last executing test programs: 2.915608814s ago: executing program 2 (id=1056): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2.868381204s ago: executing program 4 (id=1057): ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4020ae46, &(0x7f0000003340)={0x0, 0x0, @pic={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}) 2.470702896s ago: executing program 4 (id=1061): setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, 0x0, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x764) semctl$GETALL(0x0, 0x0, 0xd, &(0x7f0000000400)=""/86) 2.290116957s ago: executing program 4 (id=1064): r0 = socket$unix(0x1, 0x2, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0500000001ea2f3352c9a24cfb0fe8f3", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r0, @ANYBLOB="37eb290aca"], 0x20000600}}, 0x0) 2.171642948s ago: executing program 4 (id=1066): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r0, &(0x7f0000000180)='=', 0x1, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x0, @private1}, 0x1c) shutdown(r0, 0x1) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x82, &(0x7f0000000340), 0x8) 1.840943009s ago: executing program 4 (id=1071): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2d, 0xe1, 0xc7, 0x40, 0xe41, 0x4650, 0x9f7f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x1, 0x0, 0x10, 0xd1, 0x4a}}]}}]}}, 0x0) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="0404"], 0x11) 1.68130623s ago: executing program 3 (id=1072): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x6934, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @mcast2}, 0x1c) recvmmsg(r0, &(0x7f0000000940)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)=""/179, 0xb3}, 0xffff656f}], 0x1, 0x12121, 0x0) 1.507964891s ago: executing program 3 (id=1075): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000600)=ANY=[@ANYBLOB="030000"]) 1.450328861s ago: executing program 0 (id=1076): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) io_setup(0x400, &(0x7f0000001080)=0x0) io_submit(r1, 0x1, &(0x7f0000000300)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x300}]) 1.439116771s ago: executing program 1 (id=1077): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000000000000850000009400000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 1.362383882s ago: executing program 2 (id=1078): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000700)=0x5, 0x8) 1.239043243s ago: executing program 1 (id=1079): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), r0) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000640)={0x38, r2, 0x1, 0xffffffff, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x6, 0xbe, "85a2"}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x6, 0xbd, [0xfffe]}]}, 0x38}}, 0x0) 1.223380123s ago: executing program 3 (id=1080): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000001dc0), r0) sendmsg$NFC_CMD_DEP_LINK_DOWN(r1, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000001e80)={&(0x7f0000001e40)={0x24, r2, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_TARGET_INDEX={0x8}]}, 0x24}}, 0x0) 1.168643003s ago: executing program 2 (id=1081): r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x20242, 0x0) r1 = inotify_init() inotify_add_watch(r1, &(0x7f0000000240)='./file0\x00', 0x8c7) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x8001}) 1.133041964s ago: executing program 0 (id=1082): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x13, 0x7, 0xc, 0x22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 1.004865544s ago: executing program 3 (id=1083): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r1) sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000680)=ANY=[@ANYBLOB="a4000000", @ANYRES16=r2, @ANYBLOB="010029bd7000fbdbdf250300000008000400e00000011400060067656e6576653000000000000000000014000300fe80fb000000000000000000000000bb14000200fe8000000000000000000000000000bb260007"], 0xa4}}, 0x0) 930.474685ms ago: executing program 1 (id=1084): syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000008060001080006040002aaaaaa9caa00ac1414bb33aaaaaaaa00ac"], 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14) 924.117875ms ago: executing program 0 (id=1085): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=@newqdisc={0x6c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x23, 0x2, @TCA_CBS_PARMS={0x18}}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4, 0x2, [0x0, 0x0, 0x0, 0x0]}}]}]}, 0x6c}}, 0x0) 815.055705ms ago: executing program 2 (id=1086): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r1, 0xfffff000, 0xe, 0x0, &(0x7f0000000300)="882f1242a03c3f98722780b605a7", 0x0, 0x990d, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 701.415126ms ago: executing program 2 (id=1087): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000040)=@x86={0x0, 0x5, 0x9, 0x0, 0xfffffff9, 0xd, 0x5, 0xa, 0xd, 0x8, 0xce, 0x7, 0x0, 0x2, 0xe, 0x3, 0x5, 0x8, 0x10, '\x00', 0x1, 0x2}) 633.959326ms ago: executing program 3 (id=1088): bind$alg(0xffffffffffffffff, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-ssse3\x00'}, 0x58) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0xc0a85320, &(0x7f00000000c0)={0x1080}) 522.836137ms ago: executing program 1 (id=1089): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28012, r0, 0x0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f00000001c0), 0x8) 482.099257ms ago: executing program 3 (id=1090): r0 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r0, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000008}, 0x10) listen(r0, 0x0) 389.063518ms ago: executing program 2 (id=1091): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000ab9fd540501d6f60d414000000010902120001000040000904"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000400)={0x44, &(0x7f0000000040)=ANY=[@ANYBLOB="00010c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f00000008c0)={0x84, &(0x7f0000000480)={0x20, 0x1, 0x28, "68691dc3a0bfc70f21a87eba64a6e12db109308d047368146cd1642134a11841dce4010941dc98be"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 387.639038ms ago: executing program 0 (id=1092): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000200)='mm_page_alloc\x00', r1}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x27}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) 279.491948ms ago: executing program 1 (id=1093): r0 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000040)={0xffffffffffffffff}) close(r0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000b00)) 199.529649ms ago: executing program 0 (id=1094): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x4, @remote, 0xb}, 0x1c) syz_emit_ethernet(0x4e, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaaece65fbcee5586dd6001010000181100fe8000000000000000000000000000bbfe8000000000000000000000000000aa4e200e22"], 0x0) 119.117109ms ago: executing program 1 (id=1095): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000340)=ANY=[@ANYBLOB="01000000000000009d000040"]) 54.040029ms ago: executing program 0 (id=1096): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)={0x2c, r0, 0x1, 0x20000000, 0x27dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x971}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8}]}, 0x2c}}, 0x0) 0s ago: executing program 4 (id=1097): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x80000000000000, &(0x7f0000000140)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000200)={0x14, 0x88, 0xfa00, {r1, 0x10, 0x0, @in={0x2, 0x4e22, @loopback}}}, 0x90) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @mcast1, 0x400}, {0x2, 0x0, 0x10, @private1={0xfc, 0x1, '\x00', 0x1}}, r1, 0xfffffffc}}, 0x48) kernel console output (not intermixed with test programs): 88.657796][ T4259] sysv_free_block: trying to free block not in datazone [ 88.688035][ T4259] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 89.043119][ T4467] loop0: detected capacity change from 0 to 32768 [ 89.100575][ T4467] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop0 scanned by syz.0.58 (4467) [ 89.141340][ T4465] loop3: detected capacity change from 0 to 32768 [ 89.215446][ T4467] BTRFS info (device loop0): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 89.307433][ T4467] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 89.331026][ T4460] loop1: detected capacity change from 0 to 40427 [ 89.340049][ T4467] BTRFS info (device loop0): using free space tree [ 89.360696][ T4465] XFS (loop3): Mounting V5 Filesystem [ 89.366432][ T4460] F2FS-fs (loop1): Corrupted extension count (64 + 1 > 64) [ 89.400444][ T4460] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 89.411546][ T4460] F2FS-fs (loop1): Encrypt feature is off [ 89.543455][ T4465] XFS (loop3): Ending clean mount [ 89.637510][ T4465] XFS (loop3): Quotacheck needed: Please wait. [ 89.834435][ T4523] netlink: 4 bytes leftover after parsing attributes in process `syz.4.65'. [ 89.851010][ T4467] BTRFS info (device loop0): enabling ssd optimizations [ 89.878640][ T4465] XFS (loop3): Quotacheck: Done. [ 90.226991][ T4260] XFS (loop3): Unmounting Filesystem [ 90.471711][ T4536] netlink: 28 bytes leftover after parsing attributes in process `syz.4.70'. [ 90.693772][ T4255] BTRFS info (device loop0): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 90.808995][ T4545] loop1: detected capacity change from 0 to 16 [ 90.828872][ T4545] erofs: (device loop1): mounted with root inode @ nid 36. [ 90.842473][ T4547] capability: warning: `syz.4.74' uses deprecated v2 capabilities in a way that may be insecure [ 90.929933][ T4547] program syz.4.74 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 91.775443][ T4583] loop4: detected capacity change from 0 to 256 [ 91.988825][ T4295] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 92.027216][ T22] hid-generic 0005:0C45:1010.0002: item fetching failed at offset 0/1 [ 92.093961][ T22] hid-generic: probe of 0005:0C45:1010.0002 failed with error -22 [ 92.178728][ T4295] usb 1-1: Using ep0 maxpacket: 32 [ 92.199982][ T4295] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 92.238472][ T4295] usb 1-1: config 0 has no interface number 0 [ 92.271855][ T4295] usb 1-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 92.311079][ T4295] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 92.350856][ T4295] usb 1-1: Product: syz [ 92.355153][ T4295] usb 1-1: Manufacturer: syz [ 92.378361][ T4295] usb 1-1: SerialNumber: syz [ 92.404635][ T4295] usb 1-1: config 0 descriptor?? [ 92.431863][ T4295] usb 1-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 92.478687][ T4295] usb 1-1: selecting invalid altsetting 1 [ 92.484996][ T4295] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 92.573123][ T4295] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 92.609100][ T4295] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 92.617866][ T4295] usb 1-1: media controller created [ 92.677995][ T4295] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 92.830674][ T4295] usb 1-1: dvb_usb_ce6230: usb_control_msg() failed=-32 [ 92.856441][ T4295] zl10353_read_register: readreg error (reg=127, ret==-32) [ 92.900745][ T4616] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 93.234259][ T4560] usb 1-1: USB disconnect, device number 2 [ 93.614711][ T4636] loop2: detected capacity change from 0 to 1024 [ 93.657914][ T4636] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 93.752467][ T4636] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 93.913471][ T4636] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #11: comm syz.2.106: missing EA_INODE flag [ 93.977274][ T4636] EXT4-fs (loop2): Remounting filesystem read-only [ 93.998691][ T4636] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.106: error while reading EA inode 11 err=-117 [ 94.047077][ T4636] EXT4-fs (loop2): Remounting filesystem read-only [ 94.077314][ T4636] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 94.254862][ T4254] EXT4-fs (loop2): unmounting filesystem. [ 94.426089][ T4627] loop3: detected capacity change from 0 to 32768 [ 94.645979][ T4662] netlink: 'syz.1.117': attribute type 1 has an invalid length. [ 94.672140][ T4662] netlink: 8 bytes leftover after parsing attributes in process `syz.1.117'. [ 95.050434][ T4666] loop3: detected capacity change from 0 to 16 [ 95.097178][ T4666] erofs: (device loop3): mounted with root inode @ nid 36. [ 95.141598][ T4666] syz.3.118: attempt to access beyond end of device [ 95.141598][ T4666] loop3: rw=0, sector=8, nr_sectors = 32 limit=16 [ 95.275418][ T4656] loop0: detected capacity change from 0 to 32768 [ 95.295418][ T4656] ======================================================= [ 95.295418][ T4656] WARNING: The mand mount option has been deprecated and [ 95.295418][ T4656] and is ignored by this kernel. Remove the mand [ 95.295418][ T4656] option from the mount to silence this warning. [ 95.295418][ T4656] ======================================================= [ 95.459930][ T4656] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 95.477232][ T4660] loop2: detected capacity change from 0 to 32768 [ 95.505703][ T4660] XFS: ikeep mount option is deprecated. [ 95.519042][ T4656] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 95.601004][ T4660] XFS (loop2): Mounting V5 Filesystem [ 95.699532][ T4660] XFS (loop2): Ending clean mount [ 95.736249][ T4660] XFS (loop2): Quotacheck needed: Please wait. [ 95.847214][ T4660] XFS (loop2): Quotacheck: Done. [ 95.948902][ T4689] loop4: detected capacity change from 0 to 64 [ 96.177228][ T4255] ocfs2: Unmounting device (7,0) on (node local) [ 96.269485][ T4689] syz.4.122: attempt to access beyond end of device [ 96.269485][ T4689] loop4: rw=2049, sector=268435468, nr_sectors = 2 limit=64 [ 96.274229][ T4254] XFS (loop2): Unmounting Filesystem [ 96.314622][ T26] audit: type=1326 audit(1732740082.088:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4694 comm="syz.1.126" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1baad80809 code=0x0 [ 96.369580][ T4689] Buffer I/O error on dev loop4, logical block 134217734, lost async page write [ 96.870422][ T4703] loop0: detected capacity change from 0 to 512 [ 97.012358][ T4703] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 97.053428][ T4703] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.299597][ T4703] Quota error (device loop0): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 97.346481][ T4703] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 97.367079][ T4719] netlink: 48 bytes leftover after parsing attributes in process `syz.1.133'. [ 97.385529][ T4703] EXT4-fs error (device loop0): ext4_acquire_dquot:6801: comm syz.0.129: Failed to acquire dquot type 0 [ 97.497744][ T4255] EXT4-fs (loop0): unmounting filesystem. [ 98.252668][ T4743] Illegal XDP return value 4294967294 on prog (id 19) dev N/A, expect packet loss! [ 98.294694][ T4746] netlink: 'syz.1.146': attribute type 29 has an invalid length. [ 98.348554][ T4746] netlink: 'syz.1.146': attribute type 29 has an invalid length. [ 98.377590][ T4747] netlink: 'syz.1.146': attribute type 29 has an invalid length. [ 98.409705][ T4749] netlink: 'syz.1.146': attribute type 29 has an invalid length. [ 98.570247][ T4754] netlink: 8 bytes leftover after parsing attributes in process `syz.3.149'. [ 98.611271][ T4754] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 98.679559][ T4750] loop2: detected capacity change from 0 to 8192 [ 98.743456][ T4750] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 98.843594][ T4750] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 98.920091][ T4757] loop4: detected capacity change from 0 to 512 [ 98.948951][ T4750] REISERFS (device loop2): using ordered data mode [ 98.955810][ T4750] reiserfs: using flush barriers [ 99.008072][ T4750] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 99.027196][ T4767] netlink: 12 bytes leftover after parsing attributes in process `syz.3.155'. [ 99.039286][ T4750] REISERFS (device loop2): checking transaction log (loop2) [ 99.094403][ T4757] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.4.150: corrupted xattr block 95 [ 99.109400][ T4750] REISERFS (device loop2): Using r5 hash to sort names [ 99.128970][ T4750] REISERFS (device loop2): using 3.5.x disk format [ 99.144705][ T4750] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 99.188189][ T4757] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz.4.150: bg 0: block 7: invalid block bitmap [ 99.293689][ T4757] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 99.351522][ T4757] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2925: inode #11: comm syz.4.150: corrupted xattr block 95 [ 99.438062][ T4757] EXT4-fs warning (device loop4): ext4_evict_inode:299: xattr delete (err -117) [ 99.511440][ T4757] EXT4-fs (loop4): 1 orphan inode deleted [ 99.532899][ T4757] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 99.978561][ T4259] EXT4-fs (loop4): unmounting filesystem. [ 100.308226][ T4798] loop3: detected capacity change from 0 to 64 [ 100.435070][ T4779] loop1: detected capacity change from 0 to 32768 [ 100.448576][ T22] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 100.490597][ T4779] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop1 scanned by syz.1.159 (4779) [ 100.603516][ T4779] BTRFS info (device loop1): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 100.624208][ T4779] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 100.638655][ T22] usb 3-1: Using ep0 maxpacket: 8 [ 100.651384][ T4793] netlink: 'syz.2.166': attribute type 4 has an invalid length. [ 100.676747][ T4779] BTRFS info (device loop1): setting nodatacow, compression disabled [ 100.698800][ T22] usb 3-1: unable to get BOS descriptor or descriptor too short [ 100.717608][ T22] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 100.768570][ T4779] BTRFS info (device loop1): turning on flush-on-commit [ 100.775689][ T4779] BTRFS info (device loop1): using free space tree [ 100.782802][ T22] usb 3-1: can't read configurations, error -71 [ 101.053936][ T4806] loop3: detected capacity change from 0 to 32768 [ 101.172264][ T4806] XFS (loop3): Mounting V5 Filesystem [ 101.232579][ T4779] BTRFS info (device loop1): enabling ssd optimizations [ 101.267089][ T4806] XFS (loop3): Ending clean mount [ 101.319754][ T4806] XFS (loop3): Metadata corruption detected at xfs_dinode_verify+0x336/0xf80, inode 0x426 dinode [ 101.331980][ T4806] XFS (loop3): Unmount and run xfs_repair [ 101.337882][ T4806] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 101.345566][ T4806] 00000000: 49 4e 81 ed 03 02 00 00 00 00 00 00 00 00 00 00 IN.............. [ 101.354931][ T4806] 00000010: 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 101.364806][ T4806] 00000020: 34 f7 58 68 a5 a5 b6 11 34 f7 58 68 a5 a5 b6 11 4.Xh....4.Xh.... [ 101.374146][ T4806] 00000030: 34 f7 58 68 a5 a5 b6 11 00 00 00 00 00 00 00 0a 4.Xh............ [ 101.383115][ T4806] 00000040: 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 01 ................ [ 101.392905][ T4806] 00000050: 00 00 e5 01 00 00 00 00 00 00 00 00 8c bd 1d c9 ................ [ 101.403719][ T4806] 00000060: ff ff ff ff 32 9a 48 68 00 00 00 00 00 00 00 08 ....2.Hh........ [ 101.415750][ T4806] 00000070: 00 00 00 01 00 00 00 10 00 00 00 00 00 00 00 08 ................ [ 101.443935][ T26] audit: type=1800 audit(1732740087.218:4): pid=4779 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.159" name="file1" dev="loop1" ino=260 res=0 errno=0 [ 101.544855][ T4839] tap0: tun_chr_ioctl cmd 1074025677 [ 101.564718][ T4839] tap0: linktype set to 807 [ 101.622805][ T4260] XFS (loop3): Unmounting Filesystem [ 101.639084][ T4249] BTRFS info (device loop1): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 101.799203][ T4843] loop4: detected capacity change from 0 to 512 [ 101.947599][ T4843] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 102.003597][ T4843] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c01c, mo2=0002] [ 102.102631][ T4843] System zones: 1-12 [ 102.108248][ T4843] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80) [ 102.279713][ T4843] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features [ 102.378733][ T4843] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 102.547816][ T4843] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80) [ 102.558199][ T4861] loop2: detected capacity change from 0 to 4096 [ 102.892608][ T4259] EXT4-fs (loop4): unmounting filesystem. [ 102.932313][ T4868] loop1: detected capacity change from 0 to 2048 [ 103.020390][ T4868] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 103.098586][ T4333] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 103.155353][ T4857] loop0: detected capacity change from 0 to 32768 [ 103.211219][ T4857] ERROR: (device loop0): dtSearch: DT_GETPAGE: dtree page corrupt [ 103.211219][ T4857] [ 103.266414][ T4857] ERROR: (device loop0): remounting filesystem as read-only [ 103.284989][ T4857] jfs_lookup: dtSearch returned -5 [ 103.294310][ T4249] EXT4-fs (loop1): unmounting filesystem. [ 103.303302][ T4875] ERROR: (device loop0): dtReadFirst: DT_GETPAGE: dtree page corrupt [ 103.303302][ T4875] [ 103.304291][ T4333] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 103.319202][ T4875] jfs_readdir: unexpected rc = -5 from dtReadNext [ 103.367917][ T4333] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 103.438608][ T4333] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 103.448574][ T4333] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.459485][ T4240] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 103.501179][ T4869] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 103.661118][ T4240] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 103.691394][ T4240] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 103.743364][ T4240] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 103.787057][ T4240] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 103.827580][ T4882] loop1: detected capacity change from 0 to 2048 [ 103.847539][ T4333] usb 4-1: USB disconnect, device number 2 [ 103.847629][ T4240] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 103.914774][ T4240] usb 5-1: Product: syz [ 103.936322][ T4882] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 103.971010][ T4240] usb 5-1: Manufacturer: syz [ 103.985517][ T4240] usb 5-1: SerialNumber: syz [ 104.216701][ T4249] EXT4-fs (loop1): unmounting filesystem. [ 104.444046][ T4877] loop2: detected capacity change from 0 to 32768 [ 104.532092][ T4877] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 104.627283][ T4240] usb 5-1: 0:2 : does not exist [ 104.882813][ T4560] usb 5-1: USB disconnect, device number 2 [ 104.899415][ T4254] ocfs2: Unmounting device (7,2) on (node local) [ 105.198161][ T4910] netlink: 'syz.1.201': attribute type 29 has an invalid length. [ 105.213518][ T4910] netlink: 'syz.1.201': attribute type 29 has an invalid length. [ 105.226737][ T4910] netlink: 'syz.1.201': attribute type 29 has an invalid length. [ 105.243670][ T4910] netlink: 'syz.1.201': attribute type 29 has an invalid length. [ 105.502635][ T4917] loop1: detected capacity change from 0 to 256 [ 105.894705][ T951] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 106.090398][ T951] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 106.118715][ T951] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 106.148854][ T951] usb 5-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 106.163414][ T951] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.208123][ T951] usb 5-1: config 0 descriptor?? [ 106.561544][ T4953] loop2: detected capacity change from 0 to 128 [ 106.572453][ T4951] loop1: detected capacity change from 0 to 1024 [ 106.639855][ T4921] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 106.701476][ T4921] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 106.719973][ T951] sony 0003:054C:024B.0003: unknown main item tag 0x0 [ 106.743595][ T4951] hfsplus: bad catalog entry type [ 106.760652][ T951] sony 0003:054C:024B.0003: unknown main item tag 0x0 [ 106.768157][ T951] sony 0003:054C:024B.0003: unexpected long global item [ 106.785399][ T951] sony 0003:054C:024B.0003: parse failed [ 106.804322][ T951] sony: probe of 0003:054C:024B.0003 failed with error -22 [ 106.903437][ T59] hfsplus: b-tree write err: -5, ino 4 [ 106.982619][ T4560] usb 5-1: USB disconnect, device number 3 [ 106.992093][ T4960] netlink: 12 bytes leftover after parsing attributes in process `syz.0.224'. [ 107.661241][ T4982] sch_tbf: burst 6758 is lower than device lo mtu (65550) ! [ 107.674398][ T4981] loop1: detected capacity change from 0 to 512 [ 107.817732][ T4981] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.233: invalid indirect mapped block 4294967295 (level 1) [ 107.892815][ T4981] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.233: invalid indirect mapped block 4294967295 (level 1) [ 107.929388][ T4981] EXT4-fs (loop1): 2 truncates cleaned up [ 107.935258][ T4981] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 108.005993][ T4981] EXT4-fs (loop1): shut down requested (2) [ 108.109370][ T4249] EXT4-fs (loop1): unmounting filesystem. [ 108.283714][ T4560] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 108.614781][ T4996] loop1: detected capacity change from 0 to 32768 [ 108.676028][ T4996] JFS: metapage_get_blocks failed [ 108.683996][ T4996] ERROR: (device loop1): release_metapage: write_one_page() failed [ 108.683996][ T4996] [ 108.701901][ T4996] ERROR: (device loop1): remounting filesystem as read-only [ 108.709749][ T4996] JFS: metapage_get_blocks failed [ 108.714993][ T4996] ERROR: (device loop1): release_metapage: write_one_page() failed [ 108.714993][ T4996] [ 108.726991][ T4996] JFS: metapage_get_blocks failed [ 108.732306][ T4996] ERROR: (device loop1): release_metapage: write_one_page() failed [ 108.732306][ T4996] [ 108.743612][ T4996] JFS: metapage_get_blocks failed [ 108.749647][ T4996] ERROR: (device loop1): release_metapage: write_one_page() failed [ 108.749647][ T4996] [ 108.761755][ T4996] JFS: metapage_get_blocks failed [ 108.767125][ T4996] ERROR: (device loop1): release_metapage: write_one_page() failed [ 108.767125][ T4996] [ 108.777959][ T4996] JFS: metapage_get_blocks failed [ 108.783984][ T4996] ERROR: (device loop1): release_metapage: write_one_page() failed [ 108.783984][ T4996] [ 108.794928][ T4996] JFS: metapage_get_blocks failed [ 108.800940][ T4996] ERROR: (device loop1): release_metapage: write_one_page() failed [ 108.800940][ T4996] [ 108.811771][ T4996] JFS: metapage_get_blocks failed [ 108.817166][ T4996] ERROR: (device loop1): release_metapage: write_one_page() failed [ 108.817166][ T4996] [ 108.829342][ T4996] JFS: metapage_get_blocks failed [ 108.835031][ T4996] ERROR: (device loop1): release_metapage: write_one_page() failed [ 108.835031][ T4996] [ 108.845751][ T4996] JFS: metapage_get_blocks failed [ 108.851393][ T4996] ERROR: (device loop1): release_metapage: write_one_page() failed [ 108.851393][ T4996] [ 108.862666][ T4996] JFS: metapage_get_blocks failed [ 108.868208][ T4996] ERROR: (device loop1): release_metapage: write_one_page() failed [ 108.868208][ T4996] [ 108.878839][ T4996] JFS: metapage_get_blocks failed [ 108.884447][ T4996] ERROR: (device loop1): release_metapage: write_one_page() failed [ 108.884447][ T4996] [ 108.895873][ T4996] JFS: metapage_get_blocks failed [ 108.901599][ T4996] ERROR: (device loop1): release_metapage: write_one_page() failed [ 108.901599][ T4996] [ 108.912122][ T4996] JFS: metapage_get_blocks failed [ 108.919141][ T4996] ERROR: (device loop1): release_metapage: write_one_page() failed [ 108.919141][ T4996] [ 108.929861][ T4996] JFS: metapage_get_blocks failed [ 108.935377][ T4996] ERROR: (device loop1): release_metapage: write_one_page() failed [ 108.935377][ T4996] [ 108.946147][ T4996] JFS: metapage_get_blocks failed [ 108.951305][ T4996] ERROR: (device loop1): release_metapage: write_one_page() failed [ 108.951305][ T4996] [ 108.986753][ T4560] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 108.999167][ T4560] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 109.009241][ T4560] usb 4-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 109.019323][ T4560] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.051291][ T4560] usb 4-1: config 0 descriptor?? [ 109.127770][ T107] blkno = 50030, nblocks = 10 [ 109.140615][ T4984] loop4: detected capacity change from 0 to 40427 [ 109.141054][ T107] ERROR: (device loop1): dbUpdatePMap: blocks are outside the map [ 109.141054][ T107] [ 109.172667][ T4984] F2FS-fs (loop4): Small segment_count (9 < 1 * 24) [ 109.188827][ T4984] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 109.231703][ T4986] loop0: detected capacity change from 0 to 40427 [ 109.252681][ T4984] F2FS-fs (loop4): Found nat_bits in checkpoint [ 109.257495][ T4986] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x3ffff [ 109.313492][ T4986] F2FS-fs (loop0): invalid crc value [ 109.340872][ T4986] F2FS-fs (loop0): Found nat_bits in checkpoint [ 109.432861][ T4984] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 109.441642][ T4984] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 109.479400][ T4986] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 109.527746][ T4560] logitech 0003:046D:C29C.0004: hidraw0: USB HID v0.00 Device [HID 046d:c29c] on usb-dummy_hcd.3-1/input0 [ 109.608073][ T4984] syz.4.235: attempt to access beyond end of device [ 109.608073][ T4984] loop4: rw=2049, sector=53248, nr_sectors = 8 limit=40427 [ 109.707404][ T4255] syz-executor: attempt to access beyond end of device [ 109.707404][ T4255] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 109.737506][ T5016] loop2: detected capacity change from 0 to 64 [ 109.789925][ T4259] syz-executor: attempt to access beyond end of device [ 109.789925][ T4259] loop4: rw=2049, sector=40960, nr_sectors = 32 limit=40427 [ 109.893608][ T4560] logitech 0003:046D:C29C.0004: no inputs found [ 109.940047][ T4560] usb 4-1: USB disconnect, device number 3 [ 110.708754][ T5031] loop4: detected capacity change from 0 to 128 [ 111.055931][ T5036] loop0: detected capacity change from 0 to 2048 [ 111.154878][ T5036] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 111.247118][ T5042] netlink: 28 bytes leftover after parsing attributes in process `syz.3.257'. [ 111.514390][ T4255] EXT4-fs (loop0): unmounting filesystem. [ 111.765629][ T5057] netlink: 'syz.0.263': attribute type 12 has an invalid length. [ 111.782605][ T5057] netlink: 'syz.0.263': attribute type 29 has an invalid length. [ 111.794420][ T5057] netlink: 'syz.0.263': attribute type 2 has an invalid length. [ 111.808083][ T5057] netlink: 'syz.0.263': attribute type 2 has an invalid length. [ 111.830919][ T5057] netlink: 'syz.0.263': attribute type 1 has an invalid length. [ 111.851092][ T5057] netlink: 'syz.0.263': attribute type 37 has an invalid length. [ 111.918531][ T5057] netlink: 'syz.0.263': attribute type 2 has an invalid length. [ 111.958788][ T5057] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.007931][ T5057] netlink: 59 bytes leftover after parsing attributes in process `syz.0.263'. [ 112.053366][ T5061] loop4: detected capacity change from 0 to 512 [ 112.076383][ T5063] loop1: detected capacity change from 0 to 512 [ 112.129487][ T5061] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 112.182935][ T5061] EXT4-fs (loop4): orphan cleanup on readonly fs [ 112.203323][ T5063] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 112.230828][ T5061] EXT4-fs (loop4): 1 orphan inode deleted [ 112.251342][ T5063] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 112.251430][ T5061] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 112.261610][ T5063] EXT4-fs error (device loop1): ext4_acquire_dquot:6801: comm syz.1.266: Failed to acquire dquot type 0 [ 112.308675][ T5063] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 112.325029][ T5063] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 112.341310][ T5063] EXT4-fs error (device loop1): ext4_acquire_dquot:6801: comm syz.1.266: Failed to acquire dquot type 0 [ 112.411443][ T5063] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 112.433196][ T4259] EXT4-fs (loop4): unmounting filesystem. [ 112.440181][ T5063] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 112.478834][ T5063] EXT4-fs error (device loop1): ext4_acquire_dquot:6801: comm syz.1.266: Failed to acquire dquot type 0 [ 112.528358][ T5063] EXT4-fs (loop1): 1 orphan inode deleted [ 112.546956][ T5063] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 112.588704][ T4333] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 112.598967][ T5063] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 112.623262][ T5049] loop3: detected capacity change from 0 to 32768 [ 112.667683][ T5063] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 112.692212][ T5063] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 112.708172][ T5063] EXT4-fs error (device loop1): ext4_acquire_dquot:6801: comm syz.1.266: Failed to acquire dquot type 0 [ 112.768810][ T5049] I/O error, dev loop14, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 112.782549][ T4333] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 112.802163][ T5049] lbmIODone: I/O error in JFS log [ 112.810458][ T4333] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.832613][ T5049] *** Log Format Error ! *** [ 112.873399][ T5049] lmLogInit: exit(-22) [ 112.882419][ T4333] usb 3-1: config 0 descriptor?? [ 112.897724][ T4249] EXT4-fs (loop1): unmounting filesystem. [ 112.903890][ T5049] lmLogOpen: exit(-22) [ 112.957658][ T5049] jfs_dirty_inode called on read-only volume [ 112.977383][ T5049] Is remount racy? [ 113.036452][ T5082] loop1: detected capacity change from 0 to 1024 [ 113.093516][ T4333] [drm] vendor descriptor length:6 data:06 5f 01 03 00 00 00 00 00 00 00 [ 113.116914][ T4333] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 113.147087][ T5082] hfsplus: request for non-existent node 3 in B*Tree [ 113.158676][ T5082] hfsplus: request for non-existent node 3 in B*Tree [ 113.200899][ T5084] tap0: tun_chr_ioctl cmd 1074025677 [ 113.228913][ T5084] tap0: linktype set to 773 [ 113.260988][ T5085] hfsplus: bad catalog folder thread [ 113.274356][ T26] audit: type=1800 audit(1732740355.038:5): pid=5082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.272" name="bus" dev="loop1" ino=2 res=0 errno=0 [ 113.303686][ T4333] [drm:udl_init] *ERROR* Selecting channel failed [ 113.364852][ T4333] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2 [ 113.401003][ T4333] [drm] Initialized udl on minor 2 [ 113.431605][ T4333] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 113.474562][ T4333] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 113.528314][ T4333] usb 3-1: USB disconnect, device number 4 [ 113.641974][ T4265] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 113.651862][ T4265] Bluetooth: hci1: Injecting HCI hardware error event [ 113.661765][ T4253] Bluetooth: hci1: hardware error 0x00 [ 113.848655][ T4240] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 114.038602][ T4240] usb 1-1: Using ep0 maxpacket: 16 [ 114.049339][ T4240] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 114.078183][ T4240] usb 1-1: config 0 has no interface number 0 [ 114.102676][ T4240] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 114.116895][ T4240] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 114.138696][ T4240] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 114.155141][ T4240] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 114.176642][ T4240] usb 1-1: Product: syz [ 114.187719][ T4240] usb 1-1: SerialNumber: syz [ 114.198966][ T4240] usb 1-1: config 0 descriptor?? [ 114.219950][ T4240] cm109 1-1:0.8: invalid payload size 0, expected 4 [ 114.238183][ T4240] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input7 [ 114.515071][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 114.529356][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 114.539301][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 114.552242][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 114.559896][ T4240] usb 1-1: USB disconnect, device number 3 [ 114.571732][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 114.580910][ C0] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 114.603147][ T4240] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 114.696863][ T5109] : renamed from bond0 [ 114.696944][ T5107] Zero length message leads to an empty skb [ 114.984248][ T5116] MPI: mpi too large (187712 bits) [ 114.998008][ T5112] loop3: detected capacity change from 0 to 4096 [ 115.059150][ T5112] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 115.198284][ T5112] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 115.287803][ T5112] ntfs3: loop3: mft corrupted [ 115.304255][ T5112] ntfs3: loop3: Failed to load $Extend. [ 115.718777][ T4253] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 116.534297][ T5149] loop3: detected capacity change from 0 to 256 [ 116.575372][ T5129] loop2: detected capacity change from 0 to 32768 [ 116.609643][ T5149] FAT-fs (loop3): Directory bread(block 64) failed [ 116.620096][ T5149] FAT-fs (loop3): Directory bread(block 65) failed [ 116.645856][ T5129] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.290 (5129) [ 116.661284][ T5149] FAT-fs (loop3): Directory bread(block 66) failed [ 116.682348][ T5149] FAT-fs (loop3): Directory bread(block 67) failed [ 116.701494][ T5149] FAT-fs (loop3): Directory bread(block 68) failed [ 116.708199][ T5149] FAT-fs (loop3): Directory bread(block 69) failed [ 116.738317][ T5129] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 116.773008][ T5149] FAT-fs (loop3): Directory bread(block 70) failed [ 116.799058][ T5129] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 116.807902][ T5149] FAT-fs (loop3): Directory bread(block 71) failed [ 116.831843][ T5149] FAT-fs (loop3): Directory bread(block 72) failed [ 116.842913][ T5129] BTRFS info (device loop2): setting nodatacow, compression disabled [ 116.860363][ T5149] FAT-fs (loop3): Directory bread(block 73) failed [ 116.878638][ T5129] BTRFS info (device loop2): setting datacow [ 116.884728][ T5129] BTRFS info (device loop2): doing ref verification [ 116.917248][ T5129] BTRFS info (device loop2): force clearing of disk cache [ 116.942628][ T5129] BTRFS info (device loop2): turning off barriers [ 116.967428][ T5129] BTRFS info (device loop2): enabling ssd optimizations [ 117.001767][ T5129] BTRFS info (device loop2): using spread ssd allocation scheme [ 117.038521][ T5129] BTRFS info (device loop2): setting datasum [ 117.069609][ T5129] BTRFS info (device loop2): using free space tree [ 117.310684][ T5129] BTRFS info (device loop2): rebuilding free space tree [ 117.400012][ T5156] loop0: detected capacity change from 0 to 32768 [ 117.450161][ T5161] loop4: detected capacity change from 0 to 4096 [ 117.518879][ T5156] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 117.530361][ T5161] ntfs: (device loop4): ntfs_is_extended_system_file(): Inode hard link count doesn't match number of name attributes. You should run chkdsk. [ 117.575524][ T5161] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing. [ 117.628984][ T5161] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 117.678644][ T5161] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 117.730246][ T5161] ntfs: volume version 3.1. [ 117.731076][ T26] audit: type=1800 audit(1732740359.508:6): pid=5156 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.302" name="file1" dev="loop0" ino=17058 res=0 errno=0 [ 117.784683][ T26] audit: type=1800 audit(1732740359.558:7): pid=5129 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.290" name="bus" dev="loop2" ino=263 res=0 errno=0 [ 118.023580][ T4255] ocfs2: Unmounting device (7,0) on (node local) [ 118.046761][ T4259] ntfs: (device loop4): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 118.190335][ T4254] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 118.425580][ T5192] tap0: tun_chr_ioctl cmd 1074025677 [ 118.461563][ T5192] tap0: linktype set to 821 [ 118.561143][ T5195] loop0: detected capacity change from 0 to 128 [ 118.702549][ T5195] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 118.734090][ T5195] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 119.075450][ T5202] loop4: detected capacity change from 0 to 4096 [ 119.777706][ T5219] netlink: 8 bytes leftover after parsing attributes in process `syz.3.319'. [ 120.073562][ T5228] netlink: 165 bytes leftover after parsing attributes in process `syz.3.322'. [ 120.850560][ T5246] sctp: [Deprecated]: syz.3.330 (pid 5246) Use of int in maxseg socket option. [ 120.850560][ T5246] Use struct sctp_assoc_value instead [ 120.899637][ T5244] netlink: 8 bytes leftover after parsing attributes in process `syz.4.329'. [ 121.139980][ T5254] loop4: detected capacity change from 0 to 512 [ 121.465300][ T5259] netlink: 4 bytes leftover after parsing attributes in process `syz.1.335'. [ 121.496115][ T5259] device veth1_macvtap left promiscuous mode [ 121.525610][ T5254] EXT4-fs: test_dummy_encryption requires encrypt feature [ 121.695975][ T5254] loop4: detected capacity change from 0 to 1024 [ 121.952245][ T59] hfsplus: b-tree write err: -5, ino 4 [ 122.139648][ T5272] netlink: 4 bytes leftover after parsing attributes in process `syz.4.340'. [ 122.540490][ T5260] loop2: detected capacity change from 0 to 32768 [ 122.571980][ T5260] XFS: ikeep mount option is deprecated. [ 122.689788][ T5260] XFS (loop2): Mounting V5 Filesystem [ 122.848260][ T5268] loop3: detected capacity change from 0 to 32768 [ 122.872027][ T5260] XFS (loop2): Ending clean mount [ 122.931971][ T5260] XFS (loop2): Quotacheck needed: Please wait. [ 122.944951][ T5268] XFS (loop3): Mounting V5 Filesystem [ 123.104127][ T5260] XFS (loop2): Quotacheck: Done. [ 123.117529][ T5302] capability: warning: `syz.0.346' uses 32-bit capabilities (legacy support in use) [ 123.194095][ T5268] XFS (loop3): Ending clean mount [ 123.261029][ T5268] XFS (loop3): Quotacheck needed: Please wait. [ 123.296685][ T4254] XFS (loop2): Unmounting Filesystem [ 123.378220][ T5268] XFS (loop3): Quotacheck: Done. [ 123.599642][ T4260] XFS (loop3): Unmounting Filesystem [ 125.111314][ T5337] loop1: detected capacity change from 0 to 4096 [ 125.120075][ T5339] loop0: detected capacity change from 0 to 2048 [ 125.134159][ T5337] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 125.143880][ T5312] loop2: detected capacity change from 0 to 32768 [ 125.195726][ T5312] JBD2: Ignoring recovery information on journal [ 125.228682][ T5339] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 125.295511][ T5346] loop3: detected capacity change from 0 to 256 [ 125.303419][ T5337] ntfs3: loop1: Inode r=19 is not in use! [ 125.328932][ T5337] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 125.379323][ T5312] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 125.495713][ T5350] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 125.514866][ T5339] syz.0.364: attempt to access beyond end of device [ 125.514866][ T5339] loop0: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 125.650935][ T26] audit: type=1800 audit(1732740367.428:8): pid=5312 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.348" name="file1" dev="loop2" ino=16946 res=0 errno=0 [ 125.842676][ T4254] ocfs2: Unmounting device (7,2) on (node local) [ 126.336082][ T5367] loop1: detected capacity change from 0 to 16 [ 126.419126][ T5367] erofs: (device loop1): mounted with root inode @ nid 36. [ 126.460498][ T5367] syz.1.374: attempt to access beyond end of device [ 126.460498][ T5367] loop1: rw=0, sector=8, nr_sectors = 32 limit=16 [ 126.478092][ T5370] loop3: detected capacity change from 0 to 16 [ 126.497657][ T5349] loop4: detected capacity change from 0 to 32768 [ 126.533575][ T5370] erofs: (device loop3): mounted with root inode @ nid 36. [ 126.544394][ T5349] XFS: ikeep mount option is deprecated. [ 126.575976][ T5370] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 126.590791][ T5370] erofs: (device loop3): z_erofs_read_folio: failed to read, err [-117] [ 126.776355][ T5370] syz.3.377 (5370): drop_caches: 2 [ 126.779619][ T5349] XFS (loop4): Mounting V5 Filesystem [ 126.953827][ T5349] XFS (loop4): Ending clean mount [ 127.035035][ T5349] XFS (loop4): Quotacheck needed: Please wait. [ 127.105872][ T5349] XFS (loop4): Quotacheck: Done. [ 127.210617][ T5363] loop2: detected capacity change from 0 to 32768 [ 127.219148][ T26] audit: type=1326 audit(1732740368.998:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5386 comm="syz.3.381" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb89180809 code=0x0 [ 127.254960][ T5382] ptrace attach of "./syz-executor exec"[5385] was attempted by ""[5382] [ 127.434320][ T5363] ialloc: diAlloc returned -28! [ 127.479498][ T4259] XFS (loop4): Unmounting Filesystem [ 128.371319][ T4553] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 128.564161][ T4553] usb 1-1: Using ep0 maxpacket: 32 [ 128.571439][ T4553] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 128.615657][ T4553] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x2 has an invalid bInterval 129, changing to 11 [ 128.649783][ T4553] usb 1-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 128.685192][ T4553] usb 1-1: config 0 interface 0 has no altsetting 0 [ 128.709618][ T4553] usb 1-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 128.738474][ T4553] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.770192][ T4553] usb 1-1: config 0 descriptor?? [ 128.917148][ T5415] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 128.917148][ T5415] The task syz.2.391 (5415) triggered the difference, watch for misbehavior. [ 129.187915][ T4553] hid-thrustmaster 0003:044F:B65D.0005: unknown main item tag 0x0 [ 129.212337][ T4553] hid-thrustmaster 0003:044F:B65D.0005: unknown main item tag 0x0 [ 129.221107][ T4553] hid-thrustmaster 0003:044F:B65D.0005: unknown main item tag 0x0 [ 129.257307][ T4553] hid-thrustmaster 0003:044F:B65D.0005: unknown main item tag 0x0 [ 129.298506][ T4553] hid-thrustmaster 0003:044F:B65D.0005: unknown main item tag 0x0 [ 129.318989][ T4553] hid-thrustmaster 0003:044F:B65D.0005: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.0-1/input0 [ 129.404701][ T4553] hid-thrustmaster 0003:044F:B65D.0005: setup data couldn't be sent [ 129.415505][ C0] hid-thrustmaster 0003:044F:B65D.0005: URB to get model id failed with error -71 [ 129.456077][ T4553] usb 1-1: USB disconnect, device number 4 [ 129.737337][ T5427] netlink: 4 bytes leftover after parsing attributes in process `syz.3.396'. [ 129.763720][ T5427] device syz_tun entered promiscuous mode [ 129.792471][ T5427] device syz_tun left promiscuous mode [ 130.454993][ T5446] netlink: 8 bytes leftover after parsing attributes in process `syz.4.404'. [ 130.493220][ T5446] netlink: 4 bytes leftover after parsing attributes in process `syz.4.404'. [ 130.594680][ T5448] loop2: detected capacity change from 0 to 16 [ 130.656345][ T5448] erofs: (device loop2): erofs_read_inode: unsupported chunk format 7fff of nid 36 [ 131.215031][ T5461] loop2: detected capacity change from 0 to 128 [ 131.274793][ T5461] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 131.300561][ T5461] ext4 filesystem being mounted at /83/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 131.429308][ T5439] loop3: detected capacity change from 0 to 32768 [ 131.478649][ T5439] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.401 (5439) [ 131.506162][ T5461] fscrypt (loop2, inode 12): Mutually exclusive encryption flags (0x1a) [ 131.531265][ T5439] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 131.608714][ T5439] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 131.656596][ T5439] BTRFS info (device loop3): metadata ratio 4 [ 131.683060][ T5474] loop4: detected capacity change from 0 to 8 [ 131.705858][ T5439] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8) [ 131.760428][ T5439] BTRFS info (device loop3): force lzo compression, level 0 [ 131.783699][ T4254] EXT4-fs (loop2): unmounting filesystem. [ 131.796398][ T5439] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 131.823837][ T5474] SQUASHFS error: lzo decompression failed, data probably corrupt [ 131.869941][ T5439] BTRFS info (device loop3): trying to use backup root at mount time [ 131.890405][ T5474] SQUASHFS error: Failed to read block 0x91: -5 [ 131.913503][ T5439] BTRFS info (device loop3): doing ref verification [ 131.915775][ T5474] SQUASHFS error: Unable to read metadata cache entry [8f] [ 131.955417][ T5439] BTRFS info (device loop3): enabling auto defrag [ 131.959826][ T5474] SQUASHFS error: Unable to read inode 0x11f [ 131.991853][ T5439] BTRFS info (device loop3): disabling tree log [ 132.033853][ T5439] BTRFS info (device loop3): using free space tree [ 132.218860][ T5486] vxcan1: tx address claim with dest, not broadcast [ 132.483230][ T11] BTRFS warning (device loop3): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x26333c6f level 0 [ 132.538885][ T5439] BTRFS warning (device loop3): couldn't read tree root [ 132.546758][ T5439] BTRFS warning (device loop3): try to load backup roots slot 1 [ 132.588906][ T46] BTRFS warning (device loop3): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x78ca8373 level 0 [ 132.633131][ T5439] BTRFS warning (device loop3): couldn't read tree root [ 132.648635][ T5439] BTRFS warning (device loop3): try to load backup roots slot 2 [ 132.676962][ T5439] BTRFS error (device loop3): parent transid verify failed on logical 5255168 mirror 1 wanted 5 found 7 [ 132.728844][ T5439] BTRFS warning (device loop3): couldn't read tree root [ 132.736353][ T5439] BTRFS warning (device loop3): try to load backup roots slot 3 [ 132.837620][ T5439] BTRFS info (device loop3): enabling ssd optimizations [ 132.849092][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.855897][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.885446][ T5493] loop4: detected capacity change from 0 to 32768 [ 132.894279][ T5439] BTRFS info (device loop3): rebuilding free space tree [ 132.976448][ T5493] XFS (loop4): Mounting V5 Filesystem [ 132.994326][ T5439] BTRFS info (device loop3): checking UUID tree [ 133.172398][ T26] audit: type=1800 audit(1732740374.948:10): pid=5439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.401" name="file1" dev="loop3" ino=257 res=0 errno=0 [ 133.202779][ T5493] XFS (loop4): Ending clean mount [ 133.358191][ T4260] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 133.776290][ T4259] XFS (loop4): Unmounting Filesystem [ 134.107313][ T5512] loop2: detected capacity change from 0 to 32768 [ 134.240600][ T5512] XFS (loop2): Mounting V5 Filesystem [ 134.355321][ T5512] XFS (loop2): Ending clean mount [ 134.454332][ T26] audit: type=1800 audit(1732740376.228:11): pid=5512 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.424" name="file1" dev="loop2" ino=7558 res=0 errno=0 [ 134.585049][ T5531] loop3: detected capacity change from 0 to 32768 [ 134.629349][ T4254] XFS (loop2): Unmounting Filesystem [ 134.631936][ T5531] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.426 (5531) [ 134.658613][ T5531] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 134.707597][ T5531] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 134.739295][ T5531] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 134.795511][ T5531] BTRFS info (device loop3): use zstd compression, level 3 [ 134.813042][ T5531] BTRFS info (device loop3): using free space tree [ 135.112378][ T5531] BTRFS info (device loop3): enabling ssd optimizations [ 135.228032][ T5572] netlink: 8 bytes leftover after parsing attributes in process `syz.0.435'. [ 135.545020][ T4260] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 135.776041][ T5574] loop0: detected capacity change from 0 to 4096 [ 135.844237][ T5574] NILFS (loop0): invalid segment: Checksum error in segment payload [ 135.856616][ T5574] NILFS (loop0): trying rollback from an earlier position [ 135.900152][ T5574] NILFS (loop0): recovery complete [ 135.963908][ T5583] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 136.898582][ T5529] usb 1-1: new low-speed USB device number 5 using dummy_hcd [ 136.979728][ T5596] loop1: detected capacity change from 0 to 32768 [ 137.019795][ T5596] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 137.109039][ T5529] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 137.120405][ T5529] usb 1-1: config 0 has no interface number 0 [ 137.126575][ T5529] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 137.138721][ T5529] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 137.168472][ T5529] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 137.177613][ T5529] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.200126][ T5529] usb 1-1: config 0 descriptor?? [ 137.217106][ T4249] ocfs2: Unmounting device (7,1) on (node local) [ 137.225891][ T5603] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 137.291964][ T5529] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 137.520007][ T5529] usb 1-1: USB disconnect, device number 5 [ 137.525932][ C1] iowarrior 1-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19 [ 137.581700][ T5529] iowarrior 1-1:0.1: I/O-Warror #0 now disconnected [ 137.770689][ T5620] loop1: detected capacity change from 0 to 128 [ 137.837321][ T5620] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 137.856318][ T5620] ext4 filesystem being mounted at /95/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 138.097472][ T4249] EXT4-fs (loop1): unmounting filesystem. [ 138.207987][ T5633] loop1: detected capacity change from 0 to 512 [ 138.225811][ T5633] EXT4-fs: Ignoring removed orlov option [ 138.308469][ T5633] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 138.346968][ T5633] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 138.381655][ T5633] EXT4-fs error (device loop1): ext4_acquire_dquot:6801: comm syz.1.458: Failed to acquire dquot type 0 [ 138.431082][ T5633] EXT4-fs (loop1): Remounting filesystem read-only [ 138.439301][ T5633] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 138.456385][ T5633] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 138.467235][ T5633] EXT4-fs error (device loop1): ext4_acquire_dquot:6801: comm syz.1.458: Failed to acquire dquot type 0 [ 138.488996][ T5633] EXT4-fs (loop1): Remounting filesystem read-only [ 138.499813][ T5633] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 138.510508][ T5633] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 138.521239][ T5633] EXT4-fs error (device loop1): ext4_acquire_dquot:6801: comm syz.1.458: Failed to acquire dquot type 0 [ 138.544049][ T5633] EXT4-fs (loop1): Remounting filesystem read-only [ 138.561040][ T5633] EXT4-fs (loop1): 1 orphan inode deleted [ 138.568828][ T5633] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 138.588684][ T5633] ext4 filesystem being mounted at /96/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 138.757267][ T5633] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 138.775471][ T5633] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 138.795012][ T5633] EXT4-fs error (device loop1): ext4_acquire_dquot:6801: comm syz.1.458: Failed to acquire dquot type 0 [ 138.829388][ T5633] EXT4-fs (loop1): Remounting filesystem read-only [ 138.952652][ T5648] loop3: detected capacity change from 0 to 2048 [ 138.994559][ T4249] EXT4-fs (loop1): unmounting filesystem. [ 139.008886][ T4563] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 139.022822][ T5648] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 139.233317][ T4563] usb 3-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 139.267164][ T4563] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 139.295800][ T4563] usb 3-1: Product: syz [ 139.311887][ T4563] usb 3-1: Manufacturer: syz [ 139.337963][ T4563] usb 3-1: SerialNumber: syz [ 139.356453][ T4563] usb 3-1: config 0 descriptor?? [ 139.477141][ T5659] netlink: 'syz.3.470': attribute type 7 has an invalid length. [ 139.604235][ T4563] cx82310_eth: probe of 3-1:0.0 failed with error -22 [ 139.821875][ T5665] loop0: detected capacity change from 0 to 512 [ 139.870502][ T5665] EXT4-fs (loop0): orphan cleanup on readonly fs [ 139.953455][ T5665] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.473: bg 0: block 248: padding at end of block bitmap is not set [ 140.027176][ T4563] cxacru 3-1:0.0: usbatm_usb_probe: bind failed: -19! [ 140.036301][ T5655] loop4: detected capacity change from 0 to 32768 [ 140.044032][ T5669] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.055448][ T5665] Quota error (device loop0): write_blk: dquota write failed [ 140.064962][ T5665] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 140.100176][ T5665] EXT4-fs error (device loop0): ext4_acquire_dquot:6801: comm syz.0.473: Failed to acquire dquot type 1 [ 140.113215][ T5655] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.468 (5655) [ 140.156790][ T5665] EXT4-fs (loop0): 1 truncate cleaned up [ 140.177790][ T5655] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 140.194918][ T5665] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 140.230085][ T5655] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 140.248284][ T4556] usb 3-1: USB disconnect, device number 5 [ 140.278065][ T5665] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 140.298998][ T5655] BTRFS info (device loop4): setting nodatacow, compression disabled [ 140.335073][ T5655] BTRFS info (device loop4): metadata ratio 8 [ 140.367398][ T5655] BTRFS info (device loop4): doing ref verification [ 140.383171][ T5665] EXT4-fs (loop0): re-mounted. Quota mode: writeback. [ 140.395443][ T5655] BTRFS info (device loop4): metadata ratio 32769 [ 140.396273][ T5675] netlink: 8 bytes leftover after parsing attributes in process `syz.1.476'. [ 140.415729][ T5655] BTRFS info (device loop4): turning off barriers [ 140.424322][ T5676] EXT4-fs error (device loop0): ext4_acquire_dquot:6801: comm syz.0.473: Failed to acquire dquot type 1 [ 140.446533][ T5655] BTRFS info (device loop4): enabling ssd optimizations [ 140.469667][ T5655] BTRFS info (device loop4): using spread ssd allocation scheme [ 140.508469][ T5655] BTRFS info (device loop4): turning on barriers [ 140.515142][ T5655] BTRFS info (device loop4): using free space tree [ 140.643740][ T4255] EXT4-fs (loop0): unmounting filesystem. [ 141.056723][ T5708] netlink: 8 bytes leftover after parsing attributes in process `syz.2.483'. [ 141.116631][ T4259] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 141.652090][ T5721] device vlan2 entered promiscuous mode [ 141.666959][ T5723] loop3: detected capacity change from 0 to 512 [ 141.727068][ T5723] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 141.820512][ T5723] EXT4-fs (loop3): Errors on filesystem, clearing orphan list. [ 141.872571][ T5723] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 142.003180][ T5723] EXT4-fs error (device loop3): ext4_add_entry:2486: inode #2: comm syz.3.490: Directory hole found for htree leaf block 0 [ 142.272022][ T4260] EXT4-fs (loop3): unmounting filesystem. [ 142.460006][ T5737] netlink: 12 bytes leftover after parsing attributes in process `syz.4.495'. [ 142.488018][ T5738] loop3: detected capacity change from 0 to 256 [ 142.998786][ T4563] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 143.217559][ T4563] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 143.233581][ T4563] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 143.259777][ T4563] usb 5-1: New USB device found, idVendor=5032, idProduct=0bc7, bcdDevice=9c.bb [ 143.265741][ T5750] netlink: 8 bytes leftover after parsing attributes in process `syz.0.500'. [ 143.293414][ T5750] netlink: 36 bytes leftover after parsing attributes in process `syz.0.500'. [ 143.304561][ T4563] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.335173][ T4563] usb 5-1: config 0 descriptor?? [ 143.367020][ T4563] dvb-usb: found a 'GRAND - USB2.0 DVB-T adapter' in warm state. [ 143.396851][ T4563] dvb-usb: bulk message failed: -90 (3/0) [ 143.422505][ T4563] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 143.482465][ T4563] dvbdev: DVB: registering new adapter (GRAND - USB2.0 DVB-T adapter) [ 143.511633][ T4563] usb 5-1: media controller created [ 143.577035][ T4563] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 143.614322][ T4563] dvb-usb: bulk message failed: -90 (6/0) [ 143.626036][ T4563] dvb-usb: bulk message failed: -90 (6/0) [ 143.632449][ T4563] dvb-usb: no frontend was attached by 'GRAND - USB2.0 DVB-T adapter' [ 143.670407][ T4563] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input9 [ 143.700242][ T4563] dvb-usb: schedule remote query interval to 150 msecs. [ 143.718342][ T4563] dvb-usb: GRAND - USB2.0 DVB-T adapter successfully initialized and connected. [ 143.777608][ T4563] usb 5-1: USB disconnect, device number 4 [ 143.918053][ T5765] loop2: detected capacity change from 0 to 16 [ 143.930065][ T4563] dvb-usb: GRAND - USB2.0 DVB-T adapter successfully deinitialized and disconnected. [ 143.958660][ T5765] erofs: (device loop2): mounted with root inode @ nid 36. [ 144.064550][ T5765] overlayfs: failed to get redirect (-117) [ 144.238632][ T5725] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 144.428548][ T5725] usb 1-1: Using ep0 maxpacket: 8 [ 144.435760][ T5725] usb 1-1: config 0 has no interfaces? [ 144.462029][ T5725] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 144.491993][ T5725] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.514798][ T5725] usb 1-1: Product: syz [ 144.528496][ T5725] usb 1-1: Manufacturer: syz [ 144.548551][ T5725] usb 1-1: SerialNumber: syz [ 144.578181][ T5725] usb 1-1: config 0 descriptor?? [ 144.777100][ T5777] loop2: detected capacity change from 0 to 512 [ 144.817315][ T5725] usb 1-1: USB disconnect, device number 6 [ 144.888927][ T5777] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 144.909579][ T5777] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 144.924258][ T5775] loop4: detected capacity change from 0 to 8192 [ 144.949855][ T5775] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 145.030500][ T5775] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 145.040366][ T5775] REISERFS (device loop4): using ordered data mode [ 145.046983][ T5775] reiserfs: using flush barriers [ 145.066587][ T5777] EXT4-fs error (device loop2): ext4_map_blocks:634: inode #2: block 18: comm syz.2.513: lblock 23 mapped to illegal pblock 18 (length 1) [ 145.072647][ T5763] loop1: detected capacity change from 0 to 40427 [ 145.103270][ T5763] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 145.118575][ T5763] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 145.125526][ T5775] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 145.145476][ T5775] REISERFS (device loop4): checking transaction log (loop4) [ 145.164408][ T5763] F2FS-fs (loop1): invalid crc value [ 145.209203][ T5763] F2FS-fs (loop1): Found nat_bits in checkpoint [ 145.257382][ T4254] EXT4-fs (loop2): unmounting filesystem. [ 145.444758][ T5763] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 145.463250][ T5763] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 145.467113][ T5775] REISERFS (device loop4): Using tea hash to sort names [ 145.514417][ T5775] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 145.843717][ T4249] syz-executor: attempt to access beyond end of device [ 145.843717][ T4249] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 146.138744][ T5725] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 146.328704][ T5725] usb 4-1: Using ep0 maxpacket: 32 [ 146.337217][ T5725] usb 4-1: config 0 has an invalid interface number: 51 but max is 0 [ 146.347135][ T4856] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 146.376694][ T5725] usb 4-1: config 0 has no interface number 0 [ 146.387938][ T5725] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 146.398696][ T5725] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 146.406742][ T5725] usb 4-1: Product: syz [ 146.418627][ T5725] usb 4-1: Manufacturer: syz [ 146.428743][ T5725] usb 4-1: SerialNumber: syz [ 146.435722][ T5725] usb 4-1: config 0 descriptor?? [ 146.445544][ T5725] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 146.541517][ T4856] usb 3-1: config 0 has an invalid interface number: 148 but max is 0 [ 146.560352][ T4856] usb 3-1: config 0 has no interface number 0 [ 146.576960][ T4856] usb 3-1: config 0 interface 148 has no altsetting 0 [ 146.600725][ T4856] usb 3-1: New USB device found, idVendor=0403, idProduct=f06a, bcdDevice=12.d9 [ 146.630565][ T4856] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 146.650595][ T4856] usb 3-1: Product: syz [ 146.654969][ T4856] usb 3-1: Manufacturer: syz [ 146.664611][ T4856] usb 3-1: SerialNumber: syz [ 146.679173][ T5725] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 146.692117][ T4856] usb 3-1: config 0 descriptor?? [ 146.707738][ T5725] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 146.907318][ T4856] ftdi_sio 3-1:0.148: FTDI USB Serial Device converter detected [ 146.928954][ T4856] ftdi_sio ttyUSB2: unknown device type: 0x12d9 [ 146.951745][ T4856] usb 3-1: USB disconnect, device number 6 [ 146.972681][ T4856] ftdi_sio 3-1:0.148: device disconnected [ 147.105432][ C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 147.106362][ T4563] usb 4-1: USB disconnect, device number 4 [ 147.132190][ T4563] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 147.156875][ T4563] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 147.176432][ T4563] quatech2 4-1:0.51: device disconnected [ 147.248725][ T4240] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 147.451363][ T4240] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 147.466165][ T4240] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 147.493940][ T4240] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 147.523674][ T4240] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 147.533279][ T4240] usb 2-1: SerialNumber: syz [ 147.762575][ T4240] usb 2-1: 0:2 : does not exist [ 147.798764][ T4265] Bluetooth: hci5: command 0x1003 tx timeout [ 147.799204][ T4253] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 147.847402][ T4240] usb 2-1: USB disconnect, device number 3 [ 148.105857][ T951] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 148.202512][ T4881] udevd[4881]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 148.348096][ T951] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 148.389931][ T951] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.434906][ T951] usb 4-1: config 0 descriptor?? [ 148.475754][ T951] cp210x 4-1:0.0: cp210x converter detected [ 148.595100][ T5851] loop1: detected capacity change from 0 to 2048 [ 148.764675][ T5851] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 148.866171][ T5851] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 149.013070][ T5851] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 15 with max blocks 1 with error 28 [ 149.057878][ T5851] EXT4-fs (loop1): This should not happen!! Data will be lost [ 149.057878][ T5851] [ 149.067694][ T951] cp210x 4-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 149.067771][ T951] cp210x 4-1:0.0: GPIO initialisation failed: -71 [ 149.083145][ T951] usb 4-1: cp210x converter now attached to ttyUSB0 [ 149.111702][ T951] usb 4-1: USB disconnect, device number 5 [ 149.177596][ T951] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 149.199105][ T951] cp210x 4-1:0.0: device disconnected [ 149.219299][ T5851] EXT4-fs (loop1): Total free blocks count 0 [ 149.225358][ T5851] EXT4-fs (loop1): Free/Dirty block details [ 149.270454][ T5851] EXT4-fs (loop1): free_blocks=2415919104 [ 149.295476][ T5851] EXT4-fs (loop1): dirty_blocks=16 [ 149.343256][ T5851] EXT4-fs (loop1): Block reservation details [ 149.361144][ T5851] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 149.569746][ T4249] EXT4-fs (loop1): unmounting filesystem. [ 149.735327][ T4253] Bluetooth: hci2: link tx timeout [ 149.741213][ T4253] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 149.831902][ T5881] netlink: 8 bytes leftover after parsing attributes in process `syz.3.550'. [ 149.984771][ T4253] Bluetooth: hci2: link tx timeout [ 149.990583][ T4253] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 150.033168][ T4253] Bluetooth: hci2: link tx timeout [ 150.039219][ T4253] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 150.148607][ T4563] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 150.348664][ T4563] usb 2-1: Using ep0 maxpacket: 8 [ 150.361442][ T4563] usb 2-1: config 1 has an invalid interface number: 6 but max is 0 [ 150.390115][ T4563] usb 2-1: config 1 has no interface number 0 [ 150.396465][ T4253] Bluetooth: hci2: link tx timeout [ 150.401766][ T4253] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 150.411182][ T4253] Bluetooth: hci2: link tx timeout [ 150.416666][ T4253] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 150.425152][ T5898] loop2: detected capacity change from 0 to 128 [ 150.447203][ T4563] usb 2-1: New USB device found, idVendor=082d, idProduct=0300, bcdDevice=c3.4b [ 150.466514][ T5898] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 150.475790][ T4563] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.485000][ T4563] usb 2-1: Product: syz [ 150.489656][ T4563] usb 2-1: Manufacturer: syz [ 150.494637][ T4563] usb 2-1: SerialNumber: syz [ 150.530641][ T5898] ext4 filesystem being mounted at /114/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 150.713023][ T4563] usb 2-1: palm_os_4_probe - error -71 getting connection info [ 150.734311][ T4563] visor 2-1:1.6: Handspring Visor / Palm OS converter detected [ 150.776719][ T4563] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 150.807931][ T4563] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 150.821991][ T4563] usb 2-1: USB disconnect, device number 4 [ 150.855031][ T4563] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 150.882561][ T4563] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 150.894217][ T4563] visor 2-1:1.6: device disconnected [ 150.940140][ T4254] EXT4-fs (loop2): unmounting filesystem. [ 151.275861][ T5921] loop4: detected capacity change from 0 to 164 [ 151.487140][ T4253] Bluetooth: hci2: link tx timeout [ 151.493814][ T4253] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 151.607225][ T5932] loop0: detected capacity change from 0 to 128 [ 151.611404][ T5925] loop3: detected capacity change from 0 to 8192 [ 151.705476][ T5932] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 151.798530][ T4253] Bluetooth: hci2: command 0x0406 tx timeout [ 151.831223][ T4265] Bluetooth: hci2: link tx timeout [ 151.836621][ T4265] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 151.888302][ T5932] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 151.914995][ T4265] Bluetooth: hci2: link tx timeout [ 151.928676][ T4265] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 151.960128][ T4265] Bluetooth: hci2: link tx timeout [ 151.965318][ T4265] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 151.988509][ T5938] loop4: detected capacity change from 0 to 8192 [ 152.018169][ T5938] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 152.033451][ T5938] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 152.048775][ T5938] REISERFS (device loop4): using ordered data mode [ 152.055467][ T5938] reiserfs: using flush barriers [ 152.148689][ T5938] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 152.221068][ T5947] loop3: detected capacity change from 0 to 64 [ 152.229144][ T5938] REISERFS (device loop4): checking transaction log (loop4) [ 152.265804][ T5938] REISERFS (device loop4): Using r5 hash to sort names [ 152.339175][ T5938] reiserfs: enabling write barrier flush mode [ 152.346757][ T4255] EXT4-fs (loop0): unmounting filesystem. [ 152.434300][ T5938] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 152.499712][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 152.499729][ T26] audit: type=1800 audit(1732740394.278:12): pid=5938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.565" name="bus" dev="loop4" ino=2 res=0 errno=0 [ 153.662570][ T5964] loop2: detected capacity change from 0 to 32768 [ 153.728232][ T5964] I/O error, dev loop14, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 153.768367][ T5964] lbmIODone: I/O error in JFS log [ 153.794846][ T5964] *** Log Format Error ! *** [ 153.801909][ T5964] lmLogInit: exit(-22) [ 153.818109][ T5964] lmLogOpen: exit(-22) [ 153.830742][ T5989] loop4: detected capacity change from 0 to 2048 [ 153.938557][ T951] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 153.938797][ T5989] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 153.955704][ T5989] ext4 filesystem being mounted at /110/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 154.087640][ T5983] loop0: detected capacity change from 0 to 32768 [ 154.143817][ T4259] EXT4-fs (loop4): unmounting filesystem. [ 154.180590][ T951] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 154.222590][ T951] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 154.264214][ T951] usb 4-1: New USB device found, idVendor=3305, idProduct=01ed, bcdDevice= 0.00 [ 154.283916][ T951] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.307295][ T951] usb 4-1: config 0 descriptor?? [ 154.588613][ T4856] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 154.721459][ T6002] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 154.733568][ T951] hid (null): nested delimiters [ 154.742612][ T951] hid-generic 0003:3305:01ED.0006: nested delimiters [ 154.750149][ T951] hid-generic 0003:3305:01ED.0006: item 0 1 2 10 parsing failed [ 154.759538][ T951] hid-generic: probe of 0003:3305:01ED.0006 failed with error -22 [ 154.778756][ T4856] usb 5-1: Using ep0 maxpacket: 32 [ 154.786646][ T4856] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 154.811725][ T4856] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 154.821529][ T4856] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 154.830585][ T4856] usb 5-1: Product: syz [ 154.835021][ T4856] usb 5-1: Manufacturer: syz [ 154.844771][ T4856] usb 5-1: SerialNumber: syz [ 154.865615][ T4856] usb 5-1: config 0 descriptor?? [ 154.871701][ T5997] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 154.941100][ T5999] loop2: detected capacity change from 0 to 32768 [ 154.959843][ T4856] usb 4-1: USB disconnect, device number 6 [ 154.995246][ T5999] XFS (loop2): DAX unsupported by block device. Turning off DAX. [ 155.004717][ T4265] Bluetooth: hci2: link tx timeout [ 155.009942][ T4265] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 155.015801][ T5999] XFS (loop2): Mounting V5 Filesystem [ 155.049109][ T5999] XFS (loop2): Ending clean mount [ 155.056616][ T5999] XFS (loop2): Quotacheck needed: Please wait. [ 155.095479][ T5999] XFS (loop2): Quotacheck: Done. [ 155.160213][ T26] audit: type=1804 audit(1732740396.928:13): pid=5999 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.592" name="/newroot/122/file0/bus" dev="loop2" ino=4428 res=1 errno=0 [ 155.189061][ T4563] usb 5-1: USB disconnect, device number 5 [ 155.233868][ T4254] XFS (loop2): Unmounting Filesystem [ 155.712535][ T6023] loop1: detected capacity change from 0 to 256 [ 155.750057][ T6023] exfat: Deprecated parameter 'utf8' [ 155.784143][ T6023] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 155.896762][ T6028] netlink: 8 bytes leftover after parsing attributes in process `syz.0.601'. [ 155.960363][ T4265] Bluetooth: hci2: link tx timeout [ 155.965583][ T4265] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 156.203193][ T6030] loop3: detected capacity change from 0 to 8192 [ 156.267308][ T6030] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 156.291863][ T6040] device netdevsim0 entered promiscuous mode [ 156.337855][ T6040] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 156.391034][ T6042] loop4: detected capacity change from 0 to 512 [ 156.433414][ T6042] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 156.489229][ T6042] EXT4-fs (loop4): invalid journal inode [ 156.495013][ T6042] EXT4-fs (loop4): can't get journal size [ 156.637479][ T6042] EXT4-fs (loop4): 1 truncate cleaned up [ 156.708869][ T6042] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 156.906280][ T4265] Bluetooth: hci2: link tx timeout [ 156.911916][ T4265] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 156.929659][ T46] wlan1: Trigger new scan to find an IBSS to join [ 156.962901][ T6056] loop2: detected capacity change from 0 to 512 [ 157.022410][ T6056] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.613: invalid indirect mapped block 256 (level 2) [ 157.076323][ T4259] EXT4-fs (loop4): unmounting filesystem. [ 157.092170][ T6056] EXT4-fs (loop2): 2 truncates cleaned up [ 157.098087][ T6056] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 157.296438][ T4254] EXT4-fs (loop2): unmounting filesystem. [ 157.762760][ T6053] loop3: detected capacity change from 0 to 32768 [ 157.822457][ T6053] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop3 scanned by syz.3.611 (6053) [ 157.866359][ T6073] loop4: detected capacity change from 0 to 4096 [ 157.956795][ T6053] BTRFS info (device loop3): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 157.988249][ T6053] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 158.012392][ T6053] BTRFS info (device loop3): using free space tree [ 158.021543][ T6079] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 158.288345][ T6053] BTRFS info (device loop3): enabling ssd optimizations [ 158.652807][ T4265] Bluetooth: hci2: link tx timeout [ 158.657995][ T4265] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 158.787603][ T4260] BTRFS info (device loop3): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 159.297457][ T6100] loop1: detected capacity change from 0 to 40427 [ 159.307461][ T6100] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 159.321170][ T6100] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 159.413614][ T6100] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 159.514887][ T6120] loop3: detected capacity change from 0 to 16 [ 159.568881][ T6120] erofs: (device loop3): mounted with root inode @ nid 36. [ 159.631490][ T6120] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 159.674021][ T6120] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 159.703191][ T6120] erofs: (device loop3): z_erofs_read_folio: failed to read, err [-117] [ 159.712709][ T6100] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 159.731448][ T6100] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 159.946017][ T4265] Bluetooth: hci2: link tx timeout [ 159.951391][ T4265] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 159.966665][ T4265] Bluetooth: hci2: link tx timeout [ 159.971925][ T4265] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 160.044116][ T4249] syz-executor: attempt to access beyond end of device [ 160.044116][ T4249] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 160.324697][ T6143] loop0: detected capacity change from 0 to 2048 [ 160.449441][ T6143] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 160.528533][ T6139] loop2: detected capacity change from 0 to 32768 [ 160.589690][ T6139] find_entry called with index >= next_index [ 160.624469][ T6143] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 160.650040][ T6139] find_entry called with index >= next_index [ 160.670105][ T6139] find_entry called with index >= next_index [ 160.691463][ T6139] find_entry called with index >= next_index [ 160.707636][ T6143] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 160.715571][ T6139] find_entry called with index >= next_index [ 160.767845][ T6143] EXT4-fs (loop0): This should not happen!! Data will be lost [ 160.767845][ T6143] [ 160.801247][ T6139] jfs: Unrecognized mount option " Z* m.Dc8'@C9G9?9S{1Jլ5 æԌqqY糔" or missing value [ 160.848196][ T6143] EXT4-fs (loop0): Total free blocks count 0 [ 160.864572][ T6143] EXT4-fs (loop0): Free/Dirty block details [ 160.871177][ T6139] find_entry called with index >= next_index [ 160.896382][ T6139] find_entry called with index >= next_index [ 160.900711][ T6143] EXT4-fs (loop0): free_blocks=2415919104 [ 160.938248][ T6143] EXT4-fs (loop0): dirty_blocks=16 [ 160.948580][ T6143] EXT4-fs (loop0): Block reservation details [ 160.966873][ T6143] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 160.998243][ T6151] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 161.401789][ T5529] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 161.598511][ T5529] usb 5-1: Using ep0 maxpacket: 32 [ 161.608946][ T5529] usb 5-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 161.628302][ T5529] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 161.630929][ T6180] syz.3.656 uses obsolete (PF_INET,SOCK_PACKET) [ 161.645832][ T5529] usb 5-1: Product: syz [ 161.662906][ T5529] usb 5-1: Manufacturer: syz [ 161.687836][ T5529] usb 5-1: SerialNumber: syz [ 161.714503][ T5529] usb 5-1: config 0 descriptor?? [ 161.879552][ T4309] wlan1: Trigger new scan to find an IBSS to join [ 161.961880][ T4265] Bluetooth: hci2: link tx timeout [ 161.967243][ T4265] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 162.342022][ T5529] (unnamed net_device) (uninitialized): Assigned a random MAC address: 4a:ec:1d:3f:c6:fd [ 162.375712][ T6196] loop3: detected capacity change from 0 to 4096 [ 162.448908][ T6196] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512) [ 162.471074][ T5529] rtl8150 5-1:0.0: eth1: rtl8150 is detected [ 162.487034][ T5529] usb 5-1: USB disconnect, device number 6 [ 162.859566][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 162.867868][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 163.510494][ T4265] Bluetooth: hci2: link tx timeout [ 163.516099][ T4265] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 163.632115][ T6230] loop0: detected capacity change from 0 to 4096 [ 163.824332][ T6237] loop2: detected capacity change from 0 to 4096 [ 163.924758][ T6204] loop1: detected capacity change from 0 to 32768 [ 164.141165][ T4255] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22. [ 164.148228][ T4255] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 164.740886][ T6271] loop3: detected capacity change from 0 to 1024 [ 164.847984][ T6271] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 164.890087][ T6271] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 165.193560][ T4260] EXT4-fs (loop3): unmounting filesystem. [ 165.503851][ T6297] loop3: detected capacity change from 0 to 2048 [ 165.533144][ T6297] EXT4-fs: Ignoring removed nobh option [ 165.578131][ T6297] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 165.727329][ T4260] EXT4-fs (loop3): unmounting filesystem. [ 165.811627][ T4265] Bluetooth: hci2: link tx timeout [ 165.816958][ T4265] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 165.825170][ T4265] Bluetooth: hci2: link tx timeout [ 165.831754][ T4265] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 165.920466][ T6309] loop4: detected capacity change from 0 to 2048 [ 165.979738][ T6309] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 165.996332][ T6288] mmap: syz.0.689 (6288) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 166.072812][ T6309] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 166.148919][ T6309] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 3 with error 28 [ 166.195393][ T6309] EXT4-fs (loop4): This should not happen!! Data will be lost [ 166.195393][ T6309] [ 166.231644][ T6309] EXT4-fs (loop4): Total free blocks count 0 [ 166.247219][ T6309] EXT4-fs (loop4): Free/Dirty block details [ 166.284909][ T6309] EXT4-fs (loop4): free_blocks=2415919104 [ 166.315243][ T6309] EXT4-fs (loop4): dirty_blocks=16 [ 166.331155][ T6309] EXT4-fs (loop4): Block reservation details [ 166.357165][ T6309] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 166.526336][ T11] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 166.800056][ T6305] loop2: detected capacity change from 0 to 32768 [ 166.897618][ T6305] XFS (loop2): Mounting V5 Filesystem [ 167.039882][ T6305] XFS (loop2): Ending clean mount [ 167.054000][ T6305] XFS (loop2): Quotacheck needed: Please wait. [ 167.153348][ T6305] XFS (loop2): Quotacheck: Done. [ 167.382611][ T4254] XFS (loop2): Unmounting Filesystem [ 167.561750][ T6356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.584790][ T6356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.616216][ T6356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.660100][ T6356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.688673][ T6356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.697108][ T6356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.719917][ T6350] loop1: detected capacity change from 0 to 32768 [ 167.795481][ T6356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.807884][ T6350] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 167.821125][ T6356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.855520][ T26] audit: type=1800 audit(1732740409.628:14): pid=6350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.706" name="file1" dev="loop1" ino=17058 res=0 errno=0 [ 167.885525][ T6356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.905325][ T6356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 168.055780][ T4249] ocfs2: Unmounting device (7,1) on (node local) [ 168.498540][ T4296] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 168.708816][ T4296] usb 5-1: Using ep0 maxpacket: 32 [ 168.728041][ T4296] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 168.757926][ T4296] usb 5-1: config 0 has no interface number 0 [ 168.766493][ T4296] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 168.783537][ T4296] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 168.795885][ T4296] usb 5-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 168.811575][ T4296] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 168.836579][ T4296] usb 5-1: config 0 descriptor?? [ 169.274875][ T6388] loop1: detected capacity change from 0 to 4096 [ 169.462903][ T4296] input: HID 28bd:0094 Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.1/0003:28BD:0094.0007/input/input10 [ 169.648531][ T4296] uclogic 0003:28BD:0094.0007: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.4-1/input1 [ 169.722386][ T4296] usb 5-1: USB disconnect, device number 7 [ 169.780463][ T6384] loop0: detected capacity change from 0 to 32768 [ 169.903346][ T6384] XFS (loop0): Mounting V5 Filesystem [ 170.057389][ T6384] XFS (loop0): Ending clean mount [ 170.088095][ T6384] XFS (loop0): Quotacheck needed: Please wait. [ 170.163676][ T6384] XFS (loop0): Quotacheck: Done. [ 170.443059][ T4255] XFS (loop0): Unmounting Filesystem [ 170.461901][ T6411] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.555871][ T4249] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22. [ 170.577886][ T4249] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 170.805606][ T6418] loop3: detected capacity change from 0 to 764 [ 171.672901][ T6446] loop2: detected capacity change from 0 to 64 [ 171.762893][ T6450] loop0: detected capacity change from 0 to 64 [ 171.815812][ T6450] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. leaving read-only. [ 172.679641][ T6472] netlink: 8 bytes leftover after parsing attributes in process `syz.1.760'. [ 173.061227][ T6486] loop1: detected capacity change from 0 to 164 [ 173.098082][ T6486] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 173.301770][ T6490] loop0: detected capacity change from 0 to 2048 [ 173.430544][ T6490] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 173.469220][ T6490] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 173.487583][ T6490] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 16383 with max blocks 1 with error 28 [ 173.501456][ T6490] EXT4-fs (loop0): This should not happen!! Data will be lost [ 173.501456][ T6490] [ 173.511939][ T6490] EXT4-fs (loop0): Total free blocks count 0 [ 173.518925][ T6490] EXT4-fs (loop0): Free/Dirty block details [ 173.526947][ T6490] EXT4-fs (loop0): free_blocks=2415919104 [ 173.535667][ T6490] EXT4-fs (loop0): dirty_blocks=16 [ 173.541845][ T6490] EXT4-fs (loop0): Block reservation details [ 173.548086][ T6490] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 173.627238][ T6492] loop2: detected capacity change from 0 to 4096 [ 173.700358][ T4255] EXT4-fs (loop0): unmounting filesystem. [ 173.992387][ T4254] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22. [ 174.012786][ T4254] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 175.185547][ T6535] loop6: detected capacity change from 0 to 524287999 [ 175.232127][ T59] loop: Write error at byte offset 1, length 4096. [ 175.250873][ C0] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 175.250915][ C0] Buffer I/O error on dev loop6, logical block 0, lost async page write [ 175.921923][ T6529] loop0: detected capacity change from 0 to 40427 [ 175.974659][ T6529] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x3ffff [ 176.034650][ T6529] F2FS-fs (loop0): invalid crc value [ 176.101111][ T6529] F2FS-fs (loop0): Found nat_bits in checkpoint [ 176.224274][ T6563] loop1: detected capacity change from 0 to 2048 [ 176.313734][ T6529] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 176.314607][ T6563] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 176.464913][ T26] audit: type=1804 audit(1732740418.238:15): pid=6529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.784" name="/newroot/163/file0/file0" dev="loop0" ino=10 res=1 errno=0 [ 176.509909][ T4255] syz-executor: attempt to access beyond end of device [ 176.509909][ T4255] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 176.586863][ T6581] netlink: 64859 bytes leftover after parsing attributes in process `syz.2.803'. [ 176.650982][ T4249] EXT4-fs (loop1): unmounting filesystem. [ 176.708829][ T5529] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 176.730608][ T6583] vim2m vim2m.0: vidioc_s_fmt queue busy [ 176.940661][ T5529] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 176.964494][ T5529] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 177.018681][ T5529] usb 4-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 177.058569][ T5529] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 177.061195][ T6595] netlink: 'syz.2.812': attribute type 12 has an invalid length. [ 177.075547][ T6595] netlink: 'syz.2.812': attribute type 3 has an invalid length. [ 177.086522][ T6595] netlink: 220 bytes leftover after parsing attributes in process `syz.2.812'. [ 177.089782][ T5529] usb 4-1: config 0 descriptor?? [ 177.499094][ T6601] netlink: 56 bytes leftover after parsing attributes in process `syz.4.814'. [ 177.567426][ T5529] magicmouse 0003:05AC:0265.0008: unknown main item tag 0x0 [ 177.595631][ T5529] magicmouse 0003:05AC:0265.0008: unknown main item tag 0x0 [ 177.621978][ T5529] magicmouse 0003:05AC:0265.0008: unknown main item tag 0x0 [ 177.663463][ T5529] magicmouse 0003:05AC:0265.0008: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.3-1/input0 [ 177.711165][ T5529] magicmouse 0003:05AC:0265.0008: magicmouse input not registered [ 177.722912][ T6607] loop2: detected capacity change from 0 to 4096 [ 177.753753][ T5529] magicmouse: probe of 0003:05AC:0265.0008 failed with error -12 [ 177.790898][ T6607] ntfs: (device loop2): check_mft_mirror(): $MFT and $MFTMirr (record 2) do not match. Run ntfsfix or chkdsk. [ 177.827511][ T5529] usb 4-1: USB disconnect, device number 7 [ 177.829222][ T6607] ntfs: (device loop2): load_system_files(): $MFTMirr does not match $MFT. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 177.899941][ T6607] ntfs: (device loop2): ntfs_attr_find(): Inode is corrupt. Run chkdsk. [ 177.936827][ T6607] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 177.988482][ T6607] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 178.016905][ T6607] ntfs: volume version 3.1. [ 178.028809][ T6607] ntfs: (device loop2): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 178.048552][ T6607] ntfs: (device loop2): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 178.048836][ T4308] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 178.190616][ T6621] loop1: detected capacity change from 0 to 1024 [ 178.212044][ T6621] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 178.248774][ T6621] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869) [ 178.279458][ T6621] EXT4-fs (loop1): invalid journal inode [ 178.283991][ T4308] usb 1-1: Using ep0 maxpacket: 32 [ 178.285271][ T6621] EXT4-fs (loop1): can't get journal size [ 178.300881][ T4308] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 178.331456][ T4308] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 178.345843][ T4308] usb 1-1: New USB device found, idVendor=056a, idProduct=033e, bcdDevice= 0.00 [ 178.350345][ T6621] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 178.355299][ T4308] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.374605][ T4308] usb 1-1: config 0 descriptor?? [ 178.433855][ T6621] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 37: comm syz.1.824: path /154/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 178.508565][ T6621] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 3: comm syz.1.824: path /154/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=511, rec_len=65535, size=1024 fake=0 [ 178.546207][ T6631] loop4: detected capacity change from 0 to 512 [ 178.602203][ T6631] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 178.630675][ T4249] EXT4-fs (loop1): unmounting filesystem. [ 178.719895][ T6631] fs-verity: sha256 using implementation "sha256-avx2" [ 178.739772][ T6631] EXT4-fs warning (device loop4): ext4_begin_enable_verity:137: inode #13: comm syz.4.828: verity is only allowed on extent-based files [ 178.793172][ T4308] wacom 0003:056A:033E.0009: unknown main item tag 0x0 [ 178.829377][ T4308] wacom 0003:056A:033E.0009: unknown main item tag 0x0 [ 178.839503][ T4308] wacom 0003:056A:033E.0009: unknown main item tag 0x0 [ 178.854317][ T4259] EXT4-fs (loop4): unmounting filesystem. [ 178.856695][ T4308] wacom 0003:056A:033E.0009: unknown main item tag 0x0 [ 178.877565][ T4308] wacom 0003:056A:033E.0009: unknown main item tag 0x0 [ 178.885606][ T4308] wacom 0003:056A:033E.0009: Unknown device_type for 'HID 056a:033e'. Assuming pen. [ 178.911290][ T4308] wacom 0003:056A:033E.0009: hidraw0: USB HID vff.ff Device [HID 056a:033e] on usb-dummy_hcd.0-1/input0 [ 178.960792][ T4308] input: Wacom Intuos PT M 2 Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:033E.0009/input/input11 [ 179.099313][ T4308] usb 1-1: USB disconnect, device number 7 [ 179.230421][ T6642] loop1: detected capacity change from 0 to 2048 [ 179.351627][ T6645] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 179.562272][ T6645] NILFS (loop1): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 179.614081][ T6645] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=4) [ 179.671428][ T6645] Remounting filesystem read-only [ 179.676603][ T4685] NILFS (loop1): discard dirty page: offset=4096, ino=6 [ 179.688629][ T4685] NILFS (loop1): discard dirty block: blocknr=39, size=1024 [ 179.690721][ T6655] netlink: 4 bytes leftover after parsing attributes in process `syz.3.835'. [ 179.706677][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 179.745884][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 179.771334][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 179.782320][ T4685] NILFS (loop1): discard dirty page: offset=0, ino=2 [ 179.790760][ T4685] NILFS (loop1): discard dirty block: blocknr=18, size=1024 [ 179.817037][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 179.835753][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 179.872928][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 179.899824][ T4685] NILFS (loop1): discard dirty page: offset=0, ino=3 [ 179.919537][ T4685] NILFS (loop1): discard dirty block: blocknr=42, size=1024 [ 179.934327][ T4265] Bluetooth: hci2: link tx timeout [ 179.939645][ T4265] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 179.981504][ T4685] NILFS (loop1): discard dirty block: blocknr=43, size=1024 [ 180.059286][ T4685] NILFS (loop1): discard dirty block: blocknr=44, size=1024 [ 180.098428][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 180.130334][ T4685] NILFS (loop1): discard dirty page: offset=65536, ino=3 [ 180.137426][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 180.152089][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 180.198646][ T4685] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 180.218848][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 180.248452][ T4685] NILFS (loop1): discard dirty page: offset=196608, ino=3 [ 180.276098][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 180.288624][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 180.348415][ T4685] NILFS (loop1): discard dirty block: blocknr=49, size=1024 [ 180.384527][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 180.417761][ T4685] NILFS (loop1): discard dirty page: offset=0, ino=18 [ 180.433904][ T4685] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 180.444903][ T6672] loop0: detected capacity change from 0 to 256 [ 180.454314][ T4685] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 180.472099][ T4685] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 180.488448][ T4685] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 180.537707][ T4685] NILFS (loop1): discard dirty page: offset=4096, ino=18 [ 180.537781][ T6672] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 180.546117][ T4685] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 180.588445][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 180.597444][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 180.664877][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 180.696215][ T4685] NILFS (loop1): discard dirty page: offset=0, ino=5 [ 180.723104][ T4685] NILFS (loop1): discard dirty block: blocknr=41, size=1024 [ 180.765944][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 180.791371][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 180.828481][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 180.856948][ T4685] NILFS (loop1): discard dirty page: offset=0, ino=4 [ 180.871805][ T4685] NILFS (loop1): discard dirty block: blocknr=40, size=1024 [ 180.906016][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 180.936968][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 180.958575][ T4685] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 180.986471][ T4249] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer [ 181.035016][ T4249] NILFS (loop1): discard dirty page: offset=0, ino=6 [ 181.043613][ T4249] NILFS (loop1): discard dirty block: blocknr=35, size=1024 [ 181.055782][ T4249] NILFS (loop1): discard dirty block: blocknr=36, size=1024 [ 181.065211][ T4249] NILFS (loop1): discard dirty block: blocknr=37, size=1024 [ 181.076098][ T6681] overlayfs: conflicting lowerdir path [ 181.086035][ T4249] NILFS (loop1): discard dirty block: blocknr=38, size=1024 [ 181.542030][ T6696] loop2: detected capacity change from 0 to 128 [ 181.674928][ T6698] loop1: detected capacity change from 0 to 2048 [ 181.742165][ T6698] loop1: p1 < > p4 [ 181.779772][ T6698] loop1: p4 size 8388608 extends beyond EOD, truncated [ 181.921056][ T6704] syz.2.856: attempt to access beyond end of device [ 181.921056][ T6704] loop2: rw=2049, sector=225, nr_sectors = 128 limit=128 [ 181.991129][ T4249] __loop_clr_fd: partition scan of loop1 failed (rc=-16) [ 181.999992][ T4881] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 182.010385][ T4340] I/O error, dev loop1, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 182.048891][ T4881] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 182.084309][ T4340] I/O error, dev loop1, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 182.093875][ T4881] Buffer I/O error on dev loop1p1, logical block 0, async page read [ 182.126905][ T4340] Buffer I/O error on dev loop1p4, logical block 1, async page read [ 182.156694][ T4881] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 182.204438][ T4881] Buffer I/O error on dev loop1p1, logical block 0, async page read [ 182.229412][ T6715] vim2m vim2m.0: vidioc_s_fmt queue busy [ 182.238765][ T4881] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 182.246448][ T11] kworker/u4:1: attempt to access beyond end of device [ 182.246448][ T11] loop2: rw=1, sector=353, nr_sectors = 688 limit=128 [ 182.247918][ T4881] Buffer I/O error on dev loop1p1, logical block 0, async page read [ 182.282687][ T6717] device batadv_slave_1 entered promiscuous mode [ 182.326026][ T6717] net_ratelimit: 28 callbacks suppressed [ 182.326047][ T6717] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check. [ 182.368556][ T4881] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 182.377768][ T4881] Buffer I/O error on dev loop1p1, logical block 0, async page read [ 182.410368][ T4881] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 182.468514][ T4881] Buffer I/O error on dev loop1p1, logical block 0, async page read [ 182.490881][ T6720] loop4: detected capacity change from 0 to 16 [ 182.541294][ T6720] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 182.703802][ T6726] tipc: Enabling of bearer rejected, already enabled [ 182.744719][ T4340] udevd[4340]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 182.771070][ T4881] udevd[4881]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 182.835506][ T4364] udevd[4364]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 182.839301][ T4881] udevd[4881]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 183.290962][ T6740] loop0: detected capacity change from 0 to 1024 [ 183.298303][ T6740] EXT4-fs: Ignoring removed nomblk_io_submit option [ 183.337503][ T6740] EXT4-fs (loop0): Test dummy encryption mode enabled [ 183.420994][ T6740] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 183.650021][ T6754] loop2: detected capacity change from 0 to 256 [ 183.677570][ T6754] exfat: Deprecated parameter 'namecase' [ 183.743192][ T6754] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x6ff59669, utbl_chksum : 0xe619d30d) [ 183.950567][ T6723] loop1: detected capacity change from 0 to 40427 [ 184.012867][ T6723] F2FS-fs (loop1): invalid crc value [ 184.025075][ T6761] loop3: detected capacity change from 0 to 256 [ 184.045783][ T6723] F2FS-fs (loop1): Found nat_bits in checkpoint [ 184.143578][ T6761] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 184.204200][ T6740] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 184.233830][ T6723] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 184.382287][ T4255] EXT4-fs (loop0): unmounting filesystem. [ 184.576049][ T6774] loop0: detected capacity change from 0 to 256 [ 184.655867][ T4249] syz-executor: attempt to access beyond end of device [ 184.655867][ T4249] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 185.219387][ T6760] loop4: detected capacity change from 0 to 40427 [ 185.235779][ T6783] loop2: detected capacity change from 0 to 1024 [ 185.260274][ T6760] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 185.268078][ T6760] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 185.353386][ T6783] hfsplus: request for non-existent node 2048 in B*Tree [ 185.370687][ T6783] hfsplus: request for non-existent node 2048 in B*Tree [ 185.396477][ T6760] F2FS-fs (loop4): Found nat_bits in checkpoint [ 185.421479][ T6790] hfsplus: request for non-existent node 2048 in B*Tree [ 185.438561][ T5725] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 185.477648][ T6790] hfsplus: request for non-existent node 2048 in B*Tree [ 185.582129][ T6760] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 185.601789][ T6760] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 185.664778][ T5725] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 185.693849][ T5725] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 185.728916][ T5725] usb 4-1: New USB device found, idVendor=056a, idProduct=0065, bcdDevice= 0.00 [ 185.738124][ T5725] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.800473][ T5725] usb 4-1: config 0 descriptor?? [ 185.876492][ T6801] loop1: detected capacity change from 0 to 128 [ 185.898779][ T26] audit: type=1804 audit(1732740427.678:16): pid=6799 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.881" name="/newroot/178/bus/bus" dev="loop4" ino=10 res=1 errno=0 [ 185.998998][ T26] audit: type=1804 audit(1732740427.678:17): pid=6760 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.881" name="/newroot/178/bus/bus" dev="loop4" ino=10 res=1 errno=0 [ 186.106725][ T6804] syz.1.894: attempt to access beyond end of device [ 186.106725][ T6804] loop1: rw=2049, sector=225, nr_sectors = 128 limit=128 [ 186.229445][ T6784] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 186.271760][ T6784] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 186.325137][ T11] kworker/u4:1: attempt to access beyond end of device [ 186.325137][ T11] loop1: rw=1, sector=353, nr_sectors = 688 limit=128 [ 186.350858][ T5725] wacom 0003:056A:0065.000A: unknown main item tag 0x7 [ 186.357824][ T5725] wacom 0003:056A:0065.000A: unknown main item tag 0x4 [ 186.432699][ T5725] wacom 0003:056A:0065.000A: Unknown device_type for 'HID 056a:0065'. Assuming pen. [ 186.497226][ T5725] wacom 0003:056A:0065.000A: hidraw0: USB HID v0.00 Device [HID 056a:0065] on usb-dummy_hcd.3-1/input0 [ 186.535917][ T5725] input: Wacom Bamboo Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0065.000A/input/input14 [ 186.571616][ T6808] loop0: detected capacity change from 0 to 4096 [ 186.592415][ T6808] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 186.658217][ T5725] usb 4-1: USB disconnect, device number 8 [ 186.817469][ T6808] ntfs3: loop0: failed to convert "c46c" to maccenteuro [ 187.073036][ T6817] loop0: detected capacity change from 0 to 1024 [ 187.278514][ T951] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 187.300035][ T4309] hfsplus: b-tree write err: -5, ino 4 [ 187.333849][ T6821] loop3: detected capacity change from 0 to 64 [ 187.483996][ T951] usb 5-1: Using ep0 maxpacket: 32 [ 187.491496][ T951] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 187.529583][ T951] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 187.540886][ T4260] hfs: node 4:3 still has 1 user(s)! [ 187.545455][ T951] usb 5-1: New USB device found, idVendor=056a, idProduct=033e, bcdDevice= 0.00 [ 187.563942][ T951] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 187.600907][ T951] usb 5-1: config 0 descriptor?? [ 187.694719][ T6827] loop3: detected capacity change from 0 to 1024 [ 187.704426][ T6829] netlink: 152 bytes leftover after parsing attributes in process `syz.2.907'. [ 187.747847][ T6829] netlink: 20 bytes leftover after parsing attributes in process `syz.2.907'. [ 187.842960][ T6832] loop0: detected capacity change from 0 to 1024 [ 188.027713][ T951] wacom 0003:056A:033E.000B: unknown main item tag 0x0 [ 188.038929][ T46] hfsplus: b-tree write err: -5, ino 4 [ 188.048560][ T951] wacom 0003:056A:033E.000B: unknown main item tag 0x0 [ 188.055531][ T951] wacom 0003:056A:033E.000B: unknown main item tag 0x0 [ 188.113585][ T951] wacom 0003:056A:033E.000B: unknown main item tag 0x0 [ 188.148481][ T951] wacom 0003:056A:033E.000B: unknown main item tag 0x0 [ 188.172526][ T951] wacom 0003:056A:033E.000B: Unknown device_type for 'HID 056a:033e'. Assuming pen. [ 188.208897][ T951] wacom 0003:056A:033E.000B: hidraw0: USB HID vff.ff Device [HID 056a:033e] on usb-dummy_hcd.4-1/input0 [ 188.242758][ T951] input: Wacom Intuos PT M 2 Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:056A:033E.000B/input/input17 [ 188.349793][ T951] usb 5-1: USB disconnect, device number 8 [ 188.687985][ T6834] loop2: detected capacity change from 0 to 32768 [ 188.714569][ T6834] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.909 (6834) [ 188.766559][ T6834] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 188.805123][ T6841] loop1: detected capacity change from 0 to 256 [ 188.838712][ T6834] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 188.875364][ T6834] BTRFS info (device loop2): using free space tree [ 188.902213][ T6841] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 189.111954][ T6859] loop1: detected capacity change from 0 to 256 [ 189.227301][ T6834] BTRFS info (device loop2): enabling ssd optimizations [ 189.477825][ T6869] loop3: detected capacity change from 0 to 4096 [ 189.528008][ T6869] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 189.558167][ T4254] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 189.564474][ T6876] netlink: 8 bytes leftover after parsing attributes in process `syz.0.919'. [ 189.570200][ T6875] netlink: 8 bytes leftover after parsing attributes in process `syz.1.918'. [ 189.618004][ T6869] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 190.426538][ T6899] loop4: detected capacity change from 0 to 8 [ 190.437306][ T6897] loop2: detected capacity change from 0 to 2048 [ 190.511221][ T6897] loop2: p3 < > p4 < > [ 190.515640][ T6897] loop2: partition table partially beyond EOD, truncated [ 190.547029][ T6897] loop2: p3 start 4284289 is beyond EOD, truncated [ 191.075531][ T6892] loop1: detected capacity change from 0 to 32768 [ 191.125396][ T6892] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.927 (6892) [ 191.189099][ T6892] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 191.231015][ T6892] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 191.257691][ T6914] loop4: detected capacity change from 0 to 64 [ 191.278606][ T6892] BTRFS info (device loop1): using free space tree [ 191.629311][ T6892] BTRFS info (device loop1): enabling ssd optimizations [ 191.874353][ T6947] loop4: detected capacity change from 0 to 1024 [ 191.966224][ T6947] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 191.975864][ T4249] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 192.073574][ T6947] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 192.158174][ T6956] syz.3.948[6956] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 192.158287][ T6956] syz.3.948[6956] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 192.276040][ T6958] netlink: 120 bytes leftover after parsing attributes in process `syz.2.947'. [ 192.556614][ T4259] EXT4-fs (loop4): unmounting filesystem. [ 192.722726][ T6970] netlink: 12 bytes leftover after parsing attributes in process `syz.0.954'. [ 192.983941][ T6979] Bluetooth: MGMT ver 1.22 [ 193.102013][ T6975] loop2: detected capacity change from 0 to 8192 [ 193.153287][ T6975] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 193.268911][ T6975] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 193.290175][ T6975] REISERFS (device loop2): using ordered data mode [ 193.296757][ T6975] reiserfs: using flush barriers [ 193.318652][ T6975] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 193.350725][ T6975] REISERFS (device loop2): checking transaction log (loop2) [ 193.615106][ T6975] REISERFS (device loop2): Using tea hash to sort names [ 193.625275][ T6975] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 193.704322][ T6973] loop4: detected capacity change from 0 to 32768 [ 193.728527][ T5197] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 193.757616][ T6973] XFS (loop4): Mounting V5 Filesystem [ 193.838498][ T951] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 193.931189][ T6973] XFS (loop4): Ending clean mount [ 193.938571][ T5197] usb 1-1: Using ep0 maxpacket: 16 [ 193.945961][ T5197] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 193.996736][ T5197] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 194.007726][ T5197] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 194.041579][ T5197] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 194.067186][ T5197] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.088481][ T951] usb 2-1: Using ep0 maxpacket: 32 [ 194.090769][ T5197] usb 1-1: config 0 descriptor?? [ 194.096600][ T951] usb 2-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 194.110028][ T4259] XFS (loop4): Unmounting Filesystem [ 194.146241][ T951] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.166254][ T951] usb 2-1: config 0 descriptor?? [ 194.185803][ T951] gspca_main: sunplus-2.14.0 probing 041e:400b [ 194.254910][ T7010] tap0: tun_chr_ioctl cmd 1074025677 [ 194.267272][ T7010] tap0: linktype set to 512 [ 194.297106][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.303533][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.544470][ T5197] microsoft 0003:045E:07DA.000C: ignoring exceeding usage max [ 194.570433][ T5197] microsoft 0003:045E:07DA.000C: unbalanced collection at end of report description [ 194.589081][ T5197] microsoft 0003:045E:07DA.000C: parse failed [ 194.608784][ T5197] microsoft: probe of 0003:045E:07DA.000C failed with error -22 [ 194.776242][ T4856] usb 1-1: USB disconnect, device number 8 [ 194.986578][ T951] gspca_sunplus: reg_r err -71 [ 195.003680][ T951] sunplus: probe of 2-1:0.0 failed with error -71 [ 195.038643][ T951] usb 2-1: USB disconnect, device number 5 [ 195.194727][ T7029] loop2: detected capacity change from 0 to 4096 [ 195.213179][ T7029] EXT4-fs: Ignoring removed nomblk_io_submit option [ 195.282837][ T7029] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 195.573924][ T4254] EXT4-fs (loop2): unmounting filesystem. [ 196.239982][ T7059] loop1: detected capacity change from 0 to 2048 [ 196.293680][ T7063] loop2: detected capacity change from 0 to 1024 [ 196.325963][ T7059] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 196.329282][ T7063] EXT4-fs: Ignoring removed oldalloc option [ 196.358741][ T4253] Bluetooth: hci0: command 0x0406 tx timeout [ 196.364862][ T4253] Bluetooth: hci3: command 0x0406 tx timeout [ 196.371194][ T4265] Bluetooth: hci4: command 0x0406 tx timeout [ 196.447426][ T7063] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 196.659296][ T4254] EXT4-fs (loop2): unmounting filesystem. [ 196.744480][ T7072] loop4: detected capacity change from 0 to 2048 [ 196.832197][ T7072] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 197.054527][ T4259] EXT4-fs (loop4): unmounting filesystem. [ 197.416153][ T26] audit: type=1326 audit(1732740439.188:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7095 comm="syz.2.1006" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3b7c380809 code=0x0 [ 197.545085][ T7099] loop0: detected capacity change from 0 to 4096 [ 197.622386][ T7099] ntfs: volume version 3.1. [ 197.637100][ T7099] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 197.654960][ T7099] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 197.667832][ T7099] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated. Mounting read-only. Run chkdsk. [ 198.306014][ T7116] mmap: syz.0.1014 (7116): VmData 37462016 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 198.619677][ T7124] loop0: detected capacity change from 0 to 512 [ 198.657158][ T7124] EXT4-fs: Ignoring removed i_version option [ 198.690002][ T7124] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 198.748239][ T7124] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 198.855959][ T7124] EXT4-fs (loop0): 1 truncate cleaned up [ 198.879184][ T7124] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 198.920056][ T7112] loop1: detected capacity change from 0 to 32768 [ 198.925007][ T7134] loop4: detected capacity change from 0 to 512 [ 198.946447][ T7112] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.1013 (7112) [ 199.000543][ T7134] EXT4-fs: Ignoring removed mblk_io_submit option [ 199.031967][ T4255] EXT4-fs (loop0): unmounting filesystem. [ 199.048650][ T7112] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 199.096258][ T7112] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 199.098607][ T7134] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 199.108161][ T7112] BTRFS info (device loop1): using free space tree [ 199.224523][ T26] audit: type=1800 audit(1732740440.998:19): pid=7134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1023" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 199.415774][ T4259] EXT4-fs (loop4): unmounting filesystem. [ 199.468902][ T7112] BTRFS info (device loop1): enabling ssd optimizations [ 199.798770][ T7112] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 199.927354][ T7175] loop3: detected capacity change from 0 to 512 [ 199.973941][ T7175] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 200.061868][ T4249] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 200.100538][ T7175] EXT4-fs (loop3): 1 orphan inode deleted [ 200.107726][ T7175] EXT4-fs (loop3): 1 truncate cleaned up [ 200.158482][ T7175] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 200.254824][ T7175] EXT4-fs error (device loop3): ext4_inlinedir_to_tree:1432: inode #12: block 7: comm syz.3.1032: path /209/bus/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0 [ 200.378507][ T7175] EXT4-fs (loop3): Remounting filesystem read-only [ 200.638395][ T4260] EXT4-fs (loop3): unmounting filesystem. [ 200.788709][ T7192] loop3: detected capacity change from 0 to 256 [ 200.813807][ T7190] loop0: detected capacity change from 0 to 4096 [ 200.827613][ T7192] exFAT-fs (loop3): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 200.858977][ T7190] ntfs: (device loop0): load_attribute_list(): Cannot read attribute list since runlist is missing. [ 200.891395][ T7190] ntfs: (device loop0): ntfs_read_locked_inode(): Failed to load attribute list attribute. [ 200.936074][ T7190] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 201.007483][ T7190] ntfs: (device loop0): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 201.086678][ T7190] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 201.114773][ T7190] ntfs: volume version 3.1. [ 201.578497][ T4553] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 201.803526][ T4553] usb 4-1: Using ep0 maxpacket: 8 [ 201.813871][ T4553] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 201.844553][ T4553] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.889477][ T4553] usb 4-1: Product: syz [ 201.893724][ T4553] usb 4-1: Manufacturer: syz [ 201.901932][ T7220] loop0: detected capacity change from 0 to 128 [ 201.928409][ T4553] usb 4-1: SerialNumber: syz [ 201.934175][ T7220] EXT4-fs: Ignoring removed orlov option [ 201.941910][ T4553] usb 4-1: config 0 descriptor?? [ 201.979916][ T4553] gspca_main: se401-2.14.0 probing 047d:5003 [ 202.049699][ T7220] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 202.075427][ T7220] ext4 filesystem being mounted at /215/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 202.402175][ T4553] gspca_se401: Frame size: 0x1 bayer [ 202.407680][ T4553] gspca_se401: Frame size: 0x0 1/16th janggu [ 202.419516][ T4255] EXT4-fs (loop0): unmounting filesystem. [ 202.427037][ T4553] gspca_se401: Frame size: 0x0 1/16th janggu [ 202.437147][ T4553] gspca_se401: Frame size: 0x0 1/16th janggu [ 202.443930][ T4553] gspca_se401: Frame size: 0x0 1/16th janggu [ 202.454473][ T4553] gspca_se401: Frame size: 0x0 1/16th janggu [ 202.488463][ T4553] gspca_se401: Frame size: 0x0 1/16th janggu [ 202.503865][ T4553] gspca_se401: Frame size: 0x0 1/16th janggu [ 202.611413][ T4553] input: se401 as /devices/platform/dummy_hcd.3/usb4/4-1/input/input20 [ 202.662365][ T4553] usb 4-1: USB disconnect, device number 9 [ 202.752990][ T7233] input: syz1 as /devices/virtual/input/input21 [ 203.265242][ T7249] tap0: tun_chr_ioctl cmd 2147767520 [ 203.468209][ T7258] tap0: tun_chr_ioctl cmd 1074025673 [ 203.586402][ T7260] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1065'. [ 204.198862][ T5197] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 204.400585][ T5197] usb 5-1: config 0 interface 0 has no altsetting 0 [ 204.450050][ T5197] usb 5-1: New USB device found, idVendor=0e41, idProduct=4650, bcdDevice=9f.7f [ 204.459536][ T5197] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 204.467679][ T5197] usb 5-1: Product: syz [ 204.506175][ T5197] usb 5-1: Manufacturer: syz [ 204.536709][ T5197] usb 5-1: SerialNumber: syz [ 204.569869][ T5197] usb 5-1: config 0 descriptor?? [ 204.634722][ T5197] snd_usb_pod 5-1:0.0: Line 6 PODxt Live found [ 204.804456][ T5197] snd_usb_pod 5-1:0.0: set_interface failed [ 204.804634][ T4253] Bluetooth: hci3: unexpected event 0x04 length: 14 > 10 [ 204.810537][ T4253] Bluetooth: unknown link type 127 [ 204.812230][ T5197] snd_usb_pod 5-1:0.0: Line 6 PODxt Live now disconnected [ 204.838579][ T7297] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1083'. [ 204.862278][ T7299] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1085'. [ 204.918932][ T7299] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1085'. [ 204.937710][ T5197] snd_usb_pod: probe of 5-1:0.0 failed with error -71 [ 204.979745][ T5197] usb 5-1: USB disconnect, device number 9 [ 205.658596][ T4562] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 205.742052][ T11] ------------[ cut here ]------------ [ 205.748205][ T11] WARNING: CPU: 1 PID: 11 at net/mac80211/ibss.c:500 ieee80211_ibss_csa_beacon+0x58e/0x640 [ 205.758794][ T11] Modules linked in: [ 205.762747][ T11] CPU: 1 PID: 11 Comm: kworker/u4:1 Not tainted 6.1.119-syzkaller #0 [ 205.771110][ T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 205.781265][ T11] Workqueue: phy12 ieee80211_csa_finalize_work [ 205.787479][ T11] RIP: 0010:ieee80211_ibss_csa_beacon+0x58e/0x640 [ 205.793994][ T11] Code: f7 c6 05 d2 f9 57 04 01 48 c7 c7 50 c9 22 8c be fd 01 00 00 48 c7 c2 e0 c9 22 8c e8 9c 5b 3c f7 e9 7d fe ff ff e8 b2 f5 5b f7 <0f> 0b b8 ea ff ff ff e9 7a ff ff ff e8 a1 f5 5b f7 0f 0b e9 d9 fa [ 205.813781][ T11] RSP: 0018:ffffc90000107b58 EFLAGS: 00010293 [ 205.819980][ T11] RAX: ffffffff8a2ea63e RBX: ffff888028c6b618 RCX: ffff888017e93b80 [ 205.828043][ T11] RDX: 0000000000000000 RSI: ffffffff8b0c01c0 RDI: ffffffff8b5e6200 [ 205.836196][ T11] RBP: ffff888027c59ad2 R08: dffffc0000000000 R09: fffffbfff2249864 [ 205.844278][ T11] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888027c59ad8 [ 205.852469][ T11] R13: ffff888027c58c80 R14: ffff888028c68760 R15: ffff888027c59af8 [ 205.860547][ T11] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 205.869575][ T11] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.871042][ T4562] usb 3-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4 [ 205.876322][ T11] CR2: 0000001b2d61aff8 CR3: 00000000288df000 CR4: 00000000003526e0 [ 205.893531][ T11] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 205.901628][ T11] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 205.909769][ T11] Call Trace: [ 205.913177][ T11] [ 205.916149][ T11] ? __warn+0x15a/0x520 [ 205.916729][ T4562] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.920412][ T11] ? ieee80211_ibss_csa_beacon+0x58e/0x640 [ 205.920452][ T11] ? report_bug+0x2af/0x500 [ 205.920485][ T11] ? ieee80211_ibss_csa_beacon+0x58e/0x640 [ 205.920515][ T11] ? handle_bug+0x3d/0x70 [ 205.920548][ T11] ? exc_invalid_op+0x16/0x40 [ 205.920582][ T11] ? asm_exc_invalid_op+0x16/0x20 [ 205.920622][ T11] ? ieee80211_ibss_csa_beacon+0x58e/0x640 [ 205.955226][ T4562] usb 3-1: config 0 descriptor?? [ 205.959342][ T11] ? ieee80211_ibss_csa_beacon+0x58e/0x640 [ 205.959387][ T11] ? ieee80211_ibss_csa_beacon+0x58e/0x640 [ 205.959422][ T11] ieee80211_csa_finalize+0x4da/0xc50 [ 205.959463][ T11] ieee80211_csa_finalize_work+0xf8/0x140 [ 205.959497][ T11] ? process_one_work+0x7a9/0x11d0 [ 205.959526][ T11] process_one_work+0x8a9/0x11d0 [ 205.959571][ T11] ? worker_detach_from_pool+0x260/0x260 [ 205.959604][ T11] ? _raw_spin_lock_irqsave+0x120/0x120 [ 205.959631][ T11] ? kthread_data+0x4e/0xc0 [ 205.959672][ T11] ? wq_worker_running+0x97/0x190 [ 205.959699][ T11] worker_thread+0xa47/0x1200 [ 205.959822][ T11] kthread+0x28d/0x320 [ 205.959859][ T11] ? worker_clr_flags+0x190/0x190 [ 206.038701][ T11] ? kthread_blkcg+0xd0/0xd0 [ 206.043348][ T11] ret_from_fork+0x1f/0x30 [ 206.047840][ T11] [ 206.050967][ T11] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 206.058300][ T11] CPU: 1 PID: 11 Comm: kworker/u4:1 Not tainted 6.1.119-syzkaller #0 [ 206.066440][ T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 206.076533][ T11] Workqueue: phy12 ieee80211_csa_finalize_work [ 206.082732][ T11] Call Trace: [ 206.086029][ T11] [ 206.088977][ T11] dump_stack_lvl+0x1e3/0x2cb [ 206.093747][ T11] ? nf_tcp_handle_invalid+0x642/0x642 [ 206.099271][ T11] ? panic+0x764/0x764 [ 206.103405][ T11] ? vscnprintf+0x59/0x80 [ 206.107783][ T11] panic+0x318/0x764 [ 206.111715][ T11] ? __warn+0x169/0x520 [ 206.115896][ T11] ? memcpy_page_flushcache+0xfc/0xfc [ 206.121312][ T11] ? ret_from_fork+0x1f/0x30 [ 206.125945][ T11] __warn+0x348/0x520 [ 206.129946][ T11] ? ieee80211_ibss_csa_beacon+0x58e/0x640 [ 206.135773][ T11] report_bug+0x2af/0x500 [ 206.140121][ T11] ? ieee80211_ibss_csa_beacon+0x58e/0x640 [ 206.146134][ T11] handle_bug+0x3d/0x70 [ 206.150319][ T11] exc_invalid_op+0x16/0x40 [ 206.154845][ T11] asm_exc_invalid_op+0x16/0x20 [ 206.159716][ T11] RIP: 0010:ieee80211_ibss_csa_beacon+0x58e/0x640 [ 206.166140][ T11] Code: f7 c6 05 d2 f9 57 04 01 48 c7 c7 50 c9 22 8c be fd 01 00 00 48 c7 c2 e0 c9 22 8c e8 9c 5b 3c f7 e9 7d fe ff ff e8 b2 f5 5b f7 <0f> 0b b8 ea ff ff ff e9 7a ff ff ff e8 a1 f5 5b f7 0f 0b e9 d9 fa [ 206.185751][ T11] RSP: 0018:ffffc90000107b58 EFLAGS: 00010293 [ 206.191826][ T11] RAX: ffffffff8a2ea63e RBX: ffff888028c6b618 RCX: ffff888017e93b80 [ 206.199800][ T11] RDX: 0000000000000000 RSI: ffffffff8b0c01c0 RDI: ffffffff8b5e6200 [ 206.207774][ T11] RBP: ffff888027c59ad2 R08: dffffc0000000000 R09: fffffbfff2249864 [ 206.215859][ T11] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888027c59ad8 [ 206.223858][ T11] R13: ffff888027c58c80 R14: ffff888028c68760 R15: ffff888027c59af8 [ 206.231857][ T11] ? ieee80211_ibss_csa_beacon+0x58e/0x640 [ 206.237716][ T11] ? ieee80211_ibss_csa_beacon+0x58e/0x640 [ 206.243619][ T11] ieee80211_csa_finalize+0x4da/0xc50 [ 206.249028][ T11] ieee80211_csa_finalize_work+0xf8/0x140 [ 206.254777][ T11] ? process_one_work+0x7a9/0x11d0 [ 206.259909][ T11] process_one_work+0x8a9/0x11d0 [ 206.264887][ T11] ? worker_detach_from_pool+0x260/0x260 [ 206.270555][ T11] ? _raw_spin_lock_irqsave+0x120/0x120 [ 206.276124][ T11] ? kthread_data+0x4e/0xc0 [ 206.280649][ T11] ? wq_worker_running+0x97/0x190 [ 206.285680][ T11] worker_thread+0xa47/0x1200 [ 206.290389][ T11] kthread+0x28d/0x320 [ 206.294458][ T11] ? worker_clr_flags+0x190/0x190 [ 206.299489][ T11] ? kthread_blkcg+0xd0/0xd0 [ 206.304083][ T11] ret_from_fork+0x1f/0x30 [ 206.308542][ T11] [ 206.311855][ T11] Kernel Offset: disabled [ 206.316316][ T11] Rebooting in 86400 seconds..