last executing test programs: 3m16.632234483s ago: executing program 3 (id=5957): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r0, &(0x7f0000000140), &(0x7f0000000080)=""/6, 0x18}, 0x20) 3m16.461066127s ago: executing program 3 (id=5960): r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0) ioctl$VIDIOC_S_PARM(r0, 0xc0cc5616, &(0x7f0000000080)={0x3, @raw_data="f835749da683d0c02d6ba5a2e68c1349575fdc74407b47526ca5401246ecf14f372287db173ea4e5aab455351a7a39f2442ad9193c1f8b87cfde1d97a980d60493ac2c662682a9d4fc16c272c95c69ee6db2bd5cea32f6845707254376c50991950e69ccd73a04f0c90356c69fc4fd962c19db8956708b6aacb747a04e0b562534bf1926a8fa2c7e2f00608c6c0d08dfa3e74ace791af77a7c2f890d08ea813d93ceb3ce7ddaca1f559a9c26ead9f502eefc9d74d2b8adf69716e06fa5b025fa6525ae3da98f62ce"}) 3m16.324566018s ago: executing program 3 (id=5962): socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendmmsg$inet(r0, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0) 3m15.781083591s ago: executing program 3 (id=5973): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x840, &(0x7f0000000800)={[{@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@gid}, {@gid}, {@umask={'umask', 0x3d, 0x400}}, {@dmask={'dmask', 0x3d, 0x4}}, {@fmask={'fmask', 0x3d, 0x4}}, {@namecase}, {@keep_last_dots}, {@iocharset={'iocharset', 0x3d, 'iso8859-5'}}, {@keep_last_dots}]}, 0x1, 0x152c, &(0x7f0000001f80)="$eJzs3AuYTtUaOPD3XWvtMSS+JrkMa6138yWXZZIklyS5JEklSXJLSJrkSEJiCEkakpBchiSGkFwmJo37/X5JSJImSUJyS9b/mfB3OnX+dc7pn/OceX/Ps59Z76y91n73936Xtfcz833TZUitxrWrNyQi+I/g+R9JABALAAMAIC8ABABQPq58XFZ/TolJ/9lB2J/rgdTLnQG7nLj+2RvXP3vj+mdvXP/sjeufvXH9szeuf/bG9WcsO9s4tdBVvGXfje//Z2f8+f8/JLPMmC9Wl7mmK0DMHx3C9c/euP7/s4I/shPXP3vj+mdXsZc7AfZfgF//2UGOf9rD9c/euP6MZWeX+/7z5d4g8l/2GBzOeb4wf9X5M8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjf4FT/hIFABfblzsvxhhjjDHGGGOM/Xl8jsudAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBAFdCHsgLEbgK4uBqyAfXQH4oAAWhEMRDYSgCGgxYIAihKBSDKFwLxeE6KAEloRSUBgdlIAGuh7JwA5SDG6E83AQV4GaoCJWgMlSBW6Aq3ArV4DaoDrdDDagJtaA23AF14E6oC3dBPbgb6sM9cC/cBw3gfmgID0AjeBAaw0PQBB6GptAMmkMLaPlvjX8OesDz0BN6QRL0hj7wAvSFftAfXoQB8BIMhJdhELwCyTAYhsCrMBReg2HwOgyHETAS3oBR8CaMhjEwFsZBCoyHCfAWTIS3YRK8A5NhCqTCVJgG78J0mAEz4T2YBe/DbJgDc2EepMEHMB8WQDp8CAvhI8iARbAYlsBSWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBtvhY9gBn8BO2AW74VPYA5/9i+NP/sP4rggIKFCgQoUxGIOxGIu5MBfmxtyYB/NgBCMYh3GYD/NhfsyPBbEgxmM8FsEiaNAgIWFRLIpRjGJxLI4lsASWwlLo0GECJmBZvAHLYTksj+WxAlbAilgJK2EVrIJVsSpWw2pYHatjDayBtbAW3oF3YG+si3WxHtbD+lj/4u0pbIgNsRE2wsbYGJtgE2yKTbE5NseW2BJbYStsja2xLbbFdtgO22N7TMRE7IAdsCN2xE7YCTtjZ+yCXbArdsNumc/lAHwen8deWEP0xj7YB/tico7++CK+iC/hQHwZX8ZXMBkH4xB8FV/F13AYnsDhOAJH4kisKt7E0TgGSYzDFEzBCTgBJ+JEzEr0HZyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4T/1Wjj0uuSgaRRQklYkSMiBWxIpfIJXKL3CKPyCMiIiLiRJzIJ/KJ/CK/KCgKingRL4qIIsIII0iEMQAgoiIqioviooQoIUqJUsIJJxJEgigryopyopwoL24SFcTNoqKoJNq4KqKKqCraumriNlFdVBc1RE1RS9QWtUUdUUfUFXVFPVFP1Bf1xb3iPtFA9Mb++IDIqkxjMRibiCHYVDQT8sI7WCsxDFuLNqKteEyMwOHYXrRyieJJ0UGMxo7ib2IMPi06i3HYRTwruopuort4TvQQrV1P0UtMwt6ij5iCfUU/0V+8KKZjTfEezspZS7wiksVgMUS8Kubha2KYeF0MFyPESPGGGCXeFKPFGDFWjBMpYryYIN4SE8XbYpJ4R0wWU0SqmCqmiXfFdDFDzBTviVnifTFbzBFzxTyRJj4Q88UCkS4+FAvFRyJDLBKLxRKxVCwTy8UKsVKsEqvFGrFWrBPrxQaxUWwSm0UsbBXbxHbxsdghPhE7xS6xW3wq9ojPxF7xudgnvhD7xZciU3wlDoivxUHxjTgkvhWHxXfiiDgqjonvxXHxgzghTopT4rQ4I34UZ8VP4pzwAiRKIaVUMpAxMoeMlTllLnmFzC2DC4/uVTJOXi3zyWtkfllAFpSFZLwsLItILY20kmQoi8piMiqvlcXldbKELClLydLSyTIyQV4vy8obZDl5oywvb5IV5M2yoqwkK8sq8hZZVd4qIXL+GDVkTVlL1pZ3yCS4U9aVd8l68m5ZX94j75X3yQbyftlQPiAbyQdlY/mQbCIflk1lM9lctpAt5SOylXxUtpZtZFv5mGwnH5ft5RMyUT4pO0h/4SnytOwsn5Fd5LOyq+wmu8uf5DnpZU/ZS0JvkH3kC7Kv7Cf7xwKAfEkOlC/LQfIVmSwHyyHyVTlUviaHydflcDlCjpRvyFHyTTlajpFj5TiZIsfLCfItOVG+LSfJd+RkOUWmyqmyvxzw80wzpfzd8W/9xvhBPx99g9woN8nNcovcKrfJ7fJjuUPukDvlTrlb7pZ75B65V+6V++Q+uV/ul5kyUx6QB+RBeVAekofkYXlYHpFH5Wn5vTwuf5An5El5Up6WZ+QZefbCYwAKlVBSKRWoGJVDxaqcKpe6QuVWV6o8Kq+KqKtUnLpa5VPXqPyqgCqoCql4VVgVUVoZZRWpUBVVxVRUXYsXnjCqlCqtnCqjEtT1/8p4VVxdp0qokr8YfzG/pH+SX0vVUrVSrVRr1Vq1VW1VO9VOtVftVaJKVB1UB9VRdVSdVCfVWXVWXVSXrOeD6q66qx6qh+qpeqoklaT6qBdUX9VP9VcvqgHqJTVQDVSD1CCVrJLVEDVEDVVD1TA1TA1Xw9VINVKNUqPUaDVajVVjVYpKURPUBDVRTVST1CQ1WU1WqSpVTVPT1HQ1Xc1UM9UsNUvNVrPVXDVXpak0NV/NV+kqXS1UC1WGWqQWqSVqiVqmlqkVaoVapVapNWqNWqfWqQy1UW1Um9VmtVVtVdvVdrVD7VA7xU61W+1We9QetVftVfvUPrVf7VeZKlMdUAfUQXVQHVKH1GF1WB1RR9QxdUwdV8fVCXVCnVKn1Bl1Rp1VZ9U5dS5r2ReIQAQqUEFMEBPEBrFBriBXkDvIHeQJ8gSRIBLEBXFBvuCaIH9QICgYFArig8JBkUAHJrCBuFD0aHBtUDy4LigRlAxKBaUDF5QJEoLrg7LBDUG54MagfHBTUCG4OagYVAoqB1WCW4Kqwa1BteC2oHpwe1AjqBnUCmoHdwR1gjuDusFdQb3g7qB+cE9wb3Bf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmQbOgedAiaPmnzu/9iQKPup66l07SvXUf/YLuq/vp/vpFPUC/pAfql/Ug/YpO1oP1EP2qHqpf08P063q4HqFH6jf0KP2mHq3H6LF6nE7R4/UE/ZaeqN/Wk/Q7erKeolP1VD1Nv6un6xl6pn5Pz9Lv69l6jp6r5+k0/YGerxfodP2hXqg/0hl6kV6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q4/1jv0J3qn3qV360/1Hv2Z3qs/1/v0F3q//lJn6q/0Af21Pqi/0Yf0t/qw/k4f0Uf1Mf29Pq5/0Cf0SX1Kn9Zn9I/6rP5Jn9M+a3Gf9fFulFEmxsSYWBNrcplcJrfJbfKYPCZiIibOxJl8Jp/Jb/KbgqagiTfxpogpYrKQIVPUFDVREzXFTXFTwpQwpUwp44wzCSbBlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3GJuMbeaW81t5jZzu7nd1DQ1TW1T29QxdUxdU9fUM/VMfVPf3GvuNQ1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1Nc9PStDStTCvT2rQ2bU1b0860M+1Ne5NoEk0H08F0NB1NJ9PJdDadTRfTxXQ1XU130930MD1MT9PTJJkk08f0MX1NX9Pf9DcDzAAz0Aw0g8wgk2ySzRAzxAw1Q80wM8wMNyPMyKyFqnnTjDZjzFgzzqSYFDPBTDATzUQzyUwyk81kk2pSzTQzzUw3081MM9PMMrPMbDPbzDVzTZpJM/PNfJNu0s1Cs9BkmAyz2Cw2S81Ss9wsNyvNSrParDZrYa1Zb9abjWaj2Ww2m61mq9lutpsdZofZaXaa3Wa32WP2mL1mr9ln9pn9Zr/JNJnmgDlgDpqD5pA5ZA6bw+aIOWKOmWPmuDluTpgT5pQ5Zc6YAhc+L72JtTltLnuFzW2vtHlsXvuPcUFbyMbbwraI1Ta/LfCL2FhrS9iStpQtbZ0tYxPs9b+KK9pKtrKtYm+xVe2tttqv4jr2TlvX3mXr2bttbXvHL+L69h6btTppgAhgm9lGtoVtbB+yTezDtqltZpvbFradfdy2t0/YRPuk7WCf+lU83y6wK+0qu9qusTvtLnvKnrYH7Tf2jP3R9rS97AD7kh1oX7aD7Cs22Q7+VTzSvmFH2TftaDvGjrXjfhVPtlNsqp1qp9l37XQ741dxmv3AzrLpdradY+faeT/HWTml2w/tQvuRzbABLLZL7FK7zC63Ky7m6vPadXa93WB32E/sZrvFbrXb7PaLC2G7y+62n9o99jN7wH5t99kv7H57yGbar36Os87vkP3WHrbf2SP2qD1mv7fH7Q/q4uisc//e/mTPWW+BkIAkKQoohnJQLOWkXHQF5aYrKQ/lpQhdRXF0NeWjayg/FaCCVIjiqTAVIU2GLBGFVJSKUZSupYvplaLS5KgMJdD1VJZuoHJ0I5Wnm6gC3UwVqRJVpip0C1WlW6ka3UbV6XaqQTWpFtWmO6gO3Ul16S6qR3dTfbqH7qX7qAHdTw3pAWpED1Jjeoia0MPUlJpRc2pBLekRakWPUmtqQ23pMWpHj1N7eoIS6UnqQE9RR/obdaKnqTM9Q13oWepK3ag7PUc96HnqSb0oiXpTH3qB+lI/6k8v0gB6iQbSyzSIXqFkGkxD6FUaSq/RMHqdhtMIGklv0Ch6k0bTGBpL4yiFxtMEeosm0ts0id6hyTSFUmkqTaN3aTrNoJn0Hs2i92k2zaG5NI/S6AOaTwsonT6khfQRZdAiWkxLaCkto+W0glbSKlpNa2gtraP1tIE20ibaTFtoK22j7fQx7aBPaCftot30Ke2hzwjpc9pHX9B++pIy6Ss6QF/TQfqGDtG3vhd9R0foKB2j7+k4/UAn6CSdotN0hn6ks/QTnSNPEGIoQhmqMAhjwhxhbJgzzBVeEeYOrwzzhHnDSHhVGBdeHeYLrwnzhwXCgmGhMD4sHBYJdWhCG1IYhkXDYmE0vDYsHl4XlghLhqXC0qELy4QJ4fVh2fCGsFx4Y1g+vCmsEN4cVgwrhQ/dXSW8Jawa3hpWC28Lq4e3hzXCmmGtsHZ4R1gnvDOsG94V1gvvDsuF94T3hveFDcL7w4bhA2Gj8MGwcfhQ2CR8OGwaNgubhy3CluEjYavw0bB12CZsGz4WtgsfD9uHT4SJ4ZNhh/Cpn/vvWfDP+5PC3mGf8IXwhdD7u+Tc6LxoWvSD6Pzogmh69MPowuhH0Yzoouji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iao97VzgEMnnHTKBS7G5XCxLqfL5a5wud2VLo/L6yLuKhfnrnb53DUuvyvgCrpCLt4VdkWcdsZZRy50RV0xF3XXuuLuOlfClXSlXGnnXBmX4Fq4lq6la+Ueda1dG9fWPeYec4+7x90T7gn3pOvgnnId3d9cJ/e06+yecc+4Z11X1811d8+5Hm58nvOvySTXx/VxfV1f19/1dwPcADfQDXSD3CCX7JLdEDfEDXVD3TA3zA13w91IN9KNcqPcaDfajXVjXYpLcRPcBDfRTXST3CQ32U12qS7VTXPT3HQ33VWdcf4os91sN9fNdWkuzc13WWvGdLfQLXQZLsMtdovdUrfULXfL3Uq30q12q91at9atd+vdRrfRbXab3Va31W13290Ot8Pt9HnPT+r2uL1ur9vn9rn97kuX6b5yB9zX7qD7xh1y37rD7jt3xB11x9z37rj7wZ1wJ90pd9qdcT+6s+4nd855lxIZH5kQeSsyMfJ2ZFLknaxZI6mRqZFpkXcj0yMzIjMj70VmRd6PzI7MicyNzIukRT6IzI8siKRHPowsjHwUyYgsiiyOLIksjSyLeF94c+iL+mI+6q/1xf11voQv6Uv50t75Mj7BX+/L+ht8OX+jL+9v8hX8zb6ir+Qr+4d9U9/MN/ctfEv/iG/lH/WtfRvf1j/m2/nHfXv/hE/0T/oO/inf0f/Nd/JP+87+Gd/FP+u7+m6+u3/O9/DP+56+l0/yvX0f/4Lv6/v5/v5FP8C/5Af6l/0g/4pP9oP9EP+qH+pf88P86364H+FHxrzhR128RIZxPsWP9xP8W36if9tP8u/4yX6KT/VT/TT/rp/uZ/iZ/j0/y7/vZ/s5fq6f59P8B36+X+DT/Yd+of/IZ/hFF28q++V+hV/pV/nVfo1f69f59X6D3+g3+c1+i9/qt/nt/mO/w3/id/pdfrf/1O/xn/m9/nO/z3/h9/svfab/yh/wX/uD/ht/yH/rD/vv/BF/1B/z3/vj/gd/wp/0p/xpf8b/6M/6n/w5/p81xhhjjLE/ZPylpvhlz/nb+b1/Y4z4u537AMCVWwpl/n1/1opybf7z7X4ivl0EAJ7s1eWBi1uNGklJSRf2zZAQFJuTte6+ND4GLsWLoC08DonQBsr+Zv79RLcz9DvzR28CyPV3Y2LhUnxp/s8BMOk35n/ksZHzK4Sn4v4f888BKFHs0piccCleBG1/vr/SBsr9k/wLtPqd/HN+kQLQ+u/G5IZL8aX8E+BReAoSf7EnY4wxxhhjjDF2Xj9RudPF68+Lf/H5W9fn8erSmBxwKf6963PGGGOMMcYYY4xdfk936/7EI4mJbTr9641qv7+P+mMTxvxWVxP4dxPjxr/V8B7g/xYOAP7DCQGyGvKvPItNf8mxki+8dP6xa+lpH8B/Ryn/jMZlfmNijDHGGGOM/ekuLfp/+Xt1uRJijDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayof/0O97gD3xL3+U+R8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+xy+z8BAAD//9t19x0=") mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x80, 0x0) 3m15.581374087s ago: executing program 3 (id=5976): r0 = syz_open_dev$cec(&(0x7f0000000280), 0x0, 0x80200) ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000040)={"0984e7b4", 0x1ff, 0xcd, 0xb, 0x3ff, 0x4, "94c850d05a5700a39d4d07b4d0e7bb", "b19f344d", "bf9fdbef", "3ad6b901", ["71e2dc8f817d1f7b934c1382", "6d72ca8920ed8e8c32a4abb3", "7e949a032962b2f0bf1af8be", "e1e61fddcc8ed8f4e349450c"]}) 3m14.969486996s ago: executing program 3 (id=5985): r0 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'veth0_to_bridge\x00', &(0x7f0000000180)=@ethtool_modinfo={0x42, 0x0, 0x8}}) 3m14.66942402s ago: executing program 32 (id=5985): r0 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'veth0_to_bridge\x00', &(0x7f0000000180)=@ethtool_modinfo={0x42, 0x0, 0x8}}) 2m35.379263994s ago: executing program 1 (id=6487): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000300), 0x2002, 0x0) ioctl$IOMMU_OPTION$IOMMU_OPTION_RLIMIT_MODE(r0, 0x3b87, &(0x7f0000000100)={0x18, 0x0, 0x0, 0x0, 0x1000000, 0xe06d}) 2m35.134481374s ago: executing program 1 (id=6492): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000040)={0x4, 0x0, 0x8, 0x10000013, 0x100, &(0x7f0000000a00)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f18dafae3530db6dd493f2a3cc88721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef494c89092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003c7e6f3c82fbd8de6e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1aed6e850ecb3421143c5c4ded0f06affc524dcf3208272619b6a952db5bc96141b26c54d13c7a5416287a3b6f7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa0284abe90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695efbd649f42f310859122c0d2c1e558dc6586958a283762386ecf369274e43003a0fdff59ea515eb44504901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc5092548feaef7204a12cece59181fcb5bad8c24bd9f8f78d17ab82831325501e80d899e9252f99d3a2666343392fda11504800f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd333b30d3ce2f50dddeea3447aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b68986af3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9000400002f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d01000100df6f40a80ace2bb8a2aad3b0c66915927db4233181943d88c0c76d5969e2043db5bd77fd60ba0f013139929ccfec965c0c769785a4d23332ba1f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fd81bc31152538db50f47dc38ba908a0d808687e478a609fe0daa02d4e9c618b99266e7f2e98597e2813e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d472dd0e1338688ba782b41bde141f99c4894ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e87dde71929f918b98c4cbfcb11a90139264a9ee8081973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d2195ff9c6320c85bddc42915e4f3a5db642447bc2195a3d64e04c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289aa57152cac2e0e32b75ce814731c542091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00"}) 2m34.970706167s ago: executing program 1 (id=6496): creat(&(0x7f0000000000)='./bus\x00', 0x0) mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,') 2m34.746415895s ago: executing program 1 (id=6500): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x4, &(0x7f0000000740)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000880)={r0, 0x0, 0x28, 0x0, &(0x7f0000001880)="cedfb080cd21d308098e000081007e2286dd2db6cc65938e6cf878a76202992d66a9b3c35fdae0c9", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 2m34.624742245s ago: executing program 1 (id=6503): syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000001180)=ANY=[], 0x1, 0x17c, &(0x7f0000000500)="$eJzskr9OAkEQxr+9O/5oFDWxooGC+KdQjkONnZbY29lI4ETiocKRKITijDEUFsbSJ+A1THwBLYwPQE1BrM2ZvZ3bLL6C+yvu2/l2ZnZ2c+d+208B+JkOajhEhIkMPhiDBSDHhDcxhD6TfpI+CcE75R2Rf0+a9Xv9JAC+nceKMC6qnud28gC+I09a/sGdgUnU6ms6qPHFKYAwDEPu1QGejgUlxwTQVnKyFrAaXSKUORYNsA6g2G1dF/1ef6vZqjbchnvpmOU9e8e2d53iWdNzbfFlyhF0FXDdBJBKQ8L3EwAeKJ7HLEwZjfbZHE5kbTJ+www9IExZayi1sTK8yrlSSsUx1sDHugmWFLcQdbEQXakCBpOCkqXMJ85KRxvbtSuvPgQDi8tGsGSP0hgJGThqUN4PsChaDallgbRCOiIdk+b+/DJWwL+PFG0EQBK31W63U+KPJFYsXjnSc5YD9cH4qS/G7OXeDGg0Go1Go9FoNBrNf+c3AAD//8PfdhM=") open(&(0x7f0000000400)='./file2\x00', 0x40, 0x82) 2m33.576792608s ago: executing program 1 (id=6523): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) ioperm(0x0, 0x1, 0x1) 2m17.077628475s ago: executing program 33 (id=6523): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) ioperm(0x0, 0x1, 0x1) 4.360263342s ago: executing program 4 (id=8593): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0xb8, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x4, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x24, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6}]}, @CTA_NAT_V6_MINIP={0x14, 0x4, @local}]}]}, 0xb8}}, 0x804) 4.213375504s ago: executing program 4 (id=8595): io_setup(0x8, 0x0) syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc539, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, &(0x7f0000000300)={0x11, 0x0, 0x4, &(0x7f0000000040)={0x5, 0xf, 0x5}}) 2.120579881s ago: executing program 2 (id=8616): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=@newlink={0x40, 0x10, 0x439, 0x70bd2a, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x3, 0x610c3}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_FLAGS={0x6, 0x8, 0x18}, @IFLA_IPTUN_PMTUDISC={0x5}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040) 1.930791146s ago: executing program 2 (id=8620): r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$apparmor_exec(r0, 0x0, 0x564) 1.866471291s ago: executing program 0 (id=8621): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000015c0)={0x30, 0x3b, 0x9, 0x0, 0x800, {0x1}, [@typed={0x4}, @nested={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x10, 0x0, 0x1, [@typed={0x7, 0x8, 0x0, 0x0, @str='fi\x00'}]}]}, @typed={0x8, 0x2, 0x0, 0x0, @pid=0xffffffffffffffff}]}, 0x30}}, 0x0) 1.801721517s ago: executing program 2 (id=8622): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x3, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000080)={0x1, 0x0, {0x1, 0x0, 0x3008, 0x8, 0x2, 0x2, 0x2, 0x6}}) 1.7537298s ago: executing program 0 (id=8623): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000006c0)={r0, 0x18000000000002a0, 0x36, 0x0, &(0x7f0000000940)="b9ff00006003008cb89e08f086dde51e988977ad55000400008d69c2f4d10630fc1116725dd831830a0451610a4b1bbcb266b28fa60c", 0x0, 0x800000, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.700057555s ago: executing program 2 (id=8625): r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000200)={0x5, 0x1, 0x2, "438783186b0030ed39e98706fdc01d224397c35c0fdcd803eaf89e9076a11e2c", 0x41416770}) 1.531279108s ago: executing program 2 (id=8627): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=@newlink={0x44, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b, 0x402}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACSEC_SCB={0x5, 0xb, 0x1}, @IFLA_MACSEC_REPLAY_PROTECT={0x5}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x4048084) 1.334445404s ago: executing program 2 (id=8629): r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000d40)={{0x12, 0x1, 0x201, 0xbf, 0xc0, 0xe8, 0x40, 0x840, 0x82, 0x1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x2, 0x5, 0x80, 0x1, [{{0x9, 0x4, 0x63, 0x1, 0x0, 0x3d, 0x7a, 0x1b, 0x3}}]}}]}}, &(0x7f0000000f80)={0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r0, &(0x7f00000014c0)={0x14, 0x0, &(0x7f0000001440)={0x0, 0x3, 0x3e, @string={0x3e, 0x3, "6af3db2d72e40ca945fd49d0e858bd1cf26cf8455e0e479f26ad41bc1b1adfbda382eb5bfc9e4c9a73303f2628b3fe4653df334168c52edf1ed988dd"}}}, 0x0) 1.188039935s ago: executing program 5 (id=8632): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x8205, &(0x7f0000001340)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x15}}, {@stripe}, {@grpid}, {@errors_remount}, {@data_err_ignore}, {@noblock_validity}, {@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x13}}]}, 0x1, 0x60a, &(0x7f0000001c40)="$eJzs3c9rHNcdAPDvzEqqZKuVXYqpTUsFPdhQrB+uqduebF/qg6GG+lBCDhaW5AivbGHJEDuGyJBDAgmEkGsIvuQfyD2YXHMLgSS3nANOCA45JMEbZnbHXla78lrR/pDn84FZvXkzu+999+lp3uzo7QRQWtPZQxpxOCIuJRFTTdsmo75xurHfw+/uXM6WJGq1/32bRNLIK/Z/1Pi5P3tIIsYj4tOzEb+vbC13/dbtqwvVWt2rEbMbq2uz67duH19ZXbiydGXp2vyJf548Nfev+ZPzuxJnEde58//901uvvfSP5c+qx5M4HRdHX1mMljh2y3RMx6NGiM35IxFxKku0eV/2miKEZMD1YGcqjd/H0Yg4FFNRydfqpmLlzYFWDuipWiWiBpRUov9DSRXjgOLcvhfnwcPswZn6CdDW+Efqn43EeH5utO9h0nRmVD/fPbAL5Wdl/HznyHvZEh0+hxjZhXI62bwbEX9sF3+S1+1A/ilOFn8aadPzsvRcRIw13ot0h+VPt6z3+/fvWeJvbocs3tONn1n+2R2WP+j4ASin+2caB/LNbO3J8S8bGRbjn2gz/plsc+zaiUEf/zqP/4rj/Xj+GXnaMg7LxjwX2r/kaGvGV2+ce6dT+c3jv2zJyi/Ggv3w4G7EkZb4X88Hc8nj9k/atH+2y6Uuy/jP59+c67Rt0PHX7kUcbXv+8+SKVpaa3VhdK/Jark/OLq9Ul+bqj23L+OiTFz/oVP6g48/aPzrEv137Z3lrXZbx4YV7q522TT41/vTrseRinhpr5Ly8sLFxYz5iLDnf2KUp/8T2dSn2KV4ji//YX9v3/23izxt6s8v41/5/9WE9tfUqadftv+WvSu5Rrcs6dJLFv7jD9n+7yzJ+eOHmn1uyJorEdvFPbH2ppNv3HAAAAAAAAMooza/BJunM43SazszU5/D+Ifal1evrG39bvn7z2mLEsfz/IUfT4kr3VH09ydbnG/8PW6yfaFn/e0QcjIh3KxP5+szl69XFQQcPAAAAAAAAAAAAAAAAAAAAQ2J/Y/5/cZ/q7yv1+f9d2TjU49oBPdfLG8wBw03/h/LK+/9O7+AK7GmO/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMBz6eBf7n+ZRMTmvyfyJTPW2DY60JoBvfbsfXy6J/UA+q/S16cBw+TxpX/T/6F0uhr//9j4csDeVwcYgKRdZj44qG3f+e+3fSYAAAAAAAAAAAAA0ANHD5v/D2WVxseDrgIwIL9iIr/vAIA9zlf/Q3k5xweeNot/vNMG8/8BAAAAAAAAAAAAoG8m8yVJZxq3AJ2MNJ2ZifhtRByI0WR5pbo0FxG/i4gvKqO/ydbnB11pAAAAAAAAAAAAAAAAAAAAeM6s37p9daFaXbrRnPhpS87znSjugjos9WlORNL/QiciYhhi701ipCknidjMWn4oKnZjPYaiGmlejQH/YQIAAAAAAAAAAAAAAAAAgBJqmnvc3pH3+1wjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOi/J/f/33kiecrrDDpGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBv+iUAAP//q+Q5KA==") lstat(&(0x7f0000000340)='./file2\x00', 0x0) 822.409485ms ago: executing program 4 (id=8633): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ec0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r0}, 0xc) 760.06442ms ago: executing program 5 (id=8634): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff}) getsockopt$sock_buf(r0, 0x1, 0x11, 0xffffffffffffffff, &(0x7f0000000040)=0x5a) 685.101046ms ago: executing program 0 (id=8635): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x480, 0x0, 0x0) 578.346634ms ago: executing program 4 (id=8636): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000080)={0x0, 0x10001}, 0xc) 459.881413ms ago: executing program 5 (id=8637): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4557d}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x2}, @IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x7255d9b154b0064}]}}}]}, 0x44}}, 0x40800) 447.747564ms ago: executing program 0 (id=8638): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000740)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000400000006a0a00fe00000000850000000a000000b70000000000000095000000000000009cc6b3fcd62c7d376238975d43a4505f80fc88943c4f0cf08e467b592f868ee30a0e8c1bf176db2a6b2feb4b6fd3d5707bfd2d84aaa3b1d4e984c46ea7e2a447a36f5662403e1b2be4cc7c2683908a0d411a9872061ce618117c56f0979bd10b97163c953ab1abda4589e9cbe8d0d26b5069f8a98f7dc8f76b74635fc9f9de9ca3c00cb9bf4e418d07fa22f0610a70f2bdf4000000000000b0c2940dd8e263aa743f7555193161f45346d2014006000000e1ffff8816326d7d35c32aac1c7d5b5be399f6609876b5887437a172751151b633fbc02a74067529194e533583412dff048f0000000000000000b2728a04816cfb851cd364ff19ffcafe3e64be033c9d2f002cc93c1c13ceec04a347383420336bec88c24a9fb6a6991ddb737d527d6acb15426415b6e8b14fdfa2c6e94bd0339454c13ad30000000000170022626165866c156a25148972700000b515a1000000000000000eb2e9c15b6c8f6198282d0000000000c2ccf3f69cfcf1e15ea7a9e57aee78e12a2caebaada42811754e19a7e9b531636794a718b4766d2c7c61c3dba128c7fcd1f97989ccf1d55de496eae46c590c2d0225f9cd07005ac7f76d9d560a08c9fd0caafd9d095cb9db0099014cd0d4df62af52b088b01adeadc4c5225a6cd8486b03f83805dffe90dbf7ad042012b7213a2b03e3b1634ddfc9d6f570c4990fbbc7306871d9a52a157fb1a10fa2868df06faf83a8420e9ce62567043ce7e56d1ebe81"], &(0x7f0000000340)='GPL\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0xffff0000, 0xe, 0x0, &(0x7f0000000580)="2b2043b397737ea4eb59ef3a97aa", 0x0, 0xf000, 0x720e, 0x0, 0x0, 0x0, 0x0}, 0x50) 376.6523ms ago: executing program 4 (id=8639): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x5, 0x0) ioctl$VIDIOC_SUBDEV_S_CROP(r0, 0xc040564a, &(0x7f00000000c0)={0x0, 0x0, {0x1011, 0x5, 0xd6, 0xfffffffc}}) 226.276242ms ago: executing program 5 (id=8640): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000100)={0x0, 0x55, &(0x7f00000000c0)={&(0x7f00000006c0)={0x30, 0x1, 0x1, 0x201, 0x0, 0x0, {0xa, 0x0, 0x93}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x808}]}, @CTA_TUPLE_REPLY={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0x4, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x40040) 203.443434ms ago: executing program 4 (id=8641): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x64, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x90}, @IPSET_ATTR_TIMEOUT={0x8}]}]}, 0x64}}, 0x0) 199.306154ms ago: executing program 0 (id=8642): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x42, 0xa01, 0x1, 0x0, {0x2}}, 0x14}}, 0x0) 90.347383ms ago: executing program 5 (id=8643): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)={0xcc, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa, 0x0, 0x5}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x38, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e22}]}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @mcast2}]}]}, 0xcc}}, 0x0) 65.181735ms ago: executing program 0 (id=8644): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'bond_slave_1\x00', &(0x7f0000000040)=@ethtool_sset_info={0x37, 0x1, 0x1ff}}) 0s ago: executing program 5 (id=8645): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=@setneightbl={0x1c, 0x43, 0x1, 0x70bd27, 0x25dfdbfe, {0x1c}, [@NDTA_NAME={0x8, 0x1, 'wg1\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x10004) kernel console output (not intermixed with test programs): nk: 28 bytes leftover after parsing attributes in process `syz.4.6574'. [ 778.363166][T25819] netlink: 56 bytes leftover after parsing attributes in process `syz.4.6574'. [ 778.445758][T25498] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 778.455446][T25498] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 778.515719][T25498] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 778.535683][T25498] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 778.544610][T25498] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 778.574132][T25498] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 778.629918][T16021] Bluetooth: hci4: command tx timeout [ 778.816477][T25498] hsr_slave_0: entered promiscuous mode [ 778.864206][T25498] hsr_slave_1: entered promiscuous mode [ 778.901288][T25498] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 778.914725][T25498] Cannot create hsr debugfs directory [ 779.471571][ T28] audit: type=1326 audit(2000002792.083:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25976 comm="syz.2.6587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 779.589637][ T28] audit: type=1326 audit(2000002792.083:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25976 comm="syz.2.6587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 779.671048][ T28] audit: type=1326 audit(2000002792.111:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25976 comm="syz.2.6587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 779.710877][T25990] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6590'. [ 779.747534][T25498] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 779.767134][ T28] audit: type=1326 audit(2000002792.111:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25976 comm="syz.2.6587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 779.827105][T25498] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 779.851625][ T28] audit: type=1326 audit(2000002792.111:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25976 comm="syz.2.6587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 779.898440][T25498] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 779.930091][T25498] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 779.983963][T26011] netlink: 'syz.0.6594': attribute type 1 has an invalid length. [ 780.133705][T26017] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6595'. [ 780.179989][T25498] 8021q: adding VLAN 0 to HW filter on device bond0 [ 780.207229][T25498] 8021q: adding VLAN 0 to HW filter on device team0 [ 780.268979][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 780.276804][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 780.316856][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 780.324958][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 780.665391][T25998] loop4: detected capacity change from 0 to 32768 [ 780.692251][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 780.700178][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 780.708571][T25998] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.6591 (25998) [ 780.769671][T25998] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 780.815311][T25998] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 780.832648][T25498] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 780.844729][T25998] BTRFS info (device loop4): using free space tree [ 780.857949][T16021] Bluetooth: hci4: command tx timeout [ 781.018587][T25998] BTRFS info (device loop4): enabling ssd optimizations [ 781.061673][T25998] BTRFS info (device loop4): auto enabling async discard [ 781.321417][T22871] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 781.457483][ T28] audit: type=1326 audit(2000002793.935:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26086 comm="syz.0.6608" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1cb798ebe9 code=0x0 [ 781.581971][T26094] wg1 speed is unknown, defaulting to 1000 [ 781.702524][ T5854] usb 3-1: new high-speed USB device number 121 using dummy_hcd [ 781.733173][T25498] veth0_vlan: entered promiscuous mode [ 781.769493][T25498] veth1_vlan: entered promiscuous mode [ 781.902751][T25498] veth0_macvtap: entered promiscuous mode [ 781.925480][T25498] veth1_macvtap: entered promiscuous mode [ 781.946664][ T5854] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 781.963255][T25498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 781.974521][T25498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 781.986635][ T5854] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 781.986666][ T5854] usb 3-1: Product: syz [ 781.997604][T25498] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 782.010927][ T5854] usb 3-1: Manufacturer: syz [ 782.016781][ T5854] usb 3-1: SerialNumber: syz [ 782.028693][T25498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 782.042332][T25498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 782.062468][ T5854] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 782.090504][ T5839] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 782.102933][T25498] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 782.156387][T25498] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 782.170620][T25498] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 782.180147][T25498] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 782.189974][T25498] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 782.358869][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 782.405245][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 782.440047][ T5874] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 782.493023][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 782.511810][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 782.676061][ T786] usb 3-1: USB disconnect, device number 121 [ 782.694813][ T5874] usb 5-1: New USB device found, idVendor=249c, idProduct=9002, bcdDevice=5e.ad [ 782.724907][ T5874] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 782.742374][T26147] bridge_slave_0: left allmulticast mode [ 782.748812][T26147] bridge_slave_0: left promiscuous mode [ 782.765926][ T5874] usb 5-1: config 0 descriptor?? [ 782.781707][T26148] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6616'. [ 782.792228][T26147] bridge0: port 1(bridge_slave_0) entered disabled state [ 782.811292][T26147] bridge_slave_1: left allmulticast mode [ 782.820751][T26147] bridge_slave_1: left promiscuous mode [ 782.828979][T26147] bridge0: port 2(bridge_slave_1) entered disabled state [ 782.856377][T26147] bond0: (slave bond_slave_0): Releasing backup interface [ 782.890777][T26147] bond0: (slave bond_slave_1): Releasing backup interface [ 783.014089][T26147] team0: Port device team_slave_0 removed [ 783.052255][T26147] team0: Port device team_slave_1 removed [ 783.057714][ T5874] snd-usb-hiface: probe of 5-1:0.0 failed with error -22 [ 783.072471][T16021] Bluetooth: hci4: command tx timeout [ 783.092368][T26147] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 783.108112][T26147] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 783.119599][T26147] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 783.129066][T26147] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 783.299553][ T5874] usb 5-1: USB disconnect, device number 5 [ 783.486481][T26189] xt_ecn: cannot match TCP bits for non-tcp packets [ 783.499329][ T5839] usb 3-1: Service connection timeout for: 256 [ 783.505722][ T5839] ath9k_htc 3-1:1.0: ath9k_htc: Unable to initialize HTC services [ 783.531676][ T5839] ath9k_htc: Failed to initialize the device [ 783.569556][ T786] usb 3-1: ath9k_htc: USB layer deinitialized [ 783.755556][T26106] usb 1-1: new high-speed USB device number 111 using dummy_hcd [ 783.969522][T26106] usb 1-1: Using ep0 maxpacket: 32 [ 784.005908][T26106] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 784.047939][T26106] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 784.063728][T26106] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 784.073883][T26106] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 784.096475][T26106] usb 1-1: config 0 descriptor?? [ 784.106810][T26106] hub 1-1:0.0: USB hub found [ 784.340775][T26106] hub 1-1:0.0: 1 port detected [ 784.563706][T26106] hub 1-1:0.0: hub_hub_status failed (err = -71) [ 784.589511][T26106] hub 1-1:0.0: config failed, can't get hub status (err -71) [ 784.598737][T26257] loop4: detected capacity change from 0 to 64 [ 784.614928][T26106] usbhid 1-1:0.0: can't add hid device: -71 [ 784.632049][T26106] usbhid: probe of 1-1:0.0 failed with error -71 [ 784.697541][T26106] usb 1-1: USB disconnect, device number 111 [ 784.994766][T26285] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 785.266223][T26106] kernel write not supported for file /275/net/ip6_tables_matches (pid: 26106 comm: kworker/1:0) [ 785.295150][T16021] Bluetooth: hci4: command tx timeout [ 785.332823][T26302] netlink: 48 bytes leftover after parsing attributes in process `syz.5.6656'. [ 785.660319][T26308] loop2: detected capacity change from 0 to 8192 [ 785.698769][T26308] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 785.784374][T26308] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 785.872661][T26308] REISERFS (device loop2): using ordered data mode [ 785.883156][T26308] reiserfs: using flush barriers [ 785.919587][T26308] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 785.969144][T26308] REISERFS (device loop2): checking transaction log (loop2) [ 786.004058][T26308] REISERFS (device loop2): Using r5 hash to sort names [ 786.022200][T26308] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 786.174444][T26344] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 786.216050][T26344] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 786.913063][T26394] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6685'. [ 787.186486][T26410] loop2: detected capacity change from 0 to 512 [ 787.277814][T26410] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 787.293005][T26410] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 787.320653][T26410] EXT4-fs (loop2): 1 truncate cleaned up [ 787.332603][T26410] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 787.359887][T26410] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 787.839612][ T5872] usb 6-1: new low-speed USB device number 2 using dummy_hcd [ 788.089354][ T5872] usb 6-1: config index 0 descriptor too short (expected 1307, got 27) [ 788.123002][ T5872] usb 6-1: config 0 has an invalid interface number: 0 but max is -1 [ 788.137222][ T5872] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 788.161432][ T5872] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 788.187266][ T5872] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 788.210435][T26481] IPVS: set_ctl: invalid protocol: 58 255.255.255.255:20003 [ 788.218642][ T5872] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 788.236283][ T5872] usb 6-1: string descriptor 0 read error: -22 [ 788.244144][ T5872] usb 6-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 788.254348][ T5872] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 788.265696][ T5872] usb 6-1: config 0 descriptor?? [ 788.273348][T26435] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 788.298305][ T5872] hub 6-1:0.0: bad descriptor, ignoring hub [ 788.313397][ T5872] hub: probe of 6-1:0.0 failed with error -5 [ 788.321363][T26482] batadv0: entered promiscuous mode [ 788.335751][ T5872] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input35 [ 788.343277][T26482] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 788.477767][T26476] loop4: detected capacity change from 0 to 8192 [ 788.533143][T26476] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 788.628992][T26501] Lens B: ================= START STATUS ================= [ 788.640415][T26501] Lens B: Focus, Absolute: 0 [ 788.648204][T26501] Lens B: ================== END STATUS ================== [ 788.690257][T26476] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 788.746792][T26476] REISERFS (device loop4): using ordered data mode [ 788.773467][T26476] reiserfs: using flush barriers [ 788.811251][T26476] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 788.836873][ C1] usb_acecad 6-1:0.0: can't resubmit intr, dummy_hcd.5-1/input0, status -1 [ 788.863304][ T5872] usb 6-1: USB disconnect, device number 2 [ 788.879874][T26476] REISERFS (device loop4): checking transaction log (loop4) [ 788.946990][T26476] REISERFS (device loop4): Using r5 hash to sort names [ 788.973357][T26476] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 789.793101][ T28] audit: type=1400 audit(2000002801.735:142): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=26565 comm="syz.2.6733" [ 790.231988][T26593] cifs: Unknown parameter 'IT&:"1:ӭ'4,Zz-#F<]%gC [ 790.231988][T26593] SȘȞZ6' [ 790.585007][T26612] loop4: detected capacity change from 0 to 256 [ 790.636828][T26612] exfat: Deprecated parameter 'utf8' [ 790.675755][T26612] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 791.288675][T26635] loop5: detected capacity change from 0 to 4096 [ 791.371308][T26645] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6757'. [ 791.419378][T26635] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 791.440464][T26650] No such timeout policy "syz1" [ 791.688245][T26635] ntfs3: loop5: Failed to initialize $Extend/$Reparse. [ 792.185928][T26680] usb usb8: usbfs: process 26680 (syz.2.6769) did not claim interface 0 before use [ 792.506199][T26692] netlink: 'syz.2.6771': attribute type 9 has an invalid length. [ 792.751802][T26701] xt_TCPMSS: Only works on TCP SYN packets [ 793.093873][T26719] netlink: 72 bytes leftover after parsing attributes in process `syz.4.6781'. [ 793.121811][T26719] netlink: 72 bytes leftover after parsing attributes in process `syz.4.6781'. [ 793.354863][T26736] loop4: detected capacity change from 0 to 512 [ 793.475429][T26736] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -13 [ 793.527672][T26736] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #13: comm syz.4.6784: iget: bad i_size value: 12154757448730 [ 793.642879][T26736] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.6784: couldn't read orphan inode 13 (err -117) [ 793.669444][T26736] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 793.806659][T26736] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 793.901479][T22871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 794.221148][T26801] netlink: 132 bytes leftover after parsing attributes in process `syz.2.6798'. [ 794.357032][ T5872] usb 5-1: new low-speed USB device number 6 using dummy_hcd [ 794.448598][ T28] audit: type=1326 audit(2000002806.093:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26815 comm="syz.0.6802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 794.487371][ T28] audit: type=1326 audit(2000002806.093:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26815 comm="syz.0.6802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 794.544823][ T28] audit: type=1326 audit(2000002806.112:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26815 comm="syz.0.6802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 794.584140][ T5872] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 794.598374][ T28] audit: type=1326 audit(2000002806.112:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26815 comm="syz.0.6802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 794.609201][ T5872] usb 5-1: config 0 has no interface number 0 [ 794.633961][ T5872] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 794.646709][ T5872] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 794.663930][ T5872] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 794.674710][ T5872] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 794.676198][ T28] audit: type=1326 audit(2000002806.112:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26815 comm="syz.0.6802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 794.697294][ T5872] usb 5-1: config 0 descriptor?? [ 794.719000][ T786] usb 3-1: new high-speed USB device number 122 using dummy_hcd [ 794.758499][T26789] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 794.792224][ T5872] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 794.846446][T26830] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6805'. [ 794.928739][ T786] usb 3-1: Using ep0 maxpacket: 32 [ 794.936126][ T786] usb 3-1: config 4 has an invalid interface number: 128 but max is 0 [ 794.945460][ T786] usb 3-1: config 4 has no interface number 0 [ 794.967231][ T786] usb 3-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 795.035592][ T786] usb 3-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 795.055504][ T786] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 795.065999][ T786] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 795.098685][ T786] hub 3-1:4.128: USB hub found [ 795.193385][ C1] iowarrior 5-1:0.1: iowarrior_callback - usb_submit_urb failed with result -1 [ 795.209199][T26106] usb 5-1: USB disconnect, device number 6 [ 795.314307][ T786] hub 3-1:4.128: 2 ports detected [ 795.329744][ T786] hub 3-1:4.128: Using single TT (err -22) [ 795.530112][ T786] hub 3-1:4.128: hub_hub_status failed (err = -71) [ 795.548060][ T786] hub 3-1:4.128: config failed, can't get hub status (err -71) [ 795.604105][ T786] usb 3-1: USB disconnect, device number 122 [ 795.906178][T26876] loop4: detected capacity change from 0 to 256 [ 796.421100][T26904] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6821'. [ 796.596083][T26913] loop2: detected capacity change from 0 to 1024 [ 796.701040][T26913] hfsplus: inconsistency in B*Tree (128,1,255,1,0) [ 796.726654][T26913] syz.2.6824: attempt to access beyond end of device [ 796.726654][T26913] loop2: rw=0, sector=917504, nr_sectors = 2 limit=1024 [ 796.790111][T26913] Buffer I/O error on dev loop2, logical block 458752, async page read [ 796.821597][T26913] syz.2.6824: attempt to access beyond end of device [ 796.821597][T26913] loop2: rw=0, sector=917504, nr_sectors = 2 limit=1024 [ 796.844376][T26913] Buffer I/O error on dev loop2, logical block 458752, async page read [ 797.149947][T26884] loop5: detected capacity change from 0 to 32768 [ 797.162137][T26884] XFS: ikeep mount option is deprecated. [ 797.238645][T26884] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 797.503895][T26884] XFS (loop5): Ending clean mount [ 797.529758][T26884] XFS (loop5): Quotacheck needed: Please wait. [ 797.644460][T26961] netlink: 'syz.4.6835': attribute type 13 has an invalid length. [ 797.669405][T26884] XFS (loop5): Quotacheck: Done. [ 797.971818][T26961] gretap0: refused to change device tx_queue_len [ 797.981775][T25498] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 797.988455][T26961] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 798.609747][T26988] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6842'. [ 798.752497][T26967] loop2: detected capacity change from 0 to 32768 [ 798.771795][T26967] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.6838 (26967) [ 798.821160][ T5874] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 798.844848][T26967] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 798.869810][T26967] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 798.892442][T26967] BTRFS info (device loop2): enabling auto defrag [ 798.919964][T26992] loop4: detected capacity change from 0 to 4096 [ 798.925281][T26967] BTRFS info (device loop2): doing ref verification [ 798.936748][T26992] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 798.949221][T26967] BTRFS info (device loop2): max_inline at 0 [ 798.968822][T26967] BTRFS info (device loop2): force clearing of disk cache [ 799.003105][T26967] BTRFS info (device loop2): turning on sync discard [ 799.023990][T26967] BTRFS info (device loop2): disabling free space tree [ 799.031471][T26992] ntfs3: loop4: Failed to load $Extend (-22). [ 799.073538][T26992] ntfs3: loop4: Failed to initialize $Extend. [ 799.078588][ T5874] usb 6-1: Using ep0 maxpacket: 16 [ 799.105814][ T5874] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 799.150081][ T5874] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 799.170894][ T5874] usb 6-1: Product: syz [ 799.177780][ T5874] usb 6-1: Manufacturer: syz [ 799.177813][T26967] BTRFS info (device loop2): enabling ssd optimizations [ 799.183937][ T5874] usb 6-1: SerialNumber: syz [ 799.247798][ T5874] r8152-cfgselector 6-1: config 0 descriptor?? [ 799.257563][T26967] BTRFS info (device loop2): rebuilding free space tree [ 799.400690][T26967] BTRFS info (device loop2): disabling free space tree [ 799.452559][T26967] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 799.499964][T26967] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 799.507901][ T5874] r8152-cfgselector 6-1: Unknown version 0x0000 [ 799.538311][ T5874] r8152-cfgselector 6-1: bad CDC descriptors [ 799.558674][ T5874] r8152-cfgselector 6-1: Unknown version 0x0000 [ 799.590658][ T5874] r8152-cfgselector 6-1: USB disconnect, device number 3 [ 799.880818][ T5790] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 799.979259][ T5855] usb 5-1: new low-speed USB device number 7 using dummy_hcd [ 800.192059][ T5855] usb 5-1: config index 0 descriptor too short (expected 1307, got 27) [ 800.205250][ T5855] usb 5-1: config 0 has an invalid interface number: 0 but max is -1 [ 800.229125][ T5855] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 800.271533][ T5855] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 800.294389][ T5855] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 800.317580][ T5855] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 800.367071][ T5855] usb 5-1: string descriptor 0 read error: -22 [ 800.376685][ T5855] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 800.411481][ T5855] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 800.441456][ T5855] usb 5-1: config 0 descriptor?? [ 800.470921][T27028] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 800.502584][ T5855] hub 5-1:0.0: bad descriptor, ignoring hub [ 800.509049][ T5855] hub: probe of 5-1:0.0 failed with error -5 [ 800.577261][ T5855] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input36 [ 801.024319][T26106] usb 5-1: USB disconnect, device number 7 [ 801.417816][T27120] netlink: 72 bytes leftover after parsing attributes in process `syz.5.6868'. [ 801.786603][T27143] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6876'. [ 801.995775][T27151] bridge1: the hash_elasticity option has been deprecated and is always 16 [ 802.014067][T27151] bridge1: entered promiscuous mode [ 802.020137][T27151] bridge1: entered allmulticast mode [ 802.352911][T27179] overlayfs: unescaped trailing colons in lowerdir mount option. [ 802.452973][ T28] audit: type=1326 audit(2000002813.575:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27186 comm="syz.4.6889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 802.497911][ T28] audit: type=1326 audit(2000002813.575:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27186 comm="syz.4.6889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 802.525543][ T28] audit: type=1326 audit(2000002813.575:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27186 comm="syz.4.6889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 802.594815][ T28] audit: type=1326 audit(2000002813.575:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27186 comm="syz.4.6889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 802.625065][T27194] xt_hashlimit: size too large, truncated to 1048576 [ 802.635648][T27194] xt_hashlimit: overflow, try lower: 3/0 [ 802.656961][ T28] audit: type=1326 audit(2000002813.575:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27186 comm="syz.4.6889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 802.827938][T27204] loop2: detected capacity change from 0 to 1024 [ 803.000002][T27217] ipt_REJECT: TCP_RESET invalid for non-tcp [ 803.008039][ T42] hfsplus: b-tree write err: -5, ino 4 [ 803.777224][ T5839] usb 3-1: new high-speed USB device number 123 using dummy_hcd [ 803.846771][T23802] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 803.992948][ T5839] usb 3-1: Using ep0 maxpacket: 16 [ 804.000819][T27286] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6919'. [ 804.019172][ T5839] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 804.029399][ T5839] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 804.039541][T23802] usb 6-1: Using ep0 maxpacket: 16 [ 804.042092][ T5839] usb 3-1: Product: syz [ 804.050989][ T5839] usb 3-1: Manufacturer: syz [ 804.056305][ T5839] usb 3-1: SerialNumber: syz [ 804.059344][T23802] usb 6-1: config 4 has an invalid interface number: 51 but max is 0 [ 804.072813][T23802] usb 6-1: config 4 has no interface number 0 [ 804.074382][ T5839] usb 3-1: config 0 descriptor?? [ 804.096433][ T5839] visor 3-1:0.0: Sony Clie 3.5 converter detected [ 804.102900][T23802] usb 6-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16 [ 804.126495][T23802] usb 6-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 804.138190][T23802] usb 6-1: config 4 interface 51 has no altsetting 0 [ 804.148183][T23802] usb 6-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76 [ 804.167180][T23802] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 804.186201][T23802] usb 6-1: Product: syz [ 804.199306][T23802] usb 6-1: Manufacturer: syz [ 804.204925][T23802] usb 6-1: SerialNumber: syz [ 804.235769][T27256] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 804.255436][T27295] loop4: detected capacity change from 0 to 512 [ 804.258174][T27256] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 804.303868][T27295] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 804.327224][ T5839] usb 3-1: clie_3_5_startup: get config number bad return length: 0 [ 804.330822][T27295] ext4 filesystem being mounted at /202/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 804.336737][ T5839] visor: probe of 3-1:0.0 failed with error -5 [ 804.455381][T22871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 804.536857][T27256] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 804.547539][T27256] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 804.579286][T23802] cdc_eem 6-1:4.51 usb0: register 'cdc_eem' at usb-dummy_hcd.5-1, CDC EEM Device, 96:08:c2:bb:6f:e3 [ 804.653904][ T786] usb 3-1: USB disconnect, device number 123 [ 804.668878][T27306] loop4: detected capacity change from 0 to 4096 [ 804.719095][T27321] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 804.810705][T27306] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 804.851461][T27306] Remounting filesystem read-only [ 804.934727][ T5855] usb 6-1: USB disconnect, device number 4 [ 804.970984][ T5855] cdc_eem 6-1:4.51 usb0: unregister 'cdc_eem' usb-dummy_hcd.5-1, CDC EEM Device [ 805.760308][T27378] netlink: 'syz.4.6933': attribute type 1 has an invalid length. [ 805.967943][T27386] netlink: 96 bytes leftover after parsing attributes in process `syz.0.6935'. [ 806.208021][T27399] loop4: detected capacity change from 0 to 512 [ 806.332959][T27399] EXT4-fs (loop4): 1 truncate cleaned up [ 806.346613][T27399] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 806.439953][T27399] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 806.764397][T27434] overlayfs: disabling nfs_export due to verity=on [ 806.817147][T27434] overlayfs: conflicting options: userxattr,redirect_dir=on [ 806.827619][T27439] netlink: 40 bytes leftover after parsing attributes in process `syz.2.6948'. [ 807.050031][T27451] loop4: detected capacity change from 0 to 164 [ 807.104282][T27451] Unable to read rock-ridge attributes [ 807.428342][T27477] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6957'. [ 807.450574][T27477] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6957'. [ 807.461258][T27477] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 807.780308][T27499] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6964'. [ 807.977980][T27501] netlink: 1 bytes leftover after parsing attributes in process `syz.4.6965'. [ 808.913713][ T28] audit: type=1326 audit(2000002819.607:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27572 comm="syz.2.6987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 809.010796][ T28] audit: type=1326 audit(2000002819.607:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27572 comm="syz.2.6987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 809.078672][T27582] loop2: detected capacity change from 0 to 512 [ 809.085609][ T28] audit: type=1326 audit(2000002819.607:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27572 comm="syz.2.6987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 809.154940][T27582] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 809.170058][ T28] audit: type=1326 audit(2000002819.607:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27572 comm="syz.2.6987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 809.214790][T27582] ext4 filesystem being mounted at /1758/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 809.283080][ T28] audit: type=1326 audit(2000002819.607:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27572 comm="syz.2.6987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 809.462664][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 809.864005][T27619] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6998'. [ 809.866440][T23802] usb 6-1: new low-speed USB device number 5 using dummy_hcd [ 810.092444][T23802] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 810.100657][T23802] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 810.134577][T23802] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 810.166981][T23802] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 810.181159][T23802] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 810.206561][T23802] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 810.215156][T23802] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 810.248523][T23802] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 810.277056][T23802] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 810.318825][T23802] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 810.356367][T23802] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 810.379793][T23802] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 810.411519][T23802] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 810.428891][T23802] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 810.459389][T23802] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 810.473719][T27647] xt_CT: You must specify a L4 protocol and not use inversions on it [ 810.496048][T23802] usb 6-1: string descriptor 0 read error: -22 [ 810.505758][T23802] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 810.537175][T23802] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 810.567686][T23802] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 810.689129][T27662] AppArmor: change_hat: Invalid input '0' [ 810.898622][T23802] usb 6-1: USB disconnect, device number 5 [ 810.947735][T27671] Unsupported ieee802154 address type: 0 [ 811.077988][T27687] binfmt_misc: register: failed to install interpreter file ./bus [ 811.255818][T27696] netlink: 388 bytes leftover after parsing attributes in process `syz.0.7019'. [ 812.066114][T27702] loop2: detected capacity change from 0 to 32768 [ 812.090375][T27702] XFS: attr2 mount option is deprecated. [ 812.123956][T27702] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 812.226646][T27702] XFS (loop2): Ending clean mount [ 812.253042][T27702] XFS (loop2): Quotacheck needed: Please wait. [ 812.467645][T27702] XFS (loop2): Quotacheck: Done. [ 812.586363][ T5790] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 813.101077][T27781] loop2: detected capacity change from 0 to 512 [ 813.112544][T27781] EXT4-fs: Ignoring removed nomblk_io_submit option [ 813.205121][T27781] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 813.238739][T27781] ext4 filesystem being mounted at /1772/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 813.340489][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 813.523384][ C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 813.531427][T27804] netlink: 'syz.4.7049': attribute type 3 has an invalid length. [ 813.597916][T27804] netlink: 'syz.4.7049': attribute type 1 has an invalid length. [ 813.606321][T27804] netlink: 216 bytes leftover after parsing attributes in process `syz.4.7049'. [ 813.648766][T27804] NCSI netlink: No device for ifindex 33022 [ 813.938785][T27833] xt_TCPMSS: Only works on TCP SYN packets [ 814.032653][T27838] proc: Unknown parameter 'tmpfs' [ 814.080168][T27841] netlink: 288 bytes leftover after parsing attributes in process `syz.4.7060'. [ 815.385940][T27863] loop4: detected capacity change from 0 to 32768 [ 815.391170][T27863] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.7067 (27863) [ 815.397653][T27863] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 815.397770][T27863] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 815.397849][T27863] BTRFS info (device loop4): enabling auto defrag [ 815.397872][T27863] BTRFS info (device loop4): doing ref verification [ 815.397931][T27863] BTRFS info (device loop4): max_inline at 0 [ 815.397947][T27863] BTRFS info (device loop4): force clearing of disk cache [ 815.397964][T27863] BTRFS info (device loop4): turning on sync discard [ 815.397986][T27863] BTRFS info (device loop4): disabling free space tree [ 815.509899][T27863] BTRFS info (device loop4): enabling ssd optimizations [ 815.514626][T27863] BTRFS info (device loop4): rebuilding free space tree [ 815.532676][T27863] BTRFS info (device loop4): disabling free space tree [ 815.532766][T27863] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 815.532849][T27863] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 815.914099][T22871] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 816.470890][T27978] netlink: 20 bytes leftover after parsing attributes in process `syz.5.7097'. [ 816.795148][T27993] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7102'. [ 817.031788][T28004] tmpfs: Bad value for 'mpol' [ 817.552355][T28029] loop5: detected capacity change from 0 to 4096 [ 817.602862][T28029] ntfs3: loop5: Different NTFS sector size (2048) and media sector size (512). [ 817.790110][T28029] ntfs3: loop5: Failed to initialize $Extend/$ObjId. [ 817.900851][T28029] ntfs3: Couldn't remount rw because journal is not replayed. Please umount/remount instead [ 817.900851][T28029] [ 818.143846][T28070] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 818.172946][T28070] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 818.205060][T28072] netlink: 22 bytes leftover after parsing attributes in process `syz.4.7128'. [ 818.662116][T28090] loop4: detected capacity change from 0 to 4096 [ 818.689139][T28090] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 818.773206][T28090] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 818.918412][T28090] ntfs3: Couldn't remount rw because journal is not replayed. Please umount/remount instead [ 818.918412][T28090] [ 819.392368][T28097] loop2: detected capacity change from 0 to 32768 [ 819.404447][T28129] trusted_key: encrypted_key: master key parameter 'trusted:' is invalid [ 819.470089][T28097] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 819.536878][T28138] loop5: detected capacity change from 0 to 64 [ 819.707509][ T5790] ocfs2: Unmounting device (7,2) on (node local) [ 820.217811][T28177] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 820.221476][T28169] loop2: detected capacity change from 0 to 4096 [ 820.225732][T28177] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 820.260338][T28177] vhci_hcd vhci_hcd.0: Device attached [ 820.271861][T28169] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 820.302827][T28184] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(6) [ 820.310413][T28184] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 820.374396][T28184] vhci_hcd vhci_hcd.0: Device attached [ 820.412668][T28185] vhci_hcd: connection closed [ 820.418289][T28179] vhci_hcd: connection closed [ 820.428077][T28169] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 820.452680][ T42] vhci_hcd: stop threads [ 820.459359][ T42] vhci_hcd: release socket [ 820.474755][T26106] vhci_hcd: vhci_device speed not set [ 820.500241][ T42] vhci_hcd: disconnect device [ 820.516440][ T42] vhci_hcd: stop threads [ 820.529679][ T42] vhci_hcd: release socket [ 820.550508][ T42] vhci_hcd: disconnect device [ 820.569321][T26106] usb 43-1: new full-speed USB device number 2 using vhci_hcd [ 820.573114][T28169] ntfs3: Couldn't remount rw because journal is not replayed. Please umount/remount instead [ 820.573114][T28169] [ 820.590886][T26106] usb 43-1: enqueue for inactive port 0 [ 820.692484][T26106] vhci_hcd: vhci_device speed not set [ 820.703856][T28197] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7163'. [ 821.404561][T28233] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7175'. [ 821.446295][T28233] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7175'. [ 822.500275][T28305] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 822.612212][ T28] audit: type=1800 audit(2000002832.420:158): pid=28289 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.4.7193" name="/newroot/273/file0" dev="tmpfs" ino=1406 res=0 errno=0 [ 823.050510][ T5839] usb 3-1: new high-speed USB device number 124 using dummy_hcd [ 823.097593][T28340] libceph: resolve '0.0' (ret=-3): failed [ 823.181212][T28350] netlink: 'syz.0.7210': attribute type 5 has an invalid length. [ 823.247669][T28350] : entered promiscuous mode [ 823.277136][ T5839] usb 3-1: Using ep0 maxpacket: 16 [ 823.287802][ T5839] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 112, changing to 10 [ 823.335459][ T5839] usb 3-1: New USB device found, idVendor=05ac, idProduct=0224, bcdDevice= 0.00 [ 823.360441][ T5839] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 823.371181][ T5855] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 823.385897][ T5839] usb 3-1: config 0 descriptor?? [ 823.585464][ T5855] usb 5-1: config 8 has an invalid interface number: 223 but max is 0 [ 823.594966][ T5855] usb 5-1: config 8 contains an unexpected descriptor of type 0x1, skipping [ 823.617653][ T5855] usb 5-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config [ 823.619617][ T5839] usb 3-1: string descriptor 0 read error: -71 [ 823.643724][ T5855] usb 5-1: config 8 has no interface number 0 [ 823.662405][ T5855] usb 5-1: config 8 interface 223 altsetting 0 endpoint 0x7 has invalid maxpacket 15872, setting to 64 [ 823.666987][ T5839] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input37 [ 823.704869][ T5855] usb 5-1: config 8 interface 223 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 823.710046][ T5144] bcm5974 3-1:0.0: could not read from device [ 823.734025][ T5855] usb 5-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d [ 823.754394][ T5855] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 823.765858][ T5855] usb 5-1: Product: syz [ 823.773561][ T5144] bcm5974 3-1:0.0: could not read from device [ 823.779431][ T5855] usb 5-1: Manufacturer: syz [ 823.780740][ T5839] usb 3-1: USB disconnect, device number 124 [ 823.798915][ T5855] usb 5-1: SerialNumber: syz [ 823.813763][T27320] bcm5974 3-1:0.0: could not read from device [ 824.048638][ T5855] usb 5-1: USB disconnect, device number 8 [ 825.081744][T28430] bond0: entered promiscuous mode [ 825.087469][T28430] bond0: entered allmulticast mode [ 825.293813][T28442] netlink: 'syz.5.7229': attribute type 3 has an invalid length. [ 825.890324][T28482] misc userio: Invalid payload size [ 826.124129][T28500] netlink: 'syz.2.7248': attribute type 1 has an invalid length. [ 826.172178][T28500] netlink: 224 bytes leftover after parsing attributes in process `syz.2.7248'. [ 826.660807][T28531] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7259'. [ 826.688688][T28531] netlink: 60 bytes leftover after parsing attributes in process `syz.4.7259'. [ 827.584745][T28592] kernel read not supported for file /!selinuxwk1m9ɞ*T#jYmVvm(p-QZ#{ (pid: 28592 comm: syz.4.7280) [ 827.893786][ T5872] usb 3-1: new high-speed USB device number 125 using dummy_hcd [ 828.087584][ T5872] usb 3-1: Using ep0 maxpacket: 16 [ 828.133512][ T5872] usb 3-1: unable to get BOS descriptor or descriptor too short [ 828.180327][ T5872] usb 3-1: config 1 interface 0 has no altsetting 0 [ 828.209183][ T5872] usb 3-1: New USB device found, idVendor=25b5, idProduct=0002, bcdDevice= 0.40 [ 828.225442][ T5872] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 828.234744][ T5872] usb 3-1: Product: syz [ 828.256451][ T5872] usb 3-1: Manufacturer: syz [ 828.268074][ T5872] usb 3-1: SerialNumber: syz [ 828.452662][T28649] Cannot find del_set index 2 as target [ 828.746906][ T5872] usbhid 3-1:1.0: can't add hid device: -71 [ 828.754871][T28662] loop4: detected capacity change from 0 to 2048 [ 828.772499][ T5872] usbhid: probe of 3-1:1.0 failed with error -71 [ 828.776400][T28662] EXT4-fs: Ignoring removed mblk_io_submit option [ 828.804528][ T5872] usb 3-1: USB disconnect, device number 125 [ 828.884191][T28662] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 828.991935][T28662] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.7301: bg 0: block 234: padding at end of block bitmap is not set [ 829.028422][T28662] EXT4-fs (loop4): Remounting filesystem read-only [ 829.044671][T28662] EXT4-fs warning (device loop4): ext4_xattr_inode_lookup_create:1614: inode #18: comm syz.4.7301: cleanup dec ref error -28 [ 829.093231][T28683] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 829.101035][T28683] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 829.126562][T28683] vhci_hcd vhci_hcd.0: Device attached [ 829.164398][T22871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 829.175704][T28683] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(5) [ 829.183266][T28683] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 829.218523][T28683] vhci_hcd vhci_hcd.0: Device attached [ 829.258520][T28684] vhci_hcd: connection closed [ 829.258599][T28687] vhci_hcd: connection closed [ 829.267291][ T58] vhci_hcd: stop threads [ 829.294383][ T58] vhci_hcd: release socket [ 829.314300][ T58] vhci_hcd: disconnect device [ 829.333097][ T58] vhci_hcd: stop threads [ 829.346514][ T58] vhci_hcd: release socket [ 829.348174][T23802] vhci_hcd: vhci_device speed not set [ 829.364808][ T58] vhci_hcd: disconnect device [ 829.370513][T28695] loop4: detected capacity change from 0 to 1024 [ 829.416052][T28700] netlink: 'syz.5.7307': attribute type 5 has an invalid length. [ 829.481468][ T42] hfsplus: b-tree write err: -5, ino 4 [ 829.846143][T28726] (unnamed net_device) (uninitialized): peer notification delay (9) is not a multiple of miimon (5), value rounded to 5 ms [ 829.887349][T28726] (unnamed net_device) (uninitialized): option use_carrier: invalid value (6) [ 830.511470][T28767] netlink: 'syz.0.7329': attribute type 3 has an invalid length. [ 830.754011][T28778] QAT: failed to copy from user cfg_data. [ 831.140052][T28806] : renamed from bond_slave_0 [ 831.360892][T28820] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7346'. [ 831.385410][T28820] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 831.564447][T28839] loop4: detected capacity change from 0 to 64 [ 831.638597][T28839] Trying to free block not in datazone [ 831.668218][ T5872] usb 3-1: new high-speed USB device number 126 using dummy_hcd [ 831.895213][ T5872] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 831.920429][ T5872] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 831.960973][ T5872] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 831.986040][T28862] loop5: detected capacity change from 0 to 256 [ 831.993484][ T5872] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 832.036677][T28822] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 832.048027][ T5872] usb 3-1: Quirk or no altest; falling back to MIDI 1.0 [ 832.277752][T23802] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 832.493192][T26106] usb 3-1: USB disconnect, device number 126 [ 832.502129][T23802] usb 5-1: Using ep0 maxpacket: 8 [ 832.518379][T23802] usb 5-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 832.535950][T23802] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 832.554633][T23802] usb 5-1: Product: syz [ 832.570916][T23802] usb 5-1: Manufacturer: syz [ 832.583688][T23802] usb 5-1: SerialNumber: syz [ 832.609769][T23802] usb 5-1: config 0 descriptor?? [ 832.811359][T28931] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 832.827178][T28931] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 832.839297][T23802] usb 5-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 832.883722][T28932] loop5: detected capacity change from 0 to 4096 [ 832.899294][T28932] ntfs: (device loop5): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 833.054718][T23802] usb write operation failed. (-71) [ 833.067497][T28932] ntfs: volume version 3.1. [ 833.086258][T23802] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 833.122727][T23802] dvbdev: DVB: registering new adapter (Terratec H7) [ 833.129687][T23802] usb 5-1: media controller created [ 833.175813][T23802] usb read operation failed. (-71) [ 833.199782][T23802] usb write operation failed. (-71) [ 833.260435][T23802] dvb_usb_az6007: probe of 5-1:0.0 failed with error -5 [ 833.285132][T23802] usb 5-1: USB disconnect, device number 9 [ 833.650537][T28974] netlink: 96 bytes leftover after parsing attributes in process `syz.5.7379'. [ 833.697679][T28978] IPv6: Can't replace route, no match found [ 833.806829][T28985] netlink: 340 bytes leftover after parsing attributes in process `syz.2.7381'. [ 833.838021][T28985] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7381'. [ 834.441995][T28984] loop4: detected capacity change from 0 to 32768 [ 834.492040][T29019] nvme_fabrics: unknown parameter or missing value 'Y' in ctrl creation request [ 834.543339][T28984] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 834.584757][T28984] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 834.774942][T28984] OCFS2: ERROR (device loop4): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #17056 has an invalid bg_blkno of 4278207136 [ 834.801231][T29037] 8021q: VLANs not supported on ipvlan1 [ 834.867659][T28984] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 834.911034][T28984] OCFS2: File system is now read-only. [ 834.917183][T28984] (syz.4.7383,28984,1):ocfs2_search_chain:1761 ERROR: status = -30 [ 834.965611][T28984] (syz.4.7383,28984,1):ocfs2_search_chain:1871 ERROR: status = -30 [ 834.996515][T28984] (syz.4.7383,28984,1):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 835.027164][T28984] (syz.4.7383,28984,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 835.066824][T28984] (syz.4.7383,28984,1):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 835.091427][T28984] (syz.4.7383,28984,1):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 835.100032][T28984] (syz.4.7383,28984,1):ocfs2_mknod_locked:639 ERROR: status = -30 [ 835.115987][T28984] (syz.4.7383,28984,1):ocfs2_symlink:1944 ERROR: status = -30 [ 835.144345][T28984] (syz.4.7383,28984,1):ocfs2_symlink:2068 ERROR: status = -30 [ 835.246057][T22871] ocfs2: Unmounting device (7,4) on (node local) [ 835.294599][T29061] netlink: 'syz.2.7407': attribute type 10 has an invalid length. [ 835.391750][T29067] netlink: 'syz.5.7409': attribute type 2 has an invalid length. [ 835.399640][T29067] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.7409'. [ 835.659777][T29079] netlink: 'syz.5.7412': attribute type 3 has an invalid length. [ 835.670197][T29079] netlink: 'syz.5.7412': attribute type 3 has an invalid length. [ 835.681957][T29079] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7412'. [ 835.763875][T29087] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 835.805973][T29087] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 836.038483][T29106] netlink: 'syz.2.7420': attribute type 2 has an invalid length. [ 836.074239][T29107] __vm_enough_memory: pid: 29107, comm: syz.5.7421, not enough memory for the allocation [ 836.501321][T29132] netlink: 52 bytes leftover after parsing attributes in process `syz.2.7429'. [ 836.510951][T29132] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7429'. [ 836.679404][T29145] loop4: detected capacity change from 0 to 2048 [ 836.730481][T29145] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 836.736420][T29152] nvme_fabrics: unknown parameter or missing value 'Y' in ctrl creation request [ 836.802232][T29145] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 836.874224][T29160] loop2: detected capacity change from 0 to 512 [ 836.952041][T29160] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 836.992279][T29160] EXT4-fs (loop2): orphan cleanup on readonly fs [ 837.024081][T29160] EXT4-fs warning (device loop2): ext4_enable_quotas:7173: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 837.049509][T22871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 837.067492][T29160] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 837.078899][T29160] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz.2.7437: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 837.103409][T29160] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.7437: couldn't read orphan inode 13 (err -117) [ 837.139944][T29160] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 837.297591][T29160] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 837.352567][T29185] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 837.385708][T29160] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 837.418261][T29190] netlink: 'syz.0.7446': attribute type 1 has an invalid length. [ 837.449403][T29160] EXT4-fs warning (device loop2): ext4_enable_quotas:7173: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 837.492961][T29194] netlink: 'syz.5.7447': attribute type 1 has an invalid length. [ 837.650428][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 837.784304][T29210] Cannot find set identified by id 65535 to match [ 838.150944][T29234] loop2: detected capacity change from 0 to 64 [ 838.653413][T29264] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 838.796238][T29273] xt_CT: You must specify a L4 protocol and not use inversions on it [ 838.885574][ T5839] usb 3-1: new high-speed USB device number 127 using dummy_hcd [ 839.131694][ T5839] usb 3-1: Using ep0 maxpacket: 8 [ 839.139574][T29297] netlink: 256 bytes leftover after parsing attributes in process `syz.0.7477'. [ 839.152172][ T5839] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 839.164370][ T5839] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 839.174598][ T5855] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 839.184252][ T5839] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 839.206431][ T5839] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 839.231834][ T5839] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 839.259843][ T5839] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 839.269758][ T5839] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 839.299636][ T5839] usb 3-1: config 0 descriptor?? [ 839.304846][T29306] loop5: detected capacity change from 0 to 16 [ 839.307470][T29254] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 839.319593][T29305] netlink: 268 bytes leftover after parsing attributes in process `syz.0.7480'. [ 839.333527][T29306] erofs: (device loop5): mounted with root inode @ nid 36. [ 839.341729][T29305] unsupported nla_type 65024 [ 839.440137][ T5855] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 839.463857][ T5855] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 839.505179][ T5855] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 839.530844][ T5855] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 839.561929][T29279] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 839.600238][ T5855] usb 5-1: Quirk or no altest; falling back to MIDI 1.0 [ 839.912294][T23802] usb 3-1: USB disconnect, device number 127 [ 839.922209][T16021] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 840.089236][T26106] usb 5-1: USB disconnect, device number 10 [ 840.336926][T29373] loop5: detected capacity change from 0 to 8192 [ 840.377092][T29373] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 840.418244][T29373] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 840.456801][T29373] REISERFS (device loop5): using ordered data mode [ 840.485856][T29373] reiserfs: using flush barriers [ 840.530985][T29373] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 840.580302][T29373] REISERFS (device loop5): checking transaction log (loop5) [ 840.600237][T29373] REISERFS (device loop5): Using rupasov hash to sort names [ 840.960362][T29403] syz.2.7495 uses obsolete (PF_INET,SOCK_PACKET) [ 841.836326][T29460] loop5: detected capacity change from 0 to 64 [ 841.976918][T29468] netlink: 'syz.2.7516': attribute type 9 has an invalid length. [ 842.025554][T29468] netlink: 'syz.2.7516': attribute type 7 has an invalid length. [ 842.045938][T29468] netlink: 'syz.2.7516': attribute type 8 has an invalid length. [ 842.217198][T29483] libceph: resolve '40.' (ret=-3): failed [ 842.310734][T29492] dlm: non-version read from control device 59 [ 842.344271][T29496] loop4: detected capacity change from 0 to 256 [ 842.738932][ T28] audit: type=1326 audit(2000002851.256:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29515 comm="syz.4.7530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 842.799071][ T28] audit: type=1326 audit(2000002851.256:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29515 comm="syz.4.7530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 842.878300][ T28] audit: type=1326 audit(2000002851.284:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29515 comm="syz.4.7530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=139 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 842.945150][ T28] audit: type=1326 audit(2000002851.284:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29515 comm="syz.4.7530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 842.972567][ T28] audit: type=1326 audit(2000002851.284:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29515 comm="syz.4.7530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 844.082167][ T5839] usb 1-1: new high-speed USB device number 112 using dummy_hcd [ 844.154224][T29550] loop4: detected capacity change from 0 to 32768 [ 844.204968][T29550] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 844.296938][ T5839] usb 1-1: Using ep0 maxpacket: 8 [ 844.322321][ T5839] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 844.337658][ T5839] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 844.349595][ T5839] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 844.360291][ T5839] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 844.372812][ T5839] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 844.384782][ T5839] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 844.395508][ T5839] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 844.406611][ T5839] usb 1-1: config 0 descriptor?? [ 844.414595][T29572] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 844.558819][T29550] XFS (loop4): Ending clean mount [ 844.759518][T22871] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 844.953691][ T6146] usb 1-1: USB disconnect, device number 112 [ 844.961123][T23802] usb 6-1: new low-speed USB device number 6 using dummy_hcd [ 844.972888][T16021] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 845.124486][T29630] loop2: detected capacity change from 0 to 4096 [ 845.147728][T29630] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 845.196177][T23802] usb 6-1: config index 0 descriptor too short (expected 1307, got 27) [ 845.212548][T23802] usb 6-1: config 0 has an invalid interface number: 0 but max is -1 [ 845.235120][T23802] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 845.246215][T23802] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 845.257623][T29630] ntfs3: loop2: failed to convert "c46c" to iso8859-14 [ 845.322496][T23802] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 845.344815][T23802] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 845.393504][T23802] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 845.451170][T23802] usb 6-1: string descriptor 0 read error: -22 [ 845.458244][T23802] usb 6-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 845.472145][T23802] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 845.494824][T23802] usb 6-1: config 0 descriptor?? [ 845.502347][T23802] hub 6-1:0.0: bad descriptor, ignoring hub [ 845.509891][T23802] hub: probe of 6-1:0.0 failed with error -5 [ 845.551040][T23802] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input39 [ 845.868826][T23802] usb 6-1: USB disconnect, device number 6 [ 846.400266][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 846.412787][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 846.688097][T29733] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 847.183105][ T5874] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 847.301832][T29771] fuse: Bad value for 'fd' [ 847.386090][ T5874] usb 3-1: Using ep0 maxpacket: 16 [ 847.414176][ T5874] usb 3-1: config 0 has an invalid interface number: 214 but max is 0 [ 847.438647][ T5874] usb 3-1: config 0 has no interface number 0 [ 847.463840][ T5874] usb 3-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 847.500780][ T5874] usb 3-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 847.514164][ T5874] usb 3-1: New USB device strings: Mfr=1, Product=0, SerialNumber=3 [ 847.528878][ T5874] usb 3-1: Manufacturer: syz [ 847.533809][ T5874] usb 3-1: SerialNumber: syz [ 847.544641][ T5874] usb 3-1: config 0 descriptor?? [ 847.618532][T29787] loop4: detected capacity change from 0 to 4096 [ 847.661660][T29787] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 847.746482][T29787] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 847.862902][T29787] ntfs3: loop4: ino=1b, "file0" attr_set_size [ 847.892318][T29787] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 847.998736][ T5874] usbtouchscreen: probe of 3-1:0.214 failed with error -71 [ 848.060531][ T5874] usb 3-1: USB disconnect, device number 2 [ 848.535329][T29822] loop4: detected capacity change from 0 to 512 [ 848.625767][T29822] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 848.693883][T29822] ext4 filesystem being mounted at /358/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 848.733440][ T5874] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 848.860840][T22871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 848.924274][T29846] set match dimension is over the limit! [ 848.947940][ T5874] usb 6-1: Using ep0 maxpacket: 8 [ 848.962240][ T5874] usb 6-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 848.979508][ T5874] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 848.999414][ T5874] usb 6-1: Product: syz [ 849.005523][ T5874] usb 6-1: Manufacturer: syz [ 849.015564][ T5874] usb 6-1: SerialNumber: syz [ 849.039686][ T5874] usb 6-1: config 0 descriptor?? [ 849.292001][ T5874] usb 6-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 849.507258][ T5874] usb write operation failed. (-71) [ 849.541201][ T5874] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 849.575565][ T5874] dvbdev: DVB: registering new adapter (Terratec H7) [ 849.596383][ T5874] usb 6-1: media controller created [ 849.610752][ T5874] usb read operation failed. (-71) [ 849.634074][ T5874] usb write operation failed. (-71) [ 849.669646][ T5874] dvb_usb_az6007: probe of 6-1:0.0 failed with error -5 [ 849.696029][ T5874] usb 6-1: USB disconnect, device number 7 [ 849.707069][T29904] QAT: Stopping all acceleration devices. [ 849.911884][T26106] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 849.922173][T29918] loop2: detected capacity change from 0 to 128 [ 850.114907][T26106] usb 5-1: config 1 has an invalid interface number: 28 but max is 0 [ 850.135068][T26106] usb 5-1: config 1 has no interface number 0 [ 850.150810][T26106] usb 5-1: config 1 interface 28 altsetting 2 endpoint 0x4 has invalid wMaxPacketSize 0 [ 850.179788][T26106] usb 5-1: config 1 interface 28 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 0 [ 850.217392][T26106] usb 5-1: config 1 interface 28 altsetting 2 bulk endpoint 0x81 has invalid maxpacket 64 [ 850.241433][T26106] usb 5-1: config 1 interface 28 has no altsetting 0 [ 850.266219][T26106] usb 5-1: New USB device found, idVendor=045e, idProduct=0473, bcdDevice=e4.34 [ 850.287618][T26106] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 850.316663][T26106] usb 5-1: Product: syz [ 850.320969][T26106] usb 5-1: Manufacturer: syz [ 850.336885][T26106] usb 5-1: SerialNumber: syz [ 850.347483][T29893] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 850.365285][T26106] ipaq 5-1:1.28: PocketPC PDA converter detected [ 850.630339][T26106] usb 5-1: PocketPC PDA converter now attached to ttyUSB0 [ 850.904440][T26106] usb 5-1: USB disconnect, device number 11 [ 850.956753][T26106] ipaq ttyUSB0: PocketPC PDA converter now disconnected from ttyUSB0 [ 850.995817][T26106] ipaq 5-1:1.28: device disconnected [ 851.300879][T30006] ip6t_srh: unknown srh invflags 7D00 [ 851.380939][ T28] audit: type=1400 audit(2000002859.327:164): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3A0C7E pid=30008 comm="syz.2.7646" [ 851.825906][T30043] loop4: detected capacity change from 0 to 8 [ 851.887762][T26106] usb 1-1: new high-speed USB device number 113 using dummy_hcd [ 852.077370][T30058] loop5: detected capacity change from 0 to 64 [ 852.113639][T26106] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 852.126345][T26106] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 852.161473][T26106] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 852.182113][T26106] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 852.214968][T30025] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 852.235789][T26106] usb 1-1: Quirk or no altest; falling back to MIDI 1.0 [ 852.610666][ T5872] usb 1-1: USB disconnect, device number 113 [ 852.687717][T30109] loop2: detected capacity change from 0 to 128 [ 852.754376][T30109] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 852.781557][T30109] ext4 filesystem being mounted at /1913/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 852.929007][ T5790] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 852.942963][T30129] wg1: entered promiscuous mode [ 852.969195][T30129] wg1: entered allmulticast mode [ 853.302724][T30144] loop5: detected capacity change from 0 to 256 [ 853.353712][T30119] loop4: detected capacity change from 0 to 32768 [ 853.397562][T30119] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.7669 (30119) [ 853.433741][T30119] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 853.468085][T30119] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 853.482524][T30144] FAT-fs (loop5): Directory bread(block 64) failed [ 853.487448][T30119] BTRFS info (device loop4): using free space tree [ 853.500276][T30144] FAT-fs (loop5): Directory bread(block 65) failed [ 853.511344][T30144] FAT-fs (loop5): Directory bread(block 66) failed [ 853.522401][T30144] FAT-fs (loop5): Directory bread(block 67) failed [ 853.530151][T30144] FAT-fs (loop5): Directory bread(block 68) failed [ 853.537205][T30144] FAT-fs (loop5): Directory bread(block 69) failed [ 853.544274][T30144] FAT-fs (loop5): Directory bread(block 70) failed [ 853.583932][T30144] FAT-fs (loop5): Directory bread(block 71) failed [ 853.601718][T30144] FAT-fs (loop5): Directory bread(block 72) failed [ 853.608577][T30144] FAT-fs (loop5): Directory bread(block 73) failed [ 853.629708][T30119] BTRFS info (device loop4): enabling ssd optimizations [ 853.637323][T30119] BTRFS info (device loop4): auto enabling async discard [ 853.740148][T22871] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 854.069047][ T5793] Bluetooth: hci3: command 0x0406 tx timeout [ 855.877717][T30302] netlink: 228 bytes leftover after parsing attributes in process `syz.2.7718'. [ 855.967836][T30306] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7720'. [ 856.421393][T30334] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 856.683840][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 856.706135][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 856.738606][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 856.750923][T30350] netlink: 'syz.5.7734': attribute type 2 has an invalid length. [ 856.765469][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 856.773820][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 856.782809][T30350] netlink: 'syz.5.7734': attribute type 1 has an invalid length. [ 856.793059][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 856.802198][T30350] netlink: 'syz.5.7734': attribute type 1 has an invalid length. [ 856.810520][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 856.819153][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 856.829165][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 856.841905][T30323] loop4: detected capacity change from 0 to 32768 [ 856.848592][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 856.870345][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 856.888031][T30323] (syz.4.7726,30323,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 856.900614][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 856.911489][T30323] (syz.4.7726,30323,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 856.933036][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 856.963621][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 856.996036][T30323] JBD2: Ignoring recovery information on journal [ 857.003213][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.050291][T30323] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 857.063261][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.109022][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.165377][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.201542][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.227445][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.250456][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.263228][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.283761][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.305372][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.327477][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.362929][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.382133][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.392143][T22871] ocfs2: Unmounting device (7,4) on (node local) [ 857.417439][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.462322][ T5874] usb 1-1: new high-speed USB device number 114 using dummy_hcd [ 857.463822][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.493213][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.514938][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.537619][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.568128][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.597731][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.605986][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.650877][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.659122][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.718993][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.724259][ T5874] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 857.736689][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.753254][ T5874] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 857.760591][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.781058][ T5874] usb 1-1: Product: syz [ 857.790464][ T5874] usb 1-1: Manufacturer: syz [ 857.795726][ T5874] usb 1-1: SerialNumber: syz [ 857.811449][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.839205][ T5874] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 857.865965][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.873716][ T6146] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 857.874794][T26106] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 857.943405][T30387] loop5: detected capacity change from 0 to 4096 [ 857.995682][T26106] hid-generic 0000:007F:FFFFFFFE.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 858.032888][T30387] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 858.055096][T30387] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 858.112901][T30387] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 858.159433][T30387] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 858.187232][T30387] ntfs3: loop5: try to read out of volume at offset 0x3fffffc1c00 [ 858.242513][T30387] ntfs3: loop5: try to read out of volume at offset 0x3fffffc2c00 [ 858.288691][T30387] ntfs3: loop5: try to read out of volume at offset 0x3fffffc4c00 [ 858.319141][T30387] ntfs3: loop5: try to read out of volume at offset 0x3fffffc8c00 [ 858.360296][ T28] audit: type=1326 audit(2000002865.845:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30408 comm="syz.2.7748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 858.385235][ C0] vkms_vblank_simulate: vblank timer overrun [ 858.386484][T30387] ntfs3: loop5: try to read out of volume at offset 0x3fffffd0c00 [ 858.423171][T30398] fido_id[30398]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 858.442382][T30387] ntfs3: loop5: try to read out of volume at offset 0x3fffffe0c00 [ 858.594872][ T5874] usb 1-1: USB disconnect, device number 114 [ 858.602954][ T28] audit: type=1326 audit(2000002865.845:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30408 comm="syz.2.7748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 858.748857][ T28] audit: type=1326 audit(2000002865.873:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30408 comm="syz.2.7748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 858.793363][ T28] audit: type=1326 audit(2000002865.873:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30408 comm="syz.2.7748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 858.821557][ T28] audit: type=1326 audit(2000002865.873:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30408 comm="syz.2.7748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 858.854635][T30456] loop4: detected capacity change from 0 to 256 [ 859.025291][T30456] FAT-fs (loop4): Directory bread(block 64) failed [ 859.043794][ T6146] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 859.072201][T30456] FAT-fs (loop4): Directory bread(block 65) failed [ 859.078294][ T6146] ath9k_htc: Failed to initialize the device [ 859.116229][T30456] FAT-fs (loop4): Directory bread(block 66) failed [ 859.123635][ T5874] usb 1-1: ath9k_htc: USB layer deinitialized [ 859.140555][T30456] FAT-fs (loop4): Directory bread(block 67) failed [ 859.173835][T30456] FAT-fs (loop4): Directory bread(block 68) failed [ 859.221206][T30456] FAT-fs (loop4): Directory bread(block 69) failed [ 859.239657][T30456] FAT-fs (loop4): Directory bread(block 70) failed [ 859.277757][T30456] FAT-fs (loop4): Directory bread(block 71) failed [ 859.284726][T30456] FAT-fs (loop4): Directory bread(block 72) failed [ 859.328450][T30456] FAT-fs (loop4): Directory bread(block 73) failed [ 859.578087][T30484] loop5: detected capacity change from 0 to 4096 [ 859.595686][T30484] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 859.615382][T30496] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 1, id = 0 [ 859.627449][T30493] dummy0: entered promiscuous mode [ 859.635326][T30492] dummy0: left promiscuous mode [ 859.821804][T30506] xt_CT: You must specify a L4 protocol and not use inversions on it [ 859.835316][T30484] ntfs3: loop5: failed to convert "c46c" to cp864 [ 860.057152][T30515] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 860.669917][T30558] loop5: detected capacity change from 0 to 256 [ 860.707319][T30558] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 860.740638][T30558] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 860.760354][T30558] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 860.949845][T30573] XFS (nullb0): Invalid superblock magic number [ 861.072043][T30588] __vm_enough_memory: pid: 30588, comm: syz.5.7786, not enough memory for the allocation [ 861.491551][T30614] netlink: 772 bytes leftover after parsing attributes in process `syz.4.7797'. [ 861.711567][T30628] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7800'. [ 862.318405][T30665] (unnamed net_device) (uninitialized): option downdelay: invalid value (18446744073709551609) [ 862.340917][T30667] loop2: detected capacity change from 0 to 512 [ 862.360879][T30665] (unnamed net_device) (uninitialized): option downdelay: allowed values 0 - 2147483647 [ 862.420150][T25473] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 862.684217][T30689] netlink: 'syz.2.7819': attribute type 1 has an invalid length. [ 862.768876][T30698] loop5: detected capacity change from 0 to 16 [ 862.823730][T30698] erofs: (device loop5): mounted with root inode @ nid 36. [ 862.897001][T30698] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 862.945517][T30698] erofs: (device loop5): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 863.662929][T30755] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 1, id = 0 [ 863.726100][T30759] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7839'. [ 863.959689][T30775] netlink: 36 bytes leftover after parsing attributes in process `syz.0.7844'. [ 864.130398][T30777] loop2: detected capacity change from 0 to 4096 [ 865.228407][T30851] mac80211_hwsim hwsim12 wlan0: entered promiscuous mode [ 865.270433][T30851] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 865.515502][T30874] sctp: [Deprecated]: syz.4.7875 (pid 30874) Use of int in max_burst socket option deprecated. [ 865.515502][T30874] Use struct sctp_assoc_value instead [ 865.686334][T30876] loop2: detected capacity change from 0 to 4096 [ 865.708984][T30876] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 865.796048][T30876] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 865.822895][T30876] ntfs3: loop2: Failed to initialize $Extend/$Reparse. [ 865.938412][T30895] netlink: 'syz.4.7880': attribute type 15 has an invalid length. [ 865.946728][T30895] netlink: 666 bytes leftover after parsing attributes in process `syz.4.7880'. [ 866.719937][T30945] netlink: 'syz.4.7897': attribute type 9 has an invalid length. [ 866.961625][T30959] loop5: detected capacity change from 0 to 4096 [ 866.993582][T30959] ntfs3: loop5: It is recommened to use chkdsk. [ 867.006277][T30959] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 867.027891][T30959] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 867.042700][T30959] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 867.081473][T30959] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 867.112643][T30959] ntfs3: loop5: try to read out of volume at offset 0x3fffffc1c00 [ 867.144573][T30959] ntfs3: loop5: try to read out of volume at offset 0x3fffffc2c00 [ 867.156691][T30959] ntfs3: loop5: try to read out of volume at offset 0x3fffffc4c00 [ 867.165229][T30959] ntfs3: loop5: try to read out of volume at offset 0x3fffffc8c00 [ 867.208048][T30959] ntfs3: loop5: try to read out of volume at offset 0x3fffffd0c00 [ 867.830260][T26114] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 868.033301][T26114] usb 3-1: Using ep0 maxpacket: 16 [ 868.054713][T26114] usb 3-1: New USB device found, idVendor=0c45, idProduct=800a, bcdDevice=db.47 [ 868.064605][T26114] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 868.101969][T26114] usb 3-1: Product: syz [ 868.106208][T26114] usb 3-1: Manufacturer: syz [ 868.116578][T26114] usb 3-1: SerialNumber: syz [ 868.133214][T26114] usb 3-1: config 0 descriptor?? [ 868.143544][T31009] cgroup: Bad value for 'name' [ 868.149129][T26114] gspca_main: sn9c2028-2.14.0 probing 0c45:800a [ 868.557540][T31035] loop4: detected capacity change from 0 to 1024 [ 868.594348][T26114] gspca_sn9c2028: read1 error -71 [ 868.607999][T26114] gspca_sn9c2028: read1 error -71 [ 868.620554][T26114] sn9c2028: probe of 3-1:0.0 failed with error -71 [ 868.658379][T26114] usb 3-1: USB disconnect, device number 3 [ 869.104830][T31069] loop5: detected capacity change from 0 to 256 [ 869.171509][T31069] FAT-fs (loop5): Directory bread(block 64) failed [ 869.188219][T31069] FAT-fs (loop5): Directory bread(block 65) failed [ 869.201282][T31069] FAT-fs (loop5): Directory bread(block 66) failed [ 869.208378][T31069] FAT-fs (loop5): Directory bread(block 67) failed [ 869.230054][T31069] FAT-fs (loop5): Directory bread(block 68) failed [ 869.241227][T31069] FAT-fs (loop5): Directory bread(block 69) failed [ 869.249009][T31069] FAT-fs (loop5): Directory bread(block 70) failed [ 869.256296][T31069] FAT-fs (loop5): Directory bread(block 71) failed [ 869.284797][T31069] FAT-fs (loop5): Directory bread(block 72) failed [ 869.309807][T31069] FAT-fs (loop5): Directory bread(block 73) failed [ 869.454666][T31084] netlink: 60 bytes leftover after parsing attributes in process `syz.2.7935'. [ 869.975800][T31117] netlink: 'syz.5.7942': attribute type 9 has an invalid length. [ 870.979554][T31182] 9pnet_fd: Insufficient options for proto=fd [ 871.505744][T31211] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7971'. [ 871.601348][T31166] loop2: detected capacity change from 0 to 32768 [ 871.683542][T31166] add_index: next_index = 0. Resetting! [ 871.706874][T31222] ipt_REJECT: TCP_RESET invalid for non-tcp [ 871.732101][T31166] find_entry called with index >= next_index [ 871.742237][T31166] find_entry called with index >= next_index [ 872.020247][T31237] loop5: detected capacity change from 0 to 2048 [ 872.037763][T31237] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 872.078993][T31242] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 872.089485][T25473] udevd[25473]: incorrect nilfs2 checksum on /dev/loop5 [ 872.139644][T31237] NILFS error (device loop5): __nilfs_read_inode: invalid file type bits in mode 0177777 for inode 12 [ 872.168230][T31237] Remounting filesystem read-only [ 872.585207][T31267] "syz.5.7988" (31267) uses obsolete ecb(arc4) skcipher [ 872.691906][T31270] loop2: detected capacity change from 0 to 2048 [ 872.769844][T31279] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 873.127063][T31297] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7994'. [ 873.373299][T31311] loop5: detected capacity change from 0 to 2048 [ 873.436142][T31311] loop5: p1 p2 < > p3 < p5 p6 > p4 [ 873.445789][T31311] loop5: partition table partially beyond EOD, truncated [ 873.467237][T31311] loop5: p2 start 4278190080 is beyond EOD, truncated [ 873.482443][T31311] loop5: p4 size 8192 extends beyond EOD, truncated [ 873.513495][T31311] loop5: p6 size 8192 extends beyond EOD, truncated [ 873.620165][T31330] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8002'. [ 873.857139][T27320] udevd[27320]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory [ 873.858610][T25592] udevd[25592]: inotify_add_watch(7, /dev/loop5p5, 10) failed: No such file or directory [ 873.886568][T28885] udevd[28885]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 873.902168][T25473] udevd[25473]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 873.916962][T26150] udevd[26150]: inotify_add_watch(7, /dev/loop5p6, 10) failed: No such file or directory [ 874.215461][T31369] netlink: 'syz.2.8012': attribute type 10 has an invalid length. [ 874.261199][T31369] 8021q: adding VLAN 0 to HW filter on device bond0 [ 874.289198][T31369] team0: Port device bond0 added [ 874.338613][T31375] netlink: 148 bytes leftover after parsing attributes in process `syz.0.8014'. [ 874.371652][T31378] kcapi: manufacturer command 52776558133248 unknown. [ 874.439318][T31375] netlink: 148 bytes leftover after parsing attributes in process `syz.0.8014'. [ 874.583673][T31390] netlink: 'syz.0.8018': attribute type 29 has an invalid length. [ 874.631569][T31390] netlink: 'syz.0.8018': attribute type 29 has an invalid length. [ 874.833550][T31409] ufs: You didn't specify the type of your ufs filesystem [ 874.833550][T31409] [ 874.833550][T31409] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 874.833550][T31409] [ 874.833550][T31409] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 874.915607][T31409] ufs: ufstype=old is supported read-only [ 874.940795][T31409] syz.0.8023: attempt to access beyond end of device [ 874.940795][T31409] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0 [ 874.982058][T31404] loop2: detected capacity change from 0 to 4096 [ 875.318266][T31436] loop4: detected capacity change from 0 to 64 [ 875.866166][T31468] bond1: entered promiscuous mode [ 875.924607][T31468] bond1: entered allmulticast mode [ 875.931806][T31468] 8021q: adding VLAN 0 to HW filter on device bond1 [ 876.073276][T31517] loop2: detected capacity change from 0 to 8 [ 876.080776][T31518] netlink: 'syz.4.8045': attribute type 21 has an invalid length. [ 876.657407][T31555] netlink: 'syz.0.8057': attribute type 10 has an invalid length. [ 876.696279][T31555] bridge0: port 1(team0) entered blocking state [ 876.726503][T31555] bridge0: port 1(team0) entered disabled state [ 876.733421][T31555] team0: entered allmulticast mode [ 876.767636][T31555] team0: entered promiscuous mode [ 877.434016][T31609] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.8074'. [ 877.600761][T31619] netlink: 'syz.5.8078': attribute type 1 has an invalid length. [ 877.645927][T31619] netlink: 'syz.5.8078': attribute type 3 has an invalid length. [ 877.653885][T31619] netlink: 224 bytes leftover after parsing attributes in process `syz.5.8078'. [ 878.054530][T31652] loop5: detected capacity change from 0 to 512 [ 878.071649][T31652] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 878.103196][T31652] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002] [ 878.111930][T31652] EXT4-fs (loop5): orphan cleanup on readonly fs [ 878.119467][T31652] EXT4-fs error (device loop5): ext4_orphan_get:1425: comm syz.5.8089: bad orphan inode 267 [ 878.137572][T31652] EXT4-fs (loop5): Remounting filesystem read-only [ 878.147264][T31652] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 878.172137][T31652] EXT4-fs warning (device loop5): dx_probe:893: inode #2: comm syz.5.8089: dx entry: limit 0 != root limit 125 [ 878.185526][T31652] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.8089: Corrupt directory, running e2fsck is recommended [ 878.242868][T25498] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 878.446762][T31675] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 879.164735][T31726] netlink: 44 bytes leftover after parsing attributes in process `syz.5.8110'. [ 879.185175][T31726] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8110'. [ 879.207043][T31726] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8110'. [ 879.247350][T31730] bond5: entered promiscuous mode [ 879.253687][T31730] bond5: entered allmulticast mode [ 879.259723][T31730] 8021q: adding VLAN 0 to HW filter on device bond5 [ 879.750380][T31793] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8121'. [ 879.921087][T31799] bond3: entered promiscuous mode [ 879.930886][T31799] bond3: entered allmulticast mode [ 879.937384][T31799] 8021q: adding VLAN 0 to HW filter on device bond3 [ 880.596543][T31861] netdevsim netdevsim2: Direct firmware load for .. failed with error -2 [ 880.614447][T31861] netdevsim netdevsim2: Falling back to sysfs fallback for: .. [ 881.328280][T31886] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8139'. [ 881.338279][T31886] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8139'. [ 881.593701][T31899] netlink: 'syz.5.8144': attribute type 10 has an invalid length. [ 881.615658][T31899] bridge0: port 1(team0) entered blocking state [ 881.622426][T31899] bridge0: port 1(team0) entered disabled state [ 881.629866][T31899] team0: entered allmulticast mode [ 881.641945][T31899] team0: entered promiscuous mode [ 881.780714][T31913] netlink: 'syz.2.8148': attribute type 1 has an invalid length. [ 881.793899][T31914] netlink: 64 bytes leftover after parsing attributes in process `syz.5.8149'. [ 882.028947][T31931] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8152'. [ 882.167353][T31938] SET target dimension over the limit! [ 882.336924][T31950] unsupported nlmsg_type 40 [ 883.151328][T32008] loop4: detected capacity change from 0 to 736 [ 883.219778][ T5855] usb 1-1: new high-speed USB device number 115 using dummy_hcd [ 883.337113][T32020] __nla_validate_parse: 1 callbacks suppressed [ 883.337130][T32020] netlink: 16 bytes leftover after parsing attributes in process `syz.5.8181'. [ 883.446893][ T5855] usb 1-1: config 0 has an invalid interface number: 120 but max is 0 [ 883.460316][ T5855] usb 1-1: config 0 has no interface number 0 [ 883.474909][ T5855] usb 1-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 883.499837][ T5855] usb 1-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58 [ 883.530737][ T5855] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 883.571284][ T5855] usb 1-1: config 0 descriptor?? [ 883.611972][ T5855] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.120/input/input41 [ 883.886126][ T5839] usb 1-1: USB disconnect, device number 115 [ 884.053319][T32075] netlink: 'syz.5.8193': attribute type 5 has an invalid length. [ 884.232555][ T28] audit: type=1326 audit(2000002890.040:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32086 comm="syz.4.8198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 884.266165][ T28] audit: type=1326 audit(2000002890.040:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32086 comm="syz.4.8198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 884.301081][ T28] audit: type=1326 audit(2000002890.049:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32086 comm="syz.4.8198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 884.333539][ T28] audit: type=1326 audit(2000002890.049:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32086 comm="syz.4.8198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 884.365782][ T28] audit: type=1326 audit(2000002890.049:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32086 comm="syz.4.8198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 884.489983][T32100] x_tables: ip_tables: ah match: only valid for protocol 51 [ 884.566437][T32104] loop5: detected capacity change from 0 to 256 [ 884.684896][T32104] FAT-fs (loop5): Directory bread(block 64) failed [ 884.726014][T32104] FAT-fs (loop5): Directory bread(block 65) failed [ 884.733318][T32104] FAT-fs (loop5): Directory bread(block 66) failed [ 884.756638][T32104] FAT-fs (loop5): Directory bread(block 67) failed [ 884.763994][T32104] FAT-fs (loop5): Directory bread(block 68) failed [ 884.806542][T32104] FAT-fs (loop5): Directory bread(block 69) failed [ 884.889174][T32104] FAT-fs (loop5): Directory bread(block 70) failed [ 884.916942][T32104] FAT-fs (loop5): Directory bread(block 71) failed [ 884.923978][T32104] FAT-fs (loop5): Directory bread(block 72) failed [ 884.936654][T32104] FAT-fs (loop5): Directory bread(block 73) failed [ 884.987237][T32130] netlink: 60 bytes leftover after parsing attributes in process `syz.0.8211'. [ 885.425287][T32146] loop4: detected capacity change from 0 to 4096 [ 885.534274][T32158] loop2: detected capacity change from 0 to 2048 [ 885.573539][T32146] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 885.654817][T32158] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 886.352020][T32200] netlink: 24 bytes leftover after parsing attributes in process `syz.5.8231'. [ 886.760148][T32230] loop4: detected capacity change from 0 to 128 [ 886.774896][T32230] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 886.822372][T32230] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 886.930927][T32238] netlink: 'syz.4.8242': attribute type 10 has an invalid length. [ 886.969546][T32238] bridge0: port 1(team0) entered blocking state [ 886.991365][T32238] bridge0: port 1(team0) entered disabled state [ 887.019222][T32238] team0: entered allmulticast mode [ 887.058561][T32238] team0: entered promiscuous mode [ 887.155517][ T28] audit: type=1326 audit(2000002892.789:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32250 comm="syz.0.8246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 887.253466][ T28] audit: type=1326 audit(2000002892.789:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32250 comm="syz.0.8246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 887.338288][ T28] audit: type=1326 audit(2000002892.789:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32250 comm="syz.0.8246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=279 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 887.362050][ C1] vkms_vblank_simulate: vblank timer overrun [ 887.443534][ T28] audit: type=1326 audit(2000002892.789:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32250 comm="syz.0.8246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 887.466937][ C1] vkms_vblank_simulate: vblank timer overrun [ 887.490794][T32269] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 887.879975][T32294] raw_sendmsg: syz.4.8263 forgot to set AF_INET. Fix it! [ 888.511219][T32327] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8275'. [ 888.678889][T32338] xt_cgroup: xt_cgroup: no path or classid specified [ 889.097805][T32358] loop4: detected capacity change from 0 to 256 [ 889.120642][T32363] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8288'. [ 889.156975][T32366] overlayfs: conflicting options: userxattr,metacopy=on [ 889.369915][T32381] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8292'. [ 889.390324][T32381] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8292'. [ 889.667073][T32399] loop4: detected capacity change from 0 to 64 [ 889.710126][T32399] BFS-fs: bfs_fill_super(): loop4 is unclean, continuing [ 890.016656][T32420] loop4: detected capacity change from 0 to 64 [ 890.141372][T28885] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 890.208765][T32436] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8309'. [ 890.274472][T32436] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8309'. [ 890.380028][T32445] binder: 32444:32445 ioctl c018620c 200000000380 returned -1 [ 890.493977][T32454] netlink: 32 bytes leftover after parsing attributes in process `syz.2.8315'. [ 890.934088][T32478] ipt_rpfilter: unknown options [ 891.061746][ T28] audit: type=1326 audit(2000002896.437:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32485 comm="syz.0.8326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x50000 [ 891.086545][ C1] vkms_vblank_simulate: vblank timer overrun [ 891.139856][ T28] audit: type=1326 audit(2000002896.437:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32485 comm="syz.0.8326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x50000 [ 891.202217][ T28] audit: type=1326 audit(2000002896.437:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32485 comm="syz.0.8326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x50000 [ 891.226470][ C1] vkms_vblank_simulate: vblank timer overrun [ 891.265643][ T28] audit: type=1326 audit(2000002896.437:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32485 comm="syz.0.8326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x50000 [ 891.364456][ T28] audit: type=1326 audit(2000002896.437:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32485 comm="syz.0.8326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x50000 [ 891.388816][ C1] vkms_vblank_simulate: vblank timer overrun [ 891.448120][ T28] audit: type=1326 audit(2000002896.437:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32485 comm="syz.0.8326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x50000 [ 891.484291][T32503] xt_ecn: cannot match TCP bits for non-tcp packets [ 891.495213][ T28] audit: type=1326 audit(2000002896.437:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32485 comm="syz.0.8326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x50000 [ 891.544220][T32505] C: renamed from lo (while UP) [ 891.572960][ T28] audit: type=1326 audit(2000002896.437:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32485 comm="syz.0.8326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x50000 [ 891.608435][T32505] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 891.642953][ T28] audit: type=1326 audit(2000002896.437:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32485 comm="syz.0.8326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x50000 [ 891.723484][ T28] audit: type=1326 audit(2000002896.437:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32485 comm="syz.0.8326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x50000 [ 891.747342][ C1] vkms_vblank_simulate: vblank timer overrun [ 891.926876][T32520] tmpfs: Bad value for 'mpol' [ 892.091134][T32527] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8339'. [ 892.106578][T32530] dlm: no local IP address has been set [ 892.118885][T32530] dlm: cannot start dlm midcomms -107 [ 892.303224][T32538] netlink: 152 bytes leftover after parsing attributes in process `syz.4.8343'. [ 892.337546][T32538] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8343'. [ 892.855801][T32566] netlink: 'syz.5.8352': attribute type 10 has an invalid length. [ 892.883100][T32566] netlink: 40 bytes leftover after parsing attributes in process `syz.5.8352'. [ 892.945966][T32566] geneve0: entered promiscuous mode [ 892.953526][T32566] geneve0: entered allmulticast mode [ 892.961619][T32566] team0: Port device geneve0 added [ 892.990104][ T58] bridge0: port 1(team0) entered blocking state [ 892.996783][ T58] bridge0: port 1(team0) entered listening state [ 893.605192][T32597] netlink: 'syz.2.8361': attribute type 2 has an invalid length. [ 893.651163][T32597] netlink: 'syz.2.8361': attribute type 1 has an invalid length. [ 894.146729][ T5839] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 894.292794][T32631] loop5: detected capacity change from 0 to 256 [ 894.374560][ T5839] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 894.400510][ T5839] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 894.420293][ T5839] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 894.441927][ T5839] usb 3-1: Product: syz [ 894.449562][ T5839] usb 3-1: Manufacturer: syz [ 894.462912][ T5839] usb 3-1: SerialNumber: syz [ 894.480662][ T5839] usb 3-1: config 0 descriptor?? [ 894.552183][ T5839] snd-usb-audio: probe of 3-1:0.0 failed with error -22 [ 894.570887][T32652] usb usb1: usbfs: process 32652 (syz.0.8376) did not claim interface 0 before use [ 894.619289][T28885] udevd[28885]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 894.686653][T32660] binder: 32659:32660 ioctl 40046210 0 returned -14 [ 894.761669][T23802] usb 3-1: USB disconnect, device number 4 [ 895.117606][T32691] loop5: detected capacity change from 0 to 764 [ 895.153188][T32691] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 895.495094][T32711] loop2: detected capacity change from 0 to 1024 [ 895.593500][T32719] __nla_validate_parse: 5 callbacks suppressed [ 895.593520][T32719] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8392'. [ 895.687525][T18145] hfsplus: b-tree write err: -5, ino 4 [ 896.041986][T32746] netlink: 96 bytes leftover after parsing attributes in process `syz.0.8401'. [ 896.442430][T32767] CIFS mount error: No usable UNC path provided in device string! [ 896.442430][T32767] [ 896.472140][T32767] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 896.703700][ T28] kauditd_printk_skb: 3132 callbacks suppressed [ 896.703715][ T28] audit: type=1326 audit(2000002901.721:3321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=317 comm="syz.2.8414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 896.774830][ T28] audit: type=1326 audit(2000002901.749:3322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=317 comm="syz.2.8414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 896.853648][ T28] audit: type=1326 audit(2000002901.749:3323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=317 comm="syz.2.8414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=199 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 896.911916][ T28] audit: type=1326 audit(2000002901.749:3324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=317 comm="syz.2.8414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 896.967703][ T28] audit: type=1326 audit(2000002901.749:3325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=317 comm="syz.2.8414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33db18ebe9 code=0x7ffc0000 [ 897.035581][ T333] loop2: detected capacity change from 0 to 512 [ 897.089635][ T333] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 897.143068][ T333] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 897.194914][ T333] System zones: 0-1, 15-15, 18-18, 34-34 [ 897.201230][ T333] EXT4-fs (loop2): orphan cleanup on readonly fs [ 897.256060][ T333] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0 [ 897.300579][ T333] EXT4-fs warning (device loop2): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 897.322792][ T333] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 897.330220][ T333] EXT4-fs (loop2): 1 truncate cleaned up [ 897.363450][ T333] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 897.420424][ T355] netlink: 14 bytes leftover after parsing attributes in process `syz.5.8425'. [ 897.469614][ T333] fscrypt (loop2, inode 16): Error -61 getting encryption context [ 897.511508][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 898.146602][ T399] netlink: 'syz.5.8437': attribute type 29 has an invalid length. [ 898.164502][ T402] loop2: detected capacity change from 0 to 1024 [ 898.166694][ T399] netlink: 'syz.5.8437': attribute type 29 has an invalid length. [ 898.627510][ T419] netlink: 40 bytes leftover after parsing attributes in process `syz.5.8442'. [ 898.680011][ T419] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 898.725206][ T28] audit: type=1400 audit(2000002903.610:3326): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=423 comm="syz.2.8451" [ 899.295532][ T456] cgroup: none used incorrectly [ 899.540549][ T473] loop2: detected capacity change from 0 to 512 [ 899.590600][ T473] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 900.281706][ T517] loop4: detected capacity change from 0 to 512 [ 900.326618][ T517] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 900.355395][ T517] ext4 filesystem being mounted at /550/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 900.547343][T22871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 900.571418][ T5855] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 900.715017][ T28] audit: type=1326 audit(2000002905.462:3327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=547 comm="syz.4.8479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 900.805879][ T5855] usb 3-1: Using ep0 maxpacket: 16 [ 900.814952][ T5855] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 900.825501][ T28] audit: type=1326 audit(2000002905.462:3328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=547 comm="syz.4.8479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 900.846454][ T5855] usb 3-1: config 0 has no interface number 0 [ 900.851834][ C1] vkms_vblank_simulate: vblank timer overrun [ 900.873488][ T5855] usb 3-1: config 0 interface 1 has no altsetting 0 [ 900.886798][ T28] audit: type=1326 audit(2000002905.471:3329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=547 comm="syz.4.8479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fc94ff8ebe9 code=0x7ffc0000 [ 900.892951][ T558] netlink: 272 bytes leftover after parsing attributes in process `syz.4.8482'. [ 900.932225][ T5855] usb 3-1: New USB device found, idVendor=10c4, idProduct=eac1, bcdDevice=ff.7e [ 900.942888][ T5855] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 900.957705][ T5855] usb 3-1: Product: syz [ 900.962205][ T5855] usb 3-1: Manufacturer: syz [ 900.982128][ T5855] usb 3-1: SerialNumber: syz [ 900.987994][ T562] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8484'. [ 901.003599][ T562] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 901.011687][ T562] IPv6: NLM_F_CREATE should be set when creating new route [ 901.019324][ T562] IPv6: NLM_F_CREATE should be set when creating new route [ 901.028873][ T5855] usb 3-1: config 0 descriptor?? [ 901.197195][ T573] loop4: detected capacity change from 0 to 1024 [ 901.213412][ T573] EXT4-fs: Ignoring removed nobh option [ 901.234631][ T573] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 901.277873][ T5855] i2c-cp2615: probe of 3-1:0.1 failed with error -22 [ 901.312978][ T573] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 901.445110][T22871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 901.551844][ T5855] usb 3-1: USB disconnect, device number 5 [ 901.635726][ T593] loop5: detected capacity change from 0 to 2048 [ 901.690953][ T593] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 902.262858][ T5855] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 902.497097][ T5855] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 902.520763][ T5855] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 902.550177][ T5855] usb 6-1: config 0 descriptor?? [ 902.792979][ T636] loop4: detected capacity change from 0 to 32768 [ 902.796524][ T660] loop2: detected capacity change from 0 to 1024 [ 902.825764][ T5855] [drm] vendor descriptor length:6 data:06 5f 00 00 00 00 00 00 00 00 00 [ 902.935117][ T5855] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 902.954568][ T636] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 903.028983][ T5855] [drm:udl_init] *ERROR* Selecting channel failed [ 903.097837][ T5855] [drm] Initialized udl 0.0.1 20120220 for 6-1:0.0 on minor 2 [ 903.138171][ T5855] [drm] Initialized udl on minor 2 [ 903.188844][ T5855] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 903.204303][ T636] XFS (loop4): Ending clean mount [ 903.250510][ T5855] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 903.292032][ T5874] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 903.308343][ T5855] usb 6-1: USB disconnect, device number 8 [ 903.356016][ T5874] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 903.369296][T22871] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 904.371757][ T750] loop5: detected capacity change from 0 to 256 [ 904.675936][ T776] netlink: 44 bytes leftover after parsing attributes in process `syz.4.8531'. [ 904.946863][ T794] No such timeout policy "syz0" [ 905.138323][ T28] kauditd_printk_skb: 7 callbacks suppressed [ 905.138337][ T28] audit: type=1326 audit(2000002909.614:3337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=804 comm="syz.0.8541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 905.230985][ T28] audit: type=1326 audit(2000002909.642:3338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=804 comm="syz.0.8541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 905.254980][ C1] vkms_vblank_simulate: vblank timer overrun [ 905.332036][ T28] audit: type=1326 audit(2000002909.642:3339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=804 comm="syz.0.8541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 905.393293][ T28] audit: type=1326 audit(2000002909.642:3340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=804 comm="syz.0.8541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 905.474674][ T28] audit: type=1326 audit(2000002909.642:3341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=804 comm="syz.0.8541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 905.526632][ T28] audit: type=1326 audit(2000002909.820:3342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=813 comm="syz.0.8543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 905.568332][ T28] audit: type=1326 audit(2000002909.820:3343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=813 comm="syz.0.8543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 905.638355][ T28] audit: type=1326 audit(2000002909.829:3344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=813 comm="syz.0.8543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 905.736167][ T28] audit: type=1326 audit(2000002909.839:3345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=813 comm="syz.0.8543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 905.788587][ T28] audit: type=1326 audit(2000002909.839:3346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=813 comm="syz.0.8543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cb798ebe9 code=0x7ffc0000 [ 905.824140][ T824] loop5: detected capacity change from 0 to 4096 [ 905.858330][ T824] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 905.952069][ T824] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 905.993948][ T824] ntfs3: loop5: mft corrupted [ 906.012354][ T824] ntfs3: loop5: Failed to load $Extend (-22). [ 906.056499][ T824] ntfs3: loop5: Failed to initialize $Extend. [ 906.528505][ T869] SET target dimension over the limit! [ 907.240234][ T863] loop2: detected capacity change from 0 to 32768 [ 907.302276][ T863] JBD2: Ignoring recovery information on journal [ 907.358977][ T863] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 907.442334][ T931] netlink: 'syz.4.8577': attribute type 2 has an invalid length. [ 907.456220][ T935] netlink: 2980 bytes leftover after parsing attributes in process `syz.0.8578'. [ 907.470673][ T931] netlink: 'syz.4.8577': attribute type 1 has an invalid length. [ 907.636204][ T944] netlink: 'syz.0.8580': attribute type 21 has an invalid length. [ 907.662684][ T944] netlink: 128 bytes leftover after parsing attributes in process `syz.0.8580'. [ 907.678247][ T5790] ocfs2: Unmounting device (7,2) on (node local) [ 907.697240][ T944] netlink: 'syz.0.8580': attribute type 4 has an invalid length. [ 907.708819][ T944] netlink: 3 bytes leftover after parsing attributes in process `syz.0.8580'. [ 908.564474][ T959] loop5: detected capacity change from 0 to 32768 [ 908.582599][ T5874] usb 1-1: new full-speed USB device number 116 using dummy_hcd [ 908.762601][ T3496] read_mapping_page failed! [ 908.772039][ T3496] ERROR: (device loop5): txCommit: [ 908.772039][ T3496] [ 908.799760][ T5874] usb 1-1: config 0 has an invalid interface number: 110 but max is 0 [ 908.808838][ T3496] jfs_write_inode: jfs_commit_inode failed! [ 908.815015][ T5793] Bluetooth: hci4: command 0x0406 tx timeout [ 908.826252][ T5874] usb 1-1: config 0 has no interface number 0 [ 908.846515][ T5874] usb 1-1: config 0 interface 110 altsetting 2 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 908.904939][ T5874] usb 1-1: config 0 interface 110 has no altsetting 0 [ 908.940904][ T5874] usb 1-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=af.55 [ 908.973670][ T5874] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 909.004912][ T5874] usb 1-1: Product: syz [ 909.026540][ T5874] usb 1-1: Manufacturer: syz [ 909.049957][ T5874] usb 1-1: SerialNumber: syz [ 909.092427][ T5874] usb 1-1: config 0 descriptor?? [ 909.098432][ T977] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 909.150760][ T1009] loop2: detected capacity change from 0 to 32768 [ 909.184282][ T1009] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.8597 (1009) [ 909.216563][ T1009] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 909.253669][ T1009] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 909.274861][ T1009] BTRFS info (device loop2): force zlib compression, level 3 [ 909.283120][ T1009] BTRFS info (device loop2): force clearing of disk cache [ 909.330952][ C0] bridge0: port 1(team0) entered learning state [ 909.353216][ T977] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 909.374949][ T1009] BTRFS info (device loop2): setting nodatasum [ 909.386668][ T1009] BTRFS info (device loop2): doing ref verification [ 909.398130][ T5874] cdc_subset: probe of 1-1:0.110 failed with error -22 [ 909.405258][ T1009] BTRFS info (device loop2): allowing degraded mounts [ 909.412234][ T1009] BTRFS info (device loop2): using free space tree [ 909.562106][ T1009] BTRFS info (device loop2): enabling ssd optimizations [ 909.576682][ T1009] BTRFS info (device loop2): auto enabling async discard [ 909.590637][ T1009] BTRFS info (device loop2): rebuilding free space tree [ 909.634330][ T5855] usb 1-1: USB disconnect, device number 116 [ 909.814368][ T5790] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 910.891487][ T1123] openvswitch: netlink: Geneve opt len 3 is not a multiple of 4. [ 911.522557][ T1161] netlink: 'syz.5.8631': attribute type 1 has an invalid length. [ 911.614469][ T1164] loop5: detected capacity change from 0 to 1024 [ 911.630058][ T1164] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 911.665154][ T1164] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 911.688518][ T1164] EXT4-fs (loop5): orphan cleanup on readonly fs [ 911.698299][ T1164] EXT4-fs error (device loop5): __ext4_get_inode_loc:4483: comm syz.5.8632: Invalid inode table block 0 in block_group 0 [ 911.728200][ T1164] EXT4-fs (loop5): Remounting filesystem read-only [ 911.735461][T26114] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 911.753123][ T1164] __quota_error: 4 callbacks suppressed [ 911.753137][ T1164] Quota error (device loop5): write_blk: dquota write failed [ 911.776501][ T1164] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 911.794999][ T1164] EXT4-fs (loop5): 1 truncate cleaned up [ 911.828872][ T1164] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 911.949520][T26114] usb 3-1: unable to get BOS descriptor or descriptor too short [ 911.967079][T26114] usb 3-1: config 2 has an invalid interface number: 99 but max is 0 [ 911.983915][T26114] usb 3-1: config 2 has no interface number 0 [ 912.001200][T26114] usb 3-1: config 2 interface 99 has no altsetting 0 [ 912.012054][T26114] usb 3-1: New USB device found, idVendor=0840, idProduct=0082, bcdDevice= 0.01 [ 912.030629][T25498] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 912.044137][T26114] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 912.071254][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 912.075232][T26114] usb 3-1: Product: syz [ 912.079201][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 912.087873][T26114] usb 3-1: Manufacturer: syz [ 912.095754][T26114] usb 3-1: SerialNumber: syz [ 912.591755][T26114] usb-storage 3-1:2.99: USB Mass Storage device detected [ 912.651191][T26114] usb-storage 3-1:2.99: Quirks match for vid 0840 pid 0082: 10 [ 912.750525][ T29] INFO: task syz-executor:5788 blocked for more than 143 seconds. [ 912.758825][ T29] Not tainted 6.6.102-syzkaller #0 [ 912.771744][T26114] usb 3-1: USB disconnect, device number 6 [ 912.795789][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 912.829161][ T29] task:syz-executor state:D stack:21704 pid:5788 ppid:1 flags:0x00004004 [ 912.838994][ T29] Call Trace: [ 912.842548][ T29] [ 912.846177][ T29] __schedule+0x14d2/0x44d0 [ 912.850751][ T29] ? asan.module_dtor+0x20/0x20 [ 912.856004][ T29] ? mark_lock+0x94/0x320 [ 912.863977][ T29] ? lock_chain_count+0x20/0x20 [ 912.882518][ T29] ? _raw_spin_lock_irq+0xaf/0xe0 [ 912.888160][ T29] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 912.905039][ T29] schedule+0xbd/0x170 [ 912.916019][ T29] io_schedule+0x80/0xd0 [ 912.925590][ T29] folio_wait_bit_common+0x6eb/0xf70 [ 912.933369][ T29] ? folio_wait_bit+0x30/0x30 [ 912.938634][ T29] ? filemap_get_entry+0x35c/0x3c0 [ 912.948956][ T29] ? _compound_head+0x120/0x120 [ 912.955995][ T29] ? find_lock_entries+0xc38/0xfe0 [ 912.962857][ T29] __filemap_get_folio+0xbc/0xbc0 [ 912.972827][ T29] truncate_inode_pages_range+0x40a/0xf00 [ 912.982567][ T29] ? mapping_evict_folio+0x510/0x510 [ 912.993046][ T29] ? _raw_spin_lock_irq+0xaf/0xe0 [ 913.002099][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 913.014568][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 913.022028][ T29] evict+0x499/0x870 [ 913.032193][ T29] ? proc_nr_inodes+0x230/0x230 [ 913.037606][ T29] ? do_raw_spin_unlock+0x121/0x230 [ 913.043669][ T29] ? do_raw_spin_unlock+0x121/0x230 [ 913.050302][ T29] evict_inodes+0x5fe/0x690 [ 913.055137][ T29] ? clear_inode+0x150/0x150 [ 913.060047][ T29] generic_shutdown_super+0x97/0x2b0 [ 913.065530][ T29] kill_block_super+0x44/0x90 [ 913.070796][ T29] deactivate_locked_super+0x97/0x100 [ 913.076817][ T29] cleanup_mnt+0x429/0x4c0 [ 913.081716][ T29] task_work_run+0x1ce/0x250 [ 913.086599][ T29] ? task_work_cancel+0x240/0x240 [ 913.092504][ T29] ? exit_to_user_mode_loop+0x3b/0x110 [ 913.098318][ T29] exit_to_user_mode_loop+0xe6/0x110 [ 913.104039][ T29] exit_to_user_mode_prepare+0xb1/0x140 [ 913.110005][ T29] syscall_exit_to_user_mode+0x1a/0x50 [ 913.115699][ T29] do_syscall_64+0x61/0xb0 [ 913.120234][ T29] ? clear_bhb_loop+0x40/0x90 [ 913.125508][ T29] ? clear_bhb_loop+0x40/0x90 [ 913.130611][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 913.137187][ T29] RIP: 0033:0x7ff48178ff17 [ 913.141681][ T29] RSP: 002b:00007ffd15244438 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 913.150509][ T29] RAX: 0000000000000000 RBX: 00007ff481811c05 RCX: 00007ff48178ff17 [ 913.158673][ T29] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd152444f0 [ 913.167521][ T29] RBP: 00007ffd152444f0 R08: 0000000000000000 R09: 0000000000000000 [ 913.177726][ T29] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd15245580 [ 913.186774][ T29] R13: 00007ff481811c05 R14: 00000000000b19a0 R15: 00007ffd152455c0 [ 913.208535][ T29] [ 913.212587][ T29] [ 913.212587][ T29] Showing all locks held in the system: [ 913.226177][ T29] 1 lock held by khungtaskd/29: [ 913.231435][ T29] #0: ffffffff8cd2fbe0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290 [ 913.245168][ T29] 1 lock held by udevd/5159: [ 913.250073][ T29] #0: ffff8880b8e3c458 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 913.261036][ T29] 2 locks held by getty/5555: [ 913.266650][ T29] #0: ffff88814c7e10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 913.277816][ T29] #1: ffffc9000327b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x425/0x1380 [ 913.289923][ T29] 1 lock held by syz-executor/5778: [ 913.295906][ T29] 1 lock held by syz-executor/5788: [ 913.301401][ T29] #0: ffff88805f7300e0 (&type->s_umount_key#59){+.+.}-{3:3}, at: deactivate_super+0xa4/0xe0 [ 913.312294][ T29] [ 913.315079][ T29] ============================================= [ 913.315079][ T29] [ 913.324896][ T29] NMI backtrace for cpu 1 [ 913.329785][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.6.102-syzkaller #0 [ 913.338208][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 913.348710][ T29] Call Trace: [ 913.352126][ T29] [ 913.355685][ T29] dump_stack_lvl+0x16c/0x230 [ 913.360545][ T29] ? preempt_count_add+0x91/0x1a0 [ 913.366015][ T29] ? show_regs_print_info+0x20/0x20 [ 913.371538][ T29] ? load_image+0x3b0/0x3b0 [ 913.376862][ T29] nmi_cpu_backtrace+0x39b/0x3d0 [ 913.382340][ T29] ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0 [ 913.388967][ T29] ? _printk+0xd0/0x110 [ 913.393379][ T29] ? load_image+0x3b0/0x3b0 [ 913.398291][ T29] ? load_image+0x3b0/0x3b0 [ 913.403265][ T29] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 913.409695][ T29] nmi_trigger_cpumask_backtrace+0x17a/0x2f0 [ 913.415950][ T29] watchdog+0xf41/0xf80 [ 913.420475][ T29] ? watchdog+0x1e1/0xf80 [ 913.425448][ T29] kthread+0x2fa/0x390 [ 913.429632][ T29] ? hungtask_pm_notify+0x90/0x90 [ 913.434952][ T29] ? kthread_blkcg+0xd0/0xd0 [ 913.439944][ T29] ret_from_fork+0x48/0x80 [ 913.445002][ T29] ? kthread_blkcg+0xd0/0xd0 [ 913.449797][ T29] ret_from_fork_asm+0x11/0x20 [ 913.454841][ T29] [ 913.458630][ T29] Sending NMI from CPU 1 to CPUs 0: [ 913.464542][ C0] NMI backtrace for cpu 0 [ 913.464563][ C0] CPU: 0 PID: 5778 Comm: syz-executor Not tainted 6.6.102-syzkaller #0 [ 913.464579][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 913.464588][ C0] RIP: 0010:__se_sys_clock_nanosleep+0x10/0x370 [ 913.464609][ C0] Code: 5b 41 5c 41 5d 41 5e 41 5f eb 0f 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 f3 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 <53> 48 83 e4 e0 48 81 ec 80 00 00 00 48 89 4c 24 18 48 89 54 24 10 [ 913.464622][ C0] RSP: 0018:ffffc900045ffef0 EFLAGS: 00000246 [ 913.464635][ C0] RAX: 1ffff920008bfff2 RBX: ffffc900045fff20 RCX: 0000000000000000 [ 913.464654][ C0] RDX: 00007ffc02266e80 RSI: 0000000000000000 RDI: 0000000000000000 [ 913.464664][ C0] RBP: ffffc900045fff10 R08: ffffffff8e4a882f R09: 1ffffffff1c95105 [ 913.464675][ C0] R10: dffffc0000000000 R11: fffffbfff1c95106 R12: 0000000000000000 [ 913.464685][ C0] R13: 0000000000000000 R14: ffffc900045fff58 R15: 00000000000000e6 [ 913.464695][ C0] FS: 000055555665f500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 913.464709][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 913.464720][ C0] CR2: 00007f33db384198 CR3: 0000000024e7a000 CR4: 00000000003506f0 [ 913.464733][ C0] Call Trace: [ 913.464739][ C0] [ 913.464747][ C0] do_syscall_64+0x55/0xb0 [ 913.464764][ C0] ? clear_bhb_loop+0x40/0x90 [ 913.464779][ C0] ? clear_bhb_loop+0x40/0x90 [ 913.464792][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 913.464813][ C0] RIP: 0033:0x7f5745bc1463 [ 913.464825][ C0] Code: 1f 84 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d fe 70 1c 00 00 74 14 b8 e6 00 00 00 0f 05 d8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 [ 913.464837][ C0] RSP: 002b:00007ffc02266e68 EFLAGS: 00000202 ORIG_RAX: 00000000000000e6 [ 913.464851][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5745bc1463 [ 913.464861][ C0] RDX: 00007ffc02266e80 RSI: 0000000000000000 RDI: 0000000000000000 [ 913.464871][ C0] RBP: 0000000000000000 R08: 0000000000000367 R09: 00000000006cd3c2 [ 913.464880][ C0] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffc022672d0 [ 913.464889][ C0] R13: 0000000000000004 R14: 00007ffc02266ebc R15: 00007ffc02266f50 [ 913.464906][ C0] [ 913.467122][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 913.467134][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.6.102-syzkaller #0 [ 913.467150][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 913.467160][ T29] Call Trace: [ 913.467166][ T29] [ 913.467173][ T29] dump_stack_lvl+0x16c/0x230 [ 913.467199][ T29] ? show_regs_print_info+0x20/0x20 [ 913.467216][ T29] ? load_image+0x3b0/0x3b0 [ 913.467247][ T29] panic+0x2c0/0x710 [ 913.467266][ T29] ? schedule_preempt_disabled+0x20/0x20 [ 913.467287][ T29] ? bpf_jit_dump+0xd0/0xd0 [ 913.467306][ T29] ? __irq_work_queue_local+0x13a/0x3b0 [ 913.467328][ T29] ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0 [ 913.467352][ T29] watchdog+0xf80/0xf80 [ 913.467371][ T29] ? watchdog+0x1e1/0xf80 [ 913.467402][ T29] kthread+0x2fa/0x390 [ 913.467417][ T29] ? hungtask_pm_notify+0x90/0x90 [ 913.467505][ T29] ? kthread_blkcg+0xd0/0xd0 [ 913.467537][ T29] ret_from_fork+0x48/0x80 [ 913.467557][ T29] ? kthread_blkcg+0xd0/0xd0 [ 913.467572][ T29] ret_from_fork_asm+0x11/0x20 [ 913.467603][ T29] [ 913.470880][ T29] Kernel Offset: disabled [ 913.830345][ T29] Rebooting in 86400 seconds..