last executing test programs: 3m44.723288857s ago: executing program 0 (id=2430): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)={0x38, 0x1, 0x2, 0x101, 0x0, 0x0, {0x2, 0x0, 0x4}, [@CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x840}, 0x4) 3m44.50544093s ago: executing program 0 (id=2435): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@delneigh={0x30, 0x1d, 0x881, 0x70bd28, 0x25dfdbff, {0x2, 0x0, 0x0, 0x0, 0x40, 0x0, 0xa}, [@NDA_CACHEINFO={0x14, 0x3, {0x450, 0x6, 0x1, 0x346}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 3m44.345979202s ago: executing program 0 (id=2440): r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) bind$nfc_llcp(r0, 0x0, 0x0) 3m44.164225684s ago: executing program 0 (id=2443): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000240)='./bus\x00', 0x1800840, &(0x7f0000000000)={[{@shortname_win95}, {@shortname_winnt}, {@numtail}, {@shortname_mixed}, {@uni_xlate}, {@rodir}, {@rodir}, {@shortname_win95}, {@uni_xlate}, {@fat=@discard}, {@utf8no}, {@utf8no}, {@shortname_mixed}, {@iocharset={'iocharset', 0x3d, 'macroman'}}]}, 0x1, 0x360, &(0x7f0000001280)="$eJzs3U9oHFUYAPBvO/lbaJODUBSE0ZugoX/woKeUkkJxLypL1YO42FQlGwtZXEwP3caLeBQ86smLeNCDh55FUMSbB69WkKp40N4KFp/s7mx2NrtJU2Fbg7/fYfnyvffNe28zyU4m2ZdXlmPtwnRcvHnzRszNVWJq+cxy3KrEYmTRdzVGzYzJAQAHw62U4s/Us8+SyoSnBABMWPf1/7Ujpcw7X+/VP3n1B4ADr/j5f36vPnO7NVyayJQAgAkbuf//6FDzzPCv+qdKfxUAABxUz7/40jOnqxHP5flcxPq7rVqrFk8P2k9fjDeiEatxPBbidkTvQqHzUOk+nj1XXTme53k7flmMWqeiVYtYb7dqvSuF01m3fjZOxEIsFvXF1UZKKTv7RXXlRN4VEVfb3fFjvdKqTcfhYvwfD8dqnIw8HhipjzhXXTmZFweorffr2xFbg/sWnfkvxUJ8/2pcikZcmD8fKfUva6orV07k+ZlUHapv1WbjwvazsOsdEAAAAAAAAAAAAAAAAAAAAAAA+FeW8m2L2/vfpMH+PUtLY9q7++P06ov9gbZ6+wOl2RQp/fH2E7X3shjaH2jn/jyt2lQcur9LBwAAAAAAAAAAAAAAAAAAgP+M5uZM1BuN1Y3m5uW1ctDeaG4eiohO5s1vP/tqPkb73CGYKsYoNeVF6vJaPWX9zikb6lMEWWfwfubTa9szLveZ3V7F2GnM7t7UaBx55OcPB5mHs/6R/x70yWL8ArMd0ygH60d7U7qbJ+ryqSI4eYfO11NKux3nysujVVGJmLr7T9zeQeoE39x4/cFTzWNPdjNfpp7HHl84f/2Dj39bqzc6I3c0PpnZaN5Oa/Xi4/En2+5BVjp/KtELKuUzYWqv8q3hTD374fcXHnr/u/2NnsqZt8b0yXrL+XyjuVkpvlK6TTO9oJPbUTXfOJdF7DjO9JiTfwLBsY+W69eu/PTrfqtK3yRs1AEAAAAAAAAAAAAAAAAAAPdE6b3iheLNvtN7VT317ORnBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3zuD//5eCrZHMfoK/2jHaNLu60Yw4er+XCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9w/AQAA///ftWu9") mount$nfs(&(0x7f0000000300)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\xdd\x98\xb8\rQh#\xfacl\x01\x8cC\x1f|\xa5\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15A\xb5\xbbG\xa0\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f0000000240)='./file0\x00', 0x0, 0x201008, 0x0) 3m43.661529715s ago: executing program 0 (id=2453): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x38, 0x10, 0x801, 0x4000000, 0xfffffffc, {0x0, 0x0, 0x4c, 0x0, 0x204e9, 0x500}, [@IFLA_GROUP={0x8}, @IFLA_OPERSTATE={0x5, 0x10, 0x5}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x4529}]}, 0x38}, 0x1, 0xffffa888}, 0x20000880) 3m42.924590215s ago: executing program 0 (id=2477): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001200)=@dellinkprop={0x4c, 0x6c, 0x1, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x30004, 0x3800}, [@IFLA_PROP_LIST={0x18, 0x34, 0x0, 0x1, [{0x14}]}, @IFLA_ALT_IFNAME={0x14, 0x35, 'bridge0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4044064}, 0x40000) 3m42.579461644s ago: executing program 32 (id=2477): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001200)=@dellinkprop={0x4c, 0x6c, 0x1, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x30004, 0x3800}, [@IFLA_PROP_LIST={0x18, 0x34, 0x0, 0x1, [{0x14}]}, @IFLA_ALT_IFNAME={0x14, 0x35, 'bridge0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4044064}, 0x40000) 2.35253865s ago: executing program 2 (id=6165): r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffb) add_key(&(0x7f0000000040)='pkcs7_test\x00', 0x0, &(0x7f00000000c0)="100c0601001000bad775aa1b71ca", 0xe, r0) 2.126733401s ago: executing program 2 (id=6169): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00') linkat(r0, &(0x7f0000000100)='./mnt\x00', r0, &(0x7f0000000140)='./file0\x00', 0x1000) 2.054062136s ago: executing program 2 (id=6172): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_WAIT(r0, 0xc02864c3, &(0x7f00000002c0)={0x0, 0x8}) 1.892359642s ago: executing program 2 (id=6176): syz_usb_connect(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="120101021967a920d11280b5de2901020301090224000138088009050b"], &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0}) bpf$PROG_LOAD(0x5, 0x0, 0x0) 1.778209339s ago: executing program 1 (id=6179): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001340)='./file0\x00', 0x2000082, &(0x7f00000001c0)={[{@shortname_lower}, {@rodir}, {@fat=@codepage={'codepage', 0x3d, '863'}}, {@utf8no}, {@uni_xlateno}, {@shortname_winnt}, {@shortname_win95}, {@shortname_lower}, {@fat=@errors_remount}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@shortname_win95}, {@uni_xlate}, {@numtail}, {@rodir}, {@utf8}]}, 0x26, 0x367, &(0x7f0000000780)="$eJzs3T9onGUYAPDn+qW5S7Amg1B0Ot0EKU3EQaeEUqGYQSuH/xYPm/ondxZyeBCHXm5RipPiqJNbBx07i4OIm4OrFaQqLnYrNPjJ3X333X+bgBeU/n5DeHje9/ne5+5e+L6E5M3rrdi5dDIu3759K0qlQixsnNuIO4VYjRORRM9+TPXR4vQ8APAfdydN48+0596zP1nuR+79APD/1b3/v3lqkCgeofjaA/NoCQCYs0N+///81OyVubUFAMzRxP3/sZHhsR/zL+S/E9CzNP8GAYB/3YuvvPrc5lbExXK5FFH/sFlpVuKZwfjm5Xg7arEdZ2MlDiJ6Dwq9p4XO12cvbJ0/W+74dTUqnYpmJaLealZ6TwqbSbe+GGuxkl80zeuTTv1at74cEfut7vpRLzQrJ2M5W/+n5diO9ViJh7LSQX3Eha3z6+XsApV6v74V0Y5Sf71O/2diJX54I65ELS51Wxj0f3WtXD6Xbo3UN68Xu/P+wYk5fBwAAAAAAAAAAAAAAAAAAAAAANwnzpRzq/n5N2m91fzg4viE1ZHzcSq94ex8oHbvfKC02D+d51oyfj7Q6Pk8zcqCA3QAAAAAAAAAAAAAAAAAAAAg09hbjGqttr3b2Ht/ZzhoDWXe/e7Lb5aiP7SQlb6TDKoiS45cpz9x6MpJ5EukeXmajMzJgiSiP3m/ev1G3vHwnGL+KibKO0FxYqiQ9VSt1U49+stn06r+6gT73UwSE2/LaFDI1h8aqj/YSZQi4mBW1exg/R5zbqZpOmMoTUfa6ATZUQytI7dxiODbW289/GTj9FPdzNfZSo8/sfLSzU+/+H2nWot2752p1RZ3GwfpIa4chYg8k6ZZkAztn0L2AgtTdkI36G+RPNMeLNHebexVkx//ePmRj78fWz2Zvn/S4cx7s5v/ajyz2AsKEatj/UwNTk7Z/NOD1+7mu/foH9zpzzeqN67+/FuWmdgts97MCAd1AAAAAAAAAAAAAAAAAADA8Rj80e/YQJqmrZlVT78Qkcy9NwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4LoP//z8UtCcyhwnutmJyqLi92+isU5q2+NKxv1wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO5TfwcAAP//Is908w==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) 1.437418996s ago: executing program 1 (id=6186): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000059010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a3100000d0058000000060a010400000000000000000100000008000b4000000000300004802c000180090001007866726d000000001c0002800800014000000000080002400000000505000300020000000900010073797a30"], 0xcc}}, 0x0) 1.159565271s ago: executing program 1 (id=6192): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$sock_int(r0, 0x1, 0x4a, &(0x7f0000000040)=0xb, 0x4) 996.288087ms ago: executing program 1 (id=6196): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) writev(r0, &(0x7f0000000300)=[{&(0x7f0000000340)="ebfa0e80ceb3dc4c4303000000ade38ff8c84ace9d15af003afa41ae5fbebe7b175c12cf29c48c2d4b61ce76443645c1dc73113beeb9b5243cd0415b0437839aa6c68111a4582c4213b5587d7b0907dbfb62d18b3a6a3bb8f9e0c37b9b3f386e", 0x60}], 0x1) 995.670832ms ago: executing program 4 (id=6197): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@newspdinfo={0x24, 0x24, 0x16f87866b7b1d371, 0x70bd25, 0x25dfdbff, 0x1, [@XFRMA_SPD_IPV4_HTHRESH={0x6}, @XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x20}, 0x0) 864.908196ms ago: executing program 1 (id=6199): r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000540)={0x9241, 0xc, 0x96, 0x253, 0x3, 0x3}) 833.778317ms ago: executing program 3 (id=6200): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) getgid() 729.133589ms ago: executing program 4 (id=6201): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup\x00', 0x0, 0x2) getdents(r0, 0xfffffffffffffffd, 0x58) 726.122266ms ago: executing program 5 (id=6202): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000080), 0x4) 624.344662ms ago: executing program 3 (id=6203): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)="d8000000180081054e81f782db4cb904021d0800fe007c05e8fe55a10a0015000700142603600e12080005007f370401a8001600200004000400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2e98a61e284ce5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e970392", 0xd8}], 0x1}, 0x0) 595.620883ms ago: executing program 4 (id=6204): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0xa1a, 0xcf6, 0x59455247, 0x2, 0xfffffffe, 0x0, 0x0, 0x2000, 0x0, 0x4}}) 551.372269ms ago: executing program 5 (id=6205): r0 = socket$phonet_pipe(0x23, 0x5, 0x2) setsockopt$PNPIPE_HANDLE(r0, 0x113, 0x3, &(0x7f0000000000)=0xffff8001, 0x4) 530.687668ms ago: executing program 1 (id=6206): r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000059770c40c009030243d3000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, &(0x7f0000000080)={0x0, 0x7, 0x6, "02f1a5f95f1c"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 469.97619ms ago: executing program 5 (id=6207): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@bridge_getlink={0x34, 0x12, 0x487, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'netdevsim0\x00'}]}, 0x34}}, 0x0) 469.709969ms ago: executing program 3 (id=6208): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={'bridge_slave_1\x00', &(0x7f0000000000)=@ethtool_sfeatures={0x51}}) 461.659184ms ago: executing program 4 (id=6209): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0xdfffffff, 0x800, 0x0, 0x1}, 0x20) 336.2352ms ago: executing program 2 (id=6210): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000240)={r0, 0xffffffffffffffff, 0x10, 0x0, @void}, 0x10) 297.897886ms ago: executing program 5 (id=6211): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f00000001c0)={0x3, 0x0, 0x0, 0x0, 0xffff8000}) 274.353001ms ago: executing program 3 (id=6212): r0 = socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000200)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x200000000140, 0x0, 0x0, 0x200000000170, 0x2000000001a0], 0x0, 0x0, &(0x7f0000000140)=[{0x600, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108) 177.593953ms ago: executing program 4 (id=6213): r0 = openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000040)=@l={0x92, 0x6, 0xe0, 0x0, 0x0, 0xfc}) 156.564834ms ago: executing program 5 (id=6214): r0 = socket$kcm(0x2, 0x5, 0x84) setsockopt$sock_attach_bpf(r0, 0x84, 0x10, &(0x7f0000000000), 0xc) 102.226682ms ago: executing program 3 (id=6215): r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_int(r0, 0x0, 0x18, 0x0, &(0x7f0000000040)) 101.480208ms ago: executing program 2 (id=6216): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000100)={0x4, 0x9, 0x3, "3258c5c000e12d00e6ff000000810000000000000000000000000300", 0x34324948}) 28.463691ms ago: executing program 5 (id=6217): r0 = socket$l2tp(0x2, 0x2, 0x73) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000000)={'filter\x00', 0x4, "70e38ccf"}, &(0x7f0000000080)=0x2c) 23.214141ms ago: executing program 4 (id=6218): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c00000045000900000000000200000002000000080002"], 0x1c}}, 0x0) 0s ago: executing program 3 (id=6219): r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x1000f2a, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x13, 0x2, 0x1, "1101eb00001200000100ba4c0000005c6d6c1500000000000002dfd39c00", 0x3247504d}) kernel console output (not intermixed with test programs): bles: mh match: only valid for protocol 135 [ 486.470305][T16409] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 486.793544][T16426] loop3: detected capacity change from 0 to 128 [ 486.858083][T16426] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 486.896619][T16426] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 487.014634][T16436] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4272'. [ 487.066874][T16436] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4272'. [ 487.420435][T16455] random: crng reseeded on system resumption [ 487.523011][T16455] Restarting kernel threads ... [ 487.562922][T16455] Done restarting kernel threads. [ 487.875993][T16473] loop4: detected capacity change from 0 to 2048 [ 487.900542][T16477] loop1: detected capacity change from 0 to 64 [ 487.978970][T16473] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 488.130662][T16485] netlink: 'syz.1.4296': attribute type 3 has an invalid length. [ 488.138624][T16485] netlink: 3 bytes leftover after parsing attributes in process `syz.1.4296'. [ 488.429805][T16493] loop2: detected capacity change from 0 to 2048 [ 488.470331][T16493] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=3932051, location=3932051 [ 488.506013][T16493] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 488.566095][T16505] netlink: 'syz.5.4306': attribute type 4 has an invalid length. [ 488.889843][T16518] loop3: detected capacity change from 0 to 16 [ 488.936532][T16518] erofs (device loop3): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 488.967783][T16518] erofs (device loop3): mounted with root inode @ nid 36. [ 489.067547][T16518] syz.3.4311: attempt to access beyond end of device [ 489.067547][T16518] loop3: rw=0, sector=301990144, nr_sectors = 257 limit=16 [ 489.108992][T16518] syz.3.4311: attempt to access beyond end of device [ 489.108992][T16518] loop3: rw=0, sector=301990400, nr_sectors = 1 limit=16 [ 489.150539][T16518] erofs (device loop3): read error -5 @ 0 of nid 36 [ 489.733775][T16552] netlink: 'syz.1.4329': attribute type 39 has an invalid length. [ 489.871501][T16558] loop4: detected capacity change from 0 to 512 [ 489.885775][T16558] EXT4-fs: Ignoring removed orlov option [ 489.975047][T16558] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 490.034246][T16538] loop3: detected capacity change from 0 to 32768 [ 490.042481][T16538] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4322 (16538) [ 490.061710][T16565] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4333'. [ 490.065736][T16558] ext4 filesystem being mounted at /804/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 490.075598][T16538] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 490.135023][T16538] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm [ 490.223503][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 490.246401][T16570] tmpfs: Bad value for 'mpol' [ 490.469229][T16538] BTRFS info (device loop3): setting nodatasum [ 490.475448][T16538] BTRFS info (device loop3): setting nodatacow [ 490.532149][T16538] BTRFS info (device loop3): enabling ssd optimizations [ 490.546779][T16538] BTRFS info (device loop3): turning on async discard [ 490.586488][T16538] BTRFS info (device loop3): enabling free space tree [ 490.711845][T16595] loop2: detected capacity change from 0 to 1024 [ 490.889307][ T37] hfsplus: b-tree write err: -5, ino 4 [ 491.115461][T16607] vim2m vim2m.0: Fourcc format (0x42474752) invalid. [ 491.137750][ T5826] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 491.220940][T16567] loop1: detected capacity change from 0 to 32768 [ 491.251406][T16567] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4335 (16567) [ 491.343777][T16567] BTRFS info (device loop1): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 491.387904][T16567] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm [ 491.749966][T16567] BTRFS info (device loop1): turning off barriers [ 491.800835][T16567] BTRFS info (device loop1): enabling free space tree [ 492.029775][ T5819] BTRFS info (device loop1): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 492.211702][T16603] loop5: detected capacity change from 0 to 32768 [ 492.293935][T16648] kAFS: unable to lookup cell 'syz1' [ 492.330187][T16603] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 492.449390][T16603] XFS (loop5): Ending clean mount [ 492.657043][T16668] ipt_REJECT: TCP_RESET invalid for non-tcp [ 492.739684][T12236] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 492.756098][T16672] netlink: 'syz.4.4365': attribute type 1 has an invalid length. [ 493.059947][T16679] loop4: detected capacity change from 0 to 256 [ 493.639070][T16701] loop5: detected capacity change from 0 to 256 [ 493.667603][T16701] exfat: Deprecated parameter 'utf8' [ 493.672951][T16701] exfat: Deprecated parameter 'utf8' [ 493.697603][ T5878] usb 3-1: new full-speed USB device number 82 using dummy_hcd [ 493.723659][T16701] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 493.863747][ T5878] usb 3-1: config 252 has an invalid interface number: 251 but max is 0 [ 493.884551][ T5878] usb 3-1: config 252 has no interface number 0 [ 493.903583][ T5878] usb 3-1: New USB device found, idVendor=0c45, idProduct=6280, bcdDevice=d5.fc [ 493.956605][ T5878] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 494.001541][ T5878] gspca_main: gspca_sn9c20x-2.14.0 probing 0c45:6280 [ 494.132052][T16683] loop3: detected capacity change from 0 to 32768 [ 494.218272][T16683] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 494.318566][T16683] XFS (loop3): Ending clean mount [ 494.405549][T16734] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4391'. [ 494.438046][ T5925] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 494.438317][ T5878] gspca_sn9c20x: Write register 1001 failed -71 [ 494.452068][T16734] netlink: 3 bytes leftover after parsing attributes in process `syz.4.4391'. [ 494.453937][ T5826] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 494.486049][ T5878] gspca_sn9c20x: Device initialization failed [ 494.493771][ T5878] gspca_sn9c20x 3-1:252.251: probe with driver gspca_sn9c20x failed with error -71 [ 494.515403][ T5878] usb 3-1: USB disconnect, device number 82 [ 494.606933][ T5925] usb 6-1: Using ep0 maxpacket: 32 [ 494.617422][ T5925] usb 6-1: unable to get BOS descriptor or descriptor too short [ 494.637630][ T5925] usb 6-1: config 128 has an invalid interface number: 127 but max is 3 [ 494.646095][ T5925] usb 6-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config [ 494.673446][ T5925] usb 6-1: config 128 has 1 interface, different from the descriptor's value: 4 [ 494.696576][ T5925] usb 6-1: config 128 has no interface number 0 [ 494.736916][ T5925] usb 6-1: config 128 interface 127 altsetting 14 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 494.754541][ T5925] usb 6-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid wMaxPacketSize 0 [ 494.779881][ T5925] usb 6-1: config 128 interface 127 has no altsetting 0 [ 494.810063][ T5925] usb 6-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55 [ 494.829697][ T5925] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 494.847296][ T5925] usb 6-1: Product: syz [ 494.875778][ T5925] usb 6-1: Manufacturer: syz [ 494.886131][ T5925] usb 6-1: SerialNumber: syz [ 495.191194][T16748] loop4: detected capacity change from 0 to 4096 [ 495.209392][ T5925] usb 6-1: USB disconnect, device number 6 [ 495.264240][T16759] loop3: detected capacity change from 0 to 512 [ 495.325202][T16759] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.4403: invalid indirect mapped block 256 (level 2) [ 495.359273][T16759] EXT4-fs (loop3): 2 truncates cleaned up [ 495.370219][ T5825] udevd[5825]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:128.127/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 495.381518][T16759] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 495.624709][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 495.716931][T16772] comedi comedi0: pcl730: I/O port conflict (0x4004f27,4) [ 495.890382][T16778] ieee802154 phy0 wpan0: encryption failed: -90 [ 496.242007][T16796] loop5: detected capacity change from 0 to 256 [ 496.313975][T16796] exfat: Deprecated parameter 'namecase' [ 496.347136][T16796] exfat: Deprecated parameter 'utf8' [ 496.364838][T16797] bond2: option primary_reselect: invalid value (13) [ 496.387261][T16797] bond2 (unregistering): Released all slaves [ 496.395964][T16796] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 496.470548][T16796] fuse: Bad value for 'fd' [ 496.667265][T16808] netlink: 'syz.4.4426': attribute type 21 has an invalid length. [ 496.678574][T16787] loop1: detected capacity change from 0 to 32768 [ 496.685591][T16808] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4426'. [ 496.723073][T16787] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4416 (16787) [ 496.784779][T16787] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 496.833785][T16787] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 497.068045][T16787] BTRFS info (device loop1): enabling ssd optimizations [ 497.075048][T16787] BTRFS info (device loop1): turning on async discard [ 497.103038][T16787] BTRFS info (device loop1): enabling free space tree [ 497.252701][T16843] loop3: detected capacity change from 0 to 512 [ 497.337234][ T5819] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 497.365747][T16843] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 497.400660][T16843] ext4 filesystem being mounted at /877/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 497.715901][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 497.738751][T16858] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 497.958791][T16866] netlink: 'syz.1.4445': attribute type 1 has an invalid length. [ 497.998029][T16868] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4446'. [ 498.337335][T16880] wireguard0: entered promiscuous mode [ 498.354021][T16880] wireguard0: entered allmulticast mode [ 498.354034][T16840] loop5: detected capacity change from 0 to 32768 [ 498.416883][ T52] Bluetooth: hci0: command 0x0406 tx timeout [ 498.440539][T16840] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 498.586188][T16840] XFS (loop5): Ending clean mount [ 498.601701][T16840] XFS (loop5): Quotacheck needed: Please wait. [ 498.644926][T16890] loop1: detected capacity change from 0 to 4096 [ 498.774470][T16840] XFS (loop5): Quotacheck: Done. [ 498.951563][T12236] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 499.002247][T16909] IPVS: set_ctl: invalid protocol: 137 0.0.0.0:0 [ 499.131247][T16911] netlink: 'syz.1.4463': attribute type 1 has an invalid length. [ 499.177199][T16911] netlink: 244 bytes leftover after parsing attributes in process `syz.1.4463'. [ 499.216369][T16911] NCSI netlink: No device for ifindex 0 [ 499.726824][ T40] usb 5-1: new high-speed USB device number 45 using dummy_hcd [ 499.830587][T16941] loop2: detected capacity change from 0 to 512 [ 499.845330][T16941] EXT4-fs: Ignoring removed nobh option [ 499.907753][ T40] usb 5-1: Using ep0 maxpacket: 8 [ 499.923953][ T40] usb 5-1: config 0 has an invalid interface number: 186 but max is 0 [ 499.936913][T16941] EXT4-fs (loop2): 1 truncate cleaned up [ 499.944250][T16941] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 499.950332][ T40] usb 5-1: config 0 has no interface number 0 [ 499.957306][T16941] ext4 filesystem being mounted at /956/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 499.979357][ T7691] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 500.026870][ T7691] EXT4-fs error (device loop2): ext4_release_dquot:6984: comm kworker/u8:16: Failed to release dquot type 1 [ 500.046981][ T40] usb 5-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 500.101036][ T40] usb 5-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A [ 500.112832][ T7691] EXT4-fs (loop2): Remounting filesystem read-only [ 500.116120][T16941] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 500.137286][ T40] usb 5-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 500.146246][T16930] loop5: detected capacity change from 0 to 32768 [ 500.168657][ T40] usb 5-1: config 0 interface 186 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 500.197056][ T40] usb 5-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 500.228566][ T40] usb 5-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 500.249540][T16930] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 500.270810][ T40] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 500.311396][ T40] usb 5-1: Product: syz [ 500.315648][ T40] usb 5-1: Manufacturer: syz [ 500.337278][ T40] usb 5-1: SerialNumber: syz [ 500.361453][T16930] XFS (loop5): Ending clean mount [ 500.398067][ T40] usb 5-1: config 0 descriptor?? [ 500.428887][T16930] XFS (loop5): Quotacheck needed: Please wait. [ 500.554112][T16930] XFS (loop5): Quotacheck: Done. [ 500.614347][ T40] iowarrior 5-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0 [ 500.733640][T12236] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 500.855567][ T40] usb 5-1: USB disconnect, device number 45 [ 500.987081][ T5878] usb 4-1: new full-speed USB device number 77 using dummy_hcd [ 501.154000][ T5878] usb 4-1: config index 0 descriptor too short (expected 4495, got 71) [ 501.173029][ T5878] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 501.186976][ T5878] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 501.208652][ T5878] usb 4-1: config 0 has no interface number 0 [ 501.246998][ T5878] usb 4-1: New USB device found, idVendor=046c, idProduct=14e0, bcdDevice= 0.01 [ 501.256075][ T5878] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 501.296247][T16992] x_tables: duplicate underflow at hook 4 [ 501.303649][T16995] netlink: 'syz.2.4498': attribute type 6 has an invalid length. [ 501.313043][ T5878] usb 4-1: Product: syz [ 501.322460][ T5878] usb 4-1: Manufacturer: syz [ 501.336362][ T5878] usb 4-1: SerialNumber: syz [ 501.372582][ T5878] usb 4-1: config 0 descriptor?? [ 501.392767][ T5878] uvcvideo 4-1:0.105: probe with driver uvcvideo failed with error -22 [ 501.396642][T16998] loop5: detected capacity change from 0 to 128 [ 501.473652][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.480160][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.526895][T17001] loop2: detected capacity change from 0 to 16 [ 501.581671][T17001] erofs (device loop2): mounted with root inode @ nid 36. [ 501.669194][ T5951] usb 4-1: USB disconnect, device number 77 [ 501.685452][T17006] xt_TCPMSS: Only works on TCP SYN packets [ 501.842090][T17013] loop5: detected capacity change from 0 to 256 [ 502.428173][T17040] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4520'. [ 502.465407][T17040] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4520'. [ 502.579119][T17048] loop1: detected capacity change from 0 to 8 [ 502.629725][T17048] SQUASHFS error: Failed to read block 0x2d7: -5 [ 502.657182][T17048] SQUASHFS error: Unable to read metadata cache entry [2d5] [ 502.689288][T17048] SQUASHFS error: Failed to read block 0x8f: -5 [ 502.718213][ T30] audit: type=1800 audit(1780844887.038:46): pid=17048 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4525" name="file1" dev="loop1" ino=5 res=0 errno=0 [ 502.810400][T17056] sit0: entered promiscuous mode [ 502.844644][T17056] netlink: 'syz.5.4529': attribute type 1 has an invalid length. [ 502.876803][T17056] netlink: 1 bytes leftover after parsing attributes in process `syz.5.4529'. [ 503.628057][T17086] loop5: detected capacity change from 0 to 128 [ 503.686148][T17050] loop2: detected capacity change from 0 to 32768 [ 503.776135][T17050] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 503.897859][T17050] XFS (loop2): Ending clean mount [ 503.916269][T17050] XFS (loop2): Quotacheck needed: Please wait. [ 504.014163][T17050] XFS (loop2): Quotacheck: Done. [ 504.100343][ T5820] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 504.147857][T17104] loop4: detected capacity change from 0 to 4096 [ 504.527523][T17124] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4560'. [ 504.622717][T17126] loop3: detected capacity change from 0 to 4096 [ 504.681852][T17132] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 504.682476][T17126] NILFS error (device loop3): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 504.789076][T17126] NILFS (loop3): mounting fs with errors [ 504.810785][T17126] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=2) [ 504.868678][T17126] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=2) [ 504.899867][T17139] tmpfs: Bad value for 'mpol' [ 505.110597][T17149] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4571'. [ 505.155135][T17149] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4571'. [ 505.178350][T17149] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4571'. [ 505.351925][T17159] loop2: detected capacity change from 0 to 128 [ 505.667057][ T5951] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 505.857086][ T5951] usb 6-1: Using ep0 maxpacket: 16 [ 505.877064][T17179] __vm_enough_memory: pid: 17179, comm: syz.4.4586, bytes: 4115879641088 not enough memory for the allocation [ 505.877098][ T5951] usb 6-1: config 254 has an invalid interface number: 235 but max is 0 [ 505.877122][ T5951] usb 6-1: config 254 has no interface number 0 [ 505.877163][ T5951] usb 6-1: config 254 interface 235 altsetting 2 bulk endpoint 0x6 has invalid maxpacket 32 [ 505.945492][ T5951] usb 6-1: config 254 interface 235 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 505.991057][ T5951] usb 6-1: config 254 interface 235 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0 [ 506.011878][ T5951] usb 6-1: config 254 interface 235 has no altsetting 0 [ 506.031655][ T5951] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=2b.f1 [ 506.066652][ T5951] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=5 [ 506.078051][ T5951] usb 6-1: Product: syz [ 506.082250][ T5951] usb 6-1: Manufacturer: syz [ 506.105857][ T5951] usb 6-1: SerialNumber: syz [ 506.138740][T17163] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 506.383486][T17163] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 506.428842][ T5951] usbtest 6-1:254.235: Linux gadget zero [ 506.434531][ T5951] usbtest 6-1:254.235: high-speed {control in/out bulk-in bulk-out} tests (+alt) [ 506.438822][T17197] loop3: detected capacity change from 0 to 2048 [ 506.491769][T17197] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=66359, location=66359 [ 506.526200][T17202] loop2: detected capacity change from 0 to 64 [ 506.626490][ T5951] usb 6-1: USB disconnect, device number 7 [ 506.636073][T17197] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 506.958281][ T40] usb 2-1: new high-speed USB device number 72 using dummy_hcd [ 507.128383][ T40] usb 2-1: Using ep0 maxpacket: 32 [ 507.142514][ T40] usb 2-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 507.166814][ T40] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 507.197753][ T40] usb 2-1: config 0 descriptor?? [ 507.230543][ T40] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 507.381971][T17235] gtp1: entered promiscuous mode [ 507.387483][T17235] gtp1: entered allmulticast mode [ 507.594978][T17244] loop4: detected capacity change from 0 to 512 [ 507.638193][ T40] gspca_vc032x: reg_w err -71 [ 507.653238][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.659910][T17244] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 507.668030][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.697732][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.703287][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.706965][T17244] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 507.721786][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.739873][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.745201][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.761840][T17244] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 507.771462][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.776953][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.777150][T17244] System zones: [ 507.782239][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.782256][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.782265][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.782274][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.782285][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.782293][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.782304][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.782313][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.782324][ T40] gspca_vc032x: I2c Bus Busy Wait 00 [ 507.782334][ T40] gspca_vc032x: Unknown sensor... [ 507.782415][ T40] vc032x 2-1:0.0: probe with driver vc032x failed with error -22 [ 507.786162][ T40] usb 2-1: USB disconnect, device number 72 [ 507.856215][T17244] 0-2, 18-18, 34-34 [ 507.890420][T17244] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.4618: iget: bad i_size value: 360287970189639680 [ 507.920171][T17244] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.4618: couldn't read orphan inode 15 (err -117) [ 507.934966][T17244] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 508.039615][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 508.070693][T17263] loop3: detected capacity change from 0 to 256 [ 508.222373][T17266] loop5: detected capacity change from 0 to 1764 [ 508.519734][T17278] loop2: detected capacity change from 0 to 1024 [ 508.580828][ T40] usb 2-1: new high-speed USB device number 73 using dummy_hcd [ 508.762467][ T40] usb 2-1: config 0 has an invalid interface number: 117 but max is 0 [ 508.791934][ T40] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 508.804829][T17290] binder: 17289:17290 ioctl c018620c 200000000000 returned -22 [ 508.845282][ T40] usb 2-1: config 0 has no interface number 0 [ 508.861336][ T40] usb 2-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 508.882328][T17296] bridge_slave_0: left allmulticast mode [ 508.890420][ T40] usb 2-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 508.900414][T17296] bridge0: port 1(bridge_slave_0) entered disabled state [ 508.933697][ T40] usb 2-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 508.976867][ T40] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 508.984904][ T40] usb 2-1: Product: syz [ 509.001834][T17296] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 509.014795][T17301] loop3: detected capacity change from 0 to 764 [ 509.026808][ T40] usb 2-1: Manufacturer: syz [ 509.031437][ T40] usb 2-1: SerialNumber: syz [ 509.051876][T17301] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 509.067703][ T40] usb 2-1: config 0 descriptor?? [ 509.420229][T17312] program syz.2.4650 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 509.542496][ T40] usb 2-1: USB disconnect, device number 73 [ 509.663200][T17322] netlink: 'syz.2.4655': attribute type 1 has an invalid length. [ 509.697046][ T30] audit: type=1400 audit(1780844894.008:47): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=17323 comm="syz.3.4656" [ 509.955416][T17314] loop4: detected capacity change from 0 to 32768 [ 509.976623][T17314] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4651 (17314) [ 510.026126][T17314] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 510.078386][T17314] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm [ 510.347569][T17314] BTRFS info (device loop4): setting nodatasum [ 510.353782][T17314] BTRFS info (device loop4): allowing degraded mounts [ 510.417874][T17355] bond1: option tlb_dynamic_lb: invalid value (5) [ 510.426859][T17314] BTRFS info (device loop4): disabling tree log [ 510.433761][T17314] BTRFS info (device loop4): turning on async discard [ 510.446595][T17314] BTRFS info (device loop4): enabling free space tree [ 510.468797][T17355] bond1 (unregistering): Released all slaves [ 510.536565][ T5821] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 510.744083][T17361] loop3: detected capacity change from 0 to 32768 [ 510.927346][T17376] netlink: 132 bytes leftover after parsing attributes in process `syz.5.4675'. [ 511.132190][T17385] loop5: detected capacity change from 0 to 256 [ 511.157806][ T30] audit: type=1326 audit(1780844895.478:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17386 comm="syz.4.4671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1dd8f749 code=0x7ffc0000 [ 511.160663][T17385] exfat: Deprecated parameter 'namecase' [ 511.256960][ T30] audit: type=1326 audit(1780844895.478:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17386 comm="syz.4.4671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1dd8f749 code=0x7ffc0000 [ 511.288424][T17385] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011fc0, chksum : 0xea22d69b, utbl_chksum : 0xe619d30d) [ 511.365098][ T30] audit: type=1326 audit(1780844895.508:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17386 comm="syz.4.4671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f4d1dd8f749 code=0x7ffc0000 [ 511.423470][ T30] audit: type=1326 audit(1780844895.508:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17386 comm="syz.4.4671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1dd8f749 code=0x7ffc0000 [ 511.476099][ T30] audit: type=1326 audit(1780844895.508:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17386 comm="syz.4.4671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1dd8f749 code=0x7ffc0000 [ 511.533905][T17385] overlay: filesystem on . not supported [ 511.568968][T17398] loop4: detected capacity change from 0 to 256 [ 511.692621][T17398] FAT-fs (loop4): Directory bread(block 64) failed [ 511.755569][T17398] FAT-fs (loop4): Directory bread(block 65) failed [ 511.796883][T17398] FAT-fs (loop4): Directory bread(block 66) failed [ 511.844494][T17398] FAT-fs (loop4): Directory bread(block 67) failed [ 511.862495][T17398] FAT-fs (loop4): Directory bread(block 68) failed [ 511.897875][T17398] FAT-fs (loop4): Directory bread(block 69) failed [ 511.904534][T17398] FAT-fs (loop4): Directory bread(block 70) failed [ 511.943168][T17398] FAT-fs (loop4): Directory bread(block 71) failed [ 511.960180][T17398] FAT-fs (loop4): Directory bread(block 72) failed [ 511.998683][T17398] FAT-fs (loop4): Directory bread(block 73) failed [ 512.014736][T17414] loop5: detected capacity change from 0 to 1024 [ 512.398648][T17427] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4699'. [ 512.699654][T17440] binder: Bad value for 'stats' [ 512.757139][T17442] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4707'. [ 512.994173][T17418] loop3: detected capacity change from 0 to 32768 [ 513.047969][T17450] loop2: detected capacity change from 0 to 4096 [ 513.059063][T17454] autofs4:pid:17454:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a) [ 513.134320][T17450] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 513.149959][T17450] ntfs3(loop2): Failed to load $Extend (-22). [ 513.176788][T17450] ntfs3(loop2): Failed to initialize $Extend. [ 513.733309][T17470] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4720'. [ 513.744877][T17471] loop5: detected capacity change from 0 to 256 [ 513.760901][T17452] loop1: detected capacity change from 0 to 32768 [ 513.764162][T17471] exfat: Deprecated parameter 'utf8' [ 513.795527][T17471] exfat: Deprecated parameter 'utf8' [ 513.815583][T17471] exfat: Deprecated parameter 'utf8' [ 513.846352][T17471] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 513.933722][T17459] loop3: detected capacity change from 0 to 32768 [ 514.015377][T17459] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4715 (17459) [ 514.074302][T17459] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 514.110441][T17459] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm [ 514.285623][T17475] loop1: detected capacity change from 0 to 4096 [ 514.335726][T17475] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512). [ 514.393976][T17459] BTRFS info (device loop3): enabling ssd optimizations [ 514.445111][T17459] BTRFS info (device loop3): turning on async discard [ 514.477123][T17459] BTRFS info (device loop3): enabling free space tree [ 514.507242][ T5925] usb 5-1: new high-speed USB device number 46 using dummy_hcd [ 514.667903][ T5925] usb 5-1: Using ep0 maxpacket: 16 [ 514.693235][ T5925] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 514.723554][ T5925] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0 [ 514.733776][ T5826] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 514.769551][ T5925] usb 5-1: config 0 interface 0 has no altsetting 0 [ 514.788863][ T5925] usb 5-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 514.807016][ T5925] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 514.827209][ T5925] usb 5-1: Product: syz [ 514.831420][ T5925] usb 5-1: Manufacturer: syz [ 514.837312][T17502] loop2: detected capacity change from 0 to 8192 [ 514.860000][T17502] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 514.882697][ T5925] usb 5-1: SerialNumber: syz [ 514.936077][ T5925] usb 5-1: config 0 descriptor?? [ 514.946485][T17502] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 1046) [ 514.996823][T17502] FAT-fs (loop2): Filesystem has been set read-only [ 515.043623][T17511] loop5: detected capacity change from 0 to 256 [ 515.183649][ T5820] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 1046) [ 515.426975][ T5925] usb 5-1: USB disconnect, device number 46 [ 515.617025][ T5951] usb 4-1: new high-speed USB device number 78 using dummy_hcd [ 515.777302][ T5951] usb 4-1: Using ep0 maxpacket: 16 [ 515.818935][ T5951] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 515.844363][ T5951] usb 4-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 515.870339][ T5951] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 515.882225][ T5951] usb 4-1: Product: syz [ 515.886587][ T5951] usb 4-1: Manufacturer: syz [ 515.891407][ T5951] usb 4-1: SerialNumber: syz [ 515.912271][ T5951] usb 4-1: config 0 descriptor?? [ 515.929776][ T5951] hub 4-1:0.0: bad descriptor, ignoring hub [ 515.949232][ T5951] hub 4-1:0.0: probe with driver hub failed with error -5 [ 515.979262][ T5951] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input37 [ 516.232872][T17535] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 516.290355][T17535] ntfs3(loop4): Failed to load $Extend (-22). [ 516.301907][T17535] ntfs3(loop4): Failed to initialize $Extend. [ 516.388688][T17542] bond3: Removing last ns target with arp_interval on [ 516.689862][T17550] set_capacity_and_notify: 2 callbacks suppressed [ 516.689880][T17550] loop4: detected capacity change from 0 to 4096 [ 516.695014][T17552] loop1: detected capacity change from 0 to 128 [ 516.729231][T17552] qnx6: superblock #1 checksum error [ 516.737262][ T5951] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 516.769732][T17550] ntfs3(loop4): ino=3, ntfs_set_state failed, -22. [ 516.787508][T17550] ntfs3(loop4): Failed to initialize $Extend/$ObjId. [ 516.906834][ T5951] usb 6-1: Using ep0 maxpacket: 32 [ 516.935913][ T174] ntfs3(loop4): ino=3, ntfs3_write_inode failed, -22. [ 516.949318][ T5951] usb 6-1: config 6 has an invalid interface number: 250 but max is 0 [ 516.970560][ T5821] ntfs3(loop4): ino=3, ntfs_set_state failed, -22. [ 516.986964][ T5951] usb 6-1: config 6 has no interface number 0 [ 517.007176][ T5821] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 517.014286][ T5951] usb 6-1: config 6 interface 250 has no altsetting 0 [ 517.036398][ T5821] ntfs3(loop4): ino=3, ntfs_set_state failed, -22. [ 517.045337][ T5951] usb 6-1: New USB device found, idVendor=17cc, idProduct=1000, bcdDevice=a9.d1 [ 517.058172][ T7691] ntfs3(loop4): ino=3, ntfs3_write_inode failed, -22. [ 517.067821][ T5951] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=9 [ 517.087029][T17561] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4756'. [ 517.106389][ T5951] usb 6-1: Product: syz [ 517.117236][ T5951] usb 6-1: Manufacturer: syz [ 517.121875][ T5951] usb 6-1: SerialNumber: syz [ 517.388085][ T5951] snd-usb-audio 6-1:6.250: probe with driver snd-usb-audio failed with error -71 [ 517.430252][ T5951] usb 6-1: USB disconnect, device number 8 [ 517.604484][T17583] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4764'. [ 517.964375][T17599] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4773'. [ 517.996517][T17597] loop1: detected capacity change from 0 to 4096 [ 518.038395][T17597] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512). [ 518.828059][T17640] xt_cluster: node mask cannot exceed total number of nodes [ 519.452771][T17633] loop1: detected capacity change from 0 to 32768 [ 519.456217][T17659] loop4: detected capacity change from 0 to 4096 [ 519.516166][T17659] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 519.591105][T17659] ntfs3(loop4): Failed to load $Extend (-22). [ 519.614494][T17669] loop2: detected capacity change from 0 to 128 [ 519.621915][T17659] ntfs3(loop4): Failed to initialize $Extend. [ 519.637785][ T24] usb 4-1: USB disconnect, device number 78 [ 520.235097][T17686] netlink: 'syz.1.4816': attribute type 1 has an invalid length. [ 520.297790][T17665] loop5: detected capacity change from 0 to 32768 [ 520.356965][T17665] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 520.467727][T17665] XFS (loop5): Ending clean mount [ 520.669157][T12236] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 520.755292][T17712] loop4: detected capacity change from 0 to 256 [ 520.829860][ T30] audit: type=1800 audit(1780844905.148:53): pid=17712 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4824" name="memory.events" dev="loop4" ino=1048696 res=0 errno=0 [ 521.371581][T17730] loop3: detected capacity change from 0 to 512 [ 521.458439][T17730] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 521.545134][T17706] loop2: detected capacity change from 0 to 32768 [ 521.607107][T17730] ext4 filesystem being mounted at /956/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 521.630453][T17706] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4821 (17706) [ 521.662296][T17706] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 521.733537][T17706] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 521.751544][T17730] EXT4-fs warning (device loop3): ext4_empty_dir:3099: inode #12: comm syz.3.4834: directory missing '..' [ 521.854463][T17706] BTRFS info (device loop2): enabling ssd optimizations [ 521.863773][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 521.881594][T17751] loop4: detected capacity change from 0 to 4096 [ 521.884786][T17706] BTRFS info (device loop2): turning on async discard [ 521.907999][T17751] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512). [ 521.921680][T17706] BTRFS info (device loop2): enabling free space tree [ 522.001790][T17770] netlink: 'syz.1.4846': attribute type 5 has an invalid length. [ 522.047811][T17770] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.4846'. [ 522.238255][T17774] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4847'. [ 522.312628][ T5820] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 522.825367][T17790] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4855'. [ 522.897637][ T6183] usb 2-1: new high-speed USB device number 74 using dummy_hcd [ 523.087359][ T6183] usb 2-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 523.108702][ T6183] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 523.133151][ T6183] usb 2-1: Product: syz [ 523.156154][T17772] loop3: detected capacity change from 0 to 32768 [ 523.158868][ T6183] usb 2-1: Manufacturer: syz [ 523.190191][ T6183] usb 2-1: SerialNumber: syz [ 523.208968][ T6183] usb 2-1: config 0 descriptor?? [ 523.645923][ T6183] usb 2-1: f81604_write: reg: 105 data: 99 failed: -EPROTO [ 523.665025][T17815] loop5: detected capacity change from 0 to 1764 [ 523.674306][ T6183] f81604 2-1:0.0: Setting termination of CH#0 failed: -EPROTO [ 523.707289][ T6183] f81604 2-1:0.0: probe with driver f81604 failed with error -71 [ 523.755431][T17815] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 523.760175][ T6183] usb 2-1: USB disconnect, device number 74 [ 524.243687][T17841] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4880'. [ 524.543168][T17857] loop1: detected capacity change from 0 to 128 [ 524.584544][T17857] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 524.601654][T17864] loop2: detected capacity change from 0 to 8 [ 524.651929][T17857] ext4 filesystem being mounted at /1015/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 524.689573][T17864] SQUASHFS error: Failed to read block 0x738: -5 [ 524.734200][T17864] SQUASHFS error: Unable to read metadata cache entry [736] [ 524.805381][T17870] xt_hashlimit: invalid rate [ 524.823386][ T5819] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 525.319541][T17890] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4903'. [ 525.409443][T17894] loop3: detected capacity change from 0 to 64 [ 525.455065][T17894] syz.3.4905: attempt to access beyond end of device [ 525.455065][T17894] loop3: rw=0, sector=234881062, nr_sectors = 2 limit=64 [ 525.506916][T17894] Buffer I/O error on dev loop3, logical block 117440531, async page read [ 525.546331][T17894] syz.3.4905: attempt to access beyond end of device [ 525.546331][T17894] loop3: rw=0, sector=8548515840, nr_sectors = 2 limit=64 [ 525.600639][T17894] Buffer I/O error on dev loop3, logical block 4274257920, async page read [ 525.627675][T17894] syz.3.4905: attempt to access beyond end of device [ 525.627675][T17894] loop3: rw=0, sector=301989888, nr_sectors = 2 limit=64 [ 525.658275][T17894] Buffer I/O error on dev loop3, logical block 150994944, async page read [ 525.685993][T17894] syz.3.4905: attempt to access beyond end of device [ 525.685993][T17894] loop3: rw=0, sector=234881062, nr_sectors = 2 limit=64 [ 525.749737][T17894] Buffer I/O error on dev loop3, logical block 117440531, async page read [ 525.793685][ T30] audit: type=1800 audit(1780844910.108:54): pid=17894 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4905" name="file2" dev="loop3" ino=6 res=0 errno=0 [ 525.795191][T17894] Trying to free block not in datazone [ 525.857113][T17894] Trying to free block not in datazone [ 525.859394][T17874] loop4: detected capacity change from 0 to 32768 [ 525.876996][T17894] Trying to free block not in datazone [ 525.910875][T17894] Trying to free block not in datazone [ 525.947011][T17874] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 526.002930][T17874] XFS (loop4): Ending clean mount [ 526.102106][ T5821] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 526.205201][T17921] netlink: 312 bytes leftover after parsing attributes in process `syz.2.4914'. [ 526.505631][T17933] netlink: 388 bytes leftover after parsing attributes in process `syz.3.4921'. [ 526.537273][T17933] lo: entered promiscuous mode [ 526.540589][T17931] loop2: detected capacity change from 0 to 512 [ 526.544194][T17933] netlink: 54 bytes leftover after parsing attributes in process `syz.3.4921'. [ 526.575877][T17931] EXT4-fs: Ignoring removed nobh option [ 526.581867][T17933] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 526.689292][T17931] EXT4-fs error (device loop2): ext4_do_update_inode:5635: inode #3: comm syz.2.4920: corrupted inode contents [ 526.721664][T17931] EXT4-fs (loop2): Remounting filesystem read-only [ 526.739493][T17931] Quota error (device loop2): write_blk: dquota write failed [ 526.747237][T17931] Quota error (device loop2): qtree_write_dquot: Error -30 occurred while creating quota [ 526.757711][T17931] EXT4-fs (loop2): 1 truncate cleaned up [ 526.765017][T17931] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 526.778205][T17931] ext4 filesystem being mounted at /1057/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 526.791997][T17931] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 526.931504][T17951] netlink: 'syz.5.4926': attribute type 1 has an invalid length. [ 527.231357][T17960] virt_wifi0 speed is unknown, defaulting to 1000 [ 527.287084][T17960] virt_wifi0 speed is unknown, defaulting to 1000 [ 527.319655][T17960] virt_wifi0 speed is unknown, defaulting to 1000 [ 527.385042][T17960] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 527.411252][T17960] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 527.498132][T17960] virt_wifi0 speed is unknown, defaulting to 1000 [ 527.509002][T17960] virt_wifi0 speed is unknown, defaulting to 1000 [ 527.526142][T17960] virt_wifi0 speed is unknown, defaulting to 1000 [ 527.541906][T17960] virt_wifi0 speed is unknown, defaulting to 1000 [ 527.552416][T17960] virt_wifi0 speed is unknown, defaulting to 1000 [ 527.664741][T17976] bond2: option arp_interval: invalid value (18446744073709551615) [ 527.713597][T17976] bond2: option arp_interval: allowed values 0 - 2147483647 [ 527.744672][T17976] bond2 (unregistering): Released all slaves [ 528.025351][T17996] loop1: detected capacity change from 0 to 256 [ 528.337103][T18000] loop2: detected capacity change from 0 to 4096 [ 528.364318][T18000] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 528.451522][T18000] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 528.492718][T18000] ntfs3(loop2): ino=19, mi_enum_attr [ 528.575076][T18000] ntfs3(loop2): failed to convert "c46c" to cp860 [ 528.616511][T18000] ntfs3(loop2): ino=20, mi_enum_attr [ 528.662017][T18021] loop4: detected capacity change from 0 to 256 [ 528.755808][T18021] FAT-fs (loop4): Directory bread(block 64) failed [ 528.776823][T18021] FAT-fs (loop4): Directory bread(block 65) failed [ 528.783474][T18021] FAT-fs (loop4): Directory bread(block 66) failed [ 528.836842][T18021] FAT-fs (loop4): Directory bread(block 67) failed [ 528.843490][T18021] FAT-fs (loop4): Directory bread(block 68) failed [ 528.879059][T18021] FAT-fs (loop4): Directory bread(block 69) failed [ 528.902167][T18021] FAT-fs (loop4): Directory bread(block 70) failed [ 528.922075][T18021] FAT-fs (loop4): Directory bread(block 71) failed [ 528.944896][T18021] FAT-fs (loop4): Directory bread(block 72) failed [ 528.963369][T18021] FAT-fs (loop4): Directory bread(block 73) failed [ 529.037018][ T30] audit: type=1800 audit(1780844913.358:55): pid=18021 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4962" name="file1" dev="loop4" ino=1048698 res=0 errno=0 [ 529.090573][T18035] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 529.208334][T18038] new mount options do not match the existing superblock, will be ignored [ 529.279678][T18041] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4970'. [ 529.500423][T18050] loop4: detected capacity change from 0 to 256 [ 530.068393][T18070] loop4: detected capacity change from 0 to 2048 [ 530.101927][T18070] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 530.238567][ T9121] usb 4-1: new high-speed USB device number 79 using dummy_hcd [ 530.398650][ T9121] usb 4-1: config 220 has an invalid interface number: 76 but max is 2 [ 530.422205][T18086] loop1: detected capacity change from 0 to 2048 [ 530.436194][ T9121] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 530.454981][ T9121] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 530.489207][ T9121] usb 4-1: config 220 has no interface number 2 [ 530.495553][ T9121] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 530.517461][ T30] audit: type=1326 audit(1780844914.828:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18092 comm="syz.5.4996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce79b8f749 code=0x7ffc0000 [ 530.570985][T18094] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 530.574715][ T9121] usb 4-1: config 220 interface 0 has no altsetting 0 [ 530.592217][ T30] audit: type=1326 audit(1780844914.858:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18092 comm="syz.5.4996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=139 compat=0 ip=0x7fce79b8f749 code=0x7ffc0000 [ 530.643844][ T9121] usb 4-1: config 220 interface 76 has no altsetting 0 [ 530.686154][ T9121] usb 4-1: config 220 interface 1 has no altsetting 0 [ 530.706556][ T30] audit: type=1326 audit(1780844914.858:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18092 comm="syz.5.4996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce79b8f749 code=0x7ffc0000 [ 530.745573][ T9121] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 530.772775][ T9121] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 530.791305][ T30] audit: type=1326 audit(1780844914.858:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18092 comm="syz.5.4996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce79b8f749 code=0x7ffc0000 [ 530.817526][ T9121] usb 4-1: Product: syz [ 530.821728][ T9121] usb 4-1: Manufacturer: syz [ 530.854191][ T9121] usb 4-1: SerialNumber: syz [ 530.937913][ T6213] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 531.085507][ T9121] usb 4-1: selecting invalid altsetting 0 [ 531.115650][ T9121] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 531.135005][ T9121] uvcvideo 4-1:220.0: No valid video chain found. [ 531.191644][ T9121] usb 4-1: selecting invalid altsetting 0 [ 531.221375][ T9121] usbtest 4-1:220.1: probe with driver usbtest failed with error -22 [ 531.272200][ T9121] usb 4-1: USB disconnect, device number 79 [ 531.477972][T18124] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5011'. [ 531.611097][T18128] loop2: detected capacity change from 0 to 4096 [ 531.632115][T18128] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 531.723485][T18128] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 531.751829][T18128] ntfs3(loop2): ino=19, mi_enum_attr [ 531.851201][T18140] loop1: detected capacity change from 0 to 64 [ 532.008101][T18144] loop4: detected capacity change from 0 to 512 [ 532.057866][T18144] fscrypt (loop4, inode 2): Error -61 getting encryption context [ 532.084160][T18144] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -61 [ 532.102077][T18144] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #13: comm syz.4.5021: iget: bad i_size value: 12154757448730 [ 532.109056][T18151] overlayfs: empty lowerdir [ 532.237210][T18154] loop2: detected capacity change from 0 to 1024 [ 532.243497][T18144] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.5021: couldn't read orphan inode 13 (err -117) [ 532.300054][T18144] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 532.354427][T18144] fscrypt (loop4, inode 2): Error -61 getting encryption context [ 532.573801][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 533.251850][T18195] netlink: 244 bytes leftover after parsing attributes in process `syz.5.5046'. [ 533.266097][T18194] netlink: 76 bytes leftover after parsing attributes in process `syz.4.5043'. [ 533.522958][T18209] loop4: detected capacity change from 0 to 512 [ 533.594212][T18209] EXT4-fs: Ignoring removed nomblk_io_submit option [ 533.665708][T18209] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 533.771776][T18209] ext4 filesystem being mounted at /951/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 533.861473][T18209] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 533.910502][T18209] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 533.960701][T18209] EXT4-fs error (device loop4): ext4_acquire_dquot:6948: comm syz.4.5052: Failed to acquire dquot type 1 [ 534.155482][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 534.179213][T18241] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5067'. [ 534.331526][T18246] trusted_key: encrypted_key: keylen parameter is missing [ 534.351678][T18248] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 535.234611][T18250] loop1: detected capacity change from 0 to 32768 [ 535.342421][T18281] loop3: detected capacity change from 0 to 2048 [ 535.381158][T18286] loop5: detected capacity change from 0 to 164 [ 535.435987][T18287] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 535.451416][T18286] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 535.464537][T18281] NILFS error (device loop3): nilfs_check_folio: bad entry in directory #2: directory entry across blocks - offset=0, inode=2, rec_len=1040, name_len=1 [ 535.570911][T18286] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 535.576744][T18281] Remounting filesystem read-only [ 535.927385][T18299] ipt_rpfilter: unknown options [ 536.329358][T18317] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 536.706346][T18337] loop5: detected capacity change from 0 to 256 [ 536.797101][T18337] FAT-fs (loop5): Directory bread(block 64) failed [ 536.818905][T18337] FAT-fs (loop5): Directory bread(block 65) failed [ 536.825569][T18337] FAT-fs (loop5): Directory bread(block 66) failed [ 536.838815][T18337] FAT-fs (loop5): Directory bread(block 67) failed [ 536.867288][T18337] FAT-fs (loop5): Directory bread(block 68) failed [ 536.875603][T18337] FAT-fs (loop5): Directory bread(block 69) failed [ 536.908171][T18337] FAT-fs (loop5): Directory bread(block 70) failed [ 536.914742][T18337] FAT-fs (loop5): Directory bread(block 71) failed [ 536.935068][T18337] FAT-fs (loop5): Directory bread(block 72) failed [ 536.949306][T18337] FAT-fs (loop5): Directory bread(block 73) failed [ 537.052474][T18350] loop2: detected capacity change from 0 to 512 [ 537.068098][T18350] EXT4-fs: Ignoring removed orlov option [ 537.089797][T18350] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 537.144122][T18350] EXT4-fs (loop2): orphan cleanup on readonly fs [ 537.154699][T18350] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.5120: bg 0: block 248: padding at end of block bitmap is not set [ 537.180623][T18350] Quota error (device loop2): write_blk: dquota write failed [ 537.226858][T18350] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 537.274223][T18350] EXT4-fs error (device loop2): ext4_acquire_dquot:6948: comm syz.2.5120: Failed to acquire dquot type 1 [ 537.342806][T18350] EXT4-fs (loop2): 1 truncate cleaned up [ 537.384010][T18350] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 537.456171][T18350] EXT4-fs: Ignoring removed orlov option [ 537.488595][T18350] EXT4-fs: can't change dax mount option while remounting [ 537.512384][T18367] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma? [ 537.574226][ T5820] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 537.584704][T18363] loop4: detected capacity change from 0 to 4096 [ 537.605518][T18363] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 537.647644][T18363] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 4096) [ 537.728197][T18374] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 537.749781][T18363] syz.4.5125: attempt to access beyond end of device [ 537.749781][T18363] loop4: rw=0, sector=8246337208504, nr_sectors = 8 limit=4096 [ 537.821150][T18363] NILFS (loop4): I/O error reading meta-data file (ino=6, block-offset=0) [ 538.286933][ T5925] usb 2-1: new high-speed USB device number 75 using dummy_hcd [ 538.369958][T18404] loop5: detected capacity change from 0 to 8 [ 538.468994][ T5925] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 538.499839][ T5925] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 538.531189][ T5925] usb 2-1: config 0 descriptor?? [ 538.701767][T18417] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5150'. [ 538.727762][T18416] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5152'. [ 538.964515][T18431] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 538.987626][ T5925] ath6kl: Failed to read usb control message: -71 [ 538.994131][ T5925] ath6kl: Unable to read the bmi data from the device: -71 [ 539.034126][ T5925] ath6kl: Unable to recv target info: -71 [ 539.055276][ T5925] ath6kl: Failed to init ath6kl core: -71 [ 539.067975][ T5925] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 539.130631][ T5925] usb 2-1: USB disconnect, device number 75 [ 539.345335][T18447] netlink: 'syz.2.5167': attribute type 13 has an invalid length. [ 539.506778][ T5925] usb 5-1: new high-speed USB device number 47 using dummy_hcd [ 539.583261][T18455] loop3: detected capacity change from 0 to 128 [ 539.603189][T18455] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 539.656899][ T5925] usb 5-1: Using ep0 maxpacket: 16 [ 539.694266][ T5925] usb 5-1: config 0 has an invalid interface number: 214 but max is 0 [ 539.705027][T18455] ext4 filesystem being mounted at /1027/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 539.727876][ T5925] usb 5-1: config 0 has no interface number 0 [ 539.734023][ T5925] usb 5-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 539.767275][ T5826] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 539.780623][ T5925] usb 5-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 539.797456][ T5925] usb 5-1: New USB device strings: Mfr=1, Product=0, SerialNumber=3 [ 539.805517][ T5925] usb 5-1: Manufacturer: syz [ 539.815490][ T5925] usb 5-1: SerialNumber: syz [ 539.835367][ T5925] usb 5-1: config 0 descriptor?? [ 540.071525][ T5925] usbtouchscreen 5-1:0.214: Failed to read FW rev: -71 [ 540.100160][ T5925] usbtouchscreen 5-1:0.214: probe with driver usbtouchscreen failed with error -71 [ 540.138701][ T5925] usb 5-1: USB disconnect, device number 47 [ 540.226090][T18473] bond2: down delay (262144) is not a multiple of miimon (5), value rounded to 262140 ms [ 540.262910][T18479] loop5: detected capacity change from 0 to 512 [ 540.293627][T18479] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 540.406250][T18479] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 540.452280][T18479] ext4 filesystem being mounted at /514/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 540.488268][T18486] loop1: detected capacity change from 0 to 4096 [ 540.506408][T18486] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 540.518605][T18486] ntfs3(loop1): ino=3, mi_enum_attr [ 540.639760][T18489] loop2: detected capacity change from 0 to 4096 [ 540.648034][T12236] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 540.692215][T18489] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 541.157989][T18509] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5193'. [ 541.264693][T18509] bond4: option fail_over_mac: invalid value (234) [ 541.284405][T18511] loop2: detected capacity change from 0 to 4096 [ 541.297872][T18518] deleting an unspecified loop device is not supported. [ 541.299192][T18509] bond4 (unregistering): Released all slaves [ 541.854621][T18541] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048) [ 541.881407][T18533] nvme_fabrics: missing parameter 'transport=%s' [ 541.906352][T18533] nvme_fabrics: missing parameter 'nqn=%s' [ 542.074771][T18550] netlink: 'syz.3.5211': attribute type 2 has an invalid length. [ 542.089815][T18551] loop4: detected capacity change from 0 to 64 [ 542.392666][T18564] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5218'. [ 542.736097][T18576] bond0: (slave bond_slave_1): Releasing backup interface [ 543.186898][T18603] netlink: 'syz.2.5237': attribute type 4 has an invalid length. [ 543.232459][T18603] netlink: 152 bytes leftover after parsing attributes in process `syz.2.5237'. [ 543.303024][T18603] .`: renamed from bond0 (while UP) [ 543.503196][T18617] xt_ipcomp: unknown flags 1D [ 543.514267][T18619] loop4: detected capacity change from 0 to 512 [ 543.604291][T18619] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 543.711264][T18631] loop2: detected capacity change from 0 to 16 [ 543.732455][T18631] erofs (device loop2): mounted with root inode @ nid 36. [ 543.894543][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 544.119422][T18647] loop1: detected capacity change from 0 to 64 [ 544.343174][T18656] netlink: 276 bytes leftover after parsing attributes in process `syz.5.5261'. [ 544.433993][T18660] loop2: detected capacity change from 0 to 8 [ 544.451736][T18662] netlink: 'syz.4.5264': attribute type 8 has an invalid length. [ 544.508280][T18660] SQUASHFS error: lzo decompression failed, data probably corrupt [ 544.526787][T18660] SQUASHFS error: Failed to read block 0x0: -5 [ 544.533137][T18660] SQUASHFS error: lzo decompression failed, data probably corrupt [ 544.546937][T18660] SQUASHFS error: Failed to read block 0x0: -5 [ 544.584130][ T30] audit: type=1800 audit(1780844928.898:60): pid=18660 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.5263" name="file2" dev="loop2" ino=3 res=0 errno=0 [ 544.690787][T18671] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5269'. [ 544.805297][T18677] loop4: detected capacity change from 0 to 512 [ 544.868493][T18677] EXT4-fs (loop4): orphan cleanup on readonly fs [ 544.885159][T18677] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -13 [ 544.917068][T18677] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 545.017478][T18677] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.5271: attempt to clear invalid blocks 2 len 1 [ 545.041884][T18684] loop5: detected capacity change from 0 to 1024 [ 545.084557][T18677] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.5271: invalid indirect mapped block 1819239214 (level 0) [ 545.136056][T18677] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.5271: invalid indirect mapped block 1819239214 (level 1) [ 545.146814][T18691] syz.3.5278 uses old SIOCAX25GETINFO [ 545.159475][T18677] EXT4-fs (loop4): 1 truncate cleaned up [ 545.219430][T18677] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 545.233538][ T60] hfsplus: b-tree write err: -5, ino 4 [ 545.302083][T18677] EXT4-fs error (device loop4): ext4_lookup:1784: inode #2: comm syz.4.5271: 'file1' linked to parent dir [ 545.468717][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 545.866787][ T30] audit: type=1326 audit(1780844930.158:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18720 comm="syz.1.5293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09c278f749 code=0x7ffc0000 [ 545.956773][ T30] audit: type=1326 audit(1780844930.178:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18720 comm="syz.1.5293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09c278f749 code=0x7ffc0000 [ 546.056752][ T30] audit: type=1326 audit(1780844930.178:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18720 comm="syz.1.5293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f09c278f749 code=0x7ffc0000 [ 546.138991][ T30] audit: type=1326 audit(1780844962.192:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18720 comm="syz.1.5293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09c278f749 code=0x7ffc0000 [ 546.221564][ T30] audit: type=1326 audit(1780844962.192:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18720 comm="syz.1.5293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09c278f749 code=0x7ffc0000 [ 546.458434][T18741] xt_CT: No such helper "snmp_trap" [ 546.676688][ C0] Adjusting tsc more than 11% (8578635 vs 8464252) [ 546.758377][T18766] netlink: 'syz.4.5315': attribute type 2 has an invalid length. [ 546.787771][T18766] 9: entered promiscuous mode [ 546.811033][ T6183] usb 2-1: new high-speed USB device number 76 using dummy_hcd [ 546.875047][T18770] wlan1 speed is unknown, defaulting to 1000 [ 546.903754][T18770] wlan1 speed is unknown, defaulting to 1000 [ 546.922910][T18772] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5318'. [ 546.927317][T18770] wlan1 speed is unknown, defaulting to 1000 [ 546.942232][T18772] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5318'. [ 546.975576][T18772] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5318'. [ 546.989516][ T6183] usb 2-1: Using ep0 maxpacket: 32 [ 547.002361][ T6183] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 547.021555][T18770] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 547.029243][ T30] audit: type=1326 audit(1780844963.374:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18773 comm="syz.4.5319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1dd8f749 code=0x7ffc0000 [ 547.058263][ T6183] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 547.092246][ T30] audit: type=1326 audit(1780844963.396:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18773 comm="syz.4.5319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f4d1dd8f749 code=0x7ffc0000 [ 547.092523][ T6183] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 547.125525][ T30] audit: type=1326 audit(1780844963.396:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18773 comm="syz.4.5319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1dd8f749 code=0x7ffc0000 [ 547.189922][ T30] audit: type=1326 audit(1780844963.396:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18773 comm="syz.4.5319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1dd8f749 code=0x7ffc0000 [ 547.216202][T18770] wlan1 speed is unknown, defaulting to 1000 [ 547.227392][ T6183] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 547.242734][ T6183] usb 2-1: Product: syz [ 547.248134][ T6183] usb 2-1: Manufacturer: syz [ 547.258137][T18770] wlan1 speed is unknown, defaulting to 1000 [ 547.274463][ T6183] hub 2-1:4.0: USB hub found [ 547.309672][T18770] wlan1 speed is unknown, defaulting to 1000 [ 547.337513][T18770] wlan1 speed is unknown, defaulting to 1000 [ 547.349386][T18770] wlan1 speed is unknown, defaulting to 1000 [ 547.366278][T18784] netlink: 'syz.3.5324': attribute type 1 has an invalid length. [ 547.382392][T18784] netlink: 16949 bytes leftover after parsing attributes in process `syz.3.5324'. [ 547.458627][ T6183] hub 2-1:4.0: config failed, hub doesn't have any ports! (err -19) [ 547.749160][ T6183] usb 2-1: USB disconnect, device number 76 [ 547.782384][T18800] loop2: detected capacity change from 0 to 512 [ 547.850915][T18800] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 547.998410][T18810] loop4: detected capacity change from 0 to 256 [ 548.014561][T18810] exfat: Deprecated parameter 'utf8' [ 548.062532][T18810] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 548.123872][T18816] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5340'. [ 548.175373][T18816] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5340'. [ 548.250624][T18816] ip6gretap1: entered allmulticast mode [ 548.863436][T18848] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5355'. [ 549.256012][T18866] netlink: 'syz.1.5364': attribute type 32 has an invalid length. [ 549.632574][ T5951] usb 3-1: new high-speed USB device number 83 using dummy_hcd [ 549.784883][ T5951] usb 3-1: Using ep0 maxpacket: 32 [ 549.810796][ T5951] usb 3-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 549.834962][ T5951] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 549.894241][ T5951] usb 3-1: config 0 descriptor?? [ 549.931862][ T5951] gspca_main: sunplus-2.14.0 probing 041e:400b [ 550.323109][ T5951] gspca_sunplus: reg_w_riv err -71 [ 550.341173][T18912] loop3: detected capacity change from 0 to 512 [ 550.342548][ T5951] sunplus 3-1:0.0: probe with driver sunplus failed with error -71 [ 550.370850][T18912] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 550.385348][ T5951] usb 3-1: USB disconnect, device number 83 [ 550.475749][T18912] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #17: comm syz.3.5386: inode has both inline data and extents flags [ 550.509224][T18912] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.5386: couldn't read orphan inode 17 (err -117) [ 550.540846][T18888] loop4: detected capacity change from 0 to 40427 [ 550.569146][T18888] F2FS-fs (loop4): build fault injection rate: 174 [ 550.576178][T18888] F2FS-fs (loop4): build fault injection type: 0x3bfe8c [ 550.585419][T18912] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 550.591130][T18888] F2FS-fs (loop4): invalid crc value [ 550.632787][T18919] loop1: detected capacity change from 0 to 164 [ 550.680435][T18919] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 550.697210][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 550.879887][ T30] kauditd_printk_skb: 10 callbacks suppressed [ 550.879906][ T30] audit: type=1326 audit(1780844967.525:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18926 comm="syz.5.5392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce79b8f749 code=0x7ffc0000 [ 550.947048][T18888] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 550.986261][ T30] audit: type=1326 audit(1780844967.588:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18926 comm="syz.5.5392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7fce79b8f749 code=0x7ffc0000 [ 551.024567][T18888] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 551.075797][ T30] audit: type=1326 audit(1780844967.588:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18926 comm="syz.5.5392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce79b8f749 code=0x7ffc0000 [ 551.140123][T18932] loop2: detected capacity change from 0 to 1024 [ 551.187103][T18932] hfsplus: failed to load root directory [ 551.194982][ T30] audit: type=1326 audit(1780844967.588:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18926 comm="syz.5.5392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce79b8f749 code=0x7ffc0000 [ 551.249566][T18934] bond1: entered promiscuous mode [ 551.254794][T18934] bond1: entered allmulticast mode [ 551.260487][T18934] 8021q: adding VLAN 0 to HW filter on device bond1 [ 551.538872][T18950] ieee802154 phy0 wpan0: encryption failed: -90 [ 551.770343][T18959] loop5: detected capacity change from 0 to 256 [ 551.887200][T18959] FAT-fs (loop5): Directory bread(block 64) failed [ 551.945853][T18959] FAT-fs (loop5): Directory bread(block 65) failed [ 551.969193][T18959] FAT-fs (loop5): Directory bread(block 66) failed [ 552.015375][T18959] FAT-fs (loop5): Directory bread(block 67) failed [ 552.022035][T18959] FAT-fs (loop5): Directory bread(block 68) failed [ 552.083456][T18959] FAT-fs (loop5): Directory bread(block 69) failed [ 552.100014][T18959] FAT-fs (loop5): Directory bread(block 70) failed [ 552.114709][T18959] FAT-fs (loop5): Directory bread(block 71) failed [ 552.121900][T18959] FAT-fs (loop5): Directory bread(block 72) failed [ 552.134903][T18959] FAT-fs (loop5): Directory bread(block 73) failed [ 552.182171][T18959] syz.5.5408: attempt to access beyond end of device [ 552.182171][T18959] loop5: rw=524288, sector=1160, nr_sectors = 4 limit=256 [ 552.247496][T18959] syz.5.5408: attempt to access beyond end of device [ 552.247496][T18959] loop5: rw=0, sector=1160, nr_sectors = 4 limit=256 [ 552.311996][ T30] audit: type=1800 audit(1780844969.013:84): pid=18959 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.5408" name="file0" dev="loop5" ino=1048702 res=0 errno=0 [ 552.571749][T18989] netlink: 'syz.5.5420': attribute type 9 has an invalid length. [ 552.579897][T18989] netlink: 'syz.5.5420': attribute type 7 has an invalid length. [ 552.649133][T18989] netlink: 'syz.5.5420': attribute type 8 has an invalid length. [ 552.737049][T18992] 8021q: adding VLAN 0 to HW filter on device bond4 [ 552.831413][T18999] netlink: 6 bytes leftover after parsing attributes in process `syz.3.5426'. [ 553.011148][T19007] netlink: 56 bytes leftover after parsing attributes in process `syz.5.5429'. [ 553.278446][T19017] openvswitch: netlink: ct_state flags 010000e0 unsupported [ 553.593533][T19033] netlink: 'syz.2.5441': attribute type 13 has an invalid length. [ 553.636370][T19033] netlink: 'syz.2.5441': attribute type 17 has an invalid length. [ 553.784650][T19033] 8021q: adding VLAN 0 to HW filter on device .` [ 553.794546][T19033] 8021q: adding VLAN 0 to HW filter on device team0 [ 553.807748][T19033] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 553.825360][T19037] @’: renamed from veth0_vlan (while UP) [ 554.049658][T19053] loop5: detected capacity change from 0 to 512 [ 554.101417][T19053] EXT4-fs error (device loop5): ext4_iget_extra_inode:5079: inode #15: comm syz.5.5452: corrupted in-inode xattr: invalid ea_ino [ 554.165925][T19053] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.5452: couldn't read orphan inode 15 (err -117) [ 554.217642][T19053] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 554.428051][T12236] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 554.454208][ T30] audit: type=1326 audit(1780844971.183:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19068 comm="syz.1.5459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09c278f749 code=0x7ffc0000 [ 554.569869][ T30] audit: type=1326 audit(1780844971.223:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19068 comm="syz.1.5459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f09c278f749 code=0x7ffc0000 [ 554.663064][T19079] netlink: 'syz.2.5463': attribute type 1 has an invalid length. [ 554.693091][ T30] audit: type=1326 audit(1780844971.223:87): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=19068 comm="syz.1.5459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09c278f749 code=0x7ffc0000 [ 554.740153][ T30] audit: type=1326 audit(1780844971.223:88): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=19068 comm="syz.1.5459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09c278f749 code=0x7ffc0000 [ 555.139514][T19092] loop2: detected capacity change from 0 to 1024 [ 555.323033][T19096] loop5: detected capacity change from 0 to 4096 [ 555.430131][T19096] ntfs3(loop5): Failed to initialize $Extend/$ObjId. [ 555.452495][T19102] loop4: detected capacity change from 0 to 2048 [ 555.510212][T19103] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 555.529268][T19102] syz.4.5475: attempt to access beyond end of device [ 555.529268][T19102] loop4: rw=0, sector=281474976710722, nr_sectors = 2 limit=2048 [ 555.578455][T19102] NILFS (loop4): I/O error reading b-tree node block (ino=16, blocknr=15) [ 555.617861][ T6183] usb 4-1: new high-speed USB device number 80 using dummy_hcd [ 555.625622][T19102] NILFS (loop4): error -5 truncating bmap (ino=16) [ 555.781337][ T6183] usb 4-1: Using ep0 maxpacket: 32 [ 555.818585][ T6183] usb 4-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 555.845148][ T6183] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 555.878366][ T6183] usb 4-1: Product: syz [ 555.893971][ T6183] usb 4-1: Manufacturer: syz [ 555.900514][ T6183] usb 4-1: SerialNumber: syz [ 555.916384][ T6183] usb 4-1: config 0 descriptor?? [ 556.124267][ T40] usb 2-1: new high-speed USB device number 77 using dummy_hcd [ 556.286474][ T40] usb 2-1: Using ep0 maxpacket: 32 [ 556.295142][ T40] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 556.318181][ T40] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 556.332764][ T40] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 556.351285][ T6183] airspy 4-1:0.0: usb_control_msg() failed -71 request 0a [ 556.361261][ T40] usb 2-1: Product: syz [ 556.365452][ T40] usb 2-1: Manufacturer: syz [ 556.380563][ T40] usb 2-1: SerialNumber: syz [ 556.388078][ T6183] airspy 4-1:0.0: Could not detect board [ 556.402175][ T40] usb 2-1: config 0 descriptor?? [ 556.404088][ T6183] airspy 4-1:0.0: probe with driver airspy failed with error -71 [ 556.439393][ T40] usb 2-1: bad CDC descriptors [ 556.448687][ T40] usb 2-1: unsupported MDLM descriptors [ 556.452508][ T6183] usb 4-1: USB disconnect, device number 80 [ 556.668218][ T40] usb 2-1: USB disconnect, device number 77 [ 556.769230][T19148] netlink: 7064 bytes leftover after parsing attributes in process `syz.4.5495'. [ 556.783357][T19148] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 557.204301][T19168] netlink: 48 bytes leftover after parsing attributes in process `syz.5.5506'. [ 557.810407][T19189] tmpfs: Bad value for 'mpol' [ 557.962341][T19195] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5519'. [ 558.056303][T19171] loop3: detected capacity change from 0 to 32768 [ 558.060480][T19198] xfrm0: entered allmulticast mode [ 558.138237][T19171] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 558.156017][T19176] loop5: detected capacity change from 0 to 32768 [ 558.179906][T19176] JFS: metapage_get_blocks failed [ 558.186647][T19176] ERROR: (device loop5): release_metapage: metapage_write_one() failed [ 558.186647][T19176] [ 558.205024][T19176] ERROR: (device loop5): remounting filesystem as read-only [ 558.265048][ T114] blkno = 8ed2c, nblocks = 1 [ 558.269686][ T114] ERROR: (device loop5): dbUpdatePMap: blocks are outside the map [ 558.269686][ T114] [ 558.316140][T19171] XFS (loop3): Ending clean mount [ 558.327821][T19213] netlink: 132 bytes leftover after parsing attributes in process `syz.4.5522'. [ 558.387435][T19171] XFS (loop3): Quotacheck needed: Please wait. [ 558.522431][T19171] XFS (loop3): Quotacheck: Done. [ 558.601714][ T30] audit: type=1326 audit(1780844975.256:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19218 comm="syz.2.5527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x7ffc0000 [ 558.690342][ T30] audit: type=1326 audit(1780844975.266:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19218 comm="syz.2.5527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7fbb78d8f749 code=0x7ffc0000 [ 558.727562][T19223] loop4: detected capacity change from 0 to 16 [ 558.764328][T19223] erofs (device loop4): mounted with root inode @ nid 36. [ 558.786526][ T5826] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 558.811578][ T30] audit: type=1326 audit(1780844975.266:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19218 comm="syz.2.5527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x7ffc0000 [ 558.840023][T19223] erofs (device loop4): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 558.902584][ T30] audit: type=1326 audit(1780844975.266:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19218 comm="syz.2.5527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x7ffc0000 [ 558.932019][T19223] erofs (device loop4): failed to decompress -25 in[55, 4041] out[1851] [ 558.942455][T19223] erofs (device loop4): read error -117 @ 43 of nid 36 [ 559.641740][T19258] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5543'. [ 559.858325][T19268] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.5548'. [ 559.925218][T19268] ksmbd: Daemon and kernel module version mismatch. ksmbd: 36, kernel module: 1. User-space ksmbd should terminate. [ 559.974267][T19274] xt_recent: hitcount (4294901760) is larger than allowed maximum (65535) [ 560.109056][T19279] xt_CHECKSUM: unsupported CHECKSUM operation 68 [ 560.126066][T19280] loop5: detected capacity change from 0 to 1024 [ 560.430553][T19294] netlink: 'syz.2.5561': attribute type 21 has an invalid length. [ 560.647539][ T30] audit: type=1326 audit(1780844977.423:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19303 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x50000 [ 560.719415][T19306] 9pnet_fd: p9_fd_create_tcp (19306): problem binding to privport [ 560.727460][ T30] audit: type=1326 audit(1780844977.423:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19303 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x50000 [ 560.789583][ T30] audit: type=1326 audit(1780844977.423:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19303 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x50000 [ 560.856271][ T30] audit: type=1326 audit(1780844977.423:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19303 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x50000 [ 560.933421][ T30] audit: type=1326 audit(1780844977.423:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19303 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x50000 [ 561.022294][ T30] audit: type=1326 audit(1780844977.423:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19303 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x50000 [ 561.118947][T19323] netlink: 'syz.1.5575': attribute type 1 has an invalid length. [ 561.130892][T19323] netlink: 'syz.1.5575': attribute type 1 has an invalid length. [ 561.398031][T19334] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5581'. [ 561.431319][T19334] netlink: 312 bytes leftover after parsing attributes in process `syz.4.5581'. [ 561.470544][T19334] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5581'. [ 561.534425][T19340] loop5: detected capacity change from 0 to 256 [ 561.592372][T19340] FAT-fs (loop5): Directory bread(block 64) failed [ 561.627892][T19340] FAT-fs (loop5): Directory bread(block 65) failed [ 561.634539][T19340] FAT-fs (loop5): Directory bread(block 66) failed [ 561.677662][T19340] FAT-fs (loop5): Directory bread(block 67) failed [ 561.704835][T19340] FAT-fs (loop5): Directory bread(block 68) failed [ 561.711401][T19340] FAT-fs (loop5): Directory bread(block 69) failed [ 561.754601][T19340] FAT-fs (loop5): Directory bread(block 70) failed [ 561.774561][T19340] FAT-fs (loop5): Directory bread(block 71) failed [ 561.782088][T19340] FAT-fs (loop5): Directory bread(block 72) failed [ 561.818621][T19340] FAT-fs (loop5): Directory bread(block 73) failed [ 561.833106][T19348] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5587'. [ 562.006456][T19354] netlink: 'syz.1.5590': attribute type 23 has an invalid length. [ 562.057002][T19358] loop3: detected capacity change from 0 to 128 [ 562.068688][T19358] hpfs: [ 562.068688][T19358] HPFS filesystem options: [ 562.068688][T19358] help do not mount and display this text [ 562.068688][T19358] uid=xxx set uid of files that don't have uid specified in eas [ 562.068688][T19358] gid=xxx set gid of files that don't have gid specified in eas [ 562.068688][T19358] umask=xxx set mode of files that don't have mode specified in eas [ 562.068688][T19358] case=lower lowercase all files [ 562.068688][T19358] case=asis do not lowercase files (default) [ 562.068688][T19358] check=none no fs checks - kernel may crash on corrupted filesystem [ 562.068688][T19358] check=normal do some checks - it should not crash (default) [ 562.068688][T19358] check=strict do extra time-consuming checks, used for debugging [ 562.068688][T19358] errors=continue continue on errors [ 562.068688][T19358] errors=remount-ro remount read-only if errors found (default) [ 562.068688][T19358] errors=panic panic on errors [ 562.068688][T19358] chkdsk=no do not mark fs for chkdsking even if there were errors [ 562.068688][T19358] chkdsk=errors mark fs dirty if errors found (default) [ 562.068688][T19358] chkdsk=always always mark fs dirty - used for debugging [ 562.068688][T19358] e [ 562.120042][T19358] loop3: detected capacity change from 0 to 1024 [ 562.439638][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.451567][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.243922][T19388] loop1: detected capacity change from 0 to 4096 [ 563.270206][T19388] ntfs3(loop1): Unsupported bytes per MFT record 8192. [ 563.287899][T19388] ntfs3(loop1): try to read out of volume at offset 0x1ffe00 [ 563.339120][T19388] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 563.387513][T19388] VFS: Can't find a romfs filesystem on dev loop1. [ 563.387513][T19388] [ 563.592175][ T30] kauditd_printk_skb: 2255 callbacks suppressed [ 563.592193][ T30] audit: type=1326 audit(1780844980.367:2354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19303 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x50000 [ 563.622743][T19408] loop1: detected capacity change from 0 to 8 [ 563.699673][ T30] audit: type=1326 audit(1780844980.397:2355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19303 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x50000 [ 563.760827][ T30] audit: type=1326 audit(1780844980.397:2356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19303 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x50000 [ 563.787563][ T30] audit: type=1326 audit(1780844980.397:2357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19303 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x50000 [ 563.821903][ T30] audit: type=1326 audit(1780844980.397:2358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19303 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x50000 [ 563.872363][ T30] audit: type=1326 audit(1780844980.397:2359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19303 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x50000 [ 563.945540][T19416] loop2: detected capacity change from 0 to 256 [ 563.961754][ T30] audit: type=1326 audit(1780844980.397:2360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19303 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x50000 [ 564.043959][ T30] audit: type=1326 audit(1780844980.397:2361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19303 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x50000 [ 564.084784][T19422] bridge4: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms) [ 564.126244][ T30] audit: type=1326 audit(1780844980.397:2362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19303 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x50000 [ 564.211465][ T30] audit: type=1326 audit(1780844980.397:2363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19303 comm="syz.2.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x50000 [ 564.291825][T19429] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 564.823138][T19450] netlink: 'syz.1.5638': attribute type 13 has an invalid length. [ 564.856593][T19450] netlink: 'syz.1.5638': attribute type 17 has an invalid length. [ 564.873008][T19413] loop4: detected capacity change from 0 to 32768 [ 564.924409][T19413] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 565.013307][T19450] sit0: left promiscuous mode [ 565.076290][T19413] XFS (loop4): Ending clean mount [ 565.202787][ T5821] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 565.351269][T19450] 8021q: adding VLAN 0 to HW filter on device team0 [ 565.416226][T19450] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 565.569285][T19476] kAFS: unable to lookup cell 'mS²jĖ”8' [ 566.128122][T19506] xt_CONNSECMARK: invalid mode: 66 [ 566.272333][T19512] AppArmor: change_hat: Invalid input '0' [ 566.288199][T19514] loop5: detected capacity change from 0 to 128 [ 566.400228][T19514] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 566.430649][T19514] hpfs: filesystem error: improperly stopped [ 566.437252][T19514] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 566.480201][T19514] hpfs: You really don't want any checks? You are crazy... [ 566.498007][T19514] hpfs: hpfs_map_sector(): read error [ 566.524447][T19514] hpfs: code page support is disabled [ 566.553731][T19514] hpfs: hpfs_map_4sectors(): unaligned read [ 566.559752][T19514] hpfs: hpfs_map_4sectors(): unaligned read [ 566.607966][T19514] hpfs: filesystem error: unable to find root dir [ 567.048191][T19548] netlink: 'syz.5.5680': attribute type 4 has an invalid length. [ 567.139254][T19552] netlink: 48 bytes leftover after parsing attributes in process `syz.4.5682'. [ 567.168665][T19553] bridge6: entered promiscuous mode [ 567.252098][T19553] bridge6: entered allmulticast mode [ 567.264412][T19558] loop5: detected capacity change from 0 to 128 [ 567.271684][T19559] loop3: detected capacity change from 0 to 16 [ 567.297894][T19559] erofs (device loop3): mounted with root inode @ nid 36. [ 567.319143][T19559] erofs (device loop3): readahead error at folio 2 @ nid 89 [ 567.335770][ T5835] erofs (device loop3): failed to decompress 7514 in[4096, 0] out[8192] [ 567.380984][T19559] erofs (device loop3): failed to decompress 7514 in[4096, 0] out[8192] [ 567.468618][T19559] erofs (device loop3): read error -117 @ 1 of nid 89 [ 567.489498][T19559] syz.3.5686 (19559) used greatest stack depth: 17672 bytes left [ 567.614071][T19569] loop4: detected capacity change from 0 to 16 [ 567.670337][T19569] erofs (device loop4): mounted with root inode @ nid 36. [ 568.069478][T19581] loop2: detected capacity change from 0 to 4096 [ 568.106693][T19581] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 568.174452][T19581] ntfs3(loop2): ino=19, mi_enum_attr [ 568.198330][T19581] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 568.211624][T19589] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5701'. [ 568.501775][T19598] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5704'. [ 569.029030][T19617] loop4: detected capacity change from 0 to 512 [ 569.047447][T19622] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5718'. [ 569.086033][T19622] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5718'. [ 569.131574][T19617] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c018, mo2=0102] [ 569.131680][T19617] System zones: 0-2, 18-18, 34-35 [ 569.150979][T19617] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 569.151097][T19617] ext4 filesystem being mounted at /1071/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 569.214262][T19617] EXT4-fs error (device loop4): __ext4_remount:6751: comm syz.4.5715: Abort forced by user [ 569.249488][T19617] EXT4-fs (loop4): Remounting filesystem read-only [ 569.259373][T19617] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 569.264262][T19591] loop1: detected capacity change from 0 to 32768 [ 569.330796][T19591] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 569.485699][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 569.523806][T19591] XFS (loop1): Ending clean mount [ 569.680827][ T5819] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 570.544125][T19690] loop1: detected capacity change from 0 to 256 [ 570.576001][ T5835] Bluetooth: hci0: unexpected event for opcode 0x0c7c [ 570.583602][T19690] FAT-fs (loop1): Directory bread(block 64) failed [ 570.627465][T19690] FAT-fs (loop1): Directory bread(block 65) failed [ 570.689573][T19690] FAT-fs (loop1): Directory bread(block 66) failed [ 570.716478][T19690] FAT-fs (loop1): Directory bread(block 67) failed [ 570.743192][T19690] FAT-fs (loop1): Directory bread(block 68) failed [ 570.791369][T19690] FAT-fs (loop1): Directory bread(block 69) failed [ 570.798034][T19690] FAT-fs (loop1): Directory bread(block 70) failed [ 570.849152][T19690] FAT-fs (loop1): Directory bread(block 71) failed [ 570.849274][T19690] FAT-fs (loop1): Directory bread(block 72) failed [ 570.849298][T19690] FAT-fs (loop1): Directory bread(block 73) failed [ 571.039425][T19707] loop4: detected capacity change from 0 to 1024 [ 571.046454][T19708] xt_TPROXY: Can be used only with -p tcp or -p udp [ 571.066260][T19707] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 571.134530][T19707] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 571.288750][ T30] kauditd_printk_skb: 55 callbacks suppressed [ 571.288769][ T30] audit: type=1800 audit(1780844988.070:2419): pid=19707 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5755" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 571.372795][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 571.620629][T19735] netlink: zone id is out of range [ 571.645163][T19735] netlink: zone id is out of range [ 571.651174][T19735] netlink: zone id is out of range [ 571.661075][T19735] netlink: zone id is out of range [ 571.666365][T19735] netlink: zone id is out of range [ 571.672307][T19735] netlink: zone id is out of range [ 571.677563][T19735] netlink: zone id is out of range [ 571.684159][T19735] netlink: zone id is out of range [ 571.689589][T19735] netlink: zone id is out of range [ 571.694826][T19735] netlink: zone id is out of range [ 571.719422][ T24] usb 4-1: new high-speed USB device number 81 using dummy_hcd [ 571.778425][T19741] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5770'. [ 571.790110][ T5878] usb 5-1: new high-speed USB device number 48 using dummy_hcd [ 571.799521][T19741] netlink: 48 bytes leftover after parsing attributes in process `syz.1.5770'. [ 571.809385][ T5951] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 571.849276][T19741] bond2: option all_slaves_active: invalid value (55) [ 571.859202][T19741] bond2 (unregistering): Released all slaves [ 571.923104][ T24] usb 4-1: Using ep0 maxpacket: 32 [ 571.935233][ T24] usb 4-1: config 0 has an invalid interface number: 35 but max is 0 [ 571.947271][ T24] usb 4-1: config 0 has no interface number 0 [ 571.959002][ T5951] usb 6-1: Using ep0 maxpacket: 16 [ 571.959079][ T5878] usb 5-1: Using ep0 maxpacket: 8 [ 571.971101][ T5951] usb 6-1: config 0 has an invalid interface number: 251 but max is 0 [ 571.980163][ T5878] usb 5-1: config 0 has an invalid descriptor of length 16, skipping remainder of the config [ 571.997071][ T5951] usb 6-1: config 0 has no interface number 0 [ 572.000303][ T5878] usb 5-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5 [ 572.016403][ T5951] usb 6-1: config 0 interface 251 altsetting 255 bulk endpoint 0x4 has invalid maxpacket 16 [ 572.017675][ T5878] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 572.059596][ T24] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 572.068728][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 572.070960][ T5951] usb 6-1: config 0 interface 251 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 64 [ 572.077281][ T24] usb 4-1: Product: syz [ 572.092134][ T24] usb 4-1: Manufacturer: syz [ 572.097543][ T24] usb 4-1: SerialNumber: syz [ 572.103345][ T5878] usb 5-1: config 0 descriptor?? [ 572.112862][ T24] usb 4-1: config 0 descriptor?? [ 572.121340][ T5878] uvcvideo 5-1:0.0: Found UVC 0.00 device (2833:0201) [ 572.132383][ T5878] uvcvideo 5-1:0.0: No valid video chain found. [ 572.144555][ T5951] usb 6-1: config 0 interface 251 has no altsetting 0 [ 572.161982][ T5951] usb 6-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 572.180024][ T5951] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 572.220070][ T5951] usb 6-1: Product: syz [ 572.224767][ T5951] usb 6-1: Manufacturer: syz [ 572.231652][ T5951] usb 6-1: SerialNumber: syz [ 572.246424][ T5951] usb 6-1: config 0 descriptor?? [ 572.260845][T19733] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22 [ 572.268413][T19733] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22 [ 572.324265][ T24] radio-si470x 4-1:0.35: this is not a si470x device. [ 572.410600][ T5878] usb 5-1: USB disconnect, device number 48 [ 572.503631][T19733] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22 [ 572.533823][ T24] radio-raremono 4-1:0.35: this is not Thanko's Raremono. [ 572.541489][T19733] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22 [ 572.580691][ T24] usb 4-1: USB disconnect, device number 81 [ 572.743224][ T5951] asix 6-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 572.773002][ T5951] asix 6-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -71 [ 572.803805][ T5951] asix 6-1:0.251: probe with driver asix failed with error -5 [ 572.829207][ T5951] usb 6-1: USB disconnect, device number 9 [ 573.089089][T19772] netlink: 'syz.2.5785': attribute type 1 has an invalid length. [ 573.474697][T19790] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5794'. [ 573.656184][T19796] netlink: 'syz.4.5797': attribute type 1 has an invalid length. [ 573.713909][T19796] netlink: 228 bytes leftover after parsing attributes in process `syz.4.5797'. [ 573.735530][T19802] loop3: detected capacity change from 0 to 1024 [ 573.746246][T19804] x_tables: unsorted underflow at hook 3 [ 573.836617][T19806] loop5: detected capacity change from 0 to 128 [ 573.921373][T19806] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 573.957298][T19811] loop4: detected capacity change from 0 to 256 [ 574.017740][T19806] ext4 filesystem being mounted at /653/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 574.044481][T19811] FAT-fs (loop4): Directory bread(block 64) failed [ 574.095701][T19811] FAT-fs (loop4): Directory bread(block 65) failed [ 574.106984][T19806] EXT4-fs warning (device loop5): verify_group_input:137: Cannot add at group 7 (only 1 groups) [ 574.115776][T19816] netlink: 64 bytes leftover after parsing attributes in process `syz.3.5806'. [ 574.138980][T19811] FAT-fs (loop4): Directory bread(block 66) failed [ 574.149609][T19816] netlink: 64 bytes leftover after parsing attributes in process `syz.3.5806'. [ 574.160948][T19811] FAT-fs (loop4): Directory bread(block 67) failed [ 574.176547][T19811] FAT-fs (loop4): Directory bread(block 68) failed [ 574.199538][T19811] FAT-fs (loop4): Directory bread(block 69) failed [ 574.250910][T19811] FAT-fs (loop4): Directory bread(block 70) failed [ 574.268507][T19811] FAT-fs (loop4): Directory bread(block 71) failed [ 574.294258][T12236] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 574.302577][T19811] FAT-fs (loop4): Directory bread(block 72) failed [ 574.346907][T19818] bond2: option packets_per_slave: mode dependency failed, not supported in mode 802.3ad(4) [ 574.359298][T19811] FAT-fs (loop4): Directory bread(block 73) failed [ 574.406799][T19818] bond2 (unregistering): Released all slaves [ 574.583953][T19831] loop2: detected capacity change from 0 to 64 [ 574.674520][T19834] loop5: detected capacity change from 0 to 256 [ 574.700918][T19834] exfat: Deprecated parameter 'namecase' [ 574.746645][T19834] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d) [ 575.086019][T19850] loop3: detected capacity change from 0 to 512 [ 575.129498][T19850] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 575.174244][T19850] EXT4-fs (loop3): Couldn't remount RDWR because of unprocessed orphan inode list. Please umount/remount instead [ 575.351847][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 575.365031][T19857] loop1: detected capacity change from 0 to 4096 [ 575.489647][T19865] vlan0: entered promiscuous mode [ 575.501171][T19857] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 575.649482][ T5951] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 575.678277][ T37] ntfs3(loop1): ino=9, ntfs3_write_inode failed, -22. [ 575.689787][ T5819] ntfs3(loop1): ino=9, ntfs_sync_fs failed, -22. [ 575.818817][ T5951] usb 6-1: Using ep0 maxpacket: 16 [ 575.837232][ T5951] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 575.857112][ T5951] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 575.878796][ T5951] usb 6-1: Product: syz [ 575.883284][ T5951] usb 6-1: Manufacturer: syz [ 575.924708][ T5951] usb 6-1: SerialNumber: syz [ 575.940817][ T5951] r8152-cfgselector 6-1: Unknown version 0x0000 [ 575.969006][ T5951] r8152-cfgselector 6-1: config 0 descriptor?? [ 576.054219][T19889] dlm: plock device version mismatch: kernel (1.2.0), user (1.33554432.0) [ 576.119087][ T24] usb 5-1: new high-speed USB device number 49 using dummy_hcd [ 576.289643][ T24] usb 5-1: Using ep0 maxpacket: 16 [ 576.300970][ T24] usb 5-1: config 254 has an invalid interface number: 235 but max is 0 [ 576.325494][ T24] usb 5-1: config 254 has no interface number 0 [ 576.355070][ T24] usb 5-1: config 254 interface 235 altsetting 2 bulk endpoint 0x6 has invalid maxpacket 32 [ 576.389928][ T24] usb 5-1: config 254 interface 235 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 576.425919][ T5878] r8152-cfgselector 6-1: USB disconnect, device number 10 [ 576.435856][ T24] usb 5-1: config 254 interface 235 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 576.458732][ T24] usb 5-1: config 254 interface 235 has no altsetting 0 [ 576.479173][ T24] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=2b.f1 [ 576.495756][ T24] usb 5-1: New USB device strings: Mfr=1, Product=251, SerialNumber=3 [ 576.528708][ T24] usb 5-1: Product: syz [ 576.546184][ T24] usb 5-1: Manufacturer: syz [ 576.558780][ T24] usb 5-1: SerialNumber: syz [ 576.575328][T19879] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 576.657112][T19913] loop2: detected capacity change from 0 to 512 [ 576.683785][T19913] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.5851: iget: bad i_size value: 38620345925642 [ 576.709183][T19913] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.5851: couldn't read orphan inode 15 (err -117) [ 576.750475][T19913] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 576.798382][T19879] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 576.808550][ T24] usbtest 5-1:254.235: Linux gadget zero [ 576.814405][ T24] usbtest 5-1:254.235: high-speed {control in/out bulk-out int-in} tests (+alt) [ 576.819368][T19913] EXT4-fs error (device loop2): empty_inline_dir:1770: inode #12: block 7: comm syz.2.5851: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=4278190093, rec_len=255, size=60 fake=0 [ 576.876884][T19913] EXT4-fs warning (device loop2): empty_inline_dir:1777: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60 [ 576.893220][T19915] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 576.952520][T19921] MTD: Couldn't look up '': -22 [ 577.010959][ T6183] usb 5-1: USB disconnect, device number 49 [ 577.035891][T19923] netlink: 'syz.5.5857': attribute type 11 has an invalid length. [ 577.044187][T19923] netlink: 224 bytes leftover after parsing attributes in process `syz.5.5857'. [ 577.055459][ T5820] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 577.085256][T19925] loop1: detected capacity change from 0 to 1024 [ 577.192932][T19925] hfsplus: invalid extended attribute record [ 577.257352][ T60] hfsplus: b-tree write err: -5, ino 4 [ 578.178008][T19972] netlink: 'syz.1.5881': attribute type 1 has an invalid length. [ 578.340701][T19977] loop5: detected capacity change from 0 to 1024 [ 578.837760][T20003] loop1: detected capacity change from 0 to 16 [ 579.250072][T20026] loop4: detected capacity change from 0 to 256 [ 579.519072][ T5951] usb 4-1: new high-speed USB device number 82 using dummy_hcd [ 579.566991][T20041] net_ratelimit: 1 callbacks suppressed [ 579.567009][T20041] netlink: zone id is out of range [ 579.618961][T20041] netlink: zone id is out of range [ 579.709010][ T5951] usb 4-1: Using ep0 maxpacket: 32 [ 579.719024][ T5951] usb 4-1: config 0 has an invalid interface number: 35 but max is 0 [ 579.729870][ T5951] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 579.740154][ T5951] usb 4-1: config 0 has no interface number 0 [ 579.746263][ T5951] usb 4-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 579.782549][ T5951] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 579.805966][ T5951] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 579.828733][ T5951] usb 4-1: Product: syz [ 579.832945][ T5951] usb 4-1: Manufacturer: syz [ 579.857997][ T5951] usb 4-1: SerialNumber: syz [ 579.888499][T20051] netlink: 'syz.4.5920': attribute type 32 has an invalid length. [ 579.900494][ T5951] usb 4-1: config 0 descriptor?? [ 579.926511][ T5951] radio-si470x 4-1:0.35: could not find interrupt in endpoint [ 579.954725][ T5951] radio-si470x 4-1:0.35: probe with driver radio-si470x failed with error -5 [ 580.100993][T20064] loop4: detected capacity change from 0 to 256 [ 580.108864][T20064] exfat: Deprecated parameter 'namecase' [ 580.128049][ T5951] radio-raremono 4-1:0.35: this is not Thanko's Raremono. [ 580.148828][T20064] exfat: Deprecated parameter 'namecase' [ 580.156829][ T5951] usbhid 4-1:0.35: couldn't find an input interrupt endpoint [ 580.210980][T20064] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 580.293895][T20070] xt_CT: You must specify a L4 protocol and not use inversions on it [ 580.311717][T20071] netlink: 'syz.1.5929': attribute type 1 has an invalid length. [ 580.406564][ T5951] usb 4-1: USB disconnect, device number 82 [ 580.698498][T20087] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5937'. [ 580.807571][T20081] loop4: detected capacity change from 0 to 8192 [ 581.444983][T20111] loop1: detected capacity change from 0 to 512 [ 581.474237][T20111] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 581.555527][T20111] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.5951: invalid indirect mapped block 4294967295 (level 1) [ 581.606715][T20089] loop2: detected capacity change from 0 to 32768 [ 581.616961][T20111] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.5951: invalid indirect mapped block 4294967295 (level 1) [ 581.631794][T20089] (syz.2.5939,20089,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 581.645790][T20089] (syz.2.5939,20089,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 581.685940][T20089] JBD2: Ignoring recovery information on journal [ 581.700063][T20111] EXT4-fs (loop1): 2 truncates cleaned up [ 581.722078][T20111] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 581.767972][T20089] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 581.986207][ T5819] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 582.126586][ T5820] ocfs2: Unmounting device (7,2) on (node local) [ 582.420377][T20119] loop5: detected capacity change from 0 to 32768 [ 582.475964][T20119] JBD2: Ignoring recovery information on journal [ 582.545004][T20119] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 582.639794][ T5878] usb 5-1: new full-speed USB device number 50 using dummy_hcd [ 582.668047][T20119] (syz.5.5954,20119,0):ocfs2_check_dir_entry:338 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=0, inode=51539607617, rec_len=0, name_len=0 [ 582.703692][T20119] (syz.5.5954,20119,0):ocfs2_prepare_dir_for_insert:4336 ERROR: status = -2 [ 582.733327][T20119] (syz.5.5954,20119,0):ocfs2_mknod:301 ERROR: status = -2 [ 582.786283][T20119] (syz.5.5954,20119,0):ocfs2_mknod:505 ERROR: status = -2 [ 582.810199][T20119] (syz.5.5954,20119,1):ocfs2_create:678 ERROR: status = -2 [ 582.830850][ T5878] usb 5-1: unable to get BOS descriptor or descriptor too short [ 582.849403][ T5878] usb 5-1: not running at top speed; connect to a high speed hub [ 582.875946][ T5878] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 582.894429][ T5878] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 582.908146][ T5878] usb 5-1: string descriptor 0 read error: -22 [ 582.936036][ T5878] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 582.950917][ T5878] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 582.973298][ T5878] usb 5-1: 0:2 : does not exist [ 582.983031][T12236] ocfs2: Unmounting device (7,5) on (node local) [ 583.180481][ T5878] usb 5-1: 5:0: failed to get current value for ch 0 (-22) [ 583.227172][ T5878] usb 5-1: 5:0: cannot get min/max values for control 2 (id 5) [ 583.271511][ T5878] usb 5-1: 5:0: cannot get min/max values for control 3 (id 5) [ 583.309211][ T5878] usb 5-1: 5:0: failed to get current value for ch 1 (-22) [ 583.358876][T20171] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5978'. [ 583.367863][T20171] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5978'. [ 583.390993][ T5878] usb 5-1: 5:0: cannot get min/max values for control 3 (id 5) [ 583.423390][ T5878] usb 5-1: 5:0: cannot get min/max values for control 2 (id 5) [ 583.467882][ T5878] usb 5-1: USB disconnect, device number 50 [ 583.771136][T20185] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5984'. [ 583.788006][T20161] loop2: detected capacity change from 0 to 32768 [ 583.857621][T20161] ea_get: invalid extended attribute [ 583.939614][T20187] loop4: detected capacity change from 0 to 16 [ 583.946793][T20187] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 584.461565][T20208] loop4: detected capacity change from 0 to 8 [ 584.593300][T20215] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5997'. [ 584.625164][T20215] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5997'. [ 584.739369][T20221] loop2: detected capacity change from 0 to 64 [ 585.029261][T20233] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 585.699068][T20265] loop3: detected capacity change from 0 to 8 [ 585.716435][T20265] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 585.743199][T20265] cramfs: bad data blocksize 4294934200 [ 585.750818][ T5825] udevd[5825]: incorrect cramfs checksum on /dev/loop3 [ 585.759174][T20265] cramfs: bad data blocksize 4294934200 [ 585.765821][ T30] audit: type=1800 audit(1780845002.551:2420): pid=20265 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6023" name="file1" dev="loop3" ino=33092 res=0 errno=0 [ 585.790365][ T40] usb 5-1: new high-speed USB device number 51 using dummy_hcd [ 585.887967][T20272] loop2: detected capacity change from 0 to 512 [ 585.958986][ T40] usb 5-1: Using ep0 maxpacket: 8 [ 585.972363][ T40] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 585.984001][ T9121] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 586.021788][ T40] usb 5-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b [ 586.055115][ T40] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 586.071647][ T40] usb 5-1: Product: syz [ 586.082815][ T40] usb 5-1: Manufacturer: syz [ 586.101791][ T40] usb 5-1: SerialNumber: syz [ 586.149253][ T40] usb 5-1: config 0 descriptor?? [ 586.172088][ T40] gspca_main: stk014-2.14.0 probing 05e1:0893 [ 586.178276][ T40] usb 5-1: selecting invalid altsetting 1 [ 586.200249][ T9121] usb 6-1: Using ep0 maxpacket: 16 [ 586.212317][ T9121] usb 6-1: config 0 has an invalid interface number: 132 but max is 0 [ 586.236822][ T9121] usb 6-1: config 0 has no interface number 0 [ 586.257518][ T9121] usb 6-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 586.287334][ T9121] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 586.306577][ T9121] usb 6-1: Product: syz [ 586.312796][ T9121] usb 6-1: Manufacturer: syz [ 586.317418][ T9121] usb 6-1: SerialNumber: syz [ 586.342209][ T9121] usb 6-1: config 0 descriptor?? [ 586.358516][ T9121] hub 6-1:0.132: bad descriptor, ignoring hub [ 586.366877][T20283] loop1: detected capacity change from 0 to 4096 [ 586.373329][ T9121] hub 6-1:0.132: probe with driver hub failed with error -5 [ 586.397404][T20283] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 586.425311][ T9121] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.132/input/input45 [ 586.482849][T20283] ntfs3(loop1): ino=19, mi_enum_attr [ 586.488280][T20283] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 586.502409][T20283] ntfs3(loop1): ino=18, mi_enum_attr [ 586.522920][T20283] ntfs3(loop1): failed to convert "c46c" to cp737 [ 586.532671][T20283] ntfs3(loop1): ino=20, mi_enum_attr [ 586.594475][ T40] usb 5-1: USB disconnect, device number 51 [ 586.897864][T20301] SET target dimension over the limit! [ 587.253102][T20319] xt_hashlimit: Unknown mode mask C4, kernel too old? [ 587.458847][ T6183] usb 4-1: new high-speed USB device number 83 using dummy_hcd [ 587.549122][T20331] loop1: detected capacity change from 0 to 2048 [ 587.581856][T20331] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 587.646845][ T6183] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 587.680765][ T6183] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 587.698321][ T30] audit: type=1326 audit(1780845004.481:2421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20336 comm="syz.2.6057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x7ffc0000 [ 587.711200][ T6183] usb 4-1: Product: syz [ 587.762498][ T6183] usb 4-1: Manufacturer: syz [ 587.767150][ T6183] usb 4-1: SerialNumber: syz [ 587.801402][ T30] audit: type=1326 audit(1780845004.481:2422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20336 comm="syz.2.6057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x7ffc0000 [ 587.840833][ T6183] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 587.910503][ T30] audit: type=1326 audit(1780845004.521:2423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20336 comm="syz.2.6057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7fbb78d8f749 code=0x7ffc0000 [ 587.911681][ T5951] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 588.058934][ T30] audit: type=1326 audit(1780845004.521:2424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20336 comm="syz.2.6057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x7ffc0000 [ 588.103264][ T30] audit: type=1326 audit(1780845004.521:2425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20336 comm="syz.2.6057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb78d8f749 code=0x7ffc0000 [ 588.223000][ C0] usb 4-1: ath9k_htc: invalid pkt_len (fd7e) [ 588.425458][ T5878] usb 4-1: USB disconnect, device number 83 [ 588.432437][T20354] netlink: 'syz.1.6066': attribute type 1 has an invalid length. [ 588.464554][T20354] netlink: 224 bytes leftover after parsing attributes in process `syz.1.6066'. [ 588.577461][T20329] loop5: detected capacity change from 0 to 40427 [ 588.600567][T20329] F2FS-fs (loop5): Invalid segment/section count (31, 24 x 1) [ 588.638662][T20329] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 588.669633][T20329] F2FS-fs (loop5): invalid crc value [ 588.913454][T20329] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 588.966721][T20329] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0 [ 588.986277][T20329] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 588.997950][ T5951] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 589.028808][ T5951] ath9k_htc: Failed to initialize the device [ 589.058732][ T5878] usb 4-1: ath9k_htc: USB layer deinitialized [ 589.194085][T20387] loop1: detected capacity change from 0 to 256 [ 589.223536][T20387] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 589.619255][T20399] delete_channel: no stack [ 589.663026][T20404] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6089'. [ 589.708667][T20404] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6089'. [ 589.973841][T20407] loop4: detected capacity change from 0 to 4096 [ 590.050014][T20407] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 590.115172][T20407] ntfs3(loop4): Failed to load $Extend (-22). [ 590.138000][T20407] ntfs3(loop4): Failed to initialize $Extend. [ 590.174895][T20423] netlink: 9 bytes leftover after parsing attributes in process `syz.1.6097'. [ 590.216927][ T9121] usb 6-1: USB disconnect, device number 11 [ 590.238915][T20423] 0·: renamed from hsr0 (while UP) [ 590.291349][T20423] 0·: entered allmulticast mode [ 590.326399][T20423] hsr_slave_0: entered allmulticast mode [ 590.351658][T20423] hsr_slave_1: entered allmulticast mode [ 590.371823][T20423] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 590.492637][T20432] loop5: detected capacity change from 0 to 2048 [ 590.540883][T20432] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 590.698043][T20438] netlink: 44 bytes leftover after parsing attributes in process `syz.2.6105'. [ 590.718776][T20438] netlink: 43 bytes leftover after parsing attributes in process `syz.2.6105'. [ 590.738708][T20438] netlink: 'syz.2.6105': attribute type 6 has an invalid length. [ 590.746567][T20438] netlink: 'syz.2.6105': attribute type 5 has an invalid length. [ 590.775352][T20438] netlink: 43 bytes leftover after parsing attributes in process `syz.2.6105'. [ 591.385103][T20472] loop3: detected capacity change from 0 to 256 [ 591.429748][T20472] exfat: Deprecated parameter 'utf8' [ 591.453096][T20472] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 592.015241][T20458] loop2: detected capacity change from 0 to 32768 [ 592.030317][T20491] loop1: detected capacity change from 0 to 16 [ 592.069772][T20491] erofs (device loop1): mounted with root inode @ nid 36. [ 592.111053][T20458] JBD2: Ignoring recovery information on journal [ 592.160512][T20491] erofs (device loop1): xattr_isize 12 of nid 46 is not supported yet [ 592.295003][T20458] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 592.445796][T20458] ocfs2: Unmounting device (7,2) on (node local) [ 592.768377][T20523] netlink: 'syz.4.6146': attribute type 9 has an invalid length. [ 592.776928][T20523] netlink: 'syz.4.6146': attribute type 6 has an invalid length. [ 593.042649][T20532] loop3: detected capacity change from 0 to 256 [ 593.056232][T20533] xt_l2tp: missing protocol rule (udp|l2tpip) [ 593.122801][T20532] FAT-fs (loop3): Directory bread(block 64) failed [ 593.148522][T20532] FAT-fs (loop3): Directory bread(block 65) failed [ 593.201094][T20532] FAT-fs (loop3): Directory bread(block 66) failed [ 593.218717][T20532] FAT-fs (loop3): Directory bread(block 67) failed [ 593.225373][T20532] FAT-fs (loop3): Directory bread(block 68) failed [ 593.277623][T20532] FAT-fs (loop3): Directory bread(block 69) failed [ 593.327668][T20532] FAT-fs (loop3): Directory bread(block 70) failed [ 593.366190][T20532] FAT-fs (loop3): Directory bread(block 71) failed [ 593.399063][T20532] FAT-fs (loop3): Directory bread(block 72) failed [ 593.415949][T20532] FAT-fs (loop3): Directory bread(block 73) failed [ 593.672808][T20559] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 593.679377][T20559] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 593.688003][T20563] PKCS7: Unknown OID: [4] 0.0 [ 593.703983][T20563] PKCS7: Only support pkcs7_signedData type [ 593.747185][T20559] vhci_hcd vhci_hcd.0: Device attached [ 593.818483][T20564] vhci_hcd vhci_hcd.0: port 0 already used [ 593.858729][T20561] vhci_hcd: connection closed [ 593.859054][ T3421] vhci_hcd vhci_hcd.4: stop threads [ 593.881850][ T3421] vhci_hcd vhci_hcd.4: release socket [ 593.896669][ T3421] vhci_hcd vhci_hcd.4: disconnect device [ 594.252683][T20592] loop1: detected capacity change from 0 to 256 [ 594.298443][T20592] FAT-fs (loop1): Directory bread(block 64) failed [ 594.305934][T20592] FAT-fs (loop1): Directory bread(block 65) failed [ 594.312967][T20592] FAT-fs (loop1): Directory bread(block 66) failed [ 594.333789][T20592] FAT-fs (loop1): Directory bread(block 67) failed [ 594.348873][T20592] FAT-fs (loop1): Directory bread(block 68) failed [ 594.355438][T20592] FAT-fs (loop1): Directory bread(block 69) failed [ 594.364308][T20592] FAT-fs (loop1): Directory bread(block 70) failed [ 594.372041][T20592] FAT-fs (loop1): Directory bread(block 71) failed [ 594.379143][T20592] FAT-fs (loop1): Directory bread(block 72) failed [ 594.385685][T20592] FAT-fs (loop1): Directory bread(block 73) failed [ 594.431306][ T5951] usb 3-1: new high-speed USB device number 84 using dummy_hcd [ 594.459701][ T40] usb usb42-port1: attempt power cycle [ 594.598965][ T5951] usb 3-1: Using ep0 maxpacket: 32 [ 594.626229][ T5951] usb 3-1: unable to get BOS descriptor or descriptor too short [ 594.645182][ T5951] usb 3-1: config 56 has an invalid interface association descriptor of length 5, skipping [ 594.672760][ T5951] usb 3-1: config 56 has an invalid descriptor of length 0, skipping remainder of the config [ 594.696179][ T5951] usb 3-1: config 56 has 0 interfaces, different from the descriptor's value: 1 [ 594.733075][ T5951] usb 3-1: New USB device found, idVendor=12d1, idProduct=b580, bcdDevice=29.de [ 594.758789][ T5951] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 594.778781][ T5951] usb 3-1: Product: syz [ 594.784925][ T5951] usb 3-1: Manufacturer: syz [ 594.789999][ T5951] usb 3-1: SerialNumber: syz [ 594.849695][T20618] loop4: detected capacity change from 0 to 16 [ 594.887365][T20618] erofs (device loop4): mounted with root inode @ nid 36. [ 595.019924][ T5951] usb 3-1: USB disconnect, device number 84 [ 595.049748][ T40] usb usb42-port1: unable to enumerate USB device [ 595.244397][T20635] loop1: detected capacity change from 0 to 128 [ 595.282375][T20635] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 595.295122][T20635] ext4 filesystem being mounted at /1281/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 595.336721][T20635] EXT4-fs warning (device loop1): verify_group_input:137: Cannot add at group 37441 (only 1 groups) [ 595.432270][T20644] netlink: 'syz.3.6203': attribute type 21 has an invalid length. [ 595.459883][ T5819] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 595.828802][ T9121] usb 2-1: new full-speed USB device number 78 using dummy_hcd [ 595.990785][ T9121] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 596.019561][ T9121] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 596.046733][ T9121] usb 2-1: config 0 descriptor?? [ 596.048001][T20674] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN PTI [ 596.061268][ T9121] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 596.063583][T20674] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f] [ 596.063607][T20674] CPU: 1 UID: 0 PID: 20674 Comm: syz.4.6218 Not tainted syzkaller #0 PREEMPT(full) [ 596.089521][T20674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 596.099578][T20674] RIP: 0010:handshake_complete+0x36/0x350 [ 596.105307][T20674] Code: 54 53 48 83 ec 10 48 89 54 24 08 89 f5 49 89 ff 49 bd 00 00 00 00 00 fc ff df e8 95 ac 77 f6 49 8d 5f 28 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 3b fd dd f6 48 8b 1b 4c 8d 63 30 [ 596.124915][T20674] RSP: 0018:ffffc9000f6bf300 EFLAGS: 00010206 [ 596.130983][T20674] RAX: 0000000000000005 RBX: 0000000000000028 RCX: 0000000000080000 [ 596.138945][T20674] RDX: ffffc9000cfcc000 RSI: 0000000000000256 RDI: 0000000000000257 [ 596.146919][T20674] RBP: 00000000fffffffb R08: ffff888144b16603 R09: 1ffff11028962cc0 [ 596.154887][T20674] R10: dffffc0000000000 R11: ffffed1028962cc1 R12: ffff888057a94b90 [ 596.162864][T20674] R13: dffffc0000000000 R14: dffffc0000000000 R15: 0000000000000000 [ 596.170840][T20674] FS: 00007f4d1eb6b6c0(0000) GS:ffff888125f8b000(0000) knlGS:0000000000000000 [ 596.179858][T20674] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 596.186451][T20674] CR2: 0000200000000000 CR3: 0000000084720000 CR4: 00000000003526f0 [ 596.194439][T20674] Call Trace: [ 596.197717][T20674] [ 596.200642][T20674] handshake_nl_accept_doit+0x3c9/0x7f0 [ 596.206190][T20674] genl_family_rcv_msg_doit+0x215/0x300 [ 596.211736][T20674] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 596.217801][T20674] ? bpf_lsm_capable+0x9/0x20 [ 596.222472][T20674] ? security_capable+0x7e/0x2e0 [ 596.227418][T20674] genl_rcv_msg+0x60e/0x790 [ 596.231940][T20674] ? __pfx_genl_rcv_msg+0x10/0x10 [ 596.236959][T20674] ? __pfx_handshake_nl_accept_doit+0x10/0x10 [ 596.243029][T20674] netlink_rcv_skb+0x208/0x470 [ 596.247809][T20674] ? __pfx_genl_rcv_msg+0x10/0x10 [ 596.252844][T20674] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 596.258149][T20674] ? down_read+0x274/0x2e0 [ 596.262565][T20674] ? genl_rcv+0xd/0x40 [ 596.266626][T20674] genl_rcv+0x28/0x40 [ 596.270600][T20674] netlink_unicast+0x82f/0x9e0 [ 596.275359][T20674] ? __pfx_netlink_unicast+0x10/0x10 [ 596.280640][T20674] ? netlink_sendmsg+0x642/0xb30 [ 596.285578][T20674] ? skb_put+0x11b/0x210 [ 596.289822][T20674] netlink_sendmsg+0x805/0xb30 [ 596.294585][T20674] ? aa_sk_perm+0x15f/0x920 [ 596.299084][T20674] ? __pfx_netlink_sendmsg+0x10/0x10 [ 596.304372][T20674] ? tomoyo_socket_sendmsg_permission+0x1e1/0x300 [ 596.310785][T20674] ? __pfx_netlink_sendmsg+0x10/0x10 [ 596.316070][T20674] sock_sendmsg_nosec+0x18f/0x1d0 [ 596.321091][T20674] ____sys_sendmsg+0x577/0x880 [ 596.325851][T20674] ? __pfx_____sys_sendmsg+0x10/0x10 [ 596.331133][T20674] ? import_iovec+0x74/0xa0 [ 596.335635][T20674] ___sys_sendmsg+0x21f/0x2a0 [ 596.340312][T20674] ? __pfx____sys_sendmsg+0x10/0x10 [ 596.345511][T20674] ? futex_wait+0x285/0x360 [ 596.350016][T20674] ? __fget_files+0x2a/0x420 [ 596.354596][T20674] ? __fget_files+0x3a0/0x420 [ 596.359265][T20674] __x64_sys_sendmsg+0x19b/0x260 [ 596.364210][T20674] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 596.369676][T20674] ? do_syscall_64+0xbe/0xf80 [ 596.374345][T20674] do_syscall_64+0xfa/0xf80 [ 596.378842][T20674] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 596.384898][T20674] ? clear_bhb_loop+0x60/0xb0 [ 596.389565][T20674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 596.395451][T20674] RIP: 0033:0x7f4d1dd8f749 [ 596.399856][T20674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 596.419457][T20674] RSP: 002b:00007f4d1eb6b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 596.427869][T20674] RAX: ffffffffffffffda RBX: 00007f4d1dfe5fa0 RCX: 00007f4d1dd8f749 [ 596.435830][T20674] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 596.443789][T20674] RBP: 00007f4d1de13f91 R08: 0000000000000000 R09: 0000000000000000 [ 596.451746][T20674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 596.459722][T20674] R13: 00007f4d1dfe6038 R14: 00007f4d1dfe5fa0 R15: 00007ffe0291ccd8 [ 596.467708][T20674] [ 596.470744][T20674] Modules linked in: [ 596.475524][T20674] ---[ end trace 0000000000000000 ]--- [ 596.506774][T20674] RIP: 0010:handshake_complete+0x36/0x350 [ 596.513922][T20674] Code: 54 53 48 83 ec 10 48 89 54 24 08 89 f5 49 89 ff 49 bd 00 00 00 00 00 fc ff df e8 95 ac 77 f6 49 8d 5f 28 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 3b fd dd f6 48 8b 1b 4c 8d 63 30 [ 596.533709][T20674] RSP: 0018:ffffc9000f6bf300 EFLAGS: 00010206 [ 596.539858][T20674] RAX: 0000000000000005 RBX: 0000000000000028 RCX: 0000000000080000 [ 596.547861][T20674] RDX: ffffc9000cfcc000 RSI: 0000000000000256 RDI: 0000000000000257 [ 596.557301][T20674] RBP: 00000000fffffffb R08: ffff888144b16603 R09: 1ffff11028962cc0 [ 596.565355][T20674] R10: dffffc0000000000 R11: ffffed1028962cc1 R12: ffff888057a94b90 [ 596.573364][T20674] R13: dffffc0000000000 R14: dffffc0000000000 R15: 0000000000000000 [ 596.581394][T20674] FS: 00007f4d1eb6b6c0(0000) GS:ffff888125e8b000(0000) knlGS:0000000000000000 [ 596.590543][T20674] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 596.597162][T20674] CR2: 00007fbb78fb42f8 CR3: 0000000084720000 CR4: 00000000003526f0 [ 596.605236][T20674] Kernel panic - not syncing: Fatal exception [ 596.611703][T20674] Kernel Offset: disabled [ 596.616014][T20674] Rebooting in 86400 seconds..