last executing test programs: 1.973628422s ago: executing program 1 (id=17457): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1}, 0x50) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x1500}, 0x38) 1.870389594s ago: executing program 1 (id=17460): r0 = socket$netlink(0x10, 0x3, 0xf) sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x14, 0x6, 0x1, 0x301, 0x0, 0x0, {0xa, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 1.799488236s ago: executing program 1 (id=17465): mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) madvise(&(0x7f000052e000/0x4000)=nil, 0x4000, 0x14) 1.459920707s ago: executing program 2 (id=17475): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000540)={'ip_vti0\x00', &(0x7f0000000440)={'erspan0\x00', 0x0, 0x8, 0x0, 0x5, 0xffffffff, {{0x5, 0x4, 0x2, 0x2, 0x14, 0x67, 0x0, 0x3, 0x4, 0x0, @empty, @dev={0xac, 0x14, 0x14, 0x14}}}}}) 1.3445702s ago: executing program 2 (id=17479): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_ADD(r0, &(0x7f0000001a80)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f00000002c0)={0x268, 0x0, 0x5, 0x401, 0x0, 0x0, {0x2, 0x0, 0x6}, [{{0x254, 0x1, {{0x3, 0xb0200000}, 0xd, 0xb, 0x28, 0x1, 0x5, 'syz0\x00', "96d4fd6246bdc42b7f9e10dab6626b776b7002b182016800", "69d30d8077e63b207fb7d8c959cf6e019f203869fa621d1434d98a0100534173", [{0x2, 0x1, {0x2, 0x565}}, {0xfffa, 0x2, {0x3, 0x6}}, {0xc, 0xffbd, {0x0, 0x76f0}}, {0x6, 0xa, {0x3, 0x4}}, {0x0, 0x6, {0x0, 0x4}}, {0x8004, 0x8, {0x3, 0x1}}, {0x21, 0x0, {0x2, 0xddb1}}, {0x66af, 0xe, {0x1, 0x4}}, {0x2, 0x9, {0x0, 0x20}}, {0x2, 0x4, {0x0, 0x200}}, {0x400, 0x0, {0x0, 0x76}}, {0x401, 0x5, {0x2, 0xf8d7}}, {0x3bc, 0x8, {0x2, 0x7}}, {0x23b, 0x6, {0x0, 0x4}}, {0x10, 0x8, {0x2, 0x8}}, {0x7, 0x8001, {0x1, 0xa}}, {0x7, 0x1, {0x1, 0x9}}, {0x4, 0x7fff, {0x2, 0x2}}, {0x80, 0x7, {0x3, 0x7}}, {0x1, 0x400, {0x2, 0x4}}, {0xff7f, 0xd3, {0x1, 0xc3e2}}, {0x3, 0xcc, {0x1, 0x4}}, {0xc4, 0x806, {0x1, 0xff}}, {0x3, 0xcddd, {0x0, 0xffffb383}}, {0xf, 0xfff7, {0x2, 0x7fffffff}}, {0x2, 0xfffb, {0x1}}, {0xc9, 0x6, {0x0, 0x9}}, {0x8, 0x80, {0x2, 0x1ff}}, {0x3, 0x6e9, {0x2, 0x4003}}, {0x6, 0x1, {0x2}}, {0x824b, 0x5, {0x0, 0x9}}, {0x6, 0x5, {0x3, 0xa}}, {0x9, 0x8, {0x2}}, {0x8, 0xb7c5, {0x3, 0x8a52}}, {0x10, 0xdfe4, {0x2, 0x8}}, {0x1ff, 0x1, {0x2, 0xfffffffe}}, {0xf118, 0x5, {0x1, 0x2}}, {0x6, 0xc62a, {0x1, 0x9}}, {0xffff, 0x800, {0x2, 0x1}}, {0x2, 0x2, {0x1, 0x401}}]}}}]}, 0x268}, 0x1, 0x0, 0x0, 0x24004081}, 0x4004040) 1.228078034s ago: executing program 2 (id=17483): r0 = creat(&(0x7f0000001c40)='./file0\x00', 0x10) mount_setattr(0xffffffffffffffff, 0x0, 0x1000, &(0x7f0000000000)={0x100000, 0x70, 0x0, {r0}}, 0x20) 1.110208987s ago: executing program 2 (id=17485): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000002d40), 0x101, 0x0) pwritev(r0, &(0x7f0000007200)=[{&(0x7f0000004000)='Z', 0x1}], 0x1, 0xfffffffe, 0x7fffffff) 1.03918845s ago: executing program 1 (id=17488): syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@dmask={'dmask', 0x3d, 0x887}}, {@discard}, {@utf8}, {@umask={'umask', 0x3d, 0x4}}]}, 0x1, 0x1509, &(0x7f0000002a40)="$eJzs3AvUT9XWMPA511qbh6R/kvuaa27+yWWRJLkkySVJkpAQEpIkSZLkllsSkpB7kntI7iT3+y33JHklSRISEtY3VO/nnFO9nff9zjnO+z3zN8YaY017z/Wf2xx7//fez3ieb9oNqFinUrmazAx/DP9wi/6bXboAQAoA9AaAawAgAoBimYplurQ9ncYu/8WHiH+5WpOvdAXiSpL+p27S/9RN+p+6Sf9TN+l/6ib9T92k/6mb9F+IVG1q9mtl/LNG6AxwpWv4r8ff9/7/j8n7///N5Ps/dZP+p27S/9RN+p+6Sf9TN+l/6ib9//9GzTT/gyTpf+om/RciVfs3eAf9zxv4b1DDf3+k/Vf+zEAIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhPgXOBsuMwDw8wQhXOm6hBBCCCGEEEII8Y8T0l7pCoQQQgghhBBCCPHPh6BAg4EI0kBaSIF0kB6uggxwNWSEayAB10ImuA4yw/WQBbJCNsgOOSAn5AILBA4YYsgNeSAJN0BeuBHyQX4oAAXBQyEoDDdBEbgZisItUAxuheJwG5SAklAKSsPtUAbugLJwJ5SDu6A8VICKUAnuhspwD1SBe6Eq3AfV4H6oDg9ADXgQakItqA0PQR14GOpCPagPj0ADaAiN/kf5L0JHeAk6QWfoAl2hG7wM3aEH9IRe0BtegT7wKvSF16Af9IcB8DoMhDdgELwJg2EIDIW3YBgMhxEwEkbBaBgDb8NYeAfGwbswHibARJgEk2EKTIX3YBpMhxnwPsyED2AWzIY5MBfmwXxYAAthEXwIi+EjWAJLYRkshxWwElbBalgDa2EdrIcNsBE2wWbYAh/DVtgG22EH7IRdsBs+gT3wKeyFz2AffP7fzD/zN/ntERBQoUKDBtNgGkzBFEyP6TEDZsCMmBETmMBMmAkzY2bMglkwG2bDHJgDc2EuJCRkZMyNuTGJScyLeTEf5sMCWAA9eiyMhbEI3oxFsSgWw2JYHItjCSyJJbE0lsYyWAbLYlksh+WwPJbHilgR78a78R6sglWwKlbFalgNq2N1rIE1sCbWxNpYG+tgHayLdbE+1scG2AAbYSNsjI2xCTbBZtgMm2NzbIEtsCW2xFbYCltja2yDbbAttsV22A7b4wv4Ar6IL+JL+BJ2xvKqK3bDbtgdu2NP7IW98BXsg6/iq/ga9sP+OABfx9fxDRyEp3EwDsGhOBTLqOE4Akciq9E4BsfgWByL43AcjscJOAEn4WScglNxKk7D6Tgd38eZ+AF+gLNxNs7FeTgPF+BCXISLcDGewSW4FJfhclyBK3EFrsY1uBrX4XpchxtxI27GzfgxfozbcBvuwB24C3fhJ/gJfoqfYj/ch/twP+7HA3gAD+JBPISH8DAexiN4BI/iUTyGx/A4nsCTeAJP4Sk8jWfwLJ7Fc3gOz+N5vIgXL5386hKjjEqj0qgUlaLSq/Qqg8qgMqqMKqESKpPKpDKrzCqLyqKyqWwqh8qhcqlcihQpVrHKrXKrpEqqvCqvyqfyqQKqgPLKq8KqsCqiiqiiqqgqpm5VxdVtqoQqqZr60qq0KqOa+bLqTlVOlVPlVQVVUVVSlVRlVVlVUVVUVVVVVVPVVHX1gKqhumJPrKUudaaO6o911QCsrx5RDVRD9QY+qhqrQdhENVXN1ONqCA7GFqqxb6meUq3UCGytnlEj8VnVVo3Gdup51V69oDqoF1VH1cR3Up3VeOyquqlJ2F31UD1VLzUNK6hLHauoXlP9VH81QL2u5uIbapB6Uw1WQ9RQ9ZYapoarEWqkGqVGqzHqbTVWvaPGqXfVeDVBTVST1GQ1RU1V76lparqaod5XM9UHapaareaouWqemq8WqIVqkfpQLVYfqSVqqVqmlqsVaqVapVarNWqtWqfWqw1qo9qkNqst6mO1VW1T29UOtVPtUrvVJ2qP+lTtVZ8lfr2AqwPqC3VQfakOqa/UYfW1OqK+UUfVt+qY+k4dVyfUSfW9OqV+UKfVGXVW/ajOqZ/UeXVBXVRBgUattNZbINJpdFqdotPp9PoqnUFfrTPqa3RCX6sz6et0Zn29zqKz6mw6u86hc+pc2mrSTrOOdW6dRyf1DTqvvlHn0/l1AV1Qe11IF9Y36SL6Zl1U36KL6Vt1cX2bLqFL6lK6tL5dl9F36LL6Tl1O36XL6wq6oq6k79aV9T26ir5XV9X36Wr6fl1dP6Br6Ad1TV1L19YP6Tr6YV1X19P19SO6gW6oG+lHdWP9mG6im+pm+nHdXD+hW+gndUv9lG6ln9at9TO6jX5Wt9XP6Xb6ed1ev6A76Av6og66k+6su+iuupt+WXfXPXRP3Uv31q/oPvpV3Ve/pvvp/nqAfl0P1G/oQfpNPVgP0UP1W3qYHq5H6JF6lB6tx+i39Vj9jh6n39Xj9QQ9UU/Sk/UU3fPXlWb8Hfnv/E5+358/fbPeoj/WW/U2vV3v0Dv1Lr1b79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cn9A/BgDQP+jT+ow+o3/U5/Q5ff7X/wMwaJTRxpjIpDFpTYpJZ9KbJABcbTKaa0zCXGsymetMZnO9yWKymmwmu8lhcppcxhoyzrCJTW6TxyTNDSavudHkM/lNAVPQeFPIFDY3/T/n/359V5kM5pf6GplGprFpbJqYJqaZaWaam+amhWlhWpqWppVpZVqb1qaNaWPamramnWln2pv2poPpYDqajqaT6WS6mC6mm3nZdDc9TE/Ty/Q2r5g+po/pa/qafqafGWAGmIFmoBlkBpnBZrAZaoaaYWaYGWFGmFFmlBljxpixZqwZZ8aZ8Wa8mWgmmslmsplqppppZpqZYWaYmWammWVmmTlmjpln5pkFZoFZZBaZxWaxWWKWmqVmuVluVpqVZrVZbdaatWa9WW82mo1midlitpitZqvZbrabnWan2W12mz1mj9lr9pp9Zp/Zb/abA+aAOWgOmkPmkDlsDpsj5og5ao6aY+aYOW6Om5PmpDllTpnT5rQ5a86ac+acOW/Om4vm4qXbvkhFKjKRidJEaaKUKCVKH6WPMkQZooxRxigRJaJMUaYoc3R9lCXKGmWLskc5opxRrshGAC7iKI5yR3miZHRDlDe6McoX5Y8KRAUjHxWKCkc3RUWim6Oi0S1RsejWqHh0W1QiKhmVikpHt0dlojuistGdUbnorqh8VCGqGFWK7o4qR/dEVaJ7o6rRfVG16P6oevRAVCN6MKoZ1YpqRw9FdaKHo7pRvah+9EjUIGoYNfoHrp8ShXA662O+k+1su9iutpt92Xa3PWxP28v2tq/YPvZV29e+ZvvZ/naAfT0FAOwg+6YdbIfYofYtO8wOtyPsSDvKjrZj7Nt2rH3HjrPv2vF2gp1oJ9nJdoqdat+z0+x0O8O+b2faD+wsO9vOsXPtPDvfLrAL7SL7oV1sP7JL7FK7zC63K+xKu8qutmvsWrvOrrcb7Ea7yW62W+zHdqvdZrfbHXan3WV320/sHvup3Ws/s/vs53a//Q97wH5hD9ov7SH7lT1sv7ZH7Df2qP3WHrPf2eP2hD1pv7en7A/2tD1jz9of7Tn7kz1vL9iLNly6ub/09U6GDKWhNJRCKZSe0lMGykAZKSMlKEGZKBNlpsyUhbJQNspGOSgH5aJcdAkTU27KTUlKUl7KS/koHxWgAuTJU2EqTEWoCBWlolSMilFxKk4lqASVolJ0O91Od9AddCfdSXfRXVSBKlAlqkSVqTJVoSpUlapSNapG1ak61aAaVJNqUm2qTXWoDtWlulSf6lMDakCNqBE1psbUhJpQM2pGzak5taAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSJ+pEXagLdaNu1J26U0/qSb2pN/WhPtSX+lI/6kcDaAANpIE0iAbRYBpCQ+ktGkbDaQSNpFE0msbQGBpLY2kcjaPxNJ4m0kSaTJNpKk2laTSNZtAMmkkzaRbNojk0h+bRPFpAC2gRLaLFtJiW0BJaRstoBa2gVbSK1tAaWkfraANtoE20ibbQFtpKW2k7baedtJN2027aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6SSfpFJ2i03SaztJZOkc/0Xm6QBcpUIpL59K7q1wGd7XL6K5xfxtnc9ldDpfT5XLWZXFZ/yom51w+l98VcAWdd4VcYXfTb+ISrqQr5Uq7210Zd4cr+5u4srvHVXH3uqruPlfJ3f1XcTV3v6vuHnY1XD1X0z3iaruGro572NV19Vx9l9Y1cA1dc/eEa5Hyn8+4T/8SuyddS/eUa+WedgvcQrfGrXXr3Hq3x33qzrof3RH3jTvnfnKdXGfX273i+rhXXV/3muvn+v8mHurecsPccDfCjXSj3OjfxBPdJDfZTXFT3Xtumpv+m3iem+9mukVulpvt5ri5P8eXalrkPnSL3UduiVvqlrnlboVb6Va51f+31uVuo9vkNrvd7hO31W1z290Ot9Pt+jm+dBx73Wdun/vcHXZfuwPuC3fQHXWH3Fc/x5eO76j71h1z37nj7oQ76b53p9wP7rQ78/PxXzr2790Fd9EFB4ysWLPhiNNwWk7hdJyer+IMfDVn5Gs4wddyJr6OM/P1nIWzcjbOzjk4J+diy8SOmWPOzXk4yTdwXr6R83F+LsAF2XMhLsw3cRG+mYvyLVyMb+XifBuX4JJcikvz7VyG7+CyfCeX47u4PFfgilyJ7+bKfA9X4Xu5Kt/H1fh+rs4PcA1+kGtyLa7ND3Edfpjrcj2uz49wA27IjfhRbsyPcRNuys34cW7OT3ALfpJb8lPcip/m1vwMt+FnuS0/x+34eW7PL3AHfpE78kvciTtzF+7K3fhl7s49uCf34t78CvfhV7kvv8b9uD8P4Nd5IL/Bg/hNHsxDeCi/xcN4OI/gkTyKR/MYfpvH8js8jt/l8TyBJ/IknsxTeCq/x9N4Os/g93kmf8CzeDbP4bk8j+fzAl7Ii/hDXswf8RJeyst4Oa/glbyKV/MaXsvreD1v4I28iTfzFv6Yt/I23s47eCfv4t38Ce/hT3kvf8b7+HPez//BB/gLPshf8iH+ig/z13yEv+Gj/C0f4+/4OJ/gk/w9n+If+DSf4bP8I5/jn/g8X+CLHBhijFWsYxNHcZo4bZwSp4vTx1fFGeKr4wshhER8bZwpvi7OHF8fZ4mzxtni7HGOOGecK7YxxS7mOI5zx3niZHxDnDe+Mc4X548LxAVjHxeKC8c3xUXim+Oi8S1xsfjWuHh8W1wiLhmXikvHt8dl4jvisvGdcbn4rrh8XCGuGFeK744rx/fEVeJ746rxfXHR+P64evxAXCN+MK4Z14prxw/FdeKH47pxvbh+/EjcIG4YN4ofjRvHj8VN4qZxs/jxuHn8RNwifjJuGT8Vt4qf/tPtXeKucbf45fjlOIR79Zzk3OS85PzkguTCRr9eUpJLkkuTy5LLkyuSK5OrkquTa5Jrk+uS65MbkhuTm5KbkyFUSgsevfLaGx/5ND6tT/HpfHp/lc/gr/YZ/TU+4a/1mfx1PrO/3mfxWX02n93n8Dl9Lm89eefZxz63z+OT/gaf19/o8/n8voAv6L0v5Av7hr6Rb+Qb+8d8E9/UN/OP+8f9E/4J/6R/0j/lW/mnfWv/jG/jn/Vt/XP+Of+8b+9f8B38i76jf8l38p19F9/Fd/PdfHff3ff0PX1v39v38X18X9/X9/P9/AA/wA/0A/0gP8gP9oP9UD/UD/PD/Ag/wo/yo/wYP8aP9WP9OD/Oj/fj/UQ/0U/2k/1UP9VP89P8DD/Dz/Qz/Sw/y8/xc/w8P88v8Av8Ir/IL/aL/RK/xC/zy/wKv8Kv8qv8Gr/Gr/Pr/Aa/wW/ym/wWv8Vv9Vv9dr/d7/Q7/W6/2+/xe/xev9fv8/v8fr/fH/AH/EH/pT/kv/KH/df+iP/GH/Xf+mP+O3/cn/An/ff+lP/Bn/Zn/Fn/oz/nf/Ln/QV/0Qc/JvF2Yv6vDR2fmJCYmJiUmJyYkpiaeC8xLTE9MSPxfmJm4oPErMTsxJzE3MS8xPxwTWJhYlHiw8TixEeJJYmliWWJ5YkViZWJEHJujUPukCckww0hb7gx5Av5Q4FQMPhQKBQON4Ui4eZQNNwSioVbQ/FwWygRSoZSoV6oHx4JDULD0Cg8GhqHx0KT0DQ0C4+H5uGJ0CI8GVqGp0Kr8HRoHZ4JbcKzoW14LrQLz4f24YXQIbwYOoaXQqfQOXQJXUO38HLoHnqEnqFX6B1eCX3Cq6FveC30C/3DgPB6GBjeCIPCm2FwGBKGhrfCsDA8jAgjw6gwOowJb4ex4Z0wLrwbxocJYWKYFCaHKWFqeC9MC9PDjPB+mBk+CLPC7DAnzA3zwvywICwMi8KHYXH4KCwJS8OysDysCCvDqrA6rAlrw7qwPmwIG8OmsDlsCR+HrWFb2B52hJ1hV9gdPgl7wqdhb/gs7Aufh/3hP8KB8EU4GL4Mh8JX4XD4OhwJ34Sj4dtwLHwXjocT4WT4PpwKP4TT4Uw4G34M58JP4Xy4EC6GIL+zJoQQQgjxd9B/sr3r7/yb+nVc0g0Art6W/dDfrrkhyy/zHmpPqwQAPNW5Xa3/HLVqdenS5dd9l2iI8swGgMTl/DRwOV4KzeAJaAlNocjv1tdDlUL+k/WTtwKk/4ucFLgcX17/5j9Yv978P11/NkC+PJdz0sHl+PL6Rf9g/V3N/2T9dF+MAWjyFzkZ4HJ8ef3C8Bg8DS3/ak8hhBBCCCGEEOIXPdS59n/2fHvp+TyHuZyTFi7Hf/Z8LoQQQgghhBBCiCvv2Rc6PPloy5ZN2/wyCZ1/niAAtHlWwV9ukslV/x5lyOR/5QT/jrMpZ8rvnpVXZHKlr0xCCCGEEEKIf7TLN/1XuhIhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECL1+lf8ObErfYxCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfZ/AgAA//8HQ1Z1") syz_usb_connect(0x5, 0x24, 0x0, 0x0) 994.626211ms ago: executing program 2 (id=17489): r0 = memfd_create(&(0x7f00000004c0)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf9\xff\x90\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3) fcntl$addseals(r0, 0x409, 0x20) 941.531232ms ago: executing program 3 (id=17492): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0xb, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000cc0)={0x1, @pix={0x0, 0x0, 0x32314142}}) 845.949885ms ago: executing program 2 (id=17494): r0 = syz_usb_connect(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010003ac9bcc20d118af1ebb5a0102030109022400010700800b0904"], &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000000e80)={0x44, &(0x7f00000000c0)=ANY=[@ANYBLOB="400d02"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 775.666427ms ago: executing program 3 (id=17496): r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x25, 0x0, &(0x7f0000000040)) 699.08893ms ago: executing program 0 (id=17497): r0 = socket$igmp6(0xa, 0x3, 0x3a) setsockopt$MRT6_INIT(r0, 0x3a, 0xc8, 0x0, 0x0) 644.830521ms ago: executing program 0 (id=17499): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@gettaction={0x34, 0x32, 0x6dd711a25f4cb68b, 0x0, 0x25dfdbfc, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0x4, 0x2, {0x1}}, @action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0xfffffe00}}, {0x0, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'csum\x00'}}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x48084) 636.818611ms ago: executing program 4 (id=17500): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000fc0), 0x2, 0x0) write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f0000001040)={0x16, 0x98, 0xfa00, {0x0, 0x0, 0xffffffffffffffff, 0x1c, 0x1, @in6={0xa, 0x4e20, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xc}}}, 0xa0) 593.776533ms ago: executing program 3 (id=17501): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCSBRK(r0, 0x5427) 593.156073ms ago: executing program 4 (id=17502): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@newsa={0x170, 0x10, 0x1, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in6=@mcast1, 0x0, 0x0, 0x4000, 0x7}, {@in=@rand_addr=0x64010100, 0x4d3, 0x32}, @in6=@loopback, {0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {0x0, 0x0, 0xb8}, 0x0, 0x0, 0xa, 0x1, 0x0, 0xaf}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @replay_esn_val={0x1c}, @encap={0x1c, 0x4, {0xfffffffffffffffe, 0x4e22, 0x4e20, @in=@dev={0xac, 0x14, 0x14, 0x19}}}]}, 0x170}}, 0x0) 541.100464ms ago: executing program 0 (id=17503): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000003140)='./bus\x00', 0x1008002, &(0x7f0000000400)={[{@grpquota}, {@delalloc}, {@resuid}, {@errors_remount}, {@dioread_nolock}, {@nojournal_checksum}, {@lazytime}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") symlink(&(0x7f0000000900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 519.246305ms ago: executing program 4 (id=17504): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=@newlink={0x5c, 0x10, 0x19, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x40d87, 0x79269}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x5}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e23}]}}}, @IFLA_IFNAME={0x14, 0x3, 'ip6gretap0\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40880}, 0x8040) 468.262046ms ago: executing program 3 (id=17505): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d00)={0xb8, 0x1e, 0x21, 0x0, 0x0, {0x7}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}, @typed={0x9c, 0x2, 0x0, 0x0, @str='\x0f\x15)6?O\xdbc\xea\xd6\x9f\xd8\x83\x9c\rI\b\xc1\xf6\xda\x12\x01d\x99\xb3\x01\xf5O\xa3U\xbb\xe6!0WS<#\xa2H\xde\x96^Nm\x11\x99\x1f|\x93\x1b\xd9\"\x8c\xaf\xc3r\xa1\xc1f\x01 \f\x06\xea\xbe\xc7\xde\x1a\x06.#\xfb\xec\x1e\x1ae>X\xd9\x948\\?jN\x97\xcf\x18\xe9D\xf6\x88^\x03\xcd\xa1\x83\xd3\xd8Y\x9b\n\x93\xa2T\xaaO\xd4+\xa3\xf0w\xf5\xe9\xca\x93\xc7\xca\x13^\xb9\x02f\xd5\xfbn3\xc6\xfb\xf1\xf2\xe7K\\\xf2\x8b\x91\x03\x03\xe7\xb7WO0\xe7\xe2\x01\x11\xf8\xb8z'}]}, 0xb8}}, 0x0) 407.063538ms ago: executing program 4 (id=17506): r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000020c0), 0x400, 0x0) ppoll(&(0x7f0000002900)=[{r0, 0x10}], 0x1, &(0x7f0000002940)={0x0, 0x989680}, 0x0, 0x0) 406.910408ms ago: executing program 0 (id=17507): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42, 0x80}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8}, @IFLA_XFRM_LINK={0x8, 0x1, 0x2}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x58}}, 0x4048050) 369.792419ms ago: executing program 3 (id=17508): timer_create(0xfffffffd, 0x0, &(0x7f0000000040)=0x0) timer_settime(r0, 0x1, &(0x7f0000000440)={{0x77359400}}, &(0x7f0000000480)) 350.02827ms ago: executing program 4 (id=17509): r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$vim2m_VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000340)={0x1, @win={{0x0, 0x1e0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}}) 265.976653ms ago: executing program 0 (id=17510): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000180)=0x3, 0x4) 169.338136ms ago: executing program 3 (id=17511): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@ipv4_newrule={0x2c, 0x20, 0x1, 0x70bd29, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@FRA_GENERIC_POLICY=@FRA_GOTO={0x8, 0x4, 0xfffffffb}, @FRA_GENERIC_POLICY=@FRA_PRIORITY={0x8, 0x6, 0x7fffffff}]}, 0x2c}}, 0x0) 166.104416ms ago: executing program 4 (id=17512): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) 119.074137ms ago: executing program 1 (id=17513): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) 90.983378ms ago: executing program 0 (id=17514): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000340)={'gre0\x00', &(0x7f00000002c0)={'sit0\x00', 0x0, 0x20, 0x10, 0x5, 0x3c5, {{0x6, 0x4, 0x0, 0x5, 0x18, 0x64, 0x0, 0x85, 0x2f, 0x0, @multicast2, @local, {[@ra={0x94, 0x4}]}}}}}) 0s ago: executing program 1 (id=17515): r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000b5403340861a22753635010203010902120001000000000904"], 0x0) syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000440)={0x34, &(0x7f0000000000)=ANY=[@ANYBLOB="6a5cf700"], 0x0, 0x0, 0x0, 0x0, 0x0}) kernel console output (not intermixed with test programs): ': -15 [ 759.455972][T21660] netlink: 220 bytes leftover after parsing attributes in process `syz.3.14898'. [ 759.532300][ T7248] usb 5-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 759.562341][ T7248] usb 5-1: 2:1 : unknown format tag 0x804 is detected. processed as MPEG. [ 759.594330][ T7248] usb 5-1: found format II with max.bitrate = 32769, frame size=255 [ 759.616542][ T7248] usb 5-1: 2:1: All rates were zero [ 759.662041][ T7248] usb 5-1: USB disconnect, device number 76 [ 759.826216][T21708] [U] .h0FwZ,iqgҏV2sO [ 759.861331][T21711] loop2: detected capacity change from 0 to 256 [ 759.868197][T21708] [U] ` w*BBOLhU [ 759.872738][T21708] [U] w$n|#%o.z\̧mРw [ 759.898309][T21708] [U] R{ꫢ S [ 759.905809][T21704] [U] [ 759.942020][T21717] xt_ecn: cannot match TCP bits for non-tcp packets [ 759.952258][ T4182] udevd[4182]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 759.999811][T21711] exFAT-fs (loop2): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d) [ 760.053082][T21711] attempt to access beyond end of device [ 760.053082][T21711] loop2: rw=524288, want=4281, limit=256 [ 760.069219][T21721] netlink: 12 bytes leftover after parsing attributes in process `syz.0.14911'. [ 760.125116][T21711] attempt to access beyond end of device [ 760.125116][T21711] loop2: rw=0, want=4281, limit=256 [ 760.172580][ T26] audit: type=1800 audit(1016.137:53): pid=21711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.14908" name="file1" dev="loop2" ino=1048657 res=0 errno=0 [ 760.212498][T21711] exFAT-fs (loop2): invalid start cluster (520) [ 760.308561][T21737] program syz.0.14917 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 760.503555][T21743] loop4: detected capacity change from 0 to 4096 [ 760.533757][T21758] bridge0: port 1(bridge_slave_0) entered disabled state [ 760.546442][T21743] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 760.582856][T21758] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 760.719300][T21743] ntfs: (device loop4): parse_options(): NLS character set macgre not found. Using previous one utf8. [ 760.756530][T21743] ntfs: (device loop4): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 760.797507][T21743] ntfs: (device loop4): read_ntfs_boot_sector(): Hot-fix: Recovery of primary boot sector failed: Read-only mount. [ 760.858760][T21743] ntfs: (device loop4): read_ntfs_boot_sector(): Using backup boot sector. [ 760.910398][T21743] ntfs: volume version 3.1. [ 760.955063][T21784] loop3: detected capacity change from 0 to 128 [ 761.042907][T21784] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 761.082946][T21784] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 761.734404][T21860] tmpfs: Bad value for 'mpol' [ 761.820252][T21870] netlink: 72 bytes leftover after parsing attributes in process `syz.0.14961'. [ 761.860358][T21870] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14961'. [ 761.916432][T21862] loop1: detected capacity change from 0 to 4096 [ 761.987371][T21862] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 762.012804][T21887] netlink: 12 bytes leftover after parsing attributes in process `syz.0.14966'. [ 762.193462][T21822] loop3: detected capacity change from 0 to 32768 [ 762.239263][T21903] vim2m vim2m.0: Fourcc format (0x56595559) invalid. [ 762.306061][T21822] (syz.3.14942,21822,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 762.355128][T21915] netlink: 'syz.1.14972': attribute type 9 has an invalid length. [ 762.365765][T21822] (syz.3.14942,21822,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 762.399978][T21919] netlink: 40 bytes leftover after parsing attributes in process `syz.4.14974'. [ 762.429096][T21919] netlink: 40 bytes leftover after parsing attributes in process `syz.4.14974'. [ 762.459867][T21822] JBD2: Ignoring recovery information on journal [ 762.521882][ C0] ip6_tunnel: ip6tnl5 xmit: Local address not yet configured! [ 762.529583][ C0] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 762.719798][T21822] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 762.789191][T21822] (syz.3.14942,21822,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC. [ 762.847957][T21933] loop1: detected capacity change from 0 to 4096 [ 762.939284][T21933] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 763.022445][T21933] NILFS (loop1): mounting unchecked fs [ 763.027980][T21933] NILFS (loop1): recovery required for readonly filesystem [ 763.121755][T21933] NILFS (loop1): write access will be enabled during recovery [ 763.130815][T21822] (syz.3.14942,21822,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x1cec3d0f, computed 0xd2ffbdfe. Applying ECC. [ 763.169452][ T4646] udevd[4646]: incorrect nilfs2 checksum on /dev/loop1 [ 763.217769][T21822] (syz.3.14942,21822,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xdf8356d3, computed 0xb8c23ae4. Applying ECC. [ 763.225352][T21933] NILFS (loop1): norecovery option specified, skipping roll-forward recovery [ 763.293418][T21822] (syz.3.14942,21822,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xdf8356d3, computed 0x2acb7e3c [ 763.342676][ T4398] udevd[4398]: incorrect nilfs2 checksum on /dev/loop1 [ 763.361824][T21822] (syz.3.14942,21822,0):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 763.407739][T21933] NILFS (loop1): couldn't remount because the filesystem is in an incomplete recovery state [ 763.425374][T21822] (syz.3.14942,21822,0):ocfs2_quota_read:201 ERROR: status = -5 [ 763.459036][T21822] Quota error (device loop3): find_block_dqentry: Can't read quota tree block 6 [ 763.489435][ T4180] udevd[4180]: incorrect nilfs2 checksum on /dev/loop1 [ 763.509189][T21822] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 763.554430][T21822] (syz.3.14942,21822,0):ocfs2_acquire_dquot:878 ERROR: status = -5 [ 763.612021][T21822] (syz.3.14942,21822,0):ocfs2_mknod:314 ERROR: status = -5 [ 763.619343][T21822] (syz.3.14942,21822,0):ocfs2_mknod:502 ERROR: status = -5 [ 763.649742][T21977] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 763.657201][T21977] IPv6: NLM_F_CREATE should be set when creating new route [ 763.664520][T21977] IPv6: NLM_F_CREATE should be set when creating new route [ 763.690058][T21822] (syz.3.14942,21822,0):ocfs2_mkdir:659 ERROR: status = -5 [ 763.710437][ T4180] udevd[4180]: incorrect nilfs2 checksum on /dev/loop1 [ 763.744569][T21980] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14994'. [ 763.914836][T21998] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 763.964305][ T4191] ocfs2: Unmounting device (7,3) on (node local) [ 764.455604][T22036] netlink: 'syz.1.15014': attribute type 21 has an invalid length. [ 764.521632][T22036] netlink: 164 bytes leftover after parsing attributes in process `syz.1.15014'. [ 764.693342][T22049] libceph: resolve '0..' (ret=-3): failed [ 764.899397][T22078] xt_addrtype: both incoming and outgoing interface limitation cannot be selected [ 765.059617][T22095] netlink: 24 bytes leftover after parsing attributes in process `syz.1.15033'. [ 765.094282][T22095] netlink: 252 bytes leftover after parsing attributes in process `syz.1.15033'. [ 765.151911][T22095] netlink: 'syz.1.15033': attribute type 1 has an invalid length. [ 765.193078][T22095] netlink: 80 bytes leftover after parsing attributes in process `syz.1.15033'. [ 765.220816][T22107] netlink: 'syz.4.15038': attribute type 1 has an invalid length. [ 765.250082][T22107] netlink: 'syz.4.15038': attribute type 3 has an invalid length. [ 765.261942][T12779] usb 1-1: new high-speed USB device number 77 using dummy_hcd [ 765.297387][T22107] NCSI netlink: No device for ifindex 55159 [ 765.501923][T12779] usb 1-1: Using ep0 maxpacket: 16 [ 765.625831][T12779] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 765.660198][T12779] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 765.695347][T12779] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 765.720549][T22150] netlink: 'syz.4.15053': attribute type 1 has an invalid length. [ 765.741840][T12779] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 765.753024][T22154] netlink: zone id is out of range [ 765.779867][T12779] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 765.902187][T12779] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 765.932765][T12779] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 765.960004][T12779] usb 1-1: Manufacturer: syz [ 765.983233][T12779] usb 1-1: config 0 descriptor?? [ 766.258009][T12779] usb 1-1: USB disconnect, device number 77 [ 766.742321][ T7248] usb 3-1: new high-speed USB device number 72 using dummy_hcd [ 766.808180][T22251] overlayfs: workdir and upperdir must be separate subtrees [ 766.982220][ T7248] usb 3-1: Using ep0 maxpacket: 32 [ 766.989672][T22265] 8021q: adding VLAN 0 to HW filter on device bond6 [ 767.146971][T22314] __nla_validate_parse: 2 callbacks suppressed [ 767.146989][T22314] netlink: 68 bytes leftover after parsing attributes in process `syz.4.15097'. [ 767.262172][ T7248] usb 3-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 767.279876][ T7248] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 767.298348][ T7248] usb 3-1: Product: syz [ 767.326783][ T7248] usb 3-1: Manufacturer: syz [ 767.342204][ T7248] usb 3-1: SerialNumber: syz [ 767.366668][ T7248] usb 3-1: config 0 descriptor?? [ 767.838941][T22389] netlink: 88 bytes leftover after parsing attributes in process `syz.0.15123'. [ 767.859286][T22391] netlink: 'syz.3.15122': attribute type 3 has an invalid length. [ 767.867699][ T7248] airspy 3-1:0.0: usb_control_msg() failed -71 request 0a [ 767.881966][ T7248] airspy 3-1:0.0: Could not detect board [ 767.899701][ T7248] airspy: probe of 3-1:0.0 failed with error -71 [ 767.906806][T22391] netlink: 32 bytes leftover after parsing attributes in process `syz.3.15122'. [ 767.926189][ T7248] usb 3-1: USB disconnect, device number 72 [ 768.464195][T22440] netlink: 45 bytes leftover after parsing attributes in process `syz.2.15139'. [ 768.656501][T22460] xt_CT: You must specify a L4 protocol and not use inversions on it [ 769.080333][T22496] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 769.201996][T12779] usb 5-1: new high-speed USB device number 77 using dummy_hcd [ 769.262717][T22509] netlink: 200 bytes leftover after parsing attributes in process `syz.1.15161'. [ 769.572054][T12779] usb 5-1: config 0 has an invalid interface number: 69 but max is 0 [ 769.600595][T12779] usb 5-1: config 0 has no interface number 0 [ 769.618179][T12779] usb 5-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 769.659704][T12779] usb 5-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 769.774410][T22554] loop2: detected capacity change from 0 to 512 [ 769.823486][T22554] EXT4-fs (loop2): Test dummy encryption mode enabled [ 769.861407][T22554] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 769.872116][T12779] usb 5-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 769.881307][T12779] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 769.900482][T22554] EXT4-fs (loop2): Errors on filesystem, clearing orphan list. [ 769.915213][T22554] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,errors=continue,grpjquota=,prjquota,usrquota,barrier=0x0000000000000003,usrjquota=min_batch_time=0x00000000ffffffff,nouid32,test_dummy_encryption,,errors=continue. Quota mode: writeback. [ 769.941588][T12779] usb 5-1: Product: syz [ 769.950864][T12779] usb 5-1: Manufacturer: syz [ 769.955678][T12779] usb 5-1: SerialNumber: syz [ 769.962894][T12779] usb 5-1: config 0 descriptor?? [ 769.982139][T22483] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 770.003053][T12779] cyberjack 5-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 770.012208][ T7248] usb 4-1: new high-speed USB device number 75 using dummy_hcd [ 770.024556][T12779] usb 5-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 770.262103][ T7248] usb 4-1: Using ep0 maxpacket: 16 [ 770.549497][ T7248] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 770.589295][ T7248] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 770.619658][ T7248] usb 4-1: Product: syz [ 770.639919][ T7248] usb 4-1: Manufacturer: syz [ 770.663412][ T7248] usb 4-1: SerialNumber: syz [ 770.691131][ T7248] r8152-cfgselector 4-1: config 0 descriptor?? [ 770.710128][T12783] usb 5-1: USB disconnect, device number 77 [ 770.722656][T12783] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 770.774788][T12783] cyberjack 5-1:0.69: device disconnected [ 770.872153][ T5433] usb 2-1: new full-speed USB device number 78 using dummy_hcd [ 771.181935][ T7248] r8152-cfgselector 4-1: Unknown version 0x0000 [ 771.201223][ T7248] r8152-cfgselector 4-1: USB disconnect, device number 75 [ 771.286790][ T5433] usb 2-1: config 0 has an invalid interface number: 35 but max is 0 [ 771.306890][ T5433] usb 2-1: config 0 has no interface number 0 [ 771.326571][ T5433] usb 2-1: config 0 interface 35 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 10 [ 771.373417][ T5433] usb 2-1: config 0 interface 35 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 [ 771.591440][ T5433] usb 2-1: New USB device found, idVendor=07d0, idProduct=4101, bcdDevice=ec.5c [ 771.610171][ T5433] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 771.639070][ T5433] usb 2-1: Product: syz [ 771.659341][ T5433] usb 2-1: Manufacturer: syz [ 771.675665][ T5433] usb 2-1: SerialNumber: syz [ 771.711057][ T5433] usb 2-1: config 0 descriptor?? [ 771.793470][ T5433] cypress_m8 2-1:0.35: Nokia CA-42 V2 Adapter converter detected [ 771.972791][T22763] loop4: detected capacity change from 0 to 256 [ 772.006694][ T5433] usb 2-1: Nokia CA-42 V2 Adapter converter now attached to ttyUSB0 [ 772.072178][ T5433] usb 2-1: USB disconnect, device number 78 [ 772.097582][T22780] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15236'. [ 772.111088][ T5433] nokiaca42v2 ttyUSB0: Nokia CA-42 V2 Adapter converter now disconnected from ttyUSB0 [ 772.142974][ T5433] cypress_m8 2-1:0.35: device disconnected [ 772.632010][ T5436] usb 1-1: new high-speed USB device number 78 using dummy_hcd [ 772.787913][T22862] netlink: 20 bytes leftover after parsing attributes in process `syz.3.15260'. [ 772.912059][ T5436] usb 1-1: Using ep0 maxpacket: 32 [ 772.979410][T22865] loop1: detected capacity change from 0 to 4096 [ 773.034489][ T5436] usb 1-1: config 0 has an invalid interface number: 35 but max is 0 [ 773.051755][ T5436] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 773.065809][T22865] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled [ 773.090683][T22865] EXT4-fs (loop1): inline encryption not supported [ 773.111844][T22865] EXT4-fs (loop1): Journaled quota options ignored when QUOTA feature is enabled [ 773.124780][ T5436] usb 1-1: config 0 has no interface number 0 [ 773.141423][ T5436] usb 1-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 773.163193][T22865] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 773.274891][T22865] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,inlinecrypt,grpjquota=./file0,noblock_validity,mblk_io_submit,resgid=0x0000000000000000,usrquota,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 773.339453][T22888] binder: 22887:22888 ioctl c018620c 0 returned -14 [ 773.382219][ T5436] usb 1-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 773.391450][ T5436] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 773.474341][ T5436] usb 1-1: Product: syz [ 773.503874][ T5436] usb 1-1: Manufacturer: syz [ 773.508637][ T5436] usb 1-1: SerialNumber: syz [ 773.543628][ T5436] usb 1-1: config 0 descriptor?? [ 773.589512][T22852] loop2: detected capacity change from 0 to 32768 [ 773.604812][ T5436] radio-si470x 1-1:0.35: could not find interrupt in endpoint [ 773.649156][ T5436] radio-si470x: probe of 1-1:0.35 failed with error -5 [ 773.736765][T22852] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 773.822026][ T5436] radio-raremono 1-1:0.35: Thanko's Raremono connected: (10C4:818A) [ 773.840241][T22920] netlink: 'syz.3.15277': attribute type 1 has an invalid length. [ 773.848567][T22920] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.15277'. [ 773.858321][T22920] netlink: 9 bytes leftover after parsing attributes in process `syz.3.15277'. [ 773.957254][T22929] netlink: 'syz.4.15279': attribute type 1 has an invalid length. [ 774.024386][ T4197] ocfs2: Unmounting device (7,2) on (node local) [ 774.042247][ T5436] radio-raremono 1-1:0.35: raremono_cmd_main failed (-71) [ 774.099602][ T5436] radio-raremono 1-1:0.35: V4L2 device registered as radio48 [ 774.138124][ T5436] usb 1-1: USB disconnect, device number 78 [ 774.171252][ T5436] radio-raremono 1-1:0.35: Thanko's Raremono disconnected [ 774.364669][T22968] tc_dump_action: action bad kind [ 774.661899][T22993] netlink: 'syz.4.15299': attribute type 4 has an invalid length. [ 774.692266][T22993] netlink: 206236 bytes leftover after parsing attributes in process `syz.4.15299'. [ 774.906705][T23015] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15307'. [ 774.966754][T23015] netlink: 48 bytes leftover after parsing attributes in process `syz.0.15307'. [ 775.845663][T23086] netlink: 48 bytes leftover after parsing attributes in process `syz.0.15330'. [ 775.896241][T23010] loop4: detected capacity change from 0 to 32768 [ 775.969396][T23010] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.15304 (23010) [ 776.057148][T23010] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 776.090317][T23010] BTRFS info (device loop4): using free space tree [ 776.102533][T23010] BTRFS info (device loop4): has skinny extents [ 776.252064][T12783] usb 3-1: new low-speed USB device number 73 using dummy_hcd [ 776.518061][T23010] BTRFS info (device loop4): enabling ssd optimizations [ 776.612145][T12783] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 776.642749][T12783] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 776.688661][T12783] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8 [ 776.716079][T12783] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 776.735508][T12783] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 776.792620][T23095] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 776.836013][T12783] hub 3-1:1.0: bad descriptor, ignoring hub [ 776.850148][T12783] hub: probe of 3-1:1.0 failed with error -5 [ 776.868314][T12783] cdc_wdm 3-1:1.0: skipping garbage [ 776.887800][T12783] cdc_wdm 3-1:1.0: skipping garbage [ 776.903561][T12783] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 776.920520][T12783] cdc_wdm 3-1:1.0: Unknown control protocol [ 776.940291][ T4182] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by udevd (4182) [ 777.553286][T12772] usb 3-1: USB disconnect, device number 73 [ 777.583991][T23229] xt_CT: You must specify a L4 protocol and not use inversions on it [ 777.632577][T23237] autofs4:pid:23237:autofs_fill_super: called with bogus options [ 778.001861][T12785] usb 2-1: new full-speed USB device number 79 using dummy_hcd [ 778.106704][T23288] netlink: 40 bytes leftover after parsing attributes in process `syz.0.15386'. [ 778.401979][T12785] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 778.412416][T12779] usb 3-1: new high-speed USB device number 74 using dummy_hcd [ 778.440888][T12785] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 778.470664][T12785] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 778.481141][T23319] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT [ 778.500264][T12785] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 778.540476][T12785] usb 2-1: config 0 descriptor?? [ 778.572855][T23321] loop4: detected capacity change from 0 to 4096 [ 778.595013][T12785] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 778.626775][T12785] dvb-usb: bulk message failed: -22 (3/0) [ 778.652068][T12779] usb 3-1: Using ep0 maxpacket: 16 [ 778.675448][T12785] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 778.696188][T23331] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 778.731515][T23335] netlink: 32 bytes leftover after parsing attributes in process `syz.3.15400'. [ 778.739305][T12785] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 778.755145][T12785] usb 2-1: media controller created [ 778.777259][T12785] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 778.788095][T23335] tc_dump_action: action bad kind [ 778.804389][T23321] NILFS error (device loop4): nilfs_check_page: bad entry in directory #2: rec_len is too small for name_len - offset=32, inode=11, rec_len=24, name_len=77 [ 778.861245][T12785] dvb-usb: bulk message failed: -22 (6/0) [ 778.895453][T12785] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 778.914956][T23321] Remounting filesystem read-only [ 778.942164][T12779] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 778.954386][T12785] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input59 [ 778.979096][T12779] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 778.990216][T12785] dvb-usb: schedule remote query interval to 150 msecs. [ 778.997870][T12779] usb 3-1: Product: syz [ 779.003276][T12785] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 779.011367][T12779] usb 3-1: Manufacturer: syz [ 779.041796][T12779] usb 3-1: SerialNumber: syz [ 779.054101][T12785] usb 2-1: USB disconnect, device number 79 [ 779.072568][T12779] r8152-cfgselector 3-1: config 0 descriptor?? [ 779.144528][T12785] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 779.155406][T23364] netlink: 44 bytes leftover after parsing attributes in process `syz.0.15406'. [ 779.192409][T23364] netlink: 43 bytes leftover after parsing attributes in process `syz.0.15406'. [ 779.228924][T23364] netlink: 'syz.0.15406': attribute type 5 has an invalid length. [ 779.246698][T23364] netlink: 43 bytes leftover after parsing attributes in process `syz.0.15406'. [ 779.551883][T12779] r8152-cfgselector 3-1: Unknown version 0x0000 [ 779.561194][T12779] r8152-cfgselector 3-1: bad CDC descriptors [ 779.592132][T12779] r8152-cfgselector 3-1: Unknown version 0x0000 [ 779.617929][T12779] r8152-cfgselector 3-1: USB disconnect, device number 74 [ 779.697334][T23418] device geneve1 entered promiscuous mode [ 780.674984][T23518] loop4: detected capacity change from 0 to 1024 [ 780.689792][T23519] bridge11: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 780.701504][T12779] usb 3-1: new high-speed USB device number 75 using dummy_hcd [ 780.947442][T12779] usb 3-1: Using ep0 maxpacket: 32 [ 781.112063][T12779] usb 3-1: unable to get BOS descriptor or descriptor too short [ 781.202078][T12779] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 781.248640][T23565] Invalid ELF header magic: != ELF [ 781.252188][T12779] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 781.452081][T12779] usb 3-1: New USB device found, idVendor=1430, idProduct=474b, bcdDevice= 0.40 [ 781.473182][T12779] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 781.481277][T12779] usb 3-1: Product: syz [ 781.522018][T12779] usb 3-1: Manufacturer: syz [ 781.537197][T12779] usb 3-1: SerialNumber: syz [ 781.627351][T23593] ax25_connect(): syz.3.15473 uses autobind, please contact jreuter@yaina.de [ 781.972007][T12779] usb 3-1: MIDIStreaming interface descriptor not found [ 782.048357][T12779] usb 3-1: USB disconnect, device number 75 [ 782.364109][ T6759] udevd[6759]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 782.427300][T23669] loop1: detected capacity change from 0 to 4096 [ 782.506898][T23669] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option [ 782.548960][T23669] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842e018, mo2=0002] [ 782.562070][T23669] System zones: 0-5 [ 782.599049][T23669] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug,stripe=0x0000000000000061,journal_ioprio=0x0000000000000002,nouid32,nodiscard,nomblk_io_submit,acl,nojournal_checksum,resuid=0x0000000000000000,,errors=continue. Quota mode: writeback. [ 782.899777][T23716] loop3: detected capacity change from 0 to 2048 [ 783.002359][ T3561] loop3: p1 < > p2 p3 < > p4 < p5 > [ 783.007726][ T3561] loop3: partition table partially beyond EOD, truncated [ 783.042128][ T3561] loop3: p1 start 3405774849 is beyond EOD, truncated [ 783.083508][ T3561] loop3: p3 start 4225 is beyond EOD, truncated [ 783.132242][T23716] loop3: p1 < > p2 p3 < > p4 < p5 > [ 783.151872][T23716] loop3: partition table partially beyond EOD, truncated [ 783.171964][T23716] loop3: p1 start 3405774849 is beyond EOD, truncated [ 783.199315][T23716] loop3: p3 start 4225 is beyond EOD, truncated [ 783.765053][ C0] sd 0:0:1:0: tag#929 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 783.774955][ C0] sd 0:0:1:0: tag#929 CDB: opcode=0x2 [ 783.780394][ C0] sd 0:0:1:0: tag#929 CDB[00]: 02 4f 35 6d 46 cb 6f 41 1b fa 91 fc e1 37 8a 59 [ 783.789429][ C0] sd 0:0:1:0: tag#929 CDB[10]: 2a a0 42 c5 04 41 9d ac 89 0e e5 10 22 9a 75 90 [ 783.798452][ C0] sd 0:0:1:0: tag#929 CDB[20]: 47 [ 784.002837][T23814] dlm: non-version read from control device 169 [ 784.216362][T23836] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 784.296955][T12779] usb 5-1: new high-speed USB device number 78 using dummy_hcd [ 784.368543][T23849] loop3: detected capacity change from 0 to 128 [ 784.551908][T12779] usb 5-1: Using ep0 maxpacket: 32 [ 784.562966][T23850] loop1: detected capacity change from 0 to 4096 [ 784.610693][T23865] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15548'. [ 784.671931][T12779] usb 5-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 784.692344][T12779] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 784.721848][T12779] usb 5-1: config 0 descriptor?? [ 784.742814][T23850] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 784.749884][T23850] ntfs3: loop1: ntfs_set_state r=3 failed, -22. [ 784.769930][T12779] gspca_main: sunplus-2.14.0 probing 041e:400b [ 784.808297][ T4398] udevd[4398]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 784.826071][ T4646] udevd[4646]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory [ 784.893941][ T4180] udevd[4180]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 784.929157][T23879] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.15551'. [ 784.965755][T17337] ntfs3: loop1: ntfs3_write_inode r=3 failed, -22. [ 784.992965][ T4189] ntfs3: loop1: ntfs_evict_inode r=3 failed, -22. [ 784.995972][T23879] openvswitch: netlink: Flow key attribute not present in set flow. [ 785.039893][ T3456] udevd[3456]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory [ 785.065338][ T4398] udevd[4398]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 785.074860][ T4180] udevd[4180]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 785.202149][T12779] gspca_sunplus: reg_w_riv err -71 [ 785.202238][T12779] sunplus: probe of 5-1:0.0 failed with error -71 [ 785.209090][T12779] usb 5-1: USB disconnect, device number 78 [ 785.426326][T23903] loop3: detected capacity change from 0 to 128 [ 785.922020][T23921] loop3: detected capacity change from 0 to 4096 [ 786.048229][T23921] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 786.196816][T23955] loop1: detected capacity change from 0 to 64 [ 786.260794][T23960] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 786.650697][T23990] netlink: 32 bytes leftover after parsing attributes in process `syz.2.15585'. [ 786.680773][T23989] netlink: 132 bytes leftover after parsing attributes in process `syz.4.15584'. [ 786.713523][T23990] netlink: 40 bytes leftover after parsing attributes in process `syz.2.15585'. [ 786.945171][T24011] xt_CT: You must specify a L4 protocol and not use inversions on it [ 787.224646][T24037] loop4: detected capacity change from 0 to 128 [ 787.407684][T24037] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 787.601795][ T5450] usb 2-1: new high-speed USB device number 80 using dummy_hcd [ 787.693225][T24087] netlink: 28 bytes leftover after parsing attributes in process `syz.2.15615'. [ 787.781983][ T5436] usb 1-1: new high-speed USB device number 79 using dummy_hcd [ 787.844886][T24095] netlink: 20 bytes leftover after parsing attributes in process `syz.2.15618'. [ 787.966424][T24101] tmpfs: Bad value for 'mpol' [ 788.072428][ T5450] usb 2-1: unable to get BOS descriptor or descriptor too short [ 788.080329][ T5436] usb 1-1: Using ep0 maxpacket: 16 [ 788.194495][ T5450] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7 [ 788.272200][ T5436] usb 1-1: unable to get BOS descriptor or descriptor too short [ 788.387687][T24132] loop4: detected capacity change from 0 to 512 [ 788.390874][ T5436] usb 1-1: config 0 has an invalid interface number: 237 but max is 0 [ 788.420079][ T5436] usb 1-1: config 0 has no interface number 0 [ 788.443125][ T5450] usb 2-1: New USB device found, idVendor=0582, idProduct=004c, bcdDevice= 0.40 [ 788.459936][ T5436] usb 1-1: config 0 interface 237 altsetting 93 endpoint 0x83 has invalid wMaxPacketSize 0 [ 788.470819][ T5450] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 788.490855][ T5450] usb 2-1: Product: syz [ 788.495425][ T5436] usb 1-1: config 0 interface 237 altsetting 93 bulk endpoint 0x83 has invalid maxpacket 0 [ 788.512352][ T5450] usb 2-1: Manufacturer: syz [ 788.517125][ T5450] usb 2-1: SerialNumber: syz [ 788.524163][T24132] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 788.531580][T24132] EXT4-fs (loop4): Ignoring removed oldalloc option [ 788.542225][ T5436] usb 1-1: config 0 interface 237 has no altsetting 0 [ 788.566443][T24132] EXT4-fs (loop4): filesystem is read-only [ 788.613408][T24132] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 788.696595][T24132] EXT4-fs (loop4): filesystem is read-only [ 788.718266][T24132] EXT4-fs (loop4): orphan cleanup on readonly fs [ 788.752816][T24132] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.15630: bg 0: block 64: padding at end of block bitmap is not set [ 788.772266][ T5436] usb 1-1: New USB device found, idVendor=045e, idProduct=0445, bcdDevice=87.ed [ 788.799493][ T5436] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 788.807847][ T5436] usb 1-1: Product: syz [ 788.812301][ T5436] usb 1-1: Manufacturer: syz [ 788.816990][ T5436] usb 1-1: SerialNumber: syz [ 788.830953][ T5436] usb 1-1: config 0 descriptor?? [ 788.836130][T24132] EXT4-fs (loop4): Remounting filesystem read-only [ 788.865427][ T5450] usb 2-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 788.880604][T24132] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6191: Corrupt filesystem [ 788.892411][ T5450] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor [ 788.910687][ T5450] usb 2-1: parse_audio_format_rates_v2v3(): unable to find clock source (clock -22) [ 788.913992][T24132] EXT4-fs (loop4): Remounting filesystem read-only [ 788.948949][T24132] EXT4-fs (loop4): 1 orphan inode deleted [ 788.968607][T24132] EXT4-fs (loop4): mounted filesystem without journal. Opts: resuid=0x0000000000000000,noauto_da_alloc,auto_da_alloc=0x0000000000000000,errors=remount-ro,bsdgroups,noblock_validity,nomblk_io_submit,nouid32,dioread_lock,nolazytime,oldalloc,usrquota,. Quota mode: writeback. [ 788.994553][ C0] vkms_vblank_simulate: vblank timer overrun [ 789.005291][T24152] xt_CT: No such helper "snmp_trap" [ 789.010158][T24117] loop3: detected capacity change from 0 to 32768 [ 789.072411][ T5450] usb 2-1: USB disconnect, device number 80 [ 789.116509][T24117] XFS (loop3): Mounting V5 Filesystem [ 789.158854][T24180] loop2: detected capacity change from 0 to 64 [ 789.175089][ T5436] ipaq 1-1:0.237: PocketPC PDA converter detected [ 789.182396][ T5436] usb 1-1: active config #0 != 1 ?? [ 789.223084][ T5436] usb 1-1: USB disconnect, device number 79 [ 789.253196][T24180] attempt to access beyond end of device [ 789.253196][T24180] loop2: rw=0, want=1026, limit=64 [ 789.292783][T24180] Buffer I/O error on dev loop2, logical block 512, async page read [ 789.320967][T24180] attempt to access beyond end of device [ 789.320967][T24180] loop2: rw=0, want=113154, limit=64 [ 789.373827][T24117] XFS (loop3): Ending clean mount [ 789.382062][T24180] Buffer I/O error on dev loop2, logical block 56576, async page read [ 789.403221][ T3456] udevd[3456]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 789.464044][ T4191] XFS (loop3): Unmounting Filesystem [ 789.519568][T24209] netlink: 12 bytes leftover after parsing attributes in process `syz.1.15638'. [ 789.633476][T24213] netlink: 12 bytes leftover after parsing attributes in process `syz.2.15639'. [ 789.699379][T24213] netlink: 48 bytes leftover after parsing attributes in process `syz.2.15639'. [ 789.928429][T24231] netlink: 8 bytes leftover after parsing attributes in process `syz.1.15645'. [ 789.987217][T24228] loop2: detected capacity change from 0 to 4096 [ 790.155524][T24228] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 790.179150][T24228] ntfs3: loop2: Failed to load $Extend. [ 790.444768][T24265] xt_TCPMSS: Only works on TCP SYN packets [ 790.655813][T24288] netlink: 12 bytes leftover after parsing attributes in process `syz.2.15656'. [ 790.697128][T24288] netlink: 60 bytes leftover after parsing attributes in process `syz.2.15656'. [ 790.747185][T24288] netlink: 12 bytes leftover after parsing attributes in process `syz.2.15656'. [ 790.787259][T24288] netlink: 60 bytes leftover after parsing attributes in process `syz.2.15656'. [ 790.801946][ T5436] usb 4-1: new high-speed USB device number 76 using dummy_hcd [ 790.810719][T24297] ip6t_srh: unknown srh match flags 4000 [ 790.832148][T24288] netlink: 104 bytes leftover after parsing attributes in process `syz.2.15656'. [ 790.983883][T24311] netlink: 'syz.1.15665': attribute type 3 has an invalid length. [ 791.001996][T24313] netlink: 288 bytes leftover after parsing attributes in process `syz.2.15666'. [ 791.293756][ T5436] usb 4-1: unable to get BOS descriptor or descriptor too short [ 791.400201][ T5436] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 791.418734][ T5436] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 791.631956][ T5436] usb 4-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice= 0.40 [ 791.652289][ T5436] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 791.694035][ T5436] usb 4-1: Product: syz [ 791.698300][ T5436] usb 4-1: Manufacturer: syz [ 791.730551][T24378] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15688'. [ 791.733024][ T5436] usb 4-1: SerialNumber: syz [ 791.815104][ T5436] usb 4-1: selecting invalid altsetting 1 [ 791.841575][ T5436] usb 4-1: unit 6 not found! [ 791.875200][T24391] netlink: 'syz.4.15692': attribute type 4 has an invalid length. [ 791.893259][ T5436] snd-usb-audio: probe of 4-1:1.0 failed with error -22 [ 791.988817][ T4182] udevd[4182]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 792.039545][T12772] usb 4-1: USB disconnect, device number 76 [ 792.338311][T24447] xt_l2tp: v2 doesn't support IP mode [ 792.611999][T12772] usb 3-1: new full-speed USB device number 76 using dummy_hcd [ 792.911979][ T5436] usb 2-1: new high-speed USB device number 81 using dummy_hcd [ 792.978417][T12772] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 1024, setting to 64 [ 793.182183][T12772] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 793.199375][T12772] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 793.228220][T12772] usb 3-1: Product: syz [ 793.252179][T12772] usb 3-1: Manufacturer: syz [ 793.256986][T12772] usb 3-1: SerialNumber: syz [ 793.302290][ T5436] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 793.302707][T12772] usb 3-1: config 0 descriptor?? [ 793.328052][ T5436] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 793.352205][T24446] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 793.358800][ T5436] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 793.373497][ T5436] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 793.401262][ T5436] usb 2-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 793.418749][ T5436] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 793.462894][ T5436] usb 2-1: config 0 descriptor?? [ 793.599064][T12772] usb 3-1: USB disconnect, device number 76 [ 793.722240][ T5436] hdpvr 2-1:0.0: firmware version 0xd9 dated LW@'^R"5DBUN=rp]E/ [ 793.755273][ T5436] hdpvr 2-1:0.0: untested firmware, the driver might not work. [ 793.952012][ T5436] hdpvr 2-1:0.0: device init failed [ 793.957315][ T5436] hdpvr: probe of 2-1:0.0 failed with error -12 [ 793.991231][ T5436] usb 2-1: USB disconnect, device number 81 [ 794.052017][ T5433] usb 1-1: new high-speed USB device number 80 using dummy_hcd [ 794.249363][T24598] loop2: detected capacity change from 0 to 512 [ 794.287099][T24598] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 794.357987][T24608] lo speed is unknown, defaulting to 1000 [ 794.368162][T24608] lo speed is unknown, defaulting to 1000 [ 794.382078][T24608] lo speed is unknown, defaulting to 1000 [ 794.388946][T24598] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.15751: invalid indirect mapped block 9 (level 0) [ 794.410997][T24608] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 794.436252][T24598] EXT4-fs (loop2): 1 truncate cleaned up [ 794.442321][T24598] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,inode_readahead_blks=0x0000000000004000,,errors=continue. Quota mode: none. [ 794.459195][T24608] lo speed is unknown, defaulting to 1000 [ 794.466259][T24608] lo speed is unknown, defaulting to 1000 [ 794.473737][T24608] lo speed is unknown, defaulting to 1000 [ 794.481854][ T5433] usb 1-1: unable to get BOS descriptor or descriptor too short [ 794.493957][T24608] lo speed is unknown, defaulting to 1000 [ 794.504011][T24608] lo speed is unknown, defaulting to 1000 [ 794.592209][ T5433] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 794.612870][ T5433] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 9 [ 794.631383][T24618] loop4: detected capacity change from 0 to 1024 [ 794.654001][ T5433] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 794.705600][ T5433] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0 [ 794.778990][T24618] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 794.822193][T24618] EXT4-fs error (device loop4): ext4_get_journal_inode:5187: inode #32: comm syz.4.15755: iget: special inode unallocated [ 794.867433][T24618] EXT4-fs (loop4): no journal found [ 794.867455][T24618] EXT4-fs (loop4): can't get journal size [ 794.873464][T24618] EXT4-fs (loop4): filesystem is read-only [ 794.873492][T24618] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,noload,noblock_validity,bsdgroups,nobarrier,. Quota mode: none. [ 794.892112][T24618] EXT4-fs error (device loop4): ext4_lookup:1850: inode #2: comm syz.4.15755: bad inode number: 12 [ 794.952511][ T5433] usb 1-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39 [ 794.952546][ T5433] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 794.952582][ T5433] usb 1-1: Product: syz [ 794.952618][ T5433] usb 1-1: Manufacturer: syz [ 794.952634][ T5433] usb 1-1: SerialNumber: syz [ 794.954839][ T5433] usb 1-1: config 0 descriptor?? [ 794.972755][T24556] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 795.045658][ C1] vkms_vblank_simulate: vblank timer overrun [ 795.081597][T24650] __nla_validate_parse: 2 callbacks suppressed [ 795.081616][T24650] netlink: 8 bytes leftover after parsing attributes in process `syz.4.15764'. [ 795.172002][ C1] usb 1-1: NFC: Urb failure (status -71) [ 795.181391][ T5433] usb 1-1: NFC: Unable to get FW version [ 795.230656][ T5433] pn533_usb: probe of 1-1:0.0 failed with error -90 [ 795.353134][T24672] netlink: 36 bytes leftover after parsing attributes in process `syz.3.15771'. [ 795.410298][ T5433] usb 1-1: USB disconnect, device number 80 [ 795.867227][T24718] netlink: 'syz.4.15785': attribute type 1 has an invalid length. [ 795.909378][T24718] netlink: 220 bytes leftover after parsing attributes in process `syz.4.15785'. [ 796.027196][T24726] netlink: 104 bytes leftover after parsing attributes in process `syz.1.15788'. [ 796.090044][T24726] netlink: 104 bytes leftover after parsing attributes in process `syz.1.15788'. [ 796.181930][T24726] netlink: 81 bytes leftover after parsing attributes in process `syz.1.15788'. [ 796.420006][T24761] netlink: 24 bytes leftover after parsing attributes in process `syz.4.15799'. [ 796.461269][T24763] netlink: 'syz.1.15798': attribute type 1 has an invalid length. [ 797.064672][T24790] loop1: detected capacity change from 0 to 4096 [ 797.112494][T24815] netlink: 9412 bytes leftover after parsing attributes in process `syz.3.15815'. [ 797.210381][T24790] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 797.406505][T24832] loop3: detected capacity change from 0 to 1024 [ 797.481215][T24832] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 797.567324][T24832] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000080,nodelalloc,grpid,barrier,nomblk_io_submit,journal_dev=0x0000000000000004,nombcache,noquota,,errors=continue. Quota mode: none. [ 797.762942][T24859] netlink: 32 bytes leftover after parsing attributes in process `syz.2.15829'. [ 797.790451][T24859] batman_adv: Cannot find parent device [ 797.897520][T24872] loop2: detected capacity change from 0 to 256 [ 798.461996][T12779] usb 5-1: new high-speed USB device number 79 using dummy_hcd [ 798.717510][T24929] loop3: detected capacity change from 0 to 2048 [ 798.821823][T24935] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 798.822294][T12779] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 798.871852][T12779] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 798.899267][T12779] usb 5-1: config 0 descriptor?? [ 799.295429][T24923] loop2: detected capacity change from 0 to 32768 [ 799.399369][T24923] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 799.410525][T12779] ath6kl: Failed to submit usb control message: -71 [ 799.417406][T12779] ath6kl: unable to send the bmi data to the device: -71 [ 799.450300][T12779] ath6kl: Unable to send get target info: -71 [ 799.456884][T24923] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 799.471822][T12779] ath6kl: Failed to init ath6kl core: -71 [ 799.542442][T12779] ath6kl_usb: probe of 5-1:0.0 failed with error -71 [ 799.578343][T12779] usb 5-1: USB disconnect, device number 79 [ 799.705785][T24923] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 799.746562][T12772] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 799.761821][T12772] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 800.010647][T12772] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 248ms [ 800.051069][T12772] gfs2: fsid=syz:syz.0: jid=0: Done [ 800.072761][T24923] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 800.659790][T25043] netlink: 20 bytes leftover after parsing attributes in process `syz.4.15881'. [ 800.680515][T24923] gfs2: fsid=syz:syz.0: found 1 quota changes [ 800.751838][T12772] usb 4-1: new high-speed USB device number 77 using dummy_hcd [ 800.877935][T24923] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485 [ 801.019483][T24923] CPU: 0 PID: 24923 Comm: syz.2.15846 Not tainted syzkaller #0 [ 801.027229][T24923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 801.037331][T24923] Call Trace: [ 801.040652][T24923] [ 801.043636][T24923] dump_stack_lvl+0x188/0x250 [ 801.048363][T24923] ? show_regs_print_info+0x20/0x20 [ 801.053595][T24923] ? load_image+0x400/0x400 [ 801.058138][T24923] ? do_raw_spin_unlock+0x11d/0x230 [ 801.063416][T24923] gfs2_assert_warn_i+0x18f/0x2c0 [ 801.068520][T24923] gfs2_quota_cleanup+0x4b4/0x6a0 [ 801.073664][T24923] gfs2_make_fs_ro+0x523/0x620 [ 801.078470][T24923] ? __might_sleep+0xf0/0xf0 [ 801.083162][T24923] ? gfs2_dinode_out+0xb00/0xb00 [ 801.088128][T24923] ? _raw_spin_unlock+0x24/0x40 [ 801.093007][T24923] ? gfs2_glock_nq+0xcb0/0x1550 [ 801.097978][T24923] gfs2_reconfigure+0x83c/0xd30 [ 801.102878][T24923] ? gfs2_get_tree+0x1e0/0x1e0 [ 801.107705][T24923] ? do_raw_spin_unlock+0x11d/0x230 [ 801.113150][T24923] ? gfs2_freeze_lock+0x52/0xc0 [ 801.118040][T24923] ? sb_prepare_remount_readonly+0x511/0x540 [ 801.124082][T24923] ? reconfigure_super+0x641/0x8a0 [ 801.129282][T24923] reconfigure_super+0x219/0x8a0 [ 801.134248][T24923] path_mount+0xd54/0x1030 [ 801.138684][T24923] ? user_path_at_empty+0x13e/0x190 [ 801.143902][T24923] __se_sys_mount+0x2e3/0x3d0 [ 801.148594][T24923] ? __x64_sys_mount+0xc0/0xc0 [ 801.153368][T24923] ? lockdep_hardirqs_on+0x94/0x140 [ 801.158700][T24923] ? __x64_sys_mount+0x1c/0xc0 [ 801.163499][T24923] do_syscall_64+0x4c/0xa0 [ 801.167948][T24923] ? clear_bhb_loop+0x30/0x80 [ 801.172648][T24923] ? clear_bhb_loop+0x30/0x80 [ 801.177365][T24923] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 801.183272][T24923] RIP: 0033:0x7f841fca3e59 [ 801.187707][T24923] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 801.207333][T24923] RSP: 002b:00007f841defd028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 801.215766][T24923] RAX: ffffffffffffffda RBX: 00007f841ff1cfa0 RCX: 00007f841fca3e59 [ 801.223767][T24923] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000000 [ 801.231751][T24923] RBP: 00007f841fd39d6f R08: 0000000000000000 R09: 0000000000000000 [ 801.239738][T24923] R10: 0000000000000021 R11: 0000000000000246 R12: 0000000000000000 [ 801.247724][T24923] R13: 00007f841ff1d038 R14: 00007f841ff1cfa0 R15: 00007ffd7a8ee5a8 [ 801.255725][T24923] [ 801.392353][T12772] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 801.416220][T25076] vim2m vim2m.0: Fourcc format (0x47524247) invalid. [ 801.431414][T12772] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 801.478280][T12772] usb 4-1: config 0 descriptor?? [ 801.796747][T25101] netlink: 'syz.0.15897': attribute type 11 has an invalid length. [ 801.812254][T12772] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00 [ 801.820829][T12772] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 801.863195][T12772] [drm:udl_init] *ERROR* Selecting channel failed [ 801.966796][T12772] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2 [ 802.000366][T12772] [drm] Initialized udl on minor 2 [ 802.062305][T12772] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 802.084071][T12772] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 802.142908][T12772] usb 4-1: USB disconnect, device number 77 [ 802.176278][T12785] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffed [ 802.232861][T12785] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffed [ 802.327459][T12785] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 802.429866][T25140] netlink: 'syz.0.15909': attribute type 2 has an invalid length. [ 802.452214][T25140] netlink: 'syz.0.15909': attribute type 1 has an invalid length. [ 802.898985][T12779] usb 5-1: new high-speed USB device number 80 using dummy_hcd [ 802.980470][T25179] xt_CT: You must specify a L4 protocol and not use inversions on it [ 803.161927][T12779] usb 5-1: Using ep0 maxpacket: 32 [ 803.282034][T12779] usb 5-1: config index 0 descriptor too short (expected 539, got 27) [ 803.290389][T12779] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 803.351947][T12779] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 803.566746][T12779] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 803.589840][T12779] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 803.631898][T12779] usb 5-1: Product: syz [ 803.636178][T12779] usb 5-1: Manufacturer: syz [ 803.681220][T12779] usb 5-1: SerialNumber: syz [ 803.708921][T12779] usb 5-1: config 0 descriptor?? [ 803.744235][T25232] netlink: 'syz.2.15935': attribute type 1 has an invalid length. [ 803.762316][T25232] netlink: 'syz.2.15935': attribute type 3 has an invalid length. [ 803.788930][T12779] hub 5-1:0.0: bad descriptor, ignoring hub [ 803.797586][T12779] hub: probe of 5-1:0.0 failed with error -5 [ 803.815602][T25232] netlink: 224 bytes leftover after parsing attributes in process `syz.2.15935'. [ 803.836519][T12779] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input60 [ 803.864217][T12779] usbtouchscreen 5-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -90 [ 803.930848][T12779] usbtouchscreen: probe of 5-1:0.0 failed with error -90 [ 804.017697][T25255] netlink: 'syz.0.15939': attribute type 10 has an invalid length. [ 804.082165][T25255] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 804.140038][T12779] usb 5-1: USB disconnect, device number 80 [ 804.352953][T25280] loop2: detected capacity change from 0 to 256 [ 804.586166][T25280] FAT-fs (loop2): Directory bread(block 64) failed [ 804.610195][T25280] FAT-fs (loop2): Directory bread(block 65) failed [ 804.640468][T25280] FAT-fs (loop2): Directory bread(block 66) failed [ 804.690946][T25280] FAT-fs (loop2): Directory bread(block 67) failed [ 804.756268][T25280] FAT-fs (loop2): Directory bread(block 68) failed [ 804.791951][T25280] FAT-fs (loop2): Directory bread(block 69) failed [ 804.815349][T25280] FAT-fs (loop2): Directory bread(block 70) failed [ 804.842285][T25280] FAT-fs (loop2): Directory bread(block 71) failed [ 804.849056][T25280] FAT-fs (loop2): Directory bread(block 72) failed [ 804.912143][T25280] FAT-fs (loop2): Directory bread(block 73) failed [ 805.535370][T25345] (unnamed net_device) (uninitialized): up delay (1024) is not a multiple of miimon (100), value rounded to 1000 ms [ 805.602191][T25345] (unnamed net_device) (uninitialized): down delay (4) is not a multiple of miimon (100), value rounded to 0 ms [ 805.673446][T25347] loop2: detected capacity change from 0 to 4096 [ 805.883732][T25347] EXT4-fs (loop2): fragment/cluster size (1024) != block size (4096) [ 806.221932][T12785] usb 3-1: new high-speed USB device number 77 using dummy_hcd [ 806.592055][T12785] usb 3-1: config index 0 descriptor too short (expected 7768, got 18) [ 806.620762][T12785] usb 3-1: config 0 has an invalid interface number: 39 but max is 0 [ 806.651949][T12785] usb 3-1: config 0 has no interface number 0 [ 806.684125][T12785] usb 3-1: too many endpoints for config 0 interface 39 altsetting 147: 48, using maximum allowed: 30 [ 806.712098][T12785] usb 3-1: config 0 interface 39 altsetting 147 has 0 endpoint descriptors, different from the interface descriptor's value: 48 [ 806.743284][T25446] loop4: detected capacity change from 0 to 128 [ 806.749809][T12785] usb 3-1: config 0 interface 39 has no altsetting 0 [ 806.757642][T12785] usb 3-1: New USB device found, idVendor=0483, idProduct=3747, bcdDevice=52.4d [ 806.787923][T12785] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 806.821138][T12785] usb 3-1: config 0 descriptor?? [ 807.101957][T12785] usb 3-1: string descriptor 0 read error: -71 [ 807.120690][T12785] ftdi_sio 3-1:0.39: FTDI USB Serial Device converter detected [ 807.152438][T12785] usb 3-1: Detected FT-X [ 807.179083][T12785] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 807.232206][T12785] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 807.252178][T12785] ftdi_sio 3-1:0.39: GPIO initialisation failed: -71 [ 807.284303][T12785] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 807.313748][T12785] usb 3-1: USB disconnect, device number 77 [ 807.361107][T12785] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 807.419204][T12785] ftdi_sio 3-1:0.39: device disconnected [ 807.481904][T12772] usb 1-1: new high-speed USB device number 81 using dummy_hcd [ 807.617780][T25512] loop4: detected capacity change from 0 to 4096 [ 807.627323][T25517] dlm: no locking on control device [ 807.740547][T12772] usb 1-1: Using ep0 maxpacket: 8 [ 807.788980][T25512] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 807.862295][T12772] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 807.899856][T25535] loop1: detected capacity change from 0 to 1024 [ 807.904701][T12772] usb 1-1: New USB device found, idVendor=05a9, idProduct=2630, bcdDevice=55.12 [ 807.941887][T12779] usb 3-1: new high-speed USB device number 78 using dummy_hcd [ 807.969039][T25538] ip6gretap3: default qdisc (pfifo_fast) fail, fallback to noqueue [ 807.972641][T12772] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 808.016106][T12772] usb 1-1: config 0 descriptor?? [ 808.025687][T25535] EXT4-fs (loop1): Ignoring removed bh option [ 808.054305][T12772] usb 1-1: Found UVC 0.00 device (05a9:2630) [ 808.061260][T12772] usb 1-1: No valid video chain found. [ 808.133510][T25535] EXT4-fs (loop1): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,bh,,errors=continue. Quota mode: none. [ 808.185948][T25560] netlink: 8 bytes leftover after parsing attributes in process `syz.4.16013'. [ 808.264326][T25535] EXT4-fs warning (device loop1): ext4_empty_dir:3156: inode #12: comm syz.1.16009: directory missing '..' [ 808.293260][T12772] usb 1-1: USB disconnect, device number 81 [ 808.312222][T12779] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 808.323673][T25566] loop4: detected capacity change from 0 to 256 [ 808.348783][T12779] usb 3-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice= 0.00 [ 808.397178][T12779] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 808.408241][T25577] netlink: 16 bytes leftover after parsing attributes in process `syz.3.16016'. [ 808.427362][T12779] usb 3-1: config 0 descriptor?? [ 808.484248][T12779] gspca_main: spca501-2.14.0 probing 0000:0000 [ 808.523218][T25566] FAT-fs (loop4): Directory bread(block 64) failed [ 808.529807][T25566] FAT-fs (loop4): Directory bread(block 65) failed [ 808.577558][T25566] FAT-fs (loop4): Directory bread(block 66) failed [ 808.604235][ T1423] ieee802154 phy1 wpan1: encryption failed: -22 [ 808.641563][T25566] FAT-fs (loop4): Directory bread(block 67) failed [ 808.679672][T25566] FAT-fs (loop4): Directory bread(block 68) failed [ 808.732210][T25566] FAT-fs (loop4): Directory bread(block 69) failed [ 808.738892][T25566] FAT-fs (loop4): Directory bread(block 70) failed [ 808.772538][T25566] FAT-fs (loop4): Directory bread(block 71) failed [ 808.779200][T25566] FAT-fs (loop4): Directory bread(block 72) failed [ 808.821868][T25566] FAT-fs (loop4): Directory bread(block 73) failed [ 808.911906][T12779] gspca_spca501: reg write: error -71 [ 808.917356][T12779] spca501 3-1:0.0: Reg write failed for 0x02,0xa048,0x00 [ 808.961022][T12779] spca501: probe of 3-1:0.0 failed with error -22 [ 808.988413][T12779] usb 3-1: USB disconnect, device number 78 [ 809.377747][T25640] netlink: 'syz.4.16033': attribute type 15 has an invalid length. [ 809.427895][T25640] netlink: 24 bytes leftover after parsing attributes in process `syz.4.16033'. [ 809.671804][T25665] netlink: 'syz.1.16042': attribute type 1 has an invalid length. [ 809.707467][T25665] netlink: 224 bytes leftover after parsing attributes in process `syz.1.16042'. [ 809.902216][T12772] usb 3-1: new high-speed USB device number 79 using dummy_hcd [ 810.262089][T12772] usb 3-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 810.303374][T12772] usb 3-1: config 2 interface 0 altsetting 178 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 810.338380][T12772] usb 3-1: config 2 interface 0 has no altsetting 0 [ 810.542155][T12772] usb 3-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=da.47 [ 810.564748][T12772] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 810.586860][T25734] loop4: detected capacity change from 0 to 512 [ 810.596849][T12772] usb 3-1: Product: syz [ 810.601062][T12772] usb 3-1: Manufacturer: syz [ 810.608202][T12772] usb 3-1: SerialNumber: syz [ 810.665086][T25734] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 810.715372][T25734] EXT4-fs warning (device loop4): ext4_empty_dir:3156: inode #12: comm syz.4.16065: directory missing '..' [ 810.936101][T12772] usb 3-1: USB disconnect, device number 79 [ 811.007495][T25774] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.16076'. [ 811.366253][T25800] netlink: 36 bytes leftover after parsing attributes in process `syz.4.16084'. [ 811.402498][T25800] netlink: 36 bytes leftover after parsing attributes in process `syz.4.16084'. [ 811.437928][T25800] netlink: 52 bytes leftover after parsing attributes in process `syz.4.16084'. [ 811.502326][T25813] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16089'. [ 811.552254][T25818] netlink: 28 bytes leftover after parsing attributes in process `syz.1.16091'. [ 811.744675][T25835] loop4: detected capacity change from 0 to 64 [ 812.203864][T25882] netlink: 'syz.4.16111': attribute type 3 has an invalid length. [ 812.440304][T25906] netlink: 'syz.4.16120': attribute type 1 has an invalid length. [ 812.588031][T25923] x_tables: unsorted underflow at hook 2 [ 813.124926][T25967] loop2: detected capacity change from 0 to 764 [ 813.273360][T25967] Symlink component flag not implemented [ 813.292372][T25967] Symlink component flag not implemented [ 813.298147][T25967] Symlink component flag not implemented (129) [ 813.352011][T25967] Symlink component flag not implemented (6) [ 813.360779][T25988] sctp: [Deprecated]: syz.3.16146 (pid 25988) Use of int in max_burst socket option. [ 813.360779][T25988] Use struct sctp_assoc_value instead [ 813.442035][T12772] usb 5-1: new full-speed USB device number 81 using dummy_hcd [ 813.767154][T26027] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check. [ 813.822180][T12772] usb 5-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 813.841827][T12772] usb 5-1: config 2 interface 0 has no altsetting 0 [ 813.948491][T26044] cgroup: subsys name conflicts with all [ 814.032349][T12772] usb 5-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b [ 814.062198][T12772] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 814.070288][T12772] usb 5-1: Product: syz [ 814.092074][T12772] usb 5-1: Manufacturer: syz [ 814.103459][T12772] usb 5-1: SerialNumber: syz [ 814.164294][T12772] usb 5-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state [ 814.190443][T12772] usb 5-1: selecting invalid altsetting 0 [ 814.236285][T12772] usb 5-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter) [ 814.271881][ T6577] usb 3-1: new high-speed USB device number 80 using dummy_hcd [ 814.382419][ T5452] usb 4-1: new high-speed USB device number 78 using dummy_hcd [ 814.401502][T12772] usb 5-1: USB disconnect, device number 81 [ 814.522564][T26083] __nla_validate_parse: 5 callbacks suppressed [ 814.522583][T26083] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16174'. [ 814.525260][ T6577] usb 3-1: Using ep0 maxpacket: 8 [ 814.652217][T26089] netlink: 32 bytes leftover after parsing attributes in process `syz.0.16177'. [ 814.682024][ T6577] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 814.790394][ T5452] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 814.833776][ T5452] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 814.852643][ T5452] usb 4-1: config 0 descriptor?? [ 814.865145][ T6577] usb 3-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b [ 814.905933][ T6577] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 814.915000][ T5452] cp210x 4-1:0.0: cp210x converter detected [ 814.931911][ T6577] usb 3-1: Product: syz [ 814.946461][ T6577] usb 3-1: Manufacturer: syz [ 814.960881][ T6577] usb 3-1: SerialNumber: syz [ 814.982658][ T6577] usb 3-1: config 0 descriptor?? [ 815.044480][ T6577] gspca_main: stk014-2.14.0 probing 05e1:0893 [ 815.050820][ T6577] usb 3-1: selecting invalid altsetting 1 [ 815.066572][T26122] xt_nfacct: accounting object `syz1' does not exist [ 815.143684][ T5452] usb 4-1: cp210x converter now attached to ttyUSB0 [ 815.161846][T12772] usb 2-1: new high-speed USB device number 82 using dummy_hcd [ 815.262147][ T6577] gspca_stk014: init reg: 0x00 [ 815.267367][ T6577] stk014: probe of 3-1:0.0 failed with error -5 [ 815.348816][ T5452] usb 4-1: USB disconnect, device number 78 [ 815.365528][ T5452] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 815.395772][ T5452] cp210x 4-1:0.0: device disconnected [ 815.409433][T12772] usb 2-1: Using ep0 maxpacket: 16 [ 815.420011][T26152] ieee802154 phy1 wpan1: encryption failed: -22 [ 815.465376][ T6577] usb 3-1: USB disconnect, device number 80 [ 815.692070][T12772] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 815.719739][T12772] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 815.747416][T12772] usb 2-1: Product: syz [ 815.762349][T12772] usb 2-1: Manufacturer: syz [ 815.779718][T12772] usb 2-1: SerialNumber: syz [ 815.797266][T12772] r8152-cfgselector 2-1: config 0 descriptor?? [ 815.949616][T26193] netlink: 'syz.3.16204': attribute type 3 has an invalid length. [ 816.037994][T26193] netlink: 201372 bytes leftover after parsing attributes in process `syz.3.16204'. [ 816.292329][T12772] r8152-cfgselector 2-1: Unknown version 0x0000 [ 816.298790][T12772] r8152-cfgselector 2-1: bad CDC descriptors [ 816.341915][T12772] r8152-cfgselector 2-1: Unknown version 0x0000 [ 816.366395][T12772] r8152-cfgselector 2-1: USB disconnect, device number 82 [ 816.873967][T26261] netlink: 'syz.1.16223': attribute type 1 has an invalid length. [ 816.913112][T26266] netlink: 'syz.0.16226': attribute type 1 has an invalid length. [ 816.936401][T26261] netlink: 'syz.1.16223': attribute type 2 has an invalid length. [ 816.964965][T26260] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 816.971219][T26261] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16223'. [ 817.279732][T26289] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 817.589536][T26314] netlink: 56 bytes leftover after parsing attributes in process `syz.1.16242'. [ 817.660984][T26319] netlink: 'syz.0.16245': attribute type 1 has an invalid length. [ 817.722231][T26319] netlink: 'syz.0.16245': attribute type 3 has an invalid length. [ 817.741078][T26319] netlink: 224 bytes leftover after parsing attributes in process `syz.0.16245'. [ 817.943276][T26340] loop3: detected capacity change from 0 to 16 [ 818.009676][T26340] erofs: (device loop3): mounted with root inode @ nid 36. [ 818.192586][T26357] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 818.384299][T26375] netlink: 244 bytes leftover after parsing attributes in process `syz.1.16263'. [ 818.536825][T26386] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 818.669638][T26299] loop2: detected capacity change from 0 to 40427 [ 818.739200][T26299] F2FS-fs (loop2): Invalid SB checksum offset: 0 [ 818.749227][T26404] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16272'. [ 818.756453][T26299] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 818.800314][T26299] F2FS-fs (loop2): invalid crc value [ 818.863327][T26299] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 819.152934][T26299] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 819.160035][T26299] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 819.388482][T26444] xt_limit: Overflow, try lower: 2147483649/3300 [ 819.435778][ T26] audit: type=1800 audit(1075.397:54): pid=26299 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.16237" name="bus" dev="loop2" ino=10 res=0 errno=0 [ 819.637007][ T4197] attempt to access beyond end of device [ 819.637007][ T4197] loop2: rw=2049, want=45104, limit=40427 [ 819.998127][T26484] netlink: 28 bytes leftover after parsing attributes in process `syz.3.16297'. [ 820.036274][T26484] netlink: 28 bytes leftover after parsing attributes in process `syz.3.16297'. [ 820.047599][T26489] overlayfs: missing 'lowerdir' [ 820.731874][ T6577] usb 5-1: new high-speed USB device number 82 using dummy_hcd [ 821.092160][ T6577] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 821.128658][ T6577] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 821.312064][ T6577] usb 5-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice= 0.40 [ 821.351654][ T6577] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 821.360107][ T6577] usb 5-1: Product: syz [ 821.400766][ T6577] usb 5-1: Manufacturer: syz [ 821.411021][ T6577] usb 5-1: SerialNumber: syz [ 821.762716][ T6577] snd-usb-audio: probe of 5-1:1.0 failed with error -22 [ 821.774464][T26626] netlink: 20 bytes leftover after parsing attributes in process `syz.0.16344'. [ 821.813088][ T6577] usb 5-1: USB disconnect, device number 82 [ 821.822064][T26626] netlink: del zone limit has 8 unknown bytes [ 822.310860][T26613] loop3: detected capacity change from 0 to 32768 [ 822.438252][T26613] JBD2: Ignoring recovery information on journal [ 822.490754][T26678] netlink: 4 bytes leftover after parsing attributes in process `syz.4.16359'. [ 822.660224][T26693] device wlan0 entered promiscuous mode [ 822.667231][T26613] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 822.741024][T26697] netlink: 14 bytes leftover after parsing attributes in process `syz.4.16367'. [ 822.952419][T26715] netlink: 16 bytes leftover after parsing attributes in process `syz.2.16372'. [ 822.989545][ T4191] ocfs2: Unmounting device (7,3) on (node local) [ 823.271959][ T6577] usb 5-1: new high-speed USB device number 83 using dummy_hcd [ 823.611529][T26760] loop1: detected capacity change from 0 to 256 [ 823.756932][T26760] FAT-fs (loop1): Directory bread(block 64) failed [ 823.787003][T26760] FAT-fs (loop1): Directory bread(block 65) failed [ 823.814479][ T6577] usb 5-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 823.831981][T26760] FAT-fs (loop1): Directory bread(block 66) failed [ 823.851849][ T6577] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 823.886743][T26760] FAT-fs (loop1): Directory bread(block 67) failed [ 823.893864][ T6577] usb 5-1: Product: syz [ 823.907275][ T6577] usb 5-1: Manufacturer: syz [ 823.924132][T26760] FAT-fs (loop1): Directory bread(block 68) failed [ 823.930830][T26760] FAT-fs (loop1): Directory bread(block 69) failed [ 823.941768][ T6577] usb 5-1: SerialNumber: syz [ 823.959667][ T6577] usb 5-1: config 0 descriptor?? [ 823.978383][T26760] FAT-fs (loop1): Directory bread(block 70) failed [ 823.998580][T26760] FAT-fs (loop1): Directory bread(block 71) failed [ 824.013907][ T6577] i2c-tiny-usb 5-1:0.0: version 6d.cc found at bus 005 address 083 [ 824.041965][T26760] FAT-fs (loop1): Directory bread(block 72) failed [ 824.058973][T26760] FAT-fs (loop1): Directory bread(block 73) failed [ 824.462250][ T6577] (null): failure reading functionality [ 824.481886][ T6577] i2c i2c-3: failure reading functionality [ 824.502166][ T6577] i2c i2c-3: connected i2c-tiny-usb device [ 824.536014][ T6577] usb 5-1: USB disconnect, device number 83 [ 824.651347][T26836] libceph: resolve '96.' (ret=-3): failed [ 825.620270][T26908] loop3: detected capacity change from 0 to 2048 [ 825.812931][T26926] netlink: 40 bytes leftover after parsing attributes in process `syz.4.16432'. [ 825.874047][T26908] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,block_validity,grpid,,errors=continue. Quota mode: writeback. [ 825.895598][T26929] netlink: 44 bytes leftover after parsing attributes in process `syz.1.16433'. [ 825.971884][T26929] netlink: 43 bytes leftover after parsing attributes in process `syz.1.16433'. [ 826.013431][T26929] netlink: 'syz.1.16433': attribute type 6 has an invalid length. [ 826.061873][T26929] netlink: 'syz.1.16433': attribute type 5 has an invalid length. [ 826.139044][T26929] netlink: 43 bytes leftover after parsing attributes in process `syz.1.16433'. [ 826.337550][T26968] tmpfs: Bad value for 'mpol' [ 826.984015][T27026] netlink: 68 bytes leftover after parsing attributes in process `syz.3.16464'. [ 828.068682][T27114] loop3: detected capacity change from 0 to 8 [ 828.179919][T27114] SQUASHFS error: Unable to read directory block [629:0] [ 828.609278][T27076] loop1: detected capacity change from 0 to 40427 [ 828.618011][ T5450] usb 1-1: new full-speed USB device number 82 using dummy_hcd [ 828.785692][T27076] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 828.804467][T27076] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 828.841910][T12779] Bluetooth: hci0: command 0x0401 tx timeout [ 828.877129][T27076] F2FS-fs (loop1): invalid crc value [ 829.005459][T27076] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 829.022037][ T5450] usb 1-1: config 0 has an invalid interface number: 31 but max is 0 [ 829.030179][ T5450] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 829.081349][T27181] loop3: detected capacity change from 0 to 512 [ 829.101272][ T5450] usb 1-1: config 0 has no interface number 0 [ 829.166782][T27076] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 829.174571][T27076] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 829.208556][ T26] audit: type=1800 audit(1085.167:55): pid=27076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.16483" name="bus" dev="loop1" ino=10 res=0 errno=0 [ 829.249260][T27181] EXT4-fs (loop3): Ignoring removed nobh option [ 829.307360][T27181] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,nobh,,errors=continue. Quota mode: writeback. [ 829.322396][ T5450] usb 1-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 829.331498][ T5450] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 829.411870][ T5450] usb 1-1: Product: syz [ 829.416113][ T5450] usb 1-1: Manufacturer: syz [ 829.420741][ T5450] usb 1-1: SerialNumber: syz [ 829.460809][ T4189] attempt to access beyond end of device [ 829.460809][ T4189] loop1: rw=2049, want=45104, limit=40427 [ 829.523047][ T5450] usb 1-1: config 0 descriptor?? [ 829.562839][ T5450] hub 1-1:0.31: bad descriptor, ignoring hub [ 829.568961][ T5450] hub: probe of 1-1:0.31 failed with error -5 [ 829.631497][ T5450] usb 1-1: Found UVC 0.04 device syz (046d:08c3) [ 829.662680][ T5450] uvcvideo 1-1:0.31: Entity type for entity Output 6 was not initialized! [ 829.671301][ T5450] usb 1-1: Failed to create links for entity 6 [ 829.694629][ T5450] usb 1-1: Failed to register entities (-22). [ 829.811276][ T5450] usb 1-1: USB disconnect, device number 82 [ 830.041340][T27182] loop4: detected capacity change from 0 to 40427 [ 830.092603][T27182] F2FS-fs (loop4): invalid crc value [ 830.097980][T27182] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 830.165885][T27234] xt_hashlimit: max too large, truncated to 1048576 [ 830.175214][T27182] F2FS-fs (loop4): Found nat_bits in checkpoint [ 830.202518][T27234] xt_hashlimit: overflow, try lower: 6/0 [ 830.323717][T27182] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 830.359123][T27182] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 830.402184][T27182] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 830.766246][T27265] loop2: detected capacity change from 0 to 512 [ 830.782459][T27226] loop3: detected capacity change from 0 to 32768 [ 830.828816][T27265] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 830.879907][T27226] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 830.959139][T27226] BTRFS info (device loop3): using free space tree [ 830.989564][T27265] EXT4-fs (loop2): mount failed [ 831.001781][T27226] BTRFS info (device loop3): has skinny extents [ 831.213803][T27303] netlink: 20 bytes leftover after parsing attributes in process `syz.4.16540'. [ 831.309704][T27310] netlink: 16 bytes leftover after parsing attributes in process `syz.2.16542'. [ 831.322034][T27226] BTRFS info (device loop3): enabling ssd optimizations [ 831.538738][T27328] x_tables: duplicate entry at hook 3 [ 831.700613][ T263] block nbd2: Attempted send on invalid socket [ 831.707787][ T263] blk_update_request: I/O error, dev nbd2, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 831.719358][T27336] REISERFS warning (device nbd2): sh-2006 read_super_block: bread failed (dev nbd2, block 2, size 4096) [ 831.751798][ T263] block nbd2: Attempted send on invalid socket [ 831.758063][ T263] blk_update_request: I/O error, dev nbd2, sector 128 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 831.769499][T27336] REISERFS warning (device nbd2): sh-2006 read_super_block: bread failed (dev nbd2, block 16, size 4096) [ 831.796759][T27336] REISERFS warning (device nbd2): sh-2021 reiserfs_fill_super: can not find reiserfs on nbd2 [ 831.927891][ T4182] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop3 scanned by udevd (4182) [ 832.508614][ T7248] usb 3-1: new high-speed USB device number 81 using dummy_hcd [ 833.042074][ T7248] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 833.064250][ T7248] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 833.073212][T27425] netlink: 12 bytes leftover after parsing attributes in process `syz.1.16578'. [ 833.097164][ T7248] usb 3-1: Product: syz [ 833.101399][ T7248] usb 3-1: Manufacturer: syz [ 833.137023][ T7248] usb 3-1: SerialNumber: syz [ 833.155265][ T7248] usb 3-1: config 0 descriptor?? [ 833.178081][T27428] netlink: 'syz.4.16580': attribute type 10 has an invalid length. [ 833.204726][T27428] netlink: 40 bytes leftover after parsing attributes in process `syz.4.16580'. [ 833.220298][T27428] netlink: 'syz.4.16580': attribute type 10 has an invalid length. [ 833.233518][T27437] loop1: detected capacity change from 0 to 16 [ 833.241041][ T7248] ch341 3-1:0.0: ch341-uart converter detected [ 833.258792][T27428] netlink: 40 bytes leftover after parsing attributes in process `syz.4.16580'. [ 833.330711][T27437] erofs: (device loop1): mounted with root inode @ nid 36. [ 833.379878][T27437] attempt to access beyond end of device [ 833.379878][T27437] loop1: rw=0, want=15300821032, limit=16 [ 833.405497][T27437] erofs: (device loop1): z_erofs_readpage: failed to read, err [-117] [ 833.451948][ T7248] usb 3-1: failed to receive control message: -71 [ 833.458513][ T7248] ch341-uart: probe of ttyUSB0 failed with error -71 [ 833.472084][ T5450] usb 4-1: new high-speed USB device number 79 using dummy_hcd [ 833.487846][ T7248] usb 3-1: USB disconnect, device number 81 [ 833.507294][ T7248] ch341 3-1:0.0: device disconnected [ 833.658456][T27482] netlink: 'syz.0.16592': attribute type 5 has an invalid length. [ 833.674689][T27481] netlink: 'syz.1.16593': attribute type 2 has an invalid length. [ 833.860075][T27488] loop1: detected capacity change from 0 to 4096 [ 833.937611][T27488] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 833.937758][ T5450] usb 4-1: unable to get BOS descriptor or descriptor too short [ 834.019004][T27497] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 834.101989][ T5450] usb 4-1: config 1 interface 0 altsetting 223 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 834.142198][ T5450] usb 4-1: config 1 interface 0 has no altsetting 0 [ 834.231315][ T26] audit: type=1326 audit(1090.187:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27506 comm="syz.1.16601" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6b6feace59 code=0x0 [ 834.402208][ T5450] usb 4-1: New USB device found, idVendor=05ac, idProduct=0252, bcdDevice= 0.40 [ 834.411318][ T5450] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 834.471915][ T5450] usb 4-1: Product: syz [ 834.476193][ T5450] usb 4-1: Manufacturer: syz [ 834.508473][ T5450] usb 4-1: SerialNumber: syz [ 834.804835][ T5450] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input62 [ 834.814392][ T5436] usb 1-1: new high-speed USB device number 83 using dummy_hcd [ 834.862066][ T3546] bcm5974 4-1:1.0: could not read from device [ 834.887172][ T5450] usb 4-1: USB disconnect, device number 79 [ 834.893434][ T3546] bcm5974 4-1:1.0: could not read from device [ 835.056858][T27578] loop2: detected capacity change from 0 to 164 [ 835.135592][T27578] rock: directory entry would overflow storage [ 835.142182][T27578] rock: sig=0x66, size=4, remaining=3 [ 835.164503][T27578] rock: directory entry would overflow storage [ 835.171310][T27578] rock: sig=0x66, size=4, remaining=3 [ 835.242013][ T5436] usb 1-1: config 1 has an invalid descriptor of length 190, skipping remainder of the config [ 835.252524][ T7248] usb 5-1: new high-speed USB device number 84 using dummy_hcd [ 835.266954][ T5436] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 116, changing to 10 [ 835.288787][ T5436] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 51186, setting to 1024 [ 835.362743][T27546] loop1: detected capacity change from 0 to 32768 [ 835.495371][T27546] XFS (loop1): Mounting V5 Filesystem [ 835.508428][T27600] netlink: 'syz.3.16622': attribute type 1 has an invalid length. [ 835.516909][ T5436] usb 1-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice= 0.40 [ 835.532026][ T5436] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 835.548218][ T5436] usb 1-1: Product: syz [ 835.552778][ T5436] usb 1-1: Manufacturer: syz [ 835.557413][ T5436] usb 1-1: SerialNumber: syz [ 835.590268][T27546] XFS (loop1): Ending clean mount [ 835.595784][T27504] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 835.616392][T27546] XFS (loop1): Quotacheck needed: Please wait. [ 835.652015][ T7248] usb 5-1: unable to get BOS descriptor or descriptor too short [ 835.692728][T27546] XFS (loop1): Quotacheck: Done. [ 835.753793][ T4189] XFS (loop1): Unmounting Filesystem [ 835.762284][ T7248] usb 5-1: config 129 has an invalid interface number: 135 but max is 0 [ 835.770703][ T7248] usb 5-1: config 129 has an invalid interface number: 5 but max is 0 [ 835.799521][ T7248] usb 5-1: config 129 has 2 interfaces, different from the descriptor's value: 1 [ 835.826577][ T7248] usb 5-1: config 129 has no interface number 0 [ 835.840270][ T7248] usb 5-1: config 129 has no interface number 1 [ 835.857316][ T7248] usb 5-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5 [ 835.889826][ T7248] usb 5-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30 [ 835.919152][T27624] loop2: detected capacity change from 0 to 256 [ 835.927554][ T7248] usb 5-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37 [ 835.933060][ T5436] snd-usb-audio: probe of 1-1:1.0 failed with error -71 [ 835.947728][ T7248] usb 5-1: config 129 interface 135 has no altsetting 0 [ 835.947754][ T7248] usb 5-1: config 129 interface 5 has no altsetting 0 [ 835.962660][T27624] exfat: Deprecated parameter 'utf8' [ 835.968153][T27624] exfat: Deprecated parameter 'namecase' [ 836.012753][T27624] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc232f927, utbl_chksum : 0xe619d30d) [ 836.126133][ T5436] usb 1-1: USB disconnect, device number 83 [ 836.182031][ T7248] usb 5-1: string descriptor 0 read error: -22 [ 836.191934][ T7248] usb 5-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00 [ 836.211470][ T7248] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 836.268339][ T7248] usb 5-1: MIDIStreaming interface descriptor not found [ 836.623222][ T6577] usb 5-1: USB disconnect, device number 84 [ 836.994469][T27703] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16626'. [ 837.077015][T27703] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16626'. [ 837.190221][T27631] loop3: detected capacity change from 0 to 32768 [ 837.432000][T27631] XFS (loop3): Mounting V5 Filesystem [ 837.608176][T27631] XFS (loop3): Ending clean mount [ 837.839652][ T4191] XFS (loop3): Unmounting Filesystem [ 837.855518][T27773] xt_socket: unknown flags 0xc [ 837.921610][T27777] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16664'. [ 837.944598][T27714] loop2: detected capacity change from 0 to 32768 [ 838.025414][T27714] ERROR: (device loop2): diWrite: ixpxd invalid [ 838.025414][T27714] [ 838.082701][T27714] ERROR: (device loop2): remounting filesystem as read-only [ 838.090329][T27714] ERROR: (device loop2): txCommit: [ 838.090329][T27714] [ 838.109555][T27789] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.16667'. [ 838.568457][T27812] overlayfs: unrecognized mount option "\" or missing value [ 838.651756][T12762] usb 2-1: new high-speed USB device number 83 using dummy_hcd [ 839.011890][T12762] usb 2-1: config 16 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 110 [ 839.031780][T12762] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 839.054440][T12762] usb 2-1: config 16 has no interfaces? [ 839.060105][T12762] usb 2-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 839.111847][T12762] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 839.472546][T12762] usb 2-1: USB disconnect, device number 83 [ 839.811843][ T6577] usb 3-1: new full-speed USB device number 82 using dummy_hcd [ 840.113026][T27893] loop3: detected capacity change from 0 to 512 [ 840.188561][T27893] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.16697: bg 0: block 5: invalid block bitmap [ 840.212104][T27893] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6191: Corrupt filesystem [ 840.221956][ T6577] usb 3-1: unable to get BOS descriptor or descriptor too short [ 840.249318][T27893] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.16697: invalid indirect mapped block 3 (level 2) [ 840.263234][ T6577] usb 3-1: not running at top speed; connect to a high speed hub [ 840.272388][T27893] EXT4-fs (loop3): 1 orphan inode deleted [ 840.278592][T27893] EXT4-fs (loop3): 1 truncate cleaned up [ 840.315838][T27893] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 840.342086][ T6577] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 840.371829][T12762] usb 5-1: new full-speed USB device number 85 using dummy_hcd [ 840.389763][ T6577] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 840.439106][ T6577] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 840.628787][T27927] netlink: 'syz.1.16707': attribute type 3 has an invalid length. [ 840.633779][ T6577] usb 3-1: New USB device found, idVendor=0582, idProduct=1f14, bcdDevice= 0.40 [ 840.646958][ T6577] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 840.662019][ T6577] usb 3-1: Product: syz [ 840.666254][ T6577] usb 3-1: Manufacturer: syz [ 840.681271][ T6577] usb 3-1: SerialNumber: syz [ 840.742073][T12762] usb 5-1: config 246 has an invalid descriptor of length 0, skipping remainder of the config [ 840.912315][T12762] usb 5-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 9.63 [ 840.934867][T12762] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 840.949815][T27945] (unnamed net_device) (uninitialized): option use_carrier: invalid value (6) [ 840.978076][T12762] usb 5-1: Product: syz [ 840.989791][T12762] usb 5-1: Manufacturer: syz [ 841.002180][T12762] usb 5-1: SerialNumber: syz [ 841.072484][ T6577] usb 3-1: MIDIStreaming interface descriptor not found [ 841.134098][ T6577] usb 3-1: USB disconnect, device number 82 [ 841.312143][T12762] usb 5-1: Cannot retrieve CPort count: -71 [ 841.322125][T12762] usb 5-1: Cannot retrieve CPort count: -71 [ 841.358856][T12762] es2_ap_driver: probe of 5-1:246.0 failed with error -71 [ 841.371167][T12762] usb 5-1: USB disconnect, device number 85 [ 841.423990][ T3456] udevd[3456]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 841.682029][ T5436] usb 4-1: new full-speed USB device number 80 using dummy_hcd [ 841.775162][T28028] netlink: 32 bytes leftover after parsing attributes in process `syz.1.16729'. [ 842.054404][T28039] loop4: detected capacity change from 0 to 8192 [ 842.087063][ T5436] usb 4-1: config 8 has an invalid interface number: 223 but max is 0 [ 842.105799][ T5436] usb 4-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config [ 842.109927][T28051] netlink: 36 bytes leftover after parsing attributes in process `syz.0.16737'. [ 842.138809][ T5436] usb 4-1: config 8 has no interface number 0 [ 842.156742][ T5436] usb 4-1: config 8 interface 223 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 842.370751][ T5436] usb 4-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d [ 842.389720][ T5436] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 842.418244][ T5436] usb 4-1: Product: syz [ 842.452666][ T5436] usb 4-1: Manufacturer: syz [ 842.468404][T28039] attempt to access beyond end of device [ 842.468404][T28039] loop4: rw=0, want=57848, limit=8192 [ 842.477831][ T5436] usb 4-1: SerialNumber: syz [ 842.513062][T28039] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 842.538028][T28039] FAT-fs (loop4): Filesystem has been set read-only [ 842.579777][T28039] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 842.616386][T28039] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 842.811996][ T5436] usb 4-1: USB disconnect, device number 80 [ 842.939897][T28094] netlink: 52 bytes leftover after parsing attributes in process `syz.1.16750'. [ 843.524528][T28147] loop2: detected capacity change from 0 to 64 [ 843.731775][ T6577] usb 5-1: new high-speed USB device number 86 using dummy_hcd [ 843.751554][T28167] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 843.981828][ T6577] usb 5-1: Using ep0 maxpacket: 16 [ 844.102033][ T6577] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 844.130730][ T6577] usb 5-1: config 0 has no interface number 0 [ 844.172427][T28194] netlink: 'syz.2.16781': attribute type 46 has an invalid length. [ 844.180437][T28194] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16781'. [ 844.265772][T28200] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 844.302121][ T6577] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 844.312905][ T6577] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 844.341794][ T6577] usb 5-1: Product: syz [ 844.352018][ T6577] usb 5-1: Manufacturer: syz [ 844.372505][T28204] IPv6: sit2: Disabled Multicast RS [ 844.381738][ T6577] usb 5-1: SerialNumber: syz [ 844.402716][ T6577] usb 5-1: config 0 descriptor?? [ 844.435457][T28211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16786'. [ 844.451237][ T6577] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 844.764041][T28240] netlink: 16 bytes leftover after parsing attributes in process `syz.0.16795'. [ 844.881747][T12779] usb 3-1: new high-speed USB device number 83 using dummy_hcd [ 844.892367][ T6577] gspca_spca1528: reg_w err -71 [ 844.922264][ T6577] spca1528: probe of 5-1:0.1 failed with error -71 [ 844.958501][ T6577] usb 5-1: USB disconnect, device number 86 [ 845.132074][T12779] usb 3-1: Using ep0 maxpacket: 32 [ 845.214923][T28285] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16809'. [ 845.238514][T28285] netlink: 20 bytes leftover after parsing attributes in process `syz.3.16809'. [ 845.251997][T12779] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 845.258669][T28285] netlink: 20 bytes leftover after parsing attributes in process `syz.3.16809'. [ 845.273635][T12779] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 845.411859][T12779] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 845.436539][T12779] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 845.463875][T28303] netlink: 20 bytes leftover after parsing attributes in process `syz.0.16815'. [ 845.481953][T12779] usb 3-1: Product: syz [ 845.492822][T12779] usb 3-1: Manufacturer: syz [ 845.553098][T12779] hub 3-1:4.0: USB hub found [ 845.772036][T12779] hub 3-1:4.0: 1 port detected [ 845.992027][T12779] hub 3-1:4.0: hub_hub_status failed (err = -71) [ 845.998459][T12779] hub 3-1:4.0: config failed, can't get hub status (err -71) [ 846.112817][T12779] usb 3-1: USB disconnect, device number 83 [ 846.234153][T28374] Cannot find map_set index 135 as target [ 846.500689][ T26] audit: type=1107 audit(1102.457:57): pid=28396 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='P' [ 846.571850][ T6577] usb 5-1: new high-speed USB device number 87 using dummy_hcd [ 846.811747][ T6577] usb 5-1: Using ep0 maxpacket: 16 [ 846.932350][ T6577] usb 5-1: config index 0 descriptor too short (expected 51443, got 18) [ 847.122229][ T6577] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 847.151513][ T6577] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 847.165537][T28445] netlink: 124 bytes leftover after parsing attributes in process `syz.2.16858'. [ 847.187568][ T6577] usb 5-1: Product: syz [ 847.198091][ T6577] usb 5-1: Manufacturer: syz [ 847.240859][ T6577] usb 5-1: SerialNumber: syz [ 847.271958][ T6577] r8152-cfgselector 5-1: config 0 descriptor?? [ 847.280176][T28449] openvswitch: netlink: Actions may not be safe on all matching packets [ 847.588160][T28483] netlink: 12 bytes leftover after parsing attributes in process `syz.0.16870'. [ 847.612312][T28483] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 847.759525][ T6577] r8152-cfgselector 5-1: Unknown version 0x0000 [ 847.779702][ T6577] r8152-cfgselector 5-1: USB disconnect, device number 87 [ 848.003859][ T5450] usb 4-1: new high-speed USB device number 81 using dummy_hcd [ 848.011812][T12779] usb 1-1: new high-speed USB device number 84 using dummy_hcd [ 848.201903][T12762] usb 3-1: new high-speed USB device number 84 using dummy_hcd [ 848.272206][ T5450] usb 4-1: Using ep0 maxpacket: 8 [ 848.372286][T12779] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 848.400378][T12779] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 848.403452][T28533] loop1: detected capacity change from 0 to 32768 [ 848.432055][ T5450] usb 4-1: unable to get BOS descriptor or descriptor too short [ 848.442041][T12762] usb 3-1: Using ep0 maxpacket: 32 [ 848.500268][T28533] XFS (loop1): Mounting V5 Filesystem [ 848.512012][T12779] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 848.527303][T12779] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 848.542234][ T5450] usb 4-1: config 1 has an invalid interface number: 1 but max is 0 [ 848.546140][T12779] usb 1-1: SerialNumber: syz [ 848.562079][T12762] usb 3-1: config 4 has an invalid interface number: 128 but max is 0 [ 848.570704][ T5450] usb 4-1: config 1 has no interface number 0 [ 848.577339][T12762] usb 3-1: config 4 has no interface number 0 [ 848.578435][ T5450] usb 4-1: config 1 interface 1 altsetting 0 bulk endpoint 0xD has invalid maxpacket 64 [ 848.593486][ T5450] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 848.623988][T12762] usb 3-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 848.658905][T28533] XFS (loop1): Ending clean mount [ 848.664708][T12762] usb 3-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 848.715541][T12762] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 848.746985][T12762] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 848.777338][T28560] netlink: 'syz.4.16889': attribute type 1 has an invalid length. [ 848.786778][ T4189] XFS (loop1): Unmounting Filesystem [ 848.792322][ T5450] usb 4-1: New USB device found, idVendor=1a86, idProduct=752d, bcdDevice= 0.40 [ 848.808610][ T5450] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 848.816984][ T5450] usb 4-1: Product: syz [ 848.821258][ T5450] usb 4-1: Manufacturer: syz [ 848.826057][ T5450] usb 4-1: SerialNumber: syz [ 848.832987][T28560] netlink: 'syz.4.16889': attribute type 9 has an invalid length. [ 848.851139][T12762] hub 3-1:4.128: USB hub found [ 848.862310][T28495] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 848.904842][T12779] usb 1-1: 0:2 : does not exist [ 848.920064][T12779] usb 1-1: unit 5: unexpected type 0x03 [ 848.951423][T12779] usb 1-1: USB disconnect, device number 84 [ 849.082302][T12762] hub 3-1:4.128: 21 ports detected [ 849.087508][T12762] hub 3-1:4.128: Using single TT (err -22) [ 849.111948][T12762] hub 3-1:4.128: insufficient power available to use all downstream ports [ 849.226572][ T5450] usb 4-1: USB disconnect, device number 81 [ 849.243990][ T4182] udevd[4182]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 849.307802][ T3456] udevd[3456]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.1/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 849.312414][T12762] hub 3-1:4.128: hub_hub_status failed (err = -71) [ 849.330466][ T6577] usb 5-1: new high-speed USB device number 88 using dummy_hcd [ 849.373088][T28617] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16890'. [ 849.392217][T12762] hub 3-1:4.128: config failed, can't get hub status (err -71) [ 849.461377][T12762] usb 3-1: USB disconnect, device number 84 [ 849.592091][ T6577] usb 5-1: Using ep0 maxpacket: 8 [ 849.717786][ T6577] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 849.738207][ T6577] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 849.751100][ T6577] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 849.769801][ T6577] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 849.782358][ T6577] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 849.792667][ T6577] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 849.802032][ T6577] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 849.823390][ T6577] usb 5-1: config 0 descriptor?? [ 849.842372][T28585] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 849.991932][ T5450] usb 1-1: new high-speed USB device number 85 using dummy_hcd [ 850.132426][T28657] Bluetooth: hci5: Received unexpected HCI Event 00000000 [ 850.239533][T28686] netlink: 'syz.3.16910': attribute type 5 has an invalid length. [ 850.281807][ T5450] usb 1-1: Using ep0 maxpacket: 16 [ 850.327596][ T6577] usb 5-1: USB disconnect, device number 88 [ 850.452259][ T5450] usb 1-1: unable to get BOS descriptor or descriptor too short [ 850.742302][ T5450] usb 1-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40 [ 850.769324][ T5450] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 850.786217][ T5450] usb 1-1: Product: syz [ 850.805160][ T5450] usb 1-1: Manufacturer: syz [ 850.809825][ T5450] usb 1-1: SerialNumber: syz [ 850.858822][T28739] netlink: 12 bytes leftover after parsing attributes in process `syz.2.16926'. [ 851.040013][T28757] netlink: 'syz.4.16932': attribute type 8 has an invalid length. [ 851.147193][T28770] ipt_ECN: cannot use operation on non-tcp rule [ 851.202027][ T5450] usb 1-1: 1:1 : bogus bTerminalLink 8 [ 851.227888][ T5450] usb 1-1: unit 0 not found! [ 851.232756][ T5450] usb 1-1: unit 4 not found! [ 851.237421][ T5450] usb 1-1: unit 12 not found! [ 851.341711][ T5450] usb 1-1: USB disconnect, device number 85 [ 851.403168][T28807] netlink: 12 bytes leftover after parsing attributes in process `syz.2.16941'. [ 851.412777][T28811] netlink: 'syz.4.16942': attribute type 2 has an invalid length. [ 851.581918][T12762] usb 2-1: new high-speed USB device number 84 using dummy_hcd [ 851.607787][ T4180] udevd[4180]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 851.615080][T28821] IPv6: sit3: Disabled Multicast RS [ 851.827440][T12762] usb 2-1: Using ep0 maxpacket: 8 [ 851.894916][T28848] netlink: 80 bytes leftover after parsing attributes in process `syz.3.16954'. [ 851.953326][T12762] usb 2-1: config 0 has an invalid interface number: 186 but max is 0 [ 851.961566][T12762] usb 2-1: config 0 has no interface number 0 [ 851.997197][T12762] usb 2-1: config 0 interface 186 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 852.039221][T12762] usb 2-1: config 0 interface 186 altsetting 0 endpoint 0x1 has an invalid bInterval 18, changing to 8 [ 852.064158][T12762] usb 2-1: config 0 interface 186 altsetting 0 has an invalid endpoint with address 0x9A, skipping [ 852.100355][T12762] usb 2-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 852.292200][T12762] usb 2-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 852.301344][T12762] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 852.338982][T12762] usb 2-1: Product: syz [ 852.349134][T12762] usb 2-1: Manufacturer: syz [ 852.367925][T12762] usb 2-1: SerialNumber: syz [ 852.389578][T12762] usb 2-1: config 0 descriptor?? [ 852.457285][T12762] iowarrior 2-1:0.186: no interrupt-in endpoint found [ 853.456967][T28975] xt_l2tp: missing protocol rule (udp|l2tpip) [ 853.711968][ T5450] usb 4-1: new full-speed USB device number 82 using dummy_hcd [ 854.117219][T29009] tmpfs: Bad value for 'mpol' [ 854.151926][ T5450] usb 4-1: unable to get BOS descriptor or descriptor too short [ 854.177479][T29012] openvswitch: netlink: Actions may not be safe on all matching packets [ 854.199394][ T5450] usb 4-1: not running at top speed; connect to a high speed hub [ 854.337641][ T5436] usb 2-1: USB disconnect, device number 84 [ 854.416092][T29025] ipt_REJECT: ECHOREPLY no longer supported. [ 854.483142][ T5450] usb 4-1: New USB device found, idVendor=0582, idProduct=004d, bcdDevice= 0.40 [ 854.519816][ T5450] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 854.528976][ T5450] usb 4-1: Product: syz [ 854.547062][ T5450] usb 4-1: Manufacturer: syz [ 854.560671][ T5450] usb 4-1: SerialNumber: syz [ 854.721828][T12762] usb 3-1: new high-speed USB device number 85 using dummy_hcd [ 854.744506][T29053] netlink: 72 bytes leftover after parsing attributes in process `syz.1.17020'. [ 854.944571][ T5450] usb 4-1: invalid MIDI in EP 0 [ 854.981871][T12762] usb 3-1: Using ep0 maxpacket: 16 [ 855.049008][ T5450] snd-usb-audio: probe of 4-1:1.0 failed with error -22 [ 855.118203][ T3456] udevd[3456]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 855.142233][T12762] usb 3-1: unable to get BOS descriptor or descriptor too short [ 855.155248][ T5450] usb 4-1: USB disconnect, device number 82 [ 855.222335][T12762] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 855.267632][T12762] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 855.316266][T29097] loop1: detected capacity change from 0 to 4096 [ 855.346999][T28952] kexec: Could not allocate control_code_buffer [ 855.414475][T29097] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 855.452183][T12762] usb 3-1: New USB device found, idVendor=1235, idProduct=8212, bcdDevice= 0.40 [ 855.489076][T29114] netlink: 7 bytes leftover after parsing attributes in process `syz.3.17033'. [ 855.490708][T12762] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 855.522668][T29097] ntfs3: loop1: Failed to load $Extend. [ 855.557388][T29114] netlink: 7 bytes leftover after parsing attributes in process `syz.3.17033'. [ 855.567445][T12762] usb 3-1: Product: syz [ 855.584061][T29119] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 855.592186][T12762] usb 3-1: Manufacturer: syz [ 855.596836][T12762] usb 3-1: SerialNumber: syz [ 855.703112][T29130] netlink: 'syz.4.17036': attribute type 32 has an invalid length. [ 855.805594][T29137] loop4: detected capacity change from 0 to 256 [ 855.900941][T29137] FAT-fs (loop4): Directory bread(block 64) failed [ 855.927121][T29137] FAT-fs (loop4): Directory bread(block 65) failed [ 855.969684][T29137] FAT-fs (loop4): Directory bread(block 66) failed [ 855.992286][T29137] FAT-fs (loop4): Directory bread(block 67) failed [ 856.002251][T12762] usb 3-1: Focusrite Scarlett Gen 2/3 Mixer Driver disabled; use options snd_usb_audio vid=0x1235 pid=0x8212 device_setup=1 to enable and report any issues to g@b4.vu [ 856.040925][T29137] FAT-fs (loop4): Directory bread(block 68) failed [ 856.074887][T29137] FAT-fs (loop4): Directory bread(block 69) failed [ 856.081565][T29137] FAT-fs (loop4): Directory bread(block 70) failed [ 856.105470][T12762] usb 3-1: USB disconnect, device number 85 [ 856.116100][T29137] FAT-fs (loop4): Directory bread(block 71) failed [ 856.133620][T29137] FAT-fs (loop4): Directory bread(block 72) failed [ 856.149833][T29137] FAT-fs (loop4): Directory bread(block 73) failed [ 856.332936][ T4182] udevd[4182]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 856.484365][T29187] netlink: 4 bytes leftover after parsing attributes in process `syz.4.17049'. [ 856.538883][T29187] 8021q: adding VLAN 0 to HW filter on device batadv2 [ 857.061937][T29237] loop2: detected capacity change from 0 to 4096 [ 857.170225][T29237] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 857.203824][T29237] ntfs3: loop2: Failed to load $Extend. [ 857.297109][T29266] loop3: detected capacity change from 0 to 512 [ 857.443515][T29266] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 857.532282][T29282] IPv6: sit3: Disabled Multicast RS [ 857.569921][T29266] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 857.853626][T29306] No such timeout policy "syz1" [ 858.383572][T29358] netlink: 12 bytes leftover after parsing attributes in process `syz.2.17107'. [ 858.404690][T29352] device gtp0 left promiscuous mode [ 858.670146][T29377] loop1: detected capacity change from 0 to 8 [ 858.796054][T29377] SQUASHFS error: Failed to read block 0x6e6: -5 [ 858.819387][T29377] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 858.871986][T29377] SQUASHFS error: Unable to read directory block [631:26] [ 858.892354][T29377] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 858.899701][T29377] SQUASHFS error: Unable to read directory block [631:26] [ 859.115429][T29413] loop1: detected capacity change from 0 to 256 [ 859.278033][T29431] openvswitch: netlink: Actions may not be safe on all matching packets [ 859.785240][T29473] IPVS: set_ctl: invalid protocol: 43 224.0.0.2:20002 [ 859.862698][T29479] sctp: [Deprecated]: syz.1.17148 (pid 29479) Use of int in max_burst socket option deprecated. [ 859.862698][T29479] Use struct sctp_assoc_value instead [ 860.117056][T29495] loop1: detected capacity change from 0 to 4096 [ 860.204358][T29495] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 860.251814][T29495] NILFS (loop1): mounting unchecked fs [ 860.267603][T29495] NILFS (loop1): recovery required for readonly filesystem [ 860.292549][T29495] NILFS (loop1): write access will be enabled during recovery [ 860.333147][T29525] netlink: 20 bytes leftover after parsing attributes in process `syz.2.17164'. [ 860.398548][T29495] NILFS (loop1): recovery complete [ 860.403948][T29532] netlink: 4 bytes leftover after parsing attributes in process `syz.3.17167'. [ 860.582835][T29549] netlink: 'syz.4.17169': attribute type 75 has an invalid length. [ 860.648453][T29556] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 861.049789][T29602] netlink: 'syz.0.17187': attribute type 12 has an invalid length. [ 861.119307][T29602] netlink: 197276 bytes leftover after parsing attributes in process `syz.0.17187'. [ 861.297695][T29626] netlink: 'syz.0.17195': attribute type 21 has an invalid length. [ 861.352548][T29626] IPv6: NLM_F_CREATE should be specified when creating new route [ 861.422636][T29637] overlayfs: missing 'lowerdir' [ 861.459812][T29642] netlink: 'syz.1.17201': attribute type 1 has an invalid length. [ 861.631755][ T6577] usb 5-1: new high-speed USB device number 89 using dummy_hcd [ 861.640187][T29649] loop2: detected capacity change from 0 to 4096 [ 861.729736][T29649] ntfs: (device loop2): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 861.768748][T29649] ntfs: (device loop2): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 861.798463][T29672] autofs4:pid:29672:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.768), cmd(0xc0189375) [ 861.818700][T29674] netlink: 'syz.1.17212': attribute type 1 has an invalid length. [ 861.831762][T29672] autofs4:pid:29672:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189375) [ 861.845830][T29649] ntfs: (device loop2): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 861.865962][T29649] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 861.895437][T29649] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 861.991894][ T6577] usb 5-1: config 0 has an invalid interface number: 199 but max is 1 [ 862.002248][ T6577] usb 5-1: config 0 has no interface number 1 [ 862.008440][ T6577] usb 5-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 862.101891][ T6577] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 862.232291][ T6577] usb 5-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 862.251750][ T6577] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 862.285755][T29649] ntfs: volume version 3.1. [ 862.300236][ T6577] usb 5-1: SerialNumber: syz [ 862.327860][T29649] ntfs: (device loop2): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 862.362938][ T6577] usb 5-1: config 0 descriptor?? [ 862.412439][T29649] ntfs: (device loop2): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 862.477665][T29649] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 862.529710][T29649] ntfs: (device loop2): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 862.579808][T29649] ntfs: (device loop2): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 862.632058][ T6577] usb 5-1: Found UVC 0.00 device (0002:0000) [ 862.659850][ T6577] usb 5-1: No valid video chain found. [ 862.701197][ T6577] usb 5-1: USB disconnect, device number 89 [ 862.996065][T29738] ip6gretap3: default qdisc (pfifo_fast) fail, fallback to noqueue [ 863.125884][T29746] netlink: 20 bytes leftover after parsing attributes in process `syz.0.17232'. [ 863.221918][ T7248] usb 4-1: new full-speed USB device number 83 using dummy_hcd [ 863.382640][T29762] netlink: 'syz.4.17238': attribute type 21 has an invalid length. [ 863.400998][T29762] netlink: 152 bytes leftover after parsing attributes in process `syz.4.17238'. [ 863.486960][T29710] loop1: detected capacity change from 0 to 32768 [ 863.528983][T29710] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.17223 (29710) [ 863.579479][T29710] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 863.582883][ T7248] usb 4-1: config 0 has an invalid interface number: 251 but max is 0 [ 863.622331][T29710] BTRFS info (device loop1): setting nodatasum [ 863.630811][T29710] BTRFS info (device loop1): force zlib compression, level 3 [ 863.638371][ T7248] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 863.638407][ T7248] usb 4-1: config 0 has no interface number 0 [ 863.638442][ T7248] usb 4-1: config 0 interface 251 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 863.696876][T29778] netlink: 'syz.0.17243': attribute type 2 has an invalid length. [ 863.743005][T29778] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 863.767917][T29710] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8) [ 863.792065][ T7248] usb 4-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 863.804701][T29710] BTRFS info (device loop1): use lzo compression, level 0 [ 863.813258][ T7248] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 863.821295][ T7248] usb 4-1: Product: syz [ 863.837463][T29710] BTRFS info (device loop1): turning on flush-on-commit [ 863.866644][ T7248] usb 4-1: Manufacturer: syz [ 863.871330][ T7248] usb 4-1: SerialNumber: syz [ 863.896744][T29710] BTRFS info (device loop1): enabling auto defrag [ 863.920645][T29710] BTRFS info (device loop1): max_inline at 4096 [ 863.926716][ T7248] usb 4-1: config 0 descriptor?? [ 863.951240][T29710] BTRFS info (device loop1): force zlib compression, level 3 [ 863.968385][T29710] BTRFS info (device loop1): using free space tree [ 863.977822][T29710] BTRFS info (device loop1): has skinny extents [ 864.042439][ T7248] asix: probe of 4-1:0.251 failed with error -22 [ 864.105140][T29814] loop2: detected capacity change from 0 to 64 [ 864.181211][T29710] BTRFS info (device loop1): enabling ssd optimizations [ 864.336497][ T7248] usb 4-1: USB disconnect, device number 83 [ 864.509554][ T4182] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 9 /dev/loop1 scanned by udevd (4182) [ 864.648454][T29857] sctp: [Deprecated]: syz.2.17259 (pid 29857) Use of int in max_burst socket option. [ 864.648454][T29857] Use struct sctp_assoc_value instead [ 865.303843][T29895] device netdevsim0 entered promiscuous mode [ 865.414544][T29913] loop3: detected capacity change from 0 to 512 [ 865.477354][T29922] netlink: 1076 bytes leftover after parsing attributes in process `syz.4.17280'. [ 865.502427][T29923] ipt_REJECT: TCP_RESET invalid for non-tcp [ 865.532833][T29913] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 865.622291][T29913] EXT4-fs error (device loop3): ext4_get_first_dir_block:3597: inode #12: comm syz.3.17278: Directory block failed checksum [ 866.083595][T29980] netlink: 60 bytes leftover after parsing attributes in process `syz.0.17297'. [ 866.110904][T29980] netlink: 60 bytes leftover after parsing attributes in process `syz.0.17297'. [ 866.143494][T29986] NILFS (nullb0): couldn't find nilfs on the device [ 866.264827][T29995] binder: 29994:29995 ioctl c0306201 200000000080 returned -14 [ 866.301845][ T6577] usb 5-1: new full-speed USB device number 90 using dummy_hcd [ 866.378366][T29989] loop1: detected capacity change from 0 to 4096 [ 866.516796][T29989] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 866.601236][T30013] netlink: 'syz.0.17309': attribute type 1 has an invalid length. [ 866.701195][T30013] netlink: 12 bytes leftover after parsing attributes in process `syz.0.17309'. [ 866.712009][ T6577] usb 5-1: unable to get BOS descriptor or descriptor too short [ 866.752245][ T6577] usb 5-1: not running at top speed; connect to a high speed hub [ 866.964892][T30038] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0) [ 867.072056][ T263] block nbd1: Attempted send on invalid socket [ 867.078298][ T263] blk_update_request: I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0 [ 867.090266][ T6577] usb 5-1: string descriptor 0 read error: -22 [ 867.098396][T30042] XFS (nbd1): SB validate failed with error -5. [ 867.111865][ T5428] usb 4-1: new high-speed USB device number 84 using dummy_hcd [ 867.112351][ T6577] usb 5-1: New USB device found, idVendor=0582, idProduct=0114, bcdDevice= 0.40 [ 867.146133][ T6577] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 867.185132][T29973] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 867.192399][T12762] usb 3-1: new low-speed USB device number 86 using dummy_hcd [ 867.235615][ T6577] usb 5-1: MIDIStreaming interface descriptor not found [ 867.460250][ T6577] usb 5-1: USB disconnect, device number 90 [ 867.552486][ T5428] usb 4-1: unable to get BOS descriptor or descriptor too short [ 867.572128][T12762] usb 3-1: config 8 has an invalid interface number: 137 but max is 0 [ 867.599634][T12762] usb 3-1: config 8 has no interface number 0 [ 867.639079][ T5428] usb 4-1: config 3 has an invalid interface number: 122 but max is 0 [ 867.650753][ T5428] usb 4-1: config 3 has no interface number 0 [ 867.665557][ T5428] usb 4-1: config 3 interface 122 has no altsetting 0 [ 867.852064][T12762] usb 3-1: string descriptor 0 read error: -22 [ 867.852244][ T5428] usb 4-1: New USB device found, idVendor=0fd9, idProduct=002c, bcdDevice=e8.87 [ 867.871810][T12762] usb 3-1: New USB device found, idVendor=0b48, idProduct=1008, bcdDevice=14.6e [ 867.882262][T30112] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 867.892946][ T5428] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 867.902292][T12762] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 867.902947][ T5428] usb 4-1: Product: syz [ 867.941131][ T5428] usb 4-1: Manufacturer: syz [ 867.951863][ T5428] usb 4-1: SerialNumber: syz [ 867.974687][T12762] ttusb_dec_send_command: command bulk message failed: error -22 [ 868.003600][T12762] ttusb-dec: probe of 3-1:8.137 failed with error -22 [ 868.178568][T12762] usb 3-1: USB disconnect, device number 86 [ 868.333399][ T5428] as10x_usb: device has been detected [ 868.351985][ T5428] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT Deluxe) [ 868.392556][ T5428] usb 4-1: DVB: registering adapter 3 frontend 0 (Elgato EyeTV DTT Deluxe)... [ 868.433829][ T5428] as10x_usb: error during firmware upload part1 [ 868.440703][ T5428] Registered device Elgato EyeTV DTT Deluxe [ 868.462028][ T5428] usb 4-1: USB disconnect, device number 84 [ 868.493811][T30153] loop1: detected capacity change from 0 to 16 [ 868.536368][T30153] erofs: (device loop1): mounted with root inode @ nid 36. [ 868.572560][ T5428] Unregistered device Elgato EyeTV DTT Deluxe [ 868.582528][ T5428] as10x_usb: device has been disconnected [ 868.619597][T30153] erofs: (device loop1): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet [ 869.050313][T30134] loop4: detected capacity change from 0 to 32768 [ 869.149545][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 869.149561][ T26] audit: type=1800 audit(1125.107:58): pid=30134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.17336" name="file1" dev="loop4" ino=4 res=0 errno=0 [ 869.210278][T30195] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 869.381566][T30216] xt_hashlimit: invalid interval [ 869.461874][ T5428] usb 2-1: new high-speed USB device number 85 using dummy_hcd [ 869.701630][T30234] xt_connbytes: Forcing CT accounting to be enabled [ 869.722523][T30234] set match dimension is over the limit! [ 869.731909][ T5428] usb 2-1: Using ep0 maxpacket: 16 [ 869.882232][ T5428] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 870.044427][ T1423] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.092165][ T5428] usb 2-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25 [ 870.101370][ T5428] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 870.116332][T30268] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 870.136353][ T5428] usb 2-1: Product: syz [ 870.140575][ T5428] usb 2-1: Manufacturer: syz [ 870.171871][ T5428] usb 2-1: SerialNumber: syz [ 870.197271][ T5428] usb 2-1: config 0 descriptor?? [ 870.275255][T30279] trusted_key: encrypted_key: master key parameter '' is invalid [ 870.520201][ T5428] usb 2-1: USB disconnect, device number 85 [ 870.690325][T30331] xt_cluster: node mask cannot exceed total number of nodes [ 870.698403][T12762] usb 5-1: new high-speed USB device number 91 using dummy_hcd [ 870.922260][T30344] bridge0: port 2(batadv0) entered blocking state [ 870.937755][T30344] bridge0: port 2(batadv0) entered disabled state [ 870.951943][T12762] usb 5-1: Using ep0 maxpacket: 8 [ 870.965251][T30344] device batadv0 entered promiscuous mode [ 871.072002][T12762] usb 5-1: config 2 has an invalid interface number: 31 but max is 0 [ 871.093152][T30355] netlink: 'syz.2.17398': attribute type 1 has an invalid length. [ 871.107142][T12762] usb 5-1: config 2 has no interface number 0 [ 871.135107][T12762] usb 5-1: config 2 interface 31 has no altsetting 0 [ 871.322080][T12762] usb 5-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f [ 871.322319][ T7214] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 871.341816][ T7214] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 871.342961][T12762] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 871.423648][T12762] usb 5-1: Product: syz [ 871.427898][T12762] usb 5-1: Manufacturer: syz [ 871.461768][T12762] usb 5-1: SerialNumber: syz [ 871.613909][T30404] IPv6: NLM_F_CREATE should be specified when creating new route [ 871.846617][ T6577] usb 4-1: new high-speed USB device number 85 using dummy_hcd [ 872.022038][ T5428] usb 1-1: new high-speed USB device number 86 using dummy_hcd [ 872.059976][T30403] loop1: detected capacity change from 0 to 32768 [ 872.102633][ T6577] usb 4-1: Using ep0 maxpacket: 8 [ 872.159564][T30434] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17422'. [ 872.172151][T12762] ch9200: probe of 5-1:2.31 failed with error -22 [ 872.206669][T12762] usb 5-1: USB disconnect, device number 91 [ 872.213512][T30434] netlink: 36 bytes leftover after parsing attributes in process `syz.2.17422'. [ 872.232931][ T6577] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 872.267536][ T6577] usb 4-1: config 179 has no interface number 0 [ 872.281960][ T5428] usb 1-1: Using ep0 maxpacket: 32 [ 872.291878][ T6577] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 872.321936][ T6577] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 872.372255][ T6577] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 872.437762][ T6577] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 872.452339][ T5428] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 872.482680][ T5428] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 872.502691][ T6577] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 872.572559][ T6577] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 872.611762][ T6577] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 872.652358][ T5428] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 872.661460][ T5428] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 872.681996][T30395] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 872.722421][ T5428] usb 1-1: Product: syz [ 872.726651][ T5428] usb 1-1: Manufacturer: syz [ 872.793285][ T5428] hub 1-1:4.0: USB hub found [ 872.970125][T30493] netlink: 16 bytes leftover after parsing attributes in process `syz.2.17437'. [ 873.020928][ T5428] hub 1-1:4.0: config failed, hub doesn't have any ports! (err -19) [ 873.189954][T12762] usb 4-1: USB disconnect, device number 85 [ 873.201737][ C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 873.210089][ C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 873.334111][T30534] bond0: Error: Cannot enslave bond to itself. [ 873.352035][ T5428] usb 1-1: USB disconnect, device number 86 [ 873.511434][T30548] netlink: 'syz.2.17453': attribute type 2 has an invalid length. [ 874.024560][T30599] overlayfs: missing 'lowerdir' [ 874.348742][T30630] netlink: 'syz.3.17480': attribute type 9 has an invalid length. [ 874.388104][T30630] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.17480'. [ 874.415993][T30636] program syz.0.17482 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 874.524216][T30642] netlink: 'syz.4.17484': attribute type 21 has an invalid length. [ 874.636958][T30656] loop1: detected capacity change from 0 to 256 [ 874.672536][T30656] exfat: Deprecated parameter 'utf8' [ 874.693202][T30656] exFAT-fs (loop1): failed to read boot sector [ 874.731731][T30656] exFAT-fs (loop1): failed to recognize exfat type [ 875.051992][T12762] usb 3-1: new high-speed USB device number 87 using dummy_hcd [ 875.301908][T12762] usb 3-1: Using ep0 maxpacket: 32 [ 875.462062][T12762] usb 3-1: unable to get BOS descriptor or descriptor too short [ 875.552278][T12762] usb 3-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 875.686643][T30725] [ 875.689041][T30725] ====================================================== [ 875.696071][T30725] WARNING: possible circular locking dependency detected [ 875.703119][T30725] syzkaller #0 Not tainted [ 875.707554][T30725] ------------------------------------------------------ [ 875.714588][T30725] syz.4.17512/30725 is trying to acquire lock: [ 875.720759][T30725] ffff888063be1028 ((work_completion)(&hdev->bg_scan_update)){+.+.}-{0:0}, at: __flush_work+0xfa/0x210 [ 875.731926][T30725] [ 875.731926][T30725] but task is already holding lock: [ 875.739309][T30725] ffffffff8d6c73e8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x18b/0x560 [ 875.749014][T30725] [ 875.749014][T30725] which lock already depends on the new lock. [ 875.749014][T30725] [ 875.759431][T30725] [ 875.759431][T30725] the existing dependency chain (in reverse order) is: [ 875.768474][T30725] [ 875.768474][T30725] -> #4 (rfkill_global_mutex){+.+.}-{3:3}: [ 875.776520][T30725] __mutex_lock_common+0x1e3/0x2400 [ 875.782287][T30725] mutex_lock_nested+0x17/0x20 [ 875.787605][T30725] rfkill_register+0x33/0x980 [ 875.792916][T30725] hci_register_dev+0x452/0x970 [ 875.798395][T30725] vhci_create_device+0x32c/0x5c0 [ 875.804043][T30725] vhci_write+0x391/0x450 [ 875.808928][T30725] vfs_write+0x745/0xd60 [ 875.813721][T30725] ksys_write+0x152/0x260 [ 875.818595][T30725] do_syscall_64+0x4c/0xa0 [ 875.823554][T30725] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 875.829989][T30725] [ 875.829989][T30725] -> #3 (&data->open_mutex){+.+.}-{3:3}: [ 875.837846][T30725] __mutex_lock_common+0x1e3/0x2400 [ 875.843615][T30725] mutex_lock_nested+0x17/0x20 [ 875.848955][T30725] vhci_send_frame+0x88/0x100 [ 875.854181][T30725] hci_send_frame+0x1a9/0x2e0 [ 875.859411][T30725] hci_tx_work+0x9f9/0x1710 [ 875.864462][T30725] process_one_work+0x85f/0x1010 [ 875.869948][T30725] worker_thread+0xaa6/0x1290 [ 875.875187][T30725] kthread+0x436/0x520 [ 875.879885][T30725] ret_from_fork+0x1f/0x30 [ 875.884876][T30725] [ 875.884876][T30725] -> #2 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}: [ 875.894117][T30725] __flush_work+0x116/0x210 [ 875.899181][T30725] hci_dev_do_open+0xc58/0x1270 [ 875.904578][T30725] hci_power_on+0x1c1/0x610 [ 875.909630][T30725] process_one_work+0x85f/0x1010 [ 875.915112][T30725] worker_thread+0xaa6/0x1290 [ 875.920349][T30725] kthread+0x436/0x520 [ 875.924960][T30725] ret_from_fork+0x1f/0x30 [ 875.929923][T30725] [ 875.929923][T30725] -> #1 (&hdev->req_lock){+.+.}-{3:3}: [ 875.937601][T30725] __mutex_lock_common+0x1e3/0x2400 [ 875.943371][T30725] mutex_lock_nested+0x17/0x20 [ 875.947521][ T5428] usb 2-1: new high-speed USB device number 86 using dummy_hcd [ 875.948687][T30725] bg_scan_update+0x44/0x3b0 [ 875.961375][T30725] process_one_work+0x85f/0x1010 [ 875.966867][T30725] worker_thread+0xaa6/0x1290 [ 875.972101][T30725] kthread+0x436/0x520 [ 875.976738][T30725] ret_from_fork+0x1f/0x30 [ 875.981717][T30725] [ 875.981717][T30725] -> #0 ((work_completion)(&hdev->bg_scan_update)){+.+.}-{0:0}: [ 875.991591][T30725] __lock_acquire+0x2c42/0x7d10 [ 875.996999][T30725] lock_acquire+0x19e/0x400 [ 876.002054][T30725] __flush_work+0x116/0x210 [ 876.007105][T30725] __cancel_work_timer+0x3f4/0x560 [ 876.012770][T30725] hci_request_cancel_all+0xcc/0x300 [ 876.018603][T30725] hci_dev_do_close+0x4e/0x1030 [ 876.024037][T30725] hci_rfkill_set_block+0x10a/0x190 [ 876.029786][T30725] rfkill_set_block+0x1c9/0x3d0 [ 876.035191][T30725] rfkill_fop_write+0x452/0x560 [ 876.040637][T30725] vfs_write+0x30b/0xd60 [ 876.045432][T30725] ksys_write+0x152/0x260 [ 876.050331][T30725] do_syscall_64+0x4c/0xa0 [ 876.055334][T30725] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 876.061779][T30725] [ 876.061779][T30725] other info that might help us debug this: [ 876.061779][T30725] [ 876.072028][T30725] Chain exists of: [ 876.072028][T30725] (work_completion)(&hdev->bg_scan_update) --> &data->open_mutex --> rfkill_global_mutex [ 876.072028][T30725] [ 876.087799][T30725] Possible unsafe locking scenario: [ 876.087799][T30725] [ 876.095432][T30725] CPU0 CPU1 [ 876.100829][T30725] ---- ---- [ 876.106214][T30725] lock(rfkill_global_mutex); [ 876.111015][T30725] lock(&data->open_mutex); [ 876.118145][T30725] lock(rfkill_global_mutex); [ 876.125447][T30725] lock((work_completion)(&hdev->bg_scan_update)); [ 876.132074][T30725] [ 876.132074][T30725] *** DEADLOCK *** [ 876.132074][T30725] [ 876.140231][T30725] 1 lock held by syz.4.17512/30725: [ 876.145457][T30725] #0: ffffffff8d6c73e8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x18b/0x560 [ 876.155631][T30725] [ 876.155631][T30725] stack backtrace: [ 876.161578][T30725] CPU: 0 PID: 30725 Comm: syz.4.17512 Not tainted syzkaller #0 [ 876.169156][T30725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 876.179240][T30725] Call Trace: [ 876.182553][T30725] [ 876.185513][T30725] dump_stack_lvl+0x188/0x250 [ 876.190253][T30725] ? load_image+0x400/0x400 [ 876.194794][T30725] ? show_regs_print_info+0x20/0x20 [ 876.200020][T30725] ? print_circular_bug+0x12b/0x1a0 [ 876.205246][T30725] check_noncircular+0x296/0x330 [ 876.210216][T30725] ? look_up_lock_class+0x71/0x110 [ 876.215460][T30725] ? add_chain_block+0x940/0x940 [ 876.220420][T30725] ? lockdep_lock+0xf1/0x1f0 [ 876.225041][T30725] ? __lock_acquire+0x12e8/0x7d10 [ 876.230099][T30725] ? mark_lock+0x94/0x320 [ 876.234447][T30725] __lock_acquire+0x2c42/0x7d10 [ 876.239340][T30725] ? verify_lock_unused+0x140/0x140 [ 876.244580][T30725] ? verify_lock_unused+0x140/0x140 [ 876.249835][T30725] ? mark_lock+0x94/0x320 [ 876.254204][T30725] lock_acquire+0x19e/0x400 [ 876.258769][T30725] ? __flush_work+0xfa/0x210 [ 876.263406][T30725] ? __lock_acquire+0x7d10/0x7d10 [ 876.268457][T30725] ? read_lock_is_recursive+0x10/0x10 [ 876.273851][T30725] ? start_flush_work+0x776/0x820 [ 876.278903][T30725] __flush_work+0x116/0x210 [ 876.283438][T30725] ? __flush_work+0xfa/0x210 [ 876.288047][T30725] ? flush_work+0x20/0x20 [ 876.292394][T30725] ? try_to_grab_pending+0xfa/0x7f0 [ 876.297625][T30725] ? mark_lock+0x94/0x320 [ 876.301988][T30725] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 876.307999][T30725] ? lock_chain_count+0x20/0x20 [ 876.312882][T30725] ? mark_lock+0x94/0x320 [ 876.317251][T30725] ? __cancel_work_timer+0x36a/0x560 [ 876.322587][T30725] __cancel_work_timer+0x3f4/0x560 [ 876.327733][T30725] ? cancel_work_sync+0x20/0x20 [ 876.332637][T30725] ? __cancel_work+0x1f9/0x2e0 [ 876.337429][T30725] ? lockdep_hardirqs_on+0x94/0x140 [ 876.342670][T30725] ? __cancel_work+0x27b/0x2e0 [ 876.347482][T30725] ? cancel_work+0x20/0x20 [ 876.351964][T30725] ? lock_chain_count+0x20/0x20 [ 876.356849][T30725] hci_request_cancel_all+0xcc/0x300 [ 876.362171][T30725] hci_dev_do_close+0x4e/0x1030 [ 876.367060][T30725] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 876.372994][T30725] ? _raw_spin_unlock+0x40/0x40 [ 876.377885][T30725] hci_rfkill_set_block+0x10a/0x190 [ 876.383110][T30725] ? rcu_lock_release+0x20/0x20 [ 876.387986][T30725] rfkill_set_block+0x1c9/0x3d0 [ 876.392875][T30725] rfkill_fop_write+0x452/0x560 [ 876.397775][T30725] ? rfkill_fop_read+0x520/0x520 [ 876.402745][T30725] ? common_file_perm+0xb0/0x1c0 [ 876.407815][T30725] ? fsnotify_perm+0x5d/0x560 [ 876.412604][T30725] ? security_file_permission+0x75/0xa0 [ 876.418196][T30725] ? rfkill_fop_read+0x520/0x520 [ 876.423167][T30725] vfs_write+0x30b/0xd60 [ 876.427438][T30725] ? file_end_write+0x250/0x250 [ 876.432339][T30725] ? __fget_files+0x40f/0x480 [ 876.437054][T30725] ? __fdget_pos+0x1e2/0x370 [ 876.441675][T30725] ? ksys_write+0x71/0x260 [ 876.446121][T30725] ksys_write+0x152/0x260 [ 876.450484][T30725] ? __ia32_sys_read+0x80/0x80 [ 876.455285][T30725] ? lockdep_hardirqs_on+0x94/0x140 [ 876.460515][T30725] do_syscall_64+0x4c/0xa0 [ 876.464958][T30725] ? clear_bhb_loop+0x30/0x80 [ 876.469672][T30725] ? clear_bhb_loop+0x30/0x80 [ 876.474394][T30725] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 876.480411][T30725] RIP: 0033:0x7fa5938f4e59 [ 876.484987][T30725] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 876.504622][T30725] RSP: 002b:00007fa591b4e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 876.513104][T30725] RAX: ffffffffffffffda RBX: 00007fa593b6dfa0 RCX: 00007fa5938f4e59 [ 876.521125][T30725] RDX: 0000000000000008 RSI: 0000200000000080 RDI: 0000000000000003 [ 876.529125][T30725] RBP: 00007fa59398ad6f R08: 0000000000000000 R09: 0000000000000000 [ 876.537123][T30725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 876.545128][T30725] R13: 00007fa593b6e038 R14: 00007fa593b6dfa0 R15: 00007ffc93731eb8 [ 876.553131][T30725] [ 876.556206][ C0] vkms_vblank_simulate: vblank timer overrun [ 876.601973][T12762] usb 3-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 876.613741][T12762] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 876.622222][T12762] usb 3-1: Product: syz [ 876.626485][T12762] usb 3-1: Manufacturer: syz [ 876.631155][T12762] usb 3-1: SerialNumber: syz [ 876.772003][ T5428] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 876.781144][ T5428] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 876.789342][ T5428] usb 2-1: Product: syz [ 876.793608][ T5428] usb 2-1: Manufacturer: syz [ 876.798219][ T5428] usb 2-1: SerialNumber: syz [ 876.804590][ T5428] usb 2-1: config 0 descriptor?? [ 876.852776][ T5428] ch341 2-1:0.0: ch341-uart converter detected [ 876.901990][T12762] usb 3-1: Invalid number of CPorts: 0 [ 876.908100][T12762] es2_ap_driver: probe of 3-1:7.0 failed with error -22 [ 877.114500][T12762] usb 3-1: USB disconnect, device number 87 [ 877.282085][ T5428] usb 2-1: failed to send control message: -71 [ 877.288305][ T5428] ch341-uart: probe of ttyUSB0 failed with error -71 [ 877.300025][ T5428] usb 2-1: USB disconnect, device number 86 [ 877.308049][ T5428] ch341 2-1:0.0: device disconnected [ 877.317717][ T4182] udevd[4182]: setting mode of /dev/bus/usb/002/086 to 020664 failed: No such file or directory [ 877.328849][ T4182] udevd[4182]: setting owner of /dev/bus/usb/002/086 to uid=0, gid=0 failed: No such file or directory