last executing test programs: 16.77574457s ago: executing program 1 (id=3457): r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000340), 0x103000, 0x0) fcntl$setstatus(r0, 0x4, 0x800) 15.339284076s ago: executing program 1 (id=3464): r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) sendmmsg(r0, &(0x7f0000002480)=[{{&(0x7f0000000080)=@nl=@kern={0x21}, 0x80, 0x0, 0x0, &(0x7f0000002540)=ANY=[@ANYBLOB="7c00000007010000c80e000035390b384bf6a3a602a5e4beafc10277c4921d30d08518b77ce3e4ad0e8065b78ab0c3175554a78d4bd9b708345502a8beb40b8cd7aac223d842872bd5926d066cf2f8ba021126f33d572b86f80b84ae4a6d866ac7bf335d636d74ed186249653a6b6e9545a200a532a3b8ae2d01acc20c0000000f00000009000000d40000001100000007000000898a0503da8b7afcfb1f9b443a46b05c24a8350b196a52b88913968c63b3667ba0899a7948ed8cb0f0b3b43885fc72c5679c4a50005431adeb930c5297089c42dfb0849d94d714bf21b4ed1d9bdd40391e3dc1ad17faafcebead6153f86f333659590eb28fb74f2331e108860355e77812620789f4df1141a75a3db9da6f5e8e2888b093f106e25c660cc6d9475b985494258dcb1391aa88dfee7b576e44718d754342df4d16e2563eb7efdc40d7f3a7d4ce5068ca5f48dccff989b2613841c9cf9e30315235f7470c10"], 0x1168}}], 0x1, 0x0) 12.456039754s ago: executing program 1 (id=3478): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000003200), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000003240)=0x1d) 11.210969308s ago: executing program 1 (id=3484): r0 = io_uring_setup(0x327b, &(0x7f0000000200)) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, 0x0, 0x0) 4.529536034s ago: executing program 2 (id=3522): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x4c, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_MLD_VERSION={0x5, 0x2c, 0x1}, @IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x8}, @IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x4c}}, 0x54) 3.792998547s ago: executing program 2 (id=3525): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="6c00000002060104db406e3e0004000200000000100003006269746d61703a706f72740005000400000000000900020073797a32000000000500050000006c000500010006000000240007"], 0x6c}}, 0x0) 3.727497379s ago: executing program 4 (id=3526): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f0000000440)={[{@shortname_mixed}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@uni_xlateno}, {@uni_xlate}, {@fat=@check_strict}, {@numtail}, {@utf8no}, {@fat=@errors_continue}, {@utf8}, {@fat=@check_strict}, {@shortname_mixed}, {@utf8no}, {@shortname_win95}, {@fat=@codepage={'codepage', 0x3d, '850'}}, {@utf8no}, {@rodir}, {@shortname_win95}]}, 0x6, 0x2cb, &(0x7f0000001040)="$eJzs3T9rJGUYAPBnksnsngq7hZUIDmhhdVyutdkgFxBTeaRQCw3eHcjuItxBwD+4XmVrY2HhJxAEP4iN30CwFew85eCVmZ1hJ5fdNRvciN7v1+Thfd9n3mcmL8mkyLPvvzgd3ynj3sPPfo5+P4udUYziURbD2InWF3HG6KsAAP7LHqUUv6W5lYueOz+URUR/u6UBAFuy+vd/2YnzRfjDlZUGAGzJ7bffefPg6OjWW2XZj8Ppl6fH1V/21df5/MG9+DAmcTduxCAeR9QvCntRvy1U4WFKaZaXlWG8Mp2dHleZ0/d+bK5/8GtEnb8fgxjWQymlvA3S4RtHt/bLuU7+rKrjmWb/UZV/MwbxfLN/87bS5t9ckh/HRbz6cqf+6zGInz6Ij2ISd+q9F/mf75fl6+nr3z99t6qqys9mp8e9et1C2r3SbwwAAAAAAAAAAAAAAAAAAAAAAP9r15veOb0oh3/OewA2/Xd2H1fze1G2hmf788zzs/ZC3f5AKaVZim/b/jo3yrJMzcJFfh4v5N3GggAAAAAAAAAAAAAAAAAAAPD0evDxJ+OTyeTu/UsH12Ix0nYDyCPij9sRl73yqDPyUtRBvqrUXrPnyWSy04Rn1+Tdkdht12QRa8uobuLyj2W8yeJr52pugu++33T3/t+v2Vu+1z8ZtKdrfJItf4a9aEf6zSH5pojOQSrignsVq6ZSbHL8iqVTg43vvXi2DmZr1kS2rrDXfpk/uWYke/IuivqpLk3fa4JO+hNn40LnOfrz9PM/KzLdOgAAAAAAAAAAAAAAAAAAYKsW//27ZPLh2tSd1NtaWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwpRaf/79BMGuSL7C4iPsP/uVbBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CnwVwAAAP//NnNahw==") openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0) 3.344619663s ago: executing program 3 (id=3527): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) unshare(0x0) 3.321811768s ago: executing program 1 (id=3528): syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=']) 3.270464174s ago: executing program 0 (id=3529): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000380)={0x2, @long}, 0x14) 3.198451524s ago: executing program 2 (id=3530): r0 = socket$packet(0x11, 0x2, 0x300) sendmmsg(r0, &(0x7f0000005d40)=[{{&(0x7f0000000180)=@can={0x1d, 0x0, 0x81000000}, 0x80, 0x0}}], 0x1, 0x0) 2.544796993s ago: executing program 0 (id=3531): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_proto_private(r0, 0x89e7, 0x0) 2.529531439s ago: executing program 2 (id=3532): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005580)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSETELEM={0x2c, 0x1d, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x74}}, 0x0) 2.469856328s ago: executing program 3 (id=3533): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000006c0)=@mangle={'mangle\x00', 0x10, 0x6, 0x5dc, 0x0, 0x190, 0x44c, 0x0, 0x35c, 0x514, 0x514, 0x514, 0x514, 0x514, 0x6, 0x0, {[{{@ipv6={@local, @ipv4={'\x00', '\xff\xff', @loopback}, [], [], 'bridge0\x00', 'veth0_to_bond\x00'}, 0x0, 0xa4, 0xc8, 0x0, {0x7a00000000000000}}, @HL={0x24}}, {{@uncond, 0x0, 0xa4, 0xc8}, @unspec=@CHECKSUM={0x24}}, {{@uncond, 0x0, 0xa4, 0x1cc}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:tmpreaper_exec_t:s0\x00'}}}, {{@ipv6={@private0, @mcast1, [], [], 'team0\x00', 'geneve1\x00'}, 0x0, 0xc8, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @common=@inet=@SET1={0x28}}, {{@ipv6={@local, @empty, [], [], 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0xa4, 0xc8}, @HL={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x638) 2.363773003s ago: executing program 4 (id=3534): r0 = socket$rxrpc(0x21, 0x2, 0x2) connect$rxrpc(r0, &(0x7f0000000240)=@in4={0x21, 0x0, 0x2, 0x2, {0x10, 0x0, @broadcast}}, 0x24) 2.32513771s ago: executing program 3 (id=3535): mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount$afs(&(0x7f0000000040)=@cell={0x25, 'syz1:', 'syz1', '.readonly'}, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@flock_strict}, {@dyn}, {@flock_write}, {}]}) 2.152278364s ago: executing program 3 (id=3536): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000140)={0x2c, 0x1, 0x0, "1c1bebdaf2f20d55806b26b1d750185fd75a206da058e8fc42466ab1439b1cc2"}) 2.102504572s ago: executing program 0 (id=3537): r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) bind$llc(r0, &(0x7f0000000040)={0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, @random="51fbd77274b5"}, 0x10) 2.024777516s ago: executing program 4 (id=3538): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x6}, {}, {}, {0xffffffff}, 0x0, 0x3f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}) 1.652245524s ago: executing program 2 (id=3539): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000080000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000021440011800a0001"], 0xc8}}, 0x0) 1.433093883s ago: executing program 4 (id=3540): mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0) msgrcv(0x0, &(0x7f00000005c0)={0x0, ""/181}, 0xbd, 0x2, 0x6cb8f5c944b2cd75) 1.396315383s ago: executing program 0 (id=3541): r0 = openat$vimc1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0f8565c, &(0x7f0000000900)={0x0, 0x81, 0x2, {0x8, @sdr={0x32314d48, 0x8}}}) 1.140528857s ago: executing program 1 (id=3542): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0x400c620e, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.052775926s ago: executing program 3 (id=3543): r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r0, 0x10d, 0xbd, 0x0, &(0x7f0000000240)) 1.036970011s ago: executing program 4 (id=3544): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) setfsuid(0x0) 826.646418ms ago: executing program 0 (id=3545): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000080)={@hyper}) 319.6448ms ago: executing program 4 (id=3546): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f00000004c0)={0x1, 0x1, 0x1000000c, 0x12, 0x10003, &(0x7f0000000a40)}) 242.853483ms ago: executing program 3 (id=3547): r0 = socket(0x2, 0x80805, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000000)={0x0, 0x4}, 0xc) 29.250279ms ago: executing program 2 (id=3548): mknod$loop(&(0x7f00000017c0)='./file0\x00', 0x2480, 0x1) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) 0s ago: executing program 0 (id=3549): syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000e00)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYRES32=0x0], 0x1, 0xabb, &(0x7f0000000340)="$eJzs3U2MW0fhAPCxd73JJuk/Tv8JXdLQJhTa8tFNs1nCRwRJlQiJqKkQl0oVlyhNS0QIEkUCqkokOXGjVRUkTnyIUy9VQUj0gqKeuFSikSqkngoHDkRBVOIAgcQo3hmvPbHzbO/Hs9e/nzQ7njfzPPO8z8/vcyYAE6va/Lu4OFcJ4fKbrx7/28N/nb095UirRL35d7otVQshVGJ6Onu/96eW4psfvHS6W1wJC82/KR2eut6ad2sI4ULYG66Eeth9+eorby88efLiiUv73nnt8LW1WXoAAJgsX71yeHHXn/94/44brz9wNGxqTU/75/WY3hb3+4/GHf+0/18NnelKW2g3k5WbjqE621luqku59npqWbnpHvXPZPXXepTbFO5e/1TbtG7LDeMsrcf1UKnOd6Sr1fn5pWPy0Dyun6nMnz977rkXSmoosOr++WAIYW9bOHapMz1q4cgItGHI0BiBNoxlOLp+dd1oLCl9mdcpNLaXvQUCWJJfL7zDhfzMwsq03m26v/qvP1HtPj+sgvVe/weqf6bk+sPk1p+2Or+6aIvD6tmoa1NarvQ92hbT+XWE/P6l3t///EpH59T8ekStz3b2uo4wLtcXerVzap3bMaxe7c/Xi43qizFOn8OXsvz270/+Px2X/zHQ3b/y8/+TEGoj0AZBGDaEjnRtJe/VKHn7A4yu/L65Rro+GuX39eX5mwryNxfkzxbkbynI31qQD5PsN9/9cXi5snycnx/TD3o+PJ1nuyfG/zdge/LzkYPWn9/3O6iV1p/fTwyj7Hennj7zuWefubp0/3+ltf7fiut7Otyox+/WlVggnS/Mz6u37v2vd9ZT7VHu3qw993Qp33y9s7NcZefy+4S27cwd7ZjrnG97Xm5bLLens1w9Kzcbw+asvfn+yZZsvrT/kbar6fOazpa3li3HTNaOtF3ZEeO8HTCMtD72uv8/rZ9zoVZ57uy5M4/HdFpP/zBV23R7+oF1bjewcv0+/zMXOp//mWlNr1Xbtwvbl6dXlrYLb8T365y+0Kqnc/rBmE6/c9+Ymm1Onz/97XPPrv7iw0R74QcvfvPUuXNnvuPF0C++PBrNGORFOmwZlfas9YvJWdJVe1HyhglYc/t/uLQT8NjZb516/szzZ84fPHTo4MLCoc8fXNzf3K/f37533+5CCa0FVtPyj37ZLQEAAAAAAAAAAAD69b0Tx6+++9Zn31t6/n/5+b/0/H+68zc9//+j7Pn//Dn59Bx8eg5wR5f8Zpmsg9WZrFwthv/P2rszq2dXNt+HYtwaxy8+/5+qy/t1Te25L5te65HMuhO4o7+UmawPkny8wI/G+FKMfxmgRJXZ7pNjXNS/dVrXU/8Ubf1SNPQPPD7S/y2tDakfk/T8d9d+ndr+2TvWoY2svvV4nLDsZQS6+/tE9f/9j+UFL70tGyVMj8l73iX8dHLXiUbPvfR+R7ABWB1lj/+Zznum+Pzvv7L5dkjFrj/Rub3M+y+FQfzp3c70qI4/uV715+P2rXf9ZS9/Uf2rPf5na/y7vrd/2Yh59eHq/ffPrr3XVm3Y3W/9+fKnfqB3Dlb/jVh/WppHQn/1N36R1Z9fEOrTf7L6t/RZ/x3Lv2e4+v8b608f26MP9Vv/Uosr1c525OeN0/W//LxxcjNb/tS3513q/9qL3ZZ/yIEab8X6YZKNyzizg8r2I1o77cOP/xtdWN3xf1uNzTZr+X0Yn4nptCFO9znk450M2v50f0X6HdiVvX+l4PfN+L/j7QsxLvo+pPF/0/pYjz/5benmZ5nStS6f7Ubd1sC4en+irv+NRdg8Am0Q+g+NqSHma40TV3L7G43G2p7QKlBq5ZT++Zd9nFB2/WV//kXy8X/zffh8/N88Px//N8/Px//N82fjf6hXfj7+b/555uP/5vn3Ze+bjw88V5D/4YL83d3zW4ft9xfMv6cg/yMF+fta+Uc6SqT8Bwrmf7Ag/96C/IcK8j9WkP/xgvyHC/IfbctvHwM65X+iYP6NLj2PMqnLD5Msfz7P9x8mR7r+0+v7v7MgHxhfP3n9wLFnfv31+tLz/zOt8yHpOt7RmK7F46fvx3R+3Tu0pW/nvRXTf8nyR/18B0ySvP+M/Pf9kYJ8YHyl+7x8v2ECVTZ3nxzjon6reu3nM14+GeNPxfjTMX4sxvMx3h/jAzFeWKf2sTaOvfHbwy9Xlo/3t2f5/d5Pnj8P1NFPVAjhYJ/tyc8PDHo/e96P36BWWv+Qj4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACUptr8u7g4Vwnh8puvHn/65Nn9t6ccaZWoN/9Ot6VqrflCeDzGUzH+eXxx84OXTrfHt2JcCQuhEiqt6eGp662atoYQLoS94Uqoh92Xr77y9sKTJy+euLTvndcOX1u7TwAAAAA2vv8FAAD//xEiDi0=") syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): #13: comm syz.0.1666: invalid indirect mapped block 1819239214 (level 1) [ 469.814129][ T9006] EXT4-fs (loop0): 1 truncate cleaned up [ 469.834991][ T9006] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 470.055616][ T5323] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 470.065038][ T5323] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 895 [ 470.080227][ T5323] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 470.091881][ T5323] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0 [ 470.183525][ T9023] ieee802154 phy0 wpan0: encryption failed: -22 [ 470.225909][ T5323] usb 2-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice= 0.00 [ 470.236404][ T5323] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 470.245003][ T5323] usb 2-1: SerialNumber: syz [ 470.268293][ T5191] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 470.302030][ T5323] usb 2-1: config 0 descriptor?? [ 470.311768][ T9017] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 470.377009][ T5323] port100 2-1:0.0: NFC: Could not get supported command types [ 470.708269][ T9031] binder: BC_ACQUIRE_RESULT not supported [ 470.714394][ T9031] binder: 9030:9031 ioctl c0306201 20000040 returned -22 [ 471.265951][ T5323] usb 2-1: USB disconnect, device number 15 [ 471.358115][ T9035] loop2: detected capacity change from 0 to 512 [ 471.423051][ T9035] EXT4-fs: Ignoring removed oldalloc option [ 471.429935][ T9035] EXT4-fs: Ignoring removed orlov option [ 471.504854][ T9035] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 471.513297][ T9035] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c09c, mo2=0002] [ 471.558144][ T9035] EXT4-fs (loop2): couldn't mount RDWR because of unsupported optional features (80) [ 471.568066][ T9035] EXT4-fs (loop2): Skipping orphan cleanup due to unknown ROCOMPAT features [ 471.579042][ T9035] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 471.734910][ T9035] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 471.752001][ T9035] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it [ 471.764090][ T9035] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1680: Corrupt directory, running e2fsck is recommended [ 471.974901][ T5201] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 472.414731][ T9054] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0. [ 472.482288][ T5323] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 472.655482][ T5323] usb 2-1: Using ep0 maxpacket: 8 [ 472.672942][ T5323] usb 2-1: config index 0 descriptor too short (expected 6427, got 27) [ 472.681727][ T5323] usb 2-1: config 0 has an invalid interface number: 21 but max is 0 [ 472.690415][ T5323] usb 2-1: config 0 has no interface number 0 [ 472.696771][ T5323] usb 2-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 472.708751][ T5323] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 472.720302][ T5323] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 472.730605][ T5323] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 472.744833][ T5323] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 472.979680][ T5323] usb 2-1: config 0 descriptor?? [ 473.080417][ T5251] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 473.359747][ T5251] usb 1-1: Using ep0 maxpacket: 8 [ 473.393406][ T5251] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 473.409524][ T5251] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 473.423071][ T5251] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 473.434612][ T5251] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 473.445155][ T5251] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 473.488637][ T5323] usb 2-1: USB disconnect, device number 16 [ 473.503007][ T5251] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 473.512589][ T5251] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 473.525610][ T5251] usb 1-1: Product: syz [ 473.530011][ T5251] usb 1-1: Manufacturer: syz [ 473.536528][ T5251] usb 1-1: SerialNumber: syz [ 473.551427][ T5251] usb 1-1: config 0 descriptor?? [ 473.844804][ T5251] radio-si470x 1-1:0.0: DeviceID=0x6465 ChipID=0x7669 [ 473.862250][ T9068] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1694'. [ 474.109821][ T5251] radio-si470x 1-1:0.0: si470x_get_report: usb_control_msg returned -71 [ 474.118878][ T5251] radio-si470x 1-1:0.0: si470x_get_scratch: si470x_get_report returned -71 [ 474.128948][ T5251] radio-si470x 1-1:0.0: probe with driver radio-si470x failed with error -5 [ 474.571019][ T5251] usb 1-1: USB disconnect, device number 7 [ 475.125856][ T5323] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 475.332060][ T5323] usb 4-1: Using ep0 maxpacket: 8 [ 475.349375][ T5323] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 475.361678][ T5323] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 475.371828][ T5323] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 475.381988][ T5323] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 30 [ 475.392419][ T5323] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 475.408117][ T5323] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 475.581322][ T5323] usb 4-1: config 0 descriptor?? [ 475.595910][ T9075] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 476.001171][ T5208] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 476.425641][ T5323] usb 4-1: USB disconnect, device number 14 [ 477.047203][ T9113] loop1: detected capacity change from 0 to 8 [ 477.310821][ T9114] loop0: detected capacity change from 0 to 1024 [ 477.892310][ T3883] hfsplus: b-tree write err: -5, ino 4 [ 477.949235][ T9125] netlink: 105084 bytes leftover after parsing attributes in process `syz.2.1722'. [ 477.962839][ T9125] netlink: 31 bytes leftover after parsing attributes in process `syz.2.1722'. [ 478.241205][ T9128] openvswitch: netlink: IP tunnel attribute has 2 unknown bytes. [ 478.463864][ T9131] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1727'. [ 478.823347][ T9140] netlink: 'syz.1.1728': attribute type 4 has an invalid length. [ 479.590177][ T9154] loop1: detected capacity change from 0 to 256 [ 479.854535][ T9160] xt_CT: You must specify a L4 protocol and not use inversions on it [ 480.300944][ T9165] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1741'. [ 480.374725][ T9168] binder: 9167:9168 ioctl c0306201 20000100 returned -22 [ 480.897552][ T9176] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1746'. [ 481.092999][ T9178] loop0: detected capacity change from 0 to 764 [ 481.107824][ T9170] loop2: detected capacity change from 0 to 2048 [ 481.250537][ T9178] rock: directory entry would overflow storage [ 481.257013][ T9178] rock: sig=0x4654, size=5, remaining=4 [ 481.432840][ T9170] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 481.634647][ T9184] loop1: detected capacity change from 0 to 256 [ 481.964499][ T9190] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1752'. [ 482.793977][ T9198] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1757'. [ 483.669554][ T9184] FAT-fs (loop1): Directory bread(block 64) failed [ 483.676630][ T9184] FAT-fs (loop1): Directory bread(block 65) failed [ 483.683603][ T9184] FAT-fs (loop1): Directory bread(block 66) failed [ 483.691462][ T9184] FAT-fs (loop1): Directory bread(block 67) failed [ 483.700823][ T9184] FAT-fs (loop1): Directory bread(block 68) failed [ 483.708096][ T9184] FAT-fs (loop1): Directory bread(block 69) failed [ 483.715081][ T9184] FAT-fs (loop1): Directory bread(block 70) failed [ 483.725743][ T9184] FAT-fs (loop1): Directory bread(block 71) failed [ 483.733767][ T9184] FAT-fs (loop1): Directory bread(block 72) failed [ 483.740744][ T9184] FAT-fs (loop1): Directory bread(block 73) failed [ 483.771349][ T5323] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 483.987898][ T5323] usb 1-1: Using ep0 maxpacket: 8 [ 484.038749][ T5323] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 484.050354][ T5323] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 484.065217][ T5323] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 484.077295][ T5323] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 30 [ 484.087679][ T5323] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 484.097228][ T5323] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.237815][ T5323] usb 1-1: config 0 descriptor?? [ 484.273070][ T9211] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 484.685027][ T5275] usb 1-1: USB disconnect, device number 8 [ 484.724827][ T5208] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 484.851823][ T9228] Unsupported ieee802154 address type: 0 [ 486.083474][ T9244] netlink: 'syz.3.1778': attribute type 4 has an invalid length. [ 486.091985][ T9244] netlink: 'syz.3.1778': attribute type 3 has an invalid length. [ 486.099940][ T9244] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1778'. [ 486.437699][ T9248] netlink: 'syz.1.1781': attribute type 1 has an invalid length. [ 486.785732][ T9257] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1786'. [ 486.930929][ T9258] Cannot find del_set index 0 as target [ 487.304168][ T9265] netlink: 'syz.2.1789': attribute type 30 has an invalid length. [ 487.953398][ T5323] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 488.164851][ T5323] usb 5-1: Using ep0 maxpacket: 8 [ 488.190978][ T5323] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 488.202774][ T5323] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 488.212732][ T5323] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 488.223345][ T5323] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 30 [ 488.233655][ T5323] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 488.243131][ T5323] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 488.376965][ T9283] loop1: detected capacity change from 0 to 8 [ 488.429577][ T5323] usb 5-1: config 0 descriptor?? [ 488.439612][ T9271] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 489.007232][ T5275] usb 5-1: USB disconnect, device number 8 [ 489.014270][ T5208] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 489.796509][ T9301] xt_addrtype: ipv6 does not support BROADCAST matching [ 490.259059][ T9306] overlayfs: conflicting options: userxattr,redirect_dir=on [ 491.360913][ T9325] cgroup: release_agent respecified [ 492.149058][ T9342] netlink: 'syz.4.1825': attribute type 8 has an invalid length. [ 492.162445][ T9342] netlink: 128124 bytes leftover after parsing attributes in process `syz.4.1825'. [ 493.178809][ T9356] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1831'. [ 493.468949][ T9361] loop0: detected capacity change from 0 to 1024 [ 493.793460][ T9361] Quota error (device loop0): do_check_range: Getting block 64 out of range 1-5 [ 493.802922][ T9361] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 493.813773][ T9361] EXT4-fs error (device loop0): ext4_acquire_dquot:6879: comm syz.0.1835: Failed to acquire dquot type 0 [ 493.943894][ T9361] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 493.959381][ T9361] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #13: comm syz.0.1835: corrupted inode contents [ 494.045859][ T9361] EXT4-fs error (device loop0): ext4_dirty_inode:5984: inode #13: comm syz.0.1835: mark_inode_dirty error [ 494.098139][ T9361] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #13: comm syz.0.1835: corrupted inode contents [ 494.204654][ T9361] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #13: comm syz.0.1835: mark_inode_dirty error [ 494.242357][ T9361] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #13: comm syz.0.1835: corrupted inode contents [ 494.308452][ T9361] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 494.318983][ T9361] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #13: comm syz.0.1835: corrupted inode contents [ 494.335568][ T9361] EXT4-fs error (device loop0): ext4_truncate:4208: inode #13: comm syz.0.1835: mark_inode_dirty error [ 494.348454][ T9361] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 494.385888][ T9361] EXT4-fs (loop0): 1 truncate cleaned up [ 494.395232][ T9361] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 494.613479][ T9361] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 494.623497][ T9382] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1843'. [ 495.111462][ T9386] misc userio: No port type given on /dev/userio [ 495.765330][ T5250] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 495.977382][ T5250] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 495.987622][ T5250] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 495.997780][ T5250] usb 2-1: New USB device found, idVendor=0582, idProduct=d728, bcdDevice=a0.a7 [ 496.007331][ T5250] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 496.136401][ T5250] usb 2-1: config 0 descriptor?? [ 496.535811][ T5323] usb 2-1: USB disconnect, device number 17 [ 496.578079][ T5359] udevd[5359]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 496.662747][ T9406] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 496.732707][ T9411] loop3: detected capacity change from 0 to 64 [ 496.768289][ T9410] overlayfs: conflicting options: userxattr,verity=on [ 496.857861][ T29] audit: type=1800 audit(2000000184.024:31): pid=9411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1857" name="bus" dev="loop3" ino=21 res=0 errno=0 [ 497.453184][ T9417] loop4: detected capacity change from 0 to 2048 [ 497.560677][ T9417] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 498.948158][ T9439] loop4: detected capacity change from 0 to 256 [ 499.554745][ T9415] loop0: detected capacity change from 0 to 8192 [ 499.706123][ T9415] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 499.715386][ T9445] loop2: detected capacity change from 0 to 256 [ 499.765802][ T9415] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 499.774809][ T9415] FAT-fs (loop0): Filesystem has been set read-only [ 499.801543][ T9439] FAT-fs (loop4): Directory bread(block 64) failed [ 499.814349][ T9439] FAT-fs (loop4): Directory bread(block 65) failed [ 499.823052][ T9439] FAT-fs (loop4): Directory bread(block 66) failed [ 499.830526][ T9439] FAT-fs (loop4): Directory bread(block 67) failed [ 499.837431][ T9439] FAT-fs (loop4): Directory bread(block 68) failed [ 499.844410][ T9439] FAT-fs (loop4): Directory bread(block 69) failed [ 499.851534][ T9439] FAT-fs (loop4): Directory bread(block 70) failed [ 499.858309][ T9439] FAT-fs (loop4): Directory bread(block 71) failed [ 499.865466][ T9439] FAT-fs (loop4): Directory bread(block 72) failed [ 499.872507][ T9439] FAT-fs (loop4): Directory bread(block 73) failed [ 500.125157][ T9439] FAT-fs (loop4): error, invalid access to FAT (entry 0x00006c61) [ 500.135087][ T29] audit: type=1800 audit(2000000187.042:32): pid=9439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1871" name="cpu.stat" dev="loop4" ino=1048617 res=0 errno=0 [ 500.942947][ T9457] netlink: 'syz.3.1879': attribute type 11 has an invalid length. [ 501.783988][ T9471] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1887'. [ 501.793352][ T9471] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1887'. [ 501.823739][ T9471] gretap1: entered promiscuous mode [ 501.829196][ T9471] gretap1: entered allmulticast mode [ 501.872960][ T9473] openvswitch: netlink: Key 0 has unexpected len 4 expected 0 [ 502.355994][ T9481] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1892'. [ 502.371301][ T9481] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1892'. [ 505.421277][ T9534] loop3: detected capacity change from 0 to 256 [ 505.434917][ T9526] loop2: detected capacity change from 0 to 2048 [ 505.437312][ T9531] loop4: detected capacity change from 0 to 128 [ 505.506998][ T9529] loop1: detected capacity change from 0 to 1024 [ 505.517429][ T9529] EXT4-fs: Ignoring removed orlov option [ 505.523437][ T9529] EXT4-fs: Ignoring removed nomblk_io_submit option [ 505.629499][ T9529] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e018, mo2=0002] [ 505.677166][ T9529] System zones: 0-1, 3-12 [ 505.741617][ T9531] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 505.778549][ T9529] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 505.823176][ T9529] VFS: Lookup of 'file0' in ext4 loop1 would have caused loop [ 505.886782][ T9540] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 505.950611][ T5202] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 505.963465][ T9526] NILFS (loop2): failed to count free inodes: err=-34 [ 505.967558][ T9534] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d16cac, utbl_chksum : 0xe619d30d) [ 506.019076][ T9534] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000008) [ 506.036683][ T9534] exFAT-fs (loop3): Filesystem has been set read-only [ 506.048303][ T3036] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 507.682923][ T9564] netlink: 'syz.0.1930': attribute type 2 has an invalid length. [ 508.334561][ T9574] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1937'. [ 509.619706][ T29] audit: type=1326 audit(2000000195.801:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9591 comm="syz.1.1945" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x50000 [ 509.642003][ T29] audit: type=1326 audit(2000000195.801:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9591 comm="syz.1.1945" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x50000 [ 509.664387][ T29] audit: type=1326 audit(2000000195.801:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9591 comm="syz.1.1945" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x50000 [ 509.691061][ T29] audit: type=1326 audit(2000000195.801:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9591 comm="syz.1.1945" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x50000 [ 509.714427][ T29] audit: type=1326 audit(2000000195.801:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9591 comm="syz.1.1945" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x50000 [ 509.736683][ T29] audit: type=1326 audit(2000000195.801:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9591 comm="syz.1.1945" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x50000 [ 509.758769][ T29] audit: type=1326 audit(2000000195.801:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9591 comm="syz.1.1945" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x50000 [ 509.780820][ T29] audit: type=1326 audit(2000000195.810:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9591 comm="syz.1.1945" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x50000 [ 509.806258][ T29] audit: type=1326 audit(2000000195.838:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9591 comm="syz.1.1945" exe="/root/syz-executor" sig=0 arch=40000003 syscall=42 compat=1 ip=0xf7fa2579 code=0x50000 [ 509.829269][ T29] audit: type=1326 audit(2000000195.838:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9591 comm="syz.1.1945" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x50000 [ 509.858486][ T9597] loop0: detected capacity change from 0 to 512 [ 510.406702][ T9597] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 510.415933][ T9597] EXT4-fs (loop0): orphan cleanup on readonly fs [ 510.433022][ T9597] EXT4-fs warning (device loop0): ext4_enable_quotas:7097: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 510.451987][ T9597] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 510.475324][ T9597] EXT4-fs error (device loop0): ext4_ext_check_inode:524: inode #13: comm syz.0.1947: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 510.519002][ T9597] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.1947: couldn't read orphan inode 13 (err -117) [ 510.532026][ T5323] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 510.628978][ T9597] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 510.716381][ T5323] usb 3-1: Using ep0 maxpacket: 8 [ 510.743021][ T5323] usb 3-1: config 0 has an invalid interface number: 137 but max is 1 [ 510.751966][ T5323] usb 3-1: config 0 has an invalid interface number: 255 but max is 1 [ 510.760877][ T5323] usb 3-1: config 0 has no interface number 0 [ 510.767216][ T5323] usb 3-1: config 0 has no interface number 1 [ 510.773686][ T5323] usb 3-1: config 0 interface 255 altsetting 1 has an endpoint descriptor with address 0xC6, changing to 0x86 [ 510.785775][ T5323] usb 3-1: config 0 interface 255 altsetting 1 endpoint 0x86 has invalid wMaxPacketSize 0 [ 510.798577][ T9609] xt_CT: You must specify a L4 protocol and not use inversions on it [ 510.810392][ T5323] usb 3-1: config 0 interface 255 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 0 [ 510.820785][ T5323] usb 3-1: config 0 interface 255 has no altsetting 0 [ 510.888666][ T5323] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0069, bcdDevice=6e.55 [ 510.898387][ T5323] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 510.911421][ T5323] usb 3-1: Product: syz [ 510.915846][ T5323] usb 3-1: Manufacturer: syz [ 510.920685][ T5323] usb 3-1: SerialNumber: syz [ 510.932806][ T5323] usb 3-1: config 0 descriptor?? [ 511.008860][ T9611] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1954'. [ 511.020617][ T9597] EXT4-fs error (device loop0): ext4_lookup:1817: inode #2: comm syz.0.1947: deleted inode referenced: 12 [ 511.320211][ T5323] usb 3-1: USB disconnect, device number 10 [ 511.438355][ T5191] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 511.706523][ T9617] xt_TCPMSS: Only works on TCP SYN packets [ 512.921164][ T9632] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1966'. [ 512.930738][ T9632] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1966'. [ 512.940148][ T9632] netlink: 4612 bytes leftover after parsing attributes in process `syz.3.1966'. [ 513.158178][ T9636] loop2: detected capacity change from 0 to 8 [ 513.914352][ T5275] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 513.998198][ T9649] netlink: 'syz.2.1970': attribute type 10 has an invalid length. [ 514.205286][ T5275] usb 5-1: Using ep0 maxpacket: 32 [ 514.242506][ T5275] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 514.252241][ T5275] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 514.299815][ T5275] usb 5-1: config 0 descriptor?? [ 514.316874][ T5275] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 514.941710][ T5275] gspca_nw80x: reg_r err -71 [ 514.946809][ T5275] nw80x 5-1:0.0: probe with driver nw80x failed with error -71 [ 514.989248][ T5275] usb 5-1: USB disconnect, device number 9 [ 517.714810][ C1] hrtimer: interrupt took 185928 ns [ 518.310777][ T5275] usb 2-1: new full-speed USB device number 18 using dummy_hcd [ 518.534744][ T5275] usb 2-1: config 0 has an invalid interface number: 142 but max is 0 [ 518.543490][ T5275] usb 2-1: config 0 has no interface number 0 [ 518.553259][ T5275] usb 2-1: too many endpoints for config 0 interface 142 altsetting 187: 79, using maximum allowed: 30 [ 518.566580][ T5275] usb 2-1: config 0 interface 142 altsetting 187 has 0 endpoint descriptors, different from the interface descriptor's value: 79 [ 518.583835][ T5275] usb 2-1: config 0 interface 142 has no altsetting 0 [ 518.590945][ T5275] usb 2-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 518.601477][ T5275] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 518.751633][ T5275] usb 2-1: config 0 descriptor?? [ 518.805197][ T5275] ums-realtek 2-1:0.142: USB Mass Storage device detected [ 519.088422][ T5323] usb 2-1: USB disconnect, device number 18 [ 520.088519][ T9736] loop4: detected capacity change from 0 to 2048 [ 520.424697][ T9740] loop3: detected capacity change from 0 to 4096 [ 520.442089][ T9736] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 520.472751][ T5359] udevd[5359]: incorrect nilfs2 checksum on /dev/loop4 [ 520.480097][ T9740] NILFS (loop3): invalid segment: Checksum error in segment payload [ 520.488833][ T9740] NILFS (loop3): trying rollback from an earlier position [ 520.613095][ T9740] NILFS (loop3): recovery complete [ 520.623688][ T9745] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 520.626140][ T9746] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 520.688072][ T9736] NILFS error (device loop4): nilfs_check_folio: bad entry in directory #2: directory entry across blocks - offset=0, inode=2, rec_len=1552, name_len=0 [ 520.720913][ T9736] Remounting filesystem read-only [ 520.784425][ T9749] overlayfs: missing 'lowerdir' [ 520.924824][ T9736] NILFS error (device loop4): nilfs_check_folio: bad entry in directory #2: directory entry across blocks - offset=0, inode=2, rec_len=1552, name_len=0 [ 520.945003][ T9752] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 522.472439][ T9772] sctp: [Deprecated]: syz.2.2022 (pid 9772) Use of int in max_burst socket option. [ 522.472439][ T9772] Use struct sctp_assoc_value instead [ 524.176765][ T5275] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 524.364985][ T5275] usb 4-1: Using ep0 maxpacket: 16 [ 524.400439][ T5275] usb 4-1: config 1 has an invalid descriptor of length 32, skipping remainder of the config [ 524.617086][ T5275] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 524.626494][ T5275] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 524.635050][ T5275] usb 4-1: SerialNumber: syz [ 524.725045][ T9806] xt_TPROXY: Can be used only with -p tcp or -p udp [ 524.965410][ T5275] cdc_acm 4-1:1.0: skipping garbage [ 524.970896][ T5275] cdc_acm 4-1:1.0: invalid descriptor buffer length [ 524.977929][ T5275] cdc_acm 4-1:1.0: Control and data interfaces are not separated! [ 524.986565][ T5275] cdc_acm 4-1:1.0: This needs exactly 3 endpoints [ 524.997908][ T5275] cdc_acm 4-1:1.0: probe with driver cdc_acm failed with error -22 [ 525.390484][ T5275] usb 4-1: USB disconnect, device number 15 [ 526.011111][ T9831] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 526.020925][ T9831] overlayfs: missing 'lowerdir' [ 526.031497][ T9828] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 526.634720][ T9840] ipt_ECN: cannot use operation on non-tcp rule [ 526.653682][ T9834] loop2: detected capacity change from 0 to 2048 [ 526.764262][ T9834] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 526.955219][ T9834] syz.2.2051: attempt to access beyond end of device [ 526.955219][ T9834] loop2: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 526.971837][ T9845] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 527.053077][ T9839] loop3: detected capacity change from 0 to 2048 [ 527.142198][ T9834] NILFS error (device loop2): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=72057594037927938, rec_len=0, name_len=0 [ 527.230219][ T9834] NILFS error (device loop2): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=72057594037927938, rec_len=0, name_len=0 [ 527.677760][ T9851] loop4: detected capacity change from 0 to 256 [ 527.872190][ T9853] loop0: detected capacity change from 0 to 512 [ 527.968418][ T9853] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 528.168952][ T9853] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 528.182889][ T9853] ext4 filesystem being mounted at /393/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 528.870319][ T5191] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 530.528350][ T9896] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2080'. [ 530.554899][ T9894] overlayfs: conflicting options: verity=on,redirect_dir=follow [ 530.722505][ T9899] loop4: detected capacity change from 0 to 64 [ 530.950037][ T1246] ieee802154 phy0 wpan0: encryption failed: -22 [ 530.957148][ T1246] ieee802154 phy1 wpan1: encryption failed: -22 [ 531.129174][ T5323] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 531.612123][ T9907] veth3: entered promiscuous mode [ 531.615207][ T5323] usb 4-1: Using ep0 maxpacket: 32 [ 531.654365][ T5323] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 531.665816][ T5323] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 531.676178][ T5323] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 531.685649][ T5323] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 531.777755][ T5323] hub 4-1:4.0: USB hub found [ 531.845057][ T9914] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2088'. [ 531.876484][ T25] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 532.012500][ T5323] hub 4-1:4.0: 2 ports detected [ 532.018847][ T5323] usb 4-1: selecting invalid altsetting 1 [ 532.024991][ T5323] hub 4-1:4.0: Using single TT (err -22) [ 532.069540][ T25] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 532.078185][ T25] usb 5-1: config 0 has no interface number 0 [ 532.084871][ T25] usb 5-1: New USB device found, idVendor=1235, idProduct=0018, bcdDevice=f0.ee [ 532.099006][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 532.151438][ T25] usb 5-1: config 0 descriptor?? [ 532.194540][ T25] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 532.230356][ T5323] hub 4-1:4.0: hub_hub_status failed (err = -71) [ 532.238078][ T5323] hub 4-1:4.0: config failed, can't get hub status (err -71) [ 532.330534][ T5323] usb 4-1: USB disconnect, device number 16 [ 532.386017][ T9919] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2090'. [ 532.395559][ T9919] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2090'. [ 532.423479][ T25] snd-usb-audio 5-1:0.1: probe with driver snd-usb-audio failed with error -2 [ 532.475701][ T25] usb 5-1: USB disconnect, device number 10 [ 532.634552][ T5567] udevd[5567]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.1/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 533.782605][ T9938] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2099'. [ 534.569238][ T29] kauditd_printk_skb: 684 callbacks suppressed [ 534.569317][ T29] audit: type=1400 audit(2000000218.830:727): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=381CD2A12F2F26 pid=9945 comm="syz.2.2105" [ 535.028908][ T9956] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2108'. [ 535.260950][ T9951] loop0: detected capacity change from 0 to 4096 [ 535.293921][ T9951] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 535.661570][ T9962] loop4: detected capacity change from 0 to 256 [ 535.734384][ T9964] xt_hashlimit: max too large, truncated to 1048576 [ 535.741217][ T9964] xt_hashlimit: overflow, try lower: 0/0 [ 535.749332][ T9951] ntfs3(loop0): Failed to load $Extend (-22). [ 535.760494][ T9951] ntfs3(loop0): Failed to initialize $Extend. [ 536.052011][ T9960] loop2: detected capacity change from 0 to 2048 [ 536.681492][ T9971] netlink: 596 bytes leftover after parsing attributes in process `syz.3.2118'. [ 536.945033][ T9977] loop2: detected capacity change from 0 to 1024 [ 537.282429][ T9975] loop4: detected capacity change from 0 to 2048 [ 537.390443][ T9975] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 537.543761][ T9975] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 538.336489][ T9997] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2128'. [ 538.684332][T10003] netlink: 'syz.2.2131': attribute type 11 has an invalid length. [ 538.693473][T10003] netlink: 140 bytes leftover after parsing attributes in process `syz.2.2131'. [ 539.819206][T10021] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2140'. [ 540.229148][T10021] bond3: entered allmulticast mode [ 540.235465][T10021] 8021q: adding VLAN 0 to HW filter on device bond3 [ 540.473621][T10036] loop3: detected capacity change from 0 to 8 [ 540.684422][T10036] SQUASHFS error: zlib decompression failed, data probably corrupt [ 540.692755][T10036] SQUASHFS error: Failed to read block 0x13e: -5 [ 540.700428][T10036] SQUASHFS error: Unable to read metadata cache entry [13c] [ 540.708247][T10036] SQUASHFS error: Unable to read directory block [13c:26] [ 540.798312][T10039] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2147'. [ 542.562213][T10071] loop2: detected capacity change from 0 to 256 [ 542.944877][T10071] FAT-fs (loop2): Directory bread(block 64) failed [ 542.952505][T10071] FAT-fs (loop2): Directory bread(block 65) failed [ 542.967387][T10071] FAT-fs (loop2): Directory bread(block 66) failed [ 542.975397][T10071] FAT-fs (loop2): Directory bread(block 67) failed [ 542.982525][T10071] FAT-fs (loop2): Directory bread(block 68) failed [ 542.989310][T10071] FAT-fs (loop2): Directory bread(block 69) failed [ 542.996523][T10071] FAT-fs (loop2): Directory bread(block 70) failed [ 543.003424][T10071] FAT-fs (loop2): Directory bread(block 71) failed [ 543.010380][T10071] FAT-fs (loop2): Directory bread(block 72) failed [ 543.018884][T10071] FAT-fs (loop2): Directory bread(block 73) failed [ 543.602577][T10079] loop0: detected capacity change from 0 to 1024 [ 543.786001][T10079] hfsplus: bad catalog entry type [ 544.001984][ T11] hfsplus: b-tree write err: -5, ino 4 [ 544.427893][T10094] syz.4.2171: attempt to access beyond end of device [ 544.427893][T10094] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0 [ 545.336458][T10109] netlink: 'syz.3.2179': attribute type 1 has an invalid length. [ 545.345078][T10109] netlink: 83992 bytes leftover after parsing attributes in process `syz.3.2179'. [ 545.955477][T10118] loop1: detected capacity change from 0 to 8 [ 546.092579][T10118] SQUASHFS error: lzo decompression failed, data probably corrupt [ 546.101136][T10118] SQUASHFS error: Failed to read block 0x4ec: -5 [ 546.107680][T10118] SQUASHFS error: Unable to read metadata cache entry [4ea] [ 546.115469][T10118] SQUASHFS error: Unable to read inode 0x20087 [ 547.130495][ T5275] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 547.304383][ T5275] usb 4-1: Using ep0 maxpacket: 32 [ 547.348930][ T5275] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 547.360388][ T5275] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 547.370669][ T5275] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 547.380365][ T5275] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 547.541485][ T5275] usb 4-1: config 0 descriptor?? [ 547.577638][ T5275] hub 4-1:0.0: USB hub found [ 547.808690][ T5275] hub 4-1:0.0: config failed, hub has too many ports! (err -19) [ 548.052838][ T5275] usbhid 4-1:0.0: can't add hid device: -71 [ 548.060634][ T5275] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 548.172509][ T5275] usb 4-1: USB disconnect, device number 17 [ 548.426184][T10151] loop1: detected capacity change from 0 to 2048 [ 548.641361][T10151] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 548.972157][ T5202] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 550.534369][T10187] loop4: detected capacity change from 0 to 256 [ 552.119026][T10187] FAT-fs (loop4): Directory bread(block 64) failed [ 552.126304][T10187] FAT-fs (loop4): Directory bread(block 65) failed [ 552.133240][T10187] FAT-fs (loop4): Directory bread(block 66) failed [ 552.140534][T10187] FAT-fs (loop4): Directory bread(block 67) failed [ 552.147570][T10187] FAT-fs (loop4): Directory bread(block 68) failed [ 552.154340][T10187] FAT-fs (loop4): Directory bread(block 69) failed [ 552.161462][T10187] FAT-fs (loop4): Directory bread(block 70) failed [ 552.165547][T10216] loop0: detected capacity change from 0 to 512 [ 552.168782][T10187] FAT-fs (loop4): Directory bread(block 71) failed [ 552.187067][T10187] FAT-fs (loop4): Directory bread(block 72) failed [ 552.195561][T10187] FAT-fs (loop4): Directory bread(block 73) failed [ 552.306177][T10220] loop3: detected capacity change from 0 to 512 [ 552.322819][T10220] EXT4-fs: Ignoring removed oldalloc option [ 552.351220][T10220] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 552.385272][T10216] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 552.538690][T10220] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2863: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 552.553774][T10220] EXT4-fs (loop3): 1 truncate cleaned up [ 552.563012][T10220] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 552.829953][T10216] Quota error (device loop0): do_check_range: Getting block 514 out of range 1-5 [ 552.847388][T10216] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 552.862482][T10216] EXT4-fs error (device loop0): ext4_acquire_dquot:6879: comm syz.0.2229: Failed to acquire dquot type 1 [ 552.919500][T10216] EXT4-fs (loop0): 1 truncate cleaned up [ 552.927534][T10216] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 552.940704][T10216] ext4 filesystem being mounted at /424/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 552.974558][T10216] Quota error (device loop0): do_check_range: Getting block 514 out of range 1-5 [ 552.984354][T10216] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 552.994179][T10216] EXT4-fs error (device loop0): ext4_acquire_dquot:6879: comm syz.0.2229: Failed to acquire dquot type 1 [ 553.496659][ T5191] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 553.541170][ T5190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 554.758833][T10262] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2249'. [ 554.768169][T10262] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2249'. [ 555.145392][T10269] loop4: detected capacity change from 0 to 128 [ 556.173421][T10282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2259'. [ 556.182802][T10282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2259'. [ 557.590118][T10305] netlink: 288 bytes leftover after parsing attributes in process `syz.1.2271'. [ 558.473346][T10316] VFS: Can't find a romfs filesystem on dev nullb0. [ 558.473346][T10316] [ 558.769340][T10327] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2280'. [ 558.921689][T10326] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2281'. [ 559.009741][ T5275] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 559.254443][ T5275] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 559.264749][ T5275] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 559.278064][ T5275] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 559.290428][ T5275] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 559.788010][ T5275] usb 2-1: New USB device found, idVendor=0bfd, idProduct=010c, bcdDevice=2d.16 [ 559.797567][ T5275] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 559.806898][ T5275] usb 2-1: Product: syz [ 559.811304][ T5275] usb 2-1: Manufacturer: syz [ 559.817034][ T5275] usb 2-1: SerialNumber: syz [ 560.288174][ T5275] usb 2-1: config 0 descriptor?? [ 560.307502][ T5275] kvaser_usb 2-1:0.0: CMD_MAP_CHANNEL_REQ failed for CAN0 [ 560.317660][ T5275] kvaser_usb 2-1:0.0: error -EMSGSIZE: Failed to initialize card [ 560.326285][ T5275] kvaser_usb 2-1:0.0: probe with driver kvaser_usb failed with error -90 [ 560.589087][ T5275] usb 2-1: USB disconnect, device number 19 [ 561.210559][T10356] loop3: detected capacity change from 0 to 2048 [ 561.346208][T10362] afs: Bad value for 'source' [ 561.752133][T10364] loop0: detected capacity change from 0 to 1024 [ 561.968603][T10356] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 562.139000][T10371] netlink: 'syz.2.2303': attribute type 8 has an invalid length. [ 562.192478][ T5190] UDF-fs: warning (device loop3): udf_evict_inode: Inode 1367 (mode 120777) has inode size 157 different from extent length 512. Filesystem need not be standards compliant. [ 562.334525][T10364] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 562.818976][ T5191] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 563.325847][T10393] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2312'. [ 564.000455][T10403] xt_SECMARK: invalid mode: 0 [ 564.006170][T10402] netlink: 'syz.0.2316': attribute type 2 has an invalid length. [ 564.014850][T10402] netlink: 244 bytes leftover after parsing attributes in process `syz.0.2316'. [ 564.394765][T10405] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2318'. [ 564.535029][T10409] AppArmor: change_hat: Invalid input '0' [ 565.039862][T10416] nft_compat: unsupported protocol 133 [ 565.183097][T10420] loop3: detected capacity change from 0 to 128 [ 565.226954][T10420] EXT4-fs: Ignoring removed orlov option [ 565.427785][T10421] loop1: detected capacity change from 0 to 2048 [ 565.511992][T10420] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 565.603399][T10420] ext4 filesystem being mounted at /467/control supports timestamps until 2038-01-19 (0x7fffffff) [ 565.649265][T10420] EXT4-fs error (device loop3): ext4_validate_inode_bitmap:105: comm syz.3.2325: Corrupt inode bitmap - block_group = 0, inode_bitmap = 19 [ 565.723036][T10428] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 565.804602][T10421] NILFS (loop1): error -2 truncating bmap (ino=16) [ 565.913136][T10431] loop2: detected capacity change from 0 to 256 [ 566.172321][ T5190] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 567.425485][T10453] loop0: detected capacity change from 0 to 256 [ 567.434694][T10453] exfat: Deprecated parameter 'namecase' [ 567.902703][T10453] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 569.689010][ T29] audit: type=1326 audit(2000000251.237:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10485 comm="syz.3.2357" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 569.715392][ T29] audit: type=1326 audit(2000000251.237:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10485 comm="syz.3.2357" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 570.712999][T10509] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2365'. [ 570.724037][T10509] (unnamed net_device) (uninitialized): down delay (195) is not a multiple of miimon (83886275), value rounded to 0 ms [ 571.069542][T10518] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2369'. [ 572.249985][T10533] loop0: detected capacity change from 0 to 1024 [ 572.318358][T10533] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 572.375679][T10533] hfsplus: filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. leaving read-only. [ 572.397117][T10542] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for erspan1 [ 573.252187][ T5275] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 573.609152][ T5275] usb 4-1: Using ep0 maxpacket: 8 [ 573.790459][ T5275] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 573.798975][ T5275] usb 4-1: config 0 has no interface number 0 [ 573.805507][ T5275] usb 4-1: config 0 interface 1 has no altsetting 0 [ 574.052367][ T5275] usb 4-1: New USB device found, idVendor=10c4, idProduct=eac1, bcdDevice=70.2f [ 574.062696][ T5275] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 574.071752][ T5275] usb 4-1: Product: syz [ 574.076253][ T5275] usb 4-1: Manufacturer: syz [ 574.081083][ T5275] usb 4-1: SerialNumber: syz [ 574.196484][ T5275] usb 4-1: config 0 descriptor?? [ 574.402068][T10568] xt_connbytes: Forcing CT accounting to be enabled [ 574.409121][T10568] xt_CT: You must specify a L4 protocol and not use inversions on it [ 574.854870][ T5275] i2c-cp2615 4-1:0.1: probe with driver i2c-cp2615 failed with error -22 [ 574.971638][ T5323] usb 4-1: USB disconnect, device number 18 [ 575.075385][T10581] IPv6: Can't replace route, no match found [ 575.819934][T10589] netlink: 'syz.1.2405': attribute type 5 has an invalid length. [ 577.507190][T10624] loop4: detected capacity change from 0 to 64 [ 577.728339][T10629] netlink: 'syz.1.2421': attribute type 39 has an invalid length. [ 577.818777][T10624] Bad inode number on dev loop4: 6 is out of range [ 577.935943][ T5323] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 578.163473][ T5323] usb 1-1: config 0 has an invalid interface number: 182 but max is 1 [ 578.172240][ T5323] usb 1-1: config 0 has an invalid interface number: 9 but max is 1 [ 578.180854][ T5323] usb 1-1: config 0 has no interface number 0 [ 578.187182][ T5323] usb 1-1: config 0 has no interface number 1 [ 578.193732][ T5323] usb 1-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=9c.af [ 578.203190][ T5323] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 578.367064][ T5323] usb 1-1: config 0 descriptor?? [ 578.419526][ T5323] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 578.592023][T10631] loop2: detected capacity change from 0 to 2048 [ 578.789570][T10631] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 578.905615][ T5323] snd-usb-audio 1-1:0.182: probe with driver snd-usb-audio failed with error -2 [ 579.260469][ T5323] usb 1-1: USB disconnect, device number 9 [ 579.536222][ T25] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 579.740865][ T25] usb 2-1: Using ep0 maxpacket: 8 [ 579.804822][ T25] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 579.876852][ T25] usb 2-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 579.886485][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 579.895207][ T25] usb 2-1: SerialNumber: syz [ 579.949934][ T25] usb 2-1: config 0 descriptor?? [ 579.986018][ T25] usb 2-1: Found UVC 0.00 device (05ac:8501) [ 579.993535][ T25] uvcvideo 2-1:0.0: Entity type for entity Output 255 was not initialized! [ 580.002961][ T25] usb 2-1: Failed to create links for entity 255 [ 580.009537][ T25] usb 2-1: Failed to register entities (-22). [ 580.246608][ T25] usb 2-1: USB disconnect, device number 20 [ 580.615476][ T5387] udevd[5387]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.182/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 583.631935][T10707] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2460'. [ 584.281583][T10722] netlink: 228 bytes leftover after parsing attributes in process `syz.3.2467'. [ 586.421210][T10760] binder: binder_mmap: 10759 20000000-20b36000 bad vm_flags failed -1 [ 588.972627][T10805] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«= [ 588.979239][T10805] [U] J"—e:ÀÆ" [ 590.775756][T10828] loop1: detected capacity change from 0 to 1024 [ 590.998870][T10828] hfsplus: extend alloc file! (8192,512,16777719) [ 592.641187][T10862] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2536'. [ 594.267706][T10884] loop2: detected capacity change from 0 to 2048 [ 594.370697][T10884] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 595.294522][T10903] netlink: 'syz.4.2556': attribute type 10 has an invalid length. [ 595.358026][T10903] team0: Port device geneve0 added [ 595.694574][T10911] loop0: detected capacity change from 0 to 64 [ 596.307915][T10920] ipt_ECN: cannot use operation on non-tcp rule [ 597.049449][T10926] loop0: detected capacity change from 0 to 4096 [ 597.060961][T10926] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 597.432253][T10926] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 597.471315][T10926] ntfs3(loop0): Failed to load $Extend (-22). [ 597.478102][T10926] ntfs3(loop0): Failed to initialize $Extend. [ 597.514264][ T1246] ieee802154 phy0 wpan0: encryption failed: -22 [ 597.521466][ T1246] ieee802154 phy1 wpan1: encryption failed: -22 [ 597.569355][T10936] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2571'. [ 597.578787][T10936] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2571'. [ 597.612741][T10926] ntfs3(loop0): ino=5, "/" directory corrupted [ 598.741728][ T5250] usb 4-1: new full-speed USB device number 19 using dummy_hcd [ 599.040737][ T5250] usb 4-1: config index 0 descriptor too short (expected 35577, got 27) [ 599.049568][ T5250] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 599.057845][ T5250] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 599.073827][ T5250] usb 4-1: config 0 has no interface number 0 [ 599.080327][ T5250] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice= 3.e8 [ 599.089655][ T5250] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 599.277794][ T5250] usb 4-1: config 0 descriptor?? [ 599.316893][ T5250] snd_usb_pod 4-1:0.1: Line 6 Pocket POD found [ 599.457666][ T5275] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 599.554642][ T5250] snd_usb_pod 4-1:0.1: endpoint not available, using fallback values [ 599.563828][ T5250] snd_usb_pod 4-1:0.1: invalid control EP [ 599.568966][T10969] netlink: 'syz.1.2588': attribute type 8 has an invalid length. [ 599.570013][ T5250] snd_usb_pod 4-1:0.1: cannot start listening: -22 [ 599.584598][ T5250] snd_usb_pod 4-1:0.1: Line 6 Pocket POD now disconnected [ 599.594723][ T5250] snd_usb_pod 4-1:0.1: probe with driver snd_usb_pod failed with error -22 [ 599.918158][ T5250] usb 4-1: USB disconnect, device number 19 [ 600.000276][ T5275] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 600.010209][ T5275] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 600.018871][ T5275] usb 1-1: Product: syz [ 600.023390][ T5275] usb 1-1: Manufacturer: syz [ 600.028228][ T5275] usb 1-1: SerialNumber: syz [ 600.046097][ T5275] usb 1-1: config 0 descriptor?? [ 600.076040][ T5275] ch341 1-1:0.0: ch341-uart converter detected [ 600.533031][ T5275] usb 1-1: failed to send control message: -71 [ 600.539703][ T5275] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 600.641606][ T5275] usb 1-1: USB disconnect, device number 10 [ 600.650145][ T5275] ch341 1-1:0.0: device disconnected [ 603.364038][T11021] netlink: 9 bytes leftover after parsing attributes in process `syz.4.2611'. [ 603.392831][T11021] gretap0: entered promiscuous mode [ 604.253553][T11035] ªªªªª: renamed from bond_slave_1 (while UP) [ 604.619661][T11015] loop3: detected capacity change from 0 to 4096 [ 604.699408][T11015] ntfs3(loop3): try to read out of volume at offset 0x3fffffc0c00 [ 604.708049][T11015] ntfs3(loop3): try to read out of volume at offset 0x3fffffc0c00 [ 604.716519][T11015] ntfs3(loop3): try to read out of volume at offset 0x3fffffc0c00 [ 604.724859][T11015] ntfs3(loop3): try to read out of volume at offset 0x3fffffc0c00 [ 604.733045][T11015] ntfs3(loop3): try to read out of volume at offset 0x3fffffc1c00 [ 604.741537][T11015] ntfs3(loop3): try to read out of volume at offset 0x3fffffc2c00 [ 604.749883][T11015] ntfs3(loop3): try to read out of volume at offset 0x3fffffc4c00 [ 604.758260][T11015] ntfs3(loop3): try to read out of volume at offset 0x3fffffc8c00 [ 604.772163][T11015] ntfs3(loop3): try to read out of volume at offset 0x3fffffd0c00 [ 604.782940][T11015] ntfs3(loop3): try to read out of volume at offset 0x3fffffe0c00 [ 605.185046][T11046] loop1: detected capacity change from 0 to 128 [ 605.349647][T11046] syz.1.2623: attempt to access beyond end of device [ 605.349647][T11046] loop1: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 605.364031][T11046] Buffer I/O error on dev loop1, logical block 3245768, async page read [ 605.372654][T11046] syz.1.2623: attempt to access beyond end of device [ 605.372654][T11046] loop1: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 605.386984][T11046] Buffer I/O error on dev loop1, logical block 8833403, async page read [ 605.395614][T11046] syz.1.2623: attempt to access beyond end of device [ 605.395614][T11046] loop1: rw=0, sector=26539618, nr_sectors = 2 limit=128 [ 605.409664][T11046] Buffer I/O error on dev loop1, logical block 13269809, async page read [ 605.418587][T11046] syz.1.2623: attempt to access beyond end of device [ 605.418587][T11046] loop1: rw=0, sector=16147212, nr_sectors = 2 limit=128 [ 605.438285][T11046] Buffer I/O error on dev loop1, logical block 8073606, async page read [ 605.449154][T11046] syz.1.2623: attempt to access beyond end of device [ 605.449154][T11046] loop1: rw=0, sector=6491542, nr_sectors = 2 limit=128 [ 605.463192][T11046] Buffer I/O error on dev loop1, logical block 3245771, async page read [ 605.471821][T11046] syz.1.2623: attempt to access beyond end of device [ 605.471821][T11046] loop1: rw=0, sector=17668342, nr_sectors = 2 limit=128 [ 605.486196][T11046] Buffer I/O error on dev loop1, logical block 8834171, async page read [ 605.494904][T11046] syz.1.2623: attempt to access beyond end of device [ 605.494904][T11046] loop1: rw=0, sector=26932834, nr_sectors = 2 limit=128 [ 605.508919][T11046] Buffer I/O error on dev loop1, logical block 13466417, async page read [ 605.517780][T11046] syz.1.2623: attempt to access beyond end of device [ 605.517780][T11046] loop1: rw=0, sector=16147212, nr_sectors = 2 limit=128 [ 605.531845][T11046] Buffer I/O error on dev loop1, logical block 8073606, async page read [ 605.548983][T11046] syz.1.2623: attempt to access beyond end of device [ 605.548983][T11046] loop1: rw=0, sector=6491548, nr_sectors = 2 limit=128 [ 605.562987][T11046] Buffer I/O error on dev loop1, logical block 3245774, async page read [ 605.571729][T11046] syz.1.2623: attempt to access beyond end of device [ 605.571729][T11046] loop1: rw=0, sector=17669878, nr_sectors = 2 limit=128 [ 605.585743][T11046] Buffer I/O error on dev loop1, logical block 8834939, async page read [ 608.124945][T11067] loop0: detected capacity change from 0 to 65 [ 608.228021][T11067] BFS-fs: bfs_fill_super(): NOTE: filesystem loop0 was created with 512 inodes, the real maximum is 511, mounting anyway [ 608.968064][T11071] netlink: 'syz.3.2634': attribute type 1 has an invalid length. [ 608.980375][T11071] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2634'. [ 609.715218][T11073] loop2: detected capacity change from 0 to 1024 [ 610.963608][T11082] loop2: detected capacity change from 0 to 256 [ 611.018039][ T29] audit: type=1326 audit(2000000289.366:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11079 comm="syz.4.2640" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 611.279452][ T29] audit: type=1326 audit(2000000289.421:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11079 comm="syz.4.2640" exe="/root/syz-executor" sig=0 arch=40000003 syscall=139 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 611.302215][ T29] audit: type=1326 audit(2000000289.430:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11079 comm="syz.4.2640" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 611.327537][ T29] audit: type=1326 audit(2000000289.430:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11079 comm="syz.4.2640" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 613.743507][T11099] loop2: detected capacity change from 0 to 64 [ 613.985762][T11102] loop3: detected capacity change from 0 to 64 [ 614.033540][T11099] BFS-fs: bfs_fill_super(): Inode 0x00000032 corrupted on loop2 [ 617.863289][T11122] loop4: detected capacity change from 0 to 1764 [ 618.788639][T11131] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2664'. [ 619.057441][ T51] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 619.076774][ T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 619.114554][ T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 619.156468][ T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 619.212725][ T51] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 619.234979][ T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 619.553367][T11132] lo speed is unknown, defaulting to 1000 [ 621.313526][T11142] netlink: 'syz.0.2668': attribute type 3 has an invalid length. [ 621.321541][T11142] netlink: 'syz.0.2668': attribute type 3 has an invalid length. [ 621.525838][ T51] Bluetooth: hci5: command tx timeout [ 622.333297][T11149] netlink: 'syz.3.2671': attribute type 10 has an invalid length. [ 622.341764][T11149] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2671'. [ 622.354992][T11149] bridge0: port 3(batadv0) entered blocking state [ 622.362145][T11149] bridge0: port 3(batadv0) entered disabled state [ 622.369373][T11149] batadv0: entered allmulticast mode [ 622.378035][T11149] batadv0: entered promiscuous mode [ 622.386461][T11149] bridge0: port 3(batadv0) entered blocking state [ 622.393573][T11149] bridge0: port 3(batadv0) entered forwarding state [ 622.804639][ T1105] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 622.815330][ T1105] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 623.559637][T11132] chnl_net:caif_netlink_parms(): no params data found [ 623.778445][ T51] Bluetooth: hci5: command tx timeout [ 625.732701][T11171] x_tables: duplicate underflow at hook 2 [ 626.014175][ T51] Bluetooth: hci5: command tx timeout [ 626.602419][T11178] xt_bpf: check failed: parse error [ 627.530598][ T29] audit: type=1400 audit(2000000304.614:734): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=11183 comm="syz.2.2686" [ 627.677920][T11132] bridge0: port 1(bridge_slave_0) entered blocking state [ 627.686039][T11132] bridge0: port 1(bridge_slave_0) entered disabled state [ 627.693985][T11132] bridge_slave_0: entered allmulticast mode [ 627.703364][T11132] bridge_slave_0: entered promiscuous mode [ 628.086047][T11132] bridge0: port 2(bridge_slave_1) entered blocking state [ 628.113212][T11132] bridge0: port 2(bridge_slave_1) entered disabled state [ 628.121335][T11132] bridge_slave_1: entered allmulticast mode [ 628.130677][T11132] bridge_slave_1: entered promiscuous mode [ 628.309033][ T51] Bluetooth: hci5: command tx timeout [ 628.888352][T11132] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 628.961559][T11132] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 629.401596][T11202] loop3: detected capacity change from 0 to 512 [ 629.437006][T11132] team0: Port device team_slave_0 added [ 629.454224][T11132] team0: Port device team_slave_1 added [ 629.534195][T11202] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 629.644602][T11202] EXT4-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended [ 629.894039][T11132] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 629.901219][T11132] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 629.927811][T11132] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 630.001421][T11202] EXT4-fs error (device loop3): ext4_orphan_get:1388: comm syz.3.2696: inode #15: comm syz.3.2696: iget: illegal inode # [ 630.075017][T11202] EXT4-fs (loop3): Remounting filesystem read-only [ 630.083777][T11202] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 630.222472][T11132] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 630.229851][T11132] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 630.256605][T11132] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 631.182965][ T5190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 631.236647][T11132] hsr_slave_0: entered promiscuous mode [ 632.050360][T11132] hsr_slave_1: entered promiscuous mode [ 632.069685][T11132] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 632.077803][T11132] Cannot create hsr debugfs directory [ 632.603643][T11219] syz.0.2701: attempt to access beyond end of device [ 632.603643][T11219] nbd0: rw=0, sector=16, nr_sectors = 8 limit=0 [ 632.622875][T11219] REISERFS warning (device nbd0): sh-2006 read_super_block: bread failed (dev nbd0, block 2, size 4096) [ 632.636316][T11219] syz.0.2701: attempt to access beyond end of device [ 632.636316][T11219] nbd0: rw=0, sector=128, nr_sectors = 8 limit=0 [ 632.649655][T11219] REISERFS warning (device nbd0): sh-2006 read_super_block: bread failed (dev nbd0, block 16, size 4096) [ 636.394635][T11242] loop4: detected capacity change from 0 to 1024 [ 638.879787][T11132] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 638.968293][T11248] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2715'. [ 639.109161][T11132] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 639.319149][T11132] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 639.465204][T11132] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 640.086178][T11132] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 640.208100][T11132] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 640.316618][T11132] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 640.393629][T11268] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2722'. [ 640.403183][T11268] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2722'. [ 640.412653][T11268] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2722'. [ 640.490796][T11132] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 641.146950][T11274] loop0: detected capacity change from 0 to 512 [ 641.178900][T11278] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2727'. [ 641.196063][T11274] EXT4-fs: Invalid want_extra_isize 255 [ 641.242972][T11280] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2726'. [ 641.584340][ T5250] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 641.840475][T11282] overlayfs: missing 'lowerdir' [ 641.853942][ T5250] usb 1-1: config 0 has an invalid descriptor of length 141, skipping remainder of the config [ 641.864776][ T5250] usb 1-1: too many endpoints for config 0 interface 0 altsetting 161: 120, using maximum allowed: 30 [ 641.879200][ T5250] usb 1-1: config 0 interface 0 altsetting 161 has 0 endpoint descriptors, different from the interface descriptor's value: 120 [ 641.893610][ T5250] usb 1-1: config 0 interface 0 has no altsetting 0 [ 641.964659][ T5250] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 641.974140][ T5250] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 641.982504][ T5250] usb 1-1: Product: syz [ 641.987860][ T5250] usb 1-1: Manufacturer: syz [ 641.992698][ T5250] usb 1-1: SerialNumber: syz [ 642.046056][T11132] 8021q: adding VLAN 0 to HW filter on device bond0 [ 642.157643][ T5250] usb 1-1: config 0 descriptor?? [ 642.278435][T11132] 8021q: adding VLAN 0 to HW filter on device team0 [ 642.426692][ T5250] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 642.434039][ T5250] usb 1-1: selecting invalid altsetting 0 [ 642.474632][ T3228] bridge0: port 1(bridge_slave_0) entered blocking state [ 642.482426][ T3228] bridge0: port 1(bridge_slave_0) entered forwarding state [ 642.643290][ T3228] bridge0: port 2(bridge_slave_1) entered blocking state [ 642.651010][ T3228] bridge0: port 2(bridge_slave_1) entered forwarding state [ 642.898728][ T5250] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 643.031724][ T5250] usb 1-1: USB disconnect, device number 11 [ 643.128743][T11132] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 643.139467][T11132] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 643.440121][ T5359] udevd[5359]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 644.151188][T11301] xt_HMARK: proto mask must be zero with L3 mode [ 644.944940][ T5250] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 645.166658][T11305] netlink: 2080 bytes leftover after parsing attributes in process `syz.0.2738'. [ 645.194742][ T5250] usb 5-1: Using ep0 maxpacket: 16 [ 645.281794][ T5250] usb 5-1: config 7 has an invalid interface number: 247 but max is 0 [ 645.290495][ T5250] usb 5-1: config 7 has no interface number 0 [ 645.296846][ T5250] usb 5-1: config 7 interface 247 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 645.418477][ T5275] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 645.606180][ T5250] usb 5-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=6c.22 [ 645.615740][ T5250] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 645.624403][ T5250] usb 5-1: Product: syz [ 645.628811][ T5250] usb 5-1: Manufacturer: syz [ 645.633667][ T5250] usb 5-1: SerialNumber: syz [ 645.745917][ T5275] usb 4-1: Using ep0 maxpacket: 16 [ 645.816429][ T5275] usb 4-1: config 0 interface 0 altsetting 44 endpoint 0x83 has invalid wMaxPacketSize 0 [ 645.826919][ T5275] usb 4-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 645.840647][ T5275] usb 4-1: config 0 interface 0 has no altsetting 0 [ 645.881447][T11132] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 646.099661][ T5275] usb 4-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 646.109484][ T5275] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 646.118211][ T5275] usb 4-1: Product: syz [ 646.122847][ T5275] usb 4-1: Manufacturer: syz [ 646.127682][ T5275] usb 4-1: SerialNumber: syz [ 646.219107][ T5250] ni6501 5-1:7.247: driver 'ni6501' failed to auto-configure device. [ 646.512484][ T5250] usb 5-1: USB disconnect, device number 11 [ 646.528428][ T5275] usb 4-1: config 0 descriptor?? [ 646.634202][ T5275] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input17 [ 647.017109][T11132] veth0_vlan: entered promiscuous mode [ 647.087809][T11132] veth1_vlan: entered promiscuous mode [ 647.299599][ T5275] input: failed to attach handler mousedev to device input17, error: -5 [ 647.395754][T11310] lo speed is unknown, defaulting to 1000 [ 647.568988][T11132] veth0_macvtap: entered promiscuous mode [ 647.785683][T11132] veth1_macvtap: entered promiscuous mode [ 648.513106][ T5275] usb 4-1: USB disconnect, device number 20 [ 648.574011][T11132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 648.592527][T11132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 648.602662][T11132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 648.614758][T11132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 648.625024][T11132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 648.635915][T11132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 648.645967][T11132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 648.656791][T11132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 648.666927][T11132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 648.677757][T11132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 648.703322][T11132] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 648.723378][T11132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 648.734172][T11132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 648.744315][T11132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 648.755096][T11132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 648.765135][T11132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 648.775881][T11132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 648.786014][T11132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 648.797056][T11132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 648.813148][T11132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 648.825718][T11132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 648.840974][T11132] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 648.861243][T11132] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 648.870421][T11132] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 648.879579][T11132] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 648.888829][T11132] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 654.470962][T11346] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2753'. [ 655.087308][T11352] (syz.0.2756,11352,1):ocfs2_fill_super:990 ERROR: superblock probe failed! [ 655.096726][T11352] (syz.0.2756,11352,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 655.609398][T11355] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2757'. [ 655.874967][T11356] loop4: detected capacity change from 0 to 256 [ 655.884042][T11356] vfat: Bad value for 'dmask' [ 656.339051][ T9910] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 656.603349][ T9910] usb 5-1: Using ep0 maxpacket: 8 [ 656.689679][ T9910] usb 5-1: config 0 has an invalid interface number: 150 but max is 0 [ 656.699442][ T9910] usb 5-1: config 0 has an invalid interface number: 112 but max is 0 [ 656.709115][ T9910] usb 5-1: config 0 has an invalid interface number: 3 but max is 0 [ 656.717580][ T9910] usb 5-1: config 0 has 3 interfaces, different from the descriptor's value: 1 [ 656.726984][ T9910] usb 5-1: config 0 has no interface number 0 [ 656.733458][ T9910] usb 5-1: config 0 has no interface number 1 [ 656.739908][ T9910] usb 5-1: config 0 has no interface number 2 [ 656.746257][ T9910] usb 5-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 656.759729][ T9910] usb 5-1: too many endpoints for config 0 interface 112 altsetting 233: 104, using maximum allowed: 30 [ 656.771363][ T9910] usb 5-1: config 0 interface 112 altsetting 233 has 1 endpoint descriptor, different from the interface descriptor's value: 104 [ 656.785307][ T9910] usb 5-1: too many endpoints for config 0 interface 3 altsetting 102: 105, using maximum allowed: 30 [ 656.801276][ T9910] usb 5-1: config 0 interface 3 altsetting 102 has 0 endpoint descriptors, different from the interface descriptor's value: 105 [ 656.816406][ T9910] usb 5-1: config 0 interface 150 has no altsetting 0 [ 656.823461][ T9910] usb 5-1: config 0 interface 112 has no altsetting 0 [ 656.830717][ T9910] usb 5-1: config 0 interface 3 has no altsetting 0 [ 656.837743][ T9910] usb 5-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75 [ 656.847083][ T9910] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 657.728914][ T9910] usb 5-1: config 0 descriptor?? [ 657.831416][ T9910] usb 5-1: selecting invalid altsetting 0 [ 658.149026][ T9910] usb 5-1: string descriptor 0 read error: -71 [ 658.328506][ T9910] usb 5-1: USB disconnect, device number 12 [ 659.444412][ T5567] udevd[5567]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.150/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 660.600005][T11387] netlink: 'syz.4.2769': attribute type 22 has an invalid length. [ 660.608474][T11387] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2769'. [ 660.617717][T11387] netlink: 'syz.4.2769': attribute type 22 has an invalid length. [ 663.602687][T11408] loop2: detected capacity change from 0 to 64 [ 664.081136][ T1246] ieee802154 phy0 wpan0: encryption failed: -22 [ 664.088202][ T1246] ieee802154 phy1 wpan1: encryption failed: -22 [ 665.587067][ T3228] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 665.595377][ T3228] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 666.144296][ T3056] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 666.152364][ T3056] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 668.534905][T11445] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2792'. [ 668.632466][T11447] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2791'. [ 668.643211][T11447] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 668.768774][T11451] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2796'. [ 669.621108][T11458] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2800'. [ 670.346621][T11471] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2807'. [ 672.095076][T11493] loop3: detected capacity change from 0 to 2048 [ 672.229819][T11493] nilfs2: Unknown parameter 'dont_appraise' [ 672.700909][T11493] (syz.3.2818,11493,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 672.711504][T11493] (syz.3.2818,11493,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 674.017615][T11525] xt_CT: You must specify a L4 protocol and not use inversions on it [ 677.756304][T11582] netlink: 'syz.3.2856': attribute type 75 has an invalid length. [ 678.118425][T11581] loop0: detected capacity change from 0 to 2048 [ 678.195077][T11587] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 678.420870][T11581] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 8796093022222 [ 678.435803][T11581] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=16) [ 678.486381][T11581] Remounting filesystem read-only [ 678.491761][T11581] NILFS (loop0): error -5 truncating bmap (ino=16) [ 678.588615][T11591] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2867'. [ 678.909879][ T5191] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 679.632995][ T25] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 679.862401][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 679.877340][ T25] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0 [ 679.889080][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 679.900774][ T25] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 680.185480][ T25] usb 2-1: New USB device found, idVendor=0451, idProduct=3410, bcdDevice=ef.1e [ 680.194905][ T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 680.207978][ T25] usb 2-1: Product: syz [ 680.212398][ T25] usb 2-1: Manufacturer: syz [ 680.219180][ T25] usb 2-1: SerialNumber: syz [ 680.384778][T11614] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2876'. [ 680.451426][ T25] usb 2-1: config 0 descriptor?? [ 680.468020][ T25] ti_usb_3410_5052 2-1:0.0: TI USB 3410 1 port adapter converter detected [ 680.576112][ T25] usb 2-1: TI USB 3410 1 port adapter converter now attached to ttyUSB0 [ 680.686325][T11619] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2875'. [ 681.145364][T11627] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2882'. [ 681.703118][T11632] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2884'. [ 681.734575][ T5275] usb 2-1: USB disconnect, device number 21 [ 681.803209][T11633] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2885'. [ 681.811847][ T5275] ti_usb_3410_5052_1 ttyUSB0: TI USB 3410 1 port adapter converter now disconnected from ttyUSB0 [ 681.826067][ T5275] ti_usb_3410_5052 2-1:0.0: device disconnected [ 682.471548][T11641] netlink: 'syz.4.2889': attribute type 11 has an invalid length. [ 682.479848][T11641] netlink: 105120 bytes leftover after parsing attributes in process `syz.4.2889'. [ 683.648558][T11659] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551615) [ 683.660602][T11659] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 683.685794][T11656] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0) [ 683.695056][T11656] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647 [ 684.145025][T11665] openvswitch: netlink: Missing key (keys=40, expected=80) [ 685.592185][T11684] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2911'. [ 687.362217][T11708] Cannot find del_set index 0 as target [ 689.238584][T11723] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 691.447618][T11767] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2952'. [ 691.852804][T11770] loop4: detected capacity change from 0 to 1764 [ 692.038413][T11770] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 692.238411][ T29] audit: type=1326 audit(2000000364.341:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11776 comm="syz.3.2956" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744d579 code=0x0 [ 693.239391][T11784] netlink: 120 bytes leftover after parsing attributes in process `syz.2.2958'. [ 693.372179][T11787] Non-string source [ 693.751663][T11794] ufs: Invalid option: "/+##" or missing value [ 693.760796][T11794] ufs: wrong mount options [ 694.443189][T10962] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 694.738539][T10962] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 694.748239][T10962] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 694.773620][T10962] usb 4-1: config 0 descriptor?? [ 694.809235][T10962] cp210x 4-1:0.0: cp210x converter detected [ 694.964721][T11808] usb usb9: usbfs: process 11808 (syz.4.2971) did not claim interface 10 before use [ 695.575112][T10962] usb 4-1: cp210x converter now attached to ttyUSB0 [ 695.688235][T10962] usb 4-1: USB disconnect, device number 21 [ 695.715171][T10962] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 695.726855][T10962] cp210x 4-1:0.0: device disconnected [ 696.404029][T11825] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 696.595779][T11830] loop2: detected capacity change from 0 to 128 [ 696.925498][ T5275] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 697.128957][ T5275] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 22334, setting to 1024 [ 697.140884][ T5275] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024 [ 697.151162][ T5275] usb 3-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice= 9.99 [ 697.160983][ T5275] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 697.272281][ T5275] usb 3-1: config 0 descriptor?? [ 697.281255][T11830] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 697.314618][ T5275] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 697.728061][ T5275] usb 3-1: USB disconnect, device number 11 [ 698.877897][T11847] ipt_rpfilter: unknown options [ 699.135868][ T7642] udevd[7642]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 699.637805][T11854] netlink: 'syz.3.2994': attribute type 4 has an invalid length. [ 699.646419][T11854] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2994'. [ 699.776002][ T25] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 700.179124][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 700.294293][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 700.307409][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 700.318073][ T25] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 700.328163][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 700.339889][ T25] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 700.350440][ T25] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 700.359925][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 700.379397][ T25] usb 1-1: config 0 descriptor?? [ 700.389204][T11852] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 700.565114][ T9910] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 700.913757][ T9910] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 701.009122][ T9910] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0093, bcdDevice=23.5a [ 701.018581][ T9910] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 701.027910][ T9910] usb 3-1: Product: syz [ 701.032453][ T9910] usb 3-1: Manufacturer: syz [ 701.037281][ T9910] usb 3-1: SerialNumber: syz [ 701.305083][ T9910] usb 3-1: config 0 descriptor?? [ 701.472919][ T25] usb 1-1: USB disconnect, device number 12 [ 701.511600][ T51] Bluetooth: hci6: Opcode 0x0c03 failed: -19 [ 701.670748][ T9910] usb 3-1: dvb_usb_v2: usb_bulk_msg() failed=-8 [ 701.677513][ T9910] dvb_usb_af9035 3-1:0.0: probe with driver dvb_usb_af9035 failed with error -8 [ 701.795162][ T9910] usb 3-1: USB disconnect, device number 12 [ 702.869735][T11883] netlink: 'syz.4.3008': attribute type 1 has an invalid length. [ 703.339647][T11892] ebtables: wrong size: *len 264, entries_size 144, replsz 144 [ 705.894817][T10962] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 706.088611][ T29] audit: type=1326 audit(2000000377.143:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11922 comm="syz.0.3024" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7ffc0000 [ 706.111642][ T29] audit: type=1326 audit(2000000377.143:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11922 comm="syz.0.3024" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7ffc0000 [ 706.252466][T10962] usb 4-1: Using ep0 maxpacket: 32 [ 706.307812][T10962] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 706.341193][ T29] audit: type=1326 audit(2000000377.189:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11922 comm="syz.0.3024" exe="/root/syz-executor" sig=0 arch=40000003 syscall=225 compat=1 ip=0xf7f55579 code=0x7ffc0000 [ 706.365912][ T29] audit: type=1326 audit(2000000377.198:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11922 comm="syz.0.3024" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7ffc0000 [ 706.391686][ T29] audit: type=1326 audit(2000000377.208:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11922 comm="syz.0.3024" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7ffc0000 [ 706.444191][T10962] usb 4-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9 [ 706.455098][T10962] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 706.463579][T10962] usb 4-1: Product: syz [ 706.467988][T10962] usb 4-1: Manufacturer: syz [ 706.472964][T10962] usb 4-1: SerialNumber: syz [ 706.630090][T10962] usb 4-1: config 0 descriptor?? [ 706.892984][ T5275] usb 4-1: USB disconnect, device number 22 [ 707.037778][T10962] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 707.427820][T10962] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 707.439253][T10962] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 707.477770][T10962] usb 5-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66 [ 707.487546][T10962] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 707.499018][T10962] usb 5-1: Product: syz [ 707.503442][T10962] usb 5-1: Manufacturer: syz [ 707.509378][T10962] usb 5-1: SerialNumber: syz [ 707.582984][T10962] usb 5-1: config 0 descriptor?? [ 707.621520][T10962] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -90 [ 707.971698][T10962] usb 5-1: USB disconnect, device number 13 [ 708.430772][T11946] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3034'. [ 708.982528][ T9910] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 709.174601][ T9910] usb 1-1: Using ep0 maxpacket: 8 [ 709.199910][ T9910] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 709.210471][ T9910] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 709.219893][ T9910] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 709.231750][ T9910] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 709.243390][ T9910] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 709.252741][ T9910] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 709.473728][ T9910] hub 1-1:1.0: bad descriptor, ignoring hub [ 709.479946][ T9910] hub 1-1:1.0: probe with driver hub failed with error -5 [ 709.495654][ T9910] cdc_wdm 1-1:1.0: skipping garbage [ 709.501111][ T9910] cdc_wdm 1-1:1.0: skipping garbage [ 709.586663][ T9910] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 709.593728][ T9910] cdc_wdm 1-1:1.0: Unknown control protocol [ 709.958823][ T5323] usb 1-1: USB disconnect, device number 13 [ 711.944391][T11990] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3056'. [ 712.240044][T11994] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3055'. [ 713.295845][T12006] binfmt_misc: register: failed to install interpreter file ./file0 [ 713.753630][T12017] binder: 12016:12017 ioctl 400c620e 0 returned -14 [ 715.121638][T12038] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3075'. [ 715.268003][T12035] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3077'. [ 717.239319][T12056] netlink: 'syz.3.3086': attribute type 8 has an invalid length. [ 717.247400][T12056] netlink: 128124 bytes leftover after parsing attributes in process `syz.3.3086'. [ 717.459461][T12060] trusted_key: encrypted_key: keylen parameter is missing [ 717.878057][ T29] audit: type=1326 audit(2000000388.025:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12062 comm="syz.0.3089" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7ffc0000 [ 717.901374][ T29] audit: type=1326 audit(2000000388.025:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12062 comm="syz.0.3089" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7ffc0000 [ 718.127525][ T29] audit: type=1326 audit(2000000388.164:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12062 comm="syz.0.3089" exe="/root/syz-executor" sig=0 arch=40000003 syscall=183 compat=1 ip=0xf7f55579 code=0x7ffc0000 [ 718.157250][ T29] audit: type=1326 audit(2000000388.164:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12062 comm="syz.0.3089" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7ffc0000 [ 718.184015][ T29] audit: type=1326 audit(2000000388.164:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12062 comm="syz.0.3089" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7ffc0000 [ 720.310739][T12087] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3098'. [ 720.857383][ T5250] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 721.073708][ T5250] usb 5-1: Using ep0 maxpacket: 32 [ 721.135689][ T5250] usb 5-1: config index 0 descriptor too short (expected 35577, got 27) [ 721.148244][ T5250] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 721.158367][ T5250] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 721.169085][ T5250] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 721.183356][ T5250] usb 5-1: config 1 has no interface number 0 [ 721.189768][ T5250] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 721.199224][ T5250] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 721.378473][ T5250] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found [ 721.683314][ T5250] snd_usb_pod 5-1:1.1: set_interface failed [ 721.689522][ T5250] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected [ 721.702570][ T5250] snd_usb_pod 5-1:1.1: probe with driver snd_usb_pod failed with error -71 [ 721.776465][T12101] trusted_key: encrypted_key: keyword 'ldefault' not recognized [ 722.086380][T12107] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3110'. [ 722.111897][T12109] netlink: 80 bytes leftover after parsing attributes in process `syz.3.3111'. [ 722.195377][ T5250] usb 5-1: USB disconnect, device number 14 [ 723.285866][T12127] loop4: detected capacity change from 0 to 8 [ 723.371235][T12125] loop2: detected capacity change from 0 to 16 [ 723.409421][T12125] erofs: (device loop2): mounted with root inode @ nid 36. [ 723.471531][T12127] SQUASHFS error: Failed to read block 0x63a: -5 [ 723.479333][T12127] SQUASHFS error: Unable to read metadata cache entry [638] [ 723.485438][T12125] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance 0 @ lcn 123 of nid 36 [ 723.486745][T12127] SQUASHFS error: Unable to read directory block [26067d:ffff] [ 723.499672][T12125] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance 0 @ lcn 123 of nid 36 [ 723.517313][T12125] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 123 of nid 36 [ 723.958633][T12135] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3126'. [ 724.855493][T12143] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3129'. [ 725.398006][T12157] netlink: 240 bytes leftover after parsing attributes in process `syz.2.3135'. [ 725.541347][T12159] loop3: detected capacity change from 0 to 128 [ 725.904549][T12159] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 726.000966][T12159] ext4 filesystem being mounted at /632/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 726.557878][T12173] xt_CT: You must specify a L4 protocol and not use inversions on it [ 726.928341][ T5190] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 726.960191][T12172] loop0: detected capacity change from 0 to 2048 [ 727.024978][T12172] nilfs2: Unknown parameter 'dont_appraise' [ 727.283086][T12178] CIFS mount error: No usable UNC path provided in device string! [ 727.283086][T12178] [ 727.293614][T12178] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 727.435823][T12172] (syz.0.3141,12172,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 727.445957][T12172] (syz.0.3141,12172,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 728.772753][T12198] netlink: 'syz.2.3154': attribute type 75 has an invalid length. [ 729.842806][T12216] loop0: detected capacity change from 0 to 1764 [ 730.510707][T12223] netlink: 188 bytes leftover after parsing attributes in process `syz.4.3167'. [ 730.688724][ T1246] ieee802154 phy0 wpan0: encryption failed: -22 [ 730.695576][ T1246] ieee802154 phy1 wpan1: encryption failed: -22 [ 731.686238][T12242] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3176'. [ 732.059754][T10962] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 733.215673][T10962] usb 1-1: Using ep0 maxpacket: 8 [ 733.264653][T10962] usb 1-1: unable to get BOS descriptor or descriptor too short [ 733.306344][T10962] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 733.316737][T10962] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 733.326693][T10962] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0 [ 733.337193][T10962] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 733.350404][T10962] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 733.526582][T10962] usb 1-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84 [ 733.536204][T10962] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 733.544659][T10962] usb 1-1: Product: syz [ 733.549060][T10962] usb 1-1: Manufacturer: syz [ 733.553920][T10962] usb 1-1: SerialNumber: syz [ 733.629498][T10962] usb 1-1: config 0 descriptor?? [ 733.689551][T10962] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 734.141714][T10962] usb 1-1: USB disconnect, device number 14 [ 734.597433][ T5388] udevd[5388]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 735.252226][T12285] 8021q: VLANs not supported on ipvlan1 [ 735.278787][ T29] audit: type=1400 audit(2000000404.076:746): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=12287 comm="syz.4.3197" [ 735.416868][T12292] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: invalid value (255) [ 736.533093][T12308] loop4: detected capacity change from 0 to 16 [ 736.611424][T12308] erofs: (device loop4): mounted with root inode @ nid 36. [ 738.053118][T12331] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 738.419482][T10962] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 738.675840][T10962] usb 4-1: config 0 has an invalid interface number: 83 but max is 0 [ 738.684472][T10962] usb 4-1: config 0 has no interface number 0 [ 738.691133][T10962] usb 4-1: config 0 interface 83 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0 [ 738.701383][T10962] usb 4-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=39.61 [ 738.710775][T10962] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 738.869187][T12341] loop2: detected capacity change from 0 to 8 [ 738.885102][T10962] usb 4-1: config 0 descriptor?? [ 738.969386][T10962] ttusbir 4-1:0.83: cannot find expected altsetting [ 739.193548][ T9910] usb 4-1: USB disconnect, device number 23 [ 742.163211][T12375] netlink: 'syz.4.3239': attribute type 2 has an invalid length. [ 743.710844][T12395] loop0: detected capacity change from 0 to 8 [ 743.990363][T12396] loop4: detected capacity change from 0 to 1024 [ 744.167980][T12396] hfsplus: catalog name length corrupted [ 746.060749][T12412] loop0: detected capacity change from 0 to 256 [ 751.399849][T12444] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3272'. [ 752.075226][T12451] Non-string source [ 752.235937][T11865] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 752.245338][T11865] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 752.255843][T11865] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 752.287078][T11865] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 752.304881][T11865] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 752.327386][T11865] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 752.484747][T12450] lo speed is unknown, defaulting to 1000 [ 753.370688][ T3883] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.514922][ T3883] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.592289][T11865] Bluetooth: hci6: command tx timeout [ 754.947094][ T3883] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 755.002803][T12450] chnl_net:caif_netlink_parms(): no params data found [ 755.077047][ T3883] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 755.353545][T11865] Bluetooth: hci5: command 0x0406 tx timeout [ 755.758260][T12487] loop4: detected capacity change from 0 to 128 [ 755.893585][T12487] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 756.242787][ T3883] bridge_slave_1: left allmulticast mode [ 756.248719][ T3883] bridge_slave_1: left promiscuous mode [ 756.255418][ T3883] bridge0: port 2(bridge_slave_1) entered disabled state [ 756.404535][T12487] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 550) [ 756.412919][T12487] FAT-fs (loop4): Filesystem has been set read-only [ 756.483563][ T3883] bridge_slave_0: left allmulticast mode [ 756.489482][ T3883] bridge_slave_0: left promiscuous mode [ 756.496231][ T3883] bridge0: port 1(bridge_slave_0) entered disabled state [ 756.900174][ T51] Bluetooth: hci6: command tx timeout [ 756.977665][ T5189] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 550) [ 758.313484][T12521] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3304'. [ 758.322909][T12521] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3304'. [ 759.188623][ T51] Bluetooth: hci6: command tx timeout [ 759.892933][ T3883] dvmrp8 (unregistering): left allmulticast mode [ 760.142155][ T5323] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 760.380672][ T5323] usb 2-1: Using ep0 maxpacket: 16 [ 760.395615][ T5323] usb 2-1: config 2 has an invalid interface number: 157 but max is 0 [ 760.404879][ T5323] usb 2-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 760.420646][ T5323] usb 2-1: config 2 has no interface number 0 [ 760.428564][ T5323] usb 2-1: config 2 interface 157 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 760.438890][ T5323] usb 2-1: config 2 interface 157 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 760.454405][ T5323] usb 2-1: New USB device found, idVendor=0403, idProduct=c631, bcdDevice=a0.66 [ 760.464477][ T5323] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 761.007735][ T5323] i2c-tiny-usb 2-1:2.157: version a0.66 found at bus 002 address 022 [ 761.018617][ T3883] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 761.070274][ T3883] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 761.150643][ T3883] bond0 (unregistering): Released all slaves [ 761.170901][ T3883] bond1 (unregistering): Released all slaves [ 761.426627][ T51] Bluetooth: hci6: command tx timeout [ 761.790186][ T5323] (null): failure reading functionality [ 761.832581][ T5323] i2c i2c-1: failure reading functionality [ 761.878550][ T5323] i2c i2c-1: connected i2c-tiny-usb device [ 761.937420][ T5323] usb 2-1: USB disconnect, device number 22 [ 762.681774][T12450] bridge0: port 1(bridge_slave_0) entered blocking state [ 762.689614][T12450] bridge0: port 1(bridge_slave_0) entered disabled state [ 762.697433][T12450] bridge_slave_0: entered allmulticast mode [ 762.706685][T12450] bridge_slave_0: entered promiscuous mode [ 762.747329][T12450] bridge0: port 2(bridge_slave_1) entered blocking state [ 762.755642][T12450] bridge0: port 2(bridge_slave_1) entered disabled state [ 762.763631][T12450] bridge_slave_1: entered allmulticast mode [ 762.772644][T12450] bridge_slave_1: entered promiscuous mode [ 763.922802][ T3883] hsr_slave_0: left promiscuous mode [ 764.076783][ T3883] hsr_slave_1: left promiscuous mode [ 764.140496][ T3883] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 764.148368][ T3883] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 764.204062][ T3883] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 764.211933][ T3883] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 764.369097][ T3883] veth1_macvtap: left promiscuous mode [ 764.375033][ T3883] veth0_macvtap: left promiscuous mode [ 764.381284][ T3883] veth1_vlan: left promiscuous mode [ 764.386874][ T3883] veth0_vlan: left promiscuous mode [ 765.819687][ T3883] infiniband syz0: set down [ 766.233048][ T3883] team0 (unregistering): Port device team_slave_1 removed [ 766.317918][ T3883] team0 (unregistering): Port device team_slave_0 removed [ 766.545530][ T3036] smc: removing ib device syz0 [ 766.878254][T12450] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 766.897558][T12581] netlink: 'syz.0.3329': attribute type 4 has an invalid length. [ 766.906031][T12581] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3329'. [ 768.991232][T12603] overlayfs: failed to resolve './file1': -2 [ 769.334303][T12605] loop3: detected capacity change from 0 to 1024 [ 769.551682][ T9910] lo speed is unknown, defaulting to 1000 [ 769.561278][T12595] netlink: 3 bytes leftover after parsing attributes in process `syz.4.3333'. [ 769.571235][T12595] 0ªX¹¦À: renamed from caif0 [ 769.741509][T12595] 0ªX¹¦À: entered allmulticast mode [ 769.746972][T12595] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 769.804798][T12450] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 770.153190][T12609] loop0: detected capacity change from 0 to 8 [ 770.219987][T12609] cramfs: Error -5 while decompressing! [ 770.225773][T12609] cramfs: ffffffff9466f2b2(26)->ffff88812ac8b000(4096) [ 770.233151][T12609] cramfs: Error -3 while decompressing! [ 770.238926][T12609] cramfs: ffffffff9466f2cc(16)->ffff88812ac8a000(4096) [ 770.252370][T12609] cramfs: Error -5 while decompressing! [ 770.258133][T12609] cramfs: ffffffff9466f2b2(26)->ffff88812ac8b000(4096) [ 770.315999][ T29] audit: type=1800 audit(2000000436.390:747): pid=12609 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3340" name="file2" dev="loop0" ino=348 res=0 errno=0 [ 770.724666][T12450] team0: Port device team_slave_0 added [ 770.766403][ T3883] IPVS: stop unused estimator thread 0... [ 770.832389][T12450] team0: Port device team_slave_1 added [ 771.623910][T12450] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 771.631339][T12450] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 771.659892][T12450] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 772.013397][T12450] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 772.021640][T12450] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 772.048152][T12450] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 772.714465][T12450] hsr_slave_0: entered promiscuous mode [ 772.733081][T12450] hsr_slave_1: entered promiscuous mode [ 772.742280][T12450] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 772.750058][T12450] Cannot create hsr debugfs directory [ 775.038884][T12669] loop3: detected capacity change from 0 to 512 [ 776.084546][T12669] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 776.097992][T12669] ext4 filesystem being mounted at /697/control supports timestamps until 2038-01-19 (0x7fffffff) [ 776.588666][T12669] EXT4-fs error (device loop3): ext4_map_blocks:671: inode #2: block 18: comm syz.3.3362: lblock 23 mapped to illegal pblock 18 (length 1) [ 777.200329][T12450] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 777.251056][ T5190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 777.423954][T12450] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 777.652452][T12450] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 777.837192][T12450] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 778.297765][T12696] loop3: detected capacity change from 0 to 512 [ 778.510583][T12696] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 778.737037][T12696] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 778.751771][T12696] ext4 filesystem being mounted at /698/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 779.260121][T12450] 8021q: adding VLAN 0 to HW filter on device bond0 [ 779.314250][T12450] 8021q: adding VLAN 0 to HW filter on device team0 [ 779.402517][ T1105] bridge0: port 1(bridge_slave_0) entered blocking state [ 779.410283][ T1105] bridge0: port 1(bridge_slave_0) entered forwarding state [ 779.425409][ T1105] bridge0: port 2(bridge_slave_1) entered blocking state [ 779.433137][ T1105] bridge0: port 2(bridge_slave_1) entered forwarding state [ 779.558980][ T5190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 779.685698][T12450] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 779.696603][T12450] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 780.279178][T12722] xt_NFQUEUE: number of total queues is 0 [ 780.433325][T12727] netlink: 172 bytes leftover after parsing attributes in process `syz.3.3378'. [ 781.263132][T12739] netlink: 'syz.3.3386': attribute type 7 has an invalid length. [ 781.274330][T12739] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.3386'. [ 781.544516][T12742] netlink: 'syz.0.3389': attribute type 4 has an invalid length. [ 781.552891][T12742] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.3389'. [ 781.988977][T12750] vhci_hcd: invalid port number 0 [ 782.605006][T12450] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 782.874703][T12450] veth0_vlan: entered promiscuous mode [ 782.916510][T12450] veth1_vlan: entered promiscuous mode [ 783.015624][T12450] veth0_macvtap: entered promiscuous mode [ 783.037425][T12450] veth1_macvtap: entered promiscuous mode [ 783.093553][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 783.105307][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 783.116017][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 783.126780][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 783.136898][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 783.147734][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 783.160828][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 783.172359][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 783.182541][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 783.193288][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 783.209173][T12450] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 783.328498][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 783.339355][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 783.349685][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 783.360458][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 783.370582][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 783.386364][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 783.397999][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 783.410769][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 783.422694][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 783.433486][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 783.448586][T12450] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 783.537498][T12765] loop4: detected capacity change from 0 to 256 [ 783.697275][T12450] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 783.706624][T12450] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 783.721149][T12450] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 783.734170][T12450] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 784.586506][T12765] FAT-fs (loop4): Directory bread(block 64) failed [ 784.593439][T12765] FAT-fs (loop4): Directory bread(block 65) failed [ 784.603477][T12765] FAT-fs (loop4): Directory bread(block 66) failed [ 784.611271][T12765] FAT-fs (loop4): Directory bread(block 67) failed [ 784.618389][T12765] FAT-fs (loop4): Directory bread(block 68) failed [ 784.625176][T12765] FAT-fs (loop4): Directory bread(block 69) failed [ 784.632312][T12765] FAT-fs (loop4): Directory bread(block 70) failed [ 784.639246][T12765] FAT-fs (loop4): Directory bread(block 71) failed [ 784.646148][T12765] FAT-fs (loop4): Directory bread(block 72) failed [ 784.653073][T12765] FAT-fs (loop4): Directory bread(block 73) failed [ 786.012718][T12799] netlink: 288 bytes leftover after parsing attributes in process `syz.1.3407'. [ 786.913239][T12813] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3408'. [ 788.326318][T12830] netlink: 'syz.3.3417': attribute type 29 has an invalid length. [ 788.334537][T12830] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3417'. [ 788.842786][T12840] loop0: detected capacity change from 0 to 512 [ 788.955504][T12840] EXT4-fs (loop0): orphan cleanup on readonly fs [ 788.962489][T12840] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13 [ 789.143197][T12840] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 789.199508][T12840] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #13: comm syz.0.3419: attempt to clear invalid blocks 2 len 1 [ 789.316556][T12840] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.3419: invalid indirect mapped block 1819239214 (level 0) [ 789.492184][T12840] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.3419: invalid indirect mapped block 1819239214 (level 1) [ 789.600737][T12840] EXT4-fs (loop0): 1 truncate cleaned up [ 789.608232][T12840] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 789.719446][T12840] EXT4-fs error (device loop0): ext4_lookup:1810: inode #2: comm syz.0.3419: 'file1' linked to parent dir [ 790.277902][ T5191] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 791.500739][T12876] loop4: detected capacity change from 0 to 1024 [ 791.538954][T12876] EXT4-fs: Ignoring removed orlov option [ 791.545205][T12876] EXT4-fs: Ignoring removed orlov option [ 791.725375][T12876] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 791.901197][T12876] EXT4-fs error (device loop4): ext4_xattr_set_entry:1668: inode #13: comm syz.4.3431: corrupted xattr entries [ 792.236335][T12890] loop0: detected capacity change from 0 to 256 [ 792.446288][ T5189] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 792.888877][T11323] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 792.897384][T11323] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 793.230563][T11323] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 793.238762][T11323] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 793.376968][ T29] audit: type=1326 audit(2000000457.702:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12899 comm="syz.0.3437" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7ffc0000 [ 793.400744][ T29] audit: type=1326 audit(2000000457.702:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12899 comm="syz.0.3437" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55579 code=0x7ffc0000 [ 794.832442][T12924] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 50937 - 0 [ 794.841861][T12924] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 50937 - 0 [ 794.851217][T12924] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 50937 - 0 [ 794.860513][T12924] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 50937 - 0 [ 794.870245][T12924] netdevsim netdevsim3 netdevsim0: set [1, 2] type 2 family 0 port 41595 - 0 [ 794.879569][T12924] netdevsim netdevsim3 netdevsim1: set [1, 2] type 2 family 0 port 41595 - 0 [ 794.889006][T12924] netdevsim netdevsim3 netdevsim2: set [1, 2] type 2 family 0 port 41595 - 0 [ 794.898239][T12924] netdevsim netdevsim3 netdevsim3: set [1, 2] type 2 family 0 port 41595 - 0 [ 794.907434][T12924] geneve2: entered promiscuous mode [ 794.913066][T12924] geneve2: entered allmulticast mode [ 795.660824][T12930] loop0: detected capacity change from 0 to 256 [ 795.985411][T12935] libceph: resolve '0.0' (ret=-3): failed [ 796.308544][T12940] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3453'. [ 797.268352][T12950] loop0: detected capacity change from 0 to 1024 [ 797.286845][ T1246] ieee802154 phy0 wpan0: encryption failed: -22 [ 797.293791][ T1246] ieee802154 phy1 wpan1: encryption failed: -22 [ 797.939804][T12956] loop0: detected capacity change from 0 to 1764 [ 798.672796][T12968] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3468'. [ 799.691672][T12973] loop3: detected capacity change from 0 to 1024 [ 799.735618][T12977] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3472'. [ 800.557990][ T29] audit: type=1326 audit(2000000464.320:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12982 comm="syz.4.3474" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x0 [ 800.922102][ T9910] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 801.132860][ T9910] usb 1-1: Using ep0 maxpacket: 8 [ 801.141145][ T9910] usb 1-1: too many configurations: 14, using maximum allowed: 8 [ 801.266367][ T9910] usb 1-1: New USB device found, idVendor=0421, idProduct=01d0, bcdDevice=98.e6 [ 801.275931][ T9910] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 801.284421][ T9910] usb 1-1: Product: syz [ 801.288838][ T9910] usb 1-1: Manufacturer: syz [ 801.293921][ T9910] usb 1-1: SerialNumber: syz [ 801.368581][ T9910] usb 1-1: config 0 descriptor?? [ 801.407312][ T9910] usb 1-1: bad CDC descriptors [ 801.413902][ T9910] cdc_acm 1-1:0.0: Zero length descriptor references [ 801.421056][ T9910] cdc_acm 1-1:0.0: probe with driver cdc_acm failed with error -22 [ 801.674722][ T9910] usb 1-1: USB disconnect, device number 15 [ 802.114402][ T29] audit: type=1326 audit(2000000465.742:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13004 comm="syz.3.3485" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 802.139259][ T29] audit: type=1326 audit(2000000465.742:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13004 comm="syz.3.3485" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 802.162505][ T29] audit: type=1326 audit(2000000465.751:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13004 comm="syz.3.3485" exe="/root/syz-executor" sig=0 arch=40000003 syscall=195 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 802.186639][ T29] audit: type=1326 audit(2000000465.751:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13004 comm="syz.3.3485" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 802.209222][ T29] audit: type=1326 audit(2000000465.751:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13004 comm="syz.3.3485" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 802.463450][T13009] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 803.824208][T13028] loop4: detected capacity change from 0 to 1024 [ 804.100931][T13028] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 804.463250][ T5189] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 805.506329][T13051] netlink: 'syz.3.3505': attribute type 2 has an invalid length. [ 805.514332][T13051] netlink: 'syz.3.3505': attribute type 1 has an invalid length. [ 805.522617][T13051] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3505'. [ 806.853965][T13068] netlink: 'syz.4.3512': attribute type 10 has an invalid length. [ 806.862864][T13068] bridge0: port 3(team0) entered blocking state [ 806.870142][T13068] bridge0: port 3(team0) entered disabled state [ 806.877090][T13068] team0: entered allmulticast mode [ 806.882599][T13068] team_slave_0: entered allmulticast mode [ 806.888556][T13068] team_slave_1: entered allmulticast mode [ 806.892313][T13067] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 806.894688][T13068] geneve0: entered allmulticast mode [ 806.925045][T13068] team0: entered promiscuous mode [ 806.930327][T13068] team_slave_0: entered promiscuous mode [ 806.937434][T13068] team_slave_1: entered promiscuous mode [ 806.944300][T13068] geneve0: entered promiscuous mode [ 806.953280][T13068] bridge0: port 3(team0) entered blocking state [ 806.960342][T13068] bridge0: port 3(team0) entered forwarding state [ 807.836361][T13077] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3516'. [ 808.016716][T13078] loop4: detected capacity change from 0 to 1024 [ 808.961844][T13087] loop3: detected capacity change from 0 to 1764 [ 809.474099][T13095] loop4: detected capacity change from 0 to 256 [ 809.886540][ T29] audit: type=1326 audit(2000000472.941:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13097 comm="syz.3.3527" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 810.064810][ T29] audit: type=1326 audit(2000000472.997:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13097 comm="syz.3.3527" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 810.217855][ T29] audit: type=1326 audit(2000000473.153:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13097 comm="syz.3.3527" exe="/root/syz-executor" sig=0 arch=40000003 syscall=310 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 810.244106][ T29] audit: type=1326 audit(2000000473.153:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13097 comm="syz.3.3527" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 810.396426][T11865] Bluetooth: hci6: command 0x0405 tx timeout [ 810.676899][T13109] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 810.691843][T13109] xt_SECMARK: invalid mode: 0 [ 811.962811][T13128] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3539'. [ 812.310522][T13128] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3539'. [ 812.474537][ T29] audit: type=1326 audit(2000000475.341:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.4.3544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 812.518074][ T29] audit: type=1326 audit(2000000475.369:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.4.3544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 812.574283][ T29] audit: type=1326 audit(2000000475.406:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.4.3544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=138 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 812.599256][ T29] audit: type=1326 audit(2000000475.406:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.4.3544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 812.623211][ T29] audit: type=1326 audit(2000000475.406:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.4.3544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 812.645387][ C1] vkms_vblank_simulate: vblank timer overrun [ 813.204836][T13140] ===================================================== [ 813.212313][T13140] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x110 [ 813.219986][T13140] _copy_to_user+0xbc/0x110 [ 813.224704][T13140] con_font_op+0x14a2/0x1710 [ 813.232228][T13140] vt_compat_ioctl+0x79b/0x990 [ 813.237232][T13140] tty_compat_ioctl+0x801/0xce0 [ 813.244210][T13140] __se_compat_sys_ioctl+0x785/0x1080 [ 813.249815][T13140] __ia32_compat_sys_ioctl+0x93/0xe0 [ 813.255786][T13140] ia32_sys_call+0x32a2/0x40d0 [ 813.261138][T13140] __do_fast_syscall_32+0xb0/0x110 [ 813.266614][T13140] do_fast_syscall_32+0x38/0x80 [ 813.271676][T13140] do_SYSENTER_32+0x1f/0x30 [ 813.276501][T13140] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 813.283067][T13140] [ 813.285642][T13140] Uninit was created at: [ 813.290155][T13140] ___kmalloc_large_node+0x22c/0x370 [ 813.290372][T13144] loop0: detected capacity change from 0 to 2048 [ 813.295700][T13140] __kmalloc_large_node_noprof+0x3f/0x1e0 [ 813.295852][T13140] __kmalloc_node_noprof+0x9d6/0xf50 [ 813.315730][T13140] __kvmalloc_node_noprof+0xc0/0x2d0 [ 813.321502][T13140] con_font_op+0x659/0x1710 [ 813.326199][T13140] vt_compat_ioctl+0x79b/0x990 [ 813.334025][T13140] tty_compat_ioctl+0x801/0xce0 [ 813.340176][T13140] __se_compat_sys_ioctl+0x785/0x1080 [ 813.345764][T13140] __ia32_compat_sys_ioctl+0x93/0xe0 [ 813.353040][T13140] ia32_sys_call+0x32a2/0x40d0 [ 813.358030][T13140] __do_fast_syscall_32+0xb0/0x110 [ 813.363766][T13140] do_fast_syscall_32+0x38/0x80 [ 813.368845][T13140] do_SYSENTER_32+0x1f/0x30 [ 813.373709][T13140] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 813.380258][T13140] [ 813.382794][T13140] Bytes 65536-131071 of 131072 are uninitialized [ 813.389260][T13140] Memory access of size 131072 starts at ffff8880ab400000 [ 813.396651][T13140] Data copied to user address 0000000020000a40 [ 813.403137][T13140] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 813.405573][T13140] CPU: 0 UID: 0 PID: 13140 Comm: syz.4.3546 Not tainted 6.12.0-rc3-syzkaller-00183-g6efbea77b390 #0 [ 813.416711][T13140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 813.428306][T13140] ===================================================== [ 813.435494][T13140] Disabling lock debugging due to kernel taint [ 813.444642][T13140] Kernel panic - not syncing: kmsan.panic set ... [ 813.451220][T13140] CPU: 0 UID: 0 PID: 13140 Comm: syz.4.3546 Tainted: G B 6.12.0-rc3-syzkaller-00183-g6efbea77b390 #0 [ 813.463696][T13140] Tainted: [B]=BAD_PAGE [ 813.467968][T13140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 813.478179][T13140] Call Trace: [ 813.481577][T13140] [ 813.484624][T13140] dump_stack_lvl+0x216/0x2d0 [ 813.489524][T13140] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 813.495530][T13140] dump_stack+0x1e/0x30 [ 813.499894][T13140] panic+0x4e2/0xcf0 [ 813.503993][T13140] ? kmsan_get_metadata+0x51/0x1c0 [ 813.509308][T13140] kmsan_report+0x2c7/0x2d0 [ 813.514054][T13140] ? kmsan_internal_check_memory+0x48c/0x560 [ 813.520260][T13140] ? kmsan_copy_to_user+0xd5/0xf0 [ 813.525507][T13140] ? _copy_to_user+0xbc/0x110 [ 813.530388][T13140] ? con_font_op+0x14a2/0x1710 [ 813.535331][T13140] ? vt_compat_ioctl+0x79b/0x990 [ 813.540496][T13140] ? tty_compat_ioctl+0x801/0xce0 [ 813.545738][T13140] ? __se_compat_sys_ioctl+0x785/0x1080 [ 813.551498][T13140] ? __ia32_compat_sys_ioctl+0x93/0xe0 [ 813.557160][T13140] ? ia32_sys_call+0x32a2/0x40d0 [ 813.562329][T13140] ? __do_fast_syscall_32+0xb0/0x110 [ 813.567839][T13140] ? do_fast_syscall_32+0x38/0x80 [ 813.573088][T13140] ? do_SYSENTER_32+0x1f/0x30 [ 813.577976][T13140] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 813.584704][T13140] ? this_cpu_in_panic+0x5e/0xa0 [ 813.590018][T13140] ? _prb_read_valid+0x216f/0x21c0 [ 813.595343][T13140] ? kmsan_get_metadata+0x13e/0x1c0 [ 813.600728][T13140] ? kmsan_get_metadata+0x13e/0x1c0 [ 813.606117][T13140] ? kmsan_metadata_is_contiguous+0xde/0x1e0 [ 813.612340][T13140] kmsan_internal_check_memory+0x48c/0x560 [ 813.618411][T13140] kmsan_copy_to_user+0xd5/0xf0 [ 813.623481][T13140] ? should_fail_usercopy+0x2e/0x40 [ 813.628903][T13140] _copy_to_user+0xbc/0x110 [ 813.633619][T13140] con_font_op+0x14a2/0x1710 [ 813.638409][T13140] ? kmsan_get_metadata+0x13e/0x1c0 [ 813.643797][T13140] vt_compat_ioctl+0x79b/0x990 [ 813.648801][T13140] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 813.654802][T13140] ? __pfx_vt_compat_ioctl+0x10/0x10 [ 813.660327][T13140] tty_compat_ioctl+0x801/0xce0 [ 813.665398][T13140] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 813.671402][T13140] ? __pfx_tty_compat_ioctl+0x10/0x10 [ 813.676994][T13140] __se_compat_sys_ioctl+0x785/0x1080 [ 813.682572][T13140] ? kmsan_get_metadata+0x13e/0x1c0 [ 813.687952][T13140] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 813.694515][T13140] ? kmsan_get_metadata+0x13e/0x1c0 [ 813.699901][T13140] __ia32_compat_sys_ioctl+0x93/0xe0 [ 813.705398][T13140] ia32_sys_call+0x32a2/0x40d0 [ 813.710398][T13140] __do_fast_syscall_32+0xb0/0x110 [ 813.715733][T13140] ? irqentry_exit+0x16/0x60 [ 813.720525][T13140] do_fast_syscall_32+0x38/0x80 [ 813.725588][T13140] do_SYSENTER_32+0x1f/0x30 [ 813.730303][T13140] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 813.736848][T13140] RIP: 0023:0xf748d579 [ 813.741056][T13140] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 813.761053][T13140] RSP: 002b:00000000f577656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 813.769697][T13140] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b72 [ 813.777849][T13140] RDX: 00000000200004c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 813.785983][T13140] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 813.794110][T13140] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 813.802237][T13140] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 813.810371][T13140] [ 813.813769][T13140] Kernel Offset: disabled [ 813.818166][T13140] Rebooting in 86400 seconds..