last executing test programs: 3.041851473s ago: executing program 2 (id=7683): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x4000000, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="020e0000100000000000000000000000030005000000000002000000ffffffff0000000000000000080012000000509cadc3504c488e00000600000000000000000000000000000000000000000000000000000000000000fc020000000000000000000000000000030006000000000002"], 0x80}}, 0x0) 2.867742758s ago: executing program 2 (id=7685): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000193c0)=@newlinkprop={0x28, 0x6c, 0x1, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x2680, 0x1800}, [@IFLA_NET_NS_PID={0x8}]}, 0x28}}, 0x0) 2.662626244s ago: executing program 2 (id=7688): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0xa02000000000000, 0x60, &(0x7f0000000480)={'filter\x00', 0xb001, 0x2, 0x3c8, 0x0, 0x1f8, 0x1f8, 0x2e0, 0x2e0, 0x2e0, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @dev={0xac, 0x14, 0x14, 0x21}, @dev={0xac, 0x14, 0x14, 0x15}, 0x1}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418) 2.445659122s ago: executing program 2 (id=7690): r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x41, &(0x7f0000000000)=@ready={0x0, 0x0, 0x8, 'BBBB'}) 2.181963263s ago: executing program 3 (id=7693): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="020300030c000000ff0e0000000000000200090040000000000000000000000003000600000000000200000000000000020000000000000002000100000004d30000050200000050030005003c00000002"], 0x60}, 0x1, 0x7}, 0x40) 1.378747078s ago: executing program 0 (id=7700): prlimit64(0x0, 0x2, &(0x7f0000000040)={0xfffffffffffffffc, 0xffffffffffffffff}, 0x0) brk(0x5d555ede6000) 1.171322295s ago: executing program 3 (id=7702): r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000100), 0x842, 0x0) writev(r0, &(0x7f0000000a40)=[{&(0x7f0000000bc0)="d18a876f8f46c153dd", 0x9}, {&(0x7f0000000040)='z', 0x1}], 0x2) 1.159048786s ago: executing program 0 (id=7710): r0 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r0, 0x800442d4, &(0x7f0000000140)=0xffe) 947.446183ms ago: executing program 0 (id=7704): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a440100000b0a010400000000000000000a0000040c00104000000000000000012c001280280001800e000100636f6e6e6c696d6974000000140002800800024000000001080001400000000008000640ffffff00080008400000000108000a4000000001e0001280100001800a00010071756575650000000c0001800800010064757000380001800a00010071756f7461000000280002800800024000000001080002400000000108000240000000020c00044000000000000000055800018008000100667764004c000280080003400000000a080003400000000a0800014000000016080003400000000a08000240000000130800024000000016080002400000000b08000240000000020800014000000000100001800c0001007061796c6f616400200001800b000100746172676574000010000280090001004d41524b0000000088010000020a05000000000000000000000000040800024000000001c0000600e4650676c8ec8967ab88700866f11b9eeaafcabade2fff9cf7a0f448eaa99a535f0373877e6855899d90e9afb34b85afd6a67f3934d8798de584429a884953ebabbffedbe2b8ca823b6c4da743d3a9a5639cb9312fb923c4da775fad0f7eba7a95395427966c7ea5219d19aa80381d3fed6d880dfc1f9daef1fd3796249a3c63092af59e5dc20800fac6c78db9ad8bbe8174a5bfbe5bf7cd719a6aa8ea3b46e57d19e63edc09212d997d9c2091bdc501c7b70428f2f02d73040bbfd20c0004400000000000000004080002400000000308000240000000038d000600c95297e2b7e1a5dce8496ed6fd59627cab62e54a8bfbc5d5ce821cc4b3bd4688b2f7f99749be858f59e600714950467bdcaf9ad5295a1644e22787000cc1ef06a520fb0f743961ebea5fd7f02e527c4e0fb678a28c01b064cd6e1c1e89f9eb0fa9bc5d8b59444762e573b802f4d33016afdbf7d0a44cb70a7f2b2d57229d63cfdf11ddf8009709887e00000074010000060a010200000000000000000700000708000a400000000051000740ef5abe06d6d84856756154fe108a1668987ed2b9983c829c34c7a5a1e6a8168aaec117f256de742f9043aef1daa93ed0c483eaeaf164920ea9265a7f1f242518133ab372507b86208e660cb2a60000000900010073797a31000000000c00064000000000000000010c00064000000000000000010c00034000000000000000040c0006400000000000000002bc0004800c000180080001006c6f6700200001800800010064757000140002800800024000000009080002400000000f8c0001800b00010074617267657400007c00028059000300ed3acc79f68d27f0ea07ad946b2846387346ffdc13ad4bde7dcb690ede6a5823b50d931cbc1706d5e9e97eb6b85d32356f831563c2df3846063da13ed79f8befe8e16e6b23d42e76f0dc5b18598de0ac3660cc7cc60000000d000100434c415353494659000000000900010044534350000000000c000580080002400000000228000000000a03000000000000000000050000030900010073797a30000000000800024000000002500600000e0a01010000000000000000050000060900010073797a3000000000090002"], 0xae0}, 0x1, 0x0, 0x0, 0x10008000}, 0x4000000) 944.332374ms ago: executing program 3 (id=7705): r0 = syz_open_dev$vim2m(&(0x7f0000000680), 0x8, 0x2) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0xc0205649, &(0x7f0000000280)=0x2) 908.405677ms ago: executing program 1 (id=7706): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000400)={'ipvlan1\x00', &(0x7f0000000300)=@ethtool_drvinfo={0x27, "cfae1e8610332aaf073c8d7e23e24149747696f72937d0eaa72f3f6db551129c", "88525cd14f8eed12a8efcbb486d5f94e1f7192a907767ee928726d8541593048", "94ed2609f31e59a9041429955c25747ddc5a9aa68b65f79d739539ff50fe6bbc", "e6ece6330b875a499a782bbd0bde05326e338adc8f3a60c5212b04fb64fff642", "a4e30583baf6fdc385302137f3f6b686903632a36dd691e2f0de22424c816b2b", "69dcedab10ae79d6206beff9", 0x7fffffff, 0x0, 0x4, 0x1, 0x1000}}) 826.252723ms ago: executing program 0 (id=7707): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010005000000000000000000000a20000000000a01020000000000000000030000000900010073797a300000000028000000000a01040000000000000000030000000900010073797a3000000000080002400000000130000000030a03000000000000000000030000020900030073797a30000000000900010073797a3000000000040004"], 0xa0}}, 0x0) 781.636427ms ago: executing program 1 (id=7708): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448dc, 0x0) 774.042537ms ago: executing program 3 (id=7709): r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_G_CROP(r0, 0xc014563b, &(0x7f0000000040)={0x9, {0xffffff81, 0x9, 0x7, 0xa7}}) 670.968816ms ago: executing program 0 (id=7711): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="17000000550001000000000000c4000007"], 0x38}}, 0x0) 582.548593ms ago: executing program 0 (id=7712): r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d04031d5abf0009050400005539000009050b00000000000009050200000005000009047d01013481af0009a00e00230000690009047dbe"], 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) 582.422703ms ago: executing program 3 (id=7713): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000240)='./file0\x00', 0x2000082, &(0x7f0000000300)={[{@utf8no}, {@shortname_mixed}, {@uni_xlate}, {@shortname_win95}, {@fat=@codepage={'codepage', 0x3d, '862'}}, {@uni_xlate}, {@rodir}, {@uni_xlate}, {@numtail}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp869'}}, {@iocharset={'iocharset', 0x3d, 'maccroatian'}}, {@utf8}, {@fat=@check_strict}, {@fat=@usefree}, {@shortname_winnt}, {@utf8}]}, 0x9, 0x353, &(0x7f0000006280)="$eJzs3T1sW9UXAPDjPid2o3//8YBUwWTYkFDVBDHAlKoqUkUGKLL4WrBoykccKsXCUhjieAFVTCAWJJjYOsDYGTEgxMbASpFQAbHQLVIjHvLHs59jhySDI6r+fkN0dO497x6/XMXJU3LzejvWr87Ftbt370S5XIjiysWV2C1EJU5FEn07MUVh56P5aXkA4D9vN03jr7Tv8NmfLGSR934AuH/13v/fPDNKlI5YWIyIG/+bVVsAwAztpmk5Dv/5//mp2eszawsAmKGJ5/+PjQ3ve8xfHP5OAABw/3rxlVefu7AacaVaLUdsfNiqtWrxzGj8wrV4OxqxFudjMfai/6gg+t8tdD8+e3n10vlq12+VqHUrWrWIU6P6pFdfiqVYjEpkjxqy+qRbv9Srr0bETru3fmwUWrW5WBis//NCrMVyLMZDE/URl1cvLVcHF6htZPXtiE6Usya6/Z+Lxfjxjbgejbga3dpR/9tL1erFdHWsvnWz1JsHAAAAAAAAAAAAAAAAAAAAAACzcK46VBmef5NutFsfXNk/oTJ2Pk6tPzw4H6jTPx8oLWWn89xI9p8PNH4+T6tWzJ0SBAAAAAAAAAAAAAAAAAAAAA+25tZ81BuNtc3m1vvr+aCdy7z7/Vffno5sqDgofScZVcUgOXadbGLuykkMl0iH5WkyNmcQJBHZ5J36zVvDjvNzSsNXMVHeDUoTQ4VBT/VG48yjv34+rervbrDTyyQxcVvGg8Jg/dzQxv+7iXJE7B1UdXCwfMic22maHlS+/dlkVRQiinHsNo4QfHfnrYefbJ59qpf5ZnDow+NPLL50+9Mv/1ivN6LTvzONxvxmcy89wpW7vU4OJbn9Uxjc58KUnTA96Iwync3mVj356c+XH/n4h32Tk+n7J81n3jt4ra/3Z+b7QSGikt2Ef2t1bsrmnx68dm+4e4//iTv7xUr91vYvvx+1KvdFwkEdAAAAAAAAAAAAAAAAAABwInJ/K34MT78wu44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OSN/v9/LuhMZI4S3GvH5FBpbbN54OKnT/SlAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwAPsnAAD//y8kcO4=") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) 581.236933ms ago: executing program 1 (id=7714): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="700000001900010000000000000000001d0109004d00128008002100", @ANYRES32=0x0, @ANYBLOB="428184a477201acb0f24d8c531680464ff1e08554baff2279134e2a452c739471e1c7bd4aef903f973120a8762bddc1900f269ce3068ee8401e0199c9cf16ed3da0000000c000d"], 0x70}, 0x1, 0x0, 0x0, 0x4}, 0x804) 452.462763ms ago: executing program 2 (id=7715): r0 = socket$inet6(0xa, 0x80001, 0x0) getsockopt$bt_hci(r0, 0x0, 0x60, &(0x7f00001e3000)=""/30, &(0x7f0000d23000)=0x44) 377.015899ms ago: executing program 1 (id=7716): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000740)={@loopback, @multicast2}, 0xc) 242.93412ms ago: executing program 1 (id=7717): r0 = socket(0x1e, 0x4, 0x0) setsockopt$CAIFSO_LINK_SELECT(r0, 0x116, 0x7f, 0x0, 0x0) 142.813809ms ago: executing program 2 (id=7718): syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000240)='./file0\x00', 0x2000400, &(0x7f00000004c0)=ANY=[], 0x1, 0x229, &(0x7f0000000000)="$eJzsmL9rFEEUx78zt7d3Z0S0SWFjYcCI5i6316QJGkGwEiHxV6WHWUO8S04uK5gDkWBjo52FYGPhP2ARMJWFnf+AoIUKgoJXWNikWXkzc3dzGc/dbNL5PsXwnXlvZt57N/uKA8Mw/y1fv/z+/OTczMJpAAcxgYJZ/54DhNBaWv6fnt879Wz2/IvXH1+9Wz30YGvnebQljocXiv+43wPwdi6Hh/2b+ru3SUyYyQIk6R+kL0PipFm/CoGy0TchccXoEALXjb5j6Rb5l8u3l5th+VaruUhimoYqDQENtZ3xdTcEFs08juNYWPa19U6j3myGbUt4xvYXUybRv6wx7tQvDx/dOZmHFR9V8drjRxs079VmWtdPUYVE1SRRg8C8WZ9BoVcbXRIr/6Pe4Pyck7+b7fYb5UuGpCSLWsz+2pdikfChxZGpbOdMUjpnXdNhZIkHw7vyGJiokvuT8sino4SX/BbPmB90d1eM0QO4mDaLpyUAe8qrkCrC3WYxJMa7W+9d07ek7bFIvkKkfz/FtDH3PsTsVS2h05B7qdiowD5s6v4RvxQ4YfUnz+oflWjlbmVtvTO1vFJfCpfC1SCoFca0TTWiihqdvjfozyXVnw5Y5+dH+PrSx/16FLWrevSFjxKiqB2oeWB9NvObrZ83zLYIFwAc1xNqm37/xJxzh/C1j1S+pCZdJ4ZhGIZhGIZhGIZhGIZhmEwcg1D/giYQXFLefwIAAP///cxfQA==") lgetxattr(&(0x7f0000000600)='./file1\x00', &(0x7f0000000280)=ANY=[@ANYBLOB='user.', @ANYBLOB="9044ef5cf74f769c77e662692954743a1cf9a4a46bdc17952cfde2a3d95fa7094a5ca6c90c569e760cb302e115e19c4a7e5fb414f4fbce"], 0x0, 0x0) 105.317332ms ago: executing program 1 (id=7719): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r0, 0x2000012, 0xeff, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b9", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 0s ago: executing program 3 (id=7720): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000014800)={0x0, 0x0, &(0x7f00000147c0)={&(0x7f0000000000)=@allocspi={0x100, 0x16, 0x1, 0x70bd25, 0x25dfdbff, {{{@in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @in6=@dev={0xfe, 0x80, '\x00', 0x21}, 0x4e23, 0x0, 0x4e20, 0x3, 0x2, 0x20, 0x10, 0x3a}, {@in=@loopback, 0x4d5, 0x33}, @in=@local, {0x1, 0x10, 0x4, 0x8001, 0x8, 0x7f7, 0xaaf0, 0x2}, {0x500000, 0x4, 0x4, 0x2}, {0xc908, 0x2127268a, 0x8}, 0x70bd2b, 0x3507, 0xa, 0x0, 0x0, 0x10}, 0xff, 0x80000002}, [@XFRMA_SET_MARK={0x8, 0x1d, 0x7b8}]}, 0x100}, 0x1, 0x0, 0x0, 0x880}, 0x48000) kernel console output (not intermixed with test programs): Deprecated parameter 'namecase' [ 583.441976][ T27] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 583.451664][T27573] exfat: Deprecated parameter 'utf8' [ 583.457757][ T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 583.466072][ T27] usb 2-1: Product: syz [ 583.477665][ T27] usb 2-1: Manufacturer: syz [ 583.482919][ T27] usb 2-1: SerialNumber: syz [ 583.491132][ T27] usb 2-1: config 0 descriptor?? [ 583.501519][ T27] usb 2-1: bad CDC descriptors [ 583.506939][ T27] usb 2-1: unsupported MDLM descriptors [ 583.520562][T27573] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 583.604363][T27506] XFS (loop0): Ending clean mount [ 583.645379][T27506] XFS (loop0): Quotacheck needed: Please wait. [ 583.744210][ T27] usb 2-1: USB disconnect, device number 22 [ 583.837167][T27506] XFS (loop0): Quotacheck: Done. [ 584.096461][T27603] loop3: detected capacity change from 0 to 512 [ 584.144259][ T5784] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 584.173644][T27603] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 584.201502][T27603] ext4 filesystem being mounted at /1501/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 584.293816][T27603] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 584.451083][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 584.498134][ T1202] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 584.706383][ T1202] usb 3-1: config 0 interface 0 altsetting 12 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 584.730287][ T1202] usb 3-1: config 0 interface 0 has no altsetting 0 [ 584.755628][ T1202] usb 3-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=d9.c3 [ 584.778245][ T1202] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 584.802627][ T1202] usb 3-1: Product: syz [ 584.806967][ T1202] usb 3-1: Manufacturer: syz [ 584.832627][ T1202] usb 3-1: SerialNumber: syz [ 584.860568][ T1202] usb 3-1: config 0 descriptor?? [ 584.871685][ T1202] keyspan 3-1:0.0: Keyspan 2 port adapter converter detected [ 584.879412][ T1202] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 7 [ 584.912448][ T1202] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 81 [ 584.930400][ T1202] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 1 [ 584.938243][ T1202] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 2 [ 584.950317][ T1202] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 85 [ 584.958309][ T1202] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 5 [ 584.992292][ T1202] usb 3-1: Keyspan 2 port adapter converter now attached to ttyUSB0 [ 585.013881][ T1202] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 83 [ 585.031555][ T1202] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 3 [ 585.039476][ T1202] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 4 [ 585.084756][ T1202] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 86 [ 585.112747][ T1202] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 6 [ 585.132753][ T1202] usb 3-1: Keyspan 2 port adapter converter now attached to ttyUSB1 [ 585.168628][ T1202] usb 3-1: USB disconnect, device number 26 [ 585.185575][ T1202] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0 [ 585.261187][ T1202] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1 [ 585.318827][ T1202] keyspan 3-1:0.0: device disconnected [ 585.449351][T27682] loop1: detected capacity change from 0 to 256 [ 585.499459][T27682] FAT-fs (loop1): Directory bread(block 64) failed [ 585.527648][T27682] FAT-fs (loop1): Directory bread(block 65) failed [ 585.545893][T27682] FAT-fs (loop1): Directory bread(block 66) failed [ 585.554764][T27682] FAT-fs (loop1): Directory bread(block 67) failed [ 585.566902][T27682] FAT-fs (loop1): Directory bread(block 68) failed [ 585.577445][T27682] FAT-fs (loop1): Directory bread(block 69) failed [ 585.603762][T27682] FAT-fs (loop1): Directory bread(block 70) failed [ 585.620721][T27682] FAT-fs (loop1): Directory bread(block 71) failed [ 585.647405][T27682] FAT-fs (loop1): Directory bread(block 72) failed [ 585.671801][T27682] FAT-fs (loop1): Directory bread(block 73) failed [ 585.812919][T27698] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 586.061033][T27708] overlayfs: conflicting options: userxattr,redirect_dir=on [ 586.452448][ T5790] Bluetooth: hci2: command 0x0406 tx timeout [ 586.688535][T27745] ipt_REJECT: TCP_RESET invalid for non-tcp [ 587.177154][T27781] kernel read not supported for file /  (pid: 27781 comm: syz.3.5941) [ 587.206232][ T28] audit: type=1800 audit(2000000171.030:160): pid=27781 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5941" name=200120 dev="mqueue" ino=46059 res=0 errno=0 [ 587.723527][T27809] loop3: detected capacity change from 0 to 4096 [ 587.751589][T27809] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 587.835023][T27809] ntfs: (device loop3): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 587.867836][T27809] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing. [ 587.887205][T27809] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 587.940203][T27809] ntfs: (device loop3): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 587.989757][T27824] netlink: 'syz.2.5956': attribute type 7 has an invalid length. [ 588.017456][T27824] netlink: 'syz.2.5956': attribute type 8 has an invalid length. [ 588.040567][T27809] ntfs: volume version 3.1. [ 588.770179][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 589.232126][T27891] loop2: detected capacity change from 0 to 256 [ 590.040051][ T55] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 590.197175][T27950] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5994'. [ 590.208662][T27950] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5994'. [ 590.240158][T27950] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5994'. [ 590.243743][ T55] usb 4-1: config 220 has an invalid interface number: 76 but max is 2 [ 590.287322][ T55] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 590.313896][ T55] usb 4-1: config 220 has no interface number 2 [ 590.330175][ T55] usb 4-1: config 220 interface 1 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 590.360014][ T55] usb 4-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12 [ 590.398117][ T55] usb 4-1: config 220 interface 0 has no altsetting 0 [ 590.420055][ T55] usb 4-1: config 220 interface 76 has no altsetting 0 [ 590.428880][ T55] usb 4-1: config 220 interface 1 has no altsetting 0 [ 590.440246][ T55] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 590.449732][ T55] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 590.458792][ T55] usb 4-1: Product: syz [ 590.463670][T27969] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5999'. [ 590.472761][ T55] usb 4-1: Manufacturer: syz [ 590.477496][ T55] usb 4-1: SerialNumber: syz [ 590.719006][ T55] usb 4-1: selecting invalid altsetting 0 [ 590.742056][ T55] usb 4-1: Found UVC 7.01 device syz (8086:0b07) [ 590.754529][ T55] usb 4-1: No valid video chain found. [ 590.807662][ T55] usb 4-1: selecting invalid altsetting 0 [ 590.816630][ T55] usbtest: probe of 4-1:220.1 failed with error -22 [ 590.839531][ T55] usb 4-1: USB disconnect, device number 28 [ 591.120318][ T9] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 591.320126][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 591.336917][ T9] usb 3-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 591.356916][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 591.375269][ T9] usb 3-1: Product: syz [ 591.386861][ T9] usb 3-1: Manufacturer: syz [ 591.400114][ T9] usb 3-1: SerialNumber: syz [ 591.413145][ T9] usb 3-1: config 0 descriptor?? [ 591.887447][ T9] peak_usb 3-1:0.0 can0: unable to request usb[type=0 value=0] err=-71 [ 591.909984][ T9] peak_usb 3-1:0.0: unable to read PCAN-USB Pro bootloader info (err -71) [ 591.982246][ T9] peak_usb: probe of 3-1:0.0 failed with error -71 [ 592.003805][ T9] usb 3-1: USB disconnect, device number 27 [ 592.272739][T28043] loop3: detected capacity change from 0 to 32768 [ 592.295593][T28043] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 592.353750][T28043] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 592.645053][ T5786] ocfs2: Unmounting device (7,3) on (node local) [ 593.073758][T28108] loop3: detected capacity change from 0 to 256 [ 593.144962][T28108] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x07bb551f, utbl_chksum : 0xe619d30d) [ 594.079598][T28162] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6047'. [ 594.357087][T28119] loop1: detected capacity change from 0 to 32768 [ 594.387769][T28119] XFS: attr2 mount option is deprecated. [ 594.463547][T28119] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 594.486746][T28119] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 594.567019][T28192] tmpfs: Bad value for 'usrquota_inode_hardlimit' [ 594.673696][T28119] XFS (loop1): Ending clean mount [ 594.703136][T28119] XFS (loop1): Quotacheck needed: Please wait. [ 594.843260][T28119] XFS (loop1): Quotacheck: Done. [ 595.097996][ T5787] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 596.090414][T28298] overlayfs: conflicting options: nfs_export=on,index=off [ 596.687252][T28330] usb usb3: usbfs: process 28330 (syz.1.6087) did not claim interface 0 before use [ 596.970957][T28344] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 597.869062][T28388] loop3: detected capacity change from 0 to 4096 [ 597.887667][T28388] ntfs: (device loop3): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1. [ 597.935690][T28388] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing. [ 597.961755][T28388] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 598.020346][T28388] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 598.066004][T28388] ntfs: volume version 3.1. [ 598.095556][T28388] ntfs: (device loop3): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 598.137301][T28388] ntfs: (device loop3): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 598.189511][T28388] ntfs: (device loop3): load_system_files(): Failed to determine if Windows is hibernated. Mounting read-only. Run chkdsk. [ 598.232066][T28388] ntfs: (device loop3): ntfs_read_locked_index_inode(): $INDEX_ROOT attribute is missing. [ 598.270155][T28388] ntfs: (device loop3): ntfs_read_locked_index_inode(): Failed with error code -2 while reading index inode (mft_no 0x0, name_len 2. [ 598.304362][T28388] ntfs: (device loop3): load_and_init_quota(): Failed to load $Quota/$Q index. [ 598.677243][T28389] loop2: detected capacity change from 0 to 32768 [ 598.757816][T28414] netlink: 'syz.3.6113': attribute type 2 has an invalid length. [ 598.792959][T28389] ERROR: (device loop2): dbAlloc: unable to allocate blocks [ 598.792959][T28389] [ 598.810125][T28414] netlink: 'syz.3.6113': attribute type 1 has an invalid length. [ 598.835472][T28414] netlink: 'syz.3.6113': attribute type 1 has an invalid length. [ 598.911915][T28394] loop0: detected capacity change from 0 to 32768 [ 598.949063][T28394] XFS: attr2 mount option is deprecated. [ 599.014880][T28418] loop1: detected capacity change from 0 to 4096 [ 599.072060][T28394] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 599.121248][T28394] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 599.144143][T28418] ntfs: volume version 3.1. [ 599.272915][T28394] XFS (loop0): Ending clean mount [ 599.329657][T28394] XFS (loop0): Quotacheck needed: Please wait. [ 599.477027][T28394] XFS (loop0): Quotacheck: Done. [ 599.764098][T28449] loop1: detected capacity change from 0 to 2048 [ 599.779446][ T5784] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 599.924495][T28449] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 600.790878][T28454] loop3: detected capacity change from 0 to 32768 [ 600.969876][T28454] ERROR: (device loop3): dbAllocNext: Corrupt dmap page [ 600.969876][T28454] [ 601.189286][T28495] loop0: detected capacity change from 0 to 4096 [ 601.298843][T28495] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 601.312298][T28495] ntfs3: loop0: Failed to load $Extend (-22). [ 601.324845][T28495] ntfs3: loop0: Failed to initialize $Extend. [ 601.345889][T28509] loop2: detected capacity change from 0 to 512 [ 601.411381][T28509] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 601.468817][T28509] ext4 filesystem being mounted at /1623/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 601.506938][T28519] netlink: 'syz.1.6138': attribute type 1 has an invalid length. [ 601.515431][T28519] netlink: 216 bytes leftover after parsing attributes in process `syz.1.6138'. [ 601.784918][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 601.908943][T28530] loop1: detected capacity change from 0 to 1024 [ 601.964949][T28530] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 602.000678][T28530] ext4 filesystem being mounted at /1587/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 602.290191][ T55] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 602.312669][T28558] loop3: detected capacity change from 0 to 256 [ 602.393833][T28558] FAT-fs (loop3): Directory bread(block 64) failed [ 602.414796][T28558] FAT-fs (loop3): Directory bread(block 65) failed [ 602.450865][T28558] FAT-fs (loop3): Directory bread(block 66) failed [ 602.457490][T28558] FAT-fs (loop3): Directory bread(block 67) failed [ 602.483879][T28558] FAT-fs (loop3): Directory bread(block 68) failed [ 602.503317][T28558] FAT-fs (loop3): Directory bread(block 69) failed [ 602.510433][ T55] usb 2-1: Using ep0 maxpacket: 8 [ 602.540434][T28558] FAT-fs (loop3): Directory bread(block 70) failed [ 602.547068][T28558] FAT-fs (loop3): Directory bread(block 71) failed [ 602.560461][ T55] usb 2-1: config 4 has an invalid interface number: 244 but max is 0 [ 602.568787][ T55] usb 2-1: config 4 has no interface number 0 [ 602.585189][T28558] FAT-fs (loop3): Directory bread(block 72) failed [ 602.590172][ T55] usb 2-1: config 4 interface 244 altsetting 1 endpoint 0x1 has an invalid bInterval 41, changing to 7 [ 602.608396][T28558] FAT-fs (loop3): Directory bread(block 73) failed [ 602.611835][ T55] usb 2-1: config 4 interface 244 altsetting 1 endpoint 0x2 has invalid maxpacket 65267, setting to 1024 [ 602.627958][ T55] usb 2-1: config 4 interface 244 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 1024 [ 602.640126][ T55] usb 2-1: config 4 interface 244 has no altsetting 0 [ 602.650852][ T55] usb 2-1: New USB device found, idVendor=05ac, idProduct=fa33, bcdDevice=cb.aa [ 602.661394][ T55] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 602.679397][ T55] usb 2-1: Product: syz [ 602.717125][ T55] usb 2-1: Manufacturer: syz [ 602.727207][ T55] usb 2-1: SerialNumber: syz [ 602.741673][T28530] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 602.971361][ T55] ipheth 2-1:4.244: Unable to find endpoints [ 603.004522][ T55] usb 2-1: USB disconnect, device number 23 [ 603.224805][T28566] loop2: detected capacity change from 0 to 32768 [ 603.708507][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 603.773610][T28612] loop3: detected capacity change from 0 to 256 [ 604.057764][ T28] kauditd_printk_skb: 23 callbacks suppressed [ 604.057780][ T28] audit: type=1326 audit(2000000187.880:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28625 comm="syz.3.6162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe9e18ebe9 code=0x7ffc0000 [ 604.086969][ C0] vkms_vblank_simulate: vblank timer overrun [ 604.167440][ T28] audit: type=1326 audit(2000000187.920:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28625 comm="syz.3.6162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe9e18ebe9 code=0x7ffc0000 [ 604.196828][T28620] loop1: detected capacity change from 0 to 4096 [ 604.238924][T28620] ntfs: (device loop1): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1. [ 604.274180][T28620] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing. [ 604.295179][T28620] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 604.298468][ T28] audit: type=1326 audit(2000000187.930:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28625 comm="syz.3.6162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=172 compat=0 ip=0x7fbe9e18ebe9 code=0x7ffc0000 [ 604.330127][T28620] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 604.385183][T28620] ntfs: volume version 3.1. [ 604.387108][ T28] audit: type=1326 audit(2000000187.930:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28625 comm="syz.3.6162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe9e18ebe9 code=0x7ffc0000 [ 604.411067][T28620] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 604.432742][ T28] audit: type=1326 audit(2000000188.160:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28632 comm="syz.2.6163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6ad8ebe9 code=0x7ffc0000 [ 604.477435][T28639] netlink: 64 bytes leftover after parsing attributes in process `syz.2.6165'. [ 604.547707][T28639] netlink: 64 bytes leftover after parsing attributes in process `syz.2.6165'. [ 604.862663][T28605] loop0: detected capacity change from 0 to 32768 [ 604.909264][T28605] (syz.0.6158,28605,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 604.940492][T28655] loop3: detected capacity change from 0 to 256 [ 604.966046][T28605] (syz.0.6158,28605,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 605.028714][T28605] JBD2: Ignoring recovery information on journal [ 605.238536][T28605] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 605.654492][T28685] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6178'. [ 605.668580][T28685] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6178'. [ 605.691444][ T5784] ocfs2: Unmounting device (7,0) on (node local) [ 605.741787][T28685] ip6gretap1: entered allmulticast mode [ 605.851759][T28687] loop2: detected capacity change from 0 to 4096 [ 605.882072][T28687] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 606.007523][T28687] ntfs3: loop2: MFT: r=18, expect seq=1 instead of 0! [ 606.037874][T28687] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 606.078086][T28687] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 606.383420][T28705] xt_CT: You must specify a L4 protocol and not use inversions on it [ 606.403111][T28670] loop1: detected capacity change from 0 to 32768 [ 606.450490][T28670] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 606.500406][T28715] loop2: detected capacity change from 0 to 8 [ 606.508204][T28670] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 606.888928][ T5787] ocfs2: Unmounting device (7,1) on (node local) [ 606.957051][T28736] netlink: 9 bytes leftover after parsing attributes in process `syz.2.6189'. [ 606.994494][T28736] 0·: renamed from hsr0 (while UP) [ 607.042222][T28736] 0·: entered allmulticast mode [ 607.057149][T28736] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 607.096969][T28743] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6190'. [ 607.106782][T28737] loop0: detected capacity change from 0 to 4096 [ 607.136538][T28743] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6190'. [ 607.219320][T28737] ntfs: volume version 3.1. [ 607.803297][T28772] xt_CT: You must specify a L4 protocol and not use inversions on it [ 607.873560][T28778] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 608.011289][T28784] netlink: 'syz.0.6205': attribute type 10 has an invalid length. [ 608.351457][T28799] loop2: detected capacity change from 0 to 512 [ 608.471563][T28799] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 608.479690][T28799] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802c01c, mo2=0002] [ 608.528351][T28799] EXT4-fs (loop2): orphan cleanup on readonly fs [ 608.535245][T28799] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #13: comm syz.2.6210: iget: bad i_size value: 12154761577498 [ 608.567448][T28799] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.6210: couldn't read orphan inode 13 (err -117) [ 608.598164][T28799] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 608.638850][T28799] EXT4-fs warning (device loop2): dx_probe:893: inode #2: comm syz.2.6210: dx entry: limit 65535 != root limit 120 [ 608.654231][T28799] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.6210: Corrupt directory, running e2fsck is recommended [ 608.752280][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 608.768480][T28817] xt_CT: You must specify a L4 protocol and not use inversions on it [ 609.086296][T28829] xt_hashlimit: max too large, truncated to 1048576 [ 609.119788][T28832] xt_CONNSECMARK: invalid mode: 0 [ 609.279555][T28810] loop1: detected capacity change from 0 to 32768 [ 609.381019][ T28] kauditd_printk_skb: 12 callbacks suppressed [ 609.381036][ T28] audit: type=1800 audit(2000000193.210:170): pid=28810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.6213" name="file0" dev="loop1" ino=35 res=0 errno=0 [ 609.732790][T28861] dlm: no locking on control device [ 609.800080][ T9] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 609.901611][T28869] loop0: detected capacity change from 0 to 512 [ 609.926670][T28869] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 609.985838][T28869] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 609.996216][T28869] System zones: 0-2, 18-18, 34-34 [ 610.023392][ T9] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 610.031655][T28869] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 610.032657][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 610.053527][ T9] usb 3-1: Product: syz [ 610.057731][ T9] usb 3-1: Manufacturer: syz [ 610.062655][ T9] usb 3-1: SerialNumber: syz [ 610.068856][T28869] ext4 filesystem being mounted at /1393/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 610.274325][ T5784] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 610.326166][ T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71 [ 610.355988][ T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71 [ 610.372463][ T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71 [ 610.400094][ T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 610.432029][ T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 610.466463][ T9] lan78xx: probe of 3-1:1.0 failed with error -71 [ 610.481077][ T9] usb 3-1: USB disconnect, device number 28 [ 611.499108][T28981] loop1: detected capacity change from 0 to 4096 [ 611.526027][T28981] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 611.550120][ T9] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 611.740365][ T9] usb 3-1: Using ep0 maxpacket: 8 [ 611.767544][ T9] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 611.783499][ T9] usb 3-1: config 179 has no interface number 0 [ 611.792585][ T9] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 611.808084][ T9] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 611.819474][T28989] loop3: detected capacity change from 0 to 4096 [ 611.827984][ T9] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 611.852808][ T9] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 611.884601][ T9] usb 3-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 611.911013][T28989] ntfs: volume version 3.1. [ 611.937460][ T9] usb 3-1: config 179 interface 65 has no altsetting 0 [ 611.968705][ T9] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 611.998547][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 612.081319][ T9] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input28 [ 612.153934][ T5141] input input28: unable to receive magic message: -110 [ 612.172969][T15154] ntfs: (device loop3): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry. [ 612.198982][ T5141] input input28: unable to receive magic message: -32 [ 612.283940][ T5141] input input28: unable to receive magic message: -32 [ 612.349323][T29009] netlink: 132 bytes leftover after parsing attributes in process `syz.1.6254'. [ 612.366858][ T6017] input input28: unable to receive magic message: -32 [ 612.418337][ T5141] input input28: unable to receive magic message: -32 [ 612.445091][ T5141] input input28: unable to receive magic message: -32 [ 612.664529][T18124] usb 3-1: USB disconnect, device number 29 [ 612.664571][ C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 612.679516][T18124] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 612.975865][T29045] openvswitch: netlink: Geneve opt len 3 is not a multiple of 4. [ 613.544316][T29076] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6271'. [ 613.781641][T29093] netlink: 'syz.2.6274': attribute type 3 has an invalid length. [ 614.186110][T29111] syz_tun: left promiscuous mode [ 614.260600][T29111] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 614.425890][T29126] netlink: 'syz.3.6286': attribute type 21 has an invalid length. [ 614.434085][T29126] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6286'. [ 614.460057][T29126] netlink: 'syz.3.6286': attribute type 1 has an invalid length. [ 614.638552][T29133] usb usb1: usbfs: process 29133 (syz.0.6288) did not claim interface 0 before use [ 614.707681][T29138] netlink: 'syz.3.6291': attribute type 1 has an invalid length. [ 614.734837][T29138] netlink: 36 bytes leftover after parsing attributes in process `syz.3.6291'. [ 615.036752][T29160] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6298'. [ 615.454807][T29181] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6305'. [ 615.610269][T29187] netlink: 'syz.2.6306': attribute type 41 has an invalid length. [ 615.920402][T29207] loop3: detected capacity change from 0 to 8 [ 615.963645][T29210] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 616.635094][T29248] netlink: 'syz.0.6326': attribute type 21 has an invalid length. [ 616.658981][T29252] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6325'. [ 616.695955][T29252] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6325'. [ 616.716172][T29252] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6325'. [ 617.132362][T29265] loop2: detected capacity change from 0 to 4096 [ 617.148574][T29265] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 617.222020][T29265] ntfs3: loop2: mft corrupted [ 617.229651][ T28] audit: type=1800 audit(2000000201.050:171): pid=29265 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.6331" name="file0" dev="loop2" ino=33 res=0 errno=0 [ 617.385614][T29284] SET target dimension over the limit! [ 617.635129][ T28] audit: type=1326 audit(2000000201.460:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29302 comm="syz.2.6340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6ad8ebe9 code=0x7ffc0000 [ 617.722287][ T28] audit: type=1326 audit(2000000201.460:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29302 comm="syz.2.6340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6ad8ebe9 code=0x7ffc0000 [ 617.814461][ T28] audit: type=1326 audit(2000000201.500:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29302 comm="syz.2.6340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f0e6ad8ebe9 code=0x7ffc0000 [ 617.918139][ T28] audit: type=1326 audit(2000000201.500:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29302 comm="syz.2.6340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6ad8ebe9 code=0x7ffc0000 [ 617.949612][ T28] audit: type=1326 audit(2000000201.500:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29302 comm="syz.2.6340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6ad8ebe9 code=0x7ffc0000 [ 618.518729][T29352] loop2: detected capacity change from 0 to 512 [ 618.567387][T29352] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002] [ 618.582020][T29352] System zones: 0-2, 18-18, 34-34 [ 618.587483][T29352] EXT4-fs (loop2): orphan cleanup on readonly fs [ 618.611779][T29352] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.6348: bg 0: block 248: padding at end of block bitmap is not set [ 618.644005][T29352] Quota error (device loop2): write_blk: dquota write failed [ 618.655686][T29352] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 618.666094][T29352] EXT4-fs error (device loop2): ext4_acquire_dquot:6940: comm syz.2.6348: Failed to acquire dquot type 1 [ 618.681550][T29352] EXT4-fs (loop2): 1 orphan inode deleted [ 618.697455][T10331] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-5 [ 618.760995][T10331] EXT4-fs error (device loop2): ext4_release_dquot:6976: comm kworker/u4:8: Failed to release dquot type 1 [ 618.812933][T29352] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 618.953443][T29352] EXT4-fs error (device loop2): ext4_lookup:1862: inode #2: comm syz.2.6348: deleted inode referenced: 12 [ 619.121596][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 619.281469][T29381] loop1: detected capacity change from 0 to 2048 [ 619.320367][T29381] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 619.365999][T29391] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 620.134565][T29383] loop3: detected capacity change from 0 to 32768 [ 620.194093][T29383] [ 620.194093][T29383] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 620.194093][T29383] [ 620.300409][T29383] JFS: metapage_get_blocks failed [ 620.340063][T29383] ERROR: (device loop3): release_metapage: metapage_write_one() failed [ 620.340063][T29383] [ 620.394985][T29383] ERROR: (device loop3): diWrite: ixpxd invalid [ 620.394985][T29383] [ 620.432703][T29383] ERROR: (device loop3): txCommit: [ 620.432703][T29383] [ 620.617312][ T5786] [ 620.617312][ T5786] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 620.617312][ T5786] [ 620.661270][ T5786] [ 620.661270][ T5786] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 620.661270][ T5786] [ 621.215682][T29475] QAT: Stopping all acceleration devices. [ 621.239383][ T28] audit: type=1326 audit(2000000205.050:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29476 comm="syz.0.6377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c62b8ebe9 code=0x7ffc0000 [ 621.361979][T29477] loop0: detected capacity change from 0 to 2048 [ 621.436965][T29477] Alternate GPT is invalid, using primary GPT. [ 621.465204][T29477] loop0: p2 p3 p7 [ 621.575801][T29494] loop2: detected capacity change from 0 to 256 [ 621.616953][T29494] exfat: Deprecated parameter 'utf8' [ 621.633619][T29498] loop1: detected capacity change from 0 to 512 [ 621.660074][T29494] exfat: Deprecated parameter 'namecase' [ 621.701606][T29494] exfat: Deprecated parameter 'namecase' [ 621.707343][T29494] exfat: Deprecated parameter 'utf8' [ 621.771139][T29498] EXT4-fs error (device loop1): ext4_acquire_dquot:6940: comm syz.1.6381: Failed to acquire dquot type 0 [ 621.814731][T29498] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.6381: bg 0: block 64: padding at end of block bitmap is not set [ 621.876643][ T6299] udevd[6299]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 621.894278][ T6295] udevd[6295]: inotify_add_watch(7, /dev/loop0p7, 10) failed: No such file or directory [ 621.920836][T29494] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0x5270ca8d, utbl_chksum : 0xe619d30d) [ 621.931822][ T5779] udevd[5779]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 621.943528][T29498] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 621.993329][T29498] EXT4-fs (loop1): 1 truncate cleaned up [ 622.017799][T29498] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 622.061424][T29498] ext4 filesystem being mounted at /1647/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 622.364933][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 622.394690][T29541] netlink: 'syz.3.6390': attribute type 2 has an invalid length. [ 622.403958][T29541] netlink: 'syz.3.6390': attribute type 1 has an invalid length. [ 622.707112][T29558] loop1: detected capacity change from 0 to 64 [ 622.967858][T29570] autofs4:pid:29570:autofs_fill_super: called with bogus options [ 623.011435][T29575] netlink: 'syz.3.6397': attribute type 29 has an invalid length. [ 623.040494][T29575] netlink: 'syz.3.6397': attribute type 29 has an invalid length. [ 623.700656][T29610] trusted_key: encrypted_key: insufficient parameters specified [ 624.000510][T29628] loop0: detected capacity change from 0 to 512 [ 624.126727][T29628] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 624.200547][T29628] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 624.235057][T29628] EXT4-fs (loop0): 1 truncate cleaned up [ 624.250761][T29628] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 624.361968][T29628] EXT4-fs error (device loop0): ext4_append:79: inode #2: comm syz.0.6413: Logical block already allocated [ 624.527944][ T5784] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 624.547052][T29654] --map-set only usable from mangle table [ 624.620784][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.627338][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.751341][T29662] netlink: 'syz.0.6419': attribute type 21 has an invalid length. [ 624.775481][T29662] netlink: 132 bytes leftover after parsing attributes in process `syz.0.6419'. [ 624.790862][T29665] netlink: 88 bytes leftover after parsing attributes in process `syz.2.6420'. [ 624.833455][T29662] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6419'. [ 625.034902][T29674] autofs4:pid:29674:autofs_fill_super: called with bogus options [ 625.286078][T29623] loop1: detected capacity change from 0 to 32768 [ 625.332436][T29687] loop0: detected capacity change from 0 to 256 [ 625.346649][T29623] [ 625.346649][T29623] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 625.346649][T29623] [ 625.359662][T29687] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 625.429269][ T28] kauditd_printk_skb: 25 callbacks suppressed [ 625.429284][ T28] audit: type=1800 audit(2000000209.250:201): pid=29623 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.6410" name="file1" dev="loop1" ino=4 res=0 errno=0 [ 625.619302][ T5787] [ 625.619302][ T5787] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 625.619302][ T5787] [ 625.671560][ T5787] [ 625.671560][ T5787] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 625.671560][ T5787] [ 626.794320][T29709] loop1: detected capacity change from 0 to 32768 [ 626.876838][T29709] ea_get: invalid extended attribute [ 626.886801][T29709] ffff888057950c70: 04 00 00 00 .... [ 627.072124][T29716] loop2: detected capacity change from 0 to 32768 [ 627.091506][T29716] XFS: noikeep mount option is deprecated. [ 627.111331][T29716] XFS: ikeep mount option is deprecated. [ 627.188004][T29716] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 627.378062][T29730] loop3: detected capacity change from 0 to 32768 [ 627.484477][T29760] libceph: resolve '0' (ret=-3): failed [ 627.492211][T29730] ea_get: invalid extended attribute [ 627.503498][ T28] audit: type=1800 audit(2000000211.320:202): pid=29730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.6436" name="file1" dev="loop3" ino=4 res=0 errno=0 [ 627.530536][T29730] ea_get: invalid extended attribute [ 627.548038][T29716] XFS (loop2): Ending clean mount [ 627.705636][T29716] XFS: noikeep mount option is deprecated. [ 627.900200][ T5785] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 628.241176][T29781] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6443'. [ 628.294114][T29783] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6446'. [ 628.299861][T29781] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6443'. [ 628.342275][T29781] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6443'. [ 628.379954][T29781] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6443'. [ 628.811181][T29797] netlink: 256 bytes leftover after parsing attributes in process `syz.1.6450'. [ 629.060698][T29809] loop3: detected capacity change from 0 to 256 [ 629.135338][T29809] FAT-fs (loop3): Directory bread(block 64) failed [ 629.160241][T29809] FAT-fs (loop3): Directory bread(block 65) failed [ 629.166976][T29809] FAT-fs (loop3): Directory bread(block 66) failed [ 629.204058][T29815] netlink: 260 bytes leftover after parsing attributes in process `syz.1.6456'. [ 629.204337][T29809] FAT-fs (loop3): Directory bread(block 67) failed [ 629.240513][T29809] FAT-fs (loop3): Directory bread(block 68) failed [ 629.247129][T29809] FAT-fs (loop3): Directory bread(block 69) failed [ 629.262983][T29809] FAT-fs (loop3): Directory bread(block 70) failed [ 629.269700][T29809] FAT-fs (loop3): Directory bread(block 71) failed [ 629.280554][T29809] FAT-fs (loop3): Directory bread(block 72) failed [ 629.287190][T29809] FAT-fs (loop3): Directory bread(block 73) failed [ 629.952089][T29841] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6462'. [ 630.232892][T29860] netlink: zone id is out of range [ 630.248456][T29860] netlink: get zone limit has 8 unknown bytes [ 630.369022][T29870] loop1: detected capacity change from 0 to 128 [ 630.409678][T29870] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 630.427821][T29870] ext4 filesystem being mounted at /1667/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 630.438693][T19006] usb 4-1: new full-speed USB device number 29 using dummy_hcd [ 630.506556][T29870] EXT4-fs error (device loop1): htree_dirblock_to_tree:1083: inode #2: comm syz.1.6472: Directory block failed checksum [ 630.610707][ T5787] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 630.654715][T19006] usb 4-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 630.691676][T19006] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 630.699750][T19006] usb 4-1: Product: syz [ 630.720042][T19006] usb 4-1: Manufacturer: syz [ 630.724779][T19006] usb 4-1: SerialNumber: syz [ 630.770349][T19006] usb 4-1: config 0 descriptor?? [ 630.783579][T19006] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 630.999162][T29901] cgroup: noprefix used incorrectly [ 631.183060][T29911] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6484'. [ 631.213343][T19006] gspca_stk1135: reg_w 0x0 err -71 [ 631.214386][T19006] gspca_stk1135: serial bus timeout: status=0x00 [ 631.214404][T19006] gspca_stk1135: Sensor write failed [ 631.214433][T19006] gspca_stk1135: serial bus timeout: status=0x00 [ 631.214444][T19006] gspca_stk1135: Sensor write failed [ 631.214472][T19006] gspca_stk1135: serial bus timeout: status=0x00 [ 631.214483][T19006] gspca_stk1135: Sensor read failed [ 631.214509][T19006] gspca_stk1135: serial bus timeout: status=0x00 [ 631.214519][T19006] gspca_stk1135: Sensor read failed [ 631.214527][T19006] gspca_stk1135: Detected sensor type unknown (0x0) [ 631.214560][T19006] gspca_stk1135: serial bus timeout: status=0x00 [ 631.214571][T19006] gspca_stk1135: Sensor read failed [ 631.214599][T19006] gspca_stk1135: serial bus timeout: status=0x00 [ 631.214609][T19006] gspca_stk1135: Sensor read failed [ 631.214636][T19006] gspca_stk1135: serial bus timeout: status=0x00 [ 631.214647][T19006] gspca_stk1135: Sensor write failed [ 631.214673][T19006] gspca_stk1135: serial bus timeout: status=0x00 [ 631.214684][T19006] gspca_stk1135: Sensor write failed [ 631.214752][T19006] stk1135: probe of 4-1:0.0 failed with error -71 [ 631.224790][T19006] usb 4-1: USB disconnect, device number 29 [ 631.996407][T29912] loop1: detected capacity change from 0 to 40427 [ 632.068190][T29912] F2FS-fs (loop1): invalid crc value [ 632.094620][T29912] F2FS-fs (loop1): Found nat_bits in checkpoint [ 632.207384][T29912] F2FS-fs (loop1): Start checkpoint disabled! [ 632.254532][T29912] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 632.618675][T29959] loop3: detected capacity change from 0 to 2048 [ 632.677161][T29959] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 632.677439][T29930] loop0: detected capacity change from 0 to 32768 [ 632.753080][T29959] cifs: Unknown parameter 'h}#úä [ 632.753080][T29959] Ü[—Íñ¦bšÿÿÿITäŒ&¬æ:ÅèÙ"‚Õëï1:ºÃÃÓ­'Ä4,Zz-#FÇ<æõ]%gCžÊ [ 632.753080][T29959] SÃȘØÈžZ§6ŸÂ' [ 632.801498][T29930] JFS: metapage_get_blocks failed [ 632.816895][T29930] ERROR: (device loop0): release_metapage: metapage_write_one() failed [ 632.816895][T29930] [ 632.903217][T29930] ERROR: (device loop0): remounting filesystem as read-only [ 633.128254][ T112] blkno = 8ed2c, nblocks = 1 [ 633.140084][ T112] ERROR: (device loop0): dbUpdatePMap: blocks are outside the map [ 633.140084][ T112] [ 633.332331][T29989] loop2: detected capacity change from 0 to 8 [ 633.460444][T19006] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 633.662241][T19006] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 633.680125][T19006] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 633.710472][T19006] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 633.746073][T19006] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 633.780751][T19006] usb 2-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 633.800058][T19006] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 633.813367][T19006] usb 2-1: Product: syz [ 633.817608][T19006] usb 2-1: Manufacturer: syz [ 633.840062][T19006] usb 2-1: SerialNumber: syz [ 633.851764][T19006] usb 2-1: config 0 descriptor?? [ 633.871798][T19006] ums-isd200 2-1:0.0: USB Mass Storage device detected [ 634.088843][T19006] scsi host1: usb-storage 2-1:0.0 [ 634.116064][T19006] usb 2-1: USB disconnect, device number 24 [ 634.513368][T30050] loop2: detected capacity change from 0 to 16 [ 634.539593][T30050] erofs: (device loop2): mounted with root inode @ nid 36. [ 634.576193][T30009] loop3: detected capacity change from 0 to 32768 [ 634.613206][T30050] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 634.631584][T30050] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 634.657176][T30009] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 634.681688][T30009] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 634.694205][T30009] BTRFS info (device loop3): using free space tree [ 634.933241][T30009] BTRFS info (device loop3): enabling ssd optimizations [ 634.959964][T30009] BTRFS info (device loop3): auto enabling async discard [ 635.742398][ T5786] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 636.743689][T30147] loop1: detected capacity change from 0 to 64 [ 637.004655][T30158] loop3: detected capacity change from 0 to 1024 [ 637.181809][ T143] hfsplus: b-tree write err: -5, ino 4 [ 637.510670][T30188] netlink: 32 bytes leftover after parsing attributes in process `syz.0.6547'. [ 637.530172][T30188] netlink: 9 bytes leftover after parsing attributes in process `syz.0.6547'. [ 637.548512][T30188] netlink: 9 bytes leftover after parsing attributes in process `syz.0.6547'. [ 637.577355][T30188] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 637.742369][T30198] loop1: detected capacity change from 0 to 8 [ 637.830831][T30198] SQUASHFS error: Unable to read inode 0xe3 [ 638.446607][T30236] x_tables: duplicate underflow at hook 3 [ 638.954420][T30216] loop2: detected capacity change from 0 to 32768 [ 639.171540][T30299] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6571'. [ 639.280717][T30304] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 639.438509][T30314] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 639.712064][T30330] netlink: 72 bytes leftover after parsing attributes in process `syz.1.6581'. [ 639.754885][T30327] loop3: detected capacity change from 0 to 1764 [ 639.797014][T30327] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 639.870400][T30327] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 641.221585][T30405] loop2: detected capacity change from 0 to 8192 [ 641.277662][T30405] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 641.348447][T30405] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 641.433145][T30405] REISERFS (device loop2): using ordered data mode [ 641.439738][T30405] reiserfs: using flush barriers [ 641.444058][T30427] loop1: detected capacity change from 0 to 1764 [ 641.510166][T30405] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 641.575480][T30405] REISERFS (device loop2): checking transaction log (loop2) [ 641.896617][T30447] bond0: (slave gretap0): Opening slave failed [ 641.907645][T30405] REISERFS (device loop2): Using tea hash to sort names [ 641.932205][T30405] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 641.969554][T30405] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 642.476801][T30474] loop3: detected capacity change from 0 to 64 [ 642.810022][ T27] usb 3-1: new full-speed USB device number 30 using dummy_hcd [ 643.032378][ T27] usb 3-1: config 1 has an invalid interface number: 105 but max is 0 [ 643.042027][ T27] usb 3-1: config 1 has an invalid interface number: 4 but max is 0 [ 643.061417][ T27] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 1 [ 643.079957][ T27] usb 3-1: config 1 has no interface number 0 [ 643.110078][ T27] usb 3-1: config 1 has no interface number 1 [ 643.116262][ T27] usb 3-1: config 1 interface 105 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 643.160220][ T27] usb 3-1: config 1 interface 4 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 643.180026][ T27] usb 3-1: config 1 interface 4 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 16 [ 643.201531][ T27] usb 3-1: config 1 interface 105 has no altsetting 0 [ 643.208777][ T27] usb 3-1: config 1 interface 4 has no altsetting 0 [ 643.222980][ T27] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 643.239930][ T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 643.248096][ T27] usb 3-1: Product: syz [ 643.270013][ T27] usb 3-1: Manufacturer: syz [ 643.274693][ T27] usb 3-1: SerialNumber: syz [ 643.300063][ T1202] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 643.357007][T30489] loop3: detected capacity change from 0 to 32768 [ 643.445836][T30489] jfs_mkdir: dtInsert returned -EIO [ 643.460198][T30489] ERROR: (device loop3): jfs_mkdir: [ 643.460198][T30489] [ 643.478707][T30489] ERROR: (device loop3): remounting filesystem as read-only [ 643.512942][ T1202] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 643.523960][ T27] aqc111: probe of 3-1:1.105 failed with error -22 [ 643.530143][ T1202] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 643.555582][T30500] loop0: detected capacity change from 0 to 32768 [ 643.562469][ T1202] usb 2-1: Product: syz [ 643.566705][ T1202] usb 2-1: Manufacturer: syz [ 643.580044][ T1202] usb 2-1: SerialNumber: syz [ 643.590420][T30500] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.6629 (30500) [ 643.620619][ T1202] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 643.654540][ T9] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 643.686506][T30500] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 643.718596][T30500] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 643.750087][T30500] BTRFS info (device loop0): using free space tree [ 643.839038][T19006] usb 3-1: USB disconnect, device number 30 [ 643.918267][T30500] BTRFS info (device loop0): enabling ssd optimizations [ 643.932407][T30500] BTRFS info (device loop0): auto enabling async discard [ 644.443608][ T5784] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 644.451798][T19006] usb 2-1: USB disconnect, device number 25 [ 644.530519][T30552] loop3: detected capacity change from 0 to 512 [ 644.626674][T30552] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 644.699764][T30552] ext4 filesystem being mounted at /1694/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 644.779034][ T9] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 644.801364][ T9] ath9k_htc: Failed to initialize the device [ 644.813886][T19006] usb 2-1: ath9k_htc: USB layer deinitialized [ 644.865912][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 645.120332][T30581] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6636'. [ 645.146559][T30581] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 645.184313][T30581] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 645.210111][T30581] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 645.240171][T30581] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 645.320820][T30593] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6641'. [ 645.599525][T30604] netlink: zone id is out of range [ 645.619215][T30605] netlink: 'syz.3.6644': attribute type 4 has an invalid length. [ 645.679154][T30604] netlink: set zone limit has 4 unknown bytes [ 646.359559][T30645] loop2: detected capacity change from 0 to 1764 [ 647.035094][T30690] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 647.189115][T30698] overlayfs: missing 'lowerdir' [ 647.558086][T30719] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6678'. [ 647.592242][T30719] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6678'. [ 647.746345][T30730] binder: 30729:30730 ioctl 40046205 0 returned -22 [ 648.129150][T30749] comedi comedi3: pcmmio: a I/O base address must be specified [ 648.381521][T30758] veth5: entered allmulticast mode [ 648.399476][T30769] loop2: detected capacity change from 0 to 2048 [ 648.422120][T30769] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 648.489419][T30769] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 648.601871][T30769] EXT4-fs error (device loop2): empty_inline_dir:1857: inode #12: block 9: comm syz.2.6693: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=13, rec_len=21, size=60 fake=0 [ 648.654744][T30769] EXT4-fs (loop2): Remounting filesystem read-only [ 648.675835][T30769] EXT4-fs warning (device loop2): empty_inline_dir:1864: bad inline directory (dir #12) - inode 13, rec_len 21, name_len 5inline size 60 [ 648.767893][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 649.069504][T30816] loop2: detected capacity change from 0 to 2048 [ 649.117116][T30819] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 649.170581][ T5866] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 649.224799][T30816] NILFS (loop2): bad btree root (ino=16): level = 164, flags = 0x1, nchildren = 1 [ 649.350235][ T5866] usb 4-1: Using ep0 maxpacket: 8 [ 649.358690][ T5866] usb 4-1: unable to get BOS descriptor or descriptor too short [ 649.375142][ T5866] usb 4-1: config 8 has an invalid interface number: 61 but max is 2 [ 649.397919][ T5866] usb 4-1: config 8 has 1 interface, different from the descriptor's value: 3 [ 649.409124][ T5866] usb 4-1: config 8 has no interface number 0 [ 649.437274][ T5866] usb 4-1: config 8 interface 61 altsetting 8 endpoint 0x9 has invalid wMaxPacketSize 0 [ 649.448929][ T5866] usb 4-1: config 8 interface 61 altsetting 8 endpoint 0x5 has invalid wMaxPacketSize 0 [ 649.466241][ T5866] usb 4-1: config 8 interface 61 has no altsetting 0 [ 649.477519][ T5866] usb 4-1: New USB device found, idVendor=057c, idProduct=2200, bcdDevice=e9.1f [ 649.495175][ T5866] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 649.503704][ T9] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 649.519271][ T5866] usb 4-1: Product: syz [ 649.524631][ T5866] usb 4-1: Manufacturer: syz [ 649.529371][ T5866] usb 4-1: SerialNumber: syz [ 649.708886][ T9] usb 2-1: config 0 has no interfaces? [ 649.723524][ T9] usb 2-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 649.743391][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 649.783936][ T9] usb 2-1: Product: syz [ 649.788298][ T9] usb 2-1: Manufacturer: syz [ 649.812417][ T9] usb 2-1: SerialNumber: syz [ 649.821957][ T5866] bfusb: probe of 4-1:8.61 failed with error -5 [ 649.845628][ T9] r8152-cfgselector 2-1: config 0 descriptor?? [ 649.860345][ T5866] usb 4-1: USB disconnect, device number 30 [ 650.024001][T30862] loop2: detected capacity change from 0 to 4096 [ 650.092628][ T9] usbip-host 2-1: 2-1 is not in match_busid table... skip! [ 650.170137][T30862] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 650.248520][T30862] ntfs3: loop2: ino=9, ntfs_sync_fs failed, -22. [ 650.313513][ T9] usb 2-1: USB disconnect, device number 26 [ 650.345536][ T5785] ntfs3: loop2: ino=9, ntfs_sync_fs failed, -22. [ 651.077946][T30873] loop0: detected capacity change from 0 to 32768 [ 651.086029][T30873] XFS: noikeep mount option is deprecated. [ 651.152026][T30873] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 651.394586][T30873] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 651.520971][T30873] XFS (loop0): Starting recovery (logdev: internal) [ 651.535921][T30936] loop1: detected capacity change from 0 to 2048 [ 651.556840][T30936] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 651.574471][T30873] XFS (loop0): Ending recovery (logdev: internal) [ 651.615359][T30873] XFS (loop0): AG 0: Corrupt btree 5 pointer at level 1 index 0. [ 651.660928][T30873] XFS (loop0): Failed to initialize disk quotas. [ 651.665249][T30936] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 651.777036][T30873] XFS (loop0): AG 0: Corrupt btree 5 pointer at level 1 index 0. [ 651.841493][ T5784] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 651.854122][T30936] EXT4-fs error (device loop1): empty_inline_dir:1857: inode #12: block 9: comm syz.1.6730: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=13, rec_len=21, size=60 fake=0 [ 651.939541][T30936] EXT4-fs (loop1): Remounting filesystem read-only [ 651.989958][T30936] EXT4-fs warning (device loop1): empty_inline_dir:1864: bad inline directory (dir #12) - inode 13, rec_len 21, name_len 5inline size 60 [ 652.019755][T30953] netlink: 'syz.3.6735': attribute type 3 has an invalid length. [ 652.051880][T30953] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 652.235394][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 652.380187][T30970] netlink: 'syz.3.6740': attribute type 13 has an invalid length. [ 652.580158][T30979] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6742'. [ 652.777596][T30986] loop1: detected capacity change from 0 to 2048 [ 652.822379][T30986] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 653.305604][T31018] loop0: detected capacity change from 0 to 64 [ 653.500541][T31030] netlink: 224 bytes leftover after parsing attributes in process `syz.1.6758'. [ 653.563896][T31034] netlink: 72 bytes leftover after parsing attributes in process `syz.2.6759'. [ 653.574020][T31024] loop3: detected capacity change from 0 to 4096 [ 653.584091][T31034] netlink: 72 bytes leftover after parsing attributes in process `syz.2.6759'. [ 653.602547][T31024] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 653.847823][T31045] netlink: 'syz.2.6762': attribute type 16 has an invalid length. [ 653.856469][T31045] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.6762'. [ 654.386994][T31071] loop3: detected capacity change from 0 to 64 [ 654.443907][T31067] loop2: detected capacity change from 0 to 4096 [ 654.731388][T31067] ntfs3: loop2: try to read out of volume at offset 0x3fffffc7000 [ 654.864191][T31088] loop1: detected capacity change from 0 to 1024 [ 654.921169][T31088] EXT4-fs: inline encryption not supported [ 654.927727][T31088] EXT4-fs: Ignoring removed i_version option [ 654.973835][T31088] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 655.053554][T31088] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 2: comm syz.1.6775: lblock 2 mapped to illegal pblock 2 (length 1) [ 655.068299][T31088] Quota error (device loop1): qtree_write_dquot: dquota write failed [ 655.076653][T31088] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 48: comm syz.1.6775: lblock 0 mapped to illegal pblock 48 (length 1) [ 655.096103][T31090] loop0: detected capacity change from 0 to 4096 [ 655.110233][T31088] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 655.144742][T31088] EXT4-fs error (device loop1): ext4_acquire_dquot:6940: comm syz.1.6775: Failed to acquire dquot type 0 [ 655.189941][T31088] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 655.201060][T31090] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 655.228678][T31088] EXT4-fs error (device loop1): ext4_evict_inode:252: inode #11: comm syz.1.6775: mark_inode_dirty error [ 655.280193][T31088] EXT4-fs warning (device loop1): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 655.301357][T31088] EXT4-fs (loop1): 1 orphan inode deleted [ 655.315714][T31088] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 655.338497][T10331] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:8: lblock 1 mapped to illegal pblock 1 (length 1) [ 655.396810][T10331] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 655.419388][T31090] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 655.432844][T10331] EXT4-fs error (device loop1): ext4_release_dquot:6976: comm kworker/u4:8: Failed to release dquot type 0 [ 655.466910][T31090] ntfs3: loop0: mft corrupted [ 655.510477][T31090] ntfs3: loop0: Failed to load $Extend (-22). [ 655.516672][T31090] ntfs3: loop0: Failed to initialize $Extend. [ 655.592468][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 655.626902][T15161] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:12: lblock 1 mapped to illegal pblock 1 (length 1) [ 655.700395][T15161] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 655.770139][T15161] EXT4-fs error (device loop1): ext4_release_dquot:6976: comm kworker/u4:12: Failed to release dquot type 0 [ 655.807878][ T5787] EXT4-fs error (device loop1): __ext4_get_inode_loc:4483: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 655.836702][ T5787] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 655.859834][ T5787] EXT4-fs error (device loop1): ext4_quota_off:7224: inode #3: comm syz-executor: mark_inode_dirty error [ 656.066940][T31135] loop0: detected capacity change from 0 to 1764 [ 656.075919][T31129] loop2: detected capacity change from 0 to 8192 [ 656.083484][T31138] netlink: 'syz.1.6782': attribute type 3 has an invalid length. [ 656.130411][T31138] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 656.151801][T31129] loop2: p1 p2[DM] p4 [ 656.167711][T31129] loop2: p1 size 196608 extends beyond EOD, truncated [ 656.177451][ T9] lo speed is unknown, defaulting to 1000 [ 656.218799][T31129] loop2: p2 start 4292936063 is beyond EOD, truncated [ 656.245225][T31129] loop2: p4 size 50331648 extends beyond EOD, truncated [ 656.602559][T31161] netlink: 'syz.2.6793': attribute type 8 has an invalid length. [ 656.673634][T31167] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6795'. [ 656.871870][ T5779] udevd[5779]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 656.885196][ T6299] udevd[6299]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 657.114493][T31189] xt_TCPMSS: Only works on TCP SYN packets [ 658.158074][T31247] loop3: detected capacity change from 0 to 2048 [ 658.190281][T31247] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 658.292478][T31253] ieee802154 phy0 wpan0: encryption failed: -90 [ 659.138149][T31299] ip6gre2: entered allmulticast mode [ 659.316186][T31313] loop2: detected capacity change from 0 to 8 [ 659.384792][T31313] SQUASHFS error: zstd decompression error: 10 [ 659.423384][T31313] SQUASHFS error: zstd decompression failed, data probably corrupt [ 659.439214][T31313] SQUASHFS error: Failed to read block 0x62b: -5 [ 659.462741][T31313] SQUASHFS error: Unable to read metadata cache entry [629] [ 659.484206][T31313] SQUASHFS error: Unable to read directory block [629:ff26] [ 659.807643][T31340] loop2: detected capacity change from 0 to 256 [ 659.865194][T31340] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 659.896462][T31330] loop3: detected capacity change from 0 to 4096 [ 660.260248][T31330] ntfs3: loop3: try to read out of volume at offset 0x3fffffc7000 [ 660.600194][T31377] netlink: 'syz.3.6846': attribute type 21 has an invalid length. [ 660.786403][T31383] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6850'. [ 660.862867][T31384] 8021q: adding VLAN 0 to HW filter on device bond2 [ 661.342471][T31436] loop2: detected capacity change from 0 to 1024 [ 661.426802][T31356] loop1: detected capacity change from 0 to 32768 [ 661.491696][T31356] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 661.547611][ T2969] hfsplus: b-tree write err: -5, ino 4 [ 661.649020][T31356] XFS (loop1): Ending clean mount [ 661.709663][T31463] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6860'. [ 661.762978][T31356] XFS (loop1): Quotacheck needed: Please wait. [ 661.894360][T31356] XFS (loop1): Quotacheck: Done. [ 662.131245][ T5787] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 662.209789][T31481] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6868'. [ 662.235402][T31481] netlink: 56 bytes leftover after parsing attributes in process `syz.0.6868'. [ 662.701366][ T28] audit: type=1326 audit(2000000246.530:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31497 comm="syz.1.6867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dcaf8ebe9 code=0x7ffc0000 [ 662.752720][ T28] audit: type=1326 audit(2000000246.530:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31497 comm="syz.1.6867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dcaf8ebe9 code=0x7ffc0000 [ 662.825995][ T28] audit: type=1326 audit(2000000246.530:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31497 comm="syz.1.6867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f3dcaf8ebe9 code=0x7ffc0000 [ 662.870090][ T28] audit: type=1326 audit(2000000246.530:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31497 comm="syz.1.6867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dcaf8ebe9 code=0x7ffc0000 [ 662.891130][T31471] loop2: detected capacity change from 0 to 32768 [ 662.925067][ T28] audit: type=1326 audit(2000000246.530:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31497 comm="syz.1.6867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dcaf8ebe9 code=0x7ffc0000 [ 662.944272][T31496] loop0: detected capacity change from 0 to 4096 [ 662.985889][T31508] QAT: failed to copy from user cfg_data. [ 663.016965][T31496] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 663.063727][T31471] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 663.070212][T31513] netlink: 'syz.1.6877': attribute type 10 has an invalid length. [ 663.085708][T31513] team0: Device veth0_vlan failed to register rx_handler [ 663.165980][T31471] OCFS2: ERROR (device loop2): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature  [ 663.173873][T31496] ntfs: volume version 3.1. [ 663.191776][T31471] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 663.214291][T31471] OCFS2: File system is now read-only. [ 663.232639][ T28] audit: type=1326 audit(2000000247.050:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31514 comm="syz.3.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe9e18ebe9 code=0x7ffc0000 [ 663.260116][T31471] (syz.2.6864,31471,0):ocfs2_find_entry_dx:1029 ERROR: status = -30 [ 663.310026][ T28] audit: type=1326 audit(2000000247.050:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31514 comm="syz.3.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe9e18ebe9 code=0x7ffc0000 [ 663.406362][ T28] audit: type=1326 audit(2000000247.110:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31514 comm="syz.3.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fbe9e18ebe9 code=0x7ffc0000 [ 663.453140][ T5785] ocfs2: Unmounting device (7,2) on (node local) [ 663.511961][ T28] audit: type=1326 audit(2000000247.110:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31514 comm="syz.3.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe9e18ebe9 code=0x7ffc0000 [ 663.809795][T31532] tmpfs: User quota block hardlimit too large. [ 663.969028][T31539] loop2: detected capacity change from 0 to 256 [ 664.051402][T31544] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 664.108411][T31539] FAT-fs (loop2): Directory bread(block 64) failed [ 664.124414][T31539] FAT-fs (loop2): Directory bread(block 65) failed [ 664.146892][T31539] FAT-fs (loop2): Directory bread(block 66) failed [ 664.159566][T31539] FAT-fs (loop2): Directory bread(block 67) failed [ 664.177872][T31539] FAT-fs (loop2): Directory bread(block 68) failed [ 664.187862][T31539] FAT-fs (loop2): Directory bread(block 69) failed [ 664.198083][T31539] FAT-fs (loop2): Directory bread(block 70) failed [ 664.220039][T31539] FAT-fs (loop2): Directory bread(block 71) failed [ 664.226757][T31539] FAT-fs (loop2): Directory bread(block 72) failed [ 664.243386][T31539] FAT-fs (loop2): Directory bread(block 73) failed [ 664.315992][T31555] loop1: detected capacity change from 0 to 4096 [ 664.358746][T31555] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 664.380518][T18124] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 664.561671][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 664.562161][T18124] usb 4-1: config 0 has an invalid interface number: 117 but max is 0 [ 664.593301][T18124] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 664.648208][T18124] usb 4-1: config 0 has no interface number 0 [ 664.664068][T18124] usb 4-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 664.679686][T18124] usb 4-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 664.727224][T18124] usb 4-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 664.759262][T18124] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 664.785169][T18124] usb 4-1: Product: syz [ 664.800192][T18124] usb 4-1: Manufacturer: syz [ 664.805193][T18124] usb 4-1: SerialNumber: syz [ 664.833423][T18124] usb 4-1: config 0 descriptor?? [ 665.180361][T19006] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 665.198401][T31599] loop1: detected capacity change from 0 to 4096 [ 665.237292][T31599] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 665.316037][T31599] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 665.345252][T31599] ntfs3: loop1: mft corrupted [ 665.351445][T31599] ntfs3: loop1: Failed to load $Extend (-22). [ 665.357573][T31599] ntfs3: loop1: Failed to initialize $Extend. [ 665.370224][T19006] usb 3-1: Using ep0 maxpacket: 16 [ 665.400176][ T9] usb 4-1: USB disconnect, device number 31 [ 665.427538][T19006] usb 3-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 665.440139][T19006] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 665.454072][T19006] usb 3-1: Product: syz [ 665.458390][T19006] usb 3-1: Manufacturer: syz [ 665.465650][T19006] usb 3-1: SerialNumber: syz [ 665.481389][T19006] usb 3-1: config 0 descriptor?? [ 665.503014][T19006] ssu100 3-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 665.914560][T19006] ssu100: probe of 3-1:0.0 failed with error -71 [ 665.937759][T19006] usb 3-1: USB disconnect, device number 31 [ 666.021304][ T27] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 666.233299][ T27] usb 2-1: Using ep0 maxpacket: 16 [ 666.250585][ T27] usb 2-1: config 0 has an invalid descriptor of length 39, skipping remainder of the config [ 666.270402][ T27] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 32695, setting to 1024 [ 666.279836][T31657] loop3: detected capacity change from 0 to 4096 [ 666.282586][ T27] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 666.309977][ T27] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 666.316469][T31657] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 666.354309][ T27] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 666.373908][T31664] netlink: 164 bytes leftover after parsing attributes in process `syz.0.6915'. [ 666.378935][ T27] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 666.406532][ T27] usb 2-1: Manufacturer: syz [ 666.431464][ T27] usb 2-1: config 0 descriptor?? [ 666.453324][T31628] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 666.571298][T31670] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6916'. [ 666.824309][ T27] usb 2-1: USB disconnect, device number 27 [ 666.892272][T31686] gtp1: entered promiscuous mode [ 666.956475][T31697] IPv6: sit2: Disabled Multicast RS [ 667.115552][T31710] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (13) [ 667.135648][T31711] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6924'. [ 668.275645][T31772] 8021q: adding VLAN 0 to HW filter on device bond3 [ 669.100435][T31851] netlink: 456 bytes leftover after parsing attributes in process `syz.3.6960'. [ 669.140083][T31851] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6960'. [ 669.374998][T31869] netlink: 40 bytes leftover after parsing attributes in process `syz.3.6966'. [ 669.720375][T31887] loop3: detected capacity change from 0 to 256 [ 669.892159][T31887] FAT-fs (loop3): Directory bread(block 64) failed [ 669.920111][T31887] FAT-fs (loop3): Directory bread(block 65) failed [ 669.955769][T31887] FAT-fs (loop3): Directory bread(block 66) failed [ 669.990300][T31887] FAT-fs (loop3): Directory bread(block 67) failed [ 670.021422][T31887] FAT-fs (loop3): Directory bread(block 68) failed [ 670.038384][T31887] FAT-fs (loop3): Directory bread(block 69) failed [ 670.062569][T31887] FAT-fs (loop3): Directory bread(block 70) failed [ 670.094172][T31887] FAT-fs (loop3): Directory bread(block 71) failed [ 670.129593][T31887] FAT-fs (loop3): Directory bread(block 72) failed [ 670.149536][T31887] FAT-fs (loop3): Directory bread(block 73) failed [ 670.421247][T31923] loop1: detected capacity change from 0 to 64 [ 670.635040][T31934] loop3: detected capacity change from 0 to 128 [ 670.714837][T31934] autofs4:pid:31934:autofs_fill_super: called with bogus options [ 671.304152][T31973] loop0: detected capacity change from 0 to 8 [ 671.404194][T31973] SQUASHFS error: Failed to read block 0x33c: -5 [ 671.440377][T31973] SQUASHFS error: Unable to read metadata cache entry [33a] [ 671.462572][T31973] SQUASHFS error: Unable to read inode 0xa7 [ 672.177946][T32026] netlink: 40 bytes leftover after parsing attributes in process `syz.2.7012'. [ 672.918130][T32072] IPVS: length: 67 != 24 [ 672.944788][T32074] xt_l2tp: invalid flags combination: c [ 673.093859][T32083] netlink: 'syz.2.7030': attribute type 10 has an invalid length. [ 673.164378][T32083] veth0_vlan: left promiscuous mode [ 673.192194][T32083] veth0_vlan: entered promiscuous mode [ 673.239185][T32083] team0: Device veth0_vlan failed to register rx_handler [ 673.509769][T32099] dlm: non-version read from control device 59 [ 674.140903][T32135] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 674.148191][T32135] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 674.186575][T32135] vhci_hcd vhci_hcd.0: Device attached [ 674.276975][T32135] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(5) [ 674.283575][T32135] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 674.326388][T32135] vhci_hcd vhci_hcd.0: Device attached [ 674.337457][T32144] vhci_hcd: connection closed [ 674.337574][T32136] vhci_hcd: connection closed [ 674.351428][ T59] vhci_hcd: stop threads [ 674.370608][ T9] vhci_hcd: vhci_device speed not set [ 674.381975][ T59] vhci_hcd: release socket [ 674.386986][ T59] vhci_hcd: disconnect device [ 674.395731][T32149] loop2: detected capacity change from 0 to 512 [ 674.407085][ T59] vhci_hcd: stop threads [ 674.419953][ T59] vhci_hcd: release socket [ 674.430329][ T59] vhci_hcd: disconnect device [ 674.461126][ T9] usb 35-1: new full-speed USB device number 2 using vhci_hcd [ 674.481126][ T9] usb 35-1: enqueue for inactive port 0 [ 674.489263][T32149] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.7050: casefold flag without casefold feature [ 674.505102][T32149] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.7050: couldn't read orphan inode 15 (err -117) [ 674.522187][T32149] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 674.590376][ T9] vhci_hcd: vhci_device speed not set [ 674.615879][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 674.821146][T32171] netlink: 'syz.2.7053': attribute type 8 has an invalid length. [ 674.858866][T32174] loop3: detected capacity change from 0 to 2048 [ 674.957617][T32177] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 675.022313][T32181] loop2: detected capacity change from 0 to 512 [ 675.051335][T32181] EXT4-fs: Ignoring removed mblk_io_submit option [ 675.122189][T32181] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 675.150551][T32181] EXT4-fs (loop2): orphan cleanup on readonly fs [ 675.221781][T32181] __quota_error: 1 callbacks suppressed [ 675.221803][T32181] Quota error (device loop2): v2_read_file_info: Block with free entry 1 out of range (1, 6). [ 675.264544][T32194] loop0: detected capacity change from 0 to 8 [ 675.280458][T32181] EXT4-fs warning (device loop2): ext4_enable_quotas:7175: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 675.322048][T32181] EXT4-fs (loop2): Cannot turn on quotas: error -117 [ 675.324778][T32194] SQUASHFS error: xz decompression failed, data probably corrupt [ 675.338163][T32181] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.7058: bg 0: block 40: padding at end of block bitmap is not set [ 675.353236][T32194] SQUASHFS error: Failed to read block 0x108: -5 [ 675.363779][T32194] SQUASHFS error: Unable to read metadata cache entry [106] [ 675.374154][T32194] SQUASHFS error: Unable to read inode 0x11f [ 675.405022][T32181] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 675.436060][T32181] EXT4-fs (loop2): 1 truncate cleaned up [ 675.449808][T32181] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 675.506305][T32181] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 675.534272][ T6299] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 675.629064][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 675.774039][T32220] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7066'. [ 675.792858][T32220] netlink: 312 bytes leftover after parsing attributes in process `syz.1.7066'. [ 675.816160][T32220] netlink: 'syz.1.7066': attribute type 1 has an invalid length. [ 676.382617][ T28] audit: type=1326 audit(2000000260.210:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32249 comm="syz.3.7076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe9e18ebe9 code=0x7ffc0000 [ 676.453725][ T28] audit: type=1326 audit(2000000260.210:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32249 comm="syz.3.7076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe9e18ebe9 code=0x7ffc0000 [ 676.499996][ T28] audit: type=1326 audit(2000000260.210:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32249 comm="syz.3.7076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7fbe9e18ebe9 code=0x7ffc0000 [ 676.579618][ T28] audit: type=1326 audit(2000000260.230:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32249 comm="syz.3.7076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe9e18ebe9 code=0x7ffc0000 [ 676.601097][T32263] bridge_slave_0: left allmulticast mode [ 676.607967][ T28] audit: type=1326 audit(2000000260.230:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32249 comm="syz.3.7076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe9e18ebe9 code=0x7ffc0000 [ 676.632114][T32263] bridge0: port 1(bridge_slave_0) entered disabled state [ 677.126085][T32290] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7089'. [ 677.840512][T32328] netlink: 'syz.1.7102': attribute type 4 has an invalid length. [ 677.848455][T32328] netlink: 152 bytes leftover after parsing attributes in process `syz.1.7102'. [ 678.107025][T32340] wg1 speed is unknown, defaulting to 1000 [ 678.116157][T32340] wg1 speed is unknown, defaulting to 1000 [ 678.123175][T32340] wg1 speed is unknown, defaulting to 1000 [ 678.143588][T32340] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 678.200987][T32340] wg1 speed is unknown, defaulting to 1000 [ 678.213348][T32340] wg1 speed is unknown, defaulting to 1000 [ 678.223778][T32340] wg1 speed is unknown, defaulting to 1000 [ 678.232559][T32340] wg1 speed is unknown, defaulting to 1000 [ 678.547227][T32345] loop2: detected capacity change from 0 to 8192 [ 678.568308][T32345] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 678.608761][T32345] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001) [ 678.640820][T32345] FAT-fs (loop2): Filesystem has been set read-only [ 678.751856][ T5785] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001) [ 678.796840][T32362] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7111'. [ 678.845067][T32326] loop3: detected capacity change from 0 to 40427 [ 678.886741][T32326] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff [ 678.927839][T32326] F2FS-fs (loop3): Image doesn't support compression [ 678.967734][T32326] F2FS-fs (loop3): Image doesn't support compression [ 679.032008][T32326] F2FS-fs (loop3): invalid crc value [ 679.050965][T32326] F2FS-fs (loop3): Found nat_bits in checkpoint [ 679.142660][T32326] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 679.566912][T32357] loop1: detected capacity change from 0 to 32768 [ 679.600195][T32357] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.7109 (32357) [ 679.649369][T32357] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 679.685840][T32357] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 679.722168][T32357] BTRFS info (device loop1): enabling auto defrag [ 679.730647][T32357] BTRFS info (device loop1): doing ref verification [ 679.737314][T32357] BTRFS info (device loop1): use no compression [ 679.780046][T32357] BTRFS info (device loop1): force clearing of disk cache [ 679.787269][T32357] BTRFS info (device loop1): turning on async discard [ 679.806901][T32357] BTRFS info (device loop1): max_inline at 4096 [ 679.844581][T32357] BTRFS info (device loop1): disabling free space tree [ 679.970917][T32357] BTRFS info (device loop1): enabling ssd optimizations [ 680.000373][T32357] BTRFS info (device loop1): rebuilding free space tree [ 680.020949][T32357] BTRFS info (device loop1): disabling free space tree [ 680.027954][T32357] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 680.047426][T32357] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 680.244357][ T5787] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 680.499657][ T5779] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 11 /dev/loop1 scanned by udevd (5779) [ 681.323655][T32475] netlink: 48 bytes leftover after parsing attributes in process `syz.1.7138'. [ 681.518610][T32476] 8021q: adding VLAN 0 to HW filter on device bond4 [ 681.612989][T32512] bridge_slave_0: left allmulticast mode [ 681.629277][T32512] bridge0: port 1(bridge_slave_0) entered disabled state [ 681.832530][T32470] loop2: detected capacity change from 0 to 32768 [ 681.919242][T32470] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 682.010105][T32470] XFS (loop2): Ending clean mount [ 682.054079][T32470] XFS (loop2): Quotacheck needed: Please wait. [ 682.239150][T32470] XFS (loop2): Quotacheck: Done. [ 682.282118][T32470] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 682.633154][T32559] cifs: Unknown parameter 'ÿÿITäŒ&¬æ:ÅèÙ"‚Õëï1:ºÃÃÓ­'Ä4,Zz-#FÇ<æõ]%gCžÊ [ 682.633154][T32559] SÃȘØÈžZ§6ŸÂ' [ 682.798574][T32563] Cannot find set identified by id 65535 to match [ 682.931708][T32552] loop3: detected capacity change from 0 to 32768 [ 682.933658][T32571] loop1: detected capacity change from 0 to 1024 [ 682.997816][T32552] JBD2: Ignoring recovery information on journal [ 683.019810][T32568] loop0: detected capacity change from 0 to 4096 [ 683.049099][T32568] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 683.083595][T32552] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode. [ 683.132340][ T2969] hfsplus: b-tree write err: -5, ino 4 [ 683.158986][ T5786] ocfs2: Unmounting device (7,3) on (node local) [ 683.181497][T32568] ntfs3: loop0: Failed to initialize $Secure (-22). [ 683.350578][T32584] netlink: 'syz.3.7156': attribute type 2 has an invalid length. [ 683.360422][T32584] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 683.496283][T32588] loop1: detected capacity change from 0 to 4096 [ 683.549764][T32588] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 683.841366][T32588] ntfs: volume version 3.1. [ 684.088242][T32588] ntfs: (device loop1): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 684.132325][T32588] ntfs: (device loop1): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5). [ 684.158420][T32588] ntfs: (device loop1): ntfs_cluster_alloc(): Failed to map page. [ 684.226055][T32588] ntfs: (device loop1): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -5). [ 684.237155][ T28] audit: type=1326 audit(2000000268.050:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32611 comm="syz.0.7161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c62b8ebe9 code=0x7ffc0000 [ 684.285938][T32588] ntfs: (device loop1): ntfs_attr_extend_allocation(): Cannot extend allocation of inode 0x44, attribute type 0x80, because the allocation of clusters failed with error code -5. [ 684.312283][ T28] audit: type=1326 audit(2000000268.050:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32611 comm="syz.0.7161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c62b8ebe9 code=0x7ffc0000 [ 684.381210][ T28] audit: type=1326 audit(2000000268.060:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32611 comm="syz.0.7161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f7c62b8ebe9 code=0x7ffc0000 [ 684.429057][ T28] audit: type=1326 audit(2000000268.060:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32611 comm="syz.0.7161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c62b8ebe9 code=0x7ffc0000 [ 684.699994][T18124] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 684.801385][T32635] loop1: detected capacity change from 0 to 4096 [ 684.865026][T32635] NILFS (loop1): invalid segment: Checksum error in segment payload [ 684.877818][T32635] NILFS (loop1): trying rollback from an earlier position [ 684.919088][T32635] NILFS (loop1): recovery complete [ 684.924629][T18124] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 684.936679][T32645] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 684.949600][T18124] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 685.001634][T18124] usb 3-1: config 1 has no interface number 0 [ 685.008014][T18124] usb 3-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 685.070209][T32650] netlink: 268 bytes leftover after parsing attributes in process `syz.3.7171'. [ 685.075383][T18124] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 685.100593][T18124] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 685.118417][T18124] usb 3-1: Product: syz [ 685.130559][T18124] usb 3-1: Manufacturer: syz [ 685.135232][T18124] usb 3-1: SerialNumber: syz [ 685.163126][T18124] usb 3-1: selecting invalid altsetting 1 [ 685.282058][T32658] netlink: 'syz.1.7172': attribute type 1 has an invalid length. [ 685.596927][T18124] cdc_ncm 3-1:1.1: failed GET_NTB_PARAMETERS [ 685.627168][T18124] cdc_ncm 3-1:1.1: bind() failure [ 685.667733][T18124] usb 3-1: USB disconnect, device number 32 [ 686.055269][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.062140][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.088986][T32694] QAT: failed to copy from user cfg_data. [ 686.627442][T32711] loop1: detected capacity change from 0 to 8192 [ 686.664383][T32711] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 686.682820][T32711] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 686.730661][T32711] REISERFS (device loop1): using ordered data mode [ 686.737262][T32711] reiserfs: using flush barriers [ 686.803240][T32711] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 686.803876][T32711] REISERFS (device loop1): checking transaction log (loop1) [ 686.806021][T32711] REISERFS (device loop1): Using r5 hash to sort names [ 686.807619][T32711] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 687.092475][T32739] loop0: detected capacity change from 0 to 4096 [ 687.161115][T32739] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 687.485869][T32764] netlink: 'syz.1.7204': attribute type 13 has an invalid length. [ 687.504571][T32763] loop2: detected capacity change from 0 to 1024 [ 687.544338][T32763] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 688.190723][ T331] netlink: 260 bytes leftover after parsing attributes in process `syz.3.7213'. [ 688.220594][T19006] usb 2-1: new full-speed USB device number 28 using dummy_hcd [ 688.243392][ T335] vivid-001: ================= START STATUS ================= [ 688.258984][ T335] vivid-001: RDS Tx I/O Mode: Controls [ 688.267169][ T335] vivid-001: RDS Program ID: 32904 [ 688.304664][ T335] vivid-001: RDS Program Type: 3 [ 688.313968][ T335] vivid-001: RDS PS Name: VIVID-TX [ 688.319212][ T335] vivid-001: RDS Radio Text: This is a VIVID default Radio Text template text, change at will [ 688.344019][ T335] vivid-001: RDS Stereo: true [ 688.348802][ T335] vivid-001: RDS Artificial Head: false [ 688.375343][ T335] vivid-001: RDS Compressed: false [ 688.394224][ T335] vivid-001: RDS Dynamic PTY: false [ 688.402085][T19006] usb 2-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33 [ 688.409744][ T335] vivid-001: RDS Traffic Announcement: false [ 688.425155][T19006] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 688.427977][ T335] vivid-001: RDS Traffic Program: true [ 688.472140][T19006] usb 2-1: config 0 descriptor?? [ 688.478996][ T335] vivid-001: RDS Music: true [ 688.492853][ T335] vivid-001: ================== END STATUS ================== [ 688.495758][T19006] gspca_main: sunplus-2.14.0 probing 055f:c420 [ 688.934731][T19006] gspca_sunplus: reg_w_riv err -71 [ 688.960020][T19006] sunplus: probe of 2-1:0.0 failed with error -71 [ 688.981841][T19006] usb 2-1: USB disconnect, device number 28 [ 689.202130][ T387] netlink: 40 bytes leftover after parsing attributes in process `syz.3.7230'. [ 689.766499][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 689.766519][ T28] audit: type=1326 audit(2000000273.590:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=417 comm="syz.0.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c62b8ebe9 code=0x7ffc0000 [ 689.876994][ T28] audit: type=1326 audit(2000000273.590:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=417 comm="syz.0.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c62b8ebe9 code=0x7ffc0000 [ 689.985911][ T28] audit: type=1326 audit(2000000273.640:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=417 comm="syz.0.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7f7c62b8ebe9 code=0x7ffc0000 [ 690.053974][ T28] audit: type=1326 audit(2000000273.640:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=417 comm="syz.0.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c62b8ebe9 code=0x7ffc0000 [ 690.054982][ T428] netlink: 'syz.0.7242': attribute type 1 has an invalid length. [ 690.099813][ T428] netlink: 224 bytes leftover after parsing attributes in process `syz.0.7242'. [ 690.116885][ T28] audit: type=1326 audit(2000000273.640:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=417 comm="syz.0.7239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c62b8ebe9 code=0x7ffc0000 [ 690.457769][ T446] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7248'. [ 691.073497][ T434] loop3: detected capacity change from 0 to 32768 [ 691.157985][ T434] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 691.199184][ T434] (syz.3.7244,434,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len % 4 != 0 - offset=0, inode=0, rec_len=49, name_len=1 [ 691.229235][ T434] (syz.3.7244,434,1):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2 [ 691.254845][ T434] (syz.3.7244,434,0):ocfs2_symlink:1867 ERROR: status = -2 [ 691.295073][ T434] (syz.3.7244,434,0):ocfs2_symlink:2068 ERROR: status = -2 [ 691.359629][ T483] loop2: detected capacity change from 0 to 1024 [ 691.547248][T15159] hfsplus: b-tree write err: -5, ino 4 [ 691.559799][ T5786] ocfs2: Unmounting device (7,3) on (node local) [ 691.664564][ T493] loop1: detected capacity change from 0 to 2048 [ 691.757513][ T493] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 691.882526][ T509] netlink: 88 bytes leftover after parsing attributes in process `syz.2.7266'. [ 692.147840][ T522] loop2: detected capacity change from 0 to 256 [ 692.156835][ T523] netlink: 'syz.3.7263': attribute type 5 has an invalid length. [ 692.185737][ T522] FAT-fs (loop2): "posix" option is obsolete, not supported now [ 692.418868][ T532] loop1: detected capacity change from 0 to 2048 [ 692.479223][ T532] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 692.537530][ T28] audit: type=1800 audit(2000000276.330:228): pid=532 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.7271" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 692.587775][ T549] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7274'. [ 692.634807][ T28] audit: type=1326 audit(2000000276.460:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=550 comm="syz.0.7276" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7c62b8ebe9 code=0x0 [ 692.658506][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 692.720341][T19006] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 692.920106][T19006] usb 4-1: Using ep0 maxpacket: 8 [ 692.927297][T19006] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 692.961524][T19006] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 692.988497][T19006] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 692.999946][T19006] usb 4-1: Product: syz [ 693.004171][T19006] usb 4-1: Manufacturer: syz [ 693.019027][T19006] usb 4-1: SerialNumber: syz [ 693.265776][T19006] usb 4-1: Invalid connection information received from device [ 693.502366][ T55] usb 4-1: USB disconnect, device number 32 [ 693.677599][ T607] Timeout policy `syz0' can only be used by L3 protocol number 21 [ 693.685891][ T608] program syz.1.7288 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 693.787205][ T611] xt_l2tp: unknown flags: 17 [ 694.401163][ T646] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 694.458860][ T648] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7305'. [ 694.576724][ T651] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 694.597241][ T659] loop2: detected capacity change from 0 to 256 [ 694.628759][ T659] FAT-fs (loop2): Directory bread(block 64) failed [ 694.655056][ T659] FAT-fs (loop2): Directory bread(block 65) failed [ 694.680199][ T659] FAT-fs (loop2): Directory bread(block 66) failed [ 694.691987][ T659] FAT-fs (loop2): Directory bread(block 67) failed [ 694.698730][ T659] FAT-fs (loop2): Directory bread(block 68) failed [ 694.749043][ T659] FAT-fs (loop2): Directory bread(block 69) failed [ 694.759345][ T659] FAT-fs (loop2): Directory bread(block 70) failed [ 694.773128][ T659] FAT-fs (loop2): Directory bread(block 71) failed [ 694.794476][ T659] FAT-fs (loop2): Directory bread(block 72) failed [ 694.824455][ T659] FAT-fs (loop2): Directory bread(block 73) failed [ 695.715807][ T719] netlink: 'syz.0.7326': attribute type 13 has an invalid length. [ 696.362767][ T755] xt_CONNSECMARK: invalid mode: 66 [ 696.397548][ T758] loop2: detected capacity change from 0 to 764 [ 696.771146][ T772] tmpfs: Bad value for 'nr_inodes' [ 697.151222][T19006] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 697.280596][ T27] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 697.350096][T19006] usb 4-1: Using ep0 maxpacket: 16 [ 697.357656][T19006] usb 4-1: config index 0 descriptor too short (expected 16456, got 72) [ 697.367060][T19006] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 697.390365][T19006] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 697.418318][T19006] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 697.418458][ T806] comedi comedi3: pcl730: I/O port conflict (0x8,4) [ 697.436802][T19006] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 697.460020][T19006] usb 4-1: config 0 has no interface number 0 [ 697.466309][T19006] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 697.480185][ T27] usb 3-1: Using ep0 maxpacket: 32 [ 697.509267][T19006] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 697.513124][ T27] usb 3-1: New USB device found, idVendor=17cc, idProduct=1020, bcdDevice=16.7b [ 697.529811][T19006] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 697.555209][ T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 697.568965][ T27] usb 3-1: Product: syz [ 697.573108][T19006] usb 4-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 697.576976][ T812] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7356'. [ 697.595848][ T27] usb 3-1: Manufacturer: syz [ 697.601031][ T27] usb 3-1: SerialNumber: syz [ 697.609631][ T27] usb 3-1: config 0 descriptor?? [ 697.626952][T19006] usb 4-1: config 0 interface 125 has no altsetting 0 [ 697.650731][T19006] usb 4-1: config 0 interface 125 has no altsetting 2 [ 697.651557][ T812] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7356'. [ 697.671304][T19006] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 697.682818][T19006] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 697.710087][T19006] usb 4-1: Product: syz [ 697.714362][T19006] usb 4-1: Manufacturer: syz [ 697.718991][T19006] usb 4-1: SerialNumber: syz [ 697.743186][T19006] usb 4-1: config 0 descriptor?? [ 697.789132][T19006] usb 4-1: selecting invalid altsetting 2 [ 697.845708][ T27] snd-usb-audio: probe of 3-1:0.0 failed with error -71 [ 697.884524][ T27] usb 3-1: USB disconnect, device number 33 [ 698.196511][ C0] usb 4-1: async_complete: urb error -71 [ 698.202392][ C0] usb 4-1: async_complete: urb error -71 [ 698.208230][ C0] usb 4-1: async_complete: urb error -71 [ 698.240253][T19006] get_1284_register: usb error -71 [ 698.245641][T19006] uss720: probe of 4-1:0.125 failed with error -71 [ 698.280787][T19006] usb 4-1: USB disconnect, device number 33 [ 698.306940][ T28] audit: type=1326 audit(2000000282.130:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=850 comm="syz.0.7366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c62b8ebe9 code=0x7ffc0000 [ 698.346203][ T28] audit: type=1326 audit(2000000282.130:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=850 comm="syz.0.7366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c62b8ebe9 code=0x7ffc0000 [ 698.375302][ T28] audit: type=1326 audit(2000000282.130:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=850 comm="syz.0.7366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f7c62b8ebe9 code=0x7ffc0000 [ 698.402945][ T855] loop1: detected capacity change from 0 to 1024 [ 698.419174][ T28] audit: type=1326 audit(2000000282.130:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=850 comm="syz.0.7366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c62b8ebe9 code=0x7ffc0000 [ 698.708182][ T870] loop1: detected capacity change from 0 to 256 [ 698.880159][ T877] netlink: 'syz.2.7373': attribute type 8 has an invalid length. [ 699.197845][ T897] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7380'. [ 699.774887][ T936] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7388'. [ 699.964070][ T950] netlink: 'syz.0.7393': attribute type 12 has an invalid length. [ 700.028862][ T947] bridge4: the hash_elasticity option has been deprecated and is always 16 [ 700.040653][ T947] bridge4: entered promiscuous mode [ 700.066248][ T947] bridge4: entered allmulticast mode [ 700.713351][ T994] kcapi: manufacturer command 52776558133248 unknown. [ 700.755493][ T996] loop1: detected capacity change from 0 to 512 [ 700.811410][ T996] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 700.892175][ T996] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 700.931172][ T996] System zones: 0-2, 18-18, 34-34 [ 700.985508][ T996] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 701.006640][ T996] ext4 filesystem being mounted at /1896/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 701.117747][ T1016] loop2: detected capacity change from 0 to 4096 [ 701.145485][ T1016] ntfs: (device loop2): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 701.173054][ T1016] ntfs: (device loop2): ntfs_read_locked_inode(): $DATA attribute is missing. [ 701.214480][ T1016] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 701.265285][ T1016] ntfs: (device loop2): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 701.266502][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 701.322848][ T1016] ntfs: volume version 3.1. [ 701.429071][ T1016] ntfs: (device loop2): ntfs_attr_find(): Inode is corrupt. Run chkdsk. [ 701.464773][ T1016] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x40 as bad. Run chkdsk. [ 701.528727][ T1039] netdevsim netdevsim1: Direct firmware load for ..€ failed with error -2 [ 701.548973][ T1039] netdevsim netdevsim1: Falling back to sysfs fallback for: ..€ [ 702.299819][ T1087] loop3: detected capacity change from 0 to 16 [ 702.322770][ T1087] erofs: (device loop3): mounted with root inode @ nid 36. [ 702.542644][ T1103] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7439'. [ 702.722992][ T1112] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.7442'. [ 702.744795][ T1114] netlink: 48 bytes leftover after parsing attributes in process `syz.2.7443'. [ 703.402087][ T1151] loop1: detected capacity change from 0 to 1024 [ 703.480041][ T27] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 703.547784][T15154] hfsplus: b-tree write err: -5, ino 4 [ 703.686891][ T27] usb 4-1: config 0 has an invalid interface number: 117 but max is 0 [ 703.695489][ T27] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 703.730014][ T27] usb 4-1: config 0 has no interface number 0 [ 703.760011][ T27] usb 4-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 703.772875][ T27] usb 4-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 703.803100][ T27] usb 4-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 703.833027][ T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 703.860963][ T27] usb 4-1: Product: syz [ 703.865475][ T27] usb 4-1: Manufacturer: syz [ 703.870748][ T27] usb 4-1: SerialNumber: syz [ 703.883094][ T27] usb 4-1: config 0 descriptor?? [ 703.954965][ T1177] loop2: detected capacity change from 0 to 2048 [ 704.021066][ T1177] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 704.152343][ T27] usbtouchscreen: probe of 4-1:0.117 failed with error -71 [ 704.181241][ T27] usb 4-1: USB disconnect, device number 34 [ 704.223404][ T1196] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7468'. [ 704.237511][ T1196] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7468'. [ 704.341982][ T1207] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7470'. [ 704.672867][ T1224] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7475'. [ 705.630083][ T1279] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=io+mem:owns=io+mem [ 705.731117][ T1286] loop2: detected capacity change from 0 to 128 [ 705.766813][ T1286] VFS: Found a Xenix FS (block size = 1024) on device loop2 [ 706.046947][ T1298] loop3: detected capacity change from 0 to 4096 [ 706.076920][ T1298] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 706.193241][ T1298] ntfs3: loop3: Failed to initialize $Secure (-22). [ 706.564216][ T5785] sysv_free_block: flc_count > flc_size [ 706.578401][ T5785] sysv_free_block: flc_count > flc_size [ 706.587165][ T5785] sysv_free_block: flc_count > flc_size [ 706.597556][ T5785] sysv_free_block: flc_count > flc_size [ 706.606043][ T5785] sysv_free_block: flc_count > flc_size [ 706.635417][ T5785] sysv_free_block: flc_count > flc_size [ 706.643179][ T5785] sysv_free_block: flc_count > flc_size [ 706.648826][ T5785] sysv_free_block: flc_count > flc_size [ 706.675520][ T5785] sysv_free_block: flc_count > flc_size [ 706.686245][ T5785] sysv_free_block: flc_count > flc_size [ 706.708074][ T5785] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 707.021912][ T1315] loop3: detected capacity change from 0 to 8192 [ 707.050777][ T1315] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 707.065255][ T1315] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 707.075449][ T1315] REISERFS (device loop3): using ordered data mode [ 707.082208][ T1315] reiserfs: using flush barriers [ 707.093151][ T1315] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 707.117261][ T1334] ./file0: Can't open blockdev [ 707.192852][ T1331] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7509'. [ 707.210983][ T1315] REISERFS (device loop3): checking transaction log (loop3) [ 707.230963][ T1307] loop1: detected capacity change from 0 to 32768 [ 707.251901][ T1315] REISERFS (device loop3): Using r5 hash to sort names [ 707.259207][ T1315] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 707.340330][ T1307] XFS (loop1): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 707.526344][ T1307] XFS (loop1): Ending clean mount [ 707.557967][ T1353] loop2: detected capacity change from 0 to 2048 [ 707.661214][ T1353] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 707.802836][ T5787] XFS (loop1): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 708.133558][ T1375] netlink: 'syz.2.7519': attribute type 1 has an invalid length. [ 708.188369][ T1378] binfmt_misc: register: failed to install interpreter file ./file0 [ 708.361956][ T1385] loop2: detected capacity change from 0 to 8 [ 708.430338][ T1391] kAFS: unable to lookup cell '/,' [ 708.591444][ T1398] loop1: detected capacity change from 0 to 256 [ 708.646004][ T1398] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a371bfb, utbl_chksum : 0xe619d30d) [ 708.650115][ T1202] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 708.873598][ T1202] usb 4-1: New USB device found, idVendor=2c42, idProduct=1602, bcdDevice=da.64 [ 708.900736][ T1202] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 708.908875][ T1202] usb 4-1: Product: syz [ 708.927208][ T1202] usb 4-1: Manufacturer: syz [ 708.935657][ T1202] usb 4-1: SerialNumber: syz [ 708.954394][ T1202] usb 4-1: config 0 descriptor?? [ 708.961989][ T1202] hub 4-1:0.0: bad descriptor, ignoring hub [ 708.967954][ T1202] hub: probe of 4-1:0.0 failed with error -5 [ 708.977415][ T1202] f81232 4-1:0.0: f81534a converter detected [ 709.195253][ T1202] usb 4-1: f81534a converter now attached to ttyUSB0 [ 709.630371][T19006] usb 4-1: USB disconnect, device number 35 [ 709.670871][T19006] f81534a ttyUSB0: f81534a converter now disconnected from ttyUSB0 [ 709.730997][T19006] f81232 4-1:0.0: device disconnected [ 710.713300][ T1513] sp0: Synchronizing with TNC [ 710.918501][ T1528] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7561'. [ 710.927079][ T1486] loop2: detected capacity change from 0 to 32768 [ 710.980865][ T1531] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7562'. [ 710.996611][ T1486] ERROR: (device loop2): diAllocAG: error reading iag [ 710.996611][ T1486] [ 711.014504][ T1531] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7562'. [ 711.029146][ T1486] ialloc: diAlloc returned -5! [ 711.252519][ T1541] loop1: detected capacity change from 0 to 1764 [ 711.425853][ T1549] netlink: 'syz.3.7567': attribute type 1 has an invalid length. [ 711.457944][ T1549] netlink: 224 bytes leftover after parsing attributes in process `syz.3.7567'. [ 711.650108][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 711.721859][ T1565] loop2: detected capacity change from 0 to 256 [ 711.812163][ T1565] FAT-fs (loop2): Directory bread(block 64) failed [ 711.818808][ T1565] FAT-fs (loop2): Directory bread(block 65) failed [ 711.866298][ T1565] FAT-fs (loop2): Directory bread(block 66) failed [ 711.886529][ T1565] FAT-fs (loop2): Directory bread(block 67) failed [ 711.894134][ T1565] FAT-fs (loop2): Directory bread(block 68) failed [ 711.914003][ T1565] FAT-fs (loop2): Directory bread(block 69) failed [ 711.922614][ T1565] FAT-fs (loop2): Directory bread(block 70) failed [ 711.937270][ T1565] FAT-fs (loop2): Directory bread(block 71) failed [ 711.956178][ T1565] FAT-fs (loop2): Directory bread(block 72) failed [ 711.976380][ T1565] FAT-fs (loop2): Directory bread(block 73) failed [ 712.510248][ T1561] loop1: detected capacity change from 0 to 32768 [ 712.528279][ T1561] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.7570 (1561) [ 712.589332][ T1561] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 712.608971][ T1561] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 712.639054][ T1561] BTRFS info (device loop1): allowing degraded mounts [ 712.667099][ T1561] BTRFS info (device loop1): using free space tree [ 712.736146][ T55] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 712.770629][ T1621] exFAT-fs (nullb0): mounting with "discard" option, but the device does not support discard [ 712.794788][ T1561] BTRFS info (device loop1): auto enabling async discard [ 712.802615][ T1621] exFAT-fs (nullb0): invalid boot record signature [ 712.809269][ T1621] exFAT-fs (nullb0): failed to read boot sector [ 712.817066][ T1561] BTRFS info (device loop1): checking UUID tree [ 712.833142][ T1621] exFAT-fs (nullb0): failed to recognize exfat type [ 712.951495][ T55] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 712.980232][ T55] usb 3-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 712.989473][ T55] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 713.035001][ T55] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 713.150594][ T5787] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 713.853421][ T1656] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7597'. [ 713.908344][ T1656] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7597'. [ 714.131040][ T55] stv0680 3-1:4.0: STV(e): camera ping failed!! [ 714.336677][ T55] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 714.374505][ T55] stv0680 3-1:4.0: last error: 0, command = 0x0 [ 714.412151][ T55] usb 3-1: USB disconnect, device number 34 [ 714.966671][ T1710] xt_hashlimit: max too large, truncated to 1048576 [ 715.158485][ T1719] loop1: detected capacity change from 0 to 1024 [ 715.238897][ T1719] hfsplus: request for non-existent node 211 in B*Tree [ 715.261641][ T1719] hfsplus: request for non-existent node 211 in B*Tree [ 716.626969][ T1798] xt_CONNSECMARK: invalid mode: 66 [ 716.890696][ T1814] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7650'. [ 716.899739][ T1814] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7650'. [ 717.007305][ T28] audit: type=1326 audit(2000000300.830:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1816 comm="syz.2.7651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6ad8ebe9 code=0x7ffc0000 [ 717.067853][ T28] audit: type=1326 audit(2000000300.830:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1816 comm="syz.2.7651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6ad8ebe9 code=0x7ffc0000 [ 717.111885][ T28] audit: type=1326 audit(2000000300.860:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1816 comm="syz.2.7651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f0e6ad8ebe9 code=0x7ffc0000 [ 717.145816][ T28] audit: type=1326 audit(2000000300.860:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1816 comm="syz.2.7651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6ad8ebe9 code=0x7ffc0000 [ 717.216613][ T28] audit: type=1326 audit(2000000300.860:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1816 comm="syz.2.7651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6ad8ebe9 code=0x7ffc0000 [ 717.401969][ T1832] loop1: detected capacity change from 0 to 512 [ 717.471179][ T1832] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 717.570806][ T1809] loop3: detected capacity change from 0 to 32768 [ 717.590285][ T1809] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.7647 (1809) [ 717.607125][ T28] audit: type=1326 audit(2000000301.430:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1838 comm="syz.2.7656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6ad8ebe9 code=0x7ffc0000 [ 717.653911][ T1809] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 717.680833][ T1809] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 717.699783][ T28] audit: type=1326 audit(2000000301.430:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1838 comm="syz.2.7656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6ad8ebe9 code=0x7ffc0000 [ 717.732805][ T1809] BTRFS info (device loop3): using free space tree [ 717.771363][ T28] audit: type=1326 audit(2000000301.470:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1838 comm="syz.2.7656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7f0e6ad8ebe9 code=0x7ffc0000 [ 717.772029][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 717.880309][ T28] audit: type=1326 audit(2000000301.470:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1838 comm="syz.2.7656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6ad8ebe9 code=0x7ffc0000 [ 717.950288][ T28] audit: type=1326 audit(2000000301.470:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1838 comm="syz.2.7656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6ad8ebe9 code=0x7ffc0000 [ 718.035344][ T1809] BTRFS info (device loop3): enabling ssd optimizations [ 718.056629][ T1809] BTRFS info (device loop3): auto enabling async discard [ 718.097368][ T1873] loop1: detected capacity change from 0 to 256 [ 718.299076][ T5786] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 718.574648][ T6299] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop3 scanned by udevd (6299) [ 719.320742][ T55] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 719.621980][ T1882] loop1: detected capacity change from 0 to 32768 [ 719.649288][ T1882] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.7665 (1882) [ 719.700069][ T1882] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 719.741076][ T1882] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 719.772763][ T1882] BTRFS info (device loop1): setting nodatacow, compression disabled [ 719.796379][ T1882] BTRFS info (device loop1): max_inline at 0 [ 719.820026][ T1882] BTRFS info (device loop1): enabling disk space caching [ 719.827139][ T1882] BTRFS info (device loop1): turning off barriers [ 719.846606][ T1882] BTRFS info (device loop1): turning on flush-on-commit [ 719.873591][ T1882] BTRFS info (device loop1): doing ref verification [ 719.910101][ T1882] BTRFS info (device loop1): force clearing of disk cache [ 719.917323][ T1882] BTRFS info (device loop1): enabling ssd optimizations [ 719.931165][T15161] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 719.978447][ T1882] BTRFS info (device loop1): max_inline at 4096 [ 720.010032][ T1882] BTRFS info (device loop1): disk space caching is enabled [ 720.050302][T18124] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 720.208582][ T1882] BTRFS info (device loop1): auto enabling async discard [ 720.254598][ T1882] BTRFS info (device loop1): rebuilding free space tree [ 720.304486][ T1882] BTRFS info (device loop1): disabling free space tree [ 720.325957][ T1882] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 720.356567][ T1882] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 720.770698][ T5787] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 721.019161][T10331] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 721.073073][T10331] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 721.374925][T19006] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 721.576190][T19006] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 721.600045][T19006] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 721.608213][T19006] usb 3-1: Product: syz [ 721.649055][T19006] usb 3-1: Manufacturer: syz [ 721.662260][T19006] usb 3-1: SerialNumber: syz [ 721.684480][T19006] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 721.690914][T18124] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 721.735616][ T9] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 722.303598][T19006] usb 3-1: USB disconnect, device number 35 [ 722.492077][ T2040] netlink: 1572 bytes leftover after parsing attributes in process `syz.0.7704'. [ 722.877119][ T2059] loop3: detected capacity change from 0 to 256 [ 722.907245][ T2066] netlink: 'syz.1.7714': attribute type 13 has an invalid length. [ 722.985640][ T2059] FAT-fs (loop3): Directory bread(block 64) failed [ 722.997093][ T2059] FAT-fs (loop3): Directory bread(block 65) failed [ 723.005268][ T2059] FAT-fs (loop3): Directory bread(block 66) failed [ 723.030868][ T2059] FAT-fs (loop3): Directory bread(block 67) failed [ 723.037566][ T2059] FAT-fs (loop3): Directory bread(block 68) failed [ 723.050715][ T2059] FAT-fs (loop3): Directory bread(block 69) failed [ 723.057675][ T2059] FAT-fs (loop3): Directory bread(block 70) failed [ 723.065541][ T2059] FAT-fs (loop3): Directory bread(block 71) failed [ 723.073602][ T2059] FAT-fs (loop3): Directory bread(block 72) failed [ 723.080653][ T2059] FAT-fs (loop3): Directory bread(block 73) failed [ 723.090525][ T9] usb 3-1: Service connection timeout for: 256 [ 723.106993][ T9] ath9k_htc 3-1:1.0: ath9k_htc: Unable to initialize HTC services [ 723.152141][ T9] ath9k_htc: Failed to initialize the device [ 723.165346][T19006] usb 3-1: ath9k_htc: USB layer deinitialized [ 723.357400][ T2087] loop2: detected capacity change from 0 to 16 [ 723.386946][ T2087] erofs: (device loop2): mounted with root inode @ nid 36. [ 723.488946][ T2095] ================================================================== [ 723.497087][ T2095] BUG: KASAN: slab-use-after-free in xfrm_alloc_spi+0x598/0x11f0 [ 723.504856][ T2095] Read of size 4 at addr ffff88805e6494a0 by task syz.3.7720/2095 [ 723.512695][ T2095] [ 723.515045][ T2095] CPU: 1 PID: 2095 Comm: syz.3.7720 Not tainted syzkaller #0 [ 723.522451][ T2095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 723.532709][ T2095] Call Trace: [ 723.536010][ T2095] [ 723.538965][ T2095] dump_stack_lvl+0x16c/0x230 [ 723.544295][ T2095] ? __lock_acquire+0x7c80/0x7c80 [ 723.549333][ T2095] ? show_regs_print_info+0x20/0x20 [ 723.554655][ T2095] ? load_image+0x3b0/0x3b0 [ 723.559171][ T2095] ? __virt_addr_valid+0x469/0x540 [ 723.564343][ T2095] print_report+0xac/0x220 [ 723.568862][ T2095] ? xfrm_alloc_spi+0x598/0x11f0 [ 723.573806][ T2095] kasan_report+0x117/0x150 [ 723.578320][ T2095] ? xfrm_alloc_spi+0x598/0x11f0 [ 723.583544][ T2095] xfrm_alloc_spi+0x598/0x11f0 [ 723.588318][ T2095] ? preempt_schedule_thunk+0x1a/0x30 [ 723.593712][ T2095] ? xfrm_alloc_spi+0x2a1/0x11f0 [ 723.598655][ T2095] ? verify_spi_info+0x120/0x120 [ 723.603611][ T2095] ? xfrm_find_acq+0x79/0x90 [ 723.608212][ T2095] xfrm_alloc_userspi+0x5d1/0xa90 [ 723.613255][ T2095] ? end_current_label_crit_section+0x170/0x170 [ 723.619514][ T2095] ? apparmor_capable+0x137/0x1a0 [ 723.624555][ T2095] ? xfrm_dump_policy_done+0x90/0x90 [ 723.629856][ T2095] ? __nla_parse+0x40/0x50 [ 723.634292][ T2095] xfrm_user_rcv_msg+0x596/0x870 [ 723.639337][ T2095] ? lockdep_hardirqs_on+0x98/0x150 [ 723.644552][ T2095] ? xfrm_netlink_rcv+0x90/0x90 [ 723.649414][ T2095] ? __local_bh_enable_ip+0x12e/0x1c0 [ 723.654814][ T2095] ? __dev_queue_xmit+0x245/0x35a0 [ 723.659936][ T2095] ? __mutex_trylock_common+0x153/0x250 [ 723.665588][ T2095] netlink_rcv_skb+0x216/0x480 [ 723.670447][ T2095] ? xfrm_netlink_rcv+0x90/0x90 [ 723.675308][ T2095] ? netlink_ack+0x1110/0x1110 [ 723.680085][ T2095] ? netlink_deliver_tap+0x2e/0x1b0 [ 723.685301][ T2095] ? __lock_acquire+0x7c80/0x7c80 [ 723.690370][ T2095] xfrm_netlink_rcv+0x79/0x90 [ 723.695070][ T2095] netlink_unicast+0x751/0x8d0 [ 723.699862][ T2095] netlink_sendmsg+0x8c1/0xbe0 [ 723.704666][ T2095] ? netlink_getsockopt+0x580/0x580 [ 723.709893][ T2095] ? aa_sock_msg_perm+0x94/0x150 [ 723.714836][ T2095] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 723.720129][ T2095] ? security_socket_sendmsg+0x80/0xa0 [ 723.725601][ T2095] ? netlink_getsockopt+0x580/0x580 [ 723.730810][ T2095] ____sys_sendmsg+0x5bf/0x950 [ 723.735588][ T2095] ? __asan_memset+0x22/0x40 [ 723.740194][ T2095] ? __sys_sendmsg_sock+0x30/0x30 [ 723.745233][ T2095] ? __import_iovec+0x5f2/0x860 [ 723.750101][ T2095] ? import_iovec+0x73/0xa0 [ 723.754615][ T2095] ___sys_sendmsg+0x220/0x290 [ 723.759300][ T2095] ? __sys_sendmsg+0x270/0x270 [ 723.764091][ T2095] __se_sys_sendmsg+0x1a5/0x270 [ 723.768977][ T2095] ? __x64_sys_sendmsg+0x80/0x80 [ 723.774016][ T2095] ? lockdep_hardirqs_on+0x98/0x150 [ 723.779236][ T2095] do_syscall_64+0x55/0xb0 [ 723.783683][ T2095] ? clear_bhb_loop+0x40/0x90 [ 723.788368][ T2095] ? clear_bhb_loop+0x40/0x90 [ 723.793046][ T2095] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 723.798959][ T2095] RIP: 0033:0x7fbe9e18ebe9 [ 723.803380][ T2095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 723.823003][ T2095] RSP: 002b:00007fbe9f0ba038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 723.831446][ T2095] RAX: ffffffffffffffda RBX: 00007fbe9e3b5fa0 RCX: 00007fbe9e18ebe9 [ 723.839518][ T2095] RDX: 0000000000048000 RSI: 0000200000014800 RDI: 0000000000000003 [ 723.847491][ T2095] RBP: 00007fbe9e211e19 R08: 0000000000000000 R09: 0000000000000000 [ 723.855474][ T2095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 723.863454][ T2095] R13: 00007fbe9e3b6038 R14: 00007fbe9e3b5fa0 R15: 00007ffe57ce4208 [ 723.871445][ T2095] [ 723.874474][ T2095] [ 723.876907][ T2095] Allocated by task 32650: [ 723.881334][ T2095] kasan_set_track+0x4e/0x70 [ 723.885968][ T2095] __kasan_slab_alloc+0x6c/0x80 [ 723.890841][ T2095] slab_post_alloc_hook+0x6e/0x4d0 [ 723.896065][ T2095] kmem_cache_alloc+0x11e/0x2e0 [ 723.900930][ T2095] xfrm_state_alloc+0x22/0x2a0 [ 723.905705][ T2095] __find_acq_core+0x7d8/0x19d0 [ 723.910593][ T2095] xfrm_find_acq+0x6a/0x90 [ 723.915022][ T2095] xfrm_alloc_userspi+0x57a/0xa90 [ 723.920046][ T2095] xfrm_user_rcv_msg+0x596/0x870 [ 723.924989][ T2095] netlink_rcv_skb+0x216/0x480 [ 723.929755][ T2095] xfrm_netlink_rcv+0x79/0x90 [ 723.934443][ T2095] netlink_unicast+0x751/0x8d0 [ 723.939220][ T2095] netlink_sendmsg+0x8c1/0xbe0 [ 723.943998][ T2095] ____sys_sendmsg+0x5bf/0x950 [ 723.948859][ T2095] ___sys_sendmsg+0x220/0x290 [ 723.953540][ T2095] __se_sys_sendmsg+0x1a5/0x270 [ 723.958487][ T2095] do_syscall_64+0x55/0xb0 [ 723.962909][ T2095] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 723.968811][ T2095] [ 723.971138][ T2095] The buggy address belongs to the object at ffff88805e649400 [ 723.971138][ T2095] which belongs to the cache xfrm_state of size 848 [ 723.985207][ T2095] The buggy address is located 160 bytes inside of [ 723.985207][ T2095] freed 848-byte region [ffff88805e649400, ffff88805e649750) [ 723.999012][ T2095] [ 724.001337][ T2095] The buggy address belongs to the physical page: [ 724.007748][ T2095] page:ffffea0001799200 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88805e649800 pfn:0x5e648 [ 724.019201][ T2095] head:ffffea0001799200 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 724.028142][ T2095] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 724.036129][ T2095] page_type: 0xffffffff() [ 724.040473][ T2095] raw: 00fff00000000840 ffff888017edbdc0 dead000000000122 0000000000000000 [ 724.049067][ T2095] raw: ffff88805e649800 000000008010000a 00000001ffffffff 0000000000000000 [ 724.057644][ T2095] page dumped because: kasan: bad access detected [ 724.064054][ T2095] page_owner tracks the page as allocated [ 724.069765][ T2095] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 7161, tgid 7160 (syz.3.453), ts 173389832324, free_ts 173312549175 [ 724.090370][ T2095] post_alloc_hook+0x1cd/0x210 [ 724.095161][ T2095] get_page_from_freelist+0x195c/0x19f0 [ 724.100716][ T2095] __alloc_pages+0x1e3/0x460 [ 724.105339][ T2095] alloc_slab_page+0x5d/0x170 [ 724.110024][ T2095] new_slab+0x87/0x2e0 [ 724.114104][ T2095] ___slab_alloc+0xc6d/0x12f0 [ 724.118793][ T2095] kmem_cache_alloc+0x1b7/0x2e0 [ 724.123661][ T2095] xfrm_state_alloc+0x22/0x2a0 [ 724.128430][ T2095] xfrm_add_sa+0xfe5/0x30a0 [ 724.132935][ T2095] xfrm_user_rcv_msg+0x596/0x870 [ 724.137876][ T2095] netlink_rcv_skb+0x216/0x480 [ 724.142654][ T2095] xfrm_netlink_rcv+0x79/0x90 [ 724.147520][ T2095] netlink_unicast+0x751/0x8d0 [ 724.152288][ T2095] netlink_sendmsg+0x8c1/0xbe0 [ 724.157056][ T2095] ____sys_sendmsg+0x5bf/0x950 [ 724.161825][ T2095] ___sys_sendmsg+0x220/0x290 [ 724.166528][ T2095] page last free stack trace: [ 724.171204][ T2095] free_unref_page_prepare+0x7ce/0x8e0 [ 724.176682][ T2095] free_unref_page+0x32/0x2e0 [ 724.181370][ T2095] __slab_free+0x35e/0x410 [ 724.185799][ T2095] qlist_free_all+0x75/0xe0 [ 724.190319][ T2095] kasan_quarantine_reduce+0x143/0x160 [ 724.195784][ T2095] __kasan_slab_alloc+0x22/0x80 [ 724.200639][ T2095] slab_post_alloc_hook+0x6e/0x4d0 [ 724.205760][ T2095] kmem_cache_alloc+0x11e/0x2e0 [ 724.210648][ T2095] vm_area_dup+0x27/0x270 [ 724.215006][ T2095] __split_vma+0x19f/0xc00 [ 724.219444][ T2095] mprotect_fixup+0xa0f/0xc90 [ 724.224138][ T2095] do_mprotect_pkey+0x76e/0xc30 [ 724.229090][ T2095] __x64_sys_mprotect+0x80/0x90 [ 724.234040][ T2095] do_syscall_64+0x55/0xb0 [ 724.238476][ T2095] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 724.244483][ T2095] [ 724.246811][ T2095] Memory state around the buggy address: [ 724.252461][ T2095] ffff88805e649380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 724.260537][ T2095] ffff88805e649400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 724.268600][ T2095] >ffff88805e649480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 724.276660][ T2095] ^ [ 724.281780][ T2095] ffff88805e649500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 724.289843][ T2095] ffff88805e649580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 724.297912][ T2095] ================================================================== [ 724.306123][ T2095] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 724.313332][ T2095] CPU: 1 PID: 2095 Comm: syz.3.7720 Not tainted syzkaller #0 [ 724.320710][ T2095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 724.330773][ T2095] Call Trace: [ 724.334058][ T2095] [ 724.336992][ T2095] dump_stack_lvl+0x16c/0x230 [ 724.341857][ T2095] ? show_regs_print_info+0x20/0x20 [ 724.347062][ T2095] ? load_image+0x3b0/0x3b0 [ 724.351576][ T2095] panic+0x2c0/0x710 [ 724.355497][ T2095] ? bpf_jit_dump+0xd0/0xd0 [ 724.360008][ T2095] ? _raw_spin_unlock_irqrestore+0xa9/0x110 [ 724.365911][ T2095] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 724.371830][ T2095] ? _raw_spin_unlock+0x40/0x40 [ 724.376775][ T2095] ? print_memory_metadata+0x314/0x400 [ 724.382237][ T2095] ? xfrm_alloc_spi+0x598/0x11f0 [ 724.387191][ T2095] check_panic_on_warn+0x84/0xa0 [ 724.392136][ T2095] ? xfrm_alloc_spi+0x598/0x11f0 [ 724.397082][ T2095] end_report+0x6f/0x140 [ 724.401416][ T2095] kasan_report+0x128/0x150 [ 724.405953][ T2095] ? xfrm_alloc_spi+0x598/0x11f0 [ 724.410902][ T2095] xfrm_alloc_spi+0x598/0x11f0 [ 724.415669][ T2095] ? preempt_schedule_thunk+0x1a/0x30 [ 724.421055][ T2095] ? xfrm_alloc_spi+0x2a1/0x11f0 [ 724.426003][ T2095] ? verify_spi_info+0x120/0x120 [ 724.431032][ T2095] ? xfrm_find_acq+0x79/0x90 [ 724.435628][ T2095] xfrm_alloc_userspi+0x5d1/0xa90 [ 724.440674][ T2095] ? end_current_label_crit_section+0x170/0x170 [ 724.446919][ T2095] ? apparmor_capable+0x137/0x1a0 [ 724.451951][ T2095] ? xfrm_dump_policy_done+0x90/0x90 [ 724.457248][ T2095] ? __nla_parse+0x40/0x50 [ 724.461674][ T2095] xfrm_user_rcv_msg+0x596/0x870 [ 724.466618][ T2095] ? lockdep_hardirqs_on+0x98/0x150 [ 724.471827][ T2095] ? xfrm_netlink_rcv+0x90/0x90 [ 724.476683][ T2095] ? __local_bh_enable_ip+0x12e/0x1c0 [ 724.482066][ T2095] ? __dev_queue_xmit+0x245/0x35a0 [ 724.487360][ T2095] ? __mutex_trylock_common+0x153/0x250 [ 724.492949][ T2095] netlink_rcv_skb+0x216/0x480 [ 724.497720][ T2095] ? xfrm_netlink_rcv+0x90/0x90 [ 724.502581][ T2095] ? netlink_ack+0x1110/0x1110 [ 724.507355][ T2095] ? netlink_deliver_tap+0x2e/0x1b0 [ 724.512580][ T2095] ? __lock_acquire+0x7c80/0x7c80 [ 724.517614][ T2095] xfrm_netlink_rcv+0x79/0x90 [ 724.522399][ T2095] netlink_unicast+0x751/0x8d0 [ 724.527172][ T2095] netlink_sendmsg+0x8c1/0xbe0 [ 724.532032][ T2095] ? netlink_getsockopt+0x580/0x580 [ 724.537239][ T2095] ? aa_sock_msg_perm+0x94/0x150 [ 724.542190][ T2095] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 724.547485][ T2095] ? security_socket_sendmsg+0x80/0xa0 [ 724.552949][ T2095] ? netlink_getsockopt+0x580/0x580 [ 724.558156][ T2095] ____sys_sendmsg+0x5bf/0x950 [ 724.562931][ T2095] ? __asan_memset+0x22/0x40 [ 724.567524][ T2095] ? __sys_sendmsg_sock+0x30/0x30 [ 724.572560][ T2095] ? __import_iovec+0x5f2/0x860 [ 724.577421][ T2095] ? import_iovec+0x73/0xa0 [ 724.581947][ T2095] ___sys_sendmsg+0x220/0x290 [ 724.586657][ T2095] ? __sys_sendmsg+0x270/0x270 [ 724.591443][ T2095] __se_sys_sendmsg+0x1a5/0x270 [ 724.596303][ T2095] ? __x64_sys_sendmsg+0x80/0x80 [ 724.601261][ T2095] ? lockdep_hardirqs_on+0x98/0x150 [ 724.606467][ T2095] do_syscall_64+0x55/0xb0 [ 724.610907][ T2095] ? clear_bhb_loop+0x40/0x90 [ 724.615594][ T2095] ? clear_bhb_loop+0x40/0x90 [ 724.620619][ T2095] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 724.626522][ T2095] RIP: 0033:0x7fbe9e18ebe9 [ 724.630939][ T2095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 724.650743][ T2095] RSP: 002b:00007fbe9f0ba038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 724.659175][ T2095] RAX: ffffffffffffffda RBX: 00007fbe9e3b5fa0 RCX: 00007fbe9e18ebe9 [ 724.667167][ T2095] RDX: 0000000000048000 RSI: 0000200000014800 RDI: 0000000000000003 [ 724.675230][ T2095] RBP: 00007fbe9e211e19 R08: 0000000000000000 R09: 0000000000000000 [ 724.683217][ T2095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 724.691193][ T2095] R13: 00007fbe9e3b6038 R14: 00007fbe9e3b5fa0 R15: 00007ffe57ce4208 [ 724.699174][ T2095] [ 724.702496][ T2095] Kernel Offset: disabled [ 724.706823][ T2095] Rebooting in 86400 seconds..