last executing test programs: 3.57033502s ago: executing program 2 (id=3982): syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000a438f420890b070064ef0000000109021a0001000000000904"], 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 3.541670525s ago: executing program 0 (id=3983): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f0000000000)={0x2b, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @mcast2}}}, 0x108) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @mcast2}}}, 0x108) getsockopt$inet6_buf(r0, 0x29, 0x30, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0xf9) 3.37675394s ago: executing program 0 (id=3986): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000000)={[{@orlov}, {@errors_remount}]}, 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r0, &(0x7f00000002c0)=ANY=[], 0xc1) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000000)) 3.302597729s ago: executing program 1 (id=3987): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000200000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="1400000016000b63d25a80648c2594f907240685", 0x14}], 0x1}, 0x0) 2.96043189s ago: executing program 1 (id=3990): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x50, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x24, 0x2, [@TCA_HTB_INIT={0xfffffffffffffda0, 0x2, {0x5}}, @TCA_HTB_DIRECT_QLEN={0xfffffffffffffcf5}]}}]}, 0x50}}, 0x0) 2.817767465s ago: executing program 5 (id=3994): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xa02, 0x0) mremap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffd000/0x2000)=nil) sendmmsg(0xffffffffffffffff, &(0x7f0000003200)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000b80)="b127364465994490b4be892ad823e1770d40f33ea3c99fcde838e0519ad571974dc77d22a500ca8d045b6a3cb01d247a2dcfe0cf5a7f078f47cca7b0dd883ba5c8d1806ed86d45b14f3e05fdb88c7f39f4e2abd55eba6ea9e39cd53a063137c68d3c877b469e62466db3ff223d0829817e0af769b97c957917ef6cf947a647e5afac338b55758e99d161f576b9b981e4cccb0086f4ea0d9633dd4e17f47338e355795428bdf7f048567144c4357cb089b6aee5d853da74417a54cb93876f8ab07ba8ff2a83c69ee7095e43ce2272cb8604fda4e43c28bf717f954c58b692c5a2a4334fc75ad49ce9f842354d2e6ab19087e351152c2d83e7ba43a1d06d9fad1624ac49af4ea68a41b5b1a9e987163e5f82cb05bd0fceeff3a70f17000c631af961e57363b85a956c3b2340b91b6f77e01954083f2098473c99eb707edfe0fccfb52ddc3b983ff84553f3d5048d9cc6202d05420b32c2f303353d8d49bcb728878c93bcf2153e798c9edd94fe5aead93b75a8ea6ffccddd8c0938e5a46936b7aa1fed5f54cf015dc6b8ccf06ea27ef665b5138efd44298e2a9adaa7e72e2f36cbde407690c906fd9d6ba7664e4e01c3ae700c47e0988b15a63d4067ded5259c8da1203a913c66bee48e0c220d5d59d1c4db4a38e5985feea886213e0e5d4d49b5a085c4c054b583fc68ce588c36d56e426725186aed31651bdfebb2eadd511e83fa29fb21ccb299bcf07b72c083c7866b7ac3412a62becca0d8e571591dae123d811cb9ce0cc665003d8cd49225951ed7e66b48608447df2ecc827c2e60938b4365c5bbfd3c7bb6022be5658b83e0b6b2ef53b7b7f653e4f4b8c66c5ba1c4eb7847644aa8a57752a8c2be67666c9d2f35c880d260bbb40b62c57f2e2ed4cb812602f3ca9070c65ae1e7747596c18eb1e47a00bdbad4d790a5925f7dcef7dd24be373681666a89dbde69a0d76073ad682aad8916d54b37afe13a40e16c8086c850ebf8888d7efbd282593c63a4e6ffa61b979989f30ed2e0d5d3fb056ab3a53f80710fd58d5a27f8bf0a7c98f8c7de321580a00bb9ab614bb7d9b6e54c006eb8c3bbbb4dd561de79bb8c23afe8678ddbd432e0024efc41f41311bb0ef9300d77011479edc4f101a5d5fe1cb494cce834173a2501f6f6cc37e5958ae58a25ea38c20a3532a2352030d77001cfaa9911241226b7dbe82bbf637145cdb6d22a30f7da5f3802055d809599a562b0f372df246e434c225a76956afab7d9bf73ca8697901b3ce38abb502146850539499d4bac9b7b0a32ea28b703f4cd58f35576be5d6711563c56f9cd1ce39867640b6abefe51c37942b4295e8d101bf7ea93189b35f5be6a7c2b13c4c34ebece3e3c5759c13df8d567845b5b87dcba3fe0ccdb9da9c508f6ee58f46b9898a1c469a8e9a90bf594ff0c19b6e9519399b263c627fea91056f731d4bfa8ffb65e3f05344ec31d29d0029ce6617684b6fcf402850d031a7df56d723fb5ba25822033c96c5302d1534c4c5f8624dfaa2cf73d2a11e2159ed59cffe655ab7ac89fb3ee161b5f932c9fe822a020d49b3b0fc323ecacfcb7951f3c21d9a79ac47c53edb78e399ab09c719ea06365c429216d7f17bccda2", 0x47d}], 0x1}}], 0x1, 0x0) writev(r0, &(0x7f0000000600)=[{&(0x7f0000000940)="52e6e3716535b77364bdbc4fe823e6afa68f39fa4a64b6af8b8910be", 0xffffffe1}], 0x1) 2.759301411s ago: executing program 5 (id=3995): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x7, &(0x7f00000006c0)={0x0, 0x0, 0xac1d}) fcntl$lock(r0, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x83, 0x6}) fcntl$lock(r0, 0x25, &(0x7f00000000c0)) 2.614176371s ago: executing program 1 (id=3996): r0 = socket$netlink(0x10, 0x3, 0x0) unshare(0x20000400) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000008c0)=@newtaction={0x64, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x50, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18}, @TCA_ACT_BPF_FD={0x8, 0x5, r1}]}, {0x4}, {0xfffffffffffffece}, {0xc}}}]}]}, 0x64}}, 0x0) 2.589424773s ago: executing program 5 (id=3997): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="310300000000000000000900000008000300", @ANYRES32=r2, @ANYBLOB="08000600", @ANYRES32], 0x24}}, 0x0) 2.54872078s ago: executing program 0 (id=3999): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) ustat(0x8, &(0x7f0000000040)) 2.388273524s ago: executing program 5 (id=4001): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_type(r0, &(0x7f00000002c0), 0x2, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0) 2.333967864s ago: executing program 1 (id=4002): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) io_setup(0x8, &(0x7f0000004200)=0x0) io_submit(r1, 0x5f, &(0x7f0000000900)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f00000000c0)='P', 0x1}]) 2.218057661s ago: executing program 0 (id=4003): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x2010000, &(0x7f00000003c0)={[{@uni_xlateno}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'macgaelic'}}, {@numtail}, {@shortname_win95}, {@uni_xlate}, {@fat=@allow_utime={'allow_utime', 0x3d, 0xffff}}, {@shortname_winnt}, {@utf8}, {@fat=@check_strict}, {@fat=@quiet}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp857'}}]}, 0x0, 0x34c, &(0x7f0000001740)="$eJzs3T9oJGUUAPC3mU12EziTQji0Wu0EOS4RC21MOE44TKEni/8aFy7nn+wqZHEhFtlLo1gqNoJWdldoebVYiNhZ2HqCnIqN1x3c4cjuTHY3mcn9EbOn3u9XhJf3fW++byZDdhKSt6+uxua52Th/9eqVqNcrUV09tRrXKrEUM5FE5kIAAP8n19I0/kgzw8RTN5v90ULMZtHcVHYHAByF4ev/a8fGidrd3A0AMA2Fn//LPVuaffvItgUAHKHC6//D+4YP/Jq/OvqbAADgv+v5l15+Zm094myjUY/ovN9r9prx5Hh87Xy8Ee3YiJOxGDcisgeF7Glh8PHpM+unTzYGflmK5qCi14zo9HvN7ElhLRnW12I5FmMpr09H9cmgfnlY34iIC/3h+tGp9JqzsZCv/+NCbMRKLMb9hfqIM+unVxr5AZqdvfp+xG7U905isP8TsRjfzww/OReD2uxYg8zOcqNxKl3fV9+7WBvOAwAAAAAAAAAAAAAAAAAAAACAo3BiPvLuOY2lUf+btNPvvXc2n9Aojg/7+2TDeX+g3aw/UFrb687zQXKwP9D+/jy9ZjVm7uqZAwAAAAAAAAAAAAAAAAAAwL9Hd3suWu32xlZ3+93NcTDX7k9k3vr2i6/n4+CcN5NxJqrZ4fbNyXMxUZXEqDwdlafJvjl5kETkkyvRunhptOPJObXRWRTKB0GtMFTJ99Rqt4899POnZVV/jjNJjIbqpUtU8vUnhjr3Zamy/dw8qHS3V24x53KapoeV73xSrIp6RLXwhfsngm+uvP7AY93jj3cr1c3WV3nTh0ceXXzh8sef/7bZakd+adrtua3ujfRvr5VM3D+V/DpXSu6E8mB3nNnd6m63kh9+f/HBD787MDkpv3/Sycw7h6/15cHMXBYMtnk7ZzpbcvOXB69cH929d34xj3+22rq089OvexfzVlUT3yQ06gAAAAAAAAAAAAAAAAAAgKmY+F/xO/DEc0e3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYvvH7/08Eu4XM7QTX+1Ecqm1sdQ9dfH6qpwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD3srwAAAP//JT9zjQ==") chdir(&(0x7f0000000080)='./file1\x00') r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 2.122256877s ago: executing program 5 (id=4005): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) mkdir(&(0x7f0000000000)='./control\x00', 0x0) rmdir(&(0x7f0000000100)='./control\x00') 1.983845086s ago: executing program 5 (id=4006): r0 = io_uring_setup(0x669, &(0x7f00000002c0)) close_range(r0, 0xffffffffffffffff, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff}) vmsplice(r1, &(0x7f00000014c0)=[{&(0x7f0000000000)='|', 0xfd}], 0xf, 0x0) 1.945585173s ago: executing program 3 (id=4007): syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x1008000, &(0x7f0000000040)=ANY=[], 0x1, 0x5e7, &(0x7f0000000680)="$eJzs3cFvHFcdB/DvbBxnHaTUcZM2oEpYRaoQFsl6LZGUC1AKslCFKnHgbBEnsbJJK3uL3B4gIA4Vp/4JRcj/AOJYpBxoDxzg1LNRj0jcfdtqZmfX62TrJrab3TSfjzT73ps38/b3fjM7mVkr2gDPrNWlzNxPkdWlN7bL9u7OSmd3Z+XOoJ7kTJJG0kxSlKv/nuSz5F76S7456BgpH/LpR82bn3zw8fv9VjlWs5jpb18ctt+jGcYy34+1Kk9qvPaxxzs4w4Uki8eLD05Gb+C/Y7uP+bkEAKZZkZwat34+OVvfsJfPAf274v499lPt3qQDAAAAgCfgub3sZTvnJh0HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPE3q3/8v6qUxqC+mGPz+/2y9LnX9qXZ/0gEAAAAAAAAAwAn49l72sp1zg3avqP7m/3LVuFC9fiPvZCvr2czlbGct3XSzmeUk8yMDzW6vdbuby4+wZ3vsnu0nM18AAAAAAAAA+Jr6Y1b3//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADToEhO9YtquTCoz6cxk6SZZLbc7l7yn0H9aXZ/0gEAAADAE/DcXvaynXODdq+onvlfqJ77m3knd9PNRrrpZD3Xq+8C+k/9jd2dlc7uzsqdcnl43J/8/7HCqEZM/7uH8e98qdpiLjeyUa25nN/krXRyPY1qz9KlQTzj4/pDGVPxo9ojRna9LsuZ/6Iup8N8lZHTw4y06tjKbJw/PBOPeXQefKflNIbf/Fz4CnJ+ti7L+bw+1Tlvj5x9LxyeiWTh13++eqtz9/atG1tL0zOlI3owEysjmXjxmcpEq8rExWF7NT/Pr7KUxbyZzWzkt1lLN+tZzOtVba0+n8vX+cMz9eMDrTe/LJLZ+rj0r6KPF9PL1b7nspFf5q1cr45oK1dzNe38IK+mdeAIXxwb9+97dfder9dL4/E+9d/5bl05neRndTkdyryeH8nr6DV3vuobXbOfpYWTvzbOfKuulGfPa1N3bTz/wL8Sg0w8f3gm/lKdOFudu7c3b629/Yjv90pdlhn46TATM/Xa3qkTmdSRlOfLwjCWg2dH2ff82L7lqu/CsK/xUN/FYd+XfVJn63u4h0dqV30vju3r73dppG/c/RYAU+/s987Ozv1v7t9zH879ae7W3BvN185cO/PSbE7/8/QPZ1qnXmm8VPwtH+Z3+8//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA0W29+97ttU5nffPIlcEvER13HBUVlempTPrKBHzVrnTvvH1l6933vr9xZ+3m+s31u6+2rl1bXl6+2rpyY6OzXr9OOkoA4CTt3/RPOhIAAAAAAAAAAAAAAOCLPIn/TjzpOQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9vq0uZuZ8iy63LrbK9u7PSKZdBfX/LZpKirPwjyWfJvfSXzI8MV3zR+3z6UfPmJx98/P7+WM1q+3+1T2IWB2JpPBDTccdrj4z31yMNVwwzs5hkoS5h4j4PAAD//6LKBsA=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0x0, 0x0) getdents64(r0, 0x0, 0x0) rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00') 1.7134619s ago: executing program 4 (id=4008): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="00000000010000009d3e1cc23220"], 0x48}}, 0x0) sendmsg$can_bcm(r0, &(0x7f0000009c40)={0x0, 0x0, &(0x7f0000007100)={&(0x7f0000000400)=ANY=[@ANYBLOB='\a'], 0x48}}, 0x0) 1.712718539s ago: executing program 1 (id=4009): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) landlock_create_ruleset(&(0x7f0000000300)={0x2646, 0x1}, 0x10, 0x0) 1.661613201s ago: executing program 2 (id=4010): r0 = syz_io_uring_setup(0x6778, &(0x7f0000000000), &(0x7f0000000240), &(0x7f00000000c0)) r1 = eventfd(0x0) io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000100)=r1, 0x1) io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, 0x0, 0x1) 1.539412957s ago: executing program 3 (id=4011): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @ib_path={0x0, r1}}, 0x20) 1.538705756s ago: executing program 4 (id=4012): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000008000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000014ff5)='GPL\x00', 0x2, 0x1000, &(0x7f0000014000)=""/4096, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x14, &(0x7f0000000000), 0x1, 0x10, &(0x7f0000000000), 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) 1.420391744s ago: executing program 4 (id=4013): r0 = syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000000)={0x2, @pix={0x80000000, 0x0, 0x34324142}}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x10002, 0x2, 0x2}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000140)=0x2) 1.419871518s ago: executing program 0 (id=4014): close(0xffffffffffffffff) r0 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1}}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6}}) 1.356697781s ago: executing program 2 (id=4015): r0 = socket$kcm(0x2b, 0x1, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x4001, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x2000005c) setsockopt$sock_attach_bpf(r0, 0x1, 0xd, &(0x7f0000000080), 0x24) close(r0) 1.095152836s ago: executing program 3 (id=4016): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8}]}, 0x24}}, 0x0) 1.009235043s ago: executing program 2 (id=4017): syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x4080, &(0x7f0000000540)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000002,nostrict,uid=', @ANYRESOCT=0x0, @ANYRESDEC], 0x2, 0xc36, &(0x7f0000002540)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2SEmV9Pjb13Z19b/a9eeMZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr56+qz7PwA8Vq75/38AAAAAAAAAAAAAADjoUhTxZKSYvbKaxqr3HfXL7b7bd0aHhreudiRVNQ9V5cuf+pmz585/6YXBC9283J7+gPp77bPx2si1S42XZ27Nzk3Oz09ONEan2+MzE5M73sNu6292sjoAjVuv3564cWO+cfb5cxs+vjPwfv8TxwcuDj576plu2dGh4eGR9SL13vK1+25Ix3YzPA5HEacixXPf+2lqRUQRuz8W9Qc79psdqTpxsurE6NBw1ZGpdmt6ofzwavdAFBGNnkrN7jHaeiyi1vdA+7C9ZsRi2fyywSfL7o3MtuZa16cmG1dbcwvthfbM9NXUaW3Zn0YUcSFFLEXESv+9u+uLImqR4jvHVtP1iDjUPQ5frCYGb9+OYh/7uANlOxt9EUvFIzBmB1h/FPFqpPjZOydiPF9nqmvNFyJeLfMHEW+V+VJEKk+M8xHvbXEe8WiqRRF/WY7/xdU0UV0PuteVy19rfGX6xkxP2e515SPeH+65Ujyk+8ORTflgHPBrUz2KaFVX/NV0/7/ZAQAAAAAAAAAAAAAAAGCvHYkiPhMpXvmPP6nmFUc1L/3YxcE/HPjV3jnjT3/Ifsqyz0fEYrGzObmH88TAq+lqSg95LvHjrB5F/Gme//eth90YAAAAAAAAAAAAAAAAAACAx1oRP4kUL757Ii1F75ri7embjWut61OdVWG7a/9210xfW1tba6RONnOO5VzMuZRzOedKzihy/ZzNnGM5F3Mu5VzOuZIzDuX6OZs5x3Iu5lzKuZxzJWfUcv2czZxjORfLrK93dDlvX8kZB2TtXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAj5MiivhFpPj2N1ZTpIhoRoxFJ5f7H3brAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBSfyri+5Gi8UfNu9tqEZGqfztOlL+cj+bhMj8ZzcEyX4rmpZytKmvNbz2E9rM7famIH0eK/vrbdwc8j39f593d0yDe+ub6u8/WOnmo++HA+/1PHD92cXD4N57e7nXaqgEnL7enb99pjA4ND4/0bK7lb/9kz7aB/L3F3nSdiJh/483XW1NTk3P3/6I8BXZR/RF6kWqPS08f1ovFvTgh9+5F1A5EMx5O33kMlPf/9yLF7777n90bfuf+X49f6by7e4ePn//Z+v3/xc072uH9v7a5Xr7/l/f0re7/T/ZsezH/bqSvFlFfuDXbdzyiPv/Gm6fat1o3J29OTp8/ffrLg4NfPne673BE/UZ7arLn1Z4cLgAAAAAAAAAAAAAAAIAHJxXx+5Gi9ePV1IiIO9V8rYGLg8+eeuZQHKrmW22Yt/3ayLVLjZdnbs3OTc7PT040Rqfb4zMTkzv9uno13Wt0aHhfOvOhjuxz+4/UX56ZfWOuffOPF7b8/Gj90vX5hbnW+NYfx5EoIpq9W05WDR4dGq4aPdVuTVdVr245mf6j60tF/FekGD/fSJ/P2/L8/80z/DfM/1/cvKN9mv//iZ5t5XemVMTPI8Xv/NXT8fmqnUfjnmOWy/1dpDh54XO5XBwuy3Xb0HmuQGdmYFn2/yLFP/1iY9nufMgn18ue2fGBfUSU438sUnz/L74bv5m3bXz+w9bjf3TzjvZp/J/q2XZ0w/MKdt118vifihQvPfl2/Fbe9kHP/+g+e+NELnz3+Rz7NP6f6tk2kL/3t/em6wAAAAAAAAAAAI+0vlTE30eKHw7X0gt5207+/t/E5h3t09//+nTPtom9Wa/oQ1/s+qACAAAAwAHRl4r4SaS4ufD23TnUG+d/98z//L31+Z9DadOn1Z/z/Vr13IC9/PO/XgP5e8d2320AAAAAAAAAAAAAAAAAAAA4UFIq4oW8nvpYNZ9/Ytv11JcjxSv/81wul46X5brrwA9Uv9avzEyfujQ1NTPeWmhdn5psjMy2xifLuk9FitW//VyuW1Trq3fXm++s8b6+FvtcpBj+h27Zzlrs3bXJn1ove6Ys+4lI8d//uLFsdx3rT62XPVuW/ZtI8fV/2brs8fWy58qy340UP/p6o1v2aFm2+3zUT6+XfX58ptiHUQEAAAAAAAAAAAAAAAAAAOBx05eK+PNI8b+3lu7O5c/r//f1vK289c2e9f43uVOt8z9Qrf+/3ev7Wf+/eq7A4nbfCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH08pingzUsxeWU3L/eX7jvrl9vTtO6NDw1tXO5Kqmoeq8uVP/czZc+e/9MLghW5+cP299pl4beTapcbLM7dm5ybn5ycnGqPT7fGZickd72G39Tc7WR2Axq3Xb0/cuDHfOPv8uQ0f3xl4v/+J4wMXB5899Uy37OjQ8PBIT5la331/+z3SNtsPRxF/HSme+95P0w/7I4rY/bH4kHNnvx2pOnGy6sTo0HDVkal2a3qh/PBq90AUEY2eSs3uMXoAY7ErzYjFsvllg0+W3RuZbc21rk9NNq625hbaC+2Z6aup09qyP40o4kKKWIqIlf57d9cXRbweKb5zbDX9a3/Eoe5x+OKVka+ePrt9O4p97OMOlO1s9EUsFY/AmB1g/VHEP0eKn71zIv6tP6IWnZ/4QsSrZf4g4q3ojHcqT4zzEe9tcR7xaKpFEf9fjv/F1fROf3k96F5XLn+t8ZXpGzM9ZbvXlUf+/vAgHfBrUz2K+FF1xV9N/+6/awAAAAAAAAAAAAAAAIADpIhfjxQvvnsiVfOD784pbk/fbFxrXZ/qTOvrzv3rzpleW1tba6RONnOO5VzMuZRzOedKzihy/ZzNMutra2P5/WLOpZzLOVdyxqFcP2cz51jOxZxLOZdzruSMWq6fs5lzLOdizqWcyzlXcsYBmbsHAAAAAAAAAAAAAAAAAAB8vBTVPym+/Y3VtNbfWV96LDq5bD3Qj71fBgAA//8dq/O8") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0) renameat2(r0, &(0x7f0000000380)='./file0\x00', r0, &(0x7f0000000100)='./bus\x00', 0x0) 1.00863864s ago: executing program 0 (id=4018): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0) 950.169551ms ago: executing program 4 (id=4019): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois\x00', 0x9) listen(r0, 0x0) close(r0) 813.640299ms ago: executing program 3 (id=4020): syz_emit_ethernet(0x2a, &(0x7f0000000100)={@multicast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x2, @dev, @remote, @dev, @remote}}}}, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14) 707.524948ms ago: executing program 4 (id=4021): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r1}, 0xc) 570.88892ms ago: executing program 3 (id=4022): unshare(0x2a020400) r0 = syz_io_uring_setup(0x5c23, &(0x7f0000000240)={0x0, 0x0, 0x13290}, &(0x7f0000000440)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_RENAMEAT={0x23, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000400)='./file0/../file0\x00'}) io_uring_enter(r0, 0x1, 0x0, 0x1, 0x0, 0x1000000) 450.326474ms ago: executing program 2 (id=4023): r0 = socket$kcm(0x10, 0x2, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r1}, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e030023000b02d25a806f8c6394f95e24fc60040f030048000000053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 415.035278ms ago: executing program 4 (id=4024): syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x208004, &(0x7f0000000080)=ANY=[], 0x1, 0x6ff, &(0x7f0000001140)="$eJzs3U9v2+YZAPBHjtN6HlAM21AUQZqyaQ8JkDqS3Dowehg0mXbYyqJAykWCHYqicYagTjs0G7B4h66XbjvsI+zQ675Ev8Ru+wy97zQPpP7ETmzZS1K7CH4/IeYr8iHf56UFPqZCUQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARKO71my2GtHL+lu3kqN114p8c8byyfa+OzCZ0W9Eo/oXCwvx2mjWa798tPjV6sfluDh6djEWqslC7P701Z+9/4v5ucn6MxI6FQ8e7n72yc7O9pdnncgZ2Uj7WZlnm52NNMnKPFldWWlev7leJutZLy1vl8N0M+kWaWeYF8mV7tWktbq6nKRLt/Ot/sZap5dOZt54p91sriQfLA3STlHm/esfLJXdm1mvl/U36phqcRVzI/ntF8WH2TAZpp3NJLl7b2d7+bgkq6DWSYLaxwW1m+12q9Vut1beW33vRrM5324uxIEZzcfEgVWSZnN+8qJtjF/pJ97X+/zraVbiBzN34Fn8efZv9nkduuGZzY3rf/Qii35sxa1IDn10Yy2KyGPziOVj30X8qW5cT2f2u7/+T6r8a48WX6h+XF4YP7t0VP0/IpfTezyIh7Ebn8UnsRM7sR1fnnlGp/vYiDT6kUUZeWSxGZ16TjKek8RqrMRKNOPjuBnrUUYS65FFL9Io43aUMYy0fkV1o4g0OjGMPIpI4kp042ok0YrVWI3lSCKNpbgdeWxFPzZiLTr1Vu7GvXq/L8/IcRrUOklQe0bQpJi/NH5dzj/xB8Hs+n9jWv//UdeHB2+fQnHix+HcpDE99D63gzg8pb1J/Y+9vf/uVc46IwAAAOB5a9TvvjcuvTR9vp710t+ccVYAAADA81RfhnyxmpyvWq9Hozr/b551WgAAAMBz1IhL43cBFuONUWvySShvAgAAAMALov7//0vVZLFqvREN5/8AAADwovnro3vs78ah99gtB3MRMR8Rja8Ht95u3O9UcZ3750brnXt8i8P1C41XxhupJyvz42fd9GJjfPfL6U0wvx9P7h53r/9GUZx/1gQe3XPzzTuj6Z3pkrqXxfWsly518977reh0XpkbpreGf/j83h8jqt7/1t98pRF37+1sL336xc6dOpevq618fX98N/fG/5HL7+P1UczrL8cTI96Nxvn6gxjjfhdH/Tb3j388lsmQfnKCPr+ZxFxeHE0XD45/oeqztXTU6BcbL4/Xf6aRfzMJfuvKW6PJIVm0Z2RR74v2/v3/2L44URbx1vFZLB+XxfIzZgFwVu5Oq9DBunt+Wv+fqLtPcZQ7ner+TVwZxVy5UB9Y5y8cckRvHnpE3zv3WI19+ur2z7g6irk6CT6qxlZj/vu031bd77fVCt8e2W/Zm+yQ+7+L63MPd9+5V8duf95uL680320232vH+XoY40mV6X/UHgAOulxf/z/rO3YOjzgX8dKkdr8bb44iHp1VVzVpWvF+Pr2kYCk+jS9iJ+7EtfrTBvUVB4f2u7jvMoRrcXmc7OFnrYv7vuHl2jFndaPYyd8uJ4kdfb0MALxILh9Th6f1f/JdfJOIuoSO6v+1fefdC4ecdx+s5bPPjvfXcgDgh5EW3zcWh39pFEU2+Li1utrqDG+mSZF3P0yKbG0jTbL+MC26Nzv9jTQZFPkw7+a9qvFRtpaWSbk1GOTFMFnPi2SQl9mtX0XWS5PxV7+X6WanP8y65aCXdso06eb9Yac7TNayspsMtn7dy8qv9vb2qpXLQdrN1rNuZ5jl/aTMt4puupQkZZqOA2+mRZKtpf1htp5VzX4yKLKXo7idfJT3tjbTZC0tu0U2GOZFnc2kr6y/nheb9WaXznpnA8CPxIOHu599srOz/eXhjYU4clHd+Pfs1UeNsx4jAHDQrCr9xNVnAAAAAAAAAAAAAADAmTjm839P32g8NmcuIn6ovl64xt5Xp9LX5AMefjtPNr7dNyf5EeRz6o0zPjABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwCH+FwAA//96oU/f") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x62c00) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 250.312547ms ago: executing program 3 (id=4025): r0 = timerfd_create(0x0, 0x0) readv(r0, &(0x7f0000000640)=[{&(0x7f0000000140)=""/168, 0xa8}], 0x1) timerfd_settime(r0, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0) clock_adjtime(0x0, &(0x7f0000000040)={0xd54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}) 227.961591ms ago: executing program 1 (id=4026): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ff, @void, @value}, 0x90) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="18000089be8c2e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) ioctl$SIOCSIFHWADDR(r0, 0x89f1, &(0x7f0000000080)={'ip6_vti0\x00', @random="0600002000"}) 0s ago: executing program 2 (id=4027): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000800)=@newqdisc={0x9c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x6c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4]}}, @TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x1}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0xc, 0x0, 0x1, [{0xff28, 0x4}]}]}}]}, 0x9c}}, 0x0) kernel console output (not intermixed with test programs): escriptor?? [ 542.902791][T13113] loop4: detected capacity change from 0 to 32768 [ 542.922290][ T5286] cp210x 2-1:0.0: cp210x converter detected [ 542.986869][T13113] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 543.255010][T13135] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2910'. [ 543.294315][T13107] loop5: detected capacity change from 0 to 32768 [ 543.339328][T13113] XFS (loop4): Ending clean mount [ 543.384470][T13137] loop3: detected capacity change from 0 to 4096 [ 543.403597][T13113] XFS (loop4): Quotacheck needed: Please wait. [ 543.518694][T13137] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 543.564120][T13107] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 543.614630][ T5286] cp210x 2-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 543.622672][T13113] XFS (loop4): Quotacheck: Done. [ 543.628444][ T5286] cp210x 2-1:0.0: GPIO initialisation failed: -71 [ 543.652376][ T5286] usb 2-1: cp210x converter now attached to ttyUSB0 [ 543.660724][ T5286] usb 2-1: USB disconnect, device number 22 [ 543.686289][ T5286] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 543.721343][ T29] audit: type=1800 audit(1726860620.722:135): pid=13137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2911" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 543.783879][ T5286] cp210x 2-1:0.0: device disconnected [ 543.825482][T13156] loop2: detected capacity change from 0 to 256 [ 543.842684][T11503] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 543.873880][ T9899] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 543.879810][T13156] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d) [ 543.996743][T13107] XFS (loop5): Ending clean mount [ 544.006564][T13156] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 544.101745][T13107] XFS (loop5): Quotacheck needed: Please wait. [ 544.202707][T11854] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000006) [ 544.231922][T13107] XFS (loop5): Quotacheck: Done. [ 544.291784][T11854] exFAT-fs (loop2): Filesystem has been set read-only [ 544.332055][T11854] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000006) [ 544.449648][T13160] loop1: detected capacity change from 0 to 1024 [ 544.693424][ T8375] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 544.719673][T13160] Process accounting resumed [ 545.121581][ T5285] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 545.311778][ T5285] usb 3-1: Using ep0 maxpacket: 32 [ 545.327087][ T5285] usb 3-1: config 0 has an invalid interface number: 126 but max is 0 [ 545.341294][ T5285] usb 3-1: config 0 has no interface number 0 [ 545.371857][ T5285] usb 3-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023 [ 545.412329][T13180] loop1: detected capacity change from 0 to 2048 [ 545.424570][ T5285] usb 3-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8 [ 545.459314][ T5285] usb 3-1: config 0 interface 126 has no altsetting 0 [ 545.475081][ T5285] usb 3-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c [ 545.493504][ T5285] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 545.525261][ T5285] usb 3-1: Product: syz [ 545.539810][ T5285] usb 3-1: Manufacturer: syz [ 545.564172][T13180] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 545.589404][ T5285] usb 3-1: SerialNumber: syz [ 545.620871][T13191] sch_fq: defrate 0 ignored. [ 545.655111][ T5285] usb 3-1: config 0 descriptor?? [ 545.666894][T13175] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 545.687505][T13175] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 545.982602][ T8367] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 546.248594][ T5285] ir_usb 3-1:0.126: IR Dongle converter detected [ 546.462283][ T5285] usb 3-1: IRDA class descriptor not found, device not bound [ 546.506631][T13201] syz.4.2935 (13201): drop_caches: 2 [ 546.550087][T13201] syz.4.2935 (13201): drop_caches: 2 [ 546.576745][T13205] syz.4.2935 (13205): drop_caches: 2 [ 546.666574][ T5285] usb 3-1: USB disconnect, device number 19 [ 546.851409][ T5286] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 546.927431][T13217] netlink: 'syz.0.2940': attribute type 29 has an invalid length. [ 546.959137][T13217] netlink: 'syz.0.2940': attribute type 29 has an invalid length. [ 546.989361][T13217] netlink: 'syz.0.2940': attribute type 29 has an invalid length. [ 547.041724][ T5286] usb 2-1: too many configurations: 9, using maximum allowed: 8 [ 547.058934][T13197] loop3: detected capacity change from 0 to 32768 [ 547.083024][ T5286] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 547.098668][ T5286] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 547.129799][ T5286] usb 2-1: config 0 interface 0 has no altsetting 0 [ 547.162844][ T5286] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 547.188056][ T5286] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 547.266446][ T5286] usb 2-1: config 0 interface 0 has no altsetting 0 [ 547.298082][ T5286] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 547.323779][T13197] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,compression=zstd,norecovery,recovery_pass_last=check_dirents,nojournal_transaction_names,version_upgrade=none [ 547.334461][ T5286] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 547.347040][T13197] bcachefs (loop3): recovering from clean shutdown, journal seq 7 [ 547.432856][T13197] invalid bkey u64s 11 type alloc_v4 0:14:0 len 0 ver 0: [ 547.433058][T13197] gen 0 oldest_gen 0 data_type journal [ 547.433099][T13197] journal_seq 1 [ 547.433113][T13197] need_discard 1 [ 547.433127][T13197] need_inc_gen 1 [ 547.433166][T13197] dirty_sectors 256 [ 547.433180][T13197] stripe_sectors 0 [ 547.433194][T13197] cached_sectors 0 [ 547.433232][T13197] stripe 67108864 [ 547.433247][T13197] stripe_redundancy 0 [ 547.433285][T13197] io_time[READ] 1 [ 547.433299][T13197] io_time[WRITE] 1 [ 547.433312][T13197] fragmentation 0 [ 547.433349][T13197] bp_start 8 [ 547.433362][T13197] [ 547.433374][T13197] invalid data type (got 2 should be 7): delete?, fixing [ 547.434415][ T5286] usb 2-1: config 0 interface 0 has no altsetting 0 [ 547.558101][T13197] bcachefs (loop3): accounting_read... done [ 547.583573][T13197] bcachefs (loop3): alloc_read... done [ 547.604373][T13197] bcachefs (loop3): stripes_read... done [ 547.610727][T13197] bcachefs (loop3): snapshots_read... [ 547.633523][T13240] loop4: detected capacity change from 0 to 512 [ 547.656713][ T5286] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 547.669164][ T5286] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 547.675205][T13197] done [ 547.681857][T13240] EXT4-fs: Ignoring removed i_version option [ 547.703496][ T5286] usb 2-1: config 0 interface 0 has no altsetting 0 [ 547.715336][T13240] EXT4-fs (loop4): 1 truncate cleaned up [ 547.721404][ T5286] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 547.732214][T13240] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 547.755127][ T5286] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 547.755169][ T5286] usb 2-1: config 0 interface 0 has no altsetting 0 [ 547.762795][ T5286] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 547.762850][ T5286] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 547.762887][ T5286] usb 2-1: config 0 interface 0 has no altsetting 0 [ 547.764833][T13197] bcachefs (loop3): going read-write [ 547.766121][ T5286] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 547.766165][ T5286] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 547.766201][ T5286] usb 2-1: config 0 interface 0 has no altsetting 0 [ 547.775574][ T5286] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 547.775623][ T5286] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 547.775662][ T5286] usb 2-1: config 0 interface 0 has no altsetting 0 [ 547.780067][ T5286] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 547.780104][ T5286] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 547.780134][ T5286] usb 2-1: Product: syz [ 547.780155][ T5286] usb 2-1: Manufacturer: syz [ 547.780177][ T5286] usb 2-1: SerialNumber: syz [ 547.782262][ T5286] usb 2-1: config 0 descriptor?? [ 547.789918][ T5286] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0 [ 547.848917][T13197] bcachefs (loop3): Fixed errors, running fsck a second time to verify fs is clean [ 548.013473][T13241] loop0: detected capacity change from 0 to 4096 [ 548.057802][T13197] bcachefs (loop3): done starting filesystem [ 548.247772][ T9899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 548.274906][T13197] syz.3.2932 (13197) used greatest stack depth: 14424 bytes left [ 548.289215][ T5235] usb 2-1: USB disconnect, device number 23 [ 548.298900][ T5235] yurex 2-1:0.0: USB YUREX #0 now disconnected [ 548.613800][T13266] loop0: detected capacity change from 0 to 64 [ 548.624498][T13266] hfs: gid requires an argument [ 548.629986][T13266] hfs: unable to parse mount options [ 548.653041][T13266] loop0: detected capacity change from 0 to 128 [ 548.672540][T13266] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 548.701510][ T5288] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 548.713028][T13266] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 548.875367][ T5288] usb 6-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 548.891333][ T5288] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 548.923456][ T5288] usb 6-1: config 0 descriptor?? [ 548.942777][ T5288] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 549.220445][ T29] audit: type=1326 audit(1726860626.252:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13276 comm="syz.0.2961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f894277def9 code=0x7ffc0000 [ 549.314415][ T29] audit: type=1326 audit(1726860626.252:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13276 comm="syz.0.2961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f894277def9 code=0x7ffc0000 [ 549.351775][T13280] loop4: detected capacity change from 0 to 128 [ 549.394363][T13280] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 549.411297][ T29] audit: type=1326 audit(1726860626.302:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13276 comm="syz.0.2961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f894277def9 code=0x7ffc0000 [ 549.501392][ T29] audit: type=1326 audit(1726860626.302:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13276 comm="syz.0.2961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f894277def9 code=0x7ffc0000 [ 549.584590][ T29] audit: type=1326 audit(1726860626.302:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13276 comm="syz.0.2961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f894277def9 code=0x7ffc0000 [ 549.614978][ T9899] sysv_free_block: trying to free block not in datazone [ 549.668167][ T29] audit: type=1326 audit(1726860626.302:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13276 comm="syz.0.2961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f894277def9 code=0x7ffc0000 [ 549.701421][ T9899] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 549.782523][ T29] audit: type=1326 audit(1726860626.312:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13276 comm="syz.0.2961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8942774ea7 code=0x7ffc0000 [ 549.841033][ T29] audit: type=1326 audit(1726860626.312:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13276 comm="syz.0.2961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8942719879 code=0x7ffc0000 [ 549.866100][ T29] audit: type=1326 audit(1726860626.312:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13276 comm="syz.0.2961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8942774ea7 code=0x7ffc0000 [ 549.892020][ T29] audit: type=1326 audit(1726860626.312:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13276 comm="syz.0.2961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8942719879 code=0x7ffc0000 [ 549.930811][T13286] syz.2.2968 (13286): drop_caches: 2 [ 549.934435][ T5288] usb 6-1: USB disconnect, device number 21 [ 549.984619][T13286] syz.2.2968 (13286): drop_caches: 2 [ 550.018974][T13286] syz.2.2968 (13286): drop_caches: 2 [ 550.181616][ T5286] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 550.364798][ T5286] usb 1-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5 [ 550.367332][T13277] loop1: detected capacity change from 0 to 40427 [ 550.381300][ T5286] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 550.381339][ T5286] usb 1-1: Product: syz [ 550.381361][ T5286] usb 1-1: Manufacturer: syz [ 550.381382][ T5286] usb 1-1: SerialNumber: syz [ 550.407460][ T5286] usb 1-1: config 0 descriptor?? [ 550.426066][T13277] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 550.446179][T13277] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 550.446370][ T5286] gspca_main: sq905c-2.14.0 probing 2770:9052 [ 550.484001][T13277] F2FS-fs (loop1): Found nat_bits in checkpoint [ 550.695625][T13277] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 550.710490][T13303] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 550.739587][T13277] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 550.831560][T13277] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 550.986651][T13294] loop4: detected capacity change from 0 to 32768 [ 551.039517][T13277] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 551.097410][T13312] loop5: detected capacity change from 0 to 764 [ 551.102451][T13294] XFS (loop4): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 551.197354][T13294] XFS (loop4): Ending clean mount [ 551.282965][T13322] tap0: tun_chr_ioctl cmd 1074812118 [ 551.376084][ T5285] usb 1-1: USB disconnect, device number 24 [ 551.466358][ T9899] XFS (loop4): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 552.224566][T13335] loop4: detected capacity change from 0 to 128 [ 552.242818][T13324] loop2: detected capacity change from 0 to 32768 [ 552.251103][T13324] XFS: attr2 mount option is deprecated. [ 552.286439][T13334] loop1: detected capacity change from 0 to 2048 [ 552.307093][T13334] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 552.336630][T13335] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 552.373609][T13324] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 552.505679][T13324] XFS (loop2): Ending clean mount [ 552.515941][T13324] XFS (loop2): Quotacheck needed: Please wait. [ 552.659989][T13324] XFS (loop2): Quotacheck: Done. [ 552.846213][T11854] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 552.851510][ T5288] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 552.953448][ T8] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 553.131533][ T8] usb 1-1: Using ep0 maxpacket: 16 [ 553.141639][ T5288] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 553.153672][ T5288] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 553.165155][ T8] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD3, changing to 0x83 [ 553.178513][ T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 553.190657][ T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 553.201516][ T8] usb 1-1: New USB device found, idVendor=0458, idProduct=5005, bcdDevice= 0.00 [ 553.211589][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 553.226042][ T5288] usb 2-1: config 0 descriptor?? [ 553.233766][ T8] usb 1-1: config 0 descriptor?? [ 553.247397][ T5288] cp210x 2-1:0.0: cp210x converter detected [ 553.682896][T13353] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 553.694990][ T5288] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 553.718470][ T5288] usb 2-1: cp210x converter now attached to ttyUSB0 [ 553.736846][T13353] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 553.785377][ T8] input: HID 0458:5005 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5005.0036/input/input38 [ 553.947577][ T5285] usb 2-1: USB disconnect, device number 24 [ 553.983707][ T8] input: HID 0458:5005 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5005.0036/input/input39 [ 553.996146][ T5285] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 554.065126][ T5285] cp210x 2-1:0.0: device disconnected [ 554.120847][ T8] kye 0003:0458:5005.0036: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5005] on usb-dummy_hcd.0-1/input0 [ 554.184567][T13370] loop5: detected capacity change from 0 to 32768 [ 554.190773][ T8] usb 1-1: USB disconnect, device number 25 [ 554.231932][T13370] JBD2: Ignoring recovery information on journal [ 554.344156][T13364] loop2: detected capacity change from 0 to 32768 [ 554.365245][T13370] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 554.456018][ T8375] ocfs2: Unmounting device (7,5) on (node local) [ 554.461985][T13364] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 554.730060][T13364] XFS (loop2): Ending clean mount [ 554.757203][T13364] XFS (loop2): Quotacheck needed: Please wait. [ 555.000147][T13364] XFS (loop2): Quotacheck: Done. [ 555.131815][T11854] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 555.167612][T13381] loop4: detected capacity change from 0 to 32768 [ 555.241252][T13381] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3000 (13381) [ 555.311830][T13381] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 555.343846][T13381] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 555.401503][T13381] BTRFS info (device loop4): using free-space-tree [ 555.894532][T13412] loop1: detected capacity change from 0 to 32768 [ 555.963161][T13425] loop2: detected capacity change from 0 to 4096 [ 556.005815][T13427] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 556.353616][T13417] loop5: detected capacity change from 0 to 40427 [ 556.813734][T13417] F2FS-fs (loop5): Found nat_bits in checkpoint [ 557.075397][ T9899] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 557.087123][T13417] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 557.397205][T13470] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3030'. [ 557.432192][T13470] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3030'. [ 557.580613][T13474] overlayfs: failed to clone upperpath [ 557.677094][T13476] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3034'. [ 557.937526][T13484] loop1: detected capacity change from 0 to 256 [ 558.104025][T13484] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 558.278884][T13472] loop2: detected capacity change from 0 to 40427 [ 558.301396][T13472] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 558.323543][T13492] loop4: detected capacity change from 0 to 764 [ 558.340338][T13472] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 558.401913][T13489] loop0: detected capacity change from 0 to 4096 [ 558.564737][T13472] F2FS-fs (loop2): Found nat_bits in checkpoint [ 558.804633][T13472] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 558.827424][T13472] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 559.282654][ T5225] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 559.299775][ T5225] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 559.309148][ T5225] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 559.486899][T13520] loop4: detected capacity change from 0 to 512 [ 559.526276][T13520] EXT4-fs error (device loop4): __ext4_iget:4982: inode #15: block 1803188595: comm syz.4.3049: invalid block [ 559.571433][ T5225] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 559.589041][T13520] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.3049: couldn't read orphan inode 15 (err -117) [ 559.620426][T13520] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 559.642916][ T5225] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 559.661353][ T5225] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 559.726922][T13520] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.3049: invalid indirect mapped block 234881024 (level 0) [ 559.983563][ T9899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 560.352711][T13517] chnl_net:caif_netlink_parms(): no params data found [ 560.491410][ T79] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 560.499594][T13547] ieee802154 phy0 wpan0: encryption failed: -90 [ 560.643841][T13553] loop4: detected capacity change from 0 to 64 [ 560.665208][ T79] usb 2-1: Using ep0 maxpacket: 32 [ 560.683893][ T79] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 560.702423][ T79] usb 2-1: config 0 has no interface number 0 [ 560.707995][T13553] hfs: bad catalog folder thread [ 560.708671][ T79] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 560.725219][ T79] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 560.735488][ T79] usb 2-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 560.754248][ T79] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 560.764528][ T79] usb 2-1: config 0 descriptor?? [ 560.845815][T13517] bridge0: port 1(bridge_slave_0) entered blocking state [ 560.854008][T13517] bridge0: port 1(bridge_slave_0) entered disabled state [ 560.862812][T13517] bridge_slave_0: entered allmulticast mode [ 560.871328][T13517] bridge_slave_0: entered promiscuous mode [ 560.959429][T13517] bridge0: port 2(bridge_slave_1) entered blocking state [ 560.967465][T13517] bridge0: port 2(bridge_slave_1) entered disabled state [ 560.991640][T13517] bridge_slave_1: entered allmulticast mode [ 561.010856][T13517] bridge_slave_1: entered promiscuous mode [ 561.191282][ T29] kauditd_printk_skb: 12 callbacks suppressed [ 561.191332][ T29] audit: type=1326 audit(1726860638.192:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13563 comm="syz.0.3063" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f894277def9 code=0x0 [ 561.231373][ T29] audit: type=1326 audit(1726860638.192:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13563 comm="syz.0.3063" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f894277def9 code=0x0 [ 561.269872][T13568] binder: 13567:13568 ioctl 400c620e 20000380 returned -22 [ 561.445419][T13517] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 561.556046][T13517] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 561.882613][ T5225] Bluetooth: hci3: command tx timeout [ 562.019203][T13578] loop2: detected capacity change from 0 to 4096 [ 562.040615][T13517] team0: Port device team_slave_0 added [ 562.054838][T13517] team0: Port device team_slave_1 added [ 562.078835][T13578] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 562.162842][T13517] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 562.198442][T13517] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 562.244715][T13517] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 562.289061][T13517] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 562.314309][T13517] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 562.391827][T13563] coredump: 789(syz.0.3063): written to core: VMAs: 34, size 99516416; core: 62124998 bytes, pos 99524608 [ 562.406967][T13517] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 562.425798][ T1262] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.856987][T13517] hsr_slave_0: entered promiscuous mode [ 562.865778][ T79] uclogic 0003:28BD:0094.0037: pen parameters not found [ 562.873050][ T79] uclogic 0003:28BD:0094.0037: interface is invalid, ignoring [ 562.883880][ T79] usb 2-1: USB disconnect, device number 25 [ 562.934684][T13517] hsr_slave_1: entered promiscuous mode [ 562.943376][T13578] ntfs3: loop2: failed to convert "c46c" to macturkish [ 562.962461][T13517] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 562.970845][T13517] Cannot create hsr debugfs directory [ 563.025861][T13584] IPVS: Error connecting to the multicast addr [ 563.060436][T13588] syz.1.3072 (13588): drop_caches: 2 [ 563.063726][T13586] syz.1.3072 (13586): drop_caches: 2 [ 563.244323][T13586] syz.1.3072 (13586): drop_caches: 2 [ 563.342429][T13593] loop0: detected capacity change from 0 to 512 [ 563.366296][T13595] loop5: detected capacity change from 0 to 512 [ 563.407909][T13595] EXT4-fs: Ignoring removed mblk_io_submit option [ 563.481122][T13595] EXT4-fs (loop5): invalid inodes per group: 8 [ 563.481122][T13595] [ 563.492629][T13593] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.3076: bad orphan inode 4 [ 563.542119][T13593] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 563.604888][T13581] loop4: detected capacity change from 0 to 32768 [ 563.653083][T13517] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 563.685200][T13599] netlink: 2 bytes leftover after parsing attributes in process `syz.1.3078'. [ 563.789986][T13581] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 563.913052][T13581] XFS (loop4): Ending clean mount [ 563.920971][T13581] XFS (loop4): Quotacheck needed: Please wait. [ 563.989131][ T5225] Bluetooth: hci3: command tx timeout [ 564.003862][ T8365] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 564.115117][T13517] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 564.150509][T13581] XFS (loop4): Quotacheck: Done. [ 564.238157][T13625] loop5: detected capacity change from 0 to 2048 [ 564.339627][T13625] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 564.498035][ T9899] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 564.539215][ T8375] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 564.600687][T13517] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 564.784157][T13517] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 564.833900][T13642] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3095'. [ 564.896302][T13646] loop1: detected capacity change from 0 to 8 [ 565.169454][T13517] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 565.230676][T13517] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 565.254079][T13517] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 565.274764][T13517] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 565.579027][T13517] 8021q: adding VLAN 0 to HW filter on device bond0 [ 565.820733][T13517] 8021q: adding VLAN 0 to HW filter on device team0 [ 565.896232][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 565.903395][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 566.021457][ T5225] Bluetooth: hci3: command tx timeout [ 566.108475][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 566.115665][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 566.320843][T13517] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 566.332561][T13517] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 566.746923][T13682] loop1: detected capacity change from 0 to 4096 [ 566.861461][ T29] audit: type=1326 audit(1726860643.892:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13694 comm="syz.0.3117" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f894277def9 code=0x0 [ 566.914296][T13517] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 567.216872][T13696] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 567.226561][T13517] veth0_vlan: entered promiscuous mode [ 567.287959][T13517] veth1_vlan: entered promiscuous mode [ 567.401667][T13704] netlink: 'syz.5.3120': attribute type 12 has an invalid length. [ 567.410832][T13704] netlink: 'syz.5.3120': attribute type 10 has an invalid length. [ 567.532501][T13688] loop4: detected capacity change from 0 to 32768 [ 567.579459][T13517] veth0_macvtap: entered promiscuous mode [ 567.619470][T13517] veth1_macvtap: entered promiscuous mode [ 567.663533][T13711] loop2: detected capacity change from 0 to 256 [ 567.693417][T13711] exfat: Deprecated parameter 'utf8' [ 567.699404][T13711] exfat: Deprecated parameter 'namecase' [ 567.708698][T13517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 567.723519][T13517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 567.734658][T13517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 567.756436][T13688] XFS (loop4): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 567.768036][T13711] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x818efa41, utbl_chksum : 0xe619d30d) [ 567.904438][T13688] XFS (loop4): Ending clean mount [ 568.101460][ T5225] Bluetooth: hci3: command tx timeout [ 568.170866][T13517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 568.182380][T13517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 568.194071][T13517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 568.205058][T13517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 568.216608][T13517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 568.228126][T13517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 568.239757][T13517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 568.250693][T13517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 568.262759][T13517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 568.276362][T13517] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 568.299242][T13723] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3124'. [ 568.333133][ T9899] XFS (loop4): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 568.380655][T13517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 568.392822][T13517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 568.403795][T13517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 568.415518][T13517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 568.426588][T13517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 568.439292][T13517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 568.450224][T13517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 568.461848][T13517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 568.475015][T13517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 568.486626][T13517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 568.497520][T13517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 568.509237][T13517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 568.524218][T13517] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 568.537861][T13517] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 568.547585][T13517] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 568.557477][T13517] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 568.567034][T13517] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 568.778450][T13730] loop5: detected capacity change from 0 to 256 [ 568.833555][T13728] loop0: detected capacity change from 0 to 512 [ 568.843466][T13728] EXT4-fs: Ignoring removed mblk_io_submit option [ 568.845854][T13730] exfat: Deprecated parameter 'utf8' [ 568.887649][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 568.895854][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 568.930325][ T4517] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 568.939242][ T4517] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 568.985996][T13730] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xfa3b3837, utbl_chksum : 0xe619d30d) [ 569.011752][T13728] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 569.084429][T13728] EXT4-fs (loop0): 1 truncate cleaned up [ 569.091304][T13728] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 569.279641][ T8365] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 569.371792][T13747] delete_channel: no stack [ 569.620818][T13755] netlink: 'syz.0.3134': attribute type 10 has an invalid length. [ 571.181477][ T5286] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 571.351455][ T932] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 571.353230][ T5286] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 571.387633][ T5286] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 571.421343][ T5286] usb 1-1: New USB device found, idVendor=0403, idProduct=97c1, bcdDevice= 0.00 [ 571.445193][ T5286] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 571.472164][ T5286] usb 1-1: config 0 descriptor?? [ 571.514671][T13806] netlink: 'syz.1.3159': attribute type 42 has an invalid length. [ 571.551325][ T932] usb 6-1: Using ep0 maxpacket: 8 [ 571.596048][T13788] loop2: detected capacity change from 0 to 32768 [ 571.639622][ T932] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 571.651034][ T932] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x49, changing to 0x9 [ 571.664057][ T932] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 571.675090][ T932] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x9 has invalid maxpacket 0 [ 571.686157][ T932] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 571.713357][ T932] usb 6-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=e2.d0 [ 571.731553][ T932] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 571.732727][ T29] audit: type=1800 audit(1726860648.772:161): pid=13788 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3152" name="bus" dev="loop2" ino=7 res=0 errno=0 [ 571.740409][ T932] usb 6-1: Product: syz [ 571.806880][ T932] usb 6-1: Manufacturer: syz [ 571.841395][ T932] usb 6-1: SerialNumber: syz [ 571.860781][ T932] usb 6-1: config 0 descriptor?? [ 571.898624][ T5286] hid-retrode 0003:0403:97C1.0038: unbalanced collection at end of report description [ 571.935359][ T5286] hid-retrode 0003:0403:97C1.0038: probe with driver hid-retrode failed with error -22 [ 572.149360][ T932] usb 6-1: probing VID:PID(0424:012C) [ 572.154742][ T79] usb 1-1: USB disconnect, device number 26 [ 572.168275][ T932] usb 6-1: vub300 testing BULK OUT EndPoint(0) 09 [ 572.197245][ T932] usb 6-1: Could not find two sets of bulk-in/out endpoint pairs [ 572.273137][ T932] vub300 6-1:0.0: probe with driver vub300 failed with error -22 [ 572.295223][ T932] usb 6-1: USB disconnect, device number 22 [ 572.591454][ T8] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 572.751497][ T8] usb 4-1: Using ep0 maxpacket: 16 [ 572.763995][ T8] usb 4-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 572.774452][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 572.783607][ T8] usb 4-1: Product: syz [ 572.788573][ T8] usb 4-1: Manufacturer: syz [ 572.793900][ T8] usb 4-1: SerialNumber: syz [ 572.810796][ T8] usb 4-1: config 0 descriptor?? [ 572.838726][ T8] visor 4-1:0.0: Sony Clie 3.5 converter detected [ 573.051786][ T8] usb 4-1: clie_3_5_startup: get config number failed: -71 [ 573.070482][ T8] visor 4-1:0.0: probe with driver visor failed with error -71 [ 573.101696][T13839] vlan4: entered allmulticast mode [ 573.106858][T13839] gretap0: entered allmulticast mode [ 573.107275][ T8] usb 4-1: USB disconnect, device number 22 [ 573.136451][T13841] loop0: detected capacity change from 0 to 256 [ 573.151514][T13839] gretap0: left allmulticast mode [ 573.260989][T13841] FAT-fs (loop0): Directory bread(block 64) failed [ 573.282862][T13841] FAT-fs (loop0): Directory bread(block 65) failed [ 573.304297][T13841] FAT-fs (loop0): Directory bread(block 66) failed [ 573.348139][T13841] FAT-fs (loop0): Directory bread(block 67) failed [ 573.365826][T13841] FAT-fs (loop0): Directory bread(block 68) failed [ 573.384365][T13841] FAT-fs (loop0): Directory bread(block 69) failed [ 573.402857][T13841] FAT-fs (loop0): Directory bread(block 70) failed [ 573.420274][T13841] FAT-fs (loop0): Directory bread(block 71) failed [ 573.437206][T13841] FAT-fs (loop0): Directory bread(block 72) failed [ 573.460587][T13841] FAT-fs (loop0): Directory bread(block 73) failed [ 573.974287][T13849] loop1: detected capacity change from 0 to 4096 [ 573.987646][T13857] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3183'. [ 574.031415][T13859] loop5: detected capacity change from 0 to 512 [ 574.041441][T13859] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 574.070461][T13859] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.3185: iget: bad extra_isize 7 (inode size 256) [ 574.090795][T13859] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.3185: couldn't read orphan inode 15 (err -117) [ 574.210203][T13859] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 574.435960][ T8375] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 575.017797][T13898] loop5: detected capacity change from 0 to 512 [ 575.072703][T13898] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 575.109961][T13902] netlink: 'syz.0.3200': attribute type 8 has an invalid length. [ 575.192645][T13896] loop2: detected capacity change from 0 to 4096 [ 575.246321][T13898] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 575.314878][T13898] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm syz.5.3199: bg 0: block 18: invalid block bitmap [ 575.471453][T13898] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 575.511671][T13898] EXT4-fs (loop5): 1 truncate cleaned up [ 575.537946][T13898] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 575.572074][T13898] ext2 filesystem being mounted at /342/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 575.714161][T13898] EXT4-fs error (device loop5): ext4_map_blocks:609: inode #2: block 3: comm syz.5.3199: lblock 0 mapped to illegal pblock 3 (length 1) [ 576.018729][ T8375] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 576.236962][T13941] netlink: 'syz.4.3218': attribute type 1 has an invalid length. [ 576.275646][T13941] netlink: 9344 bytes leftover after parsing attributes in process `syz.4.3218'. [ 576.319363][T13941] netlink: 'syz.4.3218': attribute type 1 has an invalid length. [ 576.331671][T13941] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3218'. [ 576.885965][T13962] tipc: Failed to obtain node identity [ 576.904384][T13962] tipc: Enabling of bearer rejected, failed to enable media [ 577.205472][T13973] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3231'. [ 577.567662][T13950] loop1: detected capacity change from 0 to 32768 [ 577.625075][ T29] audit: type=1800 audit(1726860654.652:162): pid=13950 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3220" name="bus" dev="loop1" ino=7 res=0 errno=0 [ 577.855442][T13965] loop5: detected capacity change from 0 to 32768 [ 577.868948][T13965] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3228 (13965) [ 578.128599][T13967] loop4: detected capacity change from 0 to 32768 [ 578.152065][T13967] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3229 (13967) [ 578.179067][T13965] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 578.222658][T13965] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 578.231150][T13965] BTRFS info (device loop5): using free-space-tree [ 578.302469][T13985] loop1: detected capacity change from 0 to 2048 [ 578.426220][T13971] loop0: detected capacity change from 0 to 40427 [ 578.434387][T13252] Allocator stuck? Waited for 30 seconds [ 578.434406][T13252] Allocator debug: [ 578.434443][T13252] capacity1536 [ 578.434455][T13252] reserved 31232 [ 578.434468][T13252] hidden 0 [ 578.434504][T13252] btree 0 [ 578.434517][T13252] data 0 [ 578.434530][T13252] cached 0 [ 578.434567][T13252] reserved 0 [ 578.434580][T13252] online_reserved 128 [ 578.434593][T13252] nr_inodes 0 [ 578.434628][T13252] [ 578.434640][T13252] freelist_wait waiting [ 578.434653][T13252] open buckets allocated1 [ 578.434667][T13252] open buckets total 1024 [ 578.434704][T13252] open_buckets_wait empty [ 578.434717][T13252] open_buckets_btree 0 [ 578.434730][T13252] open_buckets_user 0 [ 578.434767][T13252] btree reserve cache 0 [ 578.434780][T13252] [ 578.434791][T13252] Dev 0: [ 578.434824][T13252] buckets sectors fragmented [ 578.434840][T13252] free 0 0 0 [ 578.434856][T13252] sb 0 0 0 [ 578.434896][T13252] journal 0 0 0 [ 578.434911][T13252] btree 0 0 0 [ 578.434927][T13252] user 0 0 0 [ 578.434972][T13252] cached 0 0 0 [ 578.434988][T13252] parity 0 0 0 [ 578.435029][T13252] stripe 0 0 0 [ 578.435046][T13252] need_gc_gens 0 0 0 [ 578.435062][T13252] need_discard 0 0 0 [ 578.435104][T13252] unstriped 0 0 0 [ 578.435120][T13252] capacity 128 [ 578.435159][T13252] [ 578.435171][T13252] reserves: [ 578.435183][T13252] stripe 60 [ 578.435223][T13252] normal 58 [ 578.435235][T13252] copygc 56 [ 578.435247][T13252] btree 28 [ 578.435258][T13252] btree_copygc 0 [ 578.435297][T13252] reclaim 0 [ 578.435311][T13252] interior_updates 0 [ 578.435324][T13252] [ 578.435360][T13252] open buckets 0 [ 578.435373][T13252] buckets to invalidate 0 [ 578.435386][T13252] [ 578.435424][T13252] Copygc debug: [ 578.435436][T13252] running: 1 [ 578.435449][T13252] copygc_wait:0 [ 578.437189][T13967] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 578.437272][T13967] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 578.437310][T13967] BTRFS info (device loop4): using free-space-tree [ 578.439515][T13252] copygc_wait_at:0 [ 578.439574][T13252] Currently waiting for:0 B [ 578.439628][T13252] Currently waiting since:708 KiB [ 578.439642][T13252] Currently calculated wait:0 B [ 578.439683][T13252] [ 578.439695][T13252] Journal debug: [ 578.439708][T13252] flags: running,may_skip_flush [ 578.439750][T13252] dirty journal entries: 0/32768 [ 578.439764][T13252] seq: 8 [ 578.439778][T13252] seq_ondisk: 8 [ 578.439819][T13252] last_seq: 9 [ 578.439833][T13252] last_seq_ondisk: 8 [ 578.439846][T13252] flushed_seq_ondisk: 8 [ 578.439886][T13252] watermark: stripe [ 578.439899][T13252] each entry reserved: 321 [ 578.439912][T13252] nr flush writes: 1 [ 578.439959][T13252] nr noflush writes: 0 [ 578.439973][T13252] average write size: 1.23 KiB [ 578.440014][T13252] nr direct reclaim: 0 [ 578.440027][T13252] nr background reclaim: 0 [ 578.440041][T13252] reclaim kicked: 0 [ 578.440082][T13252] reclaim runs in: 0 ms [ 578.440096][T13252] blocked: 0 [ 578.440110][T13252] current entry sectors: 256 [ 578.440150][T13252] current entry error: ok [ 578.440164][T13252] current entry: closed [ 578.440205][T13252] unwritten entries: [ 578.440218][T13252] last buf closed [ 578.440231][T13252] space: [ 578.440269][T13252] discarded 256:1536 [ 578.440284][T13252] clean ondisk 256:1536 [ 578.440298][T13252] clean 256:1536 [ 578.440338][T13252] total 256:2048 [ 578.440353][T13252] dev 0: [ 578.440365][T13252] nr 8 [ 578.440405][T13252] bucket size 256 [ 578.440419][T13252] available 6:248 [ 578.440433][T13252] discard_idx 0 [ 578.440473][T13252] dirty_ondisk 0 (seq 8) [ 578.440487][T13252] dirty_idx 0 (seq 8) [ 578.440501][T13252] cur_idx 0 (seq 8) [ 578.440541][T13252] [ 578.444321][T13993] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 578.728316][T13971] F2FS-fs (loop0): invalid crc value [ 579.000675][T13971] F2FS-fs (loop0): Found nat_bits in checkpoint [ 579.036057][T13993] NILFS (loop1): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 579.078266][ T5473] Allocator stuck? Waited for 30 seconds [ 579.078396][ T5473] Allocator debug: [ 579.078410][ T5473] capacity1536 [ 579.078424][ T5473] reserved 31232 [ 579.078438][ T5473] hidden 0 [ 579.078452][ T5473] btree 0 [ 579.078465][ T5473] data 0 [ 579.078479][ T5473] cached 0 [ 579.078492][ T5473] reserved 0 [ 579.078506][ T5473] online_reserved 128 [ 579.078520][ T5473] nr_inodes 0 [ 579.078534][ T5473] [ 579.078546][ T5473] freelist_wait waiting [ 579.078560][ T5473] open buckets allocated1 [ 579.078573][ T5473] open buckets total 1024 [ 579.078587][ T5473] open_buckets_wait empty [ 579.078601][ T5473] open_buckets_btree 0 [ 579.078614][ T5473] open_buckets_user 0 [ 579.078628][ T5473] btree reserve cache 0 [ 579.078641][ T5473] [ 579.078653][ T5473] Dev 0: [ 579.078665][ T5473] buckets sectors fragmented [ 579.078682][ T5473] free 0 0 0 [ 579.078698][ T5473] sb 0 0 0 [ 579.078715][ T5473] journal 0 0 0 [ 579.078732][ T5473] btree 0 0 0 [ 579.078748][ T5473] user 0 0 0 [ 579.078765][ T5473] cached 0 0 0 [ 579.078782][ T5473] parity 0 0 0 [ 579.078799][ T5473] stripe 0 0 0 [ 579.078816][ T5473] need_gc_gens 0 0 0 [ 579.078833][ T5473] need_discard 0 0 0 [ 579.078850][ T5473] unstriped 0 0 0 [ 579.078866][ T5473] capacity 128 [ 579.078881][ T5473] [ 579.078893][ T5473] reserves: [ 579.078906][ T5473] stripe 60 [ 579.078920][ T5473] normal 58 [ 579.078934][ T5473] copygc 56 [ 579.078948][ T5473] btree 28 [ 579.078968][ T5473] btree_copygc 0 [ 579.078983][ T5473] reclaim 0 [ 579.078997][ T5473] interior_updates 0 [ 579.079011][ T5473] [ 579.079024][ T5473] open buckets 0 [ 579.079038][ T5473] buckets to invalidate 0 [ 579.079051][ T5473] [ 579.079063][ T5473] Copygc debug: [ 579.079076][ T5473] running: 1 [ 579.079088][ T5473] copygc_wait:0 [ 579.079102][ T5473] copygc_wait_at:0 [ 579.079115][ T5473] Currently waiting for:0 B [ 579.079128][ T5473] Currently waiting since:708 KiB [ 579.079142][ T5473] Currently calculated wait:0 B [ 579.079156][ T5473] [ 579.079168][ T5473] Journal debug: [ 579.079181][ T5473] flags: running,may_skip_flush [ 579.079197][ T5473] dirty journal entries: 0/32768 [ 579.079210][ T5473] seq: 8 [ 579.079224][ T5473] seq_ondisk: 8 [ 579.079239][ T5473] last_seq: 9 [ 579.079252][ T5473] last_seq_ondisk: 8 [ 579.079265][ T5473] flushed_seq_ondisk: 8 [ 579.079279][ T5473] watermark: stripe [ 579.079293][ T5473] each entry reserved: 321 [ 579.079307][ T5473] nr flush writes: 1 [ 579.079321][ T5473] nr noflush writes: 0 [ 579.079334][ T5473] average write size: 1.23 KiB [ 579.079349][ T5473] nr direct reclaim: 0 [ 579.079363][ T5473] nr background reclaim: 0 [ 579.079376][ T5473] reclaim kicked: 0 [ 579.079390][ T5473] reclaim runs in: 0 ms [ 579.079404][ T5473] blocked: 0 [ 579.079418][ T5473] current entry sectors: 256 [ 579.079432][ T5473] current entry error: ok [ 579.079446][ T5473] current entry: closed [ 579.079460][ T5473] unwritten entries: [ 579.079473][ T5473] last buf closed [ 579.079486][ T5473] space: [ 579.079498][ T5473] discarded 256:1536 [ 579.079513][ T5473] clean ondisk 256:1536 [ 579.079527][ T5473] clean 256:1536 [ 579.079541][ T5473] total 256:2048 [ 579.079555][ T5473] dev 0: [ 579.079568][ T5473] nr 8 [ 579.079582][ T5473] bucket size 256 [ 579.079596][ T5473] available 6:248 [ 579.079610][ T5473] discard_idx 0 [ 579.079623][ T5473] dirty_ondisk 0 (seq 8) [ 579.079638][ T5473] dirty_idx 0 (seq 8) [ 579.079652][ T5473] cur_idx 0 (seq 8) [ 579.079666][ T5473] [ 579.111312][T13993] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=4) [ 579.113169][T13993] Remounting filesystem read-only [ 579.244301][T13981] loop2: detected capacity change from 0 to 40427 [ 579.300979][T13971] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 579.321653][T13981] F2FS-fs (loop2): Found nat_bits in checkpoint [ 579.341523][ T8367] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer [ 579.341819][ T8367] NILFS (loop1): discard dirty page: offset=0, ino=6 [ 579.341871][ T8367] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 579.341938][ T8367] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 579.341989][ T8367] NILFS (loop1): discard dirty block: blocknr=37, size=1024 [ 579.342013][ T8367] NILFS (loop1): discard dirty block: blocknr=38, size=1024 [ 579.343947][ T8367] NILFS (loop1): discard dirty page: offset=0, ino=5 [ 579.343974][ T8367] NILFS (loop1): discard dirty block: blocknr=41, size=1024 [ 579.344025][ T8367] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 579.344075][ T8367] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 579.344100][ T8367] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 579.344411][ T8367] NILFS (loop1): discard dirty page: offset=0, ino=4 [ 579.344437][ T8367] NILFS (loop1): discard dirty block: blocknr=40, size=1024 [ 579.344488][ T8367] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 579.344539][ T8367] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 579.344564][ T8367] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 579.344833][ T8367] NILFS (loop1): discard dirty page: offset=0, ino=3 [ 579.344885][ T8367] NILFS (loop1): discard dirty block: blocknr=42, size=1024 [ 579.344935][ T8367] NILFS (loop1): discard dirty block: blocknr=43, size=1024 [ 579.344958][ T8367] NILFS (loop1): discard dirty block: blocknr=44, size=1024 [ 579.345008][ T8367] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 579.345065][ T8367] NILFS (loop1): discard dirty page: offset=229376, ino=3 [ 579.345089][ T8367] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 579.345140][ T8367] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 579.345191][ T8367] NILFS (loop1): discard dirty block: blocknr=50, size=1024 [ 579.345217][ T8367] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 579.590818][T14030] IPVS: sh: SCTP 172.20.20.187:0 - no destination available [ 579.600596][ T8375] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 579.623947][ T9899] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 579.645116][ T8365] syz-executor: attempt to access beyond end of device [ 579.645116][ T8365] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 579.645236][ T8365] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 579.695339][T13981] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 580.428705][ T29] audit: type=1804 audit(1726860657.462:163): pid=13981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3236" name="/newroot/126/file2/bus" dev="loop2" ino=10 res=1 errno=0 [ 580.483238][T14036] loop1: detected capacity change from 0 to 256 [ 580.880502][T11854] syz-executor: attempt to access beyond end of device [ 580.880502][T11854] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 580.909975][T11854] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 580.972113][T14048] loop0: detected capacity change from 0 to 4096 [ 580.995349][T14048] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 581.073677][T14036] FAT-fs (loop1): Directory bread(block 64) failed [ 581.086760][T14036] FAT-fs (loop1): Directory bread(block 65) failed [ 581.093591][T14036] FAT-fs (loop1): Directory bread(block 66) failed [ 581.100352][T14036] FAT-fs (loop1): Directory bread(block 67) failed [ 581.107143][T14036] FAT-fs (loop1): Directory bread(block 68) failed [ 581.114032][T14036] FAT-fs (loop1): Directory bread(block 69) failed [ 581.120622][T14036] FAT-fs (loop1): Directory bread(block 70) failed [ 581.127290][T14036] FAT-fs (loop1): Directory bread(block 71) failed [ 581.134849][T14036] FAT-fs (loop1): Directory bread(block 72) failed [ 581.142330][T14036] FAT-fs (loop1): Directory bread(block 73) failed [ 581.262341][T14048] ntfs3: loop0: ino=0, ntfs_iget5 [ 581.268199][T14048] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 581.365900][T14036] Process accounting resumed [ 581.415277][T14036] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 899) [ 581.441494][T14036] FAT-fs (loop1): Filesystem has been set read-only [ 583.433774][T14069] loop2: detected capacity change from 0 to 32768 [ 583.449142][T14111] Process accounting resumed [ 583.804791][T14090] loop5: detected capacity change from 0 to 32768 [ 583.851446][T14090] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3268 (14090) [ 583.900850][T14115] loop1: detected capacity change from 0 to 32768 [ 583.927601][T14126] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3282'. [ 583.927736][T14115] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3278 (14115) [ 583.929502][T14069] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 583.964072][T14090] BTRFS info (device loop5): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 583.974641][T14090] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm [ 583.984207][T14090] BTRFS info (device loop5): using free-space-tree [ 584.010231][T14115] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 584.034939][T14115] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 584.044077][T14115] BTRFS info (device loop1): using free-space-tree [ 584.225536][T14069] XFS (loop2): Ending clean mount [ 584.250188][T14069] XFS (loop2): Quotacheck needed: Please wait. [ 584.580075][T14069] XFS (loop2): Quotacheck: Done. [ 584.681298][ T29] audit: type=1800 audit(1726860661.712:164): pid=14090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3268" name="bus" dev="loop5" ino=263 res=0 errno=0 [ 584.851870][T11854] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 584.882782][ T8367] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 585.083923][ T8375] BTRFS info (device loop5): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 585.342137][T14181] netlink: 'syz.3.3294': attribute type 3 has an invalid length. [ 585.960931][T14199] netlink: 'syz.5.3299': attribute type 1 has an invalid length. [ 585.969829][T14199] netlink: 9380 bytes leftover after parsing attributes in process `syz.5.3299'. [ 586.187044][T14204] loop2: detected capacity change from 0 to 512 [ 586.196792][T14204] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 586.272968][T14204] EXT4-fs (loop2): 1 truncate cleaned up [ 586.310133][T14204] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 586.435667][T14204] fscrypt (loop2, inode 18): Reserved bits set in encryption policy [ 586.566228][T11854] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 586.636236][T14211] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3304'. [ 586.676821][T14211] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3304'. [ 586.765799][T14215] loop2: detected capacity change from 0 to 128 [ 587.044543][T14183] loop1: detected capacity change from 0 to 40427 [ 587.099452][T14183] F2FS-fs (loop1): invalid crc value [ 587.127726][T14183] F2FS-fs (loop1): Found nat_bits in checkpoint [ 587.316759][T14183] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 587.453339][ T79] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 587.529779][T14191] loop0: detected capacity change from 0 to 40427 [ 587.602158][T14191] F2FS-fs (loop0): Found nat_bits in checkpoint [ 587.673512][ T79] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 587.696919][ T79] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 587.724465][ T79] usb 6-1: config 0 descriptor?? [ 587.733895][T14191] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 588.015745][ T8365] syz-executor: attempt to access beyond end of device [ 588.015745][ T8365] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 588.038028][ T8365] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 588.186233][ T79] [drm] Initialized udl 0.0.1 for 6-1:0.0 on minor 2 [ 588.193598][ T79] [drm] Initialized udl on minor 2 [ 588.227385][T14243] loop4: detected capacity change from 0 to 128 [ 588.309282][T14243] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 588.351927][T14243] ext4 filesystem being mounted at /267/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 588.395343][ T79] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed [ 588.411892][ T79] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 588.454718][ T9899] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 588.541479][ T8] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 588.603366][T14252] openvswitch: netlink: Missing key (keys=20040, expected=80) [ 588.612974][ T25] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 588.620915][ T25] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 588.638107][ T79] usb 6-1: USB disconnect, device number 23 [ 588.705766][ T8] usb 2-1: Using ep0 maxpacket: 16 [ 588.717516][ T8] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 588.751456][ T8] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 588.771270][ T8] usb 2-1: config 1 has no interface number 1 [ 588.788339][ T8] usb 2-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping [ 588.790444][T14254] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3319'. [ 588.855387][ T8] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 588.881478][ T8] usb 2-1: config 1 interface 2 has no altsetting 0 [ 588.912989][ T8] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 588.931426][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 588.940336][ T8] usb 2-1: Product: syz [ 588.961449][ T8] usb 2-1: Manufacturer: syz [ 588.966614][ T8] usb 2-1: SerialNumber: syz [ 589.201383][ T8] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor [ 589.222773][ T8] usb 2-1: 2:1: invalid format type 0x1002 is detected, processed as PCM [ 589.243771][ T8] usb 2-1: 2:1 : unsupported sample bitwidth 0 in 0 bytes [ 589.281512][ T8] usb 2-1: selecting invalid altsetting 0 [ 589.341416][ T8] usb 2-1: USB disconnect, device number 26 [ 589.537621][T14263] mkiss: ax0: crc mode is auto. [ 591.568576][T14286] netlink: 212 bytes leftover after parsing attributes in process `syz.1.3333'. [ 591.630013][T14256] loop2: detected capacity change from 0 to 40427 [ 591.723906][T14260] loop4: detected capacity change from 0 to 262144 [ 591.745422][T14260] F2FS-fs (loop4): Found nat_bits in checkpoint [ 591.750302][T14256] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 591.798089][T14256] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 591.838321][T14260] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 591.888811][T14256] F2FS-fs (loop2): invalid crc value [ 591.924569][T14256] F2FS-fs (loop2): Failed to start F2FS issue_checkpoint_thread (-4) [ 592.068651][T14301] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3338'. [ 592.610091][T14318] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3347'. [ 593.326442][T14339] loop5: detected capacity change from 0 to 256 [ 593.359991][T14339] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xff532d92, utbl_chksum : 0xe619d30d) [ 593.619529][T14344] random: crng reseeded on system resumption [ 594.369286][T14361] loop0: detected capacity change from 0 to 128 [ 594.444483][T14361] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 594.471979][T14356] loop1: detected capacity change from 0 to 4096 [ 594.493183][T14361] ext4 filesystem being mounted at /409/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 594.542634][T14370] program syz.4.3367 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 594.665143][T14361] fscrypt (loop0, inode 12): Can't use IV_INO_LBLK_32 policy on filesystem 'loop0' because it doesn't have stable inode numbers [ 594.930203][ T8365] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 595.183943][T14399] loop0: detected capacity change from 0 to 128 [ 595.288025][ T52] Bluetooth: hci3: command tx timeout [ 595.348047][ T29] audit: type=1800 audit(1726860672.372:165): pid=14399 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3374" name="bus" dev="loop0" ino=1048770 res=0 errno=0 [ 595.833761][ T5286] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 596.043319][ T5286] usb 3-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 596.052887][ T5286] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 596.088293][ T5286] usb 3-1: config 0 descriptor?? [ 596.120299][ T5286] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 596.370543][T14424] loop0: detected capacity change from 0 to 512 [ 596.379185][T14424] EXT4-fs: Ignoring removed mblk_io_submit option [ 596.390024][T14424] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 596.435583][T14424] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002] [ 596.474274][T14424] System zones: 1-12 [ 596.508679][T14424] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.3391: corrupted in-inode xattr: e_value size too large [ 596.546698][T14424] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.3391: couldn't read orphan inode 15 (err -117) [ 596.605156][T14424] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 596.639253][ T8] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 596.778366][ T8365] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 596.782899][T14429] loop5: detected capacity change from 0 to 64 [ 596.851434][ T8] usb 2-1: Using ep0 maxpacket: 16 [ 596.873257][ T8] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 596.906049][T14431] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3393'. [ 596.928655][ T8] usb 2-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79 [ 596.945132][ T5286] gspca_cpia1: usb_control_msg 02, error -71 [ 596.945553][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 596.951646][ T5286] gspca_cpia1: usb_control_msg 05, error -71 [ 596.951935][ T5286] gspca_cpia1: usb_control_msg 04, error -71 [ 596.976798][ T8] usb 2-1: Product: syz [ 596.996684][ T8] usb 2-1: Manufacturer: syz [ 597.013419][ T5286] cpia1 3-1:0.0: probe with driver cpia1 failed with error -71 [ 597.021266][ T8] usb 2-1: SerialNumber: syz [ 597.037794][ T5286] usb 3-1: USB disconnect, device number 20 [ 597.043912][ T8] usb 2-1: config 0 descriptor?? [ 597.259140][ T8] usb 2-1: Not enough endpoints found in device, aborting! [ 597.431369][ T5285] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 597.503446][ T8] usb 2-1: USB disconnect, device number 27 [ 597.584229][ T5285] usb 6-1: Using ep0 maxpacket: 8 [ 597.598240][ T5285] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 597.608633][ T5285] usb 6-1: config 0 has no interface number 0 [ 597.630510][ T5285] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 597.661421][ T5285] usb 6-1: config 0 interface 1 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 597.664681][T14448] loop2: detected capacity change from 0 to 2048 [ 597.671443][ T5285] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 597.671481][ T5285] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 597.699598][ T5285] usb 6-1: config 0 descriptor?? [ 597.713384][ T5285] iowarrior 6-1:0.1: no interrupt-in endpoint found [ 597.791414][T14450] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 597.889872][T14448] NILFS error (device loop2): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 597.940537][ T79] usb 6-1: USB disconnect, device number 24 [ 597.985533][T14448] Remounting filesystem read-only [ 598.539261][T14461] loop1: detected capacity change from 0 to 8192 [ 598.569915][T14461] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 598.730200][T14477] binder: BC_ATTEMPT_ACQUIRE not supported [ 598.778401][T14477] binder: 14476:14477 ioctl c0306201 20000480 returned -22 [ 598.844143][T14480] vlan3: entered promiscuous mode [ 598.865160][T14480] vlan3: entered allmulticast mode [ 598.883858][T14480] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 598.956783][T14480] net veth1_virt_wifi virt_wifi0: entered promiscuous mode [ 599.007663][T14480] team0: Port device vlan3 added [ 599.048857][T14483] netlink: 11562 bytes leftover after parsing attributes in process `syz.3.3418'. [ 599.383673][T14497] loop0: detected capacity change from 0 to 2048 [ 599.451015][T14506] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 599.531528][T14506] NILFS (loop0): vblocknr = 18 has abnormal lifetime: start cno (= 504403158265495554) > current cno (= 3) [ 599.602384][T14506] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=2) [ 599.951886][T14506] Remounting filesystem read-only [ 599.957666][ T4517] NILFS (loop0): discard dirty page: offset=4096, ino=6 [ 599.971886][ T4517] NILFS (loop0): discard dirty block: blocknr=39, size=1024 [ 600.007380][T14492] loop1: detected capacity change from 0 to 40427 [ 600.008920][T14518] ipvlan2: entered promiscuous mode [ 600.020711][ T4517] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 600.041098][ T4517] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 600.052282][ T4517] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 600.104005][ T4517] NILFS (loop0): discard dirty page: offset=0, ino=2 [ 600.134418][ T4517] NILFS (loop0): discard dirty block: blocknr=18, size=1024 [ 600.145549][ T29] audit: type=1400 audit(1726860677.182:166): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=26260A3A0CCA7C2B08C9DFF78977F306B457C51CCA93031D371D06D2E59E880583300E11E8 pid=14524 comm="syz.2.3439" [ 600.191430][ T4517] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 600.255202][ T4517] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 600.258376][T14492] F2FS-fs (loop1): Found nat_bits in checkpoint [ 600.299559][ T4517] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 600.366945][T14497] NILFS (loop0): mounting fs with errors [ 600.502640][T14492] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 600.515695][T14506] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 600.541380][T14506] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4) [ 600.594548][T14506] Remounting filesystem read-only [ 600.651737][ T12] NILFS (loop0): discard dirty page: offset=0, ino=6 [ 600.691254][ T12] NILFS (loop0): discard dirty block: blocknr=35, size=1024 [ 600.706673][ T12] NILFS (loop0): discard dirty block: blocknr=36, size=1024 [ 600.750580][ T12] NILFS (loop0): discard dirty block: blocknr=37, size=1024 [ 600.788113][ T12] NILFS (loop0): discard dirty block: blocknr=38, size=1024 [ 600.830177][ T12] NILFS (loop0): discard dirty page: offset=0, ino=3 [ 600.860924][ T8367] syz-executor: attempt to access beyond end of device [ 600.860924][ T8367] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 600.881302][ T12] NILFS (loop0): discard dirty block: blocknr=42, size=1024 [ 600.888631][ T12] NILFS (loop0): discard dirty block: blocknr=43, size=1024 [ 600.921265][ T12] NILFS (loop0): discard dirty block: blocknr=44, size=1024 [ 600.928750][ T8367] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 600.959127][ T12] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 600.971331][ T12] NILFS (loop0): discard dirty page: offset=0, ino=4 [ 600.978043][ T12] NILFS (loop0): discard dirty block: blocknr=40, size=1024 [ 601.001582][ T12] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 601.010507][ T12] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 601.030245][ T12] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 601.087082][ T8365] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer [ 601.105066][ T8365] NILFS (loop0): discard dirty page: offset=0, ino=5 [ 601.120380][ T8365] NILFS (loop0): discard dirty block: blocknr=41, size=1024 [ 601.162537][ T8365] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 601.201331][ T8365] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 601.231608][ T8365] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 601.332843][T14557] netlink: 'syz.4.3452': attribute type 11 has an invalid length. [ 602.134791][ T5285] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 602.319997][T14595] loop5: detected capacity change from 0 to 128 [ 602.401308][ T5285] usb 1-1: Using ep0 maxpacket: 16 [ 602.408620][ T5285] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 602.422174][ T5285] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 602.479416][ T5285] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 602.489593][ T5285] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 602.521301][ T5285] usb 1-1: Product: syz [ 602.530610][ T5285] usb 1-1: Manufacturer: syz [ 602.570203][ T5285] usb 1-1: SerialNumber: syz [ 602.602223][ T5285] usb 1-1: config 0 descriptor?? [ 602.637047][ T5285] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 602.667020][ T5285] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class) [ 603.072407][T14616] loop4: detected capacity change from 0 to 1024 [ 603.109165][T14618] bridge_slave_0: default FDB implementation only supports local addresses [ 603.137866][ T29] audit: type=1800 audit(1726860680.172:167): pid=14616 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3478" name="bus" dev="loop4" ino=26 res=0 errno=0 [ 603.250446][ T5285] em28xx 1-1:0.0: chip ID is em2800 [ 603.411068][ T785] hfsplus: b-tree write err: -5, ino 4 [ 603.457178][ T5285] em28xx 1-1:0.0: Config register raw data: 0xfffffffb [ 603.491690][ T5285] em28xx 1-1:0.0: AC97 chip type couldn't be determined [ 603.498865][ T5285] em28xx 1-1:0.0: No AC97 audio processor [ 603.531476][ T5285] usb 1-1: USB disconnect, device number 27 [ 603.552098][ T5285] em28xx 1-1:0.0: Disconnecting em28xx [ 603.601386][T14622] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3481'. [ 603.631721][ T5285] em28xx 1-1:0.0: Freeing device [ 603.642528][ T79] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 603.777996][T14628] tap0: tun_chr_ioctl cmd 1074025688 [ 603.864000][ T79] usb 6-1: Using ep0 maxpacket: 16 [ 603.870931][ T79] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 603.883577][ T79] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 603.897155][ T79] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 603.906554][ T79] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 603.914698][ T79] usb 6-1: Product: syz [ 603.916619][T14635] program syz.1.3487 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 603.919027][ T79] usb 6-1: Manufacturer: syz [ 603.919052][ T79] usb 6-1: SerialNumber: syz [ 603.932498][ T79] usb 6-1: config 0 descriptor?? [ 603.962844][ T79] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 603.982725][ T79] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class) [ 604.112457][ T932] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 604.284942][T14647] loop2: detected capacity change from 0 to 128 [ 604.335708][ T932] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 604.361596][T14647] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 604.379535][T14647] ext4 filesystem being mounted at /156/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 604.400948][ T932] usb 4-1: config 0 has no interfaces? [ 604.406706][T14647] fscrypt (loop2, inode 12): Unsupported encryption flags (0xf9) [ 604.479393][ T932] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 604.531419][ T932] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 604.562725][ T932] usb 4-1: config 0 descriptor?? [ 604.575333][T11854] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 604.587707][ T79] em28xx 6-1:0.0: unknown em28xx chip ID (0) [ 604.797343][ T5286] usb 4-1: USB disconnect, device number 23 [ 604.808650][ T79] em28xx 6-1:0.0: Config register raw data: 0xfffffffb [ 604.826874][ T79] em28xx 6-1:0.0: AC97 chip type couldn't be determined [ 604.834090][ T79] em28xx 6-1:0.0: No AC97 audio processor [ 604.857465][ T79] usb 6-1: USB disconnect, device number 25 [ 604.864701][ T79] em28xx 6-1:0.0: Disconnecting em28xx [ 604.878622][T14663] ɶƣ0GCTw: entered promiscuous mode [ 604.895058][ T79] em28xx 6-1:0.0: Freeing device [ 604.916120][T14664] openvswitch: ɶƣ0GCTw: Dropping previously announced user features [ 605.332770][ T29] audit: type=1326 audit(1726860682.342:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14671 comm="syz.4.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75af97def9 code=0x7ffc0000 [ 605.403055][ T29] audit: type=1326 audit(1726860682.342:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14671 comm="syz.4.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75af97def9 code=0x7ffc0000 [ 605.428856][T14659] loop1: detected capacity change from 0 to 32768 [ 605.448837][ T29] audit: type=1326 audit(1726860682.352:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14671 comm="syz.4.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f75af97def9 code=0x7ffc0000 [ 605.473941][ T29] audit: type=1326 audit(1726860682.352:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14671 comm="syz.4.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75af97def9 code=0x7ffc0000 [ 605.499859][ T29] audit: type=1326 audit(1726860682.352:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14671 comm="syz.4.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75af97def9 code=0x7ffc0000 [ 605.525477][ T29] audit: type=1326 audit(1726860682.362:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14671 comm="syz.4.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f75af97def9 code=0x7ffc0000 [ 605.555298][T14659] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 605.601300][ T29] audit: type=1326 audit(1726860682.362:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14671 comm="syz.4.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75af97def9 code=0x7ffc0000 [ 605.740527][ T29] audit: type=1326 audit(1726860682.362:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14671 comm="syz.4.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75af97def9 code=0x7ffc0000 [ 605.779216][T14689] bond0: Unable to set down delay as MII monitoring is disabled [ 605.797116][ T29] audit: type=1326 audit(1726860682.402:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14671 comm="syz.4.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7f75af97def9 code=0x7ffc0000 [ 606.026059][T14659] XFS (loop1): Ending clean mount [ 606.083823][T14650] loop0: detected capacity change from 0 to 32768 [ 606.122889][T14650] XFS: ikeep mount option is deprecated. [ 606.129197][T14650] XFS: noikeep mount option is deprecated. [ 606.224807][T14702] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method [ 606.240922][T14650] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 606.286041][ T8367] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 606.354234][T14713] loop5: detected capacity change from 0 to 64 [ 606.396061][T14650] XFS (loop0): Ending clean mount [ 606.416685][T14650] XFS (loop0): Quotacheck needed: Please wait. [ 606.493153][T14650] XFS (loop0): Quotacheck: Done. [ 606.508653][T14713] Trying to free block not in datazone [ 606.546639][T14713] Trying to free block not in datazone [ 606.554072][T14713] Trying to free block not in datazone [ 606.559561][T14713] Trying to free block not in datazone [ 606.566556][T14713] Trying to free block not in datazone [ 606.572184][T14713] minix_free_block (loop5:6): bit already cleared [ 606.579705][T14713] Trying to free block not in datazone [ 606.601088][T14713] Trying to free block not in datazone [ 606.639286][ T8365] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 607.031788][T14731] program syz.5.3526 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 608.304106][T14763] program syz.1.3516 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 608.597801][T14772] loop0: detected capacity change from 0 to 1024 [ 608.633590][T14772] EXT4-fs: Ignoring removed mblk_io_submit option [ 608.676097][T14772] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 608.954240][ T8365] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 609.020354][T14790] netlink: 'syz.1.3548': attribute type 25 has an invalid length. [ 609.139981][T14794] netlink: 156 bytes leftover after parsing attributes in process `syz.0.3550'. [ 609.170546][T14794] netlink: 'syz.0.3550': attribute type 2 has an invalid length. [ 609.191409][T14794] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3550'. [ 609.541970][ T932] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 609.659740][T14805] loop0: detected capacity change from 0 to 8192 [ 609.733278][ T932] usb 6-1: Using ep0 maxpacket: 16 [ 609.771951][ T932] usb 6-1: config 0 has an invalid descriptor of length 115, skipping remainder of the config [ 609.802599][ T932] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 609.813830][ T932] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 101, changing to 10 [ 609.826312][ T932] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 24675, setting to 1024 [ 609.838638][ T932] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 609.873530][T14815] macvlan0: entered allmulticast mode [ 609.879262][T14815] veth1_vlan: entered allmulticast mode [ 610.004337][ T932] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 610.021418][ T932] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 610.030204][ T932] usb 6-1: Manufacturer: syz [ 610.048252][T14820] loop0: detected capacity change from 0 to 1024 [ 610.063303][ T932] usb 6-1: config 0 descriptor?? [ 610.075459][T14820] EXT4-fs: Ignoring removed orlov option [ 610.095664][T14820] EXT4-fs: Ignoring removed nomblk_io_submit option [ 610.120653][ T932] mceusb 6-1:0.0: mceusb_dev_probe: device setup failed! [ 610.129253][ T932] mceusb 6-1:0.0: probe with driver mceusb failed with error -12 [ 610.143376][ T932] usbhid 6-1:0.0: can't add hid device: -22 [ 610.150093][ T932] usbhid 6-1:0.0: probe with driver usbhid failed with error -22 [ 610.171404][ T5286] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 610.182717][T14820] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 610.289921][ T79] usb 6-1: USB disconnect, device number 26 [ 610.341471][ T5286] usb 4-1: Using ep0 maxpacket: 16 [ 610.363114][ T8365] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 610.393611][ T5286] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 610.415134][ T5286] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 610.451422][ T5286] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 610.458739][T14828] loop4: detected capacity change from 0 to 1024 [ 610.505076][ T5286] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 610.525659][ T5286] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 610.575466][ T5286] usb 4-1: config 0 descriptor?? [ 610.763915][ T4517] hfsplus: b-tree write err: -5, ino 4 [ 611.019135][ T5286] microsoft 0003:045E:07DA.0039: No inputs registered, leaving [ 611.057414][ T5286] microsoft 0003:045E:07DA.0039: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 611.106693][ T5286] microsoft 0003:045E:07DA.0039: no inputs found [ 611.128065][ T5286] microsoft 0003:045E:07DA.0039: could not initialize ff, continuing anyway [ 611.212740][ T5286] usb 4-1: USB disconnect, device number 24 [ 611.384061][T14849] loop0: detected capacity change from 0 to 512 [ 611.435569][T14849] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 611.455671][T14849] ext4 filesystem being mounted at /438/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 611.481014][T14824] loop2: detected capacity change from 0 to 32768 [ 611.539258][T14824] XFS: ikeep mount option is deprecated. [ 611.575780][T14849] EXT4-fs (loop0): shut down requested (0) [ 611.589867][T14824] XFS: ikeep mount option is deprecated. [ 611.643167][T14824] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 611.660224][T14864] kernel read not supported for file /cpuacct.usage_percpu_user (pid: 14864 comm: syz.5.3580) [ 611.672882][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 611.672904][ T29] audit: type=1800 audit(1726860688.712:179): pid=14864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3580" name="cpuacct.usage_percpu_user" dev="mqueue" ino=42655 res=0 errno=0 [ 612.003101][ T8365] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 612.084371][T14824] XFS (loop2): Ending clean mount [ 612.091001][T14875] loop4: detected capacity change from 0 to 1024 [ 612.334931][T14856] loop1: detected capacity change from 0 to 32768 [ 612.368041][T11854] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 612.432172][T14856] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 612.530388][T14893] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3591'. [ 612.631600][T14893] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3591'. [ 612.996097][T14856] XFS (loop1): Ending clean mount [ 613.140061][T14919] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3601'. [ 613.236266][T14921] netlink: 'syz.5.3602': attribute type 46 has an invalid length. [ 613.248497][T14921] netlink: 212868 bytes leftover after parsing attributes in process `syz.5.3602'. [ 613.449165][ T8367] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 614.019597][ C1] vkms_vblank_simulate: vblank timer overrun [ 614.701439][ T79] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 614.864785][ T79] usb 3-1: Using ep0 maxpacket: 16 [ 614.919432][ T79] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 614.941515][ T79] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint descriptor of length 5, skipping [ 614.973173][ T79] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 615.037059][ T79] usb 3-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=15.7a [ 615.056709][ T79] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 615.081937][ T5288] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 615.085105][ T79] usb 3-1: Product: syz [ 615.109125][T14923] loop0: detected capacity change from 0 to 32768 [ 615.131266][ T79] usb 3-1: Manufacturer: syz [ 615.146235][ T79] usb 3-1: SerialNumber: syz [ 615.193054][ T79] usb 3-1: config 0 descriptor?? [ 615.215072][ T79] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 615.271516][ T5288] usb 2-1: Using ep0 maxpacket: 8 [ 615.285759][T14929] loop4: detected capacity change from 0 to 40427 [ 615.314634][ T5288] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 615.327383][T14929] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 615.327414][T14929] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 615.333166][T14929] F2FS-fs (loop4): invalid crc value [ 615.357747][ T5288] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 615.384374][T14929] F2FS-fs (loop4): Found nat_bits in checkpoint [ 615.390007][ T5288] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 615.395303][ T79] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 615.436540][ T5288] usb 2-1: config 0 descriptor?? [ 615.445996][ T79] usb 3-1: USB disconnect, device number 21 [ 615.550334][T14929] F2FS-fs (loop4): Start checkpoint disabled! [ 615.600048][T14929] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 615.618556][T14929] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 615.686106][ T5288] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 615.703386][ T52] Bluetooth: hci2: command 0x0406 tx timeout [ 615.922505][ T785] kworker/u8:5: attempt to access beyond end of device [ 615.922505][ T785] loop4: rw=2049, sector=40960, nr_sectors = 40 limit=40427 [ 615.932153][ T79] usb 2-1: USB disconnect, device number 28 [ 615.956630][ T785] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 615.959764][ T79] iowarrior 2-1:0.0: I/O-Warror #0 now disconnected [ 615.964498][ T785] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 615.978924][ T785] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 615.987240][ T785] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 615.995019][ T785] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 616.621361][ T79] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 616.747460][T14981] loop4: detected capacity change from 0 to 512 [ 616.788942][ T79] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 616.818305][ T79] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 616.876306][T14981] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 616.890806][ T79] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 616.890844][ T79] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 616.894461][T14970] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 616.941691][T14981] ext4 filesystem being mounted at /318/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 616.976056][ T79] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 617.076954][T14981] EXT4-fs (loop4): shut down requested (0) [ 617.253859][ T9899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 617.271655][ T25] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 617.312504][T14966] loop0: detected capacity change from 0 to 32768 [ 617.335624][ T8] usb 6-1: USB disconnect, device number 27 [ 617.360027][T14966] XFS (loop0): Mounting V5 Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 617.441830][ T25] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 617.484046][ T25] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 617.535587][T14966] XFS (loop0): Ending clean mount [ 617.567064][ T25] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 617.597584][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 617.635277][ T25] usb 2-1: SerialNumber: syz [ 617.734993][ T8365] XFS (loop0): Unmounting Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 617.853589][ T79] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 617.882656][ T25] usb 2-1: 0:2 : does not exist [ 617.906263][ T25] usb 2-1: USB disconnect, device number 29 [ 618.024866][T15013] loop4: detected capacity change from 0 to 128 [ 618.041407][ T79] usb 3-1: Using ep0 maxpacket: 8 [ 618.048282][T15013] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 618.101804][ T79] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 618.124938][ T79] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 618.151957][ T79] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 618.182001][ T79] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 618.201386][ T79] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 618.210587][ T79] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 618.236210][ C1] vkms_vblank_simulate: vblank timer overrun [ 618.266123][ T9899] sysv_free_block: trying to free block not in datazone [ 618.273709][ T9899] sysv_free_block: trying to free block not in datazone [ 618.280717][ T9899] sysv_free_block: trying to free block not in datazone [ 618.332667][ T9899] sysv_free_block: trying to free block not in datazone [ 618.340076][ T9899] sysv_free_block: trying to free block not in datazone [ 618.380310][ T9899] sysv_free_block: trying to free block not in datazone [ 618.390541][ T9899] sysv_free_block: trying to free block not in datazone [ 618.459772][ T9899] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 618.465734][T15019] binder: 15018:15019 ioctl c00c620f 20000340 returned -22 [ 618.466765][ T79] usb 3-1: GET_CAPABILITIES returned 0 [ 618.534184][ T79] usbtmc 3-1:16.0: can't read capabilities [ 618.707689][ T5288] usb 3-1: USB disconnect, device number 22 [ 619.175900][T15046] loop4: detected capacity change from 0 to 128 [ 619.205854][T15046] EXT4-fs: Ignoring removed nobh option [ 619.208245][T15045] tun0: tun_chr_ioctl cmd 1074025678 [ 619.218148][T15045] tun0: group set to 0 [ 619.546412][T15050] loop5: detected capacity change from 0 to 32768 [ 619.553860][T15050] jfs: Unrecognized mount option "nuota" or missing value [ 619.747293][T15046] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 619.762422][T15046] ext4 filesystem being mounted at /325/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 619.817882][T15065] loop5: detected capacity change from 0 to 64 [ 619.954736][T15046] fscrypt (loop4, inode 12): Direct key flag not allowed with different contents and filenames modes [ 620.079028][T15067] loop2: detected capacity change from 0 to 2048 [ 620.112746][ T9899] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 620.166739][T15067] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 620.231527][ T5288] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 620.255157][T15076] netlink: 'syz.1.3665': attribute type 1 has an invalid length. [ 620.273747][T15076] netlink: 'syz.1.3665': attribute type 2 has an invalid length. [ 620.305612][T15076] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3665'. [ 620.431440][ T5288] usb 4-1: Using ep0 maxpacket: 8 [ 620.439545][ T5288] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 620.449769][ T5288] usb 4-1: config 179 has no interface number 0 [ 620.460473][ T5288] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 620.492952][ T5288] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 620.515233][T15083] bridge0: port 3(vlan5) entered blocking state [ 620.547883][ T5288] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 620.551301][T15083] bridge0: port 3(vlan5) entered disabled state [ 620.587979][ T5288] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 620.610586][T15083] vlan5: entered allmulticast mode [ 620.633063][T15088] loop2: detected capacity change from 0 to 512 [ 620.634137][ T5288] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 620.657913][T15083] vlan5: left allmulticast mode [ 620.687792][ T5288] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 620.694929][T15088] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 620.709871][T15088] ext4 filesystem being mounted at /183/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 620.748881][T15088] EXT4-fs (loop2): shut down requested (0) [ 620.781962][ T5288] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 620.812680][T15071] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 620.862256][ T5286] usb 2-1: new low-speed USB device number 30 using dummy_hcd [ 621.077342][T11854] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 621.090390][ T5286] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 621.111404][ T5286] usb 2-1: config 0 has no interface number 0 [ 621.129504][ T5286] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 621.156449][ T5288] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input42 [ 621.186556][ T5286] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 621.205909][ T5286] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 621.261447][ T5286] usb 2-1: config 0 descriptor?? [ 621.329512][ T5286] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 621.376888][ T5286] usb 4-1: USB disconnect, device number 25 [ 621.376961][ C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 621.392131][ C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 621.400643][ T5286] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 621.487089][ T79] usb 2-1: USB disconnect, device number 30 [ 621.586143][ T79] iowarrior 2-1:0.1: I/O-Warror #0 now disconnected [ 621.784764][T15118] sp0: Synchronizing with TNC [ 622.200126][T15129] tipc: Started in network mode [ 622.231427][T15129] tipc: Node identity -name-of, cluster identity 4711 [ 622.295086][T15129] tipc: Enabling of bearer rejected, failed to enable media [ 622.975942][T15157] loop0: detected capacity change from 0 to 64 [ 623.018579][T15159] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3698'. [ 623.019204][ T79] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 623.149107][T15157] hfs: request for non-existent node 1573 in B*Tree [ 623.161113][T15157] hfs: request for non-existent node 1573 in B*Tree [ 623.261444][ T79] usb 6-1: Using ep0 maxpacket: 16 [ 623.352640][ T8037] hfs: request for non-existent node 1573 in B*Tree [ 623.361597][ T8037] hfs: request for non-existent node 1573 in B*Tree [ 623.385615][T15168] loop1: detected capacity change from 0 to 512 [ 623.412431][ T79] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 623.424888][ T79] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 623.442354][ T79] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 623.454806][ T79] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 623.466024][ T79] usb 6-1: Product: syz [ 623.470327][ T79] usb 6-1: Manufacturer: syz [ 623.477884][T15168] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 623.481285][ T79] usb 6-1: SerialNumber: syz [ 623.533542][ T79] usb 6-1: config 0 descriptor?? [ 623.556500][T15168] ext4 filesystem being mounted at /421/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 623.563710][ T79] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 623.598391][ T79] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class) [ 623.636020][T15168] EXT4-fs (loop1): shut down requested (0) [ 623.865560][ T1262] ieee802154 phy0 wpan0: encryption failed: -22 [ 623.923912][T15183] loop2: detected capacity change from 0 to 1024 [ 623.945685][ T8367] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 624.305682][ T79] em28xx 6-1:0.0: chip ID is em28174 [ 624.525265][ T79] usb 6-1: USB disconnect, device number 28 [ 624.542163][ T79] em28xx 6-1:0.0: Disconnecting em28xx [ 624.567977][ T79] em28xx 6-1:0.0: Freeing device [ 624.667667][T15199] loop4: detected capacity change from 0 to 256 [ 625.276441][T15190] loop2: detected capacity change from 0 to 32768 [ 625.351485][T15190] jfs: Unrecognized mount option "0xffffffffffffffff Z* m.Dc8'@C9G9?9S{1Jլ5 æԌqqY糔" or missing value [ 626.606187][T15209] loop0: detected capacity change from 0 to 32768 [ 626.631971][T15242] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 626.654413][T15209] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3722 (15209) [ 626.686518][T15247] loop4: detected capacity change from 0 to 64 [ 626.711360][T15209] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 626.750476][T15209] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 626.791525][T15209] BTRFS info (device loop0): using free-space-tree [ 627.219849][ T29] audit: type=1800 audit(1726860960.198:180): pid=15209 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3722" name="bus" dev="loop0" ino=263 res=0 errno=0 [ 627.515297][ T8365] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 627.573572][T15293] macvlan3: entered promiscuous mode [ 627.579609][T15293] net veth1_virt_wifi virt_wifi0: entered promiscuous mode [ 627.597404][T15293] team0: Port device macvlan3 added [ 627.684336][ T79] hid-generic 000D:0000:0000.003A: unknown main item tag 0x0 [ 627.692538][ T79] hid-generic 000D:0000:0000.003A: unknown main item tag 0x0 [ 628.055730][T15300] loop2: detected capacity change from 0 to 32768 [ 628.079237][ T79] hid-generic 000D:0000:0000.003A: hidraw0: HID v0.00 Device [syz1] on syz1 [ 628.301551][T15300] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 628.964282][T11854] ocfs2: Unmounting device (7,2) on (node local) [ 630.141520][T15362] program syz.0.3785 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 630.393924][T15371] loop5: detected capacity change from 0 to 2048 [ 630.471378][T15371] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 630.519399][T15370] loop1: detected capacity change from 0 to 4096 [ 630.519974][T15378] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 630.556628][T15370] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 630.678394][T15370] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 630.790728][T15382] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 630.842627][T15386] loop4: detected capacity change from 0 to 1024 [ 630.959149][T15386] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 631.143232][T15392] netlink: 152 bytes leftover after parsing attributes in process `syz.5.3800'. [ 631.172672][T15397] program syz.0.3803 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 631.258359][T15400] loop0: detected capacity change from 0 to 128 [ 631.261067][T15402] loop2: detected capacity change from 0 to 256 [ 631.278488][T15386] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 631.311521][T15402] FAT-fs (loop2): Directory bread(block 64) failed [ 631.331344][T15402] FAT-fs (loop2): Directory bread(block 65) failed [ 631.338094][T15402] FAT-fs (loop2): Directory bread(block 66) failed [ 631.354435][T15400] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 631.360012][T15402] FAT-fs (loop2): Directory bread(block 67) failed [ 631.373486][T15402] FAT-fs (loop2): Directory bread(block 68) failed [ 631.380042][T15402] FAT-fs (loop2): Directory bread(block 69) failed [ 631.386899][T15402] FAT-fs (loop2): Directory bread(block 70) failed [ 631.393595][T15402] FAT-fs (loop2): Directory bread(block 71) failed [ 631.400205][T15402] FAT-fs (loop2): Directory bread(block 72) failed [ 631.406930][T15402] FAT-fs (loop2): Directory bread(block 73) failed [ 631.426414][T15400] ext4 filesystem being mounted at /476/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 631.558163][T15400] fscrypt (loop0, inode 12): Mutually exclusive encryption flags (0x17) [ 631.627261][ T9899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 631.770624][T15415] netlink: 'syz.2.3807': attribute type 22 has an invalid length. [ 631.940621][ T8365] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 632.042081][T15423] loop1: detected capacity change from 0 to 4096 [ 632.125958][T15423] NILFS (loop1): invalid segment: Checksum error in segment payload [ 632.146226][T15423] NILFS (loop1): trying rollback from an earlier position [ 632.224226][T15423] NILFS (loop1): recovery complete [ 632.259446][T15434] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 632.852814][ T5288] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 633.075877][ T5288] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 633.088401][ T5288] usb 2-1: New USB device strings: Mfr=210, Product=154, SerialNumber=3 [ 633.142409][ T5288] usb 2-1: Product: syz [ 633.147113][ T5288] usb 2-1: Manufacturer: syz [ 633.168593][ T5288] usb 2-1: SerialNumber: syz [ 633.192935][T15470] CUSE: info not properly terminated [ 633.203653][ T5288] usb 2-1: config 0 descriptor?? [ 633.649232][T15485] program syz.5.3842 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 633.758518][T15487] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3843'. [ 633.806606][T15489] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3844'. [ 633.906735][T15495] loop2: detected capacity change from 0 to 64 [ 634.023615][ T5288] usb 2-1: Firmware version (0.0) predates our first public release. [ 634.050186][ T5288] usb 2-1: Please update to version 0.2 or newer [ 634.127589][T15502] loop5: detected capacity change from 0 to 128 [ 634.163915][ T5288] usb 2-1: USB disconnect, device number 31 [ 634.179749][T15502] VFS: Found a Xenix FS (block size = 512) on device loop5 [ 634.216487][T15502] sysv_free_block: trying to free block not in datazone [ 634.256176][T15502] sysv_count_free_blocks: free block count was -2041545929, correcting to 9 [ 634.455454][T15502] sysv_count_free_inodes: unable to read inode table [ 634.542171][ T8375] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 634.742983][ T5288] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 634.753549][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 634.903686][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 635.793782][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 636.309002][T15537] loop5: detected capacity change from 0 to 40427 [ 636.335277][T15530] loop1: detected capacity change from 0 to 32768 [ 636.356743][T15537] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504) [ 636.369561][T15537] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 636.429619][T15537] F2FS-fs (loop5): build fault injection attr: rate: 17008, type: 0x1fffff [ 636.466983][T15537] F2FS-fs (loop5): invalid crc value [ 636.479691][T15530] XFS (loop1): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 636.533107][T15537] F2FS-fs (loop5): Found nat_bits in checkpoint [ 636.801862][T15537] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 636.811968][T15530] XFS (loop1): Ending clean mount [ 636.823867][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 636.837268][T15537] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 637.022830][ T8367] XFS (loop1): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 637.174568][ T8375] syz-executor: attempt to access beyond end of device [ 637.174568][ T8375] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 637.195986][ T8375] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 637.489803][T15551] loop2: detected capacity change from 0 to 32768 [ 637.630187][T15578] tap0: tun_chr_ioctl cmd 2147767521 [ 637.711816][T15584] loop1: detected capacity change from 0 to 512 [ 637.839250][T15584] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 637.899567][T15584] ext4 filesystem being mounted at /443/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 638.060864][ T932] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 638.081715][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 638.106791][T15593] loop2: detected capacity change from 0 to 1024 [ 638.124296][T15593] EXT4-fs: Ignoring removed orlov option [ 638.173392][T15593] EXT4-fs: Ignoring removed nomblk_io_submit option [ 638.176976][T15589] vlan2: entered promiscuous mode [ 638.222087][T15589] vlan2: entered allmulticast mode [ 638.262516][T15593] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 638.310699][ T8367] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 638.614919][T11854] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 638.678415][ C1] vkms_vblank_simulate: vblank timer overrun [ 638.899418][T15616] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 638.957792][T15614] loop1: detected capacity change from 0 to 2048 [ 639.019944][T15614] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 639.062382][ T932] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 639.077386][T15614] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 639.117559][T15614] UDF-fs: unknown compression code (0) [ 639.726174][T15649] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3907'. [ 639.783799][T15640] loop0: detected capacity change from 0 to 4096 [ 639.827597][T15640] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 639.922867][T15640] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 640.089148][ T29] audit: type=1326 audit(1726860973.118:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15660 comm="syz.1.3913" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f37c837def9 code=0x0 [ 640.094466][T15640] ntfs3: loop0: Failed to load $Extend (-22). [ 640.115892][ T932] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 640.153189][T15667] bridge: RTM_NEWNEIGH with invalid state 0x4 [ 640.159555][T15640] ntfs3: loop0: Failed to initialize $Extend. [ 640.315058][ T11] ntfs3: loop0: ino=5, ntfs3_write_inode failed, -22. [ 640.908615][T15690] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 641.145509][ T932] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 641.176305][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 641.187771][ T5288] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 641.470616][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 641.479275][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 641.627194][T15710] loop4: detected capacity change from 0 to 512 [ 641.658790][T15710] EXT4-fs error (device loop4): __ext4_fill_super:5435: inode #2: comm syz.4.3936: casefold flag without casefold feature [ 641.708378][T15710] EXT4-fs (loop4): get root inode failed [ 641.714222][T15710] EXT4-fs (loop4): mount failed [ 641.893233][T15718] loop1: detected capacity change from 0 to 256 [ 641.925933][T15718] exfat: Deprecated parameter 'utf8' [ 641.963214][T15718] exfat: Deprecated parameter 'namecase' [ 641.969553][T15718] exfat: Deprecated parameter 'utf8' [ 642.066228][T15718] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 642.164093][T15718] exFAT-fs (loop1): error, tried to truncate zeroed cluster. [ 642.166389][T15727] netlink: 277 bytes leftover after parsing attributes in process `syz.5.3943'. [ 642.192505][ T5288] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 642.267364][ T29] audit: type=1800 audit(1726860975.298:182): pid=15729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3940" name="file1" dev="loop1" ino=1048780 res=0 errno=0 [ 642.656736][T15747] loop0: detected capacity change from 0 to 512 [ 642.683369][T15747] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 642.737604][T15747] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.3951: invalid block [ 642.773969][T15747] EXT4-fs (loop0): Remounting filesystem read-only [ 642.802987][T15747] EXT4-fs (loop0): 2 truncates cleaned up [ 642.809722][T15747] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 642.891512][ T79] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 643.010492][ T8365] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 643.072102][ T5286] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 643.083329][ T79] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 643.101794][ T79] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 643.141317][ T79] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 643.173287][ T79] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 643.250850][ T5288] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 643.270324][T15745] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 643.352090][ T79] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 643.624415][ T5288] usb 2-1: USB disconnect, device number 32 [ 644.040586][T15802] loop2: detected capacity change from 0 to 64 [ 644.097911][T15802] hfs: request for non-existent node 1573 in B*Tree [ 644.107884][T15802] hfs: request for non-existent node 1573 in B*Tree [ 644.248753][ T35] hfs: request for non-existent node 1573 in B*Tree [ 644.292662][ T35] hfs: request for non-existent node 1573 in B*Tree [ 644.647929][T15816] loop5: detected capacity change from 0 to 1024 [ 644.696013][T15816] hfsplus: request for non-existent node 2048 in B*Tree [ 644.703998][T15816] hfsplus: request for non-existent node 2048 in B*Tree [ 644.712702][T15816] hfsplus: request for non-existent node 2048 in B*Tree [ 644.721921][T15816] hfsplus: request for non-existent node 2048 in B*Tree [ 644.917569][T15830] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3988'. [ 644.927642][T15830] netlink: 112 bytes leftover after parsing attributes in process `syz.5.3988'. [ 644.938209][T15830] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3988'. [ 644.996796][ T5235] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 645.019349][T15828] loop0: detected capacity change from 0 to 2048 [ 645.053223][T15828] EXT4-fs: Ignoring removed orlov option [ 645.136641][T15823] net_ratelimit: 7 callbacks suppressed [ 645.136665][T15823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 645.211456][ T5235] usb 3-1: Using ep0 maxpacket: 32 [ 645.277689][ T5235] usb 3-1: config index 0 descriptor too short (expected 26, got 18) [ 645.316186][T15840] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3990'. [ 645.332406][ T5235] usb 3-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 645.346181][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 645.367959][ T5235] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 645.424141][T15828] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 645.435777][ T5235] usb 3-1: config 0 descriptor?? [ 645.459866][T15828] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 645.478983][T15828] EXT4-fs (loop0): Remounting filesystem read-only [ 645.486769][ T5235] as10x_usb: device has been detected [ 645.511921][ T5235] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 645.602956][ T5235] usb 3-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 645.614077][ T8365] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 645.667155][T15853] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3996'. [ 645.691511][T15853] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3996'. [ 645.730831][ T5235] as10x_usb: error during firmware upload part1 [ 645.762744][ T5235] Registered device nBox DVB-T Dongle [ 645.831064][ T5235] usb 3-1: USB disconnect, device number 23 [ 645.862476][ T29] audit: type=1326 audit(1726860978.888:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15858 comm="syz.0.3999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f894277def9 code=0x7ffc0000 [ 645.910508][ T5235] Unregistered device nBox DVB-T Dongle [ 645.924034][ T5235] as10x_usb: device has been disconnected [ 645.936802][ T29] audit: type=1326 audit(1726860978.888:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15858 comm="syz.0.3999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f894277def9 code=0x7ffc0000 [ 645.965153][ T29] audit: type=1326 audit(1726860978.888:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15858 comm="syz.0.3999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f894277def9 code=0x7ffc0000 [ 645.991923][ T29] audit: type=1326 audit(1726860978.888:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15858 comm="syz.0.3999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f894277def9 code=0x7ffc0000 [ 646.019316][ T29] audit: type=1326 audit(1726860978.888:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15858 comm="syz.0.3999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f894277def9 code=0x7ffc0000 [ 646.112303][T15870] loop0: detected capacity change from 0 to 256 [ 646.184137][T15870] FAT-fs (loop0): Directory bread(block 64) failed [ 646.201510][T15870] FAT-fs (loop0): Directory bread(block 65) failed [ 646.208318][T15870] FAT-fs (loop0): Directory bread(block 66) failed [ 646.227854][T15870] FAT-fs (loop0): Directory bread(block 67) failed [ 646.266472][T15870] FAT-fs (loop0): Directory bread(block 68) failed [ 646.295614][T15870] FAT-fs (loop0): Directory bread(block 69) failed [ 646.315984][T15870] FAT-fs (loop0): Directory bread(block 70) failed [ 646.327762][T15870] FAT-fs (loop0): Directory bread(block 71) failed [ 646.377708][T15870] FAT-fs (loop0): Directory bread(block 72) failed [ 646.401653][T15870] FAT-fs (loop0): Directory bread(block 73) failed [ 646.427571][ T5235] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 646.921657][ T785] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 646.951940][ T79] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 646.981633][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 647.044045][ T5286] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 647.373992][T15898] loop2: detected capacity change from 0 to 2048 [ 647.467785][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 647.492704][T15898] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 647.885624][T15908] loop4: detected capacity change from 0 to 764 [ 647.940358][T15910] netlink: 'syz.2.4023': attribute type 3 has an invalid length. [ 647.941005][T15908] rock: directory entry would overflow storage [ 647.981788][T15910] netlink: 196520 bytes leftover after parsing attributes in process `syz.2.4023'. [ 647.989566][T15908] rock: sig=0x4f50, size=4, remaining=3 [ 648.024057][T15908] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 648.303557][T15917] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4027'. [ 648.507908][ T5235] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 649.980285][T15924] loop0: detected capacity change from 0 to 2048 [ 753.111193][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 753.118189][ C0] rcu: 1-...!: (1 ticks this GP) idle=1744/1/0x4000000000000000 softirq=66380/66380 fqs=96 [ 753.131759][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P15907/1:b..l [ 753.139800][ C0] rcu: (detected by 0, t=10502 jiffies, g=68985, q=1417 ncpus=2) [ 753.147630][ C0] Sending NMI from CPU 0 to CPUs 1: [ 753.147668][ C1] NMI backtrace for cpu 1 [ 753.147683][ C1] CPU: 1 UID: 0 PID: 15915 Comm: syz.3.4025 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0 [ 753.147710][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 753.147725][ C1] RIP: 0010:advance_sched+0xb3c/0xca0 [ 753.147755][ C1] Code: be 6f 03 00 00 48 c7 c2 40 a2 11 8d e8 cd 68 ab f7 48 c7 c7 e0 89 93 8e 48 89 de e8 8e 2d ab f7 e8 d9 65 b6 f7 b8 01 00 00 00 <48> 81 c4 98 00 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d e9 c9 1d 2b 02 [ 753.147776][ C1] RSP: 0018:ffffc90000a18c90 EFLAGS: 00000083 [ 753.147798][ C1] RAX: 0000000000000001 RBX: ffffffff89c521f2 RCX: ffffc90000a18b03 [ 753.147817][ C1] RDX: 0000000000000001 RSI: ffffffff8c0ae940 RDI: ffffffff8c60dd00 [ 753.147835][ C1] RBP: 0000000000000001 R08: ffffffff901c5aaf R09: 1ffffffff2038b55 [ 753.147853][ C1] R10: dffffc0000000000 R11: fffffbfff2038b56 R12: dffffc0000000000 [ 753.147872][ C1] R13: 17fc30d270000000 R14: ffff888060bdb000 R15: ffff88805e659360 [ 753.147895][ C1] FS: 00007f7d382016c0(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000 [ 753.147922][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 753.147940][ C1] CR2: 00007f7d38200f98 CR3: 000000006f30a000 CR4: 0000000000350ef0 [ 753.147960][ C1] Call Trace: [ 753.147971][ C1] [ 753.147981][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 753.148010][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 753.148058][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 753.148085][ C1] ? nmi_handle+0x2a/0x5a0 [ 753.148120][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 753.148154][ C1] ? nmi_handle+0x151/0x5a0 [ 753.148178][ C1] ? nmi_handle+0x2a/0x5a0 [ 753.148204][ C1] ? advance_sched+0xb3c/0xca0 [ 753.148226][ C1] ? default_do_nmi+0x63/0x160 [ 753.148255][ C1] ? exc_nmi+0x123/0x1f0 [ 753.148282][ C1] ? end_repeat_nmi+0xf/0x53 [ 753.148321][ C1] ? advance_sched+0xa02/0xca0 [ 753.148347][ C1] ? advance_sched+0xb3c/0xca0 [ 753.148371][ C1] ? advance_sched+0xb3c/0xca0 [ 753.148394][ C1] ? advance_sched+0xb3c/0xca0 [ 753.148417][ C1] [ 753.148425][ C1] [ 753.148437][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 753.148472][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 753.148512][ C1] ? __pfx_advance_sched+0x10/0x10 [ 753.148551][ C1] __hrtimer_run_queues+0x59d/0xd50 [ 753.148577][ C1] ? ktime_get_update_offsets_now+0x3c/0x250 [ 753.148621][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 753.148646][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.148684][ C1] ? ktime_get_update_offsets_now+0x22d/0x250 [ 753.148722][ C1] hrtimer_interrupt+0x396/0x990 [ 753.148761][ C1] __sysvec_apic_timer_interrupt+0x112/0x3f0 [ 753.148789][ C1] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 753.148824][ C1] [ 753.148832][ C1] [ 753.148842][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 753.148880][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140 [ 753.148914][ C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 3e ff 32 f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 53 cf 99 f5 65 8b 05 64 8d 3a 74 85 c0 74 43 48 c7 04 24 0e 36 [ 753.148935][ C1] RSP: 0018:ffffc9000bb778c0 EFLAGS: 00000206 [ 753.148956][ C1] RAX: 219154ffeb563900 RBX: 1ffff9200176ef1c RCX: ffffffff9a3a6903 [ 753.148976][ C1] RDX: dffffc0000000000 RSI: ffffffff8c0ad7c0 RDI: 0000000000000001 [ 753.148994][ C1] RBP: ffffc9000bb77958 R08: ffffffff901c5aaf R09: 1ffffffff2038b55 [ 753.149013][ C1] R10: dffffc0000000000 R11: fffffbfff2038b56 R12: dffffc0000000000 [ 753.149033][ C1] R13: 1ffff9200176ef18 R14: ffffc9000bb778e0 R15: 0000000000000246 [ 753.149068][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 753.149102][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.149144][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.149182][ C1] ? __wake_up_locked_key+0xea/0x160 [ 753.149224][ C1] timerfd_clock_was_set+0x1e0/0x2f0 [ 753.149253][ C1] ? timerfd_clock_was_set+0x31/0x2f0 [ 753.149284][ C1] clock_was_set+0x78e/0x810 [ 753.149328][ C1] ? __pfx_clock_was_set+0x10/0x10 [ 753.149365][ C1] ? __asan_memcpy+0x40/0x70 [ 753.149396][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.149435][ C1] ? timekeeping_update+0x3e5/0x450 [ 753.149465][ C1] ? do_adjtimex+0x51d/0xae0 [ 753.149497][ C1] timekeeping_inject_offset+0x4e8/0x580 [ 753.149528][ C1] ? do_adjtimex+0x51d/0xae0 [ 753.149562][ C1] ? __pfx_timekeeping_inject_offset+0x10/0x10 [ 753.149595][ C1] ? __pfx_add_device_randomness+0x10/0x10 [ 753.149629][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.149668][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.149712][ C1] do_adjtimex+0x51d/0xae0 [ 753.149747][ C1] ? __pfx_do_adjtimex+0x10/0x10 [ 753.149779][ C1] ? __pfx___might_resched+0x10/0x10 [ 753.149814][ C1] ? __might_fault+0xaa/0x120 [ 753.149848][ C1] ? __pfx_lock_release+0x10/0x10 [ 753.149892][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.149930][ C1] ? __might_fault+0xc6/0x120 [ 753.149967][ C1] __x64_sys_clock_adjtime+0x1e3/0x290 [ 753.150002][ C1] ? __pfx___x64_sys_clock_adjtime+0x10/0x10 [ 753.150056][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 753.150096][ C1] ? do_syscall_64+0x100/0x230 [ 753.150135][ C1] ? do_syscall_64+0xb6/0x230 [ 753.150174][ C1] do_syscall_64+0xf3/0x230 [ 753.150214][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 753.150249][ C1] RIP: 0033:0x7f7d3737def9 [ 753.150270][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 753.150290][ C1] RSP: 002b:00007f7d38201038 EFLAGS: 00000246 ORIG_RAX: 0000000000000131 [ 753.150320][ C1] RAX: ffffffffffffffda RBX: 00007f7d37536058 RCX: 00007f7d3737def9 [ 753.150340][ C1] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000000 [ 753.150356][ C1] RBP: 00007f7d373f0b76 R08: 0000000000000000 R09: 0000000000000000 [ 753.150372][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 753.150388][ C1] R13: 0000000000000000 R14: 00007f7d37536058 R15: 00007ffd14350268 [ 753.150416][ C1] [ 753.150664][ C0] task:syz.4.4024 state:R running task stack:24672 pid:15907 tgid:15907 ppid:9899 flags:0x00004000 [ 753.761295][ C0] Call Trace: [ 753.764584][ C0] [ 753.767529][ C0] __schedule+0x1893/0x4b50 [ 753.772075][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.777754][ C0] ? __pfx___schedule+0x10/0x10 [ 753.782635][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.788298][ C0] ? mark_lock+0x9a/0x360 [ 753.792661][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.798331][ C0] ? preempt_schedule+0xe1/0xf0 [ 753.803211][ C0] preempt_schedule_common+0x84/0xd0 [ 753.808524][ C0] preempt_schedule+0xe1/0xf0 [ 753.813229][ C0] ? __pfx_preempt_schedule+0x10/0x10 [ 753.818624][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 753.824543][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.830212][ C0] preempt_schedule_thunk+0x1a/0x30 [ 753.835436][ C0] _raw_spin_unlock+0x3e/0x50 [ 753.840136][ C0] unmap_page_range+0x3818/0x42c0 [ 753.845214][ C0] ? __pfx_unmap_page_range+0x10/0x10 [ 753.850610][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.856279][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.861942][ C0] ? mas_next_slot+0xeab/0xf90 [ 753.866739][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.872401][ C0] ? uprobe_munmap+0x183/0x460 [ 753.877185][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.882847][ C0] ? unmap_single_vma+0x1bd/0x2b0 [ 753.887898][ C0] unmap_vmas+0x3cc/0x5f0 [ 753.892257][ C0] ? __pfx_unmap_vmas+0x10/0x10 [ 753.897144][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.902805][ C0] ? tlb_gather_mmu_fullmm+0x160/0x210 [ 753.908286][ C0] exit_mmap+0x264/0xc80 [ 753.912550][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 753.917343][ C0] ? __asan_memset+0x23/0x50 [ 753.921982][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.927647][ C0] ? uprobe_clear_state+0x277/0x290 [ 753.932858][ C0] ? mm_update_next_owner+0xa4/0x810 [ 753.938159][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 753.943386][ C0] __mmput+0x115/0x390 [ 753.947486][ C0] exit_mm+0x220/0x310 [ 753.951574][ C0] ? __pfx_exit_mm+0x10/0x10 [ 753.956180][ C0] ? taskstats_exit+0x326/0xa60 [ 753.961088][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.966779][ C0] do_exit+0x9b2/0x27f0 [ 753.970972][ C0] ? preempt_schedule_common+0x84/0xd0 [ 753.976491][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 753.982163][ C0] ? __pfx_do_exit+0x10/0x10 [ 753.986771][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 753.992786][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 753.999151][ C0] ? preempt_schedule_thunk+0x1a/0x30 [ 754.004548][ C0] do_group_exit+0x207/0x2c0 [ 754.009166][ C0] __x64_sys_exit_group+0x3f/0x40 [ 754.014211][ C0] x64_sys_call+0x2634/0x2640 [ 754.018919][ C0] do_syscall_64+0xf3/0x230 [ 754.023461][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.029381][ C0] RIP: 0033:0x7f75af97def9 [ 754.033809][ C0] RSP: 002b:00007ffc38adff58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 754.042244][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f75af97def9 [ 754.050230][ C0] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 [ 754.058222][ C0] RBP: 00007ffc38adffac R08: 00007ffc38ae003f R09: 000000000009e1d7 [ 754.066218][ C0] R10: 00007f75afb22000 R11: 0000000000000246 R12: 0000000000000032 [ 754.074212][ C0] R13: 000000000009e1d7 R14: 000000000009e17c R15: 00007ffc38ae0000 [ 754.082217][ C0] [ 754.085247][ C0] rcu: rcu_preempt kthread starved for 10310 jiffies! g68985 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 754.096463][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 754.106617][ C0] rcu: RCU grace-period kthread stack dump: [ 754.112521][ C0] task:rcu_preempt state:R running task stack:25952 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 754.124290][ C0] Call Trace: [ 754.127580][ C0] [ 754.130525][ C0] __schedule+0x1893/0x4b50 [ 754.135097][ C0] ? __pfx___schedule+0x10/0x10 [ 754.139988][ C0] ? __pfx_lock_release+0x10/0x10 [ 754.145045][ C0] ? __asan_memset+0x23/0x50 [ 754.149695][ C0] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 754.155564][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 754.161930][ C0] ? schedule+0x90/0x320 [ 754.166204][ C0] schedule+0x14b/0x320 [ 754.170391][ C0] schedule_timeout+0x1be/0x310 [ 754.175267][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 754.180670][ C0] ? __pfx_process_timeout+0x10/0x10 [ 754.185989][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 754.191654][ C0] ? prepare_to_swait_event+0x330/0x350 [ 754.197239][ C0] rcu_gp_fqs_loop+0x2df/0x1330 [ 754.202105][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 754.207346][ C0] ? __pfx_rcu_watching_snap_recheck+0x10/0x10 [ 754.213517][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 754.218833][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 754.224759][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 754.230423][ C0] ? finish_swait+0xd4/0x1e0 [ 754.235046][ C0] rcu_gp_kthread+0xa7/0x3b0 [ 754.239654][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 754.244864][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 754.250784][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 754.256445][ C0] ? __kthread_parkme+0x169/0x1d0 [ 754.261501][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 754.266714][ C0] kthread+0x2f2/0x390 [ 754.270802][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 754.276015][ C0] ? __pfx_kthread+0x10/0x10 [ 754.280623][ C0] ret_from_fork+0x4d/0x80 [ 754.285069][ C0] ? __pfx_kthread+0x10/0x10 [ 754.289673][ C0] ret_from_fork_asm+0x1a/0x30 [ 754.294489][ C0] [ 754.297520][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 754.303847][ C0] CPU: 0 UID: 0 PID: 15924 Comm: syz.0.4029 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0 [ 754.314273][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 754.324344][ C0] RIP: 0010:smp_call_function_many_cond+0x19f8/0x2ca0 [ 754.331226][ C0] Code: 89 e6 83 e6 01 31 ff e8 86 f1 0b 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 31 ed 0b 00 eb 38 f3 90 42 0f b6 04 23 <84> c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 15 ed 0b 00 eb e4 44 [ 754.350843][ C0] RSP: 0018:ffffc9000b9c7720 EFLAGS: 00000246 [ 754.356931][ C0] RAX: 0000000000000000 RBX: 1ffff110171288f9 RCX: 0000000000040000 [ 754.364916][ C0] RDX: ffffc90019c09000 RSI: 000000000003ffff RDI: 0000000000040000 [ 754.372899][ C0] RBP: ffffc9000b9c7908 R08: ffffffff8188d1da R09: 1ffffffff2849f03 [ 754.381101][ C0] R10: dffffc0000000000 R11: fffffbfff2849f04 R12: dffffc0000000000 [ 754.389089][ C0] R13: ffff8880b89447c8 R14: ffff8880b883fb80 R15: 0000000000000001 [ 754.397080][ C0] FS: 00007f894358d6c0(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000 [ 754.406024][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 754.412622][ C0] CR2: 00007f8942760700 CR3: 00000000393dc000 CR4: 0000000000350ef0 [ 754.420607][ C0] Call Trace: [ 754.423982][ C0] [ 754.426848][ C0] ? rcu_check_gp_kthread_starvation+0x278/0x310 [ 754.433213][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 754.438884][ C0] ? print_other_cpu_stall+0x1475/0x15b0 [ 754.444563][ C0] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 754.450572][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 754.456235][ C0] ? cgroup_rstat_updated+0x13b/0xc60 [ 754.461655][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 754.467323][ C0] ? kvm_check_and_clear_guest_paused+0x6a/0xd0 [ 754.473596][ C0] ? rcu_sched_clock_irq+0xa1a/0x10d0 [ 754.478994][ C0] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 754.484646][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 754.490313][ C0] ? hrtimer_run_queues+0x16c/0x460 [ 754.495538][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 754.501202][ C0] ? acct_account_cputime+0xd3/0x210 [ 754.506514][ C0] ? update_process_times+0x1ce/0x230 [ 754.511915][ C0] ? tick_nohz_handler+0x37c/0x500 [ 754.517052][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 754.522531][ C0] ? __hrtimer_run_queues+0x553/0xd50 [ 754.527917][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 754.533953][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 754.539688][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 754.545350][ C0] ? ktime_get_update_offsets_now+0x22d/0x250 [ 754.551473][ C0] ? hrtimer_interrupt+0x396/0x990 [ 754.556650][ C0] ? __sysvec_apic_timer_interrupt+0x112/0x3f0 [ 754.562917][ C0] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 754.568752][ C0] [ 754.571692][ C0] [ 754.574631][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 754.580821][ C0] ? smp_call_function_many_cond+0x19da/0x2ca0 [ 754.587012][ C0] ? smp_call_function_many_cond+0x19f8/0x2ca0 [ 754.593206][ C0] ? __pfx_has_bh_in_lru+0x10/0x10 [ 754.598341][ C0] ? __pfx_invalidate_bh_lru+0x10/0x10 [ 754.603839][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 754.610201][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 754.615871][ C0] ? __pfx_invalidate_bh_lru+0x10/0x10 [ 754.621349][ C0] ? __pfx_has_bh_in_lru+0x10/0x10 [ 754.626478][ C0] on_each_cpu_cond_mask+0x3f/0x80 [ 754.631627][ C0] set_blocksize+0x2e2/0x360 [ 754.636249][ C0] sb_set_blocksize+0x47/0xf0 [ 754.640956][ C0] ext4_fill_super+0x12f0/0x6df0 [ 754.645932][ C0] ? __pfx_vsnprintf+0x10/0x10 [ 754.650727][ C0] ? __pfx_ext4_fill_super+0x10/0x10 [ 754.656046][ C0] ? do_raw_spin_lock+0x14f/0x370 [ 754.661100][ C0] ? __pfx_snprintf+0x10/0x10 [ 754.665797][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 754.671465][ C0] ? set_blocksize+0x1f9/0x360 [ 754.676259][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 754.681925][ C0] ? sb_set_blocksize+0x98/0xf0 [ 754.686802][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 754.692466][ C0] ? setup_bdev_super+0x4e6/0x5d0 [ 754.697513][ C0] get_tree_bdev+0x3f9/0x570 [ 754.702129][ C0] ? __pfx_ext4_fill_super+0x10/0x10 [ 754.707439][ C0] ? __pfx_get_tree_bdev+0x10/0x10 [ 754.712579][ C0] ? apparmor_capable+0x13b/0x1b0 [ 754.717641][ C0] vfs_get_tree+0x92/0x2b0 [ 754.722186][ C0] do_new_mount+0x2be/0xb40 [ 754.726716][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 754.732388][ C0] ? __pfx_do_new_mount+0x10/0x10 [ 754.737444][ C0] __se_sys_mount+0x2d6/0x3c0 [ 754.742147][ C0] ? __pfx___se_sys_mount+0x10/0x10 [ 754.747367][ C0] ? exc_page_fault+0x590/0x8c0 [ 754.752243][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 754.757917][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 754.763579][ C0] ? __x64_sys_mount+0x20/0xc0 [ 754.768367][ C0] do_syscall_64+0xf3/0x230 [ 754.772907][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.778827][ C0] RIP: 0033:0x7f894277f69a [ 754.783261][ C0] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 754.802884][ C0] RSP: 002b:00007f894358ce68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 754.811320][ C0] RAX: ffffffffffffffda RBX: 00007f894358cef0 RCX: 00007f894277f69a [ 754.819315][ C0] RDX: 0000000020000500 RSI: 0000000020000000 RDI: 00007f894358ceb0 [ 754.827303][ C0] RBP: 0000000020000500 R08: 00007f894358cef0 R09: 0000000000000000 [ 754.835292][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020000000 [ 754.843277][ C0] R13: 00007f894358ceb0 R14: 0000000000000783 R15: 0000000020000240 [ 754.851287][ C0]