last executing test programs: 2m52.301133882s ago: executing program 1 (id=7839): r0 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0) write$binfmt_register(r0, &(0x7f0000000140)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x1000, 0x3a, '\xf4\xb5\xb2\xed\xc6;\xc7,4\\xev/bus/us\xae\xd1\x93\xc1\bm\xe9\xf3#\x00:\xbem\x02H;\x90\xa5\x1f\x8d\xc6\xae\xcc\x95a7\xc3\x168%\xc3\xc6\n\x8d\xbc\x81\x1a\x80\x16jY\x9f~\x12\x94]\x1e\x8c\x1d\xe7\xfe\"y\xa6O\xf5\xa2\xb6\xe7\xe3]%)l\x90\xe9\x026\xe4\xabX\xa0+\x86\nB&\xab\xef\xea\xa3\tUc\xc3\xad\x84\xa3vK{\xb2\xa3\xfc\x1f', 0x3a, '/dev/bus/usb/00#/00#\x00', 0x3a, './file0'}, 0xaf) 2m51.783119849s ago: executing program 1 (id=7846): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x48, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}]}, 0x48}}, 0x0) 2m51.229236364s ago: executing program 1 (id=7851): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r0, 0x107, 0x18, &(0x7f0000000800)={0x0, 0x1, 0x6, @local}, 0x10) 2m50.665137022s ago: executing program 1 (id=7856): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000b80)={[{@nombcache}, {@abort}, {@dioread_lock}, {@norecovery}, {@discard}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy") mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c}) 2m49.611042612s ago: executing program 1 (id=7863): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000040)={[{@norecovery}, {@grpquota}, {@debug}, {@discard}]}, 0xee, 0x498, &(0x7f0000001b40)="$eJzs3E1sFFUcAPD/bL/5kIr4AYJW8YOotLR8yMGLRhMPmpjoAeOplkKQQg2tiZBG0QMeDYl349HEu4knvRj1YEy86t2QENML6GnMzM4s23a3n0sX3N8v2e17M7N97z9vXuf1vd0NoGMNZU9JxLaI+CMidlSzCw8Yqv64OT838c/83EQSafrm30l+3I35uYny0PJ1W6uZNI3oy5J9Dcq98k7E+NTU5IUiPzJ77v2RmYuXDp45N3568vTk+bHjx48c3td7bOxovj9dZ3yV4mcW1409H03v3f3q21dfnzhx9d2fv8nqu63YXx/HuqRLazhUPbuLPZo9Pbmhwu4ov2ZP2+s2JN3NDx7ehAqxel0RkTVXT55LoisGavt2xCuftrFqwG2Wpmna6P4cdfftFPifSvRv6FDlvT77/7d8bM7I485w/cWIOFhk5ucmbtbi767NHfQs+v+2lYYi4sTlf7/MHtGKeQgAgBV8n41/nms0/qvEA3XH3VOsoQxGxL0RsTMi7ouIXRFxf0R+7IMR5x5aY/mLV0iWjn8q19YV2Cpl478XirWtmwvGf+XoLwa7itz2PP6e5NSZqclDxTk5ED19WX50mTJ+ePn3z8t0/6J99eO/7JGVX44Fi3pc6140QXdyfHY8T6Rp+vHGwo/rn0Ts6W4UfxLlMk4SEbsjYs86yzjzzNd7m+1bOf5lLLPOtFrpVxFPV9v/8sLx/62mSurXJwciorY+Ofr8sbGjI/0xNXlopLwqlvrltytvNCt/Q/G3QNb+Wxpe/7VV4MGkP2Lm4qWz+XrtzNrLuPLnZ3V9esHqchZ/5duINV//vclbebq32Pbh+OzshdGI3uS1pdvHbr22zJfHZ/Ef2N+4/++sq/HDEZFdxPsi4pFiETdru8ci4vGI2L9M/D+99MR7zfY1b/9ms/Ktdb04Ucu2f9S3/9oTXWd//K5Z+UPFGmQU56Fx+x/JUweKLbW/f8tYbQXXddIAAADgLlPJ3wOfVIZr6UpleLj6Hv5dsaUyNT0z++yp6Q/On6y+V34weirlTNeOuvnQ0WJuuMyPLcofLuaNv+gayPPDE9NTJ9sdPHS4rU36f+avrnbXDrjtWrCOBtyl9H/oXPo/dC79HzqX/g+dq1H/3+gHC4C7g/s/dK68/z91ud3VANrA/R86l/4PHanpZ+MrG/rIf9NE0upf2DBRfnfCZpS1cqL8LopNL31g3S/vX/nURaW9Z7VjEt1L2iK6W1pEX8NdbfyjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0EL/BQAA///5etKr") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) 2m48.669848674s ago: executing program 1 (id=7871): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, &(0x7f0000000000)={0x1, 'team_slave_0\x00', {}, 0x1}) 2m46.791613966s ago: executing program 32 (id=7871): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, &(0x7f0000000000)={0x1, 'team_slave_0\x00', {}, 0x1}) 3.721371788s ago: executing program 3 (id=9144): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x13, 0x17, &(0x7f00000007c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x8}}, {{0x6, 0x0, 0xb, 0x9, 0x0, 0x4}, {0x65, 0x0, 0x6, 0x9}}, [@printk={@ld, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0x2, 0xa, 0x9}, {0x4, 0x0, 0x3, 0x9}, {}, {}, {0x15}}], {{0x5, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000040)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 3.233990861s ago: executing program 3 (id=9149): r0 = socket(0x840000000002, 0x3, 0xff) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000018c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x478, 0x178, 0x0, 0x240, 0x178, 0x318, 0x3e0, 0x3e0, 0x3e0, 0x3e0, 0x3e0, 0x6, 0x0, {[{{@uncond, 0x5e02, 0xb0, 0xd8, 0x0, {0xa803, 0xd003000000000000}, [@common=@unspec=@connlimit={{0x40}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x2}}}, {{@ip={@dev, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'vlan1\x00', 'wg1\x00'}, 0x0, 0x70, 0xa0, 0x0, {0x0, 0x6000}}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @private}}}, {{@uncond, 0x0, 0x98, 0xc8, 0x0, {}, [@common=@ttl={{0x28}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @dev}}}, {{@ip={@rand_addr, @multicast2, 0x0, 0x0, 'veth0_macvtap\x00', 'bond0\x00'}, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@set={{0x40}}]}, @ECN={0x28}}, {{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@ah={{0x30}}]}, @common=@unspec=@CLASSIFY={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4d8) 2.937831637s ago: executing program 4 (id=9152): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000002400)={0x0, 0x0, &(0x7f00000023c0)={&(0x7f0000002300)=@newlink={0x30, 0x10, 0x1, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x1, 0x804}, [@IFLA_NET_NS_PID={0x8}, @IFLA_NET_NS_FD={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x4001}, 0x4) 2.774939719s ago: executing program 2 (id=9153): r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) write$binfmt_register(r0, &(0x7f0000000040)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x20, 0x3a, '', 0x3a, '', 0x3a, './file0'}, 0x27) 2.760483624s ago: executing program 3 (id=9154): syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xac7, &(0x7f0000001bc0)="$eJzs3U2MW0cBAOB53vUmm6TEKQld0tAmFNry002zWcJPBEmVCImoqRCXShWXKE1LRAgSRQKqSk1y4karKkic+BGnXqqCkOgFRT1xqUQjVUg9FQ4ciIKoxAECiVHsGa89sfvs/bHX6++T3o7nzbw3894+P7/fmQBMrErj7+LiXBHC5TdeOf73B/82e3vMkVaOWuPvdFusGkIoYnw6m997U83w5vsvnO4WFmGh8TfFwxPXW9NuDSFcCHvDlVALuy9fffmthcdPXjxxad/brx6+tjZLDwAAk+XrVw4v7vrLn+7dceO1+46GTa3x6fi8FuPb4nH/0Xjgn47/K6EzXrQN7WayfNNxqMx25pvqkq+9nGqWb7pH+TNZ+dUe+TaFDy5/qm1ct+WGcZa241ooKvMd8Uplfr55Th4a5/Uzxfz5s+eeeW5EFQVW3b/uDyHsbRuOXeqMr7fhyBrOu16vvxjWbv71Ua+7cR2ODq+sG/WmkS/zkIb69lHvgQCa8vuFd7iQX1lYmdbcpvsr//pjle7TwyoY9vY/UPkzIy4/KP/XF+1xWD0bdWtKy5W+R9tiPL+PkD+/1Pv7l9/p6Byb34+o9lnPXvcRxuX+Qq96Tg25HsvVq/75drFRfTmGaT18JUtv//7k/9Nx+R8D3f07v/4/oUPrMYR1UBfDRhvqxapuW53zqq5kXvVR7XiAdS9/bq6e7o9G+XN9efqmkvTNJemzJelbStK3lqTDJPvt938SXiqWzvPzc/pBr4en62x3xfBDA9Ynvx45aPn5c7+DWmn5+fPEsJ79/tSTZ77w9FNXm8//F63t/1bc3tPpRi1+t67EDOl6YX5dvfXsf62znEqPfHdn9bmrS/7G552d+YqdS/MJbfuZO+ox1znd9l759nTmq2X5ZuOwOatvfnyyJZsuHX+k/WpaX9PZ8laz5ZjJ6pH2KztimNcDliNtj72e/0/b51yoFs+cPXfm0RhP2+kfp6qbbo8/MOR6AyvX7/s/c6Hz/Z9trfHVSvt+YfvS+KK5X3g9zq9z/EKrnM7xB2M8/c59a2q2MX7+9HfPPb36iw8T7bkfPf/tU+fOnfmeD8v+8NX1UY1BPqTTlvVSnw39YSqsi2oM+GHEOyZgze1/sXkQ8MjZ75x69syzZ84fPHTo4MLCoS8eXNzfOK7f33503+7CCGoLrKalH/1R1wQAAAAAAAAAAADo1w9OHL/6zpuff7f5/v/S+3/p/f/05G96///H2fv/+Xvy6T349B7gji7pjTxZA6szWb5qHD6c1XdnVs6ubLqPxLDVj198/z8Vl7frmupzTza+2iOaNSdwR3spM1kbJHl/gR+P4aUY/irACBWz3UfHsKx967Stp/Yp2tqlqGsfeHyk/1vaGlI7Jun9767tOrX9s3cMoY6svmG8TjjqZQS6+8dEtf/9z6UFH3ldDL2H6eGW97MNuU3Uiz7y1Xsepffbgw3A6hh1/5/pumcKz//ha5tvDynb9cea+8vYo8Md7ZfCIP78Tmd8vfc/udbl5/32Dbv8US//sPv/bPV/1/f+L+sxr7a8cv/z82vvthUbdvdbfr78qR3onYOVfyOWn5bmodBf+fVfZuXnN4T69N+s/C19ln/H8u9ZXvn/i+Wn1fbwA/2W36xxUemsR37dON3/y68bJzez5U9te35A+d94vtvyL7OjxluxfJhk49LP7KCy44jWRY7l9/8bXVjd/n9blc12a/lzGJ+L8bQjTs855P2dlNS/ntc/PV+Rfgd2ZfMvSn7f9P873r4Uw7LvQ+r/N22PtfiT3xZvrMsUr3ZZtxt1XwPj6r2Juv83FsPmdVAHQ/9DfWoZ07X6iRtx/ev1+tpe0Cox0sIZ+fof9XnCqMsf9fovk/f/mx/D5/3/5ul5/795et7/b54+G/9DvdLz/n/z9Zn3/5un35PNN+8feK4k/aMl6bu7p7dO2+8tmX5PSfrHStL3tdKPdORI6feVTH9/SfrdJekPlKR/oiT9kyXpD5akP9yW3t4HdEr/VMn0G116H2VSlx8mWf5+nu8/TI50/6fX939nSTowvn762oFjT/3mm7Xm+/8zresh6T7e0RivxvOnH8Z4ft87tMVvp70Z43/N0tf79Q6YJHn7Gfnv+0Ml6cD4Ss95+X7DBCo2dx8dw7J2q3od5zNePh3Dz8TwszF8JIbzMdwfwwMxXBhS/Vgbx17/3eGXiqXz/e1Zer/Pw+fvA3W0ExVCONhnffLrA4M+j5+34zeolZa/zNfBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARqbS+Lu4OFeEcPmNV44/efLs/ttjjrRy1Bp/p9ti1dZ0ITwaw6kY/iJ+uPn+C6fbw1sxLMJCKELRGh+euN4qaWsI4ULYG66EWth9+erLby08fvLiiUv73n718LW1WwMAAACw8f0/AAD//252FS4=") syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x40000, 0x0, 0x1, 0x0, 0x0) 2.614007909s ago: executing program 0 (id=9155): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x70, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x9}, @CTA_NAT_SRC={0xc, 0x6, 0x0, 0x1, [@CTA_NAT_V4_MINIP={0x8, 0x3, @local}]}]}, 0x70}}, 0x0) 2.51732118s ago: executing program 5 (id=9156): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000180)=@multiplanar_fd={0xffff0001, 0x8, 0x4, 0x800, 0x9, {}, {0x3, 0xc, 0xa, 0x3, 0x7f, 0x4, "524f60fa"}, 0x10000000, 0x4, {0x0}, 0x3c}) 2.462960034s ago: executing program 4 (id=9157): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000080)=[{0x20, 0x0, 0x0, 0xfffff03c}, {0x6}]}, 0x10) 2.170274937s ago: executing program 2 (id=9158): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x400, 0x8c00}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_PACKETS_PER_SLAVE={0x8, 0x14, 0x1}]}}}]}, 0x3c}}, 0x0) 2.136657948s ago: executing program 5 (id=9159): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x8c, 0x30, 0xb, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x74, 0x1, 0x0, 0x0, {{0x7}, {0x4c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x0, 0xfffffffffffffff7}}, @TCA_CT_ACTION={0x6, 0x3, 0x19}, @TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @mcast2}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @private2}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x8c}}, 0x0) 2.069410381s ago: executing program 0 (id=9160): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00') getdents64(r0, 0x0, 0x0) 1.898549796s ago: executing program 4 (id=9161): syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x1000004, &(0x7f0000000680)=ANY=[@ANYRES8=0x0], 0x1, 0x167, &(0x7f0000000200)="$eJzs28tO6lAUxvGv5c45nIOiE+OAxIkTucYLAxN9FAKVoEWJOIGYGB/FF/JJNNEXEAOBGgqJt8BW+v+N9teVwtqEDWtSAQisrLKyZCkyCJvx9E3GMt0SgAXpS3rpAwim0JPpDgCY8XgstSU9PF/XFIpMzQeD+tG4bken67fSRnhUt2KK++eLu8RoNagnZt6fHL++lZxZ394av/8f/VVK//Rfaa1odVSve/evf2MSAoLHUs6fJy7YOmm6TsHLkWEuejk6zCVfLns5Nsy52oVbn9cWAHyR/c75D/nOf9h3/gH8Xp1u76zqus4li6Av7I9+JeyU6Va7Uf2ET2ypF4Z/mADMXf6q1c53ur2dZqvacBrOeemgVNkr7xb3K/eHklPIT87/AJbH25/+5PVTUw0BAAAAAAAAAAAAAIBPy2jNdAsAAAAAFmQRjxOZ3iMAAAAAAAAAAAAAAAAAAACwLF4DAAD//6xeHjM=") truncate(&(0x7f0000000000)='./file2\x00', 0x100) 1.74553376s ago: executing program 3 (id=9162): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000040)=0x1010000, 0x4) 1.519758589s ago: executing program 5 (id=9163): r0 = socket(0x10, 0x80002, 0x0) sendmsg$unix(r0, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000006c0)="6b21e0", 0x3}], 0x1, &(0x7f0000000f00)=[@rights={{0x10}}], 0x10}, 0x80000) 1.454860825s ago: executing program 0 (id=9164): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x1, 0x80000000}}, 0x20) 1.357887753s ago: executing program 2 (id=9165): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@bridge_newvlan={0x18, 0x76, 0x621, 0x70bd2a, 0x25dfdbfc, {0x7, 0x2}}, 0x18}, 0x1, 0x5502000000000000, 0x0, 0x40855}, 0x4000080) 1.265345705s ago: executing program 3 (id=9166): r0 = socket(0x10, 0x3, 0x0) sendto$inet6(r0, &(0x7f0000000000)="7800000018002507b9409b14ffff00000204be04020506050e020409430009003f0000000a0000000d0085a168d0bf46d32345653600648d0a8812000200000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160005000a0000000000e000e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0) 1.254618203s ago: executing program 4 (id=9167): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001c40)="d80000001c0081064e81f782db44b9040a1d08041100000000000aa1180002000600142603600e1208000f0000810401a8001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516", 0x5d}, {&(0x7f0000001d00)="0092e9a7e64c32c40a81fa0f64bd9906f29b6a0aa0e850e7eb26dd111c83b33cf6f3f5bfdf52e23faac8580b58c35613a51fec2e1500747c8a72eb20d3d6b9e4e75d266a5440ad6fa037d9055e6a4a6760575b9459419cfc252cb04e3a624aaaa02bf155303808bcb8ec989fd7db312bb9807d1efe0dab699418e3db", 0x7c}], 0x2, 0x0, 0x0, 0x7400}, 0x40000) 1.065017785s ago: executing program 2 (id=9168): ioperm(0x0, 0x20, 0x3f) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000240)={@cgroup, 0xffffffffffffffff, 0x2f, 0x0, 0x0, @void, @value}, 0x20) 987.616661ms ago: executing program 0 (id=9169): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x0, 0x0) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 912.873793ms ago: executing program 5 (id=9170): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000100)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x8, 0x10, &(0x7f0000000240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6000}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {}, [@ldst={0x0, 0x0, 0x2, 0x1, 0x5, 0x100, 0xfffffffffffffffc}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}}}, &(0x7f0000000200)='syzkaller\x00', 0xa, 0x100b, &(0x7f0000001e40)=""/4107, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000, @void, @value}, 0x94) 812.35087ms ago: executing program 3 (id=9171): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0020}]}) pause() 629.529459ms ago: executing program 4 (id=9172): r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0) ioctl$VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000640)=@multiplanar_userptr={0x0, 0x6, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "077c2910"}, 0x0, 0x2, {0x0}}) 629.432328ms ago: executing program 2 (id=9173): r0 = socket(0x2, 0x2, 0x0) setsockopt$inet_opts(r0, 0x0, 0x22, &(0x7f00000002c0)="d5", 0x1) 479.951536ms ago: executing program 0 (id=9174): unshare(0x8000000) shmget$private(0x0, 0xfffffffffeffffff, 0x4800, &(0x7f0000ffc000/0x3000)=nil) 408.350422ms ago: executing program 5 (id=9175): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x64, 0x0, 0x8, 0x401, 0x0, 0x0, {0xa, 0x0, 0xa}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xf5}, @CTA_TIMEOUT_DATA={0x34, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_FIN_WAIT={0x8, 0x4, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_TCP_TIME_WAIT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_TCP_CLOSE_WAIT={0x8, 0x5, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_TCP_SYN_SENT={0x8, 0x1, 0x1, 0x0, 0x9af}, @CTA_TIMEOUT_TCP_SYN_RECV={0x8, 0x2, 0x1, 0x0, 0xb}, @CTA_TIMEOUT_TCP_LAST_ACK={0x8, 0x6, 0x1, 0x0, 0x1}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x80) 347.710427ms ago: executing program 2 (id=9176): syz_mount_image$hfsplus(&(0x7f0000007340), &(0x7f0000000000)='./file2\x00', 0x1600008, &(0x7f00000024c0)={[{@umask={'umask', 0x3d, 0x3}}, {}, {@barrier}, {@barrier}, {@nobarrier}, {@type={'type', 0x3d, "05f2875e"}}, {@type={'type', 0x3d, "25f205c1"}}]}, 0x3, 0x637, &(0x7f00000005c0)="$eJzs3UtsG2kdAPD/OI4TB9TN7qa7Ba1EtJUWRESbh7IQLpSHUA4rtFoOnKPWbay6aZW4KK0QCi9x4MKh4lwOuXFC6j1SOcMF9ZpjJVAvPaDcjGY8dpy386qd7e8Xjb/v8zfzzX/+9jzsyJoA3lrzE1HciCTmJz5bTdub6zO1zfWZoby7FhFpvRBRbBaRLEUkz5vdN9KHr6VP5vMnB63nSXXuixevN182W8XWwkkprQ0fvNxRmguu5VOMR8RAXu412O2oO8a7eeB4+/nvn/YPshlous1XW4mDXmvssXacxU+83wL9I2meN/cYjRjJztDN64DIjw6FNxvd2TvWUQ4AAAAuqHe2Ymut0Wj0Og4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4SPL7/yf5VGjVxyNp3f+/1DF7qYehnomNXgcAAAAAAAAAACfSGOhsfWMrtmI1LrV7k+x//h9njbHs8SvxMFaiEstxLVZjIepRj+WYiojRjoFKqwv1+vJUF0tO77vk9LluNAAAAAAAAAB82f025rf//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0giRhoFtk01qqPRqEYEcMRUUrnW4v4V6t+kW30OgAAAAB4A97Ziq1YjUutdiPJPvN/kH3uH46HsRT1qEY9alGJW9l3Ac1P/YXN9Zna5vrMvXTaO+5f/tfIdBlGNmI0v3vYf81XsjnKcTuq2TPX4mbcj1q5c5QrrXj2j+s3r9Kxf5DrMrJbeZlu+Z/zsj+MZhkZbGdkMo8tzeO7h2fih69OuqbxdE1TUWh/8zN2DjkfyctkV9l7u3M+HYUs36kPDs9ExDef/e0Xi7Wlu4u3Vyb6Z5NOqJmJRqOZiaGs1crEh29VJiazbb/cbs/HT+PnMRHj8XksRzV+GQtRj0qMx0+y2kL+fk4fR3dlqrBz6Bs7Wp8fFUkpf12aR9HjxfRxtuylqMbP4n7cikp8mv1Nx1R8N2ZjNuY6XuHLXez1hePt9Ve/lVfSQ/of87I/pHl9tyOvncfc0ayv85ntLL139sfG4tfzSrqO30XEj89wO09ndybSs8Szrzb73j88E3/NrhNWakt3lxcXHnS5vk/yMt2P/tBXZ4n0/fJe+mJlrZ3vjrTv/X37prK+sXZfYU/f5XbfUXtqKb+G2zvSdNb34b59M1nflY6+Pddb7eshAPrYyLdHSuX/lP9Zflr+fXmx/Nnwj4a+N/RRKQb/Mfj94uTAJ4WPkr/H0/j19ud/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5FYePb67UKtVlo+sJNnN/yO6mrmj0rqd0+EzJ1HMbuRznJFVarXKcPRFGMeq1P4d0fFM0ut4+qEy1G9v/t4el4Dzd71+78H1lUePv1O9t3CncqeyNDg7Ozc5N/vpzPXb1dpApI+VyV5HCZyH7ZN+ryMBAAAAAAAAAAAAunX4zwAG87lO93OCHm8iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcMHNT0RxI5KYmrw2mbY312dq6dSqb89ZjIhCRCS/ikieR9yI5hSjHcMlB63nSXXuixevN19uj1VszV84bLnurOVTjEfEQF6e1Xg3Tz1e0t7CNGFXS6cLDs7M/wMAAP//oEkI4g==") mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103) 152.825567ms ago: executing program 4 (id=9177): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x5c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x3}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x5c}}, 0x0) 20.023998ms ago: executing program 5 (id=9178): r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) pread64(r0, 0x0, 0x0, 0x0) 0s ago: executing program 0 (id=9179): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f0000000340)=@ethtool_ringparam={0x11, 0x5, 0x80, 0x285, 0xd, 0xbba, 0x8, 0x1c00000, 0x7}}) kernel console output (not intermixed with test programs): 1173.655639][T18581] openvswitch: netlink: Message has 8 unknown bytes. [ 1176.141193][T18629] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6082'. [ 1176.150793][T18629] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6082'. [ 1176.160204][T18629] netlink: 'syz.4.6082': attribute type 1 has an invalid length. [ 1177.405544][T18653] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6092'. [ 1177.418666][T18653] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6092'. [ 1177.429648][T18653] netlink: 148 bytes leftover after parsing attributes in process `syz.4.6092'. [ 1177.441647][T18653] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check. [ 1180.465269][ T6114] usb 4-1: new high-speed USB device number 113 using dummy_hcd [ 1180.519895][T18711] loop1: detected capacity change from 0 to 64 [ 1180.551819][T18713] netlink: 'syz.4.6120': attribute type 1 has an invalid length. [ 1180.559916][T18713] netlink: 224 bytes leftover after parsing attributes in process `syz.4.6120'. [ 1180.665077][ T6114] usb 4-1: Using ep0 maxpacket: 16 [ 1180.688740][ T6114] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0 [ 1180.732358][ T6114] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1180.747390][ T6114] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1180.757476][ T6114] usb 4-1: Product: syz [ 1180.762132][ T6114] usb 4-1: Manufacturer: syz [ 1180.766952][ T6114] usb 4-1: SerialNumber: syz [ 1180.891079][ T6114] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22 [ 1180.997646][T18718] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6124'. [ 1181.104592][T18714] loop2: detected capacity change from 0 to 4096 [ 1181.116254][T18714] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 1181.204085][ T6101] usb 4-1: USB disconnect, device number 113 [ 1181.582622][T18720] loop1: detected capacity change from 0 to 2048 [ 1181.768252][T18720] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1182.422716][T18735] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6133'. [ 1182.432621][T18735] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6133'. [ 1182.965531][T18744] : renamed from hsr0 (while UP) [ 1183.396944][T18751] overlay: Unknown parameter '\' [ 1183.938958][T18763] autofs4:pid:18763:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(4294967071.1), cmd(0xc018937e) [ 1183.953453][T18763] autofs4:pid:18763:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e) [ 1183.992787][ T29] audit: type=1107 audit(2811350204.307:84): pid=18762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='š¤' [ 1184.934549][T18783] wlan1 speed is unknown, defaulting to 1000 [ 1184.942915][T18783] wlan1 speed is unknown, defaulting to 1000 [ 1184.950440][T18783] wlan1 speed is unknown, defaulting to 1000 [ 1185.341529][T18783] infiniband syz1: set active [ 1185.346651][T18783] infiniband syz1: added wlan1 [ 1185.352632][ T6101] wlan1 speed is unknown, defaulting to 1000 [ 1185.564595][T18783] RDS/IB: syz1: added [ 1185.568977][T18783] smc: adding ib device syz1 with port count 1 [ 1185.575617][T18783] smc: ib device syz1 port 1 has pnetid [ 1185.583564][T18783] wlan1 speed is unknown, defaulting to 1000 [ 1185.892724][ T6101] wlan1 speed is unknown, defaulting to 1000 [ 1186.026094][T18783] wlan1 speed is unknown, defaulting to 1000 [ 1186.598836][T18783] wlan1 speed is unknown, defaulting to 1000 [ 1186.609258][T18805] netlink: 164 bytes leftover after parsing attributes in process `syz.0.6166'. [ 1186.625840][T18805] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6166'. [ 1186.636989][T18805] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6166'. [ 1187.097780][T18783] wlan1 speed is unknown, defaulting to 1000 [ 1187.499367][T18783] wlan1 speed is unknown, defaulting to 1000 [ 1188.908304][T18834] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0) [ 1188.918042][T18834] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647 [ 1189.604180][T18845] loop2: detected capacity change from 0 to 2048 [ 1189.604750][ T29] audit: type=1326 audit(2811350209.494:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18846 comm="syz.3.6185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1189.669020][T18845] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1189.704458][ T29] audit: type=1326 audit(2811350209.549:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18846 comm="syz.3.6185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1189.729985][ T29] audit: type=1326 audit(2811350209.549:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18846 comm="syz.3.6185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1189.753659][ T29] audit: type=1326 audit(2811350209.549:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18846 comm="syz.3.6185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1189.877902][ T6287] udevd[6287]: incorrect nilfs2 checksum on /dev/loop2 [ 1189.906867][T18852] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1190.326716][T18860] tc_dump_action: action bad kind [ 1190.640480][T18862] netlink: 'syz.0.6193': attribute type 4 has an invalid length. [ 1190.648636][T18862] netlink: 152 bytes leftover after parsing attributes in process `syz.0.6193'. [ 1191.170591][ T29] audit: type=1326 audit(2811350210.943:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18871 comm="syz.0.6198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48c5b8cd29 code=0x7ffc0000 [ 1191.193660][ T29] audit: type=1326 audit(2811350210.943:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18871 comm="syz.0.6198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48c5b8cd29 code=0x7ffc0000 [ 1191.216734][ T29] audit: type=1326 audit(2811350210.952:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18871 comm="syz.0.6198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f48c5b8cd29 code=0x7ffc0000 [ 1191.239983][ T29] audit: type=1326 audit(2811350210.952:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18871 comm="syz.0.6198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f48c5b8cd63 code=0x7ffc0000 [ 1191.262716][ T29] audit: type=1326 audit(2811350210.998:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18871 comm="syz.0.6198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f48c5b8b7df code=0x7ffc0000 [ 1191.355129][T18877] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6200'. [ 1191.671119][ T29] audit: type=1326 audit(2811350211.081:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18871 comm="syz.0.6198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f48c5b8cdb7 code=0x7ffc0000 [ 1194.251354][T18930] xt_connbytes: Forcing CT accounting to be enabled [ 1194.258335][T18930] set match dimension is over the limit! [ 1194.549758][T18936] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 1194.629961][ T6114] usb 4-1: new high-speed USB device number 114 using dummy_hcd [ 1194.824813][ T6114] usb 4-1: Using ep0 maxpacket: 8 [ 1194.862534][ T6114] usb 4-1: config 0 has an invalid interface number: 128 but max is 0 [ 1194.871190][ T6114] usb 4-1: config 0 has no interface number 0 [ 1194.950481][ T6114] usb 4-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00 [ 1194.961067][ T6114] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1194.969707][ T6114] usb 4-1: Product: syz [ 1194.974084][ T6114] usb 4-1: Manufacturer: syz [ 1194.979045][ T6114] usb 4-1: SerialNumber: syz [ 1195.076615][ T6114] usb 4-1: config 0 descriptor?? [ 1195.138318][ T6114] radio-usb-si4713 4-1:0.128: Si4713 development board discovered: (10C4:8244) [ 1195.440946][ T6114] radio-usb-si4713 4-1:0.128: probe with driver radio-usb-si4713 failed with error -71 [ 1195.451557][ T6114] usbhid 4-1:0.128: couldn't find an input interrupt endpoint [ 1195.508983][ T6114] usb 4-1: USB disconnect, device number 114 [ 1196.009752][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 1196.016991][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 1197.578862][T18984] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1199.017889][T19012] loop1: detected capacity change from 0 to 256 [ 1199.291545][T19019] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1199.337226][T19012] FAT-fs (loop1): Directory bread(block 64) failed [ 1199.344302][T19012] FAT-fs (loop1): Directory bread(block 65) failed [ 1199.351208][T19012] FAT-fs (loop1): Directory bread(block 66) failed [ 1199.358386][T19012] FAT-fs (loop1): Directory bread(block 67) failed [ 1199.365421][T19012] FAT-fs (loop1): Directory bread(block 68) failed [ 1199.372169][T19012] FAT-fs (loop1): Directory bread(block 69) failed [ 1199.385523][T19012] FAT-fs (loop1): Directory bread(block 70) failed [ 1199.394180][T19012] FAT-fs (loop1): Directory bread(block 71) failed [ 1199.401428][T19012] FAT-fs (loop1): Directory bread(block 72) failed [ 1199.408293][T19012] FAT-fs (loop1): Directory bread(block 73) failed [ 1200.069243][ T6101] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 1200.208204][T19032] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6277'. [ 1200.303377][ T6101] usb 5-1: Using ep0 maxpacket: 8 [ 1200.370310][ T6101] usb 5-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00 [ 1200.383054][ T6101] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1200.391323][ T6101] usb 5-1: Product: syz [ 1200.396032][ T6101] usb 5-1: Manufacturer: syz [ 1200.400845][ T6101] usb 5-1: SerialNumber: syz [ 1200.424796][ T6101] usb 5-1: config 0 descriptor?? [ 1200.467153][ T6101] radio-usb-si4713 5-1:0.0: Si4713 development board discovered: (10C4:8244) [ 1200.955549][ T6101] radio-usb-si4713 5-1:0.0: probe with driver radio-usb-si4713 failed with error -71 [ 1200.966278][ T6101] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 1201.026207][ T6101] usb 5-1: USB disconnect, device number 4 [ 1201.034194][T19046] trusted_key: encrypted_key: keylen parameter is missing [ 1201.061813][ T6287] udevd[6287]: setting owner of /dev/bus/usb/005/004 to uid=0, gid=0 failed: No such file or directory [ 1201.516511][T19053] netlink: 'syz.2.6287': attribute type 9 has an invalid length. [ 1202.052583][T19064] ieee802154 phy0 wpan0: encryption failed: -22 [ 1202.746998][ T6101] usb 2-1: new full-speed USB device number 100 using dummy_hcd [ 1202.981642][ T6101] usb 2-1: config 0 has an invalid interface number: 202 but max is 0 [ 1202.990675][ T6101] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1203.001238][ T6101] usb 2-1: config 0 has no interface number 0 [ 1203.007671][ T6101] usb 2-1: config 0 interface 202 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1203.017934][ T6101] usb 2-1: config 0 interface 202 altsetting 0 endpoint 0x1 has invalid maxpacket 111, setting to 64 [ 1203.029279][ T6101] usb 2-1: config 0 interface 202 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 5 [ 1203.205391][ T6101] usb 2-1: New USB device found, idVendor=0b48, idProduct=3011, bcdDevice= 2.38 [ 1203.215033][ T6101] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1203.223486][ T6101] usb 2-1: Product: syz [ 1203.227857][ T6101] usb 2-1: Manufacturer: syz [ 1203.232914][ T6101] usb 2-1: SerialNumber: syz [ 1203.288928][ T6101] usb 2-1: config 0 descriptor?? [ 1203.377340][ T6101] dvb-usb: found a 'TechnoTrend TT-connect S2-4600' in warm state. [ 1203.385681][ T6101] dw2102: su3000_power_ctrl: 1, initialized 0 [ 1203.392188][ T6101] dvb-usb: bulk message failed: -8 (2/0) [ 1203.507142][ T6101] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 1203.578233][ T6101] dvb-usb: TechnoTrend TT-connect S2-4600 error while loading driver (-19) [ 1203.676880][ T6101] usb 2-1: USB disconnect, device number 100 [ 1205.162388][T19120] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6322'. [ 1205.908890][T19135] binfmt_misc: register: failed to install interpreter file ./bus/file0 [ 1206.460233][T19146] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6334'. [ 1206.783761][T19149] loop1: detected capacity change from 0 to 256 [ 1209.300189][T19198] netlink: 'syz.3.6360': attribute type 32 has an invalid length. [ 1209.308257][T19198] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6360'. [ 1209.317889][T19198] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 1210.117323][T19216] loop1: detected capacity change from 0 to 128 [ 1211.657100][T19244] netlink: 11 bytes leftover after parsing attributes in process `syz.0.6382'. [ 1211.667109][T19244] netlink: 7 bytes leftover after parsing attributes in process `syz.0.6382'. [ 1211.995395][T19250] netlink: 'syz.3.6385': attribute type 1 has an invalid length. [ 1212.003804][T19250] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6385'. [ 1212.844513][T19266] xt_hashlimit: overflow, try lower: 18446744073709551615/7 [ 1213.083173][T19272] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 1213.227415][T19274] ieee802154 phy0 wpan0: encryption failed: -22 [ 1214.061245][ T6101] usb 1-1: new high-speed USB device number 116 using dummy_hcd [ 1214.251438][ T6101] usb 1-1: Using ep0 maxpacket: 16 [ 1214.314380][ T6101] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1214.328125][ T6101] usb 1-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 1214.337743][ T6101] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1214.410016][ T6101] usb 1-1: config 0 descriptor?? [ 1214.430822][ T6101] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input41 [ 1214.644711][ T5122] bcm5974 1-1:0.0: could not read from device [ 1214.657007][ T6101] bcm5974 1-1:0.0: could not read from device [ 1214.730342][ T6101] input: failed to attach handler mousedev to device input41, error: -5 [ 1214.749256][ T5122] bcm5974 1-1:0.0: could not read from device [ 1214.814799][ T5122] bcm5974 1-1:0.0: could not read from device [ 1214.854146][ T6101] usb 1-1: USB disconnect, device number 116 [ 1215.448255][T19301] loop2: detected capacity change from 0 to 4096 [ 1215.667056][T19310] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1215.718619][T19301] NILFS (loop2): the device already has a read/write mount. [ 1216.665228][T19329] netlink: 'syz.1.6423': attribute type 30 has an invalid length. [ 1217.078428][ T6114] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 1217.280417][ T6114] usb 5-1: config 0 has an invalid interface number: 194 but max is 0 [ 1217.289347][ T6114] usb 5-1: config 0 has no interface number 0 [ 1217.367610][ T6114] usb 5-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=7d.d2 [ 1217.377662][ T6114] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1217.386201][ T6114] usb 5-1: Product: syz [ 1217.390682][ T6114] usb 5-1: Manufacturer: syz [ 1217.395604][ T6114] usb 5-1: SerialNumber: syz [ 1217.465583][ T6114] usb 5-1: config 0 descriptor?? [ 1217.523101][T19346] netlink: 830 bytes leftover after parsing attributes in process `syz.0.6430'. [ 1217.979830][ T6114] usb 5-1: USB disconnect, device number 5 [ 1217.986039][T19350] x_tables: unsorted underflow at hook 1 [ 1217.986865][ T6114] f81534a_ctrl 5-1:0.194: failed to set register 0x116: -19 [ 1217.999733][ T6114] f81534a_ctrl 5-1:0.194: failed to enable ports: -19 [ 1219.539384][T19366] loop1: detected capacity change from 0 to 4096 [ 1219.597520][T19366] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 1219.908855][T19366] ntfs3(loop1): failed to convert "c46c" to cp866 [ 1219.958233][T19380] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6447'. [ 1221.009120][T19399] loop2: detected capacity change from 0 to 256 [ 1221.281926][ T6101] usb 4-1: new high-speed USB device number 115 using dummy_hcd [ 1221.300963][T19402] loop1: detected capacity change from 0 to 64 [ 1221.445614][T19402] syz.1.6458: attempt to access beyond end of device [ 1221.445614][T19402] loop1: rw=2049, sector=268435468, nr_sectors = 2 limit=64 [ 1221.488670][ T6101] usb 4-1: Using ep0 maxpacket: 8 [ 1221.516624][ T6101] usb 4-1: config 1 has an invalid interface number: 128 but max is 1 [ 1221.525853][ T6101] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1221.536602][ T6101] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 1221.546063][ T6101] usb 4-1: config 1 has no interface number 0 [ 1221.552428][ T6101] usb 4-1: config 1 interface 128 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1221.649480][ T6101] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1221.660107][ T6101] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1221.668591][ T6101] usb 4-1: Product: syz [ 1221.673135][ T6101] usb 4-1: Manufacturer: syz [ 1221.680243][ T6101] usb 4-1: SerialNumber: syz [ 1221.755875][ T6101] cdc_wdm 4-1:1.128: skipping garbage [ 1221.761817][ T6101] cdc_wdm 4-1:1.128: invalid descriptor buffer length [ 1221.768958][ T6101] cdc_wdm 4-1:1.128: probe with driver cdc_wdm failed with error -22 [ 1221.985017][ T6101] usb 4-1: USB disconnect, device number 115 [ 1222.333036][ T6114] usb 3-1: new high-speed USB device number 119 using dummy_hcd [ 1222.561128][ T6114] usb 3-1: Using ep0 maxpacket: 32 [ 1222.593882][ T6114] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 1222.604134][ T6114] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1222.671283][ T6114] usb 3-1: config 0 descriptor?? [ 1222.729799][ T6114] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 1223.200459][ T6114] gspca_nw80x: reg_r err -71 [ 1223.205541][ T6114] nw80x 3-1:0.0: probe with driver nw80x failed with error -71 [ 1223.256843][ T6114] usb 3-1: USB disconnect, device number 119 [ 1227.275764][ T6101] usb 4-1: new high-speed USB device number 116 using dummy_hcd [ 1227.501062][ T6101] usb 4-1: Using ep0 maxpacket: 16 [ 1227.548962][ T6101] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1227.562006][ T6101] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1227.629498][ T6101] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1227.639522][ T6101] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1227.648272][ T6101] usb 4-1: Product: syz [ 1227.652833][ T6101] usb 4-1: Manufacturer: syz [ 1227.657633][ T6101] usb 4-1: SerialNumber: syz [ 1227.987455][T19519] netlink: 144 bytes leftover after parsing attributes in process `syz.1.6517'. [ 1228.232107][ T6101] usb 4-1: cannot find UAC_HEADER [ 1228.363136][ T6101] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 1228.450577][ T6101] usb 4-1: USB disconnect, device number 116 [ 1228.676610][ T6287] udevd[6287]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1230.411159][T19557] netlink: 'syz.4.6534': attribute type 10 has an invalid length. [ 1231.413041][T19579] random: crng reseeded on system resumption [ 1231.497412][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 1231.497486][ T29] audit: type=1326 audit(2811350248.168:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19580 comm="syz.4.6547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1231.615161][ T29] audit: type=1326 audit(2811350248.269:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19580 comm="syz.4.6547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1231.638666][ T29] audit: type=1326 audit(2811350248.269:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19580 comm="syz.4.6547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1232.027140][T19589] netlink: 'syz.0.6549': attribute type 7 has an invalid length. [ 1232.857646][T19604] SET target dimension over the limit! [ 1233.048074][ T29] audit: type=1326 audit(2811350249.598:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19609 comm="syz.2.6561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d3838cd29 code=0x7ffc0000 [ 1233.071373][ T29] audit: type=1326 audit(2811350249.598:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19609 comm="syz.2.6561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d3838cd29 code=0x7ffc0000 [ 1233.094395][ T29] audit: type=1326 audit(2811350249.635:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19609 comm="syz.2.6561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7f7d3838cd29 code=0x7ffc0000 [ 1233.119452][ T29] audit: type=1326 audit(2811350249.635:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19609 comm="syz.2.6561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d3838cd29 code=0x7ffc0000 [ 1233.143219][ T29] audit: type=1326 audit(2811350249.635:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19609 comm="syz.2.6561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d3838cd29 code=0x7ffc0000 [ 1233.433502][T19617] /dev/sg0: Can't lookup blockdev [ 1234.161109][T19622] loop2: detected capacity change from 0 to 4096 [ 1234.415836][T19632] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6572'. [ 1235.650137][T19656] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000) [ 1235.730976][T19647] "syz.2.6577" (19647) uses obsolete ecb(arc4) skcipher [ 1235.746155][ T6101] usb 4-1: new high-speed USB device number 117 using dummy_hcd [ 1235.846993][ T6114] usb 2-1: new high-speed USB device number 101 using dummy_hcd [ 1235.952212][ T6101] usb 4-1: Using ep0 maxpacket: 8 [ 1236.006083][ T6101] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 1236.017641][ T6101] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1236.027882][ T6101] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1236.037819][ T6101] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 1236.049767][ T6101] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1236.060228][ T6101] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 1236.069609][ T6101] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1236.124114][ T6114] usb 2-1: config 0 has an invalid interface number: 239 but max is 0 [ 1236.133677][ T6114] usb 2-1: config 0 has no interface number 0 [ 1236.140896][ T6114] usb 2-1: config 0 interface 239 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1023 [ 1236.153928][ T6114] usb 2-1: config 0 interface 239 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 511 [ 1236.217113][ T6101] usb 4-1: config 0 descriptor?? [ 1236.240390][T19651] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1236.268590][ T6114] usb 2-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73 [ 1236.278559][ T6114] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1236.286917][ T6114] usb 2-1: Product: syz [ 1236.291494][ T6114] usb 2-1: Manufacturer: syz [ 1236.296317][ T6114] usb 2-1: SerialNumber: syz [ 1236.327366][ T6114] usb 2-1: config 0 descriptor?? [ 1236.343550][T19655] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 1236.355903][T19655] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 1236.638853][T19655] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 1236.639654][T19655] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 1236.899190][ T6114] asix 2-1:0.239 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 1236.900440][ T6114] asix 2-1:0.239: probe with driver asix failed with error -71 [ 1236.932066][T11622] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 1236.934778][ T6114] usb 2-1: USB disconnect, device number 101 [ 1236.935957][ T6101] usb 4-1: USB disconnect, device number 117 [ 1236.937550][T19670] CIFS mount error: No usable UNC path provided in device string! [ 1236.937550][T19670] [ 1236.937635][T19670] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1241.456040][T19753] netlink: 48 bytes leftover after parsing attributes in process `syz.2.6631'. [ 1244.650264][ T6114] usb 2-1: new high-speed USB device number 102 using dummy_hcd [ 1244.762128][T19817] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6663'. [ 1244.771622][T19817] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6663'. [ 1244.879725][ T6114] usb 2-1: Using ep0 maxpacket: 16 [ 1244.898105][ T6114] usb 2-1: config 0 has an invalid interface number: 154 but max is 0 [ 1244.906824][ T6114] usb 2-1: config 0 has no interface number 0 [ 1244.913489][ T6114] usb 2-1: config 0 interface 154 has no altsetting 0 [ 1244.937977][ T6114] usb 2-1: New USB device found, idVendor=05ac, idProduct=0243, bcdDevice=d2.52 [ 1244.947464][ T6114] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1244.955934][ T6114] usb 2-1: Product: syz [ 1244.960307][ T6114] usb 2-1: Manufacturer: syz [ 1244.965135][ T6114] usb 2-1: SerialNumber: syz [ 1244.983955][ T6114] usb 2-1: config 0 descriptor?? [ 1245.269378][ T6114] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.154/input/input42 [ 1245.315398][ T5122] bcm5974 2-1:0.154: could not read from device [ 1245.334796][ T5122] bcm5974 2-1:0.154: could not read from device [ 1245.379375][ T5122] bcm5974 2-1:0.154: could not read from device [ 1245.410507][ T6114] usb 2-1: USB disconnect, device number 102 [ 1245.451277][ T5122] bcm5974 2-1:0.154: could not read from device [ 1245.470871][T19824] netlink: 256 bytes leftover after parsing attributes in process `syz.2.6666'. [ 1245.552504][T19825] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6667'. [ 1245.562787][T19825] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6667'. [ 1246.087532][T19833] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6671'. [ 1247.707993][T19869] netlink: 44 bytes leftover after parsing attributes in process `syz.0.6686'. [ 1247.717425][T19869] netlink: 'syz.0.6686': attribute type 1 has an invalid length. [ 1248.464285][T19884] vivid-007: disconnect [ 1248.477305][T19883] vivid-007: reconnect [ 1248.667729][T19886] loop2: detected capacity change from 0 to 1024 [ 1248.866716][T19886] hfsplus: xattr searching failed [ 1249.653360][T19904] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6703'. [ 1250.385834][T19917] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6710'. [ 1251.969418][T19948] batadv1: entered promiscuous mode [ 1251.982760][T19948] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 1252.572400][T19960] binder: BC_ACQUIRE_RESULT not supported [ 1252.578397][T19960] binder: 19959:19960 ioctl c0306201 20000180 returned -22 [ 1253.428088][T19978] netlink: 144 bytes leftover after parsing attributes in process `syz.3.6742'. [ 1254.727296][ T6101] usb 1-1: new high-speed USB device number 117 using dummy_hcd [ 1254.954955][ T6101] usb 1-1: Using ep0 maxpacket: 16 [ 1254.965820][T20010] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6757'. [ 1255.020471][ T6101] usb 1-1: config 0 has an invalid descriptor of length 119, skipping remainder of the config [ 1255.031831][ T6101] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C [ 1255.043851][ T6101] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8C has an invalid bInterval 50, changing to 9 [ 1255.055225][ T6101] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8C has invalid maxpacket 8491, setting to 1024 [ 1255.066776][ T6101] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1255.249966][ T6101] usb 1-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f [ 1255.259876][ T6101] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1255.268147][ T6101] usb 1-1: Product: syz [ 1255.272834][ T6101] usb 1-1: Manufacturer: syz [ 1255.277662][ T6101] usb 1-1: SerialNumber: syz [ 1255.380121][ T6101] usb 1-1: config 0 descriptor?? [ 1255.738959][ T6101] rc_core: IR keymap rc-xbox-dvd not found [ 1255.745046][ T6101] Registered IR keymap rc-empty [ 1255.752791][ T6101] rc rc0: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 1255.765021][ T6101] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input43 [ 1256.063456][ C0] xbox_remote 1-1:0.0: xbox_remote_irq_in: usb_submit_urb()=-19 [ 1256.071587][ T6101] usb 1-1: USB disconnect, device number 117 [ 1257.333030][T20045] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0 [ 1257.615007][T20049] Can't find a SQUASHFS superblock on nullb0 [ 1258.120301][T20062] netlink: 1216 bytes leftover after parsing attributes in process `syz.2.6782'. [ 1258.130087][T20062] netlink: 4436 bytes leftover after parsing attributes in process `syz.2.6782'. [ 1258.853047][T20073] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6788'. [ 1259.141780][T20080] loop1: detected capacity change from 0 to 512 [ 1259.295462][T20080] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1259.309023][T20080] ext4 filesystem being mounted at /1319/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1259.360799][T20084] loop2: detected capacity change from 0 to 256 [ 1259.484494][T20089] nvme_fabrics: unknown parameter or missing value ']' in ctrl creation request [ 1259.568054][T20084] FAT-fs (loop2): Directory bread(block 64) failed [ 1259.575300][T20084] FAT-fs (loop2): Directory bread(block 65) failed [ 1259.582675][T20084] FAT-fs (loop2): Directory bread(block 66) failed [ 1259.589507][T20084] FAT-fs (loop2): Directory bread(block 67) failed [ 1259.596704][T20084] FAT-fs (loop2): Directory bread(block 68) failed [ 1259.603619][T20084] FAT-fs (loop2): Directory bread(block 69) failed [ 1259.610583][T20084] FAT-fs (loop2): Directory bread(block 70) failed [ 1259.620441][T20084] FAT-fs (loop2): Directory bread(block 71) failed [ 1259.628377][T20084] FAT-fs (loop2): Directory bread(block 72) failed [ 1259.635338][T20084] FAT-fs (loop2): Directory bread(block 73) failed [ 1259.756904][ T6023] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1260.512996][ T29] audit: type=1326 audit(2811350274.935:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20100 comm="syz.2.6799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d3838cd29 code=0x7ffc0000 [ 1260.535950][ T29] audit: type=1326 audit(2811350274.935:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20100 comm="syz.2.6799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d3838cd29 code=0x7ffc0000 [ 1260.559179][ T29] audit: type=1326 audit(2811350274.944:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20100 comm="syz.2.6799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f7d3838cd29 code=0x7ffc0000 [ 1260.581693][ C0] vkms_vblank_simulate: vblank timer overrun [ 1260.588542][ T29] audit: type=1326 audit(2811350274.944:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20100 comm="syz.2.6799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d3838cd29 code=0x7ffc0000 [ 1260.611515][ T29] audit: type=1326 audit(2811350274.944:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20100 comm="syz.2.6799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d3838cd29 code=0x7ffc0000 [ 1260.634023][ C0] vkms_vblank_simulate: vblank timer overrun [ 1261.263181][T20114] netlink: 'syz.2.6807': attribute type 3 has an invalid length. [ 1261.271799][T20114] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.6807'. [ 1262.233569][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 1262.240706][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 1262.788374][ T6114] usb 4-1: new low-speed USB device number 118 using dummy_hcd [ 1263.048756][ T6114] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1263.094862][ T6114] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 1263.104097][ T6114] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 1263.114692][ T6114] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1263.236985][ T6114] usb 4-1: string descriptor 0 read error: -22 [ 1263.245235][ T6114] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1263.257543][ T6114] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1263.380240][ T6114] usb 4-1: 0:2 : does not exist [ 1263.460982][T20153] Cannot find del_set index 4 as target [ 1263.639233][ T6114] usb 4-1: USB disconnect, device number 118 [ 1263.913125][ T6287] udevd[6287]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1264.149935][T20159] loop1: detected capacity change from 0 to 4096 [ 1264.176403][T20159] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 1264.464242][T20159] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 1264.533230][T20159] ntfs3(loop1): Failed to load $Extend (-22). [ 1264.539690][T20159] ntfs3(loop1): Failed to initialize $Extend. [ 1265.929929][ T6114] usb 1-1: new high-speed USB device number 118 using dummy_hcd [ 1266.179819][ T6114] usb 1-1: unable to get BOS descriptor or descriptor too short [ 1266.213336][ T6114] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 223, changing to 7 [ 1266.224764][ T6114] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1266.255617][T20197] netlink: 'syz.3.6847': attribute type 21 has an invalid length. [ 1266.263716][T20197] netlink: 'syz.3.6847': attribute type 5 has an invalid length. [ 1266.301939][ T6114] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1266.311678][ T6114] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1266.320053][ T6114] usb 1-1: Product: syz [ 1266.324514][ T6114] usb 1-1: Manufacturer: syz [ 1266.329312][ T6114] usb 1-1: SerialNumber: syz [ 1266.397317][T20202] tmpfs: Bad value for 'mpol' [ 1266.485172][T20203] loop1: detected capacity change from 0 to 2048 [ 1266.560591][T20203] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1266.665911][T20203] UDF-fs: error (device loop1): udf_read_inode: (ino 1345) failed !bh [ 1266.728108][ T6114] usb 1-1: 2:1 : sample bitwidth 191 in over sample bytes 2 [ 1266.736004][ T6114] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 1266.947092][ T6114] usb 1-1: USB disconnect, device number 118 [ 1267.226312][ T6287] udevd[6287]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1267.855155][ T29] audit: type=1326 audit(2811350281.728:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20216 comm="syz.4.6857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1267.878203][ T29] audit: type=1326 audit(2811350281.728:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20216 comm="syz.4.6857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1267.901169][ T29] audit: type=1326 audit(2811350281.728:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20216 comm="syz.4.6857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1267.924103][ T29] audit: type=1326 audit(2811350281.728:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20216 comm="syz.4.6857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1269.054974][T20241] syz.4.6869 uses old SIOCAX25GETINFO [ 1269.467113][T20248] tmpfs: Bad value for 'mpol' [ 1269.949597][T20258] netlink: 2 bytes leftover after parsing attributes in process `syz.2.6878'. [ 1270.006041][T20260] netlink: 'syz.0.6877': attribute type 46 has an invalid length. [ 1270.101101][T20262] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.6879'. [ 1270.568941][T20274] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6884'. [ 1271.441454][T11622] Bluetooth: hci3: Unable to find connection with handle 0x0000 [ 1272.015668][T20296] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 1272.033141][T20296] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1272.610252][T20308] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6901'. [ 1272.619787][T20308] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6901'. [ 1273.275732][T20318] IPv6: sit1: Disabled Multicast RS [ 1275.024687][T20354] loop2: detected capacity change from 0 to 256 [ 1275.192247][T20354] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 1275.306792][T20354] exFAT-fs (loop2): error, exfat_zeroed_cluster: out of range(sect:224 len:8) [ 1275.316462][T20354] exFAT-fs (loop2): Filesystem has been set read-only [ 1275.649539][T20362] xt_socket: unknown flags 0x4 [ 1275.918609][T20367] loop2: detected capacity change from 0 to 512 [ 1275.989874][T20367] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1276.064250][T20367] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 1276.072944][T20367] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 1276.112753][T20367] EXT4-fs (loop2): 1 truncate cleaned up [ 1276.120634][T20367] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1276.220052][ T6020] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1277.286890][T20389] loop2: detected capacity change from 0 to 1024 [ 1277.434465][T20389] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1277.532827][T20389] EXT4-fs error (device loop2): ext4_xattr_inode_iget:440: inode #11: comm syz.2.6941: missing EA_INODE flag [ 1277.585643][T20389] EXT4-fs (loop2): Remounting filesystem read-only [ 1277.733432][T20403] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1277.801805][ T6020] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1279.149138][T20430] binder: binder_mmap: 20428 20ff9000-20ffd000 bad vm_flags failed -1 [ 1279.177260][T20431] loop1: detected capacity change from 0 to 128 [ 1279.950117][T20441] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1280.444612][T20453] netlink: 'syz.0.6971': attribute type 1 has an invalid length. [ 1280.453180][T20453] nbd: couldn't find a device at index 20 [ 1280.572702][T20455] ieee802154 phy0 wpan0: encryption failed: -22 [ 1281.289254][T20468] netlink: 'syz.3.6978': attribute type 3 has an invalid length. [ 1281.297397][T20468] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6978'. [ 1283.033213][T20502] loop2: detected capacity change from 0 to 128 [ 1283.246032][T20502] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1283.340535][T20502] ext4 filesystem being mounted at /1321/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1283.753562][ T6020] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1284.610054][T20525] wlan1 speed is unknown, defaulting to 1000 [ 1287.373049][T20561] veth1_macvtap: left promiscuous mode [ 1287.779738][T20567] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 1287.821973][T20567] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 1288.251639][T12802] usb 2-1: new high-speed USB device number 103 using dummy_hcd [ 1288.465866][T12802] usb 2-1: Using ep0 maxpacket: 16 [ 1288.480658][T12802] usb 2-1: config index 0 descriptor too short (expected 6379, got 18) [ 1288.489825][T12802] usb 2-1: config 187 has too many interfaces: 173, using maximum allowed: 32 [ 1288.499162][T12802] usb 2-1: config 187 descriptor has 1 excess byte, ignoring [ 1288.506802][T12802] usb 2-1: config 187 has 0 interfaces, different from the descriptor's value: 173 [ 1288.532034][T12802] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1288.540112][T20580] netlink: 'syz.0.7030': attribute type 4 has an invalid length. [ 1288.541856][T12802] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1288.557799][T12802] usb 2-1: Product: syz [ 1288.562203][T12802] usb 2-1: Manufacturer: syz [ 1288.567169][T12802] usb 2-1: SerialNumber: syz [ 1288.593963][T12802] r8152-cfgselector 2-1: Unknown version 0x0000 [ 1288.869747][T12802] r8152-cfgselector 2-1: USB disconnect, device number 103 [ 1289.370343][T20591] xt_hashlimit: max too large, truncated to 1048576 [ 1289.853138][T20598] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 1289.920142][T20598] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1290.576892][T20611] xt_TCPMSS: Only works on TCP SYN packets [ 1290.722185][T20616] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 1290.734313][T20617] netlink: 36 bytes leftover after parsing attributes in process `syz.2.7048'. [ 1290.826921][T12802] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 1291.028979][T12802] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 1291.039482][T12802] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1291.112748][T12802] usb 5-1: config 0 descriptor?? [ 1291.445525][T20629] loop1: detected capacity change from 0 to 64 [ 1291.638789][T12802] ath6kl: Failed to submit usb control message: -71 [ 1291.646405][T12802] ath6kl: unable to send the bmi data to the device: -71 [ 1291.654040][T12802] ath6kl: Unable to send get target info: -71 [ 1291.666902][T12802] ath6kl: Failed to init ath6kl core: -71 [ 1291.679459][T12802] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 1291.744037][T12802] usb 5-1: USB disconnect, device number 6 [ 1292.315856][T20637] loop1: detected capacity change from 0 to 8 [ 1292.416845][T20637] SQUASHFS error: Unable to read inode 0xe3 [ 1293.195899][T20655] netlink: 268 bytes leftover after parsing attributes in process `syz.4.7067'. [ 1293.207592][T20655] unsupported nla_type 65024 [ 1293.876281][T20660] loop2: detected capacity change from 0 to 4096 [ 1293.953140][T20660] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 1294.078252][T20670] usb usb1: usbfs: process 20670 (syz.1.7073) did not claim interface 0 before use [ 1294.285004][T20660] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 1294.312999][T20673] netlink: 'syz.4.7076': attribute type 1 has an invalid length. [ 1295.757312][T20700] loop2: detected capacity change from 0 to 512 [ 1295.969442][T20706] netlink: 192 bytes leftover after parsing attributes in process `syz.3.7092'. [ 1296.428718][T20700] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6 [ 1296.994509][T20724] loop2: detected capacity change from 0 to 64 [ 1297.419164][T20731] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7104'. [ 1298.742696][T20758] netlink: 44 bytes leftover after parsing attributes in process `syz.3.7115'. [ 1298.753559][T20758] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7115'. [ 1300.417643][T20792] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 1300.426583][T20792] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1300.924538][ T6114] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 1301.173944][ T6114] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 1301.184578][ T6114] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1301.193888][ T6114] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1301.279982][ T6114] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 1301.329259][T20807] loop2: detected capacity change from 0 to 512 [ 1301.390780][T20807] EXT4-fs: Ignoring removed oldalloc option [ 1301.461646][ T6114] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -2 [ 1301.587787][T20807] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.7139: Parent and EA inode have the same ino 15 [ 1301.617157][ T6114] usb 5-1: USB disconnect, device number 7 [ 1301.658688][T20807] EXT4-fs (loop2): Remounting filesystem read-only [ 1301.669295][T20807] EXT4-fs warning (device loop2): ext4_evict_inode:259: couldn't mark inode dirty (err -5) [ 1301.680540][T20807] EXT4-fs (loop2): 1 orphan inode deleted [ 1301.688798][T20807] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1301.791772][T20807] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1301.859591][ T6287] udevd[6287]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1303.434903][T20847] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1304.012379][T20858] netlink: 256 bytes leftover after parsing attributes in process `syz.0.7163'. [ 1304.546398][T20866] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7165'. [ 1304.577991][T20869] xt_TCPMSS: Only works on TCP SYN packets [ 1304.745507][T20872] nfs: Unknown parameter '&' [ 1305.760635][T20890] netlink: 32 bytes leftover after parsing attributes in process `syz.4.7176'. [ 1305.841112][T20882] loop1: detected capacity change from 0 to 4096 [ 1305.942183][T20882] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 1305.950440][T20882] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 1305.959205][T20882] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 1305.967740][T20882] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 1305.976207][T20882] ntfs3(loop1): try to read out of volume at offset 0x3fffffc1c00 [ 1305.984600][T20882] ntfs3(loop1): try to read out of volume at offset 0x3fffffc2c00 [ 1305.995368][T20882] ntfs3(loop1): try to read out of volume at offset 0x3fffffc4c00 [ 1306.003609][T20882] ntfs3(loop1): try to read out of volume at offset 0x3fffffc8c00 [ 1306.011992][T20882] ntfs3(loop1): try to read out of volume at offset 0x3fffffd0c00 [ 1306.020456][T20882] ntfs3(loop1): try to read out of volume at offset 0x3fffffe0c00 [ 1306.525153][T20899] loop2: detected capacity change from 0 to 2048 [ 1306.662817][T20906] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1306.765586][T20899] NILFS (loop2): error -2 truncating bmap (ino=16) [ 1307.154786][T20906] NILFS (loop2): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3) [ 1307.165798][T20906] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=16) [ 1307.226284][T20906] Remounting filesystem read-only [ 1307.268748][ T6020] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer [ 1307.883749][T20920] loop2: detected capacity change from 0 to 2048 [ 1307.887071][T20925] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7189'. [ 1308.033823][T20920] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1308.085370][T20920] EXT4-fs error (device loop2): ext4_find_extent:938: inode #2: comm syz.2.7186: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 1308.203568][T20920] EXT4-fs (loop2): Remounting filesystem read-only [ 1308.249416][T20933] netlink: 'syz.0.7190': attribute type 4 has an invalid length. [ 1308.683455][ T6020] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1309.035568][T20945] netlink: 'syz.4.7197': attribute type 12 has an invalid length. [ 1310.683314][T20983] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7211'. [ 1311.211850][T20993] loop2: detected capacity change from 0 to 1024 [ 1311.826315][T15830] hfsplus: b-tree write err: -5, ino 4 [ 1312.085770][T21009] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7222'. [ 1312.344727][T21014] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7223'. [ 1312.934780][ T29] audit: type=1326 audit(2811350323.337:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21023 comm="syz.2.7229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d3838cd29 code=0x7ffc0000 [ 1312.958451][ T29] audit: type=1326 audit(2811350323.337:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21023 comm="syz.2.7229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d3838cd29 code=0x7ffc0000 [ 1312.980967][ C0] vkms_vblank_simulate: vblank timer overrun [ 1312.989148][ T29] audit: type=1326 audit(2811350323.364:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21023 comm="syz.2.7229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f7d3838cd29 code=0x7ffc0000 [ 1313.013077][ T29] audit: type=1326 audit(2811350323.364:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21023 comm="syz.2.7229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d3838cd29 code=0x7ffc0000 [ 1313.035608][ C0] vkms_vblank_simulate: vblank timer overrun [ 1313.042539][ T29] audit: type=1326 audit(2811350323.364:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21023 comm="syz.2.7229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d3838cd29 code=0x7ffc0000 [ 1314.303731][T21052] loop2: detected capacity change from 0 to 256 [ 1314.688257][T21056] netlink: 'syz.1.7241': attribute type 1 has an invalid length. [ 1314.688445][T21056] netlink: 'syz.1.7241': attribute type 2 has an invalid length. [ 1314.688526][T21056] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7241'. [ 1314.832124][T21052] FAT-fs (loop2): Directory bread(block 64) failed [ 1314.832252][T21052] FAT-fs (loop2): Directory bread(block 65) failed [ 1314.832482][T21052] FAT-fs (loop2): Directory bread(block 66) failed [ 1314.832590][T21052] FAT-fs (loop2): Directory bread(block 67) failed [ 1314.832816][T21052] FAT-fs (loop2): Directory bread(block 68) failed [ 1314.832923][T21052] FAT-fs (loop2): Directory bread(block 69) failed [ 1314.833138][T21052] FAT-fs (loop2): Directory bread(block 70) failed [ 1314.833244][T21052] FAT-fs (loop2): Directory bread(block 71) failed [ 1314.833461][T21052] FAT-fs (loop2): Directory bread(block 72) failed [ 1314.833564][T21052] FAT-fs (loop2): Directory bread(block 73) failed [ 1315.295359][T21063] netlink: 45 bytes leftover after parsing attributes in process `syz.4.7243'. [ 1316.179842][T21076] netlink: 'syz.2.7249': attribute type 3 has an invalid length. [ 1316.616333][T21080] loop2: detected capacity change from 0 to 256 [ 1316.652328][T21075] loop1: detected capacity change from 0 to 4096 [ 1318.893013][T21111] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7266'. [ 1319.726588][T21129] netlink: 64 bytes leftover after parsing attributes in process `syz.1.7275'. [ 1319.736669][T21129] netlink: 64 bytes leftover after parsing attributes in process `syz.1.7275'. [ 1319.926244][T21133] netlink: 'syz.3.7276': attribute type 3 has an invalid length. [ 1320.200408][T21137] CIFS mount error: No usable UNC path provided in device string! [ 1320.200408][T21137] [ 1320.211070][T21137] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1320.360982][T21140] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1320.531032][T21141] loop1: detected capacity change from 0 to 2048 [ 1320.647165][T21141] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1320.842955][T21149] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7284'. [ 1321.493034][T21159] netlink: 'syz.2.7290': attribute type 10 has an invalid length. [ 1321.501920][T21159] net veth1_virt_wifi virt_wifi0: entered promiscuous mode [ 1321.835359][ T29] audit: type=1326 audit(2811350331.542:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21163 comm="syz.3.7293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1321.863398][ T29] audit: type=1326 audit(2811350331.542:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21163 comm="syz.3.7293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1322.040441][ T29] audit: type=1326 audit(2811350331.644:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21163 comm="syz.3.7293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1322.063514][ T29] audit: type=1326 audit(2811350331.644:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21163 comm="syz.3.7293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1322.091013][ T29] audit: type=1326 audit(2811350331.644:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21163 comm="syz.3.7293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1322.213686][T12802] usb 1-1: new high-speed USB device number 119 using dummy_hcd [ 1322.235020][T21173] loop1: detected capacity change from 0 to 256 [ 1322.431407][T12802] usb 1-1: Using ep0 maxpacket: 16 [ 1322.477689][T12802] usb 1-1: config 0 has an invalid interface number: 105 but max is 0 [ 1322.486408][T12802] usb 1-1: config 0 has an invalid descriptor of length 43, skipping remainder of the config [ 1322.497323][T12802] usb 1-1: config 0 has no interface number 0 [ 1322.589727][T12802] usb 1-1: New USB device found, idVendor=046c, idProduct=14e8, bcdDevice= b.28 [ 1322.599248][T12802] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1322.607825][T12802] usb 1-1: Product: syz [ 1322.612239][T12802] usb 1-1: Manufacturer: syz [ 1322.617344][T12802] usb 1-1: SerialNumber: syz [ 1322.669898][T12802] usb 1-1: config 0 descriptor?? [ 1322.724274][T12802] usb 1-1: Found UVC 0.00 device syz (046c:14e8) [ 1322.731025][T12802] usb 1-1: No valid video chain found. [ 1322.992587][ T6101] usb 1-1: USB disconnect, device number 119 [ 1323.233661][T12802] usb 2-1: new high-speed USB device number 104 using dummy_hcd [ 1323.261034][T21188] loop2: detected capacity change from 0 to 1024 [ 1323.452387][T12802] usb 2-1: config index 0 descriptor too short (expected 30046, got 82) [ 1323.461348][T12802] usb 2-1: config 0 has an invalid interface number: 64 but max is 0 [ 1323.469792][T12802] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1323.480331][T12802] usb 2-1: config 0 has no interface number 0 [ 1323.512025][T12802] usb 2-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 1323.523267][T12802] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1323.532359][T12802] usb 2-1: Product: syz [ 1323.536923][T12802] usb 2-1: Manufacturer: syz [ 1323.541752][T12802] usb 2-1: SerialNumber: syz [ 1323.610903][T12802] usb 2-1: config 0 descriptor?? [ 1323.645075][T12802] usb 2-1: Found UVC 0.00 device syz (046d:0823) [ 1323.651864][T12802] usb 2-1: No valid video chain found. [ 1323.885912][T12802] usb 2-1: USB disconnect, device number 104 [ 1327.864778][T21272] cgroup: name respecified [ 1328.800283][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 1328.807567][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 1328.903232][T21296] loop2: detected capacity change from 0 to 24 [ 1328.971090][T21297] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7358'. [ 1329.013485][T21296] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1329.093464][T21296] VFS: Lookup of 'file0' in romfs loop2 would have caused loop [ 1329.913468][T21315] netlink: 'syz.1.7367': attribute type 12 has an invalid length. [ 1329.922219][T21315] netlink: 132 bytes leftover after parsing attributes in process `syz.1.7367'. [ 1331.125959][T21337] netlink: 'syz.0.7378': attribute type 2 has an invalid length. [ 1331.134325][T21337] netlink: 212912 bytes leftover after parsing attributes in process `syz.0.7378'. [ 1331.336953][T21343] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7382'. [ 1333.380218][T21386] Unknown options in mask 5 [ 1334.175949][T21401] xt_cgroup: xt_cgroup: no path or classid specified [ 1334.424621][ T6114] usb 4-1: new high-speed USB device number 119 using dummy_hcd [ 1334.537399][T21410] loop1: detected capacity change from 0 to 16 [ 1334.587868][T21410] erofs (device loop1): mounted with root inode @ nid 36. [ 1334.636902][ T6114] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1334.648459][ T6114] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1334.655539][ T6114] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 1334.664944][ T6114] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1334.798017][ T6114] usb 4-1: config 0 descriptor?? [ 1335.074823][ T6114] ath6kl: Failed to submit usb control message: -71 [ 1335.082025][ T6114] ath6kl: unable to send the bmi data to the device: -71 [ 1335.089571][ T6114] ath6kl: Unable to send get target info: -71 [ 1335.124481][ T6114] ath6kl: Failed to init ath6kl core: -71 [ 1335.136034][ T6114] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 1335.286824][ T6114] usb 4-1: USB disconnect, device number 119 [ 1336.177339][T21436] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7427'. [ 1336.186925][T21436] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7427'. [ 1336.214803][T21436] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 1336.443289][T21442] usb usb7: usbfs: process 21442 (syz.2.7428) did not claim interface 0 before use [ 1336.601731][T21444] xt_l2tp: invalid flags combination: c [ 1337.145752][T21455] netlink: 'syz.3.7436': attribute type 9 has an invalid length. [ 1337.153914][T21455] netlink: 'syz.3.7436': attribute type 1 has an invalid length. [ 1337.161845][T21455] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.7436'. [ 1338.018226][T21473] loop2: detected capacity change from 0 to 164 [ 1338.793961][T21484] loop2: detected capacity change from 0 to 8 [ 1338.880054][T21484] SQUASHFS error: zlib decompression failed, data probably corrupt [ 1338.889010][T21484] SQUASHFS error: Failed to read block 0x9b: -5 [ 1338.895531][T21484] SQUASHFS error: Unable to read metadata cache entry [99] [ 1338.903148][T21484] SQUASHFS error: Unable to read inode 0x127 [ 1339.908444][T21506] vim2m vim2m.0: Fourcc format (0x47425247) invalid. [ 1340.000054][T21509] netlink: 48 bytes leftover after parsing attributes in process `syz.4.7464'. [ 1340.103029][T21510] ntfs3(nbd2): try to read out of volume at offset 0x0 [ 1340.613071][T21522] netlink: 48 bytes leftover after parsing attributes in process `syz.2.7470'. [ 1341.256196][T21534] loop2: detected capacity change from 0 to 16 [ 1341.318561][T21534] erofs (device loop2): mounted with root inode @ nid 36. [ 1341.417761][T21534] erofs (device loop2): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 1341.450297][T21534] erofs (device loop2): read error -117 @ 43 of nid 36 [ 1342.535529][T21558] loop2: detected capacity change from 0 to 128 [ 1342.591313][T21558] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1342.662405][T21558] ext4 filesystem being mounted at /1413/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1342.781476][T21558] EXT4-fs warning (device loop2): verify_group_input:137: Cannot add at group 1023 (only 1 groups) [ 1343.052947][ T6020] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1344.678135][T21599] ip6gre1: entered promiscuous mode [ 1345.632895][T21612] loop1: detected capacity change from 0 to 1024 [ 1345.663333][T21614] process 'syz.3.7515' launched '/dev/fd/3' with NULL argv: empty string added [ 1345.753586][T21612] hfsplus: trying to free free bnode 0(1) [ 1345.871394][ T29] audit: type=1326 audit(2811350353.731:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21617 comm="syz.4.7517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1345.926915][T21611] loop2: detected capacity change from 0 to 4096 [ 1345.994309][ T29] audit: type=1326 audit(2811350353.768:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21617 comm="syz.4.7517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1346.017808][ T29] audit: type=1326 audit(2811350353.768:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21617 comm="syz.4.7517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1346.046906][ T29] audit: type=1326 audit(2811350353.768:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21617 comm="syz.4.7517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1346.132419][T15855] hfsplus: b-tree write err: -5, ino 4 [ 1346.235334][T21611] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1346.885331][ T6020] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1347.592038][T21643] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7529'. [ 1348.025827][T21650] geneve2: entered promiscuous mode [ 1348.162553][T21653] netlink: 'syz.3.7533': attribute type 3 has an invalid length. [ 1348.400671][T21656] xt_hashlimit: max too large, truncated to 1048576 [ 1348.678698][T21661] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7537'. [ 1348.688026][T21661] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7537'. [ 1348.697302][T21661] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7537'. [ 1348.712211][T21661] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7537'. [ 1349.257856][T21673] loop1: detected capacity change from 0 to 128 [ 1349.344198][T21673] VFS: Found a Xenix FS (block size = 1024) on device loop1 [ 1349.657271][ T6023] sysv_free_block: flc_count > flc_size [ 1349.666551][ T6023] sysv_free_block: flc_count > flc_size [ 1349.672667][ T6023] sysv_free_block: flc_count > flc_size [ 1349.680440][ T6023] sysv_free_block: flc_count > flc_size [ 1349.686160][ T6023] sysv_free_block: flc_count > flc_size [ 1349.692050][ T6023] sysv_free_block: flc_count > flc_size [ 1349.697778][ T6023] sysv_free_block: flc_count > flc_size [ 1349.709924][ T6023] sysv_free_block: flc_count > flc_size [ 1349.717569][ T6023] sysv_free_block: flc_count > flc_size [ 1349.723481][ T6023] sysv_free_block: flc_count > flc_size [ 1349.732171][ T6023] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 1349.927981][T21685] x_tables: duplicate underflow at hook 2 [ 1350.842272][T21703] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 54522 - 0 [ 1350.851618][T21703] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 54522 - 0 [ 1350.860924][T21703] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 54522 - 0 [ 1350.870306][T21703] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 54522 - 0 [ 1350.879873][T21703] netdevsim netdevsim2 netdevsim0: set [1, 2] type 2 family 0 port 45621 - 0 [ 1350.889371][T21703] netdevsim netdevsim2 netdevsim1: set [1, 2] type 2 family 0 port 45621 - 0 [ 1350.898681][T21703] netdevsim netdevsim2 netdevsim2: set [1, 2] type 2 family 0 port 45621 - 0 [ 1350.908042][T21703] netdevsim netdevsim2 netdevsim3: set [1, 2] type 2 family 0 port 45621 - 0 [ 1350.917386][T21703] geneve3: entered promiscuous mode [ 1350.922833][T21703] geneve3: entered allmulticast mode [ 1351.775578][T21717] netlink: 256 bytes leftover after parsing attributes in process `syz.0.7565'. [ 1352.256160][T21725] loop2: detected capacity change from 0 to 256 [ 1352.356522][T21727] xt_TPROXY: Can be used only with -p tcp or -p udp [ 1353.590770][T21751] netlink: 'syz.4.7581': attribute type 21 has an invalid length. [ 1353.599015][T21751] netlink: 132 bytes leftover after parsing attributes in process `syz.4.7581'. [ 1354.110257][ T29] audit: type=1400 audit(2811350361.337:130): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=21759 comm="syz.3.7587" [ 1355.145655][ T29] audit: type=1326 audit(2811350362.287:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21781 comm="syz.3.7597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1355.168714][ T29] audit: type=1326 audit(2811350362.287:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21781 comm="syz.3.7597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1355.974341][T21800] »»»»»»: renamed from lo (while UP) [ 1356.583369][T21811] xt_TCPMSS: Only works on TCP SYN packets [ 1357.078284][T21820] netlink: 'syz.1.7614': attribute type 1 has an invalid length. [ 1357.181729][T21824] x_tables: duplicate entry at hook 3 [ 1357.683920][T21836] netlink: 'syz.2.7621': attribute type 4 has an invalid length. [ 1358.586426][T21854] binder: 21852:21854 ioctl 400c620e 20000380 returned -22 [ 1358.981886][T21862] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7635'. [ 1358.991793][T21862] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7635'. [ 1359.001371][T21862] netlink: 'syz.3.7635': attribute type 6 has an invalid length. [ 1359.768589][ T29] audit: type=1326 audit(2811350366.561:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21873 comm="syz.4.7641" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd6a158cd29 code=0x0 [ 1360.781278][T21896] loop2: detected capacity change from 0 to 256 [ 1360.850751][T21899] netlink: 'syz.0.7654': attribute type 10 has an invalid length. [ 1360.858964][T21899] netlink: 152 bytes leftover after parsing attributes in process `syz.0.7654'. [ 1361.100984][T21896] FAT-fs (loop2): Directory bread(block 64) failed [ 1361.107955][T21896] FAT-fs (loop2): Directory bread(block 65) failed [ 1361.115577][T21896] FAT-fs (loop2): Directory bread(block 66) failed [ 1361.122577][T21896] FAT-fs (loop2): Directory bread(block 67) failed [ 1361.129629][T21896] FAT-fs (loop2): Directory bread(block 68) failed [ 1361.138622][T21896] FAT-fs (loop2): Directory bread(block 69) failed [ 1361.146405][T21896] FAT-fs (loop2): Directory bread(block 70) failed [ 1361.153518][T21896] FAT-fs (loop2): Directory bread(block 71) failed [ 1361.160432][T21896] FAT-fs (loop2): Directory bread(block 72) failed [ 1361.167584][T21896] FAT-fs (loop2): Directory bread(block 73) failed [ 1365.354536][T21987] netlink: 830 bytes leftover after parsing attributes in process `syz.1.7698'. [ 1365.375986][T21988] x_tables: unsorted underflow at hook 3 [ 1365.935294][T21999] netlink: 'syz.3.7703': attribute type 13 has an invalid length. [ 1366.002299][T21999] gretap0: refused to change device tx_queue_len [ 1366.014238][T21999] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 1366.452340][T22006] loop2: detected capacity change from 0 to 256 [ 1366.671131][T22006] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f50, chksum : 0xa6aae999, utbl_chksum : 0xe619d30d) [ 1368.241949][T22040] loop2: detected capacity change from 0 to 256 [ 1368.522610][T22040] FAT-fs (loop2): Directory bread(block 64) failed [ 1368.533744][T22040] FAT-fs (loop2): Directory bread(block 65) failed [ 1368.540971][T22040] FAT-fs (loop2): Directory bread(block 66) failed [ 1368.547752][T22040] FAT-fs (loop2): Directory bread(block 67) failed [ 1368.554768][T22040] FAT-fs (loop2): Directory bread(block 68) failed [ 1368.561562][T22040] FAT-fs (loop2): Directory bread(block 69) failed [ 1368.575320][T22040] FAT-fs (loop2): Directory bread(block 70) failed [ 1368.582094][T22040] FAT-fs (loop2): Directory bread(block 71) failed [ 1368.590948][T22040] FAT-fs (loop2): Directory bread(block 72) failed [ 1368.597951][T22040] FAT-fs (loop2): Directory bread(block 73) failed [ 1370.535328][T22084] netlink: 'syz.2.7745': attribute type 11 has an invalid length. [ 1370.543595][T22084] netlink: 224 bytes leftover after parsing attributes in process `syz.2.7745'. [ 1371.704680][ T6114] usb 4-1: new high-speed USB device number 120 using dummy_hcd [ 1371.778024][T22110] netlink: 'syz.2.7759': attribute type 4 has an invalid length. [ 1371.792159][T22110] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.7759'. [ 1371.984112][ T6114] usb 4-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 1371.993561][ T6114] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1372.002005][ T6114] usb 4-1: Product: syz [ 1372.012997][ T6114] usb 4-1: Manufacturer: syz [ 1372.017845][ T6114] usb 4-1: SerialNumber: syz [ 1372.125016][ T6114] usb 4-1: config 0 descriptor?? [ 1372.222111][T22116] netlink: 'syz.4.7761': attribute type 1 has an invalid length. [ 1372.388389][ T6114] hso 4-1:0.0: Failed to find BULK IN ep [ 1372.456996][ T6114] usb-storage 4-1:0.0: USB Mass Storage device detected [ 1372.629600][ T6114] usb 4-1: USB disconnect, device number 120 [ 1373.155148][T22132] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1373.162744][T22132] IPv6: NLM_F_CREATE should be set when creating new route [ 1373.170412][T22132] IPv6: NLM_F_CREATE should be set when creating new route [ 1373.200882][T22133] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7768'. [ 1373.877252][T12802] usb 4-1: new high-speed USB device number 121 using dummy_hcd [ 1374.095103][T12802] usb 4-1: config 0 has an invalid interface number: 44 but max is 0 [ 1374.103731][T12802] usb 4-1: config 0 has no interface number 0 [ 1374.173404][T12802] usb 4-1: New USB device found, idVendor=08fd, idProduct=0002, bcdDevice=ca.fd [ 1374.183134][T12802] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1374.191618][T12802] usb 4-1: Product: syz [ 1374.196018][T12802] usb 4-1: Manufacturer: syz [ 1374.200980][T12802] usb 4-1: SerialNumber: syz [ 1374.339728][T12802] usb 4-1: config 0 descriptor?? [ 1374.615777][T12802] usb 4-1: USB disconnect, device number 121 [ 1375.744243][T22177] loop1: detected capacity change from 0 to 512 [ 1375.773583][T22177] EXT4-fs: Ignoring removed nobh option [ 1375.782680][T22179] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1375.824190][T22181] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7793'. [ 1375.933737][T22177] EXT4-fs (loop1): mounted filesystem 00800000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1375.947208][T22177] ext4 filesystem being mounted at /1522/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1376.296878][ T6023] EXT4-fs (loop1): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 1376.678590][T22196] exFAT-fs (nullb0): mounting with "discard" option, but the device does not support discard [ 1376.689769][T22196] exFAT-fs (nullb0): invalid boot record signature [ 1376.696481][T22196] exFAT-fs (nullb0): failed to read boot sector [ 1376.703191][T22196] exFAT-fs (nullb0): failed to recognize exfat type [ 1377.469264][T22213] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7807'. [ 1377.481451][T22213] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7807'. [ 1377.609999][T22215] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7808'. [ 1378.967191][ T6114] usb 3-1: new full-speed USB device number 120 using dummy_hcd [ 1379.197278][ T6114] usb 3-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 1379.207124][ T6114] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1379.220363][ T6114] usb 3-1: Product: syz [ 1379.226358][ T6114] usb 3-1: Manufacturer: syz [ 1379.231173][ T6114] usb 3-1: SerialNumber: syz [ 1379.336688][ T6114] usb 3-1: config 0 descriptor?? [ 1379.377294][ T6114] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 1379.463976][ T6114] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 1379.507392][ T6114] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) error while loading driver (-19) [ 1379.595822][ T6114] usb 3-1: USB disconnect, device number 120 [ 1381.313490][T22284] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1382.419058][T22307] loop2: detected capacity change from 0 to 1024 [ 1382.688931][T22311] loop1: detected capacity change from 0 to 1024 [ 1382.822704][T22317] netlink: 'syz.3.7858': attribute type 2 has an invalid length. [ 1382.842973][T22311] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1383.558795][ T6023] EXT4-fs error (device loop1): ext4_lookup:1817: inode #2: comm syz-executor: deleted inode referenced: 11 [ 1383.601182][ T6023] EXT4-fs error (device loop1): ext4_lookup:1817: inode #2: comm syz-executor: deleted inode referenced: 11 [ 1384.164622][ T6023] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1384.195465][T15830] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1384.354610][T15830] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1384.592126][T15830] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1384.753878][T15830] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1385.188526][T15830] bridge_slave_1: left allmulticast mode [ 1385.195094][T15830] bridge_slave_1: left promiscuous mode [ 1385.201704][T15830] bridge0: port 2(bridge_slave_1) entered disabled state [ 1385.242193][T15830] bridge_slave_0: left allmulticast mode [ 1385.248463][T15830] bridge_slave_0: left promiscuous mode [ 1385.255123][T15830] bridge0: port 1(bridge_slave_0) entered disabled state [ 1386.115360][T15830] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1386.160584][T15830] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1386.186493][T15830] bond0 (unregistering): Released all slaves [ 1386.211134][T15830] bond1 (unregistering): Released all slaves [ 1386.230986][T15830] bond2 (unregistering): Released all slaves [ 1386.720050][T15830] infiniband syz1: set down [ 1386.726522][ T6101] wlan1 speed is unknown, defaulting to 1000 [ 1386.735814][ T6101] wlan1 speed is unknown, defaulting to 1000 [ 1386.800731][T22337] wlan1 speed is unknown, defaulting to 1000 [ 1386.807385][T15861] smc: removing ib device syz1 [ 1387.899075][T17348] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1387.909339][T17348] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1387.919735][T17348] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1387.932790][T17348] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1388.018812][T17348] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1388.028438][T17348] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1388.412996][T22389] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request [ 1390.192559][ T29] audit: type=1326 audit(2811350394.629:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22401 comm="syz.4.7892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1390.219142][ T29] audit: type=1326 audit(2811350394.638:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22401 comm="syz.4.7892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=59 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1390.243114][ T29] audit: type=1326 audit(2811350394.638:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22401 comm="syz.4.7892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1390.405898][T17348] Bluetooth: hci2: command tx timeout [ 1390.951031][T15830] hsr_slave_0: left promiscuous mode [ 1390.972686][T15830] hsr_slave_1: left promiscuous mode [ 1390.986199][T15830] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1390.995793][T15830] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1391.023817][T15830] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1391.031544][T15830] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1391.056345][T15830] veth1_macvtap: left promiscuous mode [ 1391.062114][T15830] veth0_macvtap: left promiscuous mode [ 1391.069461][T15830] veth1_vlan: left promiscuous mode [ 1391.075024][T15830] veth0_vlan: left promiscuous mode [ 1391.305501][T22414] loop2: detected capacity change from 0 to 512 [ 1391.385042][T22414] EXT4-fs (loop2): orphan cleanup on readonly fs [ 1391.391866][T22414] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13 [ 1391.432629][T22414] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 1391.479133][T22414] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.7897: attempt to clear invalid blocks 2 len 1 [ 1391.542688][T22414] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.7897: invalid indirect mapped block 1819239214 (level 0) [ 1391.614946][T22414] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.7897: invalid indirect mapped block 1819239214 (level 1) [ 1391.668706][T22414] EXT4-fs (loop2): 1 truncate cleaned up [ 1391.676566][T22414] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1391.790133][T22414] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 1391.824296][T22414] EXT4-fs error (device loop2): __ext4_remount:6749: comm syz.2.7897: Abort forced by user [ 1391.872965][T22414] EXT4-fs (loop2): Remounting filesystem read-only [ 1391.880154][T22414] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 1392.165601][ T6020] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1392.576245][T15830] team0 (unregistering): Port device team_slave_1 removed [ 1392.629059][T15830] team0 (unregistering): Port device team_slave_0 removed [ 1392.658214][T17348] Bluetooth: hci2: command tx timeout [ 1393.040735][T22416] netlink: 'syz.0.7898': attribute type 3 has an invalid length. [ 1393.446424][T22441] program syz.4.7907 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1393.828877][T22380] chnl_net:caif_netlink_parms(): no params data found [ 1394.187905][T22439] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1394.198078][T22439] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 1394.266335][T22439] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1394.272873][T22439] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 1394.333745][T22439] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1394.341723][T22439] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 1394.916886][T17348] Bluetooth: hci2: command tx timeout [ 1395.348788][T22380] bridge0: port 1(bridge_slave_0) entered blocking state [ 1395.356707][T22380] bridge0: port 1(bridge_slave_0) entered disabled state [ 1395.364464][T22380] bridge_slave_0: entered allmulticast mode [ 1395.373876][T22380] bridge_slave_0: entered promiscuous mode [ 1395.393956][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 1395.400838][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 1395.492413][T22439] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1395.499022][T22439] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 1395.529909][T22380] bridge0: port 2(bridge_slave_1) entered blocking state [ 1395.537573][T22380] bridge0: port 2(bridge_slave_1) entered disabled state [ 1395.546133][T22380] bridge_slave_1: entered allmulticast mode [ 1395.555470][T22380] bridge_slave_1: entered promiscuous mode [ 1395.923136][T22380] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1396.039990][T22483] Timeout policy `syz0' can only be used by L3 protocol number 5 [ 1396.046796][T22380] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1396.334348][T22380] team0: Port device team_slave_0 added [ 1396.428813][T22380] team0: Port device team_slave_1 added [ 1396.726771][T22380] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1396.735348][T22380] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1396.762223][T22380] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1396.839299][T22380] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1396.846688][T22380] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1396.873133][T22380] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1397.343573][T22380] hsr_slave_0: entered promiscuous mode [ 1397.356827][T22380] hsr_slave_1: entered promiscuous mode [ 1397.365499][T22380] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1397.373376][T22380] Cannot create hsr debugfs directory [ 1398.422461][T22380] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1398.496430][T22380] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1398.580081][T22380] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1398.648184][T22528] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 1398.683165][T22380] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1399.876698][T22380] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1400.038009][T22380] 8021q: adding VLAN 0 to HW filter on device team0 [ 1400.118055][ T4234] bridge0: port 1(bridge_slave_0) entered blocking state [ 1400.125846][ T4234] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1400.239552][ T4234] bridge0: port 2(bridge_slave_1) entered blocking state [ 1400.247323][ T4234] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1400.952108][T22567] Driver unsupported XDP return value 0 on prog (id 392) dev N/A, expect packet loss! [ 1401.936992][T22590] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7964'. [ 1401.946459][T22590] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7964'. [ 1401.958760][T22590] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7964'. [ 1401.970740][T22590] netlink: 44 bytes leftover after parsing attributes in process `syz.3.7964'. [ 1402.256262][T22380] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1404.530776][T22380] veth0_vlan: entered promiscuous mode [ 1404.661113][T22380] veth1_vlan: entered promiscuous mode [ 1404.982300][T22380] veth0_macvtap: entered promiscuous mode [ 1405.069617][T22380] veth1_macvtap: entered promiscuous mode [ 1405.116431][T22649] netlink: 40 bytes leftover after parsing attributes in process `syz.2.7986'. [ 1405.141171][T22649] netdevsim netdevsim2 netdevsim0: set [1, 3] type 2 family 0 port 20000 - 0 [ 1405.150606][T22649] netdevsim netdevsim2 netdevsim1: set [1, 3] type 2 family 0 port 20000 - 0 [ 1405.159847][T22649] netdevsim netdevsim2 netdevsim2: set [1, 3] type 2 family 0 port 20000 - 0 [ 1405.169128][T22649] netdevsim netdevsim2 netdevsim3: set [1, 3] type 2 family 0 port 20000 - 0 [ 1405.284963][T22380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1405.295860][T22380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1405.306177][T22380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1405.318739][T22380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1405.329016][T22380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1405.340735][T22380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1405.351067][T22380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1405.361929][T22380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1405.377219][T22380] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1405.629735][T22380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1405.641494][T22380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1405.651772][T22380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1405.663388][T22380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1405.674092][T22380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1405.684909][T22380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1405.695143][T22380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1405.706067][T22380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1405.721070][T22380] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1405.840435][T22659] loop2: detected capacity change from 0 to 1024 [ 1405.965061][T22659] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1406.041944][T22380] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1406.051247][T22380] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1406.060480][T22380] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1406.069543][T22380] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1406.476882][ T6020] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1407.447351][ T6089] usb 1-1: new high-speed USB device number 120 using dummy_hcd [ 1407.698677][ T6089] usb 1-1: New USB device found, idVendor=05d1, idProduct=2021, bcdDevice=32.00 [ 1407.708384][ T6089] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1407.716658][ T6089] usb 1-1: Product: syz [ 1407.721295][ T6089] usb 1-1: Manufacturer: syz [ 1407.726124][ T6089] usb 1-1: SerialNumber: syz [ 1407.840285][ T6089] usb 1-1: config 0 descriptor?? [ 1407.862582][ T6089] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 1407.873173][ T6089] usb 1-1: Detected FT233HP [ 1408.136609][ T6089] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 1408.177897][ T6089] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 1408.225193][ T6089] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 1408.279364][ T6089] usb 1-1: USB disconnect, device number 120 [ 1408.334474][ T6089] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 1408.347196][ T6089] ftdi_sio 1-1:0.0: device disconnected [ 1408.363294][T22699] ebt_among: src integrity fail: 100 [ 1408.575715][T22702] netlink: 'syz.4.8003': attribute type 1 has an invalid length. [ 1410.299662][T22735] loop2: detected capacity change from 0 to 512 [ 1410.355328][T22735] EXT4-fs (loop2): bad geometry: first data block 1 is beyond end of filesystem (0) [ 1410.429616][T22743] tmpfs: Bad value for 'mpol' [ 1411.368660][T22759] netlink: 36 bytes leftover after parsing attributes in process `syz.3.8021'. [ 1411.644430][T22764] 9pnet_fd: p9_fd_create_unix (22764): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 1411.706035][T22762] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check. [ 1412.822561][T15855] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1412.830671][T15855] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1413.153159][T15878] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1413.162472][T15878] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1414.044875][T22804] loop5: detected capacity change from 0 to 64 [ 1414.169204][ T6101] usb 4-1: new high-speed USB device number 122 using dummy_hcd [ 1414.476911][ T6101] usb 4-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 1414.486730][ T6101] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1414.495290][ T6101] usb 4-1: Product: syz [ 1414.499972][ T6101] usb 4-1: Manufacturer: syz [ 1414.504811][ T6101] usb 4-1: SerialNumber: syz [ 1414.601103][T22812] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8042'. [ 1414.607321][ T6101] usb 4-1: config 0 descriptor?? [ 1415.135930][ T6101] usb 4-1: f81604_write: reg: 105 data: 0 failed: -EPROTO [ 1415.143614][ T6101] f81604 4-1:0.0: Setting termination of CH#0 failed: -EPROTO [ 1415.152032][ T6101] f81604 4-1:0.0: probe with driver f81604 failed with error -71 [ 1415.285665][ T6101] usb 4-1: USB disconnect, device number 122 [ 1417.805533][T22870] loop5: detected capacity change from 0 to 128 [ 1418.358362][T22877] netlink: 108 bytes leftover after parsing attributes in process `syz.4.8067'. [ 1418.368876][T22877] netlink: 108 bytes leftover after parsing attributes in process `syz.4.8067'. [ 1419.016548][T22888] netlink: 'syz.4.8072': attribute type 21 has an invalid length. [ 1419.025541][T22888] netlink: 128 bytes leftover after parsing attributes in process `syz.4.8072'. [ 1419.035128][T22888] netlink: 'syz.4.8072': attribute type 5 has an invalid length. [ 1419.043267][T22888] netlink: 3 bytes leftover after parsing attributes in process `syz.4.8072'. [ 1420.000192][T22909] netlink: 16 bytes leftover after parsing attributes in process `syz.5.8079'. [ 1420.010777][T22909] netlink: 60 bytes leftover after parsing attributes in process `syz.5.8079'. [ 1420.035399][T22909] IPv6: sit1: Disabled Multicast RS [ 1421.277726][T22931] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1421.286588][T22931] bond0: (slave sit0): The slave device specified does not support setting the MAC address [ 1421.300285][T22931] bond0: (slave sit0): Error -95 calling set_mac_address [ 1421.554485][T22940] netlink: 'syz.4.8092': attribute type 4 has an invalid length. [ 1423.521278][T22976] @ÿ: renamed from veth0_vlan (while UP) [ 1423.606281][T22980] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 1423.616245][T22980] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 1424.127787][T22987] xt_connbytes: Forcing CT accounting to be enabled [ 1424.135077][T22987] --map-set only usable from mangle table [ 1424.365892][T22993] bridge_slave_0: entered promiscuous mode [ 1424.372920][T22993] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 1425.301670][T23013] ksmbd: Unknown IPC event: 4, ignore. [ 1427.716899][T23065] netlink: del zone limit has 4 unknown bytes [ 1428.845636][T23085] netlink: 32 bytes leftover after parsing attributes in process `syz.2.8154'. [ 1429.442485][T23099] loop2: detected capacity change from 0 to 128 [ 1429.501511][T23099] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978) [ 1429.608542][T23099] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 1429.750996][T23099] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #2: comm syz.2.8159: No space for directory leaf checksum. Please run e2fsck -D. [ 1429.769014][T23099] EXT4-fs error (device loop2): __ext4_find_entry:1652: inode #2: comm syz.2.8159: checksumming directory block 0 [ 1430.174955][ T6020] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1433.730499][T21184] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 1433.965358][T21184] usb 6-1: config 0 has an invalid interface number: 64 but max is 0 [ 1433.974382][T21184] usb 6-1: config 0 has no interface number 0 [ 1434.031034][T21184] usb 6-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 1434.042118][T21184] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1434.050534][T21184] usb 6-1: Product: syz [ 1434.054933][T21184] usb 6-1: Manufacturer: syz [ 1434.059881][T21184] usb 6-1: SerialNumber: syz [ 1434.112417][T21184] usb 6-1: config 0 descriptor?? [ 1434.404377][T21184] usb 6-1: Found UVC 0.08 device syz (046d:0823) [ 1434.411263][T21184] usb 6-1: No valid video chain found. [ 1434.487775][T21184] usb 6-1: USB disconnect, device number 2 [ 1434.650862][T15861] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1434.659253][T15861] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1434.731749][T23193] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1435.037457][T23202] netlink: 'syz.4.8200': attribute type 30 has an invalid length. [ 1435.945685][T23217] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8206'. [ 1436.984695][T23229] loop5: detected capacity change from 0 to 4096 [ 1437.165672][T23243] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1437.261292][T23229] NILFS error (device loop5): nilfs_dotdot: directory #12 missing '.' [ 1437.317364][T23229] Remounting filesystem read-only [ 1439.251680][T23279] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 1439.411790][T22338] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 1439.623827][T22338] usb 6-1: Using ep0 maxpacket: 8 [ 1439.640974][T22338] usb 6-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 1439.651419][T22338] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 1439.661923][T22338] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1439.774166][T22338] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1439.783634][T22338] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1439.792011][T22338] usb 6-1: Product: syz [ 1439.796394][T22338] usb 6-1: Manufacturer: syz [ 1439.802614][T22338] usb 6-1: SerialNumber: syz [ 1440.301105][T22338] usb 6-1: 0:2 : does not exist [ 1440.396532][T22338] usb 6-1: USB disconnect, device number 3 [ 1440.712695][ T6287] udevd[6287]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1441.642273][T23320] loop5: detected capacity change from 0 to 164 [ 1442.052012][T22338] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 1442.289724][T22338] usb 6-1: Using ep0 maxpacket: 16 [ 1442.334499][T22338] usb 6-1: config 1 has an invalid descriptor of length 194, skipping remainder of the config [ 1442.345334][T22338] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1442.388441][T22338] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1442.398312][T22338] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1442.406565][T22338] usb 6-1: Product: syz [ 1442.411249][T22338] usb 6-1: Manufacturer: syz [ 1442.416065][T22338] usb 6-1: SerialNumber: syz [ 1442.743006][T22338] usb 6-1: 0:2 : does not exist [ 1442.819281][T22338] usb 6-1: 5:0: failed to get current value for ch 0 (-22) [ 1442.902975][T23344] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8255'. [ 1443.014451][T22338] usb 6-1: USB disconnect, device number 4 [ 1443.343531][ T6287] udevd[6287]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1444.474730][T23375] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1444.838979][T23381] netlink: 64138 bytes leftover after parsing attributes in process `syz.4.8272'. [ 1445.866375][T23399] netlink: 76 bytes leftover after parsing attributes in process `syz.3.8279'. [ 1446.601602][T23420] loop5: detected capacity change from 0 to 164 [ 1447.593572][T23435] loop2: detected capacity change from 0 to 64 [ 1447.762567][T23440] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8296'. [ 1449.011023][T23462] [U] [ 1449.014072][T23462] [U] [ 1449.017066][T23462] [U] [ 1449.020070][T23462] [U] [ 1449.041200][T23462] [U] [ 1449.044254][T23462] [U] [ 1449.047247][T23462] [U] [ 1449.050245][T23462] [U] [ 1449.137563][T23462] [U] [ 1449.140614][T23462] [U] [ 1449.143606][T23462] [U] [ 1449.146601][T23462] [U] [ 1449.246049][T23462] [U] [ 1449.249118][T23462] [U] [ 1449.252133][T23462] [U] [ 1449.255130][T23462] [U] [ 1449.305233][T23462] [U] [ 1449.308283][T23462] [U] [ 1449.311285][T23462] [U] [ 1449.314287][T23462] [U] [ 1449.408407][T23462] [U] [ 1449.411462][T23462] [U] [ 1449.414454][T23462] [U] [ 1449.417440][T23462] [U] [ 1449.484355][T23462] [U] [ 1449.487409][T23462] [U] [ 1449.490401][T23462] [U] [ 1449.493397][T23462] [U] [ 1449.527366][T23462] [U] [ 1449.530428][T23462] [U] [ 1449.533426][T23462] [U] [ 1449.536429][T23462] [U] [ 1449.585272][T23462] [U] [ 1449.588327][T23462] [U] [ 1449.591326][T23462] [U] [ 1449.594322][T23462] [U] [ 1449.660073][T23462] [U] [ 1449.663119][T23462] [U] [ 1449.666106][T23462] [U] [ 1449.669092][T23462] [U] [ 1449.703630][T23462] [U] [ 1449.706684][T23462] [U] [ 1449.709679][T23462] [U] [ 1449.712671][T23462] [U] [ 1449.753888][T23462] [U] [ 1449.756943][T23462] [U] [ 1449.759938][T23462] [U] [ 1449.762928][T23462] [U] [ 1449.895524][T23462] [U] [ 1451.938493][T23520] netlink: 'syz.2.8329': attribute type 10 has an invalid length. [ 1453.630506][T23555] loop5: detected capacity change from 0 to 64 [ 1454.448437][T23571] netlink: 'syz.4.8350': attribute type 1 has an invalid length. [ 1456.913291][T23622] netlink: 'syz.4.8371': attribute type 8 has an invalid length. [ 1457.013842][T23624] netlink: 'syz.3.8372': attribute type 2 has an invalid length. [ 1459.198503][T23667] netlink: 'syz.4.8390': attribute type 3 has an invalid length. [ 1459.206666][T23667] netlink: 666 bytes leftover after parsing attributes in process `syz.4.8390'. [ 1459.444241][ T29] audit: type=1400 audit(1389.444:137): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=23671 comm="syz.3.8392" [ 1460.062241][T23687] netlink: 'syz.2.8398': attribute type 27 has an invalid length. [ 1460.070626][T23687] netlink: 'syz.2.8398': attribute type 3 has an invalid length. [ 1460.078695][T23687] netlink: 132 bytes leftover after parsing attributes in process `syz.2.8398'. [ 1460.368699][T23690] netlink: 'syz.5.8399': attribute type 1 has an invalid length. [ 1460.376972][T23690] netlink: 224 bytes leftover after parsing attributes in process `syz.5.8399'. [ 1461.935836][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 1461.942698][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 1463.801844][T23764] loop5: detected capacity change from 0 to 128 [ 1463.848540][T23765] openvswitch: netlink: Missing key (keys=40, expected=80) [ 1463.938871][T23764] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1464.118519][T23764] EXT4-fs warning (device loop5): ext4_dirblock_csum_verify:406: inode #2: comm syz.5.8429: No space for directory leaf checksum. Please run e2fsck -D. [ 1464.134994][T23764] EXT4-fs error (device loop5): __ext4_find_entry:1652: inode #2: comm syz.5.8429: checksumming directory block 0 [ 1464.316981][T23773] xt_l2tp: missing protocol rule (udp|l2tpip) [ 1464.642604][T22380] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1465.003377][T23784] loop5: detected capacity change from 0 to 1024 [ 1465.070101][T23789] xt_TCPMSS: Only works on TCP SYN packets [ 1465.150475][T23784] hfsplus: found bad thread record in catalog [ 1465.510805][T22427] hfsplus: b-tree write err: -5, ino 4 [ 1465.823411][T23799] netlink: 172 bytes leftover after parsing attributes in process `syz.0.8443'. [ 1466.513961][T21184] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 1466.655022][T23815] netlink: 24 bytes leftover after parsing attributes in process `syz.2.8449'. [ 1466.664796][T23815] netlink: 24 bytes leftover after parsing attributes in process `syz.2.8449'. [ 1466.733355][T21184] usb 5-1: Using ep0 maxpacket: 8 [ 1466.800274][T21184] usb 5-1: config index 0 descriptor too short (expected 6427, got 27) [ 1466.809197][T21184] usb 5-1: config 0 has an invalid interface number: 21 but max is 0 [ 1466.817729][T21184] usb 5-1: config 0 has no interface number 0 [ 1466.824375][T21184] usb 5-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1466.836337][T21184] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1466.847846][T21184] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1467.091385][T21184] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 1467.102714][T21184] usb 5-1: New USB device strings: Mfr=31, Product=1, SerialNumber=0 [ 1467.112503][T21184] usb 5-1: Product: syz [ 1467.116896][T21184] usb 5-1: Manufacturer: syz [ 1467.265696][T21184] usb 5-1: config 0 descriptor?? [ 1467.285142][T23806] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 1467.815666][T21184] usb 5-1: USB disconnect, device number 8 [ 1468.445369][T23844] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8459'. [ 1468.455051][T23844] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8459'. [ 1468.469785][T23844] netlink: 364 bytes leftover after parsing attributes in process `syz.0.8459'. [ 1469.832287][T23871] (unnamed net_device) (uninitialized): option arp_interval: mode dependency failed, not supported in mode 802.3ad(4) [ 1470.679288][T23892] mmap: syz.2.8475 (23892): VmData 37457920 exceed data ulimit 2. Update limits or use boot option ignore_rlimit_data. [ 1472.904543][T23932] loop5: detected capacity change from 0 to 16 [ 1472.961943][T23932] erofs (device loop5): mounted with root inode @ nid 36. [ 1473.013366][T23933] delete_channel: no stack [ 1475.429661][ T29] audit: type=1326 audit(1404.230:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23987 comm="syz.3.8511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1475.539967][ T29] audit: type=1326 audit(1404.295:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23987 comm="syz.3.8511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1475.562578][ T29] audit: type=1326 audit(1404.295:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23987 comm="syz.3.8511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1475.585327][ T29] audit: type=1326 audit(1404.295:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23987 comm="syz.3.8511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1476.767387][T24011] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8521'. [ 1476.859279][T24013] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8522'. [ 1477.143726][ T29] audit: type=1326 audit(1405.799:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24015 comm="syz.3.8523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1477.166295][ T29] audit: type=1326 audit(1405.799:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24015 comm="syz.3.8523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1477.190547][ T29] audit: type=1326 audit(1405.818:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24015 comm="syz.3.8523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1477.213921][ T29] audit: type=1326 audit(1405.818:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24015 comm="syz.3.8523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1477.236659][ T29] audit: type=1326 audit(1405.818:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24015 comm="syz.3.8523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1477.881828][T24020] loop2: detected capacity change from 0 to 4096 [ 1477.954034][T24020] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 1478.445562][T24041] netlink: 136 bytes leftover after parsing attributes in process `syz.5.8533'. [ 1478.455617][T24041] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8533'. [ 1481.468358][T24094] netlink: 72 bytes leftover after parsing attributes in process `syz.3.8552'. [ 1482.245121][T24106] loop5: detected capacity change from 0 to 128 [ 1482.258072][T24108] tmpfs: Bad value for 'mpol' [ 1483.058188][T24123] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode broadcast(3) [ 1483.455449][T24132] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8571'. [ 1483.464884][T24132] netlink: 20 bytes leftover after parsing attributes in process `syz.2.8571'. [ 1483.871885][T24141] netlink: 152 bytes leftover after parsing attributes in process `syz.4.8574'. [ 1483.881268][T24141] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8574'. [ 1485.069741][T24163] netlink: 'syz.4.8584': attribute type 1 has an invalid length. [ 1485.077920][T24163] netlink: 6 bytes leftover after parsing attributes in process `syz.4.8584'. [ 1485.206202][T24167] trusted_key: encrypted_key: keylen parameter is missing [ 1485.618186][T24173] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8587'. [ 1485.677521][T24174] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8588'. [ 1485.891510][T24180] binder: 24179:24180 ioctl c0306201 20000280 returned -22 [ 1487.542258][T24213] IPv6: NLM_F_CREATE should be specified when creating new route [ 1487.584024][T24214] netlink: 'syz.2.8605': attribute type 28 has an invalid length. [ 1488.534477][T24231] loop5: detected capacity change from 0 to 512 [ 1488.684780][T24231] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1488.768647][T24238] infiniband syz0: set active [ 1488.913841][T24231] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 1489.252931][T22380] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1490.481726][ T6101] usb 3-1: new high-speed USB device number 121 using dummy_hcd [ 1490.687740][ T6101] usb 3-1: Using ep0 maxpacket: 32 [ 1490.730999][ T6101] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1490.816342][ T6101] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 1490.825697][ T6101] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1490.834964][ T6101] usb 3-1: Product: syz [ 1490.839845][ T6101] usb 3-1: Manufacturer: syz [ 1490.844670][ T6101] usb 3-1: SerialNumber: syz [ 1490.955970][ T6101] usb 3-1: config 0 descriptor?? [ 1490.990604][ T6101] usb 3-1: bad CDC descriptors [ 1490.996798][ T6101] usb 3-1: unsupported MDLM descriptors [ 1491.111114][T24280] netlink: 16 bytes leftover after parsing attributes in process `syz.5.8633'. [ 1491.259420][ T6101] usb 3-1: USB disconnect, device number 121 [ 1492.379529][ T29] audit: type=1400 audit(1419.875:147): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=24303 comm="syz.2.8643" [ 1493.244716][ T29] audit: type=1326 audit(1420.669:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24322 comm="syz.4.8650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1493.383671][ T29] audit: type=1326 audit(1420.724:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24322 comm="syz.4.8650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1493.407585][ T29] audit: type=1326 audit(1420.724:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24322 comm="syz.4.8650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6a158cd29 code=0x7ffc0000 [ 1493.642769][T24326] netlink: 'syz.2.8651': attribute type 21 has an invalid length. [ 1495.880154][T24375] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8671'. [ 1495.890188][T24375] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8671'. [ 1499.107896][ T29] audit: type=1326 audit(1426.068:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24438 comm="syz.3.8699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1499.130332][ T29] audit: type=1326 audit(1426.068:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24438 comm="syz.3.8699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1499.152762][ T29] audit: type=1326 audit(1426.078:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24438 comm="syz.3.8699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1499.176246][ T29] audit: type=1326 audit(1426.078:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24438 comm="syz.3.8699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1499.765871][T24454] mac80211_hwsim hwsim13 €: renamed from wlan0 (while UP) [ 1500.384021][T24466] netlink: 'syz.5.8711': attribute type 16 has an invalid length. [ 1502.448306][T24507] bridge0: port 1(bridge_slave_0) entered disabled state [ 1502.473819][T24503] loop5: detected capacity change from 0 to 2048 [ 1502.554498][T24503] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1502.652862][T24503] UDF-fs: error (device loop5): udf_fiiter_advance_blk: extent after position 232 not allocated in directory (ino 1376) [ 1502.757231][T24512] loop2: detected capacity change from 0 to 512 [ 1502.801269][T24512] EXT4-fs: Ignoring removed nobh option [ 1503.034327][T24512] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1503.553412][ T6020] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1503.641950][T24522] loop5: detected capacity change from 0 to 4096 [ 1503.947155][T24522] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 1504.012499][T24535] ip6gre1: entered allmulticast mode [ 1507.083193][T24597] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8761'. [ 1507.459680][T24602] Timeout policy `syz0' can only be used by L3 protocol number 5 [ 1507.667327][T24606] gretap1: entered allmulticast mode [ 1508.069956][T24614] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8771'. [ 1509.707937][T24649] program syz.2.8784 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1510.312965][T24662] loop2: detected capacity change from 0 to 64 [ 1510.426866][T24664] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8791'. [ 1510.467082][T24662] hfs: keylen 94 too large [ 1511.760237][T24679] loop2: detected capacity change from 0 to 4096 [ 1511.822029][T24679] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 1512.115357][T21184] kernel write not supported for file /293/net/rt_cache (pid: 21184 comm: kworker/0:0) [ 1512.212778][T24679] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 1512.500271][T24679] ntfs3(loop2): ino=21, The size of extended attributes must not exceed 64KiB [ 1512.934387][ T29] audit: type=1326 audit(1438.834:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24708 comm="syz.3.8810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1513.021070][ T29] audit: type=1326 audit(1438.889:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24708 comm="syz.3.8810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1513.044666][ T29] audit: type=1326 audit(1438.889:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24708 comm="syz.3.8810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e4a58cd29 code=0x7ffc0000 [ 1515.075830][T24749] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8830'. [ 1515.086227][T24749] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8830'. [ 1515.113486][T24749] bridge1: entered promiscuous mode [ 1515.119138][T24749] bridge1: entered allmulticast mode [ 1515.680080][T24761] tmpfs: Bad value for 'mpol' [ 1516.249844][T24774] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8842'. [ 1516.259569][T24774] netlink: 24 bytes leftover after parsing attributes in process `syz.5.8842'. [ 1516.269101][T24774] netlink: 16 bytes leftover after parsing attributes in process `syz.5.8842'. [ 1516.278423][T24774] netlink: 24 bytes leftover after parsing attributes in process `syz.5.8842'. [ 1516.287766][T24774] netlink: 16 bytes leftover after parsing attributes in process `syz.5.8842'. [ 1521.458130][T24868] loop2: detected capacity change from 0 to 4096 [ 1524.608857][T24940] netlink: 'syz.5.8912': attribute type 30 has an invalid length. [ 1525.189943][T24955] netlink: 9 bytes leftover after parsing attributes in process `syz.3.8917'. [ 1525.671568][T24962] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«= [ 1525.678160][T24962] [U] J"—e:ÀÆ" [ 1527.016037][T24993] kernel read not supported for file /½ lhObíñ~åÑhþµ“3žJÇÈyûxÐîÃüv÷Lª=QäRúnÁ·FGr‚¥òqðςû~QV7¶·"qHá—Éd0ú†øˆ¹‰ý%NnyµƒÝD (pid: 24993 comm: syz.3.8936) [ 1527.039001][ T29] audit: type=1800 audit(1451.866:158): pid=24993 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.8936" name=BD16206C684F62EDF17EE501D168FEB51D9093339E8F064AC7C879FB78D0EEC3FC76F74CAA3D51E452FA6EC1B746477282A5F28F71F0CF82C3BB7E517F567F37B6B7227148E11197C964309DFA86F888B989FD254E6E79B503831CDD4402 dev="mqueue" ino=67352 res=0 errno=0 [ 1527.521271][T25001] netlink: 36 bytes leftover after parsing attributes in process `syz.2.8939'. [ 1528.170766][T25017] kAFS: unable to lookup cell '' [ 1528.504370][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 1528.512679][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 1529.811609][T25050] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8965'. [ 1531.213987][T25079] tmpfs: Bad value for 'mpol' [ 1531.712789][T25087] netlink: 'syz.4.8982': attribute type 1 has an invalid length. [ 1531.721038][T25087] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8982'. [ 1532.814255][T25109] loop2: detected capacity change from 0 to 128 [ 1532.883139][T25109] VFS: Found a Xenix FS (block size = 1024) on device loop2 [ 1533.114469][T25109] syz.2.8993: attempt to access beyond end of device [ 1533.114469][T25109] loop2: rw=2049, sector=6491536, nr_sectors = 2 limit=128 [ 1533.371282][ T6020] sysv_free_block: flc_count > flc_size [ 1533.377320][ T6020] sysv_free_block: flc_count > flc_size [ 1533.383073][ T6020] sysv_free_block: flc_count > flc_size [ 1533.389180][ T6020] sysv_free_block: flc_count > flc_size [ 1533.395089][ T6020] sysv_free_block: flc_count > flc_size [ 1533.400806][ T6020] sysv_free_block: flc_count > flc_size [ 1533.406695][ T6020] sysv_free_block: flc_count > flc_size [ 1533.412490][ T6020] sysv_free_block: flc_count > flc_size [ 1533.418393][ T6020] sysv_free_block: flc_count > flc_size [ 1533.424105][ T6020] sysv_free_block: flc_count > flc_size [ 1533.430843][ T6020] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 1534.180062][T25131] (unnamed net_device) (uninitialized): peer notification delay (9) is not a multiple of miimon (5), value rounded to 5 ms [ 1534.340681][T25131] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1534.621407][T25121] syz.0.8999 (25121): drop_caches: 2 [ 1535.140643][T25148] netlink: 132 bytes leftover after parsing attributes in process `syz.0.9011'. [ 1535.865715][T25162] netlink: 32 bytes leftover after parsing attributes in process `syz.2.9018'. [ 1535.875844][T25162] netlink: 32 bytes leftover after parsing attributes in process `syz.2.9018'. [ 1536.376001][T25174] netlink: 'syz.5.9024': attribute type 11 has an invalid length. [ 1536.832654][ T29] audit: type=1326 audit(1460.893:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25183 comm="syz.0.9029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48c5b8cd29 code=0x7ffc0000 [ 1536.932876][ T29] audit: type=1326 audit(1460.939:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25183 comm="syz.0.9029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=145 compat=0 ip=0x7f48c5b8cd29 code=0x7ffc0000 [ 1536.955569][ T29] audit: type=1326 audit(1460.939:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25183 comm="syz.0.9029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48c5b8cd29 code=0x7ffc0000 [ 1538.141296][T25213] netlink: 5128 bytes leftover after parsing attributes in process `syz.3.9042'. [ 1538.151297][T25213] netlink: 5128 bytes leftover after parsing attributes in process `syz.3.9042'. [ 1538.160663][T25213] netlink: 332 bytes leftover after parsing attributes in process `syz.3.9042'. [ 1539.433760][T25238] loop2: detected capacity change from 0 to 16 [ 1539.468039][T25238] erofs (device loop2): mounted with root inode @ nid 36. [ 1539.523114][T25238] erofs (device loop2): readahead error at folio 2 @ nid 89 [ 1539.530947][T25238] erofs (device loop2): readahead error at folio 0 @ nid 89 [ 1539.539968][T25238] erofs (device loop2): read error -117 @ 0 of nid 89 [ 1539.550841][ T29] audit: type=1800 audit(1463.404:162): pid=25238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.9054" name="file3" dev="loop2" ino=89 res=0 errno=0 [ 1539.656788][T22338] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 1539.885781][T22338] usb 5-1: New USB device found, idVendor=0733, idProduct=0430, bcdDevice=35.fb [ 1539.895293][T22338] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1539.957807][T22338] usb 5-1: config 0 descriptor?? [ 1540.002464][T22338] gspca_main: spca505-2.14.0 probing 0733:0430 [ 1540.454340][T22338] gspca_spca505: reg write: error -71 [ 1540.460914][T22338] spca505 5-1:0.0: probe with driver spca505 failed with error -5 [ 1540.507258][T25253] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9062'. [ 1540.546394][T22338] usb 5-1: USB disconnect, device number 9 [ 1540.623337][T25256] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9064'. [ 1541.642273][T21184] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 1541.868561][T21184] usb 6-1: Using ep0 maxpacket: 8 [ 1541.897444][T21184] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 1541.906220][T21184] usb 6-1: config 179 has no interface number 0 [ 1541.913449][T21184] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 1541.924923][T21184] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 1541.936623][T21184] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1541.948425][T21184] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 1541.960413][T21184] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1541.974248][T21184] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 1541.984783][T21184] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1542.151315][T25268] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1542.212789][T25286] netlink: 'syz.3.9079': attribute type 13 has an invalid length. [ 1542.535643][T25268] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4) [ 1542.542463][T25268] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 1542.551084][T25268] vhci_hcd vhci_hcd.0: Device attached [ 1542.658364][T25289] vhci_hcd: connection closed [ 1542.677917][T22338] usb 6-1: USB disconnect, device number 5 [ 1542.677921][ C0] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1542.678150][ C0] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 1542.749018][ T4234] vhci_hcd: stop threads [ 1542.753486][ T4234] vhci_hcd: release socket [ 1542.759764][ T4234] vhci_hcd: disconnect device [ 1542.842682][T21184] vhci_hcd: vhci_device speed not set [ 1543.378326][T25304] loop2: detected capacity change from 0 to 256 [ 1544.447082][T25324] netlink: 40 bytes leftover after parsing attributes in process `syz.2.9097'. [ 1545.290712][ T6101] usb 4-1: new high-speed USB device number 123 using dummy_hcd [ 1545.518483][ T6101] usb 4-1: config 0 has an invalid interface number: 197 but max is 0 [ 1545.527087][ T6101] usb 4-1: config 0 has no interface number 0 [ 1545.534400][ T6101] usb 4-1: config 0 interface 197 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 8 [ 1545.545295][ T6101] usb 4-1: config 0 interface 197 altsetting 0 endpoint 0xC has invalid maxpacket 1023, setting to 64 [ 1545.556896][ T6101] usb 4-1: config 0 interface 197 altsetting 0 bulk endpoint 0x87 has invalid maxpacket 1024 [ 1545.629535][ T6101] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=bb.42 [ 1545.639659][ T6101] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1545.648834][ T6101] usb 4-1: Product: syz [ 1545.653207][ T6101] usb 4-1: Manufacturer: syz [ 1545.658564][ T6101] usb 4-1: SerialNumber: syz [ 1545.701644][ T6101] usb 4-1: config 0 descriptor?? [ 1545.714178][T25338] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1545.722312][T25338] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1545.958336][T25353] loop2: detected capacity change from 0 to 2048 [ 1546.013706][ T6101] qmi_wwan 4-1:0.197: probe with driver qmi_wwan failed with error -71 [ 1546.091991][ T6101] usb 4-1: USB disconnect, device number 123 [ 1546.161933][T25353] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1546.235096][T25353] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 1546.247242][T25361] netlink: 'syz.5.9114': attribute type 31 has an invalid length. [ 1546.392039][ T6020] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1548.046482][T25395] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9131'. [ 1548.055958][T25395] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9131'. [ 1548.065608][T25395] netlink: 5 bytes leftover after parsing attributes in process `syz.3.9131'. [ 1548.203509][T25397] netlink: 'syz.4.9133': attribute type 3 has an invalid length. [ 1548.212311][T25397] netlink: 'syz.4.9133': attribute type 1 has an invalid length. [ 1548.220830][T25397] netlink: 216 bytes leftover after parsing attributes in process `syz.4.9133'. [ 1548.230331][T25397] NCSI netlink: No device for ifindex 33022 [ 1548.389069][T25393] loop5: detected capacity change from 0 to 4096 [ 1548.414603][T25401] SET target dimension over the limit! [ 1550.012844][T25432] xt_TPROXY: Can be used only with -p tcp or -p udp [ 1550.638711][T25444] netlink: 'syz.0.9155': attribute type 7 has an invalid length. [ 1551.959989][T25468] netlink: 'syz.3.9166': attribute type 5 has an invalid length. [ 1551.984312][T25469] netlink: 132 bytes leftover after parsing attributes in process `syz.4.9167'. [ 1552.333572][T25474] binder: 25472:25474 ioctl c018620c 20001180 returned -22 [ 1552.948152][T25487] loop2: detected capacity change from 0 to 1024 [ 1553.280950][T25493] ===================================================== [ 1553.288821][T25493] BUG: KMSAN: uninit-value in nsim_get_ringparam+0xa8/0xe0 [ 1553.297833][T25493] nsim_get_ringparam+0xa8/0xe0 [ 1553.302878][T25493] ethtool_set_ringparam+0x268/0x570 [ 1553.308922][T25493] dev_ethtool+0x126d/0x2a40 [ 1553.313749][T25493] dev_ioctl+0xb0e/0x1280 [ 1553.318289][T25493] sock_do_ioctl+0x28c/0x540 [ 1553.323405][T25493] sock_ioctl+0x721/0xd70 [ 1553.327941][T25493] __se_sys_ioctl+0x246/0x440 [ 1553.333284][T25493] __x64_sys_ioctl+0x96/0xe0 [ 1553.338113][T25493] x64_sys_call+0x19f0/0x3c30 [ 1553.343173][T25493] do_syscall_64+0xcd/0x1e0 [ 1553.347878][T25493] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1553.354282][T25493] [ 1553.356714][T25493] Local variable kernel_ringparam created at: [ 1553.362987][T25493] ethtool_set_ringparam+0x96/0x570 [ 1553.368374][T25493] dev_ethtool+0x126d/0x2a40 [ 1553.373492][T25493] [ 1553.375925][T25493] CPU: 1 UID: 0 PID: 25493 Comm: syz.0.9179 Not tainted 6.13.0-syzkaller-04788-g7004a2e46d16 #0 [ 1553.388185][T25493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1553.398622][T25493] ===================================================== [ 1553.407286][T25493] Disabling lock debugging due to kernel taint [ 1553.413582][T25493] Kernel panic - not syncing: kmsan.panic set ... [ 1553.420162][T25493] CPU: 1 UID: 0 PID: 25493 Comm: syz.0.9179 Tainted: G B 6.13.0-syzkaller-04788-g7004a2e46d16 #0 [ 1553.432297][T25493] Tainted: [B]=BAD_PAGE [ 1553.436573][T25493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1553.446817][T25493] Call Trace: [ 1553.450231][T25493] [ 1553.453277][T25493] dump_stack_lvl+0x216/0x2d0 [ 1553.458184][T25493] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1553.464211][T25493] dump_stack+0x1e/0x24 [ 1553.468587][T25493] panic+0x4e2/0xcf0 [ 1553.472716][T25493] ? kmsan_get_metadata+0xf1/0x1c0 [ 1553.478053][T25493] kmsan_report+0x2c7/0x2d0 [ 1553.482764][T25493] ? __msan_warning+0x95/0x120 [ 1553.487742][T25493] ? nsim_get_ringparam+0xa8/0xe0 [ 1553.492949][T25493] ? ethtool_set_ringparam+0x268/0x570 [ 1553.498608][T25493] ? dev_ethtool+0x126d/0x2a40 [ 1553.503632][T25493] ? dev_ioctl+0xb0e/0x1280 [ 1553.508326][T25493] ? sock_do_ioctl+0x28c/0x540 [ 1553.513319][T25493] ? sock_ioctl+0x721/0xd70 [ 1553.518041][T25493] ? __se_sys_ioctl+0x246/0x440 [ 1553.523115][T25493] ? __x64_sys_ioctl+0x96/0xe0 [ 1553.528113][T25493] ? x64_sys_call+0x19f0/0x3c30 [ 1553.533208][T25493] ? do_syscall_64+0xcd/0x1e0 [ 1553.538073][T25493] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1553.544393][T25493] ? kmsan_internal_poison_memory+0x7d/0x90 [ 1553.550527][T25493] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1553.556554][T25493] ? kmsan_internal_poison_memory+0x49/0x90 [ 1553.562710][T25493] ? kmsan_slab_free+0xd0/0x140 [ 1553.567747][T25493] ? kfree+0x240/0xdb0 [ 1553.572023][T25493] ? tomoyo_path_number_perm+0x778/0x8f0 [ 1553.577936][T25493] ? tomoyo_file_ioctl+0x3f/0x50 [ 1553.583105][T25493] ? security_file_ioctl+0x145/0x590 [ 1553.588618][T25493] ? __se_sys_ioctl+0xd0/0x440 [ 1553.593591][T25493] ? __x64_sys_ioctl+0x96/0xe0 [ 1553.598565][T25493] ? kmsan_get_metadata+0x13e/0x1c0 [ 1553.603945][T25493] ? kmsan_get_metadata+0x13e/0x1c0 [ 1553.609317][T25493] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1553.615311][T25493] ? kmsan_get_metadata+0x13e/0x1c0 [ 1553.620688][T25493] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 1553.627167][T25493] ? kmsan_get_metadata+0x13e/0x1c0 [ 1553.632541][T25493] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1553.638545][T25493] __msan_warning+0x95/0x120 [ 1553.643296][T25493] nsim_get_ringparam+0xa8/0xe0 [ 1553.648315][T25493] ? __pfx_nsim_set_ringparam+0x10/0x10 [ 1553.654027][T25493] ? __pfx_nsim_get_ringparam+0x10/0x10 [ 1553.659738][T25493] ethtool_set_ringparam+0x268/0x570 [ 1553.665199][T25493] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1553.671217][T25493] dev_ethtool+0x126d/0x2a40 [ 1553.676041][T25493] dev_ioctl+0xb0e/0x1280 [ 1553.680552][T25493] sock_do_ioctl+0x28c/0x540 [ 1553.685369][T25493] sock_ioctl+0x721/0xd70 [ 1553.689926][T25493] ? __pfx_sock_ioctl+0x10/0x10 [ 1553.694975][T25493] __se_sys_ioctl+0x246/0x440 [ 1553.699874][T25493] __x64_sys_ioctl+0x96/0xe0 [ 1553.704675][T25493] x64_sys_call+0x19f0/0x3c30 [ 1553.709573][T25493] do_syscall_64+0xcd/0x1e0 [ 1553.714244][T25493] ? clear_bhb_loop+0x25/0x80 [ 1553.719094][T25493] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1553.725215][T25493] RIP: 0033:0x7f48c5b8cd29 [ 1553.729777][T25493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1553.750024][T25493] RSP: 002b:00007f48c6a6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1553.758623][T25493] RAX: ffffffffffffffda RBX: 00007f48c5da5fa0 RCX: 00007f48c5b8cd29 [ 1553.766827][T25493] RDX: 0000000020000000 RSI: 0000000000008946 RDI: 0000000000000003 [ 1553.774936][T25493] RBP: 00007f48c5c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1553.783040][T25493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1553.791146][T25493] R13: 0000000000000000 R14: 00007f48c5da5fa0 R15: 00007ffc373aed28 [ 1553.799276][T25493] [ 1553.802722][T25493] Kernel Offset: disabled [ 1553.807130][T25493] Rebooting in 86400 seconds..