last executing test programs: 8.132891264s ago: executing program 1 (id=818): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x0, @local}, 0x2}}, 0x26) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)={0x3c, r2, 0x1, 0x60bd27, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x7}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x20}, @L2TP_ATTR_RECV_SEQ={0x5, 0x12, 0x7f}]}, 0x3c}}, 0x20) 8.013444596s ago: executing program 1 (id=820): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="12010000000000408c0d220000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000003065b043a08f426738631076f"], 0x0) syz_usb_control_io(r0, &(0x7f0000000740)={0x2c, &(0x7f0000000980)=ANY=[@ANYBLOB="00000001000000090090"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000100), 0x0, 0x0) ioctl$HIDIOCSREPORT(r1, 0x4018480c, &(0x7f0000000080)={0x2, 0xffffffff, 0x10000}) 5.299600788s ago: executing program 1 (id=835): syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0]) mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0x9362, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) 5.036780523s ago: executing program 1 (id=838): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = eventfd(0x8c66) ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000140)={0xfffffffffffffffc, 0x2000, 0x1, r3, 0x8}) close_range(r0, 0xffffffffffffffff, 0x0) 4.804655777s ago: executing program 1 (id=841): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0x48980, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TCFLSH(r1, 0x400455c8, 0x20000000009) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0x1b) syz_usb_connect(0x0, 0x4f, 0x0, 0x0) 2.007836441s ago: executing program 1 (id=856): setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x56a, 0xc6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x1, [{{0x9, 0x4, 0x0, 0x0, 0x11, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x2, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x0, 0x28}}}}}]}}]}}, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r1}, 0x10) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x7, {[@local=@item_012={0x1, 0x2, 0x2, "8a"}, @global=@item_4={0x3, 0x1, 0x6, "e99dc8ff"}]}}, 0x0}, 0x0) 1.888546254s ago: executing program 2 (id=857): socket(0x10, 0x803, 0x0) socket$unix(0x1, 0x1, 0x0) r0 = syz_io_uring_setup(0x49b, &(0x7f0000000200)={0x0, 0x4661, 0x400, 0x7, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r0, 0x40f6, 0x4f7c, 0x0, 0x0, 0x0) 1.528632711s ago: executing program 2 (id=860): r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) close(r0) userfaultfd(0x80801) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x4) mount$9p_fd(0x0, &(0x7f00000006c0)='./bus\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 1.343526224s ago: executing program 3 (id=864): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f21df33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.201952877s ago: executing program 3 (id=865): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_int(r0, 0x0, 0x33, &(0x7f0000000040)=0x80000003, 0x4) listen(r0, 0x3) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_int(r1, 0x0, 0x33, &(0x7f0000000040)=0x80000003, 0x4) connect$inet(r1, &(0x7f0000000100)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10) 1.201002146s ago: executing program 0 (id=866): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) r1 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r1, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @loopback}, 0x4}}, 0x2e) syz_emit_ethernet(0x4c, &(0x7f0000000140)={@link_local, @random="dce65fbcee55", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x16, 0x11, 0x0, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "30b00afe4e70"}}}}}}}, 0x0) recvmmsg(r1, &(0x7f0000000340)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000003c0)=""/249, 0xf9}], 0x1}, 0x8}], 0x1, 0x1, 0x0) 1.105508178s ago: executing program 3 (id=867): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = semget$private(0x0, 0x6, 0x0) semtimedop(r0, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0) semop(r0, &(0x7f00000000c0)=[{0x2}], 0x1) semop(r0, &(0x7f0000000000)=[{0x2, 0x0, 0x2000}, {0x3, 0x1}], 0x2) semctl$GETZCNT(r0, 0x2, 0xf, 0x0) 1.04292193s ago: executing program 0 (id=868): syz_mount_image$minix(&(0x7f0000000100), &(0x7f0000000a40)='./file1\x00', 0x2004000, &(0x7f0000001180)=ANY=[], 0x9, 0x1f2, &(0x7f00000004c0)="$eJzs28tO1FAcx/Ffy8x0wPtt40YTTXTjFIdJRnbyAL6AOzIUQixixA3EhLLxPXwMd76JWxeS6BPU9MZYpJ1ecFrk+0mG+dP0d86Zhv9wShgBuLRuhl8NGeqGle/7hw8lvX4lqZMb7c1lgQD+Gd+Imj5L7+zD/fwUgIth4efZx63MBv+SFCbvAsBFdry2EO4DvhrSt18fJz/iR7fg/uF4zZSCIbzo+yTfk/qF8kdG+Hy/M80GD0vpAQwvY//yOco/UTq/WHT98fxLp/JLs4LBLVPgyAyfnj5K569IuirpmqTrkm7E91q3JN1ORpB3Mv/GqfnvFVw/UEfw0zdIHSnUtun8IOcEKz8fdM/mtussl5p1qhvnn5fIPP6j7sX5YcX5k/xKxbwV5weTXXcj86yXFUcH8pl/9X85M/s/y+74pKzT/50K/Q8gsrd/8GbddZ335QuzUqqVRb/+1ahbHDZ+Ec67SC5qcKTje5qd+lRprgfxPC14ySWKxXYsI7to6A0JwNzYH3be2Xv7B8+2d9a3nC3n7XC0+mK0MhyNV+3Nsess23V25wDabPpLXyryN/P8fwkCAAAAAAAAAAAAAABNuCPpbtOLAAAAADAX5/OZoe8TKfucpl8jAAAAAAAAAAAAAAAAAAAA8L/4HQAA//+UhDYo") mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) chdir(&(0x7f0000000080)='./file0\x00') ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0) 677.929547ms ago: executing program 0 (id=869): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = dup(r1) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000680)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@dfltuid={'dfltuid', 0x3d, r4}}]}}) 548.704709ms ago: executing program 2 (id=870): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000240)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000740)={"29320046ca37e7d8f20d5c098e5fc6a51ba9c30c13bd737087ada0b6a5acf6d630475c14baa0557e0e7d491afe42e1b10ebc5ca292bd579239fcde777e95e05a09d6ca641e621aa20b525aec69d3800114320c3416d486dac32be662825064bbc58ffa0ff195e8c1aed213c8d8474c83f78f88f0c60542ff26740756f1814db533e2e9c77615b35251a3b646c32209cd9b295a0ae85bc4ebcbae13a17a24184b772fb29576ba7de233e513a1484be98d9f41fd11d0beebf6b14f274c5eba170c2b6c69785cccab179da86ad520f535b3adcf7fa325a87eeffdf15665f4f4c89128098105663d9c18fc8fb562a04df1259230337de40867a42e3c7a2979a2f7df816d6ef85b61bcbb4be62373a382d41bcbc28a955c8197b3a6e23048e47447199f4a07f4e5c254a7583cbf59ad76aed06698abc0a17a68b9ec4a07beb2343e0b0c2d13244e7b6c9c738cd246cbe133c46f978ea9df7cd604513f2c41fb2f5bc9df6fd7cd9f7ce8e631add3e5b9db910857e1abecbf05c4a4011c35ab7203647bd51f05230a73224b3c3ab6e85f9fb2a67f8099d2ab871a1f69b015d14d0144ba709128730172f59b88a2dc0744338e378312f90d6df30deeb45c7e6d199826f903116b6e5fe8c5a80ad03f18bb56a7ff553a28f8c028317ddb23e5aa07ba3701cc90a4bc7d6eb817d00128aaba0e006751b4857ee76d6b5335a65f8b4f037e06d049c081dc23c6d526b6e18cd215b8509905116de8f53a172fb4579e58aa3a1180db71432b8547aed46f327ab9f0ef94821d31b66647978f4cfc577d8e8369097f9510a4651ce4258db15d479a3e0bd17e13c119d3c4ada0174a52a757d3325cf76fdd58e0c754c811ae49baa1c1d57673a37cea8b13ec7094d1647991afb2c24fb4f5658c1483d3224a3734ed54b5733832c198e162065c481bb2347e3ff9bc7d4ae4b735c62a2671c49d7ea5cd0358ec7dc63f47884db9c76f045f57a8ee53c67d22eaa355b4bbc1c72456b4651c1d888c013273a1e7eb1c11273099090bdbe13f029e0e747b8220926aa9cc1087d22b279b8c18425a84c6e3a2a2ced25a78970349fb38644f9e394848a7d638901e47ce5a9140c81a77254e034046ea21e4bd027e6e39940dd8bf998a78948d5ee7e1007e96eca97445a02ad5266e8282179d032398f40260941e015ff8cb80a9fc3ab312f4accdc0136208dbd6e9921e8c3fed0b1c7a9080f9863abef52a2beefe1e820539da787afbab42f62e2fe8db75c17a9861addfba44ad542a12ef3f7f185afb7597e0f5ce701e2908ea682b5fc1a14c5610134dff79e81a627d16b10369530bf3c4340bca7b669d0598ae0097e3c7c34a65bb306e7e679a54be3be9b04635726ae2ef68fab6d8f773975a19e1f13d8eb00ca696ed2426d3fa86d04cb08b5b7b11ad262993e5323663b7ab10caf8"}) ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, &(0x7f00000002c0)) 434.903121ms ago: executing program 0 (id=871): socket$inet(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002c00)=ANY=[@ANYBLOB="bf16000000000000b70700000900f0ff4070000000000000500000000000000095000000000000002ba728041598d6fbd30cb599e8c73d24a3aa81d36bb3019c13bd23212fb56fa54f26fb0b71d0e6adfefc41d86bd917487960717142fa9ea4318123741c0a0e168c1886d0d4d94f2f4e345c652ebc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc8ce974a22a550d6fd70800c86ae3b3e05df3ceb9fc474c2a100c788b277beee1cbf9b0a4def23d410f6296b32a8343881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee6f867ddd58211d6ececb0cd2b6d357b8580218ce740068725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f5888b2c81f96a810b946855c9fc52ac17cbc97a616811a4c2dc3470009b966abaf41939aeca3e7b00c2e9d5db7a34fe2a29ac88c360a878a2b9ab9440c1961e80477166f3f847e855cdddc941d996d61ea0ce23b37e9d21c849d1e1e53087a3b109012e3a3ecbd219265048bf5c72b7ba2806b73323301b4bc94d0e4afde44867d71049a7c89bc615e215571ac910d80a58b5169576ff9906c34d2342806960b6bcb00000000000000000000000000113ee640b9ed1e04a0bfb125204d30990361bf45ef45277a167cd2c2e6ce9138143aa5ea7ee6f7c6d8b00437e070b004c5aa90766538b4fe45a16f14b270904d36eaa87508ac6d46639b3971ac6a88dc531fcc5ffc6b76b334795d88156336a9a452a9022485bb572dacb7aa25f748bc75918a16d9d5ae21004cd799ac4951beb2c6c9b5baf60081b86cc2e31c49f4ea055fb3639036c95c69b1ae60e685d486dbd1d5e7d0daacd73acfc80b9c9c92"], &(0x7f0000000140)='GPL\x00'}, 0x48) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4) setsockopt$packet_int(r0, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4) syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff) 365.234023ms ago: executing program 0 (id=872): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000080)=0x6, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x196, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x40000, &(0x7f0000000180)={0xa, 0x4e20, 0x8001, @loopback, 0x627bcafb}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000300)=0x7, 0x4) recvmmsg(r0, &(0x7f0000001b80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=""/60, 0x3c}, 0x12b}], 0x1, 0x12000, 0x0) 248.632305ms ago: executing program 0 (id=873): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r0, &(0x7f0000000200)='m', 0x1) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x2000) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100)) r2 = syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65) ioctl$SNDRV_PCM_IOCTL_DELAY(r2, 0x80084121, &(0x7f0000000080)) 248.332045ms ago: executing program 2 (id=874): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-generic\x00'}, 0x7a) r1 = accept4(r0, 0x0, 0x0, 0x800) pipe(&(0x7f00000045c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r3, &(0x7f00000003c0)=[{&(0x7f0000000300)="93613a4087dd2fea4d7c66733ebb5ebd9b7de0bb96196f69d301387f71f417dc49431a4e487c6f9211515353fb461ee34ed9cc6e7d7ccca074da6c7686fba0506315915dbf79acfd55f9feda820b3df30f1527a7701da41426936b17dc05bb31feba09475eca21edc465f3a0c0212cd8c41b0b9f932ee9afa609a14f513abe1c78b86680ab46e8351b461f0d0b9b28eeedefff6b6599f39dd551332b892fdc7639b82900f364759f1e83c2028b12bc", 0xaf}, {&(0x7f0000000240)="0c5598045b2741589f0bf1dbc7215f22fe10", 0x12}], 0x2, 0x5) splice(r2, 0x0, r1, 0x0, 0x8000, 0x0) 216.412875ms ago: executing program 3 (id=875): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xc, 0x0, &(0x7f0000000000)) 170.603856ms ago: executing program 2 (id=876): r0 = socket(0x2, 0x2, 0x1) bind$unix(r0, &(0x7f0000000000)=@abs, 0x6e) r1 = socket$inet6_icmp(0xa, 0x2, 0x3a) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e21, 0x6, @empty}, 0x1c) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/icmp\x00') read$FUSE(r2, &(0x7f00000026c0)={0x2020}, 0x2046) 134.621257ms ago: executing program 3 (id=877): r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x20201) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r1, 0x80045017, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65) ioctl$SNDRV_PCM_IOCTL_REWIND(r2, 0x40084146, &(0x7f0000000040)=0x1) 24.703349ms ago: executing program 2 (id=878): r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_EXIT_ON_EMULATION_FAILURE(r1, 0x4068aea3, &(0x7f0000000100)={0xcc, 0x0, 0x1}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 3 (id=879): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000140)="be38", 0xffdf}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}, @ip_retopts={{0x1c, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x73}, @noop]}}}], 0x40}, 0x0) read$char_usb(r1, &(0x7f0000000080)=""/139, 0xfdef) kernel console output (not intermixed with test programs): root' is deprecated, use 'rescue=usebackuproot' instead [ 78.705018][ T6001] BTRFS info (device loop2): trying to use backup root at mount time [ 78.725248][ T6001] BTRFS info (device loop2): force clearing of disk cache [ 78.742837][ T6001] BTRFS info (device loop2): disk space caching is enabled [ 78.956570][ T6001] BTRFS info (device loop2): rebuilding free space tree [ 79.107642][ T6001] BTRFS info (device loop2): disabling free space tree [ 79.125527][ T6001] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 79.146654][ T6001] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 79.592620][ T5783] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 80.098333][ T9] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 80.211994][ T6061] loop2: detected capacity change from 0 to 512 [ 80.319931][ T9] usb 1-1: config 0 has no interfaces? [ 80.340853][ T6061] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.62: casefold flag without casefold feature [ 80.357962][ T9] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 80.367407][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.407513][ T6057] loop1: detected capacity change from 0 to 32768 [ 80.423991][ T6061] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.62: couldn't read orphan inode 15 (err -117) [ 80.449196][ T9] usb 1-1: config 0 descriptor?? [ 80.475721][ T6057] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 80.497692][ T6057] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 80.509878][ T6061] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.609515][ T6059] loop3: detected capacity change from 0 to 32768 [ 80.637831][ T6059] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.67 (6059) [ 80.692197][ T6059] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 80.711382][ T28] audit: type=1804 audit(1756835593.689:3): pid=6061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.62" name="/newroot/14/file1/bus" dev="loop2" ino=18 res=1 errno=0 [ 80.750051][ T787] usb 1-1: USB disconnect, device number 3 [ 80.759376][ T6059] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 80.796571][ T28] audit: type=1800 audit(1756835593.719:4): pid=6061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.62" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 80.801253][ T6059] BTRFS info (device loop3): enabling auto defrag [ 80.825447][ T6061] Invalid ELF header magic: != ELF [ 80.856549][ T6059] BTRFS info (device loop3): max_inline at 0 [ 80.882948][ T6059] BTRFS info (device loop3): force clearing of disk cache [ 80.913366][ T6059] BTRFS info (device loop3): turning on sync discard [ 80.932968][ T6059] BTRFS info (device loop3): using free space tree [ 80.940723][ T5785] ocfs2: Unmounting device (7,1) on (node local) [ 80.946996][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.182945][ T6059] BTRFS info (device loop3): enabling ssd optimizations [ 81.233535][ T6059] BTRFS info (device loop3): rebuilding free space tree [ 81.323987][ T6086] syzkaller0: entered allmulticast mode [ 81.393257][ T6086] syzkaller0 (unregistering): left allmulticast mode [ 81.530719][ T5786] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 81.949952][ T27] cfg80211: failed to load regulatory.db [ 82.556689][ T6124] loop3: detected capacity change from 0 to 1024 [ 82.635743][ T6124] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.712711][ T6124] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 82.733107][ T6124] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 2 with error 28 [ 82.747214][ T6124] EXT4-fs (loop3): This should not happen!! Data will be lost [ 82.747214][ T6124] [ 82.758089][ T6124] EXT4-fs (loop3): Total free blocks count 0 [ 82.764248][ T6124] EXT4-fs (loop3): Free/Dirty block details [ 82.770842][ T6124] EXT4-fs (loop3): free_blocks=68451041280 [ 82.777070][ T6124] EXT4-fs (loop3): dirty_blocks=48 [ 82.782689][ T6124] EXT4-fs (loop3): Block reservation details [ 82.790448][ T6124] EXT4-fs (loop3): i_reserved_data_blocks=3 [ 82.850836][ T2929] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 83.316006][ T6151] Bluetooth: MGMT ver 1.22 [ 83.322055][ T6151] Bluetooth: hci0: load_link_keys: too big key_count value 26226 [ 83.789146][ T6167] netlink: 8 bytes leftover after parsing attributes in process `syz.2.102'. [ 83.802419][ T6167] netlink: 28 bytes leftover after parsing attributes in process `syz.2.102'. [ 83.924895][ T6169] netlink: 44 bytes leftover after parsing attributes in process `syz.2.103'. [ 83.935092][ T6169] netem: incorrect gi model size [ 83.941973][ T6169] netem: change failed [ 84.180131][ T42] wlan1: Trigger new scan to find an IBSS to join [ 84.355586][ T6161] loop0: detected capacity change from 0 to 32768 [ 84.408583][ T6161] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 84.577182][ T6161] XFS (loop0): Ending clean mount [ 84.636905][ T6161] XFS (loop0): Quotacheck needed: Please wait. [ 84.653555][ T6176] loop1: detected capacity change from 0 to 32768 [ 84.669514][ T5853] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 84.685911][ T6176] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 scanned by syz.1.106 (6176) [ 84.729003][ T6190] netlink: 132 bytes leftover after parsing attributes in process `syz.2.109'. [ 84.751357][ T6176] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 84.808523][ T6176] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 84.842280][ T6176] BTRFS info (device loop1): force zlib compression, level 3 [ 84.851009][ T6161] XFS (loop0): Quotacheck: Done. [ 84.890732][ T5853] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 84.906228][ T6176] BTRFS info (device loop1): force clearing of disk cache [ 84.915171][ T5853] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 84.952925][ T6176] BTRFS info (device loop1): turning off barriers [ 84.970884][ T5853] usb 4-1: New USB device found, idVendor=056a, idProduct=0045, bcdDevice= 0.00 [ 84.977549][ T6176] BTRFS info (device loop1): doing ref verification [ 84.984863][ T5853] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.027394][ T6176] BTRFS info (device loop1): enabling disk space caching [ 85.047619][ T5853] usb 4-1: config 0 descriptor?? [ 85.055610][ T6176] BTRFS info (device loop1): disk space caching is enabled [ 85.198544][ T6176] BTRFS info (device loop1): enabling ssd optimizations [ 85.210717][ T6176] BTRFS info (device loop1): auto enabling async discard [ 85.252056][ T5782] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 85.298485][ T6176] BTRFS info (device loop1): rebuilding free space tree [ 85.391012][ T6176] BTRFS info (device loop1): disabling free space tree [ 85.406543][ T6176] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 85.458264][ T6176] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 85.521285][ T5853] wacom 0003:056A:0045.0003: unknown main item tag 0x0 [ 85.541202][ T5853] wacom 0003:056A:0045.0003: Unknown device_type for 'HID 056a:0045'. Assuming pen. [ 85.628407][ T5853] wacom 0003:056A:0045.0003: hidraw0: USB HID v0.00 Device [HID 056a:0045] on usb-dummy_hcd.3-1/input0 [ 85.696364][ T5853] input: Wacom Intuos2 12x18 Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0045.0003/input/input6 [ 85.895191][ T5853] usb 4-1: USB disconnect, device number 3 [ 86.078715][ T5785] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 86.475971][ T6228] loop0: detected capacity change from 0 to 128 [ 86.616140][ T6231] loop1: detected capacity change from 0 to 2048 [ 86.649752][ T6231] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 86.716085][ T6231] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 87.123616][ T6241] loop3: detected capacity change from 0 to 1024 [ 87.209787][ T6241] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.365358][ T6256] loop2: detected capacity change from 0 to 2048 [ 87.439017][ T5793] udevd[5793]: incorrect nilfs2 checksum on /dev/loop2 [ 87.461321][ T6256] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 87.485247][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.548367][ T5793] udevd[5793]: incorrect nilfs2 checksum on /dev/loop2 [ 87.568361][ T6260] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 88.228191][ T787] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 88.448216][ T787] usb 1-1: Using ep0 maxpacket: 8 [ 88.470111][ T787] usb 1-1: unable to get BOS descriptor or descriptor too short [ 88.506510][ T787] usb 1-1: config 42 has an invalid interface number: 238 but max is 0 [ 88.517106][ T787] usb 1-1: config 42 has no interface number 0 [ 88.534184][ T787] usb 1-1: config 42 interface 238 altsetting 2 has an invalid endpoint with address 0x80, skipping [ 88.551232][ T787] usb 1-1: config 42 interface 238 has no altsetting 0 [ 88.564395][ T787] usb 1-1: New USB device found, idVendor=103d, idProduct=0101, bcdDevice=12.b3 [ 88.597962][ T787] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 88.623516][ T787] usb 1-1: Product: syz [ 88.638344][ T787] usb 1-1: Manufacturer: syz [ 88.642997][ T787] usb 1-1: SerialNumber: syz [ 88.892055][ T6303] netlink: 830 bytes leftover after parsing attributes in process `syz.3.147'. [ 88.895280][ T787] usb 1-1: unknown interface protocol 0x16, assuming v1 [ 88.911906][ T6303] bond_slave_0: entered promiscuous mode [ 88.918052][ T6303] bond_slave_1: entered promiscuous mode [ 88.930896][ T787] usb 1-1: cannot find UAC_HEADER [ 89.027766][ T787] snd-usb-audio: probe of 1-1:42.238 failed with error -22 [ 89.070469][ T787] usb 1-1: USB disconnect, device number 4 [ 89.107197][ T5793] udevd[5793]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:42.238/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 89.218295][ T2929] wlan1: Trigger new scan to find an IBSS to join [ 89.476513][ T6310] netlink: 'syz.3.150': attribute type 1 has an invalid length. [ 89.595002][ T6312] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address [ 89.668315][ T6312] bond1: (slave wireguard0): Setting fail_over_mac to active for active-backup mode [ 89.715778][ T6312] bond1: (slave wireguard0): making interface the new active one [ 89.768422][ T6315] capability: warning: `syz.0.151' uses 32-bit capabilities (legacy support in use) [ 89.779864][ T6312] bond1: (slave wireguard0): Enslaving as an active interface with an up link [ 89.912949][ T6319] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 90.186356][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.198245][ T787] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 90.412050][ T787] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 90.432248][ T787] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 90.461905][ T787] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 90.485665][ T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.515903][ T787] usb 1-1: config 0 descriptor?? [ 90.657615][ T6340] loop2: detected capacity change from 0 to 8192 [ 90.687519][ T6340] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 90.708751][ T6340] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 90.754767][ T6340] REISERFS (device loop2): using ordered data mode [ 90.789948][ T6340] reiserfs: using flush barriers [ 90.824800][ T6340] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 90.881779][ T6340] REISERFS (device loop2): checking transaction log (loop2) [ 90.921138][ T6342] loop1: detected capacity change from 0 to 32768 [ 90.990037][ T787] kovaplus 0003:1E7D:2D50.0004: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.0-1/input0 [ 91.009605][ T6342] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 91.136855][ T6340] REISERFS (device loop2): Using tea hash to sort names [ 91.173759][ T6340] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 91.215825][ T6340] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 91.379912][ T5785] ocfs2: Unmounting device (7,1) on (node local) [ 91.705753][ T6354] loop1: detected capacity change from 0 to 2048 [ 91.719896][ T6356] warning: `syz.3.168' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 91.776334][ T787] kovaplus 0003:1E7D:2D50.0004: couldn't init struct kovaplus_device [ 91.797234][ T787] kovaplus 0003:1E7D:2D50.0004: couldn't install mouse [ 91.805375][ T6354] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 91.829191][ T787] kovaplus: probe of 0003:1E7D:2D50.0004 failed with error -71 [ 91.850062][ T787] usb 1-1: USB disconnect, device number 5 [ 91.919410][ T28] audit: type=1800 audit(1756835604.889:5): pid=6354 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.166" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 91.954365][ T6353] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 91.984641][ T28] audit: type=1800 audit(1756835604.919:6): pid=6354 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.166" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 91.999827][ T6354] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 92.062837][ T6354] EXT4-fs (loop1): This should not happen!! Data will be lost [ 92.062837][ T6354] [ 92.083669][ T6354] EXT4-fs (loop1): Total free blocks count 0 [ 92.091847][ T6354] EXT4-fs (loop1): Free/Dirty block details [ 92.127673][ T6354] EXT4-fs (loop1): free_blocks=4096 [ 92.138387][ T6354] EXT4-fs (loop1): dirty_blocks=16 [ 92.143866][ T6354] EXT4-fs (loop1): Block reservation details [ 92.155466][ T6354] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 92.233822][ T6354] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 92.911137][ T5853] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 92.968682][ T5853] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 93.866844][ T6402] IPv6: Can't replace route, no match found [ 94.026430][ T6411] loop2: detected capacity change from 0 to 1024 [ 94.050380][ T6411] EXT4-fs: Ignoring removed nobh option [ 94.089096][ T6411] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 94.166184][ T6411] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.180412][ T42] wlan1: Trigger new scan to find an IBSS to join [ 94.360765][ T6422] loop0: detected capacity change from 0 to 128 [ 94.395132][ T6411] EXT4-fs warning (device loop2): ext4_rename_delete:3778: inode #12: comm syz.2.188: Deleting old file: nlink 2, error=-2 [ 94.445344][ T28] audit: type=1800 audit(1756835607.409:7): pid=6422 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.191" name="bus" dev="loop0" ino=1048595 res=0 errno=0 [ 94.517950][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.923188][ T6436] loop1: detected capacity change from 0 to 128 [ 94.937021][ T6436] FAT-fs (loop1): bogus number of FAT structure [ 94.954925][ T6436] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 94.974548][ T6436] FAT-fs (loop1): Can't find a valid FAT filesystem [ 95.322756][ T6448] syz.0.201 uses obsolete (PF_INET,SOCK_PACKET) [ 95.508993][ T6454] loop3: detected capacity change from 0 to 16 [ 95.517462][ T6454] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 96.088014][ T787] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 96.298420][ T787] usb 1-1: Using ep0 maxpacket: 8 [ 96.326340][ T787] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 96.388235][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.389224][ T787] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 96.444294][ T787] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 96.472558][ T6467] netlink: 8 bytes leftover after parsing attributes in process `syz.1.210'. [ 96.481696][ T787] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 96.491999][ T6467] Zero length message leads to an empty skb [ 96.518201][ T787] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 96.537105][ T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.552289][ T6459] loop2: detected capacity change from 0 to 32768 [ 96.644125][ T6459] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 96.777615][ T787] usb 1-1: GET_CAPABILITIES returned 0 [ 96.778132][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.792833][ T787] usbtmc 1-1:16.0: can't read capabilities [ 96.800892][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 96.898324][ T6459] XFS (loop2): Ending clean mount [ 96.951640][ T6459] XFS (loop2): Quotacheck needed: Please wait. [ 97.054513][ T6459] XFS (loop2): Quotacheck: Done. [ 97.117884][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 97.118284][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 97.145137][ T787] usb 1-1: USB disconnect, device number 6 [ 97.218769][ T1093] wlan1: Trigger new scan to find an IBSS to join [ 97.395085][ T5783] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 97.404116][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 97.463629][ T6487] netlink: 12 bytes leftover after parsing attributes in process `syz.3.216'. [ 97.640807][ T5853] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 97.830695][ T5853] usb 2-1: config 0 interface 0 altsetting 252 endpoint 0x81 has an invalid bInterval 129, changing to 11 [ 97.847597][ T6495] loop3: detected capacity change from 0 to 512 [ 97.867791][ T5853] usb 2-1: config 0 interface 0 altsetting 252 endpoint 0x81 has invalid wMaxPacketSize 0 [ 97.900513][ T6495] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.908018][ T5853] usb 2-1: config 0 interface 0 has no altsetting 0 [ 97.937045][ T5853] usb 2-1: New USB device found, idVendor=5543, idProduct=0064, bcdDevice= 0.00 [ 97.953362][ T5853] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.979120][ T6495] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.992291][ T5853] usb 2-1: config 0 descriptor?? [ 98.176417][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.176778][ T6507] bond0: option all_slaves_active: invalid value (20) [ 98.473828][ T5853] uclogic 0003:5543:0064.0006: item fetching failed at offset 5/7 [ 98.515223][ T5853] uclogic 0003:5543:0064.0006: parse failed [ 98.531822][ T5853] uclogic: probe of 0003:5543:0064.0006 failed with error -22 [ 98.754303][ T5853] usb 2-1: USB disconnect, device number 3 [ 98.797258][ T6523] netlink: 8 bytes leftover after parsing attributes in process `syz.3.230'. [ 98.968037][ T27] usb 1-1: new full-speed USB device number 7 using dummy_hcd [ 99.175369][ T27] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 99.186806][ T27] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 99.201996][ T27] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 99.211899][ T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.388010][ T5826] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 99.470118][ T27] usb 1-1: usb_control_msg returned -32 [ 99.475809][ T27] usbtmc 1-1:16.0: can't read capabilities [ 99.578027][ T5826] usb 4-1: Using ep0 maxpacket: 16 [ 99.602157][ T5826] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 99.614789][ T6542] capability: warning: `syz.1.238' uses deprecated v2 capabilities in a way that may be insecure [ 99.615297][ T5826] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 99.636622][ T5826] usb 4-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 99.646757][ T5826] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.658145][ T5826] usb 4-1: config 0 descriptor?? [ 100.058358][ T6550] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 100.075218][ T5853] usb 1-1: USB disconnect, device number 7 [ 100.178508][ T48] wlan1: Creating new IBSS network, BSSID e6:46:05:14:8c:b8 [ 100.289725][ T5826] usb 4-1: language id specifier not provided by device, defaulting to English [ 100.504442][ T5826] letsketch 0003:6161:4D15.0007: Device info: ᣍ [ 100.594877][ T6559] loop1: detected capacity change from 0 to 1024 [ 100.638585][ T6559] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 100.659137][ T6559] ext4 filesystem being mounted at /60/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 100.709280][ T5826] letsketch 0003:6161:4D15.0007: Device info: ఁ [ 100.934675][ T5826] usb 4-1: Max retries (5) exceeded reading string descriptor 202 [ 100.943125][ T5826] letsketch: probe of 0003:6161:4D15.0007 failed with error -71 [ 100.954832][ T5826] usb 4-1: USB disconnect, device number 4 [ 100.967972][ T5853] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 101.158113][ T5853] usb 1-1: Using ep0 maxpacket: 8 [ 101.165722][ T5853] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 101.179059][ T5853] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 101.189663][ T5853] usb 1-1: New USB device found, idVendor=056a, idProduct=0001, bcdDevice= 0.00 [ 101.198923][ T5853] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.209120][ T5853] usb 1-1: config 0 descriptor?? [ 101.446490][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.643833][ T6570] netlink: 52 bytes leftover after parsing attributes in process `syz.1.248'. [ 101.701918][ T5853] wacom 0003:056A:0001.0008: Unknown device_type for 'HID 056a:0001'. Ignoring. [ 101.722515][ T6570] netlink: 4 bytes leftover after parsing attributes in process `syz.1.248'. [ 101.917757][ T5826] usb 1-1: USB disconnect, device number 8 [ 101.960592][ T6574] mac80211_hwsim hwsim2 : renamed from wlan0 (while UP) [ 102.176033][ T28] audit: type=1326 audit(1756835615.149:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6577 comm="syz.3.251" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f095938ebe9 code=0x0 [ 102.211714][ T6583] pim6reg1: entered promiscuous mode [ 102.217523][ T6583] pim6reg1: entered allmulticast mode [ 102.350555][ T6587] loop2: detected capacity change from 0 to 64 [ 102.427830][ T6589] loop1: detected capacity change from 0 to 2048 [ 102.475384][ T6589] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 102.606935][ T6591] netlink: 'syz.0.257': attribute type 25 has an invalid length. [ 102.629514][ T6591] netlink: 'syz.0.257': attribute type 1 has an invalid length. [ 102.648402][ T6591] bridge0: port 1(bridge_slave_0) entered learning state [ 102.799196][ T6595] loop1: detected capacity change from 0 to 256 [ 102.848088][ T6595] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 102.878340][ T6595] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 102.902222][ T6595] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 103.155559][ T6593] loop2: detected capacity change from 0 to 32768 [ 103.179327][ T6593] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 scanned by syz.2.258 (6593) [ 103.219028][ T6593] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 103.259864][ T6593] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 103.279547][ T6593] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 103.311857][ T6593] BTRFS info (device loop2): use zstd compression, level 3 [ 103.325150][ T6593] BTRFS info (device loop2): using free space tree [ 103.360792][ T28] audit: type=1326 audit(1756835616.339:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6604 comm="syz.3.263" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f095938ebe9 code=0x0 [ 103.485945][ T6593] BTRFS info (device loop2): enabling ssd optimizations [ 103.517315][ T6593] BTRFS info (device loop2): auto enabling async discard [ 103.755127][ T6627] loop1: detected capacity change from 0 to 512 [ 103.791515][ T6627] EXT4-fs: Ignoring removed oldalloc option [ 103.818904][ T6627] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 103.837853][ T5783] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 103.860846][ T6627] EXT4-fs (loop1): corrupt root inode, run e2fsck [ 103.883788][ T6627] EXT4-fs (loop1): mount failed [ 104.603537][ T5789] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 104.798018][ T5789] usb 4-1: Using ep0 maxpacket: 8 [ 104.815120][ T5789] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 104.827735][ T5789] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 104.840108][ T5789] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 104.852335][ T5789] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 104.863585][ T5789] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 104.878550][ T5789] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 104.887788][ T5789] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.938071][ T27] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 104.963953][ T6659] sctp: [Deprecated]: syz.1.276 (pid 6659) Use of struct sctp_assoc_value in delayed_ack socket option. [ 104.963953][ T6659] Use struct sctp_sack_info instead [ 105.120913][ T5789] usb 4-1: usb_control_msg returned -32 [ 105.126916][ T5789] usbtmc 4-1:16.0: can't read capabilities [ 105.136156][ T27] usb 3-1: config 0 has no interfaces? [ 105.154906][ T27] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice=20.41 [ 105.164925][ T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 105.171423][ T6664] netlink: 12 bytes leftover after parsing attributes in process `syz.1.278'. [ 105.178034][ T27] usb 3-1: Product: syz [ 105.187733][ T27] usb 3-1: Manufacturer: syz [ 105.195220][ T27] usb 3-1: SerialNumber: syz [ 105.202555][ T27] usb 3-1: config 0 descriptor?? [ 105.448852][ T27] usb 3-1: USB disconnect, device number 2 [ 105.914256][ T6675] usbtmc 4-1:16.0: usb_control_msg returned -32 [ 106.100217][ T27] kernel read not supported for file /admmidi2 (pid: 27 comm: kworker/1:1) [ 106.116776][ T9] usb 4-1: USB disconnect, device number 5 [ 106.283205][ T6684] mkiss: ax0: crc mode is auto. [ 106.810528][ T6703] loop2: detected capacity change from 0 to 8192 [ 106.845285][ T6709] input: syz0 as /devices/virtual/input/input12 [ 107.391611][ T6723] loop0: detected capacity change from 0 to 2048 [ 107.481164][ T6723] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.608405][ T28] audit: type=1804 audit(1756835620.579:10): pid=6723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.295" name="/newroot/68/file0/file1" dev="loop0" ino=15 res=1 errno=0 [ 107.633762][ T6723] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 107.706163][ T6735] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 107.751215][ T6723] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28 [ 107.773578][ T6735] EXT4-fs (loop0): This should not happen!! Data will be lost [ 107.773578][ T6735] [ 107.802635][ T6735] EXT4-fs (loop0): Total free blocks count 0 [ 107.842299][ T6723] EXT4-fs (loop0): This should not happen!! Data will be lost [ 107.842299][ T6723] [ 107.848262][ T6735] EXT4-fs (loop0): Free/Dirty block details [ 107.867945][ T6735] EXT4-fs (loop0): free_blocks=66060288 [ 107.887320][ T6723] EXT4-fs (loop0): Total free blocks count 0 [ 107.915341][ T6723] EXT4-fs (loop0): Free/Dirty block details [ 108.797645][ T28] audit: type=1326 audit(1756835621.769:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6771 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 108.909260][ T28] audit: type=1326 audit(1756835621.779:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6771 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 109.020964][ T28] audit: type=1326 audit(1756835621.779:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6771 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 109.105658][ T28] audit: type=1326 audit(1756835621.779:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6771 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 109.133844][ T28] audit: type=1326 audit(1756835621.779:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6771 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 109.161243][ T28] audit: type=1326 audit(1756835621.779:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6771 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 109.183868][ T28] audit: type=1326 audit(1756835621.809:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6771 comm="syz.1.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 109.358213][ T5789] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 109.550578][ T5789] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 109.589475][ T5789] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 109.628088][ T5789] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.642504][ T5789] usb 2-1: config 0 descriptor?? [ 109.689074][ T5789] pwc: Askey VC010 type 2 USB webcam detected. [ 109.999399][ T6798] loop2: detected capacity change from 0 to 2048 [ 110.032270][ T6798] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.112728][ T5789] pwc: recv_control_msg error -32 req 02 val 2b00 [ 110.121227][ T28] audit: type=1804 audit(1756835623.079:18): pid=6798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.315" name="/newroot/80/file0/file1" dev="loop2" ino=15 res=1 errno=0 [ 110.161713][ T6798] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 110.194505][ T5789] pwc: recv_control_msg error -32 req 02 val 2700 [ 110.212126][ T5789] pwc: recv_control_msg error -32 req 02 val 2c00 [ 110.251834][ T6798] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28 [ 110.253022][ T6808] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 110.297406][ T6798] EXT4-fs (loop2): This should not happen!! Data will be lost [ 110.297406][ T6798] [ 110.309527][ T6808] EXT4-fs (loop2): This should not happen!! Data will be lost [ 110.309527][ T6808] [ 110.327574][ T6798] EXT4-fs (loop2): Total free blocks count 0 [ 110.381406][ T6808] EXT4-fs (loop2): Total free blocks count 0 [ 110.387525][ T6798] EXT4-fs (loop2): Free/Dirty block details [ 110.392712][ T6808] EXT4-fs (loop2): Free/Dirty block details [ 110.412403][ T6808] EXT4-fs (loop2): free_blocks=66060288 [ 110.442696][ T5789] pwc: recv_control_msg error -71 req 04 val 1300 [ 110.468374][ T5789] pwc: recv_control_msg error -71 req 04 val 1400 [ 110.478342][ T5789] pwc: recv_control_msg error -71 req 02 val 2000 [ 110.496754][ T5789] pwc: recv_control_msg error -71 req 02 val 2100 [ 110.512345][ T5789] pwc: recv_control_msg error -71 req 04 val 1500 [ 110.528609][ T5789] pwc: recv_control_msg error -71 req 02 val 2500 [ 110.546823][ T5789] pwc: recv_control_msg error -71 req 02 val 2400 [ 110.567470][ T5789] pwc: recv_control_msg error -71 req 02 val 2600 [ 110.574733][ T5789] pwc: recv_control_msg error -71 req 02 val 2900 [ 110.593241][ T5789] pwc: recv_control_msg error -71 req 02 val 2800 [ 110.614775][ T5789] pwc: recv_control_msg error -71 req 04 val 1100 [ 110.623367][ T5789] pwc: recv_control_msg error -71 req 04 val 1200 [ 110.675446][ T5789] pwc: Registered as video103. [ 110.699740][ T5789] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input13 [ 110.790404][ T5789] usb 2-1: USB disconnect, device number 4 [ 111.044509][ T6829] loop3: detected capacity change from 0 to 512 [ 111.103602][ T5793] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 111.396321][ T6840] netlink: 12 bytes leftover after parsing attributes in process `syz.0.330'. [ 111.421764][ T6840] sch_tbf: burst 0 is lower than device bridge1 mtu (1514) ! [ 111.516272][ T6842] mkiss: ax0: crc mode is auto. [ 111.618364][ T27] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 111.654163][ T6846] loop0: detected capacity change from 0 to 1024 [ 111.754622][ T6846] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 111.773742][ T6846] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 111.828286][ T27] usb 2-1: Using ep0 maxpacket: 16 [ 111.835672][ T27] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 111.850057][ T6846] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #15: comm syz.0.333: lblock 0 mapped to illegal pblock 0 (length 6) [ 111.865555][ T28] audit: type=1800 audit(1756835624.829:19): pid=6846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.333" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 111.908015][ T27] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 111.940483][ T6846] EXT4-fs error (device loop0): ext4_ext_remove_space:2929: inode #15: comm syz.0.333: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 111.970053][ T27] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 111.982495][ T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 112.001370][ T27] usb 2-1: Product: syz [ 112.005903][ T27] usb 2-1: Manufacturer: syz [ 112.033058][ T27] usb 2-1: SerialNumber: syz [ 112.043028][ T6858] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 112.155416][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 112.282657][ T27] usb 2-1: 0:2 : does not exist [ 112.302318][ T27] usb 2-1: 5:0: failed to get current value for ch 0 (-22) [ 112.352063][ T27] usb 2-1: USB disconnect, device number 5 [ 112.416972][ T5793] udevd[5793]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 112.790769][ T6885] loop0: detected capacity change from 0 to 1024 [ 112.994131][ T12] hfsplus: b-tree write err: -5, ino 4 [ 113.030097][ T6895] netlink: 12 bytes leftover after parsing attributes in process `syz.1.340'. [ 113.047344][ T6895] netlink: 'syz.1.340': attribute type 15 has an invalid length. [ 113.121866][ T6895] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 256 - 0 [ 113.131068][ T6895] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 256 - 0 [ 113.139881][ T6895] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 256 - 0 [ 113.148763][ T6895] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 256 - 0 [ 113.170161][ T6895] vxlan0: entered promiscuous mode [ 113.627683][ T6916] netlink: 4 bytes leftover after parsing attributes in process `syz.3.350'. [ 113.638835][ T6916] veth0_macvtap: left promiscuous mode [ 113.668311][ T787] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 113.688123][ T27] usb 1-1: new full-speed USB device number 9 using dummy_hcd [ 113.771492][ T6918] loop3: detected capacity change from 0 to 1024 [ 113.793016][ T6918] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 113.811525][ T6918] ext4 filesystem being mounted at /94/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 113.852385][ T787] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 113.878064][ T787] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 113.909372][ T27] usb 1-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 113.920096][ T787] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 113.926784][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 113.939029][ T787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 113.939059][ T787] usb 3-1: SerialNumber: syz [ 113.954694][ T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 113.963828][ T27] usb 1-1: Product: syz [ 113.969083][ T27] usb 1-1: Manufacturer: syz [ 113.987661][ T27] usb 1-1: SerialNumber: syz [ 114.008886][ T27] usb 1-1: config 0 descriptor?? [ 114.026596][ T27] gspca_main: sq930x-2.14.0 probing 2770:930c [ 114.160523][ T787] usb 3-1: 0:2 : does not exist [ 114.202308][ T787] usb 3-1: USB disconnect, device number 3 [ 114.265656][ T5793] udevd[5793]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 114.568231][ T9] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 114.747463][ T6932] loop2: detected capacity change from 0 to 1024 [ 114.756138][ T6932] EXT4-fs: Ignoring removed bh option [ 114.764523][ T6932] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 114.780641][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 114.804493][ T9] usb 4-1: config 16 has an invalid interface number: 221 but max is 0 [ 114.833162][ T9] usb 4-1: config 16 has no interface number 0 [ 114.839732][ T6932] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.857528][ T9] usb 4-1: config 16 interface 221 has no altsetting 0 [ 114.867183][ T9] usb 4-1: New USB device found, idVendor=041e, idProduct=401d, bcdDevice=1c.97 [ 114.876575][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 114.884779][ T9] usb 4-1: Product: syz [ 114.890243][ T9] usb 4-1: Manufacturer: syz [ 114.894880][ T9] usb 4-1: SerialNumber: syz [ 114.944295][ T6932] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4031: comm syz.2.356: Allocating blocks 385-513 which overlap fs metadata [ 115.054186][ T6932] EXT4-fs (loop2): pa ffff888076cd51d0: logic 16, phys. 129, len 24 [ 115.063216][ T6932] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 8 [ 115.327689][ T9] gspca_main: spca505-2.14.0 probing 041e:401d [ 115.328154][ T27] gspca_sq930x: reg_w 0105 0c00 failed -71 [ 115.338180][ T9] gspca_spca505: reg write: error -71 [ 115.347402][ T9] spca505: probe of 4-1:16.221 failed with error -5 [ 115.368943][ T9] usb 4-1: USB disconnect, device number 6 [ 115.389360][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.506977][ T6946] loop2: detected capacity change from 0 to 512 [ 115.561368][ T5793] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 115.601622][ T27] gspca_sq930x: Sensor ov9630 not yet treated [ 115.607827][ T27] sq930x: probe of 1-1:0.0 failed with error -22 [ 115.663179][ T6950] netlink: 'syz.2.362': attribute type 2 has an invalid length. [ 115.671685][ T27] usb 1-1: USB disconnect, device number 9 [ 115.696013][ T6950] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.362'. [ 116.098200][ T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 116.318785][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 116.364736][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 116.403704][ T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 116.403921][ T6952] loop1: detected capacity change from 0 to 40427 [ 116.436642][ T9] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 116.466618][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.466888][ T6952] F2FS-fs (loop1): heap/no_heap options were deprecated [ 116.493442][ T9] usb 3-1: config 0 descriptor?? [ 116.520938][ T6952] F2FS-fs (loop1): invalid crc value [ 116.536704][ T6952] F2FS-fs (loop1): Found nat_bits in checkpoint [ 116.648263][ T27] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 116.666113][ T6952] F2FS-fs (loop1): Start checkpoint disabled! [ 116.711007][ T6952] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 116.867950][ T27] usb 1-1: Using ep0 maxpacket: 8 [ 116.889861][ T27] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 116.906901][ T27] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 116.922580][ T27] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 116.932995][ T27] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 116.952346][ T27] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 116.962121][ T9] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving [ 116.970563][ T27] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 116.992035][ T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.998825][ T9] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 117.021669][ T12] kworker/u4:1: attempt to access beyond end of device [ 117.021669][ T12] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 117.083758][ T12] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 117.110144][ T12] kworker/u4:1: attempt to access beyond end of device [ 117.110144][ T12] loop1: rw=2049, sector=40984, nr_sectors = 8 limit=40427 [ 117.127624][ T12] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 117.272715][ T5826] usb 3-1: USB disconnect, device number 4 [ 117.298850][ T27] usb 1-1: GET_CAPABILITIES returned 0 [ 117.304426][ T27] usbtmc 1-1:16.0: can't read capabilities [ 117.486853][ T1093] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0xf8 [ 117.623028][ T6965] usbtmc 1-1:16.0: usb_control_msg returned -71 [ 117.623123][ T5826] usb 1-1: USB disconnect, device number 10 [ 117.862532][ T6986] 9pnet: p9_errstr2errno: server reported unknown error 1844674 [ 117.885968][ T6985] netlink: 4 bytes leftover after parsing attributes in process `syz.2.373'. [ 117.903940][ T6985] veth0_macvtap: left promiscuous mode [ 117.967195][ T6988] 9pnet: p9_errstr2errno: server reported unknown error W~uZz&4 [ 118.326662][ T6999] input: syz0 as /devices/virtual/input/input14 [ 118.621173][ T28] audit: type=1326 audit(1756835631.599:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7010 comm="syz.1.384" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f529778ebe9 code=0x0 [ 118.642951][ C1] vkms_vblank_simulate: vblank timer overrun [ 118.673044][ T7013] vivid-002: disconnect [ 119.451125][ T7010] vivid-002: reconnect [ 119.467000][ T7020] netlink: 4 bytes leftover after parsing attributes in process `syz.0.387'. [ 119.514253][ T7020] veth0_macvtap: left promiscuous mode [ 119.556797][ T7025] loop2: detected capacity change from 0 to 1024 [ 119.634829][ T7027] loop1: detected capacity change from 0 to 1024 [ 119.647014][ T7025] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 119.700233][ T7025] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 119.755226][ T7027] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 119.774919][ T7027] ext4 filesystem being mounted at /94/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 119.803233][ T7027] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: comm syz.1.390: lblock 0 mapped to illegal pblock 0 (length 6) [ 119.811942][ T28] audit: type=1800 audit(1756835632.779:21): pid=7027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.390" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 119.878310][ T7027] EXT4-fs error (device loop1): ext4_ext_remove_space:2929: inode #15: comm syz.1.390: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 119.913569][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 120.008415][ T7035] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 120.141793][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 120.210360][ T7046] Bluetooth: hci0: invalid length 0, exp 2 for type 22 [ 120.320347][ T7048] block nbd3: NBD_DISCONNECT [ 120.334140][ T7048] block nbd3: Send disconnect failed -107 [ 120.358932][ T7047] block nbd3: Disconnected due to user request. [ 120.366718][ T7047] block nbd3: shutting down sockets [ 120.547353][ T7054] loop2: detected capacity change from 0 to 8192 [ 120.788059][ T5853] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 121.003406][ T5853] usb 4-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 121.026775][ T7066] Driver unsupported XDP return value 0 on prog (id 56) dev N/A, expect packet loss! [ 121.032684][ T5853] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 121.067250][ T5853] usb 4-1: Product: syz [ 121.079280][ T5853] usb 4-1: Manufacturer: syz [ 121.084991][ T5853] usb 4-1: SerialNumber: syz [ 121.092601][ T5853] usb 4-1: config 0 descriptor?? [ 121.132101][ T7070] netlink: 4 bytes leftover after parsing attributes in process `syz.1.403'. [ 121.511002][ T7078] loop2: detected capacity change from 0 to 1024 [ 121.554831][ T7078] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 121.558758][ T9] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 121.587626][ T7078] ext4 filesystem being mounted at /99/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 121.648588][ T28] audit: type=1800 audit(1756835634.629:22): pid=7078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.405" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 121.670719][ T7078] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #15: comm syz.2.405: lblock 0 mapped to illegal pblock 0 (length 6) [ 121.688327][ T7078] EXT4-fs error (device loop2): ext4_ext_remove_space:2929: inode #15: comm syz.2.405: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 121.706350][ C1] vkms_vblank_simulate: vblank timer overrun [ 121.720463][ T7078] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #15: comm syz.2.405: lblock 0 mapped to illegal pblock 0 (length 1) [ 121.737324][ T7078] EXT4-fs error (device loop2): ext4_ext_remove_space:2929: inode #15: comm syz.2.405: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0) [ 121.785105][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 121.849135][ T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 121.870574][ T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 121.901269][ T9] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 121.925173][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 121.953812][ T9] usb 1-1: SerialNumber: syz [ 122.196147][ T9] usb 1-1: 0:2 : does not exist [ 122.245268][ T9] usb 1-1: USB disconnect, device number 11 [ 122.317935][ T5853] usb 4-1: f81604_read: reg: 100e failed: -EPROTO [ 122.339293][ T7093] loop1: detected capacity change from 0 to 128 [ 122.369714][ T5801] udevd[5801]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 122.393688][ T5853] usb 4-1: f81604_read: reg: 200f failed: -EPROTO [ 122.408677][ T5853] usb 4-1: USB disconnect, device number 7 [ 122.489414][ T5853] usb 4-1: f81604_read: reg: 100f failed: -ENODEV [ 122.542426][ T5451] usb 4-1: f81604_read: reg: 200f failed: -ENODEV [ 122.582506][ T5853] usb 4-1: f81604_read: reg: 200f failed: -ENODEV [ 123.012668][ T59] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0xf8 [ 124.128063][ T787] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 124.173965][ T7154] loop6: detected capacity change from 0 to 7 [ 124.199761][ T7154] Dev loop6: unable to read RDB block 7 [ 124.205972][ T7154] loop6: AHDI p3 p4 [ 124.213780][ T7154] loop6: partition table partially beyond EOD, truncated [ 124.231763][ T7154] loop6: p3 start 1886353253 is beyond EOD, truncated [ 124.355594][ T787] usb 2-1: Using ep0 maxpacket: 8 [ 124.371188][ T787] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 124.388307][ T787] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 124.417124][ T787] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 124.442951][ T787] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 124.465344][ T787] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 124.516824][ T787] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 124.540933][ T787] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.627482][ T7170] tipc: Started in network mode [ 124.662509][ T7170] tipc: Node identity ac14140f, cluster identity 4711 [ 124.698883][ T7170] tipc: New replicast peer: 255.255.255.255 [ 124.717177][ T7170] tipc: Enabled bearer , priority 10 [ 124.777290][ T787] usb 2-1: GET_CAPABILITIES returned 0 [ 124.793726][ T787] usbtmc 2-1:16.0: can't read capabilities [ 124.860164][ T7176] loop0: detected capacity change from 0 to 164 [ 124.928072][ T5793] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 125.142032][ T787] usb 2-1: USB disconnect, device number 6 [ 125.156996][ T7138] usbtmc 2-1:16.0: usb_control_msg returned -71 [ 125.558051][ T9] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 125.747998][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 125.755652][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 125.771699][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 125.783752][ T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 125.807709][ T9] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 125.827390][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.837163][ T27] tipc: Node number set to 2886997007 [ 125.866196][ T9] usb 1-1: config 0 descriptor?? [ 125.917135][ T7208] loop3: detected capacity change from 0 to 256 [ 125.938549][ T7198] loop2: detected capacity change from 0 to 32768 [ 125.991957][ T7198] loop2: p1 p3 < > [ 125.993170][ T7208] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 126.301685][ T9] HID 045e:07da: Invalid code 65791 type 1 [ 126.332391][ T9] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.000A/input/input15 [ 126.383846][ T9] microsoft 0003:045E:07DA.000A: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 126.417066][ T7215] loop3: detected capacity change from 0 to 4096 [ 126.461595][ T7219] loop1: detected capacity change from 0 to 64 [ 126.479413][ T7215] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 126.669888][ T5826] usb 1-1: USB disconnect, device number 12 [ 126.675949][ T28] audit: type=1800 audit(1756835639.639:23): pid=7219 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.449" name="file1" dev="loop1" ino=21 res=0 errno=0 [ 126.786222][ T28] audit: type=1800 audit(1756835639.699:24): pid=7219 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.449" name="file1" dev="loop1" ino=21 res=0 errno=0 [ 126.923067][ T5801] udevd[5801]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 126.941452][ T5793] udevd[5793]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 127.004651][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.116095][ T7229] loop1: detected capacity change from 0 to 64 [ 127.392911][ T7237] tls_set_device_offload: netdev not found [ 127.808040][ T787] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 127.874050][ T7253] loop0: detected capacity change from 0 to 16 [ 127.888687][ T7253] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 127.896636][ T7233] loop3: detected capacity change from 0 to 32768 [ 127.919583][ T7233] XFS: ikeep mount option is deprecated. [ 127.925272][ T7233] XFS: ikeep mount option is deprecated. [ 127.934240][ T7233] XFS: noikeep mount option is deprecated. [ 128.020426][ T787] usb 3-1: Using ep0 maxpacket: 32 [ 128.027778][ T7233] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 128.038638][ T787] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 128.051925][ T787] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 128.063868][ T787] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 128.073573][ T787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.088779][ T787] usb 3-1: config 0 descriptor?? [ 128.136285][ T787] hub 3-1:0.0: USB hub found [ 128.207557][ T7233] XFS (loop3): Ending clean mount [ 128.253383][ T1093] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 128.336744][ T28] audit: type=1800 audit(1756835641.319:25): pid=7233 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.453" name="file1" dev="loop3" ino=9286 res=0 errno=0 [ 128.342346][ T787] hub 3-1:0.0: 1 port detected [ 128.365051][ T7233] XFS (loop3): User initiated shutdown received. [ 128.383659][ T7233] XFS (loop3): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:497). Shutting down filesystem. [ 128.397545][ T7233] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 128.434587][ T5786] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 128.565966][ T787] hub 3-1:0.0: hub_hub_status failed (err = -71) [ 128.578101][ T787] hub 3-1:0.0: config failed, can't get hub status (err -71) [ 128.629482][ T787] usbhid 3-1:0.0: can't add hid device: -71 [ 128.653809][ T787] usbhid: probe of 3-1:0.0 failed with error -71 [ 128.727073][ T787] usb 3-1: USB disconnect, device number 5 [ 129.177636][ T7280] loop0: detected capacity change from 0 to 512 [ 129.206147][ T7280] EXT4-fs: Ignoring removed nobh option [ 129.251790][ T7280] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.470: iget: bad i_size value: 38620345925642 [ 129.272676][ T7280] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.470: couldn't read orphan inode 15 (err -117) [ 129.341778][ T7280] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.731954][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.081960][ T28] audit: type=1107 audit(1756835643.059:26): pid=7298 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 130.114486][ T7288] loop1: detected capacity change from 0 to 32768 [ 130.189173][ T7288] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 130.443014][ T28] audit: type=1800 audit(1756835643.419:27): pid=7308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.472" name="file1" dev="loop1" ino=17058 res=0 errno=0 [ 130.463563][ C0] vkms_vblank_simulate: vblank timer overrun [ 130.637202][ T7295] loop0: detected capacity change from 0 to 40427 [ 130.673153][ T7295] F2FS-fs (loop0): heap/no_heap options were deprecated [ 130.687000][ T5785] ocfs2: Unmounting device (7,1) on (node local) [ 130.703935][ T7295] F2FS-fs (loop0): invalid crc value [ 130.761963][ T7295] F2FS-fs (loop0): Found nat_bits in checkpoint [ 130.880995][ T7315] loop3: detected capacity change from 0 to 8192 [ 130.902522][ T7295] F2FS-fs (loop0): Start checkpoint disabled! [ 130.931978][ T7315] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 130.958328][ T7315] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 130.972577][ T7295] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 131.017618][ T7321] netlink: 'syz.1.483': attribute type 3 has an invalid length. [ 131.025955][ T7321] netlink: 248 bytes leftover after parsing attributes in process `syz.1.483'. [ 131.035141][ T7315] REISERFS (device loop3): using ordered data mode [ 131.107109][ T7315] reiserfs: using flush barriers [ 131.138043][ T7315] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 131.178701][ T7315] REISERFS (device loop3): checking transaction log (loop3) [ 131.428650][ T7315] REISERFS (device loop3): Using tea hash to sort names [ 131.436158][ T7315] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 131.456933][ T48] kworker/u4:3: attempt to access beyond end of device [ 131.456933][ T48] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 131.488064][ T48] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 131.495166][ T48] kworker/u4:3: attempt to access beyond end of device [ 131.495166][ T48] loop0: rw=2049, sector=40984, nr_sectors = 8 limit=40427 [ 131.512443][ T7315] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 131.532581][ T48] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 131.975150][ T7341] loop1: detected capacity change from 0 to 4096 [ 132.338077][ T5826] usb 4-1: new full-speed USB device number 8 using dummy_hcd [ 132.477061][ T28] audit: type=1800 audit(1756835645.449:28): pid=7352 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.492" name="file1" dev="loop1" ino=33 res=0 errno=0 [ 132.569766][ T5826] usb 4-1: config 0 has no interfaces? [ 132.574834][ T7355] netlink: 8 bytes leftover after parsing attributes in process `syz.0.495'. [ 132.582911][ T5826] usb 4-1: New USB device found, idVendor=17dd, idProduct=5500, bcdDevice=f3.5e [ 132.593447][ T7355] netlink: 4 bytes leftover after parsing attributes in process `syz.0.495'. [ 132.597969][ T5826] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 132.620672][ T5826] usb 4-1: Product: syz [ 132.626172][ T5826] usb 4-1: Manufacturer: syz [ 132.635105][ T5826] usb 4-1: SerialNumber: syz [ 132.643130][ T7355] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 132.647780][ T5826] usb 4-1: config 0 descriptor?? [ 132.652429][ T7355] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 132.666910][ T7355] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 132.675789][ T7355] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 132.699351][ T7355] netlink: 8 bytes leftover after parsing attributes in process `syz.0.495'. [ 132.721832][ T7355] netlink: 4 bytes leftover after parsing attributes in process `syz.0.495'. [ 132.927275][ T5826] usb 4-1: USB disconnect, device number 8 [ 132.932111][ T7357] netlink: 'syz.0.496': attribute type 5 has an invalid length. [ 132.947590][ T7357] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.496'. [ 133.142019][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.148764][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.244760][ T7362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.498'. [ 133.284155][ T7362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.498'. [ 133.385328][ T7368] loop1: detected capacity change from 0 to 64 [ 133.431947][ T7368] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing [ 133.591004][ T7369] loop2: detected capacity change from 0 to 4096 [ 134.653754][ T7398] loop0: detected capacity change from 0 to 4096 [ 134.706684][ T7398] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 134.835412][ T7405] loop1: detected capacity change from 0 to 1764 [ 134.866070][ T7405] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 134.923548][ T7403] loop3: detected capacity change from 0 to 2048 [ 134.992882][ T7403] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 135.006648][ T7382] loop2: detected capacity change from 0 to 32768 [ 135.071476][ T7382] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.505 (7382) [ 135.102250][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.146116][ T7382] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 135.188038][ T7382] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 135.206885][ T7382] BTRFS info (device loop2): force zlib compression, level 3 [ 135.252308][ T7382] BTRFS info (device loop2): force clearing of disk cache [ 135.275761][ T7382] BTRFS info (device loop2): setting nodatasum [ 135.305954][ T7382] BTRFS info (device loop2): doing ref verification [ 135.332196][ T7382] BTRFS info (device loop2): allowing degraded mounts [ 135.341774][ T7382] BTRFS info (device loop2): enabling disk space caching [ 135.375976][ T7382] BTRFS info (device loop2): disk space caching is enabled [ 135.499360][ T7382] BTRFS info (device loop2): enabling ssd optimizations [ 135.506365][ T7382] BTRFS info (device loop2): auto enabling async discard [ 135.555457][ T7382] BTRFS info (device loop2): rebuilding free space tree [ 135.583591][ T7436] loop3: detected capacity change from 0 to 64 [ 135.611465][ T7382] BTRFS info (device loop2): disabling free space tree [ 135.640545][ T7382] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 135.650436][ T23] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 135.660094][ T7382] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 135.789581][ T5783] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 135.878552][ T23] usb 1-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 135.891103][ T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.920241][ T23] usb 1-1: Product: syz [ 135.932267][ T23] usb 1-1: Manufacturer: syz [ 135.947218][ T23] usb 1-1: SerialNumber: syz [ 135.964888][ T23] usb 1-1: config 0 descriptor?? [ 136.509830][ T7448] loop1: detected capacity change from 0 to 4096 [ 136.543094][ T7448] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.661402][ T7453] loop3: detected capacity change from 0 to 2048 [ 136.721652][ T7453] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.797122][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.911609][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.024265][ T7464] loop1: detected capacity change from 0 to 512 [ 137.067412][ T7464] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.091564][ T7464] ext4 filesystem being mounted at /130/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 137.120255][ T28] audit: type=1800 audit(1756835650.099:29): pid=7464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.532" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 137.153953][ T28] audit: type=1800 audit(1756835650.129:30): pid=7464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.532" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 137.212026][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.224647][ T23] usb 1-1: f81604_read: reg: 100e failed: -EPROTO [ 137.249978][ T23] usb 1-1: f81604_read: reg: 200f failed: -EPROTO [ 137.287126][ T23] usb 1-1: USB disconnect, device number 13 [ 137.325913][ T5451] usb 1-1: f81604_read: reg: 100f failed: -ENODEV [ 137.360211][ T5451] usb 1-1: f81604_read: reg: 200f failed: -ENODEV [ 137.405201][ T23] usb 1-1: f81604_read: reg: 100f failed: -ENODEV [ 137.510231][ T23] usb 1-1: f81604_read: reg: 200f failed: -ENODEV [ 137.591423][ T7483] loop2: detected capacity change from 0 to 1024 [ 137.609124][ T7483] EXT4-fs: Ignoring removed oldalloc option [ 137.615530][ T7483] EXT4-fs: Ignoring removed bh option [ 137.654839][ T7483] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 137.737777][ T7483] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.820359][ T7483] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4031: comm syz.2.536: Allocating blocks 385-513 which overlap fs metadata [ 137.852007][ T7489] loop3: detected capacity change from 0 to 512 [ 137.879784][ T7489] EXT4-fs: Ignoring removed nobh option [ 137.921226][ T7489] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.537: iget: bad i_size value: 38620345925642 [ 137.936155][ T7483] EXT4-fs (loop2): pa ffff888076d5de80: logic 16, phys. 129, len 24 [ 137.945348][ T7483] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 8 [ 138.013766][ T7489] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.537: couldn't read orphan inode 15 (err -117) [ 138.150833][ T7489] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 138.334284][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.367555][ T7507] loop0: detected capacity change from 0 to 1024 [ 138.596459][ T28] audit: type=1800 audit(1756835651.569:31): pid=7507 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.549" name="file2" dev="loop0" ino=22 res=0 errno=0 [ 138.875104][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.512408][ T7536] netlink: 'syz.3.548': attribute type 5 has an invalid length. [ 139.533915][ T7512] loop2: detected capacity change from 0 to 32768 [ 139.567981][ T7536] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.548'. [ 139.586387][ T7512] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 139.678263][ T7512] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 139.793623][ T7545] mmap: syz.1.551 (7545) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 140.370044][ T5783] ocfs2: Unmounting device (7,2) on (node local) [ 141.075190][ T7562] loop3: detected capacity change from 0 to 32768 [ 141.127099][ T7562] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 141.238429][ T7585] loop0: detected capacity change from 0 to 4096 [ 141.411800][ T28] audit: type=1800 audit(1756835654.389:32): pid=7586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.554" name="file1" dev="loop3" ino=17058 res=0 errno=0 [ 141.502161][ T28] audit: type=1800 audit(1756835654.459:33): pid=7585 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.565" name="file1" dev="loop0" ino=33 res=0 errno=0 [ 141.694371][ T5786] ocfs2: Unmounting device (7,3) on (node local) [ 142.304328][ T7609] loop0: detected capacity change from 0 to 2048 [ 142.370730][ T7609] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 142.621301][ T7621] netlink: 8 bytes leftover after parsing attributes in process `syz.0.578'. [ 142.630504][ T7621] netlink: 'syz.0.578': attribute type 30 has an invalid length. [ 142.690061][ T7621] netlink: 8 bytes leftover after parsing attributes in process `syz.0.578'. [ 142.727911][ T7621] netlink: 'syz.0.578': attribute type 30 has an invalid length. [ 142.810908][ T7629] loop1: detected capacity change from 0 to 2048 [ 142.847619][ T7629] NILFS (loop1): invalid segment: Magic number mismatch [ 142.870352][ T7629] NILFS (loop1): trying rollback from an earlier position [ 142.939901][ T7629] NILFS (loop1): recovery complete [ 142.953242][ T7630] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 143.059743][ T5826] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 143.270010][ T5826] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 143.287919][ T5826] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 143.297398][ T5826] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.317744][ T5826] usb 3-1: config 0 descriptor?? [ 143.545940][ T5826] usbhid 3-1:0.0: can't add hid device: -71 [ 143.563085][ T5826] usbhid: probe of 3-1:0.0 failed with error -71 [ 143.575087][ T5826] usb 3-1: USB disconnect, device number 6 [ 143.600132][ T7632] loop3: detected capacity change from 0 to 4096 [ 143.850973][ T28] audit: type=1800 audit(1756835656.829:34): pid=7632 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.582" name="file1" dev="loop3" ino=33 res=0 errno=0 [ 144.198040][ T5826] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 144.317969][ T787] usb 1-1: new full-speed USB device number 14 using dummy_hcd [ 144.358119][ T7646] loop1: detected capacity change from 0 to 32768 [ 144.408175][ T5826] usb 3-1: Using ep0 maxpacket: 32 [ 144.432405][ T5826] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 144.456433][ T5826] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 144.490108][ T5826] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.516324][ T5826] usb 3-1: config 0 descriptor?? [ 144.529994][ T787] usb 1-1: config 0 has no interfaces? [ 144.534035][ T5826] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 144.546965][ T787] usb 1-1: New USB device found, idVendor=17dd, idProduct=5500, bcdDevice=f3.5e [ 144.567220][ T5826] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 144.570813][ T787] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.606264][ T787] usb 1-1: Product: syz [ 144.618292][ T787] usb 1-1: Manufacturer: syz [ 144.626887][ T787] usb 1-1: SerialNumber: syz [ 144.671009][ T787] usb 1-1: config 0 descriptor?? [ 144.976005][ T5826] usb 3-1: USB disconnect, device number 7 [ 144.997823][ T5826] ldusb 3-1:0.0: LD USB Device #0 now disconnected [ 145.096268][ T787] usb 1-1: USB disconnect, device number 14 [ 145.448339][ T7669] loop1: detected capacity change from 0 to 32768 [ 145.465251][ T7669] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 145.483915][ T7669] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 145.559230][ T7669] XFS (loop1): Ending clean mount [ 145.571090][ T7669] XFS (loop1): Quotacheck needed: Please wait. [ 145.629645][ T5826] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 145.653982][ T7669] XFS (loop1): Quotacheck: Done. [ 145.831325][ T5826] usb 4-1: Using ep0 maxpacket: 32 [ 145.850549][ T5826] usb 4-1: config 0 has an invalid interface number: 132 but max is 0 [ 145.868064][ T5826] usb 4-1: config 0 has no interface number 0 [ 145.878650][ T5785] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 145.897962][ T5826] usb 4-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 145.917322][ T7687] loop0: detected capacity change from 0 to 1024 [ 145.928997][ T5826] usb 4-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5 [ 145.935051][ T7687] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 145.945746][ T5826] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 145.956928][ T5826] usb 4-1: Product: syz [ 145.961419][ T5826] usb 4-1: Manufacturer: syz [ 145.966964][ T5826] usb 4-1: SerialNumber: syz [ 145.981505][ T7687] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 145.992028][ T7687] EXT4-fs (loop0): orphan cleanup on readonly fs [ 146.000996][ T5826] usb 4-1: config 0 descriptor?? [ 146.002453][ T7687] EXT4-fs error (device loop0): ext4_free_blocks:6676: comm syz.0.600: Freeing blocks not in datazone - block = 0, count = 4096 [ 146.069471][ T5826] em28xx 4-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132) [ 146.100889][ T5826] em28xx 4-1:0.132: Video interface 132 found: [ 146.159535][ T7687] EXT4-fs (loop0): 1 orphan inode deleted [ 146.189921][ T7687] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 146.293826][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.428794][ T5826] em28xx 4-1:0.132: unknown em28xx chip ID (0) [ 146.950127][ T7694] loop2: detected capacity change from 0 to 32768 [ 146.978252][ T7694] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.604 (7694) [ 147.020598][ T7694] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 147.042880][ T7694] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 147.058423][ T7694] BTRFS info (device loop2): enabling auto defrag [ 147.064896][ T7694] BTRFS info (device loop2): doing ref verification [ 147.088045][ T7694] BTRFS info (device loop2): use no compression [ 147.105224][ T7694] BTRFS info (device loop2): force clearing of disk cache [ 147.115377][ T7694] BTRFS info (device loop2): max_inline at 57 [ 147.127925][ T7694] BTRFS info (device loop2): disabling free space tree [ 147.185271][ T7694] BTRFS info (device loop2): enabling ssd optimizations [ 147.228121][ T7694] BTRFS info (device loop2): auto enabling async discard [ 147.263975][ T7694] BTRFS info (device loop2): rebuilding free space tree [ 147.320287][ T7694] BTRFS info (device loop2): disabling free space tree [ 147.342446][ T7694] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 147.377470][ T7694] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 147.497071][ T7694] BTRFS error (device loop2): target device ߍVg͟;ɓ3'gL=z#;g׵]yKoLOI%cY2ݦte]!]߱Kr#L"";\?}yiPYWZV[᪼XcIt@w is invalid! [ 147.611335][ T7704] loop0: detected capacity change from 0 to 32768 [ 147.618930][ T5783] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 147.628713][ T5826] em28xx 4-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5) [ 147.631257][ T787] kernel write not supported for file bpf-prog (pid: 787 comm: kworker/0:2) [ 147.659247][ T7673] em28xx 4-1:0.132: failed to trigger write to i2c address 0x2 (error=-5) [ 147.678211][ T5826] em28xx 4-1:0.132: board has no eeprom [ 147.715071][ T5793] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 11 /dev/loop2 scanned by udevd (5793) [ 147.764316][ T7704] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 147.787991][ T5826] em28xx 4-1:0.132: Identified as Leadtek Winfast USB II (card=7) [ 147.795889][ T5826] em28xx 4-1:0.132: analog set to bulk mode. [ 147.799896][ T7704] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 147.803475][ T23] em28xx 4-1:0.132: Registering V4L2 extension [ 147.833336][ T5826] usb 4-1: USB disconnect, device number 9 [ 147.858893][ T5826] em28xx 4-1:0.132: Disconnecting em28xx [ 148.017552][ T7704] XFS (loop0): Ending clean mount [ 148.067452][ T23] em28xx 4-1:0.132: Config register raw data: 0xffffffed [ 148.077620][ T23] em28xx 4-1:0.132: AC97 chip type couldn't be determined [ 148.100049][ T23] em28xx 4-1:0.132: No AC97 audio processor [ 148.133598][ T7704] XFS (loop0): Quotacheck needed: Please wait. [ 148.181169][ T23] usb 4-1: Decoder not found [ 148.205709][ T23] em28xx 4-1:0.132: failed to create media graph [ 148.241413][ T23] em28xx 4-1:0.132: V4L2 device video103 deregistered [ 148.284606][ T7704] XFS (loop0): Quotacheck: Done. [ 148.323883][ T23] em28xx 4-1:0.132: Remote control support is not available for this card. [ 148.337755][ T5826] em28xx 4-1:0.132: Closing input extension [ 148.437085][ T5826] em28xx 4-1:0.132: Freeing device [ 148.457816][ T7752] tls_set_device_offload_rx: netdev not found [ 148.699766][ T5782] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 149.432618][ T7775] loop0: detected capacity change from 0 to 256 [ 149.460912][ T7775] exfat: Unknown parameter '01777777777777777777777' [ 149.532696][ T7225] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 149.732460][ T7783] bridge0: port 1(bridge_slave_0) entered disabled state [ 149.800860][ T7785] loop1: detected capacity change from 0 to 512 [ 149.826159][ T7785] EXT4-fs: Ignoring removed mblk_io_submit option [ 149.888488][ T9] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 149.892051][ T7785] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz.1.624: invalid block [ 149.950953][ T7785] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.624: invalid indirect mapped block 10 (level 1) [ 149.977480][ T7785] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.624: invalid indirect mapped block 8 (level 1) [ 150.020809][ T7785] EXT4-fs (loop1): 1 truncate cleaned up [ 150.039918][ T7785] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 150.088019][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 150.117817][ T9] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 150.139769][ T9] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 150.150882][ T9] usb 1-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 150.194450][ T9] usb 1-1: config 0 interface 0 has no altsetting 0 [ 150.205746][ T9] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 150.220175][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 150.234923][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.252409][ T9] usb 1-1: config 0 descriptor?? [ 150.682441][ T9] hid (null): report_id 23696 is invalid [ 150.708475][ T9] hid (null): global environment stack underflow [ 150.721250][ T9] hid (null): global environment stack underflow [ 150.779135][ T55] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 150.882579][ T9] usb 1-1: USB disconnect, device number 15 [ 150.998078][ T55] usb 4-1: Using ep0 maxpacket: 16 [ 151.010382][ T55] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 151.026986][ T55] usb 4-1: config 0 interface 0 has no altsetting 0 [ 151.034086][ T55] usb 4-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 151.043357][ T55] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.064555][ T55] usb 4-1: config 0 descriptor?? [ 151.216839][ T7825] 9pnet: p9_errstr2errno: server reported unknown error Sx7F1H;9쐉:Z6 [ 151.516147][ T55] nzxt-smart2 0003:1E71:2009.000C: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.3-1/input0 [ 151.874230][ T7832] loop0: detected capacity change from 0 to 512 [ 151.909248][ T7832] EXT4-fs: Ignoring removed i_version option [ 151.925739][ T5826] usb 4-1: USB disconnect, device number 10 [ 151.983341][ T7832] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 152.127310][ T7840] netlink: 4 bytes leftover after parsing attributes in process `syz.1.643'. [ 152.447440][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.188520][ T7852] loop0: detected capacity change from 0 to 32768 [ 153.206943][ T7852] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.645 (7852) [ 153.238132][ T7852] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 153.252044][ T7852] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 153.261175][ T7852] BTRFS info (device loop0): setting nodatacow, compression disabled [ 153.269853][ T7852] BTRFS info (device loop0): max_inline at 0 [ 153.276096][ T7852] BTRFS info (device loop0): enabling disk space caching [ 153.283686][ T7852] BTRFS info (device loop0): turning off barriers [ 153.290374][ T7852] BTRFS info (device loop0): turning on flush-on-commit [ 153.297710][ T7852] BTRFS info (device loop0): doing ref verification [ 153.320528][ T7852] BTRFS info (device loop0): force clearing of disk cache [ 153.332142][ T7852] BTRFS info (device loop0): enabling ssd optimizations [ 153.378426][ T7852] BTRFS info (device loop0): max_inline at 4096 [ 153.384737][ T7852] BTRFS info (device loop0): disk space caching is enabled [ 153.568420][ T7852] BTRFS info (device loop0): auto enabling async discard [ 153.588128][ T7852] BTRFS info (device loop0): rebuilding free space tree [ 153.634425][ T7852] BTRFS info (device loop0): disabling free space tree [ 153.651576][ T7852] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 153.676565][ T7852] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 153.708039][ T23] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 153.932695][ T23] usb 2-1: config index 0 descriptor too short (expected 23569, got 27) [ 153.951151][ T23] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 153.986958][ T23] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 154.012190][ T23] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 154.032960][ T23] usb 2-1: Manufacturer: syz [ 154.057754][ T23] usb 2-1: config 0 descriptor?? [ 154.224669][ T5782] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 154.235597][ T23] rc_core: IR keymap rc-hauppauge not found [ 154.245309][ T23] Registered IR keymap rc-empty [ 154.258893][ T23] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 154.278414][ T23] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input16 [ 154.311382][ T7862] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 154.386476][ T7862] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 154.569189][ T55] usb 2-1: USB disconnect, device number 7 [ 154.769108][ T7902] netlink: 68 bytes leftover after parsing attributes in process `syz.0.660'. [ 155.501491][ T7913] loop1: detected capacity change from 0 to 32768 [ 155.523179][ T7913] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 155.544747][ T7913] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 156.196825][ T5785] ocfs2: Unmounting device (7,1) on (node local) [ 156.449176][ T7944] loop2: detected capacity change from 0 to 512 [ 156.478286][ T7944] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 156.553079][ T7944] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 156.562146][ T7953] netlink: 12 bytes leftover after parsing attributes in process `syz.3.680'. [ 156.579697][ T7944] System zones: 0-2, 18-18, 34-34 [ 156.601448][ T7944] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 156.655807][ T7944] ext4 filesystem being mounted at /176/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 156.684707][ T7954] loop1: detected capacity change from 0 to 8192 [ 156.806638][ T7944] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 156.832934][ T7944] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 32896 with max blocks 1 with error 28 [ 156.851978][ T7944] EXT4-fs (loop2): This should not happen!! Data will be lost [ 156.851978][ T7944] [ 156.863840][ T7944] EXT4-fs (loop2): Total free blocks count 0 [ 156.876916][ T7944] EXT4-fs (loop2): Free/Dirty block details [ 156.883244][ T7944] EXT4-fs (loop2): free_blocks=39626 [ 156.910204][ T7944] EXT4-fs (loop2): dirty_blocks=1 [ 156.915294][ T7944] EXT4-fs (loop2): Block reservation details [ 156.939251][ T7944] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 156.986382][ T7962] loop1: detected capacity change from 0 to 1024 [ 157.020485][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.840861][ T7986] loop1: detected capacity change from 0 to 128 [ 158.657136][ T8005] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 159.388715][ T2929] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 163.540697][ T28] audit: type=1326 audit(1756835676.519:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8020 comm="syz.1.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 163.593611][ T28] audit: type=1326 audit(1756835676.519:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8020 comm="syz.1.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 163.656605][ T28] audit: type=1326 audit(1756835676.519:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8020 comm="syz.1.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 163.703147][ T28] audit: type=1326 audit(1756835676.519:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8020 comm="syz.1.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 163.755961][ T28] audit: type=1326 audit(1756835676.519:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8020 comm="syz.1.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 163.778113][ T787] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 163.832579][ T28] audit: type=1326 audit(1756835676.519:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8020 comm="syz.1.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 163.866735][ T28] audit: type=1326 audit(1756835676.519:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8020 comm="syz.1.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 163.890841][ T28] audit: type=1326 audit(1756835676.519:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8020 comm="syz.1.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 163.918606][ T28] audit: type=1326 audit(1756835676.519:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8020 comm="syz.1.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 163.970645][ T28] audit: type=1326 audit(1756835676.519:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8020 comm="syz.1.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f529778ebe9 code=0x7ffc0000 [ 164.003415][ T787] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 164.013435][ T8031] pimreg: entered allmulticast mode [ 164.029734][ T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.052983][ T787] usb 1-1: config 0 descriptor?? [ 164.288438][ T8016] loop3: detected capacity change from 0 to 32768 [ 165.200652][ T8058] loop2: detected capacity change from 0 to 8192 [ 165.222118][ T8058] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 165.238690][ T8058] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 165.248390][ T8058] REISERFS (device loop2): using ordered data mode [ 165.254968][ T8058] reiserfs: using flush barriers [ 165.262447][ T8058] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 165.285524][ T8058] REISERFS (device loop2): checking transaction log (loop2) [ 165.298652][ T787] usb 1-1: Cannot set autoneg [ 165.303520][ T787] MOSCHIP usb-ethernet driver: probe of 1-1:0.0 failed with error -71 [ 165.313594][ T8058] REISERFS (device loop2): Using r5 hash to sort names [ 165.339566][ T8058] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 165.350948][ T787] usb 1-1: USB disconnect, device number 16 [ 165.625981][ T8076] netlink: 12 bytes leftover after parsing attributes in process `syz.1.731'. [ 165.657225][ T8076] netlink: 'syz.1.731': attribute type 18 has an invalid length. [ 165.697287][ T8076] netdevsim netdevsim1 netdevsim0: set [0, 1] type 1 family 0 port 8472 - 0 [ 165.700940][ T8078] loop2: detected capacity change from 0 to 256 [ 165.706439][ T8076] netdevsim netdevsim1 netdevsim1: set [0, 1] type 1 family 0 port 8472 - 0 [ 165.721517][ T8076] netdevsim netdevsim1 netdevsim2: set [0, 1] type 1 family 0 port 8472 - 0 [ 165.731192][ T8076] netdevsim netdevsim1 netdevsim3: set [0, 1] type 1 family 0 port 8472 - 0 [ 165.737063][ T8078] exfat: Unknown parameter '01777777777777777777777' [ 165.765406][ T8076] vxlan1: entered promiscuous mode [ 166.055407][ T8082] loop0: detected capacity change from 0 to 128 [ 166.064069][ T8082] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 166.091763][ T8075] loop3: detected capacity change from 0 to 32768 [ 166.128988][ T55] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 166.215211][ T48] read_mapping_page failed! [ 166.223358][ T48] ERROR: (device loop3): txCommit: [ 166.223358][ T48] [ 166.259251][ T48] jfs_write_inode: jfs_commit_inode failed! [ 166.328010][ T55] usb 3-1: Using ep0 maxpacket: 16 [ 166.361839][ T55] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 166.375254][ T55] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 166.391383][ T55] usb 3-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 166.429023][ T55] usb 3-1: config 0 interface 0 has no altsetting 0 [ 166.448020][ T55] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 166.457105][ T55] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.481215][ T55] usb 3-1: config 0 descriptor?? [ 166.532940][ T5853] psmouse serio2: Failed to reset mouse on : -5 [ 166.740007][ T8094] loop3: detected capacity change from 0 to 4096 [ 166.758330][ T8094] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 166.838366][ T8094] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 166.849710][ T8094] ntfs3: loop3: Failed to load $Extend (-22). [ 166.857485][ T8094] ntfs3: loop3: Failed to initialize $Extend. [ 166.919429][ T55] hid (null): report_id 23696 is invalid [ 166.925371][ T55] hid (null): global environment stack underflow [ 166.946973][ T55] hid (null): global environment stack underflow [ 167.176591][ T787] usb 3-1: USB disconnect, device number 8 [ 167.317544][ T8106] loop1: detected capacity change from 0 to 8192 [ 167.342989][ T8106] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 167.363983][ T8106] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 167.388092][ T8106] REISERFS (device loop1): using ordered data mode [ 167.402755][ T8106] reiserfs: using flush barriers [ 167.414551][ T8106] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 167.452241][ T8106] REISERFS (device loop1): checking transaction log (loop1) [ 167.465403][ T8106] REISERFS (device loop1): Using r5 hash to sort names [ 167.486486][ T8106] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 167.869610][ T8111] loop1: detected capacity change from 0 to 128 [ 167.947560][ T8111] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 167.980507][ T8111] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 168.066685][ T5785] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 168.238524][ T9] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 168.431686][ T9] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 168.441062][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 168.449812][ T9] usb 3-1: Product: syz [ 168.454028][ T9] usb 3-1: Manufacturer: syz [ 168.469186][ T9] usb 3-1: SerialNumber: syz [ 168.479037][ T9] usb 3-1: config 0 descriptor?? [ 168.703634][ T9] hso 3-1:0.0: Can't find BULK IN endpoint [ 168.722837][ T9] usb-storage 3-1:0.0: USB Mass Storage device detected [ 168.823777][ T8126] loop1: detected capacity change from 0 to 32768 [ 168.882036][ T8126] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 168.956165][ T28] kauditd_printk_skb: 9 callbacks suppressed [ 168.956180][ T28] audit: type=1800 audit(1756835681.929:54): pid=8126 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.751" name="file1" dev="loop1" ino=17058 res=0 errno=0 [ 169.045747][ T8115] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 169.060634][ T8115] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 169.077318][ T9] usb 3-1: USB disconnect, device number 9 [ 169.143832][ T5785] ocfs2: Unmounting device (7,1) on (node local) [ 169.263911][ T8140] loop6: detected capacity change from 0 to 7 [ 169.288735][ T5793] Dev loop6: unable to read RDB block 7 [ 169.315126][ T5793] loop6: AHDI p1 p2 [ 169.327070][ T5793] loop6: partition table partially beyond EOD, truncated [ 169.343816][ T5793] loop6: p1 start 926365495 is beyond EOD, truncated [ 169.386799][ T8140] Dev loop6: unable to read RDB block 7 [ 169.396085][ T8140] loop6: AHDI p1 p2 [ 169.402338][ T8140] loop6: partition table partially beyond EOD, truncated [ 169.425807][ T8140] loop6: p1 start 926365495 is beyond EOD, truncated [ 169.606789][ T55] IPVS: starting estimator thread 0... [ 169.698152][ T8147] IPVS: using max 17 ests per chain, 40800 per kthread [ 169.925248][ T8157] loop2: detected capacity change from 0 to 512 [ 169.960258][ T8157] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 169.973418][ T8157] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 170.067656][ T8162] loop1: detected capacity change from 0 to 8 [ 170.137701][ T8162] SQUASHFS error: lzo decompression failed, data probably corrupt [ 170.146496][ T8162] SQUASHFS error: Failed to read block 0x91: -5 [ 170.153208][ T8162] SQUASHFS error: Unable to read metadata cache entry [8f] [ 170.160980][ T8162] SQUASHFS error: Unable to read inode 0x11f [ 170.195802][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.298189][ T5853] misc userio: Buffer overflowed, userio client isn't keeping up [ 171.031123][ T8188] loop2: detected capacity change from 0 to 512 [ 171.049227][ T8188] EXT4-fs: Ignoring removed oldalloc option [ 171.088874][ T8188] EXT4-fs (loop2): 1 truncate cleaned up [ 171.095936][ T8188] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 171.196292][ T8188] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.773: invalid indirect mapped block 234881024 (level 0) [ 171.220557][ T8188] EXT4-fs (loop2): Remounting filesystem read-only [ 171.269675][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.318889][ T5826] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 171.378267][ T5853] input: PS/2 Generic Mouse as /devices/serio2/input/input17 [ 171.529593][ T5826] usb 4-1: Using ep0 maxpacket: 8 [ 171.545581][ T5826] usb 4-1: too many configurations: 129, using maximum allowed: 8 [ 171.569944][ T5826] usb 4-1: config 0 has an invalid interface number: 153 but max is 0 [ 171.588192][ T5826] usb 4-1: config 0 has no interface number 0 [ 171.594356][ T5826] usb 4-1: config 0 interface 153 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 171.637961][ T5853] psmouse serio2: Failed to enable mouse on [ 171.645231][ T5826] usb 4-1: config 0 has an invalid interface number: 153 but max is 0 [ 171.659057][ T5826] usb 4-1: config 0 has no interface number 0 [ 171.665258][ T5826] usb 4-1: config 0 interface 153 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 171.688260][ T5826] usb 4-1: config 0 has an invalid interface number: 153 but max is 0 [ 171.699038][ T5826] usb 4-1: config 0 has no interface number 0 [ 171.707003][ T5826] usb 4-1: config 0 interface 153 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 171.726144][ T5826] usb 4-1: config 0 has an invalid interface number: 153 but max is 0 [ 171.736929][ T5826] usb 4-1: config 0 has no interface number 0 [ 171.743514][ T5826] usb 4-1: config 0 interface 153 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 171.755806][ T5826] usb 4-1: config 0 has an invalid interface number: 153 but max is 0 [ 171.768803][ T5826] usb 4-1: config 0 has no interface number 0 [ 171.789092][ T5826] usb 4-1: config 0 interface 153 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 171.829924][ T5826] usb 4-1: config 0 has an invalid interface number: 153 but max is 0 [ 171.843379][ T5826] usb 4-1: config 0 has no interface number 0 [ 171.858038][ T5826] usb 4-1: config 0 interface 153 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 171.881560][ T5826] usb 4-1: config 0 has an invalid interface number: 153 but max is 0 [ 171.897988][ T5826] usb 4-1: config 0 has no interface number 0 [ 171.904147][ T5826] usb 4-1: config 0 interface 153 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 171.929114][ T5826] usb 4-1: config 0 has an invalid interface number: 153 but max is 0 [ 171.946990][ T5826] usb 4-1: config 0 has no interface number 0 [ 171.955202][ T5826] usb 4-1: config 0 interface 153 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 171.968900][ T5826] usb 4-1: New USB device found, idVendor=0a5c, idProduct=bd27, bcdDevice=6e.27 [ 171.987925][ T5826] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 171.996047][ T5826] usb 4-1: Product: syz [ 172.006163][ T5826] usb 4-1: Manufacturer: syz [ 172.010883][ T5826] usb 4-1: SerialNumber: syz [ 172.018937][ T5826] usb 4-1: config 0 descriptor?? [ 172.061370][ T8206] loop0: detected capacity change from 0 to 8192 [ 172.100983][ T8206] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 172.118034][ T8206] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 172.165817][ T8206] REISERFS (device loop0): using ordered data mode [ 172.204287][ T8206] reiserfs: using flush barriers [ 172.223527][ T8206] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 172.248456][ T5826] usb 4-1: USB disconnect, device number 11 [ 172.261598][ T8206] REISERFS (device loop0): checking transaction log (loop0) [ 172.284230][ T8206] REISERFS (device loop0): Using r5 hash to sort names [ 172.305201][ T8206] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 173.272925][ T8208] loop2: detected capacity change from 0 to 32768 [ 173.543977][ T8208] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 173.695205][ T28] audit: type=1800 audit(1756835686.659:55): pid=8208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.780" name="file1" dev="loop2" ino=17059 res=0 errno=0 [ 174.067351][ T5783] ocfs2: Unmounting device (7,2) on (node local) [ 174.252239][ T8230] loop1: detected capacity change from 0 to 32768 [ 174.288366][ T8230] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.788 (8230) [ 174.339818][ T8230] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 174.384602][ T8230] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 174.408098][ T8230] BTRFS info (device loop1): using free space tree [ 174.468528][ T5853] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 174.586902][ T8230] BTRFS info (device loop1): enabling ssd optimizations [ 174.635602][ T8230] BTRFS info (device loop1): auto enabling async discard [ 174.671506][ T5853] usb 4-1: Using ep0 maxpacket: 8 [ 174.689326][ T5853] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 174.708649][ T5853] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 174.732947][ T5853] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 174.758294][ T5853] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 174.833779][ T5853] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 174.854769][ T5853] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 174.864508][ T5853] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.063880][ T2929] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared) [ 175.105552][ T5853] usb 4-1: usb_control_msg returned -32 [ 175.121247][ T5853] usbtmc 4-1:16.0: can't read capabilities [ 175.161251][ T5785] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 175.364024][ T8276] netlink: 4 bytes leftover after parsing attributes in process `syz.2.800'. [ 175.409210][ T8276] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 175.478264][ T8281] usbtmc 4-1:16.0: usb_control_msg returned -32 [ 175.567054][ T55] usb 4-1: USB disconnect, device number 12 [ 175.658697][ T8285] input: syz1 as /devices/virtual/input/input18 [ 175.763123][ T8276] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 175.868137][ T787] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 176.078377][ T787] usb 1-1: Using ep0 maxpacket: 8 [ 176.086953][ T787] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 176.095515][ T787] usb 1-1: config 179 has no interface number 0 [ 176.105672][ T787] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 176.122135][ T787] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 176.134063][ T787] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 176.145920][ T787] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 176.168588][ T787] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 176.181835][ T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.201729][ T8283] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 176.318048][ T5853] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 176.456940][ T787] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input19 [ 176.498117][ T5853] usb 2-1: Using ep0 maxpacket: 16 [ 176.514863][ T5853] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 176.537735][ T5853] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 176.558014][ T5853] usb 2-1: New USB device found, idVendor=5543, idProduct=0081, bcdDevice= 0.00 [ 176.575375][ T5853] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.602998][ T5853] usb 2-1: config 0 descriptor?? [ 176.648035][ T5826] usb 1-1: USB disconnect, device number 17 [ 176.648089][ C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 176.663292][ C0] dummy_hcd dummy_hcd.0: timer fired with no URBs pending? [ 176.666130][ T5826] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 177.208016][ T787] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 177.243646][ T5853] usb 2-1: string descriptor 0 read error: -71 [ 177.259105][ T5853] uclogic 0003:5543:0081.000E: failed retrieving string descriptor #200: -71 [ 177.276496][ T5853] uclogic 0003:5543:0081.000E: failed retrieving pen parameters: -71 [ 177.291418][ T5853] uclogic 0003:5543:0081.000E: failed probing pen v2 parameters: -71 [ 177.293784][ T8301] loop3: detected capacity change from 0 to 1024 [ 177.304722][ T5853] uclogic 0003:5543:0081.000E: failed probing parameters: -71 [ 177.315237][ T5853] uclogic: probe of 0003:5543:0081.000E failed with error -71 [ 177.338117][ T5853] usb 2-1: USB disconnect, device number 8 [ 177.384621][ T8301] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 177.407972][ T787] usb 3-1: Using ep0 maxpacket: 32 [ 177.415263][ T787] usb 3-1: config 0 has an invalid interface number: 132 but max is 0 [ 177.427885][ T787] usb 3-1: config 0 has no interface number 0 [ 177.434035][ T787] usb 3-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 177.467513][ T8301] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 177.470547][ T787] usb 3-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5 [ 177.496003][ T787] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 177.518115][ T787] usb 3-1: Product: syz [ 177.527968][ T787] usb 3-1: Manufacturer: syz [ 177.532621][ T787] usb 3-1: SerialNumber: syz [ 177.542105][ T8301] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 177.554632][ T28] audit: type=1800 audit(1756835690.519:56): pid=8310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.810" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 177.580891][ T8301] EXT4-fs (loop3): This should not happen!! Data will be lost [ 177.580891][ T8301] [ 177.581898][ T787] usb 3-1: config 0 descriptor?? [ 177.592718][ T8301] EXT4-fs (loop3): Total free blocks count 0 [ 177.612560][ T8301] EXT4-fs (loop3): Free/Dirty block details [ 177.625061][ T787] em28xx 3-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132) [ 177.626656][ T8301] EXT4-fs (loop3): free_blocks=68451041280 [ 177.647488][ T787] em28xx 3-1:0.132: Video interface 132 found: [ 177.647530][ T8301] EXT4-fs (loop3): dirty_blocks=16 [ 177.659912][ T8301] EXT4-fs (loop3): Block reservation details [ 177.666049][ T8301] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 177.764969][ T48] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 8 with error 28 [ 177.849608][ T8317] input: syz1 as /devices/virtual/input/input20 [ 178.029565][ T8323] input: syz0 as /devices/virtual/input/input21 [ 178.073899][ T787] em28xx 3-1:0.132: unknown em28xx chip ID (0) [ 178.217993][ T55] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 178.421303][ T55] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 178.433809][ T55] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 178.443626][ T55] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 178.456663][ T55] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 178.465842][ T5826] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 178.473555][ T55] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.484793][ T55] usb 4-1: config 0 descriptor?? [ 178.670212][ T5826] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 178.681421][ T5826] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 178.691305][ T5826] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 178.705024][ T5826] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.716581][ T5826] usb 2-1: config 0 descriptor?? [ 178.919220][ T55] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 178.927752][ T55] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving [ 178.953435][ T55] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 179.145366][ T8329] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 179.154357][ T8329] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 179.172177][ T5826] cm6533_jd 0003:0D8C:0022.0010: unknown main item tag 0x0 [ 179.184223][ T5826] cm6533_jd 0003:0D8C:0022.0010: unknown main item tag 0x0 [ 179.205336][ T5826] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0D8C:0022.0010/input/input22 [ 179.228464][ T787] em28xx 3-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5) [ 179.244445][ T787] em28xx 3-1:0.132: board has no eeprom [ 179.267558][ T8295] em28xx 3-1:0.132: failed to trigger write to i2c address 0x2 (error=-5) [ 179.287467][ T5826] cm6533_jd 0003:0D8C:0022.0010: input,hiddev1,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0 [ 179.349772][ T787] em28xx 3-1:0.132: Identified as Leadtek Winfast USB II (card=7) [ 179.367636][ T787] em28xx 3-1:0.132: analog set to bulk mode. [ 179.396571][ T9] em28xx 3-1:0.132: Registering V4L2 extension [ 179.421215][ T787] usb 3-1: USB disconnect, device number 10 [ 179.443635][ T787] em28xx 3-1:0.132: Disconnecting em28xx [ 179.703067][ T9] em28xx 3-1:0.132: Config register raw data: 0xffffffed [ 179.710739][ T9] em28xx 3-1:0.132: AC97 chip type couldn't be determined [ 179.723989][ T9] em28xx 3-1:0.132: No AC97 audio processor [ 179.735510][ T9] usb 3-1: Decoder not found [ 179.745063][ T9] em28xx 3-1:0.132: failed to create media graph [ 179.753579][ T9] em28xx 3-1:0.132: V4L2 device video103 deregistered [ 179.772109][ T9] em28xx 3-1:0.132: Remote control support is not available for this card. [ 179.790433][ T787] em28xx 3-1:0.132: Closing input extension [ 179.812815][ T787] em28xx 3-1:0.132: Freeing device [ 180.200262][ T8360] loop2: detected capacity change from 0 to 1024 [ 180.218669][ T8360] EXT4-fs: Ignoring removed orlov option [ 180.222204][ T9] usb 2-1: USB disconnect, device number 9 [ 180.231165][ T8360] EXT4-fs: Ignoring removed nomblk_io_submit option [ 180.284548][ T8360] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 180.394260][ T8354] loop0: detected capacity change from 0 to 32768 [ 180.407212][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 180.435809][ T8354] loop0: p1 p3 < > [ 180.663603][ T8367] "syz.0.832" (8367) uses obsolete ecb(arc4) skcipher [ 180.746502][ T7225] udevd[7225]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 180.779797][ T5793] udevd[5793]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 181.062604][ T5853] usb 4-1: USB disconnect, device number 13 [ 181.195686][ T8380] netlink: 32 bytes leftover after parsing attributes in process `syz.0.839'. [ 181.397972][ T787] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 181.548167][ T27] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 181.593413][ T787] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 181.606805][ T787] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 181.628709][ T787] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 181.642293][ T787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 181.657361][ T787] usb 3-1: SerialNumber: syz [ 181.741321][ T27] usb 1-1: Using ep0 maxpacket: 16 [ 181.748578][ T27] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 181.759679][ T27] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 181.769490][ T27] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 181.783110][ T27] usb 1-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 181.792255][ T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.802441][ T27] usb 1-1: config 0 descriptor?? [ 181.881479][ T787] usb 3-1: 0:2 : does not exist [ 181.900529][ T787] usb 3-1: USB disconnect, device number 11 [ 181.927991][ T5793] udevd[5793]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 181.928083][ T55] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 182.159783][ T55] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 182.171054][ T55] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 182.181044][ T55] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 182.190522][ T55] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 182.202474][ T55] usb 4-1: config 0 descriptor?? [ 182.222813][ T27] shield 0003:0955:7214.0011: unknown main item tag 0x0 [ 182.230052][ T27] shield 0003:0955:7214.0011: unknown main item tag 0x0 [ 182.237067][ T27] shield 0003:0955:7214.0011: unknown main item tag 0x0 [ 182.244474][ T27] shield 0003:0955:7214.0011: unknown main item tag 0x0 [ 182.252302][ T27] shield 0003:0955:7214.0011: unknown main item tag 0x0 [ 182.261778][ T27] input: HID 0955:7214 Haptics as /devices/virtual/input/input23 [ 182.305868][ T27] shield 0003:0955:7214.0011: Registered Thunderstrike controller [ 182.322222][ T27] shield 0003:0955:7214.0011: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.0-1/input0 [ 182.529611][ T8384] netlink: 'syz.0.840': attribute type 2 has an invalid length. [ 182.537325][ T8384] netlink: 244 bytes leftover after parsing attributes in process `syz.0.840'. [ 182.551387][ T27] shield 0003:0955:7214.0011: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 182.563685][ T23] usb 1-1: USB disconnect, device number 18 [ 182.585511][ T27] shield 0003:0955:7214.0011: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 182.614060][ T27] shield 0003:0955:7214.0011: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 182.627289][ T27] shield 0003:0955:7214.0011: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 182.651678][ T55] cm6533_jd 0003:0D8C:0022.0012: unknown main item tag 0x0 [ 182.669520][ T55] cm6533_jd 0003:0D8C:0022.0012: unknown main item tag 0x0 [ 182.685215][ T55] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0D8C:0022.0012/input/input24 [ 182.719700][ T55] cm6533_jd 0003:0D8C:0022.0012: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0 [ 182.889230][ T9] usb 4-1: USB disconnect, device number 14 [ 182.978060][ T787] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 183.172201][ T787] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 183.189033][ T787] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 183.220293][ T787] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 183.231300][ T787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 183.240725][ T787] usb 3-1: SerialNumber: syz [ 183.458253][ T5788] Bluetooth: hci4: command 0xfc11 tx timeout [ 183.466464][ T5101] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 183.507190][ T8400] loop2: detected capacity change from 0 to 4096 [ 183.614957][ T8411] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 183.656930][ T787] usb 3-1: 0:2 : does not exist [ 183.682922][ T787] usb 3-1: 5:0: failed to get current value for ch 0 (-22) [ 183.717070][ T787] usb 3-1: 5:0: failed to get current value for ch 1 (-22) [ 183.774337][ T787] usb 3-1: USB disconnect, device number 12 [ 183.833670][ T7225] udevd[7225]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 183.953581][ T8417] loop3: detected capacity change from 0 to 1024 [ 184.000697][ T8417] hfsplus: xattr searching failed [ 184.508111][ T23] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 184.728328][ T23] usb 2-1: Using ep0 maxpacket: 8 [ 184.757971][ T23] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 184.788811][ T23] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 184.810574][ T23] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 184.825236][ T23] usb 2-1: New USB device found, idVendor=056a, idProduct=00c6, bcdDevice= 0.00 [ 184.852326][ T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.872622][ T23] usb 2-1: config 0 descriptor?? [ 185.155548][ T8452] loop0: detected capacity change from 0 to 64 [ 185.189226][ T8453] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 185.189226][ T8453] The task syz.3.867 (8453) triggered the difference, watch for misbehavior. [ 185.246403][ T8452] syz.0.868: attempt to access beyond end of device [ 185.246403][ T8452] loop0: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 185.262326][ T8452] Buffer I/O error on dev loop0, logical block 134217734, async page read [ 185.277941][ T8452] syz.0.868: attempt to access beyond end of device [ 185.277941][ T8452] loop0: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 185.294467][ T8452] Buffer I/O error on dev loop0, logical block 134217734, async page read [ 185.304514][ T8452] overlayfs: failed to create directory ./file0/work (errno: 5); mounting read-only [ 185.316716][ T8452] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 185.323505][ T8454] syz.0.868: attempt to access beyond end of device [ 185.323505][ T8454] loop0: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 185.332819][ T8452] overlayfs: failed to get uuid (/bus, err=-95); falling back to uuid=null. [ 185.343006][ T23] wacom 0003:056A:00C6.0013: hidraw0: USB HID v0.00 Device [HID 056a:00c6] on usb-dummy_hcd.1-1/input0 [ 185.376667][ T8454] Buffer I/O error on dev loop0, logical block 134217734, async page read [ 185.387563][ T8454] syz.0.868: attempt to access beyond end of device [ 185.387563][ T8454] loop0: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 185.407763][ T8454] Buffer I/O error on dev loop0, logical block 134217734, async page read [ 185.478905][ T5782] syz-executor: attempt to access beyond end of device [ 185.478905][ T5782] loop0: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 185.495446][ T5782] Buffer I/O error on dev loop0, logical block 134217734, async page read [ 185.505392][ T5782] syz-executor: attempt to access beyond end of device [ 185.505392][ T5782] loop0: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 185.521966][ T5782] Buffer I/O error on dev loop0, logical block 134217734, async page read [ 185.542712][ T5782] Trying to free block not in datazone [ 185.615887][ T55] usb 2-1: USB disconnect, device number 10 [ 185.742238][ T8457] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2541091674 (162629867136 ns) > initial count (104792502336 ns). Using initial count to start timer. [ 186.110076][ T1024] ------------[ cut here ]------------ [ 186.116281][ T1024] WARNING: CPU: 1 PID: 1024 at net/mac80211/chan.c:92 ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 186.127383][ T1024] Modules linked in: [ 186.131739][ T1024] CPU: 1 PID: 1024 Comm: kworker/u4:5 Not tainted syzkaller #0 [ 186.139751][ T1024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 186.150456][ T1024] Workqueue: phy7 ieee80211_csa_finalize_work [ 186.156782][ T1024] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0 [ 186.164143][ T1024] Code: 48 89 df e8 1a 06 ea f7 e9 dc fc ff ff e8 f0 bf 92 f7 eb 24 e8 e9 bf 92 f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 d8 bf 92 f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 ca bf 92 f7 48 8b 7c 24 08 4c 8b 7c [ 186.184013][ T1024] RSP: 0018:ffffc9000457f9c0 EFLAGS: 00010293 [ 186.190233][ T1024] RAX: ffffffff89f2cbce RBX: 0000000000000001 RCX: ffff8880232fbc00 [ 186.198305][ T1024] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 186.206301][ T1024] RBP: dffffc0000000000 R08: ffff88805d7295af R09: 1ffff1100bae52b5 [ 186.209694][ C0] ------------[ cut here ]------------ [ 186.215008][ T1024] R10: dffffc0000000000 R11: ffffed100bae52b6 R12: 0000000000000001 [ 186.220236][ C0] WARNING: CPU: 0 PID: 8479 at net/mac80211/tx.c:5031 __ieee80211_beacon_get+0x1233/0x1600 [ 186.220278][ C0] Modules linked in: [ 186.220292][ C0] CPU: 0 PID: 8479 Comm: syz.2.878 Not tainted syzkaller #0 [ 186.220310][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 186.220323][ C0] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600 [ 186.220352][ C0] Code: 24 4c 89 e7 e8 0e 88 d4 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 19 65 97 f7 0f 0b e9 f6 f7 ff ff e8 0d 65 97 f7 <0f> 0b e9 48 fb ff ff e8 01 65 97 f7 48 c7 c7 a0 09 24 8e 4c 89 e6 [ 186.220367][ C0] RSP: 0018:ffffc90000007a18 EFLAGS: 00010246 [ 186.228360][ T1024] R13: ffff88805d72a5d9 R14: ffff888020f52c70 R15: ffff888020f52ce8 [ 186.228379][ T1024] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 186.238402][ C0] [ 186.242227][ T1024] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.249516][ C0] RAX: ffffffff89ee2a93 RBX: ffffffff89ee1896 RCX: ffff88803158da00 [ 186.259872][ T1024] CR2: 00007f5b4f8f56c0 CR3: 000000000cb30000 CR4: 00000000003526e0 [ 186.265908][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 186.265924][ C0] RBP: 0000000000000000 R08: ffff88803158da00 R09: 0000000000000003 [ 186.285564][ T1024] Call Trace: [ 186.291616][ C0] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805d72a3c0 [ 186.291632][ C0] R13: dffffc0000000000 R14: ffff88805d72a8b0 R15: ffff88805beef024 [ 186.299670][ T1024] [ 186.308600][ C0] FS: 00007f5b4cdd56c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 186.310951][ T1024] ieee80211_link_use_reserved_context+0x383/0x5c0 [ 186.317487][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.317503][ C0] CR2: 00007f5b4cdd5d58 CR3: 000000005bc58000 CR4: 00000000003526f0 [ 186.317518][ C0] Call Trace: [ 186.317526][ C0] [ 186.317535][ C0] ? __ieee80211_beacon_get+0x36/0x1600 [ 186.317575][ C0] ieee80211_beacon_get_tim+0xb8/0x560 [ 186.317607][ C0] ? ieee80211_beacon_get_template_ema_list+0x90/0x90 [ 186.317646][ C0] mac80211_hwsim_beacon_tx+0x3c7/0x780 [ 186.317685][ C0] __iterate_interfaces+0x243/0x500 [ 186.317708][ C0] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 186.317733][ C0] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 186.317760][ C0] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 186.317785][ C0] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 186.317814][ C0] mac80211_hwsim_beacon+0xbb/0x1b0 [ 186.317870][ C0] __hrtimer_run_queues+0x51e/0xc40 [ 186.317900][ C0] ? hw_scan_work+0xf40/0xf40 [ 186.317927][ C0] ? hrtimer_interrupt+0x9c0/0x9c0 [ 186.317950][ C0] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 186.317985][ C0] hrtimer_run_softirq+0x187/0x2b0 [ 186.318012][ C0] handle_softirqs+0x280/0x820 [ 186.318038][ C0] ? __irq_exit_rcu+0xc7/0x190 [ 186.318064][ C0] ? do_softirq+0x180/0x180 [ 186.318090][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 186.318120][ C0] __irq_exit_rcu+0xc7/0x190 [ 186.318141][ C0] ? irq_exit_rcu+0x20/0x20 [ 186.318171][ C0] irq_exit_rcu+0x9/0x20 [ 186.318189][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 186.318219][ C0] [ 186.318228][ C0] [ 186.318237][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 186.318258][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xa9/0x110 [ 186.318291][ C0] Code: 74 05 e8 ca 51 14 f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 42 ca e3 f6 65 8b 05 b3 18 8c 75 85 c0 74 3c 48 c7 04 24 0e 36 [ 186.318310][ C0] RSP: 0018:ffffc9000c177de0 EFLAGS: 00000206 [ 186.318332][ C0] RAX: a9e86d5bf8f1ee00 RBX: 0000000000000a02 RCX: a9e86d5bf8f1ee00 [ 186.318348][ C0] RDX: dffffc0000000000 RSI: ffffffff8aaaba20 RDI: 0000000000000001 [ 186.318364][ C0] RBP: ffffc9000c177e78 R08: ffffffff8e4a8f2f R09: 1ffffffff1c951e5 [ 186.318380][ C0] R10: dffffc0000000000 R11: fffffbfff1c951e6 R12: dffffc0000000000 [ 186.318397][ C0] R13: ffff88803158da00 R14: ffff88802ef4af08 R15: 1ffff9200182efbc [ 186.318432][ C0] ? _raw_spin_unlock+0x40/0x40 [ 186.318462][ C0] ? __fget_files+0x28/0x4d0 [ 186.318497][ C0] kcov_ioctl+0x1f9/0x630 [ 186.318523][ C0] ? bpf_lsm_file_ioctl+0x9/0x10 [ 186.318544][ C0] ? security_file_ioctl+0x80/0xa0 [ 186.318572][ C0] ? kcov_remote_reset+0xc0/0xc0 [ 186.318597][ C0] __se_sys_ioctl+0xfd/0x170 [ 186.318625][ C0] do_syscall_64+0x55/0xb0 [ 186.318649][ C0] ? clear_bhb_loop+0x40/0x90 [ 186.318677][ C0] ? clear_bhb_loop+0x40/0x90 [ 186.318698][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 186.318728][ C0] RIP: 0033:0x7f5b4eb8e7eb [ 186.318756][ C0] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 186.318773][ C0] RSP: 002b:00007f5b4cdd5050 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 186.318795][ C0] RAX: ffffffffffffffda RBX: 00007f5b4edc6128 RCX: 00007f5b4eb8e7eb [ 186.318810][ C0] RDX: 0000000000000000 RSI: 0000000000006364 RDI: 00000000000000d9 [ 186.318824][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007ffcecb4ed27 [ 186.318837][ C0] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 186.318851][ C0] R13: 00007f5b4edc6128 R14: 00007ffcecb4ec40 R15: 00007ffcecb4ed28 [ 186.318880][ C0] [ 186.318890][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 186.318901][ C0] CPU: 0 PID: 8479 Comm: syz.2.878 Not tainted syzkaller #0 [ 186.318919][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 186.318929][ C0] Call Trace: [ 186.318936][ C0] [ 186.318943][ C0] dump_stack_lvl+0x16c/0x230 [ 186.318969][ C0] ? show_regs_print_info+0x20/0x20 [ 186.318991][ C0] ? load_image+0x3b0/0x3b0 [ 186.319023][ C0] panic+0x2c0/0x710 [ 186.319054][ C0] ? bpf_jit_dump+0xd0/0xd0 [ 186.319088][ C0] __warn+0x2e0/0x470 [ 186.319111][ C0] ? __ieee80211_beacon_get+0x1233/0x1600 [ 186.319141][ C0] ? __ieee80211_beacon_get+0x1233/0x1600 [ 186.319168][ C0] report_bug+0x2be/0x4f0 [ 186.319189][ C0] ? __ieee80211_beacon_get+0x1233/0x1600 [ 186.319216][ C0] ? __ieee80211_beacon_get+0x1233/0x1600 [ 186.319243][ C0] ? __ieee80211_beacon_get+0x1235/0x1600 [ 186.319269][ C0] handle_bug+0xcf/0x120 [ 186.319290][ C0] exc_invalid_op+0x1a/0x50 [ 186.319312][ C0] asm_exc_invalid_op+0x1a/0x20 [ 186.319336][ C0] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600 [ 186.319364][ C0] Code: 24 4c 89 e7 e8 0e 88 d4 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 19 65 97 f7 0f 0b e9 f6 f7 ff ff e8 0d 65 97 f7 <0f> 0b e9 48 fb ff ff e8 01 65 97 f7 48 c7 c7 a0 09 24 8e 4c 89 e6 [ 186.319379][ C0] RSP: 0018:ffffc90000007a18 EFLAGS: 00010246 [ 186.319395][ C0] RAX: ffffffff89ee2a93 RBX: ffffffff89ee1896 RCX: ffff88803158da00 [ 186.319408][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 186.319419][ C0] RBP: 0000000000000000 R08: ffff88803158da00 R09: 0000000000000003 [ 186.319431][ C0] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805d72a3c0 [ 186.319443][ C0] R13: dffffc0000000000 R14: ffff88805d72a8b0 R15: ffff88805beef024 [ 186.319460][ C0] ? __ieee80211_beacon_get+0x36/0x1600 [ 186.319488][ C0] ? __ieee80211_beacon_get+0x1233/0x1600 [ 186.319520][ C0] ? __ieee80211_beacon_get+0x1233/0x1600 [ 186.319548][ C0] ? __ieee80211_beacon_get+0x36/0x1600 [ 186.319582][ C0] ieee80211_beacon_get_tim+0xb8/0x560 [ 186.319613][ C0] ? ieee80211_beacon_get_template_ema_list+0x90/0x90 [ 186.319651][ C0] mac80211_hwsim_beacon_tx+0x3c7/0x780 [ 186.319687][ C0] __iterate_interfaces+0x243/0x500 [ 186.319708][ C0] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 186.319730][ C0] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 186.319754][ C0] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 186.319776][ C0] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 186.319802][ C0] mac80211_hwsim_beacon+0xbb/0x1b0 [ 186.319824][ C0] __hrtimer_run_queues+0x51e/0xc40 [ 186.319851][ C0] ? hw_scan_work+0xf40/0xf40 [ 186.319878][ C0] ? hrtimer_interrupt+0x9c0/0x9c0 [ 186.319897][ C0] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 186.319925][ C0] hrtimer_run_softirq+0x187/0x2b0 [ 186.319949][ C0] handle_softirqs+0x280/0x820 [ 186.319971][ C0] ? __irq_exit_rcu+0xc7/0x190 [ 186.319993][ C0] ? do_softirq+0x180/0x180 [ 186.320015][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 186.320040][ C0] __irq_exit_rcu+0xc7/0x190 [ 186.320057][ C0] ? irq_exit_rcu+0x20/0x20 [ 186.320082][ C0] irq_exit_rcu+0x9/0x20 [ 186.320098][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 186.320123][ C0] [ 186.320128][ C0] [ 186.320135][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 186.320153][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xa9/0x110 [ 186.320181][ C0] Code: 74 05 e8 ca 51 14 f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 42 ca e3 f6 65 8b 05 b3 18 8c 75 85 c0 74 3c 48 c7 04 24 0e 36 [ 186.320196][ C0] RSP: 0018:ffffc9000c177de0 EFLAGS: 00000206 [ 186.320211][ C0] RAX: a9e86d5bf8f1ee00 RBX: 0000000000000a02 RCX: a9e86d5bf8f1ee00 [ 186.320224][ C0] RDX: dffffc0000000000 RSI: ffffffff8aaaba20 RDI: 0000000000000001 [ 186.320236][ C0] RBP: ffffc9000c177e78 R08: ffffffff8e4a8f2f R09: 1ffffffff1c951e5 [ 186.320250][ C0] R10: dffffc0000000000 R11: fffffbfff1c951e6 R12: dffffc0000000000 [ 186.320264][ C0] R13: ffff88803158da00 R14: ffff88802ef4af08 R15: 1ffff9200182efbc [ 186.320293][ C0] ? _raw_spin_unlock+0x40/0x40 [ 186.320319][ C0] ? __fget_files+0x28/0x4d0 [ 186.320348][ C0] kcov_ioctl+0x1f9/0x630 [ 186.320370][ C0] ? bpf_lsm_file_ioctl+0x9/0x10 [ 186.320387][ C0] ? security_file_ioctl+0x80/0xa0 [ 186.320410][ C0] ? kcov_remote_reset+0xc0/0xc0 [ 186.320432][ C0] __se_sys_ioctl+0xfd/0x170 [ 186.320455][ C0] do_syscall_64+0x55/0xb0 [ 186.320475][ C0] ? clear_bhb_loop+0x40/0x90 [ 186.320491][ C0] ? clear_bhb_loop+0x40/0x90 [ 186.320510][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 186.320536][ C0] RIP: 0033:0x7f5b4eb8e7eb [ 186.320550][ C0] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 186.320565][ C0] RSP: 002b:00007f5b4cdd5050 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 186.320582][ C0] RAX: ffffffffffffffda RBX: 00007f5b4edc6128 RCX: 00007f5b4eb8e7eb [ 186.320595][ C0] RDX: 0000000000000000 RSI: 0000000000006364 RDI: 00000000000000d9 [ 186.320607][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007ffcecb4ed27 [ 186.320617][ C0] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 186.320629][ C0] R13: 00007f5b4edc6128 R14: 00007ffcecb4ec40 R15: 00007ffcecb4ed28 [ 186.320656][ C0] [ 186.327245][ C0] Kernel Offset: disabled