last executing test programs: 21.275674303s ago: executing program 1 (id=2368): socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000200)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}}) lgetxattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=@known='system.advise\x00', 0x0, 0x0) syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r2 = getpgid(0x0) r3 = syz_pidfd_open(r2, 0x0) r4 = pidfd_getfd(r3, r3, 0x0) setns(r4, 0x66020000) umount2(&(0x7f0000000040)='.\x00', 0x2) close_range(r1, 0xffffffffffffffff, 0x0) 20.994510866s ago: executing program 1 (id=2372): writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) close(0x3) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x68, 0x0, 0x0) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000180)=0x40, 0x4) r1 = mq_open(&(0x7f0000000200)='#@\x00', 0x50f7bb45f81a15a, 0x120, 0x0) mq_notify(r1, &(0x7f0000000280)={0x0, 0x17}) mq_timedsend(r1, 0x0, 0x0, 0x240, 0x0) 20.634341238s ago: executing program 1 (id=2377): r0 = syz_io_uring_setup(0x7131, &(0x7f00000001c0)={0x0, 0x5770, 0x2, 0x3, 0x3d7}, &(0x7f0000000500), &(0x7f0000000380)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f00000000c0)="c2cc", 0x2, r0}, 0x68) 20.376395495s ago: executing program 1 (id=2382): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f00000001c0)) 20.198140274s ago: executing program 1 (id=2385): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xfffffffd, @empty}, 0x1c) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080) sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=@newqdisc={0x34, 0x24, 0xd0f, 0x70bd2c, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffe0, 0xa}, {0x1, 0xe}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x55}, 0xc010) shutdown(r0, 0x1) 19.520807458s ago: executing program 1 (id=2394): r0 = userfaultfd(0x80801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x54d}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) move_pages(0x0, 0x90249c01dd736e4b, &(0x7f0000000000)=[&(0x7f0000ffd000/0x3000)=nil], 0x0, &(0x7f0000000040), 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 4.314328655s ago: executing program 32 (id=2394): r0 = userfaultfd(0x80801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x54d}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) move_pages(0x0, 0x90249c01dd736e4b, &(0x7f0000000000)=[&(0x7f0000ffd000/0x3000)=nil], 0x0, &(0x7f0000000040), 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 2.230153461s ago: executing program 4 (id=2518): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, 0x0) ioctl$IOMMU_VFIO_SET_IOMMU(r0, 0x3b66, 0xff7) 2.189513157s ago: executing program 2 (id=2520): socket$inet6(0xa, 0x80001, 0x0) syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) socket$inet_sctp(0x2, 0x5, 0x84) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socket$inet6(0xa, 0x2, 0x0) socket$nl_sock_diag(0x10, 0x3, 0x4) socket(0x10, 0x3, 0x0) socket(0x11, 0x2, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0xc38]}, 0x8) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58) accept$alg(r0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) socket$nl_route(0x10, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108) socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x11, 0x2, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES32=r1, @ANYRES16=r1], 0x20) 2.066341561s ago: executing program 4 (id=2522): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x2840, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000340)={0x1, 0x0, [{0x395, 0x0, 0x6}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0)={{0x2000, 0x41000, 0x8, 0x6f, 0x3, 0x7f, 0x40, 0x29, 0x0, 0x2e, 0x19}, {0xd000, 0x1, 0xc, 0x0, 0x40, 0x5, 0x7d, 0x8, 0x58, 0x3, 0x3, 0xc0}, {0xdddd1000, 0x10000, 0xe, 0x9, 0x3, 0x8, 0xfe, 0x9, 0x5, 0xab, 0x5, 0x81}, {0x3000, 0x26000, 0x3, 0x5d, 0x4, 0x42, 0x9, 0xff, 0x6, 0x7, 0xe}, {0x0, 0x9000, 0x9, 0x3, 0x7, 0x7, 0xab, 0x7f, 0x9e, 0x9, 0xf7, 0x83}, {0x1000, 0x80a0000, 0x10, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x80, 0x11, 0x40}, {0xeeed4004, 0x2, 0x0, 0x5, 0x7, 0x2, 0xb, 0x0, 0x3, 0x81, 0xff, 0x70}, {0x5000, 0x1000, 0x8, 0x5, 0xf, 0x7, 0xff, 0x18, 0x2, 0x3, 0x7, 0x9}, {0x4000, 0x30}, {0x10000, 0x86}, 0x80000031, 0x0, 0x70000, 0x242101, 0xb, 0x0, 0xa000, [0x6840000000000000, 0x4, 0x5c, 0x100]}) 1.819873657s ago: executing program 2 (id=2525): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='io\x00') lseek(r0, 0x2000000000010002, 0x1) 1.726935438s ago: executing program 0 (id=2526): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c0000001000fffd29bd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="00000000223803001c0012800c0001006d6163766c616e000c0002800800", @ANYRES32=r0, @ANYBLOB='\b'], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x20040040) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0xf0ffffffffffff, 0x0, 0x8880}, 0x0) 1.642931253s ago: executing program 4 (id=2527): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) preadv(r0, 0x0, 0x0, 0x200, 0x8) 1.639768643s ago: executing program 2 (id=2528): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xd}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000001c0)={0x1000200001ee0000, 0x3}) ioctl$KVM_CREATE_VM(r2, 0xc080ae49, 0x200000000006) 1.513566345s ago: executing program 3 (id=2529): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[]) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000009c0)={0x78, 0xfffffffffffffff5, 0x7, {0xc2d, 0x0, 0x0, {0x3, 0xffffffffffffffff, 0xffffffff, 0x7fff, 0x300, 0xd5, 0x0, 0x8, 0x8, 0xc000, 0x2, 0x0, 0x0, 0xfffffbff, 0x69}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(0x0, 0x0) 1.51339568s ago: executing program 0 (id=2530): fcntl$lock(0xffffffffffffffff, 0x6, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xd, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8994, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth0_to_team\x00'}) 1.429970401s ago: executing program 4 (id=2531): r0 = socket(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x13, @local, 0x2}, 0x1c) listen(r0, 0x7f) r1 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000002bc0)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528) syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3c}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0xf76f}}}}}}}, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) 1.250473276s ago: executing program 3 (id=2532): openat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x40, 0x80) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x9, {0x6bb3, 0x0, 0x0, {0x5, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80000000, 0x5, 0x200000, 0x8000, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_DIRENT(0xffffffffffffffff, 0x0, 0xd0) umount2(&(0x7f00000001c0)='./file0\x00', 0x1) 1.250299845s ago: executing program 2 (id=2533): munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) get_mempolicy(0x0, 0x0, 0x9, &(0x7f0000005000/0x1000)=nil, 0x2) 1.017015196s ago: executing program 2 (id=2534): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/current\x00') writev(r0, &(0x7f0000000340)=[{&(0x7f0000003080)=';', 0x1}], 0x1) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, 0x0) 990.167407ms ago: executing program 3 (id=2535): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[], 0x28}}, 0x0) 918.247227ms ago: executing program 0 (id=2536): r0 = fsopen(&(0x7f0000000140)='erofs\x00', 0x1) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 801.727681ms ago: executing program 3 (id=2537): r0 = add_key$keyring(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$assume_authority(0x10, r0) 755.895592ms ago: executing program 0 (id=2538): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}}, &(0x7f00000000c0)='GPL\x00', 0x1, 0x8, &(0x7f0000000040)=""/8, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100002}, 0x94) 755.582724ms ago: executing program 2 (id=2539): bind$alg(0xffffffffffffffff, 0x0, 0x0) socket(0x2, 0x80805, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000540)={'\x00', 0x0, 0x7, 0x2, 0x3, 0x9}) madvise(&(0x7f00006d3000/0x4000)=nil, 0x4000, 0x66) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) 535.029679ms ago: executing program 3 (id=2540): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r0 = io_uring_setup(0x56ab, &(0x7f0000000040)={0x0, 0x36d, 0xc000, 0x10, 0xa0002f5}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0xfffffffffffffda2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) pwritev(0xffffffffffffffff, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x3) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 534.796553ms ago: executing program 0 (id=2541): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000500)={'veth1\x00', &(0x7f0000000200)=@ethtool_per_queue_op={0x4b, 0xf, [0x1, 0x1, 0x107fff, 0x10, 0x4, 0x9, 0xa4, 0xffb, 0x7, 0xb6b, 0x800c1, 0x4, 0x1, 0x1, 0x7, 0xff, 0x1000, 0xc, 0xf, 0x3, 0x80000001, 0xfffffffa, 0x0, 0x1, 0x9, 0x4, 0x7, 0x5, 0x100000, 0x762, 0x3, 0x63c, 0xe, 0x6, 0x100, 0x6, 0x1bfe, 0xb, 0x7, 0x40, 0x8, 0x8000100, 0x3, 0x0, 0x11000, 0x4, 0x5, 0x79b, 0x5, 0x1, 0x7f, 0x4, 0xa, 0x7, 0xf, 0x101, 0xa, 0x1fa0860a, 0x81, 0xa9, 0x81, 0x2, 0x180000, 0x4003, 0x28b, 0x5, 0x2af, 0x3, 0x85, 0x2, 0x1, 0xb, 0x4, 0x7, 0x4009, 0x0, 0x9, 0x100002, 0x8, 0x0, 0x0, 0x3, 0x0, 0x10000, 0x3f6, 0xffffffff, 0x6, 0x6, 0x9, 0x80000000, 0xfdffffff, 0x2, 0xfffffffe, 0x84, 0x100, 0x0, 0x252, 0x3, 0xb, 0x2, 0x20006, 0xc50, 0x2, 0xb, 0x10000002, 0xd9a, 0xc8, 0x2a2, 0xfffffffd, 0x3, 0x2, 0x1, 0x8, 0x0, 0x4, 0x6, 0x0, 0x0, 0x1, 0x4, 0x401, 0x66cd, 0x8, 0x8, 0x5, 0x1fc, 0x1ff, 0xffffffff]}}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006c0015000000d9fece23b82004000000", @ANYRES32=r0, @ANYBLOB="000080000000000018003480050035"], 0x38}, 0x1, 0x300}, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmmsg$alg(r1, &(0x7f0000000140), 0x4924b68, 0x0) 392.54688ms ago: executing program 4 (id=2542): epoll_create1(0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x20846, 0x2) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) pwritev(r0, &(0x7f0000000700)=[{&(0x7f0000000280)="b3", 0x1}], 0x1, 0x5, 0x10) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x4], 0x0, 0x0, 0x1, 0x1}}, 0x40) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0) 229.240631ms ago: executing program 0 (id=2543): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x3, &(0x7f0000007000/0x1000)=nil) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 137.943804ms ago: executing program 3 (id=2544): r0 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x42242, 0x73) openat$cgroup_devices(r0, 0x0, 0x2, 0x0) pwritev(r0, &(0x7f0000000400)=[{&(0x7f0000000040)='9', 0x1}, {0x0}], 0x2, 0xffffff01, 0xa) 0s ago: executing program 4 (id=2545): r0 = fsopen(&(0x7f0000000940)='ramfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x6) fchdir(r1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x101042, 0x0) pwrite64(r2, &(0x7f00000000c0)='/', 0x1, 0x2f70000) madvise(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x64) openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x103a42, 0x32) kernel console output (not intermixed with test programs): [ 1075.969262][ T5826] f2fs_write_checkpoint+0xeb8/0x26a0 [ 1075.969324][ T5826] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1075.969418][ T5826] kill_f2fs_super+0x314/0x720 [ 1075.969454][ T5826] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1075.969495][ T5826] ? lockdep_hardirqs_on+0x7a/0x110 [ 1075.969532][ T5826] deactivate_locked_super+0xbc/0x130 [ 1075.969562][ T5826] cleanup_mnt+0x437/0x4d0 [ 1075.969579][ T5826] ? _raw_spin_unlock_irq+0x23/0x50 [ 1075.969603][ T5826] task_work_run+0x1d9/0x270 [ 1075.969633][ T5826] ? __pfx_task_work_run+0x10/0x10 [ 1075.969669][ T5826] exit_to_user_mode_loop+0xed/0x480 [ 1075.969694][ T5826] ? rcu_is_watching+0x15/0xb0 [ 1075.969719][ T5826] do_syscall_64+0x32d/0xf80 [ 1075.969743][ T5826] ? trace_irq_disable+0x3b/0x150 [ 1075.969766][ T5826] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1075.969786][ T5826] ? clear_bhb_loop+0x40/0x90 [ 1075.969810][ T5826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1075.969829][ T5826] RIP: 0033:0x7f14d499d9d7 [ 1075.969847][ T5826] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1075.969861][ T5826] RSP: 002b:00007ffd5d9ae6c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1075.969882][ T5826] RAX: 0000000000000000 RBX: 00007f14d4a32050 RCX: 00007f14d499d9d7 [ 1075.969895][ T5826] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5d9ae780 [ 1075.969907][ T5826] RBP: 00007ffd5d9ae780 R08: 00007ffd5d9af780 R09: 00000000ffffffff [ 1075.969921][ T5826] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd5d9af810 [ 1075.969934][ T5826] R13: 00007f14d4a32050 R14: 0000000000106a6a R15: 00007ffd5d9af850 [ 1075.969968][ T5826] [ 1075.970001][ T5826] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 1077.013431][ T1549] usb 4-1: USB disconnect, device number 85 [ 1077.235404][T13876] loop4: detected capacity change from 0 to 40427 [ 1077.243888][T13876] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1077.251702][T13876] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1077.264318][T13876] F2FS-fs (loop4): invalid crc value [ 1077.339666][T13876] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1077.374691][T13876] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1077.382010][T13876] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1078.115439][ T29] audit: type=1800 audit(1773595389.982:89): pid=13884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2034" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 1078.243185][ T42] usb 4-1: new high-speed USB device number 86 using dummy_hcd [ 1078.419353][ T42] usb 4-1: Using ep0 maxpacket: 32 [ 1078.442257][ T42] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 1078.489320][ T42] usb 4-1: config 0 has no interface number 0 [ 1078.516820][ T42] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 1078.552903][ T42] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1078.582473][ T42] usb 4-1: Product: syz [ 1078.597121][ T42] usb 4-1: Manufacturer: syz [ 1078.606601][ T42] usb 4-1: SerialNumber: syz [ 1079.002915][ T42] usb 4-1: config 0 descriptor?? [ 1079.423053][ T42] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 1079.470942][ T42] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 1079.671116][T13893] loop2: detected capacity change from 0 to 4096 [ 1079.707398][ T42] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32 [ 1079.753826][ T42] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -32 [ 1080.835551][ T5984] usb 4-1: USB disconnect, device number 86 [ 1082.465994][T13919] loop3: detected capacity change from 0 to 2048 [ 1082.701560][T13919] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 1082.709501][T13919] UDF-fs: Scanning with blocksize 512 failed [ 1082.846824][T13919] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1082.877882][T13921] loop1: detected capacity change from 0 to 40427 [ 1082.888567][T13921] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 1082.896412][T13921] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1082.906102][T13921] F2FS-fs (loop1): invalid crc value [ 1082.918810][ T5920] usb 1-1: new high-speed USB device number 89 using dummy_hcd [ 1082.936261][ T29] audit: type=1800 audit(1773595395.312:90): pid=13919 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2046" name="file2" dev="loop3" ino=839 res=0 errno=0 [ 1083.010162][T13921] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1083.026663][T13921] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1083.033931][T13921] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1083.158731][ T5920] usb 1-1: Using ep0 maxpacket: 8 [ 1083.167133][ T5920] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1083.178709][ T5920] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 1083.194267][ T5920] usb 1-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 1083.706031][ T29] audit: type=1800 audit(1773595395.632:91): pid=13930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2048" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 1083.803051][ T5920] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239 [ 1083.811344][ T5920] usb 1-1: Product: syz [ 1083.820709][ T5920] usb 1-1: Manufacturer: syz [ 1083.827393][ T5920] usb 1-1: SerialNumber: syz [ 1083.837467][ T5920] usb 1-1: config 0 descriptor?? [ 1083.858736][ T5984] usb 5-1: new high-speed USB device number 75 using dummy_hcd [ 1083.904833][T13929] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2046'. [ 1083.987609][ T29] audit: type=1800 audit(1773595396.362:92): pid=13931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2046" name="bus" dev="loop3" ino=817 res=0 errno=0 [ 1084.059637][ T5984] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 1084.088157][ T5984] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 1084.133652][ T5984] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1084.220482][ T5984] usb 5-1: config 220 has no interface number 2 [ 1084.245778][ T5984] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1084.652752][ T5984] usb 5-1: config 220 interface 0 has no altsetting 0 [ 1084.677120][ T5984] usb 5-1: config 220 interface 76 has no altsetting 0 [ 1084.700664][ T5984] usb 5-1: config 220 interface 1 has no altsetting 0 [ 1084.744207][ T5984] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1084.780816][ T5984] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1084.817011][ T5984] usb 5-1: Product: syz [ 1084.842380][ T5984] usb 5-1: Manufacturer: syz [ 1084.862239][ T5984] usb 5-1: SerialNumber: syz [ 1085.119196][ T5984] usb 5-1: selecting invalid altsetting 0 [ 1085.180012][ T5984] uvcvideo 5-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 1085.217539][ T5984] uvcvideo 5-1:220.0: No valid video chain found. [ 1085.285231][ T5984] usb 5-1: selecting invalid altsetting 0 [ 1085.315466][ T5984] usbtest 5-1:220.1: probe with driver usbtest failed with error -22 [ 1085.347040][ T5984] usb 5-1: USB disconnect, device number 75 [ 1085.499486][ T5957] usb 1-1: USB disconnect, device number 89 [ 1086.086449][T13948] loop3: detected capacity change from 0 to 4096 [ 1086.269454][ T5920] usb 5-1: new high-speed USB device number 76 using dummy_hcd [ 1086.340479][ T5984] usb 3-1: new high-speed USB device number 72 using dummy_hcd [ 1086.463675][ T5920] usb 5-1: Using ep0 maxpacket: 32 [ 1086.492774][ T5920] usb 5-1: config 0 has an invalid interface number: 67 but max is 0 [ 1086.510426][ T5920] usb 5-1: config 0 has no interface number 0 [ 1086.531603][ T5920] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 1086.544778][ T5984] usb 3-1: config 220 has an invalid interface number: 76 but max is 2 [ 1086.565063][ T5920] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1086.575226][ T5984] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1086.602170][ T5920] usb 5-1: Product: syz [ 1086.612315][ T5984] usb 3-1: config 220 has no interface number 2 [ 1086.619017][ T5920] usb 5-1: Manufacturer: syz [ 1086.630218][ T5920] usb 5-1: SerialNumber: syz [ 1086.637083][ T5984] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1086.666261][ T5920] usb 5-1: config 0 descriptor?? [ 1086.684098][ T5984] usb 3-1: config 220 interface 0 has no altsetting 0 [ 1086.691217][ T5984] usb 3-1: config 220 interface 76 has no altsetting 0 [ 1086.698146][ T5984] usb 3-1: config 220 interface 1 has no altsetting 0 [ 1086.713210][ T5984] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1086.745270][ T5984] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1086.775718][ T5984] usb 3-1: Product: syz [ 1086.795586][ T5984] usb 3-1: Manufacturer: syz [ 1086.806429][ T5984] usb 3-1: SerialNumber: syz [ 1087.774515][ T5920] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 1088.058759][ T5920] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 1088.069066][ T5984] usb 3-1: selecting invalid altsetting 0 [ 1088.092586][ T5984] uvcvideo 3-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 1088.100120][ T5984] uvcvideo 3-1:220.0: No valid video chain found. [ 1088.304166][ T5920] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32 [ 1088.483530][T13963] loop0: detected capacity change from 0 to 40427 [ 1088.490972][T13963] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 1088.498836][T13963] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 1088.509938][ T5920] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -32 [ 1088.526224][T13963] F2FS-fs (loop0): invalid crc value [ 1088.574686][ T5984] usb 3-1: selecting invalid altsetting 0 [ 1088.590485][ T5984] usbtest 3-1:220.1: probe with driver usbtest failed with error -22 [ 1088.651409][T13963] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1088.666121][T13963] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 1088.673528][T13963] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1088.789075][ T5984] usb 3-1: USB disconnect, device number 72 [ 1089.548140][ T29] audit: type=1800 audit(1773595401.272:93): pid=13975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2059" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 1090.370655][ T5984] usb 5-1: USB disconnect, device number 76 [ 1092.845424][T13989] loop3: detected capacity change from 0 to 40427 [ 1092.862852][T13989] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1092.870683][T13989] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1092.881977][T13989] F2FS-fs (loop3): invalid crc value [ 1093.018753][ T42] usb 2-1: new high-speed USB device number 66 using dummy_hcd [ 1093.034417][T13989] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1093.057579][T13989] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1093.064723][T13989] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1093.216198][ T42] usb 2-1: Using ep0 maxpacket: 8 [ 1093.337673][ T42] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 1093.425976][ T42] usb 2-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 1093.448716][ T42] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239 [ 1093.528753][ T5957] usb 5-1: new high-speed USB device number 77 using dummy_hcd [ 1093.586465][T14003] loop0: detected capacity change from 0 to 40427 [ 1093.601907][T14003] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 1093.609707][T14003] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 1093.618965][T14003] F2FS-fs (loop0): invalid crc value [ 1093.640129][ T42] usb 2-1: Product: syz [ 1093.680023][T14003] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1093.693625][T14003] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 1093.700329][ T42] usb 2-1: Manufacturer: syz [ 1093.702471][T14003] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1094.192867][ T29] audit: type=1800 audit(1773595406.092:94): pid=14009 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2063" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 1094.230805][ T42] usb 2-1: SerialNumber: syz [ 1094.262909][ T42] usb 2-1: config 0 descriptor?? [ 1094.288269][ T29] audit: type=1800 audit(1773595406.202:95): pid=14003 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2071" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 1094.316420][ T5957] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 1094.330242][ T5957] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 1094.358734][ T5957] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1094.408997][ T5957] usb 5-1: config 220 has no interface number 2 [ 1094.445849][ T5957] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1094.496188][ T5957] usb 5-1: config 220 interface 0 has no altsetting 0 [ 1094.524430][ T5957] usb 5-1: config 220 interface 76 has no altsetting 0 [ 1094.555965][ T5957] usb 5-1: config 220 interface 1 has no altsetting 0 [ 1094.583692][ T5957] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1094.605174][ T5957] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1094.632965][ T5957] usb 5-1: Product: syz [ 1094.651399][ T5957] usb 5-1: Manufacturer: syz [ 1094.665652][ T5957] usb 5-1: SerialNumber: syz [ 1094.917611][ T5957] usb 5-1: selecting invalid altsetting 0 [ 1094.961184][ T5957] uvcvideo 5-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 1094.989128][ T5957] uvcvideo 5-1:220.0: No valid video chain found. [ 1095.040999][ T5957] usb 5-1: selecting invalid altsetting 0 [ 1095.064402][ T5957] usbtest 5-1:220.1: probe with driver usbtest failed with error -22 [ 1095.106152][ T5957] usb 5-1: USB disconnect, device number 77 [ 1096.206757][ T29] audit: type=1800 audit(1773595408.442:96): pid=14011 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2063" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 1096.453444][ T5957] usb 2-1: USB disconnect, device number 66 [ 1097.212812][T14027] loop2: detected capacity change from 0 to 4096 [ 1097.360508][T14031] loop0: detected capacity change from 0 to 40427 [ 1097.375650][T14031] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 1097.386621][T14031] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 1097.400218][T14031] F2FS-fs (loop0): invalid crc value [ 1097.461345][T14031] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1097.477380][T14031] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 1097.484516][T14031] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1097.608097][ T5957] usb 2-1: new high-speed USB device number 67 using dummy_hcd [ 1098.648712][ T29] audit: type=1800 audit(1773595410.142:97): pid=14037 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2074" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 1098.688695][ T5957] usb 2-1: Using ep0 maxpacket: 32 [ 1098.916630][ T5957] usb 2-1: config 0 has an invalid interface number: 67 but max is 0 [ 1098.938796][ T5957] usb 2-1: config 0 has no interface number 0 [ 1098.955411][ T5957] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 1099.143850][ T5957] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1099.168989][ T5957] usb 2-1: Product: syz [ 1099.170113][ T5826] syz-executor: attempt to access beyond end of device [ 1099.170113][ T5826] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 1099.173190][ T5957] usb 2-1: Manufacturer: syz [ 1099.173209][ T5957] usb 2-1: SerialNumber: syz [ 1099.176541][ T5957] usb 2-1: config 0 descriptor?? [ 1099.267084][ T5826] CPU: 0 UID: 0 PID: 5826 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1099.267113][ T5826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1099.267126][ T5826] Call Trace: [ 1099.267134][ T5826] [ 1099.267144][ T5826] dump_stack_lvl+0xe8/0x150 [ 1099.267181][ T5826] f2fs_handle_critical_error+0x37c/0x540 [ 1099.267215][ T5826] f2fs_write_end_io+0x1274/0x1740 [ 1099.267270][ T5826] __submit_merged_bio+0x256/0x700 [ 1099.267304][ T5826] f2fs_submit_merged_write+0x284/0x390 [ 1099.267337][ T5826] ? __pfx_f2fs_submit_merged_write+0x10/0x10 [ 1099.267381][ T5826] f2fs_sync_node_pages+0x14bf/0x1680 [ 1099.267429][ T5826] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 1099.267505][ T5826] f2fs_write_checkpoint+0xeb8/0x26a0 [ 1099.267578][ T5826] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1099.267667][ T5826] kill_f2fs_super+0x314/0x720 [ 1099.267703][ T5826] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1099.267745][ T5826] ? lockdep_hardirqs_on+0x7a/0x110 [ 1099.267783][ T5826] deactivate_locked_super+0xbc/0x130 [ 1099.267814][ T5826] cleanup_mnt+0x437/0x4d0 [ 1099.267833][ T5826] ? _raw_spin_unlock_irq+0x23/0x50 [ 1099.267857][ T5826] task_work_run+0x1d9/0x270 [ 1099.267885][ T5826] ? __pfx_task_work_run+0x10/0x10 [ 1099.267921][ T5826] exit_to_user_mode_loop+0xed/0x480 [ 1099.267948][ T5826] ? rcu_is_watching+0x15/0xb0 [ 1099.267972][ T5826] do_syscall_64+0x32d/0xf80 [ 1099.267993][ T5826] ? trace_irq_disable+0x3b/0x150 [ 1099.268015][ T5826] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1099.268051][ T5826] ? clear_bhb_loop+0x40/0x90 [ 1099.268076][ T5826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1099.268095][ T5826] RIP: 0033:0x7f14d499d9d7 [ 1099.268114][ T5826] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1099.268131][ T5826] RSP: 002b:00007ffd5d9ae6c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1099.268152][ T5826] RAX: 0000000000000000 RBX: 00007f14d4a32050 RCX: 00007f14d499d9d7 [ 1099.268166][ T5826] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5d9ae780 [ 1099.268179][ T5826] RBP: 00007ffd5d9ae780 R08: 00007ffd5d9af780 R09: 00000000ffffffff [ 1099.268193][ T5826] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd5d9af810 [ 1099.268205][ T5826] R13: 00007f14d4a32050 R14: 000000000010c4a3 R15: 00007ffd5d9af850 [ 1099.268240][ T5826] [ 1099.268250][ T5826] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 1100.042468][ T5957] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 1100.156992][ T5957] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 1100.531754][ T5957] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61 [ 1100.587307][T14046] loop4: detected capacity change from 0 to 40427 [ 1100.622946][T14046] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1100.630949][T14046] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1100.651702][T14046] F2FS-fs (loop4): invalid crc value [ 1100.683225][ T5957] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -61 [ 1100.735996][T14046] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1100.756927][T14046] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1100.765545][T14046] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1100.878565][ T29] audit: type=1800 audit(1773595413.252:98): pid=14046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2078" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 1101.362769][ T6051] kworker/u8:12: attempt to access beyond end of device [ 1101.362769][ T6051] loop3: rw=1, sector=77824, nr_sectors = 3208 limit=40427 [ 1101.425303][ T5957] usb 2-1: USB disconnect, device number 67 [ 1101.761560][T14054] loop2: detected capacity change from 0 to 40427 [ 1101.781195][T14054] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1101.790086][T14054] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1101.799756][T14054] F2FS-fs (loop2): invalid crc value [ 1101.840087][T14054] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1101.850512][T14054] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1101.857564][T14054] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1103.038695][ T29] audit: type=1800 audit(1773595414.522:99): pid=14062 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2081" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 1103.445606][ T5830] syz-executor: attempt to access beyond end of device [ 1103.445606][ T5830] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 1103.478897][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1103.478925][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1103.478956][ T5830] Call Trace: [ 1103.478964][ T5830] [ 1103.478973][ T5830] dump_stack_lvl+0xe8/0x150 [ 1103.479010][ T5830] f2fs_handle_critical_error+0x37c/0x540 [ 1103.479046][ T5830] f2fs_write_end_io+0x1274/0x1740 [ 1103.479100][ T5830] __submit_merged_bio+0x256/0x700 [ 1103.479133][ T5830] f2fs_submit_merged_write+0x284/0x390 [ 1103.479173][ T5830] ? __pfx_f2fs_submit_merged_write+0x10/0x10 [ 1103.479218][ T5830] f2fs_sync_node_pages+0x14bf/0x1680 [ 1103.479264][ T5830] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 1103.479338][ T5830] f2fs_write_checkpoint+0xeb8/0x26a0 [ 1103.479407][ T5830] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1103.479500][ T5830] kill_f2fs_super+0x314/0x720 [ 1103.479535][ T5830] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1103.479578][ T5830] ? lockdep_hardirqs_on+0x7a/0x110 [ 1103.479624][ T5830] deactivate_locked_super+0xbc/0x130 [ 1103.479656][ T5830] cleanup_mnt+0x437/0x4d0 [ 1103.479676][ T5830] ? _raw_spin_unlock_irq+0x23/0x50 [ 1103.479701][ T5830] task_work_run+0x1d9/0x270 [ 1103.479732][ T5830] ? __pfx_task_work_run+0x10/0x10 [ 1103.479770][ T5830] exit_to_user_mode_loop+0xed/0x480 [ 1103.479797][ T5830] ? rcu_is_watching+0x15/0xb0 [ 1103.479824][ T5830] do_syscall_64+0x32d/0xf80 [ 1103.479845][ T5830] ? trace_irq_disable+0x3b/0x150 [ 1103.479869][ T5830] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1103.479889][ T5830] ? clear_bhb_loop+0x40/0x90 [ 1103.479915][ T5830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1103.479934][ T5830] RIP: 0033:0x7f994379d9d7 [ 1103.479953][ T5830] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1103.479969][ T5830] RSP: 002b:00007fffc07b6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1103.479990][ T5830] RAX: 0000000000000000 RBX: 00007f9943832050 RCX: 00007f994379d9d7 [ 1103.480004][ T5830] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffc07b6db0 [ 1103.480016][ T5830] RBP: 00007fffc07b6db0 R08: 00007fffc07b7db0 R09: 00000000ffffffff [ 1103.480030][ T5830] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffc07b7e40 [ 1103.480043][ T5830] R13: 00007f9943832050 R14: 000000000010d5ea R15: 00007fffc07b7e80 [ 1103.480078][ T5830] [ 1103.480087][ T5830] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 1104.199485][ T9] usb 2-1: new high-speed USB device number 68 using dummy_hcd [ 1104.555169][T14066] loop3: detected capacity change from 0 to 40427 [ 1104.562720][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 1104.567807][T14066] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1104.575587][T14066] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1104.590372][T14066] F2FS-fs (loop3): invalid crc value [ 1104.644689][T14066] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1104.659464][ T9] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 1104.668493][T14066] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1104.675878][T14066] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1104.686047][ T9] usb 2-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 1104.809539][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239 [ 1104.817978][ T9] usb 2-1: Product: syz [ 1104.822502][ T9] usb 2-1: Manufacturer: syz [ 1104.827198][ T9] usb 2-1: SerialNumber: syz [ 1104.832857][ T29] audit: type=1800 audit(1773595417.222:100): pid=14066 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2089" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 1105.230060][ T9] usb 2-1: config 0 descriptor?? [ 1106.417812][T14077] loop0: detected capacity change from 0 to 40427 [ 1106.430693][T14077] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 1106.438455][T14077] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 1106.461204][T14077] F2FS-fs (loop0): invalid crc value [ 1106.555340][T14077] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1106.567193][T14077] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 1106.575474][T14077] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1107.760629][ T29] audit: type=1800 audit(1773595419.222:101): pid=14084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2085" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 1108.188435][ T5826] syz-executor: attempt to access beyond end of device [ 1108.188435][ T5826] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 1108.228805][ T5826] CPU: 0 UID: 0 PID: 5826 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1108.228841][ T5826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1108.228854][ T5826] Call Trace: [ 1108.228863][ T5826] [ 1108.228871][ T5826] dump_stack_lvl+0xe8/0x150 [ 1108.228906][ T5826] f2fs_handle_critical_error+0x37c/0x540 [ 1108.228940][ T5826] f2fs_write_end_io+0x1274/0x1740 [ 1108.228991][ T5826] __submit_merged_bio+0x256/0x700 [ 1108.229023][ T5826] f2fs_submit_merged_write+0x284/0x390 [ 1108.229052][ T5826] ? __pfx_f2fs_submit_merged_write+0x10/0x10 [ 1108.229096][ T5826] f2fs_sync_node_pages+0x14bf/0x1680 [ 1108.229140][ T5826] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 1108.229209][ T5826] f2fs_write_checkpoint+0xeb8/0x26a0 [ 1108.229274][ T5826] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1108.229359][ T5826] kill_f2fs_super+0x314/0x720 [ 1108.229395][ T5826] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1108.229438][ T5826] ? lockdep_hardirqs_on+0x7a/0x110 [ 1108.229476][ T5826] deactivate_locked_super+0xbc/0x130 [ 1108.229507][ T5826] cleanup_mnt+0x437/0x4d0 [ 1108.229525][ T5826] ? _raw_spin_unlock_irq+0x23/0x50 [ 1108.229550][ T5826] task_work_run+0x1d9/0x270 [ 1108.229578][ T5826] ? __pfx_task_work_run+0x10/0x10 [ 1108.229614][ T5826] exit_to_user_mode_loop+0xed/0x480 [ 1108.229640][ T5826] ? rcu_is_watching+0x15/0xb0 [ 1108.229665][ T5826] do_syscall_64+0x32d/0xf80 [ 1108.229687][ T5826] ? trace_irq_disable+0x3b/0x150 [ 1108.229710][ T5826] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1108.229730][ T5826] ? clear_bhb_loop+0x40/0x90 [ 1108.229753][ T5826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1108.229772][ T5826] RIP: 0033:0x7f14d499d9d7 [ 1108.229792][ T5826] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1108.229808][ T5826] RSP: 002b:00007ffd5d9ae6c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1108.229835][ T5826] RAX: 0000000000000000 RBX: 00007f14d4a32050 RCX: 00007f14d499d9d7 [ 1108.229848][ T5826] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5d9ae780 [ 1108.229860][ T5826] RBP: 00007ffd5d9ae780 R08: 00007ffd5d9af780 R09: 00000000ffffffff [ 1108.229873][ T5826] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd5d9af810 [ 1108.229886][ T5826] R13: 00007f14d4a32050 R14: 000000000010e855 R15: 00007ffd5d9af850 [ 1108.229919][ T5826] [ 1108.229927][ T5826] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 1108.526268][ T5957] usb 2-1: USB disconnect, device number 68 [ 1110.443845][ T5957] usb 3-1: new high-speed USB device number 73 using dummy_hcd [ 1110.614358][ T5957] usb 3-1: config 220 has an invalid interface number: 76 but max is 2 [ 1110.639701][ T5957] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 1110.667718][ T5957] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1110.698767][ T5957] usb 3-1: config 220 has no interface number 2 [ 1110.714453][ T5957] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1110.759306][ T5957] usb 3-1: config 220 interface 0 has no altsetting 0 [ 1110.770254][ T5957] usb 3-1: config 220 interface 76 has no altsetting 0 [ 1110.798391][ T5957] usb 3-1: config 220 interface 1 has no altsetting 0 [ 1110.821025][ T5957] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1110.836773][ T5957] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1110.859234][ T5957] usb 3-1: Product: syz [ 1110.874940][ T5957] usb 3-1: Manufacturer: syz [ 1110.890024][ T5957] usb 3-1: SerialNumber: syz [ 1111.459543][ T5957] usb 3-1: selecting invalid altsetting 0 [ 1111.483319][ T5957] uvcvideo 3-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 1111.492421][ T5957] uvcvideo 3-1:220.0: No valid video chain found. [ 1111.499396][ T5920] usb 2-1: new high-speed USB device number 69 using dummy_hcd [ 1111.519662][T14106] loop3: detected capacity change from 0 to 2048 [ 1111.688529][T14108] loop4: detected capacity change from 0 to 40427 [ 1111.705356][ T5920] usb 2-1: Using ep0 maxpacket: 32 [ 1111.710940][ T5957] usb 3-1: selecting invalid altsetting 0 [ 1111.716905][ T5957] usbtest 3-1:220.1: probe with driver usbtest failed with error -22 [ 1111.725536][T14108] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1111.733903][T14108] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1111.743397][T14108] F2FS-fs (loop4): invalid crc value [ 1111.753837][ T5957] usb 3-1: USB disconnect, device number 73 [ 1111.792560][T14108] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1111.806615][T14108] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1111.813780][T14108] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1111.979671][ T5920] usb 2-1: config 0 has an invalid interface number: 67 but max is 0 [ 1112.998276][ T29] audit: type=1800 audit(1773595424.452:102): pid=14114 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2090" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 1113.214566][ T5920] usb 2-1: config 0 has no interface number 0 [ 1113.229268][T14106] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 1113.272898][T14106] UDF-fs: Scanning with blocksize 512 failed [ 1113.282536][ T5920] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 1113.386380][ T5920] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1113.398139][ T5920] usb 2-1: Product: syz [ 1113.403302][ T5920] usb 2-1: Manufacturer: syz [ 1113.408297][ T5920] usb 2-1: SerialNumber: syz [ 1113.418466][ T5920] usb 2-1: config 0 descriptor?? [ 1113.441767][T14106] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1113.452677][ T5828] syz-executor: attempt to access beyond end of device [ 1113.452677][ T5828] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 1113.489953][ T29] audit: type=1800 audit(1773595425.862:103): pid=14106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2092" name="file2" dev="loop3" ino=839 res=0 errno=0 [ 1113.522384][ T5828] CPU: 0 UID: 0 PID: 5828 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1113.522412][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1113.522427][ T5828] Call Trace: [ 1113.522434][ T5828] [ 1113.522442][ T5828] dump_stack_lvl+0xe8/0x150 [ 1113.522474][ T5828] f2fs_handle_critical_error+0x37c/0x540 [ 1113.522502][ T5828] f2fs_write_end_io+0x1274/0x1740 [ 1113.522549][ T5828] __submit_merged_bio+0x256/0x700 [ 1113.522581][ T5828] f2fs_submit_merged_write+0x284/0x390 [ 1113.522611][ T5828] ? __pfx_f2fs_submit_merged_write+0x10/0x10 [ 1113.522652][ T5828] f2fs_sync_node_pages+0x14bf/0x1680 [ 1113.522705][ T5828] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 1113.522774][ T5828] f2fs_write_checkpoint+0xeb8/0x26a0 [ 1113.522844][ T5828] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1113.522927][ T5828] kill_f2fs_super+0x314/0x720 [ 1113.522962][ T5828] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1113.523004][ T5828] ? lockdep_hardirqs_on+0x7a/0x110 [ 1113.523041][ T5828] deactivate_locked_super+0xbc/0x130 [ 1113.523072][ T5828] cleanup_mnt+0x437/0x4d0 [ 1113.523091][ T5828] ? _raw_spin_unlock_irq+0x23/0x50 [ 1113.523116][ T5828] task_work_run+0x1d9/0x270 [ 1113.523145][ T5828] ? __pfx_task_work_run+0x10/0x10 [ 1113.523189][ T5828] exit_to_user_mode_loop+0xed/0x480 [ 1113.523216][ T5828] ? rcu_is_watching+0x15/0xb0 [ 1113.523240][ T5828] do_syscall_64+0x32d/0xf80 [ 1113.523262][ T5828] ? trace_irq_disable+0x3b/0x150 [ 1113.523285][ T5828] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1113.523305][ T5828] ? clear_bhb_loop+0x40/0x90 [ 1113.523329][ T5828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1113.523348][ T5828] RIP: 0033:0x7f22ab99d9d7 [ 1113.523367][ T5828] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1113.523383][ T5828] RSP: 002b:00007ffee7d88878 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1113.523404][ T5828] RAX: 0000000000000000 RBX: 00007f22aba32050 RCX: 00007f22ab99d9d7 [ 1113.523417][ T5828] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffee7d88930 [ 1113.523429][ T5828] RBP: 00007ffee7d88930 R08: 00007ffee7d89930 R09: 00000000ffffffff [ 1113.523442][ T5828] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffee7d899c0 [ 1113.523454][ T5828] R13: 00007f22aba32050 R14: 000000000010fcdf R15: 00007ffee7d89a00 [ 1113.523487][ T5828] [ 1113.524488][ T5828] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 1114.139395][ T5920] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 1114.159812][ T5920] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 1114.175170][T14122] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2092'. [ 1114.282594][ T29] audit: type=1800 audit(1773595426.662:104): pid=14118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2092" name="bus" dev="loop3" ino=817 res=0 errno=0 [ 1114.451113][ T5920] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61 [ 1114.789790][ T5920] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -61 [ 1115.275007][T14129] loop2: detected capacity change from 0 to 40427 [ 1115.297803][T14129] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1115.306016][T14129] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1115.318204][T14129] F2FS-fs (loop2): invalid crc value [ 1115.375072][T14129] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1115.394159][T14129] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1115.401364][T14129] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1115.466458][ T29] audit: type=1800 audit(1773595427.842:105): pid=14137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2096" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 1115.578721][ T5893] usb 4-1: new high-speed USB device number 87 using dummy_hcd [ 1115.881862][ T1307] ieee802154 phy0 wpan0: encryption failed: -22 [ 1115.893666][ T1307] ieee802154 phy1 wpan1: encryption failed: -22 [ 1115.973694][ T5893] usb 4-1: Using ep0 maxpacket: 8 [ 1116.003600][ T5920] usb 2-1: USB disconnect, device number 69 [ 1116.015481][ T5893] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 1116.065540][ T5893] usb 4-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 1116.105093][ T5893] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239 [ 1116.158325][ T5893] usb 4-1: Product: syz [ 1116.178767][ T5893] usb 4-1: Manufacturer: syz [ 1116.204456][ T5893] usb 4-1: SerialNumber: syz [ 1116.241236][ T5893] usb 4-1: config 0 descriptor?? [ 1117.334305][T14142] loop1: detected capacity change from 0 to 1024 [ 1117.628056][T14144] loop0: detected capacity change from 0 to 4096 [ 1119.451648][ T5893] usb 4-1: USB disconnect, device number 87 [ 1122.933960][T14173] loop1: detected capacity change from 0 to 4096 [ 1123.096179][T14177] loop0: detected capacity change from 0 to 40427 [ 1123.123600][T14177] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 1123.131415][T14177] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 1123.533538][T14177] F2FS-fs (loop0): invalid crc value [ 1123.634138][T14177] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1123.652921][T14186] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1123.654913][T14177] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 1123.671178][T14177] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1123.737410][ T29] audit: type=1800 audit(1773595436.122:106): pid=14187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2110" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 1124.199206][ T5893] usb 4-1: new high-speed USB device number 88 using dummy_hcd [ 1124.359344][ T5893] usb 4-1: Using ep0 maxpacket: 32 [ 1124.413001][ T5893] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 1124.450993][ T5893] usb 4-1: config 0 has no interface number 0 [ 1124.514062][ T5893] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 1124.559030][ T5893] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1124.648022][ T5893] usb 4-1: Product: syz [ 1124.686761][ T5893] usb 4-1: Manufacturer: syz [ 1124.742147][ T5893] usb 4-1: SerialNumber: syz [ 1124.949617][ T5893] usb 4-1: config 0 descriptor?? [ 1126.136418][T14199] loop1: detected capacity change from 0 to 40427 [ 1126.144954][T14199] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 1126.152847][T14199] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1126.162151][T14199] F2FS-fs (loop1): invalid crc value [ 1126.169805][ T5893] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 1126.180851][ T5893] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 1126.278316][T14199] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1126.294044][T14199] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1126.301690][T14199] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1126.435163][ T5893] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61 [ 1126.451990][ T5893] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -61 [ 1126.564276][ T29] audit: type=1800 audit(1773595438.912:107): pid=14204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2114" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 1127.865722][ T5829] syz-executor: attempt to access beyond end of device [ 1127.865722][ T5829] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 1127.897204][ T5829] CPU: 1 UID: 0 PID: 5829 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1127.897223][ T5829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1127.897230][ T5829] Call Trace: [ 1127.897236][ T5829] [ 1127.897242][ T5829] dump_stack_lvl+0xe8/0x150 [ 1127.897264][ T5829] f2fs_handle_critical_error+0x37c/0x540 [ 1127.897283][ T5829] f2fs_write_end_io+0x1274/0x1740 [ 1127.897312][ T5829] __submit_merged_bio+0x256/0x700 [ 1127.897329][ T5829] f2fs_submit_merged_write+0x284/0x390 [ 1127.897347][ T5829] ? __pfx_f2fs_submit_merged_write+0x10/0x10 [ 1127.897371][ T5829] f2fs_sync_node_pages+0x14bf/0x1680 [ 1127.897395][ T5829] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 1127.897407][ T5829] ? lockdep_hardirqs_on+0x7a/0x110 [ 1127.897421][ T5829] ? irqentry_exit+0x61a/0x700 [ 1127.897432][ T5829] ? rcu_is_watching+0x15/0xb0 [ 1127.897466][ T5829] f2fs_write_checkpoint+0xeb8/0x26a0 [ 1127.897501][ T5829] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1127.897547][ T5829] kill_f2fs_super+0x314/0x720 [ 1127.897566][ T5829] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1127.897589][ T5829] ? lockdep_hardirqs_on+0x7a/0x110 [ 1127.897608][ T5829] deactivate_locked_super+0xbc/0x130 [ 1127.897627][ T5829] cleanup_mnt+0x437/0x4d0 [ 1127.897637][ T5829] ? _raw_spin_unlock_irq+0x23/0x50 [ 1127.897651][ T5829] task_work_run+0x1d9/0x270 [ 1127.897667][ T5829] ? __pfx_task_work_run+0x10/0x10 [ 1127.897686][ T5829] exit_to_user_mode_loop+0xed/0x480 [ 1127.897703][ T5829] ? rcu_is_watching+0x15/0xb0 [ 1127.897716][ T5829] do_syscall_64+0x32d/0xf80 [ 1127.897729][ T5829] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1127.897740][ T5829] ? clear_bhb_loop+0x40/0x90 [ 1127.897754][ T5829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1127.897765][ T5829] RIP: 0033:0x7f805c99d9d7 [ 1127.897776][ T5829] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1127.897785][ T5829] RSP: 002b:00007ffc3e4d6648 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1127.897798][ T5829] RAX: 0000000000000000 RBX: 00007f805ca32050 RCX: 00007f805c99d9d7 [ 1127.897805][ T5829] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc3e4d6700 [ 1127.897812][ T5829] RBP: 00007ffc3e4d6700 R08: 00007ffc3e4d7700 R09: 00000000ffffffff [ 1127.897819][ T5829] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc3e4d7790 [ 1127.897826][ T5829] R13: 00007f805ca32050 R14: 0000000000113084 R15: 00007ffc3e4d77d0 [ 1127.897844][ T5829] [ 1127.897849][ T5829] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 1128.346421][ T5893] usb 4-1: USB disconnect, device number 88 [ 1128.536903][T14213] loop3: detected capacity change from 0 to 1024 [ 1130.343913][T14225] loop2: detected capacity change from 0 to 40427 [ 1130.352971][T14225] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1130.360796][T14225] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1130.375662][T14225] F2FS-fs (loop2): invalid crc value [ 1130.413930][T14225] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1130.426259][T14225] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1130.433344][T14225] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1131.177773][ T29] audit: type=1800 audit(1773595443.062:108): pid=14231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2123" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 1132.093045][ T5830] syz-executor: attempt to access beyond end of device [ 1132.093045][ T5830] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 1132.129629][T14233] loop4: detected capacity change from 0 to 2048 [ 1132.155586][T14233] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 1132.177633][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1132.177650][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1132.177657][ T5830] Call Trace: [ 1132.177662][ T5830] [ 1132.177668][ T5830] dump_stack_lvl+0xe8/0x150 [ 1132.177689][ T5830] f2fs_handle_critical_error+0x37c/0x540 [ 1132.177708][ T5830] f2fs_write_end_io+0x1274/0x1740 [ 1132.177737][ T5830] __submit_merged_bio+0x256/0x700 [ 1132.177754][ T5830] f2fs_submit_merged_write+0x284/0x390 [ 1132.177771][ T5830] ? __pfx_f2fs_submit_merged_write+0x10/0x10 [ 1132.177794][ T5830] f2fs_sync_node_pages+0x14bf/0x1680 [ 1132.177818][ T5830] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 1132.177855][ T5830] f2fs_write_checkpoint+0xeb8/0x26a0 [ 1132.177890][ T5830] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1132.177936][ T5830] kill_f2fs_super+0x314/0x720 [ 1132.177955][ T5830] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1132.177985][ T5830] ? lockdep_hardirqs_on+0x7a/0x110 [ 1132.178006][ T5830] deactivate_locked_super+0xbc/0x130 [ 1132.178025][ T5830] cleanup_mnt+0x437/0x4d0 [ 1132.178035][ T5830] ? _raw_spin_unlock_irq+0x23/0x50 [ 1132.178049][ T5830] task_work_run+0x1d9/0x270 [ 1132.178066][ T5830] ? __pfx_task_work_run+0x10/0x10 [ 1132.178086][ T5830] exit_to_user_mode_loop+0xed/0x480 [ 1132.178101][ T5830] ? rcu_is_watching+0x15/0xb0 [ 1132.178115][ T5830] do_syscall_64+0x32d/0xf80 [ 1132.178127][ T5830] ? trace_irq_disable+0x3b/0x150 [ 1132.178141][ T5830] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1132.178152][ T5830] ? clear_bhb_loop+0x40/0x90 [ 1132.178166][ T5830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1132.178177][ T5830] RIP: 0033:0x7f994379d9d7 [ 1132.178188][ T5830] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1132.178197][ T5830] RSP: 002b:00007fffc07b6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1132.178210][ T5830] RAX: 0000000000000000 RBX: 00007f9943832050 RCX: 00007f994379d9d7 [ 1132.178217][ T5830] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffc07b6db0 [ 1132.178224][ T5830] RBP: 00007fffc07b6db0 R08: 00007fffc07b7db0 R09: 00000000ffffffff [ 1132.178231][ T5830] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffc07b7e40 [ 1132.178237][ T5830] R13: 00007f9943832050 R14: 0000000000114539 R15: 00007fffc07b7e80 [ 1132.178254][ T5830] [ 1132.178259][ T5830] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 1132.312200][T14233] UDF-fs: Scanning with blocksize 512 failed [ 1132.698952][T14233] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1133.017647][ T29] audit: type=1800 audit(1773595445.392:109): pid=14233 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2125" name="file2" dev="loop4" ino=839 res=0 errno=0 [ 1133.327999][T14239] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2125'. [ 1133.472836][ T29] audit: type=1800 audit(1773595445.852:110): pid=14233 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2125" name="bus" dev="loop4" ino=829 res=0 errno=0 [ 1134.144840][T14246] loop4: detected capacity change from 0 to 40427 [ 1134.166411][T14246] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1134.174467][T14246] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1134.187629][T14246] F2FS-fs (loop4): invalid crc value [ 1134.239595][T14246] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1134.257235][T14246] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1134.265058][T14246] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1135.162843][ T29] audit: type=1800 audit(1773595446.842:111): pid=14251 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2129" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 1135.382918][ T5828] syz-executor: attempt to access beyond end of device [ 1135.382918][ T5828] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 1135.511013][ T5828] CPU: 0 UID: 0 PID: 5828 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1135.511031][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1135.511039][ T5828] Call Trace: [ 1135.511044][ T5828] [ 1135.511050][ T5828] dump_stack_lvl+0xe8/0x150 [ 1135.511072][ T5828] f2fs_handle_critical_error+0x37c/0x540 [ 1135.511101][ T5828] f2fs_write_end_io+0x1274/0x1740 [ 1135.511131][ T5828] __submit_merged_bio+0x256/0x700 [ 1135.511149][ T5828] f2fs_submit_merged_write+0x284/0x390 [ 1135.511167][ T5828] ? __pfx_f2fs_submit_merged_write+0x10/0x10 [ 1135.511191][ T5828] f2fs_sync_node_pages+0x14bf/0x1680 [ 1135.511216][ T5828] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 1135.511258][ T5828] f2fs_write_checkpoint+0xeb8/0x26a0 [ 1135.511296][ T5828] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1135.511345][ T5828] kill_f2fs_super+0x314/0x720 [ 1135.511365][ T5828] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1135.511389][ T5828] ? lockdep_hardirqs_on+0x7a/0x110 [ 1135.511411][ T5828] deactivate_locked_super+0xbc/0x130 [ 1135.511430][ T5828] cleanup_mnt+0x437/0x4d0 [ 1135.511440][ T5828] ? _raw_spin_unlock_irq+0x23/0x50 [ 1135.511454][ T5828] task_work_run+0x1d9/0x270 [ 1135.511471][ T5828] ? __pfx_task_work_run+0x10/0x10 [ 1135.511492][ T5828] exit_to_user_mode_loop+0xed/0x480 [ 1135.511507][ T5828] ? rcu_is_watching+0x15/0xb0 [ 1135.511522][ T5828] do_syscall_64+0x32d/0xf80 [ 1135.511534][ T5828] ? trace_irq_disable+0x3b/0x150 [ 1135.511548][ T5828] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1135.511559][ T5828] ? clear_bhb_loop+0x40/0x90 [ 1135.511573][ T5828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1135.511587][ T5828] RIP: 0033:0x7f22ab99d9d7 [ 1135.511599][ T5828] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1135.511608][ T5828] RSP: 002b:00007ffee7d88878 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1135.511621][ T5828] RAX: 0000000000000000 RBX: 00007f22aba32050 RCX: 00007f22ab99d9d7 [ 1135.511628][ T5828] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffee7d88930 [ 1135.511635][ T5828] RBP: 00007ffee7d88930 R08: 00007ffee7d89930 R09: 00000000ffffffff [ 1135.511642][ T5828] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffee7d899c0 [ 1135.511649][ T5828] R13: 00007f22aba32050 R14: 000000000011524b R15: 00007ffee7d89a00 [ 1135.511668][ T5828] [ 1135.511853][ T5828] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 1135.798743][ T5957] usb 4-1: new high-speed USB device number 89 using dummy_hcd [ 1136.004018][T14256] loop0: detected capacity change from 0 to 40427 [ 1136.015819][T14256] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 1136.023700][T14256] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 1136.034718][T14256] F2FS-fs (loop0): invalid crc value [ 1136.087606][T14256] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1136.103159][T14256] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 1136.110354][T14256] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1136.257153][ T5957] usb 4-1: Using ep0 maxpacket: 32 [ 1137.273874][ T29] audit: type=1800 audit(1773595448.752:112): pid=14263 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2130" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 1137.274424][ T5957] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 1137.559660][ T5957] usb 4-1: config 0 has no interface number 0 [ 1137.786676][ T5957] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 1137.825442][ T5957] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1137.825523][ T5826] syz-executor: attempt to access beyond end of device [ 1137.825523][ T5826] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 1137.908139][ T5957] usb 4-1: Product: syz [ 1137.924062][ T5957] usb 4-1: Manufacturer: syz [ 1137.949046][ T5957] usb 4-1: SerialNumber: syz [ 1137.988866][ T5826] CPU: 1 UID: 0 PID: 5826 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1137.988892][ T5826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1137.988903][ T5826] Call Trace: [ 1137.988911][ T5826] [ 1137.988918][ T5826] dump_stack_lvl+0xe8/0x150 [ 1137.988952][ T5826] f2fs_handle_critical_error+0x37c/0x540 [ 1137.988981][ T5826] f2fs_write_end_io+0x1274/0x1740 [ 1137.989029][ T5826] __submit_merged_bio+0x256/0x700 [ 1137.989059][ T5826] f2fs_submit_merged_write+0x284/0x390 [ 1137.989089][ T5826] ? __pfx_f2fs_submit_merged_write+0x10/0x10 [ 1137.989132][ T5826] f2fs_sync_node_pages+0x14bf/0x1680 [ 1137.989180][ T5826] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 1137.989247][ T5826] f2fs_write_checkpoint+0xeb8/0x26a0 [ 1137.989310][ T5826] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1137.989392][ T5826] kill_f2fs_super+0x314/0x720 [ 1137.989428][ T5826] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1137.989467][ T5826] ? lockdep_hardirqs_on+0x7a/0x110 [ 1137.989503][ T5826] deactivate_locked_super+0xbc/0x130 [ 1137.989533][ T5826] cleanup_mnt+0x437/0x4d0 [ 1137.989552][ T5826] ? _raw_spin_unlock_irq+0x23/0x50 [ 1137.989577][ T5826] task_work_run+0x1d9/0x270 [ 1137.989606][ T5826] ? __pfx_task_work_run+0x10/0x10 [ 1137.989643][ T5826] exit_to_user_mode_loop+0xed/0x480 [ 1137.989668][ T5826] ? rcu_is_watching+0x15/0xb0 [ 1137.989693][ T5826] do_syscall_64+0x32d/0xf80 [ 1137.989714][ T5826] ? trace_irq_disable+0x3b/0x150 [ 1137.989737][ T5826] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1137.989757][ T5826] ? clear_bhb_loop+0x40/0x90 [ 1137.989782][ T5826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1137.989802][ T5826] RIP: 0033:0x7f14d499d9d7 [ 1137.989830][ T5826] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1137.989845][ T5826] RSP: 002b:00007ffd5d9ae6c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1137.989865][ T5826] RAX: 0000000000000000 RBX: 00007f14d4a32050 RCX: 00007f14d499d9d7 [ 1137.989878][ T5826] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5d9ae780 [ 1137.989889][ T5826] RBP: 00007ffd5d9ae780 R08: 00007ffd5d9af780 R09: 00000000ffffffff [ 1137.989902][ T5826] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd5d9af810 [ 1137.989913][ T5826] R13: 00007f14d4a32050 R14: 0000000000115b85 R15: 00007ffd5d9af850 [ 1137.989947][ T5826] [ 1137.989956][ T5826] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 1138.233846][ T5957] usb 4-1: config 0 descriptor?? [ 1138.481394][ T5957] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71 [ 1138.495654][ T5957] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -71 [ 1138.554587][ T5957] usb 4-1: USB disconnect, device number 89 [ 1141.142262][T14283] loop4: detected capacity change from 0 to 40427 [ 1141.162236][T14283] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1141.170080][T14283] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1141.187262][T14283] F2FS-fs (loop4): invalid crc value [ 1141.295834][T14283] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1141.314123][T14283] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1141.321246][T14283] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1142.508853][ T29] audit: type=1800 audit(1773595453.972:113): pid=14292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2131" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 1142.908275][ T5828] syz-executor: attempt to access beyond end of device [ 1142.908275][ T5828] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 1142.992970][ T5828] CPU: 0 UID: 0 PID: 5828 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1142.992998][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1142.993010][ T5828] Call Trace: [ 1142.993018][ T5828] [ 1142.993027][ T5828] dump_stack_lvl+0xe8/0x150 [ 1142.993061][ T5828] f2fs_handle_critical_error+0x37c/0x540 [ 1142.993094][ T5828] f2fs_write_end_io+0x1274/0x1740 [ 1142.993144][ T5828] __submit_merged_bio+0x256/0x700 [ 1142.993176][ T5828] f2fs_submit_merged_write+0x284/0x390 [ 1142.993206][ T5828] ? __pfx_f2fs_submit_merged_write+0x10/0x10 [ 1142.993248][ T5828] f2fs_sync_node_pages+0x14bf/0x1680 [ 1142.993292][ T5828] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 1142.993360][ T5828] f2fs_write_checkpoint+0xeb8/0x26a0 [ 1142.993422][ T5828] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1142.993506][ T5828] kill_f2fs_super+0x314/0x720 [ 1142.993539][ T5828] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1142.993581][ T5828] ? lockdep_hardirqs_on+0x7a/0x110 [ 1142.993618][ T5828] deactivate_locked_super+0xbc/0x130 [ 1142.993649][ T5828] cleanup_mnt+0x437/0x4d0 [ 1142.993667][ T5828] ? _raw_spin_unlock_irq+0x23/0x50 [ 1142.993691][ T5828] task_work_run+0x1d9/0x270 [ 1142.993719][ T5828] ? __pfx_task_work_run+0x10/0x10 [ 1142.993755][ T5828] exit_to_user_mode_loop+0xed/0x480 [ 1142.993781][ T5828] ? rcu_is_watching+0x15/0xb0 [ 1142.993806][ T5828] do_syscall_64+0x32d/0xf80 [ 1142.993826][ T5828] ? trace_irq_disable+0x3b/0x150 [ 1142.993852][ T5828] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1142.993872][ T5828] ? clear_bhb_loop+0x40/0x90 [ 1142.993896][ T5828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1142.993920][ T5828] RIP: 0033:0x7f22ab99d9d7 [ 1142.993939][ T5828] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1142.993955][ T5828] RSP: 002b:00007ffee7d88878 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1142.993975][ T5828] RAX: 0000000000000000 RBX: 00007f22aba32050 RCX: 00007f22ab99d9d7 [ 1142.993989][ T5828] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffee7d88930 [ 1142.994000][ T5828] RBP: 00007ffee7d88930 R08: 00007ffee7d89930 R09: 00000000ffffffff [ 1142.994014][ T5828] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffee7d899c0 [ 1142.994026][ T5828] R13: 00007f22aba32050 R14: 0000000000116fe6 R15: 00007ffee7d89a00 [ 1142.994059][ T5828] [ 1142.996635][ T5828] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 1145.770635][ T5841] usb 4-1: new high-speed USB device number 90 using dummy_hcd [ 1145.953504][ T5841] usb 4-1: Using ep0 maxpacket: 32 [ 1146.037745][ T5841] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 1146.076231][ T5841] usb 4-1: config 0 has no interface number 0 [ 1146.124261][ T5841] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 1146.166233][ T5841] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1146.201678][ T5841] usb 4-1: Product: syz [ 1146.220211][ T5841] usb 4-1: Manufacturer: syz [ 1146.238774][ T5841] usb 4-1: SerialNumber: syz [ 1146.263347][ T5841] usb 4-1: config 0 descriptor?? [ 1146.865342][ T5841] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 1146.956628][ T5841] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 1147.347865][ T5841] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61 [ 1147.399048][ T5841] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -61 [ 1147.801866][T14327] loop2: detected capacity change from 0 to 2048 [ 1147.845013][T14327] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 1147.860156][T14327] UDF-fs: Scanning with blocksize 512 failed [ 1147.885505][T14327] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1147.922939][ T29] audit: type=1800 audit(1773595460.292:114): pid=14327 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2148" name="file2" dev="loop2" ino=839 res=0 errno=0 [ 1148.435926][T14330] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2148'. [ 1148.493685][ T29] audit: type=1800 audit(1773595460.872:115): pid=14330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2148" name="bus" dev="loop2" ino=801 res=0 errno=0 [ 1148.877253][ T5920] usb 4-1: USB disconnect, device number 90 [ 1150.714855][T14352] loop0: detected capacity change from 0 to 32768 [ 1150.811891][T14352] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 1150.820319][T14352] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 1150.979446][T14356] loop2: detected capacity change from 0 to 40427 [ 1150.990424][T14356] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1150.998213][T14356] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1151.007333][T14356] F2FS-fs (loop2): invalid crc value [ 1151.034424][T14352] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 1151.047219][ T5841] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 1151.071457][ T5841] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 1151.158578][T14356] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1151.172072][T14356] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1151.179166][T14356] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1151.386102][ T29] audit: type=1800 audit(1773595463.762:116): pid=14362 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2156" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 1152.246560][ T5830] syz-executor: attempt to access beyond end of device [ 1152.246560][ T5830] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 1152.261227][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1152.261253][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1152.261264][ T5830] Call Trace: [ 1152.261273][ T5830] [ 1152.261281][ T5830] dump_stack_lvl+0xe8/0x150 [ 1152.261315][ T5830] f2fs_handle_critical_error+0x37c/0x540 [ 1152.261347][ T5830] f2fs_write_end_io+0x1274/0x1740 [ 1152.261394][ T5830] __submit_merged_bio+0x256/0x700 [ 1152.261426][ T5830] f2fs_submit_merged_write+0x284/0x390 [ 1152.261456][ T5830] ? __pfx_f2fs_submit_merged_write+0x10/0x10 [ 1152.261498][ T5830] f2fs_sync_node_pages+0x14bf/0x1680 [ 1152.261542][ T5830] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 1152.261587][ T5830] f2fs_write_checkpoint+0xeb8/0x26a0 [ 1152.261623][ T5830] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1152.261668][ T5830] kill_f2fs_super+0x314/0x720 [ 1152.261688][ T5830] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1152.261711][ T5830] ? lockdep_hardirqs_on+0x7a/0x110 [ 1152.261733][ T5830] deactivate_locked_super+0xbc/0x130 [ 1152.261751][ T5830] cleanup_mnt+0x437/0x4d0 [ 1152.261761][ T5830] ? _raw_spin_unlock_irq+0x23/0x50 [ 1152.261775][ T5830] task_work_run+0x1d9/0x270 [ 1152.261791][ T5830] ? __pfx_task_work_run+0x10/0x10 [ 1152.261811][ T5830] exit_to_user_mode_loop+0xed/0x480 [ 1152.261826][ T5830] ? rcu_is_watching+0x15/0xb0 [ 1152.261840][ T5830] do_syscall_64+0x32d/0xf80 [ 1152.261853][ T5830] ? trace_irq_disable+0x3b/0x150 [ 1152.261873][ T5830] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1152.261884][ T5830] ? clear_bhb_loop+0x40/0x90 [ 1152.261898][ T5830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1152.261909][ T5830] RIP: 0033:0x7f994379d9d7 [ 1152.261921][ T5830] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1152.261930][ T5830] RSP: 002b:00007fffc07b6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1152.261943][ T5830] RAX: 0000000000000000 RBX: 00007f9943832050 RCX: 00007f994379d9d7 [ 1152.261955][ T5830] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffc07b6db0 [ 1152.261966][ T5830] RBP: 00007fffc07b6db0 R08: 00007fffc07b7db0 R09: 00000000ffffffff [ 1152.261979][ T5830] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffc07b7e40 [ 1152.261991][ T5830] R13: 00007f9943832050 R14: 000000000011945d R15: 00007fffc07b7e80 [ 1152.262011][ T5830] [ 1152.262169][ T5830] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 1152.504077][ T5920] usb 4-1: new high-speed USB device number 91 using dummy_hcd [ 1152.699610][ T5920] usb 4-1: device descriptor read/64, error -71 [ 1153.001327][T14370] block nbd1: NBD_DISCONNECT [ 1153.124403][ T5841] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 2052ms [ 1153.162538][ T5841] gfs2: fsid=syz:syz.0: jid=0: Done [ 1153.174497][T14352] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 1153.225236][T14352] gfs2: fsid=syz:syz.0: found 1 quota changes [ 1153.229070][ T5920] usb 4-1: new high-speed USB device number 92 using dummy_hcd [ 1153.284932][T14373] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 11 2339, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 402 [ 1153.309886][T14373] gfs2: fsid=syz:syz.0: G: s:EX n:2/923 f:aqonN t:EX d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 1153.319655][T14373] gfs2: fsid=syz:syz.0: H: s:EX f:H e:0 p:14373 [gfs2_quotad/syz] gfs2_quota_sync+0x370/0x470 [ 1153.332647][T14373] gfs2: fsid=syz:syz.0: I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0 [ 1153.343409][T14373] CPU: 1 UID: 0 PID: 14373 Comm: gfs2_quotad/syz Not tainted syzkaller #0 PREEMPT(full) [ 1153.343434][T14373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1153.343446][T14373] Call Trace: [ 1153.343453][T14373] [ 1153.343462][T14373] dump_stack_lvl+0xe8/0x150 [ 1153.343495][T14373] gfs2_withdraw+0xc3/0x1b0 [ 1153.343519][T14373] inode_go_instantiate+0xdd8/0x1220 [ 1153.343541][T14373] ? preempt_schedule_common+0x82/0xd0 [ 1153.343568][T14373] ? __pfx_inode_go_instantiate+0x10/0x10 [ 1153.343600][T14373] gfs2_instantiate+0x168/0x220 [ 1153.343626][T14373] gfs2_glock_wait+0x1d4/0x2a0 [ 1153.343653][T14373] do_sync+0x49a/0xcb0 [ 1153.343679][T14373] ? _raw_spin_unlock+0x28/0x50 [ 1153.343698][T14373] ? gfs2_quota_sync+0x370/0x470 [ 1153.343732][T14373] ? __pfx_do_sync+0x10/0x10 [ 1153.343766][T14373] ? gfs2_quota_sync+0x370/0x470 [ 1153.343796][T14373] ? do_raw_spin_unlock+0xf5/0x210 [ 1153.343860][T14373] gfs2_quota_sync+0x370/0x470 [ 1153.343905][T14373] gfs2_quotad+0x2b9/0x6e0 [ 1153.343946][T14373] ? __pfx_gfs2_quotad+0x10/0x10 [ 1153.343975][T14373] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 1153.343998][T14373] ? __kthread_parkme+0x7a/0x1f0 [ 1153.344024][T14373] kthread+0x388/0x470 [ 1153.344045][T14373] ? __pfx_gfs2_quotad+0x10/0x10 [ 1153.344068][T14373] ? __pfx_kthread+0x10/0x10 [ 1153.344088][T14373] ret_from_fork+0x51e/0xb90 [ 1153.344114][T14373] ? __pfx_ret_from_fork+0x10/0x10 [ 1153.344137][T14373] ? __switch_to+0xc7d/0x1450 [ 1153.344180][T14373] ? __pfx_kthread+0x10/0x10 [ 1153.344204][T14373] ret_from_fork_asm+0x1a/0x30 [ 1153.344240][T14373] [ 1153.369182][ T5920] usb 4-1: device descriptor read/64, error -71 [ 1153.765407][T14373] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 1154.019102][ T5920] usb usb4-port1: attempt power cycle [ 1154.383117][ T5920] usb 4-1: new high-speed USB device number 93 using dummy_hcd [ 1154.441020][ T5920] usb 4-1: device descriptor read/8, error -71 [ 1155.231076][T14386] loop3: detected capacity change from 0 to 40427 [ 1155.262910][T14386] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1155.270756][T14386] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1155.282014][T14386] F2FS-fs (loop3): invalid crc value [ 1155.714834][T14386] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1155.740856][T14386] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1155.747978][T14386] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1155.941445][ T29] audit: type=1800 audit(1773595468.322:117): pid=14399 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2162" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 1157.546617][ T5827] syz-executor: attempt to access beyond end of device [ 1157.546617][ T5827] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 1157.563199][ T5827] CPU: 0 UID: 0 PID: 5827 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1157.563224][ T5827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1157.563236][ T5827] Call Trace: [ 1157.563244][ T5827] [ 1157.563253][ T5827] dump_stack_lvl+0xe8/0x150 [ 1157.563291][ T5827] f2fs_handle_critical_error+0x37c/0x540 [ 1157.563326][ T5827] f2fs_write_end_io+0x1274/0x1740 [ 1157.563378][ T5827] __submit_merged_bio+0x256/0x700 [ 1157.563410][ T5827] f2fs_submit_merged_write+0x284/0x390 [ 1157.563441][ T5827] ? __pfx_f2fs_submit_merged_write+0x10/0x10 [ 1157.563487][ T5827] f2fs_sync_node_pages+0x14bf/0x1680 [ 1157.563528][ T5827] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 1157.563599][ T5827] f2fs_write_checkpoint+0xeb8/0x26a0 [ 1157.563662][ T5827] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1157.563753][ T5827] kill_f2fs_super+0x314/0x720 [ 1157.563790][ T5827] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1157.563832][ T5827] ? lockdep_hardirqs_on+0x7a/0x110 [ 1157.563870][ T5827] deactivate_locked_super+0xbc/0x130 [ 1157.563901][ T5827] cleanup_mnt+0x437/0x4d0 [ 1157.563918][ T5827] ? _raw_spin_unlock_irq+0x23/0x50 [ 1157.563944][ T5827] task_work_run+0x1d9/0x270 [ 1157.563973][ T5827] ? __pfx_task_work_run+0x10/0x10 [ 1157.564008][ T5827] exit_to_user_mode_loop+0xed/0x480 [ 1157.564034][ T5827] ? rcu_is_watching+0x15/0xb0 [ 1157.564059][ T5827] do_syscall_64+0x32d/0xf80 [ 1157.564081][ T5827] ? trace_irq_disable+0x3b/0x150 [ 1157.564104][ T5827] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1157.564124][ T5827] ? clear_bhb_loop+0x40/0x90 [ 1157.564150][ T5827] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1157.564169][ T5827] RIP: 0033:0x7f5accd9d9d7 [ 1157.564189][ T5827] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1157.564205][ T5827] RSP: 002b:00007fffb598d808 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1157.564226][ T5827] RAX: 0000000000000000 RBX: 00007f5acce32050 RCX: 00007f5accd9d9d7 [ 1157.564239][ T5827] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffb598d8c0 [ 1157.564251][ T5827] RBP: 00007fffb598d8c0 R08: 00007fffb598e8c0 R09: 00000000ffffffff [ 1157.564265][ T5827] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffb598e950 [ 1157.564277][ T5827] R13: 00007f5acce32050 R14: 000000000011a8aa R15: 00007fffb598e990 [ 1157.564310][ T5827] [ 1157.564648][ T5827] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 1158.811038][T14407] loop4: detected capacity change from 0 to 8 [ 1159.250845][T14407] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1159.258847][T14407] SQUASHFS error: Failed to read block 0x0: -5 [ 1159.265082][T14407] SQUASHFS error: Failed to read block 0xff: -5 [ 1159.271456][T14407] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1159.279318][T14407] SQUASHFS error: Failed to read block 0x0: -5 [ 1159.288464][T14407] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1159.289158][ T29] audit: type=1800 audit(1773595471.672:118): pid=14407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2166" name="file2" dev="loop4" ino=3 res=0 errno=0 [ 1159.296459][T14407] SQUASHFS error: Failed to read block 0x0: -5 [ 1159.367947][T14407] SQUASHFS error: Failed to read block 0x6a4: -5 [ 1159.374355][T14407] SQUASHFS error: Unable to read metadata cache entry [6a2] [ 1159.381680][T14407] SQUASHFS error: read_indexes: reading block [6a2:0] [ 1159.388479][T14407] SQUASHFS error: Failed to read block 0x0: -5 [ 1159.394885][T14407] SQUASHFS error: Unable to read metadata cache entry [6a2] [ 1159.402239][T14407] SQUASHFS error: read_indexes: reading block [6a2:0] [ 1159.409044][T14407] SQUASHFS error: Failed to read block 0x0: -5 [ 1159.534113][ T29] audit: type=1800 audit(1773595471.712:119): pid=14407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2166" name="file2" dev="loop4" ino=3 res=0 errno=0 [ 1159.862352][T14416] loop4: detected capacity change from 0 to 40427 [ 1159.874269][T14416] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1159.882579][T14416] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1159.901873][T14416] F2FS-fs (loop4): invalid crc value [ 1159.941592][T14416] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1159.952010][T14416] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1159.959081][T14416] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1160.124896][T14411] loop0: detected capacity change from 0 to 2048 [ 1160.838208][T14411] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 1160.932521][T14411] UDF-fs: Scanning with blocksize 512 failed [ 1161.728276][T14411] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1161.867523][ T29] audit: type=1800 audit(1773595474.232:120): pid=14411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2167" name="file2" dev="loop0" ino=839 res=0 errno=0 [ 1162.582597][T14429] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2167'. [ 1162.704021][ T29] audit: type=1800 audit(1773595475.082:121): pid=14411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2167" name="bus" dev="loop0" ino=829 res=0 errno=0 [ 1162.778717][ T9] usb 3-1: new high-speed USB device number 74 using dummy_hcd [ 1162.950444][T14436] loop4: detected capacity change from 0 to 40427 [ 1162.974209][T14436] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1162.982037][T14436] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1162.992178][T14436] F2FS-fs (loop4): invalid crc value [ 1163.008991][ T9] usb 3-1: device descriptor read/64, error -71 [ 1163.077842][T14436] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1163.094314][T14436] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1163.101671][T14436] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1163.278959][ T9] usb 3-1: new high-speed USB device number 75 using dummy_hcd [ 1164.217589][ T29] audit: type=1800 audit(1773595475.742:122): pid=14442 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2170" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 1164.354211][ T9] usb 3-1: device descriptor read/64, error -71 [ 1164.540570][T14446] loop1: detected capacity change from 0 to 40427 [ 1164.548032][T14446] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 1164.555828][T14446] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1164.565032][T14446] F2FS-fs (loop1): invalid crc value [ 1164.608300][T14446] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1164.624328][T14446] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1164.631771][T14446] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1164.638805][ T5841] usb 4-1: new high-speed USB device number 95 using dummy_hcd [ 1164.779112][ T9] usb usb3-port1: attempt power cycle [ 1164.842593][ T5841] usb 4-1: Using ep0 maxpacket: 32 [ 1165.373483][ T29] audit: type=1800 audit(1773595477.302:123): pid=14453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2173" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 1165.862430][ T5841] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 1165.889345][ T5841] usb 4-1: config 0 has no interface number 0 [ 1165.904537][ T5841] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 1165.913938][ T5841] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1165.923080][ T5841] usb 4-1: Product: syz [ 1165.927730][ T5841] usb 4-1: Manufacturer: syz [ 1165.932489][ T5841] usb 4-1: SerialNumber: syz [ 1165.947663][T14454] loop0: detected capacity change from 0 to 8 [ 1165.950696][ T5841] usb 4-1: config 0 descriptor?? [ 1166.057013][T14454] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1166.090828][T14454] SQUASHFS error: Failed to read block 0x0: -5 [ 1166.214656][T14454] SQUASHFS error: Failed to read block 0xff: -5 [ 1166.258138][T14454] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1166.380702][ T5841] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 1166.395233][T14454] SQUASHFS error: Failed to read block 0x0: -5 [ 1166.421596][ T5841] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 1166.463722][ T29] audit: type=1800 audit(1773595478.842:124): pid=14454 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2185" name="file2" dev="loop0" ino=3 res=0 errno=0 [ 1166.698185][ T5841] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61 [ 1166.734624][ T5841] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -61 [ 1167.935907][T14465] loop2: detected capacity change from 0 to 2048 [ 1168.109945][ T5841] usb 4-1: USB disconnect, device number 95 [ 1168.188043][T14472] loop3: detected capacity change from 0 to 2048 [ 1168.198443][T14472] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 1168.205882][T14465] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 1168.256064][T14472] UDF-fs: Scanning with blocksize 512 failed [ 1168.284533][T14465] UDF-fs: Scanning with blocksize 512 failed [ 1168.321878][T14472] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1168.403933][ T29] audit: type=1800 audit(1773595480.782:125): pid=14472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2181" name="file2" dev="loop3" ino=839 res=0 errno=0 [ 1168.469302][T14465] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1168.556869][ T29] audit: type=1800 audit(1773595480.932:126): pid=14465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2179" name="file2" dev="loop2" ino=839 res=0 errno=0 [ 1169.234855][T14472] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2181'. [ 1169.269303][ T29] audit: type=1800 audit(1773595481.642:127): pid=14472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2181" name="bus" dev="loop3" ino=829 res=0 errno=0 [ 1170.043581][T14465] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2179'. [ 1170.572359][ T29] audit: type=1800 audit(1773595482.942:128): pid=14465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2179" name="bus" dev="loop2" ino=851 res=0 errno=0 [ 1172.185996][T14499] loop4: detected capacity change from 0 to 40427 [ 1172.200282][T14499] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1172.208147][T14499] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1172.223046][T14499] F2FS-fs (loop4): invalid crc value [ 1172.294958][T14499] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1172.316713][T14499] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1172.324168][T14499] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1172.490526][T14506] loop3: detected capacity change from 0 to 2048 [ 1172.766099][T14505] loop2: detected capacity change from 0 to 40427 [ 1173.839032][T14505] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1173.846912][T14505] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1173.862232][ T29] audit: type=1800 audit(1773595485.162:129): pid=14510 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2189" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 1173.911079][T14505] F2FS-fs (loop2): invalid crc value [ 1174.002872][T14505] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1174.019588][T14505] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1174.026687][T14505] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1174.186497][T14506] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 1174.198799][ T5957] usb 1-1: new high-speed USB device number 90 using dummy_hcd [ 1175.297170][T14506] UDF-fs: Scanning with blocksize 512 failed [ 1175.415572][ T29] audit: type=1800 audit(1773595486.672:130): pid=14517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2186" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 1175.493457][T14506] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1176.119561][T14521] loop1: detected capacity change from 0 to 2048 [ 1176.339571][T14521] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 1176.407250][T14521] UDF-fs: Scanning with blocksize 512 failed [ 1176.455988][T14521] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1176.525936][ T29] audit: type=1800 audit(1773595488.902:131): pid=14521 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2192" name="file2" dev="loop1" ino=839 res=0 errno=0 [ 1176.622296][T14526] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2192'. [ 1177.314355][ T1307] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.321301][ T1307] ieee802154 phy1 wpan1: encryption failed: -22 [ 1177.351622][ T29] audit: type=1800 audit(1773595489.732:132): pid=14526 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2192" name="bus" dev="loop1" ino=801 res=0 errno=0 [ 1178.613066][T14538] loop1: detected capacity change from 0 to 40427 [ 1178.673875][T14538] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 1178.681809][T14538] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1178.721498][T14538] F2FS-fs (loop1): invalid crc value [ 1178.787854][T14538] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1178.976147][T14538] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1178.983264][T14538] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1179.725379][ T29] audit: type=1800 audit(1773595492.042:133): pid=14548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2197" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 1181.416554][ T29] audit: type=1800 audit(1773595493.792:134): pid=14549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2197" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 1182.197088][T14565] loop3: detected capacity change from 0 to 512 [ 1182.524932][T14565] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1182.578960][ T9] usb 1-1: new high-speed USB device number 91 using dummy_hcd [ 1182.725797][T14565] ext4 filesystem being mounted at /422/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1182.771765][T14565] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1182.878769][ T9] usb 1-1: Using ep0 maxpacket: 32 [ 1182.888574][ T9] usb 1-1: config 0 has an invalid interface number: 67 but max is 0 [ 1182.920179][ T9] usb 1-1: config 0 has no interface number 0 [ 1182.959663][ T9] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 1182.991738][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1183.021931][ T9] usb 1-1: Product: syz [ 1183.040095][ T9] usb 1-1: Manufacturer: syz [ 1183.057453][ T9] usb 1-1: SerialNumber: syz [ 1183.087278][ T9] usb 1-1: config 0 descriptor?? [ 1183.279395][ T5893] usb 4-1: new high-speed USB device number 96 using dummy_hcd [ 1183.528705][ T5893] usb 4-1: device descriptor read/64, error -71 [ 1183.613356][ T9] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 1183.659781][ T9] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 1183.801062][ T5893] usb 4-1: new high-speed USB device number 97 using dummy_hcd [ 1184.117217][ T9] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61 [ 1184.150820][ T9] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -61 [ 1184.183570][ T58] kworker/u8:4: attempt to access beyond end of device [ 1184.183570][ T58] loop1: rw=1, sector=77824, nr_sectors = 2536 limit=40427 [ 1184.249000][ T58] kworker/u8:4: attempt to access beyond end of device [ 1184.249000][ T58] loop1: rw=1, sector=80360, nr_sectors = 1528 limit=40427 [ 1184.265937][ T5893] usb 4-1: device descriptor read/64, error -71 [ 1184.391061][ T5893] usb usb4-port1: attempt power cycle [ 1184.774338][T14590] loop4: detected capacity change from 0 to 40427 [ 1184.786340][T14590] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1184.794416][T14590] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1184.809134][T14590] F2FS-fs (loop4): invalid crc value [ 1184.856935][ T5893] usb 4-1: new high-speed USB device number 98 using dummy_hcd [ 1184.858202][T14590] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1184.878360][T14590] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1184.885756][T14590] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1185.040655][ T5893] usb 4-1: device descriptor read/8, error -71 [ 1185.076595][T14597] loop2: detected capacity change from 0 to 8 [ 1185.149455][T14597] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1185.197656][T14597] SQUASHFS error: Failed to read block 0x0: -5 [ 1185.238052][T14597] SQUASHFS error: Failed to read block 0xff: -5 [ 1185.248886][ T29] audit: type=1800 audit(1773595497.622:135): pid=14600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2209" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 1185.290300][T14597] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1185.328746][ T5893] usb 4-1: new high-speed USB device number 99 using dummy_hcd [ 1185.338101][T14597] SQUASHFS error: Failed to read block 0x0: -5 [ 1185.359488][ T5893] usb 4-1: device descriptor read/8, error -71 [ 1185.367999][ T29] audit: type=1800 audit(1773595497.742:136): pid=14597 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2210" name="file2" dev="loop2" ino=3 res=0 errno=0 [ 1185.499017][ T5893] usb usb4-port1: unable to enumerate USB device [ 1185.511311][ T5841] usb 1-1: USB disconnect, device number 91 [ 1187.199554][T14617] loop2: detected capacity change from 0 to 8 [ 1187.705098][ T29] audit: type=1800 audit(1773595500.082:137): pid=14600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2209" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 1188.153013][T14623] loop3: detected capacity change from 0 to 512 [ 1188.197928][T14625] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1188.266210][T14623] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1188.308888][T14623] ext4 filesystem being mounted at /426/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1188.377844][T14623] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1188.416544][T14625] SQUASHFS error: Failed to read block 0x0: -5 [ 1188.951383][T14625] SQUASHFS error: Failed to read block 0xff: -5 [ 1188.955802][T14635] loop3: detected capacity change from 0 to 8 [ 1189.023983][T14635] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1189.050371][T14635] SQUASHFS error: Failed to read block 0x0: -5 [ 1189.078229][T14625] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1189.106203][T14635] SQUASHFS error: Failed to read block 0xff: -5 [ 1189.139378][T14635] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1189.151648][T14635] SQUASHFS error: Failed to read block 0x0: -5 [ 1189.158250][ T29] audit: type=1800 audit(1773595501.532:138): pid=14635 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2218" name="file2" dev="loop3" ino=3 res=0 errno=0 [ 1189.179941][T14625] SQUASHFS error: Failed to read block 0x0: -5 [ 1189.228942][ T29] audit: type=1800 audit(1773595501.592:139): pid=14625 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2214" name="file2" dev="loop2" ino=3 res=0 errno=0 [ 1190.359771][ T9512] usb 2-1: new high-speed USB device number 70 using dummy_hcd [ 1190.528794][ T9512] usb 2-1: Using ep0 maxpacket: 32 [ 1190.550194][ T9512] usb 2-1: config 0 has an invalid interface number: 67 but max is 0 [ 1190.575811][ T9512] usb 2-1: config 0 has no interface number 0 [ 1190.611564][ T9512] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 1190.628712][ T9512] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1190.650518][ T9512] usb 2-1: Product: syz [ 1190.664019][ T9512] usb 2-1: Manufacturer: syz [ 1190.681937][ T9512] usb 2-1: SerialNumber: syz [ 1190.702603][ T9512] usb 2-1: config 0 descriptor?? [ 1190.848675][T14638] loop3: detected capacity change from 0 to 32768 [ 1190.910534][T14638] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 1190.973714][T14638] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 1190.989377][ T5841] usb 1-1: new high-speed USB device number 92 using dummy_hcd [ 1191.136286][ T9512] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 1191.158951][ T5841] usb 1-1: device descriptor read/64, error -71 [ 1191.196282][ T9512] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 1191.232019][T14638] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 1191.266782][ T5957] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 1191.278698][ T5957] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 1191.414298][ T9512] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61 [ 1191.429033][ T5957] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 150ms [ 1191.440575][ T5841] usb 1-1: new high-speed USB device number 93 using dummy_hcd [ 1191.452406][ T9512] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -61 [ 1191.464336][ T5957] gfs2: fsid=syz:syz.0: jid=0: Done [ 1191.476712][T14638] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 1191.658786][ T5841] usb 1-1: device descriptor read/64, error -71 [ 1191.890252][ T5841] usb usb1-port1: attempt power cycle [ 1192.229322][T14638] gfs2: fsid=syz:syz.0: found 1 quota changes [ 1192.405830][ T5827] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 11 2339, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 402 [ 1192.472947][ T5827] gfs2: fsid=syz:syz.0: G: s:EX n:2/923 f:aqonN t:EX d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 1192.509096][ T5841] usb 1-1: new high-speed USB device number 94 using dummy_hcd [ 1192.517073][ T5827] gfs2: fsid=syz:syz.0: H: s:EX f:H e:0 p:5827 [syz-executor] gfs2_quota_sync+0x370/0x470 [ 1192.556036][ T5841] usb 1-1: device descriptor read/8, error -71 [ 1192.606098][ T5827] gfs2: fsid=syz:syz.0: I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0 [ 1192.634116][ T5827] CPU: 0 UID: 0 PID: 5827 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1192.634143][ T5827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1192.634154][ T5827] Call Trace: [ 1192.634162][ T5827] [ 1192.634171][ T5827] dump_stack_lvl+0xe8/0x150 [ 1192.634204][ T5827] gfs2_withdraw+0xc3/0x1b0 [ 1192.634226][ T5827] inode_go_instantiate+0xdd8/0x1220 [ 1192.634248][ T5827] ? preempt_schedule_common+0x82/0xd0 [ 1192.634274][ T5827] ? __pfx_inode_go_instantiate+0x10/0x10 [ 1192.634303][ T5827] gfs2_instantiate+0x168/0x220 [ 1192.634325][ T5827] gfs2_glock_wait+0x1d4/0x2a0 [ 1192.634347][ T5827] do_sync+0x49a/0xcb0 [ 1192.634369][ T5827] ? _raw_spin_unlock+0x28/0x50 [ 1192.634386][ T5827] ? gfs2_quota_sync+0x370/0x470 [ 1192.634422][ T5827] ? __pfx_do_sync+0x10/0x10 [ 1192.634455][ T5827] ? gfs2_quota_sync+0x370/0x470 [ 1192.634483][ T5827] ? do_raw_spin_unlock+0xf5/0x210 [ 1192.634506][ T5827] gfs2_quota_sync+0x370/0x470 [ 1192.634527][ T5827] gfs2_sync_fs+0x4c/0xb0 [ 1192.634550][ T5827] sync_filesystem+0xee/0x230 [ 1192.634582][ T5827] generic_shutdown_super+0x77/0x2d0 [ 1192.634611][ T5827] kill_block_super+0x44/0x90 [ 1192.634630][ T5827] deactivate_locked_super+0xbc/0x130 [ 1192.634656][ T5827] cleanup_mnt+0x437/0x4d0 [ 1192.634666][ T5827] ? _raw_spin_unlock_irq+0x23/0x50 [ 1192.634680][ T5827] task_work_run+0x1d9/0x270 [ 1192.634696][ T5827] ? __pfx_task_work_run+0x10/0x10 [ 1192.634716][ T5827] exit_to_user_mode_loop+0xed/0x480 [ 1192.634731][ T5827] ? rcu_is_watching+0x15/0xb0 [ 1192.634744][ T5827] do_syscall_64+0x32d/0xf80 [ 1192.634757][ T5827] ? trace_irq_disable+0x3b/0x150 [ 1192.634771][ T5827] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1192.634782][ T5827] ? clear_bhb_loop+0x40/0x90 [ 1192.634796][ T5827] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1192.634807][ T5827] RIP: 0033:0x7f5accd9d9d7 [ 1192.634819][ T5827] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1192.634828][ T5827] RSP: 002b:00007fffb598d808 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1192.634841][ T5827] RAX: 0000000000000000 RBX: 00007f5acce32050 RCX: 00007f5accd9d9d7 [ 1192.634848][ T5827] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffb598d8c0 [ 1192.634855][ T5827] RBP: 00007fffb598d8c0 R08: 00007fffb598e8c0 R09: 00000000ffffffff [ 1192.634863][ T5827] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffb598e950 [ 1192.634869][ T5827] R13: 00007f5acce32050 R14: 0000000000122590 R15: 00007fffb598e990 [ 1192.634886][ T5827] [ 1192.634892][ T5827] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 1192.888827][ T5841] usb 1-1: new high-speed USB device number 95 using dummy_hcd [ 1193.278726][ T5841] usb 1-1: device descriptor read/8, error -71 [ 1193.323219][T13057] usb 2-1: USB disconnect, device number 70 [ 1193.419538][ T5841] usb usb1-port1: unable to enumerate USB device [ 1195.216250][T14674] loop4: detected capacity change from 0 to 512 [ 1195.513817][T14676] loop1: detected capacity change from 0 to 40427 [ 1195.553735][T14676] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 1195.561550][T14676] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1195.582413][T14676] F2FS-fs (loop1): invalid crc value [ 1195.611133][T14680] loop3: detected capacity change from 0 to 8 [ 1195.645187][T14676] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1195.688465][T14676] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1195.695570][T14676] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1197.175231][T14674] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1197.237119][T14674] ext4 filesystem being mounted at /452/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1197.318855][ T29] audit: type=1800 audit(1773595509.662:140): pid=14691 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2231" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 1197.352834][T14674] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1198.117979][T14701] loop0: detected capacity change from 0 to 8 [ 1199.679419][T14710] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1199.708903][T14710] SQUASHFS error: Failed to read block 0x0: -5 [ 1199.718783][T14710] SQUASHFS error: Failed to read block 0xff: -5 [ 1199.730247][T14710] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1199.758848][T14710] SQUASHFS error: Failed to read block 0x0: -5 [ 1199.781383][ T29] audit: type=1800 audit(1773595512.162:141): pid=14710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2225" name="file2" dev="loop3" ino=3 res=0 errno=0 [ 1201.457203][T14729] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1201.704476][T14729] SQUASHFS error: Failed to read block 0x0: -5 [ 1201.958837][T14729] SQUASHFS error: Failed to read block 0xff: -5 [ 1202.002303][T14729] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1202.094406][T14729] SQUASHFS error: Failed to read block 0x0: -5 [ 1202.183045][ T29] audit: type=1800 audit(1773595514.562:142): pid=14729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2233" name="file2" dev="loop0" ino=3 res=0 errno=0 [ 1202.489108][ T5893] usb 5-1: new high-speed USB device number 78 using dummy_hcd [ 1202.639442][ T1549] usb 2-1: new high-speed USB device number 71 using dummy_hcd [ 1202.659263][ T5893] usb 5-1: Using ep0 maxpacket: 32 [ 1202.673158][ T5893] usb 5-1: config 0 has an invalid interface number: 67 but max is 0 [ 1203.066137][ T5893] usb 5-1: config 0 has no interface number 0 [ 1203.106447][ T5893] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 1203.115664][ T1549] usb 2-1: device descriptor read/64, error -71 [ 1203.146966][ T5893] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1203.196951][ T5893] usb 5-1: Product: syz [ 1203.211581][ T5893] usb 5-1: Manufacturer: syz [ 1203.514131][ T5893] usb 5-1: SerialNumber: syz [ 1203.629462][ T5893] usb 5-1: config 0 descriptor?? [ 1203.669837][ T1549] usb 2-1: new high-speed USB device number 72 using dummy_hcd [ 1203.811111][ T1549] usb 2-1: device descriptor read/64, error -71 [ 1204.125529][T14748] loop3: detected capacity change from 0 to 40427 [ 1204.133323][ T1549] usb usb2-port1: attempt power cycle [ 1204.141814][T14748] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1204.149635][T14748] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1204.159234][T14748] F2FS-fs (loop3): invalid crc value [ 1204.165786][ T5893] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 1204.214236][T14748] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1204.225896][ T5893] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 1204.236199][T14748] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1204.243589][T14748] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1204.857257][ T29] audit: type=1800 audit(1773595516.852:143): pid=14755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2244" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 1205.228754][ T1549] usb 2-1: new high-speed USB device number 73 using dummy_hcd [ 1205.240079][ T5893] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61 [ 1205.254019][T14756] loop2: detected capacity change from 0 to 256 [ 1205.261277][ T5893] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -61 [ 1205.276345][ T1549] usb 2-1: device descriptor read/8, error -71 [ 1205.453819][T14758] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 1206.002404][T14768] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2249'. [ 1206.054866][T14769] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2249'. [ 1206.121768][T14768] erspan0: entered promiscuous mode [ 1206.138062][T14768] macvtap1: entered promiscuous mode [ 1206.158445][T14768] macvtap1: entered allmulticast mode [ 1206.173746][T14768] erspan0: entered allmulticast mode [ 1206.186359][ T5893] usb 5-1: USB disconnect, device number 78 [ 1206.219541][T14769] macvtap1: left promiscuous mode [ 1206.259142][T14769] macvtap1: left allmulticast mode [ 1206.294765][T14769] erspan0: left allmulticast mode [ 1206.508969][T14771] binfmt_misc: register: failed to install interpreter file ./file0 [ 1206.954631][T14788] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 1208.317445][ T29] audit: type=1326 audit(1773595520.692:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14820 comm="syz.1.2267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f805c99c799 code=0x7ffc0000 [ 1208.415599][ T29] audit: type=1326 audit(1773595520.722:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14820 comm="syz.1.2267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f805c99c799 code=0x7ffc0000 [ 1208.518680][ T29] audit: type=1326 audit(1773595520.742:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14820 comm="syz.1.2267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f805c99c799 code=0x7ffc0000 [ 1208.601368][T14828] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2272'. [ 1208.619953][ T29] audit: type=1326 audit(1773595520.742:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14820 comm="syz.1.2267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f805c99c799 code=0x7ffc0000 [ 1208.718819][ T29] audit: type=1326 audit(1773595520.782:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14820 comm="syz.1.2267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f805c99c799 code=0x7ffc0000 [ 1208.819733][ T29] audit: type=1326 audit(1773595520.782:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14820 comm="syz.1.2267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f805c99c799 code=0x7ffc0000 [ 1208.911062][ T29] audit: type=1326 audit(1773595520.782:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14820 comm="syz.1.2267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f805c99c799 code=0x7ffc0000 [ 1208.984808][ T29] audit: type=1326 audit(1773595520.782:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14820 comm="syz.1.2267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f805c99c799 code=0x7ffc0000 [ 1209.061915][ T29] audit: type=1326 audit(1773595520.782:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14820 comm="syz.1.2267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f805c99c799 code=0x7ffc0000 [ 1209.202292][T14841] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2279'. [ 1209.459598][T14841] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1209.581224][T14846] vlan2: entered allmulticast mode [ 1209.599360][T14846] bond1: entered allmulticast mode [ 1210.129332][T14866] capability: warning: `syz.4.2289' uses deprecated v2 capabilities in a way that may be insecure [ 1210.235702][T14870] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2290'. [ 1210.252339][T14866] kvm: pic: non byte write [ 1210.269128][T14866] kvm: pic: non byte write [ 1210.280380][T14866] kvm: pic: non byte write [ 1210.287911][T14870] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2290'. [ 1210.304614][T14866] kvm: pic: non byte write [ 1210.312258][T14866] kvm: pic: non byte write [ 1210.329011][T14866] kvm: pic: non byte write [ 1210.345465][T14866] kvm: pic: non byte write [ 1210.362882][T14866] kvm: pic: non byte write [ 1210.384094][T14866] kvm: pic: non byte write [ 1210.411758][T14866] kvm: pic: non byte write [ 1210.455373][T14866] kvm: pic: single mode not supported [ 1211.205770][T14911] 9p: Bad value for 'version' [ 1211.576683][T14924] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2313'. [ 1212.299725][T14951] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2327'. [ 1212.487904][T14953] loop1: detected capacity change from 0 to 128 [ 1212.884314][T14971] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2336'. [ 1212.916632][T14971] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1213.024301][T14971] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1213.624488][T14996] bridge0: port 2(bridge_slave_1) entered disabled state [ 1213.633541][T14996] bridge0: port 1(bridge_slave_0) entered disabled state [ 1213.731170][T14996] bridge0: entered allmulticast mode [ 1214.019297][ T5893] kernel write not supported for file bpf-map (pid: 5893 comm: kworker/0:3) [ 1214.426157][T15010] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 1214.680822][ T29] kauditd_printk_skb: 42 callbacks suppressed [ 1214.680842][ T29] audit: type=1326 audit(1773595527.052:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15012 comm="syz.3.2355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1214.805526][ T29] audit: type=1326 audit(1773595527.062:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15012 comm="syz.3.2355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1214.868712][ T29] audit: type=1326 audit(1773595527.062:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15012 comm="syz.3.2355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1214.919989][ T29] audit: type=1326 audit(1773595527.072:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15012 comm="syz.3.2355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5accd9c502 code=0x7ffc0000 [ 1215.000828][ T29] audit: type=1326 audit(1773595527.072:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15012 comm="syz.3.2355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5accd9c502 code=0x7ffc0000 [ 1215.046162][ T29] audit: type=1326 audit(1773595527.082:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15012 comm="syz.3.2355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1215.088722][ T29] audit: type=1326 audit(1773595527.092:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15012 comm="syz.3.2355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1215.170109][T15022] sctp: [Deprecated]: syz.0.2358 (pid 15022) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1215.170109][T15022] Use struct sctp_sack_info instead [ 1215.190059][ T29] audit: type=1326 audit(1773595527.092:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15012 comm="syz.3.2355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1215.250501][ T29] audit: type=1326 audit(1773595527.092:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15012 comm="syz.3.2355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1215.348761][ T29] audit: type=1326 audit(1773595527.092:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15012 comm="syz.3.2355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1215.673221][T15031] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1216.710178][T15055] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2371'. [ 1217.572674][T15089] netlink: 'syz.4.2383': attribute type 1 has an invalid length. [ 1217.675896][T15096] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2383'. [ 1217.803351][T15089] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1217.822040][T15095] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1217.849517][T15105] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2387'. [ 1217.895096][T15096] bond1: entered allmulticast mode [ 1218.028363][T15099] bond1: (slave ip6gretap1): making interface the new active one [ 1218.067622][T15099] ip6gretap1: entered allmulticast mode [ 1218.107861][T15099] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 1218.366792][T15124] mmap: syz.4.2397 (15124): VmData 45850624 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data. [ 1219.022944][T15151] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2408'. [ 1219.035083][T15152] loop0: detected capacity change from 0 to 128 [ 1220.041944][T15180] loop4: detected capacity change from 0 to 40427 [ 1220.108895][T15180] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1220.116678][T15180] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1220.434562][T15180] F2FS-fs (loop4): invalid crc value [ 1220.546422][T15180] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1220.563708][T15180] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1220.572675][T15180] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1220.601522][T15185] loop2: detected capacity change from 0 to 2048 [ 1220.747065][T15185] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 1220.751214][T15181] loop3: detected capacity change from 0 to 2048 [ 1221.331837][ T29] kauditd_printk_skb: 18 callbacks suppressed [ 1221.331856][ T29] audit: type=1800 audit(1773595533.222:223): pid=15191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2423" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 1221.754914][T15185] UDF-fs: Scanning with blocksize 512 failed [ 1222.022605][T15181] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 1222.083299][T15185] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1222.193501][ T29] audit: type=1800 audit(1773595534.572:224): pid=15185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2424" name="file2" dev="loop2" ino=839 res=0 errno=0 [ 1222.229971][T15181] UDF-fs: Scanning with blocksize 512 failed [ 1222.248461][ T5828] syz-executor: attempt to access beyond end of device [ 1222.248461][ T5828] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 1222.267211][ T5828] CPU: 0 UID: 0 PID: 5828 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1222.267238][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1222.267249][ T5828] Call Trace: [ 1222.267257][ T5828] [ 1222.267266][ T5828] dump_stack_lvl+0xe8/0x150 [ 1222.267302][ T5828] f2fs_handle_critical_error+0x37c/0x540 [ 1222.267325][ T5828] f2fs_write_end_io+0x1274/0x1740 [ 1222.267355][ T5828] __submit_merged_bio+0x256/0x700 [ 1222.267374][ T5828] f2fs_submit_merged_write+0x284/0x390 [ 1222.267391][ T5828] ? __pfx_f2fs_submit_merged_write+0x10/0x10 [ 1222.267415][ T5828] f2fs_sync_node_pages+0x14bf/0x1680 [ 1222.267441][ T5828] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 1222.267484][ T5828] f2fs_write_checkpoint+0xeb8/0x26a0 [ 1222.267522][ T5828] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1222.267571][ T5828] kill_f2fs_super+0x314/0x720 [ 1222.267591][ T5828] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1222.267615][ T5828] ? lockdep_hardirqs_on+0x7a/0x110 [ 1222.267643][ T5828] deactivate_locked_super+0xbc/0x130 [ 1222.267663][ T5828] cleanup_mnt+0x437/0x4d0 [ 1222.267674][ T5828] ? _raw_spin_unlock_irq+0x23/0x50 [ 1222.267688][ T5828] task_work_run+0x1d9/0x270 [ 1222.267706][ T5828] ? __pfx_task_work_run+0x10/0x10 [ 1222.267726][ T5828] exit_to_user_mode_loop+0xed/0x480 [ 1222.267742][ T5828] ? rcu_is_watching+0x15/0xb0 [ 1222.267756][ T5828] do_syscall_64+0x32d/0xf80 [ 1222.267769][ T5828] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1222.267781][ T5828] ? clear_bhb_loop+0x40/0x90 [ 1222.267795][ T5828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1222.267806][ T5828] RIP: 0033:0x7f22ab99d9d7 [ 1222.267818][ T5828] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1222.267827][ T5828] RSP: 002b:00007ffee7d88878 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1222.267840][ T5828] RAX: 0000000000000000 RBX: 00007f22aba32050 RCX: 00007f22ab99d9d7 [ 1222.267848][ T5828] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffee7d88930 [ 1222.267854][ T5828] RBP: 00007ffee7d88930 R08: 00007ffee7d89930 R09: 00000000ffffffff [ 1222.267861][ T5828] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffee7d899c0 [ 1222.267868][ T5828] R13: 00007f22aba32050 R14: 000000000012a5c4 R15: 00007ffee7d89a00 [ 1222.267887][ T5828] [ 1222.268442][ T5828] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 1222.648713][ T29] audit: type=1800 audit(1773595535.022:225): pid=15185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2424" name="bus" dev="loop2" ino=829 res=0 errno=0 [ 1222.672429][T15181] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1223.176508][T15202] Invalid ELF header type: 2 != 1 [ 1224.252899][T15223] syz.2.2440 (15223): attempted to duplicate a private mapping with mremap. This is not supported. [ 1224.517314][T15227] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer. [ 1225.165003][T15246] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2449'. [ 1226.066229][T15252] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2451'. [ 1226.762467][T15254] loop2: detected capacity change from 0 to 40427 [ 1226.770752][T15254] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1226.778532][T15254] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1226.788492][T15254] F2FS-fs (loop2): invalid crc value [ 1226.883246][T15254] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1226.900547][T15254] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1226.907670][T15254] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1226.932268][T15262] loop4: detected capacity change from 0 to 1764 [ 1226.982984][ T29] audit: type=1800 audit(1773595539.362:226): pid=15264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2452" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 1227.670831][ T29] audit: type=1326 audit(1773595540.052:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15266 comm="syz.3.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1227.740713][ T29] audit: type=1326 audit(1773595540.082:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15266 comm="syz.3.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1227.793862][ T29] audit: type=1326 audit(1773595540.102:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15266 comm="syz.3.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1227.825937][ T29] audit: type=1326 audit(1773595540.102:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15266 comm="syz.3.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1227.853809][ T5830] syz-executor: attempt to access beyond end of device [ 1227.853809][ T5830] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 1227.875220][ T29] audit: type=1326 audit(1773595540.122:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15266 comm="syz.3.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1227.918469][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1227.918495][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1227.918507][ T5830] Call Trace: [ 1227.918514][ T5830] [ 1227.918522][ T5830] dump_stack_lvl+0xe8/0x150 [ 1227.918560][ T5830] f2fs_handle_critical_error+0x37c/0x540 [ 1227.918592][ T5830] f2fs_write_end_io+0x1274/0x1740 [ 1227.918639][ T5830] __submit_merged_bio+0x256/0x700 [ 1227.918671][ T5830] f2fs_submit_merged_write+0x284/0x390 [ 1227.918701][ T5830] ? __pfx_f2fs_submit_merged_write+0x10/0x10 [ 1227.918743][ T5830] f2fs_sync_node_pages+0x14bf/0x1680 [ 1227.918788][ T5830] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 1227.918857][ T5830] f2fs_write_checkpoint+0xeb8/0x26a0 [ 1227.918920][ T5830] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1227.919004][ T5830] kill_f2fs_super+0x314/0x720 [ 1227.919039][ T5830] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1227.919082][ T5830] ? lockdep_hardirqs_on+0x7a/0x110 [ 1227.919119][ T5830] deactivate_locked_super+0xbc/0x130 [ 1227.919149][ T5830] cleanup_mnt+0x437/0x4d0 [ 1227.919167][ T5830] ? _raw_spin_unlock_irq+0x23/0x50 [ 1227.919192][ T5830] task_work_run+0x1d9/0x270 [ 1227.919221][ T5830] ? __pfx_task_work_run+0x10/0x10 [ 1227.919255][ T5830] exit_to_user_mode_loop+0xed/0x480 [ 1227.919281][ T5830] ? rcu_is_watching+0x15/0xb0 [ 1227.919306][ T5830] do_syscall_64+0x32d/0xf80 [ 1227.919327][ T5830] ? trace_irq_disable+0x3b/0x150 [ 1227.919351][ T5830] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1227.919369][ T5830] ? clear_bhb_loop+0x40/0x90 [ 1227.919392][ T5830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1227.919411][ T5830] RIP: 0033:0x7f994379d9d7 [ 1227.919430][ T5830] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1227.919452][ T5830] RSP: 002b:00007fffc07b6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1227.919472][ T5830] RAX: 0000000000000000 RBX: 00007f9943832050 RCX: 00007f994379d9d7 [ 1227.919486][ T5830] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffc07b6db0 [ 1227.919499][ T5830] RBP: 00007fffc07b6db0 R08: 00007fffc07b7db0 R09: 00000000ffffffff [ 1227.919512][ T5830] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffc07b7e40 [ 1227.919525][ T5830] R13: 00007f9943832050 R14: 000000000012bbe0 R15: 00007fffc07b7e80 [ 1227.919558][ T5830] [ 1228.242237][ T5830] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 1230.236450][T15287] ªªªªªª: renamed from vlan0 (while UP) [ 1230.605581][T15296] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 1230.780893][T15299] picdev_write: 38 callbacks suppressed [ 1230.780911][T15299] kvm: pic: non byte write [ 1230.815177][T15299] kvm: pic: non byte write [ 1230.831790][T15299] kvm: pic: level sensitive irq not supported [ 1230.839271][T15299] kvm: pic: non byte write [ 1230.858895][T15299] kvm: pic: non byte write [ 1230.874104][T15299] kvm: pic: non byte write [ 1230.888337][T15299] kvm: pic: non byte write [ 1230.904946][T15299] kvm: pic: non byte write [ 1230.928339][T15299] kvm: pic: non byte write [ 1230.945553][T15299] kvm: pic: non byte write [ 1230.961572][T15299] kvm: pic: non byte write [ 1230.979353][T15299] kvm: pic: level sensitive irq not supported [ 1230.980462][T15299] kvm: pic: single mode not supported [ 1230.987063][T15299] kvm: pic: single mode not supported [ 1230.992454][T15299] kvm: pic: level sensitive irq not supported [ 1230.997966][T15299] kvm: pic: single mode not supported [ 1231.005817][T15299] kvm: pic: level sensitive irq not supported [ 1231.072600][T15299] kvm: pic: single mode not supported [ 1231.079629][T15299] kvm: pic: single mode not supported [ 1231.085030][T15299] kvm: pic: level sensitive irq not supported [ 1231.240306][ T29] audit: type=1326 audit(1773595543.612:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15314 comm="syz.3.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1231.298783][ T29] audit: type=1326 audit(1773595543.662:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15314 comm="syz.3.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1231.366659][ T29] audit: type=1326 audit(1773595543.662:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15314 comm="syz.3.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1231.416548][ T29] audit: type=1326 audit(1773595543.662:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15314 comm="syz.3.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5accd9c799 code=0x7ffc0000 [ 1231.723366][T15322] vlan2: entered promiscuous mode [ 1231.728444][T15322] bond0: entered promiscuous mode [ 1231.760187][T15322] bond_slave_0: entered promiscuous mode [ 1231.769385][T15322] bond_slave_1: entered promiscuous mode [ 1231.989457][ T29] kauditd_printk_skb: 199 callbacks suppressed [ 1231.989474][ T29] audit: type=1326 audit(1773595544.372:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15314 comm="syz.3.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5accd5cfce code=0x7ffc0000 [ 1232.080307][ T29] audit: type=1326 audit(1773595544.402:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15314 comm="syz.3.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5accd5cfce code=0x7ffc0000 [ 1232.170201][ T29] audit: type=1326 audit(1773595544.402:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15314 comm="syz.3.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5accd5cfce code=0x7ffc0000 [ 1232.234141][T15344] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2488'. [ 1232.250224][ T29] audit: type=1326 audit(1773595544.402:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15314 comm="syz.3.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5accd5cfce code=0x7ffc0000 [ 1232.298349][T15344] ip6gre1: entered promiscuous mode [ 1232.308760][T15344] ip6gre1: entered allmulticast mode [ 1232.326049][ T29] audit: type=1326 audit(1773595544.412:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15314 comm="syz.3.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5accd5cfce code=0x7ffc0000 [ 1232.427646][ T29] audit: type=1326 audit(1773595544.412:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15314 comm="syz.3.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5accd5cfce code=0x7ffc0000 [ 1232.516265][ T29] audit: type=1326 audit(1773595544.412:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15314 comm="syz.3.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5accd5cfce code=0x7ffc0000 [ 1232.614004][ T29] audit: type=1326 audit(1773595544.412:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15314 comm="syz.3.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5accd5cfce code=0x7ffc0000 [ 1232.697498][ T29] audit: type=1326 audit(1773595544.412:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15314 comm="syz.3.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5accd5cfce code=0x7ffc0000 [ 1232.787173][ T29] audit: type=1326 audit(1773595544.412:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15314 comm="syz.3.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5accd5cfce code=0x7ffc0000 [ 1233.960381][ T51] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1234.022782][ T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1234.035709][ T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1234.044319][ T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1234.054123][ T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1235.079067][T15119] syz_tun (unregistering): left allmulticast mode [ 1235.867931][T15434] overlay: Unknown parameter 'smackfsroot' [ 1236.111702][ T51] Bluetooth: hci5: command tx timeout [ 1236.147068][T15441] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2526'. [ 1236.169838][ T6051] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1236.180580][T15441] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2526'. [ 1236.493463][T15383] chnl_net:caif_netlink_parms(): no params data found [ 1236.610558][T15451] xt_hashlimit: size too large, truncated to 1048576 [ 1236.904305][ T6051] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1237.345058][ T6051] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1237.550634][ T6051] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1237.660376][T15383] bridge0: port 1(bridge_slave_0) entered blocking state [ 1237.680857][T15469] node ffff88803c442ec0 offset 0 parent ffff88803c441e40 shift 0 count 64 values 0 array ffff888055ce77c0 list ffff88803c442ed8 ffff88803c442ed8 marks 0 0 0 [ 1237.700900][T15383] bridge0: port 1(bridge_slave_0) entered disabled state [ 1237.709953][T15490] kernel profiling enabled (shift: 9) [ 1237.732536][T15383] bridge_slave_0: entered allmulticast mode [ 1237.740915][T15469] ------------[ cut here ]------------ [ 1237.742006][T15383] bridge_slave_0: entered promiscuous mode [ 1237.746430][T15469] kernel BUG at ./include/linux/xarray.h:1441! [ 1237.765389][T15469] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI [ 1237.771887][T15469] CPU: 1 UID: 0 PID: 15469 Comm: syz.2.2539 Not tainted syzkaller #0 PREEMPT(full) [ 1237.781357][T15469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1237.782351][T15383] bridge0: port 2(bridge_slave_1) entered blocking state [ 1237.791426][T15469] RIP: 0010:hpage_collapse_scan_file+0x4f98/0x5230 [ 1237.791577][T15469] Code: ff 4c 89 e7 48 c7 c6 80 b1 dc 8b e8 82 df f1 fe 90 0f 0b 48 85 db 0f 84 03 01 00 00 e8 01 62 90 ff 48 89 df e8 69 5d 7b 09 90 <0f> 0b e8 f1 61 90 ff 48 89 df 48 c7 c6 80 b1 dc 8b e8 52 df f1 fe [ 1237.791595][T15469] RSP: 0018:ffffc90005bcf120 EFLAGS: 00010246 [ 1237.791615][T15469] RAX: 0000000000000000 RBX: ffff88803c442ec0 RCX: 1bacc82956d02200 [ 1237.791630][T15469] RDX: ffffc9000d231000 RSI: 000000000000a57e RDI: 000000000000a57f [ 1237.791642][T15469] RBP: ffffc90005bcf428 R08: ffffc90005bceea7 R09: 1ffff92000b79dd4 [ 1237.791657][T15469] R10: dffffc0000000000 R11: fffff52000b79dd5 R12: ffffea000119bf30 [ 1237.791671][T15469] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffc90005bcf310 [ 1237.791684][T15469] FS: 00007f99446536c0(0000) GS:ffff888125536000(0000) knlGS:0000000000000000 [ 1237.791701][T15469] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1237.791714][T15469] CR2: 000000110c41a986 CR3: 000000006bb70000 CR4: 00000000003526f0 [ 1237.791733][T15469] Call Trace: [ 1237.791741][T15469] [ 1237.791748][T15469] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 1237.791778][T15469] ? hpage_collapse_scan_file+0x1c1/0x5230 [ 1237.914182][T15469] ? __pfx_hpage_collapse_scan_file+0x10/0x10 [ 1237.920256][T15469] ? __flush_work+0xab9/0xc50 [ 1237.924937][T15469] ? __flush_work+0x100/0xc50 [ 1237.929616][T15469] ? __up_read+0x291/0x6b0 [ 1237.934491][T15469] ? __pfx___up_read+0x10/0x10 [ 1237.939277][T15469] ? madvise_collapse+0x41e/0xb80 [ 1237.944299][T15469] madvise_collapse+0x451/0xb80 [ 1237.949237][T15469] madvise_vma_behavior+0x1094/0x4460 [ 1237.954634][T15469] ? ktime_get+0x45/0x220 [ 1237.959011][T15469] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1237.964735][T15469] ? ktime_get+0x45/0x220 [ 1237.969087][T15469] ? seqcount_lockdep_reader_access+0xd4/0x100 [ 1237.975249][T15469] ? ktime_get+0x1f5/0x220 [ 1237.979661][T15469] ? lapic_next_event+0x11/0x20 [ 1237.984494][T15469] ? clockevents_program_event+0x3ba/0x4b0 [ 1237.990285][T15469] ? do_raw_spin_unlock+0xf5/0x210 [ 1237.995384][T15469] ? __pfx_clockevents_program_event+0x10/0x10 [ 1238.001539][T15469] ? tick_program_event+0x8f/0x120 [ 1238.006645][T15469] ? finish_task_switch+0x4da/0xbe0 [ 1238.011845][T15469] ? rcu_is_watching+0x15/0xb0 [ 1238.016622][T15469] ? trace_sched_exit_tp+0x3a/0x150 [ 1238.021914][T15469] ? __schedule+0x167b/0x5590 [ 1238.026593][T15469] ? mas_prev_slot+0xb7b/0xbf0 [ 1238.031449][T15469] ? find_vma_prev+0x123/0x1b0 [ 1238.036280][T15469] ? __pfx_find_vma_prev+0x10/0x10 [ 1238.041393][T15469] ? futex_unqueue+0x22/0x240 [ 1238.046098][T15469] ? __futex_wait+0x371/0x420 [ 1238.050758][T15469] madvise_walk_vmas+0x573/0xae0 [ 1238.055682][T15469] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1238.061179][T15469] ? blk_start_plug+0x6e/0x1b0 [ 1238.065963][T15469] madvise_do_behavior+0x386/0x540 [ 1238.071087][T15469] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1238.076901][T15469] ? down_read+0x270/0x2e0 [ 1238.081321][T15469] ? madvise_lock+0x146/0x2e0 [ 1238.085984][T15469] do_madvise+0x1fa/0x2e0 [ 1238.090294][T15469] ? __pfx_do_madvise+0x10/0x10 [ 1238.095126][T15469] ? __se_sys_futex+0x3a8/0x450 [ 1238.099957][T15469] ? rcu_is_watching+0x15/0xb0 [ 1238.104728][T15469] __x64_sys_madvise+0xa6/0xc0 [ 1238.109479][T15469] do_syscall_64+0x14d/0xf80 [ 1238.114072][T15469] ? trace_irq_disable+0x3b/0x150 [ 1238.119079][T15469] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1238.125143][T15469] ? clear_bhb_loop+0x40/0x90 [ 1238.129827][T15469] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1238.135728][T15469] RIP: 0033:0x7f994379c799 [ 1238.140133][T15469] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1238.159761][T15469] RSP: 002b:00007f9944653028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1238.168336][T15469] RAX: ffffffffffffffda RBX: 00007f9943a15fa0 RCX: 00007f994379c799 [ 1238.176302][T15469] RDX: 0000000000000019 RSI: 0000000000600003 RDI: 0000200000000000 [ 1238.184260][T15469] RBP: 00007f9943832c99 R08: 0000000000000000 R09: 0000000000000000 [ 1238.192388][T15469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1238.200340][T15469] R13: 00007f9943a16038 R14: 00007f9943a15fa0 R15: 00007fffc07b7a88 [ 1238.208302][T15469] [ 1238.211411][T15469] Modules linked in: [ 1238.215968][T15469] ---[ end trace 0000000000000000 ]--- [ 1238.222911][T15383] bridge0: port 2(bridge_slave_1) entered disabled state [ 1238.232856][T15383] bridge_slave_1: entered allmulticast mode [ 1238.245273][ T51] Bluetooth: hci5: command tx timeout [ 1238.265127][T15469] RIP: 0010:hpage_collapse_scan_file+0x4f98/0x5230 [ 1238.294103][T15469] Code: ff 4c 89 e7 48 c7 c6 80 b1 dc 8b e8 82 df f1 fe 90 0f 0b 48 85 db 0f 84 03 01 00 00 e8 01 62 90 ff 48 89 df e8 69 5d 7b 09 90 <0f> 0b e8 f1 61 90 ff 48 89 df 48 c7 c6 80 b1 dc 8b e8 52 df f1 fe [ 1238.314553][T15383] bridge_slave_1: entered promiscuous mode [ 1238.335681][T15469] RSP: 0018:ffffc90005bcf120 EFLAGS: 00010246 [ 1238.348245][T15469] RAX: 0000000000000000 RBX: ffff88803c442ec0 RCX: 1bacc82956d02200 [ 1238.357208][T15469] RDX: ffffc9000d231000 RSI: 000000000000a57e RDI: 000000000000a57f [ 1238.367296][T15469] RBP: ffffc90005bcf428 R08: ffffc90005bceea7 R09: 1ffff92000b79dd4 [ 1238.398112][T15383] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1238.417244][T15469] R10: dffffc0000000000 R11: fffff52000b79dd5 R12: ffffea000119bf30 [ 1238.425370][T15469] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffc90005bcf310 [ 1238.442182][T15383] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1238.442744][T15493] node ffff8880585b98c0 offset 0 parent ffff88803c4302c0 shift 0 count 64 values 0 array ffff88807e3e8fa0 list ffff8880585b98d8 ffff8880585b98d8 marks [ 1238.451389][T15469] FS: 00007f99446536c0(0000) GS:ffff888125536000(0000) knlGS:0000000000000000 [ 1238.478673][T15493] 0 0 0 [ 1238.481884][T15493] ------------[ cut here ]------------ [ 1238.487373][T15493] kernel BUG at ./include/linux/xarray.h:1441! [ 1238.502737][T15383] team0: Port device team_slave_0 added [ 1238.513003][T15469] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1238.522418][T15383] team0: Port device team_slave_1 added [ 1238.528775][T15469] CR2: 00007f14d5862ff8 CR3: 000000006bb70000 CR4: 00000000003526f0 [ 1238.548874][T15493] Oops: invalid opcode: 0000 [#2] SMP KASAN PTI [ 1238.555161][T15493] CPU: 1 UID: 0 PID: 15493 Comm: syz.0.2543 Tainted: G D syzkaller #0 PREEMPT(full) [ 1238.566110][T15493] Tainted: [D]=DIE [ 1238.569825][T15493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1238.579872][T15493] RIP: 0010:hpage_collapse_scan_file+0x4f98/0x5230 [ 1238.586375][T15493] Code: ff 4c 89 e7 48 c7 c6 80 b1 dc 8b e8 82 df f1 fe 90 0f 0b 48 85 db 0f 84 03 01 00 00 e8 01 62 90 ff 48 89 df e8 69 5d 7b 09 90 <0f> 0b e8 f1 61 90 ff 48 89 df 48 c7 c6 80 b1 dc 8b e8 52 df f1 fe [ 1238.605982][T15493] RSP: 0018:ffffc900056cf120 EFLAGS: 00010246 [ 1238.612046][T15493] RAX: 0000000000000000 RBX: ffff8880585b98c0 RCX: fcf6aba8eb0afb00 [ 1238.620011][T15493] RDX: ffffc9000f3e7000 RSI: 00000000000494d2 RDI: 00000000000494d3 [ 1238.627970][T15493] RBP: ffffc900056cf428 R08: ffff8880b87247d3 R09: 1ffff110170e48fa [ 1238.635933][T15493] R10: dffffc0000000000 R11: ffffed10170e48fb R12: ffffea00013dfeb0 [ 1238.643901][T15493] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffc900056cf310 [ 1238.651862][T15493] FS: 00007f14d58636c0(0000) GS:ffff888125536000(0000) knlGS:0000000000000000 [ 1238.660783][T15493] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1238.667358][T15493] CR2: 00007f14d5862ff8 CR3: 00000000339e4000 CR4: 00000000003526f0 [ 1238.675332][T15493] Call Trace: [ 1238.678605][T15493] [ 1238.681526][T15493] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 1238.687336][T15493] ? hpage_collapse_scan_file+0x1c1/0x5230 [ 1238.693141][T15493] ? __pfx_hpage_collapse_scan_file+0x10/0x10 [ 1238.699199][T15493] ? __flush_work+0xab9/0xc50 [ 1238.703866][T15493] ? __flush_work+0x100/0xc50 [ 1238.708534][T15493] ? rcu_is_watching+0x15/0xb0 [ 1238.713288][T15493] ? lock_release+0x4b/0x3d0 [ 1238.717881][T15493] ? __up_read+0x291/0x6b0 [ 1238.722290][T15493] ? __pfx___up_read+0x10/0x10 [ 1238.727045][T15493] ? lock_release+0x4b/0x3d0 [ 1238.731635][T15493] madvise_collapse+0x451/0xb80 [ 1238.736480][T15493] madvise_vma_behavior+0x1094/0x4460 [ 1238.741844][T15493] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1238.747555][T15493] ? arch_stack_walk+0xe3/0x150 [ 1238.752410][T15493] ? unwind_next_frame+0xa5/0x23c0 [ 1238.757515][T15493] ? rcu_is_watching+0x15/0xb0 [ 1238.762266][T15493] ? unwind_next_frame+0xa5/0x23c0 [ 1238.767362][T15493] ? lock_release+0x4b/0x3d0 [ 1238.771947][T15493] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1238.778002][T15493] ? unwind_next_frame+0xa5/0x23c0 [ 1238.783103][T15493] ? rcu_is_watching+0x15/0xb0 [ 1238.787854][T15493] ? arch_stack_walk+0xe3/0x150 [ 1238.792707][T15493] ? unwind_next_frame+0xa5/0x23c0 [ 1238.797831][T15493] ? rcu_is_watching+0x15/0xb0 [ 1238.802589][T15493] ? unwind_next_frame+0xa5/0x23c0 [ 1238.807698][T15493] ? lock_release+0x4b/0x3d0 [ 1238.812460][T15493] ? lock_release+0x4b/0x3d0 [ 1238.817049][T15493] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1238.823107][T15493] ? unwind_next_frame+0xa5/0x23c0 [ 1238.828224][T15493] ? rcu_is_watching+0x15/0xb0 [ 1238.832998][T15493] ? rcu_is_watching+0x15/0xb0 [ 1238.837752][T15493] ? lock_release+0x4b/0x3d0 [ 1238.842334][T15493] ? lock_release+0x4b/0x3d0 [ 1238.846921][T15493] ? is_bpf_text_address+0x292/0x2b0 [ 1238.852205][T15493] ? is_bpf_text_address+0x26/0x2b0 [ 1238.857399][T15493] ? kernel_text_address+0xa5/0xe0 [ 1238.862507][T15493] ? __kernel_text_address+0xd/0x30 [ 1238.867713][T15493] ? unwind_get_return_address+0x4d/0x90 [ 1238.873332][T15493] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1238.879480][T15493] ? arch_stack_walk+0xfb/0x150 [ 1238.884409][T15493] ? mtree_range_walk+0x6f9/0x8b0 [ 1238.889455][T15493] ? mas_prev_slot+0xb7b/0xbf0 [ 1238.894297][T15493] ? find_vma_prev+0x123/0x1b0 [ 1238.899069][T15493] ? __pfx_find_vma_prev+0x10/0x10 [ 1238.904180][T15493] ? file_ioctl+0x273/0x860 [ 1238.908673][T15493] madvise_walk_vmas+0x573/0xae0 [ 1238.913609][T15493] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1238.919057][T15493] ? blk_start_plug+0x6e/0x1b0 [ 1238.923826][T15493] madvise_do_behavior+0x386/0x540 [ 1238.928949][T15493] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1238.934581][T15493] ? down_read+0x270/0x2e0 [ 1238.939096][T15493] ? madvise_lock+0x146/0x2e0 [ 1238.943785][T15493] do_madvise+0x1fa/0x2e0 [ 1238.948139][T15493] ? __pfx_do_madvise+0x10/0x10 [ 1238.953003][T15493] ? rcu_is_watching+0x15/0xb0 [ 1238.957775][T15493] ? __pfx_kcov_ioctl+0x10/0x10 [ 1238.962641][T15493] __x64_sys_madvise+0xa6/0xc0 [ 1238.967408][T15493] do_syscall_64+0x14d/0xf80 [ 1238.972026][T15493] ? trace_irq_disable+0x3b/0x150 [ 1238.977045][T15493] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1238.983116][T15493] ? clear_bhb_loop+0x40/0x90 [ 1238.987842][T15493] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1238.993739][T15493] RIP: 0033:0x7f14d499c799 [ 1238.998151][T15493] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1239.017749][T15493] RSP: 002b:00007f14d5863028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1239.026158][T15493] RAX: ffffffffffffffda RBX: 00007f14d4c16090 RCX: 00007f14d499c799 [ 1239.034237][T15493] RDX: 0000000000000019 RSI: 0000000000600000 RDI: 0000200000000000 [ 1239.042214][T15493] RBP: 00007f14d4a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 1239.050272][T15493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1239.058233][T15493] R13: 00007f14d4c16128 R14: 00007f14d4c16090 R15: 00007ffd5d9af458 [ 1239.066218][T15493] [ 1239.069235][T15493] Modules linked in: [ 1239.076984][T15493] ---[ end trace 0000000000000000 ]--- [ 1239.077555][ T1307] ieee802154 phy0 wpan0: encryption failed: -22 [ 1239.089075][T15469] Kernel panic - not syncing: Fatal exception [ 1239.095413][T15469] Kernel Offset: disabled [ 1239.099723][T15469] Rebooting in 86400 seconds..