last executing test programs: 3.759329801s ago: executing program 1 (id=9806): syz_mount_image$hfs(&(0x7f0000001600), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=0x0, @ANYBLOB=',iocharset=cp936,codepage=iso8859-4,dir_umask=00000000000\x00\x00\x00\x0000000005,part=0x000000000000007e,\x00'], 0x1, 0x2fe, &(0x7f0000000240)="$eJzs3U1vE0ccx/HfrO3EaaJ0m6Sq1EurtJHaS9S0PVS9uKp87b2nqm3sSBFWEEmQgAsm4oh4Adx5C7wILiDeAHDhxAvIbdHMzq7X9nidCDubhO9HsjWenYf/sE8zK5EVgE/Wn+3XT395Zz9Gqqkm6XcpktSU6pK+1FfN2wfH+8e9bqesoZqrYT9GaU0zVmb3oBuqauu5Gl5sf9W1UszDfCRJ8sebqoNA5dzZHxBJi/48dNubFxzXrIwOri99U1EolSn+G5hTneqOVisMBwBwCfj7f+RvEysuyyiKpC1/27/S9/9Rp1UHMFu/9sayktIKhfu/m90lxu7fz92mwXrPLeHs9ihbJZ4lmMbI7wWlR9bQHMyEV5Vvk5SPJVra269re/eBOpFO1PIKFTbcdyc9dDNTot0MrE1LTG6tob8+S0djZ5RLo5uzkPb2e91FmwjEv36+Hj+eeW5emn9MrCfq5PO/emLsbnJ7Kh7ZU1HDxv/T5BaXXS1bSn7Z32q1oqEiX7hOvvY9eFNG2QyvSIptZg8I+nkEgThPsoTre03DjxXS0e2EOjCDxtdDteL813hd19fGUK2aPxK2d2/2Sh+lzEc2RPPY/G029V7P1C7M/yMb35YKZ2bZpd64kv7ISMezEC5ZdyXjsTtHP099m0fgLZ57bJDO+bTskf7Xb1o9unvvRq3X6x7axH+BxK2VQ+NzGg+lYJn5J2oqKaP+IMfdPO4nyVlbTuYZ/I8zbdBeP/Ice/qECtuzLM+JLno3Xb9EXaFN7RcqOyDnmsimLjNp0E60JmyayzUKl8yRyXa6zxibxOKas/Muk67/3Ezez+rcdcZ+xSXz9PJFpoZa3MlXcMNTwbXQ3GXK2mB58gqu0OPPE9aMbs313Q/S94VMo9IeYxfntWHaeqV/ef4PAAAAAAAAAAAAAAAAAABw1VzE/1ioeowAAAAAAAAAAAAAAAAAAAAAAFx1Z3//79LgTU2hvxHv3v8bT33/79ALgP2Lonj/L1CNDwEAAP//FJB9Ww==") fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) 3.545182958s ago: executing program 3 (id=9807): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x1, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0xffffffffffffff20, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {0x35, 0x0, 0x5, 0x5c010000}, {}, {}, {}, {}, {}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa0}}, 0x0) 3.362211334s ago: executing program 4 (id=9809): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @private2}, 0x1c) 3.173318664s ago: executing program 1 (id=9810): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000000)={0x2, 0x100, 0x3, {0x0, 0x0, 0x1000, 0x2}}) 3.003051316s ago: executing program 3 (id=9812): r0 = socket(0x2, 0x2, 0x1) sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000002240)=ANY=[@ANYBLOB="cc"], 0x1cc}}, 0x0) 2.681669189s ago: executing program 2 (id=9813): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0xa00, 0x80, 0x0, 0x6, 0x10, 0x0, {0x8000}, {0x2}, {}, {0x3}, 0x0, 0x3f0, 0x0, 0xf, 0x1, 0x0, 0x0, 0x0, 0x20, 0xffffffff, 0x0, 0xffffffff, 0x0, 0x200}) 2.633026624s ago: executing program 3 (id=9814): iopl(0x3) process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, 0x0, 0x0, 0x0) 2.498314205s ago: executing program 3 (id=9815): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in=@remote, 0x0, 0x32}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {}, {0x10000000}, {}, 0x0, 0x0, 0xa}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x0, 0x40}}]}, 0x138}}, 0x0) 2.360828338s ago: executing program 1 (id=9816): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_LEAVE_MCAST(r0, &(0x7f0000000280)={0x11, 0x10, 0xfa00, {0x0}}, 0x18) 2.306431102s ago: executing program 2 (id=9817): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0) ioctl$SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f0000000300)=0xffffffff) 2.198142536s ago: executing program 0 (id=9818): r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) setsockopt$ax25_int(r0, 0x101, 0xa, &(0x7f0000000080)=0xbb1e, 0x4) 2.061902201s ago: executing program 1 (id=9819): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003800)=@newtaction={0x94, 0x30, 0x1, 0x0, 0x0, {}, [{0x80, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0xffffff60, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0x30, 0x0, 0x0, 0x0, {{0xa}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x94}}, 0x0) 2.059326311s ago: executing program 4 (id=9820): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)=@newpolicy={0xfc, 0x13, 0x1, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@loopback}, 0x0, @in6=@empty, 0x0, 0x1, 0x0, 0xb5}]}]}, 0xfc}}, 0x0) 1.982946783s ago: executing program 2 (id=9821): r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000001180)=@raw={'raw\x00', 0x4001, 0x3, 0x278, 0x0, 0x0, 0x148, 0x144, 0x148, 0x1e4, 0x240, 0x240, 0x1e4, 0x240, 0x7fffffe, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth1_to_batadv\x00'}, 0x0, 0xe4, 0x144, 0x0, {}, [@common=@inet=@ecn={{0x24}, {0x30}}, @common=@inet=@multiport={{0x50}}]}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x2d4) 1.752852801s ago: executing program 2 (id=9822): r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000002c0)=@multiplanar_overlay={0x0, 0x7, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "41fade5c"}, 0x0, 0x3, {0x0}}) 1.319429685s ago: executing program 1 (id=9823): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0) 1.316548819s ago: executing program 3 (id=9824): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000140)={0x1}) 1.299254578s ago: executing program 4 (id=9825): r0 = socket$kcm(0xa, 0x6, 0x0) setsockopt$sock_attach_bpf(r0, 0x10d, 0xb, &(0x7f0000000000), 0x4) 1.154271485s ago: executing program 0 (id=9826): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f0000000180)) 962.383309ms ago: executing program 0 (id=9827): r0 = openat$sequencer(0xffffff9c, &(0x7f0000000000), 0x60000, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000040)=@e={0xff, 0x3, 0x8, 0x7, @SEQ_NOTEON=@special, 0x0, 0x6, 0x6}) 958.554006ms ago: executing program 2 (id=9828): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000000)={0x9, @sdr={0x32314142, 0x6}}) 908.940442ms ago: executing program 4 (id=9829): sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, 0x0}, 0x0) select(0x20000000, 0x0, 0x0, 0x0, 0x0) 708.525572ms ago: executing program 0 (id=9830): mkdir(&(0x7f00000008c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{}]}) 631.501969ms ago: executing program 4 (id=9831): r0 = socket(0x840000000002, 0x3, 0xfa) sendmmsg$inet(r0, &(0x7f0000019740)=[{{&(0x7f0000000180)={0x2, 0x0, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000019500)=[@ip_tos_u8={{0xd}}, @ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @loopback, @loopback}}}, @ip_retopts={{0x10, 0x0, 0x7, {[@rr={0x7, 0x3, 0xa}, @noop]}}}], 0x38}}], 0x1, 0x0) 492.740901ms ago: executing program 0 (id=9832): r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PTP_PEROUT_REQUEST2(r0, 0x40383d0c, &(0x7f0000000040)={{0x8}, {0x8}, 0x0, 0x6}) 367.137726ms ago: executing program 2 (id=9833): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0x4}]}}}]}, 0x3c}}, 0x0) 361.397822ms ago: executing program 4 (id=9834): unshare(0x2a020400) listen(0xffffffffffffffff, 0x0) 204.772331ms ago: executing program 3 (id=9835): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f00000004c0)={0x1, 0x1, 0x1000000c, 0x12, 0x10003, &(0x7f0000000a40)}) 108.10833ms ago: executing program 1 (id=9836): r0 = socket$inet6(0xa, 0x2, 0x3a) sendto$inet6(r0, &(0x7f0000000080)="800037bba9c5a1ce", 0x8, 0x0, &(0x7f0000001100)={0xa, 0x0, 0x0, @remote}, 0x1c) 0s ago: executing program 0 (id=9837): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@barrier}, {@nojournal_checksum}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@dioread_nolock}, {@nodelalloc}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}]}, 0xfd, 0x58f, &(0x7f0000000c80)="$eJzs3d9rU1ccAPDvTVN/1a0VRLY9jIIPc4ipbffDwUD3ODaZsL270MYiTY00qdhOmD7Ml70MGYwxYewP2LuPsn9gf4UwBRlStgcZdNz0pta2adOYmtp8PpD2nNybnPPNuefknHsTEkDPGk7/5CLejIgfkojBVdvykW0cXt5v8cmNifSWxNLSl38ncXbNcyXZ/4Es80ZE/PFdxMnc+nKr8wvTxXK5NJvlR2ozV0eq8wunni4Vp0pTpStj4+Nn3h8f++jDDzoW67sX/v35i/ufnvn++OJPvz86cieJc3E425bG1YEibq7ODBf/y1L9cW7NjqMdKGw3SbpdAdrSl/Xz/kjHgMHoy3o9sPd9GxFLQI9KNu3/eaMD7FmNeUBjbd+hdfAr4/Enywug9fHnl8+NxIH62ujQYvLcyihd7w51oPzhiIPx8O6dew/v3onNz0Mc3CIPsC03b0XE6Xx+/fiXZONf+07XTx5vbm0Zvfb+A910P53/JDcj1vX/3Mr8JzaY/wxs0HfbsXX/zz3qQDFNpfO/jzec/64MXUN9We61+pyvP7l0uVw6HRGvR8SJ6N+f5je7nnNm8cFSs21p/Pey+V96S8tvzAWzejzK73/+MZPFWvFFYl7t8a2Itzac/yYr7Z9s0P7p63GhxTKOle6+3Wzb1vHvrKXfIt7ZsP2fXdFKVl+fvDyz9vrkSP14GGkcFev9c/vYn83K73b8afsf2jz+oWT19drq9sv49cDTUrNt7R7/+5Kv6ul92X3Xi7Xa7GjEvuTz/MDa+8eePbaRb+yfxn/i+Mb9f7PjP118fd1i/LeP3m66axvtf6DFYluSxj+5rfbffuLBZ9/80n78afu/V0+dyO5pZfxrtYIv8toBAAAAAADAbpOLiMOR5Aor6VyuUFj+fMfROJQrV6q1k5cqc1cmo/5d2aHozzWudA+u+jzEaPZ52EZ+bE1+PCKORMSPfQfr+cJEpTzZ7eABAAAAAAAAAAAAAAAAAABglxho8v3/1F993a4dsOPqP2ywv9u1ALphy5/878QvPQG70pb9H9iztt//nRmAvcL7P/Qu/R96l/4PvavV/t8/uMMVAV467//Qu/R/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KgL58+nt6XFJzcm0vzktfm56cq1U5Ol6nRhZm6iMFGZvVqYqlSmyqXCRGVmq+crVypXR8di7vpIrVStjVTnFy7OVOau1C5enilOlS6W+l9KVAAAAAAAAAAAAAAAAAAAAPBqqc4vTBfL5dLsTiUaBe1gETudOPsqV761AJe19fD8bolCoqOJ7o1JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDW/wEAAP//1jkuWQ==") utime(&(0x7f0000000280)='./file1\x00', 0x0) kernel console output (not intermixed with test programs): [ 1894.350227][T22342] netlink: 'syz.4.7976': attribute type 13 has an invalid length. [ 1895.083647][T22354] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7979'. [ 1895.803147][T22363] loop3: detected capacity change from 0 to 1024 [ 1896.219510][T21742] hfsplus: b-tree write err: -5, ino 4 [ 1896.779978][T22381] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7991'. [ 1898.175929][T22404] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8005'. [ 1898.757700][T22413] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8009'. [ 1899.158175][T21591] usb 1-1: new high-speed USB device number 41 using dummy_hcd [ 1899.359129][T21591] usb 1-1: config 0 has an invalid interface number: 83 but max is 0 [ 1899.368199][T21591] usb 1-1: config 0 has no interface number 0 [ 1899.374803][T21591] usb 1-1: config 0 interface 83 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0 [ 1899.385176][T21591] usb 1-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=39.61 [ 1899.394879][T21591] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1899.532603][T22425] Cannot find add_set index 0 as target [ 1899.592551][T21591] usb 1-1: config 0 descriptor?? [ 1899.685254][T21591] ttusbir 1-1:0.83: cannot find expected altsetting [ 1899.904405][T21591] usb 1-1: USB disconnect, device number 41 [ 1902.355192][ T29] audit: type=1326 audit(1728946491.325:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22466 comm="syz.2.8036" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 1902.378002][ T29] audit: type=1326 audit(1728946491.336:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22466 comm="syz.2.8036" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 1902.400168][ C0] vkms_vblank_simulate: vblank timer overrun [ 1902.410786][ T29] audit: type=1326 audit(1728946491.336:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22466 comm="syz.2.8036" exe="/root/syz-executor" sig=0 arch=40000003 syscall=289 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 1902.432961][ C0] vkms_vblank_simulate: vblank timer overrun [ 1902.443940][ T29] audit: type=1326 audit(1728946491.336:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22466 comm="syz.2.8036" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 1902.467726][ T29] audit: type=1326 audit(1728946491.336:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22466 comm="syz.2.8036" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 1902.489987][ C0] vkms_vblank_simulate: vblank timer overrun [ 1902.891763][T22474] netlink: 148 bytes leftover after parsing attributes in process `syz.2.8039'. [ 1903.143472][T22483] Unsupported ieee802154 address type: 0 [ 1904.089274][T22497] netlink: 164 bytes leftover after parsing attributes in process `syz.3.8051'. [ 1904.099020][T22497] netlink: 164 bytes leftover after parsing attributes in process `syz.3.8051'. [ 1904.440418][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 1905.257545][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 1905.394071][T22514] netlink: 'syz.3.8058': attribute type 1 has an invalid length. [ 1905.402079][T22514] netlink: 56 bytes leftover after parsing attributes in process `syz.3.8058'. [ 1906.264781][T22532] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8067'. [ 1907.649985][T22554] openvswitch: netlink: Tunnel attr 0 has unexpected len 4 expected 8 [ 1908.575687][T22569] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8084'. [ 1908.636964][T21591] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 1908.826745][T21591] usb 3-1: Using ep0 maxpacket: 32 [ 1908.881556][T21591] usb 3-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=28.6d [ 1908.891486][T21591] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1908.901931][T21591] usb 3-1: Product: syz [ 1908.906350][T21591] usb 3-1: Manufacturer: syz [ 1908.911822][T21591] usb 3-1: SerialNumber: syz [ 1908.975504][T21591] usb 3-1: config 0 descriptor?? [ 1909.012394][T21591] gspca_main: STV06xx-2.14.0 probing 046d:08f0 [ 1909.019045][T21591] gspca_stv06xx: st6422 sensor detected [ 1909.168811][T22577] netlink: 156 bytes leftover after parsing attributes in process `syz.3.8088'. [ 1909.478672][T21591] STV06xx 3-1:0.0: probe with driver STV06xx failed with error -71 [ 1909.551148][T21591] usb 3-1: unknown interface protocol 0x8e, assuming v1 [ 1909.558520][T21591] usb 3-1: cannot find UAC_HEADER [ 1909.713016][T21591] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 1909.806418][T21591] usb 3-1: USB disconnect, device number 40 [ 1909.909477][T21594] udevd[21594]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1910.190754][T22589] loop4: detected capacity change from 0 to 256 [ 1910.255296][T22589] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 1910.289932][T22589] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 1910.300096][T22589] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 1910.308453][T22589] UDF-fs: Scanning with blocksize 512 failed [ 1910.409263][T22589] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 1910.425123][T22591] mmap: syz.1.8095 (22591): VmData 37388288 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 1910.482495][T22589] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1911.652942][T22606] loop3: detected capacity change from 0 to 1764 [ 1911.759975][T21815] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 1911.786212][T22606] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1911.964378][T21815] usb 3-1: Using ep0 maxpacket: 32 [ 1912.159060][T21815] usb 3-1: config 0 has an invalid interface number: 250 but max is 2 [ 1912.168230][T21815] usb 3-1: config 0 has 2 interfaces, different from the descriptor's value: 3 [ 1912.177805][T21815] usb 3-1: config 0 has no interface number 1 [ 1912.186414][T21815] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1912.198007][T21815] usb 3-1: Duplicate descriptor for config 0 interface 0 altsetting 0, skipping [ 1912.277281][T21815] usb 3-1: New USB device found, idVendor=0408, idProduct=3090, bcdDevice=a6.3f [ 1912.286910][T21815] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1912.295607][T21815] usb 3-1: Product: syz [ 1912.300149][T21815] usb 3-1: Manufacturer: syz [ 1912.305085][T21815] usb 3-1: SerialNumber: syz [ 1912.320560][T21815] usb 3-1: config 0 descriptor?? [ 1912.449529][T21591] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 1912.595833][T21815] usb 3-1: Found UVC 0.00 device syz (0408:3090) [ 1912.602806][T21815] usb 3-1: No valid video chain found. [ 1912.624677][T21591] usb 5-1: Using ep0 maxpacket: 8 [ 1912.671416][T21815] usb 3-1: USB disconnect, device number 41 [ 1912.682557][T21591] usb 5-1: too many configurations: 14, using maximum allowed: 8 [ 1912.869659][T21591] usb 5-1: New USB device found, idVendor=0421, idProduct=01d0, bcdDevice=98.e6 [ 1912.879275][T21591] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1912.887753][T21591] usb 5-1: Product: syz [ 1912.892178][T21591] usb 5-1: Manufacturer: syz [ 1912.897207][T21591] usb 5-1: SerialNumber: syz [ 1912.984111][T21591] usb 5-1: config 0 descriptor?? [ 1913.142356][T21591] usb 5-1: bad CDC descriptors [ 1913.149187][T21591] cdc_acm 5-1:0.0: Zero length descriptor references [ 1913.156172][T21591] cdc_acm 5-1:0.0: probe with driver cdc_acm failed with error -22 [ 1913.688668][ T29] audit: type=1326 audit(1728946503.524:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22630 comm="syz.3.8117" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 1913.711454][ T29] audit: type=1326 audit(1728946503.524:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22630 comm="syz.3.8117" exe="/root/syz-executor" sig=0 arch=40000003 syscall=233 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 1913.734026][ T29] audit: type=1326 audit(1728946503.535:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22630 comm="syz.3.8117" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 1913.813458][T21815] usb 5-1: USB disconnect, device number 37 [ 1914.650343][T22648] loop1: detected capacity change from 0 to 256 [ 1915.331474][T22654] loop4: detected capacity change from 0 to 4096 [ 1917.820221][T22692] loop3: detected capacity change from 0 to 256 [ 1918.430863][T22692] FAT-fs (loop3): Directory bread(block 64) failed [ 1918.437849][T22692] FAT-fs (loop3): Directory bread(block 65) failed [ 1918.447652][T22692] FAT-fs (loop3): Directory bread(block 66) failed [ 1918.455199][T22692] FAT-fs (loop3): Directory bread(block 67) failed [ 1918.469668][T22692] FAT-fs (loop3): Directory bread(block 68) failed [ 1918.476804][T22692] FAT-fs (loop3): Directory bread(block 69) failed [ 1918.484668][T22692] FAT-fs (loop3): Directory bread(block 70) failed [ 1918.491625][T22692] FAT-fs (loop3): Directory bread(block 71) failed [ 1918.498897][T22692] FAT-fs (loop3): Directory bread(block 72) failed [ 1918.505688][T22692] FAT-fs (loop3): Directory bread(block 73) failed [ 1918.902654][T22706] loop3: detected capacity change from 0 to 16 [ 1918.986966][T22706] erofs: (device loop3): mounted with root inode @ nid 36. [ 1919.076573][T22706] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 0 of nid 36 [ 1919.117733][T19608] usb 1-1: new high-speed USB device number 42 using dummy_hcd [ 1919.334792][T19608] usb 1-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d [ 1919.344598][T19608] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1919.433843][T19608] usb 1-1: config 0 descriptor?? [ 1919.898995][T19608] hackrf 1-1:0.0: usb_control_msg() failed -71 request 0f [ 1919.906863][T19608] hackrf 1-1:0.0: Could not detect board [ 1919.912867][T19608] hackrf 1-1:0.0: probe with driver hackrf failed with error -71 [ 1919.999337][T19608] usb 1-1: USB disconnect, device number 42 [ 1920.201913][T22713] loop2: detected capacity change from 0 to 1024 [ 1920.387161][T22713] hfsplus: bad catalog entry type [ 1920.748278][T21613] hfsplus: b-tree write err: -5, ino 4 [ 1921.796998][T22736] loop3: detected capacity change from 0 to 128 [ 1922.172215][T22737] loop2: detected capacity change from 0 to 2048 [ 1922.282964][T22737] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1922.301721][T22736] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1922.331285][T22736] ext4 filesystem being mounted at /1640/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1922.653481][ T5431] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1923.124367][T22757] kAFS: unable to lookup cell '(>.DzsfIvNh\D%aD'+i8BcNo~F^($)3k 8S72gՑfo$ .~' [ 1924.071708][T22775] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8184'. [ 1924.635724][T22786] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8189'. [ 1925.322497][T22800] loop3: detected capacity change from 0 to 512 [ 1925.331853][T22800] EXT4-fs: Ignoring removed orlov option [ 1925.337933][T22800] EXT4-fs: Ignoring removed i_version option [ 1925.344461][T22800] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1925.557981][T22805] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8198'. [ 1925.808513][T22800] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 1925.817367][T22800] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e118, mo2=0002] [ 1925.971456][T22800] EXT4-fs (loop3): orphan cleanup on readonly fs [ 1925.978608][T22800] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0 [ 1925.991841][T22800] EXT4-fs warning (device loop3): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 1926.006923][T22800] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 1926.029071][T22800] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.8196: bg 0: block 40: padding at end of block bitmap is not set [ 1926.051479][T22800] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 1926.076103][T22800] EXT4-fs (loop3): 1 truncate cleaned up [ 1926.086500][T22800] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1926.115319][T22800] EXT4-fs error (device loop3): ext4_encrypted_get_link:46: inode #16: comm syz.3.8196: bad symlink. [ 1926.582860][ T5431] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1929.299347][T22850] loop3: detected capacity change from 0 to 4096 [ 1929.401636][T22850] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 1929.722326][T19608] usb 1-1: new high-speed USB device number 43 using dummy_hcd [ 1929.919021][T19608] usb 1-1: Using ep0 maxpacket: 16 [ 1929.986960][T22850] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 1930.001345][T19608] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1930.011084][T19608] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1930.019606][T19608] usb 1-1: Product: syz [ 1930.024029][T19608] usb 1-1: Manufacturer: syz [ 1930.029090][T19608] usb 1-1: SerialNumber: syz [ 1930.033711][T22850] ntfs3(loop3): Failed to load $Extend (-22). [ 1930.033828][T22850] ntfs3(loop3): Failed to initialize $Extend. [ 1930.120486][T22850] ntfs3(loop3): ino=5, "/" directory corrupted [ 1930.204352][T19608] r8152-cfgselector 1-1: Unknown version 0x0000 [ 1930.211022][T19608] r8152-cfgselector 1-1: config 0 descriptor?? [ 1930.628015][T22872] ieee802154 phy0 wpan0: encryption failed: -22 [ 1930.688975][T21815] r8152-cfgselector 1-1: USB disconnect, device number 43 [ 1930.922789][T21591] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 1931.139695][T21591] usb 5-1: Using ep0 maxpacket: 32 [ 1931.175667][T21591] usb 5-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=ba.e3 [ 1931.185179][T21591] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1931.193671][T21591] usb 5-1: Product: syz [ 1931.198089][T21591] usb 5-1: Manufacturer: syz [ 1931.203464][T21591] usb 5-1: SerialNumber: syz [ 1931.296267][T21591] usb 5-1: config 0 descriptor?? [ 1931.833387][T19608] usb 5-1: USB disconnect, device number 38 [ 1931.841043][T19608] f81534a_ctrl 5-1:0.0: failed to set register 0x116: -19 [ 1931.848664][T19608] f81534a_ctrl 5-1:0.0: failed to enable ports: -19 [ 1933.486653][T22912] netlink: 'syz.0.8250': attribute type 10 has an invalid length. [ 1933.643873][T22912] team0: Port device geneve0 added [ 1934.593958][T22925] loop4: detected capacity change from 0 to 2048 [ 1934.737601][T22925] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1935.843922][T22945] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 1936.638472][ T5422] Bluetooth: hci1: command 0x0406 tx timeout [ 1937.192784][T22965] loop3: detected capacity change from 0 to 4096 [ 1937.222533][T22965] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 1937.267101][T22953] loop1: detected capacity change from 0 to 2048 [ 1937.524437][T22953] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1937.616936][T21591] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 1937.757400][T22975] netlink: 60 bytes leftover after parsing attributes in process `syz.0.8280'. [ 1937.792644][T21591] usb 5-1: Using ep0 maxpacket: 8 [ 1937.813275][T21591] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1937.884770][T21591] usb 5-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 1937.894610][T21591] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 1937.903254][T21591] usb 5-1: SerialNumber: syz [ 1938.001770][T22977] loop2: detected capacity change from 0 to 512 [ 1938.047890][T21591] usb 5-1: config 0 descriptor?? [ 1938.079338][T21591] usb 5-1: Found UVC 0.00 device (05ac:8501) [ 1938.086857][T21591] uvcvideo 5-1:0.0: Entity type for entity Output 255 was not initialized! [ 1938.096616][T21591] usb 5-1: Failed to create links for entity 255 [ 1938.106819][T21591] usb 5-1: Failed to register entities (-22). [ 1938.220821][T22977] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1938.442012][T22977] EXT4-fs (loop2): orphan cleanup on readonly fs [ 1938.481089][T19608] usb 5-1: USB disconnect, device number 39 [ 1938.534977][T22977] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8281: bg 0: block 248: padding at end of block bitmap is not set [ 1938.640151][T22977] Quota error (device loop2): write_blk: dquota write failed [ 1938.648155][T22977] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 1938.660206][T22977] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.8281: Failed to acquire dquot type 1 [ 1938.905651][T22990] loop3: detected capacity change from 0 to 1024 [ 1938.933186][T22977] EXT4-fs (loop2): 1 truncate cleaned up [ 1938.989968][T22977] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1939.080593][T22977] EXT4-fs error (device loop2): __ext4_remount:6522: comm syz.2.8281: Abort forced by user [ 1939.124908][T22977] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 1939.213892][T22977] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 1939.225295][T22977] ext4 filesystem being remounted at /86/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1939.662581][T21683] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1940.092624][T23000] xt_bpf: check failed: parse error [ 1941.192235][T22928] Bluetooth: hci6: command 0x0406 tx timeout [ 1941.691959][T23019] affs: No valid root block on device nbd0 [ 1942.443844][T23027] loop1: detected capacity change from 0 to 1024 [ 1944.173961][T23045] loop3: detected capacity change from 0 to 2048 [ 1944.338809][T23045] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1944.382340][ T1247] ieee802154 phy0 wpan0: encryption failed: -22 [ 1944.389027][ T1247] ieee802154 phy1 wpan1: encryption failed: -22 [ 1945.570775][T23081] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8330'. [ 1945.805191][T23085] sctp: [Deprecated]: syz.3.8331 (pid 23085) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1945.805191][T23085] Use struct sctp_sack_info instead [ 1946.105826][T22928] Bluetooth: hci5: command 0x0406 tx timeout [ 1947.098449][T23102] loop4: detected capacity change from 0 to 764 [ 1947.151938][T23108] netlink: 'syz.1.8342': attribute type 1 has an invalid length. [ 1947.274215][T23111] loop2: detected capacity change from 0 to 64 [ 1949.227956][T23136] tmpfs: Bad value for 'mpol' [ 1949.650077][T23146] loop3: detected capacity change from 0 to 512 [ 1949.722371][T23146] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1949.735645][T23146] ext4 filesystem being mounted at /1674/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1950.179454][ T5431] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1950.677976][T23162] loop4: detected capacity change from 0 to 512 [ 1950.751303][T23162] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1950.837486][T23162] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1950.851343][T23162] ext4 filesystem being mounted at /96/qY3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 1951.472625][T21692] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1952.140827][T23193] loop1: detected capacity change from 0 to 128 [ 1953.385698][T23212] netlink: 'syz.3.8389': attribute type 1 has an invalid length. [ 1953.763907][T23218] netlink: 'syz.0.8391': attribute type 2 has an invalid length. [ 1954.103474][T23222] ./bus: Can't lookup blockdev [ 1954.177783][T23225] loop1: detected capacity change from 0 to 64 [ 1955.153908][T23244] loop1: detected capacity change from 0 to 1024 [ 1955.547963][T23244] hfsplus: keylen 65060 too large [ 1955.555505][T23244] hfsplus: xattr searching failed [ 1956.421228][T23255] loop3: detected capacity change from 0 to 512 [ 1956.498269][T23255] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1956.578375][T23255] EXT4-fs (loop3): orphan cleanup on readonly fs [ 1956.641126][T23255] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.8407: bg 0: block 248: padding at end of block bitmap is not set [ 1956.711864][T23255] Quota error (device loop3): write_blk: dquota write failed [ 1956.728830][T23255] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 1956.739924][T23255] EXT4-fs error (device loop3): ext4_acquire_dquot:6879: comm syz.3.8407: Failed to acquire dquot type 1 [ 1957.076323][T23255] EXT4-fs (loop3): 1 truncate cleaned up [ 1957.170819][T23255] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1957.225735][T21591] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 1957.393025][T23255] EXT4-fs error (device loop3): __ext4_remount:6522: comm syz.3.8407: Abort forced by user [ 1957.433043][T23255] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 1957.463275][T21591] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 1957.472947][T21591] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1957.492852][T21591] usb 5-1: config 0 descriptor?? [ 1957.711125][T23255] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 1957.722142][T23255] ext4 filesystem being remounted at /1683/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1958.132431][T23289] netlink: 'syz.0.8422': attribute type 1 has an invalid length. [ 1958.521214][ T5431] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1958.648570][T21591] usb 5-1: Cannot set MAC address [ 1958.654561][T21591] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 1958.932084][T21591] usb 5-1: USB disconnect, device number 40 [ 1959.667500][T19608] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 1960.679189][T19608] usb 3-1: config index 0 descriptor too short (expected 23569, got 27) [ 1960.688093][T19608] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1960.748046][T19608] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 1960.757603][T19608] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 1960.765918][T19608] usb 3-1: Manufacturer: syz [ 1960.922877][T19608] usb 3-1: config 0 descriptor?? [ 1961.399006][T19608] rc_core: IR keymap rc-hauppauge not found [ 1961.405491][T19608] Registered IR keymap rc-empty [ 1961.413182][T19608] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 1961.428076][T19608] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input72 [ 1961.616841][T19608] usb 3-1: USB disconnect, device number 42 [ 1962.734763][T23360] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8457'. [ 1962.744191][T23360] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8457'. [ 1962.775476][T23362] netlink: 'syz.4.8459': attribute type 1 has an invalid length. [ 1962.783828][T23362] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8459'. [ 1963.273314][T23369] loop1: detected capacity change from 0 to 256 [ 1963.602756][T23374] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8463'. [ 1963.764615][T23375] netlink: 60 bytes leftover after parsing attributes in process `syz.2.8462'. [ 1964.397075][T23390] loop2: detected capacity change from 0 to 256 [ 1964.512638][T23369] FAT-fs (loop1): Directory bread(block 64) failed [ 1964.519752][T23369] FAT-fs (loop1): Directory bread(block 65) failed [ 1964.528906][T23369] FAT-fs (loop1): Directory bread(block 66) failed [ 1964.536258][T23369] FAT-fs (loop1): Directory bread(block 67) failed [ 1964.549178][T23369] FAT-fs (loop1): Directory bread(block 68) failed [ 1964.557865][T23369] FAT-fs (loop1): Directory bread(block 69) failed [ 1964.565031][T23369] FAT-fs (loop1): Directory bread(block 70) failed [ 1964.572566][T23369] FAT-fs (loop1): Directory bread(block 71) failed [ 1964.579674][T23369] FAT-fs (loop1): Directory bread(block 72) failed [ 1964.586483][T23369] FAT-fs (loop1): Directory bread(block 73) failed [ 1966.419319][T23415] loop3: detected capacity change from 0 to 1764 [ 1966.544472][T23415] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1967.484492][T23437] loop2: detected capacity change from 0 to 1024 [ 1967.577148][T23437] hfsplus: extend alloc file! (8192,512,16777719) [ 1969.286007][T23460] Error parsing options; rc = [-22] [ 1969.609323][T23467] loop3: detected capacity change from 0 to 256 [ 1969.766925][T23467] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d) [ 1969.894251][T23451] loop1: detected capacity change from 0 to 4096 [ 1970.379230][T23473] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8512'. [ 1970.391555][T23473] (unnamed net_device) (uninitialized): down delay (195) is not a multiple of miimon (83886275), value rounded to 0 ms [ 1971.303118][T23486] binder: 23483:23486 ioctl c018620c 200013c0 returned -22 [ 1972.954908][T23510] loop4: detected capacity change from 0 to 1024 [ 1975.651366][T23556] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8554'. [ 1975.782302][T22928] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 1975.791210][T22928] Bluetooth: hci0: Injecting HCI hardware error event [ 1975.798726][T22928] Bluetooth: hci0: hardware error 0x00 [ 1977.217054][T23584] loop1: detected capacity change from 0 to 256 [ 1977.267242][T23584] exfat: Deprecated parameter 'namecase' [ 1977.277386][T23584] exfat: Deprecated parameter 'namecase' [ 1977.312999][T23586] autofs: Bad value for 'fd' [ 1977.479188][T23584] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 1977.785113][T23592] netlink: 'syz.2.8570': attribute type 3 has an invalid length. [ 1977.870001][T22928] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 1979.460814][T23621] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8585'. [ 1979.597952][T23625] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8587'. [ 1979.955100][T23632] cgroup: Unexpected value for 'cpuset_v2_mode' [ 1980.022268][T23633] netlink: 105084 bytes leftover after parsing attributes in process `syz.1.8588'. [ 1980.032239][T23633] netlink: 31 bytes leftover after parsing attributes in process `syz.1.8588'. [ 1980.970137][T23650] 8021q: adding VLAN 0 to HW filter on device bond4 [ 1981.132831][T23653] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8598'. [ 1981.969330][T23670] loop2: detected capacity change from 0 to 1024 [ 1982.514830][T23670] syz.2.8608: attempt to access beyond end of device [ 1982.514830][T23670] loop2: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 1982.529657][T23670] Buffer I/O error on dev loop2, logical block 100663296, async page read [ 1982.538638][T23670] syz.2.8608: attempt to access beyond end of device [ 1982.538638][T23670] loop2: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 1982.552970][T23670] Buffer I/O error on dev loop2, logical block 100663296, async page read [ 1984.006409][T23701] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8622'. [ 1984.052986][T23703] dlm: non-version read from control device 140 [ 1984.207752][T23707] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8627'. [ 1984.800074][T23712] loop4: detected capacity change from 0 to 4096 [ 1984.846116][T23712] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 1984.887173][T23712] ntfs3(loop4): Failed to load $LogFile (-22). [ 1987.906748][T23759] netlink: 'syz.4.8651': attribute type 10 has an invalid length. [ 1988.608965][T23774] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1989.528657][T23787] ebtables: wrong size: *len 264, entries_size 144, replsz 144 [ 1989.844054][T23796] 8021q: VLANs not supported on ipvlan1 [ 1991.584265][T23824] loop4: detected capacity change from 0 to 1024 [ 1991.657968][T23824] EXT4-fs (loop4): Test dummy encryption mode enabled [ 1991.696185][T23824] EXT4-fs (loop4): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 1991.795138][T23833] netlink: 908 bytes leftover after parsing attributes in process `syz.1.8687'. [ 1991.862994][T23824] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1992.262184][T21692] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1993.790023][T23863] loop1: detected capacity change from 0 to 1764 [ 1994.336143][ T29] audit: type=1326 audit(1728946590.096:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23864 comm="syz.4.8703" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x0 [ 1995.514541][T23896] loop1: detected capacity change from 0 to 1024 [ 1997.080847][T23910] loop3: detected capacity change from 0 to 2048 [ 1997.167562][T23918] netlink: 256 bytes leftover after parsing attributes in process `syz.0.8727'. [ 1997.200693][T23910] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 1997.225726][T23910] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 1997.227727][T23917] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1997.234114][T23910] UDF-fs: Scanning with blocksize 512 failed [ 1997.325868][T23910] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1998.027244][T23929] loop4: detected capacity change from 0 to 512 [ 1998.362564][T23929] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1998.376255][T23929] ext4 filesystem being mounted at /164/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1999.756391][T21692] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1999.786191][T21742] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2000.011004][T21742] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2000.291890][T21742] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2000.435870][T21742] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2000.994205][T21742] bridge_slave_1: left allmulticast mode [ 2001.003363][T21742] bridge_slave_1: left promiscuous mode [ 2001.009907][T21742] bridge0: port 2(bridge_slave_1) entered disabled state [ 2001.303580][ T1247] ieee802154 phy0 wpan0: encryption failed: -22 [ 2001.310268][ T1247] ieee802154 phy1 wpan1: encryption failed: -22 [ 2001.657054][ T5422] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 2001.661344][T21742] bridge_slave_0: left allmulticast mode [ 2001.672893][T21742] bridge_slave_0: left promiscuous mode [ 2001.679579][T21742] bridge0: port 1(bridge_slave_0) entered disabled state [ 2001.697002][ T5422] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 2001.711597][ T5422] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 2001.728796][ T5422] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 2001.782063][T23979] netlink: 'syz.2.8757': attribute type 1 has an invalid length. [ 2001.790521][T23979] netlink: 244 bytes leftover after parsing attributes in process `syz.2.8757'. [ 2001.800023][T23979] NCSI netlink: No device for ifindex 0 [ 2001.891180][ T5422] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 2001.919163][ T5422] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 2002.042844][T21591] usb 1-1: new high-speed USB device number 44 using dummy_hcd [ 2002.251890][T21591] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 2002.262730][T21591] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 2002.273056][T21591] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 2002.283104][T21591] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 2002.468472][T21742] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2002.468610][T21591] usb 1-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 2002.479167][T23981] loop3: detected capacity change from 0 to 4096 [ 2002.495499][T23981] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 2002.496686][T21591] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2002.514093][T21591] usb 1-1: Product: syz [ 2002.518523][T21591] usb 1-1: Manufacturer: syz [ 2002.523576][T21591] usb 1-1: SerialNumber: syz [ 2002.543910][T21591] usb 1-1: config 0 descriptor?? [ 2002.567344][T21591] ums-isd200 1-1:0.0: USB Mass Storage device detected [ 2002.586082][T21742] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2002.656105][T21742] bond0 (unregistering): Released all slaves [ 2002.753869][T23977] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8756'. [ 2002.764676][T23977] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8756'. [ 2002.771833][T23985] loop2: detected capacity change from 0 to 256 [ 2002.972911][T21591] ums-isd200 1-1:0.0: probe with driver ums-isd200 failed with error -22 [ 2003.091987][T21591] usb 1-1: USB disconnect, device number 44 [ 2003.800128][T23969] chnl_net:caif_netlink_parms(): no params data found [ 2003.950005][ T5422] Bluetooth: hci2: command tx timeout [ 2004.189639][T23985] FAT-fs (loop2): Directory bread(block 64) failed [ 2004.197057][T23985] FAT-fs (loop2): Directory bread(block 65) failed [ 2004.204215][T23985] FAT-fs (loop2): Directory bread(block 66) failed [ 2004.211237][T23985] FAT-fs (loop2): Directory bread(block 67) failed [ 2004.218215][T23985] FAT-fs (loop2): Directory bread(block 68) failed [ 2004.225180][T23985] FAT-fs (loop2): Directory bread(block 69) failed [ 2004.232483][T23985] FAT-fs (loop2): Directory bread(block 70) failed [ 2004.239490][T23985] FAT-fs (loop2): Directory bread(block 71) failed [ 2004.249019][T23985] FAT-fs (loop2): Directory bread(block 72) failed [ 2004.255847][T23985] FAT-fs (loop2): Directory bread(block 73) failed [ 2005.017927][T24012] netlink: 'syz.1.8767': attribute type 1 has an invalid length. [ 2005.026087][T24012] netlink: 83992 bytes leftover after parsing attributes in process `syz.1.8767'. [ 2005.176795][T21742] hsr_slave_0: left promiscuous mode [ 2005.384995][T21742] hsr_slave_1: left promiscuous mode [ 2005.413874][T21742] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2005.421817][T21742] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2005.508944][T21742] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2005.516972][T21742] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2005.673781][T21742] veth1_macvtap: left promiscuous mode [ 2005.685585][T21742] veth0_macvtap: left promiscuous mode [ 2005.691795][T21742] veth1_vlan: left promiscuous mode [ 2005.697404][T21742] veth0_vlan: left promiscuous mode [ 2005.850785][ T5422] Bluetooth: hci2: command tx timeout [ 2007.581012][T21742] team0 (unregistering): Port device team_slave_1 removed [ 2007.669431][T21742] team0 (unregistering): Port device team_slave_0 removed [ 2007.773016][ T5422] Bluetooth: hci2: command tx timeout [ 2008.068847][T24042] netlink: 830 bytes leftover after parsing attributes in process `syz.3.8777'. [ 2009.427243][T23969] bridge0: port 1(bridge_slave_0) entered blocking state [ 2009.436099][T23969] bridge0: port 1(bridge_slave_0) entered disabled state [ 2009.444126][T23969] bridge_slave_0: entered allmulticast mode [ 2009.453351][T23969] bridge_slave_0: entered promiscuous mode [ 2009.626437][T23969] bridge0: port 2(bridge_slave_1) entered blocking state [ 2009.635372][T23969] bridge0: port 2(bridge_slave_1) entered disabled state [ 2009.643544][T23969] bridge_slave_1: entered allmulticast mode [ 2009.653326][T23969] bridge_slave_1: entered promiscuous mode [ 2009.718459][ T5422] Bluetooth: hci2: command tx timeout [ 2010.098684][T23969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2010.179084][T23969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2010.347675][T24086] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8794'. [ 2011.284107][T21591] usb 2-1: new high-speed USB device number 48 using dummy_hcd [ 2011.376411][T23969] team0: Port device team_slave_0 added [ 2011.413786][T23969] team0: Port device team_slave_1 added [ 2011.993492][T21591] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 2012.004217][T21591] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 2012.014688][T21591] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 2012.024979][T21591] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 2012.035184][T21591] usb 2-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 2012.044740][T21591] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2012.068469][T21591] usb 2-1: config 0 descriptor?? [ 2012.141511][T24112] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8805'. [ 2012.151644][T24112] netlink: 36 bytes leftover after parsing attributes in process `syz.3.8805'. [ 2012.191139][T23969] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2012.198668][T23969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2012.225150][T23969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2012.330095][T21591] hdpvr 2-1:0.0: firmware version 0x8 dated )˟=J+noKܐo5foɠObL [ 2012.371747][T23969] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2012.379100][T23969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2012.405740][T23969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2012.494152][T24119] netlink: 'syz.0.8806': attribute type 15 has an invalid length. [ 2012.502576][T24119] netlink: 'syz.0.8806': attribute type 7 has an invalid length. [ 2012.568543][T21591] hdpvr 2-1:0.0: device init failed [ 2012.575855][T21591] hdpvr 2-1:0.0: probe with driver hdpvr failed with error -12 [ 2012.917420][ T29] audit: type=1400 audit(1728946609.956:135): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=381CD2A12F2F26 pid=24120 comm="syz.0.8809" [ 2013.038031][T21591] usb 2-1: USB disconnect, device number 48 [ 2013.282348][T23969] hsr_slave_0: entered promiscuous mode [ 2013.324322][T24123] binder: 24122:24123 ioctl c00c6211 0 returned -14 [ 2013.336398][T23969] hsr_slave_1: entered promiscuous mode [ 2013.352016][T23969] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2013.360265][T23969] Cannot create hsr debugfs directory [ 2013.691819][T24131] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8812'. [ 2014.092877][T24135] loop1: detected capacity change from 0 to 1024 [ 2014.903340][T15787] hfsplus: b-tree write err: -5, ino 4 [ 2015.391408][T24151] loop2: detected capacity change from 0 to 1764 [ 2015.555029][T24151] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 2016.188682][T24164] kernel read not supported for file /  (pid: 24164 comm: syz.1.8824) [ 2016.198974][ T29] audit: type=1800 audit(1728946613.572:136): pid=24164 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.8824" name=2001 dev="mqueue" ino=66732 res=0 errno=0 [ 2016.266592][T23969] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2016.359816][T23969] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2016.479769][T23969] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2016.614192][T23969] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2017.248540][T24182] netlink: 'syz.0.8831': attribute type 11 has an invalid length. [ 2018.177842][T23969] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2018.427628][T23969] 8021q: adding VLAN 0 to HW filter on device team0 [ 2018.551206][T15787] bridge0: port 1(bridge_slave_0) entered blocking state [ 2018.559056][T15787] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2018.652080][T15787] bridge0: port 2(bridge_slave_1) entered blocking state [ 2018.659959][T15787] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2018.803109][T23969] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 2018.813994][T23969] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2018.973781][ T4857] usb 1-1: new full-speed USB device number 45 using dummy_hcd [ 2019.565013][ T4857] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 2019.575927][ T4857] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2019.628799][ T4857] usb 1-1: config 0 descriptor?? [ 2019.655531][ T4857] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 2020.040658][ T4857] gp8psk: usb in 137 operation failed. [ 2020.047585][ T4857] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 2020.058706][ T4857] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 2020.178148][ T4857] usb 1-1: USB disconnect, device number 45 [ 2020.411638][T23969] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2020.443835][T24217] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8843'. [ 2020.533283][T24217] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8843'. [ 2021.169786][T24228] ieee802154 phy0 wpan0: encryption failed: -22 [ 2022.100229][T23969] veth0_vlan: entered promiscuous mode [ 2022.142156][T23969] veth1_vlan: entered promiscuous mode [ 2022.215920][T24243] netlink: 'syz.2.8852': attribute type 1 has an invalid length. [ 2022.224140][T24243] netlink: 131640 bytes leftover after parsing attributes in process `syz.2.8852'. [ 2022.298542][T23969] veth0_macvtap: entered promiscuous mode [ 2022.465568][T23969] veth1_macvtap: entered promiscuous mode [ 2022.521947][T23969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2022.534146][T23969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2022.545203][T23969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2022.556071][T23969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2022.566255][T23969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2022.578657][T23969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2022.589321][T23969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2022.600129][T23969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2022.617850][T23969] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2022.685188][T23969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2022.697183][T23969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2022.707407][T23969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2022.718206][T23969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2022.729090][T23969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2022.739932][T23969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2022.750216][T23969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2022.764680][T23969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2022.780397][T23969] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2022.801959][T23969] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2022.811809][T23969] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2022.820972][T23969] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2022.830437][T23969] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2024.441555][T24272] openvswitch: netlink: IP tunnel attribute has 2 unknown bytes. [ 2026.522969][T21591] usb 2-1: new high-speed USB device number 49 using dummy_hcd [ 2026.924302][T21591] usb 2-1: Using ep0 maxpacket: 8 [ 2027.352808][T21591] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0 [ 2027.605522][T21591] usb 2-1: New USB device found, idVendor=0c72, idProduct=000c, bcdDevice=7c.07 [ 2027.615588][T21591] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2027.624405][T21591] usb 2-1: Product: syz [ 2027.630075][T21591] usb 2-1: Manufacturer: syz [ 2027.635307][T21591] usb 2-1: SerialNumber: syz [ 2027.806756][T24325] loop3: detected capacity change from 0 to 1024 [ 2027.870998][T21591] usb 2-1: config 0 descriptor?? [ 2028.514360][T21815] usb 2-1: USB disconnect, device number 49 [ 2028.631897][T24325] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 2029.035233][ T5431] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2029.465501][ T3641] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2029.465535][ T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2029.465623][ T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2029.473756][ T3641] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2030.698853][T21815] usb 1-1: new high-speed USB device number 46 using dummy_hcd [ 2031.034819][T24383] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes [ 2031.038450][T24380] loop3: detected capacity change from 0 to 4096 [ 2031.873210][T24395] loop1: detected capacity change from 0 to 1024 [ 2031.898313][T24395] hfsplus: unable to parse mount options [ 2032.016336][T21815] usb 1-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 2032.030470][T21815] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2032.040611][T21815] usb 1-1: Product: syz [ 2032.045046][T21815] usb 1-1: Manufacturer: syz [ 2032.050153][T21815] usb 1-1: SerialNumber: syz [ 2032.107127][T21815] usb 1-1: config 0 descriptor?? [ 2032.141111][T24398] xt_limit: Overflow, try lower: 0/0 [ 2032.154068][T21815] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 2032.199095][T19608] usb 2-1: new high-speed USB device number 50 using dummy_hcd [ 2032.379140][T19608] usb 2-1: Using ep0 maxpacket: 16 [ 2032.418591][T19608] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E [ 2032.430854][T19608] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid maxpacket 12850, setting to 1024 [ 2032.442713][T19608] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 1024 [ 2032.556860][T24380] ntfs3(loop3): ino=5, "/" attr_set_size [ 2032.563130][T24380] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 2032.585917][T21815] gspca_sunplus: reg_w_riv err -71 [ 2032.599102][T21815] sunplus 1-1:0.0: probe with driver sunplus failed with error -71 [ 2032.665382][T19608] usb 2-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f [ 2032.675188][T19608] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2032.683812][T19608] usb 2-1: Product: syz [ 2032.694303][T19608] usb 2-1: Manufacturer: syz [ 2032.699194][T19608] usb 2-1: SerialNumber: syz [ 2032.758882][T21815] usb 1-1: USB disconnect, device number 46 [ 2032.840494][T19608] usb 2-1: config 0 descriptor?? [ 2032.850188][T24395] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 2033.006340][T19608] hub 2-1:0.0: bad descriptor, ignoring hub [ 2033.012688][T19608] hub 2-1:0.0: probe with driver hub failed with error -5 [ 2033.028669][T19608] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 2033.417937][T24406] netlink: 'syz.2.8901': attribute type 1 has an invalid length. [ 2033.515214][T19608] usb 2-1: USB disconnect, device number 50 [ 2033.844931][T21512] udevd[21512]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 2034.603316][T24426] usb usb1: usbfs: process 24426 (syz.4.8905) did not claim interface 0 before use [ 2036.141875][T24448] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8917'. [ 2036.460988][T24454] x_tables: ip6_tables: CT.2 target: invalid size 72 (kernel) != (user) 40 [ 2039.006467][T24499] syz.1.8932: attempt to access beyond end of device [ 2039.006467][T24499] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 2039.020380][T24499] hpfs: hpfs_map_sector(): read error [ 2039.226615][T19608] usb 4-1: new full-speed USB device number 43 using dummy_hcd [ 2039.444480][T19608] usb 4-1: unable to get BOS descriptor or descriptor too short [ 2039.478883][T19608] usb 4-1: not running at top speed; connect to a high speed hub [ 2039.531595][T19608] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1023, setting to 64 [ 2039.618565][T19608] usb 4-1: New USB device found, idVendor=0499, idProduct=1003, bcdDevice=a0.fc [ 2039.628342][T19608] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2039.636807][T19608] usb 4-1: Product: syz [ 2039.641354][T19608] usb 4-1: Manufacturer: syz [ 2039.646350][T19608] usb 4-1: SerialNumber: syz [ 2039.761205][T19608] usb 4-1: config 0 descriptor?? [ 2040.162257][T19608] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 2040.210599][T24517] loop4: detected capacity change from 0 to 764 [ 2040.335378][T19608] snd-usb-audio 4-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 2040.425355][T24517] Symlink component flag not implemented [ 2040.444718][T19608] usb 4-1: USB disconnect, device number 43 [ 2040.466568][T24517] Symlink component flag not implemented (101) [ 2040.698124][T21594] udevd[21594]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 2041.231148][T24513] loop2: detected capacity change from 0 to 4096 [ 2041.330801][T24513] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 2041.782179][T21815] usb 2-1: new high-speed USB device number 51 using dummy_hcd [ 2041.960815][T21815] usb 2-1: Using ep0 maxpacket: 8 [ 2041.984465][T21815] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2041.995198][T21815] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 2042.004562][T21815] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 2042.017979][T21815] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 2042.027684][T21815] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2042.080825][T21815] hub 2-1:1.0: bad descriptor, ignoring hub [ 2042.090067][T21815] hub 2-1:1.0: probe with driver hub failed with error -5 [ 2042.099352][T21815] cdc_wdm 2-1:1.0: probe with driver cdc_wdm failed with error -22 [ 2042.926807][T19608] usb 2-1: USB disconnect, device number 51 [ 2043.738116][ T4857] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 2044.032734][ T4857] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 2044.042459][ T4857] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2044.052952][ T4857] usb 4-1: Product: syz [ 2044.058102][ T4857] usb 4-1: Manufacturer: syz [ 2044.062969][ T4857] usb 4-1: SerialNumber: syz [ 2044.188308][ T4857] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 2044.336439][T21591] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 2044.885653][T21815] usb 4-1: USB disconnect, device number 44 [ 2044.917763][ C0] vkms_vblank_simulate: vblank timer overrun [ 2045.207395][T24564] loop4: detected capacity change from 0 to 4096 [ 2045.356837][T21591] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 2045.364769][T21591] ath9k_htc: Failed to initialize the device [ 2045.466010][T21815] usb 4-1: ath9k_htc: USB layer deinitialized [ 2045.593556][T24564] ntfs3(loop4): ino=5, "/" attr_set_size [ 2045.604285][T24564] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 2046.396488][T21815] usb 1-1: new high-speed USB device number 47 using dummy_hcd [ 2046.848057][T21815] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2047.234547][T21815] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 2047.244527][T21815] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2047.253499][T21815] usb 1-1: Product: syz [ 2047.257947][T21815] usb 1-1: Manufacturer: syz [ 2047.262972][T21815] usb 1-1: SerialNumber: syz [ 2047.492792][T21815] usb 1-1: config 0 descriptor?? [ 2047.558297][T21815] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 2047.831331][T21815] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 2047.943888][T21815] usb 1-1: USB disconnect, device number 47 [ 2048.321425][ T29] audit: type=1326 audit(1728946647.958:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24606 comm="syz.4.8984" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f52579 code=0x7ffc0000 [ 2048.350091][ T29] audit: type=1326 audit(1728946647.958:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24606 comm="syz.4.8984" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f52579 code=0x7ffc0000 [ 2048.590343][T21594] udevd[21594]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 2049.387419][T24617] loop1: detected capacity change from 0 to 4096 [ 2049.430829][T24612] loop2: detected capacity change from 0 to 1764 [ 2052.265126][T24632] openvswitch: netlink: Key 0 has unexpected len 4 expected 0 [ 2052.670189][T24617] ntfs3(loop1): Failed to read $AttrDef (-4). [ 2053.930356][T24641] loop4: detected capacity change from 0 to 1024 [ 2053.947656][T24646] netlink: 'syz.1.9000': attribute type 4 has an invalid length. [ 2053.956133][T24646] netlink: 5 bytes leftover after parsing attributes in process `syz.1.9000'. [ 2054.091731][T19608] usb 1-1: new high-speed USB device number 48 using dummy_hcd [ 2054.289032][T19608] usb 1-1: Using ep0 maxpacket: 16 [ 2054.334946][T19608] usb 1-1: New USB device found, idVendor=2770, idProduct=9050, bcdDevice=11.97 [ 2054.344704][T19608] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2054.495701][T19608] usb 1-1: config 0 descriptor?? [ 2054.551527][T19608] gspca_main: sq905c-2.14.0 probing 2770:9050 [ 2054.954918][T19608] gspca_sq905c: sq905c_read: usb_control_msg failed (-71) [ 2054.962631][T19608] sq905c 1-1:0.0: Reading version command failed [ 2054.969684][T19608] sq905c 1-1:0.0: probe with driver sq905c failed with error -71 [ 2055.090165][T19608] usb 1-1: USB disconnect, device number 48 [ 2055.463387][T21815] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 2055.735145][T21815] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.02 [ 2055.745142][T21815] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2055.753684][T21815] usb 5-1: Product: syz [ 2055.758093][T21815] usb 5-1: Manufacturer: syz [ 2055.763090][T21815] usb 5-1: SerialNumber: syz [ 2056.038395][T21815] usb 5-1: config 0 descriptor?? [ 2056.763804][T19608] usb 5-1: USB disconnect, device number 41 [ 2057.939118][T22928] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 2057.957288][T22928] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 2057.970487][T22928] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 2058.227723][T22928] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 2058.239132][T22928] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 2058.250241][T22928] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 2058.569428][ T1247] ieee802154 phy0 wpan0: encryption failed: -22 [ 2058.576418][ T1247] ieee802154 phy1 wpan1: encryption failed: -22 [ 2059.476059][T24669] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9010'. [ 2060.326373][T22928] Bluetooth: hci3: command tx timeout [ 2060.390130][T24677] loop4: detected capacity change from 0 to 512 [ 2060.841727][T24677] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.9015: attempt to clear invalid blocks 2 len 1 [ 2060.904983][T24677] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 2060.921562][T24677] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.9015: invalid indirect mapped block 1819239214 (level 0) [ 2061.159926][T24677] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.9015: invalid indirect mapped block 1819239214 (level 1) [ 2061.194405][T24677] EXT4-fs (loop4): 1 truncate cleaned up [ 2061.202947][T24677] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 2061.269534][ T29] audit: type=1400 audit(1728946661.745:139): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=24684 comm="syz.1.9019" [ 2061.741208][T23969] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2061.918982][T21613] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2062.011303][T24699] netlink: 'syz.0.9025': attribute type 3 has an invalid length. [ 2062.020707][T24699] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.9025'. [ 2062.036480][T24662] chnl_net:caif_netlink_parms(): no params data found [ 2062.364433][T22928] Bluetooth: hci3: command tx timeout [ 2062.522462][T21613] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2062.626150][T24705] ufs: Invalid option: "/+##" or missing value [ 2062.632565][T24705] ufs: wrong mount options [ 2062.800114][T21613] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2063.037762][T21613] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2063.523181][T21613] bridge_slave_1: left allmulticast mode [ 2063.532006][T21613] bridge_slave_1: left promiscuous mode [ 2063.538859][T21613] bridge0: port 2(bridge_slave_1) entered disabled state [ 2063.576100][T21613] bridge_slave_0: left allmulticast mode [ 2063.582908][T21613] bridge_slave_0: left promiscuous mode [ 2063.589930][T21613] bridge0: port 1(bridge_slave_0) entered disabled state [ 2063.609116][T24723] netlink: 20 bytes leftover after parsing attributes in process `syz.0.9033'. [ 2063.618491][T24723] openvswitch: netlink: Flow key attr not present in new flow. [ 2063.909141][T24726] dlm: no locking on control device [ 2064.330724][T24729] loop4: detected capacity change from 0 to 1024 [ 2064.716449][T22928] Bluetooth: hci3: command tx timeout [ 2064.787393][T24739] xt_socket: unknown flags 0x46 [ 2065.016832][T21613] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2065.551719][T21613] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2065.672461][T21613] bond0 (unregistering): Released all slaves [ 2065.790014][T21613] bond1 (unregistering): Released all slaves [ 2065.811017][T21613] bond2 (unregistering): Released all slaves [ 2065.830965][T21613] bond3 (unregistering): Released all slaves [ 2065.851720][T21613] bond4 (unregistering): Released all slaves [ 2065.921068][ T29] audit: type=1326 audit(1728946666.204:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24757 comm="syz.0.9046" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x0 [ 2065.983743][ T4857] usb 2-1: new high-speed USB device number 52 using dummy_hcd [ 2066.016311][T21873] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 2066.145592][T24662] bridge0: port 1(bridge_slave_0) entered blocking state [ 2066.153746][T24662] bridge0: port 1(bridge_slave_0) entered disabled state [ 2066.162152][T24662] bridge_slave_0: entered allmulticast mode [ 2066.208633][ T4857] usb 2-1: config 0 has an invalid interface number: 156 but max is 1 [ 2066.217567][ T4857] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2066.228118][ T4857] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 2066.237576][ T4857] usb 2-1: config 0 has no interface number 0 [ 2066.244099][ T4857] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 2066.254599][ T4857] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 2066.266023][ T4857] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 2066.272837][T24662] bridge_slave_0: entered promiscuous mode [ 2066.276125][ T4857] usb 2-1: config 0 interface 156 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 2066.295831][ T4857] usb 2-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 2066.307247][ T4857] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2066.317819][T21873] usb 5-1: Using ep0 maxpacket: 16 [ 2066.371671][T21873] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 2066.381807][T21873] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0 [ 2066.442859][T21873] usb 5-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79 [ 2066.452821][T21873] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2066.461272][T21873] usb 5-1: Product: syz [ 2066.465727][T21873] usb 5-1: Manufacturer: syz [ 2066.470624][T21873] usb 5-1: SerialNumber: syz [ 2066.480211][T24662] bridge0: port 2(bridge_slave_1) entered blocking state [ 2066.488267][T24662] bridge0: port 2(bridge_slave_1) entered disabled state [ 2066.501184][T24662] bridge_slave_1: entered allmulticast mode [ 2066.527433][ T4857] usb 2-1: config 0 descriptor?? [ 2066.567256][T24662] bridge_slave_1: entered promiscuous mode [ 2066.583126][T24761] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9050'. [ 2066.591780][ T4857] gspca_main: spca561-2.14.0 probing abcd:cdee [ 2066.604057][T21873] usb 5-1: config 0 descriptor?? [ 2066.826669][ T4857] spca561 2-1:0.156: probe with driver spca561 failed with error -22 [ 2066.839901][ T4857] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 2066.847375][ T4857] usb 2-1: MIDIStreaming interface descriptor not found [ 2066.920785][T21873] usb 5-1: Not enough endpoints found in device, aborting! [ 2066.938452][T22928] Bluetooth: hci3: command tx timeout [ 2067.120531][T21685] usb 5-1: USB disconnect, device number 42 [ 2067.616080][ T4857] usb 2-1: USB disconnect, device number 52 [ 2067.893262][T24662] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2068.008463][T24662] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2068.112016][T21613] hsr_slave_0: left promiscuous mode [ 2068.164808][T21613] hsr_slave_1: left promiscuous mode [ 2068.262065][T21613] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2068.271008][T21613] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2068.320397][T21613] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2068.328437][T21613] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2068.464554][T21613] veth1_macvtap: left promiscuous mode [ 2068.470597][T21613] veth0_macvtap: left allmulticast mode [ 2068.477319][T21613] veth0_macvtap: left promiscuous mode [ 2068.483309][T21613] veth1_vlan: left promiscuous mode [ 2068.489154][T21613] veth0_vlan: left promiscuous mode [ 2069.856836][T21613] team0 (unregistering): Port device team_slave_1 removed [ 2070.008769][T21613] team0 (unregistering): Port device team_slave_0 removed [ 2070.696561][T24782] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9057'. [ 2070.705819][T24782] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9057'. [ 2070.809815][T24812] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9067'. [ 2070.930178][T24662] team0: Port device team_slave_0 added [ 2070.949389][T24662] team0: Port device team_slave_1 added [ 2071.247350][T24817] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9068'. [ 2071.488487][T24662] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2071.496439][T24662] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2071.525516][T24662] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2071.651102][T24662] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2071.658670][T24662] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2071.685378][T24662] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2071.865729][T24821] loop1: detected capacity change from 0 to 1024 [ 2072.132736][T24821] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 2072.208933][T24662] hsr_slave_0: entered promiscuous mode [ 2072.236910][T24662] hsr_slave_1: entered promiscuous mode [ 2072.324721][T24828] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 168: padding at end of block bitmap is not set [ 2072.360166][T24662] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2072.368382][T24662] Cannot create hsr debugfs directory [ 2072.619729][T21899] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2074.044366][T24858] loop1: detected capacity change from 0 to 256 [ 2074.507754][T24858] FAT-fs (loop1): Directory bread(block 64) failed [ 2074.516674][T24858] FAT-fs (loop1): Directory bread(block 65) failed [ 2074.524475][T24858] FAT-fs (loop1): Directory bread(block 66) failed [ 2074.531313][T24858] FAT-fs (loop1): Directory bread(block 67) failed [ 2074.538420][T24858] FAT-fs (loop1): Directory bread(block 68) failed [ 2074.545396][T24858] FAT-fs (loop1): Directory bread(block 69) failed [ 2074.552367][T24858] FAT-fs (loop1): Directory bread(block 70) failed [ 2074.559506][T24858] FAT-fs (loop1): Directory bread(block 71) failed [ 2074.566720][T24858] FAT-fs (loop1): Directory bread(block 72) failed [ 2074.573630][T24858] FAT-fs (loop1): Directory bread(block 73) failed [ 2075.553562][T24875] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0) [ 2075.563096][T24875] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647 [ 2075.663231][T24662] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 2075.747665][T24662] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 2075.839234][T24662] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 2075.963343][T24662] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 2077.212341][T24662] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2077.260468][T24662] 8021q: adding VLAN 0 to HW filter on device team0 [ 2077.429639][ T4554] bridge0: port 1(bridge_slave_0) entered blocking state [ 2077.437414][ T4554] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2077.454029][ T4554] bridge0: port 2(bridge_slave_1) entered blocking state [ 2077.461823][ T4554] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2078.998878][T24662] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2079.153186][T24662] veth0_vlan: entered promiscuous mode [ 2079.198078][T24662] veth1_vlan: entered promiscuous mode [ 2079.297161][T24662] veth0_macvtap: entered promiscuous mode [ 2079.319858][T24662] veth1_macvtap: entered promiscuous mode [ 2079.514745][T24662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2079.525650][T24662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2079.535864][T24662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2079.546808][T24662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2079.557540][T24662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2079.568408][T24662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2079.579114][T24662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2079.590068][T24662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2079.606187][T24662] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2079.644749][T24662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2079.655792][T24662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2079.665982][T24662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2079.676800][T24662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2079.686963][T24662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2079.697824][T24662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2079.709247][T24662] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2079.720077][T24662] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2079.742448][T24662] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2079.932982][T24662] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2079.942199][T24662] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2079.953525][T24662] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2079.963357][T24662] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2081.778098][T24968] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9120'. [ 2082.655425][T24981] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9126'. [ 2084.040266][T25004] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9134'. [ 2084.051360][T25004] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9134'. [ 2085.502284][T25030] loop4: detected capacity change from 0 to 128 [ 2085.811761][T25036] xt_CT: You must specify a L4 protocol and not use inversions on it [ 2086.268033][T25044] netlink: 'syz.2.9145': attribute type 1 has an invalid length. [ 2086.278198][T25044] netlink: 127868 bytes leftover after parsing attributes in process `syz.2.9145'. [ 2087.328633][T21742] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2087.336756][T21742] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2087.534133][T21742] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2087.542692][T21742] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2089.280489][T25065] loop1: detected capacity change from 0 to 4096 [ 2089.425040][T25089] loop2: detected capacity change from 0 to 256 [ 2089.562022][T25093] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 2090.270205][T25101] netlink: 'syz.4.9166': attribute type 1 has an invalid length. [ 2091.317948][T25113] loop3: detected capacity change from 0 to 1024 [ 2091.814243][T25113] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 2092.054135][T24662] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2092.419872][T25134] delete_channel: no stack [ 2092.843453][T25145] loop3: detected capacity change from 0 to 1024 [ 2092.929204][T25145] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 2093.286546][T25151] tmpfs: Bad value for 'mpol' [ 2093.336956][T25145] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 2093.778117][T24662] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2093.839380][T25161] netlink: 'syz.1.9192': attribute type 32 has an invalid length. [ 2093.847702][T25161] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9192'. [ 2093.857201][T25161] netlink: 'syz.1.9192': attribute type 32 has an invalid length. [ 2094.103814][T25166] netlink: 1 bytes leftover after parsing attributes in process `syz.3.9194'. [ 2094.545907][T25172] loop4: detected capacity change from 0 to 16 [ 2094.719802][T25172] erofs: (device loop4): mounted with root inode @ nid 36. [ 2094.798548][T25172] syz.4.9195: attempt to access beyond end of device [ 2094.798548][T25172] loop4: rw=0, sector=14552337256, nr_sectors = 8 limit=16 [ 2094.818308][T25172] syz.4.9195: attempt to access beyond end of device [ 2094.818308][T25172] loop4: rw=0, sector=14546590680, nr_sectors = 8 limit=16 [ 2094.832720][T25172] erofs: (device loop4): z_erofs_read_folio: read error -5 @ 124 of nid 36 [ 2095.108050][ T4857] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 2095.437744][ T4857] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 2095.447371][ T4857] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2095.496372][ T4857] usb 3-1: config 0 descriptor?? [ 2095.772025][T25187] trusted_key: encrypted_key: hex blob is missing [ 2095.978361][ T4857] [drm:udl_init] *ERROR* Selecting channel failed [ 2096.024668][ T4857] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2 [ 2096.035136][ T4857] [drm] Initialized udl on minor 2 [ 2096.119961][ T4857] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 2096.129125][ T4857] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 2096.173372][T21591] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 2096.176084][T25191] loop1: detected capacity change from 0 to 256 [ 2096.203930][ T4857] usb 3-1: USB disconnect, device number 43 [ 2096.211493][T21591] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 2096.220023][T21591] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 2097.493413][T25212] dlm: no locking on control device [ 2097.881233][T25204] loop1: detected capacity change from 0 to 2048 [ 2097.895828][T25214] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9219'. [ 2097.964257][T25204] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 2098.275286][T21899] UDF-fs: warning (device loop1): udf_evict_inode: Inode 1367 (mode 120777) has inode size 157 different from extent length 512. Filesystem need not be standards compliant. [ 2098.978736][T25238] loop2: detected capacity change from 0 to 512 [ 2099.100723][T25238] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 2099.158416][T25240] loop4: detected capacity change from 0 to 512 [ 2099.330620][T25238] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 2099.344455][T25238] ext4 filesystem being mounted at /296/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 2099.578494][T25240] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 2099.597358][T25240] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 2099.835355][T21683] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 2099.887603][T23969] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2101.338454][T25276] xt_HMARK: proto mask must be zero with L3 mode [ 2101.859454][T25284] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9247'. [ 2101.869068][T25284] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9247'. [ 2103.718559][T25321] loop1: detected capacity change from 0 to 256 [ 2103.749159][T25322] netlink: 'syz.0.9265': attribute type 29 has an invalid length. [ 2103.757465][T25322] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9265'. [ 2103.890630][T25321] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 2103.901429][T25321] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 2103.919395][T25321] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 2103.937425][ T29] audit: type=1800 audit(1728946701.325:141): pid=25321 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.9266" name="file1" dev="loop1" ino=1048703 res=0 errno=0 [ 2104.782192][T25336] --map-set only usable from mangle table [ 2105.311000][T25345] netlink: 60 bytes leftover after parsing attributes in process `syz.0.9276'. [ 2105.983123][ T4857] usb 5-1: new high-speed USB device number 43 using dummy_hcd [ 2106.233646][ T4857] usb 5-1: Using ep0 maxpacket: 32 [ 2106.245281][T21815] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 2106.285026][T25363] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9284'. [ 2106.304383][ T4857] usb 5-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 2106.315961][ T4857] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2106.369777][ T4857] usb 5-1: config 0 descriptor?? [ 2106.425638][T21815] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 191, setting to 64 [ 2106.436008][ T4857] gspca_main: sunplus-2.14.0 probing 041e:400b [ 2106.437188][T21815] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 2106.452765][T21815] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2106.538809][T21815] usb 4-1: config 0 descriptor?? [ 2106.805821][T21815] ath6kl: Failed to submit usb control message: -71 [ 2106.813114][T21815] ath6kl: unable to send the bmi data to the device: -71 [ 2106.820581][T21815] ath6kl: Unable to send get target info: -71 [ 2106.840625][T21815] ath6kl: Failed to init ath6kl core: -71 [ 2106.852060][T21815] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 2106.856476][ T4857] gspca_sunplus: reg_w_riv err -71 [ 2106.866860][ T4857] sunplus 5-1:0.0: probe with driver sunplus failed with error -71 [ 2106.952142][ T4857] usb 5-1: USB disconnect, device number 43 [ 2107.002888][T25370] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9288'. [ 2107.012497][T25370] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9288'. [ 2107.066220][T21815] usb 4-1: USB disconnect, device number 45 [ 2107.107060][T25371] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9289'. [ 2107.213312][T25373] xt_CT: You must specify a L4 protocol and not use inversions on it [ 2107.762705][T25378] netlink: 'syz.1.9291': attribute type 2 has an invalid length. [ 2107.838532][T25379] loop2: detected capacity change from 0 to 512 [ 2107.847743][T25379] EXT4-fs: Ignoring removed nomblk_io_submit option [ 2107.951419][T25379] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 2107.960444][T25379] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 2108.006063][T25379] EXT4-fs (loop2): 1 truncate cleaned up [ 2108.025164][T25379] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 2108.117373][T25379] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #2: block 4: comm syz.2.9293: lblock 0 mapped to illegal pblock 4 (length 1) [ 2108.145953][ T4857] usb 1-1: new high-speed USB device number 49 using dummy_hcd [ 2108.231183][T25379] EXT4-fs (loop2): Remounting filesystem read-only [ 2108.335007][ T4857] usb 1-1: Using ep0 maxpacket: 8 [ 2108.387984][ T4857] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2108.398746][ T4857] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 2108.410929][ T4857] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 2108.422246][ T4857] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 2108.432507][ T4857] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 2108.537621][ T4857] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 2108.547617][ T4857] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 2108.556186][ T4857] usb 1-1: Product: syz [ 2108.560587][ T4857] usb 1-1: Manufacturer: syz [ 2108.565564][ T4857] usb 1-1: SerialNumber: syz [ 2108.605522][T21683] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2108.708380][ T4857] usb 1-1: config 0 descriptor?? [ 2108.995940][ T4857] radio-si470x 1-1:0.0: DeviceID=0x6465 ChipID=0x7669 [ 2109.213740][ T4857] radio-si470x 1-1:0.0: si470x_get_report: usb_control_msg returned -71 [ 2109.226739][ T4857] radio-si470x 1-1:0.0: si470x_get_scratch: si470x_get_report returned -71 [ 2109.242625][ T4857] radio-si470x 1-1:0.0: probe with driver radio-si470x failed with error -5 [ 2109.432781][ T4857] usb 1-1: USB disconnect, device number 49 [ 2110.144005][ T29] audit: type=1326 audit(1728946707.029:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25408 comm="" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73fd579 code=0x0 [ 2110.865605][T25418] loop2: detected capacity change from 0 to 1024 [ 2111.319624][T25429] loop3: detected capacity change from 0 to 1024 [ 2111.634811][T25434] loop1: detected capacity change from 0 to 64 [ 2112.122715][ T29] audit: type=1400 audit(1728946708.884:143): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A2F2F26FFFFFFFFFF pid=25441 comm="syz.0.9323" [ 2112.579003][T25450] sit0: entered promiscuous mode [ 2112.647608][T25450] netlink: 1 bytes leftover after parsing attributes in process `syz.0.9328'. [ 2113.197270][T25462] netlink: 48 bytes leftover after parsing attributes in process `syz.0.9333'. [ 2113.206958][T25462] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9333'. [ 2113.216521][T25462] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9333'. [ 2113.226041][T25462] netlink: 'syz.0.9333': attribute type 6 has an invalid length. [ 2114.468153][T25483] syz.1.9343: attempt to access beyond end of device [ 2114.468153][T25483] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 2114.970337][T21815] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 2115.346742][T21815] usb 4-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=c2.c6 [ 2115.356843][T21815] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2115.444707][T21815] usb 4-1: config 0 descriptor?? [ 2115.755018][ T29] audit: type=1326 audit(1728946712.234:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25501 comm="syz.0.9353" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x0 [ 2116.167892][T21815] mxuport 4-1:0.0: mxuport_recv_ctrl_urb - usb_control_msg failed (-71) [ 2116.176827][T21815] mxuport 4-1:0.0: probe with driver mxuport failed with error -5 [ 2116.423996][T21815] usb 4-1: USB disconnect, device number 46 [ 2117.265668][T25518] loop1: detected capacity change from 0 to 512 [ 2117.289570][T25518] EXT4-fs: Ignoring removed nomblk_io_submit option [ 2117.384847][T25518] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 2117.440186][T25527] netlink: 'syz.3.9364': attribute type 13 has an invalid length. [ 2117.453277][T25527] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9364'. [ 2117.470210][T25518] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a85ec028, mo2=0002] [ 2117.522768][T25518] System zones: 0-2, 18-18, 34-34 [ 2117.672961][T25518] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1138: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 2117.729478][T25518] EXT4-fs (loop1): 1 truncate cleaned up [ 2117.737060][T25518] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 2117.881233][T25518] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #12: block 13: comm syz.1.9359: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=12, rec_len=0, size=4096 fake=1 [ 2118.020840][T25518] EXT4-fs (loop1): Remounting filesystem read-only [ 2118.027892][T25518] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #12: comm syz.1.9359: directory missing '.' [ 2118.391382][T21899] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2118.974729][T25552] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9373'. [ 2119.026015][T25555] netlink: 'syz.1.9372': attribute type 3 has an invalid length. [ 2119.034154][T25555] netlink: 224 bytes leftover after parsing attributes in process `syz.1.9372'. [ 2119.329006][T25559] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9379'. [ 2120.529203][T25582] loop2: detected capacity change from 0 to 2048 [ 2120.651199][T25582] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 2120.700635][T25582] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 2121.339828][T25590] loop1: detected capacity change from 0 to 256 [ 2121.386972][T25590] exfat: Deprecated parameter 'utf8' [ 2121.505405][T25598] program syz.2.9397 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 2121.532467][T25590] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011e5d, chksum : 0x63a11b78, utbl_chksum : 0xe619d30d) [ 2122.152157][T25606] netlink: 36 bytes leftover after parsing attributes in process `syz.2.9401'. [ 2123.081871][T25623] program syz.4.9409 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 2123.092315][T25623] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 2123.211255][T21815] usb 4-1: new high-speed USB device number 47 using dummy_hcd [ 2123.358344][T25626] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9410'. [ 2123.443214][T21815] usb 4-1: Using ep0 maxpacket: 16 [ 2123.471780][T21815] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 31551, setting to 1024 [ 2123.483598][T21815] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 2123.491915][ T4857] usb 1-1: new high-speed USB device number 50 using dummy_hcd [ 2123.622804][T21815] usb 4-1: New USB device found, idVendor=061d, idProduct=c160, bcdDevice=8f.9a [ 2123.632217][T21815] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2123.640881][T21815] usb 4-1: Product: syz [ 2123.645459][T21815] usb 4-1: Manufacturer: syz [ 2123.650320][T21815] usb 4-1: SerialNumber: syz [ 2123.775135][T21815] usb 4-1: config 0 descriptor?? [ 2123.785620][T25616] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 2123.810759][T21815] quatech2 4-1:0.0: Quatech 2nd gen USB to Serial Driver converter detected [ 2124.074816][ C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 2124.137008][ T4857] usb 1-1: config 0 has an invalid interface number: 69 but max is 0 [ 2124.144206][T21815] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 2124.145509][ T4857] usb 1-1: config 0 has no interface number 0 [ 2124.161346][ T4857] usb 1-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 2124.171769][ T4857] usb 1-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 2124.223283][T21815] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 2124.314159][T21815] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB2 [ 2124.359337][T21815] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB3 [ 2124.432414][T21815] usb 4-1: USB disconnect, device number 47 [ 2124.534271][T21815] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 2124.584087][ T4857] usb 1-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 2124.593619][ T4857] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2124.602053][ T4857] usb 1-1: Product: syz [ 2124.606484][ T4857] usb 1-1: Manufacturer: syz [ 2124.611460][ T4857] usb 1-1: SerialNumber: syz [ 2124.636975][ T4857] usb 1-1: config 0 descriptor?? [ 2124.680592][ T1247] ieee802154 phy0 wpan0: encryption failed: -22 [ 2124.687809][ T1247] ieee802154 phy1 wpan1: encryption failed: -22 [ 2124.695866][T25619] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 2124.761872][T21815] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 2124.909475][ T4857] cyberjack 1-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 2124.934802][T21815] quatech-serial ttyUSB2: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB2 [ 2125.035149][ T4857] usb 1-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB4 [ 2125.162338][T21815] quatech-serial ttyUSB3: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB3 [ 2125.177378][T21815] quatech2 4-1:0.0: device disconnected [ 2126.071147][T25653] netlink: 92 bytes leftover after parsing attributes in process `syz.3.9424'. [ 2126.223816][T25653] bond0: (slave bond_slave_1): Releasing backup interface [ 2126.355441][T25653] netlink: 60 bytes leftover after parsing attributes in process `syz.3.9424'. [ 2126.365401][T25653] A link change request failed with some changes committed already. Interface bond_slave_1 may have been left with an inconsistent configuration, please check. [ 2126.509717][ T4857] usb 1-1: USB disconnect, device number 50 [ 2126.538152][ T4857] cyberjack ttyUSB4: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB4 [ 2126.557316][ T4857] cyberjack 1-1:0.69: device disconnected [ 2126.616834][T25656] loop2: detected capacity change from 0 to 512 [ 2126.727657][T25656] EXT4-fs warning (device loop2): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 2126.904544][ T5422] Bluetooth: hci2: command 0x0406 tx timeout [ 2127.349923][T25667] netlink: 'syz.2.9431': attribute type 2 has an invalid length. [ 2127.358071][T25667] netlink: 'syz.2.9431': attribute type 1 has an invalid length. [ 2127.366351][T25667] netlink: 132 bytes leftover after parsing attributes in process `syz.2.9431'. [ 2128.189990][T25678] netlink: 256 bytes leftover after parsing attributes in process `syz.2.9435'. [ 2128.491890][T25684] netlink: 'syz.0.9438': attribute type 5 has an invalid length. [ 2129.107162][T25697] QAT: failed to copy from user. [ 2129.370316][T25699] netlink: 'syz.4.9446': attribute type 1 has an invalid length. [ 2129.378565][T25699] netlink: 244 bytes leftover after parsing attributes in process `syz.4.9446'. [ 2129.388260][T25699] NCSI netlink: No device for ifindex 0 [ 2129.896830][T25708] binfmt_misc: register: failed to install interpreter file ./file/file0 [ 2130.305847][T25713] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9456'. [ 2130.881567][T25719] nvme_fabrics: missing parameter 'transport=%s' [ 2130.888170][T25719] nvme_fabrics: missing parameter 'nqn=%s' [ 2131.322078][T25728] loop3: detected capacity change from 0 to 4096 [ 2131.462942][T25726] loop2: detected capacity change from 0 to 4096 [ 2131.494889][T25726] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 2131.820445][T25726] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 2132.391887][T25742] netlink: 'syz.0.9468': attribute type 1 has an invalid length. [ 2132.400101][T25742] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9468'. [ 2133.464242][T25756] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9474'. [ 2134.504150][T25772] loop1: detected capacity change from 0 to 512 [ 2134.527591][T25772] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 2134.593150][T25774] 9pnet_fd: p9_fd_create_tcp (25774): problem connecting socket to 127.0.0.1 [ 2134.687899][T25772] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 2134.701224][T25772] ext4 filesystem being mounted at /323/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 2134.717152][T25779] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 2135.030185][T21899] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2135.584082][T25793] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9490'. [ 2135.593675][T25793] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9490'. [ 2136.048077][T25799] kernel read not supported for file /eth0 (pid: 25799 comm: syz.1.9495) [ 2136.058334][ T29] audit: type=1800 audit(1728946730.980:145): pid=25799 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.9495" name="eth0" dev="mqueue" ino=72764 res=0 errno=0 [ 2136.545737][ T29] audit: type=1326 audit(1728946731.350:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25804 comm="syz.1.9498" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x0 [ 2136.680472][T25807] netlink: 20 bytes leftover after parsing attributes in process `syz.0.9497'. [ 2136.690289][T25807] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 2136.697839][T25807] IPv6: NLM_F_CREATE should be set when creating new route [ 2136.705607][T25807] IPv6: NLM_F_CREATE should be set when creating new route [ 2136.823732][T25811] netlink: 'syz.4.9501': attribute type 1 has an invalid length. [ 2137.447065][T22928] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260 [ 2138.063960][T19608] usb 5-1: new high-speed USB device number 44 using dummy_hcd [ 2138.316794][T19608] usb 5-1: Using ep0 maxpacket: 16 [ 2138.382421][T19608] usb 5-1: config 0 has an invalid interface number: 214 but max is 0 [ 2138.391215][T19608] usb 5-1: config 0 has no interface number 0 [ 2138.397700][T19608] usb 5-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 2138.424789][T21815] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 2138.496349][T19608] usb 5-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 2138.506114][T19608] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2138.514664][T19608] usb 5-1: Product: syz [ 2138.520298][T19608] usb 5-1: Manufacturer: syz [ 2138.530087][T19608] usb 5-1: SerialNumber: syz [ 2138.554341][T19608] usb 5-1: config 0 descriptor?? [ 2138.992148][T21815] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2139.003197][T21815] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 2139.012860][T21815] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2139.065189][T21815] usb 3-1: config 0 descriptor?? [ 2139.167145][T25850] loop1: detected capacity change from 0 to 512 [ 2139.239870][T19608] usbtouchscreen 5-1:0.214: probe with driver usbtouchscreen failed with error -71 [ 2139.321018][T19608] usb 5-1: USB disconnect, device number 44 [ 2139.531095][T25850] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 2139.544506][T25850] ext4 filesystem being mounted at /331/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 2139.577109][T21815] ath6kl: Failed to read usb control message: -71 [ 2139.585500][T21815] ath6kl: Unable to read the bmi data from the device: -71 [ 2139.594581][T21815] ath6kl: Unable to recv target info: -71 [ 2139.674021][T21815] ath6kl: Failed to init ath6kl core: -71 [ 2139.682757][T21815] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 2139.774928][T21815] usb 3-1: USB disconnect, device number 44 [ 2139.786967][T25850] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #12: block 32: comm syz.1.9519: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=12, rec_len=106, size=2048 fake=1 [ 2139.845257][T25850] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #12: comm syz.1.9519: directory missing '.' [ 2139.892972][T25860] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9521'. [ 2140.199843][T21899] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2140.384895][T25866] Cannot find set identified by id 0 to match [ 2140.789094][T25873] netlink: 'syz.2.9527': attribute type 21 has an invalid length. [ 2141.140345][T25876] netlink: 92 bytes leftover after parsing attributes in process `syz.1.9525'. [ 2141.212378][T25876] bond0: (slave bond_slave_1): Releasing backup interface [ 2141.255679][T25880] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9529'. [ 2141.265095][T25880] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9529'. [ 2141.311308][T25876] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9525'. [ 2141.321540][T25876] A link change request failed with some changes committed already. Interface bond_slave_1 may have been left with an inconsistent configuration, please check. [ 2141.649289][T25883] loop3: detected capacity change from 0 to 128 [ 2141.884468][T25883] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 2141.916000][T25883] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 2141.931715][T19608] usb 3-1: new high-speed USB device number 45 using dummy_hcd [ 2141.950769][T25883] EXT4-fs error (device loop3): ext4_validate_block_bitmap:423: comm syz.3.9531: bg 0: bad block bitmap checksum [ 2142.060589][T24662] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 2142.115888][T19608] usb 3-1: Using ep0 maxpacket: 8 [ 2142.148370][T19608] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2142.159953][T19608] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 2142.170240][T19608] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 2142.180226][T19608] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 2142.331647][T19608] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 2142.342023][T19608] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 2142.350568][T19608] usb 3-1: SerialNumber: syz [ 2142.395132][T25885] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 2142.438523][T19608] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22 [ 2142.448332][T19608] usb-storage 3-1:1.0: USB Mass Storage device detected [ 2142.548339][ T29] audit: type=1326 audit(1728946736.962:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25894 comm="syz.3.9536" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 2142.571896][ T29] audit: type=1326 audit(1728946736.962:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25894 comm="syz.3.9536" exe="/root/syz-executor" sig=0 arch=40000003 syscall=310 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 2142.595425][ T29] audit: type=1326 audit(1728946736.962:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25894 comm="syz.3.9536" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 2142.671143][T19608] usb-storage 3-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 2142.788129][T19608] scsi host1: usb-storage 3-1:1.0 [ 2142.980126][ T29] audit: type=1800 audit(1728946737.349:150): pid=25903 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.9539" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 2144.001043][T19608] usb 4-1: new high-speed USB device number 48 using dummy_hcd [ 2144.145710][T25897] usb 3-1: reset high-speed USB device number 45 using dummy_hcd [ 2144.214319][T19608] usb 4-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 2144.224323][T19608] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2144.253527][T19608] usb 4-1: config 0 descriptor?? [ 2144.337686][T19608] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input78 [ 2144.642347][T19608] usb 4-1: USB disconnect, device number 48 [ 2145.120919][ T4857] usb 3-1: USB disconnect, device number 45 [ 2146.085560][T25954] netlink: 144 bytes leftover after parsing attributes in process `syz.4.9561'. [ 2146.338860][T25956] loop1: detected capacity change from 0 to 8 [ 2146.519454][T25956] SQUASHFS error: Failed to read block 0x2d7: -5 [ 2146.526286][T25956] SQUASHFS error: Unable to read metadata cache entry [2d5] [ 2146.815080][T25962] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9565'. [ 2146.825668][T25962] netlink: 48 bytes leftover after parsing attributes in process `syz.4.9565'. [ 2147.553422][T25971] loop3: detected capacity change from 0 to 164 [ 2147.630933][T25971] Unable to read rock-ridge attributes [ 2147.659922][T25975] netlink: 'syz.4.9572': attribute type 1 has an invalid length. [ 2147.725166][T25971] tmpfs: Bad value for 'nr_blocks' [ 2147.750871][T25977] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9573'. [ 2148.563113][T25989] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9579'. [ 2148.958168][T25996] netlink: 188 bytes leftover after parsing attributes in process `syz.1.9581'. [ 2149.029552][T25998] loop3: detected capacity change from 0 to 1024 [ 2149.081382][T25998] hfsplus: bad catalog entry type [ 2149.355740][T26002] tmpfs: Bad value for 'mpol' [ 2149.522675][T26004] loop1: detected capacity change from 0 to 256 [ 2150.087320][T26004] FAT-fs (loop1): Directory bread(block 64) failed [ 2150.094601][T26004] FAT-fs (loop1): Directory bread(block 65) failed [ 2150.101954][T26004] FAT-fs (loop1): Directory bread(block 66) failed [ 2150.108791][T26004] FAT-fs (loop1): Directory bread(block 67) failed [ 2150.116009][T26004] FAT-fs (loop1): Directory bread(block 68) failed [ 2150.122969][T26004] FAT-fs (loop1): Directory bread(block 69) failed [ 2150.129966][T26004] FAT-fs (loop1): Directory bread(block 70) failed [ 2150.137055][T26004] FAT-fs (loop1): Directory bread(block 71) failed [ 2150.144259][T26004] FAT-fs (loop1): Directory bread(block 72) failed [ 2150.151436][T26004] FAT-fs (loop1): Directory bread(block 73) failed [ 2150.237141][T26015] Scaler: ================= START STATUS ================= [ 2150.245168][T26015] Scaler: ================== END STATUS ================== [ 2151.001844][T26031] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 2151.014697][T26032] overlayfs: missing 'lowerdir' [ 2151.898522][T26044] qrtr: Invalid version 0 [ 2152.821367][T26060] openvswitch: netlink: IPv4 tunnel dst address is zero [ 2153.680058][T26072] loop1: detected capacity change from 0 to 512 [ 2153.826560][T26072] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 2153.932782][T26072] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e11c, mo2=0102] [ 2153.986122][T26072] EXT4-fs (loop1): orphan cleanup on readonly fs [ 2154.116485][T26072] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #11: comm syz.1.9617: attempt to clear invalid blocks 1024 len 1 [ 2154.164715][T26072] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.9617: bg 0: block 361: padding at end of block bitmap is not set [ 2154.238271][T26072] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 2154.272798][T26072] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.9617: invalid indirect mapped block 1811939328 (level 0) [ 2154.369770][T26072] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.9617: invalid indirect mapped block 2185560079 (level 1) [ 2154.425706][T26085] loop3: detected capacity change from 0 to 256 [ 2154.678989][T26072] EXT4-fs (loop1): 1 truncate cleaned up [ 2154.686780][T26072] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 2154.740986][T26085] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 2154.984043][T21899] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 2156.714345][T26127] netlink: 'syz.2.9643': attribute type 1 has an invalid length. [ 2157.786802][ T4857] usb 1-1: new high-speed USB device number 51 using dummy_hcd [ 2158.359182][ T4857] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 2158.369566][ T4857] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2158.378072][ T4857] usb 1-1: Product: syz [ 2158.385905][ T4857] usb 1-1: Manufacturer: syz [ 2158.391979][ T4857] usb 1-1: SerialNumber: syz [ 2158.422351][T21591] usb 5-1: new high-speed USB device number 45 using dummy_hcd [ 2158.447761][ T4857] usb 1-1: config 0 descriptor?? [ 2158.706861][ T4857] hso 1-1:0.0: Failed to find BULK IN ep [ 2158.738439][T21591] usb 5-1: Using ep0 maxpacket: 8 [ 2158.763180][T21591] usb 5-1: config 1 has an invalid interface number: 167 but max is 0 [ 2158.771854][T21591] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2158.783144][T21591] usb 5-1: config 1 has no interface number 0 [ 2158.791581][T21591] usb 5-1: config 1 interface 167 altsetting 253 endpoint 0x82 has invalid wMaxPacketSize 0 [ 2158.802272][T21591] usb 5-1: config 1 interface 167 altsetting 253 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2158.816137][T21591] usb 5-1: config 1 interface 167 has no altsetting 0 [ 2158.835970][ T4857] usb-storage 1-1:0.0: USB Mass Storage device detected [ 2158.894970][T21591] usb 5-1: New USB device found, idVendor=2040, idProduct=6502, bcdDevice=5e.f6 [ 2158.904522][T21591] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2158.913523][T21591] usb 5-1: Product: syz [ 2158.917969][T21591] usb 5-1: Manufacturer: syz [ 2158.922977][T21591] usb 5-1: SerialNumber: syz [ 2158.975540][T21591] hub 5-1:1.167: bad descriptor, ignoring hub [ 2158.981941][T21591] hub 5-1:1.167: probe with driver hub failed with error -5 [ 2159.109119][ T4857] usb 1-1: USB disconnect, device number 51 [ 2159.153325][T26164] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9661'. [ 2159.265564][T26166] loop3: detected capacity change from 0 to 512 [ 2159.294039][T21591] em28xx 5-1:1.167: New device syz syz @ 480 Mbps (2040:6502, interface 167, class 167) [ 2159.304529][T21591] em28xx 5-1:1.167: Video interface 167 found: [ 2159.314171][T26166] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 2159.483321][T26166] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e11c, mo2=0102] [ 2159.499275][T26166] EXT4-fs (loop3): orphan cleanup on readonly fs [ 2159.521725][T26166] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #11: comm syz.3.9659: attempt to clear invalid blocks 1024 len 1 [ 2159.549488][T26166] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.9659: bg 0: block 361: padding at end of block bitmap is not set [ 2159.671027][T26166] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 2159.781902][T26166] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.9659: invalid indirect mapped block 1811939328 (level 0) [ 2159.840790][T26166] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.9659: invalid indirect mapped block 2185560079 (level 1) [ 2159.897473][T21591] em28xx 5-1:1.167: unknown em28xx chip ID (0) [ 2159.897917][T26166] EXT4-fs (loop3): 1 truncate cleaned up [ 2159.912513][T26166] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 2160.083618][T21591] em28xx 5-1:1.167: reading from i2c device at 0xa0 failed (error=-5) [ 2160.092373][T21591] em28xx 5-1:1.167: board has no eeprom [ 2160.221156][T21591] em28xx 5-1:1.167: Identified as Hauppauge WinTV HVR 900 (R2) (card=18) [ 2160.229959][T21591] em28xx 5-1:1.167: analog set to bulk mode. [ 2160.306737][ T4857] em28xx 5-1:1.167: Registering V4L2 extension [ 2160.412649][T26180] netlink: 'syz.0.9667': attribute type 13 has an invalid length. [ 2160.599316][T21591] usb 5-1: USB disconnect, device number 45 [ 2160.611010][T21591] em28xx 5-1:1.167: Disconnecting em28xx [ 2160.764383][T24662] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 2161.889481][ T4857] em28xx 5-1:1.167: Config register raw data: 0xffffffed [ 2161.896856][ T4857] em28xx 5-1:1.167: AC97 chip type couldn't be determined [ 2161.904699][ T4857] em28xx 5-1:1.167: No AC97 audio processor [ 2161.910979][ T4857] em28xx 5-1:1.167: em28xx_v4l2_init: Error while setting audio - error [-19]! [ 2161.921143][ T4857] em28xx 5-1:1.167: Binding DVB extension [ 2161.927151][ T4857] em28xx 5-1:1.167: no endpoint for DVB mode and transfer type 0 [ 2161.940242][ T4857] em28xx 5-1:1.167: failed to pre-allocate USB transfer buffers for DVB. [ 2161.950623][ T4857] em28xx 5-1:1.167: Registering input extension [ 2162.246024][T21591] em28xx 5-1:1.167: Closing input extension [ 2162.303730][T21591] em28xx 5-1:1.167: Freeing device [ 2162.513135][T26208] loop2: detected capacity change from 0 to 512 [ 2162.596328][T26208] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 2162.779028][T26208] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e11c, mo2=0102] [ 2162.793940][T26208] EXT4-fs (loop2): orphan cleanup on readonly fs [ 2162.811120][T26208] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #11: comm syz.2.9680: attempt to clear invalid blocks 1024 len 1 [ 2162.883350][ T29] audit: type=1326 audit(1728946755.735:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26216 comm="syz.4.9683" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f52579 code=0x7ffc0000 [ 2162.906296][ T29] audit: type=1326 audit(1728946755.735:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26216 comm="syz.4.9683" exe="/root/syz-executor" sig=0 arch=40000003 syscall=446 compat=1 ip=0xf7f52579 code=0x7ffc0000 [ 2162.935380][ T29] audit: type=1326 audit(1728946755.735:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26216 comm="syz.4.9683" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f52579 code=0x7ffc0000 [ 2162.957590][ C1] vkms_vblank_simulate: vblank timer overrun [ 2163.088314][T26220] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2163.254164][T26208] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.9680: bg 0: block 361: padding at end of block bitmap is not set [ 2163.272104][T26224] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9686'. [ 2163.396608][T26208] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 2163.496932][T26208] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.9680: invalid indirect mapped block 1811939328 (level 0) [ 2163.532924][T26208] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.9680: invalid indirect mapped block 2185560079 (level 1) [ 2163.560057][T26208] EXT4-fs (loop2): 1 truncate cleaned up [ 2163.569946][T26208] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 2163.665734][T21815] usb 1-1: new high-speed USB device number 52 using dummy_hcd [ 2163.686914][ T5494] usb 4-1: new high-speed USB device number 49 using dummy_hcd [ 2163.831859][T21683] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 2163.860702][T21815] usb 1-1: Using ep0 maxpacket: 16 [ 2163.917748][T21815] usb 1-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=ba.be [ 2163.928129][T21815] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2163.941281][T21815] usb 1-1: Product: syz [ 2163.945729][T21815] usb 1-1: Manufacturer: syz [ 2163.952311][T21815] usb 1-1: SerialNumber: syz [ 2164.057001][T21815] usb 1-1: config 0 descriptor?? [ 2164.111943][ T5494] usb 4-1: New USB device found, idVendor=0bc3, idProduct=0001, bcdDevice=68.24 [ 2164.121808][ T5494] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2164.130513][ T5494] usb 4-1: Product: syz [ 2164.135371][ T5494] usb 4-1: Manufacturer: syz [ 2164.140412][ T5494] usb 4-1: SerialNumber: syz [ 2164.189925][ T5494] usb 4-1: config 0 descriptor?? [ 2164.823258][ T5494] ipw 4-1:0.0: IPWireless converter converter detected [ 2164.918970][ T5494] usb 4-1: USB disconnect, device number 49 [ 2164.936771][ T5494] ipw 4-1:0.0: device disconnected [ 2165.180453][T26250] loop4: detected capacity change from 0 to 512 [ 2165.250905][T26250] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 2165.284283][T21815] peak_usb 1-1:0.0: PEAK-System PCAN-Chip USB v196 fw v185.0.0 (1 channels) [ 2165.331835][T26250] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e11c, mo2=0102] [ 2165.347694][T26248] loop2: detected capacity change from 0 to 256 [ 2165.400601][T26250] EXT4-fs (loop4): orphan cleanup on readonly fs [ 2165.444450][T26250] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #11: comm syz.4.9701: attempt to clear invalid blocks 1024 len 1 [ 2165.512950][T26248] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 2165.515745][T21815] peak_usb 1-1:0.0 can0: unable to request usb[type=2 value=5] err=-71 [ 2165.534862][T21815] peak_usb 1-1:0.0: unable to tell PCAN-Chip USB driver is loaded (err -71) [ 2165.567242][T26250] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.9701: bg 0: block 361: padding at end of block bitmap is not set [ 2165.625718][T26250] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 2165.699867][T26250] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.9701: invalid indirect mapped block 1811939328 (level 0) [ 2165.744674][T21815] peak_usb 1-1:0.0: probe with driver peak_usb failed with error -71 [ 2165.790937][T26250] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.9701: invalid indirect mapped block 2185560079 (level 1) [ 2165.807243][T21815] usb 1-1: USB disconnect, device number 52 [ 2165.868830][T26250] EXT4-fs (loop4): 1 truncate cleaned up [ 2165.876805][T26250] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 2166.225937][T23969] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 2166.634446][T26261] loop1: detected capacity change from 0 to 512 [ 2166.968223][T26261] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 2167.186749][T26261] Quota error (device loop1): do_check_range: Getting block 514 out of range 1-5 [ 2167.196403][T26261] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 2167.206752][T26261] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.9705: Failed to acquire dquot type 1 [ 2167.409524][T26261] EXT4-fs (loop1): 1 truncate cleaned up [ 2167.419360][T26261] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 2167.433307][T26261] ext4 filesystem being mounted at /372/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 2167.534342][ T5494] usb 3-1: new high-speed USB device number 46 using dummy_hcd [ 2167.595915][T26261] Quota error (device loop1): do_check_range: Getting block 514 out of range 1-5 [ 2167.605935][T26261] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 2167.616116][T26261] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.9705: Failed to acquire dquot type 1 [ 2167.740037][ T5494] usb 3-1: config 0 has an invalid interface number: 101 but max is 0 [ 2167.748548][ T5494] usb 3-1: config 0 has an invalid descriptor of length 78, skipping remainder of the config [ 2167.759229][ T5494] usb 3-1: config 0 has no interface number 0 [ 2167.766290][ T5494] usb 3-1: too many endpoints for config 0 interface 101 altsetting 244: 52, using maximum allowed: 30 [ 2167.777940][ T5494] usb 3-1: config 0 interface 101 altsetting 244 has 0 endpoint descriptors, different from the interface descriptor's value: 52 [ 2167.791731][ T5494] usb 3-1: config 0 interface 101 has no altsetting 0 [ 2167.799068][ T5494] usb 3-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice=3f.99 [ 2167.808571][ T5494] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2168.009728][ T4857] usb 4-1: new high-speed USB device number 50 using dummy_hcd [ 2168.024999][ T5494] usb 3-1: config 0 descriptor?? [ 2168.159972][T21899] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2168.325364][ T4857] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2168.335984][ T4857] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 2168.420035][ T4857] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 2168.430135][ T5494] usb 3-1: string descriptor 0 read error: -71 [ 2168.437550][ T4857] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 2168.443725][ T5494] usb 3-1: USB disconnect, device number 46 [ 2168.445824][ T4857] usb 4-1: SerialNumber: syz [ 2168.776987][ T4857] usb 4-1: 0:2 : does not exist [ 2168.880274][ T4857] usb 4-1: USB disconnect, device number 50 [ 2169.066458][T26301] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9723'. [ 2169.154630][T26303] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 2169.662613][T26309] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9729'. [ 2170.400048][T21304] udevd[21304]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 2170.461465][T21591] usb 4-1: new high-speed USB device number 51 using dummy_hcd [ 2170.679714][T21591] usb 4-1: Using ep0 maxpacket: 16 [ 2170.707813][T21591] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2170.714920][T26325] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9734'. [ 2170.718561][T21591] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 0, changing to 7 [ 2170.738616][T21591] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 2170.748782][T21591] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2170.867874][T21591] usb 4-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f [ 2170.877662][T21591] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2170.886422][T21591] usb 4-1: Product: syz [ 2170.891004][T21591] usb 4-1: Manufacturer: syz [ 2170.897344][T21591] usb 4-1: SerialNumber: syz [ 2171.001658][T21591] usb 4-1: config 0 descriptor?? [ 2171.160839][T26327] loop4: detected capacity change from 0 to 2048 [ 2171.334435][T26332] loop2: detected capacity change from 0 to 16 [ 2171.409141][T26332] erofs: (device loop2): mounted with root inode @ nid 36. [ 2171.425283][T21591] xbox_remote_probe: Unexpected endpoint_in [ 2171.440117][T26332] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 2171.466486][T26332] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 2171.501092][T26327] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 2171.530128][T21591] usb 4-1: USB disconnect, device number 51 [ 2173.621828][T21591] usb 2-1: new full-speed USB device number 53 using dummy_hcd [ 2173.849513][T21591] usb 2-1: config index 0 descriptor too short (expected 35577, got 27) [ 2173.858334][T21591] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 2173.866860][T21591] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2173.877447][T21591] usb 2-1: config 0 has no interface number 0 [ 2173.884542][T21591] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice= 3.e8 [ 2173.894189][T21591] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2173.927248][T21591] usb 2-1: config 0 descriptor?? [ 2173.974110][T21591] snd_usb_pod 2-1:0.1: Line 6 Pocket POD found [ 2174.230182][T21591] snd_usb_pod 2-1:0.1: endpoint not available, using fallback values [ 2174.239727][T21591] snd_usb_pod 2-1:0.1: invalid control EP [ 2174.245727][T21591] snd_usb_pod 2-1:0.1: cannot start listening: -22 [ 2174.257429][T21591] snd_usb_pod 2-1:0.1: Line 6 Pocket POD now disconnected [ 2174.268595][T21591] snd_usb_pod 2-1:0.1: probe with driver snd_usb_pod failed with error -22 [ 2174.292003][T26375] No such timeout policy "syz1" [ 2174.305273][T26377] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9761'. [ 2174.339013][T26378] loop3: detected capacity change from 0 to 24 [ 2174.498752][T26378] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 2174.533939][T21591] usb 2-1: USB disconnect, device number 53 [ 2175.721823][T26393] loop1: detected capacity change from 0 to 64 [ 2177.158281][T26413] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9777'. [ 2177.680939][T26423] loop1: detected capacity change from 0 to 256 [ 2178.583486][T26423] FAT-fs (loop1): Directory bread(block 64) failed [ 2178.590800][T26423] FAT-fs (loop1): Directory bread(block 65) failed [ 2178.598065][T26423] FAT-fs (loop1): Directory bread(block 66) failed [ 2178.605406][T26423] FAT-fs (loop1): Directory bread(block 67) failed [ 2178.612368][T26423] FAT-fs (loop1): Directory bread(block 68) failed [ 2178.619353][T26423] FAT-fs (loop1): Directory bread(block 69) failed [ 2178.626325][T26423] FAT-fs (loop1): Directory bread(block 70) failed [ 2178.633309][T26423] FAT-fs (loop1): Directory bread(block 71) failed [ 2178.640416][T26423] FAT-fs (loop1): Directory bread(block 72) failed [ 2178.647232][T26423] FAT-fs (loop1): Directory bread(block 73) failed [ 2179.306913][ T4857] usb 1-1: new high-speed USB device number 53 using dummy_hcd [ 2179.618078][T26449] netlink: 'syz.2.9795': attribute type 1 has an invalid length. [ 2179.970923][ T4857] usb 1-1: Using ep0 maxpacket: 32 [ 2180.092358][ T4857] usb 1-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15 [ 2180.101949][ T4857] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2180.110565][ T4857] usb 1-1: Product: syz [ 2180.115272][ T4857] usb 1-1: Manufacturer: syz [ 2180.120248][ T4857] usb 1-1: SerialNumber: syz [ 2180.188316][ T4857] usb 1-1: config 0 descriptor?? [ 2180.444949][ T4857] RobotFuzz Open Source InterFace, OSIF 1-1:0.0: version d4.15 found at bus 001 address 053 [ 2180.679494][T26465] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9803'. [ 2180.741642][T26463] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9802'. [ 2180.826468][T26461] loop2: detected capacity change from 0 to 1024 [ 2180.846896][ T4857] usb 1-1: USB disconnect, device number 53 [ 2180.864889][T26461] EXT4-fs: Ignoring removed oldalloc option [ 2180.949411][T26461] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 2181.049969][T26461] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 2181.223278][T26461] CIFS mount error: No usable UNC path provided in device string! [ 2181.223278][T26461] [ 2181.233881][T26461] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 2181.375144][T26474] loop1: detected capacity change from 0 to 64 [ 2181.397199][T21683] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2181.592296][T26476] netlink: 124 bytes leftover after parsing attributes in process `syz.3.9807'. [ 2181.602267][T26476] netlink: 124 bytes leftover after parsing attributes in process `syz.3.9807'. [ 2182.952020][T26502] xt_ecn: cannot match TCP bits for non-tcp packets [ 2183.155972][T26506] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9819'. [ 2183.165332][T26506] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9819'. [ 2183.176762][T26508] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9820'. [ 2184.147014][T26529] overlayfs: missing 'lowerdir' [ 2184.819140][T26538] ===================================================== [ 2184.826745][T26538] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x110 [ 2184.834303][T26538] _copy_to_user+0xbc/0x110 [ 2184.839277][T26538] con_font_op+0x14a2/0x1710 [ 2184.844133][T26538] vt_compat_ioctl+0x79b/0x990 [ 2184.849293][T26538] tty_compat_ioctl+0x801/0xce0 [ 2184.854374][T26538] __se_compat_sys_ioctl+0x785/0x1080 [ 2184.860486][T26538] __ia32_compat_sys_ioctl+0x93/0xe0 [ 2184.865992][T26538] ia32_sys_call+0x32a2/0x40d0 [ 2184.871160][T26538] __do_fast_syscall_32+0xb0/0x110 [ 2184.876506][T26538] do_fast_syscall_32+0x38/0x80 [ 2184.881709][T26538] do_SYSENTER_32+0x1f/0x30 [ 2184.886427][T26538] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 2184.893163][T26538] [ 2184.895601][T26538] Uninit was created at: [ 2184.907406][T26538] ___kmalloc_large_node+0x22c/0x370 [ 2184.913193][T26538] __kmalloc_large_node_noprof+0x3f/0x1e0 [ 2184.919246][T26538] __kmalloc_node_noprof+0x9d6/0xf50 [ 2184.925435][T26538] __kvmalloc_node_noprof+0xc0/0x2d0 [ 2184.930940][T26538] con_font_op+0x659/0x1710 [ 2184.935833][T26538] vt_compat_ioctl+0x79b/0x990 [ 2184.940839][T26538] tty_compat_ioctl+0x801/0xce0 [ 2184.946054][T26538] __se_compat_sys_ioctl+0x785/0x1080 [ 2184.951639][T26538] __ia32_compat_sys_ioctl+0x93/0xe0 [ 2184.957513][T26538] ia32_sys_call+0x32a2/0x40d0 [ 2184.962517][T26538] __do_fast_syscall_32+0xb0/0x110 [ 2184.967986][T26538] do_fast_syscall_32+0x38/0x80 [ 2184.973068][T26538] do_SYSENTER_32+0x1f/0x30 [ 2184.977986][T26538] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 2184.984551][T26538] [ 2184.987172][T26538] Bytes 65536-131071 of 131072 are uninitialized [ 2184.993653][T26538] Memory access of size 131072 starts at ffff8880b8c00000 [ 2185.001062][T26538] Data copied to user address 0000000020000a40 [ 2185.007374][T26538] [ 2185.015343][T26538] CPU: 1 UID: 0 PID: 26538 Comm: syz.3.9835 Not tainted 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 2185.029064][T26538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 2185.039612][T26538] ===================================================== [ 2185.046855][T26538] Disabling lock debugging due to kernel taint [ 2185.053693][T26538] Kernel panic - not syncing: kmsan.panic set ... [ 2185.060301][T26538] CPU: 1 UID: 0 PID: 26538 Comm: syz.3.9835 Tainted: G B 6.12.0-rc3-syzkaller-00013-geca631b8fe80 #0 [ 2185.072770][T26538] Tainted: [B]=BAD_PAGE [ 2185.077039][T26538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 2185.087251][T26538] Call Trace: [ 2185.090650][T26538] [ 2185.093688][T26538] dump_stack_lvl+0x216/0x2d0 [ 2185.098572][T26538] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 2185.104604][T26538] dump_stack+0x1e/0x30 [ 2185.108999][T26538] panic+0x4e2/0xcf0 [ 2185.113111][T26538] ? kmsan_get_metadata+0xe1/0x1c0 [ 2185.118428][T26538] kmsan_report+0x2c7/0x2d0 [ 2185.123166][T26538] ? kmsan_internal_check_memory+0x48c/0x560 [ 2185.129373][T26538] ? kmsan_copy_to_user+0xd5/0xf0 [ 2185.134628][T26538] ? _copy_to_user+0xbc/0x110 [ 2185.139586][T26538] ? con_font_op+0x14a2/0x1710 [ 2185.144517][T26538] ? vt_compat_ioctl+0x79b/0x990 [ 2185.149667][T26538] ? tty_compat_ioctl+0x801/0xce0 [ 2185.154891][T26538] ? __se_compat_sys_ioctl+0x785/0x1080 [ 2185.160641][T26538] ? __ia32_compat_sys_ioctl+0x93/0xe0 [ 2185.166387][T26538] ? ia32_sys_call+0x32a2/0x40d0 [ 2185.171554][T26538] ? __do_fast_syscall_32+0xb0/0x110 [ 2185.177073][T26538] ? do_fast_syscall_32+0x38/0x80 [ 2185.182303][T26538] ? do_SYSENTER_32+0x1f/0x30 [ 2185.187177][T26538] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 2185.193893][T26538] ? this_cpu_in_panic+0x5e/0xa0 [ 2185.199033][T26538] ? _prb_read_valid+0x216f/0x21c0 [ 2185.204519][T26538] ? kmsan_get_metadata+0x13e/0x1c0 [ 2185.209923][T26538] ? kmsan_get_metadata+0x13e/0x1c0 [ 2185.215401][T26538] ? kmsan_metadata_is_contiguous+0xde/0x1e0 [ 2185.221733][T26538] kmsan_internal_check_memory+0x48c/0x560 [ 2185.227869][T26538] kmsan_copy_to_user+0xd5/0xf0 [ 2185.233042][T26538] ? should_fail_usercopy+0x2e/0x40 [ 2185.238462][T26538] _copy_to_user+0xbc/0x110 [ 2185.243169][T26538] con_font_op+0x14a2/0x1710 [ 2185.247944][T26538] ? kmsan_get_metadata+0x13e/0x1c0 [ 2185.253331][T26538] vt_compat_ioctl+0x79b/0x990 [ 2185.258324][T26538] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 2185.264312][T26538] ? __pfx_vt_compat_ioctl+0x10/0x10 [ 2185.269817][T26538] tty_compat_ioctl+0x801/0xce0 [ 2185.274872][T26538] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 2185.280873][T26538] ? __pfx_tty_compat_ioctl+0x10/0x10 [ 2185.286800][T26538] __se_compat_sys_ioctl+0x785/0x1080 [ 2185.292369][T26538] ? kmsan_get_metadata+0x13e/0x1c0 [ 2185.297746][T26538] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 2185.304309][T26538] ? kmsan_get_metadata+0x13e/0x1c0 [ 2185.309697][T26538] __ia32_compat_sys_ioctl+0x93/0xe0 [ 2185.315187][T26538] ia32_sys_call+0x32a2/0x40d0 [ 2185.320253][T26538] __do_fast_syscall_32+0xb0/0x110 [ 2185.325571][T26538] ? irqentry_exit+0x16/0x60 [ 2185.330351][T26538] do_fast_syscall_32+0x38/0x80 [ 2185.335412][T26538] do_SYSENTER_32+0x1f/0x30 [ 2185.340115][T26538] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 2185.346664][T26538] RIP: 0023:0xf749d579 [ 2185.350870][T26538] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 2185.370774][T26538] RSP: 002b:00000000f578656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 2185.379547][T26538] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b72 [ 2185.387844][T26538] RDX: 00000000200004c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 2185.396163][T26538] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 2185.404285][T26538] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 2185.412429][T26538] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 2185.420564][T26538] [ 2185.423987][T26538] Kernel Offset: disabled [ 2185.428407][T26538] Rebooting in 86400 seconds..