last executing test programs: 3.307146459s ago: executing program 3 (id=4850): open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x0) mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x0, &(0x7f0000000000)={[{@dyn}]}) 3.088739118s ago: executing program 4 (id=4851): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="1400000015000dad0000000000dd000002"], 0x14}}, 0x0) 3.053590746s ago: executing program 2 (id=4852): ioperm(0x7, 0x4, 0x7) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, 0x0, 0x6729e4e6de8fe3b7) 3.00122033s ago: executing program 0 (id=4853): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000001c0), 0x2600) fcntl$setstatus(r0, 0x4, 0x0) 2.723630838s ago: executing program 1 (id=4854): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_pauseparam={0x3d}}) 2.692626379s ago: executing program 3 (id=4855): r0 = socket$inet_sctp(0x2, 0x5, 0x84) sendmmsg$inet_sctp(r0, &(0x7f0000002ec0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000001a80)=[@sndrcv={0x30, 0x84, 0x1, {0x7, 0x7, 0x202, 0x7, 0x6, 0x9, 0xa9, 0x6}}, @init={0x18, 0x84, 0x0, {0x9, 0x4, 0x10, 0x5}}], 0x48, 0x4}], 0x1, 0x48800) 2.642383306s ago: executing program 2 (id=4856): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000100)=@ethtool_link_settings={0x38, 0x0, 0x8, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20}}) 2.612835037s ago: executing program 4 (id=4857): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000040)={0x2, 0x642, 0xfffffff9}, 0xc) 2.543119159s ago: executing program 0 (id=4858): mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, &(0x7f0000000000)=0x5, 0x5, 0x0) mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1, &(0x7f0000000040)=0x6, 0x7ff, 0x0) 2.174402088s ago: executing program 1 (id=4859): r0 = socket(0x1, 0x803, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000300)={'gre0\x00', &(0x7f0000000700)={'syztnl0\x00', 0x0, 0x0, 0x3c48, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @empty}}}}) 2.13784357s ago: executing program 3 (id=4860): mkdir(&(0x7f0000000580)='./file0\x00', 0x0) setxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180), &(0x7f00000001c0)=@v3={0x1000000}, 0x18, 0x0) 2.1204301s ago: executing program 4 (id=4861): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205648, &(0x7f00000000c0)={0x0, 0x5, 0xba4, 0xffffffffffffffff, 0x0, &(0x7f0000000180)={0x98f90d, 0x401, '\x00', @p_u32=0x0}}) 2.01625799s ago: executing program 0 (id=4862): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x14, 0x40, 0x9, 0x0, 0x0, {0x3}}, 0x14}}, 0x24000044) 1.972063176s ago: executing program 2 (id=4863): r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f00000001c0)=0x5e, 0x4) 1.632671343s ago: executing program 3 (id=4864): r0 = socket$netlink(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14, 0x3ec}, [], {0x14, 0x3fb}}, 0x28}}, 0x0) 1.559936671s ago: executing program 4 (id=4865): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f00000000c0)={[{@mpol={'mpol', 0x3d, {'bind', '', @val={0x3a, [0x4e]}}}, 0x4e}]}) 1.559742482s ago: executing program 1 (id=4866): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) rt_sigqueueinfo(0x0, 0x2, &(0x7f00000001c0)={0x0, 0x0, 0xffffff09}) 1.538134741s ago: executing program 0 (id=4867): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000000)=@generic={0x3, 0x5, 0x4}) 1.524315011s ago: executing program 2 (id=4868): r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt(r0, 0x6, 0x7, 0x0, 0x0) 1.117759157s ago: executing program 3 (id=4869): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$VIDIOC_ENUMAUDOUT(r0, 0xc0345642, &(0x7f0000000080)={0x80000000, "5448c1275f0141cf0e9d163e6800b309e543a1e93af24c7f8dd8a4dfb8669bc1", 0x3}) 999.893912ms ago: executing program 1 (id=4870): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'geneve1\x00', 0x400}) 999.484654ms ago: executing program 0 (id=4871): r0 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$VIDIOC_TRY_EXT_CTRLS(r0, 0xc0205649, &(0x7f0000000200)={0x980000, 0xff, 0xd, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)={0x990a97, 0x4, '\x00', @ptr=0x8000000000000000}}) 999.353211ms ago: executing program 4 (id=4872): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0585605, &(0x7f0000000500)={0x3, 0x1, @raw_data=[0x8, 0x330b, 0x101, 0x8000, 0x6, 0xfffffff7, 0x3, 0x1, 0x3622, 0x40000002, 0x1c000000, 0x80000001, 0x7, 0x3, 0x3ff, 0x4]}) 971.253639ms ago: executing program 2 (id=4873): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0xf, 0x0, &(0x7f0000000080)) 575.294196ms ago: executing program 3 (id=4874): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000780)=@newtaction={0x68, 0x30, 0x301, 0x0, 0x20000, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x18, 0x2, {{}, 0x1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x8040}, 0x0) 519.976737ms ago: executing program 0 (id=4875): r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f00000000c0)="240000001e005f3814fffffffffffff8070000000000090000000000060005000d101000", 0x24) 490.814176ms ago: executing program 1 (id=4876): r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, 0xffffffffffffffff) 426.350387ms ago: executing program 4 (id=4877): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_channels={0x11}}) 420.398387ms ago: executing program 2 (id=4878): r0 = semget$private(0x0, 0x207, 0x0) semctl$SETALL(r0, 0x0, 0x11, &(0x7f00000003c0)) 0s ago: executing program 1 (id=4879): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x3c1, 0x3, 0xbb0, 0x0, 0x168, 0x9, 0x0, 0xb, 0xae0, 0x250, 0x250, 0xae0, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [], [], 'veth0_to_bridge\x00', 'sit0\x00', {}, {}, 0x6c}, 0x6000000, 0xa8, 0xf0, 0x0, {0x0, 0x28e}}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private0={0xfc, 0x0, '\x00', 0x1}, 'dvmrp0\x00'}}}, {{@uncond, 0x0, 0x9c0, 0x9f0, 0x0, {}, [@common=@unspec=@u32={{0x7e0}, {[{[{0x5, 0x1}, {0x1, 0x3}, {0x7, 0x1}, {0x5, 0x2}, {0x8, 0x3}, {0x1, 0x3}, {0x1ff, 0x3}, {0x60fc, 0x5756dd22089a9e07}, {0xd7a, 0x2}, {0x6, 0x1}, {0x7fff}], [{0x8001, 0x1}, {0xfe0, 0x80000000}, {0x0, 0x8}, {0x4, 0x6}, {0x9, 0x3fe}, {0x200, 0x4}, {0x3, 0x810}, {}, {0xfff, 0x5}, {0x3, 0x2}, {0x6fc9, 0x3}], 0x1, 0x20}, {[{0x4, 0x1}, {0x55c7, 0x2}, {0xff, 0x1}, {0x1000, 0x2}, {0x5c9eda8a}, {0x8000}, {0x5, 0x3}, {0x0, 0x2}, {0xfffffffa}, {0x5, 0x2}, {0x63010bb0, 0x1}], [{0x6, 0x7ff}, {0x8, 0xfff}, {0x6, 0x3}, {0x5b, 0x3}, {0x9, 0x4}, {0x7, 0x7}, {0x0, 0x1}, {0x1000}, {0x2, 0xa359}, {0xb, 0x27b}, {0x5, 0x2}], 0x6, 0xa}, {[{0x7, 0x2}, {0x9}, {0x80, 0x3}, {0x57, 0x1}, {0x3, 0x3}, {0x3, 0x3}, {0x8}, {0x100, 0x1}, {0x201, 0x1}, {0x3, 0x1}, {0xa668, 0x2}], [{0x4, 0x6}, {0x507, 0x7}, {0x9, 0x9}, {0x1, 0x1000}, {0xb6, 0xa}, {0x1, 0x7}, {0x8, 0x3}, {0x3, 0x71}, {0x0, 0x4}, {0x6, 0x1}, {0x3ff, 0x2}], 0x2, 0x6}, {[{0x4c, 0x3}, {0xf, 0x3}, {0xa3, 0x1}, {}, {0x8001, 0x3}, {0x5}, {0xffff}, {0x328f}, {0xa7e}, {0x9, 0x3}, {0x10}], [{0x0, 0x10001}, {0x1, 0x4ee}, {0x0, 0x2}, {0xc45, 0xae7}, {0x7, 0x400}, {0xd, 0x3}, {0x9, 0x4}, {0xd, 0x4}, {0x60000000}, {0x81, 0x1ff}, {0x80, 0x8000}], 0x9, 0x9}, {[{0x3d38fe75, 0x2}, {0x1, 0x3}, {0x8000, 0x2}, {0x2, 0x2}, {0x4, 0x3}, {0x8000, 0x2}, {0x4f94b4ce, 0x3}, {}, {0x8}, {0x9, 0x2}, {0x4}], [{0x9}, {0x5, 0x9}, {0x5, 0x5}, {0x4, 0x81}, {0x743, 0xe}, {0x3, 0xa0000}, {0x1e, 0x8001}, {0x5, 0x5}, {0x4, 0x1}, {0x800, 0x8001}, {0x1, 0x8}], 0xb, 0x1}, {[{0x0, 0x3}, {0x7, 0x1}, {0x10001, 0x2}, {0xffff254f}, {0x8, 0x2}, {0x4, 0x1}, {0x8000, 0x2}, {0x80, 0x3}, {0x5d, 0x1}, {0x8, 0x1}, {0x4, 0x1}], [{0x2, 0x7}, {0x0, 0x8000}, {0xe52, 0xb1c}, {0xf, 0x4f87}, {0x5, 0x12fe}, {0x8, 0x3}, {0x507c}, {0x7, 0xfffffff7}, {0x3, 0x8}, {0xfffffff9, 0x4}, {0xe0000000, 0x11}], 0x4, 0x8}, {[{0x7ff}, {0x5, 0x3}, {0x1}, {0x401}, {0x5}, {0x6}, {0x57, 0x3}, {0x7f}, {0x7, 0x3}, {0x5}, {0x8000, 0x1}], [{0x9, 0x7}, {0x2, 0x8}, {0x1, 0x1}, {0x0, 0x5}, {0x630, 0x9}, {0x6141, 0x3}, {0x2, 0x2}, {0xbb6, 0xffdf}, {0x10000, 0x7}, {0x6, 0x6}, {0xffff, 0x9}], 0x8, 0x2}, {[{0x0, 0x1}, {0x43e}, {0x4, 0x1}, {0x1, 0x3}, {0x5, 0x2}, {0x2}, {0x5, 0x3}, {0x0, 0x2}, {0xbf2}, {0x5}, {0xaf70, 0x1}], [{0x5, 0x1}, {0x8, 0x6}, {0x4, 0x5}, {0x1, 0x2}, {0x9, 0x4}, {0x3, 0x74}, {0x4, 0x3bcc}, {0x5}, {0xf, 0x6}, {0x21, 0x1}, {0x26ed, 0x7}], 0x8, 0x9}, {[{0x8, 0x1}, {0x800, 0x2}, {0x8, 0x2}, {0x5, 0x2}, {0x8, 0x3}, {0x2, 0x2}, {0xffff}, {0x7, 0x2}, {0x7}, {0x9, 0x1}, {0x5, 0x3}], [{0x4, 0x1}, {0x3f, 0x3}, {0x1ff, 0x6}, {0x27df, 0x6}, {0x7fff}, {0xfffffffc, 0x3}, {0x0, 0xfff}, {0x2, 0x3}, {0x6, 0x6}, {0x0, 0x4}, {0xd, 0x8}], 0xa, 0x1}, {[{0xf, 0x3}, {0x0, 0x2}, {0x3, 0x3}, {0x2}, {0xe7d9}, {0x72, 0x5}, {0x9, 0x1}, {0x4, 0x1}, {0xfffffff1, 0x2}, {0x2405, 0x3}, {0x5, 0x1}], [{0x15c6, 0x4}, {0x10001, 0x4}, {0x80000000, 0x8}, {0x8, 0x101}, {0x6, 0xf2bd}, {0x7, 0x8}, {0x7, 0x5}, {0xfffffffc, 0x4}, {0x5, 0x30000000}, {0x7, 0x3}, {0x9, 0x9}], 0x0, 0x3}, {[{0x800004, 0x2}, {0x3, 0x1}, {0x4, 0x3}, {0x2, 0x1}, {0x35a, 0x1}, {0x9, 0x2}, {0x81, 0x3}, {0x6, 0x3}, {0x2}, {0x4, 0x2}, {0x0, 0x1}], [{0x200000, 0x7}, {0xffffffff, 0x9e}, {0x4, 0x3}, {0xffffffff, 0xc9e}, {0x0, 0xcc000000}, {0x101, 0x4}, {0xc76, 0x1}, {0x2, 0x7}, {0x6, 0x7f}, {0x7, 0x2}, {0x2, 0x2}], 0x2, 0xb}], 0x4, 0x1}}, @common=@rt={{0x138}, {0x8, [0x9, 0x6], 0xfffffffc, 0x20, 0x2, [@mcast1, @mcast1, @remote, @mcast2, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, @private1, @mcast2, @private2={0xfc, 0x2, '\x00', 0x1}, @remote, @dev={0xfe, 0x80, '\x00', 0x1d}, @empty, @empty, @remote], 0xe}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{}, {0x2}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0xc10) kernel console output (not intermixed with test programs): cdDevice=8e.8f [ 509.912863][ T25] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 509.921360][ T25] usb 4-1: Product: syz [ 509.926519][ T25] usb 4-1: SerialNumber: syz [ 510.018546][ T25] usb 4-1: config 0 descriptor?? [ 510.051794][ T25] cm109 4-1:0.8: invalid payload size 0, expected 4 [ 510.062078][ T25] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input16 [ 510.291816][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90 [ 510.505571][ T8] usb 4-1: USB disconnect, device number 10 [ 510.513226][ T8] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 510.845000][ T9944] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 511.431975][ T9950] loop1: detected capacity change from 0 to 64 [ 511.604321][ T9956] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1904'. [ 512.120726][ T9962] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1907'. [ 512.130889][ T9962] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1907'. [ 514.464305][ T29] audit: type=1326 audit(1737609142.945:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10005 comm="syz.4.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 514.554273][ T29] audit: type=1326 audit(1737609143.005:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10005 comm="syz.4.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 514.577507][ T29] audit: type=1326 audit(1737609143.005:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10005 comm="syz.4.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 514.608419][ T29] audit: type=1326 audit(1737609143.005:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10005 comm="syz.4.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 514.634132][ T29] audit: type=1326 audit(1737609143.005:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10005 comm="syz.4.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 515.764723][T10029] mmap: syz.2.1940 (10029) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 517.160373][T10055] loop1: detected capacity change from 0 to 1024 [ 517.317378][T10057] netlink: 'syz.4.1954': attribute type 1 has an invalid length. [ 517.352721][T10055] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 517.535012][T10055] EXT4-fs error (device loop1): ext4_lookup:1805: inode #2: comm syz.1.1952: bad inode number: 12 [ 517.624961][T10055] EXT4-fs (loop1): Remounting filesystem read-only [ 517.683176][T10062] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1956'. [ 518.173473][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 519.298551][T10087] loop4: detected capacity change from 0 to 64 [ 519.996332][ T29] audit: type=1326 audit(1737609148.495:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10097 comm="syz.0.1974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 520.027000][ T29] audit: type=1326 audit(1737609148.495:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10097 comm="syz.0.1974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 520.052162][ T29] audit: type=1326 audit(1737609148.525:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10097 comm="syz.0.1974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 520.075311][ T29] audit: type=1326 audit(1737609148.525:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10097 comm="syz.0.1974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 520.098080][ T29] audit: type=1326 audit(1737609148.525:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10097 comm="syz.0.1974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 520.525273][T10104] overlay: Unknown parameter 'y^\@\+\' [ 521.172328][T10118] netlink: 'syz.0.1982': attribute type 1 has an invalid length. [ 521.181253][T10118] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1982'. [ 521.764750][T10126] caif0: entered allmulticast mode [ 524.774866][T10177] netlink: 'syz.3.2010': attribute type 1 has an invalid length. [ 525.924148][T10199] overlay: Unknown parameter 'y^\@\+\' [ 526.443633][T10205] tmpfs: Bad value for 'mpol' [ 527.205200][T10219] loop1: detected capacity change from 0 to 128 [ 527.266912][T10219] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 527.434199][T10219] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 527.509796][T10224] loop3: detected capacity change from 0 to 512 [ 527.625200][T10224] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 528.393360][T10224] EXT4-fs (loop3): failed to open journal device unknown-block(0,0) -6 [ 528.675833][T10243] netlink: 'syz.2.2043': attribute type 1 has an invalid length. [ 528.683815][T10243] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2043'. [ 528.804757][T10247] caif0: entered allmulticast mode [ 529.356230][ T29] audit: type=1326 audit(1737609157.835:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10256 comm="syz.4.2050" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x0 [ 530.793475][T10282] sctp: [Deprecated]: syz.0.2072 (pid 10282) Use of struct sctp_assoc_value in delayed_ack socket option. [ 530.793475][T10282] Use struct sctp_sack_info instead [ 530.834735][T10286] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2062'. [ 531.134908][ T29] audit: type=1326 audit(1737609159.625:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10288 comm="syz.3.2065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cb78cd29 code=0x7ffc0000 [ 531.157370][ C1] vkms_vblank_simulate: vblank timer overrun [ 531.164640][ T29] audit: type=1326 audit(1737609159.625:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10288 comm="syz.3.2065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cb78cd29 code=0x7ffc0000 [ 531.364170][ T29] audit: type=1326 audit(1737609159.735:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10288 comm="syz.3.2065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7f53cb78cd29 code=0x7ffc0000 [ 531.394334][ T29] audit: type=1326 audit(1737609159.735:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10288 comm="syz.3.2065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cb78cd29 code=0x7ffc0000 [ 531.419474][ T29] audit: type=1326 audit(1737609159.735:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10288 comm="syz.3.2065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cb78cd29 code=0x7ffc0000 [ 531.441903][ C1] vkms_vblank_simulate: vblank timer overrun [ 531.653164][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 531.660661][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 531.896622][T10299] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2070'. [ 532.975033][T10323] tmpfs: Bad value for 'mpol' [ 533.374856][T10330] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2085'. [ 533.544195][ T8] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 533.547698][T10334] openvswitch: netlink: Key 3 has unexpected len 2 expected 4 [ 533.766720][ T8] usb 3-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 533.776366][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 533.784913][ T8] usb 3-1: Product: syz [ 533.789298][ T8] usb 3-1: Manufacturer: syz [ 533.794497][ T8] usb 3-1: SerialNumber: syz [ 533.908516][ T8] usb 3-1: config 0 descriptor?? [ 534.157418][ T8] usb 3-1: ignoring: probably an ADSL modem [ 534.359969][ T8] cxacru 3-1:0.0: usbatm_usb_probe: bind failed: -19! [ 534.405388][ T8] usb 3-1: USB disconnect, device number 6 [ 536.529553][T10373] netlink: 'syz.3.2107': attribute type 4 has an invalid length. [ 537.490208][T10387] loop0: detected capacity change from 0 to 128 [ 537.570696][T10387] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 537.755851][T10392] loop2: detected capacity change from 0 to 512 [ 537.793003][T10392] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 538.497109][T10392] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6 [ 539.035383][T10415] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2125'. [ 539.147373][T10414] loop3: detected capacity change from 0 to 1024 [ 539.322363][ T8] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 539.338090][T10421] loop0: detected capacity change from 0 to 128 [ 539.430683][T10421] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 539.484304][T10423] openvswitch: netlink: Key 3 has unexpected len 2 expected 4 [ 539.552020][T10421] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 539.564286][ T8] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 539.573841][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 539.582316][ T8] usb 2-1: Product: syz [ 539.587020][ T8] usb 2-1: Manufacturer: syz [ 539.591827][ T8] usb 2-1: SerialNumber: syz [ 539.637250][ T3654] hfsplus: b-tree write err: -5, ino 4 [ 539.752789][ T8] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 539.838190][ T5853] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 541.812453][T10437] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2134'. [ 543.235067][ T8] usb 2-1: USB disconnect, device number 9 [ 543.279615][ T5853] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 543.288601][ T5853] ath9k_htc: Failed to initialize the device [ 543.310935][ T8] usb 2-1: ath9k_htc: USB layer deinitialized [ 543.547591][T10447] sctp: [Deprecated]: syz.4.2141 (pid 10447) Use of struct sctp_assoc_value in delayed_ack socket option. [ 543.547591][T10447] Use struct sctp_sack_info instead [ 543.646186][T10448] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2140'. [ 544.445541][T10463] netlink: 'syz.0.2149': attribute type 4 has an invalid length. [ 544.786211][T10468] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2160'. [ 545.692259][T10485] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2159'. [ 546.304298][T10492] loop2: detected capacity change from 0 to 2048 [ 546.402269][T10492] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 548.258370][T10525] tmpfs: Bad value for 'mpol' [ 548.418708][T10519] loop3: detected capacity change from 0 to 4096 [ 548.609349][T10530] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 548.701163][T10519] NILFS error (device loop3): nilfs_find_entry: dir 2 size 34359742464 exceeds block count 1 [ 548.790594][T10519] Remounting filesystem read-only [ 548.862642][T10532] @ÿ: renamed from veth0_vlan (while UP) [ 549.225093][T10539] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2186'. [ 549.668580][T10543] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2187'. [ 551.862485][T10582] netlink: 196 bytes leftover after parsing attributes in process `syz.0.2206'. [ 551.872525][T10582] netlink: 196 bytes leftover after parsing attributes in process `syz.0.2206'. [ 551.882096][T10582] netlink: 19 bytes leftover after parsing attributes in process `syz.0.2206'. [ 552.355654][T10579] loop4: detected capacity change from 0 to 4096 [ 552.409630][T10579] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512). [ 552.873002][T10579] ntfs3(loop4): Failed to initialize $Extend/$ObjId. [ 552.904273][T10597] gre0: entered promiscuous mode [ 553.681582][T10608] tmpfs: Bad value for 'mpol' [ 553.828918][T10606] loop0: detected capacity change from 0 to 2048 [ 553.877437][T10611] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2221'. [ 553.931651][T10606] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 556.191778][T10649] netlink: 196 bytes leftover after parsing attributes in process `syz.1.2238'. [ 556.201731][T10649] netlink: 196 bytes leftover after parsing attributes in process `syz.1.2238'. [ 556.211279][T10649] netlink: 19 bytes leftover after parsing attributes in process `syz.1.2238'. [ 556.268713][T10650] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2240'. [ 557.270478][T10668] bridge2: entered promiscuous mode [ 557.276148][T10668] bridge2: entered allmulticast mode [ 557.487633][T10670] loop1: detected capacity change from 0 to 256 [ 557.603476][T10670] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 557.664801][T10670] exFAT-fs (loop1): start_clu is invalid cluster(0xffffffff) [ 557.672946][T10670] exFAT-fs (loop1): valid_size(150994954) is greater than size(10) [ 558.422913][T10678] loop2: detected capacity change from 0 to 4096 [ 558.576380][T10686] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 558.615235][T10687] netlink: 196 bytes leftover after parsing attributes in process `syz.3.2255'. [ 558.625251][T10687] netlink: 196 bytes leftover after parsing attributes in process `syz.3.2255'. [ 558.634819][T10687] netlink: 19 bytes leftover after parsing attributes in process `syz.3.2255'. [ 558.657337][T10678] NILFS error (device loop2): nilfs_find_entry: dir 2 size 34359742464 exceeds block count 1 [ 558.677758][T10678] Remounting filesystem read-only [ 559.625479][T10689] loop4: detected capacity change from 0 to 4096 [ 559.676780][T10689] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 560.307473][T10703] loop0: detected capacity change from 0 to 2048 [ 560.487308][T10703] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 560.495325][T10703] UDF-fs: Scanning with blocksize 512 failed [ 560.596863][T10703] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 562.727203][T10729] loop0: detected capacity change from 0 to 4096 [ 563.836399][T10753] xt_hashlimit: invalid interval [ 565.643198][ T5082] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 565.706173][T10777] loop4: detected capacity change from 0 to 4096 [ 566.307647][T10792] xt_l2tp: wrong L2TP version: 0 [ 566.951980][T10798] loop2: detected capacity change from 0 to 4096 [ 567.004733][T10798] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 567.348551][T10798] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 567.775336][ T5082] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 569.595646][T10837] loop1: detected capacity change from 0 to 4096 [ 569.644564][T10837] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 571.022646][T10871] futex_wake_op: syz.2.2348 tries to shift op by 32; fix this program [ 571.089169][T10869] xt_hashlimit: invalid interval [ 572.044127][ T25] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 572.254501][ T25] usb 4-1: Using ep0 maxpacket: 16 [ 572.312642][ T25] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 572.322906][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 572.331397][ T25] usb 4-1: Product: syz [ 572.343348][ T25] usb 4-1: Manufacturer: syz [ 572.350696][ T25] usb 4-1: SerialNumber: syz [ 572.393574][T10884] loop4: detected capacity change from 0 to 2048 [ 572.469478][ T25] r8152-cfgselector 4-1: Unknown version 0x0000 [ 572.476359][ T25] r8152-cfgselector 4-1: config 0 descriptor?? [ 572.563453][T10884] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 572.571738][T10884] UDF-fs: Scanning with blocksize 512 failed [ 572.719773][T10884] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 572.930670][ T5853] r8152-cfgselector 4-1: USB disconnect, device number 11 [ 573.425225][ T5855] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 573.675826][ T5855] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 573.685030][ T5855] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 573.695639][ T5855] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 573.705151][ T5855] usb 3-1: config 1 has no interface number 1 [ 573.711535][ T5855] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 573.803608][ T5855] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 573.804816][T10902] loop1: detected capacity change from 0 to 1024 [ 573.813172][ T5855] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 573.828326][ T5855] usb 3-1: Product: syz [ 573.832719][ T5855] usb 3-1: Manufacturer: syz [ 573.837750][ T5855] usb 3-1: SerialNumber: syz [ 573.959653][T10902] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 574.030320][T10902] EXT4-fs error (device loop1): ext4_lookup:1813: comm syz.1.2364: inode #12: comm syz.1.2364: iget: illegal inode # [ 574.111172][T10902] EXT4-fs (loop1): Remounting filesystem read-only [ 574.355930][ T5855] usb 3-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0 [ 574.363599][ T5855] usb 3-1: MIDIStreaming interface descriptor not found [ 574.409462][T10913] netlink: set zone limit has 4 unknown bytes [ 574.581739][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 574.655817][ T5855] usb 3-1: USB disconnect, device number 7 [ 575.197202][ T6159] udevd[6159]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 577.238430][T10957] xt_CT: You must specify a L4 protocol and not use inversions on it [ 577.549141][T10963] netlink: 'syz.1.2393': attribute type 10 has an invalid length. [ 577.568531][T10963] team0: Device ipvlan1 failed to register rx_handler [ 580.236555][T11009] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2416'. [ 580.535126][T11011] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2417'. [ 581.603135][T11030] netlink: set zone limit has 4 unknown bytes [ 587.776725][T11133] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2477'. [ 588.544091][ T29] audit: type=1326 audit(1737609217.035:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11146 comm="syz.4.2483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 588.567469][ T29] audit: type=1326 audit(1737609217.035:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11146 comm="syz.4.2483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 588.650795][ T29] audit: type=1326 audit(1737609217.105:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11146 comm="syz.4.2483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 588.674228][ T29] audit: type=1326 audit(1737609217.105:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11146 comm="syz.4.2483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 588.699712][ T29] audit: type=1326 audit(1737609217.105:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11146 comm="syz.4.2483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 589.394150][ T25] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 589.618821][ T25] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.02 [ 589.628786][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 589.637255][ T25] usb 5-1: Product: syz [ 589.649062][ T25] usb 5-1: Manufacturer: syz [ 589.656567][ T25] usb 5-1: SerialNumber: syz [ 589.737353][ T25] usb 5-1: config 0 descriptor?? [ 589.989359][ T5082] Bluetooth: hci0: unexpected event for opcode 0x080d [ 590.132531][ T25] usb 5-1: USB disconnect, device number 6 [ 590.232807][T11172] xt_l2tp: v2 doesn't support IP mode [ 591.265380][T11188] xt_TPROXY: Can be used only with -p tcp or -p udp [ 592.004985][T11203] netlink: 288 bytes leftover after parsing attributes in process `syz.1.2510'. [ 593.087974][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 593.095025][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 593.424293][ T29] audit: type=1326 audit(1737609221.915:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11222 comm="syz.0.2520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 593.427082][T11226] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2521'. [ 593.454424][ T29] audit: type=1326 audit(1737609221.915:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11222 comm="syz.0.2520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 593.614221][ T29] audit: type=1326 audit(1737609222.005:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11222 comm="syz.0.2520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 593.644220][ T29] audit: type=1326 audit(1737609222.005:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11222 comm="syz.0.2520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 593.669549][ T29] audit: type=1326 audit(1737609222.015:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11222 comm="syz.0.2520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 594.029392][ T5082] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 594.038611][ T5082] Bluetooth: hci0: Injecting HCI hardware error event [ 594.056586][ T5082] Bluetooth: hci0: hardware error 0x00 [ 595.299525][T11256] loop0: detected capacity change from 0 to 128 [ 595.366604][T11256] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 595.422770][T11256] sysv_free_block: flc_count > flc_size [ 595.428803][T11256] sysv_free_block: flc_count > flc_size [ 595.434778][T11256] sysv_free_block: flc_count > flc_size [ 595.440541][T11256] sysv_free_block: flc_count > flc_size [ 595.446691][T11256] sysv_free_block: flc_count > flc_size [ 595.452426][T11256] sysv_free_block: flc_count > flc_size [ 595.462557][T11256] sysv_free_block: flc_count > flc_size [ 595.468573][T11256] sysv_free_block: flc_count > flc_size [ 595.474432][T11256] sysv_free_block: flc_count > flc_size [ 595.480168][T11256] sysv_free_block: flc_count > flc_size [ 595.561601][T11256] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 595.956949][T11267] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay' [ 596.104148][ T5082] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 596.222676][T11272] xt_l2tp: v2 doesn't support IP mode [ 596.754896][T11281] QAT: failed to copy from user cfg_data. [ 596.881702][T11285] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2550'. [ 599.116074][T11318] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2567'. [ 599.853912][T11331] netlink: 'syz.2.2573': attribute type 11 has an invalid length. [ 599.870124][T11330] loop0: detected capacity change from 0 to 512 [ 599.937180][T11330] EXT4-fs: Ignoring removed oldalloc option [ 599.943409][T11330] EXT4-fs: inline encryption not supported [ 600.057385][T11330] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 600.255651][T11330] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2572: bg 0: block 64: padding at end of block bitmap is not set [ 600.336331][T11330] Quota error (device loop0): write_blk: dquota write failed [ 600.345571][T11330] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 600.356850][T11330] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.2572: Failed to acquire dquot type 0 [ 600.457526][T11330] EXT4-fs (loop0): 1 truncate cleaned up [ 600.466191][T11330] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 600.479514][ T5855] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 600.675258][T11330] Quota error (device loop0): write_blk: dquota write failed [ 600.683718][T11330] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota [ 600.694443][T11330] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.2572: Failed to acquire dquot type 0 [ 600.739389][ T5855] usb 4-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.02 [ 600.749013][ T5855] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 600.757492][ T5855] usb 4-1: Product: syz [ 600.762251][ T5855] usb 4-1: Manufacturer: syz [ 600.767465][ T5855] usb 4-1: SerialNumber: syz [ 600.792440][ T5855] usb 4-1: config 0 descriptor?? [ 601.034606][ T5845] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 601.054593][ T5082] Bluetooth: hci2: unexpected event for opcode 0x080d [ 601.070522][T11330] syz.0.2572 (11330) used greatest stack depth: 3360 bytes left [ 601.099575][ T5855] usb 4-1: USB disconnect, device number 12 [ 601.126463][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 601.199126][T11350] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2582'. [ 601.209708][T11350] netlink: 688 bytes leftover after parsing attributes in process `syz.1.2582'. [ 601.251397][ T5845] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 601.261875][ T5845] usb 5-1: config 0 interface 0 has no altsetting 0 [ 601.330713][ T5845] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 601.341393][ T5845] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 601.351127][ T5845] usb 5-1: Product: syz [ 601.356426][ T5845] usb 5-1: Manufacturer: syz [ 601.361226][ T5845] usb 5-1: SerialNumber: syz [ 601.455058][ T5845] usb 5-1: config 0 descriptor?? [ 601.495313][ T5845] usb 5-1: selecting invalid altsetting 0 [ 601.679858][ T5845] usb 5-1: USB disconnect, device number 7 [ 601.931558][T11354] loop0: detected capacity change from 0 to 2048 [ 602.119039][T11354] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 602.171532][ T6220] udevd[6220]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 605.066627][ T5082] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 605.075474][ T5082] Bluetooth: hci2: Injecting HCI hardware error event [ 605.085219][ T5082] Bluetooth: hci2: hardware error 0x00 [ 606.102303][T11421] kAFS: unparsable volume name [ 607.144984][ T5082] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 608.555613][T11462] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2647'. [ 608.565289][T11462] netlink: 688 bytes leftover after parsing attributes in process `syz.2.2647'. [ 609.115686][T11471] x_tables: ip6_tables: LED.0 target: invalid size 40 (kernel) != (user) 0 [ 609.251093][T11469] loop4: detected capacity change from 0 to 2048 [ 609.400517][T11469] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 609.671808][T11479] loop3: detected capacity change from 0 to 128 [ 609.726259][T11479] VFS: Found a Xenix FS (block size = 1024) on device loop3 [ 609.794709][T11479] sysv_free_block: flc_count > flc_size [ 609.800491][T11479] sysv_free_block: flc_count > flc_size [ 609.806629][T11479] sysv_free_block: flc_count > flc_size [ 609.822001][T11479] sysv_free_block: flc_count > flc_size [ 609.830609][T11479] sysv_free_block: flc_count > flc_size [ 609.836557][T11479] sysv_free_block: flc_count > flc_size [ 609.842287][T11479] sysv_free_block: flc_count > flc_size [ 609.848180][T11479] sysv_free_block: flc_count > flc_size [ 609.854208][T11479] sysv_free_block: flc_count > flc_size [ 609.859938][T11479] sysv_free_block: flc_count > flc_size [ 609.949506][T11479] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 611.330346][T11502] syz.3.2656 uses obsolete (PF_INET,SOCK_PACKET) [ 611.572499][T11506] loop0: detected capacity change from 0 to 2048 [ 611.723799][T11506] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 612.325675][ T5855] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 612.516851][ T5855] usb 3-1: Using ep0 maxpacket: 8 [ 612.582964][ T5855] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 612.591475][ T5855] usb 3-1: config 0 has no interface number 0 [ 612.598272][ T5855] usb 3-1: config 0 interface 1 altsetting 0 has an endpoint descriptor with address 0xC5, changing to 0x85 [ 612.610196][ T5855] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 612.620332][ T5855] usb 3-1: config 0 interface 1 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 0 [ 612.630660][ T5855] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 612.640188][ T5855] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 612.740296][ T5855] usb 3-1: config 0 descriptor?? [ 612.767250][ T5855] iowarrior 3-1:0.1: no interrupt-in endpoint found [ 612.979797][ T5845] usb 3-1: USB disconnect, device number 8 [ 614.209268][T11541] xt_limit: Overflow, try lower: 1207959552/384 [ 615.939663][T11568] loop4: detected capacity change from 0 to 64 [ 617.378499][T11592] XFS (nullb0): Invalid superblock magic number [ 617.780958][T11602] loop1: detected capacity change from 0 to 512 [ 617.910691][T11602] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 617.924285][T11602] ext4 filesystem being mounted at /547/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 618.270413][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 618.527520][T11614] pim6reg: entered allmulticast mode [ 619.209188][T11622] loop1: detected capacity change from 0 to 1024 [ 619.549154][ T3867] hfsplus: b-tree write err: -5, ino 4 [ 619.773666][T11628] SET target dimension over the limit! [ 621.229967][T11651] delete_channel: no stack [ 621.855645][T11664] xt_limit: Overflow, try lower: 1207959552/384 [ 622.900085][T11679] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2739'. [ 623.825056][T11690] loop2: detected capacity change from 0 to 2048 [ 623.934955][T11690] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 625.077885][T11710] loop0: detected capacity change from 0 to 256 [ 625.234176][T11710] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 625.337227][T11710] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000008) [ 625.879825][T11721] XFS (nullb0): Invalid superblock magic number [ 626.560354][T11733] loop3: detected capacity change from 0 to 2048 [ 626.732653][T11733] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 626.798830][T11741] pim6reg: entered allmulticast mode [ 627.433499][T11746] SET target dimension over the limit! [ 629.921009][T11789] netlink: 728 bytes leftover after parsing attributes in process `syz.4.2792'. [ 630.584896][T11799] netlink: 164 bytes leftover after parsing attributes in process `syz.4.2797'. [ 631.609147][T11816] loop0: detected capacity change from 0 to 1024 [ 631.613133][T11817] loop3: detected capacity change from 0 to 512 [ 631.635089][T11816] EXT4-fs: Ignoring removed nobh option [ 631.640918][T11816] EXT4-fs: Ignoring removed nobh option [ 631.768845][T11816] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 631.834055][T11817] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 631.847556][T11817] ext4 filesystem being mounted at /574/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 631.994439][T11826] loop4: detected capacity change from 0 to 256 [ 632.416503][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 632.440749][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 632.611638][T11831] usb usb1: usbfs: process 11831 (syz.1.2810) did not claim interface 0 before use [ 633.185955][T11842] loop1: detected capacity change from 0 to 512 [ 633.425448][T11842] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 633.437522][T11842] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it [ 633.448388][T11842] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.2816: Corrupt directory, running e2fsck is recommended [ 633.478129][T11845] netlink: 'syz.3.2817': attribute type 1 has an invalid length. [ 633.482775][T11842] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 633.501496][T11842] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.2816: corrupted in-inode xattr: invalid ea_ino [ 633.595508][T11842] EXT4-fs (loop1): Remounting filesystem read-only [ 633.604113][T11842] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 634.225721][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 635.510369][T11878] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2831'. [ 635.632489][T11880] netlink: 'syz.2.2834': attribute type 10 has an invalid length. [ 635.641635][T11880] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2834'. [ 635.651107][T11880] batadv0: entered promiscuous mode [ 635.656682][T11880] batadv0: entered allmulticast mode [ 635.665999][T11880] bridge0: port 1(batadv0) entered blocking state [ 635.673075][T11880] bridge0: port 1(batadv0) entered disabled state [ 635.687681][T11880] bridge0: port 1(batadv0) entered blocking state [ 635.694943][T11880] bridge0: port 1(batadv0) entered forwarding state [ 635.793113][ T5004] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 635.802862][ T5004] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 636.711341][T11896] netlink: 'syz.3.2841': attribute type 1 has an invalid length. [ 638.269101][ T5855] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 638.421160][T11918] loop4: detected capacity change from 0 to 4096 [ 638.457859][T11918] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 638.489773][ T5855] usb 2-1: config 0 has an invalid descriptor of length 17, skipping remainder of the config [ 638.500568][ T5855] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89 [ 638.512833][ T5855] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 10 [ 638.524346][ T5855] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 65535, setting to 64 [ 638.535746][ T5855] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10 [ 638.547013][ T5855] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 1536, setting to 64 [ 638.558294][ T5855] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 638.606116][ T5855] usb 2-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8 [ 638.615690][ T5855] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 638.624911][ T5855] usb 2-1: Product: syz [ 638.630092][ T5855] usb 2-1: Manufacturer: syz [ 638.635399][ T5855] usb 2-1: SerialNumber: syz [ 638.646824][ T5855] usb 2-1: config 0 descriptor?? [ 638.661837][T11921] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 638.737585][T11921] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 639.024342][T11918] ntfs3(loop4): failed to convert "c46c" to macinuit [ 639.222504][T11934] netlink: 'syz.2.2860': attribute type 6 has an invalid length. [ 639.361318][T11936] netlink: 'syz.3.2861': attribute type 1 has an invalid length. [ 639.369688][T11936] netlink: 'syz.3.2861': attribute type 2 has an invalid length. [ 639.973382][T11945] loop0: detected capacity change from 0 to 64 [ 640.464297][T11952] netlink: 'syz.4.2869': attribute type 10 has an invalid length. [ 640.472495][T11952] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2869'. [ 640.481878][T11952] macvtap0: entered promiscuous mode [ 640.488378][T11952] macvtap0: entered allmulticast mode [ 640.494370][T11952] veth0_macvtap: entered allmulticast mode [ 640.503226][T11952] bridge0: port 1(macvtap0) entered blocking state [ 640.510526][T11952] bridge0: port 1(macvtap0) entered disabled state [ 640.521913][T11952] A link change request failed with some changes committed already. Interface macvtap0 may have been left with an inconsistent configuration, please check. [ 641.354362][ T5855] rc_core: IR keymap rc-snapstream-firefly not found [ 641.361483][ T5855] Registered IR keymap rc-empty [ 641.370499][ T5855] rc rc0: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 641.382921][ T5855] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input17 [ 641.486874][T11968] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2876'. [ 641.652999][ T5855] input: syz syz mouse as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input18 [ 641.865177][ T5855] usb 2-1: USB disconnect, device number 10 [ 641.865389][ C0] ati_remote 2-1:0.0: ati_remote_irq_in: usb_submit_urb()=-19 [ 642.675718][ T5845] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 642.944422][ T5845] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 642.953769][ T5845] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 642.962817][ T5845] usb 3-1: Product: syz [ 642.967403][ T5845] usb 3-1: Manufacturer: syz [ 642.972217][ T5845] usb 3-1: SerialNumber: syz [ 643.177319][ T5845] usb 3-1: config 0 descriptor?? [ 643.496675][ T5845] hso 3-1:0.0: Failed to find BULK IN ep [ 643.585717][ T5845] usb-storage 3-1:0.0: USB Mass Storage device detected [ 643.782184][ T5845] usb 3-1: USB disconnect, device number 9 [ 644.864945][ T5845] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 645.068315][ T5845] usb 2-1: config index 0 descriptor too short (expected 65408, got 36) [ 645.077187][ T5845] usb 2-1: config 6 has too many interfaces: 224, using maximum allowed: 32 [ 645.086344][ T5845] usb 2-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config [ 645.096782][ T5845] usb 2-1: config 6 has 0 interfaces, different from the descriptor's value: 224 [ 645.106312][ T5845] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 645.115703][ T5845] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 645.384288][ T5855] usb 2-1: USB disconnect, device number 11 [ 647.562022][T12055] loop1: detected capacity change from 0 to 8 [ 647.937704][T12062] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2922'. [ 648.196819][T12068] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2925'. [ 648.206282][T12068] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2925'. [ 648.514539][T12072] loop0: detected capacity change from 0 to 256 [ 648.770653][ T29] audit: type=1326 audit(1737609277.255:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12077 comm="syz.3.2931" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f53cb78cd29 code=0x0 [ 648.937726][T12072] FAT-fs (loop0): Directory bread(block 64) failed [ 648.944934][T12072] FAT-fs (loop0): Directory bread(block 65) failed [ 648.951846][T12072] FAT-fs (loop0): Directory bread(block 66) failed [ 648.958898][T12072] FAT-fs (loop0): Directory bread(block 67) failed [ 648.965937][T12072] FAT-fs (loop0): Directory bread(block 68) failed [ 648.972711][T12072] FAT-fs (loop0): Directory bread(block 69) failed [ 648.979950][T12072] FAT-fs (loop0): Directory bread(block 70) failed [ 648.989039][T12072] FAT-fs (loop0): Directory bread(block 71) failed [ 648.996111][T12072] FAT-fs (loop0): Directory bread(block 72) failed [ 649.002870][T12072] FAT-fs (loop0): Directory bread(block 73) failed [ 649.224856][ T29] audit: type=1800 audit(1737609277.715:65): pid=12072 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2927" name="file1" dev="loop0" ino=1048620 res=0 errno=0 [ 650.006317][T12094] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2936'. [ 650.029285][T12094] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2936'. [ 650.038910][T12094] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check. [ 651.684954][T12120] Illegal XDP return value 3120509018 on prog (id 73) dev N/A, expect packet loss! [ 651.785302][T12122] netlink: 'syz.2.2952': attribute type 33 has an invalid length. [ 651.793486][T12122] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2952'. [ 652.478619][T12132] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2958'. [ 652.896590][T12132] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2958'. [ 653.354524][T12148] loop2: detected capacity change from 0 to 256 [ 653.694676][T12148] FAT-fs (loop2): Directory bread(block 64) failed [ 653.701749][T12148] FAT-fs (loop2): Directory bread(block 65) failed [ 653.709036][T12148] FAT-fs (loop2): Directory bread(block 66) failed [ 653.715937][T12148] FAT-fs (loop2): Directory bread(block 67) failed [ 653.722849][T12148] FAT-fs (loop2): Directory bread(block 68) failed [ 653.729938][T12148] FAT-fs (loop2): Directory bread(block 69) failed [ 653.737083][T12148] FAT-fs (loop2): Directory bread(block 70) failed [ 653.752947][T12148] FAT-fs (loop2): Directory bread(block 71) failed [ 653.762671][T12148] FAT-fs (loop2): Directory bread(block 72) failed [ 653.769602][T12148] FAT-fs (loop2): Directory bread(block 73) failed [ 653.975041][ T29] audit: type=1800 audit(1737609282.425:66): pid=12148 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2964" name="file2" dev="loop2" ino=1048621 res=0 errno=0 [ 653.998438][ T5855] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 654.035847][T12158] loop3: detected capacity change from 0 to 64 [ 654.204282][ T5855] usb 2-1: Using ep0 maxpacket: 8 [ 654.272491][ T5855] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 654.281368][ T5855] usb 2-1: config 179 has no interface number 0 [ 654.288231][ T5855] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 654.289632][T12160] loop4: detected capacity change from 0 to 64 [ 654.299586][ T5855] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 654.299743][ T5855] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 654.299877][ T5855] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 654.300023][ T5855] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 654.354751][ T5855] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 654.364262][ T5855] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 654.530882][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 654.537859][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 654.560089][T12154] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 655.118086][ T5845] usb 2-1: USB disconnect, device number 12 [ 655.118094][ C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 655.118266][ C0] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 655.196231][T12166] cgroup: Invalid name [ 656.742448][T12189] netlink: 'syz.3.2984': attribute type 10 has an invalid length. [ 656.751497][T12189] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 656.761535][T12189] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 657.362964][T12201] netlink: 'syz.1.2990': attribute type 1 has an invalid length. [ 657.983130][T12212] loop1: detected capacity change from 0 to 8 [ 659.136379][T12232] loop1: detected capacity change from 0 to 64 [ 659.183544][T12229] loop2: detected capacity change from 0 to 2048 [ 659.249897][T12229] EXT4-fs (loop2): cluster size (1024) smaller than block size (4096) [ 659.629575][T12238] loop4: detected capacity change from 0 to 128 [ 659.674743][T12238] EXT4-fs (loop4): Test dummy encryption mode enabled [ 659.839647][T12238] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 659.948714][T12238] ext4 filesystem being mounted at /609/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 660.365182][T12238] fscrypt (loop4): Missing crypto API support for AES-256-CBC-CTS (API name: "cts(cbc(aes))") [ 661.079718][ T5788] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 661.502862][ T29] audit: type=1326 audit(1737609289.995:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12267 comm="syz.1.3021" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb2a858cd29 code=0x0 [ 661.671347][T12273] loop3: detected capacity change from 0 to 8 [ 662.325212][ T5855] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 662.562676][ T5855] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 662.572371][ T5855] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 662.580935][ T5855] usb 5-1: Product: syz [ 662.585475][ T5855] usb 5-1: Manufacturer: syz [ 662.590280][ T5855] usb 5-1: SerialNumber: syz [ 662.732377][ T5855] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 662.847212][ T5853] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 663.152298][ C0] usb 5-1: ath: unknown panic pattern! [ 663.358446][ T5845] usb 5-1: USB disconnect, device number 8 [ 663.869555][T12298] ipt_rpfilter: unknown options [ 663.946433][ T5853] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 663.955466][ T5853] ath9k_htc: Failed to initialize the device [ 664.044350][ T5845] usb 5-1: ath9k_htc: USB layer deinitialized [ 665.257670][T12315] loop3: detected capacity change from 0 to 2048 [ 665.368013][T12315] EXT4-fs (loop3): stripe (8) is not aligned with cluster size (16), stripe is disabled [ 665.547095][T12315] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 665.705666][T12315] EXT4-fs error (device loop3): ext4_find_extent:902: inode #2: comm syz.3.3043: inode has invalid extent depth: 6 [ 665.866590][T12332] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3047'. [ 666.145867][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 666.480373][T12338] loop0: detected capacity change from 0 to 512 [ 666.521671][T12338] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 666.601479][T12338] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.3051: corrupted in-inode xattr: e_value out of bounds [ 666.634080][T12338] EXT4-fs (loop0): Remounting filesystem read-only [ 666.642677][T12338] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 666.833338][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 667.241854][ T5853] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 667.447452][ T5853] usb 4-1: Using ep0 maxpacket: 8 [ 667.480460][ T5853] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 15 [ 667.490839][ T5853] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 667.502920][ T5853] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 667.515963][ T5853] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 667.668403][ T5853] usb 4-1: New USB device found, idVendor=077d, idProduct=04aa, bcdDevice=5b.d8 [ 667.677998][ T5853] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 667.686453][ T5853] usb 4-1: Product: syz [ 667.690834][ T5853] usb 4-1: Manufacturer: syz [ 667.695828][ T5853] usb 4-1: SerialNumber: syz [ 667.772904][ T5853] usb 4-1: config 0 descriptor?? [ 667.780916][T12349] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 668.073349][ T5853] powermate: Expected payload of 3--6 bytes, found 1024 bytes! [ 668.093559][ T5853] input: Griffin SoundKnob as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input19 [ 668.277737][ C0] powermate: config urb returned -71 [ 668.283633][ C0] powermate: config urb returned -71 [ 668.289846][ C0] powermate: config urb returned -71 [ 668.292864][ T5845] usb 4-1: USB disconnect, device number 13 [ 668.295229][ C0] powermate: usb_submit_urb(config) failed [ 668.295351][ C0] powermate 4-1:0.0: powermate_irq - usb_submit_urb failed with result: -19 [ 668.432045][T12367] delete_channel: no stack [ 674.397062][T12460] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3110'. [ 674.879234][T12467] vim2m vim2m.0: Fourcc format (0x31384142) invalid. [ 676.101223][T12489] netlink: 'syz.3.3123': attribute type 1 has an invalid length. [ 676.109699][T12489] netlink: 'syz.3.3123': attribute type 3 has an invalid length. [ 676.119833][T12489] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3123'. [ 676.129744][T12489] NCSI netlink: No device for ifindex 16772870 [ 676.323134][T12495] loop4: detected capacity change from 0 to 256 [ 678.612421][T12537] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3146'. [ 678.622006][T12537] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3146'. [ 680.308368][T12565] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3160'. [ 681.239496][T12579] loop0: detected capacity change from 0 to 512 [ 681.326823][T12580] loop1: detected capacity change from 0 to 1024 [ 681.492501][T12580] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 681.526769][T12579] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 681.541003][T12579] ext4 filesystem being mounted at /592/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 681.631583][T12579] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 681.858445][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 682.036610][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 683.014281][T12606] sock: sock_timestamping_bind_phc: sock not bind to device [ 683.785151][ T5853] usb 3-1: new full-speed USB device number 10 using dummy_hcd [ 684.024767][ T5853] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x6D, changing to 0xD [ 684.036772][ T5853] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0 [ 684.132808][ T5853] usb 3-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e [ 684.142318][ T5853] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 684.150927][ T5853] usb 3-1: Product: syz [ 684.155428][ T5853] usb 3-1: Manufacturer: syz [ 684.160232][ T5853] usb 3-1: SerialNumber: syz [ 684.259990][ T5853] usb 3-1: config 0 descriptor?? [ 684.311612][ T5853] streamzap 3-1:0.0: streamzap_probe: endpoint doesn't match input device 020d [ 684.484837][ T5853] usb 3-1: USB disconnect, device number 10 [ 685.654955][T12646] netlink: 112 bytes leftover after parsing attributes in process `syz.3.3199'. [ 685.664513][T12646] netlink: 'syz.3.3199': attribute type 1 has an invalid length. [ 686.203597][T12656] netlink: 'syz.3.3204': attribute type 2 has an invalid length. [ 686.744397][ T5853] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 686.954280][ T5853] usb 2-1: Using ep0 maxpacket: 16 [ 687.005064][ T5853] usb 2-1: config 0 has an invalid descriptor of length 39, skipping remainder of the config [ 687.015892][ T5853] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x58, changing to 0x8 [ 687.027850][ T5853] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid maxpacket 32695, setting to 1024 [ 687.041231][ T5853] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1024 [ 687.051933][ T5853] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 687.178374][ T5853] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 687.187995][ T5853] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 687.196446][ T5853] usb 2-1: Manufacturer: syz [ 687.236614][ T5853] usb 2-1: config 0 descriptor?? [ 687.244827][T12662] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 687.307294][T12674] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3213'. [ 687.508398][ T5853] usb 2-1: USB disconnect, device number 13 [ 688.035789][T12682] loop4: detected capacity change from 0 to 256 [ 688.297972][T12682] FAT-fs (loop4): Directory bread(block 64) failed [ 688.305982][T12682] FAT-fs (loop4): Directory bread(block 65) failed [ 688.313529][T12682] FAT-fs (loop4): Directory bread(block 66) failed [ 688.320520][T12682] FAT-fs (loop4): Directory bread(block 67) failed [ 688.327669][T12682] FAT-fs (loop4): Directory bread(block 68) failed [ 688.334701][T12682] FAT-fs (loop4): Directory bread(block 69) failed [ 688.341633][T12682] FAT-fs (loop4): Directory bread(block 70) failed [ 688.348614][T12682] FAT-fs (loop4): Directory bread(block 71) failed [ 688.364635][T12682] FAT-fs (loop4): Directory bread(block 72) failed [ 688.371443][T12682] FAT-fs (loop4): Directory bread(block 73) failed [ 688.465965][ T29] audit: type=1800 audit(1737609316.945:68): pid=12682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3217" name="file2" dev="loop4" ino=1048626 res=0 errno=0 [ 690.033766][T12709] loop2: detected capacity change from 0 to 128 [ 690.147011][T12709] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 690.215577][T12709] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 690.352529][T12709] EXT4-fs (loop2): ext4_remount: Checksum for group 0 failed (30846!=65535) [ 690.767668][ T5793] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 690.940086][T12714] loop1: detected capacity change from 0 to 4096 [ 690.980432][T12714] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 691.043432][T12722] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3237'. [ 691.305004][T12714] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 691.460408][T12714] ntfs3(loop1): ino=1e, "file1" failed to parse mft record [ 691.468229][T12714] ntfs3(loop1): ino=1e, "file1" attr_set_size [ 693.541104][T12762] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3256'. [ 693.550964][T12762] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3256'. [ 693.958275][T12760] loop4: detected capacity change from 0 to 4096 [ 694.020955][T12760] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 694.149354][T12770] dlm: no local IP address has been set [ 694.155634][T12770] dlm: cannot start dlm midcomms -107 [ 694.451559][T12774] netlink: 216 bytes leftover after parsing attributes in process `syz.0.3262'. [ 694.461016][T12774] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check. [ 695.390744][T12788] loop2: detected capacity change from 0 to 256 [ 695.425010][T12788] exfat: Deprecated parameter 'utf8' [ 695.524406][T12788] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 695.901421][T12794] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3273'. [ 698.174824][T12831] netlink: 'syz.1.3290': attribute type 33 has an invalid length. [ 698.182897][T12831] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3290'. [ 698.541491][T12837] xt_cgroup: path and classid specified [ 700.484539][ T5853] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 700.694965][ T5853] usb 5-1: Using ep0 maxpacket: 16 [ 700.724296][ T5853] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 700.734706][ T5853] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 700.744905][ T5853] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 700.755035][ T5853] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 700.954568][ T5853] usb 5-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=b4.5b [ 700.964369][ T5853] usb 5-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3 [ 700.972794][ T5853] usb 5-1: Product: syz [ 700.977437][ T5853] usb 5-1: Manufacturer: syz [ 700.982281][ T5853] usb 5-1: SerialNumber: syz [ 701.107677][ T5853] usb 5-1: config 0 descriptor?? [ 701.198450][ T5853] usb 5-1: NFC: intf ffff88804d8e6800 id ffffffff91d37430 [ 701.320508][ T5853] nfcmrvl 5-1:0.0: NFC: registered with nci successfully [ 701.340521][T12885] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check. [ 701.413743][ T5853] usb 5-1: USB disconnect, device number 9 [ 701.510726][ T5853] usb 5-1: NFC: intf ffff88804d8e6800 [ 701.794974][T12889] netlink: 'syz.1.3317': attribute type 8 has an invalid length. [ 703.432488][T12915] loop1: detected capacity change from 0 to 1024 [ 703.581431][T12915] hfsplus: bad catalog entry type [ 703.585010][T12923] netlink: 'syz.4.3334': attribute type 8 has an invalid length. [ 703.972985][ T3867] hfsplus: b-tree write err: -5, ino 4 [ 705.493433][T12947] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3346'. [ 707.058664][T12976] loop0: detected capacity change from 0 to 8 [ 707.165642][T12976] SQUASHFS error: zstd decompression error: 10 [ 707.172041][T12976] SQUASHFS error: zstd decompression failed, data probably corrupt [ 707.181423][T12976] SQUASHFS error: Failed to read block 0x62b: -5 [ 707.188289][T12976] SQUASHFS error: Unable to read metadata cache entry [629] [ 707.196010][T12976] SQUASHFS error: Unable to read directory block [629:ff26] [ 707.634528][T12983] netlink: 'syz.3.3364': attribute type 4 has an invalid length. [ 707.642514][T12983] netlink: 152 bytes leftover after parsing attributes in process `syz.3.3364'. [ 707.674926][T12983] : renamed from bond0 (while UP) [ 708.149690][T12988] loop2: detected capacity change from 0 to 2048 [ 708.269422][T12988] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 708.326797][T12995] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3370'. [ 708.336224][T12995] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3370'. [ 708.947426][T13002] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3374'. [ 709.604536][T13015] SET target dimension over the limit! [ 709.691334][T13017] netlink: 'syz.2.3381': attribute type 1 has an invalid length. [ 710.989338][T13035] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3390'. [ 711.033658][ T5991] udevd[5991]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory [ 711.127038][ T7641] udevd[7641]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory [ 712.351485][T13056] loop2: detected capacity change from 0 to 256 [ 712.672863][T13061] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3403'. [ 712.959239][ T29] audit: type=1400 audit(1737609341.445:69): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A273A02 pid=13064 comm="syz.3.3405" [ 714.866519][T13099] loop3: detected capacity change from 0 to 1764 [ 715.097080][T13099] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 715.894138][T13120] loop3: detected capacity change from 0 to 512 [ 715.965284][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 715.972077][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 716.054969][T13120] EXT4-fs (loop3): filesystem is read-only [ 716.075423][T13120] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 716.182780][T13120] EXT4-fs (loop3): filesystem is read-only [ 716.189344][T13120] EXT4-fs (loop3): orphan cleanup on readonly fs [ 716.275625][T13120] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3428: bg 0: block 64: padding at end of block bitmap is not set [ 716.297234][T13120] EXT4-fs (loop3): Remounting filesystem read-only [ 716.304486][T13120] EXT4-fs (loop3): 1 orphan inode deleted [ 716.312044][T13120] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 716.628026][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 716.794959][T13133] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3435'. [ 719.657365][T13188] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3462'. [ 720.235418][T13196] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3466'. [ 720.543067][T13199] SET target dimension over the limit! [ 722.576880][T13234] netlink: 'syz.1.3485': attribute type 2 has an invalid length. [ 722.585780][T13234] netlink: 192444 bytes leftover after parsing attributes in process `syz.1.3485'. [ 724.781071][T13270] tmpfs: Bad value for 'usrquota_inode_hardlimit' [ 726.177478][T13296] netlink: 'syz.4.3516': attribute type 10 has an invalid length. [ 726.194917][T13296] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3516'. [ 726.207098][T13296] bridge0: port 1(veth1_macvtap) entered blocking state [ 726.215110][T13296] bridge0: port 1(veth1_macvtap) entered disabled state [ 726.222856][T13296] veth1_macvtap: entered allmulticast mode [ 726.230910][T13296] veth1_macvtap: left allmulticast mode [ 726.239233][T13296] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check. [ 726.285573][T13297] netlink: 'syz.3.3514': attribute type 13 has an invalid length. [ 726.293904][T13297] netlink: 'syz.3.3514': attribute type 14 has an invalid length. [ 726.301929][T13297] netlink: 156 bytes leftover after parsing attributes in process `syz.3.3514'. [ 726.792834][T13301] loop2: detected capacity change from 0 to 1764 [ 726.861300][T13305] loop1: detected capacity change from 0 to 256 [ 727.122318][T13309] loop4: detected capacity change from 0 to 1764 [ 728.151349][T13320] netdevsim netdevsim2: Direct firmware load for / [ 728.151349][T13320] failed with error -2 [ 728.162468][T13320] netdevsim netdevsim2: Falling back to sysfs fallback for: / [ 728.162468][T13320] [ 729.823215][T13345] overlay: Bad value for 'workdir' [ 732.119956][T13381] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3558'. [ 733.796786][T13401] loop3: detected capacity change from 0 to 4096 [ 733.819141][ T5082] Bluetooth: hci3: unexpected event for opcode 0x0c7b [ 733.894983][T13409] lo speed is unknown, defaulting to 1000 [ 733.901106][T13409] lo speed is unknown, defaulting to 1000 [ 733.908866][T13409] lo speed is unknown, defaulting to 1000 [ 733.927151][T13409] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 733.965158][T13409] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 734.067280][T13409] lo speed is unknown, defaulting to 1000 [ 734.078301][T13409] lo speed is unknown, defaulting to 1000 [ 734.087389][T13409] lo speed is unknown, defaulting to 1000 [ 734.095942][T13409] lo speed is unknown, defaulting to 1000 [ 734.104784][T13409] lo speed is unknown, defaulting to 1000 [ 735.115762][ T5845] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 735.342217][ T5845] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 735.352926][ T5845] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 735.369120][ T5845] usb 3-1: Product: syz [ 735.376577][ T5845] usb 3-1: Manufacturer: syz [ 735.381431][ T5845] usb 3-1: SerialNumber: syz [ 735.480104][ T5845] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 735.575148][T13423] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 736.084130][ T5853] usb 3-1: USB disconnect, device number 11 [ 736.674284][T13423] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 736.681980][T13423] ath9k_htc: Failed to initialize the device [ 736.754526][ T5853] usb 3-1: ath9k_htc: USB layer deinitialized [ 737.130407][T13455] netlink: 9 bytes leftover after parsing attributes in process `syz.0.3591'. [ 737.141844][T13455] 0·: renamed from veth0_virt_wifi (while UP) [ 737.192162][T13455] 0·: entered allmulticast mode [ 737.199924][T13455] A link change request failed with some changes committed already. Interface c0· may have been left with an inconsistent configuration, please check. [ 737.870080][T13468] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3597'. [ 739.005109][T13490] netlink: 'syz.2.3609': attribute type 10 has an invalid length. [ 739.013354][T13490] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3609'. [ 739.027595][T13490] batman_adv: batadv0: Adding interface: vlan0 [ 739.034208][T13490] batman_adv: batadv0: The MTU of interface vlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 739.060330][T13490] batman_adv: batadv0: Interface activated: vlan0 [ 739.615436][T13496] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 740.370814][T13510] netlink: 144 bytes leftover after parsing attributes in process `syz.2.3619'. [ 740.771825][T13517] netlink: 'syz.3.3623': attribute type 3 has an invalid length. [ 740.780055][T13517] netlink: 'syz.3.3623': attribute type 1 has an invalid length. [ 740.797082][T13517] netlink: 216 bytes leftover after parsing attributes in process `syz.3.3623'. [ 740.809438][T13517] NCSI netlink: No device for ifindex 33022 [ 741.847208][T13537] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 744.243142][T13577] netlink: 'syz.3.3652': attribute type 2 has an invalid length. [ 744.251446][T13577] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3652'. [ 744.721452][T13583] loop4: detected capacity change from 0 to 2048 [ 744.850781][T13583] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 745.690616][T13602] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3665'. [ 746.455782][T13610] loop4: detected capacity change from 0 to 2048 [ 746.641489][T13610] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 746.819927][T13622] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3674'. [ 746.837653][T13622] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3674'. [ 748.677948][T13654] program syz.1.3689 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 749.325375][T13664] netlink: 'syz.1.3695': attribute type 13 has an invalid length. [ 749.333453][T13664] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3695'. [ 749.350946][T13664] syz_tun: refused to change device tx_queue_len [ 749.357783][T13664] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 751.004809][T13694] netlink: 'syz.1.3710': attribute type 3 has an invalid length. [ 751.012794][T13694] netlink: 3 bytes leftover after parsing attributes in process `syz.1.3710'. [ 751.807947][T13715] loop2: detected capacity change from 0 to 256 [ 751.895120][T13715] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 752.015794][T13715] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 752.076602][T13715] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 752.133662][T13715] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 752.910691][T13727] netlink: 'syz.4.3724': attribute type 10 has an invalid length. [ 752.919377][T13727] bridge0: port 1(team0) entered blocking state [ 752.926564][T13727] bridge0: port 1(team0) entered disabled state [ 752.933544][T13727] team0: entered allmulticast mode [ 752.945760][T13727] team0: entered promiscuous mode [ 753.010609][T13730] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3726'. [ 753.537171][T13738] xt_cgroup: invalid path, errno=-2 [ 754.590649][T13755] bpf: Bad value for 'mode' [ 755.748394][T13780] loop3: detected capacity change from 0 to 128 [ 756.258973][T13781] loop4: detected capacity change from 0 to 4096 [ 756.412518][T13787] loop2: detected capacity change from 0 to 512 [ 756.445892][T13781] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 756.516084][T13787] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 756.526969][T13787] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 756.535491][T13787] EXT4-fs error (device loop2): ext4_orphan_get:1415: comm syz.2.3754: bad orphan inode 13 [ 756.565749][T13787] EXT4-fs (loop2): Remounting filesystem read-only [ 756.574486][T13787] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 756.938203][ T5788] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 757.005582][ T5793] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 757.450268][T13798] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 757.534175][T13803] binder: 13800:13803 ioctl c0046209 0 returned -22 [ 757.546294][T13804] 9p: Unknown access argument v: -22 [ 758.344090][T13423] usb 4-1: new full-speed USB device number 14 using dummy_hcd [ 758.564876][T13423] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 758.575201][T13423] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 758.652424][T13423] usb 4-1: config 0 descriptor?? [ 758.691964][T13423] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 759.092401][T13423] gp8psk: usb in 137 operation failed. [ 759.099517][T13423] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 759.110825][T13423] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 759.185535][T13423] usb 4-1: USB disconnect, device number 14 [ 759.634601][ T29] audit: type=1326 audit(1737609388.125:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13835 comm="syz.4.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 759.727660][ T29] audit: type=1326 audit(1737609388.185:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13835 comm="syz.4.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 759.751050][ T29] audit: type=1326 audit(1737609388.185:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13835 comm="syz.4.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 759.774100][ T29] audit: type=1326 audit(1737609388.185:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13835 comm="syz.4.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 760.558062][ T29] audit: type=1326 audit(1737609389.045:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13846 comm="syz.1.3782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2a858cd29 code=0x7ffc0000 [ 760.622505][T13847] loop2: detected capacity change from 0 to 1024 [ 760.638576][ T29] audit: type=1326 audit(1737609389.095:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13846 comm="syz.1.3782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7fb2a858cd29 code=0x7ffc0000 [ 760.661465][ T29] audit: type=1326 audit(1737609389.095:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13846 comm="syz.1.3782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2a858cd29 code=0x7ffc0000 [ 760.684917][ T29] audit: type=1326 audit(1737609389.095:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13846 comm="syz.1.3782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2a858cd29 code=0x7ffc0000 [ 760.822637][T13847] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 760.835801][T13847] ext4 filesystem being mounted at /768/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 760.962965][T13847] EXT4-fs error (device loop2): ext4_xattr_block_find:1877: inode #15: comm syz.2.3781: corrupted xattr block 128: invalid ea_ino [ 761.190033][ T5793] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 761.295038][T13861] tmpfs: User quota block hardlimit too large. [ 762.344723][T13877] ieee802154 phy0 wpan0: encryption failed: -90 [ 763.216574][T13893] netlink: 'syz.1.3802': attribute type 21 has an invalid length. [ 763.587534][T13896] bridge4: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 763.597781][T13896] bridge4: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 764.035395][T13907] IPv6: sit1: Disabled Multicast RS [ 764.154793][T13909] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3809'. [ 764.280056][T13909] bridge3: the hash_elasticity option has been deprecated and is always 16 [ 765.561109][T13935] loop2: detected capacity change from 0 to 256 [ 765.617389][T13935] exfat: Deprecated parameter 'namecase' [ 765.623466][T13935] exfat: Deprecated parameter 'utf8' [ 765.629618][T13935] exfat: Deprecated parameter 'namecase' [ 765.692303][T13934] loop4: detected capacity change from 0 to 1764 [ 765.809778][T13935] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 765.814155][T13934] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 766.164067][T13423] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 766.420095][T13423] usb 4-1: config 0 has an invalid interface number: 69 but max is 0 [ 766.429099][T13423] usb 4-1: config 0 has no interface number 0 [ 766.435624][T13423] usb 4-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 766.446040][T13423] usb 4-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 766.541250][T13423] usb 4-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 766.550802][T13423] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 766.559296][T13423] usb 4-1: Product: syz [ 766.563670][T13423] usb 4-1: Manufacturer: syz [ 766.568673][T13423] usb 4-1: SerialNumber: syz [ 766.722415][T13423] usb 4-1: config 0 descriptor?? [ 766.732883][T13940] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 766.758270][T13423] cyberjack 4-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 766.913219][T13423] usb 4-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 767.252189][T13423] usb 4-1: USB disconnect, device number 15 [ 767.295605][T13423] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 767.320609][T13423] cyberjack 4-1:0.69: device disconnected [ 767.457341][T13949] loop2: detected capacity change from 0 to 4096 [ 767.500917][T13949] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 767.852466][T13949] ntfs3(loop2): failed to convert "c46c" to cp863 [ 768.655567][T13973] netlink: 'syz.4.3843': attribute type 1 has an invalid length. [ 770.672590][T14011] loop2: detected capacity change from 0 to 64 [ 771.577133][T14025] loop2: detected capacity change from 0 to 1764 [ 771.804431][T13423] usb 5-1: new full-speed USB device number 10 using dummy_hcd [ 772.076438][T13423] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 772.084676][T13423] usb 5-1: can't read configurations, error -71 [ 772.293491][T14037] loop2: detected capacity change from 0 to 64 [ 773.116715][ T29] audit: type=1326 audit(1737609401.605:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14050 comm="syz.4.3880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 773.148488][ T29] audit: type=1326 audit(1737609401.605:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14050 comm="syz.4.3880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 773.324018][ T29] audit: type=1326 audit(1737609401.705:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14050 comm="syz.4.3880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 773.356455][ T29] audit: type=1326 audit(1737609401.705:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14050 comm="syz.4.3880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 773.379271][ T29] audit: type=1326 audit(1737609401.705:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14050 comm="syz.4.3880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 773.650811][T14058] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3884'. [ 775.083298][T14082] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 775.201903][T14086] netlink: 'syz.3.3898': attribute type 2 has an invalid length. [ 775.781248][T14096] loop3: detected capacity change from 0 to 736 [ 776.360531][T14096] rock: directory entry would overflow storage [ 776.367197][T14096] rock: sig=0x5850, size=36, remaining=14 [ 777.412146][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 777.419111][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 777.668936][T14123] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3917'. [ 777.678531][T14123] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3917'. [ 778.849148][T14147] program syz.1.3927 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 780.487938][T14176] xt_hashlimit: max too large, truncated to 1048576 [ 781.531507][T14192] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3949'. [ 782.614862][T14210] netlink: 'syz.3.3957': attribute type 2 has an invalid length. [ 783.536472][T14225] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 783.804542][T14227] lo speed is unknown, defaulting to 1000 [ 785.155428][T14249] loop4: detected capacity change from 0 to 1024 [ 785.336936][T14249] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 785.931807][ T5788] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 788.118514][T14308] netlink: 'syz.1.4003': attribute type 10 has an invalid length. [ 788.173415][T14308] team0: Port device dummy0 added [ 790.498977][T14346] syz.3.4021: attempt to access beyond end of device [ 790.498977][T14346] nbd3: rw=0, sector=6, nr_sectors = 2 limit=0 [ 790.512180][T14346] ADFS-fs (nbd3): error: unable to read block 3, try 0 [ 791.260089][T14361] netlink: zone id is out of range [ 791.274028][T14361] netlink: zone id is out of range [ 792.795642][T14384] loop4: detected capacity change from 0 to 2048 [ 792.868338][T14384] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 792.958256][T14384] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 794.388525][T14409] netlink: 'syz.0.4051': attribute type 8 has an invalid length. [ 794.554738][T14415] netlink: 'syz.4.4054': attribute type 10 has an invalid length. [ 794.679492][T14415] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 794.694203][T14415] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 795.507680][T14427] vivid-000: disconnect [ 795.543509][T14426] vivid-000: reconnect [ 795.731821][T14432] loop2: detected capacity change from 0 to 128 [ 795.787529][T14432] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 795.859401][T14432] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 797.694450][T14466] netlink: 'syz.2.4079': attribute type 11 has an invalid length. [ 797.815152][ T5853] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 798.014452][ T5853] usb 5-1: Using ep0 maxpacket: 16 [ 798.076431][ T5853] usb 5-1: config 0 has an invalid interface number: 104 but max is 1 [ 798.085282][ T5853] usb 5-1: config 0 has an invalid interface number: 104 but max is 1 [ 798.093722][ T5853] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 798.102963][ T5853] usb 5-1: config 0 has no interface number 0 [ 798.109500][ T5853] usb 5-1: config 0 interface 104 has no altsetting 1 [ 798.252087][ T5853] usb 5-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice= 7.36 [ 798.261968][ T5853] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 798.271427][ T5853] usb 5-1: Product: syz [ 798.280840][ T5853] usb 5-1: Manufacturer: syz [ 798.285831][ T5853] usb 5-1: SerialNumber: syz [ 798.375284][ T5853] usb 5-1: config 0 descriptor?? [ 798.619066][ T5853] asix 5-1:0.104 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 798.630954][ T5853] asix 5-1:0.104: probe with driver asix failed with error -71 [ 798.759924][ T5853] usb 5-1: USB disconnect, device number 12 [ 799.035436][T14486] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4089'. [ 800.094403][T14506] Cannot find del_set index 4 as target [ 800.565066][T14513] netlink: 830 bytes leftover after parsing attributes in process `syz.2.4101'. [ 802.244736][T14544] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4117'. [ 802.254218][T14544] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4117'. [ 802.532999][T14548] openvswitch: netlink: ufid size 20 bytes exceeds the range (1, 16) [ 802.913057][T14554] CIFS: iocharset name too long [ 803.613154][T14560] loop3: detected capacity change from 0 to 4096 [ 803.677966][T14560] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 804.128013][T14560] ntfs3(loop3): failed to convert "c46c" to macgaelic [ 804.306885][T14577] Non-string source [ 804.946084][T14587] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4138'. [ 806.054723][T14607] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4148'. [ 806.264644][ T5845] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 806.474851][ T5845] usb 2-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 806.484435][ T5845] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 806.551933][ T5845] usb 2-1: config 0 descriptor?? [ 806.596121][ T5845] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input23 [ 806.793076][ T5845] usb 2-1: USB disconnect, device number 14 [ 809.888233][T14667] loop3: detected capacity change from 0 to 256 [ 810.365685][T14667] FAT-fs (loop3): Directory bread(block 64) failed [ 810.372499][T14667] FAT-fs (loop3): Directory bread(block 65) failed [ 810.379617][T14667] FAT-fs (loop3): Directory bread(block 66) failed [ 810.387065][T14667] FAT-fs (loop3): Directory bread(block 67) failed [ 810.394077][T14667] FAT-fs (loop3): Directory bread(block 68) failed [ 810.403648][T14667] FAT-fs (loop3): Directory bread(block 69) failed [ 810.410739][T14667] FAT-fs (loop3): Directory bread(block 70) failed [ 810.426668][T14667] FAT-fs (loop3): Directory bread(block 71) failed [ 810.433584][T14667] FAT-fs (loop3): Directory bread(block 72) failed [ 810.443599][T14667] FAT-fs (loop3): Directory bread(block 73) failed [ 810.617410][ T29] audit: type=1326 audit(1737609439.115:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14676 comm="syz.4.4182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 810.797319][ T29] audit: type=1326 audit(1737609439.185:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14676 comm="syz.4.4182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 810.820324][ T29] audit: type=1326 audit(1737609439.185:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14676 comm="syz.4.4182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 810.842952][ C0] vkms_vblank_simulate: vblank timer overrun [ 810.849720][ T29] audit: type=1326 audit(1737609439.185:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14676 comm="syz.4.4182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 813.033390][T14710] loop3: detected capacity change from 0 to 4096 [ 813.061736][T14710] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 813.260657][T14720] loop2: detected capacity change from 0 to 16 [ 813.331147][T14720] erofs (device loop2): mounted with root inode @ nid 36. [ 813.427208][T14720] erofs (device loop2): invalid tail-packing pclustersize 0 [ 813.435319][T14720] erofs (device loop2): invalid tail-packing pclustersize 0 [ 813.442863][T14720] erofs (device loop2): readahead error at folio 0 @ nid 89 [ 813.450945][T14720] erofs (device loop2): invalid tail-packing pclustersize 0 [ 813.458680][T14720] erofs (device loop2): invalid tail-packing pclustersize 0 [ 813.466534][T14720] erofs (device loop2): readahead error at folio 8 @ nid 89 [ 813.474328][T14720] erofs (device loop2): invalid tail-packing pclustersize 0 [ 813.481855][T14720] erofs (device loop2): readahead error at folio 4 @ nid 89 [ 813.499367][T14720] erofs (device loop2): invalid tail-packing pclustersize 0 [ 813.509758][T14720] erofs (device loop2): invalid tail-packing pclustersize 0 [ 813.517440][T14720] erofs (device loop2): read error -117 @ 0 of nid 89 [ 813.530348][ T29] audit: type=1800 audit(1737609442.025:87): pid=14720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4203" name="file3" dev="loop2" ino=89 res=0 errno=0 [ 814.774597][T14743] QAT: failed to copy from user cfg_data. [ 815.439135][T14755] 8021q: VLANs not supported on lo [ 815.561156][T14754] loop4: detected capacity change from 0 to 2048 [ 815.586373][T14754] udf: Bad value for 'anchor' [ 815.867404][T14760] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4222'. [ 815.876998][T14760] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4222'. [ 816.115489][ T5845] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 816.335671][ T5845] usb 5-1: config 0 has an invalid descriptor of length 205, skipping remainder of the config [ 816.406597][ T5845] usb 5-1: New USB device found, idVendor=e20c, idProduct=11e1, bcdDevice=1d.c9 [ 816.416249][ T5845] usb 5-1: New USB device strings: Mfr=47, Product=7, SerialNumber=3 [ 816.425283][ T5845] usb 5-1: Product: syz [ 816.429765][ T5845] usb 5-1: Manufacturer: syz [ 816.434652][ T5845] usb 5-1: SerialNumber: syz [ 816.507079][ T5845] usb 5-1: config 0 descriptor?? [ 816.520517][ T5845] rndis_host 5-1:0.0: skipping garbage [ 816.527896][ T5845] rndis_host 5-1:0.0: probe with driver rndis_host failed with error -22 [ 816.754071][ T5853] usb 5-1: USB disconnect, device number 13 [ 817.136282][T14775] loop2: detected capacity change from 0 to 128 [ 817.208614][T14775] VFS: Found a Xenix FS (block size = 1024) on device loop2 [ 817.501820][ T29] audit: type=1326 audit(1737609445.985:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14781 comm="syz.1.4233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2a858cd29 code=0x7ffc0000 [ 817.575576][ T5793] sysv_free_block: flc_count > flc_size [ 817.581357][ T5793] sysv_free_block: flc_count > flc_size [ 817.587382][ T5793] sysv_free_block: flc_count > flc_size [ 817.593104][ T5793] sysv_free_block: flc_count > flc_size [ 817.599000][ T5793] sysv_free_block: flc_count > flc_size [ 817.604969][ T5793] sysv_free_block: flc_count > flc_size [ 817.610657][ T5793] sysv_free_block: flc_count > flc_size [ 817.616533][ T5793] sysv_free_block: flc_count > flc_size [ 817.622336][ T5793] sysv_free_block: flc_count > flc_size [ 817.628248][ T5793] sysv_free_block: flc_count > flc_size [ 817.635015][ T5793] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 817.644753][ T29] audit: type=1326 audit(1737609446.055:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14781 comm="syz.1.4233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7fb2a858cd29 code=0x7ffc0000 [ 817.667668][ T29] audit: type=1326 audit(1737609446.055:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14781 comm="syz.1.4233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2a858cd29 code=0x7ffc0000 [ 817.698166][ T29] audit: type=1326 audit(1737609446.055:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14781 comm="syz.1.4233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2a858cd29 code=0x7ffc0000 [ 818.836297][T14800] loop2: detected capacity change from 0 to 512 [ 819.036285][T14800] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 819.049616][T14800] ext4 filesystem being mounted at /862/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 819.061719][T14807] AppArmor: change_hat: Invalid input 'ê' [ 819.456255][ T5793] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 820.825114][T14836] loop3: detected capacity change from 0 to 1024 [ 821.011164][T14836] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 821.179742][T14844] tipc: Trying to set illegal importance in message [ 821.206307][T14846] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4261'. [ 821.456442][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 822.111721][T14859] netlink: 'syz.0.4268': attribute type 30 has an invalid length. [ 822.120557][T14859] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode balance-alb(6) [ 822.365840][T14850] 9pnet_fd: p9_fd_create_tcp (14850): problem connecting socket to 127.0.0.1 [ 823.338594][T14878] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 823.833636][T14886] loop4: detected capacity change from 0 to 256 [ 824.076976][T14886] FAT-fs (loop4): Directory bread(block 64) failed [ 824.085285][T14886] FAT-fs (loop4): Directory bread(block 65) failed [ 824.095542][T14886] FAT-fs (loop4): Directory bread(block 66) failed [ 824.102339][T14886] FAT-fs (loop4): Directory bread(block 67) failed [ 824.110645][T14886] FAT-fs (loop4): Directory bread(block 68) failed [ 824.117611][T14886] FAT-fs (loop4): Directory bread(block 69) failed [ 824.124718][T14886] FAT-fs (loop4): Directory bread(block 70) failed [ 824.131493][T14886] FAT-fs (loop4): Directory bread(block 71) failed [ 824.138575][T14886] FAT-fs (loop4): Directory bread(block 72) failed [ 824.145621][T14886] FAT-fs (loop4): Directory bread(block 73) failed [ 824.660067][T14898] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4288'. [ 824.935207][T14901] netlink: 228 bytes leftover after parsing attributes in process `syz.4.4289'. [ 825.374923][T14909] loop2: detected capacity change from 0 to 8 [ 825.504312][T14912] netlink: 'syz.3.4295': attribute type 2 has an invalid length. [ 825.646014][ T5845] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 825.687539][T14914] netlink: 'syz.1.4296': attribute type 64 has an invalid length. [ 825.874374][ T5845] usb 5-1: Using ep0 maxpacket: 8 [ 825.943352][ T5845] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 825.996659][ T5845] usb 5-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 826.006467][ T5845] usb 5-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 826.014978][ T5845] usb 5-1: Product: syz [ 826.019358][ T5845] usb 5-1: Manufacturer: syz [ 826.024270][ T5845] usb 5-1: SerialNumber: syz [ 826.378165][ T5845] usb 5-1: Invalid connection information received from device [ 826.616028][ T5845] usb 5-1: USB disconnect, device number 14 [ 826.769170][T14926] loop3: detected capacity change from 0 to 8 [ 826.863953][T14926] SQUASHFS error: Corrupted symlink [ 827.383664][T14932] i2c i2c-0: Invalid block read size 34 [ 827.554367][T14934] binfmt_misc: register: failed to install interpreter file ./file0 [ 829.098757][T14958] loop2: detected capacity change from 0 to 8 [ 829.235287][T14958] SQUASHFS error: lzo decompression failed, data probably corrupt [ 829.243392][T14958] SQUASHFS error: Failed to read block 0x4ef: -5 [ 829.250565][T14958] SQUASHFS error: Unable to read metadata cache entry [4ed] [ 829.266265][T14958] SQUASHFS error: Unable to read inode 0x50087 [ 830.122924][T14971] loop3: detected capacity change from 0 to 2048 [ 830.314113][T14971] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 830.327352][T14971] ext4 filesystem being mounted at /887/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 830.346248][T14979] netlink: 84 bytes leftover after parsing attributes in process `syz.0.4329'. [ 830.356041][T14979] netlink: 84 bytes leftover after parsing attributes in process `syz.0.4329'. [ 830.382231][ T5082] Bluetooth: hci3: unexpected cc 0x203e length: 2 > 1 [ 830.389619][ T5082] Bluetooth: hci3: unexpected event for opcode 0x203e [ 830.398229][T14971] /dev/loop3: Can't open blockdev [ 830.855123][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 831.375467][T14997] ip6gretap0 speed is unknown, defaulting to 1000 [ 831.382402][T14997] ip6gretap0 speed is unknown, defaulting to 1000 [ 831.390290][T14997] ip6gretap0 speed is unknown, defaulting to 1000 [ 831.444052][T14997] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 831.541971][T14989] loop2: detected capacity change from 0 to 4096 [ 831.565413][T14989] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 831.709885][T14997] ip6gretap0 speed is unknown, defaulting to 1000 [ 831.720019][T14997] ip6gretap0 speed is unknown, defaulting to 1000 [ 831.730441][T14997] ip6gretap0 speed is unknown, defaulting to 1000 [ 831.745614][T14997] ip6gretap0 speed is unknown, defaulting to 1000 [ 831.755437][T14997] ip6gretap0 speed is unknown, defaulting to 1000 [ 831.984477][T15002] netlink: 144 bytes leftover after parsing attributes in process `syz.0.4339'. [ 832.003610][T14989] ntfs3(loop2): failed to convert "c46c" to cp850 [ 833.039160][T15019] netlink: 152 bytes leftover after parsing attributes in process `syz.1.4347'. [ 833.048836][T15019] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4347'. [ 833.134302][T13423] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 833.334557][T13423] usb 4-1: Using ep0 maxpacket: 16 [ 833.384853][T13423] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 833.396932][T13423] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 833.408503][T13423] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 833.420036][T13423] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 833.435062][T13423] usb 4-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 833.444492][T13423] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 833.617391][T13423] usb 4-1: config 0 descriptor?? [ 833.625609][T15016] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 833.717717][T13423] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input24 [ 833.884692][ T5853] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 834.029837][ T5855] usb 4-1: USB disconnect, device number 16 [ 834.111311][ T5853] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 834.116952][ T5129] pxrc 4-1:0.0: pxrc_open - usb_submit_urb failed, error: -19 [ 834.123219][ T5853] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 834.140522][ T5853] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 834.142556][T15025] loop4: detected capacity change from 0 to 4096 [ 834.151830][ T5853] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 834.233020][T15025] ntfs3(loop4): It is recommened to use chkdsk. [ 834.246373][ T5853] usb 2-1: New USB device found, idVendor=0738, idProduct=a2c5, bcdDevice=1e.ce [ 834.256464][ T5853] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 834.266116][ T5853] usb 2-1: Product: syz [ 834.270509][ T5853] usb 2-1: Manufacturer: syz [ 834.278468][ T5853] usb 2-1: SerialNumber: syz [ 834.349662][T15025] ntfs3(loop4): try to read out of volume at offset 0x3fffffc0c00 [ 834.358322][T15025] ntfs3(loop4): try to read out of volume at offset 0x3fffffc0c00 [ 834.366910][T15025] ntfs3(loop4): try to read out of volume at offset 0x3fffffc0c00 [ 834.372070][ T5853] usb 2-1: config 0 descriptor?? [ 834.384531][T15025] ntfs3(loop4): try to read out of volume at offset 0x3fffffc0c00 [ 834.392818][T15025] ntfs3(loop4): try to read out of volume at offset 0x3fffffc1c00 [ 834.404213][T15025] ntfs3(loop4): try to read out of volume at offset 0x3fffffc2c00 [ 834.412414][T15025] ntfs3(loop4): try to read out of volume at offset 0x3fffffc4c00 [ 834.419681][ T5853] xpad 2-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90 [ 834.420658][T15025] ntfs3(loop4): try to read out of volume at offset 0x3fffffc8c00 [ 834.434302][ T5853] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input25 [ 834.439283][T15025] ntfs3(loop4): try to read out of volume at offset 0x3fffffd0c00 [ 834.467558][ T5082] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 834.476597][ T5082] Bluetooth: hci3: Injecting HCI hardware error event [ 834.493999][ T5082] Bluetooth: hci3: hardware error 0x00 [ 834.768497][T13423] usb 2-1: USB disconnect, device number 15 [ 834.776605][T13423] xpad 2-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 835.941300][T15054] rdma_rxe: rxe_newlink: failed to add lo [ 836.185683][T15055] loop4: detected capacity change from 0 to 1024 [ 836.232419][T15055] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 836.364663][T15055] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 836.365859][T15055] EXT4-fs (loop4): orphan cleanup on readonly fs [ 836.370478][T15055] EXT4-fs error (device loop4): ext4_free_blocks:6589: comm syz.4.4359: Freeing blocks not in datazone - block = 0, count = 4096 [ 836.385840][T15055] EXT4-fs (loop4): 1 orphan inode deleted [ 836.387457][T15055] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 836.446666][T15055] EXT4-fs error (device loop4): ext4_search_dir:1505: inode #2: block 16: comm syz.4.4359: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 836.585253][ T5082] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 836.692159][ T5788] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 837.883644][T15078] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4374'. [ 837.971128][T15077] loop2: detected capacity change from 0 to 1024 [ 838.113366][T15077] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 838.249248][T15077] EXT4-fs error (device loop2): ext4_get_first_dir_block:3563: inode #11: comm syz.2.4373: directory missing '..' [ 838.592517][ T5793] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 838.820140][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 838.827064][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 838.913139][T15094] (syz.1.4380,15094,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 838.923647][T15094] (syz.1.4380,15094,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 840.893073][T15129] netlink: 156 bytes leftover after parsing attributes in process `syz.2.4398'. [ 843.043926][T15171] tmpfs: Bad value for 'mpol' [ 843.645013][T15182] netlink: 4268 bytes leftover after parsing attributes in process `syz.3.4422'. [ 843.655358][T15182] netlink: 4268 bytes leftover after parsing attributes in process `syz.3.4422'. [ 844.006622][T15185] loop2: detected capacity change from 0 to 1024 [ 844.829311][ T29] audit: type=1326 audit(1737609473.505:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15197 comm="syz.0.4431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 844.852541][ T29] audit: type=1326 audit(1737609473.505:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15197 comm="syz.0.4431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 845.024988][ T29] audit: type=1326 audit(1737609473.566:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15197 comm="syz.0.4431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 845.055378][ T29] audit: type=1326 audit(1737609473.566:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15197 comm="syz.0.4431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 845.077818][ C1] vkms_vblank_simulate: vblank timer overrun [ 845.086841][ T29] audit: type=1326 audit(1737609473.566:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15197 comm="syz.0.4431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 845.109271][ C1] vkms_vblank_simulate: vblank timer overrun [ 847.029087][T15239] tmpfs: Bad value for 'mpol' [ 847.500360][T15248] xt_connbytes: Forcing CT accounting to be enabled [ 847.678993][T15251] x_tables: duplicate underflow at hook 3 [ 848.552800][ T5853] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 848.739241][ T5853] usb 5-1: Using ep0 maxpacket: 8 [ 848.761560][ T5853] usb 5-1: config 0 has an invalid interface number: 52 but max is 0 [ 848.770752][ T5853] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 848.781444][ T5853] usb 5-1: config 0 has no interface number 0 [ 848.787948][ T5853] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 848.799588][ T5853] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0 [ 848.809939][ T5853] usb 5-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 848.823264][ T5853] usb 5-1: config 0 interface 52 has no altsetting 0 [ 849.093929][ T5853] usb 5-1: New USB device found, idVendor=06cb, idProduct=0013, bcdDevice=e8.00 [ 849.103416][ T5853] usb 5-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0 [ 849.111859][ T5853] usb 5-1: Manufacturer: syz [ 849.184445][ T5853] usb 5-1: config 0 descriptor?? [ 849.442948][ T5853] input: syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.52/input/input26 [ 849.463297][ T5129] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 849.489346][ T5129] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 849.633292][ T5853] usb 5-1: USB disconnect, device number 15 [ 849.695908][T15285] netlink: 'syz.1.4472': attribute type 2 has an invalid length. [ 849.704082][T15285] netlink: 'syz.1.4472': attribute type 1 has an invalid length. [ 852.734753][T15339] xt_TPROXY: Can be used only with -p tcp or -p udp [ 852.942543][T15342] binfmt_misc: register: failed to install interpreter file ./file0 [ 852.986889][T15343] netlink: 'syz.4.4501': attribute type 3 has an invalid length. [ 852.995414][T15343] netlink: 'syz.4.4501': attribute type 3 has an invalid length. [ 853.004212][T15343] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4501'. [ 853.153878][T15346] loop3: detected capacity change from 0 to 128 [ 853.192916][T15347] loop2: detected capacity change from 0 to 128 [ 853.349421][T15347] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 853.357803][T15349] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4504'. [ 853.369263][T15349] netlink: 'syz.0.4504': attribute type 1 has an invalid length. [ 853.377509][T15349] netlink: 'syz.0.4504': attribute type 1 has an invalid length. [ 853.496260][T15347] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 854.650456][T15369] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4514'. [ 855.436486][ T5853] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 855.523139][T15381] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 855.631565][ T5853] usb 3-1: Using ep0 maxpacket: 16 [ 855.670415][ T5853] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 112 [ 855.720640][ T5853] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 855.730923][ T5853] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 855.740033][ T5853] usb 3-1: Product: syz [ 855.744503][ T5853] usb 3-1: Manufacturer: syz [ 855.749303][ T5853] usb 3-1: SerialNumber: syz [ 855.814231][ T5853] usb 3-1: config 0 descriptor?? [ 855.832570][T15375] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 855.885442][ T5853] hub 3-1:0.0: bad descriptor, ignoring hub [ 855.892650][ T5853] hub 3-1:0.0: probe with driver hub failed with error -5 [ 855.908647][ T5853] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input27 [ 856.222821][ T5845] usb 3-1: USB disconnect, device number 12 [ 856.223010][ C0] usbtouchscreen 3-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 856.573749][T15397] loop4: detected capacity change from 0 to 256 [ 856.708387][T15397] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x16b5df41, utbl_chksum : 0xe619d30d) [ 857.702808][ T5845] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 857.899030][ T5845] usb 5-1: Using ep0 maxpacket: 16 [ 857.932850][ T5845] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 857.942557][ T5845] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 857.950864][ T5845] usb 5-1: Product: syz [ 857.955450][ T5845] usb 5-1: Manufacturer: syz [ 857.960342][ T5845] usb 5-1: SerialNumber: syz [ 858.020944][ T5845] r8152-cfgselector 5-1: Unknown version 0x0000 [ 858.028825][ T5845] r8152-cfgselector 5-1: config 0 descriptor?? [ 858.051434][T13423] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 858.218614][T15423] tmpfs: Bad value for 'mpol' [ 858.249602][T13423] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 858.261770][T13423] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 858.272347][T13423] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 858.288973][T13423] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 858.349618][T15419] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 858.375397][T13423] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 858.488504][ T5853] r8152-cfgselector 5-1: USB disconnect, device number 16 [ 858.744742][T13423] usb 3-1: USB disconnect, device number 13 [ 858.900748][ T5952] udevd[5952]: setting owner of /dev/snd/midiC3D0 to uid=0, gid=29 failed: No such file or directory [ 858.964924][T15433] loop3: detected capacity change from 0 to 64 [ 859.063272][T15433] Trying to free block not in datazone [ 859.069125][T15433] Trying to free block not in datazone [ 859.084097][T15433] Trying to free block not in datazone [ 859.161450][ T7644] udevd[7644]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 860.137521][T15452] tc_dump_action: action bad kind [ 860.586702][T15458] binder: 15457:15458 ioctl 400c620e 0 returned -14 [ 860.632600][T15460] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4559'. [ 860.642688][T15460] netlink: 43 bytes leftover after parsing attributes in process `syz.3.4559'. [ 860.652072][T15460] netlink: 'syz.3.4559': attribute type 5 has an invalid length. [ 860.660009][T15460] netlink: 43 bytes leftover after parsing attributes in process `syz.3.4559'. [ 861.817206][T15480] vxcan2: entered promiscuous mode [ 861.822573][T15480] vxcan2: entered allmulticast mode [ 863.084209][T15502] RDS: rds_bind could not find a transport for ::ffff:172.30.1.2, load rds_tcp or rds_rdma? [ 864.188331][ T29] audit: type=1326 audit(1737609493.083:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15517 comm="syz.2.4588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2ed8cd29 code=0x7ffc0000 [ 864.211603][ T29] audit: type=1326 audit(1737609493.083:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15517 comm="syz.2.4588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2ed8cd29 code=0x7ffc0000 [ 865.065317][ T5845] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 865.144017][T15530] loop4: detected capacity change from 0 to 4096 [ 865.163152][T15530] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 865.223513][ T5845] usb 3-1: Using ep0 maxpacket: 32 [ 865.245581][ T5845] usb 3-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 865.255693][ T5845] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 865.335383][ T5845] usb 3-1: config 0 descriptor?? [ 865.381617][ T5845] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 865.662559][T15530] ntfs3(loop4): ino=5, "/" attr_set_size [ 865.668663][T15530] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 865.789956][ T5845] gspca_vc032x: reg_w err -71 [ 865.795524][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.801263][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.806747][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.823923][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.829433][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.838074][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.843652][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.849107][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.854858][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.860426][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.865887][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.871529][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.877001][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.882647][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.888207][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.893887][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.899450][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.905094][ T5845] gspca_vc032x: I2c Bus Busy Wait 00 [ 865.905163][ T5845] gspca_vc032x: Unknown sensor... [ 865.905471][ T5845] vc032x 3-1:0.0: probe with driver vc032x failed with error -22 [ 866.073670][ T5845] usb 3-1: USB disconnect, device number 14 [ 866.375736][T15554] netlink: 76 bytes leftover after parsing attributes in process `syz.0.4603'. [ 866.504676][T15555] loop3: detected capacity change from 0 to 256 [ 866.611334][T15555] exfat: Deprecated parameter 'namecase' [ 866.712970][T15555] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d) [ 866.944820][ T5845] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 867.164767][ T5845] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 867.175339][ T5845] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 867.184673][ T5845] usb 5-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 867.194291][ T5845] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 867.322322][ T5845] usb 5-1: config 0 descriptor?? [ 867.703859][T15573] tmpfs: Bad value for 'mpol' [ 867.774563][ T5845] Bluetooth: Can't get version to change to load ram patch err [ 867.782509][ T5845] Bluetooth: Loading patch file failed [ 867.788199][ T5845] ath3k 5-1:0.0: probe with driver ath3k failed with error -71 [ 867.839157][ T5845] usb 5-1: USB disconnect, device number 17 [ 868.249368][T15580] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4617'. [ 868.267297][T15580] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4617'. [ 869.962371][ T29] audit: type=1326 audit(1737609498.880:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15608 comm="syz.0.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 869.985319][ T29] audit: type=1326 audit(1737609498.880:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15608 comm="syz.0.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 870.210871][ T29] audit: type=1326 audit(1737609498.981:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15608 comm="syz.0.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7efde718ec47 code=0x7ffc0000 [ 870.233824][ T29] audit: type=1326 audit(1737609498.981:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15608 comm="syz.0.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7efde718ebbc code=0x7ffc0000 [ 870.256734][ T29] audit: type=1326 audit(1737609499.021:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15608 comm="syz.0.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7efde718eaf4 code=0x7ffc0000 [ 870.279482][ T29] audit: type=1326 audit(1737609499.021:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15608 comm="syz.0.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7efde718eaf4 code=0x7ffc0000 [ 870.309365][ T29] audit: type=1326 audit(1737609499.021:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15608 comm="syz.0.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7efde718b98a code=0x7ffc0000 [ 870.334334][ T29] audit: type=1326 audit(1737609499.021:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15608 comm="syz.0.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 870.357791][ T29] audit: type=1326 audit(1737609499.021:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15608 comm="syz.0.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efde718cd29 code=0x7ffc0000 [ 870.711763][T15623] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4638'. [ 870.752436][ T29] audit: type=1326 audit(1737609499.683:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15625 comm="syz.2.4639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2ed8cd29 code=0x7ffc0000 [ 871.265869][T15634] loop3: detected capacity change from 0 to 256 [ 871.308111][T15634] exfat: Deprecated parameter 'utf8' [ 871.450920][T15634] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 873.197041][T15664] loop2: detected capacity change from 0 to 64 [ 875.954095][T15699] loop3: detected capacity change from 0 to 4096 [ 876.013137][T15699] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 876.189074][T15699] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 878.926666][T15755] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 879.475383][T15768] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 880.725477][T15788] loop3: detected capacity change from 0 to 64 [ 880.798356][T15788] hfs: request for non-existent node 16777216 in B*Tree [ 880.806348][T15788] hfs: request for non-existent node 16777216 in B*Tree [ 880.814125][T15788] hfs: request for non-existent node 16777216 in B*Tree [ 880.821261][T15788] hfs: request for non-existent node 16777216 in B*Tree [ 881.976650][ T5853] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 882.191735][ T5853] usb 3-1: Using ep0 maxpacket: 16 [ 882.237993][ T5853] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 882.249196][ T5853] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87 [ 882.261161][ T5853] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 152, changing to 11 [ 882.272912][ T5853] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 8285, setting to 1024 [ 882.284911][ T5853] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 882.317202][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 882.317272][ T29] audit: type=1326 audit(1737609511.283:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15809 comm="syz.4.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 882.366811][ T5845] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 882.416593][ T5853] usb 3-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 882.426483][ T5853] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 882.434975][ T5853] usb 3-1: Product: syz [ 882.439586][ T5853] usb 3-1: Manufacturer: syz [ 882.444392][ T5853] usb 3-1: SerialNumber: syz [ 882.472919][ T29] audit: type=1326 audit(1737609511.363:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15809 comm="syz.4.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 882.496288][ T29] audit: type=1326 audit(1737609511.363:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15809 comm="syz.4.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 882.511834][ T5853] usb 3-1: config 0 descriptor?? [ 882.519462][ T29] audit: type=1326 audit(1737609511.363:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15809 comm="syz.4.4731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13a158cd29 code=0x7ffc0000 [ 882.668924][ T5845] usb 4-1: Using ep0 maxpacket: 32 [ 882.749071][ T5845] usb 4-1: New USB device found, idVendor=046d, idProduct=08b7, bcdDevice=99.db [ 882.766510][ T5845] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 882.803086][ T5853] appledisplay: Apple Cinema Display connected [ 882.908313][ T5845] usb 4-1: config 0 descriptor?? [ 883.016505][ T5845] pwc: Logitech ViewPort AV 100 webcam detected. [ 883.086853][ C0] usb 3-1: appledisplay_complete - usb_submit_urb failed with result -19 [ 883.095787][ T5853] usb 3-1: USB disconnect, device number 15 [ 883.105559][ T5853] appledisplay: Apple Cinema Display disconnected [ 883.383277][ T5845] pwc: send_video_command error -71 [ 883.390809][ T5845] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 883.399131][ T5845] Philips webcam 4-1:0.0: probe with driver Philips webcam failed with error -71 [ 883.438868][ T5845] usb 4-1: USB disconnect, device number 17 [ 884.870684][T15844] raw_sendmsg: syz.1.4748 forgot to set AF_INET. Fix it! [ 885.190801][T15848] netlink: 'syz.2.4750': attribute type 1 has an invalid length. [ 885.199420][T15848] netlink: 'syz.2.4750': attribute type 3 has an invalid length. [ 885.207744][T15848] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4750'. [ 885.217153][T15848] NCSI netlink: No device for ifindex 0 [ 885.832703][T15860] ipt_REJECT: ECHOREPLY no longer supported. [ 886.823509][T15878] netlink: 'syz.2.4765': attribute type 10 has an invalid length. [ 887.427102][T15891] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4771'. [ 887.437973][T15891] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4771'. [ 888.262444][T15906] netlink: zone id is out of range [ 888.773223][T15915] netlink: 76 bytes leftover after parsing attributes in process `syz.0.4784'. [ 889.400249][T15926] tmpfs: Bad value for 'mpol' [ 891.014922][T15948] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4800'. [ 891.101912][T15949] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4799'. [ 892.903908][T15983] loop4: detected capacity change from 0 to 64 [ 893.315954][T15987] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4820'. [ 894.465365][T16008] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4830'. [ 894.715209][ T5845] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 894.954054][ T5845] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 894.963413][ T5845] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 894.999310][T16018] libceph: resolve 'cA' (ret=-3): failed [ 895.005813][ T5845] usb 4-1: config 0 descriptor?? [ 895.157970][T16021] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4836'. [ 895.456795][ T5845] ath6kl: Failed to submit usb control message: -71 [ 895.464721][ T5845] ath6kl: unable to send the bmi data to the device: -71 [ 895.472099][ T5845] ath6kl: Unable to send get target info: -71 [ 895.494715][ T5845] ath6kl: Failed to init ath6kl core: -71 [ 895.506123][ T5845] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 895.629726][ T29] audit: type=1326 audit(1737609524.569:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16026 comm="syz.2.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2ed8cd29 code=0x7ffc0000 [ 895.659897][ T29] audit: type=1326 audit(1737609524.569:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16026 comm="syz.2.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2ed8cd29 code=0x7ffc0000 [ 895.686290][ T29] audit: type=1326 audit(1737609524.579:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16026 comm="syz.2.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=123 compat=0 ip=0x7f2a2ed8cd29 code=0x7ffc0000 [ 895.709294][ T29] audit: type=1326 audit(1737609524.579:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16026 comm="syz.2.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2ed8cd29 code=0x7ffc0000 [ 895.770253][ T5845] usb 4-1: USB disconnect, device number 18 [ 896.103290][T16033] netlink: 'syz.2.4842': attribute type 6 has an invalid length. [ 896.209826][T16035] AppArmor: change_hat: Invalid input '0' [ 896.747553][T16045] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4848'. [ 898.772381][T16083] tmpfs: Bad value for 'mpol' [ 899.803572][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 899.810386][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 900.009892][T16104] ===================================================== [ 900.017516][T16104] BUG: KMSAN: uninit-value in nsim_get_ringparam+0xa8/0xe0 [ 900.025848][T16104] nsim_get_ringparam+0xa8/0xe0 [ 900.031034][T16104] ethtool_set_ringparam+0x268/0x570 [ 900.036520][T16104] dev_ethtool+0x126d/0x2a40 [ 900.041482][T16104] dev_ioctl+0xb0e/0x1280 [ 900.045980][T16104] sock_do_ioctl+0x28c/0x540 [ 900.050974][T16104] sock_ioctl+0x721/0xd70 [ 900.061215][T16104] __se_sys_ioctl+0x246/0x440 [ 900.066652][T16104] __x64_sys_ioctl+0x96/0xe0 [ 900.071926][T16104] x64_sys_call+0x19f0/0x3c30 [ 900.076836][T16104] do_syscall_64+0xcd/0x1e0 [ 900.081708][T16104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 900.087841][T16104] [ 900.090274][T16104] Local variable kernel_ringparam created at: [ 900.096616][T16104] ethtool_set_ringparam+0x96/0x570 [ 900.102339][T16104] dev_ethtool+0x126d/0x2a40 [ 900.107152][T16104] [ 900.109602][T16104] CPU: 0 UID: 0 PID: 16104 Comm: syz.4.4877 Not tainted 6.13.0-syzkaller-04788-g7004a2e46d16 #0 [ 900.121777][T16104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 900.132376][T16104] ===================================================== [ 900.139452][T16104] Disabling lock debugging due to kernel taint [ 900.145966][T16104] Kernel panic - not syncing: kmsan.panic set ... [ 900.152542][T16104] CPU: 0 UID: 0 PID: 16104 Comm: syz.4.4877 Tainted: G B 6.13.0-syzkaller-04788-g7004a2e46d16 #0 [ 900.164664][T16104] Tainted: [B]=BAD_PAGE [ 900.168923][T16104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 900.179131][T16104] Call Trace: [ 900.182520][T16104] [ 900.185553][T16104] dump_stack_lvl+0x216/0x2d0 [ 900.190434][T16104] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 900.196434][T16104] dump_stack+0x1e/0x24 [ 900.200780][T16104] panic+0x4e2/0xcf0 [ 900.204864][T16104] ? kmsan_get_metadata+0xf1/0x1c0 [ 900.210165][T16104] kmsan_report+0x2c7/0x2d0 [ 900.214843][T16104] ? __msan_warning+0x95/0x120 [ 900.219762][T16104] ? nsim_get_ringparam+0xa8/0xe0 [ 900.224947][T16104] ? ethtool_set_ringparam+0x268/0x570 [ 900.230587][T16104] ? dev_ethtool+0x126d/0x2a40 [ 900.235601][T16104] ? dev_ioctl+0xb0e/0x1280 [ 900.240305][T16104] ? sock_do_ioctl+0x28c/0x540 [ 900.245291][T16104] ? sock_ioctl+0x721/0xd70 [ 900.249998][T16104] ? __se_sys_ioctl+0x246/0x440 [ 900.255089][T16104] ? __x64_sys_ioctl+0x96/0xe0 [ 900.260063][T16104] ? x64_sys_call+0x19f0/0x3c30 [ 900.265141][T16104] ? do_syscall_64+0xcd/0x1e0 [ 900.269990][T16104] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 900.276297][T16104] ? kmsan_internal_poison_memory+0x7d/0x90 [ 900.282416][T16104] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 900.288408][T16104] ? kmsan_internal_poison_memory+0x49/0x90 [ 900.294542][T16104] ? kmsan_slab_free+0xd0/0x140 [ 900.299606][T16104] ? kfree+0x240/0xdb0 [ 900.303991][T16104] ? tomoyo_path_number_perm+0x778/0x8f0 [ 900.309865][T16104] ? tomoyo_file_ioctl+0x3f/0x50 [ 900.315012][T16104] ? security_file_ioctl+0x145/0x590 [ 900.320511][T16104] ? __se_sys_ioctl+0xd0/0x440 [ 900.325484][T16104] ? __x64_sys_ioctl+0x96/0xe0 [ 900.330537][T16104] ? kmsan_get_metadata+0x13e/0x1c0 [ 900.335910][T16104] ? kmsan_get_metadata+0x13e/0x1c0 [ 900.341285][T16104] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 900.347316][T16104] ? kmsan_get_metadata+0x13e/0x1c0 [ 900.352736][T16104] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 900.359237][T16104] ? kmsan_get_metadata+0x13e/0x1c0 [ 900.364631][T16104] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 900.370634][T16104] __msan_warning+0x95/0x120 [ 900.375382][T16104] nsim_get_ringparam+0xa8/0xe0 [ 900.380391][T16104] ? __pfx_nsim_set_ringparam+0x10/0x10 [ 900.386187][T16104] ? __pfx_nsim_get_ringparam+0x10/0x10 [ 900.391904][T16104] ethtool_set_ringparam+0x268/0x570 [ 900.397390][T16104] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 900.403426][T16104] dev_ethtool+0x126d/0x2a40 [ 900.408393][T16104] dev_ioctl+0xb0e/0x1280 [ 900.412952][T16104] sock_do_ioctl+0x28c/0x540 [ 900.417813][T16104] sock_ioctl+0x721/0xd70 [ 900.422546][T16104] ? __pfx_sock_ioctl+0x10/0x10 [ 900.427601][T16104] __se_sys_ioctl+0x246/0x440 [ 900.432524][T16104] __x64_sys_ioctl+0x96/0xe0 [ 900.437430][T16104] x64_sys_call+0x19f0/0x3c30 [ 900.442326][T16104] do_syscall_64+0xcd/0x1e0 [ 900.446993][T16104] ? clear_bhb_loop+0x25/0x80 [ 900.451847][T16104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 900.457998][T16104] RIP: 0033:0x7f13a158cd29 [ 900.462585][T16104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 900.482396][T16104] RSP: 002b:00007f13a13f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 900.491089][T16104] RAX: ffffffffffffffda RBX: 00007f13a17a5fa0 RCX: 00007f13a158cd29 [ 900.499295][T16104] RDX: 0000000020000040 RSI: 0000000000008946 RDI: 0000000000000003 [ 900.507494][T16104] RBP: 00007f13a160e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 900.515703][T16104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 900.523983][T16104] R13: 0000000000000000 R14: 00007f13a17a5fa0 R15: 00007ffc0e4c3928 [ 900.532131][T16104] [ 900.535569][T16104] Kernel Offset: disabled [ 900.540030][T16104] Rebooting in 86400 seconds..