last executing test programs: 1.138622304s ago: executing program 3 (id=6818): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)={0x6c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x3, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x30, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}]}, @CTA_EXPECT_MASTER={0x4}]}, 0x6c}}, 0x0) 1.00393236s ago: executing program 1 (id=6820): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$IP_SET_OP_GET_BYNAME(r0, 0x1, 0x53, 0x0, &(0x7f00000000c0)) 924.943254ms ago: executing program 3 (id=6822): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@delpolicy={0x5c, 0x14, 0x2e96fe01734d007d, 0x70bd28, 0x25dfdbfb, {{@in6=@loopback, @in=@remote, 0x4e20, 0xcc8, 0x4e20, 0x800, 0x2, 0x80, 0x0, 0x5e}, 0x6e6bbb}, [@mark={0xc, 0x15, {0x35075c, 0xb}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40004}, 0x10000) 840.696868ms ago: executing program 1 (id=6824): r0 = socket$kcm(0x21, 0x2, 0xa) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[{0x18, 0x110, 0x1, '\x00'}, {0x18, 0x110, 0xc, "e8"}], 0x30}, 0x0) 800.95384ms ago: executing program 0 (id=6825): r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_CROPCAP(r0, 0xc02c563a, &(0x7f0000000040)={0x5, {0x10000, 0x2, 0x0, 0xd000}, {0x5, 0x3, 0x5723, 0xff}, {0x3, 0xfd4}}) 704.468515ms ago: executing program 2 (id=6826): request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0xfffffffffffffffe) keyctl$set_reqkey_keyring(0xe, 0x2) 704.303945ms ago: executing program 3 (id=6827): r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @empty}, 0xc) 668.156137ms ago: executing program 1 (id=6828): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000180)={0x0, 0x1, 0xf, 0x14, 0x200, 0x0}) 652.151998ms ago: executing program 0 (id=6829): syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x880, &(0x7f0000001180)=ANY=[], 0x1, 0x192, &(0x7f0000000380)="$eJzskjFv2kAYht+zjQ0VRa3UiQUGpLZDizFt1a2MdO/GUsu4FNU0ASMFEIOjKGLIEGXML+BvREp+QDJEmTIxM6DMkaM7f2cc/kLuGfzqe/3e3ffZ9zcchhaAx83cQwsCHSXcMAYDQIUl3lpL9Iz0lvQ0EVxT7if5R6TlcDozKVPF28T45waBP6oCeBBeaoU/Dmldym8AcRzHgIYuwOMoYi2Ou9vMPR3AMM0AZQN4J4aI0wwfhBfvAdTHg/16OJ196g/cnt/z/zt685v9xba/OvU//cC3kyez6PzN3JMtcf0IwMqT4RbF9jkAx2S92mmfZVqj96yADmRrpvyGJbZd1NmeJ9dKZbhIx5It8k/wqwXwtg4ilnFrYhcDYqQ2GHQqGkamv+SsvHjx2dsLugswMLlsCQOaMAQ5sWEBge+sqOCx5vcIr5PEgraskbZJl6Qr0srOlTEi/jyh6kMEmJjcX1F64o7Ho0aOqpFjSs95EyHzg2qwcK49H+5y91IpFAqFQqFQKBQKxcvjKQAA//9p7WwO") llistxattr(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) 552.440283ms ago: executing program 2 (id=6830): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_DESTROY$ioas(r0, 0x3b80, &(0x7f0000000d00)={0x8}) 537.860674ms ago: executing program 0 (id=6831): r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) read$FUSE(r0, 0x0, 0x9) 529.809314ms ago: executing program 3 (id=6832): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="19000000040000000400000009"], 0x50) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000200)={r0, &(0x7f00000000c0)}, 0x20) 465.206077ms ago: executing program 1 (id=6833): r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000880)=@userptr={0x7c867711, 0x3, 0x4, 0x400, 0x3, {0x0, 0xea60}, {0x3, 0x8, 0x8, 0xda, 0x3, 0x40, "19ff94c8"}, 0x3, 0x2, {0x0}, 0x4}) 409.45058ms ago: executing program 2 (id=6834): r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000000c0)={0x80, 0x6, 0x300, 0x0, 0x0, 0xfffffff9, 0x0}) 368.575262ms ago: executing program 2 (id=6835): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x11}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xc8f}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x60}}, 0x20004000) 344.675653ms ago: executing program 0 (id=6836): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@ipv6_newrule={0x24, 0x20, 0x1, 0x70bd25, 0x25dfdbfb, {0xa, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x7, 0x6}, [@FIB_RULE_POLICY=@FRA_L3MDEV={0x5, 0x13, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x24048860}, 0x4010) 272.436097ms ago: executing program 2 (id=6837): syz_mount_image$hfs(&(0x7f00000007c0), &(0x7f0000000000)='./file1\x00', 0x30008c0, &(0x7f0000000980)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030373737372c6469725f756d61736b3d30303030303030303030303030303030303030303030302c696f636861727365743d69736f383835392d362c636f6465706167653d63703835352c63726561746f723d4ddd71752c00eeabc72a9832436950c6116498dda8be60a94746ea68766f63d1d63944fbda2a9337439b37b6f2a694ba98f40070d09c3890bd28a2018f1adfe1e0a630020a9cac1a43800a70a9328ddb2a2f2e207da7cd3caf243b39eaff4966b7aa97cb6cc7d2cfc59e7a976de0a00d23c7ffaaa056cc4f8bc7b4c0f9a21db642b3e832e30a90ba1b9e7933b77c60f6a1b9ca9128f0a2d0e23373c9d15c79865bae97ddd82b98001b6aa9c5390e4deaf5f0ee492c6842b1c08486e479a889491459a257e9d4083634dac6cd58520f72e6c2f11bbd5b03655bb1863b16f3", @ANYBLOB="11f4579be01e435c584a33c63f8173f96bc4546035804d47be19163bd9e589bfdd0a9e6804495a4e4d83804e78ac5a72446295afd79de3fd6a02932a26ab4045133c371e56b0d48544db3c7db23a432f837b93f89b6f223cd1f6731d407ffdb1dd9467f5cd2d6c4e8b9d4f50d338ac91501a4bb780c4723929e22f55254546facc4f0284e644e6", @ANYRES8, @ANYRESHEX=0x0], 0x11, 0x314, &(0x7f0000000b80)="$eJzs3U1rE08cB/Dv7KZN+m/pf7UVwYNINWAvovUiXiIlL8KTqE0KxSWitviAYBVPIvbu3aNXX4N4UQTP9eRJPHiqBxmZh2SfN6lmd1P9fsCy2dmZ/e3OzlPALIjon7Xa3n11/ov6JwAXLvDsIuAAaAA1AEdwtLHV29zY9LudvIJcHK+bXAImp0gcs9brpmVtwOawPPWphrnwPiqGlPLS56qDoMrp1i/d6M4Tuieo29apExsVxZfl8f6zfJsBsF1EMBMlv6bEHvZwD/OlhUNERBNJmPHdseP8nJ2/Ow7QtIOJSpu48f937VUdQOFkbmpo/NerLClUvf+vk4L1nl7CqXSnv0pMK+t17PNU7PM0zNMTmV2KYatKHYszs77hd8+s3fQ7Dp6gZYUOW9R/O/bxtCLR1hNFL6WsTXMMSpvJPESkzyhn9TVMqWtYMfHfBRCJfyH3jAUQ78QHcUV4eInOYP5Xk0JVk64pL1ZTJv6z2SXqq/TUUbDdRqvVciKHHNInOWbPYA25ygbcrDNO2zIjXxB4w+LUuQ7HcpmrOzck10JqrhW9vQwnI9diJJe6mvUN/232qUohXojLYglf8Qbt0PzfUfE1kWyZoYc+aDWiaYYCfcdV64zWbEitaXsiPXJsfdp9aPYnm8vgLiYbrPUjv0+jfXiO67iA+Tv3H9xwfb97W21c89XjqjcGe27N2Q2/O/UUCCdNyga2gz11SC1xcH9QKjOw5bEWqPqPlCTVsHrf+3tUKxtW4KM/jUf1A4XeutkRrmJ/G/2uazwFtt+P50HqTxsiST+llCU2oh17Z+JJ1XRLVK6g0kc7PmWqQwebqlJh1n/BeqVmJnvqj5c6Tx/xiwBbolRz7MEKLsgrzYwcwH85K7i0YjNXcMk1V2LNqNdcJ08Dp0Y/o2fj/EuINj7iKr//JyIiIiIiIiIiIiIiIiIiIiIiIiI6aMr4zzBVXyMRERERERERERERERERERERERERERER0UG32oD53Wv03/+L0d7/G38Vi2t+Enws7//d6YHv/yUq3q8AAAD///B/c8c=") openat(0xffffffffffffff9c, &(0x7f0000000280)='./bus\x00', 0x4040, 0x0) 271.871397ms ago: executing program 1 (id=6838): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8922, &(0x7f0000000040)={'macsec0\x00'}) 188.37606ms ago: executing program 3 (id=6839): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, 0x0, 0x0) 138.101793ms ago: executing program 0 (id=6840): r0 = syz_open_dev$vbi(&(0x7f0000000840), 0x1, 0x2) ioctl$VIDIOC_G_STD(r0, 0x80085617, 0x0) 103.509185ms ago: executing program 2 (id=6841): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x101241, 0x0) ioctl$COMEDI_BUFINFO(r0, 0xc02c640e, 0x0) 62.118497ms ago: executing program 1 (id=6842): syz_mount_image$erofs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x88c8, &(0x7f0000000080)=ANY=[@ANYRES64=0x0], 0x1, 0x175, &(0x7f0000000380)="$eJzsmT9PwkAYxp9rESJxcMZBE0lEI6UtalxMJPEb4J+wQaQStIhCB2Hzkxi/gIu78aMokwujiVtN2wNOouKgJsbnN7z3vMfL9e5t8jRpQQj5t/Qenx/Oe40VHcAM0kjI+Sd9VKMp9avZYnPuajt5W74p7aTu+uPrCQC+//XrxwDcF3R4Mvf9t/9Oy3EX2lDvQcOy1AcQMKQuQ8O+1A4ESlIfK7oZ1BvGUd11jMOmWw2EGQQrCHYQ8uP7618KVJX9CeX3dqd7UnFdp/WDYlL/+gUNW8r+1Ps16I2p9M+CBkvqPASKUm8iMehN1BLl/KnYaH39l89PQUHx18TIn/xrgSXFn2KKf+S8xlmu3elm641Kzak5p7ad3zDXTHPdzoVGFMVP/G869Keksv7UB7VxEcdFxfNaVhSHuR3F9xw3HvqfhsxilAs5pxI+D2bFQjBkdJkTQgghhBBCCCGEEELItzMPEb4FnYD9En5new0AAP//cCp3gA==") openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x0, 0x80) 29.956719ms ago: executing program 3 (id=6843): r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) sendmsg$inet6(r0, &(0x7f0000000880)={&(0x7f0000000000)={0xa, 0x4e20, 0x2, @remote, 0x9}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000040)="8000e8beec9dbc13", 0x8}], 0x1, &(0x7f0000000080)=[@hoplimit={{0x14, 0x29, 0x34, 0x10001}}], 0x18}, 0x4004000) 0s ago: executing program 0 (id=6844): r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x101581, 0x0) pwritev(r0, &(0x7f0000001540)=[{&(0x7f00000000c0)="11df", 0x2}, {0x0}], 0x2, 0x20b3, 0x5e4a) kernel console output (not intermixed with test programs): usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 616.404583][ T5813] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 616.427762][ T5813] usb 2-1: Product: syz [ 616.432074][ T5813] usb 2-1: Manufacturer: syz [ 616.442805][ T5813] usb 2-1: SerialNumber: syz [ 616.464068][ T5813] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 616.489877][ T8] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 617.049928][ T6629] usb 2-1: USB disconnect, device number 6 [ 617.364860][T18991] loop2: detected capacity change from 0 to 32768 [ 617.437775][T18991] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 617.543153][T18991] XFS (loop2): Ending clean mount [ 617.595647][T18991] XFS (loop2): Quotacheck needed: Please wait. [ 617.624415][ T8] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 617.659114][ T8] ath9k_htc: Failed to initialize the device [ 617.678024][ T6629] usb 2-1: ath9k_htc: USB layer deinitialized [ 617.773858][T18991] XFS (loop2): Quotacheck: Done. [ 617.944405][ T5765] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 618.496795][T19078] loop3: detected capacity change from 0 to 1024 [ 618.541332][T19078] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 618.714375][T19078] EXT4-fs error (device loop3): ext4_find_dest_de:2115: inode #2: block 48: comm syz.3.5055: bad entry in directory: rec_len % 4 != 0 - offset=12, inode=3657433090, rec_len=70, size=1024 fake=1 [ 618.755563][T19094] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5059'. [ 618.769569][T19094] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5059'. [ 618.861602][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 619.131714][T19091] loop1: detected capacity change from 0 to 32768 [ 619.257808][T19091] ERROR: (device loop1): diNewExt: no free extents [ 619.257808][T19091] [ 619.284500][T19091] ialloc: diAlloc returned -5! [ 619.402204][T19128] lo: entered allmulticast mode [ 619.461208][T19128] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 619.494267][T19134] warning: `syz.1.5071' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 619.531420][T19137] overlayfs: unescaped trailing colons in lowerdir mount option. [ 619.581959][ T28] usb 1-1: new high-speed USB device number 124 using dummy_hcd [ 619.713065][T19141] xt_CHECKSUM: unsupported CHECKSUM operation 68 [ 619.806128][ T28] usb 1-1: Using ep0 maxpacket: 32 [ 619.826876][ T28] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 619.844921][ T28] usb 1-1: New USB device found, idVendor=0572, idProduct=cafe, bcdDevice=55.01 [ 619.859654][ T28] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 619.881126][ T28] usb 1-1: Product: syz [ 619.885365][ T28] usb 1-1: Manufacturer: syz [ 619.890848][ T28] usb 1-1: SerialNumber: syz [ 619.909944][ T28] usb 1-1: config 0 descriptor?? [ 620.012461][T19167] loop1: detected capacity change from 0 to 64 [ 620.121542][T19174] lo: entered allmulticast mode [ 620.157788][T19174] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 620.181571][ T28] cxacru 1-1:0.0: usbatm_usb_probe: bind failed: -19! [ 620.182770][ T8] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 620.417815][ T8] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 620.421812][ T28] usb 1-1: USB disconnect, device number 124 [ 620.460827][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 620.495337][ T8] usb 3-1: config 0 descriptor?? [ 620.522751][T19202] : renamed from veth0_to_bond (while UP) [ 620.723554][ T8] [drm] vendor descriptor length:6 data:06 5f 00 00 00 00 00 00 00 00 00 [ 620.746185][ T8] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 620.930225][T19227] lo: entered allmulticast mode [ 620.942052][ T8] [drm:udl_init] *ERROR* Selecting channel failed [ 620.958289][T19227] infiniband syz0: set down [ 620.971948][T19227] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 620.987529][ T8] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2 [ 620.987555][ T8] [drm] Initialized udl on minor 2 [ 620.996710][ T8] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 621.024680][ T6629] lo speed is unknown, defaulting to 1000 [ 621.045301][ T8] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 621.063379][ T6629] lo speed is unknown, defaulting to 1000 [ 621.074149][ T5831] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 621.089745][ T8] usb 3-1: USB disconnect, device number 2 [ 621.099892][ T5831] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 621.600601][T19276] lo: entered allmulticast mode [ 621.620467][T19276] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 621.838792][T19288] netlink: 'syz.2.5112': attribute type 3 has an invalid length. [ 622.446953][T12699] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 622.556570][T19341] netlink: 'syz.1.5130': attribute type 2 has an invalid length. [ 622.583604][T19341] netlink: 'syz.1.5130': attribute type 1 has an invalid length. [ 622.693723][T12699] usb 4-1: config index 0 descriptor too short (expected 39, got 27) [ 622.701978][T12699] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 622.735155][T12699] usb 4-1: config 0 interface 0 has no altsetting 0 [ 622.745096][T12699] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 622.759446][T12699] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 622.788619][T12699] usb 4-1: Product: syz [ 622.792836][T12699] usb 4-1: Manufacturer: syz [ 622.797444][T12699] usb 4-1: SerialNumber: syz [ 622.815444][T12699] usb 4-1: config 0 descriptor?? [ 622.829499][T12699] hub 4-1:0.0: bad descriptor, ignoring hub [ 622.852767][T12699] hub: probe of 4-1:0.0 failed with error -5 [ 622.861805][T12699] usb 4-1: selecting invalid altsetting 0 [ 623.045399][ T5831] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 623.191130][T19340] loop2: detected capacity change from 0 to 32768 [ 623.211583][T19340] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 623.232157][T19340] gfs2: fsid=syz:syz: Now mounting FS (format 1802)... [ 623.259656][ T5831] usb 2-1: Using ep0 maxpacket: 32 [ 623.266296][T19340] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 623.282279][ T5831] usb 2-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=b4.8c [ 623.291624][ T5831] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 623.299671][ T5831] usb 2-1: Product: syz [ 623.304679][ T5831] usb 2-1: Manufacturer: syz [ 623.309328][ T5831] usb 2-1: SerialNumber: syz [ 623.309462][T12699] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 623.333794][T12699] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 623.335659][ T5831] gspca_main: gspca_topro-2.14.0 probing 06a2:0003 [ 623.347976][T19378] netlink: 'syz.0.5139': attribute type 3 has an invalid length. [ 623.356124][T19378] netlink: 'syz.0.5139': attribute type 1 has an invalid length. [ 623.411383][ T28] usb 4-1: USB disconnect, device number 2 [ 623.461285][T12699] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 119ms [ 623.501039][T12699] gfs2: fsid=syz:syz.0: jid=0: Done [ 623.520595][T19340] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 623.784573][T19405] lo speed is unknown, defaulting to 1000 [ 623.796026][ T5831] gspca_topro: reg_w err -71 [ 623.848095][ T5831] gspca_topro: Sensor soi763a [ 623.870216][ T5831] usb 2-1: USB disconnect, device number 7 [ 625.684619][T19531] loop1: detected capacity change from 0 to 128 [ 625.770414][T19532] netlink: 104 bytes leftover after parsing attributes in process `syz.2.5173'. [ 626.303076][T19562] loop3: detected capacity change from 0 to 16 [ 626.344318][T19562] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 626.539743][T19566] loop2: detected capacity change from 0 to 4096 [ 626.580614][T19566] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 626.766855][T19566] ntfs3: loop2: failed to convert "c46c" to iso8859-5 [ 626.784139][T19590] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 626.800568][T19589] ieee802154 phy0 wpan0: encryption failed: -22 [ 627.218826][T19616] loop3: detected capacity change from 0 to 1024 [ 627.251081][T19616] EXT4-fs (loop3): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 627.298884][T19616] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 2: comm syz.3.5199: lblock 2 mapped to illegal pblock 2 (length 1) [ 627.354025][T19616] __quota_error: 4 callbacks suppressed [ 627.354043][T19616] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 627.368640][T19616] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 48: comm syz.3.5199: lblock 0 mapped to illegal pblock 48 (length 1) [ 627.386480][T19616] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 627.406209][T19616] EXT4-fs error (device loop3): ext4_acquire_dquot:6949: comm syz.3.5199: Failed to acquire dquot type 0 [ 627.420467][T19616] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 627.450248][T19616] EXT4-fs error (device loop3): ext4_evict_inode:252: inode #11: comm syz.3.5199: mark_inode_dirty error [ 627.483733][T19616] EXT4-fs warning (device loop3): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 627.503225][T19616] EXT4-fs (loop3): 1 orphan inode deleted [ 627.510194][T19616] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 627.536240][T11908] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 627.545271][T19634] netlink: 344 bytes leftover after parsing attributes in process `syz.0.5207'. [ 627.586442][T11908] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 627.599625][T11908] EXT4-fs error (device loop3): ext4_release_dquot:6985: comm kworker/u4:2: Failed to release dquot type 0 [ 627.726149][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 627.735855][ T12] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:1: lblock 1 mapped to illegal pblock 1 (length 1) [ 627.768382][ T12] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 627.777167][ T12] EXT4-fs error (device loop3): ext4_release_dquot:6985: comm kworker/u4:1: Failed to release dquot type 0 [ 627.805138][ T5767] EXT4-fs error (device loop3): __ext4_get_inode_loc:4489: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 627.825193][ T5767] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 627.845603][ T5767] EXT4-fs error (device loop3): ext4_quota_off:7233: inode #3: comm syz-executor: mark_inode_dirty error [ 628.000418][T19654] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5213'. [ 628.167326][T19665] xt_CT: You must specify a L4 protocol and not use inversions on it [ 628.458176][T19676] loop1: detected capacity change from 0 to 4096 [ 628.503005][T19676] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 628.545643][T19676] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 628.576417][T19676] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 628.610724][T19676] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 628.650985][T19676] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 628.684301][T19676] ntfs: volume version 3.1. [ 628.694718][T19676] ntfs: (device loop1): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 629.386574][T19696] loop2: detected capacity change from 0 to 32768 [ 629.408022][T19696] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.5227 (19696) [ 629.440596][T19696] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 629.460691][ T28] usb 1-1: new full-speed USB device number 125 using dummy_hcd [ 629.469304][T19696] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 629.508897][T19696] BTRFS warning (device loop2): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 629.535704][T19696] BTRFS info (device loop2): trying to use backup root at mount time [ 629.555963][T19696] BTRFS info (device loop2): setting nodatasum [ 629.562183][T19696] BTRFS info (device loop2): enabling ssd optimizations [ 629.587498][T19696] BTRFS info (device loop2): using spread ssd allocation scheme [ 629.620054][T19696] BTRFS info (device loop2): turning on flush-on-commit [ 629.627097][T19696] BTRFS info (device loop2): force zlib compression, level 3 [ 629.652002][T19696] BTRFS info (device loop2): using free space tree [ 629.688106][ T28] usb 1-1: config index 0 descriptor too short (expected 39, got 27) [ 629.711204][ T28] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 629.723948][ T28] usb 1-1: config 0 interface 0 has no altsetting 0 [ 629.756945][ T28] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 629.770725][T19755] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5242'. [ 629.801628][ T28] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 629.827766][ T28] usb 1-1: Product: syz [ 629.862217][ T28] usb 1-1: Manufacturer: syz [ 629.878259][ T28] usb 1-1: SerialNumber: syz [ 629.900544][ T28] usb 1-1: config 0 descriptor?? [ 629.920246][ T28] hub 1-1:0.0: bad descriptor, ignoring hub [ 629.942541][ T28] hub: probe of 1-1:0.0 failed with error -5 [ 629.947360][T19724] loop3: detected capacity change from 0 to 32768 [ 629.961856][ T28] usb 1-1: selecting invalid altsetting 0 [ 629.984189][ T5765] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 630.497428][ T8] usb 1-1: USB disconnect, device number 125 [ 630.752190][T19810] loop2: detected capacity change from 0 to 128 [ 630.757298][T19807] loop1: detected capacity change from 0 to 4096 [ 630.770357][T19810] EXT4-fs: Ignoring removed nobh option [ 630.777956][T19807] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 630.821130][T19810] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 630.853007][T19807] ntfs3: loop1: failed to convert "c46c" to iso8859-5 [ 630.880465][T19810] ext4 filesystem being mounted at /1341/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 631.112379][ T5765] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 631.250024][T19834] netlink: 'syz.0.5254': attribute type 3 has an invalid length. [ 631.257960][T19830] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 631.277556][T19834] netlink: 201372 bytes leftover after parsing attributes in process `syz.0.5254'. [ 631.340894][T19824] lo speed is unknown, defaulting to 1000 [ 631.612031][T19857] netlink: 'syz.0.5260': attribute type 21 has an invalid length. [ 631.627357][T19857] netlink: 128 bytes leftover after parsing attributes in process `syz.0.5260'. [ 631.638190][T19857] netlink: 'syz.0.5260': attribute type 5 has an invalid length. [ 631.651351][T19857] netlink: 'syz.0.5260': attribute type 6 has an invalid length. [ 631.660621][T19857] netlink: 3 bytes leftover after parsing attributes in process `syz.0.5260'. [ 631.670601][T19856] loop2: detected capacity change from 0 to 256 [ 632.747989][T19933] loop1: detected capacity change from 0 to 4096 [ 632.785205][T19933] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 632.891271][T19933] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 632.928352][T19933] ntfs3: loop1: Failed to initialize $Extend/$Reparse. [ 632.993282][T19940] loop3: detected capacity change from 0 to 4096 [ 633.122659][T19940] ntfs3: loop3: ino=1e, "file1" attr_set_size [ 633.148219][T19940] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 633.332942][T19950] netlink: 'syz.1.5284': attribute type 1 has an invalid length. [ 633.378010][T19950] netlink: 'syz.1.5284': attribute type 3 has an invalid length. [ 633.418382][T19950] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5284'. [ 633.866263][T19971] loop2: detected capacity change from 0 to 256 [ 633.897978][T19975] loop3: detected capacity change from 0 to 1024 [ 633.941932][T19971] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011ded, chksum : 0xa21f83b3, utbl_chksum : 0xe619d30d) [ 634.016515][T19975] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 634.119643][T19975] EXT4-fs error (device loop3): ext4_lookup:1850: inode #2: comm syz.3.5293: bad inode number: 15 [ 634.290147][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 634.494035][T20014] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5302'. [ 634.494877][T20013] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5304'. [ 634.721060][T20022] loop2: detected capacity change from 0 to 512 [ 634.790363][T20022] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 634.847815][T20022] ext4 filesystem being mounted at /1358/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 634.932732][T20011] loop1: detected capacity change from 0 to 32768 [ 635.046870][ T5765] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 635.246660][T20042] bridge0: adding interface bridge_slave_0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 635.517779][T20058] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5316'. [ 635.701619][T20063] loop1: detected capacity change from 0 to 512 [ 636.120099][T20053] loop3: detected capacity change from 0 to 32768 [ 636.222077][T20053] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt [ 636.222077][T20053] [ 636.234530][T20053] ERROR: (device loop3): remounting filesystem as read-only [ 636.267424][T20053] xtLookup: xtSearch returned -5 [ 636.454320][T20099] netlink: 'syz.2.5328': attribute type 3 has an invalid length. [ 636.786133][T20090] loop1: detected capacity change from 0 to 32768 [ 636.825413][T12699] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 636.834979][T20090] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 636.947337][T20090] XFS (loop1): Ending clean mount [ 637.045923][T12699] usb 3-1: config 0 has an invalid interface number: 83 but max is 0 [ 637.057352][T12699] usb 3-1: config 0 has no interface number 0 [ 637.071720][T12699] usb 3-1: config 0 interface 83 altsetting 0 endpoint 0x8B has an invalid bInterval 101, changing to 7 [ 637.113544][T12699] usb 3-1: config 0 interface 83 altsetting 0 endpoint 0x8B has invalid maxpacket 26468, setting to 1024 [ 637.157697][T12699] usb 3-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=39.61 [ 637.172409][ T5768] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 637.176466][T12699] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 637.202577][T12699] usb 3-1: config 0 descriptor?? [ 637.221300][T12699] ttusbir 3-1:0.83: cannot find expected altsetting [ 637.342619][T20146] netlink: 64 bytes leftover after parsing attributes in process `syz.3.5327'. [ 637.495848][ T5812] usb 3-1: USB disconnect, device number 3 [ 638.504410][T20220] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 1, id = 0 [ 638.726253][T20229] netlink: 152 bytes leftover after parsing attributes in process `syz.0.5367'. [ 638.781987][T20229] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5367'. [ 638.959845][T20248] loop2: detected capacity change from 0 to 256 [ 639.040819][T20248] FAT-fs (loop2): Directory bread(block 64) failed [ 639.057243][T20248] FAT-fs (loop2): Directory bread(block 65) failed [ 639.064779][T20248] FAT-fs (loop2): Directory bread(block 66) failed [ 639.077601][T20248] FAT-fs (loop2): Directory bread(block 67) failed [ 639.084631][T20248] FAT-fs (loop2): Directory bread(block 68) failed [ 639.102531][T20248] FAT-fs (loop2): Directory bread(block 69) failed [ 639.109211][T20248] FAT-fs (loop2): Directory bread(block 70) failed [ 639.130352][T20248] FAT-fs (loop2): Directory bread(block 71) failed [ 639.147080][T20248] FAT-fs (loop2): Directory bread(block 72) failed [ 639.169845][T20248] FAT-fs (loop2): Directory bread(block 73) failed [ 639.336464][T20263] netlink: 'syz.0.5377': attribute type 29 has an invalid length. [ 639.355444][T20263] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5377'. [ 639.365242][T20263] netlink: 'syz.0.5377': attribute type 29 has an invalid length. [ 639.379790][T20263] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5377'. [ 639.982743][T20306] netlink: 144 bytes leftover after parsing attributes in process `syz.1.5391'. [ 640.673512][T20302] loop3: detected capacity change from 0 to 32768 [ 640.703010][T20302] XFS: attr2 mount option is deprecated. [ 640.784187][T20302] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 641.068849][T20302] XFS (loop3): Ending clean mount [ 641.114688][T20302] XFS (loop3): Quotacheck needed: Please wait. [ 641.142144][T20368] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5411'. [ 641.260457][T20302] XFS (loop3): Quotacheck: Done. [ 641.470381][ T5767] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 642.111964][T20418] xt_hashlimit: overflow, try lower: 3/0 [ 642.525221][T20436] loop1: detected capacity change from 0 to 4096 [ 642.574091][T20436] __ntfs_error: 10 callbacks suppressed [ 642.574109][T20436] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 642.598429][T20436] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 642.680714][T20436] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 642.705359][T20436] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 642.776300][T20436] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 642.828269][T20436] ntfs: volume version 3.1. [ 642.898512][T20436] ntfs: (device loop1): ntfs_mapping_pairs_decompress(): Corrupt mapping pairs array in non-resident attribute. [ 642.924014][T20436] ntfs: (device loop1): ntfs_read_block(): Failed to read from inode 0x2, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 642.943933][ C1] vkms_vblank_simulate: vblank timer overrun [ 643.011923][T20436] ntfs: (device loop1): ntfs_mapping_pairs_decompress(): Corrupt mapping pairs array in non-resident attribute. [ 643.047434][T20436] ntfs: (device loop1): ntfs_read_block(): Failed to read from inode 0x2, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5). [ 643.096125][T20436] ntfs: (device loop1): ntfs_check_logfile(): Error mapping $LogFile page (index 0). [ 643.417347][T20487] nft_compat: unsupported protocol 1 [ 643.613539][T20503] loop1: detected capacity change from 0 to 64 [ 643.854439][T20516] netlink: 'syz.2.5458': attribute type 29 has an invalid length. [ 643.910537][T20516] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5458'. [ 643.950545][T20516] netlink: 'syz.2.5458': attribute type 29 has an invalid length. [ 643.981081][T20516] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5458'. [ 644.141568][T20536] xt_cgroup: invalid path, errno=-2 [ 645.004463][T20537] loop2: detected capacity change from 0 to 32768 [ 645.075435][T20537] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 645.129077][T20596] loop1: detected capacity change from 0 to 256 [ 645.141131][T20596] exfat: Deprecated parameter 'utf8' [ 645.148825][T20596] exfat: Deprecated parameter 'namecase' [ 645.198228][T20596] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x8b6193f0, utbl_chksum : 0xe619d30d) [ 645.254505][T20537] XFS (loop2): Ending clean mount [ 645.307417][T20537] XFS (loop2): Quotacheck needed: Please wait. [ 645.439891][T20537] XFS (loop2): Quotacheck: Done. [ 645.560882][T20616] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 645.607361][T20619] netlink: 'syz.3.5492': attribute type 2 has an invalid length. [ 645.630831][ T5765] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 645.631904][T20619] netlink: 'syz.3.5492': attribute type 1 has an invalid length. [ 646.314354][T20670] loop2: detected capacity change from 0 to 4096 [ 646.334711][T20649] 8021q: adding VLAN 0 to HW filter on device bond4 [ 646.941499][T20640] loop1: detected capacity change from 0 to 32768 [ 647.031458][T20640] ERROR: (device loop1): xtSearch: XT_GETPAGE: xtree page corrupt [ 647.031458][T20640] [ 647.070440][T20640] ERROR: (device loop1): remounting filesystem as read-only [ 647.078563][T20640] xtLookup: xtSearch returned -5 [ 647.270226][ T6629] usb 1-1: new high-speed USB device number 126 using dummy_hcd [ 647.473523][ T6629] usb 1-1: Using ep0 maxpacket: 16 [ 647.496657][ T6629] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 647.530031][ T6629] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 647.553384][ T6629] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 647.569877][ T6629] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 647.588797][ T6629] usb 1-1: Product: syz [ 647.599147][ T6629] usb 1-1: Manufacturer: syz [ 647.612394][ T6629] usb 1-1: SerialNumber: syz [ 647.868457][ T6629] usb 1-1: 0:2 : does not exist [ 647.882749][ T6629] usb 1-1: unit 9 not found! [ 647.909618][ T6629] usb 1-1: 4:0: cannot get min/max values for control 1 (id 4) [ 647.938484][ T6629] usb 1-1: 4:0: cannot get min/max values for control 2 (id 4) [ 647.967169][ T6629] usb 1-1: 4:0: cannot get min/max values for control 4 (id 4) [ 647.996403][ T6629] usb 1-1: 4:0: cannot get min/max values for control 5 (id 4) [ 648.023627][ T6629] usb 1-1: 4:0: cannot get min/max values for control 6 (id 4) [ 648.073790][ T6629] usb 1-1: USB disconnect, device number 126 [ 648.142312][ T5905] udevd[5905]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 648.435617][T20805] loop1: detected capacity change from 0 to 1024 [ 648.473076][T20805] EXT4-fs (loop1): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 648.525251][T20805] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 2: comm syz.1.5531: lblock 2 mapped to illegal pblock 2 (length 1) [ 648.527619][T20766] loop2: detected capacity change from 0 to 32768 [ 648.552811][T20805] __quota_error: 14 callbacks suppressed [ 648.552828][T20805] Quota error (device loop1): qtree_write_dquot: dquota write failed [ 648.593033][T20805] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 48: comm syz.1.5531: lblock 0 mapped to illegal pblock 48 (length 1) [ 648.622302][T20805] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 648.651172][T20805] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.5531: Failed to acquire dquot type 0 [ 648.706178][T20805] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 648.732991][T20766] ERROR: (device loop2): xtSearch: XT_GETPAGE: xtree page corrupt [ 648.732991][T20766] [ 648.752804][T20805] EXT4-fs error (device loop1): ext4_evict_inode:252: inode #11: comm syz.1.5531: mark_inode_dirty error [ 648.804814][T20805] EXT4-fs warning (device loop1): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 648.816569][T20766] ERROR: (device loop2): remounting filesystem as read-only [ 648.824900][T20766] xtLookup: xtSearch returned -5 [ 648.834634][T20805] EXT4-fs (loop1): 1 orphan inode deleted [ 648.863793][T20805] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 648.895620][ T4503] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:12: lblock 1 mapped to illegal pblock 1 (length 1) [ 648.947094][ T4503] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 648.966752][ T4503] EXT4-fs error (device loop1): ext4_release_dquot:6985: comm kworker/u4:12: Failed to release dquot type 0 [ 649.028637][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 649.043795][ T2920] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:9: lblock 1 mapped to illegal pblock 1 (length 1) [ 649.099853][ T2920] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 649.108377][ T2920] EXT4-fs error (device loop1): ext4_release_dquot:6985: comm kworker/u4:9: Failed to release dquot type 0 [ 649.135974][ T5768] EXT4-fs error (device loop1): __ext4_get_inode_loc:4489: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 649.170626][ T5768] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 649.194683][ T5768] EXT4-fs error (device loop1): ext4_quota_off:7233: inode #3: comm syz-executor: mark_inode_dirty error [ 649.300169][T20847] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5546'. [ 649.493893][ T5812] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 649.531168][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 649.537742][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 649.714691][ T5812] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 649.742113][ T5812] usb 4-1: New USB device found, idVendor=3823, idProduct=0001, bcdDevice= 3.eb [ 649.761052][ T5812] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 649.769694][ T5812] usb 4-1: Product: syz [ 649.776113][ T5812] usb 4-1: Manufacturer: syz [ 649.780732][ T5812] usb 4-1: SerialNumber: syz [ 649.811845][ T5812] usb 4-1: config 0 descriptor?? [ 649.841171][ T5812] usbtouchscreen: probe of 4-1:0.0 failed with error -12 [ 650.064190][T12699] usb 4-1: USB disconnect, device number 3 [ 650.111195][T20906] netlink: 'syz.2.5561': attribute type 1 has an invalid length. [ 650.381406][ T6629] usb 1-1: new full-speed USB device number 127 using dummy_hcd [ 650.440051][T20926] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5568'. [ 650.461783][T20926] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5568'. [ 650.471270][T20926] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5568'. [ 650.590666][ T6629] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 650.605803][ T6629] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 650.623544][ T6629] usb 1-1: Product: syz [ 650.628681][ T6629] usb 1-1: Manufacturer: syz [ 650.633309][ T6629] usb 1-1: SerialNumber: syz [ 650.646277][ T6629] usb 1-1: config 0 descriptor?? [ 650.672508][ T6629] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 651.102731][ T6629] gspca_stk1135: reg_w 0x0 err -71 [ 651.110427][ T6629] gspca_stk1135: serial bus timeout: status=0x00 [ 651.116786][ T6629] gspca_stk1135: Sensor write failed [ 651.122171][ T6629] gspca_stk1135: serial bus timeout: status=0x00 [ 651.128505][ T6629] gspca_stk1135: Sensor write failed [ 651.133894][ T6629] gspca_stk1135: serial bus timeout: status=0x00 [ 651.140355][ T6629] gspca_stk1135: Sensor read failed [ 651.145564][ T6629] gspca_stk1135: serial bus timeout: status=0x00 [ 651.152349][ T6629] gspca_stk1135: Sensor read failed [ 651.157642][ T6629] gspca_stk1135: Detected sensor type unknown (0x0) [ 651.164365][ T6629] gspca_stk1135: serial bus timeout: status=0x00 [ 651.170695][ T6629] gspca_stk1135: Sensor read failed [ 651.176168][ T6629] gspca_stk1135: serial bus timeout: status=0x00 [ 651.182502][ T6629] gspca_stk1135: Sensor read failed [ 651.187794][ T6629] gspca_stk1135: serial bus timeout: status=0x00 [ 651.194177][ T6629] gspca_stk1135: Sensor write failed [ 651.199948][ T6629] gspca_stk1135: serial bus timeout: status=0x00 [ 651.206374][ T6629] gspca_stk1135: Sensor write failed [ 651.211703][ T6629] stk1135: probe of 1-1:0.0 failed with error -71 [ 651.223462][ T6629] usb 1-1: USB disconnect, device number 127 [ 652.422761][T20986] 8021q: adding VLAN 0 to HW filter on device bond4 [ 652.772517][T21040] ieee802154 phy0 wpan0: encryption failed: -22 [ 653.471601][T21083] loop3: detected capacity change from 0 to 4096 [ 653.560722][T21083] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 653.579623][T21083] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 653.594853][T21083] ntfs: (device loop3): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 653.620226][T21083] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 653.633700][T21083] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 653.654005][T21083] ntfs: volume version 3.1. [ 653.711727][T21083] ntfs: (device loop3): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 653.927494][T21107] loop1: detected capacity change from 0 to 4096 [ 653.961950][T21114] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 654.003117][T21117] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.5618'. [ 654.025148][T21117] bridge_slave_1: default FDB implementation only supports local addresses [ 654.056500][T21107] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 654.194168][T21107] ntfs3: loop1: Failed to load $Extend (-22). [ 654.222697][T21107] ntfs3: loop1: Failed to initialize $Extend. [ 654.298311][T21131] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5621'. [ 654.715684][T21149] loop1: detected capacity change from 0 to 256 [ 654.873116][T21149] FAT-fs (loop1): Directory bread(block 64) failed [ 654.909695][T21149] FAT-fs (loop1): Directory bread(block 65) failed [ 654.936446][T21149] FAT-fs (loop1): Directory bread(block 66) failed [ 654.947571][T21127] loop3: detected capacity change from 0 to 32768 [ 654.957743][T21149] FAT-fs (loop1): Directory bread(block 67) failed [ 654.964417][T21149] FAT-fs (loop1): Directory bread(block 68) failed [ 654.979387][T21149] FAT-fs (loop1): Directory bread(block 69) failed [ 655.010598][T21149] FAT-fs (loop1): Directory bread(block 70) failed [ 655.017188][T21149] FAT-fs (loop1): Directory bread(block 71) failed [ 655.042465][T21149] FAT-fs (loop1): Directory bread(block 72) failed [ 655.049054][T21149] FAT-fs (loop1): Directory bread(block 73) failed [ 655.101706][T21127] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 655.243109][T21127] XFS (loop3): Ending clean mount [ 655.302351][T21127] XFS (loop3): Quotacheck needed: Please wait. [ 655.388049][T21127] XFS (loop3): Quotacheck: Done. [ 655.564355][ T5767] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 655.993271][T21208] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5644'. [ 656.268291][T21224] loop2: detected capacity change from 0 to 128 [ 656.305881][T21224] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 656.392935][T21224] ext4 filesystem being mounted at /1450/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 656.620128][T21243] netlink: 84 bytes leftover after parsing attributes in process `syz.3.5654'. [ 656.633958][ T5765] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 656.789787][T21255] netlink: 'syz.2.5656': attribute type 153 has an invalid length. [ 656.826998][T21255] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.5656'. [ 657.130348][T21274] netlink: 766 bytes leftover after parsing attributes in process `syz.0.5665'. [ 657.625376][T21299] netlink: 'syz.2.5674': attribute type 7 has an invalid length. [ 658.282908][T21333] ip6t_srh: unknown srh match flags 4000 [ 658.289271][T21336] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains [ 658.479139][T21343] vti0: entered promiscuous mode [ 658.785203][T12699] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 658.935239][T21381] cgroup: name respecified [ 658.939530][T21383] comedi comedi3: no devices specified [ 658.989601][T12699] usb 3-1: Using ep0 maxpacket: 16 [ 658.999330][T12699] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 659.022000][T12699] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 659.050182][T12699] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 659.081568][T12699] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 659.098865][T12699] usb 3-1: Product: syz [ 659.103722][T12699] usb 3-1: Manufacturer: syz [ 659.114002][T12699] usb 3-1: SerialNumber: syz [ 659.119739][T21393] netlink: 180 bytes leftover after parsing attributes in process `syz.1.5706'. [ 659.144807][T21393] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5706'. [ 659.212188][T21398] overlayfs: cannot append lower layer [ 659.221234][T21400] netlink: 'syz.3.5708': attribute type 8 has an invalid length. [ 659.301093][T21405] infiniband syz0: set active [ 659.306426][T21405] infiniband syz0: set active [ 659.312174][T21405] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 659.336883][ T5812] lo speed is unknown, defaulting to 1000 [ 659.353377][ T5771] lo speed is unknown, defaulting to 1000 [ 659.367865][ T5771] lo speed is unknown, defaulting to 1000 [ 659.379248][T12699] usb 3-1: 0:2 : does not exist [ 659.395140][T12699] usb 3-1: unit 9 not found! [ 659.416616][T12699] usb 3-1: 4:0: cannot get min/max values for control 1 (id 4) [ 659.492129][T12699] usb 3-1: 4:0: cannot get min/max values for control 2 (id 4) [ 659.509721][T12699] usb 3-1: 4:0: cannot get min/max values for control 4 (id 4) [ 659.535601][T12699] usb 3-1: 4:0: cannot get min/max values for control 5 (id 4) [ 659.558066][T12699] usb 3-1: 4:0: cannot get min/max values for control 6 (id 4) [ 659.619724][T12699] usb 3-1: USB disconnect, device number 4 [ 659.669856][ T5905] udevd[5905]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 660.060476][T21456] loop3: detected capacity change from 0 to 512 [ 660.084344][T21456] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 660.148082][T21456] EXT4-fs (loop3): 1 truncate cleaned up [ 660.173985][T21456] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 660.369558][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 660.697387][T21499] xt_addrtype: ipv6 does not support BROADCAST matching [ 660.728091][T21502] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5738'. [ 660.783221][T21502] netlink: 'syz.0.5738': attribute type 1 has an invalid length. [ 660.790996][T21502] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5738'. [ 660.854145][T21510] loop2: detected capacity change from 0 to 512 [ 660.916889][T21510] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 660.964482][T21510] EXT4-fs (loop2): orphan cleanup on readonly fs [ 661.023054][T21510] __quota_error: 8 callbacks suppressed [ 661.023072][T21510] Quota error (device loop2): dq_insert_tree: Quota tree root isn't allocated! [ 661.048616][T21510] Quota error (device loop2): qtree_write_dquot: Error -5 occurred while creating quota [ 661.090995][T21510] EXT4-fs error (device loop2): ext4_acquire_dquot:6949: comm syz.2.5741: Failed to acquire dquot type 1 [ 661.100497][T21527] netlink: 'syz.0.5745': attribute type 1 has an invalid length. [ 661.115852][T21510] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.5741: bg 0: block 40: padding at end of block bitmap is not set [ 661.144773][T21510] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6651: Corrupt filesystem [ 661.155785][T21510] EXT4-fs (loop2): 1 truncate cleaned up [ 661.163931][T21510] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 661.170109][T12699] usb 2-1: new full-speed USB device number 8 using dummy_hcd [ 661.213195][T21510] EXT4-fs error (device loop2): ext4_get_link:104: inode #16: comm syz.2.5741: bad symlink. [ 661.298044][ T5765] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 661.399474][T12699] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 661.421587][T12699] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 661.434985][T12699] usb 2-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice= 1.00 [ 661.449349][T12699] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 661.469922][T12699] usb 2-1: config 0 descriptor?? [ 661.487263][T12699] xbox_remote_probe: endpoint_in message size==0? [ 661.719910][T12699] usbhid 2-1:0.0: can't add hid device: -71 [ 661.737420][T12699] usbhid: probe of 2-1:0.0 failed with error -71 [ 661.757840][T12699] usb 2-1: USB disconnect, device number 8 [ 661.838170][T21573] netlink: 'syz.3.5757': attribute type 4 has an invalid length. [ 662.002392][ T5812] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 662.218511][ T5812] usb 1-1: unable to get BOS descriptor or descriptor too short [ 662.242686][ T5812] usb 1-1: not running at top speed; connect to a high speed hub [ 662.274813][ T5812] usb 1-1: config 4 has an invalid interface number: 175 but max is 0 [ 662.291600][ T5812] usb 1-1: config 4 has no interface number 0 [ 662.310327][ T5812] usb 1-1: New USB device found, idVendor=0403, idProduct=da73, bcdDevice=dc.17 [ 662.323446][ T5812] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 662.342366][ T5812] usb 1-1: Product: syz [ 662.359457][ T5812] usb 1-1: Manufacturer: syz [ 662.371528][ T5812] usb 1-1: SerialNumber: syz [ 662.595419][T21620] x_tables: duplicate underflow at hook 3 [ 662.644662][ T5812] usb 1-1: NDI device with a latency value of 1 [ 662.663331][ T5812] ftdi_sio 1-1:4.175: FTDI USB Serial Device converter detected [ 662.691368][ T5812] ftdi_sio ttyUSB0: unknown device type: 0xdc17 [ 662.724587][ T5812] usb 1-1: USB disconnect, device number 2 [ 662.749746][ T5812] ftdi_sio 1-1:4.175: device disconnected [ 662.801610][T21637] erspan1: entered promiscuous mode [ 663.922264][T21719] loop3: detected capacity change from 0 to 64 [ 663.926789][ T5812] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 663.962759][T21719] hfs: unable to locate alternate MDB [ 663.968313][T21719] hfs: continuing without an alternate MDB [ 664.140776][ T5812] usb 3-1: Using ep0 maxpacket: 32 [ 664.164846][ T5812] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 664.192746][ T5812] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 664.224899][ T5812] usb 3-1: New USB device strings: Mfr=1, Product=229, SerialNumber=2 [ 664.247022][ T5812] usb 3-1: Product: syz [ 664.252057][ T5812] usb 3-1: Manufacturer: syz [ 664.256676][ T5812] usb 3-1: SerialNumber: syz [ 664.269793][ T5812] usb 3-1: config 0 descriptor?? [ 664.291144][ T5812] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input36 [ 664.315337][ T5812] usbtouchscreen 3-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -8 [ 664.414094][ T5812] usbtouchscreen: probe of 3-1:0.0 failed with error -8 [ 664.560738][ T5812] usb 3-1: USB disconnect, device number 5 [ 664.674661][ T28] usb 2-1: new low-speed USB device number 9 using dummy_hcd [ 664.739368][T21781] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 664.882199][ T28] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 664.896215][ T28] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 664.907569][ T28] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 664.918837][ T28] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 664.931671][ T28] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 664.949271][ T28] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 664.959037][ T28] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 664.974796][ T28] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 664.984930][ T28] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 664.997936][ T28] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 665.013822][ T28] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 665.021713][ T28] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 665.037296][ T28] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 665.049104][ T28] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 665.069999][ T28] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 665.092873][ T28] usb 2-1: string descriptor 0 read error: -22 [ 665.111025][ T28] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 665.144657][ T28] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 665.162922][ T28] adutux 2-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 665.407976][ T5771] usb 2-1: USB disconnect, device number 9 [ 665.493747][ T27] audit: type=1326 audit(1774360322.311:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21830 comm="syz.3.5828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 665.496173][T21833] loop2: detected capacity change from 0 to 1024 [ 665.572298][ T27] audit: type=1326 audit(1774360322.339:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21830 comm="syz.3.5828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 665.578086][T21833] hfsplus: extend alloc file! (8192,512,17039360) [ 665.640371][ T27] audit: type=1326 audit(1774360322.349:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21830 comm="syz.3.5828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 665.713763][ T27] audit: type=1326 audit(1774360322.349:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21830 comm="syz.3.5828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 665.764973][ T27] audit: type=1326 audit(1774360322.349:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21830 comm="syz.3.5828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 666.169169][T21856] loop2: detected capacity change from 0 to 4096 [ 666.220216][T21856] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 666.339153][T21856] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 667.225896][ T28] IPVS: starting estimator thread 0... [ 667.337309][T21915] IPVS: using max 20 ests per chain, 48000 per kthread [ 667.435764][T21926] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 667.470923][T21926] batadv_slave_0: entered promiscuous mode [ 667.482637][T21926] batadv_slave_0: entered allmulticast mode [ 667.518220][T21926] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 668.220271][T21979] loop1: detected capacity change from 0 to 256 [ 668.261438][T21983] xt_TPROXY: Can be used only with -p tcp or -p udp [ 668.280817][T21979] FAT-fs (loop1): Directory bread(block 64) failed [ 668.287407][T21979] FAT-fs (loop1): Directory bread(block 65) failed [ 668.295975][T21979] FAT-fs (loop1): Directory bread(block 66) failed [ 668.319508][T21979] FAT-fs (loop1): Directory bread(block 67) failed [ 668.329781][T21979] FAT-fs (loop1): Directory bread(block 68) failed [ 668.351539][T21979] FAT-fs (loop1): Directory bread(block 69) failed [ 668.368329][T21979] FAT-fs (loop1): Directory bread(block 70) failed [ 668.378174][T21979] FAT-fs (loop1): Directory bread(block 71) failed [ 668.405863][T21979] FAT-fs (loop1): Directory bread(block 72) failed [ 668.412461][T21979] FAT-fs (loop1): Directory bread(block 73) failed [ 668.818735][T22017] loop3: detected capacity change from 0 to 512 [ 668.834303][T22017] EXT4-fs: Ignoring removed bh option [ 668.866994][T22017] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 668.893584][T22017] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 668.954201][T22017] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 668.999166][T22017] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 669.028465][T22033] binder: 22032:22033 unknown command 0 [ 669.034078][T22033] binder: 22032:22033 ioctl c0306201 200000000480 returned -22 [ 669.056496][T22017] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 669.146302][T22040] loop2: detected capacity change from 0 to 4096 [ 669.164134][T22040] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 669.172417][T22017] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #12: block 32: comm syz.3.5889: bad entry in directory: directory entry overrun - offset=24, inode=13, rec_len=2320, size=2048 fake=0 [ 669.229073][T22040] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 669.271521][ T8] usb 2-1: new low-speed USB device number 10 using dummy_hcd [ 669.280856][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 669.494072][ T8] usb 2-1: config index 0 descriptor too short (expected 1307, got 27) [ 669.514300][ T8] usb 2-1: config 0 has an invalid interface number: 0 but max is -1 [ 669.516993][T22055] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5901'. [ 669.546384][ T8] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 669.555713][T22055] netlink: 'syz.0.5901': attribute type 1 has an invalid length. [ 669.581725][ T8] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 669.613823][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 669.666982][ T8] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 669.707797][ T8] usb 2-1: string descriptor 0 read error: -22 [ 669.719802][ T8] usb 2-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 669.746163][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 669.766756][ T8] usb 2-1: config 0 descriptor?? [ 669.773126][T22028] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 669.814644][ T8] hub 2-1:0.0: bad descriptor, ignoring hub [ 669.833975][ T8] hub: probe of 2-1:0.0 failed with error -5 [ 669.871790][ T8] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input37 [ 669.966693][T22084] netlink: 'syz.0.5908': attribute type 28 has an invalid length. [ 670.173085][ T8] usb 2-1: USB disconnect, device number 10 [ 670.410230][T22116] IPVS: set_ctl: invalid protocol: 50 224.0.0.1:20001 [ 671.099731][T22158] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 671.121575][T22158] batadv_slave_0: entered promiscuous mode [ 671.141309][T22158] batadv_slave_0: entered allmulticast mode [ 671.169637][T22158] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 671.174196][T22165] netlink: 'syz.0.5933': attribute type 1 has an invalid length. [ 671.288929][T22168] netlink: 'syz.2.5936': attribute type 10 has an invalid length. [ 671.358953][T22168] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 671.454686][T22179] loop1: detected capacity change from 0 to 512 [ 671.580810][T22179] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 671.600805][T22189] sctp: [Deprecated]: syz.0.5941 (pid 22189) Use of int in max_burst socket option. [ 671.600805][T22189] Use struct sctp_assoc_value instead [ 671.621019][T22179] ext4 filesystem being mounted at /1490/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 671.735919][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 671.878604][T22204] netlink: 'syz.2.5946': attribute type 1 has an invalid length. [ 672.100819][ T27] audit: type=1326 audit(1774360328.485:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22214 comm="syz.2.5949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f478519c799 code=0x7ffc0000 [ 672.179030][ T27] audit: type=1326 audit(1774360328.485:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22214 comm="syz.2.5949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f478519c799 code=0x7ffc0000 [ 672.236168][T22228] SET target dimension over the limit! [ 672.254160][ T27] audit: type=1326 audit(1774360328.485:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22214 comm="syz.2.5949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f478519c799 code=0x7ffc0000 [ 672.298494][ T27] audit: type=1326 audit(1774360328.485:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22214 comm="syz.2.5949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f478519c799 code=0x7ffc0000 [ 672.408140][T22239] xt_CT: You must specify a L4 protocol and not use inversions on it [ 672.648374][T22252] netlink: 'syz.2.5963': attribute type 3 has an invalid length. [ 673.630870][ T27] audit: type=1800 audit(1774360329.916:93): pid=22297 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.0.5979" name="/newroot/1461/file0" dev="tmpfs" ino=7586 res=0 errno=0 [ 674.178407][ T28] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 674.204737][ T5812] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 674.225778][T22363] binder: 22362:22363 ioctl c0306201 200000000380 returned -14 [ 674.383680][ T28] usb 2-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d [ 674.395559][ T28] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 674.415521][ T5812] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 674.436046][ T28] usb 2-1: config 0 descriptor?? [ 674.441094][ T5812] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 674.467043][ T5812] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 674.476174][ T5812] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 674.511257][T22337] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 674.535173][ T5812] usb 4-1: Quirk or no altest; falling back to MIDI 1.0 [ 674.687475][T22399] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT [ 674.872610][ T5812] usb 4-1: USB disconnect, device number 4 [ 674.909809][ T28] hackrf 2-1:0.0: usb_control_msg() failed -71 request 0f [ 674.938482][ T28] hackrf 2-1:0.0: Could not detect board [ 674.947049][ T28] hackrf: probe of 2-1:0.0 failed with error -71 [ 674.991203][ T28] usb 2-1: USB disconnect, device number 11 [ 675.179897][T22442] loop2: detected capacity change from 0 to 4096 [ 675.218719][T22442] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 675.308134][ T5765] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 675.542976][T22463] cgroup: name respecified [ 675.867745][T22485] netlink: 'syz.2.6028': attribute type 5 has an invalid length. [ 676.481912][ T27] audit: type=1326 audit(1774360332.591:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22519 comm="syz.1.6042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330219c799 code=0x7ffc0000 [ 676.482164][ T27] audit: type=1326 audit(1774360332.591:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22519 comm="syz.1.6042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330219c799 code=0x7ffc0000 [ 676.494593][ T27] audit: type=1326 audit(1774360332.601:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22519 comm="syz.1.6042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f330219c799 code=0x7ffc0000 [ 676.494711][ T27] audit: type=1326 audit(1774360332.601:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22519 comm="syz.1.6042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330219c799 code=0x7ffc0000 [ 676.798474][ C1] vkms_vblank_simulate: vblank timer overrun [ 676.841104][ T6629] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 676.886996][T22507] loop3: detected capacity change from 0 to 32768 [ 676.902871][T22507] XFS (loop3): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 676.945432][T22507] XFS (loop3): Ending clean mount [ 677.064864][ T6629] usb 1-1: Using ep0 maxpacket: 16 [ 677.066697][ T6629] usb 1-1: config 0 has an invalid interface number: 128 but max is 0 [ 677.066722][ T6629] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 677.066740][ T6629] usb 1-1: config 0 has no interface number 0 [ 677.066789][ T6629] usb 1-1: config 0 interface 128 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 677.066810][ T6629] usb 1-1: config 0 interface 128 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 677.070911][ T6629] usb 1-1: New USB device found, idVendor=1b3d, idProduct=01d3, bcdDevice= 1.16 [ 677.070938][ T6629] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 677.070957][ T6629] usb 1-1: Product: syz [ 677.070972][ T6629] usb 1-1: Manufacturer: syz [ 677.070986][ T6629] usb 1-1: SerialNumber: syz [ 677.077200][ T6629] usb 1-1: config 0 descriptor?? [ 677.080227][ T6629] ftdi_sio 1-1:0.128: FTDI USB Serial Device converter detected [ 677.087279][ T6629] usb 1-1: Detected SIO [ 677.087299][ T6629] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 1 [ 677.094135][ T6629] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 677.106252][T22549] loop1: detected capacity change from 0 to 256 [ 677.284015][ T5767] XFS (loop3): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 677.382750][ T6629] usb 1-1: USB disconnect, device number 3 [ 677.437008][ T6629] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 677.508535][ T6629] ftdi_sio 1-1:0.128: device disconnected [ 677.839611][T22587] netlink: 'syz.1.6054': attribute type 1 has an invalid length. [ 677.876341][T22587] netlink: 'syz.1.6054': attribute type 3 has an invalid length. [ 677.902847][T22587] netlink: 224 bytes leftover after parsing attributes in process `syz.1.6054'. [ 678.090011][T22602] syz.2.6058: attempt to access beyond end of device [ 678.090011][T22602] loop5: rw=0, sector=0, nr_sectors = 1 limit=0 [ 678.109816][T22602] FAT-fs (loop5): unable to read boot sector [ 678.364310][T22608] xt_CT: No such helper "netbios-ns" [ 678.864750][T22651] loop2: detected capacity change from 0 to 256 [ 679.490095][T22687] loop3: detected capacity change from 0 to 4096 [ 679.599874][T22687] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 679.620845][ T5812] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 679.628672][T22687] ntfs3: loop3: Failed to load $Extend (-22). [ 679.661201][T22687] ntfs3: loop3: Failed to initialize $Extend. [ 679.795847][T22687] ntfs3: loop3: ino=1e, "file1" attr_set_size [ 679.863686][ T5812] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 679.892404][ T5812] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 679.911850][ T5812] usb 3-1: Product: syz [ 679.916130][ T5812] usb 3-1: Manufacturer: syz [ 679.941047][ T5812] usb 3-1: SerialNumber: syz [ 679.961396][ T5812] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 680.012864][ T28] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 680.356054][ C1] usb 3-1: ath: unknown panic pattern! [ 680.382682][T22732] netlink: 'syz.1.6100': attribute type 5 has an invalid length. [ 680.540128][T22736] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6101'. [ 680.572901][ T6629] usb 3-1: USB disconnect, device number 6 [ 681.164895][ T28] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 681.181584][ T28] ath9k_htc: Failed to initialize the device [ 681.201368][ T6629] usb 3-1: ath9k_htc: USB layer deinitialized [ 681.327259][T22789] netlink: 'syz.2.6120': attribute type 58 has an invalid length. [ 681.335444][T22787] dlm: no local IP address has been set [ 681.335530][T22787] dlm: cannot start dlm midcomms -107 [ 681.348573][T22789] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6120'. [ 681.858173][T22825] loop3: detected capacity change from 0 to 512 [ 681.893138][T22825] EXT4-fs error (device loop3): ext4_orphan_get:1424: comm syz.3.6134: bad orphan inode 13 [ 681.921990][T22825] ext4_test_bit(bit=12, block=4) = 1 [ 681.927380][T22825] is_bad_inode(inode)=0 [ 681.936862][T22825] NEXT_ORPHAN(inode)=0 [ 681.941572][T22825] max_ino=32 [ 681.944822][T22825] i_nlink=1 [ 681.949221][T22825] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 681.972061][T22825] EXT4-fs warning (device loop3): dx_probe:845: inode #2: comm syz.3.6134: Hash code is SIPHASH, but hash not in dirent [ 681.986542][ T27] audit: type=1326 audit(1774360337.745:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22836 comm="syz.2.6135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f478519c799 code=0x7ffc0000 [ 682.009027][T22825] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.6134: Corrupt directory, running e2fsck is recommended [ 682.022741][ T27] audit: type=1326 audit(1774360337.745:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22836 comm="syz.2.6135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f478519c799 code=0x7ffc0000 [ 682.045448][ T27] audit: type=1326 audit(1774360337.745:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22836 comm="syz.2.6135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f478519c799 code=0x7ffc0000 [ 682.069411][ T27] audit: type=1326 audit(1774360337.745:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22836 comm="syz.2.6135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f478519c799 code=0x7ffc0000 [ 682.091965][ T27] audit: type=1326 audit(1774360337.745:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22836 comm="syz.2.6135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f478519c799 code=0x7ffc0000 [ 682.120843][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 682.175665][ T8] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 682.214056][ T27] audit: type=1326 audit(1774360337.951:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22844 comm="syz.3.6137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 682.264182][ T27] audit: type=1326 audit(1774360337.979:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22844 comm="syz.3.6137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 682.286606][ C1] vkms_vblank_simulate: vblank timer overrun [ 682.325342][ T27] audit: type=1326 audit(1774360337.979:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22844 comm="syz.3.6137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 682.385749][ T27] audit: type=1326 audit(1774360337.979:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22844 comm="syz.3.6137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 682.410887][ T8] usb 2-1: Using ep0 maxpacket: 32 [ 682.413000][T22856] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6141'. [ 682.442636][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 682.466720][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0 [ 682.494808][ T8] usb 2-1: New USB device found, idVendor=ae6f, idProduct=79f4, bcdDevice=8f.99 [ 682.506373][ T27] audit: type=1326 audit(1774360337.979:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22844 comm="syz.3.6137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 682.527707][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 682.537229][ T8] usb 2-1: Product: syz [ 682.554352][ T8] usb 2-1: Manufacturer: syz [ 682.558999][ T8] usb 2-1: SerialNumber: syz [ 682.593273][ T8] usb 2-1: config 0 descriptor?? [ 682.897201][ T28] usb 2-1: USB disconnect, device number 12 [ 683.289029][T22874] loop2: detected capacity change from 0 to 32768 [ 683.352844][T22874] XFS (loop2): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 683.382093][T22914] netlink: 'syz.3.6157': attribute type 1 has an invalid length. [ 683.508913][T22874] XFS (loop2): Ending clean mount [ 683.723955][ T5765] XFS (loop2): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 683.816918][ T5770] Bluetooth: hci2: command 0x0406 tx timeout [ 683.956845][T22947] x_tables: ip_tables: osf match: only valid for protocol 6 [ 684.016745][T22951] netlink: 'syz.1.6167': attribute type 41 has an invalid length. [ 684.029105][ T6629] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 684.066158][T22951] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6167'. [ 684.269715][ T6629] usb 1-1: config 220 has an invalid interface number: 76 but max is 2 [ 684.288101][T22966] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.6165'. [ 684.299618][ T6629] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 684.328558][ T6629] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 684.343480][ T6629] usb 1-1: config 220 has no interface number 2 [ 684.343551][ T6629] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 684.343575][ T6629] usb 1-1: config 220 interface 0 has no altsetting 0 [ 684.343592][ T6629] usb 1-1: config 220 interface 76 has no altsetting 0 [ 684.343609][ T6629] usb 1-1: config 220 interface 1 has no altsetting 0 [ 684.350358][ T6629] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 684.469253][ T6629] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 684.469280][ T6629] usb 1-1: Product: syz [ 684.469294][ T6629] usb 1-1: Manufacturer: syz [ 684.469316][ T6629] usb 1-1: SerialNumber: syz [ 684.725936][ T6629] usb 1-1: selecting invalid altsetting 0 [ 684.726548][ T6629] usb 1-1: Found UVC 7.01 device syz (8086:0b07) [ 684.726580][ T6629] usb 1-1: No valid video chain found. [ 684.735279][ T6629] usb 1-1: selecting invalid altsetting 0 [ 684.735308][ T6629] usbtest: probe of 1-1:220.1 failed with error -22 [ 684.754675][ T6629] usb 1-1: USB disconnect, device number 4 [ 685.467855][T23030] netlink: 'syz.2.6189': attribute type 1 has an invalid length. [ 685.978886][T23061] loop1: detected capacity change from 0 to 256 [ 686.406862][T23082] netlink: 'syz.1.6208': attribute type 10 has an invalid length. [ 686.489548][T23082] team0: Device veth1_macvtap failed to register rx_handler [ 686.602679][T23056] loop2: detected capacity change from 0 to 40427 [ 686.643864][T23056] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 686.651657][T23056] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 686.687744][T23056] F2FS-fs (loop2): invalid crc value [ 686.717726][T23056] F2FS-fs (loop2): Found nat_bits in checkpoint [ 686.810519][T23056] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 686.847146][T23056] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 687.053599][T23112] Cannot find add_set index 3 as target [ 688.390202][T23187] netlink: 'syz.1.6248': attribute type 32 has an invalid length. [ 688.398288][T23187] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6248'. [ 688.407464][T23187] (unnamed net_device) (uninitialized): option coupled_control: mode dependency failed, not supported in mode balance-rr(0) [ 688.585882][T23195] binder: 23194:23195 ioctl 4018620d 0 returned -22 [ 688.658700][T23197] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 33629 - 0 [ 688.686033][T23197] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 33629 - 0 [ 688.711009][T23197] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 33629 - 0 [ 688.720676][T23197] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 33629 - 0 [ 688.749997][T23197] netdevsim netdevsim2 netdevsim0: set [1, 2] type 2 family 0 port 34065 - 0 [ 688.786297][T23197] netdevsim netdevsim2 netdevsim1: set [1, 2] type 2 family 0 port 34065 - 0 [ 688.813792][T23197] netdevsim netdevsim2 netdevsim2: set [1, 2] type 2 family 0 port 34065 - 0 [ 688.822644][T23197] netdevsim netdevsim2 netdevsim3: set [1, 2] type 2 family 0 port 34065 - 0 [ 688.854412][T23197] geneve2: entered promiscuous mode [ 688.867794][T23197] geneve2: entered allmulticast mode [ 688.911043][T23210] netlink: 'syz.0.6258': attribute type 10 has an invalid length. [ 688.952609][T23210] team0: Device veth1_macvtap failed to register rx_handler [ 689.028353][T23189] loop3: detected capacity change from 0 to 32768 [ 689.132822][T23189] ERROR: (device loop3): dbAlloc: unable to allocate blocks [ 689.132822][T23189] [ 689.191244][T23189] ERROR: (device loop3): remounting filesystem as read-only [ 689.201369][T23189] jfs_rename: dtInsert returned -EIO [ 689.530349][T23242] netlink: 100 bytes leftover after parsing attributes in process `syz.0.6269'. [ 689.740626][T23254] netlink: 'syz.2.6271': attribute type 10 has an invalid length. [ 689.786412][T23254] team0: Device veth1_macvtap failed to register rx_handler [ 689.962647][T23267] netlink: 'syz.1.6276': attribute type 10 has an invalid length. [ 689.983627][T23266] loop3: detected capacity change from 0 to 1764 [ 690.007923][T23267] team0: Device hsr_slave_0 failed to register rx_handler [ 690.054721][T23271] xt_bpf: check failed: parse error [ 690.070228][T23266] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 690.754754][T23317] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (18446744073709551615) [ 691.552652][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 691.552668][ T27] audit: type=1326 audit(663.743:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23365 comm=162E44A480DB682108B49543019E91 exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f330219c799 code=0x0 [ 691.839284][ T6629] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 692.046824][ T6629] usb 3-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 692.056023][ T6629] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 692.064085][ T6629] usb 3-1: Product: syz [ 692.068265][ T6629] usb 3-1: Manufacturer: syz [ 692.072887][ T6629] usb 3-1: SerialNumber: syz [ 692.080437][ T6629] r8152-cfgselector 3-1: config 0 descriptor?? [ 692.305847][ T6629] usbip-host 3-1: 3-1 is not in match_busid table... skip! [ 692.539753][T12699] usb 3-1: USB disconnect, device number 7 [ 692.814559][T23397] bridge_slave_1: left allmulticast mode [ 692.831362][T23397] bridge_slave_1: left promiscuous mode [ 692.846035][T23397] bridge0: port 2(bridge_slave_1) entered disabled state [ 692.876653][T23397] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 693.020650][T23376] loop1: detected capacity change from 0 to 32768 [ 693.133271][T23376] ERROR: (device loop1): dbAlloc: unable to allocate blocks [ 693.133271][T23376] [ 693.168679][T23376] ERROR: (device loop1): remounting filesystem as read-only [ 693.198605][T23376] jfs_rename: dtInsert returned -EIO [ 694.133618][T23427] loop3: detected capacity change from 0 to 32768 [ 694.170751][T23427] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.6326 (23427) [ 694.257264][T23427] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 694.285692][T23427] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 694.309926][T23427] BTRFS info (device loop3): force zlib compression, level 3 [ 694.317374][T23427] BTRFS info (device loop3): force clearing of disk cache [ 694.359725][T23427] BTRFS info (device loop3): setting nodatasum [ 694.379686][T23427] BTRFS info (device loop3): use zlib compression, level 3 [ 694.406147][T23427] BTRFS info (device loop3): allowing degraded mounts [ 694.430691][T23427] BTRFS info (device loop3): enabling disk space caching [ 694.447823][T23427] BTRFS info (device loop3): disk space caching is enabled [ 694.654405][T23427] BTRFS info (device loop3): enabling ssd optimizations [ 694.687203][T23427] BTRFS info (device loop3): auto enabling async discard [ 694.760425][T23427] BTRFS info (device loop3): rebuilding free space tree [ 694.802502][T23511] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 694.810081][T23511] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 694.834017][T23427] BTRFS info (device loop3): disabling free space tree [ 694.841096][T23427] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 694.903970][T23427] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 695.042565][T23524] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6356'. [ 695.140911][ T5767] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 695.599099][T23549] netlink: 72 bytes leftover after parsing attributes in process `syz.3.6364'. [ 695.643237][T23549] netlink: 72 bytes leftover after parsing attributes in process `syz.3.6364'. [ 695.712094][T23545] lo speed is unknown, defaulting to 1000 [ 695.802975][T23559] loop2: detected capacity change from 0 to 512 [ 695.902763][T23559] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.6366: couldn't read orphan inode 26 (err -116) [ 695.948570][T23559] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 696.062717][T23559] Quota error (device loop2): do_check_range: Getting dqdh_entries 36 out of range 0-14 [ 696.098122][T23559] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 696.125735][T23559] EXT4-fs error (device loop2): ext4_acquire_dquot:6949: comm syz.2.6366: Failed to acquire dquot type 1 [ 696.245091][ T5765] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 696.489729][T23613] openvswitch: netlink: Actions may not be safe on all matching packets [ 696.729482][T23627] CIFS mount error: No usable UNC path provided in device string! [ 696.729482][T23627] [ 696.744361][T23628] misc userio: Invalid payload size [ 696.765587][T23627] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 696.786228][T23629] bridge2: entered promiscuous mode [ 696.945431][T23637] delete_channel: no stack [ 697.236970][T23657] bridge0: port 3(team0) entered blocking state [ 697.268788][T23657] bridge0: port 3(team0) entered disabled state [ 697.288431][T23660] autofs4:pid:23660:autofs_fill_super: called with bogus options [ 697.292108][T23657] team0: entered allmulticast mode [ 697.316415][T23657] team_slave_0: entered allmulticast mode [ 697.345817][T23657] team_slave_1: entered allmulticast mode [ 697.391550][T23657] team0: entered promiscuous mode [ 697.397619][T23657] team_slave_0: entered promiscuous mode [ 697.430804][T23657] team_slave_1: entered promiscuous mode [ 697.445472][T23657] bridge0: port 3(team0) entered blocking state [ 697.453959][T23657] bridge0: port 3(team0) entered forwarding state [ 697.588441][T23679] netlink: 'syz.2.6399': attribute type 1 has an invalid length. [ 697.596621][T23679] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6399'. [ 697.837035][ T6629] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 698.042825][ T6629] usb 1-1: config 220 has an invalid interface number: 76 but max is 2 [ 698.061266][ T6629] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 698.080357][ T6629] usb 1-1: config 220 has no interface number 2 [ 698.100453][ T6629] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 698.136259][T12699] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 698.160894][ T6629] usb 1-1: config 220 interface 0 has no altsetting 0 [ 698.186261][ T6629] usb 1-1: config 220 interface 76 has no altsetting 0 [ 698.202021][ T6629] usb 1-1: config 220 interface 1 has no altsetting 0 [ 698.215725][T23710] loop3: detected capacity change from 0 to 2048 [ 698.229714][ T6629] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 698.241513][ T6629] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 698.253457][T23710] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 698.270431][ T6629] usb 1-1: Product: syz [ 698.274842][ T6629] usb 1-1: Manufacturer: syz [ 698.282620][ T6629] usb 1-1: SerialNumber: syz [ 698.293446][T23716] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 698.349844][T12699] usb 3-1: Using ep0 maxpacket: 32 [ 698.355298][T23710] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 698.387411][T23710] NILFS error (device loop3): nilfs_bmap_last_key: broken bmap (inode number=16) [ 698.392542][T12699] usb 3-1: config 0 has an invalid interface number: 188 but max is 0 [ 698.424652][T12699] usb 3-1: config 0 has no interface number 0 [ 698.429515][T23710] Remounting filesystem read-only [ 698.434363][T12699] usb 3-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 698.451236][T23710] NILFS (loop3): error -5 truncating bmap (ino=16) [ 698.454622][T12699] usb 3-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36 [ 698.478099][T12699] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 698.503371][T12699] usb 3-1: Product: syz [ 698.507590][T12699] usb 3-1: Manufacturer: syz [ 698.521474][T12699] usb 3-1: SerialNumber: syz [ 698.539850][T12699] usb 3-1: config 0 descriptor?? [ 698.543354][ T5767] NILFS (loop3): discard dirty page: offset=4096, ino=6 [ 698.557105][T23693] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 698.566165][ T5767] NILFS (loop3): discard dirty block: blocknr=39, size=1024 [ 698.584583][ T5767] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 698.602098][ T5767] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 698.612549][ T6629] usb 1-1: selecting invalid altsetting 0 [ 698.623769][ T6629] usb 1-1: Found UVC 7.01 device syz (8086:0b07) [ 698.631036][ T5767] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 698.645498][ T6629] usb 1-1: No valid video chain found. [ 698.651880][ T5767] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer [ 698.667505][ T6629] usb 1-1: selecting invalid altsetting 0 [ 698.676543][ T6629] usbtest: probe of 1-1:220.1 failed with error -22 [ 698.692067][ T6629] usb 1-1: USB disconnect, device number 5 [ 698.797281][T23693] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 698.963192][T23752] netlink: 36 bytes leftover after parsing attributes in process `syz.3.6415'. [ 698.978688][T23752] netlink: 36 bytes leftover after parsing attributes in process `syz.3.6415'. [ 698.988904][T23752] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6415'. [ 699.043076][T12699] asix 3-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 699.077788][T12699] asix: probe of 3-1:0.188 failed with error -71 [ 699.103044][T12699] usb 3-1: USB disconnect, device number 8 [ 699.596828][T23791] netlink: 'syz.0.6429': attribute type 29 has an invalid length. [ 700.028514][ T6629] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 700.242085][ T6629] usb 4-1: Using ep0 maxpacket: 32 [ 700.264837][ T6629] usb 4-1: config 1 has an invalid interface number: 108 but max is 0 [ 700.278829][ T6629] usb 4-1: config 1 has no interface number 0 [ 700.293008][ T6629] usb 4-1: New USB device found, idVendor=04e8, idProduct=6601, bcdDevice=81.9b [ 700.317916][ T6629] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 700.331082][ T6629] usb 4-1: Product: syz [ 700.335286][ T6629] usb 4-1: Manufacturer: syz [ 700.355622][ T6629] usb 4-1: SerialNumber: syz [ 700.378270][ T6629] hub 4-1:1.108: bad descriptor, ignoring hub [ 700.395858][ T6629] hub: probe of 4-1:1.108 failed with error -5 [ 700.607351][ T6629] usb 4-1: palm_os_4_probe - error -71 getting connection info [ 700.615021][ T6629] visor 4-1:1.108: Handspring Visor / Palm OS converter detected [ 700.651589][ T6629] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 700.683826][ T6629] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 700.749712][ T6629] usb 4-1: USB disconnect, device number 5 [ 700.778528][ T6629] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 700.816573][ T6629] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 700.838125][ T6629] visor 4-1:1.108: device disconnected [ 701.008002][T23897] loop1: detected capacity change from 0 to 256 [ 701.024102][T23897] exfat: Deprecated parameter 'namecase' [ 701.055491][T23897] exfat: Deprecated parameter 'utf8' [ 701.140249][T23897] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe5fd08b, utbl_chksum : 0xe619d30d) [ 701.197005][T23897] fuse: Bad value for 'fd' [ 701.256184][T23910] ptrace attach of "./syz-executor exec"[5765] was attempted by ""[23910] [ 701.352521][T23914] syz.0.6470: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 701.407549][T23914] CPU: 0 PID: 23914 Comm: syz.0.6470 Not tainted syzkaller #0 [ 701.415071][T23914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 701.425148][T23914] Call Trace: [ 701.428802][T23914] [ 701.431755][T23914] dump_stack_lvl+0x18c/0x250 [ 701.436469][T23914] ? show_regs_print_info+0x20/0x20 [ 701.441701][T23914] ? load_image+0x400/0x400 [ 701.446234][T23914] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 701.452677][T23914] ? cpuset_print_current_mems_allowed+0x2e7/0x360 [ 701.459212][T23914] warn_alloc+0x246/0x340 [ 701.463579][T23914] ? stack_trace_save+0xaa/0x100 [ 701.468559][T23914] ? zone_watermark_ok_safe+0x230/0x230 [ 701.474158][T23914] ? kasan_set_track+0x5f/0x70 [ 701.478953][T23914] ? kasan_set_track+0x4e/0x70 [ 701.483739][T23914] ? __kasan_kmalloc+0x8f/0xa0 [ 701.488533][T23914] ? xsk_init_queue+0xad/0x100 [ 701.493435][T23914] ? xsk_setsockopt+0x42e/0x760 [ 701.498316][T23914] ? do_sock_setsockopt+0x175/0x1a0 [ 701.503535][T23914] ? __x64_sys_setsockopt+0x182/0x200 [ 701.508942][T23914] __vmalloc_node_range+0x126/0x1330 [ 701.514286][T23914] ? free_vm_area+0x50/0x50 [ 701.518838][T23914] vmalloc_user+0x74/0x80 [ 701.523203][T23914] ? xskq_create+0xbf/0x170 [ 701.527756][T23914] xskq_create+0xbf/0x170 [ 701.532119][T23914] xsk_init_queue+0xad/0x100 [ 701.536736][T23914] xsk_setsockopt+0x42e/0x760 [ 701.541423][T23914] ? xsk_poll+0x680/0x680 [ 701.545793][T23914] ? __fget_files+0x28/0x4b0 [ 701.550485][T23914] ? __fget_files+0x28/0x4b0 [ 701.555100][T23914] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 701.560694][T23914] ? security_socket_setsockopt+0x7e/0xa0 [ 701.566429][T23914] ? xsk_poll+0x680/0x680 [ 701.570771][T23914] do_sock_setsockopt+0x175/0x1a0 [ 701.575795][T23914] ? __fdget+0x180/0x210 [ 701.580042][T23914] __x64_sys_setsockopt+0x182/0x200 [ 701.585241][T23914] do_syscall_64+0x55/0xa0 [ 701.589655][T23914] ? clear_bhb_loop+0x40/0x90 [ 701.594333][T23914] ? clear_bhb_loop+0x40/0x90 [ 701.599006][T23914] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 701.604896][T23914] RIP: 0033:0x7f535099c799 [ 701.609304][T23914] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 701.629016][T23914] RSP: 002b:00007f535180a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 701.637431][T23914] RAX: ffffffffffffffda RBX: 00007f5350c15fa0 RCX: 00007f535099c799 [ 701.645410][T23914] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 701.653387][T23914] RBP: 00007f5350a32c99 R08: 0000000000000004 R09: 0000000000000000 [ 701.661395][T23914] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 701.669387][T23914] R13: 00007f5350c16038 R14: 00007f5350c15fa0 R15: 00007ffd9a00feb8 [ 701.677389][T23914] [ 701.712267][T23914] Mem-Info: [ 701.715435][T23914] active_anon:8156 inactive_anon:0 isolated_anon:0 [ 701.715435][T23914] active_file:13579 inactive_file:41609 isolated_file:0 [ 701.715435][T23914] unevictable:768 dirty:366 writeback:0 [ 701.715435][T23914] slab_reclaimable:11141 slab_unreclaimable:95352 [ 701.715435][T23914] mapped:25587 shmem:1365 pagetables:652 [ 701.715435][T23914] sec_pagetables:0 bounce:0 [ 701.715435][T23914] kernel_misc_reclaimable:0 [ 701.715435][T23914] free:1339689 free_pcp:8484 free_cma:0 [ 701.758571][T23929] xt_CT: You must specify a L4 protocol and not use inversions on it [ 701.807966][T23914] Node 0 active_anon:32624kB inactive_anon:0kB active_file:54316kB inactive_file:166200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:102448kB dirty:1460kB writeback:0kB shmem:3924kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10816kB pagetables:2708kB sec_pagetables:0kB all_unreclaimable? no [ 701.848795][T23914] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:236kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 701.879183][T23914] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 701.907517][T23914] lowmem_reserve[]: 0 2521 2522 2522 2522 [ 701.913419][T23914] Node 0 DMA32 free:1440740kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:32584kB inactive_anon:0kB active_file:54316kB inactive_file:165368kB unevictable:1536kB writepending:1460kB present:3129332kB managed:2586964kB mlocked:0kB bounce:0kB free_pcp:22072kB local_pcp:17876kB free_cma:0kB [ 701.944319][T23914] lowmem_reserve[]: 0 0 0 0 0 [ 701.949077][T23914] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:832kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 701.975913][T23914] lowmem_reserve[]: 0 0 0 0 0 [ 701.980670][T23914] Node 1 Normal free:3902404kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:236kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:11936kB local_pcp:6464kB free_cma:0kB [ 702.010768][T23914] lowmem_reserve[]: 0 0 0 0 0 [ 702.015543][T23914] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 702.048109][T23943] netlink: 'syz.1.6474': attribute type 21 has an invalid length. [ 702.059237][T23914] Node 0 DMA32: 777*4kB (UME) 460*8kB (UME) 402*16kB (UME) 454*32kB (UME) 432*64kB (UME) 153*128kB (UME) 119*256kB (UME) 86*512kB (UME) 55*1024kB (UME) 19*2048kB (UME) 292*4096kB (UM) = 1440740kB [ 702.082351][T23914] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 702.094043][T23914] Node 1 Normal: 221*4kB (UE) 58*8kB (UME) 50*16kB (UME) 215*32kB (UE) 66*64kB (UE) 10*128kB (UME) 3*256kB (U) 4*512kB (UME) 2*1024kB (UE) 2*2048kB (UE) 947*4096kB (M) = 3902404kB [ 702.161867][T23914] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 702.196962][T23948] xt_bpf: check failed: parse error [ 702.220107][T23914] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 702.240591][T23952] comedi comedi0: aio_iiro_16: a I/O base address must be specified [ 702.259896][T23914] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 702.269689][T23914] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 702.279391][T23914] 55441 total pagecache pages [ 702.284264][T23914] 0 pages in swap cache [ 702.288435][T23914] Free swap = 124472kB [ 702.292608][T23914] Total swap = 124996kB [ 702.296871][T23914] 2097051 pages RAM [ 702.300778][T23914] 0 pages HighMem/MovableOnly [ 702.305573][T23914] 416924 pages reserved [ 702.309752][T23914] 0 pages cma reserved [ 702.373670][T23957] loop3: detected capacity change from 0 to 16 [ 702.375108][T23958] loop2: detected capacity change from 0 to 64 [ 702.400224][T23957] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 702.633001][T23971] Non-string source [ 702.633166][T23975] netlink: 640 bytes leftover after parsing attributes in process `syz.1.6486'. [ 702.854873][ T27] audit: type=1326 audit(674.313:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23981 comm="syz.3.6488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 702.934342][ T27] audit: type=1326 audit(674.313:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23981 comm="syz.3.6488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 702.991488][ T27] audit: type=1326 audit(674.341:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23981 comm="syz.3.6488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 703.059690][ T27] audit: type=1326 audit(674.351:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23981 comm="syz.3.6488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 703.102507][ T27] audit: type=1326 audit(674.351:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23981 comm="syz.3.6488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 703.144291][T24003] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6495'. [ 703.182021][ T6629] usb 3-1: new full-speed USB device number 9 using dummy_hcd [ 703.217559][T24007] netlink: 'syz.1.6496': attribute type 5 has an invalid length. [ 703.229651][T24009] netdevsim netdevsim3: Firmware load for './file0/file0/..' refused, path contains '..' component [ 703.387141][ T6629] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 703.409328][ T6629] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 703.450718][ T6629] usb 3-1: config 0 descriptor?? [ 703.477273][ T6629] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 703.518224][T24031] netlink: 'syz.3.6502': attribute type 21 has an invalid length. [ 703.534397][T24031] netlink: 128 bytes leftover after parsing attributes in process `syz.3.6502'. [ 703.549421][T24031] netlink: 'syz.3.6502': attribute type 4 has an invalid length. [ 703.559281][T24031] netlink: 3 bytes leftover after parsing attributes in process `syz.3.6502'. [ 703.600361][T24035] unsupported nlmsg_type 40 [ 703.688259][ T27] audit: type=1326 audit(675.090:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24037 comm="syz.3.6506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 703.712731][ T27] audit: type=1326 audit(675.090:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24037 comm="syz.3.6506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 703.738224][ T27] audit: type=1326 audit(675.108:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24037 comm="syz.3.6506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 703.780702][ T28] usb 2-1: new full-speed USB device number 13 using dummy_hcd [ 703.788754][ T27] audit: type=1326 audit(675.108:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24037 comm="syz.3.6506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 703.834198][ T27] audit: type=1326 audit(675.108:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24037 comm="syz.3.6506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b659c799 code=0x7ffc0000 [ 703.916940][ T6629] gp8psk: usb out operation failed. [ 703.931741][ T6629] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 703.950216][ T6629] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 703.970408][ T6629] usb 3-1: USB disconnect, device number 9 [ 704.018820][ T28] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64 [ 704.030090][ T28] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid maxpacket 42769, setting to 64 [ 704.069314][ T28] usb 2-1: config 0 interface 0 has no altsetting 0 [ 704.085428][ T28] usb 2-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 704.102694][ T28] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 704.110826][ T28] usb 2-1: Product: syz [ 704.121585][ T28] usb 2-1: Manufacturer: syz [ 704.129842][ T28] usb 2-1: SerialNumber: syz [ 704.142418][ T28] usb 2-1: config 0 descriptor?? [ 704.155741][ T28] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 found [ 704.394982][ T28] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 now disconnected [ 704.406725][ T28] snd_usb_toneport: probe of 2-1:0.0 failed with error -22 [ 704.673734][T12699] usb 2-1: USB disconnect, device number 13 [ 705.353096][T24141] openvswitch: netlink: Flow actions attr not present in new flow. [ 705.573716][T24160] loop1: detected capacity change from 0 to 128 [ 705.601599][T24160] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 705.705288][ T6629] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 705.804823][ T5768] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 705.904436][ T6629] usb 3-1: config 220 has an invalid interface number: 76 but max is 2 [ 705.919780][ T6629] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 705.950978][ T6629] usb 3-1: config 220 has no interface number 2 [ 705.957348][ T6629] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 705.974197][T24186] netlink: 48 bytes leftover after parsing attributes in process `syz.3.6550'. [ 705.994273][T24186] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 706.010775][ T6629] usb 3-1: config 220 interface 0 has no altsetting 0 [ 706.017668][ T6629] usb 3-1: config 220 interface 76 has no altsetting 0 [ 706.024545][ T6629] usb 3-1: config 220 interface 1 has no altsetting 0 [ 706.045137][ T6629] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 706.057979][ T6629] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 706.066200][ T6629] usb 3-1: Product: syz [ 706.097895][ T6629] usb 3-1: Manufacturer: syz [ 706.106938][ T6629] usb 3-1: SerialNumber: syz [ 706.111794][ T5831] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 706.241998][T24197] loop3: detected capacity change from 0 to 4096 [ 706.330068][ T5831] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00 [ 706.347603][T24197] ntfs: volume version 3.1. [ 706.359651][ T5831] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 706.372815][ T6629] usb 3-1: selecting invalid altsetting 0 [ 706.383041][T24210] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6555'. [ 706.383510][ T5831] usb 1-1: Product: syz [ 706.393654][T24210] netlink: 128 bytes leftover after parsing attributes in process `syz.1.6555'. [ 706.408531][ T6629] usb 3-1: Found UVC 7.01 device syz (8086:0b07) [ 706.421120][ T6629] usb 3-1: No valid video chain found. [ 706.428729][ T5831] usb 1-1: SerialNumber: syz [ 706.437041][ T6629] usb 3-1: selecting invalid altsetting 0 [ 706.448182][ T6629] usbtest: probe of 3-1:220.1 failed with error -22 [ 706.458730][ T5831] usb 1-1: config 0 descriptor?? [ 706.528600][ T6629] usb 3-1: USB disconnect, device number 10 [ 706.696317][T24232] netlink: 'syz.1.6557': attribute type 10 has an invalid length. [ 706.700065][ T5831] hso 1-1:0.0: Failed to find BULK IN ep [ 706.745496][T24232] team0: Cannot enslave team device to itself [ 706.934834][T12699] usb 1-1: USB disconnect, device number 6 [ 707.852280][T24312] netlink: 'syz.1.6580': attribute type 21 has an invalid length. [ 707.893669][T24312] netlink: 128 bytes leftover after parsing attributes in process `syz.1.6580'. [ 707.938890][T24312] netlink: 'syz.1.6580': attribute type 4 has an invalid length. [ 707.971494][T24312] netlink: 3 bytes leftover after parsing attributes in process `syz.1.6580'. [ 708.920212][T24380] loop2: detected capacity change from 0 to 256 [ 708.960353][T24380] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011bf5, chksum : 0xc5c2f2dd, utbl_chksum : 0xe619d30d) [ 708.998814][T24380] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 709.091790][T24387] tmpfs: Bad value for 'mpol' [ 709.355267][T24363] loop3: detected capacity change from 0 to 32768 [ 709.372409][T24363] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 709.409010][T24402] loop1: detected capacity change from 0 to 256 [ 709.410348][T24406] loop2: detected capacity change from 0 to 256 [ 709.457851][T24363] JBD2: Ignoring recovery information on journal [ 709.542728][T24406] FAT-fs (loop2): Directory bread(block 64) failed [ 709.588459][T24406] FAT-fs (loop2): Directory bread(block 65) failed [ 709.595228][T24406] FAT-fs (loop2): Directory bread(block 66) failed [ 709.621080][T24406] FAT-fs (loop2): Directory bread(block 67) failed [ 709.629823][T24406] FAT-fs (loop2): Directory bread(block 68) failed [ 709.637717][T24363] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 709.692690][T24406] FAT-fs (loop2): Directory bread(block 69) failed [ 709.699373][T24406] FAT-fs (loop2): Directory bread(block 70) failed [ 709.750411][T24406] FAT-fs (loop2): Directory bread(block 71) failed [ 709.761388][T24406] FAT-fs (loop2): Directory bread(block 72) failed [ 709.796497][T24406] FAT-fs (loop2): Directory bread(block 73) failed [ 709.842305][T24363] OCFS2: ERROR (device loop3): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #32 has an invalid fs_generation of #1 [ 709.906523][T24363] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 709.927242][T24363] OCFS2: File system is now read-only. [ 709.938894][T24363] (syz.3.6598,24363,0):ocfs2_search_chain:1761 ERROR: status = -30 [ 709.947635][T24363] (syz.3.6598,24363,0):ocfs2_search_chain:1871 ERROR: status = -30 [ 709.977587][T24363] (syz.3.6598,24363,0):ocfs2_claim_suballoc_bits:1950 ERROR: status = -30 [ 709.997987][T24363] (syz.3.6598,24363,0):ocfs2_claim_suballoc_bits:1993 ERROR: status = -30 [ 710.017972][T24363] (syz.3.6598,24363,0):__ocfs2_claim_clusters:2365 ERROR: status = -30 [ 710.032273][T24363] (syz.3.6598,24363,0):__ocfs2_claim_clusters:2373 ERROR: status = -30 [ 710.043323][T24363] (syz.3.6598,24363,0):ocfs2_local_alloc_new_window:1203 ERROR: status = -30 [ 710.055566][T24363] (syz.3.6598,24363,0):ocfs2_local_alloc_new_window:1228 ERROR: status = -30 [ 710.088305][T24363] (syz.3.6598,24363,0):ocfs2_local_alloc_slide_window:1302 ERROR: status = -30 [ 710.112036][T24363] (syz.3.6598,24363,0):ocfs2_local_alloc_slide_window:1321 ERROR: status = -30 [ 710.148894][T24363] (syz.3.6598,24363,0):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -30 [ 710.187873][T24363] (syz.3.6598,24363,0):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -30 [ 710.219852][T24363] (syz.3.6598,24363,0):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -30 [ 710.253906][T24363] (syz.3.6598,24363,0):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -30 [ 710.267028][T24433] loop2: detected capacity change from 0 to 4096 [ 710.280080][T24363] (syz.3.6598,24363,0):ocfs2_expand_inline_dir:2858 ERROR: status = -30 [ 710.297136][T24363] (syz.3.6598,24363,0):ocfs2_extend_dir:3205 ERROR: status = -30 [ 710.306485][T24363] (syz.3.6598,24363,0):ocfs2_prepare_dir_for_insert:4326 ERROR: status = -30 [ 710.327903][T24363] (syz.3.6598,24363,0):ocfs2_mknod:298 ERROR: status = -30 [ 710.343934][T24443] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 710.354913][T24363] (syz.3.6598,24363,1):ocfs2_mknod:502 ERROR: status = -30 [ 710.372936][T24363] (syz.3.6598,24363,1):ocfs2_mkdir:659 ERROR: status = -30 [ 710.384005][T24440] lo: entered promiscuous mode [ 710.408965][T24440] lo: left allmulticast mode [ 710.448079][T24440] infiniband syz0: set down [ 710.484024][ T6629] lo speed is unknown, defaulting to 1000 [ 710.489875][ T6629] lo speed is unknown, defaulting to 1000 [ 710.624887][ T5767] ocfs2: Unmounting device (7,3) on (node local) [ 710.799321][T24463] netlink: 72 bytes leftover after parsing attributes in process `syz.0.6629'. [ 710.841611][T24463] netlink: 'syz.0.6629': attribute type 1 has an invalid length. [ 710.866661][T24463] netlink: 'syz.0.6629': attribute type 2 has an invalid length. [ 710.898762][T24463] netlink: 116 bytes leftover after parsing attributes in process `syz.0.6629'. [ 711.744999][T24483] loop1: detected capacity change from 0 to 32768 [ 711.773042][T24483] (syz.1.6637,24483,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 711.825538][T24483] (syz.1.6637,24483,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 711.878687][T24483] JBD2: Ignoring recovery information on journal [ 712.016024][T24483] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 712.426748][ T5768] ocfs2: Unmounting device (7,1) on (node local) [ 712.440136][T12699] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 712.686532][T12699] usb 1-1: Using ep0 maxpacket: 16 [ 712.698267][T12699] usb 1-1: config 254 has an invalid interface number: 235 but max is 0 [ 712.706661][T12699] usb 1-1: config 254 has no interface number 0 [ 712.734946][T12699] usb 1-1: config 254 interface 235 altsetting 2 bulk endpoint 0x6 has invalid maxpacket 32 [ 712.745641][T12699] usb 1-1: config 254 interface 235 has no altsetting 0 [ 712.783149][T12699] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=2b.f1 [ 712.805330][T12699] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=5 [ 712.837158][T12699] usb 1-1: Product: syz [ 712.841386][T12699] usb 1-1: Manufacturer: syz [ 712.846015][T12699] usb 1-1: SerialNumber: syz [ 712.868963][T24535] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 713.036049][T24591] loop1: detected capacity change from 0 to 512 [ 713.052508][T24591] EXT4-fs: Ignoring removed nomblk_io_submit option [ 713.100509][T12699] usbtest 1-1:254.235: couldn't get endpoints, -71 [ 713.103007][ T6629] usb 4-1: new full-speed USB device number 6 using dummy_hcd [ 713.113662][T12699] usbtest: probe of 1-1:254.235 failed with error -71 [ 713.141760][T12699] usb 1-1: USB disconnect, device number 7 [ 713.153672][T24591] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 713.270099][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 713.359193][ T6629] usb 4-1: unable to get BOS descriptor or descriptor too short [ 713.369867][ T6629] usb 4-1: not running at top speed; connect to a high speed hub [ 713.401217][ T6629] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 713.422665][ T6629] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 713.451351][ T6629] usb 4-1: string descriptor 0 read error: -22 [ 713.452828][T24619] loop1: detected capacity change from 0 to 256 [ 713.463238][ T6629] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 713.475375][ T6629] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 713.515569][ T6629] usb 4-1: 0:2 : does not exist [ 713.544591][T24619] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011bf5, chksum : 0xc5c2f2dd, utbl_chksum : 0xe619d30d) [ 713.563094][T24619] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 713.881084][T24637] loop2: detected capacity change from 0 to 4096 [ 713.955939][T24645] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 713.984112][ T6629] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5) [ 714.012105][T24637] /dev/loop2: Can't open blockdev [ 714.027465][ T6629] usb 4-1: 5:0: cannot get min/max values for control 3 (id 5) [ 714.060324][ T6629] usb 4-1: 5:0: failed to get current value for ch 1 (-22) [ 714.128142][ T6629] usb 4-1: 5:0: cannot get min/max values for control 3 (id 5) [ 714.155025][ T6629] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5) [ 714.178866][ T6629] usb 4-1: USB disconnect, device number 6 [ 714.397257][T24666] loop2: detected capacity change from 0 to 4096 [ 714.422401][T24666] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 714.487046][T24666] ntfs3: loop2: failed to convert "c46c" to macroman [ 714.814364][T24678] loop2: detected capacity change from 0 to 128 [ 714.870432][T24678] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 714.943134][T24678] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 715.073790][T24644] loop1: detected capacity change from 0 to 32768 [ 715.110488][T24644] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 715.150404][T24644] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 715.185271][T24644] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 715.204031][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 715.214699][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 715.234491][ T5831] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 715.257304][ T5831] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 715.352542][T24698] loop2: detected capacity change from 0 to 256 [ 715.380859][ T5831] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 115ms [ 715.393728][ T5831] gfs2: fsid=syz:syz.0: jid=0: Done [ 715.399682][T24644] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 715.404901][T24698] exfat: Deprecated parameter 'utf8' [ 715.471848][T24698] exfat: Deprecated parameter 'namecase' [ 715.488661][T24644] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block) [ 715.493221][T24698] exfat: Deprecated parameter 'namecase' [ 715.532028][T24644] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error [ 715.532028][T24644] inode = 12 2341 [ 715.532028][T24644] function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 602 [ 715.590892][T24644] gfs2: fsid=syz:syz.0: G: s:SH n:2/925 f:qob t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1 [ 715.601146][T24644] gfs2: fsid=syz:syz.0: H: s:SH f:H e:0 p:24644 [syz.1.6679] __gfs2_lookup+0xad/0x2a0 [ 715.613675][T24644] gfs2: fsid=syz:syz.0: I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0 [ 715.622577][T24644] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 715.626426][T24698] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001fe89, chksum : 0xbf24f927, utbl_chksum : 0xe619d30d) [ 715.651489][T24644] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 715.698009][T24644] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 715.737832][T24644] gfs2: fsid=syz:syz.0: File system withdrawn [ 715.771155][T24644] CPU: 0 PID: 24644 Comm: syz.1.6679 Not tainted syzkaller #0 [ 715.778684][T24644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 715.788761][T24644] Call Trace: [ 715.792060][T24644] [ 715.795003][T24644] dump_stack_lvl+0x18c/0x250 [ 715.799715][T24644] ? kobject_uevent_env+0x359/0x8b0 [ 715.804938][T24644] ? show_regs_print_info+0x20/0x20 [ 715.810152][T24644] ? load_image+0x400/0x400 [ 715.814677][T24644] ? kobject_uevent_env+0x363/0x8b0 [ 715.819905][T24644] gfs2_withdraw+0xb24/0x13d0 [ 715.824607][T24644] ? gfs2_lm+0x240/0x240 [ 715.828854][T24644] ? load_image+0x400/0x400 [ 715.833377][T24644] ? gfs2_consist_inode_i+0xf5/0x110 [ 715.838666][T24644] gfs2_dirent_scan+0x525/0x650 [ 715.843529][T24644] ? gfs2_dirent_search+0x7f0/0x7f0 [ 715.848727][T24644] gfs2_dirent_search+0x2ed/0x7f0 [ 715.853748][T24644] ? gfs2_dirent_search+0x7f0/0x7f0 [ 715.858939][T24644] ? gfs2_permission+0x384/0x460 [ 715.863876][T24644] ? __might_sleep+0xe0/0xe0 [ 715.868462][T24644] ? gfs2_dir_search+0x220/0x220 [ 715.873414][T24644] ? gfs2_lookupi+0x640/0x640 [ 715.878095][T24644] ? do_raw_spin_lock+0x11f/0x2c0 [ 715.883125][T24644] gfs2_dir_search+0x4d/0x220 [ 715.887804][T24644] gfs2_lookupi+0x45c/0x640 [ 715.892309][T24644] ? gfs2_lookup_meta+0x180/0x180 [ 715.897334][T24644] ? d_alloc_parallel+0x13f6/0x1530 [ 715.902547][T24644] ? __gfs2_lookup+0xad/0x2a0 [ 715.907235][T24644] ? d_alloc_parallel+0x33e/0x1530 [ 715.912356][T24644] __gfs2_lookup+0xad/0x2a0 [ 715.916860][T24644] ? lockdep_softirqs_off+0x430/0x430 [ 715.922226][T24644] ? gfs2_atomic_open+0x220/0x220 [ 715.927270][T24644] ? __init_waitqueue_head+0xa9/0x150 [ 715.932642][T24644] __lookup_slow+0x2a1/0x400 [ 715.937234][T24644] ? lookup_one_len+0x2e0/0x2e0 [ 715.942088][T24644] ? crc32_le_base+0x759/0xcf0 [ 715.946853][T24644] ? down_read+0x1ac/0x2e0 [ 715.951263][T24644] lookup_slow+0x53/0x70 [ 715.955513][T24644] link_path_walk+0x990/0xe30 [ 715.960203][T24644] ? handle_lookup_down+0x130/0x130 [ 715.965402][T24644] path_openat+0x293/0x3230 [ 715.969913][T24644] ? do_sys_openat2+0xda/0x1d0 [ 715.974675][T24644] ? verify_lock_unused+0x140/0x140 [ 715.979869][T24644] ? do_filp_open+0x430/0x430 [ 715.984543][T24644] ? __virt_addr_valid+0x18c/0x540 [ 715.989659][T24644] do_filp_open+0x1f5/0x430 [ 715.994160][T24644] ? vfs_tmpfile+0x490/0x490 [ 715.998759][T24644] ? _raw_spin_unlock+0x28/0x40 [ 716.003610][T24644] ? alloc_fd+0x58f/0x630 [ 716.007944][T24644] do_sys_openat2+0x134/0x1d0 [ 716.012619][T24644] ? do_sys_open+0xe0/0xe0 [ 716.017029][T24644] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 716.023005][T24644] ? lock_chain_count+0x20/0x20 [ 716.027853][T24644] __x64_sys_openat+0x139/0x160 [ 716.032706][T24644] do_syscall_64+0x55/0xa0 [ 716.037120][T24644] ? clear_bhb_loop+0x40/0x90 [ 716.041791][T24644] ? clear_bhb_loop+0x40/0x90 [ 716.046464][T24644] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 716.052357][T24644] RIP: 0033:0x7f330219c799 [ 716.056780][T24644] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 716.076381][T24644] RSP: 002b:00007f3303078028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 716.084796][T24644] RAX: ffffffffffffffda RBX: 00007f3302415fa0 RCX: 00007f330219c799 [ 716.092764][T24644] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 716.100732][T24644] RBP: 00007f3302232c99 R08: 0000000000000000 R09: 0000000000000000 [ 716.108697][T24644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 716.116661][T24644] R13: 00007f3302416038 R14: 00007f3302415fa0 R15: 00007ffe4bf5ee28 [ 716.124642][T24644] [ 716.240789][T24717] loop3: detected capacity change from 0 to 2048 [ 716.297083][T24717] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 716.587754][T24737] netlink: 'syz.2.6696': attribute type 27 has an invalid length. [ 716.971681][T24764] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6704'. [ 717.067233][T24776] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6707'. [ 717.154682][ T6629] usb 1-1: new full-speed USB device number 8 using dummy_hcd [ 717.375323][ T6629] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 717.396114][ T6629] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 717.429517][ T6629] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 717.449740][T24792] loop3: detected capacity change from 0 to 1024 [ 717.465039][ T6629] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 717.483150][ T6629] usb 1-1: config 1 has no interface number 0 [ 717.490942][T24792] EXT4-fs: inline encryption not supported [ 717.511095][ T6629] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 717.532648][ T6629] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 717.546565][T24792] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 717.579771][ T6629] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [ 717.591594][T24792] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 2: comm syz.3.6712: lblock 2 mapped to illegal pblock 2 (length 1) [ 717.618905][T24792] EXT4-fs (loop3): Remounting filesystem read-only [ 717.630380][T24809] loop2: detected capacity change from 0 to 256 [ 717.636918][T24792] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 717.645540][T24792] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 717.655345][T24792] EXT4-fs (loop3): 1 orphan inode deleted [ 717.663445][T24792] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 717.731368][T24809] FAT-fs (loop2): Directory bread(block 64) failed [ 717.743055][T24809] FAT-fs (loop2): Directory bread(block 65) failed [ 717.781949][T24809] FAT-fs (loop2): Directory bread(block 66) failed [ 717.799858][ T6629] snd_usb_pod 1-1:1.1: endpoint not available, using fallback values [ 717.812978][ T6629] snd_usb_pod 1-1:1.1: invalid control EP [ 717.820879][ T6629] snd_usb_pod 1-1:1.1: cannot start listening: -22 [ 717.827652][ T6629] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected [ 717.828350][T24809] FAT-fs (loop2): Directory bread(block 67) failed [ 717.835810][ T6629] snd_usb_pod: probe of 1-1:1.1 failed with error -22 [ 717.861115][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 717.871278][T24809] FAT-fs (loop2): Directory bread(block 68) failed [ 717.877860][T24809] FAT-fs (loop2): Directory bread(block 69) failed [ 717.888187][T24809] FAT-fs (loop2): Directory bread(block 70) failed [ 717.935852][T24809] FAT-fs (loop2): Directory bread(block 71) failed [ 717.946326][T24809] FAT-fs (loop2): Directory bread(block 72) failed [ 717.951557][T24820] loop1: detected capacity change from 0 to 512 [ 717.970049][T24809] FAT-fs (loop2): Directory bread(block 73) failed [ 717.971776][T24820] EXT4-fs: Ignoring removed nobh option [ 718.026986][T24820] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13 [ 718.098167][T24820] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.6719: attempt to clear invalid blocks 1 len 1 [ 718.123520][ T5831] usb 1-1: USB disconnect, device number 8 [ 718.135958][T24820] EXT4-fs (loop1): Remounting filesystem read-only [ 718.158322][T24820] EXT4-fs (loop1): 1 truncate cleaned up [ 718.180073][T24820] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 718.306146][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 718.566707][T24827] loop3: detected capacity change from 0 to 32768 [ 718.587473][T24827] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.6720 (24827) [ 718.618707][T24852] netlink: 'syz.2.6724': attribute type 1 has an invalid length. [ 718.641264][T24827] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 718.653996][T24852] netlink: 232 bytes leftover after parsing attributes in process `syz.2.6724'. [ 718.664011][T24827] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 718.684110][T24827] BTRFS info (device loop3): setting nodatasum [ 718.701307][T24827] BTRFS info (device loop3): force zlib compression, level 3 [ 718.731292][T24827] BTRFS info (device loop3): metadata ratio 1 [ 718.765622][T24827] BTRFS info (device loop3): enabling ssd optimizations [ 718.803554][T24827] BTRFS info (device loop3): allowing degraded mounts [ 718.810397][T24827] BTRFS info (device loop3): using free space tree [ 719.361089][T24898] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6734'. [ 719.390902][ T5767] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 719.766597][T24915] loop1: detected capacity change from 0 to 1764 [ 719.886636][T24924] loop3: detected capacity change from 0 to 128 [ 719.937969][T24924] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 719.972436][T24924] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 720.317792][T24942] netlink: 'syz.2.6744': attribute type 2 has an invalid length. [ 720.347542][T24942] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6744'. [ 721.468234][T25000] netlink: 'syz.2.6765': attribute type 1 has an invalid length. [ 722.157404][ T27] audit: type=1326 audit(692.357:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25035 comm="syz.1.6778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330219c799 code=0x7ffc0000 [ 722.210761][ T27] audit: type=1326 audit(692.357:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25035 comm="syz.1.6778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330219c799 code=0x7ffc0000 [ 722.282394][ T27] audit: type=1326 audit(692.366:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25035 comm="syz.1.6778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7f330219c799 code=0x7ffc0000 [ 722.327390][ T27] audit: type=1326 audit(692.366:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25035 comm="syz.1.6778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330219c799 code=0x7ffc0000 [ 722.349131][ C1] vkms_vblank_simulate: vblank timer overrun [ 722.382875][ T27] audit: type=1326 audit(692.366:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25035 comm="syz.1.6778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330219c799 code=0x7ffc0000 [ 722.430180][T25050] loop3: detected capacity change from 0 to 4096 [ 722.483092][T25050] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 722.498290][T25054] netlink: 'syz.0.6783': attribute type 1 has an invalid length. [ 722.586179][ T6629] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 722.799300][ T6629] usb 2-1: Using ep0 maxpacket: 8 [ 722.815952][ T6629] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 722.842999][ T6629] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 722.897193][ T6629] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 722.905781][ T6629] usb 2-1: Product: syz [ 722.931254][ T6629] usb 2-1: Manufacturer: syz [ 722.940936][ T6629] usb 2-1: SerialNumber: syz [ 723.020681][T25044] loop2: detected capacity change from 0 to 32768 [ 723.118563][T25076] netlink: 45 bytes leftover after parsing attributes in process `syz.0.6790'. [ 723.210968][ T6629] usb 2-1: Handspring Visor / Palm OS: No valid connect info available [ 723.233897][ T6629] usb 2-1: Handspring Visor / Palm OS: port 110, is for unknown use [ 723.258992][ T6629] usb 2-1: Handspring Visor / Palm OS: port 40, is for unknown use [ 723.273805][T25079] loop3: detected capacity change from 0 to 4096 [ 723.280670][ T6629] usb 2-1: Handspring Visor / Palm OS: Number of ports: 2 [ 723.317451][T25079] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 723.423248][ T6629] usb 2-1: palm_os_3_probe - error -71 getting bytes available request [ 723.484139][ T6629] visor 2-1:1.0: Handspring Visor / Palm OS converter detected [ 723.534057][ T6629] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 723.581512][ T6629] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 723.634375][ T6629] usb 2-1: USB disconnect, device number 14 [ 723.686846][ T6629] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 723.719085][ T6629] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 723.737014][ T6629] visor 2-1:1.0: device disconnected [ 724.028494][T25084] loop2: detected capacity change from 0 to 32768 [ 724.477917][T25137] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6803'. [ 724.546051][T25117] loop3: detected capacity change from 0 to 32768 [ 724.917477][T25152] loop1: detected capacity change from 0 to 4096 [ 724.943128][T25152] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 724.960346][ T5770] Bluetooth: hci0: unexpected Set CIG Parameters response data [ 724.968015][ T5770] Bluetooth: hci0: unexpected event for opcode 0x2062 [ 725.037455][T25152] ntfs3: loop1: Failed to initialize $Extend/$Reparse. [ 725.272143][T25176] loop3: detected capacity change from 0 to 128 [ 725.292183][T25176] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 725.551342][T25188] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6818'. [ 726.146614][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 726.310016][T25238] loop2: detected capacity change from 0 to 64 [ 726.341723][T25238] hfs: unable to locate alternate MDB [ 726.347161][T25238] hfs: continuing without an alternate MDB [ 726.404689][ T27] audit: type=1800 audit(696.342:128): pid=25238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.6837" name="bus" dev="loop2" ino=21 res=0 errno=0 [ 726.485642][ T4536] hfs: new node 0 already hashed? [ 726.523255][ T4536] ------------[ cut here ]------------ [ 726.528791][ T4536] WARNING: CPU: 0 PID: 4536 at fs/hfs/bnode.c:520 hfs_bnode_create+0x3b9/0x440 [ 726.537890][ T4536] Modules linked in: [ 726.542416][ T4536] CPU: 0 PID: 4536 Comm: kworker/u4:13 Not tainted syzkaller #0 [ 726.550074][ T4536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 726.560315][ T4536] Workqueue: writeback wb_workfn (flush-7:2) [ 726.566520][ T4536] RIP: 0010:hfs_bnode_create+0x3b9/0x440 [ 726.572197][ T4536] Code: d4 e0 8a 89 ee e8 47 8c 1f 08 e9 73 fd ff ff e8 1d 1c 2d ff 4c 89 ef e8 45 bc 34 08 48 c7 c7 c0 d4 e0 8a 89 ee e8 27 8c 1f 08 <0f> 0b eb b7 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 7f fc ff ff 4c [ 726.592133][ T4536] RSP: 0018:ffffc9000f9d6e18 EFLAGS: 00010246 [ 726.598382][ T4536] RAX: 000000000000001f RBX: ffff88805a4e4000 RCX: 22013db595ac6a00 [ 726.606461][ T4536] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 726.614464][ T4536] RBP: 0000000000000000 R08: ffffc9000f9d6b27 R09: 1ffff92001f3ad64 [ 726.622929][ T4536] R10: dffffc0000000000 R11: fffff52001f3ad65 R12: 0000000000000000 [ 726.631116][ T4536] R13: ffff88805a4e40e0 R14: ffff88802ea1cb00 R15: dffffc0000000000 [ 726.639192][ T4536] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 726.648303][ T4536] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 726.655008][ T4536] CR2: 00007f3302f456b8 CR3: 000000001f783000 CR4: 00000000003506f0 [ 726.663323][ T4536] Call Trace: [ 726.666722][ T4536] [ 726.669829][ T4536] hfs_bmap_alloc+0x541/0x5d0 [ 726.674535][ T4536] ? hfs_bmap_reserve+0x430/0x430 [ 726.679619][ T4536] hfs_btree_inc_height+0x101/0xac0 [ 726.685381][ T4536] ? hfs_brec_insert+0x6fa/0xbd0 [ 726.687539][T25256] loop1: detected capacity change from 0 to 16 [ 726.690846][ T4536] ? hfs_brec_insert+0xbd0/0xbd0 [ 726.701891][ T4536] ? do_raw_spin_unlock+0x121/0x230 [ 726.707148][ T4536] hfs_brec_insert+0x748/0xbd0 [ 726.712227][ T4536] ? hfs_brec_keylen+0x360/0x360 [ 726.717226][ T4536] __hfs_ext_write_extent+0x2a1/0x470 [ 726.719376][T25256] erofs: (device loop1): mounted with root inode @ nid 36. [ 726.722742][ T4536] hfs_ext_write_extent+0x17f/0x210 [ 726.735583][ T4536] ? verify_lock_unused+0x140/0x140 [ 726.740824][ T4536] ? hfs_ext_find_block+0x190/0x190 [ 726.746251][ T4536] ? blk_start_plug+0x51/0x1a0 [ 726.751055][ T4536] hfs_write_inode+0xdc/0x880 [ 726.755867][ T4536] ? hfs_inode_write_fork+0x1a0/0x1a0 [ 726.761301][ T4536] ? __writeback_single_inode+0x48d/0xec0 [ 726.767129][ T4536] ? __lock_acquire+0x7d40/0x7d40 [ 726.772184][ T4536] ? do_raw_spin_lock+0x11f/0x2c0 [ 726.777312][ T4536] ? __rwlock_init+0x150/0x150 [ 726.782117][ T4536] __writeback_single_inode+0x705/0xec0 [ 726.782966][ T5770] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -42 in[46, 0] out[9000] [ 726.787737][ T4536] writeback_sb_inodes+0x7cd/0xf50 [ 726.787793][ T4536] ? queue_io+0x550/0x550 [ 726.787833][ T4536] ? rcu_is_watching+0x15/0xb0 [ 726.787863][ T4536] wb_writeback+0x46a/0xbf0 [ 726.787888][ T4536] ? queue_io+0x3b1/0x550 [ 726.787915][ T4536] ? percpu_ref_tryget+0x250/0x250 [ 726.827197][ T4536] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 726.833557][ T4536] ? _raw_spin_unlock_irq+0x23/0x50 [ 726.838779][ T4536] wb_workfn+0x400/0xe60 [ 726.843576][ T4536] ? inode_wait_for_writeback+0x230/0x230 [ 726.849320][ T4536] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 726.855419][ T4536] ? read_lock_is_recursive+0x20/0x20 [ 726.860899][ T4536] ? _raw_spin_unlock_irq+0x23/0x50 [ 726.866178][ T4536] ? process_scheduled_works+0x96f/0x15d0 [ 726.871940][ T4536] ? process_scheduled_works+0x96f/0x15d0 [ 726.877761][ T4536] process_scheduled_works+0xa5d/0x15d0 [ 726.883413][ T4536] ? worker_attach_to_pool+0x380/0x380 [ 726.888897][ T4536] ? assign_work+0x3d2/0x5d0 [ 726.893503][ T4536] worker_thread+0xa55/0xfc0 [ 726.898227][ T4536] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 726.904159][ T4536] ? _raw_spin_unlock+0x40/0x40 [ 726.909071][ T4536] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 726.914999][ T4536] kthread+0x2fa/0x390 [ 726.919142][ T4536] ? pr_cont_work+0x560/0x560 [ 726.923837][ T4536] ? kthread_blkcg+0xd0/0xd0 [ 726.928498][ T4536] ret_from_fork+0x48/0x80 [ 726.932940][ T4536] ? kthread_blkcg+0xd0/0xd0 [ 726.937623][ T4536] ret_from_fork_asm+0x11/0x20 [ 726.942414][ T4536] [ 726.945426][ T4536] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 726.952696][ T4536] CPU: 0 PID: 4536 Comm: kworker/u4:13 Not tainted syzkaller #0 [ 726.960408][ T4536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 726.970467][ T4536] Workqueue: writeback wb_workfn (flush-7:2) [ 726.976459][ T4536] Call Trace: [ 726.979817][ T4536] [ 726.982775][ T4536] dump_stack_lvl+0x18c/0x250 [ 726.987461][ T4536] ? show_regs_print_info+0x20/0x20 [ 726.992658][ T4536] ? load_image+0x400/0x400 [ 726.997160][ T4536] panic+0x2dc/0x730 [ 727.001060][ T4536] ? bpf_jit_dump+0xd0/0xd0 [ 727.005592][ T4536] ? ret_from_fork_asm+0x11/0x20 [ 727.010555][ T4536] __warn+0x2e0/0x470 [ 727.014550][ T4536] ? hfs_bnode_create+0x3b9/0x440 [ 727.019590][ T4536] ? hfs_bnode_create+0x3b9/0x440 [ 727.024640][ T4536] report_bug+0x2be/0x4f0 [ 727.026011][T25256] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -42 in[46, 4050] out[9000] [ 727.027076][ T27] audit: type=1800 audit(696.903:129): pid=25256 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6842" name="file2" dev="loop1" ino=89 res=0 errno=0 [ 727.058817][ T4536] ? hfs_bnode_create+0x3b9/0x440 [ 727.063859][ T4536] ? hfs_bnode_create+0x3b9/0x440 [ 727.068879][ T4536] ? hfs_bnode_create+0x3bb/0x440 [ 727.073903][ T4536] handle_bug+0xcf/0x120 [ 727.078149][ T4536] exc_invalid_op+0x1a/0x50 [ 727.082649][ T4536] asm_exc_invalid_op+0x1a/0x20 [ 727.087491][ T4536] RIP: 0010:hfs_bnode_create+0x3b9/0x440 [ 727.093127][ T4536] Code: d4 e0 8a 89 ee e8 47 8c 1f 08 e9 73 fd ff ff e8 1d 1c 2d ff 4c 89 ef e8 45 bc 34 08 48 c7 c7 c0 d4 e0 8a 89 ee e8 27 8c 1f 08 <0f> 0b eb b7 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 7f fc ff ff 4c [ 727.112727][ T4536] RSP: 0018:ffffc9000f9d6e18 EFLAGS: 00010246 [ 727.118787][ T4536] RAX: 000000000000001f RBX: ffff88805a4e4000 RCX: 22013db595ac6a00 [ 727.126750][ T4536] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 727.134716][ T4536] RBP: 0000000000000000 R08: ffffc9000f9d6b27 R09: 1ffff92001f3ad64 [ 727.142676][ T4536] R10: dffffc0000000000 R11: fffff52001f3ad65 R12: 0000000000000000 [ 727.150636][ T4536] R13: ffff88805a4e40e0 R14: ffff88802ea1cb00 R15: dffffc0000000000 [ 727.158607][ T4536] ? hfs_bnode_create+0x3b9/0x440 [ 727.163632][ T4536] hfs_bmap_alloc+0x541/0x5d0 [ 727.168326][ T4536] ? hfs_bmap_reserve+0x430/0x430 [ 727.173357][ T4536] hfs_btree_inc_height+0x101/0xac0 [ 727.178549][ T4536] ? hfs_brec_insert+0x6fa/0xbd0 [ 727.183479][ T4536] ? hfs_brec_insert+0xbd0/0xbd0 [ 727.188410][ T4536] ? do_raw_spin_unlock+0x121/0x230 [ 727.193608][ T4536] hfs_brec_insert+0x748/0xbd0 [ 727.198373][ T4536] ? hfs_brec_keylen+0x360/0x360 [ 727.203308][ T4536] __hfs_ext_write_extent+0x2a1/0x470 [ 727.208672][ T4536] hfs_ext_write_extent+0x17f/0x210 [ 727.213857][ T4536] ? verify_lock_unused+0x140/0x140 [ 727.219047][ T4536] ? hfs_ext_find_block+0x190/0x190 [ 727.224248][ T4536] ? blk_start_plug+0x51/0x1a0 [ 727.229004][ T4536] hfs_write_inode+0xdc/0x880 [ 727.233674][ T4536] ? hfs_inode_write_fork+0x1a0/0x1a0 [ 727.239039][ T4536] ? __writeback_single_inode+0x48d/0xec0 [ 727.244763][ T4536] ? __lock_acquire+0x7d40/0x7d40 [ 727.249777][ T4536] ? do_raw_spin_lock+0x11f/0x2c0 [ 727.254881][ T4536] ? __rwlock_init+0x150/0x150 [ 727.259643][ T4536] __writeback_single_inode+0x705/0xec0 [ 727.265186][ T4536] writeback_sb_inodes+0x7cd/0xf50 [ 727.270316][ T4536] ? queue_io+0x550/0x550 [ 727.274654][ T4536] ? rcu_is_watching+0x15/0xb0 [ 727.279419][ T4536] wb_writeback+0x46a/0xbf0 [ 727.283922][ T4536] ? queue_io+0x3b1/0x550 [ 727.288276][ T4536] ? percpu_ref_tryget+0x250/0x250 [ 727.293406][ T4536] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 727.299395][ T4536] ? _raw_spin_unlock_irq+0x23/0x50 [ 727.304594][ T4536] wb_workfn+0x400/0xe60 [ 727.308859][ T4536] ? inode_wait_for_writeback+0x230/0x230 [ 727.314585][ T4536] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 727.320646][ T4536] ? read_lock_is_recursive+0x20/0x20 [ 727.326014][ T4536] ? _raw_spin_unlock_irq+0x23/0x50 [ 727.331203][ T4536] ? process_scheduled_works+0x96f/0x15d0 [ 727.336917][ T4536] ? process_scheduled_works+0x96f/0x15d0 [ 727.342638][ T4536] process_scheduled_works+0xa5d/0x15d0 [ 727.348200][ T4536] ? worker_attach_to_pool+0x380/0x380 [ 727.353653][ T4536] ? assign_work+0x3d2/0x5d0 [ 727.358237][ T4536] worker_thread+0xa55/0xfc0 [ 727.362820][ T4536] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 727.368705][ T4536] ? _raw_spin_unlock+0x40/0x40 [ 727.373542][ T4536] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 727.379476][ T4536] kthread+0x2fa/0x390 [ 727.383538][ T4536] ? pr_cont_work+0x560/0x560 [ 727.388236][ T4536] ? kthread_blkcg+0xd0/0xd0 [ 727.392822][ T4536] ret_from_fork+0x48/0x80 [ 727.397231][ T4536] ? kthread_blkcg+0xd0/0xd0 [ 727.401815][ T4536] ret_from_fork_asm+0x11/0x20 [ 727.406582][ T4536] [ 727.409727][ T4536] Kernel Offset: disabled [ 727.414127][ T4536] Rebooting in 86400 seconds..