last executing test programs: 2.945150049s ago: executing program 5 (id=4571): syz_mount_image$erofs(&(0x7f00000004c0), &(0x7f0000000200)='./file0\x00', 0x300800c, &(0x7f0000000380)=ANY=[@ANYRES8=0x0, @ANYRES8, @ANYRES64], 0x1, 0x249, &(0x7f0000006840)="$eJzsmDtvE0EQx/+79/JhiKChoKEgEiAUP85NmggFCYkKISW8KrDIEYU4MbIPCVtCKKKhgY4CiYaCL0ARiVQp6PgCQVAAEhJIuKCgSXNoH3e++C722dBlfsXm79mZ3ZnxZgqDIIgDy7evf748uzC7CAYcxjQcbf9hAIwpzRP+n18+OPdi7uKrt5/evF+ferQV2Q39V4SEYSKAAYUh95sAtucNPI5viqN3Q3zEtP6wCC70T6GvguOstl8HQ0nr2+C4prUPhpta30vopvAvle6uNPzSnWZjSYiKWKpi8cRS065WlF9vg2FJG8PQAEvk3+50V+uNht9KCFPvZWxNJOLGZmDBRm+ey1yxPSUzFF288fTJhjBFvamo/kmq4Kjq82pgWND2WThRb1RLEvWfMKP6RQcG609Xu/tO+oqNUUUWlJj7/V+aJYQNJY7NTHZO1O3BraMpy3DBZVsGzrGi/rU7XaHyHmhM9nSkMPd5i6z/gs/rL3S8K4oi/HLeKp67AP7py3UyMrRSlnGrUMJQUcd7Wx/SPt/TUc6ejoVs9BUs//sp5H+ryHyr+YWL7iqfqGMjEtvZVPMjfM1wGv35YSbmRzlYu19ud7ozK2v1ZX/ZX/e8mlOMJ55fKctxlB588Tx05Xw6lDjfyh6VsLmNh/UgaFXVajMbLoKg5cnPXuLfZmGz+euWDgtwCcCp/rV2fKKRTstWPlz6CnUm7YTiPhkSBEEQBEEQBEEQBEEQBEEM4ySY/BVUsHMEcLU93It3RVr/BgAA///NikOb") llistxattr(&(0x7f0000000300)='./file1\x00', 0x0, 0x180) 2.540473892s ago: executing program 2 (id=4575): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="2000000002010102000000000000000000020007", @ANYRES32=r0], 0x20}, 0x1, 0x0, 0x0, 0x4059}, 0x40010) 2.464310549s ago: executing program 0 (id=4576): timer_create(0x2, 0x0, &(0x7f0000000300)=0x0) timer_settime(r0, 0x1, &(0x7f00000004c0)={{}, {0x77359400}}, &(0x7f0000000500)) 2.450838539s ago: executing program 5 (id=4577): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="5c000000100019002cbd7000fadbdf2500000000", @ANYRES32=0x0, @ANYBLOB="a70d040069920700280012800e0001006970366772657461700000001400028006000e000313000006000f00050000001400030069703667726574617030"], 0x5c}}, 0x8040) 2.199014519s ago: executing program 0 (id=4581): r0 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_STATUS64(r0, 0x80984120, &(0x7f0000000340)) 2.139607282s ago: executing program 2 (id=4582): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_ACTIVATE(r0, 0x4bfb, 0x10000000000004) 2.048004575s ago: executing program 5 (id=4583): r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) read$ptp(r0, 0x0, 0x0) 1.926127649s ago: executing program 0 (id=4587): syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000001080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x21408, 0x0, 0x3, 0x0, &(0x7f0000006380)) mount(0x0, &(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000000)='pvfs2\x00', 0xe00, &(0x7f0000000500)='acl') 1.808706866s ago: executing program 2 (id=4588): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x480, 0x0, 0x0) 1.805223312s ago: executing program 5 (id=4589): pselect6(0x40, &(0x7f00000001c0)={0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, &(0x7f0000000300)={0x0, 0x3938700}, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) 1.696624904s ago: executing program 3 (id=4591): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="300000001d0001002bbd7000fd7a07337acd4d6e", @ANYRES32=0x0, @ANYBLOB="0400000514000100"], 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x800) 1.696301489s ago: executing program 4 (id=4592): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000340)=@newlink={0x5c, 0x10, 0x439, 0x0, 0x4, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @mcast2}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @mcast1}]}}}]}, 0x5c}}, 0x0) 1.568144955s ago: executing program 2 (id=4593): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0) mount_setattr(r0, 0x0, 0x1100, &(0x7f00000000c0)={0x100013, 0x74, 0x100000, {r0}}, 0x20) 1.563672347s ago: executing program 0 (id=4594): r0 = syz_init_net_socket$ax25(0x3, 0x3, 0xc4) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000080)={@null, @null, @default, 0x4, 0xffffffffffff0001, 0x0, [@null, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) 1.528282817s ago: executing program 5 (id=4595): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x15\x00'}]}, 0x1c}}, 0x0) 1.516165659s ago: executing program 1 (id=4596): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x0, 0x82, 0x0, 0x0) 1.487490672s ago: executing program 4 (id=4597): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./bus\x00', 0x1a00040, &(0x7f00000001c0)={[{@numtail}, {@shortname_win95}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@uni_xlate}, {@shortname_win95}, {@utf8}, {@utf8no}, {@uni_xlateno}, {@utf8}, {@shortname_mixed}, {@utf8no}]}, 0x3, 0x350, &(0x7f0000000900)="$eJzs3U9oW3UcAPBv9tKkHcz2IAwF4elN0LJWPOipZXQwzEUl+OcgBtepNHXQYLA7NKsX8Sh41JM3D3rwsLMIinjz4NUJMhUPutvA4ZMkL81Lk3adkM3i53MI331/329+v7c8mtfX5tdXV2LjwkxcvHHjeszOlqK8cnYlbpZiIZIYuBLjKhNyAMDxcDPL4s+s74gtpSkvCQCYst77/+unCpl3vz6sPvPuDwDHXv79/9xhNbMHDVyaypIAgCkbu///yMhwZfRH/eXCbwUAAMfV8y+9/MxqLeK5NJ2N2HyvXW/X4+nh+OrFeDOasR5nYj5uRfQvFLoPpd7jufO1tTNpmnbil4Wodzva9YjNTrvev1JYTXr91ViK+VjI+/OrjSzLknNf1NaW0p6IuNLpzR+bpXZ9Jk7m8/94MtZjOdK4f6w/4nxtbTnNn6C+OejvROwO71t0178Y8/H9a3EpmnEhur2Dy5ra2s5Smp7NaiP97Xq1V9d34B0QAAAAAAAAAAAAAAAAAAAAAAD4VxbTPQt7+99kw/17FhcnjPf2x+n35/sD7fb3B8qqWWTZH+88Xn8/iZH9gfbvz9Oul+PEvT10AAAAAAAAAAAAAAAAAAAA+M9obVei0Wyub7W2L28Ug85Wa/tERHQzb3372VdzMV5zm6Ccz1EYSvPU5Y1GlgyKs2SkJg+S7uSDzKdX91ZcrKnuHcXEZVQPHmo2Tz3880fDzEPJ4Jn/HtYkMfkAk33LKAab9/WXdCf/UXvB8m1qrmVZdlD7zivjXVGKKN/5C3d4kHWDb66/8cATrdNP9jJfZn2PPjb/wrUPP/lto9Hszhy9V7Cy1bqVbTTyf08+2Q4OksL5U4p+UCqeCeXD2ndHM43kh99ffPCD7442e1bMvD2hJukfzuf7hyr9oLvMfUNzk+aamXDyTyE4/fFK4+rOT78etavwRcJGHQAAAAAAAAAAAAAAAAAAcFcUPiueyz/sO3NY11PPTn9lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD3DP/+fyHYHcscJfirE+ND1fWtVkTlXh8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/c/8EAAD//9HQbnk=") openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0xc4142, 0x0) 1.457253415s ago: executing program 3 (id=4598): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000540)=@nat={'nat\x00', 0x670, 0x5, 0x330, 0x2c8, 0x0, 0xffffffff, 0x228, 0x370, 0x440, 0x440, 0xffffffff, 0x440, 0x440, 0x5, 0x0, {[{{@ip={@rand_addr=0x64010104, @local, 0xff0000ff, 0xffffff00, 'veth1_to_bridge\x00', 'wg1\x00', {}, {0xff}, 0x16}, 0x0, 0x70, 0xa8, 0x48}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0xf, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id=0x65, @port=0x4e24}}}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0xffffffffffffffff, 0xd, 0x1}, {0x2, 0x4, 0x3}, 0x1000, 0x100}}}, {{@ip={@multicast2, @broadcast, 0xff, 0x0, 'virt_wifi0\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x2, @loopback, @empty, @icmp_id=0x68, @port=0x4e22}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x10, @rand_addr, @dev={0xac, 0x14, 0x14, 0x2a}, @icmp_id, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x390) 1.348979597s ago: executing program 2 (id=4599): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$UHID_INPUT(r0, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d0381edd7fc6e5539b0d430a8b089b3f38356d030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadbac5c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 1.296355303s ago: executing program 0 (id=4600): timer_create(0xfffffffd, 0x0, &(0x7f0000000040)=0x0) timer_settime(r0, 0x1, &(0x7f0000000080)={{}, {0x0, 0x3938700}}, 0x0) 1.295553237s ago: executing program 5 (id=4601): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab1204000000000000010902240001b30000040904410c17ff5d810009050f1f05e13f000009058303", @ANYRESDEC], 0x0) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x3b, &(0x7f00000002c0)=ANY=[@ANYRESDEC]) 1.223415652s ago: executing program 3 (id=4602): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) 1.163083092s ago: executing program 1 (id=4603): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000010429bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="2b030000000000002000128008000100677470001400028008000100", @ANYRESHEX], 0x40}}, 0x8080) 1.03984253s ago: executing program 0 (id=4604): r0 = syz_usb_connect(0x2, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf08"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 948.725244ms ago: executing program 3 (id=4605): bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000004000000ff0f00000700000088"], 0x50) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 947.864107ms ago: executing program 4 (id=4606): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000680)=@newtaction={0x90, 0x30, 0x216822a75a8bdd29, 0xffe4, 0x0, {}, [{0x7c, 0x1, [@m_connmark={0x34, 0x2, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x90}}, 0x0) 928.101902ms ago: executing program 1 (id=4607): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000008c0)={0xc}) 722.532935ms ago: executing program 1 (id=4608): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[0x0, 0x0], 0x2}) 679.874787ms ago: executing program 3 (id=4609): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@mpls_newroute={0x24, 0x18, 0x601, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_TTL_PROPAGATE={0x4, 0x13}]}, 0x24}}, 0x0) 678.964173ms ago: executing program 4 (id=4610): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x2c, 0x40, 0x107, 0x70bd2b, 0x25dfdbfe, {0x3, 0x7c}, [@nested={0x4, 0x1c2}, @nested={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x10, 0x0, 0x1, [@nested={0x5, 0x8, 0x0, 0x1, [@generic='K']}]}]}, @typed={0x4, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4c090}, 0xc000) 531.975713ms ago: executing program 1 (id=4611): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00') read$FUSE(r0, &(0x7f0000004180)={0x2020}, 0x2020) 339.796832ms ago: executing program 4 (id=4612): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1b, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0xc, &(0x7f00000000c0)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) 155.453595ms ago: executing program 1 (id=4613): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x5319) 100.247288ms ago: executing program 3 (id=4614): r0 = syz_open_dev$sndmidi(&(0x7f0000000140), 0x2, 0x141902) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) 10.863573ms ago: executing program 2 (id=4615): syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x2, 0x638, &(0x7f0000000ac0)="$eJzs3c1rHOcdB/DvrGRZssFRGttxSyAihrRU1NYLSqte6pZSVAglpIeehS1j4bWTSkpRQmnUN3rtIX9AetCtp0IvhYIgPbe3XHUMFHrJST1tmdlZvVjydjdeeWXn8zEz8zzzzDzze347L7trxAb40lqazuhOiixNv7lZ1ne355u72/MPOuUk55M0ktH2IsXDpPgkuZX2lK+WK+vuiscd56PVxbc//Xz3s3ZttJ6q7Rvd9uvNVj1lKslIvRxUf7efuL9if4Rlwq53EgfDdi5J64ifXz1o6e7CE1+3wFlQtJ+b+1r1lT1ZXeYZr98HtJ+K7Wf2M21r2AEAAADAoI0fX/XCXvaymUvDCAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeVfXv/1e/+j++vyrFVIrO7/+PddqTXBxiqN2N9bbZTuO0AwEAAAAAAACA0/fqXvaymUudeqtII8lrVeVyNb+Y97KelazlRjaznI1sZC2zSSYPdTS2ubyxsTbbw55zJ+4512PAE08+ZgAAAAAAAAB4Dv0mSwf//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGdBkYy0F9V0uVOeTGM0yXiSsXK7reRfnfKzbGfYAQAAAMBT8MJe9rKZS516q6g+81+tPveP5708zEZWs5FmVnKn+i6g/am/sbs939zdnn9QTsf7/f5/+gqj6jHt7x5OPvK1aouJ3M1qteZGbuedNHMnjWrP0rVOPCfH9esypuJ7tR4ju1Mvy5H/sV6evpEetpmsMnJuPyMzdWxlNl7snomjr85Wv0eaTWP/m5/Lp5DzC/WySC7++KnlvBd1Jl5NnYm5Q2ff1e6ZSL7+1z//7F7z4f17d9enz86Q+nC+1Wp1yo+eE/OHMvHyc5+Jw2aqTFzZry/lR/lppjOVt7KW1fwiy9nISqbyw6q0XJ/P5Xyye6ZuHam9Vc0nHh/JWP26tO8e/cX0WrXvpazmJ3knd7KSN6p/c5nNt7OQhSweeoWv9HDVN/q76q9/oy6UA/xD94E+ZWVeX6zz+mFy5J47WbUdXnOQpRQZ9L1x9Gt1oTzGb+vl2fBoJmYPZeKl7ufLn6rbynrz4f21e8vv9ni81+tleR39/kw9Jcrz5Svli1XVjp4dZdtLJ7bNVm2X99sax9qu7Lf9vyt1rH4Pd7ynuart5RPb5qu2a4faTnq/BcCZd+GbF8Ym/j3xz4mPJ343cW/izfEfnP/O+VfGcu4f5747OjPyeuOV4i/5OL86+PwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8cevvf3B/udlcWXuk0Gq1PnxM0xctjKSfvf7+t0EevfN7RAMczmAL4/1s3DobMfdT+G+r1RpIh1tdTtqBFVq1M5G6IRWGfGMCTt3NjQfv3lx//4NvrXYekQsLizOLC2/M37y72lyZac+HHCRwKg4e+sOOBAAAAAAAAAAAAOjV0/hzgmGPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHi2LU1ndCdFZmduzJT13e35Zjl1ygdbjiZpJCl+mRSfJLfSnjJ5qLvi+BF2qvlHq4tvf/r57mcHfY12tm+cvF8/tuopU0lG6uWg+rv9xP0V+yMsE3a9kzgYtv8FAAD//ywaEHk=") mknod(&(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, 0x247) 0s ago: executing program 4 (id=4616): r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000480)={0x1ff, 0x1ff, 0x2, {0x4, @pix_mp={0xffffffff, 0xf, 0x31363553, 0x7, 0xd, [{0x9, 0x5}, {0x22955b83, 0x7f68}, {0x5, 0x4}, {0x28, 0x3}, {0x6, 0x5}, {0x800, 0x3}, {0x5, 0xb33b}, {0x3, 0x4}], 0x42, 0x6, 0x1, 0x2, 0x1}}, 0x9}) kernel console output (not intermixed with test programs): ead(block 64) failed [ 396.468644][T19889] FAT-fs (loop4): Directory bread(block 65) failed [ 396.474620][ T31] audit: type=1326 audit(1776261206.418:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19896 comm="syz.2.3417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaf4d9c819 code=0x7ffc0000 [ 396.507934][T19889] FAT-fs (loop4): Directory bread(block 66) failed [ 396.558076][T19770] loop1: detected capacity change from 0 to 32768 [ 396.562528][T19889] FAT-fs (loop4): Directory bread(block 67) failed [ 396.601785][T19889] FAT-fs (loop4): Directory bread(block 68) failed [ 396.624047][ T31] audit: type=1326 audit(1776261206.418:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19896 comm="syz.2.3417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaf4d9c819 code=0x7ffc0000 [ 396.640549][T19889] FAT-fs (loop4): Directory bread(block 69) failed [ 396.732914][T19889] FAT-fs (loop4): Directory bread(block 70) failed [ 396.786458][T19889] FAT-fs (loop4): Directory bread(block 71) failed [ 396.792172][ T31] audit: type=1326 audit(1776261206.438:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19896 comm="syz.2.3417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaf4d9c819 code=0x7ffc0000 [ 396.815954][T19889] FAT-fs (loop4): Directory bread(block 72) failed [ 396.854918][T19889] FAT-fs (loop4): Directory bread(block 73) failed [ 396.914261][ T31] audit: type=1326 audit(1776261206.438:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19896 comm="syz.2.3417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaf4d9c819 code=0x7ffc0000 [ 396.960998][ T5832] ocfs2: Unmounting device (7,3) on (node local) [ 397.021305][ T31] audit: type=1326 audit(1776261206.448:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19896 comm="syz.2.3417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7feaf4d9c819 code=0x7ffc0000 [ 397.043566][T19914] ipt_ECN: cannot use operation on non-tcp rule [ 397.183238][ T31] audit: type=1326 audit(1776261206.448:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19896 comm="syz.2.3417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaf4d9c819 code=0x7ffc0000 [ 397.230548][T19924] netlink: 'syz.5.3425': attribute type 12 has an invalid length. [ 397.323090][T19924] netlink: 'syz.5.3425': attribute type 4 has an invalid length. [ 397.395178][T19929] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3427'. [ 397.831218][T19949] loop4: detected capacity change from 0 to 256 [ 397.847124][T19953] bridge0: port 3(hsr0) entered blocking state [ 397.865212][T19949] exfat: Deprecated parameter 'namecase' [ 397.881571][T19953] bridge0: port 3(hsr0) entered disabled state [ 397.894079][T19953] hsr0: entered allmulticast mode [ 397.910176][T19953] hsr_slave_0: entered allmulticast mode [ 397.917796][T19949] exfat: Deprecated parameter 'namecase' [ 397.924376][T19953] hsr_slave_1: entered allmulticast mode [ 397.963016][T19953] hsr0: entered promiscuous mode [ 397.980982][T19953] bridge0: port 3(hsr0) entered blocking state [ 397.990830][T19953] bridge0: port 3(hsr0) entered forwarding state [ 398.012203][T19949] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 398.927321][T20003] loop3: detected capacity change from 0 to 4096 [ 398.955785][T20012] loop4: detected capacity change from 0 to 1024 [ 398.959864][T20003] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 398.967629][T20017] SET target dimension over the limit! [ 398.978834][T20015] loop1: detected capacity change from 0 to 1024 [ 399.004213][T20012] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 399.008821][T20003] ntfs3(loop3): ino=3, mi_enum_attr [ 399.077063][T20012] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8040e019, mo2=0000] [ 399.227954][T20012] EXT4-fs error (device loop4): ext4_map_blocks:791: inode #3: block 2: comm syz.4.3454: lblock 2 mapped to illegal pblock 2 (length 1) [ 399.308014][T20012] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 399.311386][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 399.327097][ C1] EXT4-fs (loop4): initial error at time 1776261209: ext4_map_blocks:791: inode 3: block 2 [ 399.337316][ C1] EXT4-fs (loop4): last error at time 1776261209: ext4_map_blocks:791: inode 3: block 2 [ 399.372920][T20012] EXT4-fs error (device loop4): ext4_map_blocks:791: inode #3: block 48: comm syz.4.3454: lblock 0 mapped to illegal pblock 48 (length 1) [ 399.476348][T20012] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 399.479432][T20012] EXT4-fs error (device loop4): ext4_acquire_dquot:7028: comm syz.4.3454: Failed to acquire dquot type 0 [ 399.547181][T20012] loop4: lost filesystem error report for type 5 error -117 [ 399.585844][T20012] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6293: Corrupt filesystem [ 399.660823][T20012] loop4: lost filesystem error report for type 5 error -117 [ 399.662276][T20012] EXT4-fs error (device loop4): ext4_evict_inode:267: inode #11: comm syz.4.3454: mark_inode_dirty error [ 399.749882][T20012] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 399.751817][T20012] EXT4-fs warning (device loop4): ext4_evict_inode:270: couldn't mark inode dirty (err -117) [ 399.769061][T20051] loop0: detected capacity change from 0 to 64 [ 399.844261][T20012] EXT4-fs (loop4): 1 orphan inode deleted [ 399.885202][T20012] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 399.886564][T18032] EXT4-fs error (device loop4): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:12: lblock 1 mapped to illegal pblock 1 (length 1) [ 400.016885][T20056] netlink: 'syz.3.3463': attribute type 1 has an invalid length. [ 400.068918][T18032] EXT4-fs error (device loop4): ext4_release_dquot:7064: comm kworker/u8:12: Failed to release dquot type 0 [ 400.236701][T18032] EXT4-fs error (device loop4): ext4_map_blocks:791: inode #3: block 2: comm kworker/u8:12: lblock 2 mapped to illegal pblock 2 (length 1) [ 400.357930][T18032] EXT4-fs error (device loop4): ext4_write_dquot:7008: comm kworker/u8:12: Failed to commit dquot type 0 [ 400.391578][ T5837] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 400.447288][ T5820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 400.481800][ T5820] EXT4-fs error (device loop4): __ext4_get_inode_loc:4799: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 400.501210][T20032] loop5: detected capacity change from 0 to 32768 [ 400.515177][T20032] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3456 (20032) [ 400.558021][ T5820] loop4: lost filesystem error report for type 5 error -117 [ 400.589245][T20032] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 400.592439][ T5820] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6293: Corrupt filesystem [ 400.601402][ T5837] usb 3-1: Using ep0 maxpacket: 32 [ 400.628549][T20032] BTRFS info (device loop5): using sha256 checksum algorithm [ 400.664374][ T5820] loop4: lost filesystem error report for type 5 error -117 [ 400.667690][ T5820] EXT4-fs error (device loop4): ext4_quota_off:7312: inode #3: comm syz-executor: mark_inode_dirty error [ 400.694064][ T5820] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 400.743446][ T5837] usb 3-1: config 139 has an invalid interface number: 49 but max is 0 [ 400.867037][T20058] loop1: detected capacity change from 0 to 32768 [ 400.894316][T20032] BTRFS info (device loop5): enabling ssd optimizations [ 400.907732][ T5837] usb 3-1: config 139 has no interface number 0 [ 400.949784][ T5837] usb 3-1: config 139 interface 49 has no altsetting 0 [ 400.963774][T20058] jfs_lookup: dtSearch returned -5 [ 400.972925][T20032] BTRFS info (device loop5): turning on async discard [ 401.015269][ T5837] usb 3-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=72.75 [ 401.026654][T20032] BTRFS info (device loop5): enabling free space tree [ 401.058835][T20032] BTRFS info (device loop5): enabling auto defrag [ 401.068245][ T5837] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 401.118597][ T5837] usb 3-1: Product: syz [ 401.127431][T20032] BTRFS info (device loop5): max_inline set to 4096 [ 401.139302][ T5837] usb 3-1: Manufacturer: syz [ 401.155682][ T5837] usb 3-1: SerialNumber: syz [ 401.288710][T20105] loop3: detected capacity change from 0 to 4096 [ 401.461239][T20105] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 401.524776][T20105] ntfs3(loop3): Failed to load $Extend (-22). [ 401.556707][T20105] ntfs3(loop3): Failed to initialize $Extend. [ 401.567589][ T5837] radio-usb-si4713 3-1:139.49: Si4713 development board discovered: (10C4:8244) [ 401.658935][ T5837] radio-usb-si4713 3-1:139.49: probe with driver radio-usb-si4713 failed with error -71 [ 401.713212][T20105] ntfs3(loop3): ino=1f, "file2" attr_set_size_ex [ 401.747486][ T5837] usbhid 3-1:139.49: couldn't find an input interrupt endpoint [ 401.799848][T20135] netlink: 'syz.1.3476': attribute type 21 has an invalid length. [ 401.806329][ T5837] usb 3-1: USB disconnect, device number 17 [ 401.828658][T20105] ntfs3(loop3): ino=1f, "file2" attr_set_size_ex [ 401.842377][T20135] netlink: 156 bytes leftover after parsing attributes in process `syz.1.3476'. [ 401.858046][ T5829] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 402.048739][ T5832] ntfs3(loop3): ino=9, ntfs_sync_fs failed, -22. [ 402.423744][T20161] loop0: detected capacity change from 0 to 8 [ 402.552850][T20161] SQUASHFS error: zstd decompression error: 10 [ 402.620713][T20161] SQUASHFS error: zstd decompression failed, data probably corrupt [ 402.687661][T20161] SQUASHFS error: Failed to read block 0x62b: -5 [ 402.722353][T20161] SQUASHFS error: Unable to read metadata cache entry [629] [ 402.759680][T20161] SQUASHFS error: Unable to read directory block [629:ff26] [ 402.944625][T20183] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3485'. [ 402.995480][T20183] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3485'. [ 404.293809][T20263] sctp: [Deprecated]: syz.5.3513 (pid 20263) Use of int in max_burst socket option. [ 404.293809][T20263] Use struct sctp_assoc_value instead [ 404.773940][T20289] loop4: detected capacity change from 0 to 1024 [ 404.784458][T20296] loop3: detected capacity change from 0 to 512 [ 404.798835][T20289] EXT4-fs: Ignoring removed oldalloc option [ 404.882722][T20289] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 404.918936][T20296] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 404.956559][T20308] netlink: 'syz.5.3525': attribute type 61 has an invalid length. [ 405.007910][T20308] netlink: 'syz.5.3525': attribute type 62 has an invalid length. [ 405.201893][ T5820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 405.270408][ T5832] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 405.795085][T20349] netlink: 188 bytes leftover after parsing attributes in process `syz.4.3536'. [ 406.013706][T20286] loop2: detected capacity change from 0 to 32768 [ 406.150060][T20370] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 406.857768][T20407] netlink: 'syz.2.3545': attribute type 1 has an invalid length. [ 406.894688][T20407] netlink: 'syz.2.3545': attribute type 2 has an invalid length. [ 407.540183][T20448] veth0_macvtap: left promiscuous mode [ 408.013970][T20475] netlink: 'syz.5.3576': attribute type 89 has an invalid length. [ 408.163424][ T5933] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 408.226448][T20421] loop4: detected capacity change from 0 to 32768 [ 408.352949][ T5933] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 408.402045][ T5933] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 408.457774][ T5933] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 408.515216][ T5933] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 408.543546][ T790] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 408.589254][ T5933] usb 1-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 408.616133][ T5933] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 408.654736][ T5933] usb 1-1: Product: syz [ 408.675047][ T5933] usb 1-1: Manufacturer: syz [ 408.700744][ T5933] usb 1-1: SerialNumber: syz [ 408.703590][T20510] loop1: detected capacity change from 0 to 256 [ 408.731458][ T790] usb 6-1: Using ep0 maxpacket: 32 [ 408.743831][ T5933] usb 1-1: config 0 descriptor?? [ 408.750290][T20510] exfat: Deprecated parameter 'utf8' [ 408.786174][ T790] usb 6-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15 [ 408.789434][T20510] exfat: Deprecated parameter 'utf8' [ 408.796055][ T5933] ums-isd200 1-1:0.0: USB Mass Storage device detected [ 408.842867][ T790] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 408.856563][T20510] exfat: Deprecated parameter 'utf8' [ 408.878552][ T790] usb 6-1: Product: syz [ 408.898352][ T790] usb 6-1: Manufacturer: syz [ 408.924222][ T790] usb 6-1: SerialNumber: syz [ 408.999131][T20510] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x0afbdf60, utbl_chksum : 0xe619d30d) [ 409.027054][ T790] usb 6-1: config 0 descriptor?? [ 409.042630][ T5933] scsi host1: usb-storage 1-1:0.0 [ 409.165200][ T5933] usb 1-1: USB disconnect, device number 14 [ 409.358316][ T790] RobotFuzz Open Source InterFace, OSIF 6-1:0.0: version d4.15 found at bus 006 address 013 [ 409.410322][ T31] kauditd_printk_skb: 12 callbacks suppressed [ 409.410344][ T31] audit: type=1400 audit(1776261219.458:227): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//&@\)//&" pid=20545 comm="syz.4.3588" [ 409.534587][T20561] libceph: resolve '0' (ret=-3): failed [ 409.616428][ T9] usb 6-1: USB disconnect, device number 13 [ 410.098925][T20504] loop3: detected capacity change from 0 to 32768 [ 410.150475][T20504] XFS (loop3): DAX unsupported by block device. Turning off DAX. [ 410.201736][T20600] xt_TCPMSS: Only works on TCP SYN packets [ 410.220331][T20504] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 410.336716][T20607] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3599'. [ 410.426278][T20504] XFS (loop3): Ending clean mount [ 410.492134][T20504] XFS (loop3): Quotacheck needed: Please wait. [ 410.535196][ T5486] veth0_macvtap: entered promiscuous mode [ 410.731514][ T5933] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 410.797387][T20504] XFS (loop3): Quotacheck: Done. [ 410.923885][ T5933] usb 6-1: Using ep0 maxpacket: 32 [ 410.948821][ T5933] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 410.999030][ T5933] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 411.009827][T20635] loop4: detected capacity change from 0 to 4096 [ 411.042873][ T5933] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 411.084130][ T5933] usb 6-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 411.136604][ T5933] usb 6-1: Product: syz [ 411.159523][ T5933] usb 6-1: Manufacturer: syz [ 411.189635][ T5832] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 411.208960][T20564] loop1: detected capacity change from 0 to 32768 [ 411.248792][ T5933] hub 6-1:4.0: USB hub found [ 411.279229][T20564] XFS (loop1): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 411.449248][ T5933] hub 6-1:4.0: 6 ports detected [ 411.467277][ T5933] hub 6-1:4.0: insufficient power available to use all downstream ports [ 411.658816][ T5933] hub 6-1:4.0: hub_hub_status failed (err = -71) [ 411.698326][ T5933] hub 6-1:4.0: config failed, can't get hub status (err -71) [ 411.823314][ T5933] usb 6-1: USB disconnect, device number 14 [ 411.914208][T20564] XFS (loop1): Starting recovery (logdev: internal) [ 412.105731][T20564] XFS (loop1): Ending recovery (logdev: internal) [ 412.282512][T20690] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3611'. [ 412.327969][T20692] loop3: detected capacity change from 0 to 128 [ 412.371173][T20564] XFS (loop1): Corruption warning: Metadata has LSN (8192:64) ahead of current LSN (1:192). Please unmount and run xfs_repair (>= v4.3) to resolve. [ 412.438603][T20564] XFS (loop1): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xe0, xfs_bnobt block 0x4 [ 412.479343][T20692] FAT-fs (loop3): Directory bread(block 32) failed [ 412.486335][T20638] loop2: detected capacity change from 0 to 32768 [ 412.494969][T20564] XFS (loop1): Unmount and run xfs_repair [ 412.515242][T20692] FAT-fs (loop3): Directory bread(block 33) failed [ 412.524513][T20564] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 412.551260][T20692] FAT-fs (loop3): Directory bread(block 34) failed [ 412.566490][T20564] 00000000: 53 55 4d 59 00 00 00 02 ff ff ff ff ff ff ff ff SUMY............ [ 412.578843][T20692] FAT-fs (loop3): Directory bread(block 35) failed [ 412.592318][T20638] find_entry called with index = 0 [ 412.622061][T20564] 00000010: 00 00 00 00 00 00 00 04 00 00 20 00 00 00 00 40 .......... ....@ [ 412.633756][T20638] read_mapping_page failed! [ 412.638570][T20692] FAT-fs (loop3): Directory bread(block 36) failed [ 412.652074][T20638] ERROR: (device loop2): txCommit: [ 412.652074][T20638] [ 412.663119][T20692] FAT-fs (loop3): Directory bread(block 37) failed [ 412.669891][T20564] 00000020: 9f 91 83 2a 3b 79 45 c3 9d 6d ed 0b c7 35 7f e4 ...*;yE..m...5.. [ 412.698966][T20692] FAT-fs (loop3): Directory bread(block 38) failed [ 412.712370][T20564] 00000030: 00 00 00 00 25 47 cc 81 00 00 00 0d 00 00 00 03 ....%G.......... [ 412.712539][T20704] loop0: detected capacity change from 0 to 512 [ 412.742227][T20692] FAT-fs (loop3): Directory bread(block 39) failed [ 412.752775][T20564] 00000040: 00 00 0e a8 00 00 11 58 00 00 00 00 00 00 00 00 .......X........ [ 412.780242][T20692] FAT-fs (loop3): Directory bread(block 40) failed [ 412.795269][T20564] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 412.808057][T20692] FAT-fs (loop3): Directory bread(block 41) failed [ 412.837441][T20564] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 412.871235][T20704] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 412.896724][T20564] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 412.913120][T20564] XFS (loop1): metadata I/O error in "xfs_btree_read_buf_block+0x2b0/0x490" at daddr 0x4 len 4 error 74 [ 412.926987][T20704] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 412.958035][T20704] System zones: 0-1, 15-15, 18-18, 34-34 [ 412.965740][T20704] EXT4-fs (loop0): orphan cleanup on readonly fs [ 412.973236][T20704] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0 [ 412.983313][T20704] EXT4-fs warning (device loop0): ext4_enable_quotas:7263: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 412.998450][T20564] XFS (loop1): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x518/0x8f0 (fs/xfs/xfs_trans_buf.c:311). Shutting down filesystem. [ 413.017408][T20704] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 413.052201][T20692] syz.3.3606: attempt to access beyond end of device [ 413.052201][T20692] loop3: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 413.067897][T20564] XFS (loop1): Please unmount the filesystem and rectify the problem(s) [ 413.083131][T20704] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3613: bg 0: block 40: padding at end of block bitmap is not set [ 413.118589][T20692] FAT-fs (loop3): Filesystem has been set read-only [ 413.165813][T20704] loop0: lost filesystem error report for type 5 error -117 [ 413.167622][T20704] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 413.172812][T20692] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 413.175081][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 413.175104][ C1] EXT4-fs (loop0): initial error at time 1776261223: ext4_validate_block_bitmap:441 [ 413.175130][ C1] EXT4-fs (loop0): last error at time 1776261223: ext4_validate_block_bitmap:441 [ 413.206676][T20704] loop0: lost filesystem error report for type 5 error -117 [ 413.254386][ T5821] XFS (loop1): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 413.285208][T20704] EXT4-fs (loop0): 1 truncate cleaned up [ 413.300735][T20704] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 413.373734][T20704] EXT4-fs error (device loop0): ext4_encrypted_get_link:46: inode #16: comm syz.0.3613: bad symlink. [ 413.570635][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 413.863783][T20687] loop4: detected capacity change from 0 to 32768 [ 413.937258][T20687] [ 413.937258][T20687] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 413.937258][T20687] [ 414.031482][T20687] ERROR: (device loop4): xtTruncate_pmap: xt_getpage: xtree page corrupt [ 414.031482][T20687] [ 414.142694][T20687] ERROR: (device loop4): jfs_unlink: [ 414.142694][T20687] [ 414.335010][T20707] loop5: detected capacity change from 0 to 32768 [ 414.345240][ T5820] ERROR: (device loop4): xtTruncate: xt_getpage: xtree page corrupt [ 414.345240][ T5820] [ 414.389115][T20707] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3614 (20707) [ 414.395629][T18027] ERROR: (device loop4): diWrite: ixpxd invalid [ 414.395629][T18027] [ 414.466294][T18027] ERROR: (device loop4): txCommit: [ 414.466294][T18027] [ 414.496620][T18027] jfs_write_inode: jfs_commit_inode failed! [ 414.528816][T20707] BTRFS info (device loop5): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 414.539377][ T5820] [ 414.539377][ T5820] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 414.539377][ T5820] [ 414.540252][ T5820] [ 414.540252][ T5820] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 414.540252][ T5820] [ 414.669144][T20707] BTRFS info (device loop5): using xxhash64 checksum algorithm [ 414.691536][T20707] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 414.872235][ T790] usb 4-1: new full-speed USB device number 13 using dummy_hcd [ 414.929075][T20707] BTRFS info (device loop5): rebuilding free space tree [ 415.037844][ T790] usb 4-1: unable to get BOS descriptor or descriptor too short [ 415.089175][ T790] usb 4-1: not running at top speed; connect to a high speed hub [ 415.142431][T20707] BTRFS info (device loop5): disabling free space tree [ 415.164139][T20707] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 415.173479][ T790] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 415.212481][T20707] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 415.231513][ T790] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 415.262768][ T790] usb 4-1: too many endpoints for config 1 interface 1 altsetting 23: 170, using maximum allowed: 30 [ 415.289079][T20707] BTRFS info (device loop5): setting nodatasum [ 415.303215][ T790] usb 4-1: config 1 interface 1 altsetting 23 has 0 endpoint descriptors, different from the interface descriptor's value: 170 [ 415.310982][T20707] BTRFS info (device loop5): allowing degraded mounts [ 415.351469][T20707] BTRFS info (device loop5): turning on async discard [ 415.364969][ T790] usb 4-1: config 1 interface 1 has no altsetting 0 [ 415.416227][ T790] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 415.428924][T20707] BTRFS info (device loop5): enabling disk space caching [ 415.463015][ T790] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 415.474200][T20707] BTRFS info (device loop5): force clearing of disk cache [ 415.491383][ T790] usb 4-1: Product: syz [ 415.497179][ T790] usb 4-1: Manufacturer: syz [ 415.513871][T20707] BTRFS info (device loop5): force zlib compression, level 3 [ 415.528093][ T790] usb 4-1: SerialNumber: syz [ 415.592581][T20756] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 415.603992][T20805] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 415.715023][ T31] audit: type=1326 audit(1776261225.768:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20808 comm="syz.4.3633" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4448d9c819 code=0x0 [ 415.783713][ T5829] BTRFS info (device loop5): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 415.851976][ T790] cdc_acm 4-1:1.0: probe with driver cdc_acm failed with error -22 [ 415.982622][ T790] usb 4-1: USB disconnect, device number 13 [ 417.008877][T20871] loop3: detected capacity change from 0 to 164 [ 417.306833][T20819] loop1: detected capacity change from 0 to 32768 [ 417.365601][T20819] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 417.515549][T20819] XFS (loop1): Ending clean mount [ 417.619743][T20819] XFS (loop1): Quotacheck needed: Please wait. [ 417.748848][T20916] loop2: detected capacity change from 0 to 512 [ 417.805088][T20916] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 417.880832][T20916] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 417.915503][T20916] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3660: bg 0: block 248: padding at end of block bitmap is not set [ 417.930798][T20916] loop2: lost filesystem error report for type 5 error -117 [ 417.941352][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 417.955218][ C0] EXT4-fs (loop2): last error at time 1776261227: ext4_validate_block_bitmap:441 [ 417.988691][T20819] XFS (loop1): Quotacheck: Done. [ 418.010415][T20916] Quota error (device loop2): write_blk: dquota write failed [ 418.019188][T20916] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota [ 418.031152][T20916] EXT4-fs error (device loop2): ext4_acquire_dquot:7028: comm syz.2.3660: Failed to acquire dquot type 1 [ 418.085824][T20916] loop2: lost filesystem error report for type 5 error -28 [ 418.089174][T20916] EXT4-fs (loop2): 1 truncate cleaned up [ 418.164227][T20916] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback. [ 418.195857][T20936] netlink: 'syz.0.3665': attribute type 1 has an invalid length. [ 418.252619][T20936] netlink: 'syz.0.3665': attribute type 1 has an invalid length. [ 418.278471][ T5821] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 418.319745][T20936] netlink: 9172 bytes leftover after parsing attributes in process `syz.0.3665'. [ 418.369481][T20897] loop4: detected capacity change from 0 to 32768 [ 418.645671][T18032] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-5 [ 418.682556][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0008-000000000000. [ 418.694918][T18032] EXT4-fs error (device loop2): ext4_release_dquot:7064: comm kworker/u8:12: Failed to release dquot type 1 [ 418.752044][T18032] loop2: lost filesystem error report for type 5 error -117 [ 418.993391][T20964] loop1: detected capacity change from 0 to 256 [ 419.248285][T20964] FAT-fs (loop1): Directory bread(block 64) failed [ 419.294911][T20964] FAT-fs (loop1): Directory bread(block 65) failed [ 419.326719][T20964] FAT-fs (loop1): Directory bread(block 66) failed [ 419.375723][T20964] FAT-fs (loop1): Directory bread(block 67) failed [ 419.411532][T20964] FAT-fs (loop1): Directory bread(block 68) failed [ 419.441638][T20964] FAT-fs (loop1): Directory bread(block 69) failed [ 419.483427][T20964] FAT-fs (loop1): Directory bread(block 70) failed [ 419.522345][T20964] FAT-fs (loop1): Directory bread(block 71) failed [ 419.553975][T20964] FAT-fs (loop1): Directory bread(block 72) failed [ 419.579620][T20964] FAT-fs (loop1): Directory bread(block 73) failed [ 420.152867][T21010] netlink: 'syz.3.3686': attribute type 2 has an invalid length. [ 420.163344][T20953] loop0: detected capacity change from 0 to 32768 [ 420.196191][T21010] netlink: 'syz.3.3686': attribute type 1 has an invalid length. [ 421.525284][T21090] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3711'. [ 421.856477][T21106] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3718'. [ 421.920976][T21110] loop2: detected capacity change from 0 to 512 [ 421.942649][T21110] EXT4-fs: Ignoring removed oldalloc option [ 421.960490][T21110] EXT4-fs: Ignoring removed nomblk_io_submit option [ 422.017492][T21110] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 422.047755][T21110] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e118, mo2=0002] [ 422.062554][T21110] System zones: 0-1, 15-15, 18-18, 34-34 [ 422.085192][T21070] loop3: detected capacity change from 0 to 32768 [ 422.091911][T21110] EXT4-fs (loop2): orphan cleanup on readonly fs [ 422.093138][T21110] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0 [ 422.104963][T21070] (syz.3.3705,21070,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 422.130995][T21110] EXT4-fs warning (device loop2): ext4_enable_quotas:7263: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 422.146583][T21070] (syz.3.3705,21070,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 422.155708][T21119] netlink: 'syz.1.3721': attribute type 10 has an invalid length. [ 422.166544][T21110] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 422.194403][T21070] JBD2: Ignoring recovery information on journal [ 422.240405][T21110] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3720: bg 0: block 40: padding at end of block bitmap is not set [ 422.310370][T21119] batman_adv: batadv0: Adding interface: netdevsim0 [ 422.349215][T21110] loop2: lost filesystem error report for type 5 error -117 [ 422.365119][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 422.379194][ C1] EXT4-fs (loop2): initial error at time 1776261232: ext4_validate_block_bitmap:441 [ 422.383255][T21119] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 422.388891][ C1] EXT4-fs (loop2): last error at time 1776261232: ext4_validate_block_bitmap:441 [ 422.443978][T21119] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active [ 422.451494][T21070] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 422.459569][T21110] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 422.495263][T21110] loop2: lost filesystem error report for type 5 error -117 [ 422.507626][T21110] EXT4-fs (loop2): 1 truncate cleaned up [ 422.536713][T21110] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 422.718391][T21110] EXT4-fs error (device loop2): ext4_encrypted_get_link:46: inode #16: comm syz.2.3720: bad symlink. [ 422.732962][T21103] loop5: detected capacity change from 0 to 32768 [ 422.790996][T21103] jfs_lookup: iget failed on inum 4 [ 422.912590][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 423.040693][ T5832] ocfs2: Unmounting device (7,3) on (node local) [ 423.177356][T21151] vivid-000: disconnect [ 423.216587][T21147] vivid-000: reconnect [ 423.244985][T21154] loop2: detected capacity change from 0 to 736 [ 423.460742][T21154] rock: directory entry would overflow storage [ 423.502211][T21154] rock: sig=0x3b10, size=4, remaining=3 [ 423.547901][T21168] loop4: detected capacity change from 0 to 512 [ 423.657064][T21168] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 423.770547][T21168] ext4 filesystem being mounted at /619/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 423.839472][T21181] loop5: detected capacity change from 0 to 2048 [ 423.899884][T21181] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 423.999616][T21200] xt_TCPMSS: Only works on TCP SYN packets [ 424.200676][T21181] syz.5.3738: attempt to access beyond end of device [ 424.200676][T21181] loop5: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 424.201040][T21209] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 424.263682][ T5820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 424.529430][T21181] syz.5.3738: attempt to access beyond end of device [ 424.529430][T21181] loop5: rw=0, sector=9437254, nr_sectors = 2 limit=2048 [ 424.560749][T21227] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3742'. [ 424.623722][T21181] NILFS (loop5): I/O error reading meta-data file (ino=6, block-offset=0) [ 424.670628][T21233] loop2: detected capacity change from 0 to 64 [ 425.341618][T21271] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3754'. [ 426.256984][T21290] lo speed is unknown, defaulting to 1000 [ 426.605655][T21333] netlink: 'syz.2.3772': attribute type 1 has an invalid length. [ 426.661942][T21333] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3772'. [ 426.881608][T21342] netlink: 'syz.0.3776': attribute type 3 has an invalid length. [ 427.667718][ T31] audit: type=1326 audit(1776261237.718:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21379 comm="syz.1.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 427.776039][ T31] audit: type=1326 audit(1776261237.718:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21379 comm="syz.1.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 427.863901][ T31] audit: type=1326 audit(1776261237.718:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21379 comm="syz.1.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 427.957038][ T31] audit: type=1326 audit(1776261237.718:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21379 comm="syz.1.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 428.102768][ T31] audit: type=1326 audit(1776261237.718:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21379 comm="syz.1.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 428.226021][ T31] audit: type=1326 audit(1776261237.718:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21379 comm="syz.1.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 428.331148][ T31] audit: type=1326 audit(1776261237.718:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21379 comm="syz.1.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 428.421072][ T31] audit: type=1326 audit(1776261237.718:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21379 comm="syz.1.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 428.544499][ T31] audit: type=1326 audit(1776261237.718:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21379 comm="syz.1.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 428.657758][ T31] audit: type=1326 audit(1776261237.718:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21379 comm="syz.1.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 429.173490][T21457] openvswitch: netlink: Unexpected mask (mask=200240, allowed=10048) [ 429.361613][T21409] loop1: detected capacity change from 0 to 32768 [ 429.537423][T21470] loop5: detected capacity change from 0 to 2048 [ 429.566145][T21475] loop2: detected capacity change from 0 to 256 [ 429.591058][T21475] exfat: Deprecated parameter 'utf8' [ 429.613061][T21475] exfat: Deprecated parameter 'namecase' [ 429.630654][T21470] Alternate GPT is invalid, using primary GPT. [ 429.640072][T21475] exfat: Deprecated parameter 'namecase' [ 429.657473][T21470] loop5: p2 p3 p7 [ 429.659915][T21475] exfat: Deprecated parameter 'utf8' [ 429.716086][T21475] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d) [ 429.769354][T21475] exFAT-fs (loop2): failed to test first cluster bit of root dir(5) [ 430.008396][ T5191] Alternate GPT is invalid, using primary GPT. [ 430.033107][ T5191] loop5: p2 p3 p7 [ 430.188433][T21443] loop3: detected capacity change from 0 to 32768 [ 430.261449][ T5933] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 430.273614][T21443] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 430.292782][T21514] ip6tnl1: entered allmulticast mode [ 430.411435][ T5933] usb 5-1: Using ep0 maxpacket: 32 [ 430.419771][ T5933] usb 5-1: config 0 has an invalid interface number: 132 but max is 0 [ 430.447731][ T5933] usb 5-1: config 0 has no interface number 0 [ 430.457597][ T5933] usb 5-1: config 0 interface 132 has no altsetting 0 [ 430.473486][T21443] XFS (loop3): Ending clean mount [ 430.488471][ T5933] usb 5-1: New USB device found, idVendor=0525, idProduct=9901, bcdDevice=39.75 [ 430.501422][ T5933] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 430.509551][ T5933] usb 5-1: Product: syz [ 430.514531][ T5933] usb 5-1: Manufacturer: syz [ 430.519175][ T5933] usb 5-1: SerialNumber: syz [ 430.528803][T21443] XFS (loop3): Quotacheck needed: Please wait. [ 430.629158][ T5933] usb 5-1: config 0 descriptor?? [ 430.784930][T21443] XFS (loop3): Quotacheck: Done. [ 431.021995][ T5832] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 431.529303][T21534] loop0: detected capacity change from 0 to 32768 [ 431.578473][T21534] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3818 (21534) [ 431.590843][ T5933] cdc_subset 5-1:0.132 usb0: register 'cdc_subset' at usb-dummy_hcd.4-1, Belkin, eTEK, or compatible, d6:c8:5b:f7:27:9a [ 431.676413][ T5933] usb 5-1: USB disconnect, device number 18 [ 431.683439][T21582] netlink: 'syz.1.3830': attribute type 8 has an invalid length. [ 431.706640][T21534] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 431.723648][ T30] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 431.730240][ T5933] cdc_subset 5-1:0.132 usb0: unregister 'cdc_subset' usb-dummy_hcd.4-1, Belkin, eTEK, or compatible [ 431.752292][T21534] BTRFS info (device loop0): using sha256 checksum algorithm [ 431.854062][ T5889] udevd[5889]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 431.889702][ T7996] udevd[7996]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory [ 431.901044][ T6026] udevd[6026]: inotify_add_watch(7, /dev/loop5p7, 10) failed: No such file or directory [ 431.920316][ T30] usb 3-1: Using ep0 maxpacket: 8 [ 431.953948][ T30] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 431.983802][ T30] usb 3-1: config 0 has no interface number 0 [ 432.004840][ T30] usb 3-1: config 0 interface 1 has no altsetting 0 [ 432.059790][ T30] usb 3-1: New USB device found, idVendor=10c4, idProduct=eac1, bcdDevice=70.2f [ 432.089841][T21534] BTRFS info (device loop0): enabling ssd optimizations [ 432.112858][ T30] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 432.162894][T21534] BTRFS info (device loop0): turning on async discard [ 432.188025][ T30] usb 3-1: Product: syz [ 432.207734][T21534] BTRFS info (device loop0): enabling free space tree [ 432.210002][ T6054] udevd[6054]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory [ 432.230681][ T30] usb 3-1: Manufacturer: syz [ 432.234496][ T6026] udevd[6026]: inotify_add_watch(7, /dev/loop5p7, 10) failed: No such file or directory [ 432.249492][ T30] usb 3-1: SerialNumber: syz [ 432.252486][ T5978] udevd[5978]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 432.347509][ T30] usb 3-1: config 0 descriptor?? [ 432.580846][T21534] BTRFS warning (device loop0): get dev_stats failed, device not found [ 432.654296][ T30] i2c-cp2615 3-1:0.1: probe with driver i2c-cp2615 failed with error -22 [ 432.830706][ T5830] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 432.956781][ T9] usb 3-1: USB disconnect, device number 18 [ 433.204265][ T30] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 433.404744][ T30] usb 4-1: Using ep0 maxpacket: 16 [ 433.427674][ T30] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 433.457437][ T30] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 433.490251][ T30] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 433.516870][ T30] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 433.557122][ T30] usb 4-1: Product: syz [ 433.582050][ T30] usb 4-1: Manufacturer: syz [ 433.600379][ T30] usb 4-1: SerialNumber: syz [ 433.766198][T21683] loop2: detected capacity change from 0 to 256 [ 433.802051][T21683] exfat: Deprecated parameter 'namecase' [ 433.832429][T21683] exfat: Deprecated parameter 'namecase' [ 433.881127][ T30] usb 4-1: 0:2 : does not exist [ 433.913754][T21646] loop1: detected capacity change from 0 to 32768 [ 433.931287][ T30] usb 4-1: unit 9 not found! [ 433.951627][T21683] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 433.962666][ T30] usb 4-1: 4:0: cannot get min/max values for control 3 (id 4) [ 433.996270][T21646] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3838 (21646) [ 434.036692][ T30] usb 4-1: 4:0: cannot get min/max values for control 9 (id 4) [ 434.089756][T21694] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3847'. [ 434.109490][T21646] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 434.152103][T21646] BTRFS info (device loop1): using crc32c checksum algorithm [ 434.193662][T21694] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3847'. [ 434.219376][T21694] netlink: 'syz.0.3847': attribute type 1 has an invalid length. [ 434.300968][ T30] usb 4-1: USB disconnect, device number 14 [ 434.408352][T21646] BTRFS info (device loop1): setting nodatasum [ 434.434072][T21646] BTRFS info (device loop1): setting nodatacow [ 434.450759][T21646] BTRFS info (device loop1): turning on async discard [ 434.467977][T21646] BTRFS info (device loop1): enabling free space tree [ 434.478599][T21646] BTRFS info (device loop1): enabling auto defrag [ 434.511536][T21646] BTRFS info (device loop1): max_inline set to 0 [ 434.657189][ T7372] udevd[7372]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 435.241608][ T790] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 435.268452][T21764] loop3: detected capacity change from 0 to 512 [ 435.330599][T21764] EXT4-fs (loop3): Test dummy encryption mode enabled [ 435.336631][ T5821] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 435.354808][T21764] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 435.433829][T21764] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz.3.3861: bad orphan inode 131083 [ 435.460499][ T790] usb 5-1: Using ep0 maxpacket: 8 [ 435.488604][T21764] loop3: lost filesystem error report for type 5 error -117 [ 435.529898][ T790] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 435.568327][T21764] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 435.644536][ T790] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 435.688243][ T790] usb 5-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52 [ 435.740761][ T790] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 435.768313][ T790] usb 5-1: Product: syz [ 435.781664][ T790] usb 5-1: Manufacturer: syz [ 435.799795][ T790] usb 5-1: SerialNumber: syz [ 435.850129][ T790] usb 5-1: config 0 descriptor?? [ 435.946169][ T5832] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 436.023457][T21798] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3868'. [ 436.083356][T21798] netlink: 10 bytes leftover after parsing attributes in process `syz.0.3868'. [ 436.358048][ T790] usb 5-1: USB disconnect, device number 19 [ 436.704210][T21836] netlink: 'syz.5.3879': attribute type 10 has an invalid length. [ 436.751575][T21836] ipvlan1: entered promiscuous mode [ 436.777359][T21836] team0: Device ipvlan1 failed to register rx_handler [ 436.903484][T21845] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815 [ 436.965758][T21845] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815 [ 437.032319][T21845] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815 [ 437.077137][T21845] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815 [ 437.139976][T21845] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815 [ 437.196028][T21845] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815 [ 437.234181][T21862] wlan1 speed is unknown, defaulting to 1000 [ 437.240441][T21845] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815 [ 437.252403][T21862] wlan1 speed is unknown, defaulting to 1000 [ 437.258556][T21845] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815 [ 437.293343][T21862] wlan1 speed is unknown, defaulting to 1000 [ 437.299588][T21845] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815 [ 437.325022][T21845] batman_adv: batadv0: adding TT local entry 66:ff:f2:fc:ff:ff to non-existent VLAN 815 [ 437.346582][T21862] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 437.434464][T21862] infiniband yz2: RDMA CMA: cma_listen_on_dev, error -98 [ 437.624436][T21862] wlan1 speed is unknown, defaulting to 1000 [ 437.660336][T21862] wlan1 speed is unknown, defaulting to 1000 [ 437.688252][T21862] wlan1 speed is unknown, defaulting to 1000 [ 437.719568][T21862] wlan1 speed is unknown, defaulting to 1000 [ 437.737056][T21862] wlan1 speed is unknown, defaulting to 1000 [ 437.775673][T21862] wlan1 speed is unknown, defaulting to 1000 [ 438.106644][ T31] audit: type=1400 audit(1776261248.158:239): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=":(%#{//(@\)//&@},['%%&\#*" pid=21880 comm="syz.0.3894" [ 438.158301][T21856] loop5: detected capacity change from 0 to 32768 [ 438.218443][T21856] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3885 (21856) [ 438.317378][T21856] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 438.352711][T21856] BTRFS info (device loop5): using sha256 checksum algorithm [ 438.533061][T21917] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3902'. [ 438.577032][T21865] loop4: detected capacity change from 0 to 32768 [ 438.597285][T21856] BTRFS info (device loop5): enabling ssd optimizations [ 438.609262][T21865] BTRFS info: device /dev/loop4 (7:4) using temp-fsid db0f5f12-af53-4599-87f5-aec05147ec0e [ 438.649056][T21865] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3889 (21865) [ 438.652012][T21856] BTRFS info (device loop5): turning on async discard [ 438.701643][ T31] audit: type=1326 audit(1776261248.738:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21924 comm="syz.2.3900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaf4d9c819 code=0x7ffc0000 [ 438.748381][T21856] BTRFS info (device loop5): enabling free space tree [ 438.799511][ T31] audit: type=1326 audit(1776261248.738:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21924 comm="syz.2.3900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaf4d9c819 code=0x7ffc0000 [ 438.801980][T21865] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 438.923192][ T31] audit: type=1326 audit(1776261248.748:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21924 comm="syz.2.3900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7feaf4d9c819 code=0x7ffc0000 [ 438.945489][T21865] BTRFS info (device loop4): using sha256 checksum algorithm [ 439.096665][ T31] audit: type=1326 audit(1776261248.748:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21924 comm="syz.2.3900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaf4d9c819 code=0x7ffc0000 [ 439.120526][ T31] audit: type=1326 audit(1776261248.748:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21924 comm="syz.2.3900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaf4d9c819 code=0x7ffc0000 [ 439.182783][T21955] netlink: 'syz.3.3909': attribute type 2 has an invalid length. [ 439.192344][T21955] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3909'. [ 439.220475][ T5829] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 439.355821][T21865] BTRFS info (device loop4): enabling ssd optimizations [ 439.402774][T21865] BTRFS info (device loop4): turning on async discard [ 439.440790][T21865] BTRFS info (device loop4): enabling free space tree [ 439.566925][T21973] dlm: no locking on control device [ 439.651609][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.659904][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.692186][T21865] BTRFS error: failed to open device for path Lz3-+!$؍Qo$P with flags 0x1: -2 [ 439.929444][ T5820] BTRFS info (device loop4): last unmount of filesystem db0f5f12-af53-4599-87f5-aec05147ec0e [ 441.028393][T22029] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3930'. [ 441.337401][T22043] loop1: detected capacity change from 0 to 256 [ 441.437413][T22043] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 441.958751][T22069] loop1: detected capacity change from 0 to 128 [ 442.004845][T22069] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 442.074243][T22069] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 442.442567][T22032] loop5: detected capacity change from 0 to 32768 [ 442.746904][T22045] loop4: detected capacity change from 0 to 32768 [ 442.827440][T22045] JBD2: Ignoring recovery information on journal [ 442.900751][T22045] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 442.911518][ T30] usb 2-1: new full-speed USB device number 15 using dummy_hcd [ 443.037968][T22045] (syz.4.3935,22045,0):ocfs2_check_dir_entry:338 ERROR: bad entry in directory #65: directory entry too close to end - offset=0, inode=65, rec_len=16, name_len=1 [ 443.097480][T22045] (syz.4.3935,22045,1):ocfs2_prepare_dir_for_insert:4335 ERROR: status = -2 [ 443.145800][T22045] (syz.4.3935,22045,1):ocfs2_mknod:302 ERROR: status = -2 [ 443.162962][ T30] usb 2-1: New USB device found, idVendor=0856, idProduct=ac33, bcdDevice= 0.f8 [ 443.191786][ T30] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 443.217326][T22045] (syz.4.3935,22045,1):ocfs2_mknod:506 ERROR: status = -2 [ 443.226895][ T30] usb 2-1: Product: syz [ 443.244818][ T30] usb 2-1: Manufacturer: syz [ 443.261148][ T30] usb 2-1: SerialNumber: syz [ 443.280787][T22045] (syz.4.3935,22045,1):ocfs2_create:679 ERROR: status = -2 [ 443.302242][ T30] usb 2-1: config 0 descriptor?? [ 443.341440][ T30] hub 2-1:0.0: bad descriptor, ignoring hub [ 443.351021][ T30] hub 2-1:0.0: probe with driver hub failed with error -5 [ 443.376025][ T30] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 443.407121][ T30] usb 2-1: Detected SIO [ 443.417182][ T30] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 443.491522][ T790] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 443.501159][ T5820] ocfs2: Unmounting device (7,4) on (node local) [ 443.652932][ T30] usb 2-1: USB disconnect, device number 15 [ 443.681558][ T790] usb 3-1: Using ep0 maxpacket: 8 [ 443.689459][ T790] usb 3-1: unable to get BOS descriptor or descriptor too short [ 443.704617][ T30] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 443.712586][ T790] usb 3-1: config index 0 descriptor too short (expected 45, got 18) [ 443.738178][T22149] loop5: detected capacity change from 0 to 4096 [ 443.759323][ T30] ftdi_sio 2-1:0.0: device disconnected [ 443.767516][ T790] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 443.830242][ T790] usb 3-1: New USB device found, idVendor=0ab4, idProduct=0014, bcdDevice= 0.00 [ 443.868206][ T790] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 443.889998][T22170] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 443.911559][ T790] usb 3-1: Product: syz [ 443.929001][ T790] usb 3-1: Manufacturer: syz [ 443.938550][T22149] NILFS error (device loop5): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=4096, inode=0, rec_len=0, name_len=0 [ 443.942779][ T790] usb 3-1: SerialNumber: syz [ 444.077325][T22149] Remounting filesystem read-only [ 444.231748][T22185] loop4: detected capacity change from 0 to 64 [ 444.317400][ T790] usb 3-1: USB disconnect, device number 19 [ 444.377362][T22196] loop1: detected capacity change from 0 to 64 [ 444.483873][T22196] syz.1.3968: attempt to access beyond end of device [ 444.483873][T22196] loop1: rw=0, sector=65534, nr_sectors = 2 limit=64 [ 444.556151][T22196] Buffer I/O error on dev loop1, logical block 32767, async page read [ 444.913561][T22224] netlink: 'syz.1.3974': attribute type 2 has an invalid length. [ 445.058369][T22230] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3976'. [ 445.093435][T22230] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3976'. [ 445.137067][T22230] vlan0: entered promiscuous mode [ 445.230114][ T31] audit: type=1326 audit(1776261255.278:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22239 comm="syz.4.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4448d9c819 code=0x7ffc0000 [ 445.260167][T22178] loop0: detected capacity change from 0 to 32768 [ 445.281137][T22178] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3966 (22178) [ 445.314119][ T31] audit: type=1326 audit(1776261255.278:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22239 comm="syz.4.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4448d9c819 code=0x7ffc0000 [ 445.385948][ T31] audit: type=1326 audit(1776261255.318:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22239 comm="syz.4.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4448d9c819 code=0x7ffc0000 [ 445.424370][ T31] audit: type=1326 audit(1776261255.318:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22239 comm="syz.4.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4448d9c819 code=0x7ffc0000 [ 445.447918][ T31] audit: type=1326 audit(1776261255.318:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22239 comm="syz.4.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=220 compat=0 ip=0x7f4448d9c819 code=0x7ffc0000 [ 445.462556][T22178] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 445.536546][T22178] BTRFS info (device loop0): using xxhash64 checksum algorithm [ 445.540561][ T31] audit: type=1326 audit(1776261255.318:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22239 comm="syz.4.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4448d9c819 code=0x7ffc0000 [ 445.589594][T22178] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 445.691082][ T31] audit: type=1326 audit(1776261255.318:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22239 comm="syz.4.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4448d9c819 code=0x7ffc0000 [ 445.741575][ T31] audit: type=1326 audit(1776261255.328:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22239 comm="syz.4.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f4448d9c819 code=0x7ffc0000 [ 445.784299][ T31] audit: type=1326 audit(1776261255.328:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22239 comm="syz.4.3980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f4448d9c819 code=0x7ffc0000 [ 445.921649][T22178] BTRFS info (device loop0): rebuilding free space tree [ 446.102093][T22178] BTRFS info (device loop0): disabling free space tree [ 446.129817][T22178] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 446.171194][T22178] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 446.299977][T22178] BTRFS info (device loop0): setting nodatasum [ 446.327390][T22178] BTRFS info (device loop0): allowing degraded mounts [ 446.357438][T22178] BTRFS info (device loop0): turning on async discard [ 446.389718][T22178] BTRFS info (device loop0): enabling disk space caching [ 446.428892][T22178] BTRFS info (device loop0): force clearing of disk cache [ 446.462985][T22297] Cannot find map_set index 65503 as target [ 446.483035][T22178] BTRFS info (device loop0): force zlib compression, level 3 [ 446.607191][T22248] loop2: detected capacity change from 0 to 32768 [ 446.652916][T22248] (syz.2.3981,22248,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 446.706397][T22248] (syz.2.3981,22248,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 446.905927][T22248] JBD2: Ignoring recovery information on journal [ 446.922029][T22178] BTRFS info (device loop0): balance: start -d -m -susage=0..0,drange=0..0 [ 446.937130][T22178] BTRFS info (device loop0): balance: canceled [ 446.987289][T22320] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c) [ 447.038591][ T5830] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 447.095666][T22248] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 447.330019][T22330] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4001'. [ 447.753321][ T5827] ocfs2: Unmounting device (7,2) on (node local) [ 447.796931][T22346] loop4: detected capacity change from 0 to 2048 [ 447.874949][T22346] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 447.967175][ T31] audit: type=1800 audit(1776261258.008:254): pid=22346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4007" name=02 dev="loop4" ino=18 res=0 errno=0 [ 448.245489][ T5820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 448.314870][T22372] loop0: detected capacity change from 0 to 8 [ 448.503088][T22372] SQUASHFS error: Unable to read directory block [1d0:26] [ 448.582066][T22384] dvmrp1: entered allmulticast mode [ 448.968412][T22407] loop1: detected capacity change from 0 to 512 [ 449.035190][T22407] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.4021: inode has both inline data and extents flags [ 449.082194][T22407] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 449.091356][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 449.107291][ C1] EXT4-fs (loop1): initial error at time 1776261259: ext4_orphan_get:1397: inode 15 [ 449.116800][ C1] EXT4-fs (loop1): last error at time 1776261259: ext4_orphan_get:1397: inode 15 [ 449.161711][T22420] netlink: 'syz.0.4026': attribute type 8 has an invalid length. [ 449.172525][T22407] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.4021: couldn't read orphan inode 15 (err -117) [ 449.183168][T22419] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4025'. [ 449.185547][T22407] loop1: lost filesystem error report for type 5 error -117 [ 449.200512][T22407] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 449.309727][T22424] loop2: detected capacity change from 0 to 512 [ 449.368859][T22424] EXT4-fs (loop2): Test dummy encryption mode enabled [ 449.393878][T22428] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4028'. [ 449.406416][T22424] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 449.437302][T22428] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4028'. [ 449.473618][T22424] EXT4-fs error (device loop2): ext4_orphan_get:1423: comm syz.2.4027: bad orphan inode 131083 [ 449.498596][T22424] loop2: lost filesystem error report for type 5 error -117 [ 449.501350][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 449.503291][ T5821] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 449.508740][ C1] EXT4-fs (loop2): initial error at time 1776261259: ext4_orphan_get:1423 [ 449.532721][ C1] EXT4-fs (loop2): last error at time 1776261259: ext4_orphan_get:1423 [ 449.559785][T22424] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 449.783641][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 449.841985][T22453] loop4: detected capacity change from 0 to 256 [ 449.865022][T22453] exfat: Deprecated parameter 'utf8' [ 449.973195][T22453] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 450.335587][T22473] libceph: resolve '.RHe'ˠ/1C~1WexEAeSb{~R' (ret=-3): failed [ 450.377023][T22488] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4044'. [ 450.566493][T22494] netlink: 'syz.0.4047': attribute type 20 has an invalid length. [ 451.532392][T22541] net_ratelimit: 986 callbacks suppressed [ 451.532415][T22541] openvswitch: netlink: Unexpected mask (mask=20840, allowed=10048) [ 451.557319][T22543] binder: 22542:22543 ioctl c018620c 2000000001c0 returned -22 [ 451.872124][T22498] loop4: detected capacity change from 0 to 32768 [ 451.927589][T22498] [ 451.927589][T22498] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 451.927589][T22498] [ 452.132669][ T5820] [ 452.132669][ T5820] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 452.132669][ T5820] [ 452.149262][ T31] kauditd_printk_skb: 1 callbacks suppressed [ 452.149283][ T31] audit: type=1326 audit(1776261262.198:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22566 comm="syz.3.4070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae6d39c819 code=0x7ffc0000 [ 452.224807][ T5820] [ 452.224807][ T5820] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 452.224807][ T5820] [ 452.248233][ T31] audit: type=1326 audit(1776261262.238:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22566 comm="syz.3.4070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae6d39c819 code=0x7ffc0000 [ 452.368123][ T31] audit: type=1326 audit(1776261262.248:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22566 comm="syz.3.4070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fae6d39c819 code=0x7ffc0000 [ 452.459883][ T31] audit: type=1326 audit(1776261262.248:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22566 comm="syz.3.4070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae6d39c819 code=0x7ffc0000 [ 452.510331][T22581] IPv6: Can't replace route, no match found [ 452.551404][ T31] audit: type=1326 audit(1776261262.248:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22566 comm="syz.3.4070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae6d39c819 code=0x7ffc0000 [ 452.581792][ T790] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 452.764572][ T790] usb 3-1: Using ep0 maxpacket: 16 [ 452.805283][ T790] usb 3-1: config 0 has an invalid interface number: 49 but max is 0 [ 452.835973][ T790] usb 3-1: config 0 has no interface number 0 [ 452.866622][ T790] usb 3-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16 [ 452.911490][ T790] usb 3-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 452.968031][ T790] usb 3-1: config 0 interface 49 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 453.014124][ T790] usb 3-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8F has invalid maxpacket 0 [ 453.050537][ T790] usb 3-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7 [ 453.080494][ T790] usb 3-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3 [ 453.104608][T22612] netlink: 'syz.4.4082': attribute type 1 has an invalid length. [ 453.107198][ T790] usb 3-1: Product: syz [ 453.120577][T22612] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4082'. [ 453.132151][T22612] netlink: 1 bytes leftover after parsing attributes in process `syz.4.4082'. [ 453.134492][T22602] bridge0: port 1(bridge_slave_0) entered disabled state [ 453.141130][T22612] netlink: 658 bytes leftover after parsing attributes in process `syz.4.4082'. [ 453.159584][ T790] usb 3-1: Manufacturer: syz [ 453.168972][ T790] usb 3-1: SerialNumber: syz [ 453.174703][T22614] loop3: detected capacity change from 0 to 1024 [ 453.182647][ T30] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 453.199971][T22602] bridge0: port 2(bridge_slave_1) entered disabled state [ 453.214855][ T790] usb 3-1: config 0 descriptor?? [ 453.223260][T22614] EXT4-fs: Ignoring removed oldalloc option [ 453.241842][T22572] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 453.300896][T22614] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 453.322505][T22602] bridge0: port 3(hsr0) entered disabled state [ 453.331662][T22614] ext4 filesystem being mounted at /683/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 453.353249][ T30] usb 1-1: Using ep0 maxpacket: 16 [ 453.377269][T22614] EXT4-fs warning (device loop3): ext4_empty_dir:3097: inode #12: comm syz.3.4083: directory missing '..' [ 453.400726][ T30] usb 1-1: config 0 interface 0 altsetting 18 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 453.416521][T22602] vlan0: left promiscuous mode [ 453.443548][T22602] ipvlan1: left promiscuous mode [ 453.467189][ T30] usb 1-1: config 0 interface 0 has no altsetting 0 [ 453.507129][ T30] usb 1-1: New USB device found, idVendor=25c6, idProduct=9002, bcdDevice=62.ba [ 453.517422][ T790] usb 3-1: USB disconnect, device number 20 [ 453.528621][T22602] bond0: left promiscuous mode [ 453.540400][ T5832] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 453.551980][ T30] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 453.591884][ T30] usb 1-1: Product: syz [ 453.599400][ T30] usb 1-1: Manufacturer: syz [ 453.615697][ T30] usb 1-1: SerialNumber: syz [ 453.639263][ T30] usb 1-1: config 0 descriptor?? [ 453.669000][ T30] hub 1-1:0.0: bad descriptor, ignoring hub [ 453.695612][ T30] hub 1-1:0.0: probe with driver hub failed with error -5 [ 453.740599][ T30] usb 1-1: selecting invalid altsetting 0 [ 453.769058][ T30] usb 1-1: can't set first interface for hiFace device. [ 453.789327][ T30] snd-usb-hiface 1-1:0.0: probe with driver snd-usb-hiface failed with error -5 [ 453.944011][T22654] ieee802154 phy0 wpan0: encryption failed: -22 [ 454.001736][ T790] usb 1-1: USB disconnect, device number 15 [ 454.449793][T22687] loop5: detected capacity change from 0 to 164 [ 454.495270][T22687] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 454.500182][T22691] SET target dimension over the limit! [ 454.560856][T22687] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 454.612197][T22687] Symlink component flag not implemented [ 454.637691][T22687] Symlink component flag not implemented [ 454.664313][T22687] Symlink component flag not implemented (7) [ 454.694694][T22687] Symlink component flag not implemented (116) [ 454.713634][T22701] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4102'. [ 454.875017][T22707] 9p: Unknown Cache mode or invalid value m [ 455.403055][T22734] libceph: resolve '0..' (ret=-3): failed [ 455.466128][T22743] netlink: 260 bytes leftover after parsing attributes in process `syz.4.4114'. [ 455.749930][T22755] x_tables: unsorted entry at hook 2 [ 455.754799][T22756] dlm: plock device version mismatch: kernel (1.2.0), user (1.131072.0) [ 455.844962][T22684] loop2: detected capacity change from 0 to 32768 [ 455.873988][T22684] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4098 (22684) [ 455.894756][T22748] loop5: detected capacity change from 0 to 4096 [ 455.936582][T22684] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 455.961657][T22684] BTRFS info (device loop2): using xxhash64 checksum algorithm [ 455.968728][T22748] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 456.155916][T22748] ntfs3(loop5): Failed to initialize $Extend/$Reparse. [ 456.187195][T22684] BTRFS info (device loop2): enabling ssd optimizations [ 456.229075][T22684] BTRFS info (device loop2): turning on async discard [ 456.254433][T22684] BTRFS info (device loop2): enabling free space tree [ 456.516861][T22795] loop1: detected capacity change from 0 to 4096 [ 456.532105][ T5827] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 456.662547][T22795] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 456.806851][T22795] ntfs3(loop1): Failed to load $Extend (-22). [ 456.860281][T22795] ntfs3(loop1): Failed to initialize $Extend. [ 457.321969][T22823] bridge2: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 457.344394][ T31] audit: type=1326 audit(1776261267.388:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22832 comm="syz.1.4135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 457.460716][T22825] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4133'. [ 457.478030][ T31] audit: type=1326 audit(1776261267.388:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22832 comm="syz.1.4135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 457.617608][ T31] audit: type=1326 audit(1776261267.408:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22832 comm="syz.1.4135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 457.729478][T22847] loop2: detected capacity change from 0 to 256 [ 457.755741][ T31] audit: type=1326 audit(1776261267.418:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22832 comm="syz.1.4135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 457.839899][T22850] netlink: 'syz.0.4140': attribute type 10 has an invalid length. [ 457.868975][ T31] audit: type=1326 audit(1776261267.418:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22832 comm="syz.1.4135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 457.985725][ T31] audit: type=1326 audit(1776261267.418:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22832 comm="syz.1.4135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 458.018288][T22850] team0: Port device geneve1 added [ 458.096464][ T31] audit: type=1326 audit(1776261267.418:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22832 comm="syz.1.4135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 458.205062][ T31] audit: type=1326 audit(1776261267.418:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22832 comm="syz.1.4135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 458.299796][T22805] loop4: detected capacity change from 0 to 32768 [ 458.299792][ T31] audit: type=1326 audit(1776261267.418:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22832 comm="syz.1.4135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 458.413326][T22805] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4127 (22805) [ 458.420308][T22877] netlink: 'syz.1.4147': attribute type 1 has an invalid length. [ 458.495959][T22877] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4147'. [ 458.512489][T22805] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 458.570505][T22805] BTRFS info (device loop4): using sha256 checksum algorithm [ 458.766187][T22805] BTRFS info (device loop4): enabling ssd optimizations [ 458.791548][T22805] BTRFS info (device loop4): turning on async discard [ 458.819101][T22805] BTRFS info (device loop4): enabling free space tree [ 458.863528][ T24] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 458.988105][T22919] netlink: 176 bytes leftover after parsing attributes in process `syz.3.4155'. [ 459.015151][ T5820] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 459.050214][ T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 459.086993][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 459.150161][ T24] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 459.172001][ T24] usb 1-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 459.190046][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 459.315938][T22931] virt_wifi0 speed is unknown, defaulting to 1000 [ 459.336808][ T24] usb 1-1: config 0 descriptor?? [ 459.347103][T22931] virt_wifi0 speed is unknown, defaulting to 1000 [ 459.373683][T22931] virt_wifi0 speed is unknown, defaulting to 1000 [ 459.515692][T22931] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 459.608312][ T5916] usb 1-1: USB disconnect, device number 16 [ 459.624196][T22943] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4161'. [ 459.718258][T22931] virt_wifi0 speed is unknown, defaulting to 1000 [ 459.772630][T22931] virt_wifi0 speed is unknown, defaulting to 1000 [ 459.852349][T22931] virt_wifi0 speed is unknown, defaulting to 1000 [ 459.919925][T22931] virt_wifi0 speed is unknown, defaulting to 1000 [ 459.990562][T22931] virt_wifi0 speed is unknown, defaulting to 1000 [ 460.050689][T22931] virt_wifi0 speed is unknown, defaulting to 1000 [ 461.052219][T23021] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c) [ 461.473331][T23051] netlink: 248 bytes leftover after parsing attributes in process `syz.2.4195'. [ 462.155103][T23085] loop1: detected capacity change from 0 to 256 [ 462.173690][T23089] loop0: detected capacity change from 0 to 512 [ 462.252768][T23085] FAT-fs (loop1): Directory bread(block 64) failed [ 462.298264][T23085] FAT-fs (loop1): Directory bread(block 65) failed [ 462.306619][T23085] FAT-fs (loop1): Directory bread(block 66) failed [ 462.313625][T23085] FAT-fs (loop1): Directory bread(block 67) failed [ 462.320498][T23085] FAT-fs (loop1): Directory bread(block 68) failed [ 462.328428][T23085] FAT-fs (loop1): Directory bread(block 69) failed [ 462.336268][T23085] FAT-fs (loop1): Directory bread(block 70) failed [ 462.343262][T23085] FAT-fs (loop1): Directory bread(block 71) failed [ 462.349829][T23099] loop5: detected capacity change from 0 to 16 [ 462.350158][T23085] FAT-fs (loop1): Directory bread(block 72) failed [ 462.362370][T23089] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: comm syz.0.4209: Parent and EA inode have the same ino 15 [ 462.366237][T23085] FAT-fs (loop1): Directory bread(block 73) failed [ 462.385617][T23098] netlink: 224 bytes leftover after parsing attributes in process `syz.4.4211'. [ 462.421603][T23099] erofs (device loop5): mounted with root inode @ nid 36. [ 462.434108][T23089] loop0: lost filesystem error report for type 5 error -117 [ 462.441585][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 462.455745][ C1] EXT4-fs (loop0): initial error at time 1776261272: ext4_xattr_inode_iget:437 [ 462.459813][T23099] erofs (device loop5): not enough plain data on disk @ la 4096 of nid 89 [ 462.464807][ C1] EXT4-fs (loop0): last error at time 1776261272: ext4_xattr_inode_iget:437 [ 462.489607][T23089] EXT4-fs (loop0): Remounting filesystem read-only [ 462.519504][T23089] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 462.533086][T23099] erofs (device loop5): readahead error at folio 1 @ nid 89 [ 462.560010][T23106] loop4: detected capacity change from 0 to 512 [ 462.582671][T23099] syz.5.4210: attempt to access beyond end of device [ 462.582671][T23099] loop5: rw=524288, sector=0, nr_sectors = 1024 limit=16 [ 462.583336][T23089] EXT4-fs warning (device loop0): ext4_evict_inode:270: couldn't mark inode dirty (err -30) [ 462.628239][T23106] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #15: comm syz.4.4213: inode has both inline data and extents flags [ 462.655094][T23106] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 462.661102][T23106] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.4213: couldn't read orphan inode 15 (err -117) [ 462.665720][T23099] syz.5.4210: attempt to access beyond end of device [ 462.665720][T23099] loop5: rw=524288, sector=0, nr_sectors = 1792 limit=16 [ 462.670468][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 462.687406][T23099] erofs (device loop5): not enough plain data on disk @ la 4096 of nid 89 [ 462.696434][ C1] EXT4-fs (loop4): initial error at time 1776261272: ext4_orphan_get:1397: inode 15 [ 462.696482][ C1] EXT4-fs (loop4): last error at time 1776261272: ext4_orphan_get:1397: inode 15 [ 462.703415][T23099] erofs (device loop5): not enough plain data on disk @ la 4096 of nid 89 [ 462.711683][ C1] [ 462.737819][T23106] loop4: lost filesystem error report for type 5 error -117 [ 462.764401][T23089] EXT4-fs (loop0): 1 orphan inode deleted [ 462.768789][T23099] erofs (device loop5): read error -117 @ 1 of nid 89 [ 462.803332][T23106] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 462.806800][T23089] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 462.860316][ T31] audit: type=1800 audit(1776261272.898:270): pid=23099 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.4210" name="file2" dev="loop5" ino=89 res=0 errno=0 [ 463.117475][ T5820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 463.282770][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 463.306263][T23127] netlink: 'syz.1.4216': attribute type 2 has an invalid length. [ 463.331660][T23127] netlink: 119 bytes leftover after parsing attributes in process `syz.1.4216'. [ 463.431663][T23068] loop2: detected capacity change from 0 to 32768 [ 463.463509][T23131] loop5: detected capacity change from 0 to 764 [ 463.490783][T23068] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 463.548409][T23131] Symlink component flag not implemented [ 463.606992][T23131] Symlink component flag not implemented (105) [ 463.733258][T23068] XFS (loop2): Ending clean mount [ 464.170665][ T5827] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 464.229956][T23178] netlink: 'syz.3.4228': attribute type 1 has an invalid length. [ 464.258284][T23178] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4228'. [ 464.312601][T23184] loop4: detected capacity change from 0 to 8 [ 464.376464][T23184] SQUASHFS error: Unable to read inode 0xa7 [ 464.833691][T23198] loop5: detected capacity change from 0 to 4096 [ 464.839590][T23211] loop1: detected capacity change from 0 to 512 [ 464.906737][T23211] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (47215!=33349) [ 464.992096][ T5916] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 465.010937][T23211] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e02c, mo2=0002] [ 465.067901][T23211] EXT4-fs (loop1): orphan cleanup on readonly fs [ 465.075495][T23211] EXT4-fs error (device loop1): ext4_orphan_get:1423: comm syz.1.4237: bad orphan inode 3 [ 465.086713][T23211] loop1: lost filesystem error report for type 5 error -117 [ 465.091358][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 465.105342][ C0] EXT4-fs (loop1): initial error at time 1776261275: ext4_orphan_get:1423 [ 465.112588][T23211] EXT4-fs (loop1): Remounting filesystem read-only [ 465.113990][ C0] EXT4-fs (loop1): last error at time 1776261275: ext4_orphan_get:1423 [ 465.189700][T23211] EXT4-fs (loop1): mounted filesystem ff0f0000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 465.235736][ T5916] usb 5-1: config 0 has an invalid interface number: 13 but max is 0 [ 465.266399][T23211] EXT4-fs warning (device loop1): dx_probe:861: inode #2: comm syz.1.4237: dx entry: limit 0 != root limit 125 [ 465.268962][ T5916] usb 5-1: config 0 has no interface number 0 [ 465.307770][T23223] ALSA: mixer_oss: invalid OSS volume '' [ 465.328939][T23223] ALSA: mixer_oss: invalid OSS volume '[sRkz1+eZu;' [ 465.345944][T23211] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.4237: Corrupt directory, running e2fsck is recommended [ 465.361687][ T5916] usb 5-1: config 0 interface 13 has no altsetting 0 [ 465.381497][T23223] ALSA: mixer_oss: invalid OSS volume '#F!c)7 -!6P4X1u' [ 465.396345][ T5916] usb 5-1: Dual-Role OTG device on HNP port [ 465.407725][T23223] ALSA: mixer_oss: invalid OSS volume 'mٗ0 2"\d˽ha1' [ 465.423317][ T5916] usb 5-1: New USB device found, idVendor=17cc, idProduct=1940, bcdDevice=1e.7a [ 465.443913][T23223] ALSA: mixer_oss: invalid OSS volume ']-]zQTU' [ 465.452395][ T5916] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 465.452432][ T5916] usb 5-1: Product: syz [ 465.452451][ T5916] usb 5-1: Manufacturer: syz [ 465.499422][ T5916] usb 5-1: SerialNumber: syz [ 465.512121][T23223] ALSA: mixer_oss: invalid OSS volume 'qdhK' [ 465.530051][ T5916] usb 5-1: config 0 descriptor?? [ 465.532828][T23223] ALSA: mixer_oss: invalid OSS volume 'f|o`wg|zsݷN@6f' [ 465.584979][ T5821] EXT4-fs (loop1): unmounting filesystem ff0f0000-0000-0000-0000-000000000007. [ 465.603667][T23223] ALSA: mixer_oss: invalid OSS volume 'g' [ 465.651434][T23223] ALSA: mixer_oss: invalid OSS volume 'Hb0r2Q64dpZoȝ' [ 465.671456][T23223] ALSA: mixer_oss: invalid OSS volume 'Fm[#}Îr}[* ' [ 465.682762][T23223] ALSA: mixer_oss: invalid OSS volume 'O."]j#H)XU^d' [ 465.705272][T23223] ALSA: mixer_oss: invalid OSS volume ')Qk' [ 465.720726][T23223] ALSA: mixer_oss: invalid OSS volume '[B,PV#ìbjVf-r*'Z' [ 465.751483][T23223] ALSA: mixer_oss: invalid OSS volume 'wމF6FlCĜJF=' [ 465.776161][ T5916] snd-usb-caiaq 5-1:0.13: can't set alt interface. [ 465.785273][T23223] ALSA: mixer_oss: invalid OSS volume '3j+鼺Jrs' [ 465.809272][ T5916] usb 5-1: unable to init card! (ret=-5) [ 465.820745][T23223] ALSA: mixer_oss: invalid OSS volume '7=8&ul:u7*;|VA+s4' [ 465.837572][ T5916] snd-usb-caiaq 5-1:0.13: probe with driver snd-usb-caiaq failed with error -5 [ 465.863463][T23223] ALSA: mixer_oss: invalid OSS volume '[+Tx=y4hhMS]/(1' [ 465.866110][T23246] netlink: 'syz.1.4242': attribute type 1 has an invalid length. [ 465.896066][T23223] ALSA: mixer_oss: invalid OSS volume 'UD4n' [ 465.896640][ T5916] usb 5-1: USB disconnect, device number 20 [ 465.923353][T23223] ALSA: mixer_oss: invalid OSS volume 'Б*'fԏ]ft<+O[' [ 465.949319][T23223] ALSA: mixer_oss: invalid OSS volume '%' [ 466.068542][T23195] loop0: detected capacity change from 0 to 40427 [ 466.113553][T23195] F2FS-fs (loop0): build fault injection rate: 771 [ 466.139916][T23195] F2FS-fs (loop0): invalid crc value [ 466.383056][T23266] loop2: detected capacity change from 0 to 4096 [ 466.413830][T23266] EXT4-fs: inline encryption not supported [ 466.448342][T23266] EXT4-fs (loop2): Test dummy encryption mode enabled [ 466.508035][T23195] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 466.531654][T23266] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c019, mo2=0003] [ 466.553205][T23195] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 466.576868][T23276] loop3: detected capacity change from 0 to 1024 [ 466.608026][T23266] System zones: 0-5 [ 466.645188][T23266] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 466.658162][T23269] loop1: detected capacity change from 0 to 8192 [ 466.706495][T23195] syz.0.4234: attempt to access beyond end of device [ 466.706495][T23195] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 466.740629][T23276] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 466.811760][T23276] ext4 filesystem being mounted at /719/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 466.846476][ T5830] syz-executor: attempt to access beyond end of device [ 466.846476][ T5830] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 466.914142][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 466.914182][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 466.914200][ T5830] Call Trace: [ 466.914210][ T5830] [ 466.914221][ T5830] dump_stack_lvl+0xe8/0x150 [ 466.914266][ T5830] f2fs_handle_critical_error+0x37c/0x540 [ 466.914308][ T5830] f2fs_write_end_io+0xcdb/0xff0 [ 466.914369][ T5830] __submit_merged_bio+0x256/0x6a0 [ 466.914415][ T5830] __submit_merged_write_cond+0x3c9/0x4e0 [ 466.914458][ T5830] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 466.914507][ T5830] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.914550][ T5830] f2fs_write_data_pages+0x2975/0x35e0 [ 466.914586][ T5830] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.914617][ T5830] ? __lock_acquire+0x6b5/0x2cf0 [ 466.914695][ T5830] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 466.914748][ T5830] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.914779][ T5830] ? css_rstat_updated+0x23a/0x530 [ 466.914860][ T5830] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.914892][ T5830] ? rcu_is_watching+0x15/0xb0 [ 466.914932][ T5830] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.914963][ T5830] ? mod_memcg_lruvec_state+0x1a7/0x350 [ 466.915018][ T5830] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.915049][ T5830] ? __lock_acquire+0x6b5/0x2cf0 [ 466.915117][ T5830] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 466.915156][ T5830] do_writepages+0x32e/0x550 [ 466.915193][ T5830] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.915228][ T5830] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.915264][ T5830] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.915295][ T5830] ? do_raw_spin_unlock+0xf5/0x210 [ 466.915331][ T5830] filemap_fdatawrite+0x1e9/0x2f0 [ 466.915370][ T5830] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 466.915449][ T5830] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.915484][ T5830] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.915520][ T5830] ? do_raw_spin_unlock+0xf5/0x210 [ 466.915555][ T5830] f2fs_sync_dirty_inodes+0x30e/0x830 [ 466.915613][ T5830] f2fs_write_checkpoint+0x9df/0x26a0 [ 466.915693][ T5830] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 466.915779][ T5830] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.915810][ T5830] ? kfree+0x1c1/0x620 [ 466.915845][ T5830] ? f2fs_stop_gc_thread+0x7f/0xb0 [ 466.915905][ T5830] kill_f2fs_super+0x314/0x720 [ 466.915950][ T5830] ? __pfx_kill_f2fs_super+0x10/0x10 [ 466.916003][ T5830] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.916034][ T5830] ? lockdep_hardirqs_on+0x7a/0x110 [ 466.916068][ T5830] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.916114][ T5830] deactivate_locked_super+0xbc/0x130 [ 466.916148][ T5830] cleanup_mnt+0x437/0x4d0 [ 466.916184][ T5830] ? _raw_spin_unlock_irq+0x23/0x50 [ 466.916219][ T5830] task_work_run+0x1d9/0x270 [ 466.916254][ T5830] ? __pfx_task_work_run+0x10/0x10 [ 466.916293][ T5830] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.916322][ T5830] exit_to_user_mode_loop+0xed/0x480 [ 466.916353][ T5830] ? rcu_is_watching+0x15/0xb0 [ 466.916394][ T5830] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.916423][ T5830] do_syscall_64+0x33e/0xf80 [ 466.916455][ T5830] ? trace_irq_disable+0x3b/0x140 [ 466.916491][ T5830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.916523][ T5830] RIP: 0033:0x7f740859da57 [ 466.916548][ T5830] Code: a2 c7 05 9c fc 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 466.916568][ T5830] RSP: 002b:00007ffe259cdb78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 466.916594][ T5830] RAX: 0000000000000000 RBX: 00007f7408632048 RCX: 00007f740859da57 [ 466.916613][ T5830] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe259cdc30 [ 466.916629][ T5830] RBP: 00007ffe259cdc30 R08: 00007ffe259cec30 R09: 00000000ffffffff [ 466.916648][ T5830] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe259cecc0 [ 466.916664][ T5830] R13: 00007f7408632048 R14: 0000000000071f30 R15: 00007ffe259ced00 [ 466.916705][ T5830] [ 467.320492][ T5830] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 467.334969][T23273] loop5: detected capacity change from 0 to 32768 [ 467.392091][T23273] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.4249 (23273) [ 467.505831][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 467.555302][ T5832] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 467.582664][T23273] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 467.601442][T23273] BTRFS info (device loop5): using sha256 checksum algorithm [ 467.977750][T23273] BTRFS info (device loop5): rebuilding free space tree [ 468.124145][T23273] BTRFS info (device loop5): enabling ssd optimizations [ 468.154625][T23273] BTRFS info (device loop5): using spread ssd allocation scheme [ 468.197503][T23273] BTRFS info (device loop5): turning on async discard [ 468.233916][T23273] BTRFS info (device loop5): enabling free space tree [ 468.265639][T23273] BTRFS info (device loop5): force clearing of disk cache [ 468.329364][ T31] audit: type=1326 audit(1776261278.378:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23367 comm="syz.1.4259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 468.410925][T23371] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4261'. [ 468.457669][ T31] audit: type=1326 audit(1776261278.408:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23367 comm="syz.1.4259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 468.483214][T23373] netlink: 76 bytes leftover after parsing attributes in process `syz.3.4260'. [ 468.560556][ T31] audit: type=1326 audit(1776261278.418:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23367 comm="syz.1.4259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 468.565925][ T5829] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 468.799324][ T31] audit: type=1326 audit(1776261278.858:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23367 comm="syz.1.4259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 468.867209][ T5933] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 468.912357][ T31] audit: type=1326 audit(1776261278.858:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23367 comm="syz.1.4259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3a39c819 code=0x7ffc0000 [ 469.091957][ T5933] usb 5-1: Using ep0 maxpacket: 8 [ 469.150093][ T5933] usb 5-1: unable to get BOS descriptor or descriptor too short [ 469.174656][ T5933] usb 5-1: config 0 has an invalid interface number: 122 but max is 0 [ 469.194519][ T5933] usb 5-1: config 0 has no interface number 0 [ 469.237050][ T5933] usb 5-1: config 0 interface 122 altsetting 187 endpoint 0x82 has invalid maxpacket 59391, setting to 1024 [ 469.273863][ T5933] usb 5-1: config 0 interface 122 altsetting 187 has an endpoint descriptor with address 0x95, changing to 0x85 [ 469.319716][ T5933] usb 5-1: config 0 interface 122 altsetting 187 endpoint 0x85 has invalid maxpacket 19271, setting to 1024 [ 469.368763][ T5933] usb 5-1: config 0 interface 122 altsetting 187 bulk endpoint 0x85 has invalid maxpacket 1024 [ 469.445404][ T5933] usb 5-1: config 0 interface 122 altsetting 187 endpoint 0x6 has invalid wMaxPacketSize 0 [ 469.488498][ T5933] usb 5-1: config 0 interface 122 altsetting 187 bulk endpoint 0x6 has invalid maxpacket 0 [ 469.535854][ T5933] usb 5-1: config 0 interface 122 has no altsetting 0 [ 469.577225][ T5933] usb 5-1: string descriptor 0 read error: -22 [ 469.601935][T23404] workqueue: name exceeds WQ_NAME_LEN. Truncating to: 1IT ҇b>a&͌;KVZO" [ 469.630747][ T5933] usb 5-1: New USB device found, idVendor=04b8, idProduct=0521, bcdDevice=15.4a [ 469.647439][ T5933] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 469.712753][ T5933] usb 5-1: config 0 descriptor?? [ 469.720472][T23376] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 469.739400][T23376] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 469.815613][ T5933] pl2303 5-1:0.122: pl2303 converter detected [ 469.954075][ T5933] pl2303 5-1:0.122: pl2303_vendor_read - failed to read [8484]: -110 [ 470.000505][ T5933] pl2303 5-1:0.122: pl2303_vendor_write - failed to write [0404]: -71 [ 470.040807][ T5933] pl2303 5-1:0.122: pl2303_vendor_read - failed to read [8484]: -71 [ 470.074746][ T5933] pl2303 5-1:0.122: pl2303_vendor_read - failed to read [8383]: -71 [ 470.116668][ T5933] pl2303 5-1:0.122: pl2303_vendor_read - failed to read [8484]: -71 [ 470.160960][ T5933] pl2303 5-1:0.122: pl2303_vendor_write - failed to write [0404]: -71 [ 470.199576][ T5933] pl2303 5-1:0.122: pl2303_vendor_read - failed to read [8484]: -71 [ 470.239232][ T5933] pl2303 5-1:0.122: pl2303_vendor_read - failed to read [8383]: -71 [ 470.279900][ T5933] pl2303 5-1:0.122: pl2303_vendor_write - failed to write [0000]: -71 [ 470.295775][T23382] loop2: detected capacity change from 0 to 32768 [ 470.318148][T23435] loop0: detected capacity change from 0 to 64 [ 470.334007][ T5933] pl2303 5-1:0.122: pl2303_vendor_write - failed to write [0001]: -71 [ 470.374175][ T5933] pl2303 5-1:0.122: pl2303_vendor_write - failed to write [0002]: -71 [ 470.441007][ T5933] usb 5-1: pl2303 converter now attached to ttyUSB0 [ 470.511955][ T5933] usb 5-1: USB disconnect, device number 21 [ 470.680115][ T5933] pl2303 ttyUSB0: pl2303 converter now disconnected from ttyUSB0 [ 470.728984][ T5933] pl2303 5-1:0.122: device disconnected [ 470.865526][T23390] loop5: detected capacity change from 0 to 32768 [ 470.929850][T23390] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 471.065870][T23390] XFS (loop5): Ending clean mount [ 471.196409][T23390] XFS (loop5): WARNING: Reset corrupted AGFL on AG 0. 1 blocks leaked. Please unmount and run xfs_repair. [ 471.257650][T23483] loop4: detected capacity change from 0 to 4096 [ 471.530531][T23483] ntfs3(loop4): ino=b, mi_enum_attr [ 471.547945][T23499] loop2: detected capacity change from 0 to 16 [ 471.564457][T23483] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 471.604078][ T5829] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 471.612982][T23483] ntfs3(loop4): Failed to load $Extend (-22). [ 471.653494][T23483] ntfs3(loop4): Failed to initialize $Extend. [ 471.657261][T23499] erofs (device loop2): mounted with root inode @ nid 36. [ 471.754702][T23438] loop1: detected capacity change from 0 to 32768 [ 471.757532][T23483] overlayfs: failed to resolve 'w5T)`)YFnA@T<3ڂ$rcnHwC" -8/': -22 [ 471.768625][T23499] erofs (device loop2): readahead error at folio 2 @ nid 89 [ 471.856432][T23499] erofs (device loop2): inconsistent algorithmtype 2 for nid 89 [ 471.883285][T23438] (syz.1.4276,23438,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 471.883609][T23499] erofs (device loop2): readahead error at folio 1 @ nid 89 [ 471.993536][T23438] (syz.1.4276,23438,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 472.033310][T23499] erofs (device loop2): inconsistent algorithmtype 2 for nid 89 [ 472.060994][T23499] erofs (device loop2): readahead error at folio 0 @ nid 89 [ 472.100798][T23508] loop0: detected capacity change from 0 to 16 [ 472.133285][T23499] erofs (device loop2): inconsistent algorithmtype 2 for nid 89 [ 472.139337][T23508] erofs (device loop0): mounted with root inode @ nid 36. [ 472.151019][T23438] JBD2: Ignoring recovery information on journal [ 472.195687][T23499] erofs (device loop2): read error -117 @ 0 of nid 89 [ 472.208005][T23508] erofs (device loop0): not enough plain data on disk @ la 4096 of nid 89 [ 472.276107][T23508] erofs (device loop0): readahead error at folio 1 @ nid 89 [ 472.303372][T23438] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 472.305930][ T31] audit: type=1800 audit(1776261282.348:276): pid=23499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4286" name="file3" dev="loop2" ino=89 res=0 errno=0 [ 472.347290][T23508] syz.0.4290: attempt to access beyond end of device [ 472.347290][T23508] loop0: rw=524288, sector=0, nr_sectors = 1024 limit=16 [ 472.370916][T23508] syz.0.4290: attempt to access beyond end of device [ 472.370916][T23508] loop0: rw=524288, sector=0, nr_sectors = 1792 limit=16 [ 472.521142][T23508] erofs (device loop0): not enough plain data on disk @ la 4096 of nid 89 [ 472.581218][T23508] erofs (device loop0): not enough plain data on disk @ la 4096 of nid 89 [ 472.641108][T23508] erofs (device loop0): read error -117 @ 1 of nid 89 [ 472.688030][ T31] audit: type=1800 audit(1776261282.738:277): pid=23508 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4290" name="file2" dev="loop0" ino=89 res=0 errno=0 [ 473.372552][ T5821] ocfs2: Unmounting device (7,1) on (node local) [ 473.636918][T23568] loop0: detected capacity change from 0 to 64 [ 473.816865][T23564] loop2: detected capacity change from 0 to 4096 [ 474.147118][T23583] loop0: detected capacity change from 0 to 512 [ 474.226825][T23583] EXT4-fs error (device loop0): ext4_orphan_get:1423: comm syz.0.4307: bad orphan inode 13 [ 474.347848][T23583] loop0: lost filesystem error report for type 5 error -117 [ 474.348437][T23583] ext4_test_bit(bit=12, block=4) = 1 [ 474.355882][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 474.355907][ C1] EXT4-fs (loop0): initial error at time 1776261284: ext4_orphan_get:1423 [ 474.355935][ C1] EXT4-fs (loop0): last error at time 1776261284: ext4_orphan_get:1423 [ 474.414265][T23583] is_bad_inode(inode)=0 [ 474.434485][T23583] NEXT_ORPHAN(inode)=0 [ 474.456386][T23583] max_ino=32 [ 474.571631][T23604] tc_dump_action: action bad kind [ 474.576778][T23583] i_nlink=1 [ 474.583537][T23583] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 474.705775][T23583] EXT4-fs warning (device loop0): dx_probe:813: inode #2: comm syz.0.4307: Hash code is SIPHASH, but hash not in dirent [ 474.793077][T23583] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.4307: Corrupt directory, running e2fsck is recommended [ 474.860856][T23583] EXT4-fs warning (device loop0): dx_probe:813: inode #2: comm syz.0.4307: Hash code is SIPHASH, but hash not in dirent [ 474.895225][T23549] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 474.906179][T23583] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.4307: Corrupt directory, running e2fsck is recommended [ 475.079779][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 475.140501][T23549] XFS (loop5): Ending clean mount [ 475.242240][T23570] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4305 (23570) [ 475.355364][T23570] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 475.414448][T23570] BTRFS info (device loop4): using xxhash64 checksum algorithm [ 475.467887][T23649] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4320'. [ 475.524888][T23649] netlink: 136 bytes leftover after parsing attributes in process `syz.0.4320'. [ 475.558850][ T5829] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 475.664442][T23570] BTRFS info (device loop4): rebuilding free space tree [ 475.940430][T23570] BTRFS info (device loop4): allowing degraded mounts [ 475.961583][T23570] BTRFS info (device loop4): enabling ssd optimizations [ 475.977543][T23570] BTRFS info (device loop4): turning on sync discard [ 476.025336][T23570] BTRFS info (device loop4): enabling free space tree [ 476.055188][T23570] BTRFS info (device loop4): force clearing of disk cache [ 476.144470][T23570] BTRFS info (device loop4): use zlib compression, level 3 [ 476.962336][ T790] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 477.020426][T23714] set_capacity_and_notify: 2 callbacks suppressed [ 477.020449][T23714] loop5: detected capacity change from 0 to 128 [ 477.109503][T23714] FAT-fs (loop5): error, invalid access to FAT (entry 0x0000006f) [ 477.142523][ T790] usb 4-1: Using ep0 maxpacket: 16 [ 477.156573][T23714] FAT-fs (loop5): Filesystem has been set read-only [ 477.187914][ T790] usb 4-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 477.226135][ T790] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 477.234849][T23570] BTRFS warning (device loop4): discard failed for extent [5255168, 5259263]: errno=-512 unknown [ 477.263268][ T790] usb 4-1: Product: syz [ 477.276787][ T790] usb 4-1: Manufacturer: syz [ 477.297233][ T790] usb 4-1: SerialNumber: syz [ 477.309643][T23570] BTRFS warning (device loop4): discard failed for extent [5292032, 5296127]: errno=-512 unknown [ 477.336999][ T790] usb 4-1: config 0 descriptor?? [ 477.375450][ T790] visor 4-1:0.0: Sony Clie 3.5 converter detected [ 477.391778][T23570] BTRFS warning (device loop4): discard failed for extent [5345280, 5353471]: errno=-512 unknown [ 477.448770][T23570] BTRFS warning (device loop4): discard failed for extent [6881280, 6885375]: errno=-512 unknown [ 477.542051][ T5820] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 477.812203][ T790] usb 4-1: clie_3_5_startup: get interface number failed: -71 [ 477.845714][ T790] visor 4-1:0.0: probe with driver visor failed with error -71 [ 477.869710][T23699] loop2: detected capacity change from 0 to 32768 [ 477.901194][ T790] usb 4-1: USB disconnect, device number 15 [ 477.930805][T23699] (syz.2.4333,23699,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 478.014993][T23699] (syz.2.4333,23699,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 478.142477][T23754] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 478.204970][T23699] JBD2: Ignoring recovery information on journal [ 478.382919][T23699] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 479.040176][ T5827] ocfs2: Unmounting device (7,2) on (node local) [ 479.071472][T23730] loop0: detected capacity change from 0 to 32768 [ 479.169672][T23730] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 479.404295][T23730] XFS (loop0): Ending clean mount [ 479.434443][T23730] XFS (loop0): Quotacheck needed: Please wait. [ 479.563779][T23812] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4357'. [ 479.778444][T23730] XFS (loop0): Quotacheck: Done. [ 479.886762][T23820] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4360'. [ 479.900520][T23770] loop4: detected capacity change from 0 to 32768 [ 479.916178][T23823] smc: removing ib device syz0 [ 480.077172][ T5830] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 480.450691][T23837] loop4: detected capacity change from 0 to 2048 [ 480.629457][T23847] nft_compat: unsupported protocol 8 [ 480.661682][T23848] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 480.718041][T23837] NILFS error (device loop4): nilfs_check_folio: bad entry in directory #2: rec_len is too small for name_len - offset=56, inode=12, rec_len=24, name_len=56 [ 480.889957][T23837] Remounting filesystem read-only [ 480.956716][T23810] loop5: detected capacity change from 0 to 32768 [ 481.080734][T23810] XFS (loop5): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 481.129875][T23858] loop2: detected capacity change from 0 to 512 [ 481.169186][T23868] netlink: 3 bytes leftover after parsing attributes in process `syz.0.4372'. [ 481.178602][T23868] 0X: renamed from caif0 [ 481.191226][T23858] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 481.271039][T23868] 0X: entered allmulticast mode [ 481.281511][T23868] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 481.319614][T23858] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 481.387619][T23879] loop1: detected capacity change from 0 to 2048 [ 481.426920][T23810] XFS (loop5): Ending clean mount [ 481.447893][T23858] ext4 filesystem being mounted at /733/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 481.482523][T23810] XFS (loop5): Quotacheck needed: Please wait. [ 481.633411][T23879] NILFS (loop1): the device already has a read-only mount. [ 481.669183][T23889] bridge_slave_0: left allmulticast mode [ 481.685319][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 481.707077][T23889] bridge_slave_0: left promiscuous mode [ 481.739991][T23889] bridge0: port 1(bridge_slave_0) entered disabled state [ 481.862124][T23889] bridge_slave_1: left allmulticast mode [ 481.875259][T23889] bridge_slave_1: left promiscuous mode [ 481.906337][T23889] bridge0: port 2(bridge_slave_1) entered disabled state [ 481.931477][T23810] XFS (loop5): Quotacheck: Done. [ 482.015021][ T5829] XFS (loop5): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 482.085458][T23889] team0: Port device team_slave_0 removed [ 482.204508][T23889] team0: Port device team_slave_1 removed [ 482.226289][T23889] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 482.280341][T23908] loop4: detected capacity change from 0 to 512 [ 482.296193][T23889] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 482.372267][T23889] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 482.384344][T23908] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 482.401219][T23908] ext4 filesystem being mounted at /705/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 482.414470][T23889] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 482.552657][T23889] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 482.684773][ T5820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 483.724528][T23963] loop4: detected capacity change from 0 to 64 [ 484.143097][T23977] loop4: detected capacity change from 0 to 512 [ 484.246699][T23977] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4401: invalid indirect mapped block 256 (level 2) [ 484.268144][T23977] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 484.271339][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 484.287295][ C1] EXT4-fs (loop4): initial error at time 1776261294: ext4_free_branches:1023: inode 11 [ 484.297033][ C1] EXT4-fs (loop4): last error at time 1776261294: ext4_free_branches:1023: inode 11 [ 484.316020][T23977] EXT4-fs (loop4): 2 truncates cleaned up [ 484.326819][T23977] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 484.436363][T23977] EXT4-fs error (device loop4): empty_inline_dir:1778: inode #12: block 7: comm syz.4.4401: bad entry in directory: directory entry overrun - offset=4, inode=4278190093, rec_len=196860, size=60 fake=0 [ 484.463809][T23982] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 484.517467][T23938] loop5: detected capacity change from 0 to 32768 [ 484.546711][T23989] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4405'. [ 484.600484][T23938] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 484.667110][T23977] EXT4-fs warning (device loop4): empty_inline_dir:1785: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60 [ 484.753091][T23938] XFS (loop5): Ending clean mount [ 484.840898][T23938] XFS (loop5): Quotacheck needed: Please wait. [ 484.869315][ T5820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 485.172280][T23958] loop1: detected capacity change from 0 to 32768 [ 485.236257][T23938] XFS (loop5): Quotacheck: Done. [ 485.277338][T23958] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 485.355421][ T5829] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 485.423809][T23958] XFS (loop1): Ending clean mount [ 485.435087][T23958] XFS (loop1): Quotacheck needed: Please wait. [ 485.489633][T24040] gre0: left promiscuous mode [ 485.495463][T24040] gre0: left allmulticast mode [ 485.589202][T24040] netlink: 136 bytes leftover after parsing attributes in process `syz.2.4414'. [ 485.616833][T24040] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 485.650445][T24048] loop0: detected capacity change from 0 to 8 [ 485.726603][T24048] SQUASHFS error: Unknown inode type 0 in squashfs_iget! [ 485.894020][T23958] XFS (loop1): Quotacheck: Done. [ 486.125373][ T5821] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 487.096128][T24052] loop4: detected capacity change from 0 to 32768 [ 487.125764][T24052] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4418 (24052) [ 487.224126][T24052] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 487.253185][T24052] BTRFS info (device loop4): using sha256 checksum algorithm [ 487.307798][T24062] loop0: detected capacity change from 0 to 32768 [ 487.316660][T24062] xfs: Deprecated parameter 'attr2' [ 487.322978][T24062] XFS: attr2 mount option is deprecated. [ 487.406752][T24062] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 487.514655][T24052] BTRFS info (device loop4): enabling ssd optimizations [ 487.575133][T24052] BTRFS info (device loop4): turning on async discard [ 487.615499][T24062] XFS (loop0): Ending clean mount [ 487.636584][T24052] BTRFS info (device loop4): enabling free space tree [ 487.688972][T24062] XFS (loop0): Quotacheck needed: Please wait. [ 487.732895][T24081] bond1: Removing last arp target with arp_interval on [ 487.880030][ T5820] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 487.978229][T24062] XFS (loop0): Quotacheck: Done. [ 488.198882][ T5830] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 489.168056][T24198] vti0: entered promiscuous mode [ 489.192363][T24198] vti0: entered allmulticast mode [ 489.585214][T24219] loop5: detected capacity change from 0 to 1024 [ 489.664220][T24219] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 489.734401][T24219] EXT4-fs error (device loop5): ext4_get_first_dir_block:3550: inode #11: comm syz.5.4448: directory missing '..' [ 489.752747][T24219] EXT4-fs (loop5): Remounting filesystem read-only [ 489.806039][ T5829] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 490.241476][ T24] usb 5-1: new low-speed USB device number 22 using dummy_hcd [ 490.308404][T24259] loop1: detected capacity change from 0 to 256 [ 490.413429][ T24] usb 5-1: config 32 interface 0 altsetting 0 has an endpoint descriptor with address 0x73, changing to 0x3 [ 490.465541][ T24] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 490.475640][T24269] program syz.0.4461 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 490.506033][ T24] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 490.556156][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 490.614851][T24243] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 490.807925][T24221] loop2: detected capacity change from 0 to 32768 [ 490.849575][T24221] (syz.2.4449,24221,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 490.859949][ T24] usb 5-1: string descriptor 0 read error: -71 [ 490.903174][T24221] (syz.2.4449,24221,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 490.910637][ T24] hub 5-1:32.0: bad descriptor, ignoring hub [ 490.965371][ T24] hub 5-1:32.0: probe with driver hub failed with error -5 [ 490.999457][T24221] JBD2: Ignoring recovery information on journal [ 491.203708][T24221] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 491.456229][ T24] usb 5-1: USB disconnect, device number 22 [ 491.526943][T24325] loop5: detected capacity change from 0 to 256 [ 491.779776][T24336] loop1: detected capacity change from 0 to 2048 [ 491.826695][T24336] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 491.869216][T24336] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 491.917226][T24336] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 492.032576][T24361] xt_policy: neither incoming nor outgoing policy selected [ 492.175385][T24370] futex_wake_op: syz.5.4485 tries to shift op by 36; fix this program [ 492.213183][ T5827] ocfs2: Unmounting device (7,2) on (node local) [ 492.569401][T24394] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c) [ 493.290716][T24421] nbd: couldn't find device at index -2145452028 [ 493.302728][T24422] netlink: 830 bytes leftover after parsing attributes in process `syz.5.4500'. [ 493.331227][T24422] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 493.838165][T24443] loop2: detected capacity change from 0 to 512 [ 493.914167][T24397] loop3: detected capacity change from 0 to 32768 [ 493.987939][T24461] loop5: detected capacity change from 0 to 256 [ 494.026475][T24397] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 494.257469][T24480] i2c i2c-0: Invalid block write size 254 [ 494.298050][T24461] FAT-fs (loop5): Directory bread(block 64) failed [ 494.350289][T24461] FAT-fs (loop5): Directory bread(block 65) failed [ 494.396463][T24461] FAT-fs (loop5): Directory bread(block 66) failed [ 494.432314][T24397] XFS (loop3): Ending clean mount [ 494.449060][T24461] FAT-fs (loop5): Directory bread(block 67) failed [ 494.526002][T24461] FAT-fs (loop5): Directory bread(block 68) failed [ 494.565890][T24461] FAT-fs (loop5): Directory bread(block 69) failed [ 494.599997][T24461] FAT-fs (loop5): Directory bread(block 70) failed [ 494.646337][T24461] FAT-fs (loop5): Directory bread(block 71) failed [ 494.677965][ T5832] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 494.697119][T24461] FAT-fs (loop5): Directory bread(block 72) failed [ 494.729983][T24461] FAT-fs (loop5): Directory bread(block 73) failed [ 494.926794][T24461] syz.5.4511: attempt to access beyond end of device [ 494.926794][T24461] loop5: rw=524288, sector=1160, nr_sectors = 4 limit=256 [ 494.935129][T24499] vim2m vim2m.0: Fourcc format (0x47524247) invalid. [ 495.040423][T24461] syz.5.4511: attempt to access beyond end of device [ 495.040423][T24461] loop5: rw=0, sector=1160, nr_sectors = 4 limit=256 [ 495.129188][T24509] netlink: 'syz.1.4524': attribute type 12 has an invalid length. [ 495.165274][ T31] audit: type=1800 audit(1776261305.218:278): pid=24461 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.4511" name="file0" dev="loop5" ino=1048665 res=0 errno=0 [ 495.697301][T24535] netlink: 'syz.3.4532': attribute type 1 has an invalid length. [ 495.732747][T24474] loop0: detected capacity change from 0 to 32768 [ 496.001133][T24549] netlink: 'syz.3.4536': attribute type 23 has an invalid length. [ 496.143949][T24558] loop1: detected capacity change from 0 to 1764 [ 496.319856][T24576] tmpfs: Bad value for 'mpol' [ 496.867451][T24601] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4550'. [ 497.178774][T24618] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4557'. [ 497.200391][T24619] loop0: detected capacity change from 0 to 512 [ 497.225792][T24618] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 497.227988][T24622] Unsupported ieee802154 address type: 0 [ 497.348019][T24619] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 497.372902][T24619] ext4 filesystem being mounted at /793/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 497.412575][T24637] loop3: detected capacity change from 0 to 2048 [ 497.443994][T24637] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 497.564290][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 497.776632][T24658] loop0: detected capacity change from 0 to 128 [ 497.841172][T24666] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4570'. [ 497.844881][T24658] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 497.927064][T24675] loop5: detected capacity change from 0 to 16 [ 497.953438][T24658] ext4 filesystem being mounted at /794/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 497.964959][T24675] erofs (device loop5): mounted with root inode @ nid 36. [ 498.287686][ T5830] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 498.405060][T24692] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4575'. [ 498.963724][T24727] Device name not specified. [ 498.963724][T24727] [ 499.352162][T24757] loop4: detected capacity change from 0 to 256 [ 499.438016][T24757] FAT-fs (loop4): Directory bread(block 64) failed [ 499.468074][T24757] FAT-fs (loop4): Directory bread(block 65) failed [ 499.494925][T24757] FAT-fs (loop4): Directory bread(block 66) failed [ 499.518605][T24757] FAT-fs (loop4): Directory bread(block 67) failed [ 499.540943][T24757] FAT-fs (loop4): Directory bread(block 68) failed [ 499.540984][T24757] FAT-fs (loop4): Directory bread(block 69) failed [ 499.541073][T24757] FAT-fs (loop4): Directory bread(block 70) failed [ 499.541103][T24757] FAT-fs (loop4): Directory bread(block 71) failed [ 499.541191][T24757] FAT-fs (loop4): Directory bread(block 72) failed [ 499.541222][T24757] FAT-fs (loop4): Directory bread(block 73) failed [ 499.615250][T24779] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4603'. [ 499.626005][ T31] audit: type=1800 audit(1776261309.678:279): pid=24757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4597" name="file1" dev="loop4" ino=1048666 res=0 errno=0 [ 499.752228][ T5933] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 499.912272][ T5933] usb 6-1: Using ep0 maxpacket: 8 [ 499.923405][ T5933] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 499.923443][ T5933] usb 6-1: config 179 has no interface number 0 [ 499.923492][ T5933] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 499.923528][ T5933] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 499.923564][ T5933] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 499.923599][ T5933] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 499.923634][ T5933] usb 6-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 499.923670][ T5933] usb 6-1: config 179 interface 65 has no altsetting 0 [ 499.923714][ T5933] usb 6-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 499.923775][ T5933] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 499.951768][ T790] usb 1-1: new full-speed USB device number 17 using dummy_hcd [ 500.109580][T24804] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4609'. [ 500.187546][ T5933] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:179.65/input/input18 [ 500.218318][ T790] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 500.218348][ T790] usb 1-1: config 0 has no interface number 0 [ 500.218388][ T790] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 500.230280][ T790] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 500.230345][ T790] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 500.230372][ T790] usb 1-1: Product: syz [ 500.230391][ T790] usb 1-1: SerialNumber: syz [ 500.235893][ T790] usb 1-1: config 0 descriptor?? [ 500.282670][ T790] cm109 1-1:0.8: invalid payload size 8, expected 4 [ 500.297968][ T790] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input19 [ 500.338253][ T5176] input input18: unable to receive magic message: -110 [ 500.407502][ C0] raw-gadget.0 gadget.5: ignoring, device is not running [ 500.410710][ T5176] input input18: unable to receive magic message: -32 [ 500.426762][ C0] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 500.477749][ C0] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 500.548027][ T790] usb 6-1: USB disconnect, device number 15 [ 500.599305][T24829] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 500.710100][ C0] cm109 1-1:0.8: cm109_urb_irq_callback: urb status -71 [ 500.712528][ T5916] usb 1-1: USB disconnect, device number 17 [ 500.717211][ C0] ------------[ cut here ]------------ [ 500.728568][ C0] URB ffff888053f60b00 submitted while active [ 500.734734][ C0] WARNING: drivers/usb/core/urb.c:379 at usb_submit_urb+0x7b/0x18b0, CPU#0: syz.1.4613/24829 [ 500.745274][ C0] Modules linked in: [ 500.749617][ C0] CPU: 0 UID: 0 PID: 24829 Comm: syz.1.4613 Not tainted syzkaller #0 PREEMPT(full) [ 500.759105][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 500.769200][ C0] RIP: 0010:usb_submit_urb+0x7e/0x18b0 [ 500.774797][ C0] Code: 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 37 9d f7 fa 49 83 3e 00 74 40 e8 fc cf 8b fa 48 8d 3d c5 cc 05 09 48 89 de <67> 48 0f b9 3a b8 f0 ff ff ff eb 11 e8 e1 cf 8b fa eb 05 e8 da cf [ 500.795101][ C0] RSP: 0018:ffffc90000007a00 EFLAGS: 00010083 [ 500.801278][ C0] RAX: ffffffff87398df4 RBX: ffff888053f60b00 RCX: 0000000000040000 [ 500.809370][ C0] RDX: ffffc900020a1000 RSI: ffff888053f60b00 RDI: ffffffff903f5ac0 [ 500.817384][ C0] RBP: 000000000000000f R08: 0000000000000003 R09: 0000000000000004 [ 500.825548][ C0] R10: dffffc0000000000 R11: fffff52000000f40 R12: 0000000000000820 [ 500.833547][ C0] R13: ffff88802991a030 R14: ffff888053f60b08 R15: dffffc0000000000 [ 500.841983][ C0] FS: 0000000000000000(0000) GS:ffff888125245000(0000) knlGS:0000000000000000 [ 500.851033][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 500.857694][ C0] CR2: 00007feaf4fe7158 CR3: 000000005bd04000 CR4: 0000000000350ef0 [ 500.865883][ C0] Call Trace: [ 500.869174][ C0] [ 500.872016][ C0] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 500.877839][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.883491][ C0] ? ___ratelimit+0x58c/0x8d0 [ 500.888281][ C0] cm109_urb_irq_callback+0x6e2/0xc90 [ 500.893769][ C0] __usb_hcd_giveback_urb+0x376/0x540 [ 500.899209][ C0] dummy_timer+0xbc0/0x4650 [ 500.903744][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 500.908725][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 500.913826][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 500.919461][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 500.924523][ C0] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 500.930346][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 500.935295][ C0] __hrtimer_run_queues+0x3c0/0xa20 [ 500.940540][ C0] hrtimer_run_softirq+0x17a/0x240 [ 500.945677][ C0] handle_softirqs+0x22a/0x840 [ 500.950477][ C0] ? __irq_exit_rcu+0xca/0x220 [ 500.955286][ C0] __irq_exit_rcu+0xca/0x220 [ 500.960001][ C0] irq_exit_rcu+0x9/0x30 [ 500.964358][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 500.970022][ C0] [ 500.973013][ C0] [ 500.976122][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 500.982213][ C0] RIP: 0010:lock_acquire+0x221/0x350 [ 500.987540][ C0] Code: ff ff ff e8 b1 9d 11 0a f7 44 24 08 00 02 00 00 0f 84 3a ff ff ff 65 48 8b 05 8b 38 9c 11 48 3b 44 24 58 75 33 fb 48 83 c4 60 <5b> 41 5c 41 5d 41 5e 41 5f 5d e9 5b c9 6e ff cc 48 8d 3d 98 f2 93 [ 501.007298][ C0] RSP: 0018:ffffc900046172d8 EFLAGS: 00000286 [ 501.013390][ C0] RAX: 3286cf1c34424b00 RBX: 0000000000000000 RCX: 0000000080000002 [ 501.021574][ C0] RDX: 000000005f12d3cb RSI: ffffffff8e22a119 RDI: ffffffff8c27f000 [ 501.029580][ C0] RBP: ffffffff823d794a R08: ffffffff823d794a R09: ffffffff8e95d0e0 [ 501.037667][ C0] R10: dffffc0000000000 R11: fffff940003a45e9 R12: 0000000000000002 [ 501.045663][ C0] R13: ffffffff8e95d0e0 R14: 0000000000000000 R15: 0000000000000246 [ 501.053659][ C0] ? pfn_valid+0xba/0x480 [ 501.058066][ C0] ? pfn_valid+0xba/0x480 [ 501.062559][ C0] ? pfn_valid+0xba/0x480 [ 501.066982][ C0] pfn_valid+0xd6/0x480 [ 501.071171][ C0] ? pfn_valid+0xba/0x480 [ 501.075575][ C0] page_table_check_clear+0x21/0x5f0 [ 501.080907][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.086570][ C0] ? vm_normal_page+0x10d/0x240 [ 501.091446][ C0] unmap_page_range+0x33d9/0x48f0 [ 501.096529][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.102200][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.107875][ C0] ? __pfx_unmap_page_range+0x10/0x10 [ 501.113277][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.118948][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.124647][ C0] ? unmap_vmas+0x1c4/0x6a0 [ 501.129185][ C0] unmap_vmas+0x48f/0x6a0 [ 501.133585][ C0] ? __pfx_unmap_vmas+0x10/0x10 [ 501.138529][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.144212][ C0] exit_mmap+0x280/0x9e0 [ 501.148491][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 501.153288][ C0] ? uprobe_clear_state+0x53/0x290 [ 501.158727][ C0] ? __pfx_exit_aio+0x10/0x10 [ 501.163535][ C0] ? uprobe_clear_state+0x27c/0x290 [ 501.168972][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.174732][ C0] __mmput+0x118/0x430 [ 501.179006][ C0] exit_mm+0x18e/0x250 [ 501.183091][ C0] do_exit+0x6a2/0x23c0 [ 501.187273][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.192923][ C0] ? lockdep_hardirqs_on+0x7a/0x110 [ 501.198347][ C0] ? __pfx_do_exit+0x10/0x10 [ 501.202986][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.208640][ C0] ? trace_irq_disable+0x3b/0x140 [ 501.213700][ C0] do_group_exit+0x21b/0x2d0 [ 501.218319][ C0] get_signal+0x1284/0x1330 [ 501.222881][ C0] arch_do_signal_or_restart+0xbc/0x830 [ 501.228456][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 501.234830][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.240916][ C0] exit_to_user_mode_loop+0x86/0x480 [ 501.246484][ C0] ? rcu_is_watching+0x15/0xb0 [ 501.251316][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.257601][ C0] do_syscall_64+0x33e/0xf80 [ 501.262315][ C0] ? trace_irq_disable+0x3b/0x140 [ 501.267369][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.273461][ C0] RIP: 0033:0x7f9a3a39c819 [ 501.277894][ C0] Code: Unable to access opcode bytes at 0x7f9a3a39c7ef. [ 501.285012][ C0] RSP: 002b:00007f9a3b1700e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 501.293449][ C0] RAX: fffffffffffffe00 RBX: 00007f9a3a615fa8 RCX: 00007f9a3a39c819 [ 501.301436][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9a3a615fa8 [ 501.309428][ C0] RBP: 00007f9a3a615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 501.317463][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 501.325811][ C0] R13: 00007f9a3a616038 R14: 00007ffe8361f050 R15: 00007ffe8361f138 [ 501.334021][ C0] [ 501.337145][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 501.344695][ C0] CPU: 0 UID: 0 PID: 24829 Comm: syz.1.4613 Not tainted syzkaller #0 PREEMPT(full) [ 501.354280][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 501.364406][ C0] Call Trace: [ 501.367702][ C0] [ 501.370556][ C0] vpanic+0x56c/0xa60 [ 501.374598][ C0] ? __pfx__printk+0x10/0x10 [ 501.379289][ C0] ? __pfx_vpanic+0x10/0x10 [ 501.383812][ C0] ? is_bpf_text_address+0x292/0x2b0 [ 501.389142][ C0] ? is_bpf_text_address+0x26/0x2b0 [ 501.394364][ C0] panic+0xc5/0xd0 [ 501.398101][ C0] ? __pfx_panic+0x10/0x10 [ 501.402554][ C0] __warn+0x315/0x4c0 [ 501.406578][ C0] ? usb_submit_urb+0x7b/0x18b0 [ 501.411454][ C0] ? usb_submit_urb+0x7b/0x18b0 [ 501.416332][ C0] __report_bug+0x29a/0x540 [ 501.421067][ C0] ? __pfx_dev_vprintk_emit+0x10/0x10 [ 501.426483][ C0] ? usb_submit_urb+0x7b/0x18b0 [ 501.431444][ C0] ? __pfx___report_bug+0x10/0x10 [ 501.436478][ C0] ? mark_lock+0x180/0x190 [ 501.441099][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.446762][ C0] ? dev_printk_emit+0xee/0x140 [ 501.451825][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.457485][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 501.462467][ C0] report_bug_entry+0x19a/0x290 [ 501.467345][ C0] ? usb_submit_urb+0x7e/0x18b0 [ 501.472230][ C0] ? usb_submit_urb+0x83/0x18b0 [ 501.477098][ C0] handle_bug+0xce/0x200 [ 501.481371][ C0] exc_invalid_op+0x1a/0x50 [ 501.485898][ C0] asm_exc_invalid_op+0x1a/0x20 [ 501.491123][ C0] RIP: 0010:usb_submit_urb+0x7e/0x18b0 [ 501.496645][ C0] Code: 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 37 9d f7 fa 49 83 3e 00 74 40 e8 fc cf 8b fa 48 8d 3d c5 cc 05 09 48 89 de <67> 48 0f b9 3a b8 f0 ff ff ff eb 11 e8 e1 cf 8b fa eb 05 e8 da cf [ 501.516359][ C0] RSP: 0018:ffffc90000007a00 EFLAGS: 00010083 [ 501.522768][ C0] RAX: ffffffff87398df4 RBX: ffff888053f60b00 RCX: 0000000000040000 [ 501.530761][ C0] RDX: ffffc900020a1000 RSI: ffff888053f60b00 RDI: ffffffff903f5ac0 [ 501.538832][ C0] RBP: 000000000000000f R08: 0000000000000003 R09: 0000000000000004 [ 501.546913][ C0] R10: dffffc0000000000 R11: fffff52000000f40 R12: 0000000000000820 [ 501.555131][ C0] R13: ffff88802991a030 R14: ffff888053f60b08 R15: dffffc0000000000 [ 501.563244][ C0] ? usb_submit_urb+0x74/0x18b0 [ 501.568147][ C0] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 501.574129][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.579782][ C0] ? ___ratelimit+0x58c/0x8d0 [ 501.584541][ C0] cm109_urb_irq_callback+0x6e2/0xc90 [ 501.589953][ C0] __usb_hcd_giveback_urb+0x376/0x540 [ 501.595444][ C0] dummy_timer+0xbc0/0x4650 [ 501.600103][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 501.605165][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 501.610261][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 501.615758][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 501.620899][ C0] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 501.626992][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 501.632049][ C0] __hrtimer_run_queues+0x3c0/0xa20 [ 501.637302][ C0] hrtimer_run_softirq+0x17a/0x240 [ 501.642744][ C0] handle_softirqs+0x22a/0x840 [ 501.647562][ C0] ? __irq_exit_rcu+0xca/0x220 [ 501.652363][ C0] __irq_exit_rcu+0xca/0x220 [ 501.656990][ C0] irq_exit_rcu+0x9/0x30 [ 501.661360][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 501.667298][ C0] [ 501.670407][ C0] [ 501.673337][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 501.679355][ C0] RIP: 0010:lock_acquire+0x221/0x350 [ 501.684714][ C0] Code: ff ff ff e8 b1 9d 11 0a f7 44 24 08 00 02 00 00 0f 84 3a ff ff ff 65 48 8b 05 8b 38 9c 11 48 3b 44 24 58 75 33 fb 48 83 c4 60 <5b> 41 5c 41 5d 41 5e 41 5f 5d e9 5b c9 6e ff cc 48 8d 3d 98 f2 93 [ 501.704912][ C0] RSP: 0018:ffffc900046172d8 EFLAGS: 00000286 [ 501.711014][ C0] RAX: 3286cf1c34424b00 RBX: 0000000000000000 RCX: 0000000080000002 [ 501.719086][ C0] RDX: 000000005f12d3cb RSI: ffffffff8e22a119 RDI: ffffffff8c27f000 [ 501.727187][ C0] RBP: ffffffff823d794a R08: ffffffff823d794a R09: ffffffff8e95d0e0 [ 501.735177][ C0] R10: dffffc0000000000 R11: fffff940003a45e9 R12: 0000000000000002 [ 501.743247][ C0] R13: ffffffff8e95d0e0 R14: 0000000000000000 R15: 0000000000000246 [ 501.751237][ C0] ? pfn_valid+0xba/0x480 [ 501.755685][ C0] ? pfn_valid+0xba/0x480 [ 501.760150][ C0] ? pfn_valid+0xba/0x480 [ 501.764606][ C0] pfn_valid+0xd6/0x480 [ 501.768792][ C0] ? pfn_valid+0xba/0x480 [ 501.773157][ C0] page_table_check_clear+0x21/0x5f0 [ 501.778472][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.784132][ C0] ? vm_normal_page+0x10d/0x240 [ 501.789101][ C0] unmap_page_range+0x33d9/0x48f0 [ 501.794193][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.799890][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.805554][ C0] ? __pfx_unmap_page_range+0x10/0x10 [ 501.810965][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.816634][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.822330][ C0] ? unmap_vmas+0x1c4/0x6a0 [ 501.826854][ C0] unmap_vmas+0x48f/0x6a0 [ 501.831199][ C0] ? __pfx_unmap_vmas+0x10/0x10 [ 501.836084][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.841741][ C0] exit_mmap+0x280/0x9e0 [ 501.846196][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 501.851019][ C0] ? uprobe_clear_state+0x53/0x290 [ 501.856247][ C0] ? __pfx_exit_aio+0x10/0x10 [ 501.861142][ C0] ? uprobe_clear_state+0x27c/0x290 [ 501.866360][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.872022][ C0] __mmput+0x118/0x430 [ 501.876147][ C0] exit_mm+0x18e/0x250 [ 501.880285][ C0] do_exit+0x6a2/0x23c0 [ 501.884469][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.890327][ C0] ? lockdep_hardirqs_on+0x7a/0x110 [ 501.895547][ C0] ? __pfx_do_exit+0x10/0x10 [ 501.900148][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.905887][ C0] ? trace_irq_disable+0x3b/0x140 [ 501.911107][ C0] do_group_exit+0x21b/0x2d0 [ 501.915729][ C0] get_signal+0x1284/0x1330 [ 501.920292][ C0] arch_do_signal_or_restart+0xbc/0x830 [ 501.926137][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 501.932417][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.938500][ C0] exit_to_user_mode_loop+0x86/0x480 [ 501.943901][ C0] ? rcu_is_watching+0x15/0xb0 [ 501.948727][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.954815][ C0] do_syscall_64+0x33e/0xf80 [ 501.959479][ C0] ? trace_irq_disable+0x3b/0x140 [ 501.964549][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.970507][ C0] RIP: 0033:0x7f9a3a39c819 [ 501.974967][ C0] Code: Unable to access opcode bytes at 0x7f9a3a39c7ef. [ 501.982538][ C0] RSP: 002b:00007f9a3b1700e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 501.991143][ C0] RAX: fffffffffffffe00 RBX: 00007f9a3a615fa8 RCX: 00007f9a3a39c819 [ 501.999407][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9a3a615fa8 [ 502.007487][ C0] RBP: 00007f9a3a615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 502.015513][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 502.023502][ C0] R13: 00007f9a3a616038 R14: 00007ffe8361f050 R15: 00007ffe8361f138 [ 502.031595][ C0] [ 502.035252][ C0] Kernel Offset: disabled [ 502.039595][ C0] Rebooting in 86400 seconds..