last executing test programs: 1.206316079s ago: executing program 2 (id=6951): r0 = syz_open_dev$sndctrl(&(0x7f0000000240), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc2c45513, &(0x7f0000000280)={{0xb, 0x0, 0x3, 0x0, 'syz1\x00', 0x4}, 0x0, [0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1, 0x0, 0x7, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x6, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x40000, 0x0, 0x4, 0x0, 0xfbcc, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x4, 0x0, 0x9, 0x0, 0x2, 0x0, 0x200000]}) 1.206083622s ago: executing program 2 (id=6953): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000300)={0x20, 0x2e, 0x1, 0xf0bd26, 0x25dfdbfc, {0x4}, [@typed={0xc, 0xc, 0x0, 0x0, @u64=0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) 1.122356775s ago: executing program 2 (id=6959): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008f000000000000000b00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000700008500000086000000bf090000000000005509010000000000950000000000000007000000000000004500f4fffcffffff18000000060000040000000009000000bf91200000000000b702000003000000850000002a000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x2}, 0x94) 197.259998ms ago: executing program 1 (id=7031): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]}) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ff5000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0x0, r0}, 0x68) 197.110276ms ago: executing program 0 (id=7032): r0 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000b40)={'veth0\x00', &(0x7f0000000b00)=@ethtool_cmd={0x7, 0x9, 0x9, 0xd, 0x4, 0x81, 0x5, 0x48, 0x1, 0xfb, 0x2000000, 0x5, 0x2, 0x4, 0xe, 0x8, [0x8000, 0x1]}}) 147.45091ms ago: executing program 1 (id=7034): r0 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x102) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000100)) 147.225247ms ago: executing program 3 (id=7035): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x3, &(0x7f0000000080), 0x4) 147.077313ms ago: executing program 0 (id=7036): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0xf, 0x2c, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 125.991011ms ago: executing program 2 (id=7037): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x310, 0x13c, 0x111, 0x4b4, 0x13c, 0x700, 0x248, 0x278, 0x278, 0x248, 0x278, 0x3, 0x0, {[{{@ipv6={@mcast2, @empty, [], [0x0, 0xff], 'vlan0\x00', 'vlan1\x00', {}, {}, 0x88}, 0x0, 0x118, 0x13c, 0x0, {}, [@common=@inet=@multiport={{0x50}}, @common=@unspec=@connlabel={{0x24}, {0x5, 0x1}}]}, @common=@inet=@TCPMSS={0x24, 'TCPMSS\x00', 0x0, {0x9}}}, {{@uncond, 0x0, 0xdc, 0x10c, 0x0, {}, [@common=@unspec=@statistic={{0x38}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x0, 0x1, 0x4}, {0x4, 0x1, 0x4}, 0x3, 0x5}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x36c) 125.805791ms ago: executing program 0 (id=7038): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1f, 0xc, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, [@printk={@d, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000440)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x11}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 125.700951ms ago: executing program 1 (id=7039): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newnexthop={0x18, 0x68, 0x1, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x1, 0x0, 0x3}}, 0x18}, 0x1, 0x0, 0x0, 0x4044}, 0x20010010) 125.522664ms ago: executing program 3 (id=7040): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x118, 0x2f, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x107, 0xf2, 0x0, 0x1, [@typed={0xc, 0x2, 0x0, 0x0, @u64=0xfac0a}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@mcast2}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43f9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f17", @typed={0x4, 0xe9}]}]}, 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0) 90.75262ms ago: executing program 1 (id=7041): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e20, 0xf, @local, 0x74}}, 0x1, 0x5d}, 0x90) 89.607371ms ago: executing program 2 (id=7042): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) getsockopt$netrom_NETROM_T4(r0, 0x103, 0x4, 0x0, &(0x7f00000000c0)=0x34) 89.346809ms ago: executing program 0 (id=7043): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000009, 0x13, r0, 0x0) 86.898529ms ago: executing program 3 (id=7044): prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5bbf91a1e7f99074, &(0x7f0000000000)) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0) 54.624936ms ago: executing program 1 (id=7045): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001b80)={0x30, 0x40, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0xc, 0x2, 0x0, 0x1, [@nested={0x8, 0x14, 0x0, 0x1, [@typed={0x4, 0xf, 0x0, 0x0, @binary}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000) 54.377107ms ago: executing program 2 (id=7046): r0 = openat$cdrom(0xffffff9c, &(0x7f00000020c0), 0x48400, 0x0) ioctl$CDROMPLAYTRKIND(r0, 0x5304, &(0x7f0000002300)={0x1, 0x7d, 0x22}) 53.743003ms ago: executing program 3 (id=7047): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x6c, 0x2, 0x6, 0x1, 0x6000000, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x20}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x6c}}, 0x0) 50.426236ms ago: executing program 0 (id=7048): r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOCTL_STOP_ACCEL_DEV(r0, 0x40096101, &(0x7f0000000800)={{}, 0xfd}) 1.384914ms ago: executing program 1 (id=7049): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x6, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xf, 0x0, &(0x7f0000000000)="1ffdfaae35289d4f333173846fe86c", 0x0, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50) 1.157527ms ago: executing program 3 (id=7050): r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) lseek(r0, 0x7, 0x4) 277.304µs ago: executing program 0 (id=7051): r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000001600), 0x1, 0x0) write$binfmt_misc(r0, &(0x7f0000000000)="452a581d69e81938ae8295dd0c0ca0", 0xf) 0s ago: executing program 3 (id=7052): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c00000045000900000000000200000002000000080002"], 0x1c}}, 0x0) kernel console output (not intermixed with test programs): active [ 58.292426][ T6084] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.294686][ T6084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 58.302750][ T6084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.340415][ T6076] hsr_slave_0: entered promiscuous mode [ 58.344214][ T6076] hsr_slave_1: entered promiscuous mode [ 58.369163][ T6084] hsr_slave_0: entered promiscuous mode [ 58.371432][ T6084] hsr_slave_1: entered promiscuous mode [ 58.373630][ T6084] debugfs: 'hsr0' already exists in 'hsr' [ 58.375518][ T6084] Cannot create hsr debugfs directory [ 58.388635][ T6080] hsr_slave_0: entered promiscuous mode [ 58.391243][ T6080] hsr_slave_1: entered promiscuous mode [ 58.393982][ T6080] debugfs: 'hsr0' already exists in 'hsr' [ 58.396177][ T6080] Cannot create hsr debugfs directory [ 58.406258][ T6073] hsr_slave_0: entered promiscuous mode [ 58.409211][ T6073] hsr_slave_1: entered promiscuous mode [ 58.412021][ T6073] debugfs: 'hsr0' already exists in 'hsr' [ 58.413920][ T6073] Cannot create hsr debugfs directory [ 58.762059][ T6076] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 58.773490][ T6076] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 58.780379][ T6076] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 58.793977][ T6076] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 58.822420][ T6084] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 58.827755][ T6084] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 58.832277][ T6084] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 58.837641][ T6084] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 58.905318][ T6073] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 58.915748][ T6073] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 58.922934][ T6073] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 58.931671][ T6073] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 58.992209][ T6080] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 58.998880][ T6080] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 59.006944][ T6080] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 59.017763][ T6080] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 59.036187][ T6076] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.073092][ T6076] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.086430][ T40] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.089249][ T40] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.099949][ T6084] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.103991][ T1224] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.106651][ T1224] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.135809][ T6084] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.149789][ T1224] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.152198][ T1224] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.154249][ T6081] Bluetooth: hci0: command tx timeout [ 59.154815][ T6077] Bluetooth: hci2: command tx timeout [ 59.165048][ T6077] Bluetooth: hci1: command tx timeout [ 59.166088][ T1224] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.169342][ T1224] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.211896][ T6073] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.225180][ T6080] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.255924][ T6080] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.263363][ T6073] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.282588][ T1224] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.285710][ T1224] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.295899][ T1224] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.298926][ T1224] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.315175][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.315770][ T6077] Bluetooth: hci3: command tx timeout [ 59.317840][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.330338][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.333531][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.419812][ T6076] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.447968][ T6084] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.475745][ T6076] veth0_vlan: entered promiscuous mode [ 59.497638][ T6076] veth1_vlan: entered promiscuous mode [ 59.510315][ T6084] veth0_vlan: entered promiscuous mode [ 59.527871][ T6076] veth0_macvtap: entered promiscuous mode [ 59.544538][ T6084] veth1_vlan: entered promiscuous mode [ 59.549293][ T6076] veth1_macvtap: entered promiscuous mode [ 59.582192][ T6076] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.587224][ T6076] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.599140][ T6080] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.615246][ T6073] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.618963][ T90] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.622991][ T90] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.631727][ T90] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.636029][ T90] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.644808][ T6084] veth0_macvtap: entered promiscuous mode [ 59.651695][ T6084] veth1_macvtap: entered promiscuous mode [ 59.699089][ T6084] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.738324][ T6084] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.752685][ T6080] veth0_vlan: entered promiscuous mode [ 59.761430][ T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.765167][ T6073] veth0_vlan: entered promiscuous mode [ 59.765406][ T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.767778][ T62] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.779059][ T62] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.781985][ T62] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.790034][ T6080] veth1_vlan: entered promiscuous mode [ 59.793807][ T62] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.808496][ T6073] veth1_vlan: entered promiscuous mode [ 59.816215][ T90] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.818921][ T90] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.854975][ T6080] veth0_macvtap: entered promiscuous mode [ 59.864140][ T6080] veth1_macvtap: entered promiscuous mode [ 59.875503][ T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.887614][ T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.923008][ T6073] veth0_macvtap: entered promiscuous mode [ 59.929595][ T6080] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.935627][ T6073] veth1_macvtap: entered promiscuous mode [ 59.936450][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.940880][ T6080] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.941291][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.967486][ T62] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.970506][ T62] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.978241][ T62] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.981334][ T62] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.998975][ T6073] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.019528][ T6073] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.048174][ T90] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.051608][ T90] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.059670][ T90] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.068007][ T90] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.131131][ T90] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.144450][ T90] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.166844][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.169448][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.170961][ T6174] Mount JFS Failure: -5 [ 60.215160][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.217848][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.234382][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.237407][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.365637][ T6192] FAT-fs (loop0): unable to read boot sector [ 60.368399][ T6077] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260 [ 60.488336][ T41] audit: type=1326 audit(1764679282.285:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6207 comm="syz.3.118" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x0 [ 61.066180][ T41] audit: type=1326 audit(1764679282.865:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz.2.155" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x0 [ 61.146059][ T6292] ======================================================= [ 61.146059][ T6292] WARNING: The mand mount option has been deprecated and [ 61.146059][ T6292] and is ignored by this kernel. Remove the mand [ 61.146059][ T6292] option from the mount to silence this warning. [ 61.146059][ T6292] ======================================================= [ 61.233537][ T6077] Bluetooth: hci1: command tx timeout [ 61.235945][ T6077] Bluetooth: hci0: command tx timeout [ 61.403654][ T6077] Bluetooth: hci3: command tx timeout [ 62.057205][ T6400] FAT-fs (loop1): unable to read boot sector [ 62.256648][ T6421] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 62.433933][ T6110] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 62.605675][ T6110] usb 7-1: Using ep0 maxpacket: 32 [ 62.613562][ T6110] usb 7-1: config 1 interface 0 altsetting 6 bulk endpoint 0x82 has invalid maxpacket 64 [ 62.623376][ T6110] usb 7-1: config 1 interface 0 altsetting 6 endpoint 0x3 has invalid maxpacket 2056, setting to 1024 [ 62.639099][ T6110] usb 7-1: config 1 interface 0 altsetting 6 bulk endpoint 0x3 has invalid maxpacket 1024 [ 62.643734][ T6110] usb 7-1: config 1 interface 0 has no altsetting 0 [ 62.648877][ T6110] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 62.653108][ T6110] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 62.657536][ T6110] usb 7-1: Product: syz [ 62.659435][ T6110] usb 7-1: Manufacturer: syz [ 62.661530][ T6110] usb 7-1: SerialNumber: syz [ 62.675575][ T6415] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 62.678999][ T6415] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 62.849131][ T6463] MTD: Attempt to mount non-MTD device "/dev/sr0" [ 62.901566][ T6110] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -71 [ 62.914128][ T6110] usb 7-1: USB disconnect, device number 2 [ 62.978066][ T6463] /dev/sr0: Can't open blockdev [ 63.152319][ T41] audit: type=1326 audit(1764679284.945:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6492 comm="syz.1.259" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x0 [ 63.313532][ T6077] Bluetooth: hci0: command tx timeout [ 63.313546][ T6081] Bluetooth: hci1: command tx timeout [ 63.473673][ T6081] Bluetooth: hci3: command tx timeout [ 63.859020][ T6578] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0. [ 64.165566][ T6626] vxfs: unable to read disk superblock at 1 [ 64.167945][ T6626] vxfs: unable to read disk superblock at 8 [ 64.170317][ T6626] vxfs: can't find superblock. [ 64.912313][ T41] audit: type=1800 audit(1764679286.705:5): pid=6688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.0.351" name="/newroot/60" dev="tmpfs" ino=313 res=0 errno=0 [ 65.035587][ T6707] MTD: Attempt to mount non-MTD device "/dev/sr0" [ 65.144962][ T6707] /dev/sr0: Can't open blockdev [ 65.195981][ T41] audit: type=1326 audit(1764679286.995:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6724 comm="syz.3.371" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x0 [ 65.393623][ T6081] Bluetooth: hci0: command tx timeout [ 65.404529][ T6081] Bluetooth: hci1: command tx timeout [ 65.407522][ T6750] tmpfs: Bad value for 'mpol' [ 65.554623][ T6081] Bluetooth: hci3: command tx timeout [ 65.609840][ T6772] futex_wake_op: syz.3.391 tries to shift op by -1; fix this program [ 66.346167][ T6850] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 66.777435][ T41] audit: type=1800 audit(1764679288.575:7): pid=6885 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.1.446" name="/newroot/102" dev="tmpfs" ino=523 res=0 errno=0 [ 66.834083][ T6895] PKCS7: Unknown OID: [4] 2.19.50.2018883.1651(bad) [ 66.837139][ T6895] PKCS7: Only support pkcs7_signedData type [ 67.046194][ T6919] tmpfs: Bad value for 'mpol' [ 67.144537][ T6930] gfs2: error -5 reading superblock [ 67.332295][ T6953] erofs (device loop2): cannot find valid erofs superblock [ 67.473950][ T6081] Bluetooth: hci1: command tx timeout [ 67.750029][ T7001] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 67.753031][ T7001] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 67.763068][ T7001] vhci_hcd vhci_hcd.0: Device attached [ 67.768893][ T7005] vhci_hcd: connection closed [ 67.774192][ T1183] vhci_hcd: stop threads [ 67.778925][ T1183] vhci_hcd: release socket [ 67.780964][ T1183] vhci_hcd: disconnect device [ 68.188680][ T7054] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6 [ 68.223276][ T7056] gfs2: error -5 reading superblock [ 68.236719][ T7046] /dev/sr0: Can't open blockdev [ 68.589754][ T7104] capability: warning: `syz.0.551' uses deprecated v2 capabilities in a way that may be insecure [ 69.690938][ T7247] syz.1.627 (7247): attempted to duplicate a private mapping with mremap. This is not supported. [ 69.865925][ T7251] /dev/sr0: Can't open blockdev [ 69.877699][ T7259] ntfs3(sr0): Primary boot signature is not NTFS. [ 69.881018][ T7259] ntfs3(sr0): try to read out of volume at offset 0xf800 [ 69.944000][ T7280] futex_wake_op: syz.2.633 tries to shift op by 144; fix this program [ 70.189804][ T7309] could not allocate digest TFM handle sha1-ssse3 [ 70.574222][ T7378] tmpfs: Bad value for 'mpol' [ 70.638701][ T7388] autofs: Unknown parameter 'no9 PG!8E8- ŖEeլ( Ir\u}ibT0;my[Gc#>QkbY&#w@/VVL~12lhOh'rK1\kU{!eܚ7 [ 70.638701][ T7388] Ue[%#s' [ 71.073590][ T7451] ntfs3(sr0): Primary boot signature is not NTFS. [ 71.085504][ T7451] ntfs3(sr0): try to read out of volume at offset 0xf800 [ 71.278910][ T7472] could not allocate digest TFM handle sha1-ssse3 [ 71.535839][ T7521] tmpfs: Bad value for 'grpquota_block_hardlimit' [ 72.387483][ T6110] usb 8-1: new low-speed USB device number 2 using dummy_hcd [ 72.502682][ T7639] futex_wake_op: syz.0.803 tries to shift op by 32; fix this program [ 72.559223][ T6110] usb 8-1: config 0 has an invalid interface number: 198 but max is 0 [ 72.561929][ T6110] usb 8-1: config 0 has no interface number 0 [ 72.564025][ T6110] usb 8-1: config 0 interface 198 altsetting 8 endpoint 0x4 has invalid maxpacket 64, setting to 8 [ 72.576082][ T6110] usb 8-1: config 0 interface 198 altsetting 8 endpoint 0x86 is Bulk; changing to Interrupt [ 72.580968][ T6110] usb 8-1: config 0 interface 198 has no altsetting 0 [ 72.583948][ T6110] usb 8-1: New USB device found, idVendor=1b3d, idProduct=0138, bcdDevice=74.e6 [ 72.596758][ T6110] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.607200][ T6110] usb 8-1: config 0 descriptor?? [ 72.609484][ T7603] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 72.612301][ T7603] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 72.847192][ T6110] usb 8-1: string descriptor 0 read error: -71 [ 72.851437][ T6110] ftdi_sio 8-1:0.198: FTDI USB Serial Device converter detected [ 72.856262][ T6110] ftdi_sio ttyUSB0: unknown device type: 0x74e6 [ 72.873215][ T6110] usb 8-1: USB disconnect, device number 2 [ 72.883200][ T6110] ftdi_sio 8-1:0.198: device disconnected [ 73.080804][ T7695] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 73.084327][ T7695] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 73.089141][ T7695] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 73.092504][ T7695] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 73.433297][ T7736] mmap: syz.3.851 (7736) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 73.478007][ T6077] Bluetooth: hci2: command 0x0406 tx timeout [ 73.585028][ T7754] 9pnet: Unknown protocol version 9p20\++} [ 73.627947][ T6081] Bluetooth: hci3: unexpected event 0x01 length: 12 > 1 [ 73.766284][ T7782] random: crng reseeded on system resumption [ 73.825698][ T7788] ntfs3(nullb0): Primary boot signature is not NTFS. [ 73.828654][ T7788] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00 [ 74.109277][ T41] audit: type=1326 audit(1764679551.889:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7829 comm="syz.2.897" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x0 [ 74.451353][ T7870] syz.0.918 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 74.985284][ T113] ODEBUG: Out of memory. ODEBUG disabled [ 74.987321][ T6084] ODEBUG: Out of memory. ODEBUG disabled [ 74.991264][ T6080] ODEBUG: Out of memory. ODEBUG disabled [ 75.716372][ T7827] syz.3.894 (7827) used greatest stack depth: 20640 bytes left [ 76.344162][ T8035] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 76.365547][ T1419] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.368480][ T1419] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.569337][ T8062] SQUASHFS error: Failed to read block 0x0: -5 [ 76.571750][ T8062] unable to read squashfs_super_block [ 76.591691][ T8064] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 76.958615][ T8111] Invalid ELF header type: 3 != 1 [ 76.993058][ T8115] hfs: can't find a HFS filesystem on dev loop1 [ 77.485386][ T8199] capability: warning: `syz.1.1080' uses 32-bit capabilities (legacy support in use) [ 77.690353][ T8233] TCP: tcp_parse_options: Illegal window scaling value 253 > 14 received [ 77.784965][ T8247] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 77.790056][ T8247] qnx6: wrong signature (magic) in superblock #1. [ 77.792908][ T8247] qnx6: unable to read the first superblock [ 77.954333][ T41] audit: type=1326 audit(1764679784.744:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8274 comm="syz.1.1118" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x0 [ 77.960523][ T9] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 78.110533][ T9] usb 8-1: Using ep0 maxpacket: 32 [ 78.115178][ T9] usb 8-1: config 1 interface 0 altsetting 6 bulk endpoint 0x82 has invalid maxpacket 64 [ 78.118831][ T9] usb 8-1: config 1 interface 0 altsetting 6 endpoint 0x3 has invalid maxpacket 2056, setting to 1024 [ 78.140343][ T9] usb 8-1: config 1 interface 0 altsetting 6 bulk endpoint 0x3 has invalid maxpacket 1024 [ 78.143717][ T9] usb 8-1: config 1 interface 0 has no altsetting 0 [ 78.148002][ T9] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 78.152543][ T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 78.155770][ T9] usb 8-1: Product: syz [ 78.157845][ T9] usb 8-1: Manufacturer: syz [ 78.159939][ T9] usb 8-1: SerialNumber: syz [ 78.165948][ T8235] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 78.169318][ T8235] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 78.320395][ T54] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 78.389066][ T9] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -71 [ 78.401877][ T9] usb 8-1: USB disconnect, device number 3 [ 78.476597][ T54] usb 7-1: unable to get BOS descriptor or descriptor too short [ 78.481269][ T54] usb 7-1: not running at top speed; connect to a high speed hub [ 78.485954][ T54] usb 7-1: config 13 has an invalid interface number: 90 but max is 0 [ 78.489521][ T54] usb 7-1: config 13 has no interface number 0 [ 78.492874][ T54] usb 7-1: config 13 interface 90 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F [ 78.500198][ T54] usb 7-1: New USB device found, idVendor=0499, idProduct=100d, bcdDevice=81.b7 [ 78.505624][ T54] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 78.509111][ T54] usb 7-1: Product: syz [ 78.511271][ T54] usb 7-1: Manufacturer: syz [ 78.513295][ T54] usb 7-1: SerialNumber: syz [ 78.734107][ T54] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 78.754059][ T54] snd-usb-audio 7-1:13.90: probe with driver snd-usb-audio failed with error -2 [ 78.761742][ T54] usb 7-1: USB disconnect, device number 3 [ 78.767525][ T6036] udevd[6036]: setting owner of /dev/bus/usb/007/003 to uid=0, gid=0 failed: No such file or directory [ 78.778531][ T6036] udevd[6036]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:13.90/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 78.805558][ T8360] ICMPv6: NA: fd:f9:a6:84:a5:1b advertised our address fe80::aa on syz_tun! [ 78.906531][ T8368] hpfs: hpfs_map_sector(): read error [ 78.994711][ T41] audit: type=1326 audit(1764679785.784:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8379 comm="syz.0.1170" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x0 [ 79.185284][ T8402] ptrace attach of "/syz-executor exec"[6084] was attempted by "/syz-executor exec"[8402] [ 79.195362][ T8404] hfsplus: unable to find HFS+ superblock [ 79.342627][ T52] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 79.491440][ T52] usb 6-1: Using ep0 maxpacket: 32 [ 79.495367][ T52] usb 6-1: config 1 interface 0 altsetting 6 bulk endpoint 0x82 has invalid maxpacket 64 [ 79.498692][ T52] usb 6-1: config 1 interface 0 altsetting 6 endpoint 0x3 has invalid maxpacket 2056, setting to 1024 [ 79.503956][ T52] usb 6-1: config 1 interface 0 altsetting 6 bulk endpoint 0x3 has invalid maxpacket 1024 [ 79.507913][ T52] usb 6-1: config 1 interface 0 has no altsetting 0 [ 79.515866][ T52] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 79.519113][ T52] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 79.522278][ T52] usb 6-1: Product: syz [ 79.523723][ T52] usb 6-1: Manufacturer: syz [ 79.526060][ T52] usb 6-1: SerialNumber: syz [ 79.535955][ T8394] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 79.539031][ T8394] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 79.588050][ T6081] Bluetooth: hci2: unexpected event for opcode 0x202d [ 79.593687][ T8454] Can't find a SQUASHFS superblock on nullb0 [ 79.661105][ T6570] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 79.706604][ T8466] hpfs: hpfs_map_sector(): read error [ 79.763950][ T52] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71 [ 79.776818][ T52] usb 6-1: USB disconnect, device number 2 [ 79.812704][ T6570] usb 5-1: unable to get BOS descriptor or descriptor too short [ 79.816583][ T6570] usb 5-1: not running at top speed; connect to a high speed hub [ 79.820998][ T6570] usb 5-1: config 13 has an invalid interface number: 90 but max is 0 [ 79.824730][ T6570] usb 5-1: config 13 has no interface number 0 [ 79.827379][ T6570] usb 5-1: config 13 interface 90 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F [ 79.840107][ T6570] usb 5-1: New USB device found, idVendor=0499, idProduct=100d, bcdDevice=81.b7 [ 79.844273][ T6570] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 79.847256][ T6570] usb 5-1: Product: syz [ 79.848639][ T6570] usb 5-1: Manufacturer: syz [ 79.850829][ T6570] usb 5-1: SerialNumber: syz [ 80.067767][ T6570] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 80.089516][ T6570] snd-usb-audio 5-1:13.90: probe with driver snd-usb-audio failed with error -2 [ 80.094206][ T6570] usb 5-1: USB disconnect, device number 2 [ 80.102651][ T6036] udevd[6036]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:13.90/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 80.265626][ T6081] Bluetooth: Unexpected start frame (len 16) [ 80.356088][ T8534] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 80.358894][ T8534] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 80.364639][ T8534] vhci_hcd vhci_hcd.0: Device attached [ 80.370014][ T8535] vhci_hcd: connection closed [ 80.370675][ T40] vhci_hcd: stop threads [ 80.382781][ T40] vhci_hcd: release socket [ 80.384873][ T40] vhci_hcd: disconnect device [ 80.629270][ T8562] (syz.1.1260,8562,3):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 80.633799][ T8562] (syz.1.1260,8562,3):ocfs2_fill_super:1177 ERROR: status = -22 [ 81.030520][ T52] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 81.200916][ T52] usb 6-1: Using ep0 maxpacket: 16 [ 81.205901][ T52] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 81.208851][ T52] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 81.211530][ T52] usb 6-1: Product: syz [ 81.213164][ T52] usb 6-1: Manufacturer: syz [ 81.214893][ T52] usb 6-1: SerialNumber: syz [ 81.222283][ T52] r8152-cfgselector 6-1: Unknown version 0x0000 [ 81.224586][ T52] r8152-cfgselector 6-1: config 0 descriptor?? [ 81.315060][ T8623] syz.0.1291: page allocation failure: order:0, mode:0x10cc0(GFP_KERNEL|__GFP_NORETRY), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 81.320992][ T8623] CPU: 3 UID: 0 PID: 8623 Comm: syz.0.1291 Not tainted syzkaller #0 PREEMPT(full) [ 81.321015][ T8623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.321025][ T8623] Call Trace: [ 81.321031][ T8623] [ 81.321038][ T8623] dump_stack_lvl+0x16c/0x1f0 [ 81.321062][ T8623] warn_alloc+0x248/0x3a0 [ 81.321089][ T8623] ? __pfx_warn_alloc+0x10/0x10 [ 81.321116][ T8623] ? psi_memstall_leave+0x19f/0x2d0 [ 81.321144][ T8623] ? __pfx___alloc_pages_direct_compact+0x10/0x10 [ 81.321169][ T8623] ? psi_memstall_leave+0x1e1/0x2d0 [ 81.321195][ T8623] ? psi_memstall_leave+0x1e6/0x2d0 [ 81.321223][ T8623] __alloc_frozen_pages_noprof+0xe9b/0x2440 [ 81.321273][ T8623] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 81.321309][ T8623] ? irqentry_exit+0x3b/0x90 [ 81.321328][ T8623] ? lockdep_hardirqs_on+0x7c/0x110 [ 81.321350][ T8623] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 81.321375][ T8623] ? policy_nodemask+0xea/0x4e0 [ 81.321398][ T8623] alloc_pages_mpol+0x1fb/0x550 [ 81.321420][ T8623] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 81.321447][ T8623] alloc_pages_noprof+0x12d/0x180 [ 81.321469][ T8623] kimage_alloc_pages+0x74/0x350 [ 81.321495][ T8623] kimage_alloc_control_pages+0x153/0xa00 [ 81.321524][ T8623] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 81.321555][ T8623] do_kexec_load+0x439/0x860 [ 81.321581][ T8623] ? __pfx_do_kexec_load+0x10/0x10 [ 81.321613][ T8623] __ia32_compat_sys_kexec_load+0x37f/0x400 [ 81.321632][ T8623] ? __pfx___ia32_compat_sys_kexec_load+0x10/0x10 [ 81.321660][ T8623] ? rcu_is_watching+0x12/0xc0 [ 81.321696][ T8623] __do_fast_syscall_32+0x7c/0x370 [ 81.321719][ T8623] do_fast_syscall_32+0x32/0x80 [ 81.321740][ T8623] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 81.321760][ T8623] RIP: 0023:0xf701d579 [ 81.321774][ T8623] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 81.321789][ T8623] RSP: 002b:00000000f540d55c EFLAGS: 00000296 ORIG_RAX: 000000000000011b [ 81.321805][ T8623] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000003 [ 81.321814][ T8623] RDX: 0000000080001080 RSI: 00000000003e0000 RDI: 0000000000000000 [ 81.321824][ T8623] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 81.321833][ T8623] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 81.321843][ T8623] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 81.321864][ T8623] [ 81.321884][ T8623] Mem-Info: [ 81.424713][ T8623] active_anon:386 inactive_anon:5303 isolated_anon:0 [ 81.424713][ T8623] active_file:1312 inactive_file:15259 isolated_file:0 [ 81.424713][ T8623] unevictable:1768 dirty:317 writeback:0 [ 81.424713][ T8623] slab_reclaimable:5968 slab_unreclaimable:50223 [ 81.424713][ T8623] mapped:22162 shmem:2232 pagetables:1116 [ 81.424713][ T8623] sec_pagetables:300 bounce:0 [ 81.424713][ T8623] kernel_misc_reclaimable:0 [ 81.424713][ T8623] free:41973 free_pcp:41 free_cma:0 [ 81.443089][ T8623] Node 0 active_anon:0kB inactive_anon:56kB active_file:0kB inactive_file:204kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:10004kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8912kB pagetables:1272kB sec_pagetables:1128kB all_unreclaimable? yes Balloon:0kB [ 81.455707][ T8623] Node 1 active_anon:1544kB inactive_anon:21156kB active_file:5848kB inactive_file:54432kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:78444kB dirty:1268kB writeback:0kB shmem:5392kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:3876kB pagetables:3192kB sec_pagetables:72kB all_unreclaimable? no Balloon:0kB [ 81.468842][ T8623] Node 0 DMA free:1928kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 81.472973][ T52] r8152-cfgselector 6-1: Unknown version 0x0000 [ 81.482262][ T8623] lowmem_reserve[]: 0 291 291 291 291 [ 81.485101][ T8623] Node 0 DMA32 free:17140kB boost:4096kB min:17544kB low:20904kB high:24264kB reserved_highatomic:2048KB free_highatomic:832KB active_anon:0kB inactive_anon:56kB active_file:0kB inactive_file:204kB unevictable:3536kB writepending:0kB zspages:0kB present:1032196kB managed:298584kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 81.492047][ T52] r8152-cfgselector 6-1: bad CDC descriptors [ 81.499107][ T8623] lowmem_reserve[]: 0 0 0 0 0 [ 81.501589][ T8623] Node 1 DMA32 free:146740kB boost:95828kB min:142972kB low:154756kB high:166540kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1844kB inactive_anon:20956kB active_file:6072kB inactive_file:44532kB unevictable:3536kB writepending:1268kB zspages:2164kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:4052kB local_pcp:0kB free_cma:0kB [ 81.516149][ T8623] lowmem_reserve[]: 0 0 0 0 0 [ 81.516515][ T52] r8152-cfgselector 6-1: USB disconnect, device number 3 [ 81.518199][ T8623] Node 0 DMA: 1*4kB (U) 1*8kB (U) 3*16kB (U) 3*32kB (U) 2*64kB (U) 1*128kB (U) 2*256kB (U) 0*512kB 1*1024kB (U) 0*2048kB 0*4096kB = 1948kB [ 81.526915][ T8623] Node 0 DMA32: 13*4kB (UMEH) 63*8kB (MEH) 31*16kB (UME) 48*32kB (UMEH) 48*64kB (UMEH) 23*128kB (UME) 10*256kB (MEH) 9*512kB (UMH) 1*1024kB (H) 0*2048kB 0*4096kB = 16796kB [ 81.534633][ T8623] Node 1 DMA32: 1421*4kB (UM) 937*8kB (UME) 698*16kB (UME) 591*32kB (UME) 460*64kB (UME) 244*128kB (UME) 94*256kB (UME) 34*512kB (UME) 1*1024kB (M) 0*2048kB 0*4096kB = 146428kB [ 81.542193][ T8623] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 81.546431][ T8623] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 81.549819][ T8623] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 81.553820][ T8623] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 81.557415][ T8623] 15688 total pagecache pages [ 81.559593][ T8623] 893 pages in swap cache [ 81.563919][ T8623] Free swap = 117672kB [ 81.565855][ T8623] Total swap = 124996kB [ 81.567848][ T8623] 524155 pages RAM [ 81.569541][ T8623] 0 pages HighMem/MovableOnly [ 81.571286][ T8623] 208614 pages reserved [ 81.573172][ T8623] 0 pages cma reserved [ 81.797743][ T8623] kexec: Could not allocate control_code_buffer [ 82.101441][ T8654] trusted_key: encrypted_key: master key parameter '' is invalid [ 82.396012][ T8693] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 82.398176][ T8693] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 82.402503][ T8693] vhci_hcd vhci_hcd.0: Device attached [ 82.407370][ T8694] vhci_hcd: connection closed [ 82.408207][ T90] vhci_hcd: stop threads [ 82.413369][ T90] vhci_hcd: release socket [ 82.414880][ T90] vhci_hcd: disconnect device [ 82.529486][ T8713] qnx6: unable to read the first superblock [ 82.532226][ T8713] qnx6: unable to read the first superblock [ 82.534453][ T8713] qnx6: unable to read the first superblock [ 82.656057][ T8732] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 83.190756][ T1026] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 83.341901][ T1026] usb 5-1: config 0 has an invalid interface number: 132 but max is 0 [ 83.345318][ T1026] usb 5-1: config 0 has no interface number 0 [ 83.349813][ T1026] usb 5-1: New USB device found, idVendor=0421, idProduct=0492, bcdDevice=49.fc [ 83.359405][ T1026] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 83.363551][ T1026] usb 5-1: Product: syz [ 83.365257][ T1026] usb 5-1: Manufacturer: syz [ 83.366832][ T1026] usb 5-1: SerialNumber: syz [ 83.375403][ T1026] usb 5-1: config 0 descriptor?? [ 83.384969][ T1026] usb-storage 5-1:0.132: USB Mass Storage device detected [ 83.392324][ T1026] usb-storage 5-1:0.132: Quirks match for vid 0421 pid 0492: 400 [ 83.555259][ T8829] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 83.581761][ T8831] tmpfs: Bad value for 'mpol' [ 83.587544][ T52] usb 5-1: USB disconnect, device number 3 [ 83.621868][ T8839] gfs2: not a GFS2 filesystem [ 84.276604][ T6081] Bluetooth: hci2: unexpected event for opcode 0x0c20 [ 84.314452][ T8951] futex_wake_op: syz.2.1452 tries to shift op by 32; fix this program [ 84.445499][ T8976] dns_resolver: Unsupported server list version (0) [ 85.323592][ T6077] Bluetooth: hci0: unexpected event for opcode 0x0809 [ 85.536165][ T6077] Bluetooth: hci2: unexpected event for opcode 0x1005 [ 85.701573][ T9197] tmpfs: Bad value for 'nr_inodes' [ 85.728848][ T9192] 9pnet: Could not find request transport: xen [ 85.798755][ T54] usb 8-1: new full-speed USB device number 4 using dummy_hcd [ 85.848490][ T41] audit: type=1326 audit(1765204080.656:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.1.1583" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x0 [ 85.955120][ T54] usb 8-1: config 0 has an invalid interface number: 132 but max is 0 [ 85.959548][ T54] usb 8-1: config 0 has no interface number 0 [ 85.975275][ T54] usb 8-1: New USB device found, idVendor=0421, idProduct=0492, bcdDevice=49.fc [ 85.982714][ T54] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 85.986300][ T54] usb 8-1: Product: syz [ 85.988540][ T54] usb 8-1: Manufacturer: syz [ 85.990645][ T54] usb 8-1: SerialNumber: syz [ 86.003032][ T54] usb 8-1: config 0 descriptor?? [ 86.012221][ T54] usb-storage 8-1:0.132: USB Mass Storage device detected [ 86.028807][ T54] usb-storage 8-1:0.132: Quirks match for vid 0421 pid 0492: 400 [ 86.036285][ T6077] Bluetooth: hci1: command tx timeout [ 86.204838][ T9257] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 86.218473][ T54] usb 8-1: USB disconnect, device number 4 [ 86.332375][ T9277] tmpfs: Bad value for 'mpol' [ 86.552286][ T52] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 86.577295][ T9293] futex_wake_op: syz.0.1620 tries to shift op by -1; fix this program [ 86.586351][ T10] cfg80211: failed to load regulatory.db [ 86.712764][ T52] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 86.717562][ T52] usb 7-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 86.738191][ T52] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.751558][ T52] usb 7-1: config 0 descriptor?? [ 86.783655][ T9305] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 86.787106][ T9305] VFS: Can't find a romfs filesystem on dev nullb0. [ 86.787106][ T9305] [ 86.864503][ T9313] exFAT-fs (nbd0): unable to read boot sector [ 86.867785][ T9313] exFAT-fs (nbd0): failed to read boot sector [ 86.870890][ T9313] exFAT-fs (nbd0): failed to recognize exfat type [ 86.965437][ T52] usb 7-1: USB disconnect, device number 4 [ 87.639286][ T6081] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260 [ 87.741022][ T9388] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb [ 87.750136][ T41] audit: type=1326 audit(1765204081.570:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9389 comm="syz.0.1669" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x0 [ 87.812869][ T9395] tmpfs: Bad value for 'mpol' [ 87.918407][ T9406] tmpfs: Bad value for 'mpol' [ 87.946124][ T9286] kexec: Could not allocate control_code_buffer [ 88.063790][ T6081] Bluetooth: hci0: unexpected event for opcode 0x1405 [ 88.456253][ T10] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 88.606666][ T10] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0 [ 88.614461][ T10] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 88.620647][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 88.624356][ T10] usb 7-1: Product: syz [ 88.626805][ T10] usb 7-1: Manufacturer: syz [ 88.628917][ T10] usb 7-1: SerialNumber: syz [ 88.635719][ T9450] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 88.854538][ T10] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22 [ 88.861856][ T10] usb 7-1: USB disconnect, device number 5 [ 89.433541][ T41] audit: type=1326 audit(1765204083.250:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9557 comm="syz.0.1751" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x0 [ 89.599476][ T6081] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 90.500276][ T9623] 9pnet_fd: Insufficient options for proto=fd [ 90.592528][ T9556] kexec: Could not allocate control_code_buffer [ 90.593312][ T9635] IPv6: addrconf: prefix option has invalid lifetime [ 91.153247][ T9729] futex_wake_op: syz.3.1837 tries to shift op by 32; fix this program [ 91.216820][ T9741] binder: Bad value for 'max' [ 91.349241][ T6081] Bluetooth: hci0: unexpected event for opcode 0x0803 [ 91.657221][ T9785] /dev/sr0: Can't open blockdev [ 92.230158][ T9873] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000) [ 92.727375][ T41] audit: type=1326 audit(1765204086.550:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.3.1951" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x0 [ 93.117499][T10019] omfs: Invalid superblock (0) [ 93.421157][ T6081] Bluetooth: hci0: unexpected event for opcode 0x2029 [ 93.436168][T10061] Option 'TXƮ' to dns_resolver key: bad/missing value [ 93.851421][T10125] befs: (nullb0): No write support. Marking filesystem read-only [ 93.857036][T10125] befs: (nullb0): invalid magic header [ 93.875892][T10129] kAFS: unparsable volume name [ 94.168835][T10171] qnx4: unable to read the superblock [ 94.190726][T10175] tmpfs: Bad value for 'mpol' [ 94.314138][T10191] qnx6: unable to set blocksize [ 94.493744][T10202] cgroup: release_agent respecified [ 94.664483][T10219] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0. [ 94.787947][T10238] PKCS7: Unknown OID: [4] 2.19.13055.1334505.0.0.0.0 [ 94.790006][T10238] PKCS7: Only support pkcs7_signedData type [ 94.897337][T10251] syz.1.2094(10251): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 95.047242][T10271] ISOFS: Unable to identify CD-ROM format. [ 95.278151][T10290] /dev/sr0: Can't open blockdev [ 95.283256][T10293] omfs: Invalid superblock (0) [ 95.340165][ T41] audit: type=1326 audit(1765204089.160:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10302 comm="syz.1.2122" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x0 [ 95.403205][ T41] audit: type=1326 audit(1765204089.220:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.2126" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x0 [ 95.617116][ T6081] Bluetooth: hci1: command tx timeout [ 95.648228][T10163] kexec: Could not allocate control_code_buffer [ 95.706975][T10352] Malformed UNC in devname [ 95.706975][T10352] [ 95.709919][T10352] CIFS: VFS: Malformed UNC in devname [ 96.315767][ T6081] Bluetooth: hci2: unexpected event for opcode 0x100c [ 96.789291][T10555] syz.2.2244: attempt to access beyond end of device [ 96.789291][T10555] sr0: rw=6144, sector=128, nr_sectors = 8 limit=128 [ 96.795031][T10555] gfs2: error -5 reading superblock [ 96.853579][ T6081] Bluetooth: hci0: unexpected event for opcode 0x080c [ 97.087145][ T41] audit: type=1326 audit(1765204090.910:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10607 comm="syz.2.2270" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf708d579 code=0x0 [ 97.696670][T10700] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 97.704537][T10700] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512 [ 97.708601][T10700] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 97.711585][T10700] UDF-fs: Scanning with blocksize 512 failed [ 97.714436][T10700] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 97.721075][T10700] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512 [ 97.725002][T10700] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 97.732469][T10700] UDF-fs: Scanning with blocksize 1024 failed [ 97.735526][T10700] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 97.740369][T10700] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512 [ 97.744574][T10700] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 97.749177][T10700] UDF-fs: Scanning with blocksize 2048 failed [ 97.752117][T10700] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 97.756385][T10700] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512 [ 97.760645][T10700] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 97.763799][T10700] UDF-fs: Scanning with blocksize 4096 failed [ 97.766491][T10700] UDF-fs: warning (device loop1): udf_fill_super: No partition found (1) [ 98.321415][T10776] MINIX-fs: unable to read superblock [ 98.572953][T10804] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 98.586320][T10804] CIFS mount error: No usable UNC path provided in device string! [ 98.586320][T10804] [ 98.590719][T10804] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 99.437647][T10899] tmpfs: Bad value for 'usrquota_inode_hardlimit' [ 99.607308][T10924] futex_wake_op: syz.0.2423 tries to shift op by 144; fix this program [ 99.680595][ T6081] Bluetooth: hci0: ACL packet for unknown connection handle 201 [ 99.847114][T10959] affs: No valid root block on device sr0 [ 99.956255][T10979] [syz.0.] <== rxrpc_preparse_xdr_yfs_rxgk() = -EKEYREJECTED [d9c19884!=bc, 2c,d9c19820] [ 100.005686][T10987] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 100.008531][T10987] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 100.011580][T10987] vhci_hcd vhci_hcd.0: Device attached [ 100.016531][T10988] vhci_hcd: connection closed [ 100.016869][ T9719] vhci_hcd: stop threads [ 100.023148][ T9719] vhci_hcd: release socket [ 100.025226][ T9719] vhci_hcd: disconnect device [ 100.169523][T11011] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32 [ 100.269835][ T41] audit: type=1400 audit(1765204093.906:18): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=11022 comm="syz.1.2474" [ 100.440920][T11047] tmpfs: Bad value for 'mpol' [ 101.024534][ T6081] Bluetooth: hci0: unexpected event for opcode 0x200f [ 101.274374][T11153] hpfs: hpfs_map_sector(): read error [ 101.296366][T10211] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 101.460484][T10211] usb 7-1: unable to get BOS descriptor or descriptor too short [ 101.466114][T10211] usb 7-1: config 12 has an invalid interface number: 40 but max is 0 [ 101.469672][T10211] usb 7-1: config 12 has no interface number 0 [ 101.471864][T10211] usb 7-1: config 12 interface 40 altsetting 1 endpoint 0xC has invalid maxpacket 1023, setting to 64 [ 101.476669][T10211] usb 7-1: config 12 interface 40 has no altsetting 0 [ 101.482077][T10211] usb 7-1: New USB device found, idVendor=0bb4, idProduct=0a9b, bcdDevice=bd.2b [ 101.485981][T10211] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 101.490015][T10211] usb 7-1: Product: syz [ 101.492022][T10211] usb 7-1: Manufacturer: syz [ 101.494034][T10211] usb 7-1: SerialNumber: syz [ 101.732344][T10211] usb 7-1: USB disconnect, device number 6 [ 101.802931][T11217] tmpfs: Unknown parameter 'noinode32' [ 101.933611][T11238] IPv6: addrconf: prefix option has invalid lifetime [ 102.343729][ T6081] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 102.504615][T11326] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc. [ 102.705166][ T41] audit: type=1326 audit(1765204096.188:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11357 comm="syz.0.2638" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x0 [ 103.162053][ T6081] Bluetooth: hci0: unexpected event 0x32 length: 29 > 9 [ 103.314144][T11459] tmpfs: Bad value for 'mpol' [ 103.703350][ T6081] Bluetooth: hci3: command 0x0406 tx timeout [ 103.725286][T11508] can: request_module (can-proto-3) failed. [ 103.801099][T11519] tmpfs: Bad value for 'mpol' [ 103.810054][T11522] exFAT-fs (nullb0): invalid boot record signature [ 103.813121][T11522] exFAT-fs (nullb0): failed to read boot sector [ 103.816081][T11522] exFAT-fs (nullb0): failed to recognize exfat type [ 104.275051][T11578] virtio-fs: tag not found [ 104.637542][T11616] hfsplus: unable to find HFS+ superblock [ 105.091675][T11673] random: crng reseeded on system resumption [ 105.147399][T11677] tmpfs: Bad value for 'mpol' [ 105.175502][T11683] NILFS (loop2): device size too small [ 105.237339][T11693] No source specified [ 105.468042][T11718] /dev/sr0: Can't open blockdev [ 105.476393][T11724] EXT4-fs (sr0): VFS: Can't find ext4 filesystem [ 105.580637][T11751] tmpfs: Bad value for 'mpol' [ 105.650340][T11761] tmpfs: Bad value for 'mpol' [ 106.089165][T11837] netlink: zone id is out of range [ 106.143981][T11842] netlink: 'syz.1.2877': attribute type 1 has an invalid length. [ 106.301533][T11859] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2887'. [ 106.335162][T11866] netlink: 'syz.3.2890': attribute type 2 has an invalid length. [ 106.452544][T11885] netlink: 'syz.2.2899': attribute type 16 has an invalid length. [ 106.511028][T11893] xt_CT: You must specify a L4 protocol and not use inversions on it [ 106.595358][ T41] audit: type=1326 audit(1765204099.829:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11902 comm="syz.1.2909" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 106.613138][ T41] audit: type=1326 audit(1765204099.829:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11902 comm="syz.1.2909" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 106.624735][ T41] audit: type=1326 audit(1765204099.829:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11902 comm="syz.1.2909" exe="/syz-executor" sig=0 arch=40000003 syscall=424 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 106.634104][ T41] audit: type=1326 audit(1765204099.829:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11902 comm="syz.1.2909" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 106.642799][ T41] audit: type=1326 audit(1765204099.829:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11902 comm="syz.1.2909" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 106.958452][T11958] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 107.058154][T11973] netlink: 'syz.1.2943': attribute type 1 has an invalid length. [ 107.062668][T11973] netlink: 228 bytes leftover after parsing attributes in process `syz.1.2943'. [ 107.096396][T11978] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.2945'. [ 107.296799][T12014] overlayfs: empty lowerdir [ 107.325141][T12020] Cannot find add_set index 0 as target [ 107.365887][T12025] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2970'. [ 107.489023][T12047] comedi comedi0: Minor 3 could not be opened [ 107.515636][T12054] /dev/nullb0: Can't open blockdev [ 107.545632][T12058] netlink: 'syz.2.2985': attribute type 1 has an invalid length. [ 107.613562][T12071] macvlan0: entered allmulticast mode [ 107.714616][ T41] audit: type=1326 audit(2000000000.505:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.2.3000" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 107.726538][ T41] audit: type=1326 audit(2000000000.505:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.2.3000" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 107.737393][ T41] audit: type=1326 audit(2000000000.505:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.2.3000" exe="/syz-executor" sig=0 arch=40000003 syscall=131 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 107.746885][ T41] audit: type=1326 audit(2000000000.514:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.2.3000" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 107.756098][ T41] audit: type=1326 audit(2000000000.514:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.2.3000" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 107.830465][T12103] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3007'. [ 108.135903][T12151] netlink: 'syz.0.3031': attribute type 2 has an invalid length. [ 108.297682][T12162] macvlan0: entered allmulticast mode [ 108.386433][T12169] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 109.033906][T12213] netlink: 'syz.2.3063': attribute type 1 has an invalid length. [ 109.057940][T12217] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 109.073484][T12219] A link change request failed with some changes committed already. Interface xfrm0 may have been left with an inconsistent configuration, please check. [ 109.118345][T12225] netlink: 228 bytes leftover after parsing attributes in process `syz.2.3069'. [ 109.275186][T12243] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 109.426981][T12268] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3091'. [ 109.456736][T12268] bond1: entered promiscuous mode [ 109.458881][T12272] Cannot find add_set index 0 as target [ 109.459573][T12268] 8021q: adding VLAN 0 to HW filter on device bond1 [ 109.587946][T12288] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 109.648820][T12297] netlink: 'syz.1.3104': attribute type 10 has an invalid length. [ 109.654937][T12297] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 109.657259][T12300] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate. [ 109.658954][T12297] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 109.673381][T12297] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 109.784915][T12313] openvswitch: netlink: IP tunnel dst address not specified [ 109.924117][T12333] IPv6: sit1: Disabled Multicast RS [ 109.992907][T12339] netlink: 240 bytes leftover after parsing attributes in process `syz.1.3125'. [ 109.997978][T12342] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3127'. [ 110.002707][T12342] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3127'. [ 110.055265][T12352] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 110.097954][T12355] NILFS (nbd2): device size too small [ 110.121141][T12358] QAT: failed to copy from user cfg_data. [ 110.204790][T12348] netlink: 'syz.0.3129': attribute type 1 has an invalid length. [ 110.212483][T12348] NCSI netlink: No device for ifindex 0 [ 110.853841][ T34] usb 5-1: new low-speed USB device number 4 using dummy_hcd [ 111.018399][ T34] usb 5-1: config index 0 descriptor too short (expected 1307, got 27) [ 111.024797][ T34] usb 5-1: config 0 has an invalid interface number: 0 but max is -1 [ 111.028324][ T34] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 111.032114][ T34] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 111.037529][ T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 111.046455][ T34] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 111.056221][ T34] usb 5-1: string descriptor 0 read error: -22 [ 111.059045][ T34] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 111.062257][ T34] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 111.076803][ T34] usb 5-1: config 0 descriptor?? [ 111.080477][T12420] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 111.085343][ T34] hub 5-1:0.0: bad descriptor, ignoring hub [ 111.088009][ T34] hub 5-1:0.0: probe with driver hub failed with error -5 [ 111.097185][ T34] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input6 [ 111.103910][T12488] bond1: entered promiscuous mode [ 111.106629][T12488] 8021q: adding VLAN 0 to HW filter on device bond1 [ 111.361477][T12515] bond1: entered promiscuous mode [ 111.364399][T12515] 8021q: adding VLAN 0 to HW filter on device bond1 [ 111.391585][ T24] usb 5-1: USB disconnect, device number 4 [ 111.492131][T12530] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 111.652973][T12547] wireguard0: entered promiscuous mode [ 111.657025][T12547] wireguard0: entered allmulticast mode [ 112.028466][T12569] __nla_validate_parse: 5 callbacks suppressed [ 112.028478][T12569] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3226'. [ 112.037197][T12570] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3225'. [ 112.163516][T12586] xt_CT: No such helper "syz1" [ 112.563688][T12648] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 112.567887][T12644] wireguard0: entered promiscuous mode [ 112.569941][T12650] netlink: 'syz.0.3264': attribute type 2 has an invalid length. [ 112.570325][T12644] wireguard0: entered allmulticast mode [ 112.583786][T12650] : entered promiscuous mode [ 112.676988][T12662] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3270'. [ 112.717620][T12667] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 112.736685][T12670] veth1_macvtap: left promiscuous mode [ 112.848283][T12686] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3282'. [ 112.974759][T12703] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3290'. [ 113.009423][T12703] bond1: entered promiscuous mode [ 113.011721][T12703] 8021q: adding VLAN 0 to HW filter on device bond1 [ 113.055450][T12712] netlink: 168 bytes leftover after parsing attributes in process `syz.0.3294'. [ 113.322712][T12748] openvswitch: netlink: Actions may not be safe on all matching packets [ 113.616738][T12795] process 'syz.0.3330' launched '/dev/fd/3' with NULL argv: empty string added [ 113.930368][T12838] netlink: 'syz.0.3352': attribute type 11 has an invalid length. [ 114.063399][T12851] XFS (nullb0): Invalid superblock magic number [ 114.127583][T12858] XFS (nullb0): Invalid superblock magic number [ 114.423613][T12913] veth1_macvtap: left promiscuous mode [ 114.440286][T12915] nbd: must specify at least one socket [ 114.616625][T12937] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3396'. [ 114.736161][T12956] veth1_macvtap: left promiscuous mode [ 114.951538][T12991] random: crng reseeded on system resumption [ 115.129505][T13018] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22 [ 115.133963][T13018] netdevsim netdevsim3: Direct firmware load for . failed with error -22 [ 115.136811][T13018] netdevsim netdevsim3: Falling back to sysfs fallback for: . [ 115.218804][T13033] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3443'. [ 115.312233][T13038] XFS (nullb0): Invalid superblock magic number [ 115.370471][T13055] veth1_macvtap: left promiscuous mode [ 115.564355][T13077] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3463'. [ 115.594638][T13079] netlink: zone id is out of range [ 115.596975][T13079] netlink: zone id is out of range [ 115.599157][T13079] netlink: zone id is out of range [ 115.601966][T13079] netlink: zone id is out of range [ 115.604358][T13079] netlink: zone id is out of range [ 115.606789][T13079] netlink: zone id is out of range [ 115.609025][T13079] netlink: zone id is out of range [ 115.611868][T13079] netlink: zone id is out of range [ 115.614258][T13079] netlink: zone id is out of range [ 115.616619][T13079] netlink: zone id is out of range [ 116.286505][T13174] ipt_rpfilter: unknown options [ 116.646621][T13218] netlink: 'syz.3.3532': attribute type 21 has an invalid length. [ 116.873248][T13247] netlink: 'syz.2.3545': attribute type 21 has an invalid length. [ 117.001953][T13265] comedi comedi4: bad chanlist[0]=0x00000009 chan=9 range length=2 [ 117.240540][T13293] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3566'. [ 117.471347][ T10] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 117.498696][T13315] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3580'. [ 117.539466][T13318] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 117.646579][ T10] usb 7-1: config index 0 descriptor too short (expected 39, got 27) [ 117.650198][ T10] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 117.663692][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 117.669509][ T10] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 117.674220][ T10] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 117.678824][ T10] usb 7-1: Product: syz [ 117.680993][ T10] usb 7-1: Manufacturer: syz [ 117.683180][ T10] usb 7-1: SerialNumber: syz [ 117.696348][ T10] usb 7-1: config 0 descriptor?? [ 117.701294][ T10] hub 7-1:0.0: bad descriptor, ignoring hub [ 117.704087][ T10] hub 7-1:0.0: probe with driver hub failed with error -5 [ 117.715666][ T10] usb 7-1: selecting invalid altsetting 0 [ 117.856941][T13179] syz.0.3511 (13179) used greatest stack depth: 19928 bytes left [ 118.039688][ T1335] usb 7-1: USB disconnect, device number 7 [ 118.174658][T13375] bond3: Unable to set up delay as MII monitoring is disabled [ 118.180221][T13375] bond3 (unregistering): Released all slaves [ 118.943237][T13450] MTD: Attempt to mount non-MTD device "/dev/sr0" [ 119.044330][T13450] /dev/sr0: Can't open blockdev [ 119.112239][T13468] ip6t_srh: unknown srh match flags 4000 [ 119.271806][T13491] netlink: 'syz.0.3663': attribute type 8 has an invalid length. [ 119.324531][T13493] bond2: Unable to set up delay as MII monitoring is disabled [ 119.332665][T13493] bond2 (unregistering): Released all slaves [ 119.334140][T13498] netlink: 4456 bytes leftover after parsing attributes in process `syz.0.3665'. [ 119.590140][T13532] MTD: Attempt to mount non-MTD device "/dev/sr0" [ 119.721236][T13546] IPv6: sit1: Disabled Multicast RS [ 119.724483][T13546] sit1: entered allmulticast mode [ 119.729632][T13532] /dev/sr0: Can't open blockdev [ 119.914879][T13570] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3700'. [ 119.975773][T13577] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 120.062865][T13587] x_tables: ip6_tables: SNPT target: used from hooks FORWARD, but only usable from INPUT/POSTROUTING [ 120.403118][T13644] netlink: 'syz.3.3736': attribute type 1 has an invalid length. [ 120.606655][ T41] kauditd_printk_skb: 4 callbacks suppressed [ 120.606669][ T41] audit: type=1326 audit(2000000012.562:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13676 comm="syz.0.3753" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 120.620575][ T41] audit: type=1326 audit(2000000012.581:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13676 comm="syz.0.3753" exe="/syz-executor" sig=0 arch=40000003 syscall=165 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 120.635684][ T41] audit: type=1326 audit(2000000012.581:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13676 comm="syz.0.3753" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 120.657404][ T41] audit: type=1326 audit(2000000012.581:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13676 comm="syz.0.3753" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 120.717959][T13691] dvmrp1: entered allmulticast mode [ 121.148957][ T1335] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 121.223420][T13744] can0: slcan on ttyS3. [ 121.300313][T13743] can0 (unregistered): slcan off ttyS3. [ 121.320128][ T1335] usb 7-1: Using ep0 maxpacket: 8 [ 121.325031][ T1335] usb 7-1: config 0 has an invalid interface number: 55 but max is 0 [ 121.328467][ T1335] usb 7-1: config 0 has no interface number 0 [ 121.332304][ T1335] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 121.337050][ T1335] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 121.342427][ T1335] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 121.347170][ T1335] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 121.347209][ T1335] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 121.347228][ T1335] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.348894][T13754] netlink: 360 bytes leftover after parsing attributes in process `syz.1.3790'. [ 121.351291][ T1335] usb 7-1: config 0 descriptor?? [ 121.369514][ T1335] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 121.442820][T13760] netlink: 'syz.3.3793': attribute type 2 has an invalid length. [ 121.582364][ T10] usb 7-1: USB disconnect, device number 8 [ 121.590171][ T10] ldusb 7-1:0.55: LD USB Device #0 now disconnected [ 121.614505][T13774] kAFS: unable to lookup cell '.,' [ 121.649212][T13777] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3801'. [ 121.699234][T13704] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 121.794658][T13793] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 121.808995][T13793] batadv_slave_0: entered promiscuous mode [ 121.824413][T13796] netlink: 'syz.1.3811': attribute type 16 has an invalid length. [ 121.828089][T13796] netlink: 'syz.1.3811': attribute type 3 has an invalid length. [ 121.831477][T13796] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3811'. [ 122.005541][T13821] binder: 13820:13821 ioctl c00c620f 80000080 returned -22 [ 122.051571][T13825] can0: slcan on ttyS3. [ 122.101945][T13824] can0 (unregistered): slcan off ttyS3. [ 122.361551][T13865] cgroup: subsys name conflicts with all [ 122.489693][T13885] xt_cgroup: xt_cgroup: no path or classid specified [ 122.499309][T13886] Illegal XDP return value 1993352384 on prog (id 289) dev N/A, expect packet loss! [ 122.824715][T13931] binfmt_misc: register: failed to install interpreter file ./file0 [ 123.032398][ T6077] Bluetooth: hci0: command 0x0c1a tx timeout [ 123.311491][T14002] netlink: 288 bytes leftover after parsing attributes in process `syz.1.3902'. [ 123.375935][T14010] overlayfs: missing 'lowerdir' [ 123.389218][T14013] nbd: couldn't find device at index -2145452028 [ 123.586578][T14033] random: crng reseeded on system resumption [ 123.664818][T14043] ufs: failed to set blocksize [ 123.798750][T14066] warning: `syz.2.3932' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 123.832705][T14070] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3934'. [ 123.877088][T14077] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3937'. [ 124.084824][T14108] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3951'. [ 124.245278][T14134] net_ratelimit: 4 callbacks suppressed [ 124.245295][T14134] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 124.341992][T14149] netlink: 'syz.0.3961': attribute type 1 has an invalid length. [ 124.650529][T14179] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3974'. [ 125.028418][T14231] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3997'. [ 125.032311][T14231] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3997'. [ 125.036256][T14231] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3997'. [ 125.065426][T14237] netlink: 9 bytes leftover after parsing attributes in process `syz.2.4001'. [ 125.069899][T14237] 0: renamed from hsr_slave_1 (while UP) [ 125.071147][T14240] misc userio: Invalid payload size [ 125.086942][T14237] 0: entered allmulticast mode [ 125.089561][T14237] A link change request failed with some changes committed already. Interface c0 may have been left with an inconsistent configuration, please check. [ 125.285997][T14271] netlink: 'syz.2.4017': attribute type 1 has an invalid length. [ 125.288806][T14271] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4017'. [ 125.556576][T14300] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 125.603448][T14307] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 125.793214][T14331] AppArmor: change_hat: Invalid input '' [ 125.983835][T14360] netlink: 'syz.2.4061': attribute type 13 has an invalid length. [ 126.089393][T14381] netlink: 'syz.0.4069': attribute type 1 has an invalid length. [ 126.607774][T14468] netlink: 'syz.0.4106': attribute type 1 has an invalid length. [ 126.688008][ T41] audit: type=1400 audit(2000000018.259:38): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=14479 comm="syz.3.4112" [ 126.753856][T14494] netlink: 'syz.3.4119': attribute type 1 has an invalid length. [ 126.902243][T14514] usb usb4: usbfs: process 14514 (syz.2.4129) did not claim interface 0 before use [ 127.042475][T14540] binder: binder_mmap: 14538 80a76000-80a7a000 bad vm_flags failed -1 [ 127.086837][T14548] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 127.105001][ T10] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 127.274802][ T10] usb 5-1: Using ep0 maxpacket: 16 [ 127.277361][ T10] usb 5-1: config 0 has an invalid interface number: 132 but max is 0 [ 127.281081][ T10] usb 5-1: config 0 has no interface number 0 [ 127.285568][ T10] usb 5-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 127.289111][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 127.289124][ T10] usb 5-1: Product: syz [ 127.289132][ T10] usb 5-1: Manufacturer: syz [ 127.289139][ T10] usb 5-1: SerialNumber: syz [ 127.299290][ T10] usb 5-1: config 0 descriptor?? [ 127.304895][ T10] hub 5-1:0.132: bad descriptor, ignoring hub [ 127.307026][ T10] hub 5-1:0.132: probe with driver hub failed with error -5 [ 127.311577][ T10] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.132/input/input9 [ 127.499738][T14603] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 127.797168][T14626] netlink: 'syz.3.4184': attribute type 21 has an invalid length. [ 127.800771][T14626] netlink: 'syz.3.4184': attribute type 5 has an invalid length. [ 128.487421][T14645] syz.3.4193 (14645): drop_caches: 2 [ 128.790654][T14672] Cannot find add_set index 2 as target [ 129.014058][T14699] netlink: 'syz.0.4220': attribute type 4 has an invalid length. [ 129.017843][T14699] __nla_validate_parse: 7 callbacks suppressed [ 129.017857][T14699] netlink: 17 bytes leftover after parsing attributes in process `syz.0.4220'. [ 129.079422][T14704] bridge0: port 1(bridge_slave_0) entered disabled state [ 129.084119][T14704] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 129.150214][T14717] netlink: 'syz.2.4229': attribute type 12 has an invalid length. [ 129.214738][T14723] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.4232' sets config #0 [ 129.258848][T14729] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4235'. [ 129.309359][T14735] Cannot find del_set index 65533 as target [ 129.388749][T14747] netlink: 'syz.3.4244': attribute type 1 has an invalid length. [ 129.533552][T14769] workqueue: name exceeds WQ_NAME_LEN. Truncating to: 4π!FVluc'f`ކ;1 [ 129.745829][T14801] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4268'. [ 129.845533][T14821] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4276'. [ 129.909343][T14833] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 130.074151][T14839] syz.0.4284 (14839): drop_caches: 2 [ 130.078397][T14860] QAT: failed to copy from user cfg_data. [ 130.194940][T14882] netlink: 532 bytes leftover after parsing attributes in process `syz.2.4302'. [ 130.246825][T14890] program syz.2.4309 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 130.303436][T14900] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4317'. [ 130.354402][T14909] autofs4:pid:14909:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.768), cmd(0xc0189375) [ 130.358810][T14909] autofs4:pid:14909:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189375) [ 130.591418][T14943] kAFS: unable to lookup cell '(' [ 130.641898][T14952] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4340'. [ 130.646598][T14952] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4340'. [ 130.653917][T14956] dns_resolver: Unsupported content type (5) [ 130.801625][T14974] openvswitch: netlink: Geneve opt len 17 is not a multiple of 4. [ 130.911499][ T41] audit: type=1326 audit(2000000022.206:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14991 comm="syz.1.4360" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 130.922952][ T41] audit: type=1326 audit(2000000022.206:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14991 comm="syz.1.4360" exe="/syz-executor" sig=0 arch=40000003 syscall=352 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 130.935539][ T41] audit: type=1326 audit(2000000022.206:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14991 comm="syz.1.4360" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 130.945001][ T41] audit: type=1326 audit(2000000022.206:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14991 comm="syz.1.4360" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 130.985166][ T6081] Bluetooth: hci3: command 0x0406 tx timeout [ 131.100528][T15021] trusted_key: encrypted_key: master key parameter is missing [ 131.102893][T15019] validate_nla: 8 callbacks suppressed [ 131.102909][T15019] netlink: 'syz.0.4374': attribute type 1 has an invalid length. [ 131.109697][T15019] netlink: 228 bytes leftover after parsing attributes in process `syz.0.4374'. [ 131.161822][T15031] syz.1.4379 (15031): drop_caches: 2 [ 131.516950][T15067] netlink: 'syz.2.4397': attribute type 1 has an invalid length. [ 131.520611][T15067] netlink: 'syz.2.4397': attribute type 3 has an invalid length. [ 131.523241][T15067] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4397'. [ 131.571167][T15074] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 131.980716][ T10] usb 5-1: USB disconnect, device number 5 [ 131.991515][ T6044] udevd[6044]: setting mode of /dev/input/event4 to 020660 failed: No such file or directory [ 131.998954][ T6044] udevd[6044]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory [ 132.538196][T15157] openvswitch: netlink: ERSPAN option length err (len 256, max 255). [ 132.572807][T15162] Mount JFS Failure: -5 [ 132.574252][T15162] jfs_mount failed w/return code = -5 [ 132.675334][T15174] netlink: 'syz.0.4448': attribute type 10 has an invalid length. [ 132.881252][T15202] xt_ecn: cannot match TCP bits for non-tcp packets [ 133.222425][T15251] binder: 15250:15251 ioctl 40046205 0 returned -22 [ 133.273648][ T6077] Bluetooth: hci2: unexpected event for opcode 0x0c0d [ 133.510108][T15302] netdevsim netdevsim1: Firmware load for './file0/../file0/file0' refused, path contains '..' component [ 133.831224][T15353] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode [ 134.075691][T15389] netlink: 'syz.2.4550': attribute type 1 has an invalid length. [ 134.096893][ T41] audit: type=1326 audit(2000000025.180:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15392 comm="syz.1.4553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 134.107685][ T41] audit: type=1326 audit(2000000025.180:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15392 comm="syz.1.4553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 134.127713][ T41] audit: type=1326 audit(2000000025.199:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15392 comm="syz.1.4553" exe="/syz-executor" sig=0 arch=40000003 syscall=324 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 134.135229][ T41] audit: type=1326 audit(2000000025.199:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15392 comm="syz.1.4553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 134.154831][ T41] audit: type=1326 audit(2000000025.199:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15392 comm="syz.1.4553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 134.239295][T15419] Invalid option length (938168) for dns_resolver key [ 134.519694][T15455] ptrace attach of "/syz-executor exec"[6073] was attempted by "/syz-executor exec"[15455] [ 134.528201][T15459] __nla_validate_parse: 5 callbacks suppressed [ 134.528216][T15459] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4583'. [ 134.538322][T15459] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4583'. [ 134.742814][T15484] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode [ 134.806871][T15492] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 134.915466][T15512] netlink: 'syz.3.4611': attribute type 1 has an invalid length. [ 135.178722][T15550] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 135.208565][T15555] nft_compat: unsupported protocol 0 [ 135.255543][T15564] netlink: 'syz.0.4636': attribute type 21 has an invalid length. [ 135.258424][T15564] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4636'. [ 135.279584][T15569] netlink: 'syz.1.4639': attribute type 1 has an invalid length. [ 135.285561][T15569] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4639'. [ 135.401633][T15593] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4651'. [ 135.532222][T15619] rtc_cmos 00:05: Alarms can be up to one day in the future [ 135.562844][T15606] infiniband syz0: set active [ 135.565497][T15606] infiniband syz0: added bond_slave_0 [ 135.599256][T15631] netlink: 'syz.3.4669': attribute type 1 has an invalid length. [ 135.623460][T15606] RDS/IB: syz0: added [ 135.625777][T15606] smc: adding ib device syz0 with port count 1 [ 135.628354][T15606] smc: ib device syz0 port 1 has no pnetid [ 135.797472][T15657] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 135.800121][T15657] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 135.802801][T15657] vhci_hcd vhci_hcd.0: Device attached [ 135.807842][T15658] vhci_hcd: cannot find a urb of seqnum 8 max seqnum 0 [ 135.810424][ T1224] vhci_hcd: stop threads [ 135.812329][ T1224] vhci_hcd: release socket [ 135.814390][ T1224] vhci_hcd: disconnect device [ 136.062373][ T6156] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 136.223869][ T6156] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 136.233395][ T6156] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84 [ 136.239337][ T6156] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 136.243495][ T6156] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 136.254696][ T6156] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 136.261076][ T6156] usb 5-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae [ 136.263974][ T6156] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 136.267056][ T6156] usb 5-1: Product: syz [ 136.268754][ T6156] usb 5-1: Manufacturer: syz [ 136.270553][ T6156] usb 5-1: SerialNumber: syz [ 136.273717][ T6156] usb 5-1: config 0 descriptor?? [ 136.285989][ T6156] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input12 [ 136.352161][T15676] program syz.2.4689 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 136.356706][T15676] ata1.00: invalid service action 2 [ 136.402933][T15681] tmpfs: Bad value for 'mpol' [ 136.557602][T15695] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 136.570089][ T6156] usb 5-1: USB disconnect, device number 6 [ 136.637314][T15701] dlm: plock device version mismatch: kernel (1.2.0), user (458753.0.0) [ 136.934316][T15733] random: crng reseeded on system resumption [ 136.966132][T15737] nftables ruleset with unbound chain [ 137.033126][T15745] openvswitch: netlink: Missing key (keys=40, expected=100) [ 137.082652][T15755] netlink: 'syz.2.4728': attribute type 5 has an invalid length. [ 137.116676][ T41] audit: type=1326 audit(2000000028.005:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15758 comm="syz.1.4730" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 137.142004][ T41] audit: type=1326 audit(2000000028.005:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15758 comm="syz.1.4730" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 137.149117][ T41] audit: type=1326 audit(2000000028.005:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15758 comm="syz.1.4730" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 137.157474][ T41] audit: type=1326 audit(2000000028.005:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15758 comm="syz.1.4730" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 137.167229][ T41] audit: type=1326 audit(2000000028.005:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15758 comm="syz.1.4730" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 137.298006][T15789] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 137.379436][T15799] netlink: 'syz.1.4750': attribute type 9 has an invalid length. [ 137.424363][T15805] usb usb8: usbfs: process 15805 (syz.2.4753) did not claim interface 0 before use [ 137.438930][T15807] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 137.516417][ T24] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 137.698896][ T24] usb 5-1: unable to get BOS descriptor or descriptor too short [ 137.702394][ T24] usb 5-1: config 129 has an invalid interface number: 135 but max is 0 [ 137.705334][ T24] usb 5-1: config 129 has an invalid interface number: 5 but max is 0 [ 137.708057][ T24] usb 5-1: config 129 has 2 interfaces, different from the descriptor's value: 1 [ 137.711788][ T24] usb 5-1: config 129 has no interface number 0 [ 137.714060][T15842] cgroup: Need name or subsystem set [ 137.715937][ T24] usb 5-1: config 129 has no interface number 1 [ 137.718061][ T24] usb 5-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5 [ 137.722917][ T24] usb 5-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30 [ 137.726930][ T24] usb 5-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37 [ 137.732448][ T24] usb 5-1: config 129 interface 135 has no altsetting 0 [ 137.734692][ T24] usb 5-1: config 129 interface 5 has no altsetting 0 [ 137.738950][ T24] usb 5-1: string descriptor 0 read error: -22 [ 137.741587][ T24] usb 5-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00 [ 137.744268][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.753864][ T24] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 137.755976][ T24] usb 5-1: MIDIStreaming interface descriptor not found [ 137.761486][T15848] netlink: 'syz.1.4774': attribute type 13 has an invalid length. [ 137.776261][T15848] gretap0: refused to change device tx_queue_len [ 137.778423][T15848] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 137.929366][T15868] nfs: Unknown parameter 'ntext' [ 137.961992][T15873] overlayfs: conflicting options: userxattr,redirect_dir=on [ 137.975198][ T24] usb 5-1: USB disconnect, device number 7 [ 138.205788][T15899] comedi comedi1: ni_at_a2150: a I/O base address must be specified [ 138.276200][T15908] netlink: 'syz.2.4803': attribute type 3 has an invalid length. [ 138.522731][ T6077] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 138.586392][T15950] netlink: 52 bytes leftover after parsing attributes in process `syz.3.4823'. [ 138.956789][T16010] tc_dump_action: action bad kind [ 139.010247][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 139.013710][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 139.016897][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 139.025023][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 139.030155][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 139.033206][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 139.037958][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 139.041098][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 139.043818][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 139.060493][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 139.068499][ T24] hid-generic 0006:0004:0009.0002: hidraw1: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 139.153264][T16029] fido_id[16029]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 139.282142][T16055] tmpfs: Group quota inode hardlimit too large. [ 139.313243][T16061] openvswitch: netlink: Message has 4 unknown bytes. [ 139.316179][T16061] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 139.389825][T16070] mac80211_hwsim hwsim9 wlan0: entered promiscuous mode [ 139.488648][T16089] ieee802154 phy0 wpan0: encryption failed: -90 [ 139.523191][T16095] AppArmor: change_hat: Invalid input '0x' [ 139.704667][T16125] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4909'. [ 140.229463][T16201] random: crng reseeded on system resumption [ 140.247310][T16201] Unrecognized hibernate image header format! [ 140.251349][T16201] PM: hibernation: Image mismatch: architecture specific data [ 140.377711][T16217] overlayfs: conflicting options: userxattr,metacopy=on [ 140.554603][ T1419] ieee802154 phy0 wpan0: encryption failed: -22 [ 140.557460][ T1419] ieee802154 phy1 wpan1: encryption failed: -22 [ 140.589223][T16241] syz.3.4968 uses obsolete (PF_INET,SOCK_PACKET) [ 140.632648][T16251] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4972'. [ 140.636673][ T41] kauditd_printk_skb: 8 callbacks suppressed [ 140.636686][ T41] audit: type=1326 audit(2000000031.298:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16246 comm="syz.2.4970" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf708d579 code=0x0 [ 140.687254][T16257] netlink: 7064 bytes leftover after parsing attributes in process `syz.3.4975'. [ 140.691677][T16257] openvswitch: netlink: Missing key (keys=40, expected=100) [ 140.817512][T16276] netlink: 160 bytes leftover after parsing attributes in process `syz.1.4983'. [ 140.822806][T16276] netlink: 160 bytes leftover after parsing attributes in process `syz.1.4983'. [ 141.423694][T16351] netlink: 'syz.1.5020': attribute type 7 has an invalid length. [ 141.946993][T16418] bond2: peer notification delay (512) is not a multiple of miimon (5), value rounded to 510 ms [ 141.957280][T16418] bond2 (unregistering): Released all slaves [ 141.976734][T16429] netlink: 'syz.0.5056': attribute type 1 has an invalid length. [ 142.036921][T16436] netlink: 'syz.0.5059': attribute type 3 has an invalid length. [ 142.081217][T16440] ntfs3(nbd0): try to read out of volume at offset 0x0 [ 142.133499][T16449] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5066'. [ 142.275713][T16468] mmap: syz.0.5075 (16468): VmData 37380096 exceed data ulimit 2. Update limits or use boot option ignore_rlimit_data. [ 142.500182][T16497] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5089'. [ 142.542998][T16504] IPv6: NLM_F_CREATE should be specified when creating new route [ 142.639976][T16512] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5096'. [ 142.923097][T16558] ip6t_REJECT: ECHOREPLY is not supported [ 143.018907][T16572] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5126'. [ 143.022921][T16572] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5126'. [ 143.068632][T16580] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5130'. [ 143.608063][T16654] netlink: 'syz.0.5167': attribute type 10 has an invalid length. [ 143.616941][T16654] batman_adv: batadv0: Adding interface: virt_wifi0 [ 143.620344][T16654] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 143.634464][T16654] batman_adv: batadv0: Interface activated: virt_wifi0 [ 143.648693][ T6077] Bluetooth: hci1: unexpected Set CIG Parameters response data [ 143.671577][T16665] Mount JFS Failure: -22 [ 143.673119][T16665] jfs_mount failed w/return code = -22 [ 143.724868][T16670] XFS (nbd2): no-recovery mounts must be read-only. [ 143.902683][T16689] bond2 (unregistering): Released all slaves [ 144.194012][T16720] xt_connbytes: Forcing CT accounting to be enabled [ 144.601797][T16790] netlink: 'syz.0.5230': attribute type 10 has an invalid length. [ 144.607368][T16790] veth0_vlan: entered allmulticast mode [ 144.610156][T16790] bridge0: port 3(veth0_vlan) entered blocking state [ 144.612985][T16790] bridge0: port 3(veth0_vlan) entered disabled state [ 144.625729][T16790] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check. [ 145.230599][T16883] SET target dimension over the limit! [ 145.276425][T16892] random: crng reseeded on system resumption [ 145.289514][T16892] PM: hibernation: Image mismatch: memory size [ 145.499960][T16924] random: crng reseeded on system resumption [ 145.516054][T16926] erofs (device nbd2): cannot find valid erofs superblock [ 145.600134][T16939] netlink: 'syz.2.5302': attribute type 4 has an invalid length. [ 146.100118][T17024] __nla_validate_parse: 7 callbacks suppressed [ 146.100135][T17024] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5348'. [ 146.355463][T17065] netlink: zone id is out of range [ 146.393586][T17065] netlink: set zone limit has 4 unknown bytes [ 146.541886][T17091] Cannot find del_set index 65533 as target [ 146.585877][T17098] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5383'. [ 146.666058][T17110] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5389'. [ 147.073435][T17141] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5404'. [ 147.552799][T17155] autofs4:pid:17155:validate_dev_ioctl: invalid path supplied for cmd(0xc018937d) [ 147.585515][T17159] sp0: Synchronizing with TNC [ 147.971732][T10211] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 147.996963][ T6077] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 148.001216][ T6077] Bluetooth: hci1: Injecting HCI hardware error event [ 148.007810][ T6081] Bluetooth: hci1: hardware error 0x00 [ 148.023079][T17223] ebtables: wrong size: *len 168, entries_size 48, replsz 48 [ 148.146166][T17235] netlink: 'syz.1.5452': attribute type 3 has an invalid length. [ 148.150308][T17235] netlink: 'syz.1.5452': attribute type 1 has an invalid length. [ 148.156202][T10211] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 148.160119][T10211] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 148.162052][T17235] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5452'. [ 148.164258][T10211] usb 7-1: Product: syz [ 148.168803][T10211] usb 7-1: Manufacturer: syz [ 148.170615][T10211] usb 7-1: SerialNumber: syz [ 148.198954][T10211] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 148.209303][T17243] Bluetooth: hci0: Opcode 0x080f failed: -22 [ 148.246151][T10211] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 148.451821][T17273] xt_CONNSECMARK: invalid mode: 5 [ 148.703361][ T6158] usb 7-1: USB disconnect, device number 9 [ 148.733694][T17309] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 148.736637][T17309] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 148.742419][T17309] vhci_hcd vhci_hcd.0: Device attached [ 148.749283][T17310] vhci_hcd: connection closed [ 148.750194][ T1144] vhci_hcd: stop threads [ 148.755155][ T1144] vhci_hcd: release socket [ 148.757118][ T1144] vhci_hcd: disconnect device [ 149.002604][T17341] ata1.00: invalid multi_count 128 ignored [ 149.371214][T17381] Cannot find add_set index 3 as target [ 149.514787][T17401] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 149.583483][T17409] program syz.0.5537 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 149.628882][T10211] usb 7-1: Service connection timeout for: 256 [ 149.631648][T10211] ath9k_htc 7-1:1.0: ath9k_htc: Unable to initialize HTC services [ 149.635857][T10211] ath9k_htc: Failed to initialize the device [ 149.639733][ T6158] usb 7-1: ath9k_htc: USB layer deinitialized [ 149.657490][T17421] IPVS: length: 191 != 8 [ 149.737693][ T6077] Bluetooth: hci2: unexpected event for opcode 0x1405 [ 150.216900][ T6081] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 150.394755][T17519] openvswitch: netlink: Actions may not be safe on all matching packets [ 150.550437][T17539] openvswitch: netlink: Duplicate key (type 21). [ 150.603302][T17549] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5608'. [ 151.044522][T17618] nbd: illegal input index -1495182229 [ 151.130793][T17631] IPv6: Can't replace route, no match found [ 151.131833][T17632] PKCS7: Unknown OID: [4] 0.0 [ 151.136631][T17632] PKCS7: Only support pkcs7_signedData type [ 151.507892][T17693] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0 [ 151.899950][T17742] bridge1: entered promiscuous mode [ 151.992579][T17752] JFS: discard option not supported on device [ 151.995913][T17752] Mount JFS Failure: -22 [ 151.997814][T17752] jfs_mount failed w/return code = -22 [ 152.037587][T17758] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 152.212758][T17783] mac80211_hwsim hwsim8 wlan0: entered promiscuous mode [ 152.588346][T17837] CIFS mount error: No usable UNC path provided in device string! [ 152.588346][T17837] [ 152.594000][T17837] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 152.625440][T17841] --map-set only usable from mangle table [ 153.002887][T17878] netdevsim netdevsim3 : renamed from netdevsim0 (while UP) [ 153.367062][T17924] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 153.681247][T17968] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5808'. [ 153.925914][T17999] bond2 (unregistering): Released all slaves [ 154.244818][T18041] xt_CT: You must specify a L4 protocol and not use inversions on it [ 154.280876][T18049] warn_alloc: 1 callbacks suppressed [ 154.280894][T18049] syz.3.5847: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 154.291472][T18049] CPU: 3 UID: 0 PID: 18049 Comm: syz.3.5847 Not tainted syzkaller #0 PREEMPT(full) [ 154.291498][T18049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 154.291509][T18049] Call Trace: [ 154.291516][T18049] [ 154.291523][T18049] dump_stack_lvl+0x16c/0x1f0 [ 154.291549][T18049] warn_alloc+0x248/0x3a0 [ 154.291580][T18049] ? __pfx_warn_alloc+0x10/0x10 [ 154.291604][T18049] ? lockdep_hardirqs_on+0x7c/0x110 [ 154.291634][T18049] ? kasan_save_stack+0x42/0x60 [ 154.291652][T18049] ? kasan_save_stack+0x33/0x60 [ 154.291669][T18049] ? kasan_save_track+0x14/0x30 [ 154.291686][T18049] ? xskq_create+0x52/0x1d0 [ 154.291699][T18049] ? xsk_setsockopt+0x932/0xc00 [ 154.291722][T18049] ? do_sock_setsockopt+0xf3/0x1d0 [ 154.291754][T18049] ? xskq_create+0xfb/0x1d0 [ 154.291772][T18049] __vmalloc_node_range_noprof+0xfbc/0x1480 [ 154.291806][T18049] ? xskq_create+0xfb/0x1d0 [ 154.291830][T18049] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 154.291866][T18049] ? xskq_create+0xfb/0x1d0 [ 154.291882][T18049] vmalloc_user_noprof+0x9e/0xe0 [ 154.291904][T18049] ? xskq_create+0xfb/0x1d0 [ 154.291919][T18049] xskq_create+0xfb/0x1d0 [ 154.291937][T18049] xsk_setsockopt+0x932/0xc00 [ 154.291963][T18049] ? __pfx_xsk_setsockopt+0x10/0x10 [ 154.291995][T18049] ? aa_sock_opt_perm+0xfd/0x1b0 [ 154.292023][T18049] ? __pfx_xsk_setsockopt+0x10/0x10 [ 154.292050][T18049] do_sock_setsockopt+0xf3/0x1d0 [ 154.292077][T18049] __sys_setsockopt+0x120/0x1a0 [ 154.292101][T18049] __ia32_sys_setsockopt+0xbc/0x160 [ 154.292118][T18049] ? lockdep_hardirqs_on+0x7c/0x110 [ 154.292138][T18049] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 154.292161][T18049] __do_fast_syscall_32+0x7c/0x370 [ 154.292185][T18049] do_fast_syscall_32+0x32/0x80 [ 154.292207][T18049] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 154.292228][T18049] RIP: 0023:0xf7f27579 [ 154.292242][T18049] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 154.292259][T18049] RSP: 002b:00000000f541655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 154.292277][T18049] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000011b [ 154.292288][T18049] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004 [ 154.292301][T18049] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 154.292312][T18049] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 154.292323][T18049] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 154.292349][T18049] [ 154.292355][T18049] Mem-Info: [ 154.350804][T18057] tmpfs: User quota inode hardlimit too large. [ 154.351062][T18049] active_anon:1307 inactive_anon:386 isolated_anon:0 [ 154.351062][T18049] active_file:5320 inactive_file:3515 isolated_file:0 [ 154.351062][T18049] unevictable:1768 dirty:282 writeback:0 [ 154.351062][T18049] slab_reclaimable:6146 slab_unreclaimable:56594 [ 154.351062][T18049] mapped:22588 shmem:1776 pagetables:1191 [ 154.351062][T18049] sec_pagetables:311 bounce:0 [ 154.351062][T18049] kernel_misc_reclaimable:0 [ 154.351062][T18049] free:93390 free_pcp:4126 free_cma:0 [ 154.376490][T18059] openvswitch: netlink: ct_state flags 010000e0 unsupported [ 154.378286][T18049] Node 0 active_anon:132kB inactive_anon:0kB active_file:156kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:9872kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8912kB pagetables:1292kB sec_pagetables:1128kB all_unreclaimable? yes Balloon:0kB [ 154.433209][ C3] vkms_vblank_simulate: vblank timer overrun [ 154.450879][T18049] Node 1 active_anon:4968kB inactive_anon:1544kB active_file:21124kB inactive_file:14068kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:80520kB dirty:1136kB writeback:0kB shmem:3568kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4296kB pagetables:3716kB sec_pagetables:116kB all_unreclaimable? no Balloon:0kB [ 154.465015][T18049] Node 0 DMA free:2104kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:28kB local_pcp:0kB free_cma:0kB [ 154.487780][T18049] lowmem_reserve[]: 0 291 291 291 291 [ 154.490197][T18049] Node 0 DMA32 free:18080kB boost:0kB min:13448kB low:16808kB high:20168kB reserved_highatomic:2048KB free_highatomic:1360KB active_anon:132kB inactive_anon:0kB active_file:156kB inactive_file:0kB unevictable:3536kB writepending:8kB zspages:2068kB present:1032196kB managed:298584kB mlocked:0kB bounce:0kB free_pcp:6116kB local_pcp:2524kB free_cma:0kB [ 154.505900][T18049] lowmem_reserve[]: 0 0 0 0 0 [ 154.508501][T18049] Node 1 DMA32 free:352900kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:5068kB inactive_anon:1544kB active_file:21124kB inactive_file:14068kB unevictable:3536kB writepending:1136kB zspages:3544kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:10608kB local_pcp:2100kB free_cma:0kB [ 154.514942][T18071] SET target dimension over the limit! [ 154.522938][T18049] lowmem_reserve[]: 0 0 0 0 0 [ 154.527076][T18049] Node 0 DMA: 12*4kB (U) 9*8kB (UM) 4*16kB (U) 2*32kB (UM) 3*64kB (UM) 1*128kB (M) 2*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2104kB [ 154.533733][T18049] Node 0 DMA32: 4*4kB (UE) 48*8kB (UEH) 19*16kB (UE) 101*32kB (UEH) 63*64kB (UEH) 25*128kB (UMEH) 17*256kB (UMEH) 3*512kB (M) 1*1024kB (U) 0*2048kB 0*4096kB = 18080kB [ 154.540822][T18049] Node 1 DMA32: 375*4kB (ME) 905*8kB (UM) 771*16kB (UME) 621*32kB (UME) 601*64kB (UME) 344*128kB (UME) 230*256kB (UME) 145*512kB (UME) 78*1024kB (UM) 6*2048kB (U) 1*4096kB (U) = 352820kB [ 154.548662][T18049] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 154.552048][T18049] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 154.558948][T18049] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 154.563719][T18049] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 154.567718][T18049] 11565 total pagecache pages [ 154.569834][T18049] 956 pages in swap cache [ 154.571943][T18049] Free swap = 101980kB [ 154.573663][T18049] Total swap = 124996kB [ 154.575642][T18049] 524155 pages RAM [ 154.577645][T18049] 0 pages HighMem/MovableOnly [ 154.579955][T18049] 208614 pages reserved [ 154.581836][T18049] 0 pages cma reserved [ 154.589929][T18078] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5863'. [ 154.945910][T18130] netlink: 108 bytes leftover after parsing attributes in process `syz.0.5887'. [ 154.946030][T18128] xt_connbytes: Forcing CT accounting to be enabled [ 154.952627][T18130] netlink: 108 bytes leftover after parsing attributes in process `syz.0.5887'. [ 154.952810][T18128] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 155.022517][T18135] delete_channel: no stack [ 155.157868][T18156] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5900'. [ 155.161836][T18156] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 155.378520][ T29] IPVS: starting estimator thread 0... [ 155.411216][T18181] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 155.477820][T18182] IPVS: using max 47 ests per chain, 112800 per kthread [ 155.791659][T18234] bond4 (unregistering): Released all slaves [ 155.829178][ T54] usb 7-1: new full-speed USB device number 10 using dummy_hcd [ 156.002757][ T54] usb 7-1: config 0 has an invalid interface number: 132 but max is 0 [ 156.006545][ T54] usb 7-1: config 0 has no interface number 0 [ 156.024415][ T54] usb 7-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 156.028612][ T54] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 156.028974][T18261] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5940'. [ 156.032100][ T54] usb 7-1: Product: syz [ 156.037354][T18261] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5940'. [ 156.045815][ T54] usb 7-1: Manufacturer: syz [ 156.047850][ T54] usb 7-1: SerialNumber: syz [ 156.050287][T18261] geneve2: entered promiscuous mode [ 156.052965][T18261] geneve2: entered allmulticast mode [ 156.055221][ T54] usb 7-1: config 0 descriptor?? [ 156.059642][ T54] hub 7-1:0.132: bad descriptor, ignoring hub [ 156.062391][ T54] hub 7-1:0.132: probe with driver hub failed with error -5 [ 156.068299][ T54] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.132/input/input16 [ 156.079467][T18264] program syz.3.5941 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 156.325699][T18294] i2c i2c-1: Invalid block write size 34 [ 156.508954][T18324] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5966'. [ 156.514461][ T54] usb 7-1: USB disconnect, device number 10 [ 156.704835][ T41] audit: type=1326 audit(2000000046.321:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18351 comm="syz.3.5980" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 156.713532][ T41] audit: type=1326 audit(2000000046.321:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18351 comm="syz.3.5980" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 156.720377][ T41] audit: type=1326 audit(2000000046.339:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18351 comm="syz.3.5980" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 156.727678][ T41] audit: type=1326 audit(2000000046.339:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18351 comm="syz.3.5980" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 156.734739][ T41] audit: type=1326 audit(2000000046.339:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18351 comm="syz.3.5980" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 156.751758][ T41] audit: type=1326 audit(2000000046.377:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.3.5983" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 156.760225][ T41] audit: type=1326 audit(2000000046.377:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.3.5983" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 156.767652][ T41] audit: type=1326 audit(2000000046.377:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.3.5983" exe="/syz-executor" sig=0 arch=40000003 syscall=182 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 156.774946][ T41] audit: type=1326 audit(2000000046.377:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.3.5983" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 156.782379][ T41] audit: type=1326 audit(2000000046.377:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.3.5983" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 156.895130][T18373] overlayfs: failed to resolve './file0': -2 [ 157.634783][T18522] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6064'. [ 157.949484][T18595] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6101'. [ 158.151211][T18646] netlink: 'syz.0.6126': attribute type 21 has an invalid length. [ 158.197851][T18656] netlink: 'syz.2.6131': attribute type 3 has an invalid length. [ 158.200445][T18656] netlink: 'syz.2.6131': attribute type 1 has an invalid length. [ 158.460328][T18708] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only [ 158.566757][T18728] netlink: 'syz.1.6166': attribute type 4 has an invalid length. [ 158.572317][T18728] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check. [ 158.590028][T18734] CIFS mount error: No usable UNC path provided in device string! [ 158.590028][T18734] [ 158.593437][T18734] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 158.731860][T18764] comedi comedi4: bad chanlist[0]=0x00000101 chan=257 range length=2 [ 158.763813][T18770] ip6t_srh: unknown srh match flags 448C [ 158.875405][T18796] openvswitch: netlink: Unexpected mask (mask=40040, allowed=10048) [ 158.920067][T18805] netlink: 'syz.2.6205': attribute type 1 has an invalid length. [ 158.921334][T18806] [U]  [ 158.924875][T18806] [U] K{ [ 158.926427][T18806] [U] t 1ŠFfˊ`GJgo/mC [ 158.930235][T18806] [U] tؖ/,~Ĝj}8'o1"7-JQKWq5c%"H12YX``+(!(z'tXlnIgjݭp~7!" (5Ob̓J [ 158.936631][T18806] [U] k\&}66XHX .`a$40|϶9ި U4Vbz}wMTQΦr 4 [ 158.941915][T18806] [U] ".h6"k[J4In[Z(C|T]z{3c=x4w)\TXJSH{q;칢t+gd.˂>ywUhfNhl]S2\g%O&z)'pul_< ذ`ұT;_"(u{7j2X /'cIHcճV=Ai%wEs RjgrhIa6-DV i"n Asc~48c*OO5/J~wvK+3Y)Mvyq潀DTrOtpem%fejA5T_-X~^aaۂq [ 158.956966][T18806] [U] +wG?]'a: )' B>tf/<'U'hi.+]e.-ɿ%>2`^U8F.63+A«g3p6:^0tv'EtYCnrϩnPj ;Z8!\Aʖ2$­wi.#/Bai`4jdy@zgW5˿B ٜNy"vI2 [ 158.967558][T18806] [U] T_K5tYJ9c$brLNul 9w|G"ʃ%C؝q 3qN^HP*$ .7yӱ2 [ 158.971663][T18806] [U] ? h*37鍾^#Q"0~ (oX Lb,'v=CSGS0ւ`ه=1(p#2DO*Ƀ [ 158.977788][T18806] [U] sgGud-{|&2Lc_!`oz֥B%>rwSsH"yA4O.Y䏄RTԶB[+/<>{q_՝LX8U{Z)7?rR;crhײڣ1>)Măt(aϝ}9ڥJ*Mќġ'Lq DW=|q ÆW;5Ž!dBx`/E`ƦMX"\ [ 159.019569][T18806] [U] {; ٘_o2)o.2W2yx_ HPϱSD:]{ [ 159.022526][T18806] [U] I,> 51^1N4oǶ'0?֒i9w._.WaV`)Zc6GiӹaXL[F*OW)+'\n[K@2Ǭp"^` [ 159.025673][T18816] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 159.026981][T18806] [U] 22Ʃx?0;3u [ 159.029983][T18816] UDF-fs: Scanning with blocksize 2048 failed [ 159.031528][T18806] [U] ޜsObx8W4(~/KUԖoQe+G-ygY_>v3.hә]̈́2)D, D~d+w; A\FPȘ|$)KؐIɿkYT^R癵A=#ܜ aet1ݯ4K.e"RS|s:>p r"z#P!KY"}FN84hޱosߙ̫%Dlwm [ 159.044332][T18816] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 159.046817][T18816] UDF-fs: Scanning with blocksize 4096 failed [ 159.047358][T18806] [U] [['xn' ,mr/1D=!Dx91BwRlfKZ#` l؛˜b~m [ 159.055426][T18806] [U] L>d+d"5h3<iR=F^fnvDOIO:U>Y [ 159.058776][T18806] [U] 'B6v20瞥׌"t8{9FW]쩍 [ 159.060893][T18806] [U] 72uC6τI]8ctۨQSkYI |V'TV/g$[ 9kh`"}[^=0]%̂TF_v4C [ 159.064969][T18806] [U] ec [ 159.066071][T18806] [U] |<:^3$7nK~-@?/mtl۾Iw@g~t{P+$jp| IRipm Y 8tV,l, [ 159.070275][T18822] __nla_validate_parse: 6 callbacks suppressed [ 159.070285][T18822] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6212'. [ 159.075045][T18804] [U] K)0~ʪiP'fzr @B]5{ʼ'8ƥFUTqUdǩK;70c[yYCذmL8T͚5rxW xoQhVi'8L [ 159.156473][T18844] Cannot find del_set index 8 as target [ 159.174908][T18849] overlay: Bad value for 'workdir' [ 159.180012][T18851] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6225'. [ 159.286158][T18871] netlink: 14 bytes leftover after parsing attributes in process `syz.2.6236'. [ 159.305228][T18874] SET target dimension over the limit! [ 159.308406][T18871] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 159.316068][T18871] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 159.322408][T18871] bond0 (unregistering): Released all slaves [ 159.331637][ T10] syz0: Port: 1 Link DOWN [ 159.341562][T18881] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 159.354170][T18884] deleting an unspecified loop device is not supported. [ 159.436291][T18898] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6250'. [ 159.455715][T18898] 8021q: adding VLAN 0 to HW filter on device bond4 [ 159.479661][T18905] netlink: 'syz.3.6254': attribute type 12 has an invalid length. [ 159.484369][T18907] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 159.574893][T18926] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6262'. [ 159.575288][T18927] tc_dump_action: action bad kind [ 159.595025][T18930] tmpfs: Group quota block hardlimit too large. [ 159.604812][T18932] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 159.606945][T18932] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 159.610117][T18932] vhci_hcd vhci_hcd.0: Device attached [ 159.614814][T18934] vhci_hcd: connection closed [ 159.615309][ T229] vhci_hcd: stop threads [ 159.618345][ T229] vhci_hcd: release socket [ 159.619793][ T229] vhci_hcd: disconnect device [ 159.746261][T18959] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 160.233487][T19055] Cannot find del_set index 3 as target [ 160.261052][T19060] netlink: 40 bytes leftover after parsing attributes in process `syz.3.6327'. [ 160.428530][T19094] netlink: 96 bytes leftover after parsing attributes in process `syz.1.6344'. [ 160.673667][T19133] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6362'. [ 160.915785][T19160] netlink: 'syz.1.6375': attribute type 1 has an invalid length. [ 161.076085][T19180] geneve1: entered allmulticast mode [ 161.168284][T19197] PKCS8: Unsupported PKCS#8 version [ 161.296657][T19224] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6405'. [ 161.395067][T19238] ipt_REJECT: TCP_RESET invalid for non-tcp [ 161.570870][T19275] netlink: 'syz.1.6431': attribute type 4 has an invalid length. [ 161.619513][T19284] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 161.638716][T19288] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6437'. [ 161.898434][T19336] block nbd2: NBD_DISCONNECT [ 162.360857][T19386] xt_HMARK: spi-set and port-set can't be combined [ 162.366157][T19389] comedi comedi3: pcl711: I/O port conflict (0x1fc00,16) [ 162.417009][T19398] bpf: Bad value for 'mode' [ 162.631591][T19447] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 162.634528][T19447] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 162.635256][T19447] vhci_hcd vhci_hcd.0: Device attached [ 162.644849][T19448] vhci_hcd: unknown pdu 2 [ 162.646712][T13519] vhci_hcd: stop threads [ 162.648509][T13519] vhci_hcd: release socket [ 162.657190][T13519] vhci_hcd: disconnect device [ 162.713248][T19465] dvmrp0: entered allmulticast mode [ 162.868691][T19498] netlink: 'syz.3.6536': attribute type 11 has an invalid length. [ 162.870389][T19499] tmpfs: Bad value for 'mpol' [ 163.251478][T19554] bond0: option arp_validate: mode dependency failed, not supported in mode balance-tlb(5) [ 163.261054][T19554] bond0 (unregistering): Released all slaves [ 163.509952][T19603] netlink: 'syz.0.6585': attribute type 29 has an invalid length. [ 163.558265][T19609] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 163.643032][T19623] netlink: 'syz.1.6593': attribute type 6 has an invalid length. [ 164.191477][T19733] netlink: 'syz.2.6644': attribute type 15 has an invalid length. [ 164.233272][T19736] Process accounting resumed [ 164.246480][T19742] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 164.249864][T19742] block device autoloading is deprecated and will be removed. [ 164.271120][T19749] program syz.3.6652 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 164.299257][T19755] netlink: ct family unspecified [ 164.300907][T19755] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 164.494046][T19803] ata1.00: invalid multi_count 1 ignored [ 164.528040][T19809] __nla_validate_parse: 10 callbacks suppressed [ 164.528051][T19809] netlink: 220 bytes leftover after parsing attributes in process `syz.3.6682'. [ 164.588522][T19819] netlink: 'syz.3.6688': attribute type 9 has an invalid length. [ 164.591591][T19819] netlink: 'syz.3.6688': attribute type 7 has an invalid length. [ 164.592759][T19821] F2FS-fs (nbd1): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 164.594221][T19819] netlink: 'syz.3.6688': attribute type 8 has an invalid length. [ 164.601511][T19821] F2FS-fs (nbd1): Can't find valid F2FS filesystem in 1th superblock [ 164.605198][T19821] F2FS-fs (nbd1): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 164.613333][T19821] F2FS-fs (nbd1): Can't find valid F2FS filesystem in 2th superblock [ 164.715292][T19843] bond5: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 164.719959][T19843] bond5 (unregistering): Released all slaves [ 164.943892][T19888] tmpfs: Bad value for 'mpol' [ 164.956576][T19892] random: crng reseeded on system resumption [ 164.977769][T19894] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6724'. [ 164.985476][T19894] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6724'. [ 165.077634][T19914] sctp: [Deprecated]: syz.0.6734 (pid 19914) Use of int in maxseg socket option. [ 165.077634][T19914] Use struct sctp_assoc_value instead [ 165.121015][T19922] netlink: 'syz.2.6737': attribute type 21 has an invalid length. [ 165.123646][T19922] netlink: 'syz.2.6737': attribute type 1 has an invalid length. [ 165.126199][T19922] netlink: 144 bytes leftover after parsing attributes in process `syz.2.6737'. [ 165.231223][T19946] ipt_ECN: cannot use operation on non-tcp rule [ 165.342234][T19972] tmpfs: Bad value for 'mpol' [ 165.355504][T19977] netlink: 7 bytes leftover after parsing attributes in process `syz.3.6765'. [ 165.359031][T19977] netlink: 7 bytes leftover after parsing attributes in process `syz.3.6765'. [ 165.397355][T19986] netlink: 'syz.3.6770': attribute type 21 has an invalid length. [ 165.399999][T19986] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6770'. [ 165.517291][T20009] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 165.546467][T20020] CIFS: VFS: Malformed UNC in devname [ 165.733914][T20051] net veth1_virt_wifi : renamed from virt_wifi0 [ 165.783122][T20061] /dev/sg0: Can't lookup blockdev [ 165.850632][T20075] ipvlan0: entered promiscuous mode [ 165.852398][T20075] ipvlan0: entered allmulticast mode [ 165.857989][T20075] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 165.887608][T20081] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6816'. [ 165.922547][T20087] netlink: 'syz.3.6819': attribute type 21 has an invalid length. [ 165.926092][T20087] netlink: 128 bytes leftover after parsing attributes in process `syz.3.6819'. [ 165.938455][T20087] netlink: 3 bytes leftover after parsing attributes in process `syz.3.6819'. [ 167.011946][T20195] XFS (nbd1): SB validate failed with error -5. [ 167.020355][ T41] kauditd_printk_skb: 9 callbacks suppressed [ 167.020370][ T41] audit: type=1326 audit(2000000055.974:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20212 comm="syz.0.6878" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 167.030686][ T41] audit: type=1326 audit(2000000055.983:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20212 comm="syz.0.6878" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 167.038147][ T41] audit: type=1326 audit(2000000055.983:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20212 comm="syz.0.6878" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 167.045614][ T41] audit: type=1326 audit(2000000055.983:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20212 comm="syz.0.6878" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 167.052547][ T41] audit: type=1326 audit(2000000055.983:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20212 comm="syz.0.6878" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 167.088496][T20220] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 167.091062][T20220] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock [ 167.094611][T20220] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 167.097466][T20220] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock [ 167.127304][T20229] QAT: Invalid ioctl 21531 [ 167.469835][T20302] binder: 20300:20302 ioctl c0306201 0 returned -14 [ 167.702785][T20354] tmpfs: Bad value for 'mpol' [ 167.703399][T20356] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 167.707043][T20356] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 167.710511][T20356] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 167.713053][T20356] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 167.994894][T20403] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 168.018950][T20407] geneve3: entered promiscuous mode [ 168.020699][T20407] geneve3: entered allmulticast mode [ 168.023298][ T62] netdevsim netdevsim3 : set [1, 1] type 2 family 0 port 256 - 0 [ 168.025948][ T62] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 168.033106][ T62] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 168.035957][ T62] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 168.039341][T20411] kAFS: No cell specified [ 168.217894][T20437] bond5: option arp_validate: invalid value (524288) [ 168.221383][T20437] bond5 (unregistering): Released all slaves [ 168.338163][ T41] audit: type=1326 audit(2000000057.218:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20449 comm="syz.0.6991" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 168.347704][ T41] audit: type=1326 audit(2000000057.218:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20449 comm="syz.0.6991" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 168.358181][ T41] audit: type=1326 audit(2000000057.218:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20449 comm="syz.0.6991" exe="/syz-executor" sig=0 arch=40000003 syscall=320 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 168.379985][ T41] audit: type=1326 audit(2000000057.218:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20449 comm="syz.0.6991" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 168.392994][ T41] audit: type=1326 audit(2000000057.218:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20449 comm="syz.0.6991" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 168.399217][T20460] program syz.1.6995 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 168.491152][T20474] MTD: Couldn't look up './file0': -15 [ 168.875714][T20547] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 168.881451][T20549] validate_nla: 7 callbacks suppressed [ 168.881462][T20549] netlink: 'syz.3.7040': attribute type 1 has an invalid length. [ 168.937361][T20559] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 168.958509][T20565] QAT: Device 253 not found [ 169.002267][T20573] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN NOPTI [ 169.007133][T20573] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f] [ 169.010838][T20573] CPU: 1 UID: 0 PID: 20573 Comm: syz.3.7052 Not tainted syzkaller #0 PREEMPT(full) [ 169.014718][T20573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 169.019152][T20573] RIP: 0010:handshake_complete+0x31/0x390 [ 169.021479][T20573] Code: 56 41 55 49 89 d5 41 54 41 89 f4 55 53 48 89 fb e8 d4 fc 6f f6 48 8d 7b 28 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 0f 03 00 00 48 8b 6b 28 e8 dc 23 0e 00 48 b8 00 [ 169.029235][T20573] RSP: 0018:ffffc900037df4e8 EFLAGS: 00010206 [ 169.031564][T20573] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90029e69000 [ 169.034801][T20573] RDX: 0000000000000005 RSI: ffffffff8b4d245c RDI: 0000000000000028 [ 169.038050][T20573] RBP: ffffc900037df5b0 R08: 0000000000000000 R09: ffffed100d449760 [ 169.041207][T20573] R10: ffff88806a24bb03 R11: 000000000000001e R12: 00000000fffffffb [ 169.044414][T20573] R13: 0000000000000000 R14: ffff88804b8a1380 R15: ffff888023ed0000 [ 169.047633][T20573] FS: 0000000000000000(0000) GS:ffff888097aa8000(0063) knlGS:00000000f5416b40 [ 169.051269][T20573] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 169.053996][T20573] CR2: 00000000f7387348 CR3: 000000004ff87000 CR4: 0000000000352ef0 [ 169.057261][T20573] Call Trace: [ 169.058675][T20573] [ 169.059903][T20573] handshake_nl_accept_doit+0x2dc/0x910 [ 169.062313][T20573] genl_family_rcv_msg_doit+0x209/0x2f0 [ 169.064616][T20573] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 169.067114][T20573] ? __dev_queue_xmit+0xaf1/0x4330 [ 169.069213][T20573] ? genl_get_cmd+0x194/0x580 [ 169.071180][T20573] ? bpf_lsm_capable+0x9/0x10 [ 169.073140][T20573] ? security_capable+0x7e/0x260 [ 169.075241][T20573] genl_rcv_msg+0x55c/0x800 [ 169.077133][T20573] ? __pfx_genl_rcv_msg+0x10/0x10 [ 169.079239][T20573] ? __pfx_handshake_nl_accept_doit+0x10/0x10 [ 169.081753][T20573] netlink_rcv_skb+0x158/0x420 [ 169.083937][T20573] ? __pfx_genl_rcv_msg+0x10/0x10 [ 169.086276][T20573] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 169.088471][T20573] ? netlink_deliver_tap+0x1ae/0xd30 [ 169.090683][T20573] genl_rcv+0x28/0x40 [ 169.092363][T20573] netlink_unicast+0x5aa/0x870 [ 169.094749][T20573] ? __pfx_netlink_unicast+0x10/0x10 [ 169.096949][T20573] netlink_sendmsg+0x8c8/0xdd0 [ 169.098957][T20573] ? __pfx_netlink_sendmsg+0x10/0x10 [ 169.101140][T20573] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 169.103621][T20573] ____sys_sendmsg+0xa5d/0xc30 [ 169.105576][T20573] ? __pfx_____sys_sendmsg+0x10/0x10 [ 169.107769][T20573] ? get_compat_msghdr+0x11a/0x170 [ 169.109874][T20573] ? __pfx_futex_wake_mark+0x10/0x10 [ 169.112056][T20573] ___sys_sendmsg+0x134/0x1d0 [ 169.114126][T20573] ? __pfx____sys_sendmsg+0x10/0x10 [ 169.116330][T20573] ? find_held_lock+0x2b/0x80 [ 169.118359][T20573] __sys_sendmsg+0x16d/0x220 [ 169.120239][T20573] ? __pfx___sys_sendmsg+0x10/0x10 [ 169.122411][T20573] ? __ia32_sys_futex_time32+0x1d9/0x460 [ 169.124695][T20573] ? rcu_is_watching+0x12/0xc0 [ 169.126671][T20573] __do_fast_syscall_32+0x7c/0x370 [ 169.128785][T20573] do_fast_syscall_32+0x32/0x80 [ 169.130849][T20573] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 169.133437][T20573] RIP: 0023:0xf7f27579 [ 169.135090][T20573] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 169.142711][T20573] RSP: 002b:00000000f541655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 169.146139][T20573] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000 [ 169.149334][T20573] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 169.152481][T20573] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 169.155591][T20573] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 169.158863][T20573] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 169.162135][T20573] [ 169.163433][T20573] Modules linked in: [ 169.165320][T20573] ---[ end trace 0000000000000000 ]--- [ 169.167903][T20573] RIP: 0010:handshake_complete+0x31/0x390 [ 169.170320][T20573] Code: 56 41 55 49 89 d5 41 54 41 89 f4 55 53 48 89 fb e8 d4 fc 6f f6 48 8d 7b 28 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 0f 03 00 00 48 8b 6b 28 e8 dc 23 0e 00 48 b8 00 [ 169.178116][T20573] RSP: 0018:ffffc900037df4e8 EFLAGS: 00010206 [ 169.180636][T20573] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90029e69000 [ 169.184940][T20573] RDX: 0000000000000005 RSI: ffffffff8b4d245c RDI: 0000000000000028 [ 169.188200][T20573] RBP: ffffc900037df5b0 R08: 0000000000000000 R09: ffffed100d449760 [ 169.191474][T20573] R10: ffff88806a24bb03 R11: 000000000000001e R12: 00000000fffffffb [ 169.194870][T20573] R13: 0000000000000000 R14: ffff88804b8a1380 R15: ffff888023ed0000 [ 169.198115][T20573] FS: 0000000000000000(0000) GS:ffff888097aa8000(0063) knlGS:00000000f5416b40 [ 169.201784][T20573] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 169.204640][T20573] CR2: 00000000f7387348 CR3: 000000004ff87000 CR4: 0000000000352ef0 [ 169.207916][T20573] Kernel panic - not syncing: Fatal exception [ 169.211304][T20573] Kernel Offset: disabled [ 169.213065][T20573] Rebooting in 86400 seconds..