last executing test programs: 21.032315514s ago: executing program 4: bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x0, 0x6cc, 0x6b9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x80, 0x5}, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x10, 0x8c}, [@ldst={0x3, 0x3, 0x3, 0xa, 0x0, 0xff00}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xb, &(0x7f00000009c0)=@framed={{}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x0}, {0x5}, {0x7, 0x0, 0x2}, {}, {}, {0x85, 0x0, 0x0, 0x99}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x58}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x2, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="b4000000000000006910500000000000d5000000000000009500740000000000082376369d159dbada"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x0, 0x1, 0x38}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) pidfd_getfd(0xffffffffffffffff, r4, 0x0) r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000030c0), 0x200000, 0x0) syz_genetlink_get_family_id$fou(&(0x7f0000003640), r5) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r5}, &(0x7f0000000100), &(0x7f0000000180)='%-010d \x00'}, 0x20) r6 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f00000000c0)={'sit0\x00', &(0x7f0000000040)={'syztnl2\x00', 0x0, 0x7800, 0x700, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x12, 0x14, 0x0, 0x0, 0x6, 0x0, 0x0, @multicast1, @multicast2}}}}) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000940)={{r5}, &(0x7f00000008c0), &(0x7f0000000900)='%-010d \x00'}, 0x20) r7 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f00000000c0)={'sit0\x00', &(0x7f0000000500)}) 19.738864965s ago: executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$XDP_UMEM_FILL_RING(0xffffffffffffffff, 0x11b, 0x5, &(0x7f0000000340)=0x800, 0x4) setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, &(0x7f0000000180)=0x8000, 0x4) bind$xdp(0xffffffffffffffff, 0x0, 0x0) bind$xdp(0xffffffffffffffff, 0x0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00', 0x0}) r4 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/156, 0x1000, 0x1000}, 0x20) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000001300)=0x10, 0x4) setsockopt$XDP_UMEM_COMPLETION_RING(r4, 0x11b, 0x6, &(0x7f0000000300)=0x8, 0x4) setsockopt$XDP_UMEM_FILL_RING(r4, 0x11b, 0x5, &(0x7f0000000340)=0x800, 0x4) setsockopt$XDP_TX_RING(r4, 0x11b, 0x3, &(0x7f0000000180)=0x8000, 0x4) bind$xdp(r4, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10) bind$xdp(r1, &(0x7f0000000240)={0x2c, 0x1, r3, 0x0, r4}, 0x10) r5 = socket$xdp(0x2c, 0x3, 0x0) r6 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000001c0)={'sit0\x00', 0x0}) r8 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r8, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/156, 0x1000, 0x1000}, 0x20) setsockopt$XDP_RX_RING(r5, 0x11b, 0x2, &(0x7f0000001300)=0x10, 0x4) setsockopt$XDP_UMEM_COMPLETION_RING(r8, 0x11b, 0x6, &(0x7f0000000300)=0x8, 0x4) setsockopt$XDP_UMEM_FILL_RING(r8, 0x11b, 0x5, &(0x7f0000000340)=0x800, 0x4) setsockopt$XDP_TX_RING(r8, 0x11b, 0x3, &(0x7f0000000180)=0x8000, 0x4) bind$xdp(r8, &(0x7f0000000100)={0x2c, 0x0, r7}, 0x10) bind$xdp(r5, &(0x7f0000000240)={0x2c, 0x1, r7, 0x0, r8}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2400404}, 0xc, &(0x7f0000000040)={&(0x7f0000004400), 0x3c0c}}, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000780)=0x4, 0x4) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@ipv6_getroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0x2}, [@RTA_IIF={0x8, 0x1b}]}, 0x24}}, 0x0) 19.605817686s ago: executing program 4: syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r3, &(0x7f0000000200)=@abs={0x1}, 0x6e) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff}) r5 = getpid() sendmmsg$unix(r4, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000000)=@abs={0x1}, 0x3, 0x0, 0x0, &(0x7f0000000400)=[@cred={{0x1c, 0x1, 0x2, {r5}}}, @rights={{0x14, 0x1, 0x1, [r4]}}], 0x38}}], 0x2, 0x0) fsopen(&(0x7f0000000000)='tmpfs\x00', 0x0) creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000005b00)) r6 = open(&(0x7f0000000000)='./bus\x00', 0x60342, 0x0) r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) ftruncate(r6, 0x2007ffd) sendfile(r6, r7, 0x0, 0x1000000201005) mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r8 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0) write$binfmt_script(r8, &(0x7f0000000080), 0x208e24b) 15.02755542s ago: executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @none}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @any, 0x2, 0x2}, 0xe) 14.363639313s ago: executing program 4: r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"]) ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x80045515, 0x0) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, 0x0) 14.258826859s ago: executing program 4: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r0, &(0x7f0000003480)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @private2}, 0x1c, &(0x7f0000000080)=[{&(0x7f00000001c0)="b8", 0x1}], 0x1}}], 0x1, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000140)=@assoc_value={0x0}, &(0x7f0000000500)=0x8) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000001380)={r2}, &(0x7f00000013c0)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000001400)={r3}, 0x8) 6.67446049s ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x13, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b4080000000000006b110900000000008510000002000000b7000000000000009500c200000000950000120000000000"], &(0x7f0000000180)='syzkaller\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90) close_range(r0, r0, 0x2) keyctl$unlink(0x9, 0x0, 0x0) r1 = timerfd_create(0x0, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x1f8, 0x220, 0x43, 0xa0, 0x0, 0x98, 0x3e8, 0x178, 0x178, 0x3e8, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x70, 0x90, 0xc, {0x0, 0x7a010000}}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x258) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c0000000000000e000a001400000002", 0x29}], 0x1}, 0x0) r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$SCSI_IOCTL_GET_PCI(r3, 0x5393, &(0x7f0000000000)) timerfd_settime(r1, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0) clock_adjtime(0x0, &(0x7f0000000040)={0xd51, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000200}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xa2) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, &(0x7f0000000100)={0x0, @aes256, 0x0, @desc1}) read$FUSE(0xffffffffffffffff, 0x0, 0x0) creat(&(0x7f0000000300)='./bus\x00', 0x0) io_setup(0x6, &(0x7f0000000240)) 6.041487279s ago: executing program 1: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x20081, 0x0) write$vga_arbiter(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB='target PCI:'], 0x13) 5.960799422s ago: executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') chdir(0x0) r4 = inotify_init1(0x0) fcntl$setown(r4, 0x8, 0xffffffffffffffff) fcntl$getownex(r4, 0x10, &(0x7f0000000380)={0x0, 0x0}) setpgid(0x0, r5) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, 0x0) 5.90276106s ago: executing program 1: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000000)=@v1={0x0, @adiantum, 0x0, @desc1}) r1 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f0000000140)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c99064bbd27b2aa77459cff33a3a98350f1af9d51ed5bef3d63520d260804d0"}, 0x48, 0xfffffffffffffffd) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r2}, 0x10) keyctl$setperm(0x5, r1, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) 4.781307285s ago: executing program 1: syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r3, &(0x7f0000000200)=@abs={0x1}, 0x6e) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff}) r5 = getpid() sendmmsg$unix(r4, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000000)=@abs={0x1}, 0x3, 0x0, 0x0, &(0x7f0000000400)=[@cred={{0x1c, 0x1, 0x2, {r5}}}, @rights={{0x14, 0x1, 0x1, [r4]}}], 0x38}}], 0x2, 0x0) fsopen(&(0x7f0000000000)='tmpfs\x00', 0x0) creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000005b00)) r6 = open(&(0x7f0000000000)='./bus\x00', 0x60342, 0x0) r7 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) ftruncate(r6, 0x2007ffd) sendfile(r6, r7, 0x0, 0x1000000201005) mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r8 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0) write$binfmt_script(r8, &(0x7f0000000080), 0x208e24b) 4.68438649s ago: executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000041, 0x0, 0x0, 0x0, &(0x7f0000000040)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000003880)=ANY=[@ANYBLOB='huge=always']) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.time\x00', 0x275a, 0x0) ftruncate(r0, 0xde34) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x9, 0x13, r0, 0x0) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000000)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r1 = socket$inet(0x2, 0x3, 0xff) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000200)={'vcan0\x00'}) 4.677111711s ago: executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c) r1 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000080)={{{@in6=@private0, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x3c}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @private}}}, 0xe8) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) 4.530393065s ago: executing program 0: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) preadv(r0, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) r1 = fsopen(&(0x7f00000000c0)='virtiofs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, 0x0, &(0x7f0000000140)='\x00', 0x0) getsockname$packet(r0, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000200)=0x14) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x0, &(0x7f0000000040), &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc9, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', r2}, 0x90) r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x3000)=nil, 0x3000}}) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r4) r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000080)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000200)={0x0, 0xffffff59, r6, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000600)={r7}) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x100000000) mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00007fe000/0x800000)=nil) migrate_pages(0x0, 0x0, &(0x7f00000002c0)=0x7f, &(0x7f0000000300)=0xa) 4.514398287s ago: executing program 3: sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wg2\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x7, 0xc, &(0x7f0000000340)=ANY=[@ANYRESDEC=r0, @ANYRESOCT=r1, @ANYRES8=r2, @ANYRES8=r3], 0x0, 0xfffbffff, 0x0, 0x0, 0x41100, 0x23, '\x00', r3, 0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90) mkdir(0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRESOCT=r3], &(0x7f0000000200)='GPL\x00', 0x1a, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='ext4_ext_rm_leaf\x00', r9}, 0x10) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='ext4_ext_rm_leaf\x00', r10}, 0x10) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) write$cgroup_int(r11, &(0x7f0000000100), 0x1001) ioctl$SIOCSIFHWADDR(r11, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}}) 3.422849147s ago: executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000600)=@mangle={'mangle\x00', 0x44, 0x6, 0x4e0, 0x98, 0x98, 0x350, 0x350, 0x98, 0x448, 0x448, 0x448, 0x448, 0x448, 0x6, 0x0, {[{{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x30}}}, {{@uncond, 0x0, 0xe8, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@osf={{0x50}, {'syz1\x00'}}]}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0xe8, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@osf={{0x50}, {'syz0\x00'}}]}, @TTL={0x28}}, {{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'nr0\x00'}, 0x0, 0x98, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x540) 3.368882535s ago: executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000001300)={&(0x7f00000008c0)=ANY=[@ANYBLOB="1c0000006a00010200000000000000000a0000a40000000004000b"], 0x1c}}, 0x0) 3.290973747s ago: executing program 0: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000000)=ANY=[@ANYBLOB='b ', @ANYRESDEC], 0x9) 3.261713262s ago: executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) r2 = socket$rds(0x15, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000140)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={&(0x7f0000000040)={0x2c, r1, 0x405, 0x0, 0x0, {{0x6c}, {@val={0x8, 0x3, r3}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x161c}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}]]}, 0x2c}}, 0x0) 3.105868516s ago: executing program 3: r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100)) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000001180)='./bus\x00') r1 = fanotify_init(0x200, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0) fanotify_mark(r1, 0x101, 0x4000086e, r2, 0x0) r3 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$FBIOGET_VSCREENINFO(r3, 0x4600, &(0x7f0000000000)) ioctl$FBIO_WAITFORVSYNC(r3, 0x4601, 0x20000000) r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1ffffa, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1}) ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000000)=0x1) ioctl$vim2m_VIDIOC_QBUF(r4, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "a730b801"}, 0x0, 0x1, {0x0}}) ioctl$vim2m_VIDIOC_QBUF(r4, 0xc058560f, &(0x7f00000001c0)=@mmap={0x2, 0x1, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "c157f2f8"}}) r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000240), 0x88602, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r5, 0x80045017, 0x0) r6 = syz_open_dev$sndpcmp(&(0x7f00000004c0), 0x0, 0xa2c65) write$snddsp(r6, &(0x7f0000000500)='\x00', 0x1) 2.50440658s ago: executing program 0: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000000)=@v1={0x0, @adiantum, 0x0, @desc1}) r1 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f0000000140)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c99064bbd27b2aa77459cff33a3a98350f1af9d51ed5bef3d63520d260804d0"}, 0x48, 0xfffffffffffffffd) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r2}, 0x10) keyctl$setperm(0x5, r1, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) 2.483431743s ago: executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') chdir(0x0) r4 = inotify_init1(0x0) fcntl$setown(r4, 0x8, 0xffffffffffffffff) fcntl$getownex(r4, 0x10, &(0x7f0000000380)={0x0, 0x0}) setpgid(0x0, r5) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, 0x0) 2.239184451s ago: executing program 1: syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file0\x00', 0xa00a14, &(0x7f0000000080)=ANY=[], 0x1, 0x322, &(0x7f0000000580)="$eJzs3M9LI2cYwPEnP4xJxEwOpaWF4kt7aXsYNO25EIpCaaCiplQLhVEnbcg0kUywpJRqT72W/ge97EE8ehN29x/wsrfdy1725mVhDyuL7CyZH5roJO6OZqPr9wMy78zzPOP7khieCc4c/vjvb7WKrVeMlsTTSmIiIkcieYlLIOZv4+44Jd225fOJZw8/Xlxe+a5YKs0uKDVXXPqyoJTKTd39/c+Mn7Y/Lgf5nw+fFp4cvH/w4eHLpV+rtqraqt5oKUOtNh63jFXLVOtVu6YrNW+Zhm2qat02m1684cUrVmNjo62M+vpkdqNp2rYy6m1VM9uq1VCtZlsZvxjVutJ1XU1mJUwq9OhtVd5ZWDCKEYvXrngyiOqF4zgDwk6saCREJHMuUt4Z6rwAAMC1dKb/T7gtfaT+X3Ju/99JPu3/dz+535r4YS/n9//7qbD+/6tH3rl6+v+0iFxp/58OWf35jujG23qT5Ev1/7geps5f08Z69prNopH1/35df/+0O+0O6P8BAAAAAAAAAAAAAAAAAAAAALgJjhxHcxxHC7b+zxenGd6xUc4Rw9Pn9dfG/Tumgv1RzxPDsbi8Imn3xr1kTsT6Z7O8Wfa2fjxInBZNjt33g68zDu48Uh15uWdt+fVbm+WEGylWpCqWmDIjmuTP1jvO3Lel2Rnl6a0fk2x3fUE0eS+8vhBan5LPPu2q10WTB2vSEEvWO+/rY+ek/q8Zpb75vnSmPuPmAQAAAADwLtDVidDrd13vF/fqT66ve78fEOm6Pp8OvT5Pah8lR7t2AAAAAABuC7v9R82wLLM5YJCRi3OiD5LRyscG5SS6VtgTku2+S075Twge3koHDIJ/pKilukJp+d8/HOXMwfqHM+e4RKmaEmfcm9VlfnvwtVG/HJkf9uuV7BP64L87z6OdOeY/tbc79PVe+oKVDm0w9lofHk7ikp8+AAAAAN6moOnP2O5ubNTzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAADgNhrwGLDkVT1ObNRrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK6LVwEAAP//mxn/6g==") r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x0) ftruncate(r0, 0x7fff) ftruncate(r0, 0x7ffa) unshare(0x400) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) syncfs(r1) 2.168972772s ago: executing program 0: socket$nl_generic(0x10, 0x3, 0x10) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) writev(r4, &(0x7f00000001c0)=[{&(0x7f0000000180)='0', 0x1}], 0x1) read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020}, 0xfffffdf4) r5 = socket$l2tp(0x2, 0x2, 0x73) getsockopt$ARPT_SO_GET_INFO(r5, 0x0, 0x18, 0x0, &(0x7f0000000080)) 1.275983341s ago: executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58) unshare(0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000000), 0x4) pipe(&(0x7f0000000400)={0xffffffffffffffff}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='io_uring_cqe_overflow\x00', r1}, 0x10) setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x65, &(0x7f0000000140)=0x401, 0x4) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) r3 = socket$inet(0x2, 0x6, 0x0) setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) connect$inet(r3, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10) write$cgroup_int(r2, &(0x7f0000000380), 0x1040c) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$sock_netrom_SIOCADDRT(r4, 0x890b, &(0x7f0000000000)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bpq0, 0x0, 'syz0\x00', @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, 0x0, [@null, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]}) 1.178255196s ago: executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r1, 0xfff) syz_emit_ethernet(0x4a, &(0x7f00000003c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) socket$inet6(0xa, 0x6, 0x0) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x8}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r3}, 0xc) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_COMPAT_GET(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x30, 0x0, 0xb, 0x3, 0x0, 0x0, {}, [@NFTA_COMPAT_TYPE={0x8}, @NFTA_COMPAT_NAME={0xb, 0x1, 'vxcan0\x00'}, @NFTA_COMPAT_REV={0x8}]}, 0x30}}, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000840)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}}, 0x0) 1.082278431s ago: executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() setrlimit(0x0, &(0x7f0000000240)={0x5}) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) ioperm(0x0, 0x7, 0x7) setpriority(0x1, 0x2, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000500)='./file0\x00', 0x19c) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='devtmpfs\x00', 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x20, &(0x7f0000000080)=ANY=[@ANYBLOB='nr_blocks=k']) bpf$MAP_CREATE(0x0, 0x0, 0x0) sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000c00)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x8, 0x6, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000005000000000700f4220f5a9997b6624c0e09bd9fc40018170000a048c46362d41370447dfe37556fde29b18b1f466da80404519d368f1c26d38401f2d1506acaee414faf215b65fffab396083540108aede3a919134bd0b2f5a7cebda7fc8bba75cd51daf6d3ec9c87fe9da268a2dee4f908b7b9a5686a49b1cf23e8c7c8100ae48786b239fcc587775892db4bd16863c9fb9dfd5e179bbe61033f5de4446960018116800384f7c6afe80f1defbb74f103223584ba500b7ccf2cfc6738", @ANYRES32, @ANYBLOB="0000000000000000850000004a0000009500"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0xac, &(0x7f0000000b40)=""/172, 0x40f00, 0x35, '\x00', 0x0, 0x13, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x47, 0x4}, 0x8, 0x10, &(0x7f0000000340)={0x4, 0xb, 0xfff, 0x3}, 0x10, 0xffffffffffffffff, r3, 0x0, 0x0, 0x0, 0x10, 0x20}, 0x90) bpf$MAP_UPDATE_BATCH(0x18, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0}, 0x38) unshare(0x64000600) 40.306264ms ago: executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x25, &(0x7f0000000000)={0x1}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) fcntl$lock(r0, 0x7, &(0x7f00000006c0)) fcntl$lock(r0, 0x25, &(0x7f0000000180)) 10.076498ms ago: executing program 2: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) preadv(r0, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) r1 = fsopen(&(0x7f00000000c0)='virtiofs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, 0x0, &(0x7f0000000140)='\x00', 0x0) getsockname$packet(r0, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000200)=0x14) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x0, &(0x7f0000000040), &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc9, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', r2}, 0x90) r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffb000/0x3000)=nil, 0x3000}}) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r4) r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000080)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000200)={0x0, 0xffffff59, r6, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000600)={r7}) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x100000000) mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00007fe000/0x800000)=nil) migrate_pages(0x0, 0x0, &(0x7f00000002c0)=0x7f, &(0x7f0000000300)=0xa) 0s ago: executing program 3: accept4$vsock_stream(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @dev, @void, {@ipv4={0x800, @icmp={{0x7, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @local}, @info_reply}}}}, 0x0) kernel console output (not intermixed with test programs): omes ready [ 586.772253][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 586.798721][T15455] device veth1_vlan entered promiscuous mode [ 586.870228][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 586.889726][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 586.910048][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 586.963982][ T4363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 586.976438][T15455] device veth0_macvtap entered promiscuous mode [ 587.016116][ T4364] Bluetooth: hci0: command 0x040f tx timeout [ 587.033945][T15455] device veth1_macvtap entered promiscuous mode [ 587.052350][ T5008] usb 2-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=f4.28 [ 587.061835][ T5008] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 587.070038][ T5008] usb 2-1: Product: syz [ 587.074752][ T5008] usb 2-1: Manufacturer: syz [ 587.079363][ T5008] usb 2-1: SerialNumber: syz [ 587.086213][ T5008] usb 2-1: config 0 descriptor?? [ 587.096705][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 587.111421][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 588.051358][T15455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 588.081596][ T5008] usb 2-1: Found UVC 0.00 device syz (8086:0b03) [ 588.088096][ T5008] usb 2-1: No valid video chain found. [ 588.120233][T15455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.140468][T15455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 588.161465][T15455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.181820][T15455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 588.191833][T15620] loop4: detected capacity change from 0 to 2048 [ 588.202592][T15455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.222802][T15455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 588.243831][T15455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.273879][T15455] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 588.292118][T15619] netlink: 'syz-executor.2': attribute type 13 has an invalid length. [ 588.305740][T15619] device veth0_macvtap left promiscuous mode [ 588.345664][T15621] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 588.346030][T15619] macvtap0: refused to change device tx_queue_len [ 588.406600][ T5008] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 588.425274][ T5008] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 588.471744][T15455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 588.498932][T15455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.518294][T15455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 588.535927][T15455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.557405][T15455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 588.577810][T15455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.598201][T15455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 588.618383][T15455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 588.653981][T15455] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 588.660809][T15612] loop0: detected capacity change from 0 to 32768 [ 588.691680][ T5008] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 588.711059][ T5008] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 588.719874][T15612] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (15612) [ 588.732355][T15455] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.751067][ T4364] usb 2-1: USB disconnect, device number 17 [ 588.755025][T15455] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.797848][T15455] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.819948][T15455] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.864276][T15612] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 588.892086][T15612] BTRFS info (device loop0): setting nodatacow, compression disabled [ 588.937173][T15612] BTRFS info (device loop0): turning on flush-on-commit [ 588.960490][T15612] BTRFS info (device loop0): enabling auto defrag [ 589.017211][T15612] BTRFS info (device loop0): max_inline at 0 [ 589.032830][T15612] BTRFS info (device loop0): use zlib compression, level 3 [ 589.043236][ T4364] Bluetooth: hci0: command 0x0419 tx timeout [ 589.051155][T15612] BTRFS info (device loop0): using free space tree [ 589.086866][T15635] loop1: detected capacity change from 0 to 1024 [ 589.093373][T15612] BTRFS info (device loop0): has skinny extents [ 589.097120][ T606] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 589.138965][ T606] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 589.216081][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 589.231636][T15635] xt_limit: Overflow, try lower: 0/0 [ 589.260170][T11460] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 589.279439][T15635] trusted_key: encrypted_key: insufficient parameters specified [ 589.311147][T11460] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 589.344420][T15649] input: syz1 as /devices/virtual/input/input36 [ 589.366239][ T5011] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 589.582293][T15612] BTRFS info (device loop0): enabling ssd optimizations [ 589.603973][T15665] netlink: 'syz-executor.4': attribute type 13 has an invalid length. [ 589.637877][T15665] device veth0_macvtap left promiscuous mode [ 589.773361][T15665] macvtap0: refused to change device tx_queue_len [ 589.888153][T15650] loop2: detected capacity change from 0 to 4096 [ 590.651139][T15650] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 591.279945][T15679] loop3: detected capacity change from 0 to 1024 [ 591.338371][T15668] loop4: detected capacity change from 0 to 32768 [ 591.385369][T15679] hfsplus: unable to parse mount options [ 591.395106][T15668] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (15668) [ 591.464716][T15668] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 591.504513][T15668] BTRFS info (device loop4): using free space tree [ 591.553020][T15668] BTRFS info (device loop4): has skinny extents [ 591.577904][T15692] loop1: detected capacity change from 0 to 1024 [ 591.623903][T15696] netlink: 'syz-executor.2': attribute type 13 has an invalid length. [ 591.640088][T15692] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 591.654173][T15696] macvtap0: refused to change device tx_queue_len [ 591.723506][T15692] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 591.735631][T15709] loop0: detected capacity change from 0 to 256 [ 591.755218][T15692] System zones: 0-1, 2-3, 4-36, 98-101, 102-102 [ 591.764588][T15692] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpid,norecovery,,errors=continue. Quota mode: writeback. [ 591.938904][T14351] EXT4-fs error (device loop1): __ext4_iget:4861: inode #15: block 1803188595: comm syz-executor.1: invalid block [ 592.776498][T14351] EXT4-fs error (device loop1): __ext4_iget:4861: inode #15: block 1803188595: comm syz-executor.1: invalid block [ 592.825703][T15668] BTRFS info (device loop4): enabling ssd optimizations [ 593.126905][T15668] fs-verity: sha512 using implementation "sha512-avx2" [ 593.176974][T11859] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 593.191607][T15668] BTRFS info (device loop4): setting compat-ro feature flag for VERITY (0x4) [ 593.202353][T15700] loop3: detected capacity change from 0 to 32768 [ 593.291219][T11859] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 593.368670][T15700] XFS (loop3): Mounting V5 Filesystem [ 593.374318][ T26] kauditd_printk_skb: 6 callbacks suppressed [ 593.374335][ T26] audit: type=1804 audit(1718427683.937:445): pid=15740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir4129552475/syzkaller.7GZQeM/154/file1" dev="sda1" ino=1935 res=1 errno=0 [ 593.445611][T11859] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 593.770821][T15749] netlink: 'syz-executor.0': attribute type 13 has an invalid length. [ 593.790959][T15749] device veth0_macvtap left promiscuous mode [ 593.809112][T15700] XFS (loop3): Ending clean mount [ 593.852711][T15749] macvtap0: refused to change device tx_queue_len [ 593.888110][T15729] loop2: detected capacity change from 0 to 32768 [ 593.907439][T11859] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 594.017118][T15700] XFS (loop3): Quotacheck needed: Please wait. [ 594.069131][T15756] loop0: detected capacity change from 0 to 1024 [ 594.115943][T15729] XFS (loop2): DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 594.126986][T15761] input: syz1 as /devices/virtual/input/input37 [ 594.134953][T15729] XFS (loop2): DAX unsupported by block device. Turning off DAX. [ 594.145395][T15729] XFS (loop2): Mounting V5 Filesystem [ 594.200927][T15756] xt_limit: Overflow, try lower: 0/0 [ 594.211203][T15700] XFS (loop3): Quotacheck: Done. [ 594.256259][T15756] trusted_key: encrypted_key: insufficient parameters specified [ 594.271972][ T26] audit: type=1800 audit(1718427684.837:446): pid=15700 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=9291 res=0 errno=0 [ 594.358839][T15751] chnl_net:caif_netlink_parms(): no params data found [ 594.456538][T15729] XFS (loop2): Ending clean mount [ 594.506222][T15775] loop0: detected capacity change from 0 to 512 [ 594.527634][T15455] XFS (loop3): Unmounting Filesystem [ 594.552061][T15249] XFS (loop2): Unmounting Filesystem [ 594.570515][T15775] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 594.654203][ T26] audit: type=1804 audit(1718427685.227:447): pid=15774 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1165769428/syzkaller.yi7r0v/216/file1" dev="sda1" ino=1950 res=1 errno=0 [ 594.733475][T15775] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:163: inode #12: comm syz-executor.0: inline data xattr refers to an external xattr inode [ 594.753138][T15775] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz-executor.0: couldn't read orphan inode 12 (err -117) [ 594.805171][T15775] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,mblk_io_submit,grpjquota=,resuid=0x0000000000000000,prjquota,usrjquota=,usrjquota=,min_batch_time=0x000000000100409e,max_dir_size_kb=0x0000000000000002,,errors=continue. Quota mode: writeback. [ 594.886488][T15751] bridge0: port 1(bridge_slave_0) entered blocking state [ 594.928791][T15751] bridge0: port 1(bridge_slave_0) entered disabled state [ 594.947139][T15751] device bridge_slave_0 entered promiscuous mode [ 594.987015][T15751] bridge0: port 2(bridge_slave_1) entered blocking state [ 595.014499][T15751] bridge0: port 2(bridge_slave_1) entered disabled state [ 595.046498][T15751] device bridge_slave_1 entered promiscuous mode [ 595.168840][T15751] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 595.240225][T15751] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 595.430841][T15784] loop2: detected capacity change from 0 to 4096 [ 595.456782][T15751] team0: Port device team_slave_0 added [ 595.502843][T15784] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 595.521755][T15751] team0: Port device team_slave_1 added [ 595.607738][T15784] ntfs: (device loop2): parse_options(): NLS character set cp9251 not found. Using previous one macturkish. [ 595.732991][T11859] device hsr_slave_0 left promiscuous mode [ 595.741204][T11859] device hsr_slave_1 left promiscuous mode [ 595.753027][ T5004] Bluetooth: hci2: command 0x0409 tx timeout [ 595.802945][T11859] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 595.810586][T11859] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 595.830208][T15784] ntfs: volume version 3.1. [ 595.864071][T11859] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 595.878271][T11859] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 595.899512][T11859] device bridge_slave_1 left promiscuous mode [ 595.910406][T11859] bridge0: port 2(bridge_slave_1) entered disabled state [ 595.970263][T11859] device bridge_slave_0 left promiscuous mode [ 595.981963][T11859] bridge0: port 1(bridge_slave_0) entered disabled state [ 596.082193][T11859] device veth1_macvtap left promiscuous mode [ 596.090488][T11859] device veth0_macvtap left promiscuous mode [ 596.119175][T11859] device veth1_vlan left promiscuous mode [ 596.174242][T11859] device veth0_vlan left promiscuous mode [ 596.227088][T15795] input: syz1 as /devices/virtual/input/input38 [ 596.499238][T15789] loop0: detected capacity change from 0 to 32768 [ 596.557472][T15789] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (15789) [ 596.625955][T15789] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 596.665780][T15789] BTRFS info (device loop0): using free space tree [ 596.676231][T15789] BTRFS info (device loop0): has skinny extents [ 596.838399][T15789] BTRFS info (device loop0): enabling ssd optimizations [ 596.885607][T15789] BTRFS info (device loop0): setting compat-ro feature flag for VERITY (0x4) [ 596.980904][T11859] team0 (unregistering): Port device team_slave_1 removed [ 597.279371][T11859] team0 (unregistering): Port device team_slave_0 removed [ 597.302462][T11859] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 597.327770][T11859] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 597.473100][T11859] bond0 (unregistering): Released all slaves [ 597.533438][T15751] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 597.542956][T15751] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 597.578876][T15751] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 597.615724][T15751] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 597.642862][T15751] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 597.725055][ T26] audit: type=1326 audit(1718427688.297:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15827 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 597.732864][T15751] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 597.768493][T15826] loop0: detected capacity change from 0 to 32768 [ 597.807940][ T26] audit: type=1326 audit(1718427688.327:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15827 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 597.810386][T15835] loop3: detected capacity change from 0 to 2048 [ 597.832961][ T7760] Bluetooth: hci2: command 0x041b tx timeout [ 597.984663][ T26] audit: type=1326 audit(1718427688.327:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15827 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 598.008163][ T26] audit: type=1326 audit(1718427688.337:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15827 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 598.928776][T15835] Alternate GPT is invalid, using primary GPT. [ 598.935454][T15751] device hsr_slave_0 entered promiscuous mode [ 598.942388][ T26] audit: type=1326 audit(1718427688.337:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15827 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 598.968041][T15751] device hsr_slave_1 entered promiscuous mode [ 598.976268][T15826] XFS (loop0): DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 598.986444][T15751] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 598.991432][T15835] loop3: p1 p2 p3 [ 599.001648][T15826] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 599.022933][T15751] Cannot create hsr debugfs directory [ 599.028925][ T26] audit: type=1326 audit(1718427688.337:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15827 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 599.029143][T15847] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 599.061102][ T26] audit: type=1326 audit(1718427688.337:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15827 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 599.093392][ T26] audit: type=1326 audit(1718427688.337:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15827 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 599.101063][T15826] XFS (loop0): Mounting V5 Filesystem [ 599.118171][ T26] audit: type=1326 audit(1718427688.337:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15827 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 599.155067][ T26] audit: type=1326 audit(1718427688.337:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15827 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 599.228086][T15826] XFS (loop0): Ending clean mount [ 599.249308][ T26] audit: type=1326 audit(1718427688.337:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15827 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 599.273536][T13246] XFS (loop0): Unmounting Filesystem [ 599.286922][ T26] audit: type=1326 audit(1718427688.337:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15827 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc8a7ccdaa0 code=0x7ffc0000 [ 599.316291][ T26] audit: type=1326 audit(1718427688.337:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15827 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 599.347843][ T26] audit: type=1326 audit(1718427688.337:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15827 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 599.785129][T15868] loop4: detected capacity change from 0 to 32768 [ 599.828626][T15868] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (15868) [ 599.873926][T15751] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 599.881440][T15868] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 599.890348][T15868] BTRFS info (device loop4): enabling auto defrag [ 599.897037][T15868] BTRFS info (device loop4): doing ref verification [ 599.901076][T15751] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 599.903699][T15868] BTRFS info (device loop4): max_inline at 0 [ 599.903741][T15868] BTRFS info (device loop4): max_inline at 3398 [ 599.903763][T15868] BTRFS info (device loop4): turning on sync discard [ 599.903788][T15868] BTRFS info (device loop4): turning off barriers [ 599.903810][T15868] BTRFS info (device loop4): using free space tree [ 599.903825][T15868] BTRFS info (device loop4): has skinny extents [ 599.964369][T15751] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 599.978198][T15751] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 599.987831][T15885] loop0: detected capacity change from 0 to 64 [ 600.003342][ T7760] Bluetooth: hci2: command 0x040f tx timeout [ 600.215005][T15896] (unnamed net_device) (uninitialized): option lacp_rate: invalid value (8) [ 600.285415][T15751] 8021q: adding VLAN 0 to HW filter on device bond0 [ 600.397136][T15751] 8021q: adding VLAN 0 to HW filter on device team0 [ 600.399678][T15901] loop3: detected capacity change from 0 to 512 [ 600.508537][T15905] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 600.557041][T15901] EXT4-fs (loop3): corrupt root inode, run e2fsck [ 600.563839][T15901] EXT4-fs (loop3): mount failed [ 600.570373][T15905] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 600.576361][T15751] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 600.634371][T15751] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 600.734638][T15901] loop3: detected capacity change from 0 to 1024 [ 600.844767][T11267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 600.851128][T15901] EXT4-fs (loop3): Ignoring removed nobh option [ 600.853107][T11267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 600.866430][T11267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 600.868212][T15901] EXT4-fs (loop3): quotafile must be on filesystem root [ 600.881699][T11267] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 600.890444][T11267] bridge0: port 1(bridge_slave_0) entered blocking state [ 600.897610][T11267] bridge0: port 1(bridge_slave_0) entered forwarding state [ 600.920283][T11267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 600.922170][T15923] loop4: detected capacity change from 0 to 47 [ 600.934782][T11267] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 600.935377][T11267] bridge0: port 2(bridge_slave_1) entered blocking state [ 600.949939][T11267] bridge0: port 2(bridge_slave_1) entered forwarding state [ 600.958253][T11267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 600.967206][T11267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 600.976512][T11267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 600.987507][T11267] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 600.996240][T11267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 601.005069][T11267] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 601.036447][T11267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 601.052222][T11267] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 601.061023][T11267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 601.069447][T11267] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 601.091336][T15751] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 601.147999][ T5012] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 601.148868][ T3601] attempt to access beyond end of device [ 601.148868][ T3601] loop4: rw=1, want=3086, limit=47 [ 601.159902][ T5012] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 601.188029][ T5012] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 601.196310][ T3601] Buffer I/O error on dev loop4, logical block 1542, lost async page write [ 601.221112][ T5012] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 601.235398][ T5012] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 601.248290][T15901] loop3: detected capacity change from 0 to 1024 [ 601.283849][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 601.305653][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 601.380369][T15751] device veth0_vlan entered promiscuous mode [ 601.399589][T15901] EXT4-fs (sda1): re-mounted. Opts: min_batch_time=0x0000000000010000,bsdgroups,resuid=0x0000000000000000,quota,minixdf,errors=remount-ro,journal_ioprio=0x0000000000000001,data_err=abort,. Quota mode: writeback. [ 601.466465][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 601.485761][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 601.495253][T15751] device veth1_vlan entered promiscuous mode [ 601.539480][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 601.548107][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 601.580448][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 601.589574][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 601.642525][T15751] device veth0_macvtap entered promiscuous mode [ 601.671704][T15939] loop4: detected capacity change from 0 to 512 [ 601.676744][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 601.687644][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 601.709802][T15751] device veth1_macvtap entered promiscuous mode [ 601.717802][T15939] EXT4-fs (loop4): error: journal path ./file1 is not a block device [ 601.725989][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 601.726661][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 601.770563][T15751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 601.802358][T15751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 601.819021][T15751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 601.839280][T15751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 601.859599][T15751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 601.891337][T15751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 601.911474][T15751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 601.932293][T15751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 601.961482][T15751] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 601.981303][ T3616] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 602.003136][ T3616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 602.014186][T15751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 602.045503][T15751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 602.081348][ T5007] Bluetooth: hci2: command 0x0419 tx timeout [ 602.091659][T15751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 602.112618][T15751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 602.120486][T15939] loop4: detected capacity change from 0 to 1024 [ 602.149410][T15751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 602.180957][T15751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 602.212843][T15751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 602.232876][T15751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 602.255962][T15751] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 602.271988][T15936] loop2: detected capacity change from 0 to 32768 [ 602.281942][T15751] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 602.308752][T15751] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 602.321750][T15751] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 602.332422][T15751] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 602.353167][ T3616] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 602.361938][ T3616] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 602.420472][T15939] EXT4-fs (loop4): mounted filesystem without journal. Opts: discard,bsdgroups,resuid=0x0000000000000000,noblock_validity,minixdf,errors=remount-ro,journal_ioprio=0x0000000000000006,data_err=abort,. Quota mode: writeback. [ 602.461140][T15939] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2739: inode #2: comm syz-executor.4: corrupted in-inode xattr [ 602.484856][T15939] EXT4-fs (loop4): Remounting filesystem read-only [ 602.494566][T15939] EXT4-fs error (device loop4): ext4_xattr_ibody_list:748: inode #2: comm syz-executor.4: corrupted in-inode xattr [ 602.501254][T15936] XFS (loop2): Mounting V5 Filesystem [ 602.575684][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 602.608682][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 602.627666][T15943] loop0: detected capacity change from 0 to 32768 [ 602.649950][T15936] XFS (loop2): Ending clean mount [ 602.657273][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 602.679774][T15936] XFS (loop2): Quotacheck needed: Please wait. [ 602.694173][ T606] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 602.713800][T15943] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (15943) [ 602.761693][ T606] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 602.784693][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 602.791982][T15943] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 602.792042][T15943] BTRFS info (device loop0): using free space tree [ 602.792060][T15943] BTRFS info (device loop0): has skinny extents [ 602.904189][T15936] XFS (loop2): Quotacheck: Done. [ 602.955336][T15968] loop1: detected capacity change from 0 to 512 [ 603.022697][T15968] EXT4-fs (loop1): Ignoring removed orlov option [ 603.035069][T15983] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 603.061462][T15943] BTRFS info (device loop0): enabling ssd optimizations [ 603.081698][T15983] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.4'. [ 603.163522][T15968] EXT4-fs (loop1): Test dummy encryption mode enabled [ 603.170598][T15968] EXT4-fs (loop1): Test dummy encryption mode enabled [ 603.214045][T15943] BTRFS info (device loop0): setting compat-ro feature flag for VERITY (0x4) [ 603.244051][T15249] XFS (loop2): Unmounting Filesystem [ 603.249638][T15968] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal [ 603.351737][T15988] loop4: detected capacity change from 0 to 2048 [ 603.474397][T15968] netlink: 232 bytes leftover after parsing attributes in process `syz-executor.1'. [ 603.538515][T15988] EXT4-fs error (device loop4): ext4_orphan_get:1423: comm syz-executor.4: bad orphan inode 8192 [ 603.553745][T15988] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 604.386480][T15980] loop3: detected capacity change from 0 to 40427 [ 604.513105][T15980] F2FS-fs (loop3): Invalid log blocks per segment (5) [ 604.535134][T15980] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 604.701764][T15980] F2FS-fs (loop3): Found nat_bits in checkpoint [ 604.899641][T15980] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 604.950215][T15980] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 605.020106][T16017] loop4: detected capacity change from 0 to 512 [ 605.101733][T15455] attempt to access beyond end of device [ 605.101733][T15455] loop3: rw=2049, want=45104, limit=40427 [ 605.147874][T16017] EXT4-fs (loop4): corrupt root inode, run e2fsck [ 605.168996][T16017] EXT4-fs (loop4): mount failed [ 605.229182][T16027] loop2: detected capacity change from 0 to 1024 [ 605.285732][T16033] ieee802154 phy0 wpan0: encryption failed: -22 [ 605.400544][T16017] loop4: detected capacity change from 0 to 1024 [ 605.453202][ T144] hfsplus: b-tree write err: -5, ino 4 [ 605.479626][T16017] EXT4-fs (loop4): Ignoring removed nobh option [ 605.493189][T16017] EXT4-fs (loop4): quotafile must be on filesystem root [ 605.507001][T16044] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 606.810682][T16058] loop4: detected capacity change from 0 to 1024 [ 606.887758][T16070] ieee802154 phy0 wpan0: encryption failed: -22 [ 606.918118][T16058] EXT4-fs (sda1): re-mounted. Opts: min_batch_time=0x0000000000010000,bsdgroups,resuid=0x0000000000000000,quota,minixdf,errors=remount-ro,journal_ioprio=0x0000000000000001,data_err=abort,. Quota mode: writeback. [ 607.153417][T16078] loop0: detected capacity change from 0 to 32768 [ 607.197909][T16078] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (16078) [ 607.258897][T16078] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 607.267787][T16078] BTRFS info (device loop0): enabling auto defrag [ 607.274527][T16078] BTRFS info (device loop0): doing ref verification [ 607.281986][T16078] BTRFS info (device loop0): max_inline at 0 [ 607.289134][T16078] BTRFS info (device loop0): max_inline at 3398 [ 607.295982][T16078] BTRFS info (device loop0): turning on sync discard [ 607.302805][T16078] BTRFS info (device loop0): turning off barriers [ 607.309246][T16078] BTRFS info (device loop0): using free space tree [ 607.315268][ T26] kauditd_printk_skb: 32 callbacks suppressed [ 607.315285][ T26] audit: type=1800 audit(1718427697.877:494): pid=16085 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1946 res=0 errno=0 [ 607.315859][T16078] BTRFS info (device loop0): has skinny extents [ 607.359416][ T26] audit: type=1804 audit(1718427697.927:495): pid=16077 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2829493520/syzkaller.fN7jQY/46/cgroup.controllers" dev="sda1" ino=1940 res=1 errno=0 [ 607.429237][T16093] loop1: detected capacity change from 0 to 1764 [ 607.747988][ T26] audit: type=1800 audit(1718427698.317:496): pid=16078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=263 res=0 errno=0 [ 608.685113][T16122] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 608.841505][ T26] audit: type=1804 audit(1718427699.407:497): pid=16128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1165769428/syzkaller.yi7r0v/240/file0" dev="sda1" ino=1960 res=1 errno=0 [ 608.895264][T16132] loop2: detected capacity change from 0 to 512 [ 608.993088][ T26] audit: type=1800 audit(1718427699.567:498): pid=16137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1964 res=0 errno=0 [ 609.085885][T16132] EXT4-fs (loop2): corrupt root inode, run e2fsck [ 609.092592][T16132] EXT4-fs (loop2): mount failed [ 609.331383][T16147] loop4: detected capacity change from 0 to 32768 [ 609.376412][ T26] audit: type=1804 audit(1718427699.947:499): pid=16148 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3050859750/syzkaller.cEuXku/17/cgroup.controllers" dev="sda1" ino=1964 res=1 errno=0 [ 609.406927][T16147] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (16147) [ 609.458890][T16147] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 609.467702][T16147] BTRFS info (device loop4): enabling auto defrag [ 609.474147][T16147] BTRFS info (device loop4): doing ref verification [ 609.480774][T16147] BTRFS info (device loop4): max_inline at 0 [ 609.486816][T16147] BTRFS info (device loop4): max_inline at 3398 [ 609.493100][T16147] BTRFS info (device loop4): turning on sync discard [ 609.499818][T16147] BTRFS info (device loop4): turning off barriers [ 609.506292][T16147] BTRFS info (device loop4): using free space tree [ 609.512825][T16147] BTRFS info (device loop4): has skinny extents [ 609.551000][T16153] loop0: detected capacity change from 0 to 2048 [ 609.623664][T16132] loop2: detected capacity change from 0 to 1024 [ 609.645127][T16153] EXT4-fs error (device loop0): ext4_orphan_get:1423: comm syz-executor.0: bad orphan inode 8192 [ 609.657614][T16153] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 609.687367][T16132] EXT4-fs (loop2): Ignoring removed nobh option [ 609.820729][T16132] EXT4-fs (loop2): quotafile must be on filesystem root [ 610.854851][ T26] audit: type=1800 audit(1718427701.427:500): pid=16147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=263 res=0 errno=0 [ 610.883141][ T7] Bluetooth: hci4: command 0x0406 tx timeout [ 610.897275][T16178] loop1: detected capacity change from 0 to 1764 [ 611.159795][T16183] loop2: detected capacity change from 0 to 1024 [ 611.189868][T16190] loop3: detected capacity change from 0 to 1764 [ 611.262247][T16183] EXT4-fs (sda1): re-mounted. Opts: min_batch_time=0x0000000000010000,bsdgroups,resuid=0x0000000000000000,quota,minixdf,errors=remount-ro,journal_ioprio=0x0000000000000001,data_err=abort,. Quota mode: writeback. [ 611.370595][T16192] loop0: detected capacity change from 0 to 512 [ 611.380010][T16190] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 611.524327][T16192] EXT4-fs (loop0): error: journal path ./file1 is not a block device [ 611.753146][T16199] loop1: detected capacity change from 0 to 256 [ 611.774048][T16192] loop0: detected capacity change from 0 to 1024 [ 611.867626][T16192] EXT4-fs (loop0): mounted filesystem without journal. Opts: discard,bsdgroups,resuid=0x0000000000000000,noblock_validity,minixdf,errors=remount-ro,journal_ioprio=0x0000000000000006,data_err=abort,. Quota mode: writeback. [ 611.937485][ T26] audit: type=1326 audit(1718427702.507:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16198 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe3f6daaea9 code=0x0 [ 612.007527][ T26] audit: type=1804 audit(1718427702.577:502): pid=16209 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3621682727/syzkaller.VN6915/30/cgroup.controllers" dev="sda1" ino=1966 res=1 errno=0 [ 612.088505][T16192] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2739: inode #2: comm syz-executor.0: corrupted in-inode xattr [ 612.095152][T16214] loop1: detected capacity change from 0 to 2048 [ 612.147324][T16192] EXT4-fs (loop0): Remounting filesystem read-only [ 612.164988][T16214] EXT4-fs error (device loop1): ext4_orphan_get:1423: comm syz-executor.1: bad orphan inode 8192 [ 612.176275][T16214] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 612.188828][T16216] EXT4-fs error (device loop0): ext4_xattr_ibody_list:748: inode #2: comm syz-executor.0: corrupted in-inode xattr [ 612.211735][ T26] audit: type=1326 audit(1718427702.777:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16191 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4e6f022ea9 code=0x0 [ 613.563246][T16225] loop0: detected capacity change from 0 to 512 [ 613.596435][T16230] loop4: detected capacity change from 0 to 16 [ 613.626684][T16225] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:163: inode #12: comm syz-executor.0: inline data xattr refers to an external xattr inode [ 613.659028][T16230] erofs: (device loop4): mounted with root inode @ nid 36. [ 613.679753][T16230] attempt to access beyond end of device [ 613.679753][T16230] loop4: rw=0, want=40, limit=16 [ 613.681531][T16225] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz-executor.0: couldn't read orphan inode 12 (err -117) [ 613.709903][T16230] attempt to access beyond end of device [ 613.709903][T16230] loop4: rw=0, want=40, limit=16 [ 613.723282][T16225] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,delalloc,barrier=0x0000000000000004,resuid=0x0000000000000000,sysvgroups,usrjquota=,usrjquota=,min_batch_time=0x000000000000409e,nodiscard,,errors=continue. Quota mode: none. [ 613.817564][T16236] loop3: detected capacity change from 0 to 1764 [ 613.841211][T16239] loop4: detected capacity change from 0 to 512 [ 613.969270][T16239] EXT4-fs (loop4): corrupt root inode, run e2fsck [ 613.975814][T16239] EXT4-fs (loop4): mount failed [ 614.010712][T16236] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 614.029956][T16244] loop0: detected capacity change from 0 to 1764 [ 614.117752][T16239] loop4: detected capacity change from 0 to 1024 [ 614.202548][T16239] EXT4-fs (loop4): Ignoring removed nobh option [ 614.235074][T16239] EXT4-fs (loop4): quotafile must be on filesystem root [ 614.469743][T16250] loop3: detected capacity change from 0 to 4096 [ 614.548641][T16250] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 614.576535][T16251] loop4: detected capacity change from 0 to 1024 [ 614.621714][T16255] loop2: detected capacity change from 0 to 2048 [ 614.650919][T16251] EXT4-fs (sda1): re-mounted. Opts: min_batch_time=0x0000000000010000,bsdgroups,resuid=0x0000000000000000,quota,minixdf,errors=remount-ro,journal_ioprio=0x0000000000000001,data_err=abort,. Quota mode: writeback. [ 614.727289][T16255] EXT4-fs error (device loop2): ext4_orphan_get:1423: comm syz-executor.2: bad orphan inode 8192 [ 614.748838][T16255] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 614.962874][T16250] ntfs3: loop3: failed to convert "c46c" to maccroatian [ 616.043148][T16261] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 616.077560][T16267] loop1: detected capacity change from 0 to 256 [ 616.095325][T16261] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 616.103534][ T3574] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 616.118057][T16261] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 616.292939][ T3574] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 616.348222][T16275] loop3: detected capacity change from 0 to 16 [ 616.420628][T16275] erofs: (device loop3): mounted with root inode @ nid 36. [ 616.455298][T16275] attempt to access beyond end of device [ 616.455298][T16275] loop3: rw=0, want=40, limit=16 [ 616.477726][T16275] attempt to access beyond end of device [ 616.477726][T16275] loop3: rw=0, want=40, limit=16 [ 616.644721][T16272] netlink: 'syz-executor.2': attribute type 27 has an invalid length. [ 617.185429][T16285] loop3: detected capacity change from 0 to 2048 [ 617.290971][T16285] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 617.326273][ T26] audit: type=1800 audit(1718427707.897:504): pid=16285 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 617.420887][ T26] audit: type=1800 audit(1718427707.927:505): pid=16285 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 617.506451][T16272] bridge0: port 2(bridge_slave_1) entered disabled state [ 617.513961][T16272] bridge0: port 1(bridge_slave_0) entered disabled state [ 618.383663][T16272] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 618.402851][ T4365] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 618.451846][T16272] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 618.642870][ T4365] usb 4-1: Using ep0 maxpacket: 8 [ 618.763023][ T4365] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 618.777219][ T4365] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 618.786547][ T4365] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 618.798125][ T4365] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 618.809652][ T4365] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 618.819010][ T4365] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 618.903843][ T4365] hub 4-1:1.0: bad descriptor, ignoring hub [ 618.909809][ T4365] hub: probe of 4-1:1.0 failed with error -5 [ 618.926261][ T4365] cdc_wdm 4-1:1.0: skipping garbage [ 618.937989][ T4365] cdc_wdm 4-1:1.0: skipping garbage [ 618.951356][ T4365] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 618.960212][ T4365] cdc_wdm 4-1:1.0: Unknown control protocol [ 619.032907][ C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 619.056481][T16299] loop0: detected capacity change from 0 to 1024 [ 619.112103][T16272] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 619.121702][T16272] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 619.131013][T16272] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 619.140410][T16272] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 619.280185][ T144] hfsplus: b-tree write err: -5, ino 4 [ 619.333166][ T4361] usb 4-1: USB disconnect, device number 16 [ 620.517478][T16310] loop4: detected capacity change from 0 to 512 [ 620.538049][T16308] loop2: detected capacity change from 0 to 8 [ 620.587040][T16310] EXT4-fs (loop4): corrupt root inode, run e2fsck [ 620.606094][T16310] EXT4-fs (loop4): mount failed [ 620.611912][T16308] SQUASHFS error: zlib decompression failed, data probably corrupt [ 620.621170][T16308] SQUASHFS error: Failed to read block 0x9b: -5 [ 620.627527][T16308] SQUASHFS error: Unable to read metadata cache entry [99] [ 620.635285][T16308] SQUASHFS error: Unable to read inode 0x127 [ 620.698485][T16324] overlayfs: missing 'lowerdir' [ 620.932590][T16310] loop4: detected capacity change from 0 to 1024 [ 620.939251][T16333] loop2: detected capacity change from 0 to 16 [ 620.953818][T16334] netlink: 'syz-executor.0': attribute type 27 has an invalid length. [ 620.989452][T16333] erofs: (device loop2): mounted with root inode @ nid 36. [ 621.014140][T16333] attempt to access beyond end of device [ 621.014140][T16333] loop2: rw=0, want=40, limit=16 [ 621.059337][T16310] EXT4-fs (loop4): Ignoring removed nobh option [ 621.067556][T16310] EXT4-fs (loop4): quotafile must be on filesystem root [ 621.084928][T16338] attempt to access beyond end of device [ 621.084928][T16338] loop2: rw=0, want=40, limit=16 [ 621.299274][ T7] Bluetooth: hci3: command 0x0406 tx timeout [ 621.576414][T16343] loop1: detected capacity change from 0 to 2048 [ 622.083565][T16343] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 622.094852][T16343] ext4 filesystem being mounted at /root/syzkaller-testdir3050859750/syzkaller.cEuXku/30/bus supports timestamps until 2038 (0x7fffffff) [ 622.128116][T16350] loop2: detected capacity change from 0 to 256 [ 622.296671][T16350] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 622.342372][T16350] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 622.418000][T16310] loop4: detected capacity change from 0 to 1024 [ 622.477389][T16310] EXT4-fs (sda1): re-mounted. Opts: min_batch_time=0x0000000000010000,bsdgroups,resuid=0x0000000000000000,quota,minixdf,errors=remount-ro,journal_ioprio=0x0000000000000001,data_err=abort,. Quota mode: writeback. [ 622.722096][T16361] overlayfs: missing 'lowerdir' [ 622.910292][T16365] loop1: detected capacity change from 0 to 2048 [ 623.031268][T16365] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 623.090339][ T26] audit: type=1800 audit(1718427713.657:506): pid=16365 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 623.162915][ T26] audit: type=1800 audit(1718427713.657:507): pid=16365 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 623.897634][T16375] loop1: detected capacity change from 0 to 32768 [ 623.953411][T16334] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 623.971964][T16375] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (16375) [ 624.021381][T16334] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 624.055771][T16375] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 624.083963][T16375] BTRFS info (device loop1): setting nodatacow, compression disabled [ 624.092942][T16375] BTRFS info (device loop1): turning on flush-on-commit [ 624.099931][T16375] BTRFS info (device loop1): enabling auto defrag [ 624.113201][T16375] BTRFS info (device loop1): max_inline at 0 [ 624.119316][T16375] BTRFS info (device loop1): using free space tree [ 624.126230][T16375] BTRFS info (device loop1): has skinny extents [ 624.165434][ T1376] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.171825][ T1376] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.209578][T16375] BTRFS info (device loop1): enabling ssd optimizations [ 624.361061][ T26] audit: type=1804 audit(1718427714.927:508): pid=16375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3050859750/syzkaller.cEuXku/38/file1/bus" dev="loop1" ino=263 res=1 errno=0 [ 625.971755][T16334] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 625.987440][T16334] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 625.998044][T16334] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.012956][T16334] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.413443][T16429] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 626.487394][ T5008] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 626.732389][T16420] loop2: detected capacity change from 0 to 32768 [ 626.762885][ T5008] usb 2-1: Using ep0 maxpacket: 8 [ 626.834710][T16420] XFS (loop2): Mounting V5 Filesystem [ 626.932961][ T5008] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 626.942068][ T5008] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 626.961015][ T5008] usb 2-1: config 0 descriptor?? [ 626.972051][T16420] XFS (loop2): Ending clean mount [ 627.449643][T16450] loop4: detected capacity change from 0 to 256 [ 627.814791][T16447] loop0: detected capacity change from 0 to 32768 [ 627.879840][T16447] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (16447) [ 627.945909][T16447] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 627.980082][T16447] BTRFS info (device loop0): setting nodatacow, compression disabled [ 627.996849][T16447] BTRFS info (device loop0): turning on flush-on-commit [ 628.011580][T16447] BTRFS info (device loop0): enabling auto defrag [ 628.028884][T16447] BTRFS info (device loop0): max_inline at 0 [ 628.052186][T16447] BTRFS info (device loop0): using free space tree [ 628.082465][T16447] BTRFS info (device loop0): has skinny extents [ 628.175474][T16447] BTRFS info (device loop0): enabling ssd optimizations [ 628.252668][ T26] audit: type=1804 audit(1718427718.817:509): pid=16447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir4129552475/syzkaller.7GZQeM/199/file1/bus" dev="loop0" ino=263 res=1 errno=0 [ 628.386414][T16472] loop3: detected capacity change from 0 to 64 [ 628.440403][T16472] Trying to free block not in datazone [ 628.522904][ T5008] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 628.541607][ T5008] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9 [ 628.563199][ T5008] asix: probe of 2-1:0.0 failed with error -71 [ 628.591410][ T5008] usb 2-1: USB disconnect, device number 18 [ 628.948335][T16474] loop0: detected capacity change from 0 to 512 [ 629.521157][T16474] EXT4-fs (loop0): corrupt root inode, run e2fsck [ 629.568877][T16474] EXT4-fs (loop0): mount failed [ 630.090028][T15249] XFS (loop2): Unmounting Filesystem [ 630.162445][T16474] loop0: detected capacity change from 0 to 1024 [ 630.295170][ T6097] libceph: connect (1)[c::]:6789 error -101 [ 630.313829][T16474] EXT4-fs (loop0): Ignoring removed nobh option [ 630.368659][T16474] EXT4-fs (loop0): quotafile must be on filesystem root [ 630.471347][ T6097] libceph: mon0 (1)[c::]:6789 connect error [ 630.783273][ T6097] libceph: connect (1)[c::]:6789 error -101 [ 630.796380][ T6097] libceph: mon0 (1)[c::]:6789 connect error [ 630.834237][T16496] loop0: detected capacity change from 0 to 1024 [ 630.902927][T16496] EXT4-fs (sda1): re-mounted. Opts: min_batch_time=0x0000000000010000,bsdgroups,resuid=0x0000000000000000,quota,minixdf,errors=remount-ro,journal_ioprio=0x0000000000000001,data_err=abort,. Quota mode: writeback. [ 631.025363][T16503] loop2: detected capacity change from 0 to 164 [ 631.084969][T16503] isofs_fill_super: bread failed, dev=loop2, iso_blknum=80, block=160 [ 631.099004][T16487] ceph: No mds server is up or the cluster is laggy [ 631.299963][T16505] loop0: detected capacity change from 0 to 8 [ 631.405826][T16505] SQUASHFS error: zlib decompression failed, data probably corrupt [ 631.420101][T16505] SQUASHFS error: Failed to read block 0x9b: -5 [ 631.437379][T16505] SQUASHFS error: Unable to read metadata cache entry [99] [ 631.447228][T16524] loop2: detected capacity change from 0 to 64 [ 631.462978][T16505] SQUASHFS error: Unable to read inode 0x127 [ 631.723257][ T4365] libceph: connect (1)[c::]:6789 error -22 [ 631.729444][ T4365] libceph: mon0 (1)[c::]:6789 connect error [ 631.764024][T16535] MPI: mpi too large (187712 bits) [ 631.783902][ T26] audit: type=1804 audit(1718427722.347:510): pid=16537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3050859750/syzkaller.cEuXku/46/file0/bus/bus" dev="overlay" ino=10 res=1 errno=0 [ 632.052619][T16549] loop2: detected capacity change from 0 to 512 [ 632.063783][ T4365] libceph: connect (1)[c::]:6789 error -22 [ 632.072041][ T4365] libceph: mon0 (1)[c::]:6789 connect error [ 632.107221][T16549] EXT4-fs (loop2): fragment/cluster size (4096) != block size (1024) [ 632.154882][T16516] loop3: detected capacity change from 0 to 32768 [ 632.289046][T16516] XFS (loop3): Mounting V5 Filesystem [ 632.407469][T16516] XFS (loop3): Ending clean mount [ 632.525877][T16531] ceph: No mds server is up or the cluster is laggy [ 632.862091][T16541] loop1: detected capacity change from 0 to 32768 [ 633.115721][T16577] MPI: mpi too large (187712 bits) [ 633.182378][T16579] loop4: detected capacity change from 0 to 128 [ 633.258792][T16579] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 633.354348][T16585] loop0: detected capacity change from 0 to 512 [ 633.488214][T16585] EXT4-fs (loop0): fragment/cluster size (4096) != block size (1024) [ 633.542886][T16587] loop2: detected capacity change from 0 to 1024 [ 633.626120][T16587] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 633.642660][T16587] EXT4-fs (loop2): barriers disabled [ 633.648633][T16587] JBD2: no valid journal superblock found [ 633.655138][T16587] EXT4-fs (loop2): error loading journal [ 634.999446][T15455] XFS (loop3): Unmounting Filesystem [ 635.003502][T16606] loop0: detected capacity change from 0 to 512 [ 635.178638][T16606] loop0: detected capacity change from 0 to 16 [ 635.259227][T16606] erofs: (device loop0): mounted with root inode @ nid 36. [ 635.466417][T16619] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'. [ 635.476067][T16619] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'. [ 635.546415][T16596] loop4: detected capacity change from 0 to 40427 [ 635.555649][T16624] loop3: detected capacity change from 0 to 512 [ 635.565936][ T26] audit: type=1804 audit(1718427726.137:511): pid=16625 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3050859750/syzkaller.cEuXku/50/file0/bus/bus" dev="overlay" ino=10 res=1 errno=0 [ 635.623421][T16624] EXT4-fs (loop3): fragment/cluster size (4096) != block size (1024) [ 635.686705][T16596] F2FS-fs (loop4): Found nat_bits in checkpoint [ 635.748112][T16631] loop2: detected capacity change from 0 to 1024 [ 635.770894][T16633] MPI: mpi too large (187712 bits) [ 635.825196][T16596] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 635.844731][T16631] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 635.875164][T16631] EXT4-fs (loop2): barriers disabled [ 635.884167][T16631] JBD2: no valid journal superblock found [ 635.927795][T16631] EXT4-fs (loop2): error loading journal [ 635.928244][T13112] attempt to access beyond end of device [ 635.928244][T13112] loop4: rw=2049, want=45104, limit=40427 [ 636.003758][T16636] loop3: detected capacity change from 0 to 4096 [ 636.062938][T16636] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 636.131307][T16636] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 636.151391][T16636] ntfs3: loop3: Failed to load $Extend. [ 636.492897][T16653] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'. [ 636.528130][T16653] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'. [ 636.538413][T16657] netlink: 'syz-executor.3': attribute type 2 has an invalid length. [ 636.723172][T16626] loop1: detected capacity change from 0 to 32768 [ 636.852480][T16673] loop4: detected capacity change from 0 to 4096 [ 637.051242][T16693] loop2: detected capacity change from 0 to 256 [ 637.098614][T16695] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 637.108657][T16693] exfat: Deprecated parameter 'namecase' [ 637.130449][T16695] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 637.139541][T16695] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 637.148297][T16695] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 637.157025][T16695] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 637.173010][T16693] exfat: Deprecated parameter 'namecase' [ 637.195699][T16693] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 637.231506][T16695] device vxlan0 entered promiscuous mode [ 637.443716][T16705] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 637.647707][T16726] loop1: detected capacity change from 0 to 128 [ 637.685650][T16719] loop2: detected capacity change from 0 to 4096 [ 637.702671][T16726] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978) [ 637.731952][T16726] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 637.787005][T16729] loop3: detected capacity change from 0 to 2048 [ 637.794789][T16726] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: none. [ 637.815527][T16726] EXT4-fs (loop1): ext4_remount: Checksum for group 0 failed (39871!=39978) [ 637.851146][T16726] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D. [ 637.872909][T16726] EXT4-fs error (device loop1): __ext4_find_entry:1695: inode #2: comm syz-executor.1: checksumming directory block 0 [ 637.929451][T16729] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 637.941034][T16729] ext4 filesystem being mounted at /root/syzkaller-testdir3621682727/syzkaller.VN6915/74/file0 supports timestamps until 2038 (0x7fffffff) [ 638.201664][T16758] loop4: detected capacity change from 0 to 1024 [ 638.272289][T16766] loop3: detected capacity change from 0 to 128 [ 638.293380][ T26] audit: type=1326 audit(1718427728.867:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16767 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc8a7cceea9 code=0x0 [ 638.324972][T16766] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 638.327984][T16758] EXT4-fs (loop4): Test dummy encryption mode enabled [ 638.344115][T16766] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 638.349666][T16758] EXT4-fs (loop4): Ignoring removed orlov option [ 638.377276][T16758] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback. [ 638.499338][ T5008] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 638.554653][T16773] loop3: detected capacity change from 0 to 512 [ 638.655559][T16773] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 638.680454][T16773] ext4 filesystem being mounted at /root/syzkaller-testdir3621682727/syzkaller.VN6915/78/file0 supports timestamps until 2038 (0x7fffffff) [ 638.700854][T16782] loop4: detected capacity change from 0 to 128 [ 638.725011][T16773] EXT4-fs error (device loop3): ext4_do_update_inode:5160: inode #2: comm syz-executor.3: corrupted inode contents [ 638.742098][T16773] EXT4-fs error (device loop3): ext4_dirty_inode:5993: inode #2: comm syz-executor.3: mark_inode_dirty error [ 638.759159][T16782] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 638.763264][T16773] EXT4-fs error (device loop3): ext4_do_update_inode:5160: inode #2: comm syz-executor.3: corrupted inode contents [ 638.787583][T16773] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #2: comm syz-executor.3: mark_inode_dirty error [ 638.802857][ T5008] usb 1-1: Using ep0 maxpacket: 32 [ 638.876587][T16784] loop4: detected capacity change from 0 to 2048 [ 638.923335][ T5008] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 638.939615][ T5008] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 638.975010][ T5008] usb 1-1: New USB device found, idVendor=056a, idProduct=0026, bcdDevice= 0.00 [ 638.997508][ T5008] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 639.016214][ T5008] usb 1-1: config 0 descriptor?? [ 639.048927][T16784] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 639.062590][T16784] ext4 filesystem being mounted at /root/syzkaller-testdir1165769428/syzkaller.yi7r0v/279/file0 supports timestamps until 2038 (0x7fffffff) [ 639.228185][T16801] loop2: detected capacity change from 0 to 128 [ 639.275815][T16805] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. [ 639.285402][T16805] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. [ 639.290354][T16801] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 639.319370][T16801] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 639.332869][ T4365] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 639.397793][T16808] loop4: detected capacity change from 0 to 256 [ 639.496135][ T5008] wacom 0003:056A:0026.0011: Unknown device_type for 'HID 056a:0026'. Assuming pen. [ 639.526629][ T5008] wacom 0003:056A:0026.0011: hidraw0: USB HID v0.00 Device [HID 056a:0026] on usb-dummy_hcd.0-1/input0 [ 639.572850][ T4365] usb 4-1: Using ep0 maxpacket: 16 [ 639.585143][ T5008] input: Wacom Intuos5 touch S Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:0026.0011/input/input39 [ 639.623951][T16814] loop2: detected capacity change from 0 to 512 [ 639.693181][ T4365] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 639.710956][ T5008] usb 1-1: USB disconnect, device number 18 [ 639.724909][ T4365] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 639.767684][T16814] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 639.774212][ T4365] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 639.780416][T16814] ext4 filesystem being mounted at /root/syzkaller-testdir2829493520/syzkaller.fN7jQY/98/file0 supports timestamps until 2038 (0x7fffffff) [ 639.842029][T16814] EXT4-fs error (device loop2): ext4_do_update_inode:5160: inode #2: comm syz-executor.2: corrupted inode contents [ 639.860023][T16822] loop1: detected capacity change from 0 to 2048 [ 639.870030][ T4365] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 639.881766][T16814] EXT4-fs error (device loop2): ext4_dirty_inode:5993: inode #2: comm syz-executor.2: mark_inode_dirty error [ 639.891359][ T4365] usb 4-1: config 0 descriptor?? [ 639.900371][T16814] EXT4-fs error (device loop2): ext4_do_update_inode:5160: inode #2: comm syz-executor.2: corrupted inode contents [ 639.919732][T16814] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #2: comm syz-executor.2: mark_inode_dirty error [ 639.967282][T16822] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 640.168513][T16826] loop2: detected capacity change from 0 to 2048 [ 640.296820][T16826] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 640.323009][T16826] ext4 filesystem being mounted at /root/syzkaller-testdir2829493520/syzkaller.fN7jQY/99/file0 supports timestamps until 2038 (0x7fffffff) [ 640.363033][T16830] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 640.367000][ T4365] HID 045e:07da: Invalid code 65791 type 1 [ 640.403725][ T4365] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0012/input/input42 [ 640.414958][T16830] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 640.417363][ T4365] microsoft 0003:045E:07DA.0012: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 641.310528][T16792] loop3: detected capacity change from 0 to 4096 [ 641.381813][T16792] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 641.609824][T16836] loop0: detected capacity change from 0 to 32768 [ 641.678650][T16838] loop2: detected capacity change from 0 to 40427 [ 641.733308][ T4365] usb 4-1: USB disconnect, device number 17 [ 641.746683][T16836] XFS (loop0): Mounting V5 Filesystem [ 641.775907][T16838] F2FS-fs (loop2): Found nat_bits in checkpoint [ 641.925285][T16860] loop1: detected capacity change from 0 to 1024 [ 642.596568][T16836] XFS (loop0): Ending clean mount [ 642.611323][T16838] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 642.643435][T11859] hfsplus: b-tree write err: -5, ino 4 [ 642.716875][T15249] attempt to access beyond end of device [ 642.716875][T15249] loop2: rw=2049, want=45104, limit=40427 [ 642.963483][T16868] loop1: detected capacity change from 0 to 4096 [ 643.067719][T16868] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 643.148145][T16868] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 643.164104][T16871] loop3: detected capacity change from 0 to 2048 [ 643.183825][T16868] ntfs3: loop1: Failed to load $Extend. [ 643.322076][T16871] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 643.396964][T16871] ext4 filesystem being mounted at /root/syzkaller-testdir3621682727/syzkaller.VN6915/82/file0 supports timestamps until 2038 (0x7fffffff) [ 643.513529][T16879] cifs: Unknown parameter 'Ü[—Íñ¦bšÿÿÿITäŒ&¬æ:ÅèÙ"‚Õëï1:ºÃÃÓ­'Ä4,Zz-#FÇ<æõ]%gCžÊ [ 643.513529][T16879] SÃȘØÈžZ§6ŸÂ' [ 644.062526][T16897] tmpfs: Bad value for 'mpol' [ 644.375563][T13246] XFS (loop0): Unmounting Filesystem [ 644.807364][T16912] loop2: detected capacity change from 0 to 2048 [ 644.856558][T16889] loop4: detected capacity change from 0 to 40427 [ 644.959802][T16889] F2FS-fs (loop4): Found nat_bits in checkpoint [ 644.998494][T16912] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 645.018315][T16889] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 645.042970][T16912] ext4 filesystem being mounted at /root/syzkaller-testdir2829493520/syzkaller.fN7jQY/104/file0 supports timestamps until 2038 (0x7fffffff) [ 645.064863][T13112] attempt to access beyond end of device [ 645.064863][T13112] loop4: rw=2049, want=45104, limit=40427 [ 645.395518][T16939] loop0: detected capacity change from 0 to 512 [ 645.460680][T16939] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 645.524724][T16944] cifs: Unknown parameter 'Ü[—Íñ¦bšÿÿÿITäŒ&¬æ:ÅèÙ"‚Õëï1:ºÃÃÓ­'Ä4,Zz-#FÇ<æõ]%gCžÊ [ 645.524724][T16944] SÃȘØÈžZ§6ŸÂ' [ 645.621149][T16910] loop3: detected capacity change from 0 to 65536 [ 645.634110][T16939] Quota error (device loop0): v2_read_file_info: Free block number too big (58381 >= 6). [ 645.647500][T16939] EXT4-fs warning (device loop0): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 645.673646][T16949] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 645.743818][T16910] XFS (loop3): Mounting V5 Filesystem [ 645.809836][T16949] Quota error (device loop0): v2_read_file_info: Free block number too big (58381 >= 6). [ 645.830149][T16949] EXT4-fs warning (device loop0): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 646.065900][T16971] loop2: detected capacity change from 0 to 1024 [ 646.761416][ T2578] hfsplus: b-tree write err: -5, ino 4 [ 646.785401][T16975] loop0: detected capacity change from 0 to 2048 [ 646.797942][T16910] XFS (loop3): Ending clean mount [ 646.919751][T16975] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 646.990011][ T26] audit: type=1326 audit(1718427737.557:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16990 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8a67ad4ea9 code=0x0 [ 647.315565][T15455] XFS (loop3): Unmounting Filesystem [ 647.964446][ T26] audit: type=1800 audit(1718427738.537:514): pid=17034 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1959 res=0 errno=0 [ 648.058738][ T26] audit: type=1800 audit(1718427738.627:515): pid=17039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1959 res=0 errno=0 [ 648.112943][T17038] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 648.166461][T17039] loop2: detected capacity change from 0 to 4096 [ 648.244932][T17039] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512) [ 648.340164][T17039] ntfs3: loop2: Failed to load root. [ 648.492925][ T5007] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 648.615225][T17070] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 648.752995][ T5008] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 648.782836][ T5007] usb 4-1: Using ep0 maxpacket: 32 [ 648.854523][T17092] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. [ 648.864129][T17092] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. [ 648.907072][ T5007] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 648.918460][ T5007] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 648.934113][ T5007] usb 4-1: New USB device found, idVendor=056a, idProduct=0026, bcdDevice= 0.00 [ 648.947872][ T5007] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 648.961469][ T5007] usb 4-1: config 0 descriptor?? [ 648.975027][ T26] audit: type=1800 audit(1718427739.547:516): pid=17096 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1966 res=0 errno=0 [ 649.063746][ T26] audit: type=1800 audit(1718427739.627:517): pid=17097 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1966 res=0 errno=0 [ 649.104644][T17097] loop0: detected capacity change from 0 to 4096 [ 649.151358][T17097] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 649.160630][ T5008] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 649.171166][ T5008] usb 2-1: New USB device found, idVendor=04dd, idProduct=8007, bcdDevice=6b.3f [ 649.183359][ T5008] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 649.193391][ T5008] usb 2-1: config 0 descriptor?? [ 649.231008][T17097] ntfs3: loop0: Failed to load root. [ 649.244095][ T5008] usb 2-1: unsupported MDLM descriptors [ 649.450074][ T3574] usb 2-1: USB disconnect, device number 19 [ 649.465387][ T5007] wacom 0003:056A:0026.0013: Unknown device_type for 'HID 056a:0026'. Assuming pen. [ 649.482987][ T5007] wacom 0003:056A:0026.0013: hidraw0: USB HID v0.00 Device [HID 056a:0026] on usb-dummy_hcd.3-1/input0 [ 649.488991][T17102] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 649.495712][ T5007] input: Wacom Intuos5 touch S Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0026.0013/input/input43 [ 649.691119][ T5008] usb 4-1: USB disconnect, device number 18 [ 649.993142][ T3574] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 650.253049][ T4365] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 650.353298][ T3574] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 650.371670][ T3574] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 650.384207][ T3574] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 650.384260][ T3574] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 650.384290][ T3574] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 650.386241][ T3574] usb 5-1: config 0 descriptor?? [ 650.492896][ T4365] usb 2-1: Using ep0 maxpacket: 16 [ 650.608476][T17146] loop3: detected capacity change from 0 to 2048 [ 650.623266][ T4365] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 650.638962][ T4365] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 650.664161][ T4365] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 650.673834][ T4365] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 650.683190][T17146] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz-executor.3: bad orphan inode 8192 [ 650.691022][ T4365] usb 2-1: config 0 descriptor?? [ 650.699578][T17146] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 650.833029][ T5008] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 650.917554][ T3574] plantronics 0003:047F:FFFF.0014: No inputs registered, leaving [ 650.943014][ T3574] plantronics 0003:047F:FFFF.0014: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 652.115928][ T5008] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 652.135571][ T4365] HID 045e:07da: Invalid code 65791 type 1 [ 652.151674][ T5008] usb 3-1: New USB device found, idVendor=04dd, idProduct=8007, bcdDevice=6b.3f [ 652.167741][ T26] audit: type=1804 audit(1718427742.737:518): pid=17167 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir4129552475/syzkaller.7GZQeM/251/file0/bus/bus" dev="overlay" ino=10 res=1 errno=0 [ 652.191644][ T5008] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 652.205470][ T5008] usb 3-1: config 0 descriptor?? [ 652.205489][ T4365] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0015/input/input46 [ 652.254040][ T5008] usb 3-1: unsupported MDLM descriptors [ 652.343331][ T4365] microsoft 0003:045E:07DA.0015: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 652.473222][ T5008] usb 3-1: USB disconnect, device number 17 [ 652.588311][T17170] loop3: detected capacity change from 0 to 1764 [ 652.650872][T17170] ISOFS: unable to read i-node block [ 652.666288][T17170] isofs_fill_super: get root inode failed [ 652.685464][T17168] loop0: detected capacity change from 0 to 32768 [ 652.916640][ C0] plantronics 0003:047F:FFFF.0014: usb_submit_urb(ctrl) failed: -1 [ 653.120164][T17116] loop1: detected capacity change from 0 to 4096 [ 653.179543][T17116] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 653.202551][T17183] input: syz1 as /devices/virtual/input/input47 [ 653.274381][ T3574] usb 2-1: USB disconnect, device number 20 [ 653.326428][T17190] loop0: detected capacity change from 0 to 2048 [ 653.430989][T17190] EXT4-fs error (device loop0): ext4_orphan_get:1423: comm syz-executor.0: bad orphan inode 8192 [ 653.451628][T17190] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 653.632661][T17199] xt_TCPMSS: Only works on TCP SYN packets [ 653.703535][T17189] loop2: detected capacity change from 0 to 40427 [ 654.606518][ T4365] usb 5-1: USB disconnect, device number 16 [ 654.788457][ T26] audit: type=1804 audit(1718427745.357:519): pid=17208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1165769428/syzkaller.yi7r0v/310/file0/bus/bus" dev="overlay" ino=10 res=1 errno=0 [ 654.814564][ C0] vkms_vblank_simulate: vblank timer overrun [ 655.285361][T17228] loop0: detected capacity change from 0 to 1764 [ 655.377064][T17238] input: syz0 as /devices/virtual/input/input48 [ 655.377147][T17239] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 655.397295][T17228] ISOFS: unable to read i-node block [ 655.408590][T17228] isofs_fill_super: get root inode failed [ 655.427324][T17239] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 655.839059][T17211] loop4: detected capacity change from 0 to 32768 [ 656.022840][ T4365] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 656.109104][T17256] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 656.300992][T17263] loop2: detected capacity change from 0 to 512 [ 656.391697][T17263] EXT4-fs (loop2): corrupt root inode, run e2fsck [ 656.400617][T17268] loop4: detected capacity change from 0 to 2048 [ 656.407582][ T4365] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 656.412983][T17263] EXT4-fs (loop2): mount failed [ 656.422572][ T4365] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 656.422607][ T4365] usb 4-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 656.422650][ T4365] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 656.455462][ T4365] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 656.491441][T17273] loop0: detected capacity change from 0 to 256 [ 656.513944][T17268] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 656.549493][ T4365] snd-usb-audio: probe of 4-1:27.0 failed with error -2 [ 656.574845][T17273] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 656.732081][T17280] loop2: detected capacity change from 0 to 256 [ 656.834869][T17280] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1cbb3694, utbl_chksum : 0xe619d30d) [ 656.903338][T17280] exFAT-fs (loop2): error, found bogus dentry(5) beyond unused empty group(4) (start_clu : 5, cur_clu : 5) [ 656.980875][T17290] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 656.996316][T17290] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 657.377795][T17298] loop2: detected capacity change from 0 to 47 [ 657.495638][T17298] attempt to access beyond end of device [ 657.495638][T17298] loop2: rw=2049, want=50, limit=47 [ 657.520486][T17298] Buffer I/O error on dev loop2, logical block 24, lost async page write [ 657.539777][T17298] attempt to access beyond end of device [ 657.539777][T17298] loop2: rw=2049, want=52, limit=47 [ 657.564172][T17298] Buffer I/O error on dev loop2, logical block 25, lost async page write [ 657.713364][ T3905] attempt to access beyond end of device [ 657.713364][ T3905] loop2: rw=1, want=54, limit=47 [ 657.731342][ T3905] Buffer I/O error on dev loop2, logical block 26, lost async page write [ 657.816179][T17305] loop4: detected capacity change from 0 to 512 [ 657.876528][ T3573] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 657.927837][ T5007] usb 4-1: USB disconnect, device number 19 [ 657.966094][T17305] EXT4-fs (loop4): corrupt root inode, run e2fsck [ 657.972605][T17305] EXT4-fs (loop4): mount failed [ 658.034698][T17325] loop2: detected capacity change from 0 to 2048 [ 658.041490][T17324] loop0: detected capacity change from 0 to 2048 [ 658.075987][T17326] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 658.110290][T17324] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 658.174573][T17328] loop4: detected capacity change from 0 to 2048 [ 658.258603][T17328] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 658.302891][ T3573] usb 2-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 658.313276][ T3573] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 658.328029][ T3573] usb 2-1: config 0 descriptor?? [ 658.344386][ T26] audit: type=1326 audit(1718427748.917:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17336 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 658.378643][T17335] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 658.393868][T17335] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 658.441126][ T26] audit: type=1326 audit(1718427748.917:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17336 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 658.483689][ T26] audit: type=1326 audit(1718427748.917:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17336 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 658.533279][ T26] audit: type=1326 audit(1718427748.917:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17336 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 658.577637][ T26] audit: type=1326 audit(1718427748.917:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17336 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 658.613490][T17342] loop2: detected capacity change from 0 to 4096 [ 658.620187][ T26] audit: type=1326 audit(1718427748.917:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17336 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 658.644191][ T26] audit: type=1326 audit(1718427748.917:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17336 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 658.667890][ T26] audit: type=1326 audit(1718427748.917:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17336 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 658.698389][T17342] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 658.707790][ T26] audit: type=1326 audit(1718427748.917:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17336 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 658.762438][ T26] audit: type=1326 audit(1718427748.917:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17336 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7fc8a7cceea9 code=0x7ffc0000 [ 658.883899][ T3573] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 658.918657][ T3573] asix: probe of 2-1:0.0 failed with error -71 [ 658.949789][ T3573] usb 2-1: USB disconnect, device number 21 [ 660.225736][T17356] loop3: detected capacity change from 0 to 512 [ 660.335208][T17347] loop2: detected capacity change from 0 to 32768 [ 660.365422][T17356] EXT4-fs (loop3): corrupt root inode, run e2fsck [ 660.372098][T17356] EXT4-fs (loop3): mount failed [ 660.508175][T17347] XFS (loop2): Mounting V5 Filesystem [ 660.621809][T17380] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 660.665714][T17376] loop3: detected capacity change from 0 to 4096 [ 660.680164][T17347] XFS (loop2): Ending clean mount [ 660.698084][T17347] XFS (loop2): Quotacheck needed: Please wait. [ 660.708721][T17380] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 660.757951][T17376] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 661.590484][T17347] XFS (loop2): Quotacheck: Done. [ 661.755491][T15249] XFS (loop2): Unmounting Filesystem [ 661.986135][T17398] loop3: detected capacity change from 0 to 4096 [ 662.108898][T17398] ntfs3: loop3: failed to convert "0080" to macceltic [ 662.116016][T17398] ntfs3: loop3: failed to convert name for inode 1e. [ 662.213023][T11267] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 662.452922][T11267] usb 2-1: Using ep0 maxpacket: 32 [ 662.573010][T11267] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 662.590549][T11267] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 662.600453][T11267] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 662.618656][T11267] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 662.631776][T11267] usb 2-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 662.661594][T11267] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 662.681616][T11267] usb 2-1: config 0 descriptor?? [ 663.184364][T11267] ntrig 0003:1B96:000A.0016: unknown main item tag 0x0 [ 663.191260][T11267] ntrig 0003:1B96:000A.0016: unknown main item tag 0x0 [ 663.198164][T11267] ntrig 0003:1B96:000A.0016: unknown main item tag 0x0 [ 663.205386][T11267] ntrig 0003:1B96:000A.0016: unknown main item tag 0x0 [ 663.212258][T11267] ntrig 0003:1B96:000A.0016: unknown main item tag 0x0 [ 663.232314][T11267] ntrig 0003:1B96:000A.0016: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.1-1/input0 [ 663.395374][T11267] usb 2-1: USB disconnect, device number 22 [ 663.587192][T17412] loop2: detected capacity change from 0 to 1024 [ 663.662811][ T26] kauditd_printk_skb: 91 callbacks suppressed [ 663.662831][ T26] audit: type=1804 audit(1718427754.217:621): pid=17415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3621682727/syzkaller.VN6915/119/file1" dev="sda1" ino=1966 res=1 errno=0 [ 663.730009][ T26] audit: type=1804 audit(1718427754.217:622): pid=17415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3621682727/syzkaller.VN6915/119/file1" dev="sda1" ino=1966 res=1 errno=0 [ 663.756867][ T26] audit: type=1804 audit(1718427754.217:623): pid=17415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3621682727/syzkaller.VN6915/119/file1" dev="sda1" ino=1966 res=1 errno=0 [ 663.786692][T17418] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 663.807492][T17418] device vxcan3 entered promiscuous mode [ 664.675726][ T5007] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 664.699552][T17412] hfsplus: xattr searching failed [ 664.723908][T17418] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 664.734596][ T26] audit: type=1800 audit(1718427755.307:624): pid=17412 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="loop2" ino=20 res=0 errno=0 [ 664.810092][T17412] hfsplus: xattr searching failed [ 664.923578][T17429] loop3: detected capacity change from 0 to 512 [ 665.015222][T17436] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 665.028950][T17429] EXT4-fs (loop3): corrupt root inode, run e2fsck [ 665.036116][T17429] EXT4-fs (loop3): mount failed [ 665.103147][ T5007] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 665.119284][ T5007] usb 1-1: config 0 has no interface number 0 [ 665.127771][ T5007] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 665.141046][ T5007] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 665.164054][ T5007] usb 1-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18 [ 665.183026][ T5007] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 665.224449][ T5007] usb 1-1: config 0 descriptor?? [ 665.418860][T17447] loop3: detected capacity change from 0 to 4096 [ 665.702780][ T3571] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 666.241418][ T5007] input: HID 04d9:a055 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.1/0003:04D9:A055.0017/input/input49 [ 666.264971][ T3571] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 666.283096][ T3571] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 666.305866][T17460] loop0: detected capacity change from 0 to 256 [ 666.350512][ T3571] usb 3-1: config 0 descriptor?? [ 666.394377][ T3571] cp210x 3-1:0.0: cp210x converter detected [ 666.395035][ T5007] holtek_kbd 0003:04D9:A055.0017: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.0-1/input1 [ 666.429133][T17460] FAT-fs (loop0): Directory bread(block 64) failed [ 666.441290][T17460] FAT-fs (loop0): Directory bread(block 65) failed [ 666.461466][T17460] FAT-fs (loop0): Directory bread(block 66) failed [ 666.496746][T17460] FAT-fs (loop0): Directory bread(block 67) failed [ 666.507236][T17460] FAT-fs (loop0): Directory bread(block 68) failed [ 666.518001][T17460] FAT-fs (loop0): Directory bread(block 69) failed [ 666.527405][T17460] FAT-fs (loop0): Directory bread(block 70) failed [ 666.538217][T17460] FAT-fs (loop0): Directory bread(block 71) failed [ 666.565245][T17460] FAT-fs (loop0): Directory bread(block 72) failed [ 666.571902][T17460] FAT-fs (loop0): Directory bread(block 73) failed [ 666.589172][ T26] audit: type=1800 audit(1718427757.157:625): pid=17469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="sda1" ino=1946 res=0 errno=0 [ 666.752822][ T5007] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 666.784543][ T4365] usb 1-1: USB disconnect, device number 19 [ 667.013455][ T5007] usb 4-1: Using ep0 maxpacket: 32 [ 667.063884][ T3571] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 667.071738][ T3571] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 667.083252][ T3571] usb 3-1: cp210x converter now attached to ttyUSB0 [ 667.091200][ T3571] usb 3-1: USB disconnect, device number 18 [ 667.100222][ T3571] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 667.109619][ T3571] cp210x 3-1:0.0: device disconnected [ 667.153061][ T5007] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 667.164347][ T5007] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 667.174512][ T5007] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 667.184269][ T5007] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 667.197866][ T5007] usb 4-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 667.208669][ T5007] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 667.219003][ T5007] usb 4-1: config 0 descriptor?? [ 667.237890][ T26] audit: type=1804 audit(1718427757.807:626): pid=17486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3050859750/syzkaller.cEuXku/102/bus" dev="sda1" ino=1955 res=1 errno=0 [ 667.250633][T17486] Invalid ELF header magic: != ELF [ 667.417363][T17496] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'. [ 668.604675][ T5007] ntrig 0003:1B96:000A.0018: unknown main item tag 0x0 [ 668.620050][ T26] audit: type=1800 audit(1718427759.187:627): pid=17510 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="sda1" ino=1961 res=0 errno=0 [ 668.662937][ T5007] ntrig 0003:1B96:000A.0018: unknown main item tag 0x0 [ 668.674177][ T26] audit: type=1804 audit(1718427759.247:628): pid=17513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2829493520/syzkaller.fN7jQY/157/file0/bus/bus" dev="overlay" ino=10 res=1 errno=0 [ 668.701676][T17514] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 668.712864][ T5007] ntrig 0003:1B96:000A.0018: unknown main item tag 0x0 [ 668.723466][ T5007] ntrig 0003:1B96:000A.0018: unknown main item tag 0x0 [ 668.738357][ T5007] ntrig 0003:1B96:000A.0018: unknown main item tag 0x0 [ 668.754057][ T5007] ntrig 0003:1B96:000A.0018: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.3-1/input0 [ 668.836093][ T5007] usb 4-1: USB disconnect, device number 20 [ 668.876452][ T26] audit: type=1804 audit(1718427759.447:629): pid=17517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1165769428/syzkaller.yi7r0v/329/bus" dev="sda1" ino=1967 res=1 errno=0 [ 668.923358][T17517] Invalid ELF header magic: != ELF [ 669.323107][ T6097] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 669.757251][T17515] loop2: detected capacity change from 0 to 32768 [ 669.792898][ T5007] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 670.222572][ T6097] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 670.732814][ T6097] usb 5-1: config 0 has no interface number 0 [ 670.741150][ T6097] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 670.909467][ T6097] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 670.947761][ T6097] usb 5-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18 [ 670.951515][T17542] loop3: detected capacity change from 0 to 4096 [ 670.969701][ T6097] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 671.178001][ T6097] usb 5-1: config 0 descriptor?? [ 671.723193][ T5007] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 671.734665][ T5007] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 671.744485][ T5007] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 671.753636][ T5007] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 671.793242][ T5007] usb 1-1: config 0 descriptor?? [ 672.051187][ T6097] input: HID 04d9:a055 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.1/0003:04D9:A055.0019/input/input50 [ 672.095965][T17519] loop4: detected capacity change from 0 to 256 [ 672.648070][ T6097] holtek_kbd 0003:04D9:A055.0019: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.4-1/input1 [ 672.921928][T17519] FAT-fs (loop4): Directory bread(block 64) failed [ 672.952963][ T5007] usb 1-1: language id specifier not provided by device, defaulting to English [ 672.956455][ T26] audit: type=1800 audit(1718427763.527:630): pid=17568 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=1948 res=0 errno=0 [ 672.984217][T17519] FAT-fs (loop4): Directory bread(block 65) failed [ 672.998059][T17519] FAT-fs (loop4): Directory bread(block 66) failed [ 673.013137][T17519] FAT-fs (loop4): Directory bread(block 67) failed [ 673.022902][T17519] FAT-fs (loop4): Directory bread(block 68) failed [ 673.026594][T17570] loop3: detected capacity change from 0 to 512 [ 673.040143][T17519] FAT-fs (loop4): Directory bread(block 69) failed [ 673.053035][T17519] FAT-fs (loop4): Directory bread(block 70) failed [ 673.063817][T17519] FAT-fs (loop4): Directory bread(block 71) failed [ 673.070621][T17519] FAT-fs (loop4): Directory bread(block 72) failed [ 673.077556][T17519] FAT-fs (loop4): Directory bread(block 73) failed [ 673.091232][T17570] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 673.110711][T17570] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 673.144702][ T3573] usb 5-1: USB disconnect, device number 17 [ 673.182127][T17570] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 673.186817][T17573] ALSA: mixer_oss: invalid OSS volume '00000000000000000000' [ 673.203040][T17573] ALSA: mixer_oss: invalid OSS volume 'OGAINWÁ”1õ›' [ 673.214272][T17570] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 673.222361][T17570] System zones: 0-2, 18-18, 34-34 [ 673.260121][T17570] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1061: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 673.399817][T17570] EXT4-fs (loop3): 1 truncate cleaned up [ 673.406169][T17570] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 674.262897][ T5007] uclogic 0003:256C:006D.001A: failed retrieving Huion firmware version: -71 [ 674.293088][ T5007] uclogic 0003:256C:006D.001A: failed probing parameters: -71 [ 674.338780][ T5007] uclogic: probe of 0003:256C:006D.001A failed with error -71 [ 674.348408][ T5007] usb 1-1: USB disconnect, device number 20 [ 674.430336][T17595] loop4: detected capacity change from 0 to 1024 [ 674.622385][T17595] hfsplus: xattr searching failed [ 674.637113][ T26] audit: type=1800 audit(1718427765.207:631): pid=17595 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file1" dev="loop4" ino=20 res=0 errno=0 [ 675.631327][T17606] hfsplus: xattr searching failed [ 675.732796][ T6097] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 675.868010][T17621] loop2: detected capacity change from 0 to 512 [ 675.938147][T17621] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 675.947556][ T5007] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 675.957660][T17621] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 675.969007][T17621] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended [ 675.982095][T17621] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 675.990322][T17621] System zones: 0-2, 18-18, 34-34 [ 676.030869][T17621] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1061: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 676.048551][T17621] EXT4-fs (loop2): 1 truncate cleaned up [ 676.054425][T17621] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 676.233256][ T6097] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 676.246354][ T6097] usb 4-1: config 0 has no interface number 0 [ 676.252681][ T6097] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 676.266737][ C0] vkms_vblank_simulate: vblank timer overrun [ 676.270475][ T6097] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 676.298381][ T6097] usb 4-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18 [ 676.730271][ T6097] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 677.153065][ T5007] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 677.182909][ T5007] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 677.205643][ T5007] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 677.224976][ T5007] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 677.251853][ T5007] usb 2-1: config 0 descriptor?? [ 677.293745][T17634] netlink: 'syz-executor.4': attribute type 27 has an invalid length. [ 677.393815][ T6097] usb 4-1: config 0 descriptor?? [ 677.416033][T17637] loop4: detected capacity change from 0 to 512 [ 677.843058][T17637] EXT4-fs (loop4): 1 orphan inode deleted [ 677.923720][T17637] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback. [ 678.228298][T17637] ext4 filesystem being mounted at /root/syzkaller-testdir1165769428/syzkaller.yi7r0v/336/file1 supports timestamps until 2038 (0x7fffffff) [ 678.262920][ T6097] usbhid 4-1:0.1: can't add hid device: -71 [ 678.270688][ T6097] usbhid: probe of 4-1:0.1 failed with error -71 [ 678.285178][ T3573] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 678.452128][ T6097] usb 4-1: USB disconnect, device number 21 [ 679.349954][ T5007] usb 2-1: language id specifier not provided by device, defaulting to English [ 679.462945][ T3573] usb 3-1: Using ep0 maxpacket: 32 [ 679.533008][ T3573] usb 3-1: device descriptor read/all, error -71 [ 679.667683][T17663] loop3: detected capacity change from 0 to 512 [ 679.742998][ T5007] uclogic 0003:256C:006D.001B: failed retrieving Huion firmware version: -71 [ 679.751979][ T5007] uclogic 0003:256C:006D.001B: failed probing parameters: -71 [ 679.766706][T17663] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 679.773013][ T5007] uclogic: probe of 0003:256C:006D.001B failed with error -71 [ 679.792176][T17663] EXT4-fs (loop3): 1 truncate cleaned up [ 679.816459][ T5007] usb 2-1: USB disconnect, device number 23 [ 679.842812][T17663] EXT4-fs (loop3): mounted filesystem without journal. Opts: quota,inode_readahead_blks=0x0000000000000080,barrier=0x0000000000000003,stripe=0x0000000000000004,block_validity,debug_want_extra_isize=0x000000000000002e,,errors=continue. Quota mode: writeback. [ 679.874825][ T26] audit: type=1804 audit(1718427770.447:632): pid=17665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1165769428/syzkaller.yi7r0v/336/file1/bus" dev="loop4" ino=18 res=1 errno=0 [ 679.987910][T17663] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.3: corrupted in-inode xattr [ 680.007216][T17663] EXT4-fs warning (device loop3): ext4_xattr_set_entry:1745: inode #15: comm syz-executor.3: unable to update i_inline_off [ 680.092510][T17636] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:476: comm syz-executor.4: Invalid block bitmap block 0 in block_group 0 [ 680.114800][T17636] EXT4-fs (loop4): Remounting filesystem read-only [ 680.114801][T17663] EXT4-fs error (device loop3): ext4_xattr_ibody_get:603: inode #15: comm syz-executor.3: corrupted in-inode xattr [ 680.121345][T17636] EXT4-fs error (device loop4): ext4_discard_preallocations:5135: comm syz-executor.4: Error -117 reading block bitmap for 0 [ 680.218725][T17663] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.3: corrupted in-inode xattr [ 680.248940][T17663] syz-executor.3 (17663) used greatest stack depth: 16984 bytes left [ 680.368892][T17657] loop0: detected capacity change from 0 to 32768 [ 680.441098][T17657] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (17657) [ 680.483133][ T3573] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 680.651679][T17657] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 680.674060][T17657] BTRFS info (device loop0): using free space tree [ 680.680605][T17657] BTRFS info (device loop0): has skinny extents [ 681.657577][T17657] BTRFS info (device loop0): enabling ssd optimizations [ 681.665050][ T5007] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 681.674174][ T3573] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 681.682316][ T3573] usb 3-1: config 0 has no interface number 0 [ 681.710903][ T3573] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 681.742757][ T3573] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 681.752613][ T3573] usb 3-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18 [ 681.768624][ T3573] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 681.794119][ T3573] usb 3-1: config 0 descriptor?? [ 681.822799][ T26] audit: type=1800 audit(1718427772.387:633): pid=17714 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1967 res=0 errno=0 [ 681.910041][T13112] EXT4-fs error (device loop4): ext4_map_blocks:601: inode #2: block 3: comm syz-executor.4: lblock 0 mapped to illegal pblock 3 (length 1) [ 681.927610][ T5007] usb 4-1: Using ep0 maxpacket: 32 [ 682.063353][ T5007] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 682.081923][ T5007] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 682.094596][ T5007] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 682.108941][ T5007] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 682.122109][ T5007] usb 4-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 682.135575][ T5007] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 682.146094][ T5007] usb 4-1: config 0 descriptor?? [ 682.315368][ T3573] input: HID 04d9:a055 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.1/0003:04D9:A055.001C/input/input51 [ 682.417189][ T3573] holtek_kbd 0003:04D9:A055.001C: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.2-1/input1 [ 682.543246][T17674] loop2: detected capacity change from 0 to 256 [ 682.625336][T11460] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 682.657971][T17674] FAT-fs (loop2): Directory bread(block 64) failed [ 682.672811][T17674] FAT-fs (loop2): Directory bread(block 65) failed [ 682.674865][ T5007] ntrig 0003:1B96:000A.001D: unknown main item tag 0x0 [ 682.686746][T17674] FAT-fs (loop2): Directory bread(block 66) failed [ 682.690069][T17726] netlink: 'syz-executor.1': attribute type 27 has an invalid length. [ 682.708232][T17674] FAT-fs (loop2): Directory bread(block 67) failed [ 682.714167][ T5007] ntrig 0003:1B96:000A.001D: unknown main item tag 0x0 [ 682.729775][T11460] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 682.731391][ T5007] ntrig 0003:1B96:000A.001D: unknown main item tag 0x0 [ 682.748252][T17674] FAT-fs (loop2): Directory bread(block 68) failed [ 682.764629][T17674] FAT-fs (loop2): Directory bread(block 69) failed [ 682.781654][T17674] FAT-fs (loop2): Directory bread(block 70) failed [ 682.801930][T17674] FAT-fs (loop2): Directory bread(block 71) failed [ 682.822367][T17674] FAT-fs (loop2): Directory bread(block 72) failed [ 682.842643][T17674] FAT-fs (loop2): Directory bread(block 73) failed [ 682.919770][ T5007] ntrig 0003:1B96:000A.001D: unknown main item tag 0x0 [ 682.927382][ T5007] ntrig 0003:1B96:000A.001D: unknown main item tag 0x0 [ 682.936126][ T5007] ntrig 0003:1B96:000A.001D: hidraw1: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.3-1/input0 [ 682.980262][ T5007] usb 4-1: USB disconnect, device number 22 [ 683.190036][ T7760] usb 3-1: USB disconnect, device number 20 [ 683.205152][T11460] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 683.324934][T11460] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 683.387738][ T26] audit: type=1800 audit(1718427773.957:634): pid=17743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1961 res=0 errno=0 [ 683.618250][T17746] device veth1_macvtap left promiscuous mode [ 683.626037][T17746] device macsec0 entered promiscuous mode [ 683.719517][T17746] device veth1_macvtap entered promiscuous mode [ 683.753348][T17746] device macsec0 left promiscuous mode [ 683.889039][T17762] netlink: 'syz-executor.2': attribute type 13 has an invalid length. [ 683.912661][T17758] loop0: detected capacity change from 0 to 4096 [ 683.940499][T17740] chnl_net:caif_netlink_parms(): no params data found [ 683.945659][T17765] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 683.997624][T17758] ntfs3: loop0: ino=0, Correct links count -> 1. [ 684.023090][T17768] loop2: detected capacity change from 0 to 1024 [ 684.033234][T17758] ntfs3: loop0: MFT: r=0, expect seq=1 instead of 0! [ 684.047522][T17758] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 684.060304][T17769] netlink: 15 bytes leftover after parsing attributes in process `syz-executor.1'. [ 684.061066][T17758] ntfs3: loop0: Failed to load $MFT. [ 684.140859][T17740] bridge0: port 1(bridge_slave_0) entered blocking state [ 684.148913][T17740] bridge0: port 1(bridge_slave_0) entered disabled state [ 684.165580][T17768] hfsplus: xattr searching failed [ 684.181995][T17740] device bridge_slave_0 entered promiscuous mode [ 684.205380][ T26] audit: type=1800 audit(1718427774.777:635): pid=17768 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="loop2" ino=20 res=0 errno=0 [ 684.246423][ T26] audit: type=1800 audit(1718427774.817:636): pid=17777 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1961 res=0 errno=0 [ 684.268091][T17740] bridge0: port 2(bridge_slave_1) entered blocking state [ 684.280998][T17740] bridge0: port 2(bridge_slave_1) entered disabled state [ 684.294843][T17778] hfsplus: xattr searching failed [ 684.304231][T17740] device bridge_slave_1 entered promiscuous mode [ 684.306202][T17758] loop0: detected capacity change from 0 to 512 [ 684.372932][ T3571] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 684.389716][T17740] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 684.420184][T17740] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 684.455691][T17758] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz-executor.0: Parent and EA inode have the same ino 15 [ 684.476968][T17784] loop3: detected capacity change from 0 to 128 [ 684.516976][T17784] FAT-fs (loop3): bogus number of FAT sectors [ 684.603008][T17784] FAT-fs (loop3): Can't find a valid FAT filesystem [ 684.606492][T17758] EXT4-fs (loop0): 1 orphan inode deleted [ 684.637714][T17758] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 684.644124][T17740] team0: Port device team_slave_0 added [ 684.680821][T17740] team0: Port device team_slave_1 added [ 684.753687][ T3571] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 684.753934][T17787] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 684.772785][ T3571] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 684.799572][ T3571] usb 2-1: config 0 descriptor?? [ 684.823459][T17740] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 684.831034][T17740] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 684.858695][ T3571] cp210x 2-1:0.0: cp210x converter detected [ 684.873362][T17740] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 684.907130][T17740] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 684.924230][T17740] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 684.952945][T17740] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 685.092919][T17740] device hsr_slave_0 entered promiscuous mode [ 685.110132][T17740] device hsr_slave_1 entered promiscuous mode [ 685.120902][T17740] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 685.139869][T17740] Cannot create hsr debugfs directory [ 685.227946][T11460] device hsr_slave_0 left promiscuous mode [ 685.236099][T11460] device hsr_slave_1 left promiscuous mode [ 685.318322][T11460] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 685.341613][T11460] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 685.361780][T11460] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 685.379707][T11460] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 685.400194][T11460] device bridge_slave_1 left promiscuous mode [ 685.432934][T11460] bridge0: port 2(bridge_slave_1) entered disabled state [ 685.441622][T11460] device bridge_slave_0 left promiscuous mode [ 685.442825][ T4601] Bluetooth: hci4: command 0x0409 tx timeout [ 685.448075][T11460] bridge0: port 1(bridge_slave_0) entered disabled state [ 685.468386][T11460] device veth1_macvtap left promiscuous mode [ 685.494022][T11460] device veth1_vlan left promiscuous mode [ 685.500703][T11460] device veth0_vlan left promiscuous mode [ 685.593041][ T3571] cp210x 2-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 685.601809][ T1376] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.608817][ T1376] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.657262][ T3571] cp210x 2-1:0.0: GPIO initialisation failed: -71 [ 685.765413][ T3571] usb 2-1: cp210x converter now attached to ttyUSB0 [ 685.898617][ T3571] usb 2-1: USB disconnect, device number 24 [ 686.058939][ T3571] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 686.177593][ T3571] cp210x 2-1:0.0: device disconnected [ 686.382808][ T4601] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 686.479847][T11460] team0 (unregistering): Port device team_slave_1 removed [ 686.500315][T11460] team0 (unregistering): Port device team_slave_0 removed [ 686.512372][T11460] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 686.527335][T11460] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 686.613508][T11460] bond0 (unregistering): Released all slaves [ 686.653908][ T4601] usb 3-1: Using ep0 maxpacket: 32 [ 686.664547][T17806] netlink: 'syz-executor.3': attribute type 13 has an invalid length. [ 686.682085][T17813] device veth1_macvtap left promiscuous mode [ 686.697638][T17813] device macsec0 entered promiscuous mode [ 686.762979][T17814] device veth1_macvtap entered promiscuous mode [ 686.769819][T17814] device macsec0 left promiscuous mode [ 686.793869][ T4601] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 686.817864][ T4601] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 686.835430][ T4601] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 686.852369][ T4601] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 686.874161][ T4601] usb 3-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 686.899330][ T4601] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 686.914937][T17820] netlink: 15 bytes leftover after parsing attributes in process `syz-executor.0'. [ 686.922626][ T4601] usb 3-1: config 0 descriptor?? [ 687.826602][ T7760] Bluetooth: hci4: command 0x041b tx timeout [ 688.037151][T17829] syz-executor.1 (pid 17829) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 688.174674][ T4601] ntrig 0003:1B96:000A.001E: unknown main item tag 0x0 [ 688.181594][ T4601] ntrig 0003:1B96:000A.001E: unknown main item tag 0x0 [ 688.193609][ T4601] ntrig 0003:1B96:000A.001E: unknown main item tag 0x0 [ 688.244984][ T4601] ntrig 0003:1B96:000A.001E: unknown main item tag 0x0 [ 688.364230][ T4601] ntrig 0003:1B96:000A.001E: unknown main item tag 0x0 [ 688.464692][ T4601] ntrig 0003:1B96:000A.001E: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.2-1/input0 [ 688.600767][ T4601] usb 3-1: USB disconnect, device number 21 [ 689.007514][ T26] audit: type=1800 audit(1718427779.577:637): pid=17839 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="sda1" ino=1936 res=0 errno=0 [ 689.048944][T17842] loop0: detected capacity change from 0 to 512 [ 689.124431][T17846] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only [ 689.240419][T17842] EXT4-fs (loop0): 1 orphan inode deleted [ 689.247976][T17842] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback. [ 689.255429][T17740] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 689.303095][T17842] ext4 filesystem being mounted at /root/syzkaller-testdir4129552475/syzkaller.7GZQeM/300/file1 supports timestamps until 2038 (0x7fffffff) [ 689.334237][T17740] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 689.352142][T17740] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 689.392143][T17740] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 689.403463][ T26] audit: type=1804 audit(1718427779.977:638): pid=17854 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3621682727/syzkaller.VN6915/151/cgroup.controllers" dev="sda1" ino=1961 res=1 errno=0 [ 690.038217][T11267] Bluetooth: hci4: command 0x040f tx timeout [ 690.292643][T17740] 8021q: adding VLAN 0 to HW filter on device bond0 [ 690.478411][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 690.493457][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 690.514897][T17740] 8021q: adding VLAN 0 to HW filter on device team0 [ 690.893072][T17878] netlink: 'syz-executor.2': attribute type 13 has an invalid length. [ 691.180982][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 691.198121][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 691.206873][ T4365] bridge0: port 1(bridge_slave_0) entered blocking state [ 691.213994][ T4365] bridge0: port 1(bridge_slave_0) entered forwarding state [ 691.222074][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 691.239885][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 691.267857][ T4365] bridge0: port 2(bridge_slave_1) entered blocking state [ 691.275050][ T4365] bridge0: port 2(bridge_slave_1) entered forwarding state [ 691.338471][T17895] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only [ 691.356994][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 691.902595][T17740] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 692.222881][T17740] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 692.263903][ T4601] Bluetooth: hci4: command 0x0419 tx timeout [ 692.280795][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 692.324086][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 692.357500][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 692.384435][ T26] audit: type=1804 audit(1718427782.956:639): pid=17903 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3621682727/syzkaller.VN6915/156/cgroup.controllers" dev="sda1" ino=1958 res=1 errno=0 [ 692.394435][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 692.646224][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 692.655111][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 692.664454][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 692.673072][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 692.682522][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 692.691275][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 692.726104][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 693.054756][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 693.878948][T17929] ipt_ECN: cannot use operation on non-tcp rule [ 694.462943][ T26] audit: type=1804 audit(1718427784.646:640): pid=17933 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3050859750/syzkaller.cEuXku/143/bus" dev="sda1" ino=1965 res=1 errno=0 [ 694.589504][T17938] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only [ 694.812935][ C0] vkms_vblank_simulate: vblank timer overrun [ 694.813656][ T4602] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 694.813894][ T4602] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 694.875863][T17740] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 696.755626][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 696.790096][T17952] nft_compat: unsupported protocol 0 [ 696.796934][ T3570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 696.882821][ T26] audit: type=1804 audit(1718427787.426:641): pid=17958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3621682727/syzkaller.VN6915/161/cgroup.controllers" dev="sda1" ino=1958 res=1 errno=0 [ 803.232674][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 803.239744][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P17740/1:b..l P11460/1:b..l [ 803.250029][ C1] (detected by 1, t=10502 jiffies, g=93801, q=35) [ 803.256542][ C1] task:kworker/u4:11 state:R running task stack:21120 pid:11460 ppid: 2 flags:0x00004000 [ 803.269692][ C1] Workqueue: netns cleanup_net [ 803.274515][ C1] Call Trace: [ 803.277808][ C1] [ 803.280753][ C1] __schedule+0x12c4/0x45b0 [ 803.285271][ C1] ? _raw_spin_unlock_irqrestore+0x8b/0x130 [ 803.291177][ C1] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 803.297112][ C1] ? mark_lock+0x98/0x340 [ 803.301458][ C1] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 803.307459][ C1] ? release_firmware_map_entry+0x190/0x190 [ 803.313376][ C1] ? preempt_schedule_irq+0xec/0x1c0 [ 803.318677][ C1] preempt_schedule_irq+0xf7/0x1c0 [ 803.323807][ C1] ? __cond_resched+0x20/0x20 [ 803.328513][ C1] irqentry_exit+0x53/0x80 [ 803.332958][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 803.338946][ C1] RIP: 0010:inet_twsk_purge+0x13d/0x9d0 [ 803.344503][ C1] Code: 31 d2 e8 f6 4f 9b f8 2e 2e 2e 31 c0 e8 dc f6 ad f8 e8 e7 08 00 00 e8 02 24 60 01 89 c3 31 ff 89 c6 e8 c7 90 c2 f8 85 db 74 10 ee 44 ad f8 84 c0 74 0e e8 55 8d c2 f8 eb 56 e8 4e 8d c2 f8 eb [ 803.364213][ C1] RSP: 0018:ffffc900032a7a60 EFLAGS: 00000202 [ 803.370292][ C1] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffff88801bdc1dc0 [ 803.378274][ C1] RDX: ffff88801bdc1dc0 RSI: 0000000000000001 RDI: 0000000000000000 [ 803.386260][ C1] RBP: ffffc900032a7b70 R08: ffffffff88bdcf59 R09: fffffbfff1f7f019 [ 803.394263][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92000654f62 [ 803.402242][ C1] R13: 0000000000016dac R14: dffffc0000000000 R15: ffff8880244b6d68 [ 803.410235][ C1] ? inet_twsk_purge+0x139/0x9d0 [ 803.415234][ C1] ? rcu_force_quiescent_state+0x230/0x230 [ 803.421055][ C1] ? __inet_twsk_schedule+0x130/0x130 [ 803.426445][ C1] ? evict+0x56e/0x620 [ 803.430536][ C1] ? dccp_v4_exit_net+0x80/0x80 [ 803.435404][ C1] cleanup_net+0x763/0xb60 [ 803.439842][ C1] ? ops_free_list+0x340/0x340 [ 803.444631][ C1] process_one_work+0x8a1/0x10c0 [ 803.449601][ C1] ? worker_detach_from_pool+0x260/0x260 [ 803.455253][ C1] ? _raw_spin_lock_irqsave+0x120/0x120 [ 803.460815][ C1] ? kthread_data+0x4e/0xc0 [ 803.465335][ C1] ? wq_worker_running+0x97/0x170 [ 803.470493][ C1] worker_thread+0xaca/0x1280 [ 803.475409][ C1] kthread+0x3f6/0x4f0 [ 803.479497][ C1] ? rcu_lock_release+0x20/0x20 [ 803.484376][ C1] ? kthread_blkcg+0xd0/0xd0 [ 803.489072][ C1] ret_from_fork+0x1f/0x30 [ 803.493519][ C1] [ 803.496550][ C1] task:syz-executor.4 state:R running task stack:20504 pid:17740 ppid: 17730 flags:0x00004002 [ 803.507527][ C1] Call Trace: [ 803.510814][ C1] [ 803.513754][ C1] __schedule+0x12c4/0x45b0 [ 803.518300][ C1] ? release_firmware_map_entry+0x190/0x190 [ 803.524220][ C1] ? do_raw_spin_unlock+0x137/0x8b0 [ 803.529453][ C1] preempt_schedule_notrace+0xf8/0x140 [ 803.534932][ C1] ? preempt_schedule_common+0xd0/0xd0 [ 803.540405][ C1] ? do_raw_spin_unlock+0x137/0x8b0 [ 803.545625][ C1] preempt_schedule_notrace_thunk+0x16/0x18 [ 803.551529][ C1] ? lock_acquire+0xcc/0x4f0 [ 803.556129][ C1] rcu_is_watching+0x72/0xa0 [ 803.560726][ C1] lock_acquire+0xdd/0x4f0 [ 803.565153][ C1] ? mark_lock+0x98/0x340 [ 803.569505][ C1] ? read_lock_is_recursive+0x10/0x10 [ 803.574899][ C1] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 803.580918][ C1] ? print_irqtrace_events+0x210/0x210 [ 803.586406][ C1] ? lockdep_hardirqs_on+0x94/0x130 [ 803.591632][ C1] rcu_lock_acquire+0x2a/0x30 [ 803.596322][ C1] ? rcu_lock_acquire+0x5/0x30 [ 803.601090][ C1] veth_get_iflink+0x1d/0x230 [ 803.605909][ C1] linkwatch_urgent_event+0x93/0x4b0 [ 803.611298][ C1] linkwatch_fire_event+0x1b/0x3c0 [ 803.616431][ C1] netif_carrier_on+0xa5/0x130 [ 803.621213][ C1] veth_open+0x1e3/0x220 [ 803.625474][ C1] __dev_open+0x36f/0x500 [ 803.629834][ C1] ? dev_open+0x260/0x260 [ 803.634179][ C1] ? dev_set_rx_mode+0xae/0x2f0 [ 803.639066][ C1] __dev_change_flags+0x1db/0x6e0 [ 803.644114][ C1] ? dev_get_flags+0x1c0/0x1c0 [ 803.648909][ C1] ? slab_free_freelist_hook+0xdd/0x160 [ 803.655692][ C1] dev_change_flags+0x87/0x190 [ 803.660475][ C1] do_setlink+0xcd1/0x3b00 [ 803.664917][ C1] ? stack_trace_save+0x113/0x1c0 [ 803.669958][ C1] ? stack_trace_snprint+0xe0/0xe0 [ 803.675085][ C1] ? kasan_unpoison+0x42/0x60 [ 803.679777][ C1] ? nlmsg_parse_deprecated_strict+0x110/0x110 [ 803.685957][ C1] ? ____kasan_kmalloc+0xd1/0xf0 [ 803.690905][ C1] ? ____kasan_kmalloc+0xba/0xf0 [ 803.695849][ C1] ? kmem_cache_alloc_trace+0x143/0x290 [ 803.701412][ C1] ? rtnl_newlink+0x10d/0x2070 [ 803.706188][ C1] ? rtnetlink_rcv_msg+0x993/0xee0 [ 803.711315][ C1] ? netlink_rcv_skb+0x1cf/0x410 [ 803.716270][ C1] ? __nla_validate_parse+0x1e6b/0x27f0 [ 803.721868][ C1] ? __nla_validate+0x50/0x50 [ 803.726584][ C1] ? validate_linkmsg+0x3db/0x4c0 [ 803.731643][ C1] rtnl_newlink+0x17a4/0x2070 [ 803.736349][ C1] ? rtnl_newlink+0x4c1/0x2070 [ 803.741171][ C1] ? rtnl_setlink+0x540/0x540 [ 803.745954][ C1] ? rtnetlink_rcv_msg+0x94c/0xee0 [ 803.751107][ C1] ? rtnl_setlink+0x540/0x540 [ 803.755796][ C1] rtnetlink_rcv_msg+0x993/0xee0 [ 803.760758][ C1] ? rtnetlink_bind+0x80/0x80 [ 803.765647][ C1] ? __local_bh_enable_ip+0x164/0x1f0 [ 803.771031][ C1] ? lockdep_hardirqs_on+0x94/0x130 [ 803.776246][ C1] ? __local_bh_enable_ip+0x164/0x1f0 [ 803.781624][ C1] ? local_bh_enable+0x5/0x20 [ 803.786328][ C1] ? _local_bh_enable+0xa0/0xa0 [ 803.791199][ C1] ? __dev_queue_xmit+0x1c56/0x3230 [ 803.796424][ C1] ? __copy_skb_header+0x47b/0x600 [ 803.801548][ C1] ? dev_queue_xmit+0x20/0x20 [ 803.806234][ C1] ? memcpy+0x3c/0x60 [ 803.810245][ C1] netlink_rcv_skb+0x1cf/0x410 [ 803.815027][ C1] ? rtnetlink_bind+0x80/0x80 [ 803.819811][ C1] ? netlink_ack+0xb10/0xb10 [ 803.824434][ C1] netlink_unicast+0x7b6/0x980 [ 803.829231][ C1] ? netlink_detachskb+0x90/0x90 [ 803.834182][ C1] ? __virt_addr_valid+0x39e/0x450 [ 803.839298][ C1] ? 0xffffffff81000000 [ 803.843463][ C1] ? __check_object_size+0x300/0x410 [ 803.848761][ C1] ? bpf_lsm_netlink_send+0x5/0x10 [ 803.853881][ C1] netlink_sendmsg+0xa30/0xd60 [ 803.858655][ C1] ? netlink_getsockopt+0x5b0/0x5b0 [ 803.863862][ C1] ? aa_sock_msg_perm+0x91/0x150 [ 803.868812][ C1] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 803.874105][ C1] ? security_socket_sendmsg+0x7d/0xa0 [ 803.879577][ C1] ? netlink_getsockopt+0x5b0/0x5b0 [ 803.884794][ C1] __sys_sendto+0x564/0x720 [ 803.889320][ C1] ? __ia32_sys_getpeername+0x80/0x80 [ 803.894813][ C1] ? print_irqtrace_events+0x210/0x210 [ 803.900292][ C1] ? vtime_user_exit+0x2d1/0x400 [ 803.905255][ C1] __x64_sys_sendto+0xda/0xf0 [ 803.909948][ C1] do_syscall_64+0x3b/0xb0 [ 803.914394][ C1] ? clear_bhb_loop+0x15/0x70 [ 803.919085][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 803.924990][ C1] RIP: 0033:0x7f85067fab9c [ 803.929421][ C1] RSP: 002b:00007ffc7bc614b0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 803.937848][ C1] RAX: ffffffffffffffda RBX: 00007f8507460620 RCX: 00007f85067fab9c [ 803.945831][ C1] RDX: 000000000000002c RSI: 00007f8507460670 RDI: 0000000000000003 [ 803.953814][ C1] RBP: 0000000000000000 R08: 00007ffc7bc61504 R09: 000000000000000c [ 803.961793][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 803.969859][ C1] R13: 0000000000000000 R14: 00007f8507460670 R15: 0000000000000000 [ 803.977859][ C1] [ 803.980897][ C1] rcu: rcu_preempt kthread starved for 10573 jiffies! g93801 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 803.992189][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 804.002161][ C1] rcu: RCU grace-period kthread stack dump: [ 804.008048][ C1] task:rcu_preempt state:R running task stack:27000 pid: 15 ppid: 2 flags:0x00004000 [ 804.018840][ C1] Call Trace: [ 804.022131][ C1] [ 804.025169][ C1] __schedule+0x12c4/0x45b0 [ 804.029688][ C1] ? _raw_spin_unlock_irqrestore+0x8b/0x130 [ 804.035598][ C1] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 804.041529][ C1] ? __mod_timer+0xa8e/0xeb0 [ 804.046151][ C1] ? release_firmware_map_entry+0x190/0x190 [ 804.052063][ C1] ? mod_timer_pending+0x20/0x20 [ 804.057014][ C1] ? lockdep_softirqs_off+0x420/0x420 [ 804.062411][ C1] schedule+0x11b/0x1f0 [ 804.066795][ C1] schedule_timeout+0x1b9/0x300 [ 804.071665][ C1] ? console_conditional_schedule+0x40/0x40 [ 804.077574][ C1] ? update_process_times+0x200/0x200 [ 804.082963][ C1] ? prepare_to_swait_event+0x321/0x340 [ 804.088527][ C1] rcu_gp_fqs_loop+0x2bf/0x1080 [ 804.093394][ C1] ? _raw_spin_unlock_irq+0x1f/0x40 [ 804.098603][ C1] ? lockdep_hardirqs_on+0x94/0x130 [ 804.103818][ C1] ? rcu_gp_init+0xdae/0x1140 [ 804.108508][ C1] ? rcu_gp_init+0x1140/0x1140 [ 804.113291][ C1] ? finish_swait+0xc5/0x1d0 [ 804.117892][ C1] rcu_gp_kthread+0xa4/0x360 [ 804.122486][ C1] ? _raw_spin_unlock+0x40/0x40 [ 804.127351][ C1] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 804.132474][ C1] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 804.138404][ C1] ? __kthread_parkme+0x15c/0x1c0 [ 804.143446][ C1] kthread+0x3f6/0x4f0 [ 804.147525][ C1] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 804.152647][ C1] ? kthread_blkcg+0xd0/0xd0 [ 804.157250][ C1] ret_from_fork+0x1f/0x30 [ 804.161691][ C1] [ 804.164722][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 804.171043][ C1] NMI backtrace for cpu 1 [ 804.175385][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.15.160-syzkaller #0 [ 804.183195][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 804.193342][ C1] Call Trace: [ 804.196631][ C1] [ 804.199476][ C1] dump_stack_lvl+0x1e3/0x2d0 [ 804.204174][ C1] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 804.209816][ C1] ? panic+0x860/0x860 [ 804.213912][ C1] nmi_cpu_backtrace+0x46a/0x4a0 [ 804.218858][ C1] ? __wake_up_klogd+0xd5/0x100 [ 804.223731][ C1] ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0 [ 804.229896][ C1] ? _printk+0xd1/0x120 [ 804.234064][ C1] ? cpu_online+0x1f/0x40 [ 804.238518][ C1] ? panic+0x860/0x860 [ 804.242611][ C1] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 804.248692][ C1] nmi_trigger_cpumask_backtrace+0x181/0x2a0 [ 804.254784][ C1] rcu_check_gp_kthread_starvation+0x1d2/0x240 [ 804.260972][ C1] print_other_cpu_stall+0x137a/0x14d0 [ 804.266465][ C1] ? print_cpu_stall+0x600/0x600 [ 804.271424][ C1] ? __lock_acquire+0x1ff0/0x1ff0 [ 804.276484][ C1] ? do_raw_spin_unlock+0x137/0x8b0 [ 804.281709][ C1] rcu_sched_clock_irq+0xa38/0x1150 [ 804.286932][ C1] ? rcutree_dead_cpu+0x20/0x20 [ 804.291807][ C1] ? hrtimer_run_queues+0x163/0x450 [ 804.297014][ C1] ? account_process_tick+0x232/0x3a0 [ 804.302399][ C1] update_process_times+0x196/0x200 [ 804.307610][ C1] tick_sched_timer+0x386/0x550 [ 804.312492][ C1] ? tick_setup_sched_timer+0x2d0/0x2d0 [ 804.318053][ C1] __hrtimer_run_queues+0x55b/0xcf0 [ 804.323287][ C1] ? hrtimer_interrupt+0x980/0x980 [ 804.328414][ C1] ? ktime_get_update_offsets_now+0x407/0x420 [ 804.334507][ C1] hrtimer_interrupt+0x392/0x980 [ 804.339480][ C1] __sysvec_apic_timer_interrupt+0x139/0x470 [ 804.345476][ C1] sysvec_apic_timer_interrupt+0x8c/0xb0 [ 804.351213][ C1] [ 804.354148][ C1] [ 804.357081][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 804.363076][ C1] RIP: 0010:acpi_idle_do_entry+0x10f/0x340 [ 804.368903][ C1] Code: fd 58 f7 48 83 e3 08 0f 85 0a 01 00 00 4c 8d 74 24 20 e8 24 79 5f f7 0f 1f 44 00 00 e8 1a f9 58 f7 0f 00 2d 33 bb bb 00 fb f4 <4c> 89 f3 48 c1 eb 03 42 80 3c 3b 00 74 08 4c 89 f7 e8 8b c7 a2 f7 [ 804.388519][ C1] RSP: 0018:ffffc90000d67b00 EFLAGS: 000002d3 [ 804.394600][ C1] RAX: ffffffff8a2763a6 RBX: 0000000000000000 RCX: ffff88813fe78000 [ 804.402578][ C1] RDX: 0000000000000000 RSI: ffffffff8a8b2980 RDI: ffffffff8ad8f6c0 [ 804.410567][ C1] RBP: ffffc90000d67b90 R08: ffffffff8186dcf0 R09: ffffed1027fcf001 [ 804.418550][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff920001acf60 [ 804.426538][ C1] R13: ffff8881463ce804 R14: ffffc90000d67b20 R15: dffffc0000000000 [ 804.434520][ C1] ? trace_hardirqs_on+0x30/0x80 [ 804.439464][ C1] ? acpi_idle_do_entry+0x106/0x340 [ 804.444690][ C1] ? acpi_idle_enter_bm+0x5c0/0x5c0 [ 804.449897][ C1] ? rcu_preempt_deferred_qs+0x6b/0x190 [ 804.455453][ C1] ? rcu_qs+0x190/0x190 [ 804.459641][ C1] acpi_idle_enter+0x352/0x4f0 [ 804.464426][ C1] cpuidle_enter_state+0x521/0xef0 [ 804.469559][ C1] ? cpuidle_enter_s2idle+0x6b0/0x6b0 [ 804.474941][ C1] ? can_stop_idle_tick+0x20d/0x2b0 [ 804.480153][ C1] ? tick_nohz_idle_stop_tick+0x354/0xa70 [ 804.485885][ C1] cpuidle_enter+0x59/0x90 [ 804.490312][ C1] do_idle+0x3e4/0x670 [ 804.494418][ C1] ? print_irqtrace_events+0x210/0x210 [ 804.499893][ C1] ? idle_inject_timer_fn+0x60/0x60 [ 804.505106][ C1] ? lockdep_hardirqs_on+0x94/0x130 [ 804.510316][ C1] ? asm_sysvec_apic_timer_interrupt+0x11/0x20 [ 804.516573][ C1] ? schedule_idle+0x57/0x90 [ 804.521175][ C1] cpu_startup_entry+0x14/0x20 [ 804.525962][ C1] start_secondary+0x371/0x500 [ 804.530739][ C1] ? arch_scale_freq_tick+0x120/0x120 [ 804.536217][ C1] secondary_startup_64_no_verify+0xb1/0xbb [ 804.542137][ C1]