last executing test programs: 2m41.913020063s ago: executing program 4 (id=2676): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x5c, 0x2, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) 2m40.937683337s ago: executing program 4 (id=2690): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000780)=@nat={'nat\x00', 0x19, 0x0, 0xc0, [0x2000000006c0, 0x0, 0x0, 0x2000000006f0, 0x200000000720], 0x0, 0x0, &(0x7f00000006c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x138) 2m40.61783287s ago: executing program 4 (id=2695): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newtaction={0x84, 0x30, 0xffff, 0x0, 0x0, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x5, 0x20000000, 0x101, 0x0, 0x3, {0x4, 0x2, 0x100, 0x7, 0xffff, 0x10001}, {0xff, 0x2, 0x2, 0x3, 0x2}, 0xc2d, 0x3, 0x2}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x84}}, 0x0) 2m40.306424238s ago: executing program 4 (id=2700): r0 = syz_open_dev$sndpcmp(&(0x7f0000000080), 0x1, 0x20000) ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r0, 0xc0884113, &(0x7f0000000340)={0x0, 0x9, 0x6, 0x68, 0x80, 0x0, 0x1, 0x35a, 0xa3, 0x4556, 0x5042}) 2m40.047762584s ago: executing program 4 (id=2705): syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="005901e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRESDEC, @ANYRESHEX, @ANYRESOCT, @ANYRES16, @ANYRES8, @ANYBLOB="eae535d4c5cd41b584d3bdb8d3fb3e37666220165c8aec9c235bc9af137d4058a50551a5b228bbbcf6cd1275ef3732adfeaebdf711988cbe9d1da671f8bbaac371392e227f548006163fc9aaf3d55e97410ccacb7df3444c03ac4170da3fbc69ae1c8a590318a7a33a774debbcc54bb6d6025bc65458b94791d5a8bcd898b75cce569e2c6fd55928c5084aab22c8196fb436916cff76302fd8c4b69ca674271f5db630ffad103ad9286287759d0d5470d0b54f701a713e8803665b87799065f31bb0cff21d9c109c1fbfffb640facdacd569f158f694c34ffb4c405b186aa90e8be7b47c56e6e439ae953605d89c131c711ff56f0adb96e5ee0d269b4cfc9d089794f60bdd06e845b5ffdccfefee032ecfd92f6cba5920130f685e807f88de4a2e595ea37f39a92dcbaeb2de15dab62a5a199d4666578eb1707e88ebb0b98140fdb62d60005fd6721f18a2054b2ba2ed308813164f8dbc7e1d26a11a707adc6978a25cca2fca5d62e51794447f656b92f8372ebf98934a0bc057b901080da81ef02ccfa18a29c9b82c90fd38eb554b83428948f3608cd8fd5845bed25a0d96b146f09bd4cce20efc1ecc7bf64bd88e7a460b372a298cb776eb1d78cc334da71dc6056b2d1119cdad3af9092a42c184e9d487076399f0be65a442fdc06901089e6b5178ecb57aa4b98ff1f538696e8510551dbb5cbd36b125efa2a3e719f22b96eeec80a178dae9c894a7dd170419c33817baedfc132cde868a1c55192b9c8a332772fc40fed9f6fee1aea0e2001752caeb58afb55ea7c421cd0eb5e6ea301f8e2f6b68484849f5d3e7bd1b4aa865d2cd049dfc773bb4281f5f8dd2a3f1563c8cd3655dd9e391424151dadf7415afb242cb99b9b9541b6780beafc6a8c2c0bd109749dde1e8535040d8d2cda8393abaa6cdae24e13917e867d6d301f6f39619bcbd70acc747e093ef3c22f0b1a8b8a4d8bd11bc19c7102e11a8603d563507423c96d1653a42d02ff1ee390934927f037d2022cbbf86cb605e82e2b6e2c2fa1d523f72b47738f318836defed1f898271bdd4fcbe7863e5aa7c7e468d9bad908de3c6851c696df710da87771840f46e63fc4c3d5d9b13b663ed2fef2e56a8690cdee9e6ac0a9824c9fe458ad29614f9485f9c18caf2d5c229f24a220ab84daa26ddb2a0d4059b43e073b703148d82fe4d91ae24db7224df2ee4e10d596846466d6a62faa9da7d24f9dd1e3b5cc291f4840b6603d1173204a452a9b05a5efcf4f9e09c2a3c38f2fd49322e718ddc8278ea182a359043387705c0be61be7e62ba7bb85dfa0f24400f89087f78d84d2296844944d186fb55045eb016dd3d602c85211d7b19dbebe3247313283da5bcbba09a3a74c590fdce8cdbef49a73b11413a9df4aaefc356e94f838cef801ba2380d7e5fdc8865140311f071c82bc1482c2033b8ad70d08a5a71e1c949f93cd8743b0bd4eefdaf45f5246efcf800444c8e9b8c2a01b76b6eb4e0639ee7381971172c53e165f14946fb56896e40424a3b981d97b4b01504806d797bb9e3405a7326d2ba7bfa6efc923c4c68d0165aea2d80ae953c7e2ec6534d0da7c28bbe255d81097e84254ff7bd065caa84fa7455885e1b28ab7d6243d0f02903860049935a764ebfe5384bdf9ae0b71f1641e457780da2071a84937dd88d2e4aec7ddaab66e335887f555a724ad9692ee996521ccaa35e2358aea1ab6a8c9845af8af552520fdec7ecb635d230074aa532c3efe6677c79b1328451a779501eccb4c11750744cfce16ba2ced0fc6dd2b75a5ff1770f3851c93bcf8850adf496012d94b8dd6a00d1f9f0c96989979b89838a29875072e0b678a2a55338f21625165c350134d7cb9119ac4dcc77f13a153fe6819d1bdc6b357e93531a68813913daf65d2e62d4bd09da6bb16e8d686518f6faff70dc0804b4b6810117d8698a4d27f0482f9adf9be3aae179dbcad90ab1fbd6b1ba15cdc78ee7686bd15a8fe1cf5af00fcc0a6981a77ac5c3485518921a1b4ea90b02e0059c2c71850d517bddc12bd61a5571da765a34b53e5f06a2b8bb122bf9d642f1ad50a0eb7afe34ef6fd2474d25f314adbf276a895b80b8de6e31eaee5fe4544f4709bf6416f26ec52d517dd3a350cb68df6791dc671495e0f056de8b158095b32ec8b43f65b1f3110cf7da37d2383e99a5bd9a0e0d5684a5b15246170bd11909ef22ee740aa5556dbc0f9dacc8ce440c137bf0ec673651067ef1146004701376116986c49b10226141bea12f679c3f53eaea945b1bb92e6c922a85a2221f768ff4f1c188dc82f9e8d947e140f43c4950430f88a47fb15dcd8ef8491ff08d7b287b280eab99e44a7fba6d4fe20fcb2c2cfa1a6f4d59b51755e66a3d9a325a08a286185c2bdac8c8c2910ed3ff8e047f28b2bf1827e0829f8ec8459241300583f1880c96b2e405b253af5f7e9ee91e34c3fa2cd5c53a71bc3b4b1a5741c17a7b73c8e7d3e8ec9e51a90772b8eb38f23fcb9e07eff8b0f68d4f7d4d68bfb8fbc8d90be681166fe5ed220e3a425c65c0e678e8b7470a99d7fccc7a3be07189ee02e1f8c81549b0b8c0113ef602d10d5d2429e8b60fa5aaddd55cb86141609bae35c185c5ad743d0fb0a1244ba6d67755e46073f3d428926c0d9033f8180120deab78a4b42664e36b6723039457195bff897760ede28bf2661a95715dd20bc744ae2a06bcb12ef8b7a373f3a5557f20256446ba95d45b7810d68494f954d1802aa8986279adc368c2365168c0619bc8952ec6ac60840d9968302edb8809d36f6b0c83dc6941193fb8eb2adcef36db70cbe51fd533ee108eaedebc05ab363058feecfb51e294419695019d0ba50a660ecbe3fd1b43ac973141b7e4c423c062f63ad24468ca79740502716b10a823821429d53f34409cc0757587a5de21663c33a8b194c988a3c209cec76b9fc18805649d9cc109635271c968972f4328e561b562ad6c32a71b269718a303ae3635e5b06717152817a11589d3efa0f803d7bb560c08132827333ada867d1a870e2feb3a5e7851363fc333bb681018764aab63eb740978994f62ec3147d4d6a40e099ada0c50c1a5f6a8196549be226508055aef349c76af40596f6c9b7217423628bb6dc07d9382f6d4c87c962ec97bee6384ba3e2522b76ee8619093500a75bcc8fd0fb9bb5093650ec0ca9c867a22260e2668ecf46047e3df87f5d82d992a558e45fb852be616c030edf6aeeae70848403dc1166e6a16776e8660f90449f297224f667563850480f259f6a59039b1a3ea5488971b5e4bcbf380c527c937055dbf4f5a676bacc09f4dde33c50a1286f6024980df1064a9dc4b3f101b129fa1fc141e54f52d4b7322a0cb1c2567205016f5ede0794122fcaa2d11fa77f5fddb3a5f3c7b3d85f0cb6f32cd11d752f755687fb8d93d40711a4c8873ec7c794f0f781bb9c10f9df22fa8f40cca06a48c37e66ea4480fcdd686526be62915ebe36e0bdf7dafd3940f698469ecdc792ca6105a37499a19382247a85bb734e4ba325dd307be8444b5860f99f9dbc7aa28c26747c89041bde3c10c459406786e10792078a52f4bcc32aff61b3f5798cb5dc2927f260f70a41d8e5fc38498b02d0053a86ae408d2efdc1aca9a8508ef9128dfd1fc6a92ba72f940ee469a3111e2cf6c28e77e5a206db6f09139db812fa4e4cfe33c8d184e4763bd8e54e0e473346215b8905d101463dd2ca855747c81c7ffd6c2625e0b59273a9516ec96a5cd8d9078c974980a16b6b87563986ba287821cd41f417792e42dd24e796e313b9cd943f1b9dd6ee35676ff4ad46dbd52db83abbc78f5dad11b6e7bd09a4ace8c246d0a52c36dcb1f0c6025f6ed2868f4b918b6e4e645c63689b7e7bc369dbe44725993b3b43f4572a7136b6e610adc161f45fc307c0937f2338ebc4fd571852b229b80ccd071e1a29c927f88b8b45efa503691758125d29463e742e2ef508babf30ae39ff8bb3a94cfee379f84348c002fdef77b410bee9f47f8119388b3fc159b409b9d9c9af97a4b75c38ca5fc0665cd975df293370de64714cefdd470c1d05a5d3e0f257182889d7a2d797ebf42d6935d1c6b5ef8cd1e2783cef3a316dbd4768510f26ee5b1c481bcac3e1608458d4b5ec6411cb3c921a131140440561931ca51b92231de91d1f950d992eec74c6500a6ecc9e8bc26eec367dba82720accd6dee234db88c132ec649baeef23a16ebb18c8e5b68b95aac984d8322a01b39636baf16911e458242730ea8b22c686bd01bc451e91c34f81fafe88485bbe97ec99299940ca897c3f802d080ecf8ca7e5032c728b8b33f162ab26a6805db239b88103c19ff8160a28268f8f7ac66593c67251fb0f3fa3004d5ad08107f48e0ecc1e4e910554f49ca72e3fd7e212d828fc3c0c40203e4642a3a372f36cfd13a037fd4dd107d6b386659b379c4c41813c8599cb71fd08e4b80f22dbb088d3d0257f30493b1c4d54201a00e049d998d291ecb659e65e2eed9776b367afc9b84b03957701bcbef289b0eea8e5722a63e1bd748d5af209c5ebff7df185d0d68e7ceabbf9a63bba55946cd3b52a09383fd9b9d2d956dc4e5af16986c5600dfd0db89e0e478420557d001c3716350c3e6ba0bbec1e5888435d296d8666f455d22205ea407a95eb60bc68a184e95ae3259f3783c594d3e550c018369df677ea11a37c757a3bd3c19eb257f5e228ad760562e431754a0c620004548962c3a4fb42d49259dafc1b9d365323fa2ace81876728a24f70b06e1198d5f863bfd00a04d5393b3adb15f4191d374c607c7ccb6b7ef84303454b6655392a23dccca41f55cb314a3bfbb637f57178cc9df4fe0645a8dc1ca0386d1fb0ff2cfc3e149991f97264d893fba0b013c027ce753c3e1f907a2988b1507eecd0e5e26368155ff5c55f616ffec31a613be450ee048955a46d68c272aa53f1db6ce199e2765f4be20933799d96f13b3a65f33cb60da1929023ff5d820172c423f83210a992264a37854033cd43c88129fabb5146367d2b748d84be96dc3a4ad95279ec7ed78dcb57056597a9f46a948708b0e9915b22f28216d94554db2082f4b9782a5802bf6700ef9017168a68304b6573f46c78a0a3be302e096b4f5b87313a2ef9a2b5f51956d9e315b08ee89a59aeec225227f3ece808c451e1103df7887f944138af1b93235bc93121fb84591d065d5f245c035c238a1c30d510be5db14725148919e8d57f1e3a36ead8be870e2505e3c9935c4461741c4a8dc4dff7e0e042167a7228bf218c9d8dd9c0be9e5ff4a79968d8f34cfc3206e0ade5889e9c5e44c918ed3755063d4148e7f1da9d2ce7aa45b9fc873f85cb92160b8a4d5b219884d0c43cc1194259ec4a6127887470d2fabbc1983b1bcc51e931f131d1238333c09740b43802fc5b1c01a942c5d08693b81e59429cb7d49f454f517cddc160d563a243182083008f2481e35312b4b35a2688468f18f4733f4b40d2f298c0b88ec2ad51e2efa509905233e3bbb9e172a1e697ab379f500c8c791aa97623bc8faa7f0468e02e6bc6f9bc40c75b4c01b92731fc371ad7c90928bead62a74580bb2d0aa1d8972fa857766ebe8aa00cd9eae79a591ea3e87a5ce636dc865b992c98a6fafe478973665936ad477558dac400fe179e86e6fef41aa074d0812f0c14f3992edb76358d02a2b763512ca9abc0940dd711670deb4d9abf196de9106efa5e1c14a673de86193908206ab9f72afd6ef1b05355f06ad0b9bc83750bb196654566b56e13e6e820d12bc34920b45c3"], 0x1, 0x200, &(0x7f0000006140)="$eJzsUr9rFEEU/mZ37tzThBxyIIogSvBHkdxmo/FHoWBjUEEQhRgQPO4u8XDjj+yB3nHgWqWwERQhQSwESQoL8R9wQW3ERiHYhUhaU6SwkYSVN/tmb88/INV8xX4z8958731v53bwINgBYGujUwWKIEiU8P2XgARwQKgj1OyEHebLzHmOX7ASjpj/Mm+dbE9MAqJxaGXMivbUDooi+kp/vq6iioGbOP360rsfV3Mvlnevv/1I+Revtz5AHKkNvHn1/tn5+X4lL25MZnXsaP+CQ0IAnm9OrKzKvXZJazXCZSqdg8bLKQh3wQEw/Hlo/qzb/9RizaDVvlPx/fpscO6JhXVV6udGp0qLWwBiAvsbB5DNIftLnENn+yRwDYCNOM2R6KLcnLlfDlrtocZMZbo+Xb/reaNj7nHXPeGVpxp+3aUvwNXUdZ4giI8BoN9UoBaEiu+i2Cbn7EQvSIf6CtO496XA7RfQqeb1r/udXikgU0/b0iwQsS1H9QFllSwfBo32YSgyp4NKRUIZG4eAzZsRmekvqeWowPCne35tDuSNry1Cphoja8ilGy+7GT2lHWKOeRB2zygWmdeY9YvWL1UqBYsvHQ2BPB5Vms04jh9jqQ9XviUROpv18ukqnZcaGFku2r3mzvy37y4MDAwMDAwMDAwMDAy2H/8CAAD//xZelnI=") open(&(0x7f0000000140)='./file2\x00', 0x0, 0x0) 2m38.89794726s ago: executing program 4 (id=2722): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8924, &(0x7f00000000c0)={'dummy0\x00', 0x1}) 2m23.80227917s ago: executing program 32 (id=2722): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8924, &(0x7f00000000c0)={'dummy0\x00', 0x1}) 2.865423387s ago: executing program 1 (id=4943): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="600000001800010000000000000000001d0100000800050000fd000008000900", @ANYRES32=0x0, @ANYBLOB="05000d000100000008000a00", @ANYRES32=0x0, @ANYBLOB="15000100000000000000e2020000000000000070040000000c000b00000000000000000008000e", @ANYBLOB], 0x60}}, 0x0) 2.556519059s ago: executing program 1 (id=4951): r0 = syz_open_dev$video4linux(&(0x7f00000000c0), 0x5, 0x20980) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r0, 0xc040564a, &(0x7f0000000200)={0x0, 0x0, 0x3003, 0x800, 0xffffffff, 0x100000, 0x8, 0x1}) 2.378094134s ago: executing program 3 (id=4953): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000002c0)={0x0, 0x0}) 2.228857509s ago: executing program 1 (id=4956): r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x40046f41, 0x0) 2.197779974s ago: executing program 5 (id=4958): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f00000000c0)={0x0, 0x0, {0x0, 0x1, 0x3012, 0x0, 0x8, 0x8, 0x0, 0x657ef077e46ea00d}}) 2.03310338s ago: executing program 3 (id=4959): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x30, 0x1412, 0x1, 0x70bd29, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x5}]}, 0x30}, 0x1, 0x0, 0x0, 0x30044000}, 0xc000) 1.953886401s ago: executing program 1 (id=4962): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000000000000000000000000008500000022000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xa5bc, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.886699123s ago: executing program 5 (id=4964): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000002840)={0x2, 0x3, 0x0, 0x2, 0x10, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x8, 0x10, 0x0, '[8'}, @sadb_address={0x5, 0x6, 0xff, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x8}, @sadb_address={0x5, 0x5, 0x3c, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}]}, 0x80}, 0x1, 0x7}, 0x0) 1.830803507s ago: executing program 3 (id=4965): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@newlink={0x5c, 0x10, 0x40d, 0x70bd2a, 0x4, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5019}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x1}, @IFLA_MACVLAN_MACADDR={0xa, 0x4, @remote}]}}}, @IFLA_ALT_IFNAME={0x14, 0x35, 'macvlan0\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x0) 1.711368833s ago: executing program 6 (id=4966): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x7, &(0x7f00000006c0)={0x1, 0x1}) 1.710716889s ago: executing program 2 (id=4967): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}}, {{&(0x7f0000000280)=@abs={0x1, 0x0, 0x4e24}, 0x6e, 0x0, 0x0, &(0x7f00000018c0)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18, 0x20008880}}], 0x2, 0x4c054) 1.585559225s ago: executing program 3 (id=4969): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x30, 0x3e, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0xc, 0x2, 0x0, 0x1, [@nested={0x8, 0x14, 0x0, 0x1, [@nested={0x4, 0x3}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) 1.513402475s ago: executing program 5 (id=4970): r0 = socket(0x22, 0x2, 0x24) recvmmsg(r0, &(0x7f00000001c0), 0x4b, 0x40012160, 0x0) 1.483621769s ago: executing program 1 (id=4971): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x41}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2107, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 1.458083947s ago: executing program 2 (id=4972): r0 = syz_open_dev$vim2m(&(0x7f0000000180), 0x100, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000480)={0x13, 0x1, 0x0, "8eb8a83fe93b07f1dd06da7a41bfeac48048beb159fbba17425ced8f098c68d9"}) 1.434008524s ago: executing program 6 (id=4974): r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000002c0), 0x480, 0x0) preadv(r0, &(0x7f00000005c0)=[{&(0x7f0000000300)=""/147, 0x93}, {0x0}], 0x2, 0x1, 0xffff) 1.289305248s ago: executing program 3 (id=4975): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) ioprio_set$uid(0x3, 0x0, 0x2004) 1.236505665s ago: executing program 2 (id=4976): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x38, &(0x7f0000000440)=[@in6={0xa, 0x0, 0xe, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x5}, @in6={0xa, 0x4e20, 0xf91, @private0, 0x1}]}, &(0x7f00000002c0)=0x10) 1.228800089s ago: executing program 5 (id=4977): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='projid_map\x00') write$evdev(r0, 0x0, 0x0) 1.205826926s ago: executing program 6 (id=4978): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x80201, 0x0) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000200)="13000000000201", 0x7}], 0x1) 1.100169209s ago: executing program 0 (id=4979): mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) mremap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x3000, 0x0, &(0x7f0000ffc000/0x3000)=nil) 1.098384307s ago: executing program 1 (id=4980): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0xe, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000402505a2a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f010500000001000000000624fdee7c1b0905810308000300000904010000020d00000904010102020d0000090582"], 0x0) 978.113747ms ago: executing program 3 (id=4981): syz_usb_connect(0x3, 0x2d, &(0x7f0000000680)=ANY=[@ANYBLOB="12010000061c2f20c81403006c050102030109021b00010000000009040000018ea44300090585da09"], 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x84000) 977.936483ms ago: executing program 5 (id=4982): set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 877.859752ms ago: executing program 0 (id=4983): r0 = openat$vicodec1(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0) ioctl$VIDIOC_S_PARM(r0, 0xc0cc5616, &(0x7f0000000200)={0xa, @output={0x0, 0x0, {0xffffff9b, 0x1}, 0x2, 0x100}}) 866.869431ms ago: executing program 2 (id=4984): r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x1ff, 0x20000) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x1, 0x3, 0x6, 0x448, '\x00', 0x9}, 0x1, [0x7, 0xd5, 0x2, 0xfff, 0x6, 0x6, 0x2, 0x5, 0xffffffffffffffff, 0xbd, 0x80000000, 0x102d, 0x8, 0x1, 0x3, 0x1, 0x1, 0x7, 0x6, 0x200, 0x80, 0x7, 0x7, 0x7, 0xc, 0x2, 0x2, 0x7, 0xffffffffffffffff, 0x3, 0x900000001, 0x403, 0x1, 0x4, 0x101, 0x3, 0x3, 0x1, 0x0, 0x6, 0x9, 0x4, 0x8a, 0x50f, 0x9ac2, 0x6fe5, 0xffffffffba36ba5a, 0x4, 0xa, 0x88b, 0x6, 0x4000006, 0xffffffffffffffff, 0x403, 0x3, 0xfffffffffffff8f6, 0x4, 0xfffffffffffffff9, 0x0, 0xf9800000, 0x0, 0x9, 0x1800000, 0x4, 0x82b, 0x8, 0x5, 0x0, 0x9, 0xfffffffffffffffa, 0x3ff, 0x100000000000006, 0x2, 0x2f, 0x1, 0x7, 0x40, 0x2, 0x42843379, 0x1, 0x7, 0x200, 0x77d, 0xb3, 0x5, 0x539, 0x623b, 0x6, 0x0, 0x7, 0x4, 0x200, 0x7, 0x8, 0x0, 0x5, 0x93, 0x8, 0x401, 0x2, 0x2775e12f, 0x680000000000, 0x5, 0x7, 0xe88, 0x80000004, 0x0, 0xfffffffffffffffa, 0x10001, 0x8, 0x8, 0x1000, 0x0, 0x5, 0x7, 0xfffffffffffff000, 0x10000, 0x7ffd, 0xfffffffffffffff7, 0x6, 0x46b, 0x8, 0x80000000005, 0x6, 0x20000000004, 0x0, 0x7f, 0x3]}) 780.224954ms ago: executing program 6 (id=4985): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x35314258}}) 683.023876ms ago: executing program 0 (id=4986): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) pwrite64(r0, 0x0, 0x0, 0xa795) 647.226106ms ago: executing program 2 (id=4987): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0) 601.818455ms ago: executing program 6 (id=4988): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x40041}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, @IFLA_BR_AGEING_TIME={0x8, 0x9}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x1000}, 0x0) 493.443299ms ago: executing program 0 (id=4989): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000e80)={'batadv_slave_1\x00', &(0x7f0000000d80)=@ethtool_drvinfo={0x3, "f020df0d6851e1b0676d01d3f99697ece7bc03a25450e37ef8734015af93d27d", "522276dc0feda08179751d78a935f2c2e2dd70987fb4dc719d0991d4d1e0d6cb", "5c4d0ccf47ed9de1d18746a5673b312c1b7807d5bb243c8ef116a2ae9ee62db2", "6e80a371b8ed32d26e3f1e626c823f445c1cce254833460a1dad93a3b54e0c9d", "8726af365fb546d50e0a2aee1ea840fc1a592a606e8a7aa28e7a998468e0b3ca", "fd14bdef2a5331e55f603af9", 0x100, 0xce2, 0xf, 0x100, 0x9}}) 394.132095ms ago: executing program 2 (id=4990): syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x2000c12, &(0x7f0000000180)={[{@check_relaxed}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@check_relaxed}, {@unhide}, {@map_off}, {@map_acorn}, {@check_strict}, {}, {@block={'block', 0x3d, 0x400}}, {@map_normal}, {@unhide}, {@overriderock}]}, 0x1, 0xa16, &(0x7f0000000240)="$eJzs3UtsXfWdB/Dv8SMxBiUBMgyDgNyESTDgcWxnSCZiwST2TWLGj5HtSESzIAxxqjRuaUkrAaqUIKGuilqpVRftDnXVbpDYlE3Frt21qy4qVay6R12lK1fn3uv4da+vHfxIwucTXd/z+J3//3ee/9zr4/MP95eF/SvGFhZqr7scv/jrHciYe9jZ0S8+/uSj8vXBrexJZ14ufpv0JKkkXUmeTLpHRqenJtoUdD25nOTzpEiyN/X3Dbmc4sd5ZGn88xS/LOttac9GS6adBb7Wdvv4AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAe1ExMjo4OFTsydjkxdcrdUlljZHR6akiCwtr5ywuU/dZrdfv4rO29SZF+UpPz2JX308eXJr9RJLKkTxdH3u61iF5evL+w08ceOXxro7F5Vtl85Xs3XixN957//qb8/Nz77QOWbhZX4etye0ec746OTYzNTZx5ny1MjYzVTl98uTg8QvnZirnxsarM5dmZqsTlZHp6pnZqelK38gLlaHTp09UqgOXpi5Onh8dGK8uTjz1H8ODgycrrw38b/XM9MzU5PHXBmZGLoyNj49Nnq/FlLPLmFPlgfg/Y7OV2eqZiUrl6rX5uROrcupcvbHLoKF2a1IGDbcLGh4cHh4aGh4e+qDRe/adCSdfPv3yqcHBrsFVsiZimw5a7i0Ptd7NW3wFh7vXUW//883xjGUyF/N6Kk3/jWQ005nKRIv5DYvt/9Hj1XXrXd7+N1r5rmWznyp/HMmzjdGeFu1/i1x27t+NvJf3cz1vZj7zmcs7u57Rzv47n2omM5aZTGUsEzlTm1JpTKnkdE7mZAbzRi7kUGZSybmMZTzVzORSZjKbau2IGsl0qjmT2UxlOpX0ZSQvpJKhnM7pnEgl1QzkUqZyMZM5n9GcqZVyNddq2/3EOjneCRraSNDwOkGrG/PyWN9c+199UP8nyIZt/UUc7tJCo/3f0z60b2QnEgIAAAC23L/9IfsOPvb7vyZFnql9L39ubLz66m6nBQAAAGyh2u16T5dv3eXQMz21z/+D7Rd8ZPtzAwAAALZGUfsbuyJJbw7Vhxb/EmoDXwIAAAAA94Pa7/+fTXFoaYLP/wAAAPCAaf+M/bYRRf/i438rV+rvVxoR9bGi99zYeHVgZGr8laEcqz1lIMkza0vrTIru2p8fvJjD9ajDvfX33qUSyzp7yqihgVeG8mKONFak77ny7bm+JpHD9cjn65HPL4/szIrIE2UkADzojqzTHm+0/X8x/fWI/qdqTX7XU03a4EEtKwDcK+70sfOPRpdmTdr/RsSzrdr//1zn838Z8ViuHqrfUjCQt/J25nMl/WnccXCoWamLvRHUb0Pob/NtQG/jloU/nepI/5rvA3rurOvy2LkMp7/pNwLLyi0WczhRj+vcnn0AADvtyLrt8Mba//42n//LNrfilkIAuGfc6cF+EwM3NxM8986N3V5HAGAlrTQAAAAAAAAAAAAAAAAAAAAAAAAAAABsvQ09wP+Px5L5+blkQ4/9/zCb7VCg6UDPZjJcf6AjW5DPBgdu7mBdawc6k+xW7a9ufr+X+/grVPqbhxqL/23XNviDO7DLFyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB2RJF0NpvekexNMpjk+M5ntX1u7XYCW6Wy564WK27ndt7Nvi3PBwAAAAAAAAAAAAAAAAAAAAAAAAAAAADga67x/P+O1N8frk9KV0dyNMnlJP+32zlupdu7ncD2KNqHfKseuPT8/46kOwtFuuq7PUX3yOj01ERZVLG3nP/Fx598VL7al722V4WygLKGFZ1LNGpYNqV75VKP1pbqHZ27cf17b3+nMnq2dmCenT03Pjpxfvq/lwKfKD5NKqm/Fi3m+4Ojv/vJssmNjhKKT8s1bW51vedq9Y6urfdfmy3dot4NuDY/N1zWNFt9ffb737727rJZj+Vw8lxf0reypm+UrxY1HV69PVcqvix+WOzLz3O5tv/LrVEsFOUu2l9b/4euXpufG3jr7fkrd3K6uSKnAzmU5ErSs/GcDrU+NmtHXUd3WetgLaj8cbBNeetaVuJQi+36aO2Q6d3UOlTanF9ttnsjoxNNM/rpdx/PsU3v6WNtamyq+LL4S3Ehf86Hy/r/6Cj3/9E0PTubFFGLXHakLJ+34vTqqEfW1nx4+Yw3VpfZ8qxkG/wo/5//urP/O5Zd/xv7ameuR8tqbH5eJJs/L361f02LsqTWIh1c1SI1rj6tlmnkebAe1SLPf8lL9TI3cUV5qV2LvU3n/y+Kvvw9t/T/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3PuKpLPZ9I7kaJIDSfaX45VkYXXMrbuor6O3uJs0t8zd5Hz/KVquaHE7t/Nu9u10RgAAAAAAAABsj7OjX3z8yUflq/b7+M78e0djTiXpSnKg+Fn3yOj01ESbgrqTy4u/0u/ZXA6Xyx+PLI1/Xo492Wah3b19AADua/8MAAD//1SQbaE=") openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) 263.500517ms ago: executing program 0 (id=4991): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000bc0)={0x1a8, 0x19, 0x1, 0x0, 0x0, {0x1d, 0xd601, 0x9}, [@nested={0x50, 0x11, 0x0, 0x1, [@typed={0x49, 0x121, 0x0, 0x0, @binary="c9a7befe6f6d645a1a11b81b2c4b101c7510e19feecb90ee6bb49f6cc7a2c50fd57c06db1a75df432aa833928a0772ff8f5e9ed32d3b477d35b296674f1fe35663c0d236fd"}]}, @nested={0x144, 0x6, 0x0, 0x1, [@nested={0x140, 0x75, 0x0, 0x1, [@nested={0x10, 0x105, 0x0, 0x1, [@typed={0x8, 0x22, 0x0, 0x0, @fd=r0}, @typed={0x4, 0x98}]}, @nested={0x129, 0x87, 0x0, 0x1, [@typed={0x8, 0xe7, 0x0, 0x0, @uid}, @typed={0x8, 0x8, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @generic="9b371a014af46af1e4cfcf8ec3ee2ed0045f8c452d47e6c479", @typed={0xc, 0xd2, 0x0, 0x0, @u64}, @nested={0xe5, 0x84, 0x0, 0x1, [@generic="dc12fe3f442a726ba43c8cb5ef9962ee82fbe6ae27e45298cd914f49644a2a584732045926d4705498928040d177920db147d5c6f41172107d3cd8749d2935164663802bf0a93c9385b3e4e1e0cf029a8d8be90c51868b41b389f26afcaff7ad37e456c5e98f30ece9cd002e3ce16b08893e2c1a022d4b9470db92b95b0f9bdfe2f5ee5f47c5e92f68e6addd6fb9f4b6c97cfb6886cbec5cd66481f4d25b03fb2b31475cb7ca", @generic="85ffc6451a4d186455533ffaeac27d0436cca7548a91f63e37852fa662b3b0d4eab38854f70814493209b73c572be3206ce6eb76c0f6c300b7fd24"]}, @typed={0x8, 0xd, 0x0, 0x0, @uid}]}]}]}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x5}, 0x0) 57.681285ms ago: executing program 5 (id=4992): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000200), &(0x7f0000000080)=0x1) 32.761764ms ago: executing program 0 (id=4993): r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0xec8, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x9, 0xc, 0x32314142, 0x2, 0x6, 0x6, 0x4, 0xa6e, 0x0, 0x2, 0x1, 0x5}}) 0s ago: executing program 6 (id=4994): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) wait4(0x0, 0x0, 0x5, 0x0) kernel console output (not intermixed with test programs): 20072][T16534] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 353.327669][T16534] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 353.349745][ T30] audit: type=1326 audit(2000000098.759:1650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16549 comm="syz.1.3304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e898e969 code=0x7ffc0000 [ 353.412043][T16534] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 353.419133][T16534] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 353.444799][ T30] audit: type=1326 audit(2000000098.769:1651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16549 comm="syz.1.3304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7f91e898e969 code=0x7ffc0000 [ 353.467209][ C1] vkms_vblank_simulate: vblank timer overrun [ 353.520847][T16534] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 353.562373][T16534] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 353.589994][T16534] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 205506490 [ 353.600272][ T30] audit: type=1326 audit(2000000098.769:1652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16549 comm="syz.1.3304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e898e969 code=0x7ffc0000 [ 353.617983][T16534] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 353.622766][ T30] audit: type=1326 audit(2000000098.769:1653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16549 comm="syz.1.3304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e898e969 code=0x7ffc0000 [ 353.798347][T16559] ubi31: background thread "ubi_bgt31d" started, PID 16559 [ 353.943213][T16579] loop1: detected capacity change from 0 to 512 [ 353.976272][ T30] audit: type=1326 audit(2000000099.519:1654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16582 comm="syz.3.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbea0b8e969 code=0x7ffc0000 [ 353.998730][ C1] vkms_vblank_simulate: vblank timer overrun [ 354.054255][ T30] audit: type=1326 audit(2000000099.519:1655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16582 comm="syz.3.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbea0b8e969 code=0x7ffc0000 [ 354.068185][T16579] Quota error (device loop1): write_blk: dquota write failed [ 354.084587][T16579] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 354.094486][T16579] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.3312: Failed to acquire dquot type 1 [ 354.106520][T16572] loop0: detected capacity change from 0 to 8192 [ 354.118426][ T30] audit: type=1326 audit(2000000099.569:1656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16582 comm="syz.3.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fbea0b8e969 code=0x7ffc0000 [ 354.162865][T16579] EXT4-fs (loop1): 1 truncate cleaned up [ 354.196522][T16572] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 354.223941][T16596] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3316'. [ 354.241985][T16579] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 354.290226][T16579] ext4 filesystem being mounted at /505/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 354.595317][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 354.608606][ T1100] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1 [ 354.828398][T16651] loop3: detected capacity change from 0 to 8 [ 354.873277][T16654] loop1: detected capacity change from 0 to 64 [ 354.891318][T16651] SQUASHFS error: Unable to read inode 0xe3 [ 354.938477][T16654] syz.1.3323: attempt to access beyond end of device [ 354.938477][T16654] loop1: rw=0, sector=65534, nr_sectors = 2 limit=64 [ 354.940391][T16659] netlink: 'syz.0.3322': attribute type 4 has an invalid length. [ 354.993027][T16654] Buffer I/O error on dev loop1, logical block 32767, async page read [ 355.008845][T16661] loop6: detected capacity change from 0 to 2048 [ 355.022894][T16654] syz.1.3323: attempt to access beyond end of device [ 355.022894][T16654] loop1: rw=0, sector=65534, nr_sectors = 2 limit=64 [ 355.038121][T16661] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=26504, location=26504 [ 355.045472][T16659] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3322'. [ 355.092611][T16654] Buffer I/O error on dev loop1, logical block 32767, async page read [ 355.142882][T16661] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 355.183343][T16659] wlan1: mtu less than device minimum [ 355.664978][T16698] loop6: detected capacity change from 0 to 256 [ 356.560052][T16744] program syz.3.3348 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 356.603681][T16679] loop5: detected capacity change from 0 to 32768 [ 356.674878][T16679] JBD2: Ignoring recovery information on journal [ 356.934094][T16679] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode. [ 357.190343][ T5830] ocfs2: Unmounting device (7,5) on (node local) [ 357.360108][ T10] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 357.546791][ T10] usb 7-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 357.586733][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 357.646680][ T10] usb 7-1: config 0 descriptor?? [ 357.677554][ T10] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 357.935107][T16810] loop3: detected capacity change from 0 to 2048 [ 358.023720][ T5975] loop3: p1 < > p4 [ 358.031850][ T5975] loop3: p4 size 8388608 extends beyond EOD, truncated [ 358.047210][T16816] netlink: 'syz.1.3368': attribute type 7 has an invalid length. [ 358.091785][ T10] gspca_stv06xx: I2C: Read error writing address: -71 [ 358.125851][T16810] loop3: p1 < > p4 [ 358.136365][ T10] usb 7-1: USB disconnect, device number 3 [ 358.168002][T16810] loop3: p4 size 8388608 extends beyond EOD, truncated [ 358.469420][ T5946] udevd[5946]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 358.498708][ T5975] udevd[5975]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 358.563729][ T5946] udevd[5946]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 358.583829][ T5975] udevd[5975]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 358.852393][T16866] loop1: detected capacity change from 0 to 64 [ 359.041895][ T10] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 359.224351][ T10] usb 7-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 359.258155][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 359.312191][ T10] usb 7-1: config 0 descriptor?? [ 359.465878][T16831] loop5: detected capacity change from 0 to 32768 [ 359.487792][T16786] loop2: detected capacity change from 0 to 32768 [ 359.540597][T16786] btrfs: Deprecated parameter 'usebackuproot' [ 359.546724][T16786] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 359.590166][T16831] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 359.717725][T16786] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3360 (16786) [ 359.728681][ T10] usb 7-1: Cannot set MAC address [ 359.740261][ T10] MOSCHIP usb-ethernet driver 7-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 359.771615][ T10] usb 7-1: USB disconnect, device number 4 [ 359.867341][T16786] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 359.943460][T16786] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm [ 360.015929][T16860] loop0: detected capacity change from 0 to 32768 [ 360.021396][T16786] BTRFS info (device loop2): disk space caching is enabled [ 360.037160][T16786] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 360.060782][T16916] netlink: 'syz.1.3385': attribute type 64 has an invalid length. [ 360.095752][T16860] (syz.0.3374,16860,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 360.100972][T16916] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3385'. [ 360.151124][T16860] (syz.0.3374,16860,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 360.186685][T16831] XFS (loop5): Ending clean mount [ 360.245664][T16831] XFS (loop5): Quotacheck needed: Please wait. [ 360.419322][T16786] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 360.428553][T16786] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 360.451102][T16860] JBD2: Ignoring recovery information on journal [ 360.511165][T16786] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 360.511563][T16786] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 360.528000][T16939] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 360.614157][T16831] XFS (loop5): Quotacheck: Done. [ 360.628272][T16786] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 360.628686][T16786] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 360.670253][T16860] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 360.731896][T16786] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 360.779241][T16786] BTRFS error (device loop2): open_ctree failed: -12 [ 360.859612][ T5830] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 360.962571][T16957] tmpfs: Bad value for 'mpol' [ 361.350341][ T5821] ocfs2: Unmounting device (7,0) on (node local) [ 361.522860][T16971] loop3: detected capacity change from 0 to 2048 [ 361.649124][T16971] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 361.847771][T16993] No such timeout policy "syz0" [ 362.432624][T17025] loop5: detected capacity change from 0 to 64 [ 362.489187][T17025] Bad inode number on dev loop5: 6 is out of range [ 363.389457][T17013] loop0: detected capacity change from 0 to 32768 [ 363.456849][T17013] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3398 (17013) [ 363.540923][T17013] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 363.543898][T17069] loop5: detected capacity change from 0 to 256 [ 363.593840][T17013] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 363.648925][T17069] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d1950c, utbl_chksum : 0xe619d30d) [ 363.658469][T17013] BTRFS info (device loop0): using free-space-tree [ 363.672169][T17074] syz.2.3428: attempt to access beyond end of device [ 363.672169][T17074] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 363.761486][T17074] hpfs: hpfs_map_sector(): read error [ 363.841814][T17069] exFAT-fs (loop5): error, data size is invalid(9000) [ 363.880216][T17069] exFAT-fs (loop5): Filesystem has been set read-only [ 364.299339][ T5821] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 364.523174][T17059] loop3: detected capacity change from 0 to 32768 [ 364.613979][T17059] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3424 (17059) [ 364.783421][T17059] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 364.859516][T17059] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 364.896832][T17059] BTRFS info (device loop3): disk space caching is enabled [ 364.928769][T17059] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 364.931462][T17130] loop5: detected capacity change from 0 to 1764 [ 365.307523][T17158] CIFS mount error: No usable UNC path provided in device string! [ 365.307523][T17158] [ 365.380844][T17059] BTRFS info (device loop3): rebuilding free space tree [ 365.396697][T17158] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 365.471070][T17059] BTRFS info (device loop3): disabling free space tree [ 365.478028][T17059] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 365.553289][T17059] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 365.829479][ T5832] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 366.021320][T17124] loop2: detected capacity change from 0 to 32768 [ 366.070916][T17124] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3438 (17124) [ 366.180520][T17124] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 366.302505][T17124] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 366.392638][T17124] BTRFS info (device loop2): disk space caching is enabled [ 366.429700][T17124] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 366.542495][T17207] loop5: detected capacity change from 0 to 4096 [ 366.800319][T17235] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 366.857154][T17124] BTRFS info (device loop2): rebuilding free space tree [ 366.971487][T17124] BTRFS info (device loop2): disabling free space tree [ 366.978441][T17124] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 367.036438][T17124] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 367.163402][T17251] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3464'. [ 367.283950][ T5829] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 367.458588][T17266] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3471'. [ 367.477925][T17270] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3472'. [ 367.510243][T17266] netlink: 31 bytes leftover after parsing attributes in process `syz.0.3471'. [ 367.550360][T17266] netlink: 'syz.0.3471': attribute type 3 has an invalid length. [ 367.600090][T17266] netlink: 'syz.0.3471': attribute type 2 has an invalid length. [ 367.637417][T17266] netlink: 31 bytes leftover after parsing attributes in process `syz.0.3471'. [ 367.886533][ T10] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 368.110167][ T10] usb 7-1: config 0 has an invalid interface number: 58 but max is 0 [ 368.160062][ T10] usb 7-1: config 0 has no interface number 0 [ 368.166209][ T10] usb 7-1: config 0 interface 58 altsetting 0 endpoint 0xE has invalid maxpacket 1023, setting to 64 [ 368.232683][ T10] usb 7-1: New USB device found, idVendor=085a, idProduct=0008, bcdDevice=7f.81 [ 368.247234][T17304] loop5: detected capacity change from 0 to 1024 [ 368.279636][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 368.309682][ T10] usb 7-1: Product: syz [ 368.333099][T17310] gre1: entered promiscuous mode [ 368.347376][ T10] usb 7-1: Manufacturer: syz [ 368.380030][ T10] usb 7-1: SerialNumber: syz [ 368.400487][ T10] usb 7-1: config 0 descriptor?? [ 368.681034][ T10] kaweth 7-1:0.58: Firmware present in device. [ 368.853508][ T10] kaweth 7-1:0.58: Error reading configuration (-71), no net device created [ 368.907703][ T10] kaweth 7-1:0.58: probe with driver kaweth failed with error -5 [ 368.971418][ T10] usb 7-1: USB disconnect, device number 5 [ 369.647659][T17395] loop2: detected capacity change from 0 to 512 [ 369.739329][T17395] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 369.739488][T17395] ext4 filesystem being mounted at /622/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 369.996660][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.291655][T17420] bond1: entered promiscuous mode [ 370.296742][T17420] bond1: entered allmulticast mode [ 370.303080][T17420] 8021q: adding VLAN 0 to HW filter on device bond1 [ 370.551900][T17471] loop6: detected capacity change from 0 to 2048 [ 370.603841][T17474] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 370.667005][T17471] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 370.694679][T17471] EXT4-fs error (device loop6): ext4_iget_extra_inode:4693: inode #12: comm syz.6.3520: corrupted in-inode xattr: e_name out of bounds [ 370.778746][T17482] loop0: detected capacity change from 0 to 2048 [ 370.807743][T14792] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.904637][T17482] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 370.967306][T17498] --map-set only usable from mangle table [ 371.308762][ T5821] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 371.393413][T17518] netlink: 4388 bytes leftover after parsing attributes in process `syz.6.3536'. [ 371.424312][T17420] bond1 (unregistering): Released all slaves [ 371.900597][T17585] binfmt_misc: register: failed to install interpreter file ./file0 [ 371.990253][ T10] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 372.083699][T17593] xt_ecn: cannot match TCP bits for non-tcp packets [ 372.162998][T17600] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3549'. [ 372.190701][ T10] usb 3-1: Using ep0 maxpacket: 32 [ 372.222842][ T10] usb 3-1: config 0 has an invalid interface number: 59 but max is 0 [ 372.254786][ T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 372.306841][ T10] usb 3-1: config 0 has no interface number 0 [ 372.331236][T17605] overlayfs: missing 'lowerdir' [ 372.347653][ T10] usb 3-1: config 0 interface 59 altsetting 7 has an endpoint descriptor with address 0xFA, changing to 0x8A [ 372.403303][ T10] usb 3-1: config 0 interface 59 altsetting 7 bulk endpoint 0x8A has invalid maxpacket 22 [ 372.455358][ T10] usb 3-1: config 0 interface 59 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 372.512477][ T10] usb 3-1: config 0 interface 59 has no altsetting 0 [ 372.532734][ T10] usb 3-1: New USB device found, idVendor=0499, idProduct=5006, bcdDevice=47.18 [ 372.562595][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 372.595334][ T10] usb 3-1: Product: syz [ 372.599551][ T10] usb 3-1: Manufacturer: syz [ 372.634402][ T10] usb 3-1: SerialNumber: syz [ 372.651114][ T5999] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 372.663047][ T10] usb 3-1: config 0 descriptor?? [ 372.670436][T17572] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 372.708879][ T10] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 372.842089][ T5999] usb 2-1: config 0 has an invalid interface number: 117 but max is 0 [ 372.874289][ T5999] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 372.897485][ T5887] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 372.938716][ T5999] usb 2-1: config 0 has no interface number 0 [ 372.956910][ T10] usb 3-1: USB disconnect, device number 28 [ 372.970650][ T5999] usb 2-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 373.026861][ T5999] usb 2-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 373.108915][ T5887] usb 6-1: config 0 has an invalid interface number: 109 but max is 0 [ 373.112119][ T5999] usb 2-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 373.130029][ T5999] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 373.147024][ T5887] usb 6-1: config 0 has no interface number 0 [ 373.150709][ T5999] usb 2-1: Product: syz [ 373.175599][ T5887] usb 6-1: config 0 interface 109 altsetting 0 has an endpoint descriptor with address 0xA1, changing to 0x81 [ 373.178867][ T5999] usb 2-1: Manufacturer: syz [ 373.198056][ T5887] usb 6-1: New USB device found, idVendor=100d, idProduct=cb01, bcdDevice=84.d1 [ 373.220067][ T5999] usb 2-1: SerialNumber: syz [ 373.229480][ T5999] usb 2-1: config 0 descriptor?? [ 373.262660][ T5887] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 373.279070][ T5887] usb 6-1: config 0 descriptor?? [ 373.295749][ T5887] cxacru 6-1:0.109: cxacru_bind: interface has incorrect endpoints [ 373.356641][ T5887] cxacru 6-1:0.109: usbatm_usb_probe: bind failed: -19! [ 373.463627][ T5999] usbtouchscreen 2-1:0.117: probe with driver usbtouchscreen failed with error -71 [ 373.515494][ T5999] usb 2-1: USB disconnect, device number 27 [ 373.564149][ T972] usb 6-1: USB disconnect, device number 17 [ 373.620286][T17708] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3569'. [ 373.673085][T17708] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3569'. [ 373.839681][T17721] ALSA: mixer_oss: invalid OSS volume 'u' [ 374.230027][T17746] netlink: 'syz.1.3580': attribute type 5 has an invalid length. [ 374.282872][T17748] loop5: detected capacity change from 0 to 8 [ 374.350048][T17748] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 374.433028][T17748] cramfs: Error -3 while decompressing! [ 374.485952][T17748] cramfs: ffffffff9993e422(639)->ffff888042d6f000(4096) [ 374.532184][T17748] cramfs: bad data blocksize 4294966699 [ 374.538222][T17748] cramfs: Error -3 while decompressing! [ 374.544635][T17759] bridge5: entered promiscuous mode [ 374.592596][T17748] cramfs: ffffffff9993e422(639)->ffff888042d6f000(4096) [ 374.639726][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 374.639745][ T30] audit: type=1800 audit(2000000120.189:1659): pid=17748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3581" name="file2" dev="loop5" ino=348 res=0 errno=0 [ 375.226343][T17736] loop6: detected capacity change from 0 to 32768 [ 375.289465][T17736] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.3576 (17736) [ 375.321600][T17736] BTRFS info (device loop6): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 375.353268][T17736] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm [ 375.410166][T17736] BTRFS info (device loop6): using free-space-tree [ 375.847332][T17736] BTRFS info (device loop6): rebuilding free space tree [ 376.085993][T14792] BTRFS info (device loop6): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 376.467265][T17859] netlink: 'syz.0.3608': attribute type 3 has an invalid length. [ 377.896138][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 377.913485][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 377.923204][T17932] loop0: detected capacity change from 0 to 128 [ 378.388881][T17954] loop5: detected capacity change from 0 to 4096 [ 378.400446][ T24] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 378.458860][T17893] loop3: detected capacity change from 0 to 32768 [ 378.520230][T17893] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3621 (17893) [ 378.540206][T17968] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 378.572348][T17954] NILFS error (device loop5): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 378.593470][T17971] 9pnet_fd: p9_fd_create_tcp (17971): problem connecting socket to 127.0.0.1 [ 378.605135][T17893] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 378.610490][ T24] usb 3-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e [ 378.660126][T17954] Remounting filesystem read-only [ 378.663097][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 378.683314][ T24] usb 3-1: Product: syz [ 378.695780][T17893] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm [ 378.701771][ T24] usb 3-1: Manufacturer: syz [ 378.740063][ T24] usb 3-1: SerialNumber: syz [ 378.750527][T17893] BTRFS info (device loop3): using free-space-tree [ 378.768415][ T24] usb 3-1: config 0 descriptor?? [ 379.006134][ T24] mos7840 3-1:0.0: required endpoints missing [ 379.215841][ T972] usb 3-1: USB disconnect, device number 29 [ 379.339217][ T5832] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 379.369389][T18025] loop0: detected capacity change from 0 to 2048 [ 379.470523][T18025] EXT4-fs (loop0): stripe (8) is not aligned with cluster size (16), stripe is disabled [ 379.620723][T18025] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 379.756079][T18025] EXT4-fs error (device loop0): ext4_find_extent:902: inode #2: comm syz.0.3654: inode has invalid extent depth: 6 [ 380.133911][ T5821] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 380.314990][T18057] loop2: detected capacity change from 0 to 4096 [ 380.403176][T18057] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 380.562709][T18057] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 380.918931][T18101] loop2: detected capacity change from 0 to 64 [ 381.066462][T18110] binder: 18108:18110 ioctl c00c6211 0 returned -14 [ 381.202468][T18114] ieee802154 phy0 wpan0: encryption failed: -22 [ 381.311379][T18125] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 381.416179][T18131] netlink: 'syz.0.3686': attribute type 10 has an invalid length. [ 381.443405][T18135] netlink: 'syz.6.3687': attribute type 3 has an invalid length. [ 381.563742][T18131] 8021q: adding VLAN 0 to HW filter on device team0 [ 381.613571][T18131] bond0: (slave team0): Enslaving as an active interface with an up link [ 381.733776][T18148] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3691'. [ 381.884547][T18149] loop5: detected capacity change from 0 to 4096 [ 381.986027][T18163] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 382.078086][T18149] NILFS (loop5): nilfs_palloc_commit_free_entry (ino=6): entry number 15 already freed [ 382.160346][T18169] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 382.220703][ T24] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 382.253769][ T30] audit: type=1326 audit(2000000127.799:1660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18171 comm="syz.0.3699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54e98e969 code=0x7ffc0000 [ 382.354049][ T30] audit: type=1326 audit(2000000127.809:1661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18171 comm="syz.0.3699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fa54e98e969 code=0x7ffc0000 [ 382.413769][ T24] usb 4-1: unable to get BOS descriptor or descriptor too short [ 382.440145][ T30] audit: type=1326 audit(2000000127.809:1662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18171 comm="syz.0.3699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54e98e969 code=0x7ffc0000 [ 382.446196][ T24] usb 4-1: config 3 has an invalid interface number: 14 but max is 0 [ 382.483364][ T24] usb 4-1: config 3 has no interface number 0 [ 382.489642][ T24] usb 4-1: config 3 interface 14 has no altsetting 0 [ 382.524867][ T24] usb 4-1: New USB device found, idVendor=045e, idProduct=02ae, bcdDevice=b8.0f [ 382.530943][ T30] audit: type=1326 audit(2000000127.809:1663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18171 comm="syz.0.3699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54e98e969 code=0x7ffc0000 [ 382.564874][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 382.573952][ T24] usb 4-1: Product: syz [ 382.578124][ T24] usb 4-1: Manufacturer: syz [ 382.588333][ T24] usb 4-1: SerialNumber: syz [ 382.731191][ T5999] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 382.887774][ T24] gspca_main: kinect-2.14.0 probing 045e:02ae [ 382.920911][ T5999] usb 6-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 382.933433][ T5999] usb 6-1: New USB device strings: Mfr=9, Product=2, SerialNumber=3 [ 382.944426][ T24] usb 4-1: USB disconnect, device number 13 [ 382.946104][T18145] loop6: detected capacity change from 0 to 32768 [ 382.971189][ T5999] usb 6-1: Product: syz [ 382.975368][ T5999] usb 6-1: Manufacturer: syz [ 383.019365][ T5999] usb 6-1: SerialNumber: syz [ 383.052009][T18145] ERROR: (device loop6): dtSearch: DT_GETPAGE: dtree page corrupt [ 383.052009][T18145] [ 383.082269][ T5999] usb 6-1: config 0 descriptor?? [ 383.112081][T18145] ERROR: (device loop6): remounting filesystem as read-only [ 383.143672][T18145] jfs_lookup: dtSearch returned -5 [ 383.301511][ T5999] hso 6-1:0.0: Failed to find BULK IN ep [ 383.351255][ T5999] usb-storage 6-1:0.0: USB Mass Storage device detected [ 383.500603][T18235] loop0: detected capacity change from 0 to 512 [ 383.558672][ T5999] usb 6-1: USB disconnect, device number 18 [ 383.583032][T18235] EXT4-fs (loop0): Test dummy encryption mode enabled [ 383.618219][T18235] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 383.696161][T18235] EXT4-fs (loop0): 1 truncate cleaned up [ 383.728019][T18235] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 383.858350][T18235] EXT4-fs error (device loop0): ext4_search_dir:1476: inode #2: block 13: comm syz.0.3710: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=16, rec_len=0, size=1024 fake=0 [ 383.948817][T18235] EXT4-fs (loop0): Remounting filesystem read-only [ 383.973078][T18257] loop3: detected capacity change from 0 to 64 [ 384.039409][T18257] Trying to free block not in datazone [ 384.080981][T18257] Trying to free block not in datazone [ 384.086476][T18257] Trying to free block not in datazone [ 384.098557][ T5821] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 384.120128][T18257] Trying to free block not in datazone [ 384.146124][T18257] minix_free_block (loop3:6): bit already cleared [ 384.172738][T18257] Trying to free block not in datazone [ 384.209258][T18257] Trying to free block not in datazone [ 384.697111][T18300] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3728'. [ 385.040501][T18318] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 385.367586][T18335] .: renamed from bond0 (while UP) [ 385.542772][T18345] netlink: 'syz.1.3744': attribute type 1 has an invalid length. [ 385.701975][T18294] loop3: detected capacity change from 0 to 32768 [ 385.736895][T18294] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3723 (18294) [ 385.815715][T18294] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 385.845070][T18360] tmpfs: Bad value for 'mpol' [ 385.876267][T18294] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 385.914828][T18294] BTRFS info (device loop3): disk space caching is enabled [ 385.930075][T18294] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 386.096893][T18383] loop5: detected capacity change from 0 to 512 [ 386.122429][T18294] BTRFS info (device loop3): rebuilding free space tree [ 386.191157][T18383] EXT4-fs: Ignoring removed i_version option [ 386.237438][T18383] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 386.258259][T18294] BTRFS info (device loop3): disabling free space tree [ 386.284338][T18294] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 386.326573][T18294] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 386.359510][T18383] EXT4-fs (loop5): 1 truncate cleaned up [ 386.448526][T18383] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 386.725424][ T5832] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 386.750214][ T5830] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 386.865292][T18418] netlink: 4232 bytes leftover after parsing attributes in process `syz.2.3763'. [ 387.010584][T18428] Scaler: ================= START STATUS ================= [ 387.018013][T18428] Scaler: ================== END STATUS ================== [ 387.607256][T18459] binfmt_misc: register: failed to install interpreter file ./file2 [ 387.822642][T18464] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3775'. [ 387.878594][T18464] unsupported nlmsg_type 40 [ 387.932139][T18470] loop6: detected capacity change from 0 to 2048 [ 388.057649][T18470] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 388.720951][T18522] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3793'. [ 388.983888][ T30] audit: type=1326 audit(2000000134.539:1664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18537 comm="syz.3.3798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbea0b8e969 code=0x7ffc0000 [ 389.070597][ T30] audit: type=1326 audit(2000000134.539:1665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18537 comm="syz.3.3798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbea0b8e969 code=0x7ffc0000 [ 389.161674][ T30] audit: type=1326 audit(2000000134.569:1666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18537 comm="syz.3.3798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7fbea0b8e969 code=0x7ffc0000 [ 389.313071][ T30] audit: type=1326 audit(2000000134.569:1667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18537 comm="syz.3.3798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbea0b8e969 code=0x7ffc0000 [ 389.433618][ T30] audit: type=1326 audit(2000000134.569:1668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18537 comm="syz.3.3798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbea0b8e969 code=0x7ffc0000 [ 389.903490][T18591] loop5: detected capacity change from 0 to 1024 [ 390.052478][T18599] loop0: detected capacity change from 0 to 256 [ 390.091504][T18599] FAT-fs (loop0): Directory bread(block 1285) failed [ 390.130907][T18599] FAT-fs (loop0): Directory bread(block 1286) failed [ 390.147049][T18599] FAT-fs (loop0): Directory bread(block 1287) failed [ 390.193613][T18599] FAT-fs (loop0): Directory bread(block 1288) failed [ 390.240559][T18599] FAT-fs (loop0): Directory bread(block 1289) failed [ 390.247393][T18599] FAT-fs (loop0): Directory bread(block 1290) failed [ 390.307661][T18599] FAT-fs (loop0): Directory bread(block 1291) failed [ 390.333611][T18599] FAT-fs (loop0): Directory bread(block 1292) failed [ 390.373119][T18599] FAT-fs (loop0): Directory bread(block 1293) failed [ 390.411934][T18599] FAT-fs (loop0): Directory bread(block 1294) failed [ 390.478469][T18625] netlink: 'syz.6.3828': attribute type 21 has an invalid length. [ 390.560027][T18625] netlink: 128 bytes leftover after parsing attributes in process `syz.6.3828'. [ 390.580399][T18625] netlink: 3 bytes leftover after parsing attributes in process `syz.6.3828'. [ 390.643631][T18634] tmpfs: Bad value for 'mpol' [ 390.739644][T18639] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3832'. [ 391.555390][T18686] loop0: detected capacity change from 0 to 1024 [ 391.609726][T18686] hfsplus: Filesystem is marked locked, mounting read-only. [ 391.710373][ T1625] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 391.762187][T18686] hfsplus: invalid catalog entry type in lookup [ 391.807720][T18704] kernel read not supported for file / -Ö9÷mZr†œ7³ÏüâW)ës“§Ç!Qöì¥fsõl{T‡rÒ)r§ÖOš˜õ2:"ôÀT+ÍŸv|Õ² (pid: 18704 comm: syz.2.3852) [ 391.888357][ T30] audit: type=1800 audit(2000000137.439:1669): pid=18704 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3852" name=202DD60E39F76D5A06720386019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B206 dev="mqueue" ino=36083 res=0 errno=0 [ 391.941069][ T1625] usb 6-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac [ 391.967538][ T1625] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 391.991902][ T1625] usb 6-1: Product: syz [ 391.996095][ T1625] usb 6-1: Manufacturer: syz [ 392.021825][ T1625] usb 6-1: SerialNumber: syz [ 392.046574][ T1625] usb 6-1: config 0 descriptor?? [ 392.074160][ T1625] gspca_main: sunplus-2.14.0 probing 055f:c230 [ 392.475465][ T1625] usb 6-1: USB disconnect, device number 19 [ 392.550136][T18755] netlink: 'syz.3.3864': attribute type 2 has an invalid length. [ 392.580055][T18755] netlink: 244 bytes leftover after parsing attributes in process `syz.3.3864'. [ 392.620099][ T972] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 392.800460][ T972] usb 1-1: Using ep0 maxpacket: 32 [ 392.822237][ T972] usb 1-1: config 2 has an invalid interface number: 1 but max is 0 [ 392.857734][ T972] usb 1-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 392.881892][ T972] usb 1-1: config 2 has 2 interfaces, different from the descriptor's value: 1 [ 392.897651][ T972] usb 1-1: New USB device found, idVendor=22b8, idProduct=2d97, bcdDevice=51.64 [ 392.912287][ T972] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 392.924305][ T972] usb 1-1: Product: syz [ 392.928487][ T972] usb 1-1: Manufacturer: syz [ 392.950001][ T972] usb 1-1: SerialNumber: syz [ 392.974153][ T972] cdc_acm 1-1:2.1: probe with driver cdc_acm failed with error -22 [ 393.038549][ T972] cdc_acm 1-1:2.0: probe with driver cdc_acm failed with error -22 [ 393.116654][T18784] loop6: detected capacity change from 0 to 164 [ 393.211207][ T972] usb 1-1: USB disconnect, device number 19 [ 393.463753][T18811] netlink: 1041 bytes leftover after parsing attributes in process `syz.2.3878'. [ 393.596009][T18817] netlink: 248 bytes leftover after parsing attributes in process `syz.1.3881'. [ 393.629045][T18817] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3881'. [ 393.923720][T18830] loop3: detected capacity change from 0 to 512 [ 393.966564][T18830] EXT4-fs: Ignoring removed orlov option [ 394.042386][T18830] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 394.085786][T18830] EXT4-fs (loop3): orphan cleanup on readonly fs [ 394.212103][T18830] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3885: bg 0: block 248: padding at end of block bitmap is not set [ 394.246665][T18851] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3892'. [ 394.393990][T18830] Quota error (device loop3): write_blk: dquota write failed [ 394.421296][T18851] bond1: entered promiscuous mode [ 394.428086][T18851] bond1: entered allmulticast mode [ 394.436056][T18851] 8021q: adding VLAN 0 to HW filter on device bond1 [ 394.450184][T18830] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 394.480765][T18830] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.3885: Failed to acquire dquot type 1 [ 394.560149][T18830] EXT4-fs (loop3): 1 truncate cleaned up [ 394.614726][T18830] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 394.709050][T18902] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3896'. [ 394.723829][T18904] loop2: detected capacity change from 0 to 256 [ 394.781514][T18830] EXT4-fs: Ignoring removed orlov option [ 394.789060][T18830] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 394.834580][T18909] netlink: 136 bytes leftover after parsing attributes in process `syz.6.3900'. [ 394.858899][T18904] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 394.871020][T18830] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 394.871551][T18830] EXT4-fs warning (device loop3): read_mmp_block:115: Error -117 while reading MMP block 0 [ 394.907239][T18903] loop0: detected capacity change from 0 to 4096 [ 395.088242][ T5832] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 395.400423][T18937] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 395.423190][T18941] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3908'. [ 395.610518][T18946] loop5: detected capacity change from 0 to 1764 [ 395.776404][T18961] nftables ruleset with unbound set [ 395.827265][T18967] netlink: 'syz.3.3917': attribute type 1 has an invalid length. [ 395.863845][T18967] netlink: 'syz.3.3917': attribute type 3 has an invalid length. [ 395.904527][T18967] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3917'. [ 396.045571][T18980] loop0: detected capacity change from 0 to 1024 [ 396.081565][ T5928] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 396.187028][T18987] loop3: detected capacity change from 0 to 164 [ 396.278672][ T5928] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 396.310177][ T5928] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 396.347878][ T5928] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 396.405397][ T5928] usb 3-1: config 1 has no interface number 0 [ 396.438947][ T5928] usb 3-1: too many endpoints for config 1 interface 1 altsetting 1: 32, using maximum allowed: 30 [ 396.500339][ T5928] usb 3-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 32 [ 396.528723][ T5928] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 396.558678][ T5928] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 396.586519][ T5928] usb 3-1: Product: syz [ 396.594766][ T5928] usb 3-1: Manufacturer: syz [ 396.599880][ T5928] usb 3-1: SerialNumber: syz [ 396.865815][T19023] loop3: detected capacity change from 0 to 512 [ 396.880898][ T5928] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71 [ 396.932299][ T5928] usb 3-1: USB disconnect, device number 30 [ 396.970076][ T24] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 396.994043][T19023] EXT4-fs (loop3): 1 orphan inode deleted [ 397.030257][ T12] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 397.046835][T19023] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 397.061162][ T12] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:0: Failed to release dquot type 1 [ 397.070101][T19023] ext4 filesystem being mounted at /722/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 397.197849][ T5832] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 397.213365][ T24] usb 7-1: config 0 has an invalid interface number: 194 but max is 0 [ 397.230032][ T24] usb 7-1: config 0 has no interface number 0 [ 397.262963][ T24] usb 7-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=7d.d2 [ 397.283408][ T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 397.314258][ T24] usb 7-1: Product: syz [ 397.341822][ T24] usb 7-1: Manufacturer: syz [ 397.367614][ T24] usb 7-1: SerialNumber: syz [ 397.440716][ T24] usb 7-1: config 0 descriptor?? [ 397.914340][ T24] usb 7-1: USB disconnect, device number 6 [ 397.929675][ T24] f81534a_ctrl 7-1:0.194: failed to set register 0x116: -19 [ 397.957426][ T24] f81534a_ctrl 7-1:0.194: failed to enable ports: -19 [ 398.298329][T19091] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3947'. [ 398.523654][T19060] loop3: detected capacity change from 0 to 32768 [ 398.666682][T19060] read_mapping_page failed! [ 398.682156][T19071] loop2: detected capacity change from 0 to 32768 [ 398.768307][T19071] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 398.885444][T19119] netlink: 'syz.1.3952': attribute type 10 has an invalid length. [ 398.978678][T19119] team0: Device ipvlan1 failed to register rx_handler [ 399.067005][T19071] XFS (loop2): Ending clean mount [ 399.084305][T19071] XFS (loop2): Quotacheck needed: Please wait. [ 399.103802][T19125] netlink: 256 bytes leftover after parsing attributes in process `syz.5.3955'. [ 399.114469][T19083] loop0: detected capacity change from 0 to 32768 [ 399.199616][T19071] XFS (loop2): Quotacheck: Done. [ 399.242175][T19083] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 399.387399][T19083] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 399.412341][ T5829] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 399.434801][T19138] loop3: detected capacity change from 0 to 64 [ 399.461631][T19083] (syz.0.3945,19083,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 399.511565][T19083] (syz.0.3945,19083,1):ocfs2_xattr_block_find:2831 ERROR: status = -12 [ 399.757725][ T5821] ocfs2: Unmounting device (7,0) on (node local) [ 399.820457][T19150] netlink: 'syz.1.3960': attribute type 10 has an invalid length. [ 399.849317][T19150] bridge0: port 2(bridge_slave_1) entered disabled state [ 399.856740][T19150] bridge0: port 1(bridge_slave_0) entered disabled state [ 399.973224][T19150] bridge0: port 2(bridge_slave_1) entered blocking state [ 399.981942][T19150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 399.989457][T19150] bridge0: port 1(bridge_slave_0) entered blocking state [ 399.996679][T19150] bridge0: port 1(bridge_slave_0) entered forwarding state [ 400.109518][T19118] loop6: detected capacity change from 0 to 32768 [ 400.152306][T19150] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 400.237775][T19118] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 400.395644][T19162] loop5: detected capacity change from 0 to 4096 [ 400.423828][T19118] XFS (loop6): Ending clean mount [ 400.426090][T19162] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 400.603501][T19162] ntfs3(loop5): Failed to initialize $Extend/$Reparse. [ 400.603512][T14792] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 400.831948][T19198] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3972'. [ 401.248841][T19222] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3979'. [ 401.330237][ T10] usb 6-1: new full-speed USB device number 20 using dummy_hcd [ 401.508832][ T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 401.519795][T19240] sctp: [Deprecated]: syz.0.3984 (pid 19240) Use of struct sctp_assoc_value in delayed_ack socket option. [ 401.519795][T19240] Use struct sctp_sack_info instead [ 401.561434][ T10] usb 6-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=21.78 [ 401.591361][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 401.617209][ T10] usb 6-1: Product: syz [ 401.626920][ T10] usb 6-1: Manufacturer: syz [ 401.638701][ T10] usb 6-1: SerialNumber: syz [ 401.683055][ T10] usb 6-1: config 0 descriptor?? [ 401.725082][ T30] audit: type=1326 audit(2000000147.279:1670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19249 comm="syz.6.3988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc219f8e969 code=0x7ffc0000 [ 401.798668][ T30] audit: type=1326 audit(2000000147.299:1671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19249 comm="syz.6.3988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc219f8e969 code=0x7ffc0000 [ 401.889033][ T30] audit: type=1326 audit(2000000147.309:1672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19249 comm="syz.6.3988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7fc219f8e969 code=0x7ffc0000 [ 401.989480][ T30] audit: type=1326 audit(2000000147.309:1673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19249 comm="syz.6.3988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc219f8e969 code=0x7ffc0000 [ 402.031135][T19264] netlink: 'syz.2.3992': attribute type 10 has an invalid length. [ 402.048202][ T30] audit: type=1326 audit(2000000147.309:1674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19249 comm="syz.6.3988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc219f8e969 code=0x7ffc0000 [ 402.071038][T19264] netlink: 392 bytes leftover after parsing attributes in process `syz.2.3992'. [ 402.144865][ T10] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 402.184293][ T10] asix 6-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 402.240378][ T10] asix 6-1:0.0: probe with driver asix failed with error -71 [ 402.308861][ T10] usb 6-1: USB disconnect, device number 20 [ 402.460213][T19284] loop2: detected capacity change from 0 to 1024 [ 402.630273][T19293] netlink: 'syz.3.4000': attribute type 21 has an invalid length. [ 402.664445][ T5910] hfsplus: b-tree write err: -5, ino 4 [ 402.906535][T19311] loop6: detected capacity change from 0 to 1024 [ 403.174615][T19327] loop0: detected capacity change from 0 to 64 [ 403.228481][ T53] hfsplus: b-tree write err: -5, ino 4 [ 403.310630][T19327] syz.0.4011: attempt to access beyond end of device [ 403.310630][T19327] loop0: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 403.374862][T19327] Buffer I/O error on dev loop0, logical block 134217734, async page read [ 403.497575][T19327] syz.0.4011: attempt to access beyond end of device [ 403.497575][T19327] loop0: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 403.580251][T19327] Buffer I/O error on dev loop0, logical block 134217734, async page read [ 404.372980][T19385] xt_socket: unknown flags 0xc [ 404.790923][T19418] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 404.814411][T19418] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 405.605219][T19461] netlink: 'syz.5.4055': attribute type 4 has an invalid length. [ 405.877484][T19410] loop3: detected capacity change from 0 to 32768 [ 405.900174][T19478] openvswitch: netlink: EtherType 0 is less than min 600 [ 405.920965][T19410] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4038 (19410) [ 406.042881][T19410] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 406.074273][T19486] netlink: 'syz.1.4064': attribute type 11 has an invalid length. [ 406.086589][T19410] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 406.095745][T19410] BTRFS info (device loop3): using free-space-tree [ 406.148499][T19486] netlink: 'syz.1.4064': attribute type 11 has an invalid length. [ 406.157038][T19486] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4064'. [ 406.711200][T19535] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4073'. [ 406.757719][ T5832] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 406.810049][ T10] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 407.040102][ T10] usb 7-1: config 220 has an invalid interface number: 76 but max is 2 [ 407.059225][ T10] usb 7-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 407.098462][ T10] usb 7-1: config 220 has no interface number 2 [ 407.108741][ T10] usb 7-1: config 220 interface 1 altsetting 5 has an endpoint descriptor with address 0x58, changing to 0x8 [ 407.160154][T19553] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode [ 407.167144][T19553] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode [ 407.189679][ T10] usb 7-1: config 220 interface 1 altsetting 5 endpoint 0x8 has invalid wMaxPacketSize 0 [ 407.225904][ T10] usb 7-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12 [ 407.260025][ T10] usb 7-1: config 220 interface 0 has no altsetting 0 [ 407.307108][ T10] usb 7-1: config 220 interface 76 has no altsetting 0 [ 407.355250][ T10] usb 7-1: config 220 interface 1 has no altsetting 0 [ 407.406025][ T10] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 407.455617][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 407.510010][ T10] usb 7-1: Product: syz [ 407.514206][ T10] usb 7-1: Manufacturer: syz [ 407.518821][ T10] usb 7-1: SerialNumber: syz [ 407.834331][ T10] usb 7-1: selecting invalid altsetting 0 [ 407.863020][ T10] usb 7-1: Found UVC 7.01 device syz (8086:0b07) [ 407.869422][ T10] usb 7-1: No valid video chain found. [ 407.917891][T19592] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4092'. [ 408.000933][ T10] usb 7-1: selecting invalid altsetting 0 [ 408.006705][ T10] usbtest 7-1:220.1: probe with driver usbtest failed with error -22 [ 408.080420][T19598] loop2: detected capacity change from 0 to 64 [ 408.102779][ T10] usb 7-1: USB disconnect, device number 7 [ 408.170006][T19598] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing [ 408.576650][T19627] loop5: detected capacity change from 0 to 2048 [ 408.618497][T19627] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 408.720644][ T1625] usb 4-1: new full-speed USB device number 14 using dummy_hcd [ 408.740207][T19637] xt_cgroup: xt_cgroup: no path or classid specified [ 408.903948][ T1625] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 408.935882][ T1625] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 408.995747][ T1625] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64 [ 409.033698][ T1625] usb 4-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 409.062805][ T1625] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 409.091885][ T1625] usb 4-1: Product: syz [ 409.108132][ T1625] usb 4-1: Manufacturer: syz [ 409.132464][ T1625] usb 4-1: SerialNumber: syz [ 409.188661][ T1625] usb 4-1: config 0 descriptor?? [ 409.200293][T19662] ubi31: detaching mtd0 [ 409.209797][T19620] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 409.221250][T19620] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 409.244173][T19662] ubi31: mtd0 is detached [ 409.260719][ T1625] usb 4-1: ucan: probing device on interface #0 [ 409.353401][ T972] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 409.420292][T19673] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 409.518184][T19677] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4113'. [ 409.562292][ T972] usb 3-1: New USB device found, idVendor=0c45, idProduct=608f, bcdDevice=b5.55 [ 409.574998][T19677] netlink: 7 bytes leftover after parsing attributes in process `syz.0.4113'. [ 409.583939][ T972] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 409.583968][ T972] usb 3-1: Product: syz [ 409.583988][ T972] usb 3-1: Manufacturer: syz [ 409.584006][ T972] usb 3-1: SerialNumber: syz [ 409.607360][ T972] usb 3-1: config 0 descriptor?? [ 409.629364][ T972] gspca_main: sonixb-2.14.0 probing 0c45:608f [ 409.673219][ T1625] usb 4-1: ucan: failed to retrieve device info [ 409.700530][ T1625] usb 4-1: ucan: probe failed; try to update the device firmware [ 409.816521][T19681] loop5: detected capacity change from 0 to 4096 [ 409.824237][ T1625] usb 4-1: USB disconnect, device number 14 [ 409.869901][T19681] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512). [ 410.098698][ T1625] usb 3-1: USB disconnect, device number 31 [ 411.004481][T19763] loop5: detected capacity change from 0 to 4096 [ 411.021660][T19763] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 411.103574][ T1625] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 411.160847][T19763] ntfs3(loop5): ino=19, mi_enum_attr [ 411.183057][T19763] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 411.239597][T19763] ntfs3(loop5): failed to convert "c46c" to macturkish [ 411.265742][T19763] ntfs3(loop5): ino=20, mi_enum_attr [ 411.300195][ T1625] usb 3-1: Using ep0 maxpacket: 32 [ 411.310433][ T1625] usb 3-1: config 0 has an invalid interface number: 35 but max is 0 [ 411.321975][ T1625] usb 3-1: config 0 has no interface number 0 [ 411.328098][ T1625] usb 3-1: config 0 interface 35 altsetting 2 endpoint 0x2 has an invalid bInterval 129, changing to 11 [ 411.368140][ T1625] usb 3-1: config 0 interface 35 has no altsetting 0 [ 411.401361][ T1625] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=6a.c2 [ 411.438358][T19788] xt_recent: Unsupported userspace flags (000000de) [ 411.447079][ T1625] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 411.465404][ T1625] usb 3-1: Product: syz [ 411.479747][ T1625] usb 3-1: Manufacturer: syz [ 411.498658][ T1625] usb 3-1: SerialNumber: syz [ 411.530089][ T1625] usb 3-1: config 0 descriptor?? [ 411.775490][ T1625] usbtest 3-1:0.35: Linux gadget zero [ 411.786831][ T1625] usbtest 3-1:0.35: high-speed {control in/out int-out} tests (+alt) [ 411.870724][ T972] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 411.921648][T19816] loop6: detected capacity change from 0 to 4096 [ 411.931272][ T5887] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 411.951366][T19816] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512). [ 411.996376][ T1625] usb 3-1: USB disconnect, device number 32 [ 412.070139][ T972] usb 6-1: Using ep0 maxpacket: 8 [ 412.092739][ T972] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 412.110368][ T5887] usb 1-1: Using ep0 maxpacket: 32 [ 412.123187][ T972] usb 6-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 412.136637][ T972] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 412.142047][ T5887] usb 1-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=8a.0a [ 412.164093][ T30] audit: type=1800 audit(2000000157.719:1675): pid=19816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.4149" name="file1" dev="loop6" ino=30 res=0 errno=0 [ 412.170084][ T972] usb 6-1: SerialNumber: syz [ 412.203867][ T5887] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 412.223319][ T5887] usb 1-1: Product: syz [ 412.237736][ T5887] usb 1-1: Manufacturer: syz [ 412.244851][ T5887] usb 1-1: SerialNumber: syz [ 412.268213][ T5887] usb 1-1: config 0 descriptor?? [ 412.277736][ T972] usb 6-1: config 0 descriptor?? [ 412.323905][ T972] usb 6-1: Found UVC 0.00 device (05ac:8501) [ 412.350455][ T972] uvcvideo 6-1:0.0: Entity type for entity Output 255 was not initialized! [ 412.359168][ T972] usb 6-1: Failed to create links for entity 255 [ 412.406175][ T972] usb 6-1: Failed to register entities (-22). [ 412.523914][ T1625] usb 1-1: USB disconnect, device number 20 [ 412.613210][ T5999] usb 6-1: USB disconnect, device number 21 [ 413.240462][T19897] netlink: 300 bytes leftover after parsing attributes in process `syz.0.4164'. [ 413.458486][T19912] loop5: detected capacity change from 0 to 512 [ 413.487194][T19912] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 413.520816][ T5887] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 413.537512][T19912] EXT4-fs (loop5): Test dummy encryption mode enabled [ 413.592507][T19912] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4168: invalid indirect mapped block 4294967295 (level 1) [ 413.616703][T19912] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4168: invalid indirect mapped block 4294967295 (level 1) [ 413.730207][ T5887] usb 7-1: Using ep0 maxpacket: 16 [ 413.747910][ T5887] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 413.763620][ T5887] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 413.783117][T19912] EXT4-fs (loop5): 2 truncates cleaned up [ 413.783228][ T5887] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 413.805223][T19912] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 413.827595][ T5887] usb 7-1: Product: syz [ 413.846355][ T5887] usb 7-1: Manufacturer: syz [ 413.855707][T19935] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4175'. [ 413.868822][ T5887] usb 7-1: SerialNumber: syz [ 413.898584][ T5887] usb 7-1: config 0 descriptor?? [ 413.928854][ T5887] hub 7-1:0.0: bad descriptor, ignoring hub [ 413.966529][ T5887] hub 7-1:0.0: probe with driver hub failed with error -5 [ 413.993650][ T5887] input: syz syz as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input14 [ 414.048854][ T5830] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 414.094473][T19949] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4178'. [ 414.193522][T19949] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 35748 - 0 [ 414.222367][T19949] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 35748 - 0 [ 414.249360][T19949] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 35748 - 0 [ 414.326545][T19949] geneve2: entered promiscuous mode [ 414.361501][T19949] geneve2: entered allmulticast mode [ 414.719025][T19977] loop0: detected capacity change from 0 to 2048 [ 414.744373][T19977] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 415.074350][T19994] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4190'. [ 415.546264][T20018] openvswitch: netlink: IP tunnel dst address not specified [ 416.056108][ T24] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 416.177216][T20059] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4210'. [ 416.220040][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 416.241383][T20059] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode broadcast(3) [ 416.268432][ T24] usb 1-1: config index 0 descriptor too short (expected 16456, got 72) [ 416.311629][ T24] usb 1-1: config 0 has an invalid interface number: 125 but max is 1 [ 416.330360][ T24] usb 1-1: config 0 has an invalid interface number: 125 but max is 1 [ 416.364601][ T24] usb 1-1: config 0 has an invalid interface number: 125 but max is 1 [ 416.393943][ T24] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 416.429988][ T24] usb 1-1: config 0 has no interface number 0 [ 416.458699][ T24] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 416.520068][ T24] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 416.567233][ T24] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 416.609992][ T24] usb 1-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 416.664729][ T24] usb 1-1: config 0 interface 125 has no altsetting 0 [ 416.710396][ T24] usb 1-1: config 0 interface 125 has no altsetting 2 [ 416.744291][ T24] usb 1-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 416.768671][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 416.798129][ T24] usb 1-1: Product: syz [ 416.819970][ T24] usb 1-1: Manufacturer: syz [ 416.865659][ T24] usb 1-1: SerialNumber: syz [ 416.896203][ T24] usb 1-1: config 0 descriptor?? [ 416.936349][ T24] usb 1-1: selecting invalid altsetting 2 [ 417.218911][T20114] ip6t_srh: unknown srh invflags 7D00 [ 417.337253][ C1] usb 1-1: async_complete: urb error -71 [ 417.343057][ C1] usb 1-1: async_complete: urb error -71 [ 417.348796][ C1] usb 1-1: async_complete: urb error -71 [ 417.369674][ T24] get_1284_register: usb error -71 [ 417.375062][ T24] uss720 1-1:0.125: probe with driver uss720 failed with error -71 [ 417.415217][ T24] usb 1-1: USB disconnect, device number 21 [ 417.643171][ T1625] usb 7-1: USB disconnect, device number 8 [ 418.260254][ T24] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 418.270377][T20186] openvswitch: netlink: Message has 4 unknown bytes. [ 418.450425][ T24] usb 3-1: Using ep0 maxpacket: 32 [ 418.466674][ T24] usb 3-1: config 2 has an invalid interface number: 16 but max is 0 [ 418.514254][ T24] usb 3-1: config 2 has no interface number 0 [ 418.539801][ T24] usb 3-1: config 2 interface 16 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 418.582522][ T24] usb 3-1: New USB device found, idVendor=0499, idProduct=102a, bcdDevice=85.2d [ 418.605043][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 418.619478][T20201] bond0: (slave veth0_to_hsr): Error: Device can not be enslaved while up [ 418.637345][ T24] usb 3-1: Product: syz [ 418.652251][ T24] usb 3-1: Manufacturer: syz [ 418.670892][ T24] usb 3-1: SerialNumber: syz [ 418.698762][T20168] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 418.771151][ T24] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 418.807796][T20209] netlink: 'syz.0.4257': attribute type 2 has an invalid length. [ 419.086421][ T24] usb 3-1: USB disconnect, device number 33 [ 419.100325][T20233] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 419.296240][ T6005] udevd[6005]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:2.16/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 419.444665][T20266] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 419.582200][T20271] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4269'. [ 419.650606][T20271] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4269'. [ 419.702479][T20278] loop3: detected capacity change from 0 to 64 [ 419.789161][T20278] Trying to free block not in datazone [ 420.019111][ T30] audit: type=1326 audit(2000000165.569:1676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20300 comm="syz.0.4278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54e98e969 code=0x7ffc0000 [ 420.110637][ T30] audit: type=1326 audit(2000000165.569:1677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20300 comm="syz.0.4278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54e98e969 code=0x7ffc0000 [ 420.200032][ T972] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 420.420974][ T972] usb 6-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 420.436593][T20322] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4285'. [ 420.457954][ T972] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 420.510479][ T972] usb 6-1: Product: syz [ 420.530413][ T972] usb 6-1: Manufacturer: syz [ 420.535058][ T972] usb 6-1: SerialNumber: syz [ 420.596391][T20327] openvswitch: netlink: Flow key attr not present in new flow. [ 420.605916][ T972] r8152-cfgselector 6-1: Unknown version 0x0000 [ 420.613933][ T972] r8152-cfgselector 6-1: config 0 descriptor?? [ 421.087579][ T972] r8152-cfgselector 6-1: USB disconnect, device number 22 [ 421.121641][T20357] loop2: detected capacity change from 0 to 512 [ 421.204285][T20357] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 421.230288][T20357] ext4 filesystem being mounted at /753/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 421.324524][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 421.490259][ T5928] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 421.693337][ T5928] usb 2-1: Using ep0 maxpacket: 8 [ 421.718149][ T5928] usb 2-1: New USB device found, idVendor=0458, idProduct=7003, bcdDevice=7a.1a [ 421.766155][ T5928] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 421.776816][ T5928] usb 2-1: Product: syz [ 421.786928][ T5928] usb 2-1: Manufacturer: syz [ 421.803139][ T5928] usb 2-1: SerialNumber: syz [ 421.810540][ T5887] usb 1-1: new full-speed USB device number 22 using dummy_hcd [ 421.837262][ T5928] usb 2-1: config 0 descriptor?? [ 421.872707][ T5928] gspca_main: sn9c2028-2.14.0 probing 0458:7003 [ 422.024092][ T5887] usb 1-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 422.048202][ T5887] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 422.092508][ T5887] usb 1-1: Product: syz [ 422.111208][T20421] loop6: detected capacity change from 0 to 1024 [ 422.115512][ T5887] usb 1-1: Manufacturer: syz [ 422.152429][ T5887] usb 1-1: SerialNumber: syz [ 422.193716][T20421] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 422.197734][ T5887] usb 1-1: config 0 descriptor?? [ 422.269575][ T5928] gspca_sn9c2028: read1 error -71 [ 422.275082][ T5928] gspca_sn9c2028: read1 error -71 [ 422.289612][ T5928] sn9c2028 2-1:0.0: probe with driver sn9c2028 failed with error -71 [ 422.303406][ T5928] usb 2-1: USB disconnect, device number 28 [ 422.408332][T14792] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 422.461270][ T24] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 422.639996][ T24] usb 6-1: Using ep0 maxpacket: 32 [ 422.671390][ T24] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 422.690456][ T24] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 422.731086][ T5887] airspy 1-1:0.0: usb_control_msg() failed -71 request 0a [ 422.740179][ T24] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 422.753561][ T5887] airspy 1-1:0.0: Could not detect board [ 422.759306][ T5887] airspy 1-1:0.0: probe with driver airspy failed with error -71 [ 422.769748][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 422.809218][ T24] hub 6-1:4.0: USB hub found [ 422.836217][ T5887] usb 1-1: USB disconnect, device number 22 [ 423.015307][ T24] hub 6-1:4.0: 2 ports detected [ 423.034216][ T24] usb 6-1: selecting invalid altsetting 1 [ 423.045622][ T24] hub 6-1:4.0: Using single TT (err -22) [ 423.080905][ T5928] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 423.163592][T20495] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4324'. [ 423.226594][ T24] hub 6-1:4.0: hub_hub_status failed (err = -71) [ 423.249433][ T24] hub 6-1:4.0: config failed, can't get hub status (err -71) [ 423.253117][ T5928] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 423.296651][ T5928] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 423.321807][ T24] usb 6-1: USB disconnect, device number 23 [ 423.328303][ T5928] usb 7-1: Product: syz [ 423.346598][ T5928] usb 7-1: Manufacturer: syz [ 423.366873][ T5928] usb 7-1: SerialNumber: syz [ 423.430111][ T5928] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 423.486638][ T5999] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 423.514925][T20516] binder: 20514:20516 ioctl c0306201 200000000100 returned -14 [ 423.772405][ C0] usb 7-1: ath: unknown panic pattern! [ 423.991973][ T24] usb 7-1: USB disconnect, device number 9 [ 424.211016][T20554] SET target dimension over the limit! [ 424.280047][ T5887] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 424.440037][ T5887] usb 6-1: Using ep0 maxpacket: 8 [ 424.459108][ T5887] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 424.488329][ T5887] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 424.513813][ T5928] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 424.527298][ T5887] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 424.550008][ T5887] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 16374, setting to 1024 [ 424.624355][ T5887] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 424.630669][ T5999] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 424.672860][ T5999] ath9k_htc: Failed to initialize the device [ 424.688393][ T5887] usb 6-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 424.698331][ T24] usb 7-1: ath9k_htc: USB layer deinitialized [ 424.710059][ T5928] usb 2-1: Using ep0 maxpacket: 32 [ 424.728863][ T5928] usb 2-1: config 2 has an invalid interface number: 1 but max is 0 [ 424.747890][ T5928] usb 2-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 424.758151][ T5887] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 424.799699][ T5928] usb 2-1: config 2 has 2 interfaces, different from the descriptor's value: 1 [ 424.802621][ T5887] usb 6-1: config 0 descriptor?? [ 424.833417][ T5928] usb 2-1: New USB device found, idVendor=22b8, idProduct=2d97, bcdDevice=51.64 [ 424.866739][T20537] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 424.870563][ T5928] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 424.940328][ T5928] usb 2-1: Product: syz [ 424.948624][ T5928] usb 2-1: Manufacturer: syz [ 424.969340][ T5928] usb 2-1: SerialNumber: syz [ 425.008757][T20593] loop2: detected capacity change from 0 to 1024 [ 425.019381][ T5928] cdc_acm 2-1:2.1: probe with driver cdc_acm failed with error -22 [ 425.210819][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.222970][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.230046][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.237532][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.244496][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.260712][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.267557][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.274587][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.282308][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.289248][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.296389][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.303383][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.310244][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.317681][ T5928] usb 2-1: USB disconnect, device number 29 [ 425.317764][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.334288][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.344785][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.351670][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.358612][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.365925][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.373202][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.380255][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.387162][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.397281][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.407717][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.414779][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.421740][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.430175][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.437335][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.444576][ T5844] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 425.497827][T20613] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4351'. [ 425.546747][ T5837] Bluetooth: hci7: Opcode 0x0c03 failed: -71 [ 425.562979][ T972] usb 6-1: USB disconnect, device number 24 [ 426.003959][T20652] NILFS (nullb0): couldn't find nilfs on the device [ 426.223200][T20598] loop6: detected capacity change from 0 to 32768 [ 426.294170][T20598] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 426.595484][T20598] XFS (loop6): Ending clean mount [ 426.618774][T20598] XFS (loop6): Quotacheck needed: Please wait. [ 426.698519][T20598] XFS (loop6): Quotacheck: Done. [ 426.886169][T14792] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 427.012202][T20747] netlink: 'syz.5.4372': attribute type 7 has an invalid length. [ 428.359546][T20820] loop6: detected capacity change from 0 to 47 [ 428.493818][T20826] loop0: detected capacity change from 0 to 512 [ 428.650926][T20826] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 428.663645][T20826] ext4 filesystem being mounted at /725/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 428.853338][T20846] loop6: detected capacity change from 0 to 2048 [ 428.887778][ T5821] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 429.062220][T20846] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 429.161108][T20846] ext4 filesystem being mounted at /226/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 429.199743][ T30] audit: type=1326 audit(2000000174.749:1678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20873 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e898e969 code=0x7ffc0000 [ 429.281177][T20846] EXT4-fs error (device loop6): ext4_xattr_block_find:1869: inode #15: comm syz.6.4404: corrupted xattr block 128: bad e_name length [ 429.318973][ T30] audit: type=1326 audit(2000000174.749:1679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20873 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e898e969 code=0x7ffc0000 [ 429.423010][ T30] audit: type=1326 audit(2000000174.799:1680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20873 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f91e898e969 code=0x7ffc0000 [ 429.480032][ T30] audit: type=1326 audit(2000000174.799:1681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20873 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e898e969 code=0x7ffc0000 [ 429.508913][T14792] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 429.556623][ T30] audit: type=1326 audit(2000000174.799:1682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20873 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e898e969 code=0x7ffc0000 [ 429.792720][T20903] loop2: detected capacity change from 0 to 64 [ 429.824268][T20906] netlink: 'syz.6.4419': attribute type 16 has an invalid length. [ 429.866055][T20906] netlink: 'syz.6.4419': attribute type 17 has an invalid length. [ 430.017249][T20906] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 430.048576][T20917] loop0: detected capacity change from 0 to 256 [ 430.063584][T20919] netlink: 'syz.3.4425': attribute type 1 has an invalid length. [ 430.067048][T20917] exfat: Deprecated parameter 'namecase' [ 430.091766][T20919] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4425'. [ 430.123860][T20917] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1cbb3694, utbl_chksum : 0xe619d30d) [ 430.280123][T20917] exFAT-fs (loop0): error, in sector 160, dentry 5 should be unused, but 0xc1 [ 430.970054][ T1625] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 430.991233][T20977] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4445'. [ 431.044797][T20977] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4445'. [ 431.180421][ T1625] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 431.224742][ T1625] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8 [ 431.293779][ T1625] usb 4-1: New USB device found, idVendor=0499, idProduct=103e, bcdDevice=4e.18 [ 431.311705][ T1625] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 431.331233][ T1625] usb 4-1: Product: syz [ 431.335417][ T1625] usb 4-1: Manufacturer: syz [ 431.397325][ T1625] usb 4-1: SerialNumber: syz [ 431.420384][ T1625] usb 4-1: config 0 descriptor?? [ 431.525667][T21001] loop2: detected capacity change from 0 to 2048 [ 431.585395][T21012] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4456'. [ 431.627786][T21001] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 431.646766][ T1625] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 431.913922][ T1625] usb 4-1: USB disconnect, device number 15 [ 432.031779][T21054] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4463'. [ 432.186322][T21054] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6erspan0 [ 432.227787][ T6595] udevd[6595]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 432.313337][T21072] netlink: 'syz.0.4468': attribute type 21 has an invalid length. [ 432.365607][T21072] netlink: 128 bytes leftover after parsing attributes in process `syz.0.4468'. [ 432.365727][T21076] netlink: 'syz.1.4469': attribute type 10 has an invalid length. [ 432.384997][T21072] netlink: 'syz.0.4468': attribute type 4 has an invalid length. [ 432.394519][T21072] netlink: 'syz.0.4468': attribute type 5 has an invalid length. [ 432.404073][T21072] netlink: 3 bytes leftover after parsing attributes in process `syz.0.4468'. [ 432.414028][T21076] netlink: 156 bytes leftover after parsing attributes in process `syz.1.4469'. [ 432.784963][T21094] loop2: detected capacity change from 0 to 1024 [ 433.272283][T21123] ipt_rpfilter: unknown options [ 433.379830][T21131] cgroup: name respecified [ 433.836868][T21152] SET target dimension over the limit! [ 433.889399][T21156] loop2: detected capacity change from 0 to 128 [ 433.980339][T21160] netlink: 'syz.5.4497': attribute type 3 has an invalid length. [ 433.994160][T21160] netlink: 3 bytes leftover after parsing attributes in process `syz.5.4497'. [ 434.080118][ T30] audit: type=1326 audit(2000000179.629:1683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21163 comm="syz.6.4498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc219f8e969 code=0x7ffc0000 [ 434.120343][T21107] loop3: detected capacity change from 0 to 32768 [ 434.174703][T21107] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4479 (21107) [ 434.200726][ T30] audit: type=1326 audit(2000000179.629:1684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21163 comm="syz.6.4498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc219f8e969 code=0x7ffc0000 [ 434.245952][T21107] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 434.275189][T21107] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 434.318398][ T30] audit: type=1326 audit(2000000179.679:1685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21163 comm="syz.6.4498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7fc219f8e969 code=0x7ffc0000 [ 434.353608][T21107] BTRFS info (device loop3): disk space caching is enabled [ 434.380035][T21107] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 434.453066][ T30] audit: type=1326 audit(2000000179.679:1686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21163 comm="syz.6.4498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc219f8e969 code=0x7ffc0000 [ 434.550022][ T24] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 434.610112][ T30] audit: type=1326 audit(2000000179.679:1687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21163 comm="syz.6.4498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc219f8e969 code=0x7ffc0000 [ 434.696817][T21107] BTRFS info (device loop3): rebuilding free space tree [ 434.763665][ T24] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 434.787845][ T24] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 434.812361][T21107] BTRFS info (device loop3): disabling free space tree [ 434.830015][ T24] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 434.863559][ T24] usb 3-1: config 1 has no interface number 0 [ 434.869688][ T24] usb 3-1: too many endpoints for config 1 interface 1 altsetting 1: 32, using maximum allowed: 30 [ 434.880081][T21107] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 434.928199][ T24] usb 3-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 32 [ 434.950422][T21107] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 434.980452][ T24] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 435.021638][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 435.029658][ T24] usb 3-1: Product: syz [ 435.074084][ T24] usb 3-1: Manufacturer: syz [ 435.116587][ T24] usb 3-1: SerialNumber: syz [ 435.337900][ T5832] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 435.671132][ T24] usb 3-1: USB disconnect, device number 34 [ 435.705579][T21259] netlink: 'syz.5.4520': attribute type 10 has an invalid length. [ 435.769035][T21259] macvlan0: entered promiscuous mode [ 435.798738][T21259] macvlan0: entered allmulticast mode [ 435.871525][T21259] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 436.182380][T21278] netlink: 'syz.0.4526': attribute type 21 has an invalid length. [ 436.260096][T21278] netlink: 168 bytes leftover after parsing attributes in process `syz.0.4526'. [ 437.091230][T21327] usb usb1: usbfs: process 21327 (syz.5.4543) did not claim interface 38 before use [ 437.720070][T21364] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4558'. [ 437.750513][T21364] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4558'. [ 438.177195][T21384] loop2: detected capacity change from 0 to 128 [ 438.228060][T21384] FAT-fs (loop2): Directory bread(block 11554) failed [ 438.228537][T21389] ieee802154 phy0 wpan0: encryption failed: -22 [ 438.266630][T21384] FAT-fs (loop2): Directory bread(block 11555) failed [ 438.271791][T21390] loop3: detected capacity change from 0 to 1024 [ 438.286853][T21384] FAT-fs (loop2): Directory bread(block 11556) failed [ 438.298037][T21390] EXT4-fs: Ignoring removed bh option [ 438.324450][T21384] FAT-fs (loop2): Directory bread(block 11557) failed [ 438.334475][T21390] EXT4-fs: inline encryption not supported [ 438.374196][T21384] FAT-fs (loop2): Directory bread(block 11558) failed [ 438.394326][T21384] FAT-fs (loop2): Directory bread(block 11559) failed [ 438.410195][T21390] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 438.420025][T21384] FAT-fs (loop2): Directory bread(block 11560) failed [ 438.446840][T21384] FAT-fs (loop2): Directory bread(block 11561) failed [ 438.451411][T21390] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 438.472260][T21384] FAT-fs (loop2): Directory bread(block 11562) failed [ 438.495349][T21384] FAT-fs (loop2): Directory bread(block 11563) failed [ 438.520667][T21399] xt_hashlimit: size too large, truncated to 1048576 [ 438.557278][T21399] xt_hashlimit: max too large, truncated to 1048576 [ 438.565269][T21390] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #3: block 2: comm syz.3.4565: lblock 2 mapped to illegal pblock 2 (length 1) [ 438.584590][T21390] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 438.592888][T21390] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #3: block 48: comm syz.3.4565: lblock 0 mapped to illegal pblock 48 (length 1) [ 438.608838][T21390] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 438.637085][T21390] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.4565: Failed to acquire dquot type 0 [ 438.668696][T21390] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 438.681278][T21399] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 438.708969][T21390] EXT4-fs error (device loop3): ext4_evict_inode:259: inode #11: comm syz.3.4565: mark_inode_dirty error [ 438.746246][T21390] EXT4-fs warning (device loop3): ext4_evict_inode:262: couldn't mark inode dirty (err -117) [ 438.781152][T21390] EXT4-fs (loop3): 1 orphan inode deleted [ 438.815077][ T12] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 438.841006][T21390] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 438.894883][ T12] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 438.940087][ T12] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:0: Failed to release dquot type 0 [ 439.019504][T21390] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #3: block 1: comm syz.3.4565: lblock 1 mapped to illegal pblock 1 (length 1) [ 439.090602][T21390] Quota error (device loop3): find_next_id: Can't read quota tree block 1 [ 439.250483][T21378] loop6: detected capacity change from 0 to 32768 [ 439.271924][ T5832] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 439.295955][ T5832] EXT4-fs error (device loop3): __ext4_get_inode_loc:4450: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 439.343552][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.352739][ T5832] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 439.360302][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.425506][ T5832] EXT4-fs error (device loop3): ext4_quota_off:7219: inode #3: comm syz-executor: mark_inode_dirty error [ 439.522081][T21425] sp0: Synchronizing with TNC [ 439.700544][T21446] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4581'. [ 440.004184][T21436] loop5: detected capacity change from 0 to 8192 [ 440.304505][T21471] loop3: detected capacity change from 0 to 64 [ 440.339394][T21472] geneve3: entered promiscuous mode [ 440.403221][T21482] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.677922][T21496] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 441.000285][T21511] loop3: detected capacity change from 0 to 256 [ 441.099230][T21520] openvswitch: netlink: Tunnel attr 130 out of range max 16 [ 441.217993][T21522] loop0: detected capacity change from 0 to 512 [ 441.281230][T21522] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 441.289170][T21522] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002] [ 441.310432][T21522] EXT4-fs (loop0): orphan cleanup on readonly fs [ 441.344618][T21522] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279949761 > max in inode 13 [ 441.461603][T21522] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279949762 > max in inode 13 [ 441.497917][T21540] loop5: detected capacity change from 0 to 4096 [ 441.516713][T21522] EXT4-fs (loop0): 1 truncate cleaned up [ 441.557513][T21546] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4612'. [ 441.578205][T21522] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 441.714318][T21555] xt_policy: neither incoming nor outgoing policy selected [ 441.736584][T21522] EXT4-fs warning (device loop0): dx_probe:863: inode #2: comm syz.0.4606: dx entry: limit 65535 != root limit 120 [ 441.806872][T21522] EXT4-fs warning (device loop0): dx_probe:936: inode #2: comm syz.0.4606: Corrupt directory, running e2fsck is recommended [ 442.011989][ T5821] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 442.030226][T21568] openvswitch: netlink: Key 22 has unexpected len 2 expected 4 [ 442.470430][ T5999] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 442.575604][T21607] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4630'. [ 442.650411][ T5999] usb 3-1: Using ep0 maxpacket: 32 [ 442.698350][ T5999] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 52, changing to 7 [ 442.740020][ T5999] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 9272, setting to 1024 [ 442.798674][ T5999] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16 [ 442.819192][ T5999] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 442.860020][ T5999] usb 3-1: Product: syz [ 442.874771][ T5999] usb 3-1: Manufacturer: syz [ 442.894756][ T5999] usb 3-1: SerialNumber: syz [ 442.935425][ T5999] usb 3-1: config 0 descriptor?? [ 442.956217][T21620] loop5: detected capacity change from 0 to 2048 [ 443.041496][ T5999] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 443.074747][T21620] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 443.178838][ T1100] usb 3-1: Failed to submit usb control message: -71 [ 443.179188][ T5928] usb 3-1: USB disconnect, device number 35 [ 443.205802][ T1100] usb 3-1: unable to send the bmi data to the device: -71 [ 443.223467][T21620] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 443.252451][ T1100] usb 3-1: unable to get target info from device [ 443.268318][ T1100] usb 3-1: could not get target info (-71) [ 443.275714][ T1100] usb 3-1: could not probe fw (-71) [ 443.448672][ T30] audit: type=1326 audit(2000000188.999:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21665 comm="syz.1.4644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e898e969 code=0x7ffc0000 [ 443.490656][ T5830] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 443.520361][ T5999] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 443.520729][ T30] audit: type=1326 audit(2000000188.999:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21665 comm="syz.1.4644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e898e969 code=0x7ffc0000 [ 443.538603][T21671] netlink: zone id is out of range [ 443.566661][ T30] audit: type=1326 audit(2000000189.029:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21665 comm="syz.1.4644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f91e898e969 code=0x7ffc0000 [ 443.593086][ T30] audit: type=1326 audit(2000000189.029:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21665 comm="syz.1.4644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e898e969 code=0x7ffc0000 [ 443.617015][ T30] audit: type=1326 audit(2000000189.029:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21665 comm="syz.1.4644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e898e969 code=0x7ffc0000 [ 443.720550][ T5999] usb 7-1: Using ep0 maxpacket: 8 [ 443.743622][ T5999] usb 7-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=a8.17 [ 443.786057][ T5999] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 443.820042][ T5999] usb 7-1: Product: syz [ 443.841478][ T5999] usb 7-1: Manufacturer: syz [ 443.846151][ T5999] usb 7-1: SerialNumber: syz [ 443.891420][ T5999] usb 7-1: config 0 descriptor?? [ 443.922907][ T5999] hub 7-1:0.0: bad descriptor, ignoring hub [ 443.928850][ T5999] hub 7-1:0.0: probe with driver hub failed with error -5 [ 443.978283][ T5999] gspca_main: jeilinj-2.14.0 probing 0979:0270 [ 444.110083][ T5999] usb 7-1: USB disconnect, device number 10 [ 444.150486][ T5928] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 444.181179][T21710] SET target dimension over the limit! [ 444.340609][ T5928] usb 6-1: config 0 has an invalid interface number: 255 but max is 0 [ 444.366743][ T5928] usb 6-1: config 0 has no interface number 0 [ 444.384090][ T5928] usb 6-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30 [ 444.424735][ T5928] usb 6-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 444.431071][T21720] dvmrp0: entered allmulticast mode [ 444.472080][ T5928] usb 6-1: config 0 interface 255 has no altsetting 0 [ 444.478904][ T5928] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 444.488684][ T5928] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 444.510974][ T5928] usb 6-1: config 0 descriptor?? [ 444.520408][T21729] ptrace attach of "./syz-executor exec"[5823] was attempted by ""[21729] [ 444.529812][ T5928] cp210x 6-1:0.255: cp210x converter detected [ 444.843377][ T5844] Bluetooth: hci5: unexpected event for opcode 0x203d [ 444.955150][ T5928] cp210x 6-1:0.255: failed to get vendor val 0x000e size 3: -71 [ 445.003160][ T5928] usb 6-1: cp210x converter now attached to ttyUSB0 [ 445.030787][ T5928] usb 6-1: USB disconnect, device number 25 [ 445.103050][ T5928] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 445.140905][ T5928] cp210x 6-1:0.255: device disconnected [ 445.352789][T21787] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4675'. [ 445.387943][T21788] netlink: 'syz.0.4674': attribute type 21 has an invalid length. [ 445.458022][T21788] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4674'. [ 445.535901][ T30] audit: type=1400 audit(2000000191.079:1693): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=21794 comm="syz.2.4677" [ 445.775099][T21806] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 445.782395][T21806] IPv6: NLM_F_CREATE should be set when creating new route [ 445.789726][T21806] IPv6: NLM_F_CREATE should be set when creating new route [ 446.387121][T21843] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4694'. [ 446.428967][T21843] netlink: 48 bytes leftover after parsing attributes in process `syz.6.4694'. [ 446.492744][T21843] netlink: 48 bytes leftover after parsing attributes in process `syz.6.4694'. [ 446.530211][ T5844] Bluetooth: hci6: command 0x0406 tx timeout [ 446.629440][T21859] netlink: 'syz.2.4699': attribute type 1 has an invalid length. [ 446.745842][T21863] xfrm1: entered allmulticast mode [ 446.751168][ T972] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 446.913224][ T972] usb 6-1: Using ep0 maxpacket: 16 [ 446.968509][ T972] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 447.007948][ T972] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 447.018255][T21816] loop0: detected capacity change from 0 to 32768 [ 447.027910][ T972] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 447.041670][ T5887] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 447.050786][ T972] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 447.069609][ T972] usb 6-1: Product: syz [ 447.081570][T21816] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4683 (21816) [ 447.089462][ T972] usb 6-1: Manufacturer: syz [ 447.112537][ T972] usb 6-1: SerialNumber: syz [ 447.175360][T21816] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 447.202063][T21891] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 447.232013][ T5887] usb 7-1: Using ep0 maxpacket: 32 [ 447.240984][T21816] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 447.277402][ T5887] usb 7-1: config 0 has an invalid interface number: 223 but max is 0 [ 447.292231][T21816] BTRFS info (device loop0): disk space caching is enabled [ 447.303390][ T5887] usb 7-1: config 0 has no interface number 0 [ 447.309494][ T5887] usb 7-1: config 0 interface 223 has no altsetting 0 [ 447.332112][T21816] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 447.369179][ T972] usb 6-1: 0:2 : does not exist [ 447.370266][T21897] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 447.392658][ T5887] usb 7-1: New USB device found, idVendor=110a, idProduct=1618, bcdDevice=77.8e [ 447.404257][ T5887] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 447.430748][ T5887] usb 7-1: Product: syz [ 447.441505][ T5887] usb 7-1: Manufacturer: syz [ 447.442720][ T972] usb 6-1: 5:0: cannot get min/max values for control 5 (id 5) [ 447.454024][ T5887] usb 7-1: SerialNumber: syz [ 447.512695][ T5887] usb 7-1: config 0 descriptor?? [ 447.538896][ T972] usb 6-1: 5:0: cannot get min/max values for control 5 (id 5) [ 447.588043][T21816] BTRFS info (device loop0): rebuilding free space tree [ 447.702492][T21816] BTRFS info (device loop0): disabling free space tree [ 447.709459][T21816] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 447.724216][ T972] usb 6-1: 5:0: cannot get min/max values for control 5 (id 5) [ 447.770009][T21816] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 447.788410][ T972] usb 6-1: USB disconnect, device number 26 [ 447.888642][ T5975] udevd[5975]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 447.939377][ T5887] mxuport 7-1:0.223: mxuport_recv_ctrl_urb - usb_control_msg failed (-71) [ 447.979546][ T5887] mxuport 7-1:0.223: probe with driver mxuport failed with error -5 [ 447.987930][T21945] netlink: 'syz.2.4713': attribute type 1 has an invalid length. [ 448.046940][T21816] BTRFS info (device loop0): balance: start -d -m -slimit=0 [ 448.055810][ T5887] usb 7-1: USB disconnect, device number 11 [ 448.137148][T21816] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata [ 448.328504][T21816] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata [ 448.472842][T21816] BTRFS info (device loop0): balance: canceled [ 448.700328][ T5821] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 448.783879][T21979] ieee802154 phy0 wpan0: encryption failed: -22 [ 449.280291][T21997] (unnamed net_device) (uninitialized): option primary_reselect: invalid value (65) [ 449.560432][T21952] loop3: detected capacity change from 0 to 32768 [ 449.648087][T22015] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 449.664363][T21952] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 449.682222][T22016] loop0: detected capacity change from 0 to 256 [ 449.694966][T22023] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4736'. [ 450.106503][T21952] XFS (loop3): Ending clean mount [ 450.214970][T22048] loop0: detected capacity change from 0 to 512 [ 450.326892][T22048] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 450.398599][T22048] ext4 filesystem being mounted at /777/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 450.409641][ T5832] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 450.446061][T22048] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 450.960434][T22094] loop5: detected capacity change from 0 to 16 [ 451.070326][T22094] erofs (device loop5): mounted with root inode @ nid 36. [ 451.108721][T22094] erofs (device loop5): readahead error at folio 2 @ nid 89 [ 451.140857][ T972] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 451.202231][ T5837] erofs (device loop5): failed to decompress 5567 in[4096, 0] out[8192] [ 451.213480][T22094] erofs (device loop5): failed to decompress 5567 in[4096, 0] out[8192] [ 451.215680][T22113] xt_TCPMSS: Only works on TCP SYN packets [ 451.231175][T22094] erofs (device loop5): read error -117 @ 0 of nid 89 [ 451.260343][ T30] audit: type=1800 audit(2000000196.799:1694): pid=22094 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.4757" name="file3" dev="loop5" ino=89 res=0 errno=0 [ 451.340032][ T972] usb 3-1: Using ep0 maxpacket: 16 [ 451.354167][ T972] usb 3-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 451.383692][ T972] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 451.445697][ T972] usb 3-1: Product: syz [ 451.473436][ T972] usb 3-1: Manufacturer: syz [ 451.497887][ T972] usb 3-1: SerialNumber: syz [ 451.547547][ T972] usb 3-1: config 0 descriptor?? [ 451.781911][ T972] speedtch 3-1:0.0: speedtch_bind: data interface not found! [ 451.812943][ T972] speedtch 3-1:0.0: usbatm_usb_probe: bind failed: -19! [ 451.853636][T22148] netlink: 942 bytes leftover after parsing attributes in process `syz.6.4769'. [ 451.980031][ T5928] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 452.019554][ T5999] usb 3-1: USB disconnect, device number 36 [ 452.176560][ T5928] usb 1-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 452.204445][ T5928] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 452.225014][ T5928] usb 1-1: Product: syz [ 452.229199][ T5928] usb 1-1: Manufacturer: syz [ 452.234354][ T5928] usb 1-1: SerialNumber: syz [ 452.253897][ T5928] r8152-cfgselector 1-1: Unknown version 0x0000 [ 452.262237][ T5928] r8152-cfgselector 1-1: config 0 descriptor?? [ 452.286780][T22174] loop3: detected capacity change from 0 to 2048 [ 452.338775][T22174] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 452.356987][ T972] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 452.540049][ T972] usb 7-1: Using ep0 maxpacket: 32 [ 452.559340][ T972] usb 7-1: unable to get BOS descriptor or descriptor too short [ 452.587140][ T972] usb 7-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 452.591054][T22191] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4779'. [ 452.621766][ T972] usb 7-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 452.652531][ T972] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 452.679971][ T972] usb 7-1: Product: syz [ 452.699022][ T5928] r8152-cfgselector 1-1: USB disconnect, device number 23 [ 452.715503][ T972] usb 7-1: Manufacturer: syz [ 452.738936][ T972] usb 7-1: SerialNumber: syz [ 452.770910][T22197] loop5: detected capacity change from 0 to 512 [ 452.805418][T22197] fscrypt (loop5, inode 2): Error -61 getting encryption context [ 452.817983][T22197] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -61 [ 452.930683][T22197] EXT4-fs warning (device loop5): ext4_block_to_path:107: block 3279945729 > max in inode 13 [ 453.019076][ T972] usb 7-1: Invalid number of CPorts: 0 [ 453.034945][ T972] es2_ap_driver 7-1:7.0: probe with driver es2_ap_driver failed with error -22 [ 453.052561][T22197] EXT4-fs warning (device loop5): ext4_block_to_path:107: block 3279945730 > max in inode 13 [ 453.076854][T22197] EXT4-fs (loop5): 1 truncate cleaned up [ 453.114660][T22197] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 453.176281][ T30] audit: type=1326 audit(2000000198.729:1695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22226 comm="syz.3.4787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbea0b8e969 code=0x7ffc0000 [ 453.222022][T22197] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 453.240399][ T30] audit: type=1326 audit(2000000198.729:1696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22226 comm="syz.3.4787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbea0b8e969 code=0x7ffc0000 [ 453.261929][ T972] usb 7-1: USB disconnect, device number 12 [ 453.301403][ T30] audit: type=1326 audit(2000000198.739:1697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22226 comm="syz.3.4787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7fbea0b8e969 code=0x7ffc0000 [ 453.411814][ T30] audit: type=1326 audit(2000000198.739:1698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22226 comm="syz.3.4787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbea0b8e969 code=0x7ffc0000 [ 453.520899][ T30] audit: type=1326 audit(2000000198.739:1699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22226 comm="syz.3.4787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbea0b8e969 code=0x7ffc0000 [ 454.072658][T22261] loop0: detected capacity change from 0 to 4096 [ 454.131876][T22261] ntfs3(loop0): try to read out of volume at offset 0x3fffffc0c00 [ 454.148866][T22261] ntfs3(loop0): try to read out of volume at offset 0x3fffffc0c00 [ 454.158765][T22261] ntfs3(loop0): try to read out of volume at offset 0x3fffffc0c00 [ 454.244214][T22261] ntfs3(loop0): try to read out of volume at offset 0x3fffffc0c00 [ 454.270679][ T1625] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 454.280630][T22261] ntfs3(loop0): try to read out of volume at offset 0x3fffffc1c00 [ 454.310419][T22261] ntfs3(loop0): try to read out of volume at offset 0x3fffffc2c00 [ 454.336728][T22261] ntfs3(loop0): try to read out of volume at offset 0x3fffffc4c00 [ 454.351842][T22286] ip6gretap1: entered allmulticast mode [ 454.358264][T22261] ntfs3(loop0): try to read out of volume at offset 0x3fffffc8c00 [ 454.408407][T22261] ntfs3(loop0): try to read out of volume at offset 0x3fffffd0c00 [ 454.462023][T22261] ntfs3(loop0): try to read out of volume at offset 0x3fffffe0c00 [ 454.470743][ T1625] usb 4-1: Using ep0 maxpacket: 16 [ 454.490272][ T1625] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 454.527506][ T1625] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 454.583777][ T1625] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 454.610792][ T1625] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 454.645677][ T1625] usb 4-1: Product: syz [ 454.680160][ T1625] usb 4-1: Manufacturer: syz [ 454.684814][ T1625] usb 4-1: SerialNumber: syz [ 455.215936][ T1625] usb 4-1: cannot find UAC_HEADER [ 455.298655][ T1625] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 455.368781][ T1625] usb 4-1: USB disconnect, device number 16 [ 455.468406][T22340] netlink: 5 bytes leftover after parsing attributes in process `syz.5.4813'. [ 455.487698][T22339] netlink: 'syz.0.4815': attribute type 9 has an invalid length. [ 455.507855][ T5946] udevd[5946]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 455.542389][T22340] 0ªX¹¦D: renamed from gretap0 (while UP) [ 455.614235][T22340] 0ªX¹¦D: entered allmulticast mode [ 455.632582][T22340] A link change request failed with some changes committed already. Interface 30ªX¹¦D may have been left with an inconsistent configuration, please check. [ 455.726516][T22345] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 455.820355][T22345] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98 [ 455.948726][T22293] loop2: detected capacity change from 0 to 32768 [ 455.990473][T22293] XFS: ikeep mount option is deprecated. [ 456.007516][T22293] XFS: ikeep mount option is deprecated. [ 456.069604][T22293] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 456.290132][ T24] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 456.459534][ T24] usb 4-1: config 0 interface 0 has no altsetting 0 [ 456.471742][ T24] usb 4-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 456.506259][T22293] XFS (loop2): Ending clean mount [ 456.511455][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 456.519457][ T24] usb 4-1: Product: syz [ 456.577117][ T24] usb 4-1: Manufacturer: syz [ 456.597690][ T24] usb 4-1: SerialNumber: syz [ 456.616795][ T24] usb 4-1: config 0 descriptor?? [ 456.817793][ T5829] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 456.844357][ T24] usb-storage 4-1:0.0: USB Mass Storage device detected [ 457.002326][ T5999] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 457.063227][ T972] usb 4-1: USB disconnect, device number 17 [ 457.190809][ T5999] usb 2-1: Using ep0 maxpacket: 8 [ 457.230318][ T5999] usb 2-1: unable to get BOS descriptor or descriptor too short [ 457.262744][ T5999] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E [ 457.310029][ T5999] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 457.354077][ T5999] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 457.406566][ T5999] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 457.411816][T22446] veth1_to_team: entered promiscuous mode [ 457.430035][ T5999] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1 [ 457.469536][ T5999] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 457.481788][T22446] A link change request failed with some changes committed already. Interface veth1_to_team may have been left with an inconsistent configuration, please check. [ 457.504939][ T5999] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xAC, changing to 0x8C [ 457.553559][ T5999] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 7 [ 457.573992][ T5999] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8C has invalid wMaxPacketSize 0 [ 457.586191][T22450] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 457.593509][T22450] IPv6: NLM_F_CREATE should be set when creating new route [ 457.600822][T22450] IPv6: NLM_F_CREATE should be set when creating new route [ 457.627416][T22452] loop2: detected capacity change from 0 to 16 [ 457.673107][T22452] erofs (device loop2): mounted with root inode @ nid 36. [ 457.687959][ T5999] usb 2-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84 [ 457.730356][ T5999] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 457.750200][ T5999] usb 2-1: Product: syz [ 457.754420][ T5999] usb 2-1: Manufacturer: syz [ 457.759022][ T5999] usb 2-1: SerialNumber: syz [ 457.789790][T22452] erofs (device loop2): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 457.810628][ T30] audit: type=1400 audit(2000000203.359:1700): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=26260A3A0CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A552C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=22457 comm="syz.6.4843" [ 457.842104][ C0] vkms_vblank_simulate: vblank timer overrun [ 457.857289][ T5999] usb 2-1: config 0 descriptor?? [ 457.861034][T22452] erofs (device loop2): read error -117 @ 43 of nid 36 [ 457.876913][T22403] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 457.882892][T22464] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4845'. [ 457.902343][ T5999] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 457.990734][T22464] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4845'. [ 458.164898][ T5999] usb 2-1: USB disconnect, device number 30 [ 458.253325][T22504] netlink: 'syz.0.4850': attribute type 1 has an invalid length. [ 458.293742][T22504] netlink: 'syz.0.4850': attribute type 2 has an invalid length. [ 458.325931][ T5884] udevd[5884]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 458.818272][T22535] loop3: detected capacity change from 0 to 64 [ 459.446083][T22574] netlink: 'syz.2.4872': attribute type 1 has an invalid length. [ 459.706375][T22592] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4879'. [ 459.760146][T22592] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4879'. [ 460.096164][T22615] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4887'. [ 460.143101][T22615] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4887'. [ 460.435932][T22632] (unnamed net_device) (uninitialized): down delay (2147483647) is not a multiple of miimon (100), value rounded to 2147483600 ms [ 460.507298][T22637] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4895'. [ 460.642978][T22632] 8021q: adding VLAN 0 to HW filter on device bond3 [ 460.708699][T22650] vcan1: entered promiscuous mode [ 460.748598][T22693] netlink: 'syz.6.4901': attribute type 32 has an invalid length. [ 461.480958][ T24] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 461.487686][T22744] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x2 [ 461.520003][ T1625] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 461.662787][ T24] usb 4-1: Using ep0 maxpacket: 32 [ 461.692384][ T1625] usb 6-1: Using ep0 maxpacket: 8 [ 461.699852][ T24] usb 4-1: config 0 has an invalid interface number: 146 but max is 0 [ 461.721866][ T1625] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 461.740325][ T24] usb 4-1: config 0 has no interface number 0 [ 461.746571][ T1625] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 461.769212][ T24] usb 4-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 461.795238][ T1625] usb 6-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping [ 461.840433][ T24] usb 4-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 461.880086][ T24] usb 4-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024 [ 461.894147][ T1625] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 461.917689][ T1625] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 461.958541][ T24] usb 4-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024 [ 461.968942][ T1625] usb 6-1: Product: syz [ 461.974376][ T1625] usb 6-1: Manufacturer: syz [ 461.989221][ T24] usb 4-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82 [ 462.005046][ T1625] usb 6-1: SerialNumber: syz [ 462.025772][ T24] usb 4-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 462.045194][T22773] netlink: 'syz.6.4925': attribute type 1 has an invalid length. [ 462.069977][ T24] usb 4-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 462.118605][ T24] usb 4-1: config 0 interface 146 altsetting 0 endpoint 0x1 has invalid maxpacket 4097, setting to 1024 [ 462.136680][ T24] usb 4-1: config 0 interface 146 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024 [ 462.148729][ T24] usb 4-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 462.165418][ T24] usb 4-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95 [ 462.199348][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 462.200186][ T972] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 462.222878][ T24] usb 4-1: Product: syz [ 462.236009][ T24] usb 4-1: Manufacturer: syz [ 462.257878][ T1625] usb 6-1: 0:2 : does not exist [ 462.270269][ T1625] usb 6-1: 0:8 : does not exist [ 462.275334][ T24] usb 4-1: SerialNumber: syz [ 462.289835][ T24] usb 4-1: config 0 descriptor?? [ 462.306803][T22723] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 462.325743][T22723] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 462.341090][ T1625] usb 6-1: USB disconnect, device number 27 [ 462.381155][ T972] usb 3-1: Using ep0 maxpacket: 32 [ 462.381810][ T24] microtek usb (rev 0.4.3): will this work? Response EP is not usually 3 [ 462.423131][ T972] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 462.433521][ T24] microtek usb (rev 0.4.3): will this work? Image data EP is not usually 2 [ 462.468936][ T972] usb 3-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95 [ 462.484066][ T5946] udevd[5946]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 462.499634][ T972] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 462.509281][ T24] scsi host1: microtekX6 [ 462.517706][ T972] usb 3-1: Product: syz [ 462.524626][ T972] usb 3-1: Manufacturer: syz [ 462.529356][ T972] usb 3-1: SerialNumber: syz [ 462.558183][ T972] usb 3-1: config 0 descriptor?? [ 462.568677][ T972] microtek usb (rev 0.4.3): expecting 3 got 0 endpoints! Bailing out. [ 462.679516][ T972] usb 4-1: USB disconnect, device number 18 [ 462.779007][ T5999] usb 3-1: USB disconnect, device number 37 [ 462.913762][T22838] syz.1.4935: attempt to access beyond end of device [ 462.913762][T22838] nbd1: rw=0, sector=0, nr_sectors = 2 limit=0 [ 463.400122][T22862] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate. [ 463.512291][T22876] loop2: detected capacity change from 0 to 16 [ 463.610112][T22876] erofs (device loop2): mounted with root inode @ nid 36. [ 464.290291][T22922] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4960'. [ 464.724878][T22947] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 464.819513][T22950] delete_channel: no stack [ 464.905397][T22961] fuse: Unknown parameter 'smackfsdef' [ 465.440097][ T5999] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 465.560007][ T24] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 465.612340][ T5999] usb 2-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config [ 465.665761][ T5999] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 465.692503][ T5999] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a2, bcdDevice= 0.40 [ 465.717202][ T5999] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 465.730357][T23009] netlink: 'syz.6.4988': attribute type 9 has an invalid length. [ 465.735533][ T5999] usb 2-1: Product: syz [ 465.749454][ T5999] usb 2-1: Manufacturer: syz [ 465.769737][ T5999] usb 2-1: SerialNumber: syz [ 465.780935][ T24] usb 4-1: Using ep0 maxpacket: 32 [ 465.797514][ T24] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9 [ 465.810956][ T5999] cdc_subset 2-1:1.0: probe with driver cdc_subset failed with error -22 [ 465.837214][ T24] usb 4-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 465.855762][ T5999] cdc_ncm 2-1:1.0: NCM or ECM functional descriptors missing [ 465.863551][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 465.863587][ T24] usb 4-1: Product: syz [ 465.863605][ T24] usb 4-1: Manufacturer: syz [ 465.863624][ T24] usb 4-1: SerialNumber: syz [ 465.873376][ T24] usb 4-1: config 0 descriptor?? [ 465.927334][T22986] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 465.946268][ T5999] cdc_ncm 2-1:1.0: bind() failure [ 465.950807][ T24] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input17 [ 465.964740][T23021] loop2: detected capacity change from 0 to 1764 [ 465.993118][ T5999] cdc_subset 2-1:1.1: probe with driver cdc_subset failed with error -22 [ 466.032794][ T5999] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found [ 466.065947][ T5999] cdc_ncm 2-1:1.1: bind() failure [ 466.080986][T23021] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 466.141121][ T5999] usb 2-1: USB disconnect, device number 31 [ 466.210572][ T31] INFO: task syz-executor:5822 blocked for more than 143 seconds. [ 466.249976][ T31] Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 [ 466.257867][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 466.347538][ T30] audit: type=1326 audit(2000000211.899:1701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23047 comm="syz.6.4994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc219f8e969 code=0x7ffc0000 [ 466.351824][ T31] task:syz-executor state:D [ 466.370019][ C0] vkms_vblank_simulate: vblank timer overrun [ 466.452143][ T31] stack:21096 pid:5822 tgid:5822 ppid:1 task_flags:0x400140 flags:0x00004004 [ 466.454397][ T30] audit: type=1326 audit(2000000211.899:1702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23047 comm="syz.6.4994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc219f8e969 code=0x7ffc0000 [ 466.469188][ T31] Call Trace: [ 466.484328][ C0] vkms_vblank_simulate: vblank timer overrun [ 466.519489][ T31] [ 466.523302][ T31] __schedule+0x16e2/0x4cd0 [ 466.528161][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.534735][ T31] ? schedule+0x165/0x360 [ 466.539438][ T31] ? __lock_acquire+0xaac/0xd20 [ 466.544787][ T31] ? __pfx___schedule+0x10/0x10 [ 466.557409][ T30] audit: type=1326 audit(2000000211.939:1703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23047 comm="syz.6.4994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7fc219f8e969 code=0x7ffc0000 [ 466.587475][ T30] audit: type=1326 audit(2000000211.939:1704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23047 comm="syz.6.4994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc219f8e969 code=0x7ffc0000 [ 466.616207][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.622523][ T31] ? schedule+0x91/0x360 [ 466.626941][ T31] schedule+0x165/0x360 [ 466.632328][ T31] io_schedule+0x81/0xe0 [ 466.636727][ T31] folio_wait_bit_common+0x6b0/0xb90 [ 466.642653][ T31] ? __pfx_folio_wait_bit_common+0x10/0x10 [ 466.648724][ T31] ? __pfx_wake_page_function+0x10/0x10 [ 466.654920][ T31] ? folios_put_refs+0x559/0x640 [ 466.660391][ T31] ? __pfx_find_lock_entries+0x10/0x10 [ 466.666039][ T31] __filemap_get_folio+0x139/0xaf0 [ 466.668788][ T30] audit: type=1326 audit(2000000211.939:1705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23047 comm="syz.6.4994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc219f8e969 code=0x7ffc0000 [ 466.683586][ T31] truncate_inode_pages_range+0x3ed/0xda0 [ 466.701978][ T31] ? evict+0x847/0x9c0 [ 466.706870][ T31] ? evict_inodes+0x636/0x6c0 [ 466.711957][ T31] ? generic_shutdown_super+0x9a/0x2c0 [ 466.717594][ T31] ? kill_block_super+0x44/0x90 [ 466.725361][ T31] ? deactivate_locked_super+0xbc/0x130 [ 466.731419][ T31] ? __pfx_truncate_inode_pages_range+0x10/0x10 [ 466.737708][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.744153][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.749814][ T31] ? __lock_acquire+0xaac/0xd20 [ 466.754891][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 466.760379][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 466.765624][ T31] evict+0x517/0x9c0 [ 466.769577][ T31] ? __pfx_evict+0x10/0x10 [ 466.775996][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.781778][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.787463][ T31] ? do_raw_spin_unlock+0x122/0x240 [ 466.792759][ T31] evict_inodes+0x636/0x6c0 [ 466.798231][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.804042][ T31] ? __pfx_evict_inodes+0x10/0x10 [ 466.809296][ T31] generic_shutdown_super+0x9a/0x2c0 [ 466.814793][ T31] kill_block_super+0x44/0x90 [ 466.819662][ T31] deactivate_locked_super+0xbc/0x130 [ 466.825172][ T31] cleanup_mnt+0x425/0x4c0 [ 466.829779][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.837776][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 466.846157][ T31] task_work_run+0x1d4/0x260 [ 466.850958][ T31] ? __pfx_task_work_run+0x10/0x10 [ 466.856237][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.864956][ T31] resume_user_mode_work+0x5e/0x80 [ 466.870169][ T31] syscall_exit_to_user_mode+0x9a/0x120 [ 466.875947][ T31] do_syscall_64+0x103/0x210 [ 466.886777][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 466.892481][ T31] ? exc_page_fault+0x91/0x110 [ 466.898104][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.909356][ T31] RIP: 0033:0x7f841718fc97 [ 466.914733][ T31] RSP: 002b:00007fffd41a2858 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 466.928932][ T31] RAX: 0000000000000000 RBX: 00007f841721089d RCX: 00007f841718fc97 [ 466.938663][ T31] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffd41a2910 [ 466.949992][ T31] RBP: 00007fffd41a2910 R08: 0000000000000000 R09: 0000000000000000 [ 466.958009][ T31] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffd41a39a0 [ 466.971916][ T31] R13: 00007f841721089d R14: 000000000004afa1 R15: 00007fffd41a39e0 [ 466.983654][ T31] [ 466.987080][ T31] [ 466.987080][ T31] Showing all locks held in the system: [ 467.015673][ T31] 1 lock held by rcu_exp_gp_kthr/18: [ 467.022382][ T31] 1 lock held by khungtaskd/31: [ 467.027242][ T31] #0: ffffffff8df3b860 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 467.054210][ T31] 3 locks held by kworker/u8:6/1100: [ 467.059537][ T31] 2 locks held by acpid/5179: [ 467.064698][ T31] #0: ffff88804e43d118 (&evdev->mutex){+.+.}-{4:4}, at: evdev_release+0x706/0x800 [ 467.114765][ T31] #1: ffff88804e43a2c0 (&dev->mutex#2){+.+.}-{4:4}, at: input_close_device+0x4c/0x230 [ 467.125618][ T31] 1 lock held by klogd/5183: [ 467.136506][ T31] #0: ffff8880b8839b58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 467.146814][ T31] 2 locks held by getty/5573: [ 467.151785][ T31] #0: ffff8880347890a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 467.161897][ T31] #1: ffffc90002ffe2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 467.172461][ T31] 1 lock held by syz-executor/5822: [ 467.177736][ T31] #0: ffff88805010a0e0 (&type->s_umount_key#88){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0 [ 467.196051][ T31] 4 locks held by syz.3.4981/22986: [ 467.202294][ T31] #0: ffff8881467d2160 (&mousedev->mutex/1){+.+.}-{4:4}, at: mixdev_close_devices+0x31/0x210 [ 467.218360][ T31] #1: ffff88804e43e160 (&mousedev->mutex#2){+.+.}-{4:4}, at: mixdev_close_devices+0xba/0x210 [ 467.229598][ T31] #2: ffff88804e43a2c0 (&dev->mutex#2){+.+.}-{4:4}, at: input_close_device+0x4c/0x230 [ 467.248141][ T31] #3: ffffffff8df41338 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b7/0x730 [ 467.259344][ T31] [ 467.276474][ T31] ============================================= [ 467.276474][ T31] [ 467.280047][ T5922] usb 4-1: USB disconnect, device number 19 [ 467.284923][ C1] usbtouchscreen 4-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 467.284971][ T31] NMI backtrace for cpu 0 [ 467.284986][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) [ 467.285014][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 467.285028][ T31] Call Trace: [ 467.285038][ T31] [ 467.285048][ T31] dump_stack_lvl+0x189/0x250 [ 467.285084][ T31] ? __wake_up_klogd+0xd9/0x110 [ 467.285110][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 467.285142][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 467.285176][ T31] ? __pfx__printk+0x10/0x10 [ 467.285215][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 467.285260][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 467.285294][ T31] ? _printk+0xcf/0x120 [ 467.285323][ T31] ? __pfx__printk+0x10/0x10 [ 467.285349][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 467.285377][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 467.285418][ T31] watchdog+0xfee/0x1030 [ 467.285453][ T31] ? watchdog+0x1de/0x1030 [ 467.285492][ T31] kthread+0x711/0x8a0 [ 467.285525][ T31] ? __pfx_watchdog+0x10/0x10 [ 467.285553][ T31] ? __pfx_kthread+0x10/0x10 [ 467.285580][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 467.285609][ T31] ? __pfx_kthread+0x10/0x10 [ 467.285636][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 467.285659][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 467.285685][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 467.285713][ T31] ? __pfx_kthread+0x10/0x10 [ 467.285740][ T31] ret_from_fork+0x4e/0x80 [ 467.285765][ T31] ? __pfx_kthread+0x10/0x10 [ 467.285793][ T31] ret_from_fork_asm+0x1a/0x30 [ 467.285839][ T31] [ 467.285847][ T31] Sending NMI from CPU 0 to CPUs 1: [ 467.466852][ C1] NMI backtrace for cpu 1 [ 467.466871][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) [ 467.466895][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 467.466908][ C1] RIP: 0010:pv_native_safe_halt+0x13/0x20 [ 467.466940][ C1] Code: ee 2d ba f5 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 03 fb 11 00 f3 0f 1e fa fb f4 c3 2d ba f5 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 [ 467.466957][ C1] RSP: 0018:ffffc90000197de0 EFLAGS: 00000286 [ 467.466977][ C1] RAX: 2115ea21a8470100 RBX: ffffffff81973f28 RCX: 2115ea21a8470100 [ 467.466994][ C1] RDX: 0000000000000001 RSI: ffffffff8d74a7fc RDI: ffffffff8bc1d220 [ 467.467011][ C1] RBP: ffffc90000197f20 R08: ffff8880b8932b5b R09: 1ffff1101712656b [ 467.467027][ C1] R10: dffffc0000000000 R11: ffffed101712656c R12: ffffffff8f7ed870 [ 467.467043][ C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff110038d9b40 [ 467.467060][ C1] FS: 0000000000000000(0000) GS:ffff8881261cb000(0000) knlGS:0000000000000000 [ 467.467077][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 467.467091][ C1] CR2: 00007f91e8b7d2d8 CR3: 000000007cb15000 CR4: 0000000000350ef0 [ 467.467108][ C1] Call Trace: [ 467.467116][ C1] [ 467.467124][ C1] default_idle+0x13/0x20 [ 467.467152][ C1] default_idle_call+0x74/0xb0 [ 467.467180][ C1] do_idle+0x1e8/0x510 [ 467.467205][ C1] ? __pfx_do_idle+0x10/0x10 [ 467.467222][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 467.467258][ C1] cpu_startup_entry+0x44/0x60 [ 467.467277][ C1] start_secondary+0x101/0x110 [ 467.467297][ C1] common_startup_64+0x13e/0x147 [ 467.467339][ C1] [ 467.468075][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 467.642345][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) [ 467.654152][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 467.664207][ T31] Call Trace: [ 467.667516][ T31] [ 467.670473][ T31] dump_stack_lvl+0x99/0x250 [ 467.675084][ T31] ? __asan_memcpy+0x40/0x70 [ 467.679677][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 467.684918][ T31] ? __pfx__printk+0x10/0x10 [ 467.689517][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 467.695155][ T31] panic+0x2db/0x790 [ 467.699063][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 467.704703][ T31] ? __pfx_panic+0x10/0x10 [ 467.709128][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 467.714765][ T31] ? nmi_backtrace_stall_check+0x433/0x440 [ 467.720595][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 467.726230][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 467.731609][ T31] ? nmi_trigger_cpumask_backtrace+0x2b6/0x300 [ 467.737778][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 467.743421][ T31] watchdog+0x102d/0x1030 [ 467.747794][ T31] ? watchdog+0x1de/0x1030 [ 467.752235][ T31] kthread+0x711/0x8a0 [ 467.756315][ T31] ? __pfx_watchdog+0x10/0x10 [ 467.761006][ T31] ? __pfx_kthread+0x10/0x10 [ 467.765635][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 467.771274][ T31] ? __pfx_kthread+0x10/0x10 [ 467.775869][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 467.781066][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 467.786700][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 467.791901][ T31] ? __pfx_kthread+0x10/0x10 [ 467.796496][ T31] ret_from_fork+0x4e/0x80 [ 467.800914][ T31] ? __pfx_kthread+0x10/0x10 [ 467.805514][ T31] ret_from_fork_asm+0x1a/0x30 [ 467.810290][ T31] [ 467.813391][ T31] Kernel Offset: disabled [ 467.817704][ T31] Rebooting in 86400 seconds..