last executing test programs: 8.084427965s ago: executing program 4 (id=5011): r0 = syz_open_dev$video(&(0x7f0000000300), 0x9, 0x0) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000100)={0xd, @sliced={0x0, [0x8, 0x1, 0x1, 0x5, 0x9, 0x2, 0x6, 0x1cf, 0x4, 0xa488, 0x200, 0x1, 0x8000, 0x8, 0xa1ed, 0xc0e, 0x0, 0xbf, 0x7d, 0x6d, 0x1, 0x401, 0xf8, 0x0, 0x40, 0x3ff, 0x3, 0xddde, 0x81, 0x3, 0x1, 0xfccf, 0x4, 0x5, 0x5, 0x7fff, 0x80, 0xffff, 0x7, 0xff, 0x8, 0x7, 0x3, 0xfff, 0x8, 0x4, 0x14, 0x10], 0x401}}) 7.130553755s ago: executing program 4 (id=5016): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000980)=ANY=[@ANYBLOB="120100009080e140fc044a500243010203010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000b80)={0x44, &(0x7f0000000180)={0x40, 0xe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 6.734055128s ago: executing program 3 (id=5017): r0 = io_uring_setup(0x7fe7, &(0x7f0000000140)={0x0, 0x0, 0x3000, 0x0, 0xfffffffe}) poll(&(0x7f0000000400)=[{0xffffffffffffffff, 0x100}, {r0, 0x8}], 0x2000000000000080, 0x4bd6) 6.283407576s ago: executing program 1 (id=5020): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x100000) 5.891589103s ago: executing program 2 (id=5021): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)={0x40, 0x2c, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x800}, @nested={0x29, 0x11, 0x0, 0x1, [@generic="2fe5afbf24fbcccc554cd9761e79b8dad8a2018544a3f855448c77987d9d7a529f303bbc70"]}]}, 0x40}], 0x1}, 0x0) 5.293162829s ago: executing program 1 (id=5022): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$inet(r0, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0xffe7}], 0x1, &(0x7f0000000080)=[@ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @local, @dev}}}, @ip_retopts={{0x10, 0x0, 0x7, {[@noop]}}}], 0x28}, 0x0) 5.26675738s ago: executing program 0 (id=5023): r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/kcm\x00') preadv(r0, &(0x7f0000000600)=[{&(0x7f00000004c0)=""/234, 0xea}], 0x1, 0xffffffff, 0x4) 4.963710725s ago: executing program 3 (id=5024): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000280)={r0, 0x0, 0x0}, 0x20) 4.609679218s ago: executing program 2 (id=5025): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000400)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) semget$private(0x0, 0x1, 0x334) 4.48944561s ago: executing program 0 (id=5026): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x48, 0x10, 0x421, 0x0, 0x0, {}, [@IFLA_ADDRESS={0xa, 0x1, @local}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @erspan={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @empty=0x2000000}]}}}]}, 0x48}}, 0x0) 4.405191705s ago: executing program 4 (id=5027): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="2c0000003b000701000000000ce2aa66027c00000400000014000180066ea6d071", @ANYRES32], 0x2c}}, 0x4000) 4.330385394s ago: executing program 1 (id=5028): syz_mount_image$romfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f00000001c0)=ANY=[], 0x1, 0x161, &(0x7f0000000300)="$eJzs2rFK81AUB/Dz9bNY+ghOhd6hDm3SRKvgLghOPoBY2nvjxcRIIkg7BV9AcYiP4Oqqm4/Q2c1NXVwdJJLkVtukIFQkQ/+/oTn05J7khsuZTtNznbbwm0SrwdXec8lznVrH3OiJtuhSaoeIanEwiqLrFuUcfOVHUdDK3VC/V9eGFe7eCWlzI18DAAAAAAAAAAAAAAAAAAAAAGBB1F9UUD0M3Rshbd6eyPqD4VHXtrnnj/9hpGZ0SITulpCMm1P1Gu9ELJnfkeH2eVxPn8qzuFIlSrxR9nnaqXOi+YNhUzpdi1v82DDMjr6m6+uGltTSshXZpXonokr88y+zP3b7PU/0qOfniaiaXpZWZHhxllQvz9r/PEHwu+UIFj14eiWanaqoA8o9vzx5Vv+n92zuJ6mCXv4jKv7T/XWQ7R/UXzbrD3H/aPVcu/9T/xivnufhJbU205kBivYZAAD//z4LLWc=") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x0, 0x0) 3.957327404s ago: executing program 3 (id=5029): r0 = socket$inet6(0xa, 0x2, 0x3a) sendto$inet6(r0, &(0x7f0000000000)="800037bbfa9ba1ce", 0x8, 0x0, &(0x7f0000001100)={0xfd, 0x0, 0x0, @loopback}, 0x1c) 3.587920512s ago: executing program 2 (id=5030): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0xb84, 0x1d0, 0x111, 0x4b4, 0x0, 0xd4feffff, 0xabc, 0x20a, 0x278, 0xabc, 0x278, 0x3, 0x0, {[{{@ipv6={@empty, @empty, [], [], 'ipvlan0\x00', 'team_slave_0\x00', {0xff}, {}, 0x6}, 0x7a, 0x1ac, 0x1d0, 0x0, {}, [@common=@hbh={{0x48}, {0x3, 0x0, 0x1, [0x6, 0xf001, 0x8, 0x80, 0x7, 0x0, 0x2, 0xffff, 0x0, 0x7, 0x6, 0x6, 0x0, 0xdf5, 0x4d, 0x1], 0x3}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "6d93eb04697dfa39de04767f46614613a407abbf4ed2e83a63b484dbb3bf6b2a850e79009e2905d2f98ba19f91f3c9faee6d3686e9bee067f4e77d9ad66238750c4100d7ee97ec7646259d90edece6e9787a97bc956c01754c34c5c9518c46178ed5f9194454980e579c80eca35a58dc47d1d5e4ff6e216c724e88c702448587", 0x28}}]}, @common=@inet=@TCPMSS={0x24, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ipv6={@loopback, @private1, [], [], 'veth1_to_hsr\x00', 'pim6reg1\x00'}, 0x0, 0x884, 0x8ec, 0x0, {}, [@common=@unspec=@u32={{0x7e0}, {[{[], [{0x200}]}, {}, {}, {}, {[], [{}, {}, {}, {}, {0x0, 0x1}]}, {}, {[{}, {}, {}, {}, {}, {0x9}]}, {[], [{}, {}, {0x0, 0x3}, {0xa3c}]}, {}, {[{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}, {[{}, {0x0, 0x2}], [{}, {0x1}]}]}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0xbe0) 3.185231231s ago: executing program 0 (id=5031): munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x8, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000b4321f00000000000a00630018000000", @ANYRES32, @ANYBLOB="0000000000200000b706000014008004b703000000000000850000002f000000bf0900000000000055090100000000007b00000000000000bf91000000000000b702000000000000850000000c000000b70000000000450095"], &(0x7f00000000c0)='GPL\x00', 0x2, 0xff9, &(0x7f0000001e40)=""/4089, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 3.130943604s ago: executing program 4 (id=5032): pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) timerfd_settime(r0, 0x3, &(0x7f00000006c0)={{0x0, 0x989680}}, 0x0) 2.842254897s ago: executing program 3 (id=5033): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000fee000), 0x4) 2.77455506s ago: executing program 1 (id=5034): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000340)={'filter\x00', 0x0, 0x0, 0x0, [0xffff, 0x8001, 0xfffffffffffffffa, 0x2, 0x9, 0xc], 0x3, 0x0, 0x0, [{}, {}, {}]}, 0xa8) 2.402349816s ago: executing program 2 (id=5035): r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000080)="290000001e00190f00003fffffffda060200000000e80001dd0008040d000900ea11c21d0005000000", 0x29}], 0x1) 2.20240793s ago: executing program 0 (id=5036): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="020200020f00000026bd7000470300000200080008000000fd00000000000000010005"], 0x78}, 0x1, 0x7}, 0x0) 2.116125485s ago: executing program 4 (id=5037): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_DEL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="b400000002090500000000000000000001000004a000020006000340000200000c00028005000100840000002c0001"], 0xb4}, 0x1, 0x0, 0x0, 0x800}, 0x8) 1.775211565s ago: executing program 1 (id=5038): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x403, 0xc, 0x0, {0x0, 0x0, 0x4, 0x0, 0x351, 0x6558}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_DPORT={0x6, 0x12, 0x4e21}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x8044) 1.766484569s ago: executing program 3 (id=5039): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000600)=@newlink={0x44, 0x10, 0x503, 0x70bd2c, 0x0, {}, [@IFLA_MAP={0x24, 0xe, {0x7, 0x5, 0x98f4, 0x6, 0x6, 0x5}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4001}, 0x4000040) 1.310174607s ago: executing program 2 (id=5040): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSIG(r0, 0x40045436, 0x31) 1.080457943s ago: executing program 0 (id=5041): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000006c0)=ANY=[@ANYBLOB="38000000010205000000018008000100ac1414aa08000200000000000c00028005000100"], 0x38}, 0x1, 0x0, 0x0, 0x20049804}, 0x200040c4) 1.080053763s ago: executing program 4 (id=5042): r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/igmp\x00') preadv(r0, &(0x7f0000000200)=[{&(0x7f0000000000)=""/62, 0x3e}], 0x1, 0x8001, 0x5) 802.502774ms ago: executing program 1 (id=5043): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800000, &(0x7f0000005f80)=ANY=[@ANYBLOB='nls=cp949,barrier,uid=', @ANYRESHEX=0x0, @ANYBLOB="000800139e6ec30b2b99f47f097f267d35dc81666a63e7768c00aeecc11e3d8dd215e24988d111429ce29e60b1481b4454b6c882e8b9de8fa5ff541d3f0470f9a71ac6e14f74c9c65ca943b2e922748c5955a3428550d6fdae754bea64db124b811d06bda34e3f366148a417d90f5120", @ANYBLOB="430d76b2a3a8a45bf91f7dd47325436e81cc16066d5f65a8889719b5430abd0ed1a9b132a573a9cdbab70e678daeede0826c76057559831505352707f466167da3f02a2b8537e7cbb5610818a66a16173c488d0398a0c2e38e06bd168a107cd7f3656c26bc446c2a1c38defe149ad7acc87376bfddb5b270ee1e78072999ccee86dda0422fb89b412e258c88a55fa3f42ab1f3c78e476d7b8e36810f8bdad2f25ef7d8db4a7958f77cfdb6baf816f197ad1467986bd780f84b620ef300b73fed2ca92d22818d51b78bb83881c6bed14cd98e7f00a60350be1d048627a334d985a806367be6be637b84c8b7d08d25573debaa57c5dcdf83828751fa415b9dc6ca5b64200ed42b740358dacba9d7f3bacf8b8c1e35a548a5252b00f85f2cfc4ae2ce5314ee9278c79b407bc396951f0b21311f7fa2d15096f74204add5b32c6c88933b1ec576f619b55df538e3ae228eab7e8c7d2cb7ae4d60210f097912896741b512e0671a26d2e40c57197a8bfc00a5528bac1064061644a711d61942e8ec44a1f3b7550527a8d26f9a347f2bf87738653677be6af6fa6fc8f2349b7ec15d0cfeb7b0bc2c9a2301062755e70bd83fc3288152a3102b7a259a09955823f421131d24a9d484b7f0b01968ad0b30326fa73eb4170b6bc20e8f17afab1596a2a40b6ffff527af84ded2c4da65cba7d34f3c1ab96db4bac52f0b501f748532bd450b7803683d224df843275178d27535a6009e36cfd10bfa1fa4abc1dc5477e08cff848a8541a9f4fad0183a0b8425664b19a5454751d34469bd84e39b070908d6074e8d3106bb4cd09725ea87cb8bf5f084cf3e26d0d98a9437fe7b45778c04dbd2b9f53f21d45b0a46809ee37c9e56f7e90ecb194dc680cf5b7b260d5c84480ad24e04be52840ed4d0fcb57864c82fc86eb117f92daf893dae0797a228e541751b288f62fcf651c1b0d0d10ada0695d99a548cbb485cee7db108c33ddff788af332995a70ee77c55975d7908aaf2faa0ea8793e486893727decf916fd6a5fc20f597dff647c407033db5a43750753997cfbd62c6836f1dff6c0846e9f0a67ac5ae34f295b82e13bdab0807d96d9c2355f220df9cd415a24644a536457989b522d3a9cb59515f5cb200000000a312482c668d038b2b45fab218d49f62afb9ffebf320dcc12e0f37c0ee863cb4292d6046c1b2a6520de63fce58e8202ce36951c04be9f04cfbfc4e8eed11ca251c6b47d3665ed72ae56a7980364778fe0f79e938c63d22baabc68d1b0fd63fbca37c906a3cf2cea68fa31a0516d5a98b2c9034b85baacfdd7023c83f9aa3407a504a73ecf4a7a60820f8f1b1e3bfd94a1c636ed78eac35f3d56e2fd28a09213dc8dcf82d01bed6a60c14fdc1fca833934a92de3f41de3ee9e9ae3209977903109ace1d35862c0f9d603dbf76cc2fe940b612d34596876d1ff31d921e05935d2df4c8e53eee2f8796a6e3a83858b59e5ffc62be377217cab4218b055360ac524176abf85c6087c1d7c5136decca5a08fad845b7549c66822b3aaf23cc77f33a6a0a82083c05ad8e917bf43f42110dfac1e6e6726cbfc51be4755bde82f5aa61f2a1180f515e82b8c257f51bf33aaeee1e9cfdf74658f0e319d4d9644a997052fc2475c402de0c85748ef0304ba0f37246c6ab5398b8c923d462db73b12b015d75162180b98799d1a0b6fab8ff3d15e9b707552545a5eae7c89075b5893182a256e8735b57e55ac682ba553e8b4eb0167ec210e7ca7b057c282a1be9cebeb221975b7a5a4df159d76c9873ebe0112e1b2cf6dc44385e168e0b93b2ff6f469e3ac3464beb6d9a2242b57ce19b4426c9d13d257c77186784d7957d23383f95d1bd4852f703a8be06fb503d58b3e423f11b28e773cceef43f7e089bcc17aaa16e91596f12dd8611ff2d059a57af90d5bedc2a118448b670f84346bf8eb2eb4b18e6685e0a3b658d9f62eff918a222272cefda7c563ae3fb2adc0a21b4a8c5501ef09131e4295dd35c7b0e5fcf8c7d1f38d302b52361b823bacdb483c5b01ed2dca79b7327f1154a5e1b31baa1a9cc994b2d40de68e2cca278e6cc9c0489a510083b06224e298ca47d15cc320af6ecd0aa80b2cfd1ab21950715714948714d628d6db9fb527a23bd49ac0ccc4420ffa3683e4d289032b5f7c136478f61b2858451a96c776ac838e005d1a8b7d664e22e20e85726b4227a1acf161824abb4254d480799191da979d73d2ae3aa7be435e7c96408da31364486fdf0e4ff70624a5e2702b6f704a9521b03dd5b42e4da8aaf476b4258730d7e1e20232d76b52433ecd1f3f6c237e6f78ee92a67c60ba0ea78e2ca1c41ae7c5753837bff6b02ce7a6e668575b39b6bbc01a11d8fa0721f5818c9d7e839c5c45687b6be829c047059a3dd84be5f6666b14c48a8c208c22ccc9e8e82e694b0db6542908c99239f76fa3ecf59eeba404f5b3a3ec2b7f7c353ff26d7031a94817c8796eaa69754905d23a6a42893d4892d1a7ba36179941241d4d434644fea33ece11e0ee73ff54c0100dd546fa949ba4fc861ed414860f09b6d09b0c19db06e23c7cd621e6d609665d176d0ca810c07d5e052d06e623702d663c7c9aa01e8257f566654fe9349a3e70861c082347e289e5e6a8858ea5073787a53f9923b3c0768aa0f719245ca8882144df59356aff29550339b02bf719d7ff570114e6b0f2abcbd8d0c0d62a65cdc5e32cbdacdc500b477a890db2ee48ff3eaa255d95163a8dbe9c59d6d353941e1b1b288dbb56e4bc4f15b220e6e1372c24d84b461cd74d05fa9f80bd65bad53db1335fc99be4b22503d553ca92fbb4bcc66d4ba2693d1b56b2b655cf26a7d48e2449158bc2d7768def896f5ba321573c830255cc7894cf844faceff69129866eee970475c566435920812d9b0910b8e982e41bcbd5176eb333595fdf2caed71f8d6732bffea2954eb3894ff6c15593140e58445a276a3a10eea519b19e0af9990431dc21b2524a66f2b6032991f93ed0b25568a50b5ea76e9d4a5fae90a70d5c521e6ca635b741c0c3a52c648f628f9a96a6c74aab5d1c9c2ab695847b6e5bfe5868f8a2ff8e5e667e6a13888f1988e2541660dfc10124cfea45ca7003d7842b6f6a19a5983a37eabb8c90bf8b01914cb90f91dca33287cc9e3117f4f842337a5af1e78ab24045ac8ee9322729d664e3d53f60018db6cc779a3c1d03b14318ac53acc5930d92f3d726dcd82eb92dd9da1fb0d6940f5f33cbe65ae5578563685cd6c0daa1a27f0b2aa904377c271d4c5338c77f32ef007409ad4989f73d3318289d6fd9aaa7792c5476e7357b5ea8e40711fae7745946ca5db82223a97c1a5b654e789acd97700d1bc8a8db315aef2f16e64778211065810878e3a48728e6b94ede97ac533996f3a3e4ac1e7424afb0c42ced2a86713ca97e4da9c7133a88d8dcb1f3b37f5b7bca6a9147cd8ba7eb9bb23ac4f3a8b181d653ace3ba0ccd29580978601e9427b38b0aa682db49251b1f1bc09ef34d5968a0c28ba2a5b51c3399c2919868d747a26beccfd7e143fc121a22d16c06de3ba4ec01856fba08519f943ac701fd0cddddb213f22349cfe1fa42575678fa6ab93810a26370a3ab825d4be4f5383e81eaf40b72d1a87bcc38bc8f9d351206f778ff7505ca29c19d370c5b0d8688910b17913577df01041ce2e1ffde85d91242e7c2cfdf1acca66c23232708402776aa4bdfd4a9d7178dc6dac356ee67a445136266f44cb8a8af6c6ae14e0dadeacd4d8763bea189968eada7e1d03c32ea53716aa85a270d448b4b22fbcf3e2b6fad2939068b6d078da09878cd9ce734f65dead9958cb90fbb096b86a174afe406f6b5fb0be8d909b01d4bf5fbfa0a6ed11529e2df122854f6217bf02277613a2d453904ab297467b8172527abde206958d31424643e8693555c5cb24800729bca1f065c9a0b6a7b98e83921ea81e84137e1ce1e02adac69bc935da77625a1b1602e9294e122dc3ef4303ebd139a04e49714e1c462b0a9b3f9ad741e7c36ea8f2c9cb937ceac03eefc50fb639be0304ce69a2eb1e418cfa3ec04c56ffb9e437b5b7c1fd5db99f6abe2fb6f99fd0d36b926bb76097fabbb04cc6f033a33202daf4245f7826d819d50e024c689b73486d51d2dac5e0b6d6bfb138dbbe0b00a6dac1c950aea86fcd11e42bfd9e40702d13912e4066ff364438f3b371cb2d422eb5fcfc3f55ad6a14561eaec544aa5b85ae76c28171b8c0451bcbe473632bf4ad8920b244ec0e67306c4737a462ba0e6945e54b3b675ae29772e3edb41bdf08880242cc83e8ffecedfce60e0f4485dfa3b479f72c08832edb84e2595a56279e3fa586fcc0971991d442f34f5c868c681e640b4ad77fb45b3be8ed4b95c7246d62b9d4d6e6c84204f8081a54d998628af084695fad86e13c02163a8f4b29b07c6b73239e3680c73f80ae2fdbbf6cfb242e4cc75b62557f67e0d775f8e7dbcd5e1f26ef7b8966a14f27d637098a7bfc9d0554fb639bee707734bc7128d5bc2d4b4bb1f7628354d83734c6d0f3070add09e8046ce5f7cddba66079db4aee30d0b1f52f8afbd2fe634ad4b6b1d0211d019b29a8fa4d3266c5f2359fe0157574588b35645b4b9bf7ada3d9df83b6bef1802fb7dc2f58c9ee72b1d804b5fbe9d41eaef12040b7decccf10b2104ced7541f5ad7bd86820791d41ca7de9ac7cc6795bcfdee323e456ddc710bf7786b719ba15c8442db6d89bed883c1624a50b0e5ead037bc1385edb21324ca1b769609d0f840674f74705182c0c2a6e2e5de01ffd1969b3ad2559c4762697e4bca5bd2169d1ce017ff13f7f17aaa1061c7864b636ce5540454eb085b168ad2ad01a79e4b9146dac68983d97d092abea67710f4a713f6a45f71ec7f618d930b5248281df0e7b304f1a1a994ea296643272861d4a06c3c2409dbc2de354877b101ea891438e00a31d879b425c6af81ffa207ca104c54f03761dcd59c5593fdec744a22c7d10e7a1f9873635107bae83638b185f75c9f1270a79a57f07715e3fc2bc2fb2992a444bc1834f801ede021349a6c4bdb8a284236377d4a876278756209b9872c171d5e17d55a6a5560f9d0c2b8a5bfa1b45afc35165dffbc5aa55b8a85e5b4a6dc86d1749610c73c53503c9be85a51e7b7c170d09b7c4cbee1719fa27553c6d24a4ddbc1e2ca4526247a5021cc716001448071174887cb2d699a87ee4f96bd4eb439eecb94b9025303a0ca495181caf4008277727813e7e05dad48ab305bb4aa7adfb2feeae57cb4dd854db47efb3cdaa8f8be7a472b8511915e21613624e4689452bf20e08f91f8363bc68528617906d11ec1fca0c0224a9fdb920f5322a071d006254587180694836d0749b396d77e9ab5b3352f0e9ba8ae8b3e24a337e1f6953d2da2c765e9c4de318bfb89e061ee36adb397a4c7e217e8128d6c9fb76e5dbb93dadcc5dc5060e3b19bdf501b10de61afc0a46d9a0419d03b277ecaf4119ec9c75679f81bda9ea375b2dbc5d5a451e8b775f388919ea3f9546b6d90a721a5f712a92e571d83ee82fe196e3d3d202e77f73bba04111fb2f29586479a27e30bb29104b3f2b6117a05fd5bfa28a057a3399461aadf1a96b476286ae5bfe78b9bfc50f9b6f6f8756aa110443b811e5db48c017afdd14071b4274703998ecadd5367b5e8d6696b23868c3b7e8328cc6057c579b6b385cb87ed1eb10e6386dfffb49827f998763499af43ba8a487674174785c6ba74c76387781216686981dba4c8664dcab4d6c8a385c204de655d000008b76a122f7469c7aaa2abdb3ca99b78b5f4d1ae102982d2f1dcdbbf6917d0eb0bd4b871502040fb6e3dec37fe04401c51b48761de9ec10f36f63d638e2880937c842a8905c9ec82bbce4958d0ab91a4e65708502327b469373bc61f11046e6670acd3684eed59d9a756aed62b01f2726c1f5187e1efed47243a1b18f7bb9656fa14b", @ANYRES16, @ANYRESHEX, @ANYBLOB="2c6e6f626172726965722c00cd2c1a77bebe1941eb51308a0e1eefab7e5e16b355"], 0x1, 0x6bd, &(0x7f0000000cc0)="$eJzs3U+IXVcdB/DvfZm8mRchnf5LowgZGijaYDKTR00EoVFEsggSdNPtkEyaIZO0TKaSFjEvahVcuZIuXFQkLroSEaGuxLoWBDeusg+4c5GFOnL/vJk3b14mM51k3rT9fODOPfeee8753R/3z3v3JdwAn1nnX8vBXoqcP3HhVrl872536d7d7vV+OclkklYyUc9SdJLio+Rc6imfL1c23RUPG+eV+x8WE+990K2XJpqp2r61VbtNRm7ZS6bWFg4kmamL/9lGh63R/VVT1c+l9f4a7W1HWyvW4i4TdryfOBi31U1665WjTo2Ntn/eAvvW7fq+ucl0cij13bX8HJDm6vDoK8P4bXlt6u1dHAAAAPCkjPwuP+ipB3mQWzm8N+EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAp0NRvzOwaKZWvzyTov/+//bAO/XbYw53l969Us2++9S4AwEAAAAAAACAXTn2IA9yK4f7y6tF9Zv/i9XCc9Xfz+Wt3MxClnMytzKflaxkOXNJpgc6at+aX1lZntvc8pcpW66urt5uWp4e2fL0xrh6w4GO+pcGmzYCAAAAAAAAgM+sH+X8+u//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHxTJgXpWTc/1y9NpTSSZStIuZtY2b4812Mfgz+MOAAAAAJ68TjM/XPyvLqwW1Xf+I9X3/qm8lRtZyWJWspSFXK6eBdTf+lt/73WX7t3tXi+nzR1/4187iqPqMfWzh9Ejz1ZbPL/W4ny+ne/lRGZyMctZzPczn5UsZCbfqkrzKTLdPL2Yvne3k36sm+M9t2Hp4nBsxwbKZXxHq0g6uZLFKraTudTuh95qtjs6MNof28nQiHfK7BSvNraZo8vNvNyjXzTz/WG62vODaxmZbXJfZuPpwbxvzv0Oj5PhkebSWnsG9dz6KOXi8EgfK+eHmnmZ658+2Zzv8FHaxkz0fl4u9Y++I1vnPPnyP/5y8WrrxrWrV26e2D+H0cc0fEx0BzLxwrYysVRmoreLTEztJv7Hp91ko76K7uxq+WLV9nAW8528kctZyJnMZi5nM5uv5XS6OT2Q1+e3zmt1rrV2dq4d/1JTKO9JPxu4N+2ZyYdVlHl9eiCvg1e66apucM16lp7ZRpaKdkZn6Z8jQ7nzhaZQjvHjgTvO+A1nYm4gE89unYlf/3c1yc2lG9eWr86/uc3xXmrm5Wn77sZr828eyw7tXLO75fHyTJKJ1LeNwaOjrHu2XzeUr3bzi8tE09mGunaq87mue9SZWvZ05M6onuq6F0aO0q3qjg7UbfiUkzeytPYppLHnJykA23Do5UPtzv3O3zrvd37Sudq5MPXNybOTX2zn4F8n/nTgd63ftr5evJz388McHnekAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwaXDz7XeuzS8tLSwPFg5keM1YCmk95g7vjKzqp6Je0x6xzbHscvSpJGNO5qMLad6ltKt+Jrdq/vskWzRvj2PfO0nGnfmqkIk9GGsyI6ourK3pJK21eJJc2ycvuAOehFMr1988dfPtd76yeH3+9YXXF26cPnvm1TPdr87dPnVlcWlhtv477iiBJ2Hjxz8AAAAAAAAAAADgk2Cv/mPJkKI3hn0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPpnOv5aDvRSZmz05Wy7fu9tdKqd+eX3LiSStJMUPkuKj5FzqKdMD3RUPG+eV+x/+6qX3Puiu9zXR37411O4P/15d3eFe9JopM0kONPNHm9xWf5cG+uvtMLBasbaHZcKO9xMH4/b/AAAA//9tywGy") rename(&(0x7f0000000600)='./file0\x00', &(0x7f0000000780)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00') 681.415807ms ago: executing program 3 (id=5044): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newnexthop={0x38, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_RES_GROUP={0xc, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_IDLE_TIMER={0x8, 0x2, 0x3}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080) 347.948884ms ago: executing program 2 (id=5045): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, 0x0, 0x0) 0s ago: executing program 0 (id=5046): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000001040)={'filter\x00', 0x10, 0x4, 0x418, 0x220, 0x220, 0x220, 0x330, 0x330, 0x330, 0x8000000, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @empty, @multicast2, @multicast2, 0x1, 0xffffffff}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}, @mac=@remote, @rand_addr=0x64010102, @local, 0x4, 0x1}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, @empty, @loopback, @empty, 0x1, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x468) kernel console output (not intermixed with test programs): 4967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11848 comm="syz.1.2754" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 1021.058240][ T30] audit: type=1326 audit(1750725494.292:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11848 comm="syz.1.2754" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 1021.233391][T11853] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2755'. [ 1021.723577][ T5848] usb 1-1: new high-speed USB device number 65 using dummy_hcd [ 1021.967099][ T5848] usb 1-1: Using ep0 maxpacket: 8 [ 1021.989379][ T5848] usb 1-1: config 0 has an invalid interface number: 52 but max is 0 [ 1021.998305][ T5848] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1022.009059][ T5848] usb 1-1: config 0 has no interface number 0 [ 1022.015758][ T5848] usb 1-1: config 0 interface 52 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1022.028459][ T5848] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1022.042247][ T5848] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1022.053991][ T5848] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1022.073378][ T5848] usb 1-1: config 0 interface 52 has no altsetting 0 [ 1022.082419][ T5848] usb 1-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00 [ 1022.092023][ T5848] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1022.396761][ T5848] usb 1-1: config 0 descriptor?? [ 1022.870871][ T5848] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.52/input/input38 [ 1023.062035][ T5848] usb 1-1: USB disconnect, device number 65 [ 1023.062142][ C1] synaptics_usb 1-1:0.52: synusb_irq - usb_submit_urb failed with result: -19 [ 1023.178009][T11900] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2765'. [ 1024.901446][T11929] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2773'. [ 1026.625956][T11938] loop1: detected capacity change from 0 to 8192 [ 1026.785412][T11958] loop0: detected capacity change from 0 to 128 [ 1026.921921][T11958] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 1027.045036][T11958] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1031.671617][T12035] loop2: detected capacity change from 0 to 256 [ 1033.110916][ T30] audit: type=1326 audit(1750725505.619:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12056 comm="syz.0.2813" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1033.280380][ T30] audit: type=1326 audit(1750725505.694:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12056 comm="syz.0.2813" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1033.303577][ T30] audit: type=1326 audit(1750725505.750:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12056 comm="syz.0.2813" exe="/root/syz-executor" sig=0 arch=40000003 syscall=245 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1033.326494][ T30] audit: type=1326 audit(1750725505.769:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12056 comm="syz.0.2813" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1033.668641][ T5848] usb 2-1: new high-speed USB device number 70 using dummy_hcd [ 1033.715651][T12070] CIFS: VFS: Malformed UNC in devname [ 1033.892002][ T5848] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1033.901885][ T5848] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1033.910468][ T5848] usb 2-1: Product: syz [ 1033.914948][ T5848] usb 2-1: Manufacturer: syz [ 1033.919847][ T5848] usb 2-1: SerialNumber: syz [ 1034.095885][ T5848] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1034.281969][ T5845] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1034.639817][T12083] netlink: 'syz.3.2819': attribute type 2 has an invalid length. [ 1034.651476][T12083] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2819'. [ 1034.929105][ T1539] usb 2-1: USB disconnect, device number 70 [ 1035.472789][ T5845] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 1035.480739][ T5845] ath9k_htc: Failed to initialize the device [ 1035.562536][ T1539] usb 2-1: ath9k_htc: USB layer deinitialized [ 1035.673269][T12099] openvswitch: netlink: Mixed IPv4 and IPv6 tunnel attributes [ 1038.028005][T12140] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2835'. [ 1038.035106][T12147] capability: warning: `syz.2.2837' uses 32-bit capabilities (legacy support in use) [ 1038.037453][T12140] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2835'. [ 1039.005458][T12160] loop0: detected capacity change from 0 to 16 [ 1039.068868][T12160] erofs (device loop0): mounted with root inode @ nid 36. [ 1039.963432][T12178] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2845'. [ 1040.065448][T12174] loop1: detected capacity change from 0 to 1024 [ 1040.127186][T12174] EXT4-fs: inline encryption not supported [ 1040.136062][T12174] EXT4-fs: Ignoring removed nobh option [ 1040.141968][T12174] EXT4-fs: Ignoring removed bh option [ 1040.282407][T12174] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1041.045219][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1042.032242][T12214] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2855'. [ 1043.641087][T12238] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2863'. [ 1044.646446][T12258] loop1: detected capacity change from 0 to 64 [ 1046.184338][T12284] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2878'. [ 1046.802885][T12291] loop1: detected capacity change from 0 to 256 [ 1047.050232][T12297] netlink: 124 bytes leftover after parsing attributes in process `syz.2.2881'. [ 1048.256869][T12319] loop0: detected capacity change from 0 to 256 [ 1048.412721][T12316] loop4: detected capacity change from 0 to 2048 [ 1048.586258][T12319] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xba7df490, utbl_chksum : 0xe619d30d) [ 1048.619808][T12316] loop4: p1 < > p2 p3 < p5 p6 > p4 [ 1048.625690][T12316] loop4: partition table partially beyond EOD, truncated [ 1048.634479][T12316] loop4: p1 start 4278190080 is beyond EOD, truncated [ 1048.641740][T12316] loop4: p2 start 16908800 is beyond EOD, truncated [ 1048.717194][T12316] loop4: p5 start 16908800 is beyond EOD, truncated [ 1048.906428][T12332] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2890'. [ 1050.061085][T12353] loop4: detected capacity change from 0 to 64 [ 1050.725840][T12366] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2898'. [ 1050.920063][ T5845] usb 2-1: new high-speed USB device number 71 using dummy_hcd [ 1051.175059][ T5845] usb 2-1: Using ep0 maxpacket: 32 [ 1051.241646][ T5845] usb 2-1: config 0 has an invalid descriptor of length 110, skipping remainder of the config [ 1051.352799][ T5845] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 1051.362485][ T5845] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1051.371852][ T5845] usb 2-1: Product: syz [ 1051.376335][ T5845] usb 2-1: Manufacturer: syz [ 1051.381425][ T5845] usb 2-1: SerialNumber: syz [ 1051.490080][ T5845] usb 2-1: config 0 descriptor?? [ 1051.542914][ T5845] usb 2-1: bad CDC descriptors [ 1051.549592][ T5845] usb 2-1: unsupported MDLM descriptors [ 1051.798171][T12381] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2902'. [ 1051.807867][T12381] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2902'. [ 1051.817610][T12381] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2902'. [ 1051.885588][ T5845] usb 2-1: USB disconnect, device number 71 [ 1051.965298][T12389] netlink: 'syz.0.2903': attribute type 1 has an invalid length. [ 1051.982120][T12384] loop3: detected capacity change from 0 to 128 [ 1052.037348][T12384] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 1052.095310][T12384] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1053.445160][T12412] loop1: detected capacity change from 0 to 512 [ 1053.684695][T12412] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 1053.765166][T12412] System zones: 0-2, 18-18, 34-34 [ 1053.857402][T12412] EXT4-fs (loop1): 1 orphan inode deleted [ 1053.867363][T12412] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1053.883244][ T4130] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 1053.894387][ T4130] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:21: Failed to release dquot type 1 [ 1053.967949][T12412] ext4 filesystem being mounted at /572/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1054.703054][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1056.469324][T12467] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2925'. [ 1059.537170][T12527] netlink: 'syz.2.2941': attribute type 1 has an invalid length. [ 1059.545264][T12527] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2941'. [ 1059.886817][ T30] audit: type=1326 audit(1750725530.698:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12532 comm="syz.3.2943" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1059.909693][ T30] audit: type=1326 audit(1750725530.698:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12532 comm="syz.3.2943" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1060.115587][ T30] audit: type=1326 audit(1750725530.782:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12532 comm="syz.3.2943" exe="/root/syz-executor" sig=0 arch=40000003 syscall=281 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1060.139211][ T30] audit: type=1326 audit(1750725530.782:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12532 comm="syz.3.2943" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1060.169592][ T30] audit: type=1326 audit(1750725530.782:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12532 comm="syz.3.2943" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1060.241949][ T1539] usb 1-1: new high-speed USB device number 66 using dummy_hcd [ 1060.325048][T12546] netlink: 'syz.4.2946': attribute type 1 has an invalid length. [ 1060.445580][ T1539] usb 1-1: Using ep0 maxpacket: 16 [ 1060.523375][ T1539] usb 1-1: config 8 has an invalid interface number: 206 but max is 0 [ 1060.532249][ T1539] usb 1-1: config 8 has no interface number 0 [ 1060.538672][ T1539] usb 1-1: config 8 interface 206 altsetting 1 has an endpoint descriptor with address 0xF7, changing to 0x87 [ 1060.551030][ T1539] usb 1-1: config 8 interface 206 altsetting 1 endpoint 0x87 has invalid maxpacket 33058, setting to 1024 [ 1060.563148][ T1539] usb 1-1: config 8 interface 206 altsetting 1 has 2 endpoint descriptors, different from the interface descriptor's value: 9 [ 1060.577055][ T1539] usb 1-1: config 8 interface 206 has no altsetting 0 [ 1060.783484][ T1539] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=35.bb [ 1060.797646][ T1539] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1060.806018][ T1539] usb 1-1: Product: syz [ 1060.813386][ T1539] usb 1-1: Manufacturer: syz [ 1060.819193][ T1539] usb 1-1: SerialNumber: syz [ 1061.231731][ T1539] garmin_gps 1-1:8.206: Garmin GPS usb/tty converter detected [ 1061.331584][ T1539] usb 1-1: Garmin GPS usb/tty converter now attached to ttyUSB0 [ 1061.593357][ T5845] usb 1-1: USB disconnect, device number 66 [ 1061.635023][ T5845] garmin_gps ttyUSB0: Garmin GPS usb/tty converter now disconnected from ttyUSB0 [ 1061.649758][ T5845] garmin_gps 1-1:8.206: device disconnected [ 1062.153443][T12583] loop3: detected capacity change from 0 to 764 [ 1062.274154][T12583] rock: directory entry would overflow storage [ 1062.280616][T12583] rock: sig=0x4654, size=5, remaining=4 [ 1062.288517][T12587] loop1: detected capacity change from 0 to 8 [ 1062.410102][T12587] cramfs: Error -3 while decompressing! [ 1062.416591][T12587] cramfs: ffffffff95528108(26)->ffff88811cfb4000(4096) [ 1062.424482][T12587] cramfs: Error -5 while decompressing! [ 1062.430300][T12587] cramfs: ffffffff95528122(26)->ffff88811cf19000(4096) [ 1062.438052][T12587] cramfs: Error -3 while decompressing! [ 1062.444140][T12587] cramfs: ffffffff9552813c(16)->ffff88813045a000(4096) [ 1062.456048][T12587] cramfs: Error -3 while decompressing! [ 1062.461871][T12587] cramfs: ffffffff95528108(26)->ffff88811cfb4000(4096) [ 1062.486688][ T30] audit: type=1800 audit(1750725533.120:62): pid=12587 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2953" name="file2" dev="loop1" ino=348 res=0 errno=0 [ 1062.545135][T12592] loop4: detected capacity change from 0 to 256 [ 1062.583322][T12594] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 1062.715823][T12592] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011e5d, chksum : 0x63a11b78, utbl_chksum : 0xe619d30d) [ 1065.066840][ T30] audit: type=1326 audit(1750725535.534:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12635 comm="syz.3.2967" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1065.113893][T12643] loop2: detected capacity change from 0 to 8 [ 1065.180049][ T30] audit: type=1326 audit(1750725535.590:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12635 comm="syz.3.2967" exe="/root/syz-executor" sig=0 arch=40000003 syscall=47 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1065.205653][ T30] audit: type=1326 audit(1750725535.590:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12635 comm="syz.3.2967" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1065.320424][T12643] cramfs: Error -3 while decompressing! [ 1065.326299][T12643] cramfs: ffffffff95524108(26)->ffff88811cd2c000(4096) [ 1065.334194][T12643] cramfs: Error -5 while decompressing! [ 1065.339997][T12643] cramfs: ffffffff95524122(26)->ffff888132acd000(4096) [ 1065.347594][T12643] cramfs: Error -3 while decompressing! [ 1065.353623][T12643] cramfs: ffffffff9552413c(16)->ffff8881373c4000(4096) [ 1065.361070][T12643] cramfs: Error -3 while decompressing! [ 1065.367167][T12643] cramfs: ffffffff95524108(26)->ffff88811cd2c000(4096) [ 1065.385862][ T30] audit: type=1800 audit(1750725535.833:66): pid=12643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2968" name="file2" dev="loop2" ino=348 res=0 errno=0 [ 1065.910081][T12651] netlink: 136 bytes leftover after parsing attributes in process `syz.0.2970'. [ 1065.919804][T12651] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 1066.125290][T12657] netlink: 'syz.3.2971': attribute type 8 has an invalid length. [ 1066.513106][T12666] binder: 12664:12666 ioctl 40046205 0 returned -22 [ 1067.474700][T12679] loop2: detected capacity change from 0 to 1024 [ 1067.932854][T12684] loop3: detected capacity change from 0 to 164 [ 1068.076149][T12684] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1068.295263][ T4048] hfsplus: b-tree write err: -5, ino 4 [ 1070.085649][T12716] loop2: detected capacity change from 0 to 512 [ 1070.332424][T12716] EXT4-fs error (device loop2): ext4_orphan_get:1419: comm syz.2.2990: bad orphan inode 11862016 [ 1070.476015][T12716] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1070.490770][T12716] ext4 filesystem being mounted at /591/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1071.262626][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1073.079143][ T1539] usb 3-1: new high-speed USB device number 78 using dummy_hcd [ 1073.176245][T12757] loop3: detected capacity change from 0 to 4096 [ 1073.190706][T12775] loop0: detected capacity change from 0 to 164 [ 1073.238354][T12757] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 1073.277365][T12775] Unable to read rock-ridge attributes [ 1073.306174][ T1539] usb 3-1: Using ep0 maxpacket: 16 [ 1073.345254][T12775] Unable to read rock-ridge attributes [ 1073.367817][ T1539] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1073.377860][ T1539] usb 3-1: config 1 has no interface number 1 [ 1073.384595][ T1539] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 1073.398229][ T1539] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7 [ 1073.466321][T12775] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 1073.549419][T12757] ntfs3(loop3): ino=19, mi_enum_attr [ 1073.555358][T12757] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 1073.630744][ T1539] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1073.641254][ T1539] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1073.649847][ T1539] usb 3-1: Product: syz [ 1073.654315][ T1539] usb 3-1: Manufacturer: syz [ 1073.659502][ T1539] usb 3-1: SerialNumber: syz [ 1073.739456][T12757] ntfs3(loop3): failed to convert "c46c" to macromanian [ 1073.787807][T12757] ntfs3(loop3): ino=20, mi_enum_attr [ 1074.206477][ T1539] usb 3-1: found format II with max.bitrate = 2, frame size=30167 [ 1074.217531][ T1539] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 1074.490723][ T1539] usb 3-1: USB disconnect, device number 78 [ 1074.726105][T12812] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3011'. [ 1074.735821][T12812] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3011'. [ 1074.973782][ T6046] udevd[6046]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1078.300707][T12872] loop3: detected capacity change from 0 to 8 [ 1078.488955][T12872] SQUASHFS error: Failed to read block 0x738: -5 [ 1078.495887][T12872] SQUASHFS error: Unable to read metadata cache entry [736] [ 1078.678822][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 1078.685729][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 1079.243785][T12888] loop1: detected capacity change from 0 to 164 [ 1079.403392][T12888] Unable to read rock-ridge attributes [ 1079.468185][T12891] syz.3.3036: attempt to access beyond end of device [ 1079.468185][T12891] nbd3: rw=0, sector=0, nr_sectors = 2 limit=0 [ 1079.506414][T12888] Unable to read rock-ridge attributes [ 1079.526624][T12888] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 1080.192326][T12897] loop0: detected capacity change from 0 to 1764 [ 1081.371717][T12921] hfs: unable to load iocharset "I#hIars8Ύ wѷ}+[S_. ,s$nFBlbSR,.R]^kRL/J}&o9b6\wm$xCdeOjocڅ`1҆m#CX^ݾO;;󣫭Xp!+ƇK=A a2HKA rp" [ 1082.364323][T12937] loop3: detected capacity change from 0 to 164 [ 1082.442009][T12937] Unable to read rock-ridge attributes [ 1082.531919][T12937] Unable to read rock-ridge attributes [ 1082.566592][T12943] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3053'. [ 1082.576110][T12943] netlink: 6 bytes leftover after parsing attributes in process `syz.4.3053'. [ 1082.580782][T12937] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 1082.585472][T12943] netlink: 'syz.4.3053': attribute type 2 has an invalid length. [ 1082.585569][T12943] netlink: 6 bytes leftover after parsing attributes in process `syz.4.3053'. [ 1083.674492][T12958] netlink: 256 bytes leftover after parsing attributes in process `syz.3.3057'. [ 1084.425086][T12969] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3061'. [ 1086.135473][T12996] loop2: detected capacity change from 0 to 2048 [ 1088.129396][T13031] cgroup: noprefix used incorrectly [ 1089.026102][T13045] loop2: detected capacity change from 0 to 8 [ 1089.228241][T13045] SQUASHFS error: Failed to read block 0x63a: -5 [ 1089.235335][T13045] SQUASHFS error: Unable to read metadata cache entry [638] [ 1089.242939][T13045] SQUASHFS error: Unable to read directory block [26067d:0] [ 1089.455519][T13057] netlink: 64 bytes leftover after parsing attributes in process `syz.3.3089'. [ 1089.465246][T13057] netlink: 64 bytes leftover after parsing attributes in process `syz.3.3089'. [ 1090.167908][T13052] loop1: detected capacity change from 0 to 4096 [ 1090.235064][T13052] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 1090.764504][T13052] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 1090.850588][T13052] ntfs3(loop1): ino=19, mi_enum_attr [ 1090.998798][T13052] ntfs3(loop1): failed to convert "c46c" to cp863 [ 1091.089609][T13052] ntfs3(loop1): ino=20, mi_enum_attr [ 1091.351539][ T30] audit: type=1326 audit(1750725560.125:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13079 comm="syz.0.3095" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1091.497993][ T30] audit: type=1326 audit(1750725560.172:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13079 comm="syz.0.3095" exe="/root/syz-executor" sig=0 arch=40000003 syscall=241 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1091.521048][ T30] audit: type=1326 audit(1750725560.172:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13079 comm="syz.0.3095" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1091.543939][ T30] audit: type=1326 audit(1750725560.172:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13079 comm="syz.0.3095" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1092.510219][T13096] loop2: detected capacity change from 0 to 1024 [ 1093.314839][T13105] loop4: detected capacity change from 0 to 1024 [ 1093.415485][T13112] loop0: detected capacity change from 0 to 128 [ 1093.712875][T13112] FAT-fs (loop0): error, clusters badly computed (4 != 3) [ 1093.721131][T13112] FAT-fs (loop0): Filesystem has been set read-only [ 1093.822090][T13112] FAT-fs (loop0): error, clusters badly computed (5 != 4) [ 1093.830573][T13112] FAT-fs (loop0): error, clusters badly computed (6 != 5) [ 1093.971470][ T4048] hfsplus: b-tree write err: -5, ino 4 [ 1097.231342][ T1539] usb 2-1: new full-speed USB device number 72 using dummy_hcd [ 1097.506098][ T1539] usb 2-1: config 5 has an invalid interface number: 123 but max is 0 [ 1097.514994][ T1539] usb 2-1: config 5 has no interface number 0 [ 1097.521869][ T1539] usb 2-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid maxpacket 65535, setting to 64 [ 1097.533540][ T1539] usb 2-1: config 5 interface 123 has no altsetting 0 [ 1097.659614][ T1539] usb 2-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7 [ 1097.669600][ T1539] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1097.678220][ T1539] usb 2-1: Product: syz [ 1097.683119][ T1539] usb 2-1: Manufacturer: syz [ 1097.688008][ T1539] usb 2-1: SerialNumber: syz [ 1097.829169][T13170] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1098.366376][ T1539] ni6501 2-1:5.123: driver 'ni6501' failed to auto-configure device. [ 1098.440033][ T1539] usb 2-1: USB disconnect, device number 72 [ 1099.474603][T13216] libceph: resolve '4..' (ret=-3): failed [ 1103.924834][T13288] qrtr: Invalid version 0 [ 1104.182142][T13292] ieee802154 phy0 wpan0: encryption failed: -90 [ 1105.523706][ T1539] usb 4-1: new high-speed USB device number 70 using dummy_hcd [ 1105.825419][ T1539] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1105.887325][ T1539] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 1105.897106][ T1539] usb 4-1: New USB device strings: Mfr=32, Product=0, SerialNumber=9 [ 1105.906032][ T1539] usb 4-1: Manufacturer: syz [ 1105.910942][ T1539] usb 4-1: SerialNumber: syz [ 1106.044012][ T1539] usb 4-1: config 0 descriptor?? [ 1106.298594][ T1539] usb 4-1: USB disconnect, device number 70 [ 1107.643959][ T5848] usb 5-1: new high-speed USB device number 61 using dummy_hcd [ 1107.929302][T13368] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3174'. [ 1107.951852][ T5848] usb 5-1: Using ep0 maxpacket: 32 [ 1108.020185][ T5848] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1108.031954][ T5848] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1108.042686][ T5848] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1108.105888][T13371] tmpfs: Bad value for 'mpol' [ 1108.199417][ T5848] usb 5-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 1108.209096][ T5848] usb 5-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 1108.224075][ T5848] usb 5-1: Product: syz [ 1108.228545][ T5848] usb 5-1: Manufacturer: syz [ 1108.235366][ T5848] usb 5-1: SerialNumber: syz [ 1108.295357][ T5848] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input40 [ 1108.635389][ T5848] usb 5-1: USB disconnect, device number 61 [ 1108.706833][ T5848] appletouch 5-1:1.0: input: appletouch disconnected [ 1108.781812][T13386] netlink: 'syz.1.3178': attribute type 46 has an invalid length. [ 1110.583922][ T30] audit: type=1326 audit(1750725578.104:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13421 comm="syz.3.3188" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1110.606840][ T30] audit: type=1326 audit(1750725578.104:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13421 comm="syz.3.3188" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1110.788823][ T30] audit: type=1326 audit(1750725578.160:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13421 comm="syz.3.3188" exe="/root/syz-executor" sig=0 arch=40000003 syscall=398 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1110.812099][ T30] audit: type=1326 audit(1750725578.160:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13421 comm="syz.3.3188" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1112.782636][T13457] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3200'. [ 1114.241781][T13480] loop2: detected capacity change from 0 to 256 [ 1114.511142][ T30] audit: type=1800 audit(1750725581.789:75): pid=13480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3206" name="file1" dev="loop2" ino=1048621 res=0 errno=0 [ 1114.721889][T13489] netlink: 'syz.4.3209': attribute type 2 has an invalid length. [ 1114.730549][T13489] netlink: 17 bytes leftover after parsing attributes in process `syz.4.3209'. [ 1115.262852][T13497] netlink: 'syz.0.3211': attribute type 9 has an invalid length. [ 1115.271362][T13497] netlink: 'syz.0.3211': attribute type 7 has an invalid length. [ 1115.279620][T13497] netlink: 'syz.0.3211': attribute type 8 has an invalid length. [ 1115.747787][T13505] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 1117.161178][T13534] loop3: detected capacity change from 0 to 256 [ 1117.339505][T13534] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1117.531687][T13534] exFAT-fs (loop3): valid_size(150994954) is greater than size(10) [ 1118.937613][T13562] loop4: detected capacity change from 0 to 512 [ 1119.185859][T13562] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1119.199532][T13562] ext4 filesystem being mounted at /671/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 1119.431317][T13562] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #4: comm syz.4.3230: corrupted inode contents [ 1119.539315][T13562] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #4: comm syz.4.3230: mark_inode_dirty error [ 1119.639991][T13562] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #4: comm syz.4.3230: corrupted inode contents [ 1119.668731][T13562] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #4: comm syz.4.3230: mark_inode_dirty error [ 1119.725337][T13562] Quota error (device loop4): write_blk: dquota write failed [ 1119.733224][T13562] Quota error (device loop4): find_free_dqentry: Can't write quota data block 5 [ 1119.743433][T13562] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 1119.754280][T13562] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.3230: Failed to acquire dquot type 1 [ 1119.831017][ T5848] usb 1-1: new high-speed USB device number 67 using dummy_hcd [ 1120.092164][ T5848] usb 1-1: Using ep0 maxpacket: 16 [ 1120.160565][ T5848] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1120.170479][ T5848] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1120.179141][ T5848] usb 1-1: Product: syz [ 1120.183834][ T5848] usb 1-1: Manufacturer: syz [ 1120.188723][ T5848] usb 1-1: SerialNumber: syz [ 1120.273041][ T5798] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1120.323761][ T5848] r8152-cfgselector 1-1: Unknown version 0x0000 [ 1120.330381][ T5848] r8152-cfgselector 1-1: config 0 descriptor?? [ 1120.974705][ T5848] r8152-cfgselector 1-1: USB disconnect, device number 67 [ 1121.073858][T13606] loop1: detected capacity change from 0 to 256 [ 1122.495864][T13622] loop2: detected capacity change from 0 to 2048 [ 1122.613369][T13622] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=27485, location=27485 [ 1122.777393][T13622] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1124.168056][T13653] loop2: detected capacity change from 0 to 256 [ 1124.488326][T13653] FAT-fs (loop2): Directory bread(block 64) failed [ 1124.497180][T13653] FAT-fs (loop2): Directory bread(block 65) failed [ 1124.504770][T13653] FAT-fs (loop2): Directory bread(block 66) failed [ 1124.511612][T13653] FAT-fs (loop2): Directory bread(block 67) failed [ 1124.518805][T13653] FAT-fs (loop2): Directory bread(block 68) failed [ 1124.532704][T13653] FAT-fs (loop2): Directory bread(block 69) failed [ 1124.541857][T13653] FAT-fs (loop2): Directory bread(block 70) failed [ 1124.548856][T13653] FAT-fs (loop2): Directory bread(block 71) failed [ 1124.556122][T13653] FAT-fs (loop2): Directory bread(block 72) failed [ 1124.562957][T13653] FAT-fs (loop2): Directory bread(block 73) failed [ 1125.136792][T13669] netlink: 'syz.0.3257': attribute type 10 has an invalid length. [ 1125.145800][T13669] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3257'. [ 1125.300235][T13669] team0: Port device netdevsim1 added [ 1126.430059][T13688] loop0: detected capacity change from 0 to 1024 [ 1126.804783][T13696] loop1: detected capacity change from 0 to 256 [ 1127.283101][T13696] FAT-fs (loop1): Directory bread(block 64) failed [ 1127.290064][T13696] FAT-fs (loop1): Directory bread(block 65) failed [ 1127.299326][T13696] FAT-fs (loop1): Directory bread(block 66) failed [ 1127.307616][T13696] FAT-fs (loop1): Directory bread(block 67) failed [ 1127.314889][T13696] FAT-fs (loop1): Directory bread(block 68) failed [ 1127.321706][T13696] FAT-fs (loop1): Directory bread(block 69) failed [ 1127.328902][T13696] FAT-fs (loop1): Directory bread(block 70) failed [ 1127.335933][T13696] FAT-fs (loop1): Directory bread(block 71) failed [ 1127.342943][T13696] FAT-fs (loop1): Directory bread(block 72) failed [ 1127.350448][T13696] FAT-fs (loop1): Directory bread(block 73) failed [ 1127.450178][ T4191] hfsplus: b-tree write err: -5, ino 4 [ 1128.315175][T13715] ptrace attach of "./syz-executor exec"[5789] was attempted by "./syz-executor exec"[13715] [ 1129.079497][T13724] netlink: 304 bytes leftover after parsing attributes in process `syz.3.3275'. [ 1129.940664][T13735] loop0: detected capacity change from 0 to 16 [ 1130.009951][T13735] erofs (device loop0): mounted with root inode @ nid 36. [ 1132.115670][T13774] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3288'. [ 1132.396532][T13772] loop0: detected capacity change from 0 to 2048 [ 1132.654498][T13772] EXT4-fs error (device loop0): ext4_orphan_get:1419: comm syz.0.3287: bad orphan inode 8192 [ 1132.768746][T13790] loop4: detected capacity change from 0 to 64 [ 1132.817735][T13772] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1133.308992][ T5796] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1134.255974][T13813] qrtr: Invalid version 0 [ 1134.762194][T13821] overlay: Unknown parameter '\' [ 1135.856790][T13840] netlink: 'syz.2.3308': attribute type 1 has an invalid length. [ 1135.901514][T13839] bond0: entered allmulticast mode [ 1136.560021][T13882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3310'. [ 1137.201086][T13892] openvswitch: netlink: IP tunnel dst address not specified [ 1138.434230][T13912] netlink: 'syz.2.3320': attribute type 7 has an invalid length. [ 1138.506127][T13914] loop0: detected capacity change from 0 to 128 [ 1138.665716][T13914] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1138.785724][T13914] ext4 filesystem being mounted at /678/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1138.889866][T13921] loop1: detected capacity change from 0 to 1024 [ 1138.971774][T13921] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 1139.291005][ T5796] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1140.001806][T13945] loop2: detected capacity change from 0 to 256 [ 1140.065888][T13945] MINIX-fs: mounting file system with errors, running fsck is recommended [ 1140.193108][T13949] ip6t_srh: unknown srh invflags 85DA [ 1140.694624][T13958] autofs: Unknown parameter 'no9 PG!8E ' [ 1141.071124][T13966] loop2: detected capacity change from 0 to 16 [ 1141.159611][T13966] cramfs: empty filesystem [ 1141.477059][ T6046] udevd[6046]: incorrect cramfs checksum on /dev/loop2 [ 1141.570252][T13974] Mount JFS Failure: -22 [ 1141.574847][T13974] jfs_mount failed w/return code = -22 [ 1143.283202][T14000] Cannot find add_set index 3 as target [ 1144.343833][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 1144.350744][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 1146.614894][T14056] Mount JFS Failure: -22 [ 1146.619448][T14056] jfs_mount failed w/return code = -22 [ 1147.750407][T14071] netlink: 'syz.1.3370': attribute type 1 has an invalid length. [ 1147.760074][T14071] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3370'. [ 1147.979558][ T1539] usb 5-1: new high-speed USB device number 62 using dummy_hcd [ 1148.204477][ T1539] usb 5-1: Using ep0 maxpacket: 16 [ 1148.245469][ T1539] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 1148.254334][ T1539] usb 5-1: config 0 has no interface number 0 [ 1148.261278][ T1539] usb 5-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1148.273606][ T1539] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1148.410965][ T1539] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 1148.421090][ T1539] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 1148.429793][ T1539] usb 5-1: Product: syz [ 1148.434252][ T1539] usb 5-1: SerialNumber: syz [ 1148.523176][ T1539] usb 5-1: config 0 descriptor?? [ 1148.582164][ T1539] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input41 [ 1148.917435][ C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1148.928730][ C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1148.939188][ C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1148.947683][ C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1148.955484][ C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1148.963379][ C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1148.971089][ C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1148.978942][ C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1148.980600][T14099] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3375'. [ 1148.986505][ C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1149.003603][ C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1149.016233][ C1] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 1149.025850][ T1539] usb 5-1: USB disconnect, device number 62 [ 1149.055953][ T1539] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 1149.655059][T14114] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3377'. [ 1149.664694][T14114] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3377'. [ 1150.581328][T14120] loop1: detected capacity change from 0 to 4096 [ 1151.268869][T14143] netlink: 'syz.2.3386': attribute type 6 has an invalid length. [ 1151.447892][T14146] tmpfs: Bad value for 'mpol' [ 1154.107768][T14180] loop0: detected capacity change from 0 to 256 [ 1154.122573][T14182] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1156.776487][T14225] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3413'. [ 1156.786571][T14225] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3413'. [ 1157.031692][T14233] loop4: detected capacity change from 0 to 64 [ 1157.313591][T14237] tmpfs: Unexpected value for 'grpquota' [ 1157.977070][T14251] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3421'. [ 1160.129622][T14287] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3433'. [ 1160.659943][T14260] Bluetooth: hci1: command 0x0406 tx timeout [ 1161.781968][ T1539] usb 4-1: new high-speed USB device number 71 using dummy_hcd [ 1162.048298][ T1539] usb 4-1: Using ep0 maxpacket: 32 [ 1162.079256][ T1539] usb 4-1: config 0 has an invalid interface number: 2 but max is 0 [ 1162.087868][ T1539] usb 4-1: config 0 has no interface number 0 [ 1162.094547][ T1539] usb 4-1: config 0 interface 2 has no altsetting 0 [ 1162.173856][ T1539] usb 4-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f [ 1162.186447][ T1539] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1162.195573][ T1539] usb 4-1: Product: syz [ 1162.200296][ T1539] usb 4-1: Manufacturer: syz [ 1162.205208][ T1539] usb 4-1: SerialNumber: syz [ 1162.352083][ T1539] usb 4-1: config 0 descriptor?? [ 1162.604393][ T1539] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 1162.812866][ T1539] snd-usb-audio 4-1:0.2: probe with driver snd-usb-audio failed with error -2 [ 1162.916565][ T1539] usb 4-1: USB disconnect, device number 71 [ 1163.241525][ T6046] udevd[6046]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1164.647724][T14355] loop2: detected capacity change from 0 to 4096 [ 1164.925046][T14373] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3455'. [ 1165.518362][T14382] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3458'. [ 1165.745764][T14390] loop1: detected capacity change from 0 to 128 [ 1165.819852][T14390] qnx6: superblock #1 checksum error [ 1165.942771][T14390] syz.1.3461: attempt to access beyond end of device [ 1165.942771][T14390] loop1: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 1165.956642][T14390] EXT4-fs (loop1): unable to read superblock [ 1166.422182][T14427] loop0: detected capacity change from 0 to 512 [ 1166.658399][T14427] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1166.678679][T14427] ext4 filesystem being mounted at /707/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1166.709409][T14430] loop2: detected capacity change from 0 to 1024 [ 1167.259993][ T5796] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1172.160407][T14522] loop4: detected capacity change from 0 to 1024 [ 1172.815812][ T3513] hfsplus: b-tree write err: -5, ino 4 [ 1173.481056][T14544] overlayfs: conflicting options: userxattr,redirect_dir=on [ 1173.638061][T14548] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3496'. [ 1173.969080][T14553] ipvlan1: left allmulticast mode [ 1173.974507][T14553] veth0_vlan: left allmulticast mode [ 1174.397225][T14557] loop2: detected capacity change from 0 to 1024 [ 1174.450138][T14564] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3500'. [ 1174.967886][T14571] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3503'. [ 1175.594742][T14587] netlink: 'syz.2.3506': attribute type 1 has an invalid length. [ 1175.690945][ T1539] usb 2-1: new high-speed USB device number 73 using dummy_hcd [ 1176.003047][ T1539] usb 2-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 1176.012952][ T1539] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1176.021551][ T1539] usb 2-1: Product: syz [ 1176.026006][ T1539] usb 2-1: Manufacturer: syz [ 1176.030927][ T1539] usb 2-1: SerialNumber: syz [ 1176.217023][ T1539] usb 2-1: config 0 descriptor?? [ 1176.300203][ T1539] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 1176.780265][ T1539] gspca_sunplus: reg_w_riv err -71 [ 1176.786028][ T1539] sunplus 2-1:0.0: probe with driver sunplus failed with error -71 [ 1176.867320][ T1539] usb 2-1: USB disconnect, device number 73 [ 1180.582522][T14673] netlink: 'syz.1.3530': attribute type 30 has an invalid length. [ 1182.147504][T14700] netlink: 'syz.2.3540': attribute type 1 has an invalid length. [ 1182.155615][T14700] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3540'. [ 1182.468661][ T5848] usb 1-1: new high-speed USB device number 68 using dummy_hcd [ 1182.722873][ T5848] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 1182.732744][ T5848] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1182.817303][ T5848] usb 1-1: config 0 descriptor?? [ 1183.215162][T14722] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3545'. [ 1183.344357][T14725] netlink: 'syz.4.3546': attribute type 3 has an invalid length. [ 1183.353067][T14725] netlink: 'syz.4.3546': attribute type 3 has an invalid length. [ 1183.363349][T14725] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3546'. [ 1183.430235][ T5848] ath6kl: Failed to submit usb control message: -71 [ 1183.437425][ T5848] ath6kl: unable to send the bmi data to the device: -71 [ 1183.445072][ T5848] ath6kl: Unable to send get target info: -71 [ 1183.483489][ T5848] ath6kl: Failed to init ath6kl core: -71 [ 1183.496113][ T5848] ath6kl_usb 1-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 1183.655633][ T5848] usb 1-1: USB disconnect, device number 68 [ 1185.026836][T14755] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3554'. [ 1185.409752][T14759] geneve2: entered promiscuous mode [ 1185.415311][T14759] geneve2: entered allmulticast mode [ 1185.626526][T14764] loop2: detected capacity change from 0 to 8 [ 1185.838702][T14764] SQUASHFS error: Unable to read directory block [629:26] [ 1188.657951][T14812] loop3: detected capacity change from 0 to 256 [ 1189.227946][T14812] FAT-fs (loop3): Directory bread(block 64) failed [ 1189.235170][T14812] FAT-fs (loop3): Directory bread(block 65) failed [ 1189.245418][T14812] FAT-fs (loop3): Directory bread(block 66) failed [ 1189.252264][T14812] FAT-fs (loop3): Directory bread(block 67) failed [ 1189.259575][T14812] FAT-fs (loop3): Directory bread(block 68) failed [ 1189.266682][T14812] FAT-fs (loop3): Directory bread(block 69) failed [ 1189.273681][T14812] FAT-fs (loop3): Directory bread(block 70) failed [ 1189.280854][T14812] FAT-fs (loop3): Directory bread(block 71) failed [ 1189.287984][T14812] FAT-fs (loop3): Directory bread(block 72) failed [ 1189.294834][T14812] FAT-fs (loop3): Directory bread(block 73) failed [ 1190.778654][T14842] loop0: detected capacity change from 0 to 64 [ 1191.605193][T14845] loop3: detected capacity change from 0 to 4096 [ 1191.929553][T14861] netlink: 'syz.0.3585': attribute type 1 has an invalid length. [ 1192.486869][T14845] ntfs3(loop3): ino=5, "/" indx_read [ 1192.492585][T14845] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 1194.976639][T14916] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3601'. [ 1197.699840][T14964] xt_policy: neither incoming nor outgoing policy selected [ 1199.583016][ T1539] usb 1-1: new full-speed USB device number 69 using dummy_hcd [ 1199.668771][ T5848] usb 3-1: new full-speed USB device number 79 using dummy_hcd [ 1199.789911][ T1539] usb 1-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 1199.801075][ T1539] usb 1-1: config 2 interface 0 has no altsetting 0 [ 1199.894488][ T1539] usb 1-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b [ 1199.903572][ T5848] usb 3-1: not running at top speed; connect to a high speed hub [ 1199.904242][ T1539] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1199.920208][ T1539] usb 1-1: Product: syz [ 1199.924851][ T1539] usb 1-1: Manufacturer: syz [ 1199.929747][ T1539] usb 1-1: SerialNumber: syz [ 1199.989982][ T5848] usb 3-1: config 95 has an invalid interface number: 1 but max is 0 [ 1199.998700][ T5848] usb 3-1: config 95 has no interface number 0 [ 1200.005622][ T5848] usb 3-1: config 95 interface 1 has no altsetting 0 [ 1200.062275][ T1539] usb 1-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state [ 1200.072330][ T1539] usb 1-1: selecting invalid altsetting 0 [ 1200.099338][ T5848] usb 3-1: New USB device found, idVendor=0763, idProduct=2031, bcdDevice=ad.3f [ 1200.109087][ T5848] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1200.117640][ T5848] usb 3-1: Product: syz [ 1200.122099][ T5848] usb 3-1: Manufacturer: syz [ 1200.126996][ T5848] usb 3-1: SerialNumber: syz [ 1200.207825][ T1539] usb 1-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter) [ 1200.390903][ T1539] usb 1-1: USB disconnect, device number 69 [ 1201.027839][ T5848] usb 3-1: USB disconnect, device number 79 [ 1201.435850][ T6046] udevd[6046]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:95.1/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1201.988661][ T5848] usb 1-1: new high-speed USB device number 70 using dummy_hcd [ 1202.187568][ T5848] usb 1-1: Using ep0 maxpacket: 8 [ 1202.228630][ T5848] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 1202.237548][ T5848] usb 1-1: config 179 has no interface number 0 [ 1202.244354][ T5848] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 1202.262315][ T5848] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 1202.278270][ T5848] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1202.290159][ T5848] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 1202.300787][ T5848] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1202.314610][ T5848] usb 1-1: config 179 interface 65 has no altsetting 0 [ 1202.322645][ T5848] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 1202.332565][ T5848] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1202.804753][ T5848] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input42 [ 1203.006041][ T5848] usb 1-1: USB disconnect, device number 70 [ 1203.022169][ T5848] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 1203.062318][T15072] loop4: detected capacity change from 0 to 1024 [ 1203.185884][T15072] hfsplus: bad catalog entry type [ 1203.356628][ T30] audit: type=1326 audit(1750725664.871:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15093 comm="syz.2.3639" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 1203.379806][ T30] audit: type=1326 audit(1750725664.881:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15093 comm="syz.2.3639" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 1203.402430][ T30] audit: type=1326 audit(1750725664.881:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15093 comm="syz.2.3639" exe="/root/syz-executor" sig=0 arch=40000003 syscall=75 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 1203.425052][ T30] audit: type=1326 audit(1750725664.890:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15093 comm="syz.2.3639" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 1204.674640][T15118] netlink: 'syz.3.3646': attribute type 21 has an invalid length. [ 1204.683163][T15118] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3646'. [ 1205.163534][T15128] netlink: 'syz.1.3648': attribute type 1 has an invalid length. [ 1205.171946][T15128] netlink: 'syz.1.3648': attribute type 1 has an invalid length. [ 1205.847930][T15097] usb 4-1: new high-speed USB device number 72 using dummy_hcd [ 1205.964633][T15145] openvswitch: netlink: Geneve opt len 5 is not a multiple of 4. [ 1206.065412][T15097] usb 4-1: Using ep0 maxpacket: 16 [ 1206.117573][T15097] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 1206.127404][T15097] usb 4-1: config 0 descriptor has 1 excess byte, ignoring [ 1206.134954][T15097] usb 4-1: config 0 has no interface number 0 [ 1206.366921][T15097] usb 4-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 1206.377026][T15097] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1206.385682][T15097] usb 4-1: Product: syz [ 1206.390166][T15097] usb 4-1: Manufacturer: syz [ 1206.395222][T15097] usb 4-1: SerialNumber: syz [ 1206.638628][T15097] usb 4-1: config 0 descriptor?? [ 1206.703634][T15097] usb 4-1: Found UVC 0.00 device syz (046d:08f3) [ 1206.710496][T15097] usb 4-1: No valid video chain found. [ 1207.040185][ T1539] usb 4-1: USB disconnect, device number 72 [ 1207.207215][T15156] xt_nat: multiple ranges no longer supported [ 1210.035521][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 1210.453089][T15217] netlink: 'syz.4.3675': attribute type 21 has an invalid length. [ 1210.464690][T15217] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3675'. [ 1210.864688][T15226] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3678'. [ 1210.874465][T15226] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3678'. [ 1211.418264][T15097] usb 4-1: new high-speed USB device number 73 using dummy_hcd [ 1211.595401][T15239] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 1211.680765][T15097] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1211.690943][T15097] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1211.783119][T15097] usb 4-1: config 0 descriptor?? [ 1211.828947][T15097] cp210x 4-1:0.0: cp210x converter detected [ 1212.348573][T15097] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -71 [ 1212.380828][T15097] cp210x 4-1:0.0: failed to get vendor val 0x370c size 73: -71 [ 1212.388824][T15097] cp210x 4-1:0.0: GPIO initialisation failed: -71 [ 1212.442425][T15097] usb 4-1: cp210x converter now attached to ttyUSB0 [ 1212.545169][T15097] usb 4-1: USB disconnect, device number 73 [ 1212.572815][T15097] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1212.584123][T15097] cp210x 4-1:0.0: device disconnected [ 1213.398962][T15277] netlink: 'syz.2.3688': attribute type 1 has an invalid length. [ 1213.738832][T15282] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3689'. [ 1213.899912][ T30] audit: type=1326 audit(1750725674.740:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15286 comm="syz.1.3692" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 1214.047401][ T30] audit: type=1326 audit(1750725674.796:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15286 comm="syz.1.3692" exe="/root/syz-executor" sig=0 arch=40000003 syscall=312 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 1214.075861][ T30] audit: type=1326 audit(1750725674.796:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15286 comm="syz.1.3692" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 1214.794495][T15306] openvswitch: netlink: IPv4 tunnel dst address is zero [ 1215.223872][ T5851] usb 2-1: new high-speed USB device number 74 using dummy_hcd [ 1215.426932][ T5851] usb 2-1: Using ep0 maxpacket: 8 [ 1215.466033][ T5851] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1215.525120][ T5851] usb 2-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 1215.535043][ T5851] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1215.543411][ T5851] usb 2-1: Product: syz [ 1215.548224][ T5851] usb 2-1: Manufacturer: syz [ 1215.553121][ T5851] usb 2-1: SerialNumber: syz [ 1215.600388][ T5851] usb 2-1: config 0 descriptor?? [ 1215.680770][T15321] netlink: 'syz.0.3698': attribute type 1 has an invalid length. [ 1215.754439][ T5851] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 found [ 1216.009633][ T5851] snd_usb_toneport 2-1:0.0: cannot get proper max packet size [ 1216.019793][ T5851] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 now disconnected [ 1216.050474][ T5851] snd_usb_toneport 2-1:0.0: probe with driver snd_usb_toneport failed with error -22 [ 1216.143659][ T1539] usb 5-1: new high-speed USB device number 63 using dummy_hcd [ 1216.316350][ T5910] usb 2-1: USB disconnect, device number 74 [ 1216.411648][ T1539] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1216.421406][ T1539] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1216.508775][ T1539] usb 5-1: config 0 descriptor?? [ 1216.572963][ T1539] cp210x 5-1:0.0: cp210x converter detected [ 1216.989294][ T1539] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -71 [ 1217.030613][ T1539] cp210x 5-1:0.0: failed to get vendor val 0x370c size 73: -71 [ 1217.038569][ T1539] cp210x 5-1:0.0: GPIO initialisation failed: -71 [ 1217.102128][ T1539] usb 5-1: cp210x converter now attached to ttyUSB0 [ 1217.189875][ T1539] usb 5-1: USB disconnect, device number 63 [ 1217.241247][ T1539] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1217.256521][ T1539] cp210x 5-1:0.0: device disconnected [ 1217.788224][T15372] loop1: detected capacity change from 0 to 8 [ 1218.044943][T15372] SQUASHFS error: xz decompression failed, data probably corrupt [ 1218.053457][T15372] SQUASHFS error: Failed to read block 0xa8: -5 [ 1218.105489][T15372] SQUASHFS error: xz decompression failed, data probably corrupt [ 1218.118839][T15372] SQUASHFS error: Failed to read block 0xa8: -5 [ 1218.157872][ T30] audit: type=1800 audit(1750725678.715:83): pid=15372 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3706" name="file0" dev="loop1" ino=3 res=0 errno=0 [ 1218.282488][ T5910] usb 4-1: new high-speed USB device number 74 using dummy_hcd [ 1218.484473][ T5910] usb 4-1: Using ep0 maxpacket: 16 [ 1218.531751][ T5910] usb 4-1: New USB device found, idVendor=25c6, idProduct=9002, bcdDevice=62.ba [ 1218.542368][ T5910] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1218.551046][ T5910] usb 4-1: Product: syz [ 1218.555520][ T5910] usb 4-1: Manufacturer: syz [ 1218.566230][ T5910] usb 4-1: SerialNumber: syz [ 1218.713125][ T5910] usb 4-1: config 0 descriptor?? [ 1219.031597][ T5910] snd-usb-hiface 4-1:0.0: probe with driver snd-usb-hiface failed with error -22 [ 1219.283034][ T1539] usb 4-1: USB disconnect, device number 74 [ 1219.779403][ T5851] usb 2-1: new high-speed USB device number 75 using dummy_hcd [ 1220.013545][ T5851] usb 2-1: config 0 has an invalid interface number: 90 but max is 0 [ 1220.022154][ T5851] usb 2-1: config 0 has no interface number 0 [ 1220.134144][ T5851] usb 2-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=de.7f [ 1220.143811][ T5851] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1220.152425][ T5851] usb 2-1: Product: syz [ 1220.156878][ T5851] usb 2-1: Manufacturer: syz [ 1220.161811][ T5851] usb 2-1: SerialNumber: syz [ 1220.266142][ T5851] usb 2-1: config 0 descriptor?? [ 1220.577818][ T5851] cdc_subset 2-1:0.90: probe with driver cdc_subset failed with error -22 [ 1220.844975][ T5910] usb 2-1: USB disconnect, device number 75 [ 1225.926501][T15511] netlink: 'syz.2.3742': attribute type 13 has an invalid length. [ 1226.284088][T15511] gretap0: refused to change device tx_queue_len [ 1226.291134][T15511] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 1227.319414][T15530] loop3: detected capacity change from 0 to 64 [ 1228.748429][T15554] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3755'. [ 1230.618565][T15582] netlink: 'syz.1.3766': attribute type 4 has an invalid length. [ 1230.652378][T15585] xt_hashlimit: overflow, try lower: 9223336852482686975/4228 [ 1231.293128][T15593] openvswitch: netlink: IP tunnel dst address not specified [ 1231.651494][T15604] netlink: 'syz.4.3773': attribute type 2 has an invalid length. [ 1231.660050][T15604] netlink: 'syz.4.3773': attribute type 1 has an invalid length. [ 1232.254284][T15611] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3776'. [ 1232.280902][T15611] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 1232.310477][T15612] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3775'. [ 1233.157047][T15657] loop1: detected capacity change from 0 to 16 [ 1233.292165][T15657] erofs (device loop1): mounted with root inode @ nid 36. [ 1233.379863][T15657] erofs (device loop1): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 1233.403086][T15662] sit0: entered promiscuous mode [ 1233.459281][T15657] erofs (device loop1): read error -117 @ 43 of nid 36 [ 1233.482709][T15662] netlink: 1 bytes leftover after parsing attributes in process `syz.2.3780'. [ 1234.513818][T15680] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.3786'. [ 1234.974310][T15686] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1235.048735][T15689] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3789'. [ 1235.058840][T15689] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3789'. [ 1237.978552][T15735] loop1: detected capacity change from 0 to 128 [ 1238.073184][ T30] audit: type=1326 audit(1750725697.377:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15733 comm="syz.2.3806" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x0 [ 1238.179296][T15735] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 1238.188440][T15735] FAT-fs (loop1): Filesystem has been set read-only [ 1238.188570][ T30] audit: type=1800 audit(1750725697.470:85): pid=15735 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3805" name="file1" dev="loop1" ino=1048627 res=0 errno=0 [ 1238.759711][T15747] loop0: detected capacity change from 0 to 512 [ 1238.778754][T15747] EXT4-fs: Ignoring removed orlov option [ 1238.867264][T15747] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1239.044580][T15747] EXT4-fs (loop0): orphan cleanup on readonly fs [ 1239.181156][T15747] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3808: bg 0: block 248: padding at end of block bitmap is not set [ 1239.232795][T15747] Quota error (device loop0): write_blk: dquota write failed [ 1239.241245][T15747] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 1239.259693][T15747] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3808: Failed to acquire dquot type 1 [ 1239.299196][T15747] EXT4-fs (loop0): 1 truncate cleaned up [ 1239.395707][T15747] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1239.533131][T15768] loop3: detected capacity change from 0 to 256 [ 1239.589179][T15747] EXT4-fs: Ignoring removed orlov option [ 1239.595716][T15747] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1239.622882][T15769] libceph: resolve '. [ 1239.622882][T15769] #)|.fǝa2sow?'%ЏKAqfCzeSb3L)HyoǤYMhE$ [ 1239.622882][T15769] ' (ret=-3): failed [ 1239.649833][T15768] exfat: Deprecated parameter 'utf8' [ 1239.657255][T15768] exfat: Deprecated parameter 'utf8' [ 1239.673966][T15747] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 1239.837838][T15768] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d) [ 1239.855522][T15747] EXT4-fs error (device loop0): __ext4_remount:6736: comm syz.0.3808: Abort forced by user [ 1239.937567][T15747] EXT4-fs (loop0): Remounting filesystem read-only [ 1239.945009][T15747] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 1239.957951][T15747] ext4 filesystem being remounted at /778/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1240.720992][ T5796] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1241.272566][T15787] loop4: detected capacity change from 0 to 1764 [ 1241.794107][T15797] loop1: detected capacity change from 0 to 2048 [ 1241.867789][T15797] EXT4-fs: Ignoring removed bh option [ 1242.111810][T15797] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1242.640611][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1242.827781][T15821] bond0: option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0) [ 1244.444628][T15847] netlink: 129704 bytes leftover after parsing attributes in process `syz.2.3833'. [ 1244.741355][T15854] netlink: 'syz.4.3836': attribute type 2 has an invalid length. [ 1245.574920][T15868] ieee802154 phy0 wpan0: encryption failed: -90 [ 1246.152793][T15878] loop2: detected capacity change from 0 to 256 [ 1247.030898][T15889] loop4: detected capacity change from 0 to 2048 [ 1247.124378][T15889] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=7390, location=7390 [ 1247.199248][T15889] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1249.357499][T15932] loop1: detected capacity change from 0 to 256 [ 1249.558024][ T5910] usb 3-1: new high-speed USB device number 80 using dummy_hcd [ 1249.798603][ T5910] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1249.808282][ T5910] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1249.900358][ T5910] usb 3-1: config 0 descriptor?? [ 1249.911159][T15932] FAT-fs (loop1): Directory bread(block 64) failed [ 1249.918496][T15932] FAT-fs (loop1): Directory bread(block 65) failed [ 1249.925781][T15932] FAT-fs (loop1): Directory bread(block 66) failed [ 1249.932649][T15932] FAT-fs (loop1): Directory bread(block 67) failed [ 1249.940076][T15932] FAT-fs (loop1): Directory bread(block 68) failed [ 1249.947165][T15932] FAT-fs (loop1): Directory bread(block 69) failed [ 1249.954181][T15932] FAT-fs (loop1): Directory bread(block 70) failed [ 1249.961274][T15932] FAT-fs (loop1): Directory bread(block 71) failed [ 1249.968434][T15932] FAT-fs (loop1): Directory bread(block 72) failed [ 1249.975264][T15932] FAT-fs (loop1): Directory bread(block 73) failed [ 1250.214191][ T5910] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 1250.273159][T15932] FAT-fs (loop1): Filesystem has been set read-only [ 1250.295081][ T30] audit: type=1800 audit(1750725708.788:86): pid=15932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3860" name="cpu.stat" dev="loop1" ino=1048629 res=0 errno=0 [ 1250.354482][T15932] FAT-fs (loop1): error, invalid access to FAT (entry 0x00006c61) [ 1250.446796][ T5910] [drm:udl_init] *ERROR* Selecting channel failed [ 1250.580487][ T5910] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2 [ 1250.587626][ T5910] [drm] Initialized udl on minor 2 [ 1250.686150][ T5910] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1250.697590][ T5910] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 1250.712030][T15097] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1250.780529][T15097] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1250.789272][T15097] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 1250.846064][ T5910] usb 3-1: USB disconnect, device number 80 [ 1252.491137][T15989] loop4: detected capacity change from 0 to 1024 [ 1252.573787][T15989] EXT4-fs: Ignoring removed bh option [ 1252.756692][T15989] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1252.928566][T15989] EXT4-fs: Ignoring removed bh option [ 1252.995251][T15989] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 1253.436731][ T5798] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1254.010014][T16017] QAT: failed to copy from user. [ 1255.624459][T16045] netlink: 'syz.2.3888': attribute type 1 has an invalid length. [ 1255.632817][T16045] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3888'. [ 1256.353137][T16061] xt_connbytes: Forcing CT accounting to be enabled [ 1256.369173][ T5910] usb 5-1: new high-speed USB device number 64 using dummy_hcd [ 1256.554104][ T5910] usb 5-1: Using ep0 maxpacket: 32 [ 1256.582429][ T5910] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1256.600730][ T5910] usb 5-1: config 7 has an invalid interface number: 128 but max is 0 [ 1256.609770][ T5910] usb 5-1: config 7 contains an unexpected descriptor of type 0x1, skipping [ 1256.619264][ T5910] usb 5-1: config 7 has an invalid descriptor of length 206, skipping remainder of the config [ 1256.636726][ T5910] usb 5-1: config 7 has no interface number 0 [ 1256.643579][ T5910] usb 5-1: config 7 interface 128 altsetting 2 has an endpoint descriptor with address 0x17, changing to 0x7 [ 1256.661443][ T5910] usb 5-1: config 7 interface 128 altsetting 2 bulk endpoint 0x7 has invalid maxpacket 32 [ 1256.673597][ T5910] usb 5-1: config 7 interface 128 altsetting 2 endpoint 0x87 has an invalid bInterval 209, changing to 11 [ 1256.685562][ T5910] usb 5-1: config 7 interface 128 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 1256.699166][ T5910] usb 5-1: config 7 interface 128 has no altsetting 0 [ 1256.751837][ T5910] usb 5-1: New USB device found, idVendor=6033, idProduct=4108, bcdDevice=cc.13 [ 1256.761611][ T5910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1256.775812][ T5910] usb 5-1: Product: syz [ 1256.782316][ T5910] usb 5-1: Manufacturer: syz [ 1256.787214][ T5910] usb 5-1: SerialNumber: syz [ 1256.840621][T16054] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 1257.184683][ T5910] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 1257.192002][ T5910] usb 5-1: MIDIStreaming interface descriptor not found [ 1257.495323][ T5910] usb 5-1: USB disconnect, device number 64 [ 1257.954105][ T5973] udevd[5973]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:7.128/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1258.533314][T16111] netlink: 'syz.1.3900': attribute type 1 has an invalid length. [ 1258.543409][T16111] netlink: 240 bytes leftover after parsing attributes in process `syz.1.3900'. [ 1259.076456][ T5910] usb 5-1: new full-speed USB device number 65 using dummy_hcd [ 1259.339439][ T5910] usb 5-1: config 0 has an invalid interface number: 41 but max is 0 [ 1259.352459][ T5910] usb 5-1: config 0 has no interface number 0 [ 1259.362479][ T5910] usb 5-1: config 0 interface 41 has no altsetting 0 [ 1259.466589][ T5910] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 1259.476424][ T5910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1259.485307][ T5910] usb 5-1: Product: syz [ 1259.489892][ T5910] usb 5-1: Manufacturer: syz [ 1259.494956][ T5910] usb 5-1: SerialNumber: syz [ 1259.619730][ T5910] usb 5-1: config 0 descriptor?? [ 1260.100230][ T5910] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): set LINK LED failed : -71 [ 1260.111163][ T5910] CoreChips 5-1:0.41: probe with driver CoreChips failed with error -71 [ 1260.289360][ T5910] usb 5-1: USB disconnect, device number 65 [ 1261.930005][T16172] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3915'. [ 1263.054424][T16191] netlink: 136 bytes leftover after parsing attributes in process `syz.1.3921'. [ 1263.064096][T16191] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3921'. [ 1263.344103][T16198] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3924'. [ 1263.617299][T16200] netlink: 'syz.0.3925': attribute type 10 has an invalid length. [ 1263.738631][T16200] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1263.754502][T16200] team0: Port device batadv0 added [ 1263.932960][T16206] QAT: Device 2 not found [ 1264.517654][ T1539] usb 4-1: new high-speed USB device number 75 using dummy_hcd [ 1264.806585][ T1539] usb 4-1: config index 0 descriptor too short (expected 91, got 72) [ 1264.855639][ T1539] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1264.868117][ T1539] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1264.877447][ T1539] usb 4-1: Product: syz [ 1264.882275][ T1539] usb 4-1: Manufacturer: syz [ 1264.887192][ T1539] usb 4-1: SerialNumber: syz [ 1264.956940][T16223] netlink: 'syz.0.3931': attribute type 1 has an invalid length. [ 1264.996046][T16219] loop1: detected capacity change from 0 to 2048 [ 1265.059345][ T1539] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1265.232407][ T5851] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1265.466964][T16219] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1266.174681][ T1539] usb 4-1: USB disconnect, device number 75 [ 1266.385973][ T5851] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 1266.395222][ T5851] ath9k_htc: Failed to initialize the device [ 1266.485354][ T1539] usb 4-1: ath9k_htc: USB layer deinitialized [ 1266.571412][T16242] netlink: 'syz.0.3934': attribute type 3 has an invalid length. [ 1267.486605][T16257] loop1: detected capacity change from 0 to 2048 [ 1267.753521][T16265] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1268.532545][T16277] loop1: detected capacity change from 0 to 512 [ 1268.638517][T16277] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1268.913694][T16277] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1268.930176][T16277] ext4 filesystem being mounted at /778/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1269.090972][T16277] EXT4-fs error (device loop1): ext4_xattr_block_list:762: inode #15: comm syz.1.3943: corrupted xattr block 19: overlapping e_value [ 1269.206468][T16277] EXT4-fs (loop1): Remounting filesystem read-only [ 1269.625323][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1269.765725][T16299] netlink: 'syz.3.3949': attribute type 13 has an invalid length. [ 1269.916956][T16299] gretap0: refused to change device tx_queue_len [ 1269.928387][T16299] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 1270.965570][T16316] ieee802154 phy0 wpan0: encryption failed: -22 [ 1271.076991][T16323] netlink: 244 bytes leftover after parsing attributes in process `syz.0.3957'. [ 1272.913980][T16349] 9pnet_fd: Insufficient options for proto=fd [ 1272.943259][T16353] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3968'. [ 1273.377165][T16358] loop4: detected capacity change from 0 to 256 [ 1275.394897][T16392] loop4: detected capacity change from 0 to 64 [ 1275.714657][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 1276.070288][T16404] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3984'. [ 1277.453273][ T5848] usb 1-1: new high-speed USB device number 71 using dummy_hcd [ 1277.688771][ T5848] usb 1-1: Using ep0 maxpacket: 8 [ 1277.728732][ T5848] usb 1-1: config 6 has an invalid interface number: 2 but max is 0 [ 1277.737733][ T5848] usb 1-1: config 6 has no interface number 0 [ 1277.744628][ T5848] usb 1-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 1277.754848][ T5848] usb 1-1: config 6 interface 2 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1277.900360][T16441] binder: 16438:16441 ioctl c0306201 80000040 returned -22 [ 1277.932242][ T5848] usb 1-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91 [ 1277.942156][ T5848] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1277.951336][ T5848] usb 1-1: Product: syz [ 1277.956306][ T5848] usb 1-1: Manufacturer: syz [ 1277.961292][ T5848] usb 1-1: SerialNumber: syz [ 1278.080224][ T5848] hso 1-1:6.2: Failed to find INT IN ep [ 1278.395650][ T5848] usb 1-1: USB disconnect, device number 71 [ 1281.335572][T16506] loop2: detected capacity change from 0 to 16 [ 1281.381397][T16506] erofs (device loop2): mounted with root inode @ nid 36. [ 1281.496884][T16506] syz.2.4013: attempt to access beyond end of device [ 1281.496884][T16506] loop2: rw=524288, sector=8, nr_sectors = 32 limit=16 [ 1281.516257][T16506] syz.2.4013: attempt to access beyond end of device [ 1281.516257][T16506] loop2: rw=524288, sector=40, nr_sectors = 64 limit=16 [ 1281.530681][T16506] syz.2.4013: attempt to access beyond end of device [ 1281.530681][T16506] loop2: rw=0, sector=8, nr_sectors = 32 limit=16 [ 1281.687209][ T5848] usb 1-1: new high-speed USB device number 72 using dummy_hcd [ 1281.926363][ T5848] usb 1-1: unable to get BOS descriptor or descriptor too short [ 1281.999754][ T5848] usb 1-1: config 7 has an invalid interface number: 232 but max is 0 [ 1282.008666][ T5848] usb 1-1: config 7 has no interface number 0 [ 1282.015111][ T5848] usb 1-1: config 7 interface 232 has no altsetting 0 [ 1282.102203][ T5848] usb 1-1: New USB device found, idVendor=05ac, idProduct=0245, bcdDevice=7d.1d [ 1282.112010][ T5848] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1282.120535][ T5848] usb 1-1: Product: syz [ 1282.125705][ T5848] usb 1-1: Manufacturer: syz [ 1282.132865][ T5848] usb 1-1: SerialNumber: syz [ 1282.625070][ T5848] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:7.232/input/input44 [ 1282.650038][ T5132] bcm5974 1-1:7.232: could not read from device [ 1282.688013][ T5132] bcm5974 1-1:7.232: could not read from device [ 1282.756195][ T5132] bcm5974 1-1:7.232: could not read from device [ 1282.807359][ T5848] usb 1-1: USB disconnect, device number 72 [ 1282.808497][ T5132] bcm5974 1-1:7.232: could not read from device [ 1284.124887][T16563] netlink: 'syz.0.4023': attribute type 1 has an invalid length. [ 1285.850079][T16589] loop2: detected capacity change from 0 to 8 [ 1285.965388][T16589] cramfs: Error -5 while decompressing! [ 1285.971329][T16589] cramfs: ffffffff95524108(26)->ffff888061691000(4096) [ 1285.979019][T16589] cramfs: Error -5 while decompressing! [ 1285.985231][T16589] cramfs: ffffffff95524122(26)->ffff888023cab000(4096) [ 1285.992464][T16589] cramfs: Error -3 while decompressing! [ 1286.005702][T16589] cramfs: ffffffff9552413c(16)->ffff8880284f4000(4096) [ 1286.015471][T16589] cramfs: Error -5 while decompressing! [ 1286.021524][T16589] cramfs: ffffffff95524108(26)->ffff888061691000(4096) [ 1286.498265][T16601] netlink: 'syz.1.4036': attribute type 1 has an invalid length. [ 1286.506354][T16601] netlink: 'syz.1.4036': attribute type 2 has an invalid length. [ 1286.813552][T16600] loop3: detected capacity change from 0 to 2048 [ 1286.928830][T16609] netlink: 'syz.4.4037': attribute type 39 has an invalid length. [ 1287.045203][ T6046] Alternate GPT is invalid, using primary GPT. [ 1287.053212][ T6046] loop3: p1 p2 p3 [ 1287.281533][T16600] loop3: unable to read partition table [ 1287.288880][T16600] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) [ 1288.069361][ T6046] udevd[6046]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 1288.123001][ T5998] udevd[5998]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 1288.148714][ T5969] udevd[5969]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 1289.245798][ T30] audit: type=1326 audit(1750725745.232:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16647 comm="syz.3.4048" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1289.377121][ T30] audit: type=1326 audit(1750725745.306:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16647 comm="syz.3.4048" exe="/root/syz-executor" sig=0 arch=40000003 syscall=271 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1289.402495][ T30] audit: type=1326 audit(1750725745.306:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16647 comm="syz.3.4048" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1289.942767][T16658] netlink: 'syz.2.4051': attribute type 8 has an invalid length. [ 1290.639770][T16664] xt_CT: No such helper "snmp" [ 1290.887767][T16674] netlink: 'syz.4.4056': attribute type 10 has an invalid length. [ 1290.896098][T16674] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4056'. [ 1290.911639][T16674] batman_adv: batadv0: Adding interface: vlan0 [ 1290.918414][T16674] batman_adv: batadv0: The MTU of interface vlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1290.951777][T16674] batman_adv: batadv0: Interface activated: vlan0 [ 1291.897224][T16691] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4062'. [ 1293.563495][T16713] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 1294.961937][T16737] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1295.415492][T16740] loop3: detected capacity change from 0 to 2048 [ 1295.618330][T16740] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1298.596659][T16796] netlink: 144 bytes leftover after parsing attributes in process `syz.4.4097'. [ 1298.764677][T16800] netlink: 'syz.3.4098': attribute type 1 has an invalid length. [ 1299.594832][T16812] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1300.098532][ T30] audit: type=1326 audit(1750725755.381:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16817 comm="syz.2.4104" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 1300.124927][ T30] audit: type=1326 audit(1750725755.381:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16817 comm="syz.2.4104" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 1300.627814][T16830] netlink: 'syz.4.4108': attribute type 1 has an invalid length. [ 1302.080072][T16855] openvswitch: netlink: Duplicate or invalid key (type 0). [ 1302.080261][T16855] openvswitch: netlink: Actions may not be safe on all matching packets [ 1302.942520][ T30] audit: type=1326 audit(1750725758.047:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16864 comm="syz.2.4120" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 1303.081568][ T30] audit: type=1326 audit(1750725758.103:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16864 comm="syz.2.4120" exe="/root/syz-executor" sig=0 arch=40000003 syscall=110 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 1303.104273][ T30] audit: type=1326 audit(1750725758.103:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16864 comm="syz.2.4120" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 1303.541691][T16879] netlink: 'syz.1.4124': attribute type 13 has an invalid length. [ 1303.550311][T16879] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4124'. [ 1307.043247][T16937] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4144'. [ 1307.053324][T16937] netlink: 'syz.2.4144': attribute type 1 has an invalid length. [ 1307.061798][T16937] netlink: 'syz.2.4144': attribute type 1 has an invalid length. [ 1307.070094][T16937] netlink: 'syz.2.4144': attribute type 2 has an invalid length. [ 1307.078573][T16937] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4144'. [ 1307.207656][ T30] audit: type=1326 audit(1750725762.013:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16939 comm="syz.3.4147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1307.233558][ T30] audit: type=1326 audit(1750725762.041:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16939 comm="syz.3.4147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1307.385642][ T30] audit: type=1326 audit(1750725762.116:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16939 comm="syz.3.4147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=317 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1307.409287][ T30] audit: type=1326 audit(1750725762.116:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16939 comm="syz.3.4147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1307.432089][ T30] audit: type=1326 audit(1750725762.116:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16939 comm="syz.3.4147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1308.021150][T16951] pim6reg: entered allmulticast mode [ 1310.883008][T17004] ieee802154 phy0 wpan0: encryption failed: -90 [ 1311.712985][T17019] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4170'. [ 1311.900880][T17023] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4171'. [ 1312.060078][T17026] exFAT-fs (nbd3): mounting with "discard" option, but the device does not support discard [ 1312.072769][T17026] syz.3.4173: attempt to access beyond end of device [ 1312.072769][T17026] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 1312.086100][T17026] exFAT-fs (nbd3): unable to read boot sector [ 1312.092708][T17026] exFAT-fs (nbd3): failed to read boot sector [ 1312.099044][T17026] exFAT-fs (nbd3): failed to recognize exfat type [ 1313.593028][T17051] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4181'. [ 1313.602890][T17051] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4181'. [ 1313.728022][T17054] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4182'. [ 1314.400991][T17049] loop0: detected capacity change from 0 to 4096 [ 1317.348483][T17108] netlink: 'syz.2.4199': attribute type 1 has an invalid length. [ 1317.356889][T17108] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4199'. [ 1317.654492][T17111] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1317.684869][T17111] bond0: (slave rose0): Enslaving as an active interface with an up link [ 1319.040328][T17135] loop3: detected capacity change from 0 to 512 [ 1319.172894][T17135] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1319.379446][T17135] EXT4-fs (loop3): 1 truncate cleaned up [ 1319.392610][T17135] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1320.030873][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1321.883761][ T30] audit: type=1326 audit(1750725775.754:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17184 comm="syz.1.4220" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 1321.906073][ C1] vkms_vblank_simulate: vblank timer overrun [ 1321.916721][ T30] audit: type=1326 audit(1750725775.754:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17184 comm="syz.1.4220" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 1321.939044][ C1] vkms_vblank_simulate: vblank timer overrun [ 1322.176821][ T30] audit: type=1326 audit(1750725775.847:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17184 comm="syz.1.4220" exe="/root/syz-executor" sig=0 arch=40000003 syscall=347 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 1322.199853][ T30] audit: type=1326 audit(1750725775.847:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17184 comm="syz.1.4220" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 1325.582796][ T5848] usb 2-1: new high-speed USB device number 76 using dummy_hcd [ 1325.828619][ T5848] usb 2-1: Using ep0 maxpacket: 32 [ 1325.888167][ T5848] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1325.967604][ T5848] usb 2-1: config index 0 descriptor too short (expected 34347, got 43) [ 1325.976455][ T5848] usb 2-1: config 31 has too many interfaces: 196, using maximum allowed: 32 [ 1325.986416][ T5848] usb 2-1: config 31 has an invalid descriptor of length 0, skipping remainder of the config [ 1325.997211][ T5848] usb 2-1: config 31 has 1 interface, different from the descriptor's value: 196 [ 1326.006788][ T5848] usb 2-1: config 31 has no interface number 0 [ 1326.013914][ T5848] usb 2-1: config 31 interface 81 altsetting 3 has an endpoint descriptor with address 0x93, changing to 0x83 [ 1326.026105][ T5848] usb 2-1: config 31 interface 81 altsetting 3 endpoint 0x83 has invalid wMaxPacketSize 0 [ 1326.036567][ T5848] usb 2-1: config 31 interface 81 has no altsetting 0 [ 1326.381500][ T5848] usb 2-1: string descriptor 0 read error: -22 [ 1326.396790][ T5848] usb 2-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=24.ac [ 1326.406890][ T5848] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1326.495499][ T5848] input: USB Touchscreen 0dfc:0001 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:31.81/input/input46 [ 1326.851222][ T5848] usb 2-1: USB disconnect, device number 76 [ 1327.099514][T17280] loop0: detected capacity change from 0 to 256 [ 1327.615966][T17257] loop3: detected capacity change from 0 to 4096 [ 1327.674629][T17286] loop4: detected capacity change from 0 to 2048 [ 1327.747553][T17257] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 1327.775882][T17286] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1328.053034][T17295] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1328.481852][T17257] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 1328.545141][T17257] ntfs3(loop3): mft corrupted [ 1328.550304][T17257] ntfs3(loop3): Failed to load $Extend (-22). [ 1328.558775][T17257] ntfs3(loop3): Failed to initialize $Extend. [ 1328.738018][T17303] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4246'. [ 1330.074399][T17320] netlink: 72 bytes leftover after parsing attributes in process `syz.0.4251'. [ 1332.266719][T17356] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4261'. [ 1333.539749][T17369] loop4: detected capacity change from 0 to 2048 [ 1333.683400][T17369] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1333.900455][T17382] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1334.285770][T17387] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4269'. [ 1335.996181][T17414] usb usb7: usbfs: process 17414 (syz.0.4277) did not claim interface 7 before use [ 1336.845176][T17430] loop0: detected capacity change from 0 to 8 [ 1337.310598][T17436] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4285'. [ 1338.270878][T17456] loop4: detected capacity change from 0 to 256 [ 1339.827849][T17500] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 1341.419569][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 1342.390194][T17543] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4311'. [ 1343.050826][ T30] audit: type=1326 audit(1750725795.537:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17553 comm="syz.4.4315" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000 [ 1343.073771][ T30] audit: type=1326 audit(1750725795.537:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17553 comm="syz.4.4315" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000 [ 1343.227022][ T30] audit: type=1326 audit(1750725795.612:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17553 comm="syz.4.4315" exe="/root/syz-executor" sig=0 arch=40000003 syscall=401 compat=1 ip=0xf70ae539 code=0x7ffc0000 [ 1344.035350][ T1539] usb 2-1: new high-speed USB device number 77 using dummy_hcd [ 1344.256533][ T1539] usb 2-1: config 2 has an invalid interface number: 174 but max is 0 [ 1344.265558][ T1539] usb 2-1: config 2 has no interface number 0 [ 1344.272395][ T1539] usb 2-1: config 2 interface 174 altsetting 0 has an endpoint descriptor with address 0x9E, changing to 0x8E [ 1344.284619][ T1539] usb 2-1: config 2 interface 174 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 1023 [ 1344.295715][ T1539] usb 2-1: config 2 interface 174 altsetting 0 endpoint 0x82 has invalid maxpacket 12592, setting to 1024 [ 1344.307692][ T1539] usb 2-1: config 2 interface 174 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 1344.572908][ T1539] usb 2-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=22.7e [ 1344.583005][ T1539] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1344.591915][ T1539] usb 2-1: Product: syz [ 1344.596373][ T1539] usb 2-1: Manufacturer: syz [ 1344.601401][ T1539] usb 2-1: SerialNumber: syz [ 1344.659477][T17567] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1344.696729][T17567] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1345.066785][ T1539] usb 2-1: probing VID:PID(0424:012C) [ 1345.076730][ T1539] usb 2-1: vub300 testing BULK IN EndPoint(0) 8E [ 1345.083762][ T1539] usb 2-1: vub300 testing BULK IN EndPoint(1) 82 [ 1345.090434][ T1539] usb 2-1: Could not find two sets of bulk-in/out endpoint pairs [ 1345.254799][ T1539] vub300 2-1:2.174: probe with driver vub300 failed with error -22 [ 1345.301554][ T1539] usb 2-1: USB disconnect, device number 77 [ 1345.716594][T17604] binfmt_misc: register: failed to install interpreter file ./file1/file2 [ 1346.168278][T17609] loop0: detected capacity change from 0 to 1024 [ 1346.474597][T17616] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4330'. [ 1346.792922][ T1539] usb 4-1: new high-speed USB device number 76 using dummy_hcd [ 1346.995873][ T1539] usb 4-1: Using ep0 maxpacket: 8 [ 1347.022360][ T1539] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1347.068525][ T1539] usb 4-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b [ 1347.078422][ T1539] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1347.089357][ T1539] usb 4-1: Product: syz [ 1347.094688][ T1539] usb 4-1: Manufacturer: syz [ 1347.099719][ T1539] usb 4-1: SerialNumber: syz [ 1347.181684][ T1539] usb 4-1: config 0 descriptor?? [ 1347.260170][ T1539] gspca_main: stk014-2.14.0 probing 05e1:0893 [ 1347.267174][ T1539] usb 4-1: selecting invalid altsetting 1 [ 1347.682137][ T1539] usb 4-1: USB disconnect, device number 76 [ 1348.373765][T17657] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4337'. [ 1349.777358][T17678] loop2: detected capacity change from 0 to 128 [ 1353.373439][T17734] dummy0: entered promiscuous mode [ 1353.748115][T17731] loop4: detected capacity change from 0 to 4096 [ 1353.818037][T17742] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4362'. [ 1353.827589][T17742] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4362'. [ 1353.836871][T17742] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4362'. [ 1354.009424][T17731] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1354.262574][T17731] EXT4-fs error (device loop4): ext4_add_entry:2417: inode #2: comm syz.4.4358: Directory hole found for htree leaf block 0 [ 1354.362230][T17731] EXT4-fs (loop4): Remounting filesystem read-only [ 1354.989596][ T5798] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1356.148005][T17778] loop3: detected capacity change from 0 to 128 [ 1356.305973][T17778] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 1357.787567][T17804] Illegal XDP return value 4294967283 on prog (id 192) dev N/A, expect packet loss! [ 1357.965676][ T30] audit: type=1326 audit(1750725809.494:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17806 comm="syz.0.4380" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1357.989645][ T30] audit: type=1326 audit(1750725809.494:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17806 comm="syz.0.4380" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1359.406627][T17831] loop3: detected capacity change from 0 to 512 [ 1359.661565][T17831] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 1359.743249][T17831] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.4385: bad orphan inode 15 [ 1359.827119][T17831] ext4_test_bit(bit=14, block=4) = 1 [ 1359.832761][T17831] is_bad_inode(inode)=0 [ 1359.839029][T17831] NEXT_ORPHAN(inode)=0 [ 1359.843345][T17831] max_ino=32 [ 1359.847973][T17831] i_nlink=1 [ 1359.853849][T17831] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1360.099117][T17831] EXT4-fs error (device loop3): ext4_append:79: inode #2: comm syz.3.4385: Logical block already allocated [ 1360.747131][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1361.472183][T17858] loop2: detected capacity change from 0 to 1764 [ 1361.691278][T17858] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1361.910788][T17872] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4395'. [ 1364.126086][T17908] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4406'. [ 1364.730101][T17917] loop2: detected capacity change from 0 to 256 [ 1364.936154][T17923] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1365.014855][T17923] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1365.110924][T17923] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 1365.555753][T17936] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4413'. [ 1365.674728][T17928] loop4: detected capacity change from 0 to 4096 [ 1365.900325][T17944] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1365.935180][T17928] NILFS error (device loop4): nilfs_check_folio: bad entry in directory #2: unaligned directory entry - offset=0, inode=2, rec_len=129, name_len=1 [ 1366.025022][T17928] Remounting filesystem read-only [ 1370.452816][T17999] loop4: detected capacity change from 0 to 4096 [ 1370.549174][T17999] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512). [ 1373.125661][ T5848] usb 2-1: new full-speed USB device number 78 using dummy_hcd [ 1373.374178][ T5848] usb 2-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 1373.386074][ T5848] usb 2-1: config 253 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1373.397878][ T5848] usb 2-1: config 253 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255 [ 1373.511035][ T5848] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1373.524096][ T5848] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1373.532786][ T5848] usb 2-1: SerialNumber: syz [ 1373.915165][T15097] usb 3-1: new high-speed USB device number 81 using dummy_hcd [ 1373.963075][ T5848] rndis_host 2-1:253.0: RNDIS init failed, -71 [ 1373.970938][ T5848] rndis_host 2-1:253.0: probe with driver rndis_host failed with error -71 [ 1374.077322][ T5848] usb 2-1: USB disconnect, device number 78 [ 1374.123801][T15097] usb 3-1: Using ep0 maxpacket: 16 [ 1374.166047][T15097] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 1374.177141][T15097] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0 [ 1374.187553][T15097] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1374.277670][T15097] usb 3-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 1374.289674][T15097] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1374.298106][T15097] usb 3-1: Product: syz [ 1374.302746][T15097] usb 3-1: Manufacturer: syz [ 1374.307662][T15097] usb 3-1: SerialNumber: syz [ 1374.571338][T15097] usb 3-1: config 0 descriptor?? [ 1375.092429][ T1539] usb 3-1: USB disconnect, device number 81 [ 1376.108086][T18116] netlink: 'syz.0.4457': attribute type 3 has an invalid length. [ 1376.116213][T18116] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4457'. [ 1378.721648][T18161] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4471'. [ 1378.731888][T18161] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4471'. [ 1379.410605][T15097] usb 3-1: new high-speed USB device number 82 using dummy_hcd [ 1379.719967][T15097] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 1379.729468][T15097] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1379.738782][T15097] usb 3-1: Product: syz [ 1379.743418][T15097] usb 3-1: Manufacturer: syz [ 1379.748309][T15097] usb 3-1: SerialNumber: syz [ 1379.990360][T15097] usb 3-1: config 0 descriptor?? [ 1380.320430][T15097] hso 3-1:0.0: Failed to find BULK IN ep [ 1380.355951][T15097] usb-storage 3-1:0.0: USB Mass Storage device detected [ 1380.601610][T15097] usb 3-1: USB disconnect, device number 82 [ 1380.842755][T18210] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4482'. [ 1381.213449][T18213] nfs: Unknown parameter 'ntext' [ 1381.713483][T15097] usb 4-1: new full-speed USB device number 77 using dummy_hcd [ 1382.051126][T15097] usb 4-1: config 0 has an invalid interface number: 239 but max is 0 [ 1382.060731][T15097] usb 4-1: config 0 has no interface number 0 [ 1382.067316][T15097] usb 4-1: config 0 interface 239 altsetting 0 endpoint 0x1 has invalid maxpacket 1023, setting to 64 [ 1382.079007][T15097] usb 4-1: config 0 interface 239 altsetting 0 endpoint 0x82 has invalid maxpacket 511, setting to 64 [ 1382.172518][T15097] usb 4-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73 [ 1382.182184][T15097] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1382.190942][T15097] usb 4-1: Product: syz [ 1382.195490][T15097] usb 4-1: Manufacturer: syz [ 1382.200936][T15097] usb 4-1: SerialNumber: syz [ 1382.277236][T15097] usb 4-1: config 0 descriptor?? [ 1382.297830][T18216] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1382.305832][T18216] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1382.672007][T18216] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1382.679967][T18216] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1383.048585][T15097] asix 4-1:0.239 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 1383.060696][T15097] asix 4-1:0.239: probe with driver asix failed with error -71 [ 1383.187613][T15097] usb 4-1: USB disconnect, device number 77 [ 1384.066210][T18265] netlink: 'syz.0.4495': attribute type 2 has an invalid length. [ 1384.074838][T18265] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4495'. [ 1385.045270][T18279] usb usb9: usbfs: process 18279 (syz.2.4500) did not claim interface 0 before use [ 1385.391194][T18285] xt_socket: unknown flags 0x46 [ 1385.900667][T18294] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4506'. [ 1386.341741][T18303] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4509'. [ 1386.470993][T18302] loop1: detected capacity change from 0 to 1024 [ 1386.568041][T18302] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 1389.973705][T18361] loop3: detected capacity change from 0 to 1024 [ 1390.353073][T18370] loop2: detected capacity change from 0 to 256 [ 1390.473748][T18374] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4530'. [ 1390.622927][ T30] audit: type=1800 audit(1750725840.063:109): pid=18370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4529" name="file1" dev="loop2" ino=1048638 res=0 errno=0 [ 1390.753466][T17499] hfsplus: b-tree write err: -5, ino 4 [ 1390.853393][T15097] usb 2-1: new full-speed USB device number 79 using dummy_hcd [ 1391.133890][T15097] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1391.209246][T15097] usb 2-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=13.4a [ 1391.220777][T15097] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1391.229333][T15097] usb 2-1: Product: syz [ 1391.233887][T15097] usb 2-1: Manufacturer: syz [ 1391.238786][T15097] usb 2-1: SerialNumber: syz [ 1391.394018][T15097] usb 2-1: config 0 descriptor?? [ 1391.434650][T15097] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state. [ 1391.446518][T15097] dvb-usb: bulk message failed: -22 (3/0) [ 1391.602656][T15097] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 1391.704855][T15097] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device) [ 1391.719685][T15097] usb 2-1: media controller created [ 1391.781543][T15097] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1391.888470][T15097] dvb-usb: bulk message failed: -22 (6/0) [ 1391.895015][T15097] dvb-usb: no frontend was attached by 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' [ 1391.988929][T15097] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input47 [ 1392.060681][T15097] dvb-usb: schedule remote query interval to 150 msecs. [ 1392.068484][T15097] dvb-usb: bulk message failed: -22 (3/0) [ 1392.202041][T15097] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device successfully initialized and connected. [ 1392.238705][ T5848] dvb-usb: bulk message failed: -22 (1/0) [ 1392.239376][T18407] loop3: detected capacity change from 0 to 8 [ 1392.244689][ T5848] dvb-usb: error while querying for an remote control event. [ 1392.283300][T15097] usb 2-1: USB disconnect, device number 79 [ 1392.577083][T15097] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I successfully deinitialized and disconnected. [ 1393.557179][T18437] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4541'. [ 1394.068619][T18448] xt_bpf: check failed: parse error [ 1394.537723][T18452] netlink: 'syz.3.4546': attribute type 10 has an invalid length. [ 1394.546571][T18452] bridge0: port 3(team0) entered blocking state [ 1394.553882][T18452] bridge0: port 3(team0) entered disabled state [ 1394.561244][T18452] team0: entered allmulticast mode [ 1394.566658][T18452] team_slave_0: entered allmulticast mode [ 1394.572965][T18452] team_slave_1: entered allmulticast mode [ 1394.586058][T18452] team0: entered promiscuous mode [ 1394.595100][T18452] team_slave_0: entered promiscuous mode [ 1394.603467][T18452] team_slave_1: entered promiscuous mode [ 1394.614182][T18452] bridge0: port 3(team0) entered blocking state [ 1394.621308][T18452] bridge0: port 3(team0) entered forwarding state [ 1395.854864][T18475] loop2: detected capacity change from 0 to 1024 [ 1396.170060][T18475] hfsplus: inconsistency in B*Tree (9,1,255,1,0) [ 1396.541282][T18485] loop4: detected capacity change from 0 to 256 [ 1396.678271][T17499] hfsplus: b-tree write err: -5, ino 4 [ 1396.975403][T18491] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4559'. [ 1397.188890][T18485] FAT-fs (loop4): Directory bread(block 64) failed [ 1397.195801][T18485] FAT-fs (loop4): Directory bread(block 65) failed [ 1397.204770][T18485] FAT-fs (loop4): Directory bread(block 66) failed [ 1397.212965][T18485] FAT-fs (loop4): Directory bread(block 67) failed [ 1397.227205][T18485] FAT-fs (loop4): Directory bread(block 68) failed [ 1397.236280][T18485] FAT-fs (loop4): Directory bread(block 69) failed [ 1397.243465][T18485] FAT-fs (loop4): Directory bread(block 70) failed [ 1397.250293][T18485] FAT-fs (loop4): Directory bread(block 71) failed [ 1397.257608][T18485] FAT-fs (loop4): Directory bread(block 72) failed [ 1397.264662][T18485] FAT-fs (loop4): Directory bread(block 73) failed [ 1398.170120][T18503] loop1: detected capacity change from 0 to 1764 [ 1398.515525][T18514] netlink: 'syz.2.4565': attribute type 1 has an invalid length. [ 1399.114033][T18527] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4568'. [ 1399.124533][T18527] netlink: 43 bytes leftover after parsing attributes in process `syz.0.4568'. [ 1399.134043][T18527] netlink: 'syz.0.4568': attribute type 5 has an invalid length. [ 1399.142074][T18527] netlink: 43 bytes leftover after parsing attributes in process `syz.0.4568'. [ 1401.476078][T18564] usb usb8: usbfs: process 18564 (syz.3.4582) did not claim interface 0 before use [ 1401.599301][T18565] loop2: detected capacity change from 0 to 256 [ 1402.352816][T18577] netlink: 'syz.4.4586': attribute type 21 has an invalid length. [ 1402.368982][T18577] netlink: 144 bytes leftover after parsing attributes in process `syz.4.4586'. [ 1403.365645][T18594] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4591'. [ 1403.375739][T18594] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4591'. [ 1404.282560][T18611] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4597'. [ 1406.504074][T18650] loop2: detected capacity change from 0 to 22 [ 1406.570262][T18650] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1406.617672][T18655] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4611'. [ 1407.086896][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 1408.184576][T18677] loop1: detected capacity change from 0 to 65 [ 1408.287765][T18677] BFS-fs: bfs_fill_super(): NOTE: filesystem loop1 was created with 512 inodes, the real maximum is 511, mounting anyway [ 1409.328021][T18700] loop2: detected capacity change from 0 to 64 [ 1410.212896][T18715] netlink: 'syz.0.4628': attribute type 4 has an invalid length. [ 1410.979609][T18730] netlink: 14 bytes leftover after parsing attributes in process `syz.4.4633'. [ 1411.162955][T18735] netlink: 'syz.0.4634': attribute type 5 has an invalid length. [ 1411.196837][T18736] netlink: 'syz.3.4636': attribute type 33 has an invalid length. [ 1411.205477][T18736] netlink: 152 bytes leftover after parsing attributes in process `syz.3.4636'. [ 1411.983241][T18777] loop4: detected capacity change from 0 to 1024 [ 1412.019278][T18780] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4639'. [ 1412.189752][T18777] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1412.202886][T18777] ext4 filesystem being mounted at /950/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1412.537059][T18784] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 393: padding at end of block bitmap is not set [ 1412.951134][ T5798] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1416.723609][T18857] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4665'. [ 1417.696366][T18874] loop1: detected capacity change from 0 to 256 [ 1420.388386][T18915] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4683'. [ 1423.185449][ T30] audit: type=1326 audit(1750725870.500:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18964 comm="syz.3.4701" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1423.294624][T18970] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4702'. [ 1423.325915][ T30] audit: type=1326 audit(1750725870.585:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18964 comm="syz.3.4701" exe="/root/syz-executor" sig=0 arch=40000003 syscall=184 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1423.349312][ T30] audit: type=1326 audit(1750725870.585:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18964 comm="syz.3.4701" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000 [ 1423.835914][T18975] netlink: 164 bytes leftover after parsing attributes in process `syz.2.4703'. [ 1423.922089][T18975] netlink: 164 bytes leftover after parsing attributes in process `syz.2.4703'. [ 1423.935073][T18975] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4703'. [ 1424.077906][T18981] netlink: 'syz.4.4706': attribute type 1 has an invalid length. [ 1425.882272][T19003] loop1: detected capacity change from 0 to 16 [ 1425.975603][ T30] audit: type=1400 audit(1750725873.110:113): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=19004 comm="syz.0.4714" [ 1426.868739][T19031] loop2: detected capacity change from 0 to 256 [ 1427.863013][T19046] loop3: detected capacity change from 0 to 1024 [ 1428.184707][T19056] netlink: 830 bytes leftover after parsing attributes in process `syz.4.4727'. [ 1430.731145][T19071] loop0: detected capacity change from 0 to 8192 [ 1430.918265][T19093] netlink: 'syz.2.4739': attribute type 6 has an invalid length. [ 1431.712306][T19103] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4742'. [ 1431.722168][T19103] batman_adv: batadv0: Interface deactivated: vlan0 [ 1431.730099][T19103] vlan0: entered promiscuous mode [ 1433.060427][T19124] x_tables: duplicate underflow at hook 4 [ 1433.703079][T19123] loop0: detected capacity change from 0 to 4096 [ 1433.794645][T19123] ntfs3(loop0): ino=3, Correct links count -> 2. [ 1434.629691][T19144] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4755'. [ 1435.233306][T19153] tc_dump_action: action bad kind [ 1436.819684][T19177] loop2: detected capacity change from 0 to 1024 [ 1437.044192][T19177] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1437.692538][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1438.443016][T19207] openvswitch: netlink: EtherType 0 is less than min 600 [ 1439.345708][T19221] loop1: detected capacity change from 0 to 256 [ 1439.534102][ T30] audit: type=1800 audit(1750725885.813:114): pid=19221 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4779" name="file0" dev="loop1" ino=1048647 res=0 errno=0 [ 1441.045659][T19249] loop4: detected capacity change from 0 to 1024 [ 1441.604817][T19249] Quota error (device loop4): do_check_range: Getting block 64 out of range 1-5 [ 1441.614871][T19249] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 1441.624907][T19249] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.4787: Failed to acquire dquot type 0 [ 1441.721719][T19249] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 1441.737741][T19249] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #13: comm syz.4.4787: corrupted inode contents [ 1441.810867][T19249] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #13: comm syz.4.4787: mark_inode_dirty error [ 1441.918349][T19249] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #13: comm syz.4.4787: corrupted inode contents [ 1441.971973][T19249] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #13: comm syz.4.4787: mark_inode_dirty error [ 1442.062140][T19249] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #13: comm syz.4.4787: corrupted inode contents [ 1442.085500][T19249] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 1442.096111][T19249] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #13: comm syz.4.4787: corrupted inode contents [ 1442.136224][T19249] EXT4-fs error (device loop4): ext4_truncate:4597: inode #13: comm syz.4.4787: mark_inode_dirty error [ 1442.173933][T19249] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 1442.219766][T19249] EXT4-fs (loop4): 1 truncate cleaned up [ 1442.228883][T19249] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1442.390326][T19259] loop0: detected capacity change from 0 to 4096 [ 1442.433020][T19259] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 1442.463935][T19249] Quota error (device loop4): do_check_range: Getting block 64 out of range 1-5 [ 1442.474235][T19249] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 1442.484276][T19249] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.4787: Failed to acquire dquot type 0 [ 1443.110123][ T5798] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1445.810199][T19303] loop0: detected capacity change from 0 to 128 [ 1445.884435][T19303] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2 [ 1445.928739][T19309] loop2: detected capacity change from 0 to 256 [ 1446.004348][T19309] exfat: Deprecated parameter 'utf8' [ 1446.010156][T19309] exfat: Deprecated parameter 'utf8' [ 1446.181019][T19309] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x7bac8b1f, utbl_chksum : 0xe619d30d) [ 1449.395221][T19362] loop2: detected capacity change from 0 to 512 [ 1449.448144][T19362] EXT4-fs: Ignoring removed bh option [ 1449.532154][T19362] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 1449.542365][T19362] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 1449.690952][T19362] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 1449.756267][T19358] loop3: detected capacity change from 0 to 4096 [ 1449.774373][T19362] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 1449.786568][T19358] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 1449.823031][T19362] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1449.997971][T19362] EXT4-fs error (device loop2): ext4_empty_dir:3116: inode #12: block 32: comm syz.2.4818: bad entry in directory: directory entry overrun - offset=24, inode=13, rec_len=2320, size=2048 fake=0 [ 1450.404624][T19358] ntfs3(loop3): ino=1a, mi_enum_attr [ 1450.412631][T19358] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 1450.505127][T19358] ntfs3(loop3): Failed to initialize $Extend/$ObjId. [ 1450.602153][ T5800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1453.252993][T19425] netlink: 'syz.0.4836': attribute type 15 has an invalid length. [ 1455.452272][T19457] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4845'. [ 1456.495366][T19477] netlink: 'syz.2.4852': attribute type 28 has an invalid length. [ 1456.504117][T19477] netlink: 'syz.2.4852': attribute type 3 has an invalid length. [ 1456.512326][T19477] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4852'. [ 1456.818272][T19483] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1458.191057][T19503] netlink: 196 bytes leftover after parsing attributes in process `syz.4.4860'. [ 1458.250943][T19507] loop2: detected capacity change from 0 to 128 [ 1458.560221][T19507] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1458.661236][T19507] ext4 filesystem being mounted at /972/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1458.755467][T19507] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:375: inode #2: comm syz.2.4861: No space for directory leaf checksum. Please run e2fsck -D. [ 1458.773155][T19507] EXT4-fs error (device loop2): __ext4_find_entry:1626: inode #2: comm syz.2.4861: checksumming directory block 0 [ 1459.176833][ T5800] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1459.805880][T19534] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 1459.819484][T19535] loop2: detected capacity change from 0 to 8 [ 1459.986642][T19535] SQUASHFS error: xz decompression failed, data probably corrupt [ 1459.994887][T19535] SQUASHFS error: Failed to read block 0x108: -5 [ 1460.001765][T19535] SQUASHFS error: Unable to read metadata cache entry [106] [ 1460.009762][T19535] SQUASHFS error: Unable to read inode 0x11f [ 1460.765560][T19550] Cannot find add_set index 3 as target [ 1460.909280][T19553] loop1: detected capacity change from 0 to 512 [ 1461.045582][T19557] loop4: detected capacity change from 0 to 512 [ 1461.173235][T19553] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1461.186729][T19553] ext4 filesystem being mounted at /964/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1461.365608][T19557] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1461.382102][T19557] ext4 filesystem being mounted at /997/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1461.949088][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1462.114708][ T5798] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1463.147865][T19594] loop2: detected capacity change from 0 to 256 [ 1463.269803][T19594] exfat: Deprecated parameter 'namecase' [ 1463.275973][T19594] exfat: Deprecated parameter 'namecase' [ 1463.463575][T19594] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 1463.900906][T19606] openvswitch: netlink: Message has 12 unknown bytes. [ 1465.106931][T19626] netlink: 17 bytes leftover after parsing attributes in process `syz.3.4895'. [ 1465.118002][T19626] netlink: zone id is out of range [ 1465.123488][T19626] netlink: zone id is out of range [ 1465.130202][T19626] netlink: zone id is out of range [ 1465.135588][T19626] netlink: zone id is out of range [ 1465.141138][T19626] netlink: zone id is out of range [ 1465.146501][T19626] netlink: zone id is out of range [ 1465.152477][T19626] netlink: zone id is out of range [ 1465.157839][T19626] netlink: zone id is out of range [ 1465.169814][T19626] netlink: zone id is out of range [ 1468.179478][T19669] loop3: detected capacity change from 0 to 2048 [ 1468.315549][T19680] loop4: detected capacity change from 0 to 256 [ 1468.363309][T19669] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1468.534685][T19680] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 1468.549739][T19680] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 1468.843290][T19686] netlink: 4580 bytes leftover after parsing attributes in process `syz.0.4915'. [ 1468.853402][T19686] netlink: 4580 bytes leftover after parsing attributes in process `syz.0.4915'. [ 1468.863050][T19686] netlink: 89 bytes leftover after parsing attributes in process `syz.0.4915'. [ 1469.784306][T19701] netlink: 33912 bytes leftover after parsing attributes in process `syz.3.4918'. [ 1472.518204][T19748] netlink: 'syz.1.4934': attribute type 5 has an invalid length. [ 1472.573335][T19747] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4935'. [ 1472.768974][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 1473.450907][T19762] loop4: detected capacity change from 0 to 256 [ 1473.550473][T19762] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x987a2e96, utbl_chksum : 0xe619d30d) [ 1474.372921][T19783] loop3: detected capacity change from 0 to 64 [ 1476.107116][T19807] netlink: 864 bytes leftover after parsing attributes in process `syz.2.4951'. [ 1478.832452][ T1539] usb 1-1: new full-speed USB device number 73 using dummy_hcd [ 1479.071265][ T1539] usb 1-1: config 0 has an invalid interface number: 90 but max is 0 [ 1479.083453][ T1539] usb 1-1: config 0 has no interface number 0 [ 1479.090105][ T1539] usb 1-1: config 0 interface 90 altsetting 0 endpoint 0x85 has invalid maxpacket 512, setting to 64 [ 1479.235383][ T1539] usb 1-1: New USB device found, idVendor=077d, idProduct=0410, bcdDevice=3a.fa [ 1479.245304][ T1539] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1479.253917][ T1539] usb 1-1: Product: syz [ 1479.258403][ T1539] usb 1-1: Manufacturer: syz [ 1479.263520][ T1539] usb 1-1: SerialNumber: syz [ 1479.360436][ T1539] usb 1-1: config 0 descriptor?? [ 1479.369824][T19848] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1479.720615][ T1539] powermate: Expected payload of 3--6 bytes, found 64 bytes! [ 1479.733923][ T1539] input: Griffin PowerMate as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.90/input/input50 [ 1480.001509][ C1] powermate: config urb returned -71 [ 1480.007802][ C1] powermate: config urb returned -71 [ 1480.018546][ C1] powermate: config urb returned -71 [ 1480.026454][ C1] powermate: config urb returned -71 [ 1480.040333][ T1539] usb 1-1: USB disconnect, device number 73 [ 1480.047357][ C1] powermate 1-1:0.90: powermate_irq - usb_submit_urb failed with result: -19 [ 1483.851847][T19946] loop0: detected capacity change from 0 to 16 [ 1483.929885][T19946] erofs (device loop0): mounted with root inode @ nid 36. [ 1484.441104][T19952] loop2: detected capacity change from 0 to 256 [ 1484.719683][T19952] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0xc348802e, utbl_chksum : 0xe619d30d) [ 1484.885523][T19952] exFAT-fs (loop2): start_clu is invalid cluster(0x400) [ 1485.971263][T19978] Option ' ' to dns_resolver key: bad/missing value [ 1486.573298][T19987] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5004'. [ 1486.808766][T19992] loop2: detected capacity change from 0 to 128 [ 1486.873236][T19992] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31 [ 1486.915771][T19995] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5008'. [ 1488.753578][ T1539] usb 5-1: new high-speed USB device number 66 using dummy_hcd [ 1489.058045][ T1539] usb 5-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 1489.070331][ T1539] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1489.079632][ T1539] usb 5-1: Product: syz [ 1489.084442][ T1539] usb 5-1: Manufacturer: syz [ 1489.089326][ T1539] usb 5-1: SerialNumber: syz [ 1489.130225][ T1539] usb 5-1: config 0 descriptor?? [ 1489.261463][ T1539] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 1489.705515][ T5910] usb 5-1: USB disconnect, device number 66 [ 1489.740012][T20042] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !寿$ULvyآDUDw}z [ 1490.959495][ T30] audit: type=1326 audit(1750725933.911:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20066 comm="syz.2.5025" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 1491.047566][ T30] audit: type=1326 audit(1750725933.977:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20066 comm="syz.2.5025" exe="/root/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 1491.070877][ T30] audit: type=1326 audit(1750725933.986:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20066 comm="syz.2.5025" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 1491.093866][ T30] audit: type=1326 audit(1750725933.986:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20066 comm="syz.2.5025" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 1491.446462][T20078] loop1: detected capacity change from 0 to 22 [ 1491.587133][T20078] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1492.122704][T20084] xt_TCPMSS: Only works on TCP SYN packets [ 1493.148275][T20104] netlink: 'syz.2.5035': attribute type 9 has an invalid length. [ 1493.459815][T20109] netlink: 'syz.4.5037': attribute type 2 has an invalid length. [ 1493.468252][T20109] netlink: 'syz.4.5037': attribute type 1 has an invalid length. [ 1493.476261][T20109] netlink: 92 bytes leftover after parsing attributes in process `syz.4.5037'. [ 1494.517438][T20125] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5041'. [ 1494.840241][T20129] loop1: detected capacity change from 0 to 1024 [ 1495.087212][T20129] ===================================================== [ 1495.097629][T20129] BUG: KMSAN: uninit-value in hfsplus_rename_cat+0x1173/0x17e0 [ 1495.106646][T20129] hfsplus_rename_cat+0x1173/0x17e0 [ 1495.112157][T20129] hfsplus_rename+0x1fc/0x2f0 [ 1495.117300][T20129] vfs_rename+0x1e8a/0x2460 [ 1495.122045][T20129] do_renameat2+0x175e/0x1d70 [ 1495.127182][T20129] __ia32_sys_rename+0xd7/0x140 [ 1495.132562][T20129] ia32_sys_call+0x3d36/0x42c0 [ 1495.137777][T20129] __do_fast_syscall_32+0xb0/0x150 [ 1495.143286][T20129] do_fast_syscall_32+0x38/0x80 [ 1495.148701][T20129] do_SYSENTER_32+0x1f/0x30 [ 1495.153518][T20129] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1495.161726][T20129] [ 1495.164207][T20129] Uninit was stored to memory at: [ 1495.169829][T20129] hfsplus_rename_cat+0x10a9/0x17e0 [ 1495.175308][T20129] hfsplus_rename+0x1fc/0x2f0 [ 1495.180510][T20129] vfs_rename+0x1e8a/0x2460 [ 1495.185337][T20129] do_renameat2+0x175e/0x1d70 [ 1495.190928][T20129] __ia32_sys_rename+0xd7/0x140 [ 1495.199041][T20129] ia32_sys_call+0x3d36/0x42c0 [ 1495.204959][T20129] __do_fast_syscall_32+0xb0/0x150 [ 1495.210537][T20129] do_fast_syscall_32+0x38/0x80 [ 1495.215648][T20129] do_SYSENTER_32+0x1f/0x30 [ 1495.220427][T20129] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1495.227633][T20129] [ 1495.230099][T20129] Uninit was stored to memory at: [ 1495.235746][T20129] hfsplus_create_cat+0x18fb/0x1910 [ 1495.241215][T20129] hfsplus_fill_super+0x212e/0x2740 [ 1495.246830][T20129] get_tree_bdev_flags+0x6e3/0x920 [ 1495.252279][T20129] get_tree_bdev+0x38/0x50 [ 1495.257183][T20129] hfsplus_get_tree+0x35/0x40 [ 1495.262099][T20129] vfs_get_tree+0xb0/0x5c0 [ 1495.267021][T20129] do_new_mount+0x738/0x1610 [ 1495.271897][T20129] path_mount+0x6db/0x1e90 [ 1495.276891][T20129] __se_sys_mount+0x6eb/0x7d0 [ 1495.281869][T20129] __ia32_sys_mount+0xe2/0x150 [ 1495.287281][T20129] ia32_sys_call+0x2733/0x42c0 [ 1495.292377][T20129] __do_fast_syscall_32+0xb0/0x150 [ 1495.298027][T20129] do_fast_syscall_32+0x38/0x80 [ 1495.307030][T20129] do_SYSENTER_32+0x1f/0x30 [ 1495.311794][T20129] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1495.318692][T20129] [ 1495.321162][T20129] Uninit was created at: [ 1495.325766][T20129] __alloc_frozen_pages_noprof+0x689/0xf00 [ 1495.332063][T20129] alloc_pages_mpol+0x328/0x860 [ 1495.337224][T20129] alloc_frozen_pages_noprof+0xf7/0x200 [ 1495.343369][T20129] allocate_slab+0x24d/0x1220 [ 1495.348344][T20129] ___slab_alloc+0xfec/0x3480 [ 1495.353650][T20129] kmem_cache_alloc_lru_noprof+0x922/0xed0 [ 1495.359914][T20129] hfsplus_alloc_inode+0x5a/0xd0 [ 1495.365106][T20129] alloc_inode+0x8a/0x4a0 [ 1495.369753][T20129] iget_locked+0x239/0x12d0 [ 1495.374777][T20129] hfsplus_iget+0x5c/0xb80 [ 1495.379432][T20129] hfsplus_btree_open+0x134/0x1d00 [ 1495.385415][T20129] hfsplus_fill_super+0x1161/0x2740 [ 1495.390977][T20129] get_tree_bdev_flags+0x6e3/0x920 [ 1495.396659][T20129] get_tree_bdev+0x38/0x50 [ 1495.401371][T20129] hfsplus_get_tree+0x35/0x40 [ 1495.406604][T20129] vfs_get_tree+0xb0/0x5c0 [ 1495.411321][T20129] do_new_mount+0x738/0x1610 [ 1495.419300][T20129] path_mount+0x6db/0x1e90 [ 1495.424900][T20129] __se_sys_mount+0x6eb/0x7d0 [ 1495.429904][T20129] __ia32_sys_mount+0xe2/0x150 [ 1495.435225][T20129] ia32_sys_call+0x2733/0x42c0 [ 1495.440228][T20129] __do_fast_syscall_32+0xb0/0x150 [ 1495.445856][T20129] do_fast_syscall_32+0x38/0x80 [ 1495.450961][T20129] do_SYSENTER_32+0x1f/0x30 [ 1495.455917][T20129] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1495.462533][T20129] [ 1495.465023][T20129] CPU: 1 UID: 0 PID: 20129 Comm: syz.1.5043 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(undef) [ 1495.477909][T20129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1495.488398][T20129] ===================================================== [ 1495.495501][T20129] Disabling lock debugging due to kernel taint [ 1495.502137][T20129] Kernel panic - not syncing: kmsan.panic set ... [ 1495.508859][T20129] CPU: 1 UID: 0 PID: 20129 Comm: syz.1.5043 Tainted: G B 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(undef) [ 1495.522916][T20129] Tainted: [B]=BAD_PAGE [ 1495.527256][T20129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1495.537625][T20129] Call Trace: [ 1495.541091][T20129] [ 1495.544198][T20129] __dump_stack+0x26/0x30 [ 1495.548821][T20129] dump_stack_lvl+0x53/0x270 [ 1495.553703][T20129] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1495.559867][T20129] dump_stack+0x1e/0x25 [ 1495.564302][T20129] panic+0x4bd/0xd50 [ 1495.568557][T20129] kmsan_report+0x31c/0x320 [ 1495.573386][T20129] ? __msan_memcpy+0x108/0x1c0 [ 1495.578414][T20129] ? __msan_warning+0x1b/0x30 [ 1495.583362][T20129] ? hfsplus_rename_cat+0x1173/0x17e0 [ 1495.589111][T20129] ? hfsplus_rename+0x1fc/0x2f0 [ 1495.594346][T20129] ? vfs_rename+0x1e8a/0x2460 [ 1495.599255][T20129] ? do_renameat2+0x175e/0x1d70 [ 1495.604349][T20129] ? __ia32_sys_rename+0xd7/0x140 [ 1495.609618][T20129] ? ia32_sys_call+0x3d36/0x42c0 [ 1495.614810][T20129] ? __do_fast_syscall_32+0xb0/0x150 [ 1495.620399][T20129] ? do_fast_syscall_32+0x38/0x80 [ 1495.625680][T20129] ? do_SYSENTER_32+0x1f/0x30 [ 1495.630612][T20129] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1495.637490][T20129] ? kmsan_get_metadata+0xfb/0x160 [ 1495.642922][T20129] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1495.649089][T20129] ? hfsplus_bnode_dump+0x50a/0x560 [ 1495.654632][T20129] ? kmsan_get_metadata+0xfb/0x160 [ 1495.660069][T20129] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1495.666244][T20129] ? hfsplus_brec_remove+0x92f/0xa60 [ 1495.671883][T20129] ? kmsan_get_metadata+0xfb/0x160 [ 1495.677319][T20129] __msan_warning+0x1b/0x30 [ 1495.682106][T20129] hfsplus_rename_cat+0x1173/0x17e0 [ 1495.687623][T20129] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1495.694444][T20129] ? kfree+0xc1/0xec0 [ 1495.698654][T20129] ? filter_irq_stacks+0x49/0x190 [ 1495.703948][T20129] ? stack_depot_save_flags+0x35/0x7b0 [ 1495.709698][T20129] ? kmsan_get_metadata+0xfb/0x160 [ 1495.715132][T20129] ? kmsan_get_metadata+0xfb/0x160 [ 1495.720549][T20129] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 1495.727189][T20129] ? kmsan_get_metadata+0xfb/0x160 [ 1495.732610][T20129] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1495.738734][T20129] ? kmsan_get_metadata+0xfb/0x160 [ 1495.744158][T20129] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1495.750369][T20129] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 1495.757029][T20129] hfsplus_rename+0x1fc/0x2f0 [ 1495.762543][T20129] ? __pfx_hfsplus_rename+0x10/0x10 [ 1495.768051][T20129] vfs_rename+0x1e8a/0x2460 [ 1495.772879][T20129] do_renameat2+0x175e/0x1d70 [ 1495.777983][T20129] __ia32_sys_rename+0xd7/0x140 [ 1495.783097][T20129] ia32_sys_call+0x3d36/0x42c0 [ 1495.788114][T20129] __do_fast_syscall_32+0xb0/0x150 [ 1495.793493][T20129] ? irqentry_exit_to_user_mode+0x82/0xa0 [ 1495.799471][T20129] do_fast_syscall_32+0x38/0x80 [ 1495.804582][T20129] do_SYSENTER_32+0x1f/0x30 [ 1495.809356][T20129] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1495.815982][T20129] RIP: 0023:0xf70de539 [ 1495.820257][T20129] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 1495.840179][T20129] RSP: 002b:00000000f50ce55c EFLAGS: 00000206 ORIG_RAX: 0000000000000026 [ 1495.848900][T20129] RAX: ffffffffffffffda RBX: 0000000080000600 RCX: 0000000080000780 [ 1495.857109][T20129] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1495.865314][T20129] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1495.873503][T20129] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1495.881778][T20129] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1495.890037][T20129] [ 1495.893424][T20129] Kernel Offset: disabled [ 1495.897870][T20129] Rebooting in 86400 seconds..