last executing test programs: 2.991332809s ago: executing program 2 (id=3961): r0 = socket$inet_icmp(0x2, 0x2, 0x1) sendmmsg$inet(r0, &(0x7f0000000340)=[{{&(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000400)='\b\x00\x00\x00(\x00\x00\x00', 0x8}], 0x1}}, {{&(0x7f0000000480)={0x2, 0x4e22, @local}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000000440)="08000000001f009e", 0x8}], 0x1}}], 0x2, 0x4000) 2.834079831s ago: executing program 2 (id=3965): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]}) signalfd(0xffffffffffffffff, &(0x7f00000000c0), 0x8) 2.593694241s ago: executing program 2 (id=3970): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0x3, 0x0, 0x2, 0x29, 0x0, 0x0, 0x0, [@sadb_key={0x1f, 0x8, 0x780, 0x0, "d7884a389e967b9e894705b077c135fd1c4a37d5988b14f336aefd5769361ced9d4ae3916383fc275e11f5bed4ec3469dd878bea99114e2f6bc329d7acd8a89b2b2917fdeb71d607edd3d677414d4e22f99e072d04ea919734bc15cbfbbf5004f18378a4cc482d747ef47e91ccbd3d62000000000000000000000000000000ac605279cabdaac266f6a0aeb579663eb4c1c684efb40a0c4f82cf20212dc60c0f2a5dcf772c3410ed0e471117a32a768588707e8eeff6dee2225bd0d76bbb70a0a9d19926da4b671f5bd0283b2deef60c2ca39b72c2f195fea7087b6697cf918a875cd6da45c02236cb85a028091124f1"}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x4e20, @dev}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x6}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e20, @empty}}]}, 0x148}, 0x1, 0x7}, 0x0) 2.377176119s ago: executing program 3 (id=3975): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000340), 0x4) 2.23056525s ago: executing program 3 (id=3977): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000680), 0x40000, 0x19) 2.063766334s ago: executing program 2 (id=3981): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="600000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000380012800e00010069703665727370616e0000002400028014000500000000000000000000000000000000010500160002000000040012000800040044"], 0x60}}, 0x0) 1.845561231s ago: executing program 2 (id=3985): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x58, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, 0x0, 0x1200}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x28, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x2}, @IFLA_BR_MCAST_STARTUP_QUERY_CNT={0x8, 0x1d, 0x9}, @IFLA_BR_FORWARD_DELAY={0x8, 0x1, 0x9}, @IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x1e, 0x5}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x400c000}, 0x44) 1.677319995s ago: executing program 2 (id=3988): syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7"], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) 1.227516041s ago: executing program 4 (id=3998): r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x4000000000000103, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000100)={0x8, 0x1, 0x0, "69c0161723fc3c13ca662342702d1a459380d13257a4bb97ce001c869ee8c942"}) 1.227070351s ago: executing program 1 (id=3999): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0xfffffffffffffff4, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0305602, &(0x7f0000000040)={0x0, 0x8}) 1.194903154s ago: executing program 0 (id=4000): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x1, 0x8070bd29, 0x0, {0x0, 0x0, 0x0, 0x0, 0x5f24c}, [@IFLA_IFNAME={0x14, 0x3, 'netdevsim0\x00'}, @IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_SPOOFCHK={0xc, 0x4, {0x400, 0x5}}]}]}, @IFLA_LINKMODE={0x5, 0x11, 0x9}]}, 0x50}, 0x1, 0x0, 0x0, 0x1}, 0x40) 1.057249295s ago: executing program 1 (id=4001): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0xcb7, @any, 0x0, 0x2}, 0xe) 1.050930935s ago: executing program 0 (id=4002): r0 = socket$inet_tcp(0x2, 0x1, 0x0) accept4(r0, 0x0, 0x0, 0x81800) 988.842971ms ago: executing program 3 (id=4003): r0 = socket$l2tp6(0xa, 0x2, 0x73) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x10000, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1}, 0x1c) 963.628502ms ago: executing program 4 (id=4004): r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301) ioctl$USBDEVFS_RELEASE_PORT(r0, 0x80045519, &(0x7f0000000000)=0x8) 879.878069ms ago: executing program 1 (id=4005): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xa, 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b01be0000000000b7080000959700007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 857.157701ms ago: executing program 0 (id=4006): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) sync_file_range(r0, 0x9d0, 0x4000000006, 0x2) 777.102508ms ago: executing program 3 (id=4007): r0 = socket(0x2b, 0x1, 0x0) bind$unix(r0, &(0x7f0000000040)=@abs={0x0, 0x0, 0x4e21}, 0x6e) 767.580468ms ago: executing program 4 (id=4008): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x3}) bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48) 735.326731ms ago: executing program 1 (id=4009): r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x2, 0x0) ioctl$VIDIOC_QUERYMENU(r0, 0xc040564a, &(0x7f0000000140)={0x0, 0x1, @value=0x101c}) 703.518964ms ago: executing program 0 (id=4010): syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==") mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) 690.248645ms ago: executing program 3 (id=4011): r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042) ioctl$SCSI_IOCTL_DOORLOCK(r0, 0x5380) 593.053872ms ago: executing program 4 (id=4012): r0 = syz_socket_connect_nvme_tcp() close(r0) 570.355315ms ago: executing program 1 (id=4013): syz_init_net_socket$llc(0x1a, 0x1, 0x0) syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000400)='./file0\x00', 0x1800880, &(0x7f0000000040)=ANY=[], 0x1, 0x1ff, &(0x7f0000000440)="$eJzsmTGL1EAUx/8zm03ORThsLGwsPPBEL5tkVa65QsFSFO5ELBcvHqc5V/Yi3G2j+wEsLQRbv4CFhbVWdrYqqCBYuKWF1chMJsnsZhOzrOCC7wc7+WfmzZv3ZmZfExAE8d/y9cvPz08ur2+dA3AUK3B0//dGbsMN+4/PHp59unHl+csPL96wKf5knxD115e+P729BjxeVu9C8LHxFf3cAs/0DXCc0fomGFwZq6Mmi3TtEAy3tM1dQ/eOaBGF7HYv2r6zG4WebHzZBLLpANJJK4thNGTYBrCklzDz3j8c3OtGQD8RUZiKpkjXKQzNKqr2z5LxXeLY0O8yPm4cmaufnrF/Pjh8rTtg2NR6HQ5c1823JPU/ZDhh5f4bhfz/kIA8lCobFIea9TxPCHt81rG1v7D79cRyZYILLuTZzudHXoV/nUUufgkhKmzYZI/8Q2c9x0ev3xVnfVuEvCbFo3r1RRUuAIWh960oujpHGLYuAqVXIqkfzAJOG/XJgpXVj3a896C9fzhY293r7oQ74f0g6Fz0znvehaCtClHSVtS/JVWfWob/ZomtzWwcdOO47x8Acd/P3oOkNSru5qveDzWHq/rHsXoq8SGvikrbmb4G0z+unlKtNkqDJwiCIAiCIAiCIAiCIAiCmImTYMmHsORDlSghuK6sfwcAAP//A2hkRg==") 461.444873ms ago: executing program 3 (id=4014): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) 377.1919ms ago: executing program 4 (id=4015): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/stat\x00', 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, 0x0) 367.068081ms ago: executing program 0 (id=4016): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300030e000000000700000000000004000900a0000000015204f089b96478db1d8a5f756509e977fb1a03000000000200010000000000000002161600003f030006000000000002004e21000000800000000000000000010005"], 0x70}, 0x1, 0x7}, 0x0) 127.15501ms ago: executing program 1 (id=4017): r0 = syz_open_dev$vim2m(&(0x7f00000004c0), 0x7, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000140)={0x40, 0x1, 0x1, "c801697eed996bd7df2eb6035c229923d8ed39ec1d923a0300", 0x32315659}) 42.956447ms ago: executing program 4 (id=4018): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000000c0)={0x46, 0x1, 0x2, "6040a7190200002000000000000000ff1057e31e94000000000000000006ff00", 0x50313134}) 0s ago: executing program 0 (id=4019): r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x920) kernel console output (not intermixed with test programs): 5-1: Product: syz [ 193.861110][ T4308] usb 5-1: Manufacturer: syz [ 193.892268][ T4308] usb 5-1: SerialNumber: syz [ 193.906248][ T8719] loop2: detected capacity change from 0 to 256 [ 194.333551][ T4308] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71 [ 194.367526][ T4308] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71 [ 194.409429][ T4308] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 194.440210][ T4308] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 194.503663][ T4308] lan78xx: probe of 5-1:1.0 failed with error -71 [ 194.561239][ T4308] usb 5-1: USB disconnect, device number 9 [ 194.608894][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.616993][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.644992][ T8713] loop3: detected capacity change from 0 to 32768 [ 194.736480][ T8713] XFS (loop3): Mounting V5 Filesystem [ 194.816826][ T8749] loop0: detected capacity change from 0 to 128 [ 194.839983][ T8713] XFS (loop3): Ending clean mount [ 194.868033][ T8713] XFS (loop3): Quotacheck needed: Please wait. [ 194.887730][ T8749] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 194.991647][ T8713] XFS (loop3): Quotacheck: Done. [ 195.041910][ T8749] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 195.177457][ T4264] XFS (loop3): Unmounting Filesystem [ 195.450981][ T26] audit: type=1400 audit(1755785216.372:48): apparmor="DENIED" operation="setprocattr" info="fscreate" error=-22 profile="unconfined" pid=8762 comm="syz.0.2009" [ 195.659040][ T8773] loop1: detected capacity change from 0 to 64 [ 195.917093][ T8779] loop3: detected capacity change from 0 to 256 [ 195.996668][ T8779] FAT-fs (loop3): Directory bread(block 64) failed [ 196.027228][ T8755] loop4: detected capacity change from 0 to 32768 [ 196.033970][ T8779] FAT-fs (loop3): Directory bread(block 65) failed [ 196.040698][ T8779] FAT-fs (loop3): Directory bread(block 66) failed [ 196.062300][ T8779] FAT-fs (loop3): Directory bread(block 67) failed [ 196.089646][ T8755] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 9 [ 196.113472][ T8779] FAT-fs (loop3): Directory bread(block 68) failed [ 196.120257][ T8779] FAT-fs (loop3): Directory bread(block 69) failed [ 196.164388][ T8779] FAT-fs (loop3): Directory bread(block 70) failed [ 196.170987][ T8779] FAT-fs (loop3): Directory bread(block 71) failed [ 196.270023][ T8779] FAT-fs (loop3): Directory bread(block 72) failed [ 196.319473][ T8779] FAT-fs (loop3): Directory bread(block 73) failed [ 196.329981][ T8789] loop1: detected capacity change from 0 to 1024 [ 196.362550][ T8793] netlink: 'syz.2.2023': attribute type 5 has an invalid length. [ 196.474670][ T8779] FAT-fs (loop3): Filesystem has been set read-only [ 196.495489][ T26] audit: type=1800 audit(1755785217.422:49): pid=8779 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2007" name="pids.current" dev="loop3" ino=1048607 res=0 errno=0 [ 196.496599][ T8779] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006c61) [ 196.568733][ T4379] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 9 [ 196.667085][ T9] hfsplus: b-tree write err: -5, ino 4 [ 197.249034][ T8820] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2036'. [ 197.301903][ T8820] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2036'. [ 197.562638][ T8832] netlink: 'syz.0.2041': attribute type 27 has an invalid length. [ 197.705182][ T8838] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2045'. [ 197.976767][ T8850] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2050'. [ 198.131934][ T8853] loop3: detected capacity change from 0 to 4096 [ 198.232866][ T8853] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 198.318376][ T8827] loop2: detected capacity change from 0 to 32768 [ 198.530007][ T4264] EXT4-fs (loop3): unmounting filesystem. [ 198.723388][ T8869] A link change request failed with some changes committed already. Interface veth1_to_team may have been left with an inconsistent configuration, please check. [ 198.816209][ T8874] tmpfs: Bad value for 'mpol' [ 199.562604][ T8903] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2076'. [ 199.592581][ T8903] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2076'. [ 199.601758][ T8903] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2076'. [ 199.618351][ T8897] loop1: detected capacity change from 0 to 4096 [ 199.692035][ T8897] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 199.757361][ T26] audit: type=1326 audit(1755785220.682:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8906 comm="syz.3.2078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde4df8ebe9 code=0x7ffc0000 [ 199.779715][ C0] vkms_vblank_simulate: vblank timer overrun [ 199.803858][ T8897] ntfs3: loop1: Failed to load $Extend. [ 199.866828][ T26] audit: type=1326 audit(1755785220.722:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8906 comm="syz.3.2078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7fde4df8ebe9 code=0x7ffc0000 [ 199.998149][ T26] audit: type=1326 audit(1755785220.722:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8906 comm="syz.3.2078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde4df8ebe9 code=0x7ffc0000 [ 200.057077][ T8914] tmpfs: Bad value for 'mpol' [ 200.112300][ T26] audit: type=1326 audit(1755785220.722:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8906 comm="syz.3.2078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde4df8ebe9 code=0x7ffc0000 [ 200.682262][ T27] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 200.874275][ T27] usb 5-1: Using ep0 maxpacket: 32 [ 200.886717][ T27] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 200.914268][ T27] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 200.948408][ T27] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=4a.83 [ 200.998044][ T27] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.022272][ T27] usb 5-1: Product: syz [ 201.026490][ T27] usb 5-1: Manufacturer: syz [ 201.058219][ T27] usb 5-1: SerialNumber: syz [ 201.079538][ T27] usb 5-1: config 0 descriptor?? [ 201.222246][ T7963] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 201.304949][ T27] snd-usb-6fire 5-1:0.0: unknown device firmware state received from device: [ 201.321828][ T27] ea af d9 87 ad fc c9 53 [ 201.342268][ T27] snd-usb-6fire: probe of 5-1:0.0 failed with error -5 [ 201.416023][ T7963] usb 3-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d [ 201.425863][ T7963] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=16 [ 201.436715][ T7963] usb 3-1: SerialNumber: syz [ 201.466107][ T7963] usb 3-1: config 0 descriptor?? [ 201.519828][ T5277] usb 5-1: USB disconnect, device number 10 [ 201.795540][ T8989] netlink: 'syz.3.2118': attribute type 4 has an invalid length. [ 201.885381][ T7963] hackrf 3-1:0.0: usb_control_msg() failed -71 request 0f [ 201.905585][ T7963] hackrf 3-1:0.0: Could not detect board [ 201.911474][ T7963] hackrf: probe of 3-1:0.0 failed with error -71 [ 201.936562][ T8991] netlink: 'syz.3.2119': attribute type 21 has an invalid length. [ 201.945667][ T8991] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2119'. [ 201.954114][ T7963] usb 3-1: USB disconnect, device number 7 [ 201.967417][ T8991] netlink: 'syz.3.2119': attribute type 5 has an invalid length. [ 201.982319][ T8991] netlink: 'syz.3.2119': attribute type 6 has an invalid length. [ 201.991335][ T8991] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2119'. [ 202.366889][ T8985] loop1: detected capacity change from 0 to 32768 [ 202.478751][ T8985] XFS (loop1): Mounting V5 Filesystem [ 202.630634][ T9015] loop2: detected capacity change from 0 to 512 [ 202.647661][ T8985] XFS (loop1): Ending clean mount [ 202.654387][ T9015] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 202.679974][ T8985] XFS (loop1): Quotacheck needed: Please wait. [ 202.783099][ T9015] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 202.812633][ T9015] ext4 filesystem being mounted at /433/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 202.860343][ T8985] XFS (loop1): Quotacheck: Done. [ 203.027055][ T4272] EXT4-fs (loop2): unmounting filesystem. [ 203.041023][ T9002] loop0: detected capacity change from 0 to 32768 [ 203.047926][ T4263] XFS (loop1): Unmounting Filesystem [ 203.131537][ T9002] [ 203.131537][ T9002] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 203.131537][ T9002] [ 203.159214][ T9033] loop3: detected capacity change from 0 to 8 [ 203.178378][ T9033] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 203.214936][ T9002] jfs_lookup: dtSearch returned -5 [ 203.232117][ T7912] udevd[7912]: incorrect cramfs checksum on /dev/loop3 [ 203.268627][ T9033] cramfs: Error -3 while decompressing! [ 203.314885][ T9033] cramfs: ffffffff96d76188(18)->ffff888053742000(4096) [ 203.329967][ T9033] cramfs: Error -3 while decompressing! [ 203.336637][ T9033] cramfs: ffffffff96d76188(18)->ffff888053742000(4096) [ 203.367482][ T4267] [ 203.367482][ T4267] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 203.367482][ T4267] [ 203.389114][ T4267] [ 203.389114][ T4267] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 203.389114][ T4267] [ 203.403548][ T26] audit: type=1800 audit(1755785224.322:54): pid=9033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2136" name="file1" dev="loop3" ino=324 res=0 errno=0 [ 203.569279][ T9039] loop2: detected capacity change from 0 to 1024 [ 203.867633][ T9047] netlink: 'syz.4.2142': attribute type 11 has an invalid length. [ 203.966236][ T9053] netlink: 324 bytes leftover after parsing attributes in process `syz.1.2135'. [ 203.997869][ T9053] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2135'. [ 204.073910][ T9053] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2135'. [ 204.106837][ T9055] loop3: detected capacity change from 0 to 2048 [ 204.191478][ T9055] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 204.300744][ T9065] loop1: detected capacity change from 0 to 64 [ 204.813053][ T9084] device geneve3 entered promiscuous mode [ 204.827197][ T9084] IPv6: ADDRCONF(NETDEV_CHANGE): geneve3: link becomes ready [ 205.351673][ T9107] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2170'. [ 205.356217][ T9105] netlink: 10 bytes leftover after parsing attributes in process `syz.0.2171'. [ 205.442278][ T125] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 205.556317][ T9114] loop4: detected capacity change from 0 to 128 [ 205.642536][ T125] usb 2-1: Using ep0 maxpacket: 8 [ 205.654336][ T125] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 205.692218][ T125] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.718729][ T125] usb 2-1: Product: syz [ 205.740230][ T125] usb 2-1: Manufacturer: syz [ 205.758705][ T125] usb 2-1: SerialNumber: syz [ 205.765326][ T9122] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2178'. [ 205.793612][ T125] usb 2-1: config 0 descriptor?? [ 205.830040][ T125] gspca_main: se401-2.14.0 probing 047d:5003 [ 205.999256][ T9131] loop2: detected capacity change from 0 to 16 [ 206.039080][ T9131] erofs: (device loop2): mounted with root inode @ nid 36. [ 206.087214][ T27] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 206.208299][ T125] gspca_se401: write req failed req 0x57 val 0x00 error -71 [ 206.223801][ T125] se401: probe of 2-1:0.0 failed with error -71 [ 206.252486][ T125] usb 2-1: USB disconnect, device number 11 [ 206.292434][ T27] usb 4-1: Using ep0 maxpacket: 16 [ 206.319073][ T27] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 206.350503][ T27] usb 4-1: config 0 has no interface number 0 [ 206.381729][ T27] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 206.431727][ T27] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 206.458847][ T27] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 206.484382][ T27] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 206.528532][ T27] usb 4-1: Product: syz [ 206.546498][ T27] usb 4-1: SerialNumber: syz [ 206.561196][ T27] usb 4-1: config 0 descriptor?? [ 206.584107][ T27] cm109 4-1:0.8: invalid payload size 0, expected 4 [ 206.607392][ T27] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input8 [ 206.882888][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90 [ 207.098014][ T9168] xt_CONNSECMARK: invalid mode: 0 [ 207.101216][ T125] usb 4-1: USB disconnect, device number 7 [ 207.126709][ T125] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 207.728070][ T9188] loop2: detected capacity change from 0 to 16 [ 207.778634][ T9188] erofs: (device loop2): mounted with root inode @ nid 36. [ 207.796300][ T9192] loop3: detected capacity change from 0 to 256 [ 207.820611][ T9188] erofs: (device loop2): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 46 [ 207.870220][ T9192] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe40551cd, utbl_chksum : 0xe619d30d) [ 208.020480][ T9198] cgroup: none used incorrectly [ 208.285446][ T9207] loop0: detected capacity change from 0 to 1024 [ 208.418686][ T9207] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 208.623378][ T4267] EXT4-fs (loop0): unmounting filesystem. [ 209.092277][ T125] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 209.128964][ T9248] loop4: detected capacity change from 0 to 1024 [ 209.314281][ T125] usb 1-1: New USB device found, idVendor=249c, idProduct=9002, bcdDevice=de.ad [ 209.344094][ T125] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.382957][ T125] usb 1-1: config 0 descriptor?? [ 209.602613][ T125] snd-usb-hiface: probe of 1-1:0.0 failed with error -22 [ 209.627577][ T9268] netlink: 'syz.4.2250': attribute type 1 has an invalid length. [ 209.812645][ T27] usb 1-1: USB disconnect, device number 5 [ 209.972316][ T4378] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 210.182435][ T4378] usb 4-1: Using ep0 maxpacket: 8 [ 210.189943][ T4378] usb 4-1: config 0 has an invalid interface number: 150 but max is 0 [ 210.212268][ T4378] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 210.233765][ T9293] loop4: detected capacity change from 0 to 128 [ 210.252961][ T4378] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 210.292618][ T4378] usb 4-1: config 0 has 2 interfaces, different from the descriptor's value: 1 [ 210.314278][ T4378] usb 4-1: config 0 has no interface number 0 [ 210.316786][ T26] audit: type=1326 audit(1755785231.242:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9296 comm="syz.1.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167578ebe9 code=0x7ffc0000 [ 210.343969][ C0] vkms_vblank_simulate: vblank timer overrun [ 210.362781][ T4378] usb 4-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 210.436103][ T26] audit: type=1326 audit(1755785231.282:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9296 comm="syz.1.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=145 compat=0 ip=0x7f167578ebe9 code=0x7ffc0000 [ 210.442847][ T4378] usb 4-1: config 0 interface 150 has no altsetting 0 [ 210.516059][ T4378] usb 4-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75 [ 210.531044][ T9300] loop2: detected capacity change from 0 to 1764 [ 210.537349][ T26] audit: type=1326 audit(1755785231.282:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9296 comm="syz.1.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167578ebe9 code=0x7ffc0000 [ 210.547797][ T4378] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 210.559705][ C0] vkms_vblank_simulate: vblank timer overrun [ 210.634352][ T26] audit: type=1326 audit(1755785231.282:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9296 comm="syz.1.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167578ebe9 code=0x7ffc0000 [ 210.684682][ T4378] usb 4-1: config 0 descriptor?? [ 210.723926][ T9308] netlink: 4276 bytes leftover after parsing attributes in process `syz.4.2269'. [ 210.758598][ T9311] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2271'. [ 210.782995][ T9311] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2271'. [ 210.962417][ T9315] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 211.107657][ T4378] usb 4-1: USB disconnect, device number 8 [ 212.074773][ T9335] loop0: detected capacity change from 0 to 32768 [ 212.161437][ T9335] (syz.0.2282,9335,0):ocfs2_init_local_system_inodes:492 ERROR: status=-22, sysfile=7, slot=0 [ 212.177925][ T9335] (syz.0.2282,9335,0):ocfs2_init_local_system_inodes:501 ERROR: status = -22 [ 212.187162][ T9335] (syz.0.2282,9335,0):ocfs2_mount_volume:1815 ERROR: status = -22 [ 212.228391][ T9335] (syz.0.2282,9335,0):ocfs2_fill_super:1176 ERROR: status = -22 [ 212.248205][ T9364] loop1: detected capacity change from 0 to 512 [ 212.310300][ T9364] EXT4-fs: Ignoring removed nobh option [ 212.437100][ T9364] EXT4-fs error (device loop1): ext4_do_update_inode:5254: inode #3: comm syz.1.2296: corrupted inode contents [ 212.529370][ T9364] EXT4-fs error (device loop1): ext4_dirty_inode:6119: inode #3: comm syz.1.2296: mark_inode_dirty error [ 212.590929][ T9364] EXT4-fs error (device loop1): ext4_do_update_inode:5254: inode #3: comm syz.1.2296: corrupted inode contents [ 212.606132][ T9380] netlink: 4768 bytes leftover after parsing attributes in process `syz.4.2304'. [ 212.649971][ T9364] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #3: comm syz.1.2296: mark_inode_dirty error [ 212.731371][ T9364] Quota error (device loop1): write_blk: dquota write failed [ 212.761066][ T9364] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 212.794347][ T9364] EXT4-fs error (device loop1): ext4_acquire_dquot:6814: comm syz.1.2296: Failed to acquire dquot type 0 [ 212.925678][ T9364] EXT4-fs error (device loop1): ext4_do_update_inode:5254: inode #16: comm syz.1.2296: corrupted inode contents [ 212.934985][ T9390] loop4: detected capacity change from 0 to 64 [ 212.989379][ T9364] EXT4-fs error (device loop1): ext4_dirty_inode:6119: inode #16: comm syz.1.2296: mark_inode_dirty error [ 213.052488][ T9364] EXT4-fs error (device loop1): ext4_do_update_inode:5254: inode #16: comm syz.1.2296: corrupted inode contents [ 213.093738][ T9364] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.2296: mark_inode_dirty error [ 213.174075][ T9364] EXT4-fs error (device loop1): ext4_do_update_inode:5254: inode #16: comm syz.1.2296: corrupted inode contents [ 213.241489][ T9364] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 213.267943][ T9364] EXT4-fs error (device loop1): ext4_do_update_inode:5254: inode #16: comm syz.1.2296: corrupted inode contents [ 213.311093][ T9364] EXT4-fs error (device loop1): ext4_truncate:4312: inode #16: comm syz.1.2296: mark_inode_dirty error [ 213.350762][ T9364] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 213.375257][ T9364] EXT4-fs (loop1): 1 truncate cleaned up [ 213.381087][ T9364] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 213.420168][ T9364] ext4 filesystem being mounted at /455/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 213.689456][ T4263] EXT4-fs (loop1): unmounting filesystem. [ 213.935188][ T9428] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2327'. [ 213.972619][ T9428] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2327'. [ 213.990995][ T9428] device vlan0 entered promiscuous mode [ 214.162512][ T5279] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 214.354326][ T5279] usb 2-1: config 0 has an invalid interface number: 255 but max is 0 [ 214.387361][ T5279] usb 2-1: config 0 has no interface number 0 [ 214.405705][ T5279] usb 2-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30 [ 214.462347][ T5279] usb 2-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 214.522565][ T5279] usb 2-1: config 0 interface 255 has no altsetting 0 [ 214.549487][ T5279] usb 2-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 214.559874][ T5279] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.576727][ T5279] usb 2-1: config 0 descriptor?? [ 214.599301][ T5279] ums-realtek 2-1:0.255: USB Mass Storage device detected [ 214.737941][ T9460] loop2: detected capacity change from 0 to 512 [ 214.827358][ T9460] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 214.916227][ T9460] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 214.952324][ T9460] ext4 filesystem being mounted at /491/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 215.095684][ T5279] usb 2-1: USB disconnect, device number 12 [ 215.219047][ T9472] loop0: detected capacity change from 0 to 256 [ 215.347216][ T4272] EXT4-fs (loop2): unmounting filesystem. [ 215.736645][ T9486] loop1: detected capacity change from 0 to 256 [ 215.792006][ T9486] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 215.914723][ T9494] cgroup2: Unexpected value for 'nsdelegate' [ 216.024439][ T9501] xt_CT: You must specify a L4 protocol and not use inversions on it [ 216.292258][ T27] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 216.496440][ T27] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 216.522704][ T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.549668][ T27] usb 4-1: Product: syz [ 216.562243][ T27] usb 4-1: Manufacturer: syz [ 216.574867][ T27] usb 4-1: SerialNumber: syz [ 216.614405][ T27] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 216.710322][ T27] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 217.087373][ T26] audit: type=1400 audit(1755785238.012:59): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=9541 comm="syz.0.2381" [ 217.195266][ T125] usb 4-1: USB disconnect, device number 9 [ 217.322684][ T9554] netlink: 'syz.4.2388': attribute type 19 has an invalid length. [ 217.340926][ T9554] netlink: 5 bytes leftover after parsing attributes in process `syz.4.2388'. [ 217.611903][ T9566] loop4: detected capacity change from 0 to 64 [ 217.802233][ T27] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 217.809875][ T27] ath9k_htc: Failed to initialize the device [ 217.852797][ T125] usb 4-1: ath9k_htc: USB layer deinitialized [ 217.879820][ T9570] tmpfs: Bad value for 'mpol' [ 218.240915][ T9586] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2404'. [ 218.292459][ T9586] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2404'. [ 218.301595][ T9586] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2404'. [ 218.371411][ T9586] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 218.558789][ T9600] netlink: 'syz.3.2410': attribute type 9 has an invalid length. [ 219.002343][ T9622] netlink: 1033 bytes leftover after parsing attributes in process `syz.2.2422'. [ 219.074300][ T4278] Bluetooth: hci1: unexpected event for opcode 0x1003 [ 219.446207][ T9639] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2430'. [ 219.458784][ T9639] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2430'. [ 219.506574][ T9639] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2430'. [ 220.453045][ T9681] netlink: 'syz.1.2451': attribute type 5 has an invalid length. [ 220.495404][ T9683] device netdevsim0 entered promiscuous mode [ 220.928630][ T5279] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 221.042912][ T9713] loop0: detected capacity change from 0 to 8 [ 221.061791][ T9709] loop3: detected capacity change from 0 to 1024 [ 221.109241][ T9709] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 221.134021][ T5279] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 221.167320][ T5279] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 221.206404][ T5279] usb 5-1: Product: syz [ 221.210689][ T5279] usb 5-1: Manufacturer: syz [ 221.253905][ T5279] usb 5-1: SerialNumber: syz [ 221.274361][ T5279] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 221.359959][ T5279] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 221.569641][ T26] audit: type=1326 audit(1755785242.492:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9728 comm="syz.0.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85d0f8ebe9 code=0x7ffc0000 [ 221.662492][ T26] audit: type=1326 audit(1755785242.492:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9728 comm="syz.0.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7f85d0f8ebe9 code=0x7ffc0000 [ 221.759240][ T26] audit: type=1326 audit(1755785242.492:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9728 comm="syz.0.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85d0f8ebe9 code=0x7ffc0000 [ 221.828026][ T4378] usb 5-1: USB disconnect, device number 11 [ 221.850219][ T26] audit: type=1326 audit(1755785242.492:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9728 comm="syz.0.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85d0f8ebe9 code=0x7ffc0000 [ 222.015926][ T9745] IPv6: ADDRCONF(NETDEV_CHANGE): wireguard0: link becomes ready [ 222.447103][ T5279] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 222.460647][ T5279] ath9k_htc: Failed to initialize the device [ 222.493251][ T4378] usb 5-1: ath9k_htc: USB layer deinitialized [ 222.983033][ T9785] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2503'. [ 223.034384][ T9752] loop0: detected capacity change from 0 to 32768 [ 223.084944][ T4278] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 223.093915][ T4278] Bluetooth: hci1: Injecting HCI hardware error event [ 223.103981][ T9752] [ 223.103981][ T9752] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 223.103981][ T9752] [ 223.114294][ T4271] Bluetooth: hci1: hardware error 0x00 [ 223.204325][ T9752] ERROR: (device loop0): ea_get: invalid ea.flag [ 223.204325][ T9752] [ 223.225571][ T9752] ERROR: (device loop0): remounting filesystem as read-only [ 223.543617][ T9803] netlink: 'syz.1.2511': attribute type 5 has an invalid length. [ 224.031358][ T9827] loop4: detected capacity change from 0 to 64 [ 224.057840][ T9829] netlink: 'syz.2.2524': attribute type 10 has an invalid length. [ 224.134632][ T9829] bridge0: port 3(team0) entered disabled state [ 224.141355][ T9829] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.149270][ T9829] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.191413][ T9829] team0: Device bridge0 is already an upper device of the team interface [ 224.445805][ T9840] loop3: detected capacity change from 0 to 512 [ 224.494095][ T9840] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 224.525473][ T9840] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 224.558562][ T9840] EXT4-fs (loop3): 1 truncate cleaned up [ 224.558590][ T9840] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 224.572796][ T9840] EXT4-fs (loop3): unmounting filesystem. [ 224.821161][ T9852] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2534'. [ 224.859564][ T9852] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2534'. [ 224.888929][ T9852] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2534'. [ 224.908405][ T9857] tmpfs: Bad value for 'mpol' [ 225.130342][ T9864] ALSA: mixer_oss: invalid OSS volume '' [ 225.162353][ T4271] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 225.418152][ T9880] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1, syncid = 3, id = 0 [ 225.598672][ T9888] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2553'. [ 225.659869][ T9888] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (511) [ 225.686272][ T9888] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255 [ 225.712378][ T9894] netlink: 'syz.3.2555': attribute type 5 has an invalid length. [ 225.912637][ T9898] program syz.2.2557 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 225.934495][ T9900] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2558'. [ 226.042639][ T9904] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2560'. [ 226.079069][ T9904] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2560'. [ 226.098519][ T9904] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2560'. [ 226.222380][ T125] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 226.328567][ T9882] loop0: detected capacity change from 0 to 32768 [ 226.391375][ T9882] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 226.443628][ T125] usb 4-1: Using ep0 maxpacket: 32 [ 226.451669][ T125] usb 4-1: config 0 has an invalid interface number: 51 but max is 0 [ 226.464848][ T125] usb 4-1: config 0 has no interface number 0 [ 226.471167][ T125] usb 4-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 226.482341][ T9882] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 226.486568][ T125] usb 4-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 226.510273][ T125] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 226.527204][ T125] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.535982][ T125] usb 4-1: Product: syz [ 226.540174][ T125] usb 4-1: Manufacturer: syz [ 226.545065][ T125] usb 4-1: SerialNumber: syz [ 226.551567][ T125] usb 4-1: config 0 descriptor?? [ 226.576536][ T125] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 226.711851][ T4267] ocfs2: Unmounting device (7,0) on (node local) [ 226.738441][ T9927] wlan0 speed is unknown, defaulting to 1000 [ 226.772693][ T125] usb 4-1: qt2_setup_urbs - submit read urb failed -90 [ 226.779761][ T125] quatech2: probe of 4-1:0.51 failed with error -90 [ 227.047130][ T9938] loop0: detected capacity change from 0 to 1024 [ 227.082564][ T125] usb 4-1: USB disconnect, device number 10 [ 227.094700][ T9938] hfsplus: unable to parse mount options [ 227.139878][ T9941] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 227.141662][ T4271] Bluetooth: hci2: unexpected event for opcode 0x0c14 [ 227.156770][ T9941] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 227.165293][ T9941] overlayfs: missing 'lowerdir' [ 227.930561][ T26] audit: type=1326 audit(1755785248.852:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9970 comm="syz.3.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde4df8ebe9 code=0x7ffc0000 [ 228.032668][ T26] audit: type=1326 audit(1755785248.882:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9970 comm="syz.3.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7fde4df8ebe9 code=0x7ffc0000 [ 228.117358][ T26] audit: type=1326 audit(1755785248.882:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9970 comm="syz.3.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde4df8ebe9 code=0x7ffc0000 [ 228.202592][ T26] audit: type=1326 audit(1755785248.882:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9970 comm="syz.3.2591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde4df8ebe9 code=0x7ffc0000 [ 228.616242][T10000] loop1: detected capacity change from 0 to 256 [ 228.658661][T10000] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 228.739592][T10000] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d) [ 229.068412][T10013] SET target dimension over the limit! [ 229.331238][T10025] xt_CT: You must specify a L4 protocol and not use inversions on it [ 229.347848][T10027] xt_cluster: you have exceeded the maximum number of cluster nodes (4095 > 32) [ 229.481715][T10031] netlink: 'syz.1.2622': attribute type 1 has an invalid length. [ 229.692805][T10040] loop1: detected capacity change from 0 to 512 [ 229.752676][T10040] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 229.812784][T10040] FAT-fs (loop1): FAT read failed (blocknr 1568) [ 230.049643][T10054] netlink: 'syz.0.2634': attribute type 4 has an invalid length. [ 230.138071][T10054] device veth1_macvtap left promiscuous mode [ 230.340980][T10061] loop2: detected capacity change from 0 to 8192 [ 230.365791][T10067] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2641'. [ 230.381743][T10069] loop4: detected capacity change from 0 to 1024 [ 230.383905][T10067] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2641'. [ 230.410208][T10061] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 230.448089][T10061] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 230.502900][T10061] REISERFS (device loop2): using ordered data mode [ 230.509474][T10061] reiserfs: using flush barriers [ 230.582340][T10061] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 230.602306][ T27] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 230.652765][T10061] REISERFS (device loop2): checking transaction log (loop2) [ 230.682824][ T41] hfsplus: b-tree write err: -5, ino 4 [ 230.705676][T10061] REISERFS (device loop2): Using r5 hash to sort names [ 230.725234][T10061] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 230.787682][T10061] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 230.806664][ T27] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 230.842555][ T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 230.867446][ T27] usb 4-1: Product: syz [ 230.871663][ T27] usb 4-1: Manufacturer: syz [ 230.902929][ T27] usb 4-1: SerialNumber: syz [ 230.940416][ T27] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 230.981043][T10083] netlink: 'syz.0.2647': attribute type 16 has an invalid length. [ 231.044067][ T27] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 231.069306][T10083] netlink: 'syz.0.2647': attribute type 17 has an invalid length. [ 231.166469][T10083] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 231.239907][T10083] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 231.290640][T10093] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2651'. [ 231.308101][T10083] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 231.322610][T10083] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 231.350781][T10083] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 231.375806][T10083] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 231.418982][T10083] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.428009][T10083] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.482045][T10083] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.489263][T10083] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.524089][ T5277] usb 4-1: USB disconnect, device number 11 [ 231.531092][T10083] IPv6: ADDRCONF(NETDEV_CHANGE): geneve3: link becomes ready [ 231.559748][T10083] IPv6: ADDRCONF(NETDEV_CHANGE): geneve3: link becomes ready [ 231.572616][T10083] IPv6: ADDRCONF(NETDEV_CHANGE): wireguard0: link becomes ready [ 231.589424][T10083] IPv6: ADDRCONF(NETDEV_CHANGE): wireguard0: link becomes ready [ 231.607905][T10094] IPv6: NLM_F_REPLACE set, but no existing node found! [ 231.771816][T10107] raw_sendmsg: syz.2.2658 forgot to set AF_INET. Fix it! [ 231.885063][T10112] loop4: detected capacity change from 0 to 512 [ 231.954973][T10117] loop0: detected capacity change from 0 to 64 [ 231.982116][T10120] loop2: detected capacity change from 0 to 16 [ 232.006766][T10112] EXT4-fs (loop4): 1 truncate cleaned up [ 232.021654][T10112] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 232.032641][T10120] erofs: (device loop2): mounted with root inode @ nid 36. [ 232.094136][T10120] erofs: (device loop2): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet [ 232.362493][ T27] usb 4-1: Service connection timeout for: 256 [ 232.368731][ T27] ath9k_htc 4-1:1.0: ath9k_htc: Unable to initialize HTC services [ 232.407512][ T4270] EXT4-fs (loop4): unmounting filesystem. [ 232.414436][ T27] ath9k_htc: Failed to initialize the device [ 232.433478][ T5277] usb 4-1: ath9k_htc: USB layer deinitialized [ 232.513465][T10132] netlink: 'syz.2.2669': attribute type 13 has an invalid length. [ 232.669976][T10140] loop3: detected capacity change from 0 to 256 [ 232.743614][T10140] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 232.833288][T10140] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d) [ 232.954221][T10154] loop2: detected capacity change from 0 to 8 [ 232.960133][T10153] netlink: 'syz.4.2680': attribute type 7 has an invalid length. [ 232.989043][T10153] netlink: 140 bytes leftover after parsing attributes in process `syz.4.2680'. [ 233.248928][T10165] netlink: 'syz.0.2685': attribute type 1 has an invalid length. [ 233.531763][T10176] device batadv0 entered promiscuous mode [ 233.630221][T10181] loop0: detected capacity change from 0 to 512 [ 233.656877][T10181] EXT4-fs: Ignoring removed nobh option [ 233.699058][T10181] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 233.753969][T10181] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802e02c, mo2=0002] [ 233.774537][T10181] EXT4-fs (loop0): orphan cleanup on readonly fs [ 233.800409][T10181] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #11: comm syz.0.2692: attempt to clear invalid blocks 1024 len 1 [ 233.865369][T10181] EXT4-fs (loop0): Remounting filesystem read-only [ 233.878694][T10181] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.2692: bg 0: block 361: padding at end of block bitmap is not set [ 233.915855][T10181] EXT4-fs (loop0): Remounting filesystem read-only [ 233.934353][T10181] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 233.952897][T10181] EXT4-fs (loop0): Remounting filesystem read-only [ 233.961821][T10181] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.2692: invalid indirect mapped block 1811939328 (level 0) [ 234.017689][T10181] EXT4-fs (loop0): Remounting filesystem read-only [ 234.027475][T10181] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.2692: invalid indirect mapped block 2185560079 (level 1) [ 234.028428][T10191] netlink: 'syz.4.2694': attribute type 39 has an invalid length. [ 234.078802][T10181] EXT4-fs (loop0): Remounting filesystem read-only [ 234.129794][T10181] EXT4-fs (loop0): 1 truncate cleaned up [ 234.153164][T10181] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 234.363726][ T4267] EXT4-fs (loop0): unmounting filesystem. [ 234.579799][T10185] loop3: detected capacity change from 0 to 32768 [ 234.642800][T10185] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 234.733598][T10193] loop2: detected capacity change from 0 to 32768 [ 234.764270][T10185] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 234.836887][T10193] XFS (loop2): Mounting V5 Filesystem [ 234.990050][T10193] XFS (loop2): Ending clean mount [ 235.015675][ T4264] ocfs2: Unmounting device (7,3) on (node local) [ 235.053300][T10193] XFS (loop2): Quotacheck needed: Please wait. [ 235.152381][T10228] overlayfs: missing 'lowerdir' [ 235.210869][T10229] loop3: detected capacity change from 0 to 512 [ 235.243610][T10193] XFS (loop2): Quotacheck: Done. [ 235.292323][T10229] EXT4-fs (loop3): 1 truncate cleaned up [ 235.298073][T10229] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 235.469895][ T4272] XFS (loop2): Unmounting Filesystem [ 235.641628][ T4264] EXT4-fs (loop3): unmounting filesystem. [ 236.456915][T10268] loop4: detected capacity change from 0 to 256 [ 236.478408][T10268] exfat: Deprecated parameter 'namecase' [ 236.540129][T10268] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 236.564457][T10236] loop0: detected capacity change from 0 to 32768 [ 236.673713][T10274] Timeout policy `syz1' can only be used by L3 protocol number 0 [ 236.717276][T10277] loop3: detected capacity change from 0 to 64 [ 237.125204][T10284] loop2: detected capacity change from 0 to 2048 [ 237.129168][T10289] netlink: 'syz.4.2737': attribute type 4 has an invalid length. [ 237.172929][T10289] netlink: 140 bytes leftover after parsing attributes in process `syz.4.2737'. [ 237.204614][T10284] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 237.225713][T10284] ext4 filesystem being mounted at /565/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 237.328014][T10284] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.2735: bg 0: block 345: padding at end of block bitmap is not set [ 237.345609][ T5277] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 237.353819][T10295] loop4: detected capacity change from 0 to 512 [ 237.359645][T10284] EXT4-fs (loop2): Remounting filesystem read-only [ 237.420040][ T4272] EXT4-fs (loop2): unmounting filesystem. [ 237.449564][T10295] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 237.491141][T10295] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 237.500020][T10295] System zones: 0-1, 15-15, 18-18, 34-34 [ 237.513407][T10295] EXT4-fs (loop4): orphan cleanup on readonly fs [ 237.519914][T10295] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0 [ 237.529546][T10295] EXT4-fs warning (device loop4): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 237.544474][ T5277] usb 2-1: Using ep0 maxpacket: 32 [ 237.550067][T10295] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 237.558772][ T5277] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 0, changing to 7 [ 237.570117][T10295] EXT4-fs error (device loop4): ext4_orphan_get:1426: comm syz.4.2739: bad orphan inode 16 [ 237.580646][ T5277] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 237.598441][T10295] ext4_test_bit(bit=15, block=18) = 1 [ 237.604306][T10295] is_bad_inode(inode)=0 [ 237.609143][T10295] NEXT_ORPHAN(inode)=0 [ 237.613815][T10295] max_ino=32 [ 237.617380][T10295] i_nlink=2 [ 237.620834][T10295] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 237.621089][ T5277] usb 2-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11 [ 237.640629][ T5277] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 237.649201][ T5277] usb 2-1: Product: syz [ 237.662310][ T5277] usb 2-1: Manufacturer: syz [ 237.672514][ T5277] usb 2-1: SerialNumber: syz [ 237.692931][ T5277] usb 2-1: config 0 descriptor?? [ 237.719971][ T5277] usb 2-1: no audio or video endpoints found [ 237.757567][T10295] fscrypt (loop4, inode 16): Error -61 getting encryption context [ 237.871336][ T4270] EXT4-fs (loop4): unmounting filesystem. [ 237.883746][T10306] xt_l2tp: invalid flags combination: 8 [ 237.971191][ T27] usb 2-1: USB disconnect, device number 13 [ 237.994941][T10309] delete_channel: no stack [ 238.460676][T10327] loop0: detected capacity change from 0 to 256 [ 238.568504][T10327] FAT-fs (loop0): Directory bread(block 64) failed [ 238.582415][T10327] FAT-fs (loop0): Directory bread(block 65) failed [ 238.602530][T10327] FAT-fs (loop0): Directory bread(block 66) failed [ 238.609220][T10327] FAT-fs (loop0): Directory bread(block 67) failed [ 238.661954][T10327] FAT-fs (loop0): Directory bread(block 68) failed [ 238.676573][T10331] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2755'. [ 238.679400][T10327] FAT-fs (loop0): Directory bread(block 69) failed [ 238.723946][T10327] FAT-fs (loop0): Directory bread(block 70) failed [ 238.736546][T10331] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2755'. [ 238.740422][T10327] FAT-fs (loop0): Directory bread(block 71) failed [ 238.782825][T10327] FAT-fs (loop0): Directory bread(block 72) failed [ 238.814119][T10327] FAT-fs (loop0): Directory bread(block 73) failed [ 239.035252][T10323] loop2: detected capacity change from 0 to 32768 [ 239.097744][T10323] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.2751 (10323) [ 239.174218][T10323] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 239.235853][T10323] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 239.292454][T10323] BTRFS info (device loop2): using free space tree [ 239.481206][T10354] loop1: detected capacity change from 0 to 1024 [ 239.584444][T10323] BTRFS info (device loop2): enabling ssd optimizations [ 239.622916][T10354] hfsplus: Filesystem is marked locked, mounting read-only. [ 239.680550][T10354] hfsplus: filesystem is marked locked, leaving read-only. [ 239.793041][ T4272] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 240.113707][ T4379] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 9 /dev/loop2 scanned by udevd (4379) [ 240.166432][T10376] loop1: detected capacity change from 0 to 4096 [ 240.238937][T10376] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 240.288361][T10387] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 240.369818][T10389] loop3: detected capacity change from 0 to 16 [ 240.407026][T10389] erofs: (device loop3): mounted with root inode @ nid 36. [ 240.485268][T10376] ntfs3: loop1: mft corrupted [ 240.522328][T10376] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 240.542954][T10376] ntfs3: loop1: Failed to load $MFT. [ 240.721074][T10396] loop4: detected capacity change from 0 to 512 [ 241.075674][T10406] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2782'. [ 241.126489][T10406] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2782'. [ 241.800862][T10394] loop0: detected capacity change from 0 to 32768 [ 241.844978][T10433] loop2: detected capacity change from 0 to 2048 [ 241.885925][T10394] ERROR: (device loop0): dtSearch: stack overrun! [ 241.885925][T10394] [ 241.950110][T10394] ERROR: (device loop0): remounting filesystem as read-only [ 241.966747][T10436] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 241.997706][T10394] btstack dump: [ 242.025969][T10394] bn = 0, index = 4 [ 242.029858][T10394] bn = 0, index = 4 [ 242.053445][T10433] NILFS (loop2): failed to count free inodes: err=-34 [ 242.071045][T10394] bn = 0, index = 4 [ 242.088193][T10394] bn = 0, index = 4 [ 242.093277][T10394] bn = 0, index = 4 [ 242.142633][T10394] bn = 0, index = 4 [ 242.146505][T10394] bn = 0, index = 4 [ 242.150331][T10394] bn = 0, index = 0 [ 242.182730][T10394] jfs_lookup: dtSearch returned -5 [ 242.504031][ T4272] NILFS (loop2): DAT doesn't have a block to manage vblocknr = 8796093022222 [ 242.552294][ T4272] NILFS error (device loop2): nilfs_bmap_truncate: broken bmap (inode number=16) [ 242.606629][ T4272] Remounting filesystem read-only [ 242.611814][ T4272] NILFS (loop2): error -5 truncating bmap (ino=16) [ 242.656122][ T4272] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 243.041702][ T26] audit: type=1326 audit(1755785263.962:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10469 comm="syz.2.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68ba58ebe9 code=0x7ffc0000 [ 243.064489][ C0] vkms_vblank_simulate: vblank timer overrun [ 243.131448][ T26] audit: type=1326 audit(1755785263.962:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10469 comm="syz.2.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7f68ba58ebe9 code=0x7ffc0000 [ 243.172813][T10474] ufs: Invalid option: "Ûàßä0…(áeêªLüêd9(@ ûŸÀ8ìL´)uH\dKzLVÚÁR<%ï5rÆŒËze ~I2~ [ 243.172813][T10474] r0Rpyëhå:ã‰ÝèÖY³‡ [ 243.172813][T10474] òO©÷‰\›z«Y" or missing value [ 243.238846][ T26] audit: type=1326 audit(1755785263.962:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10469 comm="syz.2.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68ba58ebe9 code=0x7ffc0000 [ 243.272349][T10474] ufs: wrong mount options [ 243.291821][ T26] audit: type=1326 audit(1755785263.962:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10469 comm="syz.2.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68ba58ebe9 code=0x7ffc0000 [ 243.703508][T10499] netlink: 'syz.2.2823': attribute type 1 has an invalid length. [ 244.523487][T10533] loop4: detected capacity change from 0 to 4096 [ 244.584765][T10536] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 245.240111][T10563] loop4: detected capacity change from 0 to 1024 [ 245.265010][T10564] loop3: detected capacity change from 0 to 256 [ 245.331858][T10564] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 245.346399][T10563] EXT4-fs (loop4): Test dummy encryption mode enabled [ 245.403956][T10564] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 245.429480][T10563] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 245.488159][ T4270] EXT4-fs (loop4): unmounting filesystem. [ 245.642504][T10390] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 245.865660][ T5277] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 245.875794][T10390] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 245.895536][T10390] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 245.922532][T10390] usb 2-1: Product: syz [ 245.932561][T10390] usb 2-1: Manufacturer: syz [ 245.950335][T10390] usb 2-1: SerialNumber: syz [ 245.984968][T10390] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 246.010016][T10588] 9pnet_fd: p9_fd_create_tcp (10588): problem connecting socket to 127.0.0.1 [ 246.037236][T10390] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 246.047749][T10590] netlink: 1392 bytes leftover after parsing attributes in process `syz.4.2867'. [ 246.058701][ T5277] usb 1-1: Using ep0 maxpacket: 32 [ 246.066935][ T5277] usb 1-1: config 0 has an invalid interface number: 114 but max is 0 [ 246.108520][ T5277] usb 1-1: config 0 has an invalid descriptor of length 78, skipping remainder of the config [ 246.149208][ T5277] usb 1-1: config 0 has no interface number 0 [ 246.165775][ T5277] usb 1-1: config 0 interface 114 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 246.175050][T10592] loop3: detected capacity change from 0 to 64 [ 246.189853][ T5277] usb 1-1: New USB device found, idVendor=19d2, idProduct=ff03, bcdDevice=43.ff [ 246.200785][ T5277] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 246.209291][ T5277] usb 1-1: Product: syz [ 246.231981][ T5277] usb 1-1: Manufacturer: syz [ 246.238052][ T5277] usb 1-1: SerialNumber: syz [ 246.248886][ C1] usb 2-1: ath: unknown panic pattern! [ 246.252546][ T5277] usb 1-1: config 0 descriptor?? [ 246.302868][ T5277] cdc_ether 1-1:0.114: invalid descriptor buffer length [ 246.328703][ T5277] usb 1-1: bad CDC descriptors [ 246.494511][ T5551] usb 2-1: USB disconnect, device number 14 [ 246.538513][ T4322] usb 1-1: USB disconnect, device number 6 [ 246.649721][T10605] loop2: detected capacity change from 0 to 8 [ 247.082624][T10390] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 247.089777][T10390] ath9k_htc: Failed to initialize the device [ 247.142800][ T5551] usb 2-1: ath9k_htc: USB layer deinitialized [ 247.211451][T10623] loop1: detected capacity change from 0 to 512 [ 247.323083][T10628] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2886'. [ 247.373897][T10623] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 247.412521][T10623] ext4 filesystem being mounted at /576/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 247.454902][T10635] loop2: detected capacity change from 0 to 128 [ 247.463478][T10635] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 247.528940][T10632] loop3: detected capacity change from 0 to 4096 [ 247.551950][T10632] ntfs: (device loop3): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 247.584668][T10635] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 247.609459][T10632] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing. [ 247.682231][T10632] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 247.744138][T10632] ntfs: (device loop3): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 247.834377][ T4263] EXT4-fs (loop1): unmounting filesystem. [ 247.866797][T10632] ntfs: volume version 3.1. [ 247.959510][T10632] ntfs: (device loop3): ntfs_attr_find(): Inode is corrupt. Run chkdsk. [ 247.997378][T10632] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x40 as bad. Run chkdsk. [ 248.618624][T10666] loop3: detected capacity change from 0 to 128 [ 248.664861][T10666] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 248.705207][T10666] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 248.757599][T10671] loop2: detected capacity change from 0 to 256 [ 248.793696][T10671] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 248.836358][T10671] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 248.904559][T10671] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 249.002695][T10676] loop1: detected capacity change from 0 to 1024 [ 249.022805][T10678] ceph: Path missing in source [ 249.062520][T10676] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 249.071634][T10676] EXT4-fs (loop1): orphan cleanup on readonly fs [ 249.111555][T10676] Quota error (device loop1): do_check_range: Getting dqdh_entries 512 out of range 0-14 [ 249.202888][T10676] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 249.278025][T10676] EXT4-fs error (device loop1): ext4_acquire_dquot:6814: comm syz.1.2909: Failed to acquire dquot type 0 [ 249.359682][T10676] Quota error (device loop1): do_check_range: Getting dqdh_entries 512 out of range 0-14 [ 249.414656][T10676] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 249.462361][T10694] netlink: 'syz.0.2917': attribute type 1 has an invalid length. [ 249.472974][T10676] EXT4-fs error (device loop1): ext4_acquire_dquot:6814: comm syz.1.2909: Failed to acquire dquot type 0 [ 249.540245][T10676] EXT4-fs error (device loop1): ext4_free_blocks:6210: comm syz.1.2909: Freeing blocks not in datazone - block = 0, count = 4096 [ 249.603612][T10676] Quota error (device loop1): do_check_range: Getting dqdh_entries 512 out of range 0-14 [ 249.661760][T10676] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 249.679423][T10699] ipt_CLUSTERIP: bad local_nodes[0] 0 [ 249.690110][T10703] loop3: detected capacity change from 0 to 8 [ 249.702448][T10676] EXT4-fs error (device loop1): ext4_acquire_dquot:6814: comm syz.1.2909: Failed to acquire dquot type 0 [ 249.730215][T10705] netlink: 12296 bytes leftover after parsing attributes in process `syz.2.2923'. [ 249.753283][T10676] EXT4-fs (loop1): 1 orphan inode deleted [ 249.764151][T10703] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 249.767206][T10705] netlink: 164 bytes leftover after parsing attributes in process `syz.2.2923'. [ 249.779512][ T4379] udevd[4379]: incorrect cramfs checksum on /dev/loop3 [ 249.826615][T10676] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 249.841906][T10703] cramfs: Error -3 while decompressing! [ 249.891763][T10703] cramfs: ffffffff96d721a8(26)->ffff8880b4df0000(4096) [ 249.918701][T10676] EXT4-fs error (device loop1): ext4_search_dir:1549: inode #2: block 16: comm syz.1.2909: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 249.922953][T10703] cramfs: bad data blocksize 3489655184 [ 249.977304][T10703] cramfs: Error -3 while decompressing! [ 250.011208][T10703] cramfs: ffffffff96d721a8(26)->ffff8880b4df0000(4096) [ 250.045364][ T26] audit: type=1800 audit(1755785270.972:72): pid=10703 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2921" name="file2" dev="loop3" ino=348 res=0 errno=0 [ 250.119810][ T4263] EXT4-fs (loop1): unmounting filesystem. [ 250.346543][T10723] usb usb1: usbfs: process 10723 (syz.2.2933) did not claim interface 63 before use [ 250.611779][T10733] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2937'. [ 250.645707][T10733] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2937'. [ 250.674688][T10733] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 250.751342][T10740] trusted_key: encrypted_key: master key parameter '' is invalid [ 250.756175][T10733] 8021q: adding VLAN 0 to HW filter on device bond1 [ 250.800085][T10735] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2938'. [ 250.837273][T10735] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2938'. [ 250.906525][T10744] loop1: detected capacity change from 0 to 512 [ 251.039802][T10744] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.2942: bg 0: block 248: padding at end of block bitmap is not set [ 251.056937][T10755] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2946'. [ 251.179750][T10744] Quota error (device loop1): write_blk: dquota write failed [ 251.212640][T10744] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 251.259416][T10744] EXT4-fs error (device loop1): ext4_acquire_dquot:6814: comm syz.1.2942: Failed to acquire dquot type 1 [ 251.348690][T10744] EXT4-fs (loop1): 1 truncate cleaned up [ 251.358497][T10744] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 251.422458][T10744] ext4 filesystem being mounted at /583/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 251.618451][ T4263] EXT4-fs (loop1): unmounting filesystem. [ 251.632527][ T4348] Quota error (device loop1): do_check_range: Getting block 0 out of range 1-5 [ 251.663725][ T4348] EXT4-fs error (device loop1): ext4_release_dquot:6850: comm kworker/u4:6: Failed to release dquot type 1 [ 252.541744][T10805] netlink: 192 bytes leftover after parsing attributes in process `syz.2.2971'. [ 252.547423][T10801] loop0: detected capacity change from 0 to 4096 [ 252.579631][T10801] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 252.687417][T10801] ntfs3: loop0: ntfs_evict_inode r=3 failed, -22. [ 252.737004][T10801] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 252.766858][T10801] ntfs3: loop0: ntfs_set_state r=3 failed, -22. [ 253.202775][T10803] loop4: detected capacity change from 0 to 32768 [ 253.309050][T10831] Cannot find del_set index 2 as target [ 253.318842][T10803] XFS (loop4): Mounting V5 Filesystem [ 253.409134][T10803] XFS (loop4): Ending clean mount [ 253.514946][ T4270] XFS (loop4): Unmounting Filesystem [ 253.804044][T10852] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 253.814566][ T46] bond0: (slave bond_slave_0): interface is now down [ 253.821864][ T46] bond0: (slave bond_slave_1): interface is now down [ 253.869581][ T46] bond0: (slave macvlan0): interface is now down [ 253.902000][ T46] bond0: now running without any active interface! [ 254.095593][T10860] netlink: 'syz.3.2995': attribute type 7 has an invalid length. [ 254.147382][T10860] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2995'. [ 254.177510][T10860] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2995'. [ 254.255136][T10866] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2997'. [ 254.562615][T10878] loop2: detected capacity change from 0 to 2048 [ 254.600379][T10878] NILFS (loop2): unrecognized mount option "cp=0x" [ 254.989182][T10892] loop2: detected capacity change from 0 to 4096 [ 255.062585][T10892] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 255.173094][T10900] netlink: 'syz.1.3014': attribute type 1 has an invalid length. [ 255.180978][T10900] netlink: 'syz.1.3014': attribute type 2 has an invalid length. [ 255.232304][T10892] ntfs3: loop2: failed to convert "c46c" to iso8859-3 [ 255.237969][T10900] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3014'. [ 255.263662][T10904] syz.0.3016 uses obsolete (PF_INET,SOCK_PACKET) [ 255.730121][T10926] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3027'. [ 256.052684][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.059185][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.400944][T10950] xt_nfacct: accounting object `syz0' does not exist [ 256.751648][T10934] loop4: detected capacity change from 0 to 32768 [ 257.422684][T10990] loop0: detected capacity change from 0 to 64 [ 257.610731][T10996] mmap: syz.1.3062 (10996) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 257.782385][ T5280] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 257.984830][ T5280] usb 4-1: config 220 has too many interfaces: 184, using maximum allowed: 32 [ 258.012353][ T5280] usb 4-1: config 220 has 1 interface, different from the descriptor's value: 184 [ 258.052355][ T5280] usb 4-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85 [ 258.092229][ T5280] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 258.126003][ T5280] gspca_main: sn9c2028-2.14.0 probing 0c45:8008 [ 258.205161][T11014] loop0: detected capacity change from 0 to 1024 [ 258.238129][T10986] loop2: detected capacity change from 0 to 32768 [ 258.347917][T11014] __quota_error: 1 callbacks suppressed [ 258.347941][T11014] Quota error (device loop0): do_check_range: Getting block 64 out of range 1-5 [ 258.369065][T11014] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 258.379528][T11014] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.3071: Failed to acquire dquot type 0 [ 258.400836][T11014] EXT4-fs error (device loop0): mb_free_blocks:1815: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 258.432265][ T5279] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 258.462968][T10986] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 258.466860][T11014] EXT4-fs error (device loop0): ext4_do_update_inode:5254: inode #13: comm syz.0.3071: corrupted inode contents [ 258.492102][T11014] EXT4-fs error (device loop0): ext4_dirty_inode:6119: inode #13: comm syz.0.3071: mark_inode_dirty error [ 258.502071][T10986] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 258.504911][T11021] netlink: 'syz.1.3073': attribute type 1 has an invalid length. [ 258.527519][T11021] netlink: 244 bytes leftover after parsing attributes in process `syz.1.3073'. [ 258.549247][T11014] EXT4-fs error (device loop0): ext4_do_update_inode:5254: inode #13: comm syz.0.3071: corrupted inode contents [ 258.565657][ T5280] gspca_sn9c2028: read1 error -71 [ 258.579785][ T5280] gspca_sn9c2028: read1 error -71 [ 258.585484][ T5280] sn9c2028: probe of 4-1:220.0 failed with error -71 [ 258.603824][T11014] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #13: comm syz.0.3071: mark_inode_dirty error [ 258.622963][ T5280] usb 4-1: USB disconnect, device number 12 [ 258.630338][T11014] EXT4-fs error (device loop0): ext4_do_update_inode:5254: inode #13: comm syz.0.3071: corrupted inode contents [ 258.657863][ T5279] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 258.688731][ T5279] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 258.701126][T11014] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 258.719670][T11014] EXT4-fs error (device loop0): ext4_do_update_inode:5254: inode #13: comm syz.0.3071: corrupted inode contents [ 258.730471][T11024] loop1: detected capacity change from 0 to 64 [ 258.742064][ T5279] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 258.756312][ T4272] ocfs2: Unmounting device (7,2) on (node local) [ 258.760356][T11014] EXT4-fs error (device loop0): ext4_truncate:4312: inode #13: comm syz.0.3071: mark_inode_dirty error [ 258.791029][T11014] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 258.797818][ T5279] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 258.824598][ T5279] usb 5-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 258.840523][ T5279] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 258.860147][T11014] EXT4-fs (loop0): 1 truncate cleaned up [ 258.869628][T11014] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 258.888105][ T5279] usb 5-1: config 0 descriptor?? [ 259.009834][T11014] Quota error (device loop0): do_check_range: Getting block 64 out of range 1-5 [ 259.052072][T11014] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 259.072111][T11014] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.3071: Failed to acquire dquot type 0 [ 259.105058][ T5279] hdpvr 5-1:0.0: firmware version 0x0 dated [ 259.111790][ T5279] hdpvr 5-1:0.0: untested firmware, the driver might not work. [ 259.159519][ T4267] EXT4-fs (loop0): unmounting filesystem. [ 259.321495][ T5279] hdpvr 5-1:0.0: device init failed [ 259.330682][ T5279] hdpvr: probe of 5-1:0.0 failed with error -12 [ 259.387975][ T5279] usb 5-1: USB disconnect, device number 12 [ 259.613890][T11044] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3084'. [ 260.175693][T11070] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3097'. [ 260.431203][T11070] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3097'. [ 260.877352][ T26] audit: type=1326 audit(1755785281.802:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11096 comm="syz.4.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00b4b8ebe9 code=0x7ffc0000 [ 260.906073][T11099] program syz.2.3112 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 260.952498][ T26] audit: type=1326 audit(1755785281.802:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11096 comm="syz.4.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7f00b4b8ebe9 code=0x7ffc0000 [ 261.042348][ T26] audit: type=1326 audit(2000000000.000:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11096 comm="syz.4.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00b4b8ebe9 code=0x7ffc0000 [ 261.152338][ T26] audit: type=1400 audit(2000000000.050:77): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-22 profile="unconfined" name="&" pid=11100 comm="syz.0.3111" [ 261.296960][ T26] audit: type=1326 audit(2000000000.410:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11113 comm="syz.3.3119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde4df8ebe9 code=0x7ffc0000 [ 261.361862][T11117] loop1: detected capacity change from 0 to 64 [ 261.387954][ T26] audit: type=1326 audit(2000000000.440:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11113 comm="syz.3.3119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7fde4df8ebe9 code=0x7ffc0000 [ 261.426648][T11117] MINIX-fs: mounting file system with errors, running fsck is recommended [ 261.494102][T11117] Trying to free block not in datazone [ 261.519757][T11117] Trying to free block not in datazone [ 261.546174][T11117] Trying to free block not in datazone [ 261.562645][T11117] Trying to free block not in datazone [ 261.582605][T11117] Trying to free block not in datazone [ 261.590211][T11126] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3124'. [ 261.606904][T11117] Trying to free block not in datazone [ 261.622370][T11117] Trying to free block not in datazone [ 261.656392][T11117] Trying to free block not in datazone [ 262.041981][T11141] xt_hashlimit: max too large, truncated to 1048576 [ 262.481450][T11157] loop1: detected capacity change from 0 to 1024 [ 262.501535][T11157] EXT4-fs: Ignoring removed orlov option [ 262.525369][T11157] EXT4-fs: Ignoring removed nomblk_io_submit option [ 262.633933][T11157] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 262.863727][ T4263] EXT4-fs (loop1): unmounting filesystem. [ 262.924387][T11173] loop2: detected capacity change from 0 to 256 [ 263.063080][T11173] FAT-fs (loop2): Directory bread(block 64) failed [ 263.069775][T11173] FAT-fs (loop2): Directory bread(block 65) failed [ 263.096318][T11173] FAT-fs (loop2): Directory bread(block 66) failed [ 263.121693][T11173] FAT-fs (loop2): Directory bread(block 67) failed [ 263.137671][T11173] FAT-fs (loop2): Directory bread(block 68) failed [ 263.160171][T11173] FAT-fs (loop2): Directory bread(block 69) failed [ 263.189978][T11173] FAT-fs (loop2): Directory bread(block 70) failed [ 263.199160][T11173] FAT-fs (loop2): Directory bread(block 71) failed [ 263.213708][T11173] FAT-fs (loop2): Directory bread(block 72) failed [ 263.220381][T11173] FAT-fs (loop2): Directory bread(block 73) failed [ 263.308927][T11173] syz.2.3146: attempt to access beyond end of device [ 263.308927][T11173] loop2: rw=524288, sector=1160, nr_sectors = 4 limit=256 [ 263.309791][T11185] loop4: detected capacity change from 0 to 64 [ 263.362939][ T52] block nbd0: Attempted send on invalid socket [ 263.369462][ T52] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 263.377004][T11173] syz.2.3146: attempt to access beyond end of device [ 263.377004][T11173] loop2: rw=0, sector=1160, nr_sectors = 4 limit=256 [ 263.452759][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 263.452773][ T26] audit: type=1800 audit(2000000002.570:82): pid=11173 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3146" name="file0" dev="loop2" ino=1048614 res=0 errno=0 [ 263.812357][T11201] comedi comedi4: bad chanlist[0]=0x00240000 chan=0 range length=2 [ 264.606821][T11234] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3175'. [ 264.819463][T11240] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3180'. [ 265.025909][T11215] loop2: detected capacity change from 0 to 32768 [ 265.341154][T11261] ubi31: attaching mtd0 [ 265.369845][T11261] ubi31: scanning is finished [ 265.390105][T11261] ubi31: empty MTD device detected [ 265.466891][T11263] loop0: detected capacity change from 0 to 256 [ 265.550670][T11263] exfat: Deprecated parameter 'namecase' [ 265.618437][T11261] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 265.642551][T11261] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 265.666573][T11263] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d) [ 265.696709][T11261] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 265.749312][T11261] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 265.820906][T11272] loop4: detected capacity change from 0 to 256 [ 265.827550][T11261] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 265.860068][T11261] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 265.913363][T11261] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1546234823 [ 265.989702][T11261] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 266.072856][T11268] ubi31: background thread "ubi_bgt31d" started, PID 11268 [ 266.176869][T11272] loop4: detected capacity change from 0 to 4096 [ 266.234890][T11272] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 266.363000][T11272] ntfs: (device loop4): parse_options(): Option iocharset is deprecated. Please use option nls= in the future. [ 266.363569][ T4322] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 266.452288][T11272] ntfs: (device loop4): parse_options(): Unrecognized mount option uni_xlate. [ 266.502031][T11272] ntfs: (device loop4): parse_options(): Unrecognized mount option uni_xlate. [ 266.558900][T11272] ntfs: (device loop4): parse_options(): Unrecognized mount option shortname. [ 266.598522][T11272] ntfs: (device loop4): parse_options(): Unrecognized mount option shortname. [ 266.621919][ T4322] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 266.644619][T11272] ntfs: (device loop4): parse_options(): Unrecognized mount option uni_xlate. [ 266.652513][ T4322] usb 1-1: config 0 interface 0 has no altsetting 0 [ 266.684190][ T4322] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 266.697854][T11272] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 266.713422][ T4322] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 266.735309][T11291] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6 [ 266.769422][ T4322] usb 1-1: Product: syz [ 266.775363][T11272] ntfs: (device loop4): parse_options(): Unrecognized mount option tz. [ 266.788791][ T4322] usb 1-1: Manufacturer: syz [ 266.805991][ T4322] usb 1-1: SerialNumber: syz [ 266.831245][ T4322] usb 1-1: config 0 descriptor?? [ 266.865805][ T4322] usb 1-1: selecting invalid altsetting 0 [ 267.241640][T11301] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3207'. [ 267.282970][ T4322] usb 1-1: USB disconnect, device number 7 [ 267.356858][T11305] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3210'. [ 267.772460][ T5551] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 267.791850][T11316] delete_channel: no stack [ 267.888891][T11319] netlink: 'syz.0.3218': attribute type 10 has an invalid length. [ 267.929643][T11319] netlink: 156 bytes leftover after parsing attributes in process `syz.0.3218'. [ 267.972832][T11323] loop2: detected capacity change from 0 to 16 [ 268.017066][ T5551] usb 2-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33 [ 268.018934][T11323] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 268.036534][ T5551] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.078884][ T5551] usb 2-1: config 0 descriptor?? [ 268.105639][ T5551] gspca_main: sunplus-2.14.0 probing 055f:c420 [ 268.344549][T11332] Mount JFS Failure: -22 [ 268.348890][T11332] jfs_mount failed w/return code = -22 [ 268.511151][ T5551] gspca_sunplus: reg_w_riv err -71 [ 268.519753][ T26] kauditd_printk_skb: 13 callbacks suppressed [ 268.519773][ T26] audit: type=1326 audit(2000000013.626:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11338 comm="syz.2.3227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68ba58ebe9 code=0x7ffc0000 [ 268.525197][ T5551] sunplus: probe of 2-1:0.0 failed with error -71 [ 268.529709][ T26] audit: type=1326 audit(2000000013.636:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11338 comm="syz.2.3227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f68ba58ebe9 code=0x7ffc0000 [ 268.548307][ C1] vkms_vblank_simulate: vblank timer overrun [ 268.586956][ T5551] usb 2-1: USB disconnect, device number 15 [ 268.605772][ T26] audit: type=1326 audit(2000000013.696:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11338 comm="syz.2.3227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68ba58ebe9 code=0x7ffc0000 [ 268.628809][ C1] vkms_vblank_simulate: vblank timer overrun [ 268.666494][ T5279] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 268.667019][ T26] audit: type=1326 audit(2000000013.696:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11338 comm="syz.2.3227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68ba58ebe9 code=0x7ffc0000 [ 268.696792][ C1] vkms_vblank_simulate: vblank timer overrun [ 268.714029][ T26] audit: type=1326 audit(2000000013.726:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11338 comm="syz.2.3227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f68ba58ebe9 code=0x7ffc0000 [ 268.752574][ T5280] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 268.778158][ T26] audit: type=1326 audit(2000000013.726:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11338 comm="syz.2.3227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f68ba58ebe9 code=0x7ffc0000 [ 268.802589][ C1] vkms_vblank_simulate: vblank timer overrun [ 268.886923][ T5279] usb 1-1: Using ep0 maxpacket: 16 [ 268.894806][ T5279] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 268.919816][ T5279] usb 1-1: config 0 has no interface number 0 [ 268.939735][ T5279] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 268.952378][ T5280] usb 4-1: Using ep0 maxpacket: 32 [ 268.963841][ T5280] usb 4-1: config index 0 descriptor too short (expected 156, got 27) [ 268.973143][ T5280] usb 4-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 268.988534][ T5279] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 269.002242][ T5280] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 269.013895][ T5279] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 269.022018][ T5279] usb 1-1: Product: syz [ 269.026334][ T5280] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0 [ 269.036625][ T5279] usb 1-1: SerialNumber: syz [ 269.051610][ T5279] usb 1-1: config 0 descriptor?? [ 269.056868][ T5280] usb 4-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 269.070709][ T5280] usb 4-1: config 0 interface 0 has no altsetting 0 [ 269.086228][ T5279] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input9 [ 269.105406][ T5280] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 269.139309][ T5280] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 269.173877][ T5280] usb 4-1: Product: syz [ 269.178150][ T5280] usb 4-1: Manufacturer: syz [ 269.202517][ T5280] usb 4-1: SerialNumber: syz [ 269.224526][ T5280] usb 4-1: config 0 descriptor?? [ 269.234370][ T5280] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 269.302538][ T5280] ldusb 4-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 269.308967][ T4322] usb 1-1: USB disconnect, device number 8 [ 269.311517][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 269.324078][ C0] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 269.454657][ T4322] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 269.513326][T11337] ldusb 4-1:0.0: Couldn't submit interrupt_in_urb -90 [ 269.532952][ T5551] usb 4-1: USB disconnect, device number 13 [ 269.561441][ T5551] ldusb 4-1:0.0: LD USB Device #0 now disconnected [ 269.780861][T11366] loop1: detected capacity change from 0 to 4096 [ 269.840096][T11366] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 269.865320][T11368] loop4: detected capacity change from 0 to 4096 [ 269.943056][T11366] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 270.106195][T11355] loop2: detected capacity change from 0 to 32768 [ 270.208157][T11376] loop0: detected capacity change from 0 to 64 [ 270.232251][T11355] XFS (loop2): Mounting V5 Filesystem [ 270.449115][T11355] XFS (loop2): Ending clean mount [ 270.537870][ T4267] hfs: node 4:3 still has 1 user(s)! [ 270.646076][ T4272] XFS (loop2): Unmounting Filesystem [ 270.979719][T11405] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3256'. [ 272.013310][T11450] loop4: detected capacity change from 0 to 256 [ 272.064293][T11450] FAT-fs (loop4): Directory bread(block 64) failed [ 272.071279][T11450] FAT-fs (loop4): Directory bread(block 65) failed [ 272.116900][T11450] FAT-fs (loop4): Directory bread(block 66) failed [ 272.154935][T11450] FAT-fs (loop4): Directory bread(block 67) failed [ 272.178090][T11450] FAT-fs (loop4): Directory bread(block 68) failed [ 272.201332][T11450] FAT-fs (loop4): Directory bread(block 69) failed [ 272.231893][T11450] FAT-fs (loop4): Directory bread(block 70) failed [ 272.267042][T11450] FAT-fs (loop4): Directory bread(block 71) failed [ 272.298019][T11450] FAT-fs (loop4): Directory bread(block 72) failed [ 272.322045][T11450] FAT-fs (loop4): Directory bread(block 73) failed [ 272.469368][ T26] audit: type=1800 audit(2000000017.576:94): pid=11450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3276" name="bus" dev="loop4" ino=1048616 res=0 errno=0 [ 272.690921][ T26] audit: type=1326 audit(2000000017.796:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11474 comm="syz.3.3290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde4df8ebe9 code=0x7ffc0000 [ 272.722399][ T5279] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 272.756310][ T26] audit: type=1326 audit(2000000017.836:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11474 comm="syz.3.3290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7fde4df8ebe9 code=0x7ffc0000 [ 272.778817][ C1] vkms_vblank_simulate: vblank timer overrun [ 272.819220][ T26] audit: type=1326 audit(2000000017.836:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11474 comm="syz.3.3290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde4df8ebe9 code=0x7ffc0000 [ 272.887107][T11479] loop3: detected capacity change from 0 to 256 [ 272.932269][ T5279] usb 1-1: Using ep0 maxpacket: 32 [ 272.945348][ T5279] usb 1-1: config 0 interface 0 has no altsetting 0 [ 272.978957][T11479] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb107716d, utbl_chksum : 0xe619d30d) [ 273.000673][ T5279] usb 1-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e [ 273.060909][ T5279] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 273.110521][ T5279] usb 1-1: config 0 descriptor?? [ 273.127946][ T5279] usb 1-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state [ 273.131152][T11486] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3295'. [ 273.167124][ T5279] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 273.181273][ T5279] dvbdev: DVB: registering new adapter (HCW 126xxx) [ 273.188546][ T5279] usb 1-1: media controller created [ 273.209878][ T5279] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 273.229063][T11472] loop2: detected capacity change from 0 to 32768 [ 273.327930][ T5279] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 273.339292][T11491] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3297'. [ 273.364869][ T5279] error writing reg: 0xff, val: 0x00 [ 273.432389][T11472] XFS (loop2): Mounting V5 Filesystem [ 273.461261][ T5279] dvb_usb_mxl111sf: probe of 1-1:0.0 failed with error -22 [ 273.578362][ T5279] usb 1-1: USB disconnect, device number 9 [ 273.644593][T11472] XFS (loop2): Ending clean mount [ 273.761346][ T4272] XFS (loop2): Unmounting Filesystem [ 273.911735][T11514] loop3: detected capacity change from 0 to 256 [ 274.505609][T11530] netlink: 'syz.1.3313': attribute type 3 has an invalid length. [ 274.510800][T11506] loop4: detected capacity change from 0 to 32768 [ 274.562324][T11530] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3313'. [ 274.618485][T11532] netlink: 'syz.3.3314': attribute type 4 has an invalid length. [ 274.651355][T11532] netlink: 128124 bytes leftover after parsing attributes in process `syz.3.3314'. [ 275.898897][ T4322] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 275.911651][T11587] ieee802154 phy0 wpan0: encryption failed: -22 [ 276.087349][ T4322] usb 3-1: Using ep0 maxpacket: 8 [ 276.095556][ T4322] usb 3-1: config 1 has an invalid interface number: 128 but max is 1 [ 276.104861][T11597] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3346'. [ 276.110610][ T4322] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 276.137396][T11597] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3346'. [ 276.144935][ T4322] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 276.155946][ T4322] usb 3-1: config 1 has no interface number 0 [ 276.162438][ T4322] usb 3-1: config 1 interface 128 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 276.214451][ T4322] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 276.240407][ T4322] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 276.272261][ T4322] usb 3-1: Product: syz [ 276.276502][ T4322] usb 3-1: Manufacturer: syz [ 276.281159][ T4322] usb 3-1: SerialNumber: syz [ 276.343536][ T4322] cdc_wdm 3-1:1.128: skipping garbage [ 276.349516][ T4322] cdc_wdm 3-1:1.128: invalid descriptor buffer length [ 276.392638][ T4322] cdc_wdm: probe of 3-1:1.128 failed with error -22 [ 276.415467][T11606] netlink: 'syz.1.3351': attribute type 1 has an invalid length. [ 276.605127][ T4322] usb 3-1: USB disconnect, device number 8 [ 276.666426][T11616] loop1: detected capacity change from 0 to 64 [ 277.048007][T11621] loop3: detected capacity change from 0 to 4096 [ 277.144436][T11621] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 277.181912][T11621] ntfs3: loop3: Failed to load $Extend. [ 277.682453][ T4322] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 277.735460][T11649] netlink: 'syz.2.3372': attribute type 1 has an invalid length. [ 277.902238][ T4322] usb 1-1: Using ep0 maxpacket: 32 [ 277.911700][ T4322] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 277.943273][ T4322] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 277.998053][ T4322] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 278.017884][ T4322] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 278.063316][ T4322] usb 1-1: config 0 descriptor?? [ 278.093148][ T4322] hub 1-1:0.0: USB hub found [ 278.223924][T11666] loop3: detected capacity change from 0 to 256 [ 278.276639][ T4322] hub 1-1:0.0: 31 ports detected [ 278.282465][ T4322] hub 1-1:0.0: insufficient power available to use all downstream ports [ 278.313845][T11666] FAT-fs (loop3): Directory bread(block 64) failed [ 278.339945][T11670] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3382'. [ 278.353867][T11666] FAT-fs (loop3): Directory bread(block 65) failed [ 278.360802][T11666] FAT-fs (loop3): Directory bread(block 66) failed [ 278.383188][T11670] netlink: 'syz.4.3382': attribute type 1 has an invalid length. [ 278.408566][T11666] FAT-fs (loop3): Directory bread(block 67) failed [ 278.418803][T11674] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3383'. [ 278.439237][T11666] FAT-fs (loop3): Directory bread(block 68) failed [ 278.468175][T11666] FAT-fs (loop3): Directory bread(block 69) failed [ 278.483809][ T4322] hub 1-1:0.0: hub_hub_status failed (err = -71) [ 278.502041][T11666] FAT-fs (loop3): Directory bread(block 70) failed [ 278.505127][ T4322] hub 1-1:0.0: config failed, can't get hub status (err -71) [ 278.532829][T11666] FAT-fs (loop3): Directory bread(block 71) failed [ 278.539594][T11666] FAT-fs (loop3): Directory bread(block 72) failed [ 278.573961][T11666] FAT-fs (loop3): Directory bread(block 73) failed [ 278.579870][ T4322] usbhid 1-1:0.0: can't add hid device: -71 [ 278.609726][ T4322] usbhid: probe of 1-1:0.0 failed with error -71 [ 278.683669][ T4322] usb 1-1: USB disconnect, device number 10 [ 278.864466][T11684] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3389'. [ 279.275242][T11702] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3398'. [ 279.292576][T11703] loop2: detected capacity change from 0 to 256 [ 279.366074][T11703] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 279.455373][T11709] netlink: 'syz.4.3401': attribute type 1 has an invalid length. [ 279.652517][T11712] netlink: 'syz.0.3402': attribute type 30 has an invalid length. [ 279.682788][T11712] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode balance-alb(6) [ 279.722401][T11713] netlink: 'syz.2.3403': attribute type 30 has an invalid length. [ 280.114332][T11698] loop3: detected capacity change from 0 to 32768 [ 280.142420][T11698] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.3395 (11698) [ 280.204049][T11698] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 280.250130][T11698] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 280.287235][T11698] BTRFS info (device loop3): using free space tree [ 280.324114][T11736] loop2: detected capacity change from 0 to 64 [ 280.456012][T11736] hfs: request for non-existent node 16777216 in B*Tree [ 280.583424][T11736] hfs: request for non-existent node 16777216 in B*Tree [ 280.645017][T11736] hfs: request for non-existent node 16777216 in B*Tree [ 280.654495][T11698] BTRFS info (device loop3): enabling ssd optimizations [ 280.691936][T11736] hfs: request for non-existent node 16777216 in B*Tree [ 280.738127][T11736] hfs: request for non-existent node 16777216 in B*Tree [ 280.772290][T11736] hfs: request for non-existent node 16777216 in B*Tree [ 280.870641][ T4264] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 281.089841][ T4379] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 9 /dev/loop3 scanned by udevd (4379) [ 281.238979][T10390] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 281.462386][T10390] usb 2-1: config 0 has an invalid interface number: 69 but max is 0 [ 281.511264][T10390] usb 2-1: config 0 has no interface number 0 [ 281.529361][T10390] usb 2-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 281.577116][T10390] usb 2-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 281.591474][T11788] loop0: detected capacity change from 0 to 1024 [ 281.621178][T10390] usb 2-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 281.686193][T10390] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 281.746986][T10390] usb 2-1: Product: syz [ 281.751201][T10390] usb 2-1: Manufacturer: syz [ 281.792366][T10390] usb 2-1: SerialNumber: syz [ 281.821709][T10390] usb 2-1: config 0 descriptor?? [ 281.849255][T11768] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 281.866496][T10390] cyberjack 2-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 281.916462][T10390] usb 2-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 282.255567][T11802] loop3: detected capacity change from 0 to 4096 [ 282.302672][T11802] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 282.345394][T10390] usb 2-1: USB disconnect, device number 16 [ 282.383662][T10390] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 282.455527][T10390] cyberjack 2-1:0.69: device disconnected [ 282.474796][T11802] ntfs3: loop3: failed to convert "c46c" to iso8859-2 [ 282.679092][T11821] loop0: detected capacity change from 0 to 256 [ 282.783457][T11821] FAT-fs (loop0): Directory bread(block 64) failed [ 282.790062][T11821] FAT-fs (loop0): Directory bread(block 65) failed [ 282.829119][T11821] FAT-fs (loop0): Directory bread(block 66) failed [ 282.877173][T11821] FAT-fs (loop0): Directory bread(block 67) failed [ 282.908626][T11821] FAT-fs (loop0): Directory bread(block 68) failed [ 282.935932][T11821] FAT-fs (loop0): Directory bread(block 69) failed [ 282.957957][T11821] FAT-fs (loop0): Directory bread(block 70) failed [ 282.987866][T11821] FAT-fs (loop0): Directory bread(block 71) failed [ 283.003052][T11821] FAT-fs (loop0): Directory bread(block 72) failed [ 283.009754][T11821] FAT-fs (loop0): Directory bread(block 73) failed [ 283.812283][T10390] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 283.912498][ T7963] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 284.012379][T10390] usb 5-1: Using ep0 maxpacket: 32 [ 284.019533][T10390] usb 5-1: config index 0 descriptor too short (expected 26090, got 796) [ 284.042026][T10390] usb 5-1: config 231 has too many interfaces: 103, using maximum allowed: 32 [ 284.056203][T10390] usb 5-1: config 231 has an invalid descriptor of length 0, skipping remainder of the config [ 284.082219][T10390] usb 5-1: config 231 has 0 interfaces, different from the descriptor's value: 103 [ 284.102332][ T7963] usb 4-1: Using ep0 maxpacket: 32 [ 284.111068][ T7963] usb 4-1: config 0 has an invalid interface number: 16 but max is 0 [ 284.114678][T10390] usb 5-1: New USB device found, idVendor=d024, idProduct=5e5a, bcdDevice=16.a9 [ 284.149085][T10390] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 284.179872][T10390] usb 5-1: Product: syz [ 284.182352][ T7963] usb 4-1: config 0 has no interface number 0 [ 284.190081][T10390] usb 5-1: Manufacturer: syz [ 284.190534][ T7963] usb 4-1: config 0 interface 16 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 284.206745][T10390] usb 5-1: SerialNumber: syz [ 284.253673][ T7963] usb 4-1: config 0 interface 16 altsetting 0 endpoint 0x82 has invalid maxpacket 26159, setting to 1024 [ 284.289274][ T7963] usb 4-1: config 0 interface 16 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 284.331641][ T7963] usb 4-1: New USB device found, idVendor=0499, idProduct=102a, bcdDevice=85.2d [ 284.350660][ T7963] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 284.373653][ T7963] usb 4-1: Product: syz [ 284.380957][ T7963] usb 4-1: Manufacturer: syz [ 284.402347][ T7963] usb 4-1: SerialNumber: syz [ 284.411639][ T7963] usb 4-1: config 0 descriptor?? [ 284.438815][T11856] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 284.442438][T10390] usb 5-1: USB disconnect, device number 13 [ 284.452564][T11856] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 284.528938][T11882] loop1: detected capacity change from 0 to 4096 [ 284.596923][T11882] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 284.647920][T11882] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 284.680699][T11882] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 284.703604][T11886] loop2: detected capacity change from 0 to 1764 [ 284.714178][T11882] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 284.745234][T11882] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 284.782043][ T5551] usb 4-1: USB disconnect, device number 14 [ 284.805870][T11886] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 284.818231][T11882] ntfs: volume version 3.1. [ 284.856143][T11882] ntfs: (device loop1): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 284.897732][T11882] ntfs: (device loop1): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 284.950132][T11882] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 284.981901][T11882] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 285.011270][T11882] ntfs: (device loop1): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 285.145480][T11880] loop0: detected capacity change from 0 to 32768 [ 285.202730][T11880] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 285.321651][T11896] kernel profiling enabled (shift: 63) [ 285.355933][T11880] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 285.373399][T11896] profiling shift: 63 too large [ 285.451739][T11880] (syz.0.3475,11880,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 285.486528][T11900] netlink: 'syz.2.3483': attribute type 2 has an invalid length. [ 285.494662][T11880] (syz.0.3475,11880,0):ocfs2_xattr_block_find:2835 ERROR: status = -12 [ 285.522833][T11900] netlink: 'syz.2.3483': attribute type 8 has an invalid length. [ 285.550063][T11900] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3483'. [ 285.680780][ T4267] ocfs2: Unmounting device (7,0) on (node local) [ 286.122766][T11924] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3496'. [ 286.237398][T11928] netlink: 'syz.4.3498': attribute type 2 has an invalid length. [ 286.282005][T11928] netlink: 'syz.4.3498': attribute type 1 has an invalid length. [ 286.303107][T11932] netlink: 1020 bytes leftover after parsing attributes in process `syz.2.3499'. [ 286.322363][T11928] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.3498'. [ 286.507993][T11938] sock: sock_timestamping_bind_phc: sock not bind to device [ 286.703572][T11942] block device autoloading is deprecated and will be removed. [ 286.739711][T11949] xt_CT: You must specify a L4 protocol and not use inversions on it [ 286.826901][T11950] loop2: detected capacity change from 0 to 2048 [ 286.907465][T11950] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 287.997548][T12002] ip6t_srh: unknown srh invflags 7863 [ 288.224302][T12012] loop0: detected capacity change from 0 to 128 [ 288.292687][T12012] FAT-fs (loop0): bogus number of reserved sectors [ 288.319327][T12012] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 288.363337][T12018] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3543'. [ 288.383360][T12012] FAT-fs (loop0): Can't find a valid FAT filesystem [ 288.425437][T12018] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3543'. [ 288.471135][T12018] netlink: 'syz.2.3543': attribute type 2 has an invalid length. [ 288.488565][T12012] loop0: detected capacity change from 0 to 128 [ 288.870233][T12036] ieee802154 phy0 wpan0: encryption failed: -22 [ 288.962452][ T5551] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 289.176941][ T5551] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 289.195539][ T5551] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 289.223372][ T5551] usb 5-1: Product: syz [ 289.244526][ T5551] usb 5-1: Manufacturer: syz [ 289.268566][ T5551] usb 5-1: SerialNumber: syz [ 289.297448][ T5551] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 289.383402][ T5551] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 289.588416][T12026] loop1: detected capacity change from 0 to 32768 [ 289.591320][ C1] usb 5-1: ath9k_htc: invalid pkt_len (ffd7) [ 289.844273][T10390] usb 5-1: USB disconnect, device number 14 [ 289.937628][T12064] loop3: detected capacity change from 0 to 256 [ 290.202599][ T7963] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 290.422313][ T7963] usb 1-1: Using ep0 maxpacket: 32 [ 290.434759][ T7963] usb 1-1: unable to get BOS descriptor or descriptor too short [ 290.452682][ T5551] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 290.460242][ T5551] ath9k_htc: Failed to initialize the device [ 290.464822][ T7963] usb 1-1: config 3 has an invalid interface number: 43 but max is 0 [ 290.488968][ T7963] usb 1-1: config 3 has no interface number 0 [ 290.502000][T10390] usb 5-1: ath9k_htc: USB layer deinitialized [ 290.506268][ T7963] usb 1-1: config 3 interface 43 has no altsetting 0 [ 290.545465][ T7963] usb 1-1: New USB device found, idVendor=0421, idProduct=01d4, bcdDevice=9a.31 [ 290.588985][ T7963] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 290.630584][T12087] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3576'. [ 290.632966][ T7963] usb 1-1: Product: syz [ 290.673309][ T7963] usb 1-1: Manufacturer: syz [ 290.678294][ T7963] usb 1-1: SerialNumber: syz [ 290.759249][T12091] netlink: 300 bytes leftover after parsing attributes in process `syz.3.3578'. [ 290.917859][ T7963] rndis_wlan 1-1:3.43: More than one union descriptor, skipping ... [ 290.952498][ T7963] usb 1-1: bad CDC descriptors [ 290.963104][ T7963] rndis_host 1-1:3.43: More than one union descriptor, skipping ... [ 290.993256][ T7963] usb 1-1: bad CDC descriptors [ 290.999015][ T7963] cdc_acm 1-1:3.43: More than one union descriptor, skipping ... [ 291.051426][ T7963] usb 1-1: USB disconnect, device number 11 [ 291.361940][T12116] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3590'. [ 291.557649][T12123] loop3: detected capacity change from 0 to 16 [ 291.636247][T12123] erofs: (device loop3): mounted with root inode @ nid 36. [ 291.647392][T12126] loop0: detected capacity change from 0 to 128 [ 291.673911][T12123] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 291.689891][T12126] FAT-fs (loop0): Directory bread(block 3236) failed [ 291.719027][T12126] FAT-fs (loop0): Directory bread(block 3237) failed [ 291.751524][T12123] erofs: (device loop3): z_erofs_read_folio: failed to read, err [-117] [ 291.759730][T12126] FAT-fs (loop0): Directory bread(block 3238) failed [ 291.789968][T12126] FAT-fs (loop0): Directory bread(block 3239) failed [ 291.832545][T12126] FAT-fs (loop0): Directory bread(block 3240) failed [ 291.839785][T12126] FAT-fs (loop0): Directory bread(block 3241) failed [ 291.867750][T12126] FAT-fs (loop0): Directory bread(block 3242) failed [ 291.883489][T12126] FAT-fs (loop0): Directory bread(block 3243) failed [ 291.907897][T12126] FAT-fs (loop0): Directory bread(block 3236) failed [ 291.962399][T12126] FAT-fs (loop0): Directory bread(block 3237) failed [ 292.011097][T12134] loop3: detected capacity change from 0 to 512 [ 292.131542][T12134] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 292.160206][T12134] ext4 filesystem being mounted at /721/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 292.347748][T12114] loop4: detected capacity change from 0 to 32768 [ 292.360762][ T4264] EXT4-fs (loop3): unmounting filesystem. [ 292.461242][T12114] XFS (loop4): Mounting V5 Filesystem [ 292.584246][T12165] netlink: 'syz.2.3608': attribute type 10 has an invalid length. [ 292.687277][T12114] XFS (loop4): Ending clean mount [ 292.780143][T12171] netlink: 'syz.1.3612': attribute type 13 has an invalid length. [ 292.913638][ T4270] XFS (loop4): Unmounting Filesystem [ 293.280027][T12188] loop2: detected capacity change from 0 to 1024 [ 293.376711][T12188] overlayfs: filesystem on './file1' not supported [ 293.387757][T12191] loop1: detected capacity change from 0 to 2048 [ 293.429938][T12191] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 293.538199][T12193] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 293.611736][ T4306] hfsplus: b-tree write err: -5, ino 4 [ 294.209608][T12214] device dummy0 entered promiscuous mode [ 294.216657][T12213] device dummy0 left promiscuous mode [ 294.492695][ T5279] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 294.703977][ T5279] usb 3-1: unable to get BOS descriptor or descriptor too short [ 294.740796][ T5279] usb 3-1: config 3 has an invalid interface number: 8 but max is 3 [ 294.771936][ T5279] usb 3-1: config 3 has an invalid descriptor of length 70, skipping remainder of the config [ 294.806729][ T5279] usb 3-1: config 3 has 1 interface, different from the descriptor's value: 4 [ 294.821019][T12234] 9pnet_fd: p9_fd_create_tcp (12234): problem binding to privport [ 294.852451][ T5279] usb 3-1: config 3 has no interface number 0 [ 294.861576][ T5279] usb 3-1: config 3 interface 8 altsetting 6 endpoint 0x82 has an invalid bInterval 248, changing to 11 [ 294.945870][T12204] loop1: detected capacity change from 0 to 32768 [ 294.979072][ T5279] usb 3-1: config 3 interface 8 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 295.036409][T12204] XFS (loop1): Mounting V5 Filesystem [ 295.048501][ T5279] usb 3-1: config 3 interface 8 has no altsetting 0 [ 295.071196][ T5279] usb 3-1: New USB device found, idVendor=05ac, idProduct=921d, bcdDevice=c2.be [ 295.124034][ T5279] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 295.164414][ T5279] usb 3-1: Product: syz [ 295.168822][ T5279] usb 3-1: Manufacturer: syz [ 295.194300][ T5279] usb 3-1: SerialNumber: syz [ 295.237714][T12204] XFS (loop1): Ending clean mount [ 295.411189][ T4263] XFS (loop1): Unmounting Filesystem [ 295.450290][ T5279] appledisplay 3-1:3.8: Error while getting initial brightness: -71 [ 295.535951][ T5279] appledisplay: probe of 3-1:3.8 failed with error -71 [ 295.562954][ T5279] usbhid 3-1:3.8: can't add hid device: -22 [ 295.573150][ T5279] usbhid: probe of 3-1:3.8 failed with error -22 [ 295.610165][ T5279] usb 3-1: USB disconnect, device number 9 [ 295.890053][T12267] dlm: no locking on control device [ 296.007418][T12247] loop4: detected capacity change from 0 to 32768 [ 296.118008][T12247] XFS (loop4): Mounting V5 Filesystem [ 296.343325][T12247] XFS (loop4): Ending clean mount [ 296.424625][T12247] XFS (loop4): syz.4.3645 should use fallocate; XFS_IOC_{ALLOC,FREE}SP ioctl unsupported [ 296.511774][T12296] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 296.595303][ T4270] XFS (loop4): Unmounting Filesystem [ 296.849673][T12308] ptrace attach of "./syz-executor exec"[4267] was attempted by ""[12308] [ 297.033279][T12313] xt_ecn: cannot match TCP bits for non-tcp packets [ 297.093250][T12315] comedi comedi3: das16m1: I/O port conflict (0x501,8) [ 297.294784][T12323] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3676'. [ 297.341540][T12323] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3676'. [ 297.349594][T12329] program syz.0.3678 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 297.570434][T12334] cgroup: No subsys list or none specified [ 298.548592][T12384] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3705'. [ 298.602475][T12384] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 298.643044][T11784] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 298.850913][T11784] usb 4-1: Using ep0 maxpacket: 32 [ 298.867850][T12396] loop0: detected capacity change from 0 to 4096 [ 298.871697][T11784] usb 4-1: config 0 interface 0 has no altsetting 0 [ 298.910037][T11784] usb 4-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 298.949117][T11784] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 298.961249][T11784] usb 4-1: Product: syz [ 298.967017][T11784] usb 4-1: Manufacturer: syz [ 298.973187][T11784] usb 4-1: SerialNumber: syz [ 298.980337][T11784] usb 4-1: config 0 descriptor?? [ 299.028351][T12400] 9pnet_fd: p9_fd_create_tcp (12400): problem connecting socket to 127.0.0.1 [ 299.042506][ T5551] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 299.222809][ T5551] usb 2-1: Using ep0 maxpacket: 16 [ 299.234603][ T5551] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 299.235285][T12405] xt_hashlimit: max too large, truncated to 1048576 [ 299.265068][ T5551] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 299.285778][T12405] xt_bpf: check failed: parse error [ 299.295540][ T5551] usb 2-1: Product: syz [ 299.299781][ T5551] usb 2-1: Manufacturer: syz [ 299.312487][ T5551] usb 2-1: SerialNumber: syz [ 299.331914][ T5551] r8152-cfgselector 2-1: config 0 descriptor?? [ 299.394891][T11784] gs_usb 4-1:0.0: Couldn't get device config: (err=-71) [ 299.412295][T11784] gs_usb: probe of 4-1:0.0 failed with error -71 [ 299.453728][T11784] usb 4-1: USB disconnect, device number 15 [ 299.634393][T12417] netlink: 'syz.4.3721': attribute type 1 has an invalid length. [ 299.640404][T12416] loop0: detected capacity change from 0 to 256 [ 299.689060][T12416] FAT-fs (loop0): Directory bread(block 64) failed [ 299.704626][T12416] FAT-fs (loop0): Directory bread(block 65) failed [ 299.711847][T12416] FAT-fs (loop0): Directory bread(block 66) failed [ 299.734649][T12416] FAT-fs (loop0): Directory bread(block 67) failed [ 299.741420][T12416] FAT-fs (loop0): Directory bread(block 68) failed [ 299.764063][ T5551] r8152-cfgselector 2-1: Unknown version 0x0000 [ 299.770678][T12416] FAT-fs (loop0): Directory bread(block 69) failed [ 299.770711][ T5551] r8152-cfgselector 2-1: bad CDC descriptors [ 299.799388][T12416] FAT-fs (loop0): Directory bread(block 70) failed [ 299.828233][ T5551] r8152-cfgselector 2-1: Unknown version 0x0000 [ 299.829739][T12416] FAT-fs (loop0): Directory bread(block 71) failed [ 299.860608][ T5551] r8152-cfgselector 2-1: USB disconnect, device number 17 [ 299.868873][T12416] FAT-fs (loop0): Directory bread(block 72) failed [ 299.899188][T12416] FAT-fs (loop0): Directory bread(block 73) failed [ 300.093967][T12429] netlink: 'syz.4.3725': attribute type 28 has an invalid length. [ 300.201391][T12431] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 300.227528][T12431] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 300.256691][T12431] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 300.309455][T12431] device vlan0 left promiscuous mode [ 300.325347][T12431] device macvlan0 left promiscuous mode [ 300.991885][T12428] loop2: detected capacity change from 0 to 32768 [ 301.060408][T12457] loop4: detected capacity change from 0 to 8192 [ 301.119952][T12428] XFS (loop2): Mounting V5 Filesystem [ 301.222612][T12475] loop3: detected capacity change from 0 to 128 [ 301.305286][T12475] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 301.321564][T12428] XFS (loop2): Ending clean mount [ 301.423990][T12475] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 301.590418][ T4272] XFS (loop2): Unmounting Filesystem [ 301.891817][T12491] bond0: Error: Cannot enslave bond to itself. [ 302.306355][ T26] kauditd_printk_skb: 6 callbacks suppressed [ 302.306369][ T26] audit: type=1326 audit(2000000047.416:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12504 comm="syz.4.3762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00b4b8ebe9 code=0x7ffc0000 [ 302.870501][T12496] loop3: detected capacity change from 0 to 32768 [ 302.946858][T12496] XFS (loop3): Mounting V5 Filesystem [ 303.118799][T12496] XFS (loop3): Ending clean mount [ 303.278641][ T4264] XFS (loop3): Unmounting Filesystem [ 303.437641][T12554] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 303.468756][T12554] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 303.503486][T12554] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 303.605230][T12554] device ipvlan1 left promiscuous mode [ 303.699249][T12560] netlink: 'syz.1.3783': attribute type 21 has an invalid length. [ 303.735035][T12560] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3783'. [ 304.402471][T12580] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3794'. [ 304.614581][T12592] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 304.629191][T12592] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 304.674614][T12592] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 304.722780][T12592] device netdevsim0 left promiscuous mode [ 304.754541][T12592] device bridge1 left promiscuous mode [ 305.162403][T10390] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 305.284340][T12614] UBIFS error (pid: 12614): cannot open "", error -22 [ 305.354370][T10390] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 305.390869][T10390] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 305.411383][T10390] usb 1-1: config 0 descriptor?? [ 305.791723][T12631] netlink: 'syz.2.3817': attribute type 2 has an invalid length. [ 305.844747][T10390] ath6kl: Failed to submit usb control message: -71 [ 305.851565][T10390] ath6kl: unable to send the bmi data to the device: -71 [ 305.874176][T10390] ath6kl: Unable to send get target info: -71 [ 305.902258][T10390] ath6kl: Failed to init ath6kl core: -71 [ 305.992450][T10390] ath6kl_usb: probe of 1-1:0.0 failed with error -71 [ 306.021194][T10390] usb 1-1: USB disconnect, device number 12 [ 306.114771][T12638] befs: (nbd1): No write support. Marking filesystem read-only [ 306.159775][ T2513] block nbd1: Attempted send on invalid socket [ 306.166471][ T2513] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 306.187728][T12638] befs: (nbd1): unable to read superblock [ 306.601727][T12656] loop0: detected capacity change from 0 to 64 [ 306.681069][T12656] Trying to free block not in datazone [ 306.732857][T12656] Trying to free block not in datazone [ 306.735719][T12661] loop3: detected capacity change from 0 to 256 [ 306.750474][T12656] Trying to free block not in datazone [ 306.756483][T12656] Trying to free block not in datazone [ 306.762121][T12656] minix_free_block (loop0:6): bit already cleared [ 306.808232][T12656] Trying to free block not in datazone [ 306.822934][T12656] Trying to free block not in datazone [ 307.252585][T12675] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3839'. [ 307.419285][T12679] loop3: detected capacity change from 0 to 512 [ 307.526537][T12679] EXT4-fs (loop3): 1 truncate cleaned up [ 307.562393][T12679] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 307.646157][ T4264] EXT4-fs (loop3): unmounting filesystem. [ 307.950234][T12695] loop2: detected capacity change from 0 to 256 [ 307.995621][T12695] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 308.053671][T12697] loop3: detected capacity change from 0 to 1024 [ 308.107467][T12697] hfsplus: catalog name length corrupted [ 308.550304][T12709] loop2: detected capacity change from 0 to 512 [ 308.590701][T12715] ieee802154 phy0 wpan0: encryption failed: -22 [ 308.638591][T12709] EXT4-fs (loop2): 1 truncate cleaned up [ 308.648817][T12657] loop1: detected capacity change from 0 to 32768 [ 308.714690][T12709] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 308.836139][T12657] jfs_strtoUCS: char2uni returned -22. [ 308.893815][ T4272] EXT4-fs (loop2): unmounting filesystem. [ 308.952218][T12657] charset = ascii, char = 0xc5 [ 309.915936][T12750] ax25_connect(): syz.4.3875 uses autobind, please contact jreuter@yaina.de [ 309.983730][T12756] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 310.322018][T12769] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3885'. [ 310.372026][T12769] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3885'. [ 310.903738][T12789] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 311.253946][T12803] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 311.343695][T12803] device batadv0 left promiscuous mode [ 311.349636][T12803] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 311.399871][T12803] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 311.488177][T12803] device netdevsim0 left promiscuous mode [ 311.534561][T12813] loop2: detected capacity change from 0 to 64 [ 311.652285][ T5551] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 311.882358][ T5551] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 311.911670][ T5551] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 311.932966][ T5551] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 311.955066][ T5551] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 312.018092][ T5551] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 312.049419][ T5551] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 312.074047][ T5551] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 312.112273][ T5551] usb 2-1: Product: syz [ 312.123240][ T5551] usb 2-1: Manufacturer: syz [ 312.154663][ T5551] cdc_wdm 2-1:1.0: skipping garbage [ 312.173939][ T5551] cdc_wdm 2-1:1.0: skipping garbage [ 312.205930][ T5551] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 312.219311][T12829] loop4: detected capacity change from 0 to 512 [ 312.232970][ T5551] cdc_wdm 2-1:1.0: Unknown control protocol [ 312.287941][T12829] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.3914: casefold flag without casefold feature [ 312.318843][T12829] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.3914: couldn't read orphan inode 15 (err -117) [ 312.318970][T12837] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3917'. [ 312.365065][T12837] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3917'. [ 312.368506][T12806] cdc_wdm 2-1:1.0: Error submitting int urb - -90 [ 312.424471][ T5551] usb 2-1: USB disconnect, device number 18 [ 312.437640][T12829] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 312.567314][ T4270] EXT4-fs (loop4): unmounting filesystem. [ 312.640372][T12839] loop3: detected capacity change from 0 to 4096 [ 312.709009][T12844] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 312.766221][T12839] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 312.806266][T12839] Remounting filesystem read-only [ 312.909550][ T26] audit: type=1326 audit(2000000058.016:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12849 comm="syz.2.3922" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f68ba58ebe9 code=0x0 [ 313.408093][T12868] syz.1.3934 uses old SIOCAX25GETINFO [ 313.471880][T12870] loop2: detected capacity change from 0 to 2048 [ 313.568159][T12870] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 313.639483][T12872] xt_CT: No such helper "netbios-ns" [ 313.666780][T12881] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 313.667315][T12870] syz.2.3931: attempt to access beyond end of device [ 313.667315][T12870] loop2: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 313.883127][T12889] netlink: 92 bytes leftover after parsing attributes in process `syz.4.3941'. [ 313.982958][T12870] syz.2.3931: attempt to access beyond end of device [ 313.982958][T12870] loop2: rw=0, sector=33554430, nr_sectors = 2 limit=2048 [ 314.012741][T12870] NILFS (loop2): I/O error reading meta-data file (ino=6, block-offset=3) [ 314.336083][T12895] xt_CT: No such helper "pptp" [ 314.650892][T12920] netlink: 'syz.4.3955': attribute type 10 has an invalid length. [ 314.733859][T12920] 8021q: adding VLAN 0 to HW filter on device team0 [ 314.781842][T12920] bond0: (slave team0): Enslaving as an active interface with an up link [ 314.789983][T12923] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3958'. [ 315.200176][T12941] ax25_connect(): syz.3.3967 uses autobind, please contact jreuter@yaina.de [ 315.425215][T12954] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3973'. [ 315.645308][T12967] netlink: 'syz.4.3978': attribute type 9 has an invalid length. [ 315.677192][T12967] netlink: 'syz.4.3978': attribute type 7 has an invalid length. [ 315.707983][T12967] netlink: 'syz.4.3978': attribute type 8 has an invalid length. [ 315.767221][T12975] netlink: 'syz.2.3981': attribute type 5 has an invalid length. [ 316.407462][T12968] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 316.420324][T12968] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 316.437094][T12968] Bluetooth: hci0: Suspend notifier action (1) failed: -4 [ 316.456837][T13006] netlink: 'syz.0.3996': attribute type 2 has an invalid length. [ 316.467900][T12968] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 316.485272][T12968] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 316.491511][T12968] Bluetooth: hci2: Suspend notifier action (1) failed: -4 [ 316.522497][T12968] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 316.528584][T12968] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 316.555283][T12968] Bluetooth: hci3: Suspend notifier action (1) failed: -4 [ 316.605883][T12968] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 316.620605][T13011] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 316.632382][T12968] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 316.660677][T12968] Bluetooth: hci4: Suspend notifier action (1) failed: -4 [ 316.982542][ T4322] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 317.187818][T13033] loop0: detected capacity change from 0 to 4096 [ 317.196200][ T4322] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 317.215382][ T4322] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 317.246799][ T4322] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 317.268689][T13039] loop1: detected capacity change from 0 to 16 [ 317.282757][ T4322] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 317.301696][T13033] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 317.314132][ T4322] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 317.322544][T13039] erofs: (device loop1): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 142735) [ 317.343859][ T4322] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 317.360478][ T4322] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 317.370108][ T4322] usb 3-1: Product: syz [ 317.374931][ T4322] usb 3-1: Manufacturer: syz [ 317.386264][ T4322] cdc_wdm 3-1:1.0: skipping garbage [ 317.391665][ T4322] cdc_wdm 3-1:1.0: skipping garbage [ 317.404408][ T4267] EXT4-fs (loop0): unmounting filesystem. [ 317.407365][ T4322] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 317.422344][ T4322] cdc_wdm 3-1:1.0: Unknown control protocol [ 317.487608][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.494027][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.649684][T12989] cdc_wdm 3-1:1.0: Error submitting int urb - -90 [ 317.683629][ T5279] usb 3-1: USB disconnect, device number 10 [ 317.802240][ C0] ------------[ cut here ]------------ [ 317.808463][ C0] WARNING: CPU: 0 PID: 7912 at kernel/workqueue.c:1441 __queue_work+0xe2d/0xfb0 [ 317.817555][ C0] Modules linked in: [ 317.821487][ C0] CPU: 0 PID: 7912 Comm: udevd Not tainted 6.1.148-syzkaller #0 [ 317.829153][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 317.839249][ C0] RIP: 0010:__queue_work+0xe2d/0xfb0 [ 317.844570][ C0] Code: e9 9d fc ff ff 48 8b 0c 24 80 e1 07 80 c1 03 38 c1 0f 8c c7 fc ff ff 48 8b 3c 24 e8 6d b8 7d 00 e9 b9 fc ff ff e8 d3 9b 2d 00 <0f> 0b 48 83 c4 60 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 bd 9b 2d 00 [ 317.864210][ C0] RSP: 0018:ffffc90000007ae8 EFLAGS: 00010046 [ 317.870309][ C0] RAX: ffffffff8153228d RBX: 0000000000010000 RCX: ffff888027a3bb80 [ 317.878310][ C0] RDX: 0000000000000100 RSI: 0000000000000100 RDI: 0000000000000000 [ 317.886374][ C0] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1c3ea96 [ 317.894377][ C0] R10: fffffbfff1c3ea96 R11: 1ffffffff1c3ea95 R12: ffff88807b6f4800 [ 317.902347][ C0] R13: ffff88807b6f49c0 R14: 0000000000000008 R15: 0000000000000000 [ 317.910668][ C0] FS: 00007fecd4815880(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 317.919591][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 317.926258][ C0] CR2: 00007f00b4db7dac CR3: 000000002f245000 CR4: 00000000003506f0 [ 317.934220][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 317.942362][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 317.950672][ C0] Call Trace: [ 317.953941][ C0] [ 317.956785][ C0] call_timer_fn+0x1a0/0x670 [ 317.961459][ C0] ? queue_work_node+0x3f0/0x3f0 [ 317.966390][ C0] ? call_timer_fn+0xc1/0x670 [ 317.971142][ C0] ? __run_timers+0x7c0/0x7c0 [ 317.975816][ C0] ? do_raw_spin_unlock+0x11d/0x230 [ 317.981009][ C0] ? queue_work_node+0x3f0/0x3f0 [ 317.985944][ C0] __run_timers+0x550/0x7c0 [ 317.990445][ C0] ? detach_timer+0x350/0x350 [ 317.995123][ C0] ? lock_chain_count+0x20/0x20 [ 318.000071][ C0] run_timer_softirq+0x63/0xf0 [ 318.004863][ C0] handle_softirqs+0x2a1/0x920 [ 318.009630][ C0] ? __irq_exit_rcu+0x12f/0x220 [ 318.014504][ C0] ? do_softirq+0x200/0x200 [ 318.019028][ C0] __irq_exit_rcu+0x12f/0x220 [ 318.023714][ C0] ? irq_exit_rcu+0x20/0x20 [ 318.028219][ C0] irq_exit_rcu+0x5/0x20 [ 318.032454][ C0] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 318.038103][ C0] [ 318.041032][ C0] [ 318.043958][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 318.049939][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x32/0x60 [ 318.056547][ C0] Code: d4 b0 81 7e 65 8b 15 d5 b0 81 7e 81 e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 35 83 b9 1c 16 00 00 00 74 2c 8b 91 f8 15 00 00 <83> fa 02 75 21 48 8b 91 00 16 00 00 48 8b 32 48 8d 7e 01 8b 89 fc [ 318.076262][ C0] RSP: 0018:ffffc9000cf7f9a8 EFLAGS: 00000246 [ 318.082346][ C0] RAX: ffffffff83c5ddbb RBX: dffffc0000000000 RCX: ffff888027a3bb80 [ 318.090570][ C0] RDX: 0000000000000000 RSI: 000000000886db1e RDI: 0000000046380ebd [ 318.098648][ C0] RBP: 0000000046380ebd R08: ffff888027a3bb80 R09: 0000000000000003 [ 318.106650][ C0] R10: 0000000000000009 R11: 0000000000000000 R12: ffffc9000cf7fc88 [ 318.114716][ C0] R13: 0000000000000023 R14: ffff88802f5a8aa8 R15: 000000000886db1e [ 318.122689][ C0] ? tomoyo_path_matches_pattern+0x17b/0x260 [ 318.128857][ C0] tomoyo_path_matches_pattern+0x17b/0x260 [ 318.134760][ C0] tomoyo_check_path_acl+0x111/0x1c0 [ 318.140127][ C0] tomoyo_check_acl+0x139/0x3f0 [ 318.145021][ C0] ? tomoyo_execute_permission+0x410/0x410 [ 318.150894][ C0] tomoyo_path_permission+0x1b4/0x380 [ 318.156267][ C0] tomoyo_path_perm+0x403/0x550 [ 318.161289][ C0] ? tomoyo_path_perm+0x1d4/0x550 [ 318.166305][ C0] ? tomoyo_path_permission+0x380/0x380 [ 318.171863][ C0] ? lock_chain_count+0x20/0x20 [ 318.176714][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 318.181913][ C0] security_inode_getattr+0xcf/0x120 [ 318.187194][ C0] vfs_getattr+0x26/0x3a0 [ 318.191516][ C0] ? __fdget_raw+0xca/0x1b0 [ 318.196015][ C0] __x64_sys_newfstat+0x102/0x1c0 [ 318.201243][ C0] ? __ia32_sys_newfstatat+0x1e0/0x1e0 [ 318.206812][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 318.212049][ C0] do_syscall_64+0x4c/0xa0 [ 318.216472][ C0] ? clear_bhb_loop+0x60/0xb0 [ 318.221139][ C0] ? clear_bhb_loop+0x60/0xb0 [ 318.225814][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 318.231706][ C0] RIP: 0033:0x7fecd4111ad7 [ 318.236125][ C0] Code: 73 01 c3 48 8b 0d 21 f3 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 05 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 f1 f2 0d 00 f7 d8 64 89 02 b8 [ 318.255814][ C0] RSP: 002b:00007ffeece5abf8 EFLAGS: 00000297 ORIG_RAX: 0000000000000005 [ 318.264402][ C0] RAX: ffffffffffffffda RBX: 000055a5fc247700 RCX: 00007fecd4111ad7 [ 318.272364][ C0] RDX: 00007fecd41efea0 RSI: 00007ffeece5ac00 RDI: 0000000000000008 [ 318.280504][ C0] RBP: 00007fecd41efff0 R08: 0000000000000001 R09: 0000000000000000 [ 318.288989][ C0] R10: 0000000000000000 R11: 0000000000000297 R12: 000000000000000a [ 318.296950][ C0] R13: 0000000000003fff R14: 0000000000000000 R15: 000055a5fc247700 [ 318.305017][ C0] [ 318.308263][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 318.315636][ C0] CPU: 0 PID: 7912 Comm: udevd Not tainted 6.1.148-syzkaller #0 [ 318.323407][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 318.333971][ C0] Call Trace: [ 318.337328][ C0] [ 318.340170][ C0] dump_stack_lvl+0x168/0x22e [ 318.344968][ C0] ? memcpy+0x3c/0x60 [ 318.349137][ C0] ? show_regs_print_info+0x12/0x12 [ 318.354681][ C0] ? load_image+0x3b0/0x3b0 [ 318.359312][ C0] panic+0x2c9/0x710 [ 318.363203][ C0] ? bpf_jit_dump+0xd0/0xd0 [ 318.367793][ C0] __warn+0x2f8/0x4f0 [ 318.371798][ C0] ? __queue_work+0xe2d/0xfb0 [ 318.376485][ C0] ? __queue_work+0xe2d/0xfb0 [ 318.381160][ C0] report_bug+0x2ba/0x4f0 [ 318.385496][ C0] ? __queue_work+0xe2d/0xfb0 [ 318.390377][ C0] handle_bug+0x3a/0x70 [ 318.394558][ C0] exc_invalid_op+0x16/0x40 [ 318.399253][ C0] asm_exc_invalid_op+0x16/0x20 [ 318.404144][ C0] RIP: 0010:__queue_work+0xe2d/0xfb0 [ 318.409438][ C0] Code: e9 9d fc ff ff 48 8b 0c 24 80 e1 07 80 c1 03 38 c1 0f 8c c7 fc ff ff 48 8b 3c 24 e8 6d b8 7d 00 e9 b9 fc ff ff e8 d3 9b 2d 00 <0f> 0b 48 83 c4 60 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 bd 9b 2d 00 [ 318.429210][ C0] RSP: 0018:ffffc90000007ae8 EFLAGS: 00010046 [ 318.435276][ C0] RAX: ffffffff8153228d RBX: 0000000000010000 RCX: ffff888027a3bb80 [ 318.443264][ C0] RDX: 0000000000000100 RSI: 0000000000000100 RDI: 0000000000000000 [ 318.451255][ C0] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1c3ea96 [ 318.459228][ C0] R10: fffffbfff1c3ea96 R11: 1ffffffff1c3ea95 R12: ffff88807b6f4800 [ 318.467464][ C0] R13: ffff88807b6f49c0 R14: 0000000000000008 R15: 0000000000000000 [ 318.475543][ C0] ? __queue_work+0xe2d/0xfb0 [ 318.480532][ C0] ? __queue_work+0xe2d/0xfb0 [ 318.485282][ C0] call_timer_fn+0x1a0/0x670 [ 318.489867][ C0] ? queue_work_node+0x3f0/0x3f0 [ 318.494798][ C0] ? call_timer_fn+0xc1/0x670 [ 318.499465][ C0] ? __run_timers+0x7c0/0x7c0 [ 318.504142][ C0] ? do_raw_spin_unlock+0x11d/0x230 [ 318.509433][ C0] ? queue_work_node+0x3f0/0x3f0 [ 318.514483][ C0] __run_timers+0x550/0x7c0 [ 318.519092][ C0] ? detach_timer+0x350/0x350 [ 318.523773][ C0] ? lock_chain_count+0x20/0x20 [ 318.528621][ C0] run_timer_softirq+0x63/0xf0 [ 318.533474][ C0] handle_softirqs+0x2a1/0x920 [ 318.538285][ C0] ? __irq_exit_rcu+0x12f/0x220 [ 318.543170][ C0] ? do_softirq+0x200/0x200 [ 318.547721][ C0] __irq_exit_rcu+0x12f/0x220 [ 318.552408][ C0] ? irq_exit_rcu+0x20/0x20 [ 318.557016][ C0] irq_exit_rcu+0x5/0x20 [ 318.561369][ C0] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 318.567026][ C0] [ 318.569948][ C0] [ 318.572868][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 318.578972][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x32/0x60 [ 318.585151][ C0] Code: d4 b0 81 7e 65 8b 15 d5 b0 81 7e 81 e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 35 83 b9 1c 16 00 00 00 74 2c 8b 91 f8 15 00 00 <83> fa 02 75 21 48 8b 91 00 16 00 00 48 8b 32 48 8d 7e 01 8b 89 fc [ 318.604773][ C0] RSP: 0018:ffffc9000cf7f9a8 EFLAGS: 00000246 [ 318.611026][ C0] RAX: ffffffff83c5ddbb RBX: dffffc0000000000 RCX: ffff888027a3bb80 [ 318.619114][ C0] RDX: 0000000000000000 RSI: 000000000886db1e RDI: 0000000046380ebd [ 318.627190][ C0] RBP: 0000000046380ebd R08: ffff888027a3bb80 R09: 0000000000000003 [ 318.635201][ C0] R10: 0000000000000009 R11: 0000000000000000 R12: ffffc9000cf7fc88 [ 318.643455][ C0] R13: 0000000000000023 R14: ffff88802f5a8aa8 R15: 000000000886db1e [ 318.651433][ C0] ? tomoyo_path_matches_pattern+0x17b/0x260 [ 318.657963][ C0] tomoyo_path_matches_pattern+0x17b/0x260 [ 318.663912][ C0] tomoyo_check_path_acl+0x111/0x1c0 [ 318.669207][ C0] tomoyo_check_acl+0x139/0x3f0 [ 318.674077][ C0] ? tomoyo_execute_permission+0x410/0x410 [ 318.679912][ C0] tomoyo_path_permission+0x1b4/0x380 [ 318.685405][ C0] tomoyo_path_perm+0x403/0x550 [ 318.690346][ C0] ? tomoyo_path_perm+0x1d4/0x550 [ 318.695455][ C0] ? tomoyo_path_permission+0x380/0x380 [ 318.701187][ C0] ? lock_chain_count+0x20/0x20 [ 318.706050][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 318.711423][ C0] security_inode_getattr+0xcf/0x120 [ 318.716813][ C0] vfs_getattr+0x26/0x3a0 [ 318.721310][ C0] ? __fdget_raw+0xca/0x1b0 [ 318.725810][ C0] __x64_sys_newfstat+0x102/0x1c0 [ 318.730862][ C0] ? __ia32_sys_newfstatat+0x1e0/0x1e0 [ 318.736343][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 318.741656][ C0] do_syscall_64+0x4c/0xa0 [ 318.746356][ C0] ? clear_bhb_loop+0x60/0xb0 [ 318.751315][ C0] ? clear_bhb_loop+0x60/0xb0 [ 318.756107][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 318.762634][ C0] RIP: 0033:0x7fecd4111ad7 [ 318.767169][ C0] Code: 73 01 c3 48 8b 0d 21 f3 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 05 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 f1 f2 0d 00 f7 d8 64 89 02 b8 [ 318.790746][ C0] RSP: 002b:00007ffeece5abf8 EFLAGS: 00000297 ORIG_RAX: 0000000000000005 [ 318.800731][ C0] RAX: ffffffffffffffda RBX: 000055a5fc247700 RCX: 00007fecd4111ad7 [ 318.809749][ C0] RDX: 00007fecd41efea0 RSI: 00007ffeece5ac00 RDI: 0000000000000008 [ 318.818896][ C0] RBP: 00007fecd41efff0 R08: 0000000000000001 R09: 0000000000000000 [ 318.828049][ C0] R10: 0000000000000000 R11: 0000000000000297 R12: 000000000000000a [ 318.836050][ C0] R13: 0000000000003fff R14: 0000000000000000 R15: 000055a5fc247700 [ 318.844322][ C0] [ 318.847737][ C0] Kernel Offset: disabled [ 318.852391][ C0] Rebooting in 86400 seconds..