last executing test programs: 8.260686714s ago: executing program 3 (id=1852): io_setup(0x401, &(0x7f00000004c0)=0x0) r1 = timerfd_create(0x0, 0x80800) io_submit(r0, 0x1, &(0x7f0000000240)=[&(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 7.674796734s ago: executing program 4 (id=1854): r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x101301) ioctl$USBDEVFS_DROP_PRIVILEGES(r0, 0x4004551e, &(0x7f0000000000)) ioctl$USBDEVFS_CONNECTINFO(r0, 0x80085504, &(0x7f00000001c0)) 7.471030505s ago: executing program 1 (id=1856): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x2004000, &(0x7f0000000100), 0x2, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=") setxattr$trusted_overlay_upper(&(0x7f0000000300)='./file0\x00', &(0x7f0000000240), &(0x7f0000000380)=ANY=[], 0xff27, 0x0) removexattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=@known='system.posix_acl_access\x00') 7.130953412s ago: executing program 3 (id=1857): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000700)={0x0, 0x3000000, &(0x7f00000006c0)={&(0x7f0000000640)={0x1c, r1, 0x703, 0x0, 0x0, {0xb}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0) 7.008922204s ago: executing program 0 (id=1858): setreuid(0xffffffffffffffff, 0xee00) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d440fe0000000000002900000036000000", 0xfe60) 6.564359119s ago: executing program 2 (id=1859): r0 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev}, 0x10) setsockopt$inet_int(r0, 0x0, 0x22, &(0x7f0000000040), 0x4) 6.529267169s ago: executing program 4 (id=1860): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_RANGE_OP={0x8}, @NFTA_RANGE_TO_DATA={0xc, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, '1'}]}, @NFTA_RANGE_FROM_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "8d"}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0) 6.128334709s ago: executing program 3 (id=1861): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, 0x0) 6.043738372s ago: executing program 0 (id=1862): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x1}]}, 0x1c}}, 0x0) 5.618477094s ago: executing program 2 (id=1863): r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000140)=0x49) read$FUSE(r0, &(0x7f00000009c0)={0x2020}, 0x2020) 5.276292255s ago: executing program 4 (id=1864): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x3, &(0x7f00000001c0)={&(0x7f0000000040)={0x2c, r1, 0x1, 0x0, 0x0, {0x26}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x2c}}, 0x0) 5.001445452s ago: executing program 1 (id=1865): syz_mount_image$iso9660(&(0x7f0000001240), &(0x7f0000000000)='./file1\x00', 0x204419, &(0x7f00000004c0)=ANY=[], 0x2f, 0x5ae, &(0x7f0000001280)="$eJzs3V1v29Ydx/EfHXuxXaAYtiELjDycJhvgAKlCSY0DoRcDRx3ZbCVSI+nBviqCxi6MyO2QdMDimyU32QZsL6K3w17DXtGKXe7SAx9kW9FTZtlx5n4/Qnso8vDwT1o9/x5bPBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJDjN1236qgdhJtbZjy/GUed47fl3kMrdG+gmHBcycn+0eKirherrv/sePO17F93dKN4d0OLWbGogw+u/fjTn87P9fefEPA78fzFwdPHvd7Os4sO5BzdvDp+27oNgyQKOt66NUESmcbamvtgo5WYVtC2yXaS2o7xY+ulUWxW/Xum2mjUja1sR5vhetNr2/7KRx/XXHfNfFbpWi9OovDBZ5XE3wja7SBcz+tkm7M6j7IP4udBalLrdYzZ3evt1KedQFap+jaVatMq1dxarVqt1aprDxsPH7nu/NAK9w0aqnHxH1qcoYfLRz3h0lvuclZdNzCzuTL/q61AoTa1JTPy5aupWJE6Y7aXysTv/PKBnXjck/m/n+WvH29eUZ7/bxXvbmX5//aI/D8mlumv7P8nTrvvyddzvdCBnuqxeuppR8/ytUtn1Posr9vv5CjrsgoV/KalSIE68vI1RoESRTJqaE1rcvWFNtRSIqOWArVllWhbiVLZ/BPlK5aVp1SRYhmtytc9GVXVUEN1GVlVtK1Imwq1rqa8vJVd7amnf8zXJ8SoeSn/4VTHVlnuf+52VJvQ0mz5/9CRyP842w4cmMFhP/8DAAAAAIBLy8l/+56N/xd0M19qBW3rXnRYAAAAAADgDOV/+b+RFQvZ0k05g+P/q2X58oLiAwAAAAAAs3Pye+wcScu6XSztyslvl+JLAAAAAAAAXBL53/9vZUU+B8ptOeWcKoz/AQAAAAC4NP48fo79/lf+u1edf/5bcbzgvOpu/cLZ97KV3v6VYuuVN1tMWyvOh2UjebE2X77z7Q2nnP3yaBLM78tid9pc/84pAviVBgPQX/vzE3/0pCif9LeUWkHbVvyo/WlVnvfhXGq30t9/vfcH5af/l7BTVnv55Te9J3ksr7K3r/bLCRSH5lEcfzH0bT7fQn7PxcgzXshvxCiPu+xod6+34548/7li97n/4Zivdaeoc3elKJePzz875mJ2zGpl3NmXUVRnPPPXultGsXq3KEZEUdOUKGonozjVtRgVRf0/h4fFCeVR1Kddi/qMUQDARdmdkoWc4cR/il7uXLL7iB59taizupJ1rIvzKwcfXFs62rPo0d1pPbp71KMv6TTZ7e9Dz0Aal2Oz4/7tjaz6XbbDd2OOuyCp5mSX8Mq3+7/TtecvDj7e23/81c5XO1/XavU19xPXfVjTQn4aZTE20rf+iAAALqHBZ+yMyv9Tazif6KOixohRdVbjJ0dfKajoS32jnp7ofn63gYrH+oxodfnE1xDu90etd8rntLwxal3O02TxhJf7E8aWP8rvcui3W5tYdzCG+vn/IAAAeIfujMzDxdj+bfP//cFxt/Jx98g8muXyyaPj47rVd3odAAD4IbHx985y+icnjoPuF9VGo+qlG9bEkf+5iYPmujVBmNrY3/DCdWu6cZRGftQ2/d9Lm2Sz243i1LSi2HSjJNjKn/xuyke/J7bjhWngJ9229RJr/ChMPT81zSDx+228jPOdk671g1bge2kQhSaJNmPfVoxJrDXdzV+3g2TDxiZo2jANWkG2GJpuHHS8eNv8Nmpvdqxp2sSPg24aFQ32jxWErSju5M1WLvJCAwDwHnn+4uDp415v59kZLuhwcM1FnyMAABhElgYAAAAAAAAAAAAAAAAAAAAA4P13ipv8NLRmSae5WXC4HRayBedcbsr8/1n4+fsRxnkv/OtZ8V/gjO28LufhPvMIp3YdfzznrgnAOftvAAAA//+bYUXN") set_mempolicy(0x3, &(0x7f0000000080)=0x2, 0x8) mknod$loop(&(0x7f0000000040)='./file0\x00', 0x0, 0x1) 4.845750166s ago: executing program 0 (id=1866): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x16}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_USERDATA={0x5, 0x7, 0x1, 0x0, "93"}]}], {0x14}}, 0x84}}, 0x0) 4.798356677s ago: executing program 3 (id=1867): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendto$inet6(r0, &(0x7f00000000c0)='y', 0x1, 0x44, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c) setsockopt(r0, 0x84, 0x11, &(0x7f0000000040)="020000000980ffff", 0x8) 4.308240104s ago: executing program 4 (id=1868): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c696f636861727365743d63703933322c636f6465706167653d3835372c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c696f636861727365743d6575632d6a702c757466383d302c646f733178666c6f7070792c726f6469722c726f6469722c003fc604f8ff7d2b25d49c2bd2ac7ab8337b339de1ab71d62b2a6d60505e1d35e457f71de2567bf294092274d5bdbfe577f4189dad762567e7da2ad7b21b2377e7837945228bf549b93ca2c899e28253186632e400252f53db8277d503b621abb159d96790ba64b2938b7c7a712e96753dd7c83feb96a43d03515b03a2085b396541b7241b0e860b"], 0x1, 0x217, &(0x7f0000000700)="$eJzs3TFrE2EYB/CnttVSkGQQiiJ44uIUmop7ilQQA4qSQSeLTVGaWDAQ0KF180voV9DRVXAQV7+ACFIFF7t1ECL1YmNrYiM1OTG/35KH3Pu/e95LyEuGvLl1sr6ytNpY3tzciKmpsZgoRSm2xiIfh2I8Uo8CAPifbLVa8aWVyroXAGA4rP8AMHr6XP+vDrElAGDAfP8HgNFz/cbNy/Pl8sK1JJmKqD9uVpqV9DE9Pr8cd6MW1ZiNXHyNaO1I64uXyguzybaP+ajU19v59WZlfHe+GLnId88Xk9Tu/GRMt/PvpqMac5GLY93zc13zh+PsmZ+uX4hcvL0dq1GLpdjOdvJrxSS5cKW8J3/k+zgAAAAAAAAAAAAAAAAAAAAAABiEQrKj6/49hUKv42m+//2B9u7PMxEnJrKdOwAAAAAAAAAAAAAAAAAAAPwrGg8erizWatX7vyvuvXn2ar8xfRZj7ese9DwHL46e/vCk15jxP7s/f7d4eSrL29Jn8XrjzvFzjZnzmbUxGRG/PtPzrfU5FzGgfp5n+lr8mPW+g2eelhZfrL3/1O+Zh/5RBAAAAAAAAAAAAAAAAAAAI6/zo9+sOwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7HT+/39wRdZzBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAbwEAAP//uSidyw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f00000001c0)=""/202, 0xff4) 4.080392628s ago: executing program 3 (id=1869): syz_mount_image$ext4(&(0x7f0000000800)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2040d0, &(0x7f0000000c40)={[{@jqfmt_vfsv0}, {@abort}, {@barrier}, {@barrier}, {@test_dummy_encryption}, {@nomblk_io_submit}]}, 0xfb, 0x49f, &(0x7f0000001440)="$eJzs3E1oHFUcAPD/bJJW+5VY60dr1WgVix9Jm1bbg+AHCB5UBD3U45qmpXbbSBPBlGCjlHoRtCBeRfEiePbgyZOoJ8GLB71LoUgurZ5WZndm3Xzsh9tNNx+/H0znvcnbfe/NzJt5b15nA9iwhtN/kohtEfF7RAxGRGFxguHq6vr87Pjf87PjSZTLr/2VpB+La/Oz43nSJFtvrUb601XhYhLPLpPv1Mz508VSaeJcFh+dPvP26NTM+SdOnSmenDg5cXbs6NHDhw4eeWrsya7U87a0rHvem9y7+8U3Lr88fuzymz99k9QVur4e3TEQc3X7ZLGHu5tZz22vCyf9TZMWVrwwtG1zRKWhDlTa/2D0XdxR+9tgvPBBTwsHrKhyuVwea/znuTKwjiXR6xIAvZHf6K/NfzaejoG7Pw5e3a4+Vx0ApfW+ni3VQU9/baA6sGh8202zEXFs7p/P0yVW5DkEAMBC36f9n8er/Y6F/b9C3FmXbkc2NzSUzaXsjIjbI2JXRNwRUUl7V0Tc/T/zH14UX9r/KVzpqGJtSvt/T2dzW/mS5ZsnGerLYtsr9R9ITpwqTRzI9sn+GNicxg8u++1JVCaB4tePG+U/XNf/S5c0/7wvmJXjSv/mhZ85Xpwu3nDFM1ffj9jTv1z9swm8bA5rd0Ts6TCPU49+vXfhlr5aqHX9m2g+z9SW8hcRj1SP/1wsqn8uaT4/OXpLlCYOjOZnxVI//3Lp1Ub531D9uyA9/luWPf9r9R9K6udrp5Z8xaZWeVz648OGY5rhiGeig/N/U/L6gszfLU5PnzsYsSl5aen2ugfceTxPn9Z//77l2//O+G9P3BMR6Ul8b0TcFxH3Z8fugYh4MCL2Nan/j88/9FaT+vf0+Ed2hWrr+OfHoXoi1M6IVoG+0z981yjz9q5/hyuh/dmWdq5/7Raww30GAAAAa0ohIrZFUhiphQuFkZHq/+HfFVsKpcmp6cdOTL5z9nj1HYGhGCjkT7oGs3hkzz+HqvHK6Husso64kD0vPZQ9N/6079ZKfGR8snS815WHDW5rg/af+rOv16UDVlwX5tGANapZ+//yyE0sCHDTdX7/13OAta5FK/aDDbCOuYvDxrVc+7/Qg3IAN1/j+/+ErgGsc7VG/kkbiete91r88iaw9rjJw8bVuv2/slK/fwX0Tvtv8a+WQJIs2BJfRTT/VNL7MncQ+Gh1FKNxIAqrohgdB4qroxitAnlDnTl/ur/tX7WYKV8olkq/fXsjuff2ugQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAt/wYAAP//73DflA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x41009432, &(0x7f0000000080)={@id={0x2, 0x0, @b}}) 3.822557547s ago: executing program 0 (id=1870): r0 = socket$kcm(0xa, 0x2, 0x73) setsockopt$sock_attach_bpf(r0, 0x29, 0x6, &(0x7f0000000040), 0x4) sendmsg$kcm(r0, &(0x7f0000006900)={&(0x7f0000006640)=@l2tp6={0xa, 0x5c8, 0x0, @loopback, 0xa, 0xfffffffd}, 0x80, 0x0, 0x0, &(0x7f0000000fc0)=ANY=[], 0x3}, 0x0) 3.767120198s ago: executing program 2 (id=1871): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020001000900010073797a300000000008000240000000032c000000030a01030000e6ff00000027020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @queue={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_QUEUE_FLAGS={0x6, 0x3, 0x1, 0x0, 0x4}, @NFTA_QUEUE_NUM={0x6}, @NFTA_QUEUE_TOTAL={0x6, 0x2, 0x1, 0x0, 0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x84}}, 0x0) 3.623837419s ago: executing program 1 (id=1872): r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r0, 0x400, 0x0) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000040), 0x0, 0x0, 0x0) 3.025108795s ago: executing program 0 (id=1873): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f00000001c0)='./bus\x00', 0x10000, &(0x7f0000000080)=ANY=[@ANYRES8=0x0, @ANYRESOCT=0x0, @ANYRES64, @ANYRES32], 0x1, 0x37d, &(0x7f0000000880)="$eJzs3c9rI2UYwPEnaZqmXbbJQRQV6YNe9DK01bMaZBfEgkt3I+4Kwux2qqFjUjIhEhFbT17Fm/+A4LLHFQ8L6j/Qi7f14sWTvSwIuog4MjPvm2bSSZrGrPbH9wO7eZP3eWbe6UzC8wbmzf7bn3+wtRk4m25b8iWVnIjIQ5GK5MXKJQ9FybArL1z47f4zV6/feKO6tnZpXfVy9dqLq6q6uPTdhx/Pm7B7c7JXeXf/weove4/vPbn/97X364HWA2002+rqzebPbfem7+lGPdhyVK/4nht4Wm8EXivpbyb9m35ze7urbmPj4sJ2ywsCdRtd3fK62m5qu9VV9z233lDHcfTiQtZwz7DSBDm12+vrbnXCHd6aMA/T9mcYhiO6W62qOyPizB/qqd1+pOMCAAAn0kD9/6WtESqS7xWUOTMXKMbt9DQgqv9tO67/o8nCQf1/59kf2hfeurto6v97xaz6/6WfkvxU/R/tfer1/9cDzw9XRKfeznGC/1X9j5NhKf2O/PVgxm5E9X/0bujN6D99585y3KD+BwAAAAAAAAAAAAAAAAAAAADgNHgYhuUwDMv20f47uIXAPLfPRt1ojFNn2PmfMysK9K4HnElXr9+QUnzjXmFRxP+sU+vUkkfTbwOXpSx/xdeDkSw4sRvfRKeRinzv73RqsyZhJv6/KqLiiycrUpZKKj9uX3597dKKJpL8eP87nVqusBDlb0o9zl+VsjyWnb+amV+U55/ry3ekLD/ekqb4smE+x2z+Jyuqr725NpA/H8dleeVRnxQAAAAAAKbMUS2Z6XMlPf9N5u+Oo5rVH83lpX9+fvj7gd78ejlzfl4oP1X4f48dAAAAAIDzIih+tOX6vtcKukMb8s3TcezwmDmzNfNKfmTwQKMwRkyqcT9uzI6Kmek7wnG3XDS/oJHazugsGXvMtvH7nEhWl13CNdVVSv9Vj7kve/xjBJeOewpaQd4M1Z758bKWovHoRIfT17BfGw2LkSuTbnlYw66ce1TwE1989cdku8iZVXv7u16+WxpypMX+V3IDG9w94qJ9EIZHjmc2+9Pi20l+ZAYAAADACWGL/vnAvvJqVlj+Px0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADnzFSXSRvSsPtiEQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcd/8EAAD//yFs76s=") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x0, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file2/file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x20}, 0x18) 2.999740138s ago: executing program 4 (id=1874): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./bus\x00', 0x1000840, &(0x7f0000000200)={[{@fat=@check_normal}, {@fat=@sys_immutable}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@uni_xlateno}, {@uni_xlateno}, {@fat=@allow_utime}, {@fat=@codepage={'codepage', 0x3d, '936'}}, {@uni_xlateno}, {@numtail}, {@uni_xlate}, {@utf8no}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'maccroatian'}}, {@rodir}]}, 0x3, 0x350, &(0x7f0000000580)="$eJzs3U9oW3UcAPBv9tKkHcz2IAwF4elN0LJWPOipZXQwzEUl+OcgBtepNHXQYLA7NKsX8Sh41JM3D3rwsLMIinjz4NUJMhUPutvA4ZMkL81Lk3adkM3i53MI331/329+v7c8mtfX5tdXV2LjwkxcvHHjeszOlqK8cnYlbpZiIZIYuBLjKhNyAMDxcDPL4s+s74gtpSkvCQCYst77/+unCpl3vz6sPvPuDwDHXv79/9xhNbMHDVyaypIAgCkbu///yMhwZfRH/eXCbwUAAMfV8y+9/MxqLeK5NJ2N2HyvXW/X4+nh+OrFeDOasR5nYj5uRfQvFLoPpd7jufO1tTNpmnbil4Wodzva9YjNTrvev1JYTXr91ViK+VjI+/OrjSzLknNf1NaW0p6IuNLpzR+bpXZ9Jk7m8/94MtZjOdK4f6w/4nxtbTnNn6C+OejvROwO71t0178Y8/H9a3EpmnEhur2Dy5ra2s5Smp7NaiP97Xq1V9d34B0QAAAAAAAAAAAAAAAAAAAAAAD4VxbTPQt7+99kw/17FhcnjPf2x+n35/sD7fb3B8qqWWTZH+88Xn8/iZH9gfbvz9Oul+PEvT10AAAAAAAAAAAAAAAAAAAA+M9obVei0Wyub7W2L28Ug85Wa/tERHQzb3372VdzMV5zm6Ccz1EYSvPU5Y1GlgyKs2SkJg+S7uSDzKdX91ZcrKnuHcXEZVQPHmo2Tz3880fDzEPJ4Jn/HtYkMfkAk33LKAab9/WXdCf/UXvB8m1qrmVZdlD7zivjXVGKKN/5C3d4kHWDb66/8cATrdNP9jJfZn2PPjb/wrUPP/lto9Hszhy9V7Cy1bqVbTTyf08+2Q4OksL5U4p+UCqeCeXD2ndHM43kh99ffPCD7442e1bMvD2hJukfzuf7hyr9oLvMfUNzk+aamXDyTyE4/fFK4+rOT78etavwRcJGHQAAAAAAAAAAAAAAAAAAcFcUPiueyz/sO3NY11PPTn9lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD3DP/+fyHYHcscJfirE+ND1fWtVkTlXh8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/c/8EAAD//9HQbnk=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 2.794385634s ago: executing program 2 (id=1875): bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r0, 0xffffffffffffffff, 0x1c, 0x0, @void}, 0x10) 2.410337078s ago: executing program 1 (id=1876): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'virt_wifi0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, 0x0, 0x300}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x4}, @IFLA_VLAN_EGRESS_QOS={0x4}, @IFLA_VLAN_ID={0x6, 0x1, 0x2}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x4c}}, 0x0) 2.033450657s ago: executing program 0 (id=1877): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401001186eee2000905821704"], 0x0) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xfffffffffffffddf, &(0x7f0000000200)=ANY=[]) syz_usb_control_io(r0, 0x0, 0x0) 1.809202188s ago: executing program 3 (id=1878): socketpair(0x0, 0x0, 0x0, &(0x7f0000000040)) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_UNIMAP(r0, 0x4b52, &(0x7f0000000040)={0x0, 0x0}) 1.430250434s ago: executing program 2 (id=1879): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000800)={[{@force}, {@nodecompose}, {@creator={'creator', 0x3d, "bd3c66f5"}}, {}, {@nls={'nls', 0x3d, 'iso8859-14'}}, {@umask={'umask', 0x3d, 0xde2}}]}, 0x3, 0x6a4, &(0x7f0000000100)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=") mkdir(&(0x7f0000000880)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x80205b, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) 1.226210085s ago: executing program 1 (id=1880): r0 = syz_io_uring_setup(0x4b5, &(0x7f0000000080), &(0x7f0000ff0000), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000001680), 0x20a3) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}], &(0x7f0000000040)=[0x3], 0x1}, 0x20) 608.343791ms ago: executing program 4 (id=1881): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)) ioctl$UFFDIO_COPY(r0, 0x8010aa01, 0x0) 199.866616ms ago: executing program 1 (id=1882): r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_LINK_GET(r1, &(0x7f0000002240)={0x0, 0x0, &(0x7f0000002200)={&(0x7f0000002100)={0x2c, r0, 0x203, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x18, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x2c}}, 0x0) 0s ago: executing program 2 (id=1883): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000008000000b70500000800000085000000c200000095"], &(0x7f0000000080)='syzkaller\x00', 0xd}, 0x90) kernel console output (not intermixed with test programs): attribute type 1 has an invalid length. [ 328.463336][ T5486] syz.1.55: attempt to access beyond end of device [ 328.463336][ T5486] loop1: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 328.478713][ T5486] Buffer I/O error on dev loop1, logical block 100663296, async page read [ 328.488495][ T5486] hfsplus: unable to mark blocks free: error -5 [ 328.495456][ T5486] hfsplus: can't free extent [ 328.529432][ T5489] FAT-fs (loop4): Directory bread(block 64) failed [ 328.538679][ T5489] FAT-fs (loop4): Directory bread(block 65) failed [ 328.555677][ T5489] FAT-fs (loop4): Directory bread(block 66) failed [ 328.566301][ T5489] FAT-fs (loop4): Directory bread(block 67) failed [ 328.576375][ T5489] FAT-fs (loop4): Directory bread(block 68) failed [ 328.583739][ T5489] FAT-fs (loop4): Directory bread(block 69) failed [ 328.594624][ T5489] FAT-fs (loop4): Directory bread(block 70) failed [ 328.603775][ T5489] FAT-fs (loop4): Directory bread(block 71) failed [ 328.611341][ T5489] FAT-fs (loop4): Directory bread(block 72) failed [ 328.618940][ T5489] FAT-fs (loop4): Directory bread(block 73) failed [ 330.523665][ T5511] loop1: detected capacity change from 0 to 1024 [ 330.834878][ T5511] syz.1.69: attempt to access beyond end of device [ 330.834878][ T5511] loop1: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 331.198216][ T5523] dlm: no locking on control device [ 332.378242][ T5532] loop4: detected capacity change from 0 to 2048 [ 332.470979][ T5532] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 333.314705][ T5548] netlink: 132 bytes leftover after parsing attributes in process `syz.1.87'. [ 337.206295][ T5604] loop4: detected capacity change from 0 to 128 [ 337.291568][ T5604] FAT-fs (loop4): Directory bread(block 11554) failed [ 337.299742][ T5604] FAT-fs (loop4): Directory bread(block 11555) failed [ 337.309174][ T5604] FAT-fs (loop4): Directory bread(block 11556) failed [ 337.316514][ T5604] FAT-fs (loop4): Directory bread(block 11557) failed [ 337.323990][ T5604] FAT-fs (loop4): Directory bread(block 11558) failed [ 337.331276][ T5604] FAT-fs (loop4): Directory bread(block 11559) failed [ 337.339530][ T5604] FAT-fs (loop4): Directory bread(block 11560) failed [ 337.348746][ T5604] FAT-fs (loop4): Directory bread(block 11561) failed [ 337.366440][ T5604] FAT-fs (loop4): Directory bread(block 11562) failed [ 337.376555][ T5604] FAT-fs (loop4): Directory bread(block 11563) failed [ 338.116736][ T5617] xt_CT: You must specify a L4 protocol and not use inversions on it [ 340.165860][ T5648] netlink: 'syz.1.135': attribute type 1 has an invalid length. [ 340.177906][ T5648] netlink: 4 bytes leftover after parsing attributes in process `syz.1.135'. [ 340.590328][ T5652] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 340.601151][ T5652] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 340.614486][ T5652] overlayfs: missing 'lowerdir' [ 341.048540][ T5658] netlink: 'syz.1.141': attribute type 1 has an invalid length. [ 341.531183][ T5665] loop0: detected capacity change from 0 to 256 [ 342.144856][ T5665] FAT-fs (loop0): Directory bread(block 64) failed [ 342.153756][ T5665] FAT-fs (loop0): Directory bread(block 65) failed [ 342.164009][ T5665] FAT-fs (loop0): Directory bread(block 66) failed [ 342.176951][ T5665] FAT-fs (loop0): Directory bread(block 67) failed [ 342.187805][ T5665] FAT-fs (loop0): Directory bread(block 68) failed [ 342.195670][ T5665] FAT-fs (loop0): Directory bread(block 69) failed [ 342.205448][ T5665] FAT-fs (loop0): Directory bread(block 70) failed [ 342.214018][ T5665] FAT-fs (loop0): Directory bread(block 71) failed [ 342.221925][ T5665] FAT-fs (loop0): Directory bread(block 72) failed [ 342.229524][ T5665] FAT-fs (loop0): Directory bread(block 73) failed [ 342.518985][ T5678] tmpfs: Bad value for 'mpol' [ 342.737995][ T45] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 342.973736][ T45] usb 2-1: Using ep0 maxpacket: 32 [ 343.075076][ T45] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 343.085713][ T45] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 343.141632][ T45] usb 2-1: config 0 descriptor?? [ 343.175026][ T45] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 343.512838][ T5689] loop3: detected capacity change from 0 to 256 [ 343.652865][ T45] gspca_nw80x: reg_r err -71 [ 343.658314][ T45] nw80x 2-1:0.0: probe with driver nw80x failed with error -71 [ 343.700512][ T45] usb 2-1: USB disconnect, device number 2 [ 343.904046][ T5693] netlink: 8 bytes leftover after parsing attributes in process `syz.2.157'. [ 344.280252][ T5697] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 345.666716][ T5717] netlink: 20 bytes leftover after parsing attributes in process `syz.3.169'. [ 348.398976][ T29] audit: type=1326 audit(1724794520.743:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5747 comm="syz.4.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd83f79e79 code=0x7ffc0000 [ 348.407271][ T5750] netlink: 'syz.0.186': attribute type 8 has an invalid length. [ 348.432503][ T29] audit: type=1326 audit(1724794520.743:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5747 comm="syz.4.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd83f79e79 code=0x7ffc0000 [ 348.470996][ T5750] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.186'. [ 349.176624][ T5761] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 349.712643][ T5253] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 350.003107][ T5253] usb 1-1: Using ep0 maxpacket: 32 [ 350.107483][ T5253] usb 1-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 350.118469][ T5253] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 350.129198][ T5253] usb 1-1: Product: syz [ 350.135506][ T5253] usb 1-1: Manufacturer: syz [ 350.142130][ T5253] usb 1-1: SerialNumber: syz [ 350.163548][ T5775] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 350.233397][ T5253] usb 1-1: config 0 descriptor?? [ 350.459192][ T5777] RDS: rds_bind could not find a transport for ::2:0:0:0:1, load rds_tcp or rds_rdma? [ 350.841850][ T5253] peak_usb 1-1:0.0 can0: unable to request usb[type=0 value=0] err=-71 [ 350.853164][ T5253] peak_usb 1-1:0.0: unable to read PCAN-USB Pro bootloader info (err -71) [ 351.082015][ T5253] peak_usb 1-1:0.0: probe with driver peak_usb failed with error -71 [ 351.213249][ T5253] usb 1-1: USB disconnect, device number 2 [ 351.731948][ T5791] binder: 5789:5791 ioctl c0306201 20000100 returned -14 [ 351.961909][ T5794] tmpfs: Bad value for 'mpol' [ 352.343863][ T5800] x_tables: duplicate underflow at hook 1 [ 353.003540][ T5809] loop1: detected capacity change from 0 to 128 [ 353.028199][ T5810] loop0: detected capacity change from 0 to 64 [ 353.250323][ T5809] FAT-fs (loop1): Directory bread(block 32) failed [ 353.258017][ T5809] FAT-fs (loop1): Directory bread(block 33) failed [ 353.265660][ T5809] FAT-fs (loop1): Directory bread(block 34) failed [ 353.273013][ T5809] FAT-fs (loop1): Directory bread(block 35) failed [ 353.280347][ T5809] FAT-fs (loop1): Directory bread(block 36) failed [ 353.287490][ T5809] FAT-fs (loop1): Directory bread(block 37) failed [ 353.295283][ T5809] FAT-fs (loop1): Directory bread(block 38) failed [ 353.303035][ T5809] FAT-fs (loop1): Directory bread(block 39) failed [ 353.310144][ T5809] FAT-fs (loop1): Directory bread(block 40) failed [ 353.317967][ T5809] FAT-fs (loop1): Directory bread(block 41) failed [ 353.671890][ T5809] syz.1.214: attempt to access beyond end of device [ 353.671890][ T5809] loop1: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 353.768681][ T5809] FAT-fs (loop1): Filesystem has been set read-only [ 353.814147][ T5809] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 354.124930][ T5822] tmpfs: Bad value for 'nr_inodes' [ 354.464974][ T5826] loop3: detected capacity change from 0 to 512 [ 354.548339][ T5826] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 354.719535][ T5826] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0002] [ 354.790902][ T5826] System zones: 0-2, 18-18, 34-35 [ 354.889528][ T5826] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 354.904100][ T5826] ext4 filesystem being mounted at /47/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 354.957642][ T5834] syz.2.226: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1 [ 354.982245][ T5834] CPU: 1 UID: 0 PID: 5834 Comm: syz.2.226 Not tainted 6.11.0-rc5-syzkaller-00050-g3ec3f5fc4a91 #0 [ 354.997253][ T5834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 355.011602][ T5834] Call Trace: [ 355.015458][ T5834] [ 355.019838][ T5834] dump_stack_lvl+0x216/0x2d0 [ 355.027674][ T5834] dump_stack+0x1e/0x30 [ 355.034187][ T5834] warn_alloc+0x455/0x650 [ 355.040385][ T5834] ? kmsan_get_metadata+0x13e/0x1c0 [ 355.047380][ T5834] ? __vmalloc_node_range_noprof+0xd6/0x2680 [ 355.054648][ T5834] __vmalloc_node_range_noprof+0x130/0x2680 [ 355.063476][ T5834] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 355.074146][ T5834] ? kmsan_get_metadata+0x13e/0x1c0 [ 355.080886][ T5834] ? kmsan_get_metadata+0x13e/0x1c0 [ 355.090763][ T5834] ? kmsan_get_metadata+0x13e/0x1c0 [ 355.097388][ T5834] ? kmsan_get_metadata+0x13e/0x1c0 [ 355.104141][ T5834] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 355.114016][ T5834] ? kmsan_get_metadata+0x13e/0x1c0 [ 355.121805][ T5834] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 355.128642][ T5834] vmalloc_user_noprof+0x90/0xb0 [ 355.136062][ T5834] ? xskq_create+0x105/0x270 [ 355.142809][ T5834] xskq_create+0x105/0x270 [ 355.148979][ T5834] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 355.157466][ T5834] xsk_init_queue+0x115/0x1f0 [ 355.166221][ T5834] xsk_setsockopt+0x882/0xcc0 [ 355.173064][ T5834] do_sock_setsockopt+0x4bb/0x7d0 [ 355.179252][ T5834] ? __pfx_xsk_setsockopt+0x10/0x10 [ 355.187136][ T5834] __sys_setsockopt+0x33a/0x4b0 [ 355.195763][ T5834] __x64_sys_setsockopt+0xe8/0x170 [ 355.202114][ T5834] x64_sys_call+0x2fc2/0x3ba0 [ 355.209712][ T5834] do_syscall_64+0xcd/0x1e0 [ 355.216301][ T5834] ? clear_bhb_loop+0x25/0x80 [ 355.223667][ T5834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 355.231057][ T5834] RIP: 0033:0x7f102bd79e79 [ 355.236649][ T5834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 355.267071][ T5834] RSP: 002b:00007f102cb9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 355.278838][ T5834] RAX: ffffffffffffffda RBX: 00007f102bf15f80 RCX: 00007f102bd79e79 [ 355.290045][ T5834] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000003 [ 355.300005][ T5834] RBP: 00007f102bde793e R08: 0000000000000020 R09: 0000000000000000 [ 355.309363][ T5834] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000 [ 355.319188][ T5834] R13: 0000000000000000 R14: 00007f102bf15f80 R15: 00007ffdcdfcf648 [ 355.331519][ T5834] [ 355.336121][ C1] vkms_vblank_simulate: vblank timer overrun [ 355.352940][ T5834] Mem-Info: [ 355.366195][ T5834] active_anon:3938 inactive_anon:0 isolated_anon:0 [ 355.366195][ T5834] active_file:1326 inactive_file:38175 isolated_file:0 [ 355.366195][ T5834] unevictable:768 dirty:112 writeback:0 [ 355.366195][ T5834] slab_reclaimable:4108 slab_unreclaimable:20844 [ 355.366195][ T5834] mapped:20976 shmem:1309 pagetables:756 [ 355.366195][ T5834] sec_pagetables:0 bounce:0 [ 355.366195][ T5834] kernel_misc_reclaimable:0 [ 355.366195][ T5834] free:423158 free_pcp:1808 free_cma:0 [ 355.432770][ C1] vkms_vblank_simulate: vblank timer overrun [ 355.448596][ T5826] Quota error (device loop3): do_check_range: Getting block 9 out of range 0-5 [ 355.451124][ T5834] Node 0 active_anon:15684kB inactive_anon:0kB active_file:5304kB inactive_file:152632kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:83904kB dirty:444kB writeback:0kB shmem:3700kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5088kB pagetables:2948kB sec_pagetables:0kB all_unreclaimable? no [ 355.501227][ C1] vkms_vblank_simulate: vblank timer overrun [ 355.519251][ T5834] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:68kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:0kB pagetables:8kB sec_pagetables:0kB all_unreclaimable? no [ 355.562222][ C1] vkms_vblank_simulate: vblank timer overrun [ 355.571315][ T5834] Node 0 DMA free:4096kB boost:0kB min:160kB low:200kB high:240kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:4096kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 355.607500][ C1] vkms_vblank_simulate: vblank timer overrun [ 355.627902][ T5834] lowmem_reserve[]: 0 893 1206 0 0 [ 355.634284][ T5834] Node 0 DMA32 free:685756kB boost:0kB min:36132kB low:45164kB high:54196kB reserved_highatomic:0KB active_anon:2548kB inactive_anon:0kB active_file:1536kB inactive_file:49964kB unevictable:0kB writepending:180kB present:3129332kB managed:953640kB mlocked:0kB bounce:0kB free_pcp:5108kB local_pcp:3376kB free_cma:0kB [ 355.671422][ C1] vkms_vblank_simulate: vblank timer overrun [ 355.679675][ T5834] lowmem_reserve[]: 0 0 313 0 0 [ 355.694037][ T5834] Node 0 Normal free:15764kB boost:0kB min:12660kB low:15824kB high:18988kB reserved_highatomic:0KB active_anon:13136kB inactive_anon:0kB active_file:3768kB inactive_file:102668kB unevictable:1536kB writepending:264kB present:1048576kB managed:320536kB mlocked:0kB bounce:0kB free_pcp:1180kB local_pcp:464kB free_cma:0kB [ 355.733646][ C1] vkms_vblank_simulate: vblank timer overrun [ 355.744985][ T5834] lowmem_reserve[]: 0 0 0 0 0 [ 355.754350][ T5834] Node 1 Normal free:987016kB boost:0kB min:41152kB low:51440kB high:61728kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:68kB unevictable:1536kB writepending:4kB present:4194304kB managed:1041672kB mlocked:0kB bounce:0kB free_pcp:1200kB local_pcp:1060kB free_cma:0kB [ 355.791598][ C1] vkms_vblank_simulate: vblank timer overrun [ 355.811904][ T5834] lowmem_reserve[]: 0 0 0 0 0 [ 355.822879][ T5834] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 1*4096kB (M) = 4096kB [ 355.840952][ T5834] Node 0 DMA32: 25*4kB (ME) 9*8kB (ME) 15*16kB (ME) 19*32kB (UM) 19*64kB (UME) 10*128kB (UME) 3*256kB (UME) 3*512kB (UE) 2*1024kB (M) 5*2048kB (UM) 163*4096kB (M) = 685756kB [ 355.865510][ T5834] Node 0 Normal: 9*4kB (UM) 26*8kB (UME) 16*16kB (UME) 3*32kB (UME) 1*64kB (U) 2*128kB (UM) 0*256kB 1*512kB (M) 2*1024kB (UM) 2*2048kB (UE) 2*4096kB (M) = 15764kB [ 355.892602][ C1] vkms_vblank_simulate: vblank timer overrun [ 355.910071][ T5834] Node 1 Normal: 2*4kB (UM) 0*8kB 0*16kB 0*32kB 0*64kB 3*128kB (UM) 2*256kB (M) 4*512kB (UM) 5*1024kB (U) 2*2048kB (U) 238*4096kB (M) = 987016kB [ 355.934738][ T5834] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 355.949920][ T5834] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 355.959688][ T5834] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 355.973410][ T5834] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 355.985649][ T5834] 40812 total pagecache pages [ 355.997736][ T5834] 0 pages in swap cache [ 356.007650][ T5834] Free swap = 124996kB [ 356.015585][ T5834] Total swap = 124996kB [ 356.022868][ T5834] 2097051 pages RAM [ 356.028109][ T5834] 0 pages HighMem/MovableOnly [ 356.034992][ T5834] 1517065 pages reserved [ 356.040033][ T5834] 0 pages cma reserved [ 356.265807][ T5184] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.319051][ T5840] syz.0.227 uses obsolete (PF_INET,SOCK_PACKET) [ 357.174293][ T5853] netlink: 16178 bytes leftover after parsing attributes in process `syz.4.233'. [ 358.134453][ T1244] ieee802154 phy0 wpan0: encryption failed: -22 [ 358.147310][ T1244] ieee802154 phy1 wpan1: encryption failed: -22 [ 358.166689][ T5868] netlink: 48 bytes leftover after parsing attributes in process `syz.2.240'. [ 358.945188][ T5881] netlink: 'syz.0.246': attribute type 10 has an invalid length. [ 359.029130][ T5881] veth1_macvtap: left promiscuous mode [ 360.687938][ T29] audit: type=1400 audit(1724794532.963:4): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=2626203138343436373434303733373039353531363135 pid=5894 comm="syz.4.254" [ 361.266816][ T5903] REISERFS warning (device nullb0): sh-2021 reiserfs_fill_super: can not find reiserfs on nullb0 [ 363.331161][ T5930] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 364.001402][ T29] audit: type=1326 audit(1724794536.303:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5937 comm="syz.2.274" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f102bd79e79 code=0x0 [ 366.568828][ T5968] netlink: 'syz.2.287': attribute type 10 has an invalid length. [ 366.579253][ T5968] netlink: 12 bytes leftover after parsing attributes in process `syz.2.287'. [ 367.262322][ T1762] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 367.474083][ T1762] usb 1-1: Using ep0 maxpacket: 8 [ 367.509444][ T1762] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 367.520827][ T1762] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 367.531141][ T1762] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 367.531408][ T1762] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 367.531578][ T1762] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 367.598907][ T1762] hub 1-1:1.0: bad descriptor, ignoring hub [ 367.599037][ T1762] hub 1-1:1.0: probe with driver hub failed with error -5 [ 367.600808][ T1762] cdc_wdm 1-1:1.0: invalid descriptor buffer length [ 367.600931][ T1762] cdc_wdm 1-1:1.0: probe with driver cdc_wdm failed with error -22 [ 368.064748][ T1762] usb 1-1: USB disconnect, device number 3 [ 369.036540][ T5994] loop1: detected capacity change from 0 to 128 [ 370.143976][ T5986] loop3: detected capacity change from 0 to 4096 [ 370.292824][ T5986] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 370.733528][ T5986] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 371.588351][ T6014] loop1: detected capacity change from 0 to 2048 [ 371.801312][ T6014] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 372.298750][ T25] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 372.554636][ T25] usb 2-1: config 0 has an invalid interface number: 216 but max is 0 [ 372.566200][ T25] usb 2-1: config 0 has no interface number 0 [ 372.573106][ T25] usb 2-1: config 0 interface 216 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 372.591728][ T25] usb 2-1: config 0 interface 216 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 372.651285][ T25] usb 2-1: New USB device found, idVendor=0499, idProduct=1002, bcdDevice=df.d7 [ 372.663588][ T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 372.672677][ T25] usb 2-1: Product: syz [ 372.677293][ T25] usb 2-1: Manufacturer: syz [ 372.690742][ T25] usb 2-1: SerialNumber: syz [ 372.772762][ T25] usb 2-1: config 0 descriptor?? [ 372.809726][ T45] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 372.881937][ T25] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 372.921607][ T6017] loop4: detected capacity change from 0 to 4096 [ 373.070895][ T25] snd-usb-audio 2-1:0.216: probe with driver snd-usb-audio failed with error -2 [ 373.108494][ T45] usb 3-1: New USB device found, idVendor=0733, idProduct=0430, bcdDevice=35.fb [ 373.120331][ T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 373.163521][ T6032] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 373.214749][ T45] usb 3-1: config 0 descriptor?? [ 373.277534][ T45] gspca_main: spca505-2.14.0 probing 0733:0430 [ 373.288697][ T25] usb 2-1: USB disconnect, device number 3 [ 373.363530][ T6017] NILFS error (device loop4): nilfs_dotdot: directory #12 missing '.' [ 373.422877][ T6017] Remounting filesystem read-only [ 373.759647][ T45] gspca_spca505: reg write: error -71 [ 373.768556][ T45] spca505 3-1:0.0: probe with driver spca505 failed with error -5 [ 373.822596][ T45] usb 3-1: USB disconnect, device number 2 [ 375.084949][ T6043] loop1: detected capacity change from 0 to 16 [ 375.205618][ T6043] erofs: (device loop1): mounted with root inode @ nid 36. [ 376.772586][ T6050] loop3: detected capacity change from 0 to 2048 [ 377.001505][ T6060] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 377.260462][ T6050] NILFS error (device loop3): nilfs_check_folio: bad entry in directory #2: rec_len is too small for name_len - offset=0, inode=2, rec_len=16, name_len=255 [ 377.344653][ T6050] Remounting filesystem read-only [ 380.290593][ T6081] syz.2.339 (6081): drop_caches: 2 [ 384.012883][ T6125] netlink: 8 bytes leftover after parsing attributes in process `syz.4.359'. [ 385.215874][ T6135] syz.4.364: attempt to access beyond end of device [ 385.215874][ T6135] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0 [ 385.232125][ T6135] (syz.4.364,6135,0):ocfs2_get_sector:1771 ERROR: status = -5 [ 385.242138][ T6135] (syz.4.364,6135,0):ocfs2_sb_probe:749 ERROR: status = -5 [ 385.250712][ T6135] (syz.4.364,6135,0):ocfs2_fill_super:990 ERROR: superblock probe failed! [ 385.260737][ T6135] (syz.4.364,6135,0):ocfs2_fill_super:1178 ERROR: status = -5 [ 387.067712][ T25] usb 3-1: new low-speed USB device number 3 using dummy_hcd [ 387.149402][ T6150] loop4: detected capacity change from 0 to 1764 [ 387.394526][ T25] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 387.405288][ T25] usb 3-1: config 0 has no interface number 0 [ 387.413603][ T25] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 10 [ 387.434337][ T25] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 387.447007][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 387.576673][ T25] usb 3-1: config 0 descriptor?? [ 387.665667][ T25] iowarrior 3-1:0.1: no interrupt-in endpoint found [ 387.682554][ T6158] loop0: detected capacity change from 0 to 1024 [ 387.995330][ T5235] usb 3-1: USB disconnect, device number 3 [ 388.429885][ T5992] udevd[5992]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.216/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 388.624203][ T4303] hfsplus: b-tree write err: -5, ino 4 [ 389.738411][ T6172] netlink: 12 bytes leftover after parsing attributes in process `syz.2.381'. [ 389.749443][ T6172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.381'. [ 389.762762][ T6172] netlink: 'syz.2.381': attribute type 1 has an invalid length. [ 389.983327][ T6175] mmap: syz.3.383 (6175): VmData 41648128 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 390.654253][ T6162] loop4: detected capacity change from 0 to 4096 [ 391.104397][ T6186] loop3: detected capacity change from 0 to 512 [ 391.126320][ T6162] ntfs3: loop4: Failed to read $UpCase (-4). [ 391.329539][ T6186] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 391.342970][ T6186] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 391.504944][ T6191] netlink: 8 bytes leftover after parsing attributes in process `syz.1.389'. [ 392.633995][ T5184] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 393.862119][ T6207] loop0: detected capacity change from 0 to 2048 [ 393.945459][ T6207] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 393.991194][ T6207] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 394.153349][ T6207] /dev/loop0: Can't open blockdev [ 394.365913][ T6219] x_tables: ip_tables: osf match: only valid for protocol 6 [ 395.515385][ T6232] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 397.672661][ T6247] loop3: detected capacity change from 0 to 2048 [ 397.881827][ T6247] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 397.908912][ T6261] libceph: resolve ' [ 397.908912][ T6261] -&õÌ×fÍY¹Ç²a×ïÅ2iˆ [ 397.908912][ T6261] .ÖúÕ?Çý&*»§&' (ret=-3): failed [ 398.138486][ T6247] tmpfs: Bad value for 'mpol' [ 398.673665][ T5184] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 399.253728][ T6274] capability: warning: `syz.1.427' uses deprecated v2 capabilities in a way that may be insecure [ 399.803146][ T6278] netlink: 'syz.4.429': attribute type 21 has an invalid length. [ 399.811641][ T6278] netlink: 4 bytes leftover after parsing attributes in process `syz.4.429'. [ 400.736060][ T6297] netlink: 8 bytes leftover after parsing attributes in process `syz.3.435'. [ 402.506781][ T6318] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 402.524774][ T6318] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 403.488193][ T6331] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only [ 403.762554][ T45] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 403.993272][ T45] usb 4-1: Using ep0 maxpacket: 32 [ 404.078322][ T45] usb 4-1: New USB device found, idVendor=046d, idProduct=08b7, bcdDevice=99.db [ 404.090369][ T45] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 404.129444][ T45] usb 4-1: config 0 descriptor?? [ 404.282885][ T45] pwc: Logitech ViewPort AV 100 webcam detected. [ 404.648906][ T45] pwc: send_video_command error -71 [ 404.656545][ T45] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 404.666515][ T45] Philips webcam 4-1:0.0: probe with driver Philips webcam failed with error -71 [ 404.771344][ T45] usb 4-1: USB disconnect, device number 2 [ 406.454169][ T6364] (unnamed net_device) (uninitialized): option arp_interval: mode dependency failed, not supported in mode balance-tlb(5) [ 407.825424][ T6384] IPv6: sit1: Disabled Multicast RS [ 408.055973][ T6386] loop0: detected capacity change from 0 to 512 [ 408.195951][ T6382] loop4: detected capacity change from 0 to 2048 [ 408.345242][ T6386] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 408.365807][ T6386] ext4 filesystem being mounted at /96/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 408.437557][ T6382] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 408.670552][ T6386] Quota error (device loop0): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 408.684401][ T6386] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 408.696581][ T6386] EXT4-fs error (device loop0): ext4_acquire_dquot:6848: comm syz.0.480: Failed to acquire dquot type 0 [ 409.246171][ T5180] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 410.042053][ T6405] netlink: 8 bytes leftover after parsing attributes in process `syz.2.488'. [ 411.182982][ T6418] netlink: 'syz.4.496': attribute type 4 has an invalid length. [ 411.198345][ T6418] netlink: 128124 bytes leftover after parsing attributes in process `syz.4.496'. [ 411.336042][ T6420] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 411.346838][ T6420] IPv6: NLM_F_CREATE should be set when creating new route [ 411.363859][ T5198] Bluetooth: hci0: command 0x0406 tx timeout [ 411.374525][ T4561] Bluetooth: hci1: command 0x0406 tx timeout [ 411.374682][ T53] Bluetooth: hci2: command 0x0406 tx timeout [ 411.382178][ T4561] Bluetooth: hci4: command 0x0406 tx timeout [ 411.385343][ T4561] Bluetooth: hci3: command 0x0406 tx timeout [ 411.781070][ T5193] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 411.806035][ T5193] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 411.821998][ T5193] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 411.852415][ T5193] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 411.867825][ T5193] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 411.883567][ T5193] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 413.445567][ T6446] netlink: 32 bytes leftover after parsing attributes in process `syz.4.506'. [ 413.813800][ T6422] chnl_net:caif_netlink_parms(): no params data found [ 414.016153][ T5193] Bluetooth: hci5: command tx timeout [ 414.787928][ T6464] netlink: 'syz.3.515': attribute type 1 has an invalid length. [ 415.981647][ T6478] netlink: 8 bytes leftover after parsing attributes in process `syz.0.520'. [ 416.075930][ T5193] Bluetooth: hci5: command tx timeout [ 416.115490][ T6481] netlink: 32 bytes leftover after parsing attributes in process `syz.3.522'. [ 416.126207][ T6481] netlink: 56 bytes leftover after parsing attributes in process `syz.3.522'. [ 416.228670][ T6422] bridge0: port 1(bridge_slave_0) entered blocking state [ 416.237914][ T6422] bridge0: port 1(bridge_slave_0) entered disabled state [ 416.246734][ T6422] bridge_slave_0: entered allmulticast mode [ 416.424539][ T6422] bridge_slave_0: entered promiscuous mode [ 416.455339][ T6422] bridge0: port 2(bridge_slave_1) entered blocking state [ 416.464375][ T6422] bridge0: port 2(bridge_slave_1) entered disabled state [ 416.476660][ T6422] bridge_slave_1: entered allmulticast mode [ 416.487082][ T6422] bridge_slave_1: entered promiscuous mode [ 416.980409][ T6422] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 417.106621][ T6422] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 417.496571][ T6422] team0: Port device team_slave_0 added [ 417.603179][ T6422] team0: Port device team_slave_1 added [ 417.973586][ T6422] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 417.988937][ T6422] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 418.017681][ T6422] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 418.153773][ T5193] Bluetooth: hci5: command tx timeout [ 418.177695][ T6422] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 418.185333][ T6422] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 418.213259][ T6422] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 418.927079][ T6422] hsr_slave_0: entered promiscuous mode [ 419.004617][ T6422] hsr_slave_1: entered promiscuous mode [ 419.056710][ T6422] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 419.067417][ T6422] Cannot create hsr debugfs directory [ 419.548173][ T1244] ieee802154 phy0 wpan0: encryption failed: -22 [ 419.557311][ T1244] ieee802154 phy1 wpan1: encryption failed: -22 [ 420.175821][ T6520] netlink: 4 bytes leftover after parsing attributes in process `syz.2.540'. [ 420.250791][ T5193] Bluetooth: hci5: command tx timeout [ 420.779389][ T6422] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.853483][ T6522] loop0: detected capacity change from 0 to 512 [ 420.927503][ T6522] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 421.039494][ T6422] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 421.099255][ T6522] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.541: iget: bad i_size value: -67835469387268086 [ 421.115553][ T6522] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.541: couldn't read orphan inode 15 (err -117) [ 421.141148][ T6522] EXT4-fs (loop0): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 421.155874][ T6522] ext2 filesystem being mounted at /111/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 421.307413][ T6522] EXT4-fs error (device loop0): ext4_add_entry:2435: inode #2: comm syz.0.541: Directory hole found for htree leaf block 0 [ 421.359066][ T6422] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 421.611218][ T6422] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 421.813178][ T5180] EXT4-fs (loop0): unmounting filesystem f7ff0000-0000-0000-0000-000000000000. [ 422.314294][ T6422] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 422.380462][ T6537] netlink: 164 bytes leftover after parsing attributes in process `syz.4.547'. [ 422.420623][ T6422] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 422.506756][ T6422] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 422.603935][ T6541] netlink: 'syz.2.548': attribute type 25 has an invalid length. [ 422.794043][ T6422] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 423.124996][ T6547] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 423.592671][ T6552] loop3: detected capacity change from 0 to 128 [ 423.644900][ T6552] befs: (loop3): No write support. Marking filesystem read-only [ 423.698223][ T6552] befs: (loop3): invalid magic header [ 423.763323][ T6555] i2c i2c-0: Invalid block write size 34 [ 424.535023][ T6422] 8021q: adding VLAN 0 to HW filter on device bond0 [ 424.583945][ T29] audit: type=1326 audit(1724794596.843:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6559 comm="syz.0.558" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb2ff379e79 code=0x0 [ 424.849792][ T6422] 8021q: adding VLAN 0 to HW filter on device team0 [ 424.938409][ T3026] bridge0: port 1(bridge_slave_0) entered blocking state [ 424.947776][ T3026] bridge0: port 1(bridge_slave_0) entered forwarding state [ 425.095959][ T3026] bridge0: port 2(bridge_slave_1) entered blocking state [ 425.104017][ T3026] bridge0: port 2(bridge_slave_1) entered forwarding state [ 425.678654][ T6422] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 428.544708][ T6602] netlink: 'syz.3.577': attribute type 21 has an invalid length. [ 428.555413][ T6602] netlink: 132 bytes leftover after parsing attributes in process `syz.3.577'. [ 428.584974][ T6603] netlink: 'syz.2.575': attribute type 24 has an invalid length. [ 428.648992][ T6422] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 429.276998][ T6609] netlink: 8 bytes leftover after parsing attributes in process `syz.3.580'. [ 429.339689][ T6422] veth0_vlan: entered promiscuous mode [ 429.511858][ T6422] veth1_vlan: entered promiscuous mode [ 429.933960][ T6612] loop2: detected capacity change from 0 to 1024 [ 430.115814][ T6422] veth0_macvtap: entered promiscuous mode [ 430.289042][ T6422] veth1_macvtap: entered promiscuous mode [ 430.664961][ T4303] hfsplus: b-tree write err: -5, ino 4 [ 430.690702][ T6422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 430.705985][ T6422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 430.718326][ T6422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 430.733152][ T6422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 430.753482][ T6422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 430.769688][ T6422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 430.781786][ T6422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 430.793559][ T6422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 430.807176][ T6422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 430.819323][ T6422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 430.842873][ T6422] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 431.231340][ T6623] loop3: detected capacity change from 0 to 16 [ 431.331198][ T6623] erofs: (device loop3): mounted with root inode @ nid 36. [ 431.390564][ T6422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 431.401843][ T6422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 431.412535][ T6422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 431.425115][ T6422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 431.436666][ T6422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 431.448528][ T6422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 431.464288][ T6422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 431.476959][ T6422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 431.487699][ T6422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 431.499155][ T6422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 431.516274][ T6422] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 431.846466][ T6422] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 431.857333][ T6422] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 431.875567][ T6422] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 431.887557][ T6422] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 433.377507][ T6647] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 433.801652][ T6653] netlink: 20 bytes leftover after parsing attributes in process `syz.0.598'. [ 433.813596][ T6653] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 433.821229][ T6653] IPv6: NLM_F_CREATE should be set when creating new route [ 433.830827][ T6653] IPv6: NLM_F_CREATE should be set when creating new route [ 434.272494][ T29] audit: type=1326 audit(1724794606.543:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6656 comm="syz.3.601" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a4f179e79 code=0x0 [ 435.405933][ T6669] overlayfs: missing 'lowerdir' [ 438.360487][ T6699] loop0: detected capacity change from 0 to 1024 [ 438.535186][ T6699] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 438.549478][ T6699] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 438.739540][ T5180] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 438.918086][ T6689] loop4: detected capacity change from 0 to 4096 [ 438.944836][ T6689] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 438.999373][ T6710] cgroup: none used incorrectly [ 441.252788][ T6734] misc userio: Invalid payload size [ 441.646667][ T29] audit: type=1326 audit(1724794613.943:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6736 comm="syz.4.631" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdd83f79e79 code=0x0 [ 441.766306][ T6741] kAFS: No cell specified [ 442.672606][ T3026] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 442.681001][ T3026] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 443.082723][ T29] audit: type=1326 audit(1724794615.363:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6750 comm="syz.4.638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd83f79e79 code=0x7ffc0000 [ 443.107821][ T29] audit: type=1326 audit(1724794615.363:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6750 comm="syz.4.638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd83f79e79 code=0x7ffc0000 [ 443.132138][ C1] vkms_vblank_simulate: vblank timer overrun [ 443.146795][ T29] audit: type=1326 audit(1724794615.413:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6750 comm="syz.4.638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7fdd83f79e79 code=0x7ffc0000 [ 443.158453][ T3718] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 443.174167][ T29] audit: type=1326 audit(1724794615.413:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6750 comm="syz.4.638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd83f79e79 code=0x7ffc0000 [ 443.183713][ T3718] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 443.508511][ T6756] netlink: 288 bytes leftover after parsing attributes in process `syz.0.640'. [ 443.559541][ T6758] loop3: detected capacity change from 0 to 8 [ 443.682541][ T6758] SQUASHFS error: Unable to read inode 0x87 [ 444.725661][ T25] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 444.957953][ T25] usb 3-1: Using ep0 maxpacket: 16 [ 445.055012][ T25] usb 3-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 445.065635][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 445.074881][ T25] usb 3-1: Product: syz [ 445.088892][ T25] usb 3-1: Manufacturer: syz [ 445.097279][ T25] usb 3-1: SerialNumber: syz [ 445.201529][ T25] usb 3-1: config 0 descriptor?? [ 445.241496][ T25] ssu100 3-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 445.322801][ C1] hrtimer: interrupt took 614527 ns [ 445.739720][ T25] ssu100 3-1:0.0: probe with driver ssu100 failed with error -71 [ 445.861203][ T25] usb 3-1: USB disconnect, device number 4 [ 447.036791][ T6795] netlink: 44 bytes leftover after parsing attributes in process `syz.2.658'. [ 447.049163][ T6795] netlink: 43 bytes leftover after parsing attributes in process `syz.2.658'. [ 447.060596][ T6795] netlink: 'syz.2.658': attribute type 6 has an invalid length. [ 447.070223][ T6795] netlink: 'syz.2.658': attribute type 5 has an invalid length. [ 447.079493][ T6795] netlink: 43 bytes leftover after parsing attributes in process `syz.2.658'. [ 447.495712][ T25] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 447.714323][ T6805] ipvlan0: entered allmulticast mode [ 447.720730][ T6805] veth0_vlan: entered allmulticast mode [ 447.739309][ T6805] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 447.814789][ T25] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 447.826637][ T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 447.838382][ T25] usb 2-1: Product: syz [ 447.851412][ T25] usb 2-1: Manufacturer: syz [ 447.859072][ T25] usb 2-1: SerialNumber: syz [ 447.913797][ T25] usb 2-1: config 0 descriptor?? [ 448.381178][ T25] usb-storage 2-1:0.0: USB Mass Storage device detected [ 448.598170][ T25] usb 2-1: USB disconnect, device number 4 [ 448.740030][ T6815] loop4: detected capacity change from 0 to 256 [ 449.465699][ T29] audit: type=1326 audit(1724794621.793:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.0.672" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb2ff379e79 code=0x0 [ 450.993902][ T6843] wlan0 speed is unknown, defaulting to 1000 [ 451.009279][ T6843] wlan0 speed is unknown, defaulting to 1000 [ 451.030384][ T6843] wlan0 speed is unknown, defaulting to 1000 [ 451.673331][ T6851] netlink: 'syz.4.682': attribute type 1 has an invalid length. [ 451.683834][ T6851] netlink: 'syz.4.682': attribute type 2 has an invalid length. [ 451.693871][ T6851] netlink: 4 bytes leftover after parsing attributes in process `syz.4.682'. [ 451.978938][ T6843] infiniband syz2: set active [ 451.984674][ T6843] infiniband syz2: added wlan0 [ 452.013725][ T1762] wlan0 speed is unknown, defaulting to 1000 [ 452.170148][ T6843] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR [ 452.208434][ T6843] infiniband syz2: Couldn't open port 1 [ 452.379370][ T6857] loop1: detected capacity change from 0 to 256 [ 452.468657][ T6859] netlink: 8 bytes leftover after parsing attributes in process `syz.3.687'. [ 452.482039][ T6859] netlink: 52 bytes leftover after parsing attributes in process `syz.3.687'. [ 452.518046][ T6859] bridge1: the hash_elasticity option has been deprecated and is always 16 [ 452.542775][ T6843] RDS/IB: syz2: added [ 452.547877][ T6843] smc: adding ib device syz2 with port count 1 [ 452.566588][ T6843] smc: ib device syz2 port 1 has pnetid [ 452.580511][ T6843] wlan0 speed is unknown, defaulting to 1000 [ 452.649055][ T1762] wlan0 speed is unknown, defaulting to 1000 [ 453.959896][ T6843] wlan0 speed is unknown, defaulting to 1000 [ 454.100576][ T6872] netlink: 8 bytes leftover after parsing attributes in process `syz.0.693'. [ 455.065717][ T6843] wlan0 speed is unknown, defaulting to 1000 [ 456.379089][ T6843] wlan0 speed is unknown, defaulting to 1000 [ 457.147942][ T6896] loop4: detected capacity change from 0 to 2048 [ 457.402054][ T6896] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 457.715451][ T6843] wlan0 speed is unknown, defaulting to 1000 [ 458.485538][ T6843] wlan0 speed is unknown, defaulting to 1000 [ 458.916732][ T6915] netlink: 16 bytes leftover after parsing attributes in process `syz.1.714'. [ 460.434257][ T6928] ceph: No source [ 461.100372][ T1762] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 461.399492][ T6940] netlink: 16 bytes leftover after parsing attributes in process `syz.0.726'. [ 461.422710][ T1762] usb 4-1: Using ep0 maxpacket: 8 [ 461.476498][ T1762] usb 4-1: config 0 has an invalid interface number: 2 but max is 0 [ 461.489128][ T1762] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 461.501989][ T1762] usb 4-1: config 0 has no interface number 0 [ 461.550849][ T6942] IPv6: Can't replace route, no match found [ 461.556368][ T1762] usb 4-1: New USB device found, idVendor=05da, idProduct=0099, bcdDevice=d5.82 [ 461.575069][ T1762] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 461.590365][ T1762] usb 4-1: Product: syz [ 461.596523][ T1762] usb 4-1: Manufacturer: syz [ 461.604497][ T1762] usb 4-1: SerialNumber: syz [ 461.633494][ T1762] usb 4-1: config 0 descriptor?? [ 461.988695][ T1762] microtek usb (rev 0.4.3): expecting 3 got 0 endpoints! Bailing out. [ 462.057238][ T1762] usb 4-1: USB disconnect, device number 3 [ 462.654599][ T6952] bond1: entered promiscuous mode [ 462.660499][ T6952] bond1: entered allmulticast mode [ 462.667681][ T6952] 8021q: adding VLAN 0 to HW filter on device bond1 [ 463.710482][ T6964] loop1: detected capacity change from 0 to 512 [ 463.755662][ T6964] EXT4-fs: Ignoring removed nobh option [ 464.011940][ T6964] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 464.033912][ T6964] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 464.310588][ T6967] loop2: detected capacity change from 0 to 2048 [ 464.496309][ T6976] loop4: detected capacity change from 0 to 256 [ 464.512887][ T6967] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 464.765933][ T6976] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d) [ 464.831677][ T6422] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 466.472838][ T6994] netlink: 'syz.4.751': attribute type 3 has an invalid length. [ 466.693350][ T1588] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 466.703592][ T5235] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 466.844640][ T6980] loop3: detected capacity change from 0 to 4096 [ 466.914876][ T6980] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 466.966198][ T5235] usb 2-1: Using ep0 maxpacket: 8 [ 466.980132][ T1588] usb 1-1: Using ep0 maxpacket: 16 [ 467.022680][ T1588] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 467.036468][ T1588] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 467.078266][ T5235] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 [ 467.092758][ T5235] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 467.113737][ T5235] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0 [ 467.127357][ T5235] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xC has an invalid bInterval 0, changing to 7 [ 467.140383][ T5235] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0 [ 467.152457][ T5235] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 467.165787][ T5235] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 467.177090][ T5235] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 467.189223][ T5235] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 467.205731][ T5235] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 467.218299][ T5235] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 467.230421][ T5235] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 467.278574][ T1588] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 467.291530][ T1588] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 467.310693][ T1588] usb 1-1: Product: syz [ 467.318371][ T1588] usb 1-1: Manufacturer: syz [ 467.324212][ T1588] usb 1-1: SerialNumber: syz [ 467.362945][ T5235] usb 2-1: New USB device found, idVendor=1f4d, idProduct=0102, bcdDevice=cc.cd [ 467.374809][ T5235] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 467.388989][ T5235] usb 2-1: Product: syz [ 467.394305][ T5235] usb 2-1: Manufacturer: syz [ 467.408910][ T5235] usb 2-1: SerialNumber: syz [ 467.481753][ T7000] loop4: detected capacity change from 0 to 64 [ 467.495992][ T5235] usb 2-1: config 0 descriptor?? [ 467.799727][ T5235] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 468.001962][ T1588] usb 1-1: cannot find UAC_HEADER [ 468.033915][ T5235] usb 2-1: USB disconnect, device number 5 [ 468.170788][ T29] audit: type=1800 audit(1724794640.463:14): pid=6980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.744" name="bus" dev="loop3" ino=64 res=0 errno=0 [ 468.218227][ T1588] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 468.314274][ T1588] usb 1-1: USB disconnect, device number 4 [ 468.751497][ T7004] loop4: detected capacity change from 0 to 512 [ 469.011598][ T7004] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 469.095520][ T7004] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.756: invalid indirect mapped block 8 (level 2) [ 469.203589][ T7004] EXT4-fs (loop4): Remounting filesystem read-only [ 469.213590][ T7004] EXT4-fs (loop4): 1 truncate cleaned up [ 469.224273][ T7004] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 469.533189][ T7011] netlink: 'syz.1.759': attribute type 1 has an invalid length. [ 469.748491][ T7016] loop0: detected capacity change from 0 to 64 [ 469.993806][ T5189] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 471.314716][ T7029] loop0: detected capacity change from 0 to 512 [ 471.573192][ T7029] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 471.657832][ T7029] EXT4-fs (loop0): 1 truncate cleaned up [ 471.666397][ T7029] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 471.853767][ T7029] Error parsing options; rc = [-22] [ 472.340459][ T1588] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 472.390768][ T5180] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 472.594903][ T1588] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 472.605656][ T1588] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 472.698084][ T1588] usb 5-1: config 0 descriptor?? [ 472.758988][ T1588] cp210x 5-1:0.0: cp210x converter detected [ 473.088280][ T1588] usb 5-1: cp210x converter now attached to ttyUSB0 [ 473.293037][ T1762] usb 5-1: USB disconnect, device number 2 [ 473.368919][ T1762] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 473.381379][ T1762] cp210x 5-1:0.0: device disconnected [ 473.525658][ T7054] loop0: detected capacity change from 0 to 256 [ 473.544332][ T7057] loop3: detected capacity change from 0 to 8 [ 473.606347][ T29] audit: type=1326 audit(1724794645.893:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.1.780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bfdf79e79 code=0x7ffc0000 [ 473.634599][ T29] audit: type=1326 audit(1724794645.893:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.1.780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bfdf79e79 code=0x7ffc0000 [ 473.674386][ T29] audit: type=1326 audit(1724794645.953:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.1.780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f4bfdf79e79 code=0x7ffc0000 [ 473.700316][ T29] audit: type=1326 audit(1724794645.953:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.1.780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bfdf79e79 code=0x7ffc0000 [ 474.323627][ T7064] netlink: 'syz.1.784': attribute type 1 has an invalid length. [ 474.333982][ T7064] netlink: 56 bytes leftover after parsing attributes in process `syz.1.784'. [ 476.350379][ T7078] loop3: detected capacity change from 0 to 2048 [ 476.473739][ T7078] NILFS (loop3): invalid segment: Sequence number mismatch [ 476.485047][ T7078] NILFS (loop3): trying rollback from an earlier position [ 476.654202][ T7078] NILFS (loop3): recovery complete [ 476.658443][ T29] audit: type=1326 audit(1724794648.973:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7089 comm="syz.2.797" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f102bd79e79 code=0x0 [ 476.712738][ T7095] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 477.692803][ T45] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 477.912625][ T45] usb 2-1: Using ep0 maxpacket: 32 [ 477.974249][ T45] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 478.066782][ T45] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=a6.13 [ 478.078408][ T45] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 478.092850][ T45] usb 2-1: Product: syz [ 478.097685][ T45] usb 2-1: Manufacturer: syz [ 478.103615][ T45] usb 2-1: SerialNumber: syz [ 478.193631][ T45] usb 2-1: config 0 descriptor?? [ 478.253908][ T45] pvrusb2: Hardware description: Terratec Grabster AV400 [ 478.275586][ T45] pvrusb2: ********** [ 478.280377][ T45] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 478.293778][ T45] pvrusb2: Important functionality might not be entirely working. [ 478.305526][ T45] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 478.321422][ T45] pvrusb2: ********** [ 478.561622][ T2021] pvrusb2: Invalid write control endpoint [ 478.916348][ T5237] usb 2-1: USB disconnect, device number 6 [ 478.960224][ T7121] loop0: detected capacity change from 0 to 8 [ 479.264235][ T2021] pvrusb2: Invalid write control endpoint [ 479.274365][ T2021] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 479.293794][ T2021] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 479.307412][ T2021] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 479.321006][ T2021] pvrusb2: Device being rendered inoperable [ 479.329588][ T2021] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 479.341329][ T2021] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 479.354457][ T2021] pvrusb2: Attached sub-driver cx25840 [ 479.361775][ T2021] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 479.367295][ T7121] SQUASHFS error: Failed to read block 0x63a: -5 [ 479.376354][ T2021] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 479.413478][ T7121] SQUASHFS error: Unable to read metadata cache entry [638] [ 479.421977][ T7121] SQUASHFS error: Unable to read directory block [26067d:0] [ 479.732934][ T25] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 479.952967][ T25] usb 5-1: Using ep0 maxpacket: 16 [ 480.021572][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 480.036047][ T25] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0 [ 480.119434][ T25] usb 5-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79 [ 480.131770][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 480.147807][ T25] usb 5-1: Product: syz [ 480.157377][ T25] usb 5-1: Manufacturer: syz [ 480.166966][ T25] usb 5-1: SerialNumber: syz [ 480.236640][ T25] usb 5-1: config 0 descriptor?? [ 480.464301][ T1588] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 480.497274][ T25] usb 5-1: Not enough endpoints found in device, aborting! [ 480.655090][ T7136] loop3: detected capacity change from 0 to 764 [ 480.736697][ T25] usb 5-1: USB disconnect, device number 3 [ 480.746084][ T1588] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 480.760848][ T1588] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 480.775765][ T1588] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 480.787453][ T1588] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 480.802440][ T1588] usb 2-1: config 1 interface 1 has no altsetting 0 [ 480.891673][ T1588] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 480.903413][ T1588] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 480.914792][ T1588] usb 2-1: Product: syz [ 480.926920][ T1588] usb 2-1: Manufacturer: syz [ 480.934077][ T1588] usb 2-1: SerialNumber: syz [ 480.975798][ T1244] ieee802154 phy0 wpan0: encryption failed: -22 [ 480.988233][ T1244] ieee802154 phy1 wpan1: encryption failed: -22 [ 481.076879][ T1588] cdc_ncm 2-1:1.0: NCM or ECM functional descriptors missing [ 481.087760][ T1588] cdc_ncm 2-1:1.0: bind() failure [ 481.724322][ T45] usb 2-1: USB disconnect, device number 7 [ 482.593575][ T7150] netlink: 24 bytes leftover after parsing attributes in process `syz.2.824'. [ 483.672893][ T5237] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 484.006292][ T5237] usb 1-1: Using ep0 maxpacket: 8 [ 484.081700][ T5237] usb 1-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 484.098119][ T5237] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 484.110808][ T5237] usb 1-1: Product: syz [ 484.115808][ T5237] usb 1-1: Manufacturer: syz [ 484.121211][ T5237] usb 1-1: SerialNumber: syz [ 484.286195][ T5237] usb 1-1: config 0 descriptor?? [ 484.382139][ T5237] gspca_main: se401-2.14.0 probing 047d:5003 [ 484.441065][ T7168] loop1: detected capacity change from 0 to 1024 [ 484.564790][ T7168] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 484.903066][ T5237] gspca_se401: write req failed req 0x57 val 0x00 error -71 [ 484.919448][ T5237] se401 1-1:0.0: probe with driver se401 failed with error -71 [ 484.950072][ T7168] hfsplus: filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. leaving read-only. [ 485.086953][ T5237] usb 1-1: USB disconnect, device number 5 [ 486.424020][ T7166] loop3: detected capacity change from 0 to 4096 [ 486.492878][ T7166] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 486.693017][ T7166] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 486.853097][ T7166] ntfs3: loop3: Failed to read $AttrDef (-4). [ 487.642872][ T29] audit: type=1326 audit(1724794659.893:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7190 comm="syz.0.841" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb2ff379e79 code=0x0 [ 488.556903][ T5342] udevd[5342]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 489.941613][ T5235] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 490.215682][ T5235] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 490.313516][ T5235] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 490.325698][ T5235] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 490.335464][ T5235] usb 5-1: Product: syz [ 490.344971][ T5235] usb 5-1: Manufacturer: syz [ 490.350333][ T5235] usb 5-1: SerialNumber: syz [ 490.515641][ T5235] usb 5-1: config 0 descriptor?? [ 490.578850][ T5235] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 491.050522][ T5235] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 491.253514][ T5235] usb 5-1: USB disconnect, device number 4 [ 491.913101][ T7241] netlink: 12 bytes leftover after parsing attributes in process `syz.3.864'. [ 492.200646][ T7234] loop2: detected capacity change from 0 to 2048 [ 492.572906][ T7234] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 495.014182][ T7271] netlink: 4 bytes leftover after parsing attributes in process `syz.4.877'. [ 495.191673][ T29] audit: type=1326 audit(1724794667.433:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7269 comm="syz.3.878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a4f179e79 code=0x7ffc0000 [ 495.221647][ T29] audit: type=1326 audit(1724794667.433:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7269 comm="syz.3.878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a4f179e79 code=0x7ffc0000 [ 495.795134][ T7281] loop1: detected capacity change from 0 to 16 [ 495.942982][ T7281] erofs: (device loop1): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 495.956379][ T7281] erofs: (device loop1): mounted with root inode @ nid 36. [ 496.024857][ T7287] netlink: 4 bytes leftover after parsing attributes in process `syz.3.884'. [ 496.058676][ T7281] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 0 of nid 36 [ 498.698895][ T7320] netlink: 'syz.4.900': attribute type 21 has an invalid length. [ 498.708399][ T7320] netlink: 'syz.4.900': attribute type 6 has an invalid length. [ 498.963742][ T29] audit: type=1326 audit(1724794671.233:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7324 comm="syz.2.902" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f102bd79e79 code=0x0 [ 499.692549][ T7333] netlink: 'syz.4.906': attribute type 3 has an invalid length. [ 501.208513][ T45] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 501.452761][ T45] usb 1-1: Using ep0 maxpacket: 16 [ 501.492676][ T45] usb 1-1: too many configurations: 129, using maximum allowed: 8 [ 501.628744][ T7356] loop1: detected capacity change from 0 to 1024 [ 501.641833][ T45] usb 1-1: New USB device found, idVendor=108c, idProduct=0159, bcdDevice=20.64 [ 501.657063][ T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 501.692603][ T45] usb 1-1: config 0 descriptor?? [ 501.738287][ T7362] cgroup: name respecified [ 501.788112][ T45] etas_es58x 1-1:0.0: Starting (null) (null) (Serial Number (null)) [ 502.067495][ T45] usb 1-1: USB disconnect, device number 6 [ 502.365589][ T3049] hfsplus: b-tree write err: -5, ino 4 [ 502.466568][ T7368] loop4: detected capacity change from 0 to 64 [ 504.464138][ T7391] netlink: 12 bytes leftover after parsing attributes in process `syz.3.934'. [ 505.116344][ T7398] netlink: 708 bytes leftover after parsing attributes in process `syz.4.938'. [ 505.865396][ T7406] xt_hashlimit: invalid interval [ 507.456717][ T7430] netlink: 56 bytes leftover after parsing attributes in process `syz.1.953'. [ 507.469763][ T7430] netlink: 12 bytes leftover after parsing attributes in process `syz.1.953'. [ 507.479509][ T7430] netlink: 31 bytes leftover after parsing attributes in process `syz.1.953'. [ 507.495593][ T7430] netlink: 'syz.1.953': attribute type 2 has an invalid length. [ 507.504866][ T7430] netlink: 31 bytes leftover after parsing attributes in process `syz.1.953'. [ 507.620609][ T7432] loop2: detected capacity change from 0 to 1024 [ 508.347485][ T7441] netlink: 'syz.1.959': attribute type 1 has an invalid length. [ 509.588392][ T7459] loop0: detected capacity change from 0 to 1024 [ 510.197535][ T3026] hfsplus: b-tree write err: -5, ino 4 [ 510.442771][ T25] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 510.672555][ T25] usb 2-1: Using ep0 maxpacket: 16 [ 510.683993][ T7477] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled [ 510.757520][ T25] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 510.767987][ T25] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 510.776514][ T25] usb 2-1: Product: syz [ 510.781572][ T25] usb 2-1: Manufacturer: syz [ 510.890583][ T25] r8152-cfgselector 2-1: Unknown version 0x0000 [ 510.898723][ T25] r8152-cfgselector 2-1: config 0 descriptor?? [ 511.417565][ T7482] loop4: detected capacity change from 0 to 1024 [ 511.547281][ T7482] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 511.603773][ T7482] EXT4-fs error (device loop4): ext4_lookup:1811: comm syz.4.980: inode #12: comm syz.4.980: iget: illegal inode # [ 511.674498][ T25] r8152-cfgselector 2-1: USB disconnect, device number 8 [ 511.692796][ T7482] EXT4-fs (loop4): Remounting filesystem read-only [ 512.058531][ T5189] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 513.014015][ T7505] usb usb8: usbfs: process 7505 (syz.1.989) did not claim interface 0 before use [ 514.634634][ T7503] loop2: detected capacity change from 0 to 4096 [ 514.763315][ T7503] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 516.363124][ T7541] autofs4:pid:7541:validate_dev_ioctl: invalid path supplied for cmd(0xc018937e) [ 516.806354][ T7546] autofs: Bad value for 'fd' [ 517.114463][ T25] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 517.310689][ T29] audit: type=1326 audit(1724794689.603:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7552 comm="syz.3.1011" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a4f179e79 code=0x0 [ 517.335094][ T45] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 517.368873][ T7555] loop0: detected capacity change from 0 to 8 [ 517.398043][ T25] usb 3-1: Using ep0 maxpacket: 16 [ 517.446980][ T25] usb 3-1: New USB device found, idVendor=0471, idProduct=032c, bcdDevice=ba.e9 [ 517.457033][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 517.468113][ T25] usb 3-1: Product: syz [ 517.473216][ T25] usb 3-1: Manufacturer: syz [ 517.485463][ T25] usb 3-1: SerialNumber: syz [ 517.535600][ T25] usb 3-1: config 0 descriptor?? [ 517.596392][ T25] pwc: Philips SPC 880NC USB webcam detected. [ 517.613298][ T45] usb 2-1: Using ep0 maxpacket: 32 [ 517.647334][ T45] usb 2-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 517.657561][ T45] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 517.776559][ T45] usb 2-1: config 0 descriptor?? [ 517.895356][ T45] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 517.920471][ T25] pwc: Failed to set LED on/off time (-71) [ 517.957834][ T25] pwc: send_video_command error -71 [ 517.965748][ T25] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 517.976957][ T25] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71 [ 518.058945][ T25] usb 3-1: USB disconnect, device number 5 [ 518.281095][ T45] gspca_vc032x: reg_w err -71 [ 518.286634][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.292472][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.309118][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.317945][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.324541][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.330901][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.338043][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.345231][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.356267][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.366059][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.372658][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.380177][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.386680][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.392825][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.410170][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.419869][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.429752][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.435822][ T45] gspca_vc032x: I2c Bus Busy Wait 00 [ 518.446513][ T45] gspca_vc032x: Unknown sensor... [ 518.452625][ T45] vc032x 2-1:0.0: probe with driver vc032x failed with error -22 [ 518.526921][ T45] usb 2-1: USB disconnect, device number 9 [ 519.168886][ T7560] loop0: detected capacity change from 0 to 2048 [ 519.239132][ T7560] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 519.385910][ T7569] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 519.523663][ T7560] NILFS (loop0): error -2 reading inode: ino=1688849860263942 [ 520.099829][ T7580] sit0: mtu greater than device maximum [ 520.521096][ T7585] loop0: detected capacity change from 0 to 256 [ 520.743682][ T7590] No such timeout policy "syz0" [ 520.931906][ T7593] kAFS: unparsable volume name [ 521.102677][ T1762] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 521.412653][ T1762] usb 1-1: config 255 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 192 [ 521.427690][ T1762] usb 1-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config [ 521.439881][ T1762] usb 1-1: config 255 has no interfaces? [ 521.449970][ T1762] usb 1-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 521.463024][ T1762] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 521.838934][ T1762] usb 1-1: string descriptor 0 read error: -71 [ 521.902639][ T1762] usb 1-1: USB disconnect, device number 7 [ 522.754678][ T7613] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 525.845728][ T7663] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1062'. [ 527.323579][ T7680] netlink: 'syz.3.1071': attribute type 11 has an invalid length. [ 527.367945][ T7683] netlink: 'syz.0.1072': attribute type 7 has an invalid length. [ 527.377141][ T7683] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1072'. [ 527.442938][ T7682] loop1: detected capacity change from 0 to 512 [ 527.553825][ T7682] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 527.685072][ T7682] EXT4-fs (loop1): orphan cleanup on readonly fs [ 527.770279][ T7682] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1070: bg 0: block 248: padding at end of block bitmap is not set [ 527.881594][ T7682] Quota error (device loop1): write_blk: dquota write failed [ 527.890775][ T7682] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 527.901689][ T7682] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.1070: Failed to acquire dquot type 1 [ 528.050668][ T7682] EXT4-fs (loop1): 1 truncate cleaned up [ 528.104529][ T7682] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 528.205238][ T7682] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 528.290246][ T7682] EXT4-fs error (device loop1): __ext4_remount:6491: comm syz.1.1070: Abort forced by user [ 528.402948][ T5235] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 528.405339][ T7682] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 528.513606][ T7682] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 528.526606][ T7682] ext4 filesystem being remounted at /82/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 528.695342][ T5235] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 528.707527][ T5235] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 244, changing to 11 [ 528.719411][ T5235] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 34756, setting to 1024 [ 528.731659][ T5235] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 528.748907][ T5235] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 528.761975][ T5235] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 32 [ 528.772710][ T5235] usb 4-1: config 0 interface 0 altsetting 0 has 6 endpoint descriptors, different from the interface descriptor's value: 5 [ 528.881419][ T5235] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 528.891281][ T5235] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 528.899940][ T5235] usb 4-1: Product: syz [ 528.899959][ T7682] syz.1.1070 (7682) used greatest stack depth: 3304 bytes left [ 528.912832][ T5235] usb 4-1: Manufacturer: syz [ 528.918622][ T5235] usb 4-1: SerialNumber: syz [ 528.996221][ T5235] usb 4-1: config 0 descriptor?? [ 529.008419][ T7692] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 529.019231][ T6422] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 529.075220][ T7692] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 529.200101][ T5235] garmin_gps 4-1:0.0: Garmin GPS usb/tty converter detected [ 529.283881][ T5235] usb 4-1: Garmin GPS usb/tty converter now attached to ttyUSB0 [ 529.838479][ T7710] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1084'. [ 530.940561][ T7692] loop3: detected capacity change from 0 to 4096 [ 531.307518][ T1762] usb 4-1: USB disconnect, device number 4 [ 531.397616][ T1762] garmin_gps ttyUSB0: Garmin GPS usb/tty converter now disconnected from ttyUSB0 [ 531.429401][ T1762] garmin_gps 4-1:0.0: device disconnected [ 532.378087][ T7738] loop4: detected capacity change from 0 to 2048 [ 532.469878][ T7738] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 532.523689][ T7738] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 532.651096][ T7738] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 532.662968][ T1762] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 532.743963][ T7747] netlink: 'syz.3.1101': attribute type 11 has an invalid length. [ 532.752650][ T7747] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1101'. [ 532.900585][ T1762] usb 2-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af [ 532.912290][ T1762] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 532.998761][ T1762] usb 2-1: config 0 descriptor?? [ 533.055125][ T1762] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 533.542551][ T1762] gspca_sonixj: reg_r err -71 [ 533.548191][ T1762] sonixj 2-1:0.0: probe with driver sonixj failed with error -71 [ 533.559448][ T7755] loop3: detected capacity change from 0 to 256 [ 533.668991][ T1762] usb 2-1: USB disconnect, device number 10 [ 534.315573][ T5193] Bluetooth: hci5: command 0x0406 tx timeout [ 534.435744][ T7764] loop3: detected capacity change from 0 to 256 [ 534.845827][ T7764] FAT-fs (loop3): Directory bread(block 64) failed [ 534.853304][ T7764] FAT-fs (loop3): Directory bread(block 65) failed [ 534.860381][ T7764] FAT-fs (loop3): Directory bread(block 66) failed [ 534.867888][ T7764] FAT-fs (loop3): Directory bread(block 67) failed [ 534.875222][ T7764] FAT-fs (loop3): Directory bread(block 68) failed [ 534.882385][ T7764] FAT-fs (loop3): Directory bread(block 69) failed [ 534.897600][ T7764] FAT-fs (loop3): Directory bread(block 70) failed [ 534.904617][ T7764] FAT-fs (loop3): Directory bread(block 71) failed [ 534.911690][ T7764] FAT-fs (loop3): Directory bread(block 72) failed [ 534.918990][ T7764] FAT-fs (loop3): Directory bread(block 73) failed [ 535.255970][ T7774] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 535.660466][ T7781] loop4: detected capacity change from 0 to 256 [ 537.748151][ T29] audit: type=1326 audit(1724794710.053:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7806 comm="syz.1.1131" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4bfdf79e79 code=0x0 [ 538.184799][ T7814] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1135'. [ 538.195819][ T7814] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1135'. [ 538.205290][ T7814] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1135'. [ 539.430895][ T7836] loop0: detected capacity change from 0 to 256 [ 539.824047][ T7836] FAT-fs (loop0): Directory bread(block 64) failed [ 539.831958][ T7836] FAT-fs (loop0): Directory bread(block 65) failed [ 539.840305][ T7836] FAT-fs (loop0): Directory bread(block 66) failed [ 539.848262][ T7836] FAT-fs (loop0): Directory bread(block 67) failed [ 539.855400][ T7836] FAT-fs (loop0): Directory bread(block 68) failed [ 539.862557][ T7836] FAT-fs (loop0): Directory bread(block 69) failed [ 539.870219][ T7836] FAT-fs (loop0): Directory bread(block 70) failed [ 539.878582][ T7836] FAT-fs (loop0): Directory bread(block 71) failed [ 539.886507][ T7836] FAT-fs (loop0): Directory bread(block 72) failed [ 539.893877][ T7836] FAT-fs (loop0): Directory bread(block 73) failed [ 539.952754][ T7844] warning: `syz.1.1147' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 540.559606][ T7852] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1152'. [ 540.843009][ T7848] loop2: detected capacity change from 0 to 2048 [ 541.105687][ T7848] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 541.284989][ T7848] UDF-fs: unknown compression code (0) [ 541.360317][ T7860] loop3: detected capacity change from 0 to 64 [ 541.735157][ T29] audit: type=1800 audit(1724794713.963:26): pid=7860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1156" name="bus" dev="loop3" ino=21 res=0 errno=0 [ 542.446695][ T1244] ieee802154 phy0 wpan0: encryption failed: -22 [ 542.454963][ T1244] ieee802154 phy1 wpan1: encryption failed: -22 [ 543.194857][ T7885] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1165'. [ 543.206387][ T7885] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1165'. [ 543.878562][ T7894] syz.2.1169 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 544.043744][ T7898] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw [ 544.479454][ T7903] 9pnet_fd: p9_fd_create_tcp (7903): problem connecting socket to 127.0.0.1 [ 544.860448][ T7907] netlink: 'syz.3.1178': attribute type 12 has an invalid length. [ 545.799196][ T7920] netlink: 144 bytes leftover after parsing attributes in process `syz.2.1183'. [ 547.061443][ T7938] netlink: 'syz.2.1192': attribute type 32 has an invalid length. [ 547.667287][ T1762] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 547.677198][ T29] audit: type=1326 audit(1724794719.973:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a4f179e79 code=0x7ffc0000 [ 547.677561][ T29] audit: type=1326 audit(1724794719.983:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a4f179e79 code=0x7ffc0000 [ 547.677805][ T29] audit: type=1326 audit(1724794720.023:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f3a4f179e79 code=0x7ffc0000 [ 547.678038][ T29] audit: type=1326 audit(1724794720.023:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7945 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a4f179e79 code=0x7ffc0000 [ 548.085576][ T1762] usb 2-1: Using ep0 maxpacket: 8 [ 548.172678][ T1762] usb 2-1: config 8 has an invalid interface number: 188 but max is 0 [ 548.181761][ T1762] usb 2-1: config 8 has no interface number 0 [ 548.189165][ T1762] usb 2-1: config 8 interface 188 altsetting 0 has an endpoint descriptor with address 0xFD, changing to 0x8D [ 548.213114][ T1762] usb 2-1: config 8 interface 188 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 548.324043][ T1762] usb 2-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=8f.67 [ 548.335939][ T1762] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 548.345634][ T1762] usb 2-1: Product: syz [ 548.350257][ T1762] usb 2-1: Manufacturer: syz [ 548.355873][ T1762] usb 2-1: SerialNumber: syz [ 548.791174][ T1762] comedi comedi0: driver 'vmk80xx' has successfully auto-configured 'K8055 (VM110)'. [ 548.884005][ T1762] usb 2-1: USB disconnect, device number 11 [ 549.257180][ T7965] smc: removing ib device syz2 [ 553.183748][ T7983] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1211'. [ 553.703970][ T7990] netlink: 'syz.3.1215': attribute type 2 has an invalid length. [ 554.211465][ T7998] loop0: detected capacity change from 0 to 256 [ 554.376076][ T8000] netlink: 336 bytes leftover after parsing attributes in process `syz.3.1220'. [ 555.417783][ T7993] loop1: detected capacity change from 0 to 4096 [ 555.435562][ T8008] xt_connbytes: Forcing CT accounting to be enabled [ 555.444864][ T8008] xt_NFQUEUE: number of total queues is 0 [ 555.702666][ T8010] openvswitch: netlink: Key 0 has unexpected len 8 expected 0 [ 555.901856][ T7993] ntfs3: loop1: ino=1e, "file1" failed to parse mft record [ 555.911996][ T7993] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 555.990402][ T7993] ntfs3: loop1: ino=1e, "file1" attr_set_size [ 557.604134][ T8034] O3ãc¤±: renamed from bridge_slave_0 (while UP) [ 557.857281][ T8033] loop4: detected capacity change from 0 to 1024 [ 558.278354][ T8022] loop0: detected capacity change from 0 to 4096 [ 558.364647][ T3308] hfsplus: b-tree write err: -5, ino 4 [ 559.448593][ T8052] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1247'. [ 559.547365][ T8054] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1248'. [ 562.442059][ T8097] loop3: detected capacity change from 0 to 256 [ 563.112860][ T8104] qrtr: Invalid version 179 [ 563.752579][ T8094] loop2: detected capacity change from 0 to 4096 [ 563.842588][ T8094] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 564.425102][ T8094] ntfs3: loop2: failed to convert "c46c" to euc-jp [ 568.663294][ T8179] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1308'. [ 568.673179][ T8179] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1308'. [ 568.690662][ T8179] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1308'. [ 569.874865][ T8196] netlink: 'syz.4.1316': attribute type 16 has an invalid length. [ 569.884165][ T8196] netlink: 'syz.4.1316': attribute type 17 has an invalid length. [ 571.120676][ T8222] deleting an unspecified loop device is not supported. [ 571.674174][ T8196] bridge0: port 2(bridge_slave_1) entered disabled state [ 571.684588][ T8196] bridge0: port 1(bridge_slave_0) entered disabled state [ 572.589914][ T8244] loop2: detected capacity change from 0 to 64 [ 573.518764][ T8196] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 573.581263][ T8196] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 574.581484][ T8196] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 574.595651][ T8196] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 574.607033][ T8196] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 574.626296][ T8196] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 575.067421][ T8207] netlink: 'syz.3.1320': attribute type 32 has an invalid length. [ 575.076622][ T8207] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1320'. [ 575.086589][ T8207] (unnamed net_device) (uninitialized): option coupled_control: mode dependency failed, not supported in mode balance-rr(0) [ 575.141499][ T8240] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1329'. [ 575.866690][ T8259] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1334'. [ 577.179739][ T8273] netlink: 'syz.2.1343': attribute type 1 has an invalid length. [ 577.188604][ T8273] netlink: 83992 bytes leftover after parsing attributes in process `syz.2.1343'. [ 581.226478][ T8330] loop1: detected capacity change from 0 to 64 [ 581.315934][ T5239] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 581.349244][ T8330] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 581.534231][ T29] audit: type=1326 audit(1724794753.893:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8333 comm="syz.3.1373" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a4f179e79 code=0x0 [ 581.600580][ T5239] usb 3-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=c2.c6 [ 581.612587][ T5239] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 581.724848][ T5239] usb 3-1: config 0 descriptor?? [ 582.272477][ T5239] mxuport 3-1:0.0: mxuport_recv_ctrl_urb - usb_control_msg failed (-71) [ 582.282050][ T5239] mxuport 3-1:0.0: probe with driver mxuport failed with error -5 [ 582.379099][ T5239] usb 3-1: USB disconnect, device number 6 [ 582.771294][ T8350] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1380'. [ 583.093166][ T8353] loop4: detected capacity change from 0 to 512 [ 583.277451][ T8353] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 583.291605][ T8353] ext4 filesystem being mounted at /286/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 583.398190][ T8360] loop3: detected capacity change from 0 to 8 [ 583.533493][ T8361] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1384'. [ 583.575406][ T8360] SQUASHFS error: lzo decompression failed, data probably corrupt [ 583.585569][ T8360] SQUASHFS error: Failed to read block 0x91: -5 [ 583.595327][ T8360] SQUASHFS error: Unable to read metadata cache entry [8f] [ 583.605995][ T8360] SQUASHFS error: Unable to read inode 0x11f [ 583.715207][ T8365] syz.2.1386: attempt to access beyond end of device [ 583.715207][ T8365] loop2: rw=0, sector=2, nr_sectors = 2 limit=0 [ 583.738784][ T8365] syz.2.1386: attempt to access beyond end of device [ 583.738784][ T8365] loop2: rw=0, sector=0, nr_sectors = 2 limit=0 [ 583.756794][ T8365] syz.2.1386: attempt to access beyond end of device [ 583.756794][ T8365] loop2: rw=0, sector=0, nr_sectors = 2 limit=0 [ 583.774993][ T8365] syz.2.1386: attempt to access beyond end of device [ 583.774993][ T8365] loop2: rw=0, sector=18, nr_sectors = 2 limit=0 [ 583.790124][ T8365] syz.2.1386: attempt to access beyond end of device [ 583.790124][ T8365] loop2: rw=0, sector=30, nr_sectors = 2 limit=0 [ 583.806244][ T8365] syz.2.1386: attempt to access beyond end of device [ 583.806244][ T8365] loop2: rw=0, sector=36, nr_sectors = 2 limit=0 [ 584.017468][ T5189] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 585.233332][ T8386] netlink: 'syz.2.1396': attribute type 2 has an invalid length. [ 585.369202][ T8387] loop1: detected capacity change from 0 to 128 [ 587.881059][ T8426] netlink: 'syz.3.1417': attribute type 8 has an invalid length. [ 587.890982][ T8426] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1417'. [ 588.091010][ T8428] binder: 8427:8428 ioctl 541b 0 returned -22 [ 588.128520][ T8422] loop4: detected capacity change from 0 to 2048 [ 588.199356][ T8422] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 588.280835][ T8422] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 589.450096][ T8450] loop1: detected capacity change from 0 to 8 [ 589.696716][ T8450] SQUASHFS error: Failed to read block 0x260633: -5 [ 589.706605][ T8450] SQUASHFS error: Unable to read metadata cache entry [260633] [ 589.715880][ T8450] SQUASHFS error: Unable to read directory block [260633:0] [ 591.855819][ T8485] loop4: detected capacity change from 0 to 64 [ 591.893304][ T8486] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1446'. [ 591.939472][ T8485] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. mounting read-only. [ 592.076596][ T8488] loop2: detected capacity change from 0 to 256 [ 592.401091][ T8488] FAT-fs (loop2): Directory bread(block 64) failed [ 592.410765][ T8488] FAT-fs (loop2): Directory bread(block 65) failed [ 592.418937][ T8488] FAT-fs (loop2): Directory bread(block 66) failed [ 592.429464][ T8488] FAT-fs (loop2): Directory bread(block 67) failed [ 592.444480][ T8488] FAT-fs (loop2): Directory bread(block 68) failed [ 592.454818][ T8488] FAT-fs (loop2): Directory bread(block 69) failed [ 592.464018][ T8488] FAT-fs (loop2): Directory bread(block 70) failed [ 592.472812][ T8488] FAT-fs (loop2): Directory bread(block 71) failed [ 592.480872][ T8488] FAT-fs (loop2): Directory bread(block 72) failed [ 592.491775][ T8488] FAT-fs (loop2): Directory bread(block 73) failed [ 595.696274][ T8517] loop3: detected capacity change from 0 to 4096 [ 595.863060][ T8539] i2c i2c-0: Invalid block write size 255 [ 595.957509][ T8540] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 596.409135][ T8548] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1475'. [ 596.420170][ T8548] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1475'. [ 597.994660][ T8566] __vm_enough_memory: pid: 8566, comm: syz.0.1482, bytes: 4503599627366400 not enough memory for the allocation [ 598.475417][ T10] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 598.551748][ T8576] netlink: 4280 bytes leftover after parsing attributes in process `syz.3.1488'. [ 598.743577][ T10] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 598.755989][ T10] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 598.767342][ T10] usb 3-1: too many endpoints for config 1 interface 1 altsetting 255: 255, using maximum allowed: 30 [ 598.784909][ T10] usb 3-1: config 1 interface 1 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 598.800402][ T10] usb 3-1: config 1 interface 1 has no altsetting 0 [ 598.905058][ T10] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 598.915247][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 598.925029][ T10] usb 3-1: Product: syz [ 598.932320][ T10] usb 3-1: Manufacturer: syz [ 598.938178][ T10] usb 3-1: SerialNumber: syz [ 599.343278][ T10] usb 3-1: 0:2 : does not exist [ 599.500651][ T10] usb 3-1: USB disconnect, device number 7 [ 601.022727][ T5239] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 601.282433][ T5239] usb 4-1: Using ep0 maxpacket: 8 [ 601.363006][ T5239] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 601.373869][ T5239] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 601.384478][ T5239] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 601.394006][ T5239] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 601.494187][ T5239] usb 4-1: config 0 descriptor?? [ 601.532791][ T5239] iowarrior 4-1:0.0: no interrupt-in endpoint found [ 601.744555][ T8622] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1510'. [ 601.788013][ T5239] usb 4-1: USB disconnect, device number 5 [ 602.732881][ T10] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 602.923407][ T8634] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma? [ 603.000229][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 603.115331][ T10] usb 5-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 603.125504][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 603.135287][ T10] usb 5-1: Product: syz [ 603.140367][ T10] usb 5-1: Manufacturer: syz [ 603.145770][ T10] usb 5-1: SerialNumber: syz [ 603.205083][ T10] usb 5-1: config 0 descriptor?? [ 603.236950][ T10] gspca_main: sq930x-2.14.0 probing 2770:930c [ 603.269197][ T5239] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 603.537864][ T5239] usb 1-1: Using ep0 maxpacket: 32 [ 603.559874][ T5239] usb 1-1: New USB device found, idVendor=055f, idProduct=c232, bcdDevice=de.ab [ 603.568960][ T8638] loop3: detected capacity change from 0 to 512 [ 603.569962][ T5239] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 603.611669][ T8638] EXT4-fs: Ignoring removed nomblk_io_submit option [ 603.657441][ T8642] loop1: detected capacity change from 0 to 8 [ 603.671213][ T5239] usb 1-1: config 0 descriptor?? [ 603.716913][ T10] gspca_sq930x: ucbus_write failed -71 [ 603.723631][ T10] sq930x 5-1:0.0: probe with driver sq930x failed with error -71 [ 603.724452][ T8638] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 603.745164][ T8638] ext4 filesystem being mounted at /307/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 603.764579][ T10] usb 5-1: USB disconnect, device number 5 [ 603.822905][ T5239] gspca_main: sunplus-2.14.0 probing 055f:c232 [ 603.857272][ T1244] ieee802154 phy0 wpan0: encryption failed: -22 [ 603.865039][ T1244] ieee802154 phy1 wpan1: encryption failed: -22 [ 603.881586][ T8642] process 'syz.1.1519' launched './file2' with NULL argv: empty string added [ 603.942624][ T8642] cramfs: Error -3 while decompressing! [ 603.949232][ T8642] cramfs: ffffffff94418718(26)->ffff888021e8c000(4096) [ 603.957759][ T8642] cramfs: Error -3 while decompressing! [ 603.966246][ T8642] cramfs: ffffffff94418732(26)->ffff888021e8d000(4096) [ 603.974562][ T8642] cramfs: Error -3 while decompressing! [ 603.981818][ T8642] cramfs: ffffffff94418718(26)->ffff888021e8c000(4096) [ 604.224576][ T5239] gspca_sunplus: reg_r err -71 [ 604.230316][ T5239] sunplus 1-1:0.0: probe with driver sunplus failed with error -71 [ 604.283645][ T5239] usb 1-1: USB disconnect, device number 8 [ 604.335228][ T5184] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 605.577658][ T8662] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1529'. [ 606.059202][ T8649] loop1: detected capacity change from 0 to 4096 [ 606.221797][ T8649] NILFS (loop1): invalid segment: Checksum error in segment payload [ 606.232742][ T8649] NILFS (loop1): trying rollback from an earlier position [ 606.264688][ T10] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 606.325774][ T8649] NILFS (loop1): recovery complete [ 606.373711][ T8673] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 606.575043][ T10] usb 1-1: New USB device found, idVendor=0c45, idProduct=6240, bcdDevice=9f.28 [ 606.585592][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 606.595360][ T10] usb 1-1: Product: syz [ 606.600147][ T10] usb 1-1: Manufacturer: syz [ 606.606737][ T10] usb 1-1: SerialNumber: syz [ 606.696381][ T10] usb 1-1: config 0 descriptor?? [ 606.777473][ T10] gspca_main: gspca_sn9c20x-2.14.0 probing 0c45:6240 [ 607.053070][ T10] gspca_sn9c20x: Write register 1000 failed -71 [ 607.060084][ T10] gspca_sn9c20x: Device initialization failed [ 607.070028][ T10] gspca_sn9c20x 1-1:0.0: probe with driver gspca_sn9c20x failed with error -71 [ 607.226976][ T10] usb 1-1: USB disconnect, device number 9 [ 607.700231][ T8683] loop4: detected capacity change from 0 to 256 [ 608.029357][ T8683] FAT-fs (loop4): Directory bread(block 64) failed [ 608.037647][ T8683] FAT-fs (loop4): Directory bread(block 65) failed [ 608.046771][ T8683] FAT-fs (loop4): Directory bread(block 66) failed [ 608.053944][ T8683] FAT-fs (loop4): Directory bread(block 67) failed [ 608.061718][ T8683] FAT-fs (loop4): Directory bread(block 68) failed [ 608.069001][ T8683] FAT-fs (loop4): Directory bread(block 69) failed [ 608.076669][ T8683] FAT-fs (loop4): Directory bread(block 70) failed [ 608.083091][ T8686] loop3: detected capacity change from 0 to 512 [ 608.083985][ T8683] FAT-fs (loop4): Directory bread(block 71) failed [ 608.109538][ T8683] FAT-fs (loop4): Directory bread(block 72) failed [ 608.119230][ T8683] FAT-fs (loop4): Directory bread(block 73) failed [ 608.285344][ T8686] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 608.300024][ T8686] ext4 filesystem being mounted at /313/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 608.461861][ T8686] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #15: comm syz.3.1540: corrupted xattr block 33: invalid ea_ino [ 608.974190][ T5184] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 609.869985][ T8714] unsupported nla_type 40 [ 611.805556][ T8733] loop1: detected capacity change from 0 to 2048 [ 611.916718][ T8733] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 612.545487][ T8751] netlink: 'syz.2.1568': attribute type 21 has an invalid length. [ 612.557488][ T8751] IPv6: NLM_F_CREATE should be specified when creating new route [ 612.565770][ T8749] loop0: detected capacity change from 0 to 512 [ 612.752561][ T8749] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 612.765300][ T8749] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it [ 612.776068][ T8749] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.1567: Corrupt directory, running e2fsck is recommended [ 612.825605][ T8749] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 612.894198][ T8749] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.1567: corrupted in-inode xattr: invalid ea_ino [ 612.996640][ T8749] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1567: couldn't read orphan inode 15 (err -117) [ 613.041309][ T8749] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 613.163566][ T8749] EXT4-fs error (device loop0): ext4_xattr_set_entry:1668: inode #2: comm syz.0.1567: corrupted xattr entries [ 613.474835][ T5180] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 614.338046][ T8205] usb 1-1: new full-speed USB device number 10 using dummy_hcd [ 614.671711][ T8205] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 614.681596][ T8205] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 614.691504][ T8205] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 614.702589][ T8205] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 614.712579][ T8205] usb 1-1: config 1 has no interface number 0 [ 614.719128][ T8205] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d6.01 [ 614.728685][ T8205] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 614.761675][ T8782] loop3: detected capacity change from 0 to 512 [ 614.814175][ T8782] EXT4-fs: Ignoring removed nobh option [ 614.822688][ T8782] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 614.878336][ T8782] EXT4-fs (loop3): 1 truncate cleaned up [ 614.890782][ T8205] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [ 614.933819][ T8782] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 615.213172][ T8205] snd_usb_pod 1-1:1.1: endpoint not available, using fallback values [ 615.226060][ T8205] snd_usb_pod 1-1:1.1: invalid control EP [ 615.232495][ T8205] snd_usb_pod 1-1:1.1: cannot start listening: -22 [ 615.239501][ T8205] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected [ 615.250633][ T8205] snd_usb_pod 1-1:1.1: probe with driver snd_usb_pod failed with error -22 [ 615.414166][ T8205] usb 1-1: USB disconnect, device number 10 [ 615.534630][ T5184] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 615.754683][ T8788] loop4: detected capacity change from 0 to 2048 [ 615.798756][ T8788] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 615.913754][ T8795] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 615.944758][ T8788] syz.4.1585: attempt to access beyond end of device [ 615.944758][ T8788] loop4: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 616.123050][ T8788] syz.4.1585: attempt to access beyond end of device [ 616.123050][ T8788] loop4: rw=0, sector=33554430, nr_sectors = 2 limit=2048 [ 616.142632][ T8788] NILFS (loop4): I/O error reading meta-data file (ino=6, block-offset=3) [ 616.156931][ T8788] NILFS (loop4): error -5 reading inode: ino=12 [ 617.802434][ T10] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 617.955738][ T8] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 618.122597][ T10] usb 2-1: New USB device found, idVendor=0c45, idProduct=60a8, bcdDevice=b5.55 [ 618.139361][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 618.149904][ T10] usb 2-1: Product: syz [ 618.155013][ T10] usb 2-1: Manufacturer: syz [ 618.160251][ T10] usb 2-1: SerialNumber: syz [ 618.200922][ T10] usb 2-1: config 0 descriptor?? [ 618.239642][ T8] usb 4-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d [ 618.251088][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 618.280043][ T10] gspca_main: sonixb-2.14.0 probing 0c45:60a8 [ 618.336336][ T8] usb 4-1: config 0 descriptor?? [ 618.734665][ T10] sonixb 2-1:0.0: Error writing register 01: -71 [ 618.743574][ T10] sonixb 2-1:0.0: probe with driver sonixb failed with error -71 [ 618.806246][ T10] usb 2-1: USB disconnect, device number 12 [ 619.018647][ T8] hackrf 4-1:0.0: usb_control_msg() failed -71 request 0f [ 619.027057][ T8] hackrf 4-1:0.0: Could not detect board [ 619.034326][ T8] hackrf 4-1:0.0: probe with driver hackrf failed with error -71 [ 619.091791][ T8] usb 4-1: USB disconnect, device number 6 [ 619.245245][ T8837] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1607'. [ 619.256253][ T8837] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1607'. [ 619.946029][ T8845] befs: (nbd1): No write support. Marking filesystem read-only [ 619.955972][ T8845] syz.1.1611: attempt to access beyond end of device [ 619.955972][ T8845] nbd1: rw=0, sector=0, nr_sectors = 2 limit=0 [ 620.166668][ T8848] trusted_key: encrypted_key: insufficient parameters specified [ 621.018804][ T8861] netlink: 45 bytes leftover after parsing attributes in process `syz.3.1619'. [ 622.255640][ T8880] netlink: 67 bytes leftover after parsing attributes in process `syz.2.1628'. [ 623.494506][ T8] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 623.739735][ T8] usb 5-1: New USB device found, idVendor=064b, idProduct=7825, bcdDevice=72.93 [ 623.749604][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 623.804420][ T8] usb 5-1: config 0 descriptor?? [ 623.852092][ T8] upd78f0730 5-1:0.0: upd78f0730 converter detected [ 623.966864][ T8] usb 5-1: upd78f0730 converter now attached to ttyUSB0 [ 624.049019][ T8] usb 5-1: USB disconnect, device number 6 [ 624.095891][ T8] upd78f0730 ttyUSB0: upd78f0730 converter now disconnected from ttyUSB0 [ 624.110430][ T8] upd78f0730 5-1:0.0: device disconnected [ 624.130257][ T8910] Cannot find add_set index 0 as target [ 624.173335][ T8911] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1642'. [ 624.193337][ T8911] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1642'. [ 625.524255][ T8920] loop1: detected capacity change from 0 to 2048 [ 625.605578][ T8920] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 625.672975][ T8205] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 625.782738][ T8920] UDF-fs: error (device loop1): udf_verify_fi: directory (ino 1376) has entry at pos 232 with incorrect tag 0 [ 625.926207][ T8205] usb 1-1: Using ep0 maxpacket: 16 [ 626.003697][ T8205] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 626.016652][ T8205] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 626.131324][ T8205] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00 [ 626.145151][ T8205] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 626.154640][ T8205] usb 1-1: SerialNumber: syz [ 626.235978][ T8205] usb 1-1: 0:2 : does not exist [ 626.650659][ T8205] usb 1-1: USB disconnect, device number 11 [ 627.071089][ T8946] netlink: 'syz.4.1660': attribute type 1 has an invalid length. [ 627.079741][ T8946] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 627.987594][ T8949] loop1: detected capacity change from 0 to 2048 [ 628.113086][ T8949] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 628.290396][ T8962] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 628.567327][ T8964] loop0: detected capacity change from 0 to 1024 [ 629.242750][ T29] audit: type=1800 audit(1724794801.533:32): pid=8956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.4.1665" name="/" dev="sockfs" ino=19503 res=0 errno=0 [ 629.598925][ T8964] EXT4-fs: Ignoring removed nomblk_io_submit option [ 629.680426][ T8964] EXT4-fs (loop0): Test dummy encryption mode enabled [ 629.736139][ T8960] loop4: detected capacity change from 0 to 4096 [ 629.780750][ T8960] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 629.826605][ T8964] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 629.871247][ T8960] ntfs3: loop4: Failed to load $MFT. [ 630.899215][ T8995] loop4: detected capacity change from 0 to 64 [ 630.928411][ T8964] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))" [ 631.053040][ T8995] hfs: bad catalog entry type 0 [ 631.483522][ T5180] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 631.499024][ T8986] loop1: detected capacity change from 0 to 4096 [ 631.735134][ T9003] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1683'. [ 631.744572][ T9003] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1683'. [ 632.510942][ T29] audit: type=1326 audit(1724794804.803:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9009 comm="syz.4.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd83f79e79 code=0x7ffc0000 [ 632.534548][ T29] audit: type=1326 audit(1724794804.853:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9009 comm="syz.4.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd83f79e79 code=0x7ffc0000 [ 632.543458][ T9012] mmap: syz.4.1685 (9012) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 632.558733][ T29] audit: type=1326 audit(1724794804.903:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9009 comm="syz.4.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7fdd83f79e79 code=0x7ffc0000 [ 632.701174][ T29] audit: type=1326 audit(1724794805.003:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9009 comm="syz.4.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd83f79e79 code=0x7ffc0000 [ 632.724464][ T29] audit: type=1326 audit(1724794805.003:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9009 comm="syz.4.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd83f79e79 code=0x7ffc0000 [ 633.193954][ T9023] loop4: detected capacity change from 0 to 256 [ 633.253937][ T9024] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1691'. [ 633.265153][ T9024] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1691'. [ 633.374115][ T9023] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 634.063111][ T9034] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1696'. [ 634.076519][ T9034] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1696'. [ 634.089304][ T9034] Zero length message leads to an empty skb [ 634.483853][ T9040] netlink: 11 bytes leftover after parsing attributes in process `syz.4.1700'. [ 634.727900][ T9042] loop2: detected capacity change from 0 to 1024 [ 634.901254][ T9042] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 635.467976][ T5185] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 636.063708][ T29] audit: type=1326 audit(1724794808.363:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9061 comm="syz.2.1708" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f102bd79e79 code=0x0 [ 637.070509][ T9074] loop3: detected capacity change from 0 to 2048 [ 637.164283][ T9076] loop1: detected capacity change from 0 to 2048 [ 637.193985][ T9074] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 637.206695][ T9076] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 637.305237][ T9081] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 637.329388][ T9085] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 637.527653][ T9088] loop2: detected capacity change from 0 to 512 [ 637.777243][ T9088] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.1719: corrupted in-inode xattr: invalid ea_ino [ 637.808832][ T9092] loop0: detected capacity change from 0 to 1024 [ 637.872619][ T9088] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1719: couldn't read orphan inode 15 (err -117) [ 637.921711][ T9094] netlink: 'syz.4.1721': attribute type 1 has an invalid length. [ 637.997204][ T9088] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 638.231310][ T9088] EXT4-fs error (device loop2): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.2.1719: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0 [ 638.452042][ T9096] loop1: detected capacity change from 0 to 256 [ 638.461838][ T9096] exfat: Deprecated parameter 'utf8' [ 638.467723][ T9096] exfat: Deprecated parameter 'utf8' [ 638.570581][ T9096] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xfa3b3837, utbl_chksum : 0xe619d30d) [ 638.694657][ T5185] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 638.899142][ T8214] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 639.145153][ T8214] usb 4-1: Using ep0 maxpacket: 16 [ 639.184521][ T8214] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 639.197024][ T8214] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 639.208492][ T8214] usb 4-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.00 [ 639.218244][ T8214] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 639.305566][ T8214] usb 4-1: config 0 descriptor?? [ 639.424270][ T9106] loop1: detected capacity change from 0 to 1024 [ 639.454304][ T9106] EXT4-fs: Ignoring removed orlov option [ 639.461600][ T9106] EXT4-fs: Ignoring removed nomblk_io_submit option [ 639.563300][ T9106] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002] [ 639.604149][ T9106] System zones: 0-1, 3-36 [ 639.693461][ T9113] ucma_write: process 752 (syz.2.1730) changed security contexts after opening file descriptor, this is not allowed. [ 639.714841][ T9106] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 639.909770][ T8214] apple 0003:05AC:0247.0001: unknown main item tag 0xd [ 639.918221][ T8214] apple 0003:05AC:0247.0001: unexpected long global item [ 640.002458][ T8214] apple 0003:05AC:0247.0001: parse failed [ 640.009333][ T8214] apple 0003:05AC:0247.0001: probe with driver apple failed with error -22 [ 640.124758][ T9106] EXT4-fs: Cannot change journaled quota options when quota turned on [ 640.141931][ T8214] usb 4-1: USB disconnect, device number 7 [ 640.336899][ T9119] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1732'. [ 640.349870][ T9119] netlink: 'syz.2.1732': attribute type 10 has an invalid length. [ 640.497423][ T6422] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 641.398453][ T9133] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1739'. [ 641.408663][ T9133] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 641.419031][ T9133] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 642.577915][ T9144] ALSA: seq fatal error: cannot create timer (-19) [ 643.704558][ T9173] loop1: detected capacity change from 0 to 256 [ 643.738503][ T9173] exfat: Deprecated parameter 'namecase' [ 643.773004][ T8214] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 643.824050][ T9173] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 644.032032][ T8214] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 644.053428][ T8214] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 644.069646][ T8214] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 644.083853][ T8214] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1d00, bcdDevice= 0.00 [ 644.093517][ T8214] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 644.207930][ T8214] usb 5-1: config 0 descriptor?? [ 644.441170][ T9177] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1758'. [ 644.693565][ T8214] corsair-cpro 0003:1B1C:1D00.0002: unbalanced collection at end of report description [ 644.770089][ T8214] corsair-cpro 0003:1B1C:1D00.0002: probe with driver corsair-cpro failed with error -22 [ 644.907507][ T10] usb 5-1: USB disconnect, device number 7 [ 646.042650][ T10] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 646.313473][ T10] usb 3-1: Using ep0 maxpacket: 32 [ 646.346343][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 646.358612][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 646.370691][ T10] usb 3-1: New USB device found, idVendor=046d, idProduct=c714, bcdDevice= 0.00 [ 646.382798][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 646.474016][ T10] usb 3-1: config 0 descriptor?? [ 647.392954][ T8] usb 3-1: USB disconnect, device number 8 [ 647.724846][ T9217] netlink: 'syz.3.1778': attribute type 6 has an invalid length. [ 647.737560][ T9217] netlink: 14557 bytes leftover after parsing attributes in process `syz.3.1778'. [ 650.317372][ T9239] loop2: detected capacity change from 0 to 4096 [ 650.376415][ T9239] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 650.743286][ T9239] ntfs3: loop2: Failed to load $Extend (-22). [ 650.749825][ T9239] ntfs3: loop2: Failed to initialize $Extend. [ 650.891185][ T9239] ntfs3: loop2: ino=21, "blkio.bfq.io_service_time_recursive" fallocate(0x40) is not supported [ 650.973402][ T9266] sctp: [Deprecated]: syz.1.1801 (pid 9266) Use of struct sctp_assoc_value in delayed_ack socket option. [ 650.973402][ T9266] Use struct sctp_sack_info instead [ 651.914691][ T9280] (unnamed net_device) (uninitialized): (slave tunl0): Device is not bonding slave [ 651.934352][ T9280] (unnamed net_device) (uninitialized): option active_slave: invalid value (tunl0) [ 653.402659][ T8] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 653.622513][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 653.649233][ T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 653.662639][ T8] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 653.677525][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 653.690337][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 653.700921][ T8] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 653.791987][ T8] usb 3-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 653.801720][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 653.811587][ T8] usb 3-1: Product: syz [ 653.817175][ T8] usb 3-1: Manufacturer: syz [ 653.822706][ T8] usb 3-1: SerialNumber: syz [ 653.906145][ T8] usb 3-1: config 0 descriptor?? [ 654.217924][ T8] radio-si470x 3-1:0.0: DeviceID=0x0000 ChipID=0x0000 [ 654.225836][ T8] radio-si470x 3-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0. [ 654.442527][ T8] radio-si470x 3-1:0.0: software version 0, hardware version 0 [ 654.450639][ T8] radio-si470x 3-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0. [ 654.464416][ T8] radio-si470x 3-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org [ 654.673203][ T8] radio-si470x 3-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 654.684226][ T8] radio-si470x 3-1:0.0: submitting int urb failed (-90) [ 654.732981][ T8] radio-si470x 3-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 654.744313][ T8] radio-si470x 3-1:0.0: probe with driver radio-si470x failed with error -22 [ 654.831744][ T8] usb 3-1: USB disconnect, device number 9 [ 654.887814][ T9316] loop3: detected capacity change from 0 to 256 [ 654.969553][ T5372] udevd[5372]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 655.165944][ T9316] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 656.550505][ T9342] netlink: 'syz.1.1837': attribute type 1 has an invalid length. [ 656.732473][ T10] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 657.025190][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 657.037419][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 657.051971][ T10] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 657.065468][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 657.157522][ T10] usb 3-1: config 0 descriptor?? [ 657.729473][ T10] wacom 0003:056A:0331.0004: hidraw0: USB HID v0.00 Device [HID 056a:0331] on usb-dummy_hcd.2-1/input0 [ 657.879911][ T10] usb 3-1: USB disconnect, device number 10 [ 659.463248][ T9370] loop0: detected capacity change from 0 to 128 [ 659.473152][ T9370] hpfs: bad mount options. [ 659.617201][ T9365] loop1: detected capacity change from 0 to 2048 [ 659.921589][ T9376] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 661.151604][ T9384] usb usb8: usbfs: process 9384 (syz.4.1854) did not claim interface 0 before use [ 661.470750][ T9386] loop1: detected capacity change from 0 to 512 [ 661.893492][ T9386] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 661.909289][ T9386] ext4 filesystem being mounted at /236/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 663.161979][ T6422] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 663.996709][ T9412] loop1: detected capacity change from 0 to 164 [ 664.328802][ T9414] loop4: detected capacity change from 0 to 256 [ 664.673315][ T9416] loop3: detected capacity change from 0 to 512 [ 664.773446][ T9416] EXT4-fs: Ignoring removed nomblk_io_submit option [ 664.870626][ T9416] EXT4-fs (loop3): Test dummy encryption mode enabled [ 665.050835][ T9416] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #17: comm syz.3.1869: iget: bogus i_mode (0) [ 665.304144][ T1244] ieee802154 phy0 wpan0: encryption failed: -22 [ 665.311605][ T1244] ieee802154 phy1 wpan1: encryption failed: -22 [ 665.356914][ T9416] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1869: couldn't read orphan inode 17 (err -117) [ 665.463590][ T9426] loop0: detected capacity change from 0 to 128 [ 665.514310][ T9416] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 665.903891][ T9428] loop4: detected capacity change from 0 to 256 [ 666.282548][ T9432] vlan2: entered promiscuous mode [ 666.289695][ T9432] vlan2: entered allmulticast mode [ 666.335556][ T5184] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 666.511231][ T9428] FAT-fs (loop4): Directory bread(block 64) failed [ 666.520348][ T9428] FAT-fs (loop4): Directory bread(block 65) failed [ 666.529845][ T9428] FAT-fs (loop4): Directory bread(block 66) failed [ 666.537048][ T9428] FAT-fs (loop4): Directory bread(block 67) failed [ 666.545348][ T9428] FAT-fs (loop4): Directory bread(block 68) failed [ 666.553671][ T9428] FAT-fs (loop4): Directory bread(block 69) failed [ 666.560951][ T9428] FAT-fs (loop4): Directory bread(block 70) failed [ 666.568560][ T9428] FAT-fs (loop4): Directory bread(block 71) failed [ 666.579833][ T9428] FAT-fs (loop4): Directory bread(block 72) failed [ 666.589894][ T9428] FAT-fs (loop4): Directory bread(block 73) failed [ 667.002614][ T8223] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 667.262639][ T8223] usb 1-1: Using ep0 maxpacket: 32 [ 667.382604][ T8223] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 667.394661][ T8223] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 667.405564][ T8223] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 667.415994][ T8223] usb 1-1: config 1 has no interface number 0 [ 667.416176][ T8223] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 667.416371][ T8223] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 667.416654][ T8223] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 667.416832][ T8223] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 667.473699][ T9440] loop2: detected capacity change from 0 to 1024 [ 667.566303][ T8223] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [ 668.176829][ T3370] hfsplus: b-tree write err: -5, ino 4 [ 668.319306][ C0] ===================================================== [ 668.326778][ C0] BUG: KMSAN: uninit-value in line6_midibuf_read+0x76b/0x1050 [ 668.334527][ C0] line6_midibuf_read+0x76b/0x1050 [ 668.340339][ C0] line6_data_received+0x503/0xa80 [ 668.345889][ C0] __usb_hcd_giveback_urb+0x572/0x840 [ 668.352036][ C0] usb_hcd_giveback_urb+0x157/0x720 [ 668.357550][ C0] dummy_timer+0xd3f/0x6aa0 [ 668.362271][ C0] __hrtimer_run_queues+0x564/0xe40 [ 668.367801][ C0] hrtimer_interrupt+0x3ab/0x1490 [ 668.373344][ C0] __sysvec_apic_timer_interrupt+0xa6/0x3a0 [ 668.380326][ C0] sysvec_apic_timer_interrupt+0x40/0x90 [ 668.386823][ C0] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 668.393074][ C0] virt_to_page_or_null+0xc8/0x150 [ 668.398637][ C0] kmsan_get_metadata+0x13e/0x1c0 [ 668.404122][ C0] kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 668.410224][ C0] __msan_metadata_ptr_for_load_4+0x24/0x40 [ 668.416740][ C0] hsr_forward_skb+0x424/0x3b40 [ 668.422111][ C0] send_hsr_supervision_frame+0xb88/0xfe0 [ 668.428488][ C0] hsr_announce+0xfd/0x2a0 [ 668.433281][ C0] call_timer_fn+0x49/0x580 [ 668.438024][ C0] __run_timer_base+0x84e/0xe90 [ 668.443521][ C0] run_timer_softirq+0x3a/0x70 [ 668.448717][ C0] handle_softirqs+0x1ce/0x800 [ 668.453861][ C0] __irq_exit_rcu+0x68/0x120 [ 668.458736][ C0] irq_exit_rcu+0x12/0x20 [ 668.463437][ C0] sysvec_apic_timer_interrupt+0x83/0x90 [ 668.469421][ C0] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 668.475681][ C0] filter_irq_stacks+0x13d/0x1a0 [ 668.480972][ C0] stack_depot_save_flags+0x2c/0x6e0 [ 668.486635][ C0] stack_depot_save+0x12/0x20 [ 668.491762][ C0] __msan_poison_alloca+0x106/0x1b0 [ 668.497585][ C0] kmem_cache_alloc_lru_noprof+0x71/0xb30 [ 668.503664][ C0] xas_create+0x1be9/0x2690 [ 668.508670][ C0] xas_store+0xc3/0x29e0 [ 668.513484][ C0] __xa_insert+0x190/0x6a0 [ 668.518378][ C0] add_hash_entries+0x56b/0x690 [ 668.523911][ C0] __snd_ctl_add_replace+0x9d4/0xe60 [ 668.529543][ C0] snd_ctl_add+0x89/0x1c0 [ 668.534151][ C0] pod_init+0x1b0/0x3a0 [ 668.539174][ C0] line6_probe+0xf1f/0x1120 [ 668.543927][ C0] pod_probe+0x79/0x90 [ 668.548271][ C0] usb_probe_interface+0xd6f/0x1350 [ 668.554280][ C0] really_probe+0x4db/0xd90 [ 668.559075][ C0] __driver_probe_device+0x2ab/0x5d0 [ 668.564733][ C0] driver_probe_device+0x72/0x890 [ 668.570026][ C0] __device_attach_driver+0x568/0x9e0 [ 668.575688][ C0] bus_for_each_drv+0x403/0x620 [ 668.580797][ C0] __device_attach+0x3c1/0x650 [ 668.585922][ C0] device_initial_probe+0x32/0x40 [ 668.591214][ C0] bus_probe_device+0x3dc/0x5c0 [ 668.596293][ C0] device_add+0x13aa/0x1ba0 [ 668.601221][ C0] usb_set_configuration+0x31c9/0x38d0 [ 668.607031][ C0] usb_generic_driver_probe+0x109/0x2a0 [ 668.612875][ C0] usb_probe_device+0x3a7/0x690 [ 668.617964][ C0] really_probe+0x4db/0xd90 [ 668.622867][ C0] __driver_probe_device+0x2ab/0x5d0 [ 668.629304][ C0] driver_probe_device+0x72/0x890 [ 668.634823][ C0] __device_attach_driver+0x568/0x9e0 [ 668.641463][ C0] bus_for_each_drv+0x403/0x620 [ 668.646803][ C0] __device_attach+0x3c1/0x650 [ 668.652056][ C0] device_initial_probe+0x32/0x40 [ 668.657883][ C0] bus_probe_device+0x3dc/0x5c0 [ 668.663295][ C0] device_add+0x13aa/0x1ba0 [ 668.668006][ C0] usb_new_device+0x15f4/0x2470 [ 668.673072][ C0] hub_event+0x4ffb/0x72d0 [ 668.677737][ C0] [ 668.680163][ C0] Uninit was created at: [ 668.684649][ C0] __kmalloc_noprof+0x661/0xf30 [ 668.689708][ C0] line6_midibuf_init+0x43/0x180 [ 668.695285][ C0] line6_init_midi+0x3e7/0x670 [ 668.700323][ C0] line6_init_cap_control+0x54e/0x770 [ 668.707344][ C0] line6_probe+0xeae/0x1120 [ 668.712135][ C0] pod_probe+0x79/0x90 [ 668.716442][ C0] usb_probe_interface+0xd6f/0x1350 [ 668.721942][ C0] really_probe+0x4db/0xd90 [ 668.726884][ C0] __driver_probe_device+0x2ab/0x5d0 [ 668.732890][ C0] driver_probe_device+0x72/0x890 [ 668.738218][ C0] __device_attach_driver+0x568/0x9e0 [ 668.743954][ C0] bus_for_each_drv+0x403/0x620 [ 668.749101][ C0] __device_attach+0x3c1/0x650 [ 668.754463][ C0] device_initial_probe+0x32/0x40 [ 668.759729][ C0] bus_probe_device+0x3dc/0x5c0 [ 668.764919][ C0] device_add+0x13aa/0x1ba0 [ 668.769679][ C0] usb_set_configuration+0x31c9/0x38d0 [ 668.775349][ C0] usb_generic_driver_probe+0x109/0x2a0 [ 668.781119][ C0] usb_probe_device+0x3a7/0x690 [ 668.786170][ C0] really_probe+0x4db/0xd90 [ 668.790983][ C0] __driver_probe_device+0x2ab/0x5d0 [ 668.796518][ C0] driver_probe_device+0x72/0x890 [ 668.801875][ C0] __device_attach_driver+0x568/0x9e0 [ 668.807479][ C0] bus_for_each_drv+0x403/0x620 [ 668.812555][ C0] __device_attach+0x3c1/0x650 [ 668.817633][ C0] device_initial_probe+0x32/0x40 [ 668.823189][ C0] bus_probe_device+0x3dc/0x5c0 [ 668.828516][ C0] device_add+0x13aa/0x1ba0 [ 668.833900][ C0] usb_new_device+0x15f4/0x2470 [ 668.839085][ C0] hub_event+0x4ffb/0x72d0 [ 668.844190][ C0] process_scheduled_works+0xae0/0x1c40 [ 668.850735][ C0] worker_thread+0xea7/0x14d0 [ 668.856600][ C0] kthread+0x3dd/0x540 [ 668.861057][ C0] ret_from_fork+0x6d/0x90 [ 668.866089][ C0] ret_from_fork_asm+0x1a/0x30 [ 668.871173][ C0] [ 668.873630][ C0] CPU: 0 UID: 0 PID: 8223 Comm: kworker/0:7 Not tainted 6.11.0-rc5-syzkaller-00050-g3ec3f5fc4a91 #0 [ 668.885344][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 668.897438][ C0] Workqueue: usb_hub_wq hub_event [ 668.903288][ C0] ===================================================== [ 668.910705][ C0] Disabling lock debugging due to kernel taint [ 668.917447][ C0] Kernel panic - not syncing: kmsan.panic set ... [ 668.924287][ C0] CPU: 0 UID: 0 PID: 8223 Comm: kworker/0:7 Tainted: G B 6.11.0-rc5-syzkaller-00050-g3ec3f5fc4a91 #0 [ 668.938411][ C0] Tainted: [B]=BAD_PAGE [ 668.942899][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 668.953632][ C0] Workqueue: usb_hub_wq hub_event [ 668.959030][ C0] Call Trace: [ 668.962688][ C0] [ 668.965677][ C0] dump_stack_lvl+0x216/0x2d0 [ 668.970856][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 668.977130][ C0] dump_stack+0x1e/0x30 [ 668.982387][ C0] panic+0x4e2/0xcd0 [ 668.986958][ C0] ? kmsan_get_metadata+0x61/0x1c0 [ 668.992351][ C0] kmsan_report+0x2c7/0x2d0 [ 668.997804][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 669.004620][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 669.010265][ C0] ? __msan_warning+0x95/0x120 [ 669.015852][ C0] ? line6_midibuf_read+0x76b/0x1050 [ 669.022284][ C0] ? line6_data_received+0x503/0xa80 [ 669.028077][ C0] ? __usb_hcd_giveback_urb+0x572/0x840 [ 669.034226][ C0] ? usb_hcd_giveback_urb+0x157/0x720 [ 669.040365][ C0] ? dummy_timer+0xd3f/0x6aa0 [ 669.045863][ C0] ? __hrtimer_run_queues+0x564/0xe40 [ 669.051682][ C0] ? hrtimer_interrupt+0x3ab/0x1490 [ 669.057351][ C0] ? __sysvec_apic_timer_interrupt+0xa6/0x3a0 [ 669.064589][ C0] ? sysvec_apic_timer_interrupt+0x40/0x90 [ 669.071132][ C0] ? asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 669.078834][ C0] ? virt_to_page_or_null+0xc8/0x150 [ 669.084832][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 669.090831][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 669.096924][ C0] ? __msan_metadata_ptr_for_load_4+0x24/0x40 [ 669.104042][ C0] ? hsr_forward_skb+0x424/0x3b40 [ 669.110283][ C0] ? send_hsr_supervision_frame+0xb88/0xfe0 [ 669.116878][ C0] ? hsr_announce+0xfd/0x2a0 [ 669.122031][ C0] ? call_timer_fn+0x49/0x580 [ 669.127205][ C0] ? __run_timer_base+0x84e/0xe90 [ 669.132835][ C0] ? run_timer_softirq+0x3a/0x70 [ 669.138344][ C0] ? handle_softirqs+0x1ce/0x800 [ 669.143959][ C0] ? __irq_exit_rcu+0x68/0x120 [ 669.149412][ C0] ? irq_exit_rcu+0x12/0x20 [ 669.154537][ C0] ? sysvec_apic_timer_interrupt+0x83/0x90 [ 669.161076][ C0] ? asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 669.167779][ C0] ? filter_irq_stacks+0x13d/0x1a0 [ 669.173778][ C0] ? stack_depot_save_flags+0x2c/0x6e0 [ 669.180472][ C0] ? stack_depot_save+0x12/0x20 [ 669.186897][ C0] ? __msan_poison_alloca+0x106/0x1b0 [ 669.192484][ C0] ? kmem_cache_alloc_lru_noprof+0x71/0xb30 [ 669.199043][ C0] ? xas_create+0x1be9/0x2690 [ 669.203929][ C0] ? xas_store+0xc3/0x29e0 [ 669.208858][ C0] ? __xa_insert+0x190/0x6a0 [ 669.214031][ C0] ? add_hash_entries+0x56b/0x690 [ 669.219442][ C0] ? __snd_ctl_add_replace+0x9d4/0xe60 [ 669.225592][ C0] ? snd_ctl_add+0x89/0x1c0 [ 669.230637][ C0] ? pod_init+0x1b0/0x3a0 [ 669.236618][ C0] ? line6_probe+0xf1f/0x1120 [ 669.241702][ C0] ? pod_probe+0x79/0x90 [ 669.246259][ C0] ? usb_probe_interface+0xd6f/0x1350 [ 669.252939][ C0] ? really_probe+0x4db/0xd90 [ 669.258162][ C0] ? __driver_probe_device+0x2ab/0x5d0 [ 669.263873][ C0] ? driver_probe_device+0x72/0x890 [ 669.269997][ C0] ? __device_attach_driver+0x568/0x9e0 [ 669.275800][ C0] ? bus_for_each_drv+0x403/0x620 [ 669.281042][ C0] ? __device_attach+0x3c1/0x650 [ 669.286196][ C0] ? device_initial_probe+0x32/0x40 [ 669.292458][ C0] ? bus_probe_device+0x3dc/0x5c0 [ 669.297829][ C0] ? device_add+0x13aa/0x1ba0 [ 669.302974][ C0] ? usb_set_configuration+0x31c9/0x38d0 [ 669.308950][ C0] ? usb_generic_driver_probe+0x109/0x2a0 [ 669.314982][ C0] ? usb_probe_device+0x3a7/0x690 [ 669.320829][ C0] ? really_probe+0x4db/0xd90 [ 669.325820][ C0] ? __driver_probe_device+0x2ab/0x5d0 [ 669.331723][ C0] ? driver_probe_device+0x72/0x890 [ 669.337231][ C0] ? __device_attach_driver+0x568/0x9e0 [ 669.343797][ C0] ? bus_for_each_drv+0x403/0x620 [ 669.349934][ C0] ? __device_attach+0x3c1/0x650 [ 669.355480][ C0] ? device_initial_probe+0x32/0x40 [ 669.361121][ C0] ? bus_probe_device+0x3dc/0x5c0 [ 669.366545][ C0] ? device_add+0x13aa/0x1ba0 [ 669.371816][ C0] ? usb_new_device+0x15f4/0x2470 [ 669.377250][ C0] ? hub_event+0x4ffb/0x72d0 [ 669.382041][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 669.388191][ C0] __msan_warning+0x95/0x120 [ 669.393356][ C0] line6_midibuf_read+0x76b/0x1050 [ 669.400232][ C0] line6_data_received+0x503/0xa80 [ 669.406134][ C0] ? __pfx_line6_data_received+0x10/0x10 [ 669.412175][ C0] __usb_hcd_giveback_urb+0x572/0x840 [ 669.417942][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 669.424828][ C0] usb_hcd_giveback_urb+0x157/0x720 [ 669.430292][ C0] dummy_timer+0xd3f/0x6aa0 [ 669.435061][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 669.442333][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 669.447494][ C0] __hrtimer_run_queues+0x564/0xe40 [ 669.453054][ C0] hrtimer_interrupt+0x3ab/0x1490 [ 669.458613][ C0] ? __pfx_hrtimer_interrupt+0x10/0x10 [ 669.465451][ C0] ? __pfx_hrtimer_interrupt+0x10/0x10 [ 669.471243][ C0] __sysvec_apic_timer_interrupt+0xa6/0x3a0 [ 669.477684][ C0] sysvec_apic_timer_interrupt+0x40/0x90 [ 669.484147][ C0] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 669.490961][ C0] RIP: 0010:virt_to_page_or_null+0xc8/0x150 [ 669.497323][ C0] Code: 74 09 4c 8b 06 41 f6 c0 02 75 1a 31 c9 65 ff 0d a6 27 c1 7d 75 40 0f 1f 44 00 00 48 89 e2 31 c9 e9 86 00 00 00 b9 01 00 00 00 <41> f6 c0 08 75 1d 48 8b 76 08 48 85 f6 74 12 c1 ea 15 83 e2 3f 31 [ 669.519903][ C0] RSP: 0018:ffff88813fc05ae0 EFLAGS: 00000202 [ 669.526253][ C0] RAX: ffff8881a31e6074 RBX: ffff8881231e6074 RCX: 0000000000000001 [ 669.534752][ C0] RDX: 00000001231e6074 RSI: ffff88813fff9240 RDI: ffff8881231e6074 [ 669.543061][ C0] RBP: ffff88813fc05ae0 R08: ffffea000000000f R09: ffffffff8fa293c1 [ 669.551411][ C0] R10: 0000000000000002 R11: ffff88810528a0c0 R12: ffff88803e737a40 [ 669.559584][ C0] R13: 0000000000000000 R14: 0000000000000001 R15: ffff8881231e6074 [ 669.567899][ C0] ? hsr_forward_skb+0x3d1/0x3b40 [ 669.573204][ C0] kmsan_get_metadata+0x13e/0x1c0 [ 669.578556][ C0] kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 669.584502][ C0] __msan_metadata_ptr_for_load_4+0x24/0x40 [ 669.590651][ C0] hsr_forward_skb+0x424/0x3b40 [ 669.595906][ C0] ? __msan_memset+0xf5/0x1b0 [ 669.600797][ C0] send_hsr_supervision_frame+0xb88/0xfe0 [ 669.606890][ C0] hsr_announce+0xfd/0x2a0 [ 669.611734][ C0] ? __pfx_send_hsr_supervision_frame+0x10/0x10 [ 669.618407][ C0] ? __pfx_hsr_announce+0x10/0x10 [ 669.623754][ C0] call_timer_fn+0x49/0x580 [ 669.629268][ C0] ? __pfx_hsr_announce+0x10/0x10 [ 669.635061][ C0] __run_timer_base+0x84e/0xe90 [ 669.640711][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 669.647169][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 669.653341][ C0] ? __pfx_run_timer_softirq+0x10/0x10 [ 669.659204][ C0] run_timer_softirq+0x3a/0x70 [ 669.664277][ C0] handle_softirqs+0x1ce/0x800 [ 669.669301][ C0] __irq_exit_rcu+0x68/0x120 [ 669.674114][ C0] irq_exit_rcu+0x12/0x20 [ 669.678657][ C0] sysvec_apic_timer_interrupt+0x83/0x90 [ 669.684941][ C0] [ 669.688335][ C0] [ 669.691498][ C0] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 669.697894][ C0] RIP: 0010:filter_irq_stacks+0x13d/0x1a0 [ 669.703813][ C0] Code: 20 f0 75 48 84 db 75 4d 48 8b 5d b0 48 83 c3 08 48 8b 45 b8 48 8b 4d c0 48 8d 44 08 01 48 ff c1 48 83 f8 01 0f 85 06 ff ff ff 33 31 ff e8 6a 13 b5 00 e9 06 ff ff ff 89 fb e8 5e 13 b5 00 89 [ 669.723938][ C0] RSP: 0018:ffff88812cf12360 EFLAGS: 00000246 [ 669.730668][ C0] RAX: 0000000000000001 RBX: ffff88812cf12460 RCX: 0000000000000005 [ 669.738847][ C0] RDX: ffffffff8fd22d00 RSI: ffffffff8fd22e01 RDI: 0000000000000000 [ 669.747028][ C0] RBP: ffff88812cf123b0 R08: ffffea000000000f R09: 0000000000000000 [ 669.755189][ C0] R10: ffff88812c712500 R11: 0000000000000004 R12: ffffffff8fc78489 [ 669.763325][ C0] R13: ffffffff8fc78489 R14: 000000002cb12400 R15: ffffffff8fc78489 [ 669.771494][ C0] ? xas_create+0x1be9/0x2690 [ 669.776394][ C0] ? xas_create+0x1be9/0x2690 [ 669.781281][ C0] ? xas_create+0x1be9/0x2690 [ 669.786185][ C0] ? queued_write_lock_slowpath+0x280/0x369 [ 669.792643][ C0] ? __do_softirq+0x1/0x1a [ 669.797320][ C0] stack_depot_save_flags+0x2c/0x6e0 [ 669.802880][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 669.808644][ C0] stack_depot_save+0x12/0x20 [ 669.813769][ C0] __msan_poison_alloca+0x106/0x1b0 [ 669.819248][ C0] ? kmem_cache_alloc_lru_noprof+0x71/0xb30 [ 669.825554][ C0] ? xas_create+0x1be9/0x2690 [ 669.830611][ C0] kmem_cache_alloc_lru_noprof+0x71/0xb30 [ 669.836571][ C0] ? xas_create+0x1be9/0x2690 [ 669.841568][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 669.848453][ C0] xas_create+0x1be9/0x2690 [ 669.853448][ C0] xas_store+0xc3/0x29e0 [ 669.858118][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 669.864567][ C0] ? filter_irq_stacks+0x60/0x1a0 [ 669.870138][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 669.875945][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 669.882212][ C0] ? xas_load+0xc8b/0xce0 [ 669.887822][ C0] __xa_insert+0x190/0x6a0 [ 669.893740][ C0] add_hash_entries+0x56b/0x690 [ 669.900679][ C0] __snd_ctl_add_replace+0x9d4/0xe60 [ 669.906732][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 669.912993][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 669.918832][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 669.924997][ C0] ? __pfx_snd_pod_control_monitor_info+0x10/0x10 [ 669.932651][ C0] snd_ctl_add+0x89/0x1c0 [ 669.937826][ C0] pod_init+0x1b0/0x3a0 [ 669.942519][ C0] ? __pfx_pod_init+0x10/0x10 [ 669.947461][ C0] line6_probe+0xf1f/0x1120 [ 669.953518][ C0] ? __pfx_pod_init+0x10/0x10 [ 669.958857][ C0] pod_probe+0x79/0x90 [ 669.963159][ C0] ? __pfx_pod_probe+0x10/0x10 [ 669.969176][ C0] usb_probe_interface+0xd6f/0x1350 [ 669.976344][ C0] ? __pfx_usb_probe_interface+0x10/0x10 [ 669.982672][ C0] really_probe+0x4db/0xd90 [ 669.987776][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 669.995209][ C0] __driver_probe_device+0x2ab/0x5d0 [ 670.001250][ C0] driver_probe_device+0x72/0x890 [ 670.007332][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 670.014192][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 670.021584][ C0] __device_attach_driver+0x568/0x9e0 [ 670.027253][ C0] bus_for_each_drv+0x403/0x620 [ 670.032548][ C0] ? __pfx___device_attach_driver+0x10/0x10 [ 670.039972][ C0] __device_attach+0x3c1/0x650 [ 670.045289][ C0] device_initial_probe+0x32/0x40 [ 670.051098][ C0] bus_probe_device+0x3dc/0x5c0 [ 670.056533][ C0] device_add+0x13aa/0x1ba0 [ 670.062012][ C0] usb_set_configuration+0x31c9/0x38d0 [ 670.068499][ C0] ? usb_set_configuration+0x891/0x38d0 [ 670.074353][ C0] usb_generic_driver_probe+0x109/0x2a0 [ 670.080596][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 670.086835][ C0] ? __pfx_usb_generic_driver_probe+0x10/0x10 [ 670.093470][ C0] usb_probe_device+0x3a7/0x690 [ 670.098686][ C0] ? __pfx_usb_probe_device+0x10/0x10 [ 670.104511][ C0] really_probe+0x4db/0xd90 [ 670.109416][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 670.115770][ C0] __driver_probe_device+0x2ab/0x5d0 [ 670.121501][ C0] driver_probe_device+0x72/0x890 [ 670.126900][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 670.132715][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 670.139133][ C0] __device_attach_driver+0x568/0x9e0 [ 670.145127][ C0] bus_for_each_drv+0x403/0x620 [ 670.150343][ C0] ? __pfx___device_attach_driver+0x10/0x10 [ 670.156527][ C0] __device_attach+0x3c1/0x650 [ 670.162179][ C0] device_initial_probe+0x32/0x40 [ 670.168262][ C0] bus_probe_device+0x3dc/0x5c0 [ 670.173662][ C0] device_add+0x13aa/0x1ba0 [ 670.178861][ C0] usb_new_device+0x15f4/0x2470 [ 670.184678][ C0] hub_event+0x4ffb/0x72d0 [ 670.189387][ C0] ? __pfx_hub_event+0x10/0x10 [ 670.194444][ C0] process_scheduled_works+0xae0/0x1c40 [ 670.200292][ C0] worker_thread+0xea7/0x14d0 [ 670.205322][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 670.211607][ C0] kthread+0x3dd/0x540 [ 670.215979][ C0] ? __pfx_worker_thread+0x10/0x10 [ 670.221307][ C0] ? __pfx_kthread+0x10/0x10 [ 670.226856][ C0] ret_from_fork+0x6d/0x90 [ 670.232184][ C0] ? __pfx_kthread+0x10/0x10 [ 670.238677][ C0] ret_from_fork_asm+0x1a/0x30 [ 670.245545][ C0] [ 670.250072][ C0] Kernel Offset: disabled [ 670.255261][ C0] Rebooting in 86400 seconds..