last executing test programs: 4m15.769110879s ago: executing program 3 (id=1690): r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040), 0x4) 4m15.571050233s ago: executing program 3 (id=1693): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x65, &(0x7f0000000280)="1a", 0x1) 4m15.325798208s ago: executing program 3 (id=1696): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x22002, 0x0) ioctl$FBIOBLANK(r0, 0x4611, 0x2) 4m15.058478293s ago: executing program 3 (id=1701): syz_mount_image$exfat(&(0x7f00000001c0), &(0x7f0000000000)='./bus\x00', 0x800, &(0x7f0000000200)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c6b6565705f6c6173745f646f74732c696f636861727365743d63703835302c7379735f747a2c696f636861727365743d69736f383835392d31352c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303030382c6572726f72733d72656d6f756e742d726f2c6572726f72733d636f6e74696e75652c646d61736b3d30303030303030303030303030303030303030303031332c646973636172642c646973636172642c00e0669f62a389f94dcc2fda2101686c10656f728020f5a616130a1fc56df99c298f3ad694c74a629be0af8c838281"], 0x1, 0x152a, &(0x7f0000003000)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k1imSTJJUkuSZIkSW4JSZMcSUgMuSUNSch1SC5DSC4Tk8b9fr8kJEmTJCG5Jev/Ef7qVL/T+Z1+x/mceb6fz/5Yz6z9rP287/Ne9t6YbzoOqtageuV6RAT/ErzwRxIAxAJAPwC4BgACACgdVzru/Hx2iUn/2kHYX+vh1CtdAbuSuP9ZG/c/a+P+Z23c/6yN+5+1cf+zNu5/1sb9Zywr2zg1/7W8Zd2N7///96vzhzP8/f9fJLPE6C9Wl7i+E0DMn03h/mdt3P//WsGf2Yn7n7Vx/7Oq2CtdAPsPwO//rCDbH85w/7M27j9jWdmVvv98pTeIZO3n4Eq//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ2n/GUKAC6Nr3RdjDHGGGOMMcYY++v4bFe6AsYYY4wxxhhjjP3fQxAgQUEAMZANYiE75AABAFdDLrgGInAtxMF1kBuuhzyQF/JBfoiHAlAQNBiwQBBCISgMUbgBisCNUBRugmJQHByUgAS4GUrCLVAKboXScBuUgduhLJSD8lAB7oCKcCdUgrugMtwNVaAqVIPqcA/UgHuhJtwHteB+qA0PQB14EOrCQ1APHob68Ag0gEehITwGjaAxNIGm0Ox/lf8idIWXoBt0hyToAT3hZegFvaEP9IV+8Ar0h1dhALwGyTAQBsHrMBjegCHwJgyFYTAc3oIRMBJGwWgYA2MhBcbBeHgbJsA7MBEmwWSYAqkwFabBuzAdZsBMeA9mwfswG+bAXJgHafABzIcFkA4fwkL4CDJgESyGJbAUlsFyWAErYRWshjWwFtbBetgAG2ETbIYtsBW2wXb4GHbAJ7ATdsFu+BT2wGf/ZP7Jv8vvhICAAgUqVBiDMRiLsZgDc2BOzIm5MBdGMIJxGIe5MTfmwTyYD/NhPMZjQSyIBg0SEhbCQhjFKBbBIlgUi2IxLIYOHSZgApbEW7AUlsLSWBrLYBksi+WwHFbAClgRK2IlrISVsTJWwSpYDavhPXgP9sCaWBNrYS2sjbUv3Z7CelgP62N9bIANsCE2xEbYCJtgE2yGzbA5NscW2AJbYStsja2xDbbBREzEttgW22E7bI/tsQN2wI7YETthZ+yc+WI2wJfwJeyOVUQP7Ik9sRcmZ+uDfbEvvoL98VV8FV/DZByIg/B1fB3fwCF4AofiMByOw7GiGImjcDSSGIspmILjcTxOwAk4ESfhJJyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4f/1X9j29alQziPCWUiBExIlbEihwih8gpcopcIpeIiIiIE3Eit8gt8og8Ip/IJ+JFvCgoCgojjCARxgCAiIqoKCKKiKKiqCgmigknnEgQCaKkKClKiVKitLhNlBG3i7KinGjpKogKoqJo5SqJu0RlUVlUEVVFNVFdVBc1RA1RU9QUtUQtUVvUFnXEg6Ku6IF98GFxvjMNxEBsKAZhI9FYyIufYM3FEGwhWopW4kkxDIdiG9HcJYpnRFsxCtuJv4nR+JzoIMZiR/GC6CQ6iy7iRdFVtHDdRHcxEXuInmIK9hK9RR/RV0zHquI9nJW9mnhNJIuBYpB4XczDN8QQ8aYYKoaJ4eItMUKMFKPEaDFGjBUpYpwYL94WE8Q7YqKYJCaLKSJVTBXTxLtiupghZor3xCzxvpgt5oi5Yp5IEx+I+WKBSBcfioXiI5EhFonFYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie3iY7FDfCJ2il1it/hU7BGfib3ic7FPfCH2iy9FpvhKHBBfi4PiG3FIfCsOi+/EEXFUHBPfi+PiB3FCnBSnxGlxRvwozoqfxDnhBUiUQkqpZCBjZDYZK7PLHPIqmVMGF5/da2WcvE7mltfLPDKvzCfzy3hZQBaUWhppJclQFpKFZVTeIIvIG2VReZMsJotLJ0vIBHmzLClvkaXkrbK0vE2WkbfLsrKcLC8ryDtkRXmnhMiFY1SRVWU1WV3eI5PgXllT3idryftlbfmArCMflHXlQ7KefFjWl4/IBvJR2VA+JhvJxrKJbCqbycdlc/mEbCFbylbySdlaPiXbyKdlonxGtpX+4kvkOdlBPi87yhdkJ9lZdpE/yXPSy26yu4QeIHvKl2Uv2Vv2kX1lP/mK7C9flQPkazJZDpSD5OtysHxDDpFvyqFymBwu35Ij5Eg5So6WY+RYmSLHyfHybTlBviMnyklyspwiU+VU2efiSjOl/If5b/9O/oCfj75BbpSb5Ga5RW6V2+R2+bHcIXfInXKn3C13yz1yj9wr98p9cp/cL/fLTJkpD8gD8qA8KA/JQ/KwPCyPyKPytPxeHpc/yBPypDwpT8sz8ow8e/E5AIVKKKmUClSMyqZiVXaVQ12lcqqrVS51jYqoa1Wcuk7lVterPCqvyqfyq3hVQBVUWhllFalQFVKFVVTdgBdfMKqYKq6cKqES1M3/TL4qom5URdVNv8q/VF/SH9TXTDVTzVVz1UK1UK1UK9VatVZtVBuVqBJVW9VWtVPtVHvVXnVQHVRH1VF1Up1UF9VFdVVdVTfVTSWpJNVTvax6qd6qj+qr+qlXVH/VXw1QA1SySlaD1CA1WA1WQ9QQNVQNVcPVcDVCjVCj1Cg1Ro1RKSpFjVfj1QQ1QU1UE9VkNVmlqlQ1TU1T09V0NVPNVLPULDVbzVZz1VyVptLUfDVfpat0tVAtVBlqkVqklqglaplaplaoFWqVWqXWqDVqnVqnMtRGtVFtVpvVVrVVbVfb1Q61Q+1UO9VutVvtUXvUXrVX7VP71H61X2WqTHVAHVAH1UF1SB1Sh9VhdUQdUcfUMXVcHVcn1Al1Sp1SZ9QZdVadVefUufOnfYEIRKACFcQEMUFsEBvkCHIEOYOcQa4gVxAJIkFcEBfkDq4P8gR5g3xB/iA+KBAUDHRgAhuIi02PBjcERYIbg6LBTUGxoHjgghJBQnBzUDK4JSgV3BqUDm4LygS3B2WDckH5oEJwR1AxuDOoFNwVVA7uDqoEVYNqQfXgnqBGcG9QM7gvqBXcH9QOHgjqBA8GdYOHgnrBw0H94JGgQfBo0DB4LGgUNA6aBE2DZn/p+t6fyPuE66a76yTdQ/fUL+teurfuo/vqfvoV3V+/qgfo13SyHqgH6df1YP2GHqLf1EP1MD1cv6VH6JF6lB6tx+ixOkWP0+P123qCfkdP1JP0ZD1Fp+qpepp+V0/XM/RM/Z6epd/Xs/UcPVfP02n6Az1fL9Dp+kO9UH+kM/QivVgv0Uv1Mr1cr9Ar9Sq9Wq/Ra/U6vV5v0Bv1Jr1Zb9Fb9Ta9XX+sd+hP9E69S+/Wn+o9+jO9V3+u9+kv9H79pc7UX+kD+mt9UH+jD+lv9WH9nT6ij+pj+nt9XP+gT+iT+pQ+rc/oH/VZ/ZM+p/35k/vzX+9GGWViTIyJNbEmh8lhcpqcJpfJZSImYuJMnMltcps8Jo/JZ/KZeBNvCpqC5jwyZAqZQiZqoqaIKWKKmqKmmClmnHEmwSSYkqakKWVKmdKmtCljypiypqwpb8qbO8wd5k5zp7nL3GXuNnebqqaqqW6qmxqmhqlpappappapbWqbOqaOqWvqmnqmnqlv6psGpoFpaBqaRqaRaWKamGammWlumpsWpoVpZVqZ1qa1aWPamESTaNqatqadaWfam/amg+lgOpqOppPpZLqYLqar6Wq6mW4mySSZnqan6WV6mT6mj+ln+pn+pr8ZYAaYZJNsBplBZrAZbIaYIWaoGWaGnz9RNSPNKDPajDFjTYpJMePNeDPBTDATzUQz2Uw2qSbVTDPTzHQz3cw0M80sM8vMNrPNXDPXpJk0M9/MN+km3Sw0C02GyTCLzWKz1Cw1y81ys9KsNKvNarMW1pr1Zr3ZaDaazWaz2Wq2mu1mu9lhdpidZqfZbXabPWaP2Wv2mn1mn9lv9ptMk2kOmAPmoDloDplD5rA5bI6YI+aYOWaOm+PmhDlhTplT5ozJe/H70ptYm93msFfZnPZqm8teY/8+zmfz23hbwBa02uaxeX8VG2ttUXuTLWaLW2dL2AR782/isracLW8r2DtsRXunrfSbuIa919a099la9n5b3d7zq7i2fcDWsY/auogAtrGtb5vaBvZR29A+ZhvZxraJbWpb26dsG/u0TbTP2Lb22d/E8+0Cu9KusqvtGrvT7rKn7Gl70H5jz9gfbTfb3fazr9j+9lU7wL5mk+3A38TD7Vt2hB1pR9nRdowd+5t4sp1iU+1UO82+a6fbGb+J0+wHdpZNt7PtHDvXzvs5Pl9Tuv3QLrQf2QwbwGK7xC61y+xyu+L/17rErrPr7Qa7w35iN9stdqvdZrdfOhG2u+xu+6ndYz+zB+zXdp/9wu63h2ym/ern+PzjO2S/tYftd/aIPWqP2e/tcfuD+jl3ZC8A+6P93v5kz1lvgZCAJCkKKIayUSxlpxx0FeWkqykXXUMRupbi6DrKTddTHspL+Sg/xVMBKkiaDFkiCqkQFaYo3UCXyitGxclRCUqgm6kk3UKl6FYqTbdRGbqdylI5Kk8V6A6qSHdSJbqLKtPdVIWqUjWqTvdQDbqXatJ9VIvup9r0ANWhB6kuPUT16GGqT49QA3qUGtJj1IgaUxNqSs3ocWpOT1ALakmt6ElqTU9RG3qaEukZakvPUjv6G7Wn56gDPU8d6QXqRJ2pC71IXekl6kbdKYl6UE96mXpRb+pDfakfvUL96VUaQK9RMg2kQfQ6DaY3aAi9SUNpGA2nt2gEjaRRNJrG0FhKoXE0nt6mCfQOTaRJNJmmUCpNpWn0Lk2nGTST3qNZ9D7Npjk0l+ZRGn1A82kBpdOHtJA+ogxaRItpCS2lZbScVtBKWkWraQ2tpXW0njbQRtpEm2kLbaVttJ0+ph30Ce2kXbSbPqU99Bntpc9pH31B++lLyqSv6AB9TQfpGzpE3/ru9B0doaN0jL6n4/QDnaCTdIpO0xn6kc7ST3SOPEGIoQhlqMIgjAmzhbFh9jBHeFWYM7w6zBVeE0bCa8O48Lowd3h9mCfMG+YL84fxYYGwYKhDE9qQwjAsFBYOo+ENYZHwxrBoiGGxsHjowhJhQnhzWDK8JSwV3hqWDm8Ly4S3h2XDcuGj91cI7wgrhneGlcK7wsrh3WGVsGpYLawe3hPWCO8Na4b3hbXC+8NS4QNhnfDBsG74UFgvfDisHz4SNggfDRuGj4WNwsZhk7Bp2Cx8PGwePhG2CFuGrcInw9bhU2Gb8OkwMXwmbBs++/P8Awv+eD4p7BH2DF8OXw69v0/Ojc6LpkU/iM6PLoimRz+MLox+FM2ILoouji6JLo0uiy6ProiujK6Kro6uia6Nrouuj26Iel89Gzh0wkmnXOBiXDYX67K7HO4ql9Nd7XK5a1zEXevi3HUut7ve5XF5XT6X38W7Aq6g084468iFrpAr7KLuBlfE3eiKuptcMVfcOVfCJbimrplr5pq7J1wL19K1ck+6J91T7in3tHvaPePaumddO/c319495zq4593z7gXXyXV2XdyLrqsbl+vCezLJ9XQ9XS/Xy/VxfVw/18/1d/3dADfAJbtkN8gNcoPdYDfEDXFD3VA33A13I9wIN8qNcmPcGJfiUtx4N95NcBPcRDfRTXaTXapLddPcNDfdTXcVZ1w4ymw32811c12aS3Pz3flzxnS30C10GS7DLXaL3VK31C13y91Kt9KtdqvdWrfWrXfr3Ua30W12m91Wt9Vtd9vdDrfD7fTXXFjU7XF73V63z+1z+92XLtN95Q64r91B94075L51h9137og76o65791x94M74U66U+60O+N+dGfdT+6c8y4lMi4yPvJ2ZELkncjEyKTI5MiUSGpkamRa5N3I9MiMyMzIe5FZkfcjsyNzInMj8yJpkQ8i8yMLIumRDyMLIx9FMiKLIosjSyJLI8si3hfYHPpCvrCP+ht8EX+jL+pv8sV8ce98CZ/gb/Yl/S2+lL/Vl/a3+TL+dl/Wl/Pl/WO+kW/sm/imvpl/3Df3T/gWvqVv5Z/0rf1Tvo1/2if6Z3xb/6xv5//m2/vnfAf/vO/oX/CdfGffxb/ou/qXfDff3Sf5Hr6nf9n38r19H9/X9/Ov+P7+VT/Av+aT/UA/yL/uB/s3/BD/ph/qh/nhMW/5EZcukWGsT/Hj/Hj/tp/g3/ET/SQ/2U/xqX6qn+bf9dP9DD/Tv+dn+ff9bD/Hz/XzfJr/wM/3C3y6/9Av9B/5DL/o0k1lv9yv8Cv9Kr/ar/Fr/Tq/3m/wG/0mv9lv8Vv9Nr/df+x3+E/8Tr/L7/af+j3+M7/Xf+73+S/8fv+lz/Rf+QP+a3/Qf+MP+W/9Yf+dP+KP+mP+e3/c/+BP+JP+lD/tz/gf/Vn/kz/H/2eNMcYYY+xPGXd5KH49c+F2fo/fyRG/2LknAFy9JX/mL+fPn1GuzXNh3FvEt44AwDPdOz58aatSJSkp6eK+GRKCwnMALv1N0HkxcDleBK3gKUiEllDyd+vvLTqfoX+wfvQ2gBy/yImFy/Hl9T8HwKTfWf/xJ4fPLxOeivsf1p8DULTw5ZzscDleBK1+vr/SEkr9Qf15m/+y/tjfrp/9ixSAFr/IyQmX48v1J8AT8Cwk/mpPxhhjjDHGGGPsgt6ifPtL15+X/sXn712fx6vLOdngcvyPrs8ZY4wxxhhjjDF25T3XucvTjycmtmz/zw8q/a+y/vSgIfxfrcyD3x14D3DpJwoA/sUFAc4P5L/zUWz6txwr+eJb5++nlp72AfxntPKvGFzhDybGGGOMMcbYX+7ySf+vf66uVEGMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxlgW9O/4dWJX+jEyxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjV9r/CwAA///UxgMC") mount(0x0, &(0x7f0000000640)='./file0/../file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0) 4m14.576455803s ago: executing program 3 (id=1707): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$MAP_CREATE_TAIL_CALL(0x9, &(0x7f0000000380)=ANY=[@ANYBLOB="030000000100000004"], 0xc) 4m13.926418036s ago: executing program 3 (id=1719): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x9, 0x0, &(0x7f0000000200)) 4m13.549334933s ago: executing program 32 (id=1719): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x9, 0x0, &(0x7f0000000200)) 3.805881125s ago: executing program 1 (id=4892): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r0) sendmsg$IEEE802154_LLSEC_LIST_DEV(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r1, 0x701}, 0x14}}, 0x0) 3.489045081s ago: executing program 1 (id=4897): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000201b4510fc0428155d6d01020301090212000100000000090401"], 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) 2.967759841s ago: executing program 2 (id=4904): syz_mount_image$hfsplus(&(0x7f00000001c0), &(0x7f0000000400)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4040, &(0x7f0000000080)={[{@part={'part', 0x3d, 0x9}}, {@barrier}, {@nls={'nls', 0x3d, 'cp855'}}, {@nobarrier}, {@barrier}, {@umask={'umask', 0x3d, 0x3}}]}, 0x20, 0x6fe, &(0x7f0000000c00)="$eJzs3U9oXHkdAPDvm5lMMl3IztZ2t4rQsMWiW22TDIsVBKuI5LBowcteY5tuQydpSbKSFrGz6qo3PUkPe1iReNiTeBBWPIj1JgiC994LHrwVD468N+9NZvJ3Js0ksfv5wJv3e+/9/nx/33nz5k9aXgCfWHNvx1grkpi79NZ6uv1ko9F8stFYKsoRMR4RpYhKZxXJckTyOOJadJb4dLoz7y7ZbZw3n378wcVHHzU6W5V8yeqX9mq3qb3HCK18iamIKOfrIVV26+/GDv09HKrrpBt3mrALReLguLW3aQ3TfIDXLXDSPYwoj+2wvx5xKiIm8s8BkV8dSkcc3qEb6ioHAAAAJ1N5vwovP4tnsR6TRxMOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvBiSzj0Dk3wpFeWpSPL7/38nr5apVo833H18cZ/j7986okAAAAAAAAAA4PCNbRbPP4tnsR6TxXY7yf7m/3q2cSZ7fCnejdVYiJW4HOsxH2uxFisxEzE22dNndX1+bW1lZnvLX0Xast1uP8xbzkZEfVvL2RHPGQAAAAAAAABebD+KuZg87iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBXElHurLLlTFGuR6kSERMRUU3rtSL+VJRPgvoB2/35kOMAAACAE6iWryeT/3YK7ST7zv9q9r1/It6N5ViLxViLZizEzey3gM63/tI/Wo3mk43GUrps7/jr/8p6aw8YR9ZjRJTjvV1Gns5qnO22mItvxXfjUkzF9ViJxfh+zMdaLMRU1NJJxHwkUa91fr2oF3H2x1vOu7rWF8r1rbGd37J9LoukFrdiMYvtctyoFr2VshpJnOsZ7Q/ViC0Zei/NTvK13IA5utnzfP0y/10m1355wD5Go57NfKybkek093k2Xtk594XOeXLgkWai1P0N6szmKOnm1pGKnH9vmJyfytdprn/an/PDNuRPaVszMRul/OyLeLU/5/c+9+h0f+Mv/PMv12+Xlu/cvrV6aYRTOiSVHfeOFYWtmWj0ZOK1vc++PBPNNBOtwTMxtnXHxMBzGalqno3OhW2wq+U3s9J8vN5zCt5dTh+/HNMxE1djOr4Ss9HoO8PO9uW10ljqz0n2Wittv77V9gj+wud7Kv1sn8qjsPt4aV5e6clr75Wunh3L91z7RUz3ZOn03mffQd4FKp/JC+kYP+6+45wEfZnIr81FdMUb1C6Z+HX2OWG1uXxn5fb8vQHHu5iv05ft+/3X5t8892SeS3q+nO5euLKc1IrzJT32qW60/fmq5n9x6bQrbTt2tnusHpOxGN+Ou3EzFnZ4pVbzz3Dbe+oce23HY43s2LmeY32fcuJuNLNPIVtMHU1WARjYqTdOVWtPa3+vfVj7Se127a2Jb4xfHf9sNcb+Wvlj+Xel35a+mrwRH8YPY/K4IwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBfB6v0Hd+abzYWVERaqBxwrSvvW2XhpsA6jHrH3WEleqI46G0MXfp7fr/Dwev73xJ7ZqMWIpvP7vWdRfe4hkkhaI35S0mfiUDosbpyW7WmX9231tysRnT2VaLfbD7uHtj6VlVid2O0ZHN+sHPU7883/tPvq1KLnJQO84K6sLd27snr/wZcWl+bfWXhnYXn2anF73FuLzYXpK9njMQcJjMTq/Qfl444BAAAAAAAAAAAAGE7+r//XVkppIRn+f+lU9qlTXVndeeTzRz1VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/U3Nsx1ookZqYvT6fbTzYazXQpyps1KxFRiojkBxHJ44hr0Vmi3tNdsts4bz79+IOLjz5qbPZVKeqX9mo3mFa+xFRElPP1/sZ36GZ7fzd6+msdKLykO8M0YReKxMFx+18AAAD//yBC8a4=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 2.568586269s ago: executing program 2 (id=4907): syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$bpf(0x0, 0x0, 0x0, 0x1800040, &(0x7f0000000100)=ANY=[@ANYBLOB='mode=0']) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, &(0x7f0000000100)) 2.292293595s ago: executing program 2 (id=4911): bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x10, 0x4, 0x8, 0x8}, 0x50) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') read$qrtrtun(r0, &(0x7f00000004c0)=""/57, 0x39) 2.04547888s ago: executing program 2 (id=4915): syz_usb_connect(0x0, 0x24, &(0x7f0000000380)=ANY=[@ANYBLOB="120100004b41460860163209ea800102030109021e0001000000000904"], 0x0) r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000040)={&(0x7f0000000100)=[{0x16, 0x6011, 0x50, &(0x7f00000003c0)="6c700f09c4a8dda313e869e36e3fd54f3cb2cad2bf6ac366b5321c692d803a6a6a2146f27eef7a1737e3baacb187b197c9cf3bfc25d881485c3de308000000e15fb3d47f4e2322662d7c8cf38fb532b2"}], 0x1}) 1.852376824s ago: executing program 4 (id=4918): capset(&(0x7f0000000380)={0x19980330}, &(0x7f0000000040)={0x200000, 0x200003, 0x3, 0x0, 0x7, 0x80}) r0 = socket(0x10, 0x80002, 0x4) sendmsg$nl_route_sched(r0, &(0x7f0000002980)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000029c0)=@newtaction={0x80, 0x13, 0x53b, 0x0, 0x0, {}, [{0x6c, 0x1, [@m_sample={0x68, 0x8, 0x0, 0x0, {{0xb}, {0x3c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xfffffffd}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x1000010}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x3}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x181fbfb9}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0xfffffffa, 0xd, 0x4, 0x6, 0x4}}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0x80}}, 0x20094) 1.51011388s ago: executing program 4 (id=4923): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f0000000100), 0x1004800, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 1.449092762s ago: executing program 5 (id=4924): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)={0x6c, r1, 0x1, 0x170bd2b, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x10}, 0xf8}}, {0x20, 0x2, @in6={0xa, 0x0, 0x5, @mcast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 1.442133822s ago: executing program 1 (id=4925): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x20, 0x4, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0x8}, {0x6}]}, 0x10) sendmmsg(r0, &(0x7f0000009d80)=[{{0x0, 0x0, &(0x7f0000002500)=[{&(0x7f00000000c0)="ec34a921", 0x4}], 0x1}}], 0x1, 0x40840) 1.400075882s ago: executing program 0 (id=4926): r0 = gettid() clock_nanosleep(0xb, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f0000000040)) rt_sigqueueinfo(r0, 0x21, &(0x7f0000002d00)={0x0, 0x0, 0xffffffff}) 1.280053735s ago: executing program 4 (id=4927): r0 = fsopen(&(0x7f0000000000)='cgroup\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000340)='name', &(0x7f00000000c0)='ccnA\xf6gro_p\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 1.175025957s ago: executing program 1 (id=4928): r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000200)='asymmetric\x00', &(0x7f00000002c0)=@chain={'key_or_keyring:', r0}) 1.139350858s ago: executing program 0 (id=4929): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c) setsockopt$inet6_buf(r0, 0x29, 0x32, &(0x7f0000000500)="33123ea9a09169b1d8428949460f6eac4177f87d", 0x14) 1.056904339s ago: executing program 5 (id=4930): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a3000000000e4000000160a01000000000000000000010000010900010073797a30000000000900020073797a3000000000b80003800800014000000000a400038014000100776c616e3000000000000000000000001400010076657468305f746f5f62617461647600120001006d6163766c616e3100000000000000001400010067656e657665310000000000000000000a0001006772653000000000000000000000000014000100776c616e3100000000000000000000001400010076657468315f766972745f77696669001400010076657468305f746f5f626f6e64000000080002400000000604020000180a0101000b000000000000010000000900010073797a3000000000e800038008"], 0x330}}, 0x0) r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000002c0)={0x9, @pix={0x0, 0x0, 0x33565348, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}) 975.986211ms ago: executing program 4 (id=4931): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000009e0000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={r1, 0x58, &(0x7f0000001040)}, 0x10) 974.377231ms ago: executing program 1 (id=4932): r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000006c0)={0x2c, 0x12, 0x1, 0x0, 0x0, "", [@nested={0x10, 0x0, 0x0, 0x0, [@typed={0xc, 0x135, 0x0, 0x0, @u64}]}, @nested={0xc, 0x2e, 0x0, 0x1, [@typed={0x8, 0x26, 0x0, 0x0, @pid}]}]}, 0x2c}], 0x1}, 0x0) 918.778622ms ago: executing program 0 (id=4933): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f00)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x2c}}, 0x0) 803.510704ms ago: executing program 5 (id=4934): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) move_pages(0x0, 0x1, &(0x7f0000002600)=[&(0x7f0000ffc000/0x1000)=nil], 0x0, &(0x7f0000000000), 0x0) 777.970915ms ago: executing program 4 (id=4935): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0x1c}, @NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0x50}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0) 654.721247ms ago: executing program 0 (id=4936): syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xebd, &(0x7f0000004540)="$eJzs3U9sHNUZAPA3a6/txCZeAwUDJaTQikDBDkmkprcgUI+IS++gkNAIQ1FDD0T8MT0gKiGKhDhVHKi4UCqlSK0EqlShntqeWvXWE+qFSlUqBfVSpMRV7PfWu8+e7npsz9q7v5/07ds3b3a+b7yRMzOefRuAkdVYfTx5cr4I4d1P33n05aeK315fdld7jSOrj0XstUIIzY5+kW3v87jg6pWXzmzWFuH46mPqh8cut187HUJYDkfCZ6EVPlpc+vLD9x45+vHrU7e8dfGZV3Zp99vy/QAAgGF06c9Lf7/vn396YO6rS4dPh8n28nR83or96XjcfyweKKfj5Ubo7hcd0WkiW28sRiNbbyxbbzzLM16Sr5ltp1my3kSPfGMdyzbbTwAAANiP0nltKxSNha5+o7GwsHbef93nsxPFwnPnl85dGFChAAAAQGX/eXX1plshhBBCCCGEEEIMcazMDvoKBAAAADBq8vnCNlje2Zm62ltr9Zf/8sONzV8PO6Duf//y76/8H7zmNw4AANUN69Fk2q90HJ3mMcjnERzLXrfV4/9Gtp3xLdZZNq/gfplvsKzO/Oe6V5XVv9X3cVDK6s/nw9yryurP5+ncq8rqn6y5jqrK6p+quY6qyuo/UHMdVZXVf7DmOqoqq3+65jqqKqt/puY6qiqr/4aa66iqrP5DNddRVVn9++W22rL6WzXXUVVZ/XM111FVWf031lxHVWX131RzHVWV1X9zzXUMyp2xTT+Hw9l45/lzfk63X87xAAAAYNT91/x/QgghhBBCCCHE0Merg74AAQAAAAxc+lxA+tT7SpTGx3qMj/cYb/YYn+gxPtljHAAAAAjhd2+cu+3tYv1z/tudDy/NG5XmX9rqPEb5fIRbzb/dec+2m3+/zFsGAADAaCm+99m1+x99/4W5ry4dPt1x9nstnu+meUDH47WBT2I/3Rcwk/WLdA59ujtPo2S9/PrADWXbe3ybOwoAAAAjLJ2/t0LRWOg4726FRmNhYf18fD40i3Pnl84ei/30/Sx/nG1OXl/+UM11AwAAAP1bP9/f/Pw/fY/vfJgoFp47v3Tuwlp/pr282ei8LjC7vrzovC7QypYfL1l+IvbT93f+YPbA6vKFMz9cemqndx4AAABGxIUXLz7z5NLS2R954oknnrSfDPo3EwAAsNO++OKd5o9PzPx+7fP/6/Pfpc//H4n9Vpzb7y9xhXSfQPocwIbP6z/RnWe2bL3nu9drZeuNxZjM6p7q2E7omG8wvW6uLF+rezsTJfmms3wzWb58noLxbP2U71C2PJ+fMK03my3P52Ecz3IUWf67AwAAAJRbfOHZ5xcvvHjxwfPPPvn02afPPnfi+Knvnjp17KHvPLS4el//Yufd/QAAAMB+tH7T76ArAQAAAAAAAAAAAAAAAAAAgNFVx9eJDXofAQAAYNT9+9UQwrIQoiTWvgJz8HUIIYQQQvSOsT1QgxBiz8bKSv5N8wAAAAC76+qVl850thssFzuar7211lpzLeZN7cyDf5u7Hmm1yw93Xy85uKPVMOrq/vcv//7K/8FrO5t/Kj3p+/dfo3sDp6vlvXfxl/Od+W8f7zN/vv+PV8t/NMt/b+gv/8r7Wf4nquW/L8t/sM/8G/b/+Wr574/552P/6D395u9+/ydjm/bjQJ/5v53t/1Oh3/zZ/rf6TJh5IOYHgFHUGHQBuyQdJaTj6OnYT/sbDzdDfvfDVo//G9l2xrddefd203HQrbGfjpdmsrzJVuufzrZ3Q8U6c/vlrpKy+nfqfdxtZfU3a66jqrL6J2quo6qy+idrrqOqsvqnaq6jqrL6+z0PHbSy+vfLdeWy+qdrrqOqsvpnaq6jqrL6t/r/+KCU1X+o5jqqKqt/tuY6qiqrv+JltdqV1T9Xcx1VldV/Y811VFVW/00111FVWf0311zHoNwR27Lz4XT+ORvHUr+V9Sc3+VkO67UFAAAA2G/+Zf4/IYQQQgghhBBi6GNlZdBXIBik3f00MwB7ld//o837P9q8/6PN+8//k+7hL7J+MtZjfLzHeLPH+EQ2nv97newxflO23ZUojd/cY/xrPcYP9Ri/tcf4fI/x23qM395j/I4e4wAAAIyGW2Lr/BAAAACG18u/+uTN39z7xJW5ry4dPh0mNsw7fyz2J+Pf1t+I/Xze+6QZ/+b/k9j/RWz/ENt/ZOu7/wQAAAB2X/qeGH//BwAAgOGVvqfU+T8AAAAMr7nYOv8HAACA4XVjbJ3/AwAAwBArpjZfHNt0XeDu2PY7rx8AsPd9PbZ3xvZwbO+K7Tdim44D7ontN2uqDwDYOT///k9PvV2sz/d/Ihu/GpendoPltSsFRaN7Jv8DsT0Y22/1WU/+fQD95k8O9Zlnt/LPbjM/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8GquPJ0/OFyG8++k7j/5s4s2/Xl92V3uNI6uPRey1QgjN9uvS6Hr/13HFq1deOtPZXottEY6HIhTt5eGxy+1M0yGE5XAkfBZa4aPFpS8/fO+Rox+/PnXLWxefeWUXfwRd+wcAAADD6H8BAAD//8WNHkw=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0186e87, &(0x7f0000000080)={@id={0x20000000, 0x0, @auto="660000002800a73e1baeff79da3b89f5"}}) 610.974718ms ago: executing program 1 (id=4937): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='smaps\x00') exit(0x9) read$FUSE(r0, &(0x7f0000000380)={0x2020}, 0x2020) 590.981689ms ago: executing program 5 (id=4938): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) write$UHID_INPUT(r0, 0x0, 0x0) 465.073661ms ago: executing program 4 (id=4939): syz_mount_image$reiserfs(&(0x7f0000001100), &(0x7f0000000040)='./bus\x00', 0xc2, &(0x7f0000000900)={[{@acl}, {@usrjquota_file, 0x4}, {@acl}, {@balloc_hashed_reloc}, {@usrjquota, 0x3d}]}, 0x2, 0x1115, &(0x7f0000002280)="$eJzs2D9rFEEYB+Df7B0Yq5NNvwhaWEhIODurFBGutbaRkMpUuSoiiN/FjyOp7EM+gEXAUhjZTdYTCUS5CxJ4Hpjd4Z13/pXvBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK687D/bTdKOkSZJSbrubHGRpBvjj75MmpS8PlosD07mr5ZJJkN66Vs/q5+Wdu/JVjtv5+1e+2J7/2m7PH3/7u3x8dHJ9TIlXc4vN3+Rcn2eG22VzW8IAAAA90Rd2+zPJadj528q7vX3BwAAAG6z8QcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH9UZ6t+m+RHrTVNkpJ03dniIkn3Pw8IAAAArK2kyZvZTfEMzwArz/N1Vob42L6XPmc3n4f5D1aph00e3v3RAQAA4B6Z3ppRfqvHn2WaWuvHcexxptnZuer3v37g234yOT3I7q+a/NPwPb/8cDi2Uid3dB8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Cc7cEACAAAAIOj/63YECgAAAAAAAAAAAAAAAAAAAAAAAHwUAAD//wAQ3aw=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000180)={{}, {0x1, 0x1}, [{0x2, 0x3}], {}, [], {0x10, 0x6}, {0x20, 0x5}}, 0x2c, 0x1) 330.020353ms ago: executing program 0 (id=4940): syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000280)='./file1\x00', 0x808010, &(0x7f0000000640)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES32], 0x1, 0x2b2, &(0x7f0000001380)="$eJzs3NFLU28cx/Hvz6mbE91+EEFB9aVu6uag6w+oEQrRoDAn1UVwzLMaO21yzlgsIncT3fZ3SJfdBdU/4E100313EgTdeBGd8Jwd3XTa1M2t+X6BnO/xeT4+jzrlewSf9XtvnhZyrpEzyzIUUxkSqcmGSHKzqvuvfh3y61FpVJMr4z+/nrt7/8GtdCYzM6c6m56/mlLVyQsfnr14e/FTeXzh3eT7qKwlH67/SH1bO712Zv33/JO8q3lXi6WymrpYKpXNRdvSpbxbMFTv2JbpWpovupbTNJ6zS8vLVTWLSxPxZcdyXTWLVS1YVS2XtOxU1Xxs5otqGIZOxOVkG25jTnZ1bs5M7znsRTq6I3RetPl2rNUcx0nXWg9mV7u1LwAA0L/27/+DXn/v/j+zEFw73P+L0P93Sa3p7i/9PwaC46TNeP3ntxn9PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t4npcIr+FbVERiIhLe93qf6I5Dfv+v9Wi76LCGf9yLidivK9lKNrgG4+mc5MUWS6YkIb/810NdUM/ezMxMqW+k/iE38yuVbMQ/m8DPh5Kt8uf/nw7yKh83c5V6fkTijeunJCGnWq+f2s6HxyGsVLKjcvlSQ96QhHx+JCWxZcl/XW/nX06r3rid2bH+mD8PAAAAAIBBYOiWZPPzb3D2o+FPiMnu8SB/gL8P7Hi+Hpaz7RxRCQAAAAAAjsytPi+Ytm05hyiiInKE+KAWEemLbeworotIH2zjuIqYiATv0cPEv2/F20p5bcwZFpGef1kOUPT6NxMAAACATttu+g8Q+vKqizsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODkafc8sHD+rqFwYJ94w3KRY/8EAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD7yJwAA//+j7Rqj") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x40) ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000040)) 301.887394ms ago: executing program 5 (id=4941): r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c40)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000200000002000000005000000030000000100000f040000000a0000000000010004000000000000040000000000000061"], &(0x7f0000000f80)=""/4115, 0x3d, 0x1013, 0x1}, 0x28) 273.772575ms ago: executing program 2 (id=4942): r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_buf(r0, 0x0, 0x4, &(0x7f0000000200)="440910bc996c301c8183070400", 0xd) sendto$inet(r0, 0x0, 0x0, 0x20000090, &(0x7f00000000c0)={0x2, 0x4e22, @empty}, 0x10) 39.895179ms ago: executing program 2 (id=4943): mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x6c033, 0xffffffffffffffff, 0x797c6000) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000c, 0x204031, 0xffffffffffffffff, 0xffffd000) mmap(&(0x7f000004e000/0xc00000)=nil, 0xc00000, 0x1000004, 0x132, 0x0, 0xffffd000) 31.93296ms ago: executing program 5 (id=4944): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='nv\x00', 0x3) getsockopt$inet_tcp_buf(r0, 0x6, 0x1a, 0x0, &(0x7f0000000100)) 0s ago: executing program 0 (id=4945): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'comedi_parport\x00', [0x4f27, 0x2, 0x10000, 0x4, 0x3, 0xcc4, 0x4, 0x8000a, 0xe, 0x6, 0x6, 0x0, 0x1, 0x10000, 0x6, 0x10000105, 0x0, 0x1a44d, 0x3, 0x3fff7fff, 0x89, 0x10, 0xc1b, 0x20001e59, 0x1, 0xe69, 0x3c, 0x3, 0x6, 0x0, 0xfffffff8]}) kernel console output (not intermixed with test programs): SerialNumber: syz [ 341.514683][T10708] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 341.531741][ T4925] usb 1-1: Using ep0 maxpacket: 32 [ 341.539554][ T4925] usb 1-1: config 0 has an invalid interface number: 67 but max is 0 [ 341.557094][ T4308] usb 6-1: config 0 descriptor?? [ 341.562779][ T4925] usb 1-1: config 0 has no interface number 0 [ 341.571510][ T4308] usb-storage 6-1:0.102: USB Mass Storage device detected [ 341.597174][ T4925] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 341.610280][ T4925] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 341.620227][ T4308] usb-storage 6-1:0.102: Quirks match for vid 04b3 pid 4001: 2000 [ 341.628932][ T4308] usb-storage 6-1:0.102: This device (04b3,4001,0110 S a4 P 01) has an unneeded Protocol entry in unusual_devs.h (kernel syzkaller) [ 341.628932][ T4308] Please send a copy of this message to and [ 341.655186][ T4925] usb 1-1: Product: syz [ 341.668701][ T4925] usb 1-1: Manufacturer: syz [ 341.673956][ T4925] usb 1-1: SerialNumber: syz [ 341.682581][ T4925] usb 1-1: config 0 descriptor?? [ 341.700824][ T4925] smsc95xx v2.0.0 [ 341.704853][ T4925] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 341.722061][ T4925] smsc95xx: probe of 1-1:0.67 failed with error -22 [ 341.737341][T10708] usb 3-1: Using ep0 maxpacket: 16 [ 341.747643][T10708] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 341.796201][T10708] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 341.826251][ T4308] usb 6-1: USB disconnect, device number 9 [ 341.835852][T10708] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 341.847811][T10708] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 341.856937][T10708] usb 3-1: Product: syz [ 341.862267][T10708] usb 3-1: Manufacturer: syz [ 341.867370][T10708] usb 3-1: SerialNumber: syz [ 342.129390][T10708] usb 3-1: cannot find UAC_HEADER [ 342.167969][T10708] snd-usb-audio: probe of 3-1:1.0 failed with error -22 [ 342.195647][T10708] usb 3-1: USB disconnect, device number 12 [ 342.432510][ T4925] usb 1-1: USB disconnect, device number 13 [ 342.485960][ T4394] udevd[4394]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 342.790032][T11635] netlink: 156 bytes leftover after parsing attributes in process `syz.1.3142'. [ 343.096333][T11644] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3148'. [ 343.418122][T11661] loop2: detected capacity change from 0 to 16 [ 343.484289][T11661] erofs: (device loop2): mounted with root inode @ nid 36. [ 343.560919][ T4271] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 343.581303][T11661] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 343.628314][ T26] kauditd_printk_skb: 9 callbacks suppressed [ 343.628329][ T26] audit: type=1800 audit(1757445202.114:1625): pid=11661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3156" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 343.865297][T11671] syz.0.3161 (11671): /proc/11669/oom_adj is deprecated, please use /proc/11669/oom_score_adj instead. [ 344.450058][T11657] loop4: detected capacity change from 0 to 32768 [ 344.500364][T11657] [ 344.500364][T11657] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 344.500364][T11657] [ 344.572045][T11657] jfs_lookup: dtSearch returned -5 [ 344.742521][ T4274] [ 344.742521][ T4274] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 344.742521][ T4274] [ 344.759671][T11701] loop2: detected capacity change from 0 to 1024 [ 344.794159][ T4274] [ 344.794159][ T4274] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 344.794159][ T4274] [ 345.081955][ T4271] Bluetooth: hci2: command 0x0406 tx timeout [ 345.466934][T11719] ieee802154 phy0 wpan0: encryption failed: -22 [ 345.750949][T11729] loop2: detected capacity change from 0 to 64 [ 345.845676][T11731] loop4: detected capacity change from 0 to 256 [ 345.913675][T11731] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d) [ 346.168460][T11737] netlink: 'syz.2.3189': attribute type 3 has an invalid length. [ 346.281465][T11739] loop0: detected capacity change from 0 to 4096 [ 346.408295][T11696] loop5: detected capacity change from 0 to 40427 [ 346.445905][T11696] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 346.472792][T11696] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 346.531815][ T4925] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 346.585086][T11696] F2FS-fs (loop5): Found nat_bits in checkpoint [ 346.676394][T11751] loop4: detected capacity change from 0 to 512 [ 346.728776][T11754] loop2: detected capacity change from 0 to 1024 [ 346.738091][T11751] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 346.753751][ T4925] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 346.774845][T11696] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 346.799258][T11696] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 346.800351][ T4925] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 346.819189][T11751] EXT4-fs (loop4): orphan cleanup on readonly fs [ 346.880804][T11753] loop0: detected capacity change from 0 to 4096 [ 346.913843][T11696] fscrypt (loop5, inode 3): Error -61 getting encryption context [ 346.945584][T11753] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 346.960615][T11751] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.3195: bg 0: block 248: padding at end of block bitmap is not set [ 346.979694][ T4925] usb 2-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 347.051893][ T4925] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 347.069297][T11751] Quota error (device loop4): write_blk: dquota write failed [ 347.091872][T11751] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 347.094159][ T4925] usb 2-1: config 0 descriptor?? [ 347.154538][T11753] ntfs: volume version 3.1. [ 347.162597][T11751] EXT4-fs error (device loop4): ext4_acquire_dquot:6816: comm syz.4.3195: Failed to acquire dquot type 1 [ 347.242300][T11751] EXT4-fs (loop4): 1 truncate cleaned up [ 347.270903][T11751] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 347.344189][T11758] netlink: 188 bytes leftover after parsing attributes in process `syz.5.3197'. [ 347.531281][ T4274] EXT4-fs (loop4): unmounting filesystem. [ 347.568115][ T4925] Bluetooth: Can't get version to change to load ram patch err [ 347.584017][ T4925] Bluetooth: Loading patch file failed [ 347.589631][ T4925] ath3k: probe of 2-1:0.0 failed with error -71 [ 347.691037][ T4925] usb 2-1: USB disconnect, device number 12 [ 347.795288][T11768] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3200'. [ 348.256992][T11784] (unnamed net_device) (uninitialized): option ad_select: invalid value (105) [ 348.322802][T11780] loop2: detected capacity change from 0 to 4096 [ 348.391917][T11780] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 348.480271][T11780] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 348.536216][T11780] ntfs3: loop2: Failed to load $Extend. [ 348.864845][T11804] loop4: detected capacity change from 0 to 64 [ 348.991238][T11804] Trying to free block not in datazone [ 349.041747][T11804] Trying to free block not in datazone [ 349.047422][T11804] Trying to free block not in datazone [ 349.105293][T11804] Trying to free block not in datazone [ 349.110839][T11804] minix_free_block (loop4:6): bit already cleared [ 349.148331][T11804] Trying to free block not in datazone [ 349.168608][T11804] Trying to free block not in datazone [ 349.755355][T11828] loop5: detected capacity change from 0 to 4096 [ 349.770246][T11834] SET target dimension over the limit! [ 349.830890][T11828] ntfs: (device loop5): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 349.888751][T11828] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 349.908535][T11832] loop4: detected capacity change from 0 to 4096 [ 349.955530][T11832] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing. [ 349.961112][T11837] loop0: detected capacity change from 0 to 512 [ 349.975653][T11828] ntfs: (device loop5): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 350.003259][T11828] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 350.029876][T11828] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 350.041497][T11832] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 350.053912][T11837] EXT4-fs (loop0): Test dummy encryption mode enabled [ 350.085707][T11832] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 350.120588][T11837] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13 [ 350.135511][T11842] netlink: 'syz.2.3237': attribute type 10 has an invalid length. [ 350.143828][T11828] ntfs: volume version 3.1. [ 350.149812][T11837] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.3235: attempt to clear invalid blocks 2 len 1 [ 350.163835][T11832] ntfs: volume version 3.1. [ 350.185248][T11828] ntfs: (device loop5): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 350.232573][T11837] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 350.239062][T11842] team0: Device veth1_macvtap failed to register rx_handler [ 350.259585][T11832] ntfs: (device loop4): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -28). [ 350.317037][T11837] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.3235: invalid indirect mapped block 1819239214 (level 0) [ 350.403087][T11837] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.3235: invalid indirect mapped block 1819239214 (level 1) [ 350.506147][T11837] EXT4-fs (loop0): 1 truncate cleaned up [ 350.572580][T11837] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 350.614422][T11837] EXT4-fs (loop0): unmounting filesystem. [ 351.167761][T11867] loop0: detected capacity change from 0 to 164 [ 351.194893][T11870] loop1: detected capacity change from 0 to 256 [ 351.273246][T11870] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 351.481132][T11876] loop4: detected capacity change from 0 to 1024 [ 351.859126][T11887] program syz.4.3259 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 351.958549][T11887] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 352.531061][T10708] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 352.741725][T10708] usb 3-1: Using ep0 maxpacket: 32 [ 352.749772][T10708] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 352.801148][T10708] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 352.836787][T10708] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=4a.83 [ 352.885887][T10708] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 352.923798][T10708] usb 3-1: Product: syz [ 352.938418][T10708] usb 3-1: Manufacturer: syz [ 352.967068][T10708] usb 3-1: SerialNumber: syz [ 352.993618][T10708] usb 3-1: config 0 descriptor?? [ 353.228304][T10708] snd-usb-6fire 3-1:0.0: unknown device firmware state received from device: [ 353.267010][T10708] ea af d9 87 ad fc c9 53 [ 353.282844][T10708] snd-usb-6fire: probe of 3-1:0.0 failed with error -5 [ 353.362747][T11944] loop1: detected capacity change from 0 to 512 [ 353.389314][T11944] EXT4-fs (loop1): Test dummy encryption mode enabled [ 353.432637][T11944] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13 [ 353.463054][ T126] usb 3-1: USB disconnect, device number 13 [ 353.481856][T11944] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.3286: attempt to clear invalid blocks 2 len 1 [ 353.575826][T11944] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 353.612077][T11944] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.3286: invalid indirect mapped block 1819239214 (level 0) [ 353.657651][T11944] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.3286: invalid indirect mapped block 1819239214 (level 1) [ 353.716945][T11944] EXT4-fs (loop1): 1 truncate cleaned up [ 353.726034][T11944] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 353.815601][T11944] EXT4-fs (loop1): unmounting filesystem. [ 354.007116][T11961] loop0: detected capacity change from 0 to 4096 [ 354.210749][T11961] ntfs3: loop0: ino=1e, "file1" attr_set_size [ 354.238637][T11961] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 354.665952][T11984] loop4: detected capacity change from 0 to 256 [ 354.961508][T11989] loop0: detected capacity change from 0 to 256 [ 355.053625][T11994] loop4: detected capacity change from 0 to 8 [ 355.064260][T11991] binder: 11990:11991 ioctl c0046209 9999999999999999 returned -22 [ 355.085165][T11989] FAT-fs (loop0): Directory bread(block 64) failed [ 355.135005][T11989] FAT-fs (loop0): Directory bread(block 65) failed [ 355.207201][T11989] FAT-fs (loop0): Directory bread(block 66) failed [ 355.222024][T11994] SQUASHFS error: Failed to read block 0x6e6: -5 [ 355.249860][T11989] FAT-fs (loop0): Directory bread(block 67) failed [ 355.257052][T11994] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 355.265574][T11989] FAT-fs (loop0): Directory bread(block 68) failed [ 355.281739][T11994] SQUASHFS error: Unable to read directory block [631:26] [ 355.294765][T11989] FAT-fs (loop0): Directory bread(block 69) failed [ 355.318558][T11989] FAT-fs (loop0): Directory bread(block 70) failed [ 355.354919][T11989] FAT-fs (loop0): Directory bread(block 71) failed [ 355.383715][T11989] FAT-fs (loop0): Directory bread(block 72) failed [ 355.390416][T11989] FAT-fs (loop0): Directory bread(block 73) failed [ 355.397321][T11996] 8021q: adding VLAN 0 to HW filter on device bond1 [ 355.483907][T11978] loop5: detected capacity change from 0 to 32768 [ 355.607975][T11978] ERROR: (device loop5): dbAlloc: unable to allocate blocks [ 355.607975][T11978] [ 355.684228][T11999] CIFS: VFS: Malformed UNC in devname [ 355.692111][T11978] ERROR: (device loop5): remounting filesystem as read-only [ 355.952692][T11980] loop1: detected capacity change from 0 to 32768 [ 356.018567][T11980] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.3299 (11980) [ 356.073385][T11980] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 356.123462][T11980] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 356.191832][T11980] BTRFS info (device loop1): using free space tree [ 356.262125][T12016] IPv6: Can't replace route, no match found [ 356.299539][T12018] loop2: detected capacity change from 0 to 1024 [ 356.421254][T12018] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 356.465362][T12029] loop4: detected capacity change from 0 to 1024 [ 356.514107][T12018] EXT4-fs error (device loop2): ext4_generic_delete_entry:2729: inode #2: block 16: comm syz.2.3314: bad entry in directory: inode out of bounds - offset=12, inode=1282, rec_len=12, size=1024 fake=1 [ 356.543626][T12018] EXT4-fs error (device loop2) in ext4_delete_entry:2800: Corrupt filesystem [ 356.626815][T11980] BTRFS info (device loop1): enabling ssd optimizations [ 356.813939][ T4264] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 356.829882][ T4268] EXT4-fs (loop2): unmounting filesystem. [ 357.220875][ T26] kauditd_printk_skb: 17 callbacks suppressed [ 357.220891][ T26] audit: type=1326 audit(1757445215.704:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12057 comm="syz.0.3327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49dc58ebe9 code=0x7ffc0000 [ 357.286200][ T26] audit: type=1326 audit(1757445215.754:1631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12057 comm="syz.0.3327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f49dc58ebe9 code=0x7ffc0000 [ 357.380331][ T26] audit: type=1326 audit(1757445215.754:1632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12057 comm="syz.0.3327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49dc58ebe9 code=0x7ffc0000 [ 357.695848][T12064] loop5: detected capacity change from 0 to 4096 [ 357.748505][T12064] ntfs: (device loop5): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 357.801484][T12064] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 357.861819][T12064] ntfs: (device loop5): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 357.921841][T12064] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 357.971738][T12064] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 358.051341][T12064] ntfs: volume version 3.1. [ 358.087383][T12064] ntfs: (device loop5): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 358.120668][T12064] ntfs: (device loop5): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 358.208105][T12080] xt_recent: Unsupported userspace flags (000000de) [ 358.482770][T12079] loop0: detected capacity change from 0 to 4096 [ 359.466173][T12118] loop0: detected capacity change from 0 to 512 [ 359.581899][T12118] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.3356: iget: bad i_size value: 38620345925642 [ 359.603137][T12090] loop1: detected capacity change from 0 to 32768 [ 359.652190][T12118] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.3356: couldn't read orphan inode 15 (err -117) [ 359.693379][T12118] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 359.799159][T12118] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.3356: bg 0: block 5: invalid block bitmap [ 359.988690][ T4275] EXT4-fs (loop0): unmounting filesystem. [ 359.994727][T10708] usb 5-1: new low-speed USB device number 10 using dummy_hcd [ 360.193795][T10708] usb 5-1: config 1 has an invalid interface descriptor of length 6, skipping [ 360.229106][T10708] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 360.260494][T10708] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 360.279849][T10708] usb 5-1: config 1 has no interface number 1 [ 360.310017][T10708] usb 5-1: string descriptor 0 read error: -22 [ 360.347415][T10708] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 360.384868][T10708] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 360.464398][T10708] usb 5-1: MIDIStreaming interface descriptor not found [ 360.561748][T10708] snd-usb-audio: probe of 5-1:1.2 failed with error -16 [ 360.622055][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 360.650836][ T126] usb 5-1: USB disconnect, device number 10 [ 360.893110][T12153] netlink: 1057 bytes leftover after parsing attributes in process `syz.5.3371'. [ 361.172174][T12161] loop5: detected capacity change from 0 to 64 [ 361.206327][T12161] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 361.236458][T12163] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3376'. [ 361.289005][T12163] A link change request failed with some changes committed already. Interface veth0_to_bond may have been left with an inconsistent configuration, please check. [ 361.299228][T12136] loop0: detected capacity change from 0 to 32768 [ 361.315889][T12161] syz.5.3375: attempt to access beyond end of device [ 361.315889][T12161] loop5: rw=0, sector=436207626, nr_sectors = 2 limit=64 [ 361.354261][T12161] buffer_io_error: 14 callbacks suppressed [ 361.354281][T12161] Buffer I/O error on dev loop5, logical block 218103813, async page read [ 361.377115][T12161] syz.5.3375: attempt to access beyond end of device [ 361.377115][T12161] loop5: rw=0, sector=436207626, nr_sectors = 2 limit=64 [ 361.434671][T12161] Buffer I/O error on dev loop5, logical block 218103813, async page read [ 363.212929][T12226] loop0: detected capacity change from 0 to 256 [ 363.324884][T12231] MTD: Attempt to mount non-MTD device "/dev/nbd4" [ 363.333690][T12226] FAT-fs (loop0): Directory bread(block 64) failed [ 363.340296][T12226] FAT-fs (loop0): Directory bread(block 65) failed [ 363.358631][ T1150] block nbd4: Attempted send on invalid socket [ 363.365103][ T1150] blk_print_req_error: 18 callbacks suppressed [ 363.365118][ T1150] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 363.404451][T12226] FAT-fs (loop0): Directory bread(block 66) failed [ 363.411159][T12226] FAT-fs (loop0): Directory bread(block 67) failed [ 363.418330][T12226] FAT-fs (loop0): Directory bread(block 68) failed [ 363.425534][T12226] FAT-fs (loop0): Directory bread(block 69) failed [ 363.432727][T12226] FAT-fs (loop0): Directory bread(block 70) failed [ 363.439407][T12226] FAT-fs (loop0): Directory bread(block 71) failed [ 363.446538][T12226] FAT-fs (loop0): Directory bread(block 72) failed [ 363.453510][T12226] FAT-fs (loop0): Directory bread(block 73) failed [ 363.488426][T12226] FAT-fs (loop0): Filesystem has been set read-only [ 363.506815][ T26] kauditd_printk_skb: 9 callbacks suppressed [ 363.506831][ T26] audit: type=1800 audit(1757445221.994:1633): pid=12226 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3407" name="cpu.stat" dev="loop0" ino=1048649 res=0 errno=0 [ 363.507644][T12226] FAT-fs (loop0): error, invalid access to FAT (entry 0x00006c61) [ 363.583833][T12233] loop1: detected capacity change from 0 to 2048 [ 363.639391][T12233] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 363.892601][ T26] audit: type=1326 audit(1757445222.384:1634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12236 comm="syz.0.3412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49dc58ebe9 code=0x7ffc0000 [ 363.978357][ T26] audit: type=1326 audit(1757445222.404:1635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12236 comm="syz.0.3412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f49dc58ebe9 code=0x7ffc0000 [ 364.108096][ T26] audit: type=1326 audit(1757445222.404:1636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12236 comm="syz.0.3412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49dc58ebe9 code=0x7ffc0000 [ 364.137779][T12244] loop0: detected capacity change from 0 to 256 [ 364.174870][T12241] loop4: detected capacity change from 0 to 4096 [ 364.200950][ T26] audit: type=1326 audit(1757445222.404:1637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12236 comm="syz.0.3412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49dc58ebe9 code=0x7ffc0000 [ 364.224528][T12224] loop2: detected capacity change from 0 to 32768 [ 364.258384][T12244] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 364.306427][T12224] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 364.306521][T12244] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d) [ 364.372723][T12241] ntfs: volume version 3.1. [ 364.410472][T12224] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 364.530860][T12241] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 364.595207][T12241] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5). [ 364.770278][T12255] loop0: detected capacity change from 0 to 1024 [ 364.782752][T12241] overlayfs: failed to resolve './bus': -2 [ 364.791141][T12255] EXT4-fs: Ignoring removed bh option [ 364.797554][T12255] EXT4-fs: inline encryption not supported [ 364.833490][T12255] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 364.847319][ T4268] ocfs2: Unmounting device (7,2) on (node local) [ 364.942558][T12255] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 2: comm syz.0.3420: lblock 2 mapped to illegal pblock 2 (length 1) [ 364.987801][T12255] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 365.010786][T12255] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 48: comm syz.0.3420: lblock 0 mapped to illegal pblock 48 (length 1) [ 365.118675][T12255] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 365.161848][T12255] EXT4-fs error (device loop0): ext4_acquire_dquot:6816: comm syz.0.3420: Failed to acquire dquot type 0 [ 365.229450][T12255] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5915: Corrupt filesystem [ 365.308366][T12255] EXT4-fs error (device loop0): ext4_evict_inode:279: inode #11: comm syz.0.3420: mark_inode_dirty error [ 365.374105][T12255] EXT4-fs warning (device loop0): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 365.394752][T12255] EXT4-fs (loop0): 1 orphan inode deleted [ 365.400652][T12255] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 365.413650][ T8108] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:8: lblock 1 mapped to illegal pblock 1 (length 1) [ 365.456450][ T8108] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 365.508411][ T8108] EXT4-fs error (device loop0): ext4_release_dquot:6852: comm kworker/u4:8: Failed to release dquot type 0 [ 365.559544][T12273] loop5: detected capacity change from 0 to 256 [ 365.617600][ T8108] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 2: comm kworker/u4:8: lblock 2 mapped to illegal pblock 2 (length 1) [ 365.669507][ T8108] EXT4-fs error (device loop0): ext4_write_dquot:6796: comm kworker/u4:8: Failed to commit dquot type 0 [ 365.693541][T12277] loop1: detected capacity change from 0 to 1024 [ 365.757228][T12273] FAT-fs (loop5): Directory bread(block 64) failed [ 365.795231][T12273] FAT-fs (loop5): Directory bread(block 65) failed [ 365.797378][ T4275] EXT4-fs (loop0): unmounting filesystem. [ 365.838737][T12273] FAT-fs (loop5): Directory bread(block 66) failed [ 365.861956][ T4275] EXT4-fs error (device loop0): __ext4_get_inode_loc:4507: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 365.910474][T12273] FAT-fs (loop5): Directory bread(block 67) failed [ 365.939503][ T4275] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5915: Corrupt filesystem [ 365.950395][T12273] FAT-fs (loop5): Directory bread(block 68) failed [ 365.975104][T12273] FAT-fs (loop5): Directory bread(block 69) failed [ 365.980225][ T4275] EXT4-fs error (device loop0): ext4_quota_off:7122: inode #3: comm syz-executor: mark_inode_dirty error [ 366.021897][T12273] FAT-fs (loop5): Directory bread(block 70) failed [ 366.028812][T12273] FAT-fs (loop5): Directory bread(block 71) failed [ 366.088921][T12273] FAT-fs (loop5): Directory bread(block 72) failed [ 366.131692][T12273] FAT-fs (loop5): Directory bread(block 73) failed [ 366.694787][T12295] loop5: detected capacity change from 0 to 1024 [ 366.874070][T12276] loop2: detected capacity change from 0 to 32768 [ 366.885729][ T8108] hfsplus: b-tree write err: -5, ino 4 [ 366.977137][T12276] ERROR: (device loop2): dbAlloc: the hint is outside the map [ 366.977137][T12276] [ 367.024058][T12304] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3444'. [ 367.051794][T12276] ialloc: diAlloc returned -5! [ 367.317571][T12315] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3450'. [ 367.365444][T12316] loop4: detected capacity change from 0 to 256 [ 367.367642][T12315] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3450'. [ 367.761129][T12330] loop0: detected capacity change from 0 to 64 [ 367.894890][T12330] hfs: inconsistency in B*Tree (1,0,1,0,3) [ 368.033630][T12336] loop2: detected capacity change from 0 to 2048 [ 368.092532][T12336] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 368.218712][T12341] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 368.343238][T12344] loop5: detected capacity change from 0 to 1024 [ 369.497694][T12387] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3484'. [ 369.789709][T12399] netlink: 'syz.2.3490': attribute type 1 has an invalid length. [ 369.855636][T12401] loop0: detected capacity change from 0 to 128 [ 369.987092][T12401] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 370.096340][T12401] syz.0.3491: attempt to access beyond end of device [ 370.096340][T12401] loop0: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 370.129819][T12401] Buffer I/O error on dev loop0, logical block 3245768, async page read [ 370.254954][ T4275] sysv_free_block: flc_count > flc_size [ 370.272781][ T4275] sysv_free_block: flc_count > flc_size [ 370.290583][ T4275] sysv_free_block: flc_count > flc_size [ 370.313694][ T4275] sysv_free_block: flc_count > flc_size [ 370.343803][ T4275] sysv_free_block: flc_count > flc_size [ 370.349534][ T4275] sysv_free_block: flc_count > flc_size [ 370.381691][ T4275] sysv_free_block: flc_count > flc_size [ 370.387505][ T4275] sysv_free_block: flc_count > flc_size [ 370.409661][ T4275] sysv_free_block: flc_count > flc_size [ 370.446414][ T4275] sysv_free_block: flc_count > flc_size [ 370.460352][T12419] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 370.470691][ T4275] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 370.744421][T12430] netlink: 'syz.4.3503': attribute type 10 has an invalid length. [ 370.803060][T12430] team0: Cannot enslave team device to itself [ 370.841845][ T126] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 371.061754][ T126] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 371.082337][ T126] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 371.120306][ T126] usb 3-1: config 0 descriptor?? [ 371.135885][ T126] cp210x 3-1:0.0: cp210x converter detected [ 371.154319][T12443] netlink: 'syz.1.3510': attribute type 2 has an invalid length. [ 371.188982][T12443] netlink: 'syz.1.3510': attribute type 8 has an invalid length. [ 371.221984][T12443] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3510'. [ 371.282141][ T4308] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 371.349391][ T126] usb 3-1: cp210x converter now attached to ttyUSB0 [ 371.473791][ T4308] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 371.494096][ T4308] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 371.535043][ T4308] usb 1-1: config 1 interface 1 has no altsetting 0 [ 371.545715][ T4308] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 371.559250][T11579] usb 3-1: USB disconnect, device number 14 [ 371.565621][ T4308] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 371.565653][ T4308] usb 1-1: Product: syz [ 371.565669][ T4308] usb 1-1: Manufacturer: syz [ 371.565685][ T4308] usb 1-1: SerialNumber: syz [ 371.607368][T11579] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 371.635794][T11579] cp210x 3-1:0.0: device disconnected [ 371.643551][T12451] xt_CT: No such helper "netbios-ns" [ 371.649931][ T4308] usb 1-1: selecting invalid altsetting 1 [ 371.692873][ T4308] usb 1-1: selecting invalid altsetting 0 [ 371.698779][ T4308] usb 1-1: selecting invalid altsetting 0 [ 371.715509][ T4308] cdc_ncm 1-1:1.0: bind() failure [ 371.749400][ T4308] usb 1-1: selecting invalid altsetting 0 [ 371.797729][ T4308] usbtest: probe of 1-1:1.1 failed with error -22 [ 371.849560][T12462] loop4: detected capacity change from 0 to 64 [ 371.890675][ T4308] usb 1-1: USB disconnect, device number 14 [ 372.242795][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 372.242811][ T26] audit: type=1326 audit(1757445230.734:1638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12470 comm="syz.2.3523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94618ebe9 code=0x7ffc0000 [ 372.382971][ T26] audit: type=1326 audit(1757445230.734:1639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12470 comm="syz.2.3523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=301 compat=0 ip=0x7fe94618ebe9 code=0x7ffc0000 [ 372.513405][ T26] audit: type=1326 audit(1757445230.734:1640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12470 comm="syz.2.3523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94618ebe9 code=0x7ffc0000 [ 372.636650][ T26] audit: type=1326 audit(1757445230.734:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12470 comm="syz.2.3523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94618ebe9 code=0x7ffc0000 [ 372.993903][T12497] program syz.4.3534 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 373.080675][T12493] 8021q: adding VLAN 0 to HW filter on device bond1 [ 373.116205][T12500] netlink: 'syz.2.3536': attribute type 2 has an invalid length. [ 373.559613][T12521] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3545'. [ 373.588709][T12521] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3545'. [ 373.794965][T12527] I/O error, dev loop4, sector 128 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2 [ 373.825384][T12527] gfs2: error 10 reading superblock [ 373.845322][T12531] loop1: detected capacity change from 0 to 64 [ 373.905529][T12526] loop2: detected capacity change from 0 to 4096 [ 374.018945][T12526] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 374.306553][T12541] loop4: detected capacity change from 0 to 1024 [ 374.659328][T12549] xt_cluster: node mask cannot exceed total number of nodes [ 374.945079][T12562] bpf: Bad value for 'mode' [ 374.973736][T12557] loop5: detected capacity change from 0 to 2048 [ 375.016089][T12557] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 375.036279][T12564] netlink: 'syz.1.3567': attribute type 1 has an invalid length. [ 375.094408][T12565] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 375.351831][ T26] audit: type=1326 audit(1757445233.834:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12568 comm="syz.4.3569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa15578ebe9 code=0x7ffc0000 [ 375.451682][ T26] audit: type=1326 audit(1757445233.834:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12568 comm="syz.4.3569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fa15578ebe9 code=0x7ffc0000 [ 375.537664][T12578] netlink: 1 bytes leftover after parsing attributes in process `syz.2.3573'. [ 375.571693][ T26] audit: type=1326 audit(1757445233.834:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12568 comm="syz.4.3569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa15578ebe9 code=0x7ffc0000 [ 375.671740][ T26] audit: type=1326 audit(1757445233.834:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12568 comm="syz.4.3569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa15578ebe9 code=0x7ffc0000 [ 376.064846][ T26] audit: type=1326 audit(1757445234.554:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12594 comm="syz.5.3580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb73d8ebe9 code=0x7ffc0000 [ 376.087507][ C1] vkms_vblank_simulate: vblank timer overrun [ 376.171725][ T26] audit: type=1326 audit(1757445234.594:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12594 comm="syz.5.3580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb73d8ebe9 code=0x7ffc0000 [ 376.808336][T12618] loop2: detected capacity change from 0 to 1024 [ 377.030412][T12590] loop1: detected capacity change from 0 to 32768 [ 377.166113][T12625] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3595'. [ 377.505245][T12637] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 377.961947][T12613] loop5: detected capacity change from 0 to 32768 [ 378.045579][T12613] ERROR: (device loop5): diNewExt: no free extents [ 378.045579][T12613] [ 378.130508][T12613] ERROR: (device loop5): remounting filesystem as read-only [ 378.158842][T12613] ialloc: diAlloc returned -5! [ 378.775025][T12673] netlink: 830 bytes leftover after parsing attributes in process `syz.1.3619'. [ 378.838840][T12676] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3620'. [ 378.853538][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.859903][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.895266][T12676] tc_dump_action: action bad kind [ 378.934626][T12674] loop5: detected capacity change from 0 to 2048 [ 378.960808][T12674] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found! [ 379.002043][T12674] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 379.137984][T12684] loop1: detected capacity change from 0 to 64 [ 379.322243][T12688] netlink: 'syz.4.3626': attribute type 1 has an invalid length. [ 379.708113][T12703] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3634'. [ 380.106588][T12718] xt_policy: input policy not valid in POSTROUTING and OUTPUT [ 381.323131][T12746] loop0: detected capacity change from 0 to 1024 [ 381.377066][T12724] loop1: detected capacity change from 0 to 32768 [ 381.427020][T12746] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 381.438284][T12724] (syz.1.3644,12724,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 381.492487][T12724] (syz.1.3644,12724,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 381.573735][T12724] JBD2: Ignoring recovery information on journal [ 381.679750][T12758] netlink: 'syz.2.3659': attribute type 10 has an invalid length. [ 381.706708][ T4275] EXT4-fs (loop0): unmounting filesystem. [ 381.744473][T12724] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 381.880751][T12758] team0: Port device macvlan0 added [ 381.962965][T12766] loop5: detected capacity change from 0 to 256 [ 382.139724][ T4264] ocfs2: Unmounting device (7,1) on (node local) [ 382.265953][T12770] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 382.325607][T12772] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3664'. [ 382.352034][T12770] overlayfs: missing 'lowerdir' [ 382.393120][T12778] loop0: detected capacity change from 0 to 1024 [ 382.403463][T12772] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3664'. [ 382.472609][T12778] hfsplus: detected inconsistent attributes file, running fsck.hfsplus is recommended. [ 382.892394][T12787] loop1: detected capacity change from 0 to 256 [ 382.947629][T12790] netlink: 'syz.0.3672': attribute type 10 has an invalid length. [ 383.000547][T12790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 383.029599][T12790] team0: Port device bond0 added [ 383.211754][ T4308] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 383.260423][T12796] xt_cgroup: path and classid specified [ 383.422300][ T4308] usb 5-1: Using ep0 maxpacket: 32 [ 383.430586][ T4308] usb 5-1: config 0 has an invalid interface number: 35 but max is 0 [ 383.475309][ T4308] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 383.511702][ T4308] usb 5-1: config 0 has no interface number 0 [ 383.545946][ T4308] usb 5-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 383.581199][ T4308] usb 5-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 383.638223][ T4308] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 383.658503][ T4308] usb 5-1: Product: syz [ 383.677237][ T4308] usb 5-1: Manufacturer: syz [ 383.690484][ T4308] usb 5-1: SerialNumber: syz [ 383.715342][ T4308] usb 5-1: config 0 descriptor?? [ 383.747106][ T4308] radio-si470x 5-1:0.35: could not find interrupt in endpoint [ 383.761749][ T4308] radio-si470x: probe of 5-1:0.35 failed with error -5 [ 383.948358][ T4308] radio-raremono 5-1:0.35: this is not Thanko's Raremono. [ 383.969301][ T4308] usbhid 5-1:0.35: couldn't find an input interrupt endpoint [ 383.987543][T12820] netlink: 88 bytes leftover after parsing attributes in process `syz.2.3687'. [ 384.181737][ T4308] usb 5-1: USB disconnect, device number 11 [ 384.238699][ T14] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 384.437736][ T14] usb 1-1: Using ep0 maxpacket: 32 [ 384.454232][ T14] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 384.483951][ T14] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 384.535880][ T14] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 384.563824][ T14] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 384.583942][ T14] usb 1-1: config 1 has no interface number 0 [ 384.618039][ T14] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 384.640334][ T14] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 384.669523][ T14] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [ 384.879060][ T14] snd_usb_pod 1-1:1.1: endpoint not available, using fallback values [ 384.898480][ T14] snd_usb_pod 1-1:1.1: invalid control EP [ 384.911030][ T14] snd_usb_pod 1-1:1.1: cannot start listening: -22 [ 384.931482][ T14] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected [ 384.958496][ T14] snd_usb_pod: probe of 1-1:1.1 failed with error -22 [ 385.109711][ T14] usb 1-1: USB disconnect, device number 15 [ 385.417349][T12868] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 385.618817][T12874] kernel read not supported for file / œ7³ÏüâW)ës“§Ç!Qöì¥fsõl{T‡rÒ)r§ÖOš˜õ2:"ôÀT+ÍŸv|Õ²DvcŽ“ØÖ Å6Òxãc: (pid: 12874 comm: syz.2.3713) [ 385.650060][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 385.650075][ T26] audit: type=1800 audit(1757445244.134:1651): pid=12874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3713" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=60466 res=0 errno=0 [ 385.895118][T12882] netlink: 'syz.0.3716': attribute type 21 has an invalid length. [ 385.926333][T12882] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3716'. [ 386.117694][T12887] libceph: resolve '4..' (ret=-3): failed [ 386.257424][T12895] loop1: detected capacity change from 0 to 256 [ 386.878951][T12919] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3735'. [ 386.910061][T12918] loop4: detected capacity change from 0 to 512 [ 387.570260][T12938] loop2: detected capacity change from 0 to 2048 [ 387.665076][T12938] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 387.697534][T12948] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3749'. [ 388.039231][T12959] wg1 speed is unknown, defaulting to 1000 [ 388.078229][T12959] wg1 speed is unknown, defaulting to 1000 [ 388.129390][T12959] wg1 speed is unknown, defaulting to 1000 [ 388.237162][T12959] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 388.264731][T12959] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 388.441958][T12959] wg1 speed is unknown, defaulting to 1000 [ 388.457728][T12959] wg1 speed is unknown, defaulting to 1000 [ 388.487300][T12975] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 388.519448][T12959] wg1 speed is unknown, defaulting to 1000 [ 388.526937][T12959] wg1 speed is unknown, defaulting to 1000 [ 388.560569][T12959] wg1 speed is unknown, defaulting to 1000 [ 388.685473][T12983] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3766'. [ 388.791769][ T14] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 388.809601][T12986] loop1: detected capacity change from 0 to 128 [ 388.876739][T12989] kAFS: unable to lookup cell '.,' [ 388.895338][T12986] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 388.930700][T12986] FAT-fs (loop1): Filesystem has been set read-only [ 389.007213][ T14] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 389.042354][ T14] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 389.096203][ T14] usb 5-1: config 0 descriptor?? [ 389.444650][T13005] loop0: detected capacity change from 0 to 1024 [ 389.458485][T13007] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3778'. [ 389.478692][T13005] EXT4-fs: Ignoring removed nomblk_io_submit option [ 389.498174][T13007] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3778'. [ 389.511717][T13005] EXT4-fs: Ignoring removed nomblk_io_submit option [ 389.528440][ T14] ath6kl: Failed to submit usb control message: -71 [ 389.535719][ T14] ath6kl: unable to send the bmi data to the device: -71 [ 389.539586][T13005] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 389.561797][T13007] netlink: 'syz.2.3778': attribute type 2 has an invalid length. [ 389.573968][ T14] ath6kl: Unable to send get target info: -71 [ 389.590183][T13005] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 389.641844][ T14] ath6kl: Failed to init ath6kl core: -71 [ 389.650730][T13005] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 389.733283][T12990] loop5: detected capacity change from 0 to 32768 [ 389.764157][T12990] (syz.5.3768,12990,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 389.809389][T12990] (syz.5.3768,12990,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 389.882220][ T14] ath6kl_usb: probe of 5-1:0.0 failed with error -71 [ 389.912066][ T14] usb 5-1: USB disconnect, device number 12 [ 389.942239][T12990] JBD2: Ignoring recovery information on journal [ 389.976587][ T4275] EXT4-fs (loop0): unmounting filesystem. [ 390.061178][T12990] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 390.327810][T13027] netlink: 176 bytes leftover after parsing attributes in process `syz.1.3785'. [ 390.412484][ T8137] ocfs2: Unmounting device (7,5) on (node local) [ 391.006225][ T4271] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 391.016310][ T4271] Bluetooth: hci3: Injecting HCI hardware error event [ 391.032421][ T4269] Bluetooth: hci3: hardware error 0x00 [ 391.149235][T13026] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 392.006570][T13084] netlink: 'syz.1.3809': attribute type 1 has an invalid length. [ 392.032458][T13087] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3811'. [ 392.044816][T13088] loop5: detected capacity change from 0 to 128 [ 392.158178][T13088] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 392.217382][T13088] ext4 filesystem being mounted at /340/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 392.400877][T13098] ERROR: device name not specified. [ 392.441330][ T8137] EXT4-fs (loop5): unmounting filesystem. [ 392.593405][T13106] loop2: detected capacity change from 0 to 1024 [ 392.680755][T13110] loop1: detected capacity change from 0 to 128 [ 392.681376][T13106] hfsplus: filesystem is marked journaled, leaving read-only. [ 392.724147][T13105] loop5: detected capacity change from 0 to 4096 [ 393.082054][ T4269] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 393.526670][T13135] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3834'. [ 394.491846][T13170] sp0: Synchronizing with TNC [ 394.551815][T13169] [U] è [ 395.165790][T13186] loop4: detected capacity change from 0 to 4096 [ 395.261882][T13193] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 395.534751][T13199] CIFS: iocharset name too long [ 395.663764][T13168] loop1: detected capacity change from 0 to 32768 [ 395.863033][T13168] XFS (loop1): Mounting V5 Filesystem [ 396.103442][T13168] XFS (loop1): Ending clean mount [ 396.146341][T13168] XFS (loop1): Quotacheck needed: Please wait. [ 396.276176][T13168] XFS (loop1): Quotacheck: Done. [ 396.302368][T10708] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 396.462386][T10708] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 396.492071][ T4264] XFS (loop1): Unmounting Filesystem [ 396.572843][T13240] kAFS: unable to lookup cell ' [ 396.572843][T13240] $)-.ÌײfÍY¹Ç²a×ïÅ2sˆ [ 396.572843][T13240] ' [ 396.711145][T13242] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3883'. [ 396.729980][ T126] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 396.738253][T13242] netlink: 'syz.5.3883': attribute type 2 has an invalid length. [ 396.771909][T13242] netlink: 'syz.5.3883': attribute type 1 has an invalid length. [ 396.806290][T13242] netlink: 120 bytes leftover after parsing attributes in process `syz.5.3883'. [ 396.953112][T13248] IPv6: ADDRCONF(NETDEV_CHANGE): rose0: link becomes ready [ 396.984919][T13250] --map-set only usable from mangle table [ 397.195313][T13256] loop4: detected capacity change from 0 to 164 [ 397.228054][T13258] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3891'. [ 397.408632][ T4274] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 397.447146][ T4274] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 397.522251][ T126] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 397.531371][ T126] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 398.142053][T10708] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 398.383629][T13298] ieee802154 phy0 wpan0: encryption failed: -22 [ 398.531069][T13305] trusted_key: encrypted_key: keyword 'ryptfs' not recognized [ 398.682935][T13308] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 398.781703][T10708] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 398.981853][T10708] usb 6-1: Using ep0 maxpacket: 32 [ 398.989988][T10708] usb 6-1: config 0 has an invalid interface number: 111 but max is 1 [ 399.042236][T10708] usb 6-1: config 0 has no interface number 1 [ 399.049415][T10708] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 399.103921][T13318] loop1: detected capacity change from 0 to 4096 [ 399.114143][T10708] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=4a.83 [ 399.143274][T13318] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 399.154162][T10708] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 399.191391][T10708] usb 6-1: Product: syz [ 399.207656][T10708] usb 6-1: Manufacturer: syz [ 399.215681][T10708] usb 6-1: SerialNumber: syz [ 399.250048][T10708] usb 6-1: config 0 descriptor?? [ 399.492748][T10708] snd-usb-6fire 6-1:0.111: unable to receive device firmware state. [ 399.500872][T10708] snd-usb-6fire: probe of 6-1:0.111 failed with error -71 [ 399.531784][ T5152] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 399.551459][T10708] usb 6-1: USB disconnect, device number 10 [ 399.735077][ T5152] usb 5-1: Using ep0 maxpacket: 16 [ 399.755782][ T5152] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 399.773775][ T5152] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 399.813715][ T5152] usb 5-1: Product: syz [ 399.818831][ T5152] usb 5-1: Manufacturer: syz [ 399.835783][ T5152] usb 5-1: SerialNumber: syz [ 399.886649][ T5152] r8152-cfgselector 5-1: config 0 descriptor?? [ 400.197315][T13346] loop0: detected capacity change from 0 to 4096 [ 400.231430][T13346] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 400.354052][ T5152] r8152-cfgselector 5-1: Unknown version 0x0000 [ 400.372841][ T5152] r8152-cfgselector 5-1: USB disconnect, device number 13 [ 400.405375][T13346] ntfs3: loop0: failed to convert "c46c" to macinuit [ 400.898383][T13367] loop5: detected capacity change from 0 to 256 [ 400.974988][T13348] loop2: detected capacity change from 0 to 32768 [ 401.019266][T13367] FAT-fs (loop5): Directory bread(block 64) failed [ 401.046392][T13348] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.3933 (13348) [ 401.066909][T13367] FAT-fs (loop5): Directory bread(block 65) failed [ 401.111560][T13367] FAT-fs (loop5): Directory bread(block 66) failed [ 401.118470][T13367] FAT-fs (loop5): Directory bread(block 67) failed [ 401.142179][T13367] FAT-fs (loop5): Directory bread(block 68) failed [ 401.148954][T13367] FAT-fs (loop5): Directory bread(block 69) failed [ 401.171222][T13367] FAT-fs (loop5): Directory bread(block 70) failed [ 401.190262][T13348] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 401.200964][T13367] FAT-fs (loop5): Directory bread(block 71) failed [ 401.215266][T13367] FAT-fs (loop5): Directory bread(block 72) failed [ 401.232944][T13367] FAT-fs (loop5): Directory bread(block 73) failed [ 401.242448][T13348] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 401.251363][T13348] BTRFS info (device loop2): enabling auto defrag [ 401.331722][T13348] BTRFS info (device loop2): doing ref verification [ 401.338411][T13348] BTRFS info (device loop2): use no compression [ 401.422517][T13348] BTRFS info (device loop2): force clearing of disk cache [ 401.429754][T13348] BTRFS info (device loop2): max_inline at 57 [ 401.469446][T13348] BTRFS info (device loop2): disabling free space tree [ 401.480283][T13378] usb usb1: usbfs: process 13378 (syz.1.3949) did not claim interface 63 before use [ 401.641953][ C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 401.824869][T13405] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3954'. [ 401.919048][T13348] BTRFS info (device loop2): enabling ssd optimizations [ 401.961483][T13348] BTRFS info (device loop2): rebuilding free space tree [ 402.042773][T13348] BTRFS info (device loop2): disabling free space tree [ 402.086220][T13416] kernel profiling enabled (shift: 9) [ 402.091812][T13348] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 402.156767][T13348] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 402.400325][ T4268] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 402.715758][T13433] loop1: detected capacity change from 0 to 1764 [ 402.750249][ T4394] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 11 /dev/loop2 scanned by udevd (4394) [ 402.970908][T13441] loop0: detected capacity change from 0 to 8 [ 403.188756][T13441] SQUASHFS error: Failed to read block 0x2fc: -5 [ 403.227577][T13441] SQUASHFS error: Unable to read metadata cache entry [2fa] [ 403.251932][T13441] SQUASHFS error: Unable to read directory block [247:26] [ 404.800308][T13494] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3997'. [ 404.851717][T11579] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 404.907215][T13470] loop0: detected capacity change from 0 to 32768 [ 404.963021][T13480] loop1: detected capacity change from 0 to 32768 [ 405.023565][T13480] debugfs: Directory 'B1DE653C5FFC4D88B33B244AAB9EB3E9' with parent 'ocfs2' already present! [ 405.043184][T13470] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 405.053713][T11579] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 405.071840][T11579] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 405.081584][T13480] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 405.086981][T11579] usb 6-1: config 0 descriptor?? [ 405.125596][T13480] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 405.308627][T11579] [drm] vendor descriptor length:6 data:06 5f 01 00 00 00 00 00 00 00 00 [ 405.321096][ T4275] ocfs2: Unmounting device (7,0) on (node local) [ 405.332144][T11579] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 405.487569][T13509] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled [ 405.512415][T11579] [drm:udl_init] *ERROR* Selecting channel failed [ 405.520276][ T4264] ocfs2: Unmounting device (7,1) on (node local) [ 405.622060][T11579] [drm] Initialized udl 0.0.1 20120220 for 6-1:0.0 on minor 2 [ 405.640036][T13512] loop2: detected capacity change from 0 to 16 [ 405.660151][T11579] [drm] Initialized udl on minor 2 [ 405.686567][T13512] erofs: (device loop2): mounted with root inode @ nid 36. [ 405.696759][T11579] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 405.770993][T11579] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 405.835352][ T9202] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 405.846893][T11579] usb 6-1: USB disconnect, device number 11 [ 405.888200][ T9202] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed [ 405.952603][ T9202] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 407.346707][T13560] loop2: detected capacity change from 0 to 4096 [ 407.369990][T13538] Bluetooth: hci0: Opcode 0x080f failed: -4 [ 407.416686][T13560] ntfs: (device loop2): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 407.453147][T13560] ntfs: (device loop2): ntfs_read_locked_inode(): $DATA attribute is missing. [ 407.494038][T13560] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 407.549980][T13560] ntfs: (device loop2): load_system_files(): Failed to load $MFTMirr. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 407.730030][T13560] ntfs: volume version 3.1. [ 408.081489][T13580] xt_ecn: cannot match TCP bits for non-tcp packets [ 408.387450][T13596] loop1: detected capacity change from 0 to 256 [ 408.533368][T13596] FAT-fs (loop1): Directory bread(block 64) failed [ 408.540710][T13596] FAT-fs (loop1): Directory bread(block 65) failed [ 408.582016][T13596] FAT-fs (loop1): Directory bread(block 66) failed [ 408.588865][T13596] FAT-fs (loop1): Directory bread(block 67) failed [ 408.632234][T13596] FAT-fs (loop1): Directory bread(block 68) failed [ 408.650250][T13596] FAT-fs (loop1): Directory bread(block 69) failed [ 408.667221][T13596] FAT-fs (loop1): Directory bread(block 70) failed [ 408.691784][T13596] FAT-fs (loop1): Directory bread(block 71) failed [ 408.698609][T13596] FAT-fs (loop1): Directory bread(block 72) failed [ 408.716101][T13604] loop0: detected capacity change from 0 to 512 [ 408.731975][T13596] FAT-fs (loop1): Directory bread(block 73) failed [ 408.777008][T13604] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.4045: bad orphan inode 15 [ 408.802215][T13604] ext4_test_bit(bit=14, block=5) = 0 [ 408.825944][T13604] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 408.895532][T13604] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 7987 vs 220 free clusters [ 408.991197][ T4275] EXT4-fs (loop0): unmounting filesystem. [ 409.242222][T13617] loop2: detected capacity change from 0 to 1024 [ 409.407011][T13617] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 409.508138][T13617] ext4 filesystem being mounted at /829/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 409.561890][ C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 409.590176][T13617] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.4049: inode #458752: comm syz.2.4049: iget: illegal inode # [ 409.692376][T13617] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.4049: error while reading EA inode 458752 err=-117 [ 409.845507][ T4268] EXT4-fs (loop2): unmounting filesystem. [ 410.085263][ T4928] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 410.131767][ T4925] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 410.306800][ T4928] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 410.324066][ T4925] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 410.347571][ T4928] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 410.371675][ T4925] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 410.388521][ T4928] usb 2-1: config 0 descriptor?? [ 410.399190][ T4925] usb 5-1: config 0 descriptor?? [ 410.417510][ T4928] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 410.426986][ T4925] cp210x 5-1:0.0: cp210x converter detected [ 410.440479][T13664] loop2: detected capacity change from 0 to 1024 [ 410.513061][T13664] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 410.540012][T13664] ext4 filesystem being mounted at /832/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 410.601975][ T126] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 410.615417][T13667] loop0: detected capacity change from 0 to 4096 [ 410.636789][ T4925] usb 5-1: cp210x converter now attached to ttyUSB0 [ 410.699633][T13667] ntfs: (device loop0): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 410.760522][T13667] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing. [ 410.791098][T13667] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 410.809495][T13667] ntfs: (device loop0): load_system_files(): Failed to load $MFTMirr. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 410.825057][ T4928] gspca_stv06xx: I2C: Read error writing address: -71 [ 410.829412][ T4268] EXT4-fs (loop2): unmounting filesystem. [ 410.840761][ T126] usb 6-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05 [ 410.865790][ T4928] usb 2-1: USB disconnect, device number 13 [ 410.875988][ T126] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 410.885086][ T126] usb 6-1: Product: syz [ 410.889545][ T126] usb 6-1: Manufacturer: syz [ 410.895098][ T126] usb 6-1: SerialNumber: syz [ 410.909299][T13667] ntfs: volume version 3.1. [ 410.926350][ T4925] usb 5-1: USB disconnect, device number 14 [ 410.964024][ T4925] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 410.990066][ T126] usb 6-1: config 0 descriptor?? [ 411.038706][ T4925] cp210x 5-1:0.0: device disconnected [ 411.045925][ T126] go7007: probe of 6-1:0.0 failed with error -12 [ 411.242184][ T4928] usb 6-1: USB disconnect, device number 12 [ 411.883422][ T4269] Bluetooth: hci0: unexpected event for opcode 0x2062 [ 411.933846][T13701] ieee802154 phy0 wpan0: encryption failed: -22 [ 412.345061][T13711] loop4: detected capacity change from 0 to 4096 [ 412.415795][T13711] ntfs: (device loop4): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 412.537699][T13711] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing. [ 412.646577][T13711] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 412.701865][T13711] ntfs: (device loop4): load_system_files(): Failed to load $MFTMirr. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 412.823130][T13711] ntfs: volume version 3.1. [ 412.925847][T13731] vcan0 speed is unknown, defaulting to 1000 [ 412.995184][T13731] vcan0 speed is unknown, defaulting to 1000 [ 413.032564][T13731] vcan0 speed is unknown, defaulting to 1000 [ 413.088693][T13733] loop0: detected capacity change from 0 to 2048 [ 413.180844][T13733] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 413.188391][T13738] netlink: 'syz.5.4096': attribute type 1 has an invalid length. [ 413.235280][T13738] netlink: 128 bytes leftover after parsing attributes in process `syz.5.4096'. [ 413.249983][T13733] UDF-fs: error (device loop0): udf_read_inode: (ino 1345) failed !bh [ 413.259087][T13738] NCSI netlink: No device for ifindex 0 [ 413.679031][T13731] infiniband syz1: set active [ 413.684179][ T4928] vcan0 speed is unknown, defaulting to 1000 [ 413.702090][T13731] infiniband syz1: added vcan0 [ 413.768406][T13756] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0) [ 413.862968][T13731] RDS/IB: syz1: added [ 413.867077][T13731] smc: adding ib device syz1 with port count 1 [ 413.884746][T13731] smc: ib device syz1 port 1 has pnetid [ 413.891285][T11579] vcan0 speed is unknown, defaulting to 1000 [ 413.943218][T13731] vcan0 speed is unknown, defaulting to 1000 [ 414.095613][T13766] loop0: detected capacity change from 0 to 1024 [ 414.251862][ T4928] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 414.361449][ T4348] hfsplus: b-tree write err: -5, ino 8 [ 414.369378][T13731] vcan0 speed is unknown, defaulting to 1000 [ 414.481754][ T4928] usb 6-1: Using ep0 maxpacket: 32 [ 414.495180][ T4928] usb 6-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 414.530598][ T4928] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 414.574478][ T4928] usb 6-1: config 0 descriptor?? [ 414.603611][ T4928] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 414.778808][T13731] vcan0 speed is unknown, defaulting to 1000 [ 414.989419][ T4928] gspca_vc032x: reg_w err -71 [ 414.998316][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.016558][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.042199][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.072656][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.088691][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.105508][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.146221][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.161971][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.186455][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.197985][T13731] vcan0 speed is unknown, defaulting to 1000 [ 415.201662][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.215802][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.231370][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.271691][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.277275][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.291734][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.303461][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.339069][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.381723][ T4928] gspca_vc032x: I2c Bus Busy Wait 00 [ 415.391711][ T4928] gspca_vc032x: Unknown sensor... [ 415.396893][ T4928] vc032x: probe of 6-1:0.0 failed with error -22 [ 415.433450][ T4928] usb 6-1: USB disconnect, device number 13 [ 415.487498][T13731] vcan0 speed is unknown, defaulting to 1000 [ 416.195845][T13823] loop1: detected capacity change from 0 to 256 [ 416.269937][T13823] FAT-fs (loop1): Directory bread(block 64) failed [ 416.302527][T13823] FAT-fs (loop1): Directory bread(block 65) failed [ 416.317296][T13823] FAT-fs (loop1): Directory bread(block 66) failed [ 416.332082][T13823] FAT-fs (loop1): Directory bread(block 67) failed [ 416.344920][T13823] FAT-fs (loop1): Directory bread(block 68) failed [ 416.355002][T13823] FAT-fs (loop1): Directory bread(block 69) failed [ 416.380312][T13823] FAT-fs (loop1): Directory bread(block 70) failed [ 416.428786][T13823] FAT-fs (loop1): Directory bread(block 71) failed [ 416.456201][T13823] FAT-fs (loop1): Directory bread(block 72) failed [ 416.471775][T13823] FAT-fs (loop1): Directory bread(block 73) failed [ 416.645212][T13830] loop2: detected capacity change from 0 to 64 [ 416.698610][T13828] loop5: detected capacity change from 0 to 4096 [ 416.741818][T13828] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 416.892118][T13828] ntfs3: loop5: failed to convert "c46c" to cp850 [ 417.278545][T13818] loop0: detected capacity change from 0 to 32768 [ 417.769997][T13856] nfs: Unknown parameter 'ntext' [ 417.839678][T13860] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4156'. [ 417.912655][T13852] loop1: detected capacity change from 0 to 4096 [ 417.991036][T13852] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 418.086157][T13864] loop4: detected capacity change from 0 to 1024 [ 418.097802][T13852] ntfs3: loop1: Failed to load $Extend. [ 418.771477][T13878] loop5: detected capacity change from 0 to 4096 [ 418.826884][T13878] ntfs3: loop5: Different NTFS' sector size (2048) and media sector size (512) [ 418.879315][T13878] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 419.180080][ T68] ntfs3: loop5: ntfs3_write_inode r=5 failed, -22. [ 419.213263][ T8137] ntfs3: loop5: ntfs_evict_inode r=5 failed, -22. [ 419.646003][T13909] netlink: 'syz.5.4179': attribute type 3 has an invalid length. [ 419.658427][T13908] program syz.0.4180 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 419.668640][T13909] netlink: 132 bytes leftover after parsing attributes in process `syz.5.4179'. [ 419.926949][T13915] netlink: 'syz.4.4183': attribute type 1 has an invalid length. [ 420.200842][T13927] loop5: detected capacity change from 0 to 16 [ 420.278444][T13927] erofs: (device loop5): mounted with root inode @ nid 36. [ 420.333176][T13927] erofs: (device loop5): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 420.373028][T13927] syz.5.4190: attempt to access beyond end of device [ 420.373028][T13927] loop5: rw=524288, sector=524296, nr_sectors = 8 limit=16 [ 420.417605][T13934] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4193'. [ 420.453202][T13927] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096] [ 420.476744][ T26] audit: type=1800 audit(1757445278.964:1652): pid=13927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.4190" name="file2" dev="loop5" ino=89 res=0 errno=0 [ 420.769320][T13947] ieee802154 phy0 wpan0: encryption failed: -22 [ 421.673940][T13983] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4217'. [ 421.673970][T13983] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4217'. [ 421.821878][T13987] kcapi: manufacturer command 18446744073709551608 unknown. [ 421.846099][T13989] netlink: 'syz.4.4219': attribute type 20 has an invalid length. [ 421.861719][ T4308] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 422.067779][ T4308] usb 3-1: unable to get BOS descriptor or descriptor too short [ 422.081242][ T4308] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 422.110956][ T4308] usb 3-1: New USB device found, idVendor=04b8, idProduct=ef02, bcdDevice= 0.3f [ 422.133004][ T4308] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 422.175195][ T4308] usb 3-1: Product: syz [ 422.189373][ T4308] usb 3-1: Manufacturer: syz [ 422.209019][ T4308] usb 3-1: SerialNumber: syz [ 422.345084][T14007] tmpfs: Bad value for 'mpol' [ 422.490039][ T4308] usb 3-1: USB disconnect, device number 15 [ 423.224359][T14030] loop2: detected capacity change from 0 to 64 [ 423.649869][T14016] loop5: detected capacity change from 0 to 32768 [ 423.667552][ T4308] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 423.806258][T14016] XFS (loop5): Mounting V5 Filesystem [ 423.852324][T14052] capability: warning: `syz.4.4248' uses 32-bit capabilities (legacy support in use) [ 423.881825][ T4308] usb 1-1: Using ep0 maxpacket: 32 [ 423.903602][ T4308] usb 1-1: config 0 has an invalid interface number: 2 but max is 0 [ 423.911290][T14016] XFS (loop5): Ending clean mount [ 423.953421][ T4308] usb 1-1: config 0 has no interface number 0 [ 423.993638][ T4308] usb 1-1: New USB device found, idVendor=108c, idProduct=0168, bcdDevice=84.b2 [ 424.039462][ T4308] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 424.078892][ T4308] usb 1-1: Product: syz [ 424.093728][ T4308] usb 1-1: Manufacturer: syz [ 424.098496][ T4308] usb 1-1: SerialNumber: syz [ 424.146224][ T4308] usb 1-1: config 0 descriptor?? [ 424.159682][ T8137] XFS (loop5): Unmounting Filesystem [ 424.164546][T14059] loop2: detected capacity change from 0 to 1024 [ 424.172655][ T4308] etas_es58x 1-1:0.2: Starting syz syz (Serial Number syz) [ 424.358237][ T4308] etas_es58x 1-1:0.2: Product info: 424242424242 [ 424.531207][T14041] loop1: detected capacity change from 0 to 32768 [ 424.570815][ T4308] usb 1-1: USB disconnect, device number 16 [ 424.592725][ T4308] etas_es58x 1-1:0.2: Disconnecting syz syz [ 424.605174][T14041] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11 [ 424.701779][ T4394] I/O error, dev loop1, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 424.921811][ C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 425.160927][T14076] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4252'. [ 425.601883][T14089] netlink: 'syz.0.4265': attribute type 4 has an invalid length. [ 426.129338][T14115] netlink: 'syz.2.4272': attribute type 8 has an invalid length. [ 426.315680][T14118] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4273'. [ 426.329141][T14119] netlink: 4172 bytes leftover after parsing attributes in process `syz.5.4274'. [ 426.600539][T14126] loop0: detected capacity change from 0 to 2048 [ 426.750732][T14133] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 426.771010][T14126] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 426.831303][T14126] Remounting filesystem read-only [ 426.905605][T14126] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 427.163413][ T9202] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 427.374229][ T9202] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 427.409529][ T9202] usb 5-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 427.465182][ T9202] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 427.527913][ T9202] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 427.612030][T14161] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4289'. [ 427.933768][T14174] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method [ 428.604356][ T9202] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -32 [ 428.631737][ T9202] stv0680 5-1:4.0: STV(e): camera ping failed!! [ 428.656947][ T9202] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 428.684559][ T9202] stv0680 5-1:4.0: last error: 0, command = 0x0 [ 428.710622][ T26] audit: type=1326 audit(1757445287.194:1653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14202 comm="syz.5.4307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb73d8ebe9 code=0x7ffc0000 [ 428.762155][ T9202] usb 5-1: USB disconnect, device number 15 [ 428.825574][ T26] audit: type=1326 audit(1757445287.194:1654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14202 comm="syz.5.4307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb73d8ebe9 code=0x7ffc0000 [ 428.911146][ T26] audit: type=1326 audit(1757445287.234:1655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14202 comm="syz.5.4307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7fdb73d8ebe9 code=0x7ffc0000 [ 429.019595][ T26] audit: type=1326 audit(1757445287.234:1656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14202 comm="syz.5.4307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb73d8ebe9 code=0x7ffc0000 [ 429.042392][ C0] vkms_vblank_simulate: vblank timer overrun [ 429.053338][T14207] loop2: detected capacity change from 0 to 4096 [ 429.137091][ T26] audit: type=1326 audit(1757445287.234:1657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14202 comm="syz.5.4307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb73d8ebe9 code=0x7ffc0000 [ 429.161305][ C0] vkms_vblank_simulate: vblank timer overrun [ 429.233791][T14207] ntfs: volume version 3.1. [ 429.648839][T14229] netlink: 'syz.4.4318': attribute type 10 has an invalid length. [ 429.675297][T14229] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4318'. [ 429.717857][T14229] device batadv0 entered promiscuous mode [ 429.735263][T14233] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4320'. [ 429.754839][T14229] bridge0: port 1(batadv0) entered blocking state [ 429.778470][T14229] bridge0: port 1(batadv0) entered disabled state [ 429.816958][T14229] bridge0: port 1(batadv0) entered blocking state [ 429.824235][T14229] bridge0: port 1(batadv0) entered forwarding state [ 430.019619][ T4348] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 430.030184][ T4348] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 430.472715][T14259] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4333'. [ 430.580495][T14262] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 430.801323][T14271] loop4: detected capacity change from 0 to 64 [ 431.155176][T14284] loop2: detected capacity change from 0 to 64 [ 431.278613][T14282] loop1: detected capacity change from 0 to 2048 [ 431.552156][T14291] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4349'. [ 431.986456][T14267] loop5: detected capacity change from 0 to 32768 [ 432.039281][T14267] XFS: ikeep mount option is deprecated. [ 432.066127][T14267] XFS: ikeep mount option is deprecated. [ 432.194627][T14267] XFS (loop5): Mounting V5 Filesystem [ 432.196703][T14311] loop1: detected capacity change from 0 to 512 [ 432.227375][T14311] EXT4-fs: Ignoring removed orlov option [ 432.302086][T14311] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 432.464742][T14311] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm syz.1.4358: corrupted in-inode xattr [ 432.478387][T14267] XFS (loop5): Ending clean mount [ 432.486334][T14329] loop4: detected capacity change from 0 to 1024 [ 432.498549][T14329] EXT4-fs: Ignoring removed nomblk_io_submit option [ 432.520221][T14329] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 432.532782][T14311] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.4358: couldn't read orphan inode 15 (err -117) [ 432.558435][T14329] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 432.567506][T14311] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 432.662366][T14329] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 432.774573][ T8137] XFS (loop5): Unmounting Filesystem [ 432.953502][ T4274] EXT4-fs (loop4): unmounting filesystem. [ 432.987139][ T4264] EXT4-fs (loop1): unmounting filesystem. [ 433.061816][ C0] vkms_vblank_simulate: vblank timer overrun [ 433.263886][T14344] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4372'. [ 433.299887][T14344] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4372'. [ 433.610564][T14356] loop2: detected capacity change from 0 to 64 [ 433.628118][T14356] hfs: unable to locate alternate MDB [ 433.638971][T14356] hfs: continuing without an alternate MDB [ 434.505498][T14386] netlink: 'syz.1.4391': attribute type 2 has an invalid length. [ 434.872084][ T4308] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 435.094122][ T4308] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 435.135665][ T4308] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 435.148183][T14411] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4403'. [ 435.176295][ T4308] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 435.198100][ T4308] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 435.220602][ T4308] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 435.240294][ T4308] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 435.275959][ T4308] usb 5-1: Product: syz [ 435.290565][ T4308] usb 5-1: Manufacturer: syz [ 435.319376][ T4308] usb 5-1: SerialNumber: syz [ 435.353751][ T4308] usb 5-1: config 0 descriptor?? [ 435.582183][ T4308] adutux 5-1:0.0: Could not retrieve serial number [ 435.592402][ T4308] adutux: probe of 5-1:0.0 failed with error -5 [ 435.680564][T14426] IPv6: NLM_F_CREATE should be specified when creating new route [ 435.803810][ T4308] usb 5-1: USB disconnect, device number 16 [ 436.366091][T14453] loop0: detected capacity change from 0 to 256 [ 436.436200][T14453] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 436.498845][T14453] FAT-fs (loop0): Filesystem has been set read-only [ 436.541935][T14453] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 436.572620][T14460] cgroup: name respecified [ 436.582316][T14453] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 436.623690][T14453] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 436.661971][T14453] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 436.705587][T14453] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 436.751213][T14453] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 436.782994][T14453] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 436.806036][T14453] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 436.888070][T14453] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 436.942490][T14471] loop1: detected capacity change from 0 to 512 [ 436.949084][ T26] audit: type=1800 audit(436.890:1658): pid=14453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4423" name="file1" dev="loop0" ino=1048660 res=0 errno=0 [ 437.033270][T14476] loop2: detected capacity change from 0 to 64 [ 437.051770][T14471] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 437.309169][ T4264] EXT4-fs (loop1): unmounting filesystem. [ 437.766214][T14490] xt_CT: No such helper "pptp" [ 438.297957][T14482] loop0: detected capacity change from 0 to 32768 [ 438.377600][T14482] ialloc: diAlloc returned -17! [ 438.911881][ T14] usb 1-1: new full-speed USB device number 17 using dummy_hcd [ 438.965060][T14532] loop1: detected capacity change from 0 to 2048 [ 438.997824][T14532] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 439.113897][ T14] usb 1-1: config index 0 descriptor too short (expected 897, got 27) [ 439.142884][ T14] usb 1-1: config 2 has an invalid interface number: 1 but max is -1 [ 439.151153][ T14] usb 1-1: config 2 has an invalid interface number: 1 but max is -1 [ 439.190392][T14536] loop2: detected capacity change from 0 to 2048 [ 439.211006][ T14] usb 1-1: config 2 has 1 interface, different from the descriptor's value: 0 [ 439.234809][ T14] usb 1-1: config 2 has no interface number 0 [ 439.266004][ T14] usb 1-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=20.da [ 439.280188][T14536] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 439.295939][ T14] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 439.304704][ T14] usb 1-1: Product: syz [ 439.309038][ T14] usb 1-1: Manufacturer: syz [ 439.314437][ T14] usb 1-1: SerialNumber: syz [ 439.539689][ T14] cdc_ncm 1-1:2.1: CDC Union missing and no IAD found [ 439.556890][ T4268] EXT4-fs (loop2): unmounting filesystem. [ 439.570836][ T14] cdc_ncm 1-1:2.1: bind() failure [ 439.586416][ T14] usb 1-1: no audio or video endpoints found [ 439.620217][ T14] usb 1-1: USB disconnect, device number 17 [ 440.036884][T14566] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4475'. [ 440.079188][T14566] unsupported nlmsg_type 40 [ 440.294592][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.300996][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.621495][T14590] overlayfs: empty lowerdir [ 441.598994][T14627] bridge0: port 1(batadv0) entered disabled state [ 441.684123][T14627] device bridge_slave_0 left promiscuous mode [ 441.800912][T14627] device gtp0 left promiscuous mode [ 441.850355][T14627] device geneve2 left promiscuous mode [ 442.427828][ T26] audit: type=1400 audit(442.370:1659): apparmor="DENIED" operation="setprocattr" info="fscreate" error=-22 profile="unconfined" pid=14658 comm="syz.2.4518" [ 442.615296][T14669] loop2: detected capacity change from 0 to 256 [ 442.701875][ T14] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 442.773088][T14669] FAT-fs (loop2): Directory bread(block 64) failed [ 442.830729][T14669] FAT-fs (loop2): Directory bread(block 65) failed [ 442.905359][T14669] FAT-fs (loop2): Directory bread(block 66) failed [ 442.915784][ T14] usb 1-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 442.947426][ T14] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 442.988195][T14669] FAT-fs (loop2): Directory bread(block 67) failed [ 443.068228][ T14] usb 1-1: config 0 descriptor?? [ 443.072236][T14669] FAT-fs (loop2): Directory bread(block 68) failed [ 443.151548][ T14] gspca_main: spca508-2.14.0 probing 8086:0110 [ 443.199788][T14669] FAT-fs (loop2): Directory bread(block 69) failed [ 443.269364][T14669] FAT-fs (loop2): Directory bread(block 70) failed [ 443.301210][T14669] FAT-fs (loop2): Directory bread(block 71) failed [ 443.318558][T14669] FAT-fs (loop2): Directory bread(block 72) failed [ 443.347597][T14669] FAT-fs (loop2): Directory bread(block 73) failed [ 443.367353][T14700] netlink: 'syz.1.4527': attribute type 10 has an invalid length. [ 443.503202][T14669] FAT-fs (loop2): Filesystem has been set read-only [ 443.541781][ T26] audit: type=1800 audit(443.450:1660): pid=14669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4523" name="pids.current" dev="loop2" ino=1048661 res=0 errno=0 [ 443.558262][ T14] gspca_spca508: reg_read err -71 [ 443.566010][T14669] FAT-fs (loop2): error, invalid access to FAT (entry 0x00006c61) [ 443.606678][ T14] gspca_spca508: reg_read err -71 [ 443.643218][ T14] gspca_spca508: reg_read err -71 [ 443.664597][ T26] audit: type=1326 audit(443.610:1661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14705 comm="syz.5.4530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb73d8ebe9 code=0x7ffc0000 [ 443.680650][ T14] gspca_spca508: reg_read err -71 [ 443.735677][ T14] gspca_spca508: reg write: error -71 [ 443.742610][ T14] spca508: probe of 1-1:0.0 failed with error -71 [ 443.760358][T14709] IPv6: NLM_F_CREATE should be specified when creating new route [ 443.777509][ T14] usb 1-1: USB disconnect, device number 18 [ 443.781801][ T26] audit: type=1326 audit(443.650:1662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14705 comm="syz.5.4530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7fdb73d8ebe9 code=0x7ffc0000 [ 443.860539][ T26] audit: type=1326 audit(443.650:1663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14705 comm="syz.5.4530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb73d8ebe9 code=0x7ffc0000 [ 444.029190][ T26] audit: type=1326 audit(443.650:1664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14705 comm="syz.5.4530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb73d8ebe9 code=0x7ffc0000 [ 444.278201][T14723] loop1: detected capacity change from 0 to 64 [ 444.534850][T14732] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4543'. [ 444.599477][T14734] loop1: detected capacity change from 0 to 512 [ 444.653515][T14734] EXT4-fs: Ignoring removed i_version option [ 444.713233][T14734] EXT4-fs (loop1): Test dummy encryption mode enabled [ 444.720370][T14734] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 444.828124][T14734] EXT4-fs (loop1): 1 truncate cleaned up [ 444.841865][T14734] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 445.189651][ T4264] EXT4-fs (loop1): unmounting filesystem. [ 445.237554][ T26] audit: type=1326 audit(445.180:1665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14755 comm="syz.2.4554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94618ebe9 code=0x7ffc0000 [ 445.321859][ T26] audit: type=1326 audit(445.210:1666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14755 comm="syz.2.4554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7fe94618ebe9 code=0x7ffc0000 [ 445.417845][ T26] audit: type=1326 audit(445.210:1667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14755 comm="syz.2.4554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94618ebe9 code=0x7ffc0000 [ 445.455357][T14763] loop1: detected capacity change from 0 to 512 [ 445.506896][ T26] audit: type=1326 audit(445.210:1668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14755 comm="syz.2.4554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94618ebe9 code=0x7ffc0000 [ 445.540689][T14763] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.4556: inode #1: comm syz.1.4556: iget: illegal inode # [ 445.557934][T14763] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.4556: error while reading EA inode 1 err=-117 [ 445.572911][T14763] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.4556: inode #1: comm syz.1.4556: iget: illegal inode # [ 445.574525][T14761] loop0: detected capacity change from 0 to 4096 [ 445.595438][T14770] netlink: 'syz.5.4560': attribute type 10 has an invalid length. [ 445.640274][T14763] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.4556: error while reading EA inode 1 err=-117 [ 445.663653][T14763] EXT4-fs (loop1): 1 orphan inode deleted [ 445.680880][T14763] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 445.755518][T14770] bridge0: port 2(bridge_slave_1) entered disabled state [ 445.764577][T14770] bridge0: port 1(bridge_slave_0) entered disabled state [ 445.847545][T14770] bridge0: port 2(bridge_slave_1) entered blocking state [ 445.858173][T14770] bridge0: port 2(bridge_slave_1) entered forwarding state [ 445.870258][T14770] bridge0: port 1(bridge_slave_0) entered blocking state [ 445.877539][T14770] bridge0: port 1(bridge_slave_0) entered forwarding state [ 445.937693][ T4264] EXT4-fs (loop1): unmounting filesystem. [ 446.072609][T14770] team0: Port device bridge0 added [ 446.374514][T14791] loop4: detected capacity change from 0 to 64 [ 446.658067][ T126] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 446.851759][ T126] usb 2-1: Using ep0 maxpacket: 16 [ 446.859038][ T126] usb 2-1: config 0 has an invalid interface number: 237 but max is 0 [ 446.908714][ T126] usb 2-1: config 0 has no interface number 0 [ 446.928953][ T126] usb 2-1: config 0 interface 237 has no altsetting 0 [ 446.952340][ T126] usb 2-1: New USB device found, idVendor=0e41, idProduct=5057, bcdDevice= 6.ad [ 446.991703][ T126] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 447.008160][ T126] usb 2-1: Product: syz [ 447.044264][ T126] usb 2-1: Manufacturer: syz [ 447.049572][ T126] usb 2-1: SerialNumber: syz [ 447.077075][ T126] usb 2-1: config 0 descriptor?? [ 447.107487][ T126] snd_usb_podhd 2-1:0.237: Line 6 POD HD300 found [ 447.324499][ T126] snd_usb_podhd 2-1:0.237: cannot get proper max packet size [ 447.352351][ T126] snd_usb_podhd 2-1:0.237: Line 6 POD HD300 now disconnected [ 447.383028][ T126] snd_usb_podhd: probe of 2-1:0.237 failed with error -22 [ 447.527403][ T9202] usb 2-1: USB disconnect, device number 14 [ 447.622865][T14829] device bridge_slave_0 left promiscuous mode [ 447.656389][T14829] device netdevsim0 left promiscuous mode [ 447.689997][T14829] device wlan0 left promiscuous mode [ 447.834554][T14839] loop5: detected capacity change from 0 to 16 [ 447.853271][T14839] erofs: (device loop5): mounted with root inode @ nid 36. [ 448.297170][T14856] loop4: detected capacity change from 0 to 256 [ 448.313695][T14854] exFAT-fs (nullb0): mounting with "discard" option, but the device does not support discard [ 448.314675][T14856] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 448.343510][T14856] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 448.372251][T14854] exFAT-fs (nullb0): invalid boot record signature [ 448.391045][T14854] exFAT-fs (nullb0): failed to read boot sector [ 448.398772][T14856] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 448.428480][T14854] exFAT-fs (nullb0): failed to recognize exfat type [ 448.705022][T14868] loop0: detected capacity change from 0 to 128 [ 448.801934][T14872] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4609'. [ 449.055760][T14879] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 449.126277][T14879] overlayfs: missing 'lowerdir' [ 449.349956][T14888] loop4: detected capacity change from 0 to 1024 [ 449.538450][T14888] hfsplus: keylen 65060 too large [ 449.553232][T14888] hfsplus: xattr searching failed [ 449.631837][ T9202] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 449.831710][ T9202] usb 1-1: Using ep0 maxpacket: 8 [ 449.864362][ T9202] usb 1-1: unable to get BOS descriptor set [ 449.902606][ T9202] usb 1-1: config 0 has an invalid interface number: 125 but max is 0 [ 449.936183][ T9202] usb 1-1: config 0 has no interface number 0 [ 449.961804][ T9202] usb 1-1: config 0 interface 125 has no altsetting 0 [ 450.011825][ T9202] usb 1-1: New USB device found, idVendor=17dc, idProduct=0202, bcdDevice=8a.dd [ 450.051208][ T9202] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 450.070878][ T9202] usb 1-1: Product: syz [ 450.085838][ T9202] usb 1-1: Manufacturer: syz [ 450.108506][ T9202] usb 1-1: SerialNumber: syz [ 450.139627][ T9202] usb 1-1: config 0 descriptor?? [ 450.170661][ T9202] hub 1-1:0.125: bad descriptor, ignoring hub [ 450.202048][ T9202] hub: probe of 1-1:0.125 failed with error -5 [ 450.226229][ T9202] usb 1-1: Found UVC 0.00 device syz (17dc:0202) [ 450.267155][ T9202] usb 1-1: No valid video chain found. [ 450.347692][T14924] loop2: detected capacity change from 0 to 8 [ 450.374935][T14924] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 450.522537][T11579] usb 1-1: USB disconnect, device number 19 [ 450.591672][ T9202] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 450.764148][T14936] loop2: detected capacity change from 0 to 164 [ 450.779043][ T9202] usb 6-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5 [ 450.805854][T14936] Unable to read rock-ridge attributes [ 450.808750][ T9202] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 450.852809][ T9202] usb 6-1: Product: syz [ 450.857913][ T9202] usb 6-1: Manufacturer: syz [ 450.894519][ T9202] usb 6-1: SerialNumber: syz [ 450.925857][ T9202] usb 6-1: config 0 descriptor?? [ 450.955124][ T9202] gspca_main: sq905c-2.14.0 probing 2770:9052 [ 451.081885][T14944] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4645'. [ 451.136476][T14947] netlink: 'syz.0.4647': attribute type 21 has an invalid length. [ 451.171888][T14947] IPv6: NLM_F_CREATE should be specified when creating new route [ 451.240740][T14950] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4648'. [ 451.361021][T14952] netlink: 'syz.2.4649': attribute type 5 has an invalid length. [ 451.395564][ T9202] gspca_sq905c: sq905c_read: usb_control_msg failed (-71) [ 451.409612][ T9202] sq905c 6-1:0.0: Reading version command failed [ 451.418146][ T9202] sq905c: probe of 6-1:0.0 failed with error -71 [ 451.449050][T14955] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4650'. [ 451.472022][ T9202] usb 6-1: USB disconnect, device number 14 [ 451.924237][T14974] loop0: detected capacity change from 0 to 64 [ 452.000498][T14974] hfs: request for non-existent node -117440513 in B*Tree [ 452.023019][T14977] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4662'. [ 452.048663][T14974] hfs: request for non-existent node -117440513 in B*Tree [ 452.165637][T14982] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 452.336181][T14984] loop2: detected capacity change from 0 to 8 [ 452.694316][T14990] loop4: detected capacity change from 0 to 8192 [ 452.733543][T14990] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 452.751941][T14990] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 452.792764][T14990] REISERFS (device loop4): using ordered data mode [ 452.799654][T14990] reiserfs: using flush barriers [ 452.863362][T15003] sctp: [Deprecated]: syz.0.4673 (pid 15003) Use of struct sctp_assoc_value in delayed_ack socket option. [ 452.863362][T15003] Use struct sctp_sack_info instead [ 452.930612][T14990] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 452.972252][T14990] REISERFS (device loop4): checking transaction log (loop4) [ 453.057634][T14990] REISERFS (device loop4): Using r5 hash to sort names [ 453.129142][T14990] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 453.514766][T15019] xt_hashlimit: overflow, try lower: 5/0 [ 453.727751][T15021] loop2: detected capacity change from 0 to 4096 [ 453.808375][T15021] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 453.866085][ T26] audit: type=1326 audit(453.810:1669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15026 comm="syz.0.4687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49dc58ebe9 code=0x7ffc0000 [ 453.886044][T15021] ntfs3: loop2: Failed to load $Extend. [ 453.962783][ T26] audit: type=1326 audit(453.850:1670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15026 comm="syz.0.4687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7f49dc58ebe9 code=0x7ffc0000 [ 453.998285][T15029] kAFS: Can only specify source 'none' with -o dyn [ 454.053167][ T26] audit: type=1326 audit(453.850:1671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15026 comm="syz.0.4687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49dc58ebe9 code=0x7ffc0000 [ 454.157213][ T26] audit: type=1326 audit(453.850:1672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15026 comm="syz.0.4687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49dc58ebe9 code=0x7ffc0000 [ 454.337924][T15039] xt_hashlimit: max too large, truncated to 1048576 [ 454.551249][T15047] netlink: 'syz.1.4695': attribute type 5 has an invalid length. [ 454.587226][T15047] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4695'. [ 454.979989][T15063] netlink: 'syz.5.4704': attribute type 30 has an invalid length. [ 455.642195][ C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 455.664535][T15089] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=on. [ 455.707982][T15089] overlayfs: overlapping lowerdir path [ 456.085698][T15094] loop4: detected capacity change from 0 to 4096 [ 456.147716][T15094] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 456.329115][T15094] ntfs3: loop4: failed to convert "c46c" to iso8859-3 [ 456.348588][T15104] loop5: detected capacity change from 0 to 256 [ 456.352555][T15107] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 456.384278][T15104] exfat: Deprecated parameter 'namecase' [ 456.429413][T15104] exfat: Deprecated parameter 'namecase' [ 456.498315][T15104] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 457.175715][T15096] loop1: detected capacity change from 0 to 32768 [ 457.222702][T15096] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop1 scanned by syz.1.4719 (15096) [ 457.336764][T15096] BTRFS info (device loop1): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 457.412887][T15096] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 457.432960][T15096] BTRFS info (device loop1): enabling ssd optimizations [ 457.439994][T15096] BTRFS info (device loop1): not using ssd optimizations [ 457.455805][T15096] BTRFS info (device loop1): turning off barriers [ 457.511071][T15096] BTRFS info (device loop1): using free space tree [ 458.037192][ T4264] BTRFS info (device loop1): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 458.343340][T15179] loop0: detected capacity change from 0 to 64 [ 458.901848][T15192] loop4: detected capacity change from 0 to 64 [ 458.961494][T15196] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4754'. [ 459.033715][ T5147] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 459.214041][T15201] loop1: detected capacity change from 0 to 8 [ 459.233434][ T5147] usb 6-1: Using ep0 maxpacket: 8 [ 459.251080][ T5147] usb 6-1: config 2 has an invalid interface number: 31 but max is 0 [ 459.281516][ T5147] usb 6-1: config 2 has no interface number 0 [ 459.295989][ T5147] usb 6-1: config 2 interface 31 has no altsetting 0 [ 459.310991][ T5147] usb 6-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f [ 459.338292][ T5147] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 459.363906][ T5147] usb 6-1: Product: syz [ 459.376553][ T5147] usb 6-1: Manufacturer: syz [ 459.407142][ T5147] usb 6-1: SerialNumber: syz [ 459.438578][T15204] loop2: detected capacity change from 0 to 8192 [ 459.478790][T15204] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 459.551800][T15204] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 459.571955][ T4366] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 459.594448][T15204] REISERFS (device loop2): using ordered data mode [ 459.603309][T15204] reiserfs: using flush barriers [ 459.613513][T15204] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 459.632455][T15204] REISERFS (device loop2): checking transaction log (loop2) [ 459.660431][T15204] REISERFS (device loop2): Using r5 hash to sort names [ 459.706927][T15204] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 459.787498][ T4366] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 459.809265][ T4366] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 459.830091][ T4366] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 459.858820][ T4366] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 459.918483][ T4366] usb 5-1: config 0 descriptor?? [ 460.009973][T15218] loop1: detected capacity change from 0 to 1024 [ 460.086867][ T5147] ch9200: probe of 6-1:2.31 failed with error -22 [ 460.115474][ T5147] usb 6-1: USB disconnect, device number 15 [ 460.305789][T15225] loop0: detected capacity change from 0 to 512 [ 460.423811][T15225] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.4769: casefold flag without casefold feature [ 460.502256][T15229] loop1: detected capacity change from 0 to 1024 [ 460.533134][T15225] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.4769: couldn't read orphan inode 15 (err -117) [ 460.539706][ T4366] hid-led: probe of 0003:27B8:01ED.0001 failed with error -71 [ 460.545801][T15225] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 460.579314][T15229] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 460.617812][ T4366] usb 5-1: USB disconnect, device number 17 [ 460.620908][T15225] EXT4-fs error (device loop0): ext4_empty_dir:3136: inode #2: comm syz.0.4769: invalid size [ 460.730936][T15229] EXT4-fs error (device loop1): ext4_xattr_ibody_get:603: inode #2: comm syz.1.4770: corrupted in-inode xattr [ 460.820331][T15239] loop2: detected capacity change from 0 to 16 [ 460.862583][T15239] erofs: (device loop2): mounted with root inode @ nid 36. [ 460.880423][ T4275] EXT4-fs (loop0): unmounting filesystem. [ 460.891831][ T4264] EXT4-fs (loop1): unmounting filesystem. [ 460.934116][ T26] audit: type=1800 audit(460.880:1673): pid=15239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4774" name="file1" dev="loop2" ino=86 res=0 errno=0 [ 461.682028][ T5147] usb 3-1: new full-speed USB device number 16 using dummy_hcd [ 461.786174][T15270] Zero length message leads to an empty skb [ 461.798775][T15268] IPVS: Error connecting to the multicast addr [ 461.879916][ T5147] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 461.908643][ T5147] usb 3-1: config 0 has no interface number 0 [ 461.944989][ T5147] usb 3-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 461.985874][ T5147] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 462.023299][ T5147] usb 3-1: config 0 descriptor?? [ 462.029523][T15276] loop0: detected capacity change from 0 to 256 [ 462.058735][ T5147] usb 3-1: selecting invalid altsetting 1 [ 462.091528][T15276] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 462.099723][ T5147] dvb_ttusb_budget: ttusb_init_controller: error [ 462.124498][ T5147] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 462.135284][T15276] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 462.175445][T15276] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 462.288973][T15276] exFAT-fs (loop0): hint_cluster is invalid (17) [ 462.297515][T15281] loop5: detected capacity change from 0 to 2048 [ 462.376208][T15281] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 462.465314][ T5147] DVB: Unable to find symbol cx22700_attach() [ 462.573548][ T8137] EXT4-fs (loop5): unmounting filesystem. [ 462.579957][ T5147] DVB: Unable to find symbol tda10046_attach() [ 462.591747][ T5147] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 462.614875][ T5147] usb 3-1: USB disconnect, device number 16 [ 462.991124][T15297] tipc: Enabling of bearer rejected, failed to enable media [ 463.097587][T15304] loop4: detected capacity change from 0 to 256 [ 463.150489][T15304] FAT-fs (loop4): Directory bread(block 1285) failed [ 463.197099][T15304] FAT-fs (loop4): Directory bread(block 1285) failed [ 463.304725][T15310] loop5: detected capacity change from 0 to 1024 [ 463.366197][T15310] hfsplus: bad catalog entry type [ 463.516913][T14687] hfsplus: b-tree write err: -5, ino 4 [ 463.561702][ T5147] usb 3-1: new low-speed USB device number 17 using dummy_hcd [ 463.694385][T15322] bond0: option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 463.737357][T15316] loop4: detected capacity change from 0 to 8192 [ 463.745529][T15321] loop5: detected capacity change from 0 to 2048 [ 463.763960][ T5147] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 463.773772][ T5147] usb 3-1: config 179 has no interface number 0 [ 463.780229][ T5147] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10 [ 463.821834][T15321] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 463.838778][T15316] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 463.861999][ T5147] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 8 [ 463.862690][T15316] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 463.881778][ T5147] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 463.897459][ T5147] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 45824, setting to 8 [ 463.909619][ T5147] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 463.923241][ T5147] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 463.933809][ T5147] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 463.946839][T15309] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 463.969037][T15309] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 464.013481][T15316] REISERFS (device loop4): using ordered data mode [ 464.020325][T15316] reiserfs: using flush barriers [ 464.052256][T15327] netlink: 'syz.0.4814': attribute type 2 has an invalid length. [ 464.148247][T15316] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 7, max trans age 7 [ 464.172661][ T8137] EXT4-fs (loop5): unmounting filesystem. [ 464.192501][T15330] loop1: detected capacity change from 0 to 128 [ 464.313332][T15316] REISERFS (device loop4): checking transaction log (loop4) [ 464.350590][ T4308] usb 3-1: USB disconnect, device number 17 [ 464.350614][ C0] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 464.365163][ C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 464.400903][T15316] REISERFS (device loop4): Using r5 hash to sort names [ 464.412347][T15316] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 464.479610][T15316] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 464.871743][ T5147] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 464.988483][T15350] loop4: detected capacity change from 0 to 64 [ 465.075192][ T5147] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1025, setting to 1024 [ 465.114876][ T5147] usb 1-1: New USB device found, idVendor=5543, idProduct=0064, bcdDevice= 0.00 [ 465.144314][ T5147] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 465.227412][ T5147] usb 1-1: config 0 descriptor?? [ 465.249828][T15338] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 465.546384][T15368] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 465.694251][ T26] audit: type=1326 audit(465.640:1674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15369 comm="syz.5.4834" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdb73d8ebe9 code=0x0 [ 465.724995][ T5147] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 465.740604][ T5147] uclogic 0003:5543:0064.0002: item fetching failed at offset 3/5 [ 465.753584][ T5147] uclogic 0003:5543:0064.0002: parse failed [ 465.759637][ T5147] uclogic: probe of 0003:5543:0064.0002 failed with error -22 [ 465.869664][T15379] 9p: Unknown access argument 18446744073709551615: -34 [ 465.874260][T15378] IPVS: Error connecting to the multicast addr [ 465.919652][ T4308] usb 1-1: USB disconnect, device number 20 [ 465.940534][T15377] loop1: detected capacity change from 0 to 2048 [ 466.007946][T15377] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 466.053333][T15383] netlink: 'syz.2.4839': attribute type 2 has an invalid length. [ 466.081892][T15383] netlink: 'syz.2.4839': attribute type 1 has an invalid length. [ 466.090017][T15383] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.4839'. [ 466.185817][T15384] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set [ 466.327688][ T4264] EXT4-fs (loop1): unmounting filesystem. [ 466.357376][T15395] syz.4.4845 uses obsolete (PF_INET,SOCK_PACKET) [ 466.612488][T15402] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4847'. [ 466.679371][T15406] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4849'. [ 466.909488][T15415] loop1: detected capacity change from 0 to 164 [ 467.145115][T15425] loop5: detected capacity change from 0 to 256 [ 467.239473][T15425] FAT-fs (loop5): Directory bread(block 64) failed [ 467.262133][T15425] FAT-fs (loop5): Directory bread(block 65) failed [ 467.278078][T15425] FAT-fs (loop5): Directory bread(block 66) failed [ 467.301773][T15425] FAT-fs (loop5): Directory bread(block 67) failed [ 467.308668][T15425] FAT-fs (loop5): Directory bread(block 68) failed [ 467.325464][T15425] FAT-fs (loop5): Directory bread(block 69) failed [ 467.343506][T15425] FAT-fs (loop5): Directory bread(block 70) failed [ 467.361785][T15425] FAT-fs (loop5): Directory bread(block 71) failed [ 467.368502][T15425] FAT-fs (loop5): Directory bread(block 72) failed [ 467.415702][ T4925] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 467.429438][T15425] FAT-fs (loop5): Directory bread(block 73) failed [ 467.632652][ T4925] usb 1-1: Using ep0 maxpacket: 8 [ 467.660609][ T4925] usb 1-1: config index 0 descriptor too short (expected 30, got 18) [ 467.699970][ T4925] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 467.719589][ T4925] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 467.754690][ T4925] usb 1-1: Product: syz [ 467.759330][ T4925] usb 1-1: Manufacturer: syz [ 467.772113][ T4925] usb 1-1: SerialNumber: syz [ 467.800031][ T4925] usb 1-1: config 0 descriptor?? [ 467.826203][ T4925] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 467.870863][T15445] loop5: detected capacity change from 0 to 256 [ 467.889770][ T4925] usb 1-1: setting power ON [ 467.900428][ T4925] dvb-usb: bulk message failed: -22 (2/0) [ 467.953508][ T4925] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 467.991071][ T4925] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 468.001323][T15445] FAT-fs (loop5): Directory bread(block 64) failed [ 468.001536][T15449] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4867'. [ 468.010976][T15445] FAT-fs (loop5): Directory bread(block 65) failed [ 468.037750][T15424] dvb-usb: bulk message failed: -22 (3/0) [ 468.062348][ T4925] usb 1-1: media controller created [ 468.072567][T15424] cxusb: i2c rd: len=80 is too big! [ 468.072567][T15424] [ 468.088656][T15445] FAT-fs (loop5): Directory bread(block 66) failed [ 468.127548][T15445] FAT-fs (loop5): Directory bread(block 67) failed [ 468.139328][ T4925] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 468.153809][T15445] FAT-fs (loop5): Directory bread(block 68) failed [ 468.172276][T15445] FAT-fs (loop5): Directory bread(block 69) failed [ 468.179075][T15445] FAT-fs (loop5): Directory bread(block 70) failed [ 468.207881][ T4925] usb 1-1: selecting invalid altsetting 6 [ 468.221162][T15453] loop4: detected capacity change from 0 to 256 [ 468.231664][T15445] FAT-fs (loop5): Directory bread(block 71) failed [ 468.248871][ T4925] usb 1-1: digital interface selection failed (-22) [ 468.256369][ T4925] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 468.263209][T15453] exfat: Deprecated parameter 'namecase' [ 468.285393][T15445] FAT-fs (loop5): Directory bread(block 72) failed [ 468.301725][T15445] FAT-fs (loop5): Directory bread(block 73) failed [ 468.328278][T15455] Bluetooth: MGMT ver 1.22 [ 468.333741][ T4925] usb 1-1: setting power OFF [ 468.334294][ T4925] dvb-usb: bulk message failed: -22 (2/0) [ 468.334387][ T4925] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 468.334402][ T4925] (NULL device *): no alternate interface [ 468.393548][T15453] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 468.447604][ T4925] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 468.520716][ T4925] usb 1-1: USB disconnect, device number 21 [ 468.726225][T15460] netlink: 'syz.2.4875': attribute type 29 has an invalid length. [ 468.773714][T15460] netlink: 'syz.2.4875': attribute type 29 has an invalid length. [ 468.830076][T15462] netlink: 'syz.2.4875': attribute type 29 has an invalid length. [ 469.104430][T15474] loop4: detected capacity change from 0 to 512 [ 469.146443][T15474] EXT4-fs: Ignoring removed nobh option [ 469.184555][ T5147] usb 6-1: new low-speed USB device number 16 using dummy_hcd [ 469.245702][T15474] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 469.383397][ T5147] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 469.402016][ T5147] usb 6-1: config 179 has no interface number 0 [ 469.408496][ T5147] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10 [ 469.450554][ T5147] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 8 [ 469.494950][ T5147] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 469.537488][ T5147] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 45824, setting to 8 [ 469.591674][ T5147] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 469.616504][T15489] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4887'. [ 469.641837][ T5147] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 469.681643][ T5147] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 469.696154][ T4274] EXT4-fs (loop4): unmounting filesystem. [ 469.703718][T15467] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 469.711077][T15467] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 469.750141][T15491] loop0: detected capacity change from 0 to 1024 [ 469.978801][T15495] loop4: detected capacity change from 0 to 256 [ 470.055774][T15495] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 470.074355][ T9] hfsplus: b-tree write err: -5, ino 4 [ 470.151722][T15495] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 470.175982][T15482] loop1: detected capacity change from 0 to 32768 [ 470.230764][ T4925] usb 6-1: USB disconnect, device number 16 [ 470.230769][ C0] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 470.230809][ C0] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 470.265334][T15495] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 470.354989][T15495] exFAT-fs (loop4): hint_cluster is invalid (17) [ 470.675268][T15509] smc: ib device syz1 ibport 1 applied user defined pnetid SYZ0 [ 470.910073][T15515] loop4: detected capacity change from 0 to 1024 [ 470.959230][T15517] netlink: 'syz.5.4900': attribute type 30 has an invalid length. [ 470.985071][T15515] hfsplus: bad catalog entry type [ 471.011925][ T5147] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 471.122510][T14687] hfsplus: b-tree write err: -5, ino 4 [ 471.211949][ T5147] usb 2-1: Using ep0 maxpacket: 16 [ 471.232593][ T5147] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 471.264619][ T5147] usb 2-1: config 0 has no interface number 0 [ 471.307674][ T5147] usb 2-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 471.336539][ T5147] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 471.368080][ T5147] usb 2-1: Product: syz [ 471.372483][ T5147] usb 2-1: Manufacturer: syz [ 471.380964][ T5147] usb 2-1: SerialNumber: syz [ 471.405723][T15527] loop2: detected capacity change from 0 to 1024 [ 471.416470][ T5147] usb 2-1: config 0 descriptor?? [ 471.448745][ T5147] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 471.473409][T15527] hfsplus: bad catalog entry type [ 471.571884][ T4354] hfsplus: b-tree write err: -5, ino 4 [ 472.051992][ T5147] gspca_spca1528: reg_w err -71 [ 472.081798][ T5147] spca1528: probe of 2-1:0.1 failed with error -71 [ 472.111439][ T5147] usb 2-1: USB disconnect, device number 15 [ 472.471821][ T4366] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 472.671698][ T4366] usb 3-1: Using ep0 maxpacket: 8 [ 472.678880][ T4366] usb 3-1: config index 0 descriptor too short (expected 30, got 18) [ 472.716582][ T4366] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 472.745184][ T4925] kernel write not supported for file /uhid (pid: 4925 comm: kworker/1:11) [ 472.746304][ T4366] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 472.796935][ T4366] usb 3-1: Product: syz [ 472.801183][ T4366] usb 3-1: Manufacturer: syz [ 472.820059][ T4366] usb 3-1: SerialNumber: syz [ 472.844167][T15569] tipc: Started in network mode [ 472.850284][ T4366] usb 3-1: config 0 descriptor?? [ 472.859907][T15569] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 472.893934][ T4366] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 472.921798][ T4366] usb 3-1: setting power ON [ 472.926570][T15569] tipc: Enabled bearer , priority 10 [ 472.939411][ T4366] dvb-usb: bulk message failed: -22 (2/0) [ 472.963893][ T4366] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 473.000825][ T4366] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 473.047242][ T4366] usb 3-1: media controller created [ 473.084022][T15551] dvb-usb: bulk message failed: -22 (3/0) [ 473.089841][T15551] cxusb: i2c rd: len=80 is too big! [ 473.089841][T15551] [ 473.148079][ T4366] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 473.224045][ T4366] usb 3-1: selecting invalid altsetting 6 [ 473.250402][ T4366] usb 3-1: digital interface selection failed (-22) [ 473.266400][ T4366] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 473.311210][ T4366] usb 3-1: setting power OFF [ 473.317377][T15584] netlink: 'syz.1.4932': attribute type 46 has an invalid length. [ 473.321310][ T4366] dvb-usb: bulk message failed: -22 (2/0) [ 473.348980][ T4366] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 473.369838][ T4366] (NULL device *): no alternate interface [ 473.462222][ T4366] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 473.518852][ T4366] usb 3-1: USB disconnect, device number 18 [ 473.681743][T15592] loop0: detected capacity change from 0 to 4096 [ 473.718748][T15596] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 474.023528][ T4925] tipc: Node number set to 4269801488 [ 474.030145][T15600] loop4: detected capacity change from 0 to 8192 [ 474.066624][T15600] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 474.081816][T15600] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 474.123600][T15600] REISERFS (device loop4): using ordered data mode [ 474.131435][T15600] reiserfs: using flush barriers [ 474.161661][T15600] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 474.180775][T15600] REISERFS (device loop4): checking transaction log (loop4) [ 474.193500][T15600] REISERFS (device loop4): Using r5 hash to sort names [ 474.206664][T15600] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 474.227127][T15600] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 474.288636][T15600] [ 474.291124][T15600] ====================================================== [ 474.298264][T15600] WARNING: possible circular locking dependency detected [ 474.305421][T15600] syzkaller #0 Not tainted [ 474.309885][T15600] ------------------------------------------------------ [ 474.316957][T15600] syz.4.4939/15600 is trying to acquire lock: [ 474.323495][T15600] ffff888074fa3090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x75/0xd0 [ 474.333125][T15600] [ 474.333125][T15600] but task is already holding lock: [ 474.340527][T15600] ffff8880687f16c0 (&type->i_mutex_dir_key#24/3){+.+.}-{3:3}, at: open_xa_dir+0x11e/0x6f0 [ 474.350893][T15600] [ 474.350893][T15600] which lock already depends on the new lock. [ 474.350893][T15600] [ 474.361408][T15600] [ 474.361408][T15600] the existing dependency chain (in reverse order) is: [ 474.370524][T15600] [ 474.370524][T15600] -> #1 (&type->i_mutex_dir_key#24/3){+.+.}-{3:3}: [ 474.379362][T15600] down_write_nested+0x39/0x60 [ 474.384774][T15600] open_xa_dir+0x11e/0x6f0 [ 474.390014][T15600] reiserfs_for_each_xattr+0x174/0x7b0 [ 474.396127][T15600] reiserfs_delete_xattrs+0x1c/0x80 [ 474.402067][T15600] reiserfs_evict_inode+0x221/0x490 [ 474.408092][T15600] evict+0x485/0x870 [ 474.413603][T15600] reiserfs_new_inode+0x5c8/0x1860 [ 474.419435][T15600] reiserfs_symlink+0x4cf/0x770 [ 474.425530][T15600] vfs_symlink+0x247/0x3d0 [ 474.430939][T15600] do_symlinkat+0x1ae/0x3f0 [ 474.436561][T15600] __x64_sys_symlink+0x7a/0x90 [ 474.441964][T15600] do_syscall_64+0x4c/0xa0 [ 474.447115][T15600] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 474.454125][T15600] [ 474.454125][T15600] -> #0 (&sbi->lock){+.+.}-{3:3}: [ 474.463058][T15600] __lock_acquire+0x2cf8/0x7c50 [ 474.469631][T15600] lock_acquire+0x1b4/0x490 [ 474.475175][T15600] __mutex_lock+0x120/0xaf0 [ 474.480702][T15600] reiserfs_write_lock+0x75/0xd0 [ 474.487252][T15600] reiserfs_mkdir+0x30c/0x970 [ 474.493633][T15600] open_xa_dir+0x316/0x6f0 [ 474.498988][T15600] xattr_lookup+0x22/0x2a0 [ 474.504445][T15600] reiserfs_xattr_set_handle+0xf3/0xca0 [ 474.510792][T15600] __reiserfs_set_acl+0x4ec/0x680 [ 474.516611][T15600] reiserfs_set_acl+0x447/0x5f0 [ 474.522234][T15600] posix_acl_xattr_set+0x387/0x3f0 [ 474.528448][T15600] __vfs_setxattr+0x3e0/0x420 [ 474.534320][T15600] __vfs_setxattr_noperm+0x129/0x5e0 [ 474.540613][T15600] vfs_setxattr+0x168/0x2f0 [ 474.545696][T15600] setxattr+0x2b2/0x2d0 [ 474.550408][T15600] __se_sys_fsetxattr+0x15e/0x1d0 [ 474.555971][T15600] do_syscall_64+0x4c/0xa0 [ 474.560937][T15600] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 474.567571][T15600] [ 474.567571][T15600] other info that might help us debug this: [ 474.567571][T15600] [ 474.578089][T15600] Possible unsafe locking scenario: [ 474.578089][T15600] [ 474.585917][T15600] CPU0 CPU1 [ 474.591298][T15600] ---- ---- [ 474.597695][T15600] lock(&type->i_mutex_dir_key#24/3); [ 474.603386][T15600] lock(&sbi->lock); [ 474.609902][T15600] lock(&type->i_mutex_dir_key#24/3); [ 474.618400][T15600] lock(&sbi->lock); [ 474.622394][T15600] [ 474.622394][T15600] *** DEADLOCK *** [ 474.622394][T15600] [ 474.630551][T15600] 3 locks held by syz.4.4939/15600: [ 474.635793][T15600] #0: ffff8880490f4460 (sb_writers#34){.+.+}-{0:0}, at: mnt_want_write_file+0x5c/0x200 [ 474.645589][T15600] #1: ffff8880687f1d60 (&type->i_mutex_dir_key#24){+.+.}-{3:3}, at: vfs_setxattr+0x141/0x2f0 [ 474.656161][T15600] #2: ffff8880687f16c0 (&type->i_mutex_dir_key#24/3){+.+.}-{3:3}, at: open_xa_dir+0x11e/0x6f0 [ 474.666767][T15600] [ 474.666767][T15600] stack backtrace: [ 474.673304][T15600] CPU: 0 PID: 15600 Comm: syz.4.4939 Not tainted syzkaller #0 [ 474.681535][T15600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 474.691991][T15600] Call Trace: [ 474.695299][T15600] [ 474.698243][T15600] dump_stack_lvl+0x168/0x22e [ 474.703156][T15600] ? load_image+0x3b0/0x3b0 [ 474.707893][T15600] ? show_regs_print_info+0x12/0x12 [ 474.713116][T15600] ? print_circular_bug+0x12b/0x1a0 [ 474.718370][T15600] check_noncircular+0x274/0x310 [ 474.723590][T15600] ? add_chain_block+0x940/0x940 [ 474.728655][T15600] ? lockdep_lock+0xdc/0x1e0 [ 474.733479][T15600] ? _find_first_zero_bit+0xcf/0x100 [ 474.738985][T15600] __lock_acquire+0x2cf8/0x7c50 [ 474.743867][T15600] ? stack_trace_snprint+0xf0/0xf0 [ 474.749020][T15600] ? add_lock_to_list+0x191/0x280 [ 474.754072][T15600] ? verify_lock_unused+0x140/0x140 [ 474.759329][T15600] ? __lock_acquire+0x28b5/0x7c50 [ 474.764471][T15600] lock_acquire+0x1b4/0x490 [ 474.769090][T15600] ? reiserfs_write_lock+0x75/0xd0 [ 474.774407][T15600] ? __might_sleep+0xd0/0xd0 [ 474.779122][T15600] ? read_lock_is_recursive+0x10/0x10 [ 474.784827][T15600] __mutex_lock+0x120/0xaf0 [ 474.789987][T15600] ? reiserfs_write_lock+0x75/0xd0 [ 474.795214][T15600] ? memset+0x1e/0x40 [ 474.799304][T15600] ? reiserfs_write_lock+0x75/0xd0 [ 474.804644][T15600] ? mutex_lock_nested+0x10/0x10 [ 474.809615][T15600] ? __rwlock_init+0x140/0x140 [ 474.814518][T15600] ? dquot_initialize+0x20/0x20 [ 474.819574][T15600] ? memset+0x1e/0x40 [ 474.823584][T15600] reiserfs_write_lock+0x75/0xd0 [ 474.828628][T15600] reiserfs_mkdir+0x30c/0x970 [ 474.833414][T15600] ? reiserfs_symlink+0x770/0x770 [ 474.838458][T15600] ? __rwlock_init+0x140/0x140 [ 474.843240][T15600] ? stack_trace_save+0x98/0xe0 [ 474.848397][T15600] ? do_raw_spin_unlock+0x11d/0x230 [ 474.853695][T15600] open_xa_dir+0x316/0x6f0 [ 474.858307][T15600] ? listxattr_filler+0x3f0/0x3f0 [ 474.863480][T15600] ? posix_acl_xattr_set+0x387/0x3f0 [ 474.868855][T15600] ? __vfs_setxattr+0x3e0/0x420 [ 474.873735][T15600] ? __vfs_setxattr_noperm+0x129/0x5e0 [ 474.879250][T15600] ? vfs_setxattr+0x168/0x2f0 [ 474.884312][T15600] ? setxattr+0x2b2/0x2d0 [ 474.888780][T15600] ? __se_sys_fsetxattr+0x15e/0x1d0 [ 474.894050][T15600] ? do_syscall_64+0x4c/0xa0 [ 474.899128][T15600] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 474.905253][T15600] xattr_lookup+0x22/0x2a0 [ 474.909711][T15600] ? reiserfs_xattr_set_handle+0xc4/0xca0 [ 474.915639][T15600] reiserfs_xattr_set_handle+0xf3/0xca0 [ 474.921212][T15600] ? chown_one_xattr+0x90/0x90 [ 474.925995][T15600] ? from_kuid+0x155/0x670 [ 474.930586][T15600] ? make_kuid+0x640/0x640 [ 474.935272][T15600] ? __reiserfs_set_acl+0x165/0x680 [ 474.941400][T15600] ? rcu_is_watching+0x11/0xa0 [ 474.946325][T15600] ? __reiserfs_set_acl+0x165/0x680 [ 474.953675][T15600] ? __kmalloc+0xe1/0x240 [ 474.959220][T15600] ? mutex_unlock+0x10/0x10 [ 474.964296][T15600] __reiserfs_set_acl+0x4ec/0x680 [ 474.969727][T15600] reiserfs_set_acl+0x447/0x5f0 [ 474.974816][T15600] ? security_set+0xc0/0xc0 [ 474.979392][T15600] ? from_kuid+0x155/0x670 [ 474.983933][T15600] ? bpf_lsm_capable+0x5/0x10 [ 474.989009][T15600] ? posix_acl_valid+0x320/0x3a0 [ 474.994882][T15600] posix_acl_xattr_set+0x387/0x3f0 [ 475.000872][T15600] ? posix_acl_xattr_get+0x550/0x550 [ 475.006642][T15600] __vfs_setxattr+0x3e0/0x420 [ 475.011919][T15600] __vfs_setxattr_noperm+0x129/0x5e0 [ 475.017532][T15600] vfs_setxattr+0x168/0x2f0 [ 475.022281][T15600] ? xattr_permission+0x500/0x500 [ 475.027609][T15600] ? _copy_from_user+0x10b/0x170 [ 475.032763][T15600] ? setxattr+0x243/0x2d0 [ 475.037207][T15600] setxattr+0x2b2/0x2d0 [ 475.041408][T15600] ? path_setxattr+0x280/0x280 [ 475.046336][T15600] ? __mnt_want_write+0x21f/0x2a0 [ 475.051562][T15600] ? mnt_want_write_file+0x16e/0x200 [ 475.056876][T15600] __se_sys_fsetxattr+0x15e/0x1d0 [ 475.061961][T15600] do_syscall_64+0x4c/0xa0 [ 475.066479][T15600] ? clear_bhb_loop+0x60/0xb0 [ 475.071171][T15600] ? clear_bhb_loop+0x60/0xb0 [ 475.075864][T15600] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 475.081887][T15600] RIP: 0033:0x7fa15578ebe9 [ 475.086337][T15600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 475.106133][T15600] RSP: 002b:00007fa15658b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be [ 475.114577][T15600] RAX: ffffffffffffffda RBX: 00007fa1559c5fa0 RCX: 00007fa15578ebe9 [ 475.122569][T15600] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 0000000000000004 [ 475.130834][T15600] RBP: 00007fa155811e19 R08: 0000000000000001 R09: 0000000000000000 [ 475.139078][T15600] R10: 000000000000002c R11: 0000000000000246 R12: 0000000000000000 [ 475.147175][T15600] R13: 00007fa1559c6038 R14: 00007fa1559c5fa0 R15: 00007ffdb5b32738 [ 475.155281][T15600] [ 475.191777][T15600] REISERFS warning (device loop4): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 475.246413][T15600] REISERFS warning (device loop4): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 475.294222][T15600] REISERFS warning (device loop4): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 475.309449][T15600] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)