last executing test programs: 1m36.825110079s ago: executing program 1 (id=127): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f00000000c0)) bind$pptp(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x10}}}, 0x1e) connect$pptp(0xffffffffffffffff, &(0x7f0000000700)={0x18, 0x2, {0x0, @multicast1}}, 0x1e) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x7f}, 0x90) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCSFLAGS1(r2, 0x4004743a, &(0x7f0000000300)) pwritev(r1, &(0x7f0000000180)=[{&(0x7f00000002c0)='\x00!', 0x2}], 0x1, 0xfffffffe, 0x0) 1m36.379761341s ago: executing program 1 (id=132): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x2b8, 0xb0000010, 0x2, 0x5c8f0200, 0x388, 0x3a8, 0x3a8, 0x388, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private1, @local, [], [], 'vlan1\x00', 'veth0_to_team\x00'}, 0x0, 0x248, 0x290, 0x700, {}, [@common=@inet=@hashlimit3={{0x158}, {'geneve1\x00', {0xf1, 0x0, 0x33, 0x0, 0x0, 0x1, 0x7fffffff}}}, @common=@unspec=@limit={{0x48}, {0x0, 0x3}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x206, 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8) 1m34.782737539s ago: executing program 1 (id=133): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xa152, 0x0, 0x0, 0x3c, 0x0, 0x0, "b4bc323ef77d1f0000568400"}}) 1m33.853691655s ago: executing program 1 (id=135): r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) sendmsg$rds(r0, &(0x7f0000000740)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, 0x0, 0x0, &(0x7f0000004680)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000002bc0)=[{0x0}], 0x1}}], 0x48}, 0x0) 1m32.970489347s ago: executing program 1 (id=136): connect$unix(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'veth1_to_bridge\x00', 0x0}) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000140)={@mcast2, @mcast1, @private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0022}) ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000240)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @remote, @dev={0xfe, 0x80, '\x00', 0xe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400046, r1}) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'team0\x00'}) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000100)={'team0\x00'}) 1m32.628996748s ago: executing program 1 (id=141): syz_read_part_table(0x1051, &(0x7f0000000000)="$eJzsz72twkAQBOC552dzAUg0R0YxJqAAyjBdUA4dEAHyXwtA8H3B3s1KE2z4rn1SHjVpk27MbflPP6bVX5Ldq0lOJXXJST822tTLULfT4jnNbrPWmmWWdXEf5vfcHG/zr+Rw/cCFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDz3gEAAP//iNwKcg==") 1m16.907412755s ago: executing program 32 (id=141): syz_read_part_table(0x1051, &(0x7f0000000000)="$eJzsz72twkAQBOC552dzAUg0R0YxJqAAyjBdUA4dEAHyXwtA8H3B3s1KE2z4rn1SHjVpk27MbflPP6bVX5Ldq0lOJXXJST822tTLULfT4jnNbrPWmmWWdXEf5vfcHG/zr+Rw/cCFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDz3gEAAP//iNwKcg==") 7.548445912s ago: executing program 3 (id=398): syz_mount_image$vfat(&(0x7f0000000500), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000b80)={[{@utf8no}, {@uni_xlate}, {@numtail}, {@fat=@check_strict}, {@fat=@codepage={'codepage', 0x3d, '1250'}}, {@utf8no}, {@fat=@umask={'umask', 0x3d, 0xcf7f}}, {@rodir}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'cp862'}}, {@uni_xlateno}, {@rodir}, {@numtail}, {@uni_xlate}, {}, {@shortname_win95}]}, 0x26, 0x34e, &(0x7f0000001f80)="$eJzs3TtoZNUbAPBv9uYN+0+KPwStRjtBlk3EQquEZYXFFLoy+GocTNZH7riQwYFskdlpFEvFRtDKzkLLrcVCxM7C1hVkVWzcbmEXr8zcm5k7j2hWTOKyv18RPr5zvjnn3HvC3LxOXlmL7c3puHTz5o2Ym6vE1Nq5tbhViaU4FUnkrsaIzmgCALiX3Mqy+D3LldLLk3t/sLAfzRzD3ACAo9F7/3/t9CAxe5KzAQCOwwFf/496ZmL28pFNCwA4QmPv/w8PNY98m3+q/zsBAMC967kXX3p6fSPiYrU6F9F4t1Vr1eLJQfv6pXgj0tiKs7EYdyLyB4X8aaH78akLG+fPVrt+Xopat6JVi2i0W7X8SWE96dXPxkosxlJRn/Xrk279Sq++GhFX273xo1Fp1aZjoRj/h4XYitVYjP+P1Udc2Di/Wi1eoNbYr29HdGJufxHd+Z+Jxfju1bgcaWxGt3Yw/72VavVctlGqr/d+ELJ5EjcEAAAAAAAAAAAAAAAAAAAAAID7wplq31L//Jus0W69c3G0w1L5fJ1WLW8uzgfq5OcDZbP7p/O8l4yeDzR8Pk+rNhWnTnTlAAAAAAAAAAAAAAAAAAAA8N/R3J2Jeppu7TR3r2yXg3Yp89Y3n381H6N93kwGmZjKX26oT5GLUlUS/fKsX54lQ32KIIkYdP7sWn/GeSaZsJaxVcz2FljOVIo51dP09EM/fTw26O6V7T8GmSTGLstwUClGLjU1/pen/qLq4GD1b/pcz7LsoPK9j8arohIxNXbj/o3g6xuvP/BYc/nxXubL4tCHRx5dfP76h5/+ul1Po7g0aTqz07yT/eOxktL+qRTXuRITNtvEoDPIdHaau/Xk+99eePD9b4f6zI9tkiLIypm394O54dtdT9MvRkefyYPuNA+z0ukJm39y8PLt/u69+4u5/Mla/drej78ctqr0ieWgDgAAAAAAAAAAAAAAAAAAOBalvxW/C088e3QzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDjN/j//6WgM5Y5THC7HeNNs1s7zZEhZ/rR/LEvFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA+9SfAQAA//8PVnAt") truncate(&(0x7f00000000c0)='./file1\x00', 0x8008) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x0) sendfile(r0, r0, 0x0, 0x80000000) 6.445191064s ago: executing program 2 (id=401): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x44, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0) openat$zero(0xffffff9c, 0x0, 0x4800c0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f00000005c0)) sendmsg$IPSET_CMD_SWAP(r1, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)={0x34, 0x6, 0x6, 0x301, 0x0, 0x0, {0x5, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x844}, 0x840) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./bus\x00', 0x2000082, &(0x7f0000002380)={[{@shortname_winnt}, {@shortname_mixed}, {@shortname_win95}, {@rodir}, {@fat=@codepage={'codepage', 0x3d, '949'}}, {@fat=@codepage={'codepage', 0x3d, '1250'}}, {@shortname_lower}, {@shortname_mixed}, {@fat=@showexec}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@uni_xlate}, {@rodir}, {@shortname_win95}, {@shortname_win95}, {@uni_xlateno}]}, 0x1, 0x369, &(0x7f0000000100)="$eJzs3U1oXFUUAOAzfWlmWq2ZhVB0NXUnSGkiLnSVUCoUs9DK4B+Cg039yYyFDA4ki0xmoxRXghtBV+660I3QtbgQcefCrRWkKm7srtDgk5l58z+DCTix4vctyuHce969982l7yUkN681Y/Py8bhy+/atKBRysbB6fjXu5KIYxyKJrr2Y6oPF6XkA4B53J03jj7QrzjTve/WAdZ79APDf1Xn+v3FqkMgfovja/fOYEgAwZyNf/8/27NTs1blNCwCYo4nn/yMjzWPf5l/o/0xA14n5TxAA+Mc9/9LLz6ytR1wqlQoRtfcb5UY5nhq0r12Jt6IaG3EulmI/ovui0H1baP/79MX1C+dKbb8Uo9yuaJQjas1GufumsJZ06vOxHEtRzOrTfn3Srl/u1JciYq/ZGT9quUb5eJzMxv/xZGzESizFgxP1ERfXL6yUsguUa736ZkQrCr1FtOd/Npbi+9fjalTjcrRrB/PfXS6VzqfrI/WN6/lOPwAAAAAAAAAAAAAAAAAAAAAAmIezpb5i//ybtNZsvHdpvENx5Hyccrc5Ox+o1T0fKM33Tue5loyfDzR6Pk+jvBDH/tWVAwAAAAAAAAAAAAAAAAAAwL2jvr0YlWp1Y6u+vbM5HDSHMu98+/nXJ6LXtJCVvp0MqiJLjlyn13Hoykn0h0j75Wky0icLkohe573K9Rv9GQ/3yfdXMVHeDvITTblsTpVq9dSZnz+ZVvVnO9jrZJKYuC2jQS4bf6ip9kA7UYiI/VlVs4OVv+lzM03TWeW7H49nsqMYmoeexgGCb269+dDj9dNPdDJfZSM9+tjSCzc/+uy3zUo1Wt07U60ubtX30wNcOXLR20WDTVJNhvZPLrvPuSk7YXrQGmRaW/XtSvLD7y8+/OF3Q30Kk59gL0iHM+/OHuuL8cxiN8hFFMeXMy04PmXzTw9eudvfvYf/4E5/ulq5sfvTrwetGvpPwkEdAAAAAAAAAAAAAAAAAABwJOrbO1+e7PzS71hDmqbNmVVPPjf3iQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAEapv72xWOn//fyhoTWQOEtxtxmRTfmOrPnPwE0e6VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/sf+CgAA///k4Hd+") rename(0x0, &(0x7f0000000080)='.\x02\x00') syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "76db40", 0x44, 0x2f, 0x0, @dev={0xfe, 0x80, '\x00', 0x21}, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6558}, {}, {}, {}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10}, 0x2, {0x8, 0x1}}}}}}}}}, 0x0) 5.95148101s ago: executing program 3 (id=402): mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x52b, &(0x7f0000000f80)="$eJzs3c9rJFkdAPBvdbpjMpPZZNWDLriu7kJm0OlONu5u8LCOIHpaUNf7GJNOCOmkQ7qzOwmLm8E/QBBRwZNevAj+AYIsePG4CAt6VlQU0VkFPejUUt3VmZlMd6cz0/kxyecDlXqvXlV93+tQ1fW6HlUBXFjPRcSNiLibpum1iJjMlxfyKfbaU7be+3feWsymJNL09X8kkeTLOvtK8vnlfLOxiPj6VyK+lTwct7Gzu7ZQq1W38nylub5ZaezsXl9dX1iprlQ35uZmX55/Zf6l+ZmhtPNKRLz6pb/84Ls/+/Krv/rsm3+8+ber386qNZGX39+OIyr2K2w3vXTj4AZbjxjsLMraU+pkxrutMfLQktvHXCcAALrLrvE/HBGfjohrMRkj/S9nAQAAgCdQ+oWJ+F8SkXY32mM5AAAA8AQptMbAFqOcjwWYiEKhXG6P4f1oXCrU6o3mZ5br2xtL7bGyU1EqLK/WqjP5WOGpKCVZfraVvpd/8UB+LiKejojvT4638uXFem3ptH/8AAAAgAvicqvPnxQ6/f9/T7b7/wAAAMA5M3WEdf9zjPUAAAAAjs9R+v8AAADAk0n/HwAAAM61r772WjalnfdfL72xs71Wf+P6UrWxVl7fXiwv1rc2yyv1+krrmX3rh+2vVq9vfi42tm9VmtVGs9LY2b25Xt/eaN5cbb0OHAAAADgFT3/ynd8nEbH3+fHWlBkdbNMBVwPOquJ+KsnnXQ7rPzzVnv/5hCoFnIiRvqWlE6sHcPKKp10B4NT4hgeSQ8p7Dt55N59/arj1AQAAhm/6473v/xf6brnXvxg48xzEcHH1v/8PnGet+/+DjuR1sQDnSskVAFx4g9//P3AR8O6gEdL0yJUCAACGaqI1JYVyfmU/EYVCuRxxpfVagFKyvFqrzkTEUxHxu8nSh7L8bGvL5NA+AwAAAAAAAAAAAAAAAAAAAAAAAADQlqZJpAAAAMC5FlH4a/Lr9rP8pydfmDj4+8Bo8t/JyF8R+uaPX//hrYVmc2s2W/7P/eXNH+XLXzyNXzAAAADgQjjSC/w7/fROPx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhun9O28tdqaTjPv3L0bE1IH4SVZSjLGI0YixKEXEpX8lUbxvu0JEjAwh/nj252Pd2p9k1doPeTB+0tn2Me3d7hs/prJPoUf8y0OIDxfZO9n550a3468Qz7Xm3Y+/YsQD+UfV9fyXG8v/jvQ4/q8MGOOZ935R6Rn/dsQzxe7nn078pEf85weM/81v7O72Kkt/EjHd9fsneSBWpbm+WWns7F5fXV9Yqa5UN+bmZl+ef2X+pfmZyvJqrZr/7Rrje5/45d1+7b/UI/7UIe1/YcD2//+9W3c+0k6WusW/+nyX+L/5ab7Gw/Hz77707TydlU930nvt9P2e/flvn+3X/qUe7T/s/391wPZf+9p3/jTgqgDACWjs7K4t1GrVrWEnCse25yMmsl76GajGWftYJKpbjbeHusM0TdPsmHqM/SRxFj6WVuK0z0wAAMCw3bvoP+2aAAAAAAAAAAAAAAAAAAAAwMV1Eo8TOxhzbz+VDOMR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ/FBAAAA///ROdsN") r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) syz_open_procfs(0x0, 0x0) mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) 5.530548749s ago: executing program 4 (id=403): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0) syz_usb_connect(0x7, 0x2d, &(0x7f00000008c0)=ANY=[@ANYBLOB="12010000c113"], 0x0) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000500), 0xc0202, 0x0) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8) r4 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x2) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r4, 0xab00, r5) ioctl$NBD_DO_IT(r4, 0xab03) ioctl$NBD_CLEAR_SOCK(r4, 0xab04) r6 = msgget(0x0, 0x40) msgctl$MSG_INFO(r6, 0xc, 0x0) 5.530373079s ago: executing program 2 (id=404): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xd9, 0xd0, 0xc0, 0x10, 0x1a0a, 0x104, 0xddd4, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xe2, 0x3e, 0x60}}]}}]}}, 0x0) 4.423444671s ago: executing program 3 (id=405): mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x2000040, &(0x7f00000004c0)=ANY=[@ANYBLOB='gid=forget,umask=00000000000000000000003,gid=', @ANYRESDEC=0x0, @ANYBLOB=',session=00000000000000043620,gid=ignore,iocharset=euc-jp,gid=', @ANYRESDEC=0x0, @ANYBLOB="2c6164696e6963622c6d6f64653d30303030303030303030303030303030303030303030332c6e6f7374726963742c009b801a9990a34c426430bf3757fbcea5d9a21b29b4ae2c6d10e74873111016bc74ff654722640a72d8cc5e210fef2b359e9e61ade82c60025773de99df3af6548534bfdef68d88ae15c726"], 0xfe, 0xc2d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) rmdir(&(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00') 3.862623093s ago: executing program 4 (id=407): r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x2) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = io_uring_setup(0x17ba, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1}) close_range(r2, 0xffffffffffffffff, 0x0) ioctl$NBD_DO_IT(r0, 0xab03) 3.842489185s ago: executing program 0 (id=408): write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, 0x0) r1 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r1, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x10}}}, 0x1e) connect$pptp(r1, &(0x7f0000000700)={0x18, 0x2, {0x0, @multicast1}}, 0x1e) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x7f}, 0x90) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCSFLAGS1(r2, 0x4004743a, &(0x7f0000000300)) pwritev(r0, &(0x7f0000000180)=[{&(0x7f00000002c0)='\x00!', 0x2}], 0x1, 0xfffffffe, 0x0) 3.756120183s ago: executing program 3 (id=409): socket$nl_rdma(0x10, 0x3, 0x14) socket$netlink(0x10, 0x3, 0x0) r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000480)='GPL\x00', 0x40, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa) sendmsg$NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x40810) syz_init_net_socket$llc(0x1a, 0x4, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f0000000580), 0xa, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="02c900000000000000"], 0x9) ioctl$FS_IOC_SETFLAGS(r1, 0x40046f41, &(0x7f0000000440)=0x1f) getsockname$packet(r0, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0xfe3b) syz_emit_vhci(&(0x7f0000001e00)=ANY=[@ANYBLOB="040f047ce11620"], 0x7) 2.844054598s ago: executing program 0 (id=410): syz_mount_image$nilfs2(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000001400)=ANY=[@ANYRES64=0x0, @ANYRES8, @ANYRES32, @ANYRESDEC, @ANYRES8=0x0, @ANYRES32, @ANYBLOB="e5f0986a95b4a041c6140884aa3ee1b8a51a2f195aca4ce79a3b534f3fa12c4e1790181917f9b22d45f7d86339c33c4a5e4f7224ec19", @ANYRES16, @ANYRESHEX, @ANYRESOCT, @ANYRESHEX], 0x1, 0xa7a, &(0x7f0000000980)="$eJzs3UuMHEcZAODu3Z21nTh4HGxinJDYBJIIyG68a8zDgjiKL1gx4hYp4mI5TrBwDMKRIFEkbJ+4kcgyN8RDnHKJACGRC7Jy4hKJWOKSU+DAActIkThAgj1oZ6tmZ37PpGe9j97Z+T6ppqa7arqqZ3t6+1VVBTC2Jtqvjfbr5TcvHf3nQ//YtvD+8U6OZvt1qmtqIXeZpqfC8t6bXIxvvP/KyX5xWcy1X/P0ZNdn7yyK4nyxr7hSNIu9l6++9vbcU8cvHLu4/53XD19bg1UHAICx860rhw/u/ttf7t35wRv3Hym2dObn4/Nmmt6ejvuPpAP/hWiqzOcPS+cDZVfoNh3yTaUwEfJN9slXdOVr5Hxbez8Xy58Oy20MyLelovzJcI5ShvrAKMvbcbMoJ2Z6picmZmYWz8mL9nn9dDlz9vSZ587VVFFg1f37gaIo9gnCuIXWjs6PoPa61Be6vgWAWsX7hbc4H68srExnaVPDlX/9iYn+n+/VWM06Mj7We/tXflx+bz3Wu/yq9f/NhTVef8bK8FvT1jWtx2rL65V/R9vTdLyPEJ9fWu7+Jy9vMixv2AOAQfcRRuX+wqB6Tq5zPW7XoPrH7WKz+lqK8/fw9ZDe/fuJf9NR+RsD/f1nw13/37ZUudrrIgibO7Tq3PkA9ao4rY/PzbWSnB6f64vpWyrSt1akb6tIv6Mi/c6KdBhnv3/xp8WrZdG3PV6xeP7f/rEMez0sX2e7K8UfW2Z94vXI5V6Pi8/9LtdKy4/PE8NG9scTT5/68rPPXF18/r/sbP830/a+L00302/rSsqQrxfG6+qdZ/+bveVMDMh3d6jPXX3yt9/v6s1X7lpaTtG1n7mlHnt6P7djUL77evM1Q75tKcTDpXh8ckf4XD7+yPvV/H1NhfVthPWYDvXI+5WdKR6tuzFsVHl7HPT8f94+9xSN8rnTZ049lqbzdvrnycaWhfkH1rnewMoN2/5nT9Hb/md7Z35jonu/sGNpftm9X2iG+XMD5s+n6fx/7juT29rzZ05+78yzq73yMObOvfTyd0+cOXPqB9544403nTd175mAtTb74gvfnz330suPnn7hxPOnnj91dv7Qofm5uUNfmT842z6un+0+ugc2k6V/+nXXBAAAAAAAAAAAABjWD48dvfrXt7707mL7/6X2f7n9f37yN7f//0lo/x/byed28Lkd4M4+6e08oYPV6ZCvkcLHQ313hXJ2h899IsWdcfxS+/9cXOzXNdfnnjA/9t+b84XuBG7pL2U69EESxwv8dIovpvjXBdSo/Hn/2Smu6t86b+u5fwr9Uoym/HfL/Znkfkxy++9B/Trl/f/O/ov98WrXk9W1Hs0J615HoL9/bbj+v9ckLHX4WXtdus4Yaq+LsNHCjVartZ7ltVofNYqHsaaA9VP3+J/5umeOz/7pG1sXQs52/Yne/WXsvxRWou7xL2srP19YHNf1H7L81R7/szP+3dD7vzBiXvP2yv3vL66921VssXdg+VuKnvLj+ud+oHctr/wPUvl5bR4uBpXfu/6tX4Xy4w2hIX0Yyr9jyPLj+l9absGpwP+l8vPX9siDw5a/uIByorce8bpxvv8XrxtnN8L65749l7v+tztQ481UPoyzURlndrl6xv+90Fr/8X9XOMJQfA7ji2k67wjzcw5xvJPl1j8/X5H/D+wOyy8r/r8Z/3e0fTXFVb+HPP5v3h6bfaYnuqYbfb7bzbqvgVH13qrd/+t6Ym4D3EcRxieUtrnbDq1Wq9abfO4w1qvu77/u84S6y6/7+68Sx/+Nx/Bx/N+YHsf/jelx/N+Y3r6u+OHSoL3x+4rj/8b0OP5vTL8nlBvHB95Tkf7JivS9Fen3VqTfV5H+qYr0/RXp91ekP1CRfndF+oMV6Z8Jf/GY/tmKzz9Ukf7IR6fP/6ji85tdbo8yrusP4yy2z/P7h/GR7/8M+v3vqkgHRtfP3jjw5DO/+3Zzsf3/dOd6SL6PdyRNN9K5czxfitdPJlPaW2n67yF9o1/vgHES+8+I/98frkgHRld+zsvvG8ZQ2b/HnmH7rRp0nM9o+VyKP5/iL6T40RTPpHg2xQdSPLdO9WNtPPnbPxx+tVw6398R0od9njy2B4r9RM0PWZ94fWC5z7PHfvyWa6Xl32ZzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNpMtF8PHtxTFsXlNy8dffr46dmFOY93cjTbr1NdU43O54risRRPpviX6c2N91852R3fTHFZzBVlUXbmF9+83inpzqIozhf7iitFs9h7+eprb889dfzCsYv733n98LW1+wYAAABg8/t/AAAA//9N2hwq") r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r0, 0x0, 0x0) r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x80044940, &(0x7f00000010c0)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, 0x0}) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r8 = getpid() sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r9, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r10, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$sndpcmc(0x0, 0x2, 0x440400) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_mount_image$msdos(&(0x7f00000003c0), &(0x7f0000000340)='.\x00', 0x126a4b5, &(0x7f0000004140)=ANY=[@ANYRES16=r6, @ANYRES64=r4, @ANYRES8=r4, @ANYRES16=r6, @ANYRESDEC=r5, @ANYRES16=r3, @ANYRES16, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRESHEX=0x0, @ANYRES32=r2], 0x5, 0x0, &(0x7f0000000000)) 2.842078188s ago: executing program 3 (id=411): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000001100)=ANY=[], 0xe2) 2.766711075s ago: executing program 2 (id=412): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xa}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xfffff038}, {0xb1, 0x0, 0x0, 0xfffff024}, {0x6}]}, 0x10) sendmmsg(r2, &(0x7f0000001c00), 0x400000000000159, 0x40840) 2.71326563s ago: executing program 4 (id=413): migrate_pages(0x0, 0x2, 0x0, &(0x7f00000000c0)=0x3ff) 2.533474736s ago: executing program 4 (id=414): r0 = shmget$private(0x0, 0x3000, 0x54000000, &(0x7f0000ffd000/0x3000)=nil) shmat(r0, &(0x7f0000ffc000/0x3000)=nil, 0x4000) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil) 2.122631044s ago: executing program 4 (id=415): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0) syz_usb_connect(0x7, 0x2d, &(0x7f00000008c0)=ANY=[@ANYBLOB="12010000c113"], 0x0) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000500), 0xc0202, 0x0) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8) r4 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x2) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r4, 0xab00, r5) ioctl$NBD_DO_IT(r4, 0xab03) ioctl$NBD_CLEAR_SOCK(r4, 0xab04) msgget(0x0, 0x40) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) 2.122509604s ago: executing program 3 (id=416): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x102, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) close(r0) 1.610104902s ago: executing program 2 (id=417): mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x2000040, &(0x7f00000004c0)=ANY=[@ANYBLOB='gid=forget,umask=00000000000000000000003,gid=', @ANYRESDEC=0x0, @ANYBLOB=',session=00000000000000043620,gid=ignore,iocharset=euc-jp,gid=', @ANYRESDEC=0x0, @ANYBLOB="2c6164696e6963622c6d6f64653d30303030303030303030303030303030303030303030332c6e6f7374726963742c009b801a9990a34c426430bf3757fbcea5d9a21b29b4ae2c6d10e74873111016bc74ff654722640a72d8cc5e210fef2b359e9e61ade82c60025773de99df3af6548534bfdef68d88ae15c726"], 0xfe, 0xc2d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) rmdir(&(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00') 1.603614242s ago: executing program 0 (id=418): write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, 0x0) r1 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r1, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x10}}}, 0x1e) connect$pptp(r1, &(0x7f0000000700)={0x18, 0x2, {0x0, @multicast1}}, 0x1e) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x7f}, 0x90) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCSFLAGS1(r2, 0x4004743a, &(0x7f0000000300)) pwritev(r0, &(0x7f0000000180)=[{&(0x7f00000002c0)='\x00!', 0x2}], 0x1, 0xfffffffe, 0x0) 556.842319ms ago: executing program 0 (id=419): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x1, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0585605, &(0x7f0000000540)={0x0, 0x1, @stop_pts=0x6f}) 556.131089ms ago: executing program 2 (id=420): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) shutdown(r0, 0x1) r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000280)={r2, r0, 0x1, 0x0, 0x0, 0x48, 0x1, 0x5, 0xa, 0x8, 0x1, 0x2, 'syz0\x00'}) 234.697699ms ago: executing program 0 (id=421): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x88b02, 0x0) write$P9_RSTATu(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="300200007d00000005bf000000000000000000000000000000000000005a0200000000000000000b000000000000000000001b00046e6f6465767b65766f6f7e0539c60005000037d93a8b920000003800704a86cec602007dfa583effeb09b5351f5bde05"], 0x230) r1 = syz_io_uring_setup(0xa3, &(0x7f0000000640)={0x0, 0xe8cf, 0x0, 0x20, 0x40000333}, &(0x7f00000006c0)=0x0, &(0x7f00000020c0)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6007, @fd_index=0x4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001800)=""/211, 0xd3}], 0x1}) io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0) 234.445819ms ago: executing program 2 (id=422): syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x3008018, &(0x7f00000000c0)=ANY=[], 0xd0, 0x599, &(0x7f00000005c0)="$eJzs3cFvHFcZAPDvTbzOOk3abRISQgqyBBJREZHjpA7giBLqWkKKqNXEOXDCxE5qdWNHdoqSqoIcEFz4Hzj1AhKqBFyQOMCVA9wQqsQJccWgShUgEjST2Z3djcEO6429ze8nJTs7882bNyPb0vfem/cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIj46qsXJ86k3a4FAAAAMEhfv/z6xGRP/j+2W5UBAAAABuKK/n8AAAAAAAAAGHYpsvh+pLhzaCMdLL4/VL+0vPLWnfmZ2c1PG0vFmfuK+Pxf/czk2XMvTZ3/Quvzf5+/007Ea5evXBx/ZfXmrbWl9fWlxfH5leVrq4tL2y6h3/N7vVg8gPGbb761eP36+vjk6bNdh+80/rL/mWON6S++evRSK3Z+Znb2ckfMSO3/vvojjPAAAAB4uo1GFucixZWTP02HIiKL/nPhLdoOBm0sGnn+XdzE/MxscSPN5YWV2/nBuVYi3OjOiUdbOfITyMX70og4nNd1VEYPAADA9tUii09FihP3N9KzEbGvlQd/rpgYcOsCGk+gkpsYiYgjEXEqhiBnBwAAgF22P7J4PVL8qtmI58q8usj/vxIxvduVAwAAAHbESGRxPlJ8ML2RGsV4gIh4cX5mdvzS1fGvrVxf7YidS2WP+rC/H/AkGZsAAADAHlCPLA4VPf4b6fnHPvsfDx48GEi1AAAAgB00Fln8M1J89uVvF/PKRTEv/XPTXzp4YbZzhrnjW5STx56OiJPbfCe/Vs41OJfmUsoeKe3ejtwcAAAAUKinLP4cKT78Y734fqrMzdPIbtcMAAAA2DEpi+9Fii/PbaTUsy79vo71/duG/d3/wdZ/rP7K6q27a8s33ri96fED9YvfWr+9tnBt88MP1y7sGg6x1TqGAAAAsA21lMXfI8Vvm++1885yDYByBECVaL57ocpN66nnaNFu8GzRbtB+h+CZycnO7U1T1seYH69RXndf/7cNAAAAT5WUshiNFJ/5zcfLtf8PxCN90GXc7yLFhdUXyrhsNBrVXPqN4v/69eXm0kQeOxMpft5sxUYeG/vL2CNV7Jk89td5uQvdsfUy9mgRGnnsZB57P1K8sbZ57Meqcs/msWuR4ic/Gm/FHshjD5axx6rY09dWm4sDe8AAAACwB9RSFr+IFD/813j7lf/u/v+qt/3dd6r+/kcm6Psvff799v83OvbdK9sh9pftFSNbtFe8FilOPP9C636KtoLWsIKHax1U7RV/ixRr3+iOHS1jD1exZ7b9YAEAAGAPaY3///3VX7aH3Jc5cPl18/z/E73zAw4o/+9ckzC/5vrdt99caDaX1oZp47sR0bUn7ZGK2XisjfyHcA9UY2c2yl+qe3ulPv1u9PVnEAAAngp5/n81Utz54P12f3eZ/5dD5av8/8PvVPn/dG9BA8r/D3fsmy7nG6iNRNRv37xVOx5RX7/79ueXby7cWLqxtHJ26qWpiamp8+cma6Otzv1qq+9nBQAAAMMqz/8nIsVff/Dj9vv52+n/P9Bb0IDy/yMd+/JrVp1++Z4/9Xv7AAAA8FTI8/+fRYo/nHyvPY9ed/7fMf//O9V79qc+/XC0QLt1YED5/9GOfY3iulFNOggAAAAAAAAAAAAAAAAAAAAfEbWUxb8jxfv1kVRO+L+t+f8Wewsa0Pv/xzr2LcaTWf+v74cKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQyqLLJYjxSePb6SX8x3fjDjY+QkAAAAMvf8EAAD//1T3HVY=") newfstatat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab) 89.739562ms ago: executing program 0 (id=423): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002880)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) read$FUSE(r0, &(0x7f0000000100)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_LSEEK(r0, &(0x7f0000002140)={0x18, 0x0, r1, {0x7}}, 0x18) lstat(&(0x7f0000002740)='./file0\x00', 0x0) 0s ago: executing program 4 (id=424): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x78, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_REPLY={0x14, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}]}]}, 0x78}}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.17' (ED25519) to the list of known hosts. syzkaller login: [ 68.205575][ T5751] cgroup: Unknown subsys name 'net' [ 68.369322][ T5751] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 70.018279][ T5751] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 71.752853][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.759487][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.771001][ T5775] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 71.778529][ T5776] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 71.787407][ T5776] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 71.795515][ T5776] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 71.799841][ T5778] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 71.803442][ T5776] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 71.811156][ T5775] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 71.819255][ T5776] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 71.832282][ T5778] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 71.832290][ T5775] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 71.835763][ T5775] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 71.840510][ T5778] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 71.847868][ T5775] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 71.854322][ T5776] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 71.860689][ T5775] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 71.869155][ T5778] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 71.875377][ T5775] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 71.881956][ T5776] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 71.888899][ T5775] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 71.896162][ T5778] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 71.918392][ T5776] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 71.934004][ T5778] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 71.941111][ T5776] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 71.952889][ T5776] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 72.444280][ T5764] chnl_net:caif_netlink_parms(): no params data found [ 72.508015][ T5767] chnl_net:caif_netlink_parms(): no params data found [ 72.582910][ T5766] chnl_net:caif_netlink_parms(): no params data found [ 72.670827][ T5764] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.678253][ T5764] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.686814][ T5764] bridge_slave_0: entered allmulticast mode [ 72.693886][ T5764] bridge_slave_0: entered promiscuous mode [ 72.726891][ T5765] chnl_net:caif_netlink_parms(): no params data found [ 72.746341][ T5764] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.753660][ T5764] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.760815][ T5764] bridge_slave_1: entered allmulticast mode [ 72.767880][ T5764] bridge_slave_1: entered promiscuous mode [ 72.791617][ T5767] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.798895][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.806123][ T5767] bridge_slave_0: entered allmulticast mode [ 72.813638][ T5767] bridge_slave_0: entered promiscuous mode [ 72.845843][ T5767] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.853215][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.860391][ T5767] bridge_slave_1: entered allmulticast mode [ 72.867728][ T5767] bridge_slave_1: entered promiscuous mode [ 72.938620][ T5764] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.951387][ T5764] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.977529][ T5766] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.985348][ T5766] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.993214][ T5766] bridge_slave_0: entered allmulticast mode [ 73.000200][ T5766] bridge_slave_0: entered promiscuous mode [ 73.047948][ T5767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.058142][ T5766] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.065718][ T5766] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.073032][ T5766] bridge_slave_1: entered allmulticast mode [ 73.079832][ T5766] bridge_slave_1: entered promiscuous mode [ 73.098713][ T5764] team0: Port device team_slave_0 added [ 73.119230][ T5767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.143281][ T5764] team0: Port device team_slave_1 added [ 73.159957][ T5765] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.168042][ T5765] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.175935][ T5765] bridge_slave_0: entered allmulticast mode [ 73.183551][ T5765] bridge_slave_0: entered promiscuous mode [ 73.203524][ T5766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.216463][ T5766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.237743][ T5765] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.245288][ T5765] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.253015][ T5765] bridge_slave_1: entered allmulticast mode [ 73.259865][ T5765] bridge_slave_1: entered promiscuous mode [ 73.305204][ T5764] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 73.312446][ T5764] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.339094][ T5764] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 73.379174][ T5767] team0: Port device team_slave_0 added [ 73.389109][ T5767] team0: Port device team_slave_1 added [ 73.397453][ T5766] team0: Port device team_slave_0 added [ 73.408644][ T5766] team0: Port device team_slave_1 added [ 73.424437][ T5764] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 73.431466][ T5764] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.457670][ T5764] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 73.471072][ T5765] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.484006][ T5765] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.556094][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 73.563413][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.589722][ T5767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 73.603771][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 73.610753][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.636780][ T5767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 73.652767][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 73.659831][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.686389][ T5766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 73.699868][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 73.707178][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.733429][ T5766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 73.764017][ T5765] team0: Port device team_slave_0 added [ 73.817914][ T5765] team0: Port device team_slave_1 added [ 73.841876][ T5764] hsr_slave_0: entered promiscuous mode [ 73.848578][ T5764] hsr_slave_1: entered promiscuous mode [ 73.890820][ T5765] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 73.897885][ T5765] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.923902][ T5765] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 73.958376][ T5767] hsr_slave_0: entered promiscuous mode [ 73.964397][ T5776] Bluetooth: hci1: command tx timeout [ 73.964412][ T51] Bluetooth: hci3: command tx timeout [ 73.976760][ T5767] hsr_slave_1: entered promiscuous mode [ 73.983413][ T5767] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 73.991137][ T5767] Cannot create hsr debugfs directory [ 74.008546][ T5765] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.015654][ T5765] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.042138][ T51] Bluetooth: hci2: command tx timeout [ 74.045658][ T5765] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.058341][ T51] Bluetooth: hci0: command tx timeout [ 74.119445][ T5766] hsr_slave_0: entered promiscuous mode [ 74.126143][ T5766] hsr_slave_1: entered promiscuous mode [ 74.132512][ T5766] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 74.140277][ T5766] Cannot create hsr debugfs directory [ 74.276142][ T5765] hsr_slave_0: entered promiscuous mode [ 74.284264][ T5765] hsr_slave_1: entered promiscuous mode [ 74.290480][ T5765] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 74.298156][ T5765] Cannot create hsr debugfs directory [ 74.570793][ T5764] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 74.585299][ T5764] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 74.597487][ T5764] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 74.608154][ T5764] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 74.675179][ T5767] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 74.688498][ T5767] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 74.709663][ T5767] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 74.720864][ T5767] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 74.835930][ T5766] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 74.847046][ T5766] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 74.858632][ T5766] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 74.870181][ T5766] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 74.966315][ T5765] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 74.978037][ T5765] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 74.988911][ T5765] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 75.000921][ T5765] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 75.048218][ T5764] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.126073][ T5764] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.147211][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.176405][ T5046] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.183873][ T5046] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.208990][ T5046] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.216464][ T5046] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.273626][ T5767] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.323450][ T5766] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.343719][ T5046] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.350917][ T5046] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.390850][ T5766] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.423486][ T1117] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.430737][ T1117] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.471016][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.478279][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.499950][ T2952] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.507173][ T2952] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.538273][ T5765] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.647707][ T5765] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.681532][ T1117] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.688765][ T1117] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.749305][ T2952] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.756590][ T2952] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.856596][ T5764] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.008093][ T5764] veth0_vlan: entered promiscuous mode [ 76.045351][ T51] Bluetooth: hci1: command tx timeout [ 76.045361][ T5776] Bluetooth: hci3: command tx timeout [ 76.063406][ T5764] veth1_vlan: entered promiscuous mode [ 76.125623][ T51] Bluetooth: hci0: command tx timeout [ 76.125636][ T5776] Bluetooth: hci2: command tx timeout [ 76.174143][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.211308][ T5764] veth0_macvtap: entered promiscuous mode [ 76.225634][ T5766] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.258603][ T5764] veth1_macvtap: entered promiscuous mode [ 76.345785][ T5764] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.383436][ T5764] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.411315][ T5764] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.421227][ T5764] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.430507][ T5764] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.440175][ T5764] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.454788][ T5767] veth0_vlan: entered promiscuous mode [ 76.486853][ T5766] veth0_vlan: entered promiscuous mode [ 76.508355][ T5765] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.540604][ T5767] veth1_vlan: entered promiscuous mode [ 76.559412][ T5766] veth1_vlan: entered promiscuous mode [ 76.649834][ T5046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.668880][ T5046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.699736][ T5766] veth0_macvtap: entered promiscuous mode [ 76.730886][ T5767] veth0_macvtap: entered promiscuous mode [ 76.745259][ T5766] veth1_macvtap: entered promiscuous mode [ 76.769252][ T5767] veth1_macvtap: entered promiscuous mode [ 76.778996][ T2952] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.787580][ T2952] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.816360][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.840113][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.864883][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.879013][ T5765] veth0_vlan: entered promiscuous mode [ 76.891279][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.903830][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.916313][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.927472][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.939659][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.950872][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.962106][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.974823][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.990852][ T5765] veth1_vlan: entered promiscuous mode [ 77.020724][ T5766] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.031359][ T5766] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.058513][ T5766] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.079515][ T5766] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.102461][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.118377][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.129143][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.145623][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.158281][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.219258][ T5765] veth0_macvtap: entered promiscuous mode [ 77.228517][ T5767] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.238985][ T5767] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.249040][ T5767] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.258801][ T5767] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.301500][ T5765] veth1_macvtap: entered promiscuous mode [ 77.387724][ T5765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.399755][ T5765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.412376][ T5765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.423032][ T5765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.433131][ T5765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.446049][ T5765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.457973][ T5765] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.527347][ T5765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.541641][ T5765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.557208][ T5765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.577517][ T5765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.588005][ T5765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.603732][ T5765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.618065][ T5765] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.658243][ T5046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.668550][ T5046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.695031][ T5765] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.710577][ T5765] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.720775][ T5765] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.731609][ T5765] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.775529][ T5856] syz.2.5[5856]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 77.862307][ T2915] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.871104][ T2915] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.946920][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.978858][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.013787][ T2903] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.031881][ T2903] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.088533][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.111595][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.132838][ T51] Bluetooth: hci3: command tx timeout [ 78.132850][ T5776] Bluetooth: hci1: command tx timeout [ 78.202652][ T51] Bluetooth: hci2: command tx timeout [ 78.203710][ T5776] Bluetooth: hci0: command tx timeout [ 78.225346][ T1117] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.242348][ T1117] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.655555][ T5856] loop2: detected capacity change from 0 to 32768 [ 78.845315][ T5856] syz.2.5: attempt to access beyond end of device [ 78.845315][ T5856] loop2: rw=1, sector=4680032, nr_sectors = 8 limit=32768 [ 78.883718][ T5856] metapage_write_end_io: I/O error [ 78.932808][ T5856] blkno = 8ed2c, nblocks = 1 [ 78.942664][ T113] blkno = 8ed2c, nblocks = 1 [ 78.947655][ T113] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map [ 78.947655][ T113] [ 78.963075][ T5856] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map [ 78.963075][ T5856] [ 79.014973][ T113] ERROR: (device loop2): remounting filesystem as read-only [ 79.023029][ T5856] ERROR: (device loop2): remounting filesystem as read-only [ 79.065712][ T5856] blkno = 8ed2c, nblocks = 1 [ 79.070610][ T5856] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map [ 79.070610][ T5856] [ 79.143219][ T5856] ERROR: (device loop2): dtSearch: DT_GETPAGE: dtree page corrupt [ 79.143219][ T5856] [ 79.207140][ T5856] jfs_mkdir: dtSearch returned -5 [ 79.308235][ T5764] syz-executor: attempt to access beyond end of device [ 79.308235][ T5764] loop2: rw=1, sector=4680032, nr_sectors = 8 limit=32768 [ 79.332787][ T5764] metapage_write_end_io: I/O error [ 79.338277][ T5764] JFS: metapage_get_blocks failed [ 79.353708][ T5764] JFS: metapage_get_blocks failed [ 79.358833][ T5764] JFS: metapage_get_blocks failed [ 79.381864][ T5764] JFS: metapage_get_blocks failed [ 79.698548][ T5866] loop3: detected capacity change from 0 to 32768 [ 79.748102][ T5866] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.6 (5866) [ 79.768055][ T5863] loop1: detected capacity change from 0 to 32768 [ 79.860311][ T5863] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 79.864358][ T5866] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 79.869053][ T5863] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 79.913564][ T5866] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 79.923287][ T5866] BTRFS info (device loop3): force clearing of disk cache [ 79.930482][ T5866] BTRFS info (device loop3): enabling auto defrag [ 79.937501][ T5866] BTRFS info (device loop3): max_inline at 727 [ 79.948752][ T5866] BTRFS info (device loop3): enabling disk space caching [ 79.958246][ T5866] BTRFS info (device loop3): disk space caching is enabled [ 79.961323][ T5863] gfs2: fsid=syz:syz.0: journal 0 mapped with 18 extents in 0ms [ 80.040385][ T5833] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 80.049185][ T5833] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 80.180629][ T5866] BTRFS info (device loop3): enabling ssd optimizations [ 80.190841][ T5833] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 141ms [ 80.202192][ T5776] Bluetooth: hci1: command tx timeout [ 80.202381][ T51] Bluetooth: hci3: command tx timeout [ 80.215595][ T5833] gfs2: fsid=syz:syz.0: jid=0: Done [ 80.221618][ T5863] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 80.239113][ T5870] loop0: detected capacity change from 0 to 32768 [ 80.259308][ T5870] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop0 scanned by syz.0.8 (5870) [ 80.275908][ T5866] BTRFS info (device loop3): rebuilding free space tree [ 80.282907][ T51] Bluetooth: hci2: command tx timeout [ 80.286684][ T51] Bluetooth: hci0: command tx timeout [ 80.324371][ T5863] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error [ 80.324371][ T5863] inode = 0 2341 [ 80.324371][ T5863] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 472 [ 80.336660][ T51] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 80.354193][ T51] CPU: 0 PID: 51 Comm: kworker/u5:0 Not tainted syzkaller #0 [ 80.361656][ T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 80.371941][ T51] Workqueue: hci0 hci_rx_work [ 80.376694][ T51] Call Trace: [ 80.380015][ T51] [ 80.382991][ T51] dump_stack_lvl+0x16c/0x230 [ 80.383230][ T5863] gfs2: fsid=syz:syz.0: G: s:SH n:2/925 f:qobnN t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1 [ 80.387706][ T51] ? show_regs_print_info+0x20/0x20 [ 80.402159][ T51] ? load_image+0x3b0/0x3b0 [ 80.406745][ T51] sysfs_create_dir_ns+0x256/0x280 [ 80.411934][ T51] ? hci_rx_work+0x43a/0xd80 [ 80.416600][ T51] ? sysfs_warn_dup+0xa0/0xa0 [ 80.421346][ T51] ? do_raw_spin_unlock+0x121/0x230 [ 80.426594][ T51] kobject_add_internal+0x6b8/0xc70 [ 80.431839][ T51] kobject_add+0x156/0x220 [ 80.436275][ T51] ? __rwlock_init+0x150/0x150 [ 80.441151][ T51] ? kobject_init+0x1e0/0x1e0 [ 80.445855][ T51] ? _raw_spin_unlock+0x28/0x40 [ 80.450818][ T51] ? get_device_parent+0x366/0x390 [ 80.455962][ T51] device_add+0x408/0xc20 [ 80.460314][ T51] hci_conn_add_sysfs+0xd5/0x1e0 [ 80.465367][ T51] le_conn_complete_evt+0xf36/0x1500 [ 80.470698][ T51] ? hci_event_packet+0x4a7/0x1210 [ 80.475954][ T51] ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0 [ 80.482395][ T51] ? __copy_skb_header+0xa7/0x550 [ 80.487439][ T51] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 80.493265][ T51] ? skb_pull_data+0xfb/0x200 [ 80.497969][ T51] hci_le_enh_conn_complete_evt+0x189/0x460 [ 80.504433][ T51] ? hci_le_remote_conn_param_req_evt+0xcc0/0xcc0 [ 80.510885][ T51] ? hci_remote_host_features_evt+0x160/0x160 [ 80.516978][ T51] hci_event_packet+0x795/0x1210 [ 80.521945][ T51] ? bis_list+0x290/0x290 [ 80.526292][ T51] ? lockdep_hardirqs_on+0x98/0x150 [ 80.531514][ T51] ? hci_send_to_monitor+0xd7/0x4f0 [ 80.536735][ T51] hci_rx_work+0x43a/0xd80 [ 80.541210][ T51] ? process_scheduled_works+0x957/0x15b0 [ 80.546954][ T51] process_scheduled_works+0xa45/0x15b0 [ 80.552543][ T51] ? assign_work+0x400/0x400 [ 80.557154][ T51] ? assign_work+0x39e/0x400 [ 80.561785][ T51] worker_thread+0xa55/0xfc0 [ 80.566445][ T51] kthread+0x2fa/0x390 [ 80.570534][ T51] ? pr_cont_work+0x560/0x560 [ 80.575235][ T51] ? kthread_blkcg+0xd0/0xd0 [ 80.579923][ T51] ret_from_fork+0x48/0x80 [ 80.584360][ T51] ? kthread_blkcg+0xd0/0xd0 [ 80.588961][ T51] ret_from_fork_asm+0x11/0x20 [ 80.594014][ T51] [ 80.603658][ T51] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 80.614137][ T5863] gfs2: fsid=syz:syz.0: H: s:SH f:AH e:0 p:5863 [syz.1.2] inode_permission+0x23d/0x480 [ 80.619382][ T51] Bluetooth: hci0: failed to register connection device [ 80.662201][ T5863] gfs2: fsid=syz:syz.0: I: n:0/2341 t:4 f:0x00 d:0x00000000 s:0 p:0 [ 80.662540][ T5870] BTRFS info (device loop0): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 80.676507][ T5866] BTRFS info (device loop3): disabling free space tree [ 80.701628][ T5870] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 80.708315][ T5863] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 80.722477][ T5870] BTRFS info (device loop0): using free space tree [ 80.749746][ T5866] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 80.760621][ T5866] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 80.773584][ T5863] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 80.782748][ T5863] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 80.790570][ T5863] gfs2: fsid=syz:syz.0: File system withdrawn [ 80.797033][ T5863] CPU: 0 PID: 5863 Comm: syz.1.2 Not tainted syzkaller #0 [ 80.804191][ T5863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 80.814409][ T5863] Call Trace: [ 80.817728][ T5863] [ 80.820788][ T5863] dump_stack_lvl+0x16c/0x230 [ 80.825532][ T5863] ? kobject_uevent_env+0x363/0x8c0 [ 80.830786][ T5863] ? show_regs_print_info+0x20/0x20 [ 80.836138][ T5863] ? load_image+0x3b0/0x3b0 [ 80.840701][ T5863] ? kobject_uevent_env+0x363/0x8c0 [ 80.846054][ T5863] gfs2_withdraw+0xe50/0x13b0 [ 80.850806][ T5863] ? gfs2_lm+0x220/0x220 [ 80.855213][ T5863] ? gfs2_consist_inode_i+0xf5/0x110 [ 80.860569][ T5863] gfs2_inode_refresh+0xb83/0xff0 [ 80.865650][ T5863] ? gfs2_inode_metasync+0xf0/0xf0 [ 80.870821][ T5863] ? gfs2_glock_nq+0xd4f/0x1420 [ 80.875729][ T5863] ? do_raw_spin_lock+0x121/0x2c0 [ 80.880905][ T5863] gfs2_instantiate+0x162/0x220 [ 80.885813][ T5863] gfs2_glock_wait+0x1d4/0x2a0 [ 80.890634][ T5863] gfs2_permission+0x246/0x430 [ 80.895451][ T5863] ? gfs2_lookupi+0x5a0/0x5a0 [ 80.900189][ T5863] ? inode_permission+0x23d/0x480 [ 80.905289][ T5863] ? gfs2_lookupi+0x5a0/0x5a0 [ 80.910026][ T5863] inode_permission+0x23d/0x480 [ 80.914943][ T5863] may_open+0x2e9/0x440 [ 80.919156][ T5863] path_openat+0x25e4/0x3190 [ 80.923824][ T5863] ? __kasan_slab_alloc+0x6c/0x80 [ 80.928901][ T5863] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 80.935024][ T5863] ? verify_lock_unused+0x140/0x140 [ 80.940280][ T5863] ? do_filp_open+0x3d0/0x3d0 [ 80.945029][ T5863] ? __virt_addr_valid+0x18c/0x540 [ 80.950206][ T5863] do_filp_open+0x1c5/0x3d0 [ 80.954777][ T5863] ? vfs_tmpfile+0x490/0x490 [ 80.959538][ T5863] ? _raw_spin_unlock+0x28/0x40 [ 80.964524][ T5863] ? alloc_fd+0x58f/0x630 [ 80.968911][ T5863] do_sys_openat2+0x12c/0x1c0 [ 80.973646][ T5863] ? do_sys_open+0xe0/0xe0 [ 80.978108][ T5863] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 80.984141][ T5863] ? lock_chain_count+0x20/0x20 [ 80.989031][ T5863] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 80.995073][ T5863] __x64_sys_openat+0x139/0x160 [ 80.999983][ T5863] do_syscall_64+0x55/0xb0 [ 81.004449][ T5863] ? clear_bhb_loop+0x40/0x90 [ 81.009179][ T5863] ? clear_bhb_loop+0x40/0x90 [ 81.013922][ T5863] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 81.019869][ T5863] RIP: 0033:0x7fe5c618df90 [ 81.024333][ T5863] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 81.044005][ T5863] RSP: 002b:00007fe5c70eddf0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 81.052596][ T5863] RAX: ffffffffffffffda RBX: 0000000000010000 RCX: 00007fe5c618df90 [ 81.060623][ T5863] RDX: 0000000000010000 RSI: 0000200000000100 RDI: 00000000ffffff9c [ 81.068651][ T5863] RBP: 0000200000000100 R08: 0000000000000000 R09: 0000000000008c9b [ 81.076675][ T5863] R10: 0000000000000000 R11: 0000000000000293 R12: 0000200000000100 [ 81.084698][ T5863] R13: 00007fe5c70edeb0 R14: 0000000000012806 R15: 0000200000002080 [ 81.092758][ T5863] [ 81.283959][ T5870] BTRFS info (device loop0): enabling ssd optimizations [ 81.292676][ T5870] BTRFS info (device loop0): auto enabling async discard [ 81.894848][ T1117] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared) [ 82.436622][ T5916] loop0: detected capacity change from 32768 to 32704 [ 82.482176][ T11] BTRFS warning (device loop0): csum failed root 5 ino 261 off 8192 csum 0x8082fd2d expected csum 0x8941f998 mirror 1 [ 82.553466][ T5766] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 82.632261][ T11] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 0, rd 0, flush 0, corrupt 1, gen 0 [ 82.709755][ T11] BTRFS warning (device loop0): csum failed root 5 ino 261 off 8192 csum 0x8082fd2d expected csum 0x8941f998 mirror 1 [ 82.760132][ T11] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 0, rd 0, flush 0, corrupt 2, gen 0 [ 83.156506][ T5926] loop2: detected capacity change from 0 to 4096 [ 83.326330][ T5767] BTRFS info (device loop0): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 83.375389][ T5928] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 83.499115][ T5926] capability: warning: `syz.2.14' uses 32-bit capabilities (legacy support in use) [ 83.848612][ T5782] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 11 /dev/loop0 scanned by udevd (5782) [ 84.082060][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 84.090883][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 84.101091][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 84.110503][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 84.282495][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 86.143225][ T5953] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 86.245112][ T5953] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.302318][ T5953] netlink: 8 bytes leftover after parsing attributes in process `syz.3.21'. [ 87.205425][ T787] cfg80211: failed to load regulatory.db [ 87.428040][ T5958] loop3: detected capacity change from 0 to 4096 [ 87.822580][ T5958] EXT4-fs (loop3): Test dummy encryption mode enabled [ 87.887758][ T5958] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0103] [ 87.913630][ T5958] System zones: 0-5 [ 87.937286][ T5958] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.988304][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 88.193043][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 88.201945][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 88.295442][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 88.304486][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 88.942056][ T5954] loop2: detected capacity change from 0 to 32768 [ 89.139916][ T5958] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 89.341642][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.521604][ T5987] netlink: 12 bytes leftover after parsing attributes in process `syz.0.32'. [ 89.537295][ T5989] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 89.578269][ T5990] netlink: 20 bytes leftover after parsing attributes in process `syz.0.32'. [ 89.602177][ T5989] CIFS mount error: No usable UNC path provided in device string! [ 89.602177][ T5989] [ 89.632082][ T5989] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 89.653808][ T9] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 89.856622][ T9] usb 2-1: config 0 has an invalid interface number: 255 but max is 0 [ 89.869105][ T9] usb 2-1: config 0 has no interface number 0 [ 89.886085][ T9] usb 2-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30 [ 89.926720][ T9] usb 2-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 89.967792][ T9] usb 2-1: config 0 interface 255 has no altsetting 0 [ 89.985796][ T9] usb 2-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 90.008214][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.046976][ T9] usb 2-1: config 0 descriptor?? [ 90.107447][ T9] ums-realtek 2-1:0.255: USB Mass Storage device detected [ 90.322581][ T5810] usb 2-1: USB disconnect, device number 2 [ 90.464161][ T5990] loop0: detected capacity change from 0 to 40427 [ 90.492751][ T5990] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x7ffff [ 90.513631][ T5990] F2FS-fs (loop0): build fault injection attr: rate: 27487, type: 0x7ffff [ 90.534486][ T5990] F2FS-fs (loop0): heap/no_heap options were deprecated [ 90.558406][ T5990] F2FS-fs (loop0): Image doesn't support compression [ 90.582961][ T5990] F2FS-fs (loop0): Unrecognized mount option "e" or missing value [ 90.607803][ T5987] Zero length message leads to an empty skb [ 90.630914][ T5776] block nbd0: Receive control failed (result -111) [ 90.948006][ T6012] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 92.827912][ T6037] loop0: detected capacity change from 0 to 8 [ 93.054245][ T6037] SQUASHFS error: xz decompression failed, data probably corrupt [ 93.062653][ T6037] SQUASHFS error: Failed to read block 0x108: -5 [ 93.069067][ T6037] SQUASHFS error: Unable to read metadata cache entry [106] [ 93.076560][ T6037] SQUASHFS error: Unable to read inode 0x11f [ 93.811230][ T6028] loop1: detected capacity change from 0 to 32768 [ 93.833180][ T6028] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.46 (6028) [ 93.892406][ T6028] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 93.932562][ T6028] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 93.941319][ T6028] BTRFS info (device loop1): using free space tree [ 94.153484][ T6049] loop0: detected capacity change from 0 to 4096 [ 94.159281][ T6028] BTRFS info (device loop1): enabling ssd optimizations [ 94.190534][ T6028] BTRFS info (device loop1): auto enabling async discard [ 94.205270][ T6049] EXT4-fs (loop0): Test dummy encryption mode enabled [ 94.268023][ T6049] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0103] [ 94.302450][ T6049] System zones: 0-5 [ 94.320819][ T6049] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.405435][ T5765] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 94.733739][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.950086][ T6073] loop0: detected capacity change from 0 to 512 [ 95.001495][ T6069] loop3: detected capacity change from 0 to 8192 [ 95.007288][ T6073] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 95.044961][ T6069] REISERFS warning (device loop3): super-6502 reiserfs_getopt: unknown mount option "obj_type=-.{" [ 95.209173][ T6073] EXT4-fs (loop0): orphan cleanup on readonly fs [ 95.294232][ T6073] EXT4-fs error (device loop0): ext4_validate_block_bitmap:430: comm syz.0.56: bg 0: block 16: invalid block bitmap [ 95.454306][ T6073] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 95.487357][ T6073] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.56: attempt to clear invalid blocks 1669132790 len 1 [ 95.589519][ T6073] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.56: invalid indirect mapped block 4294967295 (level 1) [ 95.607390][ T6073] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.56: invalid indirect mapped block 4294967295 (level 2) [ 95.627933][ T6073] EXT4-fs (loop0): 1 truncate cleaned up [ 95.750730][ T6073] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 96.424385][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.748436][ T6088] loop1: detected capacity change from 0 to 8192 [ 96.825245][ T6088] Dev loop1: RDB in block 1 has bad checksum [ 96.832379][ T6092] loop3: detected capacity change from 0 to 512 [ 96.850300][ T6092] ======================================================= [ 96.850300][ T6092] WARNING: The mand mount option has been deprecated and [ 96.850300][ T6092] and is ignored by this kernel. Remove the mand [ 96.850300][ T6092] option from the mount to silence this warning. [ 96.850300][ T6092] ======================================================= [ 96.898901][ T6092] EXT4-fs: Ignoring removed oldalloc option [ 96.924766][ T6092] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 97.019474][ T6092] EXT4-fs error (device loop3): ext4_xattr_inode_iget:440: comm syz.3.64: Parent and EA inode have the same ino 15 [ 97.074275][ T6092] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 97.087952][ T6092] EXT4-fs error (device loop3): ext4_xattr_inode_iget:440: comm syz.3.64: Parent and EA inode have the same ino 15 [ 97.122662][ T6092] EXT4-fs (loop3): 1 orphan inode deleted [ 97.130754][ T6092] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.777938][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.816547][ T6103] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.852850][ T6085] loop2: detected capacity change from 0 to 32768 [ 98.879252][ T6085] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 11 [ 99.002716][ T6103] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.051406][ T5777] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 11 [ 99.187231][ T6103] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.401296][ T6103] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.688815][ T6103] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.741574][ T6103] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.786767][ T6103] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.821123][ T6103] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.565658][ T6124] loop1: detected capacity change from 0 to 512 [ 100.595650][ T6124] EXT4-fs (loop1): Using encoding defined by superblock: utf8-12.1.0 with flags 0x0 [ 100.605139][ T6124] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 100.614271][ T6124] EXT4-fs (loop1): Couldn't mount because of unsupported optional features (fffc1829) [ 102.007848][ T6134] loop1: detected capacity change from 0 to 4096 [ 102.032406][ T2130] IPVS: starting estimator thread 0... [ 102.059355][ T6136] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 102.088937][ T6133] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is too small for name_len - offset=0, inode=2, rec_len=16, name_len=11 [ 102.153001][ T6135] IPVS: using max 20 ests per chain, 48000 per kthread [ 102.466938][ T6118] loop0: detected capacity change from 0 to 32768 [ 102.823142][ T6118] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 102.836475][ T6156] process 'syz.2.81' launched './file0' with NULL argv: empty string added [ 103.446414][ T6118] XFS (loop0): Ending clean mount [ 103.667590][ T5767] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 103.950228][ T28] audit: type=1326 audit(1767344411.616:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.2.87" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4132f8f749 code=0x0 [ 104.156298][ T6150] loop1: detected capacity change from 0 to 32768 [ 104.185754][ T6150] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11 [ 105.076712][ T5782] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11 [ 105.426979][ T6179] usb usb8: check_ctrlrecip: process 6179 (syz.3.90) requesting ep 01 but needs 81 [ 105.460149][ T6179] usb usb8: usbfs: process 6179 (syz.3.90) did not claim interface 0 before use [ 106.362814][ T6195] netlink: 8 bytes leftover after parsing attributes in process `syz.3.94'. [ 106.381869][ T6195] netlink: 16 bytes leftover after parsing attributes in process `syz.3.94'. [ 106.578995][ T6186] loop2: detected capacity change from 0 to 32768 [ 106.627836][ T6186] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 106.779352][ T6191] loop1: detected capacity change from 0 to 40427 [ 106.856814][ T6191] F2FS-fs (loop1): invalid crc value [ 106.867286][ T6186] XFS (loop2): Ending clean mount [ 106.895455][ T6191] F2FS-fs (loop1): Found nat_bits in checkpoint [ 106.930284][ T6186] XFS (loop2): Quotacheck needed: Please wait. [ 107.098942][ T6186] XFS (loop2): Quotacheck: Done. [ 107.110606][ T6191] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 107.242698][ T28] audit: type=1800 audit(1767344414.916:3): pid=6191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.96" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 107.359270][ T5765] syz-executor: attempt to access beyond end of device [ 107.359270][ T5765] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 107.384205][ T5765] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 107.596843][ T6186] syz.2.93 (6186) used greatest stack depth: 19976 bytes left [ 107.643533][ T5764] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 107.778166][ T6223] loop3: detected capacity change from 0 to 512 [ 107.807208][ T6223] EXT4-fs (loop3): Using encoding defined by superblock: utf8-12.1.0 with flags 0x0 [ 107.816770][ T6223] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 107.825972][ T6223] EXT4-fs (loop3): Couldn't mount because of unsupported optional features (fffc1829) [ 108.435481][ T6225] usb usb8: check_ctrlrecip: process 6225 (syz.0.104) requesting ep 01 but needs 81 [ 108.445113][ T6225] usb usb8: usbfs: process 6225 (syz.0.104) did not claim interface 0 before use [ 108.566233][ T6228] openvswitch: netlink: Flow actions attr not present in new flow. [ 108.905409][ T6231] ubi31: attaching mtd0 [ 108.930985][ T6231] ubi31: scanning is finished [ 108.935959][ T6231] ubi31: empty MTD device detected [ 109.222903][ T6231] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 109.241133][ T6231] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 109.254488][ T6231] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 109.262508][ T6231] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 109.270245][ T6231] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 109.291952][ T6231] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 110.320812][ T6231] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 4068030401 [ 110.384216][ T6231] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 110.495027][ T6235] ubi31: background thread "ubi_bgt31d" started, PID 6235 [ 111.111483][ T6248] loop2: detected capacity change from 0 to 4096 [ 111.345773][ T6255] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 111.368162][ T6256] netlink: 68 bytes leftover after parsing attributes in process `syz.1.110'. [ 112.158715][ T6256] loop1: detected capacity change from 0 to 512 [ 112.169009][ T6256] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 112.180279][ T6256] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 112.217949][ T6256] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 112.275240][ T6256] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 112.348429][ T6256] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 112.412432][ T6256] EXT4-fs (loop1): orphan cleanup on readonly fs [ 112.487490][ T6264] loop0: detected capacity change from 0 to 8192 [ 112.497183][ T6256] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.110: bg 0: block 34: padding at end of block bitmap is not set [ 112.558113][ T6264] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 112.650163][ T6256] Quota error (device loop1): write_blk: dquota write failed [ 112.660063][ T6264] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 112.716602][ T6264] REISERFS (device loop0): using ordered data mode [ 112.726065][ T6256] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 112.744464][ T6264] reiserfs: using flush barriers [ 112.763375][ T6256] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.110: Failed to acquire dquot type 1 [ 112.777602][ T6264] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 112.835990][ T6264] REISERFS (device loop0): checking transaction log (loop0) [ 112.851373][ T6256] EXT4-fs (loop1): 1 truncate cleaned up [ 112.859465][ T6264] REISERFS error (device loop0): vs-13070 reiserfs_read_locked_inode: i/o failure occurred trying to find stat data of [1 2 0x0 SD] [ 112.876156][ T6264] REISERFS (device loop0): Remounting filesystem read-only [ 112.885595][ T6256] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 112.912276][ T6264] REISERFS warning (device loop0): reiserfs_fill_super: corrupt root inode, run fsck [ 112.969559][ T6252] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 113.410161][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.254218][ T6293] Bluetooth: MGMT ver 1.22 [ 115.284384][ T6295] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 115.602123][ T5810] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 115.801886][ T5810] usb 3-1: Using ep0 maxpacket: 32 [ 115.815542][ T5810] usb 3-1: config 0 has an invalid interface number: 196 but max is 0 [ 115.841677][ T5810] usb 3-1: config 0 has no interface number 0 [ 115.860737][ T5810] usb 3-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528 [ 115.891516][ T5810] usb 3-1: config 0 interface 196 has no altsetting 0 [ 115.923250][ T5810] usb 3-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 115.932725][ T5810] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 115.940834][ T5810] usb 3-1: Product: syz [ 116.101997][ T5810] usb 3-1: Manufacturer: syz [ 116.106884][ T5810] usb 3-1: SerialNumber: syz [ 116.253234][ T6314] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 117.322692][ T5810] usb 3-1: config 0 descriptor?? [ 117.329451][ T6295] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 118.011489][ T5810] ipheth 3-1:0.196: ipheth_get_macaddr: usb_control_msg: -71 [ 118.103567][ T5810] ipheth: probe of 3-1:0.196 failed with error -71 [ 118.176082][ T5810] usb 3-1: USB disconnect, device number 2 [ 118.677731][ T6327] loop3: detected capacity change from 0 to 2048 [ 118.711864][ T6327] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=18576, location=18576 [ 118.863916][ T6327] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 119.742352][ T6339] loop1: detected capacity change from 0 to 8192 [ 119.823353][ T6339] loop1: p3 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 p225 [ 119.823676][ T6339] loop1: p3 size 43497 extends beyond EOD, truncated [ 119.968259][ T6339] loop1: p5 size 43497 extends beyond EOD, truncated [ 119.986869][ T6346] netlink: 12 bytes leftover after parsing attributes in process `syz.0.143'. [ 120.002117][ T6339] loop1: p6 size 43497 extends beyond EOD, truncated [ 120.020159][ T6339] loop1: p7 size 43497 extends beyond EOD, truncated [ 120.034492][ T6339] loop1: p8 size 43497 extends beyond EOD, truncated [ 120.054722][ T5776] block nbd1: Receive control failed (result -107) [ 120.064896][ T6339] loop1: p9 size 43497 extends beyond EOD, truncated [ 120.077500][ T6346] netlink: 20 bytes leftover after parsing attributes in process `syz.0.143'. [ 120.083515][ T6339] loop1: p10 size 43497 extends beyond EOD, truncated [ 120.097656][ T6339] loop1: p11 size 43497 extends beyond EOD, truncated [ 120.108282][ T6339] loop1: p12 size 43497 extends beyond EOD, truncated [ 120.119646][ T6339] loop1: p13 size 43497 extends beyond EOD, truncated [ 120.130064][ T6339] loop1: p14 size 43497 extends beyond EOD, truncated [ 120.143352][ T6339] loop1: p15 size 43497 extends beyond EOD, truncated [ 120.155269][ T6339] loop1: p16 size 43497 extends beyond EOD, truncated [ 120.165379][ T6339] loop1: p17 size 43497 extends beyond EOD, truncated [ 120.174973][ T6339] loop1: p18 size 43497 extends beyond EOD, truncated [ 120.184654][ T6339] loop1: p19 size 43497 extends beyond EOD, truncated [ 120.194605][ T6339] loop1: p20 size 43497 extends beyond EOD, truncated [ 120.212558][ T6339] loop1: p21 size 43497 extends beyond EOD, truncated [ 120.228303][ T6339] loop1: p22 size 43497 extends beyond EOD, truncated [ 120.248500][ T6339] loop1: p23 size 43497 extends beyond EOD, truncated [ 120.268774][ T6339] loop1: p24 size 43497 extends beyond EOD, truncated [ 120.312385][ T6339] loop1: p25 size 43497 extends beyond EOD, truncated [ 120.333508][ T6339] loop1: p26 size 43497 extends beyond EOD, truncated [ 120.369410][ T6339] loop1: p27 size 43497 extends beyond EOD, truncated [ 120.390388][ T6339] loop1: p28 size 43497 extends beyond EOD, truncated [ 120.487979][ T6339] loop1: p29 size 43497 extends beyond EOD, truncated [ 120.542271][ T6339] loop1: p30 size 43497 extends beyond EOD, truncated [ 120.593085][ T6339] loop1: p31 size 43497 extends beyond EOD, truncated [ 120.680011][ T6339] loop1: p32 size 43497 extends beyond EOD, truncated [ 120.825393][ T6339] loop1: p33 size 43497 extends beyond EOD, truncated [ 120.990225][ T6339] loop1: p34 size 43497 extends beyond EOD, truncated [ 121.151342][ T6339] loop1: p35 size 43497 extends beyond EOD, truncated [ 121.324042][ T6339] loop1: p36 size 43497 extends beyond EOD, truncated [ 121.493085][ T6339] loop1: p37 size 43497 extends beyond EOD, truncated [ 121.640998][ T6339] loop1: p38 size 43497 extends beyond EOD, truncated [ 121.796860][ T6339] loop1: p39 size 43497 extends beyond EOD, truncated [ 121.844712][ T6339] loop1: p40 size 43497 extends beyond EOD, truncated [ 121.853176][ T6339] loop1: p41 size 43497 extends beyond EOD, truncated [ 121.861900][ T6339] loop1: p42 size 43497 extends beyond EOD, truncated [ 121.871937][ T6339] loop1: p43 size 43497 extends beyond EOD, truncated [ 121.880626][ T6339] loop1: p44 size 43497 extends beyond EOD, truncated [ 121.889864][ T6339] loop1: p45 size 43497 extends beyond EOD, truncated [ 121.900947][ T6339] loop1: p46 size 43497 extends beyond EOD, truncated [ 121.910309][ T6339] loop1: p47 size 43497 extends beyond EOD, truncated [ 121.920701][ T6339] loop1: p48 size 43497 extends beyond EOD, truncated [ 121.929586][ T6339] loop1: p49 size 43497 extends beyond EOD, truncated [ 121.938242][ T6339] loop1: p50 size 43497 extends beyond EOD, truncated [ 121.946675][ T6339] loop1: p51 size 43497 extends beyond EOD, truncated [ 121.954592][ T6339] loop1: p52 size 43497 extends beyond EOD, truncated [ 121.962522][ T6339] loop1: p53 size 43497 extends beyond EOD, truncated [ 121.971539][ T6339] loop1: p54 size 43497 extends beyond EOD, truncated [ 121.979774][ T6339] loop1: p55 size 43497 extends beyond EOD, truncated [ 121.988884][ T6339] loop1: p56 size 43497 extends beyond EOD, truncated [ 121.997188][ T6339] loop1: p57 size 43497 extends beyond EOD, truncated [ 122.005559][ T6339] loop1: p58 size 43497 extends beyond EOD, truncated [ 122.013874][ T6339] loop1: p59 size 43497 extends beyond EOD, truncated [ 122.022248][ T6339] loop1: p60 size 43497 extends beyond EOD, truncated [ 122.030497][ T6339] loop1: p61 size 43497 extends beyond EOD, truncated [ 122.052087][ T6339] loop1: p62 size 43497 extends beyond EOD, truncated [ 122.076225][ T6339] loop1: p63 size 43497 extends beyond EOD, truncated [ 122.086371][ T6339] loop1: p64 size 43497 extends beyond EOD, truncated [ 122.115863][ T6339] loop1: p65 size 43497 extends beyond EOD, truncated [ 122.139233][ T6339] loop1: p66 size 43497 extends beyond EOD, truncated [ 122.167077][ T6339] loop1: p67 size 43497 extends beyond EOD, truncated [ 122.177317][ T6339] loop1: p68 size 43497 extends beyond EOD, truncated [ 122.198646][ T6339] loop1: p69 size 43497 extends beyond EOD, truncated [ 122.229208][ T6339] loop1: p70 size 43497 extends beyond EOD, truncated [ 122.252172][ T6339] loop1: p71 size 43497 extends beyond EOD, truncated [ 122.282145][ T6339] loop1: p72 size 43497 extends beyond EOD, truncated [ 122.302488][ T6339] loop1: p73 size 43497 extends beyond EOD, truncated [ 122.322366][ T6339] loop1: p74 size 43497 extends beyond EOD, truncated [ 122.332219][ T6339] loop1: p75 size 43497 extends beyond EOD, truncated [ 122.353209][ T6339] loop1: p76 size 43497 extends beyond EOD, truncated [ 122.372167][ T6339] loop1: p77 size 43497 extends beyond EOD, truncated [ 122.381578][ T6339] loop1: p78 size 43497 extends beyond EOD, truncated [ 122.423630][ T6339] loop1: p79 size 43497 extends beyond EOD, truncated [ 122.452074][ T6339] loop1: p80 size 43497 extends beyond EOD, truncated [ 122.462639][ T6339] loop1: p81 size 43497 extends beyond EOD, truncated [ 122.491880][ T6339] loop1: p82 size 43497 extends beyond EOD, truncated [ 122.522410][ T6339] loop1: p83 size 43497 extends beyond EOD, truncated [ 122.532371][ T6339] loop1: p84 size 43497 extends beyond EOD, truncated [ 122.560463][ T6346] loop0: detected capacity change from 0 to 40427 [ 122.562617][ T6339] loop1: p85 size 43497 extends beyond EOD, truncated [ 122.595584][ T6346] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x7ffff [ 122.619809][ T6346] F2FS-fs (loop0): build fault injection attr: rate: 27487, type: 0x7ffff [ 122.623525][ T6339] loop1: p86 size 43497 extends beyond EOD, truncated [ 122.654695][ T6346] F2FS-fs (loop0): heap/no_heap options were deprecated [ 122.683381][ T6339] loop1: p87 size 43497 extends beyond EOD, truncated [ 122.702797][ T6346] F2FS-fs (loop0): Image doesn't support compression [ 122.737379][ T6339] loop1: p88 size 43497 extends beyond EOD, truncated [ 122.744389][ T6346] F2FS-fs (loop0): Unrecognized mount option "e" or missing value [ 122.763807][ T6339] loop1: p89 size 43497 extends beyond EOD, truncated [ 122.820276][ T6339] loop1: p90 size 43497 extends beyond EOD, truncated [ 122.867218][ T6339] loop1: p91 size 43497 extends beyond EOD, truncated [ 122.922164][ T6339] loop1: p92 size 43497 extends beyond EOD, truncated [ 122.960956][ T6339] loop1: p93 size 43497 extends beyond EOD, truncated [ 122.983422][ T6339] loop1: p94 size 43497 extends beyond EOD, truncated [ 123.001675][ T6339] loop1: p95 size 43497 extends beyond EOD, truncated [ 123.016477][ T6339] loop1: p96 size 43497 extends beyond EOD, truncated [ 123.025954][ T6339] loop1: p97 size 43497 extends beyond EOD, truncated [ 123.030950][ T6390] loop0: detected capacity change from 0 to 1024 [ 124.491015][ T6390] EXT4-fs: Ignoring removed orlov option [ 124.492060][ T6339] loop1: p98 size 43497 extends beyond EOD, truncated [ 124.602324][ T6339] loop1: p99 size 43497 extends beyond EOD, truncated [ 124.628546][ T6390] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 124.657942][ T6390] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 124.668937][ T6339] loop1: p100 size 43497 extends beyond EOD, truncated [ 124.711664][ T6339] loop1: p101 size 43497 extends beyond EOD, truncated [ 124.762493][ T6339] loop1: p102 size 43497 extends beyond EOD, truncated [ 124.780916][ T6390] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #15: block 3: comm syz.0.159: lblock 3 mapped to illegal pblock 3 (length 3) [ 124.822323][ T6339] loop1: p103 size 43497 extends beyond EOD, truncated [ 124.831220][ T6339] loop1: p104 size 43497 extends beyond EOD, truncated [ 124.873682][ T6339] loop1: p105 size 43497 extends beyond EOD, truncated [ 124.877868][ T6390] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 124.923874][ T6339] loop1: p106 size 43497 extends beyond EOD, truncated [ 124.943967][ T6339] loop1: p107 size 43497 extends beyond EOD, truncated [ 124.962390][ T6390] EXT4-fs (loop0): This should not happen!! Data will be lost [ 124.962390][ T6390] [ 124.980960][ T6339] loop1: p108 size 43497 extends beyond EOD, truncated [ 125.010502][ T6339] loop1: p109 size 43497 extends beyond EOD, truncated [ 125.018641][ T6404] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #15: block 3: comm syz.0.159: lblock 3 mapped to illegal pblock 3 (length 1) [ 125.044245][ T6339] loop1: p110 size 43497 extends beyond EOD, truncated [ 125.068562][ T6339] loop1: p111 size 43497 extends beyond EOD, truncated [ 125.097284][ T6405] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #15: block 3: comm syz.0.159: lblock 3 mapped to illegal pblock 3 (length 1) [ 125.112379][ T6339] loop1: p112 size 43497 extends beyond EOD, truncated [ 125.132081][ T6339] loop1: p113 size 43497 extends beyond EOD, truncated [ 125.168852][ T6339] loop1: p114 size 43497 extends beyond EOD, truncated [ 125.169616][ T6404] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #15: block 3: comm syz.0.159: lblock 3 mapped to illegal pblock 3 (length 1) [ 125.193927][ T6339] loop1: p115 size 43497 extends beyond EOD, truncated [ 125.223200][ T6339] loop1: p116 size 43497 extends beyond EOD, truncated [ 125.230830][ T6408] loop3: detected capacity change from 0 to 2048 [ 125.240299][ T6405] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #15: block 3: comm syz.0.159: lblock 3 mapped to illegal pblock 3 (length 1) [ 125.255110][ T6339] loop1: p117 size 43497 extends beyond EOD, truncated [ 125.273808][ T6339] loop1: p118 size 43497 extends beyond EOD, truncated [ 125.289294][ T6339] loop1: p119 size 43497 extends beyond EOD, truncated [ 125.294201][ T6405] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #15: block 3: comm syz.0.159: lblock 3 mapped to illegal pblock 3 (length 1) [ 125.316180][ T6408] loop3: p1 < > p4 < > [ 125.321170][ T6339] loop1: p120 size 43497 extends beyond EOD, truncated [ 125.338843][ T6339] loop1: p121 size 43497 extends beyond EOD, truncated [ 125.377433][ T6339] loop1: p122 size 43497 extends beyond EOD, truncated [ 125.377960][ T5046] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #15: block 8: comm kworker/u4:10: lblock 8 mapped to illegal pblock 8 (length 8) [ 125.403273][ T6339] loop1: p123 size 43497 extends beyond EOD, truncated [ 125.417695][ T6339] loop1: p124 size 43497 extends beyond EOD, truncated [ 125.442884][ T6339] loop1: p125 size 43497 extends beyond EOD, truncated [ 125.451644][ T5046] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 125.475405][ T5046] EXT4-fs (loop0): This should not happen!! Data will be lost [ 125.475405][ T5046] [ 125.478916][ T6339] loop1: p126 size 43497 extends beyond EOD, truncated [ 125.538215][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 125.559916][ T6339] loop1: p127 size 43497 extends beyond EOD, truncated [ 125.592288][ T6339] loop1: p128 size 43497 extends beyond EOD, truncated [ 125.609036][ T6339] loop1: p129 size 43497 extends beyond EOD, truncated [ 125.633954][ T6339] loop1: p130 size 43497 extends beyond EOD, truncated [ 125.655579][ T6339] loop1: p131 size 43497 extends beyond EOD, truncated [ 125.675251][ T6339] loop1: p132 size 43497 extends beyond EOD, truncated [ 125.689755][ T5777] udevd[5777]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 125.701162][ T6339] loop1: p133 size 43497 extends beyond EOD, truncated [ 125.721154][ T6411] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.165'. [ 125.733954][ T6339] loop1: p134 size 43497 extends beyond EOD, truncated [ 125.778603][ T6339] loop1: p135 size 43497 extends beyond EOD, truncated [ 125.813902][ T6339] loop1: p136 size 43497 extends beyond EOD, truncated [ 125.833816][ T6339] loop1: p137 size 43497 extends beyond EOD, truncated [ 125.846967][ T6339] loop1: p138 size 43497 extends beyond EOD, truncated [ 125.882169][ T6339] loop1: p139 size 43497 extends beyond EOD, truncated [ 125.899681][ T6339] loop1: p140 size 43497 extends beyond EOD, truncated [ 125.921440][ T6339] loop1: p141 size 43497 extends beyond EOD, truncated [ 125.943327][ T6339] loop1: p142 size 43497 extends beyond EOD, truncated [ 125.965327][ T6339] loop1: p143 size 43497 extends beyond EOD, truncated [ 125.991418][ T6339] loop1: p144 size 43497 extends beyond EOD, truncated [ 126.013580][ T6339] loop1: p145 size 43497 extends beyond EOD, truncated [ 126.153949][ T6339] loop1: p146 size 43497 extends beyond EOD, truncated [ 126.162602][ T6339] loop1: p147 size 43497 extends beyond EOD, truncated [ 126.170947][ T6339] loop1: p148 size 43497 extends beyond EOD, truncated [ 126.179563][ T6339] loop1: p149 size 43497 extends beyond EOD, truncated [ 126.188626][ T6339] loop1: p150 size 43497 extends beyond EOD, truncated [ 126.239495][ T6339] loop1: p151 size 43497 extends beyond EOD, truncated [ 126.498714][ T6421] loop0: detected capacity change from 0 to 2048 [ 126.525857][ T6421] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=18576, location=18576 [ 127.269535][ T6421] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 128.329792][ T6339] loop1: p152 size 43497 extends beyond EOD, truncated [ 128.417401][ T6339] loop1: p153 size 43497 extends beyond EOD, truncated [ 128.588067][ T6339] loop1: p154 size 43497 extends beyond EOD, truncated [ 128.746438][ T6339] loop1: p155 size 43497 extends beyond EOD, truncated [ 128.958283][ T6422] loop3: detected capacity change from 0 to 40427 [ 129.183770][ T6339] loop1: p156 size 43497 extends beyond EOD, truncated [ 129.331868][ T6422] F2FS-fs (loop3): invalid crc value [ 129.753645][ T6339] loop1: p157 size 43497 extends beyond EOD, truncated [ 130.129947][ T6339] loop1: p158 size 43497 extends beyond EOD, truncated [ 130.376446][ T6339] loop1: p159 size 43497 extends beyond EOD, truncated [ 130.650999][ T6339] loop1: p160 size 43497 extends beyond EOD, truncated [ 130.667249][ T6422] F2FS-fs (loop3): Found nat_bits in checkpoint [ 131.070113][ T6422] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 131.127688][ T6339] loop1: p161 size 43497 extends beyond EOD, truncated [ 131.169499][ T6422] syz.3.167: attempt to access beyond end of device [ 131.169499][ T6422] loop3: rw=2049, sector=77824, nr_sectors = 136 limit=40427 [ 131.287223][ T6429] loop2: detected capacity change from 0 to 2048 [ 131.435346][ T6339] loop1: p162 size 43497 extends beyond EOD, truncated [ 131.442614][ T5766] syz-executor: attempt to access beyond end of device [ 131.442614][ T5766] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 131.457140][ T5766] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 131.466184][ T6339] loop1: p163 size 43497 extends beyond EOD, truncated [ 131.475306][ T6339] loop1: p164 size 43497 extends beyond EOD, truncated [ 131.542692][ T6339] loop1: p165 size 43497 extends beyond EOD, truncated [ 131.547718][ T6429] NILFS (loop2): Invalid checkpoint (checkpoint number=2) [ 131.561355][ T6339] loop1: p166 size 43497 extends beyond EOD, truncated [ 131.572571][ T6429] NILFS (loop2): error -22 while loading last checkpoint (checkpoint number=2) [ 131.614689][ T6435] program syz.0.172 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 131.662055][ T6339] loop1: p167 size 43497 extends beyond EOD, truncated [ 131.689631][ T6339] loop1: p168 size 43497 extends beyond EOD, truncated [ 131.706525][ T5777] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 131.726061][ T6339] loop1: p169 size 43497 extends beyond EOD, truncated [ 131.772056][ T6339] loop1: p170 size 43497 extends beyond EOD, truncated [ 131.802096][ T6339] loop1: p171 size 43497 extends beyond EOD, truncated [ 131.842107][ T6339] loop1: p172 size 43497 extends beyond EOD, truncated [ 131.868149][ T6339] loop1: p173 size 43497 extends beyond EOD, truncated [ 131.897762][ T6339] loop1: p174 size 43497 extends beyond EOD, truncated [ 131.926483][ T6339] loop1: p175 size 43497 extends beyond EOD, truncated [ 131.946933][ T6339] loop1: p176 size 43497 extends beyond EOD, truncated [ 131.966942][ T6339] loop1: p177 size 43497 extends beyond EOD, truncated [ 131.989591][ T6339] loop1: p178 size 43497 extends beyond EOD, truncated [ 132.032346][ T6339] loop1: p179 size 43497 extends beyond EOD, truncated [ 132.042492][ T6339] loop1: p180 size 43497 extends beyond EOD, truncated [ 132.053716][ T6339] loop1: p181 size 43497 extends beyond EOD, truncated [ 132.073108][ T6339] loop1: p182 size 43497 extends beyond EOD, truncated [ 132.090769][ T6429] loop2: detected capacity change from 0 to 4096 [ 132.097695][ T6339] loop1: p183 size 43497 extends beyond EOD, truncated [ 132.108703][ T6339] loop1: p184 size 43497 extends beyond EOD, truncated [ 132.120581][ T6429] ntfs3: Unknown parameter '' [ 132.133693][ T6339] loop1: p185 size 43497 extends beyond EOD, truncated [ 132.152650][ T6429] binder: 6428:6429 ioctl 4018620d 0 returned -22 [ 132.163461][ T6339] loop1: p186 size 43497 extends beyond EOD, truncated [ 132.171637][ T6429] binder: 6428:6429 ioctl c0306201 0 returned -14 [ 132.183130][ T6429] binder: 6428:6429 ioctl c018620c 0 returned -14 [ 132.189709][ T6339] loop1: p187 size 43497 extends beyond EOD, truncated [ 132.222583][ T6339] loop1: p188 size 43497 extends beyond EOD, truncated [ 132.275686][ T6339] loop1: p189 size 43497 extends beyond EOD, truncated [ 132.308435][ T6339] loop1: p190 size 43497 extends beyond EOD, truncated [ 132.350373][ T6339] loop1: p191 size 43497 extends beyond EOD, truncated [ 132.377191][ T6339] loop1: p192 size 43497 extends beyond EOD, truncated [ 132.404599][ T6339] loop1: p193 size 43497 extends beyond EOD, truncated [ 132.431633][ T6339] loop1: p194 size 43497 extends beyond EOD, truncated [ 132.476636][ T6339] loop1: p195 size 43497 extends beyond EOD, truncated [ 132.497467][ T6339] loop1: p196 size 43497 extends beyond EOD, truncated [ 132.523698][ T6339] loop1: p197 size 43497 extends beyond EOD, truncated [ 132.554459][ T6339] loop1: p198 size 43497 extends beyond EOD, truncated [ 132.581473][ T6339] loop1: p199 size 43497 extends beyond EOD, truncated [ 132.597234][ T6339] loop1: p200 size 43497 extends beyond EOD, truncated [ 132.615203][ T6339] loop1: p201 size 43497 extends beyond EOD, truncated [ 132.621799][ T6445] loop2: detected capacity change from 0 to 4096 [ 132.645012][ T6339] loop1: p202 size 43497 extends beyond EOD, truncated [ 132.687001][ T6445] ntfs: (device loop2): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 132.692458][ T6339] loop1: p203 size 43497 extends beyond EOD, truncated [ 132.722155][ T6445] ntfs: (device loop2): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 132.760494][ T6339] loop1: p204 size 43497 extends beyond EOD, truncated [ 132.765867][ T6449] loop3: detected capacity change from 0 to 64 [ 132.792701][ T6339] loop1: p205 size 43497 extends beyond EOD, truncated [ 132.806395][ T6445] ntfs: (device loop2): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 132.827750][ T6339] loop1: p206 size 43497 extends beyond EOD, truncated [ 132.857609][ T6445] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 132.880618][ T6339] loop1: p207 size 43497 extends beyond EOD, truncated [ 132.900295][ T6339] loop1: p208 size 43497 extends beyond EOD, truncated [ 132.931971][ T6339] loop1: p209 size 43497 extends beyond EOD, truncated [ 132.945053][ T6445] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 132.981166][ T6339] loop1: p210 size 43497 extends beyond EOD, truncated [ 133.004700][ T6339] loop1: p211 size 43497 extends beyond EOD, truncated [ 133.013836][ T6339] loop1: p212 size 43497 extends beyond EOD, truncated [ 133.017838][ T6445] ntfs: volume version 3.1. [ 133.025657][ T6339] loop1: p213 size 43497 extends beyond EOD, truncated [ 133.038900][ T6339] loop1: p214 size 43497 extends beyond EOD, truncated [ 133.049374][ T6445] ntfs: (device loop2): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 133.049717][ T6339] loop1: p215 size 43497 extends beyond EOD, truncated [ 133.064757][ T6445] ntfs: (device loop2): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 133.073634][ T6339] loop1: p216 size 43497 extends beyond EOD, truncated [ 133.105756][ T6339] loop1: p217 size 43497 extends beyond EOD, truncated [ 133.118852][ T6445] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 133.119626][ T6339] loop1: p218 size 43497 extends beyond EOD, truncated [ 133.148433][ T6445] ntfs: (device loop2): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 133.166444][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.173328][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.176122][ T6339] loop1: p219 size 43497 extends beyond EOD, truncated [ 133.231190][ T6339] loop1: p220 size 43497 extends beyond EOD, truncated [ 133.239000][ T6445] ntfs: (device loop2): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 133.284201][ T6339] loop1: p221 size 43497 extends beyond EOD, truncated [ 133.309801][ T6339] loop1: p222 size 43497 extends beyond EOD, truncated [ 133.323018][ T6339] loop1: p223 size 43497 extends beyond EOD, truncated [ 133.370701][ T6339] loop1: p224 size 43497 extends beyond EOD, truncated [ 133.403134][ T6339] loop1: p225 size 43497 extends beyond EOD, truncated [ 133.426482][ T6339] loop1: p226 size 43497 extends beyond EOD, truncated [ 133.468613][ T6339] loop1: p227 size 43497 extends beyond EOD, truncated [ 133.510478][ T6339] loop1: p228 size 43497 extends beyond EOD, truncated [ 133.549945][ T6339] loop1: p229 size 43497 extends beyond EOD, truncated [ 133.591483][ T6339] loop1: p230 size 43497 extends beyond EOD, truncated [ 133.617482][ T6339] loop1: p231 size 43497 extends beyond EOD, truncated [ 133.681173][ T6339] loop1: p232 size 43497 extends beyond EOD, truncated [ 133.723345][ T6339] loop1: p233 size 43497 extends beyond EOD, truncated [ 133.762102][ T6339] loop1: p234 size 43497 extends beyond EOD, truncated [ 133.779797][ T6339] loop1: p235 size 43497 extends beyond EOD, truncated [ 133.812446][ T6339] loop1: p236 size 43497 extends beyond EOD, truncated [ 133.823816][ T6339] loop1: p237 size 43497 extends beyond EOD, truncated [ 133.835300][ T6339] loop1: p238 size 43497 extends beyond EOD, truncated [ 133.852967][ T6339] loop1: p239 size 43497 extends beyond EOD, truncated [ 133.882326][ T6339] loop1: p240 size 43497 extends beyond EOD, truncated [ 133.910009][ T6339] loop1: p241 size 43497 extends beyond EOD, truncated [ 133.925719][ T6339] loop1: p242 size 43497 extends beyond EOD, truncated [ 133.939084][ T6339] loop1: p243 size 43497 extends beyond EOD, truncated [ 134.074190][ T6339] loop1: p244 size 43497 extends beyond EOD, truncated [ 134.083546][ T6339] loop1: p245 size 43497 extends beyond EOD, truncated [ 134.098539][ T6339] loop1: p246 size 43497 extends beyond EOD, truncated [ 134.123818][ T6339] loop1: p247 size 43497 extends beyond EOD, truncated [ 134.134395][ T6339] loop1: p248 size 43497 extends beyond EOD, truncated [ 134.448235][ T6464] loop2: detected capacity change from 0 to 2048 [ 135.056022][ T6339] loop1: p249 size 43497 extends beyond EOD, truncated [ 135.058867][ T6464] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=18576, location=18576 [ 135.118985][ T6464] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 135.123163][ T6339] loop1: p250 size 43497 extends beyond EOD, truncated [ 135.292765][ T6339] loop1: p251 size 43497 extends beyond EOD, truncated [ 135.510737][ T6339] loop1: p252 size 43497 extends beyond EOD, truncated [ 135.602152][ T6339] loop1: p253 size 43497 extends beyond EOD, truncated [ 135.648526][ T6339] loop1: p254 size 43497 extends beyond EOD, truncated [ 135.694289][ T6339] loop1: p255 size 43497 extends beyond EOD, truncated [ 135.825568][ T6470] loop3: detected capacity change from 0 to 2048 [ 135.878248][ T6470] NILFS (loop3): Invalid checkpoint (checkpoint number=2) [ 135.920301][ T6470] NILFS (loop3): error -22 while loading last checkpoint (checkpoint number=2) [ 136.480850][ T6470] loop3: detected capacity change from 0 to 4096 [ 136.539186][ T6470] ntfs3: Unknown parameter '' [ 136.593785][ T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 136.605730][ T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 136.624745][ T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 136.643667][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 136.663781][ T51] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 136.672308][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 137.231381][ T6470] binder: 6469:6470 ioctl 4018620d 0 returned -22 [ 137.299590][ T6470] binder: 6469:6470 ioctl c0306201 0 returned -14 [ 137.373365][ T6494] binder: 6469:6494 ioctl c018620c 0 returned -14 [ 137.625548][ T6497] xt_socket: unknown flags 0x8 [ 138.766620][ T5776] Bluetooth: hci4: command tx timeout [ 139.006945][ T28] kauditd_printk_skb: 6 callbacks suppressed [ 139.006962][ T28] audit: type=1326 audit(1767344446.676:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6506 comm="syz.0.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578f749 code=0x7ffc0000 [ 139.242279][ T28] audit: type=1326 audit(1767344446.676:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6506 comm="syz.0.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578f749 code=0x7ffc0000 [ 139.397889][ T28] audit: type=1326 audit(1767344446.736:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6506 comm="syz.0.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7fd95578f749 code=0x7ffc0000 [ 139.552392][ T28] audit: type=1326 audit(1767344446.736:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6506 comm="syz.0.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578f749 code=0x7ffc0000 [ 139.761140][ T28] audit: type=1326 audit(1767344446.746:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6506 comm="syz.0.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7fd95578f749 code=0x7ffc0000 [ 139.961860][ T28] audit: type=1326 audit(1767344446.746:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6506 comm="syz.0.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578f749 code=0x7ffc0000 [ 140.164015][ T6516] loop3: detected capacity change from 0 to 512 [ 140.240713][ T6516] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 140.311518][ T6523] loop0: detected capacity change from 0 to 2048 [ 140.415725][ T6516] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e002e028, mo2=0002] [ 140.501946][ T6516] System zones: 0-2, 18-18, 34-34 [ 140.601090][ T6523] NILFS (loop0): Invalid checkpoint (checkpoint number=2) [ 140.613217][ T6516] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 42 vs 41 free clusters [ 140.649838][ T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.668627][ T6523] NILFS (loop0): error -22 while loading last checkpoint (checkpoint number=2) [ 140.754462][ T6516] EXT4-fs (loop3): Remounting filesystem read-only [ 140.832545][ T6516] EXT4-fs (loop3): 1 truncate cleaned up [ 140.855407][ T5776] Bluetooth: hci4: command tx timeout [ 140.859780][ T2903] Quota error (device loop3): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync! [ 140.899674][ T6516] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.937239][ T6516] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 140.980782][ T2903] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 141.082806][ T2903] Quota error (device loop3): write_blk: dquota write failed [ 141.171876][ T2903] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries [ 141.271835][ T2903] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 141.311804][ T2903] Quota error (device loop3): write_blk: dquota write failed [ 141.373089][ T2903] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started [ 141.400669][ T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.516799][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.556976][ T6531] netlink: 'syz.2.203': attribute type 29 has an invalid length. [ 141.560331][ T6480] chnl_net:caif_netlink_parms(): no params data found [ 141.629159][ T6531] netlink: 'syz.2.203': attribute type 29 has an invalid length. [ 141.766967][ T6523] loop0: detected capacity change from 0 to 4096 [ 141.836645][ T6523] ntfs3: Unknown parameter '' [ 141.918950][ T6534] loop3: detected capacity change from 0 to 512 [ 141.999569][ T6534] EXT4-fs (loop3): Test dummy encryption mode enabled [ 142.033742][ T6534] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 142.039203][ T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.099742][ T6534] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.204: bad orphan inode 131083 [ 142.151126][ T6523] binder: 6519:6523 ioctl 4018620d 0 returned -22 [ 142.153593][ T6534] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.159425][ T6523] binder: 6519:6523 ioctl c0306201 0 returned -14 [ 142.193851][ T6523] binder: 6519:6523 ioctl c018620c 0 returned -14 [ 142.319896][ T6532] netlink: 'syz.2.203': attribute type 29 has an invalid length. [ 142.522426][ T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.729869][ T6534] fscrypt (loop3): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 142.922115][ T5776] Bluetooth: hci4: command tx timeout [ 143.132345][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.478851][ T6553] netlink: 8 bytes leftover after parsing attributes in process `syz.3.207'. [ 144.076278][ T6480] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.192051][ T6480] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.199425][ T6480] bridge_slave_0: entered allmulticast mode [ 144.316013][ T6480] bridge_slave_0: entered promiscuous mode [ 144.399983][ T6480] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.438860][ T6480] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.502260][ T6480] bridge_slave_1: entered allmulticast mode [ 144.509825][ T6480] bridge_slave_1: entered promiscuous mode [ 144.695388][ T6565] loop2: detected capacity change from 0 to 4096 [ 144.932548][ T6571] loop0: detected capacity change from 0 to 256 [ 144.968453][ T6573] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 145.002562][ T5776] Bluetooth: hci4: command tx timeout [ 145.064113][ T6574] netlink: 12 bytes leftover after parsing attributes in process `syz.3.214'. [ 145.224542][ T5776] block nbd2: Receive control failed (result -107) [ 145.263981][ T6571] FAT-fs (loop0): Directory bread(block 64) failed [ 145.349991][ T6571] FAT-fs (loop0): Directory bread(block 65) failed [ 145.390447][ T6571] FAT-fs (loop0): Directory bread(block 66) failed [ 145.460345][ T6571] FAT-fs (loop0): Directory bread(block 67) failed [ 145.533787][ T6571] FAT-fs (loop0): Directory bread(block 68) failed [ 145.541480][ T6571] FAT-fs (loop0): Directory bread(block 69) failed [ 145.661630][ T6571] FAT-fs (loop0): Directory bread(block 70) failed [ 145.701970][ T6571] FAT-fs (loop0): Directory bread(block 71) failed [ 145.708705][ T6571] FAT-fs (loop0): Directory bread(block 72) failed [ 145.818640][ T6571] FAT-fs (loop0): Directory bread(block 73) failed [ 145.828854][ T6480] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 145.939597][ T6480] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 146.332041][ T6580] loop3: detected capacity change from 0 to 4096 [ 146.437897][ T6580] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 146.487311][ T6580] EXT4-fs (loop3): Test dummy encryption mode enabled [ 146.653453][ T6580] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 146.929404][ T6580] fscrypt (loop3): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 147.335488][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.501267][ T6480] team0: Port device team_slave_0 added [ 147.568639][ T6480] team0: Port device team_slave_1 added [ 148.108978][ T6596] netlink: 8 bytes leftover after parsing attributes in process `syz.3.218'. [ 149.173316][ T6608] netlink: 12 bytes leftover after parsing attributes in process `syz.3.223'. [ 149.287404][ T5776] block nbd3: Receive control failed (result -107) [ 149.446534][ T6480] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 149.521757][ T6480] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 149.707336][ T6480] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 150.072730][ T6480] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 150.079755][ T6480] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 150.168382][ T6621] loop0: detected capacity change from 0 to 256 [ 150.362053][ T6480] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 151.499009][ T6631] loop2: detected capacity change from 0 to 512 [ 151.544231][ T6631] EXT4-fs: Ignoring removed nomblk_io_submit option [ 151.692022][ T6631] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2249: inode #15: comm syz.2.232: corrupted in-inode xattr: e_value size too large [ 151.709317][ T6635] netlink: 12 bytes leftover after parsing attributes in process `syz.3.233'. [ 151.731094][ T6480] hsr_slave_0: entered promiscuous mode [ 151.757257][ T6635] netlink: 20 bytes leftover after parsing attributes in process `syz.3.233'. [ 151.762782][ T5776] block nbd4: Receive control failed (result -107) [ 151.784933][ T6631] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.232: couldn't read orphan inode 15 (err -117) [ 151.868603][ T6480] hsr_slave_1: entered promiscuous mode [ 151.881020][ T6631] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.908064][ T6480] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 151.921839][ T6480] Cannot create hsr debugfs directory [ 152.270570][ T6638] block nbd3: Cannot use ioctl interface on a netlink controlled device. [ 152.408727][ T6638] block nbd3: Cannot use ioctl interface on a netlink controlled device. [ 152.542820][ T6638] block nbd3: shutting down sockets [ 152.543914][ T5764] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.168025][ T6627] loop0: detected capacity change from 0 to 32768 [ 153.214253][ T6627] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 153.227191][ T6627] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 153.277194][ T6644] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0) [ 153.316191][ T6627] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 153.421957][ T27] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 153.463462][ T27] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 153.586534][ T27] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 123ms [ 153.616718][ T27] gfs2: fsid=syz:syz.0: jid=0: Done [ 153.636883][ T6627] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 154.211031][ T6670] netlink: 12 bytes leftover after parsing attributes in process `syz.3.241'. [ 154.243024][ T6627] gfs2: fsid=syz:syz.0: found 1 quota changes [ 154.301897][ T5776] block nbd3: Receive control failed (result -107) [ 154.331684][ T6670] netlink: 20 bytes leftover after parsing attributes in process `syz.3.241'. [ 154.460814][ T5767] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error [ 154.460814][ T5767] inode = 11 2339 [ 154.460814][ T5767] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 472 [ 154.544705][ T5767] gfs2: fsid=syz:syz.0: G: s:EX n:2/923 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1 [ 154.573348][ T5767] gfs2: fsid=syz:syz.0: H: s:EX f:H e:0 p:5767 [syz-executor] gfs2_quota_sync+0x411/0x5a0 [ 154.633957][ T5767] gfs2: fsid=syz:syz.0: I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0 [ 154.661836][ T5767] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 154.661873][ T11] hsr_slave_0: left promiscuous mode [ 154.712915][ T5767] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 154.723598][ T11] hsr_slave_1: left promiscuous mode [ 154.733461][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 154.747629][ T5767] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 154.762579][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 154.770129][ T5767] gfs2: fsid=syz:syz.0: File system withdrawn [ 154.773557][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 154.790471][ T5767] CPU: 0 PID: 5767 Comm: syz-executor Not tainted syzkaller #0 [ 154.798096][ T5767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 154.808193][ T5767] Call Trace: [ 154.811504][ T5767] [ 154.811789][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 154.814447][ T5767] dump_stack_lvl+0x16c/0x230 [ 154.826304][ T5767] ? kobject_uevent_env+0x363/0x8c0 [ 154.831542][ T5767] ? show_regs_print_info+0x20/0x20 [ 154.836796][ T5767] ? load_image+0x3b0/0x3b0 [ 154.841348][ T5767] ? kobject_uevent_env+0x363/0x8c0 [ 154.846601][ T5767] gfs2_withdraw+0xe50/0x13b0 [ 154.851338][ T5767] ? gfs2_lm+0x220/0x220 [ 154.855632][ T5767] ? preempt_schedule+0xab/0xc0 [ 154.860537][ T5767] ? gfs2_consist_inode_i+0xf5/0x110 [ 154.865876][ T5767] gfs2_inode_refresh+0xb83/0xff0 [ 154.870940][ T5767] ? gfs2_inode_metasync+0xf0/0xf0 [ 154.876089][ T5767] ? gfs2_glock_nq+0xd4f/0x1420 [ 154.880995][ T5767] gfs2_instantiate+0x162/0x220 [ 154.885907][ T5767] gfs2_glock_wait+0x1d4/0x2a0 [ 154.890714][ T5767] do_sync+0x47d/0xe00 [ 154.894828][ T5767] ? gfs2_quota_sync+0x411/0x5a0 [ 154.899827][ T5767] ? bh_get+0x710/0x710 [ 154.904037][ T5767] ? __lock_acquire+0x7c80/0x7c80 [ 154.909091][ T5767] ? do_raw_spin_lock+0x121/0x2c0 [ 154.914158][ T5767] ? gfs2_quota_sync+0x411/0x5a0 [ 154.919146][ T5767] ? do_raw_spin_unlock+0x121/0x230 [ 154.924390][ T5767] gfs2_quota_sync+0x411/0x5a0 [ 154.929210][ T5767] gfs2_sync_fs+0x4c/0xb0 [ 154.933581][ T5767] sync_filesystem+0xea/0x220 [ 154.938315][ T5767] generic_shutdown_super+0x6f/0x2b0 [ 154.943647][ T5767] kill_block_super+0x44/0x90 [ 154.948358][ T5767] deactivate_locked_super+0x97/0x100 [ 154.953773][ T5767] cleanup_mnt+0x429/0x4c0 [ 154.958229][ T5767] task_work_run+0x1ce/0x250 [ 154.962876][ T5767] ? task_work_cancel+0x240/0x240 [ 154.967958][ T5767] ? exit_to_user_mode_loop+0x3b/0x110 [ 154.973466][ T5767] exit_to_user_mode_loop+0xe6/0x110 [ 154.979233][ T5767] exit_to_user_mode_prepare+0xf6/0x180 [ 154.984828][ T5767] syscall_exit_to_user_mode+0x1a/0x50 [ 154.990337][ T5767] do_syscall_64+0x61/0xb0 [ 154.994786][ T5767] ? clear_bhb_loop+0x40/0x90 [ 154.999496][ T5767] ? clear_bhb_loop+0x40/0x90 [ 155.004217][ T5767] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 155.010156][ T5767] RIP: 0033:0x7fd955790a77 [ 155.014619][ T5767] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 155.034273][ T5767] RSP: 002b:00007ffd27c2f0d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 155.042746][ T5767] RAX: 0000000000000000 RBX: 00007fd955813d7d RCX: 00007fd955790a77 [ 155.050759][ T5767] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd27c2f190 [ 155.058770][ T5767] RBP: 00007ffd27c2f190 R08: 0000000000000000 R09: 0000000000000000 [ 155.066785][ T5767] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd27c30220 [ 155.074798][ T5767] R13: 00007fd955813d7d R14: 0000000000024dbb R15: 00007ffd27c30260 [ 155.082834][ T5767] [ 155.097198][ T11] bridge_slave_1: left allmulticast mode [ 155.106376][ T11] bridge_slave_1: left promiscuous mode [ 155.132551][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 155.168576][ T11] bridge_slave_0: left allmulticast mode [ 155.177764][ T11] bridge_slave_0: left promiscuous mode [ 155.183645][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 155.250439][ T11] veth1_macvtap: left promiscuous mode [ 155.262173][ T11] veth0_macvtap: left promiscuous mode [ 155.268695][ T11] veth1_vlan: left promiscuous mode [ 155.292910][ T6676] loop3: detected capacity change from 0 to 32768 [ 155.322285][ T11] veth0_vlan: left promiscuous mode [ 155.397993][ T6676] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 155.593238][ T6676] XFS (loop3): Ending clean mount [ 155.615630][ T6676] XFS (loop3): Quotacheck needed: Please wait. [ 155.859425][ T6691] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 156.021165][ T6676] XFS (loop3): Quotacheck: Done. [ 156.082955][ T6691] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 156.246291][ T6691] block nbd0: shutting down sockets [ 156.498493][ T5766] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 157.255748][ T6701] netlink: 12 bytes leftover after parsing attributes in process `syz.3.250'. [ 157.304830][ T6704] netlink: 20 bytes leftover after parsing attributes in process `syz.3.250'. [ 157.314748][ T5776] block nbd0: Receive control failed (result -107) [ 157.380444][ T11] team0 (unregistering): Port device team_slave_1 removed [ 158.866752][ T11] team0 (unregistering): Port device team_slave_0 removed [ 158.938267][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 159.027729][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 160.358551][ T11] bond0 (unregistering): Released all slaves [ 160.565384][ T6480] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 160.625265][ T6480] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 160.664481][ T6480] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 160.686981][ T6721] overlayfs: failed to resolve './file1/file0': -2 [ 160.732519][ T6480] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 160.806844][ T6726] netlink: 12 bytes leftover after parsing attributes in process `syz.3.259'. [ 160.864878][ T5776] block nbd5: Receive control failed (result -107) [ 160.880518][ T6726] netlink: 20 bytes leftover after parsing attributes in process `syz.3.259'. [ 161.124300][ T6480] 8021q: adding VLAN 0 to HW filter on device bond0 [ 161.247941][ T6480] 8021q: adding VLAN 0 to HW filter on device team0 [ 161.334940][ T2915] bridge0: port 1(bridge_slave_0) entered blocking state [ 161.342278][ T2915] bridge0: port 1(bridge_slave_0) entered forwarding state [ 161.488312][ T6747] block nbd2: Cannot use ioctl interface on a netlink controlled device. [ 161.555188][ T2915] bridge0: port 2(bridge_slave_1) entered blocking state [ 161.562473][ T2915] bridge0: port 2(bridge_slave_1) entered forwarding state [ 161.643351][ T6747] block nbd2: Cannot use ioctl interface on a netlink controlled device. [ 161.700419][ T6747] block nbd2: shutting down sockets [ 161.966224][ T11] IPVS: stop unused estimator thread 0... [ 162.600075][ T6480] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 163.126461][ T6784] netlink: 12 bytes leftover after parsing attributes in process `syz.2.268'. [ 163.205251][ T5776] block nbd2: Receive control failed (result -107) [ 163.214961][ T6784] netlink: 20 bytes leftover after parsing attributes in process `syz.2.268'. [ 163.283494][ T5776] Bluetooth: hci1: unexpected event 0x03 length: 1 < 11 [ 163.658653][ T6480] veth0_vlan: entered promiscuous mode [ 163.693594][ T6480] veth1_vlan: entered promiscuous mode [ 164.088795][ T6480] veth0_macvtap: entered promiscuous mode [ 164.304942][ T6480] veth1_macvtap: entered promiscuous mode [ 164.361630][ T6480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 164.398912][ T6480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.429686][ T6480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 164.460886][ T6480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.481587][ T6480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 164.523975][ T6480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.536972][ T6480] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 164.547814][ T6480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 164.558664][ T6480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.573824][ T6480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 164.591288][ T6480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.609791][ T6480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 164.628831][ T6480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 164.648746][ T6480] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 164.672691][ T6480] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.681437][ T6480] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.693626][ T6480] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.702903][ T6480] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.826216][ T2903] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 164.841292][ T2903] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 164.878164][ T2903] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 164.888441][ T2903] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 166.831928][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 166.831945][ T28] audit: type=1326 audit(1767344474.506:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6814 comm="syz.0.281" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd95578f749 code=0x0 [ 167.178757][ T6832] block nbd4: Cannot use ioctl interface on a netlink controlled device. [ 167.322098][ T6832] block nbd4: Cannot use ioctl interface on a netlink controlled device. [ 167.370560][ T5833] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 167.414028][ T6832] block nbd4: shutting down sockets [ 167.752199][ T5833] usb 3-1: Using ep0 maxpacket: 32 [ 167.761318][ T6826] orangefs_mount: mount request failed with -4 [ 167.786217][ T6831] bond_slave_0: entered promiscuous mode [ 167.793064][ T6831] bond_slave_1: entered promiscuous mode [ 167.822514][ T6831] vlan2: entered promiscuous mode [ 167.827689][ T6831] bond0: entered promiscuous mode [ 167.953830][ T6842] loop0: detected capacity change from 0 to 164 [ 168.012875][ T5833] usb 3-1: unable to get BOS descriptor or descriptor too short [ 168.020660][ T5833] usb 3-1: no configurations [ 168.053273][ T5833] usb 3-1: can't read configurations, error -22 [ 168.069518][ T6842] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 168.439680][ T6849] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 168.484513][ T6849] Symlink component flag not implemented [ 168.490413][ T6849] Symlink component flag not implemented [ 168.497268][ T6849] Symlink component flag not implemented (7) [ 168.503464][ T6849] Symlink component flag not implemented (116) [ 169.444667][ T6848] loop3: detected capacity change from 0 to 8192 [ 169.506457][ T28] audit: type=1800 audit(1767344477.186:11): pid=6848 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.277" name="bus" dev="loop3" ino=1048617 res=0 errno=0 [ 170.121293][ T6864] loop4: detected capacity change from 0 to 40427 [ 170.294429][ T6864] F2FS-fs (loop4): invalid crc value [ 170.376590][ T6864] F2FS-fs (loop4): Found nat_bits in checkpoint [ 170.456568][ T6864] F2FS-fs (loop4): Start checkpoint disabled! [ 170.581889][ T6864] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 171.223066][ T6882] loop2: detected capacity change from 0 to 4096 [ 171.231458][ T6882] ntfs: (device loop2): parse_options(): Unrecognized mount option disable_sparse3yes. [ 171.251987][ T6882] ntfs: (device loop2): parse_options(): Invalid dmask option argument: 017777777777777yÓ577 [ 171.576161][ T11] kworker/u4:0: attempt to access beyond end of device [ 171.576161][ T11] loop4: rw=1, sector=45096, nr_sectors = 8 limit=40427 [ 171.670637][ T11] kworker/u4:0: attempt to access beyond end of device [ 171.670637][ T11] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 171.773057][ T6896] block nbd2: Cannot use ioctl interface on a netlink controlled device. [ 172.241208][ T11] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 172.248633][ T11] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 172.804250][ T6902] block nbd3: Cannot use ioctl interface on a netlink controlled device. [ 172.817092][ T6902] block nbd3: Cannot use ioctl interface on a netlink controlled device. [ 172.832854][ T6902] block nbd3: shutting down sockets [ 176.650284][ T6932] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 176.943716][ T6940] loop4: detected capacity change from 0 to 2048 [ 176.980978][ T6940] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 177.149613][ T6945] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 177.181520][ T6945] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 177.217515][ T6945] block nbd0: shutting down sockets [ 182.690288][ T6985] block nbd4: shutting down sockets [ 183.586602][ T6996] loop2: detected capacity change from 0 to 1024 [ 183.830474][ T6999] loop4: detected capacity change from 0 to 128 [ 183.870410][ T6999] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 183.899906][ T2903] hfsplus: b-tree write err: -5, ino 4 [ 184.124035][ T6976] loop0: detected capacity change from 0 to 32768 [ 184.157041][ T6976] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 scanned by syz.0.318 (6976) [ 184.241422][ T6976] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 184.283503][ T6976] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 184.323484][ T6976] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 184.351051][ T6976] BTRFS info (device loop0): use zstd compression, level 3 [ 184.396809][ T6976] BTRFS info (device loop0): using free space tree [ 184.483405][ T7018] block nbd2: Cannot use ioctl interface on a netlink controlled device. [ 186.373936][ T6976] BTRFS error (device loop0): open_ctree failed: -4 [ 186.510406][ T7032] loop2: detected capacity change from 0 to 4096 [ 186.716518][ T7032] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 187.017735][ T5764] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.640070][ T7046] block nbd3: shutting down sockets [ 192.674298][ T7083] loop4: detected capacity change from 0 to 2048 [ 192.738619][ T7083] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 192.775427][ T7083] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 193.400871][ T7098] block nbd2: Cannot use ioctl interface on a netlink controlled device. [ 193.414211][ T7096] loop4: detected capacity change from 0 to 2048 [ 193.422332][ T7096] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=18576, location=18576 [ 193.430553][ T7098] block nbd2: Cannot use ioctl interface on a netlink controlled device. [ 193.463563][ T7096] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 193.503241][ T7098] block nbd2: shutting down sockets [ 194.821210][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.827734][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.558874][ T7121] loop2: detected capacity change from 0 to 2048 [ 195.598099][ T7121] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 196.734251][ T7134] block nbd4: shutting down sockets [ 196.923865][ T5083] Bluetooth: hci1: command 0x0406 tx timeout [ 196.935009][ T5769] Bluetooth: hci0: command 0x0406 tx timeout [ 196.943521][ T5775] Bluetooth: hci3: command 0x0406 tx timeout [ 197.065072][ T7143] loop2: detected capacity change from 0 to 2048 [ 197.073155][ T7143] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=18576, location=18576 [ 197.114527][ T7143] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 199.123899][ T7166] ubi31: detaching mtd0 [ 199.403013][ T7166] ubi31: mtd0 is detached [ 199.655356][ T5778] Bluetooth: hci0: unexpected event for opcode 0x2016 [ 200.316983][ T7180] loop2: detected capacity change from 0 to 2048 [ 200.327263][ T7180] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=18576, location=18576 [ 200.493024][ T7173] block nbd4: shutting down sockets [ 200.697325][ T7180] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 201.247416][ T7188] loop2: detected capacity change from 0 to 1024 [ 201.316656][ T7188] ext4: Unknown parameter 'obj_user' [ 201.351612][ T5778] Bluetooth: hci0: unexpected event for opcode 0x2060 [ 201.360521][ T5778] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 201.453019][ T7198] netlink: 12 bytes leftover after parsing attributes in process `syz.0.373'. [ 202.041028][ T7209] loop3: detected capacity change from 0 to 2048 [ 202.049188][ T7209] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=18576, location=18576 [ 202.281200][ T7209] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 202.476320][ T7219] loop0: detected capacity change from 0 to 64 [ 202.841991][ T7225] loop3: detected capacity change from 0 to 1024 [ 202.882961][ T7225] EXT4-fs: Ignoring removed mblk_io_submit option [ 202.930052][ T7225] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 202.949484][ T7225] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 203.012384][ T7225] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #11: comm syz.3.384: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 203.103463][ T7225] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.384: couldn't read orphan inode 11 (err -117) [ 203.236046][ T7225] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 203.270742][ T7236] block nbd0: shutting down sockets [ 203.401840][ T5778] Bluetooth: hci0: command 0x0406 tx timeout [ 203.726197][ T7225] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:478: comm syz.3.384: Invalid block bitmap block 0 in block_group 0 [ 203.779668][ T7225] Quota error (device loop3): write_blk: dquota write failed [ 203.821790][ T7225] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 203.884820][ T7225] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.384: Failed to acquire dquot type 0 [ 204.036775][ T7252] netlink: 104 bytes leftover after parsing attributes in process `syz.4.391'. [ 204.162139][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.392390][ T7255] loop2: detected capacity change from 0 to 2048 [ 204.400301][ T7255] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=18576, location=18576 [ 204.445075][ T7255] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 204.858065][ T5778] Bluetooth: Unexpected start frame (len 4) [ 205.329956][ T7267] loop3: detected capacity change from 0 to 256 [ 205.503830][ T7267] FAT-fs (loop3): Directory bread(block 64) failed [ 205.532612][ T7267] FAT-fs (loop3): Directory bread(block 65) failed [ 205.539305][ T7267] FAT-fs (loop3): Directory bread(block 66) failed [ 205.591522][ T7267] FAT-fs (loop3): Directory bread(block 67) failed [ 205.612116][ T7267] FAT-fs (loop3): Directory bread(block 68) failed [ 205.618717][ T7267] FAT-fs (loop3): Directory bread(block 69) failed [ 205.664236][ T7267] FAT-fs (loop3): Directory bread(block 70) failed [ 205.664548][ T7274] loop4: detected capacity change from 0 to 512 [ 205.670970][ T7267] FAT-fs (loop3): Directory bread(block 71) failed [ 205.712069][ T7267] FAT-fs (loop3): Directory bread(block 72) failed [ 205.735135][ T7274] [EXT4 FS bs=4096, gc=1, bpg=95, ipg=32, mo=e040e01c, mo2=0000] [ 205.739111][ T7267] FAT-fs (loop3): Directory bread(block 73) failed [ 205.761907][ T7274] System zones: 0-2, 18-18, 34-34 [ 205.830566][ T7274] EXT4-fs error (device loop4): ext4_do_update_inode:5244: inode #3: comm syz.4.399: corrupted inode contents [ 205.915931][ T7278] loop2: detected capacity change from 0 to 256 [ 205.933389][ T7274] EXT4-fs error (device loop4): ext4_dirty_inode:6120: inode #3: comm syz.4.399: mark_inode_dirty error [ 205.945845][ T7267] syz.3.398: attempt to access beyond end of device [ 205.945845][ T7267] loop3: rw=0, sector=1192, nr_sectors = 4 limit=256 [ 206.004491][ T7274] EXT4-fs error (device loop4): ext4_do_update_inode:5244: inode #3: comm syz.4.399: corrupted inode contents [ 206.043882][ T7274] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #3: comm syz.4.399: mark_inode_dirty error [ 206.048549][ T7278] FAT-fs (loop2): Directory bread(block 64) failed [ 206.074895][ T7274] Quota error (device loop4): write_blk: dquota write failed [ 206.082638][ T7278] FAT-fs (loop2): Directory bread(block 65) failed [ 206.092899][ T28] audit: type=1800 audit(1767344513.776:12): pid=7279 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.398" name="file1" dev="loop3" ino=1048619 res=0 errno=0 [ 206.111863][ T7278] FAT-fs (loop2): Directory bread(block 66) failed [ 206.120798][ T7274] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 206.139826][ T7278] FAT-fs (loop2): Directory bread(block 67) failed [ 206.153080][ T7274] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.399: Failed to acquire dquot type 0 [ 206.176256][ T7278] FAT-fs (loop2): Directory bread(block 68) failed [ 206.191974][ T7278] FAT-fs (loop2): Directory bread(block 69) failed [ 206.208915][ T7278] FAT-fs (loop2): Directory bread(block 70) failed [ 206.234856][ T7274] EXT4-fs (loop4): 1 orphan inode deleted [ 206.240836][ T7278] FAT-fs (loop2): Directory bread(block 71) failed [ 206.266668][ T7278] FAT-fs (loop2): Directory bread(block 72) failed [ 206.267215][ T7274] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 206.281807][ T7278] FAT-fs (loop2): Directory bread(block 73) failed [ 206.318690][ T2952] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 206.335247][ T7274] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 206.392105][ T2952] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u4:9: Failed to release dquot type 1 [ 206.468022][ T7282] loop3: detected capacity change from 0 to 512 [ 206.572057][ T7282] EXT4-fs (loop3): orphan cleanup on readonly fs [ 206.607635][ T6480] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.621753][ T7282] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.402: bg 0: block 248: padding at end of block bitmap is not set [ 206.697575][ T7282] Quota error (device loop3): write_blk: dquota write failed [ 206.736769][ T7282] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 206.777288][ T7282] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.402: Failed to acquire dquot type 1 [ 206.831228][ T7282] EXT4-fs (loop3): 1 truncate cleaned up [ 206.859109][ T7262] loop0: detected capacity change from 0 to 40427 [ 206.873063][ T7282] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 206.889283][ T7262] F2FS-fs (loop0): Invalid segment count (1) [ 206.903073][ T7262] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 206.919448][ T7262] F2FS-fs (loop0): heap/no_heap options were deprecated [ 207.194953][ T7262] F2FS-fs (loop0): invalid crc value [ 207.366398][ T787] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 207.442116][ T7262] F2FS-fs (loop0): Found nat_bits in checkpoint [ 207.533377][ T7282] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 207.547021][ T7282] EXT4-fs warning (device loop3): read_mmp_block:115: Error -117 while reading MMP block 0 [ 207.595618][ T7295] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 207.648434][ T7262] F2FS-fs (loop0): Try to recover 1th superblock, ret: -30 [ 207.655763][ T787] usb 3-1: Using ep0 maxpacket: 16 [ 207.666797][ T787] usb 3-1: New USB device found, idVendor=1a0a, idProduct=0104, bcdDevice=dd.d4 [ 207.692245][ T787] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 207.694551][ T7262] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 207.707625][ T787] usb 3-1: Product: syz [ 207.715900][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.733606][ T787] usb 3-1: Manufacturer: syz [ 207.740934][ T787] usb 3-1: SerialNumber: syz [ 207.783136][ T787] usb 3-1: config 0 descriptor?? [ 207.804562][ T787] usb_ehset_test: probe of 3-1:0.0 failed with error -32 [ 208.092487][ T5810] usb 3-1: USB disconnect, device number 5 [ 208.164178][ T7301] loop3: detected capacity change from 0 to 2048 [ 208.171584][ T7301] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=18576, location=18576 [ 208.246814][ T7301] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 208.793874][ T51] Bluetooth: hci1: unexpected event for opcode 0x2016 [ 209.220291][ T5778] block nbd4: Receive control failed (result -32) [ 209.253462][ T7309] block nbd4: shutting down sockets [ 209.478692][ T7321] syz.3.411 uses obsolete (PF_INET,SOCK_PACKET) [ 209.586338][ T7323] loop0: detected capacity change from 0 to 2048 [ 209.631928][ T7323] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 209.723024][ T7334] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 210.814674][ T7346] block nbd4: shutting down sockets [ 211.427715][ T7349] loop2: detected capacity change from 0 to 2048 [ 211.435077][ T7349] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=18576, location=18576 [ 211.451353][ T7349] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 212.027041][ T7365] loop2: detected capacity change from 0 to 512 [ 212.077112][ T7365] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 212.201234][ T7365] UDF-fs: error (device loop2): udf_read_inode: (ino 19) failed ident=264 [ 212.278812][ T7365] ------------[ cut here ]------------ [ 212.284832][ T7365] WARNING: CPU: 0 PID: 7365 at fs/udf/truncate.c:224 udf_truncate_extents+0xd46/0xeb0 [ 212.294611][ T7365] Modules linked in: [ 212.298651][ T7365] CPU: 0 PID: 7365 Comm: syz.2.422 Not tainted syzkaller #0 [ 212.307260][ T7365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 212.317792][ T7365] RIP: 0010:udf_truncate_extents+0xd46/0xeb0 [ 212.323953][ T7365] Code: 65 48 8b 04 25 28 00 00 00 48 3b 84 24 80 01 00 00 75 70 44 89 e0 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 2a 90 8d fe <0f> 0b eb 8e 44 89 e9 80 e1 07 38 c1 0f 8c ec f3 ff ff 4c 89 ef e8 [ 212.343738][ T7365] RSP: 0018:ffffc9000473f8e0 EFLAGS: 00010283 [ 212.349868][ T7365] RAX: ffffffff82f80096 RBX: 1ffff11009dc480a RCX: 0000000000080000 [ 212.358511][ T7365] RDX: ffffc9000d59c000 RSI: 0000000000010f7e RDI: 0000000000010f7f [ 212.367267][ T7365] RBP: ffffc9000473fac0 R08: ffff88802cac9e00 R09: 0000000000000002 [ 212.375355][ T7365] R10: 0000000000000001 R11: 0000000000000002 R12: 0000000000000000 [ 212.383589][ T7365] R13: 0000000000000000 R14: 000000000000000a R15: 000000000000000a [ 212.391614][ T7365] FS: 00007f4133d716c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 212.400668][ T7365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.408490][ T7365] CR2: 00007f8075c95000 CR3: 0000000062006000 CR4: 00000000003506f0 [ 212.416808][ T7365] Call Trace: [ 212.420157][ T7365] [ 212.423249][ T7365] ? udf_discard_prealloc+0x570/0x570 [ 212.428681][ T7365] ? udf_write_failed+0x178/0x1b0 [ 212.433861][ T7365] ? __lock_acquire+0x7c80/0x7c80 [ 212.438935][ T7365] ? __rwlock_init+0xa0/0x150 [ 212.444401][ T7365] ? down_write+0x162/0x1f0 [ 212.448985][ T7365] ? do_raw_spin_unlock+0x121/0x230 [ 212.454363][ T7365] udf_write_failed+0x180/0x1b0 [ 212.459284][ T7365] udf_write_begin+0x21f/0x430 [ 212.464216][ T7365] generic_perform_write+0x2fb/0x5b0 [ 212.469607][ T7365] ? generic_file_direct_write+0x3e0/0x3e0 [ 212.475578][ T7365] ? __mnt_drop_write_file+0xc3/0x100 [ 212.481020][ T7365] ? __generic_file_write_iter+0xf7/0x230 [ 212.486931][ T7365] ? udf_file_write_iter+0x2b1/0x620 [ 212.492341][ T7365] udf_file_write_iter+0x2c0/0x620 [ 212.497515][ T7365] vfs_write+0x43b/0x940 [ 212.501923][ T7365] ? file_end_write+0x250/0x250 [ 212.507952][ T7365] ? __fget_files+0x44a/0x4d0 [ 212.513007][ T7365] ? __fdget_pos+0x2a3/0x330 [ 212.517655][ T7365] ? ksys_write+0x75/0x250 [ 212.522224][ T7365] ksys_write+0x147/0x250 [ 212.526622][ T7365] ? __ia32_sys_read+0x90/0x90 [ 212.531457][ T7365] ? lockdep_hardirqs_on+0x98/0x150 [ 212.536829][ T7365] do_syscall_64+0x55/0xb0 [ 212.541301][ T7365] ? clear_bhb_loop+0x40/0x90 [ 212.546140][ T7365] ? clear_bhb_loop+0x40/0x90 [ 212.550890][ T7365] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 212.556931][ T7365] RIP: 0033:0x7f4132f8f749 [ 212.561396][ T7365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.581363][ T7365] RSP: 002b:00007f4133d71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 212.589936][ T7365] RAX: ffffffffffffffda RBX: 00007f41331e5fa0 RCX: 00007f4132f8f749 [ 212.598088][ T7365] RDX: 00000000fffffdab RSI: 0000200000000000 RDI: 0000000000000004 [ 212.606171][ T7365] RBP: 00007f4133013f91 R08: 0000000000000000 R09: 0000000000000000 [ 212.615411][ T7365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 212.623800][ T7365] R13: 00007f41331e6038 R14: 00007f41331e5fa0 R15: 00007ffc08cc0ad8 [ 212.631940][ T7365] [ 212.635016][ T7365] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 212.642350][ T7365] CPU: 0 PID: 7365 Comm: syz.2.422 Not tainted syzkaller #0 [ 212.649677][ T7365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 212.659772][ T7365] Call Trace: [ 212.663133][ T7365] [ 212.666112][ T7365] dump_stack_lvl+0x16c/0x230 [ 212.670851][ T7365] ? show_regs_print_info+0x20/0x20 [ 212.676108][ T7365] ? load_image+0x3b0/0x3b0 [ 212.680679][ T7365] panic+0x2c0/0x710 [ 212.684631][ T7365] ? bpf_jit_dump+0xd0/0xd0 [ 212.689202][ T7365] __warn+0x2e0/0x470 [ 212.693222][ T7365] ? udf_truncate_extents+0xd46/0xeb0 [ 212.698616][ T7365] ? udf_truncate_extents+0xd46/0xeb0 [ 212.703999][ T7365] report_bug+0x2be/0x4f0 [ 212.708408][ T7365] ? udf_truncate_extents+0xd46/0xeb0 [ 212.713804][ T7365] ? udf_truncate_extents+0xd46/0xeb0 [ 212.719189][ T7365] ? udf_truncate_extents+0xd48/0xeb0 [ 212.724575][ T7365] handle_bug+0xcf/0x120 [ 212.728839][ T7365] exc_invalid_op+0x1a/0x50 [ 212.733418][ T7365] asm_exc_invalid_op+0x1a/0x20 [ 212.738282][ T7365] RIP: 0010:udf_truncate_extents+0xd46/0xeb0 [ 212.744281][ T7365] Code: 65 48 8b 04 25 28 00 00 00 48 3b 84 24 80 01 00 00 75 70 44 89 e0 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 2a 90 8d fe <0f> 0b eb 8e 44 89 e9 80 e1 07 38 c1 0f 8c ec f3 ff ff 4c 89 ef e8 [ 212.763899][ T7365] RSP: 0018:ffffc9000473f8e0 EFLAGS: 00010283 [ 212.769980][ T7365] RAX: ffffffff82f80096 RBX: 1ffff11009dc480a RCX: 0000000000080000 [ 212.777963][ T7365] RDX: ffffc9000d59c000 RSI: 0000000000010f7e RDI: 0000000000010f7f [ 212.785972][ T7365] RBP: ffffc9000473fac0 R08: ffff88802cac9e00 R09: 0000000000000002 [ 212.793972][ T7365] R10: 0000000000000001 R11: 0000000000000002 R12: 0000000000000000 [ 212.802046][ T7365] R13: 0000000000000000 R14: 000000000000000a R15: 000000000000000a [ 212.810034][ T7365] ? udf_truncate_extents+0xd46/0xeb0 [ 212.815452][ T7365] ? udf_discard_prealloc+0x570/0x570 [ 212.820870][ T7365] ? udf_write_failed+0x178/0x1b0 [ 212.826021][ T7365] ? __lock_acquire+0x7c80/0x7c80 [ 212.831077][ T7365] ? __rwlock_init+0xa0/0x150 [ 212.835775][ T7365] ? down_write+0x162/0x1f0 [ 212.840295][ T7365] ? do_raw_spin_unlock+0x121/0x230 [ 212.845519][ T7365] udf_write_failed+0x180/0x1b0 [ 212.850393][ T7365] udf_write_begin+0x21f/0x430 [ 212.855184][ T7365] generic_perform_write+0x2fb/0x5b0 [ 212.860497][ T7365] ? generic_file_direct_write+0x3e0/0x3e0 [ 212.866317][ T7365] ? __mnt_drop_write_file+0xc3/0x100 [ 212.871714][ T7365] ? __generic_file_write_iter+0xf7/0x230 [ 212.877446][ T7365] ? udf_file_write_iter+0x2b1/0x620 [ 212.882747][ T7365] udf_file_write_iter+0x2c0/0x620 [ 212.887887][ T7365] vfs_write+0x43b/0x940 [ 212.892156][ T7365] ? file_end_write+0x250/0x250 [ 212.897026][ T7365] ? __fget_files+0x44a/0x4d0 [ 212.901723][ T7365] ? __fdget_pos+0x2a3/0x330 [ 212.906330][ T7365] ? ksys_write+0x75/0x250 [ 212.910770][ T7365] ksys_write+0x147/0x250 [ 212.915115][ T7365] ? __ia32_sys_read+0x90/0x90 [ 212.919896][ T7365] ? lockdep_hardirqs_on+0x98/0x150 [ 212.925110][ T7365] do_syscall_64+0x55/0xb0 [ 212.929535][ T7365] ? clear_bhb_loop+0x40/0x90 [ 212.934229][ T7365] ? clear_bhb_loop+0x40/0x90 [ 212.938923][ T7365] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 212.944833][ T7365] RIP: 0033:0x7f4132f8f749 [ 212.949258][ T7365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.968875][ T7365] RSP: 002b:00007f4133d71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 212.977298][ T7365] RAX: ffffffffffffffda RBX: 00007f41331e5fa0 RCX: 00007f4132f8f749 [ 212.985277][ T7365] RDX: 00000000fffffdab RSI: 0000200000000000 RDI: 0000000000000004 [ 212.993254][ T7365] RBP: 00007f4133013f91 R08: 0000000000000000 R09: 0000000000000000 [ 213.001231][ T7365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 213.009212][ T7365] R13: 00007f41331e6038 R14: 00007f41331e5fa0 R15: 00007ffc08cc0ad8 [ 213.017294][ T7365] [ 213.020778][ T7365] Kernel Offset: disabled [ 213.025170][ T7365] Rebooting in 86400 seconds..