last executing test programs: 8.127143739s ago: executing program 2 (id=654): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 8.002327071s ago: executing program 2 (id=655): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000140)={0x8d, 0x2, 0x1}) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000040)=0x2) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000080)=0x2) 7.411448226s ago: executing program 2 (id=656): syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f0000001640)='./bus\x00', 0x41, &(0x7f0000001680)={[{@noinit_itable}, {@nodiscard}, {@dioread_nolock}, {@usrjquota}, {@abort}, {@data_writeback}, {@data_journal}, {@acl}, {@noload}]}, 0x4, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") 4.752526171s ago: executing program 4 (id=668): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x4000000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=@newtfilter={0x24, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {}, {0xd}}}, 0x24}}, 0x0) 4.297545233s ago: executing program 4 (id=671): socket(0x40000000015, 0x5, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000340), 0xffffffffffffffff) r2 = socket$nl_generic(0x11, 0x3, 0x10) r3 = socket$packet(0x11, 0x0, 0x300) setsockopt$packet_tx_ring(r3, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x0, 0x1}, 0x1c) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xc, 0x0, 0x0) sendmsg(r2, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{0x0}], 0x1, 0x0, 0x0, 0x11000000}, 0x0) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$sock_linger(r4, 0x1, 0xd, 0x0, 0x0) connect$inet(r4, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) poll(0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x1) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) syz_open_procfs(0xffffffffffffffff, 0x0) sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000680)={0x30, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan3\x00'}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x30}}, 0x0) 2.411072927s ago: executing program 4 (id=680): recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c80)={0x20, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000500)={0x40, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @action={{{}, {}, @broadcast}, @ext_ch_sw={0x4, 0x4, {{}, @void}}}}]}, 0x40}}, 0x0) 2.190750178s ago: executing program 4 (id=682): r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) bind$nfc_llcp(r0, &(0x7f0000000080)={0x27, 0x0, 0x0, 0x7, 0x0, 0x6, "75287ad1ee602ec4452a04ea7cdcd151bb2cd9893bc31f80718316d9bd3517076db9ad1f6a120d8be6d7f81cd81ec2757d0386e7d95f0669b740a5418d69d0", 0x10000000000001}, 0x60) 1.905670024s ago: executing program 4 (id=683): syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) syz_mount_image$nilfs2(&(0x7f00000001c0), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xaa6, &(0x7f0000001100)="$eJzs3U2MW0cBAOCxd73JJilxSkKXNLQJhbb8dNNslvATQVIlQiJqKsSlUsUlStMSEYJEkYCqEklO3GhVBYkTP+LUS1UQEr2gqCculWikCqmnwoEDURCVOEAgcRXvjNee2H22s+tnx98njcfz5j3PvOfn5/c7E4CpVW2+Li8vVEK4+PrLR//x4N/nbw451Bqj3nydbUvVQgiVmJ7NPu/dmZX4+nsvnOwWV8JS8zWlwxNXW9NuDiGcC7vDpVAPOy9efunNpcePnz92Yc9brxy8sj5zDwAA0+Xrlw4u7/jrn+/ddu3V+w6HDa3haf+8HtNb4n7/4bjjn/b/q6EzXWkL7eay8WZjqM53jjfTZbz2cmrZeLM9yp/Lyq/1GG9D+ODyZ9qGdZtvmGRpPa6HSnWxI12tLi6uHJOH5nH9XGXx7OkzzzxXUkWBNffv+0MIu9vCkQud6XELh8agDkOGxhjUYSLD4dGVda2xovR5HlFobC17CwSwIr9eeItz+ZmF29P6tNn+yr/6WLX79LAGRr3+D1T+XMnlB+X/5rwtDmvnTl2b0nyl39GWmM6vI+T3L/X+/eVXOjqH5tcjan3Ws9d1hEm5vtCrnjMjrsewetU/Xy/uVF+OcVoOX8ny238/+Xc6Kd8x0N1/8vP/giCMdwgd6drtfFaj5O0PML7y++Ya6fpolN/Xl+dvKMjfWJA/X5C/qSB/c0E+TLPfff+n4cXK6nF+fkw/6PnwdJ7trhh/aMD65OcjBy0/v+93ULdbfn4/MYyzP5x48tQXnn7q8sr9/5XW+n8jru/pcKMef1uX4gjpfGF+Xr1173+9s5xqj/HuzupzV5fxm++3d45X2b76OaFtO3NLPRY6p9vaa7xdnePVs/HmY9iY1TffP9mUTZf2P9J2NS2v2Wx+a9l8zGX1SNuVbTHO6wHDSOtjr/v/0/q5EGqVZ06fOfVoTKf19E8ztQ03h+8bcb2B29fv8z8LofP5ny2t4bVq+3Zh6+rwysp24bX4eZ3Dl1rldA7fH9Ppf+5bM/PN4Ysnv3vm6bWffZhqz/3o+W+fOHPm1Pe8GfrNV8ejGoO8SYct41Ifb8buTckbJmDd7f3xyk7AI6e/c+LZU8+eOrv/wIH9S0sHvrh/eW9zv35v+959u3Ml1BZYS6t/+mXXBAAAAAAAAAAAAOjXD44dvfz2G59/Z+X5/9Xn/9Lz/+nO3/T8/0+y5//z5+TTc/DpOcBtXfKb42QNrM5l49Vi+HBW3+1ZOTuy6T4S41Y/fvH5/1Rc3q5rqs892fBaj2TWnMAt7aXMZW2Q5P0FfjzGF2L86wAlqsx3Hxzjovat07qe2qdoa5eioX3gyZG+t7Q2pHZM0vPfXdt1avuyt42gjqy9UTxOWPY8At39c6ra//7X6oyXXhehd5gdbXk/n951otFzL73fHmwA1kbZ/X+m854pPvvHr228GdJoVx/r3F7m7ZfCIP7ydmd63PufXO/y8377Rl1+2fM/6v4/W/3f9b39y3rMqw9X7n9/ceWdtmLDzn7Lz+c/tQO9fbDyr8Xy09w8FPorv/GrrPz8glCf/peVv6nP8m+Z/13Dlf//WH5abA8/0G/5KzWuVDvrkZ83Ttf/8vPGyfVs/lPbnh9Q/jee7zb/Q3bUeCOWD9NsUvqZHVS2H9HaaR++/9/o3Nr2/9uqbLZZy+/D+FxMpw1xus8h7+9k0Pqn+yvS/8CO7PMrBf9v+v+dbF+KcdHvIfX/m9bHevzLb0s3l2VK17os2zt1WwOT6t2puv43EWHjGNRB6D80ZoaYrtVPXMn1bzQa63tCq0CphVP68i/7OKHs8ste/kXy/n/zffi8/988P+//N8/P+//N8+fjN9QrP+//N1+eef+/ef492efm/QMvFOR/tCB/Z/f81mH7vQXT7yrI/1hB/p5W/qGOMVL+fQXT31+Qf3dB/gMF+Z8oyP9kQf6DBfkPt+W39wGd8j9VMP2dLj2PMq3zD9Msfz7P7x+mR7r+0+v3v70gH5hcP3t135GnfvvN+srz/3Ot8yHpOt7hmK7F46cfxnR+3Tu0pW/mvRHTf8vyx/18B0yTvP2M/P/9oYJ8YHKl+7z8vmEKVTZ2Hxzjonareu3nM1k+HePPxPizMX4kxosx3hvjfTFeGlH9WB9HXvv9wRcrq8f7W7P8fu8nz58H6mgnKoSwv8/65OcHBr2fPW/Hb1C3W/6Qj4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACUptp8XV5eqIRw8fWXjz55/PTem0MOtcaoN19n21K11nQhPBrjmRj/Mr65/t4LJ9vjGzGuhKVQCZXW8PDE1VZJm0MI58LucCnUw86Ll196c+nx4+ePXdjz1isHr6zfEgAAAIA73/sBAAD//weuDxQ=") r0 = creat(&(0x7f0000000040)='./bus\x00', 0x1) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r0, 0xc0385720, 0x0) 1.798851384s ago: executing program 3 (id=685): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='vegas\x00', 0x6) 1.651181827s ago: executing program 0 (id=686): unshare(0x400) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1) 1.536396108s ago: executing program 3 (id=687): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2) getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, 0x0, &(0x7f0000000340)) 1.478444233s ago: executing program 0 (id=689): add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000200)=[{0x24}, {0x6, 0x0, 0x0, 0x7ffffdbd}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x2, &(0x7f0000000040)=[{0x3c, 0x0, 0xb, 0xfffffffd}, {0x6, 0x0, 0x0, 0x7ffffff8}]}) 1.321631738s ago: executing program 1 (id=691): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0) getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000940)=@delchain={0x24, 0x2a, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r3}}, 0x24}}, 0x0) 1.321422898s ago: executing program 3 (id=692): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) r2 = openat$cgroup_procs(r0, &(0x7f0000000080)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000280), 0xb) sendfile(r1, r1, 0x0, 0x401) 1.252344134s ago: executing program 0 (id=693): r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) fcntl$getflags(r0, 0x40a) 1.150961854s ago: executing program 0 (id=694): syz_mount_image$erofs(&(0x7f0000000200), &(0x7f0000000100)='./file1\x00', 0x810801, &(0x7f0000000140)=ANY=[], 0x4, 0x208, &(0x7f0000000640)="$eJzslb9rFEEUx78zu7e5BAlYaGFzFgEjmL3dPZU0FrEXhETU8jBjiE5y4XJFEhASbGysxX/EIpWFnVbWFioIFqa0EhyZ2dnb2dzuHcv5o/B9IJPvzOybee/tu7cgCOK/5fOn7x+f31xeuwLgDBYwY9e/evkz3Hn+w0uvYeWb7fknx6fPYwCUyuf+hPsDAK9XPOAwPVYp1xpYsGeugRutuQOOy1bfBUOY+apyawGG+3b50Y4aRtObtUIK9qAn1x9uShHpIdZDoocOoAr+nxwxrANo2iuY49/u/sHjrgT6qZAiEw2V3TOyVVeMy5/xb4XjhpMC/b7uPXt6pOehXY+c/MXgiK3ugGHV6mXMIAzDlp2K2In/gp+f76WvLeWwTiTN6RJRV5xdKtnSFT7efFYKHe1vc+On+iMBBoUS/HtZLRPaj/pWvDVqFUw4R0zvMzu9wtySOH9y/HbU6ss/Te90wjQuAO7WC1027+ekvFVqda6wcrHiJ5NVYGVJpP2D+cAlpz/5zlehPdjaae/uHyxtbnU3xIbYTpLO9ehqFF1L2qY3p+OY/tc0/WnOOb9R8WzAAux1B4N+vAcM+vFwnqSj03FXX/W+GRtu+h/H4g+lss+LCTv7ULLiHcz+cfNfq0Wv0nmCIAiCIAiCIAiCIAiCIIhatMDwbn44VeX4yW2z/SsAAP//mv9ajg==") chdir(&(0x7f0000002a80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1.022786825s ago: executing program 1 (id=695): r0 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r0, 0x8916, &(0x7f0000000040)={'bond_slave_1\x00', @random="0200ac7ffe03"}) r1 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x891a, &(0x7f0000000040)={'bond_slave_1\x00', @random="0200ac7f7f00"}) umount2(0x0, 0x0) 956.351181ms ago: executing program 3 (id=696): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 892.052147ms ago: executing program 3 (id=697): r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x42, 0x101) fcntl$lock(r0, 0x7, &(0x7f0000000140)) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2029c1b, 0x0, 0x1, 0x0, &(0x7f0000000080)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000000)='./bus/file0\x00', 0x0) renameat2(r1, &(0x7f0000000240)='./bus/file0\x00', r1, &(0x7f00000001c0)='./file0\x00', 0x2) 794.863697ms ago: executing program 1 (id=698): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) ioprio_set$pid(0x2, 0x0, 0x2004) syz_clone3(&(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000240)=[0x0], 0x1}, 0x58) 641.461301ms ago: executing program 3 (id=699): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, 0x0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000500)='htcp\x00', 0x5) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x30, 0x2, {{}, [@TCA_NETEM_RATE={0x14, 0xd}]}}}]}, 0x60}}, 0x0) shutdown(r0, 0x2) 582.561326ms ago: executing program 1 (id=700): r0 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, 0x0, 0xe0) 476.166136ms ago: executing program 2 (id=701): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x0) 420.156841ms ago: executing program 1 (id=702): r0 = gettid() r1 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r1, &(0x7f000047b000)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r1, 0x400000001ffffffd) r2 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r3 = accept4(r1, 0x0, 0x0, 0x0) sendmsg$IPSET_CMD_SAVE(r3, 0x0, 0x40001) syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r3) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8943, 0x0) tkill(r0, 0x7) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) request_key(0x0, 0x0, 0x0, 0xfffffffffffffffd) 313.022781ms ago: executing program 4 (id=703): bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0600000004000000060000000006000000000000", @ANYRES32, @ANYBLOB="00000000000000c900"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x19}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffe, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_LOOKUP_ELEM(0x5, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10) write$FUSE_DIRENTPLUS(r2, 0x0, 0xa8) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) write$FUSE_ENTRY(r2, &(0x7f0000000440)={0x90}, 0x90) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@posixacl}]}}) 252.631697ms ago: executing program 0 (id=704): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r0, r2}, 0x10) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0xbe, &(0x7f0000000100)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "12f8ad357ebb2d0bc34e5beccabf602b8c00", "4ceef9ddabd01b9dc5ef339c6d1e1c4bb7d706bd8c46565d8eb6fc8a3338e2792c34722647698634a5a3fa6e0601a63e", "a852d8001e63559b9555ba6da1eb84cb43ef71bd041a4ce7cd5533b2", {"734a5cce3d303391cf113a001f247df1", "ec6a5851d09eafe24849040ec6b3dc5f"}}}}}}}, 0x0) 68.398584ms ago: executing program 2 (id=705): bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000a40)=ANY=[@ANYBLOB="9feb0100180000000000000010000000100000000a000000080000000000000e030000000700000000001000000000005f"], 0x0, 0x32, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) 68.000153ms ago: executing program 0 (id=706): r0 = socket$unix(0x1, 0x1, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) setresuid(0x0, r1, 0x0) move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0) 63.870044ms ago: executing program 1 (id=707): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 0s ago: executing program 2 (id=708): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a40)={0x80, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x63, 0xe, {{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1}, {0x3}, @device_b, @broadcast, @from_mac=@broadcast, {0x6, 0xb4}, @value=@ver_80211n={0x0, 0x2, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1}}, 0x1, @random=0x5, 0x210, @val, @void, @void, @val={0x4, 0x6, {0x1, 0x6, 0x3, 0x80}}, @void, @void, @void, @val={0x2a, 0x1, {0x0, 0x1, 0x1}}, @val={0x3c, 0x4, {0x1, 0xf, 0x6c, 0x7}}, @val={0x2d, 0x1a, {0x300, 0x3, 0x3, 0x0, {0x3ff, 0x1f05, 0x0, 0x31a, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x6, 0x8, 0x6b}}, @void, @void, @val={0x76, 0x6, {0xd, 0x40, 0x29, 0xfff9}}}}]]}, 0x80}}, 0x24040810) kernel console output (not intermixed with test programs): Opts: ,errors=continue. Quota mode: writeback. [ 110.635085][ T3967] loop1: detected capacity change from 0 to 4096 [ 110.836079][ T3967] ntfs: volume version 3.1. [ 110.981299][ T3708] device hsr_slave_0 left promiscuous mode [ 110.988444][ T3708] device hsr_slave_1 left promiscuous mode [ 111.076336][ T3708] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 111.123360][ T3708] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 111.215603][ T3985] loop4: detected capacity change from 0 to 128 [ 111.436760][ T3708] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 111.456604][ T3985] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 111.737047][ T3708] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 111.755681][ T3708] device bridge_slave_1 left promiscuous mode [ 111.767914][ T3708] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.790723][ T3708] device bridge_slave_0 left promiscuous mode [ 111.807314][ T3708] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.909857][ T3575] sysv_free_block: trying to free block not in datazone [ 111.932517][ T3575] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 111.988046][ T3708] device veth1_macvtap left promiscuous mode [ 111.994618][ T3708] device veth0_macvtap left promiscuous mode [ 112.006311][ T3708] device veth1_vlan left promiscuous mode [ 112.021130][ T3708] device veth0_vlan left promiscuous mode [ 112.236239][ T3991] loop4: detected capacity change from 0 to 2048 [ 112.333364][ T3991] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 112.842700][ T3995] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 115.101722][ T26] audit: type=1804 audit(1726861286.989:83): pid=3996 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.64" name="/newroot/9/file1/bus" dev="loop4" ino=1368 res=1 errno=0 [ 115.310452][ T3708] team0 (unregistering): Port device team_slave_1 removed [ 115.334370][ T3708] team0 (unregistering): Port device team_slave_0 removed [ 115.364905][ T3708] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 115.396309][ T3708] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 115.560735][ T3999] loop1: detected capacity change from 0 to 128 [ 115.575207][ T3708] bond0 (unregistering): Released all slaves [ 116.772984][ T4004] loop4: detected capacity change from 0 to 512 [ 116.886662][ T4004] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 117.007081][ T3826] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 117.068680][ T4004] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1061: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 117.091793][ T3826] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 117.113917][ T4004] EXT4-fs (loop4): 1 truncate cleaned up [ 117.136516][ T4004] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 117.152255][ T3826] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 117.579770][ T3826] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 118.157151][ T4022] loop2: detected capacity change from 0 to 128 [ 119.065296][ T3826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 119.202454][ T3791] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 119.274853][ T3791] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 119.316939][ T4038] netlink: 4 bytes leftover after parsing attributes in process `syz.1.70'. [ 119.348375][ T4038] device bridge_slave_1 left promiscuous mode [ 119.385036][ T4038] bridge0: port 2(bridge_slave_1) entered disabled state [ 119.458747][ T4038] device bridge_slave_0 left promiscuous mode [ 119.498879][ T4038] bridge0: port 1(bridge_slave_0) entered disabled state [ 119.762278][ T3826] 8021q: adding VLAN 0 to HW filter on device team0 [ 119.794068][ T4045] netlink: 4 bytes leftover after parsing attributes in process `syz.2.71'. [ 119.822779][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 119.857694][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 119.894203][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.901480][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 119.956848][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 120.018078][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 120.059395][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 120.093069][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.100405][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 120.191898][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 120.257020][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 120.312252][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 120.390560][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 120.465103][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 120.478759][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 120.566247][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 120.640371][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 120.696843][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 120.724835][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 120.776551][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 120.811755][ T3826] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 121.085206][ T4071] loop2: detected capacity change from 0 to 2048 [ 121.237681][ T4071] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 121.292999][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 121.337412][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 121.571928][ T3826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 121.715427][ T26] audit: type=1804 audit(1726861295.639:84): pid=4083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.72" name="/newroot/18/file1/bus" dev="loop2" ino=1368 res=1 errno=0 [ 122.437971][ T1363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 122.450192][ T1363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 122.647154][ T3826] device veth0_vlan entered promiscuous mode [ 122.659576][ T3655] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 122.891760][ T3655] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 122.969572][ T3826] device veth1_vlan entered promiscuous mode [ 123.016908][ T3655] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 123.104435][ T3655] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 123.173905][ T3655] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 123.323506][ T4096] loop2: detected capacity change from 0 to 2048 [ 123.335744][ T4092] loop3: detected capacity change from 0 to 4096 [ 123.347791][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 123.362332][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 123.420338][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 123.482286][ T3826] device veth0_macvtap entered promiscuous mode [ 123.509335][ T4092] ntfs: volume version 3.1. [ 123.515968][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 123.524466][ T4096] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 123.550221][ T3826] device veth1_macvtap entered promiscuous mode [ 123.998635][ T4102] loop4: detected capacity change from 0 to 512 [ 124.157446][ T3826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 124.173504][ T3826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.207987][ T26] audit: type=1804 audit(1726861298.169:85): pid=4111 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.76" name="/newroot/19/file1/bus" dev="loop2" ino=1367 res=1 errno=0 [ 124.242197][ T3826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 124.262112][ T3826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.273269][ T3826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 124.286635][ T3826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.297779][ T3826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 124.308972][ T3826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.342385][ T3826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 124.356392][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 124.392450][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 124.423567][ T4102] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 124.439733][ T3826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 124.480856][ T3826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.496909][ T4102] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.77: invalid indirect mapped block 4294967295 (level 1) [ 124.531553][ T4102] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.77: invalid indirect mapped block 4294967295 (level 1) [ 124.531719][ T3826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 124.560140][ T4102] EXT4-fs (loop4): 2 truncates cleaned up [ 124.572324][ T4102] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,init_itable=0x0000000000000006,dioread_nolock,,errors=continue. Quota mode: writeback. [ 124.573571][ T3826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.621748][ T3826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 124.636636][ T3709] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 124.644826][ T3826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.671833][ T3826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 124.709093][ T3826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.728092][ T3826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 124.755883][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 124.782853][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 124.804409][ T3826] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.846216][ T3826] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.924863][ T3826] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.936438][ T3709] usb 2-1: Using ep0 maxpacket: 32 [ 124.945134][ T3826] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.056690][ T3709] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 125.083316][ T3709] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.127272][ T3709] usb 2-1: config 0 descriptor?? [ 125.204874][ T3709] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 125.283257][ T3791] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.301766][ T3791] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.358616][ T3655] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 125.359466][ T4122] loop4: detected capacity change from 0 to 128 [ 125.389757][ T3655] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.429552][ T3655] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.448027][ T3791] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 127.744804][ T4126] loop0: detected capacity change from 0 to 2048 [ 127.791002][ T3644] usb 2-1: USB disconnect, device number 5 [ 127.863471][ T4126] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 128.079686][ T4134] loop1: detected capacity change from 0 to 4096 [ 128.089256][ T4132] loop2: detected capacity change from 0 to 2048 [ 128.241097][ T4136] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 128.426980][ T26] audit: type=1804 audit(1726861302.229:86): pid=4136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.35" name="/newroot/0/file1/bus" dev="loop0" ino=1368 res=1 errno=0 [ 129.035584][ T4132] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 129.081029][ T4134] ntfs: volume version 3.1. [ 129.323383][ T4144] netlink: 4 bytes leftover after parsing attributes in process `syz.3.82'. [ 129.393315][ T4146] netlink: 4 bytes leftover after parsing attributes in process `syz.4.83'. [ 129.757827][ T26] audit: type=1804 audit(1726861303.519:87): pid=4147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.91" name="/newroot/21/file1/bus" dev="loop2" ino=1368 res=1 errno=0 [ 130.188189][ T4146] device bridge_slave_1 left promiscuous mode [ 130.199042][ T4146] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.449443][ T4146] device bridge_slave_0 left promiscuous mode [ 130.472515][ T4146] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.696884][ T4152] loop0: detected capacity change from 0 to 512 [ 131.310315][ T4152] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 131.369855][ T4152] EXT4-fs (loop0): 1 orphan inode deleted [ 131.375711][ T4152] EXT4-fs (loop0): 1 truncate cleaned up [ 131.382378][ T4152] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback. [ 131.466725][ T4156] loop2: detected capacity change from 0 to 2048 [ 131.517678][ T4156] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 132.214952][ T4160] loop1: detected capacity change from 0 to 40427 [ 132.433999][ T4161] loop0: detected capacity change from 0 to 4096 [ 132.760628][ T4160] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 132.769157][ T4160] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 132.769223][ T1395] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.783667][ T1395] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.958709][ T4160] F2FS-fs (loop1): Found nat_bits in checkpoint [ 133.106797][ T4161] ntfs: volume version 3.1. [ 133.113210][ T4160] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 133.121065][ T4160] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 133.159455][ T4172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.88'. [ 133.547673][ T4175] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 133.765992][ T3567] attempt to access beyond end of device [ 133.765992][ T3567] loop1: rw=2051, want=53248, limit=40427 [ 133.807756][ T3567] F2FS-fs (loop1): Issue discard(6144, 6144, 512) failed, ret: -5 [ 133.846281][ T4180] kvm: emulating exchange as write [ 134.389589][ T4183] loop3: detected capacity change from 0 to 40427 [ 134.431704][ T4183] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 134.439561][ T4183] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 134.542674][ T4183] F2FS-fs (loop3): Found nat_bits in checkpoint [ 134.605124][ T4183] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 134.612323][ T4183] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 134.636312][ T4193] loop4: detected capacity change from 0 to 512 [ 134.891111][ T4193] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 134.901996][ T4193] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 134.916523][ T4193] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 134.935310][ T4193] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 134.978941][ T4193] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c04ce11c, mo2=0000] [ 134.988560][ T4193] EXT4-fs error (device loop4): ext4_init_orphan_info:586: comm syz.4.94: inode #0: comm syz.4.94: iget: illegal inode # [ 135.017745][ T4193] EXT4-fs (loop4): get orphan inode failed [ 135.026933][ T3709] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 135.043596][ T4193] EXT4-fs (loop4): mount failed [ 135.496778][ T3709] usb 2-1: Using ep0 maxpacket: 32 [ 135.717413][ T3709] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 135.805991][ T3709] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.205388][ T3709] usb 2-1: config 0 descriptor?? [ 136.253149][ T4204] loop4: detected capacity change from 0 to 2048 [ 136.282157][ T3709] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 136.425617][ T4204] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 136.499814][ T4213] loop3: detected capacity change from 0 to 128 [ 136.528028][ T4215] netlink: 4 bytes leftover after parsing attributes in process `syz.2.99'. [ 136.982470][ T26] audit: type=1804 audit(1726861310.769:88): pid=4218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.97" name="/newroot/17/file1/bus" dev="loop4" ino=1368 res=1 errno=0 [ 137.895883][ T3709] gspca_nw80x: reg_r err -110 [ 138.185564][ T3709] nw80x: probe of 2-1:0.0 failed with error -110 [ 138.211224][ T4185] xt_CT: You must specify a L4 protocol and not use inversions on it [ 138.236604][ T13] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 138.354429][ T3709] usb 2-1: USB disconnect, device number 6 [ 138.777538][ T13] usb 1-1: Using ep0 maxpacket: 32 [ 138.906756][ T13] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 138.930578][ T13] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.971807][ T13] usb 1-1: config 0 descriptor?? [ 139.021720][ T13] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 139.053215][ T4225] loop1: detected capacity change from 0 to 2048 [ 139.165274][ T4225] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 139.749087][ T26] audit: type=1804 audit(1726861313.539:89): pid=4234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.101" name="/newroot/23/file1/bus" dev="loop1" ino=1368 res=1 errno=0 [ 140.340562][ T4208] xt_CT: You must specify a L4 protocol and not use inversions on it [ 140.342456][ T3576] usb 1-1: USB disconnect, device number 3 [ 140.437527][ T4239] netlink: 4 bytes leftover after parsing attributes in process `syz.2.103'. [ 140.801592][ T4244] loop3: detected capacity change from 0 to 1024 [ 141.760187][ T4248] loop0: detected capacity change from 0 to 2048 [ 141.986154][ T4248] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 142.094170][ T4247] loop1: detected capacity change from 0 to 4096 [ 142.170378][ T4250] loop4: detected capacity change from 0 to 40427 [ 142.292382][ T4250] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 142.300341][ T4250] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 142.342989][ T4252] loop3: detected capacity change from 0 to 512 [ 142.395211][ T4247] ntfs: volume version 3.1. [ 142.407994][ T4250] F2FS-fs (loop4): Found nat_bits in checkpoint [ 142.666934][ T26] audit: type=1804 audit(1726861316.479:90): pid=4257 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.117" name="/newroot/5/file1/bus" dev="loop0" ino=1368 res=1 errno=0 [ 143.049625][ T4252] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 143.137421][ T4250] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 143.144606][ T4250] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 143.196497][ T4252] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 143.213398][ T4252] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 143.245761][ T4252] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 143.458102][ T4252] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c04ce11c, mo2=0000] [ 143.529922][ T4252] EXT4-fs error (device loop3): ext4_init_orphan_info:586: comm syz.3.108: inode #0: comm syz.3.108: iget: illegal inode # [ 143.593852][ T4252] EXT4-fs (loop3): get orphan inode failed [ 143.629315][ T4252] EXT4-fs (loop3): mount failed [ 143.895762][ T3575] attempt to access beyond end of device [ 143.895762][ T3575] loop4: rw=2051, want=53248, limit=40427 [ 143.929402][ T3575] F2FS-fs (loop4): Issue discard(6144, 6144, 512) failed, ret: -5 [ 143.930391][ T4263] netlink: 4 bytes leftover after parsing attributes in process `syz.0.109'. [ 143.979491][ T4263] device bridge_slave_1 left promiscuous mode [ 143.993017][ T4263] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.087658][ T4263] device bridge_slave_0 left promiscuous mode [ 144.103643][ T4267] loop2: detected capacity change from 0 to 2048 [ 144.110360][ T4263] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.129246][ T4265] loop3: detected capacity change from 0 to 4096 [ 144.235154][ T4267] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 144.282961][ T4265] ntfs: volume version 3.1. [ 144.743028][ T26] audit: type=1804 audit(1726861318.659:91): pid=4269 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.112" name="/newroot/26/file1/bus" dev="loop2" ino=1368 res=1 errno=0 [ 145.617272][ T4274] netlink: 4 bytes leftover after parsing attributes in process `syz.4.110'. [ 146.308171][ T4279] loop1: detected capacity change from 0 to 40427 [ 146.352461][ T23] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 146.428296][ T4279] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 146.438840][ T4279] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 146.440811][ T4286] netlink: 4 bytes leftover after parsing attributes in process `syz.0.115'. [ 146.511990][ T4279] F2FS-fs (loop1): Found nat_bits in checkpoint [ 146.618035][ T23] usb 3-1: Using ep0 maxpacket: 32 [ 146.625000][ T4279] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 146.632460][ T4279] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 146.953695][ T23] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 146.966620][ T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.128185][ T23] usb 3-1: config 0 descriptor?? [ 147.178737][ T23] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 147.192469][ T4295] loop4: detected capacity change from 0 to 2048 [ 147.219231][ T4295] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 147.940239][ T3567] attempt to access beyond end of device [ 147.940239][ T3567] loop1: rw=2051, want=53248, limit=40427 [ 147.960288][ T3567] F2FS-fs (loop1): Issue discard(6144, 6144, 512) failed, ret: -5 [ 148.187642][ T26] audit: type=1804 audit(1726861322.059:92): pid=4295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.116" name="/newroot/23/file1/bus" dev="loop4" ino=1368 res=1 errno=0 [ 148.389403][ T4280] xt_CT: You must specify a L4 protocol and not use inversions on it [ 148.461594][ T4301] loop3: detected capacity change from 0 to 2048 [ 148.599907][ T4301] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 149.106569][ T26] audit: type=1804 audit(1726861322.929:93): pid=4305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.118" name="/newroot/25/file1/bus" dev="loop3" ino=1368 res=1 errno=0 [ 149.199803][ T23] usb 3-1: USB disconnect, device number 5 [ 149.789646][ T4309] loop0: detected capacity change from 0 to 512 [ 149.863317][ T4314] loop4: detected capacity change from 0 to 2048 [ 149.885606][ T4309] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 149.921775][ T4309] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 149.959419][ T4314] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 150.006594][ T4309] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 150.048332][ T4309] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 150.336455][ T4309] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c04ce11c, mo2=0000] [ 150.341798][ T4318] loop2: detected capacity change from 0 to 40427 [ 150.567165][ T26] audit: type=1804 audit(1726861324.379:94): pid=4321 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.121" name="/newroot/24/file1/bus" dev="loop4" ino=1368 res=1 errno=0 [ 150.925441][ T4309] EXT4-fs error (device loop0): ext4_init_orphan_info:586: comm syz.0.122: inode #0: comm syz.0.122: iget: illegal inode # [ 151.162641][ T4309] EXT4-fs (loop0): get orphan inode failed [ 151.188193][ T4309] EXT4-fs (loop0): mount failed [ 151.207094][ T4318] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 151.214952][ T4318] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 151.289039][ T4318] F2FS-fs (loop2): Found nat_bits in checkpoint [ 151.314249][ T4323] loop3: detected capacity change from 0 to 4096 [ 151.340076][ T4318] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 151.348135][ T4318] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 151.396094][ T4323] ntfs: volume version 3.1. [ 151.482060][ T4329] loop1: detected capacity change from 0 to 2048 [ 151.663474][ T4329] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 152.007290][ T4334] loop0: detected capacity change from 0 to 1024 [ 154.313615][ T4340] loop4: detected capacity change from 0 to 4096 [ 154.365174][ T3566] attempt to access beyond end of device [ 154.365174][ T3566] loop2: rw=2051, want=53248, limit=40427 [ 154.432342][ T3566] F2FS-fs (loop2): Issue discard(6144, 6144, 512) failed, ret: -5 [ 154.557734][ T4340] ntfs: volume version 3.1. [ 154.595507][ T4348] netlink: 4 bytes leftover after parsing attributes in process `syz.1.128'. [ 154.905279][ T4349] loop0: detected capacity change from 0 to 4096 [ 155.013686][ T4355] netlink: 4 bytes leftover after parsing attributes in process `syz.3.131'. [ 155.084044][ T4349] ntfs: volume version 3.1. [ 155.363705][ T4361] netlink: 4 bytes leftover after parsing attributes in process `syz.2.132'. [ 156.373991][ T4366] loop1: detected capacity change from 0 to 40427 [ 156.577873][ T4366] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 156.585730][ T4366] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 156.657628][ T4366] F2FS-fs (loop1): Found nat_bits in checkpoint [ 156.716296][ T4366] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 156.723563][ T4366] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 158.034888][ T13] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 158.453104][ T3567] attempt to access beyond end of device [ 158.453104][ T3567] loop1: rw=2051, want=53248, limit=40427 [ 158.463581][ T4383] loop4: detected capacity change from 0 to 2048 [ 158.467234][ T3567] F2FS-fs (loop1): Issue discard(6144, 6144, 512) failed, ret: -5 [ 158.476488][ T13] usb 4-1: Using ep0 maxpacket: 32 [ 158.626729][ T13] usb 4-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 158.652697][ T13] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.665366][ T13] usb 4-1: config 0 descriptor?? [ 158.708802][ T13] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 158.869349][ T4383] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 159.578718][ T4375] xt_CT: You must specify a L4 protocol and not use inversions on it [ 159.611394][ T4390] loop0: detected capacity change from 0 to 2048 [ 159.850461][ T26] audit: type=1804 audit(1726861333.659:95): pid=4392 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.137" name="/newroot/26/file1/bus" dev="loop4" ino=1368 res=1 errno=0 [ 159.914780][ T3709] usb 4-1: USB disconnect, device number 4 [ 160.449485][ T4394] loop1: detected capacity change from 0 to 2048 [ 160.484227][ T4390] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 160.503245][ T4394] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 161.794789][ T4410] netlink: 4 bytes leftover after parsing attributes in process `syz.3.144'. [ 161.991173][ T4412] loop0: detected capacity change from 0 to 2048 [ 162.086221][ T4412] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 162.211824][ T4421] loop4: detected capacity change from 0 to 1024 [ 162.852799][ T4420] loop1: detected capacity change from 0 to 2048 [ 163.111959][ T4420] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 163.345770][ T26] audit: type=1804 audit(1726861337.159:96): pid=4425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.146" name="/newroot/13/file1/bus" dev="loop0" ino=1368 res=1 errno=0 [ 164.264380][ T4429] loop2: detected capacity change from 0 to 2048 [ 164.368105][ T26] audit: type=1804 audit(1726861338.309:97): pid=4433 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.158" name="/newroot/35/file1/bus" dev="loop1" ino=1367 res=1 errno=0 [ 164.569819][ T4429] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 165.515791][ T26] audit: type=1804 audit(1726861339.329:98): pid=4440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.150" name="/newroot/33/file1/bus" dev="loop2" ino=1368 res=1 errno=0 [ 166.215038][ T4441] netlink: 4 bytes leftover after parsing attributes in process `syz.0.162'. [ 166.330336][ T4444] loop4: detected capacity change from 0 to 2048 [ 166.484927][ T4444] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 166.741877][ T4452] netlink: 4 bytes leftover after parsing attributes in process `syz.1.151'. [ 166.768801][ T4450] loop3: detected capacity change from 0 to 40427 [ 167.018827][ T26] audit: type=1804 audit(1726861340.829:99): pid=4455 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.152" name="/newroot/29/file1/bus" dev="loop4" ino=1368 res=1 errno=0 [ 167.060687][ T4450] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 167.068852][ T4450] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 167.418271][ T4450] F2FS-fs (loop3): Found nat_bits in checkpoint [ 167.610550][ T4450] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 167.617820][ T4450] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 168.022304][ T4461] loop2: detected capacity change from 0 to 2048 [ 168.189466][ T4461] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 168.446063][ T4465] loop4: detected capacity change from 0 to 2048 [ 168.971625][ T4472] netlink: 4 bytes leftover after parsing attributes in process `syz.0.157'. [ 168.986918][ T26] audit: type=1804 audit(1726861342.749:100): pid=4471 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.154" name="/newroot/34/file1/bus" dev="loop2" ino=1368 res=1 errno=0 [ 169.025347][ T4465] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 170.066638][ T26] audit: type=1804 audit(1726861343.839:101): pid=4475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.155" name="/newroot/30/file1/bus" dev="loop4" ino=1368 res=1 errno=0 [ 170.762761][ T4479] loop3: detected capacity change from 0 to 2048 [ 170.793936][ T4482] loop2: detected capacity change from 0 to 512 [ 170.841316][ T4479] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 171.181664][ T4482] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 171.474462][ T4482] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038 (0x7fffffff) [ 172.032049][ T26] audit: type=1804 audit(1726861345.239:102): pid=4487 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.156" name="/newroot/33/file1/bus" dev="loop3" ino=1368 res=1 errno=0 [ 172.082898][ T4482] Zero length message leads to an empty skb [ 172.150680][ T4489] loop4: detected capacity change from 0 to 2048 [ 172.579237][ T4493] loop1: detected capacity change from 0 to 1024 [ 173.168765][ T4489] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 173.595320][ T26] audit: type=1804 audit(1726861347.539:103): pid=4499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.163" name="/newroot/31/file1/bus" dev="loop4" ino=1367 res=1 errno=0 [ 174.018972][ T4497] loop3: detected capacity change from 0 to 2048 [ 174.594920][ T4503] loop0: detected capacity change from 0 to 40427 [ 174.632282][ T4503] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 174.636222][ T4497] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 174.640261][ T4503] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 174.716053][ T4503] F2FS-fs (loop0): Found nat_bits in checkpoint [ 174.986044][ T4503] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 174.993262][ T4503] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 176.396553][ T4514] process 'syz.4.167' launched '/dev/fd/-1/./file0' with NULL argv: empty string added [ 177.497438][ T4519] loop1: detected capacity change from 0 to 40427 [ 177.799509][ T4519] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 177.807390][ T4519] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 177.884545][ T4521] loop3: detected capacity change from 0 to 2048 [ 177.936491][ T4519] F2FS-fs (loop1): Found nat_bits in checkpoint [ 178.091823][ T4519] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 178.099405][ T4519] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 178.115330][ T4521] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 178.138175][ T3826] attempt to access beyond end of device [ 178.138175][ T3826] loop0: rw=2051, want=53248, limit=40427 [ 178.597105][ T3826] F2FS-fs (loop0): Issue discard(6144, 6144, 512) failed, ret: -5 [ 179.104478][ T26] audit: type=1804 audit(1726861352.919:104): pid=4538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.178" name="/newroot/35/file1/bus" dev="loop3" ino=1368 res=1 errno=0 [ 180.926573][ T3611] Bluetooth: hci4: command 0x0406 tx timeout [ 180.932827][ T3611] Bluetooth: hci3: command 0x0406 tx timeout [ 180.991083][ T23] Bluetooth: hci0: command 0x0406 tx timeout [ 181.007889][ T4546] loop3: detected capacity change from 0 to 2048 [ 181.017612][ T3611] Bluetooth: hci1: command 0x0406 tx timeout [ 181.132128][ T4546] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 181.158010][ T4548] loop2: detected capacity change from 0 to 2048 [ 181.397620][ T4548] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 183.447735][ T26] audit: type=1804 audit(1726861355.639:105): pid=4558 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.175" name="/newroot/36/file1/bus" dev="loop3" ino=1368 res=1 errno=0 [ 183.704750][ T26] audit: type=1804 audit(1726861356.149:106): pid=4560 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.176" name="/newroot/36/file1/bus" dev="loop2" ino=1368 res=1 errno=0 [ 183.945281][ T4567] netlink: 4 bytes leftover after parsing attributes in process `syz.4.179'. [ 183.984264][ T4565] loop1: detected capacity change from 0 to 2048 [ 183.990885][ T23] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 184.012508][ T4566] loop3: detected capacity change from 0 to 2048 [ 184.060756][ T4569] loop2: detected capacity change from 0 to 2048 [ 184.103659][ T4565] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 184.123367][ T4566] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 184.153614][ T4569] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 185.286925][ T26] audit: type=1804 audit(1726861358.579:107): pid=4576 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.180" name="/newroot/37/file1/bus" dev="loop2" ino=1368 res=1 errno=0 [ 185.819372][ T26] audit: type=1804 audit(1726861359.619:108): pid=4588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.181" name="/newroot/37/file1/bus" dev="loop3" ino=1368 res=1 errno=0 [ 186.895998][ T4596] loop0: detected capacity change from 0 to 40427 [ 186.956687][ T4596] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 186.964615][ T4596] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 186.987636][ T4596] F2FS-fs (loop0): Found nat_bits in checkpoint [ 187.035996][ T4596] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 187.043201][ T4596] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 187.634707][ T4607] loop3: detected capacity change from 0 to 2048 [ 187.728075][ T4607] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 187.784520][ T4584] loop1: detected capacity change from 0 to 40427 [ 189.846598][ T26] audit: type=1804 audit(1726861363.799:109): pid=4614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.189" name="/newroot/38/file1/bus" dev="loop3" ino=1368 res=1 errno=0 [ 190.196878][ T4618] loop4: detected capacity change from 0 to 40427 [ 190.286957][ T4618] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 190.294736][ T4618] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 190.500155][ T4618] F2FS-fs (loop4): Found nat_bits in checkpoint [ 190.845373][ T4626] loop1: detected capacity change from 0 to 2048 [ 191.329762][ T4626] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 191.454081][ T4618] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 191.461696][ T4618] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 191.479209][ T4630] loop0: detected capacity change from 0 to 2048 [ 192.016753][ T26] audit: type=1804 audit(1726861365.929:110): pid=4634 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.192" name="/newroot/43/file1/bus" dev="loop1" ino=1368 res=1 errno=0 [ 192.391975][ T4630] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 193.121636][ T26] audit: type=1804 audit(1726861367.029:111): pid=4641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.187" name="/newroot/21/file1/bus" dev="loop0" ino=1368 res=1 errno=0 [ 194.212878][ T1395] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.219290][ T1395] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.305892][ T4653] netlink: 4 bytes leftover after parsing attributes in process `syz.1.208'. [ 194.439138][ T4646] loop2: detected capacity change from 0 to 2048 [ 194.445806][ T4650] loop3: detected capacity change from 0 to 2048 [ 195.291292][ T4650] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 195.302170][ T4646] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 195.409916][ T4658] loop4: detected capacity change from 0 to 2048 [ 195.651308][ T4658] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 196.271750][ T26] audit: type=1804 audit(1726861369.819:112): pid=4664 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.199" name="/newroot/40/file1/bus" dev="loop3" ino=1367 res=1 errno=0 [ 196.763863][ T26] audit: type=1804 audit(1726861370.209:113): pid=4661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.197" name="/newroot/43/file1/bus" dev="loop2" ino=1368 res=1 errno=0 [ 197.043270][ T26] audit: type=1804 audit(1726861370.979:114): pid=4669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.195" name="/newroot/41/file1/bus" dev="loop4" ino=1368 res=1 errno=0 [ 197.911007][ T4674] loop0: detected capacity change from 0 to 128 [ 197.924770][ T4672] loop3: detected capacity change from 0 to 2048 [ 198.024637][ T4672] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 198.363301][ T4674] EXT4-fs (loop0): Test dummy encryption mode enabled [ 198.381254][ T4674] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: none. [ 198.400466][ T4674] ext4 filesystem being mounted at /25/mnt supports timestamps until 2038 (0x7fffffff) [ 199.669134][ T4691] loop4: detected capacity change from 0 to 2048 [ 199.747849][ T4674] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 200.288806][ T4691] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 201.217542][ T26] audit: type=1804 audit(1726861374.749:115): pid=4707 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.207" name="/newroot/43/file1/bus" dev="loop4" ino=1368 res=1 errno=0 [ 201.576896][ T4710] netlink: 4 bytes leftover after parsing attributes in process `syz.3.209'. [ 201.648646][ T4712] loop0: detected capacity change from 0 to 2048 [ 201.779213][ T4712] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 204.635816][ T4741] loop1: detected capacity change from 0 to 2048 [ 204.777535][ T4741] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 205.254231][ T26] audit: type=1804 audit(1726861379.169:116): pid=4752 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.219" name="/newroot/46/file1/bus" dev="loop1" ino=1368 res=1 errno=0 [ 205.923036][ T4755] loop3: detected capacity change from 0 to 128 [ 206.132362][ T4755] EXT4-fs (loop3): Test dummy encryption mode enabled [ 206.185732][ T4755] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: none. [ 206.216773][ T4755] ext4 filesystem being mounted at /43/mnt supports timestamps until 2038 (0x7fffffff) [ 206.426873][ T4763] netlink: 4 bytes leftover after parsing attributes in process `syz.2.224'. [ 209.377813][ T4782] netlink: 4 bytes leftover after parsing attributes in process `syz.1.228'. [ 211.019192][ T4777] loop4: detected capacity change from 0 to 40427 [ 211.093105][ T4777] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 211.103821][ T4777] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 211.209607][ T4777] F2FS-fs (loop4): Found nat_bits in checkpoint [ 211.550641][ T4777] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 211.589362][ T4777] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 211.949203][ T4818] loop3: detected capacity change from 0 to 512 [ 212.014393][ T4818] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 212.023667][ T4818] EXT4-fs (loop3): orphan cleanup on readonly fs [ 212.033210][ T4818] EXT4-fs warning (device loop3): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 212.048030][ T4818] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 212.058549][ T4818] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.236: bg 0: block 40: padding at end of block bitmap is not set [ 212.078030][ T4818] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6185: Corrupt filesystem [ 212.090494][ T4818] EXT4-fs (loop3): 1 truncate cleaned up [ 212.096155][ T4818] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 212.557674][ T4829] loop0: detected capacity change from 0 to 2048 [ 212.850510][ T4829] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 213.450570][ T4833] loop1: detected capacity change from 0 to 128 [ 213.786981][ T26] audit: type=1804 audit(1726861387.569:117): pid=4840 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.240" name="/newroot/29/file1/bus" dev="loop0" ino=1368 res=1 errno=0 [ 214.091411][ T4833] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 214.204198][ T4833] ext4 filesystem being mounted at /51/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 214.580905][ T4850] loop4: detected capacity change from 0 to 2048 [ 214.604091][ T4847] loop2: detected capacity change from 0 to 2048 [ 214.687289][ T4847] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 214.698137][ T4850] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 215.864300][ T26] audit: type=1804 audit(1726861389.769:118): pid=4847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.243" name="/newroot/54/file1/bus" dev="loop2" ino=1368 res=1 errno=0 [ 216.821178][ T4868] loop3: detected capacity change from 0 to 128 [ 216.916775][ T26] audit: type=1804 audit(1726861389.789:119): pid=4860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.239" name="/newroot/49/file1/bus" dev="loop4" ino=1368 res=1 errno=0 [ 217.099202][ T3709] Bluetooth: hci5: command 0x0406 tx timeout [ 217.207032][ T4868] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 217.240232][ T4868] ext4 filesystem being mounted at /51/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 217.395844][ T4874] loop4: detected capacity change from 0 to 512 [ 217.514271][ T4874] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 217.523455][ T4874] EXT4-fs (loop4): orphan cleanup on readonly fs [ 217.530360][ T4874] EXT4-fs warning (device loop4): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 217.544971][ T4874] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 217.552417][ T4874] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.249: bg 0: block 40: padding at end of block bitmap is not set [ 217.582417][ T4874] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6185: Corrupt filesystem [ 217.592317][ T4874] EXT4-fs (loop4): 1 truncate cleaned up [ 217.598556][ T4874] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 218.260577][ T4889] loop1: detected capacity change from 0 to 128 [ 218.583965][ T4871] loop0: detected capacity change from 0 to 40427 [ 218.823828][ T4889] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 218.885552][ T4889] ext4 filesystem being mounted at /53/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 218.934598][ T4871] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 218.946649][ T4871] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 219.109914][ T4901] loop4: detected capacity change from 0 to 512 [ 219.126011][ T4871] F2FS-fs (loop0): Found nat_bits in checkpoint [ 219.220182][ T4901] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 219.240660][ T4901] EXT4-fs (loop4): orphan cleanup on readonly fs [ 219.273067][ T4901] EXT4-fs warning (device loop4): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 219.378346][ T4871] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 219.386460][ T4901] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 219.396764][ T4871] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 219.425266][ T4901] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.256: bg 0: block 40: padding at end of block bitmap is not set [ 219.491744][ T4901] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6185: Corrupt filesystem [ 219.565769][ T4901] EXT4-fs (loop4): 1 truncate cleaned up [ 219.596656][ T4901] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 221.300243][ T4926] loop0: detected capacity change from 0 to 2048 [ 221.412429][ T4926] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 221.485687][ T4935] netlink: 4 bytes leftover after parsing attributes in process `syz.1.262'. [ 221.586896][ T4936] netlink: 4 bytes leftover after parsing attributes in process `syz.3.263'. [ 222.386349][ T26] audit: type=1804 audit(1726861395.879:120): pid=4940 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.260" name="/newroot/33/file1/bus" dev="loop0" ino=1368 res=1 errno=0 [ 222.891357][ T4946] netlink: 4 bytes leftover after parsing attributes in process `syz.4.264'. [ 223.405625][ T4953] loop1: detected capacity change from 0 to 128 [ 223.558473][ T4953] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 223.581466][ T4953] ext4 filesystem being mounted at /57/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 223.635377][ T4956] netlink: 4 bytes leftover after parsing attributes in process `syz.2.266'. [ 224.727002][ T4971] netlink: 4 bytes leftover after parsing attributes in process `syz.3.269'. [ 225.365138][ T4980] loop4: detected capacity change from 0 to 2048 [ 225.510597][ T4980] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 226.869347][ T4994] netlink: 4 bytes leftover after parsing attributes in process `syz.2.274'. [ 227.065939][ T5001] loop1: detected capacity change from 0 to 2048 [ 227.175532][ T5001] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 229.309277][ T5018] netlink: 4 bytes leftover after parsing attributes in process `syz.0.280'. [ 231.141607][ T5039] loop4: detected capacity change from 0 to 512 [ 231.311434][ T5044] netlink: 4 bytes leftover after parsing attributes in process `syz.3.287'. [ 232.354430][ T5048] loop2: detected capacity change from 0 to 2048 [ 232.552429][ T5048] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 234.383094][ T5064] loop1: detected capacity change from 0 to 512 [ 236.008567][ T5094] netlink: 4 bytes leftover after parsing attributes in process `syz.0.299'. [ 236.126653][ T5099] netlink: 4 bytes leftover after parsing attributes in process `syz.1.301'. [ 236.181431][ T5102] loop3: detected capacity change from 0 to 128 [ 236.286928][ T5102] EXT4-fs (loop3): Test dummy encryption mode enabled [ 236.322710][ T5102] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: none. [ 236.335785][ T5102] ext4 filesystem being mounted at /62/mnt supports timestamps until 2038 (0x7fffffff) [ 237.552074][ T5113] loop4: detected capacity change from 0 to 512 [ 237.756621][ T5115] loop2: detected capacity change from 0 to 2048 [ 237.814343][ T5115] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 238.526534][ T26] audit: type=1804 audit(1726861412.199:121): pid=5119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.305" name="/newroot/62/file1/bus" dev="loop2" ino=1367 res=1 errno=0 [ 239.641627][ T5121] loop0: detected capacity change from 0 to 1024 [ 239.754388][ T5121] EXT4-fs (loop0): Test dummy encryption mode enabled [ 239.790427][ T5121] EXT4-fs (loop0): Ignoring removed orlov option [ 239.845753][ T5136] netlink: 4 bytes leftover after parsing attributes in process `syz.1.308'. [ 239.892661][ T5121] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,noauto_da_alloc,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,nodelalloc,data_err=abort,,errors=continue. Quota mode: writeback. [ 239.913427][ T5128] netlink: 4 bytes leftover after parsing attributes in process `syz.4.310'. [ 239.942946][ T5130] loop3: detected capacity change from 0 to 512 [ 242.193834][ T5150] loop3: detected capacity change from 0 to 1024 [ 242.352610][ T5150] EXT4-fs (loop3): Test dummy encryption mode enabled [ 242.366553][ T5150] EXT4-fs (loop3): Ignoring removed orlov option [ 242.476251][ T5150] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,noauto_da_alloc,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,nodelalloc,data_err=abort,,errors=continue. Quota mode: writeback. [ 243.892293][ T5162] loop3: detected capacity change from 0 to 128 [ 244.220576][ T5162] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 244.238213][ T5162] ext4 filesystem being mounted at /65/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 244.917526][ T5175] loop4: detected capacity change from 0 to 2048 [ 245.005563][ T5179] loop2: detected capacity change from 0 to 128 [ 245.242815][ T5179] EXT4-fs (loop2): Test dummy encryption mode enabled [ 245.254153][ T5175] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 245.385014][ T5179] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: none. [ 246.070050][ T5179] ext4 filesystem being mounted at /65/mnt supports timestamps until 2038 (0x7fffffff) [ 246.702154][ T5200] loop1: detected capacity change from 0 to 512 [ 246.849554][ T5200] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 246.903607][ T5200] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038 (0x7fffffff) [ 247.205977][ T26] audit: type=1804 audit(1726861421.159:122): pid=5175 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.316" name="/newroot/66/file1/bus" dev="loop4" ino=1367 res=1 errno=0 [ 247.622579][ T5214] netlink: 4 bytes leftover after parsing attributes in process `syz.2.327'. [ 247.881524][ T5220] loop4: detected capacity change from 0 to 512 [ 249.385812][ T5229] loop0: detected capacity change from 0 to 128 [ 249.740692][ T5229] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 249.901169][ T5229] ext4 filesystem being mounted at /49/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 250.898631][ T5251] loop0: detected capacity change from 0 to 512 [ 250.965569][ T5253] loop2: detected capacity change from 0 to 128 [ 251.111442][ T5253] EXT4-fs (loop2): Test dummy encryption mode enabled [ 251.231198][ T5253] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: none. [ 251.250412][ T5253] ext4 filesystem being mounted at /69/mnt supports timestamps until 2038 (0x7fffffff) [ 252.629674][ T5260] loop0: detected capacity change from 0 to 2048 [ 252.772581][ T5260] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 254.130490][ T5274] netlink: 4 bytes leftover after parsing attributes in process `syz.4.340'. [ 254.323061][ T5280] loop1: detected capacity change from 0 to 128 [ 254.644121][ T5280] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 254.681411][ T5280] ext4 filesystem being mounted at /72/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 254.722865][ T5291] loop0: detected capacity change from 0 to 512 [ 254.796599][ T5290] loop2: detected capacity change from 0 to 1024 [ 254.807349][ T5291] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 254.850238][ T5290] EXT4-fs (loop2): Test dummy encryption mode enabled [ 254.857453][ T5291] EXT4-fs (loop0): orphan cleanup on readonly fs [ 254.895434][ T5290] EXT4-fs (loop2): Ignoring removed orlov option [ 254.923742][ T5291] EXT4-fs warning (device loop0): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 254.995704][ T5290] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,noauto_da_alloc,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,nodelalloc,data_err=abort,,errors=continue. Quota mode: writeback. [ 255.042068][ T5291] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 255.083074][ T5291] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.346: bg 0: block 40: padding at end of block bitmap is not set [ 255.186976][ T5291] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6185: Corrupt filesystem [ 255.209310][ T5302] netlink: 4 bytes leftover after parsing attributes in process `syz.4.347'. [ 255.238765][ T5291] EXT4-fs (loop0): 1 truncate cleaned up [ 255.244593][ T5291] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 255.497739][ T5310] loop3: detected capacity change from 0 to 512 [ 256.271774][ T1395] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.278264][ T1395] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.294845][ T5305] netlink: 4 bytes leftover after parsing attributes in process `syz.1.349'. [ 256.394725][ T5314] loop0: detected capacity change from 0 to 512 [ 256.573390][ T5314] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 256.611099][ T5314] EXT4-fs (loop0): orphan cleanup on readonly fs [ 256.636189][ T5320] loop2: detected capacity change from 0 to 1024 [ 256.656908][ T5314] EXT4-fs warning (device loop0): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 256.686553][ T5314] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 256.853881][ T5320] EXT4-fs (loop2): Test dummy encryption mode enabled [ 257.162445][ T5314] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.360: bg 0: block 40: padding at end of block bitmap is not set [ 257.194082][ T5314] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6185: Corrupt filesystem [ 257.212413][ T5314] EXT4-fs (loop0): 1 truncate cleaned up [ 257.246513][ T5320] EXT4-fs (loop2): Ignoring removed orlov option [ 257.255599][ T5323] loop1: detected capacity change from 0 to 128 [ 257.280565][ T5320] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,noauto_da_alloc,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,nodelalloc,data_err=abort,,errors=continue. Quota mode: writeback. [ 257.325349][ T5314] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 257.697145][ T5323] EXT4-fs (loop1): Test dummy encryption mode enabled [ 257.721427][ T5323] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: none. [ 257.863830][ T5323] ext4 filesystem being mounted at /76/mnt supports timestamps until 2038 (0x7fffffff) [ 259.335706][ T5341] loop3: detected capacity change from 0 to 2048 [ 259.463496][ T5341] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 260.054899][ T26] audit: type=1804 audit(1726861434.009:123): pid=5345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.356" name="/newroot/72/file1/bus" dev="loop3" ino=1367 res=1 errno=0 [ 260.985547][ T5352] loop1: detected capacity change from 0 to 128 [ 261.093826][ T5357] loop3: detected capacity change from 0 to 128 [ 261.169498][ T5357] EXT4-fs (loop3): Test dummy encryption mode enabled [ 261.184786][ T5361] netlink: 4 bytes leftover after parsing attributes in process `syz.2.361'. [ 261.208652][ T5352] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 261.227642][ T5357] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: none. [ 261.256858][ T5357] ext4 filesystem being mounted at /73/mnt supports timestamps until 2038 (0x7fffffff) [ 261.267663][ T5352] ext4 filesystem being mounted at /77/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 261.299090][ C0] vkms_vblank_simulate: vblank timer overrun [ 262.180108][ T5368] loop4: detected capacity change from 0 to 1024 [ 262.471003][ T5368] EXT4-fs (loop4): Test dummy encryption mode enabled [ 262.510847][ T5368] EXT4-fs (loop4): Ignoring removed orlov option [ 262.646552][ T5368] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,noauto_da_alloc,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,nodelalloc,data_err=abort,,errors=continue. Quota mode: writeback. [ 264.719351][ T5387] loop1: detected capacity change from 0 to 512 [ 264.903996][ T5387] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 264.942496][ T5387] EXT4-fs (loop1): orphan cleanup on readonly fs [ 264.944743][ T5391] loop0: detected capacity change from 0 to 1024 [ 264.949601][ T5387] EXT4-fs warning (device loop1): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 264.970244][ T5387] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 264.978314][ T5387] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.366: bg 0: block 40: padding at end of block bitmap is not set [ 265.002191][ T5394] loop2: detected capacity change from 0 to 512 [ 265.032654][ T5391] EXT4-fs (loop0): Test dummy encryption mode enabled [ 265.039654][ T5391] EXT4-fs (loop0): Ignoring removed orlov option [ 265.046543][ T5387] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6185: Corrupt filesystem [ 265.088526][ T5391] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,noauto_da_alloc,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,nodelalloc,data_err=abort,,errors=continue. Quota mode: writeback. [ 265.115184][ T5387] EXT4-fs (loop1): 1 truncate cleaned up [ 265.196527][ T5387] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 266.388337][ T5401] loop3: detected capacity change from 0 to 2048 [ 266.431485][ T5407] loop2: detected capacity change from 0 to 512 [ 266.702449][ T5401] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 266.767196][ T5407] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 266.785752][ T5407] EXT4-fs (loop2): orphan cleanup on readonly fs [ 266.872820][ T5407] EXT4-fs warning (device loop2): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 266.963531][ T5407] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 266.968490][ T5412] loop0: detected capacity change from 0 to 128 [ 267.020659][ T5407] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.372: bg 0: block 40: padding at end of block bitmap is not set [ 267.306341][ T26] audit: type=1804 audit(1726861441.059:124): pid=5418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.371" name="/newroot/75/file1/bus" dev="loop3" ino=1367 res=1 errno=0 [ 267.671198][ T5412] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 267.699368][ T5407] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6185: Corrupt filesystem [ 267.726818][ T5412] ext4 filesystem being mounted at /59/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 267.761191][ T5407] EXT4-fs (loop2): 1 truncate cleaned up [ 267.770918][ T5407] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 267.821538][ T5419] netlink: 4 bytes leftover after parsing attributes in process `syz.1.375'. [ 268.078094][ T5425] loop4: detected capacity change from 0 to 128 [ 268.168314][ T5425] EXT4-fs (loop4): Test dummy encryption mode enabled [ 268.179290][ T5428] loop1: detected capacity change from 0 to 2048 [ 268.350154][ T5428] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 268.473736][ T5425] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: none. [ 269.946047][ T5425] ext4 filesystem being mounted at /74/mnt supports timestamps until 2038 (0x7fffffff) [ 272.333529][ T3614] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 272.852424][ T5459] loop1: detected capacity change from 0 to 512 [ 273.046695][ T3614] usb 1-1: Using ep0 maxpacket: 8 [ 273.571484][ T5459] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 273.617462][ T3614] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 273.625415][ T3614] usb 1-1: can't read configurations, error -71 [ 273.841126][ T5459] EXT4-fs (loop1): orphan cleanup on readonly fs [ 274.017987][ T5459] EXT4-fs warning (device loop1): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 274.167613][ T5459] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 274.187896][ T5459] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.384: bg 0: block 40: padding at end of block bitmap is not set [ 274.350214][ T5459] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6185: Corrupt filesystem [ 274.389407][ T5459] EXT4-fs (loop1): 1 truncate cleaned up [ 274.418247][ T5459] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 275.992446][ T5495] loop2: detected capacity change from 0 to 128 [ 276.006515][ T5491] loop4: detected capacity change from 0 to 1024 [ 276.105110][ T5498] loop0: detected capacity change from 0 to 2048 [ 276.121508][ T5491] EXT4-fs (loop4): Test dummy encryption mode enabled [ 276.143488][ T5491] EXT4-fs (loop4): Ignoring removed orlov option [ 276.151336][ T5495] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 276.174118][ T5495] ext4 filesystem being mounted at /80/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 276.223196][ T5491] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,noauto_da_alloc,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,nodelalloc,data_err=abort,,errors=continue. Quota mode: writeback. [ 276.307220][ T5498] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 276.332676][ T26] audit: type=1326 audit(1726861450.289:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5502 comm="syz.1.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7068caef9 code=0x7ffc0000 [ 276.476488][ T26] audit: type=1326 audit(1726861450.329:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5502 comm="syz.1.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7068caef9 code=0x7ffc0000 [ 277.660924][ T26] audit: type=1804 audit(1726861451.619:127): pid=5511 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.392" name="/newroot/63/file1/bus" dev="loop0" ino=1367 res=1 errno=0 [ 277.692391][ T5513] fuse: Bad value for 'fd' [ 277.713016][ T5510] fscrypt (loop4): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 278.445950][ T5539] loop2: detected capacity change from 0 to 256 [ 278.598084][ T5539] FAT-fs (loop2): Directory bread(block 64) failed [ 278.632572][ T5539] FAT-fs (loop2): Directory bread(block 65) failed [ 278.632721][ T5539] FAT-fs (loop2): Directory bread(block 66) failed [ 278.632758][ T5539] FAT-fs (loop2): Directory bread(block 67) failed [ 278.632831][ T5539] FAT-fs (loop2): Directory bread(block 68) failed [ 278.632865][ T5539] FAT-fs (loop2): Directory bread(block 69) failed [ 278.632934][ T5539] FAT-fs (loop2): Directory bread(block 70) failed [ 278.632966][ T5539] FAT-fs (loop2): Directory bread(block 71) failed [ 278.633041][ T5539] FAT-fs (loop2): Directory bread(block 72) failed [ 278.633093][ T5539] FAT-fs (loop2): Directory bread(block 73) failed [ 278.905418][ T5557] loop3: detected capacity change from 0 to 2048 [ 279.298612][ T5578] loop4: detected capacity change from 0 to 64 [ 279.341600][ T5581] loop0: detected capacity change from 0 to 164 [ 279.383462][ T26] audit: type=1107 audit(1726861453.339:128): pid=5584 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 279.470396][ T5589] netlink: 16 bytes leftover after parsing attributes in process `syz.3.425'. [ 279.543194][ T5593] capability: warning: `syz.1.427' uses deprecated v2 capabilities in a way that may be insecure [ 279.833500][ T26] audit: type=1326 audit(1726861453.789:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5614 comm="syz.1.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7068caef9 code=0x7ffc0000 [ 279.869872][ T5613] 8021q: adding VLAN 0 to HW filter on device bond1 [ 279.909219][ T5612] loop4: detected capacity change from 0 to 4096 [ 279.916028][ T26] audit: type=1326 audit(1726861453.789:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5614 comm="syz.1.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7fa7068caef9 code=0x7ffc0000 [ 279.932937][ T5613] bond0: (slave bond1): Enslaving as an active interface with an up link [ 279.938247][ C1] vkms_vblank_simulate: vblank timer overrun [ 279.939242][ T26] audit: type=1326 audit(1726861453.789:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5614 comm="syz.1.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7068caef9 code=0x7ffc0000 [ 279.974981][ C1] vkms_vblank_simulate: vblank timer overrun [ 280.005868][ T5612] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 280.062900][ T3576] usb 4-1: new full-speed USB device number 5 using dummy_hcd [ 280.081638][ T5619] loop1: detected capacity change from 0 to 128 [ 280.089197][ T5608] 8021q: adding VLAN 0 to HW filter on device bond1 [ 280.097002][ T5608] bond1: (slave xfrm1): The slave device specified does not support setting the MAC address [ 280.123393][ T5608] bond1: (slave xfrm1): Error -95 calling set_mac_address [ 280.185276][ T5612] ntfs3: loop4: failed to convert "c46c" to koi8-r [ 280.435471][ T5625] tmpfs: Bad value for 'mpol' [ 280.513934][ T5619] attempt to access beyond end of device [ 280.513934][ T5619] loop1: rw=0, want=6491538, limit=128 [ 280.526885][ T3576] usb 4-1: config 1 interface 0 has no altsetting 0 [ 280.546706][ T5619] Buffer I/O error on dev loop1, logical block 3245768, async page read [ 280.566635][ T5619] attempt to access beyond end of device [ 280.566635][ T5619] loop1: rw=0, want=17666808, limit=128 [ 280.583084][ T5629] netlink: 132 bytes leftover after parsing attributes in process `syz.2.442'. [ 280.601323][ T5619] Buffer I/O error on dev loop1, logical block 8833403, async page read [ 280.620978][ T5619] attempt to access beyond end of device [ 280.620978][ T5619] loop1: rw=0, want=26539620, limit=128 [ 280.634049][ T5619] Buffer I/O error on dev loop1, logical block 13269809, async page read [ 280.644041][ T5619] attempt to access beyond end of device [ 280.644041][ T5619] loop1: rw=0, want=16147214, limit=128 [ 280.661865][ T5619] Buffer I/O error on dev loop1, logical block 8073606, async page read [ 280.673487][ T5619] attempt to access beyond end of device [ 280.673487][ T5619] loop1: rw=0, want=6491544, limit=128 [ 280.693932][ T5619] Buffer I/O error on dev loop1, logical block 3245771, async page read [ 280.705872][ T5635] loop2: detected capacity change from 0 to 256 [ 280.708858][ T5619] attempt to access beyond end of device [ 280.708858][ T5619] loop1: rw=0, want=17668344, limit=128 [ 280.726229][ T5619] Buffer I/O error on dev loop1, logical block 8834171, async page read [ 280.737341][ T5619] attempt to access beyond end of device [ 280.737341][ T5619] loop1: rw=0, want=26932836, limit=128 [ 280.748980][ T5619] Buffer I/O error on dev loop1, logical block 13466417, async page read [ 280.759132][ T5619] attempt to access beyond end of device [ 280.759132][ T5619] loop1: rw=0, want=16147214, limit=128 [ 280.770621][ T3576] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 280.786975][ T3576] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 280.808069][ T3576] usb 4-1: Product: syz [ 280.816424][ T5619] Buffer I/O error on dev loop1, logical block 8073606, async page read [ 280.822773][ T3576] usb 4-1: Manufacturer: syz [ 280.841059][ T3576] usb 4-1: SerialNumber: syz [ 280.860705][ T5619] attempt to access beyond end of device [ 280.860705][ T5619] loop1: rw=0, want=6491550, limit=128 [ 280.888143][ T5637] loop0: detected capacity change from 0 to 256 [ 280.917058][ T5619] Buffer I/O error on dev loop1, logical block 3245774, async page read [ 280.925768][ T5619] attempt to access beyond end of device [ 280.925768][ T5619] loop1: rw=0, want=17669880, limit=128 [ 280.946268][ T5637] FAT-fs (loop0): Unrecognized mount option "rodir" or missing value [ 280.964127][ T5641] netlink: 120 bytes leftover after parsing attributes in process `syz.4.448'. [ 281.006379][ T5619] Buffer I/O error on dev loop1, logical block 8834939, async page read [ 281.044815][ T5644] netlink: 16 bytes leftover after parsing attributes in process `syz.2.447'. [ 281.327982][ T5650] netlink: 4 bytes leftover after parsing attributes in process `syz.2.451'. [ 281.405065][ T5656] device lo entered promiscuous mode [ 281.421143][ T5655] device lo left promiscuous mode [ 281.491509][ T5659] netlink: 20 bytes leftover after parsing attributes in process `syz.4.455'. [ 281.560386][ T3576] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8 [ 281.611536][ T3576] usb 4-1: USB disconnect, device number 5 [ 281.647919][ T3576] usblp0: removed [ 281.656472][ T5665] loop2: detected capacity change from 0 to 1024 [ 281.719623][ T5667] syz.4.459 uses obsolete (PF_INET,SOCK_PACKET) [ 281.805306][ T5665] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 282.178893][ T3584] block nbd0: Receive control failed (result -32) [ 282.179614][ T5657] block nbd0: shutting down sockets [ 282.209066][ T5682] device team_slave_0 entered promiscuous mode [ 282.215711][ T5682] device team_slave_1 entered promiscuous mode [ 282.316397][ T3644] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 282.436308][ T5690] loop3: detected capacity change from 0 to 2048 [ 282.514561][ T5690] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 282.578978][ T5692] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability [ 282.614290][ T5699] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 282.647787][ T5699] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 190 with error 28 [ 282.695490][ T5699] EXT4-fs (loop3): This should not happen!! Data will be lost [ 282.695490][ T5699] [ 282.726736][ T3644] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 282.776491][ T3576] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 282.786713][ T5699] EXT4-fs (loop3): Total free blocks count 0 [ 282.789648][ T3644] usb 3-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 282.810023][ T3644] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 282.816707][ T5699] EXT4-fs (loop3): Free/Dirty block details [ 282.823539][ T3644] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 282.848335][ T5699] EXT4-fs (loop3): free_blocks=66060288 [ 282.854088][ T5699] EXT4-fs (loop3): dirty_blocks=256 [ 282.860059][ T5699] EXT4-fs (loop3): Block reservation details [ 282.866071][ T5699] EXT4-fs (loop3): i_reserved_data_blocks=16 [ 282.888665][ T3644] usb 3-1: invalid MIDI out EP 0 [ 282.952415][ T5702] loop0: detected capacity change from 0 to 4096 [ 283.033324][ T3644] snd-usb-audio: probe of 3-1:27.0 failed with error -22 [ 283.046378][ T3576] usb 5-1: Using ep0 maxpacket: 16 [ 283.073597][ T5702] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 283.095243][ T3655] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 246 with error 28 [ 283.112836][ T3796] udevd[3796]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 283.119026][ T3655] EXT4-fs (loop3): This should not happen!! Data will be lost [ 283.119026][ T3655] [ 283.146140][ T3612] usb 3-1: USB disconnect, device number 6 [ 283.203133][ T5702] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 283.223916][ T5702] ntfs3: loop0: Failed to load $Extend. [ 283.322687][ T26] audit: type=1800 audit(1726861457.279:132): pid=5702 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.472" name="bus" dev="loop0" ino=33 res=0 errno=0 [ 283.356709][ T3576] usb 5-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4 [ 283.365794][ T3576] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 283.374712][ T3576] usb 5-1: Product: syz [ 283.389940][ T3576] usb 5-1: Manufacturer: syz [ 283.394591][ T3576] usb 5-1: SerialNumber: syz [ 283.417758][ T3576] usb 5-1: config 0 descriptor?? [ 283.478752][ T3576] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state. [ 283.534003][ T5708] loop0: detected capacity change from 0 to 1024 [ 283.630267][ T5708] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled [ 283.681568][ T5708] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback. [ 283.706739][ T3576] gp8psk: usb in 128 operation failed. [ 283.739265][ T26] audit: type=1804 audit(1726861457.699:133): pid=5708 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.475" name="/newroot/79/file0/bus" dev="loop0" ino=18 res=1 errno=0 [ 283.762852][ T26] audit: type=1804 audit(1726861457.719:134): pid=5708 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.475" name="/newroot/79/file0/bus" dev="loop0" ino=18 res=1 errno=0 [ 283.768586][ T3576] gp8psk: usb in 137 operation failed. [ 283.797372][ T3576] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 283.876967][ T3576] dvbdev: DVB: registering new adapter (Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver) [ 283.888401][ T3576] usb 5-1: media controller created [ 283.912295][ T3576] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 283.950651][ T3576] gp8psk_fe: Frontend revision 1 attached [ 283.964913][ T3576] usb 5-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)... [ 283.982051][ T3576] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered. [ 284.376529][ T3576] gp8psk: usb in 137 operation failed. [ 284.385778][ T3576] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver successfully initialized and connected. [ 284.405109][ T3576] gp8psk: found Genpix USB device pID = 201 (hex) [ 284.426454][ T3576] usb 5-1: USB disconnect, device number 2 [ 284.494509][ T3576] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receive successfully deinitialized and disconnected. [ 284.774747][ T5723] loop0: detected capacity change from 0 to 4096 [ 286.421110][ T5749] loop2: detected capacity change from 0 to 256 [ 286.522884][ T5756] loop0: detected capacity change from 0 to 1024 [ 286.577819][ T5749] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 286.600859][ T5756] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled [ 286.689487][ T5761] netlink: 4 bytes leftover after parsing attributes in process `syz.4.496'. [ 286.701513][ T5756] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,journal_ioprio=0x0000000000000003,resuid=0x0000000000000000,max_batch_time=0x0000000000000efe,data=ordered,jqfmt=vfsold,barrier=0x0000000000000648,barrier=0x0000000000000007,,errors=continue. Quota mode: writeback. [ 286.731414][ T5761] netlink: 4 bytes leftover after parsing attributes in process `syz.4.496'. [ 286.905938][ T5756] 9pnet: p9_errstr2errno: server reported unknown error 184467440 [ 287.074243][ T5773] loop4: detected capacity change from 0 to 512 [ 287.186740][ T5773] EXT4-fs (loop4): external journal device major/minor numbers have changed [ 287.260101][ T5778] IPVS: set_ctl: invalid protocol: 136 172.20.20.170:65533 [ 287.328984][ T5780] loop2: detected capacity change from 0 to 1024 [ 287.362737][ T5773] EXT4-fs (loop4): external journal has bad superblock [ 287.382555][ T5780] EXT4-fs (loop2): Ignoring removed bh option [ 287.407129][ T5780] EXT4-fs (loop2): Ignoring removed orlov option [ 287.470241][ T5780] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802e018, mo2=0002] [ 287.486651][ T5780] System zones: 0-1, 3-12 [ 287.492809][ T5780] EXT4-fs (loop2): mounted filesystem without journal. Opts: mb_optimize_scan=0x0000000000000001,bh,barrier=0x0000000000000001,orlov,debug_want_extra_isize=0x0000000000000080,nouid32,usrjquota=,grpjquota=,debug,,errors=continue. Quota mode: none. [ 287.670118][ T3566] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2815: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 287.702303][ T5788] loop0: detected capacity change from 0 to 65 [ 287.807824][ T5788] BFS-fs: bfs_fill_super(): NOTE: filesystem loop0 was created with 512 inodes, the real maximum is 511, mounting anyway [ 288.198532][ T3710] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.290504][ T5795] loop4: detected capacity change from 0 to 512 [ 288.340013][ T5795] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled [ 288.349507][ T5795] EXT4-fs (loop4): Journaled quota options ignored when QUOTA feature is enabled [ 288.358811][ T5795] EXT4-fs (loop4): Unrecognized mount option "seclabel" or missing value [ 288.386908][ T3710] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.508219][ T5801] loop0: detected capacity change from 0 to 128 [ 288.522950][ T3710] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.595559][ T3710] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.596556][ T5801] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 288.876675][ T5801] loop_set_status: loop0 () has still dirty pages (nrpages=1) [ 289.058260][ T3826] FAT-fs (loop0): error, invalid access to FAT (entry 0x0affffff) [ 289.096433][ T3826] FAT-fs (loop0): Filesystem has been set read-only [ 289.698329][ T5802] chnl_net:caif_netlink_parms(): no params data found [ 289.805965][ T5836] netlink: 4 bytes leftover after parsing attributes in process `syz.3.520'. [ 289.862019][ T5843] netlink: 28 bytes leftover after parsing attributes in process `syz.3.520'. [ 289.997943][ T5848] loop0: detected capacity change from 0 to 64 [ 290.128358][ T5802] bridge0: port 1(bridge_slave_0) entered blocking state [ 290.196537][ T5802] bridge0: port 1(bridge_slave_0) entered disabled state [ 290.230339][ T5802] device bridge_slave_0 entered promiscuous mode [ 290.378296][ T5857] device bond1 entered promiscuous mode [ 290.396733][ T5857] 8021q: adding VLAN 0 to HW filter on device bond1 [ 290.445748][ T5857] bond1 (unregistering): Released all slaves [ 290.555919][ T5802] bridge0: port 2(bridge_slave_1) entered blocking state [ 290.565931][ T5802] bridge0: port 2(bridge_slave_1) entered disabled state [ 290.593732][ T5802] device bridge_slave_1 entered promiscuous mode [ 290.786033][ T5872] loop0: detected capacity change from 0 to 8 [ 290.844425][ T5802] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 290.922875][ T5872] unable to read fragment index table [ 290.930695][ T5876] 8021q: adding VLAN 0 to HW filter on device bond1 [ 290.939225][ T3612] Bluetooth: hci0: command 0x0409 tx timeout [ 290.948932][ T5876] bond0: (slave bond1): Enslaving as an active interface with an up link [ 291.040543][ T5802] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 291.149819][ T5868] 8021q: adding VLAN 0 to HW filter on device bond1 [ 291.411622][ T5868] bond1: (slave xfrm1): The slave device specified does not support setting the MAC address [ 291.429766][ T5868] bond1: (slave xfrm1): Error -95 calling set_mac_address [ 291.987559][ T5802] team0: Port device team_slave_0 added [ 292.043586][ T5802] team0: Port device team_slave_1 added [ 292.151237][ T3710] device hsr_slave_0 left promiscuous mode [ 292.181660][ T3710] device hsr_slave_1 left promiscuous mode [ 292.192784][ T5899] netlink: 16 bytes leftover after parsing attributes in process `syz.4.533'. [ 292.203942][ T3710] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 292.236371][ T3710] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 292.279896][ T3710] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 292.296389][ T3710] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 292.349259][ T3710] device veth1_macvtap left promiscuous mode [ 292.365858][ T3710] device veth0_macvtap left promiscuous mode [ 292.372281][ T5906] netlink: 120 bytes leftover after parsing attributes in process `syz.0.534'. [ 292.376059][ T3710] device veth1_vlan left promiscuous mode [ 292.431089][ T5909] tmpfs: Bad value for 'mpol' [ 292.432789][ T3710] device veth0_vlan left promiscuous mode [ 292.446634][ T3709] Bluetooth: hci2: command 0x0409 tx timeout [ 292.533309][ T5911] loop4: detected capacity change from 0 to 2048 [ 292.664895][ T5911] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 292.833066][ T5915] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 292.880634][ T5915] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 218 with error 28 [ 292.921413][ T5915] EXT4-fs (loop4): This should not happen!! Data will be lost [ 292.921413][ T5915] [ 292.950591][ T5915] EXT4-fs (loop4): Total free blocks count 0 [ 292.957809][ T5915] EXT4-fs (loop4): Free/Dirty block details [ 292.972067][ T5915] EXT4-fs (loop4): free_blocks=66060288 [ 293.004943][ T5915] EXT4-fs (loop4): dirty_blocks=272 [ 293.006454][ T3614] Bluetooth: hci0: command 0x041b tx timeout [ 293.018301][ T5915] EXT4-fs (loop4): Block reservation details [ 293.034767][ T5915] EXT4-fs (loop4): i_reserved_data_blocks=17 [ 293.047517][ T3710] team0 (unregistering): Port device team_slave_1 removed [ 293.088298][ T3710] team0 (unregistering): Port device team_slave_0 removed [ 293.123272][ T3710] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 293.153278][ T3710] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 293.209215][ T4221] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 266 with error 28 [ 293.233343][ T4221] EXT4-fs (loop4): This should not happen!! Data will be lost [ 293.233343][ T4221] [ 293.489472][ T3710] bond0 (unregistering): Released all slaves [ 293.694021][ T3614] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 293.724670][ T5802] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 293.741993][ T5802] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 293.799046][ T5802] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 293.819744][ T5802] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 293.830885][ T5802] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 293.865318][ T5802] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 294.076751][ T3614] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 294.115065][ T3614] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 294.146460][ T3614] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 294.155673][ T3614] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.184151][ T5860] chnl_net:caif_netlink_parms(): no params data found [ 294.241768][ T5802] device hsr_slave_0 entered promiscuous mode [ 294.260601][ T3614] usb 5-1: invalid MIDI out EP 0 [ 294.301916][ T5802] device hsr_slave_1 entered promiscuous mode [ 294.346454][ T5802] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 294.354591][ T5802] Cannot create hsr debugfs directory [ 294.374900][ T3796] udevd[3796]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 294.473873][ T3614] snd-usb-audio: probe of 5-1:27.0 failed with error -22 [ 294.526596][ T7] Bluetooth: hci2: command 0x041b tx timeout [ 294.621256][ T3569] usb 5-1: USB disconnect, device number 3 [ 294.804065][ T5860] bridge0: port 1(bridge_slave_0) entered blocking state [ 294.826510][ T5860] bridge0: port 1(bridge_slave_0) entered disabled state [ 294.834710][ T5860] device bridge_slave_0 entered promiscuous mode [ 294.897120][ T5860] bridge0: port 2(bridge_slave_1) entered blocking state [ 294.904473][ T5860] bridge0: port 2(bridge_slave_1) entered disabled state [ 294.922946][ T5860] device bridge_slave_1 entered promiscuous mode [ 295.086431][ T3611] Bluetooth: hci0: command 0x040f tx timeout [ 295.095049][ T5860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 295.145442][ T5860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 295.472580][ T5860] team0: Port device team_slave_0 added [ 295.538836][ T5860] team0: Port device team_slave_1 added [ 295.562087][ T5951] 8021q: adding VLAN 0 to HW filter on device bond1 [ 295.579230][ T5958] netlink: 16 bytes leftover after parsing attributes in process `syz.0.545'. [ 295.604288][ T5951] bond0: (slave bond1): Enslaving as an active interface with an up link [ 295.664110][ T5953] 8021q: adding VLAN 0 to HW filter on device bond1 [ 295.676957][ T5953] bond1: (slave xfrm1): The slave device specified does not support setting the MAC address [ 295.694444][ T5953] bond1: (slave xfrm1): Error -95 calling set_mac_address [ 295.853481][ T5860] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 295.876219][ T5860] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 295.931777][ T5860] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 295.984612][ T5860] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 296.003881][ T5860] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 296.076534][ T5860] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 296.211487][ T26] audit: type=1326 audit(1726861470.169:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5971 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f145afeaef9 code=0x7ffc0000 [ 296.281368][ T5860] device hsr_slave_0 entered promiscuous mode [ 296.307146][ T26] audit: type=1326 audit(1726861470.199:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5971 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f145afeaef9 code=0x7ffc0000 [ 296.308625][ T5860] device hsr_slave_1 entered promiscuous mode [ 296.394342][ T5860] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 296.431665][ T5860] Cannot create hsr debugfs directory [ 296.446435][ T26] audit: type=1326 audit(1726861470.199:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5971 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f145afeaef9 code=0x7ffc0000 [ 296.501844][ T5978] loop0: detected capacity change from 0 to 2048 [ 296.537956][ T26] audit: type=1326 audit(1726861470.209:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5971 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f145afeaef9 code=0x7ffc0000 [ 296.608141][ T7] Bluetooth: hci2: command 0x040f tx timeout [ 296.632012][ T26] audit: type=1326 audit(1726861470.209:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5971 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f145afeaef9 code=0x7ffc0000 [ 296.677546][ T5802] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 296.697581][ T5978] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 296.817005][ T5802] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 296.835272][ T26] audit: type=1326 audit(1726861470.219:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5971 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f145afeaef9 code=0x7ffc0000 [ 296.860187][ T5987] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 296.884333][ T5802] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 296.919383][ T5802] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 296.936612][ T26] audit: type=1326 audit(1726861470.219:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5971 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f145afeaef9 code=0x7ffc0000 [ 296.959635][ T5987] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 354 with error 28 [ 296.993871][ T5987] EXT4-fs (loop0): This should not happen!! Data will be lost [ 296.993871][ T5987] [ 297.042486][ T5860] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 297.076439][ T26] audit: type=1326 audit(1726861470.219:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5971 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f145afeaef9 code=0x7ffc0000 [ 297.081020][ T5987] EXT4-fs (loop0): Total free blocks count 0 [ 297.156352][ T26] audit: type=1326 audit(1726861470.219:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5971 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f145afeaef9 code=0x7ffc0000 [ 297.166461][ T3611] Bluetooth: hci0: command 0x0419 tx timeout [ 297.186151][ T5987] EXT4-fs (loop0): Free/Dirty block details [ 297.224373][ T5987] EXT4-fs (loop0): free_blocks=66060288 [ 297.234502][ T5987] EXT4-fs (loop0): dirty_blocks=384 [ 297.238014][ T5860] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 297.263685][ T5987] EXT4-fs (loop0): Block reservation details [ 297.266466][ T26] audit: type=1326 audit(1726861470.219:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5971 comm="syz.0.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f145afeaef9 code=0x7ffc0000 [ 297.271822][ T5987] EXT4-fs (loop0): i_reserved_data_blocks=24 [ 297.412040][ T5860] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 297.475980][ T5802] 8021q: adding VLAN 0 to HW filter on device bond0 [ 297.591644][ T5860] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 297.654906][ T5802] 8021q: adding VLAN 0 to HW filter on device team0 [ 297.667137][ T3708] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 297.702017][ T3708] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 297.721742][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 297.731966][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 297.757804][ T3708] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 380 with error 28 [ 297.776739][ T3649] bridge0: port 1(bridge_slave_0) entered blocking state [ 297.783951][ T3649] bridge0: port 1(bridge_slave_0) entered forwarding state [ 297.806944][ T3708] EXT4-fs (loop0): This should not happen!! Data will be lost [ 297.806944][ T3708] [ 297.834108][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 297.860283][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 297.889013][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 297.931398][ T3649] bridge0: port 2(bridge_slave_1) entered blocking state [ 297.938835][ T3649] bridge0: port 2(bridge_slave_1) entered forwarding state [ 298.033975][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 298.085442][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 298.100023][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 298.119156][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 298.147971][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 298.220262][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 298.237839][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 298.275230][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 298.300650][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 298.313547][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 298.330230][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 298.349563][ T5802] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 298.410143][ T5860] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 298.439875][ T5860] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 298.467636][ T5860] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 298.499628][ T5860] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 298.686669][ T3614] Bluetooth: hci2: command 0x0419 tx timeout [ 298.724228][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 298.733495][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 298.771505][ T5802] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 298.789065][ T5860] 8021q: adding VLAN 0 to HW filter on device bond0 [ 298.844330][ T3708] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 298.867112][ T3708] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 298.900561][ T3708] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 298.935757][ T3708] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 298.969941][ T5860] 8021q: adding VLAN 0 to HW filter on device team0 [ 298.995539][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 299.008413][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 299.019096][ T3649] bridge0: port 1(bridge_slave_0) entered blocking state [ 299.026182][ T3649] bridge0: port 1(bridge_slave_0) entered forwarding state [ 299.035597][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 299.047312][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 299.066741][ T3649] bridge0: port 2(bridge_slave_1) entered blocking state [ 299.073857][ T3649] bridge0: port 2(bridge_slave_1) entered forwarding state [ 299.110567][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 299.119181][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 299.156753][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 299.172903][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 299.182012][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 299.197430][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 299.217748][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 299.238228][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 299.248477][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 299.258846][ T5802] device veth0_vlan entered promiscuous mode [ 299.282580][ T5860] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 299.294503][ T5860] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 299.312247][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 299.322166][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 299.330757][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 299.341318][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 299.351780][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 299.360939][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 299.374046][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 299.392566][ T5802] device veth1_vlan entered promiscuous mode [ 299.407350][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 299.416123][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 299.466544][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 299.488264][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 299.510623][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 299.536253][ T5802] device veth0_macvtap entered promiscuous mode [ 299.555368][ T5802] device veth1_macvtap entered promiscuous mode [ 299.590924][ T5802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.609488][ T5802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.625796][ T5802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.644350][ T5802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.655455][ T5802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.673695][ T5802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.697267][ T5802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.716325][ T5802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.729503][ T5802] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 299.748798][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 299.766031][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 299.775449][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 299.792330][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 299.807017][ T5802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.829579][ T5802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.846509][ T5802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.864728][ T5802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.875717][ T5802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.897474][ T5802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.914307][ T5802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.926895][ T5802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.965907][ T5802] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 300.009077][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 300.031576][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 300.062077][ T5802] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.071843][ T5802] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.096342][ T5802] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.105193][ T5802] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.167375][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 300.186092][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 300.215306][ T5860] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 300.319759][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 300.329687][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 300.367009][ T3710] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 300.375265][ T3710] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 300.405615][ T5860] device veth0_vlan entered promiscuous mode [ 300.435562][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 300.455568][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 300.465494][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 300.510310][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 300.529311][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 300.555770][ T5860] device veth1_vlan entered promiscuous mode [ 300.576575][ T3708] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 300.585242][ T3708] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 300.605226][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 300.627282][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 300.649837][ T3649] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 300.711818][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 300.732234][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 300.761827][ T5860] device veth0_macvtap entered promiscuous mode [ 300.796635][ T5860] device veth1_macvtap entered promiscuous mode [ 300.868329][ T6068] netlink: 120 bytes leftover after parsing attributes in process `syz.3.552'. [ 300.895466][ T6071] netlink: 156 bytes leftover after parsing attributes in process `syz.0.561'. [ 300.931009][ T5860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 300.962455][ T5860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.991430][ T5860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 301.052720][ T5860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.068531][ T5860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 301.108309][ T5860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.129282][ T5860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 301.161205][ T5860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.192423][ T5860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 301.206106][ T5860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.218141][ T5860] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 301.237879][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 301.269580][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 301.294363][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 301.306437][ T3690] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 301.320910][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 301.346065][ T5860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 301.365878][ T5860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.378278][ T5860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 301.399286][ T5860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.424602][ T5860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 301.443243][ T5860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.453575][ T5860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 301.474270][ T5860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.486841][ T5860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 301.508164][ T5860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.524832][ T5860] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 301.567956][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 301.580543][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 301.673207][ T5860] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.676681][ T3690] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 301.706364][ T5860] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.706421][ T3690] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 301.729333][ T5860] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.770078][ T5860] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.776419][ T3690] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 301.797648][ T3690] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 301.880252][ T3690] usb 1-1: invalid MIDI out EP 0 [ 302.037625][ T3710] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 302.045923][ T3710] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 302.092710][ T3795] udevd[3795]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 302.129962][ T3690] snd-usb-audio: probe of 1-1:27.0 failed with error -22 [ 302.140594][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 302.178735][ T3690] usb 1-1: USB disconnect, device number 7 [ 302.205481][ T3717] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 302.237258][ T3717] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 302.281217][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 302.336678][ T3612] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 302.609958][ T3612] usb 3-1: Using ep0 maxpacket: 16 [ 302.916739][ T3612] usb 3-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4 [ 302.963784][ T3612] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 302.981546][ T3612] usb 3-1: Product: syz [ 302.985938][ T3612] usb 3-1: Manufacturer: syz [ 302.998729][ T3612] usb 3-1: SerialNumber: syz [ 303.024235][ T3612] usb 3-1: config 0 descriptor?? [ 303.067792][ T6136] device team_slave_1 left promiscuous mode [ 303.088784][ T3612] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state. [ 303.202106][ T6136] team0: Port device team_slave_1 removed [ 303.307189][ T3612] gp8psk: usb in 128 operation failed. [ 303.344627][ T6136] syz.3.566 (6136) used greatest stack depth: 18712 bytes left [ 303.352655][ T3612] gp8psk: usb in 137 operation failed. [ 303.358302][ T3612] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 303.418375][ T3612] dvbdev: DVB: registering new adapter (Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver) [ 303.453451][ T3612] usb 3-1: media controller created [ 303.492721][ T3612] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 303.534221][ T3612] gp8psk_fe: Frontend revision 1 attached [ 303.550434][ T3612] usb 3-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)... [ 303.585714][ T3612] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered. [ 303.702149][ T6164] loop4: detected capacity change from 0 to 4096 [ 303.738353][ T6170] loop0: detected capacity change from 0 to 1024 [ 303.967300][ T3649] hfsplus: b-tree write err: -5, ino 4 [ 303.979707][ T6182] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 304.006616][ T3612] gp8psk: usb in 137 operation failed. [ 304.012132][ T3612] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver successfully initialized and connected. [ 304.022824][ T26] kauditd_printk_skb: 1 callbacks suppressed [ 304.022838][ T26] audit: type=1800 audit(1726861477.969:146): pid=6164 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.577" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 304.071198][ T26] audit: type=1800 audit(1726861478.019:147): pid=6164 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.577" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 304.106822][ T3612] gp8psk: found Genpix USB device pID = 201 (hex) [ 304.166426][ T3612] usb 3-1: USB disconnect, device number 7 [ 304.248758][ T26] audit: type=1800 audit(1726861478.209:148): pid=6185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.577" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 304.297903][ T3612] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receive successfully deinitialized and disconnected. [ 305.259028][ T6212] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 305.558306][ T6221] loop2: detected capacity change from 0 to 512 [ 305.824932][ T3644] Bluetooth: hci3: command 0x2021 tx timeout [ 306.093775][ T21] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 306.134516][ T6230] loop3: detected capacity change from 0 to 256 [ 306.453727][ T21] usb 1-1: Using ep0 maxpacket: 16 [ 306.833391][ T21] usb 1-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4 [ 306.859998][ T21] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 306.888239][ T21] usb 1-1: Product: syz [ 306.904666][ T21] usb 1-1: Manufacturer: syz [ 306.927154][ T21] usb 1-1: SerialNumber: syz [ 306.941308][ T21] usb 1-1: config 0 descriptor?? [ 307.017518][ T21] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state. [ 307.167394][ T6249] loop4: detected capacity change from 0 to 128 [ 307.230441][ T21] gp8psk: usb in 128 operation failed. [ 307.289432][ T21] gp8psk: usb in 137 operation failed. [ 307.294947][ T21] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 307.321210][ T7] usb 2-1: new full-speed USB device number 7 using dummy_hcd [ 307.360963][ T21] dvbdev: DVB: registering new adapter (Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver) [ 307.370486][ T21] usb 1-1: media controller created [ 307.436713][ T21] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 307.491315][ T21] gp8psk_fe: Frontend revision 1 attached [ 307.528612][ T21] usb 1-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)... [ 307.537493][ T21] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered. [ 307.873070][ T7] usb 2-1: unable to get BOS descriptor or descriptor too short [ 307.929452][ T7] usb 2-1: not running at top speed; connect to a high speed hub [ 307.952683][ T21] gp8psk: usb in 137 operation failed. [ 307.983704][ T21] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver successfully initialized and connected. [ 308.018821][ T21] gp8psk: found Genpix USB device pID = 201 (hex) [ 308.073776][ T21] usb 1-1: USB disconnect, device number 8 [ 308.089049][ T7] usb 2-1: config 129 has an invalid interface number: 135 but max is 0 [ 308.099335][ T7] usb 2-1: config 129 has an invalid interface number: 5 but max is 0 [ 308.122528][ T7] usb 2-1: config 129 descriptor has 1 excess byte, ignoring [ 308.154560][ T7] usb 2-1: config 129 has 2 interfaces, different from the descriptor's value: 1 [ 308.192839][ T7] usb 2-1: config 129 has no interface number 0 [ 308.213987][ T7] usb 2-1: config 129 has no interface number 1 [ 308.230368][ T7] usb 2-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 9 [ 308.248459][ T21] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receive successfully deinitialized and disconnected. [ 308.315052][ T7] usb 2-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30 [ 308.336442][ T7] usb 2-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37 [ 308.405673][ T7] usb 2-1: config 129 interface 135 has no altsetting 0 [ 308.412761][ T7] usb 2-1: config 129 interface 5 has no altsetting 0 [ 308.663008][ T6252] loop0: detected capacity change from 0 to 128 [ 308.761678][ T7] usb 2-1: string descriptor 0 read error: -22 [ 308.769695][ T7] usb 2-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.62 [ 308.797192][ T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 308.936094][ T3649] attempt to access beyond end of device [ 308.936094][ T3649] loop4: rw=1, want=865, limit=128 [ 308.951098][ T7] usb 2-1: MIDIStreaming interface descriptor not found [ 308.993579][ T3649] attempt to access beyond end of device [ 308.993579][ T3649] loop4: rw=1, want=1041, limit=128 [ 309.028896][ T3649] attempt to access beyond end of device [ 309.028896][ T3649] loop4: rw=1, want=873, limit=128 [ 309.791320][ T7] usb 2-1: USB disconnect, device number 7 [ 310.003033][ T6273] loop3: detected capacity change from 0 to 2048 [ 310.821859][ T6252] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 310.853306][ T6252] ext4 filesystem being mounted at /115/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 311.742338][ T6297] loop4: detected capacity change from 0 to 4096 [ 312.562944][ T6273] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,jqfmt=vfsv1,,errors=continue. Quota mode: none. [ 312.626408][ T6273] EXT4-fs error (device loop3): ext4_remount:5854: comm syz.3.613: Abort forced by user [ 312.710722][ T6273] EXT4-fs (loop3): Remounting filesystem read-only [ 312.729259][ T6273] EXT4-fs error (device loop3): ext4_remount:5854: comm syz.3.613: Abort forced by user [ 312.821724][ T6273] EXT4-fs (loop3): Remounting filesystem read-only [ 313.131377][ T6309] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 313.778697][ T26] audit: type=1326 audit(1726861487.739:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.2.632" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe697df6ef9 code=0x0 [ 313.947216][ T6301] loop_set_status: loop1 () has still dirty pages (nrpages=2) [ 315.061382][ T6345] loop3: detected capacity change from 0 to 256 [ 315.216560][ T3585] Bluetooth: Wrong link type (-71) [ 315.910224][ T6360] loop0: detected capacity change from 0 to 64 [ 316.563590][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 317.110738][ T1395] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.117905][ T1395] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.124298][ T6345] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 317.668479][ T3826] Trying to free block not in datazone [ 318.382160][ T6388] loop2: detected capacity change from 0 to 512 [ 318.557748][ T6392] netlink: 'syz.4.657': attribute type 1 has an invalid length. [ 318.674728][ T6394] 8021q: adding VLAN 0 to HW filter on device bond2 [ 318.737187][ T6394] bond0: (slave bond2): Enslaving as an active interface with an up link [ 321.286416][ T6422] netlink: 4 bytes leftover after parsing attributes in process `syz.4.668'. [ 321.649610][ T6436] netdevsim netdevsim1: Direct firmware load for # failed with error -2 [ 321.705757][ T6436] netdevsim netdevsim1: Falling back to sysfs fallback for: # [ 322.664352][ T6449] netlink: 'syz.3.677': attribute type 10 has an invalid length. [ 322.698371][ T6449] netlink: 4 bytes leftover after parsing attributes in process `syz.3.677'. [ 323.344322][ T6388] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal [ 323.676842][ T26] audit: type=1326 audit(1726861497.639:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6458 comm="syz.3.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e6326fef9 code=0x7ffc0000 [ 323.912053][ T6470] loop4: detected capacity change from 0 to 2048 [ 324.313847][ T26] audit: type=1326 audit(1726861498.269:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6478 comm="syz.0.689" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f145afeaef9 code=0x0 [ 324.630167][ T6492] loop0: detected capacity change from 0 to 16 [ 325.306230][ T6507] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 325.352015][ T6492] erofs: (device loop0): mounted with root inode @ nid 36. [ 325.536463][ T6508] dccp_close: ABORT with 32 bytes unread [ 325.715335][ T6517] ------------[ cut here ]------------ [ 325.735986][ T6517] WARNING: CPU: 0 PID: 6517 at mm/page_alloc.c:5398 __alloc_pages+0x5cf/0x700 [ 325.775988][ T6517] Modules linked in: [ 325.812306][ T6517] CPU: 0 PID: 6517 Comm: syz.4.703 Not tainted 5.15.167-syzkaller #0 [ 325.841339][ T6517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 325.853251][ T6517] RIP: 0010:__alloc_pages+0x5cf/0x700 [ 325.859027][ T6517] Code: 00 48 ba 00 00 00 00 00 fc ff df e9 1d fd ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 2e fd ff ff e8 f6 40 0a 00 e9 24 fd ff ff <0f> 0b 45 31 e4 e9 70 fd ff ff 48 8d 4c 24 50 80 e1 07 80 c1 03 38 [ 325.896863][ T6517] RSP: 0018:ffffc90003287a20 EFLAGS: 00010246 [ 325.912761][ T6517] RAX: dffffc0000000000 RBX: 0000000000000027 RCX: 0000000000000000 [ 325.936048][ T6517] RDX: 0000000000000028 RSI: 0000000000000000 RDI: ffffc90003287aa8 [ 325.986374][ T6517] RBP: ffffc90003287b40 R08: dffffc0000000000 R09: ffffc90003287a80 [ 326.006135][ T6517] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000040d40 [ 326.022339][ T6517] R13: 1ffff92000650f4c R14: ffffc90003287a80 R15: 1ffff92000650f48 [ 326.042590][ T6517] FS: 00007f3ed8fd06c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 326.068494][ T6517] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 326.084357][ T6517] CR2: 00007f721051f440 CR3: 00000000497ba000 CR4: 00000000003506f0 [ 326.103779][ T6517] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 326.123303][ T6517] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 326.143800][ T6517] Call Trace: [ 326.151902][ T6517] [ 326.159476][ T6517] ? __warn+0x15b/0x300 [ 326.171833][ T6517] ? __alloc_pages+0x5cf/0x700 [ 326.183586][ T6517] ? report_bug+0x1b7/0x2e0 [ 326.195089][ T6517] ? handle_bug+0x3d/0x70 [ 326.205266][ T6517] ? exc_invalid_op+0x16/0x40 [ 326.218588][ T6517] ? asm_exc_invalid_op+0x16/0x20 [ 326.231658][ T6517] ? __alloc_pages+0x5cf/0x700 [ 326.243569][ T6517] ? __rmqueue_pcplist+0x2030/0x2030 [ 326.260400][ T6517] ? v9fs_fid_xattr_get+0x2b6/0x360 [ 326.273636][ T6517] ? alloc_pages+0x458/0x570 [ 326.287173][ T6517] kmalloc_order+0x41/0x150 [ 326.298701][ T6517] kmalloc_order_trace+0x15/0xe0 [ 326.311736][ T6517] __kmalloc+0x214/0x300 [ 326.323731][ T6517] ? slab_free_freelist_hook+0xdd/0x160 [ 326.338479][ T6517] __v9fs_get_acl+0x40/0x110 [ 326.350932][ T6517] v9fs_get_acl+0x93/0x280 [ 326.361093][ T6517] v9fs_mount+0x6dc/0x860 [ 326.372313][ T6517] legacy_get_tree+0xeb/0x180 [ 326.385184][ T6517] ? xfs_fs_commit_blocks+0x7b0/0x7b0 [ 326.400959][ T6517] vfs_get_tree+0x88/0x270 [ 326.411135][ T6517] do_new_mount+0x2ba/0xb40 [ 326.422517][ T6517] ? do_move_mount_old+0x160/0x160 [ 326.435704][ T6517] ? user_path_at_empty+0x12b/0x180 [ 326.446888][ T6517] __se_sys_mount+0x2d5/0x3c0 [ 326.460701][ T6517] ? __x64_sys_mount+0xc0/0xc0 [ 326.472328][ T6517] ? syscall_enter_from_user_mode+0x2e/0x240 [ 326.485315][ T6517] ? lockdep_hardirqs_on+0x94/0x130 [ 326.499558][ T6517] ? __x64_sys_mount+0x1c/0xc0 [ 326.510082][ T6517] do_syscall_64+0x3b/0xb0 [ 326.520238][ T6517] ? clear_bhb_loop+0x15/0x70 [ 326.530754][ T6517] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 326.544720][ T6517] RIP: 0033:0x7f3edab78ef9 [ 326.555792][ T6517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 326.597129][ T6517] RSP: 002b:00007f3ed8fd0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 326.618900][ T6517] RAX: ffffffffffffffda RBX: 00007f3edad31058 RCX: 00007f3edab78ef9 [ 326.636103][ T6517] RDX: 0000000020000b80 RSI: 00000000200003c0 RDI: 0000000000000000 [ 326.653384][ T6517] RBP: 00007f3edabebb76 R08: 0000000020000500 R09: 0000000000000000 [ 326.674514][ T6517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 326.695958][ T6517] R13: 0000000000000000 R14: 00007f3edad31058 R15: 00007ffd2899f2e8 [ 326.722515][ T6517] [ 326.725601][ T6517] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 326.732982][ T6517] CPU: 1 PID: 6517 Comm: syz.4.703 Not tainted 5.15.167-syzkaller #0 [ 326.741064][ T6517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 326.751145][ T6517] Call Trace: [ 326.754445][ T6517] [ 326.757391][ T6517] dump_stack_lvl+0x1e3/0x2d0 [ 326.762093][ T6517] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 326.767745][ T6517] ? panic+0x860/0x860 [ 326.771844][ T6517] ? __alloc_pages+0x540/0x700 [ 326.776634][ T6517] ? __alloc_pages+0x540/0x700 [ 326.781417][ T6517] panic+0x318/0x860 [ 326.785340][ T6517] ? __warn+0x16a/0x300 [ 326.789527][ T6517] ? fb_is_primary_device+0xd0/0xd0 [ 326.794939][ T6517] ? __alloc_pages+0x5cf/0x700 [ 326.799992][ T6517] __warn+0x2b2/0x300 [ 326.804061][ T6517] ? __alloc_pages+0x5cf/0x700 [ 326.809106][ T6517] report_bug+0x1b7/0x2e0 [ 326.813476][ T6517] handle_bug+0x3d/0x70 [ 326.817659][ T6517] exc_invalid_op+0x16/0x40 [ 326.822194][ T6517] asm_exc_invalid_op+0x16/0x20 [ 326.827164][ T6517] RIP: 0010:__alloc_pages+0x5cf/0x700 [ 326.832573][ T6517] Code: 00 48 ba 00 00 00 00 00 fc ff df e9 1d fd ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 2e fd ff ff e8 f6 40 0a 00 e9 24 fd ff ff <0f> 0b 45 31 e4 e9 70 fd ff ff 48 8d 4c 24 50 80 e1 07 80 c1 03 38 [ 326.852492][ T6517] RSP: 0018:ffffc90003287a20 EFLAGS: 00010246 [ 326.858592][ T6517] RAX: dffffc0000000000 RBX: 0000000000000027 RCX: 0000000000000000 [ 326.866588][ T6517] RDX: 0000000000000028 RSI: 0000000000000000 RDI: ffffc90003287aa8 [ 326.874582][ T6517] RBP: ffffc90003287b40 R08: dffffc0000000000 R09: ffffc90003287a80 [ 326.882580][ T6517] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000040d40 [ 326.890575][ T6517] R13: 1ffff92000650f4c R14: ffffc90003287a80 R15: 1ffff92000650f48 [ 326.898594][ T6517] ? __rmqueue_pcplist+0x2030/0x2030 [ 326.903922][ T6517] ? v9fs_fid_xattr_get+0x2b6/0x360 [ 326.909152][ T6517] ? alloc_pages+0x458/0x570 [ 326.913880][ T6517] kmalloc_order+0x41/0x150 [ 326.918413][ T6517] kmalloc_order_trace+0x15/0xe0 [ 326.923385][ T6517] __kmalloc+0x214/0x300 [ 326.927653][ T6517] ? slab_free_freelist_hook+0xdd/0x160 [ 326.933235][ T6517] __v9fs_get_acl+0x40/0x110 [ 326.937935][ T6517] v9fs_get_acl+0x93/0x280 [ 326.942380][ T6517] v9fs_mount+0x6dc/0x860 [ 326.946732][ T6517] legacy_get_tree+0xeb/0x180 [ 326.951428][ T6517] ? xfs_fs_commit_blocks+0x7b0/0x7b0 [ 326.956817][ T6517] vfs_get_tree+0x88/0x270 [ 326.961252][ T6517] do_new_mount+0x2ba/0xb40 [ 326.965777][ T6517] ? do_move_mount_old+0x160/0x160 [ 326.971438][ T6517] ? user_path_at_empty+0x12b/0x180 [ 326.976663][ T6517] __se_sys_mount+0x2d5/0x3c0 [ 326.981369][ T6517] ? __x64_sys_mount+0xc0/0xc0 [ 326.986239][ T6517] ? syscall_enter_from_user_mode+0x2e/0x240 [ 326.992236][ T6517] ? lockdep_hardirqs_on+0x94/0x130 [ 326.997458][ T6517] ? __x64_sys_mount+0x1c/0xc0 [ 327.002259][ T6517] do_syscall_64+0x3b/0xb0 [ 327.006691][ T6517] ? clear_bhb_loop+0x15/0x70 [ 327.011381][ T6517] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 327.017294][ T6517] RIP: 0033:0x7f3edab78ef9 [ 327.021726][ T6517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 327.041884][ T6517] RSP: 002b:00007f3ed8fd0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 327.050373][ T6517] RAX: ffffffffffffffda RBX: 00007f3edad31058 RCX: 00007f3edab78ef9 [ 327.058388][ T6517] RDX: 0000000020000b80 RSI: 00000000200003c0 RDI: 0000000000000000 [ 327.066477][ T6517] RBP: 00007f3edabebb76 R08: 0000000020000500 R09: 0000000000000000 [ 327.074470][ T6517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 327.082466][ T6517] R13: 0000000000000000 R14: 00007f3edad31058 R15: 00007ffd2899f2e8 [ 327.090563][ T6517] [ 327.093892][ T6517] Kernel Offset: disabled [ 327.098479][ T6517] Rebooting in 86400 seconds..