last executing test programs: 2m19.092741633s ago: executing program 3 (id=5367): set_mempolicy(0x3, &(0x7f0000000000)=0x3, 0x7) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xc, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 2m16.899809122s ago: executing program 3 (id=5381): r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c560a117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000008000100090c100000000000224e0000", 0x58}], 0x1) 2m15.532132165s ago: executing program 3 (id=5385): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1700000055003d09000000000000000007"], 0x58}, 0x1, 0x0, 0x0, 0x40}, 0x0) 2m14.928911468s ago: executing program 3 (id=5390): syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x3a000c0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030303030372c747970653dc59f86bc2c756d61736b3d30303030303030303030303030303030303030303030312c7569643d", @ANYRESHEX=0x0, @ANYBLOB="2c71756965742c636f6465706167653d6b6f69382d722c756d61736b3d30303030303030303030303030303030303030303230312c747970653d731472bb2c696f636861727365743d69736f383835392d31342c756d61736b3d30303030303030303030303030303030303030303030362c66696c655f756d61736b3d3030303030303030303030303030303030303030303037fb636f6465706167653d6d616363656e746575726f2c6469725f756d61736b3d3031373737283737373737373737d25af6be9a373737373737373732", @ANYRESHEX=0x0, @ANYRES64], 0x3, 0x331, &(0x7f0000000880)="$eJzs3U9P1EwcB/DvtLuw+0B4KmBIPBmUxBMBPGi8SAzx4hvwYIgIS0KomCgmSmJEz8Z4MzHx6M2z0begF+Mb0BMH40kvxIM1M5220zrTXRbYQvb7SVxLO39+0+m0MxAoiKhvXVn4+ub8jvwn6gB8AJcAD0ADqAE4iYnG/Y3NtgX56ZZAnFP8k2Z5o2XL2oDOoQXyqxqGzX10OKIoir65Dg4kGz97Fg9VQ5gj2OABg3p0quONnkd2OLbjdvUXo4fFLnbxACNVhkNERNXTz39PPyWG9fzd84ApPQ8/7s//3Pxmt7o4joT0+e/FX0dCnp//1SG53lvbDFsr8RJO9r6XrBJtZVmviSg73WoZ4QH+kDHlMmqxU7F4zdW1sDW9rQp4isuakWxcfa4gaYjiilYvaCYta9MSZW0vN6TaUJdtmHPEP1ZWo3UB/OE7XtqrW/zkiMOc6oqP4rNYFAFeYSWd/9UiIU+OOj9BYajE8c+0aWUQp8q1Mgv/hKrkVNID799mrWy6zmsDvozFRpYiivP3IInzxYA7F0aR/7ZC3LpZd+tUrjGgJtSqwcw1lyb6bc01XqyruVoPW9PLd0LXRX+wrCs68VxcF5P4gXdYMOb/nkw9BffIzI1yoVLqK6O0PTWV0tGPOWoA397TyCTlqrWjyz3DLVzEyL2HW+tLYdi6W/1GMlS6zH76gOOJL0R9Oco98n8jDRpyow7gwCr9E0WR9VANveiCumrqhddZk7fWl4S+5+2vCnnnLByadycGMA9A70nuCN3U/jjNNZgV2FH2X7K31R77BZlE1YMBklSVO+RjsKOR0uyi0muP1pfCru5EdMxknY6JG1UHQ1WQ8y4Rr/+M9cqMuuvIj6Bk/RO1K9wocdaxAhpVn/91toJLi3XOE4eSjTZrrjPngLOFGj0kNT4pFhvoOHEUfyq59x9liAV8wU1+/5+IiIiIiIiIiIiIiIiIiIiIiIiI6LjZ628jdPPrBPkad/rwD28QEREREREREREREREREREREREREREREe2P8f5fwFdvjBmwvf+37E1Nii9zqLfe7P/9v34H7/8V2503kois/gYAAP//rsJe4A==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 2m14.102166468s ago: executing program 3 (id=5397): r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000100)={0x0, 0x0, {0x0, 0x0, 0x100a, 0x7, 0x8, 0x2}}) 2m13.412676093s ago: executing program 3 (id=5402): r0 = socket(0xa, 0x801, 0x0) getsockopt(r0, 0x29, 0x40, &(0x7f0000b3ffac)=""/84, &(0x7f0000001ffc)=0x54) 2m11.414044238s ago: executing program 32 (id=5402): r0 = socket(0xa, 0x801, 0x0) getsockopt(r0, 0x29, 0x40, &(0x7f0000b3ffac)=""/84, &(0x7f0000001ffc)=0x54) 5.621453444s ago: executing program 2 (id=6032): r0 = signalfd(0xffffffffffffffff, &(0x7f0000000500)={[0x5]}, 0x8) name_to_handle_at(r0, &(0x7f0000000380)='\x00', &(0x7f0000000380)=ANY=[], &(0x7f00000047c0), 0x1200) 4.641105385s ago: executing program 2 (id=6036): r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) getsockopt$llc_int(r0, 0x10c, 0x3, 0x0, &(0x7f0000000080)=0x4) 4.58045266s ago: executing program 1 (id=6037): syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@lazytime}, {@nolazytime}]}, 0x4, 0x530, &(0x7f0000001480)="$eJzs3cFvG1kZAPBvnDhJs+mmC3sABGxZFgqq6iTubrTaU/cCQquVECtOHLohcaModh3FrmhCD+6ReyUqcYI/gRsHpJ44cOMGEgcu5YBUoAI1SByMZjxJ3cSpA3HiYv9+0njmvXH9vWfnvTfzGucFMLYuR0QrIqYi4tOImM/zk3yLG50tfd6zp/dW957eW02i3f7kb0l2Ps2Lrn+Tei1/zZmI+N63I36YHI3b2NndXKlWK9t5eqFZ21po7Oxe2yjkOeXlpeXF96+/Vz5N9fLIrezxrdovn3xr46Pv//pXX3r8u9Y3f5yenPvJxexcdz0GqVOAYsx15U1GxEdnEWxIJvOfnz7aPX4MGLK0tX0mIt7O2v98TGSfJgAwytrt+WjPd6cBgFGX3v/PRVIo5XMBc1EolEqdObw3Y7ZQrTeaV+frd26vRTaHdSmKhVsb1cpiPld4KYpJml7Kjp+nyy+kH1SuR8QbEfFg+kJ2vrRar64N88IHAMbYa4fG/39Od8Z/AGDEzQy7AADAuTs6/rsiAIBRZ7QHgPHzX4z/vh0IACPC/T8AjB/jPwCMn77j//3zKQcAcC6++/HH6dbe6/z96/0/0XxtrdLYLNXurJZW69tbpfV6fb1aKa222/1er1qvby29e5Bs7OzerNXv3G7e3KitrFduVopnWRkA4ETeeOvRH9JBv/XBhWyLrrUcjNUw2grDLgAwNBPDLgAwNL7PA+PrBPf4pgFgxPVbm/XYXxF62HfxV79dDK+oK583/w/j6jTz/+YO4P/b/zb//8e5gRcEOHfGcBhf7XZizX8AGDPm+IFT/f8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjKm5bEsKpWwt8Fb6WCiVIi5GxKUoJrc2qpXFiHg9In4/XZxO00vDLjQAcEqFvyT5+l9X5t85sq7/VPKv6WwfET/62Sc/vbvSbG4vpfl/P8hvPkzzLzS3y1PDqAAA0O3G0axs/C7n+64b+WdP763ub+dZxCcfdhYXTePu5VvnzGRMZvuZKEbE7D+SPN2RXq9MDCB+635EfG6//jNxtyvCXDYH0ln59HD8NPbFgcfvfv8Pxy+8UN9Cdi7dF7P34rMDKAuMm0cfdvrJvO2lTTxvf4W4nO17t/+ZrIc6vbT/S9v13pH+r3DQ/00ciZ9kbf7yQfrlJXny7m++cySzPd85dz/iC5O94icH8ZPe/W/xnRPW8U9f/PLbx51r/zziyqH6T+1HyNSybnahWdtaaOzsXtuoraxX1iu3y+XlpeXF96+/V17I5qg7j7/tFeOvH1x9/bj4af1ne77/Sf7JH1v/+NoJ6/+Lf3/6g6+8JP43vtr783/zJfHTMfHrJ4y/Mnvj2OW70/hrx9S/z+cfV08Y//Gfd9dO+FQA4Bw0dnY3V6rVynafg/Ras99zzuZgYhhBz/wgvbd/BYqRHUQrYlAvmE1KRETP56RX1K9Glc/qIBli9IhoDfAFh90zAWfteaMfdkkAAAAAAAAAAAAAAIDjNHZ2N6d7f1trYAfDriMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACj6z8BAAD//49DxHM=") 4.119673326s ago: executing program 0 (id=6038): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) getxattr(0x0, 0x0, 0x0, 0x0) 3.871371261s ago: executing program 2 (id=6040): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x4, 0x8, 0x10, 0xeb, 0x1d, @mcast1, @loopback={0xfec0ffff00000000, 0x2}, 0x20, 0x8000, 0x3, 0x80}}) 3.705933947s ago: executing program 4 (id=6041): r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, 0x0, 0x5c) 3.613101588s ago: executing program 0 (id=6042): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000600)=ANY=[@ANYBLOB="1800000078000106000000000000000007"], 0x18}], 0x1}, 0x0) 3.272819698s ago: executing program 5 (id=6043): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2c010000160001000000000000000000fe880000000000000000000000000101fc0200000000000000000000000000004e200000000000000000800000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe8000000000000000000000000000aa0000000033000000ff01000000000000000000000000000105000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001004000000000000000200000000000000070000000000000000000000010000000000000000000000000000000a000000000000000000000005000000050000000a0010"], 0x12c}, 0x1, 0x0, 0x0, 0x1}, 0x4000080) 3.238930837s ago: executing program 0 (id=6044): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_6RD_PREFIXLEN={0x6, 0xd, 0x5}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @local}]}}}]}, 0x40}}, 0x0) 3.194081275s ago: executing program 2 (id=6045): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000740)=@base={0xc, 0x4, 0x4, 0x10000, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 2.929282652s ago: executing program 4 (id=6046): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) sendmmsg$inet6(r0, &(0x7f00000033c0)=[{{&(0x7f0000000280)={0xa, 0x4e23, 0x9, @rand_addr=' \x01\x00'}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000000000002900000037"], 0x18}}], 0x1, 0x40052) 2.87413166s ago: executing program 1 (id=6047): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, 0x0, 0x0) 2.599495658s ago: executing program 5 (id=6048): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x1, './file1\x00'}, 0x4) 2.533208159s ago: executing program 0 (id=6049): r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f00000004c0)=@multiplanar_userptr={0x4, 0x9, 0x4, 0x70000, 0x6, {}, {0x3, 0xc, 0x6, 0x6, 0x34, 0x10, "3129d16b"}, 0x101, 0x2, {&(0x7f0000000440)=[{0x1, 0x8, {0x0}, 0x7fffffff}, {0x3, 0xfffff463, {0x0}, 0x3}]}, 0x2}) 2.362572033s ago: executing program 2 (id=6050): syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000080)={[{@redirect_dir_nofollow}, {@userxattr}], [], 0x2c}) 2.244436392s ago: executing program 4 (id=6051): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010002000000000000000000000a44000000090a010400000000000000000100000a08000a40000000000900020073797a32000000000900010073797a3000000000080005400000002c0800034000000140"], 0x6c}}, 0x0) 2.168728103s ago: executing program 1 (id=6052): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) accept4$llc(0xffffffffffffffff, 0x0, 0x0, 0x80800) 1.852562742s ago: executing program 5 (id=6053): r0 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f0000000580)={0x0, 0xc1, 0x80, 0x34325241, 0x3, [0x2], [0x80ffff], [], [0x400000000000000]}) 1.78772974s ago: executing program 0 (id=6054): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40101287, 0x0) 1.65267102s ago: executing program 2 (id=6055): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100001964d408861a92e03f530102030109022400010200100309041f0202e917f300090502020002020000090582020002"], 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) 1.592339973s ago: executing program 4 (id=6056): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) io_destroy(0x0) 1.53925889s ago: executing program 1 (id=6057): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) ioprio_set$pid(0x1, 0x0, 0x0) 1.238066388s ago: executing program 5 (id=6058): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000004040)={0x0, 0x0, &(0x7f0000004000)={&(0x7f0000000840)=@newtaction={0xe68, 0x30, 0x1, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x7}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) 1.192231696s ago: executing program 0 (id=6059): syz_usbip_server_init(0x4) syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf"], 0x0) 996.70788ms ago: executing program 1 (id=6060): r0 = fsopen(&(0x7f0000000000)='cifs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='source', &(0x7f0000000240)='//\xf2/\x06\b/\\/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b [ 1109.644138][T14497] dump_stack_lvl+0x216/0x2d0 [ 1109.644414][T14497] dump_stack+0x1e/0x24 [ 1109.644596][T14497] warn_alloc+0x455/0x650 [ 1109.644825][T14497] ? kmsan_internal_set_shadow_origin+0x6c/0x100 [ 1109.645049][T14497] ? __vmalloc_node_range_noprof+0xd6/0x26b0 [ 1109.645276][T14497] __vmalloc_node_range_noprof+0x130/0x26b0 [ 1109.645503][T14497] ? kmsan_get_metadata+0x13e/0x1c0 [ 1109.645698][T14497] ? kmsan_get_metadata+0x13e/0x1c0 [ 1109.645896][T14497] ? kmsan_get_metadata+0x13e/0x1c0 [ 1109.646091][T14497] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1109.646298][T14497] ? __kmalloc_cache_noprof+0x949/0xe00 [ 1109.646491][T14497] ? kmsan_get_metadata+0x13e/0x1c0 [ 1109.646689][T14497] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1109.646895][T14497] vmalloc_user_noprof+0x90/0xb0 [ 1109.647088][T14497] ? xskq_create+0x105/0x270 [ 1109.647351][T14497] xskq_create+0x105/0x270 [ 1109.647519][T14497] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1109.647733][T14497] xsk_init_queue+0x115/0x1f0 [ 1109.647906][T14497] xsk_setsockopt+0x854/0xd10 [ 1109.648060][T14497] ? kmsan_get_metadata+0x80/0x1c0 [ 1109.648268][T14497] do_sock_setsockopt+0x4bb/0x7d0 [ 1109.648607][T14497] ? __pfx_xsk_setsockopt+0x10/0x10 [ 1109.648790][T14497] __x64_sys_setsockopt+0x33d/0x4f0 [ 1109.648994][T14497] x64_sys_call+0x3475/0x3c80 [ 1109.649230][T14497] do_syscall_64+0xcd/0x1e0 [ 1109.649456][T14497] ? clear_bhb_loop+0x25/0x80 [ 1109.649633][T14497] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1109.649809][T14497] RIP: 0033:0x7fe5b118d169 [ 1109.649940][T14497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1109.650078][T14497] RSP: 002b:00007fe5b1f95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1109.650244][T14497] RAX: ffffffffffffffda RBX: 00007fe5b13a5fa0 RCX: 00007fe5b118d169 [ 1109.650358][T14497] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 1109.650455][T14497] RBP: 00007fe5b120e2a0 R08: 0000000000000004 R09: 0000000000000000 [ 1109.650558][T14497] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1109.650658][T14497] R13: 0000000000000000 R14: 00007fe5b13a5fa0 R15: 00007fff1c6b3978 [ 1109.650801][T14497] [ 1109.905834][T14497] Mem-Info: [ 1109.911721][T14497] active_anon:8832 inactive_anon:0 isolated_anon:0 [ 1109.911721][T14497] active_file:11839 inactive_file:38723 isolated_file:0 [ 1109.911721][T14497] unevictable:768 dirty:305 writeback:0 [ 1109.911721][T14497] slab_reclaimable:4829 slab_unreclaimable:23771 [ 1109.911721][T14497] mapped:29913 shmem:3764 pagetables:910 [ 1109.911721][T14497] sec_pagetables:0 bounce:0 [ 1109.911721][T14497] kernel_misc_reclaimable:0 [ 1109.911721][T14497] free:359078 free_pcp:10356 free_cma:0 [ 1109.964983][T14497] Node 0 active_anon:34852kB inactive_anon:0kB active_file:47356kB inactive_file:154816kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119652kB dirty:1216kB writeback:0kB shmem:13044kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5040kB pagetables:3640kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1110.001547][T14497] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:32kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1110.034264][T14497] Node 0 DMA free:4096kB boost:0kB min:164kB low:204kB high:244kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:4096kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1110.069309][T14497] lowmem_reserve[]: 0 928 1241 1241 1241 [ 1110.078303][T14497] Node 0 DMA32 free:513032kB boost:0kB min:36892kB low:46112kB high:55332kB reserved_highatomic:0KB active_anon:16196kB inactive_anon:0kB active_file:37676kB inactive_file:65524kB unevictable:0kB writepending:144kB present:3129332kB managed:951012kB mlocked:0kB bounce:0kB free_pcp:40268kB local_pcp:18060kB free_cma:0kB [ 1110.109358][T14497] lowmem_reserve[]: 0 0 312 312 312 [ 1110.115437][T14497] Node 0 Normal free:16200kB boost:0kB min:12984kB low:16228kB high:19472kB reserved_highatomic:0KB active_anon:17500kB inactive_anon:0kB active_file:9680kB inactive_file:89292kB unevictable:1536kB writepending:1108kB present:1048580kB managed:320484kB mlocked:0kB bounce:0kB free_pcp:2580kB local_pcp:2340kB free_cma:0kB [ 1110.146461][T14497] lowmem_reserve[]: 0 0 0 0 0 [ 1110.151842][T14497] Node 1 Normal free:902984kB boost:0kB min:40064kB low:50080kB high:60096kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:4kB present:4194300kB managed:988720kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1110.188519][T14497] lowmem_reserve[]: 0 0 0 0 0 [ 1110.196506][T14497] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 1*4096kB (M) = 4096kB [ 1110.210073][T14497] Node 0 DMA32: 794*4kB (ME) 762*8kB (UME) 275*16kB (ME) 241*32kB (UME) 94*64kB (UME) 6*128kB (ME) 0*256kB 13*512kB (UE) 13*1024kB (U) 9*2048kB (UM) 109*4096kB (UM) = 513032kB [ 1110.230411][T14497] Node 0 Normal: 42*4kB (UME) 94*8kB (UM) 35*16kB (UME) 24*32kB (UME) 26*64kB (UME) 22*128kB (UME) 9*256kB (UM) 4*512kB (UM) 1*1024kB (E) 2*2048kB (UM) 0*4096kB = 16200kB [ 1110.250890][T14497] Node 1 Normal: 2*4kB (UE) 10*8kB (UME) 9*16kB (UME) 21*32kB (UE) 19*64kB (UME) 16*128kB (UME) 7*256kB (UME) 8*512kB (UME) 4*1024kB (UME) 2*2048kB (ME) 216*4096kB (UM) = 902984kB [ 1110.278869][T14497] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1110.291385][T14497] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 1110.301129][T14497] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1110.311274][T14497] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 1110.321024][T14497] 53662 total pagecache pages [ 1110.325942][T14497] 0 pages in swap cache [ 1110.330357][T14497] Free swap = 124996kB [ 1110.334913][T14497] Total swap = 124996kB [ 1110.339352][T14497] 2097051 pages RAM [ 1110.343563][T14497] 0 pages HighMem/MovableOnly [ 1110.348484][T14497] 1530973 pages reserved [ 1110.353434][T14497] 0 pages cma reserved [ 1110.550991][T14500] bridge1: the hash_elasticity option has been deprecated and is always 16 [ 1112.210436][T14525] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 1112.501041][T14531] netlink: 'syz.2.4171': attribute type 8 has an invalid length. [ 1112.509844][T14531] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.4171'. [ 1114.248922][T14557] loop3: detected capacity change from 0 to 128 [ 1114.363298][T14557] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 1114.463697][T14557] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1114.551889][T14561] loop4: detected capacity change from 0 to 2048 [ 1114.808799][T14561] loop4: p2 p3 p7 [ 1115.644755][T14575] kAFS: unable to lookup cell '' [ 1116.225321][T14584] capability: warning: `syz.0.4196' uses 32-bit capabilities (legacy support in use) [ 1116.235820][ T6069] usb 4-1: new high-speed USB device number 116 using dummy_hcd [ 1116.279508][ T6174] udevd[6174]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 1116.399141][T14588] tmpfs: Bad value for 'mpol' [ 1116.403557][ T6207] udevd[6207]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory [ 1116.425998][ T6174] udevd[6174]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 1116.476964][ T6069] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1116.489437][ T6069] usb 4-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00 [ 1116.500046][ T6069] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1116.598696][ T6069] usb 4-1: config 0 descriptor?? [ 1116.803913][T14591] loop2: detected capacity change from 0 to 512 [ 1116.955082][ T6069] usbhid 4-1:0.0: can't add hid device: -71 [ 1116.962183][ T6069] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 1117.028317][ T6069] usb 4-1: USB disconnect, device number 116 [ 1117.168727][T14591] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1117.182047][T14591] ext4 filesystem being mounted at /777/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1117.325192][T14599] loop1: detected capacity change from 0 to 128 [ 1117.374570][ T30] audit: type=1326 audit(2000000528.480:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14597 comm="syz.0.4200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e4938d169 code=0x7ffc0000 [ 1117.510508][ T30] audit: type=1326 audit(2000000528.545:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14597 comm="syz.0.4200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e4938d169 code=0x7ffc0000 [ 1117.533816][ T30] audit: type=1326 audit(2000000528.545:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14597 comm="syz.0.4200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f7e4938d169 code=0x7ffc0000 [ 1117.557961][ T30] audit: type=1326 audit(2000000528.545:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14597 comm="syz.0.4200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e4938d169 code=0x7ffc0000 [ 1117.751485][ T6022] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1118.394796][T14610] xt_hashlimit: size too large, truncated to 1048576 [ 1119.797253][T14630] netlink: 'syz.2.4217': attribute type 10 has an invalid length. [ 1119.820962][T14630] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 1119.832716][T14630] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 1119.848896][T14630] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 1121.939720][T14664] netlink: 'syz.4.4233': attribute type 6 has an invalid length. [ 1123.439892][T14684] netlink: 'syz.4.4243': attribute type 28 has an invalid length. [ 1123.448300][T14684] netlink: 'syz.4.4243': attribute type 3 has an invalid length. [ 1123.456841][T14684] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4243'. [ 1123.574586][T14686] loop2: detected capacity change from 0 to 24 [ 1124.787726][T14702] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4252'. [ 1124.797208][T14702] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4252'. [ 1125.374667][T14710] loop1: detected capacity change from 0 to 128 [ 1125.532875][T14710] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1125.607545][T14710] ext4 filesystem being mounted at /836/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1125.753156][T14710] EXT4-fs error (device loop1): ext4_validate_inode_bitmap:105: comm syz.1.4256: Corrupt inode bitmap - block_group = 0, inode_bitmap = 19 [ 1125.956579][T14720] netlink: 'syz.2.4260': attribute type 10 has an invalid length. [ 1126.091487][T14724] @ÿ: renamed from bond_slave_0 (while UP) [ 1126.218975][ T6017] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1127.376565][T14742] loop2: detected capacity change from 0 to 1024 [ 1127.440322][T14745] workqueue: name exceeds WQ_NAME_LEN. Truncating to: ¯HcUØîÑË•‚Ž¹+ÕuµJÙÊVú?zlIèƒ [ 1127.793005][T14750] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 1127.923251][ T4233] hfsplus: b-tree write err: -5, ino 4 [ 1129.196848][T14769] syz.2.4283: attempt to access beyond end of device [ 1129.196848][T14769] nbd2: rw=0, sector=64, nr_sectors = 1 limit=0 [ 1129.210640][T14769] syz.2.4283: attempt to access beyond end of device [ 1129.210640][T14769] nbd2: rw=0, sector=256, nr_sectors = 1 limit=0 [ 1129.224150][T14769] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 1129.234448][T14769] syz.2.4283: attempt to access beyond end of device [ 1129.234448][T14769] nbd2: rw=0, sector=512, nr_sectors = 1 limit=0 [ 1129.256291][T14769] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 1129.471953][T14769] syz.2.4283: attempt to access beyond end of device [ 1129.471953][T14769] nbd2: rw=0, sector=64, nr_sectors = 2 limit=0 [ 1129.486190][T14769] syz.2.4283: attempt to access beyond end of device [ 1129.486190][T14769] nbd2: rw=0, sector=512, nr_sectors = 2 limit=0 [ 1129.499549][T14769] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 1129.509926][T14769] syz.2.4283: attempt to access beyond end of device [ 1129.509926][T14769] nbd2: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 1129.523374][T14769] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 1129.616333][T14769] syz.2.4283: attempt to access beyond end of device [ 1129.616333][T14769] nbd2: rw=0, sector=64, nr_sectors = 4 limit=0 [ 1129.630150][T14769] syz.2.4283: attempt to access beyond end of device [ 1129.630150][T14769] nbd2: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 1129.646149][T14769] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 1129.656483][T14769] syz.2.4283: attempt to access beyond end of device [ 1129.656483][T14769] nbd2: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 1129.669982][T14769] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 1129.887203][T14769] syz.2.4283: attempt to access beyond end of device [ 1129.887203][T14769] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0 [ 1129.911622][T14769] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 1129.924384][T14769] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 1129.934340][T14769] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 1130.189051][T14784] netlink: 'syz.1.4291': attribute type 13 has an invalid length. [ 1130.554908][T14788] netlink: 'syz.0.4293': attribute type 11 has an invalid length. [ 1130.730389][T14786] Invalid option length (1048055) for dns_resolver key [ 1131.361296][T14798] SET target dimension over the limit! [ 1131.944684][T14802] loop3: detected capacity change from 0 to 4096 [ 1132.086212][T14811] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1132.189218][T14802] NILFS error (device loop3): nilfs_find_entry: dir 2 size 34359742464 exceeds block count 1 [ 1132.272071][T14802] Remounting filesystem read-only [ 1133.180533][ T6070] usb 2-1: new high-speed USB device number 102 using dummy_hcd [ 1133.399746][ T6070] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1133.410771][ T6070] usb 2-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 1133.420320][ T6070] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1133.547448][ T6070] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 1134.478755][T14837] loop2: detected capacity change from 0 to 128 [ 1134.578063][T14837] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1134.664134][T14843] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 1134.762195][ T6070] stv0680 2-1:4.0: STV(e): camera ping failed!! [ 1134.997103][ T6070] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 1135.014283][ T6070] stv0680 2-1:4.0: last error: 0, command = 0x0 [ 1135.088875][ T6070] usb 2-1: USB disconnect, device number 102 [ 1135.480785][T14850] netlink: 'syz.2.4323': attribute type 11 has an invalid length. [ 1137.345645][T14877] overlayfs: conflicting options: userxattr,redirect_dir=on [ 1138.531130][T14896] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4344'. [ 1139.198788][T14906] loop2: detected capacity change from 0 to 128 [ 1139.245189][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 1139.252072][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 1139.400544][T14906] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 1139.408658][T14906] FAT-fs (loop2): Filesystem has been set read-only [ 1139.878085][T14917] netlink: 'syz.0.4355': attribute type 10 has an invalid length. [ 1139.888697][T14917] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4355'. [ 1139.903885][T14917] batman_adv: batadv0: Adding interface: veth0_virt_wifi [ 1139.911502][T14917] batman_adv: batadv0: The MTU of interface veth0_virt_wifi is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1139.938191][T14917] batman_adv: batadv0: Interface activated: veth0_virt_wifi [ 1140.249155][T14922] IPVS: set_ctl: invalid protocol: 50 224.0.0.2:20004 [ 1140.502013][T14924] xt_limit: Overflow, try lower: 1207959552/384 [ 1142.316188][T14950] No such timeout policy "syz1" [ 1145.048098][T14986] loop1: detected capacity change from 0 to 16 [ 1145.116542][T14986] erofs (device loop1): mounted with root inode @ nid 36. [ 1145.395495][T14988] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4391'. [ 1145.405172][T14988] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4391'. [ 1147.458670][ T6069] usb 2-1: new high-speed USB device number 103 using dummy_hcd [ 1147.730941][ T6069] usb 2-1: Using ep0 maxpacket: 16 [ 1147.755145][ T6069] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 1147.766920][ T6069] usb 2-1: config 0 has no interface number 0 [ 1147.826152][ T6069] usb 2-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 1147.836159][ T6069] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1147.844678][ T6069] usb 2-1: Product: syz [ 1147.849136][ T6069] usb 2-1: Manufacturer: syz [ 1147.854081][ T6069] usb 2-1: SerialNumber: syz [ 1148.005856][ T6069] usb 2-1: config 0 descriptor?? [ 1148.054996][ T6069] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 1148.115164][T15017] loop4: detected capacity change from 0 to 2048 [ 1148.470404][ T6069] gspca_spca1528: reg_w err -71 [ 1148.528501][ T6069] spca1528 2-1:0.1: probe with driver spca1528 failed with error -71 [ 1148.566199][ T6069] usb 2-1: USB disconnect, device number 103 [ 1148.933458][T15017] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 1149.052593][T15017] UDF-fs: unknown compression code (0) [ 1150.954948][T15048] 9pnet_fd: Insufficient options for proto=fd [ 1152.397171][T15073] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4428'. [ 1152.411286][T15073] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4428'. [ 1152.657834][T15075] No such timeout policy "syz0" [ 1153.813541][T15092] /dev/loop0: Can't open blockdev [ 1153.900955][T15094] netlink: 'syz.1.4439': attribute type 9 has an invalid length. [ 1154.142364][T15088] loop2: detected capacity change from 0 to 4096 [ 1154.209748][T15088] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 1154.394157][T15100] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only [ 1154.613366][T15088] ntfs3(loop2): ino=19, mi_enum_attr [ 1154.619002][T15088] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 1155.452706][T15112] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 1155.468559][T15112] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1156.561215][T15126] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 1157.337288][T15138] loop4: detected capacity change from 0 to 16 [ 1157.435535][ T30] audit: type=1326 audit(2000000565.456:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15136 comm="syz.1.4462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5b118d169 code=0x7ffc0000 [ 1157.476088][T15138] erofs (device loop4): mounted with root inode @ nid 36. [ 1157.568127][ T30] audit: type=1326 audit(2000000565.530:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15136 comm="syz.1.4462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5b118d169 code=0x7ffc0000 [ 1157.591559][ T30] audit: type=1326 audit(2000000565.539:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15136 comm="syz.1.4462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7fe5b118d169 code=0x7ffc0000 [ 1157.614927][ T30] audit: type=1326 audit(2000000565.539:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15136 comm="syz.1.4462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5b118d169 code=0x7ffc0000 [ 1159.037732][T15152] loop2: detected capacity change from 0 to 512 [ 1159.358777][T15152] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1159.372309][T15152] ext4 filesystem being mounted at /831/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1159.440077][T15142] syz.3.4463 (15142): drop_caches: 2 [ 1159.908657][ T6022] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1160.367156][ T30] audit: type=1326 audit(2000000568.188:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15172 comm="syz.4.4478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e1c98d169 code=0x7ffc0000 [ 1160.558843][ T30] audit: type=1326 audit(2000000568.243:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15172 comm="syz.4.4478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f8e1c98d169 code=0x7ffc0000 [ 1160.581963][ T30] audit: type=1326 audit(2000000568.243:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15172 comm="syz.4.4478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e1c98d169 code=0x7ffc0000 [ 1160.605159][ T30] audit: type=1326 audit(2000000568.262:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15172 comm="syz.4.4478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e1c98d169 code=0x7ffc0000 [ 1160.959470][ T6062] usb 3-1: new full-speed USB device number 9 using dummy_hcd [ 1161.215384][ T6062] usb 3-1: config 0 has an invalid interface number: 11 but max is 0 [ 1161.224181][ T6062] usb 3-1: config 0 has no interface number 0 [ 1161.231128][ T6062] usb 3-1: config 0 interface 11 altsetting 253 endpoint 0x7 has invalid maxpacket 1024, setting to 64 [ 1161.242768][ T6062] usb 3-1: config 0 interface 11 has no altsetting 0 [ 1161.249843][ T6062] usb 3-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b [ 1161.259394][ T6062] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1161.482433][ T6062] usb 3-1: config 0 descriptor?? [ 1161.494237][T15177] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1161.518061][ T6062] keyspan 3-1:0.11: Keyspan 2 port adapter converter detected [ 1161.537076][ T6062] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 87 [ 1161.551710][ T6062] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 81 [ 1161.560286][ T6062] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 82 [ 1161.568954][ T6062] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 1 [ 1161.577293][ T6062] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 2 [ 1161.585520][ T6062] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 85 [ 1161.594138][ T6062] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 5 [ 1161.720447][ T6062] usb 3-1: Keyspan 2 port adapter converter now attached to ttyUSB0 [ 1161.741380][ T6062] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 83 [ 1161.761324][ T6062] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 84 [ 1161.769633][ T6062] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 3 [ 1161.781209][ T6062] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 4 [ 1161.789618][ T6062] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 86 [ 1161.798195][ T6062] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 6 [ 1162.213157][ T6062] usb 3-1: Keyspan 2 port adapter converter now attached to ttyUSB1 [ 1162.331721][ T6062] usb 3-1: USB disconnect, device number 9 [ 1162.403083][ T6062] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0 [ 1162.479289][ T6062] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1 [ 1162.493442][ T6062] keyspan 3-1:0.11: device disconnected [ 1163.320345][T15208] xt_nat: multiple ranges no longer supported [ 1163.625664][T15214] netlink: 'syz.0.4494': attribute type 12 has an invalid length. [ 1164.362935][ T6062] usb 4-1: new high-speed USB device number 117 using dummy_hcd [ 1164.545627][ T6062] usb 4-1: Using ep0 maxpacket: 16 [ 1164.590343][ T6062] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 63, changing to 7 [ 1164.602222][ T6062] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1164.612596][ T6062] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1164.734686][ T6062] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1164.753312][ T6062] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1164.761918][ T6062] usb 4-1: Product: syz [ 1164.766350][ T6062] usb 4-1: Manufacturer: syz [ 1164.771292][ T6062] usb 4-1: SerialNumber: syz [ 1165.251270][ T6062] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 1165.490059][ T6062] usb 4-1: USB disconnect, device number 117 [ 1165.810672][ T6269] udevd[6269]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1166.471359][ T30] audit: type=1326 audit(2000000573.827:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15248 comm="syz.3.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3efd78d169 code=0x7ffc0000 [ 1166.494816][ T30] audit: type=1326 audit(2000000573.827:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15248 comm="syz.3.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3efd78d169 code=0x7ffc0000 [ 1166.743025][ T30] audit: type=1326 audit(2000000573.910:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15248 comm="syz.3.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f3efd78d169 code=0x7ffc0000 [ 1166.766998][ T30] audit: type=1326 audit(2000000573.910:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15248 comm="syz.3.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3efd78d169 code=0x7ffc0000 [ 1166.790176][ T30] audit: type=1326 audit(2000000573.910:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15248 comm="syz.3.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3efd78d169 code=0x7ffc0000 [ 1166.985439][T15255] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 1167.763405][T15269] loop2: detected capacity change from 0 to 256 [ 1167.984515][T15273] loop3: detected capacity change from 0 to 512 [ 1168.164807][T15273] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 1168.173284][T15273] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 1168.329895][T15273] EXT4-fs (loop3): 1 truncate cleaned up [ 1168.338485][T15273] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1168.521616][T15273] EXT4-fs error (device loop3): ext4_map_blocks:674: inode #2: block 4: comm syz.3.4522: lblock 0 mapped to illegal pblock 4 (length 1) [ 1168.641410][T15285] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1168.749424][ T6062] usb 5-1: new high-speed USB device number 96 using dummy_hcd [ 1168.950083][ T6028] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1168.989842][ T6062] usb 5-1: Using ep0 maxpacket: 16 [ 1169.089988][ T6062] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1169.099964][ T6062] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1169.108591][ T6062] usb 5-1: Product: syz [ 1169.113048][ T6062] usb 5-1: Manufacturer: syz [ 1169.118103][ T6062] usb 5-1: SerialNumber: syz [ 1169.159101][ T6062] r8152-cfgselector 5-1: Unknown version 0x0000 [ 1169.166306][ T6062] r8152-cfgselector 5-1: config 0 descriptor?? [ 1169.742992][ T6069] r8152-cfgselector 5-1: USB disconnect, device number 96 [ 1169.807973][T15295] warning: `syz.1.4531' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 1170.473844][T15305] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4536'. [ 1170.765033][T15309] delete_channel: no stack [ 1170.941010][T15311] loop4: detected capacity change from 0 to 512 [ 1171.070495][T15311] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 1171.079079][T15311] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002] [ 1171.088631][T15311] EXT4-fs (loop4): orphan cleanup on readonly fs [ 1171.100119][T15311] EXT4-fs warning (device loop4): ext4_block_to_path:107: block 3279949761 > max in inode 13 [ 1171.110802][T15311] EXT4-fs warning (device loop4): ext4_block_to_path:107: block 3279949762 > max in inode 13 [ 1171.132765][T15311] EXT4-fs (loop4): 1 truncate cleaned up [ 1171.141038][T15311] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1171.195881][T15311] EXT4-fs warning (device loop4): dx_probe:863: inode #2: comm syz.4.4539: dx entry: limit 65535 != root limit 120 [ 1171.209172][T15311] EXT4-fs warning (device loop4): dx_probe:936: inode #2: comm syz.4.4539: Corrupt directory, running e2fsck is recommended [ 1171.447103][ T6069] usb 1-1: new low-speed USB device number 108 using dummy_hcd [ 1171.531875][ T6019] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1171.698046][ T6069] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1171.709751][ T6069] usb 1-1: config 1 interface 0 altsetting 131 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1171.724015][ T6069] usb 1-1: config 1 interface 0 has no altsetting 0 [ 1171.800389][T15322] loop3: detected capacity change from 0 to 64 [ 1171.849123][ T6069] usb 1-1: string descriptor 0 read error: -22 [ 1171.856166][ T6069] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1171.865816][ T6069] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1172.014592][ T6069] cdc_ether 1-1:1.0: invalid descriptor buffer length [ 1172.022979][ T6069] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 1172.045563][T15322] Trying to free block not in datazone [ 1172.051899][T15322] Trying to free block not in datazone [ 1172.058085][T15322] Trying to free block not in datazone [ 1172.066076][T15322] Trying to free block not in datazone [ 1172.071772][T15322] Trying to free block not in datazone [ 1172.078199][T15322] minix_free_block (loop3:6): bit already cleared [ 1172.084939][T15322] Trying to free block not in datazone [ 1172.090930][T15322] Trying to free block not in datazone [ 1172.137356][ T30] audit: type=1800 audit(2000000579.052:40): pid=15325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4546" name="SYSV798dd81a" dev="hugetlbfs" ino=0 res=0 errno=0 [ 1172.279866][ T6069] usb 1-1: USB disconnect, device number 108 [ 1174.395533][T15348] loop1: detected capacity change from 0 to 4096 [ 1174.520725][T15348] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 1174.530061][T15348] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 1174.538519][T15348] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 1174.546900][T15348] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 1174.555190][T15348] ntfs3(loop1): try to read out of volume at offset 0x3fffffc1c00 [ 1174.563683][T15348] ntfs3(loop1): try to read out of volume at offset 0x3fffffc2c00 [ 1174.572683][T15348] ntfs3(loop1): try to read out of volume at offset 0x3fffffc4c00 [ 1174.581041][T15348] ntfs3(loop1): try to read out of volume at offset 0x3fffffc8c00 [ 1174.589468][T15348] ntfs3(loop1): try to read out of volume at offset 0x3fffffd0c00 [ 1174.597712][T15348] ntfs3(loop1): try to read out of volume at offset 0x3fffffe0c00 [ 1175.467622][T15368] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4567'. [ 1176.322640][T15380] netlink: 9 bytes leftover after parsing attributes in process `syz.2.4573'. [ 1176.332196][T15380] 0·: renamed from veth0_virt_wifi (while UP) [ 1176.430896][T15380] 0·: entered allmulticast mode [ 1176.438852][T15380] A link change request failed with some changes committed already. Interface c0· may have been left with an inconsistent configuration, please check. [ 1178.623851][T15418] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4592'. [ 1179.333136][T15431] ip6t_srh: unknown srh invflags 7863 [ 1180.305859][T15443] IPv6: Can't replace route, no match found [ 1180.633419][T15447] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4604'. [ 1181.422506][T15458] loop2: detected capacity change from 0 to 256 [ 1181.527460][T15458] exfat: Deprecated parameter 'utf8' [ 1181.534200][T15458] exfat: Deprecated parameter 'utf8' [ 1181.644812][T15459] Can't find a SQUASHFS superblock on nullb0 [ 1181.908846][T15458] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xa943978a, utbl_chksum : 0xe619d30d) [ 1182.668124][T15471] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4617'. [ 1183.395020][ T6062] usb 5-1: new high-speed USB device number 97 using dummy_hcd [ 1183.614319][ T6062] usb 5-1: Using ep0 maxpacket: 16 [ 1183.644930][ T6062] usb 5-1: config 0 has an invalid interface number: 224 but max is 0 [ 1183.654037][ T6062] usb 5-1: config 0 has no interface number 0 [ 1183.660726][ T6062] usb 5-1: config 0 interface 224 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 1183.671178][ T6062] usb 5-1: config 0 interface 224 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 1183.849971][ T6062] usb 5-1: New USB device found, idVendor=0402, idProduct=5632, bcdDevice=f3.ac [ 1183.859686][ T6062] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1183.868525][ T6062] usb 5-1: Product: syz [ 1183.872996][ T6062] usb 5-1: Manufacturer: syz [ 1183.878118][ T6062] usb 5-1: SerialNumber: syz [ 1183.985845][ T6062] usb 5-1: config 0 descriptor?? [ 1183.994014][T15478] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 1184.060282][T15478] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 1184.373931][ T6062] cdc_subset 5-1:0.224: probe with driver cdc_subset failed with error -71 [ 1184.438080][T15492] delete_channel: no stack [ 1184.494979][ T6062] usb 5-1: USB disconnect, device number 97 [ 1184.629149][T15499] gfs2: not a GFS2 filesystem [ 1185.621211][T15509] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4636'. [ 1187.349279][ T30] audit: type=1326 audit(2000000593.100:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15534 comm="syz.2.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f395df8d169 code=0x7ffc0000 [ 1187.379057][ T30] audit: type=1326 audit(2000000593.100:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15534 comm="syz.2.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f395df8d169 code=0x7ffc0000 [ 1187.552021][ T30] audit: type=1326 audit(2000000593.183:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15534 comm="syz.2.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=145 compat=0 ip=0x7f395df8d169 code=0x7ffc0000 [ 1187.575384][ T30] audit: type=1326 audit(2000000593.183:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15534 comm="syz.2.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f395df8d169 code=0x7ffc0000 [ 1187.604846][ T30] audit: type=1326 audit(2000000593.183:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15534 comm="syz.2.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f395df8d169 code=0x7ffc0000 [ 1188.266833][T15547] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4655'. [ 1189.083242][T15556] __vm_enough_memory: pid: 15556, comm: syz.0.4659, bytes: 4503599627366400 not enough memory for the allocation [ 1189.622974][T15563] loop1: detected capacity change from 0 to 256 [ 1190.091671][T15563] FAT-fs (loop1): Directory bread(block 64) failed [ 1190.099082][T15563] FAT-fs (loop1): Directory bread(block 65) failed [ 1190.106575][T15563] FAT-fs (loop1): Directory bread(block 66) failed [ 1190.113460][T15563] FAT-fs (loop1): Directory bread(block 67) failed [ 1190.120580][T15563] FAT-fs (loop1): Directory bread(block 68) failed [ 1190.127615][T15563] FAT-fs (loop1): Directory bread(block 69) failed [ 1190.134634][T15563] FAT-fs (loop1): Directory bread(block 70) failed [ 1190.141730][T15563] FAT-fs (loop1): Directory bread(block 71) failed [ 1190.151229][T15563] FAT-fs (loop1): Directory bread(block 72) failed [ 1190.158998][T15563] FAT-fs (loop1): Directory bread(block 73) failed [ 1190.277470][T15552] loop2: detected capacity change from 0 to 8192 [ 1190.551566][T15573] sit0: entered promiscuous mode [ 1190.573790][T15573] netlink: 'syz.4.4667': attribute type 1 has an invalid length. [ 1190.582486][T15573] netlink: 1 bytes leftover after parsing attributes in process `syz.4.4667'. [ 1191.533792][T15583] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4671'. [ 1192.421099][ T30] audit: type=1400 audit(2000000597.779:46): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AA009F5 pid=15595 comm="syz.0.4678" [ 1193.667785][T15616] netlink: 'syz.3.4688': attribute type 10 has an invalid length. [ 1193.676049][T15616] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4688'. [ 1193.685511][T15616] batadv0: entered promiscuous mode [ 1193.691106][T15616] batadv0: entered allmulticast mode [ 1193.703828][T15616] bridge0: port 3(batadv0) entered blocking state [ 1193.711275][T15616] bridge0: port 3(batadv0) entered disabled state [ 1193.727947][T15616] bridge0: port 3(batadv0) entered blocking state [ 1193.735268][T15616] bridge0: port 3(batadv0) entered forwarding state [ 1194.169607][T13854] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 1194.179925][T13854] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 1194.407390][T15626] netlink: 'syz.1.4693': attribute type 26 has an invalid length. [ 1195.115194][T15637] xt_l2tp: wrong L2TP version: 0 [ 1195.740790][T15648] netlink: 220 bytes leftover after parsing attributes in process `syz.1.4704'. [ 1196.745221][T15661] SET target dimension over the limit! [ 1198.782579][T15696] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4728'. [ 1199.216390][T15701] netlink: 'syz.0.4730': attribute type 10 has an invalid length. [ 1199.225768][T15701] vlan1: entered allmulticast mode [ 1199.231358][T15701] veth0_vlan: entered allmulticast mode [ 1199.266638][T15701] team0: Port device vlan1 added [ 1200.219234][T15717] loop1: detected capacity change from 0 to 256 [ 1200.825153][T15717] FAT-fs (loop1): Directory bread(block 64) failed [ 1200.832345][T15717] FAT-fs (loop1): Directory bread(block 65) failed [ 1200.839321][T15717] FAT-fs (loop1): Directory bread(block 66) failed [ 1200.846414][T15717] FAT-fs (loop1): Directory bread(block 67) failed [ 1200.853611][T15717] FAT-fs (loop1): Directory bread(block 68) failed [ 1200.860503][T15717] FAT-fs (loop1): Directory bread(block 69) failed [ 1200.867717][T15717] FAT-fs (loop1): Directory bread(block 70) failed [ 1200.874652][T15717] FAT-fs (loop1): Directory bread(block 71) failed [ 1200.881739][T15717] FAT-fs (loop1): Directory bread(block 72) failed [ 1200.888709][T15717] FAT-fs (loop1): Directory bread(block 73) failed [ 1200.951146][T15722] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4741'. [ 1202.363444][T15743] openvswitch: netlink: VXLAN extension 26 out of range max 1 [ 1203.007853][T10069] usb 2-1: new high-speed USB device number 104 using dummy_hcd [ 1203.213230][T10069] usb 2-1: Using ep0 maxpacket: 16 [ 1203.296937][T10069] usb 2-1: config 0 has an invalid interface number: 126 but max is 0 [ 1203.309552][T10069] usb 2-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 1203.320308][T10069] usb 2-1: config 0 has no interface number 0 [ 1203.326822][T10069] usb 2-1: config 0 interface 126 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87 [ 1203.339051][T10069] usb 2-1: config 0 interface 126 altsetting 0 endpoint 0x87 has invalid maxpacket 34328, setting to 1024 [ 1203.352635][T10069] usb 2-1: config 0 interface 126 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64 [ 1203.364669][T10069] usb 2-1: config 0 interface 126 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1 [ 1203.378151][T10069] usb 2-1: config 0 interface 126 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 1203.394640][T10069] usb 2-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88 [ 1203.404325][T10069] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1203.707911][T10069] usb 2-1: config 0 descriptor?? [ 1203.716015][T15749] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1203.755811][T15749] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1203.787878][T10069] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 1204.077705][T10069] usb 2-1: USB disconnect, device number 104 [ 1204.319635][T15767] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4763'. [ 1204.507201][ T6495] udevd[6495]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.126/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1204.584714][T15771] netlink: 'syz.0.4765': attribute type 3 has an invalid length. [ 1204.594591][T15771] netlink: 'syz.0.4765': attribute type 3 has an invalid length. [ 1204.603343][T15771] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4765'. [ 1204.616939][T15760] Bluetooth: hci4: Opcode 0x0401 failed: -4 [ 1205.034046][T15773] netlink: 17 bytes leftover after parsing attributes in process `syz.4.4766'. [ 1205.044578][T15773] netlink: zone id is out of range [ 1205.049945][T15773] netlink: zone id is out of range [ 1205.055479][T15773] netlink: zone id is out of range [ 1205.060828][T15773] netlink: zone id is out of range [ 1205.066458][T15773] netlink: zone id is out of range [ 1205.071802][T15773] netlink: zone id is out of range [ 1205.077383][T15773] netlink: zone id is out of range [ 1205.082730][T15773] netlink: zone id is out of range [ 1205.088573][T15773] netlink: zone id is out of range [ 1205.396579][T15781] xt_l2tp: unknown flags: 17 [ 1205.839535][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 1205.846514][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 1205.868288][T15787] loop3: detected capacity change from 0 to 256 [ 1206.221354][T15787] FAT-fs (loop3): Directory bread(block 64) failed [ 1206.228646][T15787] FAT-fs (loop3): Directory bread(block 65) failed [ 1206.244170][T15787] FAT-fs (loop3): Directory bread(block 66) failed [ 1206.253844][T15787] FAT-fs (loop3): Directory bread(block 67) failed [ 1206.261112][T15787] FAT-fs (loop3): Directory bread(block 68) failed [ 1206.268163][T15787] FAT-fs (loop3): Directory bread(block 69) failed [ 1206.275150][T15787] FAT-fs (loop3): Directory bread(block 70) failed [ 1206.282334][T15787] FAT-fs (loop3): Directory bread(block 71) failed [ 1206.289715][T15787] FAT-fs (loop3): Directory bread(block 72) failed [ 1206.296537][T15787] FAT-fs (loop3): Directory bread(block 73) failed [ 1207.302544][T15806] usb usb1: usbfs: process 15806 (syz.4.4781) did not claim interface 0 before use [ 1208.105340][T15816] loop3: detected capacity change from 0 to 256 [ 1208.889387][T15829] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4794'. [ 1208.908060][T15829] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 1209.606319][T15840] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4799'. [ 1209.615809][T15840] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4799'. [ 1210.748312][T15856] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4807'. [ 1212.340238][T15880] loop1: detected capacity change from 0 to 256 [ 1212.402976][T15880] MINIX-fs: mounting file system with errors, running fsck is recommended [ 1212.505150][T15880] Trying to free block not in datazone [ 1212.509558][T15882] netlink: 'syz.3.4820': attribute type 2 has an invalid length. [ 1212.510927][T15880] Trying to free block not in datazone [ 1212.525060][T15880] Trying to free block not in datazone [ 1212.531490][T15880] Trying to free block not in datazone [ 1212.537212][T15880] Trying to free block not in datazone [ 1212.543103][T15880] Trying to free block not in datazone [ 1212.548795][T15880] Trying to free block not in datazone [ 1212.564843][ T30] audit: type=1800 audit(2000000616.322:47): pid=15880 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4819" name="file2" dev="loop1" ino=6 res=0 errno=0 [ 1212.727434][T15880] Trying to free block not in datazone [ 1212.733325][T15880] Trying to free block not in datazone [ 1212.739415][T15880] Trying to free block not in datazone [ 1214.653221][T15912] vim2m vim2m.0: Fourcc format (0x31384142) invalid. [ 1214.993867][T15916] net_ratelimit: 76 callbacks suppressed [ 1214.993952][T15916] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1218.093114][T15965] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4860'. [ 1218.114297][T15965] unsupported nlmsg_type 40 [ 1220.090615][T15996] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4877'. [ 1220.496050][T10069] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 1220.721358][T10069] usb 3-1: Using ep0 maxpacket: 8 [ 1220.742383][T10069] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1220.752489][T10069] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 1220.868143][T10069] usb 3-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52 [ 1220.887970][T10069] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1220.896602][T10069] usb 3-1: Product: syz [ 1220.901166][T10069] usb 3-1: Manufacturer: syz [ 1220.906283][T10069] usb 3-1: SerialNumber: syz [ 1221.041459][T10069] usb 3-1: config 0 descriptor?? [ 1221.577105][T10069] usb 3-1: USB disconnect, device number 10 [ 1222.799350][ T30] audit: type=1326 audit(2000000625.811:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16031 comm="syz.2.4895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f395df8d169 code=0x7ffc0000 [ 1222.830243][T16029] loop1: detected capacity change from 0 to 1024 [ 1222.931450][ T30] audit: type=1326 audit(2000000625.885:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16031 comm="syz.2.4895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7f395df8d169 code=0x7ffc0000 [ 1222.955279][ T30] audit: type=1326 audit(2000000625.885:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16031 comm="syz.2.4895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f395df8d169 code=0x7ffc0000 [ 1223.572646][T16042] bio_check_eod: 2 callbacks suppressed [ 1223.572728][T16042] syz.0.4900: attempt to access beyond end of device [ 1223.572728][T16042] nbd0: rw=0, sector=0, nr_sectors = 2 limit=0 [ 1223.705572][ T6062] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 1223.927888][ T6062] usb 3-1: Using ep0 maxpacket: 8 [ 1223.978962][ T6062] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1224.045907][ T6062] usb 3-1: config 4 has an invalid interface number: 147 but max is 0 [ 1224.054920][ T6062] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1224.065780][ T6062] usb 3-1: config 4 has no interface number 0 [ 1224.178000][ T6062] usb 3-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1224.187857][ T6062] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1224.196273][ T6062] usb 3-1: Product: syz [ 1224.201092][ T6062] usb 3-1: Manufacturer: syz [ 1224.212746][ T6062] usb 3-1: SerialNumber: syz [ 1224.826613][ T6062] usb 3-1: Found UVC 0.02 device syz (04f2:b746) [ 1224.833900][ T6062] usb 3-1: No valid video chain found. [ 1224.924944][ T6062] usb 3-1: USB disconnect, device number 11 [ 1226.284500][T16070] loop3: detected capacity change from 0 to 2048 [ 1226.545022][T16070] EXT4-fs (loop3): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1226.713426][T16070] EXT4-fs error (device loop3): __ext4_iget:5004: inode #12: block 2: comm syz.3.4914: invalid block [ 1227.041450][ T6028] EXT4-fs (loop3): unmounting filesystem 00000000-0700-0000-0000-000000000000. [ 1227.396203][T16090] xt_policy: too many policy elements [ 1227.811208][T16094] loop1: detected capacity change from 0 to 764 [ 1227.955475][T16098] IPVS: length: 158 != 24 [ 1228.912260][T16111] netlink: 'syz.4.4931': attribute type 3 has an invalid length. [ 1228.920349][T16111] netlink: 'syz.4.4931': attribute type 3 has an invalid length. [ 1228.929361][T16111] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4931'. [ 1229.028014][T16113] program syz.3.4932 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1231.582059][ T30] audit: type=1326 audit(2000000633.915:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16144 comm="syz.3.4948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3efd78d169 code=0x7ffc0000 [ 1231.704745][ T30] audit: type=1326 audit(2000000633.961:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16144 comm="syz.3.4948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f3efd78d169 code=0x7ffc0000 [ 1231.727780][ T30] audit: type=1326 audit(2000000633.961:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16144 comm="syz.3.4948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3efd78d169 code=0x7ffc0000 [ 1231.757283][ T30] audit: type=1326 audit(2000000633.970:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16144 comm="syz.3.4948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3efd78d169 code=0x7ffc0000 [ 1233.148916][T16165] loop4: detected capacity change from 0 to 1764 [ 1233.663162][T16180] overlayfs: conflicting options: verity=require,redirect_dir=nofollow [ 1234.319936][T16190] xt_hashlimit: invalid interval [ 1234.890080][T16198] loop3: detected capacity change from 0 to 764 [ 1235.003282][T16198] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 1235.743477][T16210] ieee802154 phy0 wpan0: encryption failed: -22 [ 1236.358920][T16218] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4984'. [ 1236.368425][T16218] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4984'. [ 1236.666203][T16224] tmpfs: Bad value for 'mpol' [ 1237.835161][T16240] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4995'. [ 1238.089195][T16242] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4996'. [ 1238.421879][T16249] loop3: detected capacity change from 0 to 128 [ 1240.037681][T16271] loop1: detected capacity change from 0 to 164 [ 1240.360228][T16277] netlink: 830 bytes leftover after parsing attributes in process `syz.4.5014'. [ 1242.098129][T16300] netlink: 64 bytes leftover after parsing attributes in process `syz.3.5025'. [ 1242.529417][T16309] loop4: detected capacity change from 0 to 2048 [ 1242.912178][T16309] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1242.925180][T16309] ext4 filesystem being mounted at /962/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1242.951519][T16315] loop1: detected capacity change from 0 to 256 [ 1243.126352][T10069] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 1243.321986][T10069] usb 3-1: Using ep0 maxpacket: 32 [ 1243.344664][T16315] FAT-fs (loop1): Directory bread(block 64) failed [ 1243.351642][T16315] FAT-fs (loop1): Directory bread(block 65) failed [ 1243.360133][T16315] FAT-fs (loop1): Directory bread(block 66) failed [ 1243.367491][T16315] FAT-fs (loop1): Directory bread(block 67) failed [ 1243.371328][T10069] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1243.374480][T16315] FAT-fs (loop1): Directory bread(block 68) failed [ 1243.389217][T16315] FAT-fs (loop1): Directory bread(block 69) failed [ 1243.404604][T16315] FAT-fs (loop1): Directory bread(block 70) failed [ 1243.414261][T16315] FAT-fs (loop1): Directory bread(block 71) failed [ 1243.420589][T10069] usb 3-1: config 128 has an invalid interface number: 127 but max is 3 [ 1243.421328][T16315] FAT-fs (loop1): Directory bread(block 72) failed [ 1243.429794][T10069] usb 3-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config [ 1243.436280][T16315] FAT-fs (loop1): Directory bread(block 73) failed [ 1243.454103][T10069] usb 3-1: config 128 has 1 interface, different from the descriptor's value: 4 [ 1243.463840][T10069] usb 3-1: config 128 has no interface number 0 [ 1243.470427][T10069] usb 3-1: config 128 interface 127 altsetting 14 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 1243.482086][T10069] usb 3-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1243.492617][T10069] usb 3-1: config 128 interface 127 has no altsetting 0 [ 1243.597724][ T6019] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1243.660699][T10069] usb 3-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55 [ 1243.671720][T10069] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1243.680199][T10069] usb 3-1: Product: syz [ 1243.684657][T10069] usb 3-1: Manufacturer: syz [ 1243.689621][T10069] usb 3-1: SerialNumber: syz [ 1243.753284][ T30] audit: type=1800 audit(2000000006.110:55): pid=16315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.5030" name="file1" dev="loop1" ino=11 res=0 errno=0 [ 1244.261266][T10069] usb 3-1: USB disconnect, device number 12 [ 1244.629983][ T6174] udevd[6174]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:128.127/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1245.169287][T16340] overlay: Unknown parameter '\' [ 1245.855699][T16350] xt_TCPMSS: Only works on TCP SYN packets [ 1246.366390][T16356] netlink: 'syz.4.5050': attribute type 12 has an invalid length. [ 1247.235102][T16371] loop1: detected capacity change from 0 to 512 [ 1247.545095][T16371] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1247.559313][T16371] ext4 filesystem being mounted at /993/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1248.151435][ T6017] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1248.490328][T16390] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5065'. [ 1250.137605][T16414] netlink: 80 bytes leftover after parsing attributes in process `syz.0.5078'. [ 1250.625270][T16422] delete_channel: no stack [ 1251.136614][T10069] usb 2-1: new high-speed USB device number 105 using dummy_hcd [ 1251.349850][T10069] usb 2-1: Using ep0 maxpacket: 32 [ 1251.388456][T10069] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1251.416847][T10069] usb 2-1: config 7 has an invalid interface number: 187 but max is 0 [ 1251.425632][T10069] usb 2-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 1251.436205][T10069] usb 2-1: config 7 has no interface number 0 [ 1251.442652][T10069] usb 2-1: config 7 interface 187 altsetting 6 bulk endpoint 0x4 has invalid maxpacket 947 [ 1251.453262][T10069] usb 2-1: config 7 interface 187 altsetting 6 endpoint 0x7 has invalid wMaxPacketSize 0 [ 1251.463715][T10069] usb 2-1: config 7 interface 187 altsetting 6 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1251.477304][T10069] usb 2-1: config 7 interface 187 has no altsetting 0 [ 1251.590908][T10069] usb 2-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 1251.600472][T10069] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1251.610851][T10069] usb 2-1: Product: syz [ 1251.615289][T10069] usb 2-1: Manufacturer: syz [ 1251.620924][T10069] usb 2-1: SerialNumber: syz [ 1251.746378][T16428] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1251.819019][ T6070] usb 5-1: new high-speed USB device number 98 using dummy_hcd [ 1252.033679][ T6070] usb 5-1: Using ep0 maxpacket: 32 [ 1252.087929][T10069] usb 2-1: Limiting number of CPorts to U8_MAX [ 1252.097836][T10069] usb 2-1: Unknown endpoint type found, address 0x07 [ 1252.105058][T10069] usb 2-1: Not enough endpoints found in device, aborting! [ 1252.150101][ T6070] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1252.167393][ T6070] usb 5-1: config 7 has an invalid interface number: 187 but max is 0 [ 1252.176063][ T6070] usb 5-1: config 7 has no interface number 0 [ 1252.182526][ T6070] usb 5-1: config 7 interface 187 has no altsetting 0 [ 1252.268528][ T6070] usb 5-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 1252.280876][ T6070] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1252.290862][ T6070] usb 5-1: Product: syz [ 1252.295525][ T6070] usb 5-1: Manufacturer: syz [ 1252.300395][ T6070] usb 5-1: SerialNumber: syz [ 1252.328080][ T6062] usb 2-1: USB disconnect, device number 105 [ 1252.705848][T16447] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5094'. [ 1252.727400][T16447] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5094'. [ 1252.965241][ T6070] usb 5-1: Cannot retrieve CPort count: -110 [ 1252.971790][ T6070] usb 5-1: Cannot retrieve CPort count: -110 [ 1252.978388][ T6070] es2_ap_driver 5-1:7.187: probe with driver es2_ap_driver failed with error -110 [ 1253.441866][ T6070] usb 5-1: USB disconnect, device number 98 [ 1253.795270][T16459] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5100'. [ 1253.805003][T16459] netlink: 224 bytes leftover after parsing attributes in process `syz.4.5100'. [ 1254.370477][T16467] SET target dimension over the limit! [ 1255.248801][T16483] netlink: 'syz.3.5112': attribute type 1 has an invalid length. [ 1256.106334][T16496] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5118'. [ 1257.361528][T16515] netlink: 300 bytes leftover after parsing attributes in process `syz.3.5127'. [ 1259.022842][T16538] loop4: detected capacity change from 0 to 1024 [ 1259.059457][T16538] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1259.105940][T16538] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 1259.139611][T16538] System zones: 0-1, 3-36 [ 1259.196857][T16538] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1259.824496][ T6019] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1260.852400][T16567] loop3: detected capacity change from 0 to 256 [ 1260.893163][T16570] loop4: detected capacity change from 0 to 128 [ 1260.939957][T16571] loop1: detected capacity change from 0 to 64 [ 1261.762399][T16582] xt_TCPMSS: Only works on TCP SYN packets [ 1262.276512][T16588] 9pnet_fd: p9_fd_create_tcp (16588): problem connecting socket to 127.0.0.1 [ 1264.915669][T16617] loop2: detected capacity change from 0 to 4096 [ 1265.056899][T16617] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 1266.271548][T16646] netlink: 'syz.3.5191': attribute type 2 has an invalid length. [ 1266.279954][T16646] netlink: 'syz.3.5191': attribute type 8 has an invalid length. [ 1266.288046][T16646] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5191'. [ 1267.167448][ T6070] usb 1-1: new high-speed USB device number 109 using dummy_hcd [ 1267.371466][ T6070] usb 1-1: config 220 has an invalid interface number: 76 but max is 2 [ 1267.380706][ T6070] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1267.391461][ T6070] usb 1-1: config 220 has no interface number 2 [ 1267.399587][ T6070] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1267.413483][ T6070] usb 1-1: config 220 interface 0 has no altsetting 0 [ 1267.420710][ T6070] usb 1-1: config 220 interface 76 has no altsetting 0 [ 1267.428134][ T6070] usb 1-1: config 220 interface 1 has no altsetting 0 [ 1267.645167][ T6070] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1267.654807][ T6070] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1267.663114][ T6070] usb 1-1: Product: syz [ 1267.667956][ T6070] usb 1-1: Manufacturer: syz [ 1267.673301][ T6070] usb 1-1: SerialNumber: syz [ 1268.100041][ T6070] usb 1-1: selecting invalid altsetting 0 [ 1268.106751][ T6070] usb 1-1: Found UVC 7.01 device syz (8086:0b07) [ 1268.113869][ T6070] usb 1-1: No valid video chain found. [ 1268.287293][ T6070] usb 1-1: selecting invalid altsetting 0 [ 1268.293400][ T6070] usbtest 1-1:220.1: probe with driver usbtest failed with error -22 [ 1268.383189][ T6070] usb 1-1: USB disconnect, device number 109 [ 1269.322710][T16682] netlink: 'syz.4.5210': attribute type 10 has an invalid length. [ 1269.331571][T16682] ipvlan1: entered promiscuous mode [ 1269.337352][T16682] ipvlan1: entered allmulticast mode [ 1269.342908][T16682] veth0_vlan: entered allmulticast mode [ 1269.349929][T16682] bond0: (slave ipvlan1): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 1269.371204][T16682] bond0: (slave ipvlan1): The slave device specified does not support setting the MAC address [ 1269.385499][T16682] bond0: (slave ipvlan1): Error -95 calling set_mac_address [ 1270.039017][T16696] loop4: detected capacity change from 0 to 64 [ 1270.678462][T16704] netlink: 'syz.0.5220': attribute type 20 has an invalid length. [ 1272.384495][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 1272.394089][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 1273.326879][T16745] loop3: detected capacity change from 0 to 64 [ 1275.120571][T16769] netlink: 96 bytes leftover after parsing attributes in process `syz.2.5252'. [ 1275.132363][T16769] netlink: 96 bytes leftover after parsing attributes in process `syz.2.5252'. [ 1276.783862][T16793] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.5265'. [ 1277.468220][T16803] ieee802154 phy0 wpan0: encryption failed: -22 [ 1278.430783][T10069] usb 4-1: new high-speed USB device number 118 using dummy_hcd [ 1278.662396][T10069] usb 4-1: Using ep0 maxpacket: 8 [ 1278.703157][T10069] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 1278.712072][T10069] usb 4-1: config 179 has no interface number 0 [ 1278.718808][T10069] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 1278.730823][T10069] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 1278.742766][T10069] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 1278.754576][T10069] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 1278.766692][T10069] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1278.781354][T10069] usb 4-1: config 179 interface 65 has no altsetting 0 [ 1278.789991][T10069] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 1278.799911][T10069] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1279.041077][T10069] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input42 [ 1279.115690][ T5137] input input42: unable to receive magic message: -110 [ 1279.175141][T16825] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5279'. [ 1279.204977][ T5137] input input42: unable to receive magic message: -32 [ 1279.242814][T16825] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 1279.265776][ T5137] input input42: unable to receive magic message: -32 [ 1279.339244][ T5137] input input42: unable to receive magic message: -32 [ 1279.539350][ T6062] usb 4-1: USB disconnect, device number 118 [ 1279.539347][ C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1279.557321][ T6062] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 1281.349596][T16851] loop4: detected capacity change from 0 to 512 [ 1281.461489][T16851] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c018, mo2=0002] [ 1281.507104][T16851] System zones: 1-12 [ 1281.541379][T16851] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13 [ 1281.584123][T16851] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.5292: attempt to clear invalid blocks 2 len 1 [ 1281.599806][T16859] xt_connbytes: Forcing CT accounting to be enabled [ 1281.600017][T16859] --map-set only usable from mangle table [ 1281.657312][T16851] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 1281.674727][T16851] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.5292: invalid indirect mapped block 1819239214 (level 0) [ 1281.734604][T16862] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 1281.746776][T16862] overlayfs: conflicting options: userxattr,metacopy=on [ 1281.832851][T16851] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.5292: invalid indirect mapped block 1819239214 (level 1) [ 1281.890331][T16851] EXT4-fs (loop4): 1 truncate cleaned up [ 1281.908216][T16851] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1281.994898][T16851] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1285.577079][T16920] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5325'. [ 1287.160796][ T30] audit: type=1326 audit(2000000046.205:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16943 comm="syz.3.5339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3efd78d169 code=0x7ffc0000 [ 1287.189549][T16945] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 1287.274752][ T30] audit: type=1326 audit(2000000046.251:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16943 comm="syz.3.5339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3efd78d169 code=0x7ffc0000 [ 1287.298227][ T30] audit: type=1326 audit(2000000046.269:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16943 comm="syz.3.5339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7f3efd78d169 code=0x7ffc0000 [ 1287.323714][ T30] audit: type=1326 audit(2000000046.269:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16943 comm="syz.3.5339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3efd78d169 code=0x7ffc0000 [ 1287.348124][ T30] audit: type=1326 audit(2000000046.269:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16943 comm="syz.3.5339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3efd78d169 code=0x7ffc0000 [ 1287.980767][T16954] netlink: 260 bytes leftover after parsing attributes in process `syz.4.5344'. [ 1288.435715][T16962] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5347'. [ 1289.518596][T16978] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5355'. [ 1289.601622][T16978] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5355'. [ 1292.777378][T17013] netlink: 'syz.4.5372': attribute type 4 has an invalid length. [ 1292.786031][T17013] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.5372'. [ 1293.917550][T17024] loop1: detected capacity change from 0 to 512 [ 1293.960881][T17024] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 1294.026746][ T52] Bluetooth: hci0: unexpected event for opcode 0x0809 [ 1294.231083][ T6062] usb 5-1: new high-speed USB device number 99 using dummy_hcd [ 1294.426340][ T6062] usb 5-1: Using ep0 maxpacket: 16 [ 1294.461034][ T6062] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1294.496062][ T6062] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1294.505891][ T6062] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1294.514450][ T6062] usb 5-1: SerialNumber: syz [ 1294.582310][ T6062] cdc_acm 5-1:1.0: skipping garbage [ 1294.588136][ T6062] cdc_acm 5-1:1.0: skipping garbage [ 1294.594387][ T6062] cdc_acm 5-1:1.0: invalid descriptor buffer length [ 1294.601504][ T6062] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 1294.609808][ T6062] cdc_acm 5-1:1.0: This needs exactly 3 endpoints [ 1294.616861][ T6062] cdc_acm 5-1:1.0: probe with driver cdc_acm failed with error -22 [ 1294.804673][T17034] xt_addrtype: ipv6 does not support BROADCAST matching [ 1294.821876][T17037] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_team, syncid = 3, id = 0 [ 1294.903163][ T6062] usb 5-1: USB disconnect, device number 99 [ 1295.710949][T17044] loop1: detected capacity change from 0 to 1764 [ 1295.990071][T17050] loop3: detected capacity change from 0 to 64 [ 1297.186092][ T1345] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1297.260025][T17065] loop1: detected capacity change from 0 to 8 [ 1297.429511][ T1345] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1297.682847][ T1345] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1297.876654][ T1345] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1298.392555][ T1345] bridge0: port 3(batadv0) entered disabled state [ 1298.408053][ T1345] bridge_slave_1: left allmulticast mode [ 1298.414343][ T1345] bridge_slave_1: left promiscuous mode [ 1298.421068][ T1345] bridge0: port 2(bridge_slave_1) entered disabled state [ 1298.450982][ T1345] bridge_slave_0: left allmulticast mode [ 1298.457373][ T1345] bridge_slave_0: left promiscuous mode [ 1298.464068][ T1345] bridge0: port 1(bridge_slave_0) entered disabled state [ 1299.132332][ T1345] bond0 (unregistering): (slave 0@ÿ): Releasing backup interface [ 1299.162728][ T1345] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1299.192117][ T1345] bond0 (unregistering): Released all slaves [ 1300.364257][ T1345] hsr_slave_0: left promiscuous mode [ 1300.401958][ T1345] hsr_slave_1: left promiscuous mode [ 1300.410760][ T1345] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1300.418959][ T1345] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1300.537183][ T1345] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1300.545074][ T1345] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1300.721621][ T1345] veth1_macvtap: left promiscuous mode [ 1300.727447][ T1345] veth0_macvtap: left promiscuous mode [ 1300.734386][ T1345] veth1_vlan: left promiscuous mode [ 1300.740011][ T1345] veth0_vlan: left promiscuous mode [ 1300.777544][T17093] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1300.798663][T17093] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1300.811771][T17093] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1300.875920][T17093] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1300.901554][T17093] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1302.379976][ T1345] team0 (unregistering): Port device team_slave_1 removed [ 1302.608235][ T1345] team0 (unregistering): Port device team_slave_0 removed [ 1303.213061][ T52] Bluetooth: hci4: command tx timeout [ 1303.794162][T17131] loop1: detected capacity change from 0 to 64 [ 1304.989535][ T6063] usb 5-1: new high-speed USB device number 100 using dummy_hcd [ 1305.138377][T17151] netlink: 'syz.2.5431': attribute type 10 has an invalid length. [ 1305.185363][ T6063] usb 5-1: Using ep0 maxpacket: 32 [ 1305.209073][T17151] batman_adv: batadv0: Adding interface: team0 [ 1305.215506][T17151] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1305.219997][ T6063] usb 5-1: config 0 has an invalid interface number: 149 but max is 0 [ 1305.241104][T17151] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 1305.260404][ T6063] usb 5-1: config 0 has no interface number 0 [ 1305.293009][T17092] chnl_net:caif_netlink_parms(): no params data found [ 1305.382679][ T6063] usb 5-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=44.19 [ 1305.392430][ T6063] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1305.400760][ T6063] usb 5-1: Product: syz [ 1305.409515][ T6063] usb 5-1: Manufacturer: syz [ 1305.418789][ T6063] usb 5-1: SerialNumber: syz [ 1305.477444][ T52] Bluetooth: hci4: command tx timeout [ 1305.600472][ T6063] usb 5-1: config 0 descriptor?? [ 1305.827990][T17156] netlink: 'syz.1.5433': attribute type 1 has an invalid length. [ 1305.836795][T17156] netlink: 'syz.1.5433': attribute type 2 has an invalid length. [ 1305.845287][T17156] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5433'. [ 1305.848019][ T6063] peak_usb 5-1:0.149 can0: unable to request usb[type=0 value=1] err=-71 [ 1305.870222][ T6063] peak_usb 5-1:0.149: unable to read PCAN-Chip USB firmware info (err -71) [ 1306.046062][ T6063] peak_usb 5-1:0.149: probe with driver peak_usb failed with error -71 [ 1306.128565][ T6063] usb 5-1: USB disconnect, device number 100 [ 1306.453253][T17163] bond0: (slave veth1_to_bridge): Error: Device can not be enslaved while up [ 1307.088055][T17092] bridge0: port 1(bridge_slave_0) entered blocking state [ 1307.096268][T17092] bridge0: port 1(bridge_slave_0) entered disabled state [ 1307.104366][T17092] bridge_slave_0: entered allmulticast mode [ 1307.114388][T17092] bridge_slave_0: entered promiscuous mode [ 1307.301239][T17092] bridge0: port 2(bridge_slave_1) entered blocking state [ 1307.310556][T17092] bridge0: port 2(bridge_slave_1) entered disabled state [ 1307.318865][T17092] bridge_slave_1: entered allmulticast mode [ 1307.328624][T17092] bridge_slave_1: entered promiscuous mode [ 1307.708998][T17092] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1307.767170][T17092] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1307.774244][ T52] Bluetooth: hci4: command tx timeout [ 1308.164510][T17092] team0: Port device team_slave_0 added [ 1308.248735][T17092] team0: Port device team_slave_1 added [ 1308.696320][T17092] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1308.703545][T17092] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1308.730139][T17092] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1308.917004][T17092] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1308.924455][T17092] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1308.950922][T17092] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1309.684591][T17092] hsr_slave_0: entered promiscuous mode [ 1309.695426][T17092] hsr_slave_1: entered promiscuous mode [ 1309.704595][T17092] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1309.712468][T17092] Cannot create hsr debugfs directory [ 1310.000055][ T52] Bluetooth: hci4: command tx timeout [ 1310.950395][T17222] loop2: detected capacity change from 0 to 1764 [ 1311.116132][T17222] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1311.592875][T17092] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1311.773623][T17092] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1311.922043][T17092] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1312.033628][T17092] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1312.343840][T17246] tmpfs: Bad value for 'mpol' [ 1312.879256][T17240] loop2: detected capacity change from 0 to 4096 [ 1312.967637][T17240] ntfs3(loop2): try to read out of volume at offset 0x3fffffc0c00 [ 1312.976340][T17240] ntfs3(loop2): try to read out of volume at offset 0x3fffffc0c00 [ 1312.984695][T17240] ntfs3(loop2): try to read out of volume at offset 0x3fffffc0c00 [ 1312.993171][T17240] ntfs3(loop2): try to read out of volume at offset 0x3fffffc0c00 [ 1313.001535][T17240] ntfs3(loop2): try to read out of volume at offset 0x3fffffc1c00 [ 1313.010208][T17240] ntfs3(loop2): try to read out of volume at offset 0x3fffffc2c00 [ 1313.018563][T17240] ntfs3(loop2): try to read out of volume at offset 0x3fffffc4c00 [ 1313.026800][T17240] ntfs3(loop2): try to read out of volume at offset 0x3fffffc8c00 [ 1313.035255][T17240] ntfs3(loop2): try to read out of volume at offset 0x3fffffd0c00 [ 1313.043655][T17240] ntfs3(loop2): try to read out of volume at offset 0x3fffffe0c00 [ 1313.801083][T17092] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1314.122362][T17092] 8021q: adding VLAN 0 to HW filter on device team0 [ 1314.233250][ T4194] bridge0: port 1(bridge_slave_0) entered blocking state [ 1314.241046][ T4194] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1314.414295][ T4194] bridge0: port 2(bridge_slave_1) entered blocking state [ 1314.422285][ T4194] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1315.591973][T17278] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: invalid value (253) [ 1317.041957][T17092] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1317.244609][T17300] xt_HMARK: spi-set and port-set can't be combined [ 1317.481737][ T6069] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 1317.733166][ T6069] usb 3-1: config 0 has an invalid interface number: 255 but max is 0 [ 1317.741920][ T6069] usb 3-1: config 0 has no interface number 0 [ 1317.748428][ T6069] usb 3-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30 [ 1317.760149][ T6069] usb 3-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 1317.776549][ T6069] usb 3-1: config 0 interface 255 has no altsetting 0 [ 1317.783717][ T6069] usb 3-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 1317.793168][ T6069] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1318.042064][ T6069] usb 3-1: config 0 descriptor?? [ 1318.095805][ T6069] ums-realtek 3-1:0.255: USB Mass Storage device detected [ 1318.362090][ T6069] usb 3-1: USB disconnect, device number 13 [ 1318.599701][T17320] process 'syz.4.5487' launched './file2' with NULL argv: empty string added [ 1320.241706][T17092] veth0_vlan: entered promiscuous mode [ 1320.471386][T17092] veth1_vlan: entered promiscuous mode [ 1320.890006][T17092] veth0_macvtap: entered promiscuous mode [ 1320.993260][T17092] veth1_macvtap: entered promiscuous mode [ 1321.242819][T17092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1321.253813][T17092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1321.264133][T17092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1321.275082][T17092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1321.290531][T17092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1321.304404][T17092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1321.315998][T17092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1321.327090][T17092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1321.343719][T17092] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1321.851793][T17092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1321.862705][T17092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1321.873034][T17092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1321.884013][T17092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1321.895615][T17092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1321.906565][T17092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1321.916817][T17092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1321.933498][T17092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1321.956571][T17092] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1322.234844][T17361] libceph: resolve '4' (ret=-3): failed [ 1322.411527][T17092] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1322.420759][T17092] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1322.430642][T17092] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1322.440046][T17092] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1323.333263][T17375] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.5507'. [ 1323.798641][ T6062] usb 1-1: new high-speed USB device number 110 using dummy_hcd [ 1324.068567][ T6062] usb 1-1: config index 0 descriptor too short (expected 23569, got 27) [ 1324.078127][ T6062] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1324.147722][ T6062] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 1324.158310][ T6062] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 1324.171884][ T6062] usb 1-1: Manufacturer: syz [ 1324.241257][ T6062] usb 1-1: config 0 descriptor?? [ 1324.815563][ T6062] rc_core: IR keymap rc-hauppauge not found [ 1324.822636][ T6062] Registered IR keymap rc-empty [ 1324.839624][ T6062] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 1324.854001][ T6062] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input44 [ 1325.012701][ C0] igorplugusb 1-1:0.0: Error: urb status = -32 [ 1325.121384][ T6062] usb 1-1: USB disconnect, device number 110 [ 1328.546015][T17449] netlink: 'syz.0.5531': attribute type 27 has an invalid length. [ 1329.258177][T17449] bridge0: port 2(bridge_slave_1) entered disabled state [ 1329.266961][T17449] bridge0: port 1(bridge_slave_0) entered disabled state [ 1330.223282][T17449] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1330.334639][T17449] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1330.511434][T17464] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1330.575923][T17449] batman_adv: batadv0: Interface deactivated: veth0_virt_wifi [ 1330.745048][T17449] vlan1: left allmulticast mode [ 1330.750353][T17449] veth0_vlan: left allmulticast mode [ 1331.004265][T17449] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1331.013837][T17449] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1331.023331][T17449] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1331.032945][T17449] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1331.159221][T17449] netdevsim netdevsim0 netdevsim0: left promiscuous mode [ 1331.271400][T17470] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5536'. [ 1331.945853][T17476] netlink: 72 bytes leftover after parsing attributes in process `syz.2.5537'. [ 1331.960219][T17476] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5537'. [ 1331.971940][T17476] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5537'. [ 1332.529550][ T30] audit: type=1326 audit(2000000088.063:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17483 comm="syz.1.5540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5b118d169 code=0x7ffc0000 [ 1332.670909][ T30] audit: type=1326 audit(2000000088.100:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17483 comm="syz.1.5540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7fe5b118d169 code=0x7ffc0000 [ 1332.699197][ T30] audit: type=1326 audit(2000000088.109:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17483 comm="syz.1.5540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5b118d169 code=0x7ffc0000 [ 1333.258536][ T1835] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1333.268312][ T1835] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1333.608025][ T1835] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1333.618536][ T1835] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1334.071346][ T6070] usb 1-1: new high-speed USB device number 111 using dummy_hcd [ 1334.285738][ T6070] usb 1-1: Using ep0 maxpacket: 16 [ 1334.340230][ T6070] usb 1-1: config 0 has an invalid interface number: 111 but max is 0 [ 1334.349494][ T6070] usb 1-1: config 0 has no interface number 0 [ 1334.357708][ T6070] usb 1-1: config 0 interface 111 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0 [ 1334.452727][T17506] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5548'. [ 1334.475351][ T6070] usb 1-1: New USB device found, idVendor=0a12, idProduct=5d10, bcdDevice=fc.66 [ 1334.487428][ T6070] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1334.497599][ T6070] usb 1-1: Product: syz [ 1334.506719][ T6070] usb 1-1: Manufacturer: syz [ 1334.515557][ T6070] usb 1-1: SerialNumber: syz [ 1334.676314][ T6070] usb 1-1: config 0 descriptor?? [ 1334.908967][ T6070] ushc 1-1:0.111: probe with driver ushc failed with error -110 [ 1335.044219][ T6070] usb 1-1: USB disconnect, device number 111 [ 1336.994593][T17538] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 1338.158400][ T6070] usb 2-1: new high-speed USB device number 106 using dummy_hcd [ 1338.423986][ T6070] usb 2-1: Using ep0 maxpacket: 16 [ 1338.501303][ T6070] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1338.604000][ T6070] usb 2-1: config 14 has an invalid interface number: 3 but max is 1 [ 1338.619465][ T6070] usb 2-1: config 14 has an invalid interface number: 240 but max is 1 [ 1338.631134][ T6070] usb 2-1: config 14 has no interface number 0 [ 1338.638767][ T6070] usb 2-1: config 14 has no interface number 1 [ 1338.650283][ T6070] usb 2-1: config 14 interface 3 has no altsetting 0 [ 1338.659083][ T6070] usb 2-1: config 14 interface 240 has no altsetting 0 [ 1338.954138][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 1338.962820][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 1339.035741][ T6070] usb 2-1: New USB device found, idVendor=05c6, idProduct=9222, bcdDevice=3c.9b [ 1339.047638][ T6070] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1339.060935][ T6070] usb 2-1: Product: syz [ 1339.066264][ T6070] usb 2-1: Manufacturer: syz [ 1339.072071][ T6070] usb 2-1: SerialNumber: syz [ 1339.709141][ T6070] usb 2-1: unknown number of interfaces: 2 [ 1339.813830][ T6070] usb 2-1: USB disconnect, device number 106 [ 1340.422239][T17578] netlink: 'syz.5.5577': attribute type 2 has an invalid length. [ 1340.431973][T17578] netlink: 212912 bytes leftover after parsing attributes in process `syz.5.5577'. [ 1342.139175][T17598] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5586'. [ 1342.159070][T17598] netlink: 'syz.5.5586': attribute type 1 has an invalid length. [ 1344.297180][ T6070] usb 2-1: new high-speed USB device number 107 using dummy_hcd [ 1344.404870][T17628] loop2: detected capacity change from 0 to 2048 [ 1344.599546][T17628] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1344.658153][ T6070] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1344.672077][ T6070] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1344.683125][ T6070] usb 2-1: Product: syz [ 1344.689646][ T6070] usb 2-1: Manufacturer: syz [ 1344.696323][ T6070] usb 2-1: SerialNumber: syz [ 1344.968771][ T6070] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1345.478054][ T30] audit: type=1326 audit(2000000100.025:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17638 comm="syz.4.5602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e1c98d169 code=0x7ffc0000 [ 1345.504462][ T30] audit: type=1326 audit(2000000100.025:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17638 comm="syz.4.5602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e1c98d169 code=0x7ffc0000 [ 1345.514434][ T6069] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1345.865668][ C1] usb 2-1: ath: unknown panic pattern! [ 1345.954953][ T30] audit: type=1326 audit(2000000100.182:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17638 comm="syz.4.5602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f8e1c98d169 code=0x7ffc0000 [ 1345.985316][ T30] audit: type=1326 audit(2000000100.219:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17638 comm="syz.4.5602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e1c98d169 code=0x7ffc0000 [ 1346.018080][ T30] audit: type=1326 audit(2000000100.219:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17638 comm="syz.4.5602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e1c98d169 code=0x7ffc0000 [ 1346.210592][ T6070] usb 2-1: USB disconnect, device number 107 [ 1346.416402][T17645] loop2: detected capacity change from 0 to 764 [ 1346.755391][ T6069] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 1346.764804][ T6069] ath9k_htc: Failed to initialize the device [ 1346.849579][ T6070] usb 2-1: ath9k_htc: USB layer deinitialized [ 1350.111141][T17678] Bluetooth: hci0: Opcode 0x0c20 failed: -4 [ 1351.495355][ T52] Bluetooth: hci0: command 0x0406 tx timeout [ 1351.903022][ T30] audit: type=1326 audit(2000000105.941:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17712 comm="syz.2.5633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f395df8d169 code=0x7ffc0000 [ 1352.051132][ T30] audit: type=1326 audit(2000000105.988:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17712 comm="syz.2.5633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f395df8d169 code=0x7ffc0000 [ 1352.080102][ T30] audit: type=1326 audit(2000000106.025:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17712 comm="syz.2.5633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7f395df8d169 code=0x7ffc0000 [ 1352.116524][ T30] audit: type=1326 audit(2000000106.025:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17712 comm="syz.2.5633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f395df8d169 code=0x7ffc0000 [ 1352.151633][ T30] audit: type=1326 audit(2000000106.025:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17712 comm="syz.2.5633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f395df8d169 code=0x7ffc0000 [ 1352.977201][T17728] bridge2: entered promiscuous mode [ 1353.479317][T17736] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5641'. [ 1353.497194][T17736] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 1353.697263][T17739] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5643'. [ 1355.097661][T17758] loop5: detected capacity change from 0 to 164 [ 1355.244915][T17758] isofs: Unable to find the ".." directory for NFS. [ 1356.062547][T17768] netlink: 830 bytes leftover after parsing attributes in process `syz.5.5656'. [ 1356.512541][T17772] loop4: detected capacity change from 0 to 1024 [ 1357.049891][ T35] hfsplus: b-tree write err: -5, ino 4 [ 1358.849996][T17798] loop5: detected capacity change from 0 to 256 [ 1359.033901][T17798] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 1359.701285][T17808] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5673'. [ 1363.793310][T17860] xt_connbytes: Forcing CT accounting to be enabled [ 1363.803323][T17860] xt_bpf: check failed: parse error [ 1364.506859][T17870] loop5: detected capacity change from 0 to 64 [ 1364.895014][ T6062] usb 2-1: new high-speed USB device number 108 using dummy_hcd [ 1365.087346][ T6062] usb 2-1: Using ep0 maxpacket: 32 [ 1365.172095][ T6062] usb 2-1: config 0 has an invalid interface number: 29 but max is 0 [ 1365.181980][ T6062] usb 2-1: config 0 has no interface number 0 [ 1365.189006][ T6062] usb 2-1: config 0 interface 29 has no altsetting 0 [ 1365.349806][ T6062] usb 2-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac [ 1365.363820][ T6062] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1365.374699][ T6062] usb 2-1: Product: syz [ 1365.381456][ T6062] usb 2-1: Manufacturer: syz [ 1365.386842][ T6062] usb 2-1: SerialNumber: syz [ 1365.589781][ T6062] usb 2-1: config 0 descriptor?? [ 1365.884459][ T6062] peak_usb 2-1:0.29: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels) [ 1366.122227][ T6062] peak_usb 2-1:0.29 can0: unable to request usb[type=2 value=5] err=-71 [ 1366.133483][ T6062] peak_usb 2-1:0.29: unable to tell PCAN-USB X6 driver is loaded (err -71) [ 1366.293031][ T6062] peak_usb 2-1:0.29: probe with driver peak_usb failed with error -71 [ 1366.421627][ T6062] usb 2-1: USB disconnect, device number 108 [ 1367.311162][T17904] SET target dimension over the limit! [ 1368.274030][T17919] usb usb6: usbfs: process 17919 (syz.2.5715) did not claim interface 0 before use [ 1368.400097][T17921] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5716'. [ 1370.070296][T17944] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5725'. [ 1370.395958][T17949] loop5: detected capacity change from 0 to 128 [ 1370.695459][T17952] loop2: detected capacity change from 0 to 128 [ 1370.776418][T17952] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 1370.867807][T17952] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1370.950875][T17954] loop4: detected capacity change from 0 to 512 [ 1371.076801][T17954] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 1371.362825][T17954] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1371.569770][T17954] Quota error (device loop4): do_check_range: Getting block 100663301 out of range 1-5 [ 1371.583671][T17954] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 1371.594254][T17954] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.5729: Failed to acquire dquot type 0 [ 1371.935693][ T6019] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1372.177893][T17969] loop2: detected capacity change from 0 to 16 [ 1374.817834][ T30] audit: type=1400 audit(2000000127.069:74): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A273A02 pid=18006 comm="syz.5.5749" [ 1374.988909][T18010] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5750'. [ 1375.026265][T18010] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 1375.391261][T18017] loop1: detected capacity change from 0 to 1024 [ 1375.442988][T18017] hfsplus: invalid extent max_key_len 0 [ 1375.473801][T18017] hfsplus: failed to load extents file [ 1376.009153][ T6062] usb 2-1: new high-speed USB device number 109 using dummy_hcd [ 1376.268375][ T6062] usb 2-1: Using ep0 maxpacket: 16 [ 1376.376712][ T6062] usb 2-1: config 8 has an invalid interface number: 223 but max is 0 [ 1376.387378][ T6062] usb 2-1: config 8 contains an unexpected descriptor of type 0x1, skipping [ 1376.399215][ T6062] usb 2-1: config 8 has an invalid descriptor of length 156, skipping remainder of the config [ 1376.411555][ T6062] usb 2-1: config 8 has no interface number 0 [ 1376.422565][ T6062] usb 2-1: config 8 interface 223 altsetting 2 bulk endpoint 0xC has invalid maxpacket 32 [ 1376.435821][ T6062] usb 2-1: config 8 interface 223 altsetting 2 endpoint 0x7 has invalid maxpacket 15872, setting to 64 [ 1376.450819][ T6062] usb 2-1: config 8 interface 223 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1376.465726][ T6062] usb 2-1: config 8 interface 223 has no altsetting 0 [ 1376.596183][ T6062] usb 2-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d [ 1376.607353][ T6062] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1376.617839][ T6062] usb 2-1: Product: syz [ 1376.623011][ T6062] usb 2-1: Manufacturer: syz [ 1376.629900][ T6062] usb 2-1: SerialNumber: syz [ 1376.905192][T18017] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1376.998000][T18036] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1377.300354][ T6062] usb 2-1: USB disconnect, device number 109 [ 1377.753947][T18045] netlink: 'syz.4.5764': attribute type 3 has an invalid length. [ 1379.457665][T18071] loop4: detected capacity change from 0 to 256 [ 1379.475700][ T6070] usb 1-1: new high-speed USB device number 112 using dummy_hcd [ 1379.724942][ T6070] usb 1-1: Using ep0 maxpacket: 16 [ 1379.734365][T18071] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 1379.820671][ T6070] usb 1-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 1379.832199][ T6070] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1379.841617][ T6070] usb 1-1: Product: syz [ 1379.848840][ T6070] usb 1-1: Manufacturer: syz [ 1379.854048][ T6070] usb 1-1: SerialNumber: syz [ 1379.931052][T18071] exFAT-fs (loop4): error, data size is invalid(10) [ 1379.976705][ T6070] usb 1-1: config 0 descriptor?? [ 1380.482966][ T6069] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 1380.504619][ T6070] dvb_usb_dtv5100 1-1:0.0: probe with driver dvb_usb_dtv5100 failed with error -71 [ 1380.603085][ T6070] usb 1-1: USB disconnect, device number 112 [ 1380.732218][T18084] loop1: detected capacity change from 0 to 512 [ 1380.774539][ T6069] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF4, changing to 0x84 [ 1380.789909][ T6069] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1023 [ 1380.802998][ T6069] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 1380.817336][ T6069] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 1380.829671][ T6069] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 0 [ 1380.858137][T18084] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 1381.031236][T18084] EXT4-fs (loop1): 1 truncate cleaned up [ 1381.042627][T18084] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1381.270269][ T6069] usb 3-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 1381.282332][ T6069] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1381.292394][ T6069] usb 3-1: Product: syz [ 1381.303178][ T6069] usb 3-1: Manufacturer: syz [ 1381.311235][ T6069] usb 3-1: SerialNumber: syz [ 1381.383338][T18084] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 1381.546143][ T6069] usb 3-1: config 0 descriptor?? [ 1381.556280][T18080] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 1381.627648][ T6069] usb 3-1: ucan: probing device on interface #0 [ 1381.636101][ T6069] usb 3-1: ucan: invalid endpoint configuration [ 1381.645039][ T6069] usb 3-1: ucan: probe failed; try to update the device firmware [ 1381.925628][ T6017] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1381.927471][ T6062] usb 3-1: USB disconnect, device number 14 [ 1385.505128][T18144] loop5: detected capacity change from 0 to 8 [ 1385.987428][T18153] loop2: detected capacity change from 0 to 512 [ 1386.186815][T18153] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 1386.197668][T18153] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 1386.301405][T18153] EXT4-fs (loop2): 1 truncate cleaned up [ 1386.345922][T18153] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1386.499941][T18153] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 1386.516112][T18162] vivid-002: disconnect [ 1386.584972][T18159] vivid-002: reconnect [ 1386.680336][ T6069] usb 5-1: new high-speed USB device number 101 using dummy_hcd [ 1386.788532][ T6062] usb 1-1: new full-speed USB device number 113 using dummy_hcd [ 1386.934956][ T6069] usb 5-1: Using ep0 maxpacket: 8 [ 1387.010475][ T6069] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1387.033864][ T6022] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1387.048736][ T6062] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1387.062996][ T6062] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 26989, setting to 64 [ 1387.135812][ T6069] usb 5-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=46.08 [ 1387.149239][ T6069] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1387.159044][ T6069] usb 5-1: Product: syz [ 1387.164887][ T6069] usb 5-1: Manufacturer: syz [ 1387.170450][ T6069] usb 5-1: SerialNumber: syz [ 1387.282756][ T6062] usb 1-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 1387.297324][ T6062] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1387.308804][ T6062] usb 1-1: Product: syz [ 1387.314587][ T6062] usb 1-1: Manufacturer: syz [ 1387.320163][ T6062] usb 1-1: SerialNumber: syz [ 1387.331961][ T6069] usb 5-1: config 0 descriptor?? [ 1387.418803][ T6069] comedi comedi0: Wrong number of endpoints [ 1387.430926][ T6069] dt9812 5-1:0.0: driver 'dt9812' failed to auto-configure device. [ 1387.504766][ T6062] usb 1-1: config 0 descriptor?? [ 1387.508051][T18163] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 1387.560960][ T6062] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input45 [ 1387.606560][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.617977][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.618573][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.619038][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.619531][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.620030][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.620536][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.626127][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.686330][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.686822][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.687342][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.687849][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.688373][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.688881][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.689500][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.690084][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.690612][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.691126][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.691674][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.692232][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.692767][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.693301][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.693846][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.694390][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.694922][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.695477][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.695992][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.696467][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.696961][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.697510][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.707931][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.708534][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.718781][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.719353][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.720150][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.720683][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.721235][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.722019][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.722739][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.723345][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.723888][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1387.724408][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.026911][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.028440][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.029016][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.029675][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.030363][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.031106][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.031798][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.032484][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.033171][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.035732][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.036199][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.036679][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.037141][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.037601][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.038080][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.038547][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.039141][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.039634][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.040137][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.040665][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.041188][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.041746][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.042224][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.042791][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.043319][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.043839][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.044431][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.045050][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.045648][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.046175][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.046847][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.047398][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.047919][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.048439][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.049070][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.049549][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.372615][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.374862][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.375377][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.375866][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.376370][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.376894][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.377444][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.378098][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.378631][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.379317][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.379856][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.380987][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.381501][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.382114][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.382718][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.485455][ T5137] usb 1-1: control msg error: -71 [ 1388.490879][ C0] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.527902][ C0] usb 1-1: pegasus_irq - usb_submit_urb failed with result -1 [ 1388.584128][ T6069] usb 5-1: USB disconnect, device number 101 [ 1388.761359][ C1] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.761967][ C1] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.762517][ C1] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.763081][ C1] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.763654][ C1] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.764204][ C1] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.764475][ T5137] usb 1-1: control msg error: -71 [ 1388.764736][ C1] usb 1-1: pegasus_irq - nonzero urb status received: -71 [ 1388.765316][ C1] usb 1-1: pegasus_irq - urb shutting down with status: -2 [ 1388.809944][ T6062] usb 1-1: USB disconnect, device number 113 [ 1389.724801][T18190] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5818'. [ 1390.450557][T18197] RDS: rds_bind could not find a transport for fe88::1, load rds_tcp or rds_rdma? [ 1391.160449][T18210] netlink: 'syz.5.5826': attribute type 1 has an invalid length. [ 1392.007074][T18219] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode balance-tlb(5) [ 1392.889753][T18234] netlink: 5064 bytes leftover after parsing attributes in process `syz.5.5835'. [ 1392.944439][T18232] loop4: detected capacity change from 0 to 512 [ 1393.271205][T18232] EXT4-fs (loop4): 1 orphan inode deleted [ 1393.282064][T18232] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1393.317890][ T4233] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 1393.332189][ T4233] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:25: Failed to release dquot type 1 [ 1393.382113][T18232] ext4 filesystem being mounted at /1137/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1394.015098][ T6019] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1395.206024][T18266] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5846'. [ 1396.707835][T18290] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5855'. [ 1397.962023][T18307] netlink: 72 bytes leftover after parsing attributes in process `syz.4.5863'. [ 1397.973836][T18307] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5863'. [ 1397.986717][T18307] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5863'. [ 1397.996843][T18307] netlink: 60 bytes leftover after parsing attributes in process `syz.4.5863'. [ 1398.324300][T18312] loop1: detected capacity change from 0 to 22 [ 1398.388732][T18312] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1399.032029][T18321] libceph: resolve '0.0' (ret=-3): failed [ 1400.992983][T18353] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5882'. [ 1401.278555][ T30] audit: type=1326 audit(2000000151.519:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18354 comm="syz.4.5883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e1c98d169 code=0x7ffc0000 [ 1401.376969][T18357] netlink: 62967 bytes leftover after parsing attributes in process `syz.1.5884'. [ 1401.444996][ T30] audit: type=1326 audit(2000000151.575:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18354 comm="syz.4.5883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7f8e1c98d169 code=0x7ffc0000 [ 1401.471895][ T30] audit: type=1326 audit(2000000151.575:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18354 comm="syz.4.5883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e1c98d169 code=0x7ffc0000 [ 1401.513135][ T30] audit: type=1326 audit(2000000151.584:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18354 comm="syz.4.5883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e1c98d169 code=0x7ffc0000 [ 1403.881763][T18399] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1403.906870][ T6069] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 1404.154133][ T6069] usb 3-1: Using ep0 maxpacket: 16 [ 1404.267745][ T6069] usb 3-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 1404.278443][ T6069] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1404.289725][ T6069] usb 3-1: Product: syz [ 1404.296644][ T6069] usb 3-1: Manufacturer: syz [ 1404.302728][ T6069] usb 3-1: SerialNumber: syz [ 1404.525369][ T6069] usb 3-1: config 0 descriptor?? [ 1404.593381][ T6069] ssu100 3-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 1404.848870][ T6062] usb 2-1: new high-speed USB device number 110 using dummy_hcd [ 1405.031215][T18409] loop4: detected capacity change from 0 to 2048 [ 1405.058765][ T6069] ssu100 3-1:0.0: probe with driver ssu100 failed with error -71 [ 1405.087540][ T6062] usb 2-1: Using ep0 maxpacket: 16 [ 1405.108111][ T6069] usb 3-1: USB disconnect, device number 15 [ 1405.164022][ T6062] usb 2-1: config 0 has an invalid interface number: 8 but max is 0 [ 1405.174761][ T6062] usb 2-1: config 0 has no interface number 0 [ 1405.182123][ T6062] usb 2-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1405.197013][ T6062] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 1405.212910][ T6062] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1405.284946][T18410] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1405.404469][ T6062] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 1405.416849][ T6062] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 1405.426092][ T6062] usb 2-1: Product: syz [ 1405.430750][ T6062] usb 2-1: SerialNumber: syz [ 1405.508760][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 1405.517538][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 1405.574794][ T6062] usb 2-1: config 0 descriptor?? [ 1405.586009][T18407] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 1405.653016][ T6062] cm109 2-1:0.8: invalid payload size 1024, expected 4 [ 1405.664765][ T6062] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input46 [ 1406.058845][ C0] cm109 2-1:0.8: cm109_urb_irq_callback: urb status -71 [ 1406.325532][ C0] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1406.330774][ T6069] usb 2-1: USB disconnect, device number 110 [ 1406.334567][ C0] cm109 2-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 1406.499095][ T6069] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 1408.656300][T18449] loop4: detected capacity change from 0 to 512 [ 1408.799904][T18452] loop2: detected capacity change from 0 to 764 [ 1408.892401][T18449] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1408.908785][T18449] ext4 filesystem being mounted at /1154/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1408.964375][T18452] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 1409.880657][ T6019] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1410.600318][T18483] netlink: 'syz.0.5935': attribute type 21 has an invalid length. [ 1410.612875][T18483] netlink: 128 bytes leftover after parsing attributes in process `syz.0.5935'. [ 1410.624423][T18483] netlink: 'syz.0.5935': attribute type 4 has an invalid length. [ 1410.633440][T18483] netlink: 'syz.0.5935': attribute type 5 has an invalid length. [ 1410.644196][T18483] netlink: 3 bytes leftover after parsing attributes in process `syz.0.5935'. [ 1410.655745][T18484] netlink: 684 bytes leftover after parsing attributes in process `syz.1.5934'. [ 1413.452452][T18524] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5954'. [ 1413.456263][T18525] program syz.0.5955 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1413.526837][ T30] audit: type=1400 audit(2000000162.835:79): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=18523 comm="syz.5.5957" [ 1415.198992][T18548] loop2: detected capacity change from 0 to 8 [ 1416.991051][T18575] tmpfs: Bad value for 'nr_blocks' [ 1418.874377][T18603] loop5: detected capacity change from 0 to 256 [ 1418.948086][T18603] exfat: Deprecated parameter 'namecase' [ 1418.955969][T18603] exfat: Deprecated parameter 'utf8' [ 1419.148101][T18603] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x23633d53, utbl_chksum : 0xe619d30d) [ 1420.666864][ T6062] usb 5-1: new high-speed USB device number 102 using dummy_hcd [ 1420.895045][ T6062] usb 5-1: Using ep0 maxpacket: 8 [ 1420.939020][ T6062] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1420.974628][ T6062] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E [ 1420.988957][ T6062] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 1421.002916][ T6062] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 1421.019268][ T6062] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1421.031997][ T6062] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1 [ 1421.044011][ T6062] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 1421.056799][ T6062] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x46, changing to 0x6 [ 1421.070697][ T6062] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 1421.205701][ T6062] usb 5-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84 [ 1421.216516][ T6062] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1421.226863][ T6062] usb 5-1: Product: syz [ 1421.232563][ T6062] usb 5-1: Manufacturer: syz [ 1421.243280][ T6062] usb 5-1: SerialNumber: syz [ 1421.385830][ T6062] usb 5-1: config 0 descriptor?? [ 1421.397514][T18620] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 1421.455336][ T6062] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 1421.487258][T18635] netlink: 'syz.2.6008': attribute type 1 has an invalid length. [ 1421.995404][ T6062] usb 5-1: USB disconnect, device number 102 [ 1422.658967][T18643] loop1: detected capacity change from 0 to 2048 [ 1422.765594][ T6544] udevd[6544]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1422.943004][T18651] netlink: 'syz.2.6016': attribute type 21 has an invalid length. [ 1422.958508][T18643] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1423.106168][T18643] udf: Bad value for 'lastblock' [ 1423.632118][T18658] netlink: 'syz.5.6020': attribute type 10 has an invalid length. [ 1423.644176][T18658] netlink: 40 bytes leftover after parsing attributes in process `syz.5.6020'. [ 1423.665935][T18658] batman_adv: batadv0: Adding interface: vlan0 [ 1423.673536][T18658] batman_adv: batadv0: The MTU of interface vlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1423.709874][T18658] batman_adv: batadv0: Interface activated: vlan0 [ 1423.873882][T18661] xt_TCPMSS: Only works on TCP SYN packets [ 1424.664743][T18675] qrtr: Invalid version 2 [ 1426.523391][T18696] loop1: detected capacity change from 0 to 512 [ 1426.974268][T18696] EXT4-fs error (device loop1): ext4_quota_enable:7122: comm syz.1.6037: Bad quota inum: 1, type: 2 [ 1427.098563][T18696] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=2, err=-117, ino=1). Please run e2fsck to fix. [ 1427.211541][T18696] EXT4-fs (loop1): mount failed [ 1427.696019][T18715] netlink: 40 bytes leftover after parsing attributes in process `syz.5.6043'. [ 1428.647323][T18728] overlayfs: missing 'lowerdir' [ 1429.529074][ T6062] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 1429.650883][T18744] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 1429.658710][T18744] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 1429.668369][T18744] vhci_hcd vhci_hcd.0: Device attached [ 1429.746321][ T6062] usb 3-1: Using ep0 maxpacket: 8 [ 1429.825517][ T6062] usb 3-1: config 2 has an invalid interface number: 31 but max is 0 [ 1429.837073][ T6062] usb 3-1: config 2 has no interface number 0 [ 1429.847080][ T6062] usb 3-1: config 2 interface 31 has no altsetting 0 [ 1429.941012][ T6063] vhci_hcd: vhci_device speed not set [ 1429.962636][ T6062] usb 3-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f [ 1429.972176][ T6062] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1429.980978][ T6062] usb 3-1: Product: syz [ 1429.985696][ T6062] usb 3-1: Manufacturer: syz [ 1429.991273][ T6062] usb 3-1: SerialNumber: syz [ 1430.036350][ T6063] usb 33-1: new full-speed USB device number 2 using vhci_hcd [ 1430.103331][T18037] usb 1-1: new high-speed USB device number 114 using dummy_hcd [ 1430.322129][T18037] usb 1-1: Using ep0 maxpacket: 16 [ 1430.424366][T18037] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 1430.433940][T18037] usb 1-1: config 0 has no interface number 0 [ 1430.441124][T18037] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1430.456122][T18037] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1430.597149][T18037] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 1430.608792][T18037] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 1430.621742][T18037] usb 1-1: Product: syz [ 1430.627325][T18037] usb 1-1: SerialNumber: syz [ 1430.659567][ T6062] ===================================================== [ 1430.674712][ T6062] BUG: KMSAN: uninit-value in mii_nway_restart+0x119/0x1e0 [ 1430.684117][ T6062] mii_nway_restart+0x119/0x1e0 [ 1430.691175][ T6062] ch9200_bind+0x238/0xeb0 [ 1430.696557][ T6062] usbnet_probe+0xda1/0x3f40 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1430.704211][ T6062] usb_probe_interface+0xd42/0x12f0 [ 1430.710796][ T6062] really_probe+0x4dc/0xd90 [ 1430.716571][ T6062] __driver_probe_device+0x2ab/0x5d0 [ 1430.723428][ T6062] driver_probe_device+0x72/0x890 [ 1430.729204][ T6062] __device_attach_driver+0x568/0x9e0 [ 1430.736199][ T6062] bus_for_each_drv+0x403/0x620 [ 1430.742370][ T6062] __device_attach+0x3c1/0x650 [ 1430.749850][ T6062] device_initial_probe+0x32/0x40 [ 1430.755975][ T6062] bus_probe_device+0x3dc/0x5c0 [ 1430.761292][ T6062] device_add+0x13aa/0x1ba0 [ 1430.767329][ T6062] usb_set_configuration+0x31ea/0x38f0 [ 1430.775185][ T6062] usb_generic_driver_probe+0x109/0x2a0 [ 1430.787249][ T6062] usb_probe_device+0x3a7/0x690 [ 1430.792744][ T6062] really_probe+0x4dc/0xd90 [ 1430.800097][ T6062] __driver_probe_device+0x2ab/0x5d0 [ 1430.806157][ T6062] driver_probe_device+0x72/0x890 [ 1430.812173][ T6062] __device_attach_driver+0x568/0x9e0 [ 1430.820834][ T6062] bus_for_each_drv+0x403/0x620 [ 1430.826101][ T6062] __device_attach+0x3c1/0x650 [ 1430.832559][ T6062] device_initial_probe+0x32/0x40 [ 1430.838848][ T6062] bus_probe_device+0x3dc/0x5c0 [ 1430.845029][ T6062] device_add+0x13aa/0x1ba0 [ 1430.850110][ T6062] usb_new_device+0x15f8/0x2480 [ 1430.856289][ T6062] hub_event+0x4ffe/0x72d0 [ 1430.861953][ T6062] process_scheduled_works+0xc1d/0x1e80 [ 1430.868253][ T6062] worker_thread+0xea3/0x1500 [ 1430.875250][ T6062] kthread+0x6ce/0xf10 [ 1430.881070][ T6062] ret_from_fork+0x6d/0x90 [ 1430.886333][ T6062] ret_from_fork_asm+0x1a/0x30 [ 1430.898590][ T6062] [ 1430.901273][ T6062] Local variable buff created at: [ 1430.910026][ T6062] ch9200_mdio_read+0x3c/0x100 [ 1430.915338][ T6062] mii_nway_restart+0x8a/0x1e0 [ 1430.921299][ T6062] [ 1430.923831][ T6062] CPU: 0 UID: 0 PID: 6062 Comm: kworker/0:3 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(undef) [ 1430.938309][ T6062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1430.950219][ T6062] Workqueue: usb_hub_wq hub_event [ 1430.956386][ T6062] ===================================================== [ 1430.964917][ T6062] Disabling lock debugging due to kernel taint [ 1430.972002][ T6062] Kernel panic - not syncing: kmsan.panic set ... [ 1430.980030][ T6062] CPU: 0 UID: 0 PID: 6062 Comm: kworker/0:3 Tainted: G B 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(undef) [ 1430.997476][ T6062] Tainted: [B]=BAD_PAGE [ 1431.001996][ T6062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1431.013246][ T6062] Workqueue: usb_hub_wq hub_event [ 1431.019357][ T6062] Call Trace: [ 1431.024566][ T6062] [ 1431.027964][ T6062] dump_stack_lvl+0x216/0x2d0 [ 1431.034852][ T6062] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1431.041879][ T6062] dump_stack+0x1e/0x24 [ 1431.048683][ T6062] panic+0x4e5/0xcf0 [ 1431.054887][ T6062] ? kmsan_internal_set_shadow_origin+0x10/0x100 [ 1431.064406][ T6062] kmsan_report+0x2ca/0x2d0 [ 1431.069652][ T6062] ? bus_probe_device+0x3dc/0x5c0 [ 1431.076384][ T6062] ? ret_from_fork+0x6d/0x90 [ 1431.082020][ T6062] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 1431.088636][ T6062] ? __msan_warning+0x95/0x120 [ 1431.095014][ T6062] ? mii_nway_restart+0x119/0x1e0 [ 1431.100706][ T6062] ? ch9200_bind+0x238/0xeb0 [ 1431.107177][ T6062] ? usbnet_probe+0xda1/0x3f40 [ 1431.112435][ T6062] ? usb_probe_interface+0xd42/0x12f0 [ 1431.119028][ T6062] ? really_probe+0x4dc/0xd90 [ 1431.124369][ T6062] ? __driver_probe_device+0x2ab/0x5d0 [ 1431.131138][ T6062] ? driver_probe_device+0x72/0x890 [ 1431.137838][ T6062] ? __device_attach_driver+0x568/0x9e0 [ 1431.143826][ T6062] ? bus_for_each_drv+0x403/0x620 [ 1431.149730][ T6062] ? __device_attach+0x3c1/0x650 [ 1431.155979][ T6062] ? device_initial_probe+0x32/0x40 [ 1431.162933][ T6062] ? bus_probe_device+0x3dc/0x5c0 [ 1431.168412][ T6062] ? device_add+0x13aa/0x1ba0 [ 1431.174639][ T6062] ? usb_set_configuration+0x31ea/0x38f0 [ 1431.181473][ T6062] ? usb_generic_driver_probe+0x109/0x2a0 [ 1431.189065][ T6062] ? usb_probe_device+0x3a7/0x690 [ 1431.195014][ T6062] ? really_probe+0x4dc/0xd90 [ 1431.200796][ T6062] ? __driver_probe_device+0x2ab/0x5d0 [ 1431.208454][ T6062] ? driver_probe_device+0x72/0x890 [ 1431.215203][ T6062] ? __device_attach_driver+0x568/0x9e0 [ 1431.222558][ T6062] ? bus_for_each_drv+0x403/0x620 [ 1431.228040][ T6062] ? __device_attach+0x3c1/0x650 [ 1431.234634][ T6062] ? device_initial_probe+0x32/0x40 [ 1431.240646][ T6062] ? bus_probe_device+0x3dc/0x5c0 [ 1431.247019][ T6062] ? device_add+0x13aa/0x1ba0 [ 1431.252783][ T6062] ? usb_new_device+0x15f8/0x2480 [ 1431.259579][ T6062] ? hub_event+0x4ffe/0x72d0 [ 1431.266800][ T6062] ? process_scheduled_works+0xc1d/0x1e80 [ 1431.274488][ T6062] ? worker_thread+0xea3/0x1500 [ 1431.280514][ T6062] ? kthread+0x6ce/0xf10 [ 1431.285822][ T6062] ? ret_from_fork+0x6d/0x90 [ 1431.291521][ T6062] ? ret_from_fork_asm+0x1a/0x30 [ 1431.298568][ T6062] ? kmsan_get_metadata+0x13e/0x1c0 [ 1431.306248][ T6062] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1431.313055][ T6062] __msan_warning+0x95/0x120 [ 1431.318064][ T6062] mii_nway_restart+0x119/0x1e0 [ 1431.323228][ T6062] ch9200_bind+0x238/0xeb0 [ 1431.328903][ T6062] ? __pfx_ch9200_bind+0x10/0x10 [ 1431.334707][ T6062] usbnet_probe+0xda1/0x3f40 [ 1431.340153][ T6062] ? kmsan_get_metadata+0x13e/0x1c0 [ 1431.345658][ T6062] ? __pfx_usbnet_probe+0x10/0x10 [ 1431.351883][ T6062] usb_probe_interface+0xd42/0x12f0 [ 1431.357536][ T6062] ? __pfx_usb_probe_interface+0x10/0x10 [ 1431.363676][ T6062] really_probe+0x4dc/0xd90 [ 1431.368569][ T6062] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1431.375273][ T6062] __driver_probe_device+0x2ab/0x5d0 [ 1431.381554][ T6062] driver_probe_device+0x72/0x890 [ 1431.387130][ T6062] ? kmsan_get_metadata+0x13e/0x1c0 [ 1431.392620][ T6062] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1431.398738][ T6062] __device_attach_driver+0x568/0x9e0 [ 1431.405327][ T6062] bus_for_each_drv+0x403/0x620 [ 1431.411214][ T6062] ? __pfx___device_attach_driver+0x10/0x10 [ 1431.418184][ T6062] __device_attach+0x3c1/0x650 [ 1431.424028][ T6062] device_initial_probe+0x32/0x40 [ 1431.429695][ T6062] bus_probe_device+0x3dc/0x5c0 [ 1431.435800][ T6062] device_add+0x13aa/0x1ba0 [ 1431.442809][ T6062] usb_set_configuration+0x31ea/0x38f0 [ 1431.448977][ T6062] ? usb_set_configuration+0x8e1/0x38f0 [ 1431.455946][ T6062] usb_generic_driver_probe+0x109/0x2a0 [ 1431.462215][ T6062] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1431.468521][ T6062] ? __pfx_usb_generic_driver_probe+0x10/0x10 [ 1431.475902][ T6062] usb_probe_device+0x3a7/0x690 [ 1431.481959][ T6062] ? __pfx_usb_probe_device+0x10/0x10 [ 1431.487774][ T6062] really_probe+0x4dc/0xd90 [ 1431.495540][ T6062] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1431.502495][ T6062] __driver_probe_device+0x2ab/0x5d0 [ 1431.509355][ T6062] driver_probe_device+0x72/0x890 [ 1431.516085][ T6062] ? kmsan_get_metadata+0x13e/0x1c0 [ 1431.521920][ T6062] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1431.528888][ T6062] __device_attach_driver+0x568/0x9e0 [ 1431.535128][ T6062] bus_for_each_drv+0x403/0x620 [ 1431.540650][ T6062] ? __pfx___device_attach_driver+0x10/0x10 [ 1431.548373][ T6062] __device_attach+0x3c1/0x650 [ 1431.553904][ T6062] device_initial_probe+0x32/0x40 [ 1431.559606][ T6062] bus_probe_device+0x3dc/0x5c0 [ 1431.565089][ T6062] device_add+0x13aa/0x1ba0 [ 1431.570170][ T6062] usb_new_device+0x15f8/0x2480 [ 1431.575518][ T6062] hub_event+0x4ffe/0x72d0 [ 1431.580762][ T6062] ? kmsan_get_metadata+0x13e/0x1c0 [ 1431.587798][ T6062] ? __pfx_hub_event+0x10/0x10 [ 1431.593155][ T6062] process_scheduled_works+0xc1d/0x1e80 [ 1431.599220][ T6062] worker_thread+0xea3/0x1500 [ 1431.605623][ T6062] kthread+0x6ce/0xf10 [ 1431.610356][ T6062] ? __pfx_worker_thread+0x10/0x10 [ 1431.618720][ T6062] ? __pfx_kthread+0x10/0x10 [ 1431.624506][ T6062] ret_from_fork+0x6d/0x90 [ 1431.630718][ T6062] ? __pfx_kthread+0x10/0x10 [ 1431.636660][ T6062] ret_from_fork_asm+0x1a/0x30 [ 1431.641818][ T6062] [ 1431.645309][ T6062] Kernel Offset: disabled [ 1431.650048][ T6062] Rebooting in 86400 seconds..