last executing test programs: 11.28539333s ago: executing program 4 (id=429): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[0x0], &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x1, 0x1}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r2, r1], 0x2}) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f0000000280)={0x0, 0x0, 0x0}) 11.238298521s ago: executing program 4 (id=431): openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8042, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) close(r0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) write$P9_RSTATu(r0, &(0x7f0000000580)=ANY=[], 0x294) 10.781004198s ago: executing program 4 (id=437): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4276ef66ba420266b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000980)=[@text32={0x20, 0x0}], 0x1, 0x51, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000040)={[0x6, 0x7, 0xb, 0xb, 0xb, 0x1, 0x4, 0x7, 0x0, 0x8001, 0xa02, 0x3, 0xfffffffffffffffc, 0x7, 0x5, 0xbd08], 0x6000, 0x10801}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10.438694805s ago: executing program 4 (id=444): syz_open_dev$I2C(0x0, 0x1, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00'}, 0x10) sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000"], 0x1c}}, 0x0) r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_CLEAR_HALT(r0, 0xc0105502, &(0x7f0000000300)={0x1, 0x1}) 10.285503447s ago: executing program 4 (id=447): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$TCFLSH(r2, 0x400455c8, 0x1) close_range(r0, 0xffffffffffffffff, 0x0) 6.641373479s ago: executing program 3 (id=492): syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000) write$char_usb(r0, &(0x7f0000001300)='7', 0x1) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_clone3(0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) 4.329968328s ago: executing program 0 (id=517): sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x9, 0x2}, 0x10}}, 0x0) syz_open_dev$evdev(&(0x7f0000000000), 0x8000000000000000, 0x88400) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0xa, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$KVM_RUN(r2, 0xae80, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000001c0)="5500000018007f5f00fe01b2a4a2", 0xe}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) 4.058383562s ago: executing program 0 (id=520): r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0) r1 = memfd_create(&(0x7f00000000c0)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\x9a{C|S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8exZ', 0x6) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x2000003, 0x97052, r1, 0x0) mbind(&(0x7f0000126000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x2) 3.917235674s ago: executing program 2 (id=521): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newlink={0x40, 0x10, 0x401, 0x0, 0x3, {0x0, 0x0, 0x0, 0x0, 0xc010}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_FD0={0x8, 0x1, @udp=r1}]}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x40}}, 0x0) 3.879087565s ago: executing program 2 (id=522): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000040)={0x44, r0, 0x801, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abee339084eeef16f162471f4"}, @NL80211_KEY_IDX={0x5}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac08}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x40905}, 0x0) 3.806916186s ago: executing program 0 (id=523): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001400e9990000000000000000fc000000000000000000000048000000ac1e000100000000000000000000000000000000000000000a00"], 0xb8}}, 0x4000) 3.749400197s ago: executing program 2 (id=524): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x58, r1, 0x1, 0x0, 0xfffffffe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x3c, 0x33, @deauth={{{0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x6}, @broadcast, @device_a, @initial, {0x6}, @value=@ver_80211n={0x0, 0x6, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1}}, 0x32, @val={0x8c, 0x18, {0x77, "245271fd63c1", @long="778789bfa5ce70db359d885eaa2e95a6"}}}}]}, 0x58}}, 0x8000) 3.645480849s ago: executing program 2 (id=525): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7) syz_kvm_setup_cpu$x86(r2, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f00000006c0)="2ef2dd050080000048b84441000000000000b9130b00000f320f21f8350000ce00010123f836362e6726af4b0f20c1350e000000440f22c0b805000000b9009800000f01d97c0f01c9c947338c01c4c40f79d226660f013b", 0x58}], 0x1, 0x50, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@restrict={0x0, 0x0, 0x0, 0xb, 0x2}]}, {0x0, [0x0]}}, 0x0, 0x27, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) ioctl$KVM_RUN(r2, 0xae80, 0x0) 3.620078769s ago: executing program 0 (id=526): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000040)={0x4, 0x0, 0x8, 0x8, 0x100, &(0x7f0000000740)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f18dafae3530db6dd493f2a3cc88721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef494c89092883b902a41cd75387ef6f7bc7d461d5e665f398ff95596dc94ec97003c7e6f3c82fbd8de6e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1aed6e850ecb3421143c5c4ded0f06affc524dcf3208272619b6a952db5bc96141b26c54d13c7a5416287a3b6f7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8ddbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa0284abe90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df74cc9befbd649f42f3000009000000000058dc6586958a283762386ecf369274e43003a0fdff59ea515eb44504901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc5092548feaef7204a12cece59181fcb5bad8c24bd9f8f78d17ab82831325501e80d899e9252f99d3a266639438ac5252d9bccff4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd333b30d3ce2f50dddeea3447aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b68986af3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9000400002f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d01000100df6f40a80ace2bb8a2aad3b0c66915927db4233181943d88c0c76d5969e2043db5bd77fd60ba0f013139929ccfec965c0c769785a4d23332ba1f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fd81bc31152538db50f47dc38ba908a0d808687e478a609fe0daa02d4e9c618b99266e7f2e98597e2813e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d472dd0e1338688ba782b41bde141f99c4894ded98eff9aa57d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e87dde73929f918b98c4cbfcb11a9013923167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d2195ff9c6320c85bddc42915e4f3a5db642447bc2195a3d64e04c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e0e32b75ce814731c542091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00"}) 3.509320901s ago: executing program 0 (id=527): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) write$char_usb(r1, &(0x7f0000000140)="93", 0x1) 3.391375533s ago: executing program 2 (id=528): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000002c80)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r0, &(0x7f0000002d40)={0x0, 0x0, &(0x7f0000002d00)={&(0x7f0000002cc0)={0x1c, r1, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) 3.291116335s ago: executing program 2 (id=529): r0 = socket$inet6(0xa, 0x3, 0x1) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588) syz_emit_ethernet(0x5e, &(0x7f0000000200)={@random="e33110495bfd", @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x28, 0x3a, 0x1, @dev, @local, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3f}}}}}}}}, 0x0) 2.837423393s ago: executing program 3 (id=530): r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000001c0)={0x9, 0x2, 0x71b, 0xfffffffe}, 0x10) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040)={0x400, 0x3}, 0x8) sendto$inet(r0, &(0x7f0000000080)="ab", 0xffe0, 0x40048c4, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10) 2.732495064s ago: executing program 3 (id=532): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="2c00000011000500000000000000000007000000", @ANYRES32=r2, @ANYBLOB="00000000000000000c001a800800058004000380"], 0x2c}}, 0x200090c8) 2.573315747s ago: executing program 1 (id=533): socket$netlink(0x10, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff08"], 0x6f4}}, 0x0) 2.572970177s ago: executing program 3 (id=534): r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r1, 0x0, 0x0) write$char_usb(r1, 0x0, 0x0) syz_usb_disconnect(r0) 1.550406734s ago: executing program 0 (id=535): syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000000904"], 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0) ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000040)=""/185) 1.296699489s ago: executing program 1 (id=536): r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') r1 = memfd_create(&(0x7f0000000680)='v\xa6\xf5lj6,r\xaf\xe8\x10/\xecg\xed\xe3h\x80\xb8!y6w\xda\xdd\xb9\nR\xe8@\x99\xb9\x8a\x0fZ\t\x90\x8bp\x10\x84\x86t\x8a\xba\xc6\xfb\xd2\f\xef&\xad\xa8M\xe8\b\xb0#\xac)\x81\x1e\x8a\f\x11D\x90\xf5\xbb\x1c\xac\xc7\xad\xdc\\\x11\x95\xf8\xe6\xa7\xc3\xbc\x18+\x92\x92N\a\xa7\x7fN\x9bL\xf8\xebQs\x02\xf9\xadi\x8f\x0f\xff\x02n\x9d\x85\xea\x1a*\x1bC\xd8\x1c\xe8\x9bYSp\xa5\xfd\ny\xdfS\xdbU\xf8l\xb5b\x83\x00\x00\x00\x00\xfc\x83\x18\xe46\x8a\x029\x19\x8fjC\xce\xa7S\x81\xd5\xda\x84\xdf\xe3A_\x05XCk\x1d\x1cC\x97r\x93\xd6t\x81b\xc7x\xab\xa2\xf0\av\x88\x01\x92\xeaF\xa9!\xfc\x1c\xbf7q\xcf\xed&\x96\xa6\x1c_\xff\xb4\x00X\x1b\xf2w\xc1\x00\x00\x00\x00\xe0T\x1f\xbc\x85\xd1Z\xa9\x01Z\xc2\xb0\f\x9a\x16\xa5?\xf74\x88\xeez@)&\xb5\a\xc1\v\xe7\xdf\x80\xe4\x9c\xf5f\x94jC\xb1\xcfh\xc5g\x02\xc6 U\xe5\xcea\x88\xee\x0f\xf57*\xb3\xe8iWTav\xff\xd9\xb0C\x1e\xbe\x97\xc8$-\x8d)\xe8\\\x8e;I\xde\x8a\x8e\x0fq\x06\xee\xb9\xc1\xf1)\xa0\xd9T\xec\x8b\x85I\x87OZ\xd8\"4\x87\xb1\xed?:\x84S\xb9\xbf\xab#\xd0N\x8f\x1ey7\x9286p\x10uZ\xf0', 0x0) write(r1, &(0x7f0000002140)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) readlinkat(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000032240)=""/102400, 0x19000) 1.21347207s ago: executing program 1 (id=537): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x34, r1, 0x1, 0x70bd29, 0x0, {0x10}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_RX={0x5, 0xb, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x880}, 0x0) 1.21321663s ago: executing program 1 (id=538): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000100)={0x2, @vbi={0x9, 0x7, 0x5, 0x34524742, [0x1000, 0x7], [0x9, 0xfff], 0x108}}) 1.142832291s ago: executing program 1 (id=539): syz_emit_ethernet(0x5a, &(0x7f0000000040)={@remote, @multicast, @val={@void}, {@canfd={0xd, {{0x3, 0x0, 0x0, 0x1}, 0x29, 0x3, 0x0, 0x0, "014b41345ef6b6e354cf7d3ad463f977b84836fbd330ac44ad75a5fc83c8565a0e96b4fcc3229538bda5094a85925e6c3cb551af76513d056c177e324763d62b"}}}}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 639.02087ms ago: executing program 3 (id=540): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x40) pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) mount$fuse(0x0, 0x0, 0x0, 0x1048001, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x2, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r2 = syz_clone(0x904000, 0x0, 0x5f, 0x0, 0x0, 0x0) setpgid(r2, 0x0) r3 = getpgid(r2) setpgid(0x0, r3) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r4, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'}) read$FUSE(r0, &(0x7f0000000980)={0x2020}, 0x2020) 377.311254ms ago: executing program 3 (id=541): syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="043e1f0a00c9000201"], 0x22) r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_to_hsr\x00'}) sendmsg$nl_route_sched(r0, 0x0, 0x44040) ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000180)={0x1, 0xaa4, 0x0, 0x0}) ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4188aec6, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x20000000000000, 0x4}) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000100)=@ethtool_link_settings={0x4d, 0x0, 0x11, 0x0, 0x47, 0x0, 0x0, 0x0, 0x20, 0x4, [0x2, 0x8001, 0x0, 0xc, 0x0, 0x0, 0x0, 0x2], [0x1000, 0x0, 0x63, 0xbb, 0x1ff, 0xe000]}}) 84.069649ms ago: executing program 1 (id=542): r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="0d01000009000008250592d20700006a3b010902241700fa0074980904e4ff11070103000905010200ffe0000009058202"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000200)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$char_usb(0xc, 0xb4, 0x0) socket$alg(0x26, 0x5, 0x0) 0s ago: executing program 4 (id=543): syz_genetlink_get_family_id$ipvs(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'syz_tun\x00', 0x0}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x7) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) socket$can_raw(0x1d, 0x3, 0x1) r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(r1, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x10) ioctl$sock_netdev_private(r5, 0x8914, &(0x7f0000000000)) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r6}, 0x18) ioctl$sock_netrom_SIOCADDRT(r3, 0x890b, &(0x7f0000000000)={0x0, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0x4, 'syz1\x00', @default, 0x1, 0x0, [@null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @default]}) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d) ioctl$sock_netdev_private(r2, 0x8914, &(0x7f0000000000)) kernel console output (not intermixed with test programs): veth1_macvtap entered promiscuous mode [ 66.426711][ T4169] device veth0_macvtap entered promiscuous mode [ 66.437853][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 66.446355][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 66.454735][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 66.463914][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 66.472712][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 66.499407][ T4180] device veth1_vlan entered promiscuous mode [ 66.510187][ T4169] device veth1_macvtap entered promiscuous mode [ 66.527429][ T4168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.538198][ T4168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.548547][ T4168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.559375][ T4168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.571019][ T4168] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.596774][ T1232] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.617516][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 66.625243][ T1232] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.626515][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 66.642623][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 66.650571][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 66.658843][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 66.668687][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 66.681680][ T4168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.693968][ T4168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.705532][ T4168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.715999][ T4168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.722081][ T4215] Bluetooth: hci4: command 0x040f tx timeout [ 66.728266][ T4168] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.739205][ T4215] Bluetooth: hci3: command 0x040f tx timeout [ 66.745554][ T4215] Bluetooth: hci1: command 0x040f tx timeout [ 66.757584][ T4215] Bluetooth: hci0: command 0x040f tx timeout [ 66.766262][ T4169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.782131][ T4169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.792386][ T4169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.803893][ T4215] Bluetooth: hci2: command 0x040f tx timeout [ 66.810496][ T4169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.820667][ T4169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.833176][ T4169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.844816][ T4169] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.852411][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 66.861145][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 66.870318][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 66.879198][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 66.888619][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 66.897580][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 66.909613][ T4168] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.918555][ T4168] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.927568][ T4168] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.936360][ T4168] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.949053][ T4180] device veth0_macvtap entered promiscuous mode [ 66.966902][ T4169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.983143][ T4169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.993683][ T4169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.005378][ T4169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.015276][ T4169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.026112][ T4169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.038392][ T4169] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.057523][ T4169] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.066746][ T4169] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.075778][ T4169] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.084880][ T4169] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.104046][ T4180] device veth1_macvtap entered promiscuous mode [ 67.118114][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 67.127029][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 67.137824][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 67.146921][ T395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 67.216412][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.236853][ T4180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.247710][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.258232][ T4180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.269340][ T4180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.280109][ T4180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.291864][ T4180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.302518][ T4180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.312998][ T4180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.324577][ T4180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.336184][ T4180] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.351630][ T395] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.359654][ T395] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.367379][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 67.379434][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 67.390744][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 67.399821][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 67.417516][ T4180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.428750][ T4180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.439263][ T4180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.453559][ T4180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.463760][ T4180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.474226][ T4180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.484355][ T4180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.495212][ T4180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.514448][ T4180] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.550869][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 67.564906][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 67.578499][ T4180] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.587563][ T4180] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.598390][ T4180] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.608266][ T4180] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.628760][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.659297][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.687433][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 67.695671][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.714679][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.754165][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 67.812851][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.821268][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.850126][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 67.937459][ T4248] loop4: detected capacity change from 0 to 1024 [ 68.014395][ T4248] ======================================================= [ 68.014395][ T4248] WARNING: The mand mount option has been deprecated and [ 68.014395][ T4248] and is ignored by this kernel. Remove the mand [ 68.014395][ T4248] option from the mount to silence this warning. [ 68.014395][ T4248] ======================================================= [ 68.395547][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.428003][ T3064] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.593324][ T3064] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.796457][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.848807][ T4248] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 68.857710][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 68.868942][ T4248] EXT4-fs (loop4): orphan cleanup on readonly fs [ 68.905505][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 68.920608][ T2238] Bluetooth: hci0: command 0x0419 tx timeout [ 68.930672][ T2238] Bluetooth: hci1: command 0x0419 tx timeout [ 68.937015][ T2238] Bluetooth: hci3: command 0x0419 tx timeout [ 68.943163][ T2238] Bluetooth: hci4: command 0x0419 tx timeout [ 68.950247][ T2238] Bluetooth: hci2: command 0x0419 tx timeout [ 69.005386][ T4248] EXT4-fs error (device loop4): ext4_map_blocks:738: inode #3: block 4: comm syz.4.5: lblock 4 mapped to illegal pblock 4 (length 1) [ 69.015833][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.023308][ T4248] Quota error (device loop4): write_blk: dquota write failed [ 69.076776][ T4248] Quota error (device loop4): find_free_dqentry: Can't remove block (3) from entry free list [ 69.077316][ T4256] loop0: detected capacity change from 0 to 256 [ 69.091506][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.133215][ T4248] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 69.187756][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 69.204088][ T4248] EXT4-fs error (device loop4): ext4_acquire_dquot:6204: comm syz.4.5: Failed to acquire dquot type 0 [ 69.308823][ T4258] loop1: detected capacity change from 0 to 512 [ 69.337848][ T4256] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6'. [ 69.338237][ T4252] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.397092][ T4248] EXT4-fs error (device loop4): ext4_map_blocks:628: inode #3: block 4: comm syz.4.5: lblock 4 mapped to illegal pblock 4 (length 1) [ 69.402781][ T4260] fuse: blksize only supported for fuseblk [ 69.481169][ T4258] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 69.496973][ T4252] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.522000][ T4248] Quota error (device loop4): find_free_dqentry: Can't remove block (3) from entry free list [ 69.540245][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 69.579028][ T4258] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002] [ 69.583875][ T4248] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 69.601733][ T4248] EXT4-fs error (device loop4): ext4_acquire_dquot:6204: comm syz.4.5: Failed to acquire dquot type 0 [ 69.617238][ T4258] System zones: 1-12 [ 69.622149][ T4248] EXT4-fs error (device loop4): ext4_free_blocks:6223: comm syz.4.5: Freeing blocks not in datazone - block = 0, count = 4096 [ 69.643700][ T4248] EXT4-fs error (device loop4): ext4_map_blocks:628: inode #3: block 4: comm syz.4.5: lblock 4 mapped to illegal pblock 4 (length 1) [ 69.739799][ T4248] Quota error (device loop4): find_free_dqentry: Can't remove block (3) from entry free list [ 69.755369][ T4258] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2219: inode #15: comm syz.1.2: corrupted in-inode xattr [ 69.791703][ T4248] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 69.806329][ T4258] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.2: couldn't read orphan inode 15 (err -117) [ 69.861988][ T4248] EXT4-fs error (device loop4): ext4_acquire_dquot:6204: comm syz.4.5: Failed to acquire dquot type 0 [ 69.890235][ T4248] EXT4-fs (loop4): 1 orphan inode deleted [ 69.903775][ T4266] loop2: detected capacity change from 0 to 1024 [ 69.923509][ T4258] EXT4-fs (loop1): mounted filesystem without journal. Opts: mb_optimize_scan=0x0000000000000001,max_batch_time=0x0000000000000001,debug,noload,nombcache,inode_readahead_blks=0x0000000008000000,init_itable=0x00000000000005ff,inode_readahead_blks=0x0000000000000001,,errors=continue. Quota mode: none. [ 69.972966][ T4248] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 70.057087][ T4271] loop3: detected capacity change from 0 to 256 [ 70.077053][ T4270] loop0: detected capacity change from 0 to 512 [ 70.145618][ T4248] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5'. [ 70.148450][ T4270] EXT4-fs (loop0): can't mount with commit=2, fs mounted w/o journal [ 70.210770][ T4271] FAT-fs (loop3): Directory bread(block 64) failed [ 70.225561][ T4271] FAT-fs (loop3): Directory bread(block 65) failed [ 70.236287][ T4271] FAT-fs (loop3): Directory bread(block 66) failed [ 70.246316][ T4271] FAT-fs (loop3): Directory bread(block 67) failed [ 70.263795][ T4271] FAT-fs (loop3): Directory bread(block 68) failed [ 70.266093][ T4248] EXT4-fs error (device loop4): ext4_search_dir:1549: inode #2: block 16: comm syz.4.5: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 70.270486][ T4271] FAT-fs (loop3): Directory bread(block 69) failed [ 70.270593][ T4271] FAT-fs (loop3): Directory bread(block 70) failed [ 70.357877][ T4271] FAT-fs (loop3): Directory bread(block 71) failed [ 70.365638][ T4271] FAT-fs (loop3): Directory bread(block 72) failed [ 70.368519][ T9] hfsplus: b-tree write err: -5, ino 4 [ 70.372626][ T4271] FAT-fs (loop3): Directory bread(block 73) failed [ 70.401331][ T4248] process 'syz.4.5' launched './file0' with NULL argv: empty string added [ 70.414941][ T4248] EXT4-fs error (device loop4): ext4_search_dir:1549: inode #2: block 16: comm syz.4.5: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 70.575605][ T4278] loop2: detected capacity change from 0 to 256 [ 70.667105][ T4278] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 71.151006][ T4286] loop1: detected capacity change from 0 to 512 [ 71.295633][ T4284] attempt to access beyond end of device [ 71.295633][ T4284] loop2: rw=524288, want=408, limit=256 [ 71.326539][ T4284] attempt to access beyond end of device [ 71.326539][ T4284] loop2: rw=524288, want=664, limit=256 [ 71.337808][ T4284] attempt to access beyond end of device [ 71.337808][ T4284] loop2: rw=0, want=288, limit=256 [ 71.354397][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.361292][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.370423][ T26] audit: type=1800 audit(1744568496.577:2): pid=4284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.10" name="file1" dev="loop2" ino=1048592 res=0 errno=0 [ 71.712325][ T4286] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 71.766592][ T4286] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000004,dioread_nolock,mblk_io_submit,nogrpid,usrjquota=,,errors=continue. Quota mode: none. [ 72.036263][ T4212] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 72.281204][ T4295] loop1: detected capacity change from 0 to 1024 [ 72.698726][ T9] hfsplus: b-tree write err: -5, ino 4 [ 72.829634][ T4300] loop2: detected capacity change from 0 to 2048 [ 72.901173][ T4290] loop0: detected capacity change from 0 to 32768 [ 73.098989][ T4307] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 73.115136][ T4290] XFS (loop0): Mounting V5 Filesystem [ 73.158046][ T4300] NILFS (loop2): corrupt root inode [ 73.191462][ T4211] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 73.305809][ T4290] XFS (loop0): Ending clean mount [ 73.348987][ T4290] XFS (loop0): Quotacheck needed: Please wait. [ 73.438647][ T4298] loop4: detected capacity change from 0 to 32768 [ 73.499309][ T4290] XFS (loop0): Quotacheck: Done. [ 73.585664][ T4300] loop2: detected capacity change from 0 to 512 [ 73.611669][ T4211] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 73.635369][ T4211] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 73.675811][ T4211] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.703624][ T4211] usb 2-1: config 0 descriptor?? [ 73.724839][ T4300] EXT4-fs (loop2): DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 73.754837][ T4300] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 73.786143][ T4211] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 73.793938][ T4300] EXT4-fs (loop2): Cannot use DAX on a filesystem that may contain inline data [ 74.058687][ T4315] 9pnet: p9_fd_create_unix (4315): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 74.328836][ T4290] overlayfs: './file1' not a directory [ 74.522330][ T4211] gspca_vc032x: reg_w err -110 [ 74.527428][ T4211] vc032x: probe of 2-1:0.0 failed with error -110 [ 74.852063][ T2309] usb 2-1: USB disconnect, device number 2 [ 74.933338][ T4314] 9pnet: Insufficient options for proto=fd [ 75.224828][ T4323] loop4: detected capacity change from 0 to 256 [ 75.228719][ T4321] loop3: detected capacity change from 0 to 1024 [ 75.250948][ T4290] fuse: Bad value for 'user_id' [ 75.423650][ T4323] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 75.511873][ T26] audit: type=1800 audit(1744568500.737:3): pid=4323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.18" name="file1" dev="loop4" ino=1048615 res=0 errno=0 [ 75.662911][ T144] hfsplus: b-tree write err: -5, ino 4 [ 75.688419][ T4326] loop1: detected capacity change from 0 to 64 [ 75.752703][ T4323] attempt to access beyond end of device [ 75.752703][ T4323] loop4: rw=524288, want=408, limit=256 [ 75.767168][ T4323] attempt to access beyond end of device [ 75.767168][ T4323] loop4: rw=524288, want=664, limit=256 [ 75.778747][ T4323] attempt to access beyond end of device [ 75.778747][ T4323] loop4: rw=0, want=288, limit=256 [ 75.790643][ T26] audit: type=1800 audit(1744568501.027:4): pid=4323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.18" name="file1" dev="loop4" ino=1048615 res=0 errno=0 [ 75.941845][ T4167] XFS (loop0): Unmounting Filesystem [ 76.112265][ T4335] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.192825][ T4330] loop2: detected capacity change from 0 to 4096 [ 76.229134][ T4334] loop4: detected capacity change from 0 to 4096 [ 76.299590][ T4334] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 76.486593][ T4336] loop3: detected capacity change from 0 to 4096 [ 76.581835][ T4336] ntfs3: loop3: Failed to load $MFT. [ 76.627651][ T4334] ntfs3: loop4: MftZone: unavailable [ 76.653033][ T4341] binder: 4340:4341 ioctl c0306201 0 returned -14 [ 76.674574][ T4334] ntfs3: loop4: MftZone: unavailable [ 76.679912][ T4334] ntfs3: loop4: no free space to extend mft [ 76.688863][ T4341] binder: 4340:4341 ioctl 8b18 200000000000 returned -22 [ 76.729040][ T4341] binder: 4340:4341 ioctl 8b06 200000000080 returned -22 [ 76.747992][ T26] audit: type=1800 audit(1744568501.977:5): pid=4329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.24" name="file1" dev="loop2" ino=30 res=0 errno=0 [ 76.748170][ T4339] loop1: detected capacity change from 0 to 4096 [ 76.779865][ T4334] ntfs3: loop4: MftZone: unavailable [ 76.787788][ T4334] ntfs3: loop4: no free space to extend mft [ 76.860789][ T4339] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 76.930498][ T4339] ntfs3: loop1: MftZone: unavailable [ 76.957808][ T4339] ntfs3: loop1: MftZone: unavailable [ 76.977803][ T4339] ntfs3: loop1: no free space to extend mft [ 77.003706][ T4344] loop2: detected capacity change from 0 to 128 [ 78.718977][ T4354] loop0: detected capacity change from 0 to 24 [ 78.782564][ T4354] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 78.877297][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!! [ 78.963591][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 78.979779][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!! [ 79.184491][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!! [ 79.279443][ T4354] VFS: Can't find a romfs filesystem on dev loop0. [ 79.279443][ T4354] [ 79.843871][ T4359] overlayfs: metacopy with no lower data found - abort lookup (/file1) [ 79.853124][ T4359] overlayfs: failed to look up (file1) for ino (-5) [ 79.901356][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!! [ 79.911149][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #48!!! [ 79.920692][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #208!!! [ 79.929838][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #20a!!! [ 79.939038][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #20a!!! [ 79.948222][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #20a!!! [ 80.629697][ T4366] loop3: detected capacity change from 0 to 4096 [ 80.689274][ T4365] loop0: detected capacity change from 0 to 8192 [ 80.698333][ T4368] loop1: detected capacity change from 0 to 32768 [ 80.731337][ T4364] loop2: detected capacity change from 0 to 16384 [ 80.747589][ T4366] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 80.792304][ T4368] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.34 (4368) [ 80.797250][ T4364] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 80.854898][ T4368] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 80.864255][ T4368] BTRFS info (device loop1): setting nodatacow, compression disabled [ 80.872531][ T4368] BTRFS info (device loop1): setting datacow [ 80.878546][ T4368] BTRFS info (device loop1): doing ref verification [ 80.888439][ T4368] BTRFS info (device loop1): force clearing of disk cache [ 80.889446][ T4364] UDF-fs: Scanning with blocksize 512 failed [ 80.895637][ T4368] BTRFS info (device loop1): turning off barriers [ 80.895691][ T4368] BTRFS info (device loop1): enabling ssd optimizations [ 80.895707][ T4368] BTRFS info (device loop1): using spread ssd allocation scheme [ 80.895746][ T4368] BTRFS info (device loop1): using free space tree [ 80.929881][ T4368] BTRFS info (device loop1): has skinny extents [ 81.002925][ T4364] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 81.010342][ T4364] UDF-fs: Scanning with blocksize 1024 failed [ 81.063795][ T4366] ntfs3: loop3: MftZone: unavailable [ 81.079527][ T4364] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 81.129892][ T4366] ntfs3: loop3: MftZone: unavailable [ 81.137629][ T4364] UDF-fs: Scanning with blocksize 2048 failed [ 81.144414][ T4366] ntfs3: loop3: no free space to extend mft [ 81.198891][ T4364] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 81.701270][ T4366] ntfs3: loop3: MftZone: unavailable [ 81.745479][ T23] cfg80211: failed to load regulatory.db [ 81.801593][ T4366] ntfs3: loop3: no free space to extend mft [ 82.453874][ T4391] syz.0.36 (4391): /proc/4390/oom_adj is deprecated, please use /proc/4390/oom_score_adj instead. [ 82.512617][ T4368] BTRFS info (device loop1): clearing free space tree [ 82.520277][ T4368] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 82.530319][ T4368] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 82.572553][ T4368] BTRFS info (device loop1): creating free space tree [ 82.582249][ T4368] BTRFS info (device loop1): setting compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 82.591878][ T4368] BTRFS info (device loop1): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 83.933428][ T4399] loop4: detected capacity change from 0 to 4096 [ 84.056023][ T4399] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 84.378376][ T4410] loop2: detected capacity change from 0 to 40427 [ 84.430517][ T4410] F2FS-fs (loop2): Unrecognized mount option "ØÊèU‰üG³§šš(HãHjÆóª"•ôÇ_`~ÆŒ•‚îè=m6 " or missing value [ 84.637080][ T4399] ntfs3: loop4: MftZone: unavailable [ 84.659964][ T4399] ntfs3: loop4: MftZone: unavailable [ 84.696276][ T4399] ntfs3: loop4: no free space to extend mft [ 84.786737][ T4399] ntfs3: loop4: MftZone: unavailable [ 84.818744][ T4399] ntfs3: loop4: no free space to extend mft [ 84.874624][ T4391] loop0: detected capacity change from 0 to 32768 [ 84.885022][ T4412] loop2: detected capacity change from 0 to 4096 [ 84.952721][ T4412] ntfs3: Unknown parameter '€' [ 85.222027][ T4391] XFS (loop0): Mounting V5 Filesystem [ 85.313732][ T4391] XFS (loop0): log mount failed [ 85.318376][ T4407] loop3: detected capacity change from 0 to 32768 [ 85.503555][ T4407] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.37 (4407) [ 85.591726][ T4431] loop2: detected capacity change from 0 to 1024 [ 85.599876][ T4407] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 85.619177][ T4407] BTRFS info (device loop3): using free space tree [ 85.631903][ T4407] BTRFS info (device loop3): has skinny extents [ 86.021267][ T4407] BTRFS error (device loop3): open_ctree failed: -12 [ 86.059950][ T4252] hfsplus: b-tree write err: -5, ino 4 [ 86.302403][ T4454] loop2: detected capacity change from 0 to 1024 [ 86.432197][ T4427] loop4: detected capacity change from 0 to 32768 [ 86.508654][ T4429] loop1: detected capacity change from 0 to 32768 [ 86.535486][ T4427] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz.4.41 (4427) [ 86.619605][ T4453] loop0: detected capacity change from 0 to 32768 [ 86.627471][ T4427] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 86.662291][ T4429] XFS: ikeep mount option is deprecated. [ 86.668435][ T4429] XFS: ikeep mount option is deprecated. [ 86.679531][ T4453] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 86.688377][ T4453] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 86.699724][ T4427] BTRFS info (device loop4): using free space tree [ 86.748184][ T4453] gfs2: fsid=syz:syz.0: journal 0 mapped with 23 extents in 0ms [ 86.754967][ T4427] BTRFS info (device loop4): has skinny extents [ 86.765817][ T2309] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 86.765912][ T2309] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 86.815596][ T4429] XFS (loop1): Mounting V5 Filesystem [ 86.872857][ T4264] hfsplus: b-tree write err: -5, ino 4 [ 86.918806][ T2309] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 152ms [ 86.941772][ T2309] gfs2: fsid=syz:syz.0: jid=0: Done [ 86.948854][ T4453] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 87.052885][ T4429] XFS (loop1): Ending clean mount [ 87.086991][ T4429] XFS (loop1): Quotacheck needed: Please wait. [ 87.260611][ T4429] XFS (loop1): Quotacheck: Done. [ 87.293069][ T4429] syz.1.42 uses obsolete (PF_INET,SOCK_PACKET) [ 87.325015][ T4427] BTRFS info (device loop4): enabling ssd optimizations [ 87.466802][ T4168] XFS (loop1): Unmounting Filesystem [ 87.491216][ T4491] loop0: detected capacity change from 0 to 1764 [ 87.929961][ T4498] binder: 4497:4498 ioctl c0306201 0 returned -14 [ 87.974728][ T4482] loop3: detected capacity change from 0 to 32768 [ 87.991622][ T4417] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 88.243478][ T4417] usb 3-1: Using ep0 maxpacket: 32 [ 88.355455][ T4500] loop1: detected capacity change from 0 to 32768 [ 88.361748][ T4417] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 88.393944][ T4417] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 88.411782][ T4500] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.50 (4500) [ 88.481104][ T4498] binder: 4497:4498 ioctl c0306201 0 returned -14 [ 88.483927][ T4417] usb 3-1: config 0 descriptor?? [ 88.519529][ T26] audit: type=1800 audit(1744568513.747:6): pid=4501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.41" name="bus" dev="loop4" ino=263 res=0 errno=0 [ 88.559050][ T4504] overlayfs: overlapping lowerdir path [ 88.567315][ T4500] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 88.576068][ T4500] BTRFS info (device loop1): setting nodatacow, compression disabled [ 88.584354][ T4500] BTRFS info (device loop1): setting datacow [ 88.584429][ T4417] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 88.590356][ T4500] BTRFS info (device loop1): doing ref verification [ 88.590376][ T4500] BTRFS info (device loop1): force clearing of disk cache [ 88.590395][ T4500] BTRFS info (device loop1): turning off barriers [ 88.617411][ T4500] BTRFS info (device loop1): enabling ssd optimizations [ 88.624442][ T4500] BTRFS info (device loop1): using spread ssd allocation scheme [ 88.632297][ T4500] BTRFS info (device loop1): using free space tree [ 88.634234][ T26] audit: type=1800 audit(1744568513.767:7): pid=4501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.41" name="bus" dev="loop4" ino=263 res=0 errno=0 [ 88.638813][ T4500] BTRFS info (device loop1): has skinny extents [ 88.890634][ T4524] loop3: detected capacity change from 0 to 512 [ 88.897973][ T4500] BTRFS info (device loop1): clearing free space tree [ 88.904964][ T4500] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 88.915207][ T4500] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 88.958760][ T4500] BTRFS info (device loop1): creating free space tree [ 88.967106][ T4500] BTRFS info (device loop1): setting compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 88.976800][ T4500] BTRFS info (device loop1): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 89.018580][ T4524] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 89.024065][ T4520] loop0: detected capacity change from 0 to 8192 [ 89.068146][ T4524] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 89.098587][ T4524] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 89.141879][ T4524] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 89.160192][ T4524] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e018, mo2=0000] [ 89.229976][ T4524] EXT4-fs (loop3): orphan cleanup on readonly fs [ 89.690112][ T4520] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 89.729198][ T4520] REISERFS (device loop0): using ordered data mode [ 89.754730][ T4520] reiserfs: using flush barriers [ 89.782366][ T4520] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 89.830365][ T4520] REISERFS (device loop0): checking transaction log (loop0) [ 89.846128][ T4524] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.55: bg 0: block 34: padding at end of block bitmap is not set [ 89.851644][ T4417] gspca_nw80x: reg_r err -110 [ 89.869930][ T4417] nw80x: probe of 3-1:0.0 failed with error -110 [ 89.896734][ T4520] REISERFS (device loop0): Using rupasov hash to sort names [ 89.915189][ T4524] Quota error (device loop3): write_blk: dquota write failed [ 89.938786][ T4520] REISERFS (device loop0): using 3.5.x disk format [ 89.948116][ T4520] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 89.965325][ T4520] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 89.977192][ T4520] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 89.989424][ T4524] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 90.010457][ T4524] EXT4-fs error (device loop3): ext4_acquire_dquot:6204: comm syz.3.55: Failed to acquire dquot type 1 [ 90.022313][ T4520] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 90.070477][ T4520] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 90.110759][ T4524] EXT4-fs (loop3): 1 truncate cleaned up [ 90.111182][ T4520] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 90.121341][ T4524] EXT4-fs (loop3): mounted filesystem without journal. Opts: mb_optimize_scan=0x0000000000000001,discard,nogrpid,noblock_validity,,errors=continue. Quota mode: writeback. [ 91.171097][ T4550] loop0: detected capacity change from 0 to 32768 [ 91.253402][ T4550] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.57 (4550) [ 91.421704][ T4550] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 91.448592][ T4550] BTRFS info (device loop0): setting nodatasum [ 91.461572][ T4550] BTRFS info (device loop0): force zlib compression, level 3 [ 91.469034][ T4550] BTRFS info (device loop0): metadata ratio 1 [ 91.664468][ T4550] BTRFS info (device loop0): enabling ssd optimizations [ 91.859424][ T4550] BTRFS info (device loop0): allowing degraded mounts [ 92.033381][ T4550] BTRFS info (device loop0): using free space tree [ 92.245960][ T4550] BTRFS info (device loop0): has skinny extents [ 92.267813][ T4553] usb 3-1: USB disconnect, device number 2 [ 92.587171][ T4587] loop2: detected capacity change from 0 to 2048 [ 92.642922][ T4587] NILFS (loop2): invalid segment: Checksum error in segment payload [ 92.673685][ T4587] NILFS (loop2): trying rollback from an earlier position [ 92.813179][ T4587] NILFS (loop2): invalid segment: Checksum error in segment payload [ 92.831546][ T4587] NILFS (loop2): error -22 while searching super root [ 92.920740][ T4594] loop4: detected capacity change from 0 to 32768 [ 92.936198][ T4595] Zero length message leads to an empty skb [ 93.020826][ T4568] loop1: detected capacity change from 0 to 32768 [ 93.043946][ T4594] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.66 (4594) [ 93.161141][ T4594] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 93.170063][ T4594] BTRFS info (device loop4): setting nodatacow, compression disabled [ 93.178378][ T4594] BTRFS info (device loop4): setting datacow [ 93.184418][ T4594] BTRFS info (device loop4): doing ref verification [ 93.191032][ T4594] BTRFS info (device loop4): force clearing of disk cache [ 93.198225][ T4594] BTRFS info (device loop4): turning off barriers [ 93.204724][ T4594] BTRFS info (device loop4): enabling ssd optimizations [ 93.211742][ T4594] BTRFS info (device loop4): using spread ssd allocation scheme [ 93.219970][ T4594] BTRFS info (device loop4): using free space tree [ 93.226544][ T4594] BTRFS info (device loop4): has skinny extents [ 93.311580][ T4553] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 93.683346][ T4553] usb 3-1: Using ep0 maxpacket: 16 [ 93.981475][ T4553] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 93.992611][ T4568] XFS (loop1): Mounting V5 Filesystem [ 94.005864][ T4553] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 94.043372][ T4631] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 94.076912][ T4553] usb 3-1: New USB device found, idVendor=1e71, idProduct=170e, bcdDevice= 0.00 [ 94.093077][ T4594] BTRFS info (device loop4): clearing free space tree [ 94.094306][ T4553] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.100015][ T4594] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 94.117739][ T4594] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 94.144913][ T4594] BTRFS info (device loop4): creating free space tree [ 94.152980][ T4594] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 94.163056][ T4594] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 94.175154][ T4553] usb 3-1: config 0 descriptor?? [ 94.353020][ T4568] XFS (loop1): Ending clean mount [ 95.219596][ T4553] nzxt-kraken2 0003:1E71:170E.0001: unknown main item tag 0x7 [ 95.227706][ T4553] nzxt-kraken2 0003:1E71:170E.0001: unbalanced delimiter at end of report description [ 95.275304][ T4568] syz.1.61 (4568) used greatest stack depth: 18168 bytes left [ 95.328565][ T4553] nzxt-kraken2 0003:1E71:170E.0001: hid parse failed with -22 [ 95.352393][ T4553] nzxt-kraken2: probe of 0003:1E71:170E.0001 failed with error -22 [ 95.416753][ T4650] loop3: detected capacity change from 0 to 512 [ 95.685425][ T4650] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 95.756453][ T4168] XFS (loop1): Unmounting Filesystem [ 95.882597][ T4650] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000004,dioread_nolock,mblk_io_submit,nogrpid,usrjquota=,,errors=continue. Quota mode: none. [ 95.981968][ T4653] loop4: detected capacity change from 0 to 2048 [ 96.093199][ T4653] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 96.209426][ T4653] sctp: [Deprecated]: syz.4.73 (pid 4653) Use of int in max_burst socket option. [ 96.209426][ T4653] Use struct sctp_assoc_value instead [ 96.225542][ T4643] loop0: detected capacity change from 0 to 32768 [ 96.272204][ T4541] usb 3-1: USB disconnect, device number 3 [ 96.297987][ T4643] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 96.318920][ T4643] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 96.418818][ T4643] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 96.433243][ T4217] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 96.440045][ T4217] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 96.443273][ T4653] loop9: detected capacity change from 0 to 8 [ 96.465449][ T4653] Dev loop9: unable to read RDB block 8 [ 96.471680][ T4653] loop9: unable to read partition table [ 96.477472][ T4653] loop9: partition table beyond EOD, truncated [ 96.498258][ T4653] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 96.621750][ T4217] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 181ms [ 96.629419][ T4217] gfs2: fsid=syz:syz.0: jid=0: Done [ 96.657275][ T4643] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 97.030797][ T4662] loop2: detected capacity change from 0 to 512 [ 97.115962][ T4662] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 97.116075][ T4662] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 97.156631][ T4662] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b002c118, mo2=0002] [ 97.156762][ T4662] System zones: 1-12 [ 97.159951][ T4662] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2219: inode #15: comm syz.2.76: corrupted in-inode xattr [ 97.160498][ T4662] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.76: couldn't read orphan inode 15 (err -117) [ 97.160869][ T4662] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=abort,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,debug,,errors=continue. Quota mode: none. [ 97.212830][ T4662] EXT4-fs warning (device loop2): dx_probe:833: inode #2: comm syz.2.76: Unrecognised inode hash code 4 [ 97.212957][ T4662] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.76: Corrupt directory, running e2fsck is recommended [ 98.143922][ T4684] netlink: 8 bytes leftover after parsing attributes in process `syz.1.80'. [ 98.196605][ T4684] netlink: 'syz.1.80': attribute type 6 has an invalid length. [ 98.232169][ T4684] netlink: 20 bytes leftover after parsing attributes in process `syz.1.80'. [ 98.701873][ T4688] loop4: detected capacity change from 0 to 32768 [ 98.732235][ T4690] loop1: detected capacity change from 0 to 8192 [ 98.851712][ T4690] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 98.862089][ T4688] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.83 (4688) [ 98.866140][ T4695] loop3: detected capacity change from 0 to 4096 [ 98.880714][ T4690] REISERFS (device loop1): using ordered data mode [ 98.887550][ T4690] reiserfs: using flush barriers [ 98.904263][ T4690] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 98.928551][ T4688] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 98.937395][ T4688] BTRFS info (device loop4): setting nodatacow, compression disabled [ 98.945613][ T4688] BTRFS info (device loop4): setting datacow [ 98.952216][ T4688] BTRFS info (device loop4): doing ref verification [ 98.958835][ T4688] BTRFS info (device loop4): force clearing of disk cache [ 98.961975][ T4690] REISERFS (device loop1): checking transaction log (loop1) [ 98.966010][ T4688] BTRFS info (device loop4): turning off barriers [ 98.979727][ T4688] BTRFS info (device loop4): enabling ssd optimizations [ 98.986782][ T4688] BTRFS info (device loop4): using spread ssd allocation scheme [ 98.987176][ T4695] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 98.994481][ T4688] BTRFS info (device loop4): using free space tree [ 98.994503][ T4688] BTRFS info (device loop4): has skinny extents [ 99.406030][ T4695] ntfs3: loop3: MftZone: unavailable [ 99.426719][ T4695] ntfs3: loop3: MftZone: unavailable [ 99.436017][ T4695] ntfs3: loop3: no free space to extend mft [ 99.520176][ T4727] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 99.772252][ T4690] REISERFS (device loop1): Using tea hash to sort names [ 99.864450][ T4688] BTRFS info (device loop4): clearing free space tree [ 99.871817][ T4688] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 99.881792][ T4688] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 99.922099][ T4688] BTRFS info (device loop4): creating free space tree [ 99.930463][ T4688] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 99.940136][ T4688] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 100.102110][ T4690] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 100.201649][ T4690] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 100.359761][ T4732] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 101.426071][ T4743] netlink: 24 bytes leftover after parsing attributes in process `syz.3.89'. [ 101.472806][ T4745] loop2: detected capacity change from 0 to 256 [ 101.782244][ T4745] FAT-fs (loop2): Directory bread(block 64) failed [ 101.821636][ T4745] FAT-fs (loop2): Directory bread(block 65) failed [ 101.829191][ T4745] FAT-fs (loop2): Directory bread(block 66) failed [ 101.850226][ T4745] FAT-fs (loop2): Directory bread(block 67) failed [ 101.869177][ T4745] FAT-fs (loop2): Directory bread(block 68) failed [ 101.876538][ T4745] FAT-fs (loop2): Directory bread(block 69) failed [ 101.888953][ T4745] FAT-fs (loop2): Directory bread(block 70) failed [ 101.896485][ T4745] FAT-fs (loop2): Directory bread(block 71) failed [ 101.903450][ T4745] FAT-fs (loop2): Directory bread(block 72) failed [ 101.912458][ T4745] FAT-fs (loop2): Directory bread(block 73) failed [ 102.108582][ T4755] loop4: detected capacity change from 0 to 1024 [ 102.464467][ T395] hfsplus: b-tree write err: -5, ino 4 [ 102.655088][ T4763] loop1: detected capacity change from 0 to 512 [ 102.827893][ T4763] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 102.923313][ T4763] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000004,dioread_nolock,mblk_io_submit,nogrpid,usrjquota=,,errors=continue. Quota mode: none. [ 103.280524][ T4774] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 104.297645][ T4783] loop3: detected capacity change from 0 to 8192 [ 104.357961][ T4785] loop2: detected capacity change from 0 to 4096 [ 104.382859][ T4783] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 104.401786][ T4783] REISERFS (device loop3): using ordered data mode [ 104.408621][ T4783] reiserfs: using flush barriers [ 104.424034][ T4785] ntfs: (device loop2): parse_options(): Invalid gid option argument: 0x0000000000000000017777777777777777777770xffffffffffffffff00000000000000000003[CŽ [ 104.426701][ T4783] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 104.456751][ T4783] REISERFS (device loop3): checking transaction log (loop3) [ 104.593393][ T4785] loop2: detected capacity change from 0 to 256 [ 104.702750][ T4783] REISERFS (device loop3): Using tea hash to sort names [ 104.710943][ T4783] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 104.733760][ T4783] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 105.149322][ T4797] loop2: detected capacity change from 0 to 64 [ 105.403711][ T4801] loop1: detected capacity change from 0 to 256 [ 105.429957][ T4800] loop2: detected capacity change from 0 to 1024 [ 105.540398][ T4801] FAT-fs (loop1): Directory bread(block 64) failed [ 105.583002][ T144] hfsplus: b-tree write err: -5, ino 4 [ 105.591808][ T4801] FAT-fs (loop1): Directory bread(block 65) failed [ 105.623387][ T4801] FAT-fs (loop1): Directory bread(block 66) failed [ 105.623436][ T4801] FAT-fs (loop1): Directory bread(block 67) failed [ 105.623510][ T4801] FAT-fs (loop1): Directory bread(block 68) failed [ 105.623544][ T4801] FAT-fs (loop1): Directory bread(block 69) failed [ 105.623616][ T4801] FAT-fs (loop1): Directory bread(block 70) failed [ 105.623649][ T4801] FAT-fs (loop1): Directory bread(block 71) failed [ 105.623719][ T4801] FAT-fs (loop1): Directory bread(block 72) failed [ 105.623751][ T4801] FAT-fs (loop1): Directory bread(block 73) failed [ 105.803300][ T4807] loop2: detected capacity change from 0 to 64 [ 106.744018][ T4825] loop0: detected capacity change from 0 to 32768 [ 107.017969][ T4836] loop4: detected capacity change from 0 to 64 [ 107.024984][ T4824] loop1: detected capacity change from 0 to 8192 [ 107.028551][ T4825] XFS (loop0): Mounting V5 Filesystem [ 107.065925][ T4824] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 107.095026][ T4825] XFS (loop0): Ending clean mount [ 107.107674][ T4825] XFS (loop0): Quotacheck needed: Please wait. [ 107.149710][ T4824] REISERFS (device loop1): using ordered data mode [ 107.165196][ T4824] reiserfs: using flush barriers [ 107.226636][ T4824] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 107.314134][ T4824] REISERFS (device loop1): checking transaction log (loop1) [ 107.336091][ T4825] XFS (loop0): Quotacheck: Done. [ 107.382912][ T4843] loop2: detected capacity change from 0 to 512 [ 107.605183][ T4843] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 107.724067][ T4846] loop3: detected capacity change from 0 to 1024 [ 107.966040][ T4850] netlink: 16 bytes leftover after parsing attributes in process `syz.0.117'. [ 108.599205][ T4843] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000004,dioread_nolock,mblk_io_submit,nogrpid,usrjquota=,,errors=continue. Quota mode: none. [ 108.689003][ T4824] REISERFS (device loop1): Using tea hash to sort names [ 108.724534][ T4824] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 109.092756][ T4406] hfsplus: b-tree write err: -5, ino 4 [ 109.206524][ T4167] XFS (loop0): Unmounting Filesystem [ 109.475136][ T4861] loop4: detected capacity change from 0 to 256 [ 111.178822][ T4870] loop3: detected capacity change from 0 to 256 [ 111.326036][ T4870] FAT-fs (loop3): Directory bread(block 64) failed [ 111.340611][ T4870] FAT-fs (loop3): Directory bread(block 65) failed [ 111.356140][ T4870] FAT-fs (loop3): Directory bread(block 66) failed [ 111.387102][ T4870] FAT-fs (loop3): Directory bread(block 67) failed [ 111.394098][ T4870] FAT-fs (loop3): Directory bread(block 68) failed [ 111.401101][ T4870] FAT-fs (loop3): Directory bread(block 69) failed [ 111.408831][ T4870] FAT-fs (loop3): Directory bread(block 70) failed [ 111.415446][ T4870] FAT-fs (loop3): Directory bread(block 71) failed [ 111.422125][ T4870] FAT-fs (loop3): Directory bread(block 72) failed [ 111.428677][ T4870] FAT-fs (loop3): Directory bread(block 73) failed [ 111.466272][ T4861] FAT-fs (loop4): Directory bread(block 64) failed [ 111.475216][ T4861] FAT-fs (loop4): Directory bread(block 65) failed [ 111.530359][ T4872] loop1: detected capacity change from 0 to 512 [ 111.544831][ T4872] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 111.557991][ T4872] EXT4-fs (loop1): mounted filesystem without journal. Opts: usrquota,bsddf,commit=0x0000000000000000,mblk_io_submit,barrier=0x0000000000000fff,,errors=continue. Quota mode: writeback. [ 111.618831][ T4861] FAT-fs (loop4): Directory bread(block 66) failed [ 111.632659][ T4861] FAT-fs (loop4): Directory bread(block 67) failed [ 111.640211][ T4861] FAT-fs (loop4): Directory bread(block 68) failed [ 111.648885][ T4861] FAT-fs (loop4): Directory bread(block 69) failed [ 111.655991][ T4861] FAT-fs (loop4): Directory bread(block 70) failed [ 111.663013][ T4861] FAT-fs (loop4): Directory bread(block 71) failed [ 111.669811][ T4861] FAT-fs (loop4): Directory bread(block 72) failed [ 111.677094][ T4861] FAT-fs (loop4): Directory bread(block 73) failed [ 112.707912][ T4406] Bluetooth: Error in BCSP hdr checksum [ 113.120797][ T4880] loop4: detected capacity change from 0 to 128 [ 113.697536][ T4542] Bluetooth: hci5: command 0x1003 tx timeout [ 113.704097][ T4182] Bluetooth: hci5: sending frame failed (-49) [ 113.715360][ T4890] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 113.724978][ T4890] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 113.732563][ T4890] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 113.773031][ T4897] loop1: detected capacity change from 0 to 64 [ 114.031687][ T4213] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 114.060048][ T4903] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 114.081877][ T4216] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 114.195841][ T4906] loop1: detected capacity change from 0 to 4096 [ 114.251654][ T4213] usb 3-1: device descriptor read/64, error -71 [ 114.293109][ T4906] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 114.322381][ T4216] usb 1-1: Using ep0 maxpacket: 16 [ 114.396489][ T4906] ntfs3: loop1: MftZone: unavailable [ 114.404378][ T4906] ntfs3: loop1: MftZone: unavailable [ 114.409714][ T4906] ntfs3: loop1: no free space to extend mft [ 115.211431][ T4913] loop1: detected capacity change from 0 to 256 [ 115.272118][ T4216] usb 1-1: config 0 has an invalid interface number: 41 but max is 0 [ 115.280359][ T4216] usb 1-1: config 0 has no interface number 0 [ 115.287294][ T4216] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 115.298062][ T4216] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 115.308321][ T4216] usb 1-1: config 0 interface 41 has no altsetting 0 [ 115.318275][ T4913] FAT-fs (loop1): Directory bread(block 64) failed [ 115.341524][ T4913] FAT-fs (loop1): Directory bread(block 65) failed [ 115.350240][ T4913] FAT-fs (loop1): Directory bread(block 66) failed [ 115.351876][ T4213] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 115.364497][ T4913] FAT-fs (loop1): Directory bread(block 67) failed [ 115.367638][ T4915] loop4: detected capacity change from 0 to 1024 [ 115.371122][ T4913] FAT-fs (loop1): Directory bread(block 68) failed [ 115.385644][ T4913] FAT-fs (loop1): Directory bread(block 69) failed [ 115.393273][ T4913] FAT-fs (loop1): Directory bread(block 70) failed [ 115.399814][ T4913] FAT-fs (loop1): Directory bread(block 71) failed [ 115.406647][ T4913] FAT-fs (loop1): Directory bread(block 72) failed [ 115.413461][ T4913] FAT-fs (loop1): Directory bread(block 73) failed [ 115.475946][ T4216] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 115.492032][ T4216] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 115.510291][ T4216] usb 1-1: Product: syz [ 115.514596][ T4216] usb 1-1: Manufacturer: syz [ 115.519210][ T4216] usb 1-1: SerialNumber: syz [ 115.527303][ T4911] hfsplus: b-tree write err: -5, ino 4 [ 115.532038][ T4216] usb 1-1: config 0 descriptor?? [ 115.551780][ T4901] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 115.559578][ T4901] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 115.566803][ T4213] usb 3-1: device descriptor read/64, error -71 [ 115.691810][ T4213] usb usb3-port1: attempt power cycle [ 115.770217][ T2309] Bluetooth: hci5: command 0x1001 tx timeout [ 115.776555][ T4182] Bluetooth: hci5: sending frame failed (-49) [ 115.803067][ T4901] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 115.810316][ T4901] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 117.026118][ T4917] loop4: detected capacity change from 0 to 512 [ 117.101823][ T4917] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 117.143661][ T4216] CoreChips: probe of 1-1:0.41 failed with error -71 [ 117.192206][ T4216] usb 1-1: USB disconnect, device number 2 [ 117.226324][ T4917] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000004,dioread_nolock,mblk_io_submit,nogrpid,usrjquota=,,errors=continue. Quota mode: none. [ 117.521607][ T4213] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 117.592980][ T4936] device netdevsim0 entered promiscuous mode [ 117.596183][ T4936] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 117.621580][ T4213] usb 3-1: device descriptor read/8, error -71 [ 117.711128][ T4938] loop1: detected capacity change from 0 to 256 [ 117.788749][ T4938] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 117.858833][ T4945] loop0: detected capacity change from 0 to 64 [ 117.937531][ T2238] Bluetooth: hci5: command 0x1009 tx timeout [ 117.951836][ T4213] usb 3-1: new full-speed USB device number 7 using dummy_hcd [ 118.062656][ T4213] usb 3-1: device descriptor read/8, error -71 [ 118.192819][ T4213] usb usb3-port1: unable to enumerate USB device [ 119.875510][ T4969] loop2: detected capacity change from 0 to 512 [ 119.980199][ T4969] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 120.145217][ T4969] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000004,dioread_nolock,mblk_io_submit,nogrpid,usrjquota=,,errors=continue. Quota mode: none. [ 120.513119][ T4958] netlink: 32 bytes leftover after parsing attributes in process `syz.0.151'. [ 120.758368][ T4976] loop2: detected capacity change from 0 to 64 [ 120.846081][ T4976] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. mounting read-only. [ 120.909172][ T4979] loop4: detected capacity change from 0 to 256 [ 121.044450][ T4979] FAT-fs (loop4): Directory bread(block 64) failed [ 121.051036][ T4979] FAT-fs (loop4): Directory bread(block 65) failed [ 121.092809][ T4979] FAT-fs (loop4): Directory bread(block 66) failed [ 121.109415][ T4979] FAT-fs (loop4): Directory bread(block 67) failed [ 121.136832][ T4979] FAT-fs (loop4): Directory bread(block 68) failed [ 121.159877][ T4979] FAT-fs (loop4): Directory bread(block 69) failed [ 121.166969][ T4979] FAT-fs (loop4): Directory bread(block 70) failed [ 121.189962][ T4979] FAT-fs (loop4): Directory bread(block 71) failed [ 121.241603][ T4979] FAT-fs (loop4): Directory bread(block 72) failed [ 121.250329][ T4983] loop1: detected capacity change from 0 to 256 [ 121.268647][ T4979] FAT-fs (loop4): Directory bread(block 73) failed [ 121.414640][ T4985] ipt_CLUSTERIP: ipt_CLUSTERIP is deprecated and it will removed soon, use xt_cluster instead [ 121.426322][ T4985] x_tables: ip_tables: osf match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT/FORWARD [ 122.329552][ T4990] netlink: 8 bytes leftover after parsing attributes in process `syz.3.158'. [ 122.386247][ T4988] loop2: detected capacity change from 0 to 4096 [ 122.578880][ T4992] loop3: detected capacity change from 0 to 512 [ 122.603855][ T4988] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 122.737680][ T4995] Cannot find del_set index 4 as target [ 122.745726][ T4995] syz.1.157 uses old SIOCAX25GETINFO [ 123.408761][ T4988] ntfs: volume version 3.1. [ 123.637948][ T4992] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 123.700480][ T4992] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 123.776866][ T4992] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 123.941569][ T4992] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 123.950445][ T5005] loop4: detected capacity change from 0 to 64 [ 123.980988][ T4992] System zones: 0-2, 18-18, 34-34 [ 123.997778][ T4992] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 124.170215][ T5010] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 124.213988][ T4992] EXT4-fs (loop3): 1 truncate cleaned up [ 124.434451][ T5013] loop0: detected capacity change from 0 to 512 [ 124.483806][ T5013] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 124.505453][ T4992] EXT4-fs (loop3): mounted filesystem without journal. Opts: min_batch_time=0x000000000000a04d,errors=continue,,errors=continue. Quota mode: none. [ 124.546387][ T5013] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000004,dioread_nolock,mblk_io_submit,nogrpid,usrjquota=,,errors=continue. Quota mode: none. [ 124.701598][ T26] audit: type=1800 audit(1744568549.907:8): pid=5013 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.164" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 124.746263][ T4992] EXT4-fs warning (device loop3): verify_group_input:165: Last group not full [ 125.116458][ T5020] loop0: detected capacity change from 0 to 1024 [ 125.275947][ T5018] loop1: detected capacity change from 0 to 4096 [ 125.630392][ T154] hfsplus: b-tree write err: -5, ino 4 [ 125.649961][ T5018] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 126.291818][ T5034] loop2: detected capacity change from 0 to 256 [ 126.355763][ T5022] loop4: detected capacity change from 0 to 32768 [ 126.417731][ T5022] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.168 (5022) [ 126.444024][ T5034] FAT-fs (loop2): Directory bread(block 64) failed [ 126.450617][ T5034] FAT-fs (loop2): Directory bread(block 65) failed [ 126.488840][ T5022] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 126.501514][ T5034] FAT-fs (loop2): Directory bread(block 66) failed [ 126.502603][ T5022] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 126.508105][ T5034] FAT-fs (loop2): Directory bread(block 67) failed [ 126.508218][ T5034] FAT-fs (loop2): Directory bread(block 68) failed [ 126.548870][ T5022] BTRFS info (device loop4): use zstd compression, level 3 [ 126.579235][ T5022] BTRFS info (device loop4): using free space tree [ 126.601442][ T5034] FAT-fs (loop2): Directory bread(block 69) failed [ 126.608127][ T5034] FAT-fs (loop2): Directory bread(block 70) failed [ 126.609679][ T5022] BTRFS info (device loop4): has skinny extents [ 126.645453][ T5034] FAT-fs (loop2): Directory bread(block 71) failed [ 126.673710][ T5034] FAT-fs (loop2): Directory bread(block 72) failed [ 126.699158][ T5034] FAT-fs (loop2): Directory bread(block 73) failed [ 127.101615][ T5022] BTRFS info (device loop4): enabling ssd optimizations [ 127.890467][ T5031] loop1: detected capacity change from 0 to 40427 [ 128.095385][ T5031] F2FS-fs (loop1): Found nat_bits in checkpoint [ 128.325224][ T5071] FAULT_INJECTION: forcing a failure. [ 128.325224][ T5071] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 128.325871][ T5031] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 128.385390][ T5071] CPU: 0 PID: 5071 Comm: syz.4.174 Not tainted 5.15.180-syzkaller #0 [ 128.393511][ T5071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 128.403625][ T5071] Call Trace: [ 128.406929][ T5071] [ 128.409879][ T5071] dump_stack_lvl+0x1e3/0x2d0 [ 128.414611][ T5071] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 128.420271][ T5071] ? panic+0x860/0x860 [ 128.424365][ T5071] ? validate_chain+0x112/0x5930 [ 128.429322][ T5071] ? validate_chain+0x112/0x5930 [ 128.434286][ T5071] should_fail+0x38a/0x4c0 [ 128.438746][ T5071] _copy_from_user+0x2d/0x170 [ 128.443461][ T5071] iovec_from_user+0x13b/0x390 [ 128.448260][ T5071] __import_iovec+0x72/0x4b0 [ 128.452875][ T5071] ? __ia32_sys_shutdown+0x60/0x60 [ 128.458020][ T5071] import_iovec+0xe6/0x120 [ 128.462460][ T5071] ___sys_sendmsg+0x215/0x2e0 [ 128.467184][ T5071] ? __sys_sendmsg+0x260/0x260 [ 128.472187][ T5071] ? __fdget+0x191/0x220 [ 128.476451][ T5071] __se_sys_sendmsg+0x19a/0x260 [ 128.481329][ T5071] ? __x64_sys_sendmsg+0x80/0x80 [ 128.486295][ T5071] ? syscall_enter_from_user_mode+0x2e/0x240 [ 128.492298][ T5071] ? lockdep_hardirqs_on+0x94/0x130 [ 128.497618][ T5071] ? syscall_enter_from_user_mode+0x2e/0x240 [ 128.503632][ T5071] do_syscall_64+0x3b/0xb0 [ 128.508168][ T5071] ? clear_bhb_loop+0x15/0x70 [ 128.512867][ T5071] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 128.518872][ T5071] RIP: 0033:0x7fd2f258e169 [ 128.523314][ T5071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.543253][ T5071] RSP: 002b:00007fd2f03f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 128.551838][ T5071] RAX: ffffffffffffffda RBX: 00007fd2f27a6fa0 RCX: 00007fd2f258e169 [ 128.559834][ T5071] RDX: 0000000000000840 RSI: 00002000000002c0 RDI: 0000000000000004 [ 128.567826][ T5071] RBP: 00007fd2f03f7090 R08: 0000000000000000 R09: 0000000000000000 [ 128.575837][ T5071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 128.583828][ T5071] R13: 0000000000000000 R14: 00007fd2f27a6fa0 R15: 00007ffe8a9d57b8 [ 128.591858][ T5071] [ 128.595819][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805f8bbc00: rx timeout, send abort [ 128.798255][ T4168] attempt to access beyond end of device [ 128.798255][ T4168] loop1: rw=2049, want=45112, limit=40427 [ 129.074234][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805f8f5400: rx timeout, send abort [ 129.105982][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805f8bbc00: abort rx timeout. Force session deactivation [ 129.357790][ T26] audit: type=1326 audit(1744568554.587:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5077 comm="syz.4.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2f258e169 code=0x7ffc0000 [ 129.451914][ T5078] netlink: 4 bytes leftover after parsing attributes in process `syz.4.177'. [ 129.455194][ T26] audit: type=1326 audit(1744568554.587:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5077 comm="syz.4.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7fd2f258e169 code=0x7ffc0000 [ 129.541240][ T5082] loop2: detected capacity change from 0 to 64 [ 129.582570][ C0] vcan0 (unregistering): j1939_tp_rxtimer: 0xffff88805f8f5400: abort rx timeout. Force session deactivation [ 129.620028][ T26] audit: type=1326 audit(1744568554.587:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5077 comm="syz.4.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2f258e169 code=0x7ffc0000 [ 129.687253][ T26] audit: type=1326 audit(1744568554.587:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5077 comm="syz.4.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd2f2590087 code=0x7ffc0000 [ 129.730966][ T5084] loop3: detected capacity change from 0 to 1024 [ 129.759640][ T26] audit: type=1326 audit(1744568554.587:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5077 comm="syz.4.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fd2f258fffc code=0x7ffc0000 [ 129.846200][ T26] audit: type=1326 audit(1744568554.587:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5077 comm="syz.4.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fd2f258ff34 code=0x7ffc0000 [ 129.892074][ T4986] hfsplus: b-tree write err: -5, ino 4 [ 129.933138][ T26] audit: type=1326 audit(1744568554.587:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5077 comm="syz.4.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fd2f258ff34 code=0x7ffc0000 [ 130.016512][ T26] audit: type=1326 audit(1744568554.587:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5077 comm="syz.4.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd2f258cdca code=0x7ffc0000 [ 130.208926][ T26] audit: type=1326 audit(1744568554.587:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5077 comm="syz.4.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2f258e169 code=0x7ffc0000 [ 130.231255][ C1] vkms_vblank_simulate: vblank timer overrun [ 130.293609][ T26] audit: type=1326 audit(1744568554.587:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5077 comm="syz.4.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fd2f258e169 code=0x7ffc0000 [ 131.476883][ T5092] loop1: detected capacity change from 0 to 512 [ 132.249999][ T5092] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 132.525659][ T5092] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000004,dioread_nolock,mblk_io_submit,nogrpid,usrjquota=,,errors=continue. Quota mode: none. [ 132.540301][ T5094] loop3: detected capacity change from 0 to 32768 [ 132.595166][ T5101] FAULT_INJECTION: forcing a failure. [ 132.595166][ T5101] name failslab, interval 1, probability 0, space 0, times 1 [ 132.657472][ T5101] CPU: 0 PID: 5101 Comm: syz.2.181 Not tainted 5.15.180-syzkaller #0 [ 132.665677][ T5101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 132.675765][ T5101] Call Trace: [ 132.679067][ T5101] [ 132.682016][ T5101] dump_stack_lvl+0x1e3/0x2d0 [ 132.682612][ T5098] loop4: detected capacity change from 0 to 4096 [ 132.686717][ T5101] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 132.686747][ T5101] ? panic+0x860/0x860 [ 132.686778][ T5101] should_fail+0x38a/0x4c0 [ 132.707661][ T5101] ? shmem_match+0x150/0x150 [ 132.707698][ T5101] should_failslab+0x5/0x20 [ 132.707722][ T5101] slab_pre_alloc_hook+0x53/0xc0 [ 132.707745][ T5101] ? shmem_match+0x150/0x150 [ 132.707767][ T5101] ? shmem_alloc_inode+0x16/0x30 [ 132.707790][ T5101] kmem_cache_alloc+0x3f/0x280 [ 132.707812][ T5101] ? alloc_fd+0x598/0x630 [ 132.707835][ T5101] ? shmem_match+0x150/0x150 [ 132.707858][ T5101] shmem_alloc_inode+0x16/0x30 [ 132.707880][ T5101] new_inode_pseudo+0x60/0x210 [ 132.707905][ T5101] new_inode+0x25/0x1d0 [ 132.707927][ T5101] ? do_raw_spin_unlock+0x137/0x8b0 [ 132.707954][ T5101] shmem_get_inode+0x327/0xad0 [ 132.707986][ T5101] __shmem_file_setup+0x109/0x290 [ 132.708007][ T5101] ? shmem_file_setup+0x13/0x30 [ 132.708032][ T5101] __se_sys_memfd_create+0x2bb/0x590 [ 132.708055][ T5101] ? vtime_user_exit+0x2d1/0x400 [ 132.708082][ T5101] ? __x64_sys_memfd_create+0x60/0x60 [ 132.708105][ T5101] ? syscall_enter_from_user_mode+0x2e/0x240 [ 132.708127][ T5101] ? lockdep_hardirqs_on+0x94/0x130 [ 132.708155][ T5101] ? syscall_enter_from_user_mode+0x2e/0x240 [ 132.708180][ T5101] do_syscall_64+0x3b/0xb0 [ 132.708202][ T5101] ? clear_bhb_loop+0x15/0x70 [ 132.708225][ T5101] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 132.708248][ T5101] RIP: 0033:0x7f9dad4e7169 [ 132.708268][ T5101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.708286][ T5101] RSP: 002b:00007f9dab34fe18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 132.708318][ T5101] RAX: ffffffffffffffda RBX: 000000000001ee51 RCX: 00007f9dad4e7169 [ 132.708335][ T5101] RDX: 00007f9dab34fef0 RSI: 0000000000000000 RDI: 00007f9dad56932c [ 132.708351][ T5101] RBP: 000020000003e000 R08: 00007f9dab34fbb7 R09: 00007f9dab34fe40 [ 132.708367][ T5101] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0 [ 132.708382][ T5101] R13: 00007f9dab34fef0 R14: 00007f9dab34feb0 R15: 0000200000000540 [ 132.708413][ T5101] [ 132.731558][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.731639][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.747881][ T5094] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.183 (5094) [ 132.780848][ T5098] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 132.818029][ T5103] loop0: detected capacity change from 0 to 256 [ 132.837584][ T5094] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 132.981596][ T5094] BTRFS info (device loop3): setting nodatacow, compression disabled [ 132.989752][ T5094] BTRFS info (device loop3): setting datacow [ 132.995833][ T5094] BTRFS info (device loop3): doing ref verification [ 133.002522][ T5094] BTRFS info (device loop3): force clearing of disk cache [ 133.009704][ T5094] BTRFS info (device loop3): turning off barriers [ 133.016286][ T5094] BTRFS info (device loop3): enabling ssd optimizations [ 133.023694][ T5094] BTRFS info (device loop3): using spread ssd allocation scheme [ 133.031433][ T5094] BTRFS info (device loop3): using free space tree [ 133.037990][ T5094] BTRFS info (device loop3): has skinny extents [ 133.172112][ T5117] loop1: detected capacity change from 0 to 4096 [ 133.204281][ T5103] FAT-fs (loop0): Directory bread(block 64) failed [ 133.221690][ T5103] FAT-fs (loop0): Directory bread(block 65) failed [ 133.253861][ T5103] FAT-fs (loop0): Directory bread(block 66) failed [ 133.279654][ T5126] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 133.287270][ T5103] FAT-fs (loop0): Directory bread(block 67) failed [ 133.312625][ T5103] FAT-fs (loop0): Directory bread(block 68) failed [ 133.319214][ T5103] FAT-fs (loop0): Directory bread(block 69) failed [ 133.344629][ T5103] FAT-fs (loop0): Directory bread(block 70) failed [ 133.351221][ T5103] FAT-fs (loop0): Directory bread(block 71) failed [ 133.359362][ T5103] FAT-fs (loop0): Directory bread(block 72) failed [ 133.388677][ T5094] BTRFS info (device loop3): clearing free space tree [ 133.395878][ T5094] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 133.405772][ T5094] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 133.428034][ T5103] FAT-fs (loop0): Directory bread(block 73) failed [ 133.435234][ T5094] BTRFS info (device loop3): creating free space tree [ 133.443072][ T5094] BTRFS info (device loop3): setting compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 133.452693][ T5094] BTRFS info (device loop3): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 133.475950][ T5128] binder: 5125:5128 ioctl 8b18 200000000000 returned -22 [ 133.493903][ T5128] binder: 5125:5128 ioctl 8b06 200000000080 returned -22 [ 137.410767][ T5153] loop4: detected capacity change from 0 to 64 [ 139.006543][ T5165] loop2: detected capacity change from 0 to 512 [ 139.872924][ T5165] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 140.093033][ T5165] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000004,dioread_nolock,mblk_io_submit,nogrpid,usrjquota=,,errors=continue. Quota mode: none. [ 140.253807][ T5179] loop3: detected capacity change from 0 to 1024 [ 140.418557][ T9] hfsplus: b-tree write err: -5, ino 4 [ 140.531764][ T5185] loop2: detected capacity change from 0 to 512 [ 140.752215][ T5187] loop3: detected capacity change from 0 to 32768 [ 140.764977][ T5182] loop0: detected capacity change from 0 to 4096 [ 140.814923][ T5185] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2219: inode #15: comm syz.2.198: corrupted in-inode xattr [ 140.851910][ T5185] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.198: couldn't read orphan inode 15 (err -117) [ 140.880227][ T5187] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.201 (5187) [ 140.880256][ T5182] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 140.902616][ T5185] EXT4-fs (loop2): mounted filesystem without journal. Opts: nouid32,block_validity,,errors=continue. Quota mode: writeback. [ 140.920101][ T5187] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 140.928887][ T5187] BTRFS info (device loop3): setting nodatacow, compression disabled [ 140.937616][ T5187] BTRFS info (device loop3): setting datacow [ 140.943712][ T5187] BTRFS info (device loop3): doing ref verification [ 140.950325][ T5187] BTRFS info (device loop3): force clearing of disk cache [ 140.957509][ T5187] BTRFS info (device loop3): turning off barriers [ 140.964027][ T5187] BTRFS info (device loop3): enabling ssd optimizations [ 140.970977][ T5187] BTRFS info (device loop3): using spread ssd allocation scheme [ 140.978661][ T5187] BTRFS info (device loop3): using free space tree [ 140.985222][ T5187] BTRFS info (device loop3): has skinny extents [ 141.523087][ T5185] EXT4-fs warning (device loop2): __ext4fs_dirhash:283: invalid/unsupported hash tree version 135 [ 141.655433][ T5213] loop4: detected capacity change from 0 to 512 [ 141.721659][ T5213] EXT4-fs (loop4): corrupt root inode, run e2fsck [ 141.782950][ T5187] BTRFS info (device loop3): clearing free space tree [ 141.789853][ T5187] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 141.799819][ T5187] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 141.804947][ T5213] EXT4-fs (loop4): mount failed [ 141.822197][ T5187] BTRFS info (device loop3): creating free space tree [ 141.830137][ T5187] BTRFS info (device loop3): setting compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 141.840439][ T5187] BTRFS info (device loop3): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 142.993493][ T5224] binder: 5223:5224 ioctl 8b18 0 returned -22 [ 143.032123][ T5224] binder: 5223:5224 ioctl 8b06 200000000080 returned -22 [ 143.065361][ T5226] loop2: detected capacity change from 0 to 512 [ 143.113418][ T5213] loop4: detected capacity change from 0 to 4096 [ 143.292550][ T5213] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 143.329182][ T5226] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.205: casefold flag without casefold feature [ 143.419165][ T5226] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.205: couldn't read orphan inode 15 (err -117) [ 143.444437][ T5226] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 143.474050][ T5213] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 143.541008][ T5213] ntfs3: loop4: Failed to load $UpCase. [ 143.558527][ T5226] trusted_key: encrypted_key: keylen parameter is missing [ 143.646551][ T5231] netlink: 4 bytes leftover after parsing attributes in process `syz.3.206'. [ 145.701619][ T5068] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 145.951741][ T5068] usb 3-1: Using ep0 maxpacket: 8 [ 146.111863][ T5068] usb 3-1: config 0 has an invalid interface number: 31 but max is 0 [ 146.119984][ T5068] usb 3-1: config 0 has no interface number 0 [ 146.145755][ T5253] loop4: detected capacity change from 0 to 1024 [ 146.186439][ T5230] loop3: detected capacity change from 0 to 32768 [ 146.258198][ T5230] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.206 (5230) [ 146.319834][ T5230] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 146.319890][ T5230] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 146.319914][ T5230] BTRFS info (device loop3): use zstd compression, level 3 [ 146.319936][ T5230] BTRFS info (device loop3): using free space tree [ 146.319953][ T5230] BTRFS info (device loop3): has skinny extents [ 146.321688][ T5068] usb 3-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 146.321717][ T5068] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 146.321739][ T5068] usb 3-1: Product: syz [ 146.321755][ T5068] usb 3-1: Manufacturer: syz [ 146.321773][ T5068] usb 3-1: SerialNumber: syz [ 146.325196][ T5068] usb 3-1: config 0 descriptor?? [ 146.340792][ T4264] hfsplus: b-tree write err: -5, ino 4 [ 146.600171][ T5068] usb 3-1: Found UVC 0.04 device syz (046d:08c3) [ 146.600262][ T5068] usb 3-1: Failed to initialize entity for entity 6 [ 146.600279][ T5068] usb 3-1: Failed to register entities (-22). [ 148.172587][ T5279] delete_channel: no stack [ 148.463388][ T5230] BTRFS error (device loop3): open_ctree failed: -12 [ 148.489022][ T5291] device bond1 entered promiscuous mode [ 148.501813][ T5291] 8021q: adding VLAN 0 to HW filter on device bond1 [ 150.505781][ T5312] loop4: detected capacity change from 0 to 256 [ 150.594719][ T5312] exfat: Deprecated parameter 'utf8' [ 150.600109][ T5312] exfat: Deprecated parameter 'namecase' [ 150.622760][ T5228] usb 3-1: USB disconnect, device number 8 [ 150.631537][ T5312] exfat: Deprecated parameter 'utf8' [ 150.649829][ T5316] loop2: detected capacity change from 0 to 1024 [ 150.736375][ T5312] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 150.811169][ T4217] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 150.873717][ T5320] ip6t_REJECT: ECHOREPLY is not supported [ 150.952331][ T4911] hfsplus: b-tree write err: -5, ino 4 [ 150.978319][ T5321] loop0: detected capacity change from 0 to 512 [ 151.084357][ T5321] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 151.137856][ T5326] netlink: 8 bytes leftover after parsing attributes in process `syz.3.226'. [ 151.172451][ T4217] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 151.193037][ T4217] usb 2-1: New USB device found, idVendor=0cf3, idProduct=1002, bcdDevice=4f.2c [ 151.204343][ T5326] netlink: 4 bytes leftover after parsing attributes in process `syz.3.226'. [ 151.257620][ T4217] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.284734][ T5326] netlink: 32 bytes leftover after parsing attributes in process `syz.3.226'. [ 151.313976][ T4217] usb 2-1: config 0 descriptor?? [ 151.357001][ T5321] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000004,dioread_nolock,mblk_io_submit,nogrpid,usrjquota=,,errors=continue. Quota mode: none. [ 151.391590][ T4217] usb 2-1: can't set config #0, error -71 [ 151.404235][ T4217] usb 2-1: USB disconnect, device number 3 [ 151.738379][ T5333] loop1: detected capacity change from 0 to 4096 [ 152.681452][ T4213] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 152.744827][ T5349] loop3: detected capacity change from 0 to 256 [ 152.804768][ T5312] exFAT-fs (loop4): error, tried to truncate zeroed cluster. [ 152.813650][ T4217] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 152.829905][ T5312] exFAT-fs (loop4): hint_cluster is invalid (1) [ 152.840540][ T5349] exfat: Bad value for 'umask' [ 152.935840][ T5312] exFAT-fs (loop4): error, invalid access to exfat cache (entry 0x00000000) [ 152.952063][ T5312] exFAT-fs (loop4): error, failed to bmap (inode : ffff88805fce21e0 iblock : 9, err : -5) [ 153.000242][ T5312] exFAT-fs (loop4): error, tried to truncate zeroed cluster. [ 153.008348][ T5312] exFAT-fs (loop4): error, tried to truncate zeroed cluster. [ 153.038803][ T5351] loop3: detected capacity change from 0 to 1024 [ 153.079294][ T3064] attempt to access beyond end of device [ 153.079294][ T3064] loop4: rw=1, want=34359738496, limit=256 [ 153.091745][ T4213] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 153.107017][ T4213] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.156939][ T4213] usb 3-1: config 0 descriptor?? [ 153.220471][ T3064] hfsplus: b-tree write err: -5, ino 4 [ 153.230245][ T4213] cp210x 3-1:0.0: cp210x converter detected [ 154.274913][ T5341] loop2: detected capacity change from 0 to 512 [ 154.592293][ T5367] loop3: detected capacity change from 0 to 2048 [ 154.831687][ T4213] cp210x 3-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 154.897034][ T4213] usb 3-1: cp210x converter now attached to ttyUSB0 [ 154.992436][ T5367] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv0,journal_ioprio=0x0000000000000001,barrier=0x0000000000000003,,errors=continue. Quota mode: none. [ 155.087352][ T5341] netlink: 4 bytes leftover after parsing attributes in process `syz.2.231'. [ 155.245674][ T5379] loop0: detected capacity change from 0 to 8 [ 155.275758][ T4215] usb 3-1: USB disconnect, device number 9 [ 155.296616][ T4215] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 155.333693][ T4215] cp210x 3-1:0.0: device disconnected [ 155.636572][ T5382] loop1: detected capacity change from 0 to 21 [ 156.358322][ T5393] loop4: detected capacity change from 0 to 512 [ 156.491714][ T5393] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 156.537174][ T5393] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000004,dioread_nolock,mblk_io_submit,nogrpid,usrjquota=,,errors=continue. Quota mode: none. [ 156.684015][ T5388] loop1: detected capacity change from 0 to 32768 [ 156.776068][ T5379] capability: warning: `syz.0.243' uses 32-bit capabilities (legacy support in use) [ 156.795198][ T26] kauditd_printk_skb: 18 callbacks suppressed [ 156.795214][ T26] audit: type=1800 audit(1744568582.027:37): pid=5387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.246" name="file1" dev="loop1" ino=4 res=0 errno=0 [ 157.101602][ T4215] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 157.234979][ T5394] loop2: detected capacity change from 0 to 32768 [ 157.278685][ T5394] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.248 (5394) [ 157.363868][ T5394] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 157.373362][ T4215] usb 1-1: Using ep0 maxpacket: 8 [ 157.431554][ T5394] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 157.478025][ T5394] BTRFS info (device loop2): use zstd compression, level 3 [ 157.516219][ T5394] BTRFS info (device loop2): using free space tree [ 157.553772][ T5394] BTRFS info (device loop2): has skinny extents [ 157.621763][ T5399] loop3: detected capacity change from 0 to 32768 [ 157.701861][ T4215] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 157.711640][ T4215] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.724134][ T4215] usb 1-1: config 0 descriptor?? [ 157.732515][ T5399] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.249 (5399) [ 157.800089][ T5399] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 157.809091][ T5399] BTRFS info (device loop3): setting nodatacow, compression disabled [ 157.817320][ T5399] BTRFS info (device loop3): setting datacow [ 157.823423][ T5399] BTRFS info (device loop3): doing ref verification [ 157.830500][ T5399] BTRFS info (device loop3): force clearing of disk cache [ 157.837689][ T5399] BTRFS info (device loop3): turning off barriers [ 157.844252][ T5399] BTRFS info (device loop3): enabling ssd optimizations [ 157.849632][ T5394] BTRFS info (device loop2): enabling ssd optimizations [ 157.851307][ T5399] BTRFS info (device loop3): using spread ssd allocation scheme [ 157.851486][ T5399] BTRFS info (device loop3): using free space tree [ 157.872702][ T5399] BTRFS info (device loop3): has skinny extents [ 158.001717][ T4215] asix 1-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 158.227680][ T5399] BTRFS info (device loop3): clearing free space tree [ 158.234950][ T5399] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 158.245258][ T5399] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 158.270850][ T5399] BTRFS info (device loop3): creating free space tree [ 158.278799][ T5399] BTRFS info (device loop3): setting compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 158.288496][ T5399] BTRFS info (device loop3): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 158.420276][ T5387] attempt to access beyond end of device [ 158.420276][ T5387] loop1: rw=34817, want=4680184, limit=32768 [ 158.438553][ T5387] blkno = 8ed30, nblocks = f [ 158.447351][ T5387] ERROR: (device loop1): dbFree: block to be freed is outside the map [ 158.447351][ T5387] [ 158.459492][ T4215] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61 [ 158.481149][ T4215] asix: probe of 1-1:0.0 failed with error -61 [ 158.487572][ T5387] ERROR: (device loop1): remounting filesystem as read-only [ 160.014373][ T5448] loop2: detected capacity change from 0 to 4096 [ 160.085873][ T5171] usb 1-1: USB disconnect, device number 3 [ 160.110600][ T5448] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 161.794764][ T5481] netlink: 104 bytes leftover after parsing attributes in process `syz.2.261'. [ 162.112392][ T5470] loop0: detected capacity change from 0 to 32768 [ 162.186540][ T5484] loop3: detected capacity change from 0 to 4096 [ 162.200996][ T5470] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 162.245912][ T5470] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 162.293454][ T5470] gfs2: fsid=syz:syz.0: journal 0 mapped with 23 extents in 0ms [ 162.316167][ T5466] loop1: detected capacity change from 0 to 32768 [ 162.348983][ T4211] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 162.356135][ T4211] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 162.391494][ T5466] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.258 (5466) [ 162.494632][ T5466] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 162.507268][ T4211] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 151ms [ 162.530520][ T5466] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 162.549142][ T4211] gfs2: fsid=syz:syz.0: jid=0: Done [ 162.568298][ T5470] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 162.607850][ T5466] BTRFS info (device loop1): use zstd compression, level 3 [ 162.619891][ T5466] BTRFS info (device loop1): using free space tree [ 162.626960][ T5466] BTRFS info (device loop1): has skinny extents [ 162.638426][ T5480] loop4: detected capacity change from 0 to 40427 [ 162.981107][ T5499] binder: 5498:5499 ioctl 8b18 200000000000 returned -22 [ 162.993022][ T5499] binder: 5498:5499 ioctl 8b06 0 returned -22 [ 163.318809][ T5480] F2FS-fs (loop4): Found nat_bits in checkpoint [ 163.968783][ T5480] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 164.159831][ T5480] device syzkaller0 entered promiscuous mode [ 164.213546][ T5523] loop2: detected capacity change from 0 to 4096 [ 164.261731][ T5523] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 164.294945][ T5466] BTRFS error (device loop1): open_ctree failed: -12 [ 164.452212][ T4170] attempt to access beyond end of device [ 164.452212][ T4170] loop4: rw=2049, want=45112, limit=40427 [ 164.516738][ T5513] loop3: detected capacity change from 0 to 32768 [ 164.654345][ T5513] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 scanned by syz.3.265 (5513) [ 164.790174][ T5533] loop0: detected capacity change from 0 to 256 [ 164.881448][ T5513] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 164.966941][ T5513] BTRFS info (device loop3): using free space tree [ 165.173153][ T5513] BTRFS info (device loop3): has skinny extents [ 165.318864][ T5533] FAT-fs (loop0): Directory bread(block 64) failed [ 165.338151][ T5536] binder: BINDER_SET_CONTEXT_MGR already set [ 165.481537][ T5533] FAT-fs (loop0): Directory bread(block 65) failed [ 165.530191][ T5536] binder: 5535:5536 ioctl 4018620d 200000000040 returned -16 [ 165.560814][ T5533] FAT-fs (loop0): Directory bread(block 66) failed [ 165.597857][ T5533] FAT-fs (loop0): Directory bread(block 67) failed [ 165.635987][ T5533] FAT-fs (loop0): Directory bread(block 68) failed [ 165.651775][ T5533] FAT-fs (loop0): Directory bread(block 69) failed [ 165.658445][ T5533] FAT-fs (loop0): Directory bread(block 70) failed [ 165.705796][ T5533] FAT-fs (loop0): Directory bread(block 71) failed [ 165.731768][ T5533] FAT-fs (loop0): Directory bread(block 72) failed [ 165.738349][ T5533] FAT-fs (loop0): Directory bread(block 73) failed [ 165.771602][ T5513] BTRFS info (device loop3): enabling ssd optimizations [ 166.025144][ T5561] ipt_CLUSTERIP: ipt_CLUSTERIP is deprecated and it will removed soon, use xt_cluster instead [ 166.035735][ T5561] x_tables: ip_tables: osf match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT/FORWARD [ 166.085581][ T26] audit: type=1800 audit(1744568591.317:38): pid=5513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.265" name="bus" dev="loop3" ino=263 res=0 errno=0 [ 166.420460][ T26] audit: type=1800 audit(1744568591.337:39): pid=5513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.265" name="bus" dev="loop3" ino=263 res=0 errno=0 [ 167.143991][ T5559] loop2: detected capacity change from 0 to 40427 [ 167.341460][ T4415] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 167.360135][ T5559] F2FS-fs (loop2): Found nat_bits in checkpoint [ 167.372625][ T5582] loop0: detected capacity change from 0 to 128 [ 167.433008][ T5582] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 167.501191][ T5559] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 167.597254][ T4415] usb 5-1: Using ep0 maxpacket: 8 [ 167.674097][ T5582] FAT-fs (loop0): FAT read failed (blocknr 128) [ 167.731858][ T4415] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 3 [ 167.761498][ T4415] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 167.771247][ T4415] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 167.781583][ T4415] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 167.791825][ T4415] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 167.800960][ T4415] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.824044][ T4415] usb 5-1: config 0 descriptor?? [ 167.841957][ T5567] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 167.848907][ T5585] loop1: detected capacity change from 0 to 4096 [ 167.914648][ T5585] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 167.926138][ T4169] attempt to access beyond end of device [ 167.926138][ T4169] loop2: rw=2049, want=45112, limit=40427 [ 168.074007][ T5567] netlink: 8 bytes leftover after parsing attributes in process `syz.4.270'. [ 168.108637][ T5567] netlink: 4 bytes leftover after parsing attributes in process `syz.4.270'. [ 168.158328][ T5567] netlink: 'syz.4.270': attribute type 5 has an invalid length. [ 168.205954][ T5567] netlink: 'syz.4.270': attribute type 6 has an invalid length. [ 168.302019][ T5068] usb 5-1: USB disconnect, device number 3 [ 168.422179][ T5597] loop1: detected capacity change from 0 to 256 [ 168.442350][ T5597] exfat: Bad value for 'umask' [ 170.126956][ T5616] overlayfs: failed to resolve './file0': -2 [ 170.376020][ T5624] loop0: detected capacity change from 0 to 4096 [ 170.385623][ T5629] loop1: detected capacity change from 0 to 128 [ 170.618491][ T5624] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 170.906390][ T5629] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 170.914351][ T5629] IPv6: NLM_F_CREATE should be set when creating new route [ 171.745761][ T5638] loop3: detected capacity change from 0 to 512 [ 172.598211][ T5629] loop1: detected capacity change from 0 to 4096 [ 172.664673][ T5638] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 172.684003][ T5629] ntfs: (device loop1): parse_options(): Unrecognized mount option ame. [ 172.693381][ T5638] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000004,dioread_nolock,mblk_io_submit,nogrpid,usrjquota=,,errors=continue. Quota mode: none. [ 172.721783][ T5629] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 172.841500][ T5647] netlink: 8 bytes leftover after parsing attributes in process `syz.2.300'. [ 172.853063][ T5629] ntfs: (device loop1): parse_options(): Unrecognized mount option . [ 173.063065][ T5653] loop0: detected capacity change from 0 to 256 [ 173.120487][ T5655] loop4: detected capacity change from 0 to 256 [ 173.532410][ T5068] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 173.751555][ T5068] usb 1-1: device descriptor read/64, error -71 [ 174.193557][ T5068] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 174.401816][ T5068] usb 1-1: device descriptor read/64, error -71 [ 174.574684][ T5068] usb usb1-port1: attempt power cycle [ 174.990596][ T5666] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 175.021504][ T5068] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 175.085984][ T5666] FAT-fs (loop4): Filesystem has been set read-only [ 175.111714][ T5068] usb 1-1: device descriptor read/8, error -71 [ 175.123429][ T5668] loop2: detected capacity change from 0 to 4096 [ 175.152117][ T5666] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 175.167123][ T5666] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 175.222201][ T5668] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 175.298277][ T5660] loop3: detected capacity change from 0 to 32768 [ 175.401787][ T5068] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 175.493234][ T5660] XFS (loop3): Mounting V5 Filesystem [ 175.508392][ T5068] usb 1-1: device descriptor read/8, error -71 [ 175.637791][ T5068] usb usb1-port1: unable to enumerate USB device [ 175.667487][ T5660] XFS (loop3): Ending clean mount [ 175.706549][ T5660] XFS (loop3): Quotacheck needed: Please wait. [ 175.828662][ T5690] ipt_CLUSTERIP: Please specify an interface name [ 175.961748][ T5660] XFS (loop3): Quotacheck: Done. [ 176.000183][ T5691] loop1: detected capacity change from 0 to 32768 [ 176.054018][ T5691] (syz.1.314,5691,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options [ 176.064119][ T5691] (syz.1.314,5691,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 176.127666][ T4180] XFS (loop3): Unmounting Filesystem [ 176.231823][ T5698] loop4: detected capacity change from 0 to 512 [ 176.540185][ T5698] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 176.933582][ T5691] loop1: detected capacity change from 0 to 1764 [ 177.005808][ T5698] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000004,dioread_nolock,mblk_io_submit,nogrpid,usrjquota=,,errors=continue. Quota mode: none. [ 177.252179][ T5711] netlink: 24 bytes leftover after parsing attributes in process `syz.2.320'. [ 178.752074][ T5716] loop1: detected capacity change from 0 to 4096 [ 179.044859][ T5716] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 179.478675][ T5724] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.753550][ T5724] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.765693][ T5735] loop0: detected capacity change from 0 to 4096 [ 179.830344][ T5735] ntfs: (device loop0): ntfs_read_inode_mount(): Corrupt attribute list attribute. [ 179.846392][ T5735] ntfs: (device loop0): ntfs_read_inode_mount(): Failed. Marking inode as bad. [ 179.869130][ T5735] ntfs: (device loop0): ntfs_fill_super(): Failed to load essential metadata. [ 179.902967][ T5724] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.030626][ T5724] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.094304][ T5732] loop1: detected capacity change from 0 to 32768 [ 180.295675][ T5724] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.345550][ T5732] XFS (loop1): Mounting V5 Filesystem [ 180.367090][ T5724] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.382635][ T5741] loop0: detected capacity change from 0 to 2048 [ 180.413366][ T5724] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.429729][ T5724] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.461228][ T5744] loop3: detected capacity change from 0 to 4096 [ 180.507564][ T5741] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 180.516008][ T4159] udevd[4159]: incorrect nilfs2 checksum on /dev/loop0 [ 180.550137][ T5744] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 180.602985][ T5751] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 180.724061][ T5744] ntfs: (device loop3): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 180.736507][ T5732] XFS (loop1): Ending clean mount [ 180.738107][ T5744] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing. [ 180.753465][ T5732] XFS (loop1): Quotacheck needed: Please wait. [ 180.754368][ T5744] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 180.956043][ T5744] ntfs: (device loop3): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 181.411996][ T5744] ntfs: volume version 3.1. [ 181.440831][ T5744] ntfs: (device loop3): load_and_init_quota(): Failed to find inode number for $Quota. [ 181.453392][ T5732] XFS (loop1): Quotacheck: Done. [ 181.561245][ T5744] ntfs: (device loop3): load_system_files(): Failed to load $Quota. Will not be able to remount read-write. Run chkdsk. [ 181.661071][ T5757] loop4: detected capacity change from 0 to 4096 [ 181.692275][ T5757] ntfs3: Unknown parameter '«¸zÄ.Ð×' [ 181.917485][ T4168] XFS (loop1): Unmounting Filesystem [ 182.033743][ T5759] loop4: detected capacity change from 0 to 32768 [ 182.042249][ T4538] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 182.057152][ T5759] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.333 (5759) [ 182.138582][ T5759] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 182.147372][ T5759] BTRFS info (device loop4): setting nodatacow, compression disabled [ 182.155645][ T5759] BTRFS info (device loop4): setting datacow [ 182.161722][ T5759] BTRFS info (device loop4): doing ref verification [ 182.168343][ T5759] BTRFS info (device loop4): force clearing of disk cache [ 182.175532][ T5759] BTRFS info (device loop4): turning off barriers [ 182.182054][ T5759] BTRFS info (device loop4): enabling ssd optimizations [ 182.189018][ T5759] BTRFS info (device loop4): using spread ssd allocation scheme [ 182.196773][ T5759] BTRFS info (device loop4): using free space tree [ 182.203835][ T5759] BTRFS info (device loop4): has skinny extents [ 182.331530][ T4538] usb 3-1: Using ep0 maxpacket: 32 [ 182.430266][ T5759] BTRFS info (device loop4): clearing free space tree [ 182.437331][ T5759] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 182.447152][ T5759] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 182.461687][ T4538] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 182.475873][ T5759] BTRFS info (device loop4): creating free space tree [ 182.484956][ T5759] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 182.494695][ T5759] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 182.813388][ T4538] usb 3-1: New USB device found, idVendor=2040, idProduct=4901, bcdDevice=47.77 [ 182.925667][ T4538] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 183.126826][ T4538] usb 3-1: Product: syz [ 183.341665][ T4538] usb 3-1: Manufacturer: syz [ 183.346313][ T4538] usb 3-1: SerialNumber: syz [ 183.406356][ T4538] usb 3-1: config 0 descriptor?? [ 183.522758][ T4538] hdpvr 3-1:0.0: Could not find bulk-in endpoint [ 183.537848][ T4538] hdpvr: probe of 3-1:0.0 failed with error -12 [ 183.937756][ T4183] Bluetooth: Wrong link type (-22) [ 184.055789][ T9] bond0: (slave bond_slave_0): interface is now down [ 184.057906][ T5803] netlink: 'syz.3.340': attribute type 10 has an invalid length. [ 184.072616][ T9] bond0: (slave bond_slave_1): interface is now down [ 184.098779][ T2238] usb 3-1: USB disconnect, device number 10 [ 184.104292][ T9] bond0: (slave bond_slave_0): interface is now down [ 184.119089][ T5803] device syz_tun entered promiscuous mode [ 184.128387][ T9] bond0: (slave bond_slave_1): interface is now down [ 184.153447][ T1232] bond0: (slave bond_slave_0): interface is now down [ 184.168117][ T1232] bond0: (slave bond_slave_1): interface is now down [ 184.211629][ T1232] bond0: (slave bond_slave_0): interface is now down [ 184.260146][ T1232] bond0: (slave bond_slave_1): interface is now down [ 184.302807][ T1232] bond0: (slave bond_slave_0): interface is now down [ 184.312740][ T5803] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 184.326150][ T1232] bond0: (slave bond_slave_1): interface is now down [ 184.345997][ T1232] bond0: (slave syz_tun): interface is now down [ 184.378127][ T1232] bond0: now running without any active interface! [ 184.505184][ T150] block nbd3: Attempted send on invalid socket [ 184.523088][ T150] blk_update_request: I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 184.538129][ T5820] (syz.3.345,5820,1):ocfs2_get_sector:1774 ERROR: status = -5 [ 184.546335][ T5820] (syz.3.345,5820,1):ocfs2_sb_probe:750 ERROR: status = -5 [ 184.555236][ T5820] (syz.3.345,5820,1):ocfs2_fill_super:991 ERROR: superblock probe failed! [ 184.569134][ T5820] (syz.3.345,5820,1):ocfs2_fill_super:1177 ERROR: status = -5 [ 184.758058][ T5826] loop1: detected capacity change from 0 to 4096 [ 184.852943][ T5832] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 185.205902][ T5839] loop6: detected capacity change from 0 to 524287999 [ 185.459109][ T5847] netlink: 20 bytes leftover after parsing attributes in process `syz.4.355'. [ 186.001499][ T4416] Bluetooth: hci4: command 0x0406 tx timeout [ 186.009323][ T4416] Bluetooth: hci1: command 0x0406 tx timeout [ 186.038736][ T4416] Bluetooth: hci0: command 0x0406 tx timeout [ 186.058407][ T4416] Bluetooth: hci2: command 0x0406 tx timeout [ 186.375168][ T5872] 9pnet_virtio: no channels available for device syz [ 186.719250][ T5889] netlink: 12 bytes leftover after parsing attributes in process `syz.3.374'. [ 186.790324][ T5882] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 186.818129][ T5882] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 187.405423][ T5920] input: syz1 as /devices/virtual/input/input6 [ 187.715496][ T5935] input: syz0 as /devices/virtual/input/input7 [ 188.008548][ T5950] tmpfs: Unknown parameter 'usrquota' [ 188.071978][ T5953] netlink: 'syz.4.397': attribute type 10 has an invalid length. [ 188.149898][ T5958] netlink: 16 bytes leftover after parsing attributes in process `syz.2.399'. [ 188.236648][ T5953] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 188.474427][ T5963] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 188.494065][ T5963] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 188.823635][ T5985] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 188.877174][ T5985] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 188.932638][ T5992] sp0: Synchronizing with TNC [ 188.938138][ T5996] syz.2.414 sent an empty control message without MSG_MORE. [ 189.397177][ T4182] Bluetooth: Unexpected continuation frame (len 48) [ 189.739196][ T6013] team0 (unregistering): Port device team_slave_0 removed [ 189.786547][ T6013] team0 (unregistering): Port device team_slave_1 removed [ 190.868463][ T6074] usb usb8: usbfs: process 6074 (syz.4.444) did not claim interface 0 before use [ 191.170840][ T6089] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready [ 191.507525][ T6105] 9pnet_virtio: no channels available for device syz [ 191.601590][ T5300] Bluetooth: hci5: command 0xfc11 tx timeout [ 191.611740][ T4182] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 191.685437][ T6015] sp0: Synchronizing with TNC [ 191.731724][ T4541] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 191.840705][ T6114] netlink: 'syz.0.462': attribute type 10 has an invalid length. [ 191.872439][ T6114] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.882949][ T6114] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.926533][ T6114] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.933668][ T6114] bridge0: port 2(bridge_slave_1) entered forwarding state [ 191.942604][ T6114] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.949692][ T6114] bridge0: port 1(bridge_slave_0) entered forwarding state [ 191.972057][ T6114] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 192.061652][ T4541] usb 2-1: too many configurations: 9, using maximum allowed: 8 [ 192.151662][ T4541] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 192.160588][ T4541] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 192.176059][ T4541] usb 2-1: config 0 interface 0 has no altsetting 0 [ 192.261646][ T4541] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 192.270612][ T4541] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 192.285872][ T4541] usb 2-1: config 0 interface 0 has no altsetting 0 [ 192.325672][ T5300] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 192.371583][ T4541] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 192.380608][ T4541] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 192.391809][ T4541] usb 2-1: config 0 interface 0 has no altsetting 0 [ 192.401920][ T4416] Bluetooth: hci4: command 0x0405 tx timeout [ 192.472940][ T4541] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 192.482228][ T4541] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 192.493340][ T4541] usb 2-1: config 0 interface 0 has no altsetting 0 [ 192.571571][ T4541] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 192.580544][ T4541] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 192.597307][ T4541] usb 2-1: config 0 interface 0 has no altsetting 0 [ 192.681610][ T4541] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 192.699442][ T4541] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 192.710870][ T4541] usb 2-1: config 0 interface 0 has no altsetting 0 [ 192.775625][ T5300] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 192.802439][ T4541] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 192.811928][ T4541] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 192.811991][ T5300] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 192.824155][ T4541] usb 2-1: config 0 interface 0 has no altsetting 0 [ 192.849379][ T5300] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 192.911940][ T4541] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 192.923013][ T4541] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 192.934524][ T4541] usb 2-1: config 0 interface 0 has no altsetting 0 [ 193.031805][ T5300] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 193.041512][ T2238] Bluetooth: hci6: command 0x1003 tx timeout [ 193.044756][ T5300] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 193.057696][ T5300] usb 1-1: Product: syz [ 193.062526][ T4182] Bluetooth: hci6: sending frame failed (-49) [ 193.069826][ T5300] usb 1-1: Manufacturer: syz [ 193.077573][ T5300] usb 1-1: SerialNumber: syz [ 193.091723][ T4541] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 193.101179][ T4541] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 193.117307][ T4541] usb 2-1: Product: syz [ 193.121928][ T4541] usb 2-1: Manufacturer: syz [ 193.126633][ T4541] usb 2-1: SerialNumber: syz [ 193.142758][ T4541] usb 2-1: config 0 descriptor?? [ 193.198930][ T4541] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0 [ 193.353956][ T5300] usblp 1-1:1.0: usblp1: USB Unidirectional printer dev 8 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 194.173334][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.179996][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.600600][ T6189] kvm: pic: non byte write [ 194.613821][ T6189] kvm: vcpu 0: requested 17024 ns lapic timer period limited to 200000 ns [ 194.621460][ C1] usb 2-1: yurex_control_callback - control failed: -2 [ 194.641107][ T4416] usb 1-1: USB disconnect, device number 8 [ 194.648944][ T6189] kvm: pic: non byte write [ 194.661075][ T4416] usblp1: removed [ 194.720711][ T2238] usb 2-1: USB disconnect, device number 5 [ 194.756284][ T2238] yurex 2-1:0.0: USB YUREX #0 now disconnected [ 194.886032][ T6203] 9pnet_virtio: no channels available for device syz [ 194.981493][ T4541] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 195.131775][ T4416] Bluetooth: hci6: command 0x1001 tx timeout [ 195.138656][ T4182] Bluetooth: hci6: sending frame failed (-49) [ 195.261733][ T4541] usb 4-1: too many configurations: 9, using maximum allowed: 8 [ 195.357969][ T4541] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 195.368090][ T4541] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 195.388278][ T4541] usb 4-1: config 0 interface 0 has no altsetting 0 [ 195.394982][ T4416] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 195.481815][ T4541] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 195.491116][ T4541] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 195.503190][ T4541] usb 4-1: config 0 interface 0 has no altsetting 0 [ 195.591863][ T4541] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 195.612722][ T4541] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 195.626137][ T4541] usb 4-1: config 0 interface 0 has no altsetting 0 [ 195.671617][ T4416] usb 3-1: Using ep0 maxpacket: 8 [ 195.713253][ T4541] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 195.753097][ T4541] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 195.765667][ T4541] usb 4-1: config 0 interface 0 has no altsetting 0 [ 195.801788][ T4416] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 195.816749][ T4416] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 195.830887][ T4416] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 195.847018][ T4416] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 195.852072][ T4541] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 195.860891][ T4416] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 195.866712][ T4541] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 195.886187][ T4416] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 195.905074][ T4541] usb 4-1: config 0 interface 0 has no altsetting 0 [ 195.905878][ T4416] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.931507][ T2238] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 196.002511][ T4541] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 196.016278][ T4541] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 196.033172][ T4541] usb 4-1: config 0 interface 0 has no altsetting 0 [ 196.115947][ T4541] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 196.136749][ T4541] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 196.149414][ T4541] usb 4-1: config 0 interface 0 has no altsetting 0 [ 196.171566][ T2238] usb 2-1: Using ep0 maxpacket: 8 [ 196.181749][ T4416] usb 3-1: GET_CAPABILITIES returned 0 [ 196.188882][ T4416] usbtmc 3-1:16.0: can't read capabilities [ 196.241701][ T4541] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 196.250986][ T4541] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 196.263029][ T4541] usb 4-1: config 0 interface 0 has no altsetting 0 [ 196.301724][ T2238] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 196.309525][ T2238] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 196.323251][ T2238] usb 2-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 196.396717][ T4416] usb 3-1: USB disconnect, device number 11 [ 196.411824][ T2238] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 196.419694][ T2238] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 196.435321][ T4541] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 196.459967][ T4541] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 196.475862][ T2238] usb 2-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 196.487449][ T4541] usb 4-1: Product: syz [ 196.492260][ T4541] usb 4-1: Manufacturer: syz [ 196.497441][ T4541] usb 4-1: SerialNumber: syz [ 196.512861][ T4541] usb 4-1: config 0 descriptor?? [ 196.533901][ T6256] team0: No ports can be present during mode change [ 196.544016][ T6256] netlink: 4 bytes leftover after parsing attributes in process `syz.0.515'. [ 196.571628][ T2238] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 196.579083][ T2238] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 196.594523][ T4541] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0 [ 196.606534][ T2238] usb 2-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 196.648096][ T6256] team0 (unregistering): Port device team_slave_0 removed [ 196.674358][ T6256] team0 (unregistering): Port device team_slave_1 removed [ 196.831459][ C1] usb 4-1: yurex_control_callback - control failed: -2 [ 196.851560][ T2238] usb 2-1: string descriptor 0 read error: -22 [ 196.857859][ T2238] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 196.891498][ T2238] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 196.960068][ T2238] adutux 2-1:168.0: interrupt endpoints not found [ 197.211672][ T4416] Bluetooth: hci6: command 0x1009 tx timeout [ 197.532174][ T6277] netlink: 104 bytes leftover after parsing attributes in process `syz.0.523'. [ 198.031721][ T6291] xt_hashlimit: size too large, truncated to 1048576 [ 198.047739][ T4211] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 198.340150][ T4211] usb 1-1: Using ep0 maxpacket: 8 [ 198.369950][ T4416] usb 4-1: USB disconnect, device number 2 [ 198.417413][ T4416] yurex 4-1:0.0: USB YUREX #0 now disconnected [ 198.487839][ T4211] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 198.502238][ T4211] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 198.536686][ T4211] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 198.570126][ T4211] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 198.590487][ T4211] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 198.599846][ T4211] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.881688][ T4211] usb 1-1: GET_CAPABILITIES returned 0 [ 198.887829][ T4211] usbtmc 1-1:16.0: can't read capabilities [ 198.951758][ T4416] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 199.151552][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 199.164476][ T6302] usbtmc 1-1:16.0: Unable to send data, error -71 [ 199.177578][ T4211] usb 1-1: USB disconnect, device number 9 [ 199.341745][ T4416] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 199.352074][ T4416] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 199.368117][ T4416] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 199.378886][ T4416] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 199.395525][ T4416] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 199.521736][ T4416] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 199.537302][ T4416] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 199.545724][ T4416] usb 4-1: Product: syz [ 199.549906][ T4416] usb 4-1: Manufacturer: syz [ 199.632359][ T4416] cdc_wdm 4-1:1.0: skipping garbage [ 199.637774][ T4416] cdc_wdm 4-1:1.0: skipping garbage [ 199.667999][ T4416] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 199.674202][ T4416] cdc_wdm 4-1:1.0: Unknown control protocol [ 199.862320][ T4541] usb 2-1: USB disconnect, device number 6 [ 199.887339][ T4416] usb 4-1: USB disconnect, device number 3 [ 199.913768][ T6301] cdc_wdm 4-1:1.0: Tx URB error: -19 [ 200.151545][ T2238] usb 1-1: new full-speed USB device number 10 using dummy_hcd [ 200.561715][ T2238] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 200.576545][ T2238] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 200.596841][ T2238] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 200.616130][ T2238] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 200.636483][ T2238] usb 1-1: config 0 descriptor?? [ 200.683681][ T2238] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 200.695336][ T2238] dvb-usb: bulk message failed: -22 (3/0) [ 200.744044][ T2238] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 200.782014][ T2238] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 200.793319][ T2238] usb 1-1: media controller created [ 200.809062][ T2238] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 200.856038][ T2238] dvb-usb: bulk message failed: -22 (6/0) [ 200.872674][ T2238] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 200.924571][ T2238] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input8 [ 201.008062][ T2238] dvb-usb: schedule remote query interval to 150 msecs. [ 201.027124][ T2238] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 201.107032][ T2238] usb 1-1: USB disconnect, device number 10 [ 201.173489][ T4180] bond0: (slave syz_tun): Releasing backup interface [ 201.252925][ T2238] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 201.350994][ T6324] ================================================================== [ 201.359711][ T6324] BUG: KASAN: use-after-free in ax25_dev_device_down+0x356/0x510 [ 201.367460][ T6324] Write of size 4 at addr ffff888023d84ab8 by task syz.4.543/6324 [ 201.375274][ T6324] [ 201.377605][ T6324] CPU: 1 PID: 6324 Comm: syz.4.543 Not tainted 5.15.180-syzkaller #0 [ 201.385678][ T6324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 201.395747][ T6324] Call Trace: [ 201.399043][ T6324] [ 201.401982][ T6324] dump_stack_lvl+0x1e3/0x2d0 [ 201.406693][ T6324] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 201.412440][ T6324] ? _printk+0xd1/0x120 [ 201.416618][ T6324] ? __wake_up_klogd+0xcc/0x100 [ 201.421490][ T6324] ? panic+0x860/0x860 [ 201.425573][ T6324] ? _raw_spin_lock_irqsave+0xdd/0x120 [ 201.431057][ T6324] print_address_description+0x63/0x3b0 [ 201.436628][ T6324] ? ax25_dev_device_down+0x356/0x510 [ 201.442023][ T6324] kasan_report+0x16b/0x1c0 [ 201.446574][ T6324] ? ax25_dev_device_down+0x356/0x510 [ 201.451980][ T6324] kasan_check_range+0x27e/0x290 [ 201.456953][ T6324] ax25_dev_device_down+0x356/0x510 [ 201.462187][ T6324] ax25_device_event+0x4d6/0x510 [ 201.467147][ T6324] raw_notifier_call_chain+0xd0/0x170 [ 201.472547][ T6324] __dev_notify_flags+0x1fd/0x3f0 [ 201.477596][ T6324] ? __dev_change_flags+0x6e0/0x6e0 [ 201.482816][ T6324] ? __dev_change_flags+0x505/0x6e0 [ 201.488041][ T6324] ? rcu_lock_release+0x20/0x20 [ 201.493007][ T6324] ? dev_get_flags+0x1c0/0x1c0 [ 201.497811][ T6324] dev_change_flags+0xe7/0x190 [ 201.502869][ T6324] dev_ifsioc+0x147/0x10c0 [ 201.507313][ T6324] ? dev_ioctl+0x4f1/0xf60 [ 201.511755][ T6324] ? dev_ioctl+0xf60/0xf60 [ 201.516289][ T6324] ? full_name_hash+0x8f/0xe0 [ 201.521004][ T6324] dev_ioctl+0x504/0xf60 [ 201.525278][ T6324] sock_do_ioctl+0x34f/0x5a0 [ 201.529926][ T6324] ? sock_show_fdinfo+0xb0/0xb0 [ 201.534825][ T6324] sock_ioctl+0x484/0x770 [ 201.539268][ T6324] ? sock_poll+0x410/0x410 [ 201.543827][ T6324] ? __fget_files+0x413/0x480 [ 201.548534][ T6324] ? bpf_lsm_file_ioctl+0x5/0x10 [ 201.551626][ T5300] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 201.553485][ T6324] ? security_file_ioctl+0x7d/0xa0 [ 201.553575][ T6324] ? sock_poll+0x410/0x410 [ 201.553604][ T6324] __se_sys_ioctl+0xf1/0x160 [ 201.553634][ T6324] do_syscall_64+0x3b/0xb0 [ 201.553659][ T6324] ? clear_bhb_loop+0x15/0x70 [ 201.553684][ T6324] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 201.553708][ T6324] RIP: 0033:0x7fd2f258e169 [ 201.553731][ T6324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 201.553751][ T6324] RSP: 002b:00007fd2f03f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 201.553779][ T6324] RAX: ffffffffffffffda RBX: 00007fd2f27a6fa0 RCX: 00007fd2f258e169 [ 201.553797][ T6324] RDX: 0000200000000000 RSI: 0000000000008914 RDI: 0000000000000008 [ 201.553820][ T6324] RBP: 00007fd2f260f990 R08: 0000000000000000 R09: 0000000000000000 [ 201.553835][ T6324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 201.553850][ T6324] R13: 0000000000000000 R14: 00007fd2f27a6fa0 R15: 00007ffe8a9d57b8 [ 201.553883][ T6324] [ 201.553892][ T6324] [ 201.553898][ T6324] Allocated by task 6089: [ 201.553910][ T6324] ____kasan_kmalloc+0xba/0xf0 [ 201.553931][ T6324] kmem_cache_alloc_trace+0x143/0x290 [ 201.553954][ T6324] ax25_dev_device_up+0x51/0x5a0 [ 201.553977][ T6324] ax25_device_event+0x4a0/0x510 [ 201.553997][ T6324] raw_notifier_call_chain+0xd0/0x170 [ 201.554019][ T6324] __dev_notify_flags+0x1fd/0x3f0 [ 201.554040][ T6324] dev_change_flags+0xe7/0x190 [ 201.554061][ T6324] dev_ifsioc+0x147/0x10c0 [ 201.554083][ T6324] dev_ioctl+0x504/0xf60 [ 201.554104][ T6324] sock_do_ioctl+0x34f/0x5a0 [ 201.554125][ T6324] sock_ioctl+0x484/0x770 [ 201.554144][ T6324] __se_sys_ioctl+0xf1/0x160 [ 201.554163][ T6324] do_syscall_64+0x3b/0xb0 [ 201.554183][ T6324] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 201.554204][ T6324] [ 201.554209][ T6324] Freed by task 6324: [ 201.554220][ T6324] kasan_set_track+0x4b/0x80 [ 201.554238][ T6324] kasan_set_free_info+0x1f/0x40 [ 201.554258][ T6324] ____kasan_slab_free+0xd8/0x120 [ 201.554278][ T6324] slab_free_freelist_hook+0xdd/0x160 [ 201.766926][ T6324] kfree+0xf1/0x270 [ 201.770772][ T6324] ax25_dev_device_down+0x1bd/0x510 [ 201.776147][ T6324] ax25_device_event+0x4d6/0x510 [ 201.781120][ T6324] raw_notifier_call_chain+0xd0/0x170 [ 201.786518][ T6324] __dev_notify_flags+0x1fd/0x3f0 [ 201.791571][ T6324] dev_change_flags+0xe7/0x190 [ 201.796356][ T6324] dev_ifsioc+0x147/0x10c0 [ 201.800840][ T6324] dev_ioctl+0x504/0xf60 [ 201.805138][ T6324] sock_do_ioctl+0x34f/0x5a0 [ 201.809757][ T6324] sock_ioctl+0x484/0x770 [ 201.814102][ T6324] __se_sys_ioctl+0xf1/0x160 [ 201.818704][ T6324] do_syscall_64+0x3b/0xb0 [ 201.823134][ T6324] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 201.829045][ T6324] [ 201.831378][ T6324] Last potentially related work creation: [ 201.837094][ T6324] kasan_save_stack+0x36/0x60 [ 201.841790][ T6324] kasan_record_aux_stack+0xba/0x100 [ 201.847092][ T6324] insert_work+0x54/0x3e0 [ 201.851434][ T6324] __queue_work+0x963/0xd00 [ 201.855951][ T6324] queue_work_on+0x14b/0x250 [ 201.860555][ T6324] loop_queue_rq+0x9ed/0xae0 [ 201.865161][ T6324] __blk_mq_try_issue_directly+0x4be/0x860 [ 201.870985][ T6324] blk_mq_try_issue_list_directly+0x245/0x650 [ 201.877072][ T6324] blk_mq_sched_insert_requests+0x284/0x570 [ 201.882979][ T6324] blk_mq_flush_plug_list+0x5de/0x6b0 [ 201.888394][ T6324] blk_flush_plug_list+0x44b/0x490 [ 201.893521][ T6324] blk_finish_plug+0x59/0x80 [ 201.898139][ T6324] generic_writepages+0x105/0x160 [ 201.903181][ T6324] do_writepages+0x481/0x730 [ 201.907793][ T6324] filemap_fdatawrite_wbc+0x1d6/0x230 [ 201.913271][ T6324] filemap_write_and_wait_range+0x19e/0x280 [ 201.919183][ T6324] ext4_put_super+0x8d1/0x1060 [ 201.923977][ T6324] generic_shutdown_super+0x130/0x310 [ 201.929374][ T6324] kill_block_super+0x7a/0xe0 [ 201.934119][ T6324] deactivate_locked_super+0xa0/0x110 [ 201.939528][ T6324] cleanup_mnt+0x44e/0x500 [ 201.943972][ T6324] task_work_run+0x129/0x1a0 [ 201.948588][ T6324] exit_to_user_mode_loop+0x106/0x130 [ 201.951714][ T5300] usb 2-1: Using ep0 maxpacket: 8 [ 201.953971][ T6324] exit_to_user_mode_prepare+0xb1/0x140 [ 201.954000][ T6324] syscall_exit_to_user_mode+0x5d/0x240 [ 201.970126][ T6324] do_syscall_64+0x47/0xb0 [ 201.974572][ T6324] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 201.980580][ T6324] [ 201.982911][ T6324] Second to last potentially related work creation: [ 201.989496][ T6324] kasan_save_stack+0x36/0x60 [ 201.994197][ T6324] kasan_record_aux_stack+0xba/0x100 [ 201.999510][ T6324] insert_work+0x54/0x3e0 [ 202.003871][ T6324] __queue_work+0x963/0xd00 [ 202.008394][ T6324] queue_work_on+0x14b/0x250 [ 202.013019][ T6324] loop_queue_rq+0x9ed/0xae0 [ 202.017635][ T6324] __blk_mq_try_issue_directly+0x4be/0x860 [ 202.023496][ T6324] blk_mq_try_issue_directly+0x116/0x370 [ 202.029157][ T6324] blk_mq_submit_bio+0x11bb/0x1c40 [ 202.034287][ T6324] __submit_bio+0x813/0x850 [ 202.038831][ T6324] submit_bio_noacct+0x955/0xb30 [ 202.043820][ T6324] submit_bio+0x2dd/0x560 [ 202.048175][ T6324] __sync_dirty_buffer+0x245/0x380 [ 202.053311][ T6324] ext4_write_inode+0x522/0x730 [ 202.058191][ T6324] __writeback_single_inode+0x644/0xe30 [ 202.063771][ T6324] writeback_single_inode+0x22c/0x960 [ 202.069178][ T6324] write_inode_now+0x26e/0x2f0 [ 202.073958][ T6324] iput+0x5ce/0x8b0 [ 202.077772][ T6324] dquot_disable+0x18f1/0x1c60 [ 202.082747][ T6324] ext4_orphan_cleanup+0xe6c/0x1240 [ 202.087952][ T6324] ext4_fill_super+0x98de/0xa110 [ 202.092902][ T6324] mount_bdev+0x2c9/0x3f0 [ 202.097547][ T6324] legacy_get_tree+0xeb/0x180 [ 202.102239][ T6324] vfs_get_tree+0x88/0x270 [ 202.106681][ T6324] do_new_mount+0x2ba/0xb40 [ 202.111329][ T6324] __se_sys_mount+0x2d5/0x3c0 [ 202.116165][ T6324] do_syscall_64+0x3b/0xb0 [ 202.120590][ T6324] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 202.126488][ T6324] [ 202.128813][ T6324] The buggy address belongs to the object at ffff888023d84a00 [ 202.128813][ T6324] which belongs to the cache kmalloc-192 of size 192 [ 202.143222][ T6324] The buggy address is located 184 bytes inside of [ 202.143222][ T6324] 192-byte region [ffff888023d84a00, ffff888023d84ac0) [ 202.156498][ T6324] The buggy address belongs to the page: [ 202.162157][ T6324] page:ffffea00008f6100 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x23d84 [ 202.172327][ T6324] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff) [ 202.179998][ T6324] raw: 00fff00000000200 ffffea000079f8c0 0000000b0000000b ffff888017441a00 [ 202.188580][ T6324] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 202.197286][ T6324] page dumped because: kasan: bad access detected [ 202.203712][ T6324] page_owner tracks the page as allocated [ 202.209439][ T6324] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12c00(GFP_NOIO|__GFP_NOWARN|__GFP_NORETRY), pid 395, ts 8992850941, free_ts 8992711885 [ 202.225278][ T6324] get_page_from_freelist+0x3b78/0x3d40 [ 202.230838][ T6324] __alloc_pages+0x272/0x700 [ 202.235447][ T6324] new_slab+0xb1/0x4b0 [ 202.239538][ T6324] ___slab_alloc+0x6f6/0xe10 [ 202.244151][ T6324] __kmalloc_node+0x1fa/0x390 [ 202.248851][ T6324] sbitmap_init_node+0x471/0x6f0 [ 202.252652][ T5300] usb 2-1: config index 0 descriptor too short (expected 5924, got 36) [ 202.253797][ T6324] blk_mq_realloc_hw_ctxs+0x7dc/0x1730 [ 202.263517][ T5300] usb 2-1: config 250 has an invalid interface number: 228 but max is -1 [ 202.267476][ T6324] blk_mq_init_allocated_queue+0x3d0/0x17a0 [ 202.267509][ T6324] blk_mq_init_queue+0x64/0xc0 [ 202.284199][ T5300] usb 2-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 202.286567][ T6324] scsi_alloc_sdev+0x74b/0xb40 [ 202.286599][ T6324] scsi_probe_and_add_lun+0x1cf/0x4c30 [ 202.296586][ T5300] usb 2-1: config 250 has no interface number 0 [ 202.300664][ T6324] __scsi_scan_target+0x1fc/0x10b0 [ 202.300698][ T6324] scsi_scan_host_selected+0x37a/0x690 [ 202.307108][ T5300] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 202.312406][ T6324] do_scan_async+0x12e/0x780 [ 202.312440][ T6324] async_run_entry_fn+0xa2/0x410 [ 202.312459][ T6324] process_one_work+0x8a1/0x10c0 [ 202.312483][ T6324] page last free stack trace: [ 202.318666][ T5300] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 202.323883][ T6324] free_unref_page_prepare+0xc34/0xcf0 [ 202.323917][ T6324] free_unref_page+0x95/0x2d0 [ 202.323935][ T6324] __vunmap+0x8b3/0xa50 [ 202.323957][ T6324] free_work+0x57/0x80 [ 202.323978][ T6324] process_one_work+0x8a1/0x10c0 [ 202.336651][ T5300] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 202.340110][ T6324] worker_thread+0xaca/0x1280 [ 202.340141][ T6324] kthread+0x3f6/0x4f0 [ 202.340161][ T6324] ret_from_fork+0x1f/0x30 [ 202.346022][ T5300] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 202.350019][ T6324] [ 202.350029][ T6324] Memory state around the buggy address: [ 202.350134][ T6324] ffff888023d84980: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 202.350156][ T6324] ffff888023d84a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 202.356105][ T5300] usb 2-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 202.365262][ T6324] >ffff888023d84a80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 202.365277][ T6324] ^ [ 202.365289][ T6324] ffff888023d84b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 202.365303][ T6324] ffff888023d84b80: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 202.365314][ T6324] ================================================================== [ 202.365323][ T6324] Disabling lock debugging due to kernel taint [ 202.405321][ T6324] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 202.413337][ T5300] usb 2-1: config 250 interface 228 has no altsetting 0 [ 202.423152][ T6324] CPU: 1 PID: 6324 Comm: syz.4.543 Tainted: G B 5.15.180-syzkaller #0 [ 202.423180][ T6324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 202.423192][ T6324] Call Trace: [ 202.423202][ T6324] [ 202.423210][ T6324] dump_stack_lvl+0x1e3/0x2d0 [ 202.551379][ T6324] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 202.557100][ T6324] ? panic+0x860/0x860 [ 202.561191][ T6324] ? rcu_is_watching+0x11/0xa0 [ 202.565974][ T6324] ? preempt_schedule_common+0xa6/0xd0 [ 202.571443][ T6324] panic+0x318/0x860 [ 202.575330][ T6324] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 202.581479][ T6324] ? check_panic_on_warn+0x1d/0xa0 [ 202.586921][ T6324] ? fb_is_primary_device+0xd0/0xd0 [ 202.592124][ T6324] ? _raw_spin_unlock_irqrestore+0x128/0x130 [ 202.598106][ T6324] ? _raw_spin_unlock+0x40/0x40 [ 202.602965][ T6324] check_panic_on_warn+0x7e/0xa0 [ 202.607914][ T6324] ? ax25_dev_device_down+0x356/0x510 [ 202.613299][ T6324] end_report+0x6d/0xf0 [ 202.619289][ T6324] kasan_report+0x18e/0x1c0 [ 202.624249][ T6324] ? ax25_dev_device_down+0x356/0x510 [ 202.629822][ T6324] kasan_check_range+0x27e/0x290 [ 202.635184][ T6324] ax25_dev_device_down+0x356/0x510 [ 202.641182][ T6324] ax25_device_event+0x4d6/0x510 [ 202.646817][ T6324] raw_notifier_call_chain+0xd0/0x170 [ 202.652829][ T6324] __dev_notify_flags+0x1fd/0x3f0 [ 202.658258][ T6324] ? __dev_change_flags+0x6e0/0x6e0 [ 202.664089][ T6324] ? __dev_change_flags+0x505/0x6e0 [ 202.669852][ T6324] ? rcu_lock_release+0x20/0x20 [ 202.675842][ T6324] ? dev_get_flags+0x1c0/0x1c0 [ 202.681397][ T6324] dev_change_flags+0xe7/0x190 [ 202.687158][ T6324] dev_ifsioc+0x147/0x10c0 [ 202.691766][ T6324] ? dev_ioctl+0x4f1/0xf60 [ 202.696854][ T6324] ? dev_ioctl+0xf60/0xf60 [ 202.702342][ T6324] ? full_name_hash+0x8f/0xe0 [ 202.704178][ T5300] usb 2-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 202.707047][ T6324] dev_ioctl+0x504/0xf60 [ 202.716103][ T5300] usb 2-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 202.720462][ T6324] sock_do_ioctl+0x34f/0x5a0 [ 202.731761][ T5300] usb 2-1: Product: syz [ 202.733370][ T6324] ? sock_show_fdinfo+0xb0/0xb0 [ 202.737510][ T5300] usb 2-1: SerialNumber: syz [ 202.742348][ T6324] sock_ioctl+0x484/0x770 [ 202.742380][ T6324] ? sock_poll+0x410/0x410 [ 202.757025][ T6324] ? __fget_files+0x413/0x480 [ 202.763446][ T6324] ? bpf_lsm_file_ioctl+0x5/0x10 [ 202.768755][ T6324] ? security_file_ioctl+0x7d/0xa0 [ 202.774771][ T6324] ? sock_poll+0x410/0x410 [ 202.779805][ T6324] __se_sys_ioctl+0xf1/0x160 [ 202.784656][ T6324] do_syscall_64+0x3b/0xb0 [ 202.789073][ T6324] ? clear_bhb_loop+0x15/0x70 [ 202.793744][ T6324] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 202.799638][ T6324] RIP: 0033:0x7fd2f258e169 [ 202.804069][ T6324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 202.824121][ T6324] RSP: 002b:00007fd2f03f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 202.832588][ T6324] RAX: ffffffffffffffda RBX: 00007fd2f27a6fa0 RCX: 00007fd2f258e169 [ 202.840569][ T6324] RDX: 0000200000000000 RSI: 0000000000008914 RDI: 0000000000000008 [ 202.848538][ T6324] RBP: 00007fd2f260f990 R08: 0000000000000000 R09: 0000000000000000 [ 202.855864][ T5300] hub 2-1:250.228: bad descriptor, ignoring hub [ 202.856507][ T6324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 202.862912][ T5300] hub: probe of 2-1:250.228 failed with error -5 [ 202.870821][ T6324] R13: 0000000000000000 R14: 00007fd2f27a6fa0 R15: 00007ffe8a9d57b8 [ 202.885793][ T6324] [ 202.889106][ T6324] Kernel Offset: disabled [ 202.893439][ T6324] Rebooting in 86400 seconds..