last executing test programs: 5.686955516s ago: executing program 0 (id=3541): rseq(&(0x7f0000000400), 0x20, 0x0, 0x0) membarrier(0x4, 0x0) 4.354388763s ago: executing program 0 (id=3550): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) fdatasync(0xffffffffffffffff) 4.107530068s ago: executing program 4 (id=3554): r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r0, 0x10d, 0xc2, &(0x7f0000000040), &(0x7f0000000080)=0x4) 3.988549978s ago: executing program 2 (id=3555): r0 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, 0x0, 0x0) 3.839952786s ago: executing program 1 (id=3556): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x6}, [@call={0x85, 0x0, 0x0, 0x41}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 3.51037267s ago: executing program 0 (id=3557): syz_mount_image$ext4(&(0x7f0000000480)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000280), 0x9, 0x5f4, &(0x7f0000000d00)="$eJzs3c9vFFUcAPDvbLelpWgLMSoepIkxkCgtLWCI8QBXQxr8ES9erLQgUqChNVo0oSTowcR4McbEkwfxv1AiV0568uDFkyEhajiauGa2M6XbzrZ0aXdJ5/NJlr55b4f3ptvvzpu3780GUFpD6T+ViL0RMZNEDCQLS2XVyAqHFp93759PTqePJGq1N/5KIsny8ucn2c/+bOfeiPjl5yT2dK2ud3b+yvmJ6empy9n2yNyFmZHZ+SsHz12YODt1duri2Etjx44eOXps9FBLx3W1IO/k9fc/HPh8/O3vv/03Gf3h9/Ekjser2ROXH8dmGYqh+u8kWV3Uf2yzK+uQruzvZPlLnFQ72CA2JH/9uiPiqRiIrrj/4g3Ep691tHHAlqolETWgpBLxDyWV9wPya/uV18GVjvRKgHa4e2JxAGB1/FcXxwajtz42sPNeEsuHdZKIaG1krtGuiLh9a/z6mVvj12OLxuGAYgvXIuLpovhP6vE/GL0xWI//SkP8p/2CU9nPNP/1FutfOVQs/qF9FuO/d834jybx/86y+H+3xfqH7iff62uI/75WDwkAAAAAAABK6+aJiHix6PP/ytL8nyiY/9MfEcc3of6hFdurP/+v3NmEaoACd09EvFI4/7eSz/4d7MpSj9XnA3QnZ85NTx2KiMcj4kB070i3R9eo4+AXe75pVjaUzf/LH2n9t7O5gFk77lR3NO4zOTE38bDHDUTcvRbxTOH832Tp/J8UnP/T94OZB6xjz/M3TjUrWz/+ga1S+y5if+H5//5dK5K1788xUu8PjOS9gtWe/fjLH5vV32r8u8UEPLz0/L9z7fgfTJbfr2d243Ucnq/WmpW12v/vSd6s33KmJ8v7aGJu7vJoRE9ysivNbcgf23ibYTvK4yGPlzT+Dzy39vhfUf+/LyIWVvzfyd+Na4pzT/7X/0ez9uj/Q+ek8T+5ofP/xhNjNwZ/alb/g53/j9TP9QeyHON/sOjrPEx7GvMLwrFaVNTu9gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAdlCJiF2RVIaX0pXK8HBEf0Q8ETsr05dm5144c+mDi5NpWf37/yv5N/0OLG4n+ff/Dy7bHluxfTgidkfEV1199e3h05emJzt98AAAAAAAAAAAAAAAAAAAAPCI6G+y/j/1Z9fa+15rSwuBLVUtyqy0vx1A+xXE/6+daAfQftVardNNADqksP8PlIL4h/IS/1Bei/Hf3elmAB3g/A/lJf6hvMQ/AAAAAABsK7v33fwtiYiFl/vqj1RPVmZCEGxvVvlDea1zix9gGzP1B8rLNT6QrFPe23Sn9fZcy8zph9gZAAAAAAAAAAAAAEpn/17r/6GsrP+H8lp//X/hyh9gG8jX/+/rcDuA9nOND8Q6K/nrVwGfbXQvAAAAAAAAAAAAAGAzzc5fOT8xPT11WeKtR6MZ7UzUarWr6V/Bo9KezUzsSBMDba00nwrf8WMvTuRr/R5sr869JwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI3+DwAA//8fSicK") quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x8, 0x1, 0x0, 0x0, 0x2, 0x2, 0x200000000c, 0x0, 0x9d}) 3.456369057s ago: executing program 2 (id=3558): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') lseek(r0, 0x2e73, 0x4) 3.453525814s ago: executing program 4 (id=3559): r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000006b80)=[{{&(0x7f0000000040)={0xa, 0x4e24, 0x0, @remote}, 0x1c, 0x0}}, {{&(0x7f0000000340)={0xa, 0x4e24, 0x0, @remote}, 0x1c, 0x0, 0x0, &(0x7f0000003700)=ANY=[@ANYBLOB="e80200000000000029"], 0x2e8}}], 0x2, 0x0) 3.092498079s ago: executing program 1 (id=3560): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$IOMMU_HWPT_SET_DIRTY_TRACKING(r0, 0x3b8b, &(0x7f0000000300)={0x10}) 3.089497275s ago: executing program 2 (id=3561): r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000002e80)=ANY=[@ANYBLOB="8500000061000000440000000000002085000000050000009500000000000000f4670880271e3503200ffa95b2c8c037c5a142c9a8d76287066c51adde96fcc309926fa3b4b87b3e0cc7444a2391511c97fabd5f9810e81ae0b737136ea6f7be39cd34d5ae35de35dde54704d25c79949c00a7c09cc28d7673294f42a5f0a8761b30d64b741a226de7bad76402320e13822c45c0f8612c10b1f3c075ff1ebb755a2dd5760903000000000000006c6386d7ec7209d031f40f3012e9576e51a7f578602f5807785b92e544fc46c744aeeee4418d6af3e4195cc03710212436a4ff3274cac948d85cec074c6949e1298901ebb39522f6649dd76d067a82f5fe47fe5f17f99ab1e394ab800f4104dbffff0000000000005c6d1d224b64be6c4d7f47ef21eb7e46f9aa4a9779f8555eaea768c1f2ab94de93d928cf95846be6277c04b4c5324812696aa89e393c941d9541c86238d0703394a90231ccca9c3499c9a4cd3cd8a4f8070000000b1b2d2747c45b0c52087b5efabf84960ba0e3c4c00322de328c10752a42dca52fb98c1452b6518a6ef7297f7b2744419a2f238f173d0cd46daf2fcb5500f53ef800ec91d83cf4fbf975d9c07d8d3c76e65760ff000000b78860e629b3b200000000000000000000000000008b0000000a449c810d3174c87ee545867a3126af7a8b20744ea9875b9cba735b9594aa904e5a4bb2c3dfa8ea63e3e7000860000000004a2147c1128c697d9966b3c9f0e9e203370b3fac929a4fc6e625247510bc24e20ad88d4fe6a3ae2f7967546c4aae83352106057ab9cd4b3442a5d10451b95e22f30a85f5681ca3000000000000000000000396e7b6e1aa007018f6d93e79fce95d405b809238cca421c82c96f10dfa978bee51f581d124216e8bd9b1856a2d4eda31fe098a1da8091b495f77138e438bdc037865f07f98c068be4c6155ec27365410866059475714844a3ea4cbe37e0000000000ef6dc4dd63bb928ff58b3bd2a600089d172a884dcdb8b9f9050297815a371deec596838e38068b5e438cbcd585a8cf37c496a8d2dab79d4242a326d80260898d4e1ca5050033f8f65429845bc3c3092af2bc4ee7263d3cbd9cab24eafd961a2d0c7bbfca952475c7e6158bfbb32f187d18f977117181076bad4167d5559ac12ff1473fa0ac0c0e71925a25933bfe309a040034b0cc8f69074670efc8101b89477d23823605dfa8e5945c71a0225b50d18a010ecf3c349cbac4d5191c3d78726b9ab4bff5e05027ca5b338a62e955e514da8ca2846919b7b56c192bb43f7032e485cc664921b7f9133bdbc2ba3cd845997b0dd103c784a53ad0243624566e0dacfe4029ffbe59e7e7751b3a9e619107bde39bfa81791ff0e4577055528aef46891c3c49afda8137d03cf6893db7b0f1fe95f8a096159869db71853b6bb5c08ce5fc61353f1e659d7ac53f54a7e2c94cba21994930a423ac7f84ed873a76b0dda0a4b4c5f87eef3164a0c03bc2a7f08290ddf300b298de3fd9167fb8b9c2f26e27f97cf5e90586ea50b85eb5b420eebe171893782b8326148ef5f5174e7ea5dd7f1caa699e4a241291c2f43e9edbf44c0ff38ee32a18b6e8f0b61836146e2eab9a767800c2c91190c96cf88466adf775b4cf515ec5e39be99c4ab471f381c3915203cd2f27466c8943a80ba03150699c787696de272affa4e4940e59d8b7c69f804d6d3fa7543176a4df033532e5053d72521d097dda0c7a70bd1278c61513c1b97b01d94d5ef793096dab53d37984d58dc09d11ba0094ba8c39942be41f362e29bb95cdcf8068a4d8d67d2d6d79aa2d089bc4d475097d7523860ec41dab4fa4b0cfe674c163ac419753bd73882336d42036a179bb33162b31f2a58436ea88fba598fad987a60b1847cc63a77c2bb30477ecbeaaa590cde56be4102d0365987eed64bdf01bbd9aaeb77dde491845e612557f0000000000000046ca2d2f455ab76e4bca74b87ba66caa35b468b41fa9b887ae270b6dd0a23f0500f7ab284ce93cf117309358643a3b53cb5406694d415192714d374d07a0adce126a37559305ca672b90dc0675dd71237f17de33a76cbe944496a0bf55731aec8916d61a9e675152c01005c61c3e4697a6017f38f380be4a0833161b9c37a439a49f3f97712fa33b68ef1a16cf43562e409710c7669448f542d3b3eaa7c969927b5ddbdc19fa2d08a4ccbf85245910710338c0d42d2d03aa9ddb6f04b27c2aad179a386d285e2fd466860d6cfebd702bde33c3f102abb4602a19111eecaa271dd02fe8eefc879a5a02c500000000000099c7144a4ef048b4489924010cf1a0856f51ff6b16ada3d871e3e92226d908c0ee08c65fc940b61fe70ded97887548f337cfc94cf8cf278fb7faf92ae925804958d951d5ffc7424cc348f99ee3f99766459ec14b31a385"], &(0x7f0000000140)='GPL\x00', 0x0, 0xe0, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffc1a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x4e, 0x0, &(0x7f0000000240)="b9ff0600000000000000149a86dd", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 3.038399156s ago: executing program 4 (id=3562): r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90224fc602f000004000c0100053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 2.939260548s ago: executing program 3 (id=3563): r0 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f0000000580)={0x0, 0x2000, 0x80, 0x3231564e, 0x2, [0x2], [0x2000], [], [0x400000000000001]}) 2.855694848s ago: executing program 2 (id=3564): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a320000000038030000060a010400000000000000000100000008000b400000000010030480400001800d00010073796e70726f7879000000002c000280050002000600000008000340000000000800034000000000080003400000000a06000140000800000c000180080001006c6f6700a00201800e000100696d6d6564696174650000008c020280080001400000000b080001400000001108000140000000022401028028000280080003400000000108000340000000050900020073797a320000000008000180fffffffe3000028008000180fffffffb08000340000010000900020073797a320000000008000180ffffffff0800034000000003c50001007cd651f0d5e4690fbba124f2776a90600ef6a0dc2b6b0e2190314a6142830c83a96d280e19831ff6f0541cc73b0650cb3ea2eed0605187f7e2aa4fb9210f1b7dc182a782ed1b93c3b79182631820fb750a31bd96eec10b9038afd73e4e249efd8ea2673b652454462630b485f874160fbf82781520adb74fc6d8dcfeeba9de48a9cb63ae0f74cd6b00776f821203beae38b984f413a6c6238f4013befcb55f71b3077bd1f30894f2eb09fb2e0c588dcbc9d51bbb156bbfeeeaa0249d80c69c5d14000000440102806400028008000180fffffffc080001803bd434f00900020073797a30000000000900020073797a32000000000800034000000fff080003400000000408000340000011140900020073797a320000000008000180fffffffe0900020073797a31000000002400028008000180fffffffe0800034000000008080003400000000708000180ff50799d1dd49ee2b104aa11c4078787216e2818f2554f88c58b3daf338ce1632851d1db2eca6d2d42a54c34d53811fa21471c15549f384c90c4910ecffb8947c7921a9cca0693e9b6eaea70c9938e55dc23475592246212913732a63c34fa4ec064050c3df95dcb06345c988bf035cfc60fe52c278eb43fd8115cab1e5e663f96000000100002800900020073797a3200000000270001007805839544f23d02a761ba9e1dd4868f0e3fa6719a1e1803fd63c0a82bda5aee7efab200080001400000001220000180080001006e61740014000280080003400000000008000540000000020900010073797a30"], 0x3ac}}, 0x0) 2.473404491s ago: executing program 1 (id=3565): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@ipv4_delroute={0x2c, 0x19, 0x901, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, 0x0, 0x0, 0xff}, [@RTA_DST={0x8, 0x1, @dev}, @RTA_PREFSRC={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x20}}]}, 0x2c}}, 0x0) 2.3112919s ago: executing program 1 (id=3566): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000001880)={0x28, 0x2e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid}, @nested={0xa, 0x0, 0x0, 0x1, [@generic="976b64086860"]}, @nested={0x4, 0x1}]}, 0x28}], 0x1}, 0x0) 2.261883243s ago: executing program 3 (id=3567): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000140)=0xffffffff, 0x4) 2.254964473s ago: executing program 2 (id=3568): r0 = socket$kcm(0xa, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x0, 0x23, 0x0, 0x8) 2.043742974s ago: executing program 4 (id=3569): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x27, &(0x7f0000000640)={&(0x7f00000006c0)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @private}}]}, 0x30}}, 0x0) 1.749822333s ago: executing program 3 (id=3570): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000000)=@newsa={0x180, 0x10, 0x1, 0x0, 0x0, {{@in=@private, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@private2, 0x0, 0x6c}, @in=@rand_addr=0x64010100, {0x0, 0x0, 0x80}, {0x5, 0x0, 0x8}, {0x7fffffff}, 0x70bd2d, 0x34ff, 0x2, 0x4}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @algo_auth={0x48, 0x1, {{'blake2b-512-generic\x00'}}}]}, 0x180}}, 0x0) 1.733666723s ago: executing program 1 (id=3571): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000440)=ANY=[@ANYBLOB="b702000001040000bfa30000000000000703000000feffff7a0af0fff8bffffd79a4f0ff00000000b7060000ffffffff2d640500000000006502040001001f000404000001007d60b7030000000000006a0a00fefdff00008500000026000000b7000000000000009500000000000000c743a0c8e3ebbadc20e5a7efcc9ac1467fb2ea80dbcf8df265e1b40e4c8afd5c0c000000008da68076774bbcdb2c769937000090af27db5b56024db96bcbbbd2cb2000ce03000000000000007e357754508535766c80114604a86fe569b05614eab9297eb290a248a120c9c6e39f403ff065fd3052aae80675eeba68562eaeaea5fecf298ca20f274233106eab63ecf772de7b265040b6c50b7420b48a93fe94c756108afcd0b2eb78040000005f02a5a6474ae549070004000000001294fba0ed5020e6474ac921fee1f6d8ad6a80d0947cd6d4a561ced21a0b4a902be6af7ec2d1ba002e57f301000000000000000000000000100000aaf25343063e6581f9e6de14ad72e5ad84309f47f96a576cd20cef7ed951a73ea73d7c7f14e306f1f1d1377e57bbb19700f0077e9d0000b93eb0f2c6f8141e350dc68147e5958128d22d58625cf9dba211bfff9c3709c9b134625d3d2369f516a49eeeb1a662c8dfb875bdf5c6ba73cccdfacb202994c40d322717faff03323dce8a34ee0ca2cf61efb4b30000642735d6d482ba98d252f36c54333a8b1aa736369392b9067665339820f5f1557b0bf7cc06a5a13c714e0b1a1f000000ff3283076cda3d0b1a2905cfc3d04f1db264b530abcbe44bc405f600807970727fb819afa1907228fa9e83433eedb4ac88d0285594ffb0d14c09d5c77f33702822b02488ea570204c8441ced81cacf945dcb2486d65ceec8bcaffbe800a041a378b40dc9e3600e916ae6307bd8325a442095bc9a8b0c95905979f34adddbb26f0d24425c8ab9d937d84b521914f92eed3d3e9de82942a952e86b567aff5bc2e3c1fcc00f618363df5d0d181ee8f4b8fd356c9eb365adc037e443820c05c5db16ff07a9cf471e2ebf91ab00a05f88c1cd55f8c81f5eb1f8d615ca27efb2193bb61665a1ce37f30c2efc9c3b5a4a5d95479fac471ba60fbd0e50225563cd37343d09da72472efc2b2877fbab12a891513e5f0763ae06c0610a2869747c143d7500760600f3ffb2310e19ac58bf29d7f178d09a9f634a3ae492f54649589e3692768a0f3a08ff275df45508ad85950d8e08465fa1067ea8f383b3e7a7ddf5977d46f4bc38f914b4a496426d8468f9ba618b6b2218b50c8fc9efbce3ba799cf70de7e13be871aa7eb402e2b11f440361e18d4e334bfc6ae54e62e67a03b4c756c544189e4519a029674e2a2bbbc7f6600000000000800000e5e30b70b1eb176d3a62660600000030a0af132e680510811d3ab71af5d98e2d3d928a749e8b9402d14655612bd58fb40b4625cb69bf6cea97b447f2d970d99100000000086000001b881afb2cc500003a73562af4878f75b4f9540057b8a3fff2bc02c5941626d2015f414546e87835ba18e9101734a9e9c6955fc6b9a25fe2a3dd8bab7f21beccba5493a164c663eceed401737c12c65804712236a9a29a43b1e27e9b6816f2328ea8423121f12b7b35aa721fef26934ccafde573bee5c33ef15309f43cbd5d61aa679a9c402d337ebf57a5eacb569401c1df7b9c45b09743c61d1db37f0000000000020000000061d7d6818db785d8ba13dc577fe61a68eb365de5661f43d4c789bb117a3d208ae44a381b718b3157e218959156ff8e92b7e92bc275d2c9114547351a0d0f2a70d13be0194b6cb68b03000000000000004f153bbc7f52861e4e5df0d19e4e40ac44cfda6f87807e5b5ed7072c04da88afd3d4b79f060e004a0e2f00b9e726ac75d2ac0691314c627e9a8a07bdd607919fd48f01ad6d2f7621d9a75b134f1bc25ed7c33d411a5baa4daa3add16afc502b2b7629541d722e91d631e5ffb9d4beb5aa5a2c4e490a5bd5cf4538ba310b8cbc221af38ea842d4cb908bcd574f794459fd54b58c6a791e6df620047bade4ba41ee0141843958479544619f749ff70088b0fd115077f7eff7c5a3315ca604d110df1c54407f191a78d8362e4dc6e1138391c2af2b96779bb76c9f1daea4f085f38810edef6dd047937c231cba791a4e7713c5b3b0a0b6ba37db5016e02d114d714459d065a79609fea4efebad04edac11aac0e53dd094827453144fa419ee81823d00a90a9058ba740d2f41253a8d01a8c1a7265a084e30ad10d412aee8170a7111d62473e7bd8f3d64fb7ebdd32aada331900000000000000000000000084ef49dd02000000bf48ea48e0e1f463d9dcb285038ec38d5f4969ed0e98a71ac7bf8159a234833a5241722b2d24aa2fa4965d4eb7966fb27d118b6ef3308627e67d42f1041d5e92da28e0a7724ce715854775cbe06c5166f1dac0745f1373156a536cb6394c2c4473e2050cacf693fdf8e305080000001a901ecd90a5f53b8327a485557bc2a147b036477915e600000000034258ebbb6099b597d17ee2fc97ca850b8580b1337016a40566814594c13052b9d2b0741326825f19a24460e545c71e1940c998f39ac04a0c29691a7c8f7a78c1a7590a293c561f304533c638ae635f5ce026f7fa034d8cfe0e11831d4829692beab26891ef583cfcb713a4d3a2d8b958c0875d7e4bdcf98802db086ebcbb9d82fa569a18f06facc2ffe1ea9ae4231e1e503faa2de7f898c97788c4b9c61c70ff92abdf7476cc351156d11c0ada7614f315f4c6cca119d16827d4e864f5a7a9b690272a510c451dc07f391309d02e31e53b2bf0b5f86e776b1bcfe6c85ccd7ddf8a9559d596b5603895f265685fdd11263c946f8ef3ccec1b0d45a47a89b8237cbbdab14e4ca6dc76b2c41e071b93a065c0f5aa718e1cfab29beea78a6bd9a3114f0fb92be9a5862627b4bd99db2c08e4636e43f05f33535d5d1f9bb40e1fd8e5125a3d29b31dd94a6744bbc21722222b976089f073a4d3fcafc6d06518cf0c4fc6c3e3da0000000000000000000000007d3b60775243f2143d9f54804b11102cf0e4c641db1ba8bf75e46ab3a8fdece6562e7ebb3e407f3c7504dfa3da3aecbd49af3d1edeea11cc970416fadeedc8423bfdc85041ac4d8243a1130e6f4cb5bbfed9d095e18c98c7d690e4c491a7ddcd5635bc61dbed719ca28e8ca3f1fbbe588913ed057f1d6e34a79f4dc10df54d1993a5bc5f9ef6dbd339ee4b0b5764169f305e284ef82cc23e9366d4bc7eb45c7230b13433e5240657cb8eba33260147be8620b6d98cc48b000000000000000000000000c1ce872b18984f080100000000000000bd3fded92547d41809b398f36749083a147eb09ff1ed601bd36b873d3947fb223da647052528e0466cb917db7800f7c7000b593fca1903991cca1343882e3a1f60044f11c081dae4fc5bcf20efacdd2c577f4bcda2eea6f75a31dc90eebb6135b6fb824052181b0ad8a49ebf03ccf61d7e39bf6b0762d24d19796016301d1415b5110ba9df7f204aedb2a2e4e621c0553d312b309db67192f98ef7800000d629c04e216afc8fc66616bbf304e452373aa927c2ad6f5417f1b9bc322b802c1a1c42112a92a331cdc113b9ace3ff52ede7a853f9a89002ba070bac2f635a03db3375e5564f1a798bf9c0f8c72725d2eca9b0ec7e453d78ea20eca61530fe574299b393ca144adcb06108dfbb934065a87972739150a8752ac111c4d9062ccb95c54034fbdee131d94dfbaab1854d55665746fb7b47d25e54070b0d14c0a29c57bc4930075e1761913b036d43852c6df9f10e15105b2a1866b598a3577943514db0dce953dcec62139ff3f16066efec5d8cbc0600000000007289be5883aab951ea67cf2ff691d05c1ea91dd569ed9897fe8d88a0a6977dc8955be17e8026aff11c61fa5cc76196c1423cd597345253baa1537eb6962a3ce1fe5d5ab46938e8fb23fa7047bc59c4345e912585a8adb5fe2ff51b64a326321b594e3f2d339f4090bdae6b30b62064bacbc155d3c930576f506b093ca7c60957bdfdd6536baaa871cf6a603c736b78761e6463b8ac503e219cc3d98f649602ad24d5667368290ee926fba76ee482a201a03efece3b236f4ee2ffcd5d90d92a2f0c5cea48c87f27c2f1e92988a6508c12f6b7755cc48eb10edafca92cb0260c72295a27a24846d3a2334bd60e94c0fd07e5db0a4964a7fc4e89e11a300510776934e87bb3c21394f46954a012b2a3b0760f5bad1dbd6b466ed7153bd18ee2c0b2353c38df9e0782eb000000000000000000000000001b58cadcc5aaf65e05663985a177aa1d1ea2ad1b8151c7d58f5b92827f550269b3585d98e1394e816a477e52ce2f6de2bd7192f46cf965e774968d151d2bda084b10ec4c8d2c6ab582b1e5e3ed874235ff128c661298ed75879d8a4025ad1c3d9ef6355dc7284c6e648a61da026a777fcc7ae2c60ce64a2f2b0000000000000000000000000000003022110d1230e998429a6fd8f35939a8ae5acc89123839d84b98df6f8ee2ad0b238759bf400ac14c591aefe9660076a494f73b0ea8f3cb4a9c2e4f745a2afb593fabb9481600b2f44e6415153c1f8cf974a226d2700608bb2838ef07d75aed8b082716be3c37f60f48b9995f6325fdaa1c164b1e2bcbde00"/3344], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfe37, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000080)="b907ef23f66a54f05c13e5f0888e", 0x0, 0x0, 0x18000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) 1.571018975s ago: executing program 3 (id=3572): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x26, 0x0, 0x0) 1.513106634s ago: executing program 4 (id=3573): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$SNDCTL_DSP_GETTRIGGER(r0, 0x80045010, &(0x7f0000000100)) 1.370087513s ago: executing program 1 (id=3574): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x74, 0x93, 0x1d, 0x40, 0xc45, 0x614a, 0xe6af, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x9c, 0x80, 0xf4}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) 1.349573278s ago: executing program 3 (id=3575): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x18, 0xd, 0xa, 0x401, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x800}, 0x40040) 915.385561ms ago: executing program 0 (id=3576): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'syz_tun\x00', &(0x7f0000002fc0)=@ethtool_gstrings={0xe}}) 722.094797ms ago: executing program 2 (id=3577): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000012000a20000000000a01040000000000000000010000000900010073797a30000000002c000000030a010200000000000000000100ffff0900010073797a30000000000900030073797a320000000098010000060a010400000000000000000100000008000b400000000070010480740001800b000100657874686472000064000280080001400000000c08000540000000000800054000000000080001400000000c08000340ffffffff08000140000000040800064000000000080003400000000d0800064000000002080005000000000808000440000000220500020089000000f80001800e000100696d6d656469617465000000e4000280e0000280d70001008967f39f977d15c430237fe4a7e0fad9da05c66947d4e9eb2689c3222017e606d8acd6eee67076c0f7c3352bdda7ff8943671c316599d6f01a01b87979acd2a53052ad779016bda01887e80118b29e47c6da6e558a51897312b1432eb61dd224309432609bf2150cf06442c7588e91122f338f94b25cdd340ececdd1ffa8c5efb50536c56ab9bbc82afcd6a92885fdc0408fc552f304b904900f11fa8dac65e9c93c2cdd8ccaa8ca78c0b5b9ec323f27936e151a41a528751ec53b5994cc9e88a9ce648c58d45cfdd2b0367c9d32501d9922b600040002800900010073797a30"], 0x20c}}, 0x0) 571.641258ms ago: executing program 3 (id=3578): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x68, &(0x7f0000000000)=0x5, 0x4) 547.534932ms ago: executing program 0 (id=3579): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x3, 0x4) 55.213656ms ago: executing program 0 (id=3580): mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x10000) 0s ago: executing program 4 (id=3581): syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000040)='./file1\x00', 0x2808000, &(0x7f0000000540)={[{@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@shortname_winnt}, {@shortname_win95}, {@uni_xlateno}, {@shortname_lower}, {@fat=@codepage={'codepage', 0x3d, '865'}}, {@fat=@check_normal}, {@shortname_win95}, {@rodir}, {@shortname_mixed}, {@shortname_lower}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp949'}}]}, 0x1, 0x297, &(0x7f00000007c0)="$eJzs3U9rI2UYAPBn0iRNVUgOnkRwQA+ewnY/wQapsJiTkoNedHG7IElYaCDgH4w9eRc8+R38Jl78Bh48Ct7cgziSzEySttNtg2kq4fe75Mk77/P+y1sKhT757M3x8OnzybPzb36LViuJ2qN4FC+S6EQtSt8FALBPXmRZ/Jnlbupbj2ZEZO3iXW0HywMA7sAmv/8BgP3w0ceffNDr908+TNNWxPj76SCJ/DV/3nsWX8QoTuNBtOPviGwpj1973D+JepqWfwyYHsUgYvzpL8X73h8Ri/zjaEfnav77j/snx2ku3hnPpoP5zPPXRrySRPSyJB/oYbTj9YisEcUgq/yHFfkxaMa7b/9UrP+f0+hGO379PJ7HKJ4uhljlf3ucpu9lP/71db6DQUQymw4OF/1WsoOdfSgAAAAAAAAAAAAAAAAAAAAAAOy9brrUWa+fU1YD7Harn19bH6io8DNbq6/zIE3TsozPdNCIPL8eb9ST+9s4AAAAAAAAAAAAAAAAAAAA/I9Mvvxq+GQ0Oj3Lg6OiOVu23Dqor7XUi2E2SL8QDH+O2DzrNkEcLBZ2nlcpyC70KasRbGOuw006H1VNGrXrzrA+imRxPj9svrC3trXBlwbl7Ro+SeKGzq3qS7J2M8s7eTZJqi9tZZBVHN3BtVnNLe29+eqVR/FfBpzvuLE8zIt9WvNPcq2lseWflEvU6gAAAAAAAAAAAAAAAAAAgLu2+qff+P3Kw/N7WRIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7Nzq+/+XQXQut1wOZkXyy/qUweHZpGLazo63CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ77NwAA//+FHl9c") syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x80205b, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) kernel console output (not intermixed with test programs): 0 [ 715.900584][ T5262] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 715.910598][ T5262] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 715.922198][ T5262] usb 5-1: config 0 interface 0 has no altsetting 0 [ 716.032725][ T5262] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 716.042794][ T5262] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 716.057996][ T5262] usb 5-1: config 0 interface 0 has no altsetting 0 [ 716.141445][ T5262] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 716.151179][ T5262] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 716.166240][ T5262] usb 5-1: config 0 interface 0 has no altsetting 0 [ 716.281694][ T5262] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 716.291627][ T5262] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 716.300320][ T5262] usb 5-1: Product: syz [ 716.305354][ T5262] usb 5-1: Manufacturer: syz [ 716.310295][ T5262] usb 5-1: SerialNumber: syz [ 716.364164][ T5262] usb 5-1: config 0 descriptor?? [ 716.519041][ T5262] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0 [ 716.907712][ T5262] usb 5-1: USB disconnect, device number 49 [ 716.964449][ T5262] yurex 5-1:0.0: USB YUREX #0 now disconnected [ 717.265883][ T5240] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 717.715079][ T5240] usb 3-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 717.724897][ T5240] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 717.738900][ T5240] usb 3-1: config 0 descriptor?? [ 717.757689][ T5240] gspca_main: spca561-2.14.0 probing abcd:cdee [ 719.006009][ T9570] loop1: detected capacity change from 0 to 2048 [ 719.018523][ T5240] spca561 3-1:0.0: probe with driver spca561 failed with error -22 [ 719.030190][ T5240] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 719.037474][ T5240] usb 3-1: MIDIStreaming interface descriptor not found [ 720.153903][ T9570] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 720.912414][ T5183] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 720.947411][ T9584] loop3: detected capacity change from 0 to 512 [ 721.257201][ T9584] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13 [ 721.329479][ T9584] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1998: invalid indirect mapped block 2683928664 (level 1) [ 721.428583][ T9584] EXT4-fs (loop3): Remounting filesystem read-only [ 721.465985][ T9584] EXT4-fs (loop3): 1 truncate cleaned up [ 721.473739][ T9584] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 721.671456][ T9584] EXT4-fs (loop3): Quota file not on filesystem root. Journaled quota will not work [ 722.216051][ T5189] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 722.883250][ T9598] loop2: detected capacity change from 0 to 512 [ 723.039536][ T9598] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 723.059107][ T9598] ext4 filesystem being mounted at /394/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 723.372467][ T9602] loop4: detected capacity change from 0 to 256 [ 723.452629][ T9602] exfat: Deprecated parameter 'namecase' [ 723.459344][ T9602] exfat: Deprecated parameter 'namecase' [ 723.591174][ T5188] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 723.613859][ T9602] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 726.415635][ T25] usb 5-1: new high-speed USB device number 50 using dummy_hcd [ 726.650768][ T25] usb 5-1: Using ep0 maxpacket: 8 [ 726.705820][ T25] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 726.716562][ T25] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 726.725966][ T25] usb 5-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x76, changing to 0x6 [ 726.738057][ T25] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 100, changing to 10 [ 726.749694][ T25] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 24936, setting to 1024 [ 726.761334][ T25] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 726.770997][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 726.845304][ T25] hub 5-1:1.0: bad descriptor, ignoring hub [ 726.851537][ T25] hub 5-1:1.0: probe with driver hub failed with error -5 [ 726.860991][ T25] cdc_wdm 5-1:1.0: skipping garbage [ 726.866832][ T25] cdc_wdm 5-1:1.0: skipping garbage [ 726.872491][ T25] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22 [ 727.239654][ T25] usb 5-1: USB disconnect, device number 50 [ 728.568819][ T9618] loop4: detected capacity change from 0 to 256 [ 728.953564][ T9618] FAT-fs (loop4): Directory bread(block 64) failed [ 728.960962][ T9618] FAT-fs (loop4): Directory bread(block 65) failed [ 728.974531][ T9618] FAT-fs (loop4): Directory bread(block 66) failed [ 728.983445][ T9618] FAT-fs (loop4): Directory bread(block 67) failed [ 728.990418][ T9618] FAT-fs (loop4): Directory bread(block 68) failed [ 728.997559][ T9618] FAT-fs (loop4): Directory bread(block 69) failed [ 729.004695][ T9618] FAT-fs (loop4): Directory bread(block 70) failed [ 729.011528][ T9618] FAT-fs (loop4): Directory bread(block 71) failed [ 729.018769][ T9618] FAT-fs (loop4): Directory bread(block 72) failed [ 729.025877][ T9618] FAT-fs (loop4): Directory bread(block 73) failed [ 729.771194][ T9620] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 729.788462][ T9620] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 729.806735][ T9620] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 729.827807][ T9620] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 729.849942][ T9620] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 729.880044][ T9620] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 731.652991][ T9629] loop4: detected capacity change from 0 to 2048 [ 731.764332][ T9629] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 731.848393][ T9629] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 732.065884][ T9619] chnl_net:caif_netlink_parms(): no params data found [ 732.099375][ T9620] Bluetooth: hci5: command tx timeout [ 732.132023][ T5240] usb 3-1: USB disconnect, device number 35 [ 733.167883][ T5354] udevd[5354]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 733.886677][ T9642] netlink: 'syz.4.2019': attribute type 3 has an invalid length. [ 733.900085][ T9642] netlink: 'syz.4.2019': attribute type 3 has an invalid length. [ 733.908122][ T9642] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2019'. [ 734.459740][ T5184] Bluetooth: hci5: command tx timeout [ 734.466665][ T5184] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 734.499047][ T5202] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 734.541516][ T5202] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 734.595872][ T5202] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 734.613048][ T5202] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 734.643504][ T5202] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 734.718978][ T2960] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 735.285221][ T2960] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 735.440470][ T9620] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 735.452324][ T9620] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 735.463261][ T9620] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 735.476995][ T9620] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 736.104952][ T5184] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 736.114699][ T5184] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 736.131378][ T5184] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 736.147207][ T5184] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 736.235556][ T5184] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 736.257041][ T5184] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 736.342742][ T2960] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 736.454726][ T9652] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 736.493259][ T9619] bridge0: port 1(bridge_slave_0) entered blocking state [ 736.501260][ T9619] bridge0: port 1(bridge_slave_0) entered disabled state [ 736.509394][ T9619] bridge_slave_0: entered allmulticast mode [ 736.527913][ T9619] bridge_slave_0: entered promiscuous mode [ 736.558862][ T9619] bridge0: port 2(bridge_slave_1) entered blocking state [ 736.566978][ T9619] bridge0: port 2(bridge_slave_1) entered disabled state [ 736.575060][ T9619] bridge_slave_1: entered allmulticast mode [ 736.585706][ T9619] bridge_slave_1: entered promiscuous mode [ 736.624973][ T9652] Bluetooth: hci5: command tx timeout [ 736.637057][ T5202] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 736.889570][ T5202] Bluetooth: hci6: command tx timeout [ 737.060998][ T9619] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 737.132561][ T2960] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 737.304531][ T9619] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 737.368342][ T9660] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2026'. [ 737.572750][ T9619] team0: Port device team_slave_0 added [ 738.074892][ T9619] team0: Port device team_slave_1 added [ 738.335733][ T5202] Bluetooth: hci0: command tx timeout [ 738.579246][ T2960] bridge_slave_1: left allmulticast mode [ 738.585533][ T2960] bridge_slave_1: left promiscuous mode [ 738.592609][ T2960] bridge0: port 2(bridge_slave_1) entered disabled state [ 738.639747][ T2960] bridge_slave_0: left allmulticast mode [ 738.646746][ T2960] bridge_slave_0: left promiscuous mode [ 738.653445][ T2960] bridge0: port 1(bridge_slave_0) entered disabled state [ 738.873230][ T5202] Bluetooth: hci5: command tx timeout [ 738.938221][ T5202] Bluetooth: hci4: command tx timeout [ 739.122257][ T5202] Bluetooth: hci6: command tx timeout [ 739.309856][ T2960] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 739.344870][ T2960] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 739.415370][ T2960] bond0 (unregistering): Released all slaves [ 739.633262][ T9639] chnl_net:caif_netlink_parms(): no params data found [ 739.775133][ T9619] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 739.782617][ T9619] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 739.816788][ T9619] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 739.889035][ T9619] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 739.896535][ T9619] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 739.928483][ T9619] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 740.564815][ T5202] Bluetooth: hci0: command tx timeout [ 740.750643][ T2960] hsr_slave_0: left promiscuous mode [ 740.773791][ T2960] hsr_slave_1: left promiscuous mode [ 740.811290][ T2960] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 740.821313][ T2960] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 740.850201][ T2960] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 740.858542][ T2960] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 740.910362][ T2960] veth1_macvtap: left promiscuous mode [ 740.916457][ T2960] veth0_macvtap: left promiscuous mode [ 740.922970][ T2960] veth1_vlan: left promiscuous mode [ 740.928603][ T2960] veth0_vlan: left promiscuous mode [ 741.172496][ T5202] Bluetooth: hci4: command tx timeout [ 741.341417][ T5202] Bluetooth: hci6: command tx timeout [ 741.711921][ T2960] team0 (unregistering): Port device team_slave_1 removed [ 741.762307][ T2960] team0 (unregistering): Port device team_slave_0 removed [ 742.296300][ T9689] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2037'. [ 742.336012][ T9619] hsr_slave_0: entered promiscuous mode [ 742.379376][ T9619] hsr_slave_1: entered promiscuous mode [ 742.555656][ T9646] chnl_net:caif_netlink_parms(): no params data found [ 742.788905][ T5202] Bluetooth: hci0: command tx timeout [ 743.397724][ T5202] Bluetooth: hci4: command tx timeout [ 743.513688][ T9649] chnl_net:caif_netlink_parms(): no params data found [ 743.553319][ T5202] Bluetooth: hci6: command tx timeout [ 743.586445][ T2960] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 743.621986][ T9639] bridge0: port 1(bridge_slave_0) entered blocking state [ 743.630557][ T9639] bridge0: port 1(bridge_slave_0) entered disabled state [ 743.645519][ T9639] bridge_slave_0: entered allmulticast mode [ 743.655532][ T9639] bridge_slave_0: entered promiscuous mode [ 743.804118][ T2960] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 743.894199][ T9639] bridge0: port 2(bridge_slave_1) entered blocking state [ 743.907512][ T9639] bridge0: port 2(bridge_slave_1) entered disabled state [ 743.915448][ T9639] bridge_slave_1: entered allmulticast mode [ 743.925347][ T9639] bridge_slave_1: entered promiscuous mode [ 744.060195][ T2960] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 744.444664][ T9639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 744.510476][ T2960] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 744.666696][ T9639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 744.882836][ T9619] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 745.007193][ T5202] Bluetooth: hci0: command tx timeout [ 745.130225][ T9619] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 745.298530][ T9639] team0: Port device team_slave_0 added [ 745.410014][ T9720] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw [ 745.487793][ T9619] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 745.608154][ T5202] Bluetooth: hci4: command tx timeout [ 745.766537][ T9639] team0: Port device team_slave_1 added [ 745.812349][ T2960] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 745.977211][ T9619] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 746.160069][ T9646] bridge0: port 1(bridge_slave_0) entered blocking state [ 746.168454][ T9646] bridge0: port 1(bridge_slave_0) entered disabled state [ 746.176605][ T9646] bridge_slave_0: entered allmulticast mode [ 746.186325][ T9646] bridge_slave_0: entered promiscuous mode [ 746.224180][ T2960] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 746.336339][ T9646] bridge0: port 2(bridge_slave_1) entered blocking state [ 746.344667][ T9646] bridge0: port 2(bridge_slave_1) entered disabled state [ 746.352637][ T9646] bridge_slave_1: entered allmulticast mode [ 746.362441][ T9646] bridge_slave_1: entered promiscuous mode [ 746.442216][ T2960] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 746.728920][ T9639] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 746.736164][ T9639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 746.763187][ T9639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 746.913613][ T2960] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 746.965191][ T9649] bridge0: port 1(bridge_slave_0) entered blocking state [ 746.973058][ T9649] bridge0: port 1(bridge_slave_0) entered disabled state [ 746.982151][ T9649] bridge_slave_0: entered allmulticast mode [ 746.991936][ T9649] bridge_slave_0: entered promiscuous mode [ 747.036535][ T9649] bridge0: port 2(bridge_slave_1) entered blocking state [ 747.044912][ T9649] bridge0: port 2(bridge_slave_1) entered disabled state [ 747.053349][ T9649] bridge_slave_1: entered allmulticast mode [ 747.063112][ T9649] bridge_slave_1: entered promiscuous mode [ 747.270439][ T9639] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 747.277980][ T9639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 747.304951][ T9639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 747.479540][ T9646] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 747.702180][ T9646] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 747.726804][ T9649] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 747.859876][ T9619] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 747.907308][ T9649] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 748.133171][ T9646] team0: Port device team_slave_0 added [ 748.161115][ T9646] team0: Port device team_slave_1 added [ 748.312877][ T9619] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 748.460035][ T1239] ieee802154 phy0 wpan0: encryption failed: -22 [ 748.466809][ T1239] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.538547][ T2960] bridge_slave_1: left allmulticast mode [ 748.544546][ T2960] bridge_slave_1: left promiscuous mode [ 748.551616][ T2960] bridge0: port 2(bridge_slave_1) entered disabled state [ 748.589950][ T2960] bridge_slave_0: left allmulticast mode [ 748.595914][ T2960] bridge_slave_0: left promiscuous mode [ 748.602998][ T2960] bridge0: port 1(bridge_slave_0) entered disabled state [ 748.690774][ T2960] bridge_slave_1: left allmulticast mode [ 748.691036][ T9745] syz.4.2050: attempt to access beyond end of device [ 748.691036][ T9745] nbd4: rw=0, sector=0, nr_sectors = 2 limit=0 [ 748.696988][ T2960] bridge_slave_1: left promiscuous mode [ 748.698005][ T2960] bridge0: port 2(bridge_slave_1) entered disabled state [ 748.755844][ T2960] bridge_slave_0: left allmulticast mode [ 748.764440][ T2960] bridge_slave_0: left promiscuous mode [ 748.774662][ T2960] bridge0: port 1(bridge_slave_0) entered disabled state [ 748.853615][ T2960] bridge_slave_1: left allmulticast mode [ 748.862470][ T2960] bridge_slave_1: left promiscuous mode [ 748.869405][ T2960] bridge0: port 2(bridge_slave_1) entered disabled state [ 748.925974][ T2960] bridge_slave_0: left allmulticast mode [ 748.932328][ T2960] bridge_slave_0: left promiscuous mode [ 748.939190][ T2960] bridge0: port 1(bridge_slave_0) entered disabled state [ 749.205283][ T9749] loop4: detected capacity change from 0 to 256 [ 750.287734][ T5245] usb 5-1: new full-speed USB device number 51 using dummy_hcd [ 750.392713][ T2960] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 750.411463][ T2960] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 750.436281][ T2960] bond0 (unregistering): Released all slaves [ 750.481611][ T5245] usb 5-1: config 5 has an invalid interface number: 123 but max is 0 [ 750.484560][ T2960] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 750.490336][ T5245] usb 5-1: config 5 has no interface number 0 [ 750.505268][ T5245] usb 5-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B [ 750.517602][ T5245] usb 5-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xE6, changing to 0x86 [ 750.534739][ T5245] usb 5-1: config 5 interface 123 altsetting 7 endpoint 0x86 has invalid maxpacket 13625, setting to 64 [ 750.547887][ T5245] usb 5-1: config 5 interface 123 has no altsetting 0 [ 750.570817][ T5245] usb 5-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7 [ 750.578688][ T2960] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 750.580421][ T5245] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 750.597499][ T5245] usb 5-1: Product: syz [ 750.601952][ T5245] usb 5-1: Manufacturer: syz [ 750.606827][ T5245] usb 5-1: SerialNumber: syz [ 750.621080][ T9749] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 750.636066][ T2960] bond0 (unregistering): Released all slaves [ 750.676727][ T2960] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 750.699634][ T2960] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 750.732924][ T2960] bond0 (unregistering): Released all slaves [ 750.778753][ T9649] team0: Port device team_slave_0 added [ 750.805495][ T9619] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 750.925925][ T5245] ni6501 5-1:5.123: driver 'ni6501' failed to auto-configure device. [ 750.990971][ T9639] hsr_slave_0: entered promiscuous mode [ 751.024143][ T9639] hsr_slave_1: entered promiscuous mode [ 751.028387][ T5245] usb 5-1: USB disconnect, device number 51 [ 751.070960][ T9639] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 751.082308][ T9639] Cannot create hsr debugfs directory [ 751.175300][ T9646] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 751.182520][ T9646] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 751.213751][ T9646] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 751.304740][ T9649] team0: Port device team_slave_1 added [ 751.313889][ T9619] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 751.345370][ T9646] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 751.352972][ T9646] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 751.379756][ T9646] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 751.962235][ T9649] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 751.969621][ T9649] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 751.996381][ T9649] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 752.292699][ T9649] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 752.300208][ T9649] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 752.327534][ T9649] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 752.418420][ T9646] hsr_slave_0: entered promiscuous mode [ 752.434969][ T9646] hsr_slave_1: entered promiscuous mode [ 752.457391][ T9646] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 752.467971][ T9646] Cannot create hsr debugfs directory [ 753.378913][ T9649] hsr_slave_0: entered promiscuous mode [ 753.443818][ T9649] hsr_slave_1: entered promiscuous mode [ 753.465492][ T9649] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 753.475092][ T9649] Cannot create hsr debugfs directory [ 753.747397][ T9763] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2057'. [ 754.242494][ T2960] hsr_slave_0: left promiscuous mode [ 754.266533][ T2960] hsr_slave_1: left promiscuous mode [ 754.290732][ T2960] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 754.299907][ T2960] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 754.321457][ T2960] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 754.329580][ T2960] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 754.459239][ T2960] hsr_slave_0: left promiscuous mode [ 754.490625][ T2960] hsr_slave_1: left promiscuous mode [ 754.528159][ T2960] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 754.536627][ T2960] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 754.591174][ T2960] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 754.601417][ T2960] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 754.701307][ T2960] hsr_slave_0: left promiscuous mode [ 754.712123][ T2960] hsr_slave_1: left promiscuous mode [ 754.732216][ T2960] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 754.740575][ T2960] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 754.770254][ T2960] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 754.778376][ T2960] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 754.837184][ T2960] veth1_macvtap: left promiscuous mode [ 754.843623][ T2960] veth0_macvtap: left promiscuous mode [ 754.849615][ T2960] veth1_vlan: left promiscuous mode [ 754.855521][ T2960] veth0_vlan: left promiscuous mode [ 754.873792][ T2960] veth1_macvtap: left promiscuous mode [ 754.879629][ T2960] veth0_macvtap: left promiscuous mode [ 754.886025][ T2960] veth1_vlan: left promiscuous mode [ 754.891674][ T2960] veth0_vlan: left promiscuous mode [ 754.899321][ T5245] usb 5-1: new high-speed USB device number 52 using dummy_hcd [ 754.913514][ T2960] veth1_macvtap: left promiscuous mode [ 754.919553][ T2960] veth0_macvtap: left promiscuous mode [ 754.925620][ T2960] veth1_vlan: left promiscuous mode [ 754.931387][ T2960] veth0_vlan: left promiscuous mode [ 755.515483][ T5245] usb 5-1: Using ep0 maxpacket: 32 [ 755.812154][ T5245] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 755.830460][ T5245] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 755.845560][ T5245] usb 5-1: New USB device found, idVendor=0421, idProduct=00a0, bcdDevice=c8.e1 [ 755.856476][ T5245] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 755.911615][ T5245] usb 5-1: config 0 descriptor?? [ 755.993710][ T5245] usb 5-1: bad CDC descriptors [ 756.224875][ T5245] usb 5-1: USB disconnect, device number 52 [ 756.393699][ T2960] team0 (unregistering): Port device team_slave_1 removed [ 756.420478][ T2960] team0 (unregistering): Port device team_slave_0 removed [ 757.103311][ T2960] team0 (unregistering): Port device team_slave_1 removed [ 757.131760][ T2960] team0 (unregistering): Port device team_slave_0 removed [ 757.883622][ T2960] team0 (unregistering): Port device team_slave_1 removed [ 757.958237][ T2960] team0 (unregistering): Port device team_slave_0 removed [ 759.179371][ T9790] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 759.187026][ T9790] IPv6: NLM_F_CREATE should be set when creating new route [ 759.489226][ T9619] 8021q: adding VLAN 0 to HW filter on device bond0 [ 759.745184][ T9619] 8021q: adding VLAN 0 to HW filter on device team0 [ 759.930633][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 759.938391][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 760.124902][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 760.132833][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 760.456489][ T9646] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 760.500208][ T9646] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 760.662993][ T9646] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 760.699686][ T9798] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2069'. [ 760.705868][ T9646] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 761.529057][ T9649] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 761.577743][ T9639] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 761.629719][ T9639] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 761.680221][ T9649] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 761.743830][ T9639] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 761.803375][ T9649] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 761.871959][ T9639] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 761.954540][ T9646] 8021q: adding VLAN 0 to HW filter on device bond0 [ 761.981542][ T9649] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 762.123342][ T5240] usb 5-1: new high-speed USB device number 53 using dummy_hcd [ 762.240643][ T9646] 8021q: adding VLAN 0 to HW filter on device team0 [ 762.331402][ T9619] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 762.378711][ T5240] usb 5-1: Using ep0 maxpacket: 8 [ 762.397751][ T9607] bridge0: port 1(bridge_slave_0) entered blocking state [ 762.405670][ T9607] bridge0: port 1(bridge_slave_0) entered forwarding state [ 762.438218][ T5240] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 762.525024][ T5240] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=53.49 [ 762.534734][ T5240] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 762.543540][ T5240] usb 5-1: Product: syz [ 762.547992][ T5240] usb 5-1: Manufacturer: syz [ 762.552982][ T5240] usb 5-1: SerialNumber: syz [ 762.593359][ T9607] bridge0: port 2(bridge_slave_1) entered blocking state [ 762.601171][ T9607] bridge0: port 2(bridge_slave_1) entered forwarding state [ 762.683327][ T5240] usb 5-1: config 0 descriptor?? [ 763.152278][ T5240] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 763.193051][ T9646] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 763.278308][ T5240] usb 5-1: USB disconnect, device number 53 [ 763.498670][ T9619] veth0_vlan: entered promiscuous mode [ 763.514214][ T5357] udevd[5357]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 763.583224][ T9639] 8021q: adding VLAN 0 to HW filter on device bond0 [ 763.680274][ T9619] veth1_vlan: entered promiscuous mode [ 763.931829][ T9639] 8021q: adding VLAN 0 to HW filter on device team0 [ 764.171640][ T3648] bridge0: port 1(bridge_slave_0) entered blocking state [ 764.179517][ T3648] bridge0: port 1(bridge_slave_0) entered forwarding state [ 764.216075][ T9619] veth0_macvtap: entered promiscuous mode [ 764.247072][ T9649] 8021q: adding VLAN 0 to HW filter on device bond0 [ 764.323859][ T3648] bridge0: port 2(bridge_slave_1) entered blocking state [ 764.331752][ T3648] bridge0: port 2(bridge_slave_1) entered forwarding state [ 764.360342][ T9619] veth1_macvtap: entered promiscuous mode [ 764.523630][ T9649] 8021q: adding VLAN 0 to HW filter on device team0 [ 764.685819][ T3648] bridge0: port 1(bridge_slave_0) entered blocking state [ 764.693706][ T3648] bridge0: port 1(bridge_slave_0) entered forwarding state [ 764.724503][ T9619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 764.735571][ T9619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 764.750972][ T9619] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 764.942512][ T3648] bridge0: port 2(bridge_slave_1) entered blocking state [ 764.950369][ T3648] bridge0: port 2(bridge_slave_1) entered forwarding state [ 765.010361][ T9619] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 765.021381][ T9619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 765.036570][ T9619] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 765.392047][ T9619] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 765.401504][ T9619] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 765.413339][ T9619] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 765.424233][ T9619] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 765.531993][ T9649] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 765.622851][ T9825] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2073'. [ 766.145310][ T9646] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 766.961487][ T9646] veth0_vlan: entered promiscuous mode [ 767.253528][ T9646] veth1_vlan: entered promiscuous mode [ 767.735290][ T9646] veth0_macvtap: entered promiscuous mode [ 767.830316][ T9646] veth1_macvtap: entered promiscuous mode [ 768.078093][ T9649] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 768.216829][ T9646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 768.227883][ T9646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 768.238154][ T9646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 768.249102][ T9646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 768.266782][ T9646] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 768.392011][ T9848] loop4: detected capacity change from 0 to 256 [ 768.475451][ T9639] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 768.527000][ T9646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 768.538162][ T9646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 768.548739][ T9646] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 768.559593][ T9646] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 768.574898][ T9646] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 768.770518][ T9649] veth0_vlan: entered promiscuous mode [ 768.816312][ T9646] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 768.825592][ T9646] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 768.834778][ T9646] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 768.844130][ T9646] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 768.939083][ T9649] veth1_vlan: entered promiscuous mode [ 769.049925][ T9639] veth0_vlan: entered promiscuous mode [ 769.225196][ T9639] veth1_vlan: entered promiscuous mode [ 769.379452][ T9649] veth0_macvtap: entered promiscuous mode [ 769.405048][ T9649] veth1_macvtap: entered promiscuous mode [ 769.461563][ T9649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 769.477179][ T9649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 769.491781][ T9649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 769.502994][ T9649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 769.513637][ T9649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 769.524579][ T9649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 769.540200][ T9649] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 769.565860][ T9649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 769.579249][ T9649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 769.590892][ T9649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 769.602471][ T9649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 769.612786][ T9649] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 769.623711][ T9649] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 769.643364][ T9649] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 769.931522][ T9649] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 769.941063][ T9649] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 769.950467][ T9649] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 769.959767][ T9649] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 770.002646][ T9859] ip6t_REJECT: ECHOREPLY is not supported [ 770.069738][ T9639] veth0_macvtap: entered promiscuous mode [ 770.255119][ T9639] veth1_macvtap: entered promiscuous mode [ 770.668062][ T9639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 770.680759][ T9639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 770.691492][ T9639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 770.702443][ T9639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 770.712859][ T9639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 770.723907][ T9639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 770.734128][ T9639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 770.745036][ T9639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 770.762276][ T9639] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 770.910641][ T9639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 770.922731][ T9639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 770.934163][ T9639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 770.946735][ T9639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 770.958294][ T9639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 770.969627][ T9639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 770.979886][ T9639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 770.993305][ T9639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.015165][ T9639] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 771.241327][ T9639] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 771.250465][ T9639] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 771.260214][ T9639] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 771.269581][ T9639] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 771.664049][ T9874] loop4: detected capacity change from 0 to 256 [ 771.764430][ T9874] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 772.621242][ T9887] netlink: 'syz.4.2079': attribute type 2 has an invalid length. [ 775.034759][ T4312] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 775.043145][ T4312] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 775.417338][ T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 775.426176][ T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 776.399483][ T9941] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2014'. [ 776.806506][ T4312] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 776.814957][ T4312] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 776.947854][ T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 776.956301][ T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 777.508732][ T4312] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 777.517232][ T4312] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 777.925910][ T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 777.934424][ T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 778.143421][ T9961] loop0: detected capacity change from 0 to 8 [ 778.293616][ T9963] loop3: detected capacity change from 0 to 512 [ 778.469593][ T9963] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 778.483053][ T9963] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 779.245259][ T9646] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 779.672444][ T9984] netlink: 830 bytes leftover after parsing attributes in process `syz.0.2096'. [ 780.571978][ T9999] loop4: detected capacity change from 0 to 256 [ 780.615442][ T79] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 780.623991][ T79] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 780.904287][ T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 780.913243][ T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 780.930289][ T9999] FAT-fs (loop4): Directory bread(block 64) failed [ 780.937202][ T9999] FAT-fs (loop4): Directory bread(block 65) failed [ 780.944695][ T9999] FAT-fs (loop4): Directory bread(block 66) failed [ 780.952026][ T9999] FAT-fs (loop4): Directory bread(block 67) failed [ 780.959315][ T9999] FAT-fs (loop4): Directory bread(block 68) failed [ 780.971529][ T9999] FAT-fs (loop4): Directory bread(block 69) failed [ 780.978638][ T9999] FAT-fs (loop4): Directory bread(block 70) failed [ 780.987511][ T9999] FAT-fs (loop4): Directory bread(block 71) failed [ 780.994702][ T9999] FAT-fs (loop4): Directory bread(block 72) failed [ 781.001786][ T9999] FAT-fs (loop4): Directory bread(block 73) failed [ 782.008991][T10010] loop0: detected capacity change from 0 to 1764 [ 782.741699][T10023] autofs4:pid:10023:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.4294967071), cmd(0xc018937e) [ 782.756369][T10023] autofs4:pid:10023:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e) [ 783.486304][T10034] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2118'. [ 783.570132][T10038] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2117'. [ 783.908457][ T10] usb 4-1: new high-speed USB device number 58 using dummy_hcd [ 784.144886][ T10] usb 4-1: Using ep0 maxpacket: 32 [ 784.164832][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 784.232339][ T10] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=a6.13 [ 784.242208][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 784.255093][ T10] usb 4-1: Product: syz [ 784.259569][ T10] usb 4-1: Manufacturer: syz [ 784.266755][ T10] usb 4-1: SerialNumber: syz [ 784.437435][ T10] usb 4-1: config 0 descriptor?? [ 784.502045][ T10] pvrusb2: Hardware description: Terratec Grabster AV400 [ 784.510146][ T10] pvrusb2: ********** [ 784.514368][ T10] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 784.524978][ T10] pvrusb2: Important functionality might not be entirely working. [ 784.533156][ T10] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 784.544943][ T10] pvrusb2: ********** [ 784.727966][T10052] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2125'. [ 784.778164][ T2020] pvrusb2: Invalid write control endpoint [ 785.203596][T10058] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2128'. [ 785.373503][ T2020] pvrusb2: Invalid write control endpoint [ 785.386568][ T2020] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 785.399606][ T2020] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 785.407692][ T2020] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 785.422737][ T2020] pvrusb2: Device being rendered inoperable [ 785.429298][ T2020] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 785.436654][ T2020] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 785.446582][ T2020] pvrusb2: Attached sub-driver cx25840 [ 785.456327][ T2020] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 785.469842][ T2020] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 785.648733][ T25] usb 4-1: USB disconnect, device number 58 [ 786.263180][T10071] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2133'. [ 786.609162][T10082] loop4: detected capacity change from 0 to 8 [ 787.360180][T10093] 9pnet_fd: Insufficient options for proto=fd [ 787.634381][T10090] loop3: detected capacity change from 0 to 1024 [ 787.737629][T10090] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 787.932096][T10090] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 788.398444][ T9646] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 788.854451][T10111] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2152'. [ 789.106450][ T5202] Bluetooth: hci1: unexpected event for opcode 0x2060 [ 789.607526][T10123] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 789.967248][ T29] audit: type=1326 audit(1727373116.435:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10130 comm="syz.3.2160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabf017df39 code=0x7ffc0000 [ 789.990285][ T29] audit: type=1326 audit(1727373116.435:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10130 comm="syz.3.2160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabf017df39 code=0x7ffc0000 [ 790.260159][ T29] audit: type=1326 audit(1727373116.678:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10130 comm="syz.3.2160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7fabf017df39 code=0x7ffc0000 [ 790.287214][ T29] audit: type=1326 audit(1727373116.678:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10130 comm="syz.3.2160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabf017df39 code=0x7ffc0000 [ 790.312005][ T29] audit: type=1326 audit(1727373116.678:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10130 comm="syz.3.2160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabf017df39 code=0x7ffc0000 [ 790.977722][T10145] loop1: detected capacity change from 0 to 1024 [ 791.963738][T10158] loop4: detected capacity change from 0 to 8 [ 792.106965][T10158] SQUASHFS error: Unable to read directory block [629:26] [ 794.356550][ T25] usb 4-1: new low-speed USB device number 59 using dummy_hcd [ 795.282390][ T25] usb 4-1: config index 0 descriptor too short (expected 1307, got 27) [ 795.291692][ T25] usb 4-1: config 0 has an invalid interface number: 0 but max is -1 [ 795.300407][ T25] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 795.314161][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 795.326391][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 795.337710][ T5245] usb 1-1: new high-speed USB device number 59 using dummy_hcd [ 795.465258][ T25] usb 4-1: string descriptor 0 read error: -22 [ 795.473580][ T25] usb 4-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de [ 795.483414][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 795.531086][ T25] usb 4-1: config 0 descriptor?? [ 795.547210][ T25] hub 4-1:0.0: bad descriptor, ignoring hub [ 795.557867][ T25] hub 4-1:0.0: probe with driver hub failed with error -5 [ 795.576150][ T25] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input17 [ 795.667954][ T5245] usb 1-1: Using ep0 maxpacket: 16 [ 795.712473][ T5245] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 795.722130][ T5245] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 795.730832][ T5245] usb 1-1: Product: syz [ 795.736475][ T5245] usb 1-1: Manufacturer: syz [ 795.746476][ T5245] usb 1-1: SerialNumber: syz [ 795.753669][ T25] input: failed to attach handler mousedev to device input17, error: -5 [ 795.878361][ T10] usb 4-1: USB disconnect, device number 59 [ 795.928073][ T5245] r8152-cfgselector 1-1: Unknown version 0x0000 [ 795.934686][ T5245] r8152-cfgselector 1-1: config 0 descriptor?? [ 796.463250][ T5245] r8152-cfgselector 1-1: USB disconnect, device number 59 [ 798.021789][T10240] syz.0.2213 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 798.630894][T10246] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 799.222153][T10257] loop1: detected capacity change from 0 to 128 [ 800.940142][T10264] loop0: detected capacity change from 0 to 4096 [ 801.064415][T10264] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 801.563776][T10287] loop3: detected capacity change from 0 to 2048 [ 801.673212][T10287] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 801.740787][T10282] loop1: detected capacity change from 0 to 2048 [ 801.759934][T10282] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 801.827139][T10294] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 801.833974][T10287] tmpfs: Bad value for 'mpol' [ 802.071204][ T9646] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 802.909989][T10300] netlink: 'syz.4.2243': attribute type 1 has an invalid length. [ 802.918256][T10300] netlink: 244 bytes leftover after parsing attributes in process `syz.4.2243'. [ 803.550302][T10312] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2247'. [ 804.712359][T10331] loop0: detected capacity change from 0 to 256 [ 804.903042][T10334] openvswitch: netlink: IP tunnel dst address not specified [ 804.993748][T10331] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 805.125277][T10331] syz.0.2257: attempt to access beyond end of device [ 805.125277][T10331] loop0: rw=0, sector=295096, nr_sectors = 1 limit=256 [ 806.019464][T10350] netlink: 'syz.1.2264': attribute type 13 has an invalid length. [ 806.731071][T10360] loop1: detected capacity change from 0 to 24 [ 806.863225][T10360] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 807.034336][T10365] netlink: 'syz.0.2272': attribute type 32 has an invalid length. [ 807.042487][T10365] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2272'. [ 807.052407][T10365] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 807.871311][ T5245] usb 4-1: new full-speed USB device number 60 using dummy_hcd [ 808.171085][T10380] loop0: detected capacity change from 0 to 1024 [ 808.172126][ T5245] usb 4-1: config 0 has an invalid interface number: 20 but max is 0 [ 808.186794][ T5245] usb 4-1: config 0 has no interface number 0 [ 808.193412][ T5245] usb 4-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 808.558619][ T5245] usb 4-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 808.566161][T10390] tc_dump_action: action bad kind [ 808.568155][ T5245] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 808.581757][ T5245] usb 4-1: Product: syz [ 808.586388][ T5245] usb 4-1: Manufacturer: syz [ 808.591290][ T5245] usb 4-1: SerialNumber: syz [ 808.687191][ T5245] usb 4-1: config 0 descriptor?? [ 808.850989][ T29] audit: type=1400 audit(1727373134.049:22): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=10385 comm="syz.4.2282" [ 808.961352][T10372] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 809.001955][ T5245] usb-storage 4-1:0.20: USB Mass Storage device detected [ 809.050610][ T5245] usb-storage 4-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 809.075920][T10380] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 809.283617][T10380] EXT4-fs error (device loop0): ext4_xattr_inode_iget:440: inode #11: comm syz.0.2276: missing EA_INODE flag [ 809.348816][T10380] EXT4-fs (loop0): Remounting filesystem read-only [ 809.519213][ T5245] scsi host1: usb-storage 4-1:0.20 [ 809.654879][ T5245] usb 4-1: USB disconnect, device number 60 [ 809.879736][ T9619] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 810.770892][T10418] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains [ 810.818534][T10421] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2295'. [ 811.819413][T10436] netlink: 'syz.2.2302': attribute type 11 has an invalid length. [ 812.084246][T10440] loop1: detected capacity change from 0 to 64 [ 812.290771][T10440] hfs: keylen 94 too large [ 813.325100][T10461] netlink: 'syz.2.2315': attribute type 10 has an invalid length. [ 813.328375][T10460] loop3: detected capacity change from 0 to 512 [ 813.345500][T10460] EXT4-fs: Ignoring removed bh option [ 813.401295][T10460] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 813.540474][T10460] EXT4-fs error (device loop3): ext4_orphan_get:1414: comm syz.3.2313: bad orphan inode 17 [ 813.608174][T10460] EXT4-fs (loop3): Remounting filesystem read-only [ 813.615082][T10460] ext4_test_bit(bit=16, block=4) = 1 [ 813.621449][T10460] is_bad_inode(inode)=0 [ 813.625852][T10460] NEXT_ORPHAN(inode)=1048336 [ 813.631606][T10460] max_ino=32 [ 813.635049][T10460] i_nlink=0 [ 813.640440][T10460] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 813.960142][ T9646] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 814.261320][ T1239] ieee802154 phy0 wpan0: encryption failed: -22 [ 814.268084][ T1239] ieee802154 phy1 wpan1: encryption failed: -22 [ 814.968299][T10482] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2322'. [ 815.246175][ T10] usb 1-1: new high-speed USB device number 60 using dummy_hcd [ 815.462801][ T10] usb 1-1: Using ep0 maxpacket: 16 [ 815.487544][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 815.499061][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 815.509640][ T10] usb 1-1: New USB device found, idVendor=05a4, idProduct=1700, bcdDevice= 0.00 [ 815.519278][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 815.707376][ T10] usb 1-1: config 0 descriptor?? [ 816.070154][ T10] usbhid 1-1:0.0: can't add hid device: -71 [ 816.077064][ T10] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 816.129090][ T10] usb 1-1: USB disconnect, device number 60 [ 816.302990][T10497] loop3: detected capacity change from 0 to 1024 [ 816.449457][T10497] hfsplus: keylen 65060 too large [ 817.633689][T10514] loop0: detected capacity change from 0 to 1024 [ 817.850231][T10514] hfsplus: bad catalog entry type [ 818.227858][ T79] hfsplus: b-tree write err: -5, ino 4 [ 818.859670][T10532] loop4: detected capacity change from 0 to 256 [ 819.227452][T10535] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 819.736637][T10546] loop0: detected capacity change from 0 to 512 [ 819.750396][T10546] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 820.120004][T10546] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.2354: corrupted in-inode xattr: e_value out of bounds [ 820.163401][T10546] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.2354: couldn't read orphan inode 15 (err -117) [ 820.338625][T10546] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 820.934692][ T9619] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 821.012975][ T10] usb 4-1: new high-speed USB device number 61 using dummy_hcd [ 821.873789][T10577] netlink: 'syz.1.2368': attribute type 1 has an invalid length. [ 821.939648][T10578] netlink: 'syz.4.2367': attribute type 30 has an invalid length. [ 822.039933][ T10] usb 4-1: New USB device found, idVendor=0547, idProduct=2727, bcdDevice=c8.d3 [ 822.049514][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 822.058044][ T10] usb 4-1: Product: syz [ 822.062516][ T10] usb 4-1: Manufacturer: syz [ 822.067729][ T10] usb 4-1: SerialNumber: syz [ 822.101770][ T10] usb 4-1: config 0 descriptor?? [ 822.907758][ T10] cdc_subset 4-1:0.0: probe with driver cdc_subset failed with error -22 [ 823.154825][ T5245] usb 4-1: USB disconnect, device number 61 [ 824.761781][T10618] loop0: detected capacity change from 0 to 512 [ 824.889413][ T9813] usb 5-1: new full-speed USB device number 54 using dummy_hcd [ 825.182924][ T9813] usb 5-1: config 0 has an invalid interface number: 82 but max is 0 [ 825.197895][ T9813] usb 5-1: config 0 has no interface number 0 [ 825.204410][ T9813] usb 5-1: config 0 interface 82 altsetting 0 endpoint 0xC has invalid maxpacket 1024, setting to 64 [ 825.316050][T10624] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2389'. [ 825.501892][T10618] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 825.510959][T10618] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 825.544120][T10618] System zones: 0-1, 15-15, 18-18, 34-34 [ 825.559059][T10618] EXT4-fs (loop0): orphan cleanup on readonly fs [ 825.566176][T10618] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0 [ 825.577267][T10618] EXT4-fs warning (device loop0): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 825.592345][T10618] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 825.674939][T10618] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2387: bg 0: block 40: padding at end of block bitmap is not set [ 825.699698][ T9813] usb 5-1: New USB device found, idVendor=0506, idProduct=11f8, bcdDevice=b6.28 [ 825.709265][ T9813] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 825.717827][ T9813] usb 5-1: Product: syz [ 825.722400][ T9813] usb 5-1: Manufacturer: syz [ 825.727278][ T9813] usb 5-1: SerialNumber: syz [ 825.793775][ T9813] usb 5-1: config 0 descriptor?? [ 825.799977][T10626] : entered promiscuous mode [ 826.050307][T10618] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 826.108584][T10618] EXT4-fs (loop0): 1 truncate cleaned up [ 826.374740][ T9813] kaweth 5-1:0.82: Firmware present in device. [ 826.507916][T10635] loop2: detected capacity change from 0 to 1024 [ 826.625034][T10618] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 826.777612][ T9813] kaweth 5-1:0.82: Error reading configuration (-71), no net device created [ 826.787657][ T9813] kaweth 5-1:0.82: probe with driver kaweth failed with error -5 [ 826.910419][ T9813] usb 5-1: USB disconnect, device number 54 [ 827.214711][ T9619] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 827.435678][T10641] netlink: 129384 bytes leftover after parsing attributes in process `syz.3.2397'. [ 828.361920][T10657] cannot load conntrack support for proto=3 [ 828.513980][T10659] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2407'. [ 829.089228][T10668] netlink: 'syz.0.2411': attribute type 5 has an invalid length. [ 830.185761][T10683] loop4: detected capacity change from 0 to 1024 [ 830.296543][ T9813] usb 4-1: new high-speed USB device number 62 using dummy_hcd [ 830.511140][ T9813] usb 4-1: Using ep0 maxpacket: 8 [ 830.600671][ T9813] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 830.609544][ T9813] usb 4-1: config 179 has no interface number 0 [ 830.616149][ T9813] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10 [ 830.628162][ T9813] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 830.639973][ T9813] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 830.651865][ T9813] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 830.667093][ T9813] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 830.682965][ T9813] usb 4-1: config 179 interface 65 has no altsetting 0 [ 830.690238][ T9813] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 830.699827][ T9813] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 830.964426][T10681] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 831.893516][ T9813] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input19 [ 832.706919][ T9813] usb 4-1: USB disconnect, device number 62 [ 832.707160][ C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 832.724364][ T9813] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 833.172308][ T25] usb 5-1: new full-speed USB device number 55 using dummy_hcd [ 833.431706][ T25] usb 5-1: config 0 has an invalid interface number: 229 but max is 0 [ 833.440935][ T25] usb 5-1: config 0 has no interface number 0 [ 833.447461][ T25] usb 5-1: config 0 interface 229 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 833.611698][ T25] usb 5-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=1f.38 [ 833.625659][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 833.635557][ T25] usb 5-1: Product: syz [ 833.640024][ T25] usb 5-1: Manufacturer: syz [ 833.645708][ T25] usb 5-1: SerialNumber: syz [ 833.696587][ T25] usb 5-1: config 0 descriptor?? [ 834.164009][ T25] usb 5-1: USB disconnect, device number 55 [ 834.914845][T10728] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2439'. [ 836.837015][T10759] loop1: detected capacity change from 0 to 1764 [ 836.967037][T10759] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 837.743329][T10764] nvme_fabrics: missing parameter 'transport=%s' [ 837.750238][T10764] nvme_fabrics: missing parameter 'nqn=%s' [ 838.255691][T10780] loop0: detected capacity change from 0 to 16 [ 838.374643][T10780] cramfs: Error -3 while decompressing! [ 838.381007][T10780] cramfs: ffffffff9465f298(27)->ffff88801158b000(4096) [ 838.388506][T10780] cramfs: Error -3 while decompressing! [ 838.394579][T10780] cramfs: ffffffff9465f298(27)->ffff88801158b000(4096) [ 838.496411][ T29] audit: type=1800 audit(1727373161.746:23): pid=10780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2466" name="file2" dev="loop0" ino=348 res=0 errno=0 [ 841.516948][T10822] loop4: detected capacity change from 0 to 1024 [ 841.699135][T10822] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c118, mo2=0002] [ 841.725377][T10822] System zones: 0-1, 3-12 [ 841.880017][T10822] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 842.368098][ T5182] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 842.420056][T10841] IPv6: Can't replace route, no match found [ 842.537902][ T25] usb 1-1: new high-speed USB device number 61 using dummy_hcd [ 842.793994][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 842.858888][ T25] usb 1-1: config 135 has an invalid interface number: 230 but max is 0 [ 842.871135][ T25] usb 1-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 842.882039][ T25] usb 1-1: config 135 has no interface number 0 [ 842.888708][ T25] usb 1-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30 [ 842.900745][ T25] usb 1-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53 [ 842.914764][ T25] usb 1-1: config 135 interface 230 has no altsetting 0 [ 843.156847][ T25] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 843.166441][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 843.175091][ T25] usb 1-1: Product: syz [ 843.179735][ T25] usb 1-1: Manufacturer: syz [ 843.184711][ T25] usb 1-1: SerialNumber: syz [ 843.588113][T10853] x_tables: ip6_tables: rpfilter match: used from hooks POSTROUTING, but only valid from PREROUTING [ 843.634561][ T25] usb 1-1: Found UVC 0.00 device syz (18ec:3288) [ 843.642366][ T25] usb 1-1: No valid video chain found. [ 843.775932][T10852] loop1: detected capacity change from 0 to 2048 [ 843.930980][T10855] loop3: detected capacity change from 0 to 256 [ 844.379106][T10855] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 844.468757][ T9813] usb 1-1: USB disconnect, device number 61 [ 845.996538][T10885] loop1: detected capacity change from 0 to 64 [ 848.221574][T10906] loop4: detected capacity change from 0 to 2048 [ 848.386326][T10906] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 848.461720][T10914] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 848.499021][T10906] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 848.880404][ T25] usb 2-1: new high-speed USB device number 46 using dummy_hcd [ 849.131592][ T25] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 849.141314][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 849.214188][ T25] usb 2-1: config 0 descriptor?? [ 849.300353][T10904] loop3: detected capacity change from 0 to 4096 [ 849.411501][T10904] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 849.972661][ T25] [drm:udl_init] *ERROR* Selecting channel failed [ 850.058207][ T25] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2 [ 850.065585][ T25] [drm] Initialized udl on minor 2 [ 850.106942][ T25] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 850.116870][ T25] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 850.227919][ T5245] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 850.283486][ T25] usb 2-1: USB disconnect, device number 46 [ 850.292966][ T5245] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 850.301822][ T5245] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 850.386386][ T29] audit: type=1326 audit(1727373172.914:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10926 comm="syz.4.2537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8805b7df39 code=0x7fc00000 [ 851.924963][T10951] IPVS: sync thread started: state = MASTER, mcast_ifn = team_slave_1, syncid = 3, id = 0 [ 851.948180][ T5202] Bluetooth: hci1: unexpected event for opcode 0x204e [ 852.629090][T10960] loop0: detected capacity change from 0 to 1024 [ 853.075761][T10968] loop3: detected capacity change from 0 to 64 [ 853.255624][T10970] syz.1.2555[10970] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 853.256090][T10970] syz.1.2555[10970] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 853.443323][T10970] syz.1.2555[10970] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 855.598360][T11002] loop4: detected capacity change from 0 to 164 [ 856.143624][T11012] loop3: detected capacity change from 0 to 128 [ 856.297158][T11012] FAT-fs (loop3): Directory bread(block 3236) failed [ 856.304386][T11012] FAT-fs (loop3): Directory bread(block 3237) failed [ 856.313325][T11012] FAT-fs (loop3): Directory bread(block 3238) failed [ 856.320843][T11012] FAT-fs (loop3): Directory bread(block 3239) failed [ 856.328036][T11012] FAT-fs (loop3): Directory bread(block 3240) failed [ 856.335057][T11012] FAT-fs (loop3): Directory bread(block 3241) failed [ 856.342247][T11012] FAT-fs (loop3): Directory bread(block 3242) failed [ 856.349570][T11012] FAT-fs (loop3): Directory bread(block 3243) failed [ 856.625518][T11012] FAT-fs (loop3): Directory bread(block 3236) failed [ 856.632846][T11012] FAT-fs (loop3): Directory bread(block 3237) failed [ 856.819041][T11016] netlink: 384 bytes leftover after parsing attributes in process `syz.2.2576'. [ 856.964615][T11000] loop1: detected capacity change from 0 to 4096 [ 857.931413][T11000] ntfs3: loop1: ino=5, "/" directory corrupted [ 857.938071][T11000] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 858.131694][T11035] netlink: 'syz.2.2584': attribute type 1 has an invalid length. [ 858.377463][ T10] usb 5-1: new high-speed USB device number 56 using dummy_hcd [ 858.621909][ T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 858.633514][ T10] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 858.645465][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 858.656897][ T10] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 858.870679][ T10] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 858.881033][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 858.889746][ T10] usb 5-1: Product: syz [ 858.894355][ T10] usb 5-1: Manufacturer: syz [ 858.899250][ T10] usb 5-1: SerialNumber: syz [ 859.109290][ T10] usb 5-1: config 0 descriptor?? [ 859.292228][ T10] garmin_gps 5-1:0.0: Garmin GPS usb/tty converter detected [ 859.303838][ T10] garmin_gps ttyUSB0: garmin_write_bulk - usb_submit_urb(write bulk) failed with status = -8 [ 859.304088][T11049] loop0: detected capacity change from 0 to 16 [ 859.356873][ T10] garmin_gps ttyUSB0: probe with driver garmin_gps failed with error -8 [ 859.493219][T11050] loop1: detected capacity change from 0 to 256 [ 859.535407][ T5248] usb 5-1: USB disconnect, device number 56 [ 859.559664][ T5248] garmin_gps 5-1:0.0: device disconnected [ 859.586323][T11049] erofs: (device loop0): mounted with root inode @ nid 36. [ 859.599200][T11050] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 860.166019][ T9813] usb 2-1: new high-speed USB device number 47 using dummy_hcd [ 860.338197][ T9813] usb 2-1: Using ep0 maxpacket: 32 [ 860.473113][ T9813] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 100, changing to 7 [ 860.484925][ T9813] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 41106, setting to 1024 [ 861.034487][ T10] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 861.114611][ T9813] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 861.124242][ T9813] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 861.133688][ T9813] usb 2-1: Product: syz [ 861.139240][ T9813] usb 2-1: Manufacturer: syz [ 861.144138][ T9813] usb 2-1: SerialNumber: syz [ 861.201171][ T9813] usb 2-1: config 0 descriptor?? [ 861.225531][ T9813] hub 2-1:0.0: bad descriptor, ignoring hub [ 861.231987][ T9813] hub 2-1:0.0: probe with driver hub failed with error -5 [ 861.253307][ T9813] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input20 [ 861.279294][ T5240] usb 5-1: new high-speed USB device number 57 using dummy_hcd [ 861.303883][ T9813] usbtouchscreen 2-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -22 [ 861.357648][ T10] usb 3-1: Using ep0 maxpacket: 32 [ 861.410109][ T9813] usbtouchscreen 2-1:0.0: probe with driver usbtouchscreen failed with error -22 [ 861.510577][ T10] usb 3-1: New USB device found, idVendor=046d, idProduct=08b7, bcdDevice=99.db [ 861.520374][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 861.582606][ T10] usb 3-1: config 0 descriptor?? [ 861.628440][ T10] pwc: Logitech ViewPort AV 100 webcam detected. [ 861.639473][ T9813] usb 2-1: USB disconnect, device number 47 [ 861.715053][T11074] loop3: detected capacity change from 0 to 1024 [ 861.723567][ T5240] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 861.739977][ T5240] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 861.899866][ T5240] usb 5-1: config 0 descriptor?? [ 862.142097][ T10] pwc: send_video_command error -71 [ 862.147944][ T10] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 862.156708][ T10] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71 [ 862.201637][ T10] usb 3-1: USB disconnect, device number 36 [ 862.243180][ T5240] [drm] vendor descriptor length:6 data:06 5f 01 00 00 00 00 00 00 00 00 [ 862.252331][ T5240] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 862.490399][ T5240] [drm:udl_init] *ERROR* Selecting channel failed [ 862.493351][ T79] hfsplus: b-tree write err: -5, ino 4 [ 862.566574][ T5240] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2 [ 862.573813][ T5240] [drm] Initialized udl on minor 2 [ 862.661014][ T5240] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 862.670588][ T5240] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 862.689225][ T5241] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 862.720817][ T5241] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 862.729463][ T5241] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 862.788276][ T5240] usb 5-1: USB disconnect, device number 57 [ 863.078952][T11082] loop3: detected capacity change from 0 to 256 [ 863.295348][T11082] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 0, start 00000001) [ 863.546300][T11087] loop4: detected capacity change from 0 to 8 [ 863.668114][T11089] loop2: detected capacity change from 0 to 64 [ 863.741123][T11087] SQUASHFS error: zlib decompression failed, data probably corrupt [ 863.749655][T11087] SQUASHFS error: Failed to read block 0x4e8: -5 [ 863.769573][ T29] audit: type=1800 audit(1727373185.458:25): pid=11087 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2611" name="file1" dev="loop4" ino=5 res=0 errno=0 [ 865.084278][T11108] loop1: detected capacity change from 0 to 256 [ 865.185747][T11110] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2622'. [ 865.503492][T11104] loop3: detected capacity change from 0 to 1764 [ 865.775949][ T5202] Bluetooth: hci5: command 0x0406 tx timeout [ 865.782674][ T5184] Bluetooth: hci6: command 0x0406 tx timeout [ 867.478493][T11141] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2637'. [ 867.487910][T11141] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2637'. [ 869.251762][T11166] loop0: detected capacity change from 0 to 1024 [ 869.296205][T11170] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2652'. [ 870.121020][T11180] loop1: detected capacity change from 0 to 2048 [ 870.355010][T11180] loop1: p1 < > p2 p3 < p5 > p4 [ 870.360341][T11180] loop1: partition table partially beyond EOD, truncated [ 870.369459][T11180] loop1: p1 start 4278190080 is beyond EOD, truncated [ 870.376754][T11180] loop1: p2 start 16908800 is beyond EOD, truncated [ 870.408644][T11180] loop1: p4 start 11326 is beyond EOD, truncated [ 870.415567][T11180] loop1: p5 start 16908800 is beyond EOD, truncated [ 870.820187][ T4623] loop1: p1 < > p2 p3 < p5 > p4 [ 870.826704][ T4623] loop1: partition table partially beyond EOD, truncated [ 870.837202][ T4623] loop1: p1 start 4278190080 is beyond EOD, truncated [ 870.850819][ T4623] loop1: p2 start 16908800 is beyond EOD, truncated [ 870.942994][ T4623] loop1: p4 start 11326 is beyond EOD, truncated [ 870.954866][ T4623] loop1: p5 start 16908800 is beyond EOD, truncated [ 871.125760][ T5241] usb 1-1: new high-speed USB device number 62 using dummy_hcd [ 871.156967][ T5184] Bluetooth: hci0: command 0x0406 tx timeout [ 871.164499][ T9652] Bluetooth: hci4: command 0x0406 tx timeout [ 871.582210][ T9853] udevd[9853]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 871.771943][ T5241] usb 1-1: too many configurations: 253, using maximum allowed: 8 [ 872.279233][ T25] usb 5-1: new high-speed USB device number 58 using dummy_hcd [ 872.353922][ T9853] udevd[9853]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 872.407665][ T5241] usb 1-1: string descriptor 0 read error: -71 [ 872.414836][ T5241] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 872.424949][ T5241] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 872.547342][T11211] loop2: detected capacity change from 0 to 1764 [ 872.621334][ T5241] usb 1-1: can't set config #1, error -71 [ 872.750790][ T5241] usb 1-1: USB disconnect, device number 62 [ 872.873779][ T9853] udevd[9853]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 872.897008][ T25] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 872.909554][ T25] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 872.924522][ T25] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 872.935516][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 873.104577][T11195] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 873.157572][ T25] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 873.879837][ T25] usb 5-1: USB disconnect, device number 58 [ 874.686724][ T9954] udevd[9954]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 878.638032][T11311] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 879.315820][T11326] IPVS: sync thread started: state = MASTER, mcast_ifn = lo, syncid = 1, id = 0 [ 879.871312][ T1239] ieee802154 phy0 wpan0: encryption failed: -22 [ 879.878067][ T1239] ieee802154 phy1 wpan1: encryption failed: -22 [ 881.772541][T11360] kAFS: No cell specified [ 882.368580][T11370] loop4: detected capacity change from 0 to 64 [ 882.839306][T11377] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 884.312834][T11400] loop1: detected capacity change from 0 to 65 [ 884.530905][T11400] BFS-fs: bfs_fill_super(): NOTE: filesystem loop1 was created with 512 inodes, the real maximum is 511, mounting anyway [ 884.870777][T11407] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 886.244782][T11430] loop2: detected capacity change from 0 to 1024 [ 886.998088][T11440] loop4: detected capacity change from 0 to 16 [ 887.034978][T11443] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2766'. [ 887.049598][T11443] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2766'. [ 887.669047][T11449] netlink: 'syz.1.2767': attribute type 9 has an invalid length. [ 888.642626][T11467] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2771'. [ 888.652104][T11467] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2771'. [ 889.757976][T11483] netlink: 'syz.0.2779': attribute type 16 has an invalid length. [ 889.766104][T11483] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.2779'. [ 890.398944][ T5245] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 890.843025][ T5245] usb 3-1: Using ep0 maxpacket: 32 [ 891.234853][T11506] overlayfs: missing 'lowerdir' [ 891.306474][ T5245] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 891.320606][ T5245] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 891.330503][ T5245] usb 3-1: Product: syz [ 891.334976][ T5245] usb 3-1: Manufacturer: syz [ 891.340683][ T5245] usb 3-1: SerialNumber: syz [ 891.562355][ T5245] usb 3-1: config 0 descriptor?? [ 891.696824][ T5245] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 892.206454][ T5245] gspca_stk1135: reg_w 0x0 err -71 [ 892.213066][ T5245] gspca_stk1135: serial bus timeout: status=0x00 [ 892.219905][ T5245] gspca_stk1135: Sensor write failed [ 892.225502][ T5245] gspca_stk1135: serial bus timeout: status=0x00 [ 892.232346][ T5245] gspca_stk1135: Sensor write failed [ 892.238080][ T5245] gspca_stk1135: serial bus timeout: status=0x00 [ 892.244664][ T5245] gspca_stk1135: Sensor read failed [ 892.250361][ T5245] gspca_stk1135: serial bus timeout: status=0x00 [ 892.256933][ T5245] gspca_stk1135: Sensor read failed [ 892.262835][ T5245] gspca_stk1135: Detected sensor type unknown (0x0) [ 892.270001][ T5245] gspca_stk1135: serial bus timeout: status=0x00 [ 892.276579][ T5245] gspca_stk1135: Sensor read failed [ 892.282310][ T5245] gspca_stk1135: serial bus timeout: status=0x00 [ 892.288897][ T5245] gspca_stk1135: Sensor read failed [ 892.302011][ T5245] gspca_stk1135: serial bus timeout: status=0x00 [ 892.308701][ T5245] gspca_stk1135: Sensor write failed [ 892.316632][ T5245] gspca_stk1135: serial bus timeout: status=0x00 [ 892.323420][ T5245] gspca_stk1135: Sensor write failed [ 892.329322][ T5245] stk1135 3-1:0.0: probe with driver stk1135 failed with error -71 [ 892.438231][ T5245] usb 3-1: USB disconnect, device number 37 [ 892.866855][T11525] loop1: detected capacity change from 0 to 256 [ 892.961112][T11526] openvswitch: netlink: Missing key (keys=200040, expected=100) [ 894.262260][T11546] netlink: 'syz.0.2807': attribute type 7 has an invalid length. [ 894.276025][T11546] netlink: 148 bytes leftover after parsing attributes in process `syz.0.2807'. [ 894.337976][T11549] loop4: detected capacity change from 0 to 256 [ 895.283333][T11554] loop2: detected capacity change from 0 to 1764 [ 895.296379][T11562] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2815'. [ 895.358530][T11554] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 896.087229][ T29] audit: type=1326 audit(1727373215.681:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11571 comm="syz.2.2819" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff9d237df39 code=0x0 [ 897.588633][T11592] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2827'. [ 897.598755][T11592] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2827'. [ 898.060163][T11594] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 898.887158][T11604] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2836'. [ 898.896512][T11604] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2836'. [ 899.475447][ T5240] usb 2-1: new high-speed USB device number 48 using dummy_hcd [ 899.659255][ T5240] usb 2-1: Using ep0 maxpacket: 8 [ 899.947601][T11618] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2843'. [ 900.008881][ T5240] usb 2-1: New USB device found, idVendor=04b4, idProduct=8613, bcdDevice=95.8f [ 900.018627][ T5240] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=1 [ 900.027706][ T5240] usb 2-1: Product: syz [ 900.032315][ T5240] usb 2-1: Manufacturer: syz [ 900.037199][ T5240] usb 2-1: SerialNumber: syz [ 900.135033][ T5240] usb 2-1: config 0 descriptor?? [ 900.210093][ T5240] usbtest 2-1:0.0: FX2 device [ 900.216013][ T5240] usbtest 2-1:0.0: high-speed {control bulk-in bulk-out} tests (+alt) [ 900.549282][ T5240] usb 2-1: USB disconnect, device number 48 [ 900.963733][T11634] loop4: detected capacity change from 0 to 256 [ 901.479680][T11640] loop2: detected capacity change from 0 to 64 [ 901.886857][T11646] loop0: detected capacity change from 0 to 64 [ 902.416385][ T9619] hfs: node 4:3 still has 1 user(s)! [ 903.467398][T11667] xt_hashlimit: max too large, truncated to 1048576 [ 904.003098][T11670] loop0: detected capacity change from 0 to 1024 [ 904.147409][T11670] /dev/loop0: Can't open blockdev [ 905.223214][T11690] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2877'. [ 908.259557][T11737] loop2: detected capacity change from 0 to 512 [ 908.264634][T11730] loop4: detected capacity change from 0 to 1764 [ 908.444902][T11737] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 908.534462][T11730] tmpfs: Bad value for 'mpol' [ 909.062007][T11750] loop4: detected capacity change from 0 to 512 [ 909.177232][T11750] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 909.498617][T11737] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 909.499115][T11737] ext4 filesystem being mounted at /166/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 909.557979][T11750] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 909.558445][T11750] ext4 filesystem being mounted at /649/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 910.086346][ T9649] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 910.232902][ T5182] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 910.589258][ T29] audit: type=1400 audit(1727373229.254:27): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A273A02 pid=11764 comm="syz.1.2914" [ 911.057367][T11811] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 912.090566][ T5241] usb 1-1: new high-speed USB device number 63 using dummy_hcd [ 912.945202][ T5241] usb 1-1: Using ep0 maxpacket: 16 [ 912.953415][ T5241] usb 1-1: too many configurations: 129, using maximum allowed: 8 [ 913.139337][ T5241] usb 1-1: New USB device found, idVendor=108c, idProduct=0159, bcdDevice=20.64 [ 913.149168][ T5241] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 913.250088][ T5241] usb 1-1: config 0 descriptor?? [ 913.264120][ T5241] etas_es58x 1-1:0.0: Starting (null) (null) (Serial Number (null)) [ 913.671680][ T5241] usb 1-1: USB disconnect, device number 63 [ 917.650586][T11932] Cannot find del_set index 4 as target [ 918.078183][T11938] xt_nat: multiple ranges no longer supported [ 918.868169][T11948] xt_l2tp: missing protocol rule (udp|l2tpip) [ 919.098711][T11952] syz.3.2956 uses obsolete (PF_INET,SOCK_PACKET) [ 919.542856][T11957] process 'syz.4.2957' launched './file0' with NULL argv: empty string added [ 920.579543][ T5241] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 921.152646][ T5241] usb 3-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 921.162905][ T5241] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 921.171480][ T5241] usb 3-1: Product: syz [ 921.175960][ T5241] usb 3-1: Manufacturer: syz [ 921.181326][ T5241] usb 3-1: SerialNumber: syz [ 921.350684][ T5241] usb 3-1: config 0 descriptor?? [ 921.394397][ T5241] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 921.592494][T11983] XFS (nullb0): Invalid superblock magic number [ 921.984811][ T5245] usb 3-1: USB disconnect, device number 38 [ 922.416263][T12001] loop0: detected capacity change from 0 to 128 [ 922.463238][T12001] befs: Invalid gid -1, using default [ 922.468923][T12001] befs: (loop0): No write support. Marking filesystem read-only [ 922.515945][T12001] befs: (loop0): invalid magic header [ 922.573585][T12001] tmpfs: Bad value for 'mpol' [ 922.792912][T12004] netlink: 'syz.4.2978': attribute type 3 has an invalid length. [ 923.678766][T12020] netlink: 240 bytes leftover after parsing attributes in process `syz.2.2986'. [ 924.030599][T12022] loop3: detected capacity change from 0 to 512 [ 924.107740][T12019] loop1: detected capacity change from 0 to 2048 [ 924.119837][T12022] EXT4-fs: Ignoring removed nobh option [ 924.186543][T12019] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 924.247336][T12022] fscrypt (loop3, inode 2): Error -61 getting encryption context [ 924.255473][T12022] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -61 [ 924.352520][T12019] syz.1.2985: attempt to access beyond end of device [ 924.352520][T12019] loop1: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 924.384667][T12030] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 924.427407][T12022] EXT4-fs error (device loop3): ext4_orphan_get:1388: inode #13: comm syz.3.2987: casefold flag without casefold feature [ 924.523749][T12022] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.2987: couldn't read orphan inode 13 (err -117) [ 924.635839][T12022] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 924.649683][T12019] syz.1.2985: attempt to access beyond end of device [ 924.649683][T12019] loop1: rw=0, sector=33554430, nr_sectors = 2 limit=2048 [ 924.665467][T12019] NILFS (loop1): I/O error reading meta-data file (ino=6, block-offset=3) [ 924.676735][T12019] NILFS (loop1): error -5 reading inode: ino=12 [ 924.784132][T12022] fscrypt (loop3, inode 2): Error -61 getting encryption context [ 925.663574][ T9646] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 926.064622][ T29] audit: type=1326 audit(1727373243.734:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12049 comm="syz.1.3000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c7af7df39 code=0x7ffc0000 [ 926.087331][ C0] vkms_vblank_simulate: vblank timer overrun [ 926.094516][ T29] audit: type=1326 audit(1727373243.743:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12049 comm="syz.1.3000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f6c7af7df39 code=0x7ffc0000 [ 926.117926][ T29] audit: type=1326 audit(1727373243.752:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12049 comm="syz.1.3000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c7af7df39 code=0x7ffc0000 [ 926.140422][ C0] vkms_vblank_simulate: vblank timer overrun [ 926.152969][ T29] audit: type=1326 audit(1727373243.771:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12049 comm="syz.1.3000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c7af7df39 code=0x7ffc0000 [ 926.332452][T12057] xt_hashlimit: max too large, truncated to 1048576 [ 926.713804][T12063] loop3: detected capacity change from 0 to 2048 [ 926.855970][T12068] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 926.886853][T12067] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3005'. [ 926.932777][T12063] NILFS error (device loop3): nilfs_check_folio: bad entry in directory #2: unaligned directory entry - offset=32, inode=15564440312192434187, rec_len=11150, name_len=126 [ 927.037416][T12063] Remounting filesystem read-only [ 927.149304][ T5241] usb 1-1: new high-speed USB device number 64 using dummy_hcd [ 927.602043][ T5241] usb 1-1: Using ep0 maxpacket: 32 [ 927.648182][ T29] audit: type=1326 audit(1727373245.193:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12069 comm="syz.4.3007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8805b7df39 code=0x7ffc0000 [ 927.675498][ T29] audit: type=1326 audit(1727373245.193:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12069 comm="syz.4.3007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8805b7df39 code=0x7ffc0000 [ 927.687954][ T5241] usb 1-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 927.702381][ T29] audit: type=1326 audit(1727373245.202:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12069 comm="syz.4.3007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f8805b7df39 code=0x7ffc0000 [ 927.708110][ T5241] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 927.708270][ T5241] usb 1-1: Product: syz [ 927.731183][ T29] audit: type=1326 audit(1727373245.202:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12069 comm="syz.4.3007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8805b7df39 code=0x7ffc0000 [ 927.739199][ T5241] usb 1-1: Manufacturer: syz [ 927.743654][ T29] audit: type=1326 audit(1727373245.202:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12069 comm="syz.4.3007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8805b7df39 code=0x7ffc0000 [ 927.765884][ C0] vkms_vblank_simulate: vblank timer overrun [ 927.770712][ T5241] usb 1-1: SerialNumber: syz [ 927.798527][ C0] vkms_vblank_simulate: vblank timer overrun [ 927.949177][ T5241] usb 1-1: config 0 descriptor?? [ 928.694848][T12088] netlink: 45 bytes leftover after parsing attributes in process `syz.1.3016'. [ 928.893874][T12087] loop3: detected capacity change from 0 to 2048 [ 929.014848][T12092] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3017'. [ 929.024516][T12092] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3017'. [ 929.161767][ T5241] airspy 1-1:0.0: usb_control_msg() failed -71 request 0a [ 929.169437][ T5241] airspy 1-1:0.0: Could not detect board [ 929.176108][ T5241] airspy 1-1:0.0: probe with driver airspy failed with error -71 [ 929.437476][ T5241] usb 1-1: USB disconnect, device number 64 [ 929.495622][T12100] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3022'. [ 929.602614][T12098] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 929.769166][T12101] loop1: detected capacity change from 0 to 1764 [ 929.857931][T12087] NILFS error (device loop3): nilfs_check_folio: bad entry in directory #2: disallowed inode number - offset=56, inode=6, rec_len=24, name_len=5 [ 930.075393][T12087] Remounting filesystem read-only [ 930.094234][T12087] syz.3.3015: attempt to access beyond end of device [ 930.094234][T12087] loop3: rw=0, sector=343245196361800, nr_sectors = 2 limit=2048 [ 930.110868][T12087] NILFS (loop3): I/O error reading meta-data file (ino=6, block-offset=1) [ 930.397146][T12106] i2c i2c-0: Invalid block write size 34 [ 932.723221][T12137] loop3: detected capacity change from 0 to 2048 [ 933.203030][T12145] loop4: detected capacity change from 0 to 256 [ 933.307596][T12137] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 933.801555][T12145] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 196) [ 933.810396][T12145] FAT-fs (loop4): Filesystem has been set read-only [ 934.451256][ T5182] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 196) [ 935.022054][T12165] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3054'. [ 935.680468][T12176] loop1: detected capacity change from 0 to 8 [ 938.588409][ T29] audit: type=1326 audit(1727373255.192:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12214 comm="syz.2.3078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d237df39 code=0x7ffc0000 [ 938.615633][ T29] audit: type=1326 audit(1727373255.202:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12214 comm="syz.2.3078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d237df39 code=0x7ffc0000 [ 938.639927][ T29] audit: type=1326 audit(1727373255.211:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12214 comm="syz.2.3078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7ff9d237df39 code=0x7ffc0000 [ 938.663367][ T29] audit: type=1326 audit(1727373255.211:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12214 comm="syz.2.3078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d237df39 code=0x7ffc0000 [ 938.686463][ T29] audit: type=1326 audit(1727373255.211:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12214 comm="syz.2.3078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9d237df39 code=0x7ffc0000 [ 939.029826][T12226] loop1: detected capacity change from 0 to 512 [ 939.460438][T12237] netlink: 876 bytes leftover after parsing attributes in process `syz.4.3087'. [ 939.867201][T12226] EXT4-fs error (device loop1): ext4_orphan_get:1414: comm syz.1.3081: bad orphan inode 8323072 [ 939.912985][T12226] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 939.931545][T12226] ext4 filesystem being mounted at /211/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 940.538474][ T9639] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 940.699995][T12228] loop2: detected capacity change from 0 to 4096 [ 940.736002][T12252] loop4: detected capacity change from 0 to 256 [ 941.100554][T12254] ipt_REJECT: ECHOREPLY no longer supported. [ 941.254345][T12256] loop0: detected capacity change from 0 to 8 [ 941.394839][T12256] SQUASHFS error: Failed to read block 0x2d7: -5 [ 941.401690][T12256] SQUASHFS error: Unable to read metadata cache entry [2d5] [ 942.054649][T12261] loop1: detected capacity change from 0 to 256 [ 942.306877][T12266] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3101'. [ 942.743325][T12261] FAT-fs (loop1): Directory bread(block 64) failed [ 942.750225][T12261] FAT-fs (loop1): Directory bread(block 65) failed [ 942.758166][T12261] FAT-fs (loop1): Directory bread(block 66) failed [ 942.770887][T12261] FAT-fs (loop1): Directory bread(block 67) failed [ 942.779607][T12261] FAT-fs (loop1): Directory bread(block 68) failed [ 942.786676][T12261] FAT-fs (loop1): Directory bread(block 69) failed [ 942.793924][T12261] FAT-fs (loop1): Directory bread(block 70) failed [ 942.800766][T12261] FAT-fs (loop1): Directory bread(block 71) failed [ 942.808218][T12261] FAT-fs (loop1): Directory bread(block 72) failed [ 942.815344][T12261] FAT-fs (loop1): Directory bread(block 73) failed [ 943.950606][T12282] loop4: detected capacity change from 0 to 256 [ 944.699093][T12282] FAT-fs (loop4): Directory bread(block 64) failed [ 944.706156][T12282] FAT-fs (loop4): Directory bread(block 65) failed [ 944.713482][T12282] FAT-fs (loop4): Directory bread(block 66) failed [ 944.720451][T12282] FAT-fs (loop4): Directory bread(block 67) failed [ 944.727541][T12282] FAT-fs (loop4): Directory bread(block 68) failed [ 944.739972][T12282] FAT-fs (loop4): Directory bread(block 69) failed [ 944.740437][T12295] 9pnet_fd: p9_fd_create_unix (12295): problem connecting socket: ./bus: -111 [ 944.746951][T12282] FAT-fs (loop4): Directory bread(block 70) failed [ 944.764498][T12282] FAT-fs (loop4): Directory bread(block 71) failed [ 944.771620][T12282] FAT-fs (loop4): Directory bread(block 72) failed [ 944.778526][T12282] FAT-fs (loop4): Directory bread(block 73) failed [ 945.576594][ T1239] ieee802154 phy0 wpan0: encryption failed: -22 [ 945.584080][ T1239] ieee802154 phy1 wpan1: encryption failed: -22 [ 946.221996][T12300] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3117'. [ 947.743145][ T5245] usb 1-1: new high-speed USB device number 65 using dummy_hcd [ 948.053406][ T5245] usb 1-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 948.063063][ T5245] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 948.071708][ T5245] usb 1-1: Product: syz [ 948.076457][ T5245] usb 1-1: Manufacturer: syz [ 948.081371][ T5245] usb 1-1: SerialNumber: syz [ 948.154789][T12338] loop3: detected capacity change from 0 to 8 [ 948.200301][ T5245] usb 1-1: config 0 descriptor?? [ 948.364325][T12338] SQUASHFS error: zstd decompression error: 10 [ 948.370759][T12338] SQUASHFS error: zstd decompression failed, data probably corrupt [ 948.379340][T12338] SQUASHFS error: Failed to read block 0x62b: -5 [ 948.386051][T12338] SQUASHFS error: Unable to read metadata cache entry [629] [ 948.393577][T12338] SQUASHFS error: Unable to read directory block [629:ff26] [ 948.818562][ T5245] usb 1-1: ignoring: probably an ADSL modem [ 949.226865][ T5245] cxacru 1-1:0.0: usbatm_usb_probe: bind failed: -19! [ 949.243982][ T5245] usb 1-1: USB disconnect, device number 65 [ 949.455584][T12351] netlink: 'syz.3.3142': attribute type 1 has an invalid length. [ 951.098887][T12376] loop4: detected capacity change from 0 to 16 [ 951.164087][T12376] erofs: (device loop4): mounted with root inode @ nid 36. [ 951.174211][T12374] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3155'. [ 952.796195][T12403] loop4: detected capacity change from 0 to 2048 [ 953.302819][T12403] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 953.614808][T12411] loop0: detected capacity change from 0 to 64 [ 953.990987][T12413] loop2: detected capacity change from 0 to 4096 [ 954.025835][T12413] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 954.093797][T12415] loop3: detected capacity change from 0 to 1024 [ 954.143270][T12415] EXT4-fs: Ignoring removed nomblk_io_submit option [ 954.253865][T12415] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 954.426217][T12424] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3176'. [ 954.668156][T12415] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e841c09c, mo2=0003] [ 954.679723][T12415] System zones: 0-1, 3-36 [ 954.753440][T12413] ntfs3: loop2: failed to convert "c46c" to iso8859-3 [ 954.777148][T12415] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 955.135406][ T5241] usb 2-1: new high-speed USB device number 49 using dummy_hcd [ 955.369184][ T5241] usb 2-1: Using ep0 maxpacket: 32 [ 955.413061][ T5241] usb 2-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 955.423569][ T5241] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 955.529305][ T9646] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 955.553531][ T5241] usb 2-1: config 0 descriptor?? [ 955.624715][ T5241] gspca_main: sunplus-2.14.0 probing 041e:400b [ 956.074460][ T5241] gspca_sunplus: reg_w_riv err -71 [ 956.080404][ T5241] sunplus 2-1:0.0: probe with driver sunplus failed with error -71 [ 956.184953][ T5241] usb 2-1: USB disconnect, device number 49 [ 956.443399][T12441] xt_cgroup: xt_cgroup: no path or classid specified [ 957.477328][ T5241] usb 4-1: new high-speed USB device number 63 using dummy_hcd [ 957.681656][ T5241] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 957.691791][ T5241] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 958.071488][T12453] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 958.135755][T12465] tmpfs: Bad value for 'mpol' [ 958.140850][ T5241] usb 4-1: config 0 descriptor?? [ 958.151019][ T5241] cp210x 4-1:0.0: cp210x converter detected [ 958.400269][ T5245] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 958.656232][ T5241] cp210x 4-1:0.0: failed to get vendor val 0x370c size 13: -71 [ 958.659481][ T5245] usb 3-1: Using ep0 maxpacket: 8 [ 958.664498][ T5241] cp210x 4-1:0.0: GPIO initialisation failed: -71 [ 958.796838][ T5241] usb 4-1: cp210x converter now attached to ttyUSB0 [ 958.864630][ T5245] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 958.874413][ T5245] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 958.882997][ T5245] usb 3-1: Product: syz [ 958.887550][ T5245] usb 3-1: Manufacturer: syz [ 958.892503][ T5245] usb 3-1: SerialNumber: syz [ 958.914037][ T5241] usb 4-1: USB disconnect, device number 63 [ 958.973908][ T5241] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 958.985069][ T5241] cp210x 4-1:0.0: device disconnected [ 958.988732][ T5245] usb 3-1: config 0 descriptor?? [ 959.051894][ T5245] gspca_main: sq930x-2.14.0 probing 2770:930c [ 959.456299][ T5245] gspca_sq930x: ucbus_write failed -71 [ 959.462651][ T5245] sq930x 3-1:0.0: probe with driver sq930x failed with error -71 [ 959.520157][ T5245] usb 3-1: USB disconnect, device number 39 [ 959.742047][T12477] loop4: detected capacity change from 0 to 256 [ 959.908571][T12477] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 963.163240][T12527] loop2: detected capacity change from 0 to 16 [ 963.247858][T12527] erofs: (device loop2): mounted with root inode @ nid 36. [ 964.777109][T12544] loop2: detected capacity change from 0 to 1024 [ 964.951765][T12544] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 965.090125][T12544] VFS: Lookup of 'file0' in ext4 loop2 would have caused loop [ 965.691225][ T9649] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 965.705923][T12565] loop4: detected capacity change from 0 to 64 [ 965.718847][T12562] loop1: detected capacity change from 0 to 256 [ 967.056623][T12583] ebt_among: dst integrity fail: 101 [ 967.249475][T12584] xt_l2tp: unknown flags: c6 [ 969.246452][T12615] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 969.403693][T12618] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3273'. [ 969.413661][T12618] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3273'. [ 969.615083][T12625] xt_TCPMSS: Only works on TCP SYN packets [ 970.109046][T12621] loop1: detected capacity change from 0 to 4096 [ 970.144459][T12621] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 970.380059][T12631] loop0: detected capacity change from 0 to 64 [ 970.750143][T12637] loop2: detected capacity change from 0 to 64 [ 970.905601][T12637] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. mounting read-only. [ 970.916912][T12637] hfs: filesystem is marked locked, mounting read-only. [ 970.948194][T12621] ntfs3: loop1: failed to convert "c46c" to iso8859-14 [ 971.017477][T12637] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. leaving read-only. [ 971.820945][T12647] loop2: detected capacity change from 0 to 164 [ 971.911853][T12649] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3288'. [ 972.148993][T12651] loop0: detected capacity change from 0 to 2048 [ 972.276580][T12651] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 972.364980][T12656] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 972.556758][T12651] NILFS error (device loop0): nilfs_check_folio: bad entry in directory #2: rec_len is too small for name_len - offset=32, inode=11, rec_len=24, name_len=139 [ 972.576766][T12651] Remounting filesystem read-only [ 973.189507][T12655] loop1: detected capacity change from 0 to 2048 [ 973.515438][T12670] loop2: detected capacity change from 0 to 64 [ 973.604784][T12655] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 973.670051][T12670] MINIX-fs: mounting file system with errors, running fsck is recommended [ 974.082694][ T9639] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 974.419029][T12661] loop4: detected capacity change from 0 to 4096 [ 974.696548][T12682] binder: 12680:12682 ioctl 400c620e 20000380 returned -22 [ 974.718616][T12681] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3302'. [ 974.784711][T12683] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 974.973589][T12661] NILFS error (device loop4): nilfs_dotdot: directory #12 missing '.' [ 975.150136][T12661] Remounting filesystem read-only [ 976.218796][T12702] loop2: detected capacity change from 0 to 16 [ 976.428185][T12702] erofs: (device loop2): mounted with root inode @ nid 36. [ 976.613819][T12702] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 976.747638][T12702] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -50 in[64, 4032] out[1851] [ 976.759275][T12702] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 976.961660][T12713] IPv6: sit1: Disabled Multicast RS [ 977.147359][T12716] netlink: 'syz.1.3318': attribute type 1 has an invalid length. [ 977.530955][T12719] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3319'. [ 978.137182][T12730] loop3: detected capacity change from 0 to 512 [ 978.367864][T12730] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.3325: invalid indirect mapped block 256 (level 2) [ 978.436397][T12730] EXT4-fs (loop3): 2 truncates cleaned up [ 978.444537][T12730] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 978.517632][T12730] EXT4-fs error (device loop3): empty_inline_dir:1850: inode #12: block 7: comm syz.3.3325: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=4278190093, rec_len=255, size=60 fake=0 [ 978.564939][T12730] EXT4-fs warning (device loop3): empty_inline_dir:1857: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60 [ 978.679621][T12738] loop4: detected capacity change from 0 to 8 [ 978.774068][T12738] SQUASHFS error: lzo decompression failed, data probably corrupt [ 978.788847][T12738] SQUASHFS error: Failed to read block 0x91: -5 [ 978.795365][T12738] SQUASHFS error: Unable to read metadata cache entry [8f] [ 978.804607][T12738] SQUASHFS error: Unable to read inode 0x11f [ 978.822183][ T25] usb 1-1: new high-speed USB device number 66 using dummy_hcd [ 979.009530][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 979.036798][ T25] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 979.072612][ T25] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 979.082487][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 979.091339][ T25] usb 1-1: SerialNumber: syz [ 979.273800][ T9646] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 979.296282][ T25] usb 1-1: config 0 descriptor?? [ 979.349254][ T25] usb 1-1: Found UVC 0.00 device (05ac:8501) [ 979.358431][ T25] usb 1-1: No valid video chain found. [ 979.360716][T12743] trusted_key: encrypted_key: keyword 'new«õ$]&@Ú' not recognized [ 979.597135][ T10] usb 1-1: USB disconnect, device number 66 [ 980.509198][T12751] loop2: detected capacity change from 0 to 2048 [ 980.584991][T12751] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 981.017407][T12767] loop3: detected capacity change from 0 to 128 [ 981.816714][ T25] usb 2-1: new high-speed USB device number 50 using dummy_hcd [ 981.969464][T12778] netlink: 'syz.4.3347': attribute type 30 has an invalid length. [ 982.124621][ T25] usb 2-1: Using ep0 maxpacket: 8 [ 982.212378][ T25] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 982.224058][ T25] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 982.360153][ T25] usb 2-1: New USB device found, idVendor=07c0, idProduct=1125, bcdDevice= 0.40 [ 982.370067][ T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 982.378413][ T25] usb 2-1: Product: syz [ 982.383133][ T25] usb 2-1: Manufacturer: syz [ 982.388025][ T25] usb 2-1: SerialNumber: syz [ 982.874565][ T25] usbhid 2-1:1.0: can't add hid device: -22 [ 982.881328][ T25] usbhid 2-1:1.0: probe with driver usbhid failed with error -22 [ 983.065469][T12792] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3353'. [ 983.105759][ T25] usb 2-1: USB disconnect, device number 50 [ 983.509739][T12793] loop2: detected capacity change from 0 to 2048 [ 983.867937][T12793] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 984.029584][T12801] netlink: 'syz.4.3358': attribute type 9 has an invalid length. [ 984.343324][T12793] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 984.513869][T12809] loop0: detected capacity change from 0 to 1024 [ 984.613490][T12809] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 985.177286][T12813] loop4: detected capacity change from 0 to 1024 [ 985.388421][T12813] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 986.124873][ T5182] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 988.077209][T12853] loop4: detected capacity change from 0 to 1764 [ 988.119850][T12852] loop2: detected capacity change from 0 to 2048 [ 988.230538][T12852] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 988.399522][T12860] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 990.411742][T12883] dlm: no local IP address has been set [ 990.417566][T12883] dlm: cannot start dlm midcomms -107 [ 990.815011][T12893] xt_connbytes: Forcing CT accounting to be enabled [ 990.828814][T12893] Cannot find del_set index 1 as target [ 991.045563][T12897] netlink: 'syz.4.3403': attribute type 13 has an invalid length. [ 991.053914][T12897] netlink: 152 bytes leftover after parsing attributes in process `syz.4.3403'. [ 991.115663][T12897] erspan0: refused to change device tx_queue_len [ 991.124727][T12897] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 991.908863][T12907] netlink: 'syz.1.3408': attribute type 1 has an invalid length. [ 991.966432][T12903] loop2: detected capacity change from 0 to 4096 [ 992.204980][T12913] loop4: detected capacity change from 0 to 256 [ 992.219712][T12903] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 992.997116][T12903] ntfs3: loop2: Failed to load $Extend (-22). [ 993.003521][T12903] ntfs3: loop2: Failed to initialize $Extend. [ 993.389904][T12922] loop4: detected capacity change from 0 to 2048 [ 993.581647][T12922] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 994.854277][T12943] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3424'. [ 995.214947][T12947] loop2: detected capacity change from 0 to 256 [ 995.411119][T12947] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xba7df490, utbl_chksum : 0xe619d30d) [ 995.904375][ T10] usb 2-1: new high-speed USB device number 51 using dummy_hcd [ 996.373934][ T10] usb 2-1: Using ep0 maxpacket: 16 [ 996.609181][ T10] usb 2-1: config 0 has an invalid interface number: 104 but max is 1 [ 996.617862][ T10] usb 2-1: config 0 has an invalid interface number: 104 but max is 1 [ 996.631306][ T10] usb 2-1: config 0 has an invalid descriptor of length 225, skipping remainder of the config [ 996.643682][ T10] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 996.653379][ T10] usb 2-1: config 0 has no interface number 0 [ 996.659814][ T10] usb 2-1: config 0 interface 104 altsetting 0 endpoint 0x8 has an invalid bInterval 90, changing to 10 [ 996.671518][ T10] usb 2-1: config 0 interface 104 altsetting 0 endpoint 0x8 has invalid maxpacket 17663, setting to 1024 [ 996.683663][ T10] usb 2-1: config 0 interface 104 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 996.697323][ T10] usb 2-1: config 0 interface 104 has no altsetting 1 [ 996.935003][ T10] usb 2-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice= 7.36 [ 996.944748][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 996.957639][ T10] usb 2-1: Product: syz [ 996.963604][ T10] usb 2-1: Manufacturer: syz [ 996.968512][ T10] usb 2-1: SerialNumber: syz [ 997.007103][ T10] usb 2-1: config 0 descriptor?? [ 997.415261][T12980] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3442'. [ 997.530544][ T10] asix 2-1:0.104 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 997.541943][ T10] asix 2-1:0.104: probe with driver asix failed with error -71 [ 997.581408][ T10] usb 2-1: USB disconnect, device number 51 [ 997.626076][T12984] netlink: 'syz.4.3446': attribute type 1 has an invalid length. [ 997.812047][T12989] xt_CT: You must specify a L4 protocol and not use inversions on it [ 997.953040][T12987] delete_channel: no stack [ 998.215144][ T5245] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 998.395758][ T5245] usb 3-1: Using ep0 maxpacket: 16 [ 998.439329][ T5245] usb 3-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config [ 998.450355][ T5245] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 102, changing to 7 [ 998.467277][ T5245] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 24624, setting to 1024 [ 998.479022][ T5245] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 998.615506][ T5245] usb 3-1: New USB device found, idVendor=0c72, idProduct=000c, bcdDevice=f6.59 [ 998.625348][ T5245] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 998.634150][ T5245] usb 3-1: Product: syz [ 998.638697][ T5245] usb 3-1: Manufacturer: syz [ 998.643834][ T5245] usb 3-1: SerialNumber: syz [ 998.742781][ T5245] usb 3-1: config 0 descriptor?? [ 998.935395][ T5245] peak_usb 3-1:0.0 can0: sending cmd f=0x6 n=0x1 failure: -22 [ 998.946553][ T5245] peak_usb 3-1:0.0: unable to read PCAN-USB serial number (err -22) [ 999.543918][ T5245] peak_usb 3-1:0.0: probe with driver peak_usb failed with error -22 [ 999.665644][ T5245] usb 3-1: USB disconnect, device number 40 [ 1000.867885][T13028] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3462'. [ 1001.779644][T13033] loop2: detected capacity change from 0 to 2048 [ 1001.936507][T13033] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1002.452582][T13050] netlink: 'syz.4.3474': attribute type 4 has an invalid length. [ 1002.683837][ T5245] usb 1-1: new high-speed USB device number 67 using dummy_hcd [ 1002.917677][ T5245] usb 1-1: Using ep0 maxpacket: 8 [ 1002.960926][ T5245] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1002.976479][ T5245] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 1002.987511][ T5245] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1003.115847][ T5245] usb 1-1: config 0 descriptor?? [ 1003.433189][ T5245] usb 1-1: USB disconnect, device number 67 [ 1004.040987][ T10] usb 4-1: new high-speed USB device number 64 using dummy_hcd [ 1004.253732][ T10] usb 4-1: Using ep0 maxpacket: 16 [ 1004.369966][ T10] usb 4-1: New USB device found, idVendor=0471, idProduct=032c, bcdDevice=ba.e9 [ 1004.380736][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1004.389753][ T10] usb 4-1: Product: syz [ 1004.398573][ T10] usb 4-1: Manufacturer: syz [ 1004.404944][ T10] usb 4-1: SerialNumber: syz [ 1004.512791][ T10] usb 4-1: config 0 descriptor?? [ 1004.533229][ T10] pwc: Philips SPC 880NC USB webcam detected. [ 1004.787331][ T10] pwc: Failed to set LED on/off time (-71) [ 1004.809723][ T10] pwc: send_video_command error -71 [ 1004.815188][ T10] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 1004.824194][ T10] Philips webcam 4-1:0.0: probe with driver Philips webcam failed with error -71 [ 1004.844285][T13072] loop1: detected capacity change from 0 to 1024 [ 1004.910401][ T10] usb 4-1: USB disconnect, device number 64 [ 1005.021716][T13072] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1005.349893][T13072] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 1005.668014][ T9639] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1006.264103][ T5245] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 1006.461502][T13095] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3497'. [ 1006.518824][ T5245] usb 3-1: Using ep0 maxpacket: 8 [ 1006.554392][ T5245] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1006.564948][ T5245] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 1006.575309][ T5245] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1006.589174][ T5245] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1006.716184][ T5245] usb 3-1: config 0 descriptor?? [ 1006.764873][ T5245] iowarrior 3-1:0.0: no interrupt-in endpoint found [ 1006.829798][T13101] netlink: 'syz.1.3499': attribute type 3 has an invalid length. [ 1006.980677][ T5245] usb 3-1: USB disconnect, device number 41 [ 1008.158836][T13118] ipt_REJECT: TCP_RESET invalid for non-tcp [ 1009.903613][T13151] netlink: 'syz.3.3524': attribute type 2 has an invalid length. [ 1010.439291][T13159] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3528'. [ 1010.448807][T13159] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3528'. [ 1010.458388][T13159] netlink: 160 bytes leftover after parsing attributes in process `syz.2.3528'. [ 1010.467861][T13159] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3528'. [ 1011.180557][ T1239] ieee802154 phy0 wpan0: encryption failed: -22 [ 1011.191054][ T1239] ieee802154 phy1 wpan1: encryption failed: -22 [ 1011.212091][T13171] loop2: detected capacity change from 0 to 764 [ 1011.557340][T13174] loop0: detected capacity change from 0 to 256 [ 1011.611729][T13171] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 1011.704003][T13177] loop1: detected capacity change from 0 to 256 [ 1011.711007][T13171] Symlink component flag not implemented [ 1011.717406][T13171] Symlink component flag not implemented [ 1011.723827][T13171] Symlink component flag not implemented (128) [ 1011.735483][T13171] Symlink component flag not implemented (97) [ 1012.765756][T13188] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20016 - 0 [ 1012.775211][T13188] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20016 - 0 [ 1012.786857][T13188] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20016 - 0 [ 1012.796703][T13188] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20016 - 0 [ 1014.174883][ T29] audit: type=1326 audit(1727373326.021:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13205 comm="syz.0.3550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f337877df39 code=0x7ffc0000 [ 1014.186009][ T5241] IPVS: starting estimator thread 0... [ 1014.198650][ T29] audit: type=1326 audit(1727373326.058:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13205 comm="syz.0.3550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f337877df39 code=0x7ffc0000 [ 1014.226594][ T29] audit: type=1326 audit(1727373326.058:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13205 comm="syz.0.3550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f337877df39 code=0x7ffc0000 [ 1014.253818][ T29] audit: type=1326 audit(1727373326.058:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13205 comm="syz.0.3550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f337877df39 code=0x7ffc0000 [ 1014.367444][T13214] IPVS: using max 240 ests per chain, 12000 per kthread [ 1015.335603][T13234] netlink: 184 bytes leftover after parsing attributes in process `syz.2.3564'. [ 1015.475331][T13231] loop0: detected capacity change from 0 to 1024 [ 1015.976748][T13231] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1017.077272][ T9619] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1017.275183][ T5241] usb 2-1: new high-speed USB device number 52 using dummy_hcd [ 1017.577363][ T5241] usb 2-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af [ 1017.587498][ T5241] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1017.673511][ T5241] usb 2-1: config 0 descriptor?? [ 1017.761784][ T5241] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 1018.098951][T13260] ===================================================== [ 1018.106310][T13260] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x110 [ 1018.114582][T13260] _copy_to_user+0xbc/0x110 [ 1018.119535][T13260] raw_ioctl+0x3d28/0x5440 [ 1018.124297][T13260] __se_sys_ioctl+0x25e/0x450 [ 1018.129230][T13260] __x64_sys_ioctl+0x96/0xe0 [ 1018.134224][T13260] x64_sys_call+0x18bf/0x3ba0 [ 1018.139164][T13260] do_syscall_64+0xcd/0x1e0 [ 1018.144070][T13260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1018.150230][T13260] [ 1018.153224][T13260] Uninit was created at: [ 1018.157776][T13260] __kmalloc_noprof+0x661/0xf30 [ 1018.163039][T13260] raw_ioctl+0x3bc5/0x5440 [ 1018.167708][T13260] __se_sys_ioctl+0x25e/0x450 [ 1018.172988][T13260] __x64_sys_ioctl+0x96/0xe0 [ 1018.177815][T13260] x64_sys_call+0x18bf/0x3ba0 [ 1018.182779][T13260] do_syscall_64+0xcd/0x1e0 [ 1018.193521][T13260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1018.201197][T13260] [ 1018.203650][T13260] Byte 0 of 1 is uninitialized [ 1018.207153][T13271] loop4: detected capacity change from 0 to 256 [ 1018.210213][T13260] Memory access of size 1 starts at ffff888040d61b08 [ 1018.222311][T13260] Data copied to user address 00007f6c7be40fe8 [ 1018.228919][T13260] [ 1018.231383][T13260] CPU: 1 UID: 0 PID: 13260 Comm: syz.1.3574 Not tainted 6.11.0-syzkaller-10669-g11a299a7933e #0 [ 1018.242954][T13260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1018.253394][T13260] ===================================================== [ 1018.260683][T13260] Disabling lock debugging due to kernel taint [ 1018.267010][T13260] Kernel panic - not syncing: kmsan.panic set ... [ 1018.273622][T13260] CPU: 1 UID: 0 PID: 13260 Comm: syz.1.3574 Tainted: G B 6.11.0-syzkaller-10669-g11a299a7933e #0 [ 1018.285802][T13260] Tainted: [B]=BAD_PAGE [ 1018.290121][T13260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1018.300381][T13260] Call Trace: [ 1018.303899][T13260] [ 1018.306982][T13260] dump_stack_lvl+0x216/0x2d0 [ 1018.311958][T13260] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1018.318089][T13260] dump_stack+0x1e/0x30 [ 1018.322571][T13260] panic+0x4e2/0xcf0 [ 1018.326741][T13260] ? kmsan_get_metadata+0xd1/0x1c0 [ 1018.332177][T13260] kmsan_report+0x2c7/0x2d0 [ 1018.337157][T13260] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1018.343285][T13260] ? kmsan_internal_check_memory+0x48c/0x560 [ 1018.349569][T13260] ? kmsan_copy_to_user+0xd5/0xf0 [ 1018.354883][T13260] ? _copy_to_user+0xbc/0x110 [ 1018.359796][T13260] ? raw_ioctl+0x3d28/0x5440 [ 1018.364680][T13260] ? __se_sys_ioctl+0x25e/0x450 [ 1018.369779][T13260] ? __x64_sys_ioctl+0x96/0xe0 [ 1018.374796][T13260] ? x64_sys_call+0x18bf/0x3ba0 [ 1018.379926][T13260] ? do_syscall_64+0xcd/0x1e0 [ 1018.384831][T13260] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1018.391194][T13260] ? kmsan_get_metadata+0x13e/0x1c0 [ 1018.396701][T13260] ? kmsan_get_metadata+0x13e/0x1c0 [ 1018.402227][T13260] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1018.408340][T13260] ? _raw_spin_lock_irqsave+0x35/0xc0 [ 1018.414010][T13260] ? filter_irq_stacks+0x60/0x1a0 [ 1018.419335][T13260] ? kmsan_get_metadata+0x13e/0x1c0 [ 1018.424837][T13260] ? kmsan_get_metadata+0x13e/0x1c0 [ 1018.430337][T13260] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1018.436467][T13260] kmsan_internal_check_memory+0x48c/0x560 [ 1018.442578][T13260] kmsan_copy_to_user+0xd5/0xf0 [ 1018.447713][T13260] ? should_fail_usercopy+0x2e/0x40 [ 1018.453179][T13260] _copy_to_user+0xbc/0x110 [ 1018.457939][T13260] raw_ioctl+0x3d28/0x5440 [ 1018.462628][T13260] ? kmsan_get_metadata+0x13e/0x1c0 [ 1018.468209][T13260] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1018.474335][T13260] ? do_vfs_ioctl+0x14fc/0x3e80 [ 1018.479460][T13260] ? kmsan_get_metadata+0xd0/0x1c0 [ 1018.484897][T13260] ? __pfx_raw_ioctl+0x10/0x10 [ 1018.489958][T13260] __se_sys_ioctl+0x25e/0x450 [ 1018.494985][T13260] __x64_sys_ioctl+0x96/0xe0 [ 1018.499816][T13260] x64_sys_call+0x18bf/0x3ba0 [ 1018.504773][T13260] do_syscall_64+0xcd/0x1e0 [ 1018.509543][T13260] ? clear_bhb_loop+0x25/0x80 [ 1018.514485][T13260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1018.520668][T13260] RIP: 0033:0x7f6c7af7db3b [ 1018.525459][T13260] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 1018.545435][T13260] RSP: 002b:00007f6c7be40f60 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1018.554119][T13260] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f6c7af7db3b [ 1018.562311][T13260] RDX: 00007f6c7be40fe0 RSI: 00000000c0085504 RDI: 0000000000000003 [ 1018.570503][T13260] RBP: 00007f6c7aff0216 R08: 0000000000000001 R09: 0000000000000000 [ 1018.578676][T13260] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f6c7be40fe8 [ 1018.586859][T13260] R13: 0000000000000000 R14: 00007f6c7b135f80 R15: 00007ffda578c0c8 [ 1018.595071][T13260] [ 1018.598680][T13260] Kernel Offset: disabled [ 1018.603101][T13260] Rebooting in 86400 seconds..