last executing test programs: 2m26.115077634s ago: executing program 2 (id=7506): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=@ipv4_newroute={0x38, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x4, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, @LWTUNNEL_IP_OPT_VXLAN_GBP={0x8}}}}]}, 0x38}}, 0x0) 2m25.885946267s ago: executing program 2 (id=7510): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) setregid(0xee00, 0x0) 2m25.641029752s ago: executing program 2 (id=7513): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)=@newtaction={0x78, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x64, 0x1, [@m_tunnel_key={0x60, 0x1, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_NO_CSUM={0x5}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}}, 0x0) 2m25.463202132s ago: executing program 2 (id=7515): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000005c0)=@security={'security\x00', 0xe, 0x4, 0x348, 0xffffffff, 0x208, 0x208, 0x0, 0xffffffff, 0xffffffff, 0x328, 0x328, 0x328, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2, [0xfa369e71b38dc5c0, 0xff000000, 0xffffff00, 0xffffffff], [0x0, 0x0, 0xff, 0xffffff00], 'veth0_vlan\x00', 'batadv0\x00', {0xff}, {}, 0x62, 0x1, 0x0, 0x10}, 0x0, 0xa8, 0xd0}, @common=@unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x4, 0x3, 0x4}, {0x1, 0x1, 0x4}, 0x7, 0x6}}}, {{@ipv6={@private1, @mcast1, [0xff000000, 0xff, 0xffff00, 0xffffffff], [0xff, 0xffffff00, 0xffffffff, 0xffffffff], 'veth0_virt_wifi\x00', 'tunl0\x00', {}, {}, 0x3a, 0xe, 0x638796aabc93d830, 0x8}, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x33, 0x9, 0x400}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3a8) 2m25.209691238s ago: executing program 2 (id=7516): syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="005901e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRESDEC, @ANYRESHEX, @ANYRESOCT, @ANYRES16, @ANYRES8, @ANYBLOB="eae535d4c5cd41b584d3bdb8d3fb3e37666220165c8aec9c235bc9af137d4058a50551a5b228bbbcf6cd1275ef3732adfeaebdf711988cbe9d1da671f8bbaac371392e227f548006163fc9aaf3d55e97410ccacb7df3444c03ac4170da3fbc69ae1c8a590318a7a33a774debbcc54bb6d6025bc65458b94791d5a8bcd898b75cce569e2c6fd55928c5084aab22c8196fb436916cff76302fd8c4b69ca674271f5db630ffad103ad9286287759d0d5470d0b54f701a713e8803665b87799065f31bb0cff21d9c109c1fbfffb640facdacd569f158f694c34ffb4c405b186aa90e8be7b47c56e6e439ae953605d89c131c711ff56f0adb96e5ee0d269b4cfc9d089794f60bdd06e845b5ffdccfefee032ecfd92f6cba5920130f685e807f88de4a2e595ea37f39a92dcbaeb2de15dab62a5a199d4666578eb1707e88ebb0b98140fdb62d60005fd6721f18a2054b2ba2ed308813164f8dbc7e1d26a11a707adc6978a25cca2fca5d62e51794447f656b92f8372ebf98934a0bc057b901080da81ef02ccfa18a29c9b82c90fd38eb554b83428948f3608cd8fd5845bed25a0d96b146f09bd4cce20efc1ecc7bf64bd88e7a460b372a298cb776eb1d78cc334da71dc6056b2d1119cdad3af9092a42c184e9d487076399f0be65a442fdc06901089e6b5178ecb57aa4b98ff1f538696e8510551dbb5cbd36b125efa2a3e719f22b96eeec80a178dae9c894a7dd170419c33817baedfc132cde868a1c55192b9c8a332772fc40fed9f6fee1aea0e2001752caeb58afb55ea7c421cd0eb5e6ea301f8e2f6b68484849f5d3e7bd1b4aa865d2cd049dfc773bb4281f5f8dd2a3f1563c8cd3655dd9e391424151dadf7415afb242cb99b9b9541b6780beafc6a8c2c0bd109749dde1e8535040d8d2cda8393abaa6cdae24e13917e867d6d301f6f39619bcbd70acc747e093ef3c22f0b1a8b8a4d8bd11bc19c7102e11a8603d563507423c96d1653a42d02ff1ee390934927f037d2022cbbf86cb605e82e2b6e2c2fa1d523f72b47738f318836defed1f898271bdd4fcbe7863e5aa7c7e468d9bad908de3c6851c696df710da87771840f46e63fc4c3d5d9b13b663ed2fef2e56a8690cdee9e6ac0a9824c9fe458ad29614f9485f9c18caf2d5c229f24a220ab84daa26ddb2a0d4059b43e073b703148d82fe4d91ae24db7224df2ee4e10d596846466d6a62faa9da7d24f9dd1e3b5cc291f4840b6603d1173204a452a9b05a5efcf4f9e09c2a3c38f2fd49322e718ddc8278ea182a359043387705c0be61be7e62ba7bb85dfa0f24400f89087f78d84d2296844944d186fb55045eb016dd3d602c85211d7b19dbebe3247313283da5bcbba09a3a74c590fdce8cdbef49a73b11413a9df4aaefc356e94f838cef801ba2380d7e5fdc8865140311f071c82bc1482c2033b8ad70d08a5a71e1c949f93cd8743b0bd4eefdaf45f5246efcf800444c8e9b8c2a01b76b6eb4e0639ee7381971172c53e165f14946fb56896e40424a3b981d97b4b01504806d797bb9e3405a7326d2ba7bfa6efc923c4c68d0165aea2d80ae953c7e2ec6534d0da7c28bbe255d81097e84254ff7bd065caa84fa7455885e1b28ab7d6243d0f02903860049935a764ebfe5384bdf9ae0b71f1641e457780da2071a84937dd88d2e4aec7ddaab66e335887f555a724ad9692ee996521ccaa35e2358aea1ab6a8c9845af8af552520fdec7ecb635d230074aa532c3efe6677c79b1328451a779501eccb4c11750744cfce16ba2ced0fc6dd2b75a5ff1770f3851c93bcf8850adf496012d94b8dd6a00d1f9f0c96989979b89838a29875072e0b678a2a55338f21625165c350134d7cb9119ac4dcc77f13a153fe6819d1bdc6b357e93531a68813913daf65d2e62d4bd09da6bb16e8d686518f6faff70dc0804b4b6810117d8698a4d27f0482f9adf9be3aae179dbcad90ab1fbd6b1ba15cdc78ee7686bd15a8fe1cf5af00fcc0a6981a77ac5c3485518921a1b4ea90b02e0059c2c71850d517bddc12bd61a5571da765a34b53e5f06a2b8bb122bf9d642f1ad50a0eb7afe34ef6fd2474d25f314adbf276a895b80b8de6e31eaee5fe4544f4709bf6416f26ec52d517dd3a350cb68df6791dc671495e0f056de8b158095b32ec8b43f65b1f3110cf7da37d2383e99a5bd9a0e0d5684a5b15246170bd11909ef22ee740aa5556dbc0f9dacc8ce440c137bf0ec673651067ef1146004701376116986c49b10226141bea12f679c3f53eaea945b1bb92e6c922a85a2221f768ff4f1c188dc82f9e8d947e140f43c4950430f88a47fb15dcd8ef8491ff08d7b287b280eab99e44a7fba6d4fe20fcb2c2cfa1a6f4d59b51755e66a3d9a325a08a286185c2bdac8c8c2910ed3ff8e047f28b2bf1827e0829f8ec8459241300583f1880c96b2e405b253af5f7e9ee91e34c3fa2cd5c53a71bc3b4b1a5741c17a7b73c8e7d3e8ec9e51a90772b8eb38f23fcb9e07eff8b0f68d4f7d4d68bfb8fbc8d90be681166fe5ed220e3a425c65c0e678e8b7470a99d7fccc7a3be07189ee02e1f8c81549b0b8c0113ef602d10d5d2429e8b60fa5aaddd55cb86141609bae35c185c5ad743d0fb0a1244ba6d67755e46073f3d428926c0d9033f8180120deab78a4b42664e36b6723039457195bff897760ede28bf2661a95715dd20bc744ae2a06bcb12ef8b7a373f3a5557f20256446ba95d45b7810d68494f954d1802aa8986279adc368c2365168c0619bc8952ec6ac60840d9968302edb8809d36f6b0c83dc6941193fb8eb2adcef36db70cbe51fd533ee108eaedebc05ab363058feecfb51e294419695019d0ba50a660ecbe3fd1b43ac973141b7e4c423c062f63ad24468ca79740502716b10a823821429d53f34409cc0757587a5de21663c33a8b194c988a3c209cec76b9fc18805649d9cc109635271c968972f4328e561b562ad6c32a71b269718a303ae3635e5b06717152817a11589d3efa0f803d7bb560c08132827333ada867d1a870e2feb3a5e7851363fc333bb681018764aab63eb740978994f62ec3147d4d6a40e099ada0c50c1a5f6a8196549be226508055aef349c76af40596f6c9b7217423628bb6dc07d9382f6d4c87c962ec97bee6384ba3e2522b76ee8619093500a75bcc8fd0fb9bb5093650ec0ca9c867a22260e2668ecf46047e3df87f5d82d992a558e45fb852be616c030edf6aeeae70848403dc1166e6a16776e8660f90449f297224f667563850480f259f6a59039b1a3ea5488971b5e4bcbf380c527c937055dbf4f5a676bacc09f4dde33c50a1286f6024980df1064a9dc4b3f101b129fa1fc141e54f52d4b7322a0cb1c2567205016f5ede0794122fcaa2d11fa77f5fddb3a5f3c7b3d85f0cb6f32cd11d752f755687fb8d93d40711a4c8873ec7c794f0f781bb9c10f9df22fa8f40cca06a48c37e66ea4480fcdd686526be62915ebe36e0bdf7dafd3940f698469ecdc792ca6105a37499a19382247a85bb734e4ba325dd307be8444b5860f99f9dbc7aa28c26747c89041bde3c10c459406786e10792078a52f4bcc32aff61b3f5798cb5dc2927f260f70a41d8e5fc38498b02d0053a86ae408d2efdc1aca9a8508ef9128dfd1fc6a92ba72f940ee469a3111e2cf6c28e77e5a206db6f09139db812fa4e4cfe33c8d184e4763bd8e54e0e473346215b8905d101463dd2ca855747c81c7ffd6c2625e0b59273a9516ec96a5cd8d9078c974980a16b6b87563986ba287821cd41f417792e42dd24e796e313b9cd943f1b9dd6ee35676ff4ad46dbd52db83abbc78f5dad11b6e7bd09a4ace8c246d0a52c36dcb1f0c6025f6ed2868f4b918b6e4e645c63689b7e7bc369dbe44725993b3b43f4572a7136b6e610adc161f45fc307c0937f2338ebc4fd571852b229b80ccd071e1a29c927f88b8b45efa503691758125d29463e742e2ef508babf30ae39ff8bb3a94cfee379f84348c002fdef77b410bee9f47f8119388b3fc159b409b9d9c9af97a4b75c38ca5fc0665cd975df293370de64714cefdd470c1d05a5d3e0f257182889d7a2d797ebf42d6935d1c6b5ef8cd1e2783cef3a316dbd4768510f26ee5b1c481bcac3e1608458d4b5ec6411cb3c921a131140440561931ca51b92231de91d1f950d992eec74c6500a6ecc9e8bc26eec367dba82720accd6dee234db88c132ec649baeef23a16ebb18c8e5b68b95aac984d8322a01b39636baf16911e458242730ea8b22c686bd01bc451e91c34f81fafe88485bbe97ec99299940ca897c3f802d080ecf8ca7e5032c728b8b33f162ab26a6805db239b88103c19ff8160a28268f8f7ac66593c67251fb0f3fa3004d5ad08107f48e0ecc1e4e910554f49ca72e3fd7e212d828fc3c0c40203e4642a3a372f36cfd13a037fd4dd107d6b386659b379c4c41813c8599cb71fd08e4b80f22dbb088d3d0257f30493b1c4d54201a00e049d998d291ecb659e65e2eed9776b367afc9b84b03957701bcbef289b0eea8e5722a63e1bd748d5af209c5ebff7df185d0d68e7ceabbf9a63bba55946cd3b52a09383fd9b9d2d956dc4e5af16986c5600dfd0db89e0e478420557d001c3716350c3e6ba0bbec1e5888435d296d8666f455d22205ea407a95eb60bc68a184e95ae3259f3783c594d3e550c018369df677ea11a37c757a3bd3c19eb257f5e228ad760562e431754a0c620004548962c3a4fb42d49259dafc1b9d365323fa2ace81876728a24f70b06e1198d5f863bfd00a04d5393b3adb15f4191d374c607c7ccb6b7ef84303454b6655392a23dccca41f55cb314a3bfbb637f57178cc9df4fe0645a8dc1ca0386d1fb0ff2cfc3e149991f97264d893fba0b013c027ce753c3e1f907a2988b1507eecd0e5e26368155ff5c55f616ffec31a613be450ee048955a46d68c272aa53f1db6ce199e2765f4be20933799d96f13b3a65f33cb60da1929023ff5d820172c423f83210a992264a37854033cd43c88129fabb5146367d2b748d84be96dc3a4ad95279ec7ed78dcb57056597a9f46a948708b0e9915b22f28216d94554db2082f4b9782a5802bf6700ef9017168a68304b6573f46c78a0a3be302e096b4f5b87313a2ef9a2b5f51956d9e315b08ee89a59aeec225227f3ece808c451e1103df7887f944138af1b93235bc93121fb84591d065d5f245c035c238a1c30d510be5db14725148919e8d57f1e3a36ead8be870e2505e3c9935c4461741c4a8dc4dff7e0e042167a7228bf218c9d8dd9c0be9e5ff4a79968d8f34cfc3206e0ade5889e9c5e44c918ed3755063d4148e7f1da9d2ce7aa45b9fc873f85cb92160b8a4d5b219884d0c43cc1194259ec4a6127887470d2fabbc1983b1bcc51e931f131d1238333c09740b43802fc5b1c01a942c5d08693b81e59429cb7d49f454f517cddc160d563a243182083008f2481e35312b4b35a2688468f18f4733f4b40d2f298c0b88ec2ad51e2efa509905233e3bbb9e172a1e697ab379f500c8c791aa97623bc8faa7f0468e02e6bc6f9bc40c75b4c01b92731fc371ad7c90928bead62a74580bb2d0aa1d8972fa857766ebe8aa00cd9eae79a591ea3e87a5ce636dc865b992c98a6fafe478973665936ad477558dac400fe179e86e6fef41aa074d0812f0c14f3992edb76358d02a2b763512ca9abc0940dd711670deb4d9abf196de9106efa5e1c14a673de86193908206ab9f72afd6ef1b05355f06ad0b9bc83750bb196654566b56e13e6e820d12bc34920b45c3"], 0xfd, 0x200, &(0x7f00000002c0)="$eJzskr9rFEEUx7+zO3fuaUIOORBFEDVoLJLbbDT+KBRsDCoIohADgsfdJS5u/JE90DsOXKsUNoIiJIiFIElhIf4DLqiN2CgEuxBJnSKFjSSsvNm3mwnY28ynuO/NvLfvve/M3A4fhDsAbK5360AZhEQF338JSAAHhNpCw07VYb3MWuT4BSvVmPUP6+bJzvgEIPxDy6NWvKdxUJTRU/n9dQV19N3E6deX3v24WnixtHvt7UfKv3i9/QHiaKPvzav3z87P9ary4saEXseO9887VAjA843x5RW5165ktfxoiVoXkPFyEsKddwAMfR6cO+v2PrW4Ztju3KkFQXMmPPfEwppq9XO9W6c/twAkBPsbA6DnkP1FzqG9fRK4BsBGkudIbFFtTd+vhu3OoD9dm2pONe963sioe9x1T3jVST9ouvQLcDf1OZ8gSI8BoGsq0QhCxXdRbINzdmI7VIfmivK496XE45fQrRe1qxs4jHRb65fZylQgZluOmgPKKlk+Ajrah5HQdvtVFQllbAwCNi+GpTZf2stRgaFP94LGLMgbf7YAmdcYXkUhX3j6YuRU5hCzrP3YujFigXWVNXvR2UuVqoLF73kgAop4VGu1kiR5jMUeXPmWRmhvxivm/8qRfmDUtWxvN3fG/setGAwGg8FgMBgMBsN/4m8AAAD//4Hjlpw=") open(&(0x7f0000000140)='./file2\x00', 0x0, 0x0) 2m24.248423454s ago: executing program 2 (id=7527): r0 = syz_open_dev$dri(&(0x7f00000010c0), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f0000000600)) 2m8.980443525s ago: executing program 32 (id=7527): r0 = syz_open_dev$dri(&(0x7f00000010c0), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f0000000600)) 2.082202437s ago: executing program 3 (id=9618): r0 = socket$kcm(0x2b, 0x1, 0x0) setsockopt$sock_attach_bpf(r0, 0x6, 0x8, &(0x7f0000000000), 0x4) 1.927369906s ago: executing program 3 (id=9622): futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300) futex(&(0x7f000000cffc), 0x5, 0x800, 0x0, &(0x7f00000001c0), 0x3000000) 1.274181864s ago: executing program 0 (id=9634): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000200), 0xc0c82, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, 0x0) 1.248093457s ago: executing program 5 (id=9636): r0 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'batadv0\x00', &(0x7f0000000080)=@ethtool_gstrings={0x1b, 0x1}}) 1.17860716s ago: executing program 4 (id=9637): r0 = syz_open_dev$video4linux(&(0x7f0000000ac0), 0x2, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000002700)={0xe7, 0x0, {0x0, 0x0, 0x3010}}) 1.079058446s ago: executing program 0 (id=9638): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="20020600000000001c00128009000100626f6e64000000000c00028008001200020000000500110001"], 0x44}, 0x1, 0x0, 0x0, 0x24000000}, 0x0) 1.078407856s ago: executing program 5 (id=9640): r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) sendto$llc(r0, &(0x7f0000000300)="8d", 0x1, 0x0, &(0x7f0000000380)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, 0x10) 1.005417841s ago: executing program 1 (id=9641): r0 = socket(0x10, 0x802, 0x0) write(r0, &(0x7f0000000240)="fc00000018004b61ab092500090007000a020200000000020000369321000100ff2500000005d0000000001d000398996c92773411419da79bb94b46fe000000aecd52a3abe23efc256f1a272f2e117c22ebc205214000000000008934d07302ad031720d7d5bbc91a3e2e80772c05defd5a32e280fc83ab82f605f70c9ddefefe082038f4f8b29d3ef3d92c83170e5bba4a463ae4f5566f91cf190201ded815b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb57d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d05b0350b0041f0d48f6f0000080548deac270e33429fd3000175e63fb8d38a873cf1587c3b41", 0xfc) 944.698014ms ago: executing program 1 (id=9642): r0 = socket$inet6(0xa, 0x3, 0x3a) recvfrom(r0, 0x0, 0x0, 0x3, 0x0, 0x0) 888.831228ms ago: executing program 3 (id=9643): r0 = socket$inet6(0xa, 0x3, 0x6) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x3c1, 0x1a6cc7, 0x2a8, 0x0, 0x5802, 0x294, 0xf0, 0x294, 0x1d8, 0x378, 0x378, 0x1d8, 0x378, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xf0, 0x52020000}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', {0x3}}}}, {{@ipv6={@private2, @local, [0x0, 0xffffff, 0xff, 0xff000000], [0x0, 0xffffff00, 0xff, 0xff000000], 'pimreg1\x00', 'wlan0\x00', {}, {0xff}, 0x0, 0x7, 0x0, 0x8}, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x9, 0x3, {0xffffffffffffffff}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x308) 888.364627ms ago: executing program 4 (id=9644): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000240)={'wlan1\x00', &(0x7f0000000000)=@ethtool_cmd={0x3d}}) 856.960989ms ago: executing program 1 (id=9645): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000d40)={0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000000b00)={0x0, 0xf22fff7f, &(0x7f0000000180)=[{&(0x7f0000000080)="31de76fb398bc62d058b8a96924594f5476a0824be53f7a5949f80614c42391e4b80412938c955d34d37eb96ba7849c3eb823bb36724bd6f6d0219cfe5c884afcd2bdea5acf9c877c03dcdbbb3e47417b6707c27d4c5c1db1924071f6b6f23c7d199c799c9b0c41101e625fcdb7bbfd12a3eeeef4540a5698f058aaf6a141e5d333929b92a7f64e925bf0ef424c3ef29fcd5fd4721c547fde6abe4d47048b64511693624b0d786711abe4a66e250fcbfe95ac9037e58f331b26b6ed0d08e5c73ba4c49", 0xc00e}], 0x9, &(0x7f00000001c0)=[@ip_tos_int={{0x7ff4d4260000}}, @ip_ttl={{0x14}}, @ip_ttl={{0x14}}, @ip_tos_u8={{0x11}}, @ip_tos_u8={{0x11, 0x2}}, @ip_retopts={{0x0, 0x0, 0x7, {[@lsrr, @generic={0x0, 0x0, "96"}, @generic={0x0, 0x0, "206a77bdd1a004129054e7704a"}]}}}], 0xf}, 0x0) 777.877084ms ago: executing program 0 (id=9646): r0 = io_uring_setup(0x4c0c, &(0x7f0000000140)={0x0, 0x2637, 0x80, 0x2, 0x10001d4}) io_uring_register$IORING_UNREGISTER_EVENTFD(r0, 0x5, 0x0, 0x0) 777.334194ms ago: executing program 5 (id=9647): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000002c000000020a01020000000000000000010000000900010073797a30000000000900030073797a310000000038000000030a01040000000000000000010000010900010073797a30"], 0xac}, 0x1, 0x0, 0x0, 0x8040}, 0x0) 732.276086ms ago: executing program 1 (id=9648): r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000140)={0x5, 0x6, 0x1}) 725.111117ms ago: executing program 4 (id=9649): syz_mount_image$iso9660(&(0x7f0000000340), &(0x7f0000000c80)='./file1\x00', 0x1004491, &(0x7f0000000000)=ANY=[], 0x2, 0x838, &(0x7f0000000cc0)="$eJzs3U9sHFcZAPBvXDtOHDVUgEoUpekkKVIiUnfXbl2sHsp2PXamtXet3TVKhKq2apwS1WmrVlVphGhyaQGBECeOpdeql0oggZBA4gCckOiBC4dKlXoBFQQSAiGQ0c7uJv63dv44Tim/3yr7Zt988+a92fF8no1nNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACASKpTpVI5idm8tnAq7a861ajPbTK/194vVhWbrDciaf+L3btjf6dq/2evzL6z/XQkDnZeHYzd7WJ3XNh75x0PfWZwoLf8Jh26Xof7zxpa+SKJuBiRDEYsLS2+eBM6soO+/bPuxO6rXuSfy+3nmayWN+v5XGUmS/NmPZ2cmCjdd3K6mU7ns1nzdLOVzaXVRlZp1RvpserxtDw5OZ5mo6frC7WZqcps1qt88N6xUmkifXR0Pqs0mvXafY+ONocjn53NazNFzFjplWjHPNjeER/LW2krq8yl6dlzS4vjW3W1HVReVTO8asc5eM8dH778wd/OLbZ3yH6NJN0dc6xcHhsrTzww+cCDpdLgWGlsdUVpjbgcEQND0Y64KTstt9beDeoGu3vMuhkRy5/apqM33JiBbv6P2cijFgtxKtJIY6B4vvIYimpMRSPqMdd+/fuhNfPX5f/P3/fn32623pX5v5fl91+ZfSCK/H+o8+pQv/y/rhfb8Bjs12rtnU5vVta9FK/GhXg2noqlWIrFeHHtUrvWLrHB42pibvgx3CkHtrfVmciiFnk0I4k85qJS1KRFTT3SmIyJmIhSPBEnYzqakcZ05DEbWTTjdDSjFVmxR1WjEVlUohX1aEQax6IaxyONckzGZIxHGlmMxumox0LUYiamolK0cjbOFdt9fE2/7vzGkz995ncfvtmevhxU3mQgycWI2Pt+xF83CVqX7q8h/7cjBrp7947kJHbI7i3f1dVzt+W4Ddthucj/g7e6GwAAAMBNlBSfvicRMRR3FVPT+Wz2lVvdLQAAAGAbFX/XfLBdDLWn7oqkff5f2iDyvYjhHe8eAAAAsA2S4hq7JCJG4u7OVO9yqY0+BAAAAAD+BxX//3+oXYxEvFZUOP8HAACAT5hv9rvH/ge7invsjkRzfjj5+V+i0RhKLs2fuic5X2nHVc7f1lmuW3z5cout6QPJvm4jRTExeGFvEhGD1exg0rv75b+71xJ81H76z/Lycm/xfvf6T7boQGzegeJVfCcOd2IOn+mUZ3pzOmsZmc5ns9FqffahctL9cKT18nPnvhbF8L9Vm9uXxNlzS4ujTz+/dKboy6V2K5fOd28Pn/SWiuhcULFJX5Z7V1PctfGIh4oLMbrrHemst7Ry/N27yQ5sPv5k5TpfjyOdmCMjnXJk9fh3t9dZHn2oHJXKvoFWdqr18vKK0Xd7Ub4y8uHeaJNreBdej6OdmKPHjnaKDXoxtqoXz63vxdjK7X912+Kqe/Hm4ddO/f1X9SQb36oX4zfYC4Bb5Wxx158rWWhPkYX+tdzRTmhr8u6eXtq6lqPc2Su/ZezpRq/IdYOxLrun15PdX49jnZhjB4oD6+CBDfJKaYMj+gvnXvh194h+/9s/+OHjh37z7pq8HnFx31X24u043onpFvHpX/bJse0xf3dNVn2rvcRb5/tl1ebsWPLK8PhQEheL1xfuPXf+qWcWn1l8bmxsfKJ0f6n0wFgMFb8qdIs+PZV5AP6/bfUdO+9+/XJov2/hSe7f4qw6Gez9ScFoPB3Px1KciRPF1QYRcffGrY6s+DOEE1uctY7Ej37cmVGOE1ucW15pd2xt7PDRJPrEjq/YYp/7flH842a8GwCwM45skYeTuKNz259Xbu8usSbitiQ5sfK8+6sRcaBfzm3n8uPFF+dePjuOfrHlVf38Y7f84k5sFAD4hMsaHyUjrTeSRiOff6I8OVmutE5maaNefSxt5FMzWZrXWlmjerJSm8nS+Ua9Va/2Pjqeypppc2F+vt5opdP1Rjpfb+anim9+T7tf/d7M5iq1Vl5tzs9mlWaWVuu1VqXaSqfyZjWdX3hkNm+ezBrFws35rJpP59VKK6/X0mZ9oVHNRtO0mWUrAvOprNbKp/NsKM1r6Xwjn6s0LkXE7MJclk5lzWojn2/VOw321pXXpvc15opmR9cP/087vb0B4OPgpVcvPPvU0tLii9c38YerCb7VYwQAVpOlAQAAAAAAAAAAAADg42/95Xrt2mu6EHAorvvywZeGoz2x53oXb0883h3JDVzFuMnEYGxzg5tPfOGdzmC2o8H17Qz1am7f6rrPPcV7eqlbs6u7iXdoI2znxJMPP/zshUsRUdQkgys37yOv7T/5fha90W3SzsY/KRtd6vrGvohdP/lep+ZLG8TcFu1ubPNI3+sN8NoWX042+cHf0cMQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyV/wYAAP//yfVIlw==") creat(&(0x7f0000000040)='./bus\x00', 0x0) 626.166233ms ago: executing program 3 (id=9650): mprotect(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x9) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x2, 0x0, 0x0, 0x2}}, &(0x7f0000001f80)=""/237, 0x1a, 0xed, 0x2}, 0x20) 596.882045ms ago: executing program 0 (id=9651): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000002740)=ANY=[@ANYBLOB="140000001300015b993dde440113e90005"], 0x14}], 0x1}, 0x0) 549.616818ms ago: executing program 1 (id=9652): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000002bc0)={0x0, 0x0, &(0x7f0000002b80)={&(0x7f0000002980)=@dellink={0x34, 0x11, 0x1, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0xc0, 0x1400}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'wg2\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000100}, 0x40004) 506.0073ms ago: executing program 5 (id=9653): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000006d0001002cbd7000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="200000007cc00100140035006970766c616e310000000000000000001800348014"], 0x4c}, 0x1, 0x0, 0x0, 0x240080c5}, 0x2800004c) 494.627551ms ago: executing program 4 (id=9654): r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) sendto$inet6(r0, &(0x7f00000000c0)="8000647dd3805bea", 0x8, 0x24044814, &(0x7f0000000800)={0xa, 0x6e20, 0x7e, @loopback={0xfec0ffffffffffff}, 0x3}, 0x1c) 446.540003ms ago: executing program 3 (id=9655): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000180)={0x0, 0x4, 0x0, 0x0, 0x3, 0x10, 0x3, 0xff}, 0xe) 300.214292ms ago: executing program 0 (id=9656): r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x141042, 0x0) preadv2(r0, &(0x7f0000000e40)=[{&(0x7f0000000780)=""/69, 0x45}], 0x1, 0x3, 0x9, 0xa) 226.032077ms ago: executing program 4 (id=9657): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400600142603600e1208000b0000000401a8001600a400014009000200036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) 225.866637ms ago: executing program 5 (id=9658): r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/devices.allow\x00', 0xd90998cc3814216e, 0x12b) write$cgroup_devices(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='c *'], 0xa) 221.324167ms ago: executing program 3 (id=9659): r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201100153a42908f00a71729188010203010902240001060000000904020002ffffff0009050b0000000000000905", @ANYRES16=r0], 0x0) 106.980123ms ago: executing program 0 (id=9660): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7030000000000008500000012000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000340)="c1dfb080cd21d308098ee68886dd", 0x0, 0xadf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 48.409647ms ago: executing program 4 (id=9661): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x1412, 0x1}, 0x10}}, 0x0) 710.46µs ago: executing program 1 (id=9662): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) fcntl$setstatus(r0, 0x4, 0x2c00) 0s ago: executing program 5 (id=9663): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c832, 0xffffffffffffffff, 0x0) select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)) kernel console output (not intermixed with test programs): ][ T2120] usb 1-1: config 0 descriptor?? [ 544.132798][T21650] EXT4-fs: Ignoring removed nobh option [ 544.197910][T21650] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 544.239862][T21650] ext4 filesystem being mounted at /1587/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 544.428156][ T4276] EXT4-fs (loop3): unmounting filesystem. [ 544.547050][T21665] printk: syz.3.8014 (21665): Attempt to access syslog with CAP_SYS_ADMIN but no CAP_SYSLOG (deprecated). [ 544.588611][ T7931] usb 1-1: USB disconnect, device number 38 [ 544.739894][T21671] loop4: detected capacity change from 0 to 2048 [ 544.826625][T21671] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 544.934344][T21679] netlink: 'syz.3.8021': attribute type 21 has an invalid length. [ 544.961784][T21679] netlink: 132 bytes leftover after parsing attributes in process `syz.3.8021'. [ 545.601588][T11471] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 545.800514][T21720] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 545.813005][T11471] usb 1-1: config 220 has an invalid interface number: 76 but max is 2 [ 545.820646][ T2120] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 545.837647][T11471] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 545.855854][T11471] usb 1-1: config 220 has no interface number 2 [ 545.866131][T11471] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 545.894020][T11471] usb 1-1: config 220 interface 0 has no altsetting 0 [ 545.921584][T11471] usb 1-1: config 220 interface 76 has no altsetting 0 [ 545.928489][T11471] usb 1-1: config 220 interface 1 has no altsetting 0 [ 545.993839][T11471] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 546.024557][T11471] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 546.038905][ T2120] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 546.043088][T11471] usb 1-1: Product: syz [ 546.064344][T11471] usb 1-1: Manufacturer: syz [ 546.068983][T11471] usb 1-1: SerialNumber: syz [ 546.070365][ T2120] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 546.111304][ T2120] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 546.150116][ T2120] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 546.195727][ T2120] usb 6-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 546.216175][ T2120] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 546.226692][ T2120] usb 6-1: Product: syz [ 546.230885][ T2120] usb 6-1: Manufacturer: syz [ 546.243787][ T2120] usb 6-1: SerialNumber: syz [ 546.267756][ T2120] usb 6-1: config 0 descriptor?? [ 546.332315][T11471] usb 1-1: selecting invalid altsetting 0 [ 546.338590][T11471] usb 1-1: Found UVC 7.01 device syz (8086:0b07) [ 546.369637][T11471] usb 1-1: No valid video chain found. [ 546.420462][T11471] usb 1-1: selecting invalid altsetting 0 [ 546.431918][T11471] usbtest: probe of 1-1:220.1 failed with error -22 [ 546.462950][T11471] usb 1-1: USB disconnect, device number 39 [ 546.491883][ T2120] adutux 6-1:0.0: Could not retrieve serial number [ 546.498514][ T2120] adutux: probe of 6-1:0.0 failed with error -5 [ 546.574502][T21742] loop1: detected capacity change from 0 to 128 [ 546.634177][T21746] loop3: detected capacity change from 0 to 16 [ 546.661160][T21746] erofs: (device loop3): mounted with root inode @ nid 36. [ 546.686601][T21746] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 546.740398][ T27] kauditd_printk_skb: 2 callbacks suppressed [ 546.740414][ T27] audit: type=1107 audit(2000000369.169:266): pid=21747 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='>' [ 546.761691][T21746] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 546.781052][ T2120] usb 6-1: USB disconnect, device number 2 [ 546.816196][T21746] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 546.871605][T21746] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 546.881200][T21746] erofs: (device loop3): z_erofs_read_folio: failed to read, err [-117] [ 546.995546][T21754] loop0: detected capacity change from 0 to 256 [ 547.045524][T21754] exfat: Deprecated parameter 'namecase' [ 547.092773][T21754] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 547.532599][T21778] netlink: 6 bytes leftover after parsing attributes in process `syz.5.8069'. [ 547.573066][T21778] netlink: 6 bytes leftover after parsing attributes in process `syz.5.8069'. [ 547.853926][ T27] audit: type=1326 audit(2000000370.289:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21793 comm="syz.4.8078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f967ed9aeb9 code=0x7ffc0000 [ 547.931547][ T27] audit: type=1326 audit(2000000370.289:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21793 comm="syz.4.8078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7f967ed9aeb9 code=0x7ffc0000 [ 548.013092][T21800] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8080'. [ 548.039348][T21800] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8080'. [ 548.040610][ T27] audit: type=1326 audit(2000000370.289:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21793 comm="syz.4.8078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f967ed9aeb9 code=0x7ffc0000 [ 548.048695][ T2120] usb 1-1: new high-speed USB device number 40 using dummy_hcd [ 548.138299][ T27] audit: type=1326 audit(2000000370.289:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21793 comm="syz.4.8078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f967ed9aeb9 code=0x7ffc0000 [ 548.258527][T21812] loop4: detected capacity change from 0 to 256 [ 548.321696][ T2120] usb 1-1: Using ep0 maxpacket: 8 [ 548.328960][ T2120] usb 1-1: unable to get BOS descriptor or descriptor too short [ 548.355027][ T2120] usb 1-1: config 8 has an invalid interface number: 24 but max is 0 [ 548.379169][ T2120] usb 1-1: config 8 has no interface number 0 [ 548.391949][ T2120] usb 1-1: config 8 interface 24 altsetting 2 endpoint 0xE has invalid maxpacket 1535, setting to 1024 [ 548.414246][T21812] FAT-fs (loop4): Directory bread(block 64) failed [ 548.420988][T21812] FAT-fs (loop4): Directory bread(block 65) failed [ 548.427832][ T2120] usb 1-1: config 8 interface 24 altsetting 2 endpoint 0x85 has an invalid bInterval 255, changing to 11 [ 548.452811][ T2120] usb 1-1: config 8 interface 24 has no altsetting 0 [ 548.488245][T21812] FAT-fs (loop4): Directory bread(block 66) failed [ 548.497251][ T2120] usb 1-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=75.af [ 548.508207][T21812] FAT-fs (loop4): Directory bread(block 67) failed [ 548.530516][ T2120] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 548.533374][T21812] FAT-fs (loop4): Directory bread(block 68) failed [ 548.553097][ T2120] usb 1-1: Product: syz [ 548.571438][ T2120] usb 1-1: Manufacturer: syz [ 548.576079][ T2120] usb 1-1: SerialNumber: syz [ 548.612991][T21789] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 548.615958][T21812] FAT-fs (loop4): Directory bread(block 69) failed [ 548.691018][T21812] FAT-fs (loop4): Directory bread(block 70) failed [ 548.700163][T21812] FAT-fs (loop4): Directory bread(block 71) failed [ 548.707607][T21812] FAT-fs (loop4): Directory bread(block 72) failed [ 548.716494][T21812] FAT-fs (loop4): Directory bread(block 73) failed [ 548.850345][ T2120] comedi comedi5: driver 'vmk80xx' has successfully auto-configured 'K8055 (VM110)'. [ 548.896530][ T2120] usb 1-1: USB disconnect, device number 40 [ 548.911286][T21812] syz.4.8086: attempt to access beyond end of device [ 548.911286][T21812] loop4: rw=524288, sector=1160, nr_sectors = 4 limit=256 [ 548.911433][ T22] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 548.935231][T21812] syz.4.8086: attempt to access beyond end of device [ 548.935231][T21812] loop4: rw=0, sector=1160, nr_sectors = 4 limit=256 [ 548.972028][ T27] audit: type=1800 audit(2000000371.409:271): pid=21812 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.8086" name="file0" dev="loop4" ino=1048686 res=0 errno=0 [ 549.076372][T21835] netlink: 'syz.5.8097': attribute type 21 has an invalid length. [ 549.084762][T21835] netlink: 152 bytes leftover after parsing attributes in process `syz.5.8097'. [ 549.152513][ T22] usb 4-1: Using ep0 maxpacket: 8 [ 549.161064][ T22] usb 4-1: config 0 interface 0 has no altsetting 0 [ 549.179179][ T22] usb 4-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 549.197280][ T22] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 549.206153][ T22] usb 4-1: Product: syz [ 549.210488][ T22] usb 4-1: Manufacturer: syz [ 549.215492][ T22] usb 4-1: SerialNumber: syz [ 549.233295][ T22] usb 4-1: config 0 descriptor?? [ 549.264542][ T22] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 found [ 549.456787][ T22] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 now disconnected [ 549.493243][ T22] snd_usb_toneport: probe of 4-1:0.0 failed with error -22 [ 549.674993][ T22] usb 4-1: USB disconnect, device number 41 [ 549.995738][T21872] netlink: 64985 bytes leftover after parsing attributes in process `syz.0.8115'. [ 550.251477][ T22] usb 2-1: new full-speed USB device number 23 using dummy_hcd [ 550.364065][T21863] loop5: detected capacity change from 0 to 32768 [ 550.428175][T21863] jfs_lookup: iget failed on inum 32 [ 550.454740][T21863] jfs_lookup: iget failed on inum 32 [ 550.470058][ T22] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 550.516463][ T22] usb 2-1: config 0 interface 0 has no altsetting 0 [ 550.540167][ T22] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 550.546710][T21891] tmpfs: Bad value for 'mpol' [ 550.555306][ T22] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 550.612209][ T22] usb 2-1: Product: syz [ 550.621677][ T22] usb 2-1: Manufacturer: syz [ 550.626321][ T22] usb 2-1: SerialNumber: syz [ 550.668298][ T22] usb 2-1: config 0 descriptor?? [ 550.691202][ T22] usb 2-1: selecting invalid altsetting 0 [ 550.858120][T21902] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8130'. [ 550.927502][T21900] loop5: detected capacity change from 0 to 4096 [ 550.971578][ T22] usb 2-1: USB disconnect, device number 23 [ 550.977915][T21900] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 551.427535][T21922] netlink: 'syz.5.8139': attribute type 29 has an invalid length. [ 551.451906][T21922] netlink: 'syz.5.8139': attribute type 29 has an invalid length. [ 551.610636][T21927] xt_recent: hitcount (262144) is larger than allowed maximum (255) [ 551.737314][T21932] netlink: 'syz.5.8145': attribute type 21 has an invalid length. [ 551.752143][T21932] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8145'. [ 552.694348][T21982] afs: Bad value for 'source' [ 552.706925][T21973] xt_CT: No such helper "pptp" [ 553.121648][T21998] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8177'. [ 553.214050][T22003] ipt_REJECT: TCP_RESET invalid for non-tcp [ 553.282406][T22006] loop5: detected capacity change from 0 to 16 [ 553.312588][T22008] device wlan0 left promiscuous mode [ 553.324746][T22008] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 553.352173][T22006] erofs: (device loop5): mounted with root inode @ nid 36. [ 553.724805][ T27] audit: type=1326 audit(2000000376.159:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22021 comm="syz.0.8189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234e59aeb9 code=0x7ffc0000 [ 553.796438][ T27] audit: type=1326 audit(2000000376.159:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22021 comm="syz.0.8189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f234e59aeb9 code=0x7ffc0000 [ 553.952455][ T27] audit: type=1326 audit(2000000376.159:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22021 comm="syz.0.8189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234e59aeb9 code=0x7ffc0000 [ 553.974809][ C0] vkms_vblank_simulate: vblank timer overrun [ 554.048977][ T27] audit: type=1326 audit(2000000376.159:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22021 comm="syz.0.8189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234e59aeb9 code=0x7ffc0000 [ 554.094481][T22033] loop0: detected capacity change from 0 to 4096 [ 554.099970][ T27] audit: type=1326 audit(2000000376.469:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22034 comm="syz.4.8195" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f967ed9aeb9 code=0x0 [ 554.122652][ C0] vkms_vblank_simulate: vblank timer overrun [ 554.143293][T22033] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 554.710040][T22027] loop1: detected capacity change from 0 to 32768 [ 554.832501][T22027] XFS (loop1): Mounting V5 Filesystem [ 554.841784][ T4326] usb 1-1: new high-speed USB device number 41 using dummy_hcd [ 554.949006][T22073] loop3: detected capacity change from 0 to 4096 [ 554.981660][T22073] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 555.002693][T22027] XFS (loop1): Ending clean mount [ 555.022175][T22027] XFS (loop1): Quotacheck needed: Please wait. [ 555.041586][T22073] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 555.042038][ T4326] usb 1-1: too many configurations: 112, using maximum allowed: 8 [ 555.067208][T22073] ntfs: (device loop3): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 555.089102][T22073] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 555.132497][T22073] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 555.142783][ T4326] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 555.184055][T22073] ntfs: volume version 3.1. [ 555.226891][ T4326] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 555.252157][T22027] XFS (loop1): Quotacheck: Done. [ 555.312200][ T4326] usb 1-1: Product: syz [ 555.316452][ T4326] usb 1-1: Manufacturer: syz [ 555.321107][ T4326] usb 1-1: SerialNumber: syz [ 555.445000][ T4270] XFS (loop1): Unmounting Filesystem [ 555.496292][T22083] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 555.803142][ T4326] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71 [ 555.840155][ T4326] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000098. ret = -71 [ 555.859417][ T4326] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71 [ 555.882090][ T4326] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 555.940790][ T4326] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 555.994453][ T4326] lan78xx: probe of 1-1:1.0 failed with error -71 [ 556.019597][ T4326] usb 1-1: USB disconnect, device number 41 [ 556.298494][T22110] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8217'. [ 556.498309][ T4326] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 556.589164][T22121] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8233'. [ 556.606779][T22121] netlink: 312 bytes leftover after parsing attributes in process `syz.3.8233'. [ 556.619637][T22121] netlink: 'syz.3.8233': attribute type 1 has an invalid length. [ 556.629534][T22118] loop1: detected capacity change from 0 to 4096 [ 556.660127][T22118] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 556.721694][ T4326] usb 5-1: Using ep0 maxpacket: 32 [ 556.729266][ T4326] usb 5-1: config 0 has an invalid interface number: 16 but max is 0 [ 556.789071][ T4326] usb 5-1: config 0 has no interface number 0 [ 556.819198][T22118] ntfs3: loop1: failed to convert "c46c" to iso8859-2 [ 556.821422][ T4326] usb 5-1: config 0 interface 16 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 556.885820][ T4326] usb 5-1: config 0 interface 16 altsetting 0 endpoint 0x82 has invalid maxpacket 26159, setting to 1024 [ 556.938142][ T4326] usb 5-1: config 0 interface 16 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 556.978880][ T4326] usb 5-1: New USB device found, idVendor=0499, idProduct=102a, bcdDevice=85.2d [ 556.999371][ T4326] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 557.037383][ T4326] usb 5-1: Product: syz [ 557.056570][ T4326] usb 5-1: Manufacturer: syz [ 557.066747][ T4326] usb 5-1: SerialNumber: syz [ 557.098505][ T4326] usb 5-1: config 0 descriptor?? [ 557.121099][T22104] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 557.134534][T22104] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 557.335803][T22145] loop5: detected capacity change from 0 to 1764 [ 557.387196][ T5354] usb 5-1: USB disconnect, device number 33 [ 557.530444][T22149] loop3: detected capacity change from 0 to 2048 [ 557.598469][T22152] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 557.775422][T22156] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 557.977611][T22162] binder: BC_ATTEMPT_ACQUIRE not supported [ 558.015694][T22162] binder: 22161:22162 ioctl c0306201 2000000001c0 returned -22 [ 558.118242][T22142] loop1: detected capacity change from 0 to 40427 [ 558.164537][T22142] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x3ffff [ 558.232461][T22142] F2FS-fs (loop1): invalid crc value [ 558.260832][T22142] F2FS-fs (loop1): Found nat_bits in checkpoint [ 558.412136][T22142] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 558.531028][T22142] syz.1.8244: attempt to access beyond end of device [ 558.531028][T22142] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 558.678852][ T4270] syz-executor: attempt to access beyond end of device [ 558.678852][ T4270] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 558.956001][T22168] loop5: detected capacity change from 0 to 32768 [ 559.051176][T22201] loop4: detected capacity change from 0 to 8 [ 559.057480][T22168] XFS (loop5): DAX unsupported by block device. Turning off DAX. [ 559.129085][T22168] XFS (loop5): Mounting V5 Filesystem [ 559.230949][T22211] libceph: resolve 'c0' (ret=-3): failed [ 559.317662][T22168] XFS (loop5): Ending clean mount [ 559.332879][T22168] XFS (loop5): Quotacheck needed: Please wait. [ 559.395515][T22168] XFS (loop5): Quotacheck: Done. [ 559.583444][T20933] XFS (loop5): Unmounting Filesystem [ 559.805591][T22231] device vlan0 entered promiscuous mode [ 560.011903][T22240] xt_bpf: check failed: parse error [ 560.276922][T22252] loop4: detected capacity change from 0 to 512 [ 560.316680][T22246] loop0: detected capacity change from 0 to 4096 [ 560.411014][T22252] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.8293: bg 0: block 248: padding at end of block bitmap is not set [ 560.486086][T22252] __quota_error: 11 callbacks suppressed [ 560.486106][T22252] Quota error (device loop4): write_blk: dquota write failed [ 560.519675][T22252] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 560.540443][T22252] EXT4-fs error (device loop4): ext4_acquire_dquot:6835: comm syz.4.8293: Failed to acquire dquot type 1 [ 560.540905][T22246] ntfs: volume version 3.1. [ 560.602166][T22252] EXT4-fs (loop4): 1 truncate cleaned up [ 560.607990][T22252] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 560.657854][T22252] ext4 filesystem being mounted at /1686/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 560.669584][T22263] x_tables: unsorted underflow at hook 2 [ 560.799203][T22252] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 560.895028][T22252] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 560.955977][T22252] EXT4-fs error (device loop4): ext4_acquire_dquot:6835: comm syz.4.8293: Failed to acquire dquot type 1 [ 561.066811][T22261] loop3: detected capacity change from 0 to 32768 [ 561.201917][ T2956] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-5 [ 561.204055][ T4275] EXT4-fs (loop4): unmounting filesystem. [ 561.212225][T22261] XFS (loop3): Mounting V5 Filesystem [ 561.249048][ T2956] EXT4-fs error (device loop4): ext4_release_dquot:6871: comm kworker/u4:5: Failed to release dquot type 1 [ 561.396884][T22261] XFS (loop3): Ending clean mount [ 561.404168][T22261] XFS (loop3): Quotacheck needed: Please wait. [ 561.591816][T22261] XFS (loop3): Quotacheck: Done. [ 561.621443][ T22] usb 1-1: new high-speed USB device number 42 using dummy_hcd [ 561.759359][ T4276] XFS (loop3): Unmounting Filesystem [ 561.811566][ T22] usb 1-1: Using ep0 maxpacket: 32 [ 561.818847][ T22] usb 1-1: unable to get BOS descriptor or descriptor too short [ 561.848961][ T22] usb 1-1: config 128 has an invalid interface number: 127 but max is 3 [ 561.870444][ T22] usb 1-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config [ 561.892960][ T22] usb 1-1: config 128 has 1 interface, different from the descriptor's value: 4 [ 561.902559][ T22] usb 1-1: config 128 has no interface number 0 [ 561.911701][ T22] usb 1-1: config 128 interface 127 altsetting 14 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 561.935643][ T22] usb 1-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid wMaxPacketSize 0 [ 561.946361][ T22] usb 1-1: config 128 interface 127 has no altsetting 0 [ 561.991042][ T22] usb 1-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55 [ 562.020176][ T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 562.051816][ T22] usb 1-1: Product: syz [ 562.056016][ T22] usb 1-1: Manufacturer: syz [ 562.060623][ T22] usb 1-1: SerialNumber: syz [ 562.075842][T22306] program syz.4.8314 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 562.358880][ T22] usb 1-1: USB disconnect, device number 42 [ 562.475737][ T27] audit: type=1326 audit(2000000384.909:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22320 comm="syz.1.8321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bfb9aeb9 code=0x7ffc0000 [ 562.545184][ T27] audit: type=1326 audit(2000000384.919:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22320 comm="syz.1.8321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f76bfb9aeb9 code=0x7ffc0000 [ 562.584224][T20931] udevd[20931]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:128.127/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 562.600615][ T27] audit: type=1326 audit(2000000384.919:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22320 comm="syz.1.8321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bfb9aeb9 code=0x7ffc0000 [ 562.600652][ T27] audit: type=1326 audit(2000000384.919:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22320 comm="syz.1.8321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bfb9aeb9 code=0x7ffc0000 [ 562.776791][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.783178][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.331496][T11471] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 563.535031][T11471] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 563.552505][T11471] usb 6-1: New USB device found, idVendor=0403, idProduct=fa78, bcdDevice= 1.ff [ 563.609025][T11471] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 563.641578][T11471] usb 6-1: SerialNumber: syz [ 563.665803][T22367] loop4: detected capacity change from 0 to 256 [ 563.682242][T11471] usb 6-1: config 0 descriptor?? [ 563.692590][T11471] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected [ 563.700782][T11471] usb 6-1: Detected SIO [ 563.717923][T22367] exfat: Deprecated parameter 'utf8' [ 563.728725][T22367] exfat: Deprecated parameter 'utf8' [ 563.743711][T11471] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 563.755401][T22367] exfat: Deprecated parameter 'namecase' [ 563.778518][T22367] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x5f26ded4, utbl_chksum : 0xe619d30d) [ 563.900344][T11471] usb 6-1: USB disconnect, device number 3 [ 563.929554][T11471] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 563.952076][T11471] ftdi_sio 6-1:0.0: device disconnected [ 564.531504][T11471] usb 4-1: new full-speed USB device number 42 using dummy_hcd [ 564.766484][ T5360] usb 1-1: new high-speed USB device number 43 using dummy_hcd [ 564.832703][T11471] usb 4-1: config 0 has an invalid interface number: 64 but max is 0 [ 564.841021][T11471] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 564.863200][T11471] usb 4-1: config 0 has no interface number 0 [ 564.882950][T11471] usb 4-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 564.901456][T11471] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 564.909657][T11471] usb 4-1: Product: syz [ 564.921469][T11471] usb 4-1: Manufacturer: syz [ 564.926116][T11471] usb 4-1: SerialNumber: syz [ 564.947021][T11471] usb 4-1: config 0 descriptor?? [ 564.981547][ T5360] usb 1-1: Using ep0 maxpacket: 16 [ 564.988619][ T5360] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 565.018966][ T5360] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 565.049246][ T5360] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 565.070991][ T5360] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 565.099360][ T5360] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 565.121435][ T5360] usb 1-1: Product: syz [ 565.131573][ T5360] usb 1-1: Manufacturer: syz [ 565.136215][ T5360] usb 1-1: SerialNumber: syz [ 565.159493][T11471] usb 4-1: Found UVC 0.00 device syz (046d:0823) [ 565.174850][T11471] usb 4-1: No valid video chain found. [ 565.187646][T11471] usb 4-1: USB disconnect, device number 42 [ 565.604340][ T5360] usb 1-1: 0:2 : does not exist [ 565.624682][ T5360] usb 1-1: USB disconnect, device number 43 [ 565.709764][T22431] loop5: detected capacity change from 0 to 4096 [ 565.727262][T22431] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 565.744780][T22431] ntfs3: loop5: try to read out of volume at offset 0xffffffff0000 [ 565.850228][T22437] netlink: 'syz.3.8379': attribute type 2 has an invalid length. [ 566.358606][T22457] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8389'. [ 566.481956][T22462] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8392'. [ 566.572527][T22465] ceph: No source [ 566.617464][T22469] loop4: detected capacity change from 0 to 512 [ 566.676161][T22469] EXT4-fs error (device loop4): ext4_orphan_get:1425: comm syz.4.8395: bad orphan inode 13 [ 566.687293][T22469] ext4_test_bit(bit=12, block=4) = 1 [ 566.693049][T22469] is_bad_inode(inode)=0 [ 566.697367][T22469] NEXT_ORPHAN(inode)=0 [ 566.701809][T22469] max_ino=32 [ 566.705026][T22469] i_nlink=1 [ 566.708337][T22469] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 566.725607][T22469] EXT4-fs warning (device loop4): dx_probe:833: inode #2: comm syz.4.8395: Unrecognised inode hash code 20 [ 566.741899][T22469] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.8395: Corrupt directory, running e2fsck is recommended [ 566.755898][T22469] EXT4-fs warning (device loop4): dx_probe:833: inode #2: comm syz.4.8395: Unrecognised inode hash code 20 [ 566.769352][T22469] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.8395: Corrupt directory, running e2fsck is recommended [ 566.811974][ T4275] EXT4-fs (loop4): unmounting filesystem. [ 566.946904][T22479] netlink: 129384 bytes leftover after parsing attributes in process `syz.3.8399'. [ 567.368321][T22497] loop0: detected capacity change from 0 to 4096 [ 567.447419][T22497] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 567.552420][T22497] ntfs3: loop0: Failed to load $Extend. [ 567.720299][T22515] autofs4:pid:22515:autofs_fill_super: called with bogus options [ 567.850447][T22518] loop0: detected capacity change from 0 to 256 [ 567.978516][T22518] FAT-fs (loop0): Directory bread(block 64) failed [ 567.992825][T22518] FAT-fs (loop0): Directory bread(block 65) failed [ 568.009701][T22518] FAT-fs (loop0): Directory bread(block 66) failed [ 568.029986][T22518] FAT-fs (loop0): Directory bread(block 67) failed [ 568.066541][T22518] FAT-fs (loop0): Directory bread(block 68) failed [ 568.093607][T22518] FAT-fs (loop0): Directory bread(block 69) failed [ 568.134263][T22518] FAT-fs (loop0): Directory bread(block 70) failed [ 568.140849][T22518] FAT-fs (loop0): Directory bread(block 71) failed [ 568.191789][T22518] FAT-fs (loop0): Directory bread(block 72) failed [ 568.198435][T22518] FAT-fs (loop0): Directory bread(block 73) failed [ 568.261432][ T4326] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 568.451418][ T4326] usb 2-1: Using ep0 maxpacket: 8 [ 568.458567][ T4326] usb 2-1: config 135 has an invalid interface number: 230 but max is 0 [ 568.491489][ T4326] usb 2-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 568.507999][ T4326] usb 2-1: config 135 has no interface number 0 [ 568.515100][ T4326] usb 2-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30 [ 568.526903][ T4326] usb 2-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53 [ 568.540831][ T4326] usb 2-1: config 135 interface 230 has no altsetting 0 [ 568.557646][ T4326] usb 2-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 568.600599][ T4326] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 568.628019][ T4326] usb 2-1: Product: syz [ 568.646382][ T4326] usb 2-1: Manufacturer: syz [ 568.661060][ T4326] usb 2-1: SerialNumber: syz [ 568.668880][T22543] loop0: detected capacity change from 0 to 256 [ 568.895562][ T4326] usb 2-1: Found UVC 0.00 device syz (18ec:3288) [ 568.904594][ T4326] usb 2-1: No valid video chain found. [ 568.938558][ T4326] usb 2-1: USB disconnect, device number 24 [ 568.974268][T22555] netlink: 3648 bytes leftover after parsing attributes in process `syz.0.8434'. [ 569.030421][T22555] netlink: 3648 bytes leftover after parsing attributes in process `syz.0.8434'. [ 569.612678][T22594] loop0: detected capacity change from 0 to 128 [ 569.619854][T22594] EXT4-fs: Ignoring removed nobh option [ 569.781254][T22594] EXT4-fs (loop0): Test dummy encryption mode enabled [ 569.801822][T22594] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal [ 570.121480][ T22] usb 1-1: new high-speed USB device number 44 using dummy_hcd [ 570.189769][T22613] xt_bpf: check failed: parse error [ 570.327185][ T22] usb 1-1: Using ep0 maxpacket: 8 [ 570.338111][ T22] usb 1-1: config 0 has an invalid interface number: 31 but max is 0 [ 570.356768][ T22] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 570.408270][ T22] usb 1-1: config 0 has no interface number 0 [ 570.433167][ T22] usb 1-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 570.485255][ T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 570.502172][ T22] usb 1-1: Product: syz [ 570.506411][ T22] usb 1-1: Manufacturer: syz [ 570.520071][ T22] usb 1-1: SerialNumber: syz [ 570.550298][ T22] usb 1-1: config 0 descriptor?? [ 570.672805][T22635] bridge0: port 1(bridge_slave_0) entered forwarding state [ 570.731391][ T4326] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 570.795888][ T4319] usb 1-1: USB disconnect, device number 44 [ 570.854688][T22637] loop5: detected capacity change from 0 to 4096 [ 570.894172][T22643] i2c i2c-0: Invalid block write size 252 [ 570.900176][T22637] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 570.951519][ T4326] usb 5-1: Using ep0 maxpacket: 16 [ 570.962811][ T4326] usb 5-1: New USB device found, idVendor=0403, idProduct=b8d8, bcdDevice=30.bb [ 570.980356][ T4326] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 571.002208][ T4326] usb 5-1: Product: syz [ 571.006416][ T4326] usb 5-1: Manufacturer: syz [ 571.019749][ T4326] usb 5-1: SerialNumber: syz [ 571.104409][T22647] overlayfs: missing 'lowerdir' [ 571.162977][T20933] ntfs3: loop5: ntfs_evict_inode r=1e failed, -22. [ 571.184667][T20933] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 571.259837][ C0] raw-gadget.1 gadget.4: ignoring, device is not running [ 571.267413][ C0] raw-gadget.1 gadget.4: ignoring, device is not running [ 571.275344][ C0] raw-gadget.1 gadget.4: ignoring, device is not running [ 571.282970][ C0] raw-gadget.1 gadget.4: ignoring, device is not running [ 571.291064][ C0] raw-gadget.1 gadget.4: ignoring, device is not running [ 571.298803][ C0] raw-gadget.1 gadget.4: ignoring, device is not running [ 571.306357][ C0] raw-gadget.1 gadget.4: ignoring, device is not running [ 571.313795][ C0] raw-gadget.1 gadget.4: ignoring, device is not running [ 571.339312][ C0] raw-gadget.1 gadget.4: ignoring, device is not running [ 571.361447][ T4326] snd-usb-audio: probe of 5-1:222.0 failed with error -71 [ 571.377684][ T4326] usb 5-1: USB disconnect, device number 34 [ 571.663445][T20923] udevd[20923]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:222.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 571.830122][ T27] audit: type=1326 audit(2000000394.259:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22668 comm="syz.1.8476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bfb9aeb9 code=0x7ffc0000 [ 571.860621][T22663] loop3: detected capacity change from 0 to 4096 [ 571.892080][ T27] audit: type=1326 audit(2000000394.259:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22668 comm="syz.1.8476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f76bfb9c747 code=0x7ffc0000 [ 571.897749][T22663] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 571.979297][ T27] audit: type=1326 audit(2000000394.259:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22668 comm="syz.1.8476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f76bfb5b78e code=0x7ffc0000 [ 572.070446][ T27] audit: type=1326 audit(2000000394.259:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22668 comm="syz.1.8476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f76bfb5b78e code=0x7ffc0000 [ 572.161436][ T27] audit: type=1326 audit(2000000394.259:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22668 comm="syz.1.8476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f76bfb5b78e code=0x7ffc0000 [ 572.270935][ T27] audit: type=1326 audit(2000000394.259:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22668 comm="syz.1.8476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f76bfb5b78e code=0x7ffc0000 [ 572.338867][ T27] audit: type=1326 audit(2000000394.259:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22668 comm="syz.1.8476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bfb9aeb9 code=0x7ffc0000 [ 572.536439][T22689] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8487'. [ 572.557100][T22689] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8487'. [ 572.685499][ T27] audit: type=1326 audit(2000000395.119:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22694 comm="syz.3.8489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f1279aeb9 code=0x7ffc0000 [ 572.779546][ T27] audit: type=1326 audit(2000000395.179:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22694 comm="syz.3.8489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f1f1279aeb9 code=0x7ffc0000 [ 572.892808][ T27] audit: type=1326 audit(2000000395.179:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22694 comm="syz.3.8489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f1279aeb9 code=0x7ffc0000 [ 572.988170][T22673] loop0: detected capacity change from 0 to 40427 [ 573.037472][T22707] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 573.045678][T22673] F2FS-fs (loop0): build fault injection attr: rate: 771, type: 0x3ffff [ 573.090767][T22707] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 573.101977][T22673] F2FS-fs (loop0): invalid crc value [ 573.133081][T22673] F2FS-fs (loop0): Found nat_bits in checkpoint [ 573.289221][T22673] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 573.805627][T22738] netlink: 'syz.5.8510': attribute type 1 has an invalid length. [ 573.837003][T22738] netlink: 192 bytes leftover after parsing attributes in process `syz.5.8510'. [ 573.871523][ T4319] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 574.008942][T22744] loop5: detected capacity change from 0 to 512 [ 574.061448][ T4319] usb 4-1: Using ep0 maxpacket: 32 [ 574.081209][T22744] EXT4-fs error (device loop5): ext4_orphan_get:1425: comm syz.5.8512: bad orphan inode 13 [ 574.099006][ T4319] usb 4-1: config index 0 descriptor too short (expected 35577, got 27) [ 574.137916][ T4319] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 574.171909][T22744] ext4_test_bit(bit=12, block=4) = 1 [ 574.177265][T22744] is_bad_inode(inode)=0 [ 574.190475][T22734] loop1: detected capacity change from 0 to 32768 [ 574.201763][ T4319] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 574.210838][ T4319] usb 4-1: config 1 has no interface number 0 [ 574.236703][T22734] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.8509 (22734) [ 574.251175][T22744] NEXT_ORPHAN(inode)=0 [ 574.279860][T22744] max_ino=32 [ 574.285230][ T4319] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 574.298405][T22744] i_nlink=1 [ 574.301750][T22744] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 574.310395][ T4319] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 574.337110][ T4319] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 574.350205][ T4319] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 574.365445][T22744] EXT4-fs warning (device loop5): dx_probe:833: inode #2: comm syz.5.8512: Unrecognised inode hash code 20 [ 574.397413][ T4319] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 574.426022][T22734] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 574.427880][ T4319] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found [ 574.444533][T22734] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 574.453809][T22744] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.8512: Corrupt directory, running e2fsck is recommended [ 574.479726][T22734] BTRFS info (device loop1): setting nodatacow, compression disabled [ 574.502343][T22744] EXT4-fs warning (device loop5): dx_probe:833: inode #2: comm syz.5.8512: Unrecognised inode hash code 20 [ 574.508380][T22734] BTRFS info (device loop1): force clearing of disk cache [ 574.523446][T22744] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.8512: Corrupt directory, running e2fsck is recommended [ 574.544568][T22734] BTRFS info (device loop1): enabling ssd optimizations [ 574.570821][T22734] BTRFS info (device loop1): using spread ssd allocation scheme [ 574.599027][T22734] BTRFS info (device loop1): turning off barriers [ 574.634532][ T4319] snd_usb_pod 4-1:1.1: cannot start listening: -90 [ 574.661244][ T4319] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected [ 574.680041][T22734] BTRFS info (device loop1): disabling free space tree [ 574.680452][ T4319] snd_usb_pod: probe of 4-1:1.1 failed with error -90 [ 574.692542][T22734] BTRFS info (device loop1): not using ssd optimizations [ 574.726360][T22734] BTRFS info (device loop1): not using spread ssd allocation scheme [ 574.863604][ T4319] usb 4-1: USB disconnect, device number 43 [ 574.917715][T22734] BTRFS info (device loop1): rebuilding free space tree [ 574.946971][T22734] BTRFS info (device loop1): disabling free space tree [ 574.954520][T22734] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 574.966733][T22734] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 575.130052][T20933] EXT4-fs (loop5): unmounting filesystem. [ 575.374294][ T4270] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 575.453452][T22783] ieee802154 phy0 wpan0: encryption failed: -90 [ 576.059624][T22801] loop5: detected capacity change from 0 to 1764 [ 576.140893][T22801] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 576.720524][T22795] loop3: detected capacity change from 0 to 32768 [ 576.828329][T22836] netlink: 'syz.1.8545': attribute type 5 has an invalid length. [ 576.910597][T22795] XFS (loop3): Mounting V5 Filesystem [ 577.045110][T22850] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8552'. [ 577.054326][T22850] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8552'. [ 577.065131][T22850] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8552'. [ 577.124870][T22795] XFS (loop3): Ending clean mount [ 577.159697][T22795] XFS (loop3): Quotacheck needed: Please wait. [ 577.245754][T22795] XFS (loop3): Quotacheck: Done. [ 577.360992][T22862] loop0: detected capacity change from 0 to 64 [ 577.504257][ T4276] XFS (loop3): Unmounting Filesystem [ 577.529546][T22861] loop4: detected capacity change from 0 to 8192 [ 577.614759][T22861] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 577.681623][T22861] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 577.724652][T22861] REISERFS (device loop4): using ordered data mode [ 577.731205][T22861] reiserfs: using flush barriers [ 577.778705][T22871] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8561'. [ 577.834522][T22861] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 577.901780][T22861] REISERFS (device loop4): checking transaction log (loop4) [ 577.943237][T22861] REISERFS (device loop4): Using r5 hash to sort names [ 577.950582][T22861] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 578.257919][T22885] loop5: detected capacity change from 0 to 2048 [ 578.362110][T22889] netlink: 144 bytes leftover after parsing attributes in process `syz.0.8571'. [ 578.437146][T22897] netlink: 1057 bytes leftover after parsing attributes in process `syz.4.8570'. [ 578.442699][T22885] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 578.493822][T22900] loop4: detected capacity change from 0 to 16 [ 578.501058][T22900] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 578.718383][T20933] EXT4-fs (loop5): unmounting filesystem. [ 578.805608][T22908] loop1: detected capacity change from 0 to 2048 [ 578.920470][T22908] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 579.011973][T22908] ext4 filesystem being mounted at /1766/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 579.065132][T22920] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8583'. [ 579.127363][T22908] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.8576: bg 0: block 345: padding at end of block bitmap is not set [ 579.161689][T22924] netlink: 'syz.5.8582': attribute type 27 has an invalid length. [ 579.430910][ T4270] EXT4-fs (loop1): unmounting filesystem. [ 579.560106][T22938] loop0: detected capacity change from 0 to 1764 [ 579.652640][T22938] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 579.928753][T22954] bridge4: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 579.985343][T22960] netlink: 'syz.3.8602': attribute type 1 has an invalid length. [ 580.094600][T22963] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8603'. [ 580.416882][ T22] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 580.604759][ T5360] usb 1-1: new high-speed USB device number 45 using dummy_hcd [ 580.624756][ T22] usb 5-1: unable to get BOS descriptor or descriptor too short [ 580.643255][ T22] usb 5-1: config 129 has an invalid interface number: 135 but max is 0 [ 580.666692][ T22] usb 5-1: config 129 has an invalid interface number: 5 but max is 0 [ 580.692441][ T22] usb 5-1: config 129 has 2 interfaces, different from the descriptor's value: 1 [ 580.721695][ T22] usb 5-1: config 129 has no interface number 0 [ 580.738211][ T22] usb 5-1: config 129 has no interface number 1 [ 580.752278][ T22] usb 5-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5 [ 580.782841][ T22] usb 5-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30 [ 580.804078][ T22] usb 5-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37 [ 580.829336][ T5360] usb 1-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 580.848784][ T5360] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 580.872818][ T22] usb 5-1: config 129 interface 135 has no altsetting 0 [ 580.889960][ T5360] usb 1-1: config 0 descriptor?? [ 580.901493][ T22] usb 5-1: config 129 interface 5 has no altsetting 0 [ 580.933678][ T5360] gspca_main: spca508-2.14.0 probing 8086:0110 [ 580.943148][ T22] usb 5-1: string descriptor 0 read error: -22 [ 580.958554][ T22] usb 5-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00 [ 580.977964][ T22] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 580.989195][T22999] loop1: detected capacity change from 0 to 64 [ 581.036141][ T22] usb 5-1: MIDIStreaming interface descriptor not found [ 581.116150][ T5360] gspca_spca508: reg_read err -71 [ 581.128715][ T5360] gspca_spca508: reg_read err -71 [ 581.152041][ T5360] gspca_spca508: reg_read err -71 [ 581.177747][ T5360] gspca_spca508: reg_read err -71 [ 581.201453][ T5360] gspca_spca508: reg_read err -71 [ 581.218215][ T5360] gspca_spca508: reg write: error -71 [ 581.249871][ T5360] spca508: probe of 1-1:0.0 failed with error -71 [ 581.306969][ T5360] usb 1-1: USB disconnect, device number 45 [ 581.315455][ T7934] usb 5-1: USB disconnect, device number 35 [ 581.659117][T23013] nvme_fabrics: missing parameter 'transport=%s' [ 581.667739][T23013] nvme_fabrics: missing parameter 'nqn=%s' [ 581.831524][ T126] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 582.049400][ T126] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 582.069452][ T126] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 582.109653][ T126] usb 6-1: Product: syz [ 582.129922][ T126] usb 6-1: Manufacturer: syz [ 582.164057][ T126] usb 6-1: SerialNumber: syz [ 582.187470][ T126] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 582.221391][ T5360] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 582.222465][ T126] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 582.432605][ T5360] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 582.466489][ C0] usb 6-1: ath: unknown panic pattern! [ 582.467080][ T5360] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 582.487402][ T5360] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 582.512074][ T5360] usb 4-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db [ 582.549495][ T5360] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 582.579739][ T5360] usb 4-1: config 0 descriptor?? [ 582.608016][ T5360] usb 4-1: bad CDC descriptors [ 582.618885][ T5360] usb 4-1: bad CDC descriptors [ 582.689057][ T22] usb 6-1: USB disconnect, device number 4 [ 582.837652][ T5360] usb 4-1: USB disconnect, device number 44 [ 583.056859][T23070] loop0: detected capacity change from 0 to 128 [ 583.115583][T23073] usb usb7: usbfs: process 23073 (syz.1.8656) did not claim interface 0 before use [ 583.146038][T23070] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 583.191674][T23077] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8658'. [ 583.191980][T23070] ext4 filesystem being mounted at /1690/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 583.221192][T23070] EXT4-fs error (device loop0): ext4_validate_block_bitmap:420: comm syz.0.8653: bg 0: bad block bitmap checksum [ 583.252370][T23077] netlink: zone id is out of range [ 583.262192][ T126] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 583.269222][ T126] ath9k_htc: Failed to initialize the device [ 583.298185][T23077] netlink: zone id is out of range [ 583.311558][T23077] netlink: zone id is out of range [ 583.316717][T23077] netlink: zone id is out of range [ 583.324793][ T22] usb 6-1: ath9k_htc: USB layer deinitialized [ 583.345308][ T4266] EXT4-fs (loop0): unmounting filesystem. [ 583.369961][T23077] netlink: zone id is out of range [ 583.388712][T23077] netlink: zone id is out of range [ 583.422137][T23077] netlink: zone id is out of range [ 583.441588][T23077] netlink: zone id is out of range [ 583.461441][T23077] netlink: zone id is out of range [ 583.491818][T23077] netlink: zone id is out of range [ 583.695591][T23095] netlink: 'syz.1.8666': attribute type 10 has an invalid length. [ 583.803155][T23101] netlink: 'syz.3.8669': attribute type 12 has an invalid length. [ 584.837128][T23143] loop5: detected capacity change from 0 to 4096 [ 584.893626][T23143] __ntfs_error: 1 callbacks suppressed [ 584.893645][T23143] ntfs: (device loop5): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 584.952849][T23143] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 585.033413][T23143] ntfs: (device loop5): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 585.078268][T23143] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 585.121645][T23143] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 585.150938][T23143] ntfs: volume version 3.1. [ 585.170723][T23143] ntfs: (device loop5): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 585.227598][T23143] ntfs: (device loop5): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 585.281196][T23143] ntfs: (device loop5): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 585.324756][T23143] ntfs: (device loop5): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 585.375555][T23143] ntfs: (device loop5): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 585.931425][ T22] usb 6-1: new full-speed USB device number 5 using dummy_hcd [ 586.053682][T23193] loop1: detected capacity change from 0 to 256 [ 586.124942][ T22] usb 6-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 586.145124][ T22] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 586.181632][ T22] usb 6-1: Product: syz [ 586.184311][T23175] loop3: detected capacity change from 0 to 32768 [ 586.196024][ T22] usb 6-1: Manufacturer: syz [ 586.200655][ T22] usb 6-1: SerialNumber: syz [ 586.204977][T23175] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.8706 (23175) [ 586.234842][ T22] usb 6-1: config 0 descriptor?? [ 586.259502][ T22] gspca_main: sq930x-2.14.0 probing 2770:930c [ 586.302932][T23175] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 586.380533][T23175] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 586.388131][T23199] IPv6: Can't replace route, no match found [ 586.448086][T23175] BTRFS info (device loop3): setting nodatacow, compression disabled [ 586.481730][T23175] BTRFS info (device loop3): force clearing of disk cache [ 586.488901][T23175] BTRFS info (device loop3): enabling ssd optimizations [ 586.568611][T23175] BTRFS info (device loop3): using spread ssd allocation scheme [ 586.591349][T23175] BTRFS info (device loop3): turning off barriers [ 586.597856][T23175] BTRFS info (device loop3): disabling free space tree [ 586.649621][ T22] gspca_sq930x: ucbus_write failed -71 [ 586.655365][T23175] BTRFS info (device loop3): not using ssd optimizations [ 586.691555][T23175] BTRFS info (device loop3): not using spread ssd allocation scheme [ 586.848059][T23175] BTRFS info (device loop3): rebuilding free space tree [ 586.863187][T23230] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8725'. [ 586.891461][ T22] gspca_sq930x: Sensor ov9630 not yet treated [ 586.900381][ T22] sq930x: probe of 6-1:0.0 failed with error -22 [ 586.925809][T23175] BTRFS info (device loop3): disabling free space tree [ 586.961790][ T22] usb 6-1: USB disconnect, device number 5 [ 586.988038][T23175] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 587.031501][T23175] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 587.305729][T23245] loop1: detected capacity change from 0 to 64 [ 587.312051][ T4276] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 587.707338][T23258] netlink: 'syz.4.8740': attribute type 2 has an invalid length. [ 587.927836][T23262] loop0: detected capacity change from 0 to 4096 [ 587.966430][T23262] EXT4-fs: inline encryption not supported [ 588.049747][T23262] EXT4-fs (loop0): Test dummy encryption mode enabled [ 588.193044][T23262] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 588.389128][ T4266] EXT4-fs (loop0): unmounting filesystem. [ 589.059561][T23321] loop3: detected capacity change from 0 to 128 [ 589.148808][T23321] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 589.192259][T23321] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 589.797312][T23347] netlink: 168 bytes leftover after parsing attributes in process `syz.1.8780'. [ 589.836820][T23351] netlink: 'syz.5.8783': attribute type 8 has an invalid length. [ 590.294948][T23362] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=none,decodes=io+mem:owns=io+mem [ 590.342044][T23365] netlink: 124 bytes leftover after parsing attributes in process `syz.4.8790'. [ 590.357010][T23365] netlink: 'syz.4.8790': attribute type 3 has an invalid length. [ 590.391571][T11471] usb 2-1: new full-speed USB device number 25 using dummy_hcd [ 590.463623][T23371] netlink: 'syz.0.8792': attribute type 10 has an invalid length. [ 590.501472][T23371] netlink: 156 bytes leftover after parsing attributes in process `syz.0.8792'. [ 590.617242][T11471] usb 2-1: config 0 has an invalid interface number: 31 but max is 0 [ 590.641545][T11471] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 590.660993][T11471] usb 2-1: config 0 has no interface number 0 [ 590.696225][T11471] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 590.725409][T11471] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 590.739066][T11471] usb 2-1: Product: syz [ 590.746281][T11471] usb 2-1: Manufacturer: syz [ 590.776307][T11471] usb 2-1: SerialNumber: syz [ 590.797634][T11471] usb 2-1: config 0 descriptor?? [ 590.815690][T23379] loop3: detected capacity change from 0 to 136 [ 590.842149][T11471] hub 2-1:0.31: bad descriptor, ignoring hub [ 590.859406][T11471] hub: probe of 2-1:0.31 failed with error -5 [ 590.870014][T23379] Attempt to read inode for relocated directory [ 590.881094][T23379] syz.3.8794: attempt to access beyond end of device [ 590.881094][T23379] loop3: rw=524288, sector=335544428, nr_sectors = 4 limit=136 [ 590.903256][T11471] usb 2-1: Found UVC 0.04 device syz (046d:08c3) [ 590.909694][T11471] uvcvideo 2-1:0.31: Entity type for entity Output 6 was not initialized! [ 590.929801][T11471] usb 2-1: Failed to create links for entity 6 [ 590.937047][T23379] syz.3.8794: attempt to access beyond end of device [ 590.937047][T23379] loop3: rw=0, sector=335544428, nr_sectors = 4 limit=136 [ 590.961181][T11471] usb 2-1: Failed to register entities (-22). [ 590.975969][ T27] kauditd_printk_skb: 11 callbacks suppressed [ 590.975981][ T27] audit: type=1800 audit(2000000413.409:297): pid=23379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.8794" name="file1" dev="loop3" ino=1487 res=0 errno=0 [ 591.079261][T11471] usb 2-1: USB disconnect, device number 25 [ 591.133373][T23393] loop4: detected capacity change from 0 to 16 [ 591.213016][T23393] erofs: (device loop4): mounted with root inode @ nid 36. [ 591.234954][T23393] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 591.718162][T23407] netlink: 'syz.1.8811': attribute type 10 has an invalid length. [ 591.746657][T23407] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8811'. [ 591.819812][T23385] loop0: detected capacity change from 0 to 32768 [ 591.829588][T23407] team0: Port device geneve0 added [ 591.852925][T23391] loop5: detected capacity change from 0 to 32768 [ 591.892174][T23391] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 scanned by syz.5.8804 (23391) [ 591.992012][T23391] BTRFS info (device loop5): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 592.029303][T23391] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm [ 592.069768][T23391] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_LZO (0x8) [ 592.151419][T23391] BTRFS info (device loop5): use lzo compression, level 0 [ 592.158667][T23391] BTRFS info (device loop5): max_inline at 0 [ 592.211985][T23391] BTRFS info (device loop5): using free space tree [ 592.343613][T23432] loop3: detected capacity change from 0 to 256 [ 592.351193][T23432] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 592.395449][T23432] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d) [ 592.511402][ T5360] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 592.568202][T23445] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8822'. [ 592.577431][T23445] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8822'. [ 592.629238][T23391] BTRFS info (device loop5): enabling ssd optimizations [ 592.649874][T23449] xt_hashlimit: size too large, truncated to 1048576 [ 592.657200][T23449] xt_hashlimit: overflow, try lower: 0/0 [ 592.716785][T23391] BTRFS error (device loop5: state M): unrecognized mount option '0x000000000000000018446744073709551615' [ 592.731515][ T5360] usb 2-1: Using ep0 maxpacket: 32 [ 592.752426][ T5360] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16 [ 592.818599][ T5360] usb 2-1: New USB device found, idVendor=06d0, idProduct=0622, bcdDevice=3f.5a [ 592.852815][T20933] BTRFS info (device loop5): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 592.861471][ T5360] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 592.871058][ T5360] usb 2-1: Product: syz [ 592.921429][ T5360] usb 2-1: Manufacturer: syz [ 592.946389][ T5360] usb 2-1: SerialNumber: syz [ 592.956904][ T5360] usb 2-1: config 0 descriptor?? [ 593.005178][T23419] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 593.061022][T20931] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 9 /dev/loop5 scanned by udevd (20931) [ 593.243859][T23419] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 593.297609][ T5360] net1080 2-1:0.0 usb0: register 'net1080' at usb-dummy_hcd.1-1, NetChip TurboCONNECT, 7e:af:92:c8:6d:4b [ 593.325403][T23467] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8832'. [ 593.537959][ T2120] usb 2-1: USB disconnect, device number 26 [ 593.552270][ T2120] net1080 2-1:0.0 usb0: unregister 'net1080' usb-dummy_hcd.1-1, NetChip TurboCONNECT [ 593.762426][T23481] loop3: detected capacity change from 0 to 16 [ 593.789249][T23481] erofs: (device loop3): mounted with root inode @ nid 36. [ 594.083975][ T27] audit: type=1400 audit(2000000416.519:298): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=23493 comm="syz.0.8843" [ 594.505324][ T27] audit: type=1326 audit(2000000416.939:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23509 comm="syz.1.8853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bfb9aeb9 code=0x7ffc0000 [ 594.585236][T23515] net_ratelimit: 111 callbacks suppressed [ 594.599190][T23515] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 594.622365][ T27] audit: type=1326 audit(2000000416.989:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23509 comm="syz.1.8853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f76bfb9aeb9 code=0x7ffc0000 [ 594.751562][ T27] audit: type=1326 audit(2000000416.989:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23509 comm="syz.1.8853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bfb9aeb9 code=0x7ffc0000 [ 594.890460][ T27] audit: type=1326 audit(2000000416.989:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23509 comm="syz.1.8853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76bfb9aeb9 code=0x7ffc0000 [ 595.329212][T23551] loop3: detected capacity change from 0 to 256 [ 595.376789][T23553] loop5: detected capacity change from 0 to 1024 [ 595.425799][T23551] FAT-fs (loop3): Directory bread(block 64) failed [ 595.443129][T23553] hfsplus: catalog name length corrupted [ 595.461434][T23551] FAT-fs (loop3): Directory bread(block 65) failed [ 595.468110][T23551] FAT-fs (loop3): Directory bread(block 66) failed [ 595.492958][T23551] FAT-fs (loop3): Directory bread(block 67) failed [ 595.524773][T23551] FAT-fs (loop3): Directory bread(block 68) failed [ 595.559007][T23551] FAT-fs (loop3): Directory bread(block 69) failed [ 595.584998][T23551] FAT-fs (loop3): Directory bread(block 70) failed [ 595.597473][ T11] hfsplus: b-tree write err: -5, ino 4 [ 595.611146][T23551] FAT-fs (loop3): Directory bread(block 71) failed [ 595.655134][T23551] FAT-fs (loop3): Directory bread(block 72) failed [ 595.701641][T23551] FAT-fs (loop3): Directory bread(block 73) failed [ 595.811208][T23565] loop4: detected capacity change from 0 to 512 [ 595.958858][T23565] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 595.968564][T23571] netlink: 'syz.5.8874': attribute type 1 has an invalid length. [ 596.001695][T23565] ext4 filesystem being mounted at /1816/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 596.028827][T23571] netlink: 116376 bytes leftover after parsing attributes in process `syz.5.8874'. [ 596.302548][ T4275] EXT4-fs (loop4): unmounting filesystem. [ 596.450291][T23594] loop4: detected capacity change from 0 to 256 [ 596.478677][T23594] exfat: Deprecated parameter 'utf8' [ 596.541869][T23594] exFAT-fs (loop4): failed to read sector(0x800000078) [ 596.548853][T23594] exFAT-fs (loop4): failed to load upcase table [ 596.638498][T23594] exFAT-fs (loop4): failed to recognize exfat type [ 596.729194][T20931] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 596.795841][T23594] loop4: detected capacity change from 0 to 1024 [ 596.816181][T20931] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 596.831946][ T2120] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 596.931585][T23594] Quota error (device loop4): do_check_range: Getting block 64 out of range 1-5 [ 596.998418][T23594] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 597.041423][ T2120] usb 4-1: Using ep0 maxpacket: 32 [ 597.048893][ T2120] usb 4-1: unable to get BOS descriptor or descriptor too short [ 597.055152][T23594] EXT4-fs error (device loop4): ext4_acquire_dquot:6835: comm syz.4.8881: Failed to acquire dquot type 0 [ 597.068477][ T2120] usb 4-1: config 7 has an invalid interface number: 187 but max is 0 [ 597.087499][ T2120] usb 4-1: config 7 has no interface number 0 [ 597.098967][ T2120] usb 4-1: config 7 interface 187 has no altsetting 0 [ 597.115350][T23594] EXT4-fs error (device loop4): mb_free_blocks:1826: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 597.141269][T23594] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #13: comm syz.4.8881: corrupted inode contents [ 597.170504][ T2120] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 597.201043][ T2120] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 597.241953][ T2120] usb 4-1: Product: syz [ 597.246174][ T2120] usb 4-1: Manufacturer: syz [ 597.250790][ T2120] usb 4-1: SerialNumber: syz [ 597.261727][T23594] EXT4-fs error (device loop4): ext4_dirty_inode:6137: inode #13: comm syz.4.8881: mark_inode_dirty error [ 597.288551][T23594] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #13: comm syz.4.8881: corrupted inode contents [ 597.340198][T23594] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #13: comm syz.4.8881: mark_inode_dirty error [ 597.352498][T23594] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #13: comm syz.4.8881: corrupted inode contents [ 597.409597][T23594] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 597.436873][T23594] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #13: comm syz.4.8881: corrupted inode contents [ 597.449491][T23627] loop1: detected capacity change from 0 to 4096 [ 597.463359][T23594] EXT4-fs error (device loop4): ext4_truncate:4318: inode #13: comm syz.4.8881: mark_inode_dirty error [ 597.483333][T23594] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 597.500777][T23594] EXT4-fs (loop4): 1 truncate cleaned up [ 597.514162][T23627] ntfs3: loop1: ino=3, Correct links count -> 2. [ 597.523883][T23594] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 597.555682][ T2120] usb 4-1: Limiting number of CPorts to U8_MAX [ 597.566885][ T2120] usb 4-1: Unknown endpoint type found, address 0x07 [ 597.574694][ T2120] usb 4-1: Not enough endpoints found in device, aborting! [ 597.771681][ T22] usb 4-1: USB disconnect, device number 45 [ 597.820441][ T4275] EXT4-fs (loop4): unmounting filesystem. [ 597.940192][T23641] loop4: detected capacity change from 0 to 512 [ 598.003083][T23641] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 598.053754][T23641] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 598.154214][T23641] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3852: comm syz.4.8901: Allocating blocks 41-42 which overlap fs metadata [ 598.199347][T23641] Quota error (device loop4): write_blk: dquota write failed [ 598.225750][T23641] Quota error (device loop4): find_free_dqentry: Can't write quota data block 5 [ 598.289223][T23641] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3852: comm syz.4.8901: Allocating blocks 41-42 which overlap fs metadata [ 598.292311][T23639] loop0: detected capacity change from 0 to 32768 [ 598.341486][ T5354] usb 2-1: new full-speed USB device number 27 using dummy_hcd [ 598.363753][T23641] Quota error (device loop4): write_blk: dquota write failed [ 598.373130][T23639] ERROR: (device loop0): dbAllocNext: Corrupt dmap page [ 598.373130][T23639] [ 598.387702][T23641] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 598.417365][T23639] ERROR: (device loop0): remounting filesystem as read-only [ 598.429697][T23641] EXT4-fs error (device loop4): ext4_acquire_dquot:6835: comm syz.4.8901: Failed to acquire dquot type 1 [ 598.446388][T23639] ialloc: diAlloc returned -5! [ 598.460288][T23641] EXT4-fs error (device loop4): mb_free_blocks:1826: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 598.480128][T23641] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #12: comm syz.4.8901: corrupted inode contents [ 598.517201][T23641] EXT4-fs error (device loop4): ext4_dirty_inode:6137: inode #12: comm syz.4.8901: mark_inode_dirty error [ 598.530184][T23641] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #12: comm syz.4.8901: corrupted inode contents [ 598.551472][T23641] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #12: comm syz.4.8901: mark_inode_dirty error [ 598.563092][ T5354] usb 2-1: unable to get BOS descriptor or descriptor too short [ 598.583649][ T5354] usb 2-1: not running at top speed; connect to a high speed hub [ 598.616019][ T5354] usb 2-1: config 106 has an invalid interface number: 8 but max is 0 [ 598.627189][T23641] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #12: comm syz.4.8901: corrupted inode contents [ 598.652242][ T5354] usb 2-1: config 106 has no interface number 0 [ 598.658552][ T5354] usb 2-1: config 106 interface 8 has no altsetting 0 [ 598.693903][T23641] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 598.704213][ T5354] usb 2-1: New USB device found, idVendor=04e8, idProduct=6889, bcdDevice=93.dd [ 598.721414][T23641] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #12: comm syz.4.8901: corrupted inode contents [ 598.733546][ T5354] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 598.751392][ T5354] usb 2-1: Product: syz [ 598.755597][ T5354] usb 2-1: Manufacturer: syz [ 598.760203][ T5354] usb 2-1: SerialNumber: syz [ 598.777435][T23641] EXT4-fs error (device loop4): ext4_truncate:4318: inode #12: comm syz.4.8901: mark_inode_dirty error [ 598.803856][T23641] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 598.831955][T23641] EXT4-fs (loop4): 1 truncate cleaned up [ 598.837714][T23641] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 598.959470][T23641] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3852: comm syz.4.8901: Allocating blocks 41-42 which overlap fs metadata [ 599.000778][ T5354] kalmia 2-1:106.8 (unnamed net_device) (uninitialized): Error sending init packet. Status -22 [ 599.041485][ T5354] kalmia: probe of 2-1:106.8 failed with error -22 [ 599.050294][T23665] xt_TCPMSS: Only works on TCP SYN packets [ 599.062191][T23641] Quota error (device loop4): write_blk: dquota write failed [ 599.072570][ T5354] usb 2-1: USB disconnect, device number 27 [ 599.077955][T23641] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 599.099203][T23641] EXT4-fs error (device loop4): ext4_acquire_dquot:6835: comm syz.4.8901: Failed to acquire dquot type 1 [ 599.235841][T23668] program syz.3.8914 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 599.289231][ T4275] EXT4-fs (loop4): unmounting filesystem. [ 599.433200][T23677] loop3: detected capacity change from 0 to 512 [ 599.488394][T23677] EXT4-fs (loop3): failed to initialize system zone (-117) [ 599.559139][T23682] loop5: detected capacity change from 0 to 1764 [ 599.600302][T23677] EXT4-fs (loop3): mount failed [ 599.987227][T23697] netlink: 28 bytes leftover after parsing attributes in process `syz.5.8927'. [ 600.041575][T23700] EXT4-fs (loop0): external journal device major/minor numbers have changed [ 600.041605][T23701] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551609) [ 600.061933][T23701] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 600.409652][T23700] EXT4-fs (loop0): failed to open journal device unknown-block(11,127) -6 [ 600.659304][T23703] set_capacity_and_notify: 1 callbacks suppressed [ 600.659320][T23703] loop4: detected capacity change from 0 to 32768 [ 600.699095][T23723] ip6t_srh: unknown srh match flags 5294 [ 600.713255][T23721] device macvlan1 entered promiscuous mode [ 600.776625][T23703] JBD2: Ignoring recovery information on journal [ 600.889267][T23703] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 600.984660][T23731] netlink: 'syz.5.8941': attribute type 1 has an invalid length. [ 601.014036][T23703] OCFS2: ERROR (device loop4): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #17056 has bit count 0 but claims that 2046 are free [ 601.019605][T23731] netlink: 228 bytes leftover after parsing attributes in process `syz.5.8941'. [ 601.101754][T23703] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 601.147592][T23703] OCFS2: File system is now read-only. [ 601.177550][T23703] (syz.4.8930,23703,1):ocfs2_search_chain:1761 ERROR: status = -30 [ 601.251459][T23703] (syz.4.8930,23703,0):ocfs2_search_chain:1871 ERROR: status = -30 [ 601.292977][T23703] (syz.4.8930,23703,0):ocfs2_claim_suballoc_bits:1950 ERROR: status = -30 [ 601.381425][T23703] (syz.4.8930,23703,0):ocfs2_claim_suballoc_bits:1993 ERROR: status = -30 [ 601.390007][T23703] (syz.4.8930,23703,0):ocfs2_claim_new_inode:2226 ERROR: status = -30 [ 601.451412][T23703] (syz.4.8930,23703,0):ocfs2_claim_new_inode:2241 ERROR: status = -30 [ 601.459708][T23703] (syz.4.8930,23703,0):ocfs2_mknod_locked:639 ERROR: status = -30 [ 601.483152][T23703] (syz.4.8930,23703,0):ocfs2_mknod:385 ERROR: status = -30 [ 601.492957][T23703] (syz.4.8930,23703,0):ocfs2_mknod:502 ERROR: status = -30 [ 601.500414][T23703] (syz.4.8930,23703,0):ocfs2_create:676 ERROR: status = -30 [ 601.655745][ T4275] ocfs2: Unmounting device (7,4) on (node local) [ 601.905610][T23765] loop1: detected capacity change from 0 to 64 [ 601.971174][T23765] hfs: request for non-existent node -117440513 in B*Tree [ 601.989263][T23767] cifs: Unknown parameter 'no9 PG!8E8- ŖEeլ' [ 602.011405][T23765] hfs: request for non-existent node -117440513 in B*Tree [ 603.074455][T23819] rtc_cmos 00:00: Alarms can be up to one day in the future [ 603.720541][T23849] loop3: detected capacity change from 0 to 1024 [ 603.856752][T23849] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 604.053898][T23862] netdevsim netdevsim5 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 604.103341][T23862] netdevsim netdevsim5 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 604.121024][T23865] loop1: detected capacity change from 0 to 2048 [ 604.123643][T23862] netdevsim netdevsim5 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 604.175598][T23865] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 604.180291][T23862] netdevsim netdevsim5 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 604.266491][T23868] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 604.963767][T23900] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9024'. [ 605.186318][T23905] netlink: 'syz.0.9026': attribute type 11 has an invalid length. [ 605.197308][T23905] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9026'. [ 605.347865][T23912] tmpfs: Bad value for 'mpol' [ 605.791628][T23934] vim2m vim2m.0: Fourcc format (0x56595559) invalid. [ 606.371590][ T22] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 606.422518][T23931] loop0: detected capacity change from 0 to 32768 [ 606.479289][T23931] JBD2: Ignoring recovery information on journal [ 606.541535][ T5354] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 606.562920][ T22] usb 4-1: config 0 has an invalid interface number: 255 but max is 0 [ 606.571118][ T22] usb 4-1: config 0 has no interface number 0 [ 606.620918][T23931] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 606.640122][ T22] usb 4-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30 [ 606.726626][ T22] usb 4-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 606.740323][T23931] OCFS2: ERROR (device loop0): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #17056 has bit count 0 but claims that 2046 are free [ 606.762681][ T5354] usb 5-1: config 0 has an invalid interface number: 117 but max is 0 [ 606.770900][ T5354] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 606.788127][ T22] usb 4-1: config 0 interface 255 has no altsetting 0 [ 606.792414][T23931] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 606.815155][ T22] usb 4-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 606.849461][ T5354] usb 5-1: config 0 has no interface number 0 [ 606.853215][T23931] OCFS2: File system is now read-only. [ 606.856149][ T22] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 606.869230][ T5354] usb 5-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 606.893553][T23931] (syz.0.9039,23931,0):ocfs2_search_chain:1761 ERROR: status = -30 [ 606.901485][ T5354] usb 5-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 606.910718][ T22] usb 4-1: config 0 descriptor?? [ 606.937593][ T5354] usb 5-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 606.958386][ T22] ums-realtek 4-1:0.255: USB Mass Storage device detected [ 606.965901][ T5354] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 606.976695][T23931] (syz.0.9039,23931,0):ocfs2_search_chain:1871 ERROR: status = -30 [ 606.984164][ T5354] usb 5-1: Product: syz [ 606.989115][ T5354] usb 5-1: Manufacturer: syz [ 607.009463][ T5354] usb 5-1: SerialNumber: syz [ 607.026796][ T5354] usb 5-1: config 0 descriptor?? [ 607.032041][T23931] (syz.0.9039,23931,0):ocfs2_claim_suballoc_bits:1950 ERROR: status = -30 [ 607.071437][T23931] (syz.0.9039,23931,1):ocfs2_claim_suballoc_bits:1993 ERROR: status = -30 [ 607.092788][T23931] (syz.0.9039,23931,1):ocfs2_claim_new_inode:2226 ERROR: status = -30 [ 607.101051][T23931] (syz.0.9039,23931,1):ocfs2_claim_new_inode:2241 ERROR: status = -30 [ 607.145724][T23931] (syz.0.9039,23931,1):ocfs2_mknod_locked:639 ERROR: status = -30 [ 607.164438][T23982] netlink: 'syz.1.9064': attribute type 1 has an invalid length. [ 607.180376][T23982] netlink: 224 bytes leftover after parsing attributes in process `syz.1.9064'. [ 607.181449][T23931] (syz.0.9039,23931,1):ocfs2_mknod:385 ERROR: status = -30 [ 607.221217][ T22] usb 4-1: USB disconnect, device number 46 [ 607.227431][T23931] (syz.0.9039,23931,1):ocfs2_mknod:502 ERROR: status = -30 [ 607.245568][T23931] (syz.0.9039,23931,1):ocfs2_create:676 ERROR: status = -30 [ 607.300574][ T4266] ocfs2: Unmounting device (7,0) on (node local) [ 607.440177][T23988] loop5: detected capacity change from 0 to 256 [ 607.448163][ T5354] usbtouchscreen: probe of 5-1:0.117 failed with error -71 [ 607.473960][ T5354] usb 5-1: USB disconnect, device number 36 [ 607.623861][T23988] FAT-fs (loop5): Directory bread(block 64) failed [ 607.631579][T23988] FAT-fs (loop5): Directory bread(block 65) failed [ 607.641654][T23988] FAT-fs (loop5): Directory bread(block 66) failed [ 607.648278][T23988] FAT-fs (loop5): Directory bread(block 67) failed [ 607.659008][T23993] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 607.671427][T23988] FAT-fs (loop5): Directory bread(block 68) failed [ 607.691530][T23988] FAT-fs (loop5): Directory bread(block 69) failed [ 607.699696][T23988] FAT-fs (loop5): Directory bread(block 70) failed [ 607.713636][T23988] FAT-fs (loop5): Directory bread(block 71) failed [ 607.720269][T23988] FAT-fs (loop5): Directory bread(block 72) failed [ 607.734608][T23988] FAT-fs (loop5): Directory bread(block 73) failed [ 607.924279][T24001] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9073'. [ 608.015934][T24003] loop1: detected capacity change from 0 to 128 [ 608.071427][T24003] VFS: Found a Xenix FS (block size = 1024) on device loop1 [ 608.244831][ T4270] sysv_free_block: flc_count > flc_size [ 608.280532][ T4270] sysv_free_block: flc_count > flc_size [ 608.290861][ T4270] sysv_free_block: flc_count > flc_size [ 608.340155][ T4270] sysv_free_block: flc_count > flc_size [ 608.365086][ T4270] sysv_free_block: flc_count > flc_size [ 608.374227][T24018] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9082'. [ 608.391436][ T4270] sysv_free_block: flc_count > flc_size [ 608.397035][ T4270] sysv_free_block: flc_count > flc_size [ 608.431385][ T4270] sysv_free_block: flc_count > flc_size [ 608.436986][ T4270] sysv_free_block: flc_count > flc_size [ 608.473089][ T4270] sysv_free_block: flc_count > flc_size [ 608.513662][ T4270] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 608.793712][T24033] loop0: detected capacity change from 0 to 2048 [ 608.861526][ T5354] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 608.979249][T24033] loop0: unable to read partition table [ 608.987079][T24033] loop0: partition table beyond EOD, truncated [ 609.026403][T24033] loop_reread_partitions: partition scan of loop0 () failed (rc=-5) [ 609.073697][ T5354] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 609.104808][ T5354] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 609.125075][ T3638] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 609.132049][ T5354] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 609.144367][T24049] tipc: Trying to set illegal importance in message [ 609.153827][ T3638] Buffer I/O error on dev loop0, logical block 0, async page read [ 609.153923][T24051] loop1: detected capacity change from 0 to 8 [ 609.167802][ T3638] ldm_validate_partition_table(): Disk read failed. [ 609.182177][T24051] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 609.188893][ T5354] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 609.190994][ T3638] Dev loop0: unable to read RDB block 0 [ 609.219244][ T5354] usb 5-1: SerialNumber: syz [ 609.222388][ T3638] loop0: unable to read partition table [ 609.230179][ T3638] loop0: partition table beyond EOD, truncated [ 609.268522][T20931] udevd[20931]: incorrect cramfs checksum on /dev/loop1 [ 609.454218][ T5354] usb 5-1: 0:2 : does not exist [ 609.459178][ T5354] usb 5-1: unit 5: unexpected type 0x03 [ 609.516081][ T5354] usb 5-1: USB disconnect, device number 37 [ 609.768451][T20931] udevd[20931]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 609.870588][T24076] netlink: 'syz.1.9110': attribute type 7 has an invalid length. [ 609.902128][T24076] netlink: 'syz.1.9110': attribute type 8 has an invalid length. [ 609.942635][T24076] netlink: 'syz.1.9110': attribute type 15 has an invalid length. [ 610.524866][T24098] loop4: detected capacity change from 0 to 4096 [ 610.665015][T24098] ntfs3: loop4: ino=1f, "file2" attr_set_size [ 610.671215][T24098] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 611.140886][T24130] loop5: detected capacity change from 0 to 2048 [ 611.197549][T24134] netlink: 'syz.1.9138': attribute type 1 has an invalid length. [ 611.255806][T24139] netlink: 'syz.0.9140': attribute type 3 has an invalid length. [ 611.267357][T24137] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 611.271388][T24139] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.9140'. [ 611.751419][ T5354] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 611.773589][T24155] loop5: detected capacity change from 0 to 512 [ 611.777938][T24156] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9147'. [ 611.893297][T24155] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 611.917273][ T4276] cgroup: fork rejected by pids controller in /syz3 [ 611.951380][ T5354] usb 2-1: Using ep0 maxpacket: 32 [ 611.958909][ T5354] usb 2-1: config 0 has an invalid interface number: 54 but max is 0 [ 611.977316][ T5354] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 611.990026][ T5354] usb 2-1: config 0 has no interface number 0 [ 611.996718][ T5354] usb 2-1: too many endpoints for config 0 interface 54 altsetting 205: 134, using maximum allowed: 30 [ 612.008184][ T5354] usb 2-1: config 0 interface 54 altsetting 205 has 0 endpoint descriptors, different from the interface descriptor's value: 134 [ 612.022381][ T5354] usb 2-1: config 0 interface 54 has no altsetting 0 [ 612.023254][T24155] EXT4-fs error (device loop5): ext4_validate_block_bitmap:420: comm syz.5.9148: bg 0: bad block bitmap checksum [ 612.031167][ T5354] usb 2-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11 [ 612.053933][ T5354] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 612.091442][ T5354] usb 2-1: Product: syz [ 612.101399][ T5354] usb 2-1: Manufacturer: syz [ 612.105939][T24155] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6181: Filesystem failed CRC [ 612.106111][ T5354] usb 2-1: SerialNumber: syz [ 612.143021][ T5354] usb 2-1: config 0 descriptor?? [ 612.190721][ T5354] usb 2-1: MIDIStreaming interface descriptor not found [ 612.250368][T20933] EXT4-fs (loop5): unmounting filesystem. [ 612.492374][ T22] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 612.528824][ T5366] usb 2-1: USB disconnect, device number 28 [ 612.675564][ T46] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 612.701427][ T22] usb 5-1: Using ep0 maxpacket: 32 [ 612.708263][ T22] usb 5-1: config 0 has an invalid interface number: 35 but max is 0 [ 612.737313][ T22] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 612.768257][ T22] usb 5-1: config 0 has no interface number 0 [ 612.788524][ T22] usb 5-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 612.824481][ T22] usb 5-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 612.849187][ T22] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 612.876220][ T46] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 612.881406][ T22] usb 5-1: Product: syz [ 612.898791][ T22] usb 5-1: Manufacturer: syz [ 612.903793][ T22] usb 5-1: SerialNumber: syz [ 612.920360][ T22] usb 5-1: config 0 descriptor?? [ 612.932280][ T22] radio-si470x 5-1:0.35: could not find interrupt in endpoint [ 612.967885][ T22] radio-si470x: probe of 5-1:0.35 failed with error -5 [ 613.045015][ T46] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 613.160599][ T22] radio-raremono 5-1:0.35: Thanko's Raremono connected: (10C4:818A) [ 613.241847][T24175] loop5: detected capacity change from 0 to 32768 [ 613.317445][ T46] bond0: (slave netdevsim0): Releasing backup interface [ 613.370860][ T22] radio-raremono 5-1:0.35: raremono_cmd_main failed (-71) [ 613.388411][ T4282] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 613.400554][ T4282] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 613.409007][ T4282] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 613.418419][ T4282] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 613.421341][ T22] radio-raremono 5-1:0.35: V4L2 device registered as radio48 [ 613.426042][ T4282] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 613.441188][ T4282] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 613.488894][T24175] XFS (loop5): Mounting V5 Filesystem [ 613.540682][ T22] usb 5-1: USB disconnect, device number 38 [ 613.591757][ T22] radio-raremono 5-1:0.35: Thanko's Raremono disconnected [ 613.624022][ T46] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 613.659807][T24191] lo speed is unknown, defaulting to 1000 [ 613.752247][T24175] XFS (loop5): Ending clean mount [ 613.891586][T20933] XFS (loop5): Unmounting Filesystem [ 615.191016][T24245] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9183'. [ 615.491557][ T4282] Bluetooth: hci4: command 0x0409 tx timeout [ 616.205487][T24287] rdma_rxe: rxe_register_device failed with error -23 [ 616.248523][T24287] rdma_rxe: failed to add vcan0 [ 616.522094][T24191] chnl_net:caif_netlink_parms(): no params data found [ 616.640938][T24303] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9205'. [ 616.913610][T24316] tmpfs: Bad value for 'mpol' [ 616.970771][T24311] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9208'. [ 617.016381][T24321] Scaler: ================= START STATUS ================= [ 617.024315][T24321] Scaler: ================== END STATUS ================== [ 617.052837][T24311] netlink: 60 bytes leftover after parsing attributes in process `syz.5.9208'. [ 617.116720][T24311] device vlan0 entered promiscuous mode [ 617.283704][T24191] bridge0: port 1(bridge_slave_0) entered blocking state [ 617.322594][T24191] bridge0: port 1(bridge_slave_0) entered disabled state [ 617.374477][T24191] device bridge_slave_0 entered promiscuous mode [ 617.517912][T24191] bridge0: port 2(bridge_slave_1) entered blocking state [ 617.549679][T24191] bridge0: port 2(bridge_slave_1) entered disabled state [ 617.571400][ T4282] Bluetooth: hci4: command 0x041b tx timeout [ 617.630905][T24191] device bridge_slave_1 entered promiscuous mode [ 617.690235][T24191] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 617.777916][T24191] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 617.798972][T24344] loop5: detected capacity change from 0 to 4096 [ 617.872182][T24344] ntfs: (device loop5): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 617.918960][T24191] team0: Port device team_slave_0 added [ 617.949942][T24344] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 618.003068][T24191] team0: Port device team_slave_1 added [ 618.048969][T24344] ntfs: (device loop5): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 618.105136][T24344] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 618.124871][T24191] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 618.148220][T24191] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 618.187900][T24344] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 618.199607][T24191] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 618.220786][T24344] ntfs: volume version 3.1. [ 618.228529][T24344] ntfs: (device loop5): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 618.304489][T24344] ntfs: (device loop5): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 618.361910][T24344] ntfs: (device loop5): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 618.399343][T24344] ntfs: (device loop5): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 618.411090][T24344] ntfs: (device loop5): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 618.477359][T24191] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 618.497705][T24191] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 618.591493][T24191] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 619.017076][T24191] device hsr_slave_0 entered promiscuous mode [ 619.029666][T24387] vivid-008: disconnect [ 619.038769][T24191] device hsr_slave_1 entered promiscuous mode [ 619.073670][T24386] vivid-008: reconnect [ 619.082107][T24191] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 619.106281][T24191] Cannot create hsr debugfs directory [ 619.160554][T24391] netlink: 'syz.1.9239': attribute type 6 has an invalid length. [ 619.488476][T24398] loop5: detected capacity change from 0 to 2048 [ 619.568576][T24398] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found! [ 619.650142][T24398] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 619.661652][ T4282] Bluetooth: hci4: command 0x040f tx timeout [ 620.256742][T24400] loop1: detected capacity change from 0 to 32768 [ 620.337338][T24400] (syz.1.9243,24400,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 620.401226][T24400] (syz.1.9243,24400,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 620.423466][ T46] device hsr_slave_0 left promiscuous mode [ 620.433539][ T46] device hsr_slave_1 left promiscuous mode [ 620.482290][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 620.505582][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 620.539360][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 620.550698][T24400] JBD2: Ignoring recovery information on journal [ 620.634785][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 620.646504][T24406] loop4: detected capacity change from 0 to 32768 [ 620.708670][T24406] ERROR: (device loop4): diWrite: ixpxd invalid [ 620.708670][T24406] [ 620.735578][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 620.776446][T24400] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 620.799162][T24406] ERROR: (device loop4): remounting filesystem as read-only [ 620.851719][T24406] ERROR: (device loop4): txCommit: [ 620.851719][T24406] [ 620.893090][T24406] imap: ffff8880437c8000: 07ffffff 00000000 00000000 00000000 [ 620.900607][T24406] imap: ffff8880437c8010: 00000004 00000002 00000000 00000000 [ 620.969262][T24406] ERROR: (device loop4): diFree: inum = 64, iagno = 0, nextiag = 0 [ 620.969262][T24406] [ 621.000859][T24400] (syz.1.9243,24400,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x438, computed 0x1cec3d0f. Applying ECC. [ 621.042300][ T46] device veth1_macvtap left promiscuous mode [ 621.059592][ T46] device veth0_macvtap left promiscuous mode [ 621.066396][T24430] overlayfs: conflicting options: metacopy=on,redirect_dir=follow [ 621.073417][ T46] device veth1_vlan left promiscuous mode [ 621.078546][T24416] loop0: detected capacity change from 0 to 32768 [ 621.080001][T24400] (syz.1.9243,24400,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x438, computed 0x1cec3d0f [ 621.149215][T24416] (syz.0.9251,24416,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 621.206932][T24400] (syz.1.9243,24400,0):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 621.235334][T24416] (syz.0.9251,24416,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 621.294919][T24400] (syz.1.9243,24400,0):ocfs2_quota_read:201 ERROR: status = -5 [ 621.347112][T24400] (syz.1.9243,24400,0):ocfs2_acquire_dquot:878 ERROR: status = -5 [ 621.406278][T24416] debugfs: Directory '9357E9D751824C228242B9B0D0FB6750' with parent 'ocfs2' already present! [ 621.439567][T24400] (syz.1.9243,24400,0):ocfs2_symlink:1879 ERROR: status = -5 [ 621.551139][T24400] (syz.1.9243,24400,1):ocfs2_symlink:2065 ERROR: status = -5 [ 621.591933][T24416] JBD2: Ignoring recovery information on journal [ 621.671168][ T4270] ocfs2: Unmounting device (7,1) on (node local) [ 621.731514][ T4282] Bluetooth: hci4: command 0x0419 tx timeout [ 621.785481][T24416] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 622.107533][T24454] netlink: 'syz.5.9263': attribute type 1 has an invalid length. [ 622.146552][ T4266] ocfs2: Unmounting device (7,0) on (node local) [ 622.172051][T24456] No such timeout policy "syz0" [ 622.774811][T24476] loop0: detected capacity change from 0 to 16 [ 622.822371][T24476] erofs: (device loop0): mounted with root inode @ nid 36. [ 622.943504][ T46] team0 (unregistering): Port device macvlan0 removed [ 623.596539][ T46] team0 (unregistering): Port device team_slave_1 removed [ 623.687485][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 623.737995][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 624.119145][ T46] bond0 (unregistering): Released all slaves [ 624.225052][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.231626][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.262025][T24492] netlink: 'syz.0.9281': attribute type 4 has an invalid length. [ 624.730540][T24508] loop4: detected capacity change from 0 to 128 [ 624.802758][T24508] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 624.857186][T24516] loop1: detected capacity change from 0 to 64 [ 624.934309][ T4275] EXT4-fs (loop4): unmounting filesystem. [ 624.955290][T24191] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 624.991966][T24191] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 625.102951][T24191] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 625.148786][T24526] netlink: 220 bytes leftover after parsing attributes in process `syz.4.9293'. [ 625.188378][T24191] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 625.220204][T24518] loop0: detected capacity change from 0 to 8192 [ 625.368507][T24534] netlink: get zone limit has 4 unknown bytes [ 625.638399][T24191] 8021q: adding VLAN 0 to HW filter on device bond0 [ 625.668616][T24548] ip6t_rpfilter: unknown options [ 625.736248][T24191] 8021q: adding VLAN 0 to HW filter on device team0 [ 625.786088][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 625.811748][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 625.889154][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 625.971966][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 626.010645][T22573] bridge0: port 1(bridge_slave_0) entered blocking state [ 626.017895][T22573] bridge0: port 1(bridge_slave_0) entered forwarding state [ 626.082233][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 626.107274][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 626.150899][T22573] bridge0: port 2(bridge_slave_1) entered blocking state [ 626.158112][T22573] bridge0: port 2(bridge_slave_1) entered forwarding state [ 626.174478][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 626.210445][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 626.234693][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 626.291219][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 626.350115][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 626.416575][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 626.438999][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 626.469457][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 626.493356][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 626.508376][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 626.566144][T24191] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 626.585921][T24191] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 626.637667][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 626.664201][T22573] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 626.766710][T24549] loop5: detected capacity change from 0 to 32768 [ 626.861861][T24549] (syz.5.9301,24549,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 626.951462][T24549] (syz.5.9301,24549,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 627.036952][T24549] JBD2: Ignoring recovery information on journal [ 627.120560][T24549] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 627.502955][T20933] ocfs2: Unmounting device (7,5) on (node local) [ 627.670740][T24617] IPv6: sit1: Disabled Multicast RS [ 627.860397][T24624] loop0: detected capacity change from 0 to 128 [ 627.929757][T22581] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 627.964508][T22581] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 628.003086][T24191] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 628.058356][T24626] xt_l2tp: v2 doesn't support IP mode [ 628.111581][T22569] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 628.138832][T22569] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 628.198889][T24191] device veth0_vlan entered promiscuous mode [ 628.253504][T22569] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 628.272227][T22569] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 628.304453][T24633] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9332'. [ 628.315054][T22569] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 628.337659][T22569] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 628.353224][T24633] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9332'. [ 628.422461][T24191] device veth1_vlan entered promiscuous mode [ 628.544042][T22581] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 628.573825][T22581] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 628.596469][T22581] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 628.605046][T24638] delete_channel: no stack [ 628.626497][T24643] loop5: detected capacity change from 0 to 512 [ 628.649407][T22581] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 628.702981][T24191] device veth0_macvtap entered promiscuous mode [ 628.717369][T24191] device veth1_macvtap entered promiscuous mode [ 628.742953][T24643] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 628.775459][T24613] loop1: detected capacity change from 0 to 32768 [ 628.789682][T24643] EXT4-fs error (device loop5): ext4_xattr_block_list:713: inode #12: comm syz.5.9336: corrupted xattr block 6 [ 628.801797][T24191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 628.814592][T24191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.824715][T24191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 628.835513][T24191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.845875][T24191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 628.856857][T24191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.866884][T24191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 628.883143][T24191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.906104][T24613] ERROR: (device loop1): dbAlloc: the hint is outside the map [ 628.906104][T24613] [ 628.930722][T24191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 628.959809][T24191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.981777][T24613] ERROR: (device loop1): remounting filesystem as read-only [ 629.052880][T20933] EXT4-fs (loop5): unmounting filesystem. [ 629.053444][T24191] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 629.106176][T22569] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 629.150321][T22569] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 629.201948][T22569] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 629.243315][T22569] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 629.282190][T24191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 629.314392][T24660] ax25_connect(): syz.1.9342 uses autobind, please contact jreuter@yaina.de [ 629.333864][T24191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 629.371344][T24191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 629.421327][T24191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 629.451487][T24191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 629.486360][T24664] loop4: detected capacity change from 0 to 256 [ 629.511372][T24191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 629.572058][T24191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 629.623139][T24191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 629.668318][T24191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 629.729751][T24191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 629.809141][T24191] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 629.848525][T22569] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 629.871991][T24670] xt_CT: No such helper "netbios-ns" [ 629.881793][T22569] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 629.917815][T24191] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 629.942647][T24191] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 630.016688][T24191] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 630.060859][T24191] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 630.130044][T24683] loop5: detected capacity change from 0 to 1024 [ 630.227497][T24683] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 630.364856][T20933] EXT4-fs (loop5): unmounting filesystem. [ 630.466260][T22577] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 630.491554][T22577] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 630.547096][ T5234] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 630.601366][T24695] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9356'. [ 630.614436][ T5234] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 630.631397][ T5234] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 630.665344][ T5234] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 631.186947][T24721] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9366'. [ 631.316801][T24721] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9366'. [ 631.844613][T24750] binfmt_misc: register: failed to install interpreter file ./file0/../file0 [ 632.233264][T24764] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: invalid value (6) [ 632.490780][T24767] loop1: detected capacity change from 0 to 4096 [ 632.509645][T24771] loop0: detected capacity change from 0 to 4096 [ 632.524080][T24767] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 632.658442][T24779] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 632.716233][T24767] ntfs3: loop1: no free space to extend mft [ 632.791770][T24783] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 632.799204][T24783] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 633.085105][T24793] ipt_rpfilter: unknown options [ 633.091583][ T5360] usb 5-1: new full-speed USB device number 39 using dummy_hcd [ 633.293166][ T5360] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x81 has invalid wMaxPacketSize 0 [ 633.323687][ T5360] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 633.396143][ T5360] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 633.450869][ T5360] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x3 has invalid maxpacket 29797, setting to 64 [ 633.482326][ T5360] usb 5-1: config 1 interface 0 has no altsetting 0 [ 633.523012][ T5360] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 633.562169][ T5360] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 633.580500][ T5360] usb 5-1: SerialNumber: syz [ 633.604206][T24785] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 633.652480][ T5360] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 633.881462][ T5360] usb 5-1: USB disconnect, device number 39 [ 634.021379][ T4319] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 634.070457][T24835] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9412'. [ 634.084778][T24837] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9413'. [ 634.211501][ T4319] usb 2-1: Using ep0 maxpacket: 32 [ 634.219654][ T4319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 634.261343][ T4319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 634.281150][T24844] overlayfs: missing 'lowerdir' [ 634.288038][ T4319] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 634.318071][ T4319] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 634.350912][ T4319] usb 2-1: config 0 descriptor?? [ 634.367950][T24848] netlink: 'syz.0.9416': attribute type 1 has an invalid length. [ 634.369158][ T4319] hub 2-1:0.0: USB hub found [ 634.476993][T24852] netlink: 'syz.3.9418': attribute type 3 has an invalid length. [ 634.509658][T24852] netlink: 'syz.3.9418': attribute type 3 has an invalid length. [ 634.574019][ T4319] hub 2-1:0.0: 28 ports detected [ 634.581569][ T4319] hub 2-1:0.0: insufficient power available to use all downstream ports [ 634.586262][T24855] binder: Bad value for 'stats' [ 634.776026][T24861] loop3: detected capacity change from 0 to 256 [ 634.783881][ T4319] hub 2-1:0.0: hub_hub_status failed (err = -71) [ 634.791655][ T4319] hub 2-1:0.0: config failed, can't get hub status (err -71) [ 634.820402][ T4319] usbhid 2-1:0.0: can't add hid device: -71 [ 634.828393][ T4319] usbhid: probe of 2-1:0.0 failed with error -71 [ 634.879623][T24861] FAT-fs (loop3): Directory bread(block 64) failed [ 634.902634][ T4319] usb 2-1: USB disconnect, device number 29 [ 634.920351][T24861] FAT-fs (loop3): Directory bread(block 65) failed [ 634.949884][T24861] FAT-fs (loop3): Directory bread(block 66) failed [ 634.978331][T24861] FAT-fs (loop3): Directory bread(block 67) failed [ 635.017504][T24861] FAT-fs (loop3): Directory bread(block 68) failed [ 635.071724][T24861] FAT-fs (loop3): Directory bread(block 69) failed [ 635.078382][T24861] FAT-fs (loop3): Directory bread(block 70) failed [ 635.119993][T24861] FAT-fs (loop3): Directory bread(block 71) failed [ 635.146980][T24861] FAT-fs (loop3): Directory bread(block 72) failed [ 635.169137][T24861] FAT-fs (loop3): Directory bread(block 73) failed [ 635.373497][ T27] kauditd_printk_skb: 8 callbacks suppressed [ 635.373511][ T27] audit: type=1800 audit(635.355:303): pid=24861 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.9422" name="file1" dev="loop3" ino=1048695 res=0 errno=0 [ 635.486678][T24886] loop5: detected capacity change from 0 to 512 [ 635.609760][T24886] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 635.691199][T24886] EXT4-fs error (device loop5): ext4_xattr_block_get:543: inode #15: comm syz.5.9432: corrupted xattr block 33 [ 635.752508][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 635.774880][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 635.835596][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 635.849067][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 635.877263][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 635.920615][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 635.935599][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 635.963081][T24902] loop1: detected capacity change from 0 to 2048 [ 635.982977][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 636.008792][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 636.044218][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 636.057489][T24908] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 636.068294][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 636.111257][T24902] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=1024, inode=0, rec_len=0, name_len=0 [ 636.157910][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 636.175819][T24912] loop0: detected capacity change from 0 to 128 [ 636.207106][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 636.216946][T24902] Remounting filesystem read-only [ 636.251411][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 636.276866][T24912] FAT-fs (loop0): Directory bread(block 11554) failed [ 636.299241][T24912] FAT-fs (loop0): Directory bread(block 11555) failed [ 636.299432][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 636.331431][T24912] FAT-fs (loop0): Directory bread(block 11556) failed [ 636.338319][T24912] FAT-fs (loop0): Directory bread(block 11557) failed [ 636.356720][T24918] loop3: detected capacity change from 0 to 512 [ 636.359012][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 636.371703][T24912] FAT-fs (loop0): Directory bread(block 11558) failed [ 636.378543][T24912] FAT-fs (loop0): Directory bread(block 11559) failed [ 636.391188][ T4333] hid-generic C990:0003:007F.0001: unknown main item tag 0x0 [ 636.408869][T24918] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 636.425413][T24912] FAT-fs (loop0): Directory bread(block 11560) failed [ 636.436598][T24918] EXT4-fs (loop3): Couldn't remount RDWR because of unprocessed orphan inode list. Please umount/remount instead [ 636.482294][T24912] FAT-fs (loop0): Directory bread(block 11561) failed [ 636.489474][T24912] FAT-fs (loop0): Directory bread(block 11562) failed [ 636.507569][ T4333] hid-generic C990:0003:007F.0001: hidraw0: HID v0.00 Device [syz0] on syz1 [ 636.532836][T24912] FAT-fs (loop0): Directory bread(block 11563) failed [ 636.647674][T20933] EXT4-fs (loop5): unmounting filesystem. [ 636.789829][T24922] fido_id[24922]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 636.804740][T24191] EXT4-fs (loop3): unmounting filesystem. [ 637.114697][T24929] loop4: detected capacity change from 0 to 8192 [ 637.167936][T24929] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 637.251509][T24929] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 637.291460][T24929] REISERFS (device loop4): using ordered data mode [ 637.298060][T24929] reiserfs: using flush barriers [ 637.312713][ T4333] usb 1-1: new high-speed USB device number 46 using dummy_hcd [ 637.320471][T24929] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 637.361802][T24929] REISERFS (device loop4): checking transaction log (loop4) [ 637.424135][T24929] REISERFS (device loop4): Using rupasov hash to sort names [ 637.441433][T24929] REISERFS (device loop4): using 3.5.x disk format [ 637.463532][T24929] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 637.491795][ T4333] usb 1-1: Using ep0 maxpacket: 32 [ 637.511478][T24929] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 637.513159][ T4333] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 637.551555][T24929] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 637.561636][ T4333] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 637.588358][T24929] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2) [ 637.588400][T24929] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 637.599792][ T4333] usb 1-1: config 0 descriptor?? [ 637.618016][ T4333] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 637.679887][T24929] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 637.680370][T24929] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 637.949774][T24943] loop1: detected capacity change from 0 to 32768 [ 638.016661][ T4333] gspca_nw80x: reg_r err -71 [ 638.041254][ T4333] nw80x: probe of 1-1:0.0 failed with error -71 [ 638.092161][ T4333] usb 1-1: USB disconnect, device number 46 [ 638.178048][T24966] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 638.970896][T24986] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9470'. [ 639.816587][T25021] netlink: 220 bytes leftover after parsing attributes in process `syz.0.9482'. [ 640.523526][T25008] loop5: detected capacity change from 0 to 32768 [ 640.560208][T25050] loop4: detected capacity change from 0 to 256 [ 640.594695][T25008] ocfs2: Slot 0 on device (7,5) was already allocated to this node! [ 640.703213][T25050] FAT-fs (loop4): Directory bread(block 64) failed [ 640.709801][T25050] FAT-fs (loop4): Directory bread(block 65) failed [ 640.761536][T25050] FAT-fs (loop4): Directory bread(block 66) failed [ 640.780148][T25050] FAT-fs (loop4): Directory bread(block 67) failed [ 640.807305][T25050] FAT-fs (loop4): Directory bread(block 68) failed [ 640.830295][T25008] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 640.841639][T25050] FAT-fs (loop4): Directory bread(block 69) failed [ 640.861556][T25050] FAT-fs (loop4): Directory bread(block 70) failed [ 640.868166][T25050] FAT-fs (loop4): Directory bread(block 71) failed [ 640.890318][T25008] (syz.5.9477,25008,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is too small for name_len - offset=0, inode=65, rec_len=16, name_len=9 [ 640.941686][T25050] FAT-fs (loop4): Directory bread(block 72) failed [ 640.951444][T25008] (syz.5.9477,25008,0):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2 [ 640.969924][T25050] FAT-fs (loop4): Directory bread(block 73) failed [ 641.027701][T25008] (syz.5.9477,25008,0):ocfs2_mknod:298 ERROR: status = -2 [ 641.045700][T25008] (syz.5.9477,25008,0):ocfs2_mknod:502 ERROR: status = -2 [ 641.099868][T25008] (syz.5.9477,25008,0):ocfs2_create:676 ERROR: status = -2 [ 641.165504][ T27] audit: type=1800 audit(641.145:304): pid=25050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.9497" name="file1" dev="loop4" ino=1048696 res=0 errno=0 [ 641.179534][T25048] loop3: detected capacity change from 0 to 32768 [ 641.232793][T25071] netlink: 45 bytes leftover after parsing attributes in process `syz.1.9502'. [ 641.345695][T20933] ocfs2: Unmounting device (7,5) on (node local) [ 641.357248][T25048] XFS (loop3): Mounting V5 Filesystem [ 641.636776][T25048] XFS (loop3): Ending clean mount [ 641.823608][T24191] XFS (loop3): Unmounting Filesystem [ 642.004404][T25106] netlink: 'syz.1.9514': attribute type 4 has an invalid length. [ 642.296436][T25115] netlink: 360 bytes leftover after parsing attributes in process `syz.1.9518'. [ 642.469727][T25120] IPv6: ADDRCONF(NETDEV_CHANGE): bridge1: link becomes ready [ 642.600164][T25125] IPv6: sit2: Disabled Multicast RS [ 642.810400][T25133] tmpfs: Bad value for 'nr_blocks' [ 643.035430][T25145] loop1: detected capacity change from 0 to 512 [ 643.112236][T25145] EXT4-fs: Ignoring removed bh option [ 643.218380][T25145] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 643.272220][T25145] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 643.349114][T25145] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 643.368912][T25145] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 643.409029][T25145] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 643.533592][T25145] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.9528: bg 0: block 353: padding at end of block bitmap is not set [ 643.737100][T25174] ieee802154 phy0 wpan0: encryption failed: -22 [ 643.850385][ T4270] EXT4-fs (loop1): unmounting filesystem. [ 644.791793][T25219] loop5: detected capacity change from 0 to 256 [ 644.807468][T25212] loop0: detected capacity change from 0 to 4096 [ 645.122000][ T4266] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22. [ 645.131407][ T4266] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 645.980163][T25263] loop5: detected capacity change from 0 to 2048 [ 645.987862][T25265] block nbd3: NBD_DISCONNECT [ 646.030816][T25263] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 646.113246][T25272] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 646.181467][T25271] netlink: 'syz.4.9586': attribute type 2 has an invalid length. [ 646.189274][T25271] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9586'. [ 646.349744][T25270] loop0: detected capacity change from 0 to 4096 [ 646.807395][T25298] loop4: detected capacity change from 0 to 512 [ 646.847531][T25298] EXT4-fs: Ignoring removed bh option [ 646.902428][T25298] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 646.945790][T25298] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 646.991004][T25298] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 647.044145][T25310] sctp: [Deprecated]: syz.3.9602 (pid 25310) Use of int in maxseg socket option. [ 647.044145][T25310] Use struct sctp_assoc_value instead [ 647.082659][T25298] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 647.145852][T25298] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 647.181213][T25298] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.9599: bg 0: block 353: padding at end of block bitmap is not set [ 647.433519][ T4275] EXT4-fs (loop4): unmounting filesystem. [ 647.560005][T25332] netlink: 10 bytes leftover after parsing attributes in process `syz.5.9614'. [ 647.901038][T25347] loop4: detected capacity change from 0 to 256 [ 648.010561][T25351] loop0: detected capacity change from 0 to 1024 [ 648.068647][T25351] hfsplus: inconsistency in B*Tree (9,1,255,1,0) [ 648.122202][ T46] hfsplus: b-tree write err: -5, ino 4 [ 648.830076][T25387] netlink: 188 bytes leftover after parsing attributes in process `syz.1.9641'. [ 649.152293][T25401] netlink: 24 bytes leftover after parsing attributes in process `syz.5.9647'. [ 649.188666][T25405] loop4: detected capacity change from 0 to 764 [ 649.641800][T25421] netlink: 'syz.4.9657': attribute type 21 has an invalid length. [ 649.813620][ T28] INFO: task syz-executor:4274 blocked for more than 143 seconds. [ 649.822512][ T28] Not tainted syzkaller #0 [ 649.827482][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 649.866783][ T28] task:syz-executor state:D stack:22032 pid:4274 ppid:1 flags:0x00004004 [ 649.898247][ T28] Call Trace: [ 649.921363][ T28] [ 649.924378][ T28] __schedule+0x11d1/0x40e0 [ 649.946402][ T28] ? mark_lock+0x94/0x320 [ 649.957390][ T28] ? __sched_text_start+0x8/0x8 [ 649.971435][ T5354] usb 4-1: new high-speed USB device number 47 using dummy_hcd [ 649.979186][ T28] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 650.009543][ T28] ? lock_chain_count+0x20/0x20 [ 650.014880][ T28] ? _raw_spin_lock_irq+0xb7/0xf0 [ 650.025032][ T28] ? _raw_spin_lock_irqsave+0x100/0x100 [ 650.038553][ T28] schedule+0xb9/0x180 [ 650.048090][ T28] io_schedule+0x7c/0xd0 [ 650.052673][ T28] folio_wait_bit_common+0x70a/0xfa0 [ 650.058095][ T28] ? folio_wait_bit+0x30/0x30 [ 650.063438][ T28] ? migration_entry_wait_on_locked+0xe90/0xe90 [ 650.069798][ T28] ? truncate_cleanup_folio+0x13/0x5e0 [ 650.076112][ T28] ? folio_mapping+0x1ba/0x4d0 [ 650.080957][ T28] truncate_inode_pages_range+0x9fe/0x1090 [ 650.087298][ T28] ? mapping_evict_folio+0x520/0x520 [ 650.092675][ T28] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 650.098680][ T28] ? _raw_spin_unlock_irq+0x1f/0x40 [ 650.104100][ T28] ? lockdep_hardirqs_on+0x94/0x140 [ 650.109318][ T28] evict+0x4dc/0x8d0 [ 650.113275][ T28] ? proc_nr_inodes+0x2f0/0x2f0 [ 650.118140][ T28] ? do_raw_spin_unlock+0x11d/0x230 [ 650.123557][ T28] ? do_raw_spin_unlock+0x11d/0x230 [ 650.128780][ T28] evict_inodes+0x60c/0x6a0 [ 650.140675][ T28] ? clear_inode+0x150/0x150 [ 650.147685][ T28] generic_shutdown_super+0x93/0x340 [ 650.153057][ T28] kill_block_super+0x7c/0xe0 [ 650.157799][ T28] deactivate_locked_super+0x93/0xf0 [ 650.161432][ T5354] usb 4-1: Using ep0 maxpacket: 8 [ 650.163281][ T28] cleanup_mnt+0x42c/0x4b0 [ 650.172625][ T28] ? lockdep_hardirqs_on+0x94/0x140 [ 650.176439][ T5354] usb 4-1: config 6 has an invalid interface number: 2 but max is 0 [ 650.177837][ T28] task_work_run+0x1d0/0x260 [ 650.190278][ T5354] usb 4-1: config 6 has no interface number 0 [ 650.190470][ T28] ? task_work_cancel+0x220/0x220 [ 650.197001][ T5354] usb 4-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 650.209258][ T28] ? exit_to_user_mode_loop+0x3b/0x110 [ 650.213531][ T5354] usb 4-1: config 6 interface 2 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 650.217181][ T28] exit_to_user_mode_loop+0xe6/0x110 [ 650.229333][ T5354] usb 4-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91 [ 650.239615][ T28] exit_to_user_mode_prepare+0xee/0x180 [ 650.244002][ T5354] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 650.246947][ T28] syscall_exit_to_user_mode+0x16/0x40 [ 650.255260][ T5354] usb 4-1: Product: syz [ 650.265507][ T5354] usb 4-1: Manufacturer: syz [ 650.267971][ T28] do_syscall_64+0x58/0xa0 [ 650.270183][ T5354] usb 4-1: SerialNumber: syz [ 650.279141][ T28] ? clear_bhb_loop+0x60/0xb0 [ 650.284602][ T28] ? clear_bhb_loop+0x60/0xb0 [ 650.288355][ T5354] hso 4-1:6.2: Failed to find INT IN ep [ 650.289373][ T28] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 650.301071][ T28] RIP: 0033:0x7f1667d9c117 [ 650.315682][ T28] RSP: 002b:00007ffd22b728d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 650.326442][ T28] RAX: 0000000000000000 RBX: 00007f1667e0471f RCX: 00007f1667d9c117 [ 650.336717][ T28] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd22b72990 [ 650.347012][ T28] RBP: 00007ffd22b72990 R08: 00007ffd22b73990 R09: 00000000ffffffff [ 650.355112][ T28] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd22b73a20 [ 650.363303][ T28] R13: 00007f1667e0471f R14: 000000000007b6b3 R15: 00007ffd22b73a60 [ 650.371420][ T28] [ 650.377643][ T28] [ 650.377643][ T28] Showing all locks held in the system: [ 650.385464][ T28] 1 lock held by rcu_tasks_kthre/12: [ 650.390753][ T28] #0: ffffffff8cb2dfb0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00 [ 650.401455][ T28] 1 lock held by rcu_tasks_trace/13: [ 650.406762][ T28] #0: ffffffff8cb2e7d0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00 [ 650.417842][ T28] 1 lock held by khungtaskd/28: [ 650.422756][ T28] #0: ffffffff8cb2d620 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 [ 650.432822][ T28] 1 lock held by syslogd/3620: [ 650.437593][ T28] #0: ffff8880b8f3ab18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140 [ 650.447666][ T28] 2 locks held by getty/4024: [ 650.452381][ T28] #0: ffff888030629098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 650.462310][ T28] #1: ffffc9000327b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x429/0x1390 [ 650.472469][ T28] 1 lock held by syz-executor/4274: [ 650.477657][ T28] #0: ffff888079a100e0 (&type->s_umount_key#73){+.+.}-{3:3}, at: deactivate_super+0xa0/0xd0 [ 650.487974][ T28] 5 locks held by kworker/u4:9/22573: [ 650.493418][ T28] [ 650.495757][ T28] ============================================= [ 650.495757][ T28] [ 650.504981][ T28] NMI backtrace for cpu 0 [ 650.509325][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted syzkaller #0 [ 650.516515][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 650.526563][ T28] Call Trace: [ 650.529830][ T28] [ 650.532752][ T28] dump_stack_lvl+0x188/0x24e [ 650.537438][ T28] ? show_regs_print_info+0x12/0x12 [ 650.542634][ T28] ? load_image+0x400/0x400 [ 650.547125][ T28] ? vprintk_emit+0x59f/0x6a0 [ 650.551802][ T28] ? printk_sprint+0x460/0x460 [ 650.556565][ T28] nmi_cpu_backtrace+0x3e6/0x460 [ 650.561501][ T28] ? nmi_trigger_cpumask_backtrace+0x450/0x450 [ 650.567649][ T28] ? _printk+0xda/0x130 [ 650.571803][ T28] ? load_image+0x400/0x400 [ 650.576301][ T28] ? load_image+0x400/0x400 [ 650.580803][ T28] ? nmi_trigger_cpumask_backtrace+0xf3/0x450 [ 650.586870][ T28] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 650.592931][ T28] nmi_trigger_cpumask_backtrace+0x1d4/0x450 [ 650.598912][ T28] watchdog+0xeee/0xf30 [ 650.603067][ T28] ? watchdog+0x1ed/0xf30 [ 650.607393][ T28] kthread+0x29d/0x330 [ 650.611452][ T28] ? hungtask_pm_notify+0x40/0x40 [ 650.616480][ T28] ? kthread_blkcg+0xd0/0xd0 [ 650.621069][ T28] ret_from_fork+0x1f/0x30 [ 650.625495][ T28] [ 650.628813][ T28] Sending NMI from CPU 0 to CPUs 1: [ 650.634076][ C1] NMI backtrace for cpu 1 [ 650.634088][ C1] CPU: 1 PID: 46 Comm: kworker/u4:3 Not tainted syzkaller #0 [ 650.634103][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 650.634112][ C1] Workqueue: events_unbound nsim_dev_trap_report_work [ 650.634137][ C1] RIP: 0010:memset_erms+0xb/0x10 [ 650.634158][ C1] Code: 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 f3 48 ab 89 d1 f3 aa 4c 89 c8 c3 90 49 89 f9 40 88 f0 48 89 d1 f3 aa <4c> 89 c8 c3 90 49 89 fa 40 0f b6 ce 48 b8 01 01 01 01 01 01 01 01 [ 650.634170][ C1] RSP: 0018:ffffc90000b77308 EFLAGS: 00000202 [ 650.634183][ C1] RAX: 0000000000000000 RBX: ffffc90000b773e8 RCX: 0000000000000000 [ 650.634193][ C1] RDX: 0000000000000010 RSI: 0000000000000000 RDI: ffffc90000b77448 [ 650.634203][ C1] RBP: ffffffff8ea9d714 R08: ffffc90000b77447 R09: ffffc90000b77438 [ 650.634215][ C1] R10: dffffc0000000000 R11: fffff5200016ee89 R12: 1ffff9200016ee7e [ 650.634226][ C1] R13: dffffc0000000000 R14: ffffc90000b77438 R15: ffffc90000b7741d [ 650.634238][ C1] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 650.634251][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 650.634262][ C1] CR2: 0000001b3451dff8 CR3: 0000000078096000 CR4: 00000000003506e0 [ 650.634275][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 650.634284][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 650.634293][ C1] Call Trace: [ 650.634298][ C1] [ 650.634304][ C1] unwind_next_frame+0xb8a/0x20b0 [ 650.634326][ C1] ? ___slab_alloc+0xbc6/0x1240 [ 650.634343][ C1] ? stack_trace_save+0xf0/0xf0 [ 650.634360][ C1] arch_stack_walk+0x10c/0x140 [ 650.634379][ C1] ? __kmem_cache_alloc_node+0x1a0/0x260 [ 650.634396][ C1] stack_trace_save+0xa6/0xf0 [ 650.634426][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 650.634444][ C1] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 650.634465][ C1] save_stack+0x121/0x230 [ 650.634481][ C1] ? __reset_page_owner+0x1a0/0x1a0 [ 650.634495][ C1] ? post_alloc_hook+0x173/0x1a0 [ 650.634513][ C1] ? get_page_from_freelist+0x1a1e/0x1ab0 [ 650.634536][ C1] ? __alloc_pages+0x1ec/0x4f0 [ 650.634554][ C1] ? alloc_slab_page+0x5d/0x160 [ 650.634569][ C1] ? new_slab+0x87/0x2c0 [ 650.634583][ C1] ? ___slab_alloc+0xbc6/0x1240 [ 650.634600][ C1] ? __lock_acquire+0x7d10/0x7d10 [ 650.634621][ C1] __set_page_owner+0x19/0x60 [ 650.634636][ C1] post_alloc_hook+0x173/0x1a0 [ 650.634654][ C1] get_page_from_freelist+0x1a1e/0x1ab0 [ 650.634677][ C1] ? stack_trace_save+0xa6/0xf0 [ 650.634693][ C1] ? verify_lock_unused+0x140/0x140 [ 650.634711][ C1] ? __stack_depot_save+0x35/0x460 [ 650.634731][ C1] ? __next_zones_zonelist+0x99/0x120 [ 650.634750][ C1] __alloc_pages+0x1ec/0x4f0 [ 650.634769][ C1] ? zone_statistics+0x170/0x170 [ 650.634794][ C1] alloc_slab_page+0x5d/0x160 [ 650.634811][ C1] new_slab+0x87/0x2c0 [ 650.634826][ C1] ___slab_alloc+0xbc6/0x1240 [ 650.634842][ C1] ? nsim_dev_trap_report_work+0x28f/0xaf0 [ 650.634861][ C1] ? nsim_dev_trap_report_work+0x28f/0xaf0 [ 650.634879][ C1] __kmem_cache_alloc_node+0x1a0/0x260 [ 650.634895][ C1] ? nsim_dev_trap_report_work+0x28f/0xaf0 [ 650.634912][ C1] __kmalloc_node_track_caller+0x9e/0x230 [ 650.634931][ C1] ? nsim_dev_trap_report_work+0x28f/0xaf0 [ 650.634948][ C1] __alloc_skb+0x22a/0x7e0 [ 650.634965][ C1] ? kmem_cache_free+0xf7/0x290 [ 650.634982][ C1] nsim_dev_trap_report_work+0x28f/0xaf0 [ 650.635007][ C1] ? process_one_work+0x7b0/0x1160 [ 650.635022][ C1] process_one_work+0x8a2/0x1160 [ 650.635044][ C1] ? worker_detach_from_pool+0x240/0x240 [ 650.635062][ C1] ? _raw_spin_lock_irq+0xb7/0xf0 [ 650.635075][ C1] ? _raw_spin_lock_irqsave+0x100/0x100 [ 650.635089][ C1] ? kthread_data+0x4b/0xc0 [ 650.635110][ C1] worker_thread+0xaa2/0x1270 [ 650.635138][ C1] kthread+0x29d/0x330 [ 650.635149][ C1] ? worker_clr_flags+0x1a0/0x1a0 [ 650.635164][ C1] ? kthread_blkcg+0xd0/0xd0 [ 650.635183][ C1] ret_from_fork+0x1f/0x30 [ 650.635207][ C1] [ 650.683350][ T5354] usb 4-1: USB disconnect, device number 47 [ 650.695115][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 650.695131][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted syzkaller #0 [ 650.695149][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 650.695159][ T28] Call Trace: [ 650.695165][ T28] [ 650.695172][ T28] dump_stack_lvl+0x188/0x24e [ 650.695199][ T28] ? memcpy+0x3c/0x60 [ 650.695216][ T28] ? show_regs_print_info+0x12/0x12 [ 650.695238][ T28] ? load_image+0x400/0x400 [ 650.695266][ T28] panic+0x2e5/0x730 [ 650.695281][ T28] ? schedule_preempt_disabled+0x20/0x20 [ 650.695305][ T28] ? bpf_jit_dump+0xd0/0xd0 [ 650.695325][ T28] ? nmi_trigger_cpumask_backtrace+0x35b/0x450 [ 650.695349][ T28] ? nmi_trigger_cpumask_backtrace+0x360/0x450 [ 650.695373][ T28] watchdog+0xf2d/0xf30 [ 650.695396][ T28] ? watchdog+0x1ed/0xf30 [ 650.695419][ T28] kthread+0x29d/0x330 [ 650.695433][ T28] ? hungtask_pm_notify+0x40/0x40 [ 650.695451][ T28] ? kthread_blkcg+0xd0/0xd0 [ 650.695476][ T28] ret_from_fork+0x1f/0x30 [ 650.695508][ T28] [ 650.701144][ T28] Kernel Offset: disabled [ 651.148510][ T28] Rebooting in 86400 seconds..