last executing test programs: 1.747119172s ago: executing program 1 (id=13212): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x10, &(0x7f0000000000)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x6, 0x0, 0x0, 0xffffff1f}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0x2}}, [@alu={0x4, 0x1, 0x9, 0x8, 0x4}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1.479032029s ago: executing program 1 (id=13217): r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000002080), 0x80000, 0x0) close(r0) 1.341875903s ago: executing program 2 (id=13219): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x62) mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, &(0x7f0000000000)={[{@noswap}]}) 1.249644634s ago: executing program 1 (id=13221): r0 = syz_init_net_socket$bt_cmtp(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPCONNDEL(r0, 0x400443c9, &(0x7f0000000200)={@any, 0x4}) 1.102342466s ago: executing program 2 (id=13223): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/stat\x00', 0x0, 0x0) ioctl$SNDCTL_TMR_CONTINUE(r0, 0x5404) 1.088505723s ago: executing program 1 (id=13224): r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$SO_COOKIE(r0, 0x1, 0x39, 0xfffffffffffffffd, &(0x7f0000000040)=0x49) 999.076926ms ago: executing program 0 (id=13226): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newtaction={0x6c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_TCINDEX={0x6, 0x3}]}]}, {0x4}, {0xc}, {0x68}}}]}]}, 0x6c}}, 0x0) 969.09348ms ago: executing program 2 (id=13227): r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r0, &(0x7f0000000540)={0x24, @short={0x2, 0x1, 0xaaa2}}, 0x14) 905.816337ms ago: executing program 3 (id=13228): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0x8000}, {0x6}]}, 0x10) 881.996983ms ago: executing program 1 (id=13229): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_CMAP(r0, 0x4b70, 0x0) 754.501918ms ago: executing program 0 (id=13230): r0 = socket(0x2b, 0x80801, 0x1) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, 0x0, 0x0) 754.307398ms ago: executing program 2 (id=13231): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x568, 0xd0, 0xd0, 0x428, 0xd0, 0xd0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x6, 0x0, 0x0, 0x4a}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@connmark={{0x30}}, @common=@inet=@socket1={{0x28, 'socket\x00', 0x2}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0x0, 0xa8, 0xd0}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5c8) 731.858563ms ago: executing program 1 (id=13232): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401001186eee2000905821704"], 0x0) syz_usb_control_io$sierra_net(r0, 0x0, 0x0) 683.379064ms ago: executing program 3 (id=13233): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1, 0x4, 0x4, 0x3, 0x81, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="18200000", @ANYRES32=r0, @ANYBLOB="000000000dcf0b58951f000020000000d80862d8c4338c843bf7adb339db5ccd5ac93d2fffae33252987b0d1ee0e42e34d4e8f3461e8bb1185356bd56235458b09e7b6ffbe1adccf0eaf8eeb5b62a686a53abd7fcd92c15d0ada024c47679ba9d419d0626be36002704ad7ed359b7262224691b2d8e94dd4f0f410e1e66ace6cf0c5f5c28a8ec0c9e0c59905b3c40e33deb7049af15b2262c04dc9b4d32900"/170], &(0x7f0000000180)='syzkaller\x00', 0x2, 0xe9, &(0x7f0000000340)=""/233, 0x0, 0x11}, 0x80) 611.8106ms ago: executing program 0 (id=13234): r0 = socket(0x11, 0x2, 0x10001) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'team0\x00', &(0x7f0000000100)=@ethtool_dump={0x1, 0x6, 0x2}}) 591.771956ms ago: executing program 2 (id=13235): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0x44b, 0x70bd2c, 0x25dfdbfc, {0x7a, 0x0, 0x0, 0x0, 0x1000, 0x9020}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc, 0x23, 0x8000000000000001}, @IFLA_BR_MCAST_ROUTER={0x5}]}}}]}, 0x48}}, 0x0) 478.483903ms ago: executing program 3 (id=13236): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000001140)={0x80, 0xfffffffd, 0x80000000, 0x0, 0x2, 0x89b}) 450.494538ms ago: executing program 0 (id=13237): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=@ipv6_delroute={0x28, 0x19, 0x1, 0x800, 0x25dfdbfd, {0xa, 0x0, 0x80, 0x0, 0xff, 0x1, 0x0, 0xb, 0x800}, [@RTA_MULTIPATH={0xc, 0x9, {0x6569, 0x11}}]}, 0x28}, 0x1, 0x0, 0x0, 0x30008001}, 0x20040800) 423.020023ms ago: executing program 2 (id=13238): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$UHID_INPUT(r0, &(0x7f0000003b00)={0xfc, {"a2e3ad09ed0d09f91b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a41c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78a57a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420800000000000000c1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1212e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b8393dee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 330.455294ms ago: executing program 3 (id=13239): r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020039000b05d25a806f8c6394f90424fc602f00000008000800053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 298.372028ms ago: executing program 0 (id=13240): syz_mount_image$hfs(&(0x7f00000007c0), &(0x7f0000000000)='./file1\x00', 0x30008c0, &(0x7f0000000980)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030373737372c6469725f756d61736b3d30303030303030303030303030303030303030303030302c696f636861727365743d69736f383835392d362c636f6465706167653d63703835352c63726561746f723d4ddd71752c00eeabc72a9832436950c6116498dda8be60a94746ea68766f63d1d63944fbda2a9337439b37b6f2a694ba98f40070d09c3890bd28a2018f1adfe1e0a630020a9cac1a43800a70a9328ddb2a2f2e207da7cd3caf243b39eaff4966b7aa97cb6cc7d2cfc59e7a976de0a00d23c7ffaaa056cc4f8bc7b4c0f9a21db642b3e832e30a90ba1b9e7933b77c60f6a1b9ca9128f0a2d0e23373c9d15c79865bae97ddd82b98001b6aa9c5390e4deaf5f0ee492c6842b1c08486e479a889491459a257e9d4083634dac6cd58520f72e6c2f11bbd5b03655bb1863b16f3", @ANYBLOB="11f4579be01e435c584a33c63f8173f96bc4546035804d47be19163bd9e589bfdd0a9e6804495a4e4d83804e78ac5a72446295afd79de3fd6a02932a26ab4045133c371e56b0d48544db3c7db23a432f837b93f89b6f223cd1f6731d407ffdb1dd9467f5cd2d6c4e8b9d4f50d338ac91501a4bb780c4723929e22f55254546facc4f0284e644e6", @ANYRES8, @ANYRESHEX=0x0], 0x11, 0x314, &(0x7f0000000b80)="$eJzs3U1rE08cB/Dv7KZN+m/pf7UVwYNINWAvovUiXiIlL8KTqE0KxSWitviAYBVPIvbu3aNXX4N4UQTP9eRJPHiqBxmZh2SfN6lmd1P9fsCy2dmZ/e3OzlPALIjon7Xa3n11/ov6JwAXLvDsIuAAaAA1AEdwtLHV29zY9LudvIJcHK+bXAImp0gcs9brpmVtwOawPPWphrnwPiqGlPLS56qDoMrp1i/d6M4Tuieo29apExsVxZfl8f6zfJsBsF1EMBMlv6bEHvZwD/OlhUNERBNJmPHdseP8nJ2/Ow7QtIOJSpu48f937VUdQOFkbmpo/NerLClUvf+vk4L1nl7CqXSnv0pMK+t17PNU7PM0zNMTmV2KYatKHYszs77hd8+s3fQ7Dp6gZYUOW9R/O/bxtCLR1hNFL6WsTXMMSpvJPESkzyhn9TVMqWtYMfHfBRCJfyH3jAUQ78QHcUV4eInOYP5Xk0JVk64pL1ZTJv6z2SXqq/TUUbDdRqvVciKHHNInOWbPYA25ygbcrDNO2zIjXxB4w+LUuQ7HcpmrOzck10JqrhW9vQwnI9diJJe6mvUN/232qUohXojLYglf8Qbt0PzfUfE1kWyZoYc+aDWiaYYCfcdV64zWbEitaXsiPXJsfdp9aPYnm8vgLiYbrPUjv0+jfXiO67iA+Tv3H9xwfb97W21c89XjqjcGe27N2Q2/O/UUCCdNyga2gz11SC1xcH9QKjOw5bEWqPqPlCTVsHrf+3tUKxtW4KM/jUf1A4XeutkRrmJ/G/2uazwFtt+P50HqTxsiST+llCU2oh17Z+JJ1XRLVK6g0kc7PmWqQwebqlJh1n/BeqVmJnvqj5c6Tx/xiwBbolRz7MEKLsgrzYwcwH85K7i0YjNXcMk1V2LNqNdcJ08Dp0Y/o2fj/EuINj7iKr//JyIiIiIiIiIiIiIiIiIiIiIiIiI6aMr4zzBVXyMRERERERERERERERERERERERERERER0UG32oD53Wv03/+L0d7/G38Vi2t+Enws7//d6YHv/yUq3q8AAAD///B/c8c=") openat(0xffffffffffffff9c, &(0x7f0000000280)='./bus\x00', 0x4040, 0x0) 231.193055ms ago: executing program 3 (id=13241): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="34000000190a01040000000000000000020000010900020073797a3200000400090001"], 0x34}}, 0x48084) 17.735043ms ago: executing program 3 (id=13242): r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)="b88cdf38504d55f97afc3d19e3536fa6cb2d06637006864b0a3160bf5bd017d807343fd80a030000e1d7e4a56a150a3db2e413d7244b3df901239eda1a4e90a2efcead70ccac6b8000000035607013e967642cd1bd135a54543dd2129afc7d5008f8be67407e648c73b703d35efdfedac6b7555758a14e209284e2", 0x7b}, 0x1, 0x0, 0x0, 0x8014}, 0x44090) 0s ago: executing program 0 (id=13243): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@ipv4_newrule={0x40, 0x20, 0x1, 0x70bd29, 0x25dfdbfe, {0x2, 0x10, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x3}, [@FRA_DST={0x8, 0x1, @multicast1}, @FRA_GENERIC_POLICY=@FRA_IIFNAME={0x14, 0x3, 'lo\x00'}, @FRA_FLOW={0x8, 0xb, 0x7f}]}, 0x40}}, 0x40010) kernel console output (not intermixed with test programs): netouch 1-1:0.0: USB Mass Storage device detected [ 1382.729730][ T6507] usb 1-1: USB disconnect, device number 24 [ 1383.246161][ T6174] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 1383.465034][ T6174] usb 4-1: config 0 has an invalid interface number: 64 but max is 0 [ 1383.482413][ T6174] usb 4-1: config 0 has no interface number 0 [ 1383.508598][ T6174] usb 4-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07 [ 1383.522991][ T6174] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1383.531757][ T6174] usb 4-1: Product: syz [ 1383.535982][ T6174] usb 4-1: Manufacturer: syz [ 1383.549135][ T6174] usb 4-1: SerialNumber: syz [ 1383.562934][ T6174] usb 4-1: config 0 descriptor?? [ 1383.860965][ T6174] usb 4-1: Found UVC 0.08 device syz (046d:0823) [ 1383.868204][ T6174] usb 4-1: No valid video chain found. [ 1383.895654][ T6174] usb 4-1: USB disconnect, device number 32 [ 1384.121659][T30287] netlink: 'syz.2.11083': attribute type 1 has an invalid length. [ 1384.140972][T30287] netlink: 236 bytes leftover after parsing attributes in process `syz.2.11083'. [ 1384.159946][ T28] audit: type=1326 audit(2000008364.610:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30289 comm="syz.1.11084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfd9c799 code=0x7ffc0000 [ 1384.221540][ T28] audit: type=1326 audit(2000008364.610:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30289 comm="syz.1.11084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfd9c799 code=0x7ffc0000 [ 1384.271887][ T28] audit: type=1326 audit(2000008364.638:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30289 comm="syz.1.11084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f8cbfd9c799 code=0x7ffc0000 [ 1384.334678][ T28] audit: type=1326 audit(2000008364.638:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30289 comm="syz.1.11084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfd9c799 code=0x7ffc0000 [ 1384.399387][ T28] audit: type=1326 audit(2000008364.638:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30289 comm="syz.1.11084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfd9c799 code=0x7ffc0000 [ 1384.485408][T30298] loop0: detected capacity change from 0 to 16 [ 1384.495560][T30298] erofs: (device loop0): mounted with root inode @ nid 36. [ 1384.961085][T30316] netlink: 16 bytes leftover after parsing attributes in process `syz.1.11098'. [ 1384.982079][T30316] netlink: 30 bytes leftover after parsing attributes in process `syz.1.11098'. [ 1385.157857][T30325] loop3: detected capacity change from 0 to 512 [ 1385.179961][T30326] xt_TPROXY: Can be used only with -p tcp or -p udp [ 1385.243935][T30325] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1385.319793][T30325] ext4 filesystem being mounted at /2669/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1385.512406][ T6422] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1386.118310][T30362] netlink: 28 bytes leftover after parsing attributes in process `syz.1.11119'. [ 1386.181085][T30362] netlink: 28 bytes leftover after parsing attributes in process `syz.1.11119'. [ 1386.712647][T30354] loop0: detected capacity change from 0 to 32768 [ 1386.782359][T30354] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 1386.835904][T30354] JBD2: Ignoring recovery information on journal [ 1386.905472][T30354] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 1386.949908][T30392] netlink: 152 bytes leftover after parsing attributes in process `syz.3.11131'. [ 1387.059096][T30394] netlink: 'syz.2.11132': attribute type 9 has an invalid length. [ 1387.085734][T30394] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.11132'. [ 1387.247501][ T6415] ocfs2: Unmounting device (7,0) on (node local) [ 1387.421336][T30402] netlink: 'syz.1.11137': attribute type 10 has an invalid length. [ 1387.662765][T30402] team0 (unregistering): Port device team_slave_0 removed [ 1387.748005][T30402] team0 (unregistering): Port device team_slave_1 removed [ 1387.775797][T30410] loop3: detected capacity change from 0 to 2048 [ 1387.815333][T30410] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1388.391487][T30432] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11151'. [ 1388.751210][T30450] ieee802154 phy0 wpan0: encryption failed: -22 [ 1388.979358][T17047] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 1389.136514][T30464] xt_TCPMSS: Only works on TCP SYN packets [ 1389.222602][T17047] usb 2-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e [ 1389.246853][T17047] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1389.267897][T17047] usb 2-1: Product: syz [ 1389.278981][T17047] usb 2-1: Manufacturer: syz [ 1389.292434][T17047] usb 2-1: SerialNumber: syz [ 1389.315700][T17047] usb 2-1: config 0 descriptor?? [ 1389.563336][T17047] mos7840 2-1:0.0: required endpoints missing [ 1389.601292][T30482] netlink: 56 bytes leftover after parsing attributes in process `syz.2.11176'. [ 1389.690221][T30485] netlink: 'syz.0.11178': attribute type 9 has an invalid length. [ 1389.704512][T30485] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.11178'. [ 1389.818666][T17047] usb 2-1: USB disconnect, device number 31 [ 1390.510352][T30516] netlink: 'syz.2.11193': attribute type 21 has an invalid length. [ 1390.573475][T30520] Cannot find del_set index 3 as target [ 1391.006095][T15878] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 1391.026653][T30534] netlink: 'syz.0.11202': attribute type 2 has an invalid length. [ 1391.126494][T30508] loop3: detected capacity change from 0 to 40427 [ 1391.149757][T30508] F2FS-fs (loop3): invalid crc value [ 1391.178145][T30508] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1391.213022][T15878] usb 2-1: Using ep0 maxpacket: 16 [ 1391.228581][T15878] usb 2-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 1391.245720][T15878] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1391.280674][T15878] usb 2-1: Product: syz [ 1391.284936][T15878] usb 2-1: Manufacturer: syz [ 1391.295070][T15878] usb 2-1: SerialNumber: syz [ 1391.306169][T15878] usb 2-1: config 0 descriptor?? [ 1391.325988][T15878] ssu100 2-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 1391.370794][T30542] tipc: Can't bind to reserved service type 0 [ 1391.377573][T30508] F2FS-fs (loop3): Start checkpoint disabled! [ 1391.400010][T30508] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 1391.782458][T15878] ssu100: probe of 2-1:0.0 failed with error -71 [ 1391.802147][T15878] usb 2-1: USB disconnect, device number 32 [ 1392.469068][T17047] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 1392.669865][T17047] usb 3-1: Using ep0 maxpacket: 8 [ 1392.671883][T17047] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 1392.671913][T17047] usb 3-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config [ 1392.671935][T17047] usb 3-1: config 179 has no interface number 0 [ 1392.671981][T17047] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid wMaxPacketSize 0 [ 1392.672007][T17047] usb 3-1: config 179 interface 65 altsetting 12 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 1392.672034][T17047] usb 3-1: config 179 interface 65 has no altsetting 0 [ 1392.672070][T17047] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 1392.672096][T17047] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1392.964524][T17047] usb 3-1: USB disconnect, device number 28 [ 1393.411413][T30612] loop3: detected capacity change from 0 to 512 [ 1393.445936][T30612] EXT4-fs: Ignoring removed nobh option [ 1393.477209][T30612] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13 [ 1393.499065][T30612] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz.3.11240: attempt to clear invalid blocks 1 len 1 [ 1393.513505][T30612] EXT4-fs (loop3): Remounting filesystem read-only [ 1393.520900][T30612] EXT4-fs (loop3): 1 truncate cleaned up [ 1393.528099][T30612] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1393.616441][ T6422] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1393.820586][T30623] program syz.1.11246 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1394.134708][T30638] overlay: Bad value for 'metacopy' [ 1394.473033][T30653] netlink: 48 bytes leftover after parsing attributes in process `syz.2.11259'. [ 1394.804485][T30669] netlink: 'syz.0.11268': attribute type 21 has an invalid length. [ 1395.039349][T30679] ip6gretap1: entered promiscuous mode [ 1395.060160][T30679] ip6gretap1: entered allmulticast mode [ 1395.308933][T30691] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11279'. [ 1395.700351][T30709] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11288'. [ 1395.765806][T30711] loop3: detected capacity change from 0 to 16 [ 1395.786310][T30711] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 1396.043122][T30721] xt_l2tp: wrong L2TP version: 0 [ 1396.114019][T30726] vim2m vim2m.0: Fourcc format (0x42474752) invalid. [ 1396.271151][T30732] netlink: 'syz.3.11299': attribute type 10 has an invalid length. [ 1396.480550][T30732] team0 (unregistering): Port device team_slave_0 removed [ 1396.505114][T30732] team0 (unregistering): Port device team_slave_1 removed [ 1396.557941][T30732] team0 (unregistering): Port device wlan1 removed [ 1397.369605][T30777] netdevsim netdevsim2 : renamed from netdevsim0 (while UP) [ 1398.250211][T30785] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11326'. [ 1398.279453][T30785] netlink: 68 bytes leftover after parsing attributes in process `syz.3.11326'. [ 1398.288624][T30785] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11326'. [ 1398.325717][T30785] netlink: 68 bytes leftover after parsing attributes in process `syz.3.11326'. [ 1398.833716][T30806] loop1: detected capacity change from 0 to 256 [ 1398.919337][T30806] FAT-fs (loop1): Directory bread(block 64) failed [ 1398.947967][T30806] FAT-fs (loop1): Directory bread(block 65) failed [ 1398.977931][T30806] FAT-fs (loop1): Directory bread(block 66) failed [ 1398.989716][T30806] FAT-fs (loop1): Directory bread(block 67) failed [ 1398.999546][T30806] FAT-fs (loop1): Directory bread(block 68) failed [ 1399.008099][T30806] FAT-fs (loop1): Directory bread(block 69) failed [ 1399.018404][T30806] FAT-fs (loop1): Directory bread(block 70) failed [ 1399.027748][T30806] FAT-fs (loop1): Directory bread(block 71) failed [ 1399.045553][T30806] FAT-fs (loop1): Directory bread(block 72) failed [ 1399.084618][T30806] FAT-fs (loop1): Directory bread(block 73) failed [ 1399.423205][T30821] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 1399.633472][T30827] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1399.833225][T30831] No such timeout policy "syz0" [ 1400.105429][T30844] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11354'. [ 1400.270366][T30851] netlink: 'syz.0.11359': attribute type 3 has an invalid length. [ 1400.282534][T30851] netlink: 766 bytes leftover after parsing attributes in process `syz.0.11359'. [ 1400.336256][T30854] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11358'. [ 1400.382593][T30854] openvswitch: netlink: Actions may not be safe on all matching packets [ 1400.634523][T30864] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1400.649720][T30868] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11366'. [ 1400.659739][T30864] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1400.969734][T30879] loop0: detected capacity change from 0 to 64 [ 1401.045136][T30879] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 1401.087407][T30879] MINIX-fs warning: remounting unchecked fs, running fsck is recommended [ 1401.166264][T30886] loop3: detected capacity change from 0 to 16 [ 1401.176287][T30887] netlink: 'syz.2.11373': attribute type 10 has an invalid length. [ 1401.201556][T30886] erofs: (device loop3): mounted with root inode @ nid 36. [ 1401.269501][T30886] syz.3.11374: attempt to access beyond end of device [ 1401.269501][T30886] loop3: rw=0, sector=34359736320, nr_sectors = 8 limit=16 [ 1401.408833][T30887] team0 (unregistering): Port device team_slave_0 removed [ 1401.459856][T30893] loop0: detected capacity change from 0 to 256 [ 1401.520430][T30887] team0 (unregistering): Port device team_slave_1 removed [ 1401.530622][T30893] FAT-fs (loop0): Directory bread(block 64) failed [ 1401.543244][T30893] FAT-fs (loop0): Directory bread(block 65) failed [ 1401.558976][T30893] FAT-fs (loop0): Directory bread(block 66) failed [ 1401.594505][T30893] FAT-fs (loop0): Directory bread(block 67) failed [ 1401.616337][T30893] FAT-fs (loop0): Directory bread(block 68) failed [ 1401.647076][T30893] FAT-fs (loop0): Directory bread(block 69) failed [ 1401.668812][T30893] FAT-fs (loop0): Directory bread(block 70) failed [ 1401.699689][T30893] FAT-fs (loop0): Directory bread(block 71) failed [ 1401.720425][T30893] FAT-fs (loop0): Directory bread(block 72) failed [ 1401.744447][T30893] FAT-fs (loop0): Directory bread(block 73) failed [ 1402.235838][T30913] loop3: detected capacity change from 0 to 8 [ 1402.243094][T30913] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 1402.287059][ T5760] udevd[5760]: incorrect cramfs checksum on /dev/loop3 [ 1402.295483][T30913] cramfs: Error -3 while decompressing! [ 1402.318506][T30913] cramfs: ffffffff973f6368(26)->ffff88804c6df000(4096) [ 1402.348702][T30913] cramfs: Error -3 while decompressing! [ 1402.361758][T30913] cramfs: ffffffff973f6382(26)->ffff88804fafe000(4096) [ 1402.378585][T30913] cramfs: Error -3 while decompressing! [ 1402.391210][ T5760] udevd[5760]: incorrect cramfs checksum on /dev/loop3 [ 1402.399007][T30913] cramfs: ffffffff973f639c(16)->ffff88804cfaf000(4096) [ 1402.414070][T30913] cramfs: Error -3 while decompressing! [ 1402.426008][T30913] cramfs: ffffffff973f6368(26)->ffff88804c6df000(4096) [ 1402.632440][T30917] loop1: detected capacity change from 0 to 4096 [ 1402.653212][T30917] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 1402.825178][T30917] ntfs3: loop1: failed to convert "c46c" to cp437 [ 1403.592739][ T28] audit: type=1326 audit(2000008382.539:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30949 comm="syz.0.11406" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa662f9c799 code=0x0 [ 1403.936765][T30941] loop1: detected capacity change from 0 to 32768 [ 1404.878684][T30990] loop1: detected capacity change from 0 to 4096 [ 1405.748129][T31026] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11443'. [ 1405.770804][T31028] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11444'. [ 1406.323461][T31020] loop0: detected capacity change from 0 to 32768 [ 1406.536691][ T28] audit: type=1326 audit(2000008385.251:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31049 comm="syz.3.11455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1406.614382][T31054] loop1: detected capacity change from 0 to 16 [ 1406.615517][ T28] audit: type=1326 audit(2000008385.251:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31049 comm="syz.3.11455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1406.682431][T31054] erofs: (device loop1): mounted with root inode @ nid 36. [ 1406.726621][ T28] audit: type=1326 audit(2000008385.251:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31049 comm="syz.3.11455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1406.749104][ C1] vkms_vblank_simulate: vblank timer overrun [ 1406.820904][ T28] audit: type=1326 audit(2000008385.251:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31049 comm="syz.3.11455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1406.928979][ T28] audit: type=1326 audit(2000008385.251:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31049 comm="syz.3.11455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1407.046049][T31063] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11462'. [ 1407.421642][T31082] netlink: 64 bytes leftover after parsing attributes in process `syz.0.11471'. [ 1407.445328][T31076] 8021q: adding VLAN 0 to HW filter on device bond3 [ 1407.659462][T31083] loop1: detected capacity change from 0 to 4096 [ 1407.680454][T31083] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 1407.747242][T31083] ntfs3: loop1: ino=3, ntfs_set_state failed, -22. [ 1407.760769][T31087] loop0: detected capacity change from 0 to 4096 [ 1407.774363][T31083] ntfs3: loop1: Failed to initialize $Extend/$Reparse. [ 1407.814502][T31087] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 1407.909903][T31083] ntfs3: loop1: ino=1e, "file1" failed to parse mft record [ 1407.934715][T31083] ntfs3: loop1: ino=1e, "file1" attr_set_size [ 1408.048522][T31087] ntfs3: loop0: failed to convert "c46c" to ascii [ 1408.124127][ T3525] ntfs3: loop1: ino=3, ntfs3_write_inode failed, -22. [ 1408.146823][ T6418] ntfs3: loop1: ino=3, ntfs_set_state failed, -22. [ 1408.180524][ T6418] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 1408.227123][ T6418] ntfs3: loop1: ino=3, ntfs_set_state failed, -22. [ 1408.255342][T24636] ntfs3: loop1: ino=3, ntfs3_write_inode failed, -22. [ 1408.416832][T31106] netlink: 'syz.1.11480': attribute type 75 has an invalid length. [ 1408.504326][T31110] vlan1: entered allmulticast mode [ 1408.538828][T31110] veth0_vlan: entered allmulticast mode [ 1408.894406][T31124] netlink: 'syz.2.11492': attribute type 3 has an invalid length. [ 1408.979009][T31130] netlink: 'syz.3.11494': attribute type 11 has an invalid length. [ 1409.354335][ T9751] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 1409.571167][ T9751] usb 3-1: Using ep0 maxpacket: 16 [ 1409.579539][ T9751] usb 3-1: config 0 has no interfaces? [ 1409.590628][ T9751] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1409.601446][ T9751] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1409.613756][ T9751] usb 3-1: Product: syz [ 1409.623273][ T9751] usb 3-1: Manufacturer: syz [ 1409.644314][ T9751] usb 3-1: SerialNumber: syz [ 1409.665004][ T9751] r8152-cfgselector 3-1: config 0 descriptor?? [ 1409.837317][T31161] SET target dimension over the limit! [ 1409.919293][ T9751] usbip-host 3-1: 3-1 is not in match_busid table... skip! [ 1410.021414][ T2974] usb 3-1: config 0 descriptor?? [ 1410.154652][ T27] usb 3-1: USB disconnect, device number 29 [ 1410.165034][ T2974] usb 3-1: can't set config #0, error -71 [ 1410.329731][ T6507] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 1410.535657][ T6507] usb 4-1: Using ep0 maxpacket: 16 [ 1410.563213][ T6507] usb 4-1: New USB device found, idVendor=0458, idProduct=704a, bcdDevice=3a.55 [ 1410.573278][ T6507] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1410.582143][ T6507] usb 4-1: Product: syz [ 1410.586418][ T6507] usb 4-1: Manufacturer: syz [ 1410.591529][ T6507] usb 4-1: SerialNumber: syz [ 1410.602392][ T6507] usb 4-1: config 0 descriptor?? [ 1410.623907][ T6507] gspca_main: gspca_sn9c20x-2.14.0 probing 0458:704a [ 1411.089531][ T6507] gspca_sn9c20x: Write register 1001 failed -71 [ 1411.112242][ T6507] gspca_sn9c20x: Device initialization failed [ 1411.119507][ T6507] gspca_sn9c20x: probe of 4-1:0.0 failed with error -71 [ 1411.135110][ T6507] usb 4-1: USB disconnect, device number 33 [ 1411.878285][T31227] xt_recent: hitcount (4294967293) is larger than allowed maximum (255) [ 1412.302847][T31241] netlink: 'syz.3.11548': attribute type 1 has an invalid length. [ 1412.311382][T31241] netlink: 'syz.3.11548': attribute type 2 has an invalid length. [ 1412.327867][T31247] block nbd1: NBD_DISCONNECT [ 1412.721293][T31259] binder: 31258:31259 ioctl c018620c 200000000380 returned -22 [ 1412.818413][T31265] netlink: 'syz.2.11558': attribute type 1 has an invalid length. [ 1413.408134][ T27] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 1413.624448][ T27] usb 1-1: Using ep0 maxpacket: 16 [ 1413.634988][ T27] usb 1-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 1413.647666][ T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1413.655764][ T27] usb 1-1: Product: syz [ 1413.660735][ T27] usb 1-1: Manufacturer: syz [ 1413.665407][ T27] usb 1-1: SerialNumber: syz [ 1413.676447][ T27] usb 1-1: config 0 descriptor?? [ 1413.933785][ T27] speedtch 1-1:0.0: speedtch_bind: data interface not found! [ 1413.956654][ T27] speedtch 1-1:0.0: usbatm_usb_probe: bind failed: -19! [ 1414.015464][T31307] netlink: 'syz.3.11579': attribute type 3 has an invalid length. [ 1414.127522][T31309] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11580'. [ 1414.184715][ T27] usb 1-1: USB disconnect, device number 25 [ 1414.653495][T31330] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6tnl0, syncid = 786440, id = 0 [ 1415.188004][T31352] cgroup: none used incorrectly [ 1415.565193][T31364] netlink: 'syz.1.11606': attribute type 10 has an invalid length. [ 1415.896138][T31350] loop0: detected capacity change from 0 to 32768 [ 1415.912664][T31350] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.11600 (31350) [ 1415.983714][T31350] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1416.013558][T31350] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 1416.036761][T31350] BTRFS info (device loop0): force zlib compression, level 3 [ 1416.057293][T31350] BTRFS info (device loop0): turning on flush-on-commit [ 1416.097837][T31350] BTRFS info (device loop0): max_inline at 4096 [ 1416.121381][T31350] BTRFS info (device loop0): using free space tree [ 1416.298630][T31350] BTRFS info (device loop0): enabling ssd optimizations [ 1416.312201][T31350] BTRFS info (device loop0): auto enabling async discard [ 1416.632908][ T6415] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1417.680866][T31434] veth1_virt_wifi: entered promiscuous mode [ 1418.713054][T31464] bond2: entered allmulticast mode [ 1419.073275][T31477] macvtap0: entered allmulticast mode [ 1419.089284][T31477] veth0_macvtap: entered allmulticast mode [ 1419.368679][ T786] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 1419.595968][ T786] usb 2-1: Using ep0 maxpacket: 8 [ 1419.604020][ T786] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1419.614450][ T786] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1419.632105][ T786] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 17520, setting to 1024 [ 1419.648080][ T786] usb 2-1: New USB device found, idVendor=2466, idProduct=8010, bcdDevice= 0.40 [ 1419.660925][ T786] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1419.669375][ T786] usb 2-1: Product: syz [ 1419.676669][ T786] usb 2-1: Manufacturer: syz [ 1419.681506][ T786] usb 2-1: SerialNumber: syz [ 1419.845370][T17047] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 1419.949122][T31503] macvtap0: entered allmulticast mode [ 1419.962132][T31503] veth0_macvtap: entered allmulticast mode [ 1420.073458][T17047] usb 3-1: Using ep0 maxpacket: 8 [ 1420.085734][T17047] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1420.106653][T17047] usb 3-1: New USB device found, idVendor=0e8d, idProduct=2000, bcdDevice=21.c6 [ 1420.135062][T17047] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1420.145765][ T786] usb 2-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 1420.169798][ T786] usb 2-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 1420.178416][T17047] usb 3-1: config 0 descriptor?? [ 1420.246420][ T786] usb 2-1: USB disconnect, device number 33 [ 1420.292697][T31511] kAFS: unable to lookup cell '/,' [ 1420.341509][ T5760] udevd[5760]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1420.418846][ T6174] usb 3-1: USB disconnect, device number 30 [ 1420.665940][T31519] loop3: detected capacity change from 0 to 512 [ 1420.789317][T31519] Quota error (device loop3): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 1420.814320][T31519] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 1420.830418][T31519] EXT4-fs error (device loop3): ext4_acquire_dquot:6949: comm syz.3.11674: Failed to acquire dquot type 1 [ 1420.848935][T31519] Quota error (device loop3): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 1420.859441][T31519] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 1420.870918][T31519] EXT4-fs error (device loop3): ext4_acquire_dquot:6949: comm syz.3.11674: Failed to acquire dquot type 1 [ 1420.886268][T31519] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.11674: bg 0: block 248: padding at end of block bitmap is not set [ 1420.912141][T31519] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6651: Corrupt filesystem [ 1420.936042][T31519] Quota error (device loop3): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 1420.946593][T31519] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 1420.956696][T31519] EXT4-fs error (device loop3): ext4_acquire_dquot:6949: comm syz.3.11674: Failed to acquire dquot type 1 [ 1420.972528][T31519] EXT4-fs (loop3): 1 orphan inode deleted [ 1420.978352][T31526] xt_CT: No such helper "netbios-ns" [ 1420.982816][T31519] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1421.015812][T31519] ext4 filesystem being mounted at /2816/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1421.152192][T31519] Quota error (device loop3): do_check_range: Getting block 1536 out of range 0-5 [ 1421.413714][ T6422] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1421.776957][T31547] netlink: 20 bytes leftover after parsing attributes in process `syz.3.11684'. [ 1421.824243][T31551] netlink: 36 bytes leftover after parsing attributes in process `syz.2.11688'. [ 1422.070075][T31537] loop1: detected capacity change from 0 to 32768 [ 1422.088750][T31537] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 scanned by syz.1.11681 (31537) [ 1422.147984][T31537] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1422.167097][T31537] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 1422.176568][T31537] BTRFS info (device loop1): force zlib compression, level 3 [ 1422.197693][T31537] BTRFS info (device loop1): force clearing of disk cache [ 1422.205958][T31537] BTRFS info (device loop1): setting nodatasum [ 1422.233885][T31559] ipt_REJECT: TCP_RESET invalid for non-tcp [ 1422.259008][T31537] BTRFS info (device loop1): allowing degraded mounts [ 1422.284753][T31537] BTRFS info (device loop1): enabling disk space caching [ 1422.292017][T31537] BTRFS info (device loop1): disk space caching is enabled [ 1422.512792][T31537] BTRFS info (device loop1): auto enabling async discard [ 1422.540686][T31537] BTRFS info (device loop1): rebuilding free space tree [ 1422.640567][T31537] BTRFS info (device loop1): disabling free space tree [ 1422.674089][T31537] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 1422.683852][T31537] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 1422.765820][T31593] loop3: detected capacity change from 0 to 512 [ 1422.794920][T31593] EXT4-fs: Ignoring removed bh option [ 1422.832455][T31537] BTRFS warning (device loop1): get dev_stats failed, device not found [ 1422.866700][T31593] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 1422.902387][T31593] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1422.955094][T31593] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 1422.979162][ T6418] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1423.019023][T31593] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 1423.047349][T31593] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1423.145644][T31593] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #12: block 32: comm syz.3.11699: bad entry in directory: directory entry overrun - offset=24, inode=13, rec_len=2320, size=2048 fake=0 [ 1423.488580][ T6422] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1423.956921][T31623] loop3: detected capacity change from 0 to 764 [ 1424.137249][T31623] 9pnet_fd: p9_fd_create_unix (31623): problem connecting socket: ./file0: -30 [ 1424.783180][T31653] fuse: blksize only supported for fuseblk [ 1424.996770][T31662] netlink: 'syz.1.11734': attribute type 10 has an invalid length. [ 1425.021613][T31662] netlink: 156 bytes leftover after parsing attributes in process `syz.1.11734'. [ 1425.509096][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 1425.515554][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 1425.562833][T31686] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11744'. [ 1426.092821][T31701] loop0: detected capacity change from 0 to 4096 [ 1426.111226][T31701] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 1426.146448][T31701] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 1426.753922][T31729] loop3: detected capacity change from 0 to 256 [ 1426.890024][ T27] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 1427.104014][ T27] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1427.125571][ T27] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 1427.139474][ T27] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1427.173534][ T27] usb 1-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5 [ 1427.182951][T31739] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11770'. [ 1427.198949][ T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1427.209852][T31739] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11770'. [ 1427.230160][ T27] usb 1-1: Product: syz [ 1427.236612][ T27] usb 1-1: Manufacturer: syz [ 1427.252338][ T27] usb 1-1: SerialNumber: syz [ 1427.274948][ T27] usb 1-1: config 0 descriptor?? [ 1427.367791][T31746] netlink: 108 bytes leftover after parsing attributes in process `syz.2.11773'. [ 1427.517891][ T9751] usb 1-1: USB disconnect, device number 26 [ 1427.930424][T31769] netlink: 'syz.3.11784': attribute type 10 has an invalid length. [ 1427.938437][T31769] netlink: 156 bytes leftover after parsing attributes in process `syz.3.11784'. [ 1428.067070][T31775] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 1428.098522][T31775] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1428.272497][T31780] netlink: 144 bytes leftover after parsing attributes in process `syz.0.11789'. [ 1428.761254][T31804] netlink: zone id is out of range [ 1428.775666][T31804] netlink: del zone limit has 8 unknown bytes [ 1428.894913][ T27] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 1429.103152][ T27] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 1429.133272][ T27] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1429.166876][ T27] usb 2-1: config 0 descriptor?? [ 1429.268260][T31821] loop3: detected capacity change from 0 to 2048 [ 1429.333889][T31821] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1429.655648][ T27] ath6kl: Failed to read usb control message: -71 [ 1429.675072][ T27] ath6kl: Unable to read the bmi data from the device: -71 [ 1429.687995][ T27] ath6kl: Unable to recv target info: -71 [ 1429.718385][ T27] ath6kl: Failed to init ath6kl core: -71 [ 1429.730775][ T27] ath6kl_usb: probe of 2-1:0.0 failed with error -71 [ 1429.763699][ T27] usb 2-1: USB disconnect, device number 34 [ 1430.059663][T31834] x_tables: duplicate entry at hook 2 [ 1430.856496][T17047] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 1431.078112][T17047] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1431.100955][T17047] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1431.112720][T17047] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1431.136228][T17047] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1431.154132][T17047] usb 1-1: SerialNumber: syz [ 1431.397886][T17047] usb 1-1: 0:2 : does not exist [ 1431.437376][T17047] usb 1-1: USB disconnect, device number 27 [ 1431.553261][ T5760] udevd[5760]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1431.812072][T31898] tmpfs: Bad value for 'mpol' [ 1431.832182][ T9751] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 1432.040287][ T9751] usb 4-1: config 220 has an invalid interface number: 76 but max is 2 [ 1432.056852][ T9751] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1432.070532][ T6174] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 1432.087057][ T9751] usb 4-1: config 220 has no interface number 2 [ 1432.100664][ T9751] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1432.116414][ T9751] usb 4-1: config 220 interface 0 has no altsetting 0 [ 1432.123265][ T9751] usb 4-1: config 220 interface 76 has no altsetting 0 [ 1432.130661][ T9751] usb 4-1: config 220 interface 1 has no altsetting 0 [ 1432.142123][ T9751] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1432.151656][ T9751] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1432.160255][ T9751] usb 4-1: Product: syz [ 1432.164580][ T9751] usb 4-1: Manufacturer: syz [ 1432.169702][ T9751] usb 4-1: SerialNumber: syz [ 1432.270041][T31908] loop0: detected capacity change from 0 to 2048 [ 1432.297833][ T6174] usb 2-1: Using ep0 maxpacket: 32 [ 1432.303234][T15878] usb 3-1: new full-speed USB device number 31 using dummy_hcd [ 1432.324391][T31908] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1432.340966][ T6174] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1432.358163][ T6174] usb 2-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 1432.372866][ T6174] usb 2-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 1432.384465][ T6174] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1432.392574][ T6174] usb 2-1: Product: syz [ 1432.415656][ T9751] usb 4-1: selecting invalid altsetting 0 [ 1432.419224][ T6174] usb 2-1: Manufacturer: syz [ 1432.434690][ T6174] usb 2-1: SerialNumber: syz [ 1432.453206][ T9751] usb 4-1: Found UVC 7.01 device syz (8086:0b07) [ 1432.459644][ T9751] usb 4-1: No valid video chain found. [ 1432.517333][ T9751] usb 4-1: selecting invalid altsetting 0 [ 1432.523351][ T9751] usbtest: probe of 4-1:220.1 failed with error -22 [ 1432.537781][T15878] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1432.557905][T15878] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1432.572249][T15878] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00 [ 1432.592042][ T9751] usb 4-1: USB disconnect, device number 34 [ 1432.598687][T15878] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1432.630488][ T5760] udevd[5760]: setting mode of /dev/bus/usb/004/034 to 020664 failed: No such file or directory [ 1432.638408][T15878] usb 3-1: SerialNumber: syz [ 1432.655492][ T5760] udevd[5760]: setting owner of /dev/bus/usb/004/034 to uid=0, gid=0 failed: No such file or directory [ 1432.693354][T15878] usb 3-1: 0:2 : does not exist [ 1432.707257][ T6174] usb 2-1: Not enough endpoints found in device, aborting! [ 1432.776160][T31912] loop0: detected capacity change from 0 to 164 [ 1432.927616][ T6174] usb 2-1: USB disconnect, device number 35 [ 1433.219826][T15878] usb 3-1: USB disconnect, device number 31 [ 1433.261749][T31922] IPv6: Can't replace route, no match found [ 1433.375041][T31925] netlink: 'syz.0.11862': attribute type 32 has an invalid length. [ 1433.522773][T31931] netlink: 2384 bytes leftover after parsing attributes in process `syz.0.11864'. [ 1434.039207][T31929] loop3: detected capacity change from 0 to 32768 [ 1434.086153][T31946] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.11872'. [ 1434.140419][T31929] ERROR: (device loop3): dbAllocNext: Corrupt dmap page [ 1434.140419][T31929] [ 1434.162567][T31929] ialloc: diAlloc returned -5! [ 1434.447732][T31956] x_tables: ip6_tables: icmp6 match: only valid for protocol 58 [ 1434.504896][T31958] netlink: 'syz.3.11879': attribute type 1 has an invalid length. [ 1434.920608][T31968] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1435.838721][T32007] netlink: 'syz.1.11902': attribute type 4 has an invalid length. [ 1435.847194][T32007] netlink: 17 bytes leftover after parsing attributes in process `syz.1.11902'. [ 1436.155359][T32017] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1436.162744][T31990] loop3: detected capacity change from 0 to 32768 [ 1436.221183][T31990] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.11893 (31990) [ 1436.271548][T31990] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1436.283877][T31990] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 1436.306097][T31990] BTRFS info (device loop3): using free space tree [ 1436.464868][T31990] BTRFS info (device loop3): enabling ssd optimizations [ 1436.498945][T31990] BTRFS info (device loop3): auto enabling async discard [ 1436.687622][ T6422] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1436.999656][T32057] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1437.094333][T32053] loop1: detected capacity change from 0 to 8192 [ 1437.314468][T32063] hsr0: VLAN not yet supported [ 1437.532782][ T28] audit: type=1400 audit(2000008413.855:516): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=32064 comm="syz.2.11923" [ 1438.002716][T32055] loop0: detected capacity change from 0 to 32768 [ 1438.036884][T32055] (syz.0.11919,32055,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1438.069376][T32055] (syz.0.11919,32055,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1438.192914][T32055] JBD2: Ignoring recovery information on journal [ 1438.290395][T32055] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 1438.721621][ T6415] ocfs2: Unmounting device (7,0) on (node local) [ 1438.909288][ T9751] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 1439.045307][T32108] netlink: 100 bytes leftover after parsing attributes in process `syz.0.11940'. [ 1439.055760][T32109] sit0: entered promiscuous mode [ 1439.070308][T32109] netlink: 'syz.3.11944': attribute type 1 has an invalid length. [ 1439.107725][T32109] netlink: 1 bytes leftover after parsing attributes in process `syz.3.11944'. [ 1439.138872][ T9751] usb 3-1: config 220 has an invalid interface number: 76 but max is 2 [ 1439.151908][ T9751] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 1439.190766][ T9751] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1439.201241][ T9751] usb 3-1: config 220 has no interface number 2 [ 1439.242004][ T9751] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1439.266176][ T9751] usb 3-1: config 220 interface 0 has no altsetting 0 [ 1439.273508][ T9751] usb 3-1: config 220 interface 76 has no altsetting 0 [ 1439.299089][ T9751] usb 3-1: config 220 interface 1 has no altsetting 0 [ 1439.310069][T32116] netlink: 20 bytes leftover after parsing attributes in process `syz.1.11946'. [ 1439.323250][ T9751] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1439.343388][ T9751] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1439.351537][ T9751] usb 3-1: Product: syz [ 1439.362902][ T9751] usb 3-1: Manufacturer: syz [ 1439.368579][ T9751] usb 3-1: SerialNumber: syz [ 1439.618744][ T9751] usb 3-1: selecting invalid altsetting 0 [ 1439.649639][ T9751] usb 3-1: Found UVC 7.01 device syz (8086:0b07) [ 1439.656942][ T9751] usb 3-1: No valid video chain found. [ 1439.662542][T32126] __vm_enough_memory: pid: 32126, comm: syz.3.11952, not enough memory for the allocation [ 1439.678778][ T9751] usb 3-1: selecting invalid altsetting 0 [ 1439.684654][ T9751] usbtest: probe of 3-1:220.1 failed with error -22 [ 1439.729749][ T9751] usb 3-1: USB disconnect, device number 32 [ 1440.108025][T32140] netlink: 'syz.0.11959': attribute type 46 has an invalid length. [ 1440.246669][T32144] xt_cgroup: xt_cgroup: no path or classid specified [ 1440.611215][ T28] audit: type=1326 audit(2000008416.706:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32157 comm="syz.3.11969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1440.654044][T32160] netlink: 'syz.2.11968': attribute type 7 has an invalid length. [ 1440.681651][ T28] audit: type=1326 audit(2000008416.706:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32157 comm="syz.3.11969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1440.790340][ T28] audit: type=1326 audit(2000008416.706:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32157 comm="syz.3.11969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1440.850530][ T28] audit: type=1326 audit(2000008416.706:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32157 comm="syz.3.11969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1440.917150][ T28] audit: type=1326 audit(2000008416.734:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32157 comm="syz.3.11969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1440.993003][ T28] audit: type=1326 audit(2000008416.734:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32157 comm="syz.3.11969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1441.072820][ T28] audit: type=1326 audit(2000008416.734:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32157 comm="syz.3.11969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1441.109707][ T28] audit: type=1326 audit(2000008416.734:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32157 comm="syz.3.11969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1441.471286][T32186] loop3: detected capacity change from 0 to 256 [ 1441.558170][T32192] loop1: detected capacity change from 0 to 2048 [ 1441.633597][T32192] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1441.748408][ T9751] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 1441.965588][ T9751] usb 1-1: Using ep0 maxpacket: 16 [ 1442.013042][ T9751] usb 1-1: config index 0 descriptor too short (expected 65, got 36) [ 1442.038181][ T9751] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1442.069243][ T9751] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1442.095431][ T9751] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1442.125283][ T9751] usb 1-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 1442.170249][ T9751] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1442.205843][ T9751] usb 1-1: config 0 descriptor?? [ 1442.231179][ T9751] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input61 [ 1442.275569][ T5123] pxrc 1-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 1442.409880][ T5123] pxrc 1-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 1442.464152][ T5123] pxrc 1-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 1442.517859][ T7235] pxrc 1-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 1442.553097][T32188] pxrc 1-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 1442.650370][ T5123] pxrc 1-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 1442.671996][T32220] syz.1.12000: attempt to access beyond end of device [ 1442.671996][T32220] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 1442.692126][ T9751] usb 1-1: USB disconnect, device number 28 [ 1442.698609][ T5123] pxrc 1-1:0.0: pxrc_open - usb_submit_urb failed, error: -19 [ 1443.497457][T32247] netlink: 140 bytes leftover after parsing attributes in process `syz.3.12012'. [ 1443.744508][T32257] netlink: 256 bytes leftover after parsing attributes in process `syz.1.12018'. [ 1443.880841][T32262] unsupported nla_type 40 [ 1444.425506][T32286] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12032'. [ 1444.705476][T32298] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.12038'. [ 1445.115025][T32316] netlink: 'syz.0.12047': attribute type 9 has an invalid length. [ 1445.279309][T32322] infiniband syz0: set down [ 1445.287258][T32322] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1445.343303][ T6174] lo speed is unknown, defaulting to 1000 [ 1445.362334][T17047] lo speed is unknown, defaulting to 1000 [ 1445.444009][ T6507] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 1445.505634][T32331] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12055'. [ 1445.524040][T32330] loop1: detected capacity change from 0 to 256 [ 1445.538776][T32331] netlink: 32 bytes leftover after parsing attributes in process `syz.3.12055'. [ 1445.569757][T32330] FAT-fs (loop1): Directory bread(block 64) failed [ 1445.579958][T32331] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12055'. [ 1445.591772][T32330] FAT-fs (loop1): Directory bread(block 65) failed [ 1445.602464][T32331] netlink: 2 bytes leftover after parsing attributes in process `syz.3.12055'. [ 1445.614263][T32330] FAT-fs (loop1): Directory bread(block 66) failed [ 1445.626208][T32331] netlink: 32 bytes leftover after parsing attributes in process `syz.3.12055'. [ 1445.635631][T32330] FAT-fs (loop1): Directory bread(block 67) failed [ 1445.664617][T32330] FAT-fs (loop1): Directory bread(block 68) failed [ 1445.671268][T32330] FAT-fs (loop1): Directory bread(block 69) failed [ 1445.687708][ T6507] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1445.700309][T32330] FAT-fs (loop1): Directory bread(block 70) failed [ 1445.719539][T32330] FAT-fs (loop1): Directory bread(block 71) failed [ 1445.724202][ T6507] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1445.736380][ T6507] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1445.737581][T32330] FAT-fs (loop1): Directory bread(block 72) failed [ 1445.794449][T32330] FAT-fs (loop1): Directory bread(block 73) failed [ 1445.812860][ T6507] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1445.822421][ T6507] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1445.856546][ T6507] usb 3-1: Product: syz [ 1445.860802][ T6507] usb 3-1: Manufacturer: syz [ 1445.865438][ T6507] usb 3-1: SerialNumber: syz [ 1445.912723][ T6507] usb 3-1: config 0 descriptor?? [ 1445.920578][T32330] FAT-fs (loop1): error, invalid access to FAT (entry 0x00006a61) [ 1445.931800][ T28] audit: type=1800 audit(2000008421.596:525): pid=32330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.12054" name="blkio.bfq.idle_time" dev="loop1" ino=1048684 res=0 errno=0 [ 1446.034082][T32340] netlink: 328 bytes leftover after parsing attributes in process `syz.3.12059'. [ 1446.239905][T32344] loop0: detected capacity change from 0 to 1024 [ 1446.272205][T32344] EXT4-fs: Ignoring removed orlov option [ 1446.290704][T32344] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1446.392562][T32344] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1446.576943][ T6507] usb 3-1: USB disconnect, device number 33 [ 1446.595049][ T6415] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1447.078198][T32371] loop0: detected capacity change from 0 to 2048 [ 1447.123976][T32371] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 1447.159389][T32371] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1447.738903][T32388] loop1: detected capacity change from 0 to 2048 [ 1447.811597][T32388] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1447.823532][T32394] netlink: 28 bytes leftover after parsing attributes in process `syz.3.12084'. [ 1447.839557][T32394] netlink: 28 bytes leftover after parsing attributes in process `syz.3.12084'. [ 1448.024003][T32396] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 1448.237820][T32406] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12090'. [ 1448.395892][T32411] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1448.508275][T32415] loop1: detected capacity change from 0 to 512 [ 1448.568225][T32415] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a000c018, mo2=0002] [ 1448.625206][T32415] System zones: 0-2, 18-18, 34-35 [ 1448.686343][T32415] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1448.762598][T32415] ext4 filesystem being mounted at /2783/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1448.805659][T32415] EXT4-fs error (device loop1): ext4_empty_dir:3136: inode #12: comm syz.1.12093: invalid size [ 1448.972396][ T6418] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1449.344432][T32448] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1449.804255][T32466] loop1: detected capacity change from 0 to 256 [ 1450.060152][T32476] netlink: 'syz.2.12122': attribute type 13 has an invalid length. [ 1450.125139][T32476] netlink: 'syz.2.12122': attribute type 12 has an invalid length. [ 1450.418262][T32492] __nla_validate_parse: 3 callbacks suppressed [ 1450.418283][T32492] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12130'. [ 1450.490406][T32492] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12130'. [ 1450.516151][T32492] netlink: 36 bytes leftover after parsing attributes in process `syz.1.12130'. [ 1450.825957][T32510] netlink: 12 bytes leftover after parsing attributes in process `syz.2.12140'. [ 1450.886330][T32514] loop0: detected capacity change from 0 to 8 [ 1450.950008][T32516] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12143'. [ 1450.959145][T32516] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12143'. [ 1451.489787][ T28] audit: type=1326 audit(2000008426.736:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32539 comm="syz.2.12156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8d1b9c799 code=0x7ffc0000 [ 1451.546324][ T28] audit: type=1326 audit(2000008426.736:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32539 comm="syz.2.12156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8d1b9c799 code=0x7ffc0000 [ 1451.583029][ T28] audit: type=1326 audit(2000008426.736:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32539 comm="syz.2.12156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7fa8d1b9c799 code=0x7ffc0000 [ 1451.649776][ T28] audit: type=1326 audit(2000008426.736:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32539 comm="syz.2.12156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8d1b9c799 code=0x7ffc0000 [ 1451.688460][ T28] audit: type=1326 audit(2000008426.736:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32539 comm="syz.2.12156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8d1b9c799 code=0x7ffc0000 [ 1451.773560][T32548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12158'. [ 1451.997992][T32560] loop3: detected capacity change from 0 to 512 [ 1452.733287][T32588] QAT: Device 3 not found [ 1452.936043][ T28] audit: type=1326 audit(2000008428.065:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32597 comm="syz.3.12183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1452.993136][ T28] audit: type=1326 audit(2000008428.065:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32597 comm="syz.3.12183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1452.993192][ T28] audit: type=1326 audit(2000008428.092:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32597 comm="syz.3.12183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1452.993236][ T28] audit: type=1326 audit(2000008428.092:534): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=32597 comm="syz.3.12183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1452.993281][ T28] audit: type=1326 audit(2000008428.092:535): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=32597 comm="syz.3.12183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1453.166067][ C0] vkms_vblank_simulate: vblank timer overrun [ 1453.377334][T32608] sp0: Synchronizing with TNC [ 1453.411247][T32607] [U] [ 1453.429405][T32613] netlink: 'syz.3.12193': attribute type 1 has an invalid length. [ 1453.469707][T32616] loop0: detected capacity change from 0 to 256 [ 1454.024899][T32636] loop1: detected capacity change from 0 to 512 [ 1454.139506][T32638] loop0: detected capacity change from 0 to 64 [ 1454.512947][T32648] netlink: 20 bytes leftover after parsing attributes in process `syz.2.12209'. [ 1454.532179][T32648] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 1454.676265][T32656] netlink: 'syz.1.12213': attribute type 27 has an invalid length. [ 1454.679135][T32655] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (18446744073709551615) [ 1454.759354][T32658] ipt_ECN: cannot use operation on non-tcp rule [ 1454.944343][T32666] netlink: 40 bytes leftover after parsing attributes in process `syz.1.12219'. [ 1455.443755][T32686] syz.0.12228 (32686): /proc/32684/oom_adj is deprecated, please use /proc/32684/oom_score_adj instead. [ 1455.979127][T32711] overlayfs: conflicting options: userxattr,redirect_dir=follow [ 1456.238445][T22209] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 1456.439403][T22209] usb 4-1: Using ep0 maxpacket: 32 [ 1456.467822][T22209] usb 4-1: New USB device found, idVendor=04e8, idProduct=6601, bcdDevice=81.9b [ 1456.488994][T22209] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1456.497078][T22209] usb 4-1: Product: syz [ 1456.512549][T22209] usb 4-1: Manufacturer: syz [ 1456.518664][T32731] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 1456.524807][T22209] usb 4-1: SerialNumber: syz [ 1456.765723][T32741] bond2: entered promiscuous mode [ 1456.771153][T32741] bond2: entered allmulticast mode [ 1456.778420][T32741] 8021q: adding VLAN 0 to HW filter on device bond2 [ 1456.809336][T22209] visor 4-1:1.0: Handspring Visor / Palm OS converter detected [ 1456.833548][T22209] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 1456.861895][T22209] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 1457.033669][T22209] usb 4-1: USB disconnect, device number 35 [ 1457.054768][T22209] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 1457.103350][T22209] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 1457.126627][T22209] visor 4-1:1.0: device disconnected [ 1457.730440][ T307] netlink: 16 bytes leftover after parsing attributes in process `syz.0.12272'. [ 1457.893997][ T311] netlink: 84 bytes leftover after parsing attributes in process `syz.3.12274'. [ 1457.972545][ T27] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 1458.168106][ T27] usb 3-1: Using ep0 maxpacket: 8 [ 1458.190049][ T27] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64 [ 1458.223873][ T27] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1458.255110][ T27] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1458.287539][ T27] usb 3-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 1458.298818][ T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1458.307419][ T27] usb 3-1: Product: syz [ 1458.349400][ T27] usb 3-1: Manufacturer: syz [ 1458.362689][ T27] usb 3-1: SerialNumber: syz [ 1458.378602][ T27] usb 3-1: config 0 descriptor?? [ 1458.391885][ T27] snd_usb_toneport 3-1:0.0: Line 6 TonePort UX2 found [ 1458.565204][ T337] netlink: 40 bytes leftover after parsing attributes in process `syz.1.12285'. [ 1458.627081][ T27] snd_usb_toneport 3-1:0.0: cannot get proper max packet size [ 1458.655585][ T27] snd_usb_toneport 3-1:0.0: Line 6 TonePort UX2 now disconnected [ 1458.685708][ T27] snd_usb_toneport: probe of 3-1:0.0 failed with error -22 [ 1458.730775][ T339] loop0: detected capacity change from 0 to 164 [ 1458.851100][ T6507] usb 3-1: USB disconnect, device number 34 [ 1459.418452][ T365] loop3: detected capacity change from 0 to 64 [ 1460.007479][ T27] usb 1-1: new full-speed USB device number 29 using dummy_hcd [ 1460.035431][ T386] netlink: 'syz.1.12310': attribute type 8 has an invalid length. [ 1460.052313][ T386] bridge3: entered promiscuous mode [ 1460.217867][ T27] usb 1-1: config 150 has an invalid interface number: 204 but max is 1 [ 1460.240715][ T27] usb 1-1: config 150 has no interface number 0 [ 1460.260679][ T27] usb 1-1: config 150 interface 204 has no altsetting 0 [ 1460.279075][ T27] usb 1-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb [ 1460.295031][ T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1460.318238][ T27] usb 1-1: Product: syz [ 1460.340169][ T27] usb 1-1: Manufacturer: syz [ 1460.370750][ T27] usb 1-1: SerialNumber: syz [ 1460.658870][ T27] xr_serial 1-1:150.204: xr_serial converter detected [ 1460.684376][ T27] xr_serial ttyUSB0: Failed to set reg 0x60: -71 [ 1460.690861][ T27] xr_serial: probe of ttyUSB0 failed with error -71 [ 1460.730361][ T27] usb 1-1: USB disconnect, device number 29 [ 1460.752612][ T27] xr_serial 1-1:150.204: device disconnected [ 1461.634187][ T440] netlink: 'syz.2.12338': attribute type 1 has an invalid length. [ 1461.644137][ T440] netlink: 'syz.2.12338': attribute type 3 has an invalid length. [ 1461.660468][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 1461.660485][ T28] audit: type=1326 audit(2000008436.120:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=439 comm="syz.3.12337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1461.696148][ T440] netlink: 224 bytes leftover after parsing attributes in process `syz.2.12338'. [ 1461.744047][ T28] audit: type=1326 audit(2000008436.120:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=439 comm="syz.3.12337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1461.766353][ C0] vkms_vblank_simulate: vblank timer overrun [ 1461.801955][ T28] audit: type=1326 audit(2000008436.120:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=439 comm="syz.3.12337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1461.883376][ T28] audit: type=1326 audit(2000008436.129:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=439 comm="syz.3.12337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1461.934438][ T446] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1462.376590][ T468] loop3: detected capacity change from 0 to 1024 [ 1462.612046][ T3525] hfsplus: b-tree write err: -5, ino 25 [ 1462.622590][ T3525] hfsplus: b-tree write err: -5, ino 4 [ 1462.640668][ T3525] hfsplus: b-tree write err: -5, ino 2 [ 1462.738757][ T480] netlink: 'syz.1.12354': attribute type 10 has an invalid length. [ 1462.791009][ T480] netlink: 40 bytes leftover after parsing attributes in process `syz.1.12354'. [ 1462.810409][ T480] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check. [ 1463.031748][ T492] netlink: 'syz.3.12360': attribute type 2 has an invalid length. [ 1463.042137][ T492] netlink: 'syz.3.12360': attribute type 1 has an invalid length. [ 1463.231809][ T500] netlink: 'syz.3.12365': attribute type 15 has an invalid length. [ 1463.240617][ T500] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12365'. [ 1463.250547][ T6507] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 1463.304733][ T27] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 1463.490699][ T6507] usb 1-1: config 0 has an invalid interface number: 117 but max is 0 [ 1463.498980][ T6507] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1463.509512][ T6507] usb 1-1: config 0 has no interface number 0 [ 1463.511193][ T27] usb 2-1: Using ep0 maxpacket: 8 [ 1463.516380][ T6507] usb 1-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 1463.530828][ T6507] usb 1-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1463.551147][ T6507] usb 1-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 1463.555990][ T27] usb 2-1: config 0 has an invalid interface number: 99 but max is 0 [ 1463.568444][ T6507] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1463.568473][ T6507] usb 1-1: Product: syz [ 1463.568490][ T6507] usb 1-1: Manufacturer: syz [ 1463.568506][ T6507] usb 1-1: SerialNumber: syz [ 1463.592033][ T27] usb 2-1: config 0 has no interface number 0 [ 1463.598487][ T27] usb 2-1: New USB device found, idVendor=1de1, idProduct=c102, bcdDevice=4d.89 [ 1463.606506][ T6507] usb 1-1: config 0 descriptor?? [ 1463.619173][T17047] usb 4-1: new full-speed USB device number 36 using dummy_hcd [ 1463.626227][ T27] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1463.657262][ T27] usb 2-1: config 0 descriptor?? [ 1463.667596][ T27] usb-storage 2-1:0.99: USB Mass Storage device detected [ 1463.685280][ T27] usb-storage 2-1:0.99: device ignored [ 1463.850128][T17047] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1463.886620][T17047] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1463.897322][T17047] usb 4-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice= 1.00 [ 1463.906917][T17047] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1463.926339][T17047] usb 4-1: config 0 descriptor?? [ 1463.938843][T17047] xbox_remote_probe: endpoint_in message size==0? [ 1463.962847][ T786] usb 2-1: USB disconnect, device number 36 [ 1464.115833][ T6507] usbtouchscreen: probe of 1-1:0.117 failed with error -71 [ 1464.132704][ T6507] usb 1-1: USB disconnect, device number 30 [ 1464.160590][T17047] usbhid 4-1:0.0: can't add hid device: -71 [ 1464.173010][T17047] usbhid: probe of 4-1:0.0 failed with error -71 [ 1464.189452][T17047] usb 4-1: USB disconnect, device number 36 [ 1464.312672][ T9751] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 1464.520747][ T9751] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 1464.529762][ T9751] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1464.539916][ T9751] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1464.550985][ T9751] usb 3-1: config 1 has no interface number 1 [ 1464.557166][ T9751] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1464.570187][ T9751] usb 3-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1464.587811][ T9751] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1464.597618][ T9751] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1464.605813][ T9751] usb 3-1: Product: syz [ 1464.610144][ T9751] usb 3-1: Manufacturer: syz [ 1464.614788][ T9751] usb 3-1: SerialNumber: syz [ 1464.677853][ T524] netlink: 168 bytes leftover after parsing attributes in process `syz.1.12376'. [ 1464.894271][ T9751] usb 3-1: No endpoint at altset 1, falling back to MIDI 1.0 [ 1464.913480][ T9751] usb 3-1: MIDIStreaming interface descriptor not found [ 1465.002463][ T9751] usb 3-1: USB disconnect, device number 35 [ 1465.063558][ T7235] udevd[7235]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1465.232933][ T539] netlink: 'syz.0.12383': attribute type 5 has an invalid length. [ 1465.490544][ T28] audit: type=1326 audit(2000008439.654:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=546 comm="syz.1.12387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfd9c799 code=0x7ffc0000 [ 1465.527119][ T28] audit: type=1326 audit(2000008439.672:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=546 comm="syz.1.12387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfd9c799 code=0x7ffc0000 [ 1465.577391][ T28] audit: type=1326 audit(2000008439.681:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=546 comm="syz.1.12387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfd9c799 code=0x7ffc0000 [ 1465.601574][ T549] netlink: 'syz.0.12388': attribute type 3 has an invalid length. [ 1465.617339][ T28] audit: type=1326 audit(2000008439.709:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=546 comm="syz.1.12387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfd9c799 code=0x7ffc0000 [ 1465.640537][ T28] audit: type=1326 audit(2000008439.709:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=546 comm="syz.1.12387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f8cbfd9c799 code=0x7ffc0000 [ 1465.664511][ T28] audit: type=1326 audit(2000008439.709:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=546 comm="syz.1.12387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfd9c799 code=0x7ffc0000 [ 1466.366384][ T579] netlink: 'syz.3.12403': attribute type 5 has an invalid length. [ 1467.502268][ T629] netlink: 'syz.3.12428': attribute type 1 has an invalid length. [ 1467.564011][ T629] netlink: 232 bytes leftover after parsing attributes in process `syz.3.12428'. [ 1467.742827][ T636] loop3: detected capacity change from 0 to 256 [ 1467.760075][ T636] exfat: Deprecated parameter 'utf8' [ 1467.765469][ T636] exfat: Deprecated parameter 'utf8' [ 1467.797059][ T636] exfat: Deprecated parameter 'utf8' [ 1467.888615][ T636] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 1467.939578][ T641] ipt_rpfilter: unknown options [ 1468.769223][ T659] loop0: detected capacity change from 0 to 4096 [ 1469.060796][ T667] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12446'. [ 1469.188003][ T669] loop1: detected capacity change from 0 to 1764 [ 1469.295586][ T669] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 1469.818619][T17047] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 1469.890581][ T688] dlm: no locking on control device [ 1470.043664][ T690] loop0: detected capacity change from 0 to 4096 [ 1470.053246][T17047] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1470.078323][T17047] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1470.086448][T17047] usb 2-1: Product: syz [ 1470.099098][ T690] __ntfs_error: 3 callbacks suppressed [ 1470.099119][ T690] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing. [ 1470.119903][ T690] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1470.132487][T17047] usb 2-1: Manufacturer: syz [ 1470.137544][T17047] usb 2-1: SerialNumber: syz [ 1470.185583][T17047] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1470.197704][ T690] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1470.228619][ T786] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1470.259967][ T690] ntfs: volume version 3.1. [ 1470.534261][ C0] usb 2-1: ath: unknown panic pattern! [ 1470.540362][ T6415] ntfs: (device loop0): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 1470.771290][ T27] usb 2-1: USB disconnect, device number 37 [ 1471.125546][ T718] netlink: 16 bytes leftover after parsing attributes in process `syz.2.12471'. [ 1471.368611][ T786] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 1471.375870][ T786] ath9k_htc: Failed to initialize the device [ 1471.387357][ T27] usb 2-1: ath9k_htc: USB layer deinitialized [ 1471.411526][T22209] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 1471.420402][ T728] netlink: 240 bytes leftover after parsing attributes in process `syz.2.12475'. [ 1471.505345][ T732] loop0: detected capacity change from 0 to 128 [ 1471.612345][ T732] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 54) [ 1471.630681][T22209] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 1471.649802][ T732] FAT-fs (loop0): Filesystem has been set read-only [ 1471.659358][T22209] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1471.691377][T22209] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1471.701668][T22209] usb 4-1: config 1 has no interface number 1 [ 1471.711813][T22209] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1471.725229][T22209] usb 4-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1471.748844][T22209] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1471.767126][T22209] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1471.776202][T22209] usb 4-1: Product: syz [ 1471.780819][T22209] usb 4-1: Manufacturer: syz [ 1471.785478][T22209] usb 4-1: SerialNumber: syz [ 1471.789352][ T6415] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 54) [ 1472.064478][T22209] usb 4-1: No endpoint at altset 1, falling back to MIDI 1.0 [ 1472.072011][T22209] usb 4-1: MIDIStreaming interface descriptor not found [ 1472.159103][T22209] usb 4-1: USB disconnect, device number 37 [ 1472.218319][ T750] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12486'. [ 1472.722797][ T770] netlink: 224 bytes leftover after parsing attributes in process `syz.1.12495'. [ 1473.319807][ T6174] usb 1-1: new full-speed USB device number 31 using dummy_hcd [ 1473.438332][ T802] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1473.553019][ T6174] usb 1-1: config 0 has an invalid interface number: 41 but max is 0 [ 1473.572505][ T6174] usb 1-1: config 0 has no interface number 0 [ 1473.604910][ T6174] usb 1-1: config 0 interface 41 has no altsetting 0 [ 1473.629862][ T6174] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 1473.654900][ T6174] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1473.675125][ T6174] usb 1-1: Product: syz [ 1473.683340][ T6174] usb 1-1: Manufacturer: syz [ 1473.697979][ T6174] usb 1-1: SerialNumber: syz [ 1473.711435][ T6174] usb 1-1: config 0 descriptor?? [ 1474.083866][ T820] usb usb9: usbfs: process 820 (syz.2.12519) did not claim interface 3 before use [ 1474.110015][T17047] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 1474.175597][ T6174] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): set LINK LED failed : -71 [ 1474.200691][ T6174] CoreChips: probe of 1-1:0.41 failed with error -71 [ 1474.229430][ T6174] usb 1-1: USB disconnect, device number 31 [ 1474.315899][T17047] usb 2-1: Using ep0 maxpacket: 8 [ 1474.326104][T17047] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1474.337125][T17047] usb 2-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 1474.351720][T17047] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1474.370060][T17047] usb 2-1: Product: syz [ 1474.374503][T17047] usb 2-1: Manufacturer: syz [ 1474.379170][T17047] usb 2-1: SerialNumber: syz [ 1474.396020][T17047] usb 2-1: config 0 descriptor?? [ 1474.419898][T17047] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 found [ 1474.657837][T17047] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 now disconnected [ 1474.670348][T17047] snd_usb_toneport: probe of 2-1:0.0 failed with error -22 [ 1474.932661][T17047] usb 2-1: USB disconnect, device number 38 [ 1475.318241][ T28] audit: type=1326 audit(2000008448.724:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=851 comm="syz.2.12534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8d1b9c799 code=0x7ffc0000 [ 1475.375124][ T28] audit: type=1326 audit(2000008448.724:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=851 comm="syz.2.12534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8d1b9c799 code=0x7ffc0000 [ 1475.405337][ T28] audit: type=1326 audit(2000008448.751:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=851 comm="syz.2.12534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=445 compat=0 ip=0x7fa8d1b9c799 code=0x7ffc0000 [ 1475.433089][ T855] overlayfs: conflicting options: nfs_export=on,index=off [ 1475.479515][ T28] audit: type=1326 audit(2000008448.751:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=851 comm="syz.2.12534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8d1b9c799 code=0x7ffc0000 [ 1475.584299][ T28] audit: type=1326 audit(2000008448.751:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=851 comm="syz.2.12534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8d1b9c799 code=0x7ffc0000 [ 1476.112673][ T880] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 1476.150520][ T877] loop3: detected capacity change from 0 to 2048 [ 1476.182637][ T877] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1476.225773][ T882] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1476.366327][ T877] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 3044605952 [ 1476.390138][ T877] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=15) [ 1476.418290][ T877] Remounting filesystem read-only [ 1476.424594][ T877] NILFS (loop3): error -5 truncating bmap (ino=15) [ 1476.500135][ T865] loop0: detected capacity change from 0 to 32768 [ 1476.512744][ T865] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 1476.543065][ T865] JBD2: Ignoring recovery information on journal [ 1476.652002][ T6422] NILFS (loop3): discard dirty page: offset=0, ino=6 [ 1476.687946][ T6422] NILFS (loop3): discard dirty block: blocknr=0, size=1024 [ 1476.712274][ T6422] NILFS (loop3): discard dirty block: blocknr=36, size=1024 [ 1476.737572][ T865] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 1476.750363][ T6422] NILFS (loop3): discard dirty block: blocknr=37, size=1024 [ 1476.789144][ T6422] NILFS (loop3): discard dirty block: blocknr=38, size=1024 [ 1476.829796][ T6422] NILFS (loop3): discard dirty page: offset=0, ino=3 [ 1476.849206][ T6422] NILFS (loop3): discard dirty block: blocknr=42, size=1024 [ 1476.871415][ T6422] NILFS (loop3): discard dirty block: blocknr=43, size=1024 [ 1476.901709][ T6422] NILFS (loop3): discard dirty block: blocknr=44, size=1024 [ 1476.916964][ T6422] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1476.937473][ T6422] NILFS (loop3): discard dirty page: offset=196608, ino=3 [ 1476.968615][ T6422] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1476.985506][ T6422] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1477.023905][ T6422] NILFS (loop3): discard dirty block: blocknr=49, size=1024 [ 1477.045131][ T6422] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 1477.168379][ T910] loop1: detected capacity change from 0 to 764 [ 1477.196208][ T910] rock: directory entry would overflow storage [ 1477.210240][ T6415] ocfs2: Unmounting device (7,0) on (node local) [ 1477.242099][ T910] rock: sig=0x4654, size=5, remaining=4 [ 1477.473777][ T919] netlink: 56 bytes leftover after parsing attributes in process `syz.1.12562'. [ 1477.773232][T22209] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 1477.911237][ T938] loop1: detected capacity change from 0 to 256 [ 1477.978940][T22209] usb 3-1: Using ep0 maxpacket: 8 [ 1477.985363][ T938] FAT-fs (loop1): Directory bread(block 64) failed [ 1478.003128][T22209] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 1478.022516][ T938] FAT-fs (loop1): Directory bread(block 65) failed [ 1478.037994][T22209] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 1478.055009][ T938] FAT-fs (loop1): Directory bread(block 66) failed [ 1478.061743][T22209] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 1478.076330][ T938] FAT-fs (loop1): Directory bread(block 67) failed [ 1478.083149][ T938] FAT-fs (loop1): Directory bread(block 68) failed [ 1478.095781][T22209] usb 3-1: Product: syz [ 1478.100441][T22209] usb 3-1: Manufacturer: syz [ 1478.105288][T22209] usb 3-1: SerialNumber: syz [ 1478.110741][ T938] FAT-fs (loop1): Directory bread(block 69) failed [ 1478.137613][ T938] FAT-fs (loop1): Directory bread(block 70) failed [ 1478.148802][ T938] FAT-fs (loop1): Directory bread(block 71) failed [ 1478.162501][ T938] FAT-fs (loop1): Directory bread(block 72) failed [ 1478.171174][ T938] FAT-fs (loop1): Directory bread(block 73) failed [ 1478.393670][T22209] usb 3-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 1478.412972][T22209] usb 3-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 1478.434069][T22209] usb 3-1: Handspring Visor / Palm OS: Number of ports: 2 [ 1478.617536][ T958] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1478.642934][T22209] usb 3-1: palm_os_3_probe - error -71 getting bytes available request [ 1478.657450][T22209] visor 3-1:1.0: Handspring Visor / Palm OS converter detected [ 1478.679739][T22209] usb 3-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 1478.738036][T22209] usb 3-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 1478.761568][T22209] usb 3-1: USB disconnect, device number 36 [ 1478.792497][T22209] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 1478.812708][ T960] loop3: detected capacity change from 0 to 256 [ 1478.835705][T22209] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 1478.852142][T22209] visor 3-1:1.0: device disconnected [ 1478.928226][ T960] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1478.966701][ T964] loop1: detected capacity change from 0 to 1024 [ 1479.147666][ T964] hfsplus: b-tree write err: -5, ino 2 [ 1479.342878][T16644] hfsplus: b-tree write err: -5, ino 25 [ 1479.359645][T16644] hfsplus: b-tree write err: -5, ino 4 [ 1479.365465][T16644] hfsplus: b-tree write err: -5, ino 2 [ 1479.854808][ T987] loop3: detected capacity change from 0 to 4096 [ 1479.907359][ T987] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1479.916191][ T993] loop0: detected capacity change from 0 to 1024 [ 1480.028531][ T6422] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1480.058065][ T993] hfsplus: b-tree write err: -5, ino 2 [ 1480.193012][ T2974] hfsplus: b-tree write err: -5, ino 25 [ 1480.198884][ T2974] hfsplus: b-tree write err: -5, ino 4 [ 1480.222841][ T2974] hfsplus: b-tree write err: -5, ino 2 [ 1480.934860][ T1041] x_tables: ip_tables: osf match: only valid for protocol 6 [ 1481.065571][ T1050] loop3: detected capacity change from 0 to 64 [ 1481.410033][ T1064] program syz.0.12620 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1481.459184][ T1067] netlink: 40 bytes leftover after parsing attributes in process `syz.2.12621'. [ 1481.512940][ T6174] usb 2-1: new high-speed USB device number 39 using dummy_hcd [ 1481.660501][ T28] audit: type=1326 audit(2000008454.574:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1071 comm="syz.2.12623" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa8d1b9c799 code=0x0 [ 1481.750478][ T6174] usb 2-1: Using ep0 maxpacket: 16 [ 1481.758095][ T6174] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1481.779857][ T6174] usb 2-1: New USB device found, idVendor=0c45, idProduct=760b, bcdDevice= 0.00 [ 1481.800549][ T6174] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1481.822563][ T6174] usb 2-1: config 0 descriptor?? [ 1481.854395][ T6174] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 1482.076230][ T6174] usb 2-1: USB disconnect, device number 39 [ 1482.276903][ T1084] loop3: detected capacity change from 0 to 8192 [ 1482.351625][ T1076] loop0: detected capacity change from 0 to 32768 [ 1482.364731][ T1084] loop3: p1 < > p2 p3 < p5 p6 > p4 [ 1482.372365][ T1084] loop3: partition table partially beyond EOD, truncated [ 1482.390183][ T1084] loop3: p1 start 100663296 is beyond EOD, truncated [ 1482.404659][ T1084] loop3: p2 size 134217732 extends beyond EOD, truncated [ 1482.446814][ T1084] loop3: p4 size 14876672 extends beyond EOD, truncated [ 1482.471160][ T1084] loop3: p5 size 134217732 extends beyond EOD, truncated [ 1482.494926][ T1084] loop3: p6 size 14876672 extends beyond EOD, truncated [ 1482.906826][ T1101] program syz.2.12637 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1482.927288][ T1101] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 1483.141677][ T9357] udevd[9357]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 1483.145670][ T5760] udevd[5760]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 1483.173312][ T6325] udevd[6325]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory [ 1483.184596][ T7235] udevd[7235]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 1483.194630][ T6576] udevd[6576]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory [ 1483.318360][ T1111] loop1: detected capacity change from 0 to 256 [ 1483.425566][ T1111] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1483.467418][ T1117] netlink: 64 bytes leftover after parsing attributes in process `syz.3.12644'. [ 1484.128992][ T1140] netlink: 'syz.3.12654': attribute type 1 has an invalid length. [ 1484.449272][ T1153] netlink: 'syz.1.12659': attribute type 1 has an invalid length. [ 1484.644315][ T1158] loop0: detected capacity change from 0 to 4096 [ 1484.699661][ T1158] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1484.897730][ T6415] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1484.973153][ T1179] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12670'. [ 1485.473936][ T1199] netlink: 'syz.0.12681': attribute type 1 has an invalid length. [ 1485.484617][ T1199] netlink: 228 bytes leftover after parsing attributes in process `syz.0.12681'. [ 1485.728133][T22209] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 1485.956694][T22209] usb 3-1: Using ep0 maxpacket: 16 [ 1485.964292][T22209] usb 3-1: config 0 has an invalid interface number: 104 but max is 1 [ 1485.982870][T22209] usb 3-1: config 0 has an invalid interface number: 104 but max is 1 [ 1486.026510][T22209] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 1486.057748][T22209] usb 3-1: config 0 has no interface number 0 [ 1486.074957][T22209] usb 3-1: config 0 interface 104 altsetting 0 endpoint 0x8 has an invalid bInterval 0, changing to 7 [ 1486.096587][T22209] usb 3-1: config 0 interface 104 has no altsetting 1 [ 1486.106451][T22209] usb 3-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice= 0.00 [ 1486.125314][ T1195] loop3: detected capacity change from 0 to 32768 [ 1486.132076][T22209] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1486.140654][T22209] usb 3-1: Product: syz [ 1486.151166][T22209] usb 3-1: Manufacturer: syz [ 1486.161527][T22209] usb 3-1: SerialNumber: syz [ 1486.167654][ T1195] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.12679 (1195) [ 1486.185040][T22209] usb 3-1: config 0 descriptor?? [ 1486.205954][T22209] asix: probe of 3-1:0.104 failed with error -22 [ 1486.236534][ T1195] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1486.259770][ T1195] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 1486.272276][ T1195] BTRFS info (device loop3): force zlib compression, level 3 [ 1486.279763][ T1195] BTRFS info (device loop3): force clearing of disk cache [ 1486.287484][ T1195] BTRFS info (device loop3): setting nodatasum [ 1486.294161][ T1195] BTRFS info (device loop3): allowing degraded mounts [ 1486.301085][ T1195] BTRFS info (device loop3): enabling disk space caching [ 1486.312433][ T1195] BTRFS info (device loop3): disk space caching is enabled [ 1486.499921][T22209] usb 3-1: USB disconnect, device number 37 [ 1486.567699][ T1195] BTRFS info (device loop3): auto enabling async discard [ 1486.590141][ T1195] BTRFS info (device loop3): rebuilding free space tree [ 1486.646761][ T1195] BTRFS info (device loop3): disabling free space tree [ 1486.666033][ T1195] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 1486.693676][ T1195] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 1486.823067][ T6422] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1486.911113][ T1209] loop1: detected capacity change from 0 to 40427 [ 1486.959280][ T1209] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x7ffff [ 1486.994254][ T1209] F2FS-fs (loop1): Image doesn't support compression [ 1487.014297][ T1209] F2FS-fs (loop1): Image doesn't support compression [ 1487.041056][ T1209] F2FS-fs (loop1): invalid crc value [ 1487.077321][ T1209] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1487.083859][ T5760] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 11 /dev/loop3 scanned by udevd (5760) [ 1487.276601][ T1209] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1487.698749][ T28] audit: type=1107 audit(2000008460.138:556): pid=1259 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 1487.906567][ T6174] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 1487.937304][ T1268] tmpfs: Bad value for 'mpol' [ 1488.157168][ T6174] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1488.189037][ T6174] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1488.212409][ T6174] usb 4-1: config 0 descriptor?? [ 1488.323232][ T1279] x_tables: unsorted underflow at hook 3 [ 1488.670845][ T6174] [drm:udl_init] *ERROR* Selecting channel failed [ 1488.711336][ T6174] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2 [ 1488.740934][ T6174] [drm] Initialized udl on minor 2 [ 1488.757346][ T6174] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1488.785087][ T6174] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 1488.797492][T17047] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1488.828389][ T6174] usb 4-1: USB disconnect, device number 38 [ 1488.836872][T17047] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed [ 1488.872297][T17047] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 1489.539867][ T1319] netlink: 'syz.2.12725': attribute type 21 has an invalid length. [ 1489.571978][ T1319] netlink: 132 bytes leftover after parsing attributes in process `syz.2.12725'. [ 1489.965873][ T1334] vivid-001: disconnect [ 1489.993212][ T1333] vivid-001: reconnect [ 1490.778575][ T1372] netlink: 12 bytes leftover after parsing attributes in process `syz.2.12751'. [ 1490.843438][ T1374] xt_TCPMSS: Only works on TCP SYN packets [ 1491.258887][ T1389] loop1: detected capacity change from 0 to 256 [ 1491.405154][ T1395] vivid-001: ================= START STATUS ================= [ 1491.439682][ T1395] vivid-001: RDS Tx I/O Mode: Controls [ 1491.446291][ T1395] vivid-001: RDS Program ID: 32904 [ 1491.473493][ T1395] vivid-001: RDS Program Type: 3 [ 1491.483072][ T1395] vivid-001: RDS PS Name: VIVID-TX [ 1491.488306][ T1395] vivid-001: RDS Radio Text: This is a VIVID default Radio Text template text, change at will [ 1491.534278][ T1395] vivid-001: RDS Stereo: true [ 1491.549996][ T1395] vivid-001: RDS Artificial Head: false [ 1491.569712][ T1395] vivid-001: RDS Compressed: false [ 1491.583924][ T1395] vivid-001: RDS Dynamic PTY: false [ 1491.589241][ T1395] vivid-001: RDS Traffic Announcement: false [ 1491.620278][ T1395] vivid-001: RDS Traffic Program: true [ 1491.634655][ T1401] netlink: 56 bytes leftover after parsing attributes in process `syz.2.12765'. [ 1491.637342][ T1395] vivid-001: RDS Music: true [ 1491.662361][ T1401] netlink: 12 bytes leftover after parsing attributes in process `syz.2.12765'. [ 1491.667162][ T1395] vivid-001: ================== END STATUS ================== [ 1491.703186][ T1401] netlink: 31 bytes leftover after parsing attributes in process `syz.2.12765'. [ 1491.746317][ T1401] netlink: 'syz.2.12765': attribute type 2 has an invalid length. [ 1491.760223][ T1401] netlink: 31 bytes leftover after parsing attributes in process `syz.2.12765'. [ 1491.912270][ T1407] netlink: 132 bytes leftover after parsing attributes in process `syz.0.12768'. [ 1491.935431][ T1409] netlink: 'syz.1.12769': attribute type 32 has an invalid length. [ 1492.084502][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 1492.091022][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 1492.284840][ T27] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 1492.415326][ T9751] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 1492.492135][ T27] usb 4-1: Using ep0 maxpacket: 8 [ 1492.499398][ T27] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 1492.516038][ T27] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 1492.528927][ T27] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 1492.542722][ T27] usb 4-1: Product: syz [ 1492.551665][ T27] usb 4-1: Manufacturer: syz [ 1492.551822][ T1433] netlink: 16 bytes leftover after parsing attributes in process `syz.1.12781'. [ 1492.571157][ T27] usb 4-1: SerialNumber: syz [ 1492.621029][ T9751] usb 3-1: Using ep0 maxpacket: 32 [ 1492.634003][ T9751] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1492.659521][ T9751] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 1492.690828][ T9751] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1492.704019][ T9751] usb 3-1: Product: syz [ 1492.710315][ T9751] usb 3-1: Manufacturer: syz [ 1492.715229][ T9751] usb 3-1: SerialNumber: syz [ 1492.732335][ T9751] usb 3-1: config 0 descriptor?? [ 1492.752038][ T9751] usb 3-1: bad CDC descriptors [ 1492.757792][ T9751] usb 3-1: unsupported MDLM descriptors [ 1492.772701][ T1435] netlink: 'syz.1.12782': attribute type 27 has an invalid length. [ 1492.826083][ T27] usb 4-1: Handspring Visor / Palm OS: No valid connect info available [ 1492.837548][ T27] usb 4-1: Handspring Visor / Palm OS: port 106, is for unknown use [ 1492.846437][ T27] usb 4-1: Handspring Visor / Palm OS: port 214, is for Remote File System use [ 1492.890084][ T27] usb 4-1: Handspring Visor / Palm OS: Number of ports: 2 [ 1493.028729][ T9751] usb 3-1: USB disconnect, device number 38 [ 1493.046383][ T27] usb 4-1: palm_os_3_probe - error -71 getting bytes available request [ 1493.062771][ T27] visor 4-1:1.0: Handspring Visor / Palm OS converter detected [ 1493.085474][ T27] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 1493.113058][ T27] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 1493.137147][ T27] usb 4-1: USB disconnect, device number 39 [ 1493.159173][ T27] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 1493.213698][ T27] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 1493.233638][ T1431] loop0: detected capacity change from 0 to 32768 [ 1493.250142][ T27] visor 4-1:1.0: device disconnected [ 1493.564999][ T1443] netlink: 830 bytes leftover after parsing attributes in process `syz.1.12787'. [ 1493.919922][ T1453] comedi comedi4: bad chanlist[0]=0xfffffffe chan=65534 range length=2 [ 1494.107402][ T1460] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1494.277598][ T1465] loop1: detected capacity change from 0 to 2048 [ 1494.337307][ T1468] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1494.470920][ T1472] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 1494.808459][ T1484] loop0: detected capacity change from 0 to 16 [ 1494.833297][ T1484] erofs: (device loop0): mounted with root inode @ nid 36. [ 1494.888246][ T1484] erofs: (device loop0): z_erofs_fill_inode_lazy: big pcluster head1/2 of compact indexes should be consistent for nid 36 [ 1494.920168][ T1484] erofs: (device loop0): z_erofs_fill_inode_lazy: big pcluster head1/2 of compact indexes should be consistent for nid 36 [ 1494.965765][ T1484] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 72 of nid 36 [ 1495.166850][ T1492] netlink: 72 bytes leftover after parsing attributes in process `syz.1.12810'. [ 1495.199083][ T1492] netlink: 172 bytes leftover after parsing attributes in process `syz.1.12810'. [ 1495.226123][ T1498] loop3: detected capacity change from 0 to 256 [ 1495.249685][ T1498] FAT-fs (loop3): Directory bread(block 64) failed [ 1495.256986][ T1498] FAT-fs (loop3): Directory bread(block 65) failed [ 1495.263686][ T1498] FAT-fs (loop3): Directory bread(block 66) failed [ 1495.279425][ T1498] FAT-fs (loop3): Directory bread(block 67) failed [ 1495.286172][ T1498] FAT-fs (loop3): Directory bread(block 68) failed [ 1495.319654][ T1498] FAT-fs (loop3): Directory bread(block 69) failed [ 1495.347502][ T1498] FAT-fs (loop3): Directory bread(block 70) failed [ 1495.354944][ T1498] FAT-fs (loop3): Directory bread(block 71) failed [ 1495.383849][ T1498] FAT-fs (loop3): Directory bread(block 72) failed [ 1495.420255][ T28] audit: type=1326 audit(2000008467.270:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1499 comm="syz.0.12814" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa662f9c799 code=0x0 [ 1495.452243][ T1498] FAT-fs (loop3): Directory bread(block 73) failed [ 1495.495713][ T1504] netlink: 16 bytes leftover after parsing attributes in process `syz.1.12816'. [ 1495.525385][ T1504] netlink: 16 bytes leftover after parsing attributes in process `syz.1.12816'. [ 1495.606145][ T28] audit: type=1326 audit(2000008467.445:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1505 comm="syz.0.12817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa662f9c799 code=0x7ffc0000 [ 1495.677071][ T28] audit: type=1326 audit(2000008467.445:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1505 comm="syz.0.12817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa662f9c799 code=0x7ffc0000 [ 1495.761132][ T28] audit: type=1326 audit(2000008467.482:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1505 comm="syz.0.12817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=453 compat=0 ip=0x7fa662f9c799 code=0x7ffc0000 [ 1495.857244][ T28] audit: type=1326 audit(2000008467.482:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1505 comm="syz.0.12817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa662f9c799 code=0x7ffc0000 [ 1495.913415][ T28] audit: type=1326 audit(2000008467.482:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1505 comm="syz.0.12817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa662f9c799 code=0x7ffc0000 [ 1496.278348][ T1527] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 1496.980266][ T1557] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12840'. [ 1497.043122][ T1557] netlink: 28 bytes leftover after parsing attributes in process `syz.3.12840'. [ 1497.929279][ T1598] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.12860'. [ 1497.945144][ T1598] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 1497.957782][ T1598] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1498.417071][ T1617] netlink: 80 bytes leftover after parsing attributes in process `syz.1.12870'. [ 1498.489841][ T1620] xt_NFQUEUE: number of queues (65532) out of range (got 66665) [ 1498.784149][ T1634] netlink: 20 bytes leftover after parsing attributes in process `syz.1.12877'. [ 1498.830927][ T1634] veth2: entered promiscuous mode [ 1498.836072][ T1634] veth2: entered allmulticast mode [ 1500.276470][ T1691] loop3: detected capacity change from 0 to 4096 [ 1500.366000][ T1698] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1500.679278][ T1680] loop1: detected capacity change from 0 to 32768 [ 1500.776841][ T1680] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 1501.073535][ T6418] ocfs2: Unmounting device (7,1) on (node local) [ 1501.721255][ T1737] bridge4: the hash_elasticity option has been deprecated and is always 16 [ 1501.738803][ T1737] bridge4: entered promiscuous mode [ 1501.744346][ T1737] bridge4: entered allmulticast mode [ 1502.097811][ T1755] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12936'. [ 1502.107353][ T1755] netlink: 312 bytes leftover after parsing attributes in process `syz.1.12936'. [ 1502.136418][T15878] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 1502.353273][T15878] usb 4-1: Using ep0 maxpacket: 8 [ 1502.365566][T15878] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 1502.378458][T15878] usb 4-1: config 179 has no interface number 0 [ 1502.384856][T15878] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 1502.430191][T15878] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 1502.451398][T15878] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 1502.469896][T15878] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 1502.504560][T15878] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1502.518898][T15878] usb 4-1: config 179 interface 65 has no altsetting 0 [ 1502.525884][T15878] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 1502.535298][T15878] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1502.568416][T15878] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input65 [ 1502.652643][ T5123] input input65: unable to receive magic message: -110 [ 1502.674445][ T1770] netlink: 20 bytes leftover after parsing attributes in process `syz.0.12943'. [ 1502.685604][ T1770] netlink: 40 bytes leftover after parsing attributes in process `syz.0.12943'. [ 1502.878787][ T1772] netlink: 'syz.0.12944': attribute type 10 has an invalid length. [ 1502.955079][ T1772] hsr0: entered promiscuous mode [ 1502.960561][ T5123] input input65: unable to receive magic message: -32 [ 1502.986595][ T5123] input input65: unable to receive magic message: -32 [ 1503.012332][ T5123] input input65: unable to receive magic message: -32 [ 1503.036530][ T1772] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 1503.057962][ T5123] input input65: unable to receive magic message: -32 [ 1503.068323][ T1772] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 1503.100017][T22209] usb 4-1: USB disconnect, device number 40 [ 1503.100093][ C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1503.112545][ T1772] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 1503.115316][ C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 1503.135804][ C1] vkms_vblank_simulate: vblank timer overrun [ 1503.153331][ T1772] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 1503.154878][T22209] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 1503.230269][ T1774] CIFS mount error: No usable UNC path provided in device string! [ 1503.230269][ T1774] [ 1503.259692][ T1774] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1503.663820][ T1788] loop0: detected capacity change from 0 to 4096 [ 1503.693364][ T1788] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1503.781359][ T1788] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 1503.919219][ T1788] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 1503.956900][ T1788] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 1503.984059][ C1] vkms_vblank_simulate: vblank timer overrun [ 1504.000246][ T1788] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 1504.010225][ T1788] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 1504.070779][ T1788] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 1504.098152][ T1788] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 1504.149469][ T1788] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 1504.185385][ T1788] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 1504.226311][ T1788] ntfs: volume version 3.1. [ 1504.745632][ T1820] kAFS: unable to lookup cell '(,c' [ 1505.159193][ T1835] loop0: detected capacity change from 0 to 256 [ 1505.351064][ T1835] FAT-fs (loop0): Directory bread(block 64) failed [ 1505.368915][ T1835] FAT-fs (loop0): Directory bread(block 65) failed [ 1505.375677][ T1835] FAT-fs (loop0): Directory bread(block 66) failed [ 1505.417906][ T1835] FAT-fs (loop0): Directory bread(block 67) failed [ 1505.429246][ T1835] FAT-fs (loop0): Directory bread(block 68) failed [ 1505.447905][ T1835] FAT-fs (loop0): Directory bread(block 69) failed [ 1505.467064][ T1835] FAT-fs (loop0): Directory bread(block 70) failed [ 1505.473699][ T1835] FAT-fs (loop0): Directory bread(block 71) failed [ 1505.507072][ T1835] FAT-fs (loop0): Directory bread(block 72) failed [ 1505.513691][ T1835] FAT-fs (loop0): Directory bread(block 73) failed [ 1505.810655][ T1857] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12984'. [ 1505.838319][ T1857] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12984'. [ 1506.082060][ T6507] usb 3-1: new full-speed USB device number 39 using dummy_hcd [ 1506.170505][ T1871] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.12992'. [ 1506.312775][ T6507] usb 3-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 1506.337235][ T6507] usb 3-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b [ 1506.355924][ T6507] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1506.384844][ T6507] usb 3-1: Product: syz [ 1506.389157][ T6507] usb 3-1: Manufacturer: syz [ 1506.393807][ T6507] usb 3-1: SerialNumber: syz [ 1506.469433][ T6507] usb 3-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state [ 1506.688934][ T1887] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13001'. [ 1506.942794][ T6507] usb 3-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter) [ 1506.996728][ T6507] usb 3-1: USB disconnect, device number 39 [ 1507.496135][ T1914] netlink: 72 bytes leftover after parsing attributes in process `syz.1.13013'. [ 1507.507548][ T1910] loop3: detected capacity change from 0 to 8192 [ 1507.820258][ T1921] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap2 [ 1507.820576][ T1921] ip6gretap2: entered allmulticast mode [ 1508.020335][ T1926] netlink: 'syz.2.13019': attribute type 10 has an invalid length. [ 1508.089860][ T1930] loop3: detected capacity change from 0 to 16 [ 1508.128400][ T1930] erofs: (device loop3): mounted with root inode @ nid 36. [ 1508.811436][ T1955] netlink: 48 bytes leftover after parsing attributes in process `syz.1.13033'. [ 1509.302070][ T1973] loop3: detected capacity change from 0 to 1024 [ 1509.411231][ T1973] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1509.452447][T22209] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 1509.500643][ T1973] EXT4-fs error (device loop3): ext4_lookup:1858: comm syz.3.13041: inode #12: comm syz.3.13041: iget: illegal inode # [ 1509.600793][ T1973] EXT4-fs (loop3): Remounting filesystem read-only [ 1509.636537][T15878] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 1509.655410][T22209] usb 2-1: Using ep0 maxpacket: 32 [ 1509.673807][T22209] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=67.fe [ 1509.683535][T22209] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1509.698359][T22209] usb 2-1: Product: syz [ 1509.705190][T22209] usb 2-1: Manufacturer: syz [ 1509.709873][T22209] usb 2-1: SerialNumber: syz [ 1509.715194][ T6422] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1509.733242][T22209] usb 2-1: config 0 descriptor?? [ 1509.865838][T15878] usb 3-1: Using ep0 maxpacket: 8 [ 1509.877758][T15878] usb 3-1: config 0 has an invalid interface number: 31 but max is 0 [ 1509.889594][T15878] usb 3-1: config 0 has no interface number 0 [ 1509.908569][T15878] usb 3-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 1509.920184][T15878] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1509.928292][T15878] usb 3-1: Product: syz [ 1509.950361][T15878] usb 3-1: Manufacturer: syz [ 1509.955305][T15878] usb 3-1: SerialNumber: syz [ 1509.973599][T15878] usb 3-1: config 0 descriptor?? [ 1509.986680][T22209] snd-usb-6fire 2-1:0.0: unknown device firmware state received from device: [ 1509.996036][T22209] eb 9a 47 80 9b f8 7a f0 [ 1510.000690][T22209] snd-usb-6fire: probe of 2-1:0.0 failed with error -5 [ 1510.028456][ T1986] loop0: detected capacity change from 0 to 4096 [ 1510.188824][ T9751] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 1510.220922][ T6174] usb 2-1: USB disconnect, device number 40 [ 1510.228755][T15878] usb 3-1: Found UVC 0.04 device syz (046d:08c3) [ 1510.245544][T15878] usb 3-1: Failed to initialize entity for entity 6 [ 1510.256561][T15878] usb 3-1: Failed to register entities (-22). [ 1510.416682][ T9751] usb 4-1: Using ep0 maxpacket: 32 [ 1510.430076][ T9751] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1510.449073][ T9751] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 196, changing to 7 [ 1510.471817][ T9751] usb 4-1: New USB device found, idVendor=0dba, idProduct=1000, bcdDevice= 0.40 [ 1510.480956][ T9751] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1510.501751][T15878] usb 3-1: USB disconnect, device number 40 [ 1510.523146][ T9751] usb 4-1: Product: syz [ 1510.530422][ T9751] usb 4-1: Manufacturer: syz [ 1510.535246][ T9751] usb 4-1: SerialNumber: syz [ 1510.795215][ T9751] usb 4-1: unit 6 not found! [ 1510.818383][ T9751] usb 4-1: unit 2 not found! [ 1510.852315][ T9751] snd-usb-audio: probe of 4-1:1.0 failed with error -22 [ 1510.883288][ T9751] usb 4-1: unit 6 not found! [ 1510.888025][ T9751] usb 4-1: unit 2 not found! [ 1510.908367][ T9751] snd-usb-audio: probe of 4-1:1.1 failed with error -22 [ 1510.932349][ T9751] usb 4-1: unit 6 not found! [ 1510.946430][ T9751] usb 4-1: unit 2 not found! [ 1510.958296][ T2002] netlink: 'syz.1.13054': attribute type 1 has an invalid length. [ 1510.979860][ T2002] netlink: 224 bytes leftover after parsing attributes in process `syz.1.13054'. [ 1511.083109][ T9751] snd-usb-audio: probe of 4-1:1.2 failed with error -22 [ 1511.133268][ T9751] usb 4-1: USB disconnect, device number 41 [ 1511.242297][ T6576] udevd[6576]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1511.532205][ T2016] netlink: 164 bytes leftover after parsing attributes in process `syz.1.13061'. [ 1512.631768][ T2060] netlink: 44 bytes leftover after parsing attributes in process `syz.2.13083'. [ 1512.868267][ T2064] loop0: detected capacity change from 0 to 2048 [ 1512.901837][ T2071] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1512.959957][ T2064] NILFS error (device loop0): nilfs_check_page: bad entry in directory #2: disallowed inode number - offset=0, inode=7, rec_len=16, name_len=1 [ 1513.025664][ T2064] Remounting filesystem read-only [ 1513.283703][ T2079] netlink: 220 bytes leftover after parsing attributes in process `syz.1.13093'. [ 1513.336152][ T2079] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13093'. [ 1513.364584][ T2079] tc_dump_action: action bad kind [ 1514.165337][ C1] sd 0:0:1:0: [sda] tag#8460 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 1514.175931][ C1] sd 0:0:1:0: [sda] tag#8460 CDB: Read(6) 08 00 00 00 03 44 [ 1514.814364][ T2144] overlayfs: conflicting options: metacopy=off,verity=on [ 1514.885578][ T2150] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13126'. [ 1515.229183][ T28] kauditd_printk_skb: 10 callbacks suppressed [ 1515.229200][ T28] audit: type=1326 audit(2000008485.540:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2164 comm="syz.3.13135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1515.272009][ T28] audit: type=1326 audit(2000008485.576:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2164 comm="syz.3.13135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1515.295517][ T28] audit: type=1326 audit(2000008485.595:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2164 comm="syz.3.13135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1515.358062][ T28] audit: type=1326 audit(2000008485.595:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2164 comm="syz.3.13135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1515.393468][ T28] audit: type=1326 audit(2000008485.595:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2164 comm="syz.3.13135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863299c799 code=0x7ffc0000 [ 1515.455050][ T2168] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13136'. [ 1515.466751][T15878] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 1515.683622][T15878] usb 1-1: Using ep0 maxpacket: 8 [ 1515.693599][T15878] usb 1-1: config 0 has an invalid interface number: 6 but max is 2 [ 1515.715285][T15878] usb 1-1: config 0 has an invalid interface number: 176 but max is 2 [ 1515.748896][T15878] usb 1-1: config 0 has no interface number 1 [ 1515.767888][T15878] usb 1-1: config 0 has no interface number 2 [ 1515.802967][T15878] usb 1-1: too many endpoints for config 0 interface 0 altsetting 255: 255, using maximum allowed: 30 [ 1515.827465][T15878] usb 1-1: config 0 interface 0 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 1515.854664][T15878] usb 1-1: config 0 interface 0 has no altsetting 0 [ 1515.886618][T15878] usb 1-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac [ 1515.896045][T15878] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1515.954655][T15878] usb 1-1: config 0 descriptor?? [ 1516.038459][ T2190] netlink: 'syz.1.13145': attribute type 1 has an invalid length. [ 1516.057674][ T2190] netlink: 'syz.1.13145': attribute type 2 has an invalid length. [ 1516.191802][T15878] usb 1-1: Could not set interface, error -71 [ 1516.249692][T15878] qmi_wwan: probe of 1-1:0.0 failed with error -22 [ 1516.293308][T15878] usb 1-1: USB disconnect, device number 32 [ 1516.818071][ T2212] virtiofs: Unknown parameter 'always' [ 1516.832529][ T2214] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13159'. [ 1516.980819][ T2196] loop1: detected capacity change from 0 to 32768 [ 1517.003421][ T2196] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.13150 (2196) [ 1517.068813][ T2196] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1517.087032][ T2196] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 1517.113447][ T2196] BTRFS info (device loop1): using free space tree [ 1517.238856][ T2196] BTRFS info (device loop1): enabling ssd optimizations [ 1517.263405][ T2196] BTRFS info (device loop1): auto enabling async discard [ 1517.292371][ T6507] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 1517.419993][ T2236] loop0: detected capacity change from 0 to 4096 [ 1517.441857][ T2236] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 1517.479677][ T2243] ALSA: mixer_oss: invalid OSS volume ';ʸgԊ8\>Pxi9 h~)V' [ 1517.492040][ T6418] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1517.502946][ T2243] ALSA: mixer_oss: invalid OSS volume '*bbX-]OF{T0pc' [ 1517.502974][ T2243] ALSA: mixer_oss: invalid OSS volume 'gI"4-Z' [ 1517.502991][ T2243] ALSA: mixer_oss: invalid OSS volume 'eQCȡ*qpAڜe T|K' [ 1517.538949][ T6507] usb 3-1: Using ep0 maxpacket: 16 [ 1517.548028][ T6507] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1517.558546][ T2243] ALSA: mixer_oss: invalid OSS volume ':az]qeXfb]݆B.' [ 1517.567462][ T2243] ALSA: mixer_oss: invalid OSS volume 'j|q⩃˚[w3^.ג' [ 1517.593262][ T6507] usb 3-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=50.0d [ 1517.600789][ T2243] ALSA: mixer_oss: invalid OSS volume '"P޸ۜo[8>7|YMepq' [ 1517.611661][ T2243] ALSA: mixer_oss: invalid OSS volume 'wI׷#t\W,bP=&e' [ 1517.624151][ T2243] ALSA: mixer_oss: invalid OSS volume ']za-!)ϻvCYps' [ 1517.626121][ T6507] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1517.633299][ T2243] ALSA: mixer_oss: invalid OSS volume 'LE]Dxt݂OY3fk$T "' [ 1517.674160][ T6507] usb 3-1: Product: syz [ 1517.683994][ T2243] ALSA: mixer_oss: invalid OSS volume '[' [ 1517.701121][ T2243] ALSA: mixer_oss: invalid OSS volume '3A14IN+|\' [ 1517.709379][ T6507] usb 3-1: Manufacturer: syz [ 1517.718386][ T6507] usb 3-1: SerialNumber: syz [ 1517.734458][ T6507] usb 3-1: config 0 descriptor?? [ 1517.754228][ T2243] ALSA: mixer_oss: invalid OSS volume '$ 0b eb b7 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 7f fc ff ff 4c [ 1523.556027][ T2974] RSP: 0018:ffffc9000bef6e18 EFLAGS: 00010246 [ 1523.556057][ T2974] RAX: 000000000000001f RBX: ffff888053a88000 RCX: 3badd7eed6be7700 [ 1523.556075][ T2974] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 1523.556089][ T2974] RBP: 0000000000000000 R08: ffffc9000bef6b27 R09: 1ffff920017ded64 [ 1523.556106][ T2974] R10: dffffc0000000000 R11: fffff520017ded65 R12: 0000000000000000 [ 1523.556140][ T2974] R13: ffff888053a880e0 R14: ffff888025213500 R15: dffffc0000000000 [ 1523.556158][ T2974] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 1523.556178][ T2974] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1523.556194][ T2974] CR2: 00007f8632be5458 CR3: 000000002c6f7000 CR4: 00000000003506e0 [ 1523.556215][ T2974] Call Trace: [ 1523.556224][ T2974] [ 1523.556241][ T2974] hfs_bmap_alloc+0x541/0x5d0 [ 1523.556272][ T2974] ? hfs_bmap_reserve+0x430/0x430 [ 1523.556307][ T2974] hfs_btree_inc_height+0x101/0xac0 [ 1523.556333][ T2974] ? hfs_brec_insert+0x6fa/0xbd0 [ 1523.556360][ T2974] ? hfs_brec_insert+0xbd0/0xbd0 [ 1523.556429][ T2974] ? do_raw_spin_unlock+0x121/0x230 [ 1523.556466][ T2974] hfs_brec_insert+0x748/0xbd0 [ 1523.556512][ T2974] ? hfs_brec_keylen+0x360/0x360 [ 1523.556548][ T2974] __hfs_ext_write_extent+0x2a1/0x470 [ 1523.556579][ T2974] hfs_ext_write_extent+0x17f/0x210 [ 1523.556603][ T2974] ? verify_lock_unused+0x140/0x140 [ 1523.556631][ T2974] ? hfs_ext_find_block+0x190/0x190 [ 1523.556667][ T2974] ? blk_start_plug+0x51/0x1a0 [ 1523.556696][ T2974] hfs_write_inode+0xdc/0x880 [ 1523.556722][ T2974] ? hfs_inode_write_fork+0x1a0/0x1a0 [ 1523.556755][ T2974] ? __writeback_single_inode+0x48d/0xec0 [ 1523.556790][ T2974] ? __lock_acquire+0x7d40/0x7d40 [ 1523.556815][ T2974] ? do_raw_spin_lock+0x11f/0x2c0 [ 1523.556848][ T2974] ? __rwlock_init+0x150/0x150 [ 1523.556888][ T2974] __writeback_single_inode+0x705/0xec0 [ 1523.556929][ T2974] writeback_sb_inodes+0x7cd/0xf50 [ 1523.556990][ T2974] ? queue_io+0x550/0x550 [ 1523.557049][ T2974] ? rcu_is_watching+0x15/0xb0 [ 1523.557089][ T2974] wb_writeback+0x46a/0xbf0 [ 1523.557128][ T2974] ? queue_io+0x3b1/0x550 [ 1523.557166][ T2974] ? percpu_ref_tryget+0x250/0x250 [ 1523.557200][ T2974] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 1523.557238][ T2974] ? _raw_spin_unlock_irq+0x23/0x50 [ 1523.557271][ T2974] wb_workfn+0x400/0xe60 [ 1523.557299][ T2974] ? try_to_wake_up+0x70a/0x1190 [ 1523.557338][ T2974] ? inode_wait_for_writeback+0x230/0x230 [ 1523.557384][ T2974] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 1523.557413][ T2974] ? read_lock_is_recursive+0x20/0x20 [ 1523.557445][ T2974] ? _raw_spin_unlock_irq+0x23/0x50 [ 1523.557469][ T2974] ? process_scheduled_works+0x96f/0x15d0 [ 1523.557498][ T2974] ? process_scheduled_works+0x96f/0x15d0 [ 1523.557526][ T2974] process_scheduled_works+0xa5d/0x15d0 [ 1523.557586][ T2974] ? worker_attach_to_pool+0x380/0x380 [ 1523.557620][ T2974] ? assign_work+0x3d2/0x5d0 [ 1523.557651][ T2974] worker_thread+0xa55/0xfc0 [ 1523.557707][ T2974] kthread+0x2fa/0x390 [ 1523.557729][ T2974] ? pr_cont_work+0x560/0x560 [ 1523.557757][ T2974] ? kthread_blkcg+0xd0/0xd0 [ 1523.557778][ T2974] ret_from_fork+0x48/0x80 [ 1523.557804][ T2974] ? kthread_blkcg+0xd0/0xd0 [ 1523.557828][ T2974] ret_from_fork_asm+0x11/0x20 [ 1523.557875][ T2974] [ 1523.557888][ T2974] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1523.557900][ T2974] CPU: 1 PID: 2974 Comm: kworker/u4:7 Not tainted syzkaller #0 [ 1523.557919][ T2974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1523.557933][ T2974] Workqueue: writeback wb_workfn (flush-7:0) [ 1523.557967][ T2974] Call Trace: [ 1523.557975][ T2974] [ 1523.557983][ T2974] dump_stack_lvl+0x18c/0x250 [ 1523.558019][ T2974] ? show_regs_print_info+0x20/0x20 [ 1523.558096][ T2974] ? load_image+0x400/0x400 [ 1523.558138][ T2974] panic+0x2dc/0x730 [ 1523.558168][ T2974] ? bpf_jit_dump+0xd0/0xd0 [ 1523.558203][ T2974] ? ret_from_fork_asm+0x11/0x20 [ 1523.558238][ T2974] __warn+0x2e0/0x470 [ 1523.558260][ T2974] ? hfs_bnode_create+0x3b9/0x440 [ 1523.558283][ T2974] ? hfs_bnode_create+0x3b9/0x440 [ 1523.558303][ T2974] report_bug+0x2be/0x4f0 [ 1523.558323][ T2974] ? hfs_bnode_create+0x3b9/0x440 [ 1523.558344][ T2974] ? hfs_bnode_create+0x3b9/0x440 [ 1523.558363][ T2974] ? hfs_bnode_create+0x3bb/0x440 [ 1523.558383][ T2974] handle_bug+0xcf/0x120 [ 1523.558416][ T2974] exc_invalid_op+0x1a/0x50 [ 1523.558448][ T2974] asm_exc_invalid_op+0x1a/0x20 [ 1523.558472][ T2974] RIP: 0010:hfs_bnode_create+0x3b9/0x440 [ 1523.558493][ T2974] Code: d4 e0 8a 89 ee e8 47 8c 1f 08 e9 73 fd ff ff e8 1d 1c 2d ff 4c 89 ef e8 45 bc 34 08 48 c7 c7 c0 d4 e0 8a 89 ee e8 27 8c 1f 08 <0f> 0b eb b7 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 7f fc ff ff 4c [ 1523.558510][ T2974] RSP: 0018:ffffc9000bef6e18 EFLAGS: 00010246 [ 1523.558528][ T2974] RAX: 000000000000001f RBX: ffff888053a88000 RCX: 3badd7eed6be7700 [ 1523.558543][ T2974] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 1523.558556][ T2974] RBP: 0000000000000000 R08: ffffc9000bef6b27 R09: 1ffff920017ded64 [ 1523.558571][ T2974] R10: dffffc0000000000 R11: fffff520017ded65 R12: 0000000000000000 [ 1523.558585][ T2974] R13: ffff888053a880e0 R14: ffff888025213500 R15: dffffc0000000000 [ 1523.558619][ T2974] ? hfs_bnode_create+0x3b9/0x440 [ 1523.558644][ T2974] hfs_bmap_alloc+0x541/0x5d0 [ 1523.558672][ T2974] ? hfs_bmap_reserve+0x430/0x430 [ 1523.558704][ T2974] hfs_btree_inc_height+0x101/0xac0 [ 1523.558728][ T2974] ? hfs_brec_insert+0x6fa/0xbd0 [ 1523.558753][ T2974] ? hfs_brec_insert+0xbd0/0xbd0 [ 1523.558780][ T2974] ? do_raw_spin_unlock+0x121/0x230 [ 1523.558815][ T2974] hfs_brec_insert+0x748/0xbd0 [ 1523.558861][ T2974] ? hfs_brec_keylen+0x360/0x360 [ 1523.558895][ T2974] __hfs_ext_write_extent+0x2a1/0x470 [ 1523.558924][ T2974] hfs_ext_write_extent+0x17f/0x210 [ 1523.558946][ T2974] ? verify_lock_unused+0x140/0x140 [ 1523.558972][ T2974] ? hfs_ext_find_block+0x190/0x190 [ 1523.559007][ T2974] ? blk_start_plug+0x51/0x1a0 [ 1523.559040][ T2974] hfs_write_inode+0xdc/0x880 [ 1523.559065][ T2974] ? hfs_inode_write_fork+0x1a0/0x1a0 [ 1523.559099][ T2974] ? __writeback_single_inode+0x48d/0xec0 [ 1523.559133][ T2974] ? __lock_acquire+0x7d40/0x7d40 [ 1523.559155][ T2974] ? do_raw_spin_lock+0x11f/0x2c0 [ 1523.559187][ T2974] ? __rwlock_init+0x150/0x150 [ 1523.559227][ T2974] __writeback_single_inode+0x705/0xec0 [ 1523.559267][ T2974] writeback_sb_inodes+0x7cd/0xf50 [ 1523.559325][ T2974] ? queue_io+0x550/0x550 [ 1523.559373][ T2974] ? rcu_is_watching+0x15/0xb0 [ 1523.559413][ T2974] wb_writeback+0x46a/0xbf0 [ 1523.559448][ T2974] ? queue_io+0x3b1/0x550 [ 1523.559486][ T2974] ? percpu_ref_tryget+0x250/0x250 [ 1523.559518][ T2974] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 1523.559557][ T2974] ? _raw_spin_unlock_irq+0x23/0x50 [ 1523.559588][ T2974] wb_workfn+0x400/0xe60 [ 1523.559614][ T2974] ? try_to_wake_up+0x70a/0x1190 [ 1523.559654][ T2974] ? inode_wait_for_writeback+0x230/0x230 [ 1523.559699][ T2974] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 1523.559727][ T2974] ? read_lock_is_recursive+0x20/0x20 [ 1523.559759][ T2974] ? _raw_spin_unlock_irq+0x23/0x50 [ 1523.559783][ T2974] ? process_scheduled_works+0x96f/0x15d0 [ 1523.559811][ T2974] ? process_scheduled_works+0x96f/0x15d0 [ 1523.559839][ T2974] process_scheduled_works+0xa5d/0x15d0 [ 1523.559899][ T2974] ? worker_attach_to_pool+0x380/0x380 [ 1523.559934][ T2974] ? assign_work+0x3d2/0x5d0 [ 1523.559967][ T2974] worker_thread+0xa55/0xfc0 [ 1523.560025][ T2974] kthread+0x2fa/0x390 [ 1523.560052][ T2974] ? pr_cont_work+0x560/0x560 [ 1523.560079][ T2974] ? kthread_blkcg+0xd0/0xd0 [ 1523.560100][ T2974] ret_from_fork+0x48/0x80 [ 1523.560125][ T2974] ? kthread_blkcg+0xd0/0xd0 [ 1523.560147][ T2974] ret_from_fork_asm+0x11/0x20 [ 1523.560193][ T2974] [ 1523.560771][ T2974] Kernel Offset: disabled