last executing test programs: 4.583164791s ago: executing program 2 (id=3856): r0 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000180)) 4.465052364s ago: executing program 2 (id=3859): r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000a, 0x8012, r0, 0x2000) 4.370325815s ago: executing program 2 (id=3862): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) 4.308426026s ago: executing program 2 (id=3866): r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f0000000580)=0x1, 0x4) 4.169639349s ago: executing program 2 (id=3871): syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x47, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=") syz_usb_connect(0x0, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000954c53400d051b01a46f0000000109022d00010000000009040000000202ff00052406000005240000000d2402"], 0x0) 2.106984509s ago: executing program 2 (id=3921): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4016, &(0x7f0000000080)={[{@dioread_nolock}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@noauto_da_alloc}, {@lazytime}, {@grpjquota}, {@quota}], [{@fsname={'fsname', 0x3d, 'noauto_da_alloc'}}]}, 0x1, 0x43c, &(0x7f0000000280)="$eJzs28tvG0UYAPBv7SR9k1CVR9MCgYKIeCRNWkoPXEAgcQAJCQ7lGJK0CnUb1ASJVhEEhMoRVeKOOCLxF3CCCwJOSFzhjipVKJcWTkZr7ya2Y7tJ6tSh/v2kbWd2x5n5vDv2zI43gJ41kv6TROyPiD8iYrCarS8wUv3v1srS9D8rS9NJlMtv/51Uyt1cWZrOi+av25dn+iIKnydxpEm9C5evnJ8qlWYvZfnxxQsfjC9cvvL83IWpc7PnZi9Onj598sTEi6cmX+hInGlcN4c/nj96+PV3r705febae798l+TxN8TRISPtDj5VLne4uu46UJNO+rrYEDalWO2m0V/p/4NRjLWTNxivfdbVxgHbqlwulx9sfXi5DNzDkuh2C4DuyL/o0/lvvt2loceOcOPl6gQojftWtlWP9EUhK9PfML/tpJGIOLP879fpFttzHwIAoM4P6fjnuWbjv0LU3he6L1tDGYqI+yPiYESciohDEfFARKXsQxHx8Cbrb1wkWT/+KVzfUmAblI7/XsrWturHf/noL4aKWe5AJf7+5OxcafZ49p6MRv+uND/Rpo4fX/39y1bHasd/6ZbWn48Fs3Zc79tV/5qZqcWpO4m51o1PI4b7msWfrK4EJBFxOCKGt1jH3DPfHm117Pbxt9GBdabyNxFPV8//cjTEn0var0+O747S7PHx/KpY79ffrr7Vqv47ir8D0vO/t+n1vxr/UFK7Xruw+Tqu/vlFyznNVq//geSdun0fTS0uXpqIGEjeqDa6dv9kQ7nJtfJp/KPHsvgH6vv/wVh7J45ERHoRPxIRj0bEY1nbH4+IJyLiWJv4f37lyfe3Fv/uNn+1M9L4ZzZ1/tcSA9G4p3mieP6n7+sqHdpo/JGd/5OV1Gi2ZyOffxtp19auZgAAAPj/KUTE/kgKY6vpQmFsrPob/kOxt1CaX1h89uz8hxdnqs8IDEV/Ib/TNVhzP3Qim9bn+cmG/InsvvFXxT2V/Nj0fGmm28FDj9vXov+n/ip2u3XAtvO8FvQu/R96l/4PvUv/h55U+ZVfk/6/pwttAbqg2ff/J11oB3D3NfR/y37QQ8z/oXfp/9C79H/oSQt74vYPyUtIrEtEYUc04x5MxI5oRrc/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrjvwAAAP//qSDljg==") syz_usb_connect(0x2, 0x5d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000551b8920b822276080c20102030109024b0001000000000904000000020a00"], 0x0) 969.891051ms ago: executing program 3 (id=3940): r0 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18) 949.202511ms ago: executing program 0 (id=3941): r0 = socket(0x2b, 0x1, 0x1) getpeername$packet(r0, 0x0, 0x0) 930.113591ms ago: executing program 3 (id=3942): syz_mount_image$hfsplus(&(0x7f0000000180), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB='umask=00000000000000000000000,decompose,nls=cp737,uid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6f626172726965722c626172726965722c0086fb43a23b6008456d6a9910153cdb3531061926aeb6b32889f50c0a517181cd62fac0eeb6d1b4109c2ee77b2da377c812ff150786620ceda50f1707824f4a1bbe30530ea0caa76f6492494059e756bc99f5ca376910be8a061482ca49e4d32377e741850bc738781b58f2c499b21a8bf864d1"], 0x20, 0x6de, &(0x7f0000000840)="$eJzs3U9sW3cdAPDvsx0n7qTMG+1WEFKjVVSwQpvEjBYJiYIQymGCSlx2DW26RnWyKslQWiHqAYMjnFAPOwyhcNgJcUAa4oAYZyQk7r1X4sCt4oDRe34vsZ3Esds4abvPR3p+v+f3+/N9X//es/3SygF8ai28FROtSGLh/Jub6faDrUbzwVZjpShHxGRElCIqnVUkqxHJJxFXorPEZ9Mn8+6S/cZ54+HHH5y7/1Gjs1XJl6x+aVC7He0BI7TyJWYiopyvR1TZr79re/R3b6Suk+2404SdLRIHx629S2uU5kOct8DT7l5EeWKP5+sRJyJiKv8cEPnVoXTE4R26ka5yAAAA8HQqH1ThxUfxKDZj+mjCAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdD0vnNwCRfSkV5JpL89/+/n1fLVKvHG+4BvnzA/vdvHFEgAAAAAAAAAHD4JnaKZx7Fo9iM6WK7nWR/838t2ziZPb4Q78Z6LMVaXIjNWIyN2Ii1mIuYmO7qs7q5uLGxNre75W8ibdlut+/lLecjor6r5fyYjxkAAAAAAAAAnm8/jYWYPu4gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgWxJR7qyy5WRRrkepEhFTEVFN67Ui/lKUn2V/Pe4AAAAAYPxq+Xo6+V+n0E6y7/yvZN/7p+LdWI2NWI6NaMZSXM/uBXS+9Zf+2Wo0H2w1VtJld8ff+vdIcWQ9RkQ53ttn5NmsxqntFgvx3fhBnI+ZuBprsRw/isXYiKWYiVp6ELEYSdRrnbsX9SLO3njLeVdXekK52h/bmb7t01kktbgRy1lsF+JateitlNVI4nTXaH+qRvRl6L00O8k3c0Pm6HrX6/Xr/L5Mrv3ikH2MRz078ontjMymuc+z8dLeuS+MOE/6R5qL0vY9qJM7o6Sb/SMVOf/hKDk/ka/TXP+iN+eHbcRbaf2ZmI9SPvsiXunN+e0v3H+5t/GX/vW3qzdLq7du3lg/P8ZDGquJotCfiUZXJl4dPPvyTDTTTLSGz8RE/xNTT3Ach6iaZ6NzYRvuavmdrLQYr3VNwXfieizFpZiNubgcs/H1mI9Gzww71ZPXSmOlNyfZuVbafX2rDQj+7Be7Kv3ygMpHK83LS1157b7S1bN9+TNXfhWzXVl6efDse5x3gcrn8kI6xs+233GeBj2ZyK/NRXTFG9Q+mfhtO31cb67eWru5eHvI8c7l6/S0fb/32vy7Jz6YJ5LOl/SKW8m2spzUivmS7vvMdrS9+armf3HptCvt2ndqe189pmM5vrfvmVrNP8Pt7qmz79U99zWyfae79vV8yol3opl9CukzczRZBWBoJ14/Ua09rP2j9mHt57WbtTenvj15efLz1Zj4e+XP5T+Ufl/6RvJ6fBg/ienjjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4H63fu3lpsNpfWxlioPuZYUTqwztYLw3UY9YjBYyV5oTrubDwFhf9MDcxGLcY0+h8jYkCd6hMPkYx/PqcT+VA6LH44LXumXR6heaVotXedSqxP7fcKTu687lG/tdj8b7unTi26ThngOXdxY+X2xfU7d7+yvLL49tLbS6vzly9dvtT42txXL95Ybi7Ndh6PO0pgHNbv3C0fdwwAAAAAAAAAAADAaPJ//b/x2P+ZoXJAnera+t4jnznqQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeUQtvxUQrkpibvTCbbj/YajTTpSjv1KxERCkikh9HJJ9EXInOEvWu7pL9xnnj4ccfnLv/UWOnr0pRvzSo3XBa+RIzEVHO1web3KOb3f1d6+qv9VjhJdtHmCbsbJE4OG7/DwAA//9tSfWT") mount$nfs(&(0x7f0000000540)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\xdd\x98\xb8\rQh#\xfacl\x01\x8cC\x1f|\xa5\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15A\xb5\xbbG\xa0\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f0000000240)='./file0\x00', 0x0, 0x201008, 0x0) 644.389247ms ago: executing program 4 (id=3946): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000000)={0x1, 0x8, 0x0, 0x0, @vifc_lcl_ifindex, @multicast2}, 0x10) 584.287968ms ago: executing program 3 (id=3947): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffdd, &(0x7f0000000000)='/proc/0KgOq\xee\x00!\xbd\xc2\x98#YP\xee\x9c2G\xf0\x81x\x97'}, 0x30) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) 583.867478ms ago: executing program 1 (id=3948): r0 = add_key(&(0x7f0000000000)='cifs.idmap\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$read(0x20, r0, 0x0, 0x0) 558.557508ms ago: executing program 4 (id=3949): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r0, 0x4b3a, 0x0) 518.461879ms ago: executing program 0 (id=3950): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f0000002180)={0x0, 0x0, &(0x7f0000002140)={&(0x7f0000002100)={0x18, 0x140f, 0x1, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x7, 0x45, 'cm\x00'}]}, 0x18}, 0x1, 0x0, 0x0, 0x2008000}, 0xc810) 453.590311ms ago: executing program 0 (id=3951): r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) setsockopt$ax25_int(r0, 0x101, 0x0, &(0x7f0000000080), 0x4) 453.143271ms ago: executing program 1 (id=3952): r0 = socket$kcm(0x29, 0x5, 0x0) sendmmsg$inet(r0, &(0x7f0000001dc0)=[{{0x0, 0x0, &(0x7f0000001440)=[{&(0x7f00000001c0)="ca831eeb08e1501e400c", 0x90000}, {&(0x7f0000000200)="06d68a79be64879e0cbd12abde85b4519f91f880b4363cbbccc92dbacd2cfadfc69978888d93bc539219d9ef051e80d1f9892ab157cc6ace4b012a43b0e1743fbf730cb4043a5905fd192ab1709420ce79f112e772889bfb4e718b9dddb024ebf4c0fc396dd972b3380259a6fb88fa3135b4a63dfa552ca4420f2293652457d93d8e4df8099733fba037581930379e806783c75a77215022cd7f03715934979929bd86b19679cf6af79410b54bdaa434911878ae9426a133a122a6a1d40bc37c8ab415cd55aa5909294af345fcee168e019ed8e1c1851485f16a6ab9260af190f1f72aee2a36365f67e7f29ec6f2769051730b3a3bec", 0xf6}, {&(0x7f0000000300)="aac6b0a273086051edf2600acd59d3511b889c3dd6b44c1c22419ad288c9ad4c43197b18ad7d315f55850843641161bd1d5c89662bb3bf69308d36fdd5c43d98c2fa3d73c0395e77b7e31781cda27298a24945d699deff8a71d78bc7505644734cb82148d0ec99b18f82523cddf0cb4ad327e2e78f6e72f73bb44c1aee6999", 0x7f}, {&(0x7f0000000380)="8104158f37dc9d071bf8f10cab6b93611340ca9d1c0fe82368e9e497ae3dd42f784ad16c7d75ef2b469088007b86a4eae9d85c1c82d38c42b916080fe6366b83d4cb2175fc2ea5a97725c41dcdb05c859f928c0b4e405ed0490d8010f3d527a80250778f49e7db5a384e02dbaaf7520be83ab59c2a78847c1c8560746129049886cfbfb3889420bf52786816b647136116dfd4bebfdbaebc63de4fb088573373a6a522d6c9756bcfcff816c115e19961f3c3bd0beaa96328", 0xb8}, {&(0x7f0000000440)="13f05a45a105fea24ef5f64699723bdd359536ce13288c11a73b9a818266356dd684c3b6e3551b418fe4d514ea95ef4fef620285f896a7fd228c2aaa0f37897998bc94778ef50fe16f340b6fc441dfd742fcb2f2f2be9f84e788c0074f5fe763bf57ac95d712f4b50a5d8f1c9d28a242e995c76886a00d6ba0e56e87d69ece2c834eed1142c89afc481142d0c5b09288bb47e890117e5dc653abb1d4e2a4cc51685fdcd2f0eac3ea6649dd8d57dae0407bb12a2e41d839eef7f6cdaf36d25a9e24a82afbc4641cd14fc6e7fe36139555cb6bf53abae46173f444a10cce54791a9cb8d8edb43522a2504974f17c120e3858d9d24a786f94bbb0d8684d4c90540c9cb27f4b5288fdb44dfce1d35253f3e3e77bd74de368f774329f690280d45fe84db53ffc7eb59b9571f8298ce28d348f4027a04c53202ccf8eac0717afbc1eb9fd3ca51b001044242e81e2b0b2529b9adb56d9f101f521c2a1d96598a6c117a414dbbead2f667ed8e35e40a41ed02c8ad658f9f5daadabd2b594cf66a76579f8875de27f89cf70fa045174f1d9137cbff7cd2215f32958086e3f4cf61ce09efc22d44aa1111594ecfd2f49b8efdb95d9fcd3f33ee530b46106763201f640be78efb9865aa78baaa66c6ce5f8f5c75a5a1aaa4d15e59cc1395323532ab74c1ba53b01d6790f8505d77022ea4a83f41896e74d145d8c46c22ef191a8443a89931f2c2e017a4dc9e6230598b3c3859b9330b694058b338c3d9adec5815eefd7b36744117f6fd4b228abfcc7bf2954f93d759e94c8a0135e895a554da6e6f0c0dce518985a13f2f94202990418d6e7a8d3e0ceded5070fc4ce4f0ed8e50a6d5fdbaf8a369b7bf600986fb8971ffe0be29f4c394ba9d2d5bb7825147ddfc20b543e030e990edd4bf6ef3bb68aa9b9fc97b4695b89e2db1530cc92862efb8428628d157b8c45b10b020bc83d79af1038fcb7e0f8d5c63d5fb09a7c74be369817d73f5530a969ca51dae6bfbf9592cf2a9982a80eb6210cfab4f64a8bdaf4bc97c4f3dda807bb8fdd7f99094b96f318da4ad5d7ec2392e7f86c4c588321f6cdef504581f6c31f044750312977ce1e001e1bca0ed0565d425387b8dd1ad247ea96e03ab7d8e08fc9ef505e8c60c5c4b771852c7ed23a4c395435261cef9ed48e7dcd13d92d77827dd63500daa4c93e22f8fef935bfebe3d38387b5f3da025164673bb470924e29278f0d781c4bf0ac375d6042c32a62837fe4ee74cb0f2299a0d36acaed02784728877151e91e3e09c24f40e37f2baee562fd78c67ee8bda259761b51b1a500a5e3ec5954fb1468deaed6c4fd686b557d47a62cc5ada1a31256d24fa1ccbbb783f5a4dd897ddbb4635469446115ad2a9f4477fcac9b548efb3a34a3920a05f135aadb6baffb9c00cbced01383eaabcb1dafb935880749978c10f97946f8ab37c5a3fd8c594a87ccd9e6a984294255e9020535fcb1379fa9cf1540dd94b9c756b105cdfe2e244a00cb3cb1f03a546226f67566b189b1afb3ef7c048d2a6880a8b35bbf590d963edae858829664fb2641d40fc49963f26b4d0e79ac8c1d2563c065319c69abba8b8ec5d700fa6c6b0498d95db3cda757e2cc4e9c0f11c787d4a9d258320c997192cf4bee9a11df6981cb185a8610cca637c524f9822c25fc1786c2d85b407b5f82009489014afb1f8f7a08b4a7baa863d3f9734c0db174889e07d073473e9c7e44c1a21d38729cda18658959b11c039dfabb776ea9a7476fafbc07eb3a67386326fe48f8d2e80ded93e8cc4bdaa8fe35299884f4305e28fe76f17d28b2c4fdc581f9a8c40db15a3fcd727524549709cd08be64f1bde8d95aebbeb353e01bbb70cc3178f9aec385a26fe963acb9c449b9fe3ebd6201a4cee35c1eb5d3f4ffbad447a3cccac6da64178b1290abc80bb290b835a7d8a8c8175abf46461c5ff5c2dbc1894d2d94769bee7bc102b9b85447c68dd2795bb73ab2444c9461c9ad1159081ca684c0213c909ac221e3268e5928890f665ec9bcaeeb0ce00348ef9087ea706f76e81df87c61e5e7fb59456010345661d365fcc5b6ba8d6eb9a197c120d7f4537f31d1ac50759eea2286b462bc0aaca0de617588035f9e535f8e10ca030622dc047dc6af8d26721e941e056301e52021c857be132399b2ee38ccb8a52fa3129e08465bb92ec79454f338235577719f69944f7b14ae7e16f651681902de15e4826c13ce351efd87858b022a508cb610ffc86cad9d41cd8b93a5933f1769bfe5baca0c8d76848f7aae7acd6e097c07046cd4b4c6430dd2104f51b68d3821553a5d921b505cd20a6c43c14c7c18112c6184919f8d0a283063452dc6d0b8e67891c6580f2a4cf18f146a4209c77a37c309bc0c22894e4ca41043767ca27f9bf06763f8bee05f20a9124eb5130d88f47a56bd7eef94a916a1c5a54d2cf5af0bcbbfe527ab65f63121bf26481655646877b9c1a21b40e374d84948bc7ab8c1fb2e9c7bebcdfc87676ce0696cba142196a93de700fe00f3d4893ef8e16d7946df606721b65259080e43292df6ec73734e92770c1254540d2db6659b25678062f1f6b6600bb288edb088967b80aa1a36067c10a0f9dabc757d8ead438d763d9288f0dc0e47c03e95aa2e607460f16ee7159ee97e3fbf3deb9f83066b2ca27f33074288fd1599c1789e4da082c4750b2542ef5ef8c183d839362cf62bf6142c97d482f993fd8b4e5190cb9f4ca8d9809501a077d083bb11cf1ad4ec322015fec7350c0bad89d7e963b3643023d32245ae322ca89c0bd067a8777a685894d172024bcf3be00aab830b44041d86a807e54af6d158925e8262a0a8766d548812c367be71945f46623d7c730f9a6a2be20811e9843e03dab589aa72744de4b25b4a9c0c0719b4cf1ef67c54ba70395227cd8a7a35c23b86b2180fc39cb1e2ce8eae934a42e6f63de401a582cca18821d9c93c6c9d9695c2813a8b4c4edcf60a90741d3c2858141dc089499bf0ad416193da3e77a912a56606d4612f5d1c994018969d8a283df2c59b786cb233d7f9a34ff8f7a4a6ac1d4d90ad6ff6b443f1eadd78e93a2771ca0b8fb9f637bdb2812d2164b94ee581c1ffaa288f1e1c5f45dfe7f0e955e75b41dd1131955e958366008e1f7ace3978df614f1bf735c3b381da605b67046c893ab75c2d3ab3e4be29a510ea832fac54cd7f98b6ac3ba7494a4d79bfccc28898b0a189cf5430bde1b05d4f8cfa2ac82da081cfb08a21845211e7ce62a40151e837c2ba14aa5384c203f8bfe43f1662c498a364c80d1d1a5fbd6547d6d8553a1aeae7eca84a3182c2faf923f2160b030488127dc7757dcc155d03da9bc56a09198262be08a2f82db848b01fb20bc77a0f59121db35ed2d9e88eaedbd9b99fdfcbc8f8bf0ee3a5598a1385b38be43001354f4619a9a62218cffc6123b2e9ed5b07b7cfd57d5df88d30c39b05147e654ac76ba5c8053685e4003ff86ab3edaa2bf3c8823e40d3be7f90bf374dcf06883f669b011afdd1196400af0980c126bd56378d7823c7b944d54678f7e5869d5662654bbe8f956367a90fb53dd2a8bf0528405258cde94777dbf3f223cd0ec16d3a581b6cb258e9291cf001c55c17c2063675b6776b3264ee52a825332c7c95d0aaedf40729638c25bbdd57d46ac22f0f5242cf43276f0c123aa108c44b92cdaaadcc796c4a8c51c09fd64a0cbc8bb1889f634aea50fa3a84183740400bec854aa90cf437ec687b1645126aa3fbbbbe12e02ede77099a071843123ab67c6554ee611b527a11cfd17f573c59a13347d62716f8723348bf2b72c3a1f1d62b601f8784f0c9390a60caabd4833a54102250a6be5ee52b2f11a026322562d2d2a92b97bcd159ce57a07031db18d0d7cdeb592fc5312b367986b004f15ea4ff017866cd6974841e2593be6d87c731566fcfc0c5c82d70db7786cc21192b3cd6a28bf7a486ea40fd815d0863d621d3da14b764a9c87c362c9d48b77fac82f090e5d6e5fb7f15d70692626827a2d382868f9380015ae5a55035631770e3e58368bfeef1dc641fc268fad3abb45c85ee8184175555425e6e023c9ebd0ea24f349a99b7b579b53fe5199bda1cbfd6291e0fa3b0eed632e0ceaf4c96bcffd9480a2a873bd221d778d1434016b722780078828c55ba8e094b023e235b00544251357d944a52d92b9e0bf0fbbd3df88721a4cb72f0cb28a106538742ac58f7641d3459061be9cab6177103de8ee47a0fc1d43dab8b480a6285c919dd3a45c9bcee9e8463b21c5b64157845df20a9c8d4eec0c8b2ea66c2d421435a9c838c4c9e4b62366aed350b8c33d339e0ae0cb1225823a78a903522974f6d7e3d541b87f3955821a91b3fa30f647d51296f621c7f5c8b71520b943c330d8efbce4ca63d6e1aca680c2deae366a6a335e699cac07f982355117ff31a1cb6778f52414b86a84ea8bb9045848fae5eca205b26c7d9ffa31590b15bbeebef6cb7504b00c96e67fc5d4b8c388198c427e8f813d8bc77dd301d74ecb64a2564a7bcf8b24d28f2c381c5c41459ff685a83b84ccb751ca02a8c5ef10845d3f13c75895bea3642552fc862b0b8f73a7435953e40f0bdc29e0acec02f15c52ecaf9958f7a9de6a7278d4a7750a2007aaa26b4ffdae8afb99c05158fd2cb39d93354d649c0040b936d6ac5c4eb29d172eab39d5a4dba662f61cfd8a07359ba94f36a715e034a81d53ed7842af650b527f2f4f11ec41eae86f6a0c46d250d034a05d43a9bf7d8d974537a245c8de9b9d8fdb0b82cb48e8db92e05a0713a37cdf2b211d7811bbcb3bae3ecbc6fc5e108237a045cb3f9ed5aa421a77b29bd73f4ef4d0be48b686912a5745cef34fa6797573e01c6734ab2b3286c41ea82ecdf0c3adb7d69781d5c2a48a05d6099dd63dd92ae44260fb6cc5d018577b10249db69af42c6c885f5eb8884beef5e27f7a9bebe8931218f253606f5197f4dd80560a6cd6d550445", 0xdc9}], 0x5}}, {{&(0x7f00000014c0)={0x2, 0x0, @broadcast}, 0x10, &(0x7f0000001580)=[{&(0x7f0000001500)="d6", 0x1}], 0x1}}, {{&(0x7f0000001700)={0x2, 0x0, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000001800)=[@ip_tos_u8={{0x11}}, @ip_tos_int={{0x14}}], 0x30}}], 0x3, 0x0) 368.079082ms ago: executing program 0 (id=3953): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x20, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0xa70, 0x2420}}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x2c040006) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000006000000010000000200000faa00020003000000800000002c00000004000000ac0000007e0002006a18090000000000000f02000000580300"], &(0x7f0000000140)=""/129, 0x52, 0x81, 0x5}, 0x28) 367.935592ms ago: executing program 3 (id=3954): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) connect$rose(r0, &(0x7f0000000140)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x5, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]}, 0x1c) 367.880903ms ago: executing program 4 (id=3955): r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2) ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000001580)={0x12, 0x0, 0x0}) 341.691693ms ago: executing program 1 (id=3956): r0 = syz_open_dev$I2C(&(0x7f00000007c0), 0x0, 0x40) ioctl$I2C_RETRIES(r0, 0x701, 0xffffff21) 294.710914ms ago: executing program 0 (id=3957): r0 = io_uring_setup(0x48ae, &(0x7f0000000580)={0x0, 0xfbffffff, 0x2, 0x3, 0x249}) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0xf, &(0x7f0000000540)={0x1000, 0x0, 0x0, 0x0}, 0x20) 244.035045ms ago: executing program 3 (id=3958): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=@newlink={0x50, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_IGNORE_DF={0x5, 0x13, 0x1}, @IFLA_GRE_IFLAGS={0x6}, @IFLA_GRE_PMTUDISC={0x5}]}}}]}, 0x50}}, 0x0) 243.911715ms ago: executing program 4 (id=3959): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/comedi4\x00', 0x42002, 0x0) ioctl$COMEDI_INSNLIST(r0, 0x8010640b, &(0x7f0000000040)={0x1, &(0x7f00001219c0)=[{0xa000005, 0x0, 0x0, 0x0, 0x7}]}) 232.471605ms ago: executing program 1 (id=3960): r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r0, 0x10d, 0xa0, &(0x7f0000000040), &(0x7f0000000080)=0x4) 181.968496ms ago: executing program 3 (id=3961): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) 170.236476ms ago: executing program 1 (id=3962): close(0xffffffffffffffff) close(0xffffffffffffffff) 120.109987ms ago: executing program 4 (id=3963): r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82) r1 = dup(r0) ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000040)={0x23, 0x3, 0x14, 0x0, 0x0, 0x0, 0x0}) 113.952717ms ago: executing program 0 (id=3964): unshare(0x24020400) r0 = socket(0x2a, 0x2, 0x2) bind$packet(r0, 0x0, 0x0) 79.335458ms ago: executing program 1 (id=3965): r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0) lseek(r0, 0x851, 0x0) 0s ago: executing program 4 (id=3966): openat$mixer(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r0, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): value for 'mpol' [ 139.251890][ T8421] netlink: 'syz.2.1855': attribute type 2 has an invalid length. [ 139.311422][ T7] em28xx 5-1:0.132: Identified as Leadtek Winfast USB II (card=7) [ 139.325562][ T7] em28xx 5-1:0.132: analog set to isoc mode. [ 139.370964][ T7] usb 5-1: USB disconnect, device number 10 [ 139.409478][ T7] em28xx 5-1:0.132: Disconnecting em28xx [ 139.452171][ T4173] em28xx 5-1:0.132: Registering V4L2 extension [ 139.748057][ T4173] em28xx 5-1:0.132: Config register raw data: 0xffffffed [ 139.753449][ T8452] __nla_validate_parse: 2 callbacks suppressed [ 139.753464][ T8452] netlink: 420 bytes leftover after parsing attributes in process `syz.2.1870'. [ 139.761925][ T4173] em28xx 5-1:0.132: AC97 chip type couldn't be determined [ 139.830837][ T4173] em28xx 5-1:0.132: No AC97 audio processor [ 139.851516][ T4173] usb 5-1: Decoder not found [ 139.856134][ T4173] em28xx 5-1:0.132: failed to create media graph [ 139.890096][ T4173] em28xx 5-1:0.132: V4L2 device video103 deregistered [ 139.916774][ T4173] em28xx 5-1:0.132: Remote control support is not available for this card. [ 139.939199][ T8461] loop3: detected capacity change from 0 to 2048 [ 139.973883][ T7] em28xx 5-1:0.132: Closing input extension [ 139.982319][ T7] em28xx 5-1:0.132: Freeing device [ 140.046454][ T8468] netlink: 420 bytes leftover after parsing attributes in process `syz.1.1886'. [ 140.067638][ T8461] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 140.132907][ T8461] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 140.174183][ T8461] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 140.192057][ T8466] loop4: detected capacity change from 0 to 4096 [ 140.246800][ T8461] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 140.280180][ T8461] UDF-fs: Scanning with blocksize 512 failed [ 140.318318][ T8466] ntfs3: loop4: ino=3, Correct links count -> 2. [ 140.329311][ T8461] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 140.360352][ T6604] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 140.441319][ T8466] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 140.503704][ T8477] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1880'. [ 140.564833][ T8477] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1880'. [ 140.620135][ T6604] usb 3-1: Using ep0 maxpacket: 32 [ 140.632544][ T8477] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1880'. [ 140.740288][ T6604] usb 3-1: config 0 has an invalid interface number: 132 but max is 0 [ 140.785481][ T6604] usb 3-1: config 0 has no interface number 0 [ 140.812944][ T6604] usb 3-1: config 0 interface 132 altsetting 0 endpoint 0x82 has an invalid bInterval 97, changing to 7 [ 140.848960][ T8454] loop0: detected capacity change from 0 to 32768 [ 140.860121][ T6604] usb 3-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid maxpacket 24929, setting to 1024 [ 140.985601][ T8454] ERROR: (device loop0): diNewExt: no free extents [ 140.985601][ T8454] [ 141.051187][ T8454] ialloc: diAlloc returned -5! [ 141.060509][ T6604] usb 3-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5 [ 141.079777][ T6604] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.118398][ T6604] usb 3-1: Product: syz [ 141.133020][ T6604] usb 3-1: Manufacturer: syz [ 141.148742][ T6604] usb 3-1: SerialNumber: syz [ 141.161696][ T6604] usb 3-1: config 0 descriptor?? [ 141.213977][ T6604] em28xx 3-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132) [ 141.245991][ T6604] em28xx 3-1:0.132: Video interface 132 found: isoc [ 141.358964][ T8485] loop1: detected capacity change from 0 to 32768 [ 141.396023][ T8501] netlink: 'syz.0.1892': attribute type 2 has an invalid length. [ 141.422795][ T8485] [ 141.422795][ T8485] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 141.422795][ T8485] [ 141.451656][ T4327] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 141.485768][ T4184] [ 141.485768][ T4184] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 141.485768][ T4184] [ 141.510224][ T6604] em28xx 3-1:0.132: unknown em28xx chip ID (0) [ 141.540537][ T4184] [ 141.540537][ T4184] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 141.540537][ T4184] [ 141.633460][ T6604] em28xx 3-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5) [ 141.663750][ T6604] em28xx 3-1:0.132: board has no eeprom [ 141.700140][ T4327] usb 4-1: Using ep0 maxpacket: 8 [ 141.753007][ T8509] tmpfs: Bad value for 'mpol' [ 141.762279][ T6604] em28xx 3-1:0.132: Identified as Leadtek Winfast USB II (card=7) [ 141.782490][ T6604] em28xx 3-1:0.132: analog set to isoc mode. [ 141.788953][ T7225] em28xx 3-1:0.132: Registering V4L2 extension [ 141.820307][ T4327] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 141.838817][ T4327] usb 4-1: config 179 has no interface number 0 [ 141.854866][ T6604] usb 3-1: USB disconnect, device number 9 [ 141.881105][ T4327] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 141.897266][ T6604] em28xx 3-1:0.132: Disconnecting em28xx [ 141.920692][ T8516] loop0: detected capacity change from 0 to 512 [ 141.943802][ T4327] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 142.001981][ T8516] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.1899: invalid indirect mapped block 4294967295 (level 1) [ 142.019090][ T4327] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 142.050821][ T4327] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 142.062961][ T4327] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 142.096594][ T4327] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 142.105843][ T4327] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.114010][ T7225] em28xx 3-1:0.132: Config register raw data: 0xffffffed [ 142.117119][ T8495] loop4: detected capacity change from 0 to 32768 [ 142.121775][ T7225] em28xx 3-1:0.132: AC97 chip type couldn't be determined [ 142.137030][ T7225] em28xx 3-1:0.132: No AC97 audio processor [ 142.142286][ T8516] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.1899: invalid indirect mapped block 4294967295 (level 1) [ 142.156845][ T7225] usb 3-1: Decoder not found [ 142.156861][ T7225] em28xx 3-1:0.132: failed to create media graph [ 142.156883][ T7225] em28xx 3-1:0.132: V4L2 device video103 deregistered [ 142.157681][ T7225] em28xx 3-1:0.132: Remote control support is not available for this card. [ 142.184166][ T8499] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 142.192335][ T6604] em28xx 3-1:0.132: Closing input extension [ 142.206557][ T6604] em28xx 3-1:0.132: Freeing device [ 142.258249][ T8516] EXT4-fs (loop0): 2 truncates cleaned up [ 142.264276][ T8516] EXT4-fs (loop0): mounted filesystem without journal. Opts: noauto_da_alloc,init_itable=0x0000000000004004,barrier=0x0000000000000004,,errors=continue. Quota mode: writeback. [ 142.314135][ T8495] ERROR: (device loop4): diAllocAG: numfree > numinos [ 142.314135][ T8495] [ 142.384375][ T8495] ialloc: diAlloc returned -5! [ 142.695665][ T7225] usb 4-1: USB disconnect, device number 8 [ 142.701632][ C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 142.701798][ C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 143.164721][ T8570] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1924'. [ 143.230702][ T8570] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1924'. [ 143.684795][ T6773] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 143.781280][ T8614] syz.1.1946 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 143.970259][ T6773] usb 1-1: Using ep0 maxpacket: 16 [ 143.973328][ T8628] ieee802154 phy0 wpan0: encryption failed: -22 [ 144.122228][ T8636] loop3: detected capacity change from 0 to 256 [ 144.151310][ T8636] exfat: Deprecated parameter 'utf8' [ 144.156650][ T8636] exfat: Deprecated parameter 'utf8' [ 144.173963][ T8636] exfat: Deprecated parameter 'namecase' [ 144.220334][ T8636] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 144.290301][ T6773] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 144.309591][ T6773] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.353805][ T8640] loop2: detected capacity change from 0 to 4096 [ 144.364698][ T6773] usb 1-1: Product: syz [ 144.395065][ T6773] usb 1-1: Manufacturer: syz [ 144.401102][ T6773] usb 1-1: SerialNumber: syz [ 144.433909][ T6773] r8152-cfgselector 1-1: config 0 descriptor?? [ 144.441990][ T8640] ntfs3: loop2: ino=3, Correct links count -> 2. [ 144.542296][ T8640] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 144.649864][ T8656] loop1: detected capacity change from 0 to 64 [ 144.662148][ T8652] loop3: detected capacity change from 0 to 4096 [ 144.718467][ T8652] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 144.792095][ T8658] loop4: detected capacity change from 0 to 2048 [ 144.835967][ T8652] ntfs3: loop3: Failed to load $Extend. [ 144.866747][ T8658] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 144.936255][ T8658] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 144.950308][ T6773] r8152-cfgselector 1-1: Unknown version 0x0000 [ 144.957845][ T6773] r8152-cfgselector 1-1: bad CDC descriptors [ 145.000238][ T6773] r8152-cfgselector 1-1: Unknown version 0x0000 [ 145.050252][ T6773] r8152-cfgselector 1-1: USB disconnect, device number 8 [ 145.546999][ T8685] loop1: detected capacity change from 0 to 512 [ 145.629566][ T8685] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.1980: invalid block [ 145.653577][ T8685] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1980: invalid indirect mapped block 4294967295 (level 1) [ 145.746947][ T8660] loop2: detected capacity change from 0 to 32768 [ 145.785602][ T8685] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1980: invalid indirect mapped block 4294967295 (level 1) [ 145.827800][ T8685] EXT4-fs (loop1): 2 truncates cleaned up [ 145.839003][ T8700] loop4: detected capacity change from 0 to 2048 [ 145.845462][ T8685] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,init_itable=0x0000000000004004,barrier=0x0000000000000004,,errors=continue. Quota mode: writeback. [ 145.862251][ T8660] ERROR: (device loop2): diAllocAG: numfree > numinos [ 145.862251][ T8660] [ 145.904624][ T8660] ialloc: diAlloc returned -5! [ 145.941185][ T8708] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 145.957642][ T8700] NILFS (loop4): bad btree root (ino=16): level = 164, flags = 0x1, nchildren = 1 [ 146.196484][ T8713] loop0: detected capacity change from 0 to 4096 [ 146.289099][ T8728] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2000'. [ 146.299586][ T8726] ieee802154 phy0 wpan0: encryption failed: -22 [ 146.333408][ T8713] __ntfs_error: 3 callbacks suppressed [ 146.333422][ T8713] ntfs: (device loop0): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 146.408400][ T8713] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 146.451031][ T8713] ntfs: (device loop0): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 146.480476][ T8713] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 146.552341][ T8732] loop1: detected capacity change from 0 to 4096 [ 146.558845][ T8713] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 146.640147][ T8732] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 146.681043][ T8713] ntfs: volume version 3.1. [ 146.718838][ T8713] ntfs: (device loop0): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 146.764206][ T8732] ntfs3: loop1: Failed to load $Extend. [ 146.809809][ T8713] ntfs: (device loop0): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 146.860686][ T8713] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 146.926691][ T8713] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 146.987208][ T8713] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 147.725315][ T8740] loop3: detected capacity change from 0 to 32768 [ 147.762813][ T8788] netlink: 'syz.1.2031': attribute type 4 has an invalid length. [ 147.825719][ T8740] ERROR: (device loop3): diAllocAG: numfree > numinos [ 147.825719][ T8740] [ 147.850156][ T8740] ialloc: diAlloc returned -5! [ 148.107268][ T8802] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2038'. [ 148.167584][ T8802] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2038'. [ 148.313192][ T8810] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 148.385256][ T8804] loop1: detected capacity change from 0 to 8192 [ 148.476331][ T8804] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 148.499483][ T8804] REISERFS (device loop1): using ordered data mode [ 148.527621][ T8804] reiserfs: using flush barriers [ 148.562373][ T8827] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2048'. [ 148.568585][ T8769] loop4: detected capacity change from 0 to 32768 [ 148.579686][ T8804] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 148.590586][ T8829] loop0: detected capacity change from 0 to 512 [ 148.642360][ T8804] REISERFS (device loop1): checking transaction log (loop1) [ 148.662018][ T8829] EXT4-fs (loop0): inline encryption not supported [ 148.676011][ T8769] XFS (loop4): Mounting V5 Filesystem [ 148.689835][ T8829] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 148.704427][ T8804] REISERFS (device loop1): Using r5 hash to sort names [ 148.720419][ T8804] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 148.737774][ T8804] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 148.770514][ T8829] EXT4-fs (loop0): 1 truncate cleaned up [ 148.770539][ T8829] EXT4-fs (loop0): mounted filesystem without journal. Opts: minixdf,jqfmt=vfsv0,inlinecrypt,noblock_validity,usrjquota=,,errors=continue. Quota mode: none. [ 148.978940][ T8769] XFS (loop4): Ending clean mount [ 149.160086][ T4254] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 149.167471][ T4196] XFS (loop4): Unmounting Filesystem [ 149.428831][ T8865] loop1: detected capacity change from 0 to 764 [ 149.460197][ T4254] usb 3-1: Using ep0 maxpacket: 16 [ 149.567493][ T8873] ERROR: device name not specified. [ 149.790292][ T4254] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 149.802111][ T4254] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 149.831444][ T4254] usb 3-1: Product: syz [ 149.842761][ T4254] usb 3-1: Manufacturer: syz [ 149.878747][ T4254] usb 3-1: SerialNumber: syz [ 149.910997][ T4254] r8152-cfgselector 3-1: config 0 descriptor?? [ 149.946785][ T8891] loop3: detected capacity change from 0 to 8 [ 149.973609][ T8893] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2077'. [ 150.011763][ T8891] SQUASHFS error: Failed to read block 0xe000000000001ea: -5 [ 150.050249][ T8891] unable to read xattr id index table [ 150.135347][ T8891] ERROR: device name not specified. [ 150.374670][ T8878] loop0: detected capacity change from 0 to 32768 [ 150.390361][ T4254] r8152-cfgselector 3-1: Unknown version 0x0000 [ 150.396741][ T4254] r8152-cfgselector 3-1: bad CDC descriptors [ 150.425244][ T8917] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2089'. [ 150.434442][ T4254] r8152-cfgselector 3-1: Unknown version 0x0000 [ 150.451393][ T4254] r8152-cfgselector 3-1: USB disconnect, device number 10 [ 150.496925][ T8922] loop4: detected capacity change from 0 to 65 [ 150.535766][ T8878] XFS (loop0): Mounting V5 Filesystem [ 150.601865][ T8930] loop1: detected capacity change from 0 to 512 [ 150.627724][ T8922] BFS-fs: bfs_fill_super(): NOTE: filesystem loop4 was created with 512 inodes, the real maximum is 511, mounting anyway [ 150.653980][ T8930] EXT4-fs (loop1): inline encryption not supported [ 150.718063][ T8930] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 150.738309][ T8878] XFS (loop0): Ending clean mount [ 150.745873][ T8878] XFS (loop0): Quotacheck needed: Please wait. [ 150.833052][ T8930] EXT4-fs (loop1): 1 truncate cleaned up [ 150.838720][ T8930] EXT4-fs (loop1): mounted filesystem without journal. Opts: minixdf,jqfmt=vfsv0,inlinecrypt,noblock_validity,usrjquota=,,errors=continue. Quota mode: none. [ 150.865635][ T8878] XFS (loop0): Quotacheck: Done. [ 150.998569][ T8913] loop3: detected capacity change from 0 to 40427 [ 151.000396][ T4183] XFS (loop0): Unmounting Filesystem [ 151.066563][ T8940] loop2: detected capacity change from 0 to 256 [ 151.157934][ T8913] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 151.173185][ T8940] FAT-fs (loop2): Directory bread(block 64) failed [ 151.210125][ T8913] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 151.218605][ T8940] FAT-fs (loop2): Directory bread(block 65) failed [ 151.232930][ T8913] F2FS-fs (loop3): invalid crc value [ 151.239814][ T8940] FAT-fs (loop2): Directory bread(block 66) failed [ 151.257120][ T8940] FAT-fs (loop2): Directory bread(block 67) failed [ 151.262358][ T8944] ERROR: device name not specified. [ 151.269394][ T8940] FAT-fs (loop2): Directory bread(block 68) failed [ 151.281106][ T8940] FAT-fs (loop2): Directory bread(block 69) failed [ 151.295532][ T8940] FAT-fs (loop2): Directory bread(block 70) failed [ 151.311359][ T8913] F2FS-fs (loop3): Found nat_bits in checkpoint [ 151.393905][ T8940] FAT-fs (loop2): Directory bread(block 71) failed [ 151.429400][ T8954] netlink: 'syz.1.2101': attribute type 3 has an invalid length. [ 151.460394][ T8940] FAT-fs (loop2): Directory bread(block 72) failed [ 151.482704][ T8940] FAT-fs (loop2): Directory bread(block 73) failed [ 151.501015][ T8954] netlink: 'syz.1.2101': attribute type 3 has an invalid length. [ 151.538750][ T146] Bluetooth: Wrong link type (-22) [ 151.545153][ T146] Bluetooth: hci4: link tx timeout [ 151.550800][ T146] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 151.563417][ T8913] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 151.597634][ T8913] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 151.857202][ T8970] netlink: 'syz.2.2109': attribute type 1 has an invalid length. [ 151.870244][ T7] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 151.881807][ T8973] loop0: detected capacity change from 0 to 64 [ 152.089124][ T8981] loop1: detected capacity change from 0 to 2048 [ 152.140223][ T7] usb 5-1: Using ep0 maxpacket: 8 [ 152.146967][ T8981] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 129: 0x32 != 0x7d [ 152.179679][ T8981] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 152.242113][ T8991] loop0: detected capacity change from 0 to 256 [ 152.310770][ T8991] exfat: Deprecated parameter 'namecase' [ 152.316506][ T8991] exfat: Deprecated parameter 'namecase' [ 152.321896][ T8995] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2119'. [ 152.334142][ T8991] exfat: Deprecated parameter 'utf8' [ 152.401043][ T8991] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012366, chksum : 0xd06b6363, utbl_chksum : 0xe619d30d) [ 152.430559][ T7] usb 5-1: config 1 interface 0 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 152.453932][ T7] usb 5-1: config 1 interface 0 has no altsetting 0 [ 152.661863][ T8983] loop3: detected capacity change from 0 to 32768 [ 152.764752][ T8983] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 152.774414][ T7] usb 5-1: string descriptor 0 read error: -22 [ 152.796256][ T7] usb 5-1: New USB device found, idVendor=046d, idProduct=c71e, bcdDevice= 0.40 [ 152.801831][ T9019] comedi comedi0: comedi_parport: I/O port conflict (0xffffffff80000000,3) [ 152.865739][ T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 152.924911][ T8983] OCFS2: ERROR (device loop3): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #17056 has bad chain 1 [ 152.967122][ T8983] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 152.978629][ T8983] OCFS2: File system is now read-only. [ 152.984580][ T8983] (syz.3.2105,8983,1):ocfs2_search_chain:1761 ERROR: status = -30 [ 152.994368][ T8983] (syz.3.2105,8983,1):ocfs2_search_chain:1871 ERROR: status = -30 [ 153.032293][ T8983] (syz.3.2105,8983,1):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 153.041068][ T8983] (syz.3.2105,8983,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 153.049503][ T8983] (syz.3.2105,8983,1):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 153.058473][ T8983] (syz.3.2105,8983,1):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 153.105132][ T8983] (syz.3.2105,8983,1):ocfs2_mknod_locked:639 ERROR: status = -30 [ 153.122046][ T8983] (syz.3.2105,8983,1):ocfs2_mknod:385 ERROR: status = -30 [ 153.162703][ T8983] (syz.3.2105,8983,1):ocfs2_mknod:502 ERROR: status = -30 [ 153.206364][ T8983] (syz.3.2105,8983,1):ocfs2_create:676 ERROR: status = -30 [ 153.283997][ T4182] (syz-executor,4182,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72 [ 153.295215][ T7] usbhid 5-1:1.0: can't add hid device: -71 [ 153.295293][ T7] usbhid: probe of 5-1:1.0 failed with error -71 [ 153.297052][ T7] usb 5-1: USB disconnect, device number 11 [ 153.328262][ T4182] ocfs2: Unmounting device (7,3) on (node local) [ 153.610521][ T4327] Bluetooth: hci4: command 0x0406 tx timeout [ 153.874055][ T9063] loop3: detected capacity change from 0 to 4096 [ 153.919262][ T9072] comedi comedi0: Minor 47 could not be opened [ 153.962351][ T9077] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2158'. [ 154.009968][ T9077] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2158'. [ 154.351688][ T9105] comedi comedi0: Minor 47 could not be opened [ 154.467257][ T9117] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2176'. [ 154.521725][ T9108] mip6: mip6_rthdr_init_state: state's mode is not 2: 0 [ 154.550330][ T9117] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2176'. [ 154.747081][ T9130] overlayfs: workdir and upperdir must be separate subtrees [ 154.909846][ T9149] CIFS mount error: No usable UNC path provided in device string! [ 154.909846][ T9149] [ 154.970489][ T9149] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 155.070359][ T9162] sctp: [Deprecated]: syz.2.2199 (pid 9162) Use of struct sctp_assoc_value in delayed_ack socket option. [ 155.070359][ T9162] Use struct sctp_sack_info instead [ 155.393428][ T9181] loop0: detected capacity change from 0 to 4096 [ 155.970308][ T9217] overlayfs: workdir and upperdir must be separate subtrees [ 156.005983][ T9176] loop2: detected capacity change from 0 to 32768 [ 156.269714][ T9187] loop1: detected capacity change from 0 to 32768 [ 156.309160][ T9233] netlink: 1010 bytes leftover after parsing attributes in process `syz.0.2233'. [ 156.350382][ T9233] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 156.352223][ T9225] loop4: detected capacity change from 0 to 4096 [ 156.385707][ T9187] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 156.419184][ T9187] OCFS2: ERROR (device loop1): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #17056 has bad chain 1 [ 156.447050][ T9187] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 156.500256][ T9187] OCFS2: File system is now read-only. [ 156.540109][ T9187] (syz.1.2211,9187,1):ocfs2_search_chain:1761 ERROR: status = -30 [ 156.561858][ T9187] (syz.1.2211,9187,1):ocfs2_search_chain:1871 ERROR: status = -30 [ 156.587050][ T9187] (syz.1.2211,9187,1):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 156.646812][ T9187] (syz.1.2211,9187,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 156.692864][ T9187] (syz.1.2211,9187,1):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 156.722339][ T9187] (syz.1.2211,9187,1):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 156.768431][ T9187] (syz.1.2211,9187,1):ocfs2_mknod_locked:639 ERROR: status = -30 [ 156.788478][ T9252] overlayfs: workdir and upperdir must be separate subtrees [ 156.810936][ T9187] (syz.1.2211,9187,1):ocfs2_mknod:385 ERROR: status = -30 [ 156.818213][ T9187] (syz.1.2211,9187,1):ocfs2_mknod:502 ERROR: status = -30 [ 156.850874][ T9187] (syz.1.2211,9187,1):ocfs2_create:676 ERROR: status = -30 [ 156.917701][ T4184] (syz-executor,4184,0):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72 [ 156.940747][ T4184] ocfs2: Unmounting device (7,1) on (node local) [ 156.975187][ T9263] CIFS mount error: No usable UNC path provided in device string! [ 156.975187][ T9263] [ 157.006335][ T9263] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 157.081598][ T9270] loop3: detected capacity change from 0 to 256 [ 157.209703][ T9275] loop2: detected capacity change from 0 to 4096 [ 157.297274][ T9287] sctp: [Deprecated]: syz.0.2259 (pid 9287) Use of struct sctp_assoc_value in delayed_ack socket option. [ 157.297274][ T9287] Use struct sctp_sack_info instead [ 157.503343][ T9300] loop0: detected capacity change from 0 to 512 [ 157.564857][ T7225] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 157.582005][ T9306] netlink: 288 bytes leftover after parsing attributes in process `syz.3.2270'. [ 157.636455][ T9300] __quota_error: 6 callbacks suppressed [ 157.636470][ T9300] Quota error (device loop0): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 157.658190][ T9300] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 157.668957][ T9300] EXT4-fs error (device loop0): ext4_acquire_dquot:6209: comm syz.0.2267: Failed to acquire dquot type 1 [ 157.699199][ T9300] EXT4-fs (loop0): 1 truncate cleaned up [ 157.705312][ T9300] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpid,auto_da_alloc,minixdf,noinit_itable,init_itable,,errors=continue. Quota mode: writeback. [ 157.730369][ T9300] ext4 filesystem being mounted at /429/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 157.785691][ T9300] Quota error (device loop0): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 157.799050][ T9300] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 157.820139][ T7225] usb 5-1: Using ep0 maxpacket: 8 [ 157.848349][ T9300] EXT4-fs error (device loop0): ext4_acquire_dquot:6209: comm syz.0.2267: Failed to acquire dquot type 1 [ 157.940506][ T7225] usb 5-1: config 0 has an invalid interface number: 31 but max is 0 [ 157.970336][ T7225] usb 5-1: config 0 has no interface number 0 [ 158.150447][ T7225] usb 5-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 158.173447][ T7225] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.200999][ T7225] usb 5-1: Product: syz [ 158.210351][ T7225] usb 5-1: Manufacturer: syz [ 158.214975][ T7225] usb 5-1: SerialNumber: syz [ 158.224241][ T9303] loop2: detected capacity change from 0 to 32768 [ 158.225255][ T9336] trusted_key: encrypted_key: master key parameter is missing [ 158.240339][ T7225] usb 5-1: config 0 descriptor?? [ 158.308840][ T9303] ERROR: (device loop2): diNewExt: no free extents [ 158.308840][ T9303] [ 158.357159][ T9303] ERROR: (device loop2): remounting filesystem as read-only [ 158.357644][ T9342] netlink: 1010 bytes leftover after parsing attributes in process `syz.1.2286'. [ 158.369984][ T9303] ialloc: diAlloc returned -5! [ 158.381892][ T9342] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 158.410209][ T4327] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 158.550457][ T7225] usb 5-1: Found UVC 0.04 device syz (046d:08c3) [ 158.556928][ T7225] usb 5-1: No valid video chain found. [ 158.565960][ T9354] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled [ 158.591339][ T7225] usb 5-1: USB disconnect, device number 12 [ 158.621249][ T9356] loop1: detected capacity change from 0 to 256 [ 158.690221][ T4327] usb 4-1: Using ep0 maxpacket: 8 [ 158.827087][ T4327] usb 4-1: config 13 has an invalid interface number: 77 but max is 0 [ 158.849627][ T4327] usb 4-1: config 13 has no interface number 0 [ 158.890760][ T4327] usb 4-1: config 13 interface 77 has no altsetting 0 [ 158.937263][ T9372] loop0: detected capacity change from 0 to 512 [ 159.021363][ T9372] EXT4-fs (loop0): Ignoring removed nobh option [ 159.039961][ T9372] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 159.051052][ T4327] usb 4-1: New USB device found, idVendor=06cd, idProduct=010b, bcdDevice=10.8f [ 159.062274][ T9382] netlink: 1216 bytes leftover after parsing attributes in process `syz.1.2306'. [ 159.071872][ T9382] netlink: 4436 bytes leftover after parsing attributes in process `syz.1.2306'. [ 159.080492][ T4327] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 159.081729][ T9372] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802e02c, mo2=0002] [ 159.108716][ T9372] EXT4-fs (loop0): orphan cleanup on readonly fs [ 159.118476][ T4327] usb 4-1: Product: syz [ 159.138450][ T4327] usb 4-1: Manufacturer: syz [ 159.172157][ T9372] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #11: comm syz.0.2301: attempt to clear invalid blocks 1024 len 1 [ 159.183233][ T4327] usb 4-1: SerialNumber: syz [ 159.195976][ T9372] EXT4-fs (loop0): Remounting filesystem read-only [ 159.204291][ T9384] loop2: detected capacity change from 0 to 8192 [ 159.212658][ T9372] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.2301: bg 0: block 361: padding at end of block bitmap is not set [ 159.258353][ T9384] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 159.288610][ T9372] EXT4-fs (loop0): Remounting filesystem read-only [ 159.290376][ T9384] REISERFS (device loop2): using ordered data mode [ 159.305797][ T9372] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6178: Corrupt filesystem [ 159.316066][ T9384] reiserfs: using flush barriers [ 159.332306][ T9372] EXT4-fs (loop0): Remounting filesystem read-only [ 159.349658][ T9384] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 159.406107][ T9396] netlink: 288 bytes leftover after parsing attributes in process `syz.1.2312'. [ 159.427198][ T9372] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.2301: invalid indirect mapped block 1811939328 (level 0) [ 159.465633][ T9384] REISERFS (device loop2): checking transaction log (loop2) [ 159.493206][ T9372] EXT4-fs (loop0): Remounting filesystem read-only [ 159.499749][ T9372] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.2301: invalid indirect mapped block 2185560079 (level 1) [ 159.519565][ T9384] REISERFS (device loop2): Using r5 hash to sort names [ 159.537619][ T9372] EXT4-fs (loop0): Remounting filesystem read-only [ 159.555197][ T9372] EXT4-fs (loop0): 1 truncate cleaned up [ 159.569410][ T9372] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,noblock_validity,nobh,errors=remount-ro,max_dir_size_kb=0x00000000000000ff. Quota mode: none. [ 159.587601][ T4327] keyspan 4-1:13.77: Keyspan - (without firmware) converter detected [ 159.600910][ T9384] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 159.620235][ T4327] usb 4-1: USB disconnect, device number 9 [ 159.629153][ T4327] keyspan 4-1:13.77: device disconnected [ 159.639293][ T9384] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 159.746823][ T9398] loop4: detected capacity change from 0 to 32768 [ 159.869299][ T9398] __jfs_setxattr: xattr_size = 82, new_size = 12061 [ 160.010516][ T9414] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2320'. [ 160.089484][ T9421] Cannot find del_set index 2 as target [ 160.381405][ T6604] usb 4-1: new full-speed USB device number 10 using dummy_hcd [ 160.476757][ T9433] loop4: detected capacity change from 0 to 8192 [ 160.590554][ T9433] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 160.625764][ T9433] REISERFS (device loop4): using ordered data mode [ 160.633504][ T9433] reiserfs: using flush barriers [ 160.654237][ T9433] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 160.695815][ T9433] REISERFS (device loop4): checking transaction log (loop4) [ 160.725374][ T9433] REISERFS (device loop4): Using r5 hash to sort names [ 160.734235][ T9433] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 160.749792][ T9433] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 160.768391][ T9455] loop1: detected capacity change from 0 to 512 [ 160.790563][ T6604] usb 4-1: config 0 has an invalid interface number: 46 but max is 0 [ 160.800539][ T6604] usb 4-1: config 0 has no interface number 0 [ 160.808904][ T6604] usb 4-1: config 0 interface 46 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64 [ 160.893250][ T9455] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,grpquota,. Quota mode: writeback. [ 160.905348][ T9430] loop0: detected capacity change from 0 to 32768 [ 160.918183][ T9455] ext4 filesystem being mounted at /535/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 161.020748][ T6604] usb 4-1: New USB device found, idVendor=045a, idProduct=5210, bcdDevice= 1.01 [ 161.043698][ T9455] EXT4-fs error (device loop1): ext4_empty_dir:3139: inode #12: comm syz.1.2341: Directory hole found for htree leaf block 0 [ 161.080420][ T6604] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 161.088469][ T6604] usb 4-1: Product: syz [ 161.110353][ T9455] EXT4-fs (loop1): Remounting filesystem read-only [ 161.120073][ T6604] usb 4-1: Manufacturer: syz [ 161.124743][ T6604] usb 4-1: SerialNumber: syz [ 161.146147][ T6604] usb 4-1: config 0 descriptor?? [ 161.195189][ T9422] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 161.230877][ T6604] ums-karma 4-1:0.46: USB Mass Storage device detected [ 161.268725][ T9473] loop2: detected capacity change from 0 to 256 [ 161.372418][ T6604] ums-karma: probe of 4-1:0.46 failed with error -5 [ 161.477978][ T6773] usb 4-1: USB disconnect, device number 10 [ 161.805408][ T9508] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2361'. [ 162.042502][ T9523] xt_nfacct: accounting object `syz1' does not exist [ 162.092982][ T9527] ieee802154 phy0 wpan0: encryption failed: -90 [ 162.195698][ T9533] loop1: detected capacity change from 0 to 1024 [ 162.280638][ T9540] netlink: 'syz.3.2375': attribute type 79 has an invalid length. [ 162.316495][ T9533] hfsplus: session requires an argument [ 162.329602][ T9533] hfsplus: unable to parse mount options [ 162.475439][ T9547] loop3: detected capacity change from 0 to 512 [ 162.516148][ T9550] loop4: detected capacity change from 0 to 512 [ 162.539845][ T9512] loop0: detected capacity change from 0 to 32768 [ 162.595063][ T9547] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 162.623065][ T9512] ERROR: (device loop0): diNewExt: no free extents [ 162.623065][ T9512] [ 162.643856][ T9550] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,grpquota,. Quota mode: writeback. [ 162.665808][ T9512] ERROR: (device loop0): remounting filesystem as read-only [ 162.674330][ T9550] ext4 filesystem being mounted at /432/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 162.694348][ T9547] EXT4-fs (loop3): 1 orphan inode deleted [ 162.700335][ T9512] ialloc: diAlloc returned -5! [ 162.745776][ T9547] EXT4-fs (loop3): 1 truncate cleaned up [ 162.752051][ T9547] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000004000000,jqfmt=vfsv0,quota,. Quota mode: writeback. [ 162.778927][ T9547] EXT4-fs error (device loop3): empty_inline_dir:1863: inode #12: block 7: comm syz.3.2379: bad entry in directory: directory entry overrun - offset=4, inode=13, rec_len=784, size=60 fake=0 [ 162.810765][ T9550] EXT4-fs error (device loop4): ext4_empty_dir:3139: inode #12: comm syz.4.2380: Directory hole found for htree leaf block 0 [ 162.843615][ T9547] EXT4-fs (loop3): Remounting filesystem read-only [ 162.859174][ T9547] EXT4-fs warning (device loop3): empty_inline_dir:1870: bad inline directory (dir #12) - inode 13, rec_len 784, name_len 5inline size 60 [ 162.873492][ T9550] EXT4-fs (loop4): Remounting filesystem read-only [ 162.894172][ T9573] loop1: detected capacity change from 0 to 256 [ 162.970862][ T9573] exfat: Deprecated parameter 'namecase' [ 163.049707][ T9573] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 163.151883][ T9586] xt_nfacct: accounting object `syz1' does not exist [ 163.158780][ T9587] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2395'. [ 163.353398][ T9603] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2407'. [ 163.454309][ T9615] loop0: detected capacity change from 0 to 256 [ 163.508519][ T9615] exfat: Deprecated parameter 'namecase' [ 163.524583][ T9621] netlink: 'syz.1.2417': attribute type 21 has an invalid length. [ 163.538404][ T9626] loop3: detected capacity change from 0 to 512 [ 163.538647][ T9621] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2417'. [ 163.585435][ T9615] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 163.591701][ T9621] netlink: 'syz.1.2417': attribute type 1 has an invalid length. [ 163.606376][ T9627]  (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 163.661872][ T9626] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 163.676324][ T9626] EXT4-fs error (device loop3): ext4_orphan_get:1427: comm syz.3.2418: bad orphan inode 15 [ 163.689347][ T9626] ext4_test_bit(bit=14, block=4) = 1 [ 163.694849][ T9626] is_bad_inode(inode)=0 [ 163.699074][ T9626] NEXT_ORPHAN(inode)=0 [ 163.703616][ T9626] max_ino=32 [ 163.706967][ T9626] i_nlink=1 [ 163.729846][ T9626] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,acl,noload,data_err=ignore,usrjquota="init_itable=0x0000000000000601,init_itable=0x0000000000000101,noblock_validity,,errors=continue. Quota mode: writeback. [ 163.763030][ T9626] EXT4-fs error (device loop3): ext4_append:79: inode #2: comm syz.3.2418: Logical block already allocated [ 164.086564][ T9647] loop1: detected capacity change from 0 to 2048 [ 164.120386][ T9654] UBIFS error (pid: 9654): cannot open "(null)", error -22 [ 164.243797][ T9647] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 164.412652][ T9647] ext4 filesystem being mounted at /554/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 164.479003][ T9646] loop2: detected capacity change from 0 to 32768 [ 164.568568][ T9646] JBD2: Ignoring recovery information on journal [ 164.686827][ T9646] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 164.795418][ T9687] IPv6: Can't replace route, no match found [ 164.802154][ T9646] OCFS2: ERROR (device loop2): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #1792 has bad signature [ 164.891154][ T9646] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 164.923038][ T9646] OCFS2: File system is now read-only. [ 164.947067][ T9646] (syz.2.2428,9646,0):ocfs2_search_chain:1785 ERROR: status = -30 [ 165.031391][ T9646] (syz.2.2428,9646,0):ocfs2_search_chain:1871 ERROR: status = -30 [ 165.039246][ T9646] (syz.2.2428,9646,0):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 165.080671][ T9702] loop3: detected capacity change from 0 to 2048 [ 165.090417][ T9707] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2453'. [ 165.101821][ T9708] netlink: 5064 bytes leftover after parsing attributes in process `syz.1.2455'. [ 165.103285][ T9646] (syz.2.2428,9646,0):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 165.131572][ T9646] (syz.2.2428,9646,0):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 165.154342][ T9646] (syz.2.2428,9646,0):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 165.167834][ T9646] (syz.2.2428,9646,0):ocfs2_mknod_locked:639 ERROR: status = -30 [ 165.214492][ T9646] (syz.2.2428,9646,0):ocfs2_symlink:1941 ERROR: status = -30 [ 165.228719][ T9646] (syz.2.2428,9646,1):ocfs2_symlink:2065 ERROR: status = -30 [ 165.238600][ T9702] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 165.303678][ T9702] ext4 filesystem being mounted at /497/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 165.336522][ T4192] ocfs2: Unmounting device (7,2) on (node local) [ 165.502480][ T9727] netlink: 'syz.4.2465': attribute type 2 has an invalid length. [ 165.909301][ T9765] loop2: detected capacity change from 0 to 512 [ 165.994732][ T9765] EXT4-fs (loop2): Mount option "noacl" will be removed by 3.5 [ 165.994732][ T9765] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 165.994732][ T9765] [ 166.082710][ T9767] loop4: detected capacity change from 0 to 4096 [ 166.089600][ T9765] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 166.107113][ T9775] loop1: detected capacity change from 0 to 512 [ 166.138680][ T9775] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 166.168091][ T9778] loop0: detected capacity change from 0 to 512 [ 166.183384][ T9765] EXT4-fs error (device loop2): ext4_fill_super:4841: inode #2: comm syz.2.2484: casefold flag without casefold feature [ 166.227624][ T9782] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 166.276406][ T9765] EXT4-fs (loop2): get root inode failed [ 166.282318][ T9765] EXT4-fs (loop2): mount failed [ 166.310131][ T9767] NILFS error (device loop4): nilfs_check_page: bad entry in directory #2: unaligned directory entry - offset=32, inode=11, rec_len=129, name_len=6 [ 166.363551][ T9778] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 166.363909][ T9775] EXT4-fs (loop1): 1 orphan inode deleted [ 166.378032][ T9778] EXT4-fs error (device loop0): ext4_orphan_get:1427: comm syz.0.2489: bad orphan inode 15 [ 166.388727][ T9778] ext4_test_bit(bit=14, block=4) = 1 [ 166.411720][ T9778] is_bad_inode(inode)=0 [ 166.412795][ T9775] EXT4-fs (loop1): 1 truncate cleaned up [ 166.415942][ T9778] NEXT_ORPHAN(inode)=0 [ 166.423283][ T9775] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000004000000,jqfmt=vfsv0,quota,. Quota mode: writeback. [ 166.460205][ T9778] max_ino=32 [ 166.463458][ T9778] i_nlink=1 [ 166.466630][ T9778] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,acl,noload,data_err=ignore,usrjquota="init_itable=0x0000000000000601,init_itable=0x0000000000000101,noblock_validity,,errors=continue. Quota mode: writeback. [ 166.482080][ T9767] Remounting filesystem read-only [ 166.528214][ T9775] EXT4-fs error (device loop1): empty_inline_dir:1863: inode #12: block 7: comm syz.1.2488: bad entry in directory: directory entry overrun - offset=4, inode=13, rec_len=784, size=60 fake=0 [ 166.548665][ T9775] EXT4-fs (loop1): Remounting filesystem read-only [ 166.564188][ T9775] EXT4-fs warning (device loop1): empty_inline_dir:1870: bad inline directory (dir #12) - inode 13, rec_len 784, name_len 5inline size 60 [ 166.677607][ T9778] EXT4-fs error (device loop0): ext4_append:79: inode #2: comm syz.0.2489: Logical block already allocated [ 166.682665][ T9795] netlink: 5064 bytes leftover after parsing attributes in process `syz.3.2496'. [ 167.152036][ T9831] netlink: 'syz.1.2513': attribute type 2 has an invalid length. [ 167.341058][ T9846] loop1: detected capacity change from 0 to 512 [ 167.409366][ T9846] EXT4-fs (loop1): Ignoring removed nobh option [ 167.443999][ T9846] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 167.485731][ T9846] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802e02c, mo2=0002] [ 167.516482][ T9846] EXT4-fs (loop1): orphan cleanup on readonly fs [ 167.530883][ T9846] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #11: comm syz.1.2521: attempt to clear invalid blocks 1024 len 1 [ 167.550127][ T9846] EXT4-fs (loop1): Remounting filesystem read-only [ 167.564892][ T9846] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.2521: bg 0: block 361: padding at end of block bitmap is not set [ 167.585847][ T9846] EXT4-fs (loop1): Remounting filesystem read-only [ 167.595456][ T9846] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6178: Corrupt filesystem [ 167.633123][ T9846] EXT4-fs (loop1): Remounting filesystem read-only [ 167.644910][ T9846] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.2521: invalid indirect mapped block 1811939328 (level 0) [ 167.658849][ T9875] SET target dimension over the limit! [ 167.702827][ T9846] EXT4-fs (loop1): Remounting filesystem read-only [ 167.709392][ T9846] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.2521: invalid indirect mapped block 2185560079 (level 1) [ 167.777538][ T9846] EXT4-fs (loop1): Remounting filesystem read-only [ 167.798601][ T9846] EXT4-fs (loop1): 1 truncate cleaned up [ 167.823856][ T9846] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,noblock_validity,nobh,errors=remount-ro,max_dir_size_kb=0x00000000000000ff. Quota mode: none. [ 167.930129][ T4226] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 168.172851][ T9901] loop1: detected capacity change from 0 to 4096 [ 168.270952][ T9916] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 168.330470][ T4226] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 168.371711][ T4226] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 168.396829][ T9915] loop2: detected capacity change from 0 to 4096 [ 168.400101][ T4226] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 168.474821][ T4226] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 168.477718][ T9915] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 168.527632][ T4226] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 168.563331][ T4226] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 168.593524][ T4226] usb 4-1: config 0 descriptor?? [ 168.642904][ T4226] hdpvr 4-1:0.0: Could not find bulk-in endpoint [ 168.653333][ T4226] hdpvr: probe of 4-1:0.0 failed with error -12 [ 168.734977][ T9915] ntfs3: loop2: failed to convert "c46c" to iso8859-6 [ 168.768000][ T9924] netlink: 'syz.1.2558': attribute type 1 has an invalid length. [ 168.781459][ T9915] ntfs3: loop2: failed to convert "0030" to iso8859-6 [ 168.803303][ T9924] netlink: 'syz.1.2558': attribute type 9 has an invalid length. [ 168.809578][ T9915] ntfs3: loop2: failed to convert "0031" to iso8859-6 [ 168.845980][ T4226] usb 4-1: USB disconnect, device number 11 [ 168.859120][ T9915] ntfs3: loop2: failed to convert "0032" to iso8859-6 [ 168.877146][ T9907] loop4: detected capacity change from 0 to 32768 [ 169.206716][ T9920] loop0: detected capacity change from 0 to 32768 [ 169.239195][ T9941] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2568'. [ 169.271577][ T9943] loop4: detected capacity change from 0 to 256 [ 169.287914][ T9944] loop2: detected capacity change from 0 to 128 [ 169.326252][ T9920] jfs_rename: dtInsert returned -EIO [ 169.345525][ T9946] netlink: 'syz.1.2569': attribute type 3 has an invalid length. [ 169.495880][ T9954] SET target dimension over the limit! [ 169.735527][ T4254] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 169.743318][ T6773] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 169.866078][ T9976] netlink: 'syz.3.2583': attribute type 3 has an invalid length. [ 169.877651][ T9977] loop2: detected capacity change from 0 to 64 [ 169.954514][ T9983] loop3: detected capacity change from 0 to 256 [ 170.000223][ T4254] usb 1-1: Using ep0 maxpacket: 16 [ 170.120453][ T6773] usb 2-1: config 0 has an invalid interface number: 46 but max is 0 [ 170.128774][ T4254] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 170.141959][ T6773] usb 2-1: config 0 has no interface number 0 [ 170.165969][ T6773] usb 2-1: config 0 interface 46 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64 [ 170.306008][ T9996] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2592'. [ 170.320472][ T4254] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55 [ 170.344844][ T4254] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 170.353255][ T4254] usb 1-1: Product: syz [ 170.357421][ T4254] usb 1-1: Manufacturer: syz [ 170.367683][ T6773] usb 2-1: New USB device found, idVendor=045a, idProduct=5210, bcdDevice= 1.01 [ 170.393682][ T4254] usb 1-1: SerialNumber: syz [ 170.410121][ T6773] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 170.418160][ T6773] usb 2-1: Product: syz [ 170.423683][ T4254] usb 1-1: config 0 descriptor?? [ 170.437887][ T6773] usb 2-1: Manufacturer: syz [ 170.466575][ T6773] usb 2-1: SerialNumber: syz [ 170.482698][ T6773] usb 2-1: config 0 descriptor?? [ 170.512758][ T4254] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 170.540329][ T9951] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 170.561031][ T6773] ums-karma 2-1:0.46: USB Mass Storage device detected [ 170.673233][ T6773] ums-karma: probe of 2-1:0.46 failed with error -5 [ 170.804403][ T4173] usb 2-1: USB disconnect, device number 9 [ 170.972663][T10044] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2613'. [ 171.242020][ T4327] usb 1-1: USB disconnect, device number 9 [ 171.253983][T10060] loop3: detected capacity change from 0 to 4096 [ 171.255403][ T4266] usb 1-1: Failed to submit usb control message: -71 [ 171.286813][ T4266] usb 1-1: unable to send the bmi data to the device: -71 [ 171.308658][ T4266] usb 1-1: unable to get target info from device [ 171.345198][ T4266] usb 1-1: could not get target info (-71) [ 171.383633][ T4266] usb 1-1: could not probe fw (-71) [ 171.693735][T10093] 8021q: adding VLAN 0 to HW filter on device bond1 [ 171.756209][T10095] loop4: detected capacity change from 0 to 4096 [ 171.768262][T10095] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 171.910690][ T7225] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 172.200254][ T7225] usb 2-1: Using ep0 maxpacket: 16 [ 172.260371][ T6773] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 172.320443][ T7225] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 172.332562][T10097] loop3: detected capacity change from 0 to 32768 [ 172.510237][ T7225] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55 [ 172.519302][ T7225] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 172.569644][ T7225] usb 2-1: Product: syz [ 172.578714][ T7225] usb 2-1: Manufacturer: syz [ 172.583981][ T7225] usb 2-1: SerialNumber: syz [ 172.597351][ T7225] usb 2-1: config 0 descriptor?? [ 172.630245][ T6773] usb 5-1: config 0 has an invalid interface number: 64 but max is 0 [ 172.650954][ T6773] usb 5-1: config 0 has no interface number 0 [ 172.657520][T10137] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2658'. [ 172.690830][ T7225] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 172.744182][T10144] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2659'. [ 172.830407][ T6773] usb 5-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07 [ 172.839467][ T6773] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 172.897944][ T6773] usb 5-1: Product: syz [ 172.921235][ T6773] usb 5-1: Manufacturer: syz [ 172.925900][ T6773] usb 5-1: SerialNumber: syz [ 172.969088][ T6773] usb 5-1: config 0 descriptor?? [ 173.051687][T10135] loop2: detected capacity change from 0 to 32768 [ 173.094447][T10135] jfs_rename: dtInsert returned -EIO [ 173.178938][T10150] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 173.313173][T10146] loop0: detected capacity change from 0 to 32768 [ 173.353537][T10148] loop3: detected capacity change from 0 to 32768 [ 173.390238][ T6773] usb 5-1: Found UVC 0.08 device syz (046d:0823) [ 173.406546][ T6773] usb 5-1: No valid video chain found. [ 173.407754][T10146] JBD2: Ignoring recovery information on journal [ 173.446803][ T6604] usb 2-1: USB disconnect, device number 10 [ 173.450499][ T4318] usb 2-1: Failed to submit usb control message: -71 [ 173.508740][ T6773] usb 5-1: USB disconnect, device number 13 [ 173.517930][ T4318] usb 2-1: unable to send the bmi data to the device: -71 [ 173.526492][T10163] loop1: detected capacity change from 0 to 24 [ 173.539357][ T4318] usb 2-1: unable to get target info from device [ 173.545934][ T4318] usb 2-1: could not get target info (-71) [ 173.551351][T10146] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 173.552054][ T4318] usb 2-1: could not probe fw (-71) [ 173.579808][T10163] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 173.657784][T10146] OCFS2: ERROR (device loop0): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #1792 has bad signature [ 173.660521][T10163] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 173.697097][T10146] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 173.753296][T10146] OCFS2: File system is now read-only. [ 173.794725][T10146] (syz.0.2661,10146,1):ocfs2_search_chain:1785 ERROR: status = -30 [ 173.814202][T10146] (syz.0.2661,10146,1):ocfs2_search_chain:1871 ERROR: status = -30 [ 173.900169][T10146] (syz.0.2661,10146,1):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 173.953857][T10168] loop3: detected capacity change from 0 to 4096 [ 173.961153][T10146] (syz.0.2661,10146,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 173.965076][T10174] netlink: 'syz.2.2673': attribute type 13 has an invalid length. [ 173.975947][T10146] (syz.0.2661,10146,1):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 173.988387][T10146] (syz.0.2661,10146,1):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 174.005868][T10146] (syz.0.2661,10146,1):ocfs2_mknod_locked:639 ERROR: status = -30 [ 174.024818][T10146] (syz.0.2661,10146,1):ocfs2_symlink:1941 ERROR: status = -30 [ 174.040217][T10146] (syz.0.2661,10146,1):ocfs2_symlink:2065 ERROR: status = -30 [ 174.051048][T10168] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 174.156975][T10168] ntfs3: loop3: failed to convert "c46c" to iso8859-6 [ 174.199759][ T4183] ocfs2: Unmounting device (7,0) on (node local) [ 174.206365][T10184] Option ' ˴-]' to dns_resolver key: bad/missing value [ 174.226565][T10168] ntfs3: loop3: failed to convert "0030" to iso8859-6 [ 174.260308][T10168] ntfs3: loop3: failed to convert "0031" to iso8859-6 [ 174.288302][T10168] ntfs3: loop3: failed to convert "0032" to iso8859-6 [ 174.500273][T10198] ceph: No path or : separator in source [ 174.872132][T10226] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 174.912796][T10226] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 175.042723][T10244] xt_policy: input policy not valid in POSTROUTING and OUTPUT [ 175.254271][T10266] loop2: detected capacity change from 0 to 256 [ 175.268459][T10264] openvswitch: netlink: Missing key (keys=40, expected=80) [ 175.309003][T10266] exfat: Deprecated parameter 'utf8' [ 175.362420][T10272] loop0: detected capacity change from 0 to 24 [ 175.378506][T10266] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbc51571d, utbl_chksum : 0xe619d30d) [ 175.434226][T10272] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 175.452669][T10280] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2726'. [ 175.467103][T10280] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2726'. [ 175.474897][T10282] loop1: detected capacity change from 0 to 512 [ 175.484107][T10280] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2726'. [ 175.513558][T10272] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 175.572719][T10282] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1) [ 175.606115][T10282] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 175.627860][ T4226] Bluetooth: hci2: command 0x0406 tx timeout [ 175.634357][ T4226] Bluetooth: hci1: command 0x0406 tx timeout [ 175.650210][ T4226] Bluetooth: hci0: command 0x0406 tx timeout [ 175.666441][ T4226] Bluetooth: hci3: command 0x0406 tx timeout [ 175.771821][ T722] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1) [ 175.795551][T10299] xt_l2tp: missing protocol rule (udp|l2tpip) [ 175.810850][T10295] loop4: detected capacity change from 0 to 2048 [ 175.835477][T10301] xt_policy: output policy not valid in PREROUTING and INPUT [ 175.941155][T10295] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 175.983093][T10295] ext4 filesystem being mounted at /508/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 176.090136][T10295] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.2734: bg 0: block 345: padding at end of block bitmap is not set [ 176.139339][T10326] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2746'. [ 176.157906][T10328] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2748'. [ 176.168825][T10326] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2746'. [ 176.187645][T10295] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6178: Corrupt filesystem [ 176.211761][T10295] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2941: inode #15: comm syz.4.2734: corrupted xattr block 128 [ 176.263797][T10331] xt_policy: input policy not valid in POSTROUTING and OUTPUT [ 176.278934][T10295] EXT4-fs warning (device loop4): ext4_evict_inode:302: xattr delete (err -117) [ 176.601962][T10351] loop0: detected capacity change from 0 to 256 [ 176.610290][T10309] loop3: detected capacity change from 0 to 32768 [ 176.633789][T10351] exfat: Deprecated parameter 'utf8' [ 176.678039][T10351] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbc51571d, utbl_chksum : 0xe619d30d) [ 176.707143][T10354] openvswitch: netlink: Missing key (keys=40, expected=80) [ 176.730281][ T4173] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 176.777451][T10355] loop2: detected capacity change from 0 to 2048 [ 176.857614][T10355] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 176.970233][ T4173] usb 5-1: Using ep0 maxpacket: 32 [ 176.990912][T10355] UDF-fs: incorrect filename length (10) [ 177.090622][ T4173] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 177.090651][ T4173] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x2 has invalid wMaxPacketSize 0 [ 177.090671][ T4173] usb 5-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 177.090696][ T4173] usb 5-1: config 0 interface 0 has no altsetting 0 [ 177.090724][ T4173] usb 5-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 177.090746][ T4173] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 177.092327][ T4173] usb 5-1: config 0 descriptor?? [ 177.185136][T10367] loop3: detected capacity change from 0 to 2048 [ 177.329619][T10367] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 177.329711][T10367] ext4 filesystem being mounted at /559/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 177.398263][T10367] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.2765: bg 0: block 345: padding at end of block bitmap is not set [ 177.398887][T10367] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6178: Corrupt filesystem [ 177.412973][T10367] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2941: inode #15: comm syz.3.2765: corrupted xattr block 128 [ 177.413352][T10367] EXT4-fs warning (device loop3): ext4_evict_inode:302: xattr delete (err -117) [ 177.430238][ T4173] usbhid 5-1:0.0: can't add hid device: -71 [ 177.430319][ T4173] usbhid: probe of 5-1:0.0 failed with error -71 [ 177.436701][ T4173] usb 5-1: USB disconnect, device number 14 [ 177.512876][T10383] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 177.757827][T10396] No source specified [ 177.793006][ T150] block nbd2: Attempted send on invalid socket [ 177.801221][ T150] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 177.945959][T10407] sctp: [Deprecated]: syz.4.2786 (pid 10407) Use of struct sctp_assoc_value in delayed_ack socket option. [ 177.945959][T10407] Use struct sctp_sack_info instead [ 178.090710][T10419] binder: 10417:10419 ioctl c00c620f 0 returned -14 [ 178.312581][T10438] xt_l2tp: v2 sid > 0xffff: 262144 [ 178.350380][ T6880] usb 5-1: new full-speed USB device number 15 using dummy_hcd [ 178.512080][T10452] netlink: 'syz.3.2808': attribute type 5 has an invalid length. [ 178.587312][T10458] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2810'. [ 178.619749][T10458] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2810'. [ 178.710364][ T6880] usb 5-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 178.743403][T10468] xt_l2tp: v2 sid > 0xffff: 262144 [ 178.748264][ T6880] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.782153][T10471] netlink: 692 bytes leftover after parsing attributes in process `syz.1.2817'. [ 178.783760][ T6880] usb 5-1: config 0 descriptor?? [ 178.807575][T10472] dlm: no locking on control device [ 178.861890][ T6880] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 178.878184][ T150] block nbd1: Attempted send on invalid socket [ 178.886727][ T150] blk_update_request: I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 178.942011][T10480] loop3: detected capacity change from 0 to 64 [ 179.174658][T10496] netlink: 'syz.1.2830': attribute type 13 has an invalid length. [ 179.195778][T10498] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2831'. [ 179.245485][T10500] dlm: no locking on control device [ 179.300318][ T6880] gp8psk: usb in 137 operation failed. [ 179.306271][ T6880] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 179.340994][T10506] --map-set only usable from mangle table [ 179.352582][ T6880] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 179.409277][ T6880] usb 5-1: USB disconnect, device number 15 [ 179.671668][T10531] netlink: 'syz.0.2845': attribute type 24 has an invalid length. [ 179.757411][T10536] loop3: detected capacity change from 0 to 16 [ 179.840874][T10536] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 180.137957][T10572] --map-set only usable from mangle table [ 180.219296][T10578] netlink: 'syz.0.2871': attribute type 13 has an invalid length. [ 180.247214][T10581] loop2: detected capacity change from 0 to 16 [ 180.322951][T10581] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 180.359657][T10590] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 180.573662][T10614] __nla_validate_parse: 3 callbacks suppressed [ 180.573676][T10614] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2889'. [ 180.835254][ T4226] usb 5-1: new full-speed USB device number 16 using dummy_hcd [ 180.937451][T10644] loop2: detected capacity change from 0 to 128 [ 180.971116][T10644] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 181.008163][ T25] audit: type=1800 audit(1757621763.237:5): pid=10644 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2904" name="file2" dev="loop2" ino=1048620 res=0 errno=0 [ 181.079940][T10653] netlink: 'syz.3.2908': attribute type 24 has an invalid length. [ 181.117890][T10658] loop1: detected capacity change from 0 to 512 [ 181.227799][T10658] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz.1.2911: invalid block [ 181.253523][T10658] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.2911: invalid indirect mapped block 10 (level 1) [ 181.281223][T10658] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.2911: invalid indirect mapped block 8 (level 1) [ 181.287953][T10673] loop0: detected capacity change from 0 to 256 [ 181.301774][T10658] EXT4-fs (loop1): 1 truncate cleaned up [ 181.307433][T10658] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 181.352168][T10676] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2918'. [ 181.361325][T10673] exfat: Deprecated parameter 'utf8' [ 181.361344][T10673] exfat: Deprecated parameter 'utf8' [ 181.361425][T10673] exfat: Deprecated parameter 'utf8' [ 181.380321][T10658] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.2911: unexpected EA_INODE flag [ 181.426580][T10673] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 181.444071][ T4226] usb 5-1: New USB device found, idVendor=0b48, idProduct=3007, bcdDevice=4f.64 [ 181.458848][ T4226] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.468271][ T4226] usb 5-1: Product: syz [ 181.515267][ T4226] usb 5-1: Manufacturer: syz [ 181.519891][ T4226] usb 5-1: SerialNumber: syz [ 181.571730][ T4226] usb 5-1: config 0 descriptor?? [ 181.621908][ T4226] dvb-usb: found a 'Technotrend TT Connect S2-3600' in warm state. [ 181.629869][ T4226] pctv452e: pctv452e_power_ctrl: 1 [ 181.629869][ T4226] [ 181.664067][ T4226] usb 5-1: selecting invalid altsetting 3 [ 181.669815][ T4226] pctv452e: pctv452e_power_ctrl: Warning set interface returned: -22 [ 181.669815][ T4226] [ 181.765403][ T4226] dvb-usb: bulk message failed: -22 (5/0) [ 181.803133][ T4226] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 181.881757][ T4226] dvb-usb: Technotrend TT Connect S2-3600 error while loading driver (-19) [ 181.929606][ T4226] usb 5-1: USB disconnect, device number 16 [ 182.250312][T10716] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2939'. [ 182.585350][T10745] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2950'. [ 183.089501][T10789] device geneve3 entered promiscuous mode [ 183.092097][T10777] loop3: detected capacity change from 0 to 4096 [ 183.101792][T10792] loop4: detected capacity change from 0 to 256 [ 183.160810][T10792] exfat: Deprecated parameter 'utf8' [ 183.166955][T10792] exfat: Deprecated parameter 'utf8' [ 183.182431][T10792] exfat: Deprecated parameter 'utf8' [ 183.243768][T10792] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 183.565183][T10825] device geneve3 entered promiscuous mode [ 183.764029][T10831] loop2: detected capacity change from 0 to 4096 [ 184.297471][T10869] loop1: detected capacity change from 0 to 4096 [ 184.321325][T10881] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3019'. [ 184.425307][T10869] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 184.439959][T10885] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 184.486577][T10869] Remounting filesystem read-only [ 184.588773][T10855] loop0: detected capacity change from 0 to 32768 [ 184.654214][T10855] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop0 scanned by syz.0.3006 (10855) [ 184.751407][T10855] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 184.785183][T10901] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3028'. [ 184.809916][T10855] BTRFS info (device loop0): turning on flush-on-commit [ 184.849737][T10903] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3029'. [ 184.854405][T10855] BTRFS info (device loop0): use zlib compression, level 3 [ 184.910144][T10855] BTRFS info (device loop0): turning off barriers [ 184.940140][T10855] BTRFS info (device loop0): turning on sync discard [ 185.004769][T10855] BTRFS info (device loop0): using free space tree [ 185.043309][T10855] BTRFS info (device loop0): has skinny extents [ 185.109074][T10912] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3032'. [ 185.134206][T10916] xt_addrtype: both incoming and outgoing interface limitation cannot be selected [ 185.301024][T10891] loop3: detected capacity change from 0 to 32768 [ 185.368912][T10891] (syz.3.3023,10891,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 185.376276][T10932] loop1: detected capacity change from 0 to 64 [ 185.427852][T10891] (syz.3.3023,10891,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 185.523041][T10942] loop4: detected capacity change from 0 to 256 [ 185.556945][T10891] JBD2: Ignoring recovery information on journal [ 185.817953][T10891] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 186.022082][T10955] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3044'. [ 186.133487][ T4182] ocfs2: Unmounting device (7,3) on (node local) [ 186.186476][T10965] xt_CT: You must specify a L4 protocol and not use inversions on it [ 186.209293][T10966] ieee802154 phy0 wpan0: encryption failed: -22 [ 186.672168][T10995] netlink: 'syz.2.3064': attribute type 4 has an invalid length. [ 186.674475][T10997] ieee802154 phy0 wpan0: encryption failed: -22 [ 186.953471][T11017] netlink: 256 bytes leftover after parsing attributes in process `syz.4.3074'. [ 187.068080][T11027] netlink: 'syz.3.3078': attribute type 4 has an invalid length. [ 187.312280][T11035] loop0: detected capacity change from 0 to 4096 [ 187.487768][T11050] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 187.500564][T11035] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 187.519336][T11052] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3092'. [ 187.532280][T11035] Remounting filesystem read-only [ 187.550159][ T6603] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 187.665450][T11057] loop3: detected capacity change from 0 to 512 [ 187.682369][T11015] loop2: detected capacity change from 0 to 32768 [ 187.726504][T11015] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.3084 (11015) [ 187.794613][T11015] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 187.804334][T11015] BTRFS info (device loop2): setting nodatacow, compression disabled [ 187.806332][T11057] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 187.829651][T11015] BTRFS info (device loop2): turning on sync discard [ 187.839010][T11015] BTRFS info (device loop2): turning on flush-on-commit [ 187.864349][T11057] ext4 filesystem being mounted at /632/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 187.885828][T11015] BTRFS warning (device loop2): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 187.897831][T11015] BTRFS info (device loop2): trying to use backup root at mount time [ 187.915664][T11015] BTRFS info (device loop2): using free space tree [ 187.924296][T11015] BTRFS info (device loop2): has skinny extents [ 187.984235][ T6603] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 188.015792][ T6603] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.029339][T11057] Quota error (device loop3): do_check_range: Getting dqdh_next_free 2741 out of range 0-6 [ 188.049092][T11057] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 188.059994][T11057] EXT4-fs error (device loop3): ext4_acquire_dquot:6209: comm syz.3.3094: Failed to acquire dquot type 0 [ 188.076844][ T4266] BTRFS warning (device loop2): checksum verify failed on 5337088 wanted 0xe63dbdda found 0x32b4fbab level 0 [ 188.100441][ T6603] usb 5-1: config 0 descriptor?? [ 188.105243][T11091] loop0: detected capacity change from 0 to 64 [ 188.118645][T11015] BTRFS warning (device loop2): failed to read root (objectid=2): -5 [ 188.151901][ T6603] cp210x 5-1:0.0: cp210x converter detected [ 188.161590][T11091] attempt to access beyond end of device [ 188.161590][T11091] loop0: rw=0, want=130, limit=64 [ 188.182071][T11091] Trying to free block not in datazone [ 188.187556][T11091] Trying to free block not in datazone [ 188.193812][T11091] Trying to free block not in datazone [ 188.203270][T11091] Trying to free block not in datazone [ 188.209098][T11091] Trying to free block not in datazone [ 188.216147][T11091] Trying to free block not in datazone [ 188.236580][T11091] minix_free_block (loop0:6): bit already cleared [ 188.377200][ T6603] usb 5-1: cp210x converter now attached to ttyUSB0 [ 188.394235][ T4761] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by udevd (4761) [ 188.644584][ T4254] usb 5-1: USB disconnect, device number 17 [ 188.697339][ T4254] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 188.720454][ T4254] cp210x 5-1:0.0: device disconnected [ 189.414697][T11175] syz.3.3139 uses obsolete (PF_INET,SOCK_PACKET) [ 189.433790][T11177] loop1: detected capacity change from 0 to 256 [ 189.488103][T11182] loop4: detected capacity change from 0 to 512 [ 189.509780][T11177] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 189.539708][T11182] EXT4-fs (loop4): Ignoring removed bh option [ 189.559794][T11182] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 189.593575][T11182] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 189.625383][T11182] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 189.644610][T11188] device veth3 entered promiscuous mode [ 189.691275][T11182] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 189.798663][T11182] EXT4-fs (loop4): mounted filesystem without journal. Opts: discard,bh,noblock_validity,,errors=continue. Quota mode: none. [ 189.918377][T11204] netlink: 'syz.2.3155': attribute type 13 has an invalid length. [ 190.317022][T11232] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3169'. [ 190.379502][T11239] loop1: detected capacity change from 0 to 512 [ 190.459967][T11247] comedi comedi2: ni_at_a2150: I/O port conflict (0xb000,28) [ 190.480210][T11248] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3175'. [ 190.525583][T11239] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 190.587904][T11239] ext4 filesystem being mounted at /713/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 190.717850][T11239] Quota error (device loop1): do_check_range: Getting dqdh_next_free 2741 out of range 0-6 [ 190.772661][T11264] delete_channel: no stack [ 190.796003][T11239] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 190.826692][T11239] EXT4-fs error (device loop1): ext4_acquire_dquot:6209: comm syz.1.3173: Failed to acquire dquot type 0 [ 190.839111][T11252] loop3: detected capacity change from 0 to 32768 [ 190.927459][T11252] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop3 scanned by syz.3.3178 (11252) [ 191.021237][T11252] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 191.046151][T11252] BTRFS info (device loop3): turning on flush-on-commit [ 191.070591][T11285] netlink: 52 bytes leftover after parsing attributes in process `syz.1.3192'. [ 191.084440][T11252] BTRFS info (device loop3): use zlib compression, level 3 [ 191.109835][T11252] BTRFS info (device loop3): turning off barriers [ 191.144749][T11252] BTRFS info (device loop3): turning on sync discard [ 191.162880][T11252] BTRFS info (device loop3): using free space tree [ 191.189952][T11252] BTRFS info (device loop3): has skinny extents [ 191.390183][T11312] loop2: detected capacity change from 0 to 512 [ 191.448998][T11323] loop0: detected capacity change from 0 to 512 [ 191.486450][T11312] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 191.538289][T11323] EXT4-fs (loop0): Ignoring removed bh option [ 191.575667][T11312] ext4 filesystem being mounted at /655/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 191.596644][T11323] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 191.629110][T11323] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 191.686717][T11312] Quota error (device loop2): do_check_range: Getting dqdh_next_free 2741 out of range 0-6 [ 191.689492][T11323] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 191.709810][T11323] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 191.768130][T11312] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 191.786052][T11312] EXT4-fs error (device loop2): ext4_acquire_dquot:6209: comm syz.2.3203: Failed to acquire dquot type 0 [ 191.798746][T11323] EXT4-fs (loop0): mounted filesystem without journal. Opts: discard,bh,noblock_validity,,errors=continue. Quota mode: none. [ 191.916952][T11348] comedi comedi2: ni_at_a2150: I/O port conflict (0xb000,28) [ 191.946295][T11349] netlink: 'syz.1.3216': attribute type 13 has an invalid length. [ 192.154662][T11351] device veth5 entered promiscuous mode [ 192.415130][ T4254] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 192.682223][ T4254] usb 5-1: Using ep0 maxpacket: 8 [ 192.842245][ T4254] usb 5-1: unable to get BOS descriptor or descriptor too short [ 192.894815][T11355] loop3: detected capacity change from 0 to 32768 [ 192.944501][ T4254] usb 5-1: config 4 has an invalid interface number: 147 but max is 0 [ 192.958938][ T4254] usb 5-1: config 4 contains an unexpected descriptor of type 0x2, skipping [ 192.972845][T11405] loop1: detected capacity change from 0 to 1024 [ 192.978101][ T4254] usb 5-1: config 4 has no interface number 0 [ 193.001892][T11355] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 193.021009][T11355] BTRFS info (device loop3): setting nodatacow, compression disabled [ 193.074894][T11405] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 193.079774][T11355] BTRFS info (device loop3): turning on sync discard [ 193.113299][T11405] ext4 filesystem being mounted at /731/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 193.118511][T11416] loop0: detected capacity change from 0 to 256 [ 193.131089][T11355] BTRFS info (device loop3): turning on flush-on-commit [ 193.138427][T11355] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 193.149591][T11355] BTRFS info (device loop3): trying to use backup root at mount time [ 193.158093][ T4254] usb 5-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 193.167856][T11355] BTRFS info (device loop3): using free space tree [ 193.175895][ T4254] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 193.184270][T11355] BTRFS info (device loop3): has skinny extents [ 193.190761][ T4254] usb 5-1: Product: syz [ 193.195282][ T4254] usb 5-1: Manufacturer: syz [ 193.199875][ T4254] usb 5-1: SerialNumber: syz [ 193.258525][T11416] FAT-fs (loop0): Directory bread(block 64) failed [ 193.315452][T11416] FAT-fs (loop0): Directory bread(block 65) failed [ 193.338002][T11416] FAT-fs (loop0): Directory bread(block 66) failed [ 193.346549][T11416] FAT-fs (loop0): Directory bread(block 67) failed [ 193.353587][T11416] FAT-fs (loop0): Directory bread(block 68) failed [ 193.360524][T11416] FAT-fs (loop0): Directory bread(block 69) failed [ 193.367466][T11416] FAT-fs (loop0): Directory bread(block 70) failed [ 193.374893][T11416] FAT-fs (loop0): Directory bread(block 71) failed [ 193.387890][T11416] FAT-fs (loop0): Directory bread(block 72) failed [ 193.394905][T11416] FAT-fs (loop0): Directory bread(block 73) failed [ 193.404738][ T144] BTRFS warning (device loop3): checksum verify failed on 5337088 wanted 0xe63dbdda found 0x32b4fbab level 0 [ 193.475638][T11355] BTRFS warning (device loop3): failed to read root (objectid=2): -5 [ 193.600272][ T4254] usb 5-1: Found UVC 0.02 device syz (04f2:b746) [ 193.612282][ T4254] usb 5-1: No valid video chain found. [ 193.619737][ T4254] usb 5-1: USB disconnect, device number 18 [ 194.015817][ T1426] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.037861][ T1426] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.347558][T11490] comedi comedi0: comedi_config --init_data is deprecated [ 194.506129][T11500] loop2: detected capacity change from 0 to 164 [ 194.606055][T11500] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 194.642775][T11500] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 194.695596][T11500] Symlink component flag not implemented [ 194.710251][ T13] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 194.720091][T11500] Symlink component flag not implemented [ 194.726256][T11500] Symlink component flag not implemented (7) [ 194.741540][T11500] Symlink component flag not implemented (116) [ 194.879850][T11523] loop4: detected capacity change from 0 to 64 [ 194.957914][T11529] netlink: 'syz.1.3283': attribute type 8 has an invalid length. [ 195.053244][T11532] loop1: detected capacity change from 0 to 256 [ 195.120246][ T13] usb 1-1: unable to get BOS descriptor or descriptor too short [ 195.210492][ T13] usb 1-1: config 7 has an invalid interface number: 181 but max is 0 [ 195.237125][ T13] usb 1-1: config 7 has no interface number 0 [ 195.270638][ T13] usb 1-1: config 7 interface 181 altsetting 3 endpoint 0xA has invalid maxpacket 1023, setting to 64 [ 195.308546][ T13] usb 1-1: config 7 interface 181 altsetting 3 bulk endpoint 0x1 has invalid maxpacket 32 [ 195.339599][ T13] usb 1-1: config 7 interface 181 has no altsetting 0 [ 195.367408][T11543] loop3: detected capacity change from 0 to 128 [ 195.510429][ T13] usb 1-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=2a.3d [ 195.530171][ T13] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 195.538195][ T13] usb 1-1: Product: syz [ 195.569588][T11543] VFS: Found a Xenix FS (block size = 1024) on device loop3 [ 195.599033][T11543] sysv_free_block: flc_count > flc_size [ 195.606848][ T13] usb 1-1: Manufacturer: syz [ 195.624360][T11543] sysv_free_block: flc_count > flc_size [ 195.624758][ T13] usb 1-1: SerialNumber: syz [ 195.629928][T11543] sysv_free_block: flc_count > flc_size [ 195.657972][T11558] loop1: detected capacity change from 0 to 64 [ 195.670456][T11543] sysv_free_block: flc_count > flc_size [ 195.696849][T11543] sysv_free_block: flc_count > flc_size [ 195.705289][T11496] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 195.710084][T11543] sysv_free_block: flc_count > flc_size [ 195.788314][T11543] sysv_free_block: flc_count > flc_size [ 195.803379][T11543] sysv_free_block: flc_count > flc_size [ 195.828442][T11543] sysv_free_block: flc_count > flc_size [ 195.838560][T11543] sysv_free_block: flc_count > flc_size [ 195.844846][T11563] loop4: detected capacity change from 0 to 512 [ 195.858070][T11543] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 195.934312][T11549] loop2: detected capacity change from 0 to 32768 [ 195.944312][T11563] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.3301: error while reading EA inode 32 err=-116 [ 195.962841][T11549] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.3294 (11549) [ 196.000680][ T13] port100 1-1:7.181: NFC: Could not find bulk-in or bulk-out endpoint [ 196.025992][ T13] usb 1-1: USB disconnect, device number 10 [ 196.084619][T11563] EXT4-fs (loop4): 1 orphan inode deleted [ 196.092230][T11563] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 196.127077][T11549] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 196.137171][T11549] BTRFS info (device loop2): using free space tree [ 196.170202][T11549] BTRFS info (device loop2): has skinny extents [ 196.450652][T11549] BTRFS info (device loop2): enabling ssd optimizations [ 196.759750][T11623] overlayfs: missing 'lowerdir' [ 196.824770][ T8317] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop2 scanned by udevd (8317) [ 197.066462][T11641] netlink: 'syz.0.3327': attribute type 15 has an invalid length. [ 197.116992][T11641] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3327'. [ 197.276179][T11653] xt_CT: You must specify a L4 protocol and not use inversions on it [ 197.428262][T11661] device erspan1 entered promiscuous mode [ 197.465498][T11591] loop4: detected capacity change from 0 to 40427 [ 197.559729][T11591] F2FS-fs (loop4): Invalid log blocks per segment (83886089) [ 197.586806][T11591] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 197.626416][T11591] F2FS-fs (loop4): invalid crc value [ 197.684672][T11591] F2FS-fs (loop4): Found nat_bits in checkpoint [ 197.881562][T11591] F2FS-fs (loop4): Start checkpoint disabled! [ 197.955272][T11591] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 197.970324][T11591] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 198.080333][ T6766] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 198.129327][T11706] netlink: 'syz.1.3356': attribute type 1 has an invalid length. [ 198.450330][ T6766] usb 1-1: config 0 has an invalid interface number: 156 but max is 1 [ 198.458529][ T6766] usb 1-1: config 0 has no interface number 1 [ 198.494673][ T6766] usb 1-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 198.519993][ T6766] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.545928][ T6766] usb 1-1: config 0 descriptor?? [ 198.596669][ T6766] usb 1-1: MIDIStreaming interface descriptor not found [ 198.622216][T11736] overlayfs: empty lowerdir [ 198.651591][T11738] loop2: detected capacity change from 0 to 512 [ 198.668771][ T6766] gspca_main: spca561-2.14.0 probing abcd:cdee [ 198.746859][T11747] netlink: 'syz.1.3373': attribute type 1 has an invalid length. [ 198.770503][T11738] EXT4-fs (loop2): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000002000,inode_readahead_blks=0x0000000000000800,minixdf,quota,,errors=continue. Quota mode: writeback. [ 198.772658][T11747] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.3373'. [ 198.815710][T11738] ext4 filesystem being mounted at /688/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 198.870482][ T6766] spca561: probe of 1-1:0.0 failed with error -22 [ 198.903232][ T6766] usb 1-1: USB disconnect, device number 11 [ 198.986164][ T6764] usb 4-1: new full-speed USB device number 12 using dummy_hcd [ 198.996908][T11757] loop1: detected capacity change from 0 to 256 [ 199.034546][T11759] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3378'. [ 199.246457][ T4176] udevd[4176]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.156/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 199.327609][T11767] loop2: detected capacity change from 0 to 4096 [ 199.390153][T11767] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 199.420281][ T6764] usb 4-1: unable to get BOS descriptor or descriptor too short [ 199.502187][ T6764] usb 4-1: not running at top speed; connect to a high speed hub [ 199.603368][ T6764] usb 4-1: config 1 interface 0 altsetting 8 endpoint 0x1 has invalid maxpacket 1023, setting to 64 [ 199.641819][ T6764] usb 4-1: config 1 interface 0 has no altsetting 0 [ 199.700310][ T6764] usb 4-1: language id specifier not provided by device, defaulting to English [ 199.738409][T11789] loop4: detected capacity change from 0 to 4096 [ 199.820305][ T6764] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 199.839629][ T6764] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 199.879742][ T6764] usb 4-1: Product: syz [ 199.892484][T11804] loop0: detected capacity change from 0 to 1024 [ 199.900297][ T6764] usb 4-1: Manufacturer: 晹ⱴ䙜穈쉆ᓧ⇯䫼¬횒錅᦬蜼ꍯඨㇻ곌鵄ʀ嵩⋵걆ꪱ솃腢񈱋 [ 199.920732][ T6764] usb 4-1: SerialNumber: syz [ 199.952991][T11789] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 199.960447][T11741] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 200.019962][T11804] EXT4-fs (loop0): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,max_batch_time=0x0000000000008000,,errors=continue. Quota mode: none. [ 200.034896][T11789] ntfs3: loop4: ino=5, "/" directory corrupted [ 200.085163][T11804] ext4 filesystem being mounted at /642/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 200.085259][ T4196] ntfs3: loop4: ntfs_sync_fs r=9 failed, -22. [ 200.137378][ T4196] ntfs3: loop4: ntfs_evict_inode r=9 failed, -22. [ 200.275440][ T6595] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 200.308599][ T6764] usb 4-1: USB disconnect, device number 12 [ 200.383788][T11829] IPv6: sit3: Disabled Multicast RS [ 200.510184][ T4261] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 200.550184][ T6595] usb 3-1: Using ep0 maxpacket: 8 [ 200.590173][ T6766] usb 2-1: new full-speed USB device number 11 using dummy_hcd [ 200.670318][ T6595] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 200.680218][ T21] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 200.687861][ T6595] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0 [ 200.698098][ T6595] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 200.770299][ T4261] usb 1-1: Using ep0 maxpacket: 32 [ 200.779437][T11833] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3414'. [ 200.880483][ T6595] usb 3-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d [ 200.889541][ T6595] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 200.900556][ T6595] usb 3-1: Product: syz [ 200.904741][ T6595] usb 3-1: Manufacturer: syz [ 200.909403][ T6595] usb 3-1: SerialNumber: syz [ 200.914502][ T4261] usb 1-1: config 0 has an invalid interface number: 186 but max is 0 [ 200.929209][ T4261] usb 1-1: config 0 has no interface number 0 [ 200.950418][ T6766] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 200.960237][ T21] usb 5-1: Using ep0 maxpacket: 8 [ 200.971664][ T6595] ti_usb_3410_5052 3-1:1.0: TI USB 3410 1 port adapter converter detected [ 201.125341][ T4261] usb 1-1: New USB device found, idVendor=0856, idProduct=ac29, bcdDevice=a8.3c [ 201.132357][ T6766] usb 2-1: New USB device found, idVendor=1ac7, idProduct=0001, bcdDevice=cc.19 [ 201.135894][ T4261] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.154085][ T6766] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.157065][ T21] usb 5-1: unable to get BOS descriptor or descriptor too short [ 201.176912][ T6766] usb 2-1: Product: syz [ 201.182159][ T6766] usb 2-1: Manufacturer: syz [ 201.187366][ T6766] usb 2-1: SerialNumber: syz [ 201.192027][ T4261] usb 1-1: Product: syz [ 201.192046][ T4261] usb 1-1: Manufacturer: syz [ 201.192060][ T4261] usb 1-1: SerialNumber: syz [ 201.193651][ T4261] usb 1-1: config 0 descriptor?? [ 201.214020][ T6766] usb 2-1: config 0 descriptor?? [ 201.222171][ T4293] usb 3-1: USB disconnect, device number 11 [ 201.270519][ T6766] usbtouchscreen: probe of 2-1:0.0 failed with error -32 [ 201.461361][ T4261] mos7840 1-1:0.186: required endpoints missing [ 201.470136][ T6765] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 201.473960][ T4261] usb 2-1: USB disconnect, device number 11 [ 201.550285][ T21] usb 5-1: string descriptor 0 read error: -22 [ 201.556859][ T21] usb 5-1: New USB device found, idVendor=0789, idProduct=0160, bcdDevice=82.fe [ 201.565946][ T21] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.677358][ T6766] usb 1-1: USB disconnect, device number 12 [ 201.730132][ T6765] usb 4-1: Using ep0 maxpacket: 16 [ 201.781860][T11860] netlink: 'syz.2.3426': attribute type 1 has an invalid length. [ 201.789696][T11860] netlink: 'syz.2.3426': attribute type 9 has an invalid length. [ 201.850232][ T6765] usb 4-1: config 0 has no interfaces? [ 201.963424][T11870] ODEBUG: Out of memory. ODEBUG disabled [ 202.010294][ T6765] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 202.041968][ T6765] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 202.057432][ T6765] usb 4-1: Product: syz [ 202.063342][ T6765] usb 4-1: Manufacturer: syz [ 202.068049][ T6765] usb 4-1: SerialNumber: syz [ 202.070418][ T21] asix 5-1:7.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 202.075099][ T6765] r8152-cfgselector 4-1: config 0 descriptor?? [ 202.095779][ T21] asix 5-1:7.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 202.097907][T11872] bond0: option xmit_hash_policy: invalid value (8) [ 202.122195][ T21] asix: probe of 5-1:7.0 failed with error -71 [ 202.161588][ T21] usb 5-1: USB disconnect, device number 19 [ 202.284549][T11880] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3436'. [ 202.307472][T11880] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check. [ 202.341169][ T6765] usbip-host 4-1: 4-1 is not in match_busid table... skip! [ 202.360893][ T4266] usb 4-1: config 0 descriptor?? [ 202.362197][T11876] loop1: detected capacity change from 0 to 4096 [ 202.546833][T11870] syz.2.3431 (11870): drop_caches: 2 [ 202.547245][T11876] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 202.604895][ T6765] usb 4-1: USB disconnect, device number 13 [ 202.624536][ T4266] usb 4-1: can't set config #0, error -71 [ 202.627859][T11876] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 202.961680][T11882] loop0: detected capacity change from 0 to 32768 [ 202.983721][T11898] loop2: detected capacity change from 0 to 1024 [ 202.999082][T11900] deleting an unspecified loop device is not supported. [ 203.024499][T11898] EXT4-fs (loop2): #clusters per group too big: 24576 [ 203.036107][T11902] xt_CT: You must specify a L4 protocol and not use inversions on it [ 203.089782][T11906] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 203.500187][T11919] loop1: detected capacity change from 0 to 4096 [ 203.594244][T11919] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 203.895753][T11962] loop2: detected capacity change from 0 to 4096 [ 203.981432][T11962] ntfs3: Invalid value for gid. [ 204.110623][T11991] device bridge4 entered promiscuous mode [ 204.262361][T12005] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3497'. [ 204.474901][T12022] loop1: detected capacity change from 0 to 512 [ 204.699042][T12022] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 204.739226][T12039] loop0: detected capacity change from 0 to 16 [ 204.755102][T12022] ext4 filesystem being mounted at /800/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 204.765531][T12039] erofs: (device loop0): mounted with root inode @ nid 36. [ 204.794125][T12041] loop3: detected capacity change from 0 to 256 [ 204.914931][T12041] FAT-fs (loop3): Directory bread(block 64) failed [ 204.959915][T12041] FAT-fs (loop3): Directory bread(block 65) failed [ 204.979361][T12041] FAT-fs (loop3): Directory bread(block 66) failed [ 205.006644][T12041] FAT-fs (loop3): Directory bread(block 67) failed [ 205.030138][ T21] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 205.050220][T12041] FAT-fs (loop3): Directory bread(block 68) failed [ 205.076757][T12041] FAT-fs (loop3): Directory bread(block 69) failed [ 205.094152][T12041] FAT-fs (loop3): Directory bread(block 70) failed [ 205.107303][T12043] loop1: detected capacity change from 0 to 4096 [ 205.120114][T12041] FAT-fs (loop3): Directory bread(block 71) failed [ 205.126718][T12041] FAT-fs (loop3): Directory bread(block 72) failed [ 205.174138][T12041] FAT-fs (loop3): Directory bread(block 73) failed [ 205.189551][T12043] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 205.215934][T12043] ntfs3: loop1: Failed to load $Extend. [ 205.300232][ T21] usb 5-1: Using ep0 maxpacket: 16 [ 205.449460][T12068] SET target dimension over the limit! [ 205.449639][T12067] loop2: detected capacity change from 0 to 1024 [ 205.488271][T12070] netdevsim netdevsim1: Firmware load for './cgroup/../file0' refused, path contains '..' component [ 205.621778][ T21] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 205.638854][ T21] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.663480][T12081] loop2: detected capacity change from 0 to 64 [ 205.665234][T12080] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 205.685259][ T21] usb 5-1: Product: syz [ 205.698485][ T6765] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 205.700037][ T21] usb 5-1: Manufacturer: syz [ 205.711365][ T21] usb 5-1: SerialNumber: syz [ 205.721797][ T21] r8152-cfgselector 5-1: config 0 descriptor?? [ 205.952217][ T6765] usb 4-1: Using ep0 maxpacket: 32 [ 206.070400][ T6765] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 206.093781][ T6765] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 206.190285][ T21] r8152-cfgselector 5-1: Unknown version 0x0000 [ 206.206966][ T21] r8152-cfgselector 5-1: bad CDC descriptors [ 206.255872][ T21] r8152-cfgselector 5-1: Unknown version 0x0000 [ 206.275300][ T6765] usb 4-1: New USB device found, idVendor=413c, idProduct=819b, bcdDevice=a7.c0 [ 206.290276][ T21] r8152-cfgselector 5-1: USB disconnect, device number 20 [ 206.299600][ T6765] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 206.325844][ T6765] usb 4-1: Product: syz [ 206.357016][ T6765] usb 4-1: Manufacturer: syz [ 206.362085][ T6765] usb 4-1: SerialNumber: syz [ 206.373841][T12113] loop1: detected capacity change from 0 to 8192 [ 206.378694][ T6765] usb 4-1: config 0 descriptor?? [ 206.421252][ T6765] qmi_wwan 4-1:0.0: bogus CDC Union: master=101, slave=0 [ 206.442143][ T6765] qmi_wwan: probe of 4-1:0.0 failed with error -22 [ 206.444455][T12113] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 206.476231][T12113] REISERFS (device loop1): using ordered data mode [ 206.483255][T12113] reiserfs: using flush barriers [ 206.508674][T12113] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 206.555665][T12128] loop0: detected capacity change from 0 to 4096 [ 206.573887][T12113] REISERFS (device loop1): checking transaction log (loop1) [ 206.598422][T12128] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 206.635442][ T6765] usb 4-1: USB disconnect, device number 14 [ 206.637652][T12113] REISERFS (device loop1): Using r5 hash to sort names [ 206.666746][T12113] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 206.676460][T12128] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 206.682203][T12113] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 206.698909][T12125] loop2: detected capacity change from 0 to 32768 [ 206.761443][T12125] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 206.796890][T12125] BTRFS info (device loop2): using free space tree [ 206.804774][T12125] BTRFS info (device loop2): has skinny extents [ 207.116855][T12125] BTRFS info (device loop2): enabling ssd optimizations [ 207.133672][T12163] loop0: detected capacity change from 0 to 16 [ 207.233641][T12163] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 207.244243][ T8317] udevd[8317]: incorrect cramfs checksum on /dev/loop0 [ 207.573602][T12169] loop1: detected capacity change from 0 to 4096 [ 207.592890][T12178] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3571'. [ 207.676307][T12169] ntfs: volume version 3.1. [ 207.701689][T12186] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3574'. [ 208.200332][T12210] loop1: detected capacity change from 0 to 164 [ 208.232581][T12212] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3586'. [ 208.582291][T12174] loop3: detected capacity change from 0 to 40427 [ 208.934519][T12242] netlink: 'syz.2.3602': attribute type 1 has an invalid length. [ 209.091835][T12249] loop2: detected capacity change from 0 to 128 [ 209.109755][T12214] loop4: detected capacity change from 0 to 40427 [ 209.137243][T12250] sp0: Synchronizing with TNC [ 209.205228][T12214] F2FS-fs (loop4): invalid crc value [ 209.206369][T12249] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 209.226170][T12214] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 209.245420][T12174] F2FS-fs (loop3): invalid crc value [ 209.265189][T12249] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 209.282553][T12174] F2FS-fs (loop3): Found nat_bits in checkpoint [ 209.311625][T12214] F2FS-fs (loop4): Found nat_bits in checkpoint [ 209.402627][T12174] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 209.429812][T12214] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 209.453813][T12214] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 209.484792][T12214] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 209.686507][T12267] UBIFS error (pid: 12267): cannot open "", error -22 [ 209.722808][T12226] syz.0.3592 (12226): drop_caches: 2 [ 209.884065][T12279] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 0 [ 209.970215][ T4254] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 210.070441][T12288] nftables ruleset with unbound set [ 210.170277][ T4173] Bluetooth: hci4: command 0x0405 tx timeout [ 210.230154][ T4254] usb 2-1: Using ep0 maxpacket: 8 [ 210.390391][ T4254] usb 2-1: unable to get BOS descriptor or descriptor too short [ 210.457262][T12319] netlink: 'syz.0.3632': attribute type 10 has an invalid length. [ 210.480222][ T4254] usb 2-1: config 4 has an invalid interface number: 147 but max is 0 [ 210.491646][ T4254] usb 2-1: config 4 contains an unexpected descriptor of type 0x2, skipping [ 210.503761][ T4254] usb 2-1: config 4 has no interface number 0 [ 210.662542][T12329] netlink: 'syz.3.3638': attribute type 1 has an invalid length. [ 210.670469][ T4254] usb 2-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 210.679508][ T4254] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 210.693044][ T4254] usb 2-1: Product: syz [ 210.697225][ T4254] usb 2-1: Manufacturer: syz [ 210.720325][ T4254] usb 2-1: SerialNumber: syz [ 210.756270][T12334] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3640'. [ 210.778035][T12336] netlink: 'syz.3.3642': attribute type 75 has an invalid length. [ 211.013156][T12358] netlink: 'syz.2.3653': attribute type 3 has an invalid length. [ 211.130281][ T4254] usb 2-1: Found UVC 0.02 device syz (04f2:b746) [ 211.136707][ T4254] usb 2-1: No valid video chain found. [ 211.170739][ T4254] usb 2-1: USB disconnect, device number 12 [ 211.278109][T12381] IPv6: sit2: Disabled Multicast RS [ 211.399007][T12395] program syz.4.3670 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 211.490182][ T4173] usb 3-1: new full-speed USB device number 12 using dummy_hcd [ 211.786948][T12422] loop0: detected capacity change from 0 to 256 [ 211.802517][T12424] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3685'. [ 211.840894][T12424] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3685'. [ 211.847513][T12422] FAT-fs (loop0): Directory bread(block 64) failed [ 211.860327][ T4173] usb 3-1: config 0 has an invalid interface number: 52 but max is 0 [ 211.868450][ T4173] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 211.900513][ T4173] usb 3-1: config 0 has no interface number 0 [ 211.901101][T12422] FAT-fs (loop0): Directory bread(block 65) failed [ 211.914375][ T4173] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 10 [ 211.943139][T12422] FAT-fs (loop0): Directory bread(block 66) failed [ 211.958155][T12422] FAT-fs (loop0): Directory bread(block 67) failed [ 211.960836][ T4173] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0 [ 211.992257][ T4173] usb 3-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 211.997129][T12422] FAT-fs (loop0): Directory bread(block 68) failed [ 212.005359][ T4173] usb 3-1: config 0 interface 52 has no altsetting 0 [ 212.036261][T12422] FAT-fs (loop0): Directory bread(block 69) failed [ 212.043210][T12422] FAT-fs (loop0): Directory bread(block 70) failed [ 212.049742][T12422] FAT-fs (loop0): Directory bread(block 71) failed [ 212.063095][T12422] FAT-fs (loop0): Directory bread(block 72) failed [ 212.069978][T12422] FAT-fs (loop0): Directory bread(block 73) failed [ 212.160330][ T4173] usb 3-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 212.179624][ T4173] usb 3-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35 [ 212.225002][ T4173] usb 3-1: Product: syz [ 212.229202][ T4173] usb 3-1: Manufacturer: syz [ 212.253617][ T4173] usb 3-1: SerialNumber: syz [ 212.275447][ T4173] usb 3-1: config 0 descriptor?? [ 212.492958][T12458] loop3: detected capacity change from 0 to 128 [ 212.524859][T12462] loop0: detected capacity change from 0 to 512 [ 212.551198][ T4173] synaptics_usb 3-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 212.566345][ T4173] synaptics_usb: probe of 3-1:0.52 failed with error -5 [ 212.599111][T12458] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,usrquota,,errors=continue. Quota mode: writeback. [ 212.606589][T12467] loop4: detected capacity change from 0 to 128 [ 212.656787][T12462] EXT4-fs (loop0): orphan cleanup on readonly fs [ 212.696582][T12467] sysv_free_block: flc_count > flc_size [ 212.698559][T12462] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.3704: bg 0: block 248: padding at end of block bitmap is not set [ 212.702681][T12467] sysv_free_block: flc_count > flc_size [ 212.746588][T12467] sysv_free_block: flc_count > flc_size [ 212.756702][T12467] sysv_free_block: flc_count > flc_size [ 212.768368][T12462] Quota error (device loop0): write_blk: dquota write failed [ 212.773609][ T6773] usb 3-1: USB disconnect, device number 12 [ 212.775912][T12462] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 212.792511][T12462] EXT4-fs error (device loop0): ext4_acquire_dquot:6209: comm syz.0.3704: Failed to acquire dquot type 1 [ 212.804435][T12467] sysv_free_block: flc_count > flc_size [ 212.810040][T12467] sysv_free_block: flc_count > flc_size [ 212.815904][T12467] sysv_free_block: flc_count > flc_size [ 212.822322][T12467] sysv_free_block: flc_count > flc_size [ 212.828193][T12462] EXT4-fs (loop0): 1 truncate cleaned up [ 212.830119][T12467] sysv_free_block: flc_count > flc_size [ 212.885877][T12462] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 212.889791][T12467] sysv_free_block: flc_count > flc_size [ 212.945984][T12467] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 212.973624][T12444] loop1: detected capacity change from 0 to 32768 [ 213.081494][T12444] ERROR: (device loop1): dbAlloc: the hint is outside the map [ 213.081494][T12444] [ 213.173403][T12444] ERROR: (device loop1): remounting filesystem as read-only [ 213.237918][T12483] xt_TCPMSS: Only works on TCP SYN packets [ 213.375631][T12493] loop0: detected capacity change from 0 to 16 [ 213.383348][T12489] loop2: detected capacity change from 0 to 512 [ 213.445483][T12489] EXT4-fs (loop2): Ignoring removed orlov option [ 213.461089][T12493] erofs: (device loop0): mounted with root inode @ nid 36. [ 213.537024][T12489] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.3719: bg 0: block 304: padding at end of block bitmap is not set [ 213.659513][T12489] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6178: Corrupt filesystem [ 213.689117][T12489] EXT4-fs (loop2): 1 orphan inode deleted [ 213.705355][T12489] EXT4-fs (loop2): mounted filesystem without journal. Opts: nolazytime,orlov,norecovery,norecovery,nojournal_checksum,quota,,errors=continue. Quota mode: writeback. [ 213.760246][T12489] ext4 filesystem being mounted at /756/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 213.863619][T12489] Quota error (device loop2): write_blk: dquota write failed [ 213.903616][T12489] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota [ 213.922597][T12520] loop0: detected capacity change from 0 to 4096 [ 213.940298][T12489] EXT4-fs error (device loop2): ext4_acquire_dquot:6209: comm syz.2.3719: Failed to acquire dquot type 1 [ 214.039738][T12520] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 214.077778][T12520] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 214.108680][T12520] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 214.138529][T12520] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 214.186643][T12520] ntfs3: loop0: try to read out of volume at offset 0x3fffffc1c00 [ 214.228772][T12520] ntfs3: loop0: try to read out of volume at offset 0x3fffffc2c00 [ 214.297819][T12520] ntfs3: loop0: try to read out of volume at offset 0x3fffffc4c00 [ 214.333184][T12520] ntfs3: loop0: try to read out of volume at offset 0x3fffffc8c00 [ 214.371126][T12520] ntfs3: loop0: try to read out of volume at offset 0x3fffffd0c00 [ 214.397802][T12520] ntfs3: loop0: try to read out of volume at offset 0x3fffffe0c00 [ 214.681061][T12563] loop4: detected capacity change from 0 to 4096 [ 214.751002][T12563] ntfs: (device loop4): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 214.790313][T12563] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 214.856925][T12563] ntfs: (device loop4): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 214.897844][T12563] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 214.956580][T12563] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 215.009928][T12563] ntfs: volume version 3.1. [ 215.028131][T12563] ntfs: (device loop4): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 215.166332][T12541] loop2: detected capacity change from 0 to 32768 [ 215.205707][T12597] netlink: 'syz.1.3768': attribute type 5 has an invalid length. [ 215.215390][T12593] loop3: detected capacity change from 0 to 2048 [ 215.377759][T12606] program syz.4.3771 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 215.406941][T12593] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,data_err=ignore,max_batch_time=0x0000000000000009,sysvgroups,,errors=continue. Quota mode: none. [ 215.430222][T12593] ext4 filesystem being mounted at /759/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 215.486192][T12541] XFS (loop2): Mounting V5 Filesystem [ 215.556586][T12623] loop4: detected capacity change from 0 to 256 [ 215.609551][T12623] exfat: Deprecated parameter 'namecase' [ 215.633058][T12619] loop1: detected capacity change from 0 to 4096 [ 215.661432][T12541] XFS (loop2): Ending clean mount [ 215.667287][T12623] exfat: Deprecated parameter 'namecase' [ 215.721550][T12541] XFS (loop2): Quotacheck needed: Please wait. [ 215.744359][T12619] ntfs: volume version 3.1. [ 215.746625][T12623] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d) [ 215.815309][T12541] XFS (loop2): Quotacheck: Done. [ 215.860236][T12623] exFAT-fs (loop4): invalid start cluster (4278190088) [ 215.919915][ T4192] XFS (loop2): Unmounting Filesystem [ 215.999670][T12637] comedi comedi4: bad chanlist[0]=0x00000090 chan=144 range length=2 [ 216.134106][T12646] netlink: 'syz.3.3788': attribute type 2 has an invalid length. [ 216.252413][T12648] loop1: detected capacity change from 0 to 4096 [ 216.431079][T12648] ntfs3: loop1: ino=5, "/" directory corrupted [ 216.481021][T12648] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 217.065161][T12710] netlink: 'syz.1.3817': attribute type 8 has an invalid length. [ 217.352434][T12733] netlink: 160 bytes leftover after parsing attributes in process `syz.0.3828'. [ 217.366758][T12731] loop3: detected capacity change from 0 to 2048 [ 217.440475][T12723] loop2: detected capacity change from 0 to 4096 [ 217.477176][T12731] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 217.495642][T12723] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 217.645669][T12723] ntfs3: loop2: failed to convert "c46c" to iso8859-7 [ 217.658346][T12689] loop4: detected capacity change from 0 to 32768 [ 217.829296][T12689] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 217.866318][T12757] TCP: TCP_TX_DELAY enabled [ 217.917428][T12689] (syz.4.3806,12689,1):ocfs2_find_entry:1086 ERROR: status = -117 [ 217.972007][T12760] netlink: 152 bytes leftover after parsing attributes in process `syz.2.3840'. [ 217.981306][T12689] (syz.4.3806,12689,0):ocfs2_find_entry:1086 ERROR: status = -117 [ 218.004597][T12758] loop3: detected capacity change from 0 to 4096 [ 218.013875][T12689] (syz.4.3806,12689,0):ocfs2_mknod:502 ERROR: status = -117 [ 218.038228][T12764] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3842'. [ 218.038328][T12689] (syz.4.3806,12689,0):ocfs2_create:676 ERROR: status = -117 [ 218.069322][T12758] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 218.144441][T12767] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 218.200384][T12758] ntfs3: loop3: failed to convert "c46c" to cp850 [ 218.274674][ T4196] (syz-executor,4196,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 76 [ 218.315127][T12775] netlink: 'syz.0.3847': attribute type 9 has an invalid length. [ 218.341988][ T4196] ocfs2: Unmounting device (7,4) on (node local) [ 218.843480][T12810] loop0: detected capacity change from 0 to 256 [ 219.106153][T12790] loop3: detected capacity change from 0 to 32768 [ 219.107852][T12823] loop2: detected capacity change from 0 to 2048 [ 219.176257][T12823] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 219.191106][T12834] loop1: detected capacity change from 0 to 512 [ 219.232937][T12838] kernel read not supported for file / lhOb~h3JyxvL=QRnFGrqςû~QV7"qHd0 (pid: 12838 comm: syz.4.3887) [ 219.256939][ T25] kauditd_printk_skb: 16 callbacks suppressed [ 219.256952][ T25] audit: type=1800 audit(1757621801.487:6): pid=12838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3887" name=BD16206C684F62EDF17EE501D168FEB51D9093339E8F064AC7C879FB78D0EEC3FC76F74CAA3D51E452FA6EC1B746477282A5F28F71F0CF82C3BB7E517F567F37B6B7227148E11197C964309DFA86F888B90E0E dev="mqueue" ino=58839 res=0 errno=0 [ 219.334762][T12845] xt_NFQUEUE: number of queues (65532) out of range (got 66665) [ 219.376461][T12834] EXT4-fs (loop1): Mount option "nouser_xattr" will be removed by 3.5 [ 219.376461][T12834] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 219.376461][T12834] [ 219.461997][T12853] loop4: detected capacity change from 0 to 256 [ 219.483486][T12850] delete_channel: no stack [ 219.500159][ T6773] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 219.506520][T12834] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.3877: inode #262144: comm syz.1.3877: iget: illegal inode # [ 219.525484][T12834] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.3877: error while reading EA inode 262144 err=-117 [ 219.550638][T12853] exfat: Deprecated parameter 'utf8' [ 219.551358][T12834] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2825: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 219.556000][T12853] exfat: Deprecated parameter 'namecase' [ 219.575735][T12853] exfat: Deprecated parameter 'utf8' [ 219.576663][T12834] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.3877: inode #262144: comm syz.1.3877: iget: illegal inode # [ 219.606026][T12834] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.3877: error while reading EA inode 262144 err=-117 [ 219.606318][T12834] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.3877: inode #1: comm syz.1.3877: iget: illegal inode # [ 219.610682][T12853] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 219.617276][T12834] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.3877: error while reading EA inode 1 err=-117 [ 219.617899][T12834] EXT4-fs (loop1): 1 orphan inode deleted [ 219.617920][T12834] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpjquota=,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,journal_ioprio=0x0000000000000001,lazytime,nouser_xattr,init_itable=0x0000000000001000,,errors=continue. Quota mode: none. [ 219.755104][T12862] loop3: detected capacity change from 0 to 512 [ 219.802809][T12862] EXT4-fs (loop3): Ignoring removed orlov option [ 219.880154][ T6773] usb 3-1: config 0 has an invalid descriptor of length 110, skipping remainder of the config [ 219.880193][ T6773] usb 3-1: New USB device found, idVendor=050d, idProduct=011b, bcdDevice=6f.a4 [ 219.880214][ T6773] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.886389][ T6773] usb 3-1: config 0 descriptor?? [ 219.939188][ C0] vkms_vblank_simulate: vblank timer overrun [ 219.981687][T12862] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.3890: bg 0: block 304: padding at end of block bitmap is not set [ 220.005991][T12862] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6178: Corrupt filesystem [ 220.041732][T12862] EXT4-fs (loop3): 1 orphan inode deleted [ 220.048451][T12862] EXT4-fs (loop3): mounted filesystem without journal. Opts: nolazytime,orlov,norecovery,norecovery,nojournal_checksum,quota,,errors=continue. Quota mode: writeback. [ 220.067453][T12862] ext4 filesystem being mounted at /783/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 220.255692][ T6773] usb 3-1: bad CDC descriptors [ 220.284619][ T6773] usb 3-1: bad CDC descriptors [ 220.423907][T12879] syz.4.3897 (12879): drop_caches: 2 [ 220.427055][ T6773] usb 3-1: USB disconnect, device number 13 [ 220.579618][T12898] loop3: detected capacity change from 0 to 2048 [ 220.601077][T12900] QAT: Stopping all acceleration devices. [ 220.608574][T12901] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3906'. [ 220.624724][T12901] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3906'. [ 220.631601][T12905] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3909'. [ 220.654999][T12898] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 220.695181][T12901] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3906'. [ 220.706726][T12898] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 220.740130][T12898] UDF-fs: error (device loop3): udf_verify_fi: directory (ino 1376) has entry at pos 0 with unaligned lenght of impUse field [ 221.108364][T12933] loop2: detected capacity change from 0 to 512 [ 221.145351][T12936] ubi0: attaching mtd0 [ 221.185371][T12933] EXT4-fs (loop2): Unrecognized mount option "fsname=noauto_da_alloc" or missing value [ 221.212855][T12936] ubi0: scanning is finished [ 221.248690][T12936] ubi0: empty MTD device detected [ 221.263324][T12941] loop4: detected capacity change from 0 to 512 [ 221.358911][T12941] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,bsddf,. Quota mode: writeback. [ 221.380317][T12941] ext4 filesystem being mounted at /704/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 221.418464][T12948] netlink: 'syz.3.3929': attribute type 4 has an invalid length. [ 221.476002][T12928] loop0: detected capacity change from 0 to 32768 [ 221.484939][T12948] netlink: 152 bytes leftover after parsing attributes in process `syz.3.3929'. [ 221.508529][T12941] EXT4-fs error (device loop4): ext4_empty_dir:3136: inode #12: comm syz.4.3927: invalid size [ 221.527682][T12936] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 221.550256][T12928] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.3919 (12928) [ 221.561059][T12936] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 221.569919][T12936] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 221.587508][T12941] EXT4-fs (loop4): Remounting filesystem read-only [ 221.605019][T12936] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 221.617548][T12928] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 221.624767][ T6773] usb 3-1: new full-speed USB device number 14 using dummy_hcd [ 221.650125][T12936] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 221.655484][T12928] BTRFS info (device loop0): using free space tree [ 221.684326][T12936] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 221.703617][T12928] BTRFS info (device loop0): has skinny extents [ 221.718427][T12936] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3565610990 [ 221.731440][T12936] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 221.755988][T12949] ubi0: background thread "ubi_bgt0d" started, PID 12949 [ 221.839008][T12966] netlink: 'syz.4.3933': attribute type 2 has an invalid length. [ 222.006579][T12979] netlink: 'syz.1.3936': attribute type 75 has an invalid length. [ 222.014786][ T6773] usb 3-1: config 0 has an invalid descriptor of length 44, skipping remainder of the config [ 222.035890][T12928] BTRFS info (device loop0): enabling ssd optimizations [ 222.049568][T12986] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3938'. [ 222.194667][ T6773] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 222.211513][ T6773] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 222.280042][ T6773] usb 3-1: Product: syz [ 222.284282][ T6773] usb 3-1: Manufacturer: syz [ 222.288879][ T6773] usb 3-1: SerialNumber: syz [ 222.314765][T12994] loop3: detected capacity change from 0 to 1024 [ 222.345822][ T6773] usb 3-1: config 0 descriptor?? [ 222.542209][ T8517] hfsplus: b-tree write err: -5, ino 4 [ 222.680771][ T6773] cdc_ether 3-1:0.0: skipping garbage [ 222.686220][ T6773] usb 3-1: bad CDC descriptors [ 222.721551][ T6773] usb 3-1: unsupported MDLM descriptors [ 222.744995][ T6773] usb 3-1: USB disconnect, device number 14 [ 223.118044][T13036] [ 223.120399][T13036] ====================================================== [ 223.127410][T13036] WARNING: possible circular locking dependency detected [ 223.134426][T13036] syzkaller #0 Not tainted [ 223.138875][T13036] ------------------------------------------------------ [ 223.145884][T13036] syz.3.3961/13036 is trying to acquire lock: [ 223.151939][T13036] ffff88801a9ccb98 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}, at: __flush_work+0xc1/0x1b0 [ 223.162989][T13036] [ 223.162989][T13036] but task is already holding lock: [ 223.170349][T13036] ffff88801a9ccff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x5f/0x1030 [ 223.179661][T13036] [ 223.179661][T13036] which lock already depends on the new lock. [ 223.179661][T13036] [ 223.190052][T13036] [ 223.190052][T13036] the existing dependency chain (in reverse order) is: [ 223.199056][T13036] [ 223.199056][T13036] -> #3 (&hdev->req_lock){+.+.}-{3:3}: [ 223.206693][T13036] __mutex_lock_common+0x1eb/0x2390 [ 223.212413][T13036] mutex_lock_nested+0x17/0x20 [ 223.217700][T13036] hci_dev_do_close+0x5f/0x1030 [ 223.223069][T13036] hci_rfkill_set_block+0x10a/0x190 [ 223.228789][T13036] rfkill_set_block+0x1c6/0x420 [ 223.234161][T13036] rfkill_fop_write+0x458/0x560 [ 223.239530][T13036] vfs_write+0x300/0xd00 [ 223.244290][T13036] ksys_write+0x14d/0x250 [ 223.249142][T13036] do_syscall_64+0x4c/0xa0 [ 223.254076][T13036] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 223.260490][T13036] [ 223.260490][T13036] -> #2 (rfkill_global_mutex){+.+.}-{3:3}: [ 223.268474][T13036] __mutex_lock_common+0x1eb/0x2390 [ 223.274193][T13036] mutex_lock_nested+0x17/0x20 [ 223.279481][T13036] rfkill_register+0x33/0x8a0 [ 223.284678][T13036] hci_register_dev+0x452/0x970 [ 223.290053][T13036] vhci_create_device+0x32c/0x5c0 [ 223.295598][T13036] vhci_write+0x391/0x450 [ 223.300447][T13036] vfs_write+0x712/0xd00 [ 223.305310][T13036] ksys_write+0x14d/0x250 [ 223.310161][T13036] do_syscall_64+0x4c/0xa0 [ 223.315097][T13036] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 223.321508][T13036] [ 223.321508][T13036] -> #1 (&data->open_mutex){+.+.}-{3:3}: [ 223.329320][T13036] __mutex_lock_common+0x1eb/0x2390 [ 223.335045][T13036] mutex_lock_nested+0x17/0x20 [ 223.340333][T13036] vhci_send_frame+0x88/0x100 [ 223.345528][T13036] hci_send_frame+0x1a9/0x2e0 [ 223.350726][T13036] hci_tx_work+0x9f9/0x1710 [ 223.355748][T13036] process_one_work+0x863/0x1000 [ 223.361206][T13036] worker_thread+0xaa8/0x12a0 [ 223.366404][T13036] kthread+0x436/0x520 [ 223.370981][T13036] ret_from_fork+0x1f/0x30 [ 223.375910][T13036] [ 223.375910][T13036] -> #0 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}: [ 223.386054][T13036] __lock_acquire+0x2c33/0x7c60 [ 223.391425][T13036] lock_acquire+0x197/0x3f0 [ 223.396427][T13036] __flush_work+0xdd/0x1b0 [ 223.401345][T13036] hci_dev_do_close+0x1e7/0x1030 [ 223.406785][T13036] hci_rfkill_set_block+0x10a/0x190 [ 223.412484][T13036] rfkill_set_block+0x1c6/0x420 [ 223.417832][T13036] rfkill_fop_write+0x458/0x560 [ 223.423182][T13036] vfs_write+0x300/0xd00 [ 223.427921][T13036] ksys_write+0x14d/0x250 [ 223.432750][T13036] do_syscall_64+0x4c/0xa0 [ 223.437666][T13036] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 223.444063][T13036] [ 223.444063][T13036] other info that might help us debug this: [ 223.444063][T13036] [ 223.454266][T13036] Chain exists of: [ 223.454266][T13036] (work_completion)(&hdev->tx_work) --> rfkill_global_mutex --> &hdev->req_lock [ 223.454266][T13036] [ 223.469181][T13036] Possible unsafe locking scenario: [ 223.469181][T13036] [ 223.476691][T13036] CPU0 CPU1 [ 223.482030][T13036] ---- ---- [ 223.487368][T13036] lock(&hdev->req_lock); [ 223.491762][T13036] lock(rfkill_global_mutex); [ 223.499021][T13036] lock(&hdev->req_lock); [ 223.505932][T13036] lock((work_completion)(&hdev->tx_work)); [ 223.511890][T13036] [ 223.511890][T13036] *** DEADLOCK *** [ 223.511890][T13036] [ 223.520009][T13036] 2 locks held by syz.3.3961/13036: [ 223.525182][T13036] #0: ffffffff8d4c0468 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x19e/0x560 [ 223.535249][T13036] #1: ffff88801a9ccff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x5f/0x1030 [ 223.544961][T13036] [ 223.544961][T13036] stack backtrace: [ 223.550837][T13036] CPU: 1 PID: 13036 Comm: syz.3.3961 Not tainted syzkaller #0 [ 223.558269][T13036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 223.568309][T13036] Call Trace: [ 223.571570][T13036] [ 223.574479][T13036] dump_stack_lvl+0x168/0x230 [ 223.579139][T13036] ? load_image+0x3b0/0x3b0 [ 223.583620][T13036] ? show_regs_print_info+0x20/0x20 [ 223.588799][T13036] ? print_circular_bug+0x12b/0x1a0 [ 223.593979][T13036] check_noncircular+0x274/0x310 [ 223.598895][T13036] ? add_chain_block+0x940/0x940 [ 223.603806][T13036] ? lockdep_lock+0xdc/0x1e0 [ 223.608376][T13036] ? mark_lock+0x94/0x320 [ 223.612683][T13036] __lock_acquire+0x2c33/0x7c60 [ 223.617515][T13036] ? lockdep_unlock+0x134/0x2d0 [ 223.622349][T13036] ? lockdep_lock+0x1e0/0x1e0 [ 223.627003][T13036] ? mark_lock+0x94/0x320 [ 223.631308][T13036] ? verify_lock_unused+0x140/0x140 [ 223.636484][T13036] ? __lock_acquire+0x12d9/0x7c60 [ 223.641507][T13036] lock_acquire+0x197/0x3f0 [ 223.645988][T13036] ? __flush_work+0xc1/0x1b0 [ 223.650557][T13036] ? __mutex_trylock_common+0x14f/0x250 [ 223.656082][T13036] ? read_lock_is_recursive+0x10/0x10 [ 223.661434][T13036] ? lock_chain_count+0x20/0x20 [ 223.666260][T13036] ? mark_lock+0x94/0x320 [ 223.670574][T13036] __flush_work+0xdd/0x1b0 [ 223.674965][T13036] ? __flush_work+0xc1/0x1b0 [ 223.679532][T13036] ? flush_work+0x20/0x20 [ 223.683842][T13036] ? hci_leds_update_powered+0x148/0x160 [ 223.689456][T13036] ? rcu_lock_release+0x5/0x20 [ 223.694197][T13036] ? __lock_acquire+0x7c60/0x7c60 [ 223.699207][T13036] hci_dev_do_close+0x1e7/0x1030 [ 223.704126][T13036] ? _raw_spin_unlock+0x40/0x40 [ 223.708958][T13036] hci_rfkill_set_block+0x10a/0x190 [ 223.714141][T13036] ? rcu_lock_release+0x20/0x20 [ 223.718973][T13036] rfkill_set_block+0x1c6/0x420 [ 223.723804][T13036] rfkill_fop_write+0x458/0x560 [ 223.728634][T13036] ? rfkill_fop_read+0x4b0/0x4b0 [ 223.733547][T13036] ? common_file_perm+0xc0/0x1c0 [ 223.738462][T13036] ? fsnotify_perm+0x5d/0x560 [ 223.743118][T13036] ? security_file_permission+0x75/0xa0 [ 223.748640][T13036] ? rfkill_fop_read+0x4b0/0x4b0 [ 223.753554][T13036] vfs_write+0x300/0xd00 [ 223.757791][T13036] ? file_end_write+0x250/0x250 [ 223.762618][T13036] ? __fget_files+0x40f/0x480 [ 223.767272][T13036] ? __fdget_pos+0x1e2/0x370 [ 223.771845][T13036] ? ksys_write+0x71/0x250 [ 223.776236][T13036] ksys_write+0x14d/0x250 [ 223.780549][T13036] ? __ia32_sys_read+0x80/0x80 [ 223.785288][T13036] ? lockdep_hardirqs_on+0x94/0x140 [ 223.790490][T13036] do_syscall_64+0x4c/0xa0 [ 223.794882][T13036] ? clear_bhb_loop+0x30/0x80 [ 223.799534][T13036] ? clear_bhb_loop+0x30/0x80 [ 223.804207][T13036] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 223.810089][T13036] RIP: 0033:0x7f220e19eba9 [ 223.814484][T13036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.834068][T13036] RSP: 002b:00007f220c406038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 223.842457][T13036] RAX: ffffffffffffffda RBX: 00007f220e3e5fa0 RCX: 00007f220e19eba9 [ 223.850407][T13036] RDX: 0000000000000008 RSI: 0000200000000080 RDI: 0000000000000003 [ 223.858357][T13036] RBP: 00007f220e221e19 R08: 0000000000000000 R09: 0000000000000000 [ 223.866306][T13036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 223.874255][T13036] R13: 00007f220e3e6038 R14: 00007f220e3e5fa0 R15: 00007ffd42265968 [ 223.882208][T13036]