last executing test programs: 4.46959056s ago: executing program 0 (id=921): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300) setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000000)=0x40, 0x4) recvmmsg(r0, &(0x7f00000003c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=""/254, 0xfe}, 0x8}], 0x1, 0x40002000, 0x0) 4.375764415s ago: executing program 3 (id=923): sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x10}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001300)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {}, {0xa}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x2}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) 4.188758264s ago: executing program 2 (id=924): socket$packet(0x11, 0x3, 0x300) socket$netlink(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) io_uring_setup(0x5861, &(0x7f00000001c0)={0x0, 0x7e97, 0x80, 0x0, 0x10200000}) socket$inet6_tcp(0xa, 0x1, 0x0) fsopen(&(0x7f0000000180)='proc\x00', 0x1) userfaultfd(0x80001) socket$inet_sctp(0x2, 0x5, 0x84) socket$inet(0x2, 0x3, 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) socket$netlink(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x200000000000003, &(0x7f00000000c0), 0x111, 0x6}}, 0x20) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000940), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x2, 0x4}}, 0x20) socket$inet_sctp(0x2, 0x5, 0x84) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000002c0), 0x101002, 0x0) ppoll(&(0x7f0000000300)=[{r1, 0x210}], 0x1, 0x0, 0x0, 0x0) writev(r0, 0x0, 0x0) 3.999922593s ago: executing program 3 (id=925): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x0, 0x0}) socketpair$unix(0x1, 0x2, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r2, 0x0, 0x0) ioctl$sock_bt_hci(r0, 0x400448ca, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, 0x0, 0x0) bind$bt_hci(r3, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6) write(r3, &(0x7f0000000040)="05000000010000", 0x7) 3.397277142s ago: executing program 3 (id=926): sendto$inet6(0xffffffffffffffff, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca", 0x12, 0x840, 0x0, 0x0) r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x79, 0x1844, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xe8, 0xb, "", [{{0x9, 0x4, 0x0, 0xfd, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x7ffd, 0x0, 0x1, {0x22, 0x1e3}}, {{{0x9, 0x5, 0x81, 0x3, 0x38d707d343173699, 0x5, 0xa, 0x6e}}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x371, {0x9}}}, &(0x7f0000000080)={0xffffffffffffffeb, 0x0, 0x0, 0x0, 0x0, 0x0}) 3.396536072s ago: executing program 1 (id=927): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x101001, 0x200) write$tun(r3, &(0x7f0000000000)={@val={0x0, 0x886c}, @void, @eth={@random="000000f400", @empty, @val={@void, {0x8100, 0x0, 0x1, 0x2}}, {@llc_tr={0x11, {@llc={0xaa, 0xe, "d8"}}}}}}, 0x19) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'veth1_to_bridge\x00'}) gettid() mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_int(r4, 0x0, 0x2, 0x0) write$cgroup_int(r5, &(0x7f0000000380)=0xfffffffffffffffc, 0x12) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r6, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000000)={0x44, r7, 0x1, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0x18, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x23, 0x1, 0x7}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x44}}, 0x10004000) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r8) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x1c, r9, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x4000054) r10 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r10, 0x8982, &(0x7f0000000080)={0x7, 'syz_tun\x00', {0x7fff}, 0x2}) remap_file_pages(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2800000, 0x2, 0x0) 3.24118433s ago: executing program 0 (id=928): r0 = socket(0x10, 0x80002, 0x0) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18}]}, {0x4}, {0xc}, {0xfffffffffffffd7f, 0x8, {0x1}}}}]}]}, 0x70}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) lseek(0xffffffffffffffff, 0x6, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301) ioctl$USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, &(0x7f0000000200)={0x0, 0x2, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34371113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"}) ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000380)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x13ff, 0x0, &(0x7f0000000340)='\x00', 0x1, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0x0}) close_range(r3, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xb, 0x9, 0x0, 0x1, 0x20000000}, {0x66, 0x0, 0x0, 0x2000000}}, [@printk={@lld, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0x5, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x7, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r5, 0x107, 0x12, 0x0, 0x0) 2.584016283s ago: executing program 2 (id=929): socket$inet_udplite(0x2, 0x2, 0x88) socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$kcm(0x10, 0x2, 0x0) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1f00000000000000000000000010"], 0x48) syz_io_uring_setup(0xed1, &(0x7f0000000400)={0x0, 0x586d, 0x10300, 0xfffffffe, 0x103}, 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x149040, 0x2) syz_open_procfs(0x0, &(0x7f0000000200)='uid_map\x00') openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace', 0x0, 0x0) socket$kcm(0xa, 0x2, 0x0) socket$inet6(0xa, 0x2, 0x0) socket$tipc(0x1e, 0x5, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f00000012c0)=ANY=[@ANYRES8=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r0, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x541c, &(0x7f0000000000)) 2.448643899s ago: executing program 1 (id=930): syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) syz_init_net_socket$llc(0x1a, 0x3, 0x0) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4) setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, 0x0, 0x0) connect$inet6(r2, &(0x7f0000000240)={0xa, 0x4e23, 0x27bf, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xa}}, 0x3}, 0x1c) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000009cc0), 0x101082, 0x0) ioctl$IOCTL_CONFIG_SYS_RESOURCE_PARAMETERS(r3, 0x40096100, 0x0) 2.447690779s ago: executing program 3 (id=931): syz_usb_connect$midi(0x2, 0x0, 0x0, &(0x7f0000000480)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x201, 0x7, 0x3, 0x7, 0x20, 0x7}, 0x5, &(0x7f0000000180)={0x5, 0xf, 0x5}, 0x1, [{0x0, 0x0}]}) socket$packet(0x11, 0x3, 0x300) r0 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$lan78xx(0xffffffffffffffff, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) r3 = socket(0x1, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x1d) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100340200000c0002001f0000001e00000008000500", @ANYRES32=r4], 0x50}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket(0x1, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r5}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) 2.317247116s ago: executing program 2 (id=932): socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x101001, 0x200) write$tun(r3, &(0x7f0000000000)={@val={0x0, 0x886c}, @void, @eth={@random="000000f400", @empty, @val={@void, {0x8100, 0x0, 0x1, 0x2}}, {@llc_tr={0x11, {@llc={0xaa, 0xe, "d8"}}}}}}, 0x19) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'veth1_to_bridge\x00'}) gettid() mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r4 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000100)='cpuacct.usage\x00', 0x2, 0x0) write$cgroup_int(r5, &(0x7f0000000380)=0xfffffffffffffffc, 0x12) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r6, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000000)={0x44, r7, 0x1, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0x18, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x23, 0x1, 0x7}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x44}}, 0x10004000) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r8) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x1c, r9, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x4000054) r10 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r10, 0x8982, &(0x7f0000000080)={0x7, 'syz_tun\x00', {0x7fff}, 0x2}) remap_file_pages(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2800000, 0x2, 0x0) 2.307786087s ago: executing program 0 (id=933): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000005700), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x121900, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000000)="89e7ee3c6ccad9b4b47380c988ca", 0xe}, {&(0x7f0000000300)="c332694853941d23c37b87b73df9c3213b9e1252e5a1c3ac", 0x18}, {&(0x7f0000000440)="f7d0a45948764e74698fcd2799", 0xd}], 0x3) 1.348196344s ago: executing program 2 (id=934): sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0xfffffff8, 0x85, &(0x7f0000000000)={0x4b5a9da54893e123, 0x1, 0x8, 0x2}, 0x8, 0x20400000, 0xc, 0x0, 0x0, 0x20000, 0x0}) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.289076677s ago: executing program 1 (id=935): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x0, 0x0}) socketpair$unix(0x1, 0x2, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r2, 0x0, 0x0) ioctl$sock_bt_hci(r0, 0x400448ca, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, 0x0, 0x0) bind$bt_hci(r3, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6) write(r3, &(0x7f0000000040)="05000000010000", 0x7) 1.232705079s ago: executing program 0 (id=936): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = socket$inet6(0xa, 0x80002, 0x0) sendto$inet6(r3, 0x0, 0x0, 0x200c8084, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @local}, 0x1c) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x1}, 0x28) r5 = bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f0000004440)=@base={0x14, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r4, 0x2, 0x1}, 0x50) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000e80)={r5, &(0x7f0000000c80), 0x0}, 0x20) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xd) ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, 0x0) ioctl$SNDCTL_DSP_GETOPTR(0xffffffffffffffff, 0x5008, 0x0) ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) 1.209077211s ago: executing program 1 (id=937): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'erspan0\x00'}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r1, 0x0, 0x25, &(0x7f0000000000)={@loopback, @multicast1, @empty}, 0xc) pipe(&(0x7f0000000040)) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCBRDELBR(r2, 0x89a2, &(0x7f0000000200)='bridge0\x00') ioctl$sock_SIOCBRDELBR(r1, 0x89a3, &(0x7f0000000200)='bridge0\x00') 1.138511514s ago: executing program 2 (id=938): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x101001, 0x200) write$tun(r3, &(0x7f0000000000)={@val={0x0, 0x886c}, @void, @eth={@random="000000f400", @empty, @val={@void, {0x8100, 0x0, 0x1, 0x2}}, {@llc_tr={0x11, {@llc={0xaa, 0xe, "d8"}}}}}}, 0x19) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'veth1_to_bridge\x00'}) gettid() mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000100)='cpuacct.usage\x00', 0x2, 0x0) write$cgroup_int(r5, 0x0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r6, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000000)={0x44, r7, 0x1, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0x18, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x23, 0x1, 0x7}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x44}}, 0x10004000) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r8) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x1c, r9, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x4000054) r10 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r10, 0x8982, &(0x7f0000000080)={0x7, 'syz_tun\x00', {0x7fff}, 0x2}) remap_file_pages(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2800000, 0x2, 0x0) 1.00479439s ago: executing program 1 (id=939): syz_usb_connect(0x2, 0x3d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) 196.45894ms ago: executing program 0 (id=940): syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000080)='./file1\x00', 0x84, &(0x7f0000000000)=ANY=[], 0x8b, 0x2d5, &(0x7f0000025dc0)="$eJzs3c9OE10Yx/HfmSlteeHFUTAmxoVBia4M4Ma4aWKI1+BGI9KaEBqIiImysXFtvAD3bLwAL8KVMXGNK1deALsxZ3pKz7QzbYHQAfl+ktrO9Px5zsy0c56RZgTgwnq0sr93/7d9GClUKOmhFNi3bqok6aquVd9s7qzvNBv1QQ2FUlXJw0hJTdNXZm2zkVXV1ktqOJFdKmnaX4fTEcdx/KvoIFCkqnsOs94MpIr7dIZ+4bOs0rM80bPcCqXWGOM5i8yBDvRWM0XHAQAolmmf3wN3np928/cgkBbcad8////8v+B4T+aODooOoWDe+T/JsmJj9++l5K1uvmc06cp3ssSj9mPnYmW1j6zUBNOks8r+ZDGJJZh8ud5s3FvbatYDfVAtYfy8cE5STXWXs2ZF29/0fMa6tLK/sD+sdK6pZAwTdgzL3fhrNa/IbFanx93aozDfzHfzzET6rPrh/K8UG3/Mbk89nujGv5jX3Narp/Y5apfKGeVluxtK19MbduAow7yMRG5LxaHSFwiidJzlzFpl9dRqj24pryfXzmxmreUhteZsrS9ere7RnF/ztJlP5omZ1x991Yo3/w/s1l5Q/yczu5GkpDsyBo6nlJSM/FWtG5klg6OPBUfU3cYf9UIPNPP63e7GarPZ2B73CxvD2Du9mC8i9a7pHARnJcLjvbDfsf4aRY3t0nh6L59401XdTrGTmf4yld2N1YpfuD3Szgmxt8HOx3qE3jsX8IZGOMZvJRSmu9Pzy7wX/xPzD7NfHqad/3n5ymKS9Nh/ogHz9HjYtM1rcSkjN+heqv/Pa8m46/P5GdBUZgbX0mg5V1L31l3ptrdyf68yKOeKdEWH2fD5Z1b0Q8+5/g8AAAAAAAAAAAAAAAAAAHDejOPXGl53/B05AAAAAAAAAAAAAAAAAAAAAADHkH//36pO8f6/qd8BjHz/394bewI4kb8BAAD//+jIZ98=") syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0\x00', 0x2a0000a, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 160.259382ms ago: executing program 3 (id=941): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000c40), r0) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x14, r1, 0x1, 0xfffffffe, 0x0, {0x6, 0x0, 0x900}}, 0x14}, 0x2, 0x34005}, 0x0) 159.622082ms ago: executing program 2 (id=942): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = socket$netlink(0x10, 0x3, 0x4) r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setlease(r1, 0x400, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 93.246475ms ago: executing program 1 (id=943): socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x101001, 0x200) write$tun(r3, &(0x7f0000000000)={@val={0x0, 0x886c}, @void, @eth={@random="000000f400", @empty, @val={@void, {0x8100, 0x0, 0x1, 0x2}}, {@llc_tr={0x11, {@llc={0xaa, 0xe, "d8"}}}}}}, 0x19) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'veth1_to_bridge\x00'}) gettid() mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_int(r4, 0x0, 0x2, 0x0) write$cgroup_int(r5, &(0x7f0000000380)=0xfffffffffffffffc, 0x12) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r6, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000000)={0x44, r7, 0x1, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0x18, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x23, 0x1, 0x7}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x44}}, 0x10004000) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r8) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x1c, r9, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x4000054) r10 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r10, 0x8982, &(0x7f0000000080)={0x7, 'syz_tun\x00', {0x7fff}, 0x2}) remap_file_pages(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2800000, 0x2, 0x0) 53.181777ms ago: executing program 3 (id=944): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000005700), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x121900, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000000)="89e7ee3c6ccad9b4b47380c988ca", 0xe}, {&(0x7f0000000300)="c332694853941d23c37b87b73df9c3213b9e1252e5a1c3ac", 0x18}, {&(0x7f0000000440)="f7d0a45948764e74698fcd2799", 0xd}], 0x3) 0s ago: executing program 0 (id=945): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x0, 0x0}) socketpair$unix(0x1, 0x2, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r2, 0x0, 0x0) ioctl$sock_bt_hci(r0, 0x400448ca, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, 0x0, 0x0) bind$bt_hci(r3, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6) write(r3, &(0x7f0000000040)="05000000010000", 0x7) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.42' (ED25519) to the list of known hosts. [ 368.845541][ T5807] cgroup: Unknown subsys name 'net' [ 368.964204][ T5807] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 370.398737][ T5807] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 371.818394][ T5821] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 371.827002][ T5821] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 371.837832][ T5821] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 371.850511][ T5821] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 371.869136][ T5824] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 371.877316][ T5824] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 371.908498][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 371.919340][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 371.919417][ T5825] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 371.935091][ T5825] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 371.935146][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 371.947757][ T5825] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 371.951002][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 371.964617][ T5830] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 371.968047][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 371.973176][ T5830] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 371.979660][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 371.986988][ T5830] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 372.003590][ T5830] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 372.005740][ T5831] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 372.011991][ T5830] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 372.026928][ T5831] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 372.035965][ T5831] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 372.045074][ T5830] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 372.443836][ T5819] chnl_net:caif_netlink_parms(): no params data found [ 372.528631][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 372.586108][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 372.606895][ T5822] chnl_net:caif_netlink_parms(): no params data found [ 372.683290][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state [ 372.691057][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state [ 372.698971][ T5819] bridge_slave_0: entered allmulticast mode [ 372.705786][ T5819] bridge_slave_0: entered promiscuous mode [ 372.747869][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state [ 372.755118][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state [ 372.762699][ T5819] bridge_slave_1: entered allmulticast mode [ 372.770084][ T5819] bridge_slave_1: entered promiscuous mode [ 372.784807][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 372.792364][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 372.799666][ T5826] bridge_slave_0: entered allmulticast mode [ 372.806361][ T5826] bridge_slave_0: entered promiscuous mode [ 372.853950][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 372.863440][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 372.870671][ T5826] bridge_slave_1: entered allmulticast mode [ 372.877523][ T5826] bridge_slave_1: entered promiscuous mode [ 372.903686][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 372.911047][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 372.918327][ T5828] bridge_slave_0: entered allmulticast mode [ 372.925050][ T5828] bridge_slave_0: entered promiscuous mode [ 372.935024][ T5819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 372.964824][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 372.972840][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 372.980522][ T5828] bridge_slave_1: entered allmulticast mode [ 372.987352][ T5828] bridge_slave_1: entered promiscuous mode [ 372.996166][ T5819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 373.022675][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state [ 373.030532][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state [ 373.037979][ T5822] bridge_slave_0: entered allmulticast mode [ 373.044623][ T5822] bridge_slave_0: entered promiscuous mode [ 373.074531][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 373.085476][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state [ 373.093091][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state [ 373.100530][ T5822] bridge_slave_1: entered allmulticast mode [ 373.107646][ T5822] bridge_slave_1: entered promiscuous mode [ 373.125509][ T5819] team0: Port device team_slave_0 added [ 373.134787][ T5819] team0: Port device team_slave_1 added [ 373.142578][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 373.163437][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 373.212092][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 373.231898][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 373.241303][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 373.270117][ T5819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 373.284123][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 373.308525][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 373.320307][ T5826] team0: Port device team_slave_0 added [ 373.326779][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 373.335774][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 373.362095][ T5819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 373.403828][ T5826] team0: Port device team_slave_1 added [ 373.425835][ T5828] team0: Port device team_slave_0 added [ 373.436678][ T5822] team0: Port device team_slave_0 added [ 373.462085][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 373.469798][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 373.496630][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 373.510390][ T5828] team0: Port device team_slave_1 added [ 373.519524][ T5822] team0: Port device team_slave_1 added [ 373.533208][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 373.540406][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 373.566586][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 373.612369][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 373.619418][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 373.646391][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 373.683791][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 373.693305][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 373.719883][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 373.732088][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 373.742013][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 373.768697][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 373.784819][ T5819] hsr_slave_0: entered promiscuous mode [ 373.791954][ T5819] hsr_slave_1: entered promiscuous mode [ 373.817065][ T5826] hsr_slave_0: entered promiscuous mode [ 373.823349][ T5826] hsr_slave_1: entered promiscuous mode [ 373.830249][ T5826] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 373.838380][ T5826] Cannot create hsr debugfs directory [ 373.861099][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 373.868155][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 373.894518][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 373.970967][ T5822] hsr_slave_0: entered promiscuous mode [ 373.977710][ T5822] hsr_slave_1: entered promiscuous mode [ 373.984109][ T5822] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 373.991747][ T5822] Cannot create hsr debugfs directory [ 374.042898][ T5828] hsr_slave_0: entered promiscuous mode [ 374.048943][ T5830] Bluetooth: hci0: command tx timeout [ 374.055035][ T5828] hsr_slave_1: entered promiscuous mode [ 374.058215][ T5821] Bluetooth: hci3: command tx timeout [ 374.066434][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 374.066837][ T5830] Bluetooth: hci2: command tx timeout [ 374.074787][ T5828] Cannot create hsr debugfs directory [ 374.131940][ T5830] Bluetooth: hci1: command tx timeout [ 374.435357][ T5826] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 374.461430][ T5826] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 374.470949][ T5826] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 374.482061][ T5826] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 374.589389][ T5822] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 374.604958][ T5822] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 374.630768][ T5822] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 374.651281][ T5822] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 374.693001][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 374.715854][ T5828] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 374.741446][ T5828] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 374.753938][ T5828] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 374.775050][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 374.797862][ T5828] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 374.816634][ T1087] bridge0: port 1(bridge_slave_0) entered blocking state [ 374.823986][ T1087] bridge0: port 1(bridge_slave_0) entered forwarding state [ 374.859378][ T1087] bridge0: port 2(bridge_slave_1) entered blocking state [ 374.866766][ T1087] bridge0: port 2(bridge_slave_1) entered forwarding state [ 374.914814][ T5819] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 374.936278][ T5819] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 374.945785][ T5819] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 374.967811][ T5819] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 375.072855][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 375.111863][ T5822] 8021q: adding VLAN 0 to HW filter on device team0 [ 375.156434][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 375.172103][ T5857] bridge0: port 1(bridge_slave_0) entered blocking state [ 375.179387][ T5857] bridge0: port 1(bridge_slave_0) entered forwarding state [ 375.228104][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 375.236944][ T5857] bridge0: port 2(bridge_slave_1) entered blocking state [ 375.244160][ T5857] bridge0: port 2(bridge_slave_1) entered forwarding state [ 375.330522][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0 [ 375.343445][ T1087] bridge0: port 1(bridge_slave_0) entered blocking state [ 375.350614][ T1087] bridge0: port 1(bridge_slave_0) entered forwarding state [ 375.371275][ T1087] bridge0: port 2(bridge_slave_1) entered blocking state [ 375.378525][ T1087] bridge0: port 2(bridge_slave_1) entered forwarding state [ 375.396253][ T5822] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 375.407295][ T5822] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 375.440262][ T5819] 8021q: adding VLAN 0 to HW filter on device team0 [ 375.473052][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 375.480259][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 375.507055][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 375.542120][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 375.549360][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 375.693261][ T5826] veth0_vlan: entered promiscuous mode [ 375.755081][ T5826] veth1_vlan: entered promiscuous mode [ 375.803816][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 375.886068][ T5826] veth0_macvtap: entered promiscuous mode [ 375.920367][ T5826] veth1_macvtap: entered promiscuous mode [ 375.976325][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 376.003920][ T5822] veth0_vlan: entered promiscuous mode [ 376.015717][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 376.035259][ T5822] veth1_vlan: entered promiscuous mode [ 376.054347][ T5826] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 376.064590][ T5826] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 376.082639][ T5826] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 376.094656][ T5826] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 376.112538][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 376.129246][ T5830] Bluetooth: hci2: command tx timeout [ 376.134706][ T5830] Bluetooth: hci3: command tx timeout [ 376.137805][ T5821] Bluetooth: hci0: command tx timeout [ 376.217810][ T5821] Bluetooth: hci1: command tx timeout [ 376.225792][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 376.271474][ T5869] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 376.285497][ T5869] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 376.326212][ T5819] veth0_vlan: entered promiscuous mode [ 376.347104][ T5822] veth0_macvtap: entered promiscuous mode [ 376.372689][ T5869] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 376.374937][ T5819] veth1_vlan: entered promiscuous mode [ 376.386374][ T5869] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 376.406438][ T5822] veth1_macvtap: entered promiscuous mode [ 376.510640][ T5828] veth0_vlan: entered promiscuous mode [ 376.530419][ T5822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 376.558385][ T5822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 376.579149][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 376.592786][ T5828] veth1_vlan: entered promiscuous mode [ 376.603687][ T5819] veth0_macvtap: entered promiscuous mode [ 376.621902][ T5819] veth1_macvtap: entered promiscuous mode [ 376.631422][ T5822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 376.644317][ T5881] syz.3.4[5881]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 376.647575][ T5822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 376.669641][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 376.714544][ T5822] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 376.737528][ T5822] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 376.746362][ T5822] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 376.755150][ T5822] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 376.782021][ T5828] veth0_macvtap: entered promiscuous mode [ 376.794287][ T5819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 376.805995][ T5819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 376.830383][ T5819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 376.841646][ T5819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 376.855026][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 376.875508][ T5828] veth1_macvtap: entered promiscuous mode [ 376.912530][ T5819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 376.923731][ T5819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 376.937491][ T5819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 376.957570][ T5819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 376.969652][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 377.004951][ T5819] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.022069][ T5819] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.036851][ T5819] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.052428][ T5819] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.117423][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 377.148122][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.163586][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 377.187554][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.201341][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 377.212167][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.229262][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 377.278559][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 377.297938][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.317811][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 377.329252][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.339583][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 377.353351][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.365015][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 377.438810][ T5856] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 377.439261][ T5828] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.447049][ T5856] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 377.477606][ T5828] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.497522][ T5828] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.506322][ T5828] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.607808][ T5856] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 377.616906][ T5856] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 377.661483][ T5857] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 377.685568][ T5857] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 377.779928][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 377.816106][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 377.879274][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 377.897009][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 377.951088][ T5885] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 377.972466][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 378.002275][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 378.208543][ T5831] Bluetooth: hci2: command tx timeout [ 378.208700][ T5830] Bluetooth: hci0: command tx timeout [ 378.214127][ T5821] Bluetooth: hci3: command tx timeout [ 378.293139][ T5821] Bluetooth: hci1: command tx timeout [ 378.943718][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.950476][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.289853][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 379.612908][ T5925] loop2: detected capacity change from 0 to 164 [ 379.663824][ T5925] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 379.743747][ T5925] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 379.773680][ T5925] Symlink component flag not implemented [ 379.787056][ T5925] Symlink component flag not implemented [ 380.287652][ T5821] Bluetooth: hci0: command tx timeout [ 380.298576][ T5821] Bluetooth: hci3: command tx timeout [ 380.298585][ T5830] Bluetooth: hci2: command tx timeout [ 380.927975][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 381.033295][ T5821] Bluetooth: hci1: command tx timeout [ 381.627900][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 381.888569][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 382.137515][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 382.138014][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 382.721461][ T5960] netlink: 8 bytes leftover after parsing attributes in process `syz.0.24'. [ 382.730946][ T5879] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 382.931728][ T5879] usb 2-1: Using ep0 maxpacket: 32 [ 382.949588][ T5879] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 382.970581][ T5879] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 382.991916][ T5879] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 383.007668][ T5879] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 383.043576][ T5879] usb 2-1: config 0 descriptor?? [ 383.195820][ T5975] fuse: Bad value for 'fd' [ 383.949365][ T28] audit: type=1326 audit(1773817119.588:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5985 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9de8f3db19 code=0x7ffc0000 [ 383.997174][ T5994] capability: warning: `syz.3.43' uses deprecated v2 capabilities in a way that may be insecure [ 384.008254][ T28] audit: type=1326 audit(1773817119.598:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5985 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9de8f3db19 code=0x7ffc0000 [ 384.008395][ T28] audit: type=1326 audit(1773817119.598:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5985 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9de8f3db19 code=0x7ffc0000 [ 384.008552][ T28] audit: type=1326 audit(1773817119.598:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5985 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9de8f3db19 code=0x7ffc0000 [ 384.008712][ T28] audit: type=1326 audit(1773817119.598:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5985 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9de8f3db19 code=0x7ffc0000 [ 384.008868][ T28] audit: type=1326 audit(1773817119.598:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5985 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9de8f3db19 code=0x7ffc0000 [ 384.009022][ T28] audit: type=1326 audit(1773817119.598:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5985 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9de8f3db19 code=0x7ffc0000 [ 384.009191][ T28] audit: type=1326 audit(1773817119.598:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5985 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9de8f3db19 code=0x7ffc0000 [ 384.009343][ T28] audit: type=1326 audit(1773817119.598:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5985 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9de8f3db19 code=0x7ffc0000 [ 384.009501][ T28] audit: type=1326 audit(1773817119.598:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5985 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9de8f3db19 code=0x7ffc0000 [ 385.037951][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 385.080319][ T6004] fuse: Bad value for 'fd' [ 385.517791][ T1198] usb 2-1: USB disconnect, device number 2 [ 386.046457][ T6009] loop2: detected capacity change from 0 to 32768 [ 386.160816][ T6009] XFS (loop2): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 386.239942][ T6009] XFS (loop2): Ending clean mount [ 386.463206][ T5828] XFS (loop2): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 387.379485][ T6040] fuse: Bad value for 'fd' [ 387.737605][ T23] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 387.947805][ T23] usb 3-1: Using ep0 maxpacket: 32 [ 387.968328][ T23] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 387.994010][ T23] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 388.024177][ T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 388.066870][ T23] usb 3-1: config 0 descriptor?? [ 388.834786][ T6061] bridge0: port 2(bridge_slave_1) entered disabled state [ 388.843857][ T6061] bridge0: port 1(bridge_slave_0) entered disabled state [ 389.045177][ T6068] fuse: Invalid rootmode [ 389.661434][ T6073] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 389.844666][ T6061] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 389.991156][ T6061] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 390.511980][ T27] usb 3-1: USB disconnect, device number 2 [ 390.863808][ T6061] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.887200][ T6061] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.910507][ T6061] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.939564][ T6061] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.090336][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 391.292805][ T6061] syz.0.66 (6061) used greatest stack depth: 19944 bytes left [ 391.405795][ T6089] Driver unsupported XDP return value 0 on prog (id 4) dev N/A, expect packet loss! [ 391.478584][ T6092] raw_sendmsg: syz.3.74 forgot to set AF_INET. Fix it! [ 391.600482][ T6096] fuse: Invalid rootmode [ 392.648757][ T6125] fuse: Invalid rootmode [ 392.835440][ T6129] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 393.388861][ T6151] fuse: Bad value for 'rootmode' [ 393.769177][ T6158] loop2: detected capacity change from 0 to 8192 [ 394.001337][ T6154] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.009463][ T6154] bridge0: port 1(bridge_slave_0) entered disabled state [ 394.507352][ T6154] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 394.543221][ T6154] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 394.707977][ T6075] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 394.843303][ T6154] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.853408][ T6154] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.862982][ T6154] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.872171][ T6154] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.907532][ T6075] usb 3-1: Using ep0 maxpacket: 32 [ 394.925108][ T6075] usb 3-1: config 109 has an invalid interface number: 123 but max is 3 [ 394.934128][ T6075] usb 3-1: config 109 has an invalid descriptor of length 0, skipping remainder of the config [ 394.945246][ T6075] usb 3-1: config 109 has 1 interface, different from the descriptor's value: 4 [ 394.955007][ T6075] usb 3-1: config 109 has no interface number 0 [ 394.962311][ T6075] usb 3-1: config 109 interface 123 altsetting 8 endpoint 0xC has invalid wMaxPacketSize 0 [ 394.973284][ T6075] usb 3-1: config 109 interface 123 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 14 [ 394.986778][ T6075] usb 3-1: config 109 interface 123 has no altsetting 0 [ 394.997960][ T6075] usb 3-1: New USB device found, idVendor=257a, idProduct=1604, bcdDevice=85.c7 [ 395.007120][ T6075] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 395.023222][ T6075] usb 3-1: Product: syz [ 395.027549][ T6075] usb 3-1: Manufacturer: syz [ 395.032275][ T6075] usb 3-1: SerialNumber: syz [ 395.196127][ T6178] syz.3.112 uses obsolete (PF_INET,SOCK_PACKET) [ 395.254120][ T6075] option 3-1:109.123: GSM modem (1-port) converter detected [ 395.285321][ T6180] fuse: Bad value for 'rootmode' [ 395.298441][ T6075] usb 3-1: USB disconnect, device number 3 [ 396.215677][ T6075] option 3-1:109.123: device disconnected [ 398.109370][ T6207] fuse: Bad value for 'rootmode' [ 399.122307][ T6223] loop1: detected capacity change from 0 to 16 [ 399.362570][ T6234] fuse: Unknown parameter 'use00000000000000000000' [ 399.447541][ T6075] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 399.461664][ T6238] loop1: detected capacity change from 0 to 1024 [ 399.927627][ T6075] usb 4-1: Using ep0 maxpacket: 32 [ 399.940648][ T6075] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 399.966761][ T6075] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 399.989353][ T6075] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 399.998684][ T6075] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 400.007227][ T6075] usb 4-1: Product: syz [ 400.015043][ T6075] usb 4-1: Manufacturer: syz [ 400.041847][ T6075] hub 4-1:4.0: USB hub found [ 400.204147][ T6257] fuse: Unknown parameter 'use00000000000000000000' [ 400.268119][ T6225] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 400.287885][ T6225] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 400.551813][ T6259] bridge0: port 2(bridge_slave_1) entered disabled state [ 400.559708][ T6259] bridge0: port 1(bridge_slave_0) entered disabled state [ 400.956091][ T6259] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 400.989394][ T6259] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 401.387899][ T6259] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 401.402128][ T6259] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 401.411989][ T6259] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 401.421500][ T6259] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 401.523263][ T6265] netlink: 8 bytes leftover after parsing attributes in process `syz.1.147'. [ 401.534678][ T6075] hub 4-1:4.0: config failed, can't read hub descriptor (err -22) [ 401.600207][ T6075] usb 4-1: USB disconnect, device number 2 [ 402.228705][ T6284] fuse: Unknown parameter 'use00000000000000000000' [ 402.478771][ T6286] kvm: kvm [6283]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x100004c00 [ 402.511533][ T6286] kvm: kvm [6283]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x4870 [ 402.534530][ T6286] kvm: kvm [6283]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111 [ 402.562659][ T6286] kvm: kvm [6283]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x4850 [ 402.601086][ T6296] loop2: detected capacity change from 0 to 8 [ 402.651523][ T6296] squashfs image failed sanity check [ 402.708568][ T6298] loop3: detected capacity change from 0 to 512 [ 402.830277][ T6298] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 402.910439][ T6298] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 402.968396][ T6304] netlink: 8 bytes leftover after parsing attributes in process `syz.2.160'. [ 403.050346][ T6298] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1229: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 403.089352][ T6298] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 33 with error 28 [ 403.127708][ T6298] EXT4-fs (loop3): This should not happen!! Data will be lost [ 403.127708][ T6298] [ 403.151799][ T6298] EXT4-fs (loop3): Total free blocks count 0 [ 403.158197][ T6298] EXT4-fs (loop3): Free/Dirty block details [ 403.174467][ T6298] EXT4-fs (loop3): free_blocks=65280 [ 403.197684][ T6298] EXT4-fs (loop3): dirty_blocks=33 [ 403.202865][ T6298] EXT4-fs (loop3): Block reservation details [ 403.232287][ T6298] EXT4-fs (loop3): i_reserved_data_blocks=33 [ 403.416770][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 403.735870][ T6311] fuse: Unknown parameter 'user_i00000000000000000000' [ 404.067165][ T6320] loop2: detected capacity change from 0 to 256 [ 404.117622][ T6075] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 404.353552][ T6075] usb 4-1: Using ep0 maxpacket: 32 [ 404.373931][ T6075] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 404.397708][ T6075] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 404.431108][ T6075] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 404.451304][ T6075] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 404.475272][ T6075] usb 4-1: config 0 descriptor?? [ 404.493332][ T6075] hub 4-1:0.0: USB hub found [ 404.622027][ T6324] loop2: detected capacity change from 0 to 2048 [ 404.624976][ T6326] loop1: detected capacity change from 0 to 256 [ 404.644661][ T6326] ======================================================= [ 404.644661][ T6326] WARNING: The mand mount option has been deprecated and [ 404.644661][ T6326] and is ignored by this kernel. Remove the mand [ 404.644661][ T6326] option from the mount to silence this warning. [ 404.644661][ T6326] ======================================================= [ 404.702636][ T6075] hub 4-1:0.0: 1 port detected [ 404.708689][ T6326] exfat: Deprecated parameter 'utf8' [ 404.734811][ T6326] exfat: Deprecated parameter 'namecase' [ 404.764370][ T6326] exfat: Deprecated parameter 'namecase' [ 404.774202][ T6327] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 404.781122][ T6326] exfat: Deprecated parameter 'utf8' [ 404.870171][ T6326] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d) [ 404.922117][ T6324] NILFS error (device loop2): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 404.982161][ T6324] Remounting filesystem read-only [ 404.997595][ T6328] NILFS error (device loop2): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 405.058346][ T6324] NILFS error (device loop2): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 405.127687][ T6324] NILFS error (device loop2): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 405.178444][ T6324] NILFS error (device loop2): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 405.193032][ T6330] loop1: detected capacity change from 0 to 64 [ 405.279814][ T28] kauditd_printk_skb: 383 callbacks suppressed [ 405.279828][ T28] audit: type=1800 audit(1773817140.918:395): pid=6330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.171" name="file1" dev="loop1" ino=21 res=0 errno=0 [ 405.328358][ T6075] usb 4-1: USB disconnect, device number 3 [ 405.684661][ T6336] netlink: 12 bytes leftover after parsing attributes in process `syz.1.173'. [ 405.759793][ T6336] netlink: 12 bytes leftover after parsing attributes in process `syz.1.173'. [ 408.095791][ T6353] netlink: 8 bytes leftover after parsing attributes in process `syz.3.179'. [ 408.315815][ T6357] Bluetooth: MGMT ver 1.22 [ 408.686878][ T6367] netlink: 4 bytes leftover after parsing attributes in process `syz.3.186'. [ 408.710086][ T6367] syz_tun: entered promiscuous mode [ 408.715891][ T6367] macvtap1: entered promiscuous mode [ 408.726497][ T6367] macvtap1: entered allmulticast mode [ 408.732758][ T6367] syz_tun: entered allmulticast mode [ 408.857547][ T23] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 409.047580][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 409.087708][ T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!! [ 409.723188][ T23] usb 3-1: Using ep0 maxpacket: 16 [ 409.801147][ T23] usb 3-1: config 0 has no interfaces? [ 409.807124][ T23] usb 3-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 409.816717][ T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 409.874468][ T23] usb 3-1: config 0 descriptor?? [ 410.128543][ T6365] random: crng reseeded on system resumption [ 411.204434][ T6391] loop0: detected capacity change from 0 to 1024 [ 411.324879][ T23] usb 3-1: USB disconnect, device number 4 [ 411.466271][ T28] audit: type=1800 audit(1773817147.098:396): pid=6391 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.191" name="file2" dev="loop0" ino=20 res=0 errno=0 [ 411.528423][ T6391] hfsplus: request for non-existent node 33554434 in B*Tree [ 411.541777][ T6391] hfsplus: request for non-existent node 33554434 in B*Tree [ 411.786198][ T6403] fuse: Unknown parameter 'user_id00000000000000000000' [ 412.687197][ T6411] syzkaller1: entered promiscuous mode [ 412.841932][ T6411] syzkaller1: entered allmulticast mode [ 413.651670][ T6426] fuse: Unknown parameter 'user_id00000000000000000000' [ 413.859035][ T28] audit: type=1326 audit(1773817149.488:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6430 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1584b9c799 code=0x7ffc0000 [ 414.297195][ T28] audit: type=1326 audit(1773817149.488:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6430 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1584b9c799 code=0x7ffc0000 [ 414.320341][ T28] audit: type=1326 audit(1773817149.588:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6430 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1584b9c799 code=0x7ffc0000 [ 414.343295][ T28] audit: type=1326 audit(1773817149.588:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6430 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1584b9c799 code=0x7ffc0000 [ 414.425347][ T6436] bridge0: port 3(erspan0) entered blocking state [ 414.438129][ T28] audit: type=1326 audit(1773817149.608:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6430 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1584b9c799 code=0x7ffc0000 [ 414.477715][ T6436] bridge0: port 3(erspan0) entered disabled state [ 414.484538][ T6436] erspan0: entered allmulticast mode [ 414.508272][ T28] audit: type=1326 audit(1773817149.618:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6430 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1584b9c799 code=0x7ffc0000 [ 414.570588][ T6436] erspan0: entered promiscuous mode [ 414.576402][ T28] audit: type=1326 audit(1773817149.638:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6430 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1584b9c799 code=0x7ffc0000 [ 414.611741][ T6442] loop2: detected capacity change from 0 to 128 [ 414.617270][ T6436] bridge0: port 3(erspan0) entered blocking state [ 414.625108][ T6436] bridge0: port 3(erspan0) entered forwarding state [ 414.713815][ T28] audit: type=1326 audit(1773817149.638:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6430 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1584b9c799 code=0x7ffc0000 [ 414.950926][ T28] audit: type=1326 audit(1773817149.638:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6430 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1584b9c799 code=0x7ffc0000 [ 416.534792][ T6452] loop1: detected capacity change from 0 to 2048 [ 416.591754][ T6459] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 416.680273][ T6452] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 416.717274][ T6452] Remounting filesystem read-only [ 416.730229][ T6452] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 416.769430][ T6452] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 416.796989][ T6452] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 416.850024][ T6452] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 417.189330][ T6474] netlink: 4 bytes leftover after parsing attributes in process `syz.0.216'. [ 417.273573][ T6474] hsr_slave_1 (unregistering): left promiscuous mode [ 417.642938][ T6463] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 417.993608][ T6482] loop1: detected capacity change from 0 to 2048 [ 418.024914][ T6482] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 418.102516][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 418.102529][ T28] audit: type=1800 audit(1773817153.738:411): pid=6482 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.223" name="bus" dev="loop1" ino=1436 res=0 errno=0 [ 420.751056][ T27] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 421.340728][ T6508] capability: warning: `syz.2.227' uses 32-bit capabilities (legacy support in use) [ 421.349355][ T27] usb 1-1: Using ep0 maxpacket: 32 [ 421.363212][ T27] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 421.381900][ T27] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 421.392355][ T27] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 421.402902][ T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 421.414059][ T27] usb 1-1: config 0 descriptor?? [ 421.422271][ T27] hub 1-1:0.0: USB hub found [ 421.735599][ T27] hub 1-1:0.0: 1 port detected [ 423.819452][ T6075] usb 1-1: USB disconnect, device number 2 [ 424.722598][ T6533] netlink: 8 bytes leftover after parsing attributes in process `syz.3.232'. [ 425.258446][ T6533] mmap: syz.3.232 (6533) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 425.718227][ T6533] syz.3.232 (6533) used greatest stack depth: 17448 bytes left [ 427.367575][ T27] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 427.608058][ T27] usb 2-1: Using ep0 maxpacket: 32 [ 427.666963][ T27] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 427.740166][ T27] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 427.821200][ T27] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 427.914867][ T27] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 427.951148][ T27] usb 2-1: config 0 descriptor?? [ 427.979539][ T27] hub 2-1:0.0: USB hub found [ 429.718296][ T27] hub 2-1:0.0: 1 port detected [ 429.887096][ T6559] loop0: detected capacity change from 0 to 256 [ 429.939062][ T6001] Bluetooth: hci4: Frame reassembly failed (-84) [ 429.973002][ T6559] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x395e47cf, utbl_chksum : 0xe619d30d) [ 430.030707][ T6560] Zero length message leads to an empty skb [ 430.088375][ T6562] loop0: detected capacity change from 0 to 164 [ 430.254592][ T6564] loop0: detected capacity change from 0 to 2048 [ 430.282657][ T6564] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 430.315458][ T28] audit: type=1800 audit(1773817165.948:412): pid=6564 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.251" name="bus" dev="loop0" ino=1436 res=0 errno=0 [ 430.356268][ T5859] usb 2-1: USB disconnect, device number 3 [ 430.362821][ T27] hub 2-1:0.0: hub_ext_port_status failed (err = -71) [ 431.971093][ T5830] Bluetooth: hci4: command 0x1003 tx timeout [ 431.977927][ T5821] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 434.593505][ T6598] netlink: 12 bytes leftover after parsing attributes in process `syz.0.256'. [ 434.737802][ T6598] 8021q: adding VLAN 0 to HW filter on device bond1 [ 434.747292][ T6602] bond1: entered promiscuous mode [ 434.864408][ T6598] dummy0: entered promiscuous mode [ 434.871677][ T6598] bond1: (slave dummy0): Enslaving as an active interface with an up link [ 434.889597][ T6597] bond1: left promiscuous mode [ 434.895723][ T6597] dummy0: left promiscuous mode [ 435.018321][ T6071] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 435.507689][ T6071] usb 4-1: Using ep0 maxpacket: 32 [ 435.558353][ T6071] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 435.656872][ T6071] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 435.718166][ T6071] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 435.750393][ T6071] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 435.789239][ T6071] usb 4-1: config 0 descriptor?? [ 435.804706][ T6071] hub 4-1:0.0: USB hub found [ 435.840098][ T6615] tipc: Started in network mode [ 435.845640][ T6615] tipc: Node identity b2e6ec48531f, cluster identity 4711 [ 435.854165][ T6615] tipc: Enabled bearer , priority 0 [ 435.953576][ T6615] syzkaller0: entered promiscuous mode [ 435.959411][ T6615] syzkaller0: entered allmulticast mode [ 435.968293][ T6615] tipc: Resetting bearer [ 435.998588][ T6614] tipc: Resetting bearer [ 436.016293][ T6071] hub 4-1:0.0: 1 port detected [ 436.626118][ T6071] usb 4-1: USB disconnect, device number 4 [ 439.781244][ T6614] tipc: Disabling bearer [ 439.791448][ T5860] tipc: Node number set to 3791252552 [ 439.799539][ T6646] netlink: 8 bytes leftover after parsing attributes in process `syz.0.278'. [ 439.810638][ T6650] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12 [ 439.822763][ T6650] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12 [ 439.848751][ T6650] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 440.122869][ T6673] loop3: detected capacity change from 0 to 128 [ 440.334593][ T6677] netlink: 4 bytes leftover after parsing attributes in process `syz.2.286'. [ 440.374970][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.379105][ T6673] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 440.381683][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.411040][ T6673] ext4 filesystem being mounted at /75/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 440.504985][ T6677] hsr_slave_1 (unregistering): left promiscuous mode [ 440.540733][ T5826] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 441.478359][ T6692] bridge0: port 3(erspan0) entered disabled state [ 441.585696][ T6705] loop2: detected capacity change from 0 to 1024 [ 441.755601][ T28] audit: type=1800 audit(1773817177.388:413): pid=6705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.294" name="file2" dev="loop2" ino=20 res=0 errno=0 [ 441.924351][ T6705] hfsplus: request for non-existent node 33554434 in B*Tree [ 441.945098][ T6705] hfsplus: request for non-existent node 33554434 in B*Tree [ 442.094035][ T6692] bridge0: port 2(bridge_slave_1) entered disabled state [ 442.101769][ T6692] bridge0: port 1(bridge_slave_0) entered disabled state [ 442.486567][ T6692] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 442.520555][ T6692] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 442.577717][ T27] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 442.769221][ T27] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 442.784847][ T27] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 442.798492][ T27] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 442.807895][ T27] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 442.819178][ T27] usb 3-1: config 0 descriptor?? [ 442.830732][ T27] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 442.846960][ T6692] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.856131][ T6692] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.866153][ T6692] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.875599][ T6692] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.974640][ T6692] syz_tun: left allmulticast mode [ 442.996049][ T6707] netlink: 8 bytes leftover after parsing attributes in process `syz.0.293'. [ 443.255503][ T6737] netlink: 4 bytes leftover after parsing attributes in process `syz.1.300'. [ 443.325620][ T6737] hsr_slave_1 (unregistering): left promiscuous mode [ 443.997564][ T5879] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 444.232864][ T5879] usb 1-1: Using ep0 maxpacket: 32 [ 444.242371][ T6753] netlink: 8 bytes leftover after parsing attributes in process `syz.1.306'. [ 444.687521][ T5879] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 444.698498][ T5879] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 444.708419][ T5879] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 444.717631][ T5879] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 444.735265][ T5879] usb 1-1: config 0 descriptor?? [ 444.744827][ T5879] hub 1-1:0.0: USB hub found [ 444.756796][ T6751] loop3: detected capacity change from 0 to 32768 [ 444.952631][ T5879] hub 1-1:0.0: 1 port detected [ 445.342515][ T27] usb 3-1: USB disconnect, device number 5 [ 447.030455][ T5879] hub 1-1:0.0: activate --> -90 [ 447.031444][ T27] usb 1-1: USB disconnect, device number 3 [ 447.120385][ T5861] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 447.317705][ T5861] usb 2-1: Using ep0 maxpacket: 8 [ 447.341774][ T5861] usb 2-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d [ 447.353011][ T5861] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 447.376091][ T5861] usb 2-1: Product: syz [ 447.388189][ T5861] usb 2-1: Manufacturer: syz [ 447.399898][ T5861] usb 2-1: SerialNumber: syz [ 447.424639][ T5861] usb 2-1: config 0 descriptor?? [ 447.443184][ T5861] gspca_main: sonixj-2.14.0 probing 0c45:613a [ 449.827990][ T5861] gspca_sonixj: reg_r err -110 [ 449.832913][ T5861] sonixj: probe of 2-1:0.0 failed with error -110 [ 449.855571][ T23] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 449.917250][ T27] usb 2-1: USB disconnect, device number 4 [ 450.057567][ T23] usb 1-1: Using ep0 maxpacket: 16 [ 450.067991][ T23] usb 1-1: config 0 has no interfaces? [ 450.073896][ T23] usb 1-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 450.083886][ T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 450.138876][ T23] usb 1-1: config 0 descriptor?? [ 450.303635][ T6786] loop3: detected capacity change from 0 to 8 [ 450.318347][ T6786] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 450.353530][ T6774] random: crng reseeded on system resumption [ 450.796752][ T6797] netlink: 8 bytes leftover after parsing attributes in process `syz.2.317'. [ 450.864513][ T27] usb 1-1: USB disconnect, device number 4 [ 454.247575][ T5879] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 454.455464][ T5879] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 454.561896][ T5879] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 454.667834][ T5879] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 454.801085][ T5879] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 454.901349][ T5879] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 455.093127][ T5879] usb 2-1: config 0 descriptor?? [ 455.777533][ T27] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 456.980415][ T5879] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 457.030691][ T6845] loop3: detected capacity change from 0 to 128 [ 457.049089][ T27] usb 1-1: Using ep0 maxpacket: 16 [ 457.059504][ T27] usb 1-1: config 0 has no interfaces? [ 457.065233][ T6845] FAT-fs (loop3): Invalid FSINFO signature: 0x41000006, 0x61417272 (sector = 1) [ 457.075064][ T27] usb 1-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 457.092349][ T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 457.107665][ T5879] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 457.130801][ T27] usb 1-1: config 0 descriptor?? [ 457.363817][ T6835] random: crng reseeded on system resumption [ 457.603348][ T6852] fuse: Bad value for 'fd' [ 457.816890][ T23] usb 1-1: USB disconnect, device number 5 [ 458.648232][ T5879] usb 2-1: reset high-speed USB device number 5 using dummy_hcd [ 458.744375][ T1198] IPVS: starting estimator thread 0... [ 458.857756][ T6873] IPVS: using max 19 ests per chain, 45600 per kthread [ 459.424624][ T6883] netlink: 40 bytes leftover after parsing attributes in process `syz.3.349'. [ 459.454029][ T6883] nbd: must specify at least one socket [ 459.512575][ T8] usb 2-1: USB disconnect, device number 5 [ 460.505429][ T6907] loop1: detected capacity change from 0 to 1024 [ 460.634998][ T28] audit: type=1800 audit(1773817196.268:414): pid=6907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.359" name="file2" dev="loop1" ino=20 res=0 errno=0 [ 460.658397][ T23] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 460.896408][ T23] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 460.943895][ T23] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 460.979340][ T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 461.011872][ T23] usb 1-1: config 0 descriptor?? [ 461.046312][ T23] pwc: Askey VC010 type 2 USB webcam detected. [ 462.188599][ T23] pwc: recv_control_msg error -32 req 02 val 2b00 [ 462.217086][ T23] pwc: recv_control_msg error -32 req 02 val 2700 [ 462.235298][ T23] pwc: recv_control_msg error -32 req 02 val 2c00 [ 462.244536][ T23] pwc: recv_control_msg error -32 req 04 val 1000 [ 462.253343][ T23] pwc: recv_control_msg error -32 req 04 val 1300 [ 462.262212][ T23] pwc: recv_control_msg error -32 req 04 val 1400 [ 462.270813][ T23] pwc: recv_control_msg error -32 req 02 val 2000 [ 462.279736][ T23] pwc: recv_control_msg error -32 req 02 val 2100 [ 462.289123][ T23] pwc: recv_control_msg error -32 req 04 val 1500 [ 462.296620][ T23] pwc: recv_control_msg error -32 req 02 val 2500 [ 462.306274][ T23] pwc: recv_control_msg error -32 req 02 val 2400 [ 462.315351][ T23] pwc: recv_control_msg error -32 req 02 val 2600 [ 462.324166][ T23] pwc: recv_control_msg error -32 req 02 val 2900 [ 462.377553][ T6927] netlink: 4 bytes leftover after parsing attributes in process `syz.3.366'. [ 462.473771][ T6927] macvtap2: entered promiscuous mode [ 462.479676][ T6927] gretap0: entered promiscuous mode [ 462.486975][ T6927] macvtap2: entered allmulticast mode [ 462.502941][ T6927] gretap0: entered allmulticast mode [ 462.534506][ T23] pwc: recv_control_msg error -71 req 04 val 1100 [ 462.552451][ T23] pwc: recv_control_msg error -71 req 04 val 1200 [ 462.597140][ T23] pwc: Registered as video103. [ 462.616851][ T23] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input5 [ 462.715541][ T23] usb 1-1: USB disconnect, device number 6 [ 462.853030][ T5813] udevd[5813]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory [ 462.931372][ T6934] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000 [ 463.178979][ T6943] loop1: detected capacity change from 0 to 1024 [ 463.232695][ T28] audit: type=1800 audit(1773817198.868:415): pid=6943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.372" name="file2" dev="loop1" ino=20 res=0 errno=0 [ 463.653182][ T6956] netlink: 4 bytes leftover after parsing attributes in process `syz.3.377'. [ 463.662501][ T23] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 463.670732][ T6956] macvtap3: entered promiscuous mode [ 463.676340][ T6956] macvtap3: entered allmulticast mode [ 463.724472][ T6958] netlink: 16 bytes leftover after parsing attributes in process `syz.3.378'. [ 463.737812][ T8] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 463.857551][ T23] usb 1-1: Using ep0 maxpacket: 16 [ 463.917613][ T23] usb 1-1: unable to get BOS descriptor or descriptor too short [ 463.934605][ T8] usb 2-1: Using ep0 maxpacket: 8 [ 463.938134][ T23] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 463.947269][ T23] usb 1-1: can't read configurations, error -71 [ 463.953085][ T8] usb 2-1: config 127 has an invalid interface number: 171 but max is 1 [ 463.988229][ T8] usb 2-1: config 127 has no interface number 1 [ 464.007809][ T8] usb 2-1: config 127 interface 0 altsetting 10 has an invalid endpoint with address 0xC8, skipping [ 464.052207][ T8] usb 2-1: config 127 interface 171 has no altsetting 0 [ 464.073310][ T8] usb 2-1: config 127 interface 0 has no altsetting 0 [ 464.103236][ T8] usb 2-1: New USB device found, idVendor=04e2, idProduct=1414, bcdDevice=c5.b9 [ 464.125536][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 464.149973][ T6968] mkiss: ax0: crc mode is auto. [ 464.160999][ T8] usb 2-1: Product: syz [ 464.165307][ T8] usb 2-1: Manufacturer: syz [ 464.184152][ T8] usb 2-1: SerialNumber: syz [ 464.304303][ T6975] netlink: 4 bytes leftover after parsing attributes in process `syz.2.386'. [ 464.327260][ T6975] macvtap1: entered promiscuous mode [ 464.336030][ T6975] gretap0: entered promiscuous mode [ 464.343052][ T6975] macvtap1: entered allmulticast mode [ 464.351875][ T6975] gretap0: entered allmulticast mode [ 464.422781][ T8] xr_serial 2-1:127.171: xr_serial converter detected [ 464.447998][ T8] xr_serial ttyUSB0: Failed to set reg 0x1a: -71 [ 464.466753][ T8] xr_serial: probe of ttyUSB0 failed with error -71 [ 464.478113][ T28] audit: type=1326 audit(1773817200.108:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6979 comm="syz.2.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdd619c799 code=0x7ffc0000 [ 464.512764][ T28] audit: type=1326 audit(1773817200.118:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6979 comm="syz.2.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdd619c799 code=0x7ffc0000 [ 464.538404][ T8] usb 2-1: USB disconnect, device number 6 [ 464.558763][ T8] xr_serial 2-1:127.171: device disconnected [ 464.565529][ T28] audit: type=1326 audit(1773817200.118:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6979 comm="syz.2.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdd619c799 code=0x7ffc0000 [ 464.589645][ T6984] loop2: detected capacity change from 0 to 2048 [ 464.620386][ T28] audit: type=1326 audit(1773817200.118:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6979 comm="syz.2.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdd619c799 code=0x7ffc0000 [ 464.636230][ T6984] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 464.666319][ T28] audit: type=1326 audit(1773817200.118:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6979 comm="syz.2.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7fbdd619c799 code=0x7ffc0000 [ 464.705617][ T28] audit: type=1326 audit(1773817200.118:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6979 comm="syz.2.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdd619c799 code=0x7ffc0000 [ 464.732809][ T28] audit: type=1326 audit(1773817200.118:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6979 comm="syz.2.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fbdd619c799 code=0x7ffc0000 [ 464.787377][ T28] audit: type=1326 audit(1773817200.118:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6979 comm="syz.2.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fbdd619c799 code=0x7ffc0000 [ 464.895742][ T6988] loop2: detected capacity change from 0 to 1024 [ 465.244305][ T6997] netlink: 4 bytes leftover after parsing attributes in process `syz.3.396'. [ 465.346678][ T6993] loop1: detected capacity change from 0 to 32768 [ 465.359753][ T6993] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop1 scanned by syz.1.394 (6993) [ 465.409220][ T6993] BTRFS info (device loop1): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 465.420219][ T6993] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 465.430046][ T6993] BTRFS info (device loop1): using free space tree [ 465.486477][ T6993] BTRFS info (device loop1): enabling ssd optimizations [ 465.493833][ T6993] BTRFS info (device loop1): auto enabling async discard [ 465.680110][ T6993] BTRFS info (device loop1): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 466.133774][ T7028] loop0: detected capacity change from 0 to 1024 [ 466.142949][ T7030] tipc: Started in network mode [ 466.159536][ T7030] tipc: Node identity 1a8207a2087c, cluster identity 4711 [ 466.192764][ T7030] tipc: Enabled bearer , priority 0 [ 466.312221][ T7029] tipc: Disabling bearer [ 466.482636][ T7039] netlink: 4 bytes leftover after parsing attributes in process `syz.0.406'. [ 466.520290][ T7039] macvtap1: entered promiscuous mode [ 466.525640][ T7039] erspan0: entered promiscuous mode [ 466.562835][ T7039] macvtap1: entered allmulticast mode [ 466.577601][ T7039] erspan0: entered allmulticast mode [ 466.783961][ T7053] loop0: detected capacity change from 0 to 2048 [ 466.802355][ T7053] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 466.825016][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 466.825028][ T28] audit: type=1800 audit(1773817202.458:425): pid=7053 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.411" name="bus" dev="loop0" ino=1436 res=0 errno=0 [ 467.027576][ T5879] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 467.041399][ T7062] tipc: Enabling of bearer rejected, failed to enable media [ 467.164299][ T7066] mkiss: ax0: crc mode is auto. [ 467.207534][ T5879] usb 2-1: Using ep0 maxpacket: 32 [ 467.215376][ T5879] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 467.226145][ T5879] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 467.242753][ T5879] usb 2-1: config 0 descriptor?? [ 467.296289][ T7070] netlink: 4 bytes leftover after parsing attributes in process `syz.3.420'. [ 467.487634][ T5879] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 467.524953][ T5879] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 467.551740][ T5879] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 467.568009][ T5879] usb 2-1: media controller created [ 467.580113][ T7079] loop2: detected capacity change from 0 to 1024 [ 467.602224][ T28] audit: type=1800 audit(1773817203.238:426): pid=7079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.424" name="file2" dev="loop2" ino=22 res=0 errno=0 [ 467.627306][ T5879] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 467.650331][ T7082] tipc: Enabling of bearer rejected, failed to enable media [ 469.475926][ T7091] loop0: detected capacity change from 0 to 40427 [ 469.513263][ T7091] F2FS-fs (loop0): invalid crc value [ 469.531566][ T7091] F2FS-fs (loop0): Found nat_bits in checkpoint [ 469.587783][ T7091] F2FS-fs (loop0): Start checkpoint disabled! [ 469.629619][ T7091] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 469.659180][ T7095] netlink: 4 bytes leftover after parsing attributes in process `syz.2.430'. [ 469.762942][ T5879] stb0899_attach: Driver disabled by Kconfig [ 469.769059][ T5879] az6027: no front-end attached [ 469.769059][ T5879] [ 469.780335][ T7095] macvtap2: entered promiscuous mode [ 469.785697][ T7095] erspan0: entered promiscuous mode [ 469.795463][ T5879] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 469.806472][ T5879] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input6 [ 469.827991][ T7095] macvtap2: entered allmulticast mode [ 469.833422][ T7095] erspan0: entered allmulticast mode [ 469.853777][ T5879] dvb-usb: schedule remote query interval to 400 msecs. [ 469.874257][ T5879] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 470.011584][ T59] kworker/u4:4: attempt to access beyond end of device [ 470.011584][ T59] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 470.034200][ T23] usb 2-1: USB disconnect, device number 7 [ 470.041209][ T59] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 470.106827][ T23] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 470.741161][ T7107] loop0: detected capacity change from 0 to 32768 [ 471.609466][ T7107] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.434 (7107) [ 471.630937][ T7107] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 471.641403][ T7107] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 471.650150][ T7107] BTRFS info (device loop0): using free space tree [ 471.705972][ T7123] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 471.761891][ T7107] BTRFS info (device loop0): enabling ssd optimizations [ 471.769065][ T7107] BTRFS info (device loop0): auto enabling async discard [ 472.026399][ T5822] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 473.952008][ T7158] loop1: detected capacity change from 0 to 1024 [ 473.985552][ T28] audit: type=1800 audit(1773817209.618:427): pid=7158 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.446" name="file2" dev="loop1" ino=22 res=0 errno=0 [ 474.105471][ T7162] bridge0: entered allmulticast mode [ 474.160752][ T7165] loop1: detected capacity change from 0 to 512 [ 474.176369][ T7165] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 474.185100][ T7165] System zones: 1-12 [ 474.191734][ T7165] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.449: corrupted in-inode xattr: e_value size too large [ 474.212724][ T7165] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.449: couldn't read orphan inode 15 (err -117) [ 474.226347][ T7165] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 474.264433][ T5819] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 474.637625][ T8] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 474.817523][ T8] usb 2-1: Using ep0 maxpacket: 32 [ 474.823964][ T7132] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 474.834289][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 474.849609][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 474.860655][ T8] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 474.873169][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 474.908686][ T8] usb 2-1: config 0 descriptor?? [ 474.922626][ T8] hub 2-1:0.0: USB hub found [ 475.037207][ T7173] loop0: detected capacity change from 0 to 2048 [ 475.081231][ T7173] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 475.152419][ T8] hub 2-1:0.0: 1 port detected [ 475.230287][ T7176] loop2: detected capacity change from 0 to 32768 [ 475.398938][ T7176] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.453 (7176) [ 475.416432][ T7176] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 475.426718][ T7176] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 475.435410][ T7176] BTRFS info (device loop2): using free space tree [ 475.499070][ T28] audit: type=1800 audit(1773817211.138:428): pid=7173 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.452" name="bus" dev="loop0" ino=1436 res=0 errno=0 [ 475.623833][ T7176] BTRFS info (device loop2): enabling ssd optimizations [ 475.631184][ T7176] BTRFS info (device loop2): auto enabling async discard [ 475.777843][ T5828] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 475.862932][ T8] hub 2-1:0.0: activate --> -90 [ 476.065615][ T5879] usb 2-1: USB disconnect, device number 8 [ 476.566399][ T7212] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 477.018736][ T7212] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 477.117812][ T28] audit: type=1326 audit(1773817212.738:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7209 comm="syz.0.461" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9de8f9c799 code=0x0 [ 478.797920][ T7224] loop0: detected capacity change from 0 to 1024 [ 478.940118][ T28] audit: type=1800 audit(1773817214.578:430): pid=7224 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.466" name="file2" dev="loop0" ino=20 res=0 errno=0 [ 480.304678][ T7243] loop2: detected capacity change from 0 to 32768 [ 480.313334][ T7243] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.465 (7243) [ 480.332441][ T7243] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 480.342802][ T7243] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 480.351522][ T7243] BTRFS info (device loop2): using free space tree [ 480.383081][ T7243] BTRFS info (device loop2): enabling ssd optimizations [ 480.390373][ T7243] BTRFS info (device loop2): auto enabling async discard [ 480.440488][ T5828] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 480.714197][ T7263] netlink: 8 bytes leftover after parsing attributes in process `syz.3.474'. [ 482.063773][ T7265] loop0: detected capacity change from 0 to 2048 [ 482.155612][ T7265] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 482.354999][ T7274] netlink: 4 bytes leftover after parsing attributes in process `syz.3.476'. [ 483.089562][ T7274] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 483.532758][ T7282] loop1: detected capacity change from 0 to 32768 [ 483.541926][ T7282] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.481 (7282) [ 483.570877][ T7282] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 483.581333][ T7282] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 483.590081][ T7282] BTRFS info (device loop1): using free space tree [ 483.720153][ T7282] BTRFS info (device loop1): enabling ssd optimizations [ 483.727212][ T7282] BTRFS info (device loop1): auto enabling async discard [ 483.777822][ T7306] netlink: 8 bytes leftover after parsing attributes in process `syz.3.484'. [ 483.831174][ T5819] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 483.868970][ T5861] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 483.879813][ T7301] kvm: kvm [7299]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x495a [ 483.900592][ T7301] kvm_intel: kvm [7299]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0x100b [ 483.913893][ T7301] kvm: kvm [7299]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x5956 [ 483.926916][ T7301] kvm: kvm [7299]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x9c5 [ 483.939203][ T7301] kvm: kvm [7299]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x61ea [ 483.963905][ T7301] kvm: kvm [7299]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x4939 [ 483.974090][ T7301] kvm: kvm [7299]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111 [ 484.797685][ T5861] usb 1-1: Using ep0 maxpacket: 32 [ 484.831619][ T5861] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 484.851625][ T5861] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 484.877787][ T5861] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 484.886880][ T5861] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.936945][ T5861] usb 1-1: config 0 descriptor?? [ 484.978410][ T5861] hub 1-1:0.0: USB hub found [ 485.212769][ T7316] loop2: detected capacity change from 0 to 2048 [ 485.219656][ T5861] hub 1-1:0.0: 1 port detected [ 485.235665][ T7316] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 485.695483][ T7324] netlink: 8 bytes leftover after parsing attributes in process `syz.1.490'. [ 485.838317][ T5861] hub 1-1:0.0: activate --> -90 [ 486.044253][ T8] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 486.053675][ T27] usb 1-1: USB disconnect, device number 9 [ 486.227485][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 486.238742][ T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 486.250045][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 486.272892][ T8] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 486.302233][ T8] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 486.314713][ T8] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 486.330105][ T8] usb 3-1: Manufacturer: syz [ 486.341157][ T8] usb 3-1: config 0 descriptor?? [ 487.885296][ T8] rc_core: IR keymap rc-hauppauge not found [ 487.891400][ T8] Registered IR keymap rc-empty [ 487.897180][ T8] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 487.944242][ T8] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 487.991269][ T8] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 488.039361][ T8] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input7 [ 488.080082][ T8] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 488.128329][ T8] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 488.175953][ T8] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 488.267589][ T8] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 488.311213][ T8] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 488.357857][ T8] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 488.397674][ T8] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 488.448660][ T8] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 488.494682][ T7357] input: syz0 as /devices/virtual/input/input8 [ 488.506969][ T8] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 488.550434][ T8] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 488.609560][ T8] mceusb 3-1:0.0: Registered with mce emulator interface version 1 [ 488.629788][ T8] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 488.711356][ T8] usb 3-1: USB disconnect, device number 6 [ 491.044094][ T7387] loop0: detected capacity change from 0 to 2048 [ 491.119161][ T7387] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 491.170108][ T28] audit: type=1800 audit(1773817226.808:431): pid=7387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.512" name="bus" dev="loop0" ino=1436 res=0 errno=0 [ 492.573813][ T7393] loop1: detected capacity change from 0 to 32768 [ 492.602935][ T7401] kvm: kvm [7400]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x495a [ 492.610992][ T7393] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop1 scanned by syz.1.514 (7393) [ 492.615076][ T7401] kvm_intel: kvm [7400]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0x100b [ 492.634903][ T7401] kvm: kvm [7400]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x5956 [ 492.644594][ T7401] kvm: kvm [7400]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x9c5 [ 492.662085][ T7401] kvm: kvm [7400]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x61ea [ 492.676235][ T7401] kvm: kvm [7400]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x4939 [ 492.679202][ T7393] BTRFS info (device loop1): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 492.687859][ T7401] kvm: kvm [7400]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111 [ 492.709657][ T7401] kvm: kvm [7400]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x4a56 [ 492.717027][ T7393] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 492.723846][ T7401] kvm: kvm [7400]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x10c8 [ 492.737978][ T7393] BTRFS info (device loop1): enabling disk space caching [ 492.744841][ T7401] kvm: kvm [7400]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x2262 [ 492.753778][ T7393] BTRFS info (device loop1): force clearing of disk cache [ 492.753803][ T7393] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 492.774393][ T7401] kvm: kvm [7400]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111 [ 492.791789][ T7401] kvm_intel: kvm [7400]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0x19c2 [ 492.796142][ T7393] BTRFS info (device loop1): use zstd compression, level 3 [ 492.829039][ T7393] BTRFS info (device loop1): disk space caching is enabled [ 492.983521][ T7393] BTRFS info (device loop1): enabling ssd optimizations [ 493.013095][ T7393] BTRFS info (device loop1): auto enabling async discard [ 493.042627][ T7393] BTRFS info (device loop1): rebuilding free space tree [ 493.214186][ T7393] BTRFS info (device loop1): disabling free space tree [ 493.222832][ T7393] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 493.233151][ T7393] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 493.443195][ T5819] BTRFS info (device loop1): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 493.502104][ T28] audit: type=1326 audit(1773817229.138:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7430 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9de8f9c799 code=0x7ffc0000 [ 493.558687][ T28] audit: type=1326 audit(1773817229.138:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7430 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f9de8f9c799 code=0x7ffc0000 [ 493.569803][ T7434] loop0: detected capacity change from 0 to 24 [ 493.582338][ T28] audit: type=1326 audit(1773817229.138:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7430 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9de8f9c799 code=0x7ffc0000 [ 493.611485][ T7434] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 493.668448][ T28] audit: type=1326 audit(1773817229.138:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7430 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9de8f9c799 code=0x7ffc0000 [ 493.703754][ T7434] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 493.743795][ T28] audit: type=1326 audit(1773817229.138:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7430 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9de8f5cfce code=0x7ffc0000 [ 493.801152][ T5810] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 12 /dev/loop1 scanned by udevd (5810) [ 493.826867][ T28] audit: type=1326 audit(1773817229.138:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7430 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9de8f5cfce code=0x7ffc0000 [ 493.854553][ T28] audit: type=1326 audit(1773817229.138:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7430 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9de8f9c799 code=0x7ffc0000 [ 493.892840][ T7441] netlink: 8 bytes leftover after parsing attributes in process `syz.1.520'. [ 493.911911][ T28] audit: type=1326 audit(1773817229.138:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7430 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9de8f9c799 code=0x7ffc0000 [ 494.004841][ T28] audit: type=1326 audit(1773817229.138:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7430 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f9de8f9c799 code=0x7ffc0000 [ 494.797980][ T7464] netlink: 8 bytes leftover after parsing attributes in process `syz.0.535'. [ 495.184972][ T7471] loop2: detected capacity change from 0 to 4096 [ 495.223405][ T7471] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 495.427585][ T7471] ntfs3: loop2: ino=1e, "file1" ntfs_sync_inode failed, -22. [ 495.436864][ T7471] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 495.480796][ T5857] ntfs3: loop2: ino=1e, ntfs3_write_inode failed, -22. [ 495.587534][ T5861] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 495.704768][ T7493] netlink: 8 bytes leftover after parsing attributes in process `syz.3.545'. [ 495.827767][ T5861] usb 2-1: Using ep0 maxpacket: 16 [ 495.892659][ T7495] loop2: detected capacity change from 0 to 1024 [ 495.919607][ T5861] usb 2-1: config 0 has no interfaces? [ 495.944638][ T5861] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 495.997572][ T5861] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 496.046259][ T5861] usb 2-1: config 0 descriptor?? [ 496.047817][ T7495] hfsplus: request for non-existent node 33554434 in B*Tree [ 496.080706][ T7495] hfsplus: request for non-existent node 33554434 in B*Tree [ 496.280661][ T7479] random: crng reseeded on system resumption [ 496.715207][ T7517] netlink: 20 bytes leftover after parsing attributes in process `syz.3.554'. [ 496.732541][ T5861] usb 2-1: USB disconnect, device number 9 [ 496.905732][ T7523] loop2: detected capacity change from 0 to 1024 [ 496.980266][ T28] kauditd_printk_skb: 133 callbacks suppressed [ 496.980280][ T28] audit: type=1800 audit(1773817232.618:574): pid=7523 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.557" name="file2" dev="loop2" ino=20 res=0 errno=0 [ 497.022666][ T7523] hfsplus: request for non-existent node 33554434 in B*Tree [ 497.045965][ T7523] hfsplus: request for non-existent node 33554434 in B*Tree [ 497.461587][ T7538] netlink: 8 bytes leftover after parsing attributes in process `syz.2.561'. [ 497.657303][ T7541] netlink: 20 bytes leftover after parsing attributes in process `syz.1.565'. [ 497.926864][ T7551] loop0: detected capacity change from 0 to 1024 [ 497.957179][ T28] audit: type=1800 audit(1773817233.588:575): pid=7551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.569" name="file2" dev="loop0" ino=20 res=0 errno=0 [ 497.963086][ T7551] hfsplus: request for non-existent node 33554434 in B*Tree [ 498.005397][ T7551] hfsplus: request for non-existent node 33554434 in B*Tree [ 498.490774][ T7566] netlink: 20 bytes leftover after parsing attributes in process `syz.2.576'. [ 499.339624][ T7574] netlink: 8 bytes leftover after parsing attributes in process `syz.2.578'. [ 499.491252][ T7578] netlink: 4 bytes leftover after parsing attributes in process `syz.2.580'. [ 499.541829][ T7577] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 499.838931][ T7584] netlink: 8 bytes leftover after parsing attributes in process `syz.3.583'. [ 501.268726][ T7599] netlink: 4 bytes leftover after parsing attributes in process `syz.1.586'. [ 501.505213][ T7602] loop2: detected capacity change from 0 to 32768 [ 501.517258][ T7602] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.588 (7602) [ 501.549409][ T7602] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 501.559853][ T7602] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 501.569430][ T7602] BTRFS info (device loop2): using free space tree [ 501.615649][ T7602] BTRFS info (device loop2): enabling ssd optimizations [ 501.622817][ T7602] BTRFS info (device loop2): auto enabling async discard [ 501.775738][ T5828] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 501.818104][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.824481][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.859354][ T7624] fuse: Bad value for 'fd' [ 503.242611][ T7639] netlink: 4096 bytes leftover after parsing attributes in process `syz.1.595'. [ 505.037525][ T27] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 505.207350][ T7666] netlink: 4 bytes leftover after parsing attributes in process `syz.2.602'. [ 505.261032][ T27] usb 1-1: Using ep0 maxpacket: 16 [ 505.309706][ T27] usb 1-1: config 0 has no interfaces? [ 505.352177][ T27] usb 1-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 505.388923][ T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 505.416080][ T27] usb 1-1: config 0 descriptor?? [ 505.655111][ T7652] random: crng reseeded on system resumption [ 507.085465][ T5861] usb 1-1: USB disconnect, device number 10 [ 507.229278][ T7698] fuse: Bad value for 'fd' [ 507.319104][ T27] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 508.273754][ T27] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 508.292503][ T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 508.317492][ T27] usb 2-1: Product: syz [ 508.327475][ T27] usb 2-1: Manufacturer: syz [ 508.332575][ T27] usb 2-1: SerialNumber: syz [ 509.438320][ T27] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32 [ 510.060224][ T7730] loop0: detected capacity change from 0 to 64 [ 510.680548][ T27] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x0000011c. ret = -71 [ 510.906050][ T27] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 511.042416][ T27] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 511.126390][ T27] lan78xx: probe of 2-1:1.0 failed with error -71 [ 511.207668][ T27] usb 2-1: USB disconnect, device number 10 [ 513.057781][ T27] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 513.287719][ T27] usb 2-1: Using ep0 maxpacket: 16 [ 513.350857][ T27] usb 2-1: config 0 has no interfaces? [ 513.401956][ T27] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 513.561490][ T27] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 513.668736][ T27] usb 2-1: config 0 descriptor?? [ 513.996264][ T7755] random: crng reseeded on system resumption [ 514.724166][ T7778] loop0: detected capacity change from 0 to 1024 [ 514.768753][ T7778] EXT4-fs: Ignoring removed nomblk_io_submit option [ 514.832660][ T7778] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 514.908455][ T7778] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 515.737746][ T7778] System zones: 0-1, 3-36 [ 515.754001][ T7778] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 515.890809][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 516.013614][ T7792] netlink: 'syz.0.637': attribute type 4 has an invalid length. [ 516.039481][ T27] usb 2-1: USB disconnect, device number 11 [ 516.051820][ T7792] netlink: 'syz.0.637': attribute type 4 has an invalid length. [ 518.696462][ T7815] loop0: detected capacity change from 0 to 512 [ 518.905913][ T7815] EXT4-fs (loop0): failed to open journal device unknown-block(0,0) -6 [ 519.226554][ T7837] netlink: 12 bytes leftover after parsing attributes in process `syz.3.650'. [ 519.257801][ T7837] netlink: 12 bytes leftover after parsing attributes in process `syz.3.650'. [ 519.447486][ T8] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 519.620887][ T7831] loop2: detected capacity change from 0 to 32768 [ 519.637570][ T7831] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.647 (7831) [ 519.637585][ T8] usb 1-1: Using ep0 maxpacket: 32 [ 519.639583][ T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 519.863467][ T7831] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 519.990464][ T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 520.040086][ T7831] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 520.134059][ T8] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 520.170932][ T7831] BTRFS info (device loop2): using free space tree [ 520.252899][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 520.343837][ T8] usb 1-1: config 0 descriptor?? [ 520.380019][ T8] hub 1-1:0.0: USB hub found [ 520.402892][ T7831] BTRFS info (device loop2): enabling ssd optimizations [ 520.441275][ T7831] BTRFS info (device loop2): auto enabling async discard [ 520.579479][ T8] hub 1-1:0.0: 1 port detected [ 520.607828][ T5828] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 520.787957][ T7871] netlink: 4 bytes leftover after parsing attributes in process `syz.3.655'. [ 522.471727][ T5879] hub 1-1:0.0: activate --> -90 [ 523.000169][ T27] usb 1-1: USB disconnect, device number 11 [ 523.696209][ T7891] loop0: detected capacity change from 0 to 1024 [ 523.833998][ T7896] netlink: 8 bytes leftover after parsing attributes in process `syz.1.664'. [ 524.085808][ T7902] tipc: Enabled bearer , priority 0 [ 524.109991][ T7901] tipc: Disabling bearer [ 524.253525][ T5879] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 524.458262][ T5879] usb 1-1: Using ep0 maxpacket: 16 [ 524.526809][ T5879] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 524.633297][ T5879] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 524.645433][ T7911] netlink: 12 bytes leftover after parsing attributes in process `syz.3.670'. [ 524.703177][ T7911] netlink: 12 bytes leftover after parsing attributes in process `syz.3.670'. [ 524.720805][ T5879] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 524.796363][ T5879] usb 1-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 525.157558][ T5879] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 525.189136][ T5879] usb 1-1: config 0 descriptor?? [ 525.250078][ T7914] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 525.630928][ T7925] loop2: detected capacity change from 0 to 1024 [ 525.704423][ T28] audit: type=1800 audit(1773817261.338:576): pid=7925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.676" name="file2" dev="loop2" ino=22 res=0 errno=0 [ 525.786778][ T5879] usbhid 1-1:0.0: can't add hid device: -71 [ 525.794624][ T7928] tipc: Enabling of bearer rejected, failed to enable media [ 525.824415][ T5879] usbhid: probe of 1-1:0.0 failed with error -71 [ 525.866433][ T5879] usb 1-1: USB disconnect, device number 12 [ 526.039972][ T7936] netlink: 8 bytes leftover after parsing attributes in process `syz.3.679'. [ 526.112586][ T7940] loop2: detected capacity change from 0 to 128 [ 526.231680][ T7942] netlink: 12 bytes leftover after parsing attributes in process `syz.1.683'. [ 526.240876][ T7942] netlink: 12 bytes leftover after parsing attributes in process `syz.1.683'. [ 526.443461][ T7950] loop0: detected capacity change from 0 to 1024 [ 526.488677][ T28] audit: type=1800 audit(1773817262.128:577): pid=7950 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.687" name="file2" dev="loop0" ino=22 res=0 errno=0 [ 526.718849][ T7957] tipc: Enabled bearer , priority 0 [ 526.732363][ T7956] tipc: Disabling bearer [ 527.727851][ T7968] netlink: 12 bytes leftover after parsing attributes in process `syz.3.695'. [ 527.747367][ T7968] netlink: 12 bytes leftover after parsing attributes in process `syz.3.695'. [ 527.779480][ T7973] loop0: detected capacity change from 0 to 2048 [ 527.835653][ T7973] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 527.877355][ T28] audit: type=1800 audit(1773817263.508:578): pid=7973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.696" name="bus" dev="loop0" ino=1436 res=0 errno=0 [ 528.817495][ T27] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 529.017517][ T27] usb 3-1: Using ep0 maxpacket: 16 [ 529.025190][ T27] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 529.035789][ T27] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 529.046933][ T27] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 529.057607][ T27] usb 3-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 529.066675][ T27] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 529.077858][ T27] usb 3-1: config 0 descriptor?? [ 529.257683][ T23] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 529.410508][ T7988] netlink: 8 bytes leftover after parsing attributes in process `syz.3.700'. [ 529.548205][ T23] usb 1-1: Using ep0 maxpacket: 32 [ 529.638669][ T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 529.782742][ T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 529.935531][ T23] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 529.991192][ T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 530.013763][ T23] usb 1-1: config 0 descriptor?? [ 530.032759][ T23] hub 1-1:0.0: USB hub found [ 530.052682][ T27] usbhid 3-1:0.0: can't add hid device: -71 [ 530.065124][ T27] usbhid: probe of 3-1:0.0 failed with error -71 [ 530.089101][ T27] usb 3-1: USB disconnect, device number 7 [ 530.246845][ T23] hub 1-1:0.0: 1 port detected [ 530.259426][ T7999] netlink: 12 bytes leftover after parsing attributes in process `syz.1.706'. [ 530.268984][ T7999] netlink: 12 bytes leftover after parsing attributes in process `syz.1.706'. [ 531.548412][ T23] hub 1-1:0.0: hub_hub_status failed (err = -32) [ 531.578345][ T23] hub 1-1:0.0: config failed, can't get hub status (err -32) [ 531.798811][ T23] usbhid 1-1:0.0: can't add hid device: -71 [ 531.820758][ T23] usbhid: probe of 1-1:0.0 failed with error -71 [ 531.869045][ T23] usb 1-1: USB disconnect, device number 13 [ 531.957758][ T8] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 532.167484][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 532.176264][ T8] usb 3-1: config 0 has no interfaces? [ 532.186797][ T8] usb 3-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 532.197144][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 532.218089][ T8] usb 3-1: config 0 descriptor?? [ 532.298813][ T8018] netlink: 8 bytes leftover after parsing attributes in process `syz.3.713'. [ 532.518090][ T8010] random: crng reseeded on system resumption [ 533.260615][ T8] usb 3-1: USB disconnect, device number 8 [ 533.343959][ T8029] netlink: 12 bytes leftover after parsing attributes in process `syz.1.716'. [ 534.537597][ T8029] netlink: 12 bytes leftover after parsing attributes in process `syz.1.716'. [ 535.189205][ T8045] netlink: 8 bytes leftover after parsing attributes in process `syz.2.723'. [ 538.221326][ T8065] netlink: 12 bytes leftover after parsing attributes in process `syz.1.728'. [ 538.238196][ T8065] netlink: 12 bytes leftover after parsing attributes in process `syz.1.728'. [ 538.362335][ T8069] netlink: 4 bytes leftover after parsing attributes in process `syz.2.732'. [ 538.389377][ T8067] loop0: detected capacity change from 0 to 2048 [ 538.451434][ T8067] Dev loop0: RDB in block 1 has bad checksum [ 538.589597][ T8076] netlink: 8 bytes leftover after parsing attributes in process `syz.1.733'. [ 540.950753][ T8106] netlink: 8 bytes leftover after parsing attributes in process `syz.3.744'. [ 541.547760][ T23] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 541.815268][ T23] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 541.825845][ T23] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 541.840293][ T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 541.852606][ T23] usb 1-1: config 0 descriptor?? [ 541.871213][ T23] pwc: Askey VC010 type 2 USB webcam detected. [ 542.278018][ T23] pwc: recv_control_msg error -32 req 02 val 2b00 [ 542.289587][ T23] pwc: recv_control_msg error -32 req 02 val 2700 [ 542.298564][ T23] pwc: recv_control_msg error -32 req 02 val 2c00 [ 542.306007][ T23] pwc: recv_control_msg error -32 req 04 val 1000 [ 542.314213][ T23] pwc: recv_control_msg error -32 req 04 val 1300 [ 542.326291][ T23] pwc: recv_control_msg error -32 req 04 val 1400 [ 542.343954][ T23] pwc: recv_control_msg error -32 req 02 val 2000 [ 542.355885][ T23] pwc: recv_control_msg error -32 req 02 val 2100 [ 542.372117][ T23] pwc: recv_control_msg error -32 req 04 val 1500 [ 542.386134][ T23] pwc: recv_control_msg error -32 req 02 val 2500 [ 542.408708][ T23] pwc: recv_control_msg error -32 req 02 val 2400 [ 542.414790][ T8131] fuse: Bad value for 'fd' [ 542.428007][ T23] pwc: recv_control_msg error -32 req 02 val 2600 [ 542.651952][ T23] pwc: recv_control_msg error -71 req 02 val 2800 [ 542.671005][ T23] pwc: recv_control_msg error -71 req 04 val 1100 [ 542.681058][ T23] pwc: recv_control_msg error -71 req 04 val 1200 [ 542.785010][ T8138] netlink: 8 bytes leftover after parsing attributes in process `syz.2.757'. [ 542.863247][ T23] pwc: Registered as video103. [ 543.020095][ T23] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input9 [ 543.448459][ T23] usb 1-1: USB disconnect, device number 14 [ 543.561938][ T8143] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 543.742473][ T8147] loop2: detected capacity change from 0 to 1024 [ 543.773260][ T28] audit: type=1800 audit(1773817279.408:579): pid=8147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.761" name="file2" dev="loop2" ino=20 res=0 errno=0 [ 544.645127][ T8166] netlink: 8 bytes leftover after parsing attributes in process `syz.2.767'. [ 545.579574][ T8170] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 545.643833][ T8178] netlink: 4 bytes leftover after parsing attributes in process `syz.1.769'. [ 546.046648][ T23] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 546.237580][ T23] usb 3-1: Using ep0 maxpacket: 16 [ 546.258328][ T23] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 546.268815][ T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 546.279901][ T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 546.290494][ T23] usb 3-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 546.299770][ T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 546.310976][ T23] usb 3-1: config 0 descriptor?? [ 546.511760][ T8197] netlink: 8 bytes leftover after parsing attributes in process `syz.1.778'. [ 547.161138][ T23] hid-picolcd 0003:04D8:F002.0002: unknown main item tag 0x0 [ 547.177822][ T23] hid-picolcd 0003:04D8:F002.0002: unknown main item tag 0x0 [ 547.193796][ T23] hid-picolcd 0003:04D8:F002.0002: unknown main item tag 0x0 [ 547.202492][ T23] hid-picolcd 0003:04D8:F002.0002: unknown main item tag 0x0 [ 547.214064][ T23] hid-picolcd 0003:04D8:F002.0002: unknown main item tag 0x0 [ 547.337652][ T23] hid-picolcd 0003:04D8:F002.0002: No report with id 0xf3 found [ 547.353442][ T23] hid-picolcd 0003:04D8:F002.0002: No report with id 0xf4 found [ 547.414908][ T23] usb 3-1: USB disconnect, device number 9 [ 547.423909][ T8205] overlayfs: failed to clone lowerpath [ 547.465979][ T8205] overlayfs: failed to clone upperpath [ 547.556660][ T8210] loop0: detected capacity change from 0 to 1024 [ 547.660241][ T28] audit: type=1800 audit(1773817283.288:580): pid=8210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.783" name="file2" dev="loop0" ino=20 res=0 errno=0 [ 547.717682][ T8210] hfsplus: request for non-existent node 33554434 in B*Tree [ 547.728967][ T8210] hfsplus: request for non-existent node 33554434 in B*Tree [ 547.769159][ T8218] netlink: 4 bytes leftover after parsing attributes in process `syz.3.786'. [ 548.730646][ T8218] hsr_slave_1 (unregistering): left promiscuous mode [ 548.848121][ T8225] netlink: 8 bytes leftover after parsing attributes in process `syz.2.788'. [ 549.971435][ T8241] overlayfs: failed to clone lowerpath [ 549.980626][ T8241] overlayfs: failed to clone upperpath [ 551.247698][ T8256] netlink: 8 bytes leftover after parsing attributes in process `syz.3.798'. [ 551.277442][ T8256] netlink: 4 bytes leftover after parsing attributes in process `syz.3.798'. [ 551.357862][ T5879] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 551.567800][ T5879] usb 3-1: Using ep0 maxpacket: 16 [ 551.579261][ T5879] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 551.607483][ T5879] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 551.642700][ T5879] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 551.659241][ T8262] netlink: 8 bytes leftover after parsing attributes in process `syz.3.799'. [ 552.438184][ T5879] usb 3-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 552.447341][ T5879] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 552.468538][ T5879] usb 3-1: config 0 descriptor?? [ 552.530236][ T8266] loop0: detected capacity change from 0 to 1024 [ 552.597562][ T28] audit: type=1800 audit(1773817288.228:581): pid=8266 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.796" name="file2" dev="loop0" ino=20 res=0 errno=0 [ 552.603178][ T8266] hfsplus: request for non-existent node 33554434 in B*Tree [ 552.647504][ T8266] hfsplus: request for non-existent node 33554434 in B*Tree [ 552.910811][ T5879] hid-picolcd 0003:04D8:F002.0003: unknown main item tag 0x0 [ 552.938000][ T5879] hid-picolcd 0003:04D8:F002.0003: unknown main item tag 0x0 [ 552.948403][ T5879] hid-picolcd 0003:04D8:F002.0003: unknown main item tag 0x0 [ 552.955839][ T5879] hid-picolcd 0003:04D8:F002.0003: unknown main item tag 0x0 [ 552.966590][ T5879] hid-picolcd 0003:04D8:F002.0003: unknown main item tag 0x0 [ 553.777024][ T5879] hid-picolcd 0003:04D8:F002.0003: No report with id 0xf3 found [ 553.784801][ T5879] hid-picolcd 0003:04D8:F002.0003: No report with id 0xf4 found [ 553.891052][ T23] usb 3-1: USB disconnect, device number 10 [ 554.078311][ T8287] netlink: 8 bytes leftover after parsing attributes in process `syz.3.807'. [ 554.111221][ T8287] netlink: 4 bytes leftover after parsing attributes in process `syz.3.807'. [ 554.423297][ T8293] netlink: 8 bytes leftover after parsing attributes in process `syz.3.808'. [ 555.360414][ T8300] netlink: 56 bytes leftover after parsing attributes in process `syz.2.810'. [ 557.254846][ T8323] netlink: 8 bytes leftover after parsing attributes in process `syz.1.817'. [ 558.288359][ T8331] netlink: 56 bytes leftover after parsing attributes in process `syz.1.821'. [ 558.817759][ T8341] netlink: 8 bytes leftover after parsing attributes in process `syz.1.825'. [ 558.937019][ T8345] netlink: 8 bytes leftover after parsing attributes in process `syz.0.816'. [ 558.953427][ T8345] netlink: 4 bytes leftover after parsing attributes in process `syz.0.816'. [ 559.141180][ T8356] netlink: 8 bytes leftover after parsing attributes in process `syz.2.828'. [ 559.498860][ T8358] netlink: 56 bytes leftover after parsing attributes in process `syz.1.830'. [ 560.105667][ T8371] netlink: 8 bytes leftover after parsing attributes in process `syz.2.833'. [ 561.869221][ T8383] netlink: 8 bytes leftover after parsing attributes in process `syz.3.840'. [ 561.881139][ T8383] netlink: 4 bytes leftover after parsing attributes in process `syz.3.840'. [ 562.987651][ T8405] __nla_validate_parse: 2 callbacks suppressed [ 562.987689][ T8405] netlink: 8 bytes leftover after parsing attributes in process `syz.0.846'. [ 563.378158][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.384757][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.987384][ C0] sched: RT throttling activated [ 564.298756][ T8416] netlink: 8 bytes leftover after parsing attributes in process `syz.2.849'. [ 564.307614][ T8412] loop0: detected capacity change from 0 to 4096 [ 564.319742][ T8412] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 564.359347][ T8416] netlink: 4 bytes leftover after parsing attributes in process `syz.2.849'. [ 564.804461][ T8432] netlink: 8 bytes leftover after parsing attributes in process `syz.1.856'. [ 566.042279][ T8438] overlayfs: failed to clone lowerpath [ 566.145666][ T8440] netlink: 8 bytes leftover after parsing attributes in process `syz.0.859'. [ 567.009020][ T8452] netlink: 8 bytes leftover after parsing attributes in process `syz.3.865'. [ 567.021540][ T8452] netlink: 4 bytes leftover after parsing attributes in process `syz.3.865'. [ 567.405443][ T8465] netlink: 8 bytes leftover after parsing attributes in process `syz.0.869'. [ 568.850529][ T8477] netlink: 8 bytes leftover after parsing attributes in process `syz.2.872'. [ 569.611388][ T8479] netlink: 4 bytes leftover after parsing attributes in process `syz.1.875'. [ 570.957743][ T8503] netlink: 8 bytes leftover after parsing attributes in process `syz.0.882'. [ 571.862948][ T8515] netlink: 8 bytes leftover after parsing attributes in process `syz.0.885'. [ 572.015292][ T8514] netlink: 4 bytes leftover after parsing attributes in process `syz.3.886'. [ 572.665740][ T8493] loop2: detected capacity change from 0 to 40427 [ 572.681376][ T8493] F2FS-fs (loop2): LFS is not compatible with checkpoint=disable [ 572.703461][ T8520] netlink: 4 bytes leftover after parsing attributes in process `syz.0.888'. [ 573.924803][ T8543] netlink: 8 bytes leftover after parsing attributes in process `syz.1.893'. [ 574.657455][ T8548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.896'. [ 575.526621][ T8552] loop0: detected capacity change from 0 to 1024 [ 575.541923][ T8556] netlink: 4 bytes leftover after parsing attributes in process `syz.3.900'. [ 575.553396][ T8552] hfsplus: Filesystem is marked locked, mounting read-only. [ 576.356357][ T8572] netlink: 4 bytes leftover after parsing attributes in process `syz.3.903'. [ 576.515023][ T8577] netlink: 8 bytes leftover after parsing attributes in process `syz.0.905'. [ 577.441402][ T8584] netlink: 8 bytes leftover after parsing attributes in process `syz.1.907'. [ 578.720807][ T8593] netlink: 4 bytes leftover after parsing attributes in process `syz.1.911'. [ 579.803814][ T8611] netlink: 8 bytes leftover after parsing attributes in process `syz.3.916'. [ 580.718599][ T8614] netlink: 4 bytes leftover after parsing attributes in process `syz.1.917'. [ 580.762085][ T8607] netlink: 12 bytes leftover after parsing attributes in process `syz.2.915'. [ 580.795834][ T8607] netlink: 12 bytes leftover after parsing attributes in process `syz.2.915'. [ 581.024247][ T8619] netlink: 'syz.0.918': attribute type 4 has an invalid length. [ 581.059515][ T8619] netlink: 152 bytes leftover after parsing attributes in process `syz.0.918'. [ 581.073980][ T8619] .`: renamed from bond0 [ 581.158670][ T8623] tipc: Enabled bearer , priority 0 [ 581.169821][ T8622] tipc: Disabling bearer [ 582.012341][ T8625] netlink: 8 bytes leftover after parsing attributes in process `syz.3.919'. [ 582.022336][ T8626] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12 [ 582.032063][ T8626] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12 [ 582.041680][ T8626] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 583.274719][ T8651] netlink: 8 bytes leftover after parsing attributes in process `syz.1.927'. [ 583.958057][ T8653] netlink: 12 bytes leftover after parsing attributes in process `syz.0.928'. [ 583.966969][ T8653] netlink: 12 bytes leftover after parsing attributes in process `syz.0.928'. [ 584.241295][ T8665] tipc: Started in network mode [ 584.246341][ T8665] tipc: Node identity 5668786032a9, cluster identity 4711 [ 584.711974][ T8665] tipc: Enabled bearer , priority 0 [ 584.871910][ T8671] netlink: 4 bytes leftover after parsing attributes in process `syz.3.931'. [ 584.916136][ T8664] tipc: Disabling bearer [ 585.312601][ T8682] bridge0: port 3(erspan0) entered blocking state [ 585.324570][ T8682] bridge0: port 3(erspan0) entered disabled state [ 585.332076][ T8682] erspan0: entered allmulticast mode [ 585.348826][ T8682] erspan0: entered promiscuous mode [ 585.427878][ T8682] erspan0: left allmulticast mode [ 585.434382][ T8682] erspan0: left promiscuous mode [ 585.441764][ T8682] bridge0: port 3(erspan0) entered disabled state [ 585.554395][ T8690] netlink: 8 bytes leftover after parsing attributes in process `syz.2.938'. [ 586.380157][ T8693] loop0: detected capacity change from 0 to 64 [ 586.493929][ T8701] tipc: Enabling of bearer rejected, failed to enable media [ 586.555741][ T8703] netlink: 8 bytes leftover after parsing attributes in process `syz.1.943'. [ 586.652947][ T6001] ------------[ cut here ]------------ [ 586.658544][ T6001] kernel BUG at fs/hfs/inode.c:449! [ 586.678386][ T6001] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 586.684517][ T6001] CPU: 1 PID: 6001 Comm: kworker/u4:3 Not tainted syzkaller #0 [ 586.692159][ T6001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 586.702233][ T6001] Workqueue: writeback wb_workfn (flush-7:0) [ 586.708261][ T6001] RIP: 0010:hfs_write_inode+0x87a/0x880 [ 586.713818][ T6001] Code: c7 c1 00 b3 30 97 80 e1 07 80 c1 03 38 c1 0f 8c 73 fe ff ff 48 c7 c7 00 b3 30 97 e8 f0 0c 84 ff e9 62 fe ff ff e8 16 de 2b ff <0f> 0b 0f 1f 40 00 f3 0f 1e fa 55 41 57 41 56 41 54 53 48 89 fb 49 [ 586.733529][ T6001] RSP: 0018:ffffc900052af340 EFLAGS: 00010293 [ 586.739604][ T6001] RAX: ffffffff825b3e4a RBX: ffff88801f30a8a8 RCX: ffff88802bc6da00 [ 586.747668][ T6001] RDX: 0000000000000000 RSI: ffffffff8d339960 RDI: 0000000000000000 [ 586.755828][ T6001] RBP: ffffc900052af4d0 R08: ffff88802bc6da00 R09: 0000000000000003 [ 586.763805][ T6001] R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000 [ 586.771951][ T6001] R13: 1ffff92000a55e6c R14: ffff88801f30a858 R15: 0000000000000000 [ 586.780127][ T6001] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 586.789076][ T6001] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 586.795761][ T6001] CR2: 00007f1584be9e80 CR3: 000000007629f000 CR4: 00000000003506e0 [ 586.803835][ T6001] Call Trace: [ 586.807129][ T6001] [ 586.810060][ T6001] ? hfs_inode_write_fork+0x1a0/0x1a0 [ 586.815456][ T6001] ? __rwlock_init+0x150/0x150 [ 586.820230][ T6001] __writeback_single_inode+0x705/0xec0 [ 586.825784][ T6001] writeback_sb_inodes+0x7cd/0xf50 [ 586.830905][ T6001] ? queue_io+0x550/0x550 [ 586.835231][ T6001] ? rcu_is_watching+0x15/0xb0 [ 586.840015][ T6001] wb_writeback+0x46a/0xbf0 [ 586.844602][ T6001] ? queue_io+0x3b1/0x550 [ 586.848926][ T6001] ? percpu_ref_tryget+0x250/0x250 [ 586.854030][ T6001] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 586.860032][ T6001] ? _raw_spin_unlock_irq+0x23/0x50 [ 586.865324][ T6001] wb_workfn+0x400/0xe60 [ 586.869598][ T6001] ? try_to_wake_up+0x70a/0x1190 [ 586.874570][ T6001] ? inode_wait_for_writeback+0x230/0x230 [ 586.880365][ T6001] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 586.886691][ T6001] ? lockdep_hardirqs_on+0x98/0x150 [ 586.891883][ T6001] ? read_lock_is_recursive+0x20/0x20 [ 586.897333][ T6001] ? preempt_schedule_thunk+0x1a/0x30 [ 586.902702][ T6001] ? process_scheduled_works+0x96f/0x15d0 [ 586.908500][ T6001] ? process_scheduled_works+0x96f/0x15d0 [ 586.914211][ T6001] process_scheduled_works+0xa5d/0x15d0 [ 586.919779][ T6001] ? worker_attach_to_pool+0x380/0x380 [ 586.925243][ T6001] ? assign_work+0x3d2/0x5d0 [ 586.929849][ T6001] worker_thread+0xa55/0xfc0 [ 586.934452][ T6001] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 586.940345][ T6001] ? _raw_spin_unlock+0x40/0x40 [ 586.945284][ T6001] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 586.951170][ T6001] kthread+0x2fa/0x390 [ 586.955262][ T6001] ? pr_cont_work+0x560/0x560 [ 586.959925][ T6001] ? kthread_blkcg+0xd0/0xd0 [ 586.964510][ T6001] ret_from_fork+0x48/0x80 [ 586.968923][ T6001] ? kthread_blkcg+0xd0/0xd0 [ 586.973522][ T6001] ret_from_fork_asm+0x11/0x20 [ 586.978292][ T6001] [ 586.981298][ T6001] Modules linked in: [ 586.995004][ T6001] ---[ end trace 0000000000000000 ]--- [ 587.005863][ T6001] RIP: 0010:hfs_write_inode+0x87a/0x880 [ 587.018473][ T6001] Code: c7 c1 00 b3 30 97 80 e1 07 80 c1 03 38 c1 0f 8c 73 fe ff ff 48 c7 c7 00 b3 30 97 e8 f0 0c 84 ff e9 62 fe ff ff e8 16 de 2b ff <0f> 0b 0f 1f 40 00 f3 0f 1e fa 55 41 57 41 56 41 54 53 48 89 fb 49 [ 587.038489][ T6001] RSP: 0018:ffffc900052af340 EFLAGS: 00010293 [ 587.044572][ T6001] RAX: ffffffff825b3e4a RBX: ffff88801f30a8a8 RCX: ffff88802bc6da00 [ 587.052860][ T6001] RDX: 0000000000000000 RSI: ffffffff8d339960 RDI: 0000000000000000 [ 587.061619][ T6001] RBP: ffffc900052af4d0 R08: ffff88802bc6da00 R09: 0000000000000003 [ 587.069765][ T6001] R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000 [ 587.077991][ T6001] R13: 1ffff92000a55e6c R14: ffff88801f30a858 R15: 0000000000000000 [ 587.086022][ T6001] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 587.095483][ T6001] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 587.102167][ T6001] CR2: 00007f69761e7158 CR3: 00000000630fc000 CR4: 00000000003506e0 [ 587.110386][ T6001] Kernel panic - not syncing: Fatal exception [ 587.116795][ T6001] Kernel Offset: disabled [ 587.121127][ T6001] Rebooting in 86400 seconds..