last executing test programs: 3.783892862s ago: executing program 0 (id=4474): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000380)={[{@test_dummy_encryption}, {@dioread_lock}, {@test_dummy_encryption}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5e9, &(0x7f0000001340)="$eJzs3c1vVFUbAPDnTj9oKe/bQoyKC2liDCRKSwsYYkyErSENfsSNGystiBRoaI0WTSgJbkyMG2NMXLkQ/wslsmWlKxduXBkSooaliWPu9N7Sae/0u72V+/slQ889Zy7nTKfPnDNnzrkTQGX1p//UIvZHxGQS0ZvMzpe1R1bYP3e/B399fDa9JVGvv/5HEkmWl98/yX72ZCd3RcRPPyaxr21pvVMz1y6OTkyMX82OB6cvTQ5OzVw7fOHS6Pnx8+OXh18YPnH82PETQ0dW8zC6F2dcL7jT6ZvvfdD76chb3379dzL03a8jSZyMV7I7Lnwcm6U/+hu/k2RpUc+Jza6sJG3Z38nCpzhpL7FBrEn+/HVExBPRG23x8MnrjU9eLbVxwJaqJxF1oKIS8Q8VlY8D8vf2i98H10oZlQDb4f6puQmApfHfPjc3GF2NuYHdD5JYOK2TRMSqZuZWsCci7t4ZuXnuzsjN2KJ5OKDY7I2IeLIo/pNG/PdFV/Q14r/WFP/puOBM9jPNf22d9S+eKhb/sH3m4r9r2fiPFvH/9oL4f2ed9fc/TL7b3RT/Sz7SAwAAAAAAAFZw+1REPF/0+X9tfv1PFKz/6YmIk5tQf/+i46Wf/9fubUI1QIH7pyJeKlz/W8tX//a1Zan/NdYDdCTnLkyMH4mI/0fEoejYlR4PLVPH4c/2fdWqrD9b/5ff0vrvZmsBs3bca9/VfM7Y6PToRh83EHH/RsRThet/k/n+Pyno/9PXg8lV1rHv2VtnWpWtHP/AVql/E3GwsP9/eNWKZPnrcww2xgOD+ahgqac/+vz7VvWvN/5dYgI2Lu3/dy8f/33Jwuv1TK29jqMz7fVWZesd/3cmbzQuOdOZ5X04Oj19dSiiMzndluY25Q+vvc3wKMrjIY+XNP4PPbP8/F/R+L87ImYX/d/Jn817inOP/9PzW6v2GP9DedL4H1tT/7/2xPCtvh9a1b+6/v9Yo68/lOWY/4M5X+Zh2tmcXxCO7UVF291eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgU1CJiTyS1gfl0rTYwENETEY/F7trElanp585def/yWFrW+P7/Wv5Nv71zx0n+/f99C46HFx0fjYi9EfFFW3fjeODslYmxsh88AAAAAAAAAAAAAAAAAAAA7BA9Lfb/p35vK7t1wJZrL7sBQGkK4v/nMtoBbD/9P1SX+IfqEv9QXeIfqkv8Q3WJf6gu8Q/VJf4BAAAAAOCRsvfA7V+SiJh9sbtxS3VmZR2ltgzYarWyGwCUxiV+oLos/YHq8h4fSFYo72p50kpnLmfy7AZOBgAAAAAAAAAAAIDKObjf/n+oKvv/obrs/4fqyvf/Hyi5HcD2W+N7/PpGdvsCO9dysV24/3/FswAAAAAAAAAAAACAzTQ1c+3i6MTE+NXKJV6OiKacN3dIw7YxUa/Xr6d/BTulPf/xRL4Ufqe0Z1Ei3+u3urPKe00CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACa/RsAAP//EH0kSg==") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000140)='./bus\x00', 0x1a40cc4, &(0x7f0000000a40)=ANY=[], 0xdf, 0x0, &(0x7f0000000000)) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x400c6615, 0x0) 3.065828363s ago: executing program 0 (id=4480): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0xb5, 0x40, 0x33, 0x40, 0x1a86, 0x7522, 0x3536, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xe4, 0xd6, 0x24}}]}}]}}, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000840)={0x34, &(0x7f0000000580)={0x0, 0x0, 0x2, "8c3c"}, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) 2.364118413s ago: executing program 3 (id=4491): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x58, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'syz_tun\x00'}]}]}]}], {0x14}}, 0x80}}, 0x0) syz_emit_ethernet(0xbe, &(0x7f0000001880)={@dev, @random, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x1f, 0x11, 0x0, @multicast2, @multicast1}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "52107c4743727b9d674b3aed04143263adef598c9729df4855a90c71110e7a3b", "d00dbe8519aaef94bf4488d66a807b84d0d9c2efb7512af2c5ebcb3adfb71aef0bc2cf4bac81b42a65b5c0ab6e46313d", "908480cde99452da8625724a25a7e367c561ecf8a41e43d53a1cfc64", {"9a68933a7b7ba7dc2c066abac07329b3", "6f8e3e86742a63576fdcba094784290e"}}}}}}}, 0x0) 1.940088344s ago: executing program 3 (id=4499): connect$pppoe(0xffffffffffffffff, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) r0 = syz_open_dev$sndpcmc(&(0x7f0000004240), 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$SNDRV_PCM_IOCTL_STATUS64(r0, 0xc06c4124, &(0x7f0000000080)) 1.748257241s ago: executing program 3 (id=4500): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000a40)=ANY=[@ANYBLOB="7a0af8ff7525347cbfa100000000000007010000f9ffffffb702000005000000bf130000000000008500000072000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f81d9217fc560e2fc91f6993bad4fdc2eb1b5986fc4a3f611a7c8edd3aa5d6ee7ab10b1a297cf52866651ddd73f30f2382f6cda4bfdd45be583823c0f09621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000098045f785b1292fcb9c1d3079a00db453620ce72d75946c2b638f91dbef661935839c77edf2d34b12cd48a1b20fb7dd8432619f2c50d77bc0ea9b0af58e604f4942eb613eff28902010045ef76d7d864409ef2dc9518a09f4886afc26abba34635d0e8b598a51bc7421d33321d1ec72ed311740d435aa8b5208ff0df2db7619a12df6bee431a668135b8214afa5827b56a8074bf1e6cf5d84b35a3a3a4c66824fe12dbe20fcf50a194185b9e2d07815fedb0d982936156be34dda66fb977aef7c9cb92428ef25d9bf665bd60020500000000000000abe4cb8d826e1ec03cc492f5cad6227c94fea467aea7fa8b58abc3c9731c9a7bb3a4e67056433edf43fba5566a3e02200bae941d34ac81fd48f9b73126992529402a520ef67e246415a697a95ca3314ded0d8a24abd57e042888a9141ab4e6c6b939aaefc248791464970c43120211b9bc82a85cd2fc18f535c7986c2d52ba62f74f000000000480000000000000000000000074054d643c2b5692d8304a23eaf9153c457ae5bbe49b3c164461470a452bd357fa62341c759dc21b45a06ec414cadf9695d030012acad582e3fe75e61ae908347e4d6d089ba9b19dbe6431c7bf773634f4aac8c91aef83eaa0951d137f8f91a0a9d54f4347431fa96c0b54a503c39d4da796a0dc4a54cb6d9952feb6d282aa2557037b890dc0cf2ed230571ffafccdef2c2c32d3edbcb5ec2cb723149cbed2fbd5fe7452486401e65abb2966c85ec1fdb74b8a492f83e6dd9f2e2f4f75a18a2117b96217adc5dd29bf9192e4419594d1369c1f25e5965f9c601e47f70b0b35c4367102087b9f00c2651c1b5e3134d45a8c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4) sendmsg$unix(r1, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0) 1.593819337s ago: executing program 3 (id=4503): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet(r0, &(0x7f0000000300)='Nd', 0x2, 0x0, &(0x7f00000001c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000180)='i', 0x20086}], 0x1}}], 0x1, 0x0) sendmmsg$inet6(r0, &(0x7f00000071c0)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000080)='H', 0x1}], 0x1}}], 0x1, 0x0) 1.47106739s ago: executing program 3 (id=4506): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x2}, 0x3a) listen(r0, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, 0x0) 1.338753131s ago: executing program 5 (id=4507): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x3fd, 0x0, 0x0, 0x7f, 0xfffffffd}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0) r1 = socket$kcm(0x2, 0x2, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x46, &(0x7f0000000640)=r0, 0x4) 1.32395961s ago: executing program 4 (id=4508): unshare(0x4000400) r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000140)) ppoll(&(0x7f0000000200)=[{r0, 0xc8}], 0x1, 0x0, 0x0, 0x0) 1.303906179s ago: executing program 2 (id=4509): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000fc03000000b761bd0000000000000000000000000000000002"], 0xb8}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001400e9990000000000000000fc00000000000000000000000005"], 0xb8}}, 0x0) 1.241103421s ago: executing program 3 (id=4511): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x4) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x30) 1.10775498s ago: executing program 4 (id=4512): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x0, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, {{0x18, 0x1, 0x1, 0x0, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0xc, 0x4, 0xc4f, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100), 0x6c7, r0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, &(0x7f0000000340)=""/211, &(0x7f0000000180), &(0x7f0000000440), 0x3, r0}, 0x38) 1.107317509s ago: executing program 2 (id=4513): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0xd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffff0001, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') getdents64(r1, &(0x7f0000003f80)=""/4098, 0x1002) 1.07718922s ago: executing program 4 (id=4514): r0 = socket$inet6(0xa, 0x6, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4) close_range(r0, 0xffffffffffffffff, 0x0) 1.008080962s ago: executing program 4 (id=4515): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 1.001342477s ago: executing program 1 (id=4516): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000080)=ANY=[@ANYRES16=0x0], 0x0, 0x1ca, &(0x7f00000008c0)="$eJzsmb+uEkEUxr+Z3QvcG2NiY2GjiTfxmlyW3UUNjQU+gQn4r5PIStAFDGwBJBbExsbH8BUsqCzs7Gy1UBMTCymt18xw2B35J8QQSTy/hNlvZs7MnDnAVwAYhvlv+frl5+dXt0rVUwBncIwsjX+30hhpxH/Kkfj4+l377PPx/H4CQBxvfr4N4G3ZQkT9OP599TE9q5CJvgOJq6TvQcAh/RASd0kHEHhA+omhO4ckwsB51Anrj5th4KrGU42vmuJ8fpORQB1AjvITxnxvMHxaC8OgOy8O4tk5C1Pbij/Uz56UJW4a9VPv1/2XL0aqP6uNa9TPg4RHugiBCukSsnAcJy2Jcf8Ldrq/tcn990Gcy6+LOd2DDFn8AyGMkUMl1Bc6GTk/Gb9fXPVtl4ld2u2VQZ69MPXh6O92zpAJLI1J/VNZ7hXDn2zYiX8UotazQm8wzDdbtUbQCNq+X7zhXnPd635BG9G0XeN/Oe1PR8b+BytiMyKDfi2Kul4fiLpe0venreG4lTedH3qN1P4ncXJ5uof6qOhrZ5efIegl9VOpE2tl8gzDMAzDMAzDMAzDMAzDMFtxEUL/Ckp/VMUr8G/r6F8BAAD///ckZMc=") mount$overlay(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) chdir(&(0x7f0000000240)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) 945.605013ms ago: executing program 5 (id=4517): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000200)={0x0, 0x4}, 0xe) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000300)) 902.402803ms ago: executing program 4 (id=4518): r0 = socket$tipc(0x1e, 0x2, 0x0) connect$tipc(r0, &(0x7f0000003100)=@id, 0x10) sendmmsg$inet(r0, &(0x7f0000002f40)=[{{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f00000002c0)="91199893b794f675ec88239fef317c764ee3a8ecbdc2a8c32d46f77944d1de9f924d05d3566b8eb8f5750393c669559d05543efa2927ef0d2b10e3d4f8541f34e1c7c8ca2d1e811f67f3dc50fdd469af72a49e684e28a364f5da124dff2b55a5536aa670b82da70bf0f19cd420371848ddc41d65649fde307c1971599f2fec84845e32bb2b6ebda099de12e8b64842024389524a1c5a97608000d1030d99e2a6e23a0bc8", 0xa4}, {&(0x7f0000000380)="11a68683394e1541cc444dff7adf30f079408cb066a6f8f4d33c4f11850de78c586d1a2ccff92e8e83fb82e447d9b88de42182e9e8c97415f41ef8a504215a2b2fdb1404c9659fdb988d0f527c3675cf2b", 0x51}, {&(0x7f0000000400)="875ad17d55c11f1ea6ec6cd17661afc73209e32142961e4660591bf3ca40d05a507ac0b0e71f7ed4c63f52a003cc8102f20dc6e33b5dc6de64ac815cf87867507cc072f0cb762aa5deb8731a699d3c7c69f85266ba51eb244f20129de491adaeb0c2d2eb13c1f215ddff92b05148f0ad513018b14798e45e55ecb916d4dd89f2df7e33c470998f325bf453f929d86196", 0x90}, {&(0x7f00000004c0)="1273dd9951adeaefffe3c4957c86dbff8693adf2202b620b3aec000cf330bb7249", 0x21}, {&(0x7f0000000500)="4167c4fd9ea8b423c01e798bbd631e888a04e31e6865a2d55b31833b82989759c0f3241bb5ebe979636a5f22244112d95d11a07cb172724ec37ef9faaf227d64f5190c9d82dfe194b2cf6d77e917e513170fa1e8e4c82dd9898b4ad23e677261595ec62844104d7ca15aa7eec90685ad92f2cd5b745910e47d703315a0d1d3a6d143575da2604e54bb1ddb295e590a1392770befa52aaf1651d375682bcf94e5da4ea37e1cde1d2a80890d896cfe4d08801bc50d9bc08480de2b2710b694ff7fb5bda12cd8a8cb8dc18bf0c265b71aef50ec0ee22e1968a4f3487d8487026bc2b721692064dcfdd1b6b6aec3e8da3d0ab7d3cc51e2db33c169e6354ea425fbfc1bc39057e64d3aff3749d60edcf0a50fe0e973b5ee3a7cd45ad967564fdbc9832869346037dabe420448b5089ab553c2c87e94befac8d3a0c2a56ca2ab778c2f34f571217c837580e8a524db35baea8024482bb32306182faaf39bb1c4e992c4440889e274952ed3d17d5e87224fec8048e6b7344270e046ab2fdda270ad4e5f651fd6eede5d42d9599265520d45d6f500fd733372a62ab4f496b56839b0d6418961a3b6016c26409daba4f2beeceeb38cc6ba75f57e8ee45d8a6c2ecc031c9469d937b9d7db91ded158ebd7f7d512d445f4104130a429ce7fce52d3fec37df953fc6e6adaa781b820b4bb6d4ffd2c10a16f9583890118793bae09157d3ac5625ad8e66a367488e2722bb82161661711d91a5540a92e3de7506861875575d40465cda28989cbc46fb3d80c2bc7e96afbde1cbd2e89103c55bde669c77b774ea570b26e93a1be5e50269ea5f3355869ac5a9701ac0e7d8f69b0a3186e118c6e2ce8e946c95bd729d94d237e5915e2711cc82826f147176a8a0555b9e11fb9a8ad736d016d202cea43b10a5102e48387ab70069b876051ac0557528c14748aa9cc0e0d9bf512533bdc83610d9f801ec4ed512a4a877e2f45b0cbe87ee25a314d481153eefe8643fb2f3e0478353552b0ae863635ab12e7bf0e4f046e8ba9cb7ce3189d52b2a27ff9e4eb5bf8b12d09d610705eec149589bdd38c951de63de4e3065e45eeb261a72c980349387514cb42467e1fe5812abaf4670e993c6fb561e5cccf7a472ee874bbfe73412bc63f706424f174afd1a3f16fb8b8305d932d33ab211d473d210b87e2f20b6ba951a2b98206793c04516fd57fc7365cec4a1831548470ebefe7f9487cc7b287b2f45eb69b4e165b9f3404d8ac84b2b57ace34de669a85fd885ecb055a6fd2ba5d5396737c702c082bfb35f3ccace91eacfc7a71b2bca1e228170ad6d194aa7c2dc2cf5f0bce153ac1befb2b82e6cf1f12d28812e309f5da0dbe1cad03172d296fa13247b1952ec988316f668aa65e1ca7e9e383b115ce5c25130955c118a0b4567bd180c07ce18bd0c459cc33ed7ba1c43262034a60711315ed81bbc95b7e3088dbd22b976fcd18bae330f08c89236f770478305fac20b5d9bd5cbc98c5c0f9713345c7362bc0e0bc78d212433bcdc6142989bc6ab82160df897825aa906d739dac905a434c90b2cbc72223011ea11480278b681cdcdf5fa63ac5f8b8f1f3ef7d4eb02f422e9fc52b98163630cd2f130f076a33bb011bb8e42800c9475f5cbee042b79fda44b6432b126f085a17553b82d9cae519ec239a9cccb99444f24b8f11e255e31e0d53a28e36949a3f8238c2ea3f4e3d8cf3b85b031c962504d00a4e7928b5fa2fab311bcc54d68738086ce70a8e5bdaf425033036a85e59aa3bb1b01f8b6c6a2e221c69e48565b55a196b2dc9cb067b4ccf8a7c81e31795a8b74e8940455126f19c8bbb9b941cc66c9443fd13e20c2074a9c3bc1740262c1fcb8e9ca5ac5729dfe6e25561eba41ccae8ca2e851affc1ab4ec912925ef7ccf72e97c577413260ccda170d75741336f837258a59da907460a2917f652c6e4ebc0467da8a95f2ceae9afcc4e0d1f4b95fc68b2f5e32af96fb12a8e7f3140dd235a30e5ad94e78cf58ad75ca8a871a70820090ba510e7563c0f78cf364369a51fa6683ff8d24924ceb922927eb0ba1395b7a4f37d92913a9688ef8428a887f1161f10aeab749f5ea8ca24e579008f542a9b785841dae071b94b5a8ba79985930f60ac2c93aa002d84b212e2e2b6c9c2a0694595dad99fd1f27d0044481ef5b364a059599ef982a114a61094b3b7d0f9a7b78d7615cc8573430e676987ab7421fde9abeb29e4529beb6a2724bed86a7b1d27ee73585892f083fad4307696a4166356b9c20a9579bbf3e8cda9ad7ec2b2bb973d05cf8d9457dc03eee2cfbf630dd917768ae652c0627e32ebb4c62951dfbd8e074dfdf02c5517ace50d5813c8d8d7f1fc0fc63a4fae5c2bcf26560c627500e03692384630be287790d545403adc500ef732d66e269b8b051aa57bb865a9b709c7a0426188daf29caf1d062b104592b4f6acc86895956d8085424dba0bfafdf900419f2227db1eca75b338091d23da2067566c6d54de1604bf8d4cce8a0b4484c4645a305861bc46ebccafbe500e01d51236b40027d1b2c7a72937b15899bb982c880d83ed6b70502bd0d68d2a2146a85c6518a11c386df610243ec513e7a284a81c841f9201ee3b9d3a8f44cdf52ec842e07c1f2f35e2a5b17278dce1f9b7fa09866ecb0d2e78fc8095b7dee81d3e308fd10a1490036194bfa89c118bd9c72d4747b90724d7bd0a7ead28c89c23cc6667c1a8b362ca5385d24b2c1265957764a4e46176365a5348bcf85c457921e7fa6c9e165b6c4d8bd9e8782c96839a5fd2679cd08f656ca5b41d00f8429d517a0d776049918e73b4a258fd2a1576b6420b67fc9ff3520556881ef4838e973f552edebde686af1d55e6172e5bb9b01543d32c0c7753b380dd9ed3f5c0b663a9b1bcb4bd36a365172aeee96a8d69c1e5c5b6c88fc9453ace6aa24bdfc1cfa27ea8cc36c80cace296259545a4e155d154ccbf00ae4ff912c583c871b7cdb46813584ea14bb6943d16b3f12e8fe149076e5e646e1dca0bf121a2e2fa09816e9056aa1143988ff17c21c49981445d98d88fd4bba6a59d9f97d301d90e3754103389b36308713c1ba31031e42f2d759343a95bbae9c01a3bb3e6b537b658d1c028c8ec3126bf79db223a3320e25a671ef834c924f02c1bbab338517accb8378f945cb1d65d4dff90f1e3af8168e33a5a124aef715b656075f6a62099afa110f2fe5eb83e0b3e36df91be2125be6500e5f3a81f8bc116f42734c784f6bb6c7e968610243b06026a9def4e85f8344fae36602aa3795cf71ecf7e57a3da0bef859daf649abc6390e86edaa84eefe48999ddba9067b90dd5ea2477f150ab588dadfe79ab7524157d1b94c738ca3345ce8657bfac981cb30b7c0f05f96dafcdce3e41471943609b121de1eda3e95a1c31bada084beec699512c7d5cec71e06a57c177ca1f383120bf46a9c805c9220d3d0c6807d60e6b7f9c80de1d815bdf1ebe62338862719eab55ef4971a69c76aa2f25c3c9d0c2e5c7857a86f9ab26c3c6aa395f2c366548f60a40abbe14dd011358d9b3695b8a091e16552478aeee1e2e91abd67deeb15732f428c3304a2bf2e4cbb3768875b35d126ca46d29e506ee1e0aba7a17eba27c19d7626064c0a17d7ee7f2f220e5e28bd7d691dffa84f2a2f92c924b87da382ae9a688ad4322fa0cc72604fc43e17002b8f3844a7431205de46818310d0fcf4676f45c9941dde767c9a4376e13cd7e91308cc0df25a4c79e390674fa0161695cc9e9bee12620d8571a4b3800370cd01bf0546758a048563539edf15d58b108159ea5fe0f038281c7855bbd92cc86de38df60b8597f4bce4ae9cae1647b5024bfb73630cdf4d1827a5f0ff779a1e6c6efbc6561d06b249986703b9dc61a63e2068e4786e6a8be34a808143301ef00f21bee8399d88ecffddb4867790d4d1cbe827a5a220834ba831d3ba424ff8fc9a99b175d2feca9f581e24bb69bdc4f64a6ea0c9c37d6976d15e9388519a2bed100a2a8358215a8b63b6e25a677875ee2bc3fd9c77783b39a166b863376b496775b83804a2c7f5363cca9ade819034afc2f7b40ffc316089556dec2e55e1bd92c9b905d6b1b9160d6c492d4384acd7e380874939b1ab02dbbacfbedd74cd524b4eab643e8b92d38d9fae446afd8d774d1c933bce8c341f0ff283acec3bbbbfdb06a15eb88ca6600542dda45334a374e31bae", 0xba7}], 0x5}}], 0x300, 0x0) bind$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) 901.654352ms ago: executing program 2 (id=4530): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x3c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1590}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x80}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1590}], @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}]]}, 0x3c}}, 0x0) 821.632757ms ago: executing program 1 (id=4519): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_G_SELECTION(0xffffffffffffffff, 0xc040565e, &(0x7f0000001a80)) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) 769.845772ms ago: executing program 2 (id=4520): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) io_getevents(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc) 769.084503ms ago: executing program 5 (id=4521): r0 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x103c40, 0x0) flock(r0, 0x5) r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) flock(r1, 0x6) 728.158707ms ago: executing program 0 (id=4522): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000400)=0x5) 577.536331ms ago: executing program 1 (id=4523): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x12, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000001c0)={r1, &(0x7f0000000280), 0x20000000}, 0x20) recvmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x21, 0x0) 565.368069ms ago: executing program 5 (id=4524): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-ssse3\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$sock(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)='*', 0x2}, {&(0x7f00000002c0)="470e8a89e6279e8382a36797063c19c85433675ac7cfe879c46c596bb2f6930647c649c728470dd7387d80a110a66b9124df11f2de47bb20de4c42c4e4260d", 0x3f}], 0x2}, 0x0) 540.987057ms ago: executing program 2 (id=4525): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1001a) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000040)={0x0, 0x8, 0x5c}) 540.238216ms ago: executing program 0 (id=4526): r0 = socket(0x10, 0x803, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000500)={'lo\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="340000001400b59500070000000000000a000000", @ANYRES32=r2, @ANYBLOB="140002000000000000000000000000000000000108000800d806"], 0x34}}, 0x0) 513.149265ms ago: executing program 4 (id=4527): r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setlease(r0, 0x8, 0x0) openat$dir(0xffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0) 357.691591ms ago: executing program 5 (id=4528): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r1) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000077400062c00070073797374656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a7330000800020000000000080004000000000014000600626f6e64300000000000000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0) 307.954896ms ago: executing program 0 (id=4529): r0 = add_key(&(0x7f0000000040)='big_key\x00', &(0x7f0000000000)={'syz', 0x1}, &(0x7f0000001000)='O', 0x1, 0xfffffffffffffffd) pipe2$watch_queue(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0x0) keyctl$update(0x2, r0, &(0x7f0000000100)="a6", 0x1) 307.59249ms ago: executing program 1 (id=4531): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_AWAKE_WINDOW={0x6, 0x1b, 0x3}, @NL80211_MESHCONF_POWER_MODE={0x8, 0x1a, 0x2}]}]}, 0x30}}, 0x0) 164.50066ms ago: executing program 1 (id=4532): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="600000000206010200000000000000000000000014000780050014000700000008001240000500000900020073797a3200000000050001000700000011000300686173683a6e65742c6e6574000000000500050002000000050004"], 0x60}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000000406011f0000efffffffffffffff00000500010007"], 0x1c}}, 0x0) 163.16938ms ago: executing program 5 (id=4533): r0 = timerfd_create(0x0, 0x0) readv(r0, &(0x7f0000000640)=[{&(0x7f0000000140)=""/168, 0xa8}], 0x1) timerfd_settime(r0, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0) clock_adjtime(0x0, &(0x7f0000000040)={0xd54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}) 109.497755ms ago: executing program 0 (id=4534): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$RTC_IRQP_SET(r1, 0x4008700c, 0x1) 314.834µs ago: executing program 2 (id=4535): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000000000040d21f07600000000000010902240001000000000904000001030000000921000000012205000905810302"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000540)={0x2c, &(0x7f0000000b80)=ANY=[@ANYBLOB="2021a2000000a20082a96f"], 0x0, 0x0, 0x0, 0x0}, 0x0) 0s ago: executing program 1 (id=4536): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) unshare(0x600) io_setup(0x6, &(0x7f0000000100)=0x0) io_submit(r1, 0x1, &(0x7f0000001900)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x7, 0x9, r0, 0x0, 0x0, 0x2, 0x0, 0x3}]) kernel console output (not intermixed with test programs): [ 467.761602][ T29] audit: type=1326 audit(1728569479.798:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16110 comm="syz.0.3660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf4637dff9 code=0x7ffc0000 [ 467.840831][ T29] audit: type=1326 audit(1728569479.818:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16110 comm="syz.0.3660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf4637dff9 code=0x7ffc0000 [ 467.914394][ T29] audit: type=1326 audit(1728569479.818:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16110 comm="syz.0.3660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7faf4637dff9 code=0x7ffc0000 [ 467.981490][ T29] audit: type=1326 audit(1728569479.818:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16110 comm="syz.0.3660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf4637dff9 code=0x7ffc0000 [ 468.014422][ T29] audit: type=1326 audit(1728569479.818:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16110 comm="syz.0.3660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf4637dff9 code=0x7ffc0000 [ 468.351575][ T2488] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 468.365745][T16131] loop1: detected capacity change from 0 to 256 [ 468.535550][T16135] loop3: detected capacity change from 0 to 256 [ 468.578753][T16135] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 468.867197][T16144] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3676'. [ 468.898585][T16144] (unnamed net_device) (uninitialized): peer notification delay (2) is not a multiple of miimon (129), value rounded to 0 ms [ 468.911821][T16144] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (511) [ 468.920897][T16144] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255 [ 468.969447][T15247] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 469.119473][T16154] netlink: 168 bytes leftover after parsing attributes in process `syz.2.3679'. [ 469.138701][T16154] netlink: 'syz.2.3679': attribute type 1 has an invalid length. [ 469.532017][T16174] input: syz0 as /devices/virtual/input/input37 [ 469.893946][T16194] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3698'. [ 469.938164][T16194] netem: unknown loss type 13 [ 469.949885][T16194] netem: change failed [ 470.201488][ T7768] IPVS: starting estimator thread 0... [ 470.302179][T16209] IPVS: using max 15 ests per chain, 36000 per kthread [ 470.307763][T16211] wlan0 speed is unknown, defaulting to 1000 [ 470.393871][ T5291] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 470.440663][T16217] loop0: detected capacity change from 0 to 4096 [ 470.477059][T16217] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 470.574092][ T29] audit: type=1800 audit(1728569482.608:212): pid=16217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3710" name="file0" dev="loop0" ino=13 res=0 errno=0 [ 470.601884][ T5291] usb 2-1: Using ep0 maxpacket: 32 [ 470.611658][ T5291] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 470.631051][ T5291] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 470.642645][ T5291] usb 2-1: config 0 descriptor?? [ 470.655350][ T5291] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 470.702774][T16217] fs-verity (loop0, inode 13): Error -27 writing Merkle tree block 8709239245 [ 470.727622][T16217] fs-verity (loop0, inode 13): Error -27 building Merkle tree [ 470.818993][T16230] loop4: detected capacity change from 0 to 512 [ 470.852374][T16230] EXT4-fs: Ignoring removed orlov option [ 470.875618][T16230] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 470.893186][T15177] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 470.939067][T16230] EXT4-fs (loop4): 1 truncate cleaned up [ 471.008460][T16230] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 471.066859][ T29] audit: type=1800 audit(1728569483.108:213): pid=16230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3714" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 471.259002][T16215] loop2: detected capacity change from 0 to 32768 [ 471.274184][ T9103] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 471.382929][T16215] XFS (loop2): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 471.411186][T16252] netlink: 'syz.5.3722': attribute type 4 has an invalid length. [ 471.468700][ T5291] gspca_nw80x: reg_r err -71 [ 471.474888][ T5291] nw80x 2-1:0.0: probe with driver nw80x failed with error -71 [ 471.484605][ T5291] usb 2-1: USB disconnect, device number 23 [ 471.494641][T16258] lo speed is unknown, defaulting to 1000 [ 471.505598][T16258] lo speed is unknown, defaulting to 1000 [ 471.512060][T16258] lo speed is unknown, defaulting to 1000 [ 471.569165][T16261] loop3: detected capacity change from 0 to 128 [ 471.595407][T16215] XFS (loop2): Ending clean mount [ 471.744076][T16211] IPVS: You probably need to specify IP address on multicast interface. [ 471.761662][T16211] IPVS: Error connecting to the multicast addr [ 471.771719][T16258] infiniband syz2: set down [ 471.776388][ T7768] lo speed is unknown, defaulting to 1000 [ 471.874121][T15633] XFS (loop2): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 471.985831][T16258] infiniband syz2: added lo [ 472.251094][T16273] loop3: detected capacity change from 0 to 2048 [ 472.342497][T16258] RDS/IB: syz2: added [ 472.351610][T16258] smc: adding ib device syz2 with port count 1 [ 472.357849][T16258] smc: ib device syz2 port 1 has pnetid [ 472.386480][ T5291] lo speed is unknown, defaulting to 1000 [ 472.405686][T16258] lo speed is unknown, defaulting to 1000 [ 472.535818][T16258] lo speed is unknown, defaulting to 1000 [ 472.538265][T16273] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 472.581661][T16273] ext4 filesystem being mounted at /147/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 472.597421][T16276] dvmrp0: entered allmulticast mode [ 472.684214][T16266] loop4: detected capacity change from 0 to 32768 [ 472.824474][T16258] lo speed is unknown, defaulting to 1000 [ 472.950577][T16273] fs-verity: sha256 using implementation "sha256-ni" [ 473.012423][T16273] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3730: bg 0: block 288: padding at end of block bitmap is not set [ 473.078962][T16287] loop1: detected capacity change from 0 to 512 [ 473.095841][T16287] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 473.107781][T16273] fs-verity (loop3, inode 13): ext4_end_enable_verity() failed with err -117 [ 473.226328][T13727] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 473.242656][T16258] lo speed is unknown, defaulting to 1000 [ 473.249057][T16266] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 473.415814][T16304] loop3: detected capacity change from 0 to 8 [ 473.423323][T16304] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 473.560674][T16266] XFS (loop4): Ending clean mount [ 473.577933][T16266] XFS (loop4): Quotacheck needed: Please wait. [ 473.636910][T16258] lo speed is unknown, defaulting to 1000 [ 473.690359][T16312] sch_fq: defrate 0 ignored. [ 473.727226][T16266] XFS (loop4): Quotacheck: Done. [ 473.884601][ T9103] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 473.931819][T16258] lo speed is unknown, defaulting to 1000 [ 474.103597][ T11] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 474.342249][T16258] lo speed is unknown, defaulting to 1000 [ 474.345263][T16321] loop3: detected capacity change from 0 to 4096 [ 474.474200][T16321] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 474.636522][T13727] ntfs3(loop3): ino=9, ntfs_sync_fs failed, -22. [ 474.649523][T16336] tap0: tun_chr_ioctl cmd 1074025677 [ 474.659091][T16336] tap0: linktype set to 821 [ 474.723614][ T11] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 474.769523][T16258] lo speed is unknown, defaulting to 1000 [ 474.960299][T16347] [U]  [ 475.321448][T16258] lo speed is unknown, defaulting to 1000 [ 475.715059][T16368] netlink: 'syz.2.3764': attribute type 29 has an invalid length. [ 476.221299][T16334] loop4: detected capacity change from 0 to 32768 [ 476.270183][T16373] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3767'. [ 476.300170][T16334] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3742 (16334) [ 476.431016][T16334] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 476.494563][T16334] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 476.503453][T16334] BTRFS info (device loop4): disk space caching is enabled [ 476.510746][T16334] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 476.666394][T16359] loop1: detected capacity change from 0 to 32768 [ 476.677987][T16334] BTRFS info (device loop4): rebuilding free space tree [ 476.763524][T16377] loop2: detected capacity change from 0 to 4096 [ 476.770675][T16358] loop3: detected capacity change from 0 to 32768 [ 476.779533][T16359] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3761 (16359) [ 476.779595][T16334] BTRFS info (device loop4): disabling free space tree [ 476.804201][T16377] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 476.818523][T16334] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 476.818620][T16359] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 476.858466][T16358] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 476.859701][T16334] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 476.885836][T16377] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 476.901899][T16359] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 476.910620][T16359] BTRFS info (device loop1): using free-space-tree [ 477.098042][T16358] XFS (loop3): Ending clean mount [ 477.141318][T16358] XFS (loop3): Quotacheck needed: Please wait. [ 477.256100][ T9103] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 477.275688][ T7524] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 477.411561][T16358] XFS (loop3): Quotacheck: Done. [ 477.600270][T13727] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 478.232914][T16424] loop2: detected capacity change from 0 to 40427 [ 478.252701][T16424] F2FS-fs (loop2): Invalid log blocks per segment (4278190089) [ 478.260848][T16424] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 478.285432][T16432] loop5: detected capacity change from 0 to 32768 [ 478.292987][T16424] F2FS-fs (loop2): invalid crc value [ 478.299853][T16432] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3779 (16432) [ 478.438342][T16432] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 478.453399][T16424] F2FS-fs (loop2): Found nat_bits in checkpoint [ 478.489707][T16432] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 478.521646][T16432] BTRFS info (device loop5): using free-space-tree [ 478.677761][T16443] loop1: detected capacity change from 0 to 32768 [ 478.728653][T16443] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3782 (16443) [ 478.758336][T16443] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 478.793288][T16443] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 478.811178][T16443] BTRFS info (device loop1): using free-space-tree [ 478.889830][T16424] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 478.960752][T16424] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 479.094782][ C1] vkms_vblank_simulate: vblank timer overrun [ 479.112444][T15633] syz-executor: attempt to access beyond end of device [ 479.112444][T15633] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 479.137639][T15633] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 479.172904][ C1] vkms_vblank_simulate: vblank timer overrun [ 479.247313][ T945] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 479.279760][T15199] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 479.356779][ C1] vkms_vblank_simulate: vblank timer overrun [ 479.384150][T16443] BTRFS info (device loop1): rebuilding free space tree [ 479.467810][ T29] audit: type=1800 audit(1728569491.508:214): pid=16443 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3782" name="bus" dev="loop1" ino=263 res=0 errno=0 [ 479.488377][ C1] vkms_vblank_simulate: vblank timer overrun [ 479.640899][ T7524] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 480.103947][T16510] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 480.113152][T16510] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 480.122333][T16510] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 480.131895][T16510] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 480.295401][T16516] loop3: detected capacity change from 0 to 64 [ 480.441948][T16522] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 480.495893][ T2906] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 480.522186][T16524] netlink: 'syz.0.3802': attribute type 10 has an invalid length. [ 480.579350][T16524] team0: Port device netdevsim0 added [ 480.581475][T16527] loop3: detected capacity change from 0 to 1024 [ 480.645240][T16526] netlink: 'syz.0.3802': attribute type 10 has an invalid length. [ 480.672536][T16527] hfsplus: request for non-existent node 3 in B*Tree [ 480.690279][T16527] hfsplus: request for non-existent node 3 in B*Tree [ 480.809783][T16526] team0: Port device netdevsim0 removed [ 480.843599][T16526] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 481.011268][ C1] vkms_vblank_simulate: vblank timer overrun [ 481.158978][T16534] loop4: detected capacity change from 0 to 32768 [ 481.166435][T16534] XFS: noikeep mount option is deprecated. [ 481.211118][T16534] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 481.364876][T16508] loop5: detected capacity change from 0 to 32768 [ 481.513820][T16534] XFS (loop4): Ending clean mount [ 481.525778][T16534] XFS (loop4): Quotacheck needed: Please wait. [ 481.546193][T16508] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 481.729393][T16508] XFS (loop5): Ending clean mount [ 481.769870][T16534] XFS (loop4): Quotacheck: Done. [ 481.840506][ T29] audit: type=1800 audit(1728569493.888:215): pid=16534 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3808" name="bus" dev="loop4" ino=1067 res=0 errno=0 [ 481.857321][T15199] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 481.907647][ C1] vkms_vblank_simulate: vblank timer overrun [ 482.037471][ T9103] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 482.351088][T16572] loop0: detected capacity change from 0 to 1024 [ 482.412459][T16572] EXT4-fs: Ignoring removed nomblk_io_submit option [ 482.425400][T16572] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 482.456171][T16578] loop5: detected capacity change from 0 to 8 [ 482.456796][T16578] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 482.546093][T16568] loop1: detected capacity change from 0 to 32768 [ 482.632236][T16568] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 482.830921][T16568] XFS (loop1): Ending clean mount [ 482.847658][T16568] XFS (loop1): Quotacheck needed: Please wait. [ 482.878261][T16597] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3821'. [ 482.894753][T16568] XFS (loop1): Quotacheck: Done. [ 482.987033][ T7524] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 483.016920][T15177] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 483.309453][ T29] audit: type=1326 audit(1728569495.348:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16607 comm="syz.3.3829" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f380737dff9 code=0x0 [ 484.242323][T16616] loop1: detected capacity change from 0 to 32768 [ 484.319021][T16616] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 484.333253][T16637] bond1: entered promiscuous mode [ 484.351594][T16637] bond1: entered allmulticast mode [ 484.370941][T16637] 8021q: adding VLAN 0 to HW filter on device bond1 [ 484.664955][T16616] XFS (loop1): Ending clean mount [ 484.693445][T16616] XFS (loop1): Quotacheck needed: Please wait. [ 484.785395][T16627] loop2: detected capacity change from 0 to 40427 [ 484.802441][T16627] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 484.810360][T16627] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 484.820557][T16627] F2FS-fs (loop2): invalid crc value [ 484.972038][ T945] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 485.017892][T16627] F2FS-fs (loop2): Found nat_bits in checkpoint [ 485.067819][T16654] loop3: detected capacity change from 0 to 32768 [ 485.076116][T16616] XFS (loop1): Quotacheck: Done. [ 485.083304][T16630] loop0: detected capacity change from 0 to 32768 [ 485.158138][T16630] MetaData crosses page boundary!! [ 485.166176][T16630] lblock = 631800, size = 28672 [ 485.171133][T16630] CPU: 1 UID: 0 PID: 16630 Comm: syz.0.3837 Not tainted 6.12.0-rc2-syzkaller-00074-gd3d1556696c1 #0 [ 485.172431][T16627] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 485.181895][T16630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 485.181938][T16630] Call Trace: [ 485.181952][T16630] [ 485.181967][T16630] dump_stack_lvl+0x241/0x360 [ 485.182014][T16630] ? __pfx_dump_stack_lvl+0x10/0x10 [ 485.182053][T16630] ? __pfx__printk+0x10/0x10 [ 485.182124][T16630] __get_metapage+0xa24/0xef0 [ 485.182184][T16630] dtSearch+0x582/0x2520 [ 485.182234][T16630] ? get_UCSname+0xe3/0x610 [ 485.182300][T16630] jfs_lookup+0x17f/0x410 [ 485.226871][T16627] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 485.228933][T16630] ? __pfx_jfs_lookup+0x10/0x10 [ 485.250098][T16630] ? d_alloc_parallel+0x14a8/0x1600 [ 485.255369][T16630] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 485.261223][T16630] ? __pfx_d_alloc_parallel+0x10/0x10 [ 485.266646][T16630] ? srso_alias_return_thunk+0x5/0xfbef5 [ 485.272302][T16630] ? __init_waitqueue_head+0xae/0x150 [ 485.277705][T16630] __lookup_slow+0x28e/0x3f0 [ 485.282323][T16630] ? __pfx___lookup_slow+0x10/0x10 [ 485.287465][T16630] ? srso_alias_return_thunk+0x5/0xfbef5 [ 485.293114][T16630] lookup_slow+0x53/0x70 [ 485.297380][T16630] link_path_walk+0x99b/0xea0 [ 485.302087][T16630] path_lookupat+0xa9/0x450 [ 485.306636][T16630] filename_lookup+0x256/0x610 [ 485.311436][T16630] ? __pfx_filename_lookup+0x10/0x10 [ 485.316803][T16630] ? srso_alias_return_thunk+0x5/0xfbef5 [ 485.322448][T16630] ? rcu_is_watching+0x15/0xb0 [ 485.327221][T16630] ? srso_alias_return_thunk+0x5/0xfbef5 [ 485.332880][T16630] ? getname_kernel+0x140/0x2f0 [ 485.337745][T16630] ? srso_alias_return_thunk+0x5/0xfbef5 [ 485.343389][T16630] ? srso_alias_return_thunk+0x5/0xfbef5 [ 485.349036][T16630] kern_path+0x35/0x50 [ 485.353127][T16630] unix_find_other+0x123/0x910 [ 485.357921][T16630] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 485.363656][T16630] ? srso_alias_return_thunk+0x5/0xfbef5 [ 485.369300][T16630] ? __pfx_unix_find_other+0x10/0x10 [ 485.374612][T16630] ? srso_alias_return_thunk+0x5/0xfbef5 [ 485.380349][T16630] unix_dgram_sendmsg+0xae0/0x1f80 [ 485.385483][T16630] ? srso_alias_return_thunk+0x5/0xfbef5 [ 485.391133][T16630] ? aa_sk_perm+0x96d/0xab0 [ 485.395654][T16630] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 485.401211][T16630] ? srso_alias_return_thunk+0x5/0xfbef5 [ 485.406852][T16630] ? srso_alias_return_thunk+0x5/0xfbef5 [ 485.412496][T16630] ? aa_sock_msg_perm+0x91/0x160 [ 485.417445][T16630] ? srso_alias_return_thunk+0x5/0xfbef5 [ 485.423087][T16630] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 485.428634][T16630] __sock_sendmsg+0x223/0x270 [ 485.433335][T16630] ____sys_sendmsg+0x52a/0x7e0 [ 485.438120][T16630] ? __pfx_____sys_sendmsg+0x10/0x10 [ 485.443435][T16630] __sys_sendmmsg+0x3ab/0x730 [ 485.448136][T16630] ? __pfx___sys_sendmmsg+0x10/0x10 [ 485.453383][T16630] ? futex_hash+0x1e/0x1f0 [ 485.457807][T16630] ? srso_alias_return_thunk+0x5/0xfbef5 [ 485.463449][T16630] ? srso_alias_return_thunk+0x5/0xfbef5 [ 485.469099][T16630] ? futex_wait+0x285/0x360 [ 485.473628][T16630] ? __pfx_futex_wait+0x10/0x10 [ 485.478505][T16630] ? fd_install+0x9c/0x5d0 [ 485.482931][T16630] ? __pfx_lock_release+0x10/0x10 [ 485.487982][T16630] ? srso_alias_return_thunk+0x5/0xfbef5 [ 485.493626][T16630] ? do_futex+0x33b/0x560 [ 485.497977][T16630] ? srso_alias_return_thunk+0x5/0xfbef5 [ 485.503616][T16630] ? fd_install+0x35c/0x5d0 [ 485.508142][T16630] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 485.514187][T16630] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 485.520646][T16630] ? do_syscall_64+0x100/0x230 [ 485.525427][T16630] __x64_sys_sendmmsg+0xa0/0xb0 [ 485.530294][T16630] do_syscall_64+0xf3/0x230 [ 485.534810][T16630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 485.540725][T16630] RIP: 0033:0x7faf4637dff9 [ 485.545156][T16630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 485.564780][T16630] RSP: 002b:00007faf4725d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 485.573211][T16630] RAX: ffffffffffffffda RBX: 00007faf46535f80 RCX: 00007faf4637dff9 [ 485.581193][T16630] RDX: 0000000000000001 RSI: 0000000020000e80 RDI: 0000000000000006 [ 485.589175][T16630] RBP: 00007faf463f0296 R08: 0000000000000000 R09: 0000000000000000 [ 485.597160][T16630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 485.605141][T16630] R13: 0000000000000000 R14: 00007faf46535f80 R15: 00007fffbbc8a338 [ 485.613148][T16630] [ 485.616204][ C1] vkms_vblank_simulate: vblank timer overrun [ 485.632384][T16630] bread failed! [ 485.635901][T16630] jfs_lookup: dtSearch returned -5 [ 485.703118][T16654] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 485.812051][T15633] syz-executor: attempt to access beyond end of device [ 485.812051][T15633] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 485.815168][ T7524] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 485.836940][T15633] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 485.947539][T16654] XFS (loop3): Ending clean mount [ 485.979566][T16654] XFS (loop3): Quotacheck needed: Please wait. [ 486.043077][T16673] netlink: 104 bytes leftover after parsing attributes in process `syz.5.3850'. [ 486.240530][T16679] loop4: detected capacity change from 0 to 512 [ 486.243317][ T35] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 486.269101][T16678] netlink: 'syz.0.3849': attribute type 2 has an invalid length. [ 486.295633][T16682] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3847'. [ 486.327204][T16654] XFS (loop3): Quotacheck: Done. [ 486.461630][T16679] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 486.472845][T13727] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 486.475142][T16679] ext4 filesystem being mounted at /445/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 486.607261][ T29] audit: type=1800 audit(1728569498.608:217): pid=16679 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3851" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 486.734304][ T29] audit: type=1800 audit(1728569498.778:218): pid=16679 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3851" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 486.873686][ T9103] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 487.071541][T16703] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3860'. [ 487.174171][T16707] loop1: detected capacity change from 0 to 24 [ 487.347849][T16712] loop2: detected capacity change from 0 to 64 [ 487.726947][T16695] loop5: detected capacity change from 0 to 32768 [ 487.756012][ T29] audit: type=1800 audit(1728569499.798:219): pid=16695 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3856" name="file1" dev="loop5" ino=4 res=0 errno=0 [ 487.820578][T16720] netlink: 'syz.2.3866': attribute type 11 has an invalid length. [ 487.842202][ T5291] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 487.850003][T16720] netlink: 211132 bytes leftover after parsing attributes in process `syz.2.3866'. [ 487.894301][T16696] loop0: detected capacity change from 0 to 32768 [ 487.925757][T16696] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3857 (16696) [ 487.977023][T16696] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 488.012154][T16696] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 488.020621][T16696] BTRFS info (device loop0): using free-space-tree [ 488.033509][ T5291] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 488.042984][ T5291] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 488.053429][ T5291] usb 4-1: config 0 descriptor?? [ 488.241700][ T79] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 488.272262][T16750] loop1: detected capacity change from 0 to 256 [ 488.377756][T15177] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 488.492221][ T79] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 488.501974][ T5291] [drm:udl_init] *ERROR* Selecting channel failed [ 488.551405][ T79] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 488.573143][ T79] usb 5-1: Product: syz [ 488.577383][ T79] usb 5-1: Manufacturer: syz [ 488.594929][ T79] usb 5-1: SerialNumber: syz [ 488.666237][ T5291] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2 [ 488.674298][ T5291] [drm] Initialized udl on minor 2 [ 488.684212][ T5291] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 488.696399][ T5291] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 488.717294][ T79] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 488.732586][ T25] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 488.760235][ T25] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 488.769999][ T25] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 488.797538][ T5291] usb 4-1: USB disconnect, device number 26 [ 488.861779][ T25] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 488.861943][ T5293] IPVS: starting estimator thread 0... [ 488.960880][T16762] loop5: detected capacity change from 0 to 2048 [ 489.018631][T16762] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 489.028591][T16763] IPVS: using max 20 ests per chain, 48000 per kthread [ 489.072013][T16768] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 489.343046][ T7768] usb 5-1: USB disconnect, device number 28 [ 489.519921][T16781] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3887'. [ 489.626658][T16789] loop5: detected capacity change from 0 to 64 [ 489.689773][T16789] hfs: get root inode failed [ 489.842495][T16800] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3896'. [ 489.871515][T16800] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3896'. [ 489.915176][T16800] gtp0: entered promiscuous mode [ 489.920168][T16800] gtp0: entered allmulticast mode [ 489.925623][ T25] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 489.938954][ T25] ath9k_htc: Failed to initialize the device [ 489.954435][ T7768] usb 5-1: ath9k_htc: USB layer deinitialized [ 490.535346][T16808] loop0: detected capacity change from 0 to 32768 [ 490.602368][T16808] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 490.725166][T15247] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 490.813275][T16808] XFS (loop0): Starting recovery (logdev: internal) [ 490.862928][T16808] XFS (loop0): Ending recovery (logdev: internal) [ 490.984741][T16789] loop5: detected capacity change from 0 to 40427 [ 491.087498][T16789] F2FS-fs (loop5): invalid crc value [ 491.174700][T16789] F2FS-fs (loop5): Found nat_bits in checkpoint [ 491.184532][T15177] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 491.424386][T16789] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 491.472007][ T25] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 491.652215][T15199] syz-executor: attempt to access beyond end of device [ 491.652215][T15199] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 491.667939][T15199] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 491.697825][T16849] 8021q: adding VLAN 0 to HW filter on device macvlan4 [ 491.701450][ T25] usb 3-1: Using ep0 maxpacket: 16 [ 491.712602][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 491.731513][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 491.778710][ T25] usb 3-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 491.792804][T16849] team0: Device macvlan4 is already an upper device of the team interface [ 491.805769][T16853] loop0: detected capacity change from 0 to 64 [ 491.819056][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 491.874772][ T25] usb 3-1: config 0 descriptor?? [ 492.005837][ T11] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 492.073824][T16858] loop3: detected capacity change from 0 to 128 [ 492.091886][T15177] Trying to free block not in datazone [ 492.129052][T16858] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 492.150769][T15177] Trying to free block not in datazone [ 492.165216][T15177] Trying to free block not in datazone [ 492.181521][T15177] Trying to free block not in datazone [ 492.187218][T15177] Trying to free block not in datazone [ 492.209188][T15177] Trying to free block not in datazone [ 492.214827][T15177] minix_free_inode: bit 6 already cleared [ 492.283340][T16858] ext4 filesystem being mounted at /178/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 492.315288][ C1] vkms_vblank_simulate: vblank timer overrun [ 492.362454][T16834] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 492.439602][T16862] loop4: detected capacity change from 0 to 32768 [ 492.464959][T15177] Trying to free block not in datazone [ 492.470468][T15177] minix_free_inode: bit 7 already cleared [ 492.535102][T16834] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 492.535713][T16862] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode. [ 492.593713][ T25] hid (null): bogus close delimiter [ 492.613780][T13727] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 492.668078][ T29] audit: type=1800 audit(1728569504.708:220): pid=16867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3919" name="bus" dev="loop4" ino=17059 res=0 errno=0 [ 492.688984][ C1] vkms_vblank_simulate: vblank timer overrun [ 492.803289][ T25] usb 3-1: string descriptor 0 read error: -71 [ 492.837532][ T25] usb 3-1: Max retries (5) exceeded reading string descriptor 200 [ 492.845926][ T25] letsketch 0003:6161:4D15.002A: probe with driver letsketch failed with error -32 [ 492.858589][ T25] usb 3-1: USB disconnect, device number 24 [ 493.168192][ T9103] ocfs2: Unmounting device (7,4) on (node local) [ 493.494124][T16902] loop2: detected capacity change from 0 to 512 [ 493.561588][T16902] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 493.601863][T16895] loop1: detected capacity change from 0 to 32768 [ 493.649810][T16902] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 493.655764][T16895] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 493.671648][T16902] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 493.675239][T16913] syz_tun: entered promiscuous mode [ 493.708090][T16913] syz_tun: left promiscuous mode [ 493.780074][T15633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 493.858057][T16895] XFS (loop1): Ending clean mount [ 493.863337][ T7768] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 493.903587][T16895] XFS (loop1): Quotacheck needed: Please wait. [ 494.003007][T16895] XFS (loop1): Quotacheck: Done. [ 494.032920][T16924] bond0: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0) [ 494.132753][ T7768] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 494.143810][ T7768] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 494.154440][ T7768] usb 1-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 494.164174][ T7768] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 494.174219][ T7768] usb 1-1: config 0 descriptor?? [ 494.475485][ T7524] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 494.837279][ T7768] logitech-djreceiver 0003:046D:C71B.002B: unbalanced collection at end of report description [ 494.858850][ T7768] logitech-djreceiver 0003:046D:C71B.002B: logi_dj_probe: parse failed [ 494.878046][ T7768] logitech-djreceiver 0003:046D:C71B.002B: probe with driver logitech-djreceiver failed with error -22 [ 494.898903][T16903] loop4: detected capacity change from 0 to 32768 [ 494.959176][T16932] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3946'. [ 495.111055][ T7768] usb 1-1: USB disconnect, device number 32 [ 495.930371][T16962] loop2: detected capacity change from 0 to 256 [ 495.957263][T16962] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 495.957347][T16963] loop0: detected capacity change from 0 to 1764 [ 496.090954][T16962] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 496.104633][T16966] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 496.272673][T16972] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 496.314314][T16978] loop0: detected capacity change from 0 to 64 [ 496.331604][ T5293] usb 4-1: new full-speed USB device number 27 using dummy_hcd [ 496.483420][ T35] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 496.495932][ T5293] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 496.513541][T16985] loop4: detected capacity change from 0 to 256 [ 496.520058][ T5293] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 496.556000][ T5293] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10 [ 496.581322][ T5293] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 496.602988][ T5293] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 496.638187][ T5293] usb 4-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 496.649755][ T5293] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 496.667271][ T5293] usb 4-1: Product: syz [ 496.676259][ T5293] usb 4-1: Manufacturer: syz [ 496.709402][ T5293] usb 4-1: SerialNumber: syz [ 496.738663][ T5293] usb 4-1: config 0 descriptor?? [ 496.976831][ T5293] radio-si470x 4-1:0.0: DeviceID=0x0000 ChipID=0x0000 [ 496.990705][ T5293] radio-si470x 4-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0. [ 497.185134][ T5293] radio-si470x 4-1:0.0: software version 0, hardware version 0 [ 497.220103][ T5293] radio-si470x 4-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0. [ 497.256931][ T5293] radio-si470x 4-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org [ 497.378344][ T5293] radio-si470x 4-1:0.0: submitting int urb failed (-90) [ 497.476404][T17013] input: syz0 as /devices/virtual/input/input38 [ 497.487615][T17014] loop2: detected capacity change from 0 to 256 [ 497.544709][T16987] loop5: detected capacity change from 0 to 32768 [ 497.547271][T17014] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d) [ 497.579426][ T5293] radio-si470x 4-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 497.588617][ T5293] radio-si470x 4-1:0.0: probe with driver radio-si470x failed with error -22 [ 497.606994][T16987] XFS (loop5): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 497.627060][ T5293] usb 4-1: USB disconnect, device number 27 [ 497.773234][ T35] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 497.801226][T16987] XFS (loop5): Ending clean mount [ 497.830697][T16996] loop0: detected capacity change from 0 to 40427 [ 497.917416][T16996] F2FS-fs (loop0): invalid crc value [ 497.943464][T15199] XFS (loop5): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 498.084245][T16996] F2FS-fs (loop0): Found nat_bits in checkpoint [ 498.165976][T17023] loop1: detected capacity change from 0 to 32768 [ 498.174547][T17023] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3983 (17023) [ 498.192654][T17023] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 498.203091][T17023] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 498.211606][T17023] BTRFS info (device loop1): using free-space-tree [ 498.274757][T16996] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 498.319348][ T29] audit: type=1800 audit(1728569510.358:221): pid=16996 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3974" name="file0" dev="loop0" ino=10 res=0 errno=0 [ 498.432012][T15177] syz-executor: attempt to access beyond end of device [ 498.432012][T15177] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 498.477977][T15177] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 498.521887][ T5293] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 498.605208][T17054] loop5: detected capacity change from 0 to 1024 [ 498.630024][ T7524] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 498.672267][ T5293] usb 4-1: Using ep0 maxpacket: 16 [ 498.673211][T17054] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 498.683211][ T5293] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 498.699767][ T5293] usb 4-1: config 0 interface 0 has no altsetting 0 [ 498.707114][ T5293] usb 4-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00 [ 498.716547][ T5293] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 498.730557][ T5293] usb 4-1: config 0 descriptor?? [ 498.773289][T17054] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 499.033414][T15199] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 499.155137][ T5293] kye 0003:0458:0138.002C: unknown main item tag 0x0 [ 499.242570][ T5293] kye 0003:0458:0138.002C: unknown main item tag 0x0 [ 499.249411][ T5293] kye 0003:0458:0138.002C: unexpected long global item [ 499.312166][ T5293] kye 0003:0458:0138.002C: parse failed [ 499.317816][ T5293] kye 0003:0458:0138.002C: probe with driver kye failed with error -22 [ 499.534320][ T5291] usb 4-1: USB disconnect, device number 28 [ 499.600802][T17080] 9pnet_fd: Insufficient options for proto=fd [ 499.608004][T17079] mac80211_hwsim hwsim28 wlan0: entered promiscuous mode [ 499.617692][T17079] macvlan2: entered allmulticast mode [ 499.623417][T17079] mac80211_hwsim hwsim28 wlan0: entered allmulticast mode [ 499.700445][T17083] loop4: detected capacity change from 0 to 1024 [ 499.869309][ T11] hfsplus: b-tree write err: -5, ino 4 [ 500.183887][T17096] loop1: detected capacity change from 0 to 4096 [ 500.322306][T17096] ntfs3(loop1): failed to convert "0080" to cp860 [ 500.329363][T17096] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 500.361125][T17096] ntfs3(loop1): failed to convert name for inode 1e. [ 500.558105][T17114] netlink: 'syz.1.4014': attribute type 6 has an invalid length. [ 500.590184][T17115] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4015'. [ 500.754665][T17124] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4020'. [ 500.826630][T17126] loop5: detected capacity change from 0 to 256 [ 500.966030][ T1261] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.180565][T17138] program syz.5.4027 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 501.192170][T17104] loop2: detected capacity change from 0 to 32768 [ 501.346292][T17140] tipc: Enabled bearer , priority 0 [ 501.384290][ T110] blkno = 5002c, nblocks = 4 [ 501.388992][ T110] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map [ 501.388992][ T110] [ 501.409627][ T110] ERROR: (device loop2): remounting filesystem as read-only [ 501.500150][ T109] blkno = 50030, nblocks = 1 [ 501.505285][ T109] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map [ 501.505285][ T109] [ 501.528992][ T109] blkno = 5002c, nblocks = 4 [ 501.550904][ T109] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map [ 501.550904][ T109] [ 501.603997][T15633] JFS: metapage_get_blocks failed [ 501.609826][T15633] JFS: metapage_get_blocks failed [ 501.642826][T15633] JFS: metapage_get_blocks failed [ 501.662838][T15633] JFS: metapage_get_blocks failed [ 501.682489][T15633] JFS: metapage_get_blocks failed [ 501.897580][T17121] loop3: detected capacity change from 0 to 40427 [ 501.902975][T17151] loop0: detected capacity change from 0 to 8 [ 501.938407][T17121] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 501.947999][T17151] SQUASHFS error: lzo decompression failed, data probably corrupt [ 501.959305][T17151] SQUASHFS error: Failed to read block 0x91: -5 [ 501.966610][T17121] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 501.976897][T17151] SQUASHFS error: Unable to read metadata cache entry [8f] [ 501.999295][T17121] F2FS-fs (loop3): invalid crc value [ 502.011599][T17151] SQUASHFS error: Unable to read inode 0x11f [ 502.029602][T17137] loop1: detected capacity change from 0 to 32768 [ 502.049080][T17121] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669) [ 502.057484][T17137] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4026 (17137) [ 502.112029][T17137] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 502.138284][T17137] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 502.172171][T17137] BTRFS info (device loop1): using free-space-tree [ 502.254923][ T35] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 502.271729][T17121] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 502.278801][T17121] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 502.356515][T17144] loop5: detected capacity change from 0 to 32768 [ 502.491975][T17144] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 502.621308][T17144] XFS (loop5): Ending clean mount [ 502.632396][T17144] XFS (loop5): Quotacheck needed: Please wait. [ 502.665200][ T29] audit: type=1800 audit(1728569514.708:222): pid=17137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4026" name="file0" dev="loop1" ino=258 res=0 errno=0 [ 502.692174][T17137] fs-verity (loop1, inode 258): Unknown hash algorithm number: 3 [ 502.703648][ T931] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 502.723200][T17144] XFS (loop5): Quotacheck: Done. [ 502.818588][ T7524] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 502.843354][T15199] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 502.871658][ T931] usb 5-1: Using ep0 maxpacket: 16 [ 502.918691][ T931] usb 5-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= a.13 [ 502.951158][ T931] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 502.988019][ T931] usb 5-1: Product: syz [ 502.992693][ T931] usb 5-1: Manufacturer: syz [ 502.998419][ T931] usb 5-1: SerialNumber: syz [ 503.026110][ T931] usb 5-1: config 0 descriptor?? [ 503.053733][ T931] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 503.342010][T17210] nicvf0: renamed from bridge_slave_1 (while UP) [ 503.352362][ T5291] usb 5-1: USB disconnect, device number 29 [ 503.399435][T17210] netlink: 'syz.1.4043': attribute type 2 has an invalid length. [ 503.407807][T17210] A link change request failed with some changes committed already. Interface nicvf0 may have been left with an inconsistent configuration, please check. [ 503.532040][ T945] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 503.577674][ T931] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 503.731146][T17225] loop1: detected capacity change from 0 to 128 [ 503.741483][ T931] usb 1-1: Using ep0 maxpacket: 8 [ 503.751508][ T931] usb 1-1: New USB device found, idVendor=04bb, idProduct=0901, bcdDevice=55.a0 [ 503.760621][T17225] FAT-fs (loop1): invalid media value (0x00) [ 503.767263][T17225] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 503.782900][T17225] FAT-fs (loop1): Can't find a valid FAT filesystem [ 503.789677][ T931] usb 1-1: New USB device strings: Mfr=250, Product=2, SerialNumber=3 [ 503.810813][ T931] usb 1-1: Product: syz [ 503.824945][ T931] usb 1-1: Manufacturer: syz [ 503.830741][ T931] usb 1-1: SerialNumber: syz [ 503.844724][ T931] usb 1-1: config 0 descriptor?? [ 504.108964][ T931] kaweth 1-1:0.0: Firmware present in device. [ 504.296061][ T931] kaweth 1-1:0.0: Statistics collection: 0 [ 504.317702][ T931] kaweth 1-1:0.0: Multicast filter limit: 0 [ 504.330665][ T931] kaweth 1-1:0.0: MTU: 0 [ 504.341220][ T931] kaweth 1-1:0.0: Read MAC address 00:00:00:00:00:00 [ 504.708973][ T931] kaweth 1-1:0.0: Error setting SOFS wait [ 504.736718][ T931] kaweth 1-1:0.0: probe with driver kaweth failed with error -5 [ 504.802132][ T931] usb 1-1: USB disconnect, device number 33 [ 504.996393][T17256] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4067'. [ 505.066598][T17259] loop5: detected capacity change from 0 to 128 [ 505.142785][T17259] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 505.159071][T17259] ext4 filesystem being mounted at /87/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 505.375142][T15199] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 505.536860][T17276] netlink: 56 bytes leftover after parsing attributes in process `syz.4.4076'. [ 505.560467][T17273] loop2: detected capacity change from 0 to 1024 [ 505.577553][T17276] netlink: 56 bytes leftover after parsing attributes in process `syz.4.4076'. [ 505.593083][T17273] EXT4-fs: Ignoring removed nomblk_io_submit option [ 505.601609][T17278] loop0: detected capacity change from 0 to 64 [ 505.662811][T17273] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 505.904396][T15633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 505.983409][ T29] audit: type=1326 audit(1728569518.028:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17265 comm="syz.1.4070" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f544817dff9 code=0x0 [ 506.005344][ C1] vkms_vblank_simulate: vblank timer overrun [ 506.047211][T17292] netlink: 'syz.0.4080': attribute type 1 has an invalid length. [ 506.105364][T17292] netlink: 224 bytes leftover after parsing attributes in process `syz.0.4080'. [ 506.292168][T17300] vivid-000: disconnect [ 506.312733][T17299] vivid-000: reconnect [ 506.668603][T17313] loop5: detected capacity change from 0 to 2048 [ 506.736324][T17313] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 506.770663][T17321] sch_fq: defrate 0 ignored. [ 506.842115][T17313] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 507.026381][T17313] fs-verity (loop5, inode 13): Unknown hash algorithm number: 0 [ 507.202431][T17263] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set [ 507.314769][T15199] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 507.497249][T17324] loop3: detected capacity change from 0 to 32768 [ 507.515973][T17318] loop4: detected capacity change from 0 to 32768 [ 507.523252][T17318] XFS: ikeep mount option is deprecated. [ 507.616579][T17324] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 507.633403][T17318] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 507.645868][T17349] binder: 17348:17349 ioctl 40046205 0 returned -22 [ 507.734562][T17318] XFS (loop4): Ending clean mount [ 507.757760][T17318] XFS (loop4): Quotacheck needed: Please wait. [ 507.868476][T17318] XFS (loop4): Quotacheck: Done. [ 507.905304][T17324] XFS (loop3): Ending clean mount [ 507.989372][T13727] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 508.002216][ T2906] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 508.102988][ T9103] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 508.396710][T17368] loop3: detected capacity change from 0 to 512 [ 508.467527][T17368] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e01c, mo2=0002] [ 508.504533][ T25] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 508.531509][T17368] System zones: 1-12 [ 508.572998][T17368] EXT4-fs error (device loop3): dx_probe:823: inode #2: comm syz.3.4105: Directory hole found for htree index block 0 [ 508.654517][T17373] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 508.667347][T17368] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 508.681506][ T25] usb 1-1: Using ep0 maxpacket: 16 [ 508.688415][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 508.701773][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 508.711762][ T25] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 508.725193][ T25] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 508.735000][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 508.740591][T17368] EXT4-fs error (device loop3): dx_probe:823: inode #2: comm syz.3.4105: Directory hole found for htree index block 0 [ 508.760668][ T25] usb 1-1: config 0 descriptor?? [ 508.786430][T17368] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 508.799909][T17334] loop2: detected capacity change from 0 to 32768 [ 508.808481][T17368] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 508.823464][T17334] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4101 (17334) [ 508.840708][T17334] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 508.851287][T17334] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 508.859908][T17334] BTRFS info (device loop2): using free-space-tree [ 508.884143][T17368] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 509.045980][T17334] BTRFS info (device loop2): rebuilding free space tree [ 509.151281][T17364] loop1: detected capacity change from 0 to 32768 [ 509.186012][ T25] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.002D/input/input39 [ 509.289085][ T25] microsoft 0003:045E:07DA.002D: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 509.311863][ T11] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 509.336334][T15633] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 509.441594][ T5293] usb 1-1: USB disconnect, device number 34 [ 509.576153][T17374] loop4: detected capacity change from 0 to 32768 [ 509.705357][T17374] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 509.858086][T17393] loop3: detected capacity change from 0 to 32768 [ 509.910545][T17374] XFS (loop4): Ending clean mount [ 509.941080][T17393] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt [ 509.941080][T17393] [ 509.981980][T17393] xtLookup: xtSearch returned -5 [ 510.021785][T17393] free_index: error reading directory table [ 510.044099][T17374] XFS (loop4): Quotacheck needed: Please wait. [ 510.227190][ T29] audit: type=1326 audit(1728569522.268:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17410 comm="syz.1.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f544817dff9 code=0x7ffc0000 [ 510.250430][ T29] audit: type=1326 audit(1728569522.268:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17410 comm="syz.1.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f544817dff9 code=0x7ffc0000 [ 510.330690][T17374] XFS (loop4): Quotacheck: Done. [ 510.361713][ T29] audit: type=1326 audit(1728569522.318:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17410 comm="syz.1.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f544817dff9 code=0x7ffc0000 [ 510.441499][ T29] audit: type=1326 audit(1728569522.318:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17410 comm="syz.1.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f544817dff9 code=0x7ffc0000 [ 510.471436][ T29] audit: type=1326 audit(1728569522.318:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17410 comm="syz.1.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f544817dff9 code=0x7ffc0000 [ 510.494560][ T29] audit: type=1326 audit(1728569522.338:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17410 comm="syz.1.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f544817dff9 code=0x7ffc0000 [ 510.517471][ T29] audit: type=1326 audit(1728569522.338:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17410 comm="syz.1.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f544817dff9 code=0x7ffc0000 [ 510.539920][ T29] audit: type=1326 audit(1728569522.338:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17410 comm="syz.1.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5448174fa7 code=0x7ffc0000 [ 510.563464][ T29] audit: type=1326 audit(1728569522.338:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17410 comm="syz.1.4115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5448119959 code=0x7ffc0000 [ 510.758290][ T9103] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 510.808038][T17423] loop1: detected capacity change from 0 to 17 [ 510.890492][T17423] loop1: detected capacity change from 0 to 1024 [ 510.899816][T17409] loop2: detected capacity change from 0 to 32768 [ 510.948512][T17428] loop0: detected capacity change from 0 to 1024 [ 511.015940][ T11] hfsplus: b-tree write err: -5, ino 4 [ 511.022303][T17409] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 511.323583][T17445] mkiss: ax0: crc mode is auto. [ 511.391677][T17409] XFS (loop2): Ending clean mount [ 511.405534][T17409] XFS (loop2): Quotacheck needed: Please wait. [ 511.513628][T17409] XFS (loop2): Quotacheck: Done. [ 511.575745][T17449] loop0: detected capacity change from 0 to 4096 [ 511.627077][T17451] loop4: detected capacity change from 0 to 4096 [ 511.693209][T17457] loop3: detected capacity change from 0 to 64 [ 511.719307][T15633] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 511.817743][T17457] syz.3.4133: attempt to access beyond end of device [ 511.817743][T17457] loop3: rw=34817, sector=39, nr_sectors = 30 limit=64 [ 511.845562][T17458] loop5: detected capacity change from 0 to 1024 [ 511.864896][T17457] syz.3.4133: attempt to access beyond end of device [ 511.864896][T17457] loop3: rw=34817, sector=72, nr_sectors = 2 limit=64 [ 511.930430][T17449] ntfs3(loop0): failed to convert "0000" to iso8859-3 [ 511.973591][T17449] ntfs3(loop0): failed to convert "0000" to iso8859-3 [ 511.986200][T17457] syz.3.4133: attempt to access beyond end of device [ 511.986200][T17457] loop3: rw=34817, sector=76, nr_sectors = 500 limit=64 [ 512.043068][T17458] hfsplus: request for non-existent node 16777216 in B*Tree [ 512.068502][T17458] hfsplus: request for non-existent node 16777216 in B*Tree [ 512.138531][T17458] hfsplus: request for non-existent node 16777216 in B*Tree [ 512.173577][T17458] hfsplus: request for non-existent node 16777216 in B*Tree [ 512.230865][T17458] hfsplus: request for non-existent node 16777216 in B*Tree [ 512.250170][T17458] hfsplus: request for non-existent node 16777216 in B*Tree [ 512.391786][T17475] netlink: 'syz.3.4140': attribute type 11 has an invalid length. [ 512.718909][T17486] loop3: detected capacity change from 0 to 2048 [ 512.755388][T17486] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 513.151568][ T79] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 513.322518][ T79] usb 2-1: Using ep0 maxpacket: 16 [ 513.342298][ T79] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 513.384032][ T79] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 513.421884][ T79] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 513.462285][ T79] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 513.484626][ T79] usb 2-1: config 0 descriptor?? [ 513.558294][T17500] loop0: detected capacity change from 0 to 1024 [ 513.633302][T17500] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 513.762545][ T11] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 513.905206][T15177] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 513.905889][T17497] loop2: detected capacity change from 0 to 32768 [ 513.918941][ T79] corsair 0003:1B1C:1B02.002E: unknown main item tag 0x0 [ 513.981918][ T79] corsair 0003:1B1C:1B02.002E: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.1-1/input0 [ 514.074145][T17509] loop5: detected capacity change from 0 to 1024 [ 514.108817][ T79] corsair 0003:1B1C:1B02.002E: Read invalid backlight brightness: db. [ 514.246986][T17494] loop3: detected capacity change from 0 to 40427 [ 514.255917][T17494] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x1fffff [ 514.268067][T17494] F2FS-fs (loop3): invalid crc value [ 514.282671][ T35] hfsplus: b-tree write err: -5, ino 4 [ 514.293706][T17494] F2FS-fs (loop3): Found nat_bits in checkpoint [ 514.341276][ T5291] usb 2-1: USB disconnect, device number 24 [ 514.396162][T17494] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 514.416792][T17518] loop5: detected capacity change from 0 to 128 [ 514.446389][T17518] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 514.464720][T13727] syz-executor: attempt to access beyond end of device [ 514.464720][T13727] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 514.467039][T17518] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 514.487524][T13727] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 514.641687][ T35] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 514.707376][T17524] loop5: detected capacity change from 0 to 64 [ 514.916446][T15199] Bad inode number on dev loop5: 4160749571 is out of range [ 515.003569][T15199] Bad inode number on dev loop5: 4160749571 is out of range [ 515.037454][T17530] loop2: detected capacity change from 0 to 256 [ 515.064497][ T11] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 515.147355][T17532] loop4: detected capacity change from 0 to 2048 [ 515.190532][T17530] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62239f2, utbl_chksum : 0xe619d30d) [ 515.219139][T17534] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4165'. [ 515.230635][T17534] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4165'. [ 515.260086][T17532] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 515.764956][T17553] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4177'. [ 516.045601][T17548] loop2: detected capacity change from 0 to 32768 [ 516.114407][T17548] add_index: next_index = 0. Resetting! [ 516.120379][T17548] non-latin1 character 0x3ff found in JFS file name [ 516.127210][T17548] mount with iocharset=utf8 to access [ 516.225519][ T945] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 516.384550][ T5235] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 516.432027][ T5235] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 516.471712][ T5235] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 516.504696][ T5235] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 516.533500][ T5235] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 516.541302][ T5235] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 516.734364][ T945] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 516.978059][T17564] wlan0 speed is unknown, defaulting to 1000 [ 516.987842][T17564] lo speed is unknown, defaulting to 1000 [ 517.245056][T17575] loop3: detected capacity change from 0 to 4096 [ 517.276762][T17563] loop0: detected capacity change from 0 to 32768 [ 517.279739][ T945] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 517.344957][T17563] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 517.505622][T17563] XFS (loop0): Ending clean mount [ 517.534745][T17563] XFS (loop0): Quotacheck needed: Please wait. [ 517.577968][ T945] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 517.638279][T17563] XFS (loop0): Quotacheck: Done. [ 517.778407][T15177] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 517.787773][ T79] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 517.997211][T17564] chnl_net:caif_netlink_parms(): no params data found [ 518.029574][ T79] usb 2-1: Using ep0 maxpacket: 32 [ 518.036711][ T79] usb 2-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7 [ 518.045855][ T79] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 518.106459][ T79] usb 2-1: config 0 descriptor?? [ 518.119606][ T79] gspca_main: sq930x-2.14.0 probing 041e:403c [ 518.205314][T17601] binder: BC_ACQUIRE_RESULT not supported [ 518.211260][T17601] binder: 17600:17601 ioctl c0306201 20000480 returned -22 [ 518.353599][ T945] bridge_slave_1: left allmulticast mode [ 518.360245][ T945] bridge_slave_1: left promiscuous mode [ 518.366853][ T945] bridge0: port 2(bridge_slave_1) entered disabled state [ 518.414724][ T945] bridge_slave_0: left allmulticast mode [ 518.431707][ T945] bridge_slave_0: left promiscuous mode [ 518.437653][ T945] bridge0: port 1(bridge_slave_0) entered disabled state [ 518.498766][T17597] loop3: detected capacity change from 0 to 32768 [ 518.591780][ T5291] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 518.652059][ T5235] Bluetooth: hci5: command tx timeout [ 518.763891][ T5291] usb 1-1: Using ep0 maxpacket: 16 [ 518.789759][ T5291] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD3, changing to 0x83 [ 518.811538][ T5291] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 518.851476][ T5291] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 518.861275][ T5291] usb 1-1: New USB device found, idVendor=0458, idProduct=5005, bcdDevice= 0.00 [ 518.886834][ T5291] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 518.917057][ T5291] usb 1-1: config 0 descriptor?? [ 519.022550][ T79] gspca_sq930x: reg_w 0105 bf00 failed -71 [ 519.087110][ T79] sq930x 2-1:0.0: probe with driver sq930x failed with error -71 [ 519.091504][ T931] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 519.099030][ T79] usb 2-1: USB disconnect, device number 25 [ 519.247461][ T945] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 519.260891][ T945] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 519.277338][ T945] bond0 (unregistering): Released all slaves [ 519.285674][ T931] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 519.297936][ T931] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 519.311941][ T931] usb 4-1: config 0 descriptor?? [ 519.329129][ T931] cp210x 4-1:0.0: cp210x converter detected [ 519.342988][T17603] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 519.386374][T17608] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4194'. [ 519.396370][T17603] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 519.481311][ T5291] input: HID 0458:5005 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5005.002F/input/input40 [ 519.534413][ T2906] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 519.543865][T17606] bridge0: port 2(bridge_slave_1) entered disabled state [ 519.574344][ T5291] input: HID 0458:5005 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5005.002F/input/input41 [ 519.676516][ T5291] kye 0003:0458:5005.002F: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5005] on usb-dummy_hcd.0-1/input0 [ 519.678710][ T5291] usb 1-1: USB disconnect, device number 35 [ 519.706156][ T29] kauditd_printk_skb: 163 callbacks suppressed [ 519.706181][ T29] audit: type=1326 audit(1728569531.748:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17615 comm="syz.1.4198" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f544817dff9 code=0x0 [ 519.769153][ T931] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 519.783115][T17564] bridge0: port 1(bridge_slave_0) entered blocking state [ 519.784594][T17564] bridge0: port 1(bridge_slave_0) entered disabled state [ 519.785223][T17564] bridge_slave_0: entered allmulticast mode [ 519.786639][T17564] bridge_slave_0: entered promiscuous mode [ 519.788894][T17564] bridge0: port 2(bridge_slave_1) entered blocking state [ 519.788970][T17564] bridge0: port 2(bridge_slave_1) entered disabled state [ 519.789109][T17564] bridge_slave_1: entered allmulticast mode [ 519.790249][T17564] bridge_slave_1: entered promiscuous mode [ 519.808642][ T931] usb 4-1: cp210x converter now attached to ttyUSB0 [ 519.942679][T17564] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 519.945959][T17564] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 519.992164][ T9] usb 4-1: USB disconnect, device number 29 [ 519.994858][ T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 519.996111][ T9] cp210x 4-1:0.0: device disconnected [ 520.004770][ C1] vkms_vblank_simulate: vblank timer overrun [ 520.085935][ C1] vkms_vblank_simulate: vblank timer overrun [ 520.230560][T17564] team0: Port device team_slave_0 added [ 520.243156][T17564] team0: Port device team_slave_1 added [ 520.395985][T17564] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 520.396010][T17564] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 520.396045][T17564] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 520.397853][T17564] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 520.397871][T17564] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 520.397905][T17564] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 520.724197][ T5235] Bluetooth: hci5: command tx timeout [ 520.802205][ T2906] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 520.987266][T17564] hsr_slave_0: entered promiscuous mode [ 520.989383][T17564] hsr_slave_1: entered promiscuous mode [ 520.995882][T17564] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 520.995997][T17564] Cannot create hsr debugfs directory [ 521.096558][ T945] hsr_slave_0: left promiscuous mode [ 521.106679][ T945] hsr_slave_1: left promiscuous mode [ 521.109076][ T945] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 521.109121][ T945] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 521.109868][ T945] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 521.109908][ T945] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 521.150835][ T945] veth1_macvtap: left promiscuous mode [ 521.150904][ T945] veth0_macvtap: left promiscuous mode [ 521.151039][ T945] veth1_vlan: left promiscuous mode [ 521.151138][ T945] veth0_vlan: left promiscuous mode [ 521.181501][ T5293] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 521.431661][ T5293] usb 4-1: Using ep0 maxpacket: 32 [ 521.439148][ T5293] usb 4-1: config 0 has an invalid descriptor of length 185, skipping remainder of the config [ 521.463237][ T5293] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 521.504433][ T5293] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 521.521316][T17635] loop4: detected capacity change from 0 to 40427 [ 521.537221][ T5293] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 521.562317][T17635] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x1fffff [ 521.574642][T17635] F2FS-fs (loop4): invalid crc value [ 521.586839][ T5293] usb 4-1: config 0 descriptor?? [ 521.594496][ T5293] hub 4-1:0.0: bad descriptor, ignoring hub [ 521.600752][ T5293] hub 4-1:0.0: probe with driver hub failed with error -5 [ 521.603298][T17635] F2FS-fs (loop4): Found nat_bits in checkpoint [ 521.731521][T17635] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 521.844434][ T9103] syz-executor: attempt to access beyond end of device [ 521.844434][ T9103] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 521.874785][ T9103] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 521.890371][ T9103] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 521.972058][ T5293] usb 4-1: USB disconnect, device number 30 [ 522.127416][T17644] loop2: detected capacity change from 0 to 32768 [ 522.173993][T17644] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode. [ 522.271995][ T29] audit: type=1800 audit(1728569534.318:397): pid=17650 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4210" name="bus" dev="loop2" ino=17059 res=0 errno=0 [ 522.322851][ T5293] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 522.526415][T17653] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 522.533133][ T5293] usb 4-1: config 0 has an invalid descriptor of length 185, skipping remainder of the config [ 522.548369][T15633] ocfs2: Unmounting device (7,2) on (node local) [ 522.594920][ T5293] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 522.621429][ T5293] usb 4-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice= 0.40 [ 522.647043][ T5293] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 522.680688][ T5293] usb 4-1: config 0 descriptor?? [ 522.713749][ T5293] ttusbir 4-1:0.0: cannot find expected altsetting [ 522.725646][T17655] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4213'. [ 522.801942][ T5235] Bluetooth: hci5: command tx timeout [ 522.878323][ T945] team0 (unregistering): Port device team_slave_1 removed [ 522.929336][ T25] usb 4-1: USB disconnect, device number 31 [ 522.946378][ T29] audit: type=1326 audit(1728569534.988:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17658 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23297dff9 code=0x7ffc0000 [ 522.989265][ T29] audit: type=1326 audit(1728569534.988:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17658 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23297dff9 code=0x7ffc0000 [ 523.056929][ T945] team0 (unregistering): Port device team_slave_0 removed [ 523.073210][ T29] audit: type=1326 audit(1728569535.038:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17658 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7fc23297dff9 code=0x7ffc0000 [ 523.114033][ T29] audit: type=1326 audit(1728569535.038:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17658 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23297dff9 code=0x7ffc0000 [ 523.170632][ T29] audit: type=1326 audit(1728569535.038:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17658 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23297dff9 code=0x7ffc0000 [ 523.203828][T17665] loop2: detected capacity change from 0 to 256 [ 523.210305][ T29] audit: type=1326 audit(1728569535.058:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17658 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7fc23297dff9 code=0x7ffc0000 [ 523.245887][ T29] audit: type=1326 audit(1728569535.058:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17658 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23297dff9 code=0x7ffc0000 [ 523.262341][T17663] loop4: detected capacity change from 0 to 4096 [ 523.305982][T17663] EXT4-fs: Ignoring removed nobh option [ 523.313551][T17663] EXT4-fs: Ignoring removed i_version option [ 523.387215][T17663] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 523.441696][ T29] audit: type=1800 audit(1728569535.478:405): pid=17663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4216" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 523.554803][ T9103] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 524.239898][ T2488] smc: removing ib device syz2 [ 524.627544][T17678] mkiss: ax0: crc mode is auto. [ 524.642445][ T35] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 524.853107][T17687] loop2: detected capacity change from 0 to 256 [ 524.898097][T17689] openvswitch: netlink: Actions may not be safe on all matching packets [ 524.920355][ T5235] Bluetooth: hci5: command tx timeout [ 524.934709][T17687] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 525.636433][ T5293] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 526.071423][ T5293] usb 3-1: Using ep0 maxpacket: 16 [ 526.173400][ T5293] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 526.184881][ T5293] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 526.193763][ T79] kernel write not supported for file /amidi2 (pid: 79 comm: kworker/1:1) [ 526.218848][T17718] netlink: 'syz.1.4244': attribute type 22 has an invalid length. [ 526.237120][ T5293] usb 3-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 526.306793][ T5293] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 526.358436][ T5293] usb 3-1: config 0 descriptor?? [ 526.577164][ T35] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 526.778808][T17564] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 526.839719][T17564] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 526.860613][T17564] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 526.868525][T17695] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 526.894666][T17695] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 526.918891][T17720] loop4: detected capacity change from 0 to 32768 [ 526.930896][ T5293] hid (null): invalid report_count 14993 [ 526.939503][T17564] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 527.004179][T17720] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 527.105509][T17720] grow_buffers: requested out-of-range block 3472328296227680304 for device loop4 [ 527.135445][T17564] 8021q: adding VLAN 0 to HW filter on device bond0 [ 527.163995][T17720] (syz.4.4241,17720,0):ocfs2_read_blocks_sync:112 ERROR: status = -12 [ 527.172621][ T5293] usb 3-1: string descriptor 0 read error: -71 [ 527.210661][T17720] (syz.4.4241,17720,1):ocfs2_get_suballoc_slot_bit:2786 ERROR: read block 3472328296227680304 failed -12 [ 527.214795][T17564] 8021q: adding VLAN 0 to HW filter on device team0 [ 527.230542][ T5293] usb 3-1: Max retries (5) exceeded reading string descriptor 200 [ 527.244886][T17720] (syz.4.4241,17720,1):ocfs2_get_suballoc_slot_bit:2818 ERROR: status = -12 [ 527.258653][ T5293] letsketch 0003:6161:4D15.0030: probe with driver letsketch failed with error -32 [ 527.266845][T17720] (syz.4.4241,17720,1):ocfs2_test_inode_bit:2900 ERROR: get alloc slot and bit failed -12 [ 527.312068][ T5293] usb 3-1: USB disconnect, device number 25 [ 527.332249][ T2906] bridge0: port 1(bridge_slave_0) entered blocking state [ 527.339481][ T2906] bridge0: port 1(bridge_slave_0) entered forwarding state [ 527.354486][T17720] (syz.4.4241,17720,0):ocfs2_test_inode_bit:2941 ERROR: status = -12 [ 527.374419][T17720] (syz.4.4241,17720,0):ocfs2_get_dentry:78 ERROR: test inode bit failed -12 [ 527.382852][ T2906] bridge0: port 2(bridge_slave_1) entered blocking state [ 527.390263][ T2906] bridge0: port 2(bridge_slave_1) entered forwarding state [ 527.490725][ T9103] ocfs2: Unmounting device (7,4) on (node local) [ 527.720022][T17564] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 528.001572][ T25] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 528.151593][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 528.168984][ T25] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 528.176939][T17564] veth0_vlan: entered promiscuous mode [ 528.192675][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 528.200837][ T25] usb 1-1: Product: syz [ 528.204609][T17564] veth1_vlan: entered promiscuous mode [ 528.209110][ T25] usb 1-1: Manufacturer: syz [ 528.219849][ T25] usb 1-1: SerialNumber: syz [ 528.233589][ T25] usb 1-1: config 0 descriptor?? [ 528.269990][T17564] veth0_macvtap: entered promiscuous mode [ 528.289788][T17564] veth1_macvtap: entered promiscuous mode [ 528.309093][T17564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 528.320008][T17564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.330877][T17564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 528.342110][T17564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.363237][T17564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 528.381220][T17564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.396054][ T5292] kernel write not supported for file /498/net/xfrm_stat (pid: 5292 comm: kworker/1:7) [ 528.401256][T17564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 528.452332][ T25] dvb_usb_rtl28xxu 1-1:0.0: chip type detection failed -71 [ 528.463188][T17564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.480623][ T25] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 528.485511][T17564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 528.518396][T17564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.520178][ T25] usb 1-1: USB disconnect, device number 36 [ 528.543695][T17564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 528.555101][T17564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.568032][T17564] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 528.579874][T17564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 528.590964][T17564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.605018][T17564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 528.636011][T17564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.650968][T17564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 528.662553][T17564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.669264][T17796] loop1: detected capacity change from 0 to 512 [ 528.681203][T17796] EXT4-fs: Ignoring removed i_version option [ 528.681905][T17564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 528.687612][T17796] EXT4-fs: Ignoring removed nobh option [ 528.704647][T17796] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 528.707759][T17564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.734094][T17564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 528.745386][T17564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.754471][T17796] EXT4-fs (loop1): 1 truncate cleaned up [ 528.757474][T17564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 528.773400][T17796] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 528.782032][T17564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.802406][T17564] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 528.819445][T17564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 528.868697][T17564] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 528.950417][ T7524] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 528.986869][T17564] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 529.002535][T17564] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 529.061486][T17564] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 529.070846][T17564] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 529.178809][T17809] netlink: 'syz.1.4273': attribute type 7 has an invalid length. [ 529.214733][T17809] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.4273'. [ 529.361000][ T1113] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 529.393073][ T1113] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 529.467216][T17818] veth1_macvtap: left promiscuous mode [ 529.573480][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 529.603378][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 529.616179][T17826] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4284'. [ 530.419074][ T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 530.704908][T17867] Context (ID=0x1) not attached to queue pair (handle=0x1:0x0) [ 530.747715][T17825] loop2: detected capacity change from 0 to 32768 [ 531.020735][T17862] loop0: detected capacity change from 0 to 32768 [ 531.043573][T17862] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4300 (17862) [ 531.132808][T17830] loop5: detected capacity change from 0 to 40427 [ 531.140466][T17862] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 531.151306][T17862] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 531.160366][T17862] BTRFS info (device loop0): using free-space-tree [ 531.223173][T17825] XFS (loop2): Mounting V5 Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 531.241810][T17830] F2FS-fs (loop5): invalid crc value [ 531.258377][T17882] loop3: detected capacity change from 0 to 4096 [ 531.263527][T17830] F2FS-fs (loop5): Found nat_bits in checkpoint [ 531.272061][T17882] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 531.307885][T17882] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 531.408225][T17830] F2FS-fs (loop5): Start checkpoint disabled! [ 531.428160][T13727] ntfs3(loop3): ino=1a, ntfs_sync_fs failed, -22. [ 531.439116][T17830] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 531.479510][T17825] XFS (loop2): Ending clean mount [ 531.686785][T15177] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 531.690777][ T35] kworker/u8:2: attempt to access beyond end of device [ 531.690777][ T35] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 531.706679][T15633] XFS (loop2): Unmounting Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 531.734178][ T35] F2FS-fs (loop5): Remounting filesystem read-only [ 531.741106][ T35] F2FS-fs (loop5): Remounting filesystem read-only [ 532.043405][T17921] loop2: detected capacity change from 0 to 1024 [ 532.053186][T17921] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 532.140994][T17921] overlay: Unknown parameter '32 [ 532.140994][T17921] time [ 532.140994][T17921] string [ 532.140994][T17921] statistic [ 532.140994][T17921] state [ 532.140994][T17921] realm [ 532.140994][T17921] rateest [ 532.140994][T17921] quota [ 532.140994][T17921] pkttype [ 532.140994][T17921] physdev [ 532.140994][T17921] cgroup [ 532.140994][T17921] cgroup [ 532.140994][T17921] cgroup [ 532.140994][T17921] owner [ 532.140994][T17921] nfacct [ 532.140994][T17921] nfacct [ 532.140994][T17921] mac [ 532.140994][T17921] limit [ 532.140994][T17921] ipvs [ 532.140994][T17921] helper [ 532.140994][T17921] devgroup [ 532.140994][T17921] cpu [ 532.140994][T17921] conntrack [ 532.140994][T17921] conntrack [ 532.140994][T17921] conntrack [ 532.140994][T17921] connlimit [ 532.140994][T17921] connlabel [ 532.140994][T17921] connbytes [ 532.140994][T17921] comment [ 532.140994][T17921] cluster [ 532.140994][T17921] bpf [ 532.140994][T17921] bpf [ 532.140994][T17921] addrtype [ 532.140994][T17921] connmark [ 532.140994][T17921] mark [ 532.140994][T17921] rpfilter [ 532.140994][T17921] ah [ 532.140994][T17921] tcpmss [ 532.140994][T17921] socket [ 532.140994][T17921] socket [ 532.140994][T17921] socket [ 532.140994][T17921] socket [ 532.140994][T17921] sctp [ 532.140994][T17921] recent [ 532.140994][T17921] recent [ 532.140994][T17921] policy [ 532.140994][T17921] osf [ 532.140994][T17921] multiport [ 532.140994][T17921] length [ 532.140994][T17921] l2tp [ 532.140994][T17921] iprange [ 532.140994][T17921] ipcomp [ 532.140994][T17921] ttl [ 532.140994][T17921] hashlimit [ 532.140994][T17921] hashlimit [ 532.140994][T17921] hashlimit [ 532.140994][T17921] esp [ 532.140994][T17921] ecn [ 532.140994][T17921] tos [ 532.140994][T17921] dscp [ 532.140994][T17921] dccp [ 532.140994][T17921] addrtype [ 532.140994][T17921] set [ 532.140994][T17921] set [ 532.140994][T17921] set [ 532.140994][T17921] set [ 532.140994][T17921] set [ 532.140994][T17921] icmp [ 532.345216][ T11] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 532.635696][T17939] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4321'. [ 532.837170][T17943] vlan2: entered promiscuous mode [ 533.259758][T17957] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 533.442684][ T5292] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 533.512251][T17967] loop1: detected capacity change from 0 to 256 [ 533.530099][T17963] loop2: detected capacity change from 0 to 512 [ 533.563036][T17967] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 533.621769][ T5292] usb 1-1: Using ep0 maxpacket: 8 [ 533.668527][ T5292] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 533.680604][T17963] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 533.684648][ T5292] usb 1-1: config 179 has no interface number 0 [ 533.700969][T17963] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it [ 533.712832][ T5292] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 533.722576][T17971] syz.5.4335 uses obsolete (PF_INET,SOCK_PACKET) [ 533.746518][T17963] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.4332: Corrupt directory, running e2fsck is recommended [ 533.771528][T17963] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 533.832410][T17963] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.4332: corrupted in-inode xattr: invalid ea_ino [ 533.834711][ T5292] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 533.890775][T17963] EXT4-fs (loop2): Remounting filesystem read-only [ 533.909174][ T5292] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 533.913785][T17963] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 533.951768][ T5292] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 533.970339][ T5292] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 534.000268][ T5292] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 534.002495][T15633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 534.017720][ T5292] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 534.073739][T17954] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 534.182293][T17982] loop2: detected capacity change from 0 to 512 [ 534.220369][T17982] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 534.285921][T17983] loop5: detected capacity change from 0 to 512 [ 534.306271][T17982] EXT4-fs (loop2): 1 truncate cleaned up [ 534.316505][T17983] EXT4-fs error (device loop5): ext4_init_orphan_info:586: comm syz.5.4338: inode #0: comm syz.5.4338: iget: illegal inode # [ 534.333071][T17982] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 534.433002][T17983] EXT4-fs (loop5): get orphan inode failed [ 534.457913][T17987] loop1: detected capacity change from 0 to 2048 [ 534.502034][T17983] EXT4-fs (loop5): mount failed [ 534.524440][T17987] EXT4-fs: Ignoring removed mblk_io_submit option [ 534.603104][ T25] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input43 [ 534.649707][T15633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 534.665372][T17987] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 534.840910][ T25] usb 1-1: USB disconnect, device number 37 [ 534.847178][ C1] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 534.847226][ C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 534.880346][ T25] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 534.946833][ T7524] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 535.542014][T18021] loop0: detected capacity change from 0 to 128 [ 535.726741][T18007] loop5: detected capacity change from 0 to 32768 [ 535.750316][ T1113] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 535.790224][T18021] VFS: Found a Xenix FS (block size = 512) on device loop0 [ 535.817553][T18021] sysv_free_block: trying to free block not in datazone [ 535.875940][T18007] [ 535.875940][T18007] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 535.875940][T18007] [ 535.927532][T18007] [ 535.927532][T18007] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 535.927532][T18007] [ 535.944695][ T29] audit: type=1800 audit(1728569547.968:406): pid=18007 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4350" name="file1" dev="loop5" ino=0 res=0 errno=0 [ 535.965469][T15177] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 535.978407][T18007] [ 535.978407][T18007] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 535.978407][T18007] [ 535.990689][T18007] [ 535.990689][T18007] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 535.990689][T18007] [ 536.010869][T18007] [ 536.010869][T18007] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 536.010869][T18007] [ 536.024909][T18007] [ 536.024909][T18007] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 536.024909][T18007] [ 536.142256][ T109] [ 536.142256][ T109] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 536.142256][ T109] [ 536.271409][T17564] [ 536.271409][T17564] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 536.271409][T17564] [ 536.302258][T18031] loop1: detected capacity change from 0 to 40427 [ 536.313364][T18031] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 536.320540][T18031] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 536.323680][T17564] [ 536.323680][T17564] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 536.323680][T17564] [ 536.332131][T18031] F2FS-fs (loop1): invalid crc value [ 536.350904][T18031] F2FS-fs (loop1): Found nat_bits in checkpoint [ 536.596116][T18041] input: syz1 as /devices/virtual/input/input44 [ 536.632150][T18031] F2FS-fs (loop1): Start checkpoint disabled! [ 536.753371][T18031] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 536.760631][T18031] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 536.875038][T18031] syz.1.4362: attempt to access beyond end of device [ 536.875038][T18031] loop1: rw=2049, sector=53248, nr_sectors = 8 limit=40427 [ 537.080113][ T2906] kworker/u8:9: attempt to access beyond end of device [ 537.080113][ T2906] loop1: rw=2049, sector=40960, nr_sectors = 32 limit=40427 [ 537.111559][ T2906] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 537.129018][ T2906] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 537.149350][ T2906] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 537.161490][ T2906] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 537.214054][T18037] loop2: detected capacity change from 0 to 32768 [ 537.251518][T18037] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4364 (18037) [ 537.301139][T18037] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 537.318541][T18022] loop3: detected capacity change from 0 to 40427 [ 537.321208][T18037] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 537.360816][T18022] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 537.364890][T18037] BTRFS info (device loop2): using free-space-tree [ 537.382179][T18022] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 537.391840][T18052] loop4: detected capacity change from 0 to 4096 [ 537.400045][T18022] F2FS-fs (loop3): invalid crc value [ 537.411234][T18022] F2FS-fs (loop3): Found nat_bits in checkpoint [ 537.431592][T18052] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 537.603084][T18070] loop5: detected capacity change from 0 to 512 [ 537.610409][T18072] xt_CT: You must specify a L4 protocol and not use inversions on it [ 537.646830][T18022] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 537.662939][ T25] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 537.678495][T18022] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 537.689304][T18052] ntfs3(loop4): failed to convert "c46c" to iso8859-2 [ 537.710493][T18070] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.4374: invalid block [ 537.769889][T18070] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4374: invalid indirect mapped block 4294967295 (level 1) [ 537.806018][T18070] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4374: invalid indirect mapped block 4294967295 (level 1) [ 537.853832][ T25] usb 1-1: Using ep0 maxpacket: 16 [ 537.862335][T18070] EXT4-fs (loop5): 2 truncates cleaned up [ 537.863231][ T25] usb 1-1: config 0 has an invalid descriptor of length 110, skipping remainder of the config [ 537.870252][T18070] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 537.887226][ T25] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x1D, changing to 0xD [ 537.906788][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 118, changing to 10 [ 537.957762][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 25956, setting to 1024 [ 537.978404][ T25] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 538.006536][ T25] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 538.028657][ T25] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 538.041997][ T25] usb 1-1: Manufacturer: syz [ 538.050449][ T25] usb 1-1: config 0 descriptor?? [ 538.082528][ T2906] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 538.102946][T18056] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 538.114374][ T25] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 538.130574][T15633] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 538.132010][T18069] EXT4-fs error (device loop5): ext4_get_parent:1860: inode #11: comm syz.5.4374: bad parent inode number: 3 [ 538.424571][T17564] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 538.459627][ T5292] usb 1-1: USB disconnect, device number 38 [ 538.589671][T18099] loop1: detected capacity change from 0 to 1024 [ 538.627877][T18099] hfsplus: request for non-existent node 3 in B*Tree [ 538.681488][T18099] hfsplus: request for non-existent node 3 in B*Tree [ 539.018330][T18105] loop1: detected capacity change from 0 to 16 [ 539.053409][T18105] erofs: (device loop1): mounted with root inode @ nid 36. [ 539.157659][T18111] batadv0: entered promiscuous mode [ 539.177173][T18108] loop2: detected capacity change from 0 to 2048 [ 539.182491][T18111] macsec1: entered promiscuous mode [ 539.219885][T18111] macsec1: entered allmulticast mode [ 539.243903][T18111] batadv0: entered allmulticast mode [ 539.266331][T18108] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 539.320951][T18108] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 539.519819][T15633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 539.766691][T18094] loop4: detected capacity change from 0 to 40427 [ 539.817185][T18094] F2FS-fs (loop4): invalid crc value [ 539.827577][T18094] F2FS-fs (loop4): Found nat_bits in checkpoint [ 539.997523][T18094] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 540.206567][T18094] F2FS-fs (loop4): Stopped filesystem due to reason: 0 [ 540.356335][T18115] loop0: detected capacity change from 0 to 32768 [ 540.734564][T18124] loop1: detected capacity change from 0 to 32768 [ 540.762158][T18130] loop3: detected capacity change from 0 to 32768 [ 540.897024][T18151] loop4: detected capacity change from 0 to 512 [ 540.950700][T18130] XFS (loop3): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent. [ 540.995780][T18151] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.4400: invalid block [ 541.058157][T18130] XFS (loop3): Quotacheck needed: Please wait. [ 541.074071][T18124] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 541.085926][ T79] XFS (loop3): Metadata CRC error detected at xfs_rmapbt_read_verify+0x41/0xd0, xfs_rmapbt block 0x14 [ 541.089533][T18151] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4400: invalid indirect mapped block 4294967295 (level 1) [ 541.100626][ T79] XFS (loop3): Unmount and run xfs_repair [ 541.131534][ T79] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 541.139521][T18164] netlink: 168 bytes leftover after parsing attributes in process `syz.0.4405'. [ 541.148838][ T79] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff RMB3............ [ 541.148866][ T79] 00000010: 00 00 02 00 00 00 00 14 00 00 00 01 00 00 00 80 ................ [ 541.180747][ T79] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 541.190565][ T79] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01 ....[.;......... [ 541.196222][T18124] (syz.1.4394,18124,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214 [ 541.207079][ T79] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00 ................ [ 541.226472][ T79] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb ................ [ 541.238678][ T79] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02 ................ [ 541.239777][T18151] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4400: invalid indirect mapped block 4294967295 (level 1) [ 541.247742][ T79] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00 ................ [ 541.247808][ T2906] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x14 len 4 error 74 [ 541.261811][ T2906] XFS (loop3): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x663/0xad0 (fs/xfs/xfs_trans_buf.c:296). Shutting down filesystem. [ 541.283091][ T945] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 541.291398][ T2906] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 541.329409][T18130] XFS (loop3): Quotacheck: Unsuccessful (Error -117): Disabling quotas. [ 541.339796][T18151] EXT4-fs (loop4): 2 truncates cleaned up [ 541.387064][T18151] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 541.455056][T18170] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4407'. [ 541.498353][T18151] EXT4-fs (loop4): shut down requested (2) [ 541.505466][T13727] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 541.575511][ T7524] ocfs2: Unmounting device (7,1) on (node local) [ 541.605859][ C1] vkms_vblank_simulate: vblank timer overrun [ 541.637282][ T9103] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 541.734785][ C1] vkms_vblank_simulate: vblank timer overrun [ 541.872250][T18178] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4414'. [ 542.105041][T18187] loop0: detected capacity change from 0 to 512 [ 542.168068][T18194] delete_channel: no stack [ 542.168544][T18193] loop3: detected capacity change from 0 to 512 [ 542.184071][T18193] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 542.198071][T18187] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 542.201138][T18192] delete_channel: no stack [ 542.212212][T18187] ext4 filesystem being mounted at /173/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 542.231038][T18193] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 542.322243][T18187] EXT4-fs error (device loop0): ext4_ext_check_inode:524: inode #2: comm syz.0.4416: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 542.411845][T18193] EXT4-fs error (device loop3): ext4_do_update_inode:5121: inode #2: comm syz.3.4409: corrupted inode contents [ 542.435415][T18193] EXT4-fs error (device loop3): ext4_dirty_inode:5984: inode #2: comm syz.3.4409: mark_inode_dirty error [ 542.463226][T18193] EXT4-fs error (device loop3): ext4_do_update_inode:5121: inode #2: comm syz.3.4409: corrupted inode contents [ 542.630993][T18208] loop4: detected capacity change from 0 to 16 [ 542.673927][T18208] erofs: (device loop4): mounted with root inode @ nid 36. [ 542.718277][T15177] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 542.736076][T13727] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 542.851836][T18214] delete_channel: no stack [ 542.891605][ C1] vkms_vblank_simulate: vblank timer overrun [ 543.029543][T18216] loop2: detected capacity change from 0 to 1024 [ 543.189326][T18216] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 543.319464][T15633] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 543.533142][ T5333] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 543.582140][ T25] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 543.667355][T18222] loop5: detected capacity change from 0 to 32768 [ 543.703262][ T5333] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0 [ 543.739698][ T5333] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 543.765465][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 543.770306][ T5333] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 543.776346][ T25] usb 1-1: New USB device found, idVendor=0458, idProduct=7003, bcdDevice=7a.1a [ 543.778615][ T5333] usb 2-1: Product: syz [ 543.806686][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 543.821606][ T5333] usb 2-1: Manufacturer: syz [ 543.826364][ T5333] usb 2-1: SerialNumber: syz [ 543.835990][ T25] usb 1-1: Product: syz [ 543.843758][ T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 543.854647][ T25] usb 1-1: Manufacturer: syz [ 543.859266][ T25] usb 1-1: SerialNumber: syz [ 543.875192][T18233] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 543.902363][ T25] usb 1-1: config 0 descriptor?? [ 543.916954][ T5333] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22 [ 543.924311][ T25] gspca_main: sn9c2028-2.14.0 probing 0458:7003 [ 544.130551][ T25] gspca_sn9c2028: read1 error -32 [ 544.137089][ T25] gspca_sn9c2028: read1 error -32 [ 544.172781][T18233] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 544.189850][T18243] team_slave_0: entered promiscuous mode [ 544.195778][T18243] team_slave_1: entered promiscuous mode [ 544.203723][T18243] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 544.220614][T18243] team0: Device macvlan2 is already an upper device of the team interface [ 544.238294][T18233] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 544.256224][ T25] usb 2-1: USB disconnect, device number 26 [ 544.266498][T18243] team_slave_0: left promiscuous mode [ 544.272070][T18243] team_slave_1: left promiscuous mode [ 544.391308][ C1] vkms_vblank_simulate: vblank timer overrun [ 544.491780][T18238] loop2: detected capacity change from 0 to 40427 [ 544.513538][ T9] usb 1-1: USB disconnect, device number 39 [ 544.523738][T18238] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x1fffff [ 544.592019][T18238] F2FS-fs (loop2): invalid crc value [ 544.622274][T18238] F2FS-fs (loop2): Found nat_bits in checkpoint [ 544.634592][T18252] loop3: detected capacity change from 0 to 4096 [ 544.664299][T18252] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 544.764947][T18238] F2FS-fs (loop2): Start checkpoint disabled! [ 544.781319][T18238] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 544.792135][ T25] usb 2-1: new full-speed USB device number 27 using dummy_hcd [ 544.853731][T18238] F2FS-fs (loop2): inject alloc nid in f2fs_alloc_nid of f2fs_new_inode+0x14d/0x1220 [ 544.973433][ T25] usb 2-1: config index 0 descriptor too short (expected 301, got 72) [ 544.981999][ T25] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 545.019994][ T25] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 545.071806][ T25] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 545.092247][ T25] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 1024, setting to 64 [ 545.145644][ T25] usb 2-1: config 16 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 545.158458][ T12] kworker/u8:1: attempt to access beyond end of device [ 545.158458][ T12] loop2: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 545.191532][ T25] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 545.207801][ T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 545.231452][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 545.240285][ T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 545.258865][T18250] loop4: detected capacity change from 0 to 32768 [ 545.266161][ T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 545.274806][T18233] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 545.300583][T18250] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4441 (18250) [ 545.320916][T18250] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 545.342441][T18250] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 545.393083][T18250] BTRFS info (device loop4): using free-space-tree [ 545.574688][ T25] usb 2-1: usb_control_msg returned -71 [ 545.580412][ T25] usbtmc 2-1:16.0: can't read capabilities [ 545.601440][ T25] usbtmc 2-1:16.0: Failed to submit iin_urb [ 545.642556][ T25] usbtmc 2-1:16.0: probe with driver usbtmc failed with error -90 [ 545.696389][ T25] usb 2-1: USB disconnect, device number 27 [ 545.756669][T18260] loop3: detected capacity change from 0 to 32768 [ 545.799977][T18258] loop5: detected capacity change from 0 to 32768 [ 546.110260][T18260] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 546.122323][T18258] XFS (loop5): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 546.229179][T18309] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4454'. [ 546.236540][T18260] XFS (loop3): Ending clean mount [ 546.276965][T18260] XFS (loop3): Quotacheck needed: Please wait. [ 546.361832][ T9103] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 546.378592][T18258] XFS (loop5): Ending clean mount [ 546.465485][T18260] XFS (loop3): Quotacheck: Done. [ 546.468819][ T29] audit: type=1800 audit(1728569558.508:407): pid=18258 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4445" name="file1" dev="loop5" ino=6150 res=0 errno=0 [ 546.667467][ C1] vkms_vblank_simulate: vblank timer overrun [ 546.686948][ T25] XFS (loop5): Metadata CRC error detected at xfs_rmapbt_read_verify+0x41/0xd0, xfs_rmapbt block 0x14 [ 546.781644][ T25] XFS (loop5): Unmount and run xfs_repair [ 546.816959][ T25] XFS (loop5): First 128 bytes of corrupted metadata buffer: [ 546.872712][ C1] vkms_vblank_simulate: vblank timer overrun [ 546.880824][ T25] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff RMB3............ [ 546.890965][ T25] 00000010: 00 00 00 00 00 00 00 14 00 00 00 01 00 00 00 10 ................ [ 546.900891][ T25] 00000020: ed 37 bf 6e 74 ea 4e 01 af ba 5f ee 27 4b 0f 3a .7.nt.N..._.'K.: [ 546.910833][ T25] 00000030: 00 00 00 00 05 1b 0d e2 00 00 00 00 00 00 00 01 ................ [ 546.919999][ T25] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00 ................ [ 546.929044][ T25] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb ................ [ 546.938502][ T25] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02 ................ [ 546.947453][ T25] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00 ................ [ 546.976797][T18258] XFS (loop5): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x14 len 4 error 74 [ 547.030330][T13727] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 547.039180][ T5292] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 547.097535][T18258] XFS (loop5): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x663/0xad0 (fs/xfs/xfs_trans_buf.c:296). Shutting down filesystem. [ 547.139011][ C1] vkms_vblank_simulate: vblank timer overrun [ 547.139601][T18258] XFS (loop5): Please unmount the filesystem and rectify the problem(s) [ 547.189877][T17564] XFS (loop5): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 547.222108][ C1] vkms_vblank_simulate: vblank timer overrun [ 547.267837][ C1] vkms_vblank_simulate: vblank timer overrun [ 547.285724][ T5292] usb 2-1: Using ep0 maxpacket: 8 [ 547.357936][ T5292] usb 2-1: config 0 has an invalid interface number: 186 but max is 0 [ 547.371528][ T5292] usb 2-1: config 0 has no interface number 0 [ 547.385055][ T5292] usb 2-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 547.416758][ T5292] usb 2-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A [ 547.460778][ C1] vkms_vblank_simulate: vblank timer overrun [ 547.501808][ T5292] usb 2-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 108, changing to 10 [ 547.522107][ T5292] usb 2-1: config 0 interface 186 altsetting 0 endpoint 0x8A has invalid maxpacket 8949, setting to 1024 [ 547.560277][ T5292] usb 2-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 547.606571][ T5292] usb 2-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 547.625699][ T5292] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 547.654447][ T5292] usb 2-1: Product: syz [ 547.659190][ T5292] usb 2-1: Manufacturer: syz [ 547.691486][ T5292] usb 2-1: SerialNumber: syz [ 547.707925][ T5292] usb 2-1: config 0 descriptor?? [ 547.879111][ C1] vkms_vblank_simulate: vblank timer overrun [ 547.962661][T18334] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 547.976741][ T5292] iowarrior 2-1:0.186: IOWarrior product=0x1505, serial=42424242 interface=186 now attached to iowarrior0 [ 548.241190][ T5292] usb 2-1: USB disconnect, device number 28 [ 548.264043][ T5292] iowarrior 2-1:0.186: I/O-Warror #0 now disconnected [ 548.540188][T18350] loop0: detected capacity change from 0 to 1024 [ 548.570144][T18350] EXT4-fs: Ignoring removed orlov option [ 548.629899][T18350] EXT4-fs (loop0): Test dummy encryption mode enabled [ 548.631463][T18354] netlink: 'syz.2.4475': attribute type 1 has an invalid length. [ 548.690559][T18354] netlink: 9380 bytes leftover after parsing attributes in process `syz.2.4475'. [ 548.697963][T18350] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 548.749819][T18328] loop4: detected capacity change from 0 to 32768 [ 548.757611][ C1] vkms_vblank_simulate: vblank timer overrun [ 548.827204][ C1] vkms_vblank_simulate: vblank timer overrun [ 549.109583][T18345] loop5: detected capacity change from 0 to 40427 [ 549.157971][ C1] vkms_vblank_simulate: vblank timer overrun [ 549.162037][T18345] F2FS-fs (loop5): invalid crc value [ 549.173966][T18345] F2FS-fs (loop5): Found nat_bits in checkpoint [ 549.226619][T15177] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 549.418931][T18376] loop3: detected capacity change from 0 to 1024 [ 549.431884][T18345] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 549.523471][T18376] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 549.564301][T17564] syz-executor: attempt to access beyond end of device [ 549.564301][T17564] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 549.601665][T17564] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 549.612158][ T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 549.781847][ T5291] usb 1-1: new high-speed USB device number 40 using dummy_hcd [ 549.899296][T13727] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 549.930841][T18394] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4492'. [ 549.958977][ T5291] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 549.969704][ T5291] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 549.982497][ T5291] usb 1-1: Product: syz [ 549.986747][ T5291] usb 1-1: Manufacturer: syz [ 550.045774][T18394] netlink: 'syz.4.4492': attribute type 10 has an invalid length. [ 550.060540][ T5291] usb 1-1: SerialNumber: syz [ 550.080922][ T5291] usb 1-1: config 0 descriptor?? [ 550.103838][ T5291] ch341 1-1:0.0: ch341-uart converter detected [ 550.113419][T18394] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 550.392859][T18408] trusted_key: encrypted_key: keyword 'updat_fault' not recognized [ 550.585909][T18413] netlink: 'syz.5.4486': attribute type 10 has an invalid length. [ 550.655811][T18413] netlink: 55 bytes leftover after parsing attributes in process `syz.5.4486'. [ 550.882209][ T35] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 550.920091][ T5291] usb 1-1: failed to send control message: -71 [ 550.946724][ T5291] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 551.014290][T18433] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4509'. [ 551.024089][ T5291] usb 1-1: USB disconnect, device number 40 [ 551.034270][ T5291] ch341 1-1:0.0: device disconnected [ 551.074301][ T12] Bluetooth: hci7: Frame reassembly failed (-84) [ 551.300888][T18448] loop1: detected capacity change from 0 to 16 [ 551.316704][T18448] erofs: (device loop1): mounted with root inode @ nid 36. [ 551.359999][T18448] overlayfs: failed to get metacopy (-117) [ 551.517524][ T29] audit: type=1326 audit(1728569563.558:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18458 comm="syz.2.4520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a4f7dff9 code=0x7ffc0000 [ 551.566561][ T29] audit: type=1326 audit(1728569563.588:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18458 comm="syz.2.4520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a4f7dff9 code=0x7ffc0000 [ 551.588905][ C1] vkms_vblank_simulate: vblank timer overrun [ 551.673434][ T29] audit: type=1326 audit(1728569563.638:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18458 comm="syz.2.4520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc2a4f7dff9 code=0x7ffc0000 [ 551.745653][ T29] audit: type=1326 audit(1728569563.638:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18458 comm="syz.2.4520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a4f7dff9 code=0x7ffc0000 [ 551.822251][ T29] audit: type=1326 audit(1728569563.638:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18458 comm="syz.2.4520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a4f7dff9 code=0x7ffc0000 [ 551.905650][ T29] audit: type=1326 audit(1728569563.638:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18458 comm="syz.2.4520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc2a4f7dff9 code=0x7ffc0000 [ 551.967314][ T29] audit: type=1326 audit(1728569563.638:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18458 comm="syz.2.4520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a4f7dff9 code=0x7ffc0000 [ 551.975120][T18478] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4528'. [ 552.049766][ T29] audit: type=1326 audit(1728569563.638:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18458 comm="syz.2.4520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a4f7dff9 code=0x7ffc0000 [ 552.105450][ T29] audit: type=1326 audit(1728569563.648:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18458 comm="syz.2.4520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7fc2a4f7dff9 code=0x7ffc0000 [ 552.209179][ T29] audit: type=1326 audit(1728569563.648:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18458 comm="syz.2.4520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a4f7dff9 code=0x7ffc0000 [ 657.301351][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 657.308373][ C1] rcu: 0-...!: (1 GPs behind) idle=1a8c/1/0x4000000000000000 softirq=70885/70886 fqs=0 [ 657.321125][ C1] rcu: (detected by 1, t=10506 jiffies, g=75945, q=362 ncpus=2) [ 657.328875][ C1] Sending NMI from CPU 1 to CPUs 0: [ 657.328915][ C0] NMI backtrace for cpu 0 [ 657.328930][ C0] CPU: 0 UID: 0 PID: 18490 Comm: syz.5.4533 Not tainted 6.12.0-rc2-syzkaller-00074-gd3d1556696c1 #0 [ 657.328958][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 657.328993][ C0] RIP: 0010:lock_release+0x51/0xa30 [ 657.329044][ C0] Code: 04 25 28 00 00 00 48 89 84 24 e0 00 00 00 49 bf 00 00 00 00 00 fc ff df 48 c7 44 24 60 b3 8a b5 41 48 c7 44 24 68 4f d7 09 8e <48> c7 44 24 70 10 7d 70 81 4c 8d 64 24 60 49 c1 ec 03 48 b8 f1 f1 [ 657.329065][ C0] RSP: 0018:ffffc90000007900 EFLAGS: 00000086 [ 657.329087][ C0] RAX: 5e506c23115a4500 RBX: dffffc0000000000 RCX: 5e506c23115a4500 [ 657.329106][ C0] RDX: dffffc0000000000 RSI: ffffffff84c26550 RDI: ffffffff8f09b720 [ 657.329125][ C0] RBP: ffffc90000007a30 R08: ffffffff942c5807 R09: 1ffffffff2858b00 [ 657.329144][ C0] R10: dffffc0000000000 R11: fffffbfff2858b01 R12: 0000000000000000 [ 657.329161][ C0] R13: ffffffff84c26550 R14: ffffffff84c26550 R15: dffffc0000000000 [ 657.329184][ C0] FS: 00007fa517ade6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 657.329206][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 657.329223][ C0] CR2: 000000110c25b2c8 CR3: 000000007b4a4000 CR4: 0000000000350ef0 [ 657.329242][ C0] Call Trace: [ 657.329254][ C0] [ 657.329266][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 657.329299][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 657.329338][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 657.329366][ C0] ? nmi_handle+0x2a/0x5a0 [ 657.329404][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 657.329441][ C0] ? nmi_handle+0x151/0x5a0 [ 657.329467][ C0] ? nmi_handle+0x2a/0x5a0 [ 657.329493][ C0] ? lock_release+0x51/0xa30 [ 657.329528][ C0] ? default_do_nmi+0x63/0x160 [ 657.329562][ C0] ? exc_nmi+0x123/0x1f0 [ 657.329590][ C0] ? end_repeat_nmi+0xf/0x53 [ 657.329614][ C0] ? debug_objects_fill_pool+0x80/0x9f0 [ 657.329653][ C0] ? debug_objects_fill_pool+0x80/0x9f0 [ 657.329691][ C0] ? debug_objects_fill_pool+0x80/0x9f0 [ 657.329726][ C0] ? lock_release+0x51/0xa30 [ 657.329762][ C0] ? lock_release+0x51/0xa30 [ 657.329799][ C0] ? lock_release+0x51/0xa30 [ 657.329835][ C0] [ 657.329843][ C0] [ 657.329855][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 657.329890][ C0] ? __lock_acquire+0x1384/0x2050 [ 657.329934][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.329964][ C0] ? debug_objects_fill_pool+0x80/0x9f0 [ 657.329999][ C0] debug_objects_fill_pool+0xc1/0x9f0 [ 657.330038][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.330063][ C0] ? __lock_acquire+0x1384/0x2050 [ 657.330106][ C0] ? __pfx_debug_objects_fill_pool+0x10/0x10 [ 657.330143][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.330171][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.330197][ C0] ? advance_sched+0xa02/0xca0 [ 657.330232][ C0] debug_object_activate+0x135/0x510 [ 657.330268][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 657.330303][ C0] ? __pfx_debug_object_activate+0x10/0x10 [ 657.330336][ C0] ? advance_sched+0xa02/0xca0 [ 657.330365][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.330390][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 657.330427][ C0] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 657.330464][ C0] enqueue_hrtimer+0x30/0x3c0 [ 657.330496][ C0] __hrtimer_run_queues+0x6cb/0xd50 [ 657.330522][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 657.330569][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 657.330595][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.330620][ C0] ? ktime_get_update_offsets_now+0x22d/0x250 [ 657.330658][ C0] hrtimer_interrupt+0x396/0x990 [ 657.330699][ C0] __sysvec_apic_timer_interrupt+0x112/0x3f0 [ 657.330728][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 657.330764][ C0] [ 657.330773][ C0] [ 657.330782][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 657.330828][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140 [ 657.330864][ C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 ae 63 2f f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 33 09 94 f5 65 8b 05 44 a3 34 74 85 c0 74 43 48 c7 04 24 0e 36 [ 657.330884][ C0] RSP: 0018:ffffc900194778c0 EFLAGS: 00000206 [ 657.330905][ C0] RAX: 5e506c23115a4500 RBX: 1ffff9200328ef1c RCX: ffffffff9a3cc903 [ 657.330923][ C0] RDX: dffffc0000000000 RSI: ffffffff8c0acac0 RDI: 0000000000000001 [ 657.330941][ C0] RBP: ffffc90019477958 R08: ffffffff901cee2f R09: 1ffffffff2039dc5 [ 657.330959][ C0] R10: dffffc0000000000 R11: fffffbfff2039dc6 R12: dffffc0000000000 [ 657.330978][ C0] R13: 1ffff9200328ef18 R14: ffffc900194778e0 R15: 0000000000000246 [ 657.331012][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 657.331046][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.331075][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.331099][ C0] ? __wake_up_locked_key+0xea/0x160 [ 657.331144][ C0] timerfd_clock_was_set+0x1e0/0x2f0 [ 657.331171][ C0] ? timerfd_clock_was_set+0x31/0x2f0 [ 657.331199][ C0] clock_was_set+0x78e/0x810 [ 657.331228][ C0] ? __pfx_clock_was_set+0x10/0x10 [ 657.331251][ C0] ? __asan_memcpy+0x40/0x70 [ 657.331274][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.331300][ C0] ? timekeeping_update+0x3e5/0x450 [ 657.331330][ C0] ? do_adjtimex+0x51d/0xae0 [ 657.331362][ C0] timekeeping_inject_offset+0x4e8/0x580 [ 657.331392][ C0] ? do_adjtimex+0x51d/0xae0 [ 657.331427][ C0] ? __pfx_timekeeping_inject_offset+0x10/0x10 [ 657.331459][ C0] ? __pfx_add_device_randomness+0x10/0x10 [ 657.331498][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.331523][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.331554][ C0] do_adjtimex+0x51d/0xae0 [ 657.331590][ C0] ? __pfx_do_adjtimex+0x10/0x10 [ 657.331621][ C0] ? __pfx___might_resched+0x10/0x10 [ 657.331659][ C0] ? __might_fault+0xaa/0x120 [ 657.331682][ C0] ? __pfx_lock_release+0x10/0x10 [ 657.331725][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 657.331749][ C0] ? __might_fault+0xc6/0x120 [ 657.331775][ C0] __x64_sys_clock_adjtime+0x1e3/0x290 [ 657.331815][ C0] ? __pfx___x64_sys_clock_adjtime+0x10/0x10 [ 657.331864][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 657.331901][ C0] ? do_syscall_64+0x100/0x230 [ 657.331928][ C0] ? do_syscall_64+0xb6/0x230 [ 657.331952][ C0] do_syscall_64+0xf3/0x230 [ 657.331979][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 657.332018][ C0] RIP: 0033:0x7fa516d7dff9 [ 657.332039][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 657.332059][ C0] RSP: 002b:00007fa517ade038 EFLAGS: 00000246 ORIG_RAX: 0000000000000131 [ 657.332083][ C0] RAX: ffffffffffffffda RBX: 00007fa516f36058 RCX: 00007fa516d7dff9 [ 657.332101][ C0] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000000 [ 657.332117][ C0] RBP: 00007fa516df0296 R08: 0000000000000000 R09: 0000000000000000 [ 657.332133][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 657.332148][ C0] R13: 0000000000000000 R14: 00007fa516f36058 R15: 00007ffecf336c88 [ 657.332176][ C0] [ 657.332905][ C1] rcu: rcu_preempt kthread starved for 10506 jiffies! g75945 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 658.036931][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 658.046914][ C1] rcu: RCU grace-period kthread stack dump: [ 658.052897][ C1] task:rcu_preempt state:R running task stack:25888 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 658.064742][ C1] Call Trace: [ 658.068122][ C1] [ 658.071072][ C1] __schedule+0x1895/0x4b30 [ 658.075638][ C1] ? __pfx___schedule+0x10/0x10 [ 658.080524][ C1] ? __pfx_lock_release+0x10/0x10 [ 658.085588][ C1] ? __asan_memset+0x23/0x50 [ 658.090223][ C1] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 658.096068][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 658.102435][ C1] ? schedule+0x90/0x320 [ 658.106709][ C1] schedule+0x14b/0x320 [ 658.110897][ C1] schedule_timeout+0x1be/0x310 [ 658.115777][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 658.121171][ C1] ? __pfx_process_timeout+0x10/0x10 [ 658.126496][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.132152][ C1] ? prepare_to_swait_event+0x330/0x350 [ 658.137745][ C1] rcu_gp_fqs_loop+0x2df/0x1330 [ 658.142619][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 658.147857][ C1] ? rcu_gp_init+0x1256/0x1630 [ 658.152663][ C1] ? __pfx_rcu_gp_init+0x10/0x10 [ 658.157627][ C1] ? __pfx_rcu_watching_snap_save+0x10/0x10 [ 658.163540][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 658.168839][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 658.174771][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.180424][ C1] ? finish_swait+0xd4/0x1e0 [ 658.185759][ C1] rcu_gp_kthread+0xa7/0x3b0 [ 658.190398][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 658.195621][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 658.201555][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.207210][ C1] ? __kthread_parkme+0x169/0x1d0 [ 658.212360][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 658.217575][ C1] kthread+0x2f2/0x390 [ 658.221662][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 658.226876][ C1] ? __pfx_kthread+0x10/0x10 [ 658.231482][ C1] ret_from_fork+0x4d/0x80 [ 658.235931][ C1] ? __pfx_kthread+0x10/0x10 [ 658.240538][ C1] ret_from_fork_asm+0x1a/0x30 [ 658.245351][ C1] [ 658.248380][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 658.254711][ C1] CPU: 1 UID: 0 PID: 18487 Comm: syz.0.4534 Not tainted 6.12.0-rc2-syzkaller-00074-gd3d1556696c1 #0 [ 658.265487][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 658.275553][ C1] RIP: 0010:smp_call_function_many_cond+0x19f8/0x2ca0 [ 658.282342][ C1] Code: 89 e6 83 e6 01 31 ff e8 56 f3 0b 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 01 ef 0b 00 eb 38 f3 90 42 0f b6 04 23 <84> c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 e5 ee 0b 00 eb e4 44 [ 658.301967][ C1] RSP: 0018:ffffc9001957f3e0 EFLAGS: 00000246 [ 658.308056][ C1] RAX: 0000000000000000 RBX: 1ffff110170c8ca1 RCX: 0000000000040000 [ 658.316044][ C1] RDX: ffffc90009e3b000 RSI: 000000000003ffff RDI: 0000000000040000 [ 658.324036][ C1] RBP: ffffc9001957f5e0 R08: ffffffff8188f83a R09: 1ffffffff2858b00 [ 658.332027][ C1] R10: dffffc0000000000 R11: fffffbfff2858b01 R12: dffffc0000000000 [ 658.340017][ C1] R13: ffff8880b8646508 R14: ffff8880b873fc80 R15: 0000000000000000 [ 658.348008][ C1] FS: 00007faf4725d6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 658.356959][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 658.363556][ C1] CR2: 00007f5448337a8c CR3: 0000000052158000 CR4: 0000000000350ef0 [ 658.371544][ C1] Call Trace: [ 658.374834][ C1] [ 658.377775][ C1] ? rcu_check_gp_kthread_starvation+0x278/0x310 [ 658.384137][ C1] ? print_other_cpu_stall+0x1475/0x15b0 [ 658.389802][ C1] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 658.395624][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.401276][ C1] ? cgroup_rstat_updated+0x13b/0xc60 [ 658.406678][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.412326][ C1] ? kvm_check_and_clear_guest_paused+0x6a/0xd0 [ 658.418595][ C1] ? rcu_sched_clock_irq+0xa1a/0x10d0 [ 658.423994][ C1] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 658.429648][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.435296][ C1] ? hrtimer_run_queues+0x16c/0x460 [ 658.440512][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.446163][ C1] ? acct_account_cputime+0xd3/0x210 [ 658.451480][ C1] ? update_process_times+0x1ce/0x230 [ 658.456881][ C1] ? tick_nohz_handler+0x37c/0x500 [ 658.462016][ C1] ? __pfx_tick_nohz_handler+0x10/0x10 [ 658.467499][ C1] ? __hrtimer_run_queues+0x553/0xd50 [ 658.472977][ C1] ? ktime_get_update_offsets_now+0x3c/0x250 [ 658.479009][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 658.484747][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.490400][ C1] ? ktime_get_update_offsets_now+0x22d/0x250 [ 658.496500][ C1] ? hrtimer_interrupt+0x396/0x990 [ 658.501653][ C1] ? __sysvec_apic_timer_interrupt+0x112/0x3f0 [ 658.507832][ C1] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 658.513673][ C1] [ 658.516619][ C1] [ 658.519559][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 658.525757][ C1] ? smp_call_function_many_cond+0x19da/0x2ca0 [ 658.531933][ C1] ? smp_call_function_many_cond+0x19f8/0x2ca0 [ 658.538113][ C1] ? __SCT__tp_func_contention_begin+0x8/0x8 [ 658.544131][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.549784][ C1] ? __pfx_do_sync_core+0x10/0x10 [ 658.554845][ C1] ? __pfx___text_poke+0x10/0x10 [ 658.559813][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.565550][ C1] ? __get_immv32+0x19c/0x350 [ 658.570276][ C1] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 658.576636][ C1] ? __pfx___might_resched+0x10/0x10 [ 658.581960][ C1] ? __pfx_do_sync_core+0x10/0x10 [ 658.587012][ C1] on_each_cpu_cond_mask+0x3f/0x80 [ 658.592243][ C1] text_poke_bp_batch+0x352/0xb30 [ 658.597316][ C1] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 658.602892][ C1] ? __pfx___mutex_trylock_common+0x10/0x10 [ 658.608823][ C1] ? __SCT__tp_func_contention_begin+0x8/0x8 [ 658.614856][ C1] text_poke_bp+0xb0/0x100 [ 658.619301][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.624957][ C1] ? __pfx_text_poke_bp+0x10/0x10 [ 658.630009][ C1] ? trace_contention_end+0x3c/0x120 [ 658.635337][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.640995][ C1] ? __mutex_lock+0x2ef/0xd70 [ 658.645783][ C1] ? __SCT__tp_func_contention_begin+0x8/0x8 [ 658.651804][ C1] __static_call_transform+0x51a/0x810 [ 658.657289][ C1] ? __SCT__tp_func_contention_begin+0x8/0x8 [ 658.663306][ C1] ? __pfx___bpf_trace_contention_end+0x10/0x10 [ 658.669571][ C1] ? __pfx___static_call_transform+0x10/0x10 [ 658.675578][ C1] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 658.681499][ C1] ? __pfx___bpf_trace_contention_end+0x10/0x10 [ 658.687773][ C1] ? __SCT__tp_func_contention_begin+0x8/0x8 [ 658.693792][ C1] arch_static_call_transform+0x141/0x380 [ 658.699551][ C1] ? __pfx___bpf_trace_contention_end+0x10/0x10 [ 658.705818][ C1] ? __SCT__tp_func_contention_begin+0x8/0x8 [ 658.711831][ C1] __static_call_update+0xd8/0x5e0 [ 658.717068][ C1] ? __pfx___bpf_trace_contention_end+0x10/0x10 [ 658.723339][ C1] ? __pfx___static_call_update+0x10/0x10 [ 658.729098][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.734843][ C1] ? rcu_is_watching+0x15/0xb0 [ 658.739633][ C1] ? tracepoint_add_func+0x2e4/0x9e0 [ 658.744945][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.750597][ C1] ? tracepoint_add_func+0x49a/0x9e0 [ 658.755911][ C1] ? __pfx___bpf_trace_contention_end+0x10/0x10 [ 658.762172][ C1] tracepoint_add_func+0x918/0x9e0 [ 658.767317][ C1] ? __pfx___bpf_trace_contention_end+0x10/0x10 [ 658.773578][ C1] tracepoint_probe_register_prio_may_exist+0x122/0x190 [ 658.780552][ C1] ? __pfx_tracepoint_probe_register_prio_may_exist+0x10/0x10 [ 658.788046][ C1] ? __pfx___bpf_trace_contention_end+0x10/0x10 [ 658.794312][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.799962][ C1] ? anon_inode_getfile+0xff/0x180 [ 658.805131][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.810788][ C1] ? bpf_probe_register+0x134/0x1f0 [ 658.816017][ C1] bpf_raw_tp_link_attach+0x48b/0x6e0 [ 658.821429][ C1] ? __pfx_bpf_raw_tp_link_attach+0x10/0x10 [ 658.827381][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.833045][ C1] ? fput+0x1a8/0x230 [ 658.837062][ C1] bpf_raw_tracepoint_open+0x177/0x1f0 [ 658.842557][ C1] __sys_bpf+0x3c0/0x810 [ 658.846827][ C1] ? __pfx___sys_bpf+0x10/0x10 [ 658.851627][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 658.857643][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 658.864004][ C1] ? do_syscall_64+0x100/0x230 [ 658.868796][ C1] __x64_sys_bpf+0x7c/0x90 [ 658.873235][ C1] do_syscall_64+0xf3/0x230 [ 658.877765][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 658.883695][ C1] RIP: 0033:0x7faf4637dff9 [ 658.888128][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 658.907783][ C1] RSP: 002b:00007faf4725d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 658.916224][ C1] RAX: ffffffffffffffda RBX: 00007faf46535f80 RCX: 00007faf4637dff9 [ 658.924214][ C1] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000011 [ 658.932197][ C1] RBP: 00007faf463f0296 R08: 0000000000000000 R09: 0000000000000000 [ 658.940267][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 658.948246][ C1] R13: 0000000000000000 R14: 00007faf46535f80 R15: 00007fffbbc8a338 [ 658.956249][ C1] [ 658.959513][ C1] vkms_vblank_simulate: vblank timer overrun