last executing test programs: 8m31.657751655s ago: executing program 1 (id=558): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x11}]}, @NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPIRATION={0xc}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xcc}}, 0x0) 8m30.879205823s ago: executing program 1 (id=562): r0 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000680)={0x53, 0x0, 0x2, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000400)="9ef0", 0x0, 0xfffffbfc, 0x0, 0x100004, 0x0}) 8m30.469055026s ago: executing program 1 (id=564): bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x0, 0x4, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb100000000102000905"], 0x0) 8m27.108307729s ago: executing program 1 (id=589): syz_mount_image$erofs(&(0x7f0000000040), &(0x7f0000000580)='./file2\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x1, 0x21d, &(0x7f0000000b40)="$eJzsmL9rFEEUx78zu7e5FRFtUthYGDCi2cvuoaQ5NIJgJULir0oPs4Z4m5xcVjAHgsHGRjsLwcbCf8AiRSoLO/8BQQsVBAuvsLCxGZmd2b1JJnGPNVa+TzF8Z9978+a9233FgSCI/5Yvn39+enJuZv4kgP2YwJh+/s0BGFOaG/4fn9878ax1/sXrD6/erhx4sLn9PBkixNYH9T/kdwG8mXWQFpmK6F9STOjNPHihL4PjuNZXwRBofRMcV7SOwXBd6zuG7kr/ILi9lMTBrW6yIMW0XEK5RHJpbr/fYJ1hQe+FEIIZ9tW1fqedJHHPEK627WCqJIpknXGrfzV4GMxytIz7yS5ee/xoXe7z3kwb/QvBEeoimmCY089nMJb3RrXEqP+wOzzfserfsVrpKg1lRdaVaP3Yk2aZ4tBUtfBJWc5Z23QQVa6BrVE1DE2yk3tbsvXqZMItfxfP6B+0Qq6Lo1bx1Afwjyo1RaUqcjE+2Hxnm76WhQtWnoKN/v7UR71z/iFW75iPfof/Tcd2u9j7DTU/xEuGY8Z8co350UiX7zZW1/pTS8vtxXgxXomi5mkGPDwVNbJBpFZr7g3ns5/Np33G+bVdfD3u4X47TXuhWj3mwUea9qJsHxmfzdxG9/sNHZbiAoCjaiPHplec6Fg5mKd8eOYr1aTtRBAEQRAEQRAEQRAEQRAEUYkjYNm/oCVElzLv3wEAAP//0Ixjlw==") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file2'}, 0x3a}], [], 0x2f}) 8m25.624190924s ago: executing program 1 (id=597): r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x400}, 0xc) 8m25.615896194s ago: executing program 3 (id=599): syz_usb_connect(0x0, 0x24, &(0x7f0000000540)=ANY=[@ANYBLOB="1201010269504020d81322006ddb010203010902120001fd0a10050904"], &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0}) syz_open_dev$evdev(0x0, 0x0, 0x0) 8m25.091580281s ago: executing program 1 (id=602): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x4) 8m23.316303098s ago: executing program 32 (id=602): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x4) 8m23.227034862s ago: executing program 3 (id=605): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x3, &(0x7f0000000000), 0x4) 8m23.175798333s ago: executing program 2 (id=607): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030038000b12d25a80648c2594f90424fc605865000002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 8m23.048187665s ago: executing program 3 (id=608): r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB="44000000210001050000000000000000020000000500000000000000080001000000000014000c"], 0x44}}, 0x0) 8m22.735305834s ago: executing program 3 (id=609): syz_mount_image$erofs(&(0x7f0000000040), &(0x7f0000000580)='./file2\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x1, 0x21d, &(0x7f0000000b40)="$eJzsmL9rFEEUx78zu7e5FRFtUthYGDCi2cvuoaQ5NIJgJULir0oPs4Z4m5xcVjAHgsHGRjsLwcbCf8AiRSoLO/8BQQsVBAuvsLCxGZmd2b1JJnGPNVa+TzF8Z9978+a9233FgSCI/5Yvn39+enJuZv4kgP2YwJh+/s0BGFOaG/4fn9878ax1/sXrD6/erhx4sLn9PBkixNYH9T/kdwG8mXWQFpmK6F9STOjNPHihL4PjuNZXwRBofRMcV7SOwXBd6zuG7kr/ILi9lMTBrW6yIMW0XEK5RHJpbr/fYJ1hQe+FEIIZ9tW1fqedJHHPEK627WCqJIpknXGrfzV4GMxytIz7yS5ee/xoXe7z3kwb/QvBEeoimmCY089nMJb3RrXEqP+wOzzfserfsVrpKg1lRdaVaP3Yk2aZ4tBUtfBJWc5Z23QQVa6BrVE1DE2yk3tbsvXqZMItfxfP6B+0Qq6Lo1bx1Afwjyo1RaUqcjE+2Hxnm76WhQtWnoKN/v7UR71z/iFW75iPfof/Tcd2u9j7DTU/xEuGY8Z8co350UiX7zZW1/pTS8vtxXgxXomi5mkGPDwVNbJBpFZr7g3ns5/Np33G+bVdfD3u4X47TXuhWj3mwUea9qJsHxmfzdxG9/sNHZbiAoCjaiPHplec6Fg5mKd8eOYr1aTtRBAEQRAEQRAEQRAEQRAEUYkjYNm/oCVElzLv3wEAAP//0Ixjlw==") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file2'}, 0x3a}], [], 0x2f}) 8m22.521744951s ago: executing program 3 (id=610): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000055098a403a0901268f08000000010902120001000000000904"], 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) 8m22.494273229s ago: executing program 2 (id=611): r0 = socket$phonet_pipe(0x23, 0x5, 0x2) bind$phonet(r0, 0x0, 0x0) 8m21.953941404s ago: executing program 2 (id=614): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) shmctl$IPC_SET(0x0, 0x1, 0x0) 8m21.523853628s ago: executing program 3 (id=616): r0 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, r0) 8m19.16371429s ago: executing program 33 (id=616): r0 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, r0) 8m19.098928013s ago: executing program 2 (id=620): syz_mount_image$erofs(&(0x7f0000000040), &(0x7f0000000580)='./file2\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x1, 0x21d, &(0x7f0000000b40)="$eJzsmL9rFEEUx78zu7e5FRFtUthYGDCi2cvuoaQ5NIJgJULir0oPs4Z4m5xcVjAHgsHGRjsLwcbCf8AiRSoLO/8BQQsVBAuvsLCxGZmd2b1JJnGPNVa+TzF8Z9978+a9233FgSCI/5Yvn39+enJuZv4kgP2YwJh+/s0BGFOaG/4fn9878ax1/sXrD6/erhx4sLn9PBkixNYH9T/kdwG8mXWQFpmK6F9STOjNPHihL4PjuNZXwRBofRMcV7SOwXBd6zuG7kr/ILi9lMTBrW6yIMW0XEK5RHJpbr/fYJ1hQe+FEIIZ9tW1fqedJHHPEK627WCqJIpknXGrfzV4GMxytIz7yS5ee/xoXe7z3kwb/QvBEeoimmCY089nMJb3RrXEqP+wOzzfserfsVrpKg1lRdaVaP3Yk2aZ4tBUtfBJWc5Z23QQVa6BrVE1DE2yk3tbsvXqZMItfxfP6B+0Qq6Lo1bx1Afwjyo1RaUqcjE+2Hxnm76WhQtWnoKN/v7UR71z/iFW75iPfof/Tcd2u9j7DTU/xEuGY8Z8co350UiX7zZW1/pTS8vtxXgxXomi5mkGPDwVNbJBpFZr7g3ns5/Np33G+bVdfD3u4X47TXuhWj3mwUea9qJsHxmfzdxG9/sNHZbiAoCjaiPHplec6Fg5mKd8eOYr1aTtRBAEQRAEQRAEQRAEQRAEUYkjYNm/oCVElzLv3wEAAP//0Ixjlw==") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file2'}, 0x3a}], [], 0x2f}) 8m17.616317721s ago: executing program 2 (id=624): r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000000)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_simple={0x58, 0x1, 0x0, 0x0, {{0x10}, {0x2c, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0xf, 0x3, '\\^]!${{%@:\x00'}, @TCA_DEF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0) 8m16.713920829s ago: executing program 2 (id=626): mbind(&(0x7f0000bfe000/0x400000)=nil, 0x400000, 0x4005, &(0x7f0000000000)=0x1fffffffd, 0xb, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ea1000/0x4000)=nil, 0x3) 8m16.186935745s ago: executing program 34 (id=626): mbind(&(0x7f0000bfe000/0x400000)=nil, 0x400000, 0x4005, &(0x7f0000000000)=0x1fffffffd, 0xb, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ea1000/0x4000)=nil, 0x3) 5.692288585s ago: executing program 5 (id=3477): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, 0x0) 5.41098541s ago: executing program 4 (id=3479): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a300000000064000000060a010400000000000000000100000008000b4000000000340004803000018008000100636d7000240002801000038009000100000000fd80000000080001400000005108000240000000000900010073797a3000000000050007"], 0xd8}}, 0x0) 5.222288333s ago: executing program 7 (id=3480): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="0002000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b0001006772657461700000", @ANYRES32, @ANYBLOB="0500110001000000140035006970766c616e3100000000000000000008001b000100000008002e"], 0x200}}, 0x0) 5.134428261s ago: executing program 0 (id=3481): r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00') ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0xc0686611, &(0x7f0000000180)={0x900, 0x0, 0x0, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) 5.071722196s ago: executing program 6 (id=3482): r0 = syz_open_procfs(0x0, &(0x7f0000000100)='ns\x00') ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000040)={{r0}, 0x10000000000}) 4.861976938s ago: executing program 7 (id=3483): r0 = fanotify_init(0x10, 0x80000) fsetxattr$system_posix_acl(r0, &(0x7f0000002e00)='system.posix_acl_default\x00', 0x0, 0x0, 0x1) 4.717605872s ago: executing program 5 (id=3484): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ptrace$cont(0x20, 0x0, 0x6, 0x2) 4.535642745s ago: executing program 6 (id=3485): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000044c0)={0x0, 0x0, &(0x7f0000004480)={&(0x7f0000000e00)={0x14, 0x3f, 0x1, 0x0, 0x0, {0x3}}, 0x14}}, 0x0) 4.533504431s ago: executing program 7 (id=3486): personality(0x400000b) pselect6(0x40, &(0x7f0000000040), &(0x7f0000000080)={0x6}, 0x0, &(0x7f0000000140)={0x77359400}, 0x0) 4.483339224s ago: executing program 0 (id=3487): mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x40, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') 4.432223399s ago: executing program 4 (id=3488): r0 = syz_open_procfs(0x0, &(0x7f0000000240)='limits\x00') preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000000)=""/154, 0x9a}], 0x1, 0x0, 0x0) 4.044993523s ago: executing program 5 (id=3489): iopl(0x3) prctl$PR_MCE_KILL(0x21, 0x1000000, 0x0) 3.963870531s ago: executing program 0 (id=3490): r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ipv6_route\x00') preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x1, 0xa006, 0x0) 3.864135778s ago: executing program 4 (id=3491): r0 = socket(0x11, 0x3, 0x0) getsockopt$sock_buf(r0, 0x1, 0x3, &(0x7f0000000280)=""/217, &(0x7f0000000140)=0xd9) 3.730741317s ago: executing program 7 (id=3492): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x14, 0x4e, 0x1, 0x0, 0x0, {0x2}}, 0x14}}, 0x20000880) 3.694209879s ago: executing program 6 (id=3493): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700008008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e746572006c0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000400003803c000080080003400000007b"], 0x100}}, 0x0) 3.267989303s ago: executing program 5 (id=3494): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000000)={0x50, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}]}, 0x50}}, 0x0) 2.998829419s ago: executing program 7 (id=3495): syz_mount_image$erofs(&(0x7f0000001240), &(0x7f0000000080)='./file1\x00', 0x1000801, &(0x7f0000002680)=ANY=[], 0x1, 0x1f4, &(0x7f0000000a40)="$eJzsmb+LE0EUx78zu9k7DxFsLGyu8MATvWR3o3LNFSdYCsIpahm8vSO6d5HNCklAMNjYWFoIWtpYWlhYpfAvsNVCBcHClHbCyPzY3XHdhKBiRN8HMvnu7Ns3816S78IGBEH8t3x4/+Xdg3Prl04BOIgVLJj5T04Rw634t49un3y4cf7x8zdPX+0fuvOynI8BEGL29T0Ao00HKZirZ76/ekWN41GhgcvgOGH0FTDUtfwqFPogAsM1E3PD0p0DRsRR/Xon3t5px5Evh0AO4U57+UnTXl9uajxk2AawqHYnBLPOd/uDm604jpKyqIlsnR9ORYncROVVlWJa/9T+Njk2kHVPCPl5Xb1/byiPTW/gg+f9C8ARGN0Ew5bR61hAnUGXJ1ti1X/ULfI7s9Q/X/FMicNrf2rR7DfyN9T+D4vab8nDyjPyG5/PHBlnHmjHfJx77T8vlHFVOc7rpTi+8AuZvYpG5aLwJ+nsxy1/cuHm/tFI9241uv3BWnuvtRvtRvth2Dzrn/b9M2FDebMep/jfovKnJSt/bUKsxzz0WmmaBD0gTYL8ONSj5bhbLzqf1TVc+R/H6jGdg5l7Vn6jLMHMi6t3qVad6si7E2siCIIgCIIgCIIgCIIgCIKoZhkM+p8wwcwD0SrCi+oJ5bcAAAD//9EJYzA=") mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) 2.978091945s ago: executing program 4 (id=3496): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @byteorder={{0xe}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_BYTEORDER_DREG={0x8}, @NFTA_BYTEORDER_SREG={0x8}, @NFTA_BYTEORDER_LEN={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xd0}}, 0x0) 2.723898817s ago: executing program 5 (id=3497): r0 = syz_open_dev$video(&(0x7f0000000000), 0x7, 0x40) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r0, 0xc034564b, &(0x7f00000000c0)={0xc00, 0x20323159, 0x140, 0xb4, 0x4, @stepwise={{0x1, 0xfffffffb}, {0x4, 0x4c7}, {0xa9}}}) 2.723747084s ago: executing program 6 (id=3498): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005400e501000000000000000007000000", @ANYRES32, @ANYBLOB="20000100", @ANYRES32], 0x38}}, 0x0) 2.523356054s ago: executing program 6 (id=3499): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x30008c0, &(0x7f0000000a80)={[{}, {@codepage={'codepage', 0x3d, 'cp874'}}, {@iocharset={'iocharset', 0x3d, 'iso8859-3'}}, {}, {@dir_umask={'dir_umask', 0x3d, 0x47}}]}, 0x11, 0x2b6, &(0x7f0000000200)="$eJzs3U9rE0EYx/HfbNI22lK3tiJ4rBb0Ilov4iUieRGeRG0iFENFrfjnVMWTiN69+xZ8EV4U34CePPkC6mllZifZJLvZTUOTber3Aw2b7D47z2T/zDyBsgLw37rV+Pn52m/7Z6SKKtK7G1IgqSZVJZ3R2dqznd3t3Xarmbejiouwf0ZxpElts7XTygq1cS7CC+27qpZ6P8NkRFF081fZSaB07urPEEgL/up062tTzyzf6zHj9g45j1lj9rWvF1ouOw8AQLn8+B/4cX7Jz9+DQNrww/6RHP/HtV92AhMX5a7tGf9dlRUZe3xPuVVJvedKOLs+6FSJo7Q8N/B+XvGZ1TfBNEVVpcslOPFgu926vPWo3Qz0RnWvZ7M199qMT92OgmzXM2rTHCP03WTPKBddH+ZsHzbj/J9L6st/dcwWx2a+mu/mjgn1Sc3u/K8aGXuY3JEKB45UnP+V4Xt0vQztVvK3jXq9HvRtsuIaOedb8Ap6WcuuSNQ5o1bU/wNBWJSnizo9EBX37mpB1Gpm1Gbn3ZCotb4o25vu2Ty8vUkzH8xts64/+qJGz/w/sPltKPfKTK4asxEPBe4bj/szn91c1e0zTI0c6cul+y0uDEv9b/49DQfwXvd1XctPX756WGm3W0/swr2MhcdL3U/m3kqZ25S8oL3kkwVFTmrjzqA0zcQuHeoO7f2jcGN7lR2Jg3KsFxrfpnsilbFQ8v0JU5Ec9LIzQUnsvMvE9V9Sr1TjyZ59CTPn6SP+EOD3GNk5dreCS2KjeEYu6eSBKrjF4RVcuuZK1Yyu5jp/Uboweouhz/OYMA390F1+/wcAAAAAAAAAAAAAAAAAAJg10/h3grL7CAAAAAAAAAAAAAAAAAAAAADArOs+/1ed5/9qtOf/Dj6K5TCf//txRzz/F5i8fwEAAP//FZd8vg==") syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x80205b, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) 2.431221363s ago: executing program 0 (id=3500): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x43, &(0x7f0000000180)=0x2100005, 0x4) 1.818901053s ago: executing program 4 (id=3501): r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000005b0405"], 0x14}}, 0x4000080) 1.281458599s ago: executing program 5 (id=3502): r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xc, &(0x7f0000000080)={[{0x8, 0x4e00, "c93b4a8ca641969f"}]}) 1.102758334s ago: executing program 0 (id=3503): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) pread64(r0, 0x0, 0x0, 0x9) 779.644207ms ago: executing program 6 (id=3504): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x200801f, &(0x7f0000000040), 0xfe, 0x4e5, &(0x7f0000000380)="$eJzs3dFrW18dAPDvvU22detMpz7Mgdtwk3bo0nZ1W/FhKog+DdT5PmubldK0GW26rWVoh3+AIKKCL/rki+AfIMj+BBEG+i4qiuimDz5MryS5qV2XtB1LE3/t5wOnOefmJt/v6SUn99x7yQ3g2LocEeMRkWVZdi0iSvnyNC+x1SqN9V69fDrXKElk2b2/JZHky9rvdTJ/PJO/7FREfO3LEd9M3o67trG5NFutVlbz9kR9OXmdZZvXF5dnFyoLlZXp6albM7dnbs5M9qSfoxFx54t/+sF3f/alO7/69OPf3//L+LdaHWzZ2Y9eanW92PxftBUiYvUwgg1IodnDlpsDzgUAgL019vc/HBGfiIhrUYqh5t4cAAAAcJRknxuJ10nr/B8AAABwNKURMRJJWs6v9x2JNC2XW9fwfjROp9XaWv1TWWn7eMFoFNMHi9XKZH7twGgUk0Z7Kr/Gtt2+sas9HRHnIuL7peFmuzxXq84P9MgHAAAAHB9nds3//1lqzf8BAACAI2Z00AkAAAAAh878HwAAAI4+838AAAA40r5y926jZO37X88/2lhfqj26Pl9ZWyovr8+V52qrD8sLtdpC8zf7lvd7v2qt9vAzsbL+ZKJeWatPrG1s3l+ura/U7y++cQtsAAAAoI/OXXr+uyQitj47nEZElux4rhiRDe1cudD//IDDk77Lyn88vDyA/hsadALAwNilh+OrOOgEgIHbbxzoevHOr3ufCwAAcDjGPrZ9/r9ZgOMjP/+fJINOBOg75//h+Dox6ASAgSnutQdgUgBHXnqAj/r7n//PsndKCgAA6LmRZknScj4PGIk0LZcjzjZvC1BMHixWK5MR8aGI+G2peLLRnmq+MnF4AAAAAAAAAAAAAAAAAAAAAAAAAAAOKMuSyLoY3l4HAAAA+CCLSP+c5Pf/GitdHdl9fOBE8q9S5PcJffzjez98Mluvr041lv99e3n9R/nyG/0+egEAAAB00p6nt+fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBLr14+nWuXfsb96xciYrRT/EKcaj6eimJEnP5HEoUdr0siYqgH8beeRcT5TvGTRloxmmexO34aEcMDjn+mB/HhOHveGH8+3+nzl8bl5mPnz18hL++r+/iXbo9/Q13Gv7Od3jB9e9GFF7+Y6Br/WcSFQufxpx0/6RL/ygH7+I2vb252ey77acRYx++f5I1YE0nh4cTaxub1xeXZhcpCZWV6eurWzO2ZmzOTEw8Wq5X8b8cY3/v4L/+zV/9Pd4k/uk//rx6w//9+8eTlR1rV4q6nivGTLBu/0nn7n+8Sv/3d98l8czfaY+36Vqu+08Wf/+bipT36P9+l//tt//ED9v/aV7/zhwOuCgD0wdrG5tJstVpZVVE5tMpw9DHobOy1Tnsntg/5fDsP9X+xCd65MsBBCQAAOBT/2+kfdCYAAAAAAAAAAAAAAAAAAABwfO33M2DRg58T2x1zazBdBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY038DAAD//wKdyz4=") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f00000000c0)='./file2\x00', 0x1a4203c, &(0x7f0000001a00)=ANY=[@ANYRES64, @ANYRES8, @ANYRESHEX, @ANYRES64, @ANYRES32, @ANYRESDEC, @ANYRESDEC, @ANYRES8=0x0, @ANYRESHEX, @ANYRES64], 0x0, 0x0, &(0x7f0000000000)) 440.942782ms ago: executing program 4 (id=3505): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000016038308c5109a8146e40102230109022d0001000000000904000003030000000905be3b"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000680)={0x84, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 82.396314ms ago: executing program 0 (id=3506): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000f40)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfe79578e51bc53099e90f4580d760551b5b342f7cbdb9cd38bdb2209c676b2ac2deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f132020000002cbe7bc04b82d2789cb1b2b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a42b359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780c70014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e506d1387b63112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece08ac772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a3f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099bdae7ed04935c2c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb0814040000007874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296c6a298c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f050000000000000026049fe86e09623524f390bf79b441b75fc790c58e273cd905deb28c13c1ed1c0d9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc48f97496079654f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b4749c28eb5167e9936ed327fb237a56224e49d9ea956d1798571b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecf743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be182724d95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd0403a099f32468f1561f058960d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b656dc0e32384f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bbe3e8ef76f57a2d0e69115d33394e86e4b83c0f3c2a34635f3eee4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cd082027c641ec4355eb4acff90756d1a1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8cc3fe28bc3586844f5fecb92aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a5906002fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128ab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0afd9ae134400f70b5e6aefb7eee403502732df858a2ea033b6c91c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80ffb8f386bb79f5589829b6b0679b5d65a00000000000000e6ff00000000000000000000faff0000bab50bc8508a9644d3e7c328b0ff22035c8073f8c1f0e3da7339fc81d4ab3ef2857ef70a81d8a1628da28c942571880e22df7cabae56d5ff5e483c9c1f5a258b8f1f34cc300312f76a374a6e9b3f9dbd7f538a80b00f97e47895b3201c5126feca0888956a7d768198d9c2109ac508a47ebb99c539ef45af7d87b308117a9e321a3861bc42cf41942c31268a4020221d7b1622585094eddd83c7f4acdd7f5c23d8b730bf03118261edada8b8487a3b1b7548a4687a91f12bf70bb1df3bfe7d4b92ad6fcbf401efd6eb004cf20016ad8d1dad136dd856ffca238b39482811f9c8524bf182f1956a3d044423927df28880bbd11c06407220df8e1d1d483d947d990dc175803d765ca14a915a0040b641959ad3e776b4bb4852fea12983dc18b7404914a6137dc4a78f1e0d331c60a9019c21698cd18753491df962f496f2395563e9c3d7b1228d0e488cf7e50a29541aa757f2e2ee9ff4433d65db0de5a123d569e39dce481156cbec584c9a32a8e3b032fa003192c891d83119bc950abac9147b9fcb0acd9a207b5ceb7e8ed1d91c000000000000000000000000000000141258373281153fa27e586ea82650f070d8851ac9e7ac07b37a6479d4017b5b5af3ff4c91235df4f657d77e386a329aec4d766369c86b62b01ceb028c6fcf206883633cb143016b9f5351a45a8cb4ea110ba700000000000000883416b6eff6a793c71deb7d780c4f51d86ece127c0714144916f397d398ad2fe72b710b932c15c2369cb5d2d2f6ae420672c4a626195a891ac51825077fbc286aa3866bbf18a4a8b836ea8c90af0d5f0aff55b50bc18c27875ed2628b91224b7fa9fd10ccd7c1b1a92bac529df981a6d30100e68555553625c0e91a51000000000000000000fe030f85b294f3ea1fce314a9dcefbe3b64e83c35c5e95734786ca78315793cc0e6e776d2ec07c55cd89541ec25e074e840287011cab538d79e1569df321282071d49a4dc5fb2d7da1d05249d0e153fd04aca2", @ANYRES8], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x16, 0x0, 0xffffffffffffffff, 0xffffffffffffffc9, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xf, 0x60000007, &(0x7f0000000100)="05ff03076844268cb89e14f08848fee0ffff00febabec44277fb86dd1402e000030c62079f4b4d2f87e5feca6aab055013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x5a0e}, 0x2c) 0s ago: executing program 7 (id=3507): r0 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x40000) ioctl$SNDRV_PCM_IOCTL_LINK(r0, 0x40044160, &(0x7f0000000180)=0x1) kernel console output (not intermixed with test programs): r" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 453.406294][ T29] audit: type=1326 audit(453.144:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8816 comm="syz.4.1150" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 453.662964][ T8821] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1151'. [ 454.655907][ T2220] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 454.697830][ T7670] udevd[7670]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 454.876752][ T2220] usb 1-1: Using ep0 maxpacket: 16 [ 455.332116][ T2220] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 455.344060][ T2220] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87 [ 455.356180][ T2220] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 152, changing to 11 [ 455.361418][ T8848] netlink: 'syz.6.1162': attribute type 3 has an invalid length. [ 455.369320][ T2220] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 8285, setting to 1024 [ 455.376420][ T8848] netlink: 199836 bytes leftover after parsing attributes in process `syz.6.1162'. [ 455.402060][ T2220] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 455.476043][ T2220] usb 1-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 455.485624][ T2220] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 455.497063][ T2220] usb 1-1: Product: syz [ 455.501482][ T2220] usb 1-1: Manufacturer: syz [ 455.509102][ T2220] usb 1-1: SerialNumber: syz [ 455.617755][ T2220] usb 1-1: config 0 descriptor?? [ 455.847499][ T2220] appledisplay: Apple Cinema Display connected [ 456.212534][ T10] usb 1-1: USB disconnect, device number 9 [ 456.212561][ C1] usb 1-1: appledisplay_complete - usb_submit_urb failed with result -19 [ 456.270219][ T10] appledisplay: Apple Cinema Display disconnected [ 457.779298][ T29] audit: type=1400 audit(457.754:35): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=8867 comm="syz.6.1170" [ 457.856037][ T8870] overlayfs: cannot append lower layer [ 457.972299][ T8875] loop4: detected capacity change from 0 to 256 [ 458.397111][ T8875] FAT-fs (loop4): Directory bread(block 64) failed [ 458.403959][ T8875] FAT-fs (loop4): Directory bread(block 65) failed [ 458.411104][ T8875] FAT-fs (loop4): Directory bread(block 66) failed [ 458.418146][ T8875] FAT-fs (loop4): Directory bread(block 67) failed [ 458.425233][ T8875] FAT-fs (loop4): Directory bread(block 68) failed [ 458.433947][ T8875] FAT-fs (loop4): Directory bread(block 69) failed [ 458.441734][ T8875] FAT-fs (loop4): Directory bread(block 70) failed [ 458.448675][ T8875] FAT-fs (loop4): Directory bread(block 71) failed [ 458.455875][ T8875] FAT-fs (loop4): Directory bread(block 72) failed [ 458.468278][ T8875] FAT-fs (loop4): Directory bread(block 73) failed [ 458.845772][ T10] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 459.047528][ T10] usb 7-1: Using ep0 maxpacket: 8 [ 459.244137][ T10] usb 7-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 459.255362][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 459.264258][ T10] usb 7-1: Product: syz [ 459.269115][ T10] usb 7-1: Manufacturer: syz [ 459.274007][ T10] usb 7-1: SerialNumber: syz [ 459.589063][ T10] usb 7-1: config 0 descriptor?? [ 460.080709][ T10] usb 7-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 460.454797][ T10] usb write operation failed. (-71) [ 460.509998][ T10] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 460.523447][ T10] dvbdev: DVB: registering new adapter (Terratec H7) [ 460.530664][ T10] usb 7-1: media controller created [ 460.688141][ T10] usb read operation failed. (-71) [ 460.696362][ T10] usb write operation failed. (-71) [ 460.730865][ T10] dvb_usb_az6007 7-1:0.0: probe with driver dvb_usb_az6007 failed with error -5 [ 460.866916][ T10] usb 7-1: USB disconnect, device number 3 [ 461.220731][ T8913] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1187'. [ 461.621560][ T8920] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check. [ 461.858219][ T5801] Bluetooth: hci2: command 0x0406 tx timeout [ 462.356351][ T10] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 463.307142][ T10] usb 1-1: Using ep0 maxpacket: 8 [ 463.343377][ T10] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 463.353992][ T10] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 463.364864][ T10] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 463.378326][ T10] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 463.389366][ T10] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 463.402822][ T10] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 463.412686][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.068811][ T10] usb 1-1: USB disconnect, device number 10 [ 464.897264][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 464.904077][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 465.531271][ T8975] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 466.636686][ T8989] netlink: 'syz.4.1216': attribute type 10 has an invalid length. [ 466.644977][ T8989] ipvlan1: entered promiscuous mode [ 466.652940][ T8989] ipvlan1: entered allmulticast mode [ 466.658672][ T8989] veth0_vlan: entered allmulticast mode [ 466.665390][ T8989] bond0: (slave ipvlan1): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 466.678214][ T8989] bond0: (slave ipvlan1): The slave device specified does not support setting the MAC address [ 466.689090][ T8989] bond0: (slave ipvlan1): Error -95 calling set_mac_address [ 466.779163][ T8992] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1215'. [ 466.788891][ T8992] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1215'. [ 466.871175][ T8995] loop5: detected capacity change from 0 to 256 [ 466.947767][ T5797] Bluetooth: hci0: command 0x0406 tx timeout [ 466.954273][ T5091] Bluetooth: hci4: command 0x0406 tx timeout [ 467.103640][ T8995] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 467.317973][ T8995] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000008) [ 468.232867][ T9007] ./bus: Can't lookup blockdev [ 468.313525][ T9012] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1225'. [ 468.997710][ T9016] netlink: 'syz.6.1226': attribute type 3 has an invalid length. [ 469.010392][ T9016] netlink: 130984 bytes leftover after parsing attributes in process `syz.6.1226'. [ 469.863311][ T9031] netlink: 'syz.0.1233': attribute type 10 has an invalid length. [ 471.056654][ T9046] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1236'. [ 471.234649][ T29] audit: type=1326 audit(471.194:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.5.1240" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 471.260434][ T29] audit: type=1326 audit(471.214:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.5.1240" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 471.364589][ T29] audit: type=1326 audit(471.264:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.5.1240" exe="/root/syz-executor" sig=0 arch=40000003 syscall=443 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 471.387369][ T29] audit: type=1326 audit(471.264:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.5.1240" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 471.410806][ T29] audit: type=1326 audit(471.264:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.5.1240" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 471.902763][ T9062] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1244'. [ 471.912733][ T9062] 0: renamed from veth0_virt_wifi (while UP) [ 472.037013][ T9062] 0: entered allmulticast mode [ 472.045777][ T9062] A link change request failed with some changes committed already. Interface c0 may have been left with an inconsistent configuration, please check. [ 473.175005][ T9081] capability: warning: `syz.5.1249' uses 32-bit capabilities (legacy support in use) [ 473.507863][ T9075] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 473.554778][ T10] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 473.940427][ T10] usb 7-1: Using ep0 maxpacket: 8 [ 474.025588][ T10] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 474.034210][ T10] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 474.044448][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 474.054566][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 474.064930][ T10] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 474.078846][ T10] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 474.088342][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 474.438053][ T9097] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1256'. [ 474.833560][ T9103] loop4: detected capacity change from 0 to 256 [ 475.554148][ T9103] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 475.769062][ T10] usb 7-1: USB disconnect, device number 4 [ 476.004873][ T9111] loop5: detected capacity change from 0 to 128 [ 476.044864][ T9103] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 476.402258][ T9111] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 476.692548][ T7256] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 478.155159][ T2220] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 478.173910][ T9138] x_tables: ip6_tables: icmp6 match: only valid for protocol 58 [ 478.460641][ T2220] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 478.471849][ T2220] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 478.482327][ T2220] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 478.492487][ T2220] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 478.504219][ T2220] usb 1-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 478.514202][ T2220] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 478.783799][ T2220] usb 1-1: config 0 descriptor?? [ 479.034183][ T2220] hdpvr 1-1:0.0: firmware version 0x8 dated )˟=J+noKܐo5foɠObL [ 479.246627][ T9148] i2c i2c-0: Invalid block write size 34 [ 479.313701][ T2220] hdpvr 1-1:0.0: device init failed [ 479.319542][ T2220] hdpvr 1-1:0.0: probe with driver hdpvr failed with error -12 [ 479.338390][ T2220] usb 1-1: USB disconnect, device number 11 [ 479.581593][ T9155] loop4: detected capacity change from 0 to 1024 [ 482.346148][ T9184] i2c i2c-0: Invalid block write size 34 [ 482.579268][ T9188] loop7: detected capacity change from 0 to 128 [ 482.714881][ T10] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 482.876893][ T9188] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 482.895710][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 482.948390][ T10] usb 5-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 482.957930][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 482.966386][ T10] usb 5-1: Product: syz [ 482.970870][ T10] usb 5-1: Manufacturer: syz [ 482.977070][ T10] usb 5-1: SerialNumber: syz [ 483.051337][ T9192] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1294'. [ 483.173036][ T10] usb 5-1: config 0 descriptor?? [ 483.474938][ T10] usb 5-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 483.709665][ T7319] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 483.717709][ T10] usb write operation failed. (-71) [ 483.755844][ T9199] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1297'. [ 483.819655][ T10] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 483.833848][ T10] dvbdev: DVB: registering new adapter (Terratec H7) [ 483.841617][ T10] usb 5-1: media controller created [ 483.945548][ T10] usb read operation failed. (-71) [ 483.971176][ T10] usb write operation failed. (-71) [ 483.990992][ T29] audit: type=1326 audit(483.964:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.6.1298" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ad579 code=0x7ffc0000 [ 484.013187][ T29] audit: type=1326 audit(483.964:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.6.1298" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ad579 code=0x7ffc0000 [ 484.047175][ T10] dvb_usb_az6007 5-1:0.0: probe with driver dvb_usb_az6007 failed with error -5 [ 484.079540][ T10] usb 5-1: USB disconnect, device number 9 [ 485.015441][ T9214] loop5: detected capacity change from 0 to 1024 [ 486.119380][ T5858] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 486.304144][ T9234] loop5: detected capacity change from 0 to 512 [ 486.328515][ T9234] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 486.341091][ T5858] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 486.352462][ T5858] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 486.362752][ T5858] usb 5-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.00 [ 486.372337][ T5858] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 486.659152][ T5858] usb 5-1: config 0 descriptor?? [ 486.744503][ T9240] netlink: 'syz.0.1312': attribute type 63 has an invalid length. [ 487.101658][ T9246] loop0: detected capacity change from 0 to 65 [ 487.183856][ T9246] BFS-fs: bfs_fill_super(): NOTE: filesystem loop0 was created with 512 inodes, the real maximum is 511, mounting anyway [ 487.330199][ T9234] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 487.371297][ T9250] loop7: detected capacity change from 0 to 256 [ 487.613522][ T5858] appletouch 5-1:0.0: Failed to request geyser raw mode [ 487.624066][ T5858] appletouch 5-1:0.0: probe with driver appletouch failed with error -5 [ 487.749202][ T5858] usb 5-1: USB disconnect, device number 10 [ 488.419888][ T7256] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 489.214054][ T29] audit: type=1326 audit(489.184:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9267 comm="syz.5.1319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 489.238023][ T29] audit: type=1326 audit(489.184:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9267 comm="syz.5.1319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 489.277142][ T29] audit: type=1326 audit(489.234:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9267 comm="syz.5.1319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=290 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 489.300938][ T29] audit: type=1326 audit(489.234:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9267 comm="syz.5.1319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 489.323489][ T29] audit: type=1326 audit(489.244:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9267 comm="syz.5.1319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 489.348956][ T9266] loop6: detected capacity change from 0 to 256 [ 489.396931][ T9266] exfat: Deprecated parameter 'utf8' [ 489.402653][ T9266] exfat: Deprecated parameter 'utf8' [ 489.408971][ T9266] exfat: Deprecated parameter 'utf8' [ 489.521319][ T9266] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 489.525441][ T9276] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1325'. [ 489.543013][ T9276] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1325'. [ 491.115423][ T9296] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1331'. [ 491.130885][ T9296] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1331'. [ 491.140438][ T9296] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1331'. [ 491.913664][ T9303] loop5: detected capacity change from 0 to 2048 [ 492.273978][ T9303] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 493.714833][ T5878] usb 1-1: new low-speed USB device number 12 using dummy_hcd [ 493.953192][ T5878] usb 1-1: config index 0 descriptor too short (expected 1307, got 27) [ 493.961912][ T5878] usb 1-1: config 0 has an invalid interface number: 0 but max is -1 [ 493.972069][ T5878] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 493.981834][ T5878] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 493.996110][ T5878] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 494.007282][ T5878] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 494.007437][ T5878] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 494.568543][ T5878] usb 1-1: string descriptor 0 read error: -22 [ 494.575679][ T5878] usb 1-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 494.586750][ T5878] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 494.668735][ T5878] usb 1-1: config 0 descriptor?? [ 494.747094][ T5878] hub 1-1:0.0: bad descriptor, ignoring hub [ 494.753489][ T5878] hub 1-1:0.0: probe with driver hub failed with error -5 [ 494.777209][ T5878] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input8 [ 494.845727][ T9354] cgroup: No subsys list or none specified [ 495.274711][ T5879] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 495.314443][ T5878] usb 1-1: USB disconnect, device number 12 [ 495.539320][ T5879] usb 8-1: config index 0 descriptor too short (expected 23569, got 27) [ 495.548190][ T5879] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 50172, setting to 1024 [ 495.559864][ T5879] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 495.710473][ T5879] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 495.720071][ T5879] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 495.728516][ T5879] usb 8-1: Manufacturer: syz [ 495.934229][ T9352] loop4: detected capacity change from 0 to 4096 [ 496.089742][ T5879] usb 8-1: config 0 descriptor?? [ 496.123822][ T9356] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 496.205621][ T5879] igorplugusb 8-1:0.0: endpoint incorrect [ 496.295158][ T9367] NILFS (nullb0): couldn't find nilfs on the device [ 496.484683][ T5879] usb 8-1: USB disconnect, device number 5 [ 497.049007][ T9375] loop5: detected capacity change from 0 to 256 [ 497.115405][ T9375] exfat: Deprecated parameter 'utf8' [ 497.121130][ T9375] exfat: Deprecated parameter 'utf8' [ 497.127052][ T9375] exfat: Deprecated parameter 'utf8' [ 497.619134][ T9375] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 499.004850][ T9400] loop4: detected capacity change from 0 to 4096 [ 499.055407][ T9400] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 499.201582][ T9408] netlink: 'syz.5.1369': attribute type 4 has an invalid length. [ 500.726299][ T9433] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1379'. [ 502.355272][ T29] audit: type=1326 audit(502.304:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.6.1388" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ad579 code=0x7ffc0000 [ 502.378697][ T29] audit: type=1326 audit(502.304:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.6.1388" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ad579 code=0x7ffc0000 [ 502.453858][ T9448] loop0: detected capacity change from 0 to 2048 [ 502.528252][ T9448] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 502.584892][ T9459] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 503.055670][ T9465] netlink: 'syz.7.1390': attribute type 6 has an invalid length. [ 504.432537][ T9478] loop7: detected capacity change from 0 to 2048 [ 504.714987][ T9478] UDF-fs: error (device loop7): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 505.039184][ T9478] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 505.247070][ T9474] loop4: detected capacity change from 0 to 4096 [ 505.315082][ T9474] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 506.926962][ T9474] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 507.823978][ T9537] loop6: detected capacity change from 0 to 1764 [ 511.451066][ T9591] loop4: detected capacity change from 0 to 2048 [ 511.508531][ T9591] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 511.566996][ T9597] loop0: detected capacity change from 0 to 256 [ 511.586698][ T9597] exfat: Deprecated parameter 'namecase' [ 511.979318][ T9597] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 512.074874][ T9605] netlink: 76 bytes leftover after parsing attributes in process `syz.7.1439'. [ 512.824924][ T9600] loop6: detected capacity change from 0 to 4096 [ 513.735868][ T9628] sit1: entered promiscuous mode [ 515.077827][ T9647] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1456'. [ 515.546869][ T9629] loop0: detected capacity change from 0 to 4096 [ 515.722078][ T9660] loop5: detected capacity change from 0 to 128 [ 515.739103][ T9660] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 516.462358][ T9665] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1466'. [ 516.941387][ T9669] random: crng reseeded on system resumption [ 518.491557][ T9693] loop4: detected capacity change from 0 to 64 [ 518.570901][ T9694] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1475'. [ 519.927804][ T9715] loop4: detected capacity change from 0 to 256 [ 520.292846][ T9718] loop0: detected capacity change from 0 to 128 [ 520.336357][ T9715] FAT-fs (loop4): Directory bread(block 64) failed [ 520.343375][ T9715] FAT-fs (loop4): Directory bread(block 65) failed [ 520.351409][ T9715] FAT-fs (loop4): Directory bread(block 66) failed [ 520.358438][ T9715] FAT-fs (loop4): Directory bread(block 67) failed [ 520.365568][ T9715] FAT-fs (loop4): Directory bread(block 68) failed [ 520.372384][ T9715] FAT-fs (loop4): Directory bread(block 69) failed [ 520.379520][ T9715] FAT-fs (loop4): Directory bread(block 70) failed [ 520.388534][ T9715] FAT-fs (loop4): Directory bread(block 71) failed [ 520.396162][ T9715] FAT-fs (loop4): Directory bread(block 72) failed [ 520.402981][ T9715] FAT-fs (loop4): Directory bread(block 73) failed [ 521.144680][ T5879] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 521.277622][ T9731] tc_dump_action: action bad kind [ 521.365139][ T5879] usb 6-1: Using ep0 maxpacket: 16 [ 521.450462][ T5879] usb 6-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=ba.be [ 521.460213][ T5879] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 521.470584][ T5879] usb 6-1: Product: syz [ 521.475089][ T5879] usb 6-1: Manufacturer: syz [ 521.479932][ T5879] usb 6-1: SerialNumber: syz [ 521.645553][ T5879] usb 6-1: config 0 descriptor?? [ 521.917541][ T5879] peak_usb 6-1:0.0: PEAK-System PCAN-Chip USB v196 fw v185.0.0 (1 channels) [ 522.117007][ T5879] peak_usb 6-1:0.0 can0: unable to request usb[type=2 value=5] err=-71 [ 522.128233][ T5879] peak_usb 6-1:0.0: unable to tell PCAN-Chip USB driver is loaded (err -71) [ 522.518825][ T5879] peak_usb 6-1:0.0: probe with driver peak_usb failed with error -71 [ 522.571198][ T5879] usb 6-1: USB disconnect, device number 5 [ 522.690527][ T9747] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1496'. [ 522.733119][ T9752] loop7: detected capacity change from 0 to 64 [ 523.472738][ T9761] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1503'. [ 523.944698][ T9766] sit0: entered promiscuous mode [ 523.965869][ T9766] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1502'. [ 524.037334][ T9768] netlink: 'syz.5.1506': attribute type 33 has an invalid length. [ 524.045647][ T9768] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1506'. [ 524.055093][ T9768] batadv0: entered promiscuous mode [ 524.060546][ T9768] batadv0: entered allmulticast mode [ 524.075626][ T9768] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 524.718829][ T9778] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1508'. [ 525.010749][ T9783] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1511'. [ 525.630079][ T9795] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1517'. [ 526.211428][ T9806] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1519'. [ 526.273115][ T9807] ieee802154 phy0 wpan0: encryption failed: -22 [ 526.291459][ T29] audit: type=1326 audit(526.264:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9805 comm="syz.0.1520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 526.339680][ T29] audit: type=1326 audit(526.264:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9805 comm="syz.0.1520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 526.339827][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 526.365811][ T29] audit: type=1326 audit(526.314:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9805 comm="syz.0.1520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=291 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 526.370382][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 526.391328][ T29] audit: type=1326 audit(526.314:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9805 comm="syz.0.1520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 526.417771][ T29] audit: type=1326 audit(526.314:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9805 comm="syz.0.1520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 526.745391][ T9812] netlink: 'syz.5.1523': attribute type 1 has an invalid length. [ 529.158846][ T9850] loop0: detected capacity change from 0 to 8 [ 529.324125][ T9850] SQUASHFS error: zlib decompression failed, data probably corrupt [ 529.332668][ T9850] SQUASHFS error: Failed to read block 0x9b: -5 [ 529.339367][ T9850] SQUASHFS error: Unable to read metadata cache entry [99] [ 529.347016][ T9850] SQUASHFS error: Unable to read inode 0x127 [ 529.566868][ T9857] random: crng reseeded on system resumption [ 529.976059][ T5858] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 530.178337][ T9861] loop5: detected capacity change from 0 to 1024 [ 530.193084][ T9864] loop7: detected capacity change from 0 to 128 [ 530.402648][ T5858] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 530.412329][ T5858] usb 1-1: config 0 contains an unexpected descriptor of type 0x1, skipping [ 530.424147][ T5858] usb 1-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 530.434580][ T5858] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 530.448095][ T5858] usb 1-1: config 0 has no interface number 0 [ 530.455592][ T5858] usb 1-1: config 0 interface 8 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 530.466821][ T5858] usb 1-1: config 0 interface 8 altsetting 0 bulk endpoint 0xF has invalid maxpacket 115 [ 530.477565][ T5858] usb 1-1: config 0 interface 8 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 7 [ 530.490998][ T5858] usb 1-1: New USB device found, idVendor=0582, idProduct=b9d5, bcdDevice=73.f7 [ 530.500551][ T5858] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 530.566900][ T9864] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 530.578012][ T5858] usb 1-1: config 0 descriptor?? [ 530.631614][ T9850] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 530.774997][ T9864] EXT4-fs warning (device loop7): __ext4_ioctl:1258: Setting inode version is not supported with metadata_csum enabled. [ 531.099349][ T5858] usb 1-1: USB disconnect, device number 13 [ 531.393833][ T7319] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 531.588932][ T7600] udevd[7600]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 531.964676][ T9887] loop5: detected capacity change from 0 to 512 [ 532.365196][ T9887] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 532.490911][ T9887] EXT4-fs error (device loop5): ext4_xattr_block_get:596: inode #15: comm syz.5.1546: corrupted xattr block 32: e_value out of bounds [ 532.655653][ T9894] netlink: 'syz.7.1552': attribute type 1 has an invalid length. [ 532.663654][ T9894] netlink: 56 bytes leftover after parsing attributes in process `syz.7.1552'. [ 532.929833][ T9900] binder: Bad value for 'stats' [ 533.092511][ T7256] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 533.178469][ T9897] loop0: detected capacity change from 0 to 1024 [ 533.670700][ T9897] hfsplus: invalid extended attribute record [ 534.085847][ T9916] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1559'. [ 534.095844][ T9916] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1559'. [ 534.152247][ T9918] loop7: detected capacity change from 0 to 64 [ 534.152740][ T60] hfsplus: b-tree write err: -5, ino 4 [ 534.379474][ T9921] loop5: detected capacity change from 0 to 256 [ 535.283135][ T9936] loop6: detected capacity change from 0 to 64 [ 535.522268][ T9921] FAT-fs (loop5): Directory bread(block 64) failed [ 535.530218][ T9921] FAT-fs (loop5): Directory bread(block 65) failed [ 535.538216][ T9921] FAT-fs (loop5): Directory bread(block 66) failed [ 535.548022][ T9921] FAT-fs (loop5): Directory bread(block 67) failed [ 535.555618][ T9921] FAT-fs (loop5): Directory bread(block 68) failed [ 535.562395][ T9921] FAT-fs (loop5): Directory bread(block 69) failed [ 535.571327][ T9921] FAT-fs (loop5): Directory bread(block 70) failed [ 535.578894][ T9921] FAT-fs (loop5): Directory bread(block 71) failed [ 535.588016][ T9921] FAT-fs (loop5): Directory bread(block 72) failed [ 535.595299][ T9921] FAT-fs (loop5): Directory bread(block 73) failed [ 536.323798][ T9947] Non-string source [ 537.657992][ T9968] ieee802154 phy0 wpan0: encryption failed: -22 [ 539.963705][T10012] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1595'. [ 541.051750][T10027] loop6: detected capacity change from 0 to 64 [ 541.377513][T10036] netlink: 'syz.0.1602': attribute type 3 has an invalid length. [ 542.197319][T10043] cgroup: noprefix used incorrectly [ 542.565916][ T29] audit: type=1326 audit(542.314:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10044 comm="syz.4.1609" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x0 [ 543.691267][T10054] SET target dimension over the limit! [ 545.361435][T10098] loop4: detected capacity change from 0 to 256 [ 546.649823][T10119] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1637'. [ 547.129056][T10110] loop0: detected capacity change from 0 to 4096 [ 547.472235][T10130] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 547.481031][T10110] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 547.679040][T10135] ipt_REJECT: TCP_RESET invalid for non-tcp [ 547.934147][T10110] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 548.502908][T10147] netlink: 'syz.6.1647': attribute type 29 has an invalid length. [ 548.512263][T10147] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1647'. [ 551.446873][T10195] netlink: 134788 bytes leftover after parsing attributes in process `syz.0.1667'. [ 554.195565][ T5858] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 554.373065][ T5858] usb 6-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.02 [ 554.384976][ T5858] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 554.393267][ T5858] usb 6-1: Product: syz [ 554.398944][ T5858] usb 6-1: Manufacturer: syz [ 554.403877][ T5858] usb 6-1: SerialNumber: syz [ 554.486346][ T5858] usb 6-1: config 0 descriptor?? [ 554.985666][ T5855] usb 6-1: USB disconnect, device number 6 [ 559.027826][T10319] netlink: 240 bytes leftover after parsing attributes in process `syz.0.1717'. [ 559.037361][T10319] netlink: 240 bytes leftover after parsing attributes in process `syz.0.1717'. [ 560.118565][T10332] netlink: 'syz.4.1720': attribute type 12 has an invalid length. [ 560.943156][T10341] overlayfs: unescaped trailing colons in lowerdir mount option. [ 562.484905][T10370] loop7: detected capacity change from 0 to 64 [ 562.766328][T10370] hfs: keylen 94 too large [ 563.181470][T10375] loop0: detected capacity change from 0 to 2048 [ 563.312279][T10375] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 563.538087][T10386] loop6: detected capacity change from 0 to 64 [ 563.636563][T10390] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 563.648667][T10390] overlayfs: conflicting options: userxattr,redirect_dir=on [ 564.146448][T10394] loop7: detected capacity change from 0 to 1764 [ 564.882854][T10394] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 566.567590][T10431] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1758'. [ 567.275967][ T29] audit: type=1326 audit(567.224:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10441 comm="syz.7.1766" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f77579 code=0x7ffc0000 [ 567.299846][ T29] audit: type=1326 audit(567.254:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10441 comm="syz.7.1766" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f77579 code=0x7ffc0000 [ 567.331107][ T29] audit: type=1326 audit(567.304:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10441 comm="syz.7.1766" exe="/root/syz-executor" sig=0 arch=40000003 syscall=232 compat=1 ip=0xf7f77579 code=0x7ffc0000 [ 567.353097][ T29] audit: type=1326 audit(567.304:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10441 comm="syz.7.1766" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f77579 code=0x7ffc0000 [ 569.091663][T10469] loop4: detected capacity change from 0 to 1024 [ 569.703650][ T4460] hfsplus: b-tree write err: -5, ino 4 [ 572.375028][T10518] cgroup: release_agent respecified [ 573.038643][T10529] loop4: detected capacity change from 0 to 128 [ 573.214042][T10529] VFS: Found a Xenix FS (block size = 1024) on device loop4 [ 573.293895][T10534] tmpfs: Bad value for 'mpol' [ 573.339160][T10529] syz.4.1801: attempt to access beyond end of device [ 573.339160][T10529] loop4: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 573.357184][T10529] Buffer I/O error on dev loop4, logical block 3245768, async page read [ 573.847559][T10529] syz.4.1801: attempt to access beyond end of device [ 573.847559][T10529] loop4: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 573.865671][T10529] Buffer I/O error on dev loop4, logical block 3245768, async page read [ 574.229694][ T5800] sysv_free_block: flc_count > flc_size [ 574.236209][ T5800] sysv_free_block: flc_count > flc_size [ 574.242061][ T5800] sysv_free_block: flc_count > flc_size [ 574.251072][ T5800] sysv_free_block: flc_count > flc_size [ 574.258408][ T5800] sysv_free_block: flc_count > flc_size [ 574.264161][ T5800] sysv_free_block: flc_count > flc_size [ 574.270207][ T5800] sysv_free_block: flc_count > flc_size [ 574.280633][ T5800] sysv_free_block: flc_count > flc_size [ 574.287711][ T5800] sysv_free_block: flc_count > flc_size [ 574.293441][ T5800] sysv_free_block: flc_count > flc_size [ 574.300156][ T5800] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 574.976039][T10555] netlink: set zone limit has 4 unknown bytes [ 575.438357][T10564] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1814'. [ 575.447982][T10564] netlink: 67 bytes leftover after parsing attributes in process `syz.0.1814'. [ 575.508098][T10563] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1815'. [ 575.519207][T10563] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1815'. [ 576.043429][T10572] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1816'. [ 576.235688][T10574] netlink: zone id is out of range [ 576.370134][T10576] loop6: detected capacity change from 0 to 64 [ 580.208819][T10642] xt_connbytes: Forcing CT accounting to be enabled [ 580.217748][T10642] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 581.126900][T10656] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1851'. [ 582.211403][T10676] program syz.4.1857 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 583.970915][T10706] netlink: 'syz.0.1870': attribute type 32 has an invalid length. [ 583.981462][T10706] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1870'. [ 583.991562][T10706] netlink: 'syz.0.1870': attribute type 32 has an invalid length. [ 584.208324][T10376] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 584.388224][T10713] netlink: 72 bytes leftover after parsing attributes in process `syz.7.1872'. [ 584.397646][T10713] netlink: 72 bytes leftover after parsing attributes in process `syz.7.1872'. [ 584.425050][T10376] usb 5-1: Using ep0 maxpacket: 32 [ 584.460744][T10376] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 584.473772][T10376] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 584.487740][T10376] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024 [ 584.499853][T10376] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024 [ 584.513810][T10376] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 584.524947][T10376] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 584.535100][T10376] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 584.545323][T10376] usb 5-1: config 0 interface 0 altsetting 0 has 5 endpoint descriptors, different from the interface descriptor's value: 4 [ 584.602980][T10376] usb 5-1: New USB device found, idVendor=0572, idProduct=cafe, bcdDevice=55.01 [ 584.612569][T10376] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 584.625668][T10376] usb 5-1: Product: syz [ 584.630089][T10376] usb 5-1: Manufacturer: syz [ 584.635048][T10376] usb 5-1: SerialNumber: syz [ 584.724551][T10376] usb 5-1: config 0 descriptor?? [ 584.739027][T10707] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 585.073004][T10719] loop5: detected capacity change from 0 to 1764 [ 585.610949][T10376] cxacru 5-1:0.0: submit of read urb for cm 0x90 failed (-8) [ 585.731240][T10719] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 585.955133][T10732] cxacru 5-1:0.0: Direct firmware load for cxacru-fw.bin failed with error -2 [ 585.966124][T10732] cxacru 5-1:0.0: Falling back to sysfs fallback for: cxacru-fw.bin [ 586.174179][T10739] vivid-000: disconnect [ 586.221553][T10376] usb 5-1: USB disconnect, device number 11 [ 586.245531][T10735] vivid-000: reconnect [ 586.926840][T10750] netlink: 240 bytes leftover after parsing attributes in process `syz.7.1882'. [ 587.791815][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 587.798667][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 587.970493][T10757] loop6: detected capacity change from 0 to 4096 [ 588.120071][T10766] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1891'. [ 588.560206][T10757] ntfs3(loop6): ino=21, The size of extended attributes must not exceed 64KiB [ 589.738869][T10786] loop7: detected capacity change from 0 to 512 [ 589.830809][T10786] EXT4-fs error (device loop7): ext4_get_journal_inode:5809: comm syz.7.1900: inode #196608: comm syz.7.1900: iget: illegal inode # [ 589.910799][T10786] EXT4-fs (loop7): Remounting filesystem read-only [ 589.919761][T10786] EXT4-fs (loop7): no journal found [ 589.926429][T10786] EXT4-fs (loop7): can't get journal size [ 590.028299][T10786] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended [ 590.063800][T10790] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1901'. [ 590.073296][T10790] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1901'. [ 590.116511][T10786] EXT4-fs (loop7): failed to initialize system zone (-22) [ 590.149082][T10786] EXT4-fs (loop7): mount failed [ 591.747748][T10820] loop0: detected capacity change from 0 to 256 [ 591.810638][T10821] bpf: Bad value for 'mode' [ 594.628490][T10861] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1927'. [ 594.748003][T10864] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1930'. [ 595.452791][T10874] loop0: detected capacity change from 0 to 256 [ 595.512216][T10874] exfat: Deprecated parameter 'namecase' [ 595.519638][T10874] exfat: Deprecated parameter 'utf8' [ 595.531019][T10878] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1934'. [ 595.611202][ T2220] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 595.722167][T10874] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xcd8273f8, utbl_chksum : 0xe619d30d) [ 595.816586][ T2220] usb 8-1: Using ep0 maxpacket: 16 [ 595.840857][ T2220] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 595.854607][ T2220] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 595.866902][ T2220] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 596.008132][ T2220] usb 8-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 596.018576][ T2220] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 596.027641][ T2220] usb 8-1: Product: syz [ 596.032046][ T2220] usb 8-1: Manufacturer: syz [ 596.037043][ T2220] usb 8-1: SerialNumber: syz [ 596.157930][ T2220] usb 8-1: config 0 descriptor?? [ 596.168791][T10872] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 596.227374][ T2220] hub 8-1:0.0: bad descriptor, ignoring hub [ 596.233576][ T2220] hub 8-1:0.0: probe with driver hub failed with error -5 [ 596.250142][ T2220] input: syz syz as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/input/input9 [ 596.526564][ T2220] usb 8-1: USB disconnect, device number 6 [ 596.878149][T10893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1939'. [ 597.045080][T10896] sctp: [Deprecated]: syz.4.1940 (pid 10896) Use of int in maxseg socket option. [ 597.045080][T10896] Use struct sctp_assoc_value instead [ 598.316029][T10914] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1949'. [ 600.019915][T10937] loop6: detected capacity change from 0 to 256 [ 600.335104][T10947] kAFS: unable to lookup cell '' [ 600.436458][ T2220] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 601.008378][ T2220] usb 8-1: New USB device found, idVendor=2c42, idProduct=1602, bcdDevice=da.64 [ 601.017915][ T2220] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 601.027046][ T2220] usb 8-1: Product: syz [ 601.031465][ T2220] usb 8-1: Manufacturer: syz [ 601.037566][ T2220] usb 8-1: SerialNumber: syz [ 601.193338][ T2220] usb 8-1: config 0 descriptor?? [ 601.436828][ T2220] hub 8-1:0.0: bad descriptor, ignoring hub [ 601.443024][ T2220] hub 8-1:0.0: probe with driver hub failed with error -5 [ 601.452822][ T2220] f81232 8-1:0.0: f81534a converter detected [ 601.599091][ T2220] usb 8-1: f81534a converter now attached to ttyUSB0 [ 601.945555][ T2220] usb 8-1: USB disconnect, device number 7 [ 601.968641][ T2220] f81534a ttyUSB0: f81534a converter now disconnected from ttyUSB0 [ 601.980888][ T2220] f81232 8-1:0.0: device disconnected [ 602.462754][T10976] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1971'. [ 602.545360][ T2220] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 602.785815][ T2220] usb 1-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 602.795825][ T2220] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 602.879172][ T2220] usb 1-1: config 0 descriptor?? [ 602.963459][ T2220] gspca_main: spca508-2.14.0 probing 8086:0110 [ 603.381448][ T2220] gspca_spca508: reg_read err -71 [ 603.442424][ T2220] gspca_spca508: reg_read err -71 [ 603.485085][ T2220] gspca_spca508: reg_read err -71 [ 603.554761][ T2220] gspca_spca508: reg_read err -71 [ 603.598515][ T2220] gspca_spca508: reg write: error -71 [ 603.604588][ T2220] spca508 1-1:0.0: probe with driver spca508 failed with error -71 [ 603.771099][ T2220] usb 1-1: USB disconnect, device number 14 [ 604.411967][T11001] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1980'. [ 608.059923][T11062] loop5: detected capacity change from 0 to 2048 [ 608.365647][T11062] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 609.176141][T11082] 9pnet_virtio: no channels available for device syz [ 609.246563][T11084] xt_CT: You must specify a L4 protocol and not use inversions on it [ 610.387159][T11102] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2016'. [ 611.979244][T11124] netlink: 'syz.0.2029': attribute type 10 has an invalid length. [ 612.575282][T11135] ieee802154 phy0 wpan0: encryption failed: -22 [ 613.528302][T11153] netlink: 'syz.6.2034': attribute type 10 has an invalid length. [ 613.595318][T11153] veth1_macvtap: left promiscuous mode [ 613.883808][T11160] loop7: detected capacity change from 0 to 256 [ 613.955819][T11160] FAT-fs (loop7): Directory bread(block 1285) failed [ 613.989519][T11160] FAT-fs (loop7): Directory bread(block 1285) failed [ 613.997578][T11160] FAT-fs (loop7): FAT read failed (blocknr 1281) [ 614.682316][T11171] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 616.011944][T11190] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2049'. [ 616.187068][T11194] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2054'. [ 616.196485][T11194] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2054'. [ 616.205838][T11194] netlink: 'syz.0.2054': attribute type 2 has an invalid length. [ 616.504016][T11202] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2059'. [ 616.724125][T11204] netlink: 'syz.6.2060': attribute type 1 has an invalid length. [ 616.983181][T11209] sctp: [Deprecated]: syz.7.2061 (pid 11209) Use of struct sctp_assoc_value in delayed_ack socket option. [ 616.983181][T11209] Use struct sctp_sack_info instead [ 617.120785][T11207] loop5: detected capacity change from 0 to 64 [ 618.159529][T11220] loop0: detected capacity change from 0 to 512 [ 618.539515][T11220] EXT4-fs error (device loop0): ext4_orphan_get:1415: comm syz.0.2064: bad orphan inode 17 [ 618.627110][T11220] ext4_test_bit(bit=16, block=4) = 1 [ 618.632674][T11220] is_bad_inode(inode)=0 [ 618.637202][T11220] NEXT_ORPHAN(inode)=0 [ 618.641481][T11220] max_ino=32 [ 618.645061][T11220] i_nlink=1 [ 618.649957][T11220] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 619.237104][ T5794] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 619.361335][T11245] loop4: detected capacity change from 0 to 256 [ 619.921378][T11245] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xd3fc6e3e, utbl_chksum : 0xe619d30d) [ 619.935127][T11245] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 620.245601][T11256] netlink: 'syz.7.2078': attribute type 10 has an invalid length. [ 620.328004][T11256] syz_tun: entered promiscuous mode [ 620.392029][T11256] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 622.819570][T11299] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2097'. [ 623.435783][ T29] audit: type=1326 audit(623.414:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11304 comm="syz.4.2099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 623.522979][T11313] loop7: detected capacity change from 0 to 8 [ 623.555074][ T29] audit: type=1326 audit(623.444:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11304 comm="syz.4.2099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 623.625250][T11313] process 'syz.7.2103' launched './file2' with NULL argv: empty string added [ 623.665228][T11313] cramfs: Error -3 while decompressing! [ 623.671024][T11313] cramfs: ffffffff9467d2a8(26)->ffff888130dac000(4096) [ 623.678473][T11313] cramfs: bad data blocksize 3489655184 [ 623.684529][T11313] cramfs: Error -3 while decompressing! [ 623.690287][T11313] cramfs: ffffffff9467d2a8(26)->ffff888130dac000(4096) [ 625.068472][T11330] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2111'. [ 625.077924][T11330] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2111'. [ 625.234693][T11334] netlink: 'syz.7.2115': attribute type 3 has an invalid length. [ 625.390216][T11339] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 626.355260][T11355] warning: `syz.4.2123' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 627.913827][T11375] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 627.999913][T11385] kernel read not supported for file / 7-: (pid: 11385 comm: syz.4.2138) [ 628.075646][ T29] audit: type=1800 audit(627.984:62): pid=11385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2138" name=20019C1437B3CFEBC72DEB3A dev="mqueue" ino=25716 res=0 errno=0 [ 628.624781][T11393] netlink: 3 bytes leftover after parsing attributes in process `syz.5.2140'. [ 628.634710][T11393] 0X: renamed from caif0 [ 628.743148][T11393] 0X: entered allmulticast mode [ 628.755072][T11393] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 630.036093][ T29] audit: type=1326 audit(630.014:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11409 comm="syz.0.2150" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 630.142312][ T29] audit: type=1326 audit(630.064:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11409 comm="syz.0.2150" exe="/root/syz-executor" sig=0 arch=40000003 syscall=278 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 630.166254][ T29] audit: type=1326 audit(630.064:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11409 comm="syz.0.2150" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 630.188783][ T29] audit: type=1326 audit(630.064:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11409 comm="syz.0.2150" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 630.562313][T11419] netlink: 'syz.0.2156': attribute type 32 has an invalid length. [ 631.905176][ T5849] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 632.074883][ T5849] usb 6-1: Using ep0 maxpacket: 16 [ 632.144973][ T5849] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 632.199974][ T5849] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 632.211134][ T5849] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 632.220126][ T5849] usb 6-1: Product: syz [ 632.224667][ T5849] usb 6-1: Manufacturer: syz [ 632.232424][ T5849] usb 6-1: SerialNumber: syz [ 632.347502][ T5849] usb 6-1: config 0 descriptor?? [ 632.481850][ T5849] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected [ 632.492462][ T5849] usb 6-1: Detected FT232R [ 633.104705][ T5849] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 633.163361][ T5849] ftdi_sio 6-1:0.0: GPIO initialisation failed: -71 [ 633.189143][ T5849] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 633.298827][ T5849] usb 6-1: USB disconnect, device number 7 [ 633.333228][ T5849] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 633.346185][ T5849] ftdi_sio 6-1:0.0: device disconnected [ 633.699048][T11466] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2176'. [ 633.708694][T11466] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2176'. [ 635.312535][T11483] loop6: detected capacity change from 0 to 512 [ 635.419978][T11483] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 635.431507][T11483] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 635.528156][T11487] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2187'. [ 635.545906][T11483] EXT4-fs (loop6): warning: maximal mount count reached, running e2fsck is recommended [ 635.648242][T11483] EXT4-fs error (device loop6): ext4_orphan_get:1389: comm syz.6.2185: inode #15: comm syz.6.2185: iget: illegal inode # [ 635.693073][T11483] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.2185: couldn't read orphan inode 15 (err -117) [ 635.766571][T11483] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 635.894942][T11483] EXT4-fs error (device loop6): ext4_find_dest_de:2079: inode #2: block 3: comm syz.6.2185: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1 [ 636.261720][T11499] netlink: 'syz.0.2191': attribute type 5 has an invalid length. [ 636.290536][ T7299] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 636.586831][T11504] nbd: illegal input index -2038636973 [ 636.882332][T11508] loop0: detected capacity change from 0 to 256 [ 637.161661][T11508] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f50, chksum : 0xa6aae999, utbl_chksum : 0xe619d30d) [ 638.098754][T11527] loop4: detected capacity change from 0 to 1024 [ 638.830996][ T60] hfsplus: b-tree write err: -5, ino 4 [ 639.531989][T11546] loop0: detected capacity change from 0 to 2048 [ 641.821464][T11577] netlink: 'syz.6.2228': attribute type 21 has an invalid length. [ 641.833768][T11577] netlink: 'syz.6.2228': attribute type 5 has an invalid length. [ 642.584554][T11590] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2233'. [ 643.403798][T11604] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 643.609488][ T5878] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 643.839878][ T5878] usb 8-1: config 0 has an invalid interface number: 18 but max is 0 [ 643.850065][ T5878] usb 8-1: config 0 has no interface number 0 [ 643.860639][ T5878] usb 8-1: New USB device found, idVendor=050d, idProduct=011b, bcdDevice=6f.a4 [ 643.870240][ T5878] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 643.967418][ T5878] usb 8-1: config 0 descriptor?? [ 643.997102][ T5878] usb 8-1: bad CDC descriptors [ 644.265208][ T5878] usb 8-1: USB disconnect, device number 8 [ 645.519945][T11635] netlink: 'syz.4.2256': attribute type 1 has an invalid length. [ 645.856080][T11628] can0: slcan on ptm0. [ 646.077653][T11623] can0 (unregistered): slcan off ptm0. [ 646.182985][ T29] audit: type=1326 audit(646.154:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11641 comm="syz.7.2258" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f77579 code=0x0 [ 646.410150][T11648] syz.4.2262: attempt to access beyond end of device [ 646.410150][T11648] loop4: rw=0, sector=2, nr_sectors = 2 limit=0 [ 646.423868][T11648] syz.4.2262: attempt to access beyond end of device [ 646.423868][T11648] loop4: rw=0, sector=0, nr_sectors = 2 limit=0 [ 646.439149][T11648] syz.4.2262: attempt to access beyond end of device [ 646.439149][T11648] loop4: rw=0, sector=0, nr_sectors = 2 limit=0 [ 646.453333][T11648] syz.4.2262: attempt to access beyond end of device [ 646.453333][T11648] loop4: rw=0, sector=18, nr_sectors = 2 limit=0 [ 646.470783][T11648] syz.4.2262: attempt to access beyond end of device [ 646.470783][T11648] loop4: rw=0, sector=30, nr_sectors = 2 limit=0 [ 646.485589][T11648] syz.4.2262: attempt to access beyond end of device [ 646.485589][T11648] loop4: rw=0, sector=36, nr_sectors = 2 limit=0 [ 648.698841][T11682] loop0: detected capacity change from 0 to 16 [ 648.848198][T11682] erofs: (device loop0): mounted with root inode @ nid 36. [ 649.002412][T11682] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 649.084897][T11682] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -50 in[64, 4032] out[1851] [ 649.096978][T11682] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 649.191164][T10732] cxacru 5-1:0.0: firmware (cxacru-fw.bin) unavailable (system misconfigured?) [ 649.232135][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 649.239993][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 649.903466][ T29] audit: type=1326 audit(649.874:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11697 comm="syz.0.2282" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 649.927118][ T29] audit: type=1326 audit(649.874:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11697 comm="syz.0.2282" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 650.094729][ T29] audit: type=1326 audit(649.934:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11697 comm="syz.0.2282" exe="/root/syz-executor" sig=0 arch=40000003 syscall=45 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 650.116786][ T29] audit: type=1326 audit(649.934:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11697 comm="syz.0.2282" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 650.140292][ T29] audit: type=1326 audit(649.934:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11697 comm="syz.0.2282" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 650.718154][T11711] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2290'. [ 650.770008][T11714] 8021q: VLANs not supported on hsr0 [ 651.335699][T11721] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2295'. [ 652.548615][T11736] loop0: detected capacity change from 0 to 1024 [ 652.587034][T11736] EXT4-fs: Ignoring removed orlov option [ 652.593160][T11736] EXT4-fs: Ignoring removed nomblk_io_submit option [ 652.752647][T11743] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2306'. [ 652.764813][T11740] loop6: detected capacity change from 0 to 1024 [ 652.783003][T11736] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002] [ 652.783150][T11740] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 652.801869][T11736] System zones: 0-1, 3-36 [ 652.831506][T11736] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 653.196635][T11740] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 653.867419][ T5794] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 653.953726][T11762] netlink: 'syz.7.2314': attribute type 3 has an invalid length. [ 653.963499][T11762] netlink: 224 bytes leftover after parsing attributes in process `syz.7.2314'. [ 654.001342][ T7299] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 654.526186][T11767] xt_CT: You must specify a L4 protocol and not use inversions on it [ 655.435349][ T5879] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 655.591601][T11786] netlink: 'syz.4.2326': attribute type 1 has an invalid length. [ 656.244544][ T5879] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 656.254028][ T5879] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 656.330698][ T5879] usb 1-1: config 0 descriptor?? [ 656.824884][ T5879] [drm] vendor descriptor length:6 data:06 5f 14 24 49 ef 00 00 00 00 00 [ 656.833712][ T5879] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 657.062695][ T5879] [drm:udl_init] *ERROR* Selecting channel failed [ 657.148062][ T5879] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2 [ 657.155269][ T5879] [drm] Initialized udl on minor 2 [ 657.265211][ T5879] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 657.274670][ T5879] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 657.516602][ T5878] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 657.544978][ T5878] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 657.553509][ T5878] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 657.560691][ T5879] usb 1-1: USB disconnect, device number 15 [ 657.807860][T11818] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2342'. [ 658.314779][T11823] syz.0.2344 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 659.710179][T11844] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2354'. [ 659.983965][T11848] tmpfs: Bad value for 'mpol' [ 660.353910][T11852] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2356'. [ 661.494995][ T5849] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 661.658284][T11874] loop7: detected capacity change from 0 to 1024 [ 661.664908][ T5849] usb 5-1: Using ep0 maxpacket: 16 [ 661.680717][ T5849] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 661.787599][ T5849] usb 5-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b5.89 [ 661.798793][ T5849] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 661.807777][ T5849] usb 5-1: Product: syz [ 661.812196][ T5849] usb 5-1: Manufacturer: syz [ 661.817302][ T5849] usb 5-1: SerialNumber: syz [ 661.980546][ T5849] usb 5-1: config 0 descriptor?? [ 662.052531][ T5849] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622 [ 662.323230][T11881] loop0: detected capacity change from 0 to 2048 [ 662.327697][ T3963] hfsplus: b-tree write err: -5, ino 4 [ 662.386362][T11887] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2370'. [ 662.395869][T11887] netlink: 56 bytes leftover after parsing attributes in process `syz.5.2370'. [ 662.596383][ T5849] gspca_pac7302: reg_w() failed i: 78 v: 00 error -71 [ 662.603675][ T5849] gspca_pac7302 5-1:0.0: probe with driver gspca_pac7302 failed with error -71 [ 662.609896][T11881] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 662.701863][ T5849] usb 5-1: USB disconnect, device number 12 [ 663.584510][T11899] netlink: 48 bytes leftover after parsing attributes in process `syz.7.2377'. [ 665.015265][T11919] netlink: 'syz.0.2387': attribute type 2 has an invalid length. [ 666.108383][T11934] xt_recent: hitcount (16777216) is larger than allowed maximum (65535) [ 666.131416][T11935] loop7: detected capacity change from 0 to 16 [ 666.197422][T11935] erofs: (device loop7): mounted with root inode @ nid 36. [ 666.391950][T11903] loop4: detected capacity change from 0 to 4096 [ 666.854482][T11903] NILFS (loop4): invalid segment: Checksum error in segment payload [ 666.862804][T11903] NILFS (loop4): trying rollback from an earlier position [ 667.318593][T11903] NILFS (loop4): recovery complete [ 667.344170][T11903] NILFS (loop4): error -4 creating segctord thread [ 667.768759][T11957] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2404'. [ 668.163107][T11964] netlink: 288 bytes leftover after parsing attributes in process `syz.7.2406'. [ 668.334811][T11967] netlink: 164 bytes leftover after parsing attributes in process `syz.5.2410'. [ 668.344454][T11967] netlink: 164 bytes leftover after parsing attributes in process `syz.5.2410'. [ 668.661450][T11973] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 670.286274][T11997] netlink: 'syz.7.2424': attribute type 1 has an invalid length. [ 670.295011][ T5849] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 670.455752][ T5849] usb 1-1: Using ep0 maxpacket: 16 [ 670.506968][ T5849] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 670.518799][ T5849] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 670.595109][ T5849] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 670.606330][ T5849] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 670.615349][ T5849] usb 1-1: Product: syz [ 670.619761][ T5849] usb 1-1: Manufacturer: syz [ 670.624895][ T5849] usb 1-1: SerialNumber: syz [ 671.075650][T12007] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2428'. [ 671.726869][ T5849] usb 1-1: cannot find UAC_HEADER [ 671.802342][ T5849] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 671.907293][ T5849] usb 1-1: USB disconnect, device number 16 [ 672.618990][ T7600] udevd[7600]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 672.724151][T12034] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2438'. [ 673.740743][T12046] loop5: detected capacity change from 0 to 4096 [ 674.562376][T12062] bridge3: the hash_elasticity option has been deprecated and is always 16 [ 675.778694][T12046] ntfs3(loop5): ino=21, The size of extended attributes must not exceed 64KiB [ 676.083945][ T29] audit: type=1326 audit(676.004:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12082 comm="syz.0.2464" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 676.105841][ T29] audit: type=1326 audit(676.004:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12082 comm="syz.0.2464" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 676.128143][ T29] audit: type=1326 audit(676.084:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12082 comm="syz.0.2464" exe="/root/syz-executor" sig=0 arch=40000003 syscall=347 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 676.151564][ T29] audit: type=1326 audit(676.084:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12082 comm="syz.0.2464" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 676.173855][ T29] audit: type=1326 audit(676.084:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12082 comm="syz.0.2464" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 677.279475][T12091] loop6: detected capacity change from 0 to 1764 [ 679.076981][T12132] xt_cgroup: xt_cgroup: no path or classid specified [ 679.332469][T12134] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2488'. [ 680.014838][T12146] loop5: detected capacity change from 0 to 256 [ 680.026185][T12146] exfat: Deprecated parameter 'utf8' [ 680.339237][T12150] loop6: detected capacity change from 0 to 256 [ 680.821565][T12150] exFAT-fs (loop6): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d) [ 681.060117][T12153] loop4: detected capacity change from 0 to 4096 [ 681.143361][T12153] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 681.190888][T12146] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 681.437885][T12163] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2503'. [ 682.322437][T12170] netlink: 84 bytes leftover after parsing attributes in process `syz.5.2506'. [ 682.972292][T12184] loop0: detected capacity change from 0 to 64 [ 685.250667][T12214] loop6: detected capacity change from 0 to 256 [ 685.584123][T12221] loop4: detected capacity change from 0 to 64 [ 686.174571][T10376] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 686.391755][T10376] usb 1-1: Using ep0 maxpacket: 8 [ 686.419077][T10376] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 686.427393][T10376] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 686.436547][T12230] tc_dump_action: action bad kind [ 686.437631][T10376] usb 1-1: config 168 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 686.452828][T10376] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 686.464759][T12232] ebtables: wrong size: *len 264, entries_size 144, replsz 144 [ 686.519956][T10376] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 686.527983][T10376] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 686.539030][T10376] usb 1-1: config 168 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 686.549399][T10376] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 686.669137][T10376] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 686.677130][T10376] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 686.689758][T10376] usb 1-1: config 168 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 686.700631][T10376] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 686.883797][T10376] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 686.894964][T10376] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 686.903248][T10376] usb 1-1: Product: syz [ 686.908426][T10376] usb 1-1: Manufacturer: syz [ 686.916229][T10376] usb 1-1: SerialNumber: syz [ 687.257091][T12241] nft_compat: unsupported protocol 5 [ 687.420343][T10376] adutux 1-1:168.0: interrupt endpoints not found [ 687.516635][T10376] usb 1-1: USB disconnect, device number 17 [ 688.176729][T12251] loop5: detected capacity change from 0 to 256 [ 688.467976][T10376] usb 7-1: new full-speed USB device number 5 using dummy_hcd [ 688.518384][T12247] loop4: detected capacity change from 0 to 4096 [ 688.580197][T12247] ntfs3(loop4): It is recommened to use chkdsk. [ 688.650974][T12247] ntfs3(loop4): try to read out of volume at offset 0x3fffffc0c00 [ 688.659050][T10376] usb 7-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 688.662406][T12247] ntfs3(loop4): try to read out of volume at offset 0x3fffffc0c00 [ 688.671532][T10376] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 688.690959][T12247] ntfs3(loop4): try to read out of volume at offset 0x3fffffc0c00 [ 688.699444][T12247] ntfs3(loop4): try to read out of volume at offset 0x3fffffc0c00 [ 688.700936][T10376] usb 7-1: config 0 descriptor?? [ 688.707684][T12247] ntfs3(loop4): try to read out of volume at offset 0x3fffffc1c00 [ 688.707925][T12247] ntfs3(loop4): try to read out of volume at offset 0x3fffffc2c00 [ 688.708155][T12247] ntfs3(loop4): try to read out of volume at offset 0x3fffffc4c00 [ 688.708405][T12247] ntfs3(loop4): try to read out of volume at offset 0x3fffffc8c00 [ 688.748414][T12247] ntfs3(loop4): try to read out of volume at offset 0x3fffffd0c00 [ 688.789077][T10376] ums-realtek 7-1:0.0: USB Mass Storage device detected [ 688.989757][T10376] usb 7-1: USB disconnect, device number 5 [ 690.565573][T12281] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2554'. [ 692.939069][T12317] bridge4: entered promiscuous mode [ 693.718639][T12334] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2578'. [ 694.459359][T12346] loop4: detected capacity change from 0 to 256 [ 694.481876][T12346] exfat: Deprecated parameter 'utf8' [ 694.488601][T12346] exfat: Deprecated parameter 'utf8' [ 694.732422][T12346] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 696.107875][T12370] loop6: detected capacity change from 0 to 512 [ 696.178316][T12370] EXT4-fs: Ignoring removed nobh option [ 696.327402][T12370] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 696.402038][T12364] loop7: detected capacity change from 0 to 2048 [ 696.464006][T12370] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2594: bg 0: block 224: padding at end of block bitmap is not set [ 696.503844][T12370] EXT4-fs (loop6): Remounting filesystem read-only [ 696.572607][T12364] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 696.593968][T12370] Quota error (device loop6): write_blk: dquota write failed [ 696.602169][T12370] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 697.001272][ T7299] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 697.464912][T10376] usb 5-1: new low-speed USB device number 13 using dummy_hcd [ 697.860176][T10376] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10 [ 697.876146][T10376] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 255, setting to 8 [ 697.889046][T10376] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 697.898526][T10376] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 697.939039][T12381] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 698.030422][T12395] netlink: 'syz.5.2606': attribute type 1 has an invalid length. [ 698.626686][T10376] usb 5-1: string descriptor 0 read error: -71 [ 698.635029][T10376] hub 5-1:32.0: USB hub found [ 698.643227][T10376] hub 5-1:32.0: config failed, can't read hub descriptor (err -22) [ 698.801591][T12398] loop6: detected capacity change from 0 to 2048 [ 698.903116][T10376] usb 5-1: USB disconnect, device number 13 [ 699.026812][T12398] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 699.093205][ T29] audit: type=1800 audit(699.064:78): pid=12398 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2607" name="bus" dev="loop6" ino=1367 res=0 errno=0 [ 699.205340][T12406] netlink: 'syz.0.2611': attribute type 21 has an invalid length. [ 699.213617][T12406] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2611'. [ 699.223441][T12406] netlink: 'syz.0.2611': attribute type 5 has an invalid length. [ 699.231529][T12406] netlink: 3 bytes leftover after parsing attributes in process `syz.0.2611'. [ 699.486689][ T7600] udevd[7600]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 699.845442][T12413] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2615'. [ 699.938676][T12411] netlink: 'syz.6.2614': attribute type 7 has an invalid length. [ 700.478318][T12423] loop7: detected capacity change from 0 to 256 [ 700.833288][T12432] overlayfs: conflicting options: metacopy=off,verity=on [ 701.907552][T12445] netlink: 'syz.0.2631': attribute type 7 has an invalid length. [ 701.933487][T12423] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 703.244440][T12466] loop5: detected capacity change from 0 to 512 [ 703.257788][T12467] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2641'. [ 703.376021][T12466] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13 [ 703.472230][T12466] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.2639: attempt to clear invalid blocks 2 len 1 [ 703.559859][T12474] loop4: detected capacity change from 0 to 512 [ 703.568191][T12466] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 703.585699][T12466] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.2639: invalid indirect mapped block 1819239214 (level 0) [ 703.747663][T12466] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.2639: invalid indirect mapped block 1819239214 (level 1) [ 703.778131][T12466] EXT4-fs (loop5): 1 truncate cleaned up [ 703.787712][T12466] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 704.078703][T12466] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 704.080059][T12483] loop7: detected capacity change from 0 to 8 [ 704.126885][T12474] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 704.239507][T12483] SQUASHFS error: Unable to read directory block [629:26] [ 704.492610][T12474] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #15: comm syz.4.2644: corrupted xattr block 33: invalid header [ 704.546650][T12487] netlink: 144 bytes leftover after parsing attributes in process `syz.0.2648'. [ 704.559006][ T7256] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 705.069549][ T5800] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 705.116893][T12490] tmpfs: Bad value for 'mpol' [ 705.348260][T12494] libceph: resolve '0..' (ret=-3): failed [ 706.383721][T12506] loop7: detected capacity change from 0 to 2048 [ 706.587865][T12514] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 706.681427][T12506] NILFS error (device loop7): nilfs_check_folio: bad entry in directory #2: unaligned directory entry - offset=0, inode=2, rec_len=201, name_len=0 [ 706.842771][T12506] Remounting filesystem read-only [ 707.048064][T12520] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2664'. [ 708.721106][T12545] loop6: detected capacity change from 0 to 128 [ 708.747514][T12547] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2675'. [ 709.123569][T12545] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 709.268286][T12554] overlayfs: conflicting options: verity=on,redirect_dir=follow [ 709.558424][ T7299] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 710.376970][T10376] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 710.574460][T10376] usb 5-1: Using ep0 maxpacket: 16 [ 710.614824][T10376] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 710.674914][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 710.681701][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 710.827542][T12574] xt_TPROXY: Can be used only with -p tcp or -p udp [ 710.840836][T10376] usb 5-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=50.0d [ 710.852133][T10376] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 710.861167][T10376] usb 5-1: Product: syz [ 710.865835][T10376] usb 5-1: Manufacturer: syz [ 710.870686][T10376] usb 5-1: SerialNumber: syz [ 710.874604][T12578] CIFS: iocharset name too long [ 710.965588][T10376] usb 5-1: config 0 descriptor?? [ 711.412902][T10376] gspca_main: STV06xx-2.14.0 probing 046d:08f0 [ 711.419840][T10376] gspca_stv06xx: st6422 sensor detected [ 712.020886][T10376] STV06xx 5-1:0.0: probe with driver STV06xx failed with error -71 [ 712.165133][T10376] usb 5-1: USB disconnect, device number 14 [ 712.708563][T12601] xt_connbytes: Forcing CT accounting to be enabled [ 712.752761][T12601] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 714.312262][T12627] loop0: detected capacity change from 0 to 24 [ 714.389988][T12627] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 714.419814][T12607] loop7: detected capacity change from 0 to 4096 [ 714.593098][T12607] ntfs3(loop7): It is recommened to use chkdsk. [ 714.637661][T12607] ntfs3(loop7): try to read out of volume at offset 0x3fffffc0c00 [ 714.646191][T12607] ntfs3(loop7): try to read out of volume at offset 0x3fffffc0c00 [ 714.654663][T12607] ntfs3(loop7): try to read out of volume at offset 0x3fffffc0c00 [ 714.666811][T12607] ntfs3(loop7): try to read out of volume at offset 0x3fffffc0c00 [ 714.676346][T12607] ntfs3(loop7): try to read out of volume at offset 0x3fffffc1c00 [ 714.684876][T12607] ntfs3(loop7): try to read out of volume at offset 0x3fffffc2c00 [ 714.693082][T12607] ntfs3(loop7): try to read out of volume at offset 0x3fffffc4c00 [ 714.701479][T12607] ntfs3(loop7): try to read out of volume at offset 0x3fffffc8c00 [ 714.710253][T12607] ntfs3(loop7): try to read out of volume at offset 0x3fffffd0c00 [ 715.037008][T12633] loop4: detected capacity change from 0 to 256 [ 715.434927][T12640] loop5: detected capacity change from 0 to 512 [ 715.638644][T12644] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2722'. [ 715.648653][T12644] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2722'. [ 715.754624][ T5878] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 715.980214][ T5878] usb 5-1: config 255 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 192 [ 715.995221][ T5878] usb 5-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config [ 716.007220][ T5878] usb 5-1: config 255 has no interfaces? [ 716.013216][ T5878] usb 5-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 716.022621][ T5878] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 716.410746][T12640] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 716.467556][ T5878] usb 5-1: string descriptor 0 read error: -71 [ 716.526952][ T5878] usb 5-1: USB disconnect, device number 15 [ 716.544953][T12652] tipc: Trying to set illegal importance in message [ 716.583933][ T5797] Bluetooth: hci2: unexpected event for opcode 0x200b [ 718.010793][T12671] netlink: 5312 bytes leftover after parsing attributes in process `syz.4.2734'. [ 718.035344][T12672] batadv0: entered promiscuous mode [ 718.180202][T12674] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2736'. [ 718.533942][T12677] netlink: 'syz.0.2739': attribute type 4 has an invalid length. [ 721.461646][T12728] loop4: detected capacity change from 0 to 1024 [ 722.524626][ T5878] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 722.714822][ T5878] usb 1-1: Using ep0 maxpacket: 8 [ 722.763134][ T5878] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 722.771957][ T5878] usb 1-1: config 179 has no interface number 0 [ 722.779249][ T5878] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 722.795168][ T5878] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 722.807160][ T5878] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 722.818817][ T5878] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 722.834903][ T5878] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 722.843948][T12747] loop7: detected capacity change from 0 to 128 [ 722.850190][ T5878] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 722.867972][ T5878] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 723.115648][T12739] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 723.792011][T10376] usb 1-1: USB disconnect, device number 18 [ 723.792243][ C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 723.809438][ C0] dummy_hcd dummy_hcd.0: timer fired with no URBs pending? [ 724.719159][T12762] loop7: detected capacity change from 0 to 256 [ 725.068169][T12769] loop0: detected capacity change from 0 to 8 [ 725.229982][T12762] FAT-fs (loop7): Directory bread(block 64) failed [ 725.237154][T12762] FAT-fs (loop7): Directory bread(block 65) failed [ 725.244161][T12762] FAT-fs (loop7): Directory bread(block 66) failed [ 725.251113][T12762] FAT-fs (loop7): Directory bread(block 67) failed [ 725.258186][T12762] FAT-fs (loop7): Directory bread(block 68) failed [ 725.265177][T12762] FAT-fs (loop7): Directory bread(block 69) failed [ 725.272108][T12762] FAT-fs (loop7): Directory bread(block 70) failed [ 725.279108][T12762] FAT-fs (loop7): Directory bread(block 71) failed [ 725.288190][T12762] FAT-fs (loop7): Directory bread(block 72) failed [ 725.295682][T12762] FAT-fs (loop7): Directory bread(block 73) failed [ 725.432301][T12769] SQUASHFS error: xz decompression failed, data probably corrupt [ 725.441299][T12769] SQUASHFS error: Failed to read block 0x60: -5 [ 725.480340][T12769] SQUASHFS error: xz decompression failed, data probably corrupt [ 725.488519][T12769] SQUASHFS error: Failed to read block 0x60: -5 [ 725.556812][ T29] audit: type=1800 audit(725.474:79): pid=12769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2780" name="file1" dev="loop0" ino=1 res=0 errno=0 [ 726.142025][T12777] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2786'. [ 726.427376][T12766] loop6: detected capacity change from 0 to 4096 [ 726.558062][T12766] ntfs3(loop6): It is recommened to use chkdsk. [ 726.705785][T12766] ntfs3(loop6): try to read out of volume at offset 0x3fffffc0c00 [ 726.714046][T12766] ntfs3(loop6): try to read out of volume at offset 0x3fffffc0c00 [ 726.724828][T12766] ntfs3(loop6): try to read out of volume at offset 0x3fffffc0c00 [ 726.733066][T12766] ntfs3(loop6): try to read out of volume at offset 0x3fffffc0c00 [ 726.742165][T12766] ntfs3(loop6): try to read out of volume at offset 0x3fffffc1c00 [ 726.755859][T12766] ntfs3(loop6): try to read out of volume at offset 0x3fffffc2c00 [ 726.764077][T12766] ntfs3(loop6): try to read out of volume at offset 0x3fffffc4c00 [ 726.772462][T12766] ntfs3(loop6): try to read out of volume at offset 0x3fffffc8c00 [ 726.781891][T12766] ntfs3(loop6): try to read out of volume at offset 0x3fffffd0c00 [ 726.837809][T12783] xt_hashlimit: max too large, truncated to 1048576 [ 726.844753][T12783] xt_hashlimit: overflow, rate too high: 0 [ 726.979130][T12785] xt_hashlimit: invalid interval [ 727.775933][T12795] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2803'. [ 727.798114][T12795] gre1: entered allmulticast mode [ 727.966690][T12798] loop7: detected capacity change from 0 to 8 [ 728.570996][T12798] SQUASHFS error: xz decompression failed, data probably corrupt [ 728.579173][T12798] SQUASHFS error: Failed to read block 0x60: -5 [ 728.619804][T12798] SQUASHFS error: xz decompression failed, data probably corrupt [ 728.628906][T12798] SQUASHFS error: Failed to read block 0x60: -5 [ 728.746632][T12810] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2799'. [ 728.784039][ T29] audit: type=1800 audit(728.614:80): pid=12798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.2794" name="file1" dev="loop7" ino=1 res=0 errno=0 [ 730.103056][T12829] IPVS: length: 186 != 8 [ 731.451184][T12849] cgroup: Invalid name [ 731.499364][T12848] loop4: detected capacity change from 0 to 8 [ 731.947757][T12848] SQUASHFS error: xz decompression failed, data probably corrupt [ 731.956016][T12848] SQUASHFS error: Failed to read block 0x60: -5 [ 732.000604][T12848] SQUASHFS error: xz decompression failed, data probably corrupt [ 732.008932][T12848] SQUASHFS error: Failed to read block 0x60: -5 [ 732.025001][ T5878] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 732.097863][ T29] audit: type=1800 audit(731.994:81): pid=12848 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2820" name="file1" dev="loop4" ino=1 res=0 errno=0 [ 732.383365][ T5878] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 732.392919][ T5878] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 732.401641][ T5878] usb 7-1: Product: syz [ 732.406202][ T5878] usb 7-1: Manufacturer: syz [ 732.411051][ T5878] usb 7-1: SerialNumber: syz [ 732.592818][ T5878] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 733.299776][ T5879] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 733.745623][ T5878] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 733.919802][ T5855] usb 7-1: USB disconnect, device number 6 [ 733.927003][T12874] netlink: 'syz.7.2831': attribute type 1 has an invalid length. [ 733.927094][T12874] netlink: 'syz.7.2831': attribute type 2 has an invalid length. [ 733.927181][T12874] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2831'. [ 734.069811][ T5878] usb 5-1: Using ep0 maxpacket: 8 [ 734.094009][ T5878] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 734.102816][ T5878] usb 5-1: config 179 has no interface number 0 [ 734.109574][ T5878] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 734.122700][ T5878] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 734.134931][ T5878] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 734.146615][ T5878] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 734.158401][ T5878] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 734.172114][ T5878] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 734.182194][ T5878] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 734.460517][T12872] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 734.474156][T12883] loop0: detected capacity change from 0 to 64 [ 734.520645][ T5879] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 734.530465][ T5879] ath9k_htc: Failed to initialize the device [ 734.585472][ T5855] usb 7-1: ath9k_htc: USB layer deinitialized [ 734.863887][T12872] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4) [ 734.870723][T12872] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 734.880425][T12872] vhci_hcd vhci_hcd.0: Device attached [ 734.967204][T12885] vhci_hcd: connection closed [ 735.044837][ T5879] usb 5-1: USB disconnect, device number 16 [ 735.055945][ C0] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 735.056181][ C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 735.164968][ T5878] vhci_hcd: vhci_device speed not set [ 735.214416][ T13] vhci_hcd: stop threads [ 735.220998][ T13] vhci_hcd: release socket [ 735.225879][ T13] vhci_hcd: disconnect device [ 735.237345][ T5878] usb 41-1: new full-speed USB device number 2 using vhci_hcd [ 735.246984][ T5878] usb 41-1: enqueue for inactive port 0 [ 735.355011][ T5878] vhci_hcd: vhci_device speed not set [ 737.223841][T12921] loop6: detected capacity change from 0 to 64 [ 737.286012][ T29] audit: type=1800 audit(737.194:82): pid=12906 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.7.2844" name="/newroot/421/file0" dev="tmpfs" ino=2157 res=0 errno=0 [ 738.451585][T12941] netlink: 'syz.5.2860': attribute type 7 has an invalid length. [ 738.615068][T12939] loop0: detected capacity change from 0 to 764 [ 738.697138][T12939] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 739.364832][T12951] loop6: detected capacity change from 0 to 4096 [ 739.451514][ T29] audit: type=1400 audit(739.154:83): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=381CD2A12F2F26 pid=12940 comm="syz.4.2861" [ 739.503340][T12951] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 740.508835][T12951] ntfs3(loop6): failed to convert "c46c" to cp861 [ 742.006001][ T5849] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 742.215245][ T5849] usb 5-1: Using ep0 maxpacket: 32 [ 742.293691][T12998] libceph: resolve '0..' (ret=-3): failed [ 742.302546][ T5849] usb 5-1: config 0 has an invalid interface number: 146 but max is 0 [ 742.315224][ T5849] usb 5-1: config 0 has no interface number 0 [ 742.321600][ T5849] usb 5-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 742.334905][ T5849] usb 5-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 742.347526][ T5849] usb 5-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024 [ 742.359432][ T5849] usb 5-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024 [ 742.370085][ T5849] usb 5-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82 [ 742.382235][ T5849] usb 5-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 742.394801][ T5849] usb 5-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 742.405227][ T5849] usb 5-1: config 0 interface 146 altsetting 0 endpoint 0x1 has invalid maxpacket 26159, setting to 1024 [ 742.420574][ T5849] usb 5-1: config 0 interface 146 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024 [ 742.432084][ T5849] usb 5-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 742.838407][T13006] tmpfs: Bad value for 'mpol' [ 742.953424][ T5849] usb 5-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95 [ 742.963060][ T5849] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 742.971590][ T5849] usb 5-1: Product: syz [ 742.976073][ T5849] usb 5-1: Manufacturer: syz [ 742.980907][ T5849] usb 5-1: SerialNumber: syz [ 743.117345][ T5849] usb 5-1: config 0 descriptor?? [ 743.135802][T12981] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 743.144774][T12981] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 743.221752][ T5849] microtek usb (rev 0.4.3): will this work? Response EP is not usually 3 [ 743.235522][ T5849] microtek usb (rev 0.4.3): will this work? Image data EP is not usually 2 [ 743.371803][ T5849] scsi host1: microtekX6 [ 743.466294][ T5849] usb 5-1: USB disconnect, device number 17 [ 743.474678][ T40] microtek usb (rev 0.4.3): error -19 submitting URB [ 743.528445][ T40] microtek usb (rev 0.4.3): error -19 submitting URB [ 744.382255][T13026] xt_TCPMSS: Only works on TCP SYN packets [ 745.771298][T13047] loop4: detected capacity change from 0 to 1764 [ 746.740373][T13059] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2914'. [ 747.658678][T13070] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2917'. [ 747.859898][T13074] netlink: 'syz.5.2919': attribute type 15 has an invalid length. [ 747.955554][T13079] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2922'. [ 750.588785][T13125] loop0: detected capacity change from 0 to 256 [ 750.666649][T13122] netlink: zone id is out of range [ 750.671995][T13122] netlink: zone id is out of range [ 750.942454][T13127] dlm: no locking on control device [ 751.132577][T13125] FAT-fs (loop0): Directory bread(block 64) failed [ 751.139612][T13125] FAT-fs (loop0): Directory bread(block 65) failed [ 751.146995][T13125] FAT-fs (loop0): Directory bread(block 66) failed [ 751.153786][T13125] FAT-fs (loop0): Directory bread(block 67) failed [ 751.160987][T13125] FAT-fs (loop0): Directory bread(block 68) failed [ 751.167894][T13125] FAT-fs (loop0): Directory bread(block 69) failed [ 751.174969][T13125] FAT-fs (loop0): Directory bread(block 70) failed [ 751.181756][T13125] FAT-fs (loop0): Directory bread(block 71) failed [ 751.188814][T13125] FAT-fs (loop0): Directory bread(block 72) failed [ 751.197695][T13125] FAT-fs (loop0): Directory bread(block 73) failed [ 751.530850][T13133] loop5: detected capacity change from 0 to 64 [ 752.266414][T13145] usb usb1: usbfs: interface 0 claimed by hub while 'syz.7.2954' sets config #1 [ 752.433067][T13147] loop0: detected capacity change from 0 to 1024 [ 753.143728][T13157] loop0: detected capacity change from 0 to 2048 [ 753.311990][T13157] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 753.976099][T13157] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 754.705565][ T5794] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 754.762992][T13185] loop6: detected capacity change from 0 to 256 [ 755.179365][T13185] FAT-fs (loop6): Directory bread(block 64) failed [ 755.188457][T13185] FAT-fs (loop6): Directory bread(block 65) failed [ 755.196446][T13185] FAT-fs (loop6): Directory bread(block 66) failed [ 755.203240][T13185] FAT-fs (loop6): Directory bread(block 67) failed [ 755.210367][T13185] FAT-fs (loop6): Directory bread(block 68) failed [ 755.221547][T13185] FAT-fs (loop6): Directory bread(block 69) failed [ 755.229805][T13185] FAT-fs (loop6): Directory bread(block 70) failed [ 755.236878][T13185] FAT-fs (loop6): Directory bread(block 71) failed [ 755.243794][T13185] FAT-fs (loop6): Directory bread(block 72) failed [ 755.250775][T13185] FAT-fs (loop6): Directory bread(block 73) failed [ 755.320089][T13193] loop0: detected capacity change from 0 to 64 [ 755.354017][T13193] Trying to free block not in datazone [ 755.360003][T13193] Trying to free block not in datazone [ 755.366171][T13193] Trying to free block not in datazone [ 755.371823][T13193] Trying to free block not in datazone [ 755.378182][T13193] minix_free_block (loop0:6): bit already cleared [ 755.385061][T13193] Trying to free block not in datazone [ 755.392599][T13193] Trying to free block not in datazone [ 757.495358][T13223] loop7: detected capacity change from 0 to 256 [ 757.690828][T13223] FAT-fs (loop7): Directory bread(block 64) failed [ 757.698210][T13223] FAT-fs (loop7): Directory bread(block 65) failed [ 757.705317][T13223] FAT-fs (loop7): Directory bread(block 66) failed [ 757.712097][T13223] FAT-fs (loop7): Directory bread(block 67) failed [ 757.719222][T13223] FAT-fs (loop7): Directory bread(block 68) failed [ 757.726362][T13223] FAT-fs (loop7): Directory bread(block 69) failed [ 757.733273][T13223] FAT-fs (loop7): Directory bread(block 70) failed [ 757.740166][T13223] FAT-fs (loop7): Directory bread(block 71) failed [ 757.749164][T13223] FAT-fs (loop7): Directory bread(block 72) failed [ 757.758710][T13223] FAT-fs (loop7): Directory bread(block 73) failed [ 758.473094][T13214] loop4: detected capacity change from 0 to 4096 [ 758.737326][T13237] netlink: zone id is out of range [ 758.742768][T13237] netlink: zone id is out of range [ 758.833096][T13214] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 760.143152][T13214] ntfs3(loop4): Failed to read $UpCase (-4). [ 760.732875][T13254] loop7: detected capacity change from 0 to 4096 [ 760.774785][T13268] loop0: detected capacity change from 0 to 512 [ 760.799118][T13254] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512). [ 760.840968][T13268] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 761.016418][T13268] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 761.617226][T13268] Quota error (device loop0): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 761.628631][T13268] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 761.641118][T13268] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.3010: Failed to acquire dquot type 0 [ 761.967458][T13286] xt_hashlimit: max too large, truncated to 1048576 [ 761.978468][T13286] xt_hashlimit: overflow, try lower: 0/0 [ 762.346621][ T5794] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 762.553392][T13254] ntfs3(loop7): failed to convert "c46c" to maciceland [ 763.929775][T13312] loop0: detected capacity change from 0 to 256 [ 764.124883][T13312] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d16cac, utbl_chksum : 0xe619d30d) [ 764.284592][T13312] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000008) [ 764.294118][T13312] exFAT-fs (loop0): Filesystem has been set read-only [ 764.367275][T13316] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3033'. [ 764.821290][T13321] netlink: 'syz.5.3036': attribute type 4 has an invalid length. [ 764.829407][T13321] netlink: 134728 bytes leftover after parsing attributes in process `syz.5.3036'. [ 765.080215][T13311] loop7: detected capacity change from 0 to 4096 [ 765.142991][T13311] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512). [ 765.859788][T13336] mmap: syz.6.3042 (13336): VmData 37371904 exceed data ulimit 2. Update limits or use boot option ignore_rlimit_data. [ 766.122196][T13340] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3043'. [ 766.131602][T13340] netlink: 5 bytes leftover after parsing attributes in process `syz.5.3043'. [ 767.014711][T10376] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 767.086416][T13355] loop6: detected capacity change from 0 to 1024 [ 767.173543][T13355] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 767.190027][T10376] usb 5-1: too many configurations: 239, using maximum allowed: 8 [ 767.533074][T10376] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 767.542761][T10376] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 767.551411][T10376] usb 5-1: Product: syz [ 767.555997][T10376] usb 5-1: Manufacturer: syz [ 767.560832][T10376] usb 5-1: SerialNumber: syz [ 767.731145][T10376] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 767.908194][T13355] EXT4-fs error (device loop6): ext4_ext_check_inode:524: inode #11: comm syz.6.3046: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 767.975436][T13365] ALSA: mixer_oss: invalid OSS volume 'u' [ 768.208274][T13355] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.3046: couldn't read orphan inode 11 (err -117) [ 768.317601][T13355] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 768.480620][ T5849] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 768.935959][ T7299] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 769.041157][ T5878] usb 5-1: USB disconnect, device number 18 [ 769.065421][ C1] dummy_hcd dummy_hcd.4: timer fired with no URBs pending? [ 769.605869][ T5849] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 769.613564][ T5849] ath9k_htc: Failed to initialize the device [ 769.734444][ T5878] usb 5-1: ath9k_htc: USB layer deinitialized [ 771.292289][T13409] loop6: detected capacity change from 0 to 16 [ 772.092131][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 772.099018][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 772.769767][T13415] loop0: detected capacity change from 0 to 4096 [ 772.810633][T13415] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 773.530145][T13436] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 773.794124][T13440] : renamed from hsr0 (while UP) [ 774.138763][T13415] ntfs3(loop0): failed to convert "c46c" to maciceland [ 774.273045][T13448] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3089'. [ 774.359296][T13449] loop4: detected capacity change from 0 to 512 [ 775.034882][T13449] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 775.169214][T13464] loop5: detected capacity change from 0 to 1024 [ 775.174422][T13449] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #15: comm syz.4.3095: corrupted xattr block 33: overlapping e_value [ 775.686837][T13471] loop7: detected capacity change from 0 to 512 [ 775.803160][T13471] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 776.071968][ T5800] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 776.093595][T13464] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 776.202722][T13471] Quota error (device loop7): do_check_range: Getting block 514 out of range 1-5 [ 776.214679][T13471] Quota error (device loop7): qtree_read_dquot: Can't read quota structure for id 0 [ 776.225276][T13471] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.3102: Failed to acquire dquot type 1 [ 776.251905][T13471] EXT4-fs (loop7): 1 truncate cleaned up [ 776.260578][T13471] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 776.581620][T13471] Quota error (device loop7): do_check_range: Getting block 514 out of range 1-5 [ 776.593613][T13471] Quota error (device loop7): qtree_read_dquot: Can't read quota structure for id 0 [ 776.604298][T13471] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.3102: Failed to acquire dquot type 1 [ 776.823589][ T7256] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 777.019140][ T7319] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 777.927700][T13505] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3114'. [ 778.061997][T13507] loop5: detected capacity change from 0 to 64 [ 778.094522][T13509] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3118'. [ 778.546826][T13507] hfs: inconsistency in B*Tree (1,0,2,2,3) [ 778.955431][T13520] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3126'. [ 779.308015][T13527] kAFS: unable to lookup cell '.,' [ 779.792041][T13534] loop5: detected capacity change from 0 to 1024 [ 779.958758][T13532] loop6: detected capacity change from 0 to 1024 [ 780.055100][T13532] EXT4-fs (loop6): Test dummy encryption mode enabled [ 780.298918][T13532] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 780.826493][ T7299] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 780.923268][T13550] loop0: detected capacity change from 0 to 164 [ 781.106738][T13550] iso9660: Corrupted directory entry in block 0 of inode 1792 [ 781.624696][T13560] loop4: detected capacity change from 0 to 256 [ 782.003568][T13565] loop7: detected capacity change from 0 to 512 [ 782.037717][T13565] EXT4-fs: Ignoring removed nomblk_io_submit option [ 782.080678][T13565] EXT4-fs: old and new quota format mixing [ 782.164915][T13567] netlink: 'syz.0.3144': attribute type 10 has an invalid length. [ 782.223378][T13560] FAT-fs (loop4): Directory bread(block 64) failed [ 782.230666][T13560] FAT-fs (loop4): Directory bread(block 65) failed [ 782.237965][T13560] FAT-fs (loop4): Directory bread(block 66) failed [ 782.248779][T13560] FAT-fs (loop4): Directory bread(block 67) failed [ 782.256976][T13560] FAT-fs (loop4): Directory bread(block 68) failed [ 782.263766][T13560] FAT-fs (loop4): Directory bread(block 69) failed [ 782.270867][T13560] FAT-fs (loop4): Directory bread(block 70) failed [ 782.277921][T13560] FAT-fs (loop4): Directory bread(block 71) failed [ 782.284995][T13560] FAT-fs (loop4): Directory bread(block 72) failed [ 782.291782][T13560] FAT-fs (loop4): Directory bread(block 73) failed [ 782.662799][T13565] loop7: detected capacity change from 0 to 1764 [ 782.800775][T13571] : renamed from hsr0 (while UP) [ 782.985273][T13573] netlink: 'syz.0.3149': attribute type 10 has an invalid length. [ 782.993473][T13573] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3149'. [ 783.008587][T13573] batman_adv: batadv0: Adding interface: vlan0 [ 783.015218][T13573] batman_adv: batadv0: The MTU of interface vlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 783.042782][T13573] batman_adv: batadv0: Interface activated: vlan0 [ 783.495673][T13579] netlink: 80 bytes leftover after parsing attributes in process `syz.5.3153'. [ 783.505724][T13579] unsupported nla_type 115 [ 783.972494][T13583] loop0: detected capacity change from 0 to 4096 [ 784.105923][T13583] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512). [ 785.515541][T13599] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3162'. [ 785.527117][T13599] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3162'. [ 786.083898][T13610] netlink: 'syz.7.3167': attribute type 2 has an invalid length. [ 787.302014][T13633] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 788.131092][T13646] netlink: 'syz.4.3183': attribute type 27 has an invalid length. [ 788.764107][T13654] netlink: 'syz.6.3185': attribute type 11 has an invalid length. [ 789.594340][T13670] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 790.044667][ T5849] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 790.244831][ T5849] usb 5-1: Using ep0 maxpacket: 16 [ 790.371848][T13683] netlink: 'syz.5.3200': attribute type 2 has an invalid length. [ 790.383074][T13684] (unnamed net_device) (uninitialized): option lacp_active: invalid value (3) [ 790.534527][ T5849] usb 5-1: New USB device found, idVendor=2770, idProduct=9050, bcdDevice=11.97 [ 790.546976][ T5849] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 790.595040][ T5849] usb 5-1: config 0 descriptor?? [ 790.625994][ T5849] gspca_main: sq905c-2.14.0 probing 2770:9050 [ 791.178915][ T5849] gspca_sq905c: sq905c_read: usb_control_msg failed (-71) [ 791.186554][ T5849] sq905c 5-1:0.0: Reading version command failed [ 791.193324][ T5849] sq905c 5-1:0.0: probe with driver sq905c failed with error -71 [ 791.206439][ T5849] usb 5-1: USB disconnect, device number 19 [ 791.292307][T13689] netlink: 276 bytes leftover after parsing attributes in process `syz.7.3203'. [ 791.940629][T13701] netlink: 'syz.5.3211': attribute type 21 has an invalid length. [ 791.951175][T13701] netlink: 128 bytes leftover after parsing attributes in process `syz.5.3211'. [ 791.961356][T13701] netlink: 'syz.5.3211': attribute type 4 has an invalid length. [ 791.969459][T13701] netlink: 3 bytes leftover after parsing attributes in process `syz.5.3211'. [ 792.518702][T13709] xt_TCPMSS: Only works on TCP SYN packets [ 792.677357][T13707] netlink: 16126 bytes leftover after parsing attributes in process `syz.6.3210'. [ 792.687935][T13707] netlink: 183228 bytes leftover after parsing attributes in process `syz.6.3210'. [ 792.703541][T13713] netlink: 'syz.4.3215': attribute type 2 has an invalid length. [ 794.109208][T13737] loop7: detected capacity change from 0 to 16 [ 794.182113][T13727] loop4: detected capacity change from 0 to 2048 [ 794.211708][T13737] erofs: (device loop7): mounted with root inode @ nid 36. [ 794.264834][T13727] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 795.928519][T13761] loop0: detected capacity change from 0 to 64 [ 796.600705][T13765] syz.6.3241: attempt to access beyond end of device [ 796.600705][T13765] nbd6: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 800.498551][T13842] loop7: detected capacity change from 0 to 16 [ 800.616491][T13842] erofs: (device loop7): mounted with root inode @ nid 36. [ 800.966281][T13849] netlink: 'syz.5.3270': attribute type 21 has an invalid length. [ 800.974542][T13849] IPv6: NLM_F_CREATE should be specified when creating new route [ 800.982699][T13849] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 800.990285][T13849] IPv6: NLM_F_CREATE should be set when creating new route [ 800.997901][T13849] IPv6: NLM_F_CREATE should be set when creating new route [ 801.005430][T13849] IPv6: NLM_F_CREATE should be set when creating new route [ 801.170344][T13852] nfs4: Unexpected value for 'rdma' [ 801.817372][T13860] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 802.766700][T13877] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3283'. [ 803.564619][T13866] loop6: detected capacity change from 0 to 4096 [ 804.073957][T13897] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 804.940687][T13905] netlink: 'syz.0.3291': attribute type 1 has an invalid length. [ 804.950998][T13905] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3291'. [ 805.724819][T13920] loop7: detected capacity change from 0 to 512 [ 805.766886][T13920] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem [ 805.827462][T13920] EXT4-fs (loop7): invalid journal inode [ 805.833421][T13920] EXT4-fs (loop7): can't get journal size [ 806.025077][T13920] EXT4-fs (loop7): 1 truncate cleaned up [ 806.032605][T13920] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 806.495991][T13920] /dev/loop7: Can't open blockdev [ 806.886152][T13943] tmpfs: Unknown parameter '' [ 806.915444][T13941] netlink: 'syz.0.3303': attribute type 16 has an invalid length. [ 806.924616][T13941] netlink: 'syz.0.3303': attribute type 17 has an invalid length. [ 807.465613][ T7319] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 808.161969][T13961] netlink: 'syz.0.3314': attribute type 1 has an invalid length. [ 808.170182][T13961] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.3314'. [ 809.665577][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 809.946060][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 810.455620][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 810.465901][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 810.855235][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 810.944627][T14007] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 0, id = 0 [ 811.002425][T14010] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 0, id = 2 [ 811.023192][T14008] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 0, id = 1 [ 811.049487][T14011] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 0, id = 3 [ 811.170476][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 811.183475][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 811.595295][T14013] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3332'. [ 811.604748][T14013] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3332'. [ 811.673471][T14015] netlink: 64 bytes leftover after parsing attributes in process `syz.7.3331'. [ 812.005183][T14021] netlink: 'syz.5.3335': attribute type 2 has an invalid length. [ 812.774586][ T29] audit: type=1326 audit(812.674:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14031 comm="syz.0.3340" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x0 [ 813.688253][T14044] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3346'. [ 813.829878][T14054] netlink: 140 bytes leftover after parsing attributes in process `syz.5.3350'. [ 813.927171][ T5849] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 814.304779][ T5849] usb 7-1: Using ep0 maxpacket: 32 [ 814.507537][T14063] loop7: detected capacity change from 0 to 1024 [ 814.641796][T14063] fuse: Bad value for 'fd' [ 814.821567][ T5849] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 814.833517][ T5849] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 814.843870][ T5849] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 814.853335][ T5849] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 815.005438][ T5849] usb 7-1: config 0 descriptor?? [ 815.048925][ T5849] hub 7-1:0.0: USB hub found [ 815.218650][ T79] hfsplus: b-tree write err: -5, ino 4 [ 815.494875][ T5849] hub 7-1:0.0: 1 port detected [ 815.701407][ T5849] hub 7-1:0.0: hub_hub_status failed (err = -71) [ 815.710805][ T5849] hub 7-1:0.0: config failed, can't get hub status (err -71) [ 815.791996][ T5849] usbhid 7-1:0.0: can't add hid device: -71 [ 815.798922][ T5849] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 816.086294][ T5849] usb 7-1: USB disconnect, device number 7 [ 818.034761][ T5849] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 818.239697][ T5849] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 818.249219][T14116] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 818.249984][ T5849] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 818.256933][T14116] IPv6: NLM_F_CREATE should be set when creating new route [ 818.257021][T14116] IPv6: NLM_F_CREATE should be set when creating new route [ 818.268410][ T5849] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 818.295257][ T5849] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 818.306279][ T5849] usb 6-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 818.315831][ T5849] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 818.467281][ T5849] usb 6-1: config 0 descriptor?? [ 818.702607][ T5849] hdpvr 6-1:0.0: firmware version 0x0 dated [ 818.709224][ T5849] hdpvr 6-1:0.0: untested firmware, the driver might not work. [ 818.907519][ T5849] hdpvr 6-1:0.0: device init failed [ 818.913187][ T5849] hdpvr 6-1:0.0: probe with driver hdpvr failed with error -12 [ 819.001195][ T5849] usb 6-1: USB disconnect, device number 8 [ 821.331006][T14150] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3395'. [ 821.342498][T14150] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3395'. [ 821.591133][T14157] loop6: detected capacity change from 0 to 1024 [ 821.699325][T14157] syz.6.3394: attempt to access beyond end of device [ 821.699325][T14157] loop6: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 821.713668][T14157] Buffer I/O error on dev loop6, logical block 100663296, async page read [ 821.722732][T14157] syz.6.3394: attempt to access beyond end of device [ 821.722732][T14157] loop6: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 821.736981][T14157] Buffer I/O error on dev loop6, logical block 100663296, async page read [ 822.862772][T14177] QAT: failed to copy from user cfg_data. [ 823.869479][T14191] loop0: detected capacity change from 0 to 1024 [ 824.190980][T14197] No such timeout policy "syz1" [ 825.131885][T14209] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(3) [ 825.138717][T14209] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 825.147678][T14209] vhci_hcd vhci_hcd.0: Device attached [ 825.736560][T14214] vhci_hcd vhci_hcd.0: port 0 already used [ 825.813097][T14212] vhci_hcd: connection closed [ 825.876100][ T60] vhci_hcd: stop threads [ 825.885524][ T60] vhci_hcd: release socket [ 825.890321][ T60] vhci_hcd: disconnect device [ 825.942022][ T29] audit: type=1400 audit(825.904:85): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A2F2F26FFFFFFFFFF pid=14228 comm="syz.6.3425" [ 826.836706][T14245] netlink: 'syz.6.3431': attribute type 1 has an invalid length. [ 826.845012][T14245] netlink: 'syz.6.3431': attribute type 3 has an invalid length. [ 826.853106][T14245] netlink: 224 bytes leftover after parsing attributes in process `syz.6.3431'. [ 826.863145][T14245] NCSI netlink: No device for ifindex 0 [ 828.554884][T14277] netlink: 72 bytes leftover after parsing attributes in process `syz.7.3444'. [ 828.564964][T14277] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3444'. [ 828.574377][T14277] netlink: 72 bytes leftover after parsing attributes in process `syz.7.3444'. [ 830.224533][T14303] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3458'. [ 830.233871][T14303] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3458'. [ 831.317564][ T5797] Bluetooth: hci2: unexpected event for opcode 0x2012 [ 833.027252][T14350] netlink: 416 bytes leftover after parsing attributes in process `syz.7.3480'. [ 833.037735][T14350] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3480'. [ 833.537797][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 833.544687][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 833.765887][T14359] kernel read not supported for file /eth0 (pid: 14359 comm: syz.0.3487) [ 833.786851][ T29] audit: type=1800 audit(833.754:86): pid=14359 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3487" name="eth0" dev="mqueue" ino=35243 res=0 errno=0 [ 834.718076][T14375] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3493'. [ 834.728679][T14375] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3493'. [ 835.018406][T14379] loop7: detected capacity change from 0 to 16 [ 835.087796][T14379] erofs: (device loop7): mounted with root inode @ nid 36. [ 835.457161][ T5797] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 835.465947][ T5797] Bluetooth: hci2: Injecting HCI hardware error event [ 835.475061][ T5797] Bluetooth: hci2: hardware error 0x00 [ 836.133581][T14388] loop6: detected capacity change from 0 to 64 [ 837.556686][T14379] erofs: (device loop7): z_erofs_read_folio: read error -117 @ 8200 of nid 36 [ 837.586320][ T5797] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 837.675866][T14399] loop6: detected capacity change from 0 to 512 [ 837.694836][ T5878] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 837.791391][T14399] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 837.818564][T14399] EXT4-fs (loop6): orphan cleanup on readonly fs [ 837.983215][ T5878] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 837.992953][ T5878] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 838.001502][ T5878] usb 6-1: Product: syz [ 838.006030][ T5878] usb 6-1: Manufacturer: syz [ 838.010866][ T5878] usb 6-1: SerialNumber: syz [ 838.133335][ T5878] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 838.335987][ T5879] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 838.484905][ T5855] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 838.614689][ T5879] usb 5-1: Using ep0 maxpacket: 8 [ 838.617203][T14399] Quota error (device loop6): dq_insert_tree: Quota tree root isn't allocated! [ 838.634511][T14399] Quota error (device loop6): qtree_write_dquot: Error -5 occurred while creating quota [ 838.648292][T14399] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.3504: Failed to acquire dquot type 1 [ 838.848882][T14404] ===================================================== [ 838.856320][T14404] BUG: KMSAN: uninit-value in batadv_get_vid+0x1d4/0x300 [ 838.863578][T14404] batadv_get_vid+0x1d4/0x300 [ 838.868600][T14404] batadv_interface_tx+0x329/0x1cf0 [ 838.874040][T14404] dev_hard_start_xmit+0x247/0xa20 [ 838.879448][T14404] __dev_queue_xmit+0x3562/0x56d0 [ 838.884812][T14404] __bpf_redirect+0x148c/0x1610 [ 838.889848][T14404] bpf_clone_redirect+0x37e/0x500 [ 838.895172][T14404] ___bpf_prog_run+0x13fe/0xe0f0 [ 838.900324][T14404] __bpf_prog_run512+0xc5/0xf0 [ 838.905381][T14404] bpf_test_run+0x546/0xd20 [ 838.910089][T14404] bpf_prog_test_run_skb+0x182f/0x24d0 [ 838.915869][T14404] bpf_prog_test_run+0x5e5/0xa30 [ 838.920969][T14404] __sys_bpf+0x6aa/0xd90 [ 838.925532][T14404] __ia32_sys_bpf+0xa0/0xe0 [ 838.930231][T14404] ia32_sys_call+0x394d/0x4180 [ 838.935327][T14404] __do_fast_syscall_32+0xb0/0x110 [ 838.940662][T14404] do_fast_syscall_32+0x38/0x80 [ 838.945847][T14404] do_SYSENTER_32+0x1f/0x30 [ 838.950569][T14404] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 838.957241][T14404] [ 838.959658][T14404] Uninit was created at: [ 838.964276][T14404] kmem_cache_alloc_node_noprof+0x6bf/0xb80 [ 838.970392][T14404] kmalloc_reserve+0x13d/0x4a0 [ 838.975476][T14404] pskb_expand_head+0x226/0x1a60 [ 838.980625][T14404] skb_ensure_writable+0x496/0x520 [ 838.986057][T14404] bpf_clone_redirect+0x1c5/0x500 [ 838.991265][T14404] ___bpf_prog_run+0x13fe/0xe0f0 [ 838.996567][T14404] __bpf_prog_run512+0xc5/0xf0 [ 839.001494][T14404] bpf_test_run+0x546/0xd20 [ 839.006317][T14404] bpf_prog_test_run_skb+0x182f/0x24d0 [ 839.011988][T14404] bpf_prog_test_run+0x5e5/0xa30 [ 839.017207][T14404] __sys_bpf+0x6aa/0xd90 [ 839.021652][T14404] __ia32_sys_bpf+0xa0/0xe0 [ 839.026481][T14404] ia32_sys_call+0x394d/0x4180 [ 839.031466][T14404] __do_fast_syscall_32+0xb0/0x110 [ 839.036911][T14404] do_fast_syscall_32+0x38/0x80 [ 839.041980][T14404] do_SYSENTER_32+0x1f/0x30 [ 839.046814][T14404] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 839.053374][T14404] [ 839.055931][T14404] CPU: 1 UID: 0 PID: 14404 Comm: syz.0.3506 Not tainted 6.12.0-syzkaller-00971-g158f238aa69d #0 [ 839.066662][T14404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 839.076977][T14404] ===================================================== [ 839.084021][T14404] Disabling lock debugging due to kernel taint [ 839.090429][T14404] Kernel panic - not syncing: kmsan.panic set ... [ 839.096994][T14404] CPU: 1 UID: 0 PID: 14404 Comm: syz.0.3506 Tainted: G B 6.12.0-syzkaller-00971-g158f238aa69d #0 [ 839.109111][T14404] Tainted: [B]=BAD_PAGE [ 839.113380][T14404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 839.123600][T14404] Call Trace: [ 839.126997][T14404] [ 839.130045][T14404] dump_stack_lvl+0x216/0x2d0 [ 839.134951][T14404] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 839.140965][T14404] dump_stack+0x1e/0x30 [ 839.145343][T14404] panic+0x4e2/0xcf0 [ 839.149479][T14404] ? kmsan_get_metadata+0xe1/0x1c0 [ 839.154792][T14404] kmsan_report+0x2c7/0x2d0 [ 839.159485][T14404] ? is_module_text_address+0x1b3/0x250 [ 839.165220][T14404] ? __msan_warning+0x95/0x120 [ 839.170207][T14404] ? batadv_get_vid+0x1d4/0x300 [ 839.175277][T14404] ? batadv_interface_tx+0x329/0x1cf0 [ 839.180885][T14404] ? dev_hard_start_xmit+0x247/0xa20 [ 839.186379][T14404] ? __dev_queue_xmit+0x3562/0x56d0 [ 839.191783][T14404] ? __bpf_redirect+0x148c/0x1610 [ 839.197000][T14404] ? bpf_clone_redirect+0x37e/0x500 [ 839.202390][T14404] ? ___bpf_prog_run+0x13fe/0xe0f0 [ 839.207730][T14404] ? __bpf_prog_run512+0xc5/0xf0 [ 839.212837][T14404] ? bpf_test_run+0x546/0xd20 [ 839.217722][T14404] ? bpf_prog_test_run_skb+0x182f/0x24d0 [ 839.223573][T14404] ? bpf_prog_test_run+0x5e5/0xa30 [ 839.228860][T14404] ? __sys_bpf+0x6aa/0xd90 [ 839.233488][T14404] ? __ia32_sys_bpf+0xa0/0xe0 [ 839.238365][T14404] ? ia32_sys_call+0x394d/0x4180 [ 839.243539][T14404] ? __do_fast_syscall_32+0xb0/0x110 [ 839.249056][T14404] ? do_fast_syscall_32+0x38/0x80 [ 839.254316][T14404] ? do_SYSENTER_32+0x1f/0x30 [ 839.259228][T14404] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 839.265974][T14404] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 839.271975][T14404] ? do_SYSENTER_32+0x1f/0x30 [ 839.276889][T14404] ? filter_irq_stacks+0x60/0x1a0 [ 839.282144][T14404] ? kmsan_get_metadata+0x13e/0x1c0 [ 839.287531][T14404] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 839.293547][T14404] ? batadv_interface_tx+0xc6/0x1cf0 [ 839.299073][T14404] ? filter_irq_stacks+0x60/0x1a0 [ 839.304352][T14404] ? kmsan_get_metadata+0x13e/0x1c0 [ 839.309816][T14404] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 839.315823][T14404] __msan_warning+0x95/0x120 [ 839.320636][T14404] batadv_get_vid+0x1d4/0x300 [ 839.325524][T14404] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 839.331536][T14404] batadv_interface_tx+0x329/0x1cf0 [ 839.336985][T14404] ? __pfx_batadv_interface_tx+0x10/0x10 [ 839.342849][T14404] ? __pfx_batadv_interface_tx+0x10/0x10 [ 839.348717][T14404] dev_hard_start_xmit+0x247/0xa20 [ 839.354055][T14404] __dev_queue_xmit+0x3562/0x56d0 [ 839.359291][T14404] ? kmsan_get_metadata+0x13e/0x1c0 [ 839.364684][T14404] ? __dev_queue_xmit+0x355/0x56d0 [ 839.370037][T14404] __bpf_redirect+0x148c/0x1610 [ 839.375127][T14404] ? kmsan_get_metadata+0x13e/0x1c0 [ 839.380516][T14404] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 839.386522][T14404] bpf_clone_redirect+0x37e/0x500 [ 839.391757][T14404] ___bpf_prog_run+0x13fe/0xe0f0 [ 839.396950][T14404] __bpf_prog_run512+0xc5/0xf0 [ 839.401903][T14404] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 839.408475][T14404] ? kmsan_get_metadata+0x13e/0x1c0 [ 839.413856][T14404] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 839.419854][T14404] ? do_softirq+0x3d/0x100 [ 839.424620][T14404] ? filter_irq_stacks+0x60/0x1a0 [ 839.429878][T14404] ? kmsan_get_metadata+0x13e/0x1c0 [ 839.435263][T14404] ? kmsan_get_metadata+0x13e/0x1c0 [ 839.440650][T14404] ? kmsan_get_metadata+0x13e/0x1c0 [ 839.446035][T14404] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 839.452044][T14404] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 839.458043][T14404] ? __pfx___bpf_prog_run512+0x10/0x10 [ 839.463689][T14404] bpf_test_run+0x546/0xd20 [ 839.468405][T14404] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 839.474967][T14404] ? kmsan_get_metadata+0x13e/0x1c0 [ 839.480348][T14404] ? bpf_test_run+0x3af/0xd20 [ 839.485263][T14404] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 839.491275][T14404] bpf_prog_test_run_skb+0x182f/0x24d0 [ 839.496996][T14404] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 839.503042][T14404] bpf_prog_test_run+0x5e5/0xa30 [ 839.508165][T14404] __sys_bpf+0x6aa/0xd90 [ 839.512652][T14404] __ia32_sys_bpf+0xa0/0xe0 [ 839.517365][T14404] ia32_sys_call+0x394d/0x4180 [ 839.522360][T14404] __do_fast_syscall_32+0xb0/0x110 [ 839.527710][T14404] ? irqentry_exit+0x16/0x60 [ 839.532513][T14404] do_fast_syscall_32+0x38/0x80 [ 839.537583][T14404] do_SYSENTER_32+0x1f/0x30 [ 839.542305][T14404] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 839.548887][T14404] RIP: 0023:0xf7fd6579 [ 839.553098][T14404] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 839.572918][T14404] RSP: 002b:00000000f575655c EFLAGS: 00000206 ORIG_RAX: 0000000000000165 [ 839.581528][T14404] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000080 [ 839.589657][T14404] RDX: 000000000000002c RSI: 0000000000000000 RDI: 0000000000000000 [ 839.597779][T14404] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 839.605904][T14404] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 839.614024][T14404] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 839.622160][T14404] [ 839.625716][T14404] Kernel Offset: disabled [ 839.630104][T14404] Rebooting in 86400 seconds..