last executing test programs: 3m53.193335034s ago: executing program 0 (id=2168): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="540000004900010928bd700018dcdf250a001c00", @ANYRES32, @ANYBLOB="0000000014000100fe80000000000000000000000000001f14000100fe8000000000000000000000000000bb080002"], 0x54}}, 0x0) 3m52.99831249s ago: executing program 0 (id=2172): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 3m52.80857713s ago: executing program 0 (id=2174): r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x20800, 0x0) ioctl$RTC_SET_TIME(r0, 0x4024700a, &(0x7f0000000300)={0x4, 0x21, 0x0, 0x80000017, 0x5, 0xc0, 0x200005, 0x126, 0x1}) 3m52.647765482s ago: executing program 0 (id=2178): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000240)='./bus\x00', 0x1800840, &(0x7f0000000000)={[{@shortname_win95}, {@shortname_winnt}, {@numtail}, {@shortname_mixed}, {@uni_xlate}, {@rodir}, {@rodir}, {@shortname_win95}, {@uni_xlate}, {@fat=@discard}, {@utf8no}, {@utf8no}, {@shortname_mixed}, {@iocharset={'iocharset', 0x3d, 'macroman'}}]}, 0x1, 0x360, &(0x7f0000001280)="$eJzs3U9oHFUYAPBvO/lbaJODUBSE0ZugoX/woKeUkkJxLypL1YO42FQlGwtZXEwP3caLeBQ86smLeNCDh55FUMSbB69WkKp40N4KFp/s7mx2NrtJU2Fbg7/fYfnyvffNe28zyU4m2ZdXlmPtwnRcvHnzRszNVWJq+cxy3KrEYmTRdzVGzYzJAQAHw62U4s/Us8+SyoSnBABMWPf1/7Ujpcw7X+/VP3n1B4ADr/j5f36vPnO7NVyayJQAgAkbuf//6FDzzPCv+qdKfxUAABxUz7/40jOnqxHP5flcxPq7rVqrFk8P2k9fjDeiEatxPBbidkTvQqHzUOk+nj1XXTme53k7flmMWqeiVYtYb7dqvSuF01m3fjZOxEIsFvXF1UZKKTv7RXXlRN4VEVfb3fFjvdKqTcfhYvwfD8dqnIw8HhipjzhXXTmZFweorffr2xFbg/sWnfkvxUJ8/2pcikZcmD8fKfUva6orV07k+ZlUHapv1WbjwvazsOsdEAAAAAAAAAAAAAAAAAAAAAAA+FeW8m2L2/vfpMH+PUtLY9q7++P06ov9gbZ6+wOl2RQp/fH2E7X3shjaH2jn/jyt2lQcur9LBwAAAAAAAAAAAAAAAAAAgP+M5uZM1BuN1Y3m5uW1ctDeaG4eiohO5s1vP/tqPkb73CGYKsYoNeVF6vJaPWX9zikb6lMEWWfwfubTa9szLveZ3V7F2GnM7t7UaBx55OcPB5mHs/6R/x70yWL8ArMd0ygH60d7U7qbJ+ryqSI4eYfO11NKux3nysujVVGJmLr7T9zeQeoE39x4/cFTzWNPdjNfpp7HHl84f/2Dj39bqzc6I3c0PpnZaN5Oa/Xi4/En2+5BVjp/KtELKuUzYWqv8q3hTD374fcXHnr/u/2NnsqZt8b0yXrL+XyjuVkpvlK6TTO9oJPbUTXfOJdF7DjO9JiTfwLBsY+W69eu/PTrfqtK3yRs1AEAAAAAAAAAAAAAAAAAAPdE6b3iheLNvtN7VT317ORnBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3zuD//5eCrZHMfoK/2jHaNLu60Yw4er+XCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9w/AQAA///ftWu9") mount$nfs(&(0x7f0000000300)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\xdd\x98\xb8\rQh#\xfacl\x01\x8cC\x1f|\xa5\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15A\xb5\xbbG\xa0\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f0000000240)='./file0\x00', 0x0, 0x201008, 0x0) 3m52.19926385s ago: executing program 0 (id=2186): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="bc1b0000400007012bbd700000000000017c00000400c2800c00018006000600843b0000971b02805402178006"], 0x1bbc}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) 3m51.436593874s ago: executing program 0 (id=2195): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000000a640)={0x0, 0x0, &(0x7f000000a600)={&(0x7f000000a5c0)=@ipmr_getroute={0x1c, 0x1a, 0x1, 0x70bd28, 0x25dfdbfe, {0x80, 0x0, 0x0, 0x6, 0xfd, 0x1, 0xfe, 0x4, 0x1000}}, 0x1c}, 0x1, 0x0, 0x0, 0x4008001}, 0x4048844) 3m51.133931926s ago: executing program 32 (id=2195): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000000a640)={0x0, 0x0, &(0x7f000000a600)={&(0x7f000000a5c0)=@ipmr_getroute={0x1c, 0x1a, 0x1, 0x70bd28, 0x25dfdbfe, {0x80, 0x0, 0x0, 0x6, 0xfd, 0x1, 0xfe, 0x4, 0x1000}}, 0x1c}, 0x1, 0x0, 0x0, 0x4008001}, 0x4048844) 11.715898602s ago: executing program 1 (id=5844): r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) recvmmsg(r0, &(0x7f0000001740)=[{{0x0, 0x0, 0x0}, 0x80000001}], 0x1, 0x40, 0x0) 11.554116452s ago: executing program 1 (id=5848): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendmmsg(r0, &(0x7f0000000540)=[{{&(0x7f00000000c0)=@l2tp6={0xa, 0x0, 0x1000, @dev={0xfe, 0x80, '\x00', 0x11}, 0xa, 0x1}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000300)='>', 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="af9b00000000000084"], 0xfe61}}], 0x2, 0xc88c4) 11.290481565s ago: executing program 1 (id=5853): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) fsetxattr(r0, &(0x7f0000000000)=@known='system.posix_acl_default\x00', &(0x7f0000000040)=':-.-\x00', 0x5, 0x1) 11.127179811s ago: executing program 1 (id=5857): syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000340)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa10812, &(0x7f0000000540)=ANY=[@ANYBLOB='dmask=00000000000000000002621,utf8,umask=00000000000000000200000,namecase=1,discard,errors=remount-ro,umask=00000000000000000200004,umask=00000000000000000003377,namecase=1,utf8,iocharset=iso8859-4,iocharset=cp874,dmask=01777777777777777777770,errors=remount-ro,uid=', @ANYRESOCT=0x0, @ANYRESHEX=0x0, @ANYRESDEC=0x0, @ANYRES32, @ANYRESOCT=0x0, @ANYRESOCT=0x0, @ANYRES16=0x0, @ANYRES64=0x0, @ANYRES8=0x0, @ANYRES16, @ANYRESHEX, @ANYRES32, @ANYRES8=0x0], 0x21, 0x1513, &(0x7f0000020a00)="$eJzs3AnYjtX2OP619t43L0lPknmvvW6e9NImSTIkyZAkyZEkU0KSJElSmackU0LmJHNIppDM85Q5SZIkSUimZP8vfZ2/zumcX+d8v+f8fH/nXZ/ruq93r+d+1r7X/aznfe/hvZ7nu7b9K9auVK4mM8P/CP7Xj04AkAIAvQDgGgCIAKBYlmJZLq7PoLHT/2wj4l/roclXugJxJUn/0zbpf9om/U/bpP9pm/Q/bZP+p23S/7RN+i9EWrZ5Ss5rZUm7y/+l+/8g9///N5Lj/3+Qg4VGfrW20PXt/omUh+r/G+sR/+vJ73/aJv1P26T/aZv0P22T/qdt0v+0TfovRFr23793LP87+E9YrvT7TwghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE2nAmXGYA4M/jK12XEEIIIYQQQggh/nVC+itdgRBCCCGEEEIIIf79EBRoMBBBOkgPKZABMsJVkAmuhsxwDSTgWsgC10FWuB6yQXbIATkhF+SGPGCBwAFDDHkhHyThBsgPN0IqFICCcBN4KASF4WYoArdAUbgVisFtUBxuhxJQEkpBabgDysCdUBbugnJwN5SHClARKsE9UBnuhSpwH1SF+6EaPADV4UGoAX+CmvAQ1IKHoTY8AnXgUagL9aA+NICG/638l+BleAU6QEfoBJ2hC3SFbtAdekBP6AWvQm9IufTa9IP+MAAGwhswCN6EwTAEhsJbMAyGwwgYCaNgNIyBt2EsvAPj4F0YDxNgIkyCyTAFpsJ7MA2mwwx4H2bCBzALZsMcmAvz4EOYDwtgIXwEi+BjWAxLYCksg+WwAlbCKlgNa2AtrIP1sAE2wibYDJ/AFtgK22A77ICdsAs+hd3wGeyBz2EvfPFP5p/+q/x2CAioUKFBg+kwHaZgCmbEjJgJM2FmzIwJTGAWzIJZMStmw2w35sAcmAtzYR7Mg4QEgIx5MS8mMYn5MT+mYioWxILo0WNhLIxF8BYsikWxGBbD4lgcS2BJLImlsTSWwTJYFstiOSyH5bE8VsSKeA/eg/diFayCVbEqVsNqWB2r48HcNbAm1sRaWAtrY22sg3WwLtbF+lgfG2JDbISNsDE2xqbYFJthM2yOzbEFtsCW2BJbYStsja2xDbbBttgW2+GL+CK+hC/hK/gKdsTyqjN2wS7YDbthD+yJPfFV7I2v4Wv4OvbFftgfB+AAfAMH4SkcjENwKA7FMmo4jsCRyGo0jsExOBbH4jgch+NxAk7ASTgZp+BUnIrTcDpOx/dxJn6AH+BsnI1zcR7Ow/m4YMCldxguxiW4FJfhclyBy3EVrsZVuBbX4VrcgBtwE27CT/AT3IpbcTtux51oAPBT/Aw/w764F/fiPtyH+3E/HsADeBAP4iE8hIfxMB7BI3gUj+IxPI4n8DiexJN4Ck/jGTyD5/Acnsfnc31Ta2eBNX1BXWSUUelUOpWiUlRGlVFlUplUZpVZJVRCZVFZVFaVVWVT2VQOlUPlUrlUHnVWkSLFKlZ5VV6VVEmVX+VXqSpVFVQFlVdeFVaFVRFVRBVVRVUxdZsqrm5XJVRJ1cSXVqVVGdXUl1V3qXKqnCqvKqiKqpKqpCqryqqKqqKqqqqqmqqmqqsHVQ3VGXvgQ+piZ2qrflhH9ce6qp6qrxqoN/Ax1UgNwsaqiWqqnlBDcDA2V418C/W0aqlGYCv1rBqJz6k2ajS2VS+odupF1V5F6mXV2HdQHdV47Ky6qEnYTXVXPVRPNQ0rqIsdq6heV31VP9VfDVBz8Q01SL2pBqshaqh6Sw1Tw9UINVKNUqPVGPW2GqveUePUu2q8mqAmqklqspqipqr31DQ1Xc1Q76uZ6gM1S81Wc9RcNU99qOarBWqh+kgtUh+rxWqJWqqWqeVqhVqpVqnVao1aq9ap9WqD2qg2qc3qE7VFbVXb1Ha1Q+1Uu9Snarf6TO1Rn6u96gu1T32p9quv1AH1tTqovlGH1LfqsPpOHVHfq6PqB3VMHVcn1I/qpPpJnVKn1Rl1Vp1TP6vz6hd1QQUFGrXSWhsd6XQ6vU7RGXRGfZXOpK/WmfU1OqGv1Vn0dTqrvl5n09l1Dp1T59K5dR5tNWmnWcc6r86nk/oGnV/fqFN1AV1Q36S9LqQL65t1EX2LLqpv1cX0bbq4vl2X0CV1KV1a36HL6Dt1WX2XLqfv1uV1BV1RV9L36Mr6Xl1F36er6vt1Nf2Arq4f1DX0n3RN/ZCupR/WtfUjuo5+VNfV9XR93UA31I/pRvpx3Vg30U31E7qZflI310/pFvpp3VI/o1vpZ3Vr/Zxuo5/XbfULup1+UbfXv+gLOugOuqPupDvrLrqr7qa76x66p+6lX9W99Wu6j35d99X9dH89QA/Ub+hB+k09WA/RQ/VbepgerkfokXqUHq3H6Lf1WP2OHqff1eP1BD1RT9KT9RTd49JMM/6B/Hf+Rn6fX7e+SW/Wn+gteqveprfrHXqn3qV36d16t96j9+i9eq/ep/fp/Xq/PqAP6IP6oD6kD+nD+rA+oo/oo/qoPqaP67P6R31S/6RP6dP6tD6rz+lz+vyl1wAMGmW0MSYy6Ux6k2IymIzmKpPJXG0ym2tMwlxrspjrTFZzvclmspscJqfJZXKbPMYaMs6wiU1ek88kzQ146aBpCpqbjDeFTGFz8z+Tb/KbG02qKfAX+X9UX0PT0DQyjUxj09g0NU1NM9PMNDfNb7lYR0vT0rQyrUxr09q0MW1MW9PWtDPtTHvT3rxsXjYdTAfTyXQyXUxX0810Nz1MT9PLvGp6m96mj+lj+pq+pr/pbwaagWaQGWQGm8FmqBlqhplhZoQZYUaZUWaMGWPGmrFmnBlnxpvxZqKZaCabyWaqmWqmmWlmhplhZpqZZpaZZeaYOWaemWfmm/lmoVloFplFZrFZYpaYZWaZWWFWmFVmlVlj1ph1Zp3ZYDaYxek3m81mi9litpltZofZYXaZXWa32W32mD1mr9lr9pl9Zr/Zbw6YA+agOWgOmUPmsDlsjpgj5qg5ao6ZY+aEOWFOmpPmlDllzpgz5pw5Z86b8+aCuXDxtC9SkYpMZKJ0UbooJUqJMkYZo0xRpihzlDlKRIkoS5QlyhpdH2WLskc5opxRrih3lCeyEUUu4iiO8kb5omR0Q5Q/ujFKjQpEBaObIh8VigpHN0dFoluiotGtUbHotqh4dHtUIioZlYpKR3dEZaI7o7LRXVG56O6ofFQhqhhViu6JKkf3RlWi+6Kq0f1RteiBqHr0YFQj+lNUM3ooqhU9HNWOHonqRI9GdaN6Uf2oQdTwXzp/CKeyP+472I62k+1su9iutpvtbnvYnraXfdX2tq/ZPvZ129f2s/3tADvQvmEH2TftYDvEDrVv2WF2uB1hR9pRdrQdY9+2Y+07dpx91463E+xEO8lOtlPsVPuenWan2xn2fTvTfmBn2dl2jp1r59kP7Xy7wC60H9lF9mO72C6xS+0yu9yusCvtKrvarrFr7Tq73m6wG+0mu9l+YrfYrXab3W532J12l/3U7raf2T32c7vXfmH32S/tfvuVPWC/tgftNymH7Lf2sP3OHrHf26P2B3vMHrcn7I/2pP3JnrKn7Rl71p6zP9vz9hd7wYaLJ/cXD+9kyFA6SkcplEIZKSNlokyUmTJTghKUhbJQVspK2Sgb5aAclItyUR7KQxcxMeWlvJSkJOWn/JRKqVSQCpInT4WpMBWhIlSUilIxKkbFqTiVoBJUikrRHXQH3Ul30l10F91Nd1MFqkCVqBJVpspUhapQVapK1agaVafqVINqUE2qSbWoFtWm2lSH6lBdqkv1qT41pIbUiBpRY2pMTakpNaNm1JyaUwtqQS2pJbWiVtSaWlMbakNtqS21o3bUntrTy/QydaAO1Ik6URfqQt2oG/WgHtSLelFv6k19qA/1pb7Un/rTQBpIg2gQDaYhNJTeomE0nEbQSBpFo2kMjaGxNJbG0TgaT+NpIk2kyTSZptJUmkbTaAbNoJk0k2bRLJpDc2gezaP5NJ8W0kJaRItoMS2mpbSUltNyWkkraTWtprW0ltbTetpIG2kzbaYttIW20TbaQTtoF+2i3bSb9tAe2kt7aR/to/20nw7QATpIB+kQHaLDdJiO0BE6SkfpGB2jE3SCTtJJOkWn6AydoXP0M52nX+gCBUpxGVxGd5XL5K52md017q/jHC6ny+VyuzzOumwu+1/E5JxLdQVcQXeT866QK+xudqkXT3h/E5dwJV0pV9rd4cq4O13Z38WV3b2uirvPVXX3u0runr+Iq7kHXHX3iKvhHnU1XT1XyzVwtd0jro571NV19Vx918A1c0+65u4p18I97Vq6Z34Xz3cL3Gq3xq1169xu95k74866w+47d8797Dq4jq6Xe9X1dq+5Pu5119f1+1081L3lhrnhboQb6Ua50b+LJ7pJbrKb4qa699w0N/138Tz3oZvpFrpZbrab4+b+Gl+saaH7yC1yH7vFbolb6pa55W6FW+lW/f+1LnMb3Ea3ye1yn7otbqvb5ra7HW7nr/HF/djjPnd73RfukPvW7XdfuQPuiDvovvk1vrh/R9z37qj7wR1zx90J96M76X5yp9zpX/f/4r7/6H5xF1xwwMiKNRuOOB2n5xTOwBn5Ks7EV3NmvoYTfC1n4es4K1/P2Tg75+CcnItzcx62TOyYOea8nI+TfAPn5xs5lQtwQb6JPRfiwnwzF+FbuCjfysX4Ni7Ot3MJLsmluDTfwWX4Ti7Ld3E5vpvLcwWuyJX4Hq7M93IVvo+r8v1cjR/g6vwg1+A/cU1+iGvxw1ybH+E6/CjX5XpcnxtwQ36MG/Hj3JibcFN+gpvxk9ycn+IW/DS35Ge4FT/Lrfk5bsPPc1t+gdvxi9yeX+KX+RXuwB25E3fmLtyVu3F37sE9uRe/yr35Ne7Dr3Nf7sf9eQAP5Dd4EL/Jg3kID+W3eBgP5xE8kkfxaB7Db/NYfofH8bs8nifwRJ7Ek3kKT+X3eBpP5xn8Ps/kD3gWz+Y5PJfn8Yc8nxfwQv6IF/HHvJiX8FJexst5Ba/kVbya1/BaXsfreQNv5E28mT/hLbyVt/F23sE7eRd/yrv5M97Dn/Ne/oL38Ze8n7/iA/w1H+Rv+BB/y4f5Oz7C3/NR/oGP8XE+wT/ySf6JT/FpPsNn+Rz/zOf5F77AgSHGWMU6NnEUp4vTxylxhjhjfFWcKb46zhxfEyfia+Ms8XVx1vj6OFucPc4R54xzxbnjPLGNKXYxx3GcN84XJ+Mb4vzxjXFqXCAuGN8U+7hQXDi+OS4S3xIXjW+Ni8W3xcXj2+MSccn4kftLx3fEZeI747LxXXG5+O64fFwhrhhXiu+JK8f3xlXi++Kq8f1x0fiBuHr8YAyXPq9SK344rh0/EteJH43rxvXi+nGDuGH8WNwofjxuHDeJm8ZPxM3iJ+Pm8VNxi/jpuGX8zB+u7xR3jrvEXeOucQj36TnJucl5yQ+T85MLkguTHyUXJT9OLk4uSS5NLksuT65IrkyuSq5OrkmuTa5Lrk9uSG5MbkqGUCk9ePTKa2985NP59D7FZ/AZ/VU+k7/aZ/bX+IS/1mfx1/ms/nqfzWf3OXxOn8vn9nm89eSdZx/7vD6fT/obfH5/o0/1BXxBf5P3vpAv7Bv4hr6hb+Qf9419E9/UP+Gf8E/6J/1T/in/tG/pn/Gt/LO+tX/Ot/HP++f9C76df9G39y/5l/0rvoPv6Dv5Tr6L7+K7+W6+h+/he/levrfv7fv4Pr6v7+v7+/5+oB/oB/lBfrAf7If6oX6YH+ZH+BF+lB/lx/gxfqwf68f5cX68H+8n+ol+sp/sp/qpfpqf5mf4GX5m6kw/y8/yc/wcP8/P8/P9fL/QL/SL/CK/2C/2S/1Sv9wv9yv9Sr/ar/Zr/Vq/3q/3G/1Gv9lv9lv8Fr/Nb/M7/A6/y+/yu/1uv8fv8Xv9Xr/P7/P7/X5/wH/tD/pv/CH/rT/sv/NH/Pf+qP/BH/PH/Qn/oz/pf/Kn/Gl/xp/15/zP/rz/xV/wwY9JvJ0Ym3gnMS7xbmJ8YkJiYmJSYnJiSmJq4r3EtMT0xIzE+4mZiQ8SsxKzE3MScxPzEh8m5icWJBYmPkosSnycWJxYkliaWJZYnliRCCH3ljjkDflCMtwQ8ocbQ2ooEAqGm4IPhULhcHMoEm4JRcOtoVi4LRQPt4cSoWQoFR4NdUO9UD80CA3DY6FReDw0Dk1C0/BEaBaeDM3DU6FFeDq0DM+EVuHZ0Do8F9qE50Pb8EJo9+crrvBK6BA6hk6hc+gSuoZuoXvoEXqGXuHV0Du8FvqE10Pf0C/0DwPCwPBGGBTeDIPDkDA0vBWGheFhRBgZRoXRYUx4O4wN74Rx4d0wPkwIE8OkMDlMCVPDe2FamB5mhPfDzPBBmBVmhzlhbpgXPgzzw4KwMHwUFoWPw+KwJCwNy8LysCKsDKvC6rAmrA3rwvqwIWwMm8Lm8EnYEraGbWF72BF2hl3h07A7fBb2hM/D3vBF2Be+DPvDV+FA+DocDN+EQ+HbcDh8F46E78PR8EM4Fo6HE+HHcDL8FE6F0+FMOBvOhZ/D+fBLuCCfWRNCCCGE+Id0/YP1nf/GYwYA1KVxFwC4emvOg79drwFgfbb/GndXuZolAODpjm0f+vNSvnynTp0uPXexhijfbABI/NUGLsVLoCk8CS2gCRT5m/V1Vy+e4z+YP3kbQMbf5KTA5fjy/F/+nfkfe2Lo/OLxmSz/h/lnA6Tmu5yTAS7HS6DpF68AQBMo+nfmz97oD+rP8NUYgMa/yckEl+PL9ReGx+EZaPEXz/wr91/199cJIYQQQgghhPiP1l2Vav1H188Xr89zmcs56eFy/EfX50IIIYQQQgghhLjynnux/VOPtWjRpPU/Pkj/zzxZBjKQwf+Lgyv9l0kIIYQQQgjxr3b5pP/yYxmuZEFCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIUQa9Jsv/coAAP+WrxO70vsohBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCXGn/XwAAAP//BdswlA==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) 10.621489772s ago: executing program 1 (id=5865): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000059010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a3100000d0058000000060a010400000000000000000100000008000b4000000000300004802c000180090001007866726d000000001c0002800800014000000000080002400000000505000300020000000900010073797a30"], 0xcc}}, 0x0) 9.972552841s ago: executing program 1 (id=5873): r0 = openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000040)=@l={0x92, 0x6, 0xe0, 0x0, 0x0, 0xfc}) 9.607909443s ago: executing program 33 (id=5873): r0 = openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000040)=@l={0x92, 0x6, 0xe0, 0x0, 0x0, 0xfc}) 1.264714897s ago: executing program 2 (id=5959): r0 = socket$kcm(0xa, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x29, 0x17, &(0x7f0000000100), 0x4) 1.220674291s ago: executing program 4 (id=5961): r0 = syz_open_dev$video4linux(&(0x7f0000000040), 0x0, 0x161800) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000580)={0x0, 0x0, {0x0, 0xd, 0x3010, 0x3, 0x4, 0x1, 0x5, 0x2}}) 1.080524705s ago: executing program 2 (id=5963): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000900000000000000000a20000000000a01010000000000000000050000000900010073797a30000000004c000000030a01080000000000000000050000000900010073797a30000000000900030073797a32000000001400048008000240000000140800014000000002"], 0x94}, 0x1, 0x0, 0x0, 0x40090}, 0x0) 1.025300126s ago: executing program 3 (id=5964): r0 = socket(0x840000000002, 0x3, 0x9) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x4001, 0x3, 0x278, 0x0, 0x700001b, 0x148, 0x128, 0x148, 0x1e0, 0x206, 0x240, 0x1e0, 0x240, 0x7fffffe, 0x0, {[{{@ip={@loopback, @rand_addr, 0xffffff00, 0x0, 'tunl0\x00', 'veth0_to_bond\x00', {0xff}, {}, 0x1}, 0x1ea, 0xc0, 0x128, 0x0, {0x390, 0x8f00}, [@common=@inet=@socket3={{0x28}, 0x1}, @common=@inet=@socket2={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0xfffffffc, 0x0, '\x00', 'syz0\x00', {0x80000000}}}}, {{@ip={@remote, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xe2002454fb7b9fcc, 0xff, 'team0\x00', 'gre0\x00', {}, {0xff}, 0x8, 0x2, 0x5}, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private2, 'veth0_to_batadv\x00', {0x9}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2d8) 991.522381ms ago: executing program 4 (id=5965): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000002940)={0x1, 'geneve0\x00', 0x1}, 0x18) 918.359453ms ago: executing program 3 (id=5966): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x24, &(0x7f00000003c0)={0x300, 0x0, 0x0, 0x0, 0xffffffffffffffff}) 905.319928ms ago: executing program 5 (id=5967): r0 = socket(0x1, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000f80)={'gre0\x00', &(0x7f0000000e80)={'syztnl0\x00', 0x0, 0x98e9b1281682d8bc, 0x7, 0x8001, 0x5, {{0x5, 0x4, 0x2, 0x4, 0x14, 0x67, 0x0, 0x8, 0x29, 0x0, @local, @broadcast}}}}) 819.637552ms ago: executing program 4 (id=5968): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x69801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @dev}, @IFLA_GRE_TTL={0x5, 0x8, 0xfe}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20040000}, 0x0) 810.515756ms ago: executing program 2 (id=5969): r0 = socket(0x200000000000011, 0x2, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x4, 0x8000}, 0x4) 762.746502ms ago: executing program 5 (id=5970): r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0) write$vga_arbiter(r0, &(0x7f0000000180)=ANY=[@ANYBLOB='unlock me'], 0xb) 746.246548ms ago: executing program 3 (id=5971): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000080)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0xa000000}, 0x50) 661.704333ms ago: executing program 2 (id=5972): r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) keyctl$get_keyring_id(0x0, r0, 0x7) 639.618646ms ago: executing program 5 (id=5973): r0 = socket(0x10, 0x2, 0x0) write(r0, &(0x7f0000000800)="240000001e005f0314f90408faac470002000000010000000000080008000dc013000000", 0x24) 599.325827ms ago: executing program 3 (id=5974): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) mount_setattr(r0, &(0x7f0000000040)='.\x00', 0x8000, &(0x7f0000001dc0)={0x87}, 0x20) 549.655418ms ago: executing program 2 (id=5975): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000017c0)={0x14, 0x2f, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x4, 0xf2}]}, 0x14}], 0x1, 0x0, 0x0, 0x1}, 0x0) 507.37577ms ago: executing program 5 (id=5976): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x70bd2d, 0x0, {0x2, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x3, 0x20001}, [@FRA_SRC={0x8, 0x2, @private=0xa010101}]}, 0x24}, 0x1, 0x0, 0x0, 0x40001}, 0x0) 367.347609ms ago: executing program 3 (id=5977): r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000240)={0xb, @vbi={0x0, 0xfffffffa, 0x9, 0x31324d4e, [0x8, 0x7], [0x9, 0x3], 0x1}}) 366.573514ms ago: executing program 2 (id=5978): r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) connect$bt_rfcomm(r0, &(0x7f00000001c0)={0x1f, @none, 0x1}, 0xa) 322.049415ms ago: executing program 5 (id=5979): r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3) getsockopt$bt_BT_VOICE(r0, 0x112, 0xb, 0x0, &(0x7f00000003c0)) 303.181657ms ago: executing program 4 (id=5980): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)={0x14, 0x14, 0x119, 0x0, 0xfffffffd, {0x10}}, 0x14}, 0x1, 0x2c}, 0x0) 206.284669ms ago: executing program 4 (id=5981): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f00000024c0)=@newsa={0x140, 0x10, 0x1, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@local, 0x0, 0x20, 0x2000, 0x0, 0x0, 0x0, 0x80, 0x5c}, {@in6=@remote, 0x14, 0x6c}, @in=@empty=0x14, {0x8, 0x800000000, 0x0, 0xfffffff7ffffffff, 0x0, 0x0, 0x1000000000000000}, {0x0, 0x4, 0x0, 0x100000000000000}, {}, 0x80000000, 0xfffffffd, 0x2, 0x1, 0x6, 0x2c}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @replay_thresh={0x8, 0xb, 0x100}]}, 0x140}, 0x1, 0x0, 0x0, 0x4004050}, 0x0) 151.468669ms ago: executing program 3 (id=5982): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x848a, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@grpjquota, 0x22}, {@errors_continue}, {@noload}, {@nombcache}, {@usrjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@barrier}]}, 0x1, 0x460, &(0x7f0000001200)="$eJzs3MtvG0UYAPBv7dh9k1DKo6WFQEFUPJI2fdADlyKQOICEBIciTiFNq1C3QUmQaBVByiEcUSXuiCMSfwEXygVBT0hc4Y6QAsqFwslo7XXqJrbzcuwW/37SJjM7Y8183h17POt1AD1rMP2TROyOiF8jor+avbPCYPXfrcXZsX8WZ8eSKJff+iup1Pt7cXasVrX2uF3VTLncot35dyNGS6XxqSw/PHPpg+HpK1dfmLg0emH8wvjlkdOnTxw/VDw1crItce5J+3rg48mD+1975/obY2evv/fTN2l/d2fl9XG0y2D12W3o6XY31mV76tJJXxc7wrrkIyI9XIXK+O+PfOxYKuuPVz/taueALVUu58rbmhfPlYH/sXSiDvSi2ht9+vm3tnVo6nFXWDgTS+sYt7KtWtIXuaxOIfuMtBUGI+Ls3L9fplts0ToEAEC9G2ci4vlG879cPFRX777s2tBARNwfEXsj4oGI2BcRD0ZU6j4cEY+ssd3KKvPOlftXzn/K/RsObg3S+d9L2bWtO+d/tdlfDOSz3J5K/IXk/MTNOJo9J0eisO38RGn8WIs2vn/ll8+bldXP/9Itbb82F8z68UffsgW6c6Mzo5uJud7CtYgDfY3iT5bmvOn8eH9EHNhgGxPPfn2wWdnq8bfQhkl5+auIZ6rHfy6WxV+TNL0+eezFUyMnh7dHafzocHoWHG3Yxs2f59/MWkuWl20q/jZYuFGuDMNGxz8zkGyPmL5y9WLleu30+tuY/+2zpp9pNnr+F5O3K+litu+j0ZmZqWMRxeT1lftHbj+2lq/VT8//I4cbj/+9cfuZeDQi0pP4UEQ8FhGPZ31/IiKejIjDLeL/8eWn3l9//C1W5dsojf/PwirHP+qP//oT+Ys/fLv++GvS43+ikjqS7VnL61+rfl2b2szZDAAAAPeeXOU78EluaCmdyw0NVb/Dvy925kqT0zPPnZ/88PK56nflB6KQq6109S+th1bXPwfq8iPL8sezdeMv8jsq+aGxydK5bgcPPW5Xk/Gf+j3f7d4BW879WtC7jH/oXcY/9C7jH3qX8Q+9q9H4/6QL/QA6b5X3/x2d6gfQeeb/0Ltaj/9ix/oBdJ73f+hJTW+Sz23qln+JLiW+K27utxrWnojcXRLyPZjINywqRMPKfS1/zKINiW0Ni7r9ygQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAe/wUAAP//fprkUw==") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) 77.36949ms ago: executing program 5 (id=5983): r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000059770c40c009030243d3000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, &(0x7f0000000080)={0x0, 0x7, 0x6, "02f1a5f95f1c"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 0s ago: executing program 4 (id=5984): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c00000045000900000000000200000002000000080002"], 0x1c}}, 0x0) kernel console output (not intermixed with test programs): heck. [ 475.413872][T16128] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 475.494675][T16130] loop3: detected capacity change from 0 to 128 [ 475.658593][T16136] kAFS: unable to lookup cell '/,' [ 475.825510][T16138] bond4: option primary: mode dependency failed, not supported in mode balance-rr(0) [ 475.870948][T16138] bond4 (unregistering): Released all slaves [ 476.485053][T16171] tmpfs: Bad value for 'mpol' [ 476.520986][T16173] x_tables: duplicate underflow at hook 4 [ 476.743901][T16180] SQUASHFS error: Failed to read block 0x2d7: -5 [ 476.750769][T16180] SQUASHFS error: Unable to read metadata cache entry [2d5] [ 476.810547][T16180] SQUASHFS error: Failed to read block 0x8f: -5 [ 476.840190][ T30] audit: type=1800 audit(1780844867.123:49): pid=16180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4237" name="file1" dev="loop3" ino=5 res=0 errno=0 [ 476.974338][T16159] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.4227 (16159) [ 477.047019][T16159] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 477.095245][T16159] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm [ 477.129505][T16195] netlink: 'syz.2.4245': attribute type 1 has an invalid length. [ 477.161068][T16195] netlink: 228 bytes leftover after parsing attributes in process `syz.2.4245'. [ 477.304343][T16159] BTRFS info (device loop5): setting nodatasum [ 477.329305][T16217] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 477.353253][T16159] BTRFS info (device loop5): allowing degraded mounts [ 477.374387][T16217] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 477.396369][T16159] BTRFS info (device loop5): disabling tree log [ 477.405513][T16159] BTRFS info (device loop5): turning on async discard [ 477.432751][T16159] BTRFS info (device loop5): enabling free space tree [ 477.612065][T11492] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 478.087598][T16243] set_capacity_and_notify: 3 callbacks suppressed [ 478.087616][T16243] loop3: detected capacity change from 0 to 256 [ 478.322351][T16246] loop1: detected capacity change from 0 to 4096 [ 478.370308][T16246] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 478.496284][T16246] ntfs3(loop1): ino=19, mi_enum_attr [ 478.533112][T16246] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 478.733145][T16265] xt_TCPMSS: Only works on TCP SYN packets [ 478.808007][ T30] audit: type=1326 audit(1780844868.965:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16270 comm="syz.1.4274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf7558f749 code=0x7ffc0000 [ 478.866055][ T30] audit: type=1326 audit(1780844868.965:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16270 comm="syz.1.4274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf7558f749 code=0x7ffc0000 [ 478.958489][ T30] audit: type=1326 audit(1780844868.965:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16270 comm="syz.1.4274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7fbf7558f749 code=0x7ffc0000 [ 479.061456][ T30] audit: type=1326 audit(1780844868.965:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16270 comm="syz.1.4274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf7558f749 code=0x7ffc0000 [ 479.160127][ T30] audit: type=1326 audit(1780844868.965:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16270 comm="syz.1.4274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf7558f749 code=0x7ffc0000 [ 479.256067][ T5933] usb 2-1: new high-speed USB device number 70 using dummy_hcd [ 479.282328][T16289] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4283'. [ 479.324812][T16293] vim2m vim2m.0: Fourcc format (0x56595559) invalid. [ 479.419021][ T5933] usb 2-1: Using ep0 maxpacket: 8 [ 479.426094][ T5933] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 479.452285][ T5933] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89 [ 479.476031][ T5933] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 479.523497][ T5933] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 59391, setting to 1024 [ 479.566194][ T5933] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 479.585741][ T5933] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 479.622493][ T5933] usb 2-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8 [ 479.634698][ T5933] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 479.662468][ T5933] usb 2-1: Product: syz [ 479.670054][ T5933] usb 2-1: Manufacturer: syz [ 479.689917][ T5933] usb 2-1: SerialNumber: syz [ 479.709615][ T5933] usb 2-1: config 0 descriptor?? [ 479.716773][T16277] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 479.888643][T16315] loop2: detected capacity change from 0 to 512 [ 479.918430][T16315] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 479.937923][T16315] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 480.000956][T16315] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 480.018532][T16315] System zones: 0-2, 18-18, 34-34 [ 480.038352][T16315] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.4296: iget: bad i_size value: 360287970189639680 [ 480.053767][T16315] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.4296: couldn't read orphan inode 15 (err -117) [ 480.079103][T16315] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 480.177773][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 480.190266][T16297] loop3: detected capacity change from 0 to 32768 [ 480.200365][T16297] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4288 (16297) [ 480.210243][T16297] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 480.210318][T16297] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 480.381426][T16297] BTRFS info (device loop3): enabling ssd optimizations [ 480.381455][T16297] BTRFS info (device loop3): turning on async discard [ 480.381473][T16297] BTRFS info (device loop3): enabling free space tree [ 480.519016][ T5823] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 481.103213][T16360] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4311'. [ 481.149869][T16360] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4311'. [ 481.191827][ T8973] usb 5-1: new high-speed USB device number 58 using dummy_hcd [ 481.234516][ T5933] rc_core: IR keymap rc-snapstream-firefly not found [ 481.259004][ T5933] Registered IR keymap rc-empty [ 481.274648][ T5933] rc rc0: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 481.308877][ T5933] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input38 [ 481.347527][ T5933] input: syz syz mouse as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input39 [ 481.374374][ T8973] usb 5-1: Using ep0 maxpacket: 8 [ 481.380729][T16351] loop2: detected capacity change from 0 to 32768 [ 481.383385][ T8973] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 481.396375][T16351] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4306 (16351) [ 481.411333][ T5933] usb 2-1: USB disconnect, device number 70 [ 481.411388][ C0] ati_remote 2-1:0.0: ati_remote_irq_in: usb_submit_urb()=-19 [ 481.415541][ T8973] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 481.435274][ T8973] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 481.474029][T16351] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 481.500867][T16351] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 481.509549][ T8973] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 49 [ 481.509595][ T8973] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 481.509617][ T8973] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 481.513069][ T8973] usb 5-1: config 0 descriptor?? [ 481.593069][T16356] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 481.609039][ T5910] usb 4-1: new high-speed USB device number 66 using dummy_hcd [ 481.702997][T16351] BTRFS info (device loop2): setting nodatasum [ 481.730532][T16351] BTRFS info (device loop2): setting nodatacow [ 481.758952][T16351] BTRFS info (device loop2): enabling ssd optimizations [ 481.768539][T16351] BTRFS info (device loop2): turning on async discard [ 481.788759][T16351] BTRFS info (device loop2): enabling free space tree [ 481.795875][ T5910] usb 4-1: Using ep0 maxpacket: 16 [ 481.823301][ T5910] usb 4-1: config 254 has an invalid interface number: 235 but max is 0 [ 481.852058][ T5910] usb 4-1: config 254 has no interface number 0 [ 481.861507][ T5933] usb 2-1: new high-speed USB device number 71 using dummy_hcd [ 481.870343][ T5910] usb 4-1: config 254 interface 235 altsetting 2 bulk endpoint 0x6 has invalid maxpacket 32 [ 481.916674][T16392] netlink: 'syz.5.4317': attribute type 1 has an invalid length. [ 481.932852][ T5910] usb 4-1: config 254 interface 235 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 481.936621][ C0] Bluetooth: hci5: Unexpected continuation: 1 bytes [ 481.956429][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 481.965119][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 481.967065][ T5910] usb 4-1: config 254 interface 235 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0 [ 481.972155][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 481.989206][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 481.996145][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.003159][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.010100][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.017135][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.024029][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.026789][ T5910] usb 4-1: config 254 interface 235 has no altsetting 0 [ 482.031287][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.045043][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.052840][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.060663][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.067633][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.074669][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.081666][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.089120][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.096622][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.103771][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.104662][ T5910] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=2b.f1 [ 482.110807][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.126752][ T5933] usb 2-1: config 0 has an invalid interface number: 255 but max is 0 [ 482.135084][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.141949][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.150022][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.156999][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.164087][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.167595][ T5824] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 482.171074][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.188261][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.195089][ T5940] usb 5-1: USB disconnect, device number 58 [ 482.201305][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.208291][ T5838] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 482.217744][ T5825] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 482.218956][ T5910] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=5 [ 482.224563][ T5933] usb 2-1: config 0 has no interface number 0 [ 482.238501][ T5933] usb 2-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30 [ 482.249841][ T5933] usb 2-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 482.264169][ T5933] usb 2-1: config 0 interface 255 has no altsetting 0 [ 482.273322][ T5933] usb 2-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 482.282457][ T5933] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 482.290993][ T5910] usb 4-1: Product: syz [ 482.297096][ T5933] usb 2-1: config 0 descriptor?? [ 482.304662][ T5933] ums-realtek 2-1:0.255: USB Mass Storage device detected [ 482.326376][T16395] loop5: detected capacity change from 0 to 164 [ 482.333375][ T5910] usb 4-1: Manufacturer: syz [ 482.348112][ T5910] usb 4-1: SerialNumber: syz [ 482.362554][T16369] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 482.399600][T16395] Unable to read rock-ridge attributes [ 482.436712][T16395] Unable to read rock-ridge attributes [ 482.497504][T16395] syz.5.4318: attempt to access beyond end of device [ 482.497504][T16395] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 482.538816][T16395] syz.5.4318: attempt to access beyond end of device [ 482.538816][T16395] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 482.617849][ T30] audit: type=1800 audit(1780844872.528:55): pid=16395 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.4318" name="file0" dev="loop5" ino=1862 res=0 errno=0 [ 482.638498][T16369] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 482.652055][ T5910] usbtest 4-1:254.235: Linux gadget zero [ 482.660781][ T5910] usbtest 4-1:254.235: high-speed {control in/out bulk-in bulk-out} tests (+alt) [ 482.697889][ T5933] usb 2-1: USB disconnect, device number 71 [ 482.931125][ T5933] usb 4-1: USB disconnect, device number 66 [ 483.471509][T16424] loop1: detected capacity change from 0 to 4096 [ 483.511376][T16424] ntfs3(loop1): ino=1a, mi_enum_attr [ 483.900875][T16442] syz.1.4341 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 483.975676][ T5825] Bluetooth: hci3: command 0x0406 tx timeout [ 484.080773][T16448] program syz.3.4343 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 484.211742][T16451] loop4: detected capacity change from 0 to 1024 [ 484.442572][T16425] loop5: detected capacity change from 0 to 32768 [ 484.497197][T16463] binder: binder_mmap: 16462 2000004cd000-2000004ce000 bad vm_flags failed -1 [ 484.531982][T16425] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 484.765116][T16425] XFS (loop5): Ending clean mount [ 484.782085][T16479] xt_TCPMSS: Only works on TCP SYN packets [ 484.796596][ T5831] Bluetooth: hci2: unexpected event for opcode 0x100c [ 484.806794][T16425] XFS (loop5): Quotacheck needed: Please wait. [ 484.811167][ T5910] usb 5-1: new full-speed USB device number 59 using dummy_hcd [ 484.894017][T16425] XFS (loop5): Quotacheck: Done. [ 485.017369][T11492] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 485.028718][ T5910] usb 5-1: config index 0 descriptor too short (expected 4495, got 71) [ 485.047600][ T5910] usb 5-1: config 0 has an invalid interface number: 105 but max is 0 [ 485.067117][ T5910] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 485.087144][ T5910] usb 5-1: config 0 has no interface number 0 [ 485.110261][ T5910] usb 5-1: New USB device found, idVendor=046c, idProduct=14e0, bcdDevice= 0.01 [ 485.139430][ T5910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 485.165572][ T5910] usb 5-1: Product: syz [ 485.172833][ T5910] usb 5-1: Manufacturer: syz [ 485.177466][ T5910] usb 5-1: SerialNumber: syz [ 485.204002][ T5910] usb 5-1: config 0 descriptor?? [ 485.242066][T16471] loop2: detected capacity change from 0 to 32768 [ 485.250916][ T5910] uvcvideo 5-1:0.105: probe with driver uvcvideo failed with error -22 [ 485.305554][T16491] IPv6: Can't replace route, no match found [ 485.320111][T16471] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4354 (16471) [ 485.341681][T16471] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 485.364793][T16471] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 485.476734][ T5933] usb 5-1: USB disconnect, device number 59 [ 485.571720][T16471] BTRFS info (device loop2): enabling ssd optimizations [ 485.597883][T16471] BTRFS info (device loop2): turning on async discard [ 485.604782][T16471] BTRFS info (device loop2): enabling free space tree [ 485.661653][ T5824] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 485.732368][T16514] libceph: resolve '00' (ret=-3): failed [ 486.008759][T16524] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4370'. [ 486.313895][T16536] loop3: detected capacity change from 0 to 512 [ 486.353718][T16540] netlink: 196 bytes leftover after parsing attributes in process `syz.2.4377'. [ 486.433942][T16536] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 486.574229][T16536] ext4 filesystem being mounted at /891/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 486.780315][ T5823] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 487.066391][T16573] loop2: detected capacity change from 0 to 256 [ 487.107737][T16573] exfat: Deprecated parameter 'namecase' [ 487.127730][T16573] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 487.185018][T16573] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d) [ 487.353197][T16589] netlink: 'syz.4.4398': attribute type 21 has an invalid length. [ 487.373884][ T8973] usb 2-1: new high-speed USB device number 72 using dummy_hcd [ 487.378138][T16589] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4398'. [ 487.475756][T16594] loop2: detected capacity change from 0 to 256 [ 487.555058][ T8973] usb 2-1: Using ep0 maxpacket: 32 [ 487.578945][ T8973] usb 2-1: config 6 has an invalid interface number: 250 but max is 0 [ 487.613521][ T8973] usb 2-1: config 6 has no interface number 0 [ 487.630030][ T8973] usb 2-1: config 6 interface 250 has no altsetting 0 [ 487.649294][ T8973] usb 2-1: New USB device found, idVendor=17cc, idProduct=1000, bcdDevice=a9.d1 [ 487.667661][ T8973] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=9 [ 487.725781][ T8973] usb 2-1: Product: syz [ 487.730045][ T8973] usb 2-1: Manufacturer: syz [ 487.747134][ T8973] usb 2-1: SerialNumber: syz [ 487.946505][T16606] loop4: detected capacity change from 0 to 4096 [ 488.019810][T16606] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 488.020995][ T8973] snd-usb-audio 2-1:6.250: probe with driver snd-usb-audio failed with error -71 [ 488.064678][T16614] loop3: detected capacity change from 0 to 256 [ 488.082757][ T8973] usb 2-1: USB disconnect, device number 72 [ 488.103318][T16606] ntfs3(loop4): Failed to load $Extend (-22). [ 488.105156][T16614] exfat: Deprecated parameter 'utf8' [ 488.152133][T16606] ntfs3(loop4): Failed to initialize $Extend. [ 488.152610][T16614] exfat: Deprecated parameter 'utf8' [ 488.209539][T16614] exfat: Deprecated parameter 'utf8' [ 488.246688][T16614] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 488.580780][T16624] binder: Bad value for 'stats' [ 488.827942][T16633] loop1: detected capacity change from 0 to 4096 [ 488.878834][T16610] loop5: detected capacity change from 0 to 32768 [ 488.917376][T16633] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 488.956873][T16633] ntfs3(loop1): Failed to load $Extend (-22). [ 488.987711][T16633] ntfs3(loop1): Failed to initialize $Extend. [ 489.238108][T16648] loop3: detected capacity change from 0 to 256 [ 489.282971][T16645] loop4: detected capacity change from 0 to 1024 [ 489.284902][T16645] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 489.302435][T16645] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 489.302775][T16645] EXT4-fs (loop4): orphan cleanup on readonly fs [ 489.335702][T16648] FAT-fs (loop3): Directory bread(block 64) failed [ 489.335738][T16648] FAT-fs (loop3): Directory bread(block 65) failed [ 489.335816][T16648] FAT-fs (loop3): Directory bread(block 66) failed [ 489.335840][T16648] FAT-fs (loop3): Directory bread(block 67) failed [ 489.335919][T16648] FAT-fs (loop3): Directory bread(block 68) failed [ 489.335944][T16648] FAT-fs (loop3): Directory bread(block 69) failed [ 489.336021][T16648] FAT-fs (loop3): Directory bread(block 70) failed [ 489.336046][T16648] FAT-fs (loop3): Directory bread(block 71) failed [ 489.336123][T16648] FAT-fs (loop3): Directory bread(block 72) failed [ 489.336147][T16648] FAT-fs (loop3): Directory bread(block 73) failed [ 489.347627][T16645] Quota error (device loop4): v2_read_file_info: Block with free entry 1283 out of range (1, 6). [ 489.347889][T16645] EXT4-fs warning (device loop4): ext4_enable_quotas:7183: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 489.347917][T16645] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 489.348089][T16645] EXT4-fs error (device loop4): ext4_free_blocks:6706: comm syz.4.4426: Freeing blocks not in datazone - block = 0, count = 4096 [ 489.357332][T16645] EXT4-fs (loop4): 1 orphan inode deleted [ 489.359093][T16645] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 489.402770][T16645] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.4426: iget: bad extended attribute block 6 [ 489.488570][T16653] loop2: detected capacity change from 0 to 64 [ 489.648450][T16651] bond2: option tlb_dynamic_lb: invalid value (5) [ 489.718509][T16651] bond2 (unregistering): Released all slaves [ 489.782332][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 490.091444][T16658] loop3: detected capacity change from 0 to 8192 [ 491.003513][T16668] loop1: detected capacity change from 0 to 32768 [ 491.330183][T16714] xt_cluster: node mask cannot exceed total number of nodes [ 491.780400][T16730] : renamed from bridge_slave_0 (while UP) [ 491.995964][T16700] loop4: detected capacity change from 0 to 32768 [ 492.069181][T16700] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 492.175862][T16700] XFS (loop4): Ending clean mount [ 492.250277][T16700] XFS (loop4): Quotacheck needed: Please wait. [ 492.283355][T16757] loop3: detected capacity change from 0 to 256 [ 492.309666][T16758] netlink: 'syz.5.4475': attribute type 9 has an invalid length. [ 492.350259][T16700] XFS (loop4): Quotacheck: Done. [ 492.548467][ T5836] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 493.039455][T16782] loop3: detected capacity change from 0 to 2048 [ 493.288269][T16795] netlink: 'syz.5.4494': attribute type 1 has an invalid length. [ 493.329450][ T5910] usb 3-1: new high-speed USB device number 64 using dummy_hcd [ 493.523138][ T5910] usb 3-1: Using ep0 maxpacket: 16 [ 493.533923][ T5910] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 493.544765][ T977] usb 2-1: new low-speed USB device number 73 using dummy_hcd [ 493.570554][ T5910] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 493.579943][T16807] block nbd3: NBD_DISCONNECT [ 493.584534][ T5910] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 493.593603][ T5910] usb 3-1: Product: syz [ 493.598599][ T5910] usb 3-1: Manufacturer: syz [ 493.603211][ T5910] usb 3-1: SerialNumber: syz [ 493.619314][ T5910] usb 3-1: config 0 descriptor?? [ 493.630176][ T5910] hub 3-1:0.0: bad descriptor, ignoring hub [ 493.652995][ T5910] hub 3-1:0.0: probe with driver hub failed with error -5 [ 493.690891][ T5910] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input40 [ 493.705832][ T977] usb 2-1: unable to get BOS descriptor or descriptor too short [ 493.730501][ T977] usb 2-1: config 1 interface 0 altsetting 1 endpoint 0x81 has invalid maxpacket 1023, setting to 8 [ 493.778165][ T977] usb 2-1: config 1 interface 0 has no altsetting 0 [ 493.795145][ T977] usb 2-1: string descriptor 0 read error: -22 [ 493.810930][ T977] usb 2-1: New USB device found, idVendor=05ac, idProduct=0249, bcdDevice= 0.40 [ 493.828543][ T977] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 493.901943][T16796] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 493.969627][ T977] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input41 [ 494.164977][ T977] bcm5974 2-1:1.0: could not read from device [ 494.228700][ T977] input: failed to attach handler mousedev to device input41, error: -5 [ 494.289105][ T977] usb 2-1: USB disconnect, device number 73 [ 494.302273][ T6421] bcm5974 2-1:1.0: could not read from device [ 494.424415][T16829] loop4: detected capacity change from 0 to 4096 [ 494.461324][T16829] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512). [ 495.146412][ T8690] usb 3-1: USB disconnect, device number 64 [ 495.336774][T16863] loop5: detected capacity change from 0 to 4096 [ 495.381107][T16863] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 495.455223][T16863] ntfs3(loop5): Failed to load $Extend (-22). [ 495.475402][T16863] ntfs3(loop5): Failed to initialize $Extend. [ 495.762970][T16884] loop3: detected capacity change from 0 to 1764 [ 495.879157][T16884] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 496.578066][T16926] loop5: detected capacity change from 0 to 512 [ 496.593580][T16926] EXT4-fs: Ignoring removed nobh option [ 496.714594][T16926] EXT4-fs error (device loop5): ext4_do_update_inode:5635: inode #3: comm syz.5.4559: corrupted inode contents [ 496.773045][T16932] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4561'. [ 496.793009][T16926] EXT4-fs (loop5): Remounting filesystem read-only [ 496.808581][T16926] Quota error (device loop5): write_blk: dquota write failed [ 496.850786][T16926] Quota error (device loop5): qtree_write_dquot: Error -30 occurred while creating quota [ 496.910736][T16926] EXT4-fs (loop5): 1 truncate cleaned up [ 496.930617][T16926] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 496.971183][T16940] netlink: 'syz.4.4562': attribute type 5 has an invalid length. [ 497.002733][T16926] ext4 filesystem being mounted at /450/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 497.070507][T16946] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4565'. [ 497.076295][T16926] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 497.083146][T16940] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.4562'. [ 498.006249][T16983] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 498.421390][T16996] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4584'. [ 498.607921][T16957] loop2: detected capacity change from 0 to 32768 [ 498.623256][T16971] loop4: detected capacity change from 0 to 32768 [ 498.637000][T16971] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4574 (16971) [ 498.694949][T16971] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 498.726248][T16957] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 498.740357][T16971] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm [ 498.903061][T16957] XFS (loop2): Ending clean mount [ 499.013251][T17004] loop3: detected capacity change from 0 to 4096 [ 499.085712][T17004] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 499.151659][ T5824] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 499.172754][T16971] BTRFS info (device loop4): enabling ssd optimizations [ 499.190506][T16971] BTRFS info (device loop4): turning on async discard [ 499.235108][T16971] BTRFS info (device loop4): enabling free space tree [ 499.253989][T17004] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 499.275720][T17004] ntfs3(loop3): ino=19, mi_enum_attr [ 499.413285][T17004] ntfs3(loop3): failed to convert "c46c" to cp860 [ 499.435120][T17004] ntfs3(loop3): ino=20, mi_enum_attr [ 499.476315][ T5836] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 499.726935][T17051] new mount options do not match the existing superblock, will be ignored [ 500.707810][T17083] netlink: 388 bytes leftover after parsing attributes in process `syz.1.4609'. [ 500.746753][T17083] lo: entered promiscuous mode [ 500.755424][T17085] loop2: detected capacity change from 0 to 764 [ 500.759298][T17083] netlink: 54 bytes leftover after parsing attributes in process `syz.1.4609'. [ 500.782697][T17083] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 500.805820][T17085] rock: directory entry would overflow storage [ 500.851552][T17085] rock: sig=0x4654, size=5, remaining=4 [ 500.873298][T17085] isofs: Unable to find the ".." directory for NFS. [ 501.080554][T17096] loop2: detected capacity change from 0 to 2048 [ 501.125462][T17096] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 501.243144][ T5896] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 501.265868][T17101] netlink: 312 bytes leftover after parsing attributes in process `syz.1.4617'. [ 501.427470][ T5896] usb 6-1: config 220 has an invalid interface number: 76 but max is 2 [ 501.451014][ T5896] usb 6-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 501.473064][ T5896] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 501.498640][ T5896] usb 6-1: config 220 has no interface number 2 [ 501.539620][ T5896] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 501.561880][ T5896] usb 6-1: config 220 interface 0 has no altsetting 0 [ 501.595912][ T5896] usb 6-1: config 220 interface 76 has no altsetting 0 [ 501.623190][ T5896] usb 6-1: config 220 interface 1 has no altsetting 0 [ 501.657349][ T5896] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 501.681606][ T5896] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 501.703483][ T5896] usb 6-1: Product: syz [ 501.707682][ T5896] usb 6-1: Manufacturer: syz [ 501.712289][ T5896] usb 6-1: SerialNumber: syz [ 501.851097][T17127] loop1: detected capacity change from 0 to 256 [ 501.990426][ T5896] usb 6-1: selecting invalid altsetting 0 [ 502.024392][T17133] netlink: 10 bytes leftover after parsing attributes in process `syz.2.4633'. [ 502.042283][ T5896] uvcvideo 6-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 502.052449][ T5896] uvcvideo 6-1:220.0: No valid video chain found. [ 502.092845][ T5896] usb 6-1: selecting invalid altsetting 0 [ 502.119910][ T5896] usbtest 6-1:220.1: probe with driver usbtest failed with error -22 [ 502.149754][ T5896] usb 6-1: USB disconnect, device number 5 [ 502.258070][T17142] PKCS7: Unknown OID: [5] (bad) [ 502.292937][T17142] PKCS7: Only support pkcs7_signedData type [ 502.661852][T17160] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4646'. [ 502.726117][T17161] loop4: detected capacity change from 0 to 2048 [ 502.841247][T17171] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 502.865500][T17170] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 503.075103][T17177] loop3: detected capacity change from 0 to 64 [ 503.556691][T17194] loop3: detected capacity change from 0 to 256 [ 503.745759][T17165] loop1: detected capacity change from 0 to 32768 [ 504.033676][T17214] loop4: detected capacity change from 0 to 512 [ 504.131078][T17214] fscrypt (loop4, inode 2): Error -61 getting encryption context [ 504.184042][T17214] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -61 [ 504.198650][T17214] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #13: comm syz.4.4672: iget: bad i_size value: 12154757448730 [ 504.213212][T17214] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.4672: couldn't read orphan inode 13 (err -117) [ 504.238435][T17214] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 504.315759][T17214] fscrypt (loop4, inode 2): Error -61 getting encryption context [ 504.346242][T17228] SET target dimension over the limit! [ 504.368288][T17227] netlink: 'syz.5.4678': attribute type 1 has an invalid length. [ 504.531522][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 504.688476][T17239] netlink: 172 bytes leftover after parsing attributes in process `syz.1.4685'. [ 504.710072][T17236] loop5: detected capacity change from 0 to 2048 [ 504.727081][T17239] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 504.798298][T17236] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 504.938413][T17236] EXT4-fs error (device loop5): ext4_search_dir:1474: inode #12: block 9: comm syz.5.4683: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0 [ 504.982430][T17236] EXT4-fs (loop5): Remounting filesystem read-only [ 505.099333][T17254] loop3: detected capacity change from 0 to 256 [ 505.130387][T11492] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 505.167584][T17254] FAT-fs (loop3): Directory bread(block 64) failed [ 505.212755][T17254] FAT-fs (loop3): Directory bread(block 65) failed [ 505.219420][T17254] FAT-fs (loop3): Directory bread(block 66) failed [ 505.253532][T17254] FAT-fs (loop3): Directory bread(block 67) failed [ 505.260246][T17254] FAT-fs (loop3): Directory bread(block 68) failed [ 505.274714][T17254] FAT-fs (loop3): Directory bread(block 69) failed [ 505.281360][T17254] FAT-fs (loop3): Directory bread(block 70) failed [ 505.301646][T17254] FAT-fs (loop3): Directory bread(block 71) failed [ 505.346862][T17254] FAT-fs (loop3): Directory bread(block 72) failed [ 505.411791][T17254] FAT-fs (loop3): Directory bread(block 73) failed [ 505.535442][ T30] audit: type=1800 audit(1780844893.951:56): pid=17254 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4691" name="file1" dev="loop3" ino=1048701 res=0 errno=0 [ 505.670469][T17272] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512). [ 506.013179][T17291] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 506.576677][T17320] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4723'. [ 507.510241][T17343] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4735'. [ 507.592736][T17348] netlink: 'syz.5.4737': attribute type 2 has an invalid length. [ 507.597123][T17331] set_capacity_and_notify: 1 callbacks suppressed [ 507.597141][T17331] loop4: detected capacity change from 0 to 32768 [ 507.619031][T17348] netlink: 'syz.5.4737': attribute type 2 has an invalid length. [ 507.855077][T17350] bond4: option arp_interval: invalid value (18446744073709551615) [ 507.895677][T17350] bond4: option arp_interval: allowed values 0 - 2147483647 [ 507.934276][T17350] bond4 (unregistering): Released all slaves [ 508.347224][T17375] loop2: detected capacity change from 0 to 128 [ 508.455339][T17381] loop3: detected capacity change from 0 to 64 [ 508.808674][T17397] loop5: detected capacity change from 0 to 256 [ 508.876323][T17397] FAT-fs (loop5): Directory bread(block 64) failed [ 508.915467][T17397] FAT-fs (loop5): Directory bread(block 65) failed [ 508.937127][T17397] FAT-fs (loop5): Directory bread(block 66) failed [ 508.959394][T17397] FAT-fs (loop5): Directory bread(block 67) failed [ 508.981140][T17397] FAT-fs (loop5): Directory bread(block 68) failed [ 509.002673][T17397] FAT-fs (loop5): Directory bread(block 69) failed [ 509.058980][T17397] FAT-fs (loop5): Directory bread(block 70) failed [ 509.071187][ T5910] usb 4-1: new high-speed USB device number 67 using dummy_hcd [ 509.082565][T17397] FAT-fs (loop5): Directory bread(block 71) failed [ 509.089198][T17397] FAT-fs (loop5): Directory bread(block 72) failed [ 509.137659][T17397] FAT-fs (loop5): Directory bread(block 73) failed [ 509.188525][T17411] loop1: detected capacity change from 0 to 512 [ 509.208113][T17411] EXT4-fs: Ignoring removed nomblk_io_submit option [ 509.254980][ T5910] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 509.276287][ T5910] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 509.289691][T17417] trusted_key: encrypted_key: keylen parameter is missing [ 509.307142][T17411] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 509.319894][T17411] ext4 filesystem being mounted at /914/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 509.343579][ T5910] usb 4-1: config 0 descriptor?? [ 509.366415][T17411] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 509.377196][T17411] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 509.386793][T17411] EXT4-fs error (device loop1): ext4_acquire_dquot:6948: comm syz.1.4768: Failed to acquire dquot type 1 [ 509.467830][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 509.534680][T17425] nbd: illegal input index -1495182229 [ 509.641475][T17431] netlink: 292 bytes leftover after parsing attributes in process `syz.1.4773'. [ 509.663472][T17431] netlink: 144 bytes leftover after parsing attributes in process `syz.1.4773'. [ 509.812943][ T5910] ath6kl: Failed to read usb control message: -71 [ 509.819470][ T5910] ath6kl: Unable to read the bmi data from the device: -71 [ 509.853214][ T5910] ath6kl: Unable to recv target info: -71 [ 509.886723][ T5910] ath6kl: Failed to init ath6kl core: -71 [ 509.892976][ T5910] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 509.922307][ T5910] usb 4-1: USB disconnect, device number 67 [ 510.257789][T17453] virt_wifi0 speed is unknown, defaulting to 1000 [ 510.272566][T17453] virt_wifi0 speed is unknown, defaulting to 1000 [ 510.285104][T17453] virt_wifi0 speed is unknown, defaulting to 1000 [ 510.308687][T17453] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 510.310838][T17455] loop4: detected capacity change from 0 to 2048 [ 510.352145][T17453] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 510.405963][T17460] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 510.476006][T17455] NILFS error (device loop4): nilfs_check_folio: bad entry in directory #2: directory entry across blocks - offset=0, inode=2, rec_len=1040, name_len=1 [ 510.531569][T17453] virt_wifi0 speed is unknown, defaulting to 1000 [ 510.538652][T17455] Remounting filesystem read-only [ 510.583079][T17453] virt_wifi0 speed is unknown, defaulting to 1000 [ 510.610500][T17453] virt_wifi0 speed is unknown, defaulting to 1000 [ 510.638442][T17453] virt_wifi0 speed is unknown, defaulting to 1000 [ 510.691692][T17453] virt_wifi0 speed is unknown, defaulting to 1000 [ 511.266172][T17484] loop2: detected capacity change from 0 to 4096 [ 511.309382][T17484] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 511.606650][T17476] loop5: detected capacity change from 0 to 32768 [ 511.967762][T17516] loop2: detected capacity change from 0 to 256 [ 512.031822][T17516] exfat: Deprecated parameter 'namecase' [ 512.079695][T17516] exfat: Deprecated parameter 'utf8' [ 512.110122][T17516] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 512.221762][ T30] audit: type=1800 audit(1780844900.207:57): pid=17516 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4819" name="file1" dev="loop2" ino=1048702 res=0 errno=0 [ 512.379395][T17532] netlink: 'syz.4.4825': attribute type 13 has an invalid length. [ 512.411566][T17532] erspan0: refused to change device tx_queue_len [ 512.435603][T17537] loop2: detected capacity change from 0 to 8 [ 512.835854][T17546] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 512.966504][T17554] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4837'. [ 513.024002][T17556] set_capacity_and_notify: 1 callbacks suppressed [ 513.024020][T17556] loop1: detected capacity change from 0 to 512 [ 513.148270][T17556] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 513.179576][T17556] ext4 filesystem being mounted at /928/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 513.199000][T17554] bond2: option fail_over_mac: invalid value (234) [ 513.241142][T17554] bond2 (unregistering): Released all slaves [ 513.242034][T17556] NILFS (nbd1): device size too small [ 513.325066][T17568] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4842'. [ 513.346527][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 513.358232][T17569] loop2: detected capacity change from 0 to 64 [ 513.467201][T17571] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4845'. [ 513.762590][T17585] netlink: 'syz.4.4851': attribute type 11 has an invalid length. [ 513.765843][T17584] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4850'. [ 513.822793][T17585] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4851'. [ 513.850663][T17590] libceph: resolve '4' (ret=-3): failed [ 513.998524][T17596] netlink: 'syz.2.4855': attribute type 10 has an invalid length. [ 514.009143][T17597] loop5: detected capacity change from 0 to 512 [ 514.056612][T17596] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4855'. [ 514.112538][T17597] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 514.331012][T11492] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 514.349524][T17610] netlink: 'syz.1.4864': attribute type 29 has an invalid length. [ 514.393899][T17610] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4864'. [ 514.551985][T17624] netlink: 'syz.5.4870': attribute type 2 has an invalid length. [ 514.578327][T17626] loop1: detected capacity change from 0 to 64 [ 514.612786][T17617] bond2: option arp_interval: invalid value (18446744073709551615) [ 514.620747][T17617] bond2: option arp_interval: allowed values 0 - 2147483647 [ 514.730288][T17617] bond2 (unregistering): Released all slaves [ 514.921760][T17637] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4876'. [ 515.360042][T17657] CIFS mount error: No usable UNC path provided in device string! [ 515.360042][T17657] [ 515.393746][T17662] No control pipe specified [ 515.414305][T17657] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 515.616127][T17669] netlink: 'syz.1.4893': attribute type 4 has an invalid length. [ 515.684899][T17669] netlink: 152 bytes leftover after parsing attributes in process `syz.1.4893'. [ 515.727100][T17674] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048) [ 516.033624][T17690] ieee802154 phy0 wpan0: encryption failed: -90 [ 516.567932][T17715] loop3: detected capacity change from 0 to 1024 [ 516.684752][ T2123] hfsplus: b-tree write err: -5, ino 4 [ 516.697320][ T8690] usb 5-1: new high-speed USB device number 60 using dummy_hcd [ 516.891369][ T8690] usb 5-1: Using ep0 maxpacket: 16 [ 516.903941][ T8690] usb 5-1: config 0 has an invalid interface number: 214 but max is 0 [ 516.920225][ T8690] usb 5-1: config 0 has no interface number 0 [ 516.932934][ T8690] usb 5-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 516.946979][ T8690] usb 5-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 516.969576][ T8690] usb 5-1: New USB device strings: Mfr=1, Product=0, SerialNumber=3 [ 516.999355][ T8690] usb 5-1: Manufacturer: syz [ 517.018644][ T8690] usb 5-1: SerialNumber: syz [ 517.034444][ T8690] usb 5-1: config 0 descriptor?? [ 517.159183][T17741] xt_CT: No such helper "snmp_trap" [ 517.280755][ T8690] usbtouchscreen 5-1:0.214: Failed to read FW rev: -71 [ 517.290931][T17752] xt_ipcomp: unknown flags 1D [ 517.302192][ T8690] usbtouchscreen 5-1:0.214: probe with driver usbtouchscreen failed with error -71 [ 517.319321][ T8690] usb 5-1: USB disconnect, device number 60 [ 517.337305][T17754] bond0: (slave bond_slave_1): Releasing backup interface [ 517.814211][T17770] loop3: detected capacity change from 0 to 4096 [ 517.834926][T17770] ntfs3(loop3): ino=3, Correct links count -> 2. [ 517.968529][ T8690] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 517.976124][T17770] ntfs3(loop3): ino=1a, mi_enum_attr [ 518.001066][T17770] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 518.070249][ T30] audit: type=1800 audit(1780844905.677:58): pid=17770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4940" name="file1" dev="loop3" ino=33 res=0 errno=0 [ 518.211606][T17791] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 518.227351][ T8690] usb 6-1: config 5 has an invalid interface number: 123 but max is 0 [ 518.234579][T17791] overlayfs: missing 'lowerdir' [ 518.259753][ T8690] usb 6-1: config 5 has no interface number 0 [ 518.265898][ T8690] usb 6-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B [ 518.327828][ T8690] usb 6-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid maxpacket 60849, setting to 64 [ 518.353514][ T8690] usb 6-1: config 5 interface 123 has no altsetting 0 [ 518.369912][ T8690] usb 6-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7 [ 518.400119][ T8690] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 518.440351][ T8690] usb 6-1: Product: syz [ 518.458534][ T8690] usb 6-1: Manufacturer: syz [ 518.481295][ T8690] usb 6-1: SerialNumber: syz [ 518.502677][T17772] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 518.594705][T17803] loop4: detected capacity change from 0 to 512 [ 518.857871][ T8690] comedi comedi4: driver 'ni6501' has successfully auto-configured 'ni6501'. [ 518.919210][ T8690] usb 6-1: USB disconnect, device number 6 [ 519.004172][T17803] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 519.045712][T17803] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #17: comm syz.4.4957: inode has both inline data and extents flags [ 519.120259][T17803] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.4957: couldn't read orphan inode 17 (err -117) [ 519.224564][T17803] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 519.268363][T17819] loop3: detected capacity change from 0 to 512 [ 519.349518][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 519.373364][T17819] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 519.747556][T17834] loop5: detected capacity change from 0 to 128 [ 519.761090][T17836] affs: No valid root block on device nbd2 [ 519.826770][T17834] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 519.829468][T17838] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4973'. [ 519.856987][T17834] hpfs: filesystem error: improperly stopped [ 519.867759][T17838] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4973'. [ 519.907839][T17834] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 519.917680][T17838] ip6gretap2: entered allmulticast mode [ 519.936891][T17834] hpfs: You really don't want any checks? You are crazy... [ 519.977189][T17834] hpfs: hpfs_map_sector(): read error [ 519.998463][T17834] hpfs: code page support is disabled [ 520.020451][T17834] hpfs: hpfs_map_4sectors(): unaligned read [ 520.063673][T17834] hpfs: hpfs_map_4sectors(): unaligned read [ 520.070118][T17834] hpfs: filesystem error: unable to find root dir [ 520.119676][T17846] loop4: detected capacity change from 0 to 4096 [ 520.127562][T17834] hpfs: hpfs_map_4sectors(): unaligned read [ 520.140285][T17846] EXT4-fs: Ignoring removed nomblk_io_submit option [ 520.158753][T17834] hpfs: hpfs_map_sector(): read error [ 520.180114][T17846] EXT4-fs (loop4): Test dummy encryption mode enabled [ 520.228143][T17846] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 520.260297][T17846] System zones: 0-5 [ 520.273524][T17846] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 520.302252][T17855] netlink: 'syz.3.4980': attribute type 8 has an invalid length. [ 520.547876][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 520.600333][T17867] netlink: 'syz.5.4986': attribute type 32 has an invalid length. [ 521.015118][T17883] xt_ecn: cannot match TCP bits for non-tcp packets [ 521.262022][T17893] netlink: 'syz.2.4997': attribute type 1 has an invalid length. [ 521.271030][T17894] wlan1 speed is unknown, defaulting to 1000 [ 521.283899][T17894] wlan1 speed is unknown, defaulting to 1000 [ 521.295197][T17893] netlink: 16949 bytes leftover after parsing attributes in process `syz.2.4997'. [ 521.295458][T17894] wlan1 speed is unknown, defaulting to 1000 [ 521.351607][T17864] loop3: detected capacity change from 0 to 32768 [ 521.410111][T17894] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 521.435783][T17864] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 521.503671][T17864] XFS (loop3): Ending clean mount [ 521.515272][T17894] wlan1 speed is unknown, defaulting to 1000 [ 521.521870][T17864] XFS (loop3): Quotacheck needed: Please wait. [ 521.586356][T17894] wlan1 speed is unknown, defaulting to 1000 [ 521.630247][T17864] XFS (loop3): Quotacheck: Done. [ 521.639632][T17894] wlan1 speed is unknown, defaulting to 1000 [ 521.708211][T17894] wlan1 speed is unknown, defaulting to 1000 [ 521.728098][T17894] wlan1 speed is unknown, defaulting to 1000 [ 521.773020][ T5823] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 522.046159][T17926] netlink: 'syz.5.5011': attribute type 13 has an invalid length. [ 522.081450][T17926] netlink: 'syz.5.5011': attribute type 17 has an invalid length. [ 522.205086][ T30] audit: type=1326 audit(1780844909.539:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17931 comm="syz.4.5014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd765d8f749 code=0x7ffc0000 [ 522.259812][ T30] audit: type=1326 audit(1780844909.567:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17931 comm="syz.4.5014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7fd765d8f749 code=0x7ffc0000 [ 522.333184][ T30] audit: type=1326 audit(1780844909.567:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17931 comm="syz.4.5014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd765d8f749 code=0x7ffc0000 [ 522.371939][ T30] audit: type=1326 audit(1780844909.567:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17931 comm="syz.4.5014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd765d8f749 code=0x7ffc0000 [ 522.404987][T17926] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 522.595652][T17944] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5020'. [ 523.057216][T17962] loop3: detected capacity change from 0 to 256 [ 523.081617][T17962] exfat: Deprecated parameter 'utf8' [ 523.111997][T17962] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 523.152753][T17964] bond2: entered promiscuous mode [ 523.159285][T17964] bond2: entered allmulticast mode [ 523.165132][T17964] 8021q: adding VLAN 0 to HW filter on device bond2 [ 523.830846][T17994] netlink: 'syz.2.5042': attribute type 16 has an invalid length. [ 523.838702][T17994] netlink: 'syz.2.5042': attribute type 17 has an invalid length. [ 523.920830][T17994] 8021q: adding VLAN 0 to HW filter on device team0 [ 523.967421][T17994] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 523.996254][ T30] audit: type=1400 audit(1780844911.213:63): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=26260A3AF6EFF374925873ECE44CF346 pid=18000 comm="syz.3.5047" [ 524.121046][T18006] loop5: detected capacity change from 0 to 64 [ 524.240838][T18010] netlink: 'syz.2.5052': attribute type 1 has an invalid length. [ 524.305338][T18010] netlink: 'syz.2.5052': attribute type 2 has an invalid length. [ 524.581039][T18028] netlink: 6 bytes leftover after parsing attributes in process `syz.5.5060'. [ 524.617713][ T30] audit: type=1326 audit(1780844911.792:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18030 comm="syz.2.5062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcc1d8f749 code=0x7ffc0000 [ 524.705749][ T30] audit: type=1326 audit(1780844911.820:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18030 comm="syz.2.5062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcc1d8f749 code=0x7ffc0000 [ 524.778041][ T30] audit: type=1326 audit(1780844911.820:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18030 comm="syz.2.5062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7efcc1d8f749 code=0x7ffc0000 [ 524.847241][ T30] audit: type=1326 audit(1780844911.820:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18030 comm="syz.2.5062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcc1d8f749 code=0x7ffc0000 [ 524.908985][ T30] audit: type=1326 audit(1780844911.820:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18030 comm="syz.2.5062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcc1d8f749 code=0x7ffc0000 [ 524.909005][ T24] usb 4-1: new high-speed USB device number 68 using dummy_hcd [ 525.068241][T18049] loop4: detected capacity change from 0 to 1024 [ 525.080075][ T24] usb 4-1: Using ep0 maxpacket: 32 [ 525.116781][ T24] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 525.154877][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 525.169642][T18049] hfsplus: failed to load root directory [ 525.192842][ T24] usb 4-1: config 0 descriptor?? [ 525.228098][ T24] gspca_main: sunplus-2.14.0 probing 041e:400b [ 525.245386][T18058] netlink: 'syz.5.5075': attribute type 3 has an invalid length. [ 525.286309][T18058] netlink: 224 bytes leftover after parsing attributes in process `syz.5.5075'. [ 525.371975][T18056] loop1: detected capacity change from 0 to 4096 [ 525.423656][T18062] loop4: detected capacity change from 0 to 128 [ 525.469093][T18062] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 525.488819][T18056] ntfs3(loop1): Failed to initialize $Extend/$ObjId. [ 525.557130][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 525.564156][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 525.583511][T18062] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 525.680608][ T24] gspca_sunplus: reg_w_riv err -71 [ 525.691321][ T24] sunplus 4-1:0.0: probe with driver sunplus failed with error -71 [ 525.702349][ T24] usb 4-1: USB disconnect, device number 68 [ 525.758739][ T3501] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 525.759206][T18069] netlink: 96 bytes leftover after parsing attributes in process `syz.5.5080'. [ 526.220742][T18087] loop2: detected capacity change from 0 to 512 [ 526.250120][ T30] audit: type=1326 audit(1780844913.326:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18088 comm="syz.1.5090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf7558f749 code=0x7ffc0000 [ 526.332674][T18087] EXT4-fs error (device loop2): ext4_iget_extra_inode:5079: inode #15: comm syz.2.5089: corrupted in-inode xattr: invalid ea_ino [ 526.349024][ T30] audit: type=1326 audit(1780844913.345:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18088 comm="syz.1.5090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf7558f749 code=0x7ffc0000 [ 526.409168][T18087] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.5089: couldn't read orphan inode 15 (err -117) [ 526.436830][T18087] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 526.449723][T18097] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5093'. [ 526.449865][ T30] audit: type=1326 audit(1780844913.354:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18088 comm="syz.1.5090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fbf7558f749 code=0x7ffc0000 [ 526.489200][ T30] audit: type=1326 audit(1780844913.354:72): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=18088 comm="syz.1.5090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf7558f749 code=0x7ffc0000 [ 526.633843][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 526.642704][T18103] netlink: 'syz.3.5096': attribute type 8 has an invalid length. [ 526.892086][T18114] netlink: 21 bytes leftover after parsing attributes in process `syz.4.5101'. [ 526.945941][T18111] 8021q: adding VLAN 0 to HW filter on device bond4 [ 526.962701][T18117] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5103'. [ 527.117399][T18123] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5105'. [ 527.147398][T18126] openvswitch: netlink: ct_state flags 010000e0 unsupported [ 527.407390][T18137] netlink: 80 bytes leftover after parsing attributes in process `syz.3.5112'. [ 527.412161][T18138] xt_bpf: check failed: parse error [ 527.506423][T18142] loop1: detected capacity change from 0 to 512 [ 527.575120][T18142] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 527.647782][T18149] netlink: 'syz.3.5118': attribute type 9 has an invalid length. [ 527.656049][T18149] netlink: 'syz.3.5118': attribute type 7 has an invalid length. [ 527.674025][T18142] EXT4-fs (loop1): 1 truncate cleaned up [ 527.692044][T18149] netlink: 'syz.3.5118': attribute type 8 has an invalid length. [ 527.716945][T18142] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 527.878020][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 528.507367][T18186] netlink: 7064 bytes leftover after parsing attributes in process `syz.3.5137'. [ 528.547510][T18186] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 528.930094][T18205] netlink: 'syz.3.5145': attribute type 2 has an invalid length. [ 529.590716][T18198] loop1: detected capacity change from 0 to 32768 [ 529.628286][T18198] (syz.1.5142,18198,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 529.702335][T18198] (syz.1.5142,18198,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 529.793511][T18198] JBD2: Ignoring recovery information on journal [ 529.929755][T18198] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 530.125008][T18250] xt_hashlimit: overflow, try lower: 17592186044416/11 [ 530.217550][ T5832] ocfs2: Unmounting device (7,1) on (node local) [ 530.370368][T18253] loop2: detected capacity change from 0 to 4096 [ 530.407232][T18253] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 530.904542][T18282] loop4: detected capacity change from 0 to 64 [ 530.912604][T18281] IPv6: Can't replace route, no match found [ 531.432335][ T10] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 531.621674][ T10] usb 6-1: config 0 has an invalid interface number: 122 but max is 0 [ 531.651114][ T10] usb 6-1: config 0 has no interface number 0 [ 531.668687][ T10] usb 6-1: config 0 interface 122 has no altsetting 0 [ 531.683665][ T10] usb 6-1: New USB device found, idVendor=13d3, idProduct=3219, bcdDevice=7a.67 [ 531.704731][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 531.736317][ T10] usb 6-1: Product: syz [ 531.740523][ T10] usb 6-1: Manufacturer: syz [ 531.780224][ T10] usb 6-1: SerialNumber: syz [ 531.802389][ T10] usb 6-1: config 0 descriptor?? [ 531.856750][T18276] loop3: detected capacity change from 0 to 40427 [ 531.890070][T18276] F2FS-fs (loop3): invalid crc value [ 532.086333][ T8690] usb 2-1: new high-speed USB device number 74 using dummy_hcd [ 532.097112][T18276] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 532.138405][T18276] F2FS-fs (loop3): Start checkpoint disabled! [ 532.155641][T18276] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0 [ 532.169559][T18276] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 532.277125][ T8690] usb 2-1: Using ep0 maxpacket: 8 [ 532.291888][ T8690] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E [ 532.308504][ T5940] usb 6-1: USB disconnect, device number 7 [ 532.320828][ T5940] dvb-usb: generic DVB-USB module successfully deinitialized and disconnected. [ 532.342081][ T8690] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 532.362791][ T8690] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 532.408586][ T8690] usb 2-1: New USB device found, idVendor=187f, idProduct=0200, bcdDevice=6b.ad [ 532.435414][ T8690] usb 2-1: New USB device strings: Mfr=55, Product=237, SerialNumber=3 [ 532.458914][ T8690] usb 2-1: Product: syz [ 532.463122][ T8690] usb 2-1: Manufacturer: syz [ 532.467727][ T8690] usb 2-1: SerialNumber: syz [ 532.486861][ T8690] usb 2-1: config 0 descriptor?? [ 532.493429][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 532.493445][ T30] audit: type=1326 audit(1780844919.161:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18335 comm="syz.4.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd765d8f749 code=0x7ffc0000 [ 532.548734][ T8690] smsusb:smsusb_probe: board id=2, interface number 0 [ 532.558736][ T8690] smsusb:smsusb_probe: Device initialized with return code -19 [ 532.608976][ T30] audit: type=1326 audit(1780844919.189:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18335 comm="syz.4.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7fd765d8f749 code=0x7ffc0000 [ 532.682831][T18341] usb usb8: usbfs: process 18341 (syz.4.5211) did not claim interface 0 before use [ 532.705907][ T30] audit: type=1326 audit(1780844919.189:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18335 comm="syz.4.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd765d8f749 code=0x7ffc0000 [ 532.753338][ T30] audit: type=1326 audit(1780844919.189:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18335 comm="syz.4.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd765d8f749 code=0x7ffc0000 [ 532.819547][ T10] usb 2-1: USB disconnect, device number 74 [ 533.337870][T18367] loop2: detected capacity change from 0 to 128 [ 533.358037][T18369] vivid-000: disconnect [ 533.368523][T18368] vivid-000: reconnect [ 533.368810][T18367] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 533.460578][T18367] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 534.080996][T18402] loop3: detected capacity change from 0 to 128 [ 534.096293][T18402] hpfs: [ 534.096293][T18402] HPFS filesystem options: [ 534.096293][T18402] help do not mount and display this text [ 534.096293][T18402] uid=xxx set uid of files that don't have uid specified in eas [ 534.096293][T18402] gid=xxx set gid of files that don't have gid specified in eas [ 534.096293][T18402] umask=xxx set mode of files that don't have mode specified in eas [ 534.096293][T18402] case=lower lowercase all files [ 534.096293][T18402] case=asis do not lowercase files (default) [ 534.096293][T18402] check=none no fs checks - kernel may crash on corrupted filesystem [ 534.096293][T18402] check=normal do some checks - it should not crash (default) [ 534.096293][T18402] check=strict do extra time-consuming checks, used for debugging [ 534.096293][T18402] errors=continue continue on errors [ 534.096293][T18402] errors=remount-ro remount read-only if errors found (default) [ 534.096293][T18402] errors=panic panic on errors [ 534.096293][T18402] chkdsk=no do not mark fs for chkdsking even if there were errors [ 534.096293][T18402] chkdsk=errors mark fs dirty if errors found (default) [ 534.096293][T18402] chkdsk=always always mark fs dirty - used for debugging [ 534.096293][T18402] e [ 534.112541][T18403] loop5: detected capacity change from 0 to 1024 [ 534.269327][T18402] loop3: detected capacity change from 0 to 1024 [ 534.372475][T18409] netlink: 'syz.4.5245': attribute type 23 has an invalid length. [ 534.619625][T18418] 9pnet_fd: p9_fd_create_tcp (18418): problem binding to privport [ 534.814804][T18426] netlink: 'syz.3.5253': attribute type 13 has an invalid length. [ 534.854457][T18426] netlink: 'syz.3.5253': attribute type 17 has an invalid length. [ 535.029671][T18426] 0ªX¹¦À: left allmulticast mode [ 535.034784][T18426] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 535.191142][T18443] loop5: detected capacity change from 0 to 8 [ 535.330566][T18450] loop4: detected capacity change from 0 to 8 [ 535.389710][T18450] SQUASHFS error: lzo decompression failed, data probably corrupt [ 535.412906][T18450] SQUASHFS error: Failed to read block 0x91: -5 [ 535.419296][T18450] SQUASHFS error: Unable to read metadata cache entry [8f] [ 535.452661][T18450] SQUASHFS error: Unable to read inode 0x11f [ 535.699461][T18469] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5271'. [ 535.807977][T18473] loop4: detected capacity change from 0 to 1024 [ 535.887092][T18473] syz.4.5275: attempt to access beyond end of device [ 535.887092][T18473] loop4: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 535.935272][T18473] Buffer I/O error on dev loop4, logical block 100663296, async page read [ 535.955566][T18473] hfsplus: unable to mark blocks free: error -5 [ 535.984415][T18473] hfsplus: can't free extent: start 135, count 2 [ 536.041445][ T5960] usb 4-1: new high-speed USB device number 69 using dummy_hcd [ 536.043558][ T30] audit: type=1326 audit(1780844922.481:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18482 comm="syz.5.5280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a58f749 code=0x7ffc0000 [ 536.076699][ T30] audit: type=1326 audit(1780844922.509:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18482 comm="syz.5.5280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a58f749 code=0x7ffc0000 [ 536.104833][ T30] audit: type=1326 audit(1780844922.509:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18482 comm="syz.5.5280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a58f749 code=0x7ffc0000 [ 536.135814][ T30] audit: type=1326 audit(1780844922.509:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18482 comm="syz.5.5280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a58f749 code=0x7ffc0000 [ 536.138872][T18485] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5281'. [ 536.170268][ T30] audit: type=1326 audit(1780844922.509:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18482 comm="syz.5.5280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f414a58f749 code=0x7ffc0000 [ 536.192583][T18485] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5281'. [ 536.225509][ T5960] usb 4-1: config index 0 descriptor too short (expected 39, got 27) [ 536.233667][ T5960] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 536.260556][ T5960] usb 4-1: config 0 interface 0 has no altsetting 0 [ 536.271506][ T30] audit: type=1326 audit(1780844922.509:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18482 comm="syz.5.5280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a58f749 code=0x7ffc0000 [ 536.301864][ T5960] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 536.313887][ T5960] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 536.319483][ T5896] usb 3-1: new high-speed USB device number 65 using dummy_hcd [ 536.324469][ T5960] usb 4-1: Product: syz [ 536.348774][ T5960] usb 4-1: Manufacturer: syz [ 536.356048][ T5960] usb 4-1: SerialNumber: syz [ 536.373686][ T5960] usb 4-1: config 0 descriptor?? [ 536.415506][ T5960] hub 4-1:0.0: bad descriptor, ignoring hub [ 536.435953][ T5960] hub 4-1:0.0: probe with driver hub failed with error -5 [ 536.459815][ T5960] usb 4-1: selecting invalid altsetting 0 [ 536.512014][ T5896] usb 3-1: Using ep0 maxpacket: 16 [ 536.528772][ T5896] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 536.572422][ T5896] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 536.602322][ T5896] usb 3-1: Product: syz [ 536.617444][ T5896] usb 3-1: Manufacturer: syz [ 536.654777][ T5896] usb 3-1: SerialNumber: syz [ 536.698292][ T5896] r8152-cfgselector 3-1: Unknown version 0x0000 [ 536.727466][ T5896] r8152-cfgselector 3-1: config 0 descriptor?? [ 536.878050][ T5960] usb 4-1: USB disconnect, device number 69 [ 537.126543][T18511] xt_TPROXY: Can be used only with -p tcp or -p udp [ 537.238351][T18514] netlink: 'syz.4.5296': attribute type 2 has an invalid length. [ 537.241006][ T5960] r8152-cfgselector 3-1: USB disconnect, device number 65 [ 537.340047][T18519] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5298'. [ 537.810156][T18539] loop5: detected capacity change from 0 to 256 [ 537.942032][T18545] binder: 18544:18545 ioctl 40046210 0 returned -14 [ 538.101308][T18549] netlink: 48 bytes leftover after parsing attributes in process `syz.4.5314'. [ 538.585872][T18574] loop3: detected capacity change from 0 to 128 [ 538.631586][T18574] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 538.662631][T18574] hpfs: filesystem error: improperly stopped [ 538.681783][T18574] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 538.720505][T18574] hpfs: You really don't want any checks? You are crazy... [ 538.739141][T18574] hpfs: hpfs_map_sector(): read error [ 538.767588][T18574] hpfs: code page support is disabled [ 538.777689][T18580] bridge1: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms) [ 538.796577][T18574] hpfs: hpfs_map_4sectors(): unaligned read [ 538.814127][T18574] hpfs: hpfs_map_4sectors(): unaligned read [ 538.844754][T18574] hpfs: filesystem error: unable to find root dir [ 538.978475][T18590] loop4: detected capacity change from 0 to 512 [ 538.993359][T18590] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 539.015365][T18590] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ce01c, mo2=0002] [ 539.023428][T18590] System zones: 1-12 [ 539.064732][T18590] EXT4-fs (loop4): orphan cleanup on readonly fs [ 539.071993][T18590] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.5333: invalid indirect mapped block 12 (level 1) [ 539.089841][T18590] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.5333: invalid indirect mapped block 2 (level 2) [ 539.117665][T18590] EXT4-fs (loop4): 1 truncate cleaned up [ 539.131140][T18590] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 539.155760][T18595] loop3: detected capacity change from 0 to 1024 [ 539.311946][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 539.331060][ T36] hfsplus: b-tree write err: -5, ino 4 [ 539.333127][T18599] netlink: 666 bytes leftover after parsing attributes in process `syz.2.5337'. [ 539.604273][T18603] loop4: detected capacity change from 0 to 2048 [ 539.629857][T18603] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 539.989332][T18588] loop5: detected capacity change from 0 to 32768 [ 540.026812][T18588] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 540.087230][T18588] XFS (loop5): Ending clean mount [ 540.291772][T11492] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 540.446394][T18633] loop3: detected capacity change from 0 to 4096 [ 540.455756][ T5910] usb 2-1: new high-speed USB device number 75 using dummy_hcd [ 540.481420][T18633] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 540.527357][T18633] ntfs3(loop3): Failed to load $Extend (-22). [ 540.527387][T18633] ntfs3(loop3): Failed to initialize $Extend. [ 540.638139][ T5910] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 540.638171][ T5910] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 540.717148][ T5910] usb 2-1: Product: syz [ 540.732259][ T5910] usb 2-1: Manufacturer: syz [ 540.753871][ T5910] usb 2-1: SerialNumber: syz [ 540.802856][ T5910] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 540.853989][ T8690] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 541.369227][T18629] loop4: detected capacity change from 0 to 32768 [ 541.403742][ T10] usb 2-1: USB disconnect, device number 75 [ 541.466330][T18629] ERROR: (device loop4): xtSearch: xt_getpage: xtree page corrupt [ 541.466330][T18629] [ 541.477823][T18629] ERROR: (device loop4): remounting filesystem as read-only [ 541.493900][T18629] xtLookup: xtSearch returned -5 [ 541.697141][T18668] loop3: detected capacity change from 0 to 16 [ 541.718649][T18668] erofs (device loop3): mounted with root inode @ nid 36. [ 541.981855][ T8690] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 542.014277][ T8690] ath9k_htc: Failed to initialize the device [ 542.048871][T18678] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5372'. [ 542.076335][ T10] usb 2-1: ath9k_htc: USB layer deinitialized [ 542.352929][T18688] loop3: detected capacity change from 0 to 512 [ 542.352932][T18684] loop4: detected capacity change from 0 to 4096 [ 542.363125][T18684] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 542.427537][T18688] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 542.434716][T18684] ntfs3(loop4): ino=19, mi_enum_attr [ 542.455950][T18684] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 542.769064][T18677] loop5: detected capacity change from 0 to 32768 [ 542.852725][T18700] loop3: detected capacity change from 0 to 16 [ 542.941688][T18700] erofs (device loop3): mounted with root inode @ nid 36. [ 543.011870][T18700] erofs (device loop3): readahead error at folio 2 @ nid 89 [ 543.087013][ T5831] erofs (device loop3): failed to decompress 7514 in[4096, 0] out[8192] [ 543.146213][T18700] erofs (device loop3): failed to decompress 7514 in[4096, 0] out[8192] [ 543.227111][T18700] erofs (device loop3): read error -117 @ 1 of nid 89 [ 543.279628][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 543.279647][ T30] audit: type=1800 audit(1780844929.241:86): pid=18700 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5382" name="file3" dev="loop3" ino=89 res=0 errno=0 [ 543.411351][T18717] loop2: detected capacity change from 0 to 512 [ 543.454849][T18717] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c018, mo2=0102] [ 543.495797][T18717] System zones: 0-2, 18-18, 34-35 [ 543.512847][T18717] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 543.623718][T18717] ext4 filesystem being mounted at /1119/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 543.717620][T18717] EXT4-fs error (device loop2): __ext4_remount:6751: comm syz.2.5392: Abort forced by user [ 543.729899][T18717] EXT4-fs (loop2): Remounting filesystem read-only [ 543.739150][T18717] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 543.854485][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 543.896979][T18735] netlink: zone id is out of range [ 543.908600][T18735] netlink: zone id is out of range [ 543.919351][T18735] netlink: zone id is out of range [ 543.962254][T18735] netlink: zone id is out of range [ 543.973033][T18735] netlink: zone id is out of range [ 543.997977][T18739] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5402'. [ 544.006893][T18739] netlink: 48 bytes leftover after parsing attributes in process `syz.3.5402'. [ 544.015844][T18735] netlink: zone id is out of range [ 544.015858][T18735] netlink: zone id is out of range [ 544.015868][T18735] netlink: zone id is out of range [ 544.015876][T18735] netlink: zone id is out of range [ 544.109238][T18739] bond5: option all_slaves_active: invalid value (55) [ 544.116216][T18735] netlink: zone id is out of range [ 544.152324][T18739] bond5 (unregistering): Released all slaves [ 544.374003][T18752] loop4: detected capacity change from 0 to 1024 [ 544.492924][T18756] loop2: detected capacity change from 0 to 1764 [ 544.536152][T18756] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 544.545276][ T2128] hfsplus: b-tree write err: -5, ino 4 [ 544.722142][T18768] loop3: detected capacity change from 0 to 1024 [ 544.843595][T18770] FAT-fs (loop1): Directory bread(block 64) failed [ 544.895321][T18770] FAT-fs (loop1): Directory bread(block 65) failed [ 544.914924][T18770] FAT-fs (loop1): Directory bread(block 66) failed [ 544.949663][T18770] FAT-fs (loop1): Directory bread(block 67) failed [ 544.956316][T18770] FAT-fs (loop1): Directory bread(block 68) failed [ 544.998005][T18770] FAT-fs (loop1): Directory bread(block 69) failed [ 545.024864][T18770] FAT-fs (loop1): Directory bread(block 70) failed [ 545.044987][T18770] FAT-fs (loop1): Directory bread(block 71) failed [ 545.092762][T18770] FAT-fs (loop1): Directory bread(block 72) failed [ 545.119444][T18784] xt_TPROXY: Can be used only with -p tcp or -p udp [ 545.131426][T18770] FAT-fs (loop1): Directory bread(block 73) failed [ 545.334973][ T5960] usb 3-1: new high-speed USB device number 66 using dummy_hcd [ 545.517846][T18800] SET target dimension over the limit! [ 545.527375][ T5960] usb 3-1: Using ep0 maxpacket: 16 [ 545.557400][ T5960] usb 3-1: config 0 has an invalid interface number: 132 but max is 0 [ 545.591245][ T5960] usb 3-1: config 0 has no interface number 0 [ 545.626213][ T5960] usb 3-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 545.646286][ T5960] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 545.665219][ T5960] usb 3-1: Product: syz [ 545.673682][ T5960] usb 3-1: Manufacturer: syz [ 545.691889][ T5960] usb 3-1: SerialNumber: syz [ 545.712179][ T5960] usb 3-1: config 0 descriptor?? [ 545.742862][ T5960] hub 3-1:0.132: bad descriptor, ignoring hub [ 545.765527][ T5960] hub 3-1:0.132: probe with driver hub failed with error -5 [ 545.800167][ T5960] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.132/input/input45 [ 546.441744][T18794] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 546.559989][T18794] XFS (loop5): Ending clean mount [ 546.715421][T11492] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 547.045654][ T10] usb 2-1: new high-speed USB device number 76 using dummy_hcd [ 547.166901][T18867] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5462'. [ 547.238284][ T10] usb 2-1: Using ep0 maxpacket: 32 [ 547.246061][T18871] set_capacity_and_notify: 2 callbacks suppressed [ 547.246080][T18871] loop5: detected capacity change from 0 to 512 [ 547.271497][ T10] usb 2-1: config 0 has an invalid interface number: 35 but max is 0 [ 547.300785][ T10] usb 2-1: config 0 has no interface number 0 [ 547.304807][T18871] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 547.380378][ T10] usb 2-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 547.396574][T18871] EXT4-fs (loop5): Couldn't remount RDWR because of unprocessed orphan inode list. Please umount/remount instead [ 547.430647][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 547.445588][ T10] usb 2-1: Product: syz [ 547.449785][ T10] usb 2-1: Manufacturer: syz [ 547.473993][ T10] usb 2-1: SerialNumber: syz [ 547.498680][ T10] usb 2-1: config 0 descriptor?? [ 547.525524][T11492] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 547.739872][ T10] radio-si470x 2-1:0.35: this is not a si470x device. [ 547.955551][ T10] radio-raremono 2-1:0.35: this is not Thanko's Raremono. [ 547.987250][ T10] usb 2-1: USB disconnect, device number 76 [ 548.182504][ T30] audit: type=1326 audit(1780844933.833:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18911 comm="syz.2.5483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcc1d8f749 code=0x7ffc0000 [ 548.212215][ T8973] usb 4-1: new high-speed USB device number 70 using dummy_hcd [ 548.220194][ T30] audit: type=1326 audit(1780844933.833:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18911 comm="syz.2.5483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcc1d8f749 code=0x7ffc0000 [ 548.247423][ T30] audit: type=1326 audit(1780844933.833:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18911 comm="syz.2.5483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7efcc1d8f749 code=0x7ffc0000 [ 548.284598][ T30] audit: type=1326 audit(1780844933.833:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18911 comm="syz.2.5483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcc1d8f749 code=0x7ffc0000 [ 548.287850][T18915] loop2: detected capacity change from 0 to 256 [ 548.308825][ T30] audit: type=1326 audit(1780844933.833:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18911 comm="syz.2.5483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcc1d8f749 code=0x7ffc0000 [ 548.396053][T18915] FAT-fs (loop2): Directory bread(block 64) failed [ 548.402632][T18915] FAT-fs (loop2): Directory bread(block 65) failed [ 548.415368][ T8973] usb 4-1: too many configurations: 202, using maximum allowed: 8 [ 548.427816][T18915] FAT-fs (loop2): Directory bread(block 66) failed [ 548.434376][T18915] FAT-fs (loop2): Directory bread(block 67) failed [ 548.457362][T18915] FAT-fs (loop2): Directory bread(block 68) failed [ 548.463961][T18915] FAT-fs (loop2): Directory bread(block 69) failed [ 548.475728][ T8973] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 548.485028][T18915] FAT-fs (loop2): Directory bread(block 70) failed [ 548.485062][T18915] FAT-fs (loop2): Directory bread(block 71) failed [ 548.485242][T18915] FAT-fs (loop2): Directory bread(block 72) failed [ 548.506631][ T8973] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 548.524252][ T8973] usb 4-1: Product: syz [ 548.532182][T18915] FAT-fs (loop2): Directory bread(block 73) failed [ 548.538781][ T8973] usb 4-1: Manufacturer: syz [ 548.553996][ T8973] usb 4-1: SerialNumber: syz [ 548.589849][ T8973] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 548.610004][ T5933] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 548.733970][T18927] loop1: detected capacity change from 0 to 512 [ 548.794259][T18927] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.5490: iget: bad i_size value: 38620345925642 [ 548.878922][T18927] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.5490: couldn't read orphan inode 15 (err -117) [ 548.923606][T18927] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 548.979124][T18935] netlink: 64 bytes leftover after parsing attributes in process `syz.5.5493'. [ 549.012976][T18927] EXT4-fs error (device loop1): empty_inline_dir:1770: inode #12: block 7: comm syz.1.5490: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=4278190093, rec_len=255, size=60 fake=0 [ 549.053487][T18935] netlink: 64 bytes leftover after parsing attributes in process `syz.5.5493'. [ 549.079352][T18940] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5496'. [ 549.094980][T18927] EXT4-fs warning (device loop1): empty_inline_dir:1777: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60 [ 549.132805][ T5896] usb 4-1: USB disconnect, device number 70 [ 549.249558][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 549.674043][ T8690] usb 3-1: USB disconnect, device number 66 [ 549.763014][ T5933] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 549.770139][ T5933] ath9k_htc: Failed to initialize the device [ 549.826148][T18971] netlink: 'syz.4.5510': attribute type 1 has an invalid length. [ 549.834777][ T5896] usb 4-1: ath9k_htc: USB layer deinitialized [ 549.873227][T18971] netlink: 248 bytes leftover after parsing attributes in process `syz.4.5510'. [ 549.995954][T18979] netlink: 80 bytes leftover after parsing attributes in process `syz.2.5514'. [ 550.238941][T18991] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5520'. [ 550.270689][T18983] loop4: detected capacity change from 0 to 4096 [ 550.298234][T18983] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 550.353971][T18983] ntfs3(loop4): ino=19, mi_enum_attr [ 550.365269][T18983] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 550.370653][T18996] netlink: 'syz.1.5521': attribute type 10 has an invalid length. [ 550.386202][T18983] ntfs3(loop4): failed to convert "c46c" to maciceland [ 550.396609][T18983] ntfs3(loop4): ino=20, mi_enum_attr [ 550.399337][T18991] bond3: option ad_user_port_key: invalid value (1136) [ 550.409271][T18991] bond3: option ad_user_port_key: allowed values 0 - 1023 [ 550.445035][T18991] bond3 (unregistering): Released all slaves [ 550.566796][T18996] team0: Device veth1_vlan is already a lower device of the team interface [ 550.763855][T19007] loop5: detected capacity change from 0 to 512 [ 550.835584][T19007] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 550.884609][T19011] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5529'. [ 550.909436][T19007] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.5526: invalid indirect mapped block 4294967295 (level 1) [ 550.939217][T19007] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.5526: invalid indirect mapped block 4294967295 (level 1) [ 551.023313][T19007] EXT4-fs (loop5): 2 truncates cleaned up [ 551.059622][T19007] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 551.259252][T11492] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 551.317183][ T8973] usb 4-1: new full-speed USB device number 71 using dummy_hcd [ 551.442547][T19035] loop4: detected capacity change from 0 to 256 [ 551.477188][T19032] loop2: detected capacity change from 0 to 4096 [ 551.505608][ T8973] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 551.518726][T19035] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1f7c91f3, utbl_chksum : 0xe619d30d) [ 551.519681][ T8973] usb 4-1: New USB device found, idVendor=1ac7, idProduct=0001, bcdDevice=cc.19 [ 551.550022][T19032] EXT4-fs (loop2): Test dummy encryption mode enabled [ 551.576662][T19032] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 551.588057][T19040] loop1: detected capacity change from 0 to 256 [ 551.595566][ T8973] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 551.595594][ T8973] usb 4-1: Product: syz [ 551.595611][ T8973] usb 4-1: Manufacturer: syz [ 551.595627][ T8973] usb 4-1: SerialNumber: syz [ 551.629434][ T8973] usb 4-1: config 0 descriptor?? [ 551.643346][T19035] exFAT-fs (loop4): valid_size(100667392) is greater than size(4096) [ 551.646027][ T8973] usbtouchscreen 4-1:0.0: probe with driver usbtouchscreen failed with error -32 [ 551.682631][T19043] MTD: Couldn't look up '': -22 [ 551.802988][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 551.997019][ T5896] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 552.009182][ T8973] usb 4-1: USB disconnect, device number 71 [ 552.179003][ T5896] usb 6-1: Using ep0 maxpacket: 8 [ 552.191997][ T5896] usb 6-1: unable to get BOS descriptor or descriptor too short [ 552.221367][ T5896] usb 6-1: config 8 has an invalid interface number: 255 but max is 0 [ 552.242001][ T5896] usb 6-1: config 8 has no interface number 0 [ 552.262869][ T5896] usb 6-1: config 8 interface 255 has no altsetting 0 [ 552.285151][ T5896] usb 6-1: string descriptor 0 read error: -22 [ 552.296627][ T5896] usb 6-1: New USB device found, idVendor=0423, idProduct=000a, bcdDevice= 0.00 [ 552.326107][ T5896] usb 6-1: New USB device strings: Mfr=229, Product=1, SerialNumber=3 [ 552.447551][T19068] loop1: detected capacity change from 0 to 8 [ 552.485417][T19068] SQUASHFS error: Unable to read directory block [1d0:0] [ 552.831856][ T5896] eth%d: CATC EL1210A NetMate USB Ethernet at usb-dummy_hcd.5-1, 00:00:00:00:00:00. [ 552.879139][ T5896] usb 6-1: USB disconnect, device number 8 [ 553.084301][T19091] sctp: [Deprecated]: syz.1.5567 (pid 19091) Use of struct sctp_assoc_value in delayed_ack socket option. [ 553.084301][T19091] Use struct sctp_sack_info instead [ 553.283243][T19071] loop2: detected capacity change from 0 to 32768 [ 553.300899][T19098] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5569'. [ 553.354057][T19071] ea_get: invalid extended attribute [ 554.149170][T19136] netlink: 'syz.4.5586': attribute type 1 has an invalid length. [ 554.279237][T19140] x_tables: unsorted entry at hook 2 [ 554.355015][T19146] loop2: detected capacity change from 0 to 16 [ 554.753598][T19158] pimreg: entered allmulticast mode [ 554.874236][T19155] net_ratelimit: 1 callbacks suppressed [ 554.874255][T19155] netlink: set zone limit has 4 unknown bytes [ 554.897211][T19162] netlink: 666 bytes leftover after parsing attributes in process `syz.5.5600'. [ 554.935946][T19131] loop1: detected capacity change from 0 to 32768 [ 554.983959][T19131] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.5584 (19131) [ 555.042502][T19131] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 555.081376][T19131] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 555.112346][T19131] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 555.117619][ T30] audit: type=1326 audit(1780844940.313:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19168 comm="syz.3.5605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b398f749 code=0x7ffc0000 [ 555.160051][T19174] xt_hashlimit: max too large, truncated to 1048576 [ 555.269372][ T30] audit: type=1326 audit(1780844940.360:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19168 comm="syz.3.5605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b398f749 code=0x7ffc0000 [ 555.316500][ T30] audit: type=1326 audit(1780844940.360:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19168 comm="syz.3.5605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=218 compat=0 ip=0x7f42b398f749 code=0x7ffc0000 [ 555.342885][ T30] audit: type=1326 audit(1780844940.360:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19168 comm="syz.3.5605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b398f749 code=0x7ffc0000 [ 555.395139][ T30] audit: type=1326 audit(1780844940.360:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19168 comm="syz.3.5605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b398f749 code=0x7ffc0000 [ 555.420949][T19181] loop3: detected capacity change from 0 to 1024 [ 555.541102][T19181] hfsplus: invalid extended attribute record [ 555.549052][T19131] BTRFS info (device loop1): rebuilding free space tree [ 555.602712][T19131] BTRFS info (device loop1): disabling free space tree [ 555.609770][T19131] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 555.633550][T19131] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 555.688618][T19131] BTRFS info (device loop1): setting nodatasum [ 555.718476][ T8973] usb 5-1: new high-speed USB device number 61 using dummy_hcd [ 555.746107][T19131] BTRFS info (device loop1): turning on async discard [ 555.746336][ T3501] hfsplus: b-tree write err: -5, ino 4 [ 555.755757][T19131] BTRFS info (device loop1): enabling disk space caching [ 555.768563][T19131] BTRFS info (device loop1): force clearing of disk cache [ 555.783733][T19131] BTRFS info (device loop1): force zlib compression, level 3 [ 555.891604][ T8973] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 555.913891][ T8973] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 555.933474][ T5832] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 555.946433][ T8973] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 555.964822][ T8973] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 555.985855][ T8973] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 555.998375][ T8973] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 556.020474][ T8973] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 556.029028][ T8973] usb 5-1: Product: syz [ 556.045957][ T8973] usb 5-1: Manufacturer: syz [ 556.086596][ T8973] cdc_wdm 5-1:1.0: skipping garbage [ 556.102739][ T8973] cdc_wdm 5-1:1.0: skipping garbage [ 556.118209][ T8973] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 556.126792][T19211] loop2: detected capacity change from 0 to 64 [ 556.136619][T19210] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5618'. [ 556.167465][ T8973] cdc_wdm 5-1:1.0: Unknown control protocol [ 556.308902][T19191] cdc_wdm 5-1:1.0: Error submitting int urb - -90 [ 556.348967][ T8973] usb 5-1: USB disconnect, device number 61 [ 556.582634][T19225] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5623'. [ 556.774570][T19235] xt_hashlimit: max too large, truncated to 1048576 [ 557.376161][ T8973] usb 3-1: new high-speed USB device number 67 using dummy_hcd [ 557.530480][T19238] loop5: detected capacity change from 0 to 32768 [ 557.560921][ T8973] usb 3-1: Using ep0 maxpacket: 16 [ 557.572386][ T8973] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 557.581592][ T8973] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 557.589596][ T8973] usb 3-1: Product: syz [ 557.605255][T19238] JBD2: Ignoring recovery information on journal [ 557.612024][ T8973] usb 3-1: Manufacturer: syz [ 557.616650][ T8973] usb 3-1: SerialNumber: syz [ 557.644988][T19273] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5647'. [ 557.659645][ T8973] r8152-cfgselector 3-1: Unknown version 0x0000 [ 557.670733][ T8973] r8152-cfgselector 3-1: config 0 descriptor?? [ 557.693218][T19238] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 557.782435][ T5896] usb 2-1: new full-speed USB device number 77 using dummy_hcd [ 557.789622][T19238] (syz.5.5629,19238,0):ocfs2_check_dir_entry:338 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=0, inode=51539607617, rec_len=0, name_len=0 [ 557.826651][T19238] (syz.5.5629,19238,0):ocfs2_prepare_dir_for_insert:4336 ERROR: status = -2 [ 557.846318][T19238] (syz.5.5629,19238,0):ocfs2_mknod:301 ERROR: status = -2 [ 557.875555][T19238] (syz.5.5629,19238,0):ocfs2_mknod:505 ERROR: status = -2 [ 557.892797][T19238] (syz.5.5629,19238,0):ocfs2_create:678 ERROR: status = -2 [ 558.013986][T11492] ocfs2: Unmounting device (7,5) on (node local) [ 558.030580][ T5896] usb 2-1: unable to get BOS descriptor or descriptor too short [ 558.038737][ T5896] usb 2-1: not running at top speed; connect to a high speed hub [ 558.048219][ T5896] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 558.088802][ T5896] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 558.121499][ T10] r8152-cfgselector 3-1: USB disconnect, device number 67 [ 558.122730][ T5896] usb 2-1: string descriptor 0 read error: -22 [ 558.138751][ T5896] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 558.150900][ T5896] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 558.203349][ T5896] usb 2-1: 0:2 : does not exist [ 558.210372][ T8973] usb 4-1: new high-speed USB device number 72 using dummy_hcd [ 558.272850][T19286] loop4: detected capacity change from 0 to 512 [ 558.368581][T19290] openvswitch: netlink: Message has -2 unknown bytes. [ 558.434777][ T8973] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 558.451380][ T5896] usb 2-1: 5:0: failed to get current value for ch 0 (-22) [ 558.451660][ T8973] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 558.502538][ T5896] usb 2-1: 5:0: cannot get min/max values for control 2 (id 5) [ 558.504283][ T8973] usb 4-1: Product: syz [ 558.518466][ T8973] usb 4-1: Manufacturer: syz [ 558.525478][ T8973] usb 4-1: SerialNumber: syz [ 558.526212][T19294] netlink: 'syz.5.5657': attribute type 2 has an invalid length. [ 558.548174][ T5896] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5) [ 558.555403][ T8973] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 558.578611][ T5896] usb 2-1: 5:0: failed to get current value for ch 1 (-22) [ 558.611646][ T5933] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 558.621891][ T5896] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5) [ 558.660372][ T5896] usb 2-1: 5:0: cannot get min/max values for control 2 (id 5) [ 558.718517][ T5896] usb 2-1: USB disconnect, device number 77 [ 558.973344][ C0] usb 4-1: ath9k_htc: invalid pkt_len (fd7e) [ 559.058161][T19309] loop2: detected capacity change from 0 to 64 [ 559.159811][T19311] SET target dimension over the limit! [ 559.209963][ T8973] usb 4-1: USB disconnect, device number 72 [ 559.486313][T19324] netlink: 'syz.4.5672': attribute type 3 has an invalid length. [ 559.509617][T19324] netlink: 'syz.4.5672': attribute type 3 has an invalid length. [ 559.537064][T19324] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5672'. [ 559.715685][T19335] netlink: 'syz.5.5677': attribute type 1 has an invalid length. [ 559.761515][T19339] xt_hashlimit: Unknown mode mask C4, kernel too old? [ 559.773246][ T5933] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 559.781638][ T5933] ath9k_htc: Failed to initialize the device [ 559.807217][ T8973] usb 4-1: ath9k_htc: USB layer deinitialized [ 559.953562][T19346] netlink: 2 bytes leftover after parsing attributes in process `syz.4.5683'. [ 560.008046][T19346] batadv_slave_1: entered promiscuous mode [ 560.374533][ T30] audit: type=1326 audit(1780844945.232:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19368 comm="syz.4.5694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd765d8f749 code=0x7ffc0000 [ 560.473803][ T30] audit: type=1326 audit(1780844945.241:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19368 comm="syz.4.5694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd765d91667 code=0x7ffc0000 [ 560.541385][ T30] audit: type=1326 audit(1780844945.241:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19368 comm="syz.4.5694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fd765d915dc code=0x7ffc0000 [ 560.577007][T19380] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5699'. [ 560.623123][ T30] audit: type=1326 audit(1780844945.241:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19368 comm="syz.4.5694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fd765d91514 code=0x7ffc0000 [ 560.747632][ T30] audit: type=1326 audit(1780844945.241:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19368 comm="syz.4.5694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fd765d91514 code=0x7ffc0000 [ 560.828737][ T30] audit: type=1326 audit(1780844945.241:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19368 comm="syz.4.5694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd765d8e3aa code=0x7ffc0000 [ 560.890949][T19387] loop1: detected capacity change from 0 to 2048 [ 560.921320][ T30] audit: type=1326 audit(1780844945.241:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19368 comm="syz.4.5694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd765d8f749 code=0x7ffc0000 [ 560.989607][T19387] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 561.324791][ T8973] usb 3-1: new high-speed USB device number 68 using dummy_hcd [ 561.456810][ T30] audit: type=1326 audit(1780844946.242:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19405 comm="syz.4.5710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd765d8f749 code=0x7ffc0000 [ 561.514649][ T30] audit: type=1326 audit(1780844946.242:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19405 comm="syz.4.5710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd765d8f749 code=0x7ffc0000 [ 561.536127][ T8973] usb 3-1: Using ep0 maxpacket: 8 [ 561.554993][ T8973] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 561.599470][ T8973] usb 3-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b [ 561.606875][ T30] audit: type=1326 audit(1780844946.242:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19405 comm="syz.4.5710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd765d8f749 code=0x7ffc0000 [ 561.630625][ T8973] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 561.649383][T19385] loop3: detected capacity change from 0 to 32768 [ 561.656661][ T8973] usb 3-1: Product: syz [ 561.660847][ T8973] usb 3-1: Manufacturer: syz [ 561.675341][ T30] audit: type=1326 audit(1780844946.242:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19405 comm="syz.4.5710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fd765d8f749 code=0x7ffc0000 [ 561.687412][ T8973] usb 3-1: SerialNumber: syz [ 561.741687][T19385] [ 561.741687][T19385] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 561.741687][T19385] [ 561.764273][ T8973] usb 3-1: config 0 descriptor?? [ 561.787019][ T8973] gspca_main: stk014-2.14.0 probing 05e1:0893 [ 561.814216][ T8973] usb 3-1: selecting invalid altsetting 1 [ 561.835058][T19385] read_mapping_page failed! [ 561.863391][T19385] ERROR: (device loop3): txCommit: [ 561.863391][T19385] [ 561.975009][ T3501] ERROR: (device loop3): diWrite: ixpxd invalid [ 561.975009][ T3501] [ 561.994380][ T3501] ERROR: (device loop3): txCommit: [ 561.994380][ T3501] [ 562.011955][ T3501] jfs_write_inode: jfs_commit_inode failed! [ 562.021448][ T5823] [ 562.021448][ T5823] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 562.021448][ T5823] [ 562.034379][ T5823] [ 562.034379][ T5823] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 562.034379][ T5823] [ 562.307033][ T8973] usb 3-1: USB disconnect, device number 68 [ 562.620009][T19452] netlink: 'syz.1.5730': attribute type 1 has an invalid length. [ 562.857334][T19461] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5736'. [ 562.870211][T19461] netlink: 43 bytes leftover after parsing attributes in process `syz.1.5736'. [ 562.881748][T19461] netlink: 'syz.1.5736': attribute type 6 has an invalid length. [ 562.893633][T19461] netlink: 'syz.1.5736': attribute type 5 has an invalid length. [ 562.903208][T19461] netlink: 43 bytes leftover after parsing attributes in process `syz.1.5736'. [ 562.983604][T19467] netlink: 'syz.4.5739': attribute type 1 has an invalid length. [ 563.000716][T19467] netlink: 224 bytes leftover after parsing attributes in process `syz.4.5739'. [ 563.266056][T19484] loop5: detected capacity change from 0 to 256 [ 563.267263][T19483] loop3: detected capacity change from 0 to 16 [ 563.300344][T19483] erofs (device loop3): mounted with root inode @ nid 36. [ 563.355582][T19483] erofs (device loop3): xattr_isize 12 of nid 46 is not supported yet [ 563.387881][T19484] FAT-fs (loop5): Directory bread(block 64) failed [ 563.407333][T19484] FAT-fs (loop5): Directory bread(block 65) failed [ 563.428986][T19484] FAT-fs (loop5): Directory bread(block 66) failed [ 563.435543][T19484] FAT-fs (loop5): Directory bread(block 67) failed [ 563.483519][T19484] FAT-fs (loop5): Directory bread(block 68) failed [ 563.519612][T19484] FAT-fs (loop5): Directory bread(block 69) failed [ 563.553150][T19484] FAT-fs (loop5): Directory bread(block 70) failed [ 563.581567][T19484] FAT-fs (loop5): Directory bread(block 71) failed [ 563.588224][T19484] FAT-fs (loop5): Directory bread(block 72) failed [ 563.638146][T19484] FAT-fs (loop5): Directory bread(block 73) failed [ 564.082725][T19512] delete_channel: no stack [ 564.329210][T19530] netlink: 36 bytes leftover after parsing attributes in process `syz.5.5770'. [ 564.348631][T19530] netlink: 36 bytes leftover after parsing attributes in process `syz.5.5770'. [ 564.388782][T19534] ieee802154 phy0 wpan0: encryption failed: -22 [ 564.720396][T19552] xt_l2tp: missing protocol rule (udp|l2tpip) [ 565.281487][T19572] loop3: detected capacity change from 0 to 4096 [ 565.321762][ T10] usb 5-1: new high-speed USB device number 62 using dummy_hcd [ 565.482165][ T10] usb 5-1: Using ep0 maxpacket: 16 [ 565.498015][ T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 565.537094][ T10] usb 5-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=50.0d [ 565.589992][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 565.598023][ T10] usb 5-1: Product: syz [ 565.653237][ T10] usb 5-1: Manufacturer: syz [ 565.657881][ T10] usb 5-1: SerialNumber: syz [ 565.688560][ T10] usb 5-1: config 0 descriptor?? [ 565.999969][ T10] gspca_main: STV06xx-2.14.0 probing 046d:08f0 [ 566.017229][ T10] gspca_stv06xx: st6422 sensor detected [ 566.220305][T19614] openvswitch: netlink: IP tunnel dst address not specified [ 566.313031][T19618] loop2: detected capacity change from 0 to 1764 [ 566.510684][ T10] STV06xx 5-1:0.0: probe with driver STV06xx failed with error -71 [ 566.537116][ T10] usb 5-1: USB disconnect, device number 62 [ 566.611236][T19626] loop2: detected capacity change from 0 to 256 [ 566.661582][T19626] exfat: Deprecated parameter 'utf8' [ 566.705459][T19626] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 566.980086][T19636] loop1: detected capacity change from 0 to 4096 [ 566.994363][T19642] comedi comedi0: dmm32at: I/O port conflict (0xfffffffffffffffa,16) [ 567.002951][T19636] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 567.056602][T19636] ntfs3(loop1): ino=18, mi_enum_attr [ 567.061955][T19636] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 567.185311][T19636] ntfs3(loop1): ino=0, attr_set_size [ 567.592254][T19665] loop1: detected capacity change from 0 to 128 [ 567.640963][T19665] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 567.712277][T19665] ext4 filesystem being mounted at /1112/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 567.747224][T19665] EXT4-fs warning (device loop1): verify_group_input:137: Cannot add at group 37441 (only 1 groups) [ 567.803121][ T5832] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 567.857870][T19671] loop5: detected capacity change from 0 to 4096 [ 568.028901][T19671] ntfs3(loop5): new label is too long [ 568.136508][T19677] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 568.919591][T19709] loop1: detected capacity change from 0 to 256 [ 568.948071][T19709] exfat: Deprecated parameter 'utf8' [ 568.953460][T19709] exfat: Deprecated parameter 'namecase' [ 568.990307][T19650] loop4: detected capacity change from 0 to 65536 [ 568.998279][T19709] exfat: Deprecated parameter 'namecase' [ 569.004560][T19709] exfat: Deprecated parameter 'utf8' [ 569.040783][T19709] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffad0, utbl_chksum : 0xe619d30d) [ 569.065431][T19709] exFAT-fs (loop1): failed to test first cluster bit of root dir(5) [ 569.130762][T19650] XFS (loop4): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 569.212778][T19650] XFS (loop4): Ending clean mount [ 569.246902][T19709] exFAT-fs (loop1): start_clu is invalid cluster(0x400) [ 569.284612][T19729] netlink: 'syz.3.5862': attribute type 10 has an invalid length. [ 569.311765][T19729] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5862'. [ 569.375449][ T5836] XFS (loop4): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 569.674894][T19741] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 569.681779][T19741] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 569.696094][T19739] xt_hashlimit: max too large, truncated to 1048576 [ 569.703023][T19741] vhci_hcd vhci_hcd.0: Device attached [ 569.748847][T19744] vhci_hcd vhci_hcd.0: port 0 already used [ 569.770731][T19742] vhci_hcd: connection closed [ 569.776677][ T6753] vhci_hcd vhci_hcd.3: stop threads [ 569.815969][ T6753] vhci_hcd vhci_hcd.3: release socket [ 569.821418][ T6753] vhci_hcd vhci_hcd.3: disconnect device [ 569.963011][ T6753] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 570.093364][ T6753] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 570.279145][ T6753] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 570.307042][T19748] loop2: detected capacity change from 0 to 40427 [ 570.334947][T19748] F2FS-fs (loop2): Invalid segment/section count (31, 24 x 1) [ 570.365688][T19748] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 570.406452][T19748] F2FS-fs (loop2): invalid crc value [ 570.429594][ T6753] netdevsim netdevsim1 netdevsim0 (unregistering): left allmulticast mode [ 570.468630][ T6753] bridge0: port 3(netdevsim0) entered disabled state [ 570.557664][ T6753] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 570.581431][T19759] netlink: 'syz.4.5877': attribute type 21 has an invalid length. [ 570.672681][T19748] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 570.728952][T19748] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 570.759903][T19748] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 570.852568][ T5825] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 570.874359][ T5825] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 570.883651][ T5825] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 570.902637][ T5825] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 570.910347][ T5825] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 571.045879][ T6753] bridge_slave_1: left allmulticast mode [ 571.057832][ T6753] bridge_slave_1: left promiscuous mode [ 571.069935][ T6753] bridge0: port 2(bridge_slave_1) entered disabled state [ 571.088862][ T6753] bridge_slave_0: left allmulticast mode [ 571.098027][ T6753] bridge_slave_0: left promiscuous mode [ 571.107791][ T6753] bridge0: port 1(bridge_slave_0) entered disabled state [ 571.859417][ T6753] dvmrp0 (unregistering): left allmulticast mode [ 571.921701][ T6753] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 571.958084][T19794] loop4: detected capacity change from 0 to 32768 [ 571.975185][T19794] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.5885 (19794) [ 571.992022][T19794] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 572.009674][T19794] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 572.019599][T19794] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 572.195464][T19794] BTRFS info (device loop4): rebuilding free space tree [ 572.227744][T19794] BTRFS info (device loop4): disabling free space tree [ 572.251592][T19794] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 572.261276][T19794] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 572.298000][T19794] BTRFS info (device loop4): setting nodatasum [ 572.304326][T19794] BTRFS info (device loop4): allowing degraded mounts [ 572.311296][T19794] BTRFS info (device loop4): turning on async discard [ 572.330248][T19794] BTRFS info (device loop4): enabling disk space caching [ 572.347730][T19794] BTRFS info (device loop4): force clearing of disk cache [ 572.379793][T19794] BTRFS info (device loop4): force zlib compression, level 3 [ 572.483335][T19794] BTRFS info (device loop4): balance: start -sconvert=raid0,soft,profiles=system|metadata,usage=10625749090306,devid=0,drange=7..3,limit=0 [ 572.511452][T19794] BTRFS info (device loop4): balance: ended with status: 0 [ 572.561921][ T6753] team0: Port device bond0 removed [ 572.570383][ T6753] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 572.580098][ T5836] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 572.594352][ T6753] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 572.606820][ T6753] bond0 (unregistering): Released all slaves [ 572.629699][ T6753] bond1 (unregistering): Released all slaves [ 572.779692][ T6753] : left promiscuous mode [ 572.932204][T19765] virt_wifi0 speed is unknown, defaulting to 1000 [ 572.980595][T19765] wlan1 speed is unknown, defaulting to 1000 [ 573.076998][T19824] xt_TCPMSS: Only works on TCP SYN packets [ 573.120912][ T5825] Bluetooth: hci2: command tx timeout [ 573.145034][T19816] loop3: detected capacity change from 0 to 4096 [ 573.210258][T19816] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 573.261652][ T8973] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 573.438724][ T8973] usb 6-1: Using ep0 maxpacket: 32 [ 573.457143][ T8973] usb 6-1: unable to get BOS descriptor or descriptor too short [ 573.524547][ T8973] usb 6-1: config 56 has an invalid interface association descriptor of length 5, skipping [ 573.573359][ T8973] usb 6-1: config 56 has an invalid descriptor of length 0, skipping remainder of the config [ 573.616581][ T8973] usb 6-1: config 56 has 0 interfaces, different from the descriptor's value: 1 [ 573.677840][ T8973] usb 6-1: New USB device found, idVendor=12d1, idProduct=b580, bcdDevice=29.de [ 573.706945][T19840] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5896'. [ 573.738184][ T8973] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 573.746263][ T8973] usb 6-1: Product: syz [ 573.788463][ T8973] usb 6-1: Manufacturer: syz [ 573.816847][ T8973] usb 6-1: SerialNumber: syz [ 574.147515][ T8973] usb 6-1: USB disconnect, device number 9 [ 574.317027][T19765] chnl_net:caif_netlink_parms(): no params data found [ 574.625764][ T6753] hsr_slave_0: left promiscuous mode [ 574.662795][ T6753] hsr_slave_1: left promiscuous mode [ 574.684019][T19879] Cannot find del_set index 2 as target [ 574.704305][ T6753] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 574.729057][ T6753] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 574.797961][ T6753] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 574.838739][ T6753] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 574.929045][ T6753] veth1_macvtap: left promiscuous mode [ 574.935353][ T6753] veth0_macvtap: left promiscuous mode [ 574.941311][ T6753] veth0_vlan: left promiscuous mode [ 575.144483][T19897] netlink: 'syz.3.5919': attribute type 3 has an invalid length. [ 575.211985][T19893] loop4: detected capacity change from 0 to 4096 [ 575.236625][T19893] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 575.269042][T19893] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 575.277334][T19893] ntfs3(loop4): ino=19, mi_enum_attr [ 575.317194][T19893] ntfs3(loop4): failed to convert "c46c" to macromanian [ 575.327145][T19893] ntfs3(loop4): ino=20, mi_enum_attr [ 575.349181][ T5825] Bluetooth: hci2: command tx timeout [ 575.364149][ T24] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 575.392285][T19901] loop2: detected capacity change from 0 to 8 [ 575.401267][T19901] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 575.459561][T19901] cramfs: Error -5 while decompressing! [ 575.476669][ T9295] udevd[9295]: incorrect cramfs checksum on /dev/loop2 [ 575.489683][T19901] cramfs: ffffffff99981228(26)->ffff888085571000(4096) [ 575.511218][T19901] cramfs: Error -3 while decompressing! [ 575.537060][T19901] cramfs: ffffffff99981242(26)->ffff888074e03000(4096) [ 575.548650][ T6753] team0 (unregistering): Port device macvlan0 removed [ 575.555004][T19901] cramfs: Error -3 while decompressing! [ 575.558509][ T9295] udevd[9295]: incorrect cramfs checksum on /dev/loop2 [ 575.566905][ T24] usb 6-1: Using ep0 maxpacket: 8 [ 575.579741][ T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 575.586713][T19901] cramfs: ffffffff9998125c(16)->ffff88806c049000(4096) [ 575.602369][ T24] usb 6-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 575.616345][ T24] usb 6-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 575.630586][T19901] cramfs: Error -5 while decompressing! [ 575.636136][ T24] usb 6-1: Product: syz [ 575.638219][T19901] cramfs: ffffffff99981228(26)->ffff888085571000(4096) [ 575.646892][ T24] usb 6-1: Manufacturer: syz [ 575.665767][ T24] usb 6-1: SerialNumber: syz [ 575.672268][ T30] kauditd_printk_skb: 6 callbacks suppressed [ 575.672283][ T30] audit: type=1800 audit(1780844959.539:114): pid=19901 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.5921" name="file2" dev="loop2" ino=348 res=0 errno=0 [ 575.888914][T19909] netlink: 'syz.2.5925': attribute type 1 has an invalid length. [ 575.935710][ T24] usb 6-1: Invalid connection information received from device [ 575.968361][T19907] loop4: detected capacity change from 0 to 4096 [ 576.007056][T19907] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 576.048374][T19907] ntfs3(loop4): ino=19, mi_enum_attr [ 576.061202][T19907] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 576.082082][T19907] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 576.183817][ T24] usb 6-1: USB disconnect, device number 10 [ 576.461699][ T6753] team0 (unregistering): Port device team_slave_1 removed [ 576.552967][ T6753] team0 (unregistering): Port device team_slave_0 removed [ 577.232235][T19765] bridge0: port 1(bridge_slave_0) entered blocking state [ 577.250060][T19913] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 577.262056][T19765] bridge0: port 1(bridge_slave_0) entered disabled state [ 577.269857][T19913] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 577.310531][T19765] bridge_slave_0: entered allmulticast mode [ 577.317702][T19765] bridge_slave_0: entered promiscuous mode [ 577.338070][T19913] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 577.350283][T19765] bridge0: port 2(bridge_slave_1) entered blocking state [ 577.376726][T19913] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 577.380315][T19944] overlayfs: unescaped trailing colons in lowerdir mount option. [ 577.400213][T19765] bridge0: port 2(bridge_slave_1) entered disabled state [ 577.428383][T19765] bridge_slave_1: entered allmulticast mode [ 577.436288][T19765] bridge_slave_1: entered promiscuous mode [ 577.465993][T19913] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 577.473310][T19913] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 577.504715][T19913] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 577.512442][T19913] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 577.525010][T19913] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 577.531365][T19913] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 577.578963][T19913] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 577.617315][T19765] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 577.676113][T19765] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 577.768849][T19952] xt_CT: You must specify a L4 protocol and not use inversions on it [ 577.851368][T19956] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5943'. [ 577.959278][T19964] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5946'. [ 577.992778][T19765] team0: Port device team_slave_0 added [ 578.012873][T19964] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 578.095569][T19765] team0: Port device team_slave_1 added [ 578.378169][T19765] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 578.415264][T19765] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 578.498694][T19765] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 578.565132][T19765] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 578.584163][T19991] netlink: 232 bytes leftover after parsing attributes in process `syz.4.5958'. [ 578.603221][T19765] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 578.711382][T19765] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 578.912744][T20003] No such timeout policy "syz0" [ 578.980601][T20005] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5963'. [ 578.982640][T19765] hsr_slave_0: entered promiscuous mode [ 579.016936][T19765] hsr_slave_1: entered promiscuous mode [ 579.056041][T19765] debugfs: 'hsr0' already exists in 'hsr' [ 579.061834][T19765] Cannot create hsr debugfs directory [ 579.448668][ T5825] Bluetooth: hci0: command 0x0406 tx timeout [ 579.555485][ T5825] Bluetooth: hci1: command 0x0406 tx timeout [ 579.619794][ T5825] Bluetooth: hci4: command 0x0406 tx timeout [ 579.712679][ T5825] Bluetooth: hci2: command 0x0419 tx timeout [ 579.712691][ T5831] Bluetooth: hci3: command 0x0406 tx timeout [ 579.923863][T20048] loop3: detected capacity change from 0 to 512 [ 580.004654][T20048] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 580.016655][T20048] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 580.054731][T20055] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN PTI [ 580.066752][T20055] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f] [ 580.075170][T20055] CPU: 0 UID: 0 PID: 20055 Comm: syz.4.5984 Not tainted syzkaller #0 PREEMPT(full) [ 580.084541][T20055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 580.094592][T20055] RIP: 0010:handshake_complete+0x36/0x350 [ 580.100310][T20055] Code: 54 53 48 83 ec 10 48 89 54 24 08 89 f5 49 89 ff 49 bd 00 00 00 00 00 fc ff df e8 95 ac 77 f6 49 8d 5f 28 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 3b fd dd f6 48 8b 1b 4c 8d 63 30 [ 580.119913][T20055] RSP: 0018:ffffc9000ca9f300 EFLAGS: 00010206 [ 580.125977][T20055] RAX: 0000000000000005 RBX: 0000000000000028 RCX: 0000000000080000 [ 580.133943][T20055] RDX: ffffc9000df59000 RSI: 0000000000000250 RDI: 0000000000000251 [ 580.141918][T20055] RBP: 00000000fffffffb R08: ffff888034dd4803 R09: 1ffff110069ba900 [ 580.149884][T20055] R10: dffffc0000000000 R11: ffffed10069ba901 R12: ffff8880323714d0 [ 580.157852][T20055] R13: dffffc0000000000 R14: dffffc0000000000 R15: 0000000000000000 [ 580.165828][T20055] FS: 00007fd766c6f6c0(0000) GS:ffff888125e8b000(0000) knlGS:0000000000000000 [ 580.174768][T20055] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 580.181339][T20055] CR2: 0000200000000000 CR3: 0000000076224000 CR4: 00000000003526f0 [ 580.189308][T20055] Call Trace: [ 580.192576][T20055] [ 580.195550][T20055] handshake_nl_accept_doit+0x3c9/0x7f0 [ 580.201098][T20055] genl_family_rcv_msg_doit+0x215/0x300 [ 580.206641][T20055] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 580.212711][T20055] ? bpf_lsm_capable+0x9/0x20 [ 580.217373][T20055] ? security_capable+0x7e/0x2e0 [ 580.222298][T20055] genl_rcv_msg+0x60e/0x790 [ 580.226794][T20055] ? __pfx_genl_rcv_msg+0x10/0x10 [ 580.231811][T20055] ? __pfx_handshake_nl_accept_doit+0x10/0x10 [ 580.237975][T20055] netlink_rcv_skb+0x208/0x470 [ 580.242737][T20055] ? __pfx_genl_rcv_msg+0x10/0x10 [ 580.247750][T20055] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 580.253042][T20055] ? down_read+0x274/0x2e0 [ 580.257459][T20055] ? genl_rcv+0xd/0x40 [ 580.261558][T20055] genl_rcv+0x28/0x40 [ 580.265530][T20055] netlink_unicast+0x82f/0x9e0 [ 580.270290][T20055] ? __pfx_netlink_unicast+0x10/0x10 [ 580.275573][T20055] ? netlink_sendmsg+0x642/0xb30 [ 580.280517][T20055] ? skb_put+0x11b/0x210 [ 580.284839][T20055] netlink_sendmsg+0x805/0xb30 [ 580.289634][T20055] ? aa_sk_perm+0x15f/0x920 [ 580.294130][T20055] ? __pfx_netlink_sendmsg+0x10/0x10 [ 580.299413][T20055] ? tomoyo_socket_sendmsg_permission+0x1e1/0x300 [ 580.305835][T20055] ? __pfx_netlink_sendmsg+0x10/0x10 [ 580.311119][T20055] sock_sendmsg_nosec+0x18f/0x1d0 [ 580.316137][T20055] ____sys_sendmsg+0x577/0x880 [ 580.320915][T20055] ? __pfx_____sys_sendmsg+0x10/0x10 [ 580.326198][T20055] ? import_iovec+0x74/0xa0 [ 580.330692][T20055] ___sys_sendmsg+0x21f/0x2a0 [ 580.335363][T20055] ? __pfx____sys_sendmsg+0x10/0x10 [ 580.340657][T20055] ? futex_wait+0x285/0x360 [ 580.345156][T20055] ? __fget_files+0x2a/0x420 [ 580.349742][T20055] ? __fget_files+0x3a0/0x420 [ 580.354409][T20055] __x64_sys_sendmsg+0x19b/0x260 [ 580.359347][T20055] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 580.364814][T20055] ? do_syscall_64+0xbe/0xf80 [ 580.369497][T20055] do_syscall_64+0xfa/0xf80 [ 580.374020][T20055] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.380086][T20055] ? clear_bhb_loop+0x60/0xb0 [ 580.384760][T20055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.390647][T20055] RIP: 0033:0x7fd765d8f749 [ 580.395163][T20055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 580.414762][T20055] RSP: 002b:00007fd766c6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 580.423167][T20055] RAX: ffffffffffffffda RBX: 00007fd765fe5fa0 RCX: 00007fd765d8f749 [ 580.431127][T20055] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 580.439089][T20055] RBP: 00007fd765e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 580.447048][T20055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 580.455007][T20055] R13: 00007fd765fe6038 R14: 00007fd765fe5fa0 R15: 00007ffe86019598 [ 580.462975][T20055] [ 580.465991][T20055] Modules linked in: [ 580.470738][T20055] ---[ end trace 0000000000000000 ]--- [ 580.476548][T20048] EXT4-fs (loop3): 1 truncate cleaned up [ 580.482935][T20048] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 580.496922][T20055] RIP: 0010:handshake_complete+0x36/0x350 [ 580.501726][T20048] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 4: comm syz.3.5982: lblock 0 mapped to illegal pblock 4 (length 1) [ 580.502827][T20055] Code: 54 53 48 83 ec 10 48 89 54 24 08 89 f5 49 89 ff 49 bd 00 00 00 00 00 fc ff df e8 95 ac 77 f6 49 8d 5f 28 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 3b fd dd f6 48 8b 1b 4c 8d 63 30 [ 580.536526][ T5940] usb 6-1: new full-speed USB device number 11 using dummy_hcd [ 580.549549][T20048] EXT4-fs (loop3): Remounting filesystem read-only [ 580.571613][T19765] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 580.601215][T20055] RSP: 0018:ffffc9000ca9f300 EFLAGS: 00010206 [ 580.613084][T19765] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 580.618527][ T5823] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 580.620469][T20055] RAX: 0000000000000005 RBX: 0000000000000028 RCX: 0000000000080000 [ 580.641496][T19765] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 580.649392][T20055] RDX: ffffc9000df59000 RSI: 0000000000000250 RDI: 0000000000000251 [ 580.660674][T19765] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 580.671234][T20055] RBP: 00000000fffffffb R08: ffff888034dd4803 R09: 1ffff110069ba900 [ 580.679316][T20055] R10: dffffc0000000000 R11: ffffed10069ba901 R12: ffff8880323714d0 [ 580.687682][T20055] R13: dffffc0000000000 R14: dffffc0000000000 R15: 0000000000000000 [ 580.696569][T20055] FS: 00007fd766c6f6c0(0000) GS:ffff888125e8b000(0000) knlGS:0000000000000000 [ 580.701270][ T5940] usb 6-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 580.715526][ T5940] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 580.716353][T20055] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 580.730825][T20055] CR2: 0000001b30f0aff8 CR3: 0000000076224000 CR4: 00000000003526f0 [ 580.739780][T20055] Kernel panic - not syncing: Fatal exception [ 580.746228][T20055] Kernel Offset: disabled [ 580.750542][T20055] Rebooting in 86400 seconds..