last executing test programs: 2.630739044s ago: executing program 1 (id=926): syz_usb_connect(0x0, 0x5a, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d04031d5abf0009050400005539000009050b00000000000009050200000005000009047d01013481af0009a00e00230000690009047d"], 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0) 1.878139965s ago: executing program 3 (id=938): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001700)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x12e4, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x12bc, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_KEY={0x8}, @NFTA_XFRM_KEY={0x8}, @NFTA_XFRM_DREG={0x8}]}}}, {0x1278, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x126c, 0x2, 0x0, 0x1, [@NFTA_CMP_DATA={0x10, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x9, 0x1, "efbb17b799"}]}, @NFTA_CMP_SREG={0x8}, @NFTA_CMP_OP={0x8}, @NFTA_CMP_DATA={0x1240, 0x3, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x50, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8}]}, @NFTA_DATA_VALUE={0xb0, 0x1, "5f2fb6f9a4fc491ebf5404cba98c9dcaab9206001a35f3de5bc57ba469e904afccf1543031ac1ef9a43feef695a514c19de78cb38336995ba3795cc955259fd6ba4360c87baa2353b507edf29f85fe4c907c0a4b65abf29046703157421e5b0b6cb4d6ce675ce611ad80445b0f66ab29d8c136620e8dc2018eaa648fede4b85d60d3aeb180262c28d56b60fe06354dd693c3f4ce3078c1dbf8ac017915bccad055cb9877e587a26b3abf2f57"}, @NFTA_DATA_VALUE={0x31, 0x1, "b23cc2eebf4b408579a452f5a8a50faad5b4655a89e79d62a470e536403e314e4600fd0b1c2293eaa436d3dd84"}, @NFTA_DATA_VALUE={0x8d, 0x1, "46179f4da9b3650ba595f42a0a22472ff89a4635f6442e6ea56472de61b495fe6bea8c46f7587600128b489461b80cd42417db46b2dbdede36d7273c4dbc185323354ef18362024271fc9e28b1ad3bd10713a8e46405bba2e9bc7a1d59165b799b069507d9d186c06e17860e290b320b8bbe490315005f9043960c3b989c87659f172dd6a2bb9b9bff0d77a3bf5cbce4e3cfecbb917c615cb9b96602fa72dda2bac3d4eb55ef0e135faafcd08853045f351d"}, @NFTA_DATA_VALUE={0x1004, 0x1, "3f9d6970b25896cac96200cc9defd6495433e44d2ac54884fd6b50ccf45766e2cd6f55b8653a9e260409aeb096588039d80a1116e849d5747b251037fd86a4ad48751674e36742ee9bef9e34d32dbc98b237e87595d34e2725435e62c4e1131b078ac63a7342735d9400f0bc33a5e2d31b3c969f7d2db593125aa5ac72f8075d93aa8d8e3b846dd313ecb6d44d33a30e4b5209820d1704b6f74df23e97d21b157ea6c97dea604afc7756593f441c9b8e8018f009daed0ede3bd420e8fa8d73e9cf397cec213de9a18da2a701954dbf0cf0724d05e094e6a525f41cf87f2e586546911478bdf5509a40a84b91247b811029aa0d9634a791d647fab2cb81fb04cfb04737af54beec5f03af7960353fde092882fe31eb5c7cea7fd14ff36c23ee23d9d03e2fb2d6b8d8ca6e9ca70e12b3714f8145241fc220b0d4854e09bffd04aa1299417425750bd7022589a025e13f020e1b23c8f409946ac3064f9c3b087a932b752bb6a50e942a20d144d87780abe471d2233e1ffae4df98532f47022e8e7a248ebd910efa4cef725e19a4ed0846d0068f4c0b4f444cfd1ecf9a1503ea50553b70527e02a9c94bcd969b9bf2fcdec0aa72d0d49f32904297be8c5083728a40f3f3f752bd70eb7ac9c71a1740718d857418cddea42e120eb968e95add742cf5e417af9ac2f9e809db73e59f5b8271c961e5bac526f8c758ade88daf96e01e6acda3c867ad90202cdcdc018b9c07bb72e6365560bb87ca781e4cb28e6194cf21a035be96ce73c21c01ada7f2ae07beed305174fd8c6fba9ba8b72a2d24706f6c2bb5844097fc64db73a870a3f9cd1064550e6ac9c729d540f49a05a2df584f7ea0788bd6218bd45eccc4d3ec8b1252cfc70fc2567ced929295709e382fde637853c78a8978be21e9e84603c6a08368668536a5a5dae46ec8158295162b91b68e451c0330739132e7edbc036e43c083028d23e5e75251d0ef8e2cf8607c0618e54b71ac431612902443877ac0f56645a67c8a92747f7304fed46e748d1047ce212f02a70862120126fb6f3c378e81827848ed9abdb1c7afdf57cdb27d727697ef6f2b62a52670f53eaf0728d1cc316e9e83bdaca354bb6e5b00fdc5fc190ff18bab6222779ea428571bc64e48dc20a0bf94ed3a9e2bb419e8101da52720066d057e45ca31f3dd09fb44f3484ea9a5809816394cb8e728d3acd62674f19ffe9cc0ab8cbebe87b489d8ef6efa3ae1bd6278019eaa77339d75532f1cb73f1079352ca0063f752c34c65d013118ad4be250b2f999eba94b996ef56e3650c2c3a52d7a00c6aaca1be6bb71ee9e22bbf86a93c5a969e5f83907fcf6ee3c593f77be54ae78b9d98bf5e77bf1c1d30570e028ea89b76eafcc3dfbf1287772ce7def84e16a343a1ba16fcc62765ced1261965718d4b07c0df64daf1020f595854022ded6bde89a6b9c667b127d76f369a47a50364262400002d7b6b38cfc3c57ac43577262927a106a13403638231b15056da69566a37941c7a6b0b3e1c005212bbc091685d74488fd9713bef45cf6bd00a992d0cfea390af02aba35b7e3d2a3de2fc70f4d3cdfa0f9490754af88d8b110f95a7083f701ed7946512da725a2fd5ccfb1df02adbf3478eaf6b97601d70e6547cf67667e1403cbe4e6d06e142b5f3c1dba4f7b677ed982a6af75e19ededa4a90d40982896b8f72f3f026b00bf441011348e9343d354006830d66c8bac129e551c98e1cbd3b0f5679877a10625f0b354f43a03e5042f8288a5ee4da6f7b386f0057eb66a0d9e0f585dd9477f9f2043ef24ce65ef1b3ac80888096fdddf903c900a5e164e1ce81beee376aa1aa6f53e6aa923681b30f83161567daf61477fc4d1289fdefec24ee8fdd183e0aa697a8254d3cc7c4684b81a3d9a8d7ae51fc3cafac3e815e72710139c447f315c20e732f77418240fb4cde306020f9e4bf0ca46f109d66930be982f5b5b86355ad4ed4ca20eae51ce619798b1e6ea8486e73ead97d707073efe85e602d03dec993a6fe2f6bb4d4e6ab4846f7a8eee114625c7a08e19e5365b5b337c0ab795c4b0712d079482d95b50f482a16277dc8161f062e23bf76c0ead2e8ac74a3f86195e57201395f87f52f22fcb03b8a40e57b427a0c56189ff69ad73cec43c2f8535211c03efc142ed2eb2c4ba4fbdb414f82161cadfda8861290c8d6abe6888476853936387b875553591ebb5a76a56a282b74afe0340f951cedf063dbc01107905268e2f4ebd1f3f3322907c65e5b408f9bf8b9f93e7d661078417641cf52e9c8cc43d73d5e8e83fc6af8de0e67b5d7c46a092cb3ed80ad83e580fb4fb5e613adf52016b8e8c68300f80d1b549635ebf08671c2534271b551899527e01f3cd150684d8f9fa7e393f547b778e5f673ebf83ac051a7a8c23c83be1fb53971b1dea6c5e7053ba9d0f1ec904555ac80c7ff29e523b922c9d4b9b08cb6fcc270675424edb91c62fed49e786eaa0660966b5c6f626cf3d74809c6ed734326c894225aaef9a7a1b72a11671b5d18b0bf93f337daf131ec0aced11db15c56bbbd97ec02f25b77581ec14692ba4fc508dc2ff3ee4d3147621c8a44167211952d11d4fe207a8a8b80e42f78afd36d30e88c661ff6e1ffcda152f542bc59940c0afc4b3cf0b8888efdf7ec8b63c4022bedf7ca4fe9e6a5c547a03e0470e8de397a9cfd9e1f786eda5d135e80b62f37f40311641dc00ac16d1d63ca71c472ec1dfcab31ae74f5961e1ae8a17e397ab9d517cbbac71380a1658a3e4be664f167b9b9b1a93d6701bb4934811fea447c7e0bfde69991abc265d18b754c473684f87ac84a61382b55d633f88443b4bad596a53088e1de109d9361a4f6df6e4512685609668d9a492603096b2343fdddac98bc8a1d7083036f115622aa99c865cdd01150706a0c4f82e204016653fb66d2c0a480d2e515b5191161a57cdd37067c8d38717d8027558432a4489c7b113a45940e45699c14e49cbd0598d6fccf6e4aaaa91d2b4e5e7348f3bf0b9e662315a786dfb006d88c8b73cfa43cfba0739df48cd9d7d47f4ec66f20dcfec3289358ca069a93f04267c64bed1dba9122f39ca41f9bd0c4236bad1372a4610835be65f69cf3e35a07723d10ee4f185966078fb1bc3017e61ea390dfc478a2e9cdcfe2cfea45c820678002d20ae8fc2201cc6d29fd7a5ab3cdad3fa1e37c8a733ccf472f9213ce5e804d28b2c699863af5f905446abe864fc4b32e79eb22004bd973638dc9e03cffda799384e754b114e580809ccc4ef5fbcf4e29c9561692cb7b8bb5f51226bed0386a3534a69b27cb3a0cabf289bd67f03a3939a3d32dc4a4517bb07427939808e8dc97b7f1267b91a542feae89bbd6da8bf7c3dd435ebcc2e863eacc635a68b01e8639657adfcada7084d571fe429d48f2da7ee6ea27c2fe41322eedb995b607c76e9bf7b682f988073f05695f33ab68ef62e251d66d02e909d2c60ad5082737e4194dade014f6564bf118fa02a6f02f96f72ac69eec4704e4cacc92dda927e136088a36a50c19e1ed3db8c10864e2c5bf86f971ac67fc5aa2b8fba41e018bbfd08eb7010e00e055e50041344d8ebf000df442bfd1e08128b92f73bf1982894017d733d0df75614c313e65cb478392e63d427a4fcd1bd5d0fe29fcffa7c9358f8d7a118f9be18bde13b110ad70da71200963bf0c679e206a7ff5e14298ba4548cf4bd6cd047724a412968e19cb30fa26a331039ac05d49bf8e82ef976b13d9475d8f66d4346609558b4d30bbddb3cbd3bc6d091b697b451dd6d65795167f14825da8f4904890a3a03648afbb252b12362f1cf2ce9cff1f749a42849a78a49d487cd3fe9f566e44feb8781d70b3f23476965762406cecb35d7a60989ed9b3adc9bb226bf96bdae7e77782be596bb57ea72ffc77aa12a3cf42744507be5b9c55242c85d2e68f66f91f4d3f5d1b40efc5af2a7da12aa56f0915134af7dd2730e9c6724b04310fe939e73049e12ff03069a8e3a7b7f749825f2e1c140d4f110fa3f9673f158537ca3dd79d6c53f979027d023ccd1bf50c2554c7ae5be1a2c13f39f26d321685a5eed9166385394c001e0909fbfec5c1ef05c3fe17762458f9072fd5a036b6eaee71712f3f0f1fbbe6600fa8968758bdeac63284e1404343e29b84043df2a2afb79047802a81c9e1537d704fbc974bc7be0c34f51ce6bdd64ebe34fa13c6d4e4f41890c4b699f10d554f7f283f40b142fd12302c62a34481cb1ca252fccfbcdc1f37c723e250d297e077fb9fa33a0955212ed92819a56f78ee21bc4516cbf42e2d0b2cd7817aaf66f2070445860ed7a854915003f1144932246726a9c8772a813f9cc655062b45fa84185f7fbe9d11a31d56ed1eb1fddbbed917119fb16edd5d0362634d6bd4d616b4f3d4628060b0c1ec3425df8f981171fa05c24d90f4ce29f6ec7a39c8ef8f2e30803f46e7b0f1e76627169245d74552cf8a5f21e12ecea4375151f53c7d426bdb8ced6d171a868405c34270583c0ec7851bef9d23a817f39f76a54536f1edb31d54bc8d68fcff094dd8fac6760cc4629b98c63f9b9264503fe2b0478baaff880649e5d72c166094413ed71f47a5305c202e96dcb7a614e6a80668bc7a925f223596ef5fc005ea255865559dfa39e5e816f5f9584798ca51e6c5ce0f70c96095a40058eb620999902e4c80c6190514270b8f4f801985ad2d16988f087b0f85fd2558debc012bb7976ef3fa41b69fca1ead31e11ba229977c7e043d64a07056477457bf419b2818f000d2a5d893739231b2091701e852473f28e653731fecb45160c0b4eccb311f7499ff028e84bfcdb75f1947b292ebe100d0a00f47dc27063582383342c998261827977f6d0a4acd537a7e8655ac2ca0bd4e439bdfdcac3687ca021d2c6a3f9d2319f43d53a01793aef2574629bf7e82a5f726ee5e4caf59c580a5a2c13e6054545502e0c8beaf02f990361e850ee2014e06b26d172e666117bc30d72d641063ffacda8b49fcbdd542beb99b2d5262b4a2b59fe6801fc31a38668645b5ef935f885d1abaebf52d9faf53d8fa6bb136ed8da8bf1037600a136a768ab78fc0cac7ab4047c5f2acc0915019c8abda8bbd07d7cf3516dc918836ab96a8d18556ab7fb8ab572d570a10e84469319dd50c8f5745fc2da9265242d98539b64f9e0fbffb9bd078e94587681fd9b8866a7d64f6b35f10605509bac9b952cfbf990550a38ffe56bdbec144b8e6e04d94d7e4b1a7f5297b8be4eb42e06081474ee107b55cee8df174232a78ed1e318c8c4fae2138699410932e05433046c42f329d2dd9b165e9cd0eb9343591022850dfc683f00d058ca5a6f81c45011add867ea436a0946707124822c6533c2ee632accdfbd67c0303755220c13aea71f3967a470329526c027ab0665c8ce325b5d12cc6e04854e39e6b0e624595f5b6a6f838b0278212cb2ecb7fde58dd906734990d676f35d5b070b2a8033f840be2c6e709276ce076e3603d24d2101577714da09001191d20fc657d79669d206aa58c45c11dffdea51f85917cf4c32c676ae41488376824bded1134608164540c65443196436ba81c8e21520aa20ba884e86683b0da3b2ee7200d0394225f329bff5a380cd5720dc997f6fc2063775fd412128b5f4fca59fd9c167345e742172d3e7ef241791bdf41ac03941222b2c510e7a5de76e53019bab13589dd56955b3cc7856183228f1c17252c23241402671255955c0cd350634052b54aad28ff728ac4f8e850d9373a749f1df7b3a6c1d8ce99644a"}, @NFTA_DATA_VERDICT={0x4c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8}]}]}, @NFTA_CMP_OP={0x8}]}}}, {0xc, 0x1, 0x0, 0x1, @rt={{0x7}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x1358}}, 0x0) 1.321766072s ago: executing program 4 (id=949): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0) poll(&(0x7f0000000080)=[{r0}], 0x1, 0x2) 1.203827267s ago: executing program 2 (id=951): r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0xc0b45545, 0x0) 1.155647397s ago: executing program 3 (id=952): r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x7f}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0xa, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @generic={0xf, 0x8}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00'}, 0x90) 1.147371214s ago: executing program 4 (id=953): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect(r0, &(0x7f0000002bc0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80) 954.421476ms ago: executing program 3 (id=954): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c00000021000701000000000000000001060000100001"], 0x2c}}, 0x0) 916.650494ms ago: executing program 4 (id=955): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0800034000000004640000000e0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000380003803400008028000180230001"], 0xf0}}, 0x0) 916.430769ms ago: executing program 0 (id=956): r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$IOCTL_STOP_ACCEL_DEV(r0, 0x40096101, &(0x7f0000000880)={{}, 0xfe}) 871.721352ms ago: executing program 2 (id=957): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000140)={0x0, 0x5, 0x0, 0x2c, 0x400, 0x258}) 826.450936ms ago: executing program 0 (id=958): r0 = socket$kcm(0xa, 0x2, 0x73) sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x4e22, 0x0, @mcast2}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="10000000000000002900000037"], 0x10}, 0x40010) 814.981149ms ago: executing program 1 (id=959): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) epoll_create(0x7) 769.373438ms ago: executing program 0 (id=960): r0 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$6lowpan_enable(r0, 0x0, 0x0) 671.525849ms ago: executing program 3 (id=961): r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x12, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1806000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000000000008500000010000000b70000000000000095"], &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 671.278166ms ago: executing program 0 (id=962): r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f00000017c0)={&(0x7f0000000040)=@in6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f0000000540)=[{&(0x7f00000000c0)="7f", 0x1}], 0x1, &(0x7f0000000580)=[{0x10, 0x84, 0x7}], 0x10}, 0x0) 671.142085ms ago: executing program 2 (id=963): r0 = socket$unix(0x1, 0x5, 0x0) cachestat(r0, 0x0, 0x0, 0x0) 656.614809ms ago: executing program 1 (id=964): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=@newtaction={0x7c, 0x30, 0xb, 0x0, 0x0, {}, [{0x68, 0x1, [@m_ct={0x64, 0x1, 0x0, 0x0, {{0x7}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_ACTION={0x6, 0x3, 0x19}, @TCA_CT_NAT_PORT_MIN={0x6}, @TCA_CT_MARK={0x8}, @TCA_CT_NAT_PORT_MAX={0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0) 639.382119ms ago: executing program 4 (id=965): creat(&(0x7f0000000000)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', &(0x7f0000000740), 0x0, &(0x7f0000000080)={[{@mpol={'mpol', 0x3d, {'local'}}}]}) 588.063397ms ago: executing program 4 (id=966): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f00000000c0)={[{@errors_remount}]}, 0x1, 0x549, &(0x7f0000001800)="$eJzs3c9vI1cdAPDvTH65222zCz1ABewChQWt1t5421XVS8sFhKpKiIoD4rANiTcKseMQO6UJkUj/BpBA4gR/AgckDkg9ceDGEYkDQpQDUoEItEHiYDRjJ+smNmtqx+7Gn480O/Pmzcz3PWdn3vNz4hfA1LoeEQcRMR8Rb0TEYmd/0lnilfaSHffgcH/l6HB/JYlW6/W/J3l+ti+6zsk82blmISK+/pWIbydn4zZ29zaWq9XKdiddata2So3dvVvrteW1ylpls1y+u3T39ot3XiiPrK7Xar9478vrr37j17/65Lu/O/ji97NiXe7kdddjlNpVnzuJk5mNiFfPI9gEzHTW8xMuBx9MGhEfiYjP5Pf/Yszk/zsBgIus1VqM1mJ3GgC46NJ8DCxJixGRpp1OQLE9hvdMXEqr9Ubz5v36zuZqe6zsSsyl99erldtXF/7w3fzguSRLL+V5eX6eLp9K34mIqxHxo4Un8nRxpV5dnUyXBwCm3pPd7X9E/GshTYvFgU7t8akeAPDYKEy6AADA2Gn/AWD6aP8BYPoM0P53Puw/OPeyAADj4f0/AEwf7T8ATB/tPwBMla+99lq2tI4633+9+ubuzkb9zVurlcZGsbazUlypb28V1+r1tfw7e2qPul61Xt9aej523io1K41mqbG7d69W39ls3su/1/teZW4stQIA/per1975fRIRBy89kS/RNZeDthoutnSERwGPl5lhTtZBgMea2b5geg3UhOedhN+ee1mAyej5Zd6Fnpvv95P/I4jfM4IPlRsfH3z83xzPcLEY2Yfp9cHG/18eeTmA8TP+D9Or1UpOz/k/f5IFAFxIQ/wKX+sHo+qEABP1qMm8R/L5PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwwlyPiO5GkxXwu8DT7Ny0WI56KiCsxl9xfr1ZuR8TTcS0i5hay9NKkCw0ADCn9a9KZ/+vG4nOXT+fOJ/9eyNcR8b2fvv7jt5abze2lbP8/TvYvHE8fVn543hDzCgIAg/vzIAfl7Xe5s+56I//gcH/leDnHMp7x3pdOJh9dOTrcz5d2zmy0Wq1WRCHvS1z6ZxKznXMKEfFsRMyMIP7B2xHxsV71T/KxkSudmU+740cn9lNjjZ++L36a57XX2cv30RGUBabNO9nz55Ve918a1/N17/u/kD+hhpc//woRx8++o674s51IMz3iZ/f89UFjPP+br57Z2Vps570d8exsr/jJSfykT/znBoz/x0986ocv98lr/SziRvSO3x2r1KxtlRq7e7fWa8trlbXKZrl8d+nu7RfvvFAu5WPUpeOR6rP+9tLNp/uVLav/pT7xCz3rP39y7ucGrP/P//PGtz79MLlwOv4XPtv75/9Mz/htWZv4+QHjL1/6Zd/pu7P4q33q/6if/80B47/7l73VAQ8FAMagsbu3sVytVraH2sjehY7iOmc2siIOdvBxd3G4oH+KfGNEL0ufjawzNsjBc+f1qp77xuxJX3G0V/5mdsUxVycdeS2G2ngwrliTeyYB4/Hwpp90SQAAAAAAAAAAAAAAgH7G8adLk64jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9d/AwAA//8+JMPM") mkdir(&(0x7f0000000180)='./file1\x00', 0x0) 460.899137ms ago: executing program 1 (id=967): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0x890b, &(0x7f0000003480)={{0x0, 0x2, 0x0, 0x0, 0x0, 0x4000000000000000}}) 414.485469ms ago: executing program 2 (id=968): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c000280050001000400000008001e"], 0x4c}}, 0x0) 414.049991ms ago: executing program 0 (id=969): r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r0, 0x10d, 0xd4, &(0x7f0000000040), &(0x7f0000000080)=0x4) 413.512524ms ago: executing program 1 (id=970): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x3, 0x5, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x2e}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000200)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001240)={r0, 0x0, 0xe, 0x0, &(0x7f0000000080)="925a95e24550ec24e8e1a95586dd", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 295.119253ms ago: executing program 2 (id=971): r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000080)=@ethtool_ringparam={0x11, 0x0, 0x20040001, 0x0, 0x2}}) 294.969936ms ago: executing program 3 (id=972): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000000e0c0)={0x0, 0x0, &(0x7f000000e080)={&(0x7f000000e000)=@ipv6_newaddrlabel={0x30, 0x1e, 0x1, 0x0, 0x0, {}, [@IFAL_ADDRESS={0x14, 0x1, @private1}]}, 0x30}}, 0x0) 241.23176ms ago: executing program 2 (id=973): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001ac0)=ANY=[@ANYBLOB="4c0000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adfda888000000001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32, @ANYBLOB="080002"], 0x4c}}, 0x0) 143.757911ms ago: executing program 0 (id=974): syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f00000043c0)=ANY=[@ANYBLOB="003bfa093f92d25f4b42889f58b36282edd6f82c49e007ed49b9ed030962f330bd57af2a"], 0x2, 0x1a2, &(0x7f0000000440)="$eJzs0L9rE2Ecx/H397knPypUiYpDBRuweF6oJndVB6fgFCEHDi6CQUMam2KippfBlha6SEGq/Rd0qqMKOokoOBcHwUHPpZs0Q3EQB4nk8kTwb/B5Dfe57wfunodvK+pGGeD3/mqDMgmHg3xE0MC0jDqlRvnazN9Nbo2CS2beNPnM5FS0vHK73m43l/IX8+T+KYAfSfe3il5wTNEXysjn/dVGXW6GDMp01HxIrkrhEU6NrveYKT3J0Rs4DNxNLiu64lbhULHXuVeMllfOLHbqC82F5p0gmLtQOlcqnQ+KtxbbzdIrxHsoiies4YVkQia8NVI1HuzoA8wK4rVU7EihT7rG1o5z+uRsH+XtMUB45/bJfNWtvLrKKbLXh5evcER4ihMyU2VCoUkOqiBX1Evx9Sf9M6XIrjvO2cbd9vzGNSW/0ttl2cuKv0vK9QkKPnPD1XCY92zEzMRUYrZjdr8xLW+Gp4z3qteHz+dmOs4JSHO/3ust+Wn4IDokcEOCHEwmv1PJvXLw1nxjgi/jF8uyLMuyLMuyLOs/8CcAAP//o/hj9Q==") openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x0, 0x0) 142.438092ms ago: executing program 4 (id=975): r0 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) fsconfig$FSCONFIG_SET_PATH(r0, 0x2, 0x0, 0x0, 0xffffffffffffffff) 124.091517ms ago: executing program 1 (id=976): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) statfs(0x0, 0x0) 0s ago: executing program 3 (id=977): r0 = syz_open_dev$sndpcmc(&(0x7f0000000180), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r0, 0x81204101, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.113' (ED25519) to the list of known hosts. [ 57.015502][ T5210] cgroup: Unknown subsys name 'net' [ 57.123744][ T5210] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 58.676916][ T5210] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 60.971141][ T5233] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 60.979866][ T5233] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 60.989259][ T5233] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 60.992572][ T5238] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 60.997942][ T5233] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 61.005097][ T5238] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 61.012698][ T5233] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 61.019317][ T5238] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 61.024919][ T5233] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 61.033233][ T5238] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 61.040617][ T5233] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 61.046627][ T5238] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 61.054097][ T5233] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 61.060588][ T5238] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 61.067460][ T5233] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 61.076766][ T5238] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 61.081557][ T5233] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 61.088794][ T5238] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 61.095030][ T5233] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 61.102354][ T5238] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 61.109166][ T5233] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 61.116089][ T5238] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 61.123919][ T5233] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 61.136802][ T5239] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 61.146173][ T5236] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 61.155789][ T5233] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 61.166819][ T5233] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 61.195891][ T5240] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 61.206308][ T5233] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 61.215798][ T5233] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 61.630140][ T5235] chnl_net:caif_netlink_parms(): no params data found [ 61.695916][ T5222] chnl_net:caif_netlink_parms(): no params data found [ 61.710580][ T5226] chnl_net:caif_netlink_parms(): no params data found [ 61.800652][ T5224] chnl_net:caif_netlink_parms(): no params data found [ 61.822088][ T5225] chnl_net:caif_netlink_parms(): no params data found [ 61.895202][ T5235] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.903411][ T5235] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.911011][ T5235] bridge_slave_0: entered allmulticast mode [ 61.918769][ T5235] bridge_slave_0: entered promiscuous mode [ 61.931927][ T5235] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.939201][ T5235] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.946458][ T5235] bridge_slave_1: entered allmulticast mode [ 61.953333][ T5235] bridge_slave_1: entered promiscuous mode [ 62.083545][ T5222] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.090848][ T5222] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.098179][ T5222] bridge_slave_0: entered allmulticast mode [ 62.104890][ T5222] bridge_slave_0: entered promiscuous mode [ 62.112080][ T5226] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.119394][ T5226] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.127275][ T5226] bridge_slave_0: entered allmulticast mode [ 62.133988][ T5226] bridge_slave_0: entered promiscuous mode [ 62.176513][ T5235] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.187194][ T5222] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.194342][ T5222] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.202540][ T5222] bridge_slave_1: entered allmulticast mode [ 62.209645][ T5222] bridge_slave_1: entered promiscuous mode [ 62.226617][ T5226] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.233778][ T5226] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.241203][ T5226] bridge_slave_1: entered allmulticast mode [ 62.248697][ T5226] bridge_slave_1: entered promiscuous mode [ 62.255185][ T5224] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.263109][ T5224] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.270536][ T5224] bridge_slave_0: entered allmulticast mode [ 62.277987][ T5224] bridge_slave_0: entered promiscuous mode [ 62.301191][ T5235] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.329890][ T5222] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.355892][ T5224] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.363027][ T5224] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.370564][ T5224] bridge_slave_1: entered allmulticast mode [ 62.377593][ T5224] bridge_slave_1: entered promiscuous mode [ 62.402247][ T5222] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.413427][ T5226] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.424774][ T5226] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.458108][ T5225] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.465308][ T5225] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.472704][ T5225] bridge_slave_0: entered allmulticast mode [ 62.479745][ T5225] bridge_slave_0: entered promiscuous mode [ 62.489158][ T5235] team0: Port device team_slave_0 added [ 62.495205][ T5225] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.502461][ T5225] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.510003][ T5225] bridge_slave_1: entered allmulticast mode [ 62.517904][ T5225] bridge_slave_1: entered promiscuous mode [ 62.543751][ T5224] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.556749][ T5235] team0: Port device team_slave_1 added [ 62.580500][ T5222] team0: Port device team_slave_0 added [ 62.595518][ T5224] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.641740][ T5222] team0: Port device team_slave_1 added [ 62.659460][ T5226] team0: Port device team_slave_0 added [ 62.683285][ T5235] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.690671][ T5235] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.716720][ T5235] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.730760][ T5235] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.737851][ T5235] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.763814][ T5235] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.788215][ T5225] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.800524][ T5225] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.814134][ T5222] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.824853][ T5222] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.851220][ T5222] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.864271][ T5226] team0: Port device team_slave_1 added [ 62.881573][ T5224] team0: Port device team_slave_0 added [ 62.893516][ T5224] team0: Port device team_slave_1 added [ 62.921206][ T5222] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.928891][ T5222] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.955055][ T5222] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.999551][ T5225] team0: Port device team_slave_0 added [ 63.008913][ T5225] team0: Port device team_slave_1 added [ 63.025109][ T5226] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.032202][ T5226] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.058779][ T5226] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.082099][ T5224] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.089321][ T5224] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.115333][ T5224] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.153652][ T5226] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.160842][ T5226] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.187547][ T5226] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.198794][ T5233] Bluetooth: hci3: command tx timeout [ 63.205921][ T5224] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.206499][ T4618] Bluetooth: hci4: command tx timeout [ 63.212882][ T5224] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.218694][ T5233] Bluetooth: hci0: command tx timeout [ 63.251185][ T5224] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.265975][ T5235] hsr_slave_0: entered promiscuous mode [ 63.273297][ T5235] hsr_slave_1: entered promiscuous mode [ 63.276631][ T5233] Bluetooth: hci1: command tx timeout [ 63.279879][ T4618] Bluetooth: hci2: command tx timeout [ 63.303852][ T5222] hsr_slave_0: entered promiscuous mode [ 63.313906][ T5222] hsr_slave_1: entered promiscuous mode [ 63.320152][ T5222] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 63.328102][ T5222] Cannot create hsr debugfs directory [ 63.343412][ T5225] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.350454][ T5225] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.377373][ T5225] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.389648][ T5225] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.397050][ T5225] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.423470][ T5225] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.493882][ T5226] hsr_slave_0: entered promiscuous mode [ 63.500485][ T5226] hsr_slave_1: entered promiscuous mode [ 63.507428][ T5226] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 63.515100][ T5226] Cannot create hsr debugfs directory [ 63.584629][ T5224] hsr_slave_0: entered promiscuous mode [ 63.591527][ T5224] hsr_slave_1: entered promiscuous mode [ 63.598803][ T5224] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 63.606647][ T5224] Cannot create hsr debugfs directory [ 63.674034][ T5225] hsr_slave_0: entered promiscuous mode [ 63.681206][ T5225] hsr_slave_1: entered promiscuous mode [ 63.687811][ T5225] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 63.695385][ T5225] Cannot create hsr debugfs directory [ 63.972070][ T5222] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 63.992508][ T5222] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 64.009798][ T5222] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 64.019329][ T5222] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 64.081160][ T5235] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 64.101287][ T5235] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 64.112282][ T5235] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 64.146270][ T5226] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 64.159414][ T5235] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 64.171760][ T5226] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 64.183968][ T5226] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 64.207188][ T5226] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 64.271499][ T5224] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 64.301163][ T5224] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 64.311221][ T5224] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 64.331795][ T5224] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 64.421848][ T5225] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 64.451139][ T5225] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 64.464689][ T5222] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.484487][ T5225] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 64.504404][ T5225] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 64.524366][ T5222] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.562902][ T794] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.570333][ T794] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.591590][ T5235] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.619929][ T794] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.627106][ T794] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.677841][ T5226] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.725189][ T5226] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.739787][ T2895] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.746953][ T2895] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.786862][ T2895] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.793989][ T2895] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.844188][ T5224] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.860706][ T5235] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.883335][ T5226] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 64.910276][ T5226] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 64.971075][ T5224] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.990572][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.997776][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.021837][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.029027][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.110507][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.117710][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.137019][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.144169][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.190349][ T5225] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.223402][ T5222] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.258542][ T5225] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.277330][ T4618] Bluetooth: hci0: command tx timeout [ 65.283372][ T4618] Bluetooth: hci4: command tx timeout [ 65.285657][ T5233] Bluetooth: hci3: command tx timeout [ 65.299442][ T5226] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.355952][ T5233] Bluetooth: hci2: command tx timeout [ 65.356143][ T4618] Bluetooth: hci1: command tx timeout [ 65.371853][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.379017][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.396126][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.403269][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.417736][ T5226] veth0_vlan: entered promiscuous mode [ 65.456668][ T5226] veth1_vlan: entered promiscuous mode [ 65.552451][ T5222] veth0_vlan: entered promiscuous mode [ 65.590713][ T5225] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.641679][ T5222] veth1_vlan: entered promiscuous mode [ 65.701816][ T5226] veth0_macvtap: entered promiscuous mode [ 65.730088][ T5235] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.744573][ T5226] veth1_macvtap: entered promiscuous mode [ 65.790836][ T5222] veth0_macvtap: entered promiscuous mode [ 65.801051][ T5222] veth1_macvtap: entered promiscuous mode [ 65.850569][ T5224] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.894039][ T5222] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.926865][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.949140][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.961826][ T5226] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.975168][ T5235] veth0_vlan: entered promiscuous mode [ 65.993826][ T5226] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.007924][ T5226] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.016851][ T5226] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.026127][ T5226] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.034863][ T5226] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.060338][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.071450][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.085466][ T5222] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.110970][ T5235] veth1_vlan: entered promiscuous mode [ 66.132902][ T5225] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.144330][ T5222] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.155228][ T5222] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.164462][ T5222] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.174707][ T5222] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.304978][ T5225] veth0_vlan: entered promiscuous mode [ 66.368705][ T5224] veth0_vlan: entered promiscuous mode [ 66.379323][ T5235] veth0_macvtap: entered promiscuous mode [ 66.393931][ T5225] veth1_vlan: entered promiscuous mode [ 66.441467][ T5235] veth1_macvtap: entered promiscuous mode [ 66.459769][ T5224] veth1_vlan: entered promiscuous mode [ 66.471504][ T2895] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.494158][ T5225] veth0_macvtap: entered promiscuous mode [ 66.511963][ T2895] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.537569][ T5225] veth1_macvtap: entered promiscuous mode [ 66.567955][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.580953][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.586808][ T5225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.599737][ T5225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.613624][ T5225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.624185][ T5225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.637742][ T5225] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.649650][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.661382][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.671440][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.682061][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.692961][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.703807][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.715414][ T5235] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.735378][ T2895] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.746348][ T2895] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.761241][ T5225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.771950][ T5225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.783388][ T5225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.798960][ T5225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.810282][ T5225] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.821472][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.832134][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.842354][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.853040][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.863466][ T5235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.874285][ T5235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.886646][ T5235] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.901375][ T2895] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.911205][ T2895] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.916558][ T5235] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.928796][ T5235] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.937701][ T5235] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.950351][ T5235] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.976853][ T5225] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.986059][ T5225] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.994760][ T5225] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.008267][ T5225] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.021205][ T5224] veth0_macvtap: entered promiscuous mode [ 67.057207][ T5224] veth1_macvtap: entered promiscuous mode [ 67.106232][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.119770][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.129822][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.146048][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.156311][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.166836][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.176763][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.187280][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.199501][ T5224] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.233411][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.244180][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.265611][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.289371][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.302032][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.333010][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.354444][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.356649][ T4618] Bluetooth: hci4: command tx timeout [ 67.366272][ T5233] Bluetooth: hci0: command tx timeout [ 67.370534][ T5230] Bluetooth: hci3: command tx timeout [ 67.386557][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.417617][ T5224] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.429249][ T5224] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.436225][ T4618] Bluetooth: hci1: command tx timeout [ 67.438380][ T5224] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.443354][ T5230] Bluetooth: hci2: command tx timeout [ 67.452037][ T5224] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.452071][ T5224] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.585498][ T794] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.622727][ T794] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.645205][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.653919][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.782917][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.801244][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.831369][ T2895] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.832759][ T794] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.858319][ T2895] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.867423][ T794] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.938781][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.960901][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.537192][ T5333] ntfs3: loop1: try to read out of volume at offset 0x0 [ 68.549613][ T5335] trusted_key: encrypted_key: insufficient parameters specified [ 68.562360][ T5313] loop3: detected capacity change from 0 to 32768 [ 68.586551][ T5313] ======================================================= [ 68.586551][ T5313] WARNING: The mand mount option has been deprecated and [ 68.586551][ T5313] and is ignored by this kernel. Remove the mand [ 68.586551][ T5313] option from the mount to silence this warning. [ 68.586551][ T5313] ======================================================= [ 68.751634][ T5313] XFS (loop3): DAX unsupported by block device. Turning off DAX. [ 68.791131][ T5313] XFS (loop3): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent. [ 68.807989][ T5347] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 68.944270][ T5355] netlink: 'syz.1.19': attribute type 15 has an invalid length. [ 68.962732][ T5355] netlink: 24 bytes leftover after parsing attributes in process `syz.1.19'. [ 69.062647][ T5357] ntfs3: nullb0: Primary boot signature is not NTFS. [ 69.075333][ T5357] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 69.262546][ T5313] XFS (loop3): Quotacheck needed: Please wait. [ 69.361761][ T5313] XFS (loop3): Quotacheck: Done. [ 69.420330][ T5376] netlink: 'syz.4.30': attribute type 1 has an invalid length. [ 69.439849][ T5230] Bluetooth: hci4: command tx timeout [ 69.445309][ T5230] Bluetooth: hci3: command tx timeout [ 69.452551][ T4618] Bluetooth: hci0: command tx timeout [ 69.525042][ T5376] netlink: 224 bytes leftover after parsing attributes in process `syz.4.30'. [ 69.525403][ T5230] Bluetooth: hci2: command tx timeout [ 69.539776][ T5230] Bluetooth: hci1: command tx timeout [ 69.774830][ T5226] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 69.870687][ T5391] netlink: 16 bytes leftover after parsing attributes in process `syz.0.39'. [ 69.886693][ T5391] netlink: 'syz.0.39': attribute type 2 has an invalid length. [ 69.894507][ T5391] netlink: 4 bytes leftover after parsing attributes in process `syz.0.39'. [ 70.916494][ T5432] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 71.192223][ T5444] netlink: 28 bytes leftover after parsing attributes in process `syz.2.64'. [ 71.274656][ T5443] loop3: detected capacity change from 0 to 2048 [ 71.385999][ T5443] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 71.464285][ T5452] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 71.476015][ T5443] syz.3.63: attempt to access beyond end of device [ 71.476015][ T5443] loop3: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 71.539799][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.546512][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.601817][ T5450] loop2: detected capacity change from 0 to 1024 [ 71.664486][ T5450] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 71.687890][ T5438] loop1: detected capacity change from 0 to 32768 [ 71.695079][ T5438] XFS: ikeep mount option is deprecated. [ 71.711974][ T5450] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 71.750689][ T5438] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 71.756731][ T5450] EXT4-fs (loop2): orphan cleanup on readonly fs [ 71.777193][ T5450] EXT4-fs error (device loop2): __ext4_get_inode_loc:4433: comm syz.2.67: Invalid inode table block 0 in block_group 0 [ 71.881071][ T5450] EXT4-fs (loop2): Remounting filesystem read-only [ 71.891537][ T5450] Quota error (device loop2): write_blk: dquota write failed [ 71.935711][ T5450] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 71.945081][ T5438] XFS (loop1): Ending clean mount [ 71.947169][ T5450] EXT4-fs (loop2): 1 truncate cleaned up [ 72.000599][ T5450] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 72.033898][ T5438] XFS (loop1): Quotacheck needed: Please wait. [ 72.150401][ T5438] XFS (loop1): Quotacheck: Done. [ 72.164851][ T5472] loop4: detected capacity change from 0 to 256 [ 72.287540][ T5222] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.339708][ T5235] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 72.586549][ T5482] netlink: 'syz.0.79': attribute type 3 has an invalid length. [ 72.630716][ T5482] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.79'. [ 72.943958][ T5497] netlink: 'syz.2.86': attribute type 21 has an invalid length. [ 72.952982][ T5497] netlink: 128 bytes leftover after parsing attributes in process `syz.2.86'. [ 72.963205][ T5497] netlink: 'syz.2.86': attribute type 4 has an invalid length. [ 72.997772][ T5497] netlink: 3 bytes leftover after parsing attributes in process `syz.2.86'. [ 73.362037][ T5518] loop1: detected capacity change from 0 to 1024 [ 73.400741][ T5518] fuse: Bad value for 'fd' [ 73.463190][ T5522] loop2: detected capacity change from 0 to 256 [ 73.507049][ T5520] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 73.521665][ T12] hfsplus: b-tree write err: -5, ino 4 [ 73.591420][ T5526] binder: 5525:5526 ioctl 400c620e 0 returned -14 [ 73.656438][ T5522] FAT-fs (loop2): Directory bread(block 64) failed [ 73.665703][ T5522] FAT-fs (loop2): Directory bread(block 65) failed [ 73.672444][ T5522] FAT-fs (loop2): Directory bread(block 66) failed [ 73.750625][ T5522] FAT-fs (loop2): Directory bread(block 67) failed [ 73.795500][ T5522] FAT-fs (loop2): Directory bread(block 68) failed [ 73.801217][ T5522] FAT-fs (loop2): Directory bread(block 69) failed [ 73.801332][ T5522] FAT-fs (loop2): Directory bread(block 70) failed [ 73.801370][ T5522] FAT-fs (loop2): Directory bread(block 71) failed [ 73.801447][ T5522] FAT-fs (loop2): Directory bread(block 72) failed [ 73.801483][ T5522] FAT-fs (loop2): Directory bread(block 73) failed [ 73.874648][ T5522] FAT-fs (loop2): Filesystem has been set read-only [ 73.884328][ T5522] FAT-fs (loop2): error, invalid access to FAT (entry 0x00006c61) [ 73.905844][ T29] audit: type=1800 audit(1724332945.316:2): pid=5522 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.96" name="pids.current" dev="loop2" ino=1048601 res=0 errno=0 [ 74.046231][ T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 74.171700][ T5543] loop3: detected capacity change from 0 to 760 [ 74.230050][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 74.262029][ T9] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 74.270929][ T5543] syz.3.107: attempt to access beyond end of device [ 74.270929][ T5543] loop3: rw=524288, sector=868, nr_sectors = 256 limit=760 [ 74.298493][ T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 74.323191][ T9] usb 5-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x76, changing to 0x6 [ 74.339218][ T5543] syz.3.107: attempt to access beyond end of device [ 74.339218][ T5543] loop3: rw=524288, sector=1124, nr_sectors = 256 limit=760 [ 74.385099][ T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 100, changing to 10 [ 74.405391][ T5543] syz.3.107: attempt to access beyond end of device [ 74.405391][ T5543] loop3: rw=0, sector=868, nr_sectors = 8 limit=760 [ 74.429027][ T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 24936, setting to 1024 [ 74.480669][ T29] audit: type=1800 audit(1724332945.906:3): pid=5543 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.107" name="file1" dev="loop3" ino=1925 res=0 errno=0 [ 74.518363][ T9] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 74.533623][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 74.576421][ T9] hub 5-1:1.0: bad descriptor, ignoring hub [ 74.614604][ T9] hub 5-1:1.0: probe with driver hub failed with error -5 [ 74.655237][ T9] cdc_wdm 5-1:1.0: skipping garbage [ 74.668096][ T9] cdc_wdm 5-1:1.0: skipping garbage [ 74.686130][ T9] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22 [ 74.789995][ T9] usb 5-1: USB disconnect, device number 2 [ 74.852395][ T5550] loop2: detected capacity change from 0 to 40427 [ 75.019302][ T5550] F2FS-fs (loop2): invalid crc value [ 75.031506][ T5550] F2FS-fs (loop2): Found nat_bits in checkpoint [ 75.184133][ T5550] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 75.383081][ T5578] netlink: 'syz.3.121': attribute type 4 has an invalid length. [ 75.431452][ T5581] loop1: detected capacity change from 0 to 256 [ 75.577133][ T5581] FAT-fs (loop1): Directory bread(block 64) failed [ 75.584017][ T5581] FAT-fs (loop1): Directory bread(block 65) failed [ 75.590853][ T5581] FAT-fs (loop1): Directory bread(block 66) failed [ 75.597830][ T5581] FAT-fs (loop1): Directory bread(block 67) failed [ 75.605112][ T5581] FAT-fs (loop1): Directory bread(block 68) failed [ 75.612639][ T5581] FAT-fs (loop1): Directory bread(block 69) failed [ 75.613837][ T5587] loop3: detected capacity change from 0 to 256 [ 75.619638][ T5581] FAT-fs (loop1): Directory bread(block 70) failed [ 75.632623][ T5581] FAT-fs (loop1): Directory bread(block 71) failed [ 75.641190][ T5581] FAT-fs (loop1): Directory bread(block 72) failed [ 75.647867][ T5581] FAT-fs (loop1): Directory bread(block 73) failed [ 75.654826][ T5222] syz-executor: attempt to access beyond end of device [ 75.654826][ T5222] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 75.709313][ T5222] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 76.005902][ T5587] FAT-fs (loop3): Directory bread(block 64) failed [ 76.014828][ T5587] FAT-fs (loop3): Directory bread(block 65) failed [ 76.025804][ T5587] FAT-fs (loop3): Directory bread(block 66) failed [ 76.032402][ T5587] FAT-fs (loop3): Directory bread(block 67) failed [ 76.065973][ T5587] FAT-fs (loop3): Directory bread(block 68) failed [ 76.085730][ T5587] FAT-fs (loop3): Directory bread(block 69) failed [ 76.092774][ T5587] FAT-fs (loop3): Directory bread(block 70) failed [ 76.108934][ T5587] FAT-fs (loop3): Directory bread(block 71) failed [ 76.120698][ T5603] netlink: 40 bytes leftover after parsing attributes in process `syz.0.135'. [ 76.130071][ T5587] FAT-fs (loop3): Directory bread(block 72) failed [ 76.136746][ T5587] FAT-fs (loop3): Directory bread(block 73) failed [ 76.421416][ T5610] [U]  [ 76.452129][ T5615] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 76.558760][ T2638] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 76.796887][ T2638] usb 5-1: New USB device found, idVendor=0586, idProduct=330b, bcdDevice=ad.1a [ 76.806725][ T2638] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 76.814812][ T2638] usb 5-1: Product: syz [ 76.865711][ T2638] usb 5-1: Manufacturer: syz [ 76.879368][ T2638] usb 5-1: SerialNumber: syz [ 76.914204][ T2638] usb 5-1: config 0 descriptor?? [ 77.014279][ T5638] netlink: 8 bytes leftover after parsing attributes in process `syz.3.150'. [ 77.166144][ T2638] cxacru 5-1:0.0: usbatm_usb_probe: bind failed: -19! [ 77.201345][ T5647] loop3: detected capacity change from 0 to 64 [ 77.255392][ T5647] Bad inode number on dev loop3: 6 is out of range [ 77.364101][ T5651] x_tables: duplicate underflow at hook 2 [ 77.400708][ T46] usb 5-1: USB disconnect, device number 3 [ 77.569005][ T5660] dlm: Unknown command passed to DLM device : 0 [ 77.569005][ T5660] [ 78.063627][ T5681] loop1: detected capacity change from 0 to 256 [ 78.096329][ T5686] netlink: 24 bytes leftover after parsing attributes in process `syz.0.171'. [ 78.167230][ T5681] FAT-fs (loop1): Directory bread(block 64) failed [ 78.196344][ T5681] FAT-fs (loop1): Directory bread(block 65) failed [ 78.236337][ T5681] FAT-fs (loop1): Directory bread(block 66) failed [ 78.242991][ T5681] FAT-fs (loop1): Directory bread(block 67) failed [ 78.291017][ T5681] FAT-fs (loop1): Directory bread(block 68) failed [ 78.312274][ T5681] FAT-fs (loop1): Directory bread(block 69) failed [ 78.356552][ T5681] FAT-fs (loop1): Directory bread(block 70) failed [ 78.386454][ T5681] FAT-fs (loop1): Directory bread(block 71) failed [ 78.393359][ T5681] FAT-fs (loop1): Directory bread(block 72) failed [ 78.427936][ T5681] FAT-fs (loop1): Directory bread(block 73) failed [ 79.230877][ T5723] loop1: detected capacity change from 0 to 4096 [ 79.287019][ T5739] loop0: detected capacity change from 0 to 16 [ 79.302846][ T5723] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 79.341723][ T5739] erofs: (device loop0): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 79.362812][ T5739] erofs: (device loop0): mounted with root inode @ nid 36. [ 79.407346][ T5739] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 0 of nid 36 [ 79.410144][ T5723] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 79.589533][ T5750] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 79.589619][ T5748] loop2: detected capacity change from 0 to 256 [ 79.605938][ T5750] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 79.722150][ T5748] FAT-fs (loop2): Directory bread(block 64) failed [ 79.744608][ T5754] loop0: detected capacity change from 0 to 8 [ 79.757736][ T5748] FAT-fs (loop2): Directory bread(block 65) failed [ 79.764455][ T5748] FAT-fs (loop2): Directory bread(block 66) failed [ 79.791039][ T5755] nvme_fabrics: unknown parameter or missing value 'Y' in ctrl creation request [ 79.818211][ T5748] FAT-fs (loop2): Directory bread(block 67) failed [ 79.824987][ T5748] FAT-fs (loop2): Directory bread(block 68) failed [ 79.834053][ T5748] FAT-fs (loop2): Directory bread(block 69) failed [ 79.846160][ T5748] FAT-fs (loop2): Directory bread(block 70) failed [ 79.853218][ T5748] FAT-fs (loop2): Directory bread(block 71) failed [ 79.860436][ T5748] FAT-fs (loop2): Directory bread(block 72) failed [ 79.867421][ T5748] FAT-fs (loop2): Directory bread(block 73) failed [ 80.044455][ T5759] bridge1: the hash_elasticity option has been deprecated and is always 16 [ 80.081820][ T5748] /dev/loop2: Can't open blockdev [ 80.110472][ T5764] netlink: 'syz.0.211': attribute type 33 has an invalid length. [ 80.143268][ T5764] netlink: 152 bytes leftover after parsing attributes in process `syz.0.211'. [ 80.207317][ T5767] fuse: Bad value for 'group_id' [ 80.233254][ T5767] fuse: Bad value for 'group_id' [ 80.289795][ T5771] loop1: detected capacity change from 0 to 256 [ 80.404918][ T5777] nfs: Bad value for 'source' [ 80.577978][ T5771] FAT-fs (loop1): Directory bread(block 64) failed [ 80.584690][ T5771] FAT-fs (loop1): Directory bread(block 65) failed [ 80.605016][ T5783] loop3: detected capacity change from 0 to 64 [ 80.624252][ T5771] FAT-fs (loop1): Directory bread(block 66) failed [ 80.676629][ T5771] FAT-fs (loop1): Directory bread(block 67) failed [ 80.706787][ T5771] FAT-fs (loop1): Directory bread(block 68) failed [ 80.713399][ T5771] FAT-fs (loop1): Directory bread(block 69) failed [ 80.759064][ T5771] FAT-fs (loop1): Directory bread(block 70) failed [ 80.798746][ T5771] FAT-fs (loop1): Directory bread(block 71) failed [ 80.822485][ T5771] FAT-fs (loop1): Directory bread(block 72) failed [ 80.854017][ T5771] FAT-fs (loop1): Directory bread(block 73) failed [ 81.359845][ T5808] loop1: detected capacity change from 0 to 2048 [ 81.450937][ T5808] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 81.565762][ T29] audit: type=1800 audit(1724332952.986:4): pid=5808 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.236" name="bus" dev="loop1" ino=1367 res=0 errno=0 [ 81.778061][ T940] cfg80211: failed to load regulatory.db [ 82.206240][ T5849] netlink: 'syz.3.252': attribute type 3 has an invalid length. [ 82.955862][ T940] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 83.155743][ T9] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 83.177300][ T940] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 83.192355][ T940] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 83.211770][ T940] usb 1-1: config 1 has no interface number 1 [ 83.221000][ T5845] loop2: detected capacity change from 0 to 32768 [ 83.223431][ T5851] loop1: detected capacity change from 0 to 32768 [ 83.227668][ T940] usb 1-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping [ 83.252355][ T5867] netlink: 8 bytes leftover after parsing attributes in process `syz.3.262'. [ 83.255364][ T5845] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.251 (5845) [ 83.282336][ T940] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 83.312342][ T940] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 83.327304][ T5845] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 83.338141][ T940] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 83.352743][ T940] usb 1-1: Product: syz [ 83.359151][ T9] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 83.368377][ T9] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 83.380333][ T5845] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 83.390691][ T940] usb 1-1: Manufacturer: syz [ 83.395346][ T940] usb 1-1: SerialNumber: syz [ 83.405997][ T5845] BTRFS info (device loop2): using free-space-tree [ 83.419517][ T9] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10 [ 83.469357][ T9] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 83.486762][ T9] usb 5-1: config 0 interface 0 has no altsetting 0 [ 83.517416][ T9] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 83.528304][ T9] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 83.537585][ T9] usb 5-1: Product: syz [ 83.541870][ T9] usb 5-1: Manufacturer: syz [ 83.575690][ T9] usb 5-1: SerialNumber: syz [ 83.644183][ T9] usb 5-1: config 0 descriptor?? [ 83.917281][ T9] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 83.939014][ T9] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 83.940784][ T5891] loop1: detected capacity change from 0 to 2048 [ 83.952860][ T940] usb 1-1: 2:1: All rates were zero [ 84.002677][ T5894] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 84.035004][ T940] usb 1-1: USB disconnect, device number 2 [ 84.125801][ T2638] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 84.150200][ T5222] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 84.166277][ T5891] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 84.176313][ T9] usb 5-1: USB disconnect, device number 4 [ 84.203418][ T9] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 84.220347][ T5891] Remounting filesystem read-only [ 84.238238][ T5891] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 84.368418][ T2638] usb 4-1: config 0 has an invalid interface number: 52 but max is 0 [ 84.388721][ T2638] usb 4-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 84.441290][ T2638] usb 4-1: config 0 has no interface number 0 [ 84.465675][ T2638] usb 4-1: config 0 interface 52 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 84.502688][ T5898] xt_CT: No such helper "pptp" [ 84.512627][ T2638] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8F has invalid maxpacket 65535, setting to 64 [ 84.560502][ T2638] usb 4-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 84.613231][ T2638] usb 4-1: config 0 interface 52 has no altsetting 0 [ 84.648031][ T2638] usb 4-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 84.675731][ T2638] usb 4-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 84.705720][ T2638] usb 4-1: Product: syz [ 84.709991][ T2638] usb 4-1: SerialNumber: syz [ 84.733493][ T5905] netlink: 20 bytes leftover after parsing attributes in process `syz.2.271'. [ 84.745458][ T2638] usb 4-1: config 0 descriptor?? [ 84.826292][ T5907] netlink: 'syz.1.281': attribute type 1 has an invalid length. [ 84.908436][ T5911] loop0: detected capacity change from 0 to 256 [ 84.997713][ T5911] FAT-fs (loop0): Directory bread(block 64) failed [ 85.002168][ T2638] input: syz (Stick) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.52/input/input5 [ 85.025656][ T5911] FAT-fs (loop0): Directory bread(block 65) failed [ 85.051898][ T5915] netlink: 80 bytes leftover after parsing attributes in process `syz.1.275'. [ 85.064047][ T5911] FAT-fs (loop0): Directory bread(block 66) failed [ 85.071980][ T5917] mmap: syz.4.276 (5917): VmData 54243328 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 85.086533][ T5915] netlink: 4 bytes leftover after parsing attributes in process `syz.1.275'. [ 85.102240][ T5911] FAT-fs (loop0): Directory bread(block 67) failed [ 85.145833][ T5911] FAT-fs (loop0): Directory bread(block 68) failed [ 85.158432][ T5911] FAT-fs (loop0): Directory bread(block 69) failed [ 85.165120][ T5911] FAT-fs (loop0): Directory bread(block 70) failed [ 85.191438][ T5911] FAT-fs (loop0): Directory bread(block 71) failed [ 85.198427][ T5911] FAT-fs (loop0): Directory bread(block 72) failed [ 85.205003][ T5911] FAT-fs (loop0): Directory bread(block 73) failed [ 85.307040][ T25] usb 4-1: USB disconnect, device number 2 [ 85.307074][ C0] synaptics_usb 4-1:0.52: synusb_irq - usb_submit_urb failed with result: -19 [ 85.877254][ T5939] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 86.070852][ T5929] loop4: detected capacity change from 0 to 32768 [ 86.199240][ T5929] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 86.264625][ T5957] loop2: detected capacity change from 0 to 764 [ 86.293665][ T5962] loop1: detected capacity change from 0 to 64 [ 86.369666][ T5957] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 86.410179][ T5957] Symlink component flag not implemented [ 86.444183][ T5957] Symlink component flag not implemented [ 86.455819][ T5957] Symlink component flag not implemented (128) [ 86.472381][ T5957] Symlink component flag not implemented (122) [ 86.560611][ T5968] netlink: 4 bytes leftover after parsing attributes in process `syz.0.300'. [ 86.782072][ T5975] netlink: 8 bytes leftover after parsing attributes in process `syz.0.302'. [ 86.827018][ T5929] XFS (loop4): Ending clean mount [ 87.021691][ T5985] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 87.032008][ T5985] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 87.041536][ T5224] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 87.338503][ T6000] capability: warning: `syz.1.315' uses deprecated v2 capabilities in a way that may be insecure [ 87.506665][ T6008] kAFS: unable to lookup cell '' [ 87.673219][ T6014] loop1: detected capacity change from 0 to 512 [ 87.770035][ T6014] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 87.841896][ T6022] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 87.875979][ T6024] tmpfs: Bad value for 'nr_inodes' [ 87.889265][ T6014] EXT4-fs (loop1): orphan cleanup on readonly fs [ 87.919093][ T6014] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.321: bg 0: block 248: padding at end of block bitmap is not set [ 87.981986][ T6014] Quota error (device loop1): write_blk: dquota write failed [ 87.992268][ T6014] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 88.002620][ T6014] EXT4-fs error (device loop1): ext4_acquire_dquot:6855: comm syz.1.321: Failed to acquire dquot type 1 [ 88.023754][ T6029] Sensor A: ================= START STATUS ================= [ 88.053430][ T6029] Sensor A: Test Pattern: 75% Colorbar [ 88.062559][ T6029] Sensor A: Show Information: All [ 88.068170][ T6029] Sensor A: Vertical Flip: false [ 88.073374][ T6029] Sensor A: Horizontal Flip: false [ 88.083282][ T6014] EXT4-fs (loop1): 1 truncate cleaned up [ 88.125885][ T6029] Sensor A: Brightness: 128 [ 88.130892][ T6029] Sensor A: Contrast: 128 [ 88.148515][ T6014] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 88.166698][ T6029] Sensor A: Hue: 0 [ 88.202382][ T6029] Sensor A: Saturation: 128 [ 88.217654][ T6029] Sensor A: ================== END STATUS ================== [ 88.235299][ T6014] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 88.268604][ T6014] EXT4-fs error (device loop1): __ext4_remount:6498: comm syz.1.321: Abort forced by user [ 88.302052][ T6014] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 88.362025][ T6014] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 88.396121][ T6014] ext4 filesystem being remounted at /64/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 88.535534][ T5235] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.664878][ T6056] netlink: 20 bytes leftover after parsing attributes in process `syz.3.340'. [ 88.879511][ T6068] netlink: 'syz.2.346': attribute type 8 has an invalid length. [ 89.536616][ T6087] netlink: 'syz.2.355': attribute type 1 has an invalid length. [ 89.728855][ T6088] loop0: detected capacity change from 0 to 4096 [ 89.756875][ T6092] netlink: 8 bytes leftover after parsing attributes in process `syz.2.357'. [ 89.785994][ T6092] netlink: 8 bytes leftover after parsing attributes in process `syz.2.357'. [ 89.811523][ T6062] loop4: detected capacity change from 0 to 32768 [ 89.828759][ T6062] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.344 (6062) [ 89.842723][ T6092] netlink: 'syz.2.357': attribute type 6 has an invalid length. [ 89.921237][ T6062] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 89.955701][ T6062] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 90.011706][ T6062] BTRFS info (device loop4): disk space caching is enabled [ 90.038717][ T6062] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 90.150648][ T6075] loop3: detected capacity change from 0 to 32768 [ 90.201565][ T6103] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode broadcast(3) [ 90.252799][ T6075] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.349 (6075) [ 90.382795][ T6075] BTRFS info (device loop3): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 90.447568][ T6075] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 90.487293][ T6075] BTRFS info (device loop3): disk space caching is enabled [ 90.494660][ T6075] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 90.608628][ T6062] BTRFS info (device loop4): rebuilding free space tree [ 90.732776][ T6062] BTRFS info (device loop4): disabling free space tree [ 90.740324][ T6062] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 90.766652][ T6062] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 90.876673][ T6075] BTRFS info (device loop3): rebuilding free space tree [ 90.962961][ T6062] BTRFS info (device loop4): balance: start -susage=15968688406537,stripes=0..262144 [ 90.988336][ T6062] BTRFS info (device loop4): relocating block group 1048576 flags system [ 91.027844][ T6075] BTRFS info (device loop3): disabling free space tree [ 91.034808][ T6075] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 91.182998][ T6161] loop0: detected capacity change from 0 to 256 [ 91.275731][ T6075] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 91.281954][ T6157] loop1: detected capacity change from 0 to 32768 [ 91.429171][ T6062] BTRFS info (device loop4): balance: ended with status: 0 [ 91.456925][ T6157] ERROR: (device loop1): dbAlloc: the hint is outside the map [ 91.456925][ T6157] [ 91.502104][ T6157] ERROR: (device loop1): remounting filesystem as read-only [ 91.528152][ T5224] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 92.040671][ T5226] BTRFS info (device loop3): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 92.125800][ T6176] netlink: 'syz.2.385': attribute type 21 has an invalid length. [ 92.207420][ T6180] loop0: detected capacity change from 0 to 1024 [ 92.261800][ T6183] netlink: 4 bytes leftover after parsing attributes in process `syz.2.387'. [ 92.275463][ T6180] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 92.332495][ T940] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 92.467793][ T5225] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.604663][ T6195] ip6tnl1: entered promiscuous mode [ 92.611546][ T6195] ip6tnl1: entered allmulticast mode [ 92.755240][ T940] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 92.764425][ T940] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 92.773725][ T940] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.810941][ T940] usb 2-1: config 0 descriptor?? [ 92.964229][ T6208] netlink: 16 bytes leftover after parsing attributes in process `syz.2.398'. [ 92.973821][ T6208] netlink: 8 bytes leftover after parsing attributes in process `syz.2.398'. [ 93.029218][ T6212] loop2: detected capacity change from 0 to 8 [ 93.065322][ T25] usb 2-1: USB disconnect, device number 2 [ 93.952473][ T6234] loop1: detected capacity change from 0 to 4096 [ 94.422676][ T6222] loop4: detected capacity change from 0 to 32768 [ 94.498116][ T6222] XFS (loop4): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 94.667804][ T6270] netlink: 64 bytes leftover after parsing attributes in process `syz.0.423'. [ 94.676927][ T6270] netlink: 64 bytes leftover after parsing attributes in process `syz.0.423'. [ 94.772452][ T6277] loop0: detected capacity change from 0 to 512 [ 94.804413][ T6277] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 94.834505][ T6277] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002] [ 94.842765][ T6277] System zones: 1-12 [ 94.851985][ T6277] EXT4-fs (loop0): orphan cleanup on readonly fs [ 94.871061][ T6277] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.426: bg 0: block 361: padding at end of block bitmap is not set [ 94.954565][ T6277] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 94.994933][ T6222] XFS (loop4): Ending clean mount [ 95.002472][ T6277] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #11: comm syz.0.426: attempt to clear invalid blocks 33619980 len 1 [ 95.045206][ T6222] XFS (loop4): Quotacheck needed: Please wait. [ 95.062624][ T6277] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.426: invalid indirect mapped block 1811939328 (level 0) [ 95.095984][ T46] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 95.115730][ T6222] XFS (loop4): Quotacheck: Done. [ 95.121772][ T6277] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.426: invalid indirect mapped block 2 (level 2) [ 95.181484][ T6277] EXT4-fs (loop0): 1 truncate cleaned up [ 95.195142][ T6277] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 95.289636][ T46] usb 2-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 95.300587][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.322678][ T6277] EXT4-fs (loop0): ext4_remount: Checksum for group 0 failed (17031!=33349) [ 95.327299][ T46] usb 2-1: config 0 descriptor?? [ 95.337507][ T5224] XFS (loop4): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 95.355937][ T46] ums-realtek 2-1:0.0: USB Mass Storage device detected [ 95.423424][ T5225] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 95.594891][ T6297] netlink: 4 bytes leftover after parsing attributes in process `syz.4.432'. [ 95.808973][ T6310] netlink: 4 bytes leftover after parsing attributes in process `syz.2.441'. [ 95.819786][ T6310] tc_dump_action: action bad kind [ 95.873159][ T46] usb 2-1: USB disconnect, device number 3 [ 95.905760][ T6312] netlink: 76 bytes leftover after parsing attributes in process `syz.2.442'. [ 96.015738][ T25] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 96.177826][ T6323] loop2: detected capacity change from 0 to 1764 [ 96.246966][ T6323] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 96.567709][ T25] usb 4-1: config index 0 descriptor too short (expected 4114, got 18) [ 96.575050][ T6332] netlink: 'syz.2.451': attribute type 1 has an invalid length. [ 96.591883][ T6332] netlink: 112860 bytes leftover after parsing attributes in process `syz.2.451'. [ 96.645754][ T6332] netlink: 1 bytes leftover after parsing attributes in process `syz.2.451'. [ 96.758057][ T25] usb 4-1: New USB device found, idVendor=066b, idProduct=20f9, bcdDevice=ff.94 [ 96.776627][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 96.784701][ T25] usb 4-1: Product: syz [ 96.805616][ T25] usb 4-1: Manufacturer: syz [ 96.815637][ T25] usb 4-1: SerialNumber: syz [ 96.840954][ T25] usb 4-1: config 0 descriptor?? [ 97.226074][ T6345] loop4: detected capacity change from 0 to 32768 [ 97.271978][ T6345] process 'syz.4.459' launched './file1' with NULL argv: empty string added [ 97.284303][ T6345] ea_get: invalid extended attribute [ 97.297855][ T6345] ffff888062a071d0: 30 00 00 00 00 0b 06 00 75 73 65 72 2e 78 61 74 0.......user.xat [ 97.309704][ T6345] ffff888062a071e0: 74 72 31 00 78 61 74 74 72 31 00 0b 06 00 75 73 tr1.xattr1....us [ 97.320316][ T6345] ffff888062a071f0: 65 72 2e 78 61 74 74 72 32 00 78 61 74 74 72 32 er.xattr2.xattr2 [ 97.529302][ T6361] netlink: 8 bytes leftover after parsing attributes in process `syz.1.467'. [ 97.552512][ T6363] (syz.0.468,6363,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 97.572833][ T25] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 97.586032][ T25] asix 4-1:0.0: probe with driver asix failed with error -71 [ 97.606512][ T6363] (syz.0.468,6363,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 97.635519][ T25] usb 4-1: USB disconnect, device number 3 [ 97.814192][ T6374] xt_cgroup: xt_cgroup: no path or classid specified [ 98.563977][ T6404] netlink: 'syz.4.489': attribute type 1 has an invalid length. [ 98.582250][ T6404] netlink: 224 bytes leftover after parsing attributes in process `syz.4.489'. [ 98.786961][ T6417] netlink: 133820 bytes leftover after parsing attributes in process `syz.1.492'. [ 98.864742][ T6421] tc_dump_action: action bad kind [ 99.123776][ T6430] netlink: 'syz.0.499': attribute type 2 has an invalid length. [ 99.174503][ T6430] netlink: 'syz.0.499': attribute type 8 has an invalid length. [ 99.375928][ T6441] netlink: 'syz.4.503': attribute type 3 has an invalid length. [ 99.685449][ T6452] loop4: detected capacity change from 0 to 512 [ 99.737985][ T6452] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 99.887623][ T6452] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 99.900557][ T6452] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 100.006426][ T6418] loop3: detected capacity change from 0 to 32768 [ 100.042583][ T5224] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 100.053137][ T6469] loop0: detected capacity change from 0 to 256 [ 100.112644][ T6469] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 196) [ 100.117122][ T6418] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 100.135805][ T6469] FAT-fs (loop0): Filesystem has been set read-only [ 100.257785][ T6484] loop4: detected capacity change from 0 to 1024 [ 100.296003][ T5225] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 196) [ 100.354349][ T6418] XFS (loop3): Ending clean mount [ 100.376677][ T6418] XFS (loop3): Quotacheck needed: Please wait. [ 100.383802][ T29] audit: type=1800 audit(1724332971.816:5): pid=6484 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.517" name="file1" dev="loop4" ino=20 res=0 errno=0 [ 100.489879][ T6489] netlink: 'syz.0.520': attribute type 1 has an invalid length. [ 100.498530][ T6418] XFS (loop3): Quotacheck: Done. [ 100.507570][ T52] hfsplus: b-tree write err: -5, ino 4 [ 100.552709][ T6489] __nla_validate_parse: 3 callbacks suppressed [ 100.552729][ T6489] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.520'. [ 100.627420][ T29] audit: type=1326 audit(1724332972.056:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6493 comm="syz.2.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d69179e79 code=0x7ffc0000 [ 100.651665][ T5226] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 100.721576][ T29] audit: type=1326 audit(1724332972.106:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6493 comm="syz.2.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d69179e79 code=0x7ffc0000 [ 100.746072][ T46] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 100.762898][ T29] audit: type=1326 audit(1724332972.106:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6493 comm="syz.2.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f3d69179e79 code=0x7ffc0000 [ 100.810489][ T29] audit: type=1326 audit(1724332972.106:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6493 comm="syz.2.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d69179e79 code=0x7ffc0000 [ 100.839368][ T29] audit: type=1326 audit(1724332972.106:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6493 comm="syz.2.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d69179e79 code=0x7ffc0000 [ 100.917111][ T6500] netlink: 8 bytes leftover after parsing attributes in process `syz.2.528'. [ 101.015788][ T46] usb 2-1: Using ep0 maxpacket: 8 [ 101.041820][ T46] usb 2-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice= 0.00 [ 101.049050][ T6496] loop0: detected capacity change from 0 to 4096 [ 101.057387][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.076690][ T46] usb 2-1: config 0 descriptor?? [ 101.099665][ T46] gspca_main: spca501-2.14.0 probing 0000:0000 [ 101.118491][ T6496] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 101.249857][ T6509] 9pnet_virtio: no channels available for device syz [ 101.284801][ T6496] ntfs3: loop0: ino=3, ntfs_set_state failed, -22. [ 101.312578][ T6496] ntfs3: loop0: ino=1e, "file1" attr_set_size [ 101.358272][ T6511] kAFS: unable to lookup cell '.Sjˡ8' [ 101.418800][ T12] ntfs3: loop0: ino=3, ntfs3_write_inode failed, -22. [ 101.436884][ T5225] ntfs3: loop0: ino=3, ntfs_set_state failed, -22. [ 101.464273][ T5225] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 101.498684][ T5225] ntfs3: loop0: ino=3, ntfs_set_state failed, -22. [ 101.507768][ T46] gspca_spca501: reg write: error -71 [ 101.516243][ T35] ntfs3: loop0: ino=3, ntfs3_write_inode failed, -22. [ 101.525798][ T46] spca501 2-1:0.0: Reg write failed for 0x02,0xa048,0x00 [ 101.536527][ T46] spca501 2-1:0.0: probe with driver spca501 failed with error -22 [ 101.586914][ T46] usb 2-1: USB disconnect, device number 4 [ 101.597174][ T6519] xt_cgroup: xt_cgroup: no path or classid specified [ 101.849105][ T6530] loop2: detected capacity change from 0 to 256 [ 101.874472][ T6527] loop0: detected capacity change from 0 to 4096 [ 101.894639][ T6527] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 102.037588][ T6533] loop2: detected capacity change from 0 to 512 [ 102.062602][ T6533] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 102.108927][ T6533] EXT4-fs (loop2): orphan cleanup on readonly fs [ 102.149693][ T6533] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.543: bg 0: block 248: padding at end of block bitmap is not set [ 102.198159][ T6533] Quota error (device loop2): write_blk: dquota write failed [ 102.217604][ T6527] ntfs3: loop0: failed to convert "c46c" to euc-jp [ 102.248862][ T6533] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 102.277990][ T6533] EXT4-fs error (device loop2): ext4_acquire_dquot:6855: comm syz.2.543: Failed to acquire dquot type 1 [ 102.300577][ T6533] EXT4-fs (loop2): 1 truncate cleaned up [ 102.309157][ T6533] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 102.333678][ T6533] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 102.344503][ T6533] EXT4-fs error (device loop2): __ext4_remount:6498: comm syz.2.543: Abort forced by user [ 102.355309][ T6533] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 102.392203][ T6533] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 102.414128][ T6533] ext4 filesystem being remounted at /132/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 102.483842][ T6547] syz.3.548 uses obsolete (PF_INET,SOCK_PACKET) [ 102.573123][ T6533] syz.2.543 (6533) used greatest stack depth: 18672 bytes left [ 102.578225][ T6550] netlink: 'syz.3.550': attribute type 32 has an invalid length. [ 102.588906][ T6550] netlink: 8 bytes leftover after parsing attributes in process `syz.3.550'. [ 102.598026][ T6550] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 102.777875][ T6561] netlink: 8 bytes leftover after parsing attributes in process `syz.0.551'. [ 102.812519][ T5222] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.269420][ T6577] netlink: 'syz.3.560': attribute type 2 has an invalid length. [ 103.558891][ T6589] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 103.823203][ T6543] loop1: detected capacity change from 0 to 32768 [ 104.217990][ T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 104.305049][ T6622] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 104.436891][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 104.446846][ T9] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00 [ 104.456353][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.476101][ T9] usb 5-1: Product: syz [ 104.500232][ T9] usb 5-1: Manufacturer: syz [ 104.512227][ T6630] loop3: detected capacity change from 0 to 256 [ 104.525366][ T9] usb 5-1: SerialNumber: syz [ 104.540761][ T9] usb 5-1: config 0 descriptor?? [ 104.581133][ T9] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected [ 104.604948][ T6632] tmpfs: Bad value for 'mpol' [ 104.619475][ T9] usb 5-1: Detected FT232H [ 104.695667][ T6636] (unnamed net_device) (uninitialized): option mode: invalid value (8) [ 104.812071][ T6640] loop1: detected capacity change from 0 to 1024 [ 104.856451][ T6640] EXT4-fs: Ignoring removed nomblk_io_submit option [ 104.905455][ T6640] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 104.974197][ T6640] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.982573][ T9] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 105.005508][ T9] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71 [ 105.039502][ T9] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 105.056713][ T9] usb 5-1: USB disconnect, device number 5 [ 105.075693][ T9] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 105.085891][ T9] ftdi_sio 5-1:0.0: device disconnected [ 105.278785][ T5235] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.296114][ T6634] loop2: detected capacity change from 0 to 32768 [ 105.313496][ T6651] netlink: 207040 bytes leftover after parsing attributes in process `syz.3.596'. [ 105.356265][ T6634] __jfs_setxattr: xattr_size = 74, new_size = 12820 [ 105.371852][ T6651] openvswitch: netlink: ufid size 5892 bytes exceeds the range (1, 16) [ 105.394822][ T6651] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 105.618873][ T6663] syz.2.598 (6663): /proc/6663/oom_adj is deprecated, please use /proc/6663/oom_score_adj instead. [ 105.960574][ T6677] netlink: 'syz.2.605': attribute type 1 has an invalid length. [ 105.983295][ T6677] netlink: 224 bytes leftover after parsing attributes in process `syz.2.605'. [ 106.165805][ T940] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 106.184108][ T6685] netlink: 8 bytes leftover after parsing attributes in process `syz.2.611'. [ 106.346210][ T940] usb 2-1: Using ep0 maxpacket: 8 [ 106.356306][ T940] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid maxpacket 59391, setting to 1024 [ 106.386070][ T940] usb 2-1: New USB device found, idVendor=1b80, idProduct=d700, bcdDevice=d0.46 [ 106.415703][ T940] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 106.450588][ T940] usb 2-1: Product: syz [ 106.454824][ T940] usb 2-1: Manufacturer: syz [ 106.475326][ T940] usb 2-1: SerialNumber: syz [ 106.487699][ T940] usb 2-1: config 0 descriptor?? [ 106.504856][ T6674] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 106.530623][ T940] radio-si470x 2-1:0.0: could not find interrupt in endpoint [ 106.540240][ T6693] xt_TCPMSS: Only works on TCP SYN packets [ 106.570439][ T940] radio-si470x 2-1:0.0: probe with driver radio-si470x failed with error -5 [ 106.600945][ T940] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 106.752285][ T46] usb 2-1: USB disconnect, device number 5 [ 107.141933][ T6682] loop3: detected capacity change from 0 to 32768 [ 107.194366][ T6682] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 107.300032][ T6683] loop4: detected capacity change from 0 to 32768 [ 107.332598][ T6683] XFS: ikeep mount option is deprecated. [ 107.385094][ T6683] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 107.535227][ T6735] netlink: 'syz.0.628': attribute type 1 has an invalid length. [ 107.544194][ T6735] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.628'. [ 107.575305][ T6683] XFS (loop4): Ending clean mount [ 107.588618][ T6683] XFS (loop4): Quotacheck needed: Please wait. [ 107.631216][ T6737] loop1: detected capacity change from 0 to 1024 [ 107.635880][ T6735] netlink: 'syz.0.628': attribute type 1 has an invalid length. [ 107.654909][ T6682] XFS (loop3): Ending clean mount [ 107.679023][ T6682] XFS (loop3): Quotacheck needed: Please wait. [ 107.715773][ T6683] XFS (loop4): Quotacheck: Done. [ 107.808797][ T6682] XFS (loop3): Quotacheck: Done. [ 107.845023][ T6739] netlink: 'syz.2.630': attribute type 1 has an invalid length. [ 107.901894][ T5224] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 108.040682][ T5226] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 108.163365][ T6751] netlink: 8 bytes leftover after parsing attributes in process `syz.0.637'. [ 108.211396][ T6751] netlink: 12 bytes leftover after parsing attributes in process `syz.0.637'. [ 108.509263][ T6759] netlink: 131728 bytes leftover after parsing attributes in process `syz.4.634'. [ 108.644026][ T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 109.027412][ T25] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 109.030367][ T9] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 109.047612][ T9] usb 3-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 109.056799][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.066935][ T6785] netlink: 12 bytes leftover after parsing attributes in process `syz.0.654'. [ 109.129866][ T9] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 109.215979][ T25] usb 4-1: Using ep0 maxpacket: 8 [ 109.227887][ T25] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 109.248460][ T25] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 109.276681][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 109.305687][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 109.334109][ T25] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 109.359814][ T25] usb 4-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 109.375644][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 109.394181][ T25] usb 4-1: Product: syz [ 109.404344][ T25] usb 4-1: Manufacturer: syz [ 109.409458][ T25] usb 4-1: SerialNumber: syz [ 109.426639][ T25] usb 4-1: config 0 descriptor?? [ 109.650215][ T25] radio-si470x 4-1:0.0: DeviceID=0x0000 ChipID=0x0000 [ 109.669968][ T25] radio-si470x 4-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0. [ 109.864940][ T25] radio-si470x 4-1:0.0: si470x_get_report: usb_control_msg returned -71 [ 109.885723][ T25] radio-si470x 4-1:0.0: si470x_get_scratch: si470x_get_report returned -71 [ 109.905936][ T25] radio-si470x 4-1:0.0: probe with driver radio-si470x failed with error -5 [ 109.936472][ T6782] loop1: detected capacity change from 0 to 32768 [ 109.946342][ T25] usb 4-1: USB disconnect, device number 4 [ 110.067752][ T6792] loop0: detected capacity change from 0 to 32768 [ 110.081537][ T6792] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.657 (6792) [ 110.124580][ T6792] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 110.145459][ T6792] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 110.162302][ T6793] loop4: detected capacity change from 0 to 32768 [ 110.175903][ T6792] BTRFS info (device loop0): disk space caching is enabled [ 110.183397][ T6792] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 110.233981][ T6793] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 110.344334][ T9] stv0680 3-1:4.0: STV(e): camera ping failed!! [ 110.481453][ T6792] BTRFS info (device loop0): rebuilding free space tree [ 110.509376][ T6792] BTRFS info (device loop0): disabling free space tree [ 110.518780][ T6792] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 110.544020][ T6792] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 110.558137][ T9] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 110.567631][ T9] stv0680 3-1:4.0: last error: 0, command = 0x0 [ 110.579921][ T6793] XFS (loop4): Ending clean mount [ 110.586575][ T9] usb 3-1: USB disconnect, device number 2 [ 110.620311][ T6793] XFS (loop4): Quotacheck needed: Please wait. [ 110.668407][ T6793] XFS (loop4): Quotacheck: Done. [ 110.812269][ T5224] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 111.010424][ T6835] loop1: detected capacity change from 0 to 16 [ 111.026739][ T6835] erofs: (device loop1): mounted with root inode @ nid 36. [ 111.061207][ T5225] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 111.395782][ T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 111.482337][ T6848] loop2: detected capacity change from 0 to 512 [ 111.597808][ T9] usb 4-1: config 0 has an invalid interface number: 169 but max is 0 [ 111.612462][ T9] usb 4-1: config 0 has no interface number 0 [ 111.650564][ T9] usb 4-1: New USB device found, idVendor=0dba, idProduct=1000, bcdDevice=e9.34 [ 111.672091][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 111.698061][ T9] usb 4-1: Product: syz [ 111.710069][ T9] usb 4-1: Manufacturer: syz [ 111.727331][ T6861] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 111.729563][ T9] usb 4-1: SerialNumber: syz [ 111.761883][ T6848] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.792985][ T6862] warning: `syz.0.677' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 111.809866][ T6848] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 111.820490][ T9] usb 4-1: config 0 descriptor?? [ 111.971672][ T940] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 112.037101][ T9] usb 4-1: USB disconnect, device number 5 [ 112.051902][ T6867] netlink: 'syz.1.680': attribute type 1 has an invalid length. [ 112.065383][ T6867] netlink: 8 bytes leftover after parsing attributes in process `syz.1.680'. [ 112.083871][ T5222] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.238897][ T940] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 112.249964][ T940] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 112.272513][ T940] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 112.305634][ T940] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 112.336663][ T940] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 112.343037][ T6877] loop0: detected capacity change from 0 to 128 [ 112.392125][ T940] usb 5-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice= 0.00 [ 112.424774][ T940] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 112.433177][ T940] usb 5-1: SerialNumber: syz [ 112.452914][ T940] usb 5-1: config 0 descriptor?? [ 112.496134][ T940] port100 5-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint [ 112.553026][ T6884] Illegal XDP return value 2792741935 on prog (id 33) dev N/A, expect packet loss! [ 112.733211][ T25] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 112.745281][ T46] usb 5-1: USB disconnect, device number 6 [ 112.824704][ T6894] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 113.111292][ T25] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 113.126546][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.164191][ T25] usb 3-1: config 0 descriptor?? [ 113.230898][ T25] cp210x 3-1:0.0: cp210x converter detected [ 113.262125][ T6912] loop1: detected capacity change from 0 to 128 [ 113.286697][ T6912] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 113.424772][ T25] usb 3-1: cp210x converter now attached to ttyUSB0 [ 113.635775][ T9] usb 3-1: USB disconnect, device number 3 [ 113.652822][ T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 113.689350][ T9] cp210x 3-1:0.0: device disconnected [ 114.155938][ T5231] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 114.365715][ T5231] usb 2-1: Using ep0 maxpacket: 8 [ 114.372692][ T5231] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 114.391947][ T5231] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0 [ 114.419105][ T5231] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 134, changing to 11 [ 114.445195][ T5231] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 59360, setting to 1024 [ 114.469608][ T6951] netlink: 'syz.0.719': attribute type 6 has an invalid length. [ 114.480703][ T5231] usb 2-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d [ 114.509672][ T5231] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 114.527693][ T6953] loop4: detected capacity change from 0 to 16 [ 114.538802][ T5231] usb 2-1: Product: syz [ 114.552596][ T5231] usb 2-1: Manufacturer: syz [ 114.563476][ T5231] usb 2-1: SerialNumber: syz [ 114.587834][ T6953] erofs: (device loop4): mounted with root inode @ nid 36. [ 114.594057][ T6932] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 114.612472][ T5231] ti_usb_3410_5052 2-1:1.0: TI USB 3410 1 port adapter converter detected [ 114.639499][ T6957] netlink: 28 bytes leftover after parsing attributes in process `syz.0.723'. [ 114.862950][ T6962] loop0: detected capacity change from 0 to 512 [ 114.964257][ T25] usb 2-1: USB disconnect, device number 6 [ 115.043010][ T6962] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.081152][ T6962] ext4 filesystem being mounted at /185/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 115.115173][ T6936] loop3: detected capacity change from 0 to 32768 [ 115.143500][ T6936] gfs2: fsid=([{{{+: Trying to join cluster "lock_nolock", "([{{{+" [ 115.153764][ T6936] gfs2: fsid=([{{{+: Now mounting FS (format 0)... [ 115.217434][ T6936] gfs2: fsid=([{{{+.0: journal 0 mapped with 22 extents in 0ms [ 115.241997][ T9] gfs2: fsid=([{{{+.0: jid=0, already locked for use [ 115.249367][ T9] gfs2: fsid=([{{{+.0: jid=0: Looking at journal... [ 115.303720][ T5225] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.318443][ T9] gfs2: fsid=([{{{+.0: jid=0: Journal head lookup took 69ms [ 115.337932][ T9] gfs2: fsid=([{{{+.0: jid=0: Done [ 115.354540][ T6936] gfs2: fsid=([{{{+.0: first mount done, others may mount [ 115.532495][ T6985] loop0: detected capacity change from 0 to 2048 [ 115.664031][ T6985] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.693689][ T6993] netlink: 'syz.4.736': attribute type 2 has an invalid length. [ 115.710681][ T6990] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 115.809193][ T6985] tmpfs: Bad value for 'mpol' [ 115.935961][ T5225] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.279122][ T7018] cgroup: No subsys list or none specified [ 116.581771][ T7032] loop3: detected capacity change from 0 to 2048 [ 116.663222][ T7034] loop2: detected capacity change from 0 to 1024 [ 116.697649][ T7038] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 116.720347][ T7032] NILFS error (device loop3): nilfs_check_folio: bad entry in directory #2: disallowed inode number - offset=56, inode=6, rec_len=24, name_len=5 [ 116.760369][ T7034] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 116.785341][ T7032] Remounting filesystem read-only [ 116.794854][ T7032] syz.3.751: attempt to access beyond end of device [ 116.794854][ T7032] loop3: rw=0, sector=343245196361800, nr_sectors = 2 limit=2048 [ 116.798488][ T7040] netlink: 1 bytes leftover after parsing attributes in process `syz.4.758'. [ 116.836154][ T7032] NILFS (loop3): I/O error reading meta-data file (ino=6, block-offset=1) [ 116.916894][ T7049] loop4: detected capacity change from 0 to 512 [ 116.962173][ T5222] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.002366][ T7049] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 117.026682][ T7049] ext4 filesystem being mounted at /120/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 117.126890][ T5224] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.222115][ T5231] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 117.442268][ T5231] usb 1-1: Using ep0 maxpacket: 16 [ 117.480625][ T5231] usb 1-1: New USB device found, idVendor=0d46, idProduct=2011, bcdDevice=82.8f [ 117.491468][ T5231] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.518226][ T5231] usb 1-1: Product: syz [ 117.522733][ T5231] usb 1-1: Manufacturer: syz [ 117.528350][ T5231] usb 1-1: SerialNumber: syz [ 117.544034][ T5231] usb 1-1: config 0 descriptor?? [ 117.553007][ T5231] kobil_sct 1-1:0.0: required endpoints missing [ 117.621367][ T7077] xt_socket: unknown flags 0xc [ 117.718503][ T7080] cgroup: Name too long [ 117.758177][ T46] usb 1-1: USB disconnect, device number 3 [ 117.887139][ T7089] netlink: 8 bytes leftover after parsing attributes in process `syz.1.779'. [ 117.896634][ T7089] netlink: 12 bytes leftover after parsing attributes in process `syz.1.779'. [ 117.906096][ T7089] netlink: 3 bytes leftover after parsing attributes in process `syz.1.779'. [ 118.133051][ T7100] program syz.1.786 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 118.334095][ T7107] loop1: detected capacity change from 0 to 1024 [ 118.468436][ T7107] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 118.487258][ T7113] loop4: detected capacity change from 0 to 1024 [ 118.519925][ T7113] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 118.673622][ T5235] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.721305][ T7124] netlink: 212912 bytes leftover after parsing attributes in process `syz.2.795'. [ 118.824545][ T7130] loop1: detected capacity change from 0 to 512 [ 118.906729][ T7130] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 119.000307][ T7130] ext4 filesystem being mounted at /154/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 119.126179][ T5235] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.136164][ T7144] netlink: 8 bytes leftover after parsing attributes in process `syz.2.803'. [ 119.439749][ T7147] netlink: 'syz.0.806': attribute type 309 has an invalid length. [ 119.609408][ T7159] loop1: detected capacity change from 0 to 1764 [ 119.676763][ T7159] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 119.795786][ T46] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 119.864523][ T7175] loop1: detected capacity change from 0 to 64 [ 120.284449][ T7169] loop0: detected capacity change from 0 to 32768 [ 120.298152][ T7169] gfs2: fsid=([{{{+: Trying to join cluster "lock_nolock", "([{{{+" [ 120.306539][ T7169] gfs2: fsid=([{{{+: Now mounting FS (format 0)... [ 120.383401][ T7169] gfs2: fsid=([{{{+.0: journal 0 mapped with 22 extents in 0ms [ 120.398629][ T46] usb 3-1: Using ep0 maxpacket: 8 [ 120.407207][ T9] gfs2: fsid=([{{{+.0: jid=0, already locked for use [ 120.414524][ T9] gfs2: fsid=([{{{+.0: jid=0: Looking at journal... [ 120.414626][ T46] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 120.446881][ T46] usb 3-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 120.465673][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 120.486924][ T46] usb 3-1: SerialNumber: syz [ 120.496749][ T46] usb 3-1: config 0 descriptor?? [ 120.584044][ T9] gfs2: fsid=([{{{+.0: jid=0: Journal head lookup took 169ms [ 120.612542][ T9] gfs2: fsid=([{{{+.0: jid=0: Done [ 120.618898][ T7169] gfs2: fsid=([{{{+.0: first mount done, others may mount [ 120.710324][ T46] usb 3-1: Found UVC 0.00 device (05ac:8501) [ 120.738036][ T46] usb 3-1: No valid video chain found. [ 120.773555][ T46] usb 3-1: USB disconnect, device number 4 [ 121.004800][ T7197] loop3: detected capacity change from 0 to 256 [ 121.057924][ T7197] FAT-fs (loop3): Directory bread(block 64) failed [ 121.091366][ T7197] FAT-fs (loop3): Directory bread(block 65) failed [ 121.114786][ T7197] FAT-fs (loop3): Directory bread(block 66) failed [ 121.135103][ T7197] FAT-fs (loop3): Directory bread(block 67) failed [ 121.160041][ T7197] FAT-fs (loop3): Directory bread(block 68) failed [ 121.175905][ T7197] FAT-fs (loop3): Directory bread(block 69) failed [ 121.212673][ T7197] FAT-fs (loop3): Directory bread(block 70) failed [ 121.229418][ T7197] FAT-fs (loop3): Directory bread(block 71) failed [ 121.238071][ T7197] FAT-fs (loop3): Directory bread(block 72) failed [ 121.244675][ T7197] FAT-fs (loop3): Directory bread(block 73) failed [ 121.416099][ T7184] loop1: detected capacity change from 0 to 32768 [ 121.448339][ T7184] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.822 (7184) [ 121.557163][ T7184] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 121.606471][ T7184] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 121.627362][ T7184] BTRFS info (device loop1): using free-space-tree [ 122.032425][ T7247] openvswitch: netlink: Message has 4 unknown bytes. [ 122.105800][ T7249] vivid-000: disconnect [ 122.111330][ T7248] vivid-000: reconnect [ 122.176331][ T7184] BTRFS error: failed to open device for path e׻a;B^?Q1 ,O$\'Ty=yf9^ϨbS-2ik7"щ*p)hETSƦTlShR]ǏVah©_?=9f𼾛\ZTDxߢ؝ʴW:x!8tX~fcIuPdX H0|cΩ偎p|(h#tшDHZ1?gM/[ with flags 0x1: -2 [ 122.261648][ T5235] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 122.458860][ T7263] ufs: You didn't specify the type of your ufs filesystem [ 122.458860][ T7263] [ 122.458860][ T7263] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 122.458860][ T7263] [ 122.458860][ T7263] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 122.496725][ T7263] syz.4.852: attempt to access beyond end of device [ 122.496725][ T7263] loop4: rw=0, sector=16, nr_sectors = 2 limit=0 [ 122.552214][ T7265] loop3: detected capacity change from 0 to 1024 [ 122.675311][ T7265] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.893497][ T7265] EXT4-fs error (device loop3): ext4_empty_dir:3126: inode #11: block 33: comm syz.3.855: bad entry in directory: inode out of bounds - offset=1024, inode=2113929216, rec_len=1024, size=1024 fake=0 [ 123.109579][ T5226] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.550329][ T7268] loop2: detected capacity change from 0 to 32768 [ 123.597018][ T7268] ERROR: (device loop2): diAllocAG: numfree > numinos [ 123.597018][ T7268] [ 123.611545][ T7268] ialloc: diAlloc returned -5! [ 123.620790][ T7295] netlink: 40 bytes leftover after parsing attributes in process `syz.4.869'. [ 123.959510][ T7253] loop0: detected capacity change from 0 to 40427 [ 123.968217][ T7303] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 123.971066][ T7305] binder: 7304:7305 ioctl 541b 0 returned -22 [ 124.025327][ T7253] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 124.055642][ T7253] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 124.063923][ T7253] F2FS-fs (loop0): build fault injection attr: rate: 17008, type: 0x1fffff [ 124.103517][ T7253] F2FS-fs (loop0): invalid crc value [ 124.252362][ T7253] F2FS-fs (loop0): Found nat_bits in checkpoint [ 124.278591][ T7320] netlink: 'syz.1.877': attribute type 21 has an invalid length. [ 124.305798][ T7320] netlink: 132 bytes leftover after parsing attributes in process `syz.1.877'. [ 124.353980][ T7322] netlink: 'syz.3.878': attribute type 10 has an invalid length. [ 124.379416][ T7322] netlink: 40 bytes leftover after parsing attributes in process `syz.3.878'. [ 124.431087][ T7322] bridge0: port 3(dummy0) entered blocking state [ 124.446651][ T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 124.472952][ T7322] bridge0: port 3(dummy0) entered disabled state [ 124.492399][ T7322] dummy0: entered allmulticast mode [ 124.506321][ T7253] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 124.513529][ T7322] dummy0: entered promiscuous mode [ 124.514761][ T7253] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 124.526657][ T7322] bridge0: port 3(dummy0) entered blocking state [ 124.535291][ T7322] bridge0: port 3(dummy0) entered forwarding state [ 124.568409][ T5225] syz-executor: attempt to access beyond end of device [ 124.568409][ T5225] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 124.585974][ T5225] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 124.655702][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 124.662507][ T9] usb 3-1: config 0 interface 0 altsetting 44 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 124.700879][ T9] usb 3-1: config 0 interface 0 altsetting 44 endpoint 0x83 has invalid wMaxPacketSize 0 [ 124.721654][ T9] usb 3-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 124.755229][ T9] usb 3-1: config 0 interface 0 has no altsetting 0 [ 124.767313][ T46] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 124.768842][ T9] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 124.811118][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 124.819855][ T9] usb 3-1: Product: syz [ 124.824071][ T9] usb 3-1: Manufacturer: syz [ 124.864335][ T9] usb 3-1: SerialNumber: syz [ 124.891796][ T9] usb 3-1: config 0 descriptor?? [ 124.909792][ T9] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input6 [ 124.959288][ T46] usb 2-1: config 0 interface 0 altsetting 3 endpoint 0xC has an invalid bInterval 0, changing to 7 [ 124.996043][ T46] usb 2-1: config 0 interface 0 altsetting 3 endpoint 0xC has invalid wMaxPacketSize 0 [ 125.035645][ T46] usb 2-1: config 0 interface 0 has no altsetting 0 [ 125.067286][ T46] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice=1c.92 [ 125.085828][ T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 125.135034][ T46] usb 2-1: Product: syz [ 125.142280][ T46] usb 2-1: Manufacturer: syz [ 125.155697][ T46] usb 2-1: SerialNumber: syz [ 125.197464][ T46] usb 2-1: config 0 descriptor?? [ 125.228408][ T9] usb 3-1: USB disconnect, device number 5 [ 125.447010][ T46] usbtest 2-1:0.0: Linux user mode ISO test driver [ 125.453814][ T46] usbtest 2-1:0.0: high-speed {control iso-out} tests (+alt) [ 125.463627][ T5276] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 125.645755][ T5276] usb 4-1: Using ep0 maxpacket: 32 [ 125.673175][ T5276] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 125.673859][ T9] usb 2-1: USB disconnect, device number 7 [ 125.706654][ T5276] usb 4-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 125.728087][ T5276] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 125.742660][ T5276] usb 4-1: Product: syz [ 125.748065][ T5276] usb 4-1: Manufacturer: syz [ 125.752714][ T5276] usb 4-1: SerialNumber: syz [ 125.805387][ T5276] usb 4-1: config 0 descriptor?? [ 125.822926][ T5276] usb 4-1: bad CDC descriptors [ 125.836912][ T5276] usb 4-1: unsupported MDLM descriptors [ 126.076561][ T9] usb 4-1: USB disconnect, device number 6 [ 126.963185][ T7412] usb usb8: usbfs: process 7412 (syz.3.923) did not claim interface 0 before use [ 127.293982][ T7426] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 127.335692][ T5276] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 127.343381][ T7426] overlayfs: missing 'lowerdir' [ 127.424536][ T7384] loop0: detected capacity change from 0 to 32768 [ 127.489959][ T7384] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 127.549650][ T7439] QAT: Invalid ioctl 1075883590 [ 127.569339][ T5276] usb 2-1: Using ep0 maxpacket: 16 [ 127.606067][ T5276] usb 2-1: config index 0 descriptor too short (expected 16456, got 72) [ 127.626977][ T7439] QAT: Invalid ioctl 1075883590 [ 127.631985][ T7439] QAT: Invalid ioctl 1075883590 [ 127.642209][ T5276] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 127.651379][ T5276] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 127.663255][ T7439] QAT: Invalid ioctl 1075883590 [ 127.671027][ T5276] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 127.679400][ T7448] loop4: detected capacity change from 0 to 256 [ 127.688310][ T7439] QAT: Invalid ioctl 1075883590 [ 127.693323][ T7439] QAT: Invalid ioctl 1075883590 [ 127.699203][ T5276] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 127.710180][ T7439] QAT: Invalid ioctl 1075883590 [ 127.715177][ T7439] QAT: Invalid ioctl 1075883590 [ 127.721786][ T5276] usb 2-1: config 0 has no interface number 0 [ 127.729496][ T5276] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 127.756194][ T7439] QAT: Invalid ioctl 1075883590 [ 127.786082][ T7439] QAT: Invalid ioctl 1075883590 [ 127.791082][ T5276] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 127.801430][ T5276] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 127.811692][ T5276] usb 2-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 127.825643][ T5276] usb 2-1: config 0 interface 125 has no altsetting 2 [ 127.843680][ T5276] usb 2-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 127.860574][ T5276] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 127.870535][ T5276] usb 2-1: Product: syz [ 127.874754][ T5276] usb 2-1: Manufacturer: syz [ 127.900214][ T5276] usb 2-1: SerialNumber: syz [ 127.912109][ T7384] XFS (loop0): Ending clean mount [ 127.917608][ T4618] Bluetooth: latency 2274 > 499 [ 127.943072][ T5276] usb 2-1: config 0 descriptor?? [ 127.962275][ T5276] usb 2-1: selecting invalid altsetting 2 [ 127.992008][ T7384] XFS (loop0): syz.0.909 should use fallocate; XFS_IOC_{ALLOC,FREE}SP ioctl unsupported [ 128.145904][ T5225] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 128.179294][ T7466] bond0: (slave veth1_macvtap): Error: Device is in use and cannot be enslaved [ 128.217621][ T5276] usb 2-1: USB disconnect, device number 8 [ 128.606275][ T7481] netlink: 'syz.0.943': attribute type 1 has an invalid length. [ 128.732179][ T7484] netlink: 'syz.3.954': attribute type 1 has an invalid length. [ 128.762809][ T7488] QAT: Stopping all acceleration devices. [ 128.778955][ T7487] netlink: 8 bytes leftover after parsing attributes in process `syz.4.955'. [ 128.788389][ T7484] netlink: 8 bytes leftover after parsing attributes in process `syz.3.954'. [ 128.828154][ T7487] netlink: 8 bytes leftover after parsing attributes in process `syz.4.955'. [ 129.013239][ T7498] tmpfs: Bad value for 'mpol' [ 129.068481][ T7504] loop4: detected capacity change from 0 to 512 [ 129.138029][ T7504] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.218819][ T7504] ext4 filesystem being mounted at /185/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 129.273351][ T7517] netlink: 'syz.2.968': attribute type 30 has an invalid length. [ 129.281630][ T7517] netlink: 8 bytes leftover after parsing attributes in process `syz.2.968'. [ 129.290989][ T7517] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode 802.3ad(4) [ 129.403195][ T7504] EXT4-fs error (device loop4): ext4_do_update_inode:5151: inode #2: comm syz.4.966: corrupted inode contents [ 129.439943][ T7504] EXT4-fs (loop4): Remounting filesystem read-only [ 129.507506][ T5224] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.545347][ T12] Quota error (device loop4): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync! [ 129.552471][ T7529] loop0: detected capacity change from 0 to 8 [ 129.597780][ T7529] SQUASHFS error: Failed to read block 0x1ec: -5 [ 129.616099][ T7529] SQUASHFS error: Unable to read metadata cache entry [1ea] [ 129.643463][ T7529] ================================================================== [ 129.651584][ T7529] BUG: KASAN: slab-use-after-free in squashfs_readahead+0x210c/0x2680 [ 129.659790][ T7529] Read of size 4 at addr ffff88807b22f2c0 by task syz.0.974/7529 [ 129.667548][ T7529] [ 129.669911][ T7529] CPU: 1 UID: 0 PID: 7529 Comm: syz.0.974 Not tainted 6.11.0-rc4-next-20240822-syzkaller #0 [ 129.680019][ T7529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 129.690118][ T7529] Call Trace: [ 129.693479][ T7529] [ 129.696448][ T7529] dump_stack_lvl+0x241/0x360 [ 129.701259][ T7529] ? __pfx_dump_stack_lvl+0x10/0x10 [ 129.706500][ T7529] ? __pfx__printk+0x10/0x10 [ 129.711125][ T7529] ? _printk+0xd5/0x120 [ 129.715320][ T7529] ? __virt_addr_valid+0x183/0x530 [ 129.720561][ T7529] ? __virt_addr_valid+0x183/0x530 [ 129.725716][ T7529] print_report+0x169/0x550 [ 129.730275][ T7529] ? __virt_addr_valid+0x183/0x530 [ 129.735437][ T7529] ? __virt_addr_valid+0x183/0x530 [ 129.740620][ T7529] ? __virt_addr_valid+0x45f/0x530 [ 129.745783][ T7529] ? __phys_addr+0xba/0x170 [ 129.750319][ T7529] ? squashfs_readahead+0x210c/0x2680 [ 129.755726][ T7529] kasan_report+0x143/0x180 [ 129.760264][ T7529] ? squashfs_readahead+0x210c/0x2680 [ 129.765666][ T7529] squashfs_readahead+0x210c/0x2680 [ 129.770896][ T7529] ? squashfs_readahead+0x6f0/0x2680 [ 129.776209][ T7529] ? __pfx_squashfs_readahead+0x10/0x10 [ 129.781803][ T7529] ? blk_start_plug+0x70/0x1b0 [ 129.786585][ T7529] read_pages+0x17e/0x840 [ 129.790925][ T7529] ? percpu_ref_put+0x19/0x180 [ 129.795712][ T7529] ? __pfx_read_pages+0x10/0x10 [ 129.800585][ T7529] ? filemap_add_folio+0x26d/0x650 [ 129.805716][ T7529] ? __pfx_filemap_add_folio+0x10/0x10 [ 129.811194][ T7529] page_cache_ra_unbounded+0x6ce/0x7f0 [ 129.816669][ T7529] filemap_get_pages+0x543/0x2330 [ 129.821717][ T7529] ? __pfx_filemap_get_pages+0x10/0x10 [ 129.827190][ T7529] ? __pfx___might_resched+0x10/0x10 [ 129.832492][ T7529] ? unwind_next_frame+0x18e6/0x22d0 [ 129.837794][ T7529] filemap_read+0x457/0xfa0 [ 129.842304][ T7529] ? 0xffffffffa0003c00 [ 129.846481][ T7529] ? __pfx_filemap_read+0x10/0x10 [ 129.851547][ T7529] ? iov_iter_kvec+0x4e/0x180 [ 129.856252][ T7529] __kernel_read+0x532/0x9f0 [ 129.860859][ T7529] ? do_sys_openat2+0x13e/0x1d0 [ 129.865733][ T7529] ? __x64_sys_openat+0x247/0x2a0 [ 129.870784][ T7529] ? __pfx___kernel_read+0x10/0x10 [ 129.875926][ T7529] integrity_kernel_read+0xb0/0x100 [ 129.881158][ T7529] ? __pfx_integrity_kernel_read+0x10/0x10 [ 129.886978][ T7529] ? ima_calc_file_hash+0xab7/0x1b30 [ 129.892301][ T7529] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 129.897870][ T7529] ima_calc_file_hash+0xaef/0x1b30 [ 129.903004][ T7529] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 129.909349][ T7529] ? lockdep_hardirqs_on+0x99/0x150 [ 129.914557][ T7529] ? __pfx_ima_calc_file_hash+0x10/0x10 [ 129.920118][ T7529] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 129.926036][ T7529] ? __x64_sys_openat+0x247/0x2a0 [ 129.931076][ T7529] ? do_syscall_64+0xf3/0x230 [ 129.935763][ T7529] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.941842][ T7529] ? mark_lock+0x9a/0x360 [ 129.946181][ T7529] ? make_vfsgid+0x46/0x90 [ 129.950610][ T7529] ? generic_fillattr+0x59c/0x840 [ 129.955663][ T7529] ima_collect_measurement+0x526/0xb20 [ 129.961146][ T7529] ? __pfx_ima_collect_measurement+0x10/0x10 [ 129.967230][ T7529] ? squashfs_xattr_handler_get+0x585/0x900 [ 129.973150][ T7529] ? trace_contention_end+0x3c/0x120 [ 129.978453][ T7529] ? __mutex_lock+0x2ef/0xd70 [ 129.983153][ T7529] ? ima_get_hash_algo+0x156/0x4d0 [ 129.988291][ T7529] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 129.993766][ T7529] process_measurement+0x1357/0x1fb0 [ 129.999163][ T7529] ? __pfx_process_measurement+0x10/0x10 [ 130.004819][ T7529] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 130.011261][ T7529] ? __pfx_apparmor_file_open+0x10/0x10 [ 130.016832][ T7529] ? tomoyo_file_open+0x168/0x220 [ 130.021877][ T7529] ? inode_to_bdi+0x69/0xf0 [ 130.026393][ T7529] ? apparmor_current_getsecid_subj+0xde/0x1b0 [ 130.032572][ T7529] ima_file_check+0xf2/0x170 [ 130.037189][ T7529] ? __pfx_ima_file_check+0x10/0x10 [ 130.042405][ T7529] security_file_post_open+0xb9/0x280 [ 130.047798][ T7529] path_openat+0x2cd0/0x3590 [ 130.052412][ T7529] ? __pfx_path_openat+0x10/0x10 [ 130.057364][ T7529] do_filp_open+0x235/0x490 [ 130.061879][ T7529] ? __pfx_do_filp_open+0x10/0x10 [ 130.066920][ T7529] ? _raw_spin_unlock+0x28/0x50 [ 130.071782][ T7529] ? alloc_fd+0x5a1/0x640 [ 130.076145][ T7529] do_sys_openat2+0x13e/0x1d0 [ 130.080874][ T7529] ? __pfx_do_sys_openat2+0x10/0x10 [ 130.086114][ T7529] __x64_sys_openat+0x247/0x2a0 [ 130.090979][ T7529] ? __pfx___x64_sys_openat+0x10/0x10 [ 130.096411][ T7529] ? do_syscall_64+0x100/0x230 [ 130.101196][ T7529] ? do_syscall_64+0xb6/0x230 [ 130.105891][ T7529] do_syscall_64+0xf3/0x230 [ 130.110405][ T7529] ? clear_bhb_loop+0x35/0x90 [ 130.115099][ T7529] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.121010][ T7529] RIP: 0033:0x7fdcc5179e79 [ 130.125607][ T7529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.145222][ T7529] RSP: 002b:00007fdcc6001038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 130.153655][ T7529] RAX: ffffffffffffffda RBX: 00007fdcc5315f80 RCX: 00007fdcc5179e79 [ 130.161640][ T7529] RDX: 0000000000000000 RSI: 0000000020000300 RDI: ffffffffffffff9c [ 130.169635][ T7529] RBP: 00007fdcc51e7916 R08: 0000000000000000 R09: 0000000000000000 [ 130.177619][ T7529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 130.185619][ T7529] R13: 0000000000000000 R14: 00007fdcc5315f80 R15: 00007ffc386255e8 [ 130.193616][ T7529] [ 130.196640][ T7529] [ 130.198966][ T7529] Allocated by task 7529: [ 130.203290][ T7529] kasan_save_track+0x3f/0x80 [ 130.207981][ T7529] __kasan_kmalloc+0x98/0xb0 [ 130.212599][ T7529] __kmalloc_cache_noprof+0x19c/0x2c0 [ 130.218179][ T7529] squashfs_page_actor_init_special+0x64/0x440 [ 130.224427][ T7529] squashfs_readahead+0x188f/0x2680 [ 130.229656][ T7529] read_pages+0x17e/0x840 [ 130.234001][ T7529] page_cache_ra_unbounded+0x6ce/0x7f0 [ 130.239469][ T7529] filemap_get_pages+0x543/0x2330 [ 130.244500][ T7529] filemap_read+0x457/0xfa0 [ 130.249012][ T7529] __kernel_read+0x532/0x9f0 [ 130.253751][ T7529] integrity_kernel_read+0xb0/0x100 [ 130.259071][ T7529] ima_calc_file_hash+0xaef/0x1b30 [ 130.264214][ T7529] ima_collect_measurement+0x526/0xb20 [ 130.269687][ T7529] process_measurement+0x1357/0x1fb0 [ 130.274982][ T7529] ima_file_check+0xf2/0x170 [ 130.279584][ T7529] security_file_post_open+0xb9/0x280 [ 130.284967][ T7529] path_openat+0x2cd0/0x3590 [ 130.289569][ T7529] do_filp_open+0x235/0x490 [ 130.294172][ T7529] do_sys_openat2+0x13e/0x1d0 [ 130.298865][ T7529] __x64_sys_openat+0x247/0x2a0 [ 130.303729][ T7529] do_syscall_64+0xf3/0x230 [ 130.308268][ T7529] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.314184][ T7529] [ 130.316515][ T7529] Freed by task 7529: [ 130.320511][ T7529] kasan_save_track+0x3f/0x80 [ 130.325195][ T7529] kasan_save_free_info+0x40/0x50 [ 130.330233][ T7529] __kasan_slab_free+0x59/0x70 [ 130.335002][ T7529] kfree+0x196/0x3e0 [ 130.338906][ T7529] squashfs_readahead+0x195b/0x2680 [ 130.344114][ T7529] read_pages+0x17e/0x840 [ 130.348913][ T7529] page_cache_ra_unbounded+0x6ce/0x7f0 [ 130.354380][ T7529] filemap_get_pages+0x543/0x2330 [ 130.359412][ T7529] filemap_read+0x457/0xfa0 [ 130.364617][ T7529] __kernel_read+0x532/0x9f0 [ 130.369216][ T7529] integrity_kernel_read+0xb0/0x100 [ 130.374425][ T7529] ima_calc_file_hash+0xaef/0x1b30 [ 130.379599][ T7529] ima_collect_measurement+0x526/0xb20 [ 130.385077][ T7529] process_measurement+0x1357/0x1fb0 [ 130.390381][ T7529] ima_file_check+0xf2/0x170 [ 130.394987][ T7529] security_file_post_open+0xb9/0x280 [ 130.400387][ T7529] path_openat+0x2cd0/0x3590 [ 130.404993][ T7529] do_filp_open+0x235/0x490 [ 130.409515][ T7529] do_sys_openat2+0x13e/0x1d0 [ 130.414647][ T7529] __x64_sys_openat+0x247/0x2a0 [ 130.419561][ T7529] do_syscall_64+0xf3/0x230 [ 130.424083][ T7529] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.429991][ T7529] [ 130.432344][ T7529] The buggy address belongs to the object at ffff88807b22f280 [ 130.432344][ T7529] which belongs to the cache kmalloc-96 of size 96 [ 130.446255][ T7529] The buggy address is located 64 bytes inside of [ 130.446255][ T7529] freed 96-byte region [ffff88807b22f280, ffff88807b22f2e0) [ 130.459913][ T7529] [ 130.462246][ T7529] The buggy address belongs to the physical page: [ 130.468691][ T7529] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7b22f [ 130.477554][ T7529] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 130.485117][ T7529] page_type: 0xfdffffff(slab) [ 130.489842][ T7529] raw: 00fff00000000000 ffff888015841280 ffffea0000b46200 dead000000000005 [ 130.498451][ T7529] raw: 0000000000000000 0000000080200020 00000001fdffffff 0000000000000000 [ 130.507042][ T7529] page dumped because: kasan: bad access detected [ 130.513466][ T7529] page_owner tracks the page as allocated [ 130.519180][ T7529] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5223, tgid 5223 (udevd), ts 69974155094, free_ts 69942339303 [ 130.539086][ T7529] post_alloc_hook+0x1f3/0x230 [ 130.543868][ T7529] get_page_from_freelist+0x3131/0x3280 [ 130.549428][ T7529] __alloc_pages_noprof+0x29e/0x780 [ 130.554636][ T7529] alloc_slab_page+0x5f/0x120 [ 130.559324][ T7529] allocate_slab+0x5a/0x2f0 [ 130.563857][ T7529] ___slab_alloc+0xcd1/0x14b0 [ 130.568538][ T7529] __slab_alloc+0x58/0xa0 [ 130.572911][ T7529] __kmalloc_noprof+0x25a/0x400 [ 130.577775][ T7529] tomoyo_encode+0x26f/0x540 [ 130.582389][ T7529] tomoyo_realpath_from_path+0x59e/0x5e0 [ 130.588062][ T7529] tomoyo_path_perm+0x2b7/0x740 [ 130.592923][ T7529] tomoyo_path_unlink+0xd0/0x110 [ 130.597870][ T7529] security_path_unlink+0x169/0x360 [ 130.603075][ T7529] do_unlinkat+0x3e6/0x830 [ 130.607516][ T7529] __x64_sys_unlink+0x47/0x50 [ 130.612200][ T7529] do_syscall_64+0xf3/0x230 [ 130.616717][ T7529] page last free pid 5383 tgid 5383 stack trace: [ 130.623043][ T7529] free_unref_page+0xc07/0xd90 [ 130.628337][ T7529] tlb_finish_mmu+0x11f/0x200 [ 130.633021][ T7529] exit_mmap+0x496/0xc40 [ 130.637280][ T7529] __mmput+0x115/0x390 [ 130.641359][ T7529] exit_mm+0x220/0x310 [ 130.645429][ T7529] do_exit+0x9b2/0x28e0 [ 130.649586][ T7529] do_group_exit+0x207/0x2c0 [ 130.654181][ T7529] __x64_sys_exit_group+0x3f/0x40 [ 130.659211][ T7529] x64_sys_call+0x26a8/0x26b0 [ 130.663898][ T7529] do_syscall_64+0xf3/0x230 [ 130.668407][ T7529] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.674345][ T7529] [ 130.676668][ T7529] Memory state around the buggy address: [ 130.682332][ T7529] ffff88807b22f180: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 130.690418][ T7529] ffff88807b22f200: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 130.698500][ T7529] >ffff88807b22f280: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 130.706745][ T7529] ^ [ 130.713358][ T7529] ffff88807b22f300: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 130.721441][ T7529] ffff88807b22f380: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 130.729524][ T7529] ================================================================== [ 130.784119][ T4618] Bluetooth: hci1: command tx timeout [ 130.790717][ T7529] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 130.797954][ T7529] CPU: 0 UID: 0 PID: 7529 Comm: syz.0.974 Not tainted 6.11.0-rc4-next-20240822-syzkaller #0 [ 130.808054][ T7529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 130.818140][ T7529] Call Trace: [ 130.821447][ T7529] [ 130.824474][ T7529] dump_stack_lvl+0x241/0x360 [ 130.829171][ T7529] ? __pfx_dump_stack_lvl+0x10/0x10 [ 130.834466][ T7529] ? __pfx__printk+0x10/0x10 [ 130.839066][ T7529] ? preempt_schedule+0xe1/0xf0 [ 130.843927][ T7529] ? vscnprintf+0x5d/0x90 [ 130.848270][ T7529] panic+0x349/0x880 [ 130.852174][ T7529] ? check_panic_on_warn+0x21/0xb0 [ 130.857295][ T7529] ? __pfx_panic+0x10/0x10 [ 130.861723][ T7529] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 130.867738][ T7529] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 130.874097][ T7529] ? print_report+0x502/0x550 [ 130.878807][ T7529] check_panic_on_warn+0x86/0xb0 [ 130.883766][ T7529] ? squashfs_readahead+0x210c/0x2680 [ 130.889154][ T7529] end_report+0x77/0x160 [ 130.893408][ T7529] kasan_report+0x154/0x180 [ 130.897951][ T7529] ? squashfs_readahead+0x210c/0x2680 [ 130.903346][ T7529] squashfs_readahead+0x210c/0x2680 [ 130.908590][ T7529] ? squashfs_readahead+0x6f0/0x2680 [ 130.913890][ T7529] ? __pfx_squashfs_readahead+0x10/0x10 [ 130.919454][ T7529] ? blk_start_plug+0x70/0x1b0 [ 130.924229][ T7529] read_pages+0x17e/0x840 [ 130.928574][ T7529] ? percpu_ref_put+0x19/0x180 [ 130.933388][ T7529] ? __pfx_read_pages+0x10/0x10 [ 130.938336][ T7529] ? filemap_add_folio+0x26d/0x650 [ 130.943454][ T7529] ? __pfx_filemap_add_folio+0x10/0x10 [ 130.948926][ T7529] page_cache_ra_unbounded+0x6ce/0x7f0 [ 130.954403][ T7529] filemap_get_pages+0x543/0x2330 [ 130.961277][ T7529] ? __pfx_filemap_get_pages+0x10/0x10 [ 130.966750][ T7529] ? __pfx___might_resched+0x10/0x10 [ 130.972053][ T7529] ? unwind_next_frame+0x18e6/0x22d0 [ 130.977364][ T7529] filemap_read+0x457/0xfa0 [ 130.981877][ T7529] ? 0xffffffffa0003c00 [ 130.986045][ T7529] ? __pfx_filemap_read+0x10/0x10 [ 130.991203][ T7529] ? iov_iter_kvec+0x4e/0x180 [ 130.995926][ T7529] __kernel_read+0x532/0x9f0 [ 131.000537][ T7529] ? do_sys_openat2+0x13e/0x1d0 [ 131.005408][ T7529] ? __x64_sys_openat+0x247/0x2a0 [ 131.010460][ T7529] ? __pfx___kernel_read+0x10/0x10 [ 131.015616][ T7529] integrity_kernel_read+0xb0/0x100 [ 131.020841][ T7529] ? __pfx_integrity_kernel_read+0x10/0x10 [ 131.026660][ T7529] ? ima_calc_file_hash+0xab7/0x1b30 [ 131.031959][ T7529] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 131.037533][ T7529] ima_calc_file_hash+0xaef/0x1b30 [ 131.042668][ T7529] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 131.049137][ T7529] ? lockdep_hardirqs_on+0x99/0x150 [ 131.054350][ T7529] ? __pfx_ima_calc_file_hash+0x10/0x10 [ 131.059912][ T7529] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 131.065830][ T7529] ? __x64_sys_openat+0x247/0x2a0 [ 131.070874][ T7529] ? do_syscall_64+0xf3/0x230 [ 131.075563][ T7529] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.081647][ T7529] ? mark_lock+0x9a/0x360 [ 131.085987][ T7529] ? make_vfsgid+0x46/0x90 [ 131.090410][ T7529] ? generic_fillattr+0x59c/0x840 [ 131.095454][ T7529] ima_collect_measurement+0x526/0xb20 [ 131.100944][ T7529] ? __pfx_ima_collect_measurement+0x10/0x10 [ 131.106945][ T7529] ? squashfs_xattr_handler_get+0x585/0x900 [ 131.112866][ T7529] ? trace_contention_end+0x3c/0x120 [ 131.118163][ T7529] ? __mutex_lock+0x2ef/0xd70 [ 131.122859][ T7529] ? ima_get_hash_algo+0x156/0x4d0 [ 131.127982][ T7529] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 131.133539][ T7529] process_measurement+0x1357/0x1fb0 [ 131.138850][ T7529] ? __pfx_process_measurement+0x10/0x10 [ 131.144498][ T7529] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 131.150952][ T7529] ? __pfx_apparmor_file_open+0x10/0x10 [ 131.156518][ T7529] ? tomoyo_file_open+0x168/0x220 [ 131.161550][ T7529] ? inode_to_bdi+0x69/0xf0 [ 131.166064][ T7529] ? apparmor_current_getsecid_subj+0xde/0x1b0 [ 131.172230][ T7529] ima_file_check+0xf2/0x170 [ 131.176839][ T7529] ? __pfx_ima_file_check+0x10/0x10 [ 131.182052][ T7529] security_file_post_open+0xb9/0x280 [ 131.187436][ T7529] path_openat+0x2cd0/0x3590 [ 131.192140][ T7529] ? __pfx_path_openat+0x10/0x10 [ 131.197099][ T7529] do_filp_open+0x235/0x490 [ 131.201655][ T7529] ? __pfx_do_filp_open+0x10/0x10 [ 131.207145][ T7529] ? _raw_spin_unlock+0x28/0x50 [ 131.212010][ T7529] ? alloc_fd+0x5a1/0x640 [ 131.216362][ T7529] do_sys_openat2+0x13e/0x1d0 [ 131.221059][ T7529] ? __pfx_do_sys_openat2+0x10/0x10 [ 131.226280][ T7529] __x64_sys_openat+0x247/0x2a0 [ 131.231148][ T7529] ? __pfx___x64_sys_openat+0x10/0x10 [ 131.236548][ T7529] ? do_syscall_64+0x100/0x230 [ 131.241327][ T7529] ? do_syscall_64+0xb6/0x230 [ 131.246018][ T7529] do_syscall_64+0xf3/0x230 [ 131.250537][ T7529] ? clear_bhb_loop+0x35/0x90 [ 131.255223][ T7529] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.261128][ T7529] RIP: 0033:0x7fdcc5179e79 [ 131.265556][ T7529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 131.285201][ T7529] RSP: 002b:00007fdcc6001038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 131.293634][ T7529] RAX: ffffffffffffffda RBX: 00007fdcc5315f80 RCX: 00007fdcc5179e79 [ 131.301615][ T7529] RDX: 0000000000000000 RSI: 0000000020000300 RDI: ffffffffffffff9c [ 131.309617][ T7529] RBP: 00007fdcc51e7916 R08: 0000000000000000 R09: 0000000000000000 [ 131.317620][ T7529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 131.325614][ T7529] R13: 0000000000000000 R14: 00007fdcc5315f80 R15: 00007ffc386255e8 [ 131.333622][ T7529] [ 131.336951][ T7529] Kernel Offset: disabled [ 131.341275][ T7529] Rebooting in 86400 seconds..