last executing test programs: 1.76035496s ago: executing program 3 (id=860): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000004080000000000000003000000000000000000000002000000000000000000000000000002000000000000000000000004"], 0x0, 0x56}, 0x20) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000017c0)=ANY=[@ANYBLOB="0200000004000000080000000500000080000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="000000000100"], 0x48) 1.5097236s ago: executing program 3 (id=865): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0x68, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x54, 0x1, [@m_tunnel_key={0x50, 0x1, 0x0, 0x0, {{0xf}, {0x20, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x20000000}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x68}}, 0x4024094) 1.346941722s ago: executing program 3 (id=868): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000540)=@mangle={'mangle\x00', 0x44, 0x6, 0x3f8, 0x360, 0x230, 0x198, 0x230, 0x0, 0x360, 0x360, 0x360, 0x360, 0x360, 0x6, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'veth1_macvtap\x00', 'pimreg\x00', {}, {}, 0x11, 0x0, 0x41}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@private=0xa010101, @multicast1, 0xffffffff, 0x0, 'veth1_to_bond\x00', '\x00', {0xff}, {0xff}, 0x62, 0x1, 0x48}, 0x0, 0xd8, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@set={{0x40}, {{0x0, [0x7, 0x1, 0x1, 0x4], 0x0, 0x6}}}]}, @ECN={0x28}}, {{@ip={@empty, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'macvlan1\x00', 'rose0\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @TTL={0x28}}, {{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'nr0\x00'}, 0x0, 0x70, 0x98}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x1b, 0x2, 0x101}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x458) 1.327104025s ago: executing program 2 (id=869): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f0000000200)={0x6, @capture={0x0, 0x0, {0x80000001, 0x34}, 0x5, 0x2}}) 1.278396148s ago: executing program 1 (id=870): r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_buf(r0, 0x1, 0x41, &(0x7f0000000200)=""/44, &(0x7f00000000c0)=0x30) 1.120738851s ago: executing program 2 (id=872): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, 0x2, 0x3, 0x5, 0x0, 0x0, {0xc}, [@NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x13}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4c011}, 0x4000) 1.067674835s ago: executing program 3 (id=873): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)={0x2, 0x3, 0x0, 0x2, 0x10, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x8, 0x8, 0x0, "a3"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x9}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}]}, 0x80}, 0x1, 0x7}, 0x0) 1.00569123s ago: executing program 1 (id=874): r0 = socket(0x400000000010, 0x3, 0x0) write(r0, &(0x7f0000000040)="3a03000019002551075c0165ff0ffc02802000030004000500e1000c0400070280000f00", 0x33a) 999.23563ms ago: executing program 0 (id=875): r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0xab1, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x20, 0x1, 0x0, "000000000000000405f126b8e7664bb7e3fff0ffff39361e9700", 0x38415262}) 921.034047ms ago: executing program 2 (id=876): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x5c, 0x2, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x0, 0x0, 0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4004800}, 0x20048888) 805.561346ms ago: executing program 2 (id=877): r0 = socket$rxrpc(0x21, 0x2, 0xa) connect$rxrpc(r0, &(0x7f0000000040)=@in6={0x21, 0x0, 0x1c, 0x2, {0xa, 0x0, 0x0, @dev}}, 0x24) 753.70351ms ago: executing program 0 (id=878): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x5, 0x0, 0x0) 717.240023ms ago: executing program 1 (id=879): r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000480)='\x00\x00\x00\x00\x001', 0x6}], 0x2, &(0x7f0000000040)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x9}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @dev={0xac, 0x14, 0x14, 0x27}}}}], 0x38}, 0x8004) 637.808619ms ago: executing program 0 (id=880): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x10000000000001f, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0x88000005, 0x80000000}) 576.871064ms ago: executing program 3 (id=881): r0 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) ioctl$NS_GET_USERNS(r0, 0xb701, 0x0) 563.761056ms ago: executing program 2 (id=882): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b7020000c0000000bfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001011404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x702, 0xe, 0xff0f, &(0x7f0000000540)="e460334470b8d480eb20c15286dd", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 481.822462ms ago: executing program 1 (id=883): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0xe) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000580)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xf}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 459.019124ms ago: executing program 0 (id=884): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000180)={0x80, 0x4, 0x4, 0x51, 0x8}) 313.674786ms ago: executing program 3 (id=885): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0x503, 0x8d, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACSEC_CIPHER_SUITE={0xc, 0x4, 0x80c20001000003}, @IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x4}]}}}]}, 0x48}}, 0x0) 260.31154ms ago: executing program 0 (id=886): pipe(&(0x7f0000001180)={0xffffffffffffffff}) bind$alg(r0, 0x0, 0x0) 240.121882ms ago: executing program 1 (id=887): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="f40000000001010400000000141a00000200ffff0800074000000001240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e02010c000280050001000000000090000d80080002007f00000114000500ff02000000000000000000000000000108000200ac1e01011400050000000000000000000000ffffffffffff08000200e0000001140004002001000005000000000000000000000214000380060002004e200000060001004e200000080001"], 0xf4}}, 0x0) 61.671646ms ago: executing program 2 (id=888): syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xcc04, &(0x7f0000000140)=ANY=[@ANYBLOB='dots,gid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6f646f74732c646f74732c74696d655f6f66667365743d3078303030303030303030303030303264382c646f74732c646f74732c6e6f646f74732c6e6f646f74732c646f74732c646f74732c6e6f646f74732c6e6f646f74732c636865636b3d72656c617865642c666c7573682c64656275672c646f74732c73686f77657865632c6e6f646f74732c6572726f72733d636f6e74696e75652c646f74732c71756965742c003fa5bfd3e968f92d300444698c6f8d94d8b46ce3ce652bc8f6"], 0x1, 0x207, &(0x7f0000000500)="$eJzs3b9uUmEUAPBDS/ljHLqZmJhc46BToz5BjamJkcSkhkG3JnYqEyzA0j6Gr+B7+QCmE4v5DF5uQUoRiRe0/n5LTznfufc73HBh4ZAi9+Xep2g0KrFzGIcxqsR+7EThIgCA22SUUnxNud+vrpaxJQCgZCu8/3/b8JYAgJK9e//hzYtW6+g4yxoRlxf9dr+d/83zr163jp5mP+xPqy77/fbuVf5ZNv/ZYZzfizuT/PO8PrtK1yKiXYsnj/L8OPfybSv7ub4eH0vuHQAAAAAAAAAAAAAAAAAAAAAAtuVBZIWF830ODubzzUk+/29mPtDc/J5q3C/GA0/HA6XzTTQFAAAAAAAAAAAAAAAAAAAA/5jeYHh20umcdqdBPSJmH6kuWHNzUJkceKXF2w92Yr3y5qTNNU5amTxF5TbYXHxxVwmi+rdcnXWD7E8dsF5c5uupZlSWlKc0Dha/CoqxGDeW1yJi+cYeH6/b1yil1Pn8sNsbRFq6eHqPqG/sbgQAAAAAAAAAAAAAAAAAAP+3mW99X9PY3caOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDzeoNh8Sv/w7OTTue02xusHJxHxN345eLiXHvR2F6jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3GrfAwAA//8nTRyq") rename(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00') 49.090446ms ago: executing program 0 (id=889): r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x101002) read$FUSE(r0, &(0x7f00000008c0)={0x2020}, 0x2020) 0s ago: executing program 1 (id=890): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmmsg(r0, &(0x7f0000000380)=[{{&(0x7f00000004c0)=@nl=@proc, 0x80, &(0x7f0000001900)=[{&(0x7f0000000100)='B', 0x1}], 0x1}}, {{&(0x7f0000000200)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0x1}}], 0x2, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.98' (ED25519) to the list of known hosts. [ 65.124798][ T5774] cgroup: Unknown subsys name 'net' [ 65.283285][ T5774] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 66.571162][ T5774] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 67.928026][ T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 67.938402][ T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 67.946232][ T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 67.954884][ T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 67.962956][ T50] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 67.973746][ T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 68.014479][ T5785] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 68.036249][ T5792] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 68.044322][ T5792] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 68.067879][ T5792] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 68.075509][ T5790] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 68.084646][ T5790] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 68.092494][ T5790] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 68.100910][ T5790] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 68.108801][ T5790] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 68.108808][ T5795] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 68.109181][ T5790] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 68.116833][ T5795] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 68.138456][ T5790] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 68.140920][ T5795] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 68.145868][ T5790] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 68.156072][ T5795] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 68.168605][ T5795] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 68.182689][ T5795] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 68.582240][ T5783] chnl_net:caif_netlink_parms(): no params data found [ 68.672800][ T5787] chnl_net:caif_netlink_parms(): no params data found [ 68.743147][ T5789] chnl_net:caif_netlink_parms(): no params data found [ 68.787211][ T5783] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.795844][ T5783] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.803270][ T5783] bridge_slave_0: entered allmulticast mode [ 68.809945][ T5783] bridge_slave_0: entered promiscuous mode [ 68.845369][ T5783] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.853061][ T5783] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.860533][ T5783] bridge_slave_1: entered allmulticast mode [ 68.867620][ T5783] bridge_slave_1: entered promiscuous mode [ 68.926298][ T5787] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.934056][ T5787] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.941428][ T5787] bridge_slave_0: entered allmulticast mode [ 68.948411][ T5787] bridge_slave_0: entered promiscuous mode [ 68.975316][ T5786] chnl_net:caif_netlink_parms(): no params data found [ 68.986476][ T5787] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.993727][ T5787] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.001557][ T5787] bridge_slave_1: entered allmulticast mode [ 69.008390][ T5787] bridge_slave_1: entered promiscuous mode [ 69.037075][ T5783] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.050453][ T5783] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.096340][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.103911][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.112084][ T5789] bridge_slave_0: entered allmulticast mode [ 69.119936][ T5789] bridge_slave_0: entered promiscuous mode [ 69.135972][ T5783] team0: Port device team_slave_0 added [ 69.145736][ T5783] team0: Port device team_slave_1 added [ 69.160231][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.167393][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.174671][ T5789] bridge_slave_1: entered allmulticast mode [ 69.182217][ T5789] bridge_slave_1: entered promiscuous mode [ 69.225254][ T5787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.238173][ T5787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.295683][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.316661][ T5783] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.323942][ T5783] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.351126][ T5783] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.365420][ T5787] team0: Port device team_slave_0 added [ 69.375243][ T5787] team0: Port device team_slave_1 added [ 69.382996][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.415459][ T5783] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.422544][ T5783] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.448643][ T5783] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.502929][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.510228][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.517402][ T5786] bridge_slave_0: entered allmulticast mode [ 69.524915][ T5786] bridge_slave_0: entered promiscuous mode [ 69.534812][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.542677][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.549951][ T5786] bridge_slave_1: entered allmulticast mode [ 69.556568][ T5786] bridge_slave_1: entered promiscuous mode [ 69.568461][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.575454][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.601638][ T5787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.615019][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.622036][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.648325][ T5787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.662814][ T5789] team0: Port device team_slave_0 added [ 69.695989][ T5789] team0: Port device team_slave_1 added [ 69.740607][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.752996][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.785603][ T5783] hsr_slave_0: entered promiscuous mode [ 69.792514][ T5783] hsr_slave_1: entered promiscuous mode [ 69.812981][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.820009][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.846131][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.881932][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.889166][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.916160][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.930676][ T5787] hsr_slave_0: entered promiscuous mode [ 69.937333][ T5787] hsr_slave_1: entered promiscuous mode [ 69.943794][ T5787] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 69.951820][ T5787] Cannot create hsr debugfs directory [ 69.972182][ T5786] team0: Port device team_slave_0 added [ 69.980897][ T5786] team0: Port device team_slave_1 added [ 70.048576][ T5795] Bluetooth: hci0: command tx timeout [ 70.073253][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.080332][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.106360][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.135353][ T5789] hsr_slave_0: entered promiscuous mode [ 70.141640][ T5789] hsr_slave_1: entered promiscuous mode [ 70.147616][ T5789] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.155583][ T5789] Cannot create hsr debugfs directory [ 70.166180][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.174156][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.200354][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.211185][ T5795] Bluetooth: hci2: command tx timeout [ 70.216896][ T5795] Bluetooth: hci3: command tx timeout [ 70.222939][ T5790] Bluetooth: hci1: command tx timeout [ 70.315565][ T5786] hsr_slave_0: entered promiscuous mode [ 70.322495][ T5786] hsr_slave_1: entered promiscuous mode [ 70.329967][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.338149][ T5786] Cannot create hsr debugfs directory [ 70.624335][ T5783] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 70.641827][ T5783] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 70.651688][ T5783] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 70.662414][ T5783] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 70.734029][ T5789] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 70.746319][ T5789] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 70.755722][ T5789] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 70.765180][ T5789] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 70.853558][ T5787] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 70.863096][ T5787] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 70.875817][ T5787] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 70.886131][ T5787] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 71.016780][ T5786] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 71.047130][ T5783] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.063536][ T5786] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 71.075044][ T5786] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 71.085418][ T5786] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 71.136607][ T5783] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.165246][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.193485][ T2958] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.200867][ T2958] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.216568][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.223929][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.260408][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.267019][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.279756][ T5789] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.293084][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.330116][ T5787] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.343761][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.350946][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.383128][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.390314][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.406021][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.413139][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.437707][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.444946][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.605044][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.671924][ T5786] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.701988][ T1097] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.709228][ T1097] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.763984][ T1097] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.771208][ T1097] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.059218][ T5783] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.129251][ T5790] Bluetooth: hci0: command tx timeout [ 72.147261][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.221919][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.251718][ T5783] veth0_vlan: entered promiscuous mode [ 72.283481][ T5783] veth1_vlan: entered promiscuous mode [ 72.289640][ T5790] Bluetooth: hci3: command tx timeout [ 72.293500][ T50] Bluetooth: hci1: command tx timeout [ 72.297454][ T5795] Bluetooth: hci2: command tx timeout [ 72.356901][ T5787] veth0_vlan: entered promiscuous mode [ 72.374598][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.413146][ T5787] veth1_vlan: entered promiscuous mode [ 72.432591][ T5783] veth0_macvtap: entered promiscuous mode [ 72.453199][ T5789] veth0_vlan: entered promiscuous mode [ 72.463303][ T5783] veth1_macvtap: entered promiscuous mode [ 72.494509][ T5789] veth1_vlan: entered promiscuous mode [ 72.527550][ T5783] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.564493][ T5783] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.576968][ T5783] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.586598][ T5783] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.596812][ T5783] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.605791][ T5783] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.621268][ T5787] veth0_macvtap: entered promiscuous mode [ 72.644869][ T5786] veth0_vlan: entered promiscuous mode [ 72.671111][ T5787] veth1_macvtap: entered promiscuous mode [ 72.705258][ T5786] veth1_vlan: entered promiscuous mode [ 72.766000][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.790657][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.806623][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.824960][ T5789] veth0_macvtap: entered promiscuous mode [ 72.863917][ T5789] veth1_macvtap: entered promiscuous mode [ 72.871363][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.883112][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.894180][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.921751][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.933095][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.938879][ T5786] veth0_macvtap: entered promiscuous mode [ 72.956842][ T5787] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.966070][ T5787] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.974928][ T5787] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.983889][ T5787] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.031008][ T5786] veth1_macvtap: entered promiscuous mode [ 73.058548][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.069720][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.082259][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.093209][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.104115][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.127166][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.128404][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.149061][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.149687][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.168657][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.179438][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.191735][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.203532][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.214771][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.224188][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.235110][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.245065][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.256953][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.268272][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.289097][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.302360][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.313915][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.324991][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.335997][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.348181][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.360612][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.373350][ T5789] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.382945][ T5789] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.392402][ T5789] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.401219][ T5789] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.462985][ T5786] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.473324][ T5786] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.482200][ T5786] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.491914][ T5786] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.508251][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.522241][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.591277][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.610550][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.771807][ T2913] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.787372][ T2913] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.844784][ T2913] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.876591][ T2913] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.992290][ T2913] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.014117][ T2913] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.041898][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.086343][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.207885][ T5795] Bluetooth: hci0: command tx timeout [ 74.383701][ T5795] Bluetooth: hci1: command tx timeout [ 74.383725][ T50] Bluetooth: hci2: command tx timeout [ 74.383761][ T50] Bluetooth: hci3: command tx timeout [ 74.471749][ T5883] comedi comedi0: dt2815: I/O port conflict (0x3,2) [ 74.591351][ T5887] geneve2: entered promiscuous mode [ 74.628901][ T5887] geneve2: entered allmulticast mode [ 75.368176][ T5911] syz.1.20[5911]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 75.524373][ T5911] loop1: detected capacity change from 0 to 4096 [ 75.704400][ T5918] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 75.818030][ T5432] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 75.845024][ T5911] NILFS (loop1): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 75.913558][ T5911] NILFS error (device loop1): nilfs_bmap_truncate: broken bmap (inode number=12) [ 75.949262][ T5911] Remounting filesystem read-only [ 75.954360][ T5911] NILFS (loop1): error -5 truncating bmap (ino=12) [ 76.009099][ T5432] usb 4-1: Using ep0 maxpacket: 32 [ 76.031381][ T5432] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 76.057914][ T5432] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 76.078839][ T5432] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 76.096922][ T5789] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 76.101545][ T5432] usb 4-1: Product: syz [ 76.117210][ T5789] NILFS (loop1): discard dirty page: offset=0, ino=2 [ 76.131371][ T5432] usb 4-1: Manufacturer: syz [ 76.136058][ T5432] usb 4-1: SerialNumber: syz [ 76.138497][ T5789] NILFS (loop1): discard dirty block: blocknr=14, size=4096 [ 76.159112][ T5432] usb 4-1: config 0 descriptor?? [ 76.178136][ T5789] NILFS (loop1): discard dirty page: offset=0, ino=6 [ 76.181478][ T5432] quatech2 4-1:0.0: Quatech 2nd gen USB to Serial Driver converter detected [ 76.193837][ T5789] NILFS (loop1): discard dirty block: blocknr=23, size=4096 [ 76.193881][ T5789] NILFS (loop1): discard dirty page: offset=4096, ino=6 [ 76.193899][ T5789] NILFS (loop1): discard dirty block: blocknr=24, size=4096 [ 76.193920][ T5789] NILFS (loop1): discard dirty page: offset=8192, ino=6 [ 76.193935][ T5789] NILFS (loop1): discard dirty block: blocknr=25, size=4096 [ 76.288525][ T50] Bluetooth: hci0: command tx timeout [ 76.429530][ T5432] usb 4-1: qt2_setup_urbs - submit read urb failed -8 [ 76.436603][ T5432] quatech2: probe of 4-1:0.0 failed with error -8 [ 76.448639][ T50] Bluetooth: hci3: command tx timeout [ 76.448943][ T5795] Bluetooth: hci1: command tx timeout [ 76.454101][ T50] Bluetooth: hci2: command tx timeout [ 76.785935][ T28] usb 4-1: USB disconnect, device number 2 [ 77.368122][ T5432] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 77.507778][ T27] audit: type=1326 audit(1756461284.898:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5952 comm="syz.2.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 77.572465][ T5432] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 77.592238][ T5432] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.603957][ T5955] netlink: 52 bytes leftover after parsing attributes in process `syz.3.41'. [ 77.617865][ T27] audit: type=1326 audit(1756461284.898:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5952 comm="syz.2.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 77.639958][ C0] vkms_vblank_simulate: vblank timer overrun [ 77.669441][ T5432] usb 2-1: config 0 descriptor?? [ 77.695200][ T27] audit: type=1326 audit(1756461284.918:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5952 comm="syz.2.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 77.725361][ T5959] loop2: detected capacity change from 0 to 16 [ 77.774255][ T27] audit: type=1326 audit(1756461284.918:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5952 comm="syz.2.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 77.780963][ T5959] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 77.849772][ T5959] cramfs: empty filesystem [ 77.925261][ T5432] [drm] vendor descriptor length:6 data:06 5f 01 00 00 00 00 00 00 00 00 [ 77.942465][ T5432] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 78.137382][ T5432] [drm:udl_init] *ERROR* Selecting channel failed [ 78.151289][ T5967] loop3: detected capacity change from 0 to 256 [ 78.184036][ T5967] ======================================================= [ 78.184036][ T5967] WARNING: The mand mount option has been deprecated and [ 78.184036][ T5967] and is ignored by this kernel. Remove the mand [ 78.184036][ T5967] option from the mount to silence this warning. [ 78.184036][ T5967] ======================================================= [ 78.257179][ T5969] xt_hashlimit: max too large, truncated to 1048576 [ 78.280598][ T5432] [drm] Initialized udl 0.0.1 20120220 for 2-1:0.0 on minor 2 [ 78.285308][ T5967] FAT-fs (loop3): Directory bread(block 64) failed [ 78.326005][ T5432] [drm] Initialized udl on minor 2 [ 78.344147][ T5967] FAT-fs (loop3): Directory bread(block 65) failed [ 78.349886][ T5432] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 78.385950][ T5432] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 78.387787][ T5967] FAT-fs (loop3): Directory bread(block 66) failed [ 78.395623][ T5971] loop0: detected capacity change from 0 to 1024 [ 78.425357][ T5967] FAT-fs (loop3): Directory bread(block 67) failed [ 78.426832][ T5848] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 78.463120][ T5967] FAT-fs (loop3): Directory bread(block 68) failed [ 78.468383][ T5432] usb 2-1: USB disconnect, device number 2 [ 78.484322][ T5848] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 78.497901][ T5967] FAT-fs (loop3): Directory bread(block 69) failed [ 78.551652][ T5967] FAT-fs (loop3): Directory bread(block 70) failed [ 78.586058][ T5967] FAT-fs (loop3): Directory bread(block 71) failed [ 78.606611][ T5967] FAT-fs (loop3): Directory bread(block 72) failed [ 78.636917][ T5967] FAT-fs (loop3): Directory bread(block 73) failed [ 78.696216][ T5975] ufs: You didn't specify the type of your ufs filesystem [ 78.696216][ T5975] [ 78.696216][ T5975] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 78.696216][ T5975] [ 78.696216][ T5975] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 78.727153][ C0] vkms_vblank_simulate: vblank timer overrun [ 78.820133][ T5975] ufs: ufstype=old is supported read-only [ 78.827201][ T5975] syz.2.51: attempt to access beyond end of device [ 78.827201][ T5975] nbd2: rw=0, sector=16, nr_sectors = 2 limit=0 [ 79.279617][ T5979] loop0: detected capacity change from 0 to 4096 [ 79.298470][ T5979] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 79.366002][ T5991] loop3: detected capacity change from 0 to 256 [ 79.383171][ T5979] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 79.402254][ T5991] exfat: Deprecated parameter 'namecase' [ 79.524959][ T5991] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 79.616641][ T5979] ntfs3: loop0: failed to convert "c46c" to euc-jp [ 80.045266][ T6001] netlink: 132 bytes leftover after parsing attributes in process `syz.2.61'. [ 80.678075][ T6019] netlink: 'syz.1.67': attribute type 8 has an invalid length. [ 81.012015][ T6025] Cannot find add_set index 0 as target [ 81.339616][ T6009] loop2: detected capacity change from 0 to 32768 [ 81.358476][ T6009] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.64 (6009) [ 81.389704][ T6009] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 81.389901][ T6009] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 81.389970][ T6009] BTRFS info (device loop2): using free space tree [ 81.509329][ T8] cfg80211: failed to load regulatory.db [ 81.729033][ T6009] BTRFS info (device loop2): enabling ssd optimizations [ 81.759806][ T6009] BTRFS info (device loop2): auto enabling async discard [ 81.772912][ T6062] nft_compat: unsupported protocol 1 [ 82.071927][ T6071] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 82.087949][ T6071] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 82.107263][ T5786] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 83.090339][ T6106] netlink: 12 bytes leftover after parsing attributes in process `syz.2.92'. [ 83.359723][ T6114] warning: `syz.1.95' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 83.397409][ T6117] gtp0: entered promiscuous mode [ 83.557781][ T5827] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 83.777822][ T5827] usb 4-1: Using ep0 maxpacket: 16 [ 83.809923][ T5827] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 83.834853][ T5827] usb 4-1: config 0 has an invalid descriptor of length 214, skipping remainder of the config [ 83.863846][ T5827] usb 4-1: config 0 has no interface number 0 [ 83.868037][ T6133] netlink: 8 bytes leftover after parsing attributes in process `syz.2.102'. [ 83.888773][ T5827] usb 4-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28 [ 83.910068][ T5827] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 83.939135][ T5827] usb 4-1: Product: syz [ 83.943378][ T5827] usb 4-1: Manufacturer: syz [ 83.973896][ T5827] usb 4-1: SerialNumber: syz [ 84.040552][ T5827] usb 4-1: config 0 descriptor?? [ 84.186651][ T6144] loop1: detected capacity change from 0 to 1024 [ 84.353098][ T5870] usb 4-1: USB disconnect, device number 3 [ 84.802212][ T6164] loop2: detected capacity change from 0 to 128 [ 84.957870][ T5870] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 85.119767][ T6177] SET target dimension over the limit! [ 85.156676][ T5870] usb 1-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5 [ 85.187820][ T5870] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.198886][ T6171] 8021q: adding VLAN 0 to HW filter on device bond1 [ 85.242532][ T5870] usb 1-1: config 0 descriptor?? [ 85.703133][ T5870] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 85.727162][ T5870] asix 1-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 85.771156][ T5870] asix: probe of 1-1:0.0 failed with error -71 [ 85.790716][ T5870] usb 1-1: USB disconnect, device number 2 [ 87.156250][ T6209] loop3: detected capacity change from 0 to 32768 [ 87.344494][ T6209] jfs_strtoUCS: char2uni returned -22. [ 87.382500][ T27] audit: type=1326 audit(1756461294.788:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 87.398057][ T6209] charset = cp874, char = 0xfc [ 87.444544][ T6209] jfs_strtoUCS: char2uni returned -22. [ 87.464616][ T6209] charset = cp874, char = 0xfc [ 87.500938][ T27] audit: type=1326 audit(1756461294.788:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 87.590626][ T27] audit: type=1326 audit(1756461294.818:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 87.677212][ T6261] dlm: Unknown command passed to DLM device : 11 [ 87.677212][ T6261] [ 87.687922][ T27] audit: type=1326 audit(1756461294.818:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 87.798761][ T27] audit: type=1326 audit(1756461294.818:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 87.877267][ T27] audit: type=1326 audit(1756461294.878:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.0.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b4f38ebe9 code=0x7ffc0000 [ 88.025202][ T27] audit: type=1326 audit(1756461294.878:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.0.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b4f38ebe9 code=0x7ffc0000 [ 88.118382][ T27] audit: type=1326 audit(1756461294.898:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.0.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f4b4f38ebe9 code=0x7ffc0000 [ 88.193041][ T27] audit: type=1326 audit(1756461294.898:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.0.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b4f38ebe9 code=0x7ffc0000 [ 88.299193][ T27] audit: type=1326 audit(1756461294.898:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.0.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b4f38ebe9 code=0x7ffc0000 [ 88.388224][ T6280] netlink: 28 bytes leftover after parsing attributes in process `syz.2.154'. [ 88.696057][ T6289] loop0: detected capacity change from 0 to 256 [ 88.825979][ T6289] FAT-fs (loop0): Directory bread(block 64) failed [ 88.873012][ T6289] FAT-fs (loop0): Directory bread(block 65) failed [ 88.890373][ T6289] FAT-fs (loop0): Directory bread(block 66) failed [ 88.907156][ T6289] FAT-fs (loop0): Directory bread(block 67) failed [ 88.917814][ T6289] FAT-fs (loop0): Directory bread(block 68) failed [ 88.924386][ T6289] FAT-fs (loop0): Directory bread(block 69) failed [ 88.947999][ T6289] FAT-fs (loop0): Directory bread(block 70) failed [ 88.971990][ T6289] FAT-fs (loop0): Directory bread(block 71) failed [ 88.978831][ T6289] FAT-fs (loop0): Directory bread(block 72) failed [ 88.985397][ T6289] FAT-fs (loop0): Directory bread(block 73) failed [ 89.122017][ T6270] loop1: detected capacity change from 0 to 32768 [ 89.224298][ T6270] ERROR: (device loop1): dtSearch: DT_GETPAGE: dtree page corrupt [ 89.224298][ T6270] [ 89.266360][ T6270] ERROR: (device loop1): remounting filesystem as read-only [ 89.299237][ T6270] jfs_lookup: dtSearch returned -5 [ 90.395195][ T6333] loop2: detected capacity change from 0 to 2048 [ 90.446343][ T6333] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 90.501850][ T6337] loop3: detected capacity change from 0 to 512 [ 90.818181][ T6337] EXT4-fs (loop3): Test dummy encryption mode enabled [ 90.870229][ T6337] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 90.922242][ T6337] EXT4-fs (loop3): Errors on filesystem, clearing orphan list. [ 90.930800][ T6326] loop0: detected capacity change from 0 to 32768 [ 90.981407][ T6337] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.052209][ T6326] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 91.190336][ T6364] loop1: detected capacity change from 0 to 512 [ 91.232562][ T6337] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 91.248239][ T6366] netlink: 20 bytes leftover after parsing attributes in process `syz.2.188'. [ 91.354760][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.531875][ T6326] XFS (loop0): Ending clean mount [ 91.880721][ T5783] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 92.022056][ T6383] netlink: 'syz.3.199': attribute type 1 has an invalid length. [ 92.036436][ T6383] netlink: 216 bytes leftover after parsing attributes in process `syz.3.199'. [ 92.266661][ T6390] ieee802154 phy0 wpan0: encryption failed: -22 [ 92.889021][ T6412] loop3: detected capacity change from 0 to 2048 [ 92.949416][ T6417] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 93.048997][ T6412] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 93.086598][ T6412] Remounting filesystem read-only [ 93.188807][ T6424] netlink: 4 bytes leftover after parsing attributes in process `syz.0.218'. [ 93.244410][ T5787] NILFS (loop3): discard dirty page: offset=4096, ino=6 [ 93.261877][ T5787] NILFS (loop3): discard dirty block: blocknr=39, size=1024 [ 93.288700][ T5787] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 93.317983][ T5787] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 93.327096][ T5787] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 93.363952][ T5787] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer [ 93.402940][ T5787] NILFS (loop3): discard dirty page: offset=0, ino=3 [ 93.428687][ T5787] NILFS (loop3): discard dirty block: blocknr=42, size=1024 [ 93.436964][ T5787] NILFS (loop3): discard dirty block: blocknr=43, size=1024 [ 93.449093][ T5787] NILFS (loop3): discard dirty block: blocknr=44, size=1024 [ 93.486141][ T5787] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 93.585415][ T6438] netlink: 'syz.1.226': attribute type 32 has an invalid length. [ 94.832910][ T6484] netlink: 'syz.2.246': attribute type 6 has an invalid length. [ 94.857771][ T6484] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.246'. [ 94.877830][ T5848] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 95.024975][ T6464] loop3: detected capacity change from 0 to 32768 [ 95.057093][ T6464] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.236 (6464) [ 95.079991][ T5848] usb 1-1: config 0 has an invalid interface number: 199 but max is 1 [ 95.087812][ T6489] loop2: detected capacity change from 0 to 2048 [ 95.095570][ T5848] usb 1-1: config 0 has no interface number 1 [ 95.113675][ T6464] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 95.113724][ T5848] usb 1-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 95.132943][ T6464] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 95.153001][ T6464] BTRFS info (device loop3): using free space tree [ 95.165749][ T5848] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 95.190693][ T5848] usb 1-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 95.196775][ T6492] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 95.207741][ T5848] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 95.235186][ T5848] usb 1-1: SerialNumber: syz [ 95.244531][ T5848] usb 1-1: config 0 descriptor?? [ 95.278625][ T5848] usb 1-1: Found UVC 0.00 device (0002:0000) [ 95.302904][ T5848] usb 1-1: No valid video chain found. [ 95.359131][ T6464] BTRFS info (device loop3): enabling ssd optimizations [ 95.378409][ T6464] BTRFS info (device loop3): auto enabling async discard [ 95.631077][ T5432] usb 1-1: USB disconnect, device number 3 [ 95.760675][ T6517] netlink: 4 bytes leftover after parsing attributes in process `syz.1.254'. [ 95.913943][ T5787] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 96.208430][ T6529] tc_dump_action: action bad kind [ 96.417477][ T6536] netlink: 16 bytes leftover after parsing attributes in process `syz.2.263'. [ 96.496816][ T6536] netlink: 108 bytes leftover after parsing attributes in process `syz.2.263'. [ 96.541308][ T6536] netlink: 16 bytes leftover after parsing attributes in process `syz.2.263'. [ 97.774386][ T6610] loop0: detected capacity change from 0 to 512 [ 97.821081][ T6610] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 97.845523][ T6610] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 97.935668][ T6610] EXT4-fs (loop0): 1 truncate cleaned up [ 97.944869][ T6610] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.979198][ T6610] EXT4-fs error (device loop0): ext4_get_verity_descriptor_location:298: inode #15: comm syz.0.287: verity file has no extents [ 98.017616][ T6610] fs-verity (loop0, inode 15): Error -117 getting verity descriptor size [ 98.110554][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.673297][ T6650] loop0: detected capacity change from 0 to 256 [ 98.689694][ T6650] exfat: Deprecated parameter 'utf8' [ 98.712368][ T6650] exfat: Deprecated parameter 'utf8' [ 98.774252][ T6655] netlink: 388 bytes leftover after parsing attributes in process `syz.2.300'. [ 98.783192][ T6650] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d) [ 99.418019][ T6676] x_tables: unsorted entry at hook 2 [ 100.151793][ T6719] binder: 6718:6719 ioctl c00c6211 ffffffffffffffff returned -14 [ 100.597766][ T5848] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 100.803448][ T5848] usb 4-1: Using ep0 maxpacket: 16 [ 100.821218][ T5848] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 100.860591][ T5848] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 100.877854][ T5848] usb 4-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 100.896024][ T5848] usb 4-1: config 0 interface 0 has no altsetting 0 [ 100.906535][ T5848] usb 4-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 100.923395][ T5848] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 100.936298][ T5848] usb 4-1: Product: syz [ 100.955179][ T5848] usb 4-1: Manufacturer: syz [ 100.964470][ T5848] usb 4-1: SerialNumber: syz [ 100.992782][ T5848] usb 4-1: config 0 descriptor?? [ 101.527978][ T5870] usb 4-1: USB disconnect, device number 4 [ 101.929985][ T6830] capability: warning: `syz.0.352' uses 32-bit capabilities (legacy support in use) [ 102.247389][ T6847] loop0: detected capacity change from 0 to 64 [ 102.452719][ T6856] vlan0: entered promiscuous mode [ 102.915370][ T6885] binder: 6884:6885 ioctl c018620c 2000000001c0 returned -22 [ 103.310339][ T6903] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 103.548842][ T6920] mmap: syz.3.379 (6920) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 104.462383][ T6969] netlink: 'syz.0.397': attribute type 3 has an invalid length. [ 104.872342][ T6995] loop0: detected capacity change from 0 to 8 [ 104.960171][ T6995] SQUASHFS error: Failed to read block 0x1ec: -5 [ 104.966988][ T6995] SQUASHFS error: Unable to read metadata cache entry [1ea] [ 105.697565][ T7030] loop0: detected capacity change from 0 to 512 [ 105.708437][ T7031] kernel read not supported for file /!selinuxwk1m9ɞ*T#jYmVvm(p-QZ#{ (pid: 7031 comm: syz.1.417) [ 105.734509][ T7030] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 105.832948][ T7002] loop2: detected capacity change from 0 to 32768 [ 105.854959][ T7030] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.880052][ T7030] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 105.951571][ T7002] find_entry called with index = 0 [ 105.994078][ T7002] find_entry called with index = 0 [ 106.049056][ T7030] Quota error (device loop0): do_check_range: Getting dqdh_prev_free 1792 out of range 0-6 [ 106.078382][ T7030] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 106.100008][ T7030] EXT4-fs error (device loop0): ext4_acquire_dquot:6940: comm syz.0.416: Failed to acquire dquot type 1 [ 106.170900][ T7049] loop3: detected capacity change from 0 to 512 [ 106.205958][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.324455][ T7049] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.369357][ T7049] ext4 filesystem being mounted at /83/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 106.406936][ T7049] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #15: comm syz.3.421: corrupted xattr block 33: overlapping e_value [ 106.559632][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.638743][ T7071] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 107.833711][ T7141] loop0: detected capacity change from 0 to 512 [ 107.921398][ T7141] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.947270][ T7141] ext4 filesystem being mounted at /116/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 108.017116][ T7149] SET target dimension over the limit! [ 108.023216][ T7141] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #15: comm syz.0.452: corrupted xattr block 33: overlapping e_value [ 108.154451][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.175852][ T7155] loop3: detected capacity change from 0 to 128 [ 108.651212][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 108.682081][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 108.708312][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 108.726875][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 108.747986][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 108.748288][ T7184] loop0: detected capacity change from 0 to 256 [ 108.768184][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 108.791935][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 108.800047][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 108.818600][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 108.819722][ T7184] FAT-fs (loop0): Directory bread(block 64) failed [ 108.828978][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 108.867982][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 108.875902][ T7184] FAT-fs (loop0): Directory bread(block 65) failed [ 108.888442][ T7184] FAT-fs (loop0): Directory bread(block 66) failed [ 108.905259][ T7184] FAT-fs (loop0): Directory bread(block 67) failed [ 108.908875][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 108.917827][ T7184] FAT-fs (loop0): Directory bread(block 68) failed [ 108.928359][ T7184] FAT-fs (loop0): Directory bread(block 69) failed [ 108.935108][ T7184] FAT-fs (loop0): Directory bread(block 70) failed [ 108.940503][ T7139] loop1: detected capacity change from 0 to 32768 [ 108.957872][ T7184] FAT-fs (loop0): Directory bread(block 71) failed [ 108.964657][ T7184] FAT-fs (loop0): Directory bread(block 72) failed [ 108.965683][ T7189] 8021q: adding VLAN 0 to HW filter on device bond1 [ 108.971495][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.032647][ T7184] FAT-fs (loop0): Directory bread(block 73) failed [ 109.075450][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.127008][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.157360][ T7139] find_entry called with index = 0 [ 109.167892][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.175696][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.196561][ T7139] find_entry called with index = 0 [ 109.218187][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.236269][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.256545][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.276814][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.300457][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.328889][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.336734][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.367926][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.375749][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.404932][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.419137][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.426942][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.448173][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.448841][ T7234] netlink: 28 bytes leftover after parsing attributes in process `syz.2.468'. [ 109.455950][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.455981][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.465997][ T7234] netlink: 28 bytes leftover after parsing attributes in process `syz.2.468'. [ 109.512598][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.522039][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.538415][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.546218][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.568775][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.587833][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.605848][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.632658][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.657896][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.683677][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.717795][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0 [ 109.756990][ T27] audit: type=1326 audit(1756461317.158:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7244 comm="syz.0.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b4f38ebe9 code=0x7ffc0000 [ 109.769177][ T5432] hid-generic 0000:007F:FFFFFFFE.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 109.849185][ T27] audit: type=1326 audit(1756461317.158:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7244 comm="syz.0.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b4f38ebe9 code=0x7ffc0000 [ 109.949046][ T27] audit: type=1326 audit(1756461317.198:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7244 comm="syz.0.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f4b4f38ebe9 code=0x7ffc0000 [ 109.981925][ T27] audit: type=1326 audit(1756461317.198:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7244 comm="syz.0.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b4f38ebe9 code=0x7ffc0000 [ 110.073996][ T27] audit: type=1326 audit(1756461317.198:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7244 comm="syz.0.471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b4f38ebe9 code=0x7ffc0000 [ 110.126833][ T7258] gtp0: entered promiscuous mode [ 110.133071][ T7252] fido_id[7252]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 110.433995][ T7278] netlink: 'syz.0.478': attribute type 1 has an invalid length. [ 110.455959][ T7284] netlink: 28 bytes leftover after parsing attributes in process `syz.1.479'. [ 110.478022][ T7284] netlink: 28 bytes leftover after parsing attributes in process `syz.1.479'. [ 110.487026][ T7278] netlink: 154788 bytes leftover after parsing attributes in process `syz.0.478'. [ 110.657555][ T27] audit: type=1326 audit(1756461318.058:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7294 comm="syz.3.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9218ebe9 code=0x7ffc0000 [ 110.732291][ T27] audit: type=1326 audit(1756461318.058:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7294 comm="syz.3.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b9218ebe9 code=0x7ffc0000 [ 110.781830][ T27] audit: type=1326 audit(1756461318.068:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7294 comm="syz.3.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7f0b9218ebe9 code=0x7ffc0000 [ 110.934659][ T7306] dlm: Unknown command passed to DLM device : 11 [ 110.934659][ T7306] [ 111.915771][ T7356] program syz.1.504 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 112.096890][ T7365] loop1: detected capacity change from 0 to 256 [ 112.150621][ T7338] loop0: detected capacity change from 0 to 32768 [ 112.248291][ T7338] ERROR: (device loop0): dtSearch: DT_GETPAGE: dtree page corrupt [ 112.248291][ T7338] [ 112.264226][ T7338] ERROR: (device loop0): remounting filesystem as read-only [ 112.279645][ T7338] jfs_lookup: dtSearch returned -5 [ 112.325349][ T7365] FAT-fs (loop1): Directory bread(block 64) failed [ 112.337719][ T7365] FAT-fs (loop1): Directory bread(block 65) failed [ 112.360072][ T7365] FAT-fs (loop1): Directory bread(block 66) failed [ 112.378118][ T7365] FAT-fs (loop1): Directory bread(block 67) failed [ 112.384823][ T7365] FAT-fs (loop1): Directory bread(block 68) failed [ 112.444310][ T7365] FAT-fs (loop1): Directory bread(block 69) failed [ 112.457321][ T7365] FAT-fs (loop1): Directory bread(block 70) failed [ 112.465060][ T7365] FAT-fs (loop1): Directory bread(block 71) failed [ 112.472480][ T7365] FAT-fs (loop1): Directory bread(block 72) failed [ 112.494796][ T7365] FAT-fs (loop1): Directory bread(block 73) failed [ 113.625363][ T7433] loop3: detected capacity change from 0 to 2048 [ 113.692746][ T7433] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 114.068533][ T7468] loop0: detected capacity change from 0 to 512 [ 114.153192][ T7468] __quota_error: 2 callbacks suppressed [ 114.153209][ T7468] Quota error (device loop0): dq_insert_tree: Quota tree root isn't allocated! [ 114.181132][ T7468] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota [ 114.193993][ T7468] EXT4-fs error (device loop0): ext4_acquire_dquot:6940: comm syz.0.535: Failed to acquire dquot type 0 [ 114.222387][ T7478] loop3: detected capacity change from 0 to 256 [ 114.224942][ T7468] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.535: bg 0: block 64: padding at end of block bitmap is not set [ 114.259902][ T7478] exfat: Deprecated parameter 'utf8' [ 114.264249][ T7468] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 114.294517][ T5848] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 114.304561][ T7478] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 114.349511][ T7468] EXT4-fs (loop0): 1 truncate cleaned up [ 114.357558][ T7468] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.385799][ T7468] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 114.517781][ T5848] usb 2-1: Using ep0 maxpacket: 16 [ 114.542383][ T5848] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 33437, setting to 1024 [ 114.565469][ T5848] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 1024 [ 114.579488][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.614543][ T5848] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 2269, setting to 1024 [ 114.643056][ T5848] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 114.679172][ T5848] usb 2-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87 [ 114.704418][ T5848] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 114.737768][ T5848] usb 2-1: Product: syz [ 114.748810][ T5848] usb 2-1: Manufacturer: syz [ 114.761922][ T5848] usb 2-1: SerialNumber: syz [ 114.779755][ T5848] usb 2-1: config 0 descriptor?? [ 114.794512][ T7463] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 114.834001][ T7463] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 114.873036][ C0] port100 2-1:0.0: NFC: Urb failure (status -71) [ 114.891170][ C0] port100 2-1:0.0: NFC: Urb failure (status -71) [ 114.916904][ T5848] port100 2-1:0.0: NFC: Could not get supported command types [ 115.097565][ T786] usb 2-1: USB disconnect, device number 3 [ 115.140476][ T7521] netlink: 20 bytes leftover after parsing attributes in process `syz.0.549'. [ 115.141094][ T27] audit: type=1326 audit(1756461322.538:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7520 comm="syz.2.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 115.179777][ T27] audit: type=1326 audit(1756461322.538:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7520 comm="syz.2.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 115.220607][ T27] audit: type=1326 audit(1756461322.558:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7520 comm="syz.2.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 115.261165][ T27] audit: type=1326 audit(1756461322.558:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7520 comm="syz.2.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 115.284913][ T7532] AppArmor: change_hat: Invalid input '0' [ 115.290534][ T27] audit: type=1326 audit(1756461322.558:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7520 comm="syz.2.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 116.023261][ T7570] loop1: detected capacity change from 0 to 1024 [ 116.074569][ T7570] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.189755][ T7585] ieee802154 phy0 wpan0: encryption failed: -22 [ 116.343426][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.600226][ T7609] sock: sock_timestamping_bind_phc: sock not bind to device [ 116.675353][ T7614] xt_addrtype: ipv6 does not support BROADCAST matching [ 116.883231][ T7620] loop1: detected capacity change from 0 to 2048 [ 116.910387][ T7628] netlink: 'syz.3.582': attribute type 10 has an invalid length. [ 116.936931][ T7631] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 116.973536][ T7628] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 118.006494][ T7681] netlink: 'syz.0.605': attribute type 1 has an invalid length. [ 118.040557][ T7681] netlink: 216 bytes leftover after parsing attributes in process `syz.0.605'. [ 118.526985][ T7668] loop2: detected capacity change from 0 to 32768 [ 118.579749][ T7668] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 118.702033][ T7691] loop0: detected capacity change from 0 to 2048 [ 118.731886][ T7668] XFS (loop2): Ending clean mount [ 118.793820][ T7707] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 118.802517][ T7668] XFS (loop2): Quotacheck needed: Please wait. [ 118.878744][ T7691] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 118.921550][ T7691] Remounting filesystem read-only [ 118.996841][ T7668] XFS (loop2): Quotacheck: Done. [ 119.054041][ T7682] loop1: detected capacity change from 0 to 32768 [ 119.064463][ T5783] NILFS (loop0): discard dirty page: offset=4096, ino=6 [ 119.094465][ T5783] NILFS (loop0): discard dirty block: blocknr=39, size=1024 [ 119.106161][ T5783] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 119.116737][ T5783] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 119.136509][ T5786] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 119.148033][ T5783] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 119.163108][ T5783] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 119.178312][ T7682] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 119.206063][ T5783] NILFS (loop0): discard dirty page: offset=0, ino=3 [ 119.227973][ T5783] NILFS (loop0): discard dirty block: blocknr=42, size=1024 [ 119.235354][ T5783] NILFS (loop0): discard dirty block: blocknr=43, size=1024 [ 119.273258][ T5783] NILFS (loop0): discard dirty block: blocknr=44, size=1024 [ 119.283839][ T5783] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 119.381531][ T7682] XFS (loop1): Ending clean mount [ 119.664065][ T5789] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 120.415780][ T7775] loop1: detected capacity change from 0 to 2048 [ 120.489401][ T7783] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 120.501839][ T7784] loop2: detected capacity change from 0 to 8 [ 120.537383][ T7775] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 120.556762][ T7775] Remounting filesystem read-only [ 120.570421][ T7784] SQUASHFS error: Failed to read block 0x1ec: -5 [ 120.592275][ T7784] SQUASHFS error: Unable to read metadata cache entry [1ea] [ 120.742148][ T5789] NILFS (loop1): discard dirty page: offset=4096, ino=6 [ 120.751627][ T5789] NILFS (loop1): discard dirty block: blocknr=39, size=1024 [ 120.777407][ T5789] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 120.807728][ T5789] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 120.848037][ T5789] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 120.880333][ T5789] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 120.925017][ T5789] NILFS (loop1): discard dirty page: offset=0, ino=3 [ 120.969292][ T5789] NILFS (loop1): discard dirty block: blocknr=42, size=1024 [ 120.976652][ T5789] NILFS (loop1): discard dirty block: blocknr=43, size=1024 [ 121.021673][ T5789] NILFS (loop1): discard dirty block: blocknr=44, size=1024 [ 121.046832][ T5789] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 121.090166][ T7811] loop0: detected capacity change from 0 to 512 [ 121.432696][ T7826] loop2: detected capacity change from 0 to 2048 [ 121.476986][ T7835] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 121.548623][ T7826] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 121.551126][ T7826] Remounting filesystem read-only [ 121.579339][ T7840] netlink: 'syz.1.635': attribute type 21 has an invalid length. [ 121.630059][ T5786] NILFS (loop2): discard dirty page: offset=4096, ino=6 [ 121.630089][ T5786] NILFS (loop2): discard dirty block: blocknr=39, size=1024 [ 121.630106][ T5786] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 121.630124][ T5786] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 121.630141][ T5786] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 121.630496][ T5786] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 121.651650][ T5786] NILFS (loop2): discard dirty page: offset=0, ino=3 [ 121.651679][ T5786] NILFS (loop2): discard dirty block: blocknr=42, size=1024 [ 121.651697][ T5786] NILFS (loop2): discard dirty block: blocknr=43, size=1024 [ 121.651712][ T5786] NILFS (loop2): discard dirty block: blocknr=44, size=1024 [ 121.651762][ T5786] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 121.916968][ T7847] loop1: detected capacity change from 0 to 2048 [ 121.971523][ T7847] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 122.882146][ T7903] loop1: detected capacity change from 0 to 2364 [ 123.564803][ T7943] netlink: 16 bytes leftover after parsing attributes in process `syz.0.666'. [ 123.598437][ T7943] netlink: 108 bytes leftover after parsing attributes in process `syz.0.666'. [ 123.604840][ T7946] netlink: 4 bytes leftover after parsing attributes in process `syz.3.667'. [ 123.607424][ T7943] netlink: 16 bytes leftover after parsing attributes in process `syz.0.666'. [ 124.527950][ T7995] loop1: detected capacity change from 0 to 2048 [ 124.563547][ T8001] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 124.594244][ T7995] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 124.664127][ T7995] Remounting filesystem read-only [ 125.353778][ T8037] loop3: detected capacity change from 0 to 64 [ 125.354410][ T7998] loop0: detected capacity change from 0 to 32768 [ 125.400736][ T7998] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.684 (7998) [ 125.451019][ T7998] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 125.474449][ T7998] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 125.474938][ T27] audit: type=1326 audit(1756461332.878:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8042 comm="syz.2.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 125.493478][ T7998] BTRFS info (device loop0): using free space tree [ 125.565340][ T27] audit: type=1326 audit(1756461332.878:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8042 comm="syz.2.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 125.682652][ T27] audit: type=1326 audit(1756461332.898:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8042 comm="syz.2.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 125.712553][ T8058] netlink: 4 bytes leftover after parsing attributes in process `syz.1.707'. [ 125.771329][ T27] audit: type=1326 audit(1756461332.898:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8042 comm="syz.2.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 125.828085][ T7998] BTRFS info (device loop0): enabling ssd optimizations [ 125.845324][ T7998] BTRFS info (device loop0): auto enabling async discard [ 125.873954][ T27] audit: type=1326 audit(1756461332.898:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8042 comm="syz.2.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3914b8ebe9 code=0x7ffc0000 [ 126.295127][ T5783] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 126.538005][ T8100] netlink: 4 bytes leftover after parsing attributes in process `syz.2.711'. [ 127.338588][ T8136] overlayfs: overlapping lowerdir path [ 127.393293][ T8139] loop1: detected capacity change from 0 to 256 [ 127.407541][ T8139] exfat: Deprecated parameter 'utf8' [ 127.425960][ T8139] exfat: Deprecated parameter 'utf8' [ 127.494089][ T8139] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d) [ 127.498816][ T8146] netlink: 'syz.2.725': attribute type 1 has an invalid length. [ 128.112241][ T8179] tmpfs: Bad value for 'mpol' [ 128.403286][ T8196] binfmt_misc: register: failed to install interpreter file ./bus [ 128.412779][ T8197] syz.2.741: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1 [ 128.443566][ T8197] CPU: 1 PID: 8197 Comm: syz.2.741 Not tainted syzkaller #0 [ 128.450922][ T8197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 128.461109][ T8197] Call Trace: [ 128.464423][ T8197] [ 128.467385][ T8197] dump_stack_lvl+0x16c/0x230 [ 128.472193][ T8197] ? show_regs_print_info+0x20/0x20 [ 128.477441][ T8197] ? load_image+0x3b0/0x3b0 [ 128.481994][ T8197] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 128.488542][ T8197] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 128.495168][ T8197] warn_alloc+0x210/0x300 [ 128.499523][ T8197] ? stack_trace_save+0x9c/0xe0 [ 128.504390][ T8197] ? zone_watermark_ok_safe+0x230/0x230 [ 128.509952][ T8197] ? kasan_set_track+0x5f/0x70 [ 128.514730][ T8197] ? kasan_set_track+0x4e/0x70 [ 128.519504][ T8197] ? __kasan_kmalloc+0x8f/0xa0 [ 128.524296][ T8197] ? xsk_init_queue+0xb0/0x110 [ 128.529063][ T8197] ? xsk_setsockopt+0x43c/0x6f0 [ 128.533914][ T8197] ? do_sock_setsockopt+0x175/0x1a0 [ 128.539120][ T8197] ? __x64_sys_setsockopt+0x184/0x200 [ 128.544506][ T8197] __vmalloc_node_range+0x126/0x1320 [ 128.549825][ T8197] ? free_vm_area+0x50/0x50 [ 128.554348][ T8197] vmalloc_user+0x74/0x80 [ 128.558772][ T8197] ? xskq_create+0xbf/0x170 [ 128.563282][ T8197] xskq_create+0xbf/0x170 [ 128.567620][ T8197] xsk_init_queue+0xb0/0x110 [ 128.572256][ T8197] xsk_setsockopt+0x43c/0x6f0 [ 128.576975][ T8197] ? xsk_poll+0x670/0x670 [ 128.581314][ T8197] ? __fget_files+0x28/0x4d0 [ 128.585921][ T8197] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 128.591485][ T8197] ? security_socket_setsockopt+0x7e/0xa0 [ 128.597313][ T8197] ? xsk_poll+0x670/0x670 [ 128.601649][ T8197] do_sock_setsockopt+0x175/0x1a0 [ 128.606683][ T8197] ? __fdget+0x180/0x210 [ 128.610940][ T8197] __x64_sys_setsockopt+0x184/0x200 [ 128.616156][ T8197] do_syscall_64+0x55/0xb0 [ 128.620752][ T8197] ? clear_bhb_loop+0x40/0x90 [ 128.625529][ T8197] ? clear_bhb_loop+0x40/0x90 [ 128.630317][ T8197] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 128.636398][ T8197] RIP: 0033:0x7f3914b8ebe9 [ 128.640820][ T8197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.660430][ T8197] RSP: 002b:00007f39159c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 128.668864][ T8197] RAX: ffffffffffffffda RBX: 00007f3914db5fa0 RCX: 00007f3914b8ebe9 [ 128.676842][ T8197] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 128.684817][ T8197] RBP: 00007f3914c11e19 R08: 0000000000000004 R09: 0000000000000000 [ 128.692793][ T8197] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.700770][ T8197] R13: 00007f3914db6038 R14: 00007f3914db5fa0 R15: 00007ffeacd7ea18 [ 128.708759][ T8197] [ 128.732592][ T8197] Mem-Info: [ 128.736133][ T8197] active_anon:5465 inactive_anon:0 isolated_anon:0 [ 128.736133][ T8197] active_file:1181 inactive_file:39895 isolated_file:0 [ 128.736133][ T8197] unevictable:768 dirty:270 writeback:0 [ 128.736133][ T8197] slab_reclaimable:10190 slab_unreclaimable:92385 [ 128.736133][ T8197] mapped:24539 shmem:1361 pagetables:593 [ 128.736133][ T8197] sec_pagetables:0 bounce:0 [ 128.736133][ T8197] kernel_misc_reclaimable:0 [ 128.736133][ T8197] free:1367148 free_pcp:8882 free_cma:0 [ 128.799619][ T8197] Node 0 active_anon:21904kB inactive_anon:0kB active_file:4724kB inactive_file:159380kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98264kB dirty:1120kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11252kB pagetables:2380kB sec_pagetables:0kB all_unreclaimable? no [ 128.915622][ T8197] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 128.951151][ T8211] x_tables: unsorted entry at hook 2 [ 128.959949][ T8197] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 128.990058][ T8197] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 129.032530][ T8197] Node 0 DMA32 free:1559116kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:21856kB inactive_anon:0kB active_file:4724kB inactive_file:158064kB unevictable:1536kB writepending:1120kB present:3129332kB managed:2589592kB mlocked:0kB bounce:0kB free_pcp:14360kB local_pcp:2392kB free_cma:0kB [ 129.067826][ T8197] lowmem_reserve[]: 0 0 1 1 1 [ 129.074387][ T8197] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB [ 129.147695][ T8197] lowmem_reserve[]: 0 0 0 0 0 [ 129.152519][ T8197] Node 1 Normal free:3894108kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:20868kB local_pcp:10852kB free_cma:0kB [ 129.226134][ T8197] lowmem_reserve[]: 0 0 0 0 0 [ 129.232125][ T8197] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 129.297254][ T8197] Node 0 DMA32: 229*4kB (UME) 1317*8kB (UME) 707*16kB (UME) 271*32kB (UM) 140*64kB (UME) 51*128kB (UME) 23*256kB (UME) 12*512kB (UM) 13*1024kB (UM) 16*2048kB (UME) 355*4096kB (UM) = 1559116kB [ 129.365973][ T8197] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 129.408126][ T8197] Node 1 Normal: 245*4kB (UM) 55*8kB (UME) 43*16kB (UME) 57*32kB (UM) 20*64kB (UE) 8*128kB (UME) 1*256kB (U) 1*512kB (M) 0*1024kB 0*2048kB 949*4096kB (M) = 3894108kB [ 129.473232][ T8197] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 129.495711][ T8197] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 129.534633][ T8197] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 129.557735][ T8197] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 129.567092][ T8197] 42990 total pagecache pages [ 129.602601][ T8197] 0 pages in swap cache [ 129.606831][ T8197] Free swap = 124996kB [ 129.623111][ T8197] Total swap = 124996kB [ 129.627364][ T8197] 2097051 pages RAM [ 129.640262][ T8197] 0 pages HighMem/MovableOnly [ 129.644992][ T8197] 416139 pages reserved [ 129.667716][ T8197] 0 pages cma reserved [ 129.956057][ T8246] loop1: detected capacity change from 0 to 4096 [ 129.975673][ T8246] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 129.978087][ T8251] binfmt_misc: register: failed to install interpreter file ./file0 [ 129.996185][ C1] vkms_vblank_simulate: vblank timer overrun [ 130.080340][ T8221] loop0: detected capacity change from 0 to 32768 [ 130.087272][ T8246] ntfs: volume version 3.1. [ 130.209882][ T8246] ntfs: (device loop1): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 130.211632][ T8221] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 130.230262][ C1] vkms_vblank_simulate: vblank timer overrun [ 130.258814][ T8246] ntfs: (device loop1): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5). [ 130.279292][ T8246] ntfs: (device loop1): ntfs_cluster_alloc(): Failed to map page. [ 130.287336][ T8246] ntfs: (device loop1): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -5). [ 130.332959][ T8221] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 130.507785][ T786] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 130.631418][ T5783] ocfs2: Unmounting device (7,0) on (node local) [ 130.744236][ T786] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 130.758735][ T786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 130.786293][ T786] usb 3-1: Product: syz [ 130.791652][ T786] usb 3-1: Manufacturer: syz [ 130.812366][ T786] usb 3-1: SerialNumber: syz [ 130.843791][ T786] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 130.923574][ T8293] loop3: detected capacity change from 0 to 64 [ 130.931228][ T5870] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 131.159106][ T8302] netlink: 'syz.1.769': attribute type 1 has an invalid length. [ 131.208561][ C1] usb 3-1: ath: unknown panic pattern! [ 131.548779][ T28] usb 3-1: USB disconnect, device number 2 [ 132.047592][ T8345] veth3: entered promiscuous mode [ 132.049071][ T5870] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 132.049738][ T5870] ath9k_htc: Failed to initialize the device [ 132.051944][ T28] usb 3-1: ath9k_htc: USB layer deinitialized [ 132.064869][ T8345] veth3: entered allmulticast mode [ 132.495782][ T8385] netlink: 'syz.2.791': attribute type 1 has an invalid length. [ 132.693866][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.703481][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.808464][ T8399] loop3: detected capacity change from 0 to 2048 [ 132.863591][ T8399] loop3: p1 < > p3 [ 132.885511][ T8399] loop3: p3 size 134217728 extends beyond EOD, truncated [ 132.990104][ T8414] tc_dump_action: action bad kind [ 133.200249][ T8424] netlink: 2 bytes leftover after parsing attributes in process `syz.2.800'. [ 133.252969][ T8424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 133.284059][ T8424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 133.308567][ T6515] udevd[6515]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 133.334905][ T8424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 133.347845][ T8424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 133.378520][ T8424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 133.413763][ T8424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 133.422708][ T6515] udevd[6515]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 133.452049][ T8424] batadv_slave_1: entered promiscuous mode [ 134.077823][ T5870] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 134.135099][ T8480] netlink: 'syz.3.816': attribute type 1 has an invalid length. [ 134.288284][ T5870] usb 1-1: Using ep0 maxpacket: 16 [ 134.322234][ T5870] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 134.351924][ T5870] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 134.390784][ T5870] usb 1-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 134.419441][ T5870] usb 1-1: config 0 interface 0 has no altsetting 0 [ 134.430328][ T5870] usb 1-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 134.447850][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 134.477932][ T5870] usb 1-1: Product: syz [ 134.482284][ T5870] usb 1-1: Manufacturer: syz [ 134.486998][ T5870] usb 1-1: SerialNumber: syz [ 134.519697][ T5870] usb 1-1: config 0 descriptor?? [ 135.039666][ T5848] usb 1-1: USB disconnect, device number 4 [ 135.128302][ T5432] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 135.332900][ T5432] usb 2-1: config 0 has an invalid interface number: 199 but max is 1 [ 135.357964][ T5432] usb 2-1: config 0 has no interface number 1 [ 135.364176][ T5432] usb 2-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 135.388994][ T5432] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 135.406779][ T8554] binder: 8552:8554 ioctl c018620c 2000000001c0 returned -22 [ 135.408807][ T5432] usb 2-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 135.434932][ T5432] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 135.445532][ T5432] usb 2-1: SerialNumber: syz [ 135.460855][ T5432] usb 2-1: config 0 descriptor?? [ 135.495237][ T5432] usb 2-1: Found UVC 0.00 device (0002:0000) [ 135.518956][ T5432] usb 2-1: No valid video chain found. [ 135.787300][ T5870] usb 2-1: USB disconnect, device number 4 [ 135.813522][ T8580] xt_limit: Overflow, try lower: 65536/2147483648 [ 137.002601][ T8655] loop0: detected capacity change from 0 to 256 [ 137.180993][ T8663] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 137.478027][ T8680] netlink: 'syz.1.874': attribute type 15 has an invalid length. [ 137.547699][ T8680] netlink: 666 bytes leftover after parsing attributes in process `syz.1.874'. [ 138.243434][ T8722] netlink: 28 bytes leftover after parsing attributes in process `syz.1.887'. [ 138.404099][ T8728] loop2: detected capacity change from 0 to 256 [ 138.467364][ C1] ================================================================== [ 138.475497][ C1] BUG: KASAN: slab-use-after-free in __xfrm_state_delete+0x47c/0x800 [ 138.483682][ C1] Write of size 8 at addr ffff88805ea58430 by task syz.2.888/8726 [ 138.491513][ C1] [ 138.493862][ C1] CPU: 1 PID: 8726 Comm: syz.2.888 Not tainted syzkaller #0 [ 138.501167][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 138.511279][ C1] Call Trace: [ 138.514585][ C1] [ 138.517538][ C1] dump_stack_lvl+0x16c/0x230 [ 138.522251][ C1] ? __lock_acquire+0x7c80/0x7c80 [ 138.527309][ C1] ? show_regs_print_info+0x20/0x20 [ 138.532541][ C1] ? load_image+0x3b0/0x3b0 [ 138.537086][ C1] ? _raw_spin_lock_irqsave+0xb4/0xf0 [ 138.541274][ T8734] Zero length message leads to an empty skb [ 138.542477][ C1] ? __virt_addr_valid+0x18c/0x540 [ 138.542508][ C1] ? __virt_addr_valid+0x469/0x540 [ 138.558722][ C1] print_report+0xac/0x220 [ 138.563167][ C1] ? __xfrm_state_delete+0x47c/0x800 [ 138.568481][ C1] kasan_report+0x117/0x150 [ 138.573003][ C1] ? __xfrm_state_delete+0x47c/0x800 [ 138.578302][ C1] __xfrm_state_delete+0x47c/0x800 [ 138.583423][ C1] xfrm_timer_handler+0x1c3/0x9e0 [ 138.588449][ C1] ? xfrm_state_alloc+0x2a0/0x2a0 [ 138.593471][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 138.599371][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 138.604579][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 138.610476][ C1] ? _raw_spin_unlock+0x40/0x40 [ 138.615338][ C1] ? debug_object_deactivate+0x67/0x350 [ 138.620890][ C1] __hrtimer_run_queues+0x51e/0xc40 [ 138.626089][ C1] ? xfrm_state_alloc+0x2a0/0x2a0 [ 138.631120][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 138.636232][ C1] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 138.642400][ C1] hrtimer_run_softirq+0x187/0x2b0 [ 138.647516][ C1] handle_softirqs+0x280/0x820 [ 138.652280][ C1] ? __irq_exit_rcu+0xc7/0x190 [ 138.657042][ C1] ? do_softirq+0x180/0x180 [ 138.661546][ C1] __irq_exit_rcu+0xc7/0x190 [ 138.666137][ C1] ? irq_exit_rcu+0x20/0x20 [ 138.670655][ C1] irq_exit_rcu+0x9/0x20 [ 138.674893][ C1] sysvec_apic_timer_interrupt+0x56/0xc0 [ 138.680529][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 138.686507][ C1] RIP: 0033:0x7f3914a4d9d0 [ 138.690925][ C1] Code: 41 5e c3 0f 1f 80 00 00 00 00 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 <41> 89 fb 44 8d 56 04 4c 8d 0d 22 46 35 00 89 f0 4c 8d 05 19 26 35 [ 138.710527][ C1] RSP: 002b:00007ffeacd7ea48 EFLAGS: 00000246 [ 138.716596][ C1] RAX: 000000000001a1ef RBX: 00007f39158e5720 RCX: 000000000000504c [ 138.724563][ C1] RDX: ffffffff81e372df RSI: ffffffff81e373db RDI: 0000000000000000 [ 138.732531][ C1] RBP: ffffffff81e373db R08: 00007f3914db6038 R09: 00007f3914da2000 [ 138.740520][ C1] R10: 00007f39145ff008 R11: 0000000000000000 R12: 0000000000000000 [ 138.748487][ C1] R13: 0000000000000000 R14: ffffffff81e372df R15: 000000000000504c [ 138.756454][ C1] ? page_counter_uncharge+0xcf/0x110 [ 138.762007][ C1] ? page_counter_set_max+0xbb/0x170 [ 138.767382][ C1] ? page_counter_uncharge+0xcf/0x110 [ 138.772768][ C1] ? page_counter_set_max+0xbb/0x170 [ 138.778060][ C1] [ 138.781076][ C1] [ 138.783401][ C1] Allocated by task 6514: [ 138.787721][ C1] kasan_set_track+0x4e/0x70 [ 138.792308][ C1] __kasan_slab_alloc+0x6c/0x80 [ 138.797170][ C1] slab_post_alloc_hook+0x6e/0x4d0 [ 138.802286][ C1] kmem_cache_alloc+0x11e/0x2e0 [ 138.807153][ C1] xfrm_state_alloc+0x22/0x2a0 [ 138.811917][ C1] __find_acq_core+0x7d8/0x19d0 [ 138.816767][ C1] xfrm_find_acq+0x6a/0x90 [ 138.821186][ C1] xfrm_alloc_userspi+0x57a/0xa90 [ 138.826205][ C1] xfrm_user_rcv_msg+0x596/0x870 [ 138.831250][ C1] netlink_rcv_skb+0x216/0x480 [ 138.836017][ C1] xfrm_netlink_rcv+0x79/0x90 [ 138.840697][ C1] netlink_unicast+0x751/0x8d0 [ 138.845460][ C1] netlink_sendmsg+0x8c1/0xbe0 [ 138.850229][ C1] ____sys_sendmsg+0x5bf/0x950 [ 138.854994][ C1] ___sys_sendmsg+0x220/0x290 [ 138.859762][ C1] __se_sys_sendmsg+0x1a5/0x270 [ 138.864617][ C1] do_syscall_64+0x55/0xb0 [ 138.869032][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 138.874933][ C1] [ 138.877436][ C1] The buggy address belongs to the object at ffff88805ea58400 [ 138.877436][ C1] which belongs to the cache xfrm_state of size 848 [ 138.891407][ C1] The buggy address is located 48 bytes inside of [ 138.891407][ C1] freed 848-byte region [ffff88805ea58400, ffff88805ea58750) [ 138.905200][ C1] [ 138.907530][ C1] The buggy address belongs to the physical page: [ 138.913950][ C1] page:ffffea00017a9600 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88805ea58800 pfn:0x5ea58 [ 138.925514][ C1] head:ffffea00017a9600 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 138.934473][ C1] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 138.942456][ C1] page_type: 0xffffffff() [ 138.946788][ C1] raw: 00fff00000000840 ffff88814565a500 dead000000000122 0000000000000000 [ 138.955457][ C1] raw: ffff88805ea58800 000000008010000d 00000001ffffffff 0000000000000000 [ 138.964036][ C1] page dumped because: kasan: bad access detected [ 138.970445][ C1] page_owner tracks the page as allocated [ 138.976354][ C1] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6438, tgid 6437 (syz.1.226), ts 93617920484, free_ts 93542282256 [ 138.996773][ C1] post_alloc_hook+0x1cd/0x210 [ 139.001553][ C1] get_page_from_freelist+0x195c/0x19f0 [ 139.007140][ C1] __alloc_pages+0x1e3/0x460 [ 139.011734][ C1] alloc_slab_page+0x5d/0x170 [ 139.016417][ C1] new_slab+0x87/0x2e0 [ 139.020486][ C1] ___slab_alloc+0xc6d/0x12f0 [ 139.025256][ C1] kmem_cache_alloc+0x1b7/0x2e0 [ 139.030158][ C1] xfrm_state_alloc+0x22/0x2a0 [ 139.034927][ C1] xfrm_add_sa+0xfe5/0x30a0 [ 139.039424][ C1] xfrm_user_rcv_msg+0x596/0x870 [ 139.044356][ C1] netlink_rcv_skb+0x216/0x480 [ 139.049131][ C1] xfrm_netlink_rcv+0x79/0x90 [ 139.053820][ C1] netlink_unicast+0x751/0x8d0 [ 139.058579][ C1] netlink_sendmsg+0x8c1/0xbe0 [ 139.063344][ C1] ____sys_sendmsg+0x5bf/0x950 [ 139.068112][ C1] ___sys_sendmsg+0x220/0x290 [ 139.073059][ C1] page last free stack trace: [ 139.077732][ C1] free_unref_page_prepare+0x7ce/0x8e0 [ 139.083194][ C1] free_unref_page+0x32/0x2e0 [ 139.087876][ C1] free_large_kmalloc+0x101/0x1a0 [ 139.093003][ C1] bpf_check+0x62c6/0xe970 [ 139.097427][ C1] bpf_prog_load+0x11cb/0x16d0 [ 139.102189][ C1] __sys_bpf+0x55a/0x800 [ 139.106434][ C1] __x64_sys_bpf+0x7c/0x90 [ 139.110848][ C1] do_syscall_64+0x55/0xb0 [ 139.115264][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 139.121170][ C1] [ 139.123489][ C1] Memory state around the buggy address: [ 139.129199][ C1] ffff88805ea58300: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 139.137253][ C1] ffff88805ea58380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 139.145313][ C1] >ffff88805ea58400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 139.153370][ C1] ^ [ 139.158999][ C1] ffff88805ea58480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 139.167084][ C1] ffff88805ea58500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 139.175174][ C1] ================================================================== [ 139.183355][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 139.190575][ C1] CPU: 1 PID: 8726 Comm: syz.2.888 Not tainted syzkaller #0 [ 139.197889][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 139.207964][ C1] Call Trace: [ 139.211265][ C1] [ 139.214210][ C1] dump_stack_lvl+0x16c/0x230 [ 139.218922][ C1] ? show_regs_print_info+0x20/0x20 [ 139.224141][ C1] ? load_image+0x3b0/0x3b0 [ 139.228685][ C1] panic+0x2c0/0x710 [ 139.232636][ C1] ? bpf_jit_dump+0xd0/0xd0 [ 139.237178][ C1] ? _raw_spin_unlock_irqrestore+0xa9/0x110 [ 139.243112][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 139.249040][ C1] ? _raw_spin_unlock+0x40/0x40 [ 139.253918][ C1] ? print_memory_metadata+0x314/0x400 [ 139.259412][ C1] ? __xfrm_state_delete+0x47c/0x800 [ 139.264714][ C1] check_panic_on_warn+0x84/0xa0 [ 139.269675][ C1] ? __xfrm_state_delete+0x47c/0x800 [ 139.274974][ C1] end_report+0x6f/0x140 [ 139.279243][ C1] kasan_report+0x128/0x150 [ 139.283763][ C1] ? __xfrm_state_delete+0x47c/0x800 [ 139.289074][ C1] __xfrm_state_delete+0x47c/0x800 [ 139.294207][ C1] xfrm_timer_handler+0x1c3/0x9e0 [ 139.299339][ C1] ? xfrm_state_alloc+0x2a0/0x2a0 [ 139.304406][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 139.310328][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 139.315648][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 139.321561][ C1] ? _raw_spin_unlock+0x40/0x40 [ 139.326434][ C1] ? debug_object_deactivate+0x67/0x350 [ 139.332150][ C1] __hrtimer_run_queues+0x51e/0xc40 [ 139.337372][ C1] ? xfrm_state_alloc+0x2a0/0x2a0 [ 139.342429][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 139.347553][ C1] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 139.353645][ C1] hrtimer_run_softirq+0x187/0x2b0 [ 139.358783][ C1] handle_softirqs+0x280/0x820 [ 139.363578][ C1] ? __irq_exit_rcu+0xc7/0x190 [ 139.368360][ C1] ? do_softirq+0x180/0x180 [ 139.372891][ C1] __irq_exit_rcu+0xc7/0x190 [ 139.377505][ C1] ? irq_exit_rcu+0x20/0x20 [ 139.382116][ C1] irq_exit_rcu+0x9/0x20 [ 139.386370][ C1] sysvec_apic_timer_interrupt+0x56/0xc0 [ 139.392032][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 139.398030][ C1] RIP: 0033:0x7f3914a4d9d0 [ 139.402459][ C1] Code: 41 5e c3 0f 1f 80 00 00 00 00 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 <41> 89 fb 44 8d 56 04 4c 8d 0d 22 46 35 00 89 f0 4c 8d 05 19 26 35 [ 139.422253][ C1] RSP: 002b:00007ffeacd7ea48 EFLAGS: 00000246 [ 139.428512][ C1] RAX: 000000000001a1ef RBX: 00007f39158e5720 RCX: 000000000000504c [ 139.436584][ C1] RDX: ffffffff81e372df RSI: ffffffff81e373db RDI: 0000000000000000 [ 139.444575][ C1] RBP: ffffffff81e373db R08: 00007f3914db6038 R09: 00007f3914da2000 [ 139.452658][ C1] R10: 00007f39145ff008 R11: 0000000000000000 R12: 0000000000000000 [ 139.460660][ C1] R13: 0000000000000000 R14: ffffffff81e372df R15: 000000000000504c [ 139.468648][ C1] ? page_counter_uncharge+0xcf/0x110 [ 139.474053][ C1] ? page_counter_set_max+0xbb/0x170 [ 139.479370][ C1] ? page_counter_uncharge+0xcf/0x110 [ 139.484766][ C1] ? page_counter_set_max+0xbb/0x170 [ 139.490091][ C1] [ 139.493419][ C1] Kernel Offset: disabled [ 139.497756][ C1] Rebooting in 86400 seconds..