last executing test programs: 54.899677049s ago: executing program 0 (id=348): r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000580)=0xe) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000080)=0x7f) 53.294181636s ago: executing program 1 (id=349): sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001a00910c07a551559a257aac81"], 0xfe33) 43.18883751s ago: executing program 0 (id=350): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a90000000060a010400000000000000000a0004050900010073797a310000000064000480600001800a000100696e6e65720000005000028008000440000000172c0005800c0001007061796c6f6164f51c0002800800034000000092080002400000000208000440000040050800034000000002080002400000008408000140000000000900020073797a32"], 0xb8}, 0x1, 0x0, 0x0, 0x8890}, 0x24000000) 43.188610211s ago: executing program 1 (id=351): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1) epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000000c0)={0x77359400}, 0x0, 0x0) 34.243757276s ago: executing program 1 (id=352): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xb}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x134}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x6c}, 0x1, 0x0, 0x0, 0x4044050}, 0x40) 32.002843236s ago: executing program 0 (id=353): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0x94b, 0x4) syz_emit_ethernet(0x6e, &(0x7f00000004c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb8000", 0x38, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @mcast2, {[], @dest_unreach={0x1, 0x2, 0x0, 0x5, '\x00', {0x2, 0x6, "bcc1e4", 0x4, 0x3a, 0x1, @ipv4={'\x00', '\xff\xff', @multicast1}, @private1={0xfc, 0x1, '\x00', 0x1}, [], "35ac60fe5fba5576"}}}}}}}, 0x0) 27.040136967s ago: executing program 1 (id=354): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x0, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x121a02, 0x0) sendfile(r1, r0, &(0x7f0000002700)=0x23, 0x1c) 22.19111625s ago: executing program 0 (id=355): r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) r1 = dup(r0) accept4$llc(r1, 0x0, 0x0, 0x80800) 15.120454842s ago: executing program 1 (id=356): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000000)={0x4, "f34f22eba164203d362bfd8fe8fb28df3b26000028f4a52c0800045600"}) 10.540317827s ago: executing program 0 (id=357): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_QUOTA_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x5}, @NFTA_QUOTA_CONSUMED={0xc, 0x4, 0x1, 0x0, 0x3}]}}}]}]}], {0x14}}, 0x8c}, 0x1, 0x0, 0x0, 0x24040800}, 0x44) 5.838860021s ago: executing program 1 (id=358): r0 = socket(0x2b, 0x80801, 0x1) connect$inet6(r0, &(0x7f00000005c0)={0xa, 0x4e23, 0x8, @loopback, 0x1}, 0x1c) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x402, 0x0, @private0, 0x28}, 0x1c) 0s ago: executing program 0 (id=359): mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0) set_mempolicy_home_node(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0) mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:36680' (ED25519) to the list of known hosts. syzkaller login: [ 598.439450][ T3192] cgroup: Unknown subsys name 'net' [ 599.552193][ T3192] cgroup: Unknown subsys name 'cpuset' [ 599.748193][ T3192] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 686.634527][ T3192] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 816.260593][ T3203] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 816.980834][ T3203] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 817.062134][ T3204] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 817.670024][ T3204] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 833.445012][ T3204] hsr_slave_0: entered promiscuous mode [ 833.489772][ T3204] hsr_slave_1: entered promiscuous mode [ 834.372715][ T3203] hsr_slave_0: entered promiscuous mode [ 834.424003][ T3203] hsr_slave_1: entered promiscuous mode [ 834.460766][ T3203] debugfs: 'hsr0' already exists in 'hsr' [ 834.463576][ T3203] Cannot create hsr debugfs directory [ 848.902775][ T3204] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 849.244419][ T3204] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 849.521652][ T3204] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 850.521054][ T3204] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 853.754930][ T3203] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 854.227845][ T3203] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 854.432337][ T3203] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 854.770376][ T3203] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 879.938263][ T3204] 8021q: adding VLAN 0 to HW filter on device bond0 [ 882.109977][ T3203] 8021q: adding VLAN 0 to HW filter on device bond0 [ 974.200999][ T3204] veth0_vlan: entered promiscuous mode [ 975.541259][ T3203] veth0_vlan: entered promiscuous mode [ 976.061691][ T3204] veth1_vlan: entered promiscuous mode [ 977.683463][ T3203] veth1_vlan: entered promiscuous mode [ 982.501997][ T3203] veth0_macvtap: entered promiscuous mode [ 982.963349][ T3204] veth0_macvtap: entered promiscuous mode [ 983.542026][ T3203] veth1_macvtap: entered promiscuous mode [ 984.401321][ T3204] veth1_macvtap: entered promiscuous mode [ 988.237200][ T3295] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 988.400943][ T3759] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 988.407420][ T3295] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 988.498246][ T3295] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 988.578159][ T3295] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 988.599393][ T3759] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 988.604158][ T3759] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 988.834740][ T3759] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 996.711039][ T3203] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 1029.878545][ T3834] ip6t_srh: unknown srh invflags 7F00 [ 1036.769455][ T3838] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7'. [ 1036.784079][ T3838] netlink: 312 bytes leftover after parsing attributes in process `syz.1.7'. [ 1036.811516][ T3838] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7'. [ 1043.541071][ T3842] capability: warning: `syz.1.9' uses deprecated v2 capabilities in a way that may be insecure [ 1095.027557][ T3869] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 1119.597028][ T3885] Illegal XDP return value 452984832 on prog (id 4) dev N/A, expect packet loss! [ 1180.308470][ T3918] ipvlan1: entered promiscuous mode [ 1180.311540][ T3918] ipvlan1: entered allmulticast mode [ 1180.313571][ T3918] veth0_vlan: entered allmulticast mode [ 1188.541130][ T3921] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 1204.886856][ T3928] syz.1.47: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 1204.928325][ T3928] CPU: 1 UID: 0 PID: 3928 Comm: syz.1.47 Not tainted syzkaller #0 PREEMPT [ 1204.929642][ T3928] Hardware name: riscv-virtio,qemu (DT) [ 1204.930325][ T3928] Call Trace: [ 1204.930861][ T3928] [] dump_backtrace+0x2e/0x3c [ 1204.933379][ T3928] [] show_stack+0x30/0x3c [ 1204.933999][ T3928] [] dump_stack_lvl+0x114/0x1ac [ 1204.934950][ T3928] [] dump_stack+0x1c/0x28 [ 1204.935862][ T3928] [] warn_alloc+0x188/0x2a4 [ 1204.936726][ T3928] [] __vmalloc_node_range_noprof+0x14fc/0x18e8 [ 1204.937753][ T3928] [] vmalloc_user_noprof+0xf4/0x124 [ 1204.938735][ T3928] [] xskq_create+0xe8/0x1a8 [ 1204.939620][ T3928] [] xsk_setsockopt+0x2ec/0x960 [ 1204.940490][ T3928] [] do_sock_setsockopt+0x20a/0x40c [ 1204.941359][ T3928] [] __sys_setsockopt+0x13e/0x1e4 [ 1204.942247][ T3928] [] __riscv_sys_setsockopt+0xa6/0x114 [ 1204.943153][ T3928] [] syscall_handler+0x92/0x114 [ 1204.943897][ T3928] [] do_trap_ecall_u+0x3d2/0x58c [ 1204.944824][ T3928] [] handle_exception+0x15e/0x16a [ 1205.067002][ T3928] Mem-Info: [ 1205.071172][ T3928] active_anon:4333 inactive_anon:0 isolated_anon:0 [ 1205.071172][ T3928] active_file:8558 inactive_file:34554 isolated_file:0 [ 1205.071172][ T3928] unevictable:768 dirty:52 writeback:0 [ 1205.071172][ T3928] slab_reclaimable:2493 slab_unreclaimable:25985 [ 1205.071172][ T3928] mapped:13673 shmem:2338 pagetables:751 [ 1205.071172][ T3928] sec_pagetables:0 bounce:0 [ 1205.071172][ T3928] kernel_misc_reclaimable:0 [ 1205.071172][ T3928] free:216408 free_pcp:6349 free_cma:52672 [ 1205.074859][ T3928] Node 0 active_anon:17332kB inactive_anon:0kB active_file:34232kB inactive_file:138216kB unevictable:3072kB isolated(anon):0kB isolated(file):0kB mapped:54692kB dirty:208kB writeback:0kB shmem:9352kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6016kB pagetables:3004kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1205.123237][ T3928] Node 0 DMA32 free:865632kB boost:0kB min:22528kB low:28160kB high:33792kB reserved_highatomic:0KB free_highatomic:0KB active_anon:17332kB inactive_anon:0kB active_file:34232kB inactive_file:138216kB unevictable:3072kB writepending:208kB zspages:0kB present:2097152kB managed:1427084kB mlocked:0kB bounce:0kB free_pcp:25352kB local_pcp:11804kB free_cma:210688kB [ 1205.173297][ T3928] lowmem_reserve[]: 0 0 0 [ 1205.251906][ T3928] Node 0 DMA32: 2*4kB (UM) 1*8kB (E) 41*16kB (UE) 15*32kB (UM) 2*64kB (UE) 1*128kB (M) 2*256kB (MC) 3*512kB (MEC) 4*1024kB (UMEC) 3*2048kB (EC) 208*4096kB (MC) = 865664kB [ 1205.374301][ T3928] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1205.417242][ T3928] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 1205.420623][ T3928] 45485 total pagecache pages [ 1205.422336][ T3928] 0 pages in swap cache [ 1205.423977][ T3928] Free swap = 124996kB [ 1205.476137][ T3928] Total swap = 124996kB [ 1205.477708][ T3928] 524288 pages RAM [ 1205.478702][ T3928] 0 pages HighMem/MovableOnly [ 1205.479794][ T3928] 167517 pages reserved [ 1205.480827][ T3928] 52736 pages cma reserved [ 1356.702598][ T3995] netlink: 4096 bytes leftover after parsing attributes in process `syz.0.77'. [ 1377.774687][ T4003] netlink: 'syz.1.82': attribute type 21 has an invalid length. [ 1404.162851][ T4015] netlink: 'syz.1.88': attribute type 3 has an invalid length. [ 1411.489631][ T4019] netlink: 8 bytes leftover after parsing attributes in process `syz.1.90'. [ 1418.975081][ T4021] xt_TPROXY: Can be used only with -p tcp or -p udp [ 1491.967704][ T4057] netlink: 60 bytes leftover after parsing attributes in process `syz.1.104'. [ 1491.984932][ T4057] netlink: 60 bytes leftover after parsing attributes in process `syz.1.104'. [ 1521.774172][ T4072] team_slave_0: entered promiscuous mode [ 1521.826592][ T4072] team_slave_0: entered allmulticast mode [ 1527.888372][ T4075] netlink: 156 bytes leftover after parsing attributes in process `syz.1.112'. [ 1564.951105][ T4089] xt_nfacct: accounting object `syz1' does not exist [ 1581.807484][ T3757] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 1582.731255][ T3757] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1582.734908][ T3757] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1583.163570][ T3757] usb 2-1: config 0 descriptor?? [ 1585.080216][ T3757] udl 2-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 1585.899526][ T3757] [drm:udl_init] *ERROR* Selecting channel failed [ 1587.023199][ T3757] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2 [ 1587.037153][ T3757] [drm] Initialized udl on minor 2 [ 1587.148206][ T3757] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1587.172020][ T3757] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 1587.371284][ T3757] usb 2-1: USB disconnect, device number 2 [ 1587.737674][ T4047] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 1607.971471][ T4124] netlink: 8 bytes leftover after parsing attributes in process `syz.0.126'. [ 1607.974496][ T4124] netlink: 8 bytes leftover after parsing attributes in process `syz.0.126'. [ 1624.942405][ T3738] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 1625.393842][ T3738] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1625.501918][ T3738] usb 2-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice= 9.99 [ 1625.504194][ T3738] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1625.517862][ T3738] usb 2-1: Product: syz [ 1625.519303][ T3738] usb 2-1: Manufacturer: syz [ 1625.520686][ T3738] usb 2-1: SerialNumber: syz [ 1625.771695][ T3738] usb 2-1: config 0 descriptor?? [ 1627.503005][ T3738] f81534a_ctrl 2-1:0.0: probe with driver f81534a_ctrl failed with error -32 [ 1628.087256][ T3738] usb 2-1: USB disconnect, device number 3 [ 1633.102665][ T4150] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 1633.807866][ T4150] xt_hashlimit: overflow, rate too high: 0 [ 1642.762720][ T4156] netlink: 12 bytes leftover after parsing attributes in process `syz.0.135'. [ 1678.882789][ T4178] ubi0: attaching mtd0 [ 1679.097410][ T4178] ubi0: scanning is finished [ 1679.099761][ T4178] ubi0: empty MTD device detected [ 1682.107445][ T4178] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 1682.109932][ T4178] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 1689 bytes [ 1682.111985][ T4178] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 1682.113956][ T4178] ubi0: VID header offset: 2343 (aligned 2343), data offset: 2407 [ 1682.179353][ T4178] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 1682.181587][ T4178] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 9 [ 1682.182841][ T4178] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 984294543 [ 1682.184674][ T4178] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 1682.303910][ T4184] ubi0: background thread "ubi_bgt0d" started, PID 4184 [ 1719.042525][ T4203] netlink: 60 bytes leftover after parsing attributes in process `syz.0.156'. [ 1746.798852][ T4218] netlink: 12 bytes leftover after parsing attributes in process `syz.0.163'. [ 1746.803606][ T4218] netlink: 31 bytes leftover after parsing attributes in process `syz.0.163'. [ 1746.881964][ T4218] netlink: 'syz.0.163': attribute type 3 has an invalid length. [ 1746.884493][ T4218] netlink: 'syz.0.163': attribute type 2 has an invalid length. [ 1746.922914][ T4218] netlink: 31 bytes leftover after parsing attributes in process `syz.0.163'. [ 1754.563699][ T4222] netlink: 20 bytes leftover after parsing attributes in process `syz.0.165'. [ 1766.652838][ T4228] xt_hashlimit: max too large, truncated to 1048576 [ 1775.477614][ T4230] ALSA: mixer_oss: invalid OSS volume '' [ 1794.150105][ T4240] netlink: 'syz.0.174': attribute type 2 has an invalid length. [ 1794.159716][ T4240] netlink: 'syz.0.174': attribute type 1 has an invalid length. [ 1794.163808][ T4240] netlink: 8 bytes leftover after parsing attributes in process `syz.0.174'. [ 1806.723773][ T4246] netlink: 28 bytes leftover after parsing attributes in process `syz.0.177'. [ 1853.299225][ T4268] netlink: 'syz.0.186': attribute type 32 has an invalid length. [ 1855.708024][ T4269] netlink: 7 bytes leftover after parsing attributes in process `syz.1.187'. [ 1856.644726][ T4269] netlink: 24 bytes leftover after parsing attributes in process `syz.1.187'. [ 2145.317527][ T4373] ip6t_srh: unknown srh match flags 4000 [ 2213.785235][ T4402] sch_tbf: burst 0 is lower than device veth1_virt_wifi mtu (1514) ! [ 2221.822175][ T4406] ALSA: mixer_oss: invalid OSS volume 'Y{UDD ' [ 2221.824512][ T4406] ALSA: mixer_oss: invalid OSS volume 'ߧ4cT󯆩"m!lT.Π' [ 2221.844313][ T4406] ALSA: mixer_oss: invalid OSS volume 'lg' [ 2221.847956][ T4406] ALSA: mixer_oss: invalid OSS volume ')nkKi,rWY\ZV?J`G' [ 2221.850373][ T4406] ALSA: mixer_oss: invalid OSS volume 'kO0$g{pl{y;_ARW' [ 2221.852161][ T4406] ALSA: mixer_oss: invalid OSS volume '' [ 2221.872002][ T4406] ALSA: mixer_oss: invalid OSS volume 'sv Fu{Qby>h%w]' [ 2221.874515][ T4406] ALSA: mixer_oss: invalid OSS volume 'E= v?@48@hL' [ 2221.903888][ T4406] ALSA: mixer_oss: invalid OSS volume '+?>3Iq0:iq|UDř' [ 2221.912754][ T4406] ALSA: mixer_oss: invalid OSS volume 'vӷ*xrN0ܗcAdh' [ 2221.940715][ T4406] ALSA: mixer_oss: invalid OSS volume 'JM %HJ[~S' [ 2221.954669][ T4406] ALSA: mixer_oss: invalid OSS volume 'SQF?`*]5S' [ 2248.541222][ T4418] mmap: syz.0.250 (4418) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 2254.921962][ T4319] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 2256.030969][ T4319] usb 2-1: Using ep0 maxpacket: 16 [ 2256.543364][ T4319] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2256.552448][ T4319] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 2256.862634][ T4319] usb 2-1: New USB device found, idVendor=04e8, idProduct=6601, bcdDevice=cd.0f [ 2256.891805][ T4319] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2256.894503][ T4319] usb 2-1: Product: syz [ 2256.928852][ T4319] usb 2-1: Manufacturer: syz [ 2256.931034][ T4319] usb 2-1: SerialNumber: syz [ 2257.648864][ T4319] usb 2-1: config 0 descriptor?? [ 2259.872508][ T4319] usb 2-1: USB disconnect, device number 4 [ 2390.138694][ T4483] netlink: 28 bytes leftover after parsing attributes in process `syz.0.274'. [ 2499.029235][ T4535] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.295'. [ 2542.720328][ T4571] netlink: 4 bytes leftover after parsing attributes in process `syz.0.305'. [ 2591.529597][ T4596] veth0_to_team: entered promiscuous mode [ 2617.344191][ T4607] capability: warning: `syz.1.321' uses 32-bit capabilities (legacy support in use) [ 2665.761408][ T4631] faux_driver vkms: [drm] Unknown color mode 32768; guessing buffer size. [ 2682.460781][ T4637] netlink: 8 bytes leftover after parsing attributes in process `syz.1.335'. [ 2684.713426][ T4639] process 'syz.0.336' launched './file2' with NULL argv: empty string added [ 3651.848572][ T33] INFO: task jbd2/vda-8:2992 blocked for more than 440 seconds. [ 3651.851072][ T33] Tainted: G L syzkaller #0 [ 3651.852944][ T33] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3651.855025][ T33] task:jbd2/vda-8 state:D stack:0 pid:2992 tgid:2992 ppid:2 task_flags:0x240040 flags:0x00000000 [ 3654.514069][ T33] Call Trace: [ 3658.278361][ T33] [] __schedule+0xf10/0x4098 [ 3658.280547][ T33] [] schedule+0xb4/0x334 [ 3658.281893][ T33] [] jbd2_journal_wait_updates+0xfc/0x20c [ 3658.283318][ T33] [] jbd2_journal_commit_transaction+0x760/0x6714 [ 3658.284692][ T33] [] kjournald2+0x1dc/0x6a4 [ 3666.433426][ T33] [] kthread+0x37c/0x778 [ 3672.484516][ T33] [] ret_from_fork_kernel+0x2a/0xbbc [ 3676.991395][ T33] [] ret_from_fork_kernel_asm+0x16/0x18