last executing test programs: 1.828240989s ago: executing program 1 (id=5443): r0 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_gstrings={0x1b, 0x1}}) 1.7034943s ago: executing program 1 (id=5446): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100003020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x18000000000002a0, 0x36, 0x0, &(0x7f0000000500)="b9e203076008008c029e08f086dd14d6c220de52715bde6b9b50901487a2121679c49bd30fcd83e7ad55c44b6fc03a3fd6c86baf6709", 0x0, 0xfffffdff, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.444681271s ago: executing program 2 (id=5454): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r0, 0x0, 0x0) 1.305265052s ago: executing program 2 (id=5456): r0 = socket$inet6(0xa, 0x2, 0x3a) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0xfffffffc, @local, 0x8004}, 0x1c) 1.235644762s ago: executing program 2 (id=5458): r0 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x2) ioctl$LOOP_GET_STATUS64(r0, 0x4c05, 0x0) 1.172952423s ago: executing program 2 (id=5461): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x8040, &(0x7f0000000780)=ANY=[@ANYBLOB="747970653dc3a0c6f22c666f7263652c756d61736b3d30303030303030303030303030303030303030373237312c6e6f6465636f6d706f73652c6e6f626172726965722c6e6f626172726965722c6e6c733d63703836312c0000428788e0069f938c36913062a7f486408e18d7381bf36e6783d30f5fdb1614c96a2d2a6cc454a8ffc4f58beaf04bebcda9beea37feb3cca076bf02c7da5c0f790bc290aac6f2045ecb5d40662d0be11bf0a0a83a7a1fcd01f68e9bee62f4d19530ca7ecdc623a4399b73ffd319337077165cba9828f9c61b644a009ba739b18a05e531e43ad041548e38e509f94d2180828c9407faedd2afd65f18b5befbf9d0efd9c1a2ca1da1e7d174cc08fe1c163e17994c07"], 0x44, 0x703, &(0x7f0000000c00)="$eJzs3U9sHGcZB+DfrNdrbyq5bpu0BSHFaqQIGkjsmJIgIREqhHKoUCQuvZrEaaw4aWW7KIkQcYHCEU6ohx6KUDj0hHpAKuKAKGckJK4o90jcIw4smtlZZ72213Zjx0l4Hml2vpn5/rzzZmZ2djbWBvi/df7NjK6myPkTb9wol+/emV28e2f2Wq+cZCxJI2l2ZymuJ8Vnybl0p3yhXFl3V2w1zmv3Pv3w+Acfz3aXmvVU1W8Ma/dAZ8gIq/WUqSQj9XyXmlv1dzGvb+jv9q66LtbiLhN2rJc4OGidDVZ303wH5y3wuLudjIxusn4yOZRkvL4PSH11aDzi8Pbcrq5yAAAA8Hga2a7Cs/dzPzcy8WjCAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKdD0f3NwKKeGr3yVIre7/+36nWlVuuA4x3uq9tsf//yIwoEAAAAAAAAAPbFJ/UX90fv535uZKK3vlNU3/m/Ui0crl6fybtZznyWcjI3MpeVrGQpM8noRF+HrRtzKytLMxtb/iZly06nc7tueTrJ5IaWp7cItLHHOw4AAAAAAAAAT6ef5nwmDjoIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVyQj3Vk1He6VJ9NoJhlP0irrrSZ/7pWfZH856AAAAABg/7Xr+UTx326hU1Sf+V+sPveP591cz0oWspLFzOdS9Syg+6m/8Y/V2cW7d2avldPGjr/z713FUfWYZCTvbTHydFXjyFqL8/lefpATmcqFLGUhP8pcVjKfqbTLnchciky2u08vJntxbh7vuXVLFwZjOzqw/HIVSTuXs1DFdjIXW+k+Nqn2oRzz5b7R/thKBkZ8r8xO8e3aDnN0qe/f69f1c5la59kd9rE/Jqs9H13LyHSZ+zobzw3P/S6Pk8GRZtJYewZ1eG2UoplkcKRezn+4m5wf6s7Gy5dfrM/5Xtvlo7TBTJxOoz76khf78p3Nov7KP/964Urj+tUrl5dP7OMuPYyp7SqM9gqDmZjty8RLw4++OhOLZSZWd56J0cEV4zttub9adTaqS9EOr5bfrUpzeaXvEHw7lzKfM5nOTM5mOt/M6cyuHWHldGRdXpuz19bnpDrXGhuvb+0hwR/7cl+lX25T+dEq8/JcX177r3ST1bZ6zblfZbrv6Ht++NG363eBcvwv1uVyjJ+tveM8DtZlor4296J7YXgmftspX5cXr19dujL3zg7HO17Py9P2/fVXud/tPOrBd/e9UB4vzydpVktVTtq946Xc9sJatOvz1aq/cem2a2zYdmRt22QmspDvb3mmtup7uI09dbe91L/tXw+unK36/qa3bd1dTt7OYnUXMmDbSzUA+2/dXdOhVw+12vfaf29/1P55+0r7jfHXx86OfamV0b81/zTyh8bvG98qXs1H+UkmDi5gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4eizfvHV1bnFxfmmtkPHBNQ9baG051vBCGtvWufPMzjrMZDJ8rKIutPZ235/EQjsDa3q/sPSwPX+SZEid1rb9NLcZotjyGBt76ODrQpmHPclzp9NNarWmM7KL5s1eq83rNLM8nqtzRXOTM27swVmQyatzi//prGveTt8pAzzlTq1ce+fU8s1bX1u4NvfW/Fvz10+fPXP2zOw3Zr5+6vLC4vx09/WgowT2w/LNWyObrN7wS7cAAAAAAAAAAADA46P+3/8rn/uPGbb7k4zW0vLmIx991LsKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPKHOv5nR1RSZmT45XS7fvTO7WE698oOazSSNJMWPk+Kz5Fy6Uyb7uiu2Gue1e59+ePyDj2cf9NXs1W8Ma7czq/WUqSQj9Xx7Y5t0s7G/i339rX6u8Iq1PSwTdqyXODho/wsAAP//P4bx+w==") chroot(&(0x7f0000000000)='./file0/../file0\x00') 750.729425ms ago: executing program 1 (id=5475): r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000000c0)={0x80, 0x6, 0x9, 0x0, 0x0, 0xfffffff9, 0x0}) 682.150006ms ago: executing program 3 (id=5476): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@private2, 0x0, 0x0, 0x1, 0x1, 0x4000}, 0x20) 681.893996ms ago: executing program 4 (id=5477): r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$PIO_SCRNMAP(r0, 0x4b41, 0xfffffffffffffffe) 676.588325ms ago: executing program 1 (id=5478): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000014800)={0x0, 0x0, &(0x7f00000147c0)={&(0x7f0000000500)=@allocspi={0x128, 0x16, 0x1, 0x70bd25, 0x25dfdbff, {{{@in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @in6=@dev={0xfe, 0x80, '\x00', 0x21}, 0x4e23, 0x0, 0x4e30, 0x3, 0xa, 0x20, 0x10, 0x3a}, {@in=@loopback, 0x4d2, 0x33}, @in=@local, {0x1, 0x10, 0x4, 0x8001, 0x8, 0x7f7, 0xaaf0, 0x2}, {0x500000, 0x4, 0x4, 0x2}, {0xc908, 0x2127268a, 0x8}, 0x70bd2b, 0x3507, 0xa, 0x0, 0x0, 0x10}, 0xff, 0x80000002}, [@address_filter={0x28, 0x1a, {@in6=@loopback, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x2, 0x3, 0x2e}}, @etimer_thresh={0x8, 0xc, 0x81}]}, 0x128}, 0x1, 0x0, 0x0, 0x880}, 0x48000) 646.201976ms ago: executing program 4 (id=5479): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, 0x0) 550.575706ms ago: executing program 0 (id=5480): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, 0x0, 0x0) 550.392246ms ago: executing program 3 (id=5481): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a80648c2594f90124fc601006034002200600053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 550.223416ms ago: executing program 4 (id=5482): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x48, &(0x7f0000000180)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x20) 549.901746ms ago: executing program 2 (id=5483): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x400000000000000, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x1, 0x0, 0x3, 0xa, 0x0, 0x70bd2a, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}, @sadb_spirange={0x2, 0x10, 0xfffffffc}]}, 0x50}}, 0x0) 549.386806ms ago: executing program 1 (id=5484): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file0\x00', 0x3000490, &(0x7f0000000280)={[{@lazytime}, {@usrjquota}, {@errors_remount}, {@bsdgroups}, {@auto_da_alloc}, {@jqfmt_vfsv1}, {@nouid32}, {@journal_dev={'journal_dev', 0x3d, 0x7}}, {@grpjquota}, {}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==") mount$afs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x80, &(0x7f00000002c0)=ANY=[@ANYBLOB='dyn']) 483.020697ms ago: executing program 0 (id=5485): syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82) syz_open_dev$sg(&(0x7f0000000280), 0x0, 0xa0940) 482.507847ms ago: executing program 4 (id=5486): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@ipmr_delroute={0x28, 0x19, 0x1, 0x0, 0x0, {0x80, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, 0x5}, [@RTA_MULTIPATH={0xc, 0x9, {0xe, 0x24, 0x83}}]}, 0x28}}, 0x0) 440.502407ms ago: executing program 0 (id=5487): r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0) write$vga_arbiter(r0, &(0x7f00000001c0)=@other={'decodes', ' ', 'mem'}, 0xc) 326.203838ms ago: executing program 4 (id=5488): syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000300)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xac3, &(0x7f0000000e00)="$eJzs3U2MW0cBAOCxd73ZTVPilIQuaWgTCm356abZLOEngqRKhETUVIhLpYpLlKYlIgSJIgFVJZKcuNGqChInfsSpl6ogJHpBUU9cKtFIFVJPhQMHoiAqcSiBxCj2jNee2Hn2/j07/j7p7XjejD0z3ufn5/fezARgYlWbf5eW5ishXHzjlaP/eOjvczfXHGrnqDf/TnfEaiGESoxPZ6/33lQrvP7+iyd7hZWw2Pyb4uHJq+3n3hVCOBd2h0uhHnZevPzyW4tPHD9/7MKet189eGV9Wg8AAJPl65cOLu3465/v23bttfsPh03t9en4vB7jW+Jx/+F44J+O/6uhO17pWDrNZPmm41Kd68431SNfZzm1LN90n/JnsvJrffJtCrcvf6pjXa92wzhL23E9VKoLXfFqdWGh9Zs8NH/Xz1QWzp4+8+zzJVUUWHP/fiCEsLtjOXKhOz5qy6ERqMMKl8YI1GEsl8MbV9a1Rkvpbd6gpbG17D0QQEt+vfAW5/IzC6vTfrXpwcq/+ni19/NhDWz09j9U+TMllx+U/5vz9jisnTt1a0rtSp+jLTGeX0fI71/q//nLr3R0r82vR9QGrGe/6wjjcn2hXz2nNrgeK9Wv/vl2caf6cgzT+/CVrtQHuj4/+f90XP7HQG8f5Of/LRbLaC+hK15bzWs1Wq82V+Y+CBhN+X1zjXR9NMrv68vTNxWkzxakzxWkby5Iv6sgHSbZ777/0/BSZfl8V/6bftjz4ek8290x/NCQ9cnPRw5bfn7f77BWW35+PzGMsj+ceOrUF555+nLr/v9Ke/u/Ebf39HOjHj9bl2KGdL4wP6/evve/3l1OtU++e7L63N0jf/Px9u58le3LrxM69jO31GO++3lb++Xb1Z2vnuWbi8tsVt/8+GRz9rx0/JH2q+n9ms7aW8vaMZPVI+1XtsUwrwesRNoe+93/n7bP+VCrPHv6zKnHYjxtp3+aqm26uX7fBtcbWL1B+//Mh+7+P1va62vVzv3C1uX1ldZ+4fX4et3rF9vldKzv+FJL33Pfmppr5l84+d0zz6xx22HSPf+jF7594syZU9/zYMUPvjoa1RjmQfrZMir18WDYB7vXu4iSd0zAutv749ZBwKOnv3PiuVPPnTq7/8CB/YuLB764f2lv87h+b+fRfadzJdQWWEvLX/pl1wQAAAAAAAAAAAAY1A+OHb38zpuff7fV/3+5/1/q/5/u/E39/3+S9f/P+8mnfvCpH+C2HunNPNkAqzNZvlpcPpzVd3tWzo7seR+JYXsev9j/PxWXj+ua6nNvtr7WJ5oNJ3DLeCkz2Rgk+XyBH4/hhRj+OkCJKr2H/su32x7jW1c+6NjW0/gUs8vPahgfeHykrtfNraFjSKPU/7vnuE49+mszXjaix2LZbQR6++dEjf/9r+WGl14XS/9lemPL+/nkbhONvkfpg85gA7A2yp7/M533TOHZP35t9uaSsl19vHt/mY9fCsP4yzvd8VGff3K9y8/n7dvo8stu/0bP/9me/27g/V82Y159ZeX+5xdX3u0oNuwctPy8/Wkc6O3DlX8tlp9a83AYrPzGr7Ly8wtCA/pvVv7mAcu/pf27Vlb+/2L56W175MFBy2/VuFLtrsdc1o50/S8/b5xcz9qfxva8TfnfeKFX+1c4UeONWD5MsnGZZ3ZY2XFE+6B95fP/RufWdv7fdmWz3Vp+H8bnYjztiNN9Dvl8J8PWP91fkb4HdmSvXyn4fjP/73j7UgyLPg9p/t+0PdbjV35HvPlepnitx3t7p+5rYFy9N0rX/5Ky67Hq5crmVbRjtvz6r90yNQJ1WKtltvf/tLGSNm4akW290Wis7wmtAqUWTunvf9m/E8ouv+z3v0g+/29+DJ/P/5un5/P/5un5/L95+lz8D/VLz+f/zd/PfP7fPP3e7HXz+YHnC9I/WpC+s3d6+2f7fQXP31WQ/rGC9D3t9ENdOVL6/bd9/nK+fq9/T0H6gwXpnyhI/2RB+kMF6Y90pHfOAZ3SP1Xw/Dtd6o8yqe2HSZb3z/P5h8mRrv/0+/xvL0gHxtfPXtt35OnffrPe6v8/0z4fkq7jHY7xWvz99MMYz697h474zbQ3Y/xvWfqon++ASZKPn5F/vz9ckA6Mr3Sfl883TKDKbO/VMSwat6rfcT7j5dMx/EwMPxvDR2O4EMO9MdwXw8UNqh/r48jrvz/4UmX59/7WLH3Q+8nz/kBd40SFEPYPWJ/8/MCw97Pn4/gNa7Xlr7A7GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGmqzb9LS/OVEC6+8crRp46f3ntzzaF2jnrz73RHrNZ+XgiPxXAqhr+MD66//+LJzvBGDCthMVRCpb0+PHm1XdJdIYRzYXe4FOph58XLL7+1+MTx88cu7Hn71YNX1u8dAAAAgDvf/wMAAP//Nj4Q1g==") creat(&(0x7f0000000140)='./file2\x00', 0x100) 325.976307ms ago: executing program 3 (id=5489): r0 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000a00), 0x2, 0x0) ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000640)={0x1, @vbi}) 325.752127ms ago: executing program 1 (id=5490): syz_mount_image$erofs(&(0x7f0000000040), &(0x7f0000000400)='./file2\x00', 0x8, &(0x7f0000000000)=ANY=[], 0x1, 0x1db, &(0x7f0000000440)="$eJzslc2q00AUx/8zqUkqPoEbF17wujBNUhU3F64bVy4EPy4uBIs3LdXUSpuFLYj6BO7dufAxhLr1IaS6URDdqOuR+UgyLU0h9aPIPT/oyX96JmfOnAMnIAjiyPLxw8+5+LH3yQdwAjvwzP+fnXIPt/a/9789eXv1ysGLO6/fefOguRjNq31+A8DssoPMrIUQwvbvmOcN8ELfBMdZow/AEBh9Fxy3jE7AcNvo+5Yeyv1B0O2nSXBvmB5KEUoTSRNL017O7+tzhkMrP2b5x5Ppg06aJqNFMRNCVLjqi9WVm30p8vOBPSs/u18BdLahVb8IHJHRbTBcN/oSvLw2uiTW/U82yvjO2vu72Pi2fhG2dHV/u3xrhCuP2uh1gFX1/n8SDpTIO/oPT3+20OW/JtD4YwGFB2y7XxXizb7uX5HqU72uF2e/wuXWjGMqX8xP8YrhjDWf9Ch5qT4WrWzwqDWeTM/1B51e0ksexnH7Yng+DC/ELTWItF09AlX8pppPx8v4zaq9LnPxuJNlo0jbYh1ru2ricjX/OHZP45hcy2nqLsX9DiA/lJkfV0+pdp3K5AmCILbIKTA1k9VczoX5mhQOIeJrW86TIAiCIAiCIAiCIIjN+RUAAP//vudckQ==") symlinkat(&(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000003000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 312.838618ms ago: executing program 2 (id=5491): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) exit(0x100000001) 265.631258ms ago: executing program 3 (id=5492): r0 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$netlink(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000700)={0xe0, 0x10, 0x50b, 0x0, 0x0, "", [@generic="6f6d8864d22a3f2ffaa46c88bc", @typed={0xa9, 0x0, 0x0, 0x0, @binary="2b0e13e735a3184f1b3d6da2f1acfac0ee50d2b184b27db1f302de337c0004060000000000bf852c89867f6691b01b2d44e4ff2d2d2873882fbd9423debbb86f9dba4a2dba4dbe076c02262600c446a567de243ab0d67683f7bb11c9cab3b3eed8a8bef4ff1631aa78acefca03c1a66db4424a8ba100022db228bb7b5eb5100100000000000000a0912086d9f4606d2e4cc898739222c5d3a83cb6b707f3336336ebb7d681"}, @nested={0x11, 0x0, 0x0, 0x1, [@generic="a64a6f8911da357ba323a96d75"]}]}, 0xe0}], 0x1}, 0x0) 198.269678ms ago: executing program 0 (id=5493): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000100)={'gre0\x00', &(0x7f0000000040)={'erspan0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @private}}}}) 163.763149ms ago: executing program 0 (id=5494): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'veth0_to_hsr\x00'}, 0x18) 152.823349ms ago: executing program 3 (id=5495): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x61) 10.203959ms ago: executing program 4 (id=5496): r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000080)={0xfffffffd, 0x33524742, 0x3, @stepwise={0x753, 0x9, 0x81, 0x9, 0x7ffffffd, 0xa}}) 9.975799ms ago: executing program 0 (id=5497): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r0, 0x84, 0x11, &(0x7f0000000040)="020000000980ffff", 0x8) 0s ago: executing program 3 (id=5498): r0 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0) pwrite64(r0, &(0x7f0000000840)="e67ab166972ce298f4681ef5c755f60473b17b7887d68440dd9005bc69f6c3c5238bebfbce6236501dd64c37eeaeec2d13731c56a864da45a465e645e685887f27f84f348e4149ccee167605da33c412d53af0256fc973711375855a0a610654714099f4d540f9cba457b1813b73957a98aa2cc497c1e3ea00", 0x79, 0x1) kernel console output (not intermixed with test programs): 3.1. [ 229.898628][T12593] loop0: detected capacity change from 0 to 32768 [ 229.901083][ T6358] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 230.002457][T12593] (syz.0.3709,12593,0):ocfs2_init_local_system_inodes:493 ERROR: status=-22, sysfile=10, slot=0 [ 230.019042][T12593] (syz.0.3709,12593,0):ocfs2_init_local_system_inodes:502 ERROR: status = -22 [ 230.035716][T12593] (syz.0.3709,12593,0):ocfs2_mount_volume:1818 ERROR: status = -22 [ 230.059627][T12593] (syz.0.3709,12593,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 230.324668][T12625] loop4: detected capacity change from 0 to 4096 [ 230.324668][T12632] loop3: detected capacity change from 0 to 1024 [ 230.384524][ T5411] usb 3-1: USB disconnect, device number 15 [ 230.423831][T12632] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 230.449442][T12632] EXT4-fs warning (device loop3): ext4_empty_dir:3156: inode #12: comm syz.3.3728: directory missing '..' [ 230.550947][T12622] loop1: detected capacity change from 0 to 32768 [ 230.594826][T12622] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 scanned by syz.1.3724 (12622) [ 230.647206][T12643] __nla_validate_parse: 2 callbacks suppressed [ 230.647222][T12643] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3734'. [ 230.700653][T12622] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 230.754213][T12622] BTRFS info (device loop1): force zlib compression, level 3 [ 230.843531][T12622] BTRFS info (device loop1): force clearing of disk cache [ 230.850678][T12622] BTRFS info (device loop1): setting nodatasum [ 230.946249][T12622] BTRFS info (device loop1): allowing degraded mounts [ 230.954739][T12622] BTRFS info (device loop1): enabling disk space caching [ 230.974995][T12622] BTRFS info (device loop1): disk space caching is enabled [ 230.982440][T12622] BTRFS info (device loop1): has skinny extents [ 231.001160][ T6358] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 231.008126][ T6358] ath9k_htc: Failed to initialize the device [ 231.044080][T12664] netlink: 'syz.0.3739': attribute type 4 has an invalid length. [ 231.045039][ T5411] usb 3-1: ath9k_htc: USB layer deinitialized [ 231.099228][T12664] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3739'. [ 231.186841][T12685] netlink: 'syz.4.3746': attribute type 21 has an invalid length. [ 231.202353][T12685] netlink: 128 bytes leftover after parsing attributes in process `syz.4.3746'. [ 231.221971][T12622] BTRFS info (device loop1): clearing free space tree [ 231.224310][T12685] netlink: 'syz.4.3746': attribute type 5 has an invalid length. [ 231.241148][ T1107] usb 4-1: new low-speed USB device number 17 using dummy_hcd [ 231.243681][T12622] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 231.288739][T12695] netlink: 'syz.0.3749': attribute type 32 has an invalid length. [ 231.296781][T12685] netlink: 3 bytes leftover after parsing attributes in process `syz.4.3746'. [ 231.314874][T12622] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 231.518047][T12622] BTRFS info (device loop1): balance: start -sconvert=raid0,soft,profiles=system|metadata,usage=255,limit=25769803776 [ 231.574041][T12622] BTRFS info (device loop1): balance: ended with status: 0 [ 231.594319][T12707] loop2: detected capacity change from 0 to 1764 [ 231.641292][ T1107] usb 4-1: config index 0 descriptor too short (expected 6427, got 27) [ 231.668910][ T1107] usb 4-1: config 0 has an invalid interface number: 21 but max is 0 [ 231.687704][ T1107] usb 4-1: config 0 has no interface number 0 [ 231.702259][ T1107] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 231.715230][ T1107] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 231.742609][ T1107] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 231.757492][ T1107] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 231.776084][ T1107] usb 4-1: config 0 descriptor?? [ 232.122796][T12736] loop0: detected capacity change from 0 to 2048 [ 232.169260][T12740] loop4: detected capacity change from 0 to 2048 [ 232.233092][T12740] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 232.268452][T12736] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 232.275031][ T1107] usb 4-1: USB disconnect, device number 17 [ 232.308576][T12736] UDF-fs: Scanning with blocksize 512 failed [ 232.319994][T12736] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 232.566371][T12753] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3775'. [ 232.591166][T12753] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3775'. [ 232.600337][T12753] netlink: 5 bytes leftover after parsing attributes in process `syz.0.3775'. [ 232.876532][T12741] loop2: detected capacity change from 0 to 32768 [ 232.891823][T12773] loop4: detected capacity change from 0 to 512 [ 232.916162][T12775] loop1: detected capacity change from 0 to 8 [ 232.935419][T12741] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.3771 (12741) [ 232.971282][T12741] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 233.002358][T12773] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrquota,nojournal_checksum,,errors=continue. Quota mode: writeback. [ 233.016170][T12741] BTRFS info (device loop2): force zlib compression, level 3 [ 233.023771][T12741] BTRFS info (device loop2): force clearing of disk cache [ 233.031904][T12741] BTRFS info (device loop2): setting nodatasum [ 233.038174][T12741] BTRFS info (device loop2): allowing degraded mounts [ 233.045625][T12741] BTRFS info (device loop2): enabling disk space caching [ 233.052789][T12741] BTRFS info (device loop2): disk space caching is enabled [ 233.060028][T12741] BTRFS info (device loop2): has skinny extents [ 233.097148][T12773] fscrypt (loop4, inode 15): Error -61 getting encryption context [ 233.151052][ T1107] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 233.307483][T12741] BTRFS info (device loop2): clearing free space tree [ 233.317510][T12741] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 233.336271][T12741] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 233.431108][ T1107] usb 4-1: Using ep0 maxpacket: 16 [ 233.446021][T12741] BTRFS info (device loop2): balance: start -sconvert=raid0,soft,profiles=system|metadata,usage=255,limit=25769803776 [ 233.448426][T12815] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: invalid value (4) [ 233.481216][ T5413] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 233.529695][T12741] BTRFS info (device loop2): balance: ended with status: 0 [ 233.574560][T12820] loop4: detected capacity change from 0 to 1024 [ 233.737574][ T1107] usb 4-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 233.746871][ T1107] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 233.758729][ T1107] usb 4-1: Product: syz [ 233.763196][ T1107] usb 4-1: Manufacturer: syz [ 233.778767][ T1107] usb 4-1: SerialNumber: syz [ 233.814522][ T1107] usb 4-1: config 0 descriptor?? [ 233.853551][ T4596] usb 2-1: new low-speed USB device number 14 using dummy_hcd [ 233.854497][ T5413] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 233.973984][T12827] loop2: detected capacity change from 0 to 64 [ 234.041527][ T5413] usb 1-1: New USB device found, idVendor=093a, idProduct=2476, bcdDevice= d.5b [ 234.050755][ T5413] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 234.059592][ T5413] usb 1-1: Product: syz [ 234.063916][ T5413] usb 1-1: Manufacturer: syz [ 234.079411][ T5413] usb 1-1: SerialNumber: syz [ 234.087819][ T5413] usb 1-1: config 0 descriptor?? [ 234.101268][ T1107] speedtch 4-1:0.0: speedtch_bind: data interface not found! [ 234.108675][ T1107] speedtch 4-1:0.0: usbatm_usb_probe: bind failed: -19! [ 234.144267][ T5413] gspca_main: pac207-2.14.0 probing 093a:2476 [ 234.144551][T12831] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check. [ 234.271074][ T5413] gspca_pac207: Failed to read a register (index 0x0000, error -110) [ 234.299685][ T4596] usb 2-1: config index 0 descriptor too short (expected 6427, got 27) [ 234.305588][ T5413] usb 4-1: USB disconnect, device number 18 [ 234.316207][ T4596] usb 2-1: config 0 has an invalid interface number: 21 but max is 0 [ 234.334945][ T4596] usb 2-1: config 0 has no interface number 0 [ 234.349695][ T4596] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 234.370105][ T6358] usb 1-1: USB disconnect, device number 16 [ 234.375237][ T4596] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 234.400983][ T4596] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 234.424553][T12837] xt_CT: No such helper "syz0" [ 234.429149][ T4596] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 234.445303][ T4596] usb 2-1: config 0 descriptor?? [ 234.595072][T12856] loop4: detected capacity change from 0 to 64 [ 234.930588][T12877] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3824'. [ 234.983647][ T4596] usb 2-1: USB disconnect, device number 14 [ 235.044456][T12882] loop4: detected capacity change from 0 to 2048 [ 235.150081][T12882] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 235.189879][T12882] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 235.210462][T12882] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 235.258212][T12882] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 235.273235][T12882] UDF-fs: Scanning with blocksize 512 failed [ 235.304602][T12882] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 235.574132][T12910] loop4: detected capacity change from 0 to 164 [ 235.588221][T12913] loop1: detected capacity change from 0 to 256 [ 235.612781][T12872] loop3: detected capacity change from 0 to 32768 [ 235.629242][T12910] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 235.658467][T12915] loop0: detected capacity change from 0 to 1764 [ 235.702136][T12872] [ 235.702136][T12872] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 235.702136][T12872] [ 235.797760][T12872] ERROR: (device loop3): diWrite: ixpxd invalid [ 235.797760][T12872] [ 235.879823][T12872] ERROR: (device loop3): txCommit: [ 235.879823][T12872] [ 235.937214][ T4191] [ 235.937214][ T4191] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 235.937214][ T4191] [ 235.994559][ T4191] [ 235.994559][ T4191] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 235.994559][ T4191] [ 236.238849][T12957] loop1: detected capacity change from 0 to 1764 [ 236.322212][ T26] kauditd_printk_skb: 21 callbacks suppressed [ 236.322227][ T26] audit: type=1400 audit(492.294:14): apparmor="DENIED" operation="change_onexec" info="label not found" error=-22 profile="unconfined" name="&" pid=12961 comm="syz.2.3858" [ 236.460444][T12976] loop4: detected capacity change from 0 to 64 [ 236.582379][T12976] hfs: unable to load iocharset "Sp" [ 236.598016][T12976] hfs: unable to parse mount options [ 236.611934][T12989] netlink: 'syz.2.3870': attribute type 1 has an invalid length. [ 236.795488][T13001] loop3: detected capacity change from 0 to 64 [ 236.836246][T13003] kernel read not supported for file / 7âW)s!Qfsl{Tr)rO2:"T+͟v|ղDvc֠6xc: (pid: 13003 comm: syz.4.3877) [ 236.909138][T13007] loop1: detected capacity change from 0 to 256 [ 236.927536][ T26] audit: type=1800 audit(492.894:15): pid=13003 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3877" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=59508 res=0 errno=0 [ 237.131379][T13009] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3882'. [ 237.189162][T12995] infiniband syz1: set active [ 237.241147][T12995] infiniband syz1: added bond0 [ 237.660973][T12995] RDS/IB: syz1: added [ 237.712708][T12995] smc: adding ib device syz1 with port count 1 [ 237.761407][T12995] smc: ib device syz1 port 1 has pnetid [ 237.910057][T13046] comedi comedi0: adq12b: I/O port conflict (0x5,16) [ 238.082881][T13054] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3902'. [ 238.121189][ T6358] usb 5-1: new full-speed USB device number 23 using dummy_hcd [ 238.470234][T13038] loop3: detected capacity change from 0 to 32768 [ 238.501163][ T6358] usb 5-1: config 0 has an invalid interface number: 110 but max is 0 [ 238.519704][ T6358] usb 5-1: config 0 has no interface number 0 [ 238.526287][ T6358] usb 5-1: config 0 interface 110 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0 [ 238.539071][ T6358] usb 5-1: config 0 interface 110 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 238.549394][ T6358] usb 5-1: config 0 interface 110 has no altsetting 0 [ 238.581189][ T5413] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 238.625716][T13076] IPv6: ADDRCONF(NETDEV_CHANGE): wireguard0: link becomes ready [ 238.640793][T13038] XFS (loop3): Mounting V5 Filesystem [ 238.711250][ T6358] usb 5-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=af.55 [ 238.739857][ T6358] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 238.778424][ T6358] usb 5-1: Product: syz [ 238.793492][ T6358] usb 5-1: Manufacturer: syz [ 238.798105][ T6358] usb 5-1: SerialNumber: syz [ 238.847656][ T6358] usb 5-1: config 0 descriptor?? [ 238.853109][ T5413] usb 2-1: Using ep0 maxpacket: 32 [ 238.896851][T13038] XFS (loop3): Ending clean mount [ 238.908162][T13038] XFS (loop3): Metadata CRC error detected at xfs_inobt_read_verify+0x3a/0xd0, xfs_finobt block 0x20 [ 238.938370][T13038] XFS (loop3): Unmount and run xfs_repair [ 238.945385][T13038] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 238.954763][T13038] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff FIB3............ [ 238.964236][T13038] 00000010: 00 00 00 00 00 00 00 20 00 00 00 01 00 00 00 40 ....... .......@ [ 238.973835][ T5413] usb 2-1: config index 0 descriptor too short (expected 35577, got 27) [ 238.990304][ T5413] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 238.999154][T13038] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a ...B..N....xv... [ 239.012197][ T5413] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 239.025618][T13038] 00000030: 00 00 00 00 8a d2 18 46 00 00 16 80 00 00 40 37 .......F......@7 [ 239.034692][ T5413] usb 2-1: config 1 has no interface number 0 [ 239.034730][ T5413] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 239.034753][ T5413] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 239.034789][ T5413] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 239.043643][T13038] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00 ................ [ 239.056971][ T5413] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 239.066225][T13038] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00 ................ [ 239.137937][ T5413] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found [ 239.150487][T13038] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 239.176761][T13038] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 239.199212][T13038] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x1d3/0x2c0" at daddr 0x20 len 8 error 74 [ 239.225183][T13038] XFS (loop3): Failed to initialize disk quotas. [ 239.351892][ T5413] snd_usb_pod 2-1:1.1: invalid control EP [ 239.357646][ T5413] snd_usb_pod 2-1:1.1: cannot start listening: -22 [ 239.396943][ T5413] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected [ 239.421342][ T5413] snd_usb_pod: probe of 2-1:1.1 failed with error -22 [ 239.447953][ T5413] usb 5-1: USB disconnect, device number 23 [ 239.476380][T13115] netlink: 'syz.0.3929': attribute type 1 has an invalid length. [ 239.491295][ T4191] XFS (loop3): Unmounting Filesystem [ 239.502774][T13115] netlink: 'syz.0.3929': attribute type 1 has an invalid length. [ 239.559082][ T21] usb 2-1: USB disconnect, device number 15 [ 239.895587][T13138] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3940'. [ 239.986015][T13146] device wg1 entered promiscuous mode [ 240.071742][T13152] x_tables: duplicate entry at hook 2 [ 240.164730][T13156] loop0: detected capacity change from 0 to 256 [ 240.348548][T13164] netlink: 'syz.0.3952': attribute type 2 has an invalid length. [ 240.388609][T13164] netlink: 'syz.0.3952': attribute type 1 has an invalid length. [ 240.424913][T13164] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3952'. [ 240.805457][T13142] loop2: detected capacity change from 0 to 32768 [ 240.875580][T13149] loop4: detected capacity change from 0 to 32768 [ 240.956422][T13142] XFS (loop2): Mounting V5 Filesystem [ 240.971208][T13149] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.3944 (13149) [ 241.025713][T13149] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 241.043184][T13149] BTRFS info (device loop4): using free space tree [ 241.051560][T13149] BTRFS info (device loop4): has skinny extents [ 241.132714][T13142] XFS (loop2): Ending clean mount [ 241.156078][ T6358] XFS (loop2): Metadata CRC error detected at xfs_inobt_read_verify+0x3a/0xd0, xfs_finobt block 0x20 [ 241.255317][ T6358] XFS (loop2): Unmount and run xfs_repair [ 241.293696][ T6358] XFS (loop2): First 128 bytes of corrupted metadata buffer: [ 241.331257][ T6358] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff FIB3............ [ 241.360204][ T6358] 00000010: 00 00 00 00 00 00 00 20 00 00 00 01 00 00 00 40 ....... .......@ [ 241.411077][ T6358] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a ...B..N....xv... [ 241.428338][ T1107] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 241.430034][ T6358] 00000030: 00 00 00 00 8a d2 18 46 00 00 16 80 00 00 40 37 .......F......@7 [ 241.445760][ T6358] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00 ................ [ 241.454675][ T6358] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00 ................ [ 241.463768][ T6358] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 241.472968][ T6358] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 241.473016][T13149] BTRFS info (device loop4): enabling ssd optimizations [ 241.482083][T13142] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x1d3/0x2c0" at daddr 0x20 len 8 error 74 [ 241.482246][T13142] XFS (loop2): Failed to initialize disk quotas. [ 241.691094][ T1107] usb 2-1: Using ep0 maxpacket: 8 [ 241.709131][ T4182] XFS (loop2): Unmounting Filesystem [ 241.836846][ T1107] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64 [ 241.881200][ T1107] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0 [ 241.901662][ T1107] usb 2-1: config 0 interface 0 has no altsetting 0 [ 242.137662][T13266] loop0: detected capacity change from 0 to 512 [ 242.144438][ T1107] usb 2-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 242.185803][ T1107] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 242.205858][ T1107] usb 2-1: Product: syz [ 242.211298][ T1107] usb 2-1: Manufacturer: syz [ 242.221474][ T1107] usb 2-1: SerialNumber: syz [ 242.254184][ T1107] usb 2-1: config 0 descriptor?? [ 242.294920][T13266] EXT4-fs (loop0): orphan cleanup on readonly fs [ 242.362080][T13266] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.3988: bg 0: block 248: padding at end of block bitmap is not set [ 242.379881][ T1107] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 found [ 242.404542][T13270] loop3: detected capacity change from 0 to 4096 [ 242.436253][T13266] Quota error (device loop0): write_blk: dquota write failed [ 242.436389][T13279] loop2: detected capacity change from 0 to 512 [ 242.447300][T13266] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 242.466532][T13281] loop4: detected capacity change from 0 to 64 [ 242.481331][T13270] ntfs: (device loop3): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 242.493076][T13266] EXT4-fs error (device loop0): ext4_acquire_dquot:6209: comm syz.0.3988: Failed to acquire dquot type 1 [ 242.504925][T13279] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 242.528222][T13270] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing. [ 242.539343][T13270] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 242.540192][T13279] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2826: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 242.567969][T13270] ntfs: (device loop3): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 242.584948][T13279] EXT4-fs (loop2): 1 truncate cleaned up [ 242.590255][T13266] EXT4-fs (loop0): 1 truncate cleaned up [ 242.602875][ T1107] snd_usb_toneport 2-1:0.0: cannot get proper max packet size [ 242.613582][T13266] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 242.651641][T13279] EXT4-fs (loop2): mounted filesystem without journal. Opts: i_version,resuid=0x000000000000ee01,barrier=0x0000000000000003,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: none. [ 242.657835][ T1107] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 now disconnected [ 242.750422][T13270] ntfs: volume version 3.1. [ 242.755754][ T1107] snd_usb_toneport: probe of 2-1:0.0 failed with error -22 [ 242.780800][T13270] ntfs: (device loop3): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 242.801132][T13270] ntfs: (device loop3): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 242.829808][T13270] ntfs: (device loop3): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 242.867563][ T4600] usb 2-1: USB disconnect, device number 16 [ 242.885611][T13270] ntfs: (device loop3): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 243.133862][T13299] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 243.161555][T13299] overlayfs: missing 'lowerdir' [ 243.243376][T13305] netlink: 256 bytes leftover after parsing attributes in process `syz.3.4004'. [ 243.251476][T13307] loop4: detected capacity change from 0 to 1024 [ 243.337332][T13314] mmap: syz.0.4009 (13314) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 243.347138][T13317] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4010'. [ 243.447571][T13307] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 243.478584][T13307] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 243.553226][T13332] xt_hashlimit: overflow, try lower: 18446744073709551615/255 [ 243.625194][T13335] loop1: detected capacity change from 0 to 128 [ 243.778992][T13345] netlink: 'syz.0.4022': attribute type 24 has an invalid length. [ 243.889241][T13351] loop3: detected capacity change from 0 to 512 [ 243.996268][T13351] EXT4-fs (loop3): Journaled quota options ignored when QUOTA feature is enabled [ 244.055012][T13363] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.4031'. [ 244.088428][T13351] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,noinit_itable,errors=remount-ro,grpjquota=.,stripe=0x0000000000000000,init_itable,. Quota mode: writeback. [ 244.248028][T13375] loop1: detected capacity change from 0 to 512 [ 244.347741][T13375] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 244.355605][T13383] loop3: detected capacity change from 0 to 64 [ 244.481023][ T6356] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 244.722614][ T6356] usb 1-1: Using ep0 maxpacket: 8 [ 244.841446][ T6356] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 244.891457][ T6356] usb 1-1: New USB device found, idVendor=0e8d, idProduct=2000, bcdDevice=21.c6 [ 244.900524][ T6356] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.951667][T13411] loop4: detected capacity change from 0 to 4096 [ 244.978208][ T6356] usb 1-1: config 0 descriptor?? [ 244.988747][T13411] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 245.260417][ T5410] usb 1-1: USB disconnect, device number 17 [ 245.280520][T13396] loop3: detected capacity change from 0 to 32768 [ 245.385674][T13396] JBD2: Ignoring recovery information on journal [ 245.457986][T13439] netlink: 212 bytes leftover after parsing attributes in process `syz.1.4068'. [ 245.473136][T13396] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode. [ 245.627893][ T4191] ocfs2: Unmounting device (7,3) on (node local) [ 245.753624][T13455] tmpfs: Bad value for 'mpol' [ 245.777956][T13448] loop1: detected capacity change from 0 to 4096 [ 245.812882][T13459] netlink: 'syz.0.4078': attribute type 5 has an invalid length. [ 245.894847][T13466] xt_l2tp: unknown flags: 3b [ 246.031547][T13469] loop3: detected capacity change from 0 to 4096 [ 246.105645][T13469] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 246.141084][ T6356] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 246.231872][T13481] loop0: detected capacity change from 0 to 256 [ 246.314011][T13481] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 246.504704][T13495] netlink: 'syz.4.4096': attribute type 1 has an invalid length. [ 246.512600][ T6356] usb 3-1: descriptor type invalid, skip [ 246.583716][T13502] netlink: set zone limit has 8 unknown bytes [ 246.591619][ T6356] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 246.602186][ T6356] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 2 [ 246.781222][ T6356] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 246.790290][ T6356] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 246.813061][ T6356] usb 3-1: Product: syz [ 246.817242][ T6356] usb 3-1: Manufacturer: syz [ 246.820956][ T4600] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 246.822603][ T6356] usb 3-1: SerialNumber: syz [ 246.841130][ T1107] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 246.843948][ T6356] usb 3-1: config 0 descriptor?? [ 246.897227][T13520] MTD: Couldn't look up './file0': -15 [ 246.926748][T13522] ieee802154 phy1 wpan1: encryption failed: -22 [ 247.102849][ T6356] usb 3-1: USB disconnect, device number 16 [ 247.111154][ T1107] usb 5-1: Using ep0 maxpacket: 16 [ 247.184406][T13538] xt_CT: You must specify a L4 protocol and not use inversions on it [ 247.256258][ T1107] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 247.275044][ T1107] usb 5-1: config 0 has no interface number 0 [ 247.295117][ T1107] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0 [ 247.305282][ T4600] usb 1-1: config 2 has an invalid interface number: 122 but max is 0 [ 247.314695][T13548] loop1: detected capacity change from 0 to 128 [ 247.326363][ T4600] usb 1-1: config 2 has no interface number 0 [ 247.332979][ T4600] usb 1-1: config 2 interface 122 has no altsetting 0 [ 247.378881][T13550] loop3: detected capacity change from 0 to 1024 [ 247.410578][ T4183] sysv_free_block: flc_count > flc_size [ 247.416412][ T4183] sysv_free_block: flc_count > flc_size [ 247.422315][ T4183] sysv_free_block: flc_count > flc_size [ 247.427932][ T4183] sysv_free_block: flc_count > flc_size [ 247.434402][ T4183] sysv_free_block: flc_count > flc_size [ 247.439953][ T4183] sysv_free_block: flc_count > flc_size [ 247.445914][ T4183] sysv_free_block: flc_count > flc_size [ 247.452086][ T4183] sysv_free_block: flc_count > flc_size [ 247.457628][ T4183] sysv_free_block: flc_count > flc_size [ 247.463446][ T4183] sysv_free_block: flc_count > flc_size [ 247.473669][ T1107] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 247.480785][ T4183] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 247.493567][ T1107] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 247.521655][ T4600] usb 1-1: New USB device found, idVendor=2109, idProduct=0711, bcdDevice=5a.59 [ 247.550174][ T1107] usb 5-1: Product: syz [ 247.554896][ T4600] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 247.563533][ T9190] hfsplus: b-tree write err: -5, ino 4 [ 247.575575][ T1107] usb 5-1: SerialNumber: syz [ 247.591408][ T4600] usb 1-1: Product: syz [ 247.598206][ T1107] usb 5-1: config 0 descriptor?? [ 247.613596][ T4600] usb 1-1: Manufacturer: syz [ 247.631328][ T4600] usb 1-1: SerialNumber: syz [ 247.673349][ T1107] usbhid 5-1:0.8: couldn't find an input interrupt endpoint [ 247.875739][ T4184] usb 5-1: USB disconnect, device number 24 [ 247.941930][ T4600] usb-storage 1-1:2.122: USB Mass Storage device detected [ 247.970210][ T4600] usb-storage 1-1:2.122: Quirks match for vid 2109 pid 0711: 2000000 [ 248.061446][ T4600] usb 1-1: USB disconnect, device number 18 [ 248.081550][T13588] netlink: 'syz.1.4140': attribute type 1 has an invalid length. [ 248.096598][T13588] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.4140'. [ 248.331030][ T5408] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 248.494480][T13614] loop4: detected capacity change from 0 to 256 [ 248.499273][T13618] xt_TPROXY: Can be used only with -p tcp or -p udp [ 248.580080][T13614] FAT-fs (loop4): Directory bread(block 64) failed [ 248.609794][T13614] FAT-fs (loop4): Directory bread(block 65) failed [ 248.650309][T13614] FAT-fs (loop4): Directory bread(block 66) failed [ 248.686613][T13614] FAT-fs (loop4): Directory bread(block 67) failed [ 248.718143][T13614] FAT-fs (loop4): Directory bread(block 68) failed [ 248.740041][T13634] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4163'. [ 248.746424][T13614] FAT-fs (loop4): Directory bread(block 69) failed [ 248.758104][T13614] FAT-fs (loop4): Directory bread(block 70) failed [ 248.766844][T13634] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4163'. [ 248.785301][T13614] FAT-fs (loop4): Directory bread(block 71) failed [ 248.792139][T13632] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4162'. [ 248.792794][T13614] FAT-fs (loop4): Directory bread(block 72) failed [ 248.808395][T13614] FAT-fs (loop4): Directory bread(block 73) failed [ 248.871216][ T5408] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 248.883174][T13639] loop2: detected capacity change from 0 to 256 [ 248.903335][ T5408] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 248.950577][ T5408] usb 4-1: Product: syz [ 248.965633][T13639] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 248.984118][ T5408] usb 4-1: Manufacturer: syz [ 248.988738][ T5408] usb 4-1: SerialNumber: syz [ 249.068063][ T5408] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 249.278620][T13661] netlink: 'syz.1.4177': attribute type 21 has an invalid length. [ 249.292322][T13661] netlink: 156 bytes leftover after parsing attributes in process `syz.1.4177'. [ 249.466987][T13672] loop1: detected capacity change from 0 to 1024 [ 249.547581][T13678] xt_bpf: check failed: parse error [ 249.684091][ T6356] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 249.834916][T13676] loop0: detected capacity change from 0 to 32768 [ 249.982091][T13676] ERROR: (device loop0): dtSearch: DT_GETPAGE: dtree page corrupt [ 249.982091][T13676] [ 250.005581][T13672] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 250.023844][T13676] ERROR: (device loop0): remounting filesystem as read-only [ 250.061481][T13676] jfs_lookup: dtSearch returned -5 [ 250.094342][ T5408] usb 4-1: USB disconnect, device number 19 [ 250.619288][T13718] comedi comedi0: aio_iiro_16: I/O port conflict (0x5,8) [ 250.693957][T13722] loop2: detected capacity change from 0 to 128 [ 250.770960][ T6356] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 250.777945][ T6356] ath9k_htc: Failed to initialize the device [ 250.797224][T13722] VFS: Found a Xenix FS (block size = 1024) on device loop2 [ 250.812826][ T5408] usb 4-1: ath9k_htc: USB layer deinitialized [ 250.844464][ T4182] sysv_free_block: flc_count > flc_size [ 250.880429][ T4182] sysv_free_block: flc_count > flc_size [ 250.894250][ T4182] sysv_free_block: flc_count > flc_size [ 250.899805][ T4182] sysv_free_block: flc_count > flc_size [ 250.934244][ T4182] sysv_free_block: flc_count > flc_size [ 250.943611][ T4182] sysv_free_block: flc_count > flc_size [ 250.978965][ T4182] sysv_free_block: flc_count > flc_size [ 250.988819][ T4182] sysv_free_block: flc_count > flc_size [ 251.013936][ T4182] sysv_free_block: flc_count > flc_size [ 251.034299][ T4182] sysv_free_block: flc_count > flc_size [ 251.055969][ T4182] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 251.062346][T13752] loop1: detected capacity change from 0 to 1024 [ 251.089282][T13752] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 251.115811][T13752] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (49802!=20869) [ 251.156225][T13752] EXT4-fs error (device loop1): ext4_get_journal_inode:5160: inode #5: comm syz.1.4222: unexpected bad inode w/o EXT4_IGET_BAD [ 251.169615][ T4184] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 251.207903][T13752] EXT4-fs (loop1): no journal found [ 251.216533][T13752] EXT4-fs (loop1): can't get journal size [ 251.252249][T13752] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,stripe=0x0000000000000002,norecovery,min_batch_time=0x000000000000071d,quota,,errors=continue. Quota mode: writeback. [ 251.281133][ T4600] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 251.431037][ T4184] usb 5-1: Using ep0 maxpacket: 8 [ 251.551192][ T4600] usb 1-1: Using ep0 maxpacket: 32 [ 251.556875][ T4184] usb 5-1: config 0 has an invalid interface number: 161 but max is 0 [ 251.569564][ T4184] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 251.585558][ T4184] usb 5-1: config 0 has no interface number 0 [ 251.593822][ T4184] usb 5-1: config 0 interface 161 altsetting 0 endpoint 0xC has invalid maxpacket 1024, setting to 64 [ 251.609636][ T4184] usb 5-1: config 0 interface 161 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6 [ 251.622949][T13781] netlink: 'syz.2.4234': attribute type 6 has an invalid length. [ 251.631687][T13781] netlink: 168 bytes leftover after parsing attributes in process `syz.2.4234'. [ 251.715751][ T4600] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 251.728657][ T4600] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 251.746442][ T4600] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 251.760727][ T4600] usb 1-1: config 1 has no interface number 0 [ 251.767169][ T4600] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 251.784334][ T4600] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 251.794558][ T4600] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 251.818694][ T4600] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 251.828166][ T4184] usb 5-1: New USB device found, idVendor=0bfd, idProduct=000c, bcdDevice=b9.d8 [ 251.840709][ T4184] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 251.854517][ T4600] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 251.867587][ T4184] usb 5-1: Product: syz [ 251.878324][ T4184] usb 5-1: Manufacturer: syz [ 251.888727][ T4184] usb 5-1: SerialNumber: syz [ 251.912946][ T4184] usb 5-1: config 0 descriptor?? [ 251.933405][ T4600] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [ 251.962186][ T4184] kvaser_usb 5-1:0.161: Cannot get usb endpoint(s) [ 252.142906][ T4600] snd_usb_pod 1-1:1.1: cannot start listening: -90 [ 252.174916][ T4600] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected [ 252.211010][T13809] loop2: detected capacity change from 0 to 2048 [ 252.217947][ T4600] snd_usb_pod: probe of 1-1:1.1 failed with error -90 [ 252.349532][ T4600] usb 1-1: USB disconnect, device number 19 [ 252.357077][T13822] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 252.383842][T13809] NILFS error (device loop2): nilfs_lookup: deleted inode referenced: 12 [ 252.423203][T13809] Remounting filesystem read-only [ 252.605467][T13834] xt_cluster: you have exceeded the maximum number of cluster nodes (127 > 32) [ 252.702934][T13838] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 252.788942][T13845] tmpfs: Bad value for 'mpol' [ 253.021180][ T6356] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 253.037385][T13741] loop4: detected capacity change from 0 to 32768 [ 253.069838][T13860] netlink: 'syz.3.4273': attribute type 21 has an invalid length. [ 253.088473][T13860] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4273'. [ 253.104071][T13853] loop0: detected capacity change from 0 to 4096 [ 253.133480][T13741] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 253.165678][T13741] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 253.193969][T13853] ntfs: volume version 3.1. [ 253.223195][T13853] __ntfs_error: 3 callbacks suppressed [ 253.223210][T13853] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup. [ 253.233175][T13741] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 253.321167][T13853] ntfs: (device loop0): load_and_init_quota(): Failed to find inode number for $Quota. [ 253.366195][T13853] ntfs: (device loop0): load_system_files(): Failed to load $Quota. Mounting read-only. Run chkdsk. [ 253.385836][ T6356] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 253.417955][T13853] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup. [ 253.437029][T13741] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 253.469073][T13853] ntfs: (device loop0): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl. [ 253.498282][ T6355] usb 5-1: USB disconnect, device number 25 [ 253.509849][T13853] ntfs: (device loop0): load_system_files(): Failed to load $UsnJrnl. Will not be able to remount read-write. Run chkdsk. [ 253.593188][T13879] sctp: [Deprecated]: syz.2.4282 (pid 13879) Use of int in max_burst socket option. [ 253.593188][T13879] Use struct sctp_assoc_value instead [ 253.596170][ T6356] usb 2-1: New USB device found, idVendor=093a, idProduct=2476, bcdDevice= d.5b [ 253.640744][ T6356] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 253.661629][ T6356] usb 2-1: Product: syz [ 253.692621][ T6356] usb 2-1: Manufacturer: syz [ 253.697533][ T6356] usb 2-1: SerialNumber: syz [ 253.738279][ T6356] usb 2-1: config 0 descriptor?? [ 253.770379][T13886] tmpfs: Bad value for 'mpol' [ 253.803915][ T6356] gspca_main: pac207-2.14.0 probing 093a:2476 [ 253.921175][ T6356] gspca_pac207: Failed to read a register (index 0x0000, error -110) [ 254.002932][T13901] tmpfs: Bad value for 'mpol' [ 254.108533][ T6356] usb 2-1: USB disconnect, device number 17 [ 254.279838][T13909] loop0: detected capacity change from 0 to 4096 [ 254.308935][T13916] loop3: detected capacity change from 0 to 64 [ 254.357649][T13909] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 254.386427][T13916] MINIX-fs: mounting file system with errors, running fsck is recommended [ 254.737726][T13938] loop1: detected capacity change from 0 to 1024 [ 254.825452][T13938] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 254.893039][T13949] loop4: detected capacity change from 0 to 512 [ 254.939779][T13938] hfsplus: filesystem is marked journaled, leaving read-only. [ 254.992074][T13949] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2802e028, mo2=0002] [ 255.013412][T13949] System zones: 1-12 [ 255.059559][T13958] netlink: 'syz.3.4320': attribute type 3 has an invalid length. [ 255.117025][T13949] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 33261: comm syz.4.4317: invalid block [ 255.138310][T13949] EXT4-fs (loop4): Remounting filesystem read-only [ 255.148785][T13949] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.4317: invalid indirect mapped block 8 (level 2) [ 255.162985][T13949] EXT4-fs (loop4): Remounting filesystem read-only [ 255.186257][T13949] EXT4-fs (loop4): 1 truncate cleaned up [ 255.198945][T13949] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_dev=0x0000000000000008,data_err=ignore,noinit_itable,sysvgroups,errors=remount-ro,. Quota mode: none. [ 255.376156][T13974] x_tables: duplicate entry at hook 3 [ 255.491226][ T21] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 255.493784][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.784504][ T21] usb 1-1: Using ep0 maxpacket: 16 [ 256.061186][ T21] usb 1-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 256.072227][ T21] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 256.080243][ T21] usb 1-1: Product: syz [ 256.088506][T13975] loop1: detected capacity change from 0 to 32768 [ 256.125226][ T21] usb 1-1: Manufacturer: syz [ 256.130615][ T21] usb 1-1: SerialNumber: syz [ 256.168858][T13975] JBD2: Ignoring recovery information on journal [ 256.179387][ T21] usb 1-1: config 0 descriptor?? [ 256.205329][T14007] loop4: detected capacity change from 0 to 128 [ 256.275404][T13975] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode. [ 256.326641][T14014] netlink: set zone limit has 8 unknown bytes [ 256.349272][ T4183] ocfs2: Unmounting device (7,1) on (node local) [ 256.492147][ T21] speedtch 1-1:0.0: speedtch_bind: wrong device class 68 [ 256.500767][ T21] speedtch 1-1:0.0: usbatm_usb_probe: bind failed: -19! [ 256.667054][T14030] RDS: rds_bind could not find a transport for fc02::1, load rds_tcp or rds_rdma? [ 256.725715][ T6355] usb 1-1: USB disconnect, device number 20 [ 256.764667][T14036] loop1: detected capacity change from 0 to 1024 [ 256.888973][ T416] hfsplus: b-tree write err: -5, ino 4 [ 256.931054][ T4600] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 257.085414][T14052] loop1: detected capacity change from 0 to 256 [ 257.176832][T14052] exfat: Deprecated parameter 'utf8' [ 257.182778][T14052] exfat: Deprecated parameter 'utf8' [ 257.188107][T14052] exfat: Deprecated parameter 'namecase' [ 257.190998][ T4600] usb 3-1: Using ep0 maxpacket: 16 [ 257.248711][T14052] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 257.369317][T14056] netlink: 'syz.3.4367': attribute type 4 has an invalid length. [ 257.400974][T14056] netlink: 152 bytes leftover after parsing attributes in process `syz.3.4367'. [ 257.420447][T14041] loop4: detected capacity change from 0 to 32768 [ 257.444584][T14056] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 257.505467][T14041] JBD2: Ignoring recovery information on journal [ 257.551117][ T4600] usb 3-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 257.570403][ T4600] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 257.578887][ T4600] usb 3-1: Product: syz [ 257.583520][ T4600] usb 3-1: Manufacturer: syz [ 257.588265][ T4600] usb 3-1: SerialNumber: syz [ 257.598342][T14041] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode. [ 257.616777][ T4600] usb 3-1: config 0 descriptor?? [ 257.705658][T14062] bridge0: port 1(bridge_slave_0) entered forwarding state [ 257.784095][ T4181] ocfs2: Unmounting device (7,4) on (node local) [ 257.897746][ T4600] speedtch 3-1:0.0: speedtch_bind: data interface not found! [ 257.902869][T14054] loop0: detected capacity change from 0 to 32768 [ 257.907749][ T4600] speedtch 3-1:0.0: usbatm_usb_probe: bind failed: -19! [ 257.986477][T14054] [ 257.986477][T14054] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 257.986477][T14054] [ 258.059724][T14054] ERROR: (device loop0): diWrite: ixpxd invalid [ 258.059724][T14054] [ 258.110121][T14054] ERROR: (device loop0): txCommit: [ 258.110121][T14054] [ 258.114564][T14058] loop1: detected capacity change from 0 to 32768 [ 258.149673][ T4600] usb 3-1: USB disconnect, device number 17 [ 258.190716][ T4190] [ 258.190716][ T4190] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 258.190716][ T4190] [ 258.220573][ T4190] [ 258.220573][ T4190] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 258.220573][ T4190] [ 258.234122][T14058] JBD2: Ignoring recovery information on journal [ 258.317398][T14058] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 258.371346][T14058] OCFS2: ERROR (device loop1): int ocfs2_xattr_find_entry(struct inode *, int, const char *, struct ocfs2_xattr_search *): corrupted xattr entries [ 258.371472][T14058] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 258.429845][T14058] OCFS2: File system is now read-only. [ 258.452627][T14058] (syz.1.4368,14058,0):ocfs2_calc_xattr_init:642 ERROR: status = -117 [ 258.478471][T14086] loop4: detected capacity change from 0 to 512 [ 258.503622][T14058] (syz.1.4368,14058,0):ocfs2_mknod:334 ERROR: status = -117 [ 258.511387][T14086] EXT4-fs (loop4): Ignoring removed bh option [ 258.517487][T14086] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 258.551115][T14058] (syz.1.4368,14058,0):ocfs2_mknod:502 ERROR: status = -117 [ 258.561223][T14086] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 258.593576][T14058] (syz.1.4368,14058,0):ocfs2_create:676 ERROR: status = -117 [ 258.627459][T14086] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 258.651301][ T4183] ocfs2: Unmounting device (7,1) on (node local) [ 258.656116][T14086] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 258.701373][T14098] Option ' ˴-]' to dns_resolver key: bad/missing value [ 258.724477][T14086] EXT4-fs (loop4): mounted filesystem without journal. Opts: discard,bh,noblock_validity,,errors=continue. Quota mode: none. [ 258.787676][T14086] EXT4-fs warning (device loop4): ext4_group_extend:1852: can't read last block, resize aborted [ 259.112853][T14127] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4400'. [ 259.410606][T14142] netlink: 'syz.4.4407': attribute type 1 has an invalid length. [ 259.418797][T14142] netlink: 224 bytes leftover after parsing attributes in process `syz.4.4407'. [ 259.463468][T14135] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 259.846753][T14154] loop2: detected capacity change from 0 to 4096 [ 259.855879][T14160] loop0: detected capacity change from 0 to 256 [ 260.045634][T14154] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 260.114024][T14162] loop1: detected capacity change from 0 to 1024 [ 260.270243][T14162] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 260.346495][T14162] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 260.464090][T14178] x_tables: duplicate underflow at hook 2 [ 260.816999][T14195] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 260.819413][T14188] loop4: detected capacity change from 0 to 4096 [ 261.028234][T14188] ntfs: volume version 3.1. [ 261.048734][T14188] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup. [ 261.055593][T14207] netlink: 'syz.1.4436': attribute type 10 has an invalid length. [ 261.093577][T14205] loop2: detected capacity change from 0 to 1024 [ 261.097228][T14207] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 261.104232][T14188] ntfs: (device loop4): load_and_init_quota(): Failed to find inode number for $Quota. [ 261.124243][T14199] loop3: detected capacity change from 0 to 4096 [ 261.136822][T14207] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 261.147609][T14188] ntfs: (device loop4): load_system_files(): Failed to load $Quota. Mounting read-only. Run chkdsk. [ 261.189116][T14170] loop0: detected capacity change from 0 to 32768 [ 261.199615][T14188] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup. [ 261.231985][T14188] ntfs: (device loop4): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl. [ 261.243205][T14205] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 261.257753][T14199] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 261.281692][T14188] ntfs: (device loop4): load_system_files(): Failed to load $UsnJrnl. Will not be able to remount read-write. Run chkdsk. [ 261.294962][T14205] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 261.323715][T14170] JBD2: Ignoring recovery information on journal [ 261.439561][T14214] loop1: detected capacity change from 0 to 1024 [ 261.510172][T14170] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode. [ 261.641982][T14214] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000000a,grpquota,auto_da_alloc,grpquota,,errors=continue. Quota mode: writeback. [ 261.878442][ T4190] ocfs2: Unmounting device (7,0) on (node local) [ 262.190081][T14233] loop0: detected capacity change from 0 to 512 [ 262.268950][T14233] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2802e028, mo2=0002] [ 262.375041][T14233] System zones: 1-12 [ 262.416064][T14233] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 33261: comm syz.0.4441: invalid block [ 262.476736][T14233] EXT4-fs (loop0): Remounting filesystem read-only [ 262.488710][T14233] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.4441: invalid indirect mapped block 8 (level 2) [ 262.550956][T14233] EXT4-fs (loop0): Remounting filesystem read-only [ 262.557810][T14233] EXT4-fs (loop0): 1 truncate cleaned up [ 262.592153][T14233] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_dev=0x0000000000000008,data_err=ignore,noinit_itable,sysvgroups,errors=remount-ro,. Quota mode: none. [ 262.736763][T14219] loop2: detected capacity change from 0 to 32768 [ 262.875716][T14219] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.4440 (14219) [ 262.930192][T14219] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 262.946900][T14267] loop4: detected capacity change from 0 to 512 [ 262.956240][T14219] BTRFS info (device loop2): using free space tree [ 262.969091][T14219] BTRFS info (device loop2): has skinny extents [ 263.117960][T14267] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 263.229007][T14267] EXT4-fs error (device loop4): ext4_xattr_block_list:719: inode #15: comm syz.4.4465: corrupted xattr block 13 [ 263.297082][T14300] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4472'. [ 263.330981][T14219] BTRFS info (device loop2): enabling ssd optimizations [ 263.333020][T14308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:00) already exists on: batadv_slave_0 [ 263.349455][T14308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.363596][T14308] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 263.532516][T14315] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4474'. [ 263.748313][T14326] loop0: detected capacity change from 0 to 256 [ 263.936538][T14326] FAT-fs (loop0): Directory bread(block 64) failed [ 263.955278][T14326] FAT-fs (loop0): Directory bread(block 65) failed [ 263.983229][T14326] FAT-fs (loop0): Directory bread(block 66) failed [ 263.990162][T14326] FAT-fs (loop0): Directory bread(block 67) failed [ 264.061542][T14326] FAT-fs (loop0): Directory bread(block 68) failed [ 264.068104][T14326] FAT-fs (loop0): Directory bread(block 69) failed [ 264.115567][T14326] FAT-fs (loop0): Directory bread(block 70) failed [ 264.148950][T14326] FAT-fs (loop0): Directory bread(block 71) failed [ 264.173671][T14326] FAT-fs (loop0): Directory bread(block 72) failed [ 264.208589][ T26] audit: type=1400 audit(520.174:18): apparmor="DENIED" operation="change_profile" info="label not found" error=-22 profile="unconfined" name="&" pid=14344 comm="syz.1.4492" [ 264.226225][T14326] FAT-fs (loop0): Directory bread(block 73) failed [ 264.436078][T14355] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4493'. [ 264.527041][T14359] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4497'. [ 264.673567][T14369] loop3: detected capacity change from 0 to 512 [ 264.756375][T14377] xt_CT: You must specify a L4 protocol and not use inversions on it [ 264.994998][T14369] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,bsddf,. Quota mode: writeback. [ 265.060793][T14369] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz.3.4503: invalid size [ 265.151950][T14369] EXT4-fs (loop3): Remounting filesystem read-only [ 265.301379][T14397] loop1: detected capacity change from 0 to 4096 [ 265.388394][T14397] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 265.728171][T14384] loop0: detected capacity change from 0 to 32768 [ 265.883692][T14384] JBD2: Ignoring recovery information on journal [ 265.951211][T14384] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 266.010327][T14384] OCFS2: ERROR (device loop0): int ocfs2_xattr_find_entry(struct inode *, int, const char *, struct ocfs2_xattr_search *): corrupted xattr entries [ 266.010419][T14384] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 266.148620][T14384] OCFS2: Returning error to the calling process. [ 266.204589][T14384] (syz.0.4510,14384,1):ocfs2_setattr:1302 ERROR: status = -117 [ 266.359264][ T4190] ocfs2: Unmounting device (7,0) on (node local) [ 266.417140][T14463] loop4: detected capacity change from 0 to 764 [ 266.494423][T14473] loop1: detected capacity change from 0 to 256 [ 266.542739][T14475] comedi comedi0: dt2815: I/O port conflict (0x1,2) [ 266.567705][T14473] exFAT-fs (loop1): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d) [ 266.592798][T14463] Symlink component flag not implemented [ 266.598495][T14463] Symlink component flag not implemented (116) [ 266.649761][T14473] exFAT-fs (loop1): hint_cluster is invalid (521) [ 266.716390][T14473] exFAT-fs (loop1): error, invalid access to FAT (entry 0x00000208) [ 266.737726][T14473] exFAT-fs (loop1): Filesystem has been set read-only [ 266.791188][T14473] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805f414f60 iblock : 9, err : -5) [ 266.808244][T14473] exFAT-fs (loop1): error, invalid access to FAT (entry 0x00000208) [ 266.816821][T14473] exFAT-fs (loop1): error, invalid access to FAT (entry 0x00000208) [ 267.029248][T14508] loop0: detected capacity change from 0 to 64 [ 267.054137][T14494] loop2: detected capacity change from 0 to 4096 [ 267.140406][T14494] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 267.177773][T14516] loop3: detected capacity change from 0 to 64 [ 267.226127][T14521] loop1: detected capacity change from 0 to 512 [ 267.233646][T14494] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 267.239478][T14516] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing [ 267.297049][T14524] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 267.357538][T14521] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,bsddf,. Quota mode: writeback. [ 267.435773][T14530] xt_TPROXY: Can be used only with -p tcp or -p udp [ 267.449178][T14521] EXT4-fs error (device loop1): ext4_empty_dir:3136: inode #12: comm syz.1.4577: invalid size [ 267.514278][T14521] EXT4-fs (loop1): Remounting filesystem read-only [ 267.604385][T14542] loop4: detected capacity change from 0 to 1024 [ 267.612125][T14548] loop3: detected capacity change from 0 to 8 [ 267.721344][ T4327] hfsplus: b-tree write err: -5, ino 4 [ 267.750973][ T21] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 267.806792][T14556] nftables ruleset with unbound chain [ 267.908394][T14565] netlink: 68 bytes leftover after parsing attributes in process `syz.3.4598'. [ 267.950237][T14565] netlink: 'syz.3.4598': attribute type 1 has an invalid length. [ 268.010937][ T21] usb 1-1: Using ep0 maxpacket: 16 [ 268.060212][T14579] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4604'. [ 268.074845][T14581] cgroup: Unknown subsys name 'noxattr' [ 268.131240][ T21] usb 1-1: config 0 has an invalid interface number: 237 but max is 0 [ 268.149634][ T21] usb 1-1: config 0 has no interface number 0 [ 268.178567][ T21] usb 1-1: config 0 interface 237 has no altsetting 0 [ 268.363103][ T21] usb 1-1: New USB device found, idVendor=0e41, idProduct=5057, bcdDevice= 6.ad [ 268.389059][ T21] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.425266][ T21] usb 1-1: Product: syz [ 268.429462][ T21] usb 1-1: Manufacturer: syz [ 268.433016][T14607] openvswitch: netlink: Message has 4 unknown bytes. [ 268.446689][ T21] usb 1-1: SerialNumber: syz [ 268.455353][T14611] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4620'. [ 268.470857][ T21] usb 1-1: config 0 descriptor?? [ 268.492910][T14611] netlink: 'syz.2.4620': attribute type 1 has an invalid length. [ 268.538406][ T21] snd_usb_podhd 1-1:0.237: Line 6 POD HD300 found [ 268.603255][T14617] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4623'. [ 268.751971][ T21] snd_usb_podhd 1-1:0.237: cannot get proper max packet size [ 268.759471][ T21] snd_usb_podhd 1-1:0.237: Line 6 POD HD300 now disconnected [ 268.802314][ T21] snd_usb_podhd: probe of 1-1:0.237 failed with error -22 [ 269.029628][ T21] usb 1-1: USB disconnect, device number 21 [ 269.129301][T14637] loop2: detected capacity change from 0 to 16 [ 269.195858][T14637] erofs: (device loop2): mounted with root inode @ nid 36. [ 269.519964][T14600] loop4: detected capacity change from 0 to 40427 [ 269.596753][T14661] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4646'. [ 269.640257][T14663] loop0: detected capacity change from 0 to 1764 [ 269.698392][T14600] F2FS-fs (loop4): invalid crc value [ 269.725437][T14663] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 269.760567][T14600] F2FS-fs (loop4): Found nat_bits in checkpoint [ 269.881120][T14600] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 269.971079][ T4600] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 270.097190][ T4598] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 270.402605][T14701] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 270.410431][T14701] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 270.434536][T14701] infiniband syz1: set active [ 270.444881][T14701] infiniband syz1: set active [ 270.456673][T14701] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 270.511715][ T4598] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 270.531352][ T4600] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 270.540450][ T4600] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 270.547878][T14687] loop2: detected capacity change from 0 to 32768 [ 270.550639][ T4598] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 270.575576][ T4600] usb 2-1: Product: syz [ 270.579767][ T4600] usb 2-1: Manufacturer: syz [ 270.593780][T14687] [ 270.593780][T14687] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 270.593780][T14687] [ 270.600963][ T4598] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 270.637414][T14707] ipt_ECN: cannot use operation on non-tcp rule [ 270.637540][ T4600] usb 2-1: SerialNumber: syz [ 270.654991][ T4598] usb 4-1: config 1 has no interface number 1 [ 270.667288][T14687] ERROR: (device loop2): dtSearch: stack overrun! [ 270.667288][T14687] [ 270.683294][ T4598] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 270.692518][T14687] btstack dump: [ 270.731020][T14687] bn = 0, index = 0 [ 270.735171][ T4598] usb 4-1: too many endpoints for config 1 interface 2 altsetting 0: 255, using maximum allowed: 30 [ 270.747296][ T4600] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 270.750251][T14687] bn = 0, index = 0 [ 270.792222][ T4598] usb 4-1: config 1 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 270.805782][T14687] bn = 0, index = 0 [ 270.809656][T14687] bn = 0, index = 0 [ 270.816820][T14687] bn = 0, index = 0 [ 270.820642][T14687] bn = 0, index = 0 [ 270.842679][T14687] bn = 0, index = 0 [ 270.852567][T14687] bn = 0, index = 0 [ 270.856444][T14687] jfs_lookup: dtSearch returned -5 [ 270.865495][T14709] loop0: detected capacity change from 0 to 4096 [ 270.890763][ T4182] [ 270.890763][ T4182] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 270.890763][ T4182] [ 270.955906][ T4182] [ 270.955906][ T4182] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 270.955906][ T4182] [ 270.974783][T14709] ntfs: volume version 3.1. [ 270.991706][ T4598] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 271.015533][ T4598] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.024529][ T4598] usb 4-1: Product: syz [ 271.028721][ T4598] usb 4-1: Manufacturer: syz [ 271.048736][ T4598] usb 4-1: SerialNumber: syz [ 271.183745][T14717] loop4: detected capacity change from 0 to 512 [ 271.203067][T14720] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4670'. [ 271.260685][T14717] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 271.319636][T14726] loop2: detected capacity change from 0 to 512 [ 271.361404][T14717] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.4673: inode has both inline data and extents flags [ 271.378376][T14717] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.4673: couldn't read orphan inode 15 (err -117) [ 271.392049][T14717] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 271.441389][ T4600] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 271.461989][ T4598] usb 4-1: MIDIStreaming interface descriptor not found [ 271.498663][T14726] EXT4-fs (loop2): mounted filesystem without journal. Opts: usrquota,grpjquota=,nodelalloc,,errors=continue. Quota mode: writeback. [ 271.519607][ T4598] usb 4-1: USB disconnect, device number 20 [ 271.634338][ T4184] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 271.661169][ C0] usb 2-1: ath: unknown panic pattern! [ 271.715984][T14740] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4681'. [ 271.843250][T14744] loop4: detected capacity change from 0 to 4096 [ 271.858222][ T4242] usb 2-1: USB disconnect, device number 18 [ 271.905120][ T8272] udevd[8272]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 271.963851][ T4184] usb 1-1: Using ep0 maxpacket: 16 [ 271.974850][T14744] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 272.038104][T14744] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 272.091366][ T4184] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 38478, setting to 1024 [ 272.131022][ T4184] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024 [ 272.228951][T14768] xt_addrtype: both incoming and outgoing interface limitation cannot be selected [ 272.229518][T14772] loop3: detected capacity change from 0 to 256 [ 272.314781][ T4184] usb 1-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 272.329635][T14777] loop2: detected capacity change from 0 to 512 [ 272.353305][ T4184] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 272.395244][ T4184] usb 1-1: Product: syz [ 272.399444][ T4184] usb 1-1: Manufacturer: syz [ 272.410972][ T4184] usb 1-1: SerialNumber: syz [ 272.441369][ T4184] usb 1-1: config 0 descriptor?? [ 272.448195][T14777] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 272.469707][T14730] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 272.491706][ T4184] hub 1-1:0.0: bad descriptor, ignoring hub [ 272.504079][ T4184] hub: probe of 1-1:0.0 failed with error -5 [ 272.532524][ T4600] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 272.541658][ T4184] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input17 [ 272.544531][T14777] EXT4-fs (loop2): 1 truncate cleaned up [ 272.558435][ T4600] ath9k_htc: Failed to initialize the device [ 272.566067][ T4242] usb 2-1: ath9k_htc: USB layer deinitialized [ 272.629131][T14777] EXT4-fs (loop2): mounted filesystem without journal. Opts: quota,resuid=0x000000000000ee01,barrier=0x0000000000000003,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: writeback. [ 272.682088][T14797] program syz.3.4708 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 272.712666][T14798] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT [ 272.887726][T14804] netlink: 'syz.4.4711': attribute type 4 has an invalid length. [ 272.937708][T14804] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.4711'. [ 273.017723][T14802] loop3: detected capacity change from 0 to 4096 [ 273.090410][T14812] loop4: detected capacity change from 0 to 2048 [ 273.153963][T14802] NILFS (loop3): mounting unchecked fs [ 273.156374][T14812] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 273.159480][T14802] NILFS (loop3): recovery required for readonly filesystem [ 273.199229][T14822] loop1: detected capacity change from 0 to 64 [ 273.201376][T14821] loop2: detected capacity change from 0 to 512 [ 273.221001][T14812] NILFS (loop4): mounting unchecked fs [ 273.226468][T14802] NILFS (loop3): write access will be enabled during recovery [ 273.242792][T14802] NILFS (loop3): invalid segment: Checksum error in segment payload [ 273.254145][T14802] NILFS (loop3): trying rollback from an earlier position [ 273.257385][T14812] NILFS (loop4): recovery complete [ 273.296357][T14802] NILFS (loop3): norecovery option specified, skipping roll-forward recovery [ 273.306978][T14822] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop1 [ 273.312562][T14824] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 273.337479][T14821] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nouid32,i_version,. Quota mode: writeback. [ 273.364484][T14827] loop0: detected capacity change from 0 to 64 [ 273.398425][T14821] EXT4-fs error (device loop2): ext4_empty_dir:3145: inode #12: block 32: comm syz.2.4718: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 273.428828][T14802] NILFS (loop3): couldn't remount because the filesystem is in an incomplete recovery state [ 273.494739][T14821] EXT4-fs (loop2): Remounting filesystem read-only [ 273.502177][T14821] EXT4-fs warning (device loop2): ext4_empty_dir:3147: inode #12: comm syz.2.4718: directory missing '.' [ 273.567759][T14830] loop3: detected capacity change from 0 to 256 [ 273.635973][T14833] mmap: syz.0.4724 (14833): VmData 37474304 exceed data ulimit 2047. Update limits or use boot option ignore_rlimit_data. [ 273.840826][T14851] program syz.1.4732 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 274.021306][ T3545] usb 1-1: reset high-speed USB device number 22 using dummy_hcd [ 274.074596][ T3545] usb 1-1: device reset changed ep0 maxpacket size! [ 274.125006][ T4184] usb 1-1: USB disconnect, device number 22 [ 274.351087][ T4184] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 274.462218][T14877] loop3: detected capacity change from 0 to 24 [ 274.483288][T14877] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 274.515149][T14877] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 274.550111][T14879] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4746'. [ 274.562114][T14877] romfs: read error for inode 0x70040 [ 274.569630][T14881] loop1: detected capacity change from 0 to 24 [ 274.587659][T14879] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4746'. [ 274.598055][T14881] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 274.633121][T14881] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 274.736659][T14849] loop2: detected capacity change from 0 to 32768 [ 274.770946][T14849] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.4731 (14849) [ 274.831371][ T4184] usb 1-1: unable to get BOS descriptor or descriptor too short [ 274.869369][T14849] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 274.903966][T14891] loop3: detected capacity change from 0 to 1024 [ 274.928316][T14849] BTRFS info (device loop2): setting nodatacow, compression disabled [ 274.941389][ T4184] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 274.953941][T14849] BTRFS info (device loop2): disabling tree log [ 274.970068][ T4184] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 274.970424][T14849] BTRFS info (device loop2): turning on sync discard [ 275.048559][ T9190] hfsplus: b-tree write err: -5, ino 4 [ 275.087102][T14849] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 275.123272][T14849] BTRFS info (device loop2): force zstd compression, level 3 [ 275.150238][T14849] BTRFS info (device loop2): using free space tree [ 275.190336][T14849] BTRFS info (device loop2): has skinny extents [ 275.201252][ T4184] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 275.211942][ T4184] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 275.220125][ T4184] usb 1-1: Product: syz [ 275.319160][ T4184] usb 1-1: Manufacturer: syz [ 275.328628][T14923] xt_recent: Unsupported userspace flags (000000b1) [ 275.350971][ T4184] usb 1-1: SerialNumber: syz [ 275.434456][T14932] usb usb8: usbfs: interface 0 claimed by hub while 'syz.4.4764' sets config #4096 [ 275.447508][T14849] BTRFS info (device loop2): enabling ssd optimizations [ 275.896798][T14965] loop1: detected capacity change from 0 to 512 [ 275.916482][ T4184] usb 1-1: cannot find UAC_HEADER [ 275.954012][T14965] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 275.967980][ T4184] snd-usb-audio: probe of 1-1:1.0 failed with error -22 [ 275.983484][ T4184] usb 1-1: USB disconnect, device number 23 [ 276.069544][T14965] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.4780: inode has both inline data and extents flags [ 276.183242][T14965] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.4780: couldn't read orphan inode 15 (err -117) [ 276.240628][T14965] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 276.308032][T14982] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4787'. [ 276.397248][T14984] loop3: detected capacity change from 0 to 1024 [ 276.429692][ T4175] udevd[4175]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 276.513830][T14993] loop4: detected capacity change from 0 to 64 [ 276.544135][T14995] netlink: 'syz.1.4790': attribute type 1 has an invalid length. [ 276.559317][T14984] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 276.561074][T14995] netlink: 'syz.1.4790': attribute type 2 has an invalid length. [ 276.615344][T14993] Trying to free block not in datazone [ 276.621109][T14993] Trying to free block not in datazone [ 276.626591][T14993] Trying to free block not in datazone [ 276.660171][T14993] Trying to free block not in datazone [ 276.706336][T14993] minix_free_block (loop4:6): bit already cleared [ 276.766453][T14993] Trying to free block not in datazone [ 276.766517][T14993] Trying to free block not in datazone [ 276.780043][T15011] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 277.362220][T15055] netlink: 'syz.2.4820': attribute type 1 has an invalid length. [ 277.377007][T15055] netlink: 220 bytes leftover after parsing attributes in process `syz.2.4820'. [ 277.525296][T15066] loop3: detected capacity change from 0 to 4096 [ 277.651876][T15066] ntfs: volume version 3.1. [ 277.671977][T15070] loop0: detected capacity change from 0 to 512 [ 277.711062][T12745] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 277.742892][T15072] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4828'. [ 277.784746][T15070] EXT4-fs (loop0): orphan cleanup on readonly fs [ 277.794996][T15070] Quota error (device loop0): v2_read_file_info: Free block number too big (0 >= 0). [ 277.807711][T15070] EXT4-fs warning (device loop0): ext4_enable_quotas:6461: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 277.823024][T15070] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 277.832113][T15070] EXT4-fs error (device loop0): ext4_ext_check_inode:501: inode #13: comm syz.0.4827: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 277.876434][T15070] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.4827: couldn't read orphan inode 13 (err -117) [ 277.964325][T15070] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 278.011032][T12745] usb 3-1: Using ep0 maxpacket: 8 [ 278.166142][T12745] usb 3-1: config 0 has an invalid interface number: 8 but max is 0 [ 278.179471][T12745] usb 3-1: config 0 has no interface number 0 [ 278.191448][T15081] loop1: detected capacity change from 0 to 4096 [ 278.206856][T12745] usb 3-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b [ 278.225921][T15091] SET target dimension over the limit! [ 278.232360][T12745] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 278.254495][T12745] usb 3-1: config 0 descriptor?? [ 278.330270][T15081] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 278.369162][T15081] ntfs3: loop1: ntfs_sync_fs r=9 failed, -22. [ 278.396885][T15081] ntfs3: loop1: ntfs_evict_inode r=9 failed, -22. [ 278.520644][ T21] usb 3-1: USB disconnect, device number 18 [ 278.689965][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 278.780433][T15119] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 278.787699][T15119] IPv6: NLM_F_CREATE should be set when creating new route [ 278.870983][T15125] damon: min_nr_regions (0) must be at least 3 [ 279.048357][T15136] x_tables: unsorted entry at hook 1 [ 279.333218][T15156] loop2: detected capacity change from 0 to 512 [ 279.346431][T15158] loop1: detected capacity change from 0 to 1024 [ 279.369284][T15160] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4871'. [ 279.526289][T15124] loop0: detected capacity change from 0 to 32768 [ 279.543071][T15156] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,auto_da_alloc=0x0000000000000007,noauto_da_alloc,. Quota mode: writeback. [ 279.575355][ T1236] block nbd3: Attempted send on invalid socket [ 279.581919][ T1236] blk_update_request: I/O error, dev nbd3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 279.614218][ T150] block nbd3: Attempted send on invalid socket [ 279.620458][ T150] blk_update_request: I/O error, dev nbd3, sector 120 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 279.629653][T15156] Quota error (device loop2): find_block_dqentry: Quota for id 0 referenced but not present [ 279.637970][T15170] Mount JFS Failure: -5 [ 279.648538][T15156] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 279.667776][T15170] jfs_mount failed w/return code = -5 [ 279.677955][T15156] EXT4-fs error (device loop2): ext4_acquire_dquot:6209: comm syz.2.4869: Failed to acquire dquot type 0 [ 279.716653][T15185] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 279.730949][T15185] Error parsing options; rc = [-22] [ 279.757436][T15124] XFS (loop0): Mounting V5 Filesystem [ 279.764426][T15156] EXT4-fs (loop2): Remounting filesystem read-only [ 280.120145][T15124] XFS (loop0): Ending clean mount [ 280.124094][T15203] loop2: detected capacity change from 0 to 256 [ 280.130266][T15124] XFS (loop0): Quotacheck needed: Please wait. [ 280.236106][T15124] XFS (loop0): Quotacheck: Done. [ 280.287861][T15203] FAT-fs (loop2): Directory bread(block 64) failed [ 280.339378][T15203] FAT-fs (loop2): Directory bread(block 65) failed [ 280.366529][T15208] loop1: detected capacity change from 0 to 4096 [ 280.372050][T15203] FAT-fs (loop2): Directory bread(block 66) failed [ 280.391462][ T4190] XFS (loop0): Unmounting Filesystem [ 280.410061][T15203] FAT-fs (loop2): Directory bread(block 67) failed [ 280.443232][T15203] FAT-fs (loop2): Directory bread(block 68) failed [ 280.448437][T15210] loop3: detected capacity change from 0 to 2048 [ 280.449839][T15203] FAT-fs (loop2): Directory bread(block 69) failed [ 280.611226][T15211] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 280.611339][T15203] FAT-fs (loop2): Directory bread(block 70) failed [ 280.633681][T15210] NILFS error (device loop3): nilfs_check_page: bad entry in directory #12: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 280.692314][T15210] Remounting filesystem read-only [ 280.702662][T15203] FAT-fs (loop2): Directory bread(block 71) failed [ 280.765086][T15203] FAT-fs (loop2): Directory bread(block 72) failed [ 280.781131][T15203] FAT-fs (loop2): Directory bread(block 73) failed [ 280.853357][T15216] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4892'. [ 280.913931][T15218] loop3: detected capacity change from 0 to 128 [ 281.029773][T15207] loop4: detected capacity change from 0 to 32768 [ 281.078695][T15218] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 281.238801][T15207] JBD2: Ignoring recovery information on journal [ 281.371098][T15239] netlink: 'syz.2.4901': attribute type 7 has an invalid length. [ 281.415023][T15207] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 281.416864][T15243] loop3: detected capacity change from 0 to 764 [ 281.450320][T15245] loop0: detected capacity change from 0 to 256 [ 281.452771][T15239] netlink: 'syz.2.4901': attribute type 8 has an invalid length. [ 281.537631][T15243] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 281.614088][ T4181] ocfs2: Unmounting device (7,4) on (node local) [ 281.733878][T15251] loop3: detected capacity change from 0 to 22 [ 281.748298][T15251] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 281.805028][T15251] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 281.830660][T15234] loop1: detected capacity change from 0 to 32768 [ 281.904747][T15260] netlink: 108 bytes leftover after parsing attributes in process `syz.4.4910'. [ 282.114467][T15234] XFS (loop1): Mounting V5 Filesystem [ 282.286544][T15287] sctp: [Deprecated]: syz.3.4918 (pid 15287) Use of int in maxseg socket option. [ 282.286544][T15287] Use struct sctp_assoc_value instead [ 282.287117][T15234] XFS (loop1): Ending clean mount [ 282.492078][T15278] loop2: detected capacity change from 0 to 32768 [ 282.500414][ T4183] XFS (loop1): Unmounting Filesystem [ 282.536371][T15298] ieee802154 phy1 wpan1: encryption failed: -22 [ 282.545494][T15278] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.4916 (15278) [ 282.585229][T15300] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4927'. [ 282.629084][T15302] loop3: detected capacity change from 0 to 64 [ 282.651916][T15278] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 282.665157][T15278] BTRFS info (device loop2): using free space tree [ 282.673865][T15278] BTRFS info (device loop2): has skinny extents [ 282.675672][T15304] netlink: 'syz.0.4928': attribute type 4 has an invalid length. [ 282.732362][T15304] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.4928'. [ 282.754327][T15302] Trying to free block not in datazone [ 282.762489][T15302] Trying to free block not in datazone [ 282.789038][T15302] Trying to free block not in datazone [ 282.794835][T15302] Trying to free block not in datazone [ 282.804684][T15302] minix_free_block (loop3:6): bit already cleared [ 282.832521][T15302] Trying to free block not in datazone [ 282.855694][T15302] Trying to free block not in datazone [ 282.954831][T15278] BTRFS info (device loop2): enabling ssd optimizations [ 282.976117][T15329] loop3: detected capacity change from 0 to 128 [ 283.293962][T15341] loop0: detected capacity change from 0 to 256 [ 283.355698][T15341] FAT-fs (loop0): Directory bread(block 64) failed [ 283.372966][T15341] FAT-fs (loop0): Directory bread(block 65) failed [ 283.385265][T15341] FAT-fs (loop0): Directory bread(block 66) failed [ 283.396651][T15341] FAT-fs (loop0): Directory bread(block 67) failed [ 283.438925][T15341] FAT-fs (loop0): Directory bread(block 68) failed [ 283.468237][T15341] FAT-fs (loop0): Directory bread(block 69) failed [ 283.485916][T15341] FAT-fs (loop0): Directory bread(block 70) failed [ 283.502175][T15341] FAT-fs (loop0): Directory bread(block 71) failed [ 283.511369][T15341] FAT-fs (loop0): Directory bread(block 72) failed [ 283.521668][T15341] FAT-fs (loop0): Directory bread(block 73) failed [ 283.615874][T15352] netlink: 144 bytes leftover after parsing attributes in process `syz.2.4934'. [ 283.713588][T15348] loop1: detected capacity change from 0 to 4096 [ 283.765018][T15360] tmpfs: Bad value for 'mpol' [ 283.847823][T15348] ntfs: volume version 3.1. [ 283.887792][T15368] netlink: 'syz.2.4949': attribute type 12 has an invalid length. [ 284.161002][T15353] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 284.297018][T15396] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4962'. [ 284.324363][T15396] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4962'. [ 284.422070][ T6358] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 284.482744][T15405] netlink: 'syz.4.4965': attribute type 10 has an invalid length. [ 284.511207][T15405] device veth0_macvtap left promiscuous mode [ 284.541416][T15405] batman_adv: batadv0: Adding interface: macvtap0 [ 284.551174][T15405] batman_adv: batadv0: The MTU of interface macvtap0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 284.571178][ T24] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 284.578136][T15405] batman_adv: batadv0: Not using interface macvtap0 (retrying later): interface not active [ 284.635407][T15399] loop2: detected capacity change from 0 to 32768 [ 284.691280][T15353] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 284.700383][T15353] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 284.739356][T15415] netlink: 232 bytes leftover after parsing attributes in process `syz.4.4969'. [ 284.750363][T15353] usb 1-1: Product: syz [ 284.762458][T15353] usb 1-1: Manufacturer: syz [ 284.768352][T15353] usb 1-1: SerialNumber: syz [ 284.773469][T15399] XFS (loop2): Mounting V5 Filesystem [ 284.832230][ T24] usb 4-1: Using ep0 maxpacket: 16 [ 284.841989][T15353] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 284.927149][T15399] XFS (loop2): Ending clean mount [ 284.951321][ T6358] usb 2-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96 [ 284.960537][ T6358] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 284.969235][ T24] usb 4-1: config index 0 descriptor too short (expected 16456, got 72) [ 284.979370][ T24] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 284.991141][ T24] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 285.001027][ T6358] usb 2-1: Product: syz [ 285.005208][ T6358] usb 2-1: Manufacturer: syz [ 285.018883][ T6358] usb 2-1: SerialNumber: syz [ 285.023637][ T24] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 285.035497][ T6358] usb 2-1: config 0 descriptor?? [ 285.043968][ T24] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 285.058488][ T24] usb 4-1: config 0 has no interface number 0 [ 285.064810][ T24] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 285.091227][ T24] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 285.102220][ T24] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 285.112811][ T24] usb 4-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 285.133091][ T24] usb 4-1: config 0 interface 125 has no altsetting 0 [ 285.139945][ T24] usb 4-1: config 0 interface 125 has no altsetting 2 [ 285.213691][ T4182] XFS (loop2): Unmounting Filesystem [ 285.291310][ T6358] peak_usb 2-1:0.0: PEAK-System PCAN-USB FD v0 fw v0.0.0 (1 channels) [ 285.311373][ T24] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 285.326146][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 285.344530][ T24] usb 4-1: Product: syz [ 285.348744][ T24] usb 4-1: Manufacturer: syz [ 285.363824][ T24] usb 4-1: SerialNumber: syz [ 285.391452][ T24] usb 4-1: config 0 descriptor?? [ 285.400130][T15431] loop4: detected capacity change from 0 to 32768 [ 285.421925][T15431] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.4974 (15431) [ 285.432670][ T24] usb 4-1: selecting invalid altsetting 2 [ 285.461043][T15353] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 285.488309][T15431] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 285.501038][ T6358] peak_usb 2-1:0.0 can0: unable to request usb[type=2 value=5] err=-71 [ 285.508016][T15431] BTRFS info (device loop4): using free space tree [ 285.509301][ T6358] peak_usb 2-1:0.0: unable to tell PCAN-USB FD driver is loaded (err -71) [ 285.541244][T15431] BTRFS info (device loop4): has skinny extents [ 285.622038][ T6358] peak_usb: probe of 2-1:0.0 failed with error -71 [ 285.658361][ T6358] usb 2-1: USB disconnect, device number 19 [ 285.816496][T15431] BTRFS info (device loop4): enabling ssd optimizations [ 285.857473][T12745] usb 1-1: USB disconnect, device number 24 [ 285.880939][ C1] usb 4-1: async_complete: urb error -71 [ 285.886679][ C1] usb 4-1: async_complete: urb error -71 [ 285.892386][ C1] usb 4-1: async_complete: urb error -71 [ 285.900610][ T24] get_1284_register: usb error -71 [ 285.905840][ T24] uss720: probe of 4-1:0.125 failed with error -71 [ 285.919096][ T24] usb 4-1: USB disconnect, device number 21 [ 285.934934][T15463] netlink: 'syz.2.4980': attribute type 1 has an invalid length. [ 285.942853][T15463] netlink: 'syz.2.4980': attribute type 2 has an invalid length. [ 285.950800][T15463] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4980'. [ 286.263253][T15474] misc userio: The device must be registered before sending interrupts [ 286.681184][T15353] usb 1-1: Service connection timeout for: 256 [ 286.687390][T15353] ath9k_htc 1-1:1.0: ath9k_htc: Unable to initialize HTC services [ 286.718663][T15353] ath9k_htc: Failed to initialize the device [ 286.747813][T12745] usb 1-1: ath9k_htc: USB layer deinitialized [ 286.751742][T15505] loop3: detected capacity change from 0 to 512 [ 286.797434][T15508] loop2: detected capacity change from 0 to 512 [ 286.867549][T15505] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.5001: inode has both inline data and extents flags [ 286.881529][T15505] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.5001: couldn't read orphan inode 15 (err -117) [ 286.896716][T15508] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 286.936351][T15505] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 287.095434][T15527] loop1: detected capacity change from 0 to 8 [ 287.210068][T15527] unable to read fragment index table [ 287.394264][T15551] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5022'. [ 287.645835][T15570] loop0: detected capacity change from 0 to 128 [ 287.649308][T15566] loop4: detected capacity change from 0 to 64 [ 287.953573][T15592] xt_CONNSECMARK: invalid mode: 66 [ 288.171106][ T24] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 288.537495][T15626] loop0: detected capacity change from 0 to 256 [ 288.561145][ T24] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 288.587190][ T24] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 288.602416][ T24] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 288.624884][T15626] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 288.636962][T15628] loop1: detected capacity change from 0 to 16 [ 288.658843][T15626] FAT-fs (loop0): Filesystem has been set read-only [ 288.681081][ T24] usb 5-1: config 220 has no interface number 2 [ 288.687515][ T24] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 288.715259][T15628] erofs: (device loop1): mounted with root inode @ nid 36. [ 288.738716][ T24] usb 5-1: config 220 interface 0 has no altsetting 0 [ 288.747127][ T24] usb 5-1: config 220 interface 76 has no altsetting 0 [ 288.754313][ T24] usb 5-1: config 220 interface 1 has no altsetting 0 [ 288.921284][ T24] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 288.941605][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 288.949658][ T24] usb 5-1: Product: syz [ 288.974371][ T24] usb 5-1: Manufacturer: syz [ 288.986458][ T24] usb 5-1: SerialNumber: syz [ 289.078926][T15613] loop3: detected capacity change from 0 to 32768 [ 289.092549][T15644] loop0: detected capacity change from 0 to 8 [ 289.174174][T15613] XFS (loop3): Mounting V5 Filesystem [ 289.228519][T15644] SQUASHFS error: lzo decompression failed, data probably corrupt [ 289.251210][T15644] SQUASHFS error: Failed to read block 0x91: -5 [ 289.267854][T15644] SQUASHFS error: Unable to read metadata cache entry [8f] [ 289.287059][T15644] SQUASHFS error: Unable to read inode 0x11f [ 289.349432][T15664] loop2: detected capacity change from 0 to 256 [ 289.367747][T15613] XFS (loop3): Ending clean mount [ 289.381333][ T24] usb 5-1: Found UVC 7.01 device syz (8086:0b07) [ 289.387729][ T24] usb 5-1: No valid video chain found. [ 289.408560][ T24] usb 5-1: selecting invalid altsetting 0 [ 289.446766][T15664] FAT-fs (loop2): Directory bread(block 64) failed [ 289.464073][T15664] FAT-fs (loop2): Directory bread(block 65) failed [ 289.476594][T15664] FAT-fs (loop2): Directory bread(block 66) failed [ 289.499438][T15613] XFS (loop3): WARNING: Reset corrupted AGFL on AG 0. 1 blocks leaked. Please unmount and run xfs_repair. [ 289.506470][ T24] usb 5-1: selecting invalid altsetting 0 [ 289.532107][T15664] FAT-fs (loop2): Directory bread(block 67) failed [ 289.538714][T15664] FAT-fs (loop2): Directory bread(block 68) failed [ 289.551197][ T24] usbtest: probe of 5-1:220.1 failed with error -22 [ 289.580009][ T24] usb 5-1: USB disconnect, device number 26 [ 289.598024][T15664] FAT-fs (loop2): Directory bread(block 69) failed [ 289.629296][T15664] FAT-fs (loop2): Directory bread(block 70) failed [ 289.641762][T15672] loop0: detected capacity change from 0 to 64 [ 289.653405][ T4191] XFS (loop3): Unmounting Filesystem [ 289.654830][T15664] FAT-fs (loop2): Directory bread(block 71) failed [ 289.676092][T15674] dlm: dev_write: no op 0 0 [ 289.765838][T15664] FAT-fs (loop2): Directory bread(block 72) failed [ 289.777374][T15664] FAT-fs (loop2): Directory bread(block 73) failed [ 289.917901][T15680] netlink: 'syz.0.5081': attribute type 1 has an invalid length. [ 290.471021][ T6358] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 290.583035][T15678] loop1: detected capacity change from 0 to 32768 [ 290.630973][T15678] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.5082 (15678) [ 290.699001][T15678] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 290.725096][T15678] BTRFS info (device loop1): setting nodatacow, compression disabled [ 290.771803][T15678] BTRFS info (device loop1): disabling tree log [ 290.811017][T15678] BTRFS info (device loop1): turning on sync discard [ 290.815699][T15732] loop3: detected capacity change from 0 to 256 [ 290.817733][T15678] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 290.841580][ T6358] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 290.863749][ T6358] usb 1-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53 [ 290.869332][T15732] exfat: Deprecated parameter 'namecase' [ 290.888912][T15732] exfat: Deprecated parameter 'namecase' [ 290.895017][ T6358] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 290.910933][T15678] BTRFS info (device loop1): force zstd compression, level 3 [ 290.918349][T15678] BTRFS info (device loop1): using free space tree [ 290.931849][ T6358] usb 1-1: config 0 descriptor?? [ 290.933650][T12745] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 290.949739][T15678] BTRFS info (device loop1): has skinny extents [ 290.988916][T15732] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x7808ae6a, utbl_chksum : 0xe619d30d) [ 291.080191][T15732] exFAT-fs (loop3): hint_cluster is invalid (4278190089) [ 291.107492][T15732] exFAT-fs (loop3): error, failed to bmap (inode : ffff88805f62aee0 iblock : 8, err : -5) [ 291.119652][T15732] exFAT-fs (loop3): error, invalid access to FAT (entry 0xff000008) [ 291.128414][T15732] exFAT-fs (loop3): error, invalid access to FAT (entry 0xff000008) [ 291.147501][T15678] BTRFS info (device loop1): enabling ssd optimizations [ 291.208073][ T9190] attempt to access beyond end of device [ 291.208073][ T9190] loop3: rw=1, want=34225520826, limit=256 [ 291.265893][ T9190] Buffer I/O error on dev loop3, logical block 34225520825, lost async page write [ 291.288893][ T9190] attempt to access beyond end of device [ 291.288893][ T9190] loop3: rw=1, want=34225520827, limit=256 [ 291.290993][T12745] usb 3-1: Using ep0 maxpacket: 16 [ 291.300740][ T9190] Buffer I/O error on dev loop3, logical block 34225520826, lost async page write [ 291.315067][ T9190] attempt to access beyond end of device [ 291.315067][ T9190] loop3: rw=1, want=34225520828, limit=256 [ 291.339385][ T9190] Buffer I/O error on dev loop3, logical block 34225520827, lost async page write [ 291.349023][ T9190] attempt to access beyond end of device [ 291.349023][ T9190] loop3: rw=1, want=34225520829, limit=256 [ 291.360827][ T9190] Buffer I/O error on dev loop3, logical block 34225520828, lost async page write [ 291.370582][ T9190] attempt to access beyond end of device [ 291.370582][ T9190] loop3: rw=1, want=34225520830, limit=256 [ 291.386339][ T9190] Buffer I/O error on dev loop3, logical block 34225520829, lost async page write [ 291.406177][ T6358] usb 1-1: USB disconnect, device number 25 [ 291.412278][ T9190] attempt to access beyond end of device [ 291.412278][ T9190] loop3: rw=1, want=34225520831, limit=256 [ 291.424743][ T9190] Buffer I/O error on dev loop3, logical block 34225520830, lost async page write [ 291.435790][ T9190] attempt to access beyond end of device [ 291.435790][ T9190] loop3: rw=1, want=34225520832, limit=256 [ 291.451267][ T9190] Buffer I/O error on dev loop3, logical block 34225520831, lost async page write [ 291.472746][T12745] usb 3-1: config 254 has an invalid interface number: 235 but max is 0 [ 291.496562][T12745] usb 3-1: config 254 has no interface number 0 [ 291.507236][T12745] usb 3-1: config 254 interface 235 altsetting 2 bulk endpoint 0x6 has invalid maxpacket 32 [ 291.519336][T12745] usb 3-1: config 254 interface 235 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 291.548147][T12745] usb 3-1: config 254 interface 235 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 291.558684][T12745] usb 3-1: config 254 interface 235 has no altsetting 0 [ 291.668694][T15772] loop4: detected capacity change from 0 to 512 [ 291.744837][T12745] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=2b.f1 [ 291.754049][T12745] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 291.762312][T12745] usb 3-1: Product: syz [ 291.766473][T12745] usb 3-1: Manufacturer: syz [ 291.771365][T12745] usb 3-1: SerialNumber: syz [ 291.801419][T15722] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 291.869416][T15772] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 291.886948][T15772] EXT4-fs error (device loop4): ext4_orphan_get:1427: comm syz.4.5118: bad orphan inode 15 [ 291.951365][T15772] ext4_test_bit(bit=14, block=4) = 1 [ 291.956687][T15772] is_bad_inode(inode)=0 [ 291.972861][T15772] NEXT_ORPHAN(inode)=0 [ 291.976959][T15772] max_ino=32 [ 291.980153][T15772] i_nlink=1 [ 291.993129][T15772] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,acl,noload,data_err=ignore,usrjquota="init_itable=0x0000000000000601,init_itable=0x0000000000000101,noblock_validity,,errors=continue. Quota mode: writeback. [ 292.047465][T15722] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 292.066929][T12745] usbtest 3-1:254.235: Linux gadget zero [ 292.080788][T12745] usbtest 3-1:254.235: high-speed {control in/out bulk-out int-in} tests (+alt) [ 292.116149][T15772] EXT4-fs error (device loop4): ext4_append:79: inode #2: comm syz.4.5118: Logical block already allocated [ 292.250995][ T6357] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 292.291429][ T4604] usb 3-1: USB disconnect, device number 19 [ 292.341078][ T6358] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 292.501011][ T6357] usb 1-1: Using ep0 maxpacket: 8 [ 292.511686][T15790] loop4: detected capacity change from 0 to 164 [ 292.591091][ T6358] usb 4-1: Using ep0 maxpacket: 16 [ 292.711242][ T6358] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 292.723433][ T6358] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 292.736956][ T6358] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 292.791081][ T6357] usb 1-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52 [ 292.815164][ T6357] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 292.833560][ T6357] usb 1-1: Product: syz [ 292.843678][ T6357] usb 1-1: Manufacturer: syz [ 292.853790][ T6357] usb 1-1: SerialNumber: syz [ 292.887326][ T6357] usb 1-1: config 0 descriptor?? [ 292.921795][ T6358] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 292.951657][ T6358] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 292.965330][ T6358] usb 4-1: Product: syz [ 292.969503][ T6358] usb 4-1: Manufacturer: syz [ 292.981171][ T6358] usb 4-1: SerialNumber: syz [ 293.068914][T15812] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5136'. [ 293.118870][T15816] netlink: 'syz.1.5138': attribute type 1 has an invalid length. [ 293.139908][ T4604] usb 1-1: USB disconnect, device number 26 [ 293.169942][T15816] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5138'. [ 293.191666][T15820] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5140'. [ 293.307551][ T4175] udevd[4175]: inotify_add_watch(7, /dev/nbd2p4, 10) failed: No such file or directory [ 293.331113][ T6358] usb 4-1: 0:2 : does not exist [ 293.529530][T15840] loop2: detected capacity change from 0 to 2048 [ 293.557501][ T6358] usb 4-1: USB disconnect, device number 22 [ 293.610833][T15840] EXT4-fs (loop2): mounted filesystem without journal. Opts: init_itable=0x0000000000000001,errors=remount-ro,resgid=0x0000000000000000,barrier,bsdgroups,inode_readahead_blks=0x0000000000002000,. Quota mode: none. [ 293.801872][ T4175] udevd[4175]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 293.827478][T15840] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.5150: bg 0: block 345: padding at end of block bitmap is not set [ 293.879316][T15840] EXT4-fs (loop2): Remounting filesystem read-only [ 293.912355][T15840] EXT4-fs error (device loop2): ext4_xattr_block_set:2207: inode #15: comm syz.2.5150: bad block 128 [ 293.953344][T15863] loop3: detected capacity change from 0 to 256 [ 293.970112][T15840] EXT4-fs (loop2): Remounting filesystem read-only [ 294.103860][T15863] FAT-fs (loop3): Directory bread(block 64) failed [ 294.118325][T15863] FAT-fs (loop3): Directory bread(block 65) failed [ 294.137139][T15863] FAT-fs (loop3): Directory bread(block 66) failed [ 294.141009][T15869] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5164'. [ 294.193844][T15863] FAT-fs (loop3): Directory bread(block 67) failed [ 294.245145][T15863] FAT-fs (loop3): Directory bread(block 68) failed [ 294.276044][T15863] FAT-fs (loop3): Directory bread(block 69) failed [ 294.310357][T15863] FAT-fs (loop3): Directory bread(block 70) failed [ 294.314188][T15877] netlink: 'syz.4.5167': attribute type 2 has an invalid length. [ 294.339063][T15863] FAT-fs (loop3): Directory bread(block 71) failed [ 294.372418][T15863] FAT-fs (loop3): Directory bread(block 72) failed [ 294.373147][T15877] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 294.415326][T15863] FAT-fs (loop3): Directory bread(block 73) failed [ 294.476417][T15879] device ip6gre2 entered promiscuous mode [ 294.889137][T15849] syz.1.5154 (15849): drop_caches: 2 [ 295.076727][T15915] netlink: 'syz.1.5185': attribute type 12 has an invalid length. [ 295.113185][T15919] loop3: detected capacity change from 0 to 256 [ 295.211303][T15919] FAT-fs (loop3): Directory bread(block 64) failed [ 295.232496][T15919] FAT-fs (loop3): Directory bread(block 65) failed [ 295.253418][T15911] loop0: detected capacity change from 0 to 4096 [ 295.267187][T15919] FAT-fs (loop3): Directory bread(block 66) failed [ 295.290470][T15919] FAT-fs (loop3): Directory bread(block 67) failed [ 295.311103][T15919] FAT-fs (loop3): Directory bread(block 68) failed [ 295.319044][T15919] FAT-fs (loop3): Directory bread(block 69) failed [ 295.332605][T15919] FAT-fs (loop3): Directory bread(block 70) failed [ 295.347346][T15931] device bridge5 entered promiscuous mode [ 295.358177][T15919] FAT-fs (loop3): Directory bread(block 71) failed [ 295.365291][T15919] FAT-fs (loop3): Directory bread(block 72) failed [ 295.379487][T15919] FAT-fs (loop3): Directory bread(block 73) failed [ 295.400313][T15911] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 295.409258][T15933] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 295.427131][T15933] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 295.482111][T15933] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 295.536824][T15933] device batadv_slave_0 left promiscuous mode [ 295.584412][T15933] device vlan0 left promiscuous mode [ 295.646849][ T26] audit: type=1800 audit(551.614:19): pid=15911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.5184" name="bus" dev="loop0" ino=64 res=0 errno=0 [ 295.994072][T15923] loop4: detected capacity change from 0 to 32768 [ 296.061852][T15955] loop1: detected capacity change from 0 to 4096 [ 296.080730][T15923] read_mapping_page failed! [ 296.151379][ T4604] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 296.197565][T15955] ntfs: volume version 3.1. [ 296.255540][T15955] ntfs: (device loop1): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 296.369153][T15955] ntfs: (device loop1): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5). [ 296.412162][ T4604] usb 3-1: Using ep0 maxpacket: 16 [ 296.495543][T15971] nvme_fabrics: missing parameter 'transport=%s' [ 296.532965][T15955] overlayfs: failed to resolve './bus': -2 [ 296.538937][T15971] nvme_fabrics: missing parameter 'nqn=%s' [ 296.545577][ T4604] usb 3-1: config 0 has an invalid interface number: 214 but max is 0 [ 296.560183][ T4604] usb 3-1: config 0 has no interface number 0 [ 296.572113][ T4604] usb 3-1: config 0 interface 214 altsetting 0 endpoint 0x83 has an invalid bInterval 255, changing to 11 [ 296.612825][ T4604] usb 3-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 59391, setting to 1024 [ 296.709623][T15986] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 296.805045][ T4604] usb 3-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 296.845005][ T4604] usb 3-1: New USB device strings: Mfr=1, Product=0, SerialNumber=3 [ 296.882566][ T4604] usb 3-1: Manufacturer: syz [ 296.891193][ T4604] usb 3-1: SerialNumber: syz [ 296.900622][T15998] loop0: detected capacity change from 0 to 22 [ 296.923345][ T4604] usb 3-1: config 0 descriptor?? [ 296.923812][T15992] loop3: detected capacity change from 0 to 1024 [ 296.942257][T15945] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 296.950083][T15998] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 296.975040][T15998] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 296.994835][T16000] loop4: detected capacity change from 0 to 512 [ 297.092874][T16000] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.5228: iget: bad extra_isize 50264 (inode size 256) [ 297.164849][T15992] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodelalloc,nobarrier,errors=remount-ro,. Quota mode: none. [ 297.190966][ T4604] usbtouchscreen 3-1:0.214: Failed to read FW rev: -71 [ 297.197981][ T4604] usbtouchscreen: probe of 3-1:0.214 failed with error -71 [ 297.208421][T16012] xt_TCPMSS: Only works on TCP SYN packets [ 297.214637][ T4604] usb 3-1: USB disconnect, device number 20 [ 297.226757][T16000] EXT4-fs (loop4): Remounting filesystem read-only [ 297.261615][T15992] EXT4-fs warning (device loop3): ext4_empty_dir:3147: inode #11: comm syz.3.5225: directory missing '.' [ 297.281590][T16000] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.5228: couldn't read orphan inode 15 (err -117) [ 297.355919][T16000] EXT4-fs (loop4): Remounting filesystem read-only [ 297.362181][T16017] netlink: 'syz.1.5234': attribute type 1 has an invalid length. [ 297.364111][T16000] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,journal_dev=0x0000000000000010,inode_readahead_blks=0x0000000000000000,noinit_itable,errors=continue,errors=continue,errors=remount-ro,inode_readahead_blks=0x0000000000000004,auto_da_alloc,norecovery,stripe=0x000000000. Quota mode: none. [ 297.811054][ T6358] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 297.910047][T16050] loop3: detected capacity change from 0 to 2048 [ 297.974217][T16053] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 298.015333][T16050] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 298.049527][T16050] Remounting filesystem read-only [ 298.051047][ T6358] usb 1-1: Using ep0 maxpacket: 32 [ 298.060419][T16050] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 298.071832][T16050] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 298.081859][T16050] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 298.091815][T16050] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 298.106453][T16050] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 298.116636][ T26] audit: type=1800 audit(554.084:20): pid=16050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5251" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 298.151189][ T6357] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 298.211092][ T6358] usb 1-1: config 0 interface 0 has no altsetting 0 [ 298.217732][ T6358] usb 1-1: New USB device found, idVendor=2040, idProduct=c603, bcdDevice= 1.8e [ 298.260026][ T6358] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 298.285611][ T6358] usb 1-1: config 0 descriptor?? [ 298.322768][ T6358] usb 1-1: dvb_usb_v2: found a 'Hauppauge 126xxx ATSC+' in warm state [ 298.347959][T16049] loop1: detected capacity change from 0 to 32768 [ 298.360689][ T6358] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 298.373822][T16049] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.5250 (16049) [ 298.387451][ T6358] dvbdev: DVB: registering new adapter (Hauppauge 126xxx ATSC+) [ 298.405712][ T6357] usb 5-1: Using ep0 maxpacket: 32 [ 298.415938][ T6358] usb 1-1: media controller created [ 298.444941][ T6358] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 298.514720][T16049] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 298.531153][ T6357] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 298.534997][T16049] BTRFS info (device loop1): using free space tree [ 298.542256][ T6358] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 298.577662][T16049] BTRFS info (device loop1): has skinny extents [ 298.577942][ T6357] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 298.604919][ T6358] error writing reg: 0xff, val: 0x00 [ 298.621340][T16069] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5258'. [ 298.637603][T16069] netlink: 152 bytes leftover after parsing attributes in process `syz.3.5258'. [ 298.647215][T16069] netlink: 152 bytes leftover after parsing attributes in process `syz.3.5258'. [ 298.677687][T16069] netlink: 152 bytes leftover after parsing attributes in process `syz.3.5258'. [ 298.685929][ T6358] dvb_usb_mxl111sf: probe of 1-1:0.0 failed with error -22 [ 298.822848][ T6357] usb 5-1: New USB device found, idVendor=413c, idProduct=819b, bcdDevice=a7.c0 [ 298.849136][ T6357] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 298.871386][ T6357] usb 5-1: Product: syz [ 298.881149][ T6357] usb 5-1: Manufacturer: syz [ 298.889285][T16049] BTRFS info (device loop1): enabling ssd optimizations [ 298.891255][ T6357] usb 5-1: SerialNumber: syz [ 298.951117][T15353] usb 1-1: USB disconnect, device number 27 [ 298.971830][ T6357] usb 5-1: config 0 descriptor?? [ 299.056918][ T6357] qmi_wwan 5-1:0.0: bogus CDC Union: master=101, slave=0 [ 299.075642][ T6357] qmi_wwan: probe of 5-1:0.0 failed with error -22 [ 299.094726][T16096] loop3: detected capacity change from 0 to 2048 [ 299.176530][T16096] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 299.290420][T16096] UDF-fs: unknown compression code (0) [ 299.441922][ T1325] usb 5-1: USB disconnect, device number 27 [ 299.478051][T16106] netlink: 'syz.1.5264': attribute type 13 has an invalid length. [ 299.508560][T16106] device macvtap0 entered promiscuous mode [ 299.552198][T16106] macvtap0: refused to change device tx_queue_len [ 299.821186][ T6358] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 299.843716][T16134] loop2: detected capacity change from 0 to 128 [ 299.944221][T16134] Process accounting resumed [ 299.977741][T16134] FAT-fs (loop2): error, corrupted file size (i_pos 548, 512) [ 299.993167][T16142] netlink: 'syz.1.5287': attribute type 1 has an invalid length. [ 299.997618][T16134] FAT-fs (loop2): Filesystem has been set read-only [ 300.040508][T16142] netlink: 220 bytes leftover after parsing attributes in process `syz.1.5287'. [ 300.040580][ T1325] FAT-fs (loop2): error, corrupted file size (i_pos 548, 512) [ 300.092887][T16146] netlink: 'syz.4.5290': attribute type 8 has an invalid length. [ 300.100833][T16146] netlink: 161700 bytes leftover after parsing attributes in process `syz.4.5290'. [ 300.211258][ T6358] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xE8, skipping [ 300.237855][ T6358] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 300.414099][ T6358] usb 1-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49 [ 300.446320][ T6358] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 300.467683][ T6358] usb 1-1: Product: syz [ 300.483023][ T6358] usb 1-1: Manufacturer: syz [ 300.487633][ T6358] usb 1-1: SerialNumber: syz [ 300.544098][ T6358] usb 1-1: config 0 descriptor?? [ 300.677190][T16193] netlink: zone id is out of range [ 300.685006][T16193] netlink: zone id is out of range [ 300.708348][T16193] netlink: zone id is out of range [ 300.716793][T16193] netlink: zone id is out of range [ 300.730694][T16193] netlink: zone id is out of range [ 300.740247][T16193] netlink: zone id is out of range [ 300.749460][T16193] netlink: zone id is out of range [ 300.766019][T16193] netlink: zone id is out of range [ 300.779086][T16193] netlink: zone id is out of range [ 300.790346][T16193] netlink: zone id is out of range [ 300.807401][ T6358] usb 1-1: USB disconnect, device number 28 [ 301.081480][T16208] loop4: detected capacity change from 0 to 64 [ 301.145015][T16212] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.5322'. [ 301.173465][T16182] loop2: detected capacity change from 0 to 32768 [ 301.212552][T16214] netlink: 'syz.1.5323': attribute type 11 has an invalid length. [ 301.398507][T16182] XFS (loop2): Mounting V5 Filesystem [ 301.594537][T16182] XFS (loop2): Ending clean mount [ 301.715535][T16182] XFS (loop2): WARNING: Reset corrupted AGFL on AG 0. 1 blocks leaked. Please unmount and run xfs_repair. [ 301.738970][T16248] loop0: detected capacity change from 0 to 512 [ 301.762228][T16250] loop1: detected capacity change from 0 to 16 [ 301.858606][T16250] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 301.891705][T16250] cramfs: bad root offset 140 [ 301.893119][ T4182] XFS (loop2): Unmounting Filesystem [ 301.899190][T16248] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 301.994836][T16238] syz.4.5333 (16238): drop_caches: 2 [ 302.086865][T16248] EXT4-fs error (device loop0): mb_free_blocks:1860: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 302.124809][T16248] EXT4-fs error (device loop0): ext4_do_update_inode:5218: inode #11: comm syz.0.5336: corrupted inode contents [ 302.162559][T16248] EXT4-fs error (device loop0): ext4_dirty_inode:6054: inode #11: comm syz.0.5336: mark_inode_dirty error [ 302.192883][T16248] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.5336: invalid indirect mapped block 1 (level 1) [ 302.279746][T16248] EXT4-fs error (device loop0): ext4_do_update_inode:5218: inode #11: comm syz.0.5336: corrupted inode contents [ 302.328496][T16260] loop4: detected capacity change from 0 to 1024 [ 302.352993][T16248] EXT4-fs error (device loop0) in ext4_orphan_del:301: Corrupt filesystem [ 302.362815][T16248] EXT4-fs error (device loop0): ext4_do_update_inode:5218: inode #11: comm syz.0.5336: corrupted inode contents [ 302.376806][T16248] EXT4-fs error (device loop0): ext4_truncate:4279: inode #11: comm syz.0.5336: mark_inode_dirty error [ 302.386714][T16260] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869) [ 302.408938][T16248] EXT4-fs error (device loop0) in ext4_process_orphan:343: Corrupt filesystem [ 302.430101][T16248] EXT4-fs (loop0): 1 truncate cleaned up [ 302.447896][T16262] loop1: detected capacity change from 0 to 4096 [ 302.454190][T16265] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 302.460528][T16248] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 302.489020][T16262] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 302.495083][T16265] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 302.520645][T16260] EXT4-fs (loop4): invalid journal inode [ 302.552256][T16260] EXT4-fs (loop4): can't get journal size [ 302.558460][T16265] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 302.567617][T16260] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,sysvgroups,norecovery,noauto_da_alloc,nombcache,,errors=continue. Quota mode: writeback. [ 302.594826][T16265] device vlan0 left promiscuous mode [ 302.606226][T16265] device gretap1 left promiscuous mode [ 302.656520][T16262] ntfs: volume version 3.1. [ 303.535286][T16321] loop4: detected capacity change from 0 to 256 [ 303.554360][T16319] netlink: 'syz.2.5370': attribute type 1 has an invalid length. [ 303.564211][T16319] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.5370'. [ 303.617493][T16321] FAT-fs (loop4): Directory bread(block 64) failed [ 303.631382][T16323] binder: 16322:16323 ioctl c00c620f 0 returned -14 [ 303.634605][T16271] loop0: detected capacity change from 0 to 32768 [ 303.643263][T16321] FAT-fs (loop4): Directory bread(block 65) failed [ 303.658882][T16321] FAT-fs (loop4): Directory bread(block 66) failed [ 303.667070][T16321] FAT-fs (loop4): Directory bread(block 67) failed [ 303.685784][ T6358] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 303.693702][T16321] FAT-fs (loop4): Directory bread(block 68) failed [ 303.721000][T16321] FAT-fs (loop4): Directory bread(block 69) failed [ 303.728565][T16328] overlayfs: unrecognized mount option "\" or missing value [ 303.739660][T16321] FAT-fs (loop4): Directory bread(block 70) failed [ 303.761232][T16321] FAT-fs (loop4): Directory bread(block 71) failed [ 303.768179][T16321] FAT-fs (loop4): Directory bread(block 72) failed [ 303.776403][T16321] FAT-fs (loop4): Directory bread(block 73) failed [ 303.877219][T16271] XFS (loop0): Mounting V5 Filesystem [ 303.888823][T16329] loop2: detected capacity change from 0 to 2048 [ 303.960345][T16341] netlink: 'syz.4.5376': attribute type 1 has an invalid length. [ 303.961062][ T6358] usb 2-1: Using ep0 maxpacket: 8 [ 303.968361][T16341] netlink: 224 bytes leftover after parsing attributes in process `syz.4.5376'. [ 304.151295][ T6358] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 304.188569][T16348] netlink: 'syz.2.5380': attribute type 2 has an invalid length. [ 304.209139][T16271] XFS (loop0): Ending clean mount [ 304.209628][T16348] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.5380'. [ 304.309156][ T4190] XFS (loop0): Unmounting Filesystem [ 304.361248][ T6358] usb 2-1: New USB device found, idVendor=0421, idProduct=798f, bcdDevice=86.54 [ 304.379649][T16357] netlink: 'syz.3.5386': attribute type 1 has an invalid length. [ 304.401079][ T6358] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 304.411900][T16357] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5386'. [ 304.421481][ T6358] usb 2-1: Product: syz [ 304.425836][ T6358] usb 2-1: Manufacturer: syz [ 304.430467][ T6358] usb 2-1: SerialNumber: syz [ 304.464359][ T6358] usb 2-1: config 0 descriptor?? [ 304.542170][ T6358] cdc_phonet 2-1:0.0: skipping garbage [ 304.547665][ T6358] cdc_phonet 2-1:0.0: invalid descriptor buffer length [ 304.577861][ T6358] cdc_phonet: probe of 2-1:0.0 failed with error -22 [ 304.602877][T16365] netlink: 'syz.4.5390': attribute type 3 has an invalid length. [ 304.755850][ T4242] usb 2-1: USB disconnect, device number 20 [ 305.263854][T16400] loop4: detected capacity change from 0 to 4096 [ 305.319672][T16411] ieee802154 phy1 wpan1: encryption failed: -22 [ 305.326137][T16400] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 305.466116][T16418] loop0: detected capacity change from 0 to 64 [ 305.737537][T16391] loop2: detected capacity change from 0 to 32768 [ 305.812196][T16437] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5424'. [ 305.882956][T16441] loop1: detected capacity change from 0 to 512 [ 305.973755][T16443] loop0: detected capacity change from 0 to 1764 [ 306.008997][T16449] net_ratelimit: 335 callbacks suppressed [ 306.009012][T16449] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 306.082527][T16441] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 306.461405][T16477] netlink: 32 bytes leftover after parsing attributes in process `syz.4.5442'. [ 306.765830][ T150] block nbd2: Attempted send on invalid socket [ 306.772225][ T150] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 306.867073][T16494] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 306.909121][T16470] syz.3.5438 (16470): drop_caches: 2 [ 306.969674][T16499] loop0: detected capacity change from 0 to 128 [ 306.973875][T16494] CIFS mount error: No usable UNC path provided in device string! [ 306.973875][T16494] [ 307.026349][T16494] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 307.240449][T16512] loop2: detected capacity change from 0 to 1024 [ 307.307497][T16518] xt_TCPMSS: Only works on TCP SYN packets [ 307.339822][T16520] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5465'. [ 307.821834][ T4401] hfsplus: b-tree write err: -5, ino 4 [ 307.845034][T16552] netlink: 'syz.3.5481': attribute type 3 has an invalid length. [ 307.903019][T16552] netlink: 201372 bytes leftover after parsing attributes in process `syz.3.5481'. [ 307.921933][T16558] loop1: detected capacity change from 0 to 2048 [ 307.998102][T16558] EXT4-fs (loop1): mounted filesystem without journal. Opts: lazytime,usrjquota=,errors=remount-ro,bsdgroups,auto_da_alloc,jqfmt=vfsv1,nouid32,journal_dev=0x0000000000000007,grpjquota=,bsddf,. Quota mode: none. [ 308.023834][T16558] afs: Unexpected value for 'dyn' [ 308.043410][T16569] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 308.125813][T16575] loop4: detected capacity change from 0 to 2048 [ 308.175285][T16582] loop1: detected capacity change from 0 to 16 [ 308.215993][T16583] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 308.266227][T16582] erofs: (device loop1): mounted with root inode @ nid 36. [ 308.273263][T16575] NILFS (loop4): error -2 truncating bmap (ino=16) [ 308.276630][T16587] IPVS: Error connecting to the multicast addr [ 308.315947][T16583] ------------[ cut here ]------------ [ 308.321962][T16583] WARNING: CPU: 0 PID: 16583 at fs/nilfs2/dat.c:200 nilfs_dat_commit_end+0x5ac/0x6b0 [ 308.331568][T16583] Modules linked in: [ 308.335463][T16583] CPU: 0 PID: 16583 Comm: segctord Not tainted syzkaller #0 [ 308.342791][T16583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 308.352903][T16583] RIP: 0010:nilfs_dat_commit_end+0x5ac/0x6b0 [ 308.358894][T16583] Code: 8b 34 24 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d e9 a8 4c 03 00 e8 03 c8 6e fe e8 6e 76 f7 fd e9 b8 fc ff ff e8 f4 c7 6e fe <0f> 0b e9 16 fc ff ff e8 e8 c7 6e fe e8 53 76 f7 fd e9 74 fe ff ff [ 308.378701][T16583] RSP: 0018:ffffc900032df390 EFLAGS: 00010293 [ 308.384892][T16583] RAX: ffffffff8309041c RBX: ffff888020f5b1a0 RCX: ffff88802c1e8000 [ 308.392907][T16583] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 00000000003f0002 [ 308.401141][T16583] RBP: 0000000000000003 R08: dffffc0000000000 R09: ffffed100beffe3b [ 308.409118][T16583] R10: ffffed100beffe3b R11: 1ffff1100beffe3a R12: ffff88802c1e9788 [ 308.417289][T16583] R13: ffff88805fad39e0 R14: 00000000003f0002 R15: ffff888073f66230 [ 308.425303][T16583] FS: 0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 308.434399][T16583] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 308.441034][T16583] CR2: 00007fff57beaed8 CR3: 0000000062bd8000 CR4: 00000000003506f0 [ 308.449013][T16583] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 308.457052][T16583] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 308.465066][T16583] Call Trace: [ 308.468347][T16583] [ 308.471336][T16583] nilfs_dat_commit_update+0x24/0x40 [ 308.476630][T16583] nilfs_btree_commit_update_v+0x93/0x400 [ 308.482801][T16583] nilfs_btree_propagate+0x974/0xd40 [ 308.488118][T16583] nilfs_bmap_propagate+0x70/0x120 [ 308.493482][T16583] nilfs_segctor_apply_buffers+0x15d/0x320 [ 308.499301][T16583] ? nilfs_collect_file_data+0xc0/0xc0 [ 308.504809][T16583] nilfs_segctor_scan_file+0x75f/0x960 [ 308.510284][T16583] ? trace_nilfs2_collection_stage_transition+0x1a0/0x1a0 [ 308.517458][T16583] ? nilfs_segbuf_extend_segsum+0x25d/0x360 [ 308.523401][T16583] ? rcu_is_watching+0x11/0xa0 [ 308.528192][T16583] nilfs_segctor_do_construct+0x1c09/0x6be0 [ 308.534180][T16583] ? nilfs_transaction_unlock+0x220/0x220 [ 308.539905][T16583] ? nilfs_bmap_test_and_clear_dirty+0x4c/0x70 [ 308.546117][T16583] ? clear_nonspinnable+0x60/0x60 [ 308.551181][T16583] ? nilfs_segctor_confirm+0x24d/0x2d0 [ 308.556654][T16583] ? __lock_acquire+0x7c60/0x7c60 [ 308.561738][T16583] ? __rwlock_init+0x140/0x140 [ 308.566509][T16583] ? nilfs_bmap_test_and_clear_dirty+0x4c/0x70 [ 308.572720][T16583] ? do_raw_spin_unlock+0x11d/0x230 [ 308.577932][T16583] ? _raw_spin_unlock+0x24/0x40 [ 308.582830][T16583] ? nilfs_segctor_confirm+0x24d/0x2d0 [ 308.588306][T16583] nilfs_segctor_construct+0x17b/0x690 [ 308.593827][T16583] nilfs_segctor_thread+0x50a/0x1120 [ 308.599182][T16583] ? _raw_spin_unlock_irqrestore+0x82/0x100 [ 308.605133][T16583] ? nilfs_iput_work_func+0x70/0x70 [ 308.610341][T16583] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 308.616288][T16583] ? _raw_spin_unlock+0x40/0x40 [ 308.621164][T16583] ? _raw_spin_unlock_irqrestore+0x82/0x100 [ 308.627327][T16583] ? init_wait_entry+0xd0/0xd0 [ 308.632140][T16583] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 308.638046][T16583] ? __kthread_parkme+0x157/0x1b0 [ 308.643109][T16583] kthread+0x436/0x520 [ 308.647181][T16583] ? nilfs_iput_work_func+0x70/0x70 [ 308.652412][T16583] ? kthread_blkcg+0xd0/0xd0 [ 308.657011][T16583] ret_from_fork+0x1f/0x30 [ 308.661566][T16583] [ 308.664605][T16583] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 308.671990][T16583] CPU: 0 PID: 16583 Comm: segctord Not tainted syzkaller #0 [ 308.679271][T16583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 308.689325][T16583] Call Trace: [ 308.692608][T16583] [ 308.695549][T16583] dump_stack_lvl+0x168/0x230 [ 308.700236][T16583] ? show_regs_print_info+0x20/0x20 [ 308.705445][T16583] ? load_image+0x3b0/0x3b0 [ 308.709962][T16583] panic+0x2c9/0x7f0 [ 308.713868][T16583] ? bpf_jit_dump+0xd0/0xd0 [ 308.718380][T16583] ? ret_from_fork+0x1f/0x30 [ 308.722981][T16583] ? nilfs_dat_commit_end+0x5ac/0x6b0 [ 308.728768][T16583] __warn+0x248/0x2b0 [ 308.732752][T16583] ? nilfs_dat_commit_end+0x5ac/0x6b0 [ 308.738131][T16583] report_bug+0x1b7/0x2e0 [ 308.742470][T16583] handle_bug+0x3a/0x70 [ 308.746628][T16583] exc_invalid_op+0x16/0x40 [ 308.751131][T16583] asm_exc_invalid_op+0x16/0x20 [ 308.755981][T16583] RIP: 0010:nilfs_dat_commit_end+0x5ac/0x6b0 [ 308.761966][T16583] Code: 8b 34 24 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d e9 a8 4c 03 00 e8 03 c8 6e fe e8 6e 76 f7 fd e9 b8 fc ff ff e8 f4 c7 6e fe <0f> 0b e9 16 fc ff ff e8 e8 c7 6e fe e8 53 76 f7 fd e9 74 fe ff ff [ 308.781584][T16583] RSP: 0018:ffffc900032df390 EFLAGS: 00010293 [ 308.787656][T16583] RAX: ffffffff8309041c RBX: ffff888020f5b1a0 RCX: ffff88802c1e8000 [ 308.795647][T16583] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 00000000003f0002 [ 308.803626][T16583] RBP: 0000000000000003 R08: dffffc0000000000 R09: ffffed100beffe3b [ 308.811606][T16583] R10: ffffed100beffe3b R11: 1ffff1100beffe3a R12: ffff88802c1e9788 [ 308.819589][T16583] R13: ffff88805fad39e0 R14: 00000000003f0002 R15: ffff888073f66230 [ 308.827575][T16583] ? nilfs_dat_commit_end+0x5ac/0x6b0 [ 308.832971][T16583] nilfs_dat_commit_update+0x24/0x40 [ 308.838352][T16583] nilfs_btree_commit_update_v+0x93/0x400 [ 308.844094][T16583] nilfs_btree_propagate+0x974/0xd40 [ 308.849399][T16583] nilfs_bmap_propagate+0x70/0x120 [ 308.854522][T16583] nilfs_segctor_apply_buffers+0x15d/0x320 [ 308.860344][T16583] ? nilfs_collect_file_data+0xc0/0xc0 [ 308.865810][T16583] nilfs_segctor_scan_file+0x75f/0x960 [ 308.871281][T16583] ? trace_nilfs2_collection_stage_transition+0x1a0/0x1a0 [ 308.878409][T16583] ? nilfs_segbuf_extend_segsum+0x25d/0x360 [ 308.884312][T16583] ? rcu_is_watching+0x11/0xa0 [ 308.889087][T16583] nilfs_segctor_do_construct+0x1c09/0x6be0 [ 308.895037][T16583] ? nilfs_transaction_unlock+0x220/0x220 [ 308.900760][T16583] ? nilfs_bmap_test_and_clear_dirty+0x4c/0x70 [ 308.906928][T16583] ? clear_nonspinnable+0x60/0x60 [ 308.911958][T16583] ? nilfs_segctor_confirm+0x24d/0x2d0 [ 308.917420][T16583] ? __lock_acquire+0x7c60/0x7c60 [ 308.922448][T16583] ? __rwlock_init+0x140/0x140 [ 308.927216][T16583] ? nilfs_bmap_test_and_clear_dirty+0x4c/0x70 [ 308.933372][T16583] ? do_raw_spin_unlock+0x11d/0x230 [ 308.938571][T16583] ? _raw_spin_unlock+0x24/0x40 [ 308.943424][T16583] ? nilfs_segctor_confirm+0x24d/0x2d0 [ 308.948888][T16583] nilfs_segctor_construct+0x17b/0x690 [ 308.954358][T16583] nilfs_segctor_thread+0x50a/0x1120 [ 308.959685][T16583] ? _raw_spin_unlock_irqrestore+0x82/0x100 [ 308.965581][T16583] ? nilfs_iput_work_func+0x70/0x70 [ 308.970782][T16583] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 308.976676][T16583] ? _raw_spin_unlock+0x40/0x40 [ 308.981526][T16583] ? _raw_spin_unlock_irqrestore+0x82/0x100 [ 308.987418][T16583] ? init_wait_entry+0xd0/0xd0 [ 308.992193][T16583] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 308.998095][T16583] ? __kthread_parkme+0x157/0x1b0 [ 309.003132][T16583] kthread+0x436/0x520 [ 309.007204][T16583] ? nilfs_iput_work_func+0x70/0x70 [ 309.012407][T16583] ? kthread_blkcg+0xd0/0xd0 [ 309.017002][T16583] ret_from_fork+0x1f/0x30 [ 309.021438][T16583] [ 309.024665][T16583] Kernel Offset: disabled [ 309.039179][T16583] Rebooting in 86400 seconds..