last executing test programs: 4.418270707s ago: executing program 2 (id=863): pipe2(0x0, 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x12c, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x5, {[@global=@item_012={0x1, 0x1, 0x0, 's'}, @global=@item_012={0x2, 0x1, 0x1, "fda1"}]}}, 0x0}, 0x0) 2.37197655s ago: executing program 2 (id=881): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r0, &(0x7f0000000340)='0', 0x1, 0x0, &(0x7f0000000240)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c) shutdown(r0, 0x1) getsockopt$bt_hci(r0, 0x84, 0x6c, &(0x7f0000003140)=""/4095, &(0x7f0000000000)=0xfff) 2.144855539s ago: executing program 2 (id=883): bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x3, 0x0, @void, @value, @void, @value}, 0x48) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x60, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x4c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0xa, 0x0, @loopback}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @mcast1}}}}]}]}, 0x60}}, 0x0) 2.120409951s ago: executing program 0 (id=884): syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x0, &(0x7f0000000080)={[{@gid}, {@barrier}, {@nodecompose}, {@creator={'creator', 0x3d, "04c22302"}}, {@nls={'nls', 0x3d, 'koi8-r'}}, {@gid}, {@force}, {@type={'type', 0x3d, "5361c9e5"}}]}, 0x1, 0x5de, &(0x7f0000000680)="$eJzs3cFvHFcdB/DvbGLHDlK6SZOmICSscgA1IrF3IxMkJKAUZKEKVeLSq5VsaiubNLK3yO0BAuLc/gvlYM4cOKEg5cCZf8GoRwR334xmdta7Sbau3TjeTfr5SLPvvX0zb37vl5nRzFjRBvjaWnkvM4/mk5Ur72yV7Z3tdndnu313UE9yJkkjmUtSlF//LcnnyYP0l3xz0DFSPqX4dOXm2sNPLvdbc/VSrV8ctN3h7MfS7Mdalcc1XuuZxxvOcCHJhbqEidsb+PfY7mc8LwGAaVYkp8Z930zO1jfr5XNA/664f4/9Qnsw6QAAAADgBLyym91s5dyk4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAXSf37/0W9NAb1hRSD3/+frb9LXX+hPZp0AAAAAAAAAABwDL6zm91s5dygvVdUf/N/o2pcrD6/kQ+zmU42cjVbWU0vvWxkKUlzZKDZrdVeb2PpEFu2xm7ZOpn5AgAAAAAAAMBL6o9ZGf79HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAApkGRnOoX1XJxUG+mcTrJXJLZcr0HycNB/UX2aNIBAAAAwAl4ZTe72cq5QXuvqJ75X6ue++fyYe6ll/X00k0nt6p3Af2n/sbOdru7s92+Wy5Pj/uz/x0pjGrE9N89jN/zYrXGpf0tVvLL/CZXspB3s5H1/Dar6aWThbxd1VZTpFm/vWgO4hwf708fa737ZbG+XkUyn9tZr2K7mpv5IN3cSqOaQ7XOwXv8Q5md4ie1Q+boVl2WM/pVXU6HZpWRmf2MLNa5L7Nx/uBMHPE4eXJPS2nsv4O6+BxyfrYuy1y/PdU5b40cfa8dnIlksfXf+2vde3fWbm9emZ4pfUVPZqI9konLR87E3t7e7098Csdkts5G/yp6tKvlG9W257KeX+eD3EonN7KYG1nO9bSznB9leSSvlw5xrjWOdq599/t1ZSbJL+pyOpR5PT+S19ErXbPqG/1mmKULx39FOv2tulIerG9N3RXp/BPX5kEmXj04E3/eKz83u/fubKyt3j/k/r5Xl2UGfj5VmSiPlwvlP1bVevzoKPteHdu3VPVd3O9rPNV3ab/vy87U2foe7umRWlXf5bF97arv9ZG+cXc5AEy9s2+enZ3/z/y/5j+b/9P82vw7c2+duXHm27OZ+efpv5/6a+MvjR8Xb+az/G74/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHx1mx99fGe12+1sqKhMvjKX5LArD373adIxv6SVCV+YgOfuWu/u/WubH338g/W7q+933u/cu7603Lp+fXH5hzeu3V7vdhb7n5MOEwA4RsOb/klHAgAAAAAAAAAAAAAAfJGT+O/Ek54jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwclt5LzOPUmRp8epi2d7ZbnfLZVAfrjmXpCgr/0jyefIg/SXNkeGKL9pP8enKzbWHn1wejjU3WL84aLvDeSyWxhMxPet4rWcebzjDhSQX6hIm7v8BAAD//6YMAag=") shmat(0x0, &(0x7f0000fa4000/0x4000)=nil, 0x0) r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 1.992717872s ago: executing program 3 (id=885): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha512\x00'}, 0x58) accept$alg(r0, 0x0, 0x0) bind$alg(r0, &(0x7f00000003c0)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4309(aegis128)\x00'}, 0x6e) 1.915390238s ago: executing program 2 (id=886): r0 = syz_open_dev$radio(&(0x7f0000002100), 0x2, 0x2) ioctl$int_in(r0, 0x5421, &(0x7f0000000100)=0x6) ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f0000002280)={0x0, 0x1, 0x40}) readv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/183, 0xb7}], 0x1) 1.866628112s ago: executing program 2 (id=887): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c00000011000500000000000000200007d02646", @ANYRES32=r2, @ANYBLOB="00000000000000000c001a800800058004000880"], 0x2c}}, 0x0) 1.835319895s ago: executing program 0 (id=888): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000680)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00T\x00=\t\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00', @ANYRES32=r2, @ANYBLOB="20000280", @ANYRES32=r2, @ANYBLOB="00000000000000000000000000000000000000000000000020000100", @ANYRES32, @ANYBLOB="00000000ac1414aa00000000000000000000000086dd"], 0x58}}, 0x0) 1.6634366s ago: executing program 2 (id=889): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, 0x0) 1.577439497s ago: executing program 0 (id=891): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000080)={0x2, [0x3, 0x1]}, 0x8) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000000)={0x2, [0x5, 0x6]}, &(0x7f0000000040)=0x8) 1.430777689s ago: executing program 0 (id=894): socket$packet(0x11, 0x2, 0x300) socket$packet(0x11, 0x3, 0x300) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ptype\x00') pread64(r0, &(0x7f00000001c0)=""/204, 0xcc, 0x103) 1.317883619s ago: executing program 3 (id=895): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000100000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x801}], {0x3c}}, 0x3c}}, 0x0) 1.247432765s ago: executing program 0 (id=897): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000013c0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000001e80)={&(0x7f0000000000)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000001000000080001001100000008000200020000001c0004800500034906000000050003000100000005"], 0x40}}, 0x0) 1.176618751s ago: executing program 3 (id=899): r0 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0) flock(r0, 0x5) link(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file1\x00') setxattr$security_capability(&(0x7f0000000140)='./file1\x00', &(0x7f0000000180), 0x0, 0x0, 0x0) 1.111182087s ago: executing program 0 (id=900): syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0) 1.091138788s ago: executing program 3 (id=902): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x42000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000000040)={[], 0x0, 0xf864c314378f83e5}) 883.824525ms ago: executing program 3 (id=907): r0 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, 0x0, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) 811.736912ms ago: executing program 3 (id=909): bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x70cb0}], 0xc}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) 701.723661ms ago: executing program 1 (id=912): r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="1809000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300000000000c850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)=r1}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r0, &(0x7f0000000780)}, 0x20) 555.204943ms ago: executing program 1 (id=914): r0 = openat$damon_target_ids(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = gettid() r2 = getpid() write$damon_target_ids(r0, &(0x7f00000000c0)={@void, [{' ', r1}, {' ', r2}, {}]}, 0x3f) 512.758027ms ago: executing program 4 (id=915): r0 = socket(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@getstats={0x1c, 0x13, 0x1}, 0x1c}}, 0x0) 487.080459ms ago: executing program 1 (id=916): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x34, 0x2, {{0x0, 0x0, 0x1}, [@TCA_NETEM_REORDER={0xc}, @TCA_NETEM_CORRUPT={0xc, 0x4, {0x7, 0xfffffffd}}]}}}]}, 0x64}}, 0x0) 391.018047ms ago: executing program 1 (id=917): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000f2ff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000073c00000000000000000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 361.81617ms ago: executing program 4 (id=918): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_QUANTUM={0x8, 0x7, 0x101}, @TCA_FQ_PIE_MEMORY_LIMIT={0x8}]}}]}, 0x44}}, 0x0) 340.587872ms ago: executing program 1 (id=919): r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x3, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x6, 0x1, 0x1}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "e6dd3c3d"}, 0x0, 0x1, {0x0}}) close(r0) 219.212982ms ago: executing program 4 (id=920): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000400)={0x88, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x6a, 0x33, @action={{{}, {}, @device_b}, @mesh_hwmp_psel={0xd, 0x1, {@val={0x82, 0x25, {{}, 0x0, 0x0, 0x0, @device_a, 0x0, @void, 0x0, 0x0, 0x1, [{{}, @device_b}]}}, @val={0x83, 0x1f, {{}, 0x0, 0x0, @device_b, 0x0, @void, 0x0, 0x0, @broadcast}}, @val={0x84, 0x2}, @void}}}}]}, 0x88}}, 0x0) 163.484336ms ago: executing program 4 (id=921): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)="18", 0x1}], 0x1}}, {{&(0x7f00000005c0)={0xa, 0x0, 0x0, @private2}, 0x1c, &(0x7f0000001780)=[{&(0x7f0000000080)="05", 0x1}], 0x1}}], 0x2, 0x0) shutdown(r0, 0x1) setsockopt(r0, 0x84, 0x81, &(0x7f0000000440)="1a00000000000000", 0x8) 141.764398ms ago: executing program 1 (id=922): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84, 0x105, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.93474ms ago: executing program 4 (id=923): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc000000190063480000000000000000ff41000000000000000000000000000100000000000000000000ffffac14140000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500ac141400000000000000000000000000000000002b"], 0xfc}}, 0x0) r1 = socket$l2tp6(0xa, 0x2, 0x73) sendmmsg$inet6(r1, &(0x7f00000003c0)=[{{&(0x7f0000000440)={0xa, 0x0, 0x0, @dev}, 0x1c, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="200000000000000029000000040000000001000000000000050200000002a54714000000000000002900000034000000000000000000000070000000000000002900000037000000000b00000000000001040000000005020000050200000728000000000800000000000000000000000000000000000000000000000000000000000000000000000104000000000106000000000000c910fe8000000000000000000000000000aa1800000000000000290000003700000000000000000000001400000000000000290000003e"], 0xd8}}], 0x1, 0x40088d0) 0s ago: executing program 4 (id=924): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@bridge_dellink={0x2c, 0x13, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x5, 0x0, 0x1, {0x4}}]}]}, 0x2c}}, 0x0) kernel console output (not intermixed with test programs): DEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.138193][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.148227][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.155357][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.163294][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.174784][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.183200][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.190304][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.198790][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.207777][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.216483][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.223720][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.231626][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.241511][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.255551][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.269381][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.299011][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.309580][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.319109][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.329643][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.353317][ T3581] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.367732][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.377456][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.387202][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.397365][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.407861][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.416176][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.425049][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.436319][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.446392][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.477686][ T3581] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.500850][ T3568] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.508548][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 57.516488][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 57.523952][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.533308][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.541214][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.550061][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.561666][ T3575] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.572972][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.581852][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.611689][ T3569] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.631877][ T3569] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.643066][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.657577][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.667553][ T382] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.674705][ T382] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.683480][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.693842][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.702544][ T382] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.709832][ T382] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.718805][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.728134][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.739676][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.772383][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 57.787385][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 57.842117][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.850388][ T3618] Bluetooth: hci0: command 0x041b tx timeout [ 57.851288][ T3611] Bluetooth: hci3: command 0x041b tx timeout [ 57.858109][ T3618] Bluetooth: hci1: command 0x041b tx timeout [ 57.871733][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.881023][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.889181][ T3618] Bluetooth: hci2: command 0x041b tx timeout [ 57.897992][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.907162][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.916706][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.925528][ T3618] Bluetooth: hci4: command 0x041b tx timeout [ 57.926759][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.949332][ T3568] device veth0_vlan entered promiscuous mode [ 57.961552][ T3576] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.973034][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 57.982156][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 58.001648][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 58.014947][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 58.022926][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.032569][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.049589][ T3576] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.068946][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.077457][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.086889][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.094333][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.105852][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.115680][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.124175][ T382] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.131289][ T382] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.145210][ T3568] device veth1_vlan entered promiscuous mode [ 58.160960][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 58.170649][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.180316][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.188176][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.196577][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 58.205888][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.214272][ T382] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.221631][ T382] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.229631][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.243443][ T3581] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 58.261241][ T3575] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.285407][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.294219][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.303152][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.312282][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.322136][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.332141][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.341434][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.351150][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.360707][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.371148][ T3569] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.398145][ T3576] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 58.409997][ T3576] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.419131][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.428659][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.437136][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.467977][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 58.478039][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.508165][ T3568] device veth0_macvtap entered promiscuous mode [ 58.524732][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 58.540456][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 58.552755][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 58.562781][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.573464][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 58.621832][ T3568] device veth1_macvtap entered promiscuous mode [ 58.654249][ T3575] device veth0_vlan entered promiscuous mode [ 58.681478][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 58.692807][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 58.702277][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 58.720261][ T3569] device veth0_vlan entered promiscuous mode [ 58.732936][ T3568] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.749336][ T3581] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.757307][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 58.765802][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 58.773764][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.782616][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.791456][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 58.800330][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 58.810653][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 58.820192][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 58.829334][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 58.837750][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 58.852190][ T3569] device veth1_vlan entered promiscuous mode [ 58.864122][ T3575] device veth1_vlan entered promiscuous mode [ 58.895775][ T3568] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 58.912021][ T3568] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.924367][ T3568] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.933250][ T3568] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.942235][ T3568] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.975026][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 58.983622][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 58.992844][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 59.001290][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 59.010052][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 59.019820][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 59.043837][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 59.052291][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 59.094106][ T3576] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.117021][ T3569] device veth0_macvtap entered promiscuous mode [ 59.129853][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 59.139534][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.148584][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 59.158664][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.167371][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 59.181782][ T3575] device veth0_macvtap entered promiscuous mode [ 59.206055][ T3575] device veth1_macvtap entered promiscuous mode [ 59.217715][ T3569] device veth1_macvtap entered promiscuous mode [ 59.275793][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.283906][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.305691][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 59.313803][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 59.322209][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 59.331088][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 59.339380][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 59.349055][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 59.357865][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 59.371941][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 59.391156][ T3575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.396443][ T3624] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.407290][ T3575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.413118][ T3624] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.422138][ T3575] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.437664][ T3575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.449286][ T3575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.461432][ T3575] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.481804][ T3575] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.491071][ T3575] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.502186][ T3575] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.511283][ T3575] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.522502][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 59.533324][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.542700][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.551469][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 59.560420][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 59.569726][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.578335][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.593782][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.603338][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 59.613782][ T3581] device veth0_vlan entered promiscuous mode [ 59.635789][ T3569] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.646380][ T3569] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.656799][ T3569] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.668016][ T3569] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.690177][ T3569] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.712974][ T3576] device veth0_vlan entered promiscuous mode [ 59.733860][ T3581] device veth1_vlan entered promiscuous mode [ 59.745260][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 59.754623][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.763622][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.773670][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.785471][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.793954][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.802371][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 59.823084][ T3576] device veth1_vlan entered promiscuous mode [ 59.855043][ T3569] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.874111][ T3569] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.890133][ T3569] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.902720][ T3644] loop2: detected capacity change from 0 to 512 [ 59.906800][ T3569] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.926151][ T3569] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.936098][ T3559] Bluetooth: hci2: command 0x040f tx timeout [ 59.945447][ T3559] Bluetooth: hci1: command 0x040f tx timeout [ 59.951679][ T3559] Bluetooth: hci3: command 0x040f tx timeout [ 59.958408][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 59.966129][ T3559] Bluetooth: hci0: command 0x040f tx timeout [ 59.975409][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 59.983718][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 59.987300][ T3644] ======================================================= [ 59.987300][ T3644] WARNING: The mand mount option has been deprecated and [ 59.987300][ T3644] and is ignored by this kernel. Remove the mand [ 59.987300][ T3644] option from the mount to silence this warning. [ 59.987300][ T3644] ======================================================= [ 59.992413][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.035156][ T3614] Bluetooth: hci4: command 0x040f tx timeout [ 60.046759][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 60.057143][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 60.067455][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 60.074086][ T3644] EXT4-fs error (device loop2): ext4_orphan_get:1423: comm syz.2.3: bad orphan inode 15 [ 60.081983][ T3569] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.091089][ T3644] ext4_test_bit(bit=14, block=5) = 0 [ 60.099829][ T3569] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.100165][ T3644] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,stripe=0x0000000000000001,journal_dev=0x0000000000000003,grpid,journal_ioprio=0x0000000000000002,journal_ioprio=0x0000000000000003,nolazytime,noload,,errors=continue. Quota mode: none. [ 60.111799][ T3569] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.150792][ T3569] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.190882][ T3644] EXT4-fs error (device loop2): __ext4_new_inode:1072: comm syz.2.3: reserved inode found cleared - inode=1 [ 60.194154][ T3576] device veth0_macvtap entered promiscuous mode [ 60.209056][ T3644] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 7987 vs 220 free clusters [ 60.229304][ T3644] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem [ 60.237473][ T3581] device veth0_macvtap entered promiscuous mode [ 60.272413][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 60.292292][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 60.304064][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 60.313708][ T3624] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 60.327297][ T3576] device veth1_macvtap entered promiscuous mode [ 60.354074][ T3581] device veth1_macvtap entered promiscuous mode [ 60.401489][ T3650] sg_write: data in/out 489/10 bytes for SCSI command 0xeb-- guessing data in; [ 60.401489][ T3650] program syz.2.6 not setting count and/or reply_len properly [ 60.465607][ T382] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.473612][ T382] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.516872][ T3576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.533210][ T3652] loop2: detected capacity change from 0 to 256 [ 60.540265][ T3576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.555504][ T3576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.567116][ T3576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.578163][ T3576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.582156][ T3652] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 60.588821][ T3576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.612972][ T3576] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.649618][ T3581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.662909][ T3581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.674157][ T3581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.685369][ T3581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.695519][ T3581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.706295][ T3581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.716412][ T3581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.728307][ T3581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.739767][ T3581] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.747705][ T3648] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 60.756043][ T3648] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 60.767388][ T3648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 60.786437][ T3648] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 60.800728][ T3648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 60.815998][ T3576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.827803][ T3576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.838293][ T3576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.849188][ T3576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.859432][ T3576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.870704][ T3576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.882449][ T3576] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.900391][ T3581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.911768][ T3581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.921879][ T3581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.932903][ T3581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.943139][ T3581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.953913][ T3581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.964072][ T3581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.975549][ T3581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.987101][ T3581] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.998421][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 61.007657][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 61.016644][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 61.025966][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 61.043434][ T3576] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.053679][ T3576] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.068693][ T3576] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.078739][ T3576] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.091716][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.107482][ T3581] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.117156][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.144690][ T3581] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.148179][ T3657] loop2: detected capacity change from 0 to 256 [ 61.163540][ T3581] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.173135][ T3581] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.191457][ T382] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.207125][ T3657] exfat: Deprecated parameter 'utf8' [ 61.213106][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 61.227519][ T3657] exfat: Deprecated parameter 'utf8' [ 61.232929][ T3657] exfat: Deprecated parameter 'utf8' [ 61.236035][ T382] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.254036][ T3657] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 61.300494][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 61.382186][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.442327][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.473479][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 61.502829][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.556980][ T3648] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.565936][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.589871][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 61.611788][ T3648] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.626287][ T382] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.663829][ T3648] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 61.702862][ T382] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.720857][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 61.760698][ T3670] loop1: detected capacity change from 0 to 164 [ 61.772114][ T382] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.802593][ T382] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.854198][ T3673] loop2: detected capacity change from 0 to 16 [ 61.889349][ T1452] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 61.908059][ T3670] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 61.995423][ T3673] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 62.027940][ T3559] Bluetooth: hci0: command 0x0419 tx timeout [ 62.034060][ T3559] Bluetooth: hci3: command 0x0419 tx timeout [ 62.048607][ T3559] Bluetooth: hci1: command 0x0419 tx timeout [ 62.062601][ T3559] Bluetooth: hci2: command 0x0419 tx timeout [ 62.067784][ T3683] loop3: detected capacity change from 0 to 512 [ 62.095142][ T3610] Bluetooth: hci4: command 0x0419 tx timeout [ 62.254659][ T3683] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.16: bg 0: block 393: padding at end of block bitmap is not set [ 62.272646][ T3683] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6185: Corrupt filesystem [ 62.285508][ T3698] block nbd4: shutting down sockets [ 62.302740][ T3683] EXT4-fs (loop3): 2 truncates cleaned up [ 62.309969][ T3683] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 62.351792][ T3695] loop1: detected capacity change from 0 to 4096 [ 62.492614][ T3705] netlink: 1184 bytes leftover after parsing attributes in process `syz.4.23'. [ 62.541129][ T3701] loop0: detected capacity change from 0 to 2048 [ 62.628936][ T3709] netlink: 12 bytes leftover after parsing attributes in process `syz.2.26'. [ 62.632997][ T3701] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 62.831343][ T3715] loop1: detected capacity change from 0 to 256 [ 62.961514][ T3715] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 63.050572][ T3715] exFAT-fs (loop1): error, tried to truncate zeroed cluster. [ 63.079614][ T3715] exFAT-fs (loop1): Filesystem has been set read-only [ 63.351775][ T3740] netlink: 'syz.4.40': attribute type 5 has an invalid length. [ 63.436717][ T3742] loop1: detected capacity change from 0 to 64 [ 63.469281][ T3737] loop2: detected capacity change from 0 to 4096 [ 63.528365][ T3744] netlink: 8 bytes leftover after parsing attributes in process `syz.4.43'. [ 63.557905][ T3744] netlink: 'syz.4.43': attribute type 3 has an invalid length. [ 63.630059][ T3746] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 63.662499][ T3737] ntfs: volume version 3.1. [ 63.674331][ T3737] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 63.732398][ T3737] ntfs: (device loop2): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 63.754293][ T3647] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 63.770012][ T3737] ntfs: (device loop2): load_system_files(): Failed to determine if Windows is hibernated. Mounting read-only. Run chkdsk. [ 64.095378][ T3647] usb 1-1: too many configurations: 9, using maximum allowed: 8 [ 64.214197][ T26] audit: type=1326 audit(1729105534.148:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3759 comm="syz.4.51" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9e19491ff9 code=0x0 [ 64.251616][ T3647] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 64.282451][ T3647] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 64.319509][ T3647] usb 1-1: config 0 interface 0 has no altsetting 0 [ 64.344716][ T21] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 64.444907][ T3647] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 64.460356][ T3647] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 64.481290][ T3647] usb 1-1: config 0 interface 0 has no altsetting 0 [ 64.575056][ T3647] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 64.584082][ T23] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 64.599970][ T3647] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 64.611578][ T21] usb 4-1: Using ep0 maxpacket: 32 [ 64.624761][ T3647] usb 1-1: config 0 interface 0 has no altsetting 0 [ 64.704910][ T3647] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 64.718418][ T3647] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 64.741425][ T3647] usb 1-1: config 0 interface 0 has no altsetting 0 [ 64.752146][ T21] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 64.776193][ T21] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.799579][ T21] usb 4-1: config 0 descriptor?? [ 64.865019][ T3647] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 64.874302][ T3647] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 64.893344][ T3647] usb 1-1: config 0 interface 0 has no altsetting 0 [ 64.900488][ T23] usb 2-1: Using ep0 maxpacket: 32 [ 65.029367][ T3647] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 65.045465][ T3647] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 65.069996][ T23] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36 [ 65.084723][ T21] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 65.108171][ T21] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 65.124838][ T3647] usb 1-1: config 0 interface 0 has no altsetting 0 [ 65.155574][ T21] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 65.163381][ T21] usb 4-1: media controller created [ 65.192564][ T21] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 65.215363][ T3647] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 65.224372][ T3647] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 65.251965][ T3647] usb 1-1: config 0 interface 0 has no altsetting 0 [ 65.295131][ T23] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 65.322822][ T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 65.332206][ T23] usb 2-1: Product: syz [ 65.340212][ T23] usb 2-1: Manufacturer: syz [ 65.345872][ T23] usb 2-1: SerialNumber: syz [ 65.361705][ T23] usb 2-1: config 0 descriptor?? [ 65.375523][ T3647] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 65.385722][ T3647] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 65.397569][ T3647] usb 1-1: config 0 interface 0 has no altsetting 0 [ 65.416907][ T3763] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 65.456061][ T23] hub 2-1:0.0: bad descriptor, ignoring hub [ 65.462027][ T23] hub: probe of 2-1:0.0 failed with error -5 [ 65.484708][ T3613] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 65.495262][ T23] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input5 [ 65.587730][ T3647] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 65.605684][ T3647] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 65.626367][ T3647] usb 1-1: Product: syz [ 65.636170][ T3647] usb 1-1: Manufacturer: syz [ 65.640809][ T3647] usb 1-1: SerialNumber: syz [ 65.660167][ T3647] usb 1-1: config 0 descriptor?? [ 65.694386][ T23] usb 2-1: USB disconnect, device number 2 [ 65.700461][ C1] usbtouchscreen 2-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 65.722107][ T3647] yurex 1-1:0.0: USB YUREX device now attached to Yurex #0 [ 65.784955][ T21] az6027: usb out operation failed. (-71) [ 65.791207][ T21] stb0899_attach: Driver disabled by Kconfig [ 65.821447][ T21] az6027: no front-end attached [ 65.821447][ T21] [ 65.846680][ T21] az6027: usb out operation failed. (-71) [ 65.854181][ T21] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 65.863127][ T21] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input6 [ 65.865007][ T3613] usb 5-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36 [ 65.889389][ T21] dvb-usb: schedule remote query interval to 400 msecs. [ 65.908330][ T21] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 65.934561][ T3613] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 65.945663][ T21] usb 4-1: USB disconnect, device number 2 [ 65.963353][ T3613] usb 5-1: config 0 descriptor?? [ 66.062896][ T21] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 66.116739][ T3658] usb 1-1: USB disconnect, device number 2 [ 66.125411][ C1] usb 1-1: yurex_control_callback - control failed: -71 [ 66.137691][ T3658] yurex 1-1:0.0: USB YUREX #0 now disconnected [ 66.260906][ T3613] kaweth 5-1:0.0: Firmware present in device. [ 66.341499][ T3786] loop2: detected capacity change from 0 to 32768 [ 66.464869][ T3613] kaweth 5-1:0.0: Statistics collection: 0 [ 66.473118][ T3613] kaweth 5-1:0.0: Multicast filter limit: 0 [ 66.505619][ T3613] kaweth 5-1:0.0: MTU: 0 [ 66.509943][ T3613] kaweth 5-1:0.0: Read MAC address 00:00:00:00:00:00 [ 66.620515][ T3794] device lo entered promiscuous mode [ 66.651575][ T3794] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 66.855566][ T3612] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 66.894721][ T3613] kaweth 5-1:0.0: Error setting SOFS wait [ 66.900642][ T3613] kaweth: probe of 5-1:0.0 failed with error -5 [ 66.931220][ T3613] usb 5-1: USB disconnect, device number 2 [ 67.029125][ T3807] loop0: detected capacity change from 0 to 512 [ 67.104724][ T3612] usb 4-1: Using ep0 maxpacket: 16 [ 67.125967][ T3807] EXT4-fs (loop0): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback. [ 67.151648][ T3807] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038 (0x7fffffff) [ 67.227298][ T3612] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 67.309310][ T3800] loop2: detected capacity change from 0 to 40427 [ 67.405807][ T3612] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79 [ 67.424865][ T3612] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 67.445197][ T3612] usb 4-1: Product: syz [ 67.451183][ T3612] usb 4-1: Manufacturer: syz [ 67.463198][ T3800] F2FS-fs (loop2): Found nat_bits in checkpoint [ 67.482359][ T3612] usb 4-1: SerialNumber: syz [ 67.506912][ T3612] usb 4-1: config 0 descriptor?? [ 67.545769][ T3822] netlink: 32 bytes leftover after parsing attributes in process `syz.4.75'. [ 67.583543][ T3822] netlink: 32 bytes leftover after parsing attributes in process `syz.4.75'. [ 67.624473][ T3800] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 67.777932][ T3612] usb 4-1: Not enough endpoints found in device, aborting! [ 67.833427][ T3568] attempt to access beyond end of device [ 67.833427][ T3568] loop2: rw=2049, want=45104, limit=40427 [ 68.022548][ T3613] usb 4-1: USB disconnect, device number 3 [ 68.064387][ T3841] loop1: detected capacity change from 0 to 1024 [ 68.306099][ T3648] hfsplus: b-tree write err: -5, ino 4 [ 68.482705][ T3849] loop0: detected capacity change from 0 to 4096 [ 68.597866][ T3854] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 68.731227][ T3849] EXT4-fs (loop0): Test dummy encryption mode enabled [ 68.745003][ T3609] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 68.759590][ T3849] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,delalloc,journal_ioprio=0x0000000000000007,test_dummy_encryption,nodiscard,nodelalloc,acl,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback. [ 68.827629][ T3849] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: writeback. [ 69.136428][ T3877] netlink: 12 bytes leftover after parsing attributes in process `syz.0.98'. [ 69.146108][ T3609] usb 2-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98 [ 69.158679][ T3609] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.186836][ T3609] usb 2-1: config 0 descriptor?? [ 69.210309][ T3658] Bluetooth: hci4: command 0x0405 tx timeout [ 69.256111][ T3609] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 69.268919][ T3883] netlink: 24 bytes leftover after parsing attributes in process `syz.2.100'. [ 69.276999][ T3609] usb 2-1: Detected FT-X [ 69.284151][ T3883] netlink: 24 bytes leftover after parsing attributes in process `syz.2.100'. [ 69.398033][ T3889] netlink: 8 bytes leftover after parsing attributes in process `syz.3.104'. [ 69.464798][ T3609] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 69.709436][ T3835] loop4: detected capacity change from 0 to 65536 [ 69.730951][ T3609] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71 [ 69.751990][ T3609] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 69.770356][ T3609] usb 2-1: USB disconnect, device number 3 [ 69.789628][ T3609] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 69.839055][ T3609] ftdi_sio 2-1:0.0: device disconnected [ 69.936668][ T3835] XFS (loop4): Mounting V5 Filesystem [ 70.173367][ T3835] XFS (loop4): Ending clean mount [ 70.450711][ T3913] loop0: detected capacity change from 0 to 40427 [ 70.527874][ T3891] loop2: detected capacity change from 0 to 40427 [ 70.589746][ T3581] XFS (loop4): Unmounting Filesystem [ 70.611970][ T3913] F2FS-fs (loop0): Found nat_bits in checkpoint [ 70.624427][ T3891] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 70.665145][ T3891] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 70.721086][ T3891] F2FS-fs (loop2): Found nat_bits in checkpoint [ 70.810522][ T3913] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 70.867144][ T3891] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 70.884192][ T3891] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 70.974286][ T3920] loop3: detected capacity change from 0 to 32768 [ 71.006580][ T3575] attempt to access beyond end of device [ 71.006580][ T3575] loop0: rw=2049, want=45104, limit=40427 [ 71.027902][ T3920] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.115 (3920) [ 71.137973][ T3920] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 71.155017][ T3920] BTRFS info (device loop3): using free space tree [ 71.161573][ T3920] BTRFS info (device loop3): has skinny extents [ 71.212116][ T1389] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.218933][ T1389] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.558645][ T3920] BTRFS info (device loop3): enabling ssd optimizations [ 71.904654][ T3658] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 71.951694][ T3971] loop0: detected capacity change from 0 to 4096 [ 72.121816][ T3971] ntfs3: loop0: failed to convert "0080" to cp850 [ 72.146288][ T3971] ntfs3: loop0: failed to convert name for inode 1e. [ 72.275041][ T3658] usb 5-1: config 0 interface 0 has no altsetting 0 [ 72.281712][ T3658] usb 5-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 72.292179][ T3658] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.314143][ T3658] usb 5-1: config 0 descriptor?? [ 72.784900][ T23] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 72.795947][ T3998] loop3: detected capacity change from 0 to 4096 [ 72.870063][ T3998] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 72.946045][ T4003] loop1: detected capacity change from 0 to 4096 [ 73.004002][ T4003] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 73.026129][ T4010] loop2: detected capacity change from 0 to 512 [ 73.047488][ T4003] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 73.090548][ T4010] EXT4-fs (loop2): Ignoring removed oldalloc option [ 73.147818][ T4010] EXT4-fs error (device loop2): ext4_xattr_inode_iget:400: comm syz.2.140: Parent and EA inode have the same ino 15 [ 73.173501][ T4010] EXT4-fs (loop2): Remounting filesystem read-only [ 73.194347][ T4010] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2815: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 73.208622][ T4010] EXT4-fs error (device loop2): ext4_evict_inode:293: comm syz.2.140: couldn't truncate inode 15 (err -30) [ 73.215206][ T23] usb 1-1: config 0 interface 0 altsetting 244 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 73.228722][ T3658] video4linux radio32: keene_cmd_main failed (-71) [ 73.240051][ T4010] EXT4-fs (loop2): 1 orphan inode deleted [ 73.246458][ T3658] radio-keene 5-1:0.0: V4L2 device registered as radio32 [ 73.253598][ T4010] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,bsdgroups,debug_want_extra_isize=0x000000000000005e,noauto_da_alloc,bsdgroups,oldalloc,stripe=0x0000000000000006,. Quota mode: none. [ 73.278413][ T3658] usb 5-1: USB disconnect, device number 3 [ 73.290260][ T23] usb 1-1: config 0 interface 0 has no altsetting 0 [ 73.319368][ T23] usb 1-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00 [ 73.346262][ T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.405541][ T23] usb 1-1: config 0 descriptor?? [ 73.456725][ T26] audit: type=1326 audit(1729105543.398:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4018 comm="syz.1.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65e8366ff9 code=0x7ffc0000 [ 73.533664][ T26] audit: type=1326 audit(1729105543.398:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4018 comm="syz.1.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f65e8366ff9 code=0x7ffc0000 [ 73.562330][ T26] audit: type=1326 audit(1729105543.398:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4018 comm="syz.1.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65e8366ff9 code=0x7ffc0000 [ 73.590547][ T26] audit: type=1326 audit(1729105543.428:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4018 comm="syz.1.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65e8366ff9 code=0x7ffc0000 [ 73.683379][ T4027] capability: warning: `syz.2.144' uses deprecated v2 capabilities in a way that may be insecure [ 73.733994][ T4027] program syz.2.144 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 73.797871][ T4025] loop3: detected capacity change from 0 to 8192 [ 73.897674][ T4025] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 73.942649][ T23] gt683r_led 0003:1770:FF00.0001: hidraw0: USB HID v0.00 Device [HID 1770:ff00] on usb-dummy_hcd.0-1/input0 [ 74.168327][ T3609] usb 1-1: USB disconnect, device number 3 [ 74.184738][ T3647] gt683r_led 0003:1770:FF00.0001: failed to send set report request: -19 [ 74.354603][ T23] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 74.392870][ T4060] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 74.690096][ T4072] netlink: 24 bytes leftover after parsing attributes in process `syz.4.168'. [ 74.764889][ T23] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 74.782983][ T23] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 74.823724][ T23] usb 2-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00 [ 74.853019][ T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 74.867671][ T23] usb 2-1: config 0 descriptor?? [ 74.887802][ T4077] capability: warning: `syz.4.172' uses 32-bit capabilities (legacy support in use) [ 74.975353][ T4081] xt_bpf: check failed: parse error [ 75.367362][ T23] steelseries_srws1 0003:1038:1410.0002: not enough fields in HID_OUTPUT_REPORT 0 [ 75.582205][ T3612] usb 2-1: USB disconnect, device number 4 [ 75.746275][ T4122] sctp: [Deprecated]: syz.4.190 (pid 4122) Use of int in maxseg socket option. [ 75.746275][ T4122] Use struct sctp_assoc_value instead [ 75.923743][ T4128] loop4: detected capacity change from 0 to 1024 [ 76.022408][ T4128] EXT4-fs (loop4): Ignoring removed orlov option [ 76.025220][ T4130] 9p: Unknown Cache mode m [ 76.077030][ T4128] EXT4-fs (loop4): mounted filesystem without journal. Opts: norecovery,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,resuid=0x0000000000000000,,errors=continue. Quota mode: none. [ 76.187000][ T4136] process 'syz.1.196' launched './file1' with NULL argv: empty string added [ 76.348115][ T4124] loop2: detected capacity change from 0 to 32768 [ 76.365787][ T4140] loop3: detected capacity change from 0 to 512 [ 76.408408][ T4140] EXT4-fs (loop3): external journal device major/minor numbers have changed [ 76.460671][ T4140] blk_update_request: I/O error, dev loop7, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.501388][ T4124] XFS (loop2): Mounting V5 Filesystem [ 76.536037][ T4140] EXT4-fs (loop3): couldn't read superblock of external journal [ 76.637026][ T4124] XFS (loop2): Ending clean mount [ 76.658203][ T4124] XFS (loop2): Quotacheck needed: Please wait. [ 76.848612][ T4124] XFS (loop2): Quotacheck: Done. [ 77.073219][ T3568] XFS (loop2): Unmounting Filesystem [ 77.173538][ T4165] program syz.3.205 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 77.250148][ T4167] mkiss: ax0: crc mode is auto. [ 77.343763][ T4169] loop3: detected capacity change from 0 to 1024 [ 77.449946][ T4142] loop4: detected capacity change from 0 to 32768 [ 77.461810][ T4155] loop0: detected capacity change from 0 to 32768 [ 77.545673][ T4142] [ 77.545673][ T4142] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.545673][ T4142] [ 77.619707][ T9] hfsplus: b-tree write err: -5, ino 4 [ 77.639402][ T4155] XFS (loop0): Mounting V5 Filesystem [ 77.664781][ T4142] [ 77.664781][ T4142] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.664781][ T4142] [ 77.684872][ T4142] [ 77.684872][ T4142] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.684872][ T4142] [ 77.696550][ T4142] [ 77.696550][ T4142] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.696550][ T4142] [ 77.720602][ T4142] [ 77.720602][ T4142] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.720602][ T4142] [ 77.801582][ T4181] [ 77.801582][ T4181] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.801582][ T4181] [ 77.813566][ T4181] [ 77.813566][ T4181] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.813566][ T4181] [ 77.837084][ T4181] [ 77.837084][ T4181] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.837084][ T4181] [ 77.848531][ T4181] [ 77.848531][ T4181] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.848531][ T4181] [ 77.871217][ T4181] [ 77.871217][ T4181] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.871217][ T4181] [ 77.894971][ T4155] XFS (loop0): Ending clean mount [ 77.908337][ T9] [ 77.908337][ T9] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.908337][ T9] [ 77.938307][ T9] [ 77.938307][ T9] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.938307][ T9] [ 77.965861][ T3581] [ 77.965861][ T3581] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.965861][ T3581] [ 77.990228][ T276] [ 77.990228][ T276] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.990228][ T276] [ 78.007997][ T3581] [ 78.007997][ T3581] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.007997][ T3581] [ 78.022696][ T3575] XFS (loop0): Unmounting Filesystem [ 78.769893][ T4190] loop3: detected capacity change from 0 to 32768 [ 78.850866][ T4212] loop1: detected capacity change from 0 to 256 [ 78.868243][ T4190] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop3 scanned by syz.3.214 (4190) [ 78.943583][ T4215] loop2: detected capacity change from 0 to 256 [ 78.964883][ T4190] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 78.996062][ T4212] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 78.996726][ T4215] exfat: Deprecated parameter 'utf8' [ 79.015314][ T4190] BTRFS info (device loop3): using free space tree [ 79.042210][ T4190] BTRFS info (device loop3): has skinny extents [ 79.102628][ T4215] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 79.273496][ T4215] exfat: Unknown parameter '˙˙˙˙˙˙˙˙˙˙¤ Z*¬đżË m.Dc8Ť'ń@Ř×C9Gö9śůő?Ŕ9†Sĺ¦{»1źżJĆöĚŐ¬żá5 æŇÔŚöŔ‰Ýöqq˙ł±Yçł”ĹÚóá' [ 79.341142][ T4190] BTRFS info (device loop3): enabling ssd optimizations [ 79.579457][ T4200] loop0: detected capacity change from 0 to 32768 [ 79.969935][ T4200] XFS (loop0): Mounting V5 Filesystem [ 80.083869][ T4285] loop4: detected capacity change from 0 to 128 [ 80.154442][ T4287] loop1: detected capacity change from 0 to 64 [ 80.229622][ T4291] netlink: 8 bytes leftover after parsing attributes in process `syz.2.241'. [ 80.257654][ T4200] XFS (loop0): Ending clean mount [ 80.301766][ T4291] loop2: detected capacity change from 0 to 1024 [ 80.331504][ T4293] loop3: detected capacity change from 0 to 512 [ 80.373112][ T3575] XFS (loop0): Unmounting Filesystem [ 80.395145][ T4293] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 80.442918][ T4293] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 80.464755][ T4291] EXT4-fs error (device loop2): __ext4_get_inode_loc:4320: comm syz.2.241: Invalid inode table block 0 in block_group 0 [ 80.489993][ T4291] EXT4-fs (loop2): get root inode failed [ 80.510233][ T4291] EXT4-fs (loop2): mount failed [ 80.608311][ T4293] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #16: comm syz.3.242: invalid indirect mapped block 4294967295 (level 0) [ 80.634211][ T4293] EXT4-fs (loop3): Remounting filesystem read-only [ 80.640840][ T4293] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #16: comm syz.3.242: invalid indirect mapped block 4294967295 (level 1) [ 80.665653][ T4293] EXT4-fs (loop3): 1 orphan inode deleted [ 80.671484][ T4293] EXT4-fs (loop3): 1 truncate cleaned up [ 80.750136][ T4293] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,lazytime,debug_want_extra_isize=0x000000000000006e,block_validity,block_validity,quota,. Quota mode: writeback. [ 80.936136][ T4308] input: syz1 as /devices/virtual/input/input7 [ 81.158555][ T4306] loop4: detected capacity change from 0 to 8192 [ 81.251991][ T4306] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 81.307935][ T4306] REISERFS (device loop4): using ordered data mode [ 81.380341][ T4306] reiserfs: using flush barriers [ 81.442990][ T4306] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.446674][ T4326] Bluetooth: hci0: load_link_keys: expected 51203 bytes, got 7 bytes [ 81.462677][ T1075] cfg80211: failed to load regulatory.db [ 81.487398][ T4306] REISERFS (device loop4): checking transaction log (loop4) [ 81.681783][ T4314] loop3: detected capacity change from 0 to 32768 [ 81.801455][ T4306] REISERFS (device loop4): Using tea hash to sort names [ 81.857672][ T4306] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 81.892239][ T4306] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 81.896856][ T4314] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 81.944778][ T1075] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 82.030015][ T4349] (syz.3.250,4349,1):ocfs2_parse_options:1447 ERROR: Unrecognized mount option "˙˙˙˙˙˙˙˙˙˙01777777777777777777777ńĽĘíXŤcĄvĚ:ýQşňśŢ" or missing value [ 82.210255][ T1075] usb 1-1: Using ep0 maxpacket: 32 [ 82.288168][ T3576] ocfs2: Unmounting device (7,3) on (node local) [ 82.388235][ T4360] loop1: detected capacity change from 0 to 2048 [ 82.501738][ T4360] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 82.544900][ T1075] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 82.560511][ T1075] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.584902][ T4360] ext4 filesystem being mounted at /59/file0 supports timestamps until 2038 (0x7fffffff) [ 82.612952][ T1075] usb 1-1: Product: syz [ 82.629247][ T4362] loop2: detected capacity change from 0 to 8192 [ 82.645290][ T1075] usb 1-1: Manufacturer: syz [ 82.649981][ T1075] usb 1-1: SerialNumber: syz [ 82.676748][ T1075] usb 1-1: config 0 descriptor?? [ 82.710381][ T4362] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 82.727413][ T1075] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 82.735830][ T4362] REISERFS (device loop2): using ordered data mode [ 82.742378][ T4362] reiserfs: using flush barriers [ 82.756351][ T4374] loop4: detected capacity change from 0 to 64 [ 82.770728][ T4362] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 82.796627][ T4362] REISERFS (device loop2): checking transaction log (loop2) [ 82.806903][ T4376] loop3: detected capacity change from 0 to 128 [ 82.853426][ T4376] VFS: Found a Xenix FS (block size = 512) on device loop3 [ 82.941418][ T4378] loop1: detected capacity change from 0 to 256 [ 82.947088][ T4376] sysv_count_free_blocks: cannot read free-list block [ 82.984772][ T4362] REISERFS (device loop2): Using tea hash to sort names [ 82.996921][ T4362] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 83.010667][ T4376] sysv_count_free_inodes: unable to read inode table [ 83.024167][ T4376] Process accounting resumed [ 83.057330][ T4378] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 83.097361][ T4378] exFAT-fs (loop1): hint_cluster is invalid (17) [ 83.234690][ T3576] sysv_free_block: trying to free block not in datazone [ 83.251225][ T3576] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 83.470840][ T4387] loop3: detected capacity change from 0 to 256 [ 83.604978][ T1075] gspca_stk1135: reg_w 0x5 err -71 [ 83.611198][ T1075] gspca_stk1135: serial bus timeout: status=0x00 [ 83.655885][ T1075] gspca_stk1135: Sensor write failed [ 83.678045][ T1075] gspca_stk1135: serial bus timeout: status=0x00 [ 83.689493][ T1075] gspca_stk1135: Sensor write failed [ 83.704455][ T1075] gspca_stk1135: serial bus timeout: status=0x00 [ 83.712009][ T1075] gspca_stk1135: Sensor read failed [ 83.724020][ T1075] gspca_stk1135: serial bus timeout: status=0x00 [ 83.730767][ T1075] gspca_stk1135: Sensor read failed [ 83.742683][ T1075] gspca_stk1135: Detected sensor type unknown (0x0) [ 83.749753][ T1075] gspca_stk1135: serial bus timeout: status=0x00 [ 83.763517][ T1075] gspca_stk1135: Sensor read failed [ 83.771613][ T1075] gspca_stk1135: serial bus timeout: status=0x00 [ 83.784550][ T1075] gspca_stk1135: Sensor read failed [ 83.790699][ T1075] gspca_stk1135: serial bus timeout: status=0x00 [ 83.802535][ T1075] gspca_stk1135: Sensor write failed [ 83.809828][ T1075] gspca_stk1135: serial bus timeout: status=0x00 [ 83.821717][ T1075] gspca_stk1135: Sensor write failed [ 83.829676][ T1075] stk1135: probe of 1-1:0.0 failed with error -71 [ 83.852122][ T1075] usb 1-1: USB disconnect, device number 4 [ 83.948251][ T4385] loop1: detected capacity change from 0 to 32768 [ 84.038799][ T4385] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop1 scanned by syz.1.277 (4385) [ 84.091419][ T4385] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 84.134225][ T4385] BTRFS info (device loop1): using free space tree [ 84.186126][ T4385] BTRFS info (device loop1): has skinny extents [ 84.461626][ T4419] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.513379][ T4419] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 84.513611][ T4385] BTRFS info (device loop1): enabling ssd optimizations [ 84.610481][ T26] audit: type=1804 audit(1729105554.548:7): pid=4385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.277" name="/newroot/61/file0/file1" dev="loop1" ino=260 res=1 errno=0 [ 85.344258][ T4455] loop2: detected capacity change from 0 to 2048 [ 85.448301][ T4459] loop0: detected capacity change from 0 to 64 [ 85.563408][ T4455] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 85.805897][ T4468] loop1: detected capacity change from 0 to 64 [ 85.843585][ T4470] netlink: 'syz.4.306': attribute type 5 has an invalid length. [ 85.873565][ T4444] loop3: detected capacity change from 0 to 32768 [ 85.974758][ T4475] loop2: detected capacity change from 0 to 128 [ 86.069860][ T4475] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 86.154161][ T4475] ext4 filesystem being mounted at /69/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 86.488146][ T4492] netlink: 16 bytes leftover after parsing attributes in process `syz.4.314'. [ 87.010303][ T4520] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 87.214637][ T4277] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 87.454675][ T4277] usb 5-1: Using ep0 maxpacket: 8 [ 87.544775][ T3609] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 87.579867][ T4277] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 87.621495][ T4277] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 87.651809][ T4277] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 87.690918][ T4277] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 87.735290][ T4277] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 87.744376][ T4277] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.827699][ T4540] loop3: detected capacity change from 0 to 256 [ 87.886027][ T4540] exfat: Deprecated parameter 'utf8' [ 87.891399][ T4540] exfat: Deprecated parameter 'utf8' [ 87.917614][ T4540] exfat: Deprecated parameter 'utf8' [ 87.956934][ T4540] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 87.974991][ T3609] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 88.004820][ T3609] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 88.034613][ T3609] usb 3-1: New USB device found, idVendor=056a, idProduct=00b0, bcdDevice= 0.00 [ 88.064229][ T3609] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 88.065076][ T4277] usb 5-1: GET_CAPABILITIES returned 0 [ 88.089485][ T4525] loop0: detected capacity change from 0 to 32768 [ 88.099386][ T3609] usb 3-1: config 0 descriptor?? [ 88.114570][ T4277] usbtmc 5-1:16.0: can't read capabilities [ 88.207315][ T4523] loop1: detected capacity change from 0 to 40427 [ 88.233304][ T4525] XFS (loop0): Mounting V5 Filesystem [ 88.250850][ T4523] F2FS-fs (loop1): invalid crc value [ 88.343592][ T4513] usbtmc 5-1:16.0: send_request_dev_dep_msg_in returned -90 [ 88.393712][ T4523] F2FS-fs (loop1): Found nat_bits in checkpoint [ 88.418982][ T1075] usb 5-1: USB disconnect, device number 4 [ 88.435929][ T4525] XFS (loop0): Ending clean mount [ 88.458586][ T4525] XFS (loop0): Quotacheck needed: Please wait. [ 88.554207][ T4525] XFS (loop0): Quotacheck: Done. [ 88.588774][ T3609] wacom 0003:056A:00B0.0003: Unknown device_type for 'HID 056a:00b0'. Assuming pen. [ 88.628381][ T4523] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 88.660883][ T3609] wacom 0003:056A:00B0.0003: hidraw0: USB HID v0.00 Device [HID 056a:00b0] on usb-dummy_hcd.2-1/input0 [ 88.678965][ T26] audit: type=1800 audit(1729105558.618:8): pid=4525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.328" name="file0" dev="loop0" ino=1060 res=0 errno=0 [ 88.702282][ T4523] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 88.723201][ T3609] input: Wacom Intuos3 4x5 Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:00B0.0003/input/input9 [ 88.883022][ T3575] XFS (loop0): Unmounting Filesystem [ 88.891312][ T3609] usb 3-1: USB disconnect, device number 2 [ 88.943282][ T3569] attempt to access beyond end of device [ 88.943282][ T3569] loop1: rw=2049, want=45104, limit=40427 [ 89.394798][ T4453] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 89.664672][ T4453] usb 4-1: Using ep0 maxpacket: 32 [ 89.801609][ T4572] loop2: detected capacity change from 0 to 4096 [ 89.805183][ T4562] loop4: detected capacity change from 0 to 40427 [ 89.816777][ T4453] usb 4-1: config 0 has an invalid interface number: 126 but max is 0 [ 89.827407][ T4453] usb 4-1: config 0 has no interface number 0 [ 89.833773][ T4453] usb 4-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023 [ 89.833810][ T4453] usb 4-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8 [ 89.833836][ T4453] usb 4-1: config 0 interface 126 has no altsetting 0 [ 89.859109][ T4572] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 89.884623][ T4276] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 89.920838][ T4572] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 89.945487][ T4572] ntfs3: loop2: Failed to load $Extend. [ 89.952836][ T4562] F2FS-fs (loop4): invalid crc value [ 90.006771][ T4562] F2FS-fs (loop4): Found nat_bits in checkpoint [ 90.016699][ T4453] usb 4-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c [ 90.051811][ T4453] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 90.073170][ T4453] usb 4-1: Product: syz [ 90.092182][ T4453] usb 4-1: Manufacturer: syz [ 90.112478][ T4562] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 90.134566][ T4276] usb 1-1: Using ep0 maxpacket: 8 [ 90.136274][ T4453] usb 4-1: SerialNumber: syz [ 90.165902][ T4453] usb 4-1: config 0 descriptor?? [ 90.195798][ T4560] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 90.203020][ T4560] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 90.227904][ T3581] attempt to access beyond end of device [ 90.227904][ T3581] loop4: rw=2049, want=45104, limit=40427 [ 90.254922][ T4276] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 90.281971][ T4276] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 90.319777][ T4276] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 90.344597][ T4276] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 90.366617][ T4276] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 90.406618][ T4276] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 90.428767][ T4276] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.604752][ T4277] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 90.635314][ T4601] netlink: 8 bytes leftover after parsing attributes in process `syz.2.355'. [ 90.679850][ T4453] ir_usb 4-1:0.126: IR Dongle converter detected [ 90.724800][ T4276] usb 1-1: GET_CAPABILITIES returned 0 [ 90.730858][ T4276] usbtmc 1-1:16.0: can't read capabilities [ 90.905076][ T4453] usb 4-1: IR Dongle converter now attached to ttyUSB0 [ 90.939369][ T4453] usb 1-1: USB disconnect, device number 5 [ 90.994667][ T4277] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 91.015459][ T4277] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 91.025418][ T4277] usb 2-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 91.038308][ T3609] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 91.047187][ T4277] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.066703][ T4611] loop4: detected capacity change from 0 to 4096 [ 91.067949][ T4277] usb 2-1: config 0 descriptor?? [ 91.098095][ T4611] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 91.134322][ T1078] usb 4-1: USB disconnect, device number 4 [ 91.166669][ T1078] ir-usb ttyUSB0: IR Dongle converter now disconnected from ttyUSB0 [ 91.178795][ T4611] ntfs: (device loop4): parse_options(): NLS character set macgre˙ not found. Using previous one utf8. [ 91.186137][ T1078] ir_usb 4-1:0.126: device disconnected [ 91.200963][ T4611] ntfs: (device loop4): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 91.216141][ T4611] ntfs: (device loop4): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 91.238784][ T4611] ntfs: volume version 3.1. [ 91.448475][ T3609] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 91.473538][ T3609] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 91.501879][ T3609] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 91.521390][ T4617] loop4: detected capacity change from 0 to 2048 [ 91.523763][ T3609] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.575800][ T4617] loop4: p1 < > p3 [ 91.585731][ T4604] raw-gadget.3 gadget: fail, usb_ep_enable returned -22 [ 91.596928][ T4277] hid-steam 0003:28DE:1142.0004: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.1-1/input0 [ 91.628516][ T4617] loop4: p3 size 134217728 extends beyond EOD, truncated [ 91.687345][ T4277] hid-steam 0003:28DE:1142.0005: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.1-1/input0 [ 91.741170][ T4617] netlink: 'syz.4.360': attribute type 6 has an invalid length. [ 91.804853][ T4277] hid-steam 0003:28DE:1142.0004: Steam wireless receiver connected [ 91.825391][ T4277] usb 2-1: USB disconnect, device number 5 [ 91.852243][ T3583] udevd[3583]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 91.865443][ T3578] udevd[3578]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 91.887918][ T4277] hid-steam 0003:28DE:1142.0004: Steam wireless receiver disconnected [ 91.990040][ T3609] usb 3-1: USB disconnect, device number 3 [ 92.043206][ T3583] udevd[3583]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 92.058391][ T3758] udevd[3758]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 92.165475][ T4629] loop3: detected capacity change from 0 to 512 [ 92.234949][ T4629] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 92.260770][ T4629] EXT4-fs (loop3): can't mount with journal_async_commit, fs mounted w/o journal [ 92.379302][ T4619] loop0: detected capacity change from 0 to 32768 [ 92.455233][ T4629] netlink: 4 bytes leftover after parsing attributes in process `syz.3.365'. [ 92.548198][ T4619] XFS (loop0): Mounting V5 Filesystem [ 92.583643][ T4642] loop1: detected capacity change from 0 to 1024 [ 92.705860][ T4642] EXT4-fs (loop1): unable to read superblock [ 92.749020][ T4619] XFS (loop0): Ending clean mount [ 92.974984][ T3575] XFS (loop0): Unmounting Filesystem [ 93.519320][ T4671] loop3: detected capacity change from 0 to 1024 [ 93.825810][ T4641] loop4: detected capacity change from 0 to 32768 [ 93.989043][ T4641] (syz.4.368,4641,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 94.080928][ T4641] (syz.4.368,4641,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 94.169841][ T4689] loop3: detected capacity change from 0 to 512 [ 94.185806][ T4641] JBD2: Ignoring recovery information on journal [ 94.315687][ T4689] EXT4-fs (loop3): orphan cleanup on readonly fs [ 94.332514][ T4641] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 94.372082][ T4689] Quota error (device loop3): v2_read_file_info: Number of blocks too big for quota file size (171798693888 > 6144). [ 94.413447][ T4689] EXT4-fs warning (device loop3): ext4_enable_quotas:6431: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 94.425375][ T4661] loop1: detected capacity change from 0 to 32768 [ 94.447529][ T4700] netlink: 'syz.0.391': attribute type 4 has an invalid length. [ 94.490371][ T4689] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 94.497815][ T4689] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.388: couldn't read orphan inode 26 (err -116) [ 94.525589][ T4689] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 94.535476][ T4661] XFS: attr2 mount option is deprecated. [ 94.554606][ T4661] XFS: ikeep mount option is deprecated. [ 94.571687][ T4661] XFS: noikeep mount option is deprecated. [ 94.587522][ T4689] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 94.654343][ T4661] XFS (loop1): Mounting V5 Filesystem [ 94.673444][ T3581] ocfs2: Unmounting device (7,4) on (node local) [ 94.742262][ T4689] Quota error (device loop3): v2_read_file_info: Number of blocks too big for quota file size (171798693888 > 6144). [ 94.884965][ T4689] EXT4-fs warning (device loop3): ext4_enable_quotas:6431: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 94.923530][ T4661] XFS (loop1): Ending clean mount [ 94.948525][ T4661] XFS (loop1): Quotacheck needed: Please wait. [ 95.008511][ T4724] netlink: 'syz.2.398': attribute type 29 has an invalid length. [ 95.025034][ T4724] netlink: 'syz.2.398': attribute type 29 has an invalid length. [ 95.090344][ T4661] XFS (loop1): Quotacheck: Done. [ 95.232626][ T3569] XFS (loop1): Unmounting Filesystem [ 95.683999][ T4750] netlink: 4 bytes leftover after parsing attributes in process `syz.3.410'. [ 95.745473][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): ipvlan2: link becomes ready [ 96.058937][ T4759] loop4: detected capacity change from 0 to 512 [ 96.374020][ T4763] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.581151][ T4766] loop4: detected capacity change from 0 to 4096 [ 96.602628][ T4763] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.765643][ T4755] loop2: detected capacity change from 0 to 32768 [ 96.799080][ T4763] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.830685][ T4777] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 96.938549][ T26] audit: type=1800 audit(1729105566.878:9): pid=4766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.416" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 97.002212][ T4763] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.162239][ T4782] loop0: detected capacity change from 0 to 8192 [ 97.236781][ T4763] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.267363][ T4763] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.278730][ T4782] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 97.283226][ T4763] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.304885][ T4763] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.357737][ T4782] REISERFS (device loop0): using ordered data mode [ 97.377716][ T4782] reiserfs: using flush barriers [ 97.385890][ T4791] kernel read not supported for file /eth0 (pid: 4791 comm: syz.3.426) [ 97.395836][ T26] audit: type=1800 audit(1729105567.338:10): pid=4791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.426" name="eth0" dev="mqueue" ino=35512 res=0 errno=0 [ 97.426103][ T4782] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 97.489224][ T4782] REISERFS (device loop0): checking transaction log (loop0) [ 97.514451][ T4797] loop2: detected capacity change from 0 to 2048 [ 97.554069][ T4797] EXT4-fs (loop2): Ignoring removed orlov option [ 97.646891][ T4797] EXT4-fs (loop2): mounted filesystem without journal. Opts: orlov,errors=remount-ro,. Quota mode: none. [ 97.808532][ T4782] REISERFS (device loop0): Using tea hash to sort names [ 97.841858][ T4797] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 97.875860][ T4782] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 97.934852][ T4782] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 98.015061][ T4797] EXT4-fs (loop2): Remounting filesystem read-only [ 98.037080][ T4782] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 98.360185][ T4820] loop4: detected capacity change from 0 to 512 [ 98.403565][ T4799] loop3: detected capacity change from 0 to 32768 [ 98.458286][ T4799] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.430 (4799) [ 98.508582][ T4820] EXT4-fs (loop4): 1 orphan inode deleted [ 98.528992][ T4820] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 98.540438][ T4820] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038 (0x7fffffff) [ 98.576109][ T4799] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 98.590409][ T4828] loop2: detected capacity change from 0 to 4096 [ 98.607291][ T4830] loop0: detected capacity change from 0 to 128 [ 98.613870][ T4799] BTRFS info (device loop3): setting nodatacow, compression disabled [ 98.623557][ T4799] BTRFS info (device loop3): turning on flush-on-commit [ 98.632795][ T4799] BTRFS info (device loop3): max_inline at 0 [ 98.639306][ T4799] BTRFS info (device loop3): enabling auto defrag [ 98.650373][ T4799] BTRFS info (device loop3): max_inline at 63 [ 98.654887][ T4830] EXT4-fs (loop0): Ignoring removed nobh option [ 98.656700][ T4799] BTRFS info (device loop3): using free space tree [ 98.670516][ T4799] BTRFS info (device loop3): has skinny extents [ 98.691781][ T4828] NILFS (loop2): invalid segment: Checksum error in segment payload [ 98.715816][ T4830] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobh,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none. [ 98.757457][ T4828] NILFS (loop2): trying rollback from an earlier position [ 98.771589][ T4801] loop1: detected capacity change from 0 to 40427 [ 98.780621][ T4830] ext4 filesystem being mounted at /76/mnt supports timestamps until 2038 (0x7fffffff) [ 98.830858][ T4801] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 98.833399][ T4828] NILFS (loop2): recovery complete [ 98.843214][ T4799] BTRFS info (device loop3): enabling ssd optimizations [ 98.853092][ T4801] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 98.901034][ T4850] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 98.979973][ T4801] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 98.987720][ T4799] BTRFS info (device loop3): device stats zeroed by syz.3.430 (4799) [ 99.171428][ T4801] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 99.236435][ T4801] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 99.314801][ T4861] program syz.0.444 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 99.443222][ T4868] loop2: detected capacity change from 0 to 64 [ 99.807763][ T3569] attempt to access beyond end of device [ 99.807763][ T3569] loop1: rw=2049, want=45104, limit=40427 [ 100.318603][ T4906] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 100.774927][ T4899] loop0: detected capacity change from 0 to 32768 [ 100.842660][ T4899] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz.0.460 (4899) [ 100.876976][ T4907] loop2: detected capacity change from 0 to 40427 [ 100.926196][ T4919] loop3: detected capacity change from 0 to 64 [ 100.938193][ T4899] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 100.947760][ T4907] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(0) root(3) [ 100.963675][ T4907] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 100.976034][ T4899] BTRFS info (device loop0): disabling tree log [ 100.990826][ T4899] BTRFS info (device loop0): metadata ratio 65537 [ 101.007795][ T4907] F2FS-fs (loop2): invalid crc value [ 101.016729][ T4899] BTRFS info (device loop0): metadata ratio 64 [ 101.035656][ T4899] BTRFS info (device loop0): using free space tree [ 101.044233][ T4907] F2FS-fs (loop2): Found nat_bits in checkpoint [ 101.062275][ T4899] BTRFS info (device loop0): has skinny extents [ 101.151284][ T3678] attempt to access beyond end of device [ 101.151284][ T3678] loop3: rw=1, want=268435470, limit=64 [ 101.177750][ T3678] Buffer I/O error on dev loop3, logical block 134217734, lost async page write [ 101.188203][ T4907] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 101.204095][ T4907] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 101.252947][ T4899] BTRFS info (device loop0): enabling ssd optimizations [ 101.384978][ T4942] loop3: detected capacity change from 0 to 256 [ 101.459455][ T4946] netlink: 8 bytes leftover after parsing attributes in process `syz.4.471'. [ 101.611521][ T4942] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000006) [ 101.691201][ T4942] FAT-fs (loop3): Filesystem has been set read-only [ 101.897919][ T4956] loop4: detected capacity change from 0 to 2048 [ 102.055153][ T4956] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 102.079804][ T4956] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 102.161629][ T4956] EXT4-fs (loop4): mounted filesystem without journal. Opts: nomblk_io_submit,acl,nomblk_io_submit,barrier,norecovery,grpquota,usrquota,nouid32,,errors=continue. Quota mode: writeback. [ 102.516773][ T4984] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 102.543924][ T4986] loop1: detected capacity change from 0 to 64 [ 102.734811][ T4447] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 102.847531][ T4990] netlink: 8 bytes leftover after parsing attributes in process `syz.1.488'. [ 102.860583][ T4990] netlink: 4 bytes leftover after parsing attributes in process `syz.1.488'. [ 102.868351][ T4983] loop2: detected capacity change from 0 to 32768 [ 102.944650][ T4983] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop2 scanned by syz.2.485 (4983) [ 102.979552][ T4994] loop1: detected capacity change from 0 to 256 [ 102.997957][ T4983] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 103.007844][ T4983] BTRFS info (device loop2): using free space tree [ 103.015264][ T4983] BTRFS info (device loop2): has skinny extents [ 103.090677][ T4983] BTRFS info (device loop2): enabling ssd optimizations [ 103.093621][ T4994] netlink: 'syz.1.490': attribute type 16 has an invalid length. [ 103.114625][ T4994] netlink: 'syz.1.490': attribute type 3 has an invalid length. [ 103.125352][ T4994] netlink: 29346 bytes leftover after parsing attributes in process `syz.1.490'. [ 103.144971][ T4447] usb 1-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 103.193124][ T4447] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.227987][ T4447] usb 1-1: config 0 descriptor?? [ 103.270852][ T5015] Falling back ldisc for ptm0. [ 103.275279][ T4447] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 103.920304][ T4447] gspca_cpia1: usb_control_msg 01, error -71 [ 103.927432][ T4447] cpia1 1-1:0.0: only firmware version 1 is supported (got: 0) [ 103.970196][ T4447] usb 1-1: USB disconnect, device number 6 [ 104.432406][ T5025] loop1: detected capacity change from 0 to 40427 [ 104.490425][ T5028] loop3: detected capacity change from 0 to 32768 [ 104.603038][ T5025] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 104.620983][ T5025] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 104.668060][ T5049] loop0: detected capacity change from 0 to 512 [ 104.677055][ T5025] F2FS-fs (loop1): invalid crc value [ 104.720779][ T5025] F2FS-fs (loop1): Found nat_bits in checkpoint [ 104.765506][ T5049] EXT4-fs (loop0): Mount option "journal_checksum" incompatible with ext2 [ 104.992518][ T5025] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 105.027612][ T5025] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 105.138770][ T26] audit: type=1804 audit(1729105575.078:11): pid=5025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.496" name="/newroot/94/bus/file0" dev="loop1" ino=10 res=1 errno=0 [ 105.316746][ T5078] loop3: detected capacity change from 0 to 1024 [ 105.339502][ T5078] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled [ 105.424974][ T5078] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,journal_ioprio=0x0000000000000001,resuid=0x0000000000000000,i_version,data=ordered,jqfmt=vfsold,barrier=0x0000000000000006,barrier=0x0000000000000007,,errors=continue. Quota mode: writeback. [ 105.961437][ T5097] loop2: detected capacity change from 0 to 64 [ 105.993559][ T5099] loop3: detected capacity change from 0 to 128 [ 106.002183][ T5070] loop0: detected capacity change from 0 to 32768 [ 106.172019][ T5070] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode. [ 106.244366][ T5106] loop1: detected capacity change from 0 to 1024 [ 106.420228][ T3575] ocfs2: Unmounting device (7,0) on (node local) [ 106.494615][ T4806] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 2: invalid block bitmap [ 106.686836][ T5117] program syz.3.537 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 106.760356][ T5118] sp0: Synchronizing with TNC [ 107.387721][ T5153] program syz.0.550 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 107.401500][ T5108] loop2: detected capacity change from 0 to 40427 [ 107.505909][ T5108] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 107.513691][ T5108] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 107.572271][ T5108] F2FS-fs (loop2): invalid crc value [ 107.653393][ T5108] F2FS-fs (loop2): Found nat_bits in checkpoint [ 107.816721][ T5175] loop0: detected capacity change from 0 to 128 [ 107.851095][ T5108] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 107.858859][ T5108] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 107.953820][ T26] audit: type=1804 audit(1729105577.888:12): pid=5108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.530" name="/newroot/130/bus/file0" dev="loop2" ino=10 res=1 errno=0 [ 108.088308][ T5189] loop1: detected capacity change from 0 to 256 [ 108.293000][ T5197] sp0: Synchronizing with TNC [ 108.316990][ T5198] loop3: detected capacity change from 0 to 1024 [ 108.377347][ T5198] EXT4-fs (loop3): Ignoring removed oldalloc option [ 108.465822][ T5198] EXT4-fs (loop3): mounted filesystem without journal. Opts: stripe=0x0000000000000003,noauto_da_alloc,jqfmt=vfsold,data_err=ignore,noauto_da_alloc,delalloc,resuid=0x0000000000000000,oldalloc,jqfmt=vfsv1,,errors=continue. Quota mode: none. [ 108.721023][ T26] audit: type=1800 audit(1729105578.658:13): pid=5198 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.570" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 108.952222][ T5219] loop1: detected capacity change from 0 to 8192 [ 108.989572][ T5224] netlink: 'syz.4.579': attribute type 1 has an invalid length. [ 109.013282][ T5223] loop0: detected capacity change from 0 to 1024 [ 109.054179][ T5219] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 109.085725][ T5219] REISERFS (device loop1): using ordered data mode [ 109.092378][ T5219] reiserfs: using flush barriers [ 109.162147][ T5219] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 109.232018][ T5219] REISERFS (device loop1): checking transaction log (loop1) [ 109.269112][ T5219] REISERFS (device loop1): Using r5 hash to sort names [ 109.293813][ T5219] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 109.340875][ T3614] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 109.379613][ T5219] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 109.517177][ T5244] netlink: 16 bytes leftover after parsing attributes in process `syz.3.589'. [ 109.615115][ T3614] usb 3-1: Using ep0 maxpacket: 32 [ 109.798427][ T3614] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 109.814531][ T3614] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.850732][ T3614] usb 3-1: config 0 descriptor?? [ 109.919537][ T3614] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 110.131668][ T5272] loop3: detected capacity change from 0 to 2048 [ 110.237657][ T5272] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 110.582430][ T5306] loop0: detected capacity change from 0 to 512 [ 110.686692][ T26] audit: type=1326 audit(1729105580.628:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5313 comm="syz.4.622" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9e19491ff9 code=0x0 [ 110.744576][ T5306] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 110.762372][ T5306] UDF-fs: Scanning with blocksize 512 failed [ 110.774810][ T3614] gspca_nw80x: reg_r err -71 [ 110.779444][ T5306] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 110.779465][ T5306] UDF-fs: Scanning with blocksize 1024 failed [ 110.780013][ T5306] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 110.794586][ T3614] nw80x: probe of 3-1:0.0 failed with error -71 [ 110.826453][ T3614] usb 3-1: USB disconnect, device number 4 [ 110.838112][ T5306] UDF-fs: Scanning with blocksize 2048 failed [ 110.859402][ T5306] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 110.908985][ T5306] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 110.924746][ T4875] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 111.200730][ T5328] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 111.210791][ T5328] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 111.219595][ T5328] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 111.228367][ T5328] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 111.248554][ T5328] Zero length message leads to an empty skb [ 111.316784][ T4875] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 111.342786][ T4875] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 111.367138][ T4875] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 111.383044][ T4875] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 111.424445][ T4875] usb 4-1: config 0 descriptor?? [ 111.594048][ T26] audit: type=1326 audit(1729105581.528:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5342 comm="syz.1.643" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f65e8366ff9 code=0x0 [ 111.679893][ T4875] usb 4-1: USB disconnect, device number 5 [ 111.702576][ T5348] netlink: 4 bytes leftover after parsing attributes in process `syz.4.635'. [ 112.212739][ T5375] loop2: detected capacity change from 0 to 128 [ 112.260954][ T5379] netlink: 4 bytes leftover after parsing attributes in process `syz.3.648'. [ 112.354711][ T4447] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 112.572321][ T5392] loop2: detected capacity change from 0 to 128 [ 112.632361][ T5392] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 112.688334][ T5392] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 112.780463][ T5404] loop3: detected capacity change from 0 to 512 [ 112.800767][ T4447] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 112.825668][ T4447] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 112.851558][ T5407] netlink: 4 bytes leftover after parsing attributes in process `syz.1.662'. [ 112.861673][ T4447] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 112.890220][ T4447] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.945144][ T5368] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 113.090780][ T5411] loop1: detected capacity change from 0 to 2048 [ 113.152286][ T5413] loop2: detected capacity change from 0 to 128 [ 113.235886][ T5413] VFS: Found a Xenix FS (block size = 512) on device loop2 [ 113.266919][ T4453] usb 1-1: USB disconnect, device number 7 [ 113.288399][ T5411] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 113.300335][ T5421] loop3: detected capacity change from 0 to 16 [ 113.435492][ T5421] erofs: (device loop3): mounted with root inode @ nid 36. [ 113.460056][ T5425] UBIFS error (pid: 5425): cannot open "./file0", error -22 [ 113.545303][ T3568] sysv_free_block: trying to free block not in datazone [ 113.612360][ T3568] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 113.923234][ T5440] loop2: detected capacity change from 0 to 128 [ 114.041160][ T5440] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 114.106162][ T5440] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 114.134579][ T4453] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 114.187492][ T5447] loop1: detected capacity change from 0 to 512 [ 114.267174][ T5447] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.679: inode #1: comm syz.1.679: iget: illegal inode # [ 114.313395][ T5447] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.679: error while reading EA inode 1 err=-117 [ 114.339275][ T5447] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.679: inode #1: comm syz.1.679: iget: illegal inode # [ 114.358630][ T3614] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 114.381231][ T5447] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.679: error while reading EA inode 1 err=-117 [ 114.415739][ T5447] EXT4-fs (loop1): 1 orphan inode deleted [ 114.433914][ T5447] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback. [ 114.584841][ T4453] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 114.610301][ T4453] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 114.647534][ T4453] usb 5-1: New USB device found, idVendor=056a, idProduct=00b2, bcdDevice= 0.00 [ 114.659934][ T4453] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.683345][ T4453] usb 5-1: config 0 descriptor?? [ 114.755069][ T3614] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 114.772837][ T3614] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 114.824972][ T3614] usb 1-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00 [ 114.834089][ T3614] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.862895][ T5463] input: syz0 as /devices/virtual/input/input12 [ 114.899685][ T3614] usb 1-1: config 0 descriptor?? [ 114.928421][ T5466] loop1: detected capacity change from 0 to 1764 [ 114.973991][ T5467] loop3: detected capacity change from 0 to 4096 [ 115.054220][ T5467] NILFS (loop3): invalid segment: Checksum error in segment payload [ 115.094697][ T5467] NILFS (loop3): trying rollback from an earlier position [ 115.151131][ T5467] NILFS (loop3): recovery complete [ 115.166290][ T4453] wacom 0003:056A:00B2.0006: unknown main item tag 0x0 [ 115.173225][ T4453] wacom 0003:056A:00B2.0006: unknown main item tag 0x0 [ 115.206867][ T4453] wacom 0003:056A:00B2.0006: unknown main item tag 0x0 [ 115.212996][ T5470] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 115.219591][ T4453] wacom 0003:056A:00B2.0006: unknown main item tag 0x0 [ 115.238732][ T4453] wacom 0003:056A:00B2.0006: unknown main item tag 0x0 [ 115.283025][ T4453] wacom 0003:056A:00B2.0006: Unknown device_type for 'HID 056a:00b2'. Assuming pen. [ 115.351861][ T4453] wacom 0003:056A:00B2.0006: hidraw0: USB HID v0.00 Device [HID 056a:00b2] on usb-dummy_hcd.4-1/input0 [ 115.373928][ T5472] loop1: detected capacity change from 0 to 4096 [ 115.399794][ T3614] hid-multitouch 0003:0EEF:72D0.0007: hidraw1: USB HID v0.00 Device [HID 0eef:72d0] on usb-dummy_hcd.0-1/input0 [ 115.419872][ T4453] input: Wacom Intuos3 9x12 Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:056A:00B2.0006/input/input13 [ 115.484083][ T5472] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 115.513010][ T4453] usb 5-1: USB disconnect, device number 5 [ 115.549504][ T5472] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 115.668925][ T4269] usb 1-1: USB disconnect, device number 8 [ 115.842757][ T144] ntfs3: loop1: ntfs3_write_inode r=5 failed, -22. [ 115.853178][ T3569] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22. [ 116.009270][ T5484] netlink: 8 bytes leftover after parsing attributes in process `syz.3.694'. [ 116.342263][ T5504] netlink: 8 bytes leftover after parsing attributes in process `syz.2.711'. [ 116.652484][ T5513] loop3: detected capacity change from 0 to 1024 [ 116.747120][ T5513] EXT4-fs (loop3): error: journal path ./file1 is not a block device [ 117.529161][ T5534] loop2: detected capacity change from 0 to 4096 [ 117.634873][ T5534] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512) [ 117.674674][ T4875] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 117.741092][ T5511] loop0: detected capacity change from 0 to 40427 [ 117.771376][ T5534] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 117.920619][ T5511] F2FS-fs (loop0): Found nat_bits in checkpoint [ 117.933043][ T5528] loop3: detected capacity change from 0 to 32768 [ 117.939751][ T4875] usb 5-1: Using ep0 maxpacket: 32 [ 117.992838][ T154] ntfs3: loop2: ntfs3_write_inode r=5 failed, -22. [ 118.020956][ T3568] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22. [ 118.033531][ T5511] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 118.064931][ T4875] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 44376, setting to 1024 [ 118.120718][ T4875] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 118.204854][ T3575] attempt to access beyond end of device [ 118.204854][ T3575] loop0: rw=2049, want=45104, limit=40427 [ 118.345155][ T4875] usb 5-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 118.361185][ T5562] loop3: detected capacity change from 0 to 2048 [ 118.364596][ T4875] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.403440][ T4875] usb 5-1: Product: syz [ 118.417093][ T4875] usb 5-1: Manufacturer: syz [ 118.449976][ T4875] usb 5-1: SerialNumber: syz [ 118.469205][ T4875] usb 5-1: config 0 descriptor?? [ 118.485883][ T5540] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 118.532912][ T4875] usb 5-1: invalid MIDI out EP 0 [ 118.535518][ T5562] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 118.612368][ T5570] loop2: detected capacity change from 0 to 16 [ 118.682440][ T5562] EXT4-fs (loop3): shut down requested (2) [ 118.686281][ T4875] snd-usb-audio: probe of 5-1:0.0 failed with error -22 [ 118.742416][ T3562] udevd[3562]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 118.822517][ T4273] usb 5-1: USB disconnect, device number 6 [ 118.831026][ T5570] erofs: (device loop2): mounted with root inode @ nid 36. [ 119.083662][ T5574] tipc: Started in network mode [ 119.116005][ T5574] tipc: Node identity 7f000001, cluster identity 4711 [ 119.146275][ T5574] tipc: Enabled bearer , priority 10 [ 119.429247][ T5587] loop2: detected capacity change from 0 to 512 [ 119.438827][ T5565] loop1: detected capacity change from 0 to 32768 [ 119.543842][ T5589] loop3: detected capacity change from 0 to 4096 [ 119.557762][ T5587] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.736: casefold flag without casefold feature [ 119.582128][ T5587] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.736: couldn't read orphan inode 15 (err -117) [ 119.605214][ T5589] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512) [ 119.654012][ T5589] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 119.683218][ T5587] EXT4-fs (loop2): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000002,,errors=continue. Quota mode: none. [ 119.698119][ T5587] ext4 filesystem being mounted at /157/bus supports timestamps until 2038 (0x7fffffff) [ 119.730119][ T5587] EXT4-fs error (device loop2): ext4_empty_dir:3137: inode #12: comm syz.2.736: Directory hole found for htree leaf block 0 [ 120.003370][ T1452] ntfs3: loop3: ntfs3_write_inode r=5 failed, -22. [ 120.050741][ T5612] tipc: Started in network mode [ 120.057210][ T5612] tipc: Node identity 7f000001, cluster identity 4711 [ 120.064813][ T3576] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22. [ 120.082085][ T5612] tipc: Enabled bearer , priority 10 [ 120.267958][ T4875] tipc: Node number set to 2130706433 [ 120.423581][ T5630] loop2: detected capacity change from 0 to 512 [ 120.532270][ T5630] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 120.587678][ T5630] EXT4-fs (loop2): 1 truncate cleaned up [ 120.649652][ T5630] EXT4-fs (loop2): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,nombcache,inode_readahead_blks=0x0000000000000002,stripe=0x0000000002004000,max_batch_time=0x0000000000000002,max_batch_time=0x0000000000000004,,errors=continue. Quota mode: none. [ 120.676502][ C0] vkms_vblank_simulate: vblank timer overrun [ 120.971067][ T5657] tipc: Started in network mode [ 120.993337][ T5657] tipc: Node identity 7f000001, cluster identity 4711 [ 121.016329][ T5657] tipc: Enabled bearer , priority 10 [ 121.028066][ T5662] loop1: detected capacity change from 0 to 512 [ 121.084211][ T5662] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 121.098922][ T3614] tipc: Node number set to 2130706433 [ 121.179083][ T5662] EXT4-fs (loop1): 1 truncate cleaned up [ 121.220296][ T5662] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,nombcache,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,sysvgroups,,errors=continue. Quota mode: none. [ 121.239456][ C0] vkms_vblank_simulate: vblank timer overrun [ 121.495702][ T5663] loop3: detected capacity change from 0 to 40427 [ 121.549132][ T5663] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 121.560810][ T5663] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 121.576358][ T5663] F2FS-fs (loop3): invalid crc value [ 121.591932][ T5663] F2FS-fs (loop3): Found nat_bits in checkpoint [ 121.631911][ T5663] F2FS-fs (loop3): Start checkpoint disabled! [ 121.650544][ T5663] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 121.659092][ T5663] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 121.679695][ T26] audit: type=1804 audit(1729105591.618:16): pid=5663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.768" name="/newroot/154/file2/file0" dev="loop3" ino=10 res=1 errno=0 [ 121.746607][ T5676] loop0: detected capacity change from 0 to 24 [ 121.766441][ T5678] loop2: detected capacity change from 0 to 512 [ 121.814095][ T154] attempt to access beyond end of device [ 121.814095][ T154] loop3: rw=2049, want=40992, limit=40427 [ 121.862137][ T5678] EXT4-fs (loop2): 1 truncate cleaned up [ 121.895124][ T5678] EXT4-fs (loop2): mounted filesystem without journal. Opts: prjquota,grpquota,noquota,noauto_da_alloc,nolazytime,errors=continue,barrier=0x0000000000006e96,,errors=continue. Quota mode: none. [ 122.107837][ T5689] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 122.142586][ T1078] tipc: Node number set to 2130706433 [ 122.655562][ T5685] loop1: detected capacity change from 0 to 32768 [ 122.809433][ T4453] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 123.084805][ T4453] usb 3-1: Using ep0 maxpacket: 8 [ 123.224971][ T4453] usb 3-1: config 254 has an invalid interface number: 18 but max is 0 [ 123.244695][ T4453] usb 3-1: config 254 has no interface number 0 [ 123.373689][ T5707] loop0: detected capacity change from 0 to 40427 [ 123.411380][ T5737] netlink: 60 bytes leftover after parsing attributes in process `syz.3.800'. [ 123.449000][ T5707] F2FS-fs (loop0): invalid crc value [ 123.474897][ T4453] usb 3-1: New USB device found, idVendor=0b48, idProduct=3006, bcdDevice=1f.7e [ 123.483998][ T4453] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 123.508028][ T5707] F2FS-fs (loop0): Found nat_bits in checkpoint [ 123.514580][ T4273] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 123.535519][ T4453] usb 3-1: Product: syz [ 123.540042][ T4453] usb 3-1: Manufacturer: syz [ 123.566692][ T4453] usb 3-1: SerialNumber: syz [ 123.627099][ T4453] dvb-usb: found a 'Technotrend TT-connect S-2400' in warm state. [ 123.638993][ T5746] loop3: detected capacity change from 0 to 256 [ 123.657821][ T4453] dvb-usb: bulk message failed: -22 (4/0) [ 123.664785][ T4453] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 123.688639][ T4453] dvb-usb: bulk message failed: -22 (5/0) [ 123.699282][ T4453] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 123.719297][ T4453] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 123.740002][ T5707] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 123.752381][ T5746] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 123.755824][ T4273] usb 5-1: Using ep0 maxpacket: 16 [ 123.768243][ T4453] dvbdev: DVB: registering new adapter (Technotrend TT-connect S-2400) [ 123.791970][ T4453] usb 3-1: media controller created [ 123.853075][ T4453] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 123.880550][ T4453] ttusb2: set interface to alts=3 failed [ 123.889649][ T3575] attempt to access beyond end of device [ 123.889649][ T3575] loop0: rw=2049, want=45104, limit=40427 [ 123.905123][ T4273] usb 5-1: config 0 has an invalid interface number: 150 but max is 0 [ 123.915550][ T4453] DVB: Unable to find symbol tda10086_attach() [ 123.921480][ T4273] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 123.933132][ T4273] usb 5-1: config 0 has no interface number 0 [ 123.944719][ T4453] dvb-usb: no frontend was attached by 'Technotrend TT-connect S-2400' [ 123.970050][ T4273] usb 5-1: config 0 interface 150 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 124.015071][ T4273] usb 5-1: New USB device found, idVendor=04cb, idProduct=011d, bcdDevice= 2.e1 [ 124.015238][ T4453] dvb-usb: bulk message failed: -22 (4/0) [ 124.043200][ T4273] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.044603][ T4453] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 124.094929][ T4453] dvb-usb: bulk message failed: -22 (5/0) [ 124.098318][ T4273] usb 5-1: config 0 descriptor?? [ 124.111025][ T4453] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 124.134863][ T4453] dvb-usb: Technotrend TT-connect S-2400 successfully initialized and connected. [ 124.167939][ T4453] usb 3-1: USB disconnect, device number 5 [ 124.231049][ T4453] dvb-usb: Technotrend TT-connect S-2400 successfully deinitialized and disconnected. [ 124.394708][ T4273] usb 5-1: string descriptor 0 read error: -71 [ 124.406651][ T4273] gspca_main: finepix-2.14.0 probing 04cb:011d [ 124.461681][ T4273] usb 5-1: USB disconnect, device number 7 [ 124.689111][ T5748] loop1: detected capacity change from 0 to 32768 [ 124.737656][ T5767] loop2: detected capacity change from 0 to 4096 [ 124.779330][ T5767] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512) [ 124.846793][ T5748] ialloc: diAlloc returned -5! [ 124.857029][ T5767] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 124.902597][ T5767] ntfs3: loop2: Failed to load $Extend. [ 125.322157][ T5792] netlink: 4 bytes leftover after parsing attributes in process `syz.2.825'. [ 125.374668][ T4273] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 125.405557][ T5796] netlink: 8 bytes leftover after parsing attributes in process `syz.2.827'. [ 125.640301][ T1078] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 125.734817][ T4273] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 125.758186][ T3647] kernel write not supported for file /amidi2 (pid: 3647 comm: kworker/1:8) [ 125.774849][ T4273] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 125.794920][ T4273] usb 5-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 125.807960][ T5817] loop3: detected capacity change from 0 to 4096 [ 125.814782][ T4273] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.826450][ T4273] usb 5-1: config 0 descriptor?? [ 125.864242][ T5817] ntfs: (device loop3): check_mft_mirror(): Incomplete multi sector transfer detected in mft mirror record 3. [ 125.894694][ T1078] usb 1-1: Using ep0 maxpacket: 8 [ 125.905156][ T5817] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 125.970977][ T5817] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing. [ 126.011645][ T5817] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x4 as bad. Run chkdsk. [ 126.014864][ T1078] usb 1-1: config 0 has no interfaces? [ 126.043097][ T5817] ntfs: (device loop3): load_and_init_attrdef(): Failed to initialize attribute definition table. [ 126.073751][ T5817] ntfs: (device loop3): ntfs_fill_super(): Failed to load system files. [ 126.130820][ T5809] loop2: detected capacity change from 0 to 32768 [ 126.205032][ T1078] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 126.220422][ T5809] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.830 (5809) [ 126.253325][ T1078] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 126.273791][ T1078] usb 1-1: Product: syz [ 126.286117][ T5782] udc-core: couldn't find an available UDC or it's busy [ 126.293105][ T5782] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 126.307497][ T1078] usb 1-1: Manufacturer: syz [ 126.312276][ T1078] usb 1-1: SerialNumber: syz [ 126.341689][ T4273] sony 0003:054C:024B.0008: unknown main item tag 0x0 [ 126.351578][ T1078] usb 1-1: config 0 descriptor?? [ 126.365158][ T4273] sony 0003:054C:024B.0008: unknown main item tag 0x0 [ 126.373299][ T4273] sony 0003:054C:024B.0008: unknown main item tag 0x0 [ 126.380746][ T4273] sony 0003:054C:024B.0008: unknown main item tag 0x0 [ 126.388759][ T4273] sony 0003:054C:024B.0008: unknown main item tag 0x0 [ 126.410837][ T4273] sony 0003:054C:024B.0008: unknown main item tag 0x0 [ 126.430366][ T4273] sony 0003:054C:024B.0008: unknown main item tag 0x0 [ 126.437550][ T4273] sony 0003:054C:024B.0008: unknown main item tag 0x0 [ 126.445111][ T4273] sony 0003:054C:024B.0008: unknown main item tag 0x0 [ 126.452167][ T4273] sony 0003:054C:024B.0008: unexpected long global item [ 126.460407][ T4273] sony 0003:054C:024B.0008: parse failed [ 126.466711][ T4273] sony: probe of 0003:054C:024B.0008 failed with error -22 [ 126.482035][ T5809] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 126.501762][ T5809] BTRFS info (device loop2): using free space tree [ 126.511862][ T5809] BTRFS info (device loop2): has skinny extents [ 126.555788][ T4273] usb 5-1: USB disconnect, device number 8 [ 126.613080][ T1078] usb 1-1: USB disconnect, device number 9 [ 126.785198][ T5809] BTRFS info (device loop2): enabling ssd optimizations [ 126.982668][ T5859] netlink: 12 bytes leftover after parsing attributes in process `syz.1.844'. [ 127.633907][ T5875] loop2: detected capacity change from 0 to 1764 [ 127.861603][ T3614] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 128.291283][ T3614] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 128.325857][ T3614] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 128.364677][ T3614] usb 5-1: New USB device found, idVendor=056e, idProduct=011c, bcdDevice= 0.00 [ 128.394379][ T3614] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.434906][ T5866] loop0: detected capacity change from 0 to 40427 [ 128.435245][ T3614] usb 5-1: config 0 descriptor?? [ 128.511422][ T5866] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 128.524644][ T5866] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 128.556858][ T5866] F2FS-fs (loop0): invalid crc value [ 128.612216][ T5866] F2FS-fs (loop0): Found nat_bits in checkpoint [ 128.686445][ T5855] loop3: detected capacity change from 0 to 65536 [ 128.723984][ T5876] loop1: detected capacity change from 0 to 32768 [ 128.787208][ T5876] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.851 (5876) [ 128.823490][ T5876] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 128.832748][ T5876] BTRFS info (device loop1): setting nodatasum [ 128.839268][ T5876] BTRFS info (device loop1): force zlib compression, level 3 [ 128.847495][ T5876] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8) [ 128.858044][ T5876] BTRFS info (device loop1): use lzo compression, level 0 [ 128.869924][ T5876] BTRFS info (device loop1): turning on flush-on-commit [ 128.880630][ T5866] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 128.884077][ T5876] BTRFS info (device loop1): enabling auto defrag [ 128.894621][ T5876] BTRFS info (device loop1): using free space tree [ 128.900104][ T5855] XFS (loop3): Mounting V5 Filesystem [ 128.901379][ T5876] BTRFS info (device loop1): has skinny extents [ 128.914855][ T5866] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 128.936751][ T3614] elecom 0003:056E:011C.0009: unknown main item tag 0x0 [ 128.966945][ T3614] elecom 0003:056E:011C.0009: unknown main item tag 0xe [ 128.974954][ T3610] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 129.031890][ T3614] elecom 0003:056E:011C.0009: unknown main item tag 0x5 [ 129.042666][ T3614] elecom 0003:056E:011C.0009: unknown main item tag 0x4 [ 129.054543][ T3614] elecom 0003:056E:011C.0009: ignoring exceeding usage max [ 129.089854][ T3614] elecom 0003:056E:011C.0009: usage index exceeded [ 129.097974][ T3614] elecom 0003:056E:011C.0009: item 0 0 2 0 parsing failed [ 129.105640][ T9] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 129.124413][ T9] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 129.140142][ T3614] elecom: probe of 0003:056E:011C.0009 failed with error -22 [ 129.167060][ T3614] usb 5-1: USB disconnect, device number 9 [ 129.213679][ T5855] XFS (loop3): Ending clean mount [ 129.215145][ T5876] BTRFS info (device loop1): enabling ssd optimizations [ 129.221137][ T5855] XFS (loop3): Quotacheck needed: Please wait. [ 129.338180][ T5855] XFS (loop3): Quotacheck: Done. [ 129.395075][ T3610] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 129.427406][ T3610] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 129.475850][ T3610] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 129.714953][ T3610] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 129.738362][ T3610] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 129.774558][ T3610] usb 3-1: Product: syz [ 129.784998][ T3610] usb 3-1: Manufacturer: syz [ 129.799968][ T3610] usb 3-1: SerialNumber: syz [ 129.987463][ T5961] tap0: tun_chr_ioctl cmd 1074812118 [ 130.064828][ T3576] XFS (loop3): Unmounting Filesystem [ 130.081809][ T3610] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 130.364009][ T4273] usb 3-1: USB disconnect, device number 6 [ 130.399747][ T4273] usblp0: removed [ 130.536541][ T1078] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 130.650996][ T5959] loop0: detected capacity change from 0 to 32768 [ 130.724868][ T4875] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 130.771496][ T5959] XFS (loop0): Mounting V5 Filesystem [ 130.775045][ T1078] usb 2-1: Using ep0 maxpacket: 32 [ 130.895346][ T1078] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 130.946408][ T6004] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 130.952171][ T1078] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 130.976086][ T4875] usb 5-1: Using ep0 maxpacket: 8 [ 131.003685][ T1078] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 131.025600][ T1078] usb 2-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 131.035487][ T5959] XFS (loop0): Ending clean mount [ 131.039977][ T1078] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.067964][ T1078] usb 2-1: config 0 descriptor?? [ 131.073624][ T5959] XFS (loop0): Quotacheck needed: Please wait. [ 131.117471][ T4875] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 131.133524][ T4875] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 131.153697][ T4875] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 131.163655][ T5959] XFS (loop0): Quotacheck: Done. [ 131.244744][ T3610] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 131.263825][ T3575] XFS (loop0): Unmounting Filesystem [ 131.318772][ T4875] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 131.332285][ T4875] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 131.354614][ T4875] usb 5-1: Product: syz [ 131.358841][ T4875] usb 5-1: Manufacturer: syz [ 131.363464][ T4875] usb 5-1: SerialNumber: syz [ 131.550570][ T1078] usbhid 2-1:0.0: can't add hid device: -71 [ 131.557080][ T1078] usbhid: probe of 2-1:0.0 failed with error -71 [ 131.597803][ T1078] usb 2-1: USB disconnect, device number 6 [ 131.630260][ T3610] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 131.652174][ T3610] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 131.675799][ T3610] usb 3-1: New USB device found, idVendor=056a, idProduct=012c, bcdDevice= 0.00 [ 131.703737][ T3610] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.729921][ T3610] usb 3-1: config 0 descriptor?? [ 132.050408][ T6031] loop3: detected capacity change from 0 to 32768 [ 132.075104][ T6050] syz.1.869 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 132.086124][ T4875] usb 5-1: 0:2 : does not exist [ 132.195926][ T6031] XFS (loop3): Mounting V5 Filesystem [ 132.236447][ T3610] wacom 0003:056A:012C.000A: hidraw0: USB HID v0.00 Device [HID 056a:012c] on usb-dummy_hcd.2-1/input0 [ 132.323797][ T1078] usb 5-1: USB disconnect, device number 10 [ 132.399562][ T6031] XFS (loop3): Ending clean mount [ 132.438748][ T3610] usb 3-1: USB disconnect, device number 7 [ 132.604896][ T3576] XFS (loop3): Unmounting Filesystem [ 132.652767][ T1389] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.664416][ T1389] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.212269][ T6076] loop1: detected capacity change from 0 to 4096 [ 133.278451][ T6076] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 133.304922][ T6087] tipc: Enabling of bearer rejected, failed to enable media [ 133.326259][ T6090] loop0: detected capacity change from 0 to 1024 [ 133.398175][ T6090] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 133.473862][ T6076] ntfs: (device loop1): parse_options(): NLS character set macgre˙ not found. Using previous one utf8. [ 133.507121][ T6076] ntfs: (device loop1): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 133.547000][ T6076] ntfs: (device loop1): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 133.633458][ T6076] ntfs: volume version 3.1. [ 133.949406][ T6118] program syz.4.893 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 133.978509][ T6122] netlink: 8 bytes leftover after parsing attributes in process `syz.1.892'. [ 134.004595][ T5872] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 134.038577][ T6122] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 134.067955][ T6124] netlink: 4 bytes leftover after parsing attributes in process `syz.3.895'. [ 134.265023][ T5872] usb 3-1: Using ep0 maxpacket: 8 [ 134.424981][ T5872] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 134.461605][ T5872] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 134.484689][ T5872] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.500012][ T5872] usb 3-1: config 0 descriptor?? [ 134.504983][ T1078] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 134.656352][ T6158] netlink: 12 bytes leftover after parsing attributes in process `syz.4.911'. [ 134.744841][ T1078] usb 1-1: Using ep0 maxpacket: 8 [ 134.817050][ T5872] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 134.865313][ T1078] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 134.888606][ T1078] usb 1-1: config 0 has no interface number 0 [ 134.911340][ T1078] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 134.936573][ T1078] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 134.963243][ T1078] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.998327][ T1078] usb 1-1: config 0 descriptor?? [ 135.035905][ T5872] usb 3-1: USB disconnect, device number 8 [ 135.066208][ T1078] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior1 [ 135.066783][ T5872] iowarrior 3-1:0.0: I/O-Warror #0 now disconnected [ 135.251233][ T1078] usb 1-1: USB disconnect, device number 10 [ 135.271168][ T1078] iowarrior 1-1:0.1: I/O-Warror #1 now disconnected [ 135.382955][ T3678] ------------[ cut here ]------------ [ 135.383839][ T154] ------------[ cut here ]------------ [ 135.403201][ T154] WARNING: CPU: 0 PID: 154 at net/wireless/core.h:235 cfg80211_ch_switch_notify+0x2b5/0x470 [ 135.404670][ T3678] WARNING: CPU: 1 PID: 3678 at net/wireless/core.h:235 cfg80211_ch_switch_notify+0x2b5/0x470 [ 135.415534][ T154] Modules linked in: [ 135.444585][ T154] CPU: 0 PID: 154 Comm: kworker/u4:2 Not tainted 5.15.167-syzkaller #0 [ 135.462064][ T154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 135.488482][ T3678] Modules linked in: [ 135.503734][ T154] Workqueue: phy5 ieee80211_csa_finalize_work [ 135.510892][ T3678] CPU: 0 PID: 3678 Comm: kworker/u4:7 Not tainted 5.15.167-syzkaller #0 [ 135.520294][ T154] RIP: 0010:cfg80211_ch_switch_notify+0x2b5/0x470 [ 135.527998][ T3678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 135.538760][ T154] Code: 08 5b 41 5c 41 5d 41 5e 41 5f 5d e9 d5 01 00 00 e8 d0 91 d7 f7 0f 0b e9 9e fe ff ff e8 c4 91 d7 f7 0f 0b eb b1 e8 bb 91 d7 f7 <0f> 0b e9 fc fd ff ff e8 af 91 d7 f7 0f 0b e9 db fe ff ff e8 a3 91 [ 135.595588][ T3678] Workqueue: phy6 ieee80211_csa_finalize_work [ 135.601785][ T3678] RIP: 0010:cfg80211_ch_switch_notify+0x2b5/0x470 [ 135.634855][ T3678] Code: 08 5b 41 5c 41 5d 41 5e 41 5f 5d e9 d5 01 00 00 e8 d0 91 d7 f7 0f 0b e9 9e fe ff ff e8 c4 91 d7 f7 0f 0b eb b1 e8 bb 91 d7 f7 <0f> 0b e9 fc fd ff ff e8 af 91 d7 f7 0f 0b e9 db fe ff ff e8 a3 91 [ 135.661297][ T154] RSP: 0018:ffffc90002077be8 EFLAGS: 00010293 [ 135.670299][ T154] RAX: ffffffff89a8c8b5 RBX: ffff888061bd4c90 RCX: ffff88801d940000 [ 135.683066][ T154] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 135.693370][ T154] RBP: 0000000000000000 R08: ffffffff89a8c6ab R09: fffffbfff1bd2c16 [ 135.703900][ T3678] RSP: 0018:ffffc900031b7be8 EFLAGS: 00010293 [ 135.708962][ T154] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88807c0a85c0 [ 135.711080][ T3678] RAX: ffffffff89a8c8b5 RBX: ffff888022be8c90 RCX: ffff88807a210000 [ 135.718824][ T154] R13: dffffc0000000000 R14: ffff888061bd4cd8 R15: ffff888061bd56c0 [ 135.718851][ T154] FS: 0000000000000000(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000 [ 135.718874][ T154] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.718892][ T154] CR2: 00007f9e1961e338 CR3: 00000000721e3000 CR4: 00000000003506e0 [ 135.718913][ T154] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 135.718928][ T154] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 135.718944][ T154] Call Trace: [ 135.718954][ T154] [ 135.718967][ T154] ? __warn+0x15b/0x300 [ 135.719001][ T154] ? cfg80211_ch_switch_notify+0x2b5/0x470 [ 135.719026][ T154] ? report_bug+0x1b7/0x2e0 [ 135.719061][ T154] ? handle_bug+0x3d/0x70 [ 135.719085][ T154] ? exc_invalid_op+0x16/0x40 [ 135.719109][ T154] ? asm_exc_invalid_op+0x16/0x20 [ 135.719151][ T154] ? cfg80211_ch_switch_notify+0xab/0x470 [ 135.719174][ T154] ? cfg80211_ch_switch_notify+0x2b5/0x470 [ 135.719201][ T154] ? cfg80211_ch_switch_notify+0x2b5/0x470 [ 135.719228][ T154] ? cfg80211_ch_switch_notify+0x2b5/0x470 [ 135.719257][ T154] ieee80211_csa_finalize_work+0xf8/0x140 [ 135.719288][ T154] process_one_work+0x8a1/0x10c0 [ 135.719333][ T154] ? worker_detach_from_pool+0x260/0x260 [ 135.747801][ T3678] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 135.760645][ T154] ? _raw_spin_lock_irqsave+0x120/0x120 [ 135.835108][ T3678] RBP: 0000000000000000 R08: ffffffff89a8c6ab R09: fffffbfff1bd2c16 [ 135.857588][ T154] ? kthread_data+0x4e/0xc0 [ 135.877758][ T3678] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88807c3885c0 [ 135.885592][ T154] ? wq_worker_running+0x97/0x170 [ 135.893828][ T154] worker_thread+0xaca/0x1280 [ 135.901833][ T3678] R13: dffffc0000000000 R14: ffff888022be8cd8 R15: ffff888022be96c0 [ 135.905515][ T154] kthread+0x3f6/0x4f0 [ 135.914105][ T154] ? rcu_lock_release+0x20/0x20 [ 135.920564][ T3678] FS: 0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 135.925378][ T154] ? kthread_blkcg+0xd0/0xd0 [ 135.934143][ T154] ret_from_fork+0x1f/0x30 [ 135.940330][ T3678] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.944969][ T154] [ 135.950014][ T154] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 135.955190][ T3678] CR2: 00007ff0f1d3e178 CR3: 00000000721e3000 CR4: 00000000003506f0 [ 135.957388][ T154] CPU: 1 PID: 154 Comm: kworker/u4:2 Not tainted 5.15.167-syzkaller #0 [ 135.957413][ T154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 135.957428][ T154] Workqueue: phy5 ieee80211_csa_finalize_work [ 135.978214][ T3678] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 135.984181][ T154] [ 135.984191][ T154] Call Trace: [ 135.984201][ T154] [ 135.984211][ T154] dump_stack_lvl+0x1e3/0x2d0 [ 135.984242][ T154] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 136.007832][ T3678] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 136.011570][ T154] ? panic+0x860/0x860 [ 136.029527][ T3678] Call Trace: [ 136.029726][ T154] ? cfg80211_ch_switch_notify+0x200/0x470 [ 136.037580][ T3678] [ 136.038991][ T154] ? cfg80211_ch_switch_notify+0x200/0x470 [ 136.039023][ T154] panic+0x318/0x860 [ 136.043482][ T3678] ? __warn+0x15b/0x300 [ 136.048115][ T154] ? __warn+0x16a/0x300 [ 136.048139][ T154] ? fb_is_primary_device+0xd0/0xd0 [ 136.048177][ T154] ? ret_from_fork+0x1f/0x30 [ 136.048204][ T154] ? cfg80211_ch_switch_notify+0x2b5/0x470 [ 136.048228][ T154] __warn+0x2b2/0x300 [ 136.048254][ T154] ? cfg80211_ch_switch_notify+0x2b5/0x470 [ 136.048276][ T154] report_bug+0x1b7/0x2e0 [ 136.048309][ T154] handle_bug+0x3d/0x70 [ 136.048331][ T154] exc_invalid_op+0x16/0x40 [ 136.048350][ T154] asm_exc_invalid_op+0x16/0x20 [ 136.048374][ T154] RIP: 0010:cfg80211_ch_switch_notify+0x2b5/0x470 [ 136.048397][ T154] Code: 08 5b 41 5c 41 5d 41 5e 41 5f 5d e9 d5 01 00 00 e8 d0 91 d7 f7 0f 0b e9 9e fe ff ff e8 c4 91 d7 f7 0f 0b eb b1 e8 bb 91 d7 f7 <0f> 0b e9 fc fd ff ff e8 af 91 d7 f7 0f 0b e9 db fe ff ff e8 a3 91 [ 136.048415][ T154] RSP: 0018:ffffc90002077be8 EFLAGS: 00010293 [ 136.048436][ T154] RAX: ffffffff89a8c8b5 RBX: ffff888061bd4c90 RCX: ffff88801d940000 [ 136.048453][ T154] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 136.048467][ T154] RBP: 0000000000000000 R08: ffffffff89a8c6ab R09: fffffbfff1bd2c16 [ 136.048482][ T154] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88807c0a85c0 [ 136.048497][ T154] R13: dffffc0000000000 R14: ffff888061bd4cd8 R15: ffff888061bd56c0 [ 136.048521][ T154] ? cfg80211_ch_switch_notify+0xab/0x470 [ 136.048542][ T154] ? cfg80211_ch_switch_notify+0x2b5/0x470 [ 136.048571][ T154] ? cfg80211_ch_switch_notify+0x2b5/0x470 [ 136.048599][ T154] ieee80211_csa_finalize_work+0xf8/0x140 [ 136.048628][ T154] process_one_work+0x8a1/0x10c0 [ 136.048671][ T154] ? worker_detach_from_pool+0x260/0x260 [ 136.048700][ T154] ? _raw_spin_lock_irqsave+0x120/0x120 [ 136.048724][ T154] ? kthread_data+0x4e/0xc0 [ 136.048747][ T154] ? wq_worker_running+0x97/0x170 [ 136.048773][ T154] worker_thread+0xaca/0x1280 [ 136.048827][ T154] kthread+0x3f6/0x4f0 [ 136.048848][ T154] ? rcu_lock_release+0x20/0x20 [ 136.064938][ T3678] ? cfg80211_ch_switch_notify+0x2b5/0x470 [ 136.066808][ T154] ? kthread_blkcg+0xd0/0xd0 [ 136.066836][ T154] ret_from_fork+0x1f/0x30 [ 136.066876][ T154] [ 136.074025][ T3678] ? report_bug+0x1b7/0x2e0 [ 136.077627][ T154] Kernel Offset: disabled [ 136.269060][ T154] Rebooting in 86400 seconds..