last executing test programs: 2m12.085961989s ago: executing program 3 (id=253): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000200)={{r1}, 0x8000000000000000, 0x7fff, 0x9}) 2m11.951320002s ago: executing program 3 (id=254): setresuid(0xee01, 0xee00, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xe, 0x4008031, 0xffffffffffffffff, 0x5b76f000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) clock_nanosleep(0x9, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, 0x0) 2m10.658828801s ago: executing program 3 (id=263): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_elf64(r0, &(0x7f0000000400)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003003e0000000000200000007c80000040000000000000000000000000f80000000000000000380001000000000000000300000003000000239bb0f4a4a3c02be500000000000000006be1982d1976e95b"], 0x78) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) 2m10.374937875s ago: executing program 3 (id=264): syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000000100)={[{@barrier_val={'barrier', 0x3d, 0x6}}, {@resgid}, {@auto_da_alloc}, {@jqfmt_vfsv0}, {@nobh}, {@usrjquota, 0x2e}], [], 0x2e}, 0x6, 0x47b, &(0x7f0000001280)="$eJzs28tvG8UfAPDv2nH6bvLrrzz6AAwFEfFImrRAD1xAIPWChASHcgxpWpWmDWqCRKuKBoTKEfUvAI5I/AWc4IKAE4grSFyQEFKFeqFwQIvW3m3dxDZ2Etcp/nwkNzO7s5357uzYszt2AAOrmv2TRGyPiB+HI0bq2VsLVOt/rl+7OPPntYszSaTpK78ntXJ/XLs4UxQtjtuWZ8ZKEaX3k9jXpN6F8xdOT8/NzZ7L8xOLZ96cWDh/4clTZ6ZPzp6cPTt15MjhQ5PPPD311LrEuSNr69535vfvOfralZdmjl15/ZvPsu3b8/2NcdSNrrnOalRvPZcNHon4JU3TNdexUexoSCdDfWwIXSlHRNZdlWz8x0iU42bnjcSL7/W1cUBPpWmablqxtVwkllLgPyyJfrcA6I/igz67/y1et3H60XdXn6vfAGVxX89f9T1DUcrLVJbd366nav732NJfH0XT5xBNbOlRYwCAgfBFNv95otn8rxR3N5TbGfW1odGI+F9E7IqI/0fE7oi4K6JW9p6IuLfL+qvL8ivnP9/3dLaTzf+ezde2bp3/FbO/GC3nuR21+CvJiVNzswfzczIWlU1ZfrJNHV++8MOHrfZV87lf8crqL+aCeTt+G1r2gO749OL0WmJudPXdiL1DzeJPbqwEJBGxJyL2ruL/z87Zqcc+3d9q/7/H38Y6rDOln0Q8Wu//pVgWfyFpvz45sTnmZg9OFFfFSt9+d/nlVvU3i39zp/Gvg6z/tza9/m/EP5o0rtcudF/H5Z8+aHlPs9rrfzh5tZYezre9Pb24eG4yYjhZWrl96uaxRb4on8U/dqD5+N8V8ffH+XH7IiK7iO+LiPsj4oF8fffBiHgoIg60if/r5x9+Y/Xx91YW//Gu+r/7RPn0V5+3qr+z/j9cS43lWzp5/+u0gWs5dwAAAHCnKNW+A5+Uxm+kS6Xx8fp3+HfH1tLc/MLi4yfm3zp7vP5d+dGolIonXSMNz0Mn82fDRX5qWf5Q7blxmqbpllp+fGZ+rldr6kBntrUY/5lfy/1uHdBzXa2jtfpFG3BH8ntNGFzGPwyuTsd/pcftAG4/n/8wuJqN/0sR1/vQFOA28/kPg8v4h8Fl/MPgMv5hIK3ld/3tEruOrvrwdE21b84DW+XhP7cvs3PdT9RsuVdd0ONElJruqkTEBmlhm0RpYzSjntgUEZ0WvrTaC7vrRJ/fmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANbJPwEAAP//tPLlnA==") io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xd, &(0x7f0000000140)={0x7, 0x0, 0x0, 0x0}, 0x20) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x183081, 0x0) mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x20, &(0x7f0000000140)='usrjquota=') 2m9.670758116s ago: executing program 3 (id=266): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20181, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) 2m9.020749385s ago: executing program 3 (id=272): r0 = socket$netlink(0x10, 0x3, 0x15) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x0, @dev={0xac, 0x14, 0x14, 0x12}, 0x0, 0x0, 'dh\x00'}, 0x2c) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c0000001000"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000000a0001"], 0x2c}}, 0x0) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="04010000100053"], 0x104}}, 0x0) 2m8.563126932s ago: executing program 32 (id=272): r0 = socket$netlink(0x10, 0x3, 0x15) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x0, @dev={0xac, 0x14, 0x14, 0x12}, 0x0, 0x0, 'dh\x00'}, 0x2c) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c0000001000"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000000a0001"], 0x2c}}, 0x0) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="04010000100053"], 0x104}}, 0x0) 1m38.965650961s ago: executing program 2 (id=516): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000680)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f00000001c0)=r1) 1m38.705656215s ago: executing program 2 (id=521): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r0, &(0x7f0000000d00)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffffc}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000400)="b8", 0x7f}], 0x1}}, {{&(0x7f0000000080)={0xa, 0x4e1d, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}, 0x45af}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000340)="01", 0x1}], 0x1}}], 0x2, 0x0) shutdown(r0, 0x1) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f00000003c0)={0x0, 0xff, 0x6}, 0x8) 1m38.456724319s ago: executing program 2 (id=525): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) io_uring_setup(0x7329, &(0x7f00000000c0)={0x0, 0xebcc, 0x1, 0x1, 0x24}) write(r0, &(0x7f0000000080)="aa6003", 0x3) close_range(r0, 0xffffffffffffffff, 0x0) 1m38.256568202s ago: executing program 2 (id=529): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0xc) 1m38.037831135s ago: executing program 2 (id=531): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x40000000001000, &(0x7f0000000100)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f00000000c0)={0x7, 0x8, 0xfa00, {r1}}, 0x10) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000000), r1, 0x0, 0x1, 0x4}}, 0x20) 1m37.601687921s ago: executing program 2 (id=535): syz_emit_ethernet(0x2e, &(0x7f0000000000)=ANY=[@ANYBLOB="0180613e04b0c63f6642531e0800450000"], 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x1, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1m37.219872277s ago: executing program 33 (id=535): syz_emit_ethernet(0x2e, &(0x7f0000000000)=ANY=[@ANYBLOB="0180613e04b0c63f6642531e0800450000"], 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x1, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 3.437852259s ago: executing program 0 (id=1422): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @local}}, 0x0, 0x0, 0x35, 0x0, "fd4e774e0f7cc8ba196d221230558161ad37e0ded15072b810a8ae11112cd0ab13e6b9fa08efdd93677c1b19fee75cb809252747680be8c480678c31768093f0d0cf5292de1a7505f7cc281300"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x17, 0x0, "d86ac46a073843d9f8060941f3d77262614c3cd1ba8b023fc00414f10c2b7974289520ce79fef70f5a2483620aef97999c7e0f07caa2360fa1374ae1dea4978f54b437d900"}, 0xd8) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36) 3.394737659s ago: executing program 0 (id=1423): r0 = epoll_create1(0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)) close(0x3) 3.233767022s ago: executing program 0 (id=1426): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000b40)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x38, r2, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_FLAGS={0x10, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_TDLS_PEER={0x4}, @NL80211_STA_FLAG_MFP={0x4}, @NL80211_STA_FLAG_WME={0x4}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x68040}, 0x4) 3.163583173s ago: executing program 0 (id=1429): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@newtaction={0x318, 0x30, 0x300, 0x71bd2a, 0x25dfdbff, {}, [{0x304, 0x1, [@m_gact={0x248, 0x17, 0x0, 0x0, {{0x9}, {0x70, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x2, 0x1ae8, 0x5}}, @TCA_GACT_PARMS={0x18, 0x2, {0x65d6, 0x1, 0x8, 0x7, 0x3ff}}, @TCA_GACT_PARMS={0x18, 0x2, {0x2, 0x2b3a, 0x8, 0x4, 0x831}}, @TCA_GACT_PARMS={0x18, 0x2, {0x9, 0x8, 0x0, 0xbd1c, 0x4}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x583, 0x1}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0xaeb, 0x20000000}}]}, {0x1ae, 0x6, "0f617356f0a663079abe295a350af32575b7576a2846e5b3b3d9b048dc90bac2c3b40552dc14f7774371c98d6e2763d4fda783e36f45e224474cc6a0e6a530d841c87c70bbf3448d6187a58197fa3ffb0b318a51ba59415ac311a355fe1d08f8de9966d8ba89a56bfbc37c6af7d37dcdeb618f98f29bf3b05a23cefbbf51193614c08c162352d9eaad342b2f307dd8babd71ab8a1c4f80bbbbccc8ce4d369a33f9c6fc16198b2cfa20bc906e08c92c0642310e03f00a0ed12baa1df64f1bf0502f23ff4d6a5e05aa81fa19a9b88c32227231211d5d298a3c63d5549b1a72ad3a2c2dbf727e06036e6f15f608bea0e2a8ff93600a6133a9b45faa6924e7b9e8756e78750bdef4103fcd162842f48260e1dbb952cf91a4fdf9ca11cc86255d345cc97e3e5a060faa5892b6b343ae47592ed09d5829b187941331c8c321997cbc0395a6658c85915c1468ea768127b402af42155e96f11ef5f95a4118370c736689c029238b89e6a7a47d06e553b3f1968de8d30df98c713bd5d18d8c5e00aee2d650046089d3fd1abf65c454e7e5f582e3e17fde068a7d8cfdaf8831aca9c839662d70f7a7893073ad4a10"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_bpf={0x2c, 0xa, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_simple={0x8c, 0x2, 0x0, 0x0, {{0xb}, {0x60, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x5, 0x2, 0x2, 0x141, 0x7f}}, @TCA_DEF_PARMS={0x18, 0x2, {0x19, 0x2, 0x6, 0x50, 0x5}}, @TCA_DEF_DATA={0x9, 0x3, '&[-(\x00'}, @TCA_DEF_DATA={0x8, 0x3, 'bpf\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x101, 0x1, 0x7, 0x187e, 0xb}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}]}]}, 0x318}, 0x1, 0x0, 0x0, 0x4000810}, 0x20040800) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 3.026498134s ago: executing program 1 (id=1432): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1532, 0x10e, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x80, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00220600000086"], 0x0, 0x0, 0x0, 0x0}, 0x0) 3.009910175s ago: executing program 0 (id=1433): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, &(0x7f0000000180)={0x12, 0x10, 0xfa00, {&(0x7f0000005480), r1, r0}}, 0x18) 2.906282087s ago: executing program 0 (id=1435): timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1) 2.757246839s ago: executing program 5 (id=1437): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="3800000018000100001c0000000000000a000000000008000000000008000400", @ANYRES32=r1, @ANYBLOB="06001500070000000c0016800800010010"], 0x38}}, 0x0) 2.569709192s ago: executing program 5 (id=1439): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(ecb-aes-aesni)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) close(r0) 2.534192262s ago: executing program 6 (id=1441): r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x1, 0xa0502) syz_usb_disconnect(r0) syz_usb_connect(0x6, 0x24, &(0x7f0000000040)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0x5509, 0x0) 1.773539043s ago: executing program 5 (id=1444): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00') prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) fchdir(r0) syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 1.649191055s ago: executing program 6 (id=1445): syz_open_dev$tty1(0xc, 0x4, 0x1) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000340)={0x1f, 0x1, @none, 0x0, 0x1}, 0xe) 1.509740967s ago: executing program 6 (id=1447): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000440)=0x3d, 0x4) setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000000)=0xffffff80, 0x4) getsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000034780)=""/102391, &(0x7f0000000180)=0x18ff7) 1.421470648s ago: executing program 4 (id=1448): timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74) recvmmsg(r0, &(0x7f00000018c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40012040, 0x0) 1.34192728s ago: executing program 6 (id=1449): openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0xc0, 0x61) r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) mount(&(0x7f0000000500)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000040)='udf\x00', 0x8007, 0x0) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) 1.204973432s ago: executing program 4 (id=1450): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}}, &(0x7f00000003c0)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10) r1 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_SIGNAL_INFO(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x10, 0x3f4, 0x100, 0x70bd2b, 0x25dfdbfe}, 0x10}, 0x1, 0x0, 0x0, 0x40001}, 0x400c000) 1.100502713s ago: executing program 1 (id=1451): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 890.558906ms ago: executing program 4 (id=1452): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x8140aecc, &(0x7f00000004c0)=ANY=[]) 836.417087ms ago: executing program 1 (id=1453): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000006c80)={0x64, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x30, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x64}}, 0x20000880) 739.373389ms ago: executing program 1 (id=1454): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r1, 0x0, 0x800000008ec2, 0xf) 705.146269ms ago: executing program 5 (id=1455): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x6, 0x11, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffffffff}, [@call={0x85, 0x0, 0x0, 0x17}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 627.77751ms ago: executing program 1 (id=1456): r0 = socket$packet(0x11, 0x3, 0x300) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="850000002f000000840000000000000095000000000000008560fc2b2062f611fc2f864ef177d634e46e8dcfe61b4fb9f600344d592fee49e176fe6ad28fbcb1f9259bfc63e9030971917e30b6f42e8f9dd6ab0ce07312a135cd363aa7e5bcef8fd0e8c7d2082584156c52ebfd69e8e13b7a8b477abc86468e11b6242133ce882f05e16b91c37b3437347f6058b4489c759783b9d4dfb55d0085a26e41201a6d8c8ced33e10048e756a40538b32bf653fa3c831a4e60599ed7a0f999d18de9984522a7cdb6fc30015633a0132c9578b7da5bd7280a5f7e28fd858ba712020b23ef8a2785b6c146c48b48ca7e232d0489661396e9303b38aa5d26d06e2e676795fd2733f95da570bab301000000ffffffff2a2792a630d8fcdc"], &(0x7f0000000180)='GPL\x00'}, 0x48) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4) syz_emit_ethernet(0x4a, &(0x7f00000003c0)=ANY=[], 0x0) 545.721581ms ago: executing program 4 (id=1457): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000d"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540), &(0x7f0000000580), 0x1001, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000000700000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) 545.368291ms ago: executing program 6 (id=1458): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x403, 0x4, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_FD0={0x8}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x40}, 0x1, 0xba01}, 0x810) 508.702132ms ago: executing program 5 (id=1459): r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f0000000240)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x4e21, 0x0, @empty, 0x8}}}, 0x108) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="01000000000000000a00000000000000ff01000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x190) 419.301233ms ago: executing program 1 (id=1460): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) r1 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r1, &(0x7f0000000c80)=[{{&(0x7f0000000040)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000440)=[{&(0x7f0000000180)="fd", 0x1}], 0x1}}, {{&(0x7f0000001180)={0x2, 0x4e24, @rand_addr=0x64010100}, 0x10, &(0x7f00000011c0)=[{&(0x7f0000004d00)='f', 0x1}], 0x1}}], 0x2, 0x0) 286.521155ms ago: executing program 5 (id=1461): r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x3, &(0x7f00000000c0)={{0x0, 0x989680}, {0x77359400}}, 0x0) clock_settime(0x0, &(0x7f0000003c80)={0x77359400}) readv(r0, &(0x7f0000000080)=[{&(0x7f00000016c0)=""/149, 0x95}], 0x1) 214.366987ms ago: executing program 6 (id=1462): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_MSRS(r2, 0xc008aec1, &(0x7f0000000100)=ANY=[]) 150.594867ms ago: executing program 4 (id=1463): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)={0x30, r1, 0xb97534d5fe9704cf, 0x0, 0xfffffffc, {{0x12}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x1}]}, 0x30}}, 0x0) 0s ago: executing program 4 (id=1464): r0 = inotify_init1(0x800) r1 = inotify_add_watch(r0, &(0x7f0000000400)='.\x00', 0xa4000021) inotify_rm_watch(r0, r1) read(r0, 0x0, 0x0) kernel console output (not intermixed with test programs): ][ T6322] loop6: rw=2049, sector=256, nr_sectors = 4 limit=256 [ 161.552697][ T6337] loop6: detected capacity change from 0 to 512 [ 161.560521][ T6337] EXT4-fs: Ignoring removed nomblk_io_submit option [ 161.582832][ T6337] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 161.617539][ T6337] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2 [ 161.634340][ T6337] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2 [ 161.664666][ T6337] EXT4-fs (loop6): 1 truncate cleaned up [ 161.673903][ T6337] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 161.709670][ T6337] EXT4-fs error (device loop6): ext4_map_blocks:635: inode #2: block 4: comm syz.6.671: lblock 0 mapped to illegal pblock 4 (length 1) [ 161.787465][ T6337] EXT4-fs (loop6): Remounting filesystem read-only [ 161.810834][ T6337] EXT4-fs error (device loop6): ext4_map_blocks:635: inode #2: block 4: comm syz.6.671: lblock 0 mapped to illegal pblock 4 (length 1) [ 161.811028][ T6351] netlink: 'syz.0.677': attribute type 4 has an invalid length. [ 161.833985][ T6350] loop5: detected capacity change from 0 to 256 [ 161.852981][ T6337] EXT4-fs (loop6): Remounting filesystem read-only [ 161.975448][ T5986] EXT4-fs (loop6): unmounting filesystem. [ 162.201282][ T6361] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem [ 162.588967][ T6379] netlink: 28 bytes leftover after parsing attributes in process `syz.0.691'. [ 162.897862][ T4324] kernel write not supported for file /snd/pcmC0D0p (pid: 4324 comm: kworker/1:6) [ 162.934207][ T6363] loop4: detected capacity change from 0 to 32768 [ 162.962537][ T6363] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz.4.684 (6363) [ 163.006670][ T6363] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 163.045982][ T6363] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 163.070369][ T6363] BTRFS info (device loop4): using free space tree [ 163.316982][ T6381] loop1: detected capacity change from 0 to 32768 [ 163.337551][ T6381] (syz.1.692,6381,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 163.342441][ T6363] BTRFS info (device loop4): enabling ssd optimizations [ 163.359998][ T6381] (syz.1.692,6381,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 163.380203][ T6381] (syz.1.692,6381,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC. [ 163.427831][ T6381] JBD2: Ignoring recovery information on journal [ 163.535621][ T6381] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 163.624692][ T6417] netlink: 'syz.0.700': attribute type 1 has an invalid length. [ 163.650786][ T4264] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 163.779011][ T6420] (syz.1.692,6420,0):ocfs2_parse_options:1458 ERROR: Invalid heartbeat mount options [ 163.798969][ T6381] (syz.1.692,6381,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb68296ec, computed 0xec517776. Applying ECC. [ 163.852528][ T6381] (syz.1.692,6381,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xb68296ec, computed 0xccb4c126 [ 163.895380][ T6381] (syz.1.692,6381,0):ocfs2_trim_mainbm:7611 ERROR: status = -5 [ 164.036677][ T4266] ocfs2: Unmounting device (7,1) on (node local) [ 164.281728][ T26] audit: type=1326 audit(1752495924.072:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6430 comm="syz.6.708" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9a1138e929 code=0x0 [ 164.361393][ T6434] loop5: detected capacity change from 0 to 1024 [ 164.391987][ T6434] hfsplus: bad catalog entry type [ 164.441911][ T75] hfsplus: b-tree write err: -5, ino 4 [ 164.503447][ T6439] capability: warning: `syz.4.710' uses 32-bit capabilities (legacy support in use) [ 164.755784][ T6424] loop0: detected capacity change from 0 to 32768 [ 164.808284][ T6424] XFS (loop0): Mounting V5 Filesystem [ 164.863691][ T5201] kernel write not supported for file /342/loginuid (pid: 5201 comm: kworker/0:12) [ 164.921675][ T6424] XFS (loop0): Ending clean mount [ 165.040266][ T4267] XFS (loop0): Unmounting Filesystem [ 165.762886][ T6492] loop1: detected capacity change from 0 to 64 [ 165.804483][ T6493] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4) [ 165.811807][ T6493] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 165.846379][ T6493] vhci_hcd vhci_hcd.0: Device attached [ 165.893868][ T6492] Trying to free block not in datazone [ 165.919329][ T6492] Trying to free block not in datazone [ 165.929870][ T6492] minix_free_inode: bit 5 already cleared [ 166.104374][ T4255] usb 43-1: new low-speed USB device number 2 using vhci_hcd [ 166.125125][ T1561] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 166.283125][ T6487] loop6: detected capacity change from 0 to 32768 [ 166.318068][ T6487] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 scanned by syz.6.731 (6487) [ 166.337295][ T1561] usb 6-1: config 0 has no interfaces? [ 166.345124][ T1561] usb 6-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5 [ 166.377675][ T1561] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.399549][ T1561] usb 6-1: config 0 descriptor?? [ 166.416747][ T6487] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 166.441606][ T6487] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm [ 166.463015][ T6496] loop4: detected capacity change from 0 to 32768 [ 166.470065][ T6487] BTRFS info (device loop6): using free space tree [ 166.488564][ T6496] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 scanned by syz.4.734 (6496) [ 166.514323][ T6496] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 166.525188][ T6496] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 166.535397][ T6496] BTRFS info (device loop4): using free space tree [ 166.625178][ T6487] BTRFS info (device loop6): enabling ssd optimizations [ 166.637728][ T4899] usb 6-1: USB disconnect, device number 3 [ 166.646048][ T6495] vhci_hcd: connection closed [ 166.651818][ T11] vhci_hcd: stop threads [ 166.672572][ T11] vhci_hcd: release socket [ 166.679328][ T11] vhci_hcd: disconnect device [ 166.715077][ T4255] vhci_hcd: vhci_device speed not set [ 166.744486][ T6496] BTRFS info (device loop4): enabling ssd optimizations [ 166.795427][ T5986] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 167.205920][ T4264] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 167.402088][ T6555] sch_tbf: burst 0 is lower than device wg0 mtu (1420) ! [ 167.477001][ T6559] loop0: detected capacity change from 0 to 256 [ 168.412388][ T6590] loop5: detected capacity change from 0 to 128 [ 168.429706][ T6590] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 168.585691][ T46] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 168.718633][ T6580] loop1: detected capacity change from 0 to 32768 [ 168.728962][ T6594] loop0: detected capacity change from 0 to 4096 [ 168.768315][ T6598] loop6: detected capacity change from 0 to 4096 [ 168.801426][ T6580] XFS (loop1): Mounting V5 Filesystem [ 168.810497][ T6606] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 168.815110][ T6597] syz.4.764 (6597) used greatest stack depth: 19584 bytes left [ 168.871302][ T6598] NILFS error (device loop6): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 168.911264][ T6611] wireguard: wg1: Could not create IPv4 socket [ 168.926780][ T6598] Remounting filesystem read-only [ 168.946805][ T6598] NILFS (loop6): mounting fs with errors [ 168.983576][ T6580] XFS (loop1): Ending clean mount [ 169.033964][ T6580] XFS (loop1): Quotacheck needed: Please wait. [ 169.119259][ T6580] XFS (loop1): Quotacheck: Done. [ 169.388572][ T4266] XFS (loop1): Unmounting Filesystem [ 170.692432][ T6658] loop6: detected capacity change from 0 to 512 [ 170.751479][ T6658] EXT4-fs: Ignoring removed nobh option [ 170.791149][ T6658] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 170.820016][ T6658] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 170.873617][ T6649] loop0: detected capacity change from 0 to 32768 [ 170.901973][ T6649] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 scanned by syz.0.783 (6649) [ 171.015542][ T6658] EXT4-fs error (device loop6): ext4_orphan_get:1400: inode #15: comm syz.6.788: iget: bad i_size value: 38620345925642 [ 171.068787][ T6658] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.788: couldn't read orphan inode 15 (err -117) [ 171.120626][ T6658] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 171.337835][ T6667] EXT4-fs error (device loop6): ext4_validate_block_bitmap:429: comm syz.6.788: bg 0: block 5: invalid block bitmap [ 171.407166][ T6667] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 416 with error 28 [ 171.501006][ T6667] EXT4-fs (loop6): This should not happen!! Data will be lost [ 171.501006][ T6667] [ 171.572582][ T6667] EXT4-fs (loop6): Total free blocks count 0 [ 171.602627][ T6667] EXT4-fs (loop6): Free/Dirty block details [ 171.627695][ T6667] EXT4-fs (loop6): free_blocks=0 [ 171.653473][ T6667] EXT4-fs (loop6): dirty_blocks=416 [ 171.676378][ T6667] EXT4-fs (loop6): Block reservation details [ 171.704487][ T6667] EXT4-fs (loop6): i_reserved_data_blocks=416 [ 171.744596][ T4268] Bluetooth: hci4: command 0x0405 tx timeout [ 171.798605][ T6649] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 171.856012][ T6649] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 171.870897][ T6649] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 171.881808][ T6649] BTRFS info (device loop0): use zstd compression, level 3 [ 171.889485][ T6647] loop4: detected capacity change from 0 to 262144 [ 171.896174][ T6649] BTRFS info (device loop0): using free space tree [ 171.922479][ T5986] EXT4-fs (loop6): unmounting filesystem. [ 171.948243][ T6647] F2FS-fs (loop4): Found nat_bits in checkpoint [ 171.992390][ T6647] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 172.002294][ T6661] loop5: detected capacity change from 0 to 32768 [ 172.038312][ T6649] BTRFS info (device loop0): enabling ssd optimizations [ 172.075543][ T6661] XFS (loop5): Mounting V5 Filesystem [ 172.244577][ T6661] XFS (loop5): Ending clean mount [ 172.501615][ T5196] XFS (loop5): Unmounting Filesystem [ 172.509023][ T4267] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 172.669688][ T6713] loop6: detected capacity change from 0 to 256 [ 173.395705][ T6730] netlink: 'syz.1.807': attribute type 1 has an invalid length. [ 173.569550][ T6736] loop0: detected capacity change from 0 to 256 [ 173.599092][ T6736] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 173.614473][ T6738] loop5: detected capacity change from 0 to 512 [ 173.634361][ T6736] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 173.646790][ T6738] EXT4-fs: Ignoring removed oldalloc option [ 173.671908][ T6738] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 173.688528][ T6736] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 173.733310][ T6738] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 173.781505][ T6738] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a856c02c, mo2=0102] [ 173.834717][ T6738] System zones: 0-2, 18-18, 34-34 [ 173.857287][ T6738] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.811: iget: bad i_size value: 360287970189639680 [ 173.945164][ T6738] EXT4-fs (loop5): Remounting filesystem read-only [ 173.979474][ T6738] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.811: couldn't read orphan inode 15 (err -117) [ 174.011506][ T6738] EXT4-fs (loop5): Remounting filesystem read-only [ 174.025411][ T6738] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 174.088330][ T6738] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.811: bg 0: block 80: padding at end of block bitmap is not set [ 174.123873][ T6738] EXT4-fs (loop5): Remounting filesystem read-only [ 174.253426][ T5196] EXT4-fs (loop5): unmounting filesystem. [ 174.419181][ T6734] loop6: detected capacity change from 0 to 40427 [ 174.437318][ T6734] F2FS-fs (loop6): Invalid Fs Meta Ino: node(1) meta(83886082) root(3) [ 174.448108][ T6734] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 174.480103][ T6734] F2FS-fs (loop6): invalid crc value [ 174.523377][ T6734] F2FS-fs (loop6): Found nat_bits in checkpoint [ 174.623056][ T6734] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 174.632628][ T6734] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 174.772835][ T6772] loop5: detected capacity change from 0 to 512 [ 174.795981][ T5986] syz-executor: attempt to access beyond end of device [ 174.795981][ T5986] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 174.810803][ T6772] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 174.853804][ T6772] EXT4-fs (loop5): 1 truncate cleaned up [ 174.866115][ T6753] loop4: detected capacity change from 0 to 40427 [ 174.874531][ T6772] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 174.883082][ T6753] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 174.891772][ T6753] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 174.909343][ T6753] F2FS-fs (loop4): invalid crc value [ 174.922811][ T6772] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.824: corrupted in-inode xattr [ 174.940534][ T6772] EXT4-fs (loop5): Remounting filesystem read-only [ 174.941557][ T6753] F2FS-fs (loop4): Found nat_bits in checkpoint [ 174.963598][ T6772] EXT4-fs warning (device loop5): ext4_xattr_set_entry:1732: inode #15: comm syz.5.824: unable to update i_inline_off [ 175.016784][ T6772] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.824: corrupted in-inode xattr [ 175.045262][ T6772] EXT4-fs (loop5): Remounting filesystem read-only [ 175.096385][ T6753] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 175.103637][ T6753] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 175.162455][ T26] audit: type=1800 audit(1752495934.952:25): pid=6753 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.794" name="bus" dev="loop4" ino=10 res=0 errno=0 [ 175.207703][ T5198] kernel write not supported for file /370/attr/sockcreate (pid: 5198 comm: kworker/0:11) [ 175.242979][ T5196] EXT4-fs (loop5): unmounting filesystem. [ 175.420714][ T6788] netlink: 136 bytes leftover after parsing attributes in process `syz.5.829'. [ 175.461081][ T6788] net_ratelimit: 3320 callbacks suppressed [ 175.461099][ T6788] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 175.840173][ T6795] loop5: detected capacity change from 0 to 4096 [ 175.931796][ T6797] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 175.956859][ T6795] NILFS error (device loop5): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 175.965641][ T6799] loop0: detected capacity change from 0 to 64 [ 175.999367][ T6795] Remounting filesystem read-only [ 176.017982][ T6795] NILFS (loop5): mounting fs with errors [ 176.059904][ T26] audit: type=1800 audit(1752495935.852:26): pid=6799 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.833" name="file1" dev="loop0" ino=5 res=0 errno=0 [ 176.327632][ T6808] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.337313][ T6808] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.464777][ T6793] loop6: detected capacity change from 0 to 32768 [ 176.494065][ T6793] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop6 scanned by syz.6.842 (6793) [ 176.508887][ T6814] netlink: 8 bytes leftover after parsing attributes in process `syz.0.839'. [ 176.525160][ T6793] BTRFS info (device loop6): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 176.558306][ T6793] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm [ 176.586687][ T6793] BTRFS info (device loop6): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 176.603941][ T6793] BTRFS info (device loop6): use zstd compression, level 3 [ 176.639504][ T6793] BTRFS info (device loop6): using free space tree [ 176.667379][ T6820] loop4: detected capacity change from 0 to 1024 [ 176.731864][ T6820] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 176.822451][ T6839] loop0: detected capacity change from 0 to 4096 [ 176.869823][ T6844] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 176.909950][ T6793] BTRFS info (device loop6): enabling ssd optimizations [ 176.935962][ T4264] EXT4-fs (loop4): unmounting filesystem. [ 176.969779][ T6839] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 177.081237][ T6839] Remounting filesystem read-only [ 177.103269][ T6839] NILFS (loop0): mounting fs with errors [ 177.171035][ T5986] BTRFS info (device loop6): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 177.248759][ T6856] loop1: detected capacity change from 0 to 1024 [ 177.275008][ T6818] loop5: detected capacity change from 0 to 32768 [ 177.292358][ T6818] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop5 scanned by syz.5.840 (6818) [ 177.317274][ T6818] BTRFS info (device loop5): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 177.338994][ T6818] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm [ 177.357727][ T6856] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 177.366435][ T6818] BTRFS info (device loop5): using free space tree [ 177.509866][ T4266] EXT4-fs (loop1): unmounting filesystem. [ 177.594469][ T6310] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 177.691512][ T6818] BTRFS info (device loop5): enabling ssd optimizations [ 177.761466][ T26] audit: type=1800 audit(1752495937.552:27): pid=6818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.840" name="file2" dev="loop5" ino=261 res=0 errno=0 [ 177.805971][ T6310] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 177.818324][ T6818] BTRFS info (device loop5): setting compat-ro feature flag for VERITY (0x4) [ 177.833633][ T6310] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 177.863024][ T6310] usb 5-1: New USB device found, idVendor=28bd, idProduct=0075, bcdDevice= 0.00 [ 177.882525][ T6310] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 177.919447][ T6310] usb 5-1: config 0 descriptor?? [ 177.991642][ T5196] BTRFS info (device loop5): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 178.354976][ T6310] uclogic 0003:28BD:0075.0007: interface is invalid, ignoring [ 178.583371][ T6310] usb 5-1: USB disconnect, device number 8 [ 178.599467][ T6907] loop1: detected capacity change from 0 to 512 [ 178.622521][ T6907] EXT4-fs: Ignoring removed nobh option [ 178.639438][ T6907] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 178.667705][ T6907] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 178.692973][ T6907] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.863: iget: bad i_size value: 38620345925642 [ 178.712116][ T6907] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.863: couldn't read orphan inode 15 (err -117) [ 178.734330][ T6907] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 178.872132][ T6912] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz.1.863: bg 0: block 5: invalid block bitmap [ 178.918927][ T6912] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 124 with error 28 [ 178.954280][ T6912] EXT4-fs (loop1): This should not happen!! Data will be lost [ 178.954280][ T6912] [ 178.964005][ T6912] EXT4-fs (loop1): Total free blocks count 0 [ 179.014430][ T6912] EXT4-fs (loop1): Free/Dirty block details [ 179.020410][ T6912] EXT4-fs (loop1): free_blocks=0 [ 179.048490][ T6912] EXT4-fs (loop1): dirty_blocks=128 [ 179.053787][ T6912] EXT4-fs (loop1): Block reservation details [ 179.066108][ T6906] loop5: detected capacity change from 0 to 32768 [ 179.076327][ T6912] EXT4-fs (loop1): i_reserved_data_blocks=128 [ 179.094387][ T6906] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 scanned by syz.5.862 (6906) [ 179.150273][ T6906] BTRFS info (device loop5): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 179.164528][ T6906] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm [ 179.196057][ T6906] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 179.213862][ T6906] BTRFS info (device loop5): use zstd compression, level 3 [ 179.214746][ T11] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 124 with max blocks 4 with error 28 [ 179.240350][ T6906] BTRFS info (device loop5): using free space tree [ 179.500304][ T6906] BTRFS info (device loop5): enabling ssd optimizations [ 179.668013][ T6930] loop4: detected capacity change from 0 to 32768 [ 179.691747][ T6930] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 scanned by syz.4.870 (6930) [ 179.720873][ T6930] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 179.734651][ T6930] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 179.750543][ T6930] BTRFS info (device loop4): using free space tree [ 179.821838][ T5196] BTRFS info (device loop5): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 180.013294][ T6930] BTRFS info (device loop4): enabling ssd optimizations [ 180.024865][ T6972] loop0: detected capacity change from 0 to 512 [ 180.203815][ T6972] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 180.246231][ T6944] loop6: detected capacity change from 0 to 32768 [ 180.256693][ T26] audit: type=1800 audit(1752495940.052:28): pid=6930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.870" name="file2" dev="loop4" ino=261 res=0 errno=0 [ 180.277426][ T6972] ext4 filesystem being mounted at /186/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 180.306730][ T6930] BTRFS info (device loop4): setting compat-ro feature flag for VERITY (0x4) [ 180.366544][ T6944] XFS (loop6): Mounting V5 Filesystem [ 180.427775][ T4264] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 180.451752][ T6992] loop1: detected capacity change from 0 to 1024 [ 180.508881][ T6944] XFS (loop6): Ending clean mount [ 180.521852][ T4267] EXT4-fs (loop0): unmounting filesystem. [ 180.563737][ T6992] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 180.752172][ T5986] XFS (loop6): Unmounting Filesystem [ 180.764442][ T75] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 180.824458][ T75] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 53 with error 28 [ 180.869556][ T75] EXT4-fs (loop1): This should not happen!! Data will be lost [ 180.869556][ T75] [ 180.890055][ T75] EXT4-fs (loop1): Total free blocks count 0 [ 180.899086][ T75] EXT4-fs (loop1): Free/Dirty block details [ 180.917392][ T75] EXT4-fs (loop1): free_blocks=68451041280 [ 180.936031][ T75] EXT4-fs (loop1): dirty_blocks=64 [ 180.941205][ T75] EXT4-fs (loop1): Block reservation details [ 180.977640][ T75] EXT4-fs (loop1): i_reserved_data_blocks=4 [ 180.988482][ T4266] EXT4-fs (loop1): unmounting filesystem. [ 181.196448][ T7011] loop5: detected capacity change from 0 to 64 [ 181.306988][ T7011] MTD: Couldn't look up './file0': -15 [ 181.736450][ T7009] loop4: detected capacity change from 0 to 32768 [ 181.763596][ T7009] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 scanned by syz.4.887 (7009) [ 181.776804][ T7024] input: syz0 as /devices/virtual/input/input15 [ 181.809795][ T7009] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 181.830498][ T7009] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 181.864429][ T7009] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 181.890324][ T7009] BTRFS info (device loop4): use zstd compression, level 3 [ 181.918328][ T7009] BTRFS info (device loop4): using free space tree [ 181.968294][ T7004] loop1: detected capacity change from 0 to 32768 [ 182.007562][ T7004] XFS (loop1): Mounting V5 Filesystem [ 182.119145][ T7004] XFS (loop1): Ending clean mount [ 182.211785][ T7009] BTRFS info (device loop4): enabling ssd optimizations [ 182.367183][ T4266] XFS (loop1): Unmounting Filesystem [ 182.609711][ T4264] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 182.666663][ T7072] block nbd5: shutting down sockets [ 183.334651][ T7070] loop6: detected capacity change from 0 to 32768 [ 183.420658][ T7066] loop0: detected capacity change from 0 to 40427 [ 183.442554][ T7066] F2FS-fs (loop0): invalid crc value [ 183.477664][ T7070] XFS (loop6): Mounting V5 Filesystem [ 183.504727][ T7066] F2FS-fs (loop0): Found nat_bits in checkpoint [ 183.631461][ T7070] XFS (loop6): Ending clean mount [ 183.654386][ T7070] XFS (loop6): Quotacheck needed: Please wait. [ 183.696389][ T7066] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 183.761519][ T7070] XFS (loop6): Quotacheck: Done. [ 183.812299][ T4267] syz-executor: attempt to access beyond end of device [ 183.812299][ T4267] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 183.971694][ T5986] XFS (loop6): Unmounting Filesystem [ 184.056579][ T7103] loop5: detected capacity change from 0 to 4096 [ 184.165359][ T7108] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 184.207984][ T26] audit: type=1800 audit(1752495944.002:29): pid=7103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.912" name="file2" dev="loop5" ino=16 res=0 errno=0 [ 184.228556][ T7103] NILFS error (device loop5): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 184.247977][ T7103] Remounting filesystem read-only [ 184.379886][ T5196] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer [ 184.795598][ T7105] loop4: detected capacity change from 0 to 32768 [ 185.008338][ T7126] loop5: detected capacity change from 0 to 256 [ 185.502174][ T7118] loop1: detected capacity change from 0 to 32768 [ 185.543212][ T7122] loop0: detected capacity change from 0 to 32768 [ 185.579229][ T7122] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop0 scanned by syz.0.918 (7122) [ 185.634310][ T7122] BTRFS info (device loop0): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 185.650327][ T7120] loop6: detected capacity change from 0 to 40427 [ 185.664365][ T7122] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 185.684307][ T7122] BTRFS info (device loop0): using free space tree [ 185.694321][ T7120] F2FS-fs (loop6): Invalid segment/section count (31, 24 x 1) [ 185.701979][ T7120] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock [ 185.740165][ T7120] F2FS-fs (loop6): invalid crc value [ 185.746035][ T7120] F2FS-fs (loop6): Ignore s_resuid=0, s_resgid=60928 w/o reserve_root [ 185.792500][ T7120] F2FS-fs (loop6): Found nat_bits in checkpoint [ 185.878222][ T7120] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0 [ 185.890444][ T7120] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 185.934374][ T7122] BTRFS info (device loop0): enabling ssd optimizations [ 185.998092][ T26] audit: type=1800 audit(1752495945.792:30): pid=7122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.918" name="file2" dev="loop0" ino=261 res=0 errno=0 [ 186.034050][ T7122] BTRFS info (device loop0): setting compat-ro feature flag for VERITY (0x4) [ 186.052755][ T7120] F2FS-fs (loop6): sanity_check_inode: corrupted inode i_blocks i_ino=b iblocks=0, run fsck to fix. [ 186.110553][ T7134] loop5: detected capacity change from 0 to 32768 [ 186.144068][ T7130] loop4: detected capacity change from 0 to 40427 [ 186.156717][ T5986] syz-executor: attempt to access beyond end of device [ 186.156717][ T5986] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 186.161526][ T7130] F2FS-fs (loop4): invalid crc value [ 186.182712][ T7130] F2FS-fs (loop4): Found nat_bits in checkpoint [ 186.191741][ T7134] XFS (loop5): Mounting V5 Filesystem [ 186.215235][ T4267] BTRFS info (device loop0): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 186.314736][ T7130] F2FS-fs (loop4): Start checkpoint disabled! [ 186.384968][ T7130] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 186.608432][ T7134] XFS (loop5): Ending clean mount [ 186.616021][ T7134] XFS (loop5): Quotacheck needed: Please wait. [ 186.692969][ T7134] XFS (loop5): Quotacheck: Done. [ 186.725081][ T4356] kworker/u4:7: attempt to access beyond end of device [ 186.725081][ T4356] loop4: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 186.855115][ T5196] XFS (loop5): Unmounting Filesystem [ 186.937646][ T7175] loop0: detected capacity change from 0 to 64 [ 186.962925][ T7175] hfs: unable to locate alternate MDB [ 186.981812][ T7175] hfs: continuing without an alternate MDB [ 187.331926][ T7184] loop6: detected capacity change from 0 to 64 [ 187.573334][ T7197] loop5: detected capacity change from 0 to 512 [ 187.669293][ T7197] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 187.694850][ T7197] ext4 filesystem being mounted at /122/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 187.740989][ T7195] loop0: detected capacity change from 0 to 4096 [ 187.759365][ T26] audit: type=1800 audit(1752495947.552:31): pid=7197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.940" name="file1" dev="loop5" ino=15 res=0 errno=0 [ 187.798421][ T26] audit: type=1800 audit(1752495947.572:32): pid=7208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.940" name="file2" dev="loop5" ino=16 res=0 errno=0 [ 187.852010][ T7210] device netdevsim0 entered promiscuous mode [ 187.858335][ T7210] device macvtap1 entered promiscuous mode [ 187.880267][ T7210] team0: Device macvtap1 is up. Set it down before adding it as a team port [ 187.902865][ T7210] device netdevsim0 left promiscuous mode [ 187.925361][ T5196] EXT4-fs (loop5): unmounting filesystem. [ 188.014430][ T4893] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 188.053570][ T4267] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22. [ 188.065994][ T4267] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 188.189790][ T7218] netlink: 8 bytes leftover after parsing attributes in process `syz.0.950'. [ 188.209312][ T4893] usb 5-1: Using ep0 maxpacket: 16 [ 188.220896][ T4893] usb 5-1: config 0 has an invalid interface number: 251 but max is 0 [ 188.440601][ T7229] loop6: detected capacity change from 0 to 256 [ 188.537174][ T7224] loop5: detected capacity change from 0 to 40427 [ 188.545509][ T4893] usb 5-1: config 0 has no interface number 0 [ 188.551657][ T7224] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 188.559483][ T7224] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 188.569043][ T4893] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 188.580373][ T4893] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 2 [ 188.592089][ T7224] F2FS-fs (loop5): invalid crc_offset: 33558524 [ 188.619459][ T7224] F2FS-fs (loop5): Found nat_bits in checkpoint [ 188.655583][ T4893] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 188.665640][ T4893] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 188.673732][ T4893] usb 5-1: Product: syz [ 188.678134][ T4893] usb 5-1: Manufacturer: syz [ 188.683341][ T7224] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 188.690472][ T7224] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 188.707000][ T4893] usb 5-1: SerialNumber: syz [ 188.756658][ T4893] usb 5-1: config 0 descriptor?? [ 188.762973][ T7207] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 188.787916][ T7207] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 189.055257][ T7207] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 189.083617][ T7207] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 189.269523][ T4655] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 189.408541][ T7255] loop5: detected capacity change from 0 to 4096 [ 189.422285][ T7255] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 189.475776][ T4655] usb 1-1: Using ep0 maxpacket: 16 [ 189.489846][ T4655] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 189.521516][ T4655] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 189.527954][ T4893] asix 5-1:0.251 (unnamed net_device) (uninitialized): Interface mode not supported by driver [ 189.548760][ T4655] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 189.560408][ T4893] asix: probe of 5-1:0.251 failed with error -524 [ 189.575826][ T4655] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 189.604508][ T4655] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.611604][ T26] audit: type=1326 audit(1752495949.402:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf7fb8e929 code=0x7ffc0000 [ 189.629562][ T4655] usb 1-1: config 0 descriptor?? [ 189.709715][ T26] audit: type=1326 audit(1752495949.422:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf7fb8e929 code=0x7ffc0000 [ 189.738003][ T4893] usb 5-1: USB disconnect, device number 9 [ 189.804427][ T26] audit: type=1326 audit(1752495949.432:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fdf7fb8e929 code=0x7ffc0000 [ 189.878000][ T26] audit: type=1326 audit(1752495949.432:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf7fb8e929 code=0x7ffc0000 [ 189.961579][ T26] audit: type=1326 audit(1752495949.442:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fdf7fb8e929 code=0x7ffc0000 [ 190.004633][ T7269] loop5: detected capacity change from 0 to 4096 [ 190.018132][ T7269] ntfs: (device loop5): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 190.035837][ T26] audit: type=1326 audit(1752495949.452:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf7fb2ab19 code=0x7ffc0000 [ 190.086974][ T4655] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0008/input/input16 [ 190.193504][ T4655] microsoft 0003:045E:07DA.0008: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 190.233179][ T7269] ntfs: volume version 3.1. [ 190.282783][ T4655] usb 1-1: USB disconnect, device number 8 [ 191.019191][ T26] kauditd_printk_skb: 473 callbacks suppressed [ 191.019206][ T26] audit: type=1326 audit(1752495950.812:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf7fb2ab19 code=0x7ffc0000 [ 191.196364][ T26] audit: type=1326 audit(1752495950.842:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf7fb2ab19 code=0x7ffc0000 [ 191.354429][ T26] audit: type=1326 audit(1752495950.842:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf7fb2ab19 code=0x7ffc0000 [ 191.512727][ T26] audit: type=1326 audit(1752495950.842:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf7fb2ab19 code=0x7ffc0000 [ 191.668878][ T26] audit: type=1326 audit(1752495950.842:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf7fb2ab19 code=0x7ffc0000 [ 191.807583][ T26] audit: type=1326 audit(1752495950.842:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf7fb2ab19 code=0x7ffc0000 [ 191.954325][ T26] audit: type=1326 audit(1752495950.842:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf7fb2ab19 code=0x7ffc0000 [ 192.013278][ T7274] loop4: detected capacity change from 0 to 32768 [ 192.070699][ T7274] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.972 (7274) [ 192.084135][ T26] audit: type=1326 audit(1752495950.842:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf7fb2ab19 code=0x7ffc0000 [ 192.098201][ T7272] loop6: detected capacity change from 0 to 262144 [ 192.128132][ T7272] F2FS-fs (loop6): invalid crc value [ 192.136601][ T26] audit: type=1326 audit(1752495950.842:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf7fb2ab19 code=0x7ffc0000 [ 192.161153][ T26] audit: type=1326 audit(1752495950.842:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.1.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdf7fb2ab19 code=0x7ffc0000 [ 192.183998][ T7274] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 192.194754][ T7274] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 192.203443][ T7274] BTRFS info (device loop4): force clearing of disk cache [ 192.214664][ T7272] F2FS-fs (loop6): Found nat_bits in checkpoint [ 192.254488][ T7272] F2FS-fs (loop6): Start checkpoint disabled! [ 192.269236][ T7272] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 192.289854][ T7274] BTRFS info (device loop4): metadata ratio 0 [ 192.304601][ T7274] BTRFS info (device loop4): enabling ssd optimizations [ 192.352142][ T7274] BTRFS info (device loop4): using spread ssd allocation scheme [ 192.399004][ T7274] BTRFS info (device loop4): using free space tree [ 192.441758][ T7290] loop0: detected capacity change from 0 to 1024 [ 192.546374][ T7290] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 192.603123][ T7290] EXT4-fs (loop0): re-mounted. Quota mode: writeback. [ 192.689056][ T4267] EXT4-fs (loop0): unmounting filesystem. [ 192.750124][ T7274] BTRFS info (device loop4): rebuilding free space tree [ 193.042768][ T7328] loop0: detected capacity change from 0 to 512 [ 193.137956][ T7333] loop1: detected capacity change from 0 to 64 [ 193.151476][ T7328] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 193.181612][ T7328] ext4 filesystem being mounted at /212/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 193.244268][ T7333] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing [ 193.411532][ T4267] EXT4-fs (loop0): unmounting filesystem. [ 193.530258][ T4264] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 193.544130][ T4350] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared) [ 193.971812][ T7320] loop5: detected capacity change from 0 to 32768 [ 194.061359][ T7320] XFS (loop5): Mounting V5 Filesystem [ 194.150735][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.157148][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.165014][ T7320] XFS (loop5): Ending clean mount [ 194.340795][ T5196] XFS (loop5): Unmounting Filesystem [ 195.028967][ T7362] loop4: detected capacity change from 0 to 32768 [ 195.110278][ T7362] XFS (loop4): Mounting V5 Filesystem [ 195.179506][ T7374] xt_CT: No such helper "snmp" [ 195.246135][ T7362] XFS (loop4): Ending clean mount [ 195.262945][ T7362] XFS (loop4): Quotacheck needed: Please wait. [ 195.360646][ T7362] XFS (loop4): Quotacheck: Done. [ 195.371396][ T7364] loop1: detected capacity change from 0 to 40427 [ 195.396014][ T7364] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x3ffff [ 195.411047][ T7364] F2FS-fs (loop1): invalid crc value [ 195.419276][ T7364] F2FS-fs (loop1): Found nat_bits in checkpoint [ 195.484576][ T7364] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 195.533362][ T4264] XFS (loop4): Unmounting Filesystem [ 195.732164][ T4266] syz-executor: attempt to access beyond end of device [ 195.732164][ T4266] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 196.181988][ T7419] loop4: detected capacity change from 0 to 64 [ 196.224621][ T4268] Bluetooth: hci1: command 0x0406 tx timeout [ 196.230755][ T4268] Bluetooth: hci3: command 0x0406 tx timeout [ 196.238618][ T4283] Bluetooth: hci0: command 0x0406 tx timeout [ 196.278198][ T7421] loop5: detected capacity change from 0 to 4096 [ 196.348082][ T7426] misc userio: The device must be registered before sending interrupts [ 196.353157][ T7424] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 196.461284][ T7430] loop6: detected capacity change from 0 to 16 [ 196.506966][ T7430] erofs: (device loop6): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832 [ 196.541109][ T7429] loop1: detected capacity change from 0 to 4096 [ 196.554091][ T7432] loop0: detected capacity change from 0 to 512 [ 196.561997][ T7429] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 196.633124][ T7432] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 196.645180][ T7432] ext4 filesystem being mounted at /223/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 196.708205][ T7441] syzkaller1: tun_chr_ioctl cmd 2147767506 [ 196.753654][ T7442] EXT4-fs error (device loop0): ext4_get_first_dir_block:3591: inode #12: block 32: comm syz.0.1022: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0 [ 196.791461][ T7442] EXT4-fs error (device loop0): ext4_get_first_dir_block:3594: inode #12: comm syz.0.1022: directory missing '.' [ 196.882917][ T4267] EXT4-fs (loop0): unmounting filesystem. [ 196.890382][ T4655] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 196.962713][ T7444] loop5: detected capacity change from 0 to 4096 [ 196.973606][ T7444] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 197.054793][ T7453] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1030'. [ 197.094343][ T4655] usb 7-1: Using ep0 maxpacket: 8 [ 197.102775][ T4655] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 197.124454][ T4655] usb 7-1: config 179 has no interface number 0 [ 197.130791][ T4655] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 197.163657][ T4655] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 197.184372][ T4655] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 197.202333][ T4655] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 197.218595][ T4655] usb 7-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 197.249642][ T4655] usb 7-1: config 179 interface 65 has no altsetting 0 [ 197.257766][ T4655] usb 7-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 197.282428][ T4655] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.319610][ T4655] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:179.65/input/input17 [ 197.516151][ T4346] usb 7-1: USB disconnect, device number 2 [ 197.522154][ C0] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 197.543334][ T4346] xpad 7-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 197.565527][ T4653] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 197.676884][ T7476] loop4: detected capacity change from 0 to 2048 [ 197.685084][ T7476] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 197.694904][ T7476] NILFS (loop4): mounting unchecked fs [ 197.713538][ T7476] NILFS (loop4): recovery complete [ 197.719861][ T7477] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 197.743956][ T26] kauditd_printk_skb: 562 callbacks suppressed [ 197.743969][ T26] audit: type=1800 audit(1752495957.532:1077): pid=7476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1040" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 197.773123][ T4653] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.784451][ T4653] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.794394][ T4653] usb 2-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00 [ 197.803477][ T4653] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.814432][ T4324] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 197.816437][ T4653] usb 2-1: config 0 descriptor?? [ 198.014540][ T4324] usb 6-1: Using ep0 maxpacket: 32 [ 198.021732][ T4324] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 198.038955][ T4324] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.050918][ T4324] usb 6-1: config 0 descriptor?? [ 198.262789][ T4324] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 198.281008][ T4324] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 198.295424][ T4324] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 198.304131][ T4324] usb 6-1: media controller created [ 198.352657][ T4324] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 198.422166][ T7492] loop0: detected capacity change from 0 to 64 [ 198.476262][ T4324] az6027: usb out operation failed. (-71) [ 198.485463][ T4324] az6027: usb out operation failed. (-71) [ 198.491238][ T4324] stb0899_attach: Driver disabled by Kconfig [ 198.534363][ T4324] az6027: no front-end attached [ 198.534363][ T4324] [ 198.553549][ T4324] az6027: usb out operation failed. (-71) [ 198.569814][ T4324] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 198.585981][ T4324] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input18 [ 198.631808][ T4324] dvb-usb: schedule remote query interval to 400 msecs. [ 198.639698][ T4653] hid-led: probe of 0003:0FC5:B080.0009 failed with error -71 [ 198.639879][ T4324] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 198.653715][ T4653] usb 2-1: USB disconnect, device number 9 [ 198.682595][ T4324] usb 6-1: USB disconnect, device number 4 [ 198.733853][ T4324] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 198.913469][ T7508] loop0: detected capacity change from 0 to 512 [ 198.928006][ T7508] EXT4-fs: inline encryption not supported [ 198.941082][ T7508] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 198.961706][ T7508] EXT4-fs (loop0): 1 truncate cleaned up [ 198.969604][ T7508] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 199.077994][ T4267] EXT4-fs (loop0): unmounting filesystem. [ 199.227207][ T7519] sch_fq: defrate 2048 ignored. [ 199.449186][ T7506] loop6: detected capacity change from 0 to 32768 [ 199.463000][ T7506] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop6 scanned by syz.6.1052 (7506) [ 199.579382][ T7522] loop4: detected capacity change from 0 to 40427 [ 199.587261][ T7522] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 199.595254][ T7522] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 199.612531][ T7522] F2FS-fs (loop4): invalid crc_offset: 33558524 [ 199.613507][ T7506] BTRFS info (device loop6): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 199.652984][ T7506] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm [ 199.675810][ T7522] F2FS-fs (loop4): Found nat_bits in checkpoint [ 199.704484][ T7506] BTRFS info (device loop6): use zlib compression, level 3 [ 199.714842][ T7506] BTRFS info (device loop6): using free space tree [ 199.729554][ T7522] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 199.736854][ T7522] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 199.794149][ T7538] loop5: detected capacity change from 0 to 512 [ 199.925620][ T7538] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: comm syz.5.1064: inode #1: comm syz.5.1064: iget: illegal inode # [ 199.974287][ T7538] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.1064: error while reading EA inode 1 err=-117 [ 200.007166][ T7538] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: comm syz.5.1064: inode #1: comm syz.5.1064: iget: illegal inode # [ 200.036812][ T7538] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.1064: error while reading EA inode 1 err=-117 [ 200.047871][ T7506] BTRFS info (device loop6): enabling ssd optimizations [ 200.065263][ T7538] EXT4-fs (loop5): 1 orphan inode deleted [ 200.074366][ T7538] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 200.211051][ T5196] EXT4-fs (loop5): unmounting filesystem. [ 200.277349][ T5986] BTRFS info (device loop6): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 200.831949][ T7570] loop4: detected capacity change from 0 to 1024 [ 200.875284][ T7570] EXT4-fs: Ignoring removed oldalloc option [ 200.919606][ T7570] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 200.990688][ T7570] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 201.091259][ T26] audit: type=1326 audit(1752495960.882:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7574 comm="syz.5.1073" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f013798e929 code=0x0 [ 201.171326][ T4264] EXT4-fs (loop4): unmounting filesystem. [ 201.514509][ T4324] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 201.696088][ T7594] loop0: detected capacity change from 0 to 32768 [ 201.697729][ T4255] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 201.710611][ T4324] usb 7-1: Using ep0 maxpacket: 8 [ 201.719039][ T7594] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.1081 (7594) [ 201.720334][ T4324] usb 7-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 201.748645][ T7594] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 201.759114][ T7594] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 201.764919][ T4324] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.773963][ T7594] BTRFS info (device loop0): force clearing of disk cache [ 201.783197][ T7594] BTRFS info (device loop0): force zlib compression, level 3 [ 201.788343][ T4324] usb 7-1: Product: syz [ 201.794966][ T4324] usb 7-1: Manufacturer: syz [ 201.799801][ T4324] usb 7-1: SerialNumber: syz [ 201.802991][ T7594] BTRFS info (device loop0): enabling auto defrag [ 201.812026][ T4324] usb 7-1: config 0 descriptor?? [ 201.813376][ T7594] BTRFS info (device loop0): max_inline at 0 [ 201.819058][ T7598] loop4: detected capacity change from 0 to 512 [ 201.823343][ T7594] BTRFS info (device loop0): using free space tree [ 201.864602][ T7598] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 201.884498][ T7594] BTRFS info (device loop0): enabling ssd optimizations [ 201.902310][ T7594] BTRFS info (device loop0): rebuilding free space tree [ 201.921339][ T7598] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 201.931154][ T7598] ext4 filesystem being mounted at /230/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 201.946285][ T4255] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 201.956728][ T4255] usb 2-1: config 0 has no interfaces? [ 201.962307][ T4255] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 201.971640][ T4255] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.982815][ T4255] usb 2-1: config 0 descriptor?? [ 202.050343][ T4324] usb 7-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 202.091577][ T4264] EXT4-fs (loop4): unmounting filesystem. [ 202.111559][ T4267] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 202.212120][ T4255] usb 2-1: USB disconnect, device number 10 [ 202.662743][ T4324] dvb_usb_rtl28xxu: probe of 7-1:0.0 failed with error -71 [ 202.682101][ T4324] usb 7-1: USB disconnect, device number 3 [ 202.954959][ T7636] device bond0 entered promiscuous mode [ 202.960601][ T7636] device bond_slave_0 entered promiscuous mode [ 202.960857][ T7623] loop4: detected capacity change from 0 to 32768 [ 202.984535][ T7636] device bond_slave_1 entered promiscuous mode [ 202.986548][ T7623] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.1085 (7623) [ 203.009297][ T7636] device batadv0 entered promiscuous mode [ 203.026101][ T7623] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 203.043670][ T7636] device bond0 left promiscuous mode [ 203.047299][ T7623] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 203.065772][ T7636] device bond_slave_0 left promiscuous mode [ 203.068068][ T7623] BTRFS info (device loop4): force clearing of disk cache [ 203.082230][ T7636] device bond_slave_1 left promiscuous mode [ 203.095169][ T7623] BTRFS info (device loop4): enabling auto defrag [ 203.104419][ T7623] BTRFS info (device loop4): max_inline at 0 [ 203.110712][ T7636] device batadv0 left promiscuous mode [ 203.122137][ T7623] BTRFS info (device loop4): setting nodatacow, compression disabled [ 203.130513][ T7623] BTRFS info (device loop4): using free space tree [ 203.307326][ T7632] loop1: detected capacity change from 0 to 32768 [ 203.354110][ T7623] BTRFS info (device loop4): enabling ssd optimizations [ 203.392565][ T7623] BTRFS info (device loop4): rebuilding free space tree [ 203.615009][ T7664] loop6: detected capacity change from 0 to 2048 [ 203.640757][ T46] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared) [ 203.645326][ T7664] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024) [ 203.662527][ T7664] NILFS (loop6): mounting unchecked fs [ 203.696957][ T7666] device batadv0 entered promiscuous mode [ 203.715546][ T7666] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 203.776126][ T7664] NILFS (loop6): recovery complete [ 203.797393][ T7669] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 203.820469][ T4264] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 203.863056][ T26] audit: type=1800 audit(1752495963.652:1079): pid=7664 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1098" name="file1" dev="loop6" ino=15 res=0 errno=0 [ 203.879340][ T7673] loop5: detected capacity change from 0 to 512 [ 203.907809][ T7673] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 204.084502][ T7673] EXT4-fs (loop5): 1 truncate cleaned up [ 204.114947][ T7673] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 204.210413][ T7673] EXT4-fs (loop5): shut down requested (2) [ 204.339859][ T5196] EXT4-fs (loop5): unmounting filesystem. [ 204.511794][ T7684] loop6: detected capacity change from 0 to 4096 [ 204.568300][ T7684] ntfs3: loop6: Different NTFS' sector size (1024) and media sector size (512) [ 204.881922][ T7680] loop0: detected capacity change from 0 to 32768 [ 204.905917][ T7680] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1105 (7680) [ 204.940816][ T7680] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 204.974366][ T7680] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 205.012219][ T7680] BTRFS info (device loop0): setting nodatacow, compression disabled [ 205.029295][ T7680] BTRFS info (device loop0): max_inline at 0 [ 205.038057][ T7680] BTRFS info (device loop0): turning off barriers [ 205.048796][ T7680] BTRFS info (device loop0): turning on flush-on-commit [ 205.056917][ T7680] BTRFS info (device loop0): doing ref verification [ 205.063713][ T7680] BTRFS info (device loop0): force clearing of disk cache [ 205.081597][ T7680] BTRFS info (device loop0): enabling ssd optimizations [ 205.093105][ T7680] BTRFS info (device loop0): max_inline at 4096 [ 205.101634][ T7680] BTRFS info (device loop0): using free space tree [ 205.310948][ T7680] BTRFS info (device loop0): rebuilding free space tree [ 205.580477][ T4267] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 206.004375][ T127] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 206.204529][ T127] usb 2-1: Using ep0 maxpacket: 32 [ 206.215701][ T127] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 206.228285][ T7728] loop5: detected capacity change from 0 to 32768 [ 206.234882][ T127] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 206.247767][ T127] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 206.257152][ T7728] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.1115 (7728) [ 206.269559][ T127] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.283592][ T127] usb 2-1: config 0 descriptor?? [ 206.293452][ T7728] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 206.304916][ T127] hub 2-1:0.0: USB hub found [ 206.311014][ T7728] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 206.319993][ T7728] BTRFS info (device loop5): force clearing of disk cache [ 206.327293][ T7728] BTRFS info (device loop5): metadata ratio 0 [ 206.339712][ T4901] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 206.344808][ T7728] BTRFS info (device loop5): enabling ssd optimizations [ 206.354959][ T7728] BTRFS info (device loop5): using spread ssd allocation scheme [ 206.362949][ T7728] BTRFS info (device loop5): using free space tree [ 206.435476][ T7728] BTRFS info (device loop5): rebuilding free space tree [ 206.454338][ T5201] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 206.500168][ T127] hub 2-1:0.0: config failed, can't read hub descriptor (err -90) [ 206.525048][ T4901] usb 5-1: Using ep0 maxpacket: 8 [ 206.542516][ T4901] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 206.559036][ T4901] usb 5-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 206.572444][ T4901] usb 5-1: config 0 interface 0 has no altsetting 0 [ 206.579524][ T4901] usb 5-1: New USB device found, idVendor=056a, idProduct=00e5, bcdDevice= 0.00 [ 206.594431][ T4901] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.604874][ T4901] usb 5-1: config 0 descriptor?? [ 206.639290][ T7770] I/O error, dev loop6, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 206.651895][ T7770] isofs_fill_super: bread failed, dev=loop6, iso_blknum=16, block=32 [ 206.664414][ T5201] usb 1-1: Using ep0 maxpacket: 16 [ 206.675176][ T5201] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 206.700151][ T7771] loop6: detected capacity change from 0 to 8 [ 206.710505][ T5201] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 206.737061][ T5201] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 206.739073][ T28] BTRFS info (device loop5): qgroup scan completed (inconsistency flag cleared) [ 206.751345][ T5201] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 206.759546][ T5196] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 206.777242][ T7771] Filesystem uses "unknown" compression. This is not supported [ 206.788258][ T5201] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 206.844499][ T5201] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 206.853995][ T5201] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 206.862524][ T5201] usb 1-1: Manufacturer: syz [ 206.869429][ T5201] usb 1-1: config 0 descriptor?? [ 206.931471][ T127] hid-generic 0003:046D:C31C.000A: item fetching failed at offset 0/1 [ 206.941006][ T127] hid-generic: probe of 0003:046D:C31C.000A failed with error -22 [ 207.092205][ T4901] wacom 0003:056A:00E5.000B: hidraw0: USB HID v0.82 Device [HID 056a:00e5] on usb-dummy_hcd.4-1/input0 [ 207.234527][ T5201] rc_core: IR keymap rc-hauppauge not found [ 207.240511][ T5201] Registered IR keymap rc-empty [ 207.252233][ T5201] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 207.273217][ T41] usb 2-1: USB disconnect, device number 11 [ 207.284426][ T5201] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 207.288821][ T4901] usb 5-1: USB disconnect, device number 10 [ 207.330904][ T5201] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 207.356204][ T5201] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input24 [ 207.394434][ T5201] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 207.424461][ T5201] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 207.454401][ T5201] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 207.484465][ T5201] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 207.514529][ T5201] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 207.554390][ T5201] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 207.585638][ T5201] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 207.624483][ T5201] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 207.654397][ T5201] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 207.684523][ T5201] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 207.729837][ T5201] mceusb 1-1:0.0: Registered  with mce emulator interface version 1 [ 207.743487][ T5201] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 207.758838][ T5201] usb 1-1: USB disconnect, device number 9 [ 207.995398][ T4901] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 208.207350][ T4901] usb 7-1: Using ep0 maxpacket: 32 [ 208.216922][ T4901] usb 7-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 208.254344][ T4901] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 208.280629][ T4901] usb 7-1: Product: syz [ 208.290128][ T4901] usb 7-1: Manufacturer: syz [ 208.304492][ T4901] usb 7-1: SerialNumber: syz [ 208.315990][ T4901] usb 7-1: config 0 descriptor?? [ 208.345461][ T4901] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 208.717645][ T7800] loop1: detected capacity change from 0 to 32768 [ 208.951545][ T4901] gspca_stk1135: reg_w 0x3 err -71 [ 208.965378][ T4901] gspca_stk1135: serial bus timeout: status=0x00 [ 208.986754][ T4901] gspca_stk1135: Sensor write failed [ 208.992144][ T4901] gspca_stk1135: serial bus timeout: status=0x00 [ 209.019494][ T4901] gspca_stk1135: Sensor write failed [ 209.029697][ T4901] gspca_stk1135: serial bus timeout: status=0x00 [ 209.045417][ T4901] gspca_stk1135: Sensor read failed [ 209.055524][ T4901] gspca_stk1135: serial bus timeout: status=0x00 [ 209.076508][ T4901] gspca_stk1135: Sensor read failed [ 209.081781][ T4901] gspca_stk1135: Detected sensor type unknown (0x0) [ 209.091275][ T4901] gspca_stk1135: serial bus timeout: status=0x00 [ 209.097736][ T4901] gspca_stk1135: Sensor read failed [ 209.113395][ T4901] gspca_stk1135: serial bus timeout: status=0x00 [ 209.119880][ T4901] gspca_stk1135: Sensor read failed [ 209.133625][ T4901] gspca_stk1135: serial bus timeout: status=0x00 [ 209.140414][ T4901] gspca_stk1135: Sensor write failed [ 209.158717][ T7818] loop0: detected capacity change from 0 to 32768 [ 209.160642][ T4901] gspca_stk1135: serial bus timeout: status=0x00 [ 209.176205][ T7818] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.1150 (7818) [ 209.182252][ T4901] gspca_stk1135: Sensor write failed [ 209.204445][ T4901] stk1135: probe of 7-1:0.0 failed with error -71 [ 209.222979][ T4901] usb 7-1: USB disconnect, device number 4 [ 209.242690][ T7818] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 209.269707][ T7818] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 209.294413][ T7818] BTRFS info (device loop0): using free space tree [ 209.514382][ T7818] BTRFS info (device loop0): enabling ssd optimizations [ 209.772361][ T7832] loop4: detected capacity change from 0 to 32768 [ 209.786509][ T7830] loop5: detected capacity change from 0 to 32768 [ 209.825013][ T7832] BTRFS warning: duplicate device /dev/loop4 devid 1 generation 8 scanned by syz.4.1156 (7832) [ 209.872927][ T4356] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared) [ 209.888544][ T4267] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 209.913579][ T7830] XFS (loop5): Mounting V5 Filesystem [ 209.978785][ T41] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 210.140969][ T7830] XFS (loop5): Ending clean mount [ 210.192493][ T41] usb 7-1: Using ep0 maxpacket: 8 [ 210.237535][ T41] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 210.248920][ T41] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 210.270894][ T41] usb 7-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 210.290285][ T41] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 210.312121][ T41] usb 7-1: config 0 descriptor?? [ 210.329569][ T5196] XFS (loop5): Unmounting Filesystem [ 210.694318][ T4898] usb 1-1: new full-speed USB device number 10 using dummy_hcd [ 210.735037][ T41] hid-multitouch 0003:0EEF:72C4.000C: hidraw0: USB HID v0.03 Device [HID 0eef:72c4] on usb-dummy_hcd.6-1/input0 [ 210.779558][ T7883] loop1: detected capacity change from 0 to 2048 [ 210.799660][ T7883] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 210.891706][ T7890] loop5: detected capacity change from 0 to 512 [ 210.906068][ T4898] usb 1-1: config 0 has an invalid interface number: 93 but max is 0 [ 210.927623][ T4898] usb 1-1: config 0 has no interface number 0 [ 210.943963][ T41] usb 7-1: USB disconnect, device number 5 [ 210.956905][ T7890] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 210.965574][ T4898] usb 1-1: New USB device found, idVendor=10b8, idProduct=1bb4, bcdDevice=34.65 [ 210.978943][ T4898] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 210.981972][ T7890] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e028, mo2=0002] [ 210.993619][ T4898] usb 1-1: Product: syz [ 211.004117][ T4898] usb 1-1: Manufacturer: syz [ 211.013179][ T4898] usb 1-1: SerialNumber: syz [ 211.014153][ T7890] System zones: [ 211.020401][ T4898] usb 1-1: config 0 descriptor?? [ 211.040851][ T7890] 0-1, 15-15, 18-18, 34-34 [ 211.063651][ T7890] EXT4-fs (loop5): orphan cleanup on readonly fs [ 211.080618][ T7890] Quota error (device loop5): v2_read_header: Failed header read: expected=8 got=0 [ 211.104636][ T7890] EXT4-fs warning (device loop5): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 211.120287][ T7890] EXT4-fs (loop5): Cannot turn on quotas: error -22 [ 211.129192][ T7890] EXT4-fs error (device loop5): ext4_orphan_get:1426: comm syz.5.1170: bad orphan inode 16 [ 211.145748][ T7890] EXT4-fs (loop5): Remounting filesystem read-only [ 211.158751][ T7890] ext4_test_bit(bit=15, block=18) = 1 [ 211.167059][ T7890] is_bad_inode(inode)=0 [ 211.171405][ T7890] NEXT_ORPHAN(inode)=0 [ 211.180113][ T7890] max_ino=32 [ 211.183903][ T7890] i_nlink=2 [ 211.187535][ T7890] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 211.237743][ T4898] dvb-usb: found a 'DiBcom TFE7090PVR reference design' in warm state. [ 211.249829][ T4898] dvb-usb: will use the device's hardware PID filter (table count: 32). [ 211.259202][ T4898] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design) [ 211.270589][ T4898] usb 1-1: media controller created [ 211.277905][ T4898] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 211.314123][ T5196] EXT4-fs error (device loop5): ext4_ext_check_inode:520: inode #13: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic f300, entries 1, max 4(0), depth 0(0) [ 211.344945][ T5196] EXT4-fs error (device loop5): ext4_ext_check_inode:520: inode #13: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic f300, entries 1, max 4(0), depth 0(0) [ 211.407689][ T4898] DVB: Unable to find symbol dib7000p_attach() [ 211.414508][ T4898] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design' [ 211.442939][ T4898] dvb-usb: will use the device's hardware PID filter (table count: 32). [ 211.480547][ T4898] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design) [ 211.509575][ T4898] usb 1-1: media controller created [ 211.536387][ T4898] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 211.556889][ T4898] dib0700: the master dib7090 has to be initialized first [ 211.584489][ T4898] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design' [ 211.650069][ T5196] EXT4-fs (loop5): unmounting filesystem. [ 211.805786][ T4898] rc_core: IR keymap rc-dib0700-rc5 not found [ 211.811943][ T4898] Registered IR keymap rc-empty [ 211.832573][ T4898] dvb-usb: could not initialize remote control. [ 211.833248][ T4350] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.873071][ T4898] dvb-usb: DiBcom TFE7090PVR reference design successfully initialized and connected. [ 211.908136][ T4898] usb 1-1: USB disconnect, device number 10 [ 211.952257][ T4898] dvb-usb: DiBcom TFE7090PVR reference design successfully deinitialized and disconnected. [ 212.005709][ T4350] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.141576][ T4350] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.285256][ T4350] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.469739][ T7903] loop6: detected capacity change from 0 to 32768 [ 212.520428][ T7903] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 scanned by syz.6.1175 (7903) [ 212.564752][ T7903] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 212.591888][ T7903] BTRFS info (device loop6): using crc32c (crc32c-intel) checksum algorithm [ 212.624378][ T7903] BTRFS info (device loop6): metadata ratio 2 [ 212.630589][ T7903] BTRFS info (device loop6): allowing degraded mounts [ 212.689244][ T7903] BTRFS info (device loop6): force zlib compression, level 3 [ 212.702449][ T7914] loop4: detected capacity change from 0 to 1024 [ 212.716447][ T7903] BTRFS info (device loop6): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 212.751459][ T7903] BTRFS info (device loop6): use zstd compression, level 3 [ 212.755864][ T7914] hfsplus: bad catalog entry type [ 212.784272][ T7903] BTRFS info (device loop6): force clearing of disk cache [ 212.794405][ T7903] BTRFS info (device loop6): allowing degraded mounts [ 212.801297][ T7903] BTRFS info (device loop6): max_inline at 0 [ 212.837302][ T7903] BTRFS info (device loop6): using free space tree [ 212.878330][ T28] hfsplus: b-tree write err: -5, ino 4 [ 212.970435][ T4283] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 212.996333][ T4283] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 213.002188][ T7922] loop4: detected capacity change from 0 to 64 [ 213.020195][ T4281] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 213.030496][ T4281] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 213.041874][ T4281] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 213.050312][ T4281] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 213.052505][ T7909] loop0: detected capacity change from 0 to 32768 [ 213.100683][ T7922] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 213.126859][ T7909] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.1177 (7909) [ 213.139126][ T7922] MINIX-fs warning: remounting unchecked fs, running fsck is recommended [ 213.155934][ T7922] MINIX-fs warning: remounting unchecked fs, running fsck is recommended [ 213.220289][ T7909] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 213.244370][ T7909] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 213.261964][ T7909] BTRFS info (device loop0): force clearing of disk cache [ 213.288371][ T7909] BTRFS info (device loop0): metadata ratio 0 [ 213.294742][ T7903] BTRFS info (device loop6): enabling ssd optimizations [ 213.335088][ T7903] BTRFS info (device loop6): rebuilding free space tree [ 213.343469][ T7909] BTRFS info (device loop0): enabling ssd optimizations [ 213.372394][ T7909] BTRFS info (device loop0): using spread ssd allocation scheme [ 213.412264][ T7909] BTRFS info (device loop0): using free space tree [ 213.632971][ T5986] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 213.692981][ T7952] loop4: detected capacity change from 0 to 4096 [ 213.721177][ T7952] EXT4-fs (loop4): Test dummy encryption mode enabled [ 213.752432][ T7952] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 213.763423][ T7909] BTRFS info (device loop0): rebuilding free space tree [ 213.776434][ T7952] System zones: 0-5 [ 213.814195][ T7952] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 214.216187][ T7919] chnl_net:caif_netlink_parms(): no params data found [ 214.322033][ T7952] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 214.519602][ T4267] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 214.523112][ T46] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared) [ 214.738020][ T4264] EXT4-fs (loop4): unmounting filesystem. [ 215.104610][ T4268] Bluetooth: hci2: command 0x0409 tx timeout [ 215.115547][ T7979] xt_hashlimit: size too large, truncated to 1048576 [ 215.379102][ T7919] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.389166][ T7919] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.423303][ T7919] device bridge_slave_0 entered promiscuous mode [ 215.465166][ T7919] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.472357][ T7919] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.512980][ T7919] device bridge_slave_1 entered promiscuous mode [ 215.854499][ T5201] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 216.054448][ T5201] usb 1-1: Using ep0 maxpacket: 32 [ 216.062711][ T5201] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 216.077886][ T5201] usb 1-1: config 0 has no interface number 0 [ 216.087365][ T5201] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 216.106519][ T5201] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 216.120335][ T5201] usb 1-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 216.131850][ T5201] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.151341][ T5201] usb 1-1: config 0 descriptor?? [ 216.771254][ T5201] uclogic 0003:28BD:0094.000D: pen parameters not found [ 216.784426][ T5201] uclogic 0003:28BD:0094.000D: interface is invalid, ignoring [ 216.888377][ T4350] device hsr_slave_0 left promiscuous mode [ 216.902663][ T4350] device hsr_slave_1 left promiscuous mode [ 216.909630][ T4350] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 216.923943][ T4350] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 216.934967][ T4350] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 216.942430][ T4350] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 216.958543][ T4350] device bridge_slave_1 left promiscuous mode [ 216.970065][ T4350] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.983837][ T5201] usb 1-1: USB disconnect, device number 11 [ 217.000410][ T4350] device bridge_slave_0 left promiscuous mode [ 217.013317][ T4350] bridge0: port 1(bridge_slave_0) entered disabled state [ 217.028496][ T5198] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 217.085432][ T4350] device batadv0 left promiscuous mode [ 217.092306][ T4350] device veth1_macvtap left promiscuous mode [ 217.104822][ T4350] device veth0_macvtap left promiscuous mode [ 217.110972][ T4350] device veth1_vlan left promiscuous mode [ 217.119599][ T4350] device veth0_vlan left promiscuous mode [ 217.184695][ T4268] Bluetooth: hci2: command 0x041b tx timeout [ 217.241362][ T5198] usb 2-1: config index 0 descriptor too short (expected 227, got 18) [ 217.265890][ T5198] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 217.282354][ T5198] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 217.290840][ T5198] usb 2-1: Product: syz [ 217.302402][ T5198] usb 2-1: Manufacturer: syz [ 217.308482][ T5198] usb 2-1: SerialNumber: syz [ 217.330221][ T5198] usb 2-1: config 0 descriptor?? [ 217.357640][ T5198] ch341 2-1:0.0: ch341-uart converter detected [ 218.201102][ T5198] usb 2-1: failed to send control message: -71 [ 218.212430][ T5198] ch341-uart: probe of ttyUSB0 failed with error -71 [ 218.232883][ T5198] usb 2-1: USB disconnect, device number 12 [ 218.250449][ T5198] ch341 2-1:0.0: device disconnected [ 218.517186][ T4350] team0 (unregistering): Port device team_slave_1 removed [ 218.582832][ T4350] team0 (unregistering): Port device team_slave_0 removed [ 218.686275][ T4350] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 218.776583][ T4350] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 219.270950][ T4268] Bluetooth: hci2: command 0x040f tx timeout [ 219.573174][ T4350] bond0 (unregistering): Released all slaves [ 219.676362][ T7919] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 219.711099][ T7919] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 219.730552][ T4345] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 219.810882][ T7919] team0: Port device team_slave_0 added [ 219.880850][ T7919] team0: Port device team_slave_1 added [ 219.936137][ T4345] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 219.961152][ T4345] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.971653][ T7919] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 219.979528][ T7919] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 220.007153][ T4345] usb 2-1: config 0 descriptor?? [ 220.023497][ T4345] cp210x 2-1:0.0: cp210x converter detected [ 220.062974][ T7919] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 220.072583][ T8030] loop6: detected capacity change from 0 to 512 [ 220.105543][ T7919] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 220.112551][ T7919] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 220.200220][ T7919] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 220.225242][ T8030] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a80ec028, mo2=0002] [ 220.244489][ T8030] System zones: 0-2, 18-18, 34-35 [ 220.275491][ T8030] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 220.307841][ T8030] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 220.380936][ T7919] device hsr_slave_0 entered promiscuous mode [ 220.400475][ T7919] device hsr_slave_1 entered promiscuous mode [ 220.436701][ T4345] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 220.451130][ T7919] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 220.459350][ T7919] Cannot create hsr debugfs directory [ 220.465175][ T4345] usb 2-1: cp210x converter now attached to ttyUSB0 [ 220.629957][ T5986] EXT4-fs (loop6): unmounting filesystem. [ 220.658669][ T4345] usb 2-1: USB disconnect, device number 13 [ 220.686512][ T4345] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 220.719690][ T4345] cp210x 2-1:0.0: device disconnected [ 220.782012][ T8028] loop0: detected capacity change from 0 to 32768 [ 220.806474][ T8028] XFS (loop0): Mounting V5 Filesystem [ 220.917000][ T8028] XFS (loop0): Ending clean mount [ 220.929958][ T8028] XFS (loop0): Quotacheck needed: Please wait. [ 220.987950][ T8059] loop6: detected capacity change from 0 to 256 [ 221.003048][ T8028] XFS (loop0): Quotacheck: Done. [ 221.012289][ T8059] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 221.067534][ T4267] XFS (loop0): Unmounting Filesystem [ 221.197140][ T26] audit: type=1326 audit(1752495980.992:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8062 comm="syz.4.1223" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faa8c98e929 code=0x0 [ 221.338720][ T8069] loop1: detected capacity change from 0 to 64 [ 221.351184][ T4268] Bluetooth: hci2: command 0x0419 tx timeout [ 221.362749][ T7919] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 221.377610][ T7919] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 221.384362][ T8069] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing [ 221.427295][ T7919] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 221.484180][ T7919] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 221.623246][ T8082] loop0: detected capacity change from 0 to 64 [ 221.651593][ T8085] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1228'. [ 221.700395][ T7919] 8021q: adding VLAN 0 to HW filter on device bond0 [ 221.739444][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 221.746876][ T11] wlan1: Trigger new scan to find an IBSS to join [ 221.759804][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 221.778549][ T7919] 8021q: adding VLAN 0 to HW filter on device team0 [ 221.798833][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 221.810132][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 221.824854][ T4350] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.832078][ T4350] bridge0: port 1(bridge_slave_0) entered forwarding state [ 221.862239][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 221.878021][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 221.900166][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 221.915118][ T4350] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.922365][ T4350] bridge0: port 2(bridge_slave_1) entered forwarding state [ 221.931665][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 221.950121][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 221.960237][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 221.977244][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 221.999827][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 222.009515][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 222.019009][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 222.045471][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 222.075279][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 222.105524][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 222.126363][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 222.161978][ T7919] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 222.353647][ T8097] loop4: detected capacity change from 0 to 8192 [ 222.394093][ T8097] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 222.414679][ T8097] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 222.424005][ T8097] REISERFS (device loop4): using ordered data mode [ 222.454548][ T8097] reiserfs: using flush barriers [ 222.481992][ T8089] loop6: detected capacity change from 0 to 32768 [ 222.489454][ T8097] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 222.512284][ T8089] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 scanned by syz.6.1230 (8089) [ 222.556176][ T8089] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 222.560834][ T8097] REISERFS (device loop4): checking transaction log (loop4) [ 222.566748][ T8089] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm [ 222.594453][ T8089] BTRFS info (device loop6): force clearing of disk cache [ 222.601668][ T8089] BTRFS info (device loop6): enabling auto defrag [ 222.606342][ T8097] REISERFS (device loop4): Using r5 hash to sort names [ 222.618611][ T8089] BTRFS info (device loop6): max_inline at 0 [ 222.625321][ T8089] BTRFS info (device loop6): setting nodatacow, compression disabled [ 222.648508][ T8089] BTRFS info (device loop6): using free space tree [ 222.658873][ T8097] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 222.860815][ T8089] BTRFS info (device loop6): enabling ssd optimizations [ 222.908519][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 222.921804][ T8089] BTRFS info (device loop6): rebuilding free space tree [ 222.947642][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 222.981165][ T7919] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 223.303947][ T4350] BTRFS info (device loop6): qgroup scan completed (inconsistency flag cleared) [ 223.393830][ T5986] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 223.467362][ T8124] loop0: detected capacity change from 0 to 40427 [ 223.494877][ T8124] F2FS-fs (loop0): build fault injection attr: rate: 771, type: 0x3ffff [ 223.516647][ T8124] F2FS-fs (loop0): invalid crc value [ 223.532688][ T8124] F2FS-fs (loop0): Found nat_bits in checkpoint [ 223.669214][ T8124] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 223.745637][ T26] audit: type=1800 audit(1752495983.532:1081): pid=8124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1240" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 223.809586][ T26] audit: type=1804 audit(1752495983.562:1082): pid=8124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1240" name="/newroot/269/file1/file1" dev="loop0" ino=10 res=1 errno=0 [ 223.900422][ T4267] syz-executor: attempt to access beyond end of device [ 223.900422][ T4267] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 224.037870][ T8153] tap0: tun_chr_ioctl cmd 1074812118 [ 224.226685][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 224.250430][ T4892] kernel write not supported for file /input/event2 (pid: 4892 comm: kworker/1:9) [ 224.255844][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 224.335044][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 224.365420][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 224.395469][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 224.414179][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 224.424624][ T7919] device veth0_vlan entered promiscuous mode [ 224.459341][ T7919] device veth1_vlan entered promiscuous mode [ 224.530049][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 224.546831][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 224.565301][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 224.585656][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 224.598870][ T7919] device veth0_macvtap entered promiscuous mode [ 224.628106][ T7919] device veth1_macvtap entered promiscuous mode [ 224.701759][ T7919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 224.725547][ T7919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.759649][ T7919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 224.784794][ T7919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.796225][ T9] wlan1: Trigger new scan to find an IBSS to join [ 224.819084][ T7919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 224.844334][ T7919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.865598][ T7919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 224.884258][ T7919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.905553][ T7919] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 224.920510][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 224.948158][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 224.970657][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 224.992974][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 225.014635][ T7919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 225.047754][ T7919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.073884][ T7919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 225.097675][ T7919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.099535][ T8160] loop6: detected capacity change from 0 to 32768 [ 225.108107][ T7919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 225.125422][ T7919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.135642][ T7919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 225.146430][ T7919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.148436][ T8160] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 scanned by syz.6.1248 (8160) [ 225.159206][ T7919] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 225.181223][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 225.193559][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 225.206853][ T8160] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 225.221894][ T7919] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.230830][ T8160] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm [ 225.230937][ T8160] BTRFS info (device loop6): force clearing of disk cache [ 225.231004][ T8160] BTRFS info (device loop6): metadata ratio 0 [ 225.231027][ T8160] BTRFS info (device loop6): enabling ssd optimizations [ 225.231044][ T8160] BTRFS info (device loop6): using spread ssd allocation scheme [ 225.231061][ T8160] BTRFS info (device loop6): using free space tree [ 225.277891][ T7919] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.286916][ T7919] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.321391][ T7919] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.340221][ T8170] loop4: detected capacity change from 0 to 32768 [ 225.368803][ T8170] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 scanned by syz.4.1253 (8170) [ 225.404861][ T8170] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 225.428496][ T8170] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 225.460612][ T8170] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 225.503080][ T8160] BTRFS info (device loop6): rebuilding free space tree [ 225.544201][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 225.544322][ T8170] BTRFS info (device loop4): use zstd compression, level 3 [ 225.564374][ T8170] BTRFS info (device loop4): using free space tree [ 225.614424][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.629496][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 225.672210][ T8180] loop0: detected capacity change from 0 to 32768 [ 225.690778][ T8180] BTRFS warning: duplicate device /dev/loop0 devid 1 generation 8 scanned by syz.0.1255 (8180) [ 225.698772][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 225.718003][ T8207] loop1: detected capacity change from 0 to 1024 [ 225.725513][ T8207] EXT4-fs: Ignoring removed mblk_io_submit option [ 225.733667][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.777645][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 225.793682][ T8207] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 225.800332][ T8170] BTRFS info (device loop4): enabling ssd optimizations [ 225.886845][ T26] audit: type=1800 audit(1752495985.682:1083): pid=8170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1253" name="file1" dev="loop4" ino=260 res=0 errno=0 [ 225.918884][ T4264] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 225.973920][ T75] BTRFS info (device loop6): qgroup scan completed (inconsistency flag cleared) [ 225.984158][ T5986] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 226.477297][ T4266] EXT4-fs (loop1): unmounting filesystem. [ 226.852853][ T8234] netlink: 'syz.1.1262': attribute type 46 has an invalid length. [ 226.874466][ T8234] netlink: 212868 bytes leftover after parsing attributes in process `syz.1.1262'. [ 226.897347][ T8237] loop4: detected capacity change from 0 to 47 [ 226.943620][ T8237] syz.4.1265: attempt to access beyond end of device [ 226.943620][ T8237] loop4: rw=2049, sector=48, nr_sectors = 2 limit=47 [ 226.984747][ T8237] Buffer I/O error on dev loop4, logical block 24, lost async page write [ 227.199088][ T8250] loop6: detected capacity change from 0 to 8 [ 227.744889][ T9] wlan1: Trigger new scan to find an IBSS to join [ 227.854504][ T14] usb 2-1: new full-speed USB device number 14 using dummy_hcd [ 228.051587][ T14] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 228.083272][ T14] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 228.111364][ T14] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 228.138272][ T14] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 228.162927][ T14] usb 2-1: Product: syz [ 228.172437][ T14] usb 2-1: Manufacturer: syz [ 228.187642][ T14] usb 2-1: SerialNumber: syz [ 228.431070][ T14] cdc_ncm 2-1:1.0: bind() failure [ 228.444673][ T14] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found [ 228.467196][ T14] cdc_ncm 2-1:1.1: bind() failure [ 228.494492][ T14] usb 2-1: USB disconnect, device number 14 [ 228.602382][ T8297] netlink: 'syz.6.1290': attribute type 21 has an invalid length. [ 228.620740][ T8297] netlink: 156 bytes leftover after parsing attributes in process `syz.6.1290'. [ 228.647057][ T8297] netlink: 'syz.6.1290': attribute type 21 has an invalid length. [ 228.679107][ T8297] netlink: 156 bytes leftover after parsing attributes in process `syz.6.1290'. [ 228.688554][ T8299] loop0: detected capacity change from 0 to 1024 [ 228.708774][ T75] wlan1: Creating new IBSS network, BSSID 6a:2a:e1:f4:1b:fd [ 228.824009][ T8286] loop5: detected capacity change from 0 to 40427 [ 228.867581][ T8286] F2FS-fs (loop5): Invalid SB checksum offset: 0 [ 228.885330][ T8286] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 228.919376][ T8286] F2FS-fs (loop5): invalid crc value [ 228.975559][ T8286] F2FS-fs (loop5): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 229.167110][ T8286] F2FS-fs (loop5): Failed to read root inode [ 229.927667][ T8309] loop1: detected capacity change from 0 to 32768 [ 230.030744][ T8309] ialloc: diAlloc returned -5! [ 230.349782][ T8346] loop5: detected capacity change from 0 to 256 [ 230.386694][ T8346] exfat: Deprecated parameter 'utf8' [ 230.423304][ T8346] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 230.738473][ T8361] netlink: 332 bytes leftover after parsing attributes in process `syz.1.1318'. [ 230.774582][ T8361] netlink: 'syz.1.1318': attribute type 3 has an invalid length. [ 230.793412][ T8361] netlink: 'syz.1.1318': attribute type 1 has an invalid length. [ 230.817245][ T8356] loop0: detected capacity change from 0 to 8192 [ 230.856517][ T8356] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 230.876947][ T8356] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 230.891466][ T8356] REISERFS (device loop0): using ordered data mode [ 230.900941][ T8356] reiserfs: using flush barriers [ 230.910464][ T8356] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 230.932501][ T8356] REISERFS (device loop0): checking transaction log (loop0) [ 230.941270][ T8356] REISERFS (device loop0): Using r5 hash to sort names [ 230.957054][ T8356] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 231.388991][ T8379] loop6: detected capacity change from 0 to 256 [ 231.661971][ T8368] loop5: detected capacity change from 0 to 32768 [ 231.664666][ T8389] xt_bpf: check failed: parse error [ 231.769546][ T8368] XFS (loop5): Mounting V5 Filesystem [ 231.821601][ T8368] XFS (loop5): Internal error (!rhead->h_version || (be32_to_cpu(rhead->h_version) & (~XLOG_VERSION_OKBITS))) at line 2921 of file fs/xfs/xfs_log_recover.c. Caller xlog_valid_rec_header+0x195/0x370 [ 231.908908][ T8368] CPU: 0 PID: 8368 Comm: syz.5.1321 Not tainted 6.1.144-syzkaller #0 [ 231.917071][ T8368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 231.927179][ T8368] Call Trace: [ 231.930494][ T8368] [ 231.933453][ T8368] dump_stack_lvl+0x168/0x22e [ 231.938208][ T8368] ? show_regs_print_info+0x12/0x12 [ 231.938947][ T8373] loop4: detected capacity change from 0 to 32768 [ 231.943441][ T8368] ? kmem_cache_free+0xf7/0x290 [ 231.954831][ T8368] xfs_corruption_error+0x11e/0x170 [ 231.960084][ T8368] ? xlog_valid_rec_header+0x195/0x370 [ 231.965591][ T8368] xlog_valid_rec_header+0x1e9/0x370 [ 231.971099][ T8368] ? xlog_valid_rec_header+0x195/0x370 [ 231.976622][ T8368] xlog_do_recovery_pass+0x7d9/0xc50 [ 231.981969][ T8368] ? xlog_do_io+0x350/0x350 [ 231.985608][ T8373] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1323 (8373) [ 231.986513][ T8368] ? xlog_verify_head+0xf3/0x440 [ 232.003746][ T8368] ? __kmem_cache_free+0xb6/0x1f0 [ 232.008919][ T8368] xlog_verify_head+0x137/0x440 [ 232.013843][ T8368] xlog_find_tail+0x6c4/0xa00 [ 232.018762][ T8368] xlog_recover+0x48/0x450 [ 232.023228][ T8368] xfs_log_mount+0x2ba/0x460 [ 232.027868][ T8368] xfs_mountfs+0xc42/0x1d10 [ 232.032423][ T8368] ? lockdep_softirqs_off+0x420/0x420 [ 232.037852][ T8368] ? xfs_default_resblks+0x70/0x70 [ 232.042987][ T8368] ? init_timer_key+0x178/0x320 [ 232.047889][ T8368] ? rcu_is_watching+0x11/0xa0 [ 232.052689][ T8368] ? trace_xfs_inode_timestamp_range+0xa8/0x250 [ 232.058967][ T8368] xfs_fs_fill_super+0x10f0/0x1350 [ 232.064120][ T8368] get_tree_bdev+0x3f1/0x610 [ 232.068737][ T8368] ? xfs_fs_warn_deprecated+0x190/0x190 [ 232.074349][ T8368] vfs_get_tree+0x88/0x270 [ 232.078805][ T8368] do_new_mount+0x24a/0xa40 [ 232.083339][ T8368] __se_sys_mount+0x2d6/0x3c0 [ 232.088047][ T8368] ? __x64_sys_mount+0xc0/0xc0 [ 232.092847][ T8368] ? lockdep_hardirqs_on+0x94/0x140 [ 232.098092][ T8368] ? __x64_sys_mount+0x1c/0xc0 [ 232.102887][ T8368] do_syscall_64+0x4c/0xa0 [ 232.107331][ T8368] ? clear_bhb_loop+0x60/0xb0 [ 232.112082][ T8368] ? clear_bhb_loop+0x60/0xb0 [ 232.116787][ T8368] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 232.122711][ T8368] RIP: 0033:0x7f498e3900ca [ 232.127243][ T8368] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.146864][ T8368] RSP: 002b:00007f498f119e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 232.155306][ T8368] RAX: ffffffffffffffda RBX: 00007f498f119ef0 RCX: 00007f498e3900ca [ 232.163296][ T8368] RDX: 00002000000000c0 RSI: 0000200000000280 RDI: 00007f498f119eb0 [ 232.171293][ T8368] RBP: 00002000000000c0 R08: 00007f498f119ef0 R09: 0000000000008000 [ 232.179279][ T8368] R10: 0000000000008000 R11: 0000000000000246 R12: 0000200000000280 [ 232.187290][ T8368] R13: 00007f498f119eb0 R14: 00000000000097a7 R15: 0000200000000180 [ 232.195293][ T8368] [ 232.201625][ C0] vkms_vblank_simulate: vblank timer overrun [ 232.241423][ T8373] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 232.254368][ T8368] XFS (loop5): Corruption detected. Unmount and run xfs_repair [ 232.264292][ T8368] XFS (loop5): xlog_valid_rec_header: unrecognised log version (0). [ 232.264474][ T8373] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 232.282655][ T8368] XFS (loop5): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x50. [ 232.334101][ T8368] XFS (loop5): Starting recovery (logdev: internal) [ 232.334325][ T8373] BTRFS info (device loop4): enabling auto defrag [ 232.391675][ T8368] XFS (loop5): Ending recovery (logdev: internal) [ 232.394272][ T8373] BTRFS info (device loop4): use no compression [ 232.428296][ T8368] XFS (loop5): Quotacheck needed: Please wait. [ 232.444379][ T8373] BTRFS info (device loop4): force clearing of disk cache [ 232.451806][ T8373] BTRFS info (device loop4): max_inline at 4096 [ 232.495603][ T8373] BTRFS info (device loop4): disabling free space tree [ 232.518703][ T8368] XFS (loop5): Quotacheck: Done. [ 232.640869][ T8388] loop0: detected capacity change from 0 to 32768 [ 232.703603][ T8399] loop1: detected capacity change from 0 to 32768 [ 232.714458][ T8388] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1331 (8388) [ 232.739705][ T8373] BTRFS info (device loop4): enabling ssd optimizations [ 232.755964][ T8373] BTRFS info (device loop4): rebuilding free space tree [ 232.763105][ T8388] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 232.785908][ T8399] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.1332 (8399) [ 232.790475][ T8388] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 232.815569][ T8388] BTRFS info (device loop0): setting nodatacow, compression disabled [ 232.826499][ T8399] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 232.839187][ T8373] BTRFS info (device loop4): disabling free space tree [ 232.839651][ T7919] XFS (loop5): Unmounting Filesystem [ 232.854043][ T8373] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 232.858336][ T8388] BTRFS info (device loop0): max_inline at 0 [ 232.874028][ T8388] BTRFS info (device loop0): turning off barriers [ 232.876884][ T8399] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 232.881593][ T8388] BTRFS info (device loop0): force zlib compression, level 3 [ 232.898142][ T8388] BTRFS info (device loop0): doing ref verification [ 232.900466][ T8373] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 232.904996][ T8388] BTRFS info (device loop0): force clearing of disk cache [ 232.922735][ T8399] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 232.963363][ T8388] BTRFS info (device loop0): enabling ssd optimizations [ 232.970773][ T8399] BTRFS info (device loop1): use zstd compression, level 3 [ 232.978272][ T8388] BTRFS info (device loop0): max_inline at 4096 [ 232.984847][ T8388] BTRFS info (device loop0): using free space tree [ 232.991936][ T8399] BTRFS info (device loop1): using free space tree [ 233.143835][ T8388] BTRFS info (device loop0): rebuilding free space tree [ 233.282699][ T4264] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 233.301939][ T8399] BTRFS info (device loop1): enabling ssd optimizations [ 233.344131][ T26] audit: type=1800 audit(1752495993.132:1084): pid=8399 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1332" name="file1" dev="loop1" ino=260 res=0 errno=0 [ 233.364938][ C0] vkms_vblank_simulate: vblank timer overrun [ 233.653097][ T4266] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 233.678170][ T4267] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 233.900991][ T14] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 234.109721][ T14] usb 7-1: Using ep0 maxpacket: 32 [ 234.154682][ T14] usb 7-1: config 0 has an invalid interface number: 51 but max is 0 [ 234.189396][ T14] usb 7-1: config 0 has no interface number 0 [ 234.215901][ T14] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 234.245139][ T14] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 234.253337][ T14] usb 7-1: Product: syz [ 234.274314][ T14] usb 7-1: Manufacturer: syz [ 234.279030][ T14] usb 7-1: SerialNumber: syz [ 234.309297][ T14] usb 7-1: config 0 descriptor?? [ 234.335663][ T14] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 234.522587][ T8462] loop5: detected capacity change from 0 to 40427 [ 234.545449][ T14] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 234.566878][ T8462] F2FS-fs (loop5): invalid crc value [ 234.575388][ T14] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 234.611256][ T8462] F2FS-fs (loop5): Found nat_bits in checkpoint [ 234.724668][ T8474] loop1: detected capacity change from 0 to 8192 [ 234.733109][ T8462] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 234.741333][ T8474] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 234.754562][ C0] quatech-serial ttyUSB0: qt2_process_read_urb - port change to invalid port: 255 [ 234.780322][ T8474] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 234.818737][ T26] audit: type=1800 audit(1752495994.612:1085): pid=8462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1339" name="file1" dev="loop5" ino=10 res=0 errno=0 [ 234.843431][ T8466] loop4: detected capacity change from 0 to 32768 [ 234.851713][ T8474] REISERFS (device loop1): using ordered data mode [ 234.858603][ T8474] reiserfs: using flush barriers [ 234.867226][ T8462] syz.5.1339: attempt to access beyond end of device [ 234.867226][ T8462] loop5: rw=34817, sector=77824, nr_sectors = 128 limit=40427 [ 234.872875][ T8474] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 234.900391][ T8474] REISERFS (device loop1): checking transaction log (loop1) [ 234.910709][ T8466] XFS (loop4): Mounting V5 Filesystem [ 234.926206][ T8474] REISERFS (device loop1): Using r5 hash to sort names [ 234.944527][ T8474] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 234.955073][ C0] usb 7-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 234.955675][ T4894] usb 7-1: USB disconnect, device number 6 [ 234.969414][ T7919] syz-executor: attempt to access beyond end of device [ 234.969414][ T7919] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 235.009656][ T8466] XFS (loop4): Ending clean mount [ 235.020305][ T4894] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 235.059295][ T4894] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 235.100528][ T4894] quatech2 7-1:0.51: device disconnected [ 235.144848][ T4264] XFS (loop4): Unmounting Filesystem [ 235.532265][ T8488] loop0: detected capacity change from 0 to 4096 [ 235.573088][ T8488] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 236.445968][ T8502] loop6: detected capacity change from 0 to 32768 [ 236.490971][ T8502] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop6 scanned by syz.6.1349 (8502) [ 236.550486][ T8502] BTRFS info (device loop6): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 236.584614][ T8532] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1364'. [ 236.593735][ T8502] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm [ 236.612029][ T8532] netem: invalid attributes len -19 [ 236.618972][ T8502] BTRFS info (device loop6): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 236.628690][ T8532] netem: change failed [ 236.648025][ T8502] BTRFS info (device loop6): use zstd compression, level 3 [ 236.685704][ T8502] BTRFS info (device loop6): using free space tree [ 236.895578][ T8559] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1370'. [ 236.912270][ T8502] BTRFS info (device loop6): enabling ssd optimizations [ 236.951783][ T8559] netem: unknown loss type 0 [ 236.974328][ T8559] netem: change failed [ 236.981494][ T26] audit: type=1800 audit(1752495996.772:1086): pid=8502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1349" name="file1" dev="loop6" ino=260 res=0 errno=0 [ 237.053751][ T5986] BTRFS info (device loop6): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 237.169853][ T8568] loop4: detected capacity change from 0 to 64 [ 237.329365][ T8564] loop5: detected capacity change from 0 to 8192 [ 237.390038][ T8564] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 237.415051][ T8564] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 237.438096][ T8564] REISERFS (device loop5): using ordered data mode [ 237.462433][ T8564] reiserfs: using flush barriers [ 237.474053][ T8564] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 237.495644][ T8564] REISERFS (device loop5): checking transaction log (loop5) [ 237.505148][ T8574] 9pnet_fd: Insufficient options for proto=fd [ 237.511890][ T8573] kernel read not supported for file /!selinuxselinux (pid: 8573 comm: syz.1.1375) [ 237.522745][ T8564] REISERFS (device loop5): Using r5 hash to sort names [ 237.530203][ T8564] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 237.540395][ T26] audit: type=1800 audit(1752495997.322:1087): pid=8573 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1375" name="!selinuxselinux" dev="mqueue" ino=48562 res=0 errno=0 [ 238.482204][ T8607] loop5: detected capacity change from 0 to 2048 [ 238.552719][ T8607] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found! [ 238.596654][ T8607] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 238.673373][ T8587] loop6: detected capacity change from 0 to 32768 [ 238.755291][ T8587] XFS (loop6): Mounting V5 Filesystem [ 238.776581][ T8597] loop4: detected capacity change from 0 to 32768 [ 238.838042][ T8597] XFS (loop4): Mounting V5 Filesystem [ 238.854317][ T4323] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 238.885610][ T8587] XFS (loop6): Ending clean mount [ 238.893550][ T8587] XFS (loop6): Quotacheck needed: Please wait. [ 238.947083][ T8587] XFS (loop6): Quotacheck: Done. [ 238.965958][ T8597] XFS (loop4): Ending clean mount [ 238.977027][ T8597] XFS (loop4): Quotacheck needed: Please wait. [ 239.032845][ T5986] XFS (loop6): Unmounting Filesystem [ 239.053846][ T8597] XFS (loop4): Quotacheck: Done. [ 239.064823][ T4323] usb 2-1: Using ep0 maxpacket: 16 [ 239.072013][ T4323] usb 2-1: config 1 has an invalid interface number: 105 but max is 0 [ 239.095059][ T4323] usb 2-1: config 1 has no interface number 0 [ 239.101306][ T4323] usb 2-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 239.111904][ T4323] usb 2-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 239.122359][ T4323] usb 2-1: config 1 interface 105 has no altsetting 0 [ 239.138170][ T4323] usb 2-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 239.174586][ T4323] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 239.193055][ T8638] loop5: detected capacity change from 0 to 2048 [ 239.199748][ T4323] usb 2-1: Product: syz [ 239.203959][ T4323] usb 2-1: Manufacturer: syz [ 239.223764][ T4323] usb 2-1: SerialNumber: syz [ 239.234686][ T8610] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 239.255758][ T8610] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 239.283807][ T8641] loop0: detected capacity change from 0 to 2048 [ 239.327786][ T8642] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 239.364363][ T4264] XFS (loop4): Unmounting Filesystem [ 239.382204][ T8641] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 239.561359][ T4267] EXT4-fs (loop0): unmounting filesystem. [ 239.710789][ T8610] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 239.730892][ T8610] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 239.794483][ T4324] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 239.871102][ T7919] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 8796093022222 [ 239.881139][ T7919] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=16) [ 239.926167][ T7919] Remounting filesystem read-only [ 239.931282][ T7919] NILFS (loop5): error -5 truncating bmap (ino=16) [ 239.932217][ T8657] loop0: detected capacity change from 0 to 512 [ 239.947088][ T8657] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 239.948320][ T8655] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1401'. [ 239.967714][ T7919] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer [ 239.980399][ T8657] EXT4-fs (loop0): 1 truncate cleaned up [ 239.994473][ T4324] usb 7-1: Using ep0 maxpacket: 32 [ 239.999780][ T8657] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 240.022046][ T4324] usb 7-1: config index 0 descriptor too short (expected 191, got 36) [ 240.040893][ T4324] usb 7-1: config 0 has an invalid interface number: 221 but max is 0 [ 240.061025][ T4324] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 240.075732][ T4324] usb 7-1: config 0 has no interface number 0 [ 240.082128][ T4324] usb 7-1: config 0 interface 221 has no altsetting 0 [ 240.089295][ T4324] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 240.099822][ T4324] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.110606][ T4324] usb 7-1: config 0 descriptor?? [ 240.120928][ T4324] hub 7-1:0.221: bad descriptor, ignoring hub [ 240.127538][ T4324] hub: probe of 7-1:0.221 failed with error -5 [ 240.152100][ T4267] EXT4-fs (loop0): unmounting filesystem. [ 240.199253][ T4323] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 240.225502][ T4323] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 240.253528][ T4323] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 240.357774][ T4323] aqc111 2-1:1.105 eth9: register 'aqc111' at usb-dummy_hcd.1-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 9e:a9:7d:36:aa:5a [ 240.392741][ T4323] usb 2-1: USB disconnect, device number 15 [ 240.419453][ T4323] aqc111 2-1:1.105 eth9: unregister 'aqc111' usb-dummy_hcd.1-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter [ 240.481932][ T8676] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1411'. [ 240.544773][ T4323] aqc111 2-1:1.105 eth9 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 240.560102][ T4323] aqc111 2-1:1.105 eth9 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 240.600155][ T4323] aqc111 2-1:1.105 eth9 (unregistered): Failed to write(0x61) reg index 0x0000: -19 [ 240.690897][ T8684] loop0: detected capacity change from 0 to 256 [ 240.698286][ T8684] exfat: Deprecated parameter 'namecase' [ 240.711814][ T8684] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d) [ 240.807430][ T4338] usb 7-1: reset high-speed USB device number 7 using dummy_hcd [ 241.302935][ T8709] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1424'. [ 241.555585][ T4338] usb 7-1: USB disconnect, device number 7 [ 241.857495][ T4338] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 242.045778][ T4338] usb 2-1: Using ep0 maxpacket: 8 [ 242.052914][ T4338] usb 2-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 242.091983][ T4338] usb 2-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0 [ 242.115033][ T8742] loop4: detected capacity change from 0 to 256 [ 242.123443][ T4338] usb 2-1: config 0 interface 0 has no altsetting 0 [ 242.161353][ T4338] usb 2-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00 [ 242.184542][ T4338] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 242.208509][ T4338] usb 2-1: config 0 descriptor?? [ 242.630519][ T4338] razer 0003:1532:010E.000E: unknown main item tag 0x0 [ 242.649858][ T4338] razer 0003:1532:010E.000E: unknown main item tag 0x0 [ 242.672385][ T4338] razer 0003:1532:010E.000E: hidraw0: USB HID v0.00 Device [HID 1532:010e] on usb-dummy_hcd.1-1/input0 [ 242.691330][ T8757] loop4: detected capacity change from 0 to 512 [ 242.751820][ T8757] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1443: casefold flag without casefold feature [ 242.801483][ T8757] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1443: couldn't read orphan inode 15 (err -117) [ 242.824952][ T8757] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 242.871877][ T6312] usb 2-1: USB disconnect, device number 16 [ 242.950696][ T4264] EXT4-fs (loop4): unmounting filesystem. [ 242.964077][ T26] audit: type=1326 audit(1752496002.752:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8762 comm="syz.5.1444" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f498e38e929 code=0x0 [ 243.239679][ T8772] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 243.271891][ T52] block nbd6: Attempted send on invalid socket [ 243.304388][ T52] I/O error, dev nbd6, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 243.316895][ T93] block nbd6: Attempted send on invalid socket [ 243.323186][ T93] I/O error, dev nbd6, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 243.336448][ T8774] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256 [ 243.379859][ T93] block nbd6: Attempted send on invalid socket [ 243.386256][ T93] I/O error, dev nbd6, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 243.417955][ T8774] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512 [ 243.444623][ T52] block nbd6: Attempted send on invalid socket [ 243.450884][ T52] I/O error, dev nbd6, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 243.471123][ T52] block nbd6: Attempted send on invalid socket [ 243.478479][ T52] I/O error, dev nbd6, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 243.493004][ T8774] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256 [ 243.532569][ T93] block nbd6: Attempted send on invalid socket [ 243.538966][ T93] I/O error, dev nbd6, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 243.550800][ T8774] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512 [ 243.568073][ T52] block nbd6: Attempted send on invalid socket [ 243.574471][ T52] I/O error, dev nbd6, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 243.600194][ T93] block nbd6: Attempted send on invalid socket [ 243.606513][ T93] I/O error, dev nbd6, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 243.619141][ T8774] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256 [ 243.644644][ T52] block nbd6: Attempted send on invalid socket [ 243.650868][ T52] I/O error, dev nbd6, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 243.662791][ T8779] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 243.675407][ T8774] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512 [ 243.686635][ T52] block nbd6: Attempted send on invalid socket [ 243.692839][ T52] I/O error, dev nbd6, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 243.702734][ T8774] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256 [ 243.742873][ T8774] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512 [ 243.793463][ T8774] UDF-fs: warning (device nbd6): udf_fill_super: No partition found (1) [ 349.424176][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 349.431197][ C0] rcu: 1-...!: (0 ticks this GP) idle=d3c4/1/0x4000000000000000 softirq=25574/25574 fqs=0 [ 349.443324][ C0] (detected by 0, t=10506 jiffies, g=39177, q=145 ncpus=2) [ 349.450652][ C0] Sending NMI from CPU 0 to CPUs 1: [ 349.455895][ C1] NMI backtrace for cpu 1 [ 349.455911][ C1] CPU: 1 PID: 8793 Comm: syz.6.1458 Not tainted 6.1.144-syzkaller #0 [ 349.455929][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 349.455940][ C1] RIP: 0010:__hrtimer_run_queues+0x2e4/0xd60 [ 349.455973][ C1] Code: 02 ef 0f 00 85 db 0f 84 8f 04 00 00 e8 95 eb 0f 00 eb 05 e8 8e eb 0f 00 48 8b 5c 24 18 4c 89 e7 e8 51 34 00 00 48 8b 44 24 58 <42> 80 3c 28 00 74 08 48 89 df e8 9d 67 61 00 4c 89 23 48 8b 74 24 [ 349.455988][ C1] RSP: 0018:ffffc900001e0d20 EFLAGS: 00000006 [ 349.456036][ C1] RAX: 1ffff110171e54d9 RBX: ffff8880b8f2a6c8 RCX: ffff88802ab75940 [ 349.456049][ C1] RDX: 0000000000010000 RSI: ffffffff8adf1c00 RDI: ffffffff8adf1bc0 [ 349.456062][ C1] RBP: ffffc900001e0e88 R08: dffffc0000000000 R09: fffffbfff1c3ecc6 [ 349.456075][ C1] R10: fffffbfff1c3ecc6 R11: 1ffffffff1c3ecc5 R12: ffff88805744f340 [ 349.456087][ C1] R13: dffffc0000000000 R14: 185a93e412a4f77f R15: ffff8880b8f2a680 [ 349.456101][ C1] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 349.456116][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 349.456128][ C1] CR2: 0000200000003c80 CR3: 00000000724ca000 CR4: 00000000003506e0 [ 349.456143][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 349.456153][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 349.456164][ C1] Call Trace: [ 349.456170][ C1] [ 349.456176][ C1] ? ktime_get_update_offsets_now+0x95/0x3e0 [ 349.456205][ C1] ? ktime_get_update_offsets_now+0x95/0x3e0 [ 349.456241][ C1] ? taprio_free_sched_cb+0x190/0x190 [ 349.456270][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 349.456292][ C1] hrtimer_interrupt+0x3c5/0x9c0 [ 349.456322][ C1] __sysvec_apic_timer_interrupt+0x153/0x5a0 [ 349.456349][ C1] sysvec_apic_timer_interrupt+0x9b/0xc0 [ 349.456377][ C1] [ 349.456381][ C1] [ 349.456387][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 349.456409][ C1] RIP: 0010:refill_stock+0x27b/0x440 [ 349.456435][ C1] Code: c8 ad ff 48 c7 44 24 60 00 00 00 00 9c 8f 44 24 60 f6 44 24 61 02 75 53 f7 c3 00 02 00 00 74 01 fb 48 c7 44 24 20 0e 36 e0 45 <48> 8b 44 24 18 4a c7 04 20 00 00 00 00 66 42 c7 44 20 09 00 00 42 [ 349.456449][ C1] RSP: 0018:ffffc90003bffc20 EFLAGS: 00000206 [ 349.456463][ C1] RAX: c22f73e62163fc00 RBX: 0000000000000a06 RCX: c22f73e62163fc00 [ 349.456475][ C1] RDX: dffffc0000000000 RSI: ffffffff8a8c0460 RDI: ffffffff8adf1c20 [ 349.456488][ C1] RBP: ffffc90003bffce8 R08: dffffc0000000000 R09: fffffbfff1c3ecc6 [ 349.456501][ C1] R10: fffffbfff1c3ecc6 R11: 1ffffffff1c3ecc5 R12: dffffc0000000000 [ 349.456514][ C1] R13: ffff88802ab75940 R14: ffff8880b8f368d0 R15: ffff8880b8f368f8 [ 349.456539][ C1] ? mem_cgroup_uncharge_skmem+0x1a0/0x1a0 [ 349.456565][ C1] ? get_mem_cgroup_from_objcg+0x19/0x150 [ 349.456596][ C1] ? get_mem_cgroup_from_objcg+0x19/0x150 [ 349.456623][ C1] ? get_mem_cgroup_from_objcg+0x13c/0x150 [ 349.456650][ C1] __memcg_kmem_uncharge_page+0xed/0x280 [ 349.456677][ C1] exit_task_stack_account+0x90/0x310 [ 349.456705][ C1] do_exit+0x19dd/0x2400 [ 349.456732][ C1] ? preempt_schedule+0xa7/0xb0 [ 349.456753][ C1] ? put_task_struct+0x80/0x80 [ 349.456775][ C1] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 349.456801][ C1] ? lock_chain_count+0x20/0x20 [ 349.456824][ C1] ? preempt_schedule_thunk+0x16/0x18 [ 349.456853][ C1] do_group_exit+0x217/0x2d0 [ 349.456879][ C1] __x64_sys_exit_group+0x3b/0x40 [ 349.456902][ C1] do_syscall_64+0x4c/0xa0 [ 349.456922][ C1] ? clear_bhb_loop+0x60/0xb0 [ 349.456942][ C1] ? clear_bhb_loop+0x60/0xb0 [ 349.456963][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 349.456983][ C1] RIP: 0033:0x7f9a1138e929 [ 349.456995][ C1] Code: Unable to access opcode bytes at 0x7f9a1138e8ff. [ 349.457011][ C1] RSP: 002b:00007ffd97d536b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 349.457027][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9a1138e929 [ 349.457039][ C1] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 [ 349.457050][ C1] RBP: 00007ffd97d5371c R08: 0000000497d537af R09: 00000000000927c0 [ 349.457061][ C1] R10: 000000000000856c R11: 0000000000000246 R12: 0000000000000086 [ 349.457072][ C1] R13: 00000000000927c0 R14: 000000000003b856 R15: 00007ffd97d53770 [ 349.457092][ C1] [ 349.457889][ C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 10505 jiffies! g39177 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 349.888802][ C0] rcu: Possible timer handling issue on cpu=1 timer-softirq=13520 [ 349.896728][ C0] rcu: rcu_preempt kthread starved for 10506 jiffies! g39177 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1 [ 349.908136][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 349.918144][ C0] rcu: RCU grace-period kthread stack dump: [ 349.924078][ C0] task:rcu_preempt state:I stack:27040 pid:16 ppid:2 flags:0x00004000 [ 349.933327][ C0] Call Trace: [ 349.936630][ C0] [ 349.939590][ C0] __schedule+0x10e9/0x40d0 [ 349.944139][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 349.949386][ C0] ? _raw_spin_unlock+0x40/0x40 [ 349.954269][ C0] ? release_firmware_map_entry+0x18a/0x18a [ 349.960227][ C0] schedule+0xb9/0x180 [ 349.964343][ C0] schedule_timeout+0x15c/0x280 [ 349.969243][ C0] ? console_conditional_schedule+0x40/0x40 [ 349.975187][ C0] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 349.981210][ C0] ? update_process_times+0x1b0/0x1b0 [ 349.986627][ C0] ? prepare_to_swait_event+0x335/0x350 [ 349.992211][ C0] rcu_gp_fqs_loop+0x2f2/0x1310 [ 349.997103][ C0] ? rcu_gp_kthread+0x380/0x380 [ 350.001985][ C0] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 350.008086][ C0] ? rcu_gp_init+0x14b0/0x14b0 [ 350.012869][ C0] ? rcu_gp_cleanup+0xb4c/0xca0 [ 350.017789][ C0] ? _raw_spin_unlock_irq+0x1f/0x40 [ 350.023025][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 350.028266][ C0] rcu_gp_kthread+0x95/0x380 [ 350.032895][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 350.038032][ C0] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 350.043953][ C0] ? __kthread_parkme+0x162/0x1c0 [ 350.049018][ C0] kthread+0x29d/0x330 [ 350.053123][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 350.058263][ C0] ? kthread_blkcg+0xd0/0xd0 [ 350.062888][ C0] ret_from_fork+0x1f/0x30 [ 350.067350][ C0] [ 350.070390][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 350.076731][ C0] Sending NMI from CPU 0 to CPUs 1: [ 350.081958][ C1] NMI backtrace for cpu 1 [ 350.081967][ C1] CPU: 1 PID: 8793 Comm: syz.6.1458 Not tainted 6.1.144-syzkaller #0 [ 350.081985][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 350.081995][ C1] RIP: 0010:rcu_is_watching+0xc/0xa0 [ 350.082022][ C1] Code: a0 18 b3 8c 4c 89 f6 e8 e2 65 c4 02 e9 53 ff ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 57 41 56 53 65 ff 05 ac 68 97 7e 6f df ac 08 89 c3 83 f8 08 73 60 49 bf 00 00 00 00 00 fc ff df [ 350.082036][ C1] RSP: 0018:ffffc900001e0b40 EFLAGS: 00000083 [ 350.082051][ C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff8162eaa9 [ 350.082063][ C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8e1f6628 [ 350.082074][ C1] RBP: ffffc900001e0c68 R08: dffffc0000000000 R09: fffffbfff1c3ecc6 [ 350.082087][ C1] R10: fffffbfff1c3ecc6 R11: 1ffffffff1c3ecc5 R12: 0000000000000001 [ 350.082099][ C1] R13: 1ffff9200003c178 R14: 0000000000000000 R15: dffffc0000000000 [ 350.082111][ C1] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 350.082126][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 350.082138][ C1] CR2: 0000200000003c80 CR3: 00000000724ca000 CR4: 00000000003506e0 [ 350.082153][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 350.082163][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 350.082174][ C1] Call Trace: [ 350.082181][ C1] [ 350.082187][ C1] lock_acquire+0xe8/0x490 [ 350.082214][ C1] ? read_lock_is_recursive+0x10/0x10 [ 350.082237][ C1] ? __rwlock_init+0x140/0x140 [ 350.082261][ C1] ? _raw_spin_lock_irqsave+0xb0/0xf0 [ 350.082280][ C1] ? advance_sched+0x6cc/0x970 [ 350.082302][ C1] _raw_spin_lock_irq+0x9f/0xe0 [ 350.082318][ C1] ? __hrtimer_run_queues+0x63a/0xd60 [ 350.082335][ C1] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 350.082357][ C1] __hrtimer_run_queues+0x63a/0xd60 [ 350.082373][ C1] ? ktime_get_update_offsets_now+0x95/0x3e0 [ 350.082393][ C1] ? ktime_get_update_offsets_now+0x95/0x3e0 [ 350.082417][ C1] ? taprio_free_sched_cb+0x190/0x190 [ 350.082442][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 350.082464][ C1] hrtimer_interrupt+0x3c5/0x9c0 [ 350.082493][ C1] __sysvec_apic_timer_interrupt+0x153/0x5a0 [ 350.082519][ C1] sysvec_apic_timer_interrupt+0x9b/0xc0 [ 350.082546][ C1] [ 350.082551][ C1] [ 350.082556][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 350.082577][ C1] RIP: 0010:refill_stock+0x27b/0x440 [ 350.082604][ C1] Code: c8 ad ff 48 c7 44 24 60 00 00 00 00 9c 8f 44 24 60 f6 44 24 61 02 75 53 f7 c3 00 02 00 00 74 01 fb 48 c7 44 24 20 0e 36 e0 45 <48> 8b 44 24 18 4a c7 04 20 00 00 00 00 66 42 c7 44 20 09 00 00 42 [ 350.082617][ C1] RSP: 0018:ffffc90003bffc20 EFLAGS: 00000206 [ 350.082631][ C1] RAX: c22f73e62163fc00 RBX: 0000000000000a06 RCX: c22f73e62163fc00 [ 350.082643][ C1] RDX: dffffc0000000000 RSI: ffffffff8a8c0460 RDI: ffffffff8adf1c20 [ 350.082656][ C1] RBP: ffffc90003bffce8 R08: dffffc0000000000 R09: fffffbfff1c3ecc6 [ 350.082668][ C1] R10: fffffbfff1c3ecc6 R11: 1ffffffff1c3ecc5 R12: dffffc0000000000 [ 350.082681][ C1] R13: ffff88802ab75940 R14: ffff8880b8f368d0 R15: ffff8880b8f368f8 [ 350.082704][ C1] ? mem_cgroup_uncharge_skmem+0x1a0/0x1a0 [ 350.082731][ C1] ? get_mem_cgroup_from_objcg+0x19/0x150 [ 350.082757][ C1] ? get_mem_cgroup_from_objcg+0x19/0x150 [ 350.082784][ C1] ? get_mem_cgroup_from_objcg+0x13c/0x150 [ 350.082811][ C1] __memcg_kmem_uncharge_page+0xed/0x280 [ 350.082837][ C1] exit_task_stack_account+0x90/0x310 [ 350.082865][ C1] do_exit+0x19dd/0x2400 [ 350.082891][ C1] ? preempt_schedule+0xa7/0xb0 [ 350.082912][ C1] ? put_task_struct+0x80/0x80 [ 350.082944][ C1] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 350.082969][ C1] ? lock_chain_count+0x20/0x20 [ 350.082992][ C1] ? preempt_schedule_thunk+0x16/0x18 [ 350.083020][ C1] do_group_exit+0x217/0x2d0 [ 350.083046][ C1] __x64_sys_exit_group+0x3b/0x40 [ 350.083070][ C1] do_syscall_64+0x4c/0xa0 [ 350.083090][ C1] ? clear_bhb_loop+0x60/0xb0 [ 350.083110][ C1] ? clear_bhb_loop+0x60/0xb0 [ 350.083130][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 350.083150][ C1] RIP: 0033:0x7f9a1138e929 [ 350.083163][ C1] Code: Unable to access opcode bytes at 0x7f9a1138e8ff. [ 350.083171][ C1] RSP: 002b:00007ffd97d536b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 350.083188][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9a1138e929 [ 350.083199][ C1] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 [ 350.083209][ C1] RBP: 00007ffd97d5371c R08: 0000000497d537af R09: 00000000000927c0 [ 350.083221][ C1] R10: 000000000000856c R11: 0000000000000246 R12: 0000000000000086 [ 350.083231][ C1] R13: 00000000000927c0 R14: 000000000003b856 R15: 00007ffd97d53770 [ 350.083251][ C1] [ 350.547336][ C0] vkms_vblank_simulate: vblank timer overrun