [ 846.293335][T26575] loop0: detected capacity change from 0 to 4096 [ 846.318346][T26575] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 846.450323][T26575] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 846.466231][T26575] ntfs3: loop0: Failed to load $Extend (-22). [ 846.485770][T26575] ntfs3: loop0: Failed to initialize $Extend. [ 846.836649][T26594] netlink: 56 bytes leftover after parsing attributes in process `syz.4.9107'. [ 847.074705][T26604] TCP: TCP_TX_DELAY enabled [ 847.666513][T10060] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 847.900575][T10060] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 847.919124][T10060] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 847.956415][T10060] usb 6-1: Product: syz [ 847.960692][T10060] usb 6-1: Manufacturer: syz [ 847.965356][T10060] usb 6-1: SerialNumber: syz [ 848.049749][T10060] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 848.104892][T10059] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 848.351243][T26654] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 848.384018][T26654] bond0: (slave lo): Error: Device type is different from other slaves [ 848.709032][ T1189] usb 6-1: USB disconnect, device number 9 [ 848.889593][T26665] loop4: detected capacity change from 0 to 4096 [ 848.906668][T26665] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 849.020062][T26665] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 849.177630][T10059] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 849.210518][T10059] ath9k_htc: Failed to initialize the device [ 849.234909][ T1189] usb 6-1: ath9k_htc: USB layer deinitialized [ 849.527018][T26686] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9149'. [ 849.536050][T26686] veth1_to_bond: entered promiscuous mode [ 849.588482][T26686] veth1_to_bond: entered allmulticast mode [ 849.942912][T26697] netlink: 'syz.0.9155': attribute type 11 has an invalid length. [ 850.506094][T26718] loop3: detected capacity change from 0 to 1024 [ 850.554596][T26722] netlink: 'syz.5.9167': attribute type 5 has an invalid length. [ 850.835703][T26728] loop5: detected capacity change from 0 to 256 [ 850.891836][T26728] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 850.911156][ T32] hfsplus: b-tree write err: -5, ino 4 [ 851.272570][T26742] netlink: 176 bytes leftover after parsing attributes in process `syz.3.9176'. [ 851.676825][T26757] netlink: 52 bytes leftover after parsing attributes in process `syz.5.9183'. [ 851.702340][T26759] xt_l2tp: invalid flags combination: 0 [ 852.068686][T26769] loop4: detected capacity change from 0 to 1024 [ 852.328318][ T4803] hfsplus: b-tree write err: -5, ino 4 [ 852.885984][T26763] loop3: detected capacity change from 0 to 32768 [ 853.014599][T26763] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 853.198578][T26763] XFS (loop3): Ending clean mount [ 853.245517][T26763] XFS (loop3): Quotacheck needed: Please wait. [ 853.376753][T26763] XFS (loop3): Quotacheck: Done. [ 853.626053][ T5769] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 854.139141][T26825] loop5: detected capacity change from 0 to 64 [ 854.201638][T26825] Trying to free block not in datazone [ 854.252293][T26830] tmpfs: Bad value for 'mpol' [ 854.305846][T26831] loop0: detected capacity change from 0 to 512 [ 854.393910][T26831] EXT4-fs: Ignoring removed nomblk_io_submit option [ 854.443934][T26831] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 854.476620][ T8170] usb 5-1: new full-speed USB device number 10 using dummy_hcd [ 854.544348][T26831] EXT4-fs error (device loop0): ext4_orphan_get:1424: comm syz.0.9215: bad orphan inode 11 [ 854.596800][T26831] EXT4-fs (loop0): Remounting filesystem read-only [ 854.604972][T26831] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 854.665601][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 854.696429][ T8170] usb 5-1: config 0 has an invalid interface number: 132 but max is 0 [ 854.704856][ T8170] usb 5-1: config 0 has no interface number 0 [ 854.722738][ T8170] usb 5-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 854.756428][ T8170] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 854.786755][ T8170] usb 5-1: Product: syz [ 854.802752][ T8170] usb 5-1: Manufacturer: syz [ 854.815130][ T8170] usb 5-1: SerialNumber: syz [ 854.847751][ T8170] usb 5-1: config 0 descriptor?? [ 854.863452][T26843] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9221'. [ 854.883788][ T8170] hub 5-1:0.132: bad descriptor, ignoring hub [ 854.903864][ T8170] hub: probe of 5-1:0.132 failed with error -5 [ 854.914033][ T8170] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.132/input/input53 [ 854.934069][ T27] kauditd_printk_skb: 202 callbacks suppressed [ 854.934085][ T27] audit: type=1326 audit(2000000320.390:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26845 comm="syz.3.9222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 854.989527][ T27] audit: type=1326 audit(2000000320.390:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26845 comm="syz.3.9222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 855.064718][ T27] audit: type=1326 audit(2000000320.430:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26845 comm="syz.3.9222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 855.171233][ T27] audit: type=1326 audit(2000000320.430:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26845 comm="syz.3.9222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 855.226573][T26852] netlink: 36 bytes leftover after parsing attributes in process `syz.3.9225'. [ 855.245967][ T27] audit: type=1326 audit(2000000320.430:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26845 comm="syz.3.9222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5619bf79 code=0x7ffc0000 [ 855.506527][T26860] netlink: 128 bytes leftover after parsing attributes in process `syz.5.9229'. [ 855.553898][T26860] netlink: 20 bytes leftover after parsing attributes in process `syz.5.9229'. [ 856.023117][T26880] loop0: detected capacity change from 0 to 2048 [ 856.042000][T26880] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 856.839596][T26910] cgroup: Invalid name [ 857.074119][T26920] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9258'. [ 857.093477][T26920] netlink: 60 bytes leftover after parsing attributes in process `syz.5.9258'. [ 857.126783][T26920] netlink: 60 bytes leftover after parsing attributes in process `syz.5.9258'. [ 857.404323][T26934] loop3: detected capacity change from 0 to 64 [ 857.443691][T26936] netlink: 'syz.5.9266': attribute type 1 has an invalid length. [ 857.454739][T26934] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. mounting read-only. [ 857.504051][T26934] hfs: filesystem is marked locked, mounting read-only. [ 857.907182][ T28] usb 5-1: USB disconnect, device number 10 [ 858.073187][T26956] loop3: detected capacity change from 0 to 256 [ 858.090541][T26952] loop5: detected capacity change from 0 to 4096 [ 858.100700][ T28] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 858.199363][T26956] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 858.290829][ T28] usb 5-1: Using ep0 maxpacket: 32 [ 858.315022][T26952] ntfs: (device loop5): parse_options(): NLS character set cp8 Oone_multiplier=0x0000000000000001gid=0 not found. Using previous one cp862. [ 858.338098][ T28] usb 5-1: config 0 has an invalid interface number: 35 but max is 0 [ 858.347187][ T28] usb 5-1: config 0 has no interface number 0 [ 858.353370][ T28] usb 5-1: config 0 interface 35 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 858.374123][ T28] usb 5-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 858.425469][ T28] usb 5-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 858.443813][T26952] ntfs: (device loop5): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 858.456405][ T28] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 858.466702][T26952] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 858.477355][ T28] usb 5-1: Product: syz [ 858.500419][ T28] usb 5-1: Manufacturer: syz [ 858.505080][ T28] usb 5-1: SerialNumber: syz [ 858.517339][T26952] ntfs: (device loop5): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 858.542303][ T28] usb 5-1: config 0 descriptor?? [ 858.555422][T26952] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 858.625935][T26952] ntfs: volume version 3.1. [ 859.004067][ T28] radio-si470x 5-1:0.35: si470x_get_report: usb_control_msg returned -71 [ 859.043167][ T28] radio-si470x: probe of 5-1:0.35 failed with error -5 [ 859.097000][ T28] radio-raremono 5-1:0.35: this is not Thanko's Raremono. [ 859.125635][ T28] usb 5-1: USB disconnect, device number 11 [ 859.726616][ T29] INFO: task syz-executor:5770 blocked for more than 143 seconds. [ 859.754703][ T29] Not tainted syzkaller #0 [ 859.771752][T10060] usb 1-1: new high-speed USB device number 54 using dummy_hcd [ 859.778649][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 859.796621][ T29] task:syz-executor state:D stack:21608 pid:5770 ppid:1 flags:0x00004004 [ 859.815529][ T29] Call Trace: [ 859.822935][ T29] [ 859.830505][ T29] __schedule+0x1553/0x45a0 [ 859.844908][ T29] ? asan.module_dtor+0x20/0x20 [ 859.857773][ T29] ? mark_lock+0x94/0x320 [ 859.865738][ T29] ? lock_chain_count+0x20/0x20 [ 859.885831][T27001] ipvlan0: left promiscuous mode [ 859.894150][ T29] ? _raw_spin_lock_irq+0xbb/0xf0 [ 859.904666][ T29] ? _raw_spin_lock_irqsave+0x100/0x100 [ 859.926560][ T29] schedule+0xbd/0x170 [ 859.930727][ T29] io_schedule+0x80/0xd0 [ 859.935030][ T29] folio_wait_bit_common+0x714/0xfa0 [ 859.967444][ T29] ? folio_wait_bit+0x30/0x30 [ 859.972217][ T29] ? filemap_get_entry+0x379/0x3f0 [ 859.990501][ T29] ? _compound_head+0x120/0x120 [ 859.990981][T10060] usb 1-1: config 220 has an invalid interface number: 76 but max is 2 [ 859.995418][ T29] ? find_lock_entries+0xc3e/0xfe0 [ 859.995486][ T29] __filemap_get_folio+0xbc/0xbb0 [ 860.015355][T10060] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 860.038526][ T29] truncate_inode_pages_range+0x46b/0xfb0 [ 860.039596][T10060] usb 1-1: config 220 has no interface number 2 [ 860.044326][ T29] ? mapping_evict_folio+0x510/0x510 [ 860.062522][ T29] ? _raw_spin_lock_irq+0xbb/0xf0 [ 860.067793][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 860.073199][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 860.078558][ T29] evict+0x4dd/0x8d0 [ 860.082648][ T29] ? proc_nr_inodes+0x230/0x230 [ 860.087774][T10060] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 860.097051][ T29] ? do_raw_spin_unlock+0x121/0x230 [ 860.112750][ T29] ? do_raw_spin_unlock+0x121/0x230 [ 860.118263][T10060] usb 1-1: config 220 interface 0 has no altsetting 0 [ 860.125810][T10060] usb 1-1: config 220 interface 76 has no altsetting 0 [ 860.130807][ T29] evict_inodes+0x606/0x6a0 [ 860.138978][T10060] usb 1-1: config 220 interface 1 has no altsetting 0 [ 860.147101][ T29] ? clear_inode+0x150/0x150 [ 860.152172][ T29] generic_shutdown_super+0x97/0x2b0 [ 860.159067][ T29] kill_block_super+0x44/0x90 [ 860.164804][ T29] deactivate_locked_super+0x97/0x100 [ 860.170665][ T29] cleanup_mnt+0x43b/0x4d0 [ 860.170683][T10060] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 860.175136][ T29] task_work_run+0x1d4/0x260 [ 860.175171][ T29] ? task_work_cancel+0x220/0x220 [ 860.194520][T10060] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 860.194545][ T29] ? exit_to_user_mode_loop+0x3b/0x110 [ 860.209199][ T29] exit_to_user_mode_loop+0xe6/0x110 [ 860.210732][T10060] usb 1-1: Product: syz [ 860.214539][ T29] exit_to_user_mode_prepare+0xee/0x180 [ 860.225718][ T29] syscall_exit_to_user_mode+0x1a/0x50 [ 860.230164][T10060] usb 1-1: Manufacturer: syz [ 860.231769][ T29] do_syscall_64+0x61/0xa0 [ 860.240804][ T29] ? clear_bhb_loop+0x40/0x90 [ 860.245622][ T29] ? clear_bhb_loop+0x40/0x90 [ 860.246636][T10060] usb 1-1: SerialNumber: syz [ 860.250650][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 860.261626][ T29] RIP: 0033:0x7f7d1b79d1d7 [ 860.266229][ T29] RSP: 002b:00007ffc092fb088 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 860.278560][ T29] RAX: 0000000000000000 RBX: 00007f7d1b831c3b RCX: 00007f7d1b79d1d7 [ 860.287230][ T29] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc092fb140 [ 860.295377][ T29] RBP: 00007ffc092fb140 R08: 00007ffc092fc140 R09: 00000000ffffffff [ 860.303542][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc092fc1d0 [ 860.311739][ T29] R13: 00007f7d1b831c3b R14: 00000000000ae32b R15: 00007ffc092fc210 [ 860.319940][ T29] [ 860.323293][ T29] [ 860.323293][ T29] Showing all locks held in the system: [ 860.335532][ T29] 1 lock held by khungtaskd/29: [ 860.342929][ T29] #0: ffffffff8d131fe0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290 [ 860.359570][ T29] 2 locks held by getty/5531: [ 860.364298][ T29] #0: ffff88802d4e70a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 860.375588][ T29] #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x433/0x1390 [ 860.386094][ T29] 1 lock held by syz-executor/5770: [ 860.391457][ T29] #0: ffff8880250ee0e0 (&type->s_umount_key#65){+.+.}-{3:3}, at: deactivate_super+0xa4/0xe0 [ 860.401882][ T29] 4 locks held by udevd/5771: [ 860.406711][ T29] #0: ffff88801f3b4418 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xb1/0xd50 [ 860.415709][ T29] #1: ffff8880494f8488 (&of->mutex){+.+.}-{3:3}, at: kernfs_seq_start+0x5c/0x410 [ 860.425129][ T29] #2: ffff88804a32b5d8 (kn->active#19){++++}-{0:0}, at: kernfs_seq_start+0xb2/0x410 [ 860.440610][ T29] #3: ffff88802c0cd190 (&dev->mutex){....}-{3:3}, at: manufacturer_show+0x26/0xa0 [ 860.451429][ T29] 4 locks held by kworker/0:12/10060: [ 860.461083][ T29] #0: ffff888147677538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 860.472627][ T29] #1: ffffc9000c937d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 860.484827][ T29] #2: ffff888142f49190 (&dev->mutex){....}-{3:3}, at: hub_event+0x180/0x49f0 [ 860.503237][ T29] #3: ffff88802c0cd190 (&dev->mutex){....}-{3:3}, at: __device_attach+0x89/0x420 [ 860.520375][ T29] [ 860.523179][T10060] usb 1-1: selecting invalid altsetting 0 [ 860.550993][ T29] ============================================= [ 860.550993][ T29] [ 860.559808][T10060] usb 1-1: Found UVC 7.01 device syz (8086:0b07) [ 860.566233][T10060] usb 1-1: No valid video chain found. [ 860.572073][ T29] NMI backtrace for cpu 0 [ 860.576437][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0 [ 860.583747][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 860.593840][ T29] Call Trace: [ 860.597152][ T29] [ 860.600121][ T29] dump_stack_lvl+0x18c/0x250 [ 860.604846][ T29] ? preempt_count_add+0x91/0x1a0 [ 860.609916][ T29] ? show_regs_print_info+0x20/0x20 [ 860.615166][ T29] ? load_image+0x400/0x400 [ 860.619729][ T29] nmi_cpu_backtrace+0x3a6/0x3e0 [ 860.624723][ T29] ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0 [ 860.630923][ T29] ? _printk+0xde/0x130 [ 860.635119][ T29] ? load_image+0x400/0x400 [ 860.639662][ T29] ? load_image+0x400/0x400 [ 860.644218][ T29] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 860.650338][ T29] nmi_trigger_cpumask_backtrace+0x17a/0x2f0 [ 860.656378][ T29] watchdog+0xf3d/0xf80 [ 860.660577][ T29] ? watchdog+0x1e1/0xf80 [ 860.664937][ T29] kthread+0x2fa/0x390 [ 860.669025][ T29] ? hungtask_pm_notify+0x90/0x90 [ 860.674074][ T29] ? kthread_blkcg+0xd0/0xd0 [ 860.678699][ T29] ret_from_fork+0x48/0x80 [ 860.683143][ T29] ? kthread_blkcg+0xd0/0xd0 [ 860.687767][ T29] ret_from_fork_asm+0x11/0x20 [ 860.692569][ T29] [ 860.695868][ T29] Sending NMI from CPU 0 to CPUs 1: [ 860.701164][ C1] NMI backtrace for cpu 1 [ 860.701174][ C1] CPU: 1 PID: 1128 Comm: kworker/u4:7 Not tainted syzkaller #0 [ 860.701190][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 860.701201][ C1] Workqueue: events_unbound nsim_dev_trap_report_work [ 860.701221][ C1] RIP: 0010:__asan_memset+0x5/0x40 [ 860.701246][ C1] Code: 0f 1f 44 00 00 f3 0f 1e fa 89 f6 48 8b 0c 24 ba 01 00 00 00 e9 bc ea ff ff 66 2e 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 55 <41> 56 53 48 89 d3 89 f5 49 89 fe 48 8b 4c 24 18 48 89 d6 ba 01 00 [ 860.701260][ C1] RSP: 0018:ffffc900047cf460 EFLAGS: 00000246 [ 860.701273][ C1] RAX: ffffc900047cf640 RBX: ffffc900047cf5e0 RCX: ffff888024048000 [ 860.701286][ C1] RDX: 0000000000000010 RSI: 0000000000000000 RDI: ffffc900047cf5f8 [ 860.701297][ C1] RBP: ffffc900047cf5f8 R08: ffff888024048000 R09: 0000000000000003 [ 860.701308][ C1] R10: 0000000000000004 R11: 0000000000000000 R12: ffffc900047cf5a8 [ 860.701318][ C1] R13: dffffc0000000000 R14: ffffffff8175b7fa R15: ffffffff8f0c8138 [ 860.701331][ C1] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 860.701349][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 860.701360][ C1] CR2: 00007f2e827e6ad8 CR3: 0000000025ace000 CR4: 00000000003506e0 [ 860.701375][ C1] Call Trace: [ 860.701380][ C1] [ 860.701387][ C1] unwind_next_frame+0x1648/0x2970 [ 860.701409][ C1] ? arch_stack_walk+0xf8/0x190 [ 860.701428][ C1] __unwind_start+0x66a/0x7e0 [ 860.701446][ C1] ? stack_trace_save+0x100/0x100 [ 860.701465][ C1] arch_stack_walk+0xf8/0x190 [ 860.701484][ C1] ? stack_trace_save+0xaa/0x100 [ 860.701506][ C1] stack_trace_save+0xaa/0x100 [ 860.701525][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 860.701545][ C1] ? chacha_block_generic+0xc8/0xdd0 [ 860.701573][ C1] kasan_set_track+0x4e/0x70 [ 860.701617][ C1] ? __kmem_cache_free+0xba/0x1e0 [ 860.701639][ C1] kasan_save_free_info+0x2e/0x50 [ 860.701661][ C1] ____kasan_slab_free+0x126/0x1e0 [ 860.701680][ C1] slab_free_freelist_hook+0x130/0x1a0 [ 860.701697][ C1] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 860.701717][ C1] ? skb_release_data+0x634/0x800 [ 860.701742][ C1] __kmem_cache_free+0xba/0x1e0 [ 860.701768][ C1] skb_release_data+0x634/0x800 [ 860.701798][ C1] consume_skb+0xb2/0x110 [ 860.701834][ C1] nsim_dev_trap_report_work+0x76f/0xb00 [ 860.701857][ C1] ? process_scheduled_works+0x96f/0x15d0 [ 860.701877][ C1] process_scheduled_works+0xa5d/0x15d0 [ 860.701909][ C1] ? assign_work+0x430/0x430 [ 860.701929][ C1] ? assign_work+0x3d0/0x430 [ 860.701950][ C1] worker_thread+0xa55/0xfc0 [ 860.701981][ C1] kthread+0x2fa/0x390 [ 860.701995][ C1] ? pr_cont_work+0x560/0x560 [ 860.702013][ C1] ? kthread_blkcg+0xd0/0xd0 [ 860.702027][ C1] ret_from_fork+0x48/0x80 [ 860.702045][ C1] ? kthread_blkcg+0xd0/0xd0 [ 860.702059][ C1] ret_from_fork_asm+0x11/0x20 [ 860.702087][ C1] [ 860.736777][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 860.736818][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0 [ 860.736870][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 860.736908][ T29] Call Trace: [ 860.736929][ T29] [ 860.736951][ T29] dump_stack_lvl+0x18c/0x250 [ 860.737049][ T29] ? show_regs_print_info+0x20/0x20 [ 860.737127][ T29] ? load_image+0x400/0x400 [ 860.737220][ T29] panic+0x2dc/0x730 [ 860.737291][ T29] ? schedule_preempt_disabled+0x20/0x20 [ 860.737384][ T29] ? bpf_jit_dump+0xd0/0xd0 [ 860.737444][ T29] ? __irq_work_queue_local+0x13a/0x3b0 [ 860.737516][ T29] ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0 [ 860.737609][ T29] watchdog+0xf7c/0xf80 [ 860.737683][ T29] ? watchdog+0x1e1/0xf80 [ 860.737767][ T29] kthread+0x2fa/0x390 [ 860.737837][ T29] ? hungtask_pm_notify+0x90/0x90 [ 860.737920][ T29] ? kthread_blkcg+0xd0/0xd0 [ 860.738012][ T29] ret_from_fork+0x48/0x80 [ 860.738076][ T29] ? kthread_blkcg+0xd0/0xd0 [ 860.738130][ T29] ret_from_fork_asm+0x11/0x20 [ 860.738243][ T29] [ 860.740742][ T29] Kernel Offset: disabled [ 861.104484][ T29] Rebooting in 86400 seconds..