last executing test programs: 2.436018908s ago: executing program 0 (id=798): sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[], 0x18}}, 0x20004000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, 0x0, 0x0, 0x291c9}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERY_INTVL={0xc, 0x21, 0x20000000000080}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x34041043}, 0x4004000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840) r0 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 2.435158897s ago: executing program 0 (id=799): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x60880, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r5) socket$inet_sctp(0x2, 0x5, 0x84) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) r6 = socket$kcm(0x11, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000140)='\r', 0x1}], 0x1}, 0x4) 2.277005731s ago: executing program 0 (id=804): unshare(0x62040200) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000700)='./file2/../file0\x00', 0x98556, &(0x7f0000000600)=ANY=[@ANYRES64, @ANYRES32, @ANYRES64, @ANYBLOB="c4a64403b35ce6ac702d4066bc8c33116a5c047bd2dc43ebaaef9380a33235c9effebefd4ec5458a65c092c38189fb7398c3d96657f4c2d0358564b32c6a9013c011a78e6fc3c3d98c72439d70c019836d6b2c46a7cbe0dceea2ef6daf4b94d6971def97cbbb5f581e1c1a0a848d379d3ab9b66ce97492846ef046125f761d3856d5cb4e1a9828d36a06db37e7f20147a0ef5a2c4be450cd5811d14e7d9f", @ANYRESOCT, @ANYRES32, @ANYRES64, @ANYRESOCT], 0x1, 0x1221, &(0x7f0000001980)="$eJzs3M9rHGUYB/AnSe22qfmh1moL4ote9DI0OXjRS5AUpAtK2witIEzNRpeMu2FnCUTE6kkQBM/+CSKI4E0Qb3rJxf9A8JaLNyuII5uJaVdXSfyRDeXzucwDz3x333eHXZjlfWfnuY/eXF8rs7W8H5MTEzG5EZFup0gxGb97N55+9ptvH7t6/cblpWZz+UpKl5auLTyTUpp9/KtX3v70ia/7Z17+YvbLRmzPv7rz4+IP2+e2z+/8eu2NdpnaZep0+ylPN7vdfn6zaKXVdrmepfRS0crLVmp3ylZvqL9WdDc2tlLeWZ2Z3ui1yjLlnam9kaR+byvlr+ftTsqyLM1MB4d3Yr9a+eR2VVURVXVfnIyqqqrTMR1n4v6YidmYi/l4IB6Mh+JsPBzn4pF4ND7//rOtQQIAAAAAAAAAAAAAAAAAAAD47xx2///53bPGPWoAAAAAAAAAAAAAAAAAAAC4t1y9fuPyUrO5fCWlUxHF+5srmyv1se4vrUU7imjFxZiLX2J393+tri+90Fy+mAYaEe8Vt/bytzZXpobzC7uPExiZX0i14Xwjpu/OL8ZcnB2dXxyZPxVPPXlXPou5+O616EYRqzHI3sm/s5DS8y82/5C/sHvevsbe8fSRXyIAAAD417K0b37U/XuW/VW/zh/8/4Hh+/NB9sKJsU6diCi33lr/YPHjXm9Q5EXRUhzb4uR4h/FzVVX/11tMHYOP92+L+psyqtWIiIO8zk+jWhMRcTwm+Kdi3L9MHIU7F33cIwEAAAAAAAAAAOAw/ukKwQ/r5eEHWvk47jkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/sQPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCrAAAA//+7Ls2D") r0 = socket$inet6(0xa, 0x3, 0x4) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) 1.993119508s ago: executing program 0 (id=815): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xffff}, {0x3}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_RATE_ENABLE={0x8}, @TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x7fffffff}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) 1.830031453s ago: executing program 0 (id=820): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000002c0)={[{@noauto_da_alloc}, {@bsdgroups}, {@noquota}, {@norecovery}, {}]}, 0x1, 0x4be, &(0x7f0000000540)="$eJzs3ctrW1caAPBPUvyMZ/KYYUgyMAlkIPMglh8MsWdmM6uZWQSGCXTTQuraiutatowlp7EJ1Gl3WXRRWlooXXRZ6D/QbppVQ6F03e5LFiWlTV1oCwUVXUmO/JArGjsC398PbnTuOTf6zrH4jq+OrnUDSK1ztX8yEUMR8UlEHKvvbj3gXP1h48HN6dqWiWr1yleZ5LjafvPQ5v87GhHrEdEfEf//d8QzmZ1xy6tr81PFYmG5sZ+vLCzly6trF+cWpmYLs4XF0YlLk5MTI+Njk/s21tsvP3f78vv/7X33u5fu333lww9q3RpqtLWOYz/Vh94TJ1rqjkTEPw8iWBfkGuMZ6HZH+EVqr99vIuJ8kv/HIpe8mkAaVKvV6o/VvnbN61Xg0Mom58CZ7HBE1MvZ7PBw/Rz+tzGYLZbKlb9eK60sztTPlY9HT/baXLEw0nivcDx6MrX90aT8cH9s2/54RHIO/GpuINkfni4VZx7vVAdsc3Rb/n+bq+c/kBLe8kN6yX9IL/kP6SX/Ib3kP6SX/If0kv+QXvIf0kv+Q3rJf0gv+Q+p9L/Ll2tbtfn37zPXV1fmS9cvzhTK88MLK9PD06XlGJ4t9b3X2fMVS6Wl0b/Fyo18pVCu5Mura1cXSiuLlatzC1OzvVHoOeDxAJ07cfbOZ5mIWP/7QLLV9Dba5CocbtUX6t8BAKRPrtsTENA1lv4gvbzHB3b5it4t+ts1LD1S1J8LCxygbLc7AHTNhdM+/4O0sv4P6WX9H9Jr6zm+swFIo+6s/wPdZP0f0muo5f4/mZb7f/2q5d5dIxHx64j4NNfT17zXF3AYZL/INHL/wrE/Dm1v7c18nywK9EbE829eef3GVKWyPFqr/3qzvvJGvb63G90HOpbk71jj0S9yAEi1jQc3p5vbZuXxg4/75b/qFyHsjH+ksTbZn3xGObiR2XKtQmafrl1YvxURp3aLn2nc77z+ycfgRm5H/JONx0z9KZL+Hknum/4o8e+902n80y3x/9AS/8wj/1QgHe7U5p+R3fI/m+R0bObf1vlnaJ+uj24//2U3579cm/nvbIcxnn3rxXtt49+KOLNr/Ga8/iTW9vi1vl3oMP79p574Xbu26tv159ktflOtlK8sLOXLq2sX5xamZguzhcXRiUuTkxMj42OT+WSNOt9cqd7pH6c+vrvX+AfbxN9r/LW6P3c4/h9+/9GT5/aI/6fzu7/+J/eIPxARf+kw/jdjnz/drq0Wf6bN+LPb47cs8NXqxjuMX37tP30dHgoAPAbl1bX5qWKxsKygoKCwWej2zAQctIdJ3+2eAAAAAAAAAAAAAJ16HJcTd3uMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHwU8BAAD//zAx0oQ=") lsetxattr$system_posix_acl(&(0x7f0000000040)='./file1\x00', &(0x7f0000000140)='system.posix_acl_access\x00', 0x0, 0x0, 0x2) 1.662447484s ago: executing program 0 (id=826): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10c4, 0xea90, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000000c0)={0x18, &(0x7f0000000100)={0x20, 0x0, 0x8, {0x8, 0x0, "392cdaab4a73"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000000)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x20, 0x1, 0x3, "c282fe"}, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000000200)={0x44, &(0x7f0000000840)={0x20, 0x16, 0xe, "553c9109fd9b81b48064a66d96d1"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.439828945s ago: executing program 4 (id=839): bind$netlink(0xffffffffffffffff, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) socket$unix(0x1, 0x1, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x7, 0x2, 0x1}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4040001}, 0x0) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000006c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x5, 0x4}, {}, {0xffe0, 0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x9200}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0xc010) r5 = socket(0x400000000010, 0x3, 0x0) r6 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=@delchain={0x2c, 0x65, 0x1, 0x70bd2e, 0x25dfdbff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff3}, {}, {0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804) 1.323459068s ago: executing program 4 (id=847): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) close(0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xd}, {0xffff, 0xffff}, {0x3}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_RATE_ENABLE={0x8}, @TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x7fffffff}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) 1.25113433s ago: executing program 4 (id=850): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', 0x0}) r3 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d0020073f0000", @ANYRES32=r2, @ANYBLOB="00000000100000001c001a80080002802d00", @ANYRES16=r3, @ANYRES32=r3], 0x44}}, 0x2000040) 1.187097029s ago: executing program 1 (id=854): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x6, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r1, 0x26, &(0x7f0000000000)={0x1, 0x1, 0x0, 0x3}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r2, 0x7, &(0x7f0000000000)={0x1, 0x0, 0x4}) 1.075469864s ago: executing program 2 (id=859): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, 0x0, 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000f00)=ANY=[@ANYBLOB='-', @ANYRESDEC, @ANYRESHEX], 0x27) 1.00432863s ago: executing program 2 (id=861): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) close(0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xd}, {0xffff, 0xffff}, {0x3}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_RATE_ENABLE={0x8}, @TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x7fffffff}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) 990.028314ms ago: executing program 2 (id=864): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x0, 0x3dfa708e056562c6}, 0x48) r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa0000000003"], 0x1c) syz_emit_ethernet(0x0, 0x0, 0x0) 972.222612ms ago: executing program 2 (id=865): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ppoll(&(0x7f0000000000)=[{0xffffffffffffffff, 0x2340}, {r0, 0x9482}], 0x2, 0x0, 0x0, 0x0) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) 651.689428ms ago: executing program 3 (id=869): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x79}) munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0xd0fb8000) ioctl$UFFDIO_MOVE(r0, 0xc028aa05, &(0x7f00000000c0)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000c76000/0x1000)=nil, 0x1000, 0x2}) 651.369778ms ago: executing program 3 (id=870): sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[], 0x18}}, 0x20004000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x34041043}, 0x4004000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840) r0 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 650.395911ms ago: executing program 3 (id=871): bind$netlink(0xffffffffffffffff, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x7, 0x2, 0x1}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4040001}, 0x0) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000006c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x5, 0x4}, {}, {0xffe0, 0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x9200}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0xc010) r6 = socket(0x400000000010, 0x3, 0x0) r7 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=@delchain={0x2c, 0x65, 0x1, 0x70bd2e, 0x25dfdbff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff3}, {}, {0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804) 583.619115ms ago: executing program 3 (id=872): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=@updpolicy={0x1bc, 0x19, 0x1, 0x70bd25, 0x1, {{@in6=@loopback, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x1000, 0x0, 0x9, 0x0, 0x5}, {0x0, 0x0, 0x800}, 0x200, 0x0, 0x1, 0x0, 0x1}, [@tmpl={0x104, 0x5, [{{@in6=@empty, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2040}, {{@in=@loopback, 0x2000, 0x3c}, 0x2, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {{@in=@dev={0xac, 0x14, 0x14, 0x43}, 0x0, 0x33}, 0x2, @in6=@ipv4={'\x00', '\xff\xff', @local}}, {{@in6=@rand_addr=' \x01\x00', 0x4d2, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x1, 0x0, 0xc}]}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x1}, 0x4000) 528.436558ms ago: executing program 3 (id=873): r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000010d804dd0000000000000109022400018000000009040000010300000009210500000122050009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x2, "d2903a4e"}]}}, 0x0}, 0x0) 388.882539ms ago: executing program 4 (id=874): openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xd}, {0xffff, 0xffff}, {0x3}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_RATE_ENABLE={0x8}, @TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x7fffffff}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) 341.725922ms ago: executing program 1 (id=875): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x0, 0x3dfa708e056562c6}, 0x48) r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa0000000003"], 0x1c) syz_emit_ethernet(0x0, 0x0, 0x0) 324.717578ms ago: executing program 4 (id=876): sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4048801) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x44, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x19, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10010}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) r0 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 272.276076ms ago: executing program 1 (id=877): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$unix(0x1, 0x1, 0x0) r2 = socket$kcm(0x11, 0x3, 0x0) accept(0xffffffffffffffff, 0x0, 0x0) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newtfilter={0x58, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xb, 0x2}, {}, {0x7, 0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x28, 0x2, [@TCA_BASIC_EMATCHES={0x24, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x5}, {{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1}}}}]}]}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20041090}, 0x8000) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000140)=@xdp={0x2c, 0x7, r7, 0x3e}, 0x80, &(0x7f0000000280)=[{&(0x7f00000004c0)="f636039de9c166c9bd5cc616c3a50266b277bd832d79", 0x16}], 0x1}, 0x0) 233.339112ms ago: executing program 1 (id=878): r0 = socket$kcm(0x11, 0x3, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r3) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$unix(0x1, 0x1, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xb, 0x7}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x7fffe, {0x0, 0x0, 0x0, r9, {}, {0xb, 0xb}, {0x2, 0xb}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}}, 0x8000) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x0, r10, 0x3e}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accbe1ba0777cfbf6af27256da82f6184b8a34f9015cc99e57000000", 0x40}, {&(0x7f0000000080)="31e4c68cb3394eb6919248408e778435809a5aa45d47a123561bf34576af", 0x1e}, {&(0x7f0000000240)="638a3a5e9a5de822ae65fb0049de41e3f6410e100000004d1b7be14da82a7aa343218784aa41445fa2afa0b06cf25e1a5520289a99acb81981be6a5ee411f57cfff16b82b52527fb585b8ad7b826a996d46c", 0x52}, {&(0x7f0000000640)="737695c6e89e90e20e43383b3751d135ba58542413f895a7a4d87739b34e9a1b5ed8bc3df27c82146fe02cca42746b9948d19cb10515298c5825247268d2dc70d1cd4cb24ac8d2e30c3fecc15443eb8ff4a562f89d721ae93572c76d3624493f5c317d3fb488b1f90029570de5b6db3dd719d616414f7cf74dbe53d38ef6c12d2126e2faf35f6754658d5b644ce937d1fb84fead243694006d9d7c6b9f8138356024e6e52784c924b5a068864a558d1860abf697e58af39a25a44d1d55e9aa30210637d8e57fe7f5f754da54579a858c6a746aa24e07af3ba08d95b0729725ca1f8c6e8c5b91421d9ca76376280aae5a10916489671210b61b9f967d02c17b09be39cd31770a78ee8247ceccebc9e47190338f4d24323c6a19745be5574509822332d9de53223a2060ee600de86303812af60734823cd0850bf98b8f43268fce864441d490981dfa017f088a29fa61827f5cccd4a5d6296615ab06effca1e5a57347b397942013defcfceebbf7d0d5d90ac198e4056e6786654d6bc3907cdac797863dab8b75490ecf948930eca16cd78298e3ac4ff5fb8c449136087c6b2d3a9ba3c29d1c3c511b5dc1bad67f18a0ebd6eecf6997723db779f355b6a2a25835888e0c44cda136d1", 0x1c8}], 0x4}, 0x0) 172.977328ms ago: executing program 4 (id=879): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file0\x00', 0x8c0, &(0x7f0000000080)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119], 0x4, 0x4451, &(0x7f0000008900)="$eJzs3T9sVPcdAPDfe3aLTYHalIFKlXpSUVu1lWUz0RqpxhiMDS4VLQxdjrN9gJuzD9nnKAODoyxImSJliDKgRMrmCXnLRJZIGbNkJDNSMmSJFAnlort7Z99758MX4sMBfT4S/t37/be/9373e8PxixOVO0truaW1XGElV164tXY693q5tL5cDHHWp205+6Lr8TlQvYiT2B+cq+cv/ufG6RA+WfziSbVarYaa/rCrsZbX335zb6E1bYpbL95q9Lt7b/vlfyGEE23zqukLIQwkr88l6WSSDoYQjoUQohDCjXtv38zt02wePi6ezT+du781fmp288FW5989CuH90m//dnv5qz/0jX/5l30aHgAAAAAAAAAAAAAAAACAl9z0tavX/z06Fh5FoX8zav++7nSSdvp+bHXf/L73vywAAAAAAAAAAAAAAAAAAAD8TO18/z8XHd/l+/9TSTrRoX31n92N88efOE96Y+ZfV6cujI4l579HbeVnkqyvz/WF4eb56p91Pv/9XKb97ue/t4/zvJrza447FKJ4JHUdxyMjIXyYHPx+Mjocl8prlb/eKq+vLO7bNF5a6fg3Tu9PRSc50D8V/2ec/z+Z6b/35///pu3dVLu+uX9vsVdaOv59Het99Gb0jPj/crve+Uy7FxF/nl86/v31vMHWChONBaAW/3f6977/pzL99yr+x0IIuag211xqBajtYWr5nfYrpKXj/4t6XmrpTP6Qne7/7zLxv5Dp/6DW/43sBxG7Sse/sY4PpGrs3P/D8d73/8VM/wcR/9r8N3z+dyUd/0ONzP5Ulfpfstv1fzrTf6/ifz1O5nksSr0DNqNGfqf/r460dPwH2sp3nv/irvb/lzLtX9TzX3Pc5vNfc/n/c9R4/mN32/HfCk+q1cGO9bq9/2cy7Xq9/k/U939tzpzo5aCvkPT9f7iel947D9V/dop/NRP/2Uz/zxH/jzs/he6o70oGmvHfWU++P9TI/8D+ryvp+P+qkRm31tio/6zv/6K99/+XM/0fxP6vNv+NuLejvirS8T/SsV4t/p938fl/JdOu9/EPYbT5BmjfvrCHdPyPdqxXv/8H9o7/XKZdr+P/p152DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPASmEzSoRDFI6nrOB4ZCeF8cn0yHI7mC4v5+VJ54bW1EKaS/Fw4Ht0ulecLpfzSSnmxmC+USuWFEC4k5SfCQLRWKlfyy4W7F7f7GozuFAurlflioRJCmE7yfxeONvuaX6osF+6GEC5tl/06Lq/evVNYyS8urf5jdHR0NMxsz2E4Kr5RKa5UGqM3SkOY3W47FLVMrl58eXsuR6L/l9dXVwqlev6Vljal8kKh1NJmLil7NwxHldX1lYVCpZgvlW83xztIE0k6NXPtv9eujLWV34wa6eSLnRYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9Kj8b+/F0Lob1zFIYRclLyIkn8pDx8Xz+afzt3fGj81u/lg68ludQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4gR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirs0j9KA0EUB+A3Y6Glx7BadjvbFUW0cEXwBHoMD6NH8RLewSJF2hQhkMxC2D+wTVJ9X/Ngfsy8B/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACWe3zr3l/rJiLF1fYy4vfz7/84fy71+276/sUZZuR0nl66+4e6Kf+eRvltOVq1eZ9u1l8fMVF7P4M9Ge7TwbjP0Ny+zc3X972OlKuIaEt+k3KuqmVvAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3jqJvAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//9HQIRk=") setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xb, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000140)='./file1\x00', 0x121c91e, &(0x7f0000000000), 0x5, 0x4ff, &(0x7f0000000180)="$eJzs3dFrW3sdAPDvSZvZdZ3t0Ic5cA43aYcubVe3FR+mgujTQJ3vs7ZpKU2b0qRbW4Z2+AcIIir45JMvgn+AIPsTRBjou6h4udy73ftw4d67XHKSbG2XtN2WNKX5fOAkv98vOfl+f01zcn7n/DgJoGddiojLEfG8UqlcjYjhenumvsR2bclGxLOnD2erSxKVyt33koik1lZ92tiO1zxTX20gIn78g4ifbWRfiVva3FpKtgv5tXp9vLy8Ol7a3Lq2uDyzkF/Ir0xNTd6cvjV9Y3rizTo2sLs6FBG3v/e/3/7qT9+//bdvPPj3vXfGfp7U2yNe9qPdkvQ2uyud/ohY60SwLumP2v8HAADHX2M//6sRcTWGoy/dmwMAAABOksq3h+KTJKICAAAAnFiZdA5sksnV5wEMRSaTy9Xm8H4xBjOFYqn89fni+spcba7sSGQz84uF/ER9rvBIZJNqfTItv6xf31OfiohzEfGb4dNpPTdbLMx1++AHAAAA9Igze8b/Hw7Xxv87fNy15AAAAID2Gel2AgAAAEDHNcb/A13OAwAAAOgc5/8BAADgRPvhnTvVpdL4/eu5+5vrS8X71+bypaXc8vpsbra4tppbKBYX0mv2LR/0eoVicfWbsbK+MV7Ol8rjpc2te8vF9ZXyvUWzCwAAAKBbzn3l8b+SiNj+1ul0qTrV7aSAI9G/p57s9+T/djYX4Gj1dTsBoGv2fv8DvSPb7QSArtt33L/fpUH+3v5cAACAzhj9UvPz/30Hjgm2M0eUItAhjv9B73L+H3qX8//Qu7LRFwby0NsOugTo25//r1ReKyEAAKDthtIlyeQi0uMAQ5HJ5IYizqZjgmwyv1jIT0TE5yPin8PZz1Xrk+mayYFzhgEAAAAAAAAAAAAAAAAAAAAAAACAmkoliQoAAABwokVk/p/Uf+t/dPjK0N7jA6eSj4bT+4h48Ie7v9uYKZfXJqvt779oL/++3n69G0cwAAAAoGdlWz3QGKc3xvEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0E7Pnj6cbSxHGffd70bESLP4/TGQ3g9ENiIGP0iif8d6SUT0tSH+9qOION8sflJNK0bqWTSLf7qN8U+9QfwzbYgPvexxdfvznWaf/0xcSu+bf/5upluot9d6+5d5sf3raxK/2nb2kDEuPPnLYMv4jyIu9Dff/jXiJy22P5cPGf+nP9naavVY5Y8Ro02/f5JdscbLy6vjpc2ta4vLMwv5hfzK1NTkzelb0zemJ8bnFwv5+m3TGL/+8l+f79f/wRbxRw7o/5VD9v/TJxtPv1ArZl+snryMP3a5+ft/vkX8TP39/1q9XH18tFHerpV3uvjnf1zcr/9zLfp/0Ps/dsj+X/3RL/9zyKcCAEegtLm1NFMo5Nc6WqhEx0O8VWHHX2PgtVOt7hYdi14cz0L177qrpbqbehwSy6+VftGBV67umXe7X+0odHWzBAAAdMCrY2AAAAAAAAAAAAAAAAAAAADgqB3F5cSye2Jup7ftuHo+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED7fBYAAP//7gnO/A==") dup(0xffffffffffffffff) io_setup(0x2017, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000100), 0x4400, 0x0) io_submit(0x0, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_setup(0xc58, 0x0, &(0x7f00000004c0), 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f00000001c0)=ANY=[], 0x118) 123.13175ms ago: executing program 2 (id=880): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup(r1) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) writev(r0, &(0x7f0000000180)=[{&(0x7f00000001c0)="2e8b3d0007e03dd65140dfffffffff3f86ddf0f70aa10009119ce2b26712e900052f8db0049d90491ceafa8533f858dbb8a1000000000000", 0x38}, {&(0x7f0000000240)="e0cc03bfa963dfd40abb", 0xa}], 0x2) 65.536096ms ago: executing program 1 (id=881): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TESTMODE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0xdc4, r1, 0x200, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x80000003, 0x1b}}}}, [@NL80211_ATTR_TESTDATA={0x4}, @NL80211_ATTR_TESTDATA={0xd95, 0x45, "d130d66c434ebceede0525265865bae9436facce184810002302d109d83cab8c16861e85f8dca3221e1e2bcf2b27595f338bdc2567e5059fabc60485008e3c546568cf78c41b95a45bdb74ae7e4734ece65414a22581ec899096f48caebca2bce673de27477997b1fb43eca300b0054608f9deff1d3b2e8aa9ec33613d625f8440d719aa985698c98cf3b60269eeb8de61a54ca25b8d8f4d1222d0b463619655b171ee2bb4dd4a5ffb0f3aedf70ee2346e68da13962b2ef7d78d6aecab1a9ca87726ad1f759efe0dc849597510ed2900f6fd26486851e27ff7c0d7b0b082669d510abb61467e4f0767eede430fa093ab0088bdbc7c7f08b1fa854b404d3dc38aff2f6d04cab3fde911d42bdaba3513932c8933228fe6560bc46e31aad816786058171bee0bb20c263745ec0137edd9de7d82844802a17da4d2138c73923b6713815d11ab7af8b9af3c9aded86ebc0e0e30efd6d85d287087664cd5a19ffa86e6772dcaaf01501bac34cc500d464176bc89f09d16ed18d08198a330d15f0b905c6ac0d68a51018ac1ee947ed63d38eb896cbf6fff8c64b2d4da2423d38bf4630ae7e62296c72a4ede46a6412d74d1b576ae5794a7a9b44f471c332bb02f209cd8e191ed9fbc4364424ca68597156d835778342d7ec8cfcefb00b7ae4491a7539d0cd547bced8a1eb19ec50251992da7686269aba97d1c434e7ba1fa6bb1b283034f507d7f1801cab2295e436a0f68afae1cd2f5b20919ed1f49dc70e2178585fc579285a6a35fbbbb31544149c4b4a1b2b5751682bb53abe3b2dc4fd51033fab4bd99c59095c311a36ec64e511a2b17c4211c8c0704aaf47868ab2291eacb51df3e065b19271a164f8d8b722e0659e3c95524fce3f811503faf05d5294af1ce8d43a87595f3913aeea0c4725cf9b96bc3e847e53e7056a13588f2197e657a8c50f23c38341a22090eaf4ed2a21bc0e04a5efc894817b3b4de743a32f0e9178d9cea8d7fdc2040654b8b08d72c603567a4d1bf910adaebce0d2e8007c3f975f2c42f91dec5d461995beeb6ba18334986b5425878a34a7dd731d46e7a66b22f8358d951946087c77b3e5db68ff27a93e6f16b296313ab46f9a13f944aee84ab1127d5caf16a500826b569a25181cf41857cfa7ddbedf885deb37c0804f1cc2a52f3bc71d65c000a5b13d2911f5f75a3defb3c7b5541109e750c28ba069b8fddb517f48e2057bb0193064c9385ddc7fe5e7e697229ebff7e25dabdbe364a447fb93ce171130795043888849c060d1624cf4b10c8f1773671350d022c37059760ccec21f9f360372906ddd067cb883b7388bd40c914965c8ba96f5a84f0719ca1a6587729ac8a983360e9aac54878315fd4178d87a36cf4f1c2feeebcda3638f191d165a749e20c64adbca1ac5745fce5ff5e839e916b2a87357380118a450c96536e9b65ef3fce985b1dd7159bef3768a632b06ef83d14d70f97728866be13176cc78359c920560f884648c52c605b0703895c0248b93a1e03276d18e6e32922df9252423ac97816377d787f5a9e1f7493b45c671b53784458d6b5cdfcd111f9a72d4bb9fb6d43db519f6b6b2415043f8cd2e9e9402a70a821dce2bd759d624cfbb610ee18cd4abb3a572ffe08faffe6316fb1f7f3ce5b41e8ea64d471174011d88de5d559873b4814a4d3507e5130af25ed08ad01f70a2ba16e89f2f9b6538d53c7c49ce23cb072da37facdb3f6cb7f6afc7d730ca49ce97210ee80ee926affed18bf031c97fd2fe062c26118d3f0a3b47a194be5b939ae9a36afbb2bbcbf8836f19abcd3ab8d3495e4c253b4a505ede0b26a24ad07f38376d0570a058506c40590bf304a197e7a229aa049b5c7f37abc3d871463a40b251cb7c74f8825d54dcb321b3ac81d1ad47af1de2730192cb0d822eacae6844650470cecf3e50dcda3cd6d06f0c8a31af382b58d44bf7765f7eb1257afcca6b43d7d9134b65aa9c11666619cdb549032975d8b7f343f45dee8c9f533ecdc1053296eb75f33f0d52551d9ede18753f4d8b654bb7b8433e7ba1f0c14083a176a25b1543c5ed9ec0d2fe5c7197c2905bcf89e31ee020fcfc0b4b10bbd3aee87e2bbd64d97f53017f77685bc4b6d907ba2a9d471f6acf58d04b63a4bfde0b07a5308333ce28efa66b034bc8fd5740cab1de3408c6b9d7b436730484676bbaf532f3737a3f069b2c55046ac4557db16af463a536c21959f8237e5dbdb9218639d3f0a407911577a80edb8844c21e4d1f77009b9e2be631e94840bd4ab4fd1aca6f2a44f48fa03686d3cb0801e7487da0ab41da16d1f2188e21c7574d57edbfe2edd7a2a8bf53ef302d28ed1bf6e6c21cf23b63d84c5566016b5b1c4a0c264e5958faf36bfcba365176868bd7a1b376eb654268aa6e736bad21049b8063655fddbcc38308d0988785645e1624d58ce04a85a457650c0a883eff14cbbb8b103bc5376651a7b14ac78ac320db0671cab52bbd29ef52d7c96fe2b17dea7f46d43615ed6e391bed6cb1e0dce158ec730d33a38b69b1cd810330d4c97605aaa97837603b64885af155d973196f484100a129eeb03a2116e9ebd1ca990d0b1a9c3cbe8bb4b2fac635ba28432ed36d2f39b9535fa9a6eeaa23b726f4e70906cff656cca8b311ea4ef91798fdb540d41c6460ca45833273a340a4db80e732a9032889834e1fd389371c529270de9e07a0594ae2517ac589cc42b3ff3baf54d4a0e4683d0c5db49d2f44b15df86eb037df7bcfd2c02af6329289df2d37f431840df65e61ef3fca46e9793da1bc7a0b316260c271ea0f6bfbbe51a4d48efbc3dcc75a4079baa5c98c2088576022db007b31d548c584d860ec2a5fa49ebbd8a1bd6a59b0988620efb0dac8db087d35168b795d6f59655368d384c3a5bff06c8ed22a3d06aeaa45d68f05837e91f1a7b7d277326c18833fc557a74b1242d57e64700414af89a80a6daefa964cfd5141f158cfd1653468a641fa1a310513089e82781d0d44c108802ceabcc3136d920822d1f42737118e86f71ab0f8d0dbdf60c9d54b881f55fd38f6bca2a9ebd1308551f70e80e9f487a1b51a4b50765ac5ff2c4bc0d1df84b6421edd1ae1ca5c0e0727a996cf3187a40cf942b915869aa6491c0aeccc869a31fa7ffab242c0660102fc436b4663ff0d2109e128db91bbd383c148895010b55fb1a204ab1230e501a7e8dfc3be1c6d7bf60991c885fe58cb7de75a776813921e7fdbdcd8e48606054254895f2dd09bfdd8999a2f4e34783971d0a6feeebd3d0628d671a42d4b2b144e72a3a7b72d41345e9d4b9b001bad910673735d877e314ff9816d08f2129d05f6496af1ded9db36c1e9c086c3f62faecf2c70afa4078b11d6ef5de786f2e5efe9e77eeb2a30e84c7231fa7bbff3e827180dcd7b7c6e974ce31f520c16d243e54eb90ad5ecb1fe16376a1d969e8bb66a3d906c833b4f65b93aac8b400578b989995c5b757a252f2e6d30b8f0d218bf43071df79fed8bea3ab5f7384bd0be744fe72d386f5d96dc1d746e134b672e414d33ac0f6bf4d9b20ed0ba310d8b6e128a619b7191d4327220253b7e576f017c94668c89c43beb18cb208338e679d3e6c78ba5b6c6473ae3cd14b26e56b801cdfa46c6527fad8fbfcbb82f83035cffe0e234a33307b150973c622494d35901ca26d81b39fdf830e7f70ddacdd3e2603e78a181b548a65cf309b0d5bbbcbd80ce65b7a3b3c4a267500c2682b49961dc7364b55aa5ce0efd7cde8aaa74218d36e3426ecc11bbf1d8eb2e22f1378dea51f59fdeea850fd784f1c7123ac69d1e59a7c259cebd2f85765a0883e664a3e38bdcf86b96604df86fa81bfb34b6cc451871481c017968ba4b3daf5b57ed8c143faac765e9122ed70f0a6131c0a8211cac8dd509bc68c08eb38415142110cd27385ed69f3aba8045f95163c3eb059173e62401b6ad5c536158e8b44ef2565011cb0f83bc00134905c38f15b4734c5e6d147a3fd38692835cd17cee3d1f74b1171e02d0f68a31a8e3ac8ce0c5a9485e9518d374b38d2c931866b058de76dfa7143e03720fb7eee80a55acde009f9343c24b3bac6ffc091d6c486b72d58dae9042b39600ba3102d1954e553895b0a202cdda15e5355c49847b4bf395b4fc5e916cb85b21c50273c8e9330d39bb7e8c479987e2fc1342481c7e18d4eb487f43b8afbb6fae0bc4b08bf950bd2be2546d28aa133a9c24dc36045573818f0b492c4dbf3b086b3f9afca3a9a287afe155c39d7ffc56b2c533549e8d6e5bfd7083ccbf036091dc9e149255827cd9cb7f21c7af48dda29c670bcde5cfbba29c104f3b0b1a3d6fbd6e1222d678908755e507f32868d10e1691b3aff0d4fffe451ceccf1d0cd164616d1bf5f02a38fef14c505aebdf685b468cf5f63672a5bb6d9b06a6d3cca7933500351f00c58a96e5945cce3ea880c269fe898c2ad32310dd6149861d17b902b75226c240484005803543e456a210adecd71cb0b051550a1d5818c40f02becc4a9878540ae5127865ca49dfb79336df234d0f006c09c13a0b0479427ea7c800848dc88aee69711295b1043bf1497e212751bf8962f3595cd3aea6edcf051d77eff6caaa44f1c2521c397f7ab974928d67275146ee7c84c0baa128d3adef759c25ad5a333c237f356e283710eb18ab22eb9b4b3417dbec755da1d3c5ab2b15d60e22d749b65577c79dd0d71b80239b857bced77aed11b64fe2add28407581398640fa3d286ffdf612015b51ddbc99ab67e2dc5ec74a3be4e03226d1d82243e3efa7137764c2fd4197f5890a82ab9e0a959e25c888069be4ed5d7eaacdff9b8048e7a11d281ee6248d550ad97e32191e8e64de4aa1f11b52e429fba04fb74a4e1a46718b5a46cde35dfb690775917d6237fc7c50b7c61956"}]}, 0xdc4}, 0x1, 0x0, 0x0, 0x20000000}, 0x1000) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 438.629µs ago: executing program 2 (id=882): bind$netlink(0xffffffffffffffff, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x7, 0x2, 0x1}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4040001}, 0x0) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000006c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x5, 0x4}, {}, {0xffe0, 0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x9200}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0xc010) r6 = socket(0x400000000010, 0x3, 0x0) r7 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=@delchain={0x2c, 0x65, 0x1, 0x70bd2e, 0x25dfdbff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff3}, {}, {0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804) 176.292µs ago: executing program 3 (id=883): syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@nodots}, {@dots}, {@dots}, {@fat=@uid}, {@dots}, {@nodots}, {@fat=@gid={'gid', 0x3d, 0xee00}}, {@nodots}, {@nodots}, {@dots}, {@nodots}, {@nodots}, {@nodots}, {@fat=@tz_utc}, {@fat=@check_strict}, {@fat=@sys_immutable}, {@nodots}, {@fat=@usefree}, {@dots}, {@fat=@umask={'umask', 0x3d, 0x1c}}, {@dots}, {@fat=@nfs_nostale_ro}]}, 0x1, 0x1f5, &(0x7f0000000600)="$eJzs3cFqE1EUANCbmCYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadmKYxBDKj7Tmb3pn7Xt+7M2SSTW5SFL7f/RpZ1or2fuzHpBW70Y6ZswAArpNJSvEjFZreCwBQjzXe/3/WvCUAYMvevnv/+vlgcHCY51nE+dl4OB4Wf4v8y1eDgyf5b7vVrPPxeHjrIv80X/zsMM3vxO0y/6yYn1+kuxEx7Mbjh0V+mnvxZpD/Ob8XH7dcOwAAAAAAAAAAAAAAAAAAAAAANOV+5DNL+/vs7S3m+2W+OJrrD7TQv6cT9zrlYdUeKJ3WURQAAAAAAAAAAAAAAAAAAAD8Z45Pvnz+MBp9OqqCXkTMn+ksGXN10Cr/8VqDmw/asdn0flnmBou2yku03QL7y2/uOkF0/pW7s2mQ17BWf+XlTWkaLH8VzNpiXDm9GxGrV390uOnmJyml0bcHR8cnkVYOrp4RvVqfSAAAAAAAAAAAAAAAAAAAcHPNfev7kqyJDQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAA6rf/58Gl8+sDE4j4k78dfBsrZ3IGq0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA6+tXAAAA//85ziI4") r0 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00') read$FUSE(r0, &(0x7f00000076c0)={0x2020}, 0x2020) 0s ago: executing program 1 (id=884): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@delchain={0x24, 0x65, 0x400, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x509d884560ba1ba6, 0x3}, {}, {0x8, 0x10}}}, 0x24}}, 0x10) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000100)=ANY=[@ANYBLOB="60b80000", @ANYRES16, @ANYBLOB="050427bd7000fedbdf250100000008000100", @ANYRES32, @ANYBLOB="4400028040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005"], 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x4040084) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x1, 0x80000000, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x8, 0x3}, {0xfff3, 0xffe0}, {0xfff1, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_ECN_PROB={0x8, 0x9, 0x64}, @TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xfe2a}]}}]}, 0x44}}, 0x200000d5) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) r0 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) kernel console output (not intermixed with test programs): ci3: command tx timeout [ 34.515417][ T6573] Bluetooth: hci2: command tx timeout [ 34.519245][ T1470] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 34.523033][ T1470] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 34.529913][ T6695] netlink: 'syz.4.5': attribute type 29 has an invalid length. [ 34.530394][ T6695] netlink: 'syz.4.5': attribute type 29 has an invalid length. [ 34.530787][ T6695] netlink: 500 bytes leftover after parsing attributes in process `syz.4.5'. [ 34.554283][ T6700] syzkaller0: entered promiscuous mode [ 34.555593][ T6700] syzkaller0: entered allmulticast mode [ 35.158047][ T6571] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 35.161711][ T6709] capability: warning: `syz.2.3' uses 32-bit capabilities (legacy support in use) [ 35.202536][ T6710] team_slave_0: entered promiscuous mode [ 35.202573][ T6710] team_slave_1: entered promiscuous mode [ 35.216052][ T6710] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 35.223159][ T6709] Zero length message leads to an empty skb [ 35.274481][ T6722] netlink: 56 bytes leftover after parsing attributes in process `syz.1.10'. [ 35.282754][ T6710] capability: warning: `syz.2.3' uses deprecated v2 capabilities in a way that may be insecure [ 35.493439][ T6728] loop4: detected capacity change from 0 to 4096 [ 35.498351][ T6726] loop2: detected capacity change from 0 to 2048 [ 35.505608][ T6728] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 35.534173][ T6730] loop3: detected capacity change from 0 to 2048 [ 35.573311][ T6730] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 35.577735][ T6726] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 35.581894][ T6728] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 35.582970][ T6728] ntfs3(loop4): ino=1a, mi_enum_attr [ 35.583053][ T6728] ntfs3(loop4): Failed to initialize $Extend/$ObjId. [ 35.677773][ T6724] loop1: detected capacity change from 0 to 32768 [ 35.711482][ T6715] loop0: detected capacity change from 0 to 65536 [ 35.711828][ T6715] ======================================================= [ 35.711828][ T6715] WARNING: The mand mount option has been deprecated and [ 35.711828][ T6715] and is ignored by this kernel. Remove the mand [ 35.711828][ T6715] option from the mount to silence this warning. [ 35.711828][ T6715] ======================================================= [ 36.295210][ T6739] 9p: Bad value for 'rfdno' [ 36.476147][ T6736] fs-verity (loop2, inode 13): Error -4 building Merkle tree [ 36.526304][ T6576] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.580043][ T6573] Bluetooth: hci3: command tx timeout [ 36.580081][ T6573] Bluetooth: hci2: command tx timeout [ 36.580114][ T6573] Bluetooth: hci0: command tx timeout [ 36.580550][ T6573] Bluetooth: hci1: command tx timeout [ 36.580567][ T6573] Bluetooth: hci4: command tx timeout [ 36.600731][ T6715] XFS (loop0): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 36.610948][ T6724] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 36.612483][ T6724] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 36.861557][ T6572] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.886435][ T6715] XFS (loop0): Ending clean mount [ 36.888465][ T6715] XFS (loop0): Quotacheck needed: Please wait. [ 36.942849][ T6724] XFS (loop1): Ending clean mount [ 36.945802][ T6724] XFS (loop1): Quotacheck needed: Please wait. [ 36.959785][ T6724] XFS (loop1): Quotacheck: Done. [ 36.968130][ T6715] XFS (loop0): Quotacheck: Done. [ 37.122196][ T6567] XFS (loop0): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 37.161249][ T6765] loop3: detected capacity change from 0 to 4096 [ 37.175157][ T6766] syzkaller0: entered promiscuous mode [ 37.175195][ T6766] syzkaller0: entered allmulticast mode [ 37.176466][ T6761] tipc: Started in network mode [ 37.176478][ T6761] tipc: Node identity b2b73ccd6c93, cluster identity 4711 [ 37.176555][ T6761] tipc: Enabled bearer , priority 0 [ 37.181199][ T6765] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 37.207557][ T6765] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 37.207781][ T6765] ntfs3(loop3): ino=1a, mi_enum_attr [ 37.207837][ T6765] ntfs3(loop3): Failed to initialize $Extend/$ObjId. [ 37.212880][ T6760] tipc: Resetting bearer [ 37.259487][ T6760] tipc: Disabling bearer [ 37.398748][ T6769] loop8: detected capacity change from 0 to 8 [ 37.638603][ T6769] Dev loop8: unable to read RDB block 8 [ 37.640281][ T6769] loop8: unable to read partition table [ 37.641528][ T6769] loop8: partition table beyond EOD, truncated [ 37.643639][ T6769] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 37.686430][ T6776] FAULT_INJECTION: forcing a failure. [ 37.686430][ T6776] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 37.686464][ T6776] CPU: 0 UID: 0 PID: 6776 Comm: syz.4.20 Not tainted syzkaller #0 PREEMPT [ 37.686474][ T6776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 37.686478][ T6776] Call trace: [ 37.686481][ T6776] show_stack+0x2c/0x3c (C) [ 37.686496][ T6776] __dump_stack+0x30/0x40 [ 37.686502][ T6776] dump_stack_lvl+0xd8/0x12c [ 37.686508][ T6776] dump_stack+0x1c/0x28 [ 37.686513][ T6776] should_fail_ex+0x41c/0x594 [ 37.686519][ T6776] should_fail_alloc_page+0xec/0x10c [ 37.686527][ T6776] prepare_alloc_pages+0x1d8/0x538 [ 37.686533][ T6776] __alloc_frozen_pages_noprof+0x134/0x318 [ 37.686538][ T6776] alloc_pages_mpol+0x1e4/0x460 [ 37.686544][ T6776] folio_alloc_mpol_noprof+0x4c/0x24c [ 37.686549][ T6776] vma_alloc_folio_noprof+0xf4/0x230 [ 37.686554][ T6776] vma_alloc_zeroed_movable_folio+0x70/0x84 [ 37.686559][ T6776] folio_prealloc+0x3c/0x1c0 [ 37.686565][ T6776] do_pte_missing+0x1e5c/0x2c88 [ 37.686570][ T6776] handle_mm_fault+0x1488/0x2678 [ 37.686574][ T6776] do_page_fault+0x410/0x13cc [ 37.686579][ T6776] do_translation_fault+0xc4/0x114 [ 37.686588][ T6776] do_mem_abort+0x70/0x194 [ 37.686593][ T6776] el0_da+0x64/0x248 [ 37.686602][ T6776] el0t_64_sync_handler+0x90/0x12c [ 37.686609][ T6776] el0t_64_sync+0x198/0x19c [ 37.686745][ T6776] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 37.708650][ T6776] loop4: detected capacity change from 0 to 2048 [ 37.714028][ T6776] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 37.714515][ T6776] UDF-fs: Scanning with blocksize 512 failed [ 37.718783][ T6776] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 37.721066][ T6776] UDF-fs: error (device loop4): udf_read_inode: (ino 832) failed !bh [ 37.721382][ T6776] UDF-fs: error (device loop4): udf_fill_super: Error in udf_iget, block=48, partition=0 [ 37.807692][ T6571] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 37.941589][ T6785] netlink: 'syz.1.23': attribute type 10 has an invalid length. [ 37.941918][ T6785] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.942354][ T6785] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.946839][ T6785] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.946887][ T6785] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.946988][ T6785] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.947039][ T6785] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.949517][ T6785] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 38.037574][ T6787] netlink: 28 bytes leftover after parsing attributes in process `syz.1.26'. [ 38.037723][ T6787] netlink: 'syz.1.26': attribute type 7 has an invalid length. [ 38.037733][ T6787] netlink: 'syz.1.26': attribute type 8 has an invalid length. [ 38.037742][ T6787] netlink: 4 bytes leftover after parsing attributes in process `syz.1.26'. [ 38.044148][ T6787] team0: entered promiscuous mode [ 38.044194][ T6787] team_slave_0: entered promiscuous mode [ 38.044272][ T6787] team_slave_1: entered promiscuous mode [ 38.055541][ T6787] bond0: entered promiscuous mode [ 38.056510][ T6787] bond_slave_0: entered promiscuous mode [ 38.056588][ T6787] bond_slave_1: entered promiscuous mode [ 38.056638][ T6787] bridge0: entered promiscuous mode [ 38.057187][ T6787] gretap0: entered promiscuous mode [ 38.069837][ T6783] loop4: detected capacity change from 0 to 32768 [ 38.078118][ T6787] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 38.096147][ T6783] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.24 (6783) [ 38.122525][ T6783] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 38.126407][ T6783] BTRFS info (device loop4): using blake2b (blake2b-256-lib) checksum algorithm [ 38.220656][ T6797] fuse: Bad value for 'group_id' [ 38.220719][ T6797] fuse: Bad value for 'group_id' [ 38.496657][ T6797] ieee802154 phy0 wpan0: encryption failed: -22 [ 38.944502][ T6574] Bluetooth: hci4: command tx timeout [ 38.944546][ T6574] Bluetooth: hci1: command tx timeout [ 38.944875][ T6574] Bluetooth: hci0: command tx timeout [ 38.945462][ T6574] Bluetooth: hci2: command tx timeout [ 38.945697][ T6574] Bluetooth: hci3: command tx timeout [ 39.017117][ T6795] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 39.027868][ T6807] netlink: 24 bytes leftover after parsing attributes in process `syz.0.28'. [ 39.067544][ T6783] BTRFS info (device loop4): enabling ssd optimizations [ 39.068790][ T6783] BTRFS info (device loop4): turning on async discard [ 39.068832][ T6783] BTRFS info (device loop4): enabling free space tree [ 39.122564][ T6767] set_capacity_and_notify: 1 callbacks suppressed [ 39.128256][ T6767] loop2: detected capacity change from 0 to 131072 [ 39.129724][ T6767] f2fs: Unknown parameter '/dev/snd/controlC#' [ 39.174479][ T6795] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 39.183628][ T6795] ntfs3(loop1): ino=1a, mi_enum_attr [ 39.185019][ T6795] ntfs3(loop1): Failed to initialize $Extend/$ObjId. [ 39.348487][ T6821] loop3: detected capacity change from 0 to 4096 [ 39.351532][ T6821] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 39.367593][ T6817] loop0: detected capacity change from 0 to 32768 [ 39.369204][ T6817] Only 4K block size supported! [ 39.369227][ T6817] Mount JFS Failure: -22 [ 39.369236][ T6817] jfs_mount failed w/return code = -22 [ 39.376117][ T6821] ntfs3(loop3): ino=1a, mi_enum_attr [ 39.377969][ T6821] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 39.379750][ T6821] ntfs3(loop3): ino=1a, mi_enum_attr [ 39.380610][ T6821] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 39.734257][ T6783] netlink: 12 bytes leftover after parsing attributes in process `syz.4.24'. [ 40.405046][ T6830] loop0: detected capacity change from 0 to 4096 [ 40.407400][ T6830] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 40.408307][ T6835] loop2: detected capacity change from 0 to 2048 [ 40.413914][ T6835] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 40.414195][ T6835] UDF-fs: Scanning with blocksize 512 failed [ 40.424485][ T6835] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 40.427726][ T6835] UDF-fs: error (device loop2): udf_read_inode: (ino 832) failed !bh [ 40.429255][ T6835] UDF-fs: error (device loop2): udf_fill_super: Error in udf_iget, block=48, partition=0 [ 40.453811][ T6830] ntfs3(loop0): ino=1a, mi_enum_attr [ 40.453855][ T6830] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 40.458351][ T6830] ntfs3(loop0): ino=1a, mi_enum_attr [ 40.458398][ T6830] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 40.481768][ T6830] ntfs3(loop0): ino=1e, mi_enum_attr [ 40.483893][ T6568] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 40.565760][ T6845] FAULT_INJECTION: forcing a failure. [ 40.565760][ T6845] name failslab, interval 1, probability 0, space 0, times 1 [ 40.568215][ T6845] CPU: 1 UID: 0 PID: 6845 Comm: syz.1.36 Not tainted syzkaller #0 PREEMPT [ 40.568238][ T6845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 40.568244][ T6845] Call trace: [ 40.568247][ T6845] show_stack+0x2c/0x3c (C) [ 40.568264][ T6845] __dump_stack+0x30/0x40 [ 40.568272][ T6845] dump_stack_lvl+0xd8/0x12c [ 40.568278][ T6845] dump_stack+0x1c/0x28 [ 40.568284][ T6845] should_fail_ex+0x41c/0x594 [ 40.568290][ T6845] should_failslab+0xc0/0x128 [ 40.568298][ T6845] kmem_cache_alloc_node_noprof+0x94/0x6c8 [ 40.568304][ T6845] __alloc_skb+0x1e4/0x3b0 [ 40.568310][ T6845] sctp_packet_transmit+0x23c/0x2418 [ 40.568318][ T6845] sctp_outq_flush+0xbd0/0x279c [ 40.568325][ T6845] sctp_outq_uncork+0x84/0xc0 [ 40.568331][ T6845] sctp_do_sm+0x435c/0x4a0c [ 40.568338][ T6845] sctp_primitive_SEND+0x98/0xc8 [ 40.568344][ T6845] sctp_sendmsg_to_asoc+0x111c/0x13bc [ 40.568350][ T6845] sctp_sendmsg+0x1300/0x1f78 [ 40.568355][ T6845] inet_sendmsg+0x154/0x284 [ 40.568361][ T6845] sock_write_iter+0x298/0x3d0 [ 40.568367][ T6845] do_iter_readv_writev+0x4bc/0x720 [ 40.568373][ T6845] vfs_writev+0x29c/0x7cc [ 40.568378][ T6845] do_writev+0x128/0x290 [ 40.568383][ T6845] __arm64_sys_writev+0x80/0x94 [ 40.568388][ T6845] invoke_syscall+0x98/0x254 [ 40.568394][ T6845] el0_svc_common+0xe8/0x23c [ 40.568399][ T6845] do_el0_svc+0x48/0x58 [ 40.568404][ T6845] el0_svc+0x5c/0x26c [ 40.568411][ T6845] el0t_64_sync_handler+0x84/0x12c [ 40.568416][ T6845] el0t_64_sync+0x198/0x19c [ 40.633527][ T6847] loop0: detected capacity change from 0 to 2048 [ 40.761735][ T6859] loop3: detected capacity change from 0 to 4096 [ 40.766748][ T6859] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 40.769444][ T6847] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 40.855657][ T6863] fuse: Bad value for 'group_id' [ 40.855719][ T6863] fuse: Bad value for 'group_id' [ 40.964863][ T6573] Bluetooth: hci3: command tx timeout [ 40.965923][ T6573] Bluetooth: hci2: command tx timeout [ 40.966882][ T6573] Bluetooth: hci0: command tx timeout [ 40.967892][ T6573] Bluetooth: hci1: command tx timeout [ 40.968860][ T6573] Bluetooth: hci4: command tx timeout [ 41.498038][ T6863] ieee802154 phy0 wpan0: encryption failed: -22 [ 41.794991][ T6859] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 41.797541][ T6868] FAULT_INJECTION: forcing a failure. [ 41.797541][ T6868] name failslab, interval 1, probability 0, space 0, times 0 [ 41.797574][ T6868] CPU: 1 UID: 0 PID: 6868 Comm: syz.4.44 Not tainted syzkaller #0 PREEMPT [ 41.797585][ T6868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 41.797592][ T6868] Call trace: [ 41.797595][ T6868] show_stack+0x2c/0x3c (C) [ 41.797610][ T6868] __dump_stack+0x30/0x40 [ 41.797617][ T6868] dump_stack_lvl+0xd8/0x12c [ 41.797623][ T6868] dump_stack+0x1c/0x28 [ 41.797628][ T6868] should_fail_ex+0x41c/0x594 [ 41.797636][ T6868] should_failslab+0xc0/0x128 [ 41.797643][ T6868] __kmalloc_cache_noprof+0x8c/0x698 [ 41.797649][ T6868] once_disable_jump+0x60/0x1a4 [ 41.797655][ T6868] __do_once_done+0x78/0xa8 [ 41.797661][ T6868] nf_conntrack_in+0xc3c/0x17a4 [ 41.797669][ T6868] ipv6_conntrack_in+0x28/0x38 [ 41.797673][ T6868] nf_hook_slow+0xb4/0x21c [ 41.797680][ T6868] NF_HOOK+0x1c8/0x358 [ 41.797686][ T6868] ipv6_rcv+0x9c/0xbc [ 41.797691][ T6868] __netif_receive_skb+0xcc/0x2a8 [ 41.797698][ T6868] netif_receive_skb+0x1c8/0x844 [ 41.797704][ T6868] tun_rx_batched+0x478/0x5b4 [ 41.797709][ T6868] tun_get_user+0x2354/0x359c [ 41.797713][ T6868] tun_chr_write_iter+0xfc/0x204 [ 41.797718][ T6868] vfs_write+0x540/0xa3c [ 41.797723][ T6868] ksys_write+0x120/0x210 [ 41.797728][ T6868] __arm64_sys_write+0x7c/0x90 [ 41.797733][ T6868] invoke_syscall+0x98/0x254 [ 41.797739][ T6868] el0_svc_common+0xe8/0x23c [ 41.797744][ T6868] do_el0_svc+0x48/0x58 [ 41.797749][ T6868] el0_svc+0x5c/0x26c [ 41.797756][ T6868] el0t_64_sync_handler+0x84/0x12c [ 41.797761][ T6868] el0t_64_sync+0x198/0x19c [ 41.805234][ T6859] ntfs3(loop3): ino=1a, mi_enum_attr [ 41.805302][ T6859] ntfs3(loop3): Failed to initialize $Extend/$ObjId. [ 42.154127][ T6878] loop8: detected capacity change from 0 to 8 [ 42.160943][ T6878] Dev loop8: unable to read RDB block 8 [ 42.162353][ T6878] loop8: unable to read partition table [ 42.163553][ T6878] loop8: partition table beyond EOD, truncated [ 42.164975][ T6878] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 42.227146][ T6567] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.264680][ T6882] loop2: detected capacity change from 0 to 1024 [ 42.266892][ T6882] EXT4-fs: inline encryption not supported [ 42.280187][ T6886] netlink: 228 bytes leftover after parsing attributes in process `syz.4.48'. [ 42.283853][ T6882] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 42.286259][ T6885] FAULT_INJECTION: forcing a failure. [ 42.286259][ T6885] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 42.286273][ T6885] CPU: 1 UID: 0 PID: 6885 Comm: syz.1.49 Not tainted syzkaller #0 PREEMPT [ 42.286280][ T6885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 42.286284][ T6885] Call trace: [ 42.286287][ T6885] show_stack+0x2c/0x3c (C) [ 42.286300][ T6885] __dump_stack+0x30/0x40 [ 42.286307][ T6885] dump_stack_lvl+0xd8/0x12c [ 42.286313][ T6885] dump_stack+0x1c/0x28 [ 42.286318][ T6885] should_fail_ex+0x41c/0x594 [ 42.286324][ T6885] should_fail_alloc_page+0xec/0x10c [ 42.286332][ T6885] prepare_alloc_pages+0x1d8/0x538 [ 42.286337][ T6885] __alloc_frozen_pages_noprof+0x134/0x318 [ 42.286342][ T6885] alloc_pages_mpol+0x1e4/0x460 [ 42.286348][ T6885] folio_alloc_mpol_noprof+0x4c/0x24c [ 42.286353][ T6885] vma_alloc_folio_noprof+0xf4/0x230 [ 42.286357][ T6885] vma_alloc_zeroed_movable_folio+0x70/0x84 [ 42.286363][ T6885] folio_prealloc+0x3c/0x1c0 [ 42.286368][ T6885] do_pte_missing+0x1e5c/0x2c88 [ 42.286373][ T6885] handle_mm_fault+0x1488/0x2678 [ 42.286377][ T6885] do_page_fault+0x410/0x13cc [ 42.286382][ T6885] do_translation_fault+0xc4/0x114 [ 42.286387][ T6885] do_mem_abort+0x70/0x194 [ 42.286392][ T6885] el0_da+0x64/0x248 [ 42.286398][ T6885] el0t_64_sync_handler+0x90/0x12c [ 42.286404][ T6885] el0t_64_sync+0x198/0x19c [ 42.286413][ T6885] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 42.289438][ T6885] loop1: detected capacity change from 0 to 2048 [ 42.324284][ T6885] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 42.324328][ T6885] UDF-fs: Scanning with blocksize 512 failed [ 42.331000][ T6885] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 42.331316][ T6885] UDF-fs: error (device loop1): udf_read_inode: (ino 832) failed !bh [ 42.331678][ T6885] UDF-fs: error (device loop1): udf_fill_super: Error in udf_iget, block=48, partition=0 [ 42.401376][ T6893] netlink: 24 bytes leftover after parsing attributes in process `syz.0.50'. [ 42.540574][ T6576] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.582115][ T6900] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 42.583519][ T6900] UDF-fs: Scanning with blocksize 512 failed [ 42.602641][ T6900] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 42.607410][ T6898] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 43.365229][ T6914] fuse: Bad value for 'group_id' [ 43.365268][ T6914] fuse: Bad value for 'group_id' [ 43.845935][ T6915] 9p: Bad value for 'rfdno' [ 44.712110][ T6571] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.020466][ T6921] set_capacity_and_notify: 2 callbacks suppressed [ 45.020627][ T6921] loop4: detected capacity change from 0 to 4096 [ 45.021770][ T6921] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 45.052260][ T6921] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 45.052474][ T6921] ntfs3(loop4): ino=1a, mi_enum_attr [ 45.052676][ T6921] ntfs3(loop4): Failed to initialize $Extend/$ObjId. [ 45.052826][ T6914] ieee802154 phy0 wpan0: encryption failed: -22 [ 45.579038][ T6928] netlink: 4 bytes leftover after parsing attributes in process `syz.2.61'. [ 45.882449][ T6935] netlink: 24 bytes leftover after parsing attributes in process `syz.0.63'. [ 45.888714][ T6937] netlink: 'syz.4.64': attribute type 1 has an invalid length. [ 46.201118][ T6947] netlink: 'syz.3.67': attribute type 29 has an invalid length. [ 46.203659][ T6947] netlink: 'syz.3.67': attribute type 29 has an invalid length. [ 46.220181][ T6947] netlink: 500 bytes leftover after parsing attributes in process `syz.3.67'. [ 46.250416][ T6949] netlink: 4 bytes leftover after parsing attributes in process `syz.3.68'. [ 46.300358][ T6951] netlink: 'syz.0.69': attribute type 1 has an invalid length. [ 46.302564][ T6928] loop2: detected capacity change from 0 to 32768 [ 46.306977][ T6928] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.61 (6928) [ 46.331949][ T6928] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 46.332452][ T6928] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 46.343491][ T6955] Cannot find add_set index 0 as target [ 46.364449][ T6949] loop3: detected capacity change from 0 to 32768 [ 46.372088][ T6949] BTRFS info: device /dev/loop3 (7:3) using temp-fsid ee688623-b500-46cb-b362-0be6162f15fe [ 46.374619][ T6949] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.68 (6949) [ 46.393935][ T6949] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 46.395851][ T6949] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm [ 46.409859][ T6964] loop4: detected capacity change from 0 to 512 [ 46.411016][ T6964] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 46.411030][ T6964] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 46.503075][ T6964] EXT4-fs (loop4): 1 truncate cleaned up [ 46.503562][ T6964] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 46.528431][ T6928] BTRFS info (device loop2): enabling ssd optimizations [ 46.528468][ T6928] BTRFS info (device loop2): turning on async discard [ 46.528476][ T6928] BTRFS info (device loop2): enabling free space tree [ 46.532966][ T6964] netlink: 'syz.4.71': attribute type 10 has an invalid length. [ 46.533293][ T6964] veth1_vlan: entered allmulticast mode [ 46.774059][ T6964] team0: Device veth1_vlan failed to register rx_handler [ 46.808197][ T6949] BTRFS info (device loop3): enabling ssd optimizations [ 46.809479][ T6949] BTRFS info (device loop3): turning on async discard [ 46.809520][ T6949] BTRFS info (device loop3): enabling free space tree [ 46.843566][ T6137] BTRFS info (device loop2): qgroup scan completed (inconsistency flag cleared) [ 46.886738][ T6572] BTRFS info (device loop3): last unmount of filesystem ee688623-b500-46cb-b362-0be6162f15fe [ 46.886808][ T5083] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared) [ 46.933142][ T6576] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 46.986286][ T6994] loop1: detected capacity change from 0 to 32768 [ 47.026513][ T7000] netlink: 4 bytes leftover after parsing attributes in process `syz.3.74'. [ 47.034689][ T6568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.045753][ T6994] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 47.046178][ T6994] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 47.145235][ T6994] XFS (loop1): Ending clean mount [ 47.146253][ T6994] XFS (loop1): Quotacheck needed: Please wait. [ 47.166652][ T6994] XFS (loop1): Quotacheck: Done. [ 47.234619][ T7010] fuse: Bad value for 'group_id' [ 47.234674][ T7010] fuse: Bad value for 'group_id' [ 47.927615][ T7010] ieee802154 phy0 wpan0: encryption failed: -22 [ 48.212659][ T7000] loop3: detected capacity change from 0 to 32768 [ 48.214644][ T7000] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.74 (7000) [ 48.228522][ T7000] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 48.230504][ T7000] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm [ 48.262368][ T7008] loop4: detected capacity change from 0 to 32768 [ 48.304847][ T7013] loop0: detected capacity change from 0 to 32768 [ 48.425132][ T7017] loop2: detected capacity change from 0 to 32768 [ 48.491490][ T7008] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 48.509822][ T7013] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 48.776439][ T7008] XFS (loop4): Ending clean mount [ 48.777803][ T7008] XFS (loop4): Quotacheck needed: Please wait. [ 48.800636][ T7013] XFS (loop0): Ending clean mount [ 48.802024][ T7013] XFS (loop0): Quotacheck needed: Please wait. [ 48.811791][ T7017] XFS (loop2): DAX unsupported by block device. Turning off DAX. [ 48.812351][ T7017] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 48.817234][ T7008] XFS (loop4): Quotacheck: Done. [ 48.819539][ T6571] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 48.828739][ T7013] XFS (loop0): Quotacheck: Done. [ 48.830310][ T7000] BTRFS info (device loop3): enabling ssd optimizations [ 48.830349][ T7000] BTRFS info (device loop3): turning on async discard [ 48.830357][ T7000] BTRFS info (device loop3): enabling free space tree [ 48.857359][ T7017] XFS (loop2): Ending clean mount [ 48.858140][ T7017] XFS (loop2): Quotacheck needed: Please wait. [ 48.869324][ T7017] XFS (loop2): Quotacheck: Done. [ 48.897733][ T6568] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 48.904116][ T5424] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared) [ 48.946731][ T6572] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 48.992596][ T7061] loop1: detected capacity change from 0 to 512 [ 49.036893][ T6567] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 49.043008][ T7070] netlink: 4 bytes leftover after parsing attributes in process `syz.1.84'. [ 49.065157][ T7066] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 49.139876][ T7070] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.84 (7070) [ 49.204933][ T7072] netlink: 'syz.3.81': attribute type 4 has an invalid length. [ 49.840454][ T6576] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 49.881964][ T7070] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 49.884205][ T7070] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm [ 49.956716][ T6568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.174164][ T7105] fuse: Bad value for 'group_id' [ 50.174223][ T7105] fuse: Bad value for 'group_id' [ 50.823672][ T7105] ieee802154 phy0 wpan0: encryption failed: -22 [ 51.059531][ T7070] BTRFS info (device loop1): enabling ssd optimizations [ 51.060808][ T7070] BTRFS info (device loop1): turning on async discard [ 51.064964][ T7070] BTRFS info (device loop1): enabling free space tree [ 51.069672][ T7089] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 51.125811][ T7076] set_capacity_and_notify: 3 callbacks suppressed [ 51.132813][ T7089] XFS (loop0): Ending clean mount [ 51.138944][ T7076] loop3: detected capacity change from 0 to 65536 [ 51.145573][ T5083] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared) [ 51.150759][ T7076] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 51.151756][ T7118] loop4: detected capacity change from 0 to 1024 [ 51.153884][ T7118] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 51.163509][ T6567] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 51.427849][ T6571] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 51.493665][ T7076] XFS (loop3): Ending clean mount [ 51.497553][ T7076] XFS (loop3): Quotacheck needed: Please wait. [ 51.511486][ T5424] XFS (loop3): Metadata CRC error detected at xfs_allocbt_read_verify+0x50/0xf0, xfs_bnobt block 0x4 [ 51.513611][ T5424] XFS (loop3): Unmount and run xfs_repair [ 51.514680][ T5424] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 51.514708][ T5424] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff AB3B............ [ 51.514768][ T5424] 00000010: 00 00 00 00 00 00 00 04 00 00 00 01 00 00 00 10 ................ [ 51.514779][ T5424] 00000020: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3 .sH./.A..&.:g... [ 51.514788][ T5424] 00000030: 00 00 00 00 ac fb 87 b1 00 00 00 0d 00 00 00 03 ................ [ 51.514796][ T5424] 00000040: 00 00 00 39 00 00 3f c7 00 00 00 00 00 00 00 00 ...9..?......... [ 51.514803][ T5424] 00000050: 00 00 00 00 00 00 08 00 00 00 00 00 00 00 00 00 ................ [ 51.514810][ T5424] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 51.514817][ T5424] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 51.514908][ T5424] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x1f8/0x380" at daddr 0x4 len 2 error 74 [ 51.518453][ T7076] XFS (loop3): Quotacheck: Unsuccessful (Error -117): Disabling quotas. [ 51.559082][ T7076] XFS (loop3): Metadata CRC error detected at xfs_allocbt_read_verify+0x50/0xf0, xfs_bnobt block 0x4 [ 51.559143][ T7076] XFS (loop3): Unmount and run xfs_repair [ 51.559163][ T7076] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 51.559170][ T7076] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff AB3B............ [ 51.559176][ T7076] 00000010: 00 00 00 00 00 00 00 04 00 00 00 01 00 00 00 10 ................ [ 51.559181][ T7076] 00000020: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3 .sH./.A..&.:g... [ 51.559186][ T7076] 00000030: 00 00 00 00 ac fb 87 b1 00 00 00 0d 00 00 00 03 ................ [ 51.559191][ T7076] 00000040: 00 00 00 39 00 00 3f c7 00 00 00 00 00 00 00 00 ...9..?......... [ 51.559196][ T7076] 00000050: 00 00 00 00 00 00 08 00 00 00 00 00 00 00 00 00 ................ [ 51.559201][ T7076] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 51.559206][ T7076] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 51.559214][ T7076] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x1f8/0x380" at daddr 0x4 len 2 error 74 [ 51.737214][ T7142] loop4: detected capacity change from 0 to 65536 [ 51.821059][ T7137] loop0: detected capacity change from 0 to 32768 [ 51.826477][ T7137] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 51.879238][ T7137] XFS (loop0): Ending clean mount [ 51.885741][ T7137] XFS (loop0): Quotacheck needed: Please wait. [ 51.899045][ T7137] XFS (loop0): Quotacheck: Done. [ 51.917134][ T6567] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 51.976614][ T7154] netlink: 8 bytes leftover after parsing attributes in process `syz.2.95'. [ 52.089944][ T7158] FAULT_INJECTION: forcing a failure. [ 52.089944][ T7158] name failslab, interval 1, probability 0, space 0, times 0 [ 52.089980][ T7158] CPU: 0 UID: 0 PID: 7158 Comm: syz.0.94 Not tainted syzkaller #0 PREEMPT [ 52.089990][ T7158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 52.089996][ T7158] Call trace: [ 52.090000][ T7158] show_stack+0x2c/0x3c (C) [ 52.090016][ T7158] __dump_stack+0x30/0x40 [ 52.090025][ T7158] dump_stack_lvl+0xd8/0x12c [ 52.090032][ T7158] dump_stack+0x1c/0x28 [ 52.090038][ T7158] should_fail_ex+0x41c/0x594 [ 52.090045][ T7158] should_failslab+0xc0/0x128 [ 52.090053][ T7158] __kmalloc_cache_noprof+0x8c/0x698 [ 52.090058][ T7158] sctp_add_bind_addr+0x9c/0x2e0 [ 52.090064][ T7158] sctp_copy_local_addr_list+0x2bc/0x454 [ 52.090072][ T7158] sctp_copy_one_addr+0xb0/0x340 [ 52.090077][ T7158] sctp_bind_addr_copy+0xa8/0x388 [ 52.090081][ T7158] sctp_assoc_set_bind_addr_from_ep+0x11c/0x16c [ 52.090086][ T7158] sctp_connect_new_asoc+0x2c0/0x620 [ 52.090091][ T7158] sctp_sendmsg+0x1030/0x1f78 [ 52.090096][ T7158] inet_sendmsg+0x154/0x284 [ 52.090102][ T7158] __sys_sendto+0x36c/0x4f4 [ 52.090112][ T7158] __arm64_sys_sendto+0xd8/0xf8 [ 52.090118][ T7158] invoke_syscall+0x98/0x254 [ 52.090124][ T7158] el0_svc_common+0xe8/0x23c [ 52.090130][ T7158] do_el0_svc+0x48/0x58 [ 52.090135][ T7158] el0_svc+0x5c/0x26c [ 52.090141][ T7158] el0t_64_sync_handler+0x84/0x12c [ 52.090147][ T7158] el0t_64_sync+0x198/0x19c [ 52.144032][ T7162] netlink: 56 bytes leftover after parsing attributes in process `syz.2.97'. [ 52.241931][ T7165] loop2: detected capacity change from 0 to 512 [ 52.244175][ T7165] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 52.251294][ T7165] EXT4-fs (loop2): 1 truncate cleaned up [ 52.253130][ T7165] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.283446][ T6576] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.346870][ T6572] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 52.348566][ T6572] XFS (loop3): Uncorrected metadata errors detected; please run xfs_repair. [ 52.353766][ T7169] syz.2.99 uses obsolete (PF_INET,SOCK_PACKET) [ 52.464491][ T7171] loop4: detected capacity change from 0 to 4096 [ 52.466559][ T7171] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512). [ 52.475604][ T7171] ntfs3(loop4): Failed to load $MFT. [ 52.584187][ T7179] loop4: detected capacity change from 0 to 1024 [ 52.586044][ T7179] EXT4-fs: Ignoring removed bh option [ 52.586058][ T7179] EXT4-fs: Ignoring removed nobh option [ 52.586065][ T7179] EXT4-fs: inline encryption not supported [ 52.600046][ T7182] FAULT_INJECTION: forcing a failure. [ 52.600046][ T7182] name failslab, interval 1, probability 0, space 0, times 0 [ 52.600090][ T7182] CPU: 0 UID: 0 PID: 7182 Comm: syz.1.103 Not tainted syzkaller #0 PREEMPT [ 52.600106][ T7182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 52.600116][ T7182] Call trace: [ 52.600119][ T7182] show_stack+0x2c/0x3c (C) [ 52.600140][ T7182] __dump_stack+0x30/0x40 [ 52.600148][ T7182] dump_stack_lvl+0xd8/0x12c [ 52.600155][ T7182] dump_stack+0x1c/0x28 [ 52.600160][ T7182] should_fail_ex+0x41c/0x594 [ 52.600167][ T7182] should_failslab+0xc0/0x128 [ 52.600175][ T7182] kmem_cache_alloc_noprof+0x90/0x680 [ 52.600180][ T7182] skb_clone+0x1b4/0x328 [ 52.600187][ T7182] sctp_ulpevent_make_rcvmsg+0x234/0x90c [ 52.600195][ T7182] sctp_ulpq_tail_data+0xc4/0xbb8 [ 52.600201][ T7182] sctp_do_sm+0x1500/0x4a0c [ 52.600209][ T7182] sctp_assoc_bh_rcv+0x388/0x6a8 [ 52.600214][ T7182] sctp_inq_push+0x190/0x1b4 [ 52.600220][ T7182] sctp_backlog_rcv+0x134/0x33c [ 52.600226][ T7182] __release_sock+0x1c4/0x3cc [ 52.600233][ T7182] release_sock+0x60/0x1ac [ 52.600238][ T7182] sctp_sendmsg+0x1348/0x1f78 [ 52.600243][ T7182] inet_sendmsg+0x154/0x284 [ 52.600249][ T7182] sock_write_iter+0x298/0x3d0 [ 52.600254][ T7182] do_iter_readv_writev+0x4bc/0x720 [ 52.600260][ T7182] vfs_writev+0x29c/0x7cc [ 52.600266][ T7182] do_writev+0x128/0x290 [ 52.600271][ T7182] __arm64_sys_writev+0x80/0x94 [ 52.600276][ T7182] invoke_syscall+0x98/0x254 [ 52.600282][ T7182] el0_svc_common+0xe8/0x23c [ 52.600287][ T7182] do_el0_svc+0x48/0x58 [ 52.600292][ T7182] el0_svc+0x5c/0x26c [ 52.600298][ T7182] el0t_64_sync_handler+0x84/0x12c [ 52.600304][ T7182] el0t_64_sync+0x198/0x19c [ 52.608981][ T7179] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 52.629393][ T7179] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.104: Allocating blocks 497-513 which overlap fs metadata [ 52.634562][ T7179] EXT4-fs (loop4): pa 0000000001ea07a1: logic 16, phys. 129, len 24 [ 52.634594][ T7179] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 1 [ 52.676588][ T6568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.796656][ T7175] loop2: detected capacity change from 0 to 32768 [ 52.867936][ T7175] XFS (loop2): DAX unsupported by block device. Turning off DAX. [ 52.869184][ T7175] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 52.874338][ T7195] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 52.907862][ T7175] XFS (loop2): Ending clean mount [ 52.918035][ T7175] XFS (loop2): Quotacheck needed: Please wait. [ 52.936043][ T7175] XFS (loop2): Quotacheck: Done. [ 52.938068][ T7186] loop4: detected capacity change from 0 to 32768 [ 52.956702][ T7186] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 53.029336][ T7186] XFS (loop4): Ending clean mount [ 53.031828][ T7184] loop3: detected capacity change from 0 to 32768 [ 53.038254][ T7186] XFS (loop4): Quotacheck needed: Please wait. [ 53.054256][ T7212] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 53.057102][ T7212] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 4096) [ 53.066139][ T7215] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 53.077753][ T7212] overlayfs: upper fs does not support tmpfile. [ 53.078220][ T7212] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 53.078252][ T7212] overlayfs: failed to set xattr on upper [ 53.078261][ T7212] overlayfs: ...falling back to redirect_dir=nofollow. [ 53.078270][ T7212] overlayfs: ...falling back to index=off. [ 53.078279][ T7212] overlayfs: ...falling back to uuid=null. [ 53.082637][ T7212] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 53.089215][ T7212] Remounting filesystem read-only [ 53.089341][ T7212] overlayfs: cleanup of 'work/#3' failed (-30) [ 53.098320][ T7186] XFS (loop4): Quotacheck: Done. [ 53.101746][ T7184] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 53.129420][ T7184] XFS (loop3): Ending clean mount [ 53.183415][ T6568] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 53.605618][ T6574] Bluetooth: hci1: command tx timeout [ 53.646824][ T7235] Dev loop8: unable to read RDB block 8 [ 53.648367][ T7235] loop8: unable to read partition table [ 53.649516][ T7235] loop8: partition table beyond EOD, truncated [ 53.650738][ T7235] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 53.696353][ T7237] FAULT_INJECTION: forcing a failure. [ 53.696353][ T7237] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 53.696387][ T7237] CPU: 0 UID: 0 PID: 7237 Comm: syz.4.113 Not tainted syzkaller #0 PREEMPT [ 53.696400][ T7237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 53.696407][ T7237] Call trace: [ 53.696410][ T7237] show_stack+0x2c/0x3c (C) [ 53.696425][ T7237] __dump_stack+0x30/0x40 [ 53.696433][ T7237] dump_stack_lvl+0xd8/0x12c [ 53.696438][ T7237] dump_stack+0x1c/0x28 [ 53.696444][ T7237] should_fail_ex+0x41c/0x594 [ 53.696451][ T7237] should_fail_alloc_page+0xec/0x10c [ 53.696458][ T7237] prepare_alloc_pages+0x1d8/0x538 [ 53.696464][ T7237] __alloc_frozen_pages_noprof+0x134/0x318 [ 53.696469][ T7237] alloc_pages_mpol+0x1e4/0x460 [ 53.696474][ T7237] folio_alloc_mpol_noprof+0x4c/0x24c [ 53.696479][ T7237] vma_alloc_folio_noprof+0xf4/0x230 [ 53.696484][ T7237] vma_alloc_zeroed_movable_folio+0x70/0x84 [ 53.696490][ T7237] folio_prealloc+0x3c/0x1c0 [ 53.696495][ T7237] do_pte_missing+0x1e5c/0x2c88 [ 53.696500][ T7237] handle_mm_fault+0x1488/0x2678 [ 53.696505][ T7237] do_page_fault+0x410/0x13cc [ 53.696509][ T7237] do_translation_fault+0xc4/0x114 [ 53.696514][ T7237] do_mem_abort+0x70/0x194 [ 53.696519][ T7237] el0_da+0x64/0x248 [ 53.696526][ T7237] el0t_64_sync_handler+0x90/0x12c [ 53.696531][ T7237] el0t_64_sync+0x198/0x19c [ 53.701178][ T7237] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 53.733649][ T6572] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 53.783967][ T7237] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 53.783994][ T7237] UDF-fs: Scanning with blocksize 512 failed [ 53.793389][ T7237] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 53.793966][ T7237] UDF-fs: error (device loop4): udf_read_inode: (ino 832) failed !bh [ 53.794001][ T7237] UDF-fs: error (device loop4): udf_fill_super: Error in udf_iget, block=48, partition=0 [ 54.095941][ T6576] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 54.110038][ T7243] netlink: 28 bytes leftover after parsing attributes in process `syz.3.114'. [ 54.110082][ T7243] netlink: 'syz.3.114': attribute type 7 has an invalid length. [ 54.110462][ T7243] netlink: 'syz.3.114': attribute type 8 has an invalid length. [ 54.110648][ T7243] netlink: 4 bytes leftover after parsing attributes in process `syz.3.114'. [ 54.112698][ T7243] team0: entered promiscuous mode [ 54.112719][ T7243] team_slave_0: entered promiscuous mode [ 54.113091][ T7243] team_slave_1: entered promiscuous mode [ 54.113971][ T7243] bond0: entered promiscuous mode [ 54.114327][ T7243] bond_slave_0: entered promiscuous mode [ 54.114654][ T7243] bond_slave_1: entered promiscuous mode [ 54.116268][ T7243] gretap0: entered promiscuous mode [ 54.116723][ T7243] debugfs: 'hsr1' already exists in 'hsr' [ 54.116984][ T7243] Cannot create hsr debugfs directory [ 54.117698][ T7243] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 54.197486][ T7245] netlink: 24 bytes leftover after parsing attributes in process `syz.0.117'. [ 54.233047][ T7249] EXT4-fs: Ignoring removed bh option [ 54.234139][ T7249] EXT4-fs: Ignoring removed nobh option [ 54.236752][ T7249] EXT4-fs: inline encryption not supported [ 54.252657][ T7247] netlink: 48 bytes leftover after parsing attributes in process `syz.3.118'. [ 54.255779][ T7249] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 54.275391][ T6571] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 54.288064][ T7249] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4215: comm syz.0.120: Allocating blocks 497-513 which overlap fs metadata [ 54.290988][ T7249] EXT4-fs (loop0): pa 00000000bbc4a2d7: logic 16, phys. 129, len 24 [ 54.291031][ T7249] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 1 [ 54.291745][ T7249] FAULT_INJECTION: forcing a failure. [ 54.291745][ T7249] name failslab, interval 1, probability 0, space 0, times 0 [ 54.291757][ T7249] CPU: 0 UID: 0 PID: 7249 Comm: syz.0.120 Not tainted syzkaller #0 PREEMPT [ 54.291764][ T7249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 54.291768][ T7249] Call trace: [ 54.291770][ T7249] show_stack+0x2c/0x3c (C) [ 54.291784][ T7249] __dump_stack+0x30/0x40 [ 54.291793][ T7249] dump_stack_lvl+0xd8/0x12c [ 54.291799][ T7249] dump_stack+0x1c/0x28 [ 54.291804][ T7249] should_fail_ex+0x41c/0x594 [ 54.291811][ T7249] should_failslab+0xc0/0x128 [ 54.291818][ T7249] __kmalloc_noprof+0x100/0x764 [ 54.291823][ T7249] ext4_find_extent+0x1b0/0xa8c [ 54.291829][ T7249] ext4_ext_map_blocks+0x230/0x54a4 [ 54.291835][ T7249] ext4_map_blocks+0x784/0x1548 [ 54.291840][ T7249] ext4_alloc_file_blocks+0x314/0xaf4 [ 54.291846][ T7249] ext4_do_fallocate+0x2a8/0x9b8 [ 54.291851][ T7249] ext4_fallocate+0x254/0x384 [ 54.291856][ T7249] vfs_fallocate+0x52c/0x668 [ 54.291861][ T7249] __arm64_sys_fallocate+0xbc/0x10c [ 54.291865][ T7249] invoke_syscall+0x98/0x254 [ 54.291871][ T7249] el0_svc_common+0xe8/0x23c [ 54.291876][ T7249] do_el0_svc+0x48/0x58 [ 54.291881][ T7249] el0_svc+0x5c/0x26c [ 54.291888][ T7249] el0t_64_sync_handler+0x84/0x12c [ 54.291893][ T7249] el0t_64_sync+0x198/0x19c [ 54.318874][ T6567] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.336412][ T7241] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.115 (7241) [ 54.340019][ T7241] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 54.340084][ T7241] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm [ 54.352418][ T7257] EXT4-fs: Ignoring removed bh option [ 54.352464][ T7257] EXT4-fs: Ignoring removed nobh option [ 54.352472][ T7257] EXT4-fs: inline encryption not supported [ 54.376891][ T7256] EXT4-fs: Ignoring removed bh option [ 54.382716][ T7256] EXT4-fs: Ignoring removed nobh option [ 54.383821][ T7256] EXT4-fs: inline encryption not supported [ 54.399361][ T7257] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 54.405397][ T7274] netlink: 300 bytes leftover after parsing attributes in process `syz.3.122'. [ 54.411320][ T7257] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4215: comm syz.2.116: Allocating blocks 497-513 which overlap fs metadata [ 54.411884][ T7257] EXT4-fs (loop2): pa 000000005ad89246: logic 16, phys. 129, len 24 [ 54.411896][ T7257] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 1 [ 54.416271][ T7256] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 54.432914][ T7241] BTRFS info (device loop4): enabling ssd optimizations [ 54.432944][ T7241] BTRFS info (device loop4): turning on async discard [ 54.433212][ T7241] BTRFS info (device loop4): enabling free space tree [ 54.437964][ T7256] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4215: comm syz.1.119: Allocating blocks 497-513 which overlap fs metadata [ 54.441759][ T7256] EXT4-fs (loop1): pa 000000000e876466: logic 16, phys. 129, len 24 [ 54.441805][ T7256] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 1 [ 54.473547][ T41] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared) [ 54.475717][ T6576] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.496595][ T6571] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.517293][ T7281] netlink: 8 bytes leftover after parsing attributes in process `syz.3.125'. [ 54.574629][ T7288] netlink: 8 bytes leftover after parsing attributes in process `syz.3.127'. [ 55.230695][ T6568] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 55.242937][ T7265] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 55.273466][ T7265] XFS (loop0): Ending clean mount [ 55.276351][ T7265] XFS (loop0): Quotacheck needed: Please wait. [ 55.302277][ T7265] XFS (loop0): Quotacheck: Done. [ 55.355723][ T6567] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 55.364182][ T7315] netlink: 56 bytes leftover after parsing attributes in process `syz.4.132'. [ 55.369570][ T7316] EXT4-fs: Ignoring removed bh option [ 55.369589][ T7316] EXT4-fs: Ignoring removed nobh option [ 55.369596][ T7316] EXT4-fs: inline encryption not supported [ 55.383644][ T7316] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.409414][ T7316] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.133: Allocating blocks 497-513 which overlap fs metadata [ 55.412683][ T7313] EXT4-fs (loop3): pa 00000000840421cd: logic 16, phys. 129, len 24 [ 55.412717][ T7313] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 1 [ 55.469155][ T7321] netlink: 'syz.2.134': attribute type 29 has an invalid length. [ 55.477220][ T7321] netlink: 'syz.2.134': attribute type 29 has an invalid length. [ 55.490469][ T6572] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.498296][ T7323] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 55.564034][ T7330] netlink: 'syz.2.138': attribute type 1 has an invalid length. [ 55.566544][ T7328] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 55.604300][ T7328] EXT4-fs error (device loop4): mb_free_blocks:2037: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt. [ 55.622652][ T7330] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 55.623168][ T7330] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 55.653113][ T7327] EXT4-fs: inline encryption not supported [ 55.717707][ T7327] EXT4-fs (loop3): orphan cleanup on readonly fs [ 55.719474][ T7327] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.137: corrupted inode contents [ 55.722507][ T7327] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem [ 55.723903][ T7327] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.137: corrupted inode contents [ 55.725958][ T7327] EXT4-fs error (device loop3): ext4_evict_inode:301: inode #15: comm syz.3.137: mark_inode_dirty error [ 55.727794][ T7327] EXT4-fs (loop3): 1 orphan inode deleted [ 55.728250][ T7327] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 55.738264][ T6572] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.982243][ T7338] bond1: (slave gretap1): making interface the new active one [ 55.991407][ T7331] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 55.993264][ T7331] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 56.002361][ T7338] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 56.029483][ T7331] XFS (loop0): Ending clean mount [ 56.044470][ T7331] XFS (loop0): Quotacheck needed: Please wait. [ 56.068906][ T7331] XFS (loop0): Quotacheck: Done. [ 56.113889][ T7361] exfat: Deprecated parameter 'namecase' [ 56.113930][ T7361] exfat: Deprecated parameter 'namecase' [ 56.131333][ T7361] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 56.249284][ T7356] set_capacity_and_notify: 13 callbacks suppressed [ 56.250393][ T7356] loop3: detected capacity change from 0 to 32768 [ 56.286462][ T7356] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 56.398458][ T6568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.406551][ T7356] XFS (loop3): Ending clean mount [ 56.408376][ T7356] XFS (loop3): Quotacheck needed: Please wait. [ 56.432352][ T7376] loop4: detected capacity change from 0 to 16 [ 56.435533][ T7356] XFS (loop3): Quotacheck: Done. [ 56.717706][ T7376] erofs (device loop4): mounted with root inode @ nid 36. [ 56.751690][ T6572] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 56.796602][ T7383] loop4: detected capacity change from 0 to 1024 [ 56.796986][ T7383] EXT4-fs: Ignoring removed bh option [ 56.796999][ T7383] EXT4-fs: Ignoring removed nobh option [ 56.797005][ T7383] EXT4-fs: inline encryption not supported [ 56.827946][ T7383] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 56.889130][ T6568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.896788][ T7388] loop3: detected capacity change from 0 to 4096 [ 56.904975][ T7388] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 56.962762][ T7388] ntfs3(loop3): ino=1a, mi_enum_attr [ 56.962849][ T7388] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 56.962967][ T7388] ntfs3(loop3): ino=1a, mi_enum_attr [ 56.962975][ T7388] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 56.980074][ T7390] loop8: detected capacity change from 0 to 8 [ 56.983030][ T6560] Dev loop8: unable to read RDB block 8 [ 56.985720][ T6560] loop8: unable to read partition table [ 56.987066][ T6560] loop8: partition table beyond EOD, truncated [ 56.990568][ T7390] Dev loop8: unable to read RDB block 8 [ 56.990603][ T7390] loop8: unable to read partition table [ 56.990660][ T7390] loop8: partition table beyond EOD, truncated [ 56.990677][ T7390] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 57.302442][ T6567] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 57.483655][ T7402] loop0: detected capacity change from 0 to 4096 [ 57.492479][ T7402] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 57.508794][ T7402] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 57.508982][ T7402] ntfs3(loop0): ino=1a, mi_enum_attr [ 57.509039][ T7402] ntfs3(loop0): Failed to initialize $Extend/$ObjId. [ 57.617371][ T7404] __nla_validate_parse: 5 callbacks suppressed [ 57.617417][ T7404] netlink: 32 bytes leftover after parsing attributes in process `syz.1.152'. [ 57.620639][ T7395] loop3: detected capacity change from 0 to 32768 [ 57.661695][ T7395] XFS (loop3): DAX unsupported by block device. Turning off DAX. [ 57.662769][ T7395] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 57.903882][ T7395] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x100/0x1d4, xfs_agf block 0x1 [ 57.905991][ T7395] XFS (loop3): Unmount and run xfs_repair [ 57.907021][ T7395] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 57.908304][ T7395] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 20 00 XAGF.......... . [ 57.909886][ T7395] 00000010: 00 00 00 01 00 00 00 02 00 00 00 05 00 00 00 01 ................ [ 57.911483][ T7395] 00000020: 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 06 ................ [ 57.913086][ T7395] 00000030: 00 00 00 06 00 00 13 e3 00 00 13 e0 00 00 56 00 ..............V. [ 57.914609][ T7395] 00000040: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d ..BNy.B..... ... [ 57.916525][ T7395] 00000050: 00 00 00 01 00 00 00 01 00 00 00 06 00 00 00 01 ................ [ 57.918118][ T7395] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 57.919760][ T7395] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 57.921325][ T7395] XFS (loop3): metadata I/O error in "xfs_read_agf+0x220/0x58c" at daddr 0x1 len 1 error 74 [ 57.923213][ T7395] XFS (loop3): Error -117 reserving per-AG metadata reserve pool. [ 57.924686][ T7395] XFS (loop3): Corruption of in-memory data (0x8) detected at xfs_fs_reserve_ag_blocks+0x204/0x248 (fs/xfs/xfs_fsops.c:566). Shutting down filesystem. [ 57.928873][ T7395] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 57.930447][ T7395] XFS (loop3): Ending clean mount [ 57.932751][ T7395] XFS (loop3): Failed to initialize disk quotas, err -5. [ 57.934711][ T7395] XFS (loop3): Error -5 reserving per-AG metadata reserve pool. [ 58.104362][ T7395] loop3: detected capacity change from 0 to 32768 [ 58.119835][ T7395] find_entry called with index >= next_index [ 58.121259][ T7395] find_entry called with index >= next_index [ 58.122291][ T7395] find_entry called with index >= next_index [ 58.298144][ T7359] loop2: detected capacity change from 0 to 262144 [ 58.315789][ T7359] F2FS-fs (loop2): invalid crc value [ 58.356863][ T7359] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 58.360187][ T7359] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 58.389473][ T7425] loop1: detected capacity change from 0 to 1024 [ 58.391867][ T7425] EXT4-fs: Ignoring removed orlov option [ 58.392301][ T7425] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 58.404412][ T7425] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.506156][ T7432] EXT4-fs: Ignoring removed bh option [ 58.514073][ T7432] EXT4-fs: Ignoring removed nobh option [ 58.523790][ T7432] EXT4-fs: inline encryption not supported [ 59.124218][ T7432] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.177061][ T6567] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.240702][ T6571] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.310915][ T7441] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 59.691817][ T7441] XFS (loop2): Ending clean mount [ 59.693419][ T7441] XFS (loop2): Quotacheck needed: Please wait. [ 59.718331][ T7441] XFS (loop2): Quotacheck: Done. [ 59.914527][ T7467] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 59.942834][ T7466] NILFS (loop1): DAT doesn't have a block to manage vblocknr = 256 [ 59.942976][ T7466] NILFS error (device loop1): nilfs_bmap_truncate: broken bmap (inode number=15) [ 59.951564][ T7466] Remounting filesystem read-only [ 59.951585][ T7466] NILFS (loop1): error -5 truncating bmap (ino=15) [ 60.226664][ T6576] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 60.269619][ T7471] bridge0: entered promiscuous mode [ 60.270630][ T7471] macvlan2: entered promiscuous mode [ 60.274647][ T7470] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.166: error while reading EA inode 32 err=-116 [ 60.283681][ T7470] EXT4-fs (loop4): Remounting filesystem read-only [ 60.283729][ T7470] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 60.283749][ T7470] EXT4-fs warning (device loop4): ext4_evict_inode:256: couldn't mark inode dirty (err -30) [ 60.283785][ T7470] EXT4-fs (loop4): 1 orphan inode deleted [ 60.284245][ T7470] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 60.304960][ T7471] xt_nat: multiple ranges no longer supported [ 60.393822][ T6568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.426255][ T7476] netlink: 'syz.2.168': attribute type 1 has an invalid length. [ 60.474169][ T7478] syzkaller0: entered promiscuous mode [ 60.477644][ T7478] syzkaller0: entered allmulticast mode [ 60.480331][ T7474] tipc: Started in network mode [ 60.481455][ T7474] tipc: Node identity aa7a76aecf8d, cluster identity 4711 [ 60.484151][ T7474] tipc: Enabled bearer , priority 0 [ 60.488835][ T7473] tipc: Resetting bearer [ 60.495683][ T7453] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 60.511811][ T7453] XFS (loop3): Ending clean mount [ 60.513660][ T7453] XFS (loop3): Quotacheck needed: Please wait. [ 60.527169][ T7453] XFS (loop3): Quotacheck: Done. [ 60.578064][ T7473] tipc: Disabling bearer [ 60.617227][ T7476] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address [ 60.619379][ T6571] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 60.637507][ T7476] bond2: (slave vxcan3): Error -95 calling set_mac_address [ 60.702499][ T7493] netlink: 28 bytes leftover after parsing attributes in process `syz.1.172'. [ 60.710003][ T7499] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_team, syncid = 4, id = 0 [ 60.817838][ T7500] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 60.821012][ T7496] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 60.846005][ T7505] Dev loop8: unable to read RDB block 8 [ 60.846041][ T7505] loop8: unable to read partition table [ 60.846103][ T7505] loop8: partition table beyond EOD, truncated [ 60.846111][ T7505] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 61.342862][ T7517] netlink: 8 bytes leftover after parsing attributes in process `syz.1.178'. [ 61.351807][ T6572] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 61.418534][ T7519] FAULT_INJECTION: forcing a failure. [ 61.418534][ T7519] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 61.419370][ T7519] CPU: 1 UID: 0 PID: 7519 Comm: syz.1.180 Not tainted syzkaller #0 PREEMPT [ 61.419382][ T7519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 61.419388][ T7519] Call trace: [ 61.419391][ T7519] show_stack+0x2c/0x3c (C) [ 61.419412][ T7519] __dump_stack+0x30/0x40 [ 61.419424][ T7519] dump_stack_lvl+0xd8/0x12c [ 61.419430][ T7519] dump_stack+0x1c/0x28 [ 61.419436][ T7519] should_fail_ex+0x41c/0x594 [ 61.419443][ T7519] should_fail_alloc_page+0xec/0x10c [ 61.419450][ T7519] prepare_alloc_pages+0x1d8/0x538 [ 61.419456][ T7519] __alloc_frozen_pages_noprof+0x134/0x318 [ 61.419461][ T7519] alloc_pages_mpol+0x1e4/0x460 [ 61.419467][ T7519] folio_alloc_mpol_noprof+0x4c/0x24c [ 61.419472][ T7519] shmem_alloc_and_add_folio+0x32c/0x10c4 [ 61.419478][ T7519] shmem_get_folio_gfp+0x4d4/0x159c [ 61.419483][ T7519] shmem_write_begin+0x160/0x490 [ 61.419488][ T7519] generic_perform_write+0x244/0x7bc [ 61.419493][ T7519] shmem_file_write_iter+0x10c/0x134 [ 61.419498][ T7519] vfs_write+0x540/0xa3c [ 61.419504][ T7519] ksys_write+0x120/0x210 [ 61.419509][ T7519] __arm64_sys_write+0x7c/0x90 [ 61.419514][ T7519] invoke_syscall+0x98/0x254 [ 61.419520][ T7519] el0_svc_common+0xe8/0x23c [ 61.419525][ T7519] do_el0_svc+0x48/0x58 [ 61.419530][ T7519] el0_svc+0x5c/0x26c [ 61.419537][ T7519] el0t_64_sync_handler+0x84/0x12c [ 61.419543][ T7519] el0t_64_sync+0x198/0x19c [ 61.786985][ T7527] netlink: 28 bytes leftover after parsing attributes in process `syz.2.182'. [ 61.787026][ T7527] netlink: 'syz.2.182': attribute type 7 has an invalid length. [ 61.787052][ T7527] netlink: 'syz.2.182': attribute type 8 has an invalid length. [ 61.787062][ T7527] netlink: 4 bytes leftover after parsing attributes in process `syz.2.182'. [ 61.788803][ T7527] team0: entered promiscuous mode [ 61.789914][ T7527] team0: left promiscuous mode [ 61.802848][ T7528] set_capacity_and_notify: 9 callbacks suppressed [ 61.815025][ T7528] loop1: detected capacity change from 0 to 1024 [ 61.815540][ T7528] EXT4-fs: Ignoring removed bh option [ 61.815553][ T7528] EXT4-fs: Ignoring removed nobh option [ 61.815560][ T7528] EXT4-fs: inline encryption not supported [ 61.844550][ T7533] netlink: 28 bytes leftover after parsing attributes in process `syz.3.179'. [ 61.844594][ T7533] netlink: 28 bytes leftover after parsing attributes in process `syz.3.179'. [ 61.849759][ T6567] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 61.881450][ T7528] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 61.919480][ T7533] erspan0: entered promiscuous mode [ 61.921709][ T7533] erspan0: left promiscuous mode [ 61.924017][ T6571] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 61.946510][ T7543] netlink: 24 bytes leftover after parsing attributes in process `syz.0.185'. [ 61.971841][ T7545] loop1: detected capacity change from 0 to 512 [ 62.019410][ T7550] netlink: 8 bytes leftover after parsing attributes in process `syz.1.189'. [ 62.032248][ T7548] netlink: 12 bytes leftover after parsing attributes in process `syz.2.188'. [ 62.032304][ T7548] netlink: 'syz.2.188': attribute type 3 has an invalid length. [ 62.032824][ T7548] netlink: 'syz.2.188': attribute type 3 has an invalid length. [ 62.451048][ T7555] loop0: detected capacity change from 0 to 32768 [ 62.460319][ T7555] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 62.470668][ T7555] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 62.498571][ T7555] XFS (loop0): Ending clean mount [ 62.501224][ T7555] XFS (loop0): Quotacheck needed: Please wait. [ 62.530498][ T7555] XFS (loop0): Quotacheck: Done. [ 62.589279][ T7580] loop1: detected capacity change from 0 to 1024 [ 62.593459][ T7580] EXT4-fs: Ignoring removed orlov option [ 62.605291][ T7580] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 62.622471][ T7580] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.702026][ T7586] netlink: 'syz.3.197': attribute type 9 has an invalid length. [ 63.315104][ T7589] loop4: detected capacity change from 0 to 1024 [ 63.315522][ T7589] EXT4-fs: Ignoring removed bh option [ 63.315535][ T7589] EXT4-fs: Ignoring removed nobh option [ 63.315541][ T7589] EXT4-fs: inline encryption not supported [ 63.343705][ T7587] loop3: detected capacity change from 0 to 4096 [ 63.360411][ T7589] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.405770][ T6567] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 63.416763][ T6568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.419719][ T7599] loop3: detected capacity change from 0 to 512 [ 63.423624][ T7599] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 63.441344][ T7599] EXT4-fs (loop3): 1 truncate cleaned up [ 63.441781][ T7599] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 63.718203][ T6572] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.735932][ T6571] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.746026][ T7606] netlink: 'syz.3.204': attribute type 4 has an invalid length. [ 63.822432][ T7610] loop3: detected capacity change from 0 to 2048 [ 63.825417][ T7609] loop1: detected capacity change from 0 to 1024 [ 63.826935][ T7609] EXT4-fs: Ignoring removed orlov option [ 63.854866][ T7609] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.861468][ T7609] EXT4-fs error (device loop1): ext4_iget_extra_inode:5073: inode #15: comm syz.1.203: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 63.862753][ T7609] overlayfs: failed to resolve './file1': -117 [ 64.183834][ T7602] loop4: detected capacity change from 0 to 32768 [ 64.238146][ T7602] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 64.243029][ T7602] JBD2: Ignoring recovery information on journal [ 64.255711][ T7622] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 64.260638][ T7622] UDF-fs: Scanning with blocksize 512 failed [ 64.269009][ T7622] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 64.292910][ T7602] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 64.372112][ T6571] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.401214][ T6568] ocfs2: Unmounting device (7,4) on (node local) [ 64.432251][ T7632] EXT4-fs: Ignoring removed bh option [ 64.433405][ T7632] EXT4-fs: Ignoring removed nobh option [ 64.434693][ T7632] EXT4-fs: inline encryption not supported [ 64.684350][ T2467] ieee802154 phy1 wpan1: encryption failed: -22 [ 64.757487][ T7632] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.807264][ T6568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.074926][ T7646] FAULT_INJECTION: forcing a failure. [ 65.074926][ T7646] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 65.078921][ T7646] CPU: 0 UID: 0 PID: 7646 Comm: syz.4.215 Not tainted syzkaller #0 PREEMPT [ 65.078946][ T7646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 65.078952][ T7646] Call trace: [ 65.078955][ T7646] show_stack+0x2c/0x3c (C) [ 65.078975][ T7646] __dump_stack+0x30/0x40 [ 65.078988][ T7646] dump_stack_lvl+0xd8/0x12c [ 65.078995][ T7646] dump_stack+0x1c/0x28 [ 65.079001][ T7646] should_fail_ex+0x41c/0x594 [ 65.079009][ T7646] should_fail+0x14/0x24 [ 65.079014][ T7646] should_fail_usercopy+0x20/0x30 [ 65.079020][ T7646] copy_folio_from_iter_atomic+0x37c/0x164c [ 65.079026][ T7646] generic_perform_write+0x4d0/0x7bc [ 65.079033][ T7646] shmem_file_write_iter+0x10c/0x134 [ 65.079039][ T7646] vfs_write+0x540/0xa3c [ 65.079045][ T7646] ksys_write+0x120/0x210 [ 65.079050][ T7646] __arm64_sys_write+0x7c/0x90 [ 65.079056][ T7646] invoke_syscall+0x98/0x254 [ 65.079062][ T7646] el0_svc_common+0xe8/0x23c [ 65.079067][ T7646] do_el0_svc+0x48/0x58 [ 65.079072][ T7646] el0_svc+0x5c/0x26c [ 65.079080][ T7646] el0t_64_sync_handler+0x84/0x12c [ 65.079086][ T7646] el0t_64_sync+0x198/0x19c [ 65.132039][ T7646] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 65.132071][ T7646] UDF-fs: Scanning with blocksize 512 failed [ 65.142211][ T7646] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 65.144081][ T7646] UDF-fs: error (device loop4): udf_read_inode: (ino 832) failed !bh [ 65.144996][ T7646] UDF-fs: error (device loop4): udf_fill_super: Error in udf_iget, block=48, partition=0 [ 65.148528][ T7648] ntfs3(loop0): Primary boot: invalid record size -127. [ 65.149306][ T7648] ntfs3(loop0): try to read out of volume at offset 0x1ffe00 [ 65.223501][ T7655] netlink: 'syz.4.219': attribute type 1 has an invalid length. [ 65.250483][ T7653] __nla_validate_parse: 2 callbacks suppressed [ 65.250819][ T7653] netlink: 40 bytes leftover after parsing attributes in process `syz.2.218'. [ 65.253846][ T7650] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.266820][ T7655] bond1: entered promiscuous mode [ 65.266853][ T7655] bond1: entered allmulticast mode [ 65.293426][ T7650] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: comm syz.3.217: inode #4294967293: comm syz.3.217: iget: illegal inode # [ 65.311016][ T7650] EXT4-fs (loop3): Remounting filesystem read-only [ 65.312153][ T7650] EXT4-fs warning (device loop3): ext4_xattr_inode_inc_ref_all:1134: inode #19: comm syz.3.217: cleanup dec ref error -30 [ 65.314555][ T7650] EXT4-fs warning (device loop3): ext4_xattr_block_set:2199: inode #19: comm syz.3.217: dec ref error=-30 [ 65.317554][ T7660] fuse: Unknown parameter ''2oupš}Rîê<Ù 4åü³Ÿ[y@ŽH-^†"ë7Ÿôuñ [ 65.317554][ T7660] •[Ëh;ÄñÓ-r)ÿ' [ 65.325637][ T7655] bond1: (slave ip6gretap1): making interface the new active one [ 65.330286][ T7650] xt_hashlimit: size too large, truncated to 1048576 [ 65.331520][ T7655] ip6gretap1: entered promiscuous mode [ 65.337539][ T7655] ip6gretap1: entered allmulticast mode [ 65.343283][ T7655] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 65.459682][ T7652] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 65.486992][ T7681] netlink: 32 bytes leftover after parsing attributes in process `syz.1.225'. [ 65.542175][ T7652] XFS (loop0): Ending clean mount [ 65.545764][ T7652] XFS (loop0): Quotacheck needed: Please wait. [ 65.560648][ T7652] XFS (loop0): Quotacheck: Done. [ 65.592564][ T7685] EXT4-fs: Ignoring removed bh option [ 65.594034][ T7685] EXT4-fs: Ignoring removed nobh option [ 65.595245][ T7685] EXT4-fs: inline encryption not supported [ 65.616429][ T7685] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.669918][ T6568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.716580][ T7699] netlink: 56 bytes leftover after parsing attributes in process `syz.4.228'. [ 65.745971][ T7701] veth1_to_bridge: entered promiscuous mode [ 65.746133][ T7701] macsec1: entered promiscuous mode [ 65.746194][ T7701] macsec1: entered allmulticast mode [ 65.746200][ T7701] veth1_to_bridge: entered allmulticast mode [ 65.788809][ T7701] veth1_to_bridge: left allmulticast mode [ 65.788984][ T7701] veth1_to_bridge: left promiscuous mode [ 65.881454][ T6567] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 65.965592][ T7708] Unsupported NM flag settings (240) [ 65.982548][ T7710] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 66.014916][ T7714] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 66.047820][ T7665] F2FS-fs (loop2): Test dummy encryption mode enabled [ 66.057995][ T7712] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.083907][ T7665] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 66.090564][ T7665] F2FS-fs (loop2): Mounted with checkpoint version = 753bd00b [ 66.126601][ T7714] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 66.126631][ T7714] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4) [ 66.133978][ T7714] Remounting filesystem read-only [ 66.138064][ T6567] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer [ 66.165433][ T7729] tipc: Trying to set illegal importance in message [ 66.165775][ T7729] 9p: Bad value for 'wfdno' [ 66.299375][ T7734] EXT4-fs: Ignoring removed orlov option [ 66.337163][ T7736] syzkaller0: entered promiscuous mode [ 66.338633][ T7736] syzkaller0: entered allmulticast mode [ 66.340192][ T7734] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 66.352739][ T7736] tipc: Started in network mode [ 66.354100][ T7736] tipc: Node identity 72f248efb79b, cluster identity 4711 [ 66.354225][ T7736] tipc: Enabled bearer , priority 0 [ 66.358965][ T7734] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.362826][ T7735] tipc: Resetting bearer [ 66.430803][ T7735] tipc: Disabling bearer [ 66.834038][ T6568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.846309][ T6572] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.889969][ T7748] set_capacity_and_notify: 14 callbacks suppressed [ 66.891252][ T7748] loop3: detected capacity change from 0 to 1024 [ 66.893237][ T7748] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 66.906903][ T7746] loop4: detected capacity change from 0 to 256 [ 66.923044][ T7746] FAT-fs (loop4): Directory bread(block 64) failed [ 66.923085][ T7746] FAT-fs (loop4): Directory bread(block 65) failed [ 66.924289][ T7746] FAT-fs (loop4): Directory bread(block 66) failed [ 66.924319][ T7746] FAT-fs (loop4): Directory bread(block 67) failed [ 66.924350][ T7746] FAT-fs (loop4): Directory bread(block 68) failed [ 66.924364][ T7746] FAT-fs (loop4): Directory bread(block 69) failed [ 66.924390][ T7746] FAT-fs (loop4): Directory bread(block 70) failed [ 66.924401][ T7746] FAT-fs (loop4): Directory bread(block 71) failed [ 66.924423][ T7746] FAT-fs (loop4): Directory bread(block 72) failed [ 66.924433][ T7746] FAT-fs (loop4): Directory bread(block 73) failed [ 66.933886][ T7750] netlink: 'syz.2.242': attribute type 4 has an invalid length. [ 66.934852][ T7750] netlink: 'syz.2.242': attribute type 7 has an invalid length. [ 66.964060][ T7751] netlink: 'syz.2.242': attribute type 4 has an invalid length. [ 66.964098][ T7751] netlink: 'syz.2.242': attribute type 7 has an invalid length. [ 67.087443][ T7764] FAULT_INJECTION: forcing a failure. [ 67.087443][ T7764] name failslab, interval 1, probability 0, space 0, times 0 [ 67.087476][ T7764] CPU: 1 UID: 0 PID: 7764 Comm: syz.2.246 Not tainted syzkaller #0 PREEMPT [ 67.087485][ T7764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 67.087490][ T7764] Call trace: [ 67.087492][ T7764] show_stack+0x2c/0x3c (C) [ 67.087507][ T7764] __dump_stack+0x30/0x40 [ 67.087514][ T7764] dump_stack_lvl+0xd8/0x12c [ 67.087520][ T7764] dump_stack+0x1c/0x28 [ 67.087525][ T7764] should_fail_ex+0x41c/0x594 [ 67.087532][ T7764] should_failslab+0xc0/0x128 [ 67.087540][ T7764] kmem_cache_alloc_noprof+0x90/0x680 [ 67.087545][ T7764] security_inode_alloc+0x3c/0x324 [ 67.087552][ T7764] inode_init_always_gfp+0x710/0xb84 [ 67.087559][ T7764] alloc_inode+0x80/0x19c [ 67.087565][ T7764] new_inode+0x2c/0x130 [ 67.087571][ T7764] shmem_get_inode+0x2dc/0xcf8 [ 67.087577][ T7764] __shmem_file_setup+0x150/0x2c4 [ 67.087582][ T7764] shmem_file_setup+0x40/0x54 [ 67.087587][ T7764] __arm64_sys_memfd_create+0x36c/0x814 [ 67.087593][ T7764] invoke_syscall+0x98/0x254 [ 67.087599][ T7764] el0_svc_common+0xe8/0x23c [ 67.087604][ T7764] do_el0_svc+0x48/0x58 [ 67.087609][ T7764] el0_svc+0x5c/0x26c [ 67.087617][ T7764] el0t_64_sync_handler+0x84/0x12c [ 67.087623][ T7764] el0t_64_sync+0x198/0x19c [ 67.155318][ T7768] loop2: detected capacity change from 0 to 1024 [ 67.156946][ T7768] EXT4-fs: Ignoring removed oldalloc option [ 67.161215][ T7768] EXT4-fs: Ignoring removed orlov option [ 67.162270][ T7768] EXT4-fs: Ignoring removed oldalloc option [ 67.163265][ T7768] EXT4-fs: Ignoring removed nomblk_io_submit option [ 67.215662][ T6571] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.227662][ T7768] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.308688][ T7776] fuse: Bad value for 'group_id' [ 67.308746][ T7776] fuse: Bad value for 'group_id' [ 68.130431][ T6576] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.162339][ T7777] x_tables: duplicate underflow at hook 1 [ 68.306535][ T7788] loop1: detected capacity change from 0 to 2048 [ 68.310170][ T7788] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 68.310338][ T7788] UDF-fs: Scanning with blocksize 512 failed [ 68.550410][ T7788] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 68.575029][ T7790] loop2: detected capacity change from 0 to 1024 [ 68.578791][ T7790] EXT4-fs: Ignoring removed oldalloc option [ 68.610857][ T7790] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.618637][ T7797] loop1: detected capacity change from 0 to 512 [ 68.622419][ T7797] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 68.625886][ T7797] EXT4-fs (loop1): can't mount with commit=, fs mounted w/o journal [ 68.631988][ T7790] EXT4-fs: Ignoring sb option on remount [ 68.633256][ T7790] EXT4-fs (loop2): stripe (249) is not aligned with cluster size (16), stripe is disabled [ 68.677252][ T7786] loop3: detected capacity change from 0 to 40427 [ 68.702260][ T7786] F2FS-fs (loop3): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288) [ 68.702312][ T7786] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 68.703605][ T7786] F2FS-fs (loop3): Image doesn't support compression [ 68.703631][ T7786] F2FS-fs (loop3): build fault injection rate: 690 [ 68.703986][ T7786] F2FS-fs (loop3): build fault injection type: 0x35f7 [ 68.704547][ T7786] F2FS-fs (loop3): invalid crc value [ 68.721573][ T7790] EXT4-fs (loop2): re-mounted 00000000-0000-0006-0000-000000000000. [ 68.736958][ T7786] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 68.741211][ T7786] F2FS-fs (loop3): Start checkpoint disabled! [ 68.745314][ T7786] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0 [ 68.747578][ T7786] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 68.748759][ T7786] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 69.072880][ T7807] FAULT_INJECTION: forcing a failure. [ 69.072880][ T7807] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 69.076232][ T7807] CPU: 0 UID: 0 PID: 7807 Comm: syz.0.258 Not tainted syzkaller #0 PREEMPT [ 69.076254][ T7807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 69.076261][ T7807] Call trace: [ 69.076266][ T7807] show_stack+0x2c/0x3c (C) [ 69.076285][ T7807] __dump_stack+0x30/0x40 [ 69.076293][ T7807] dump_stack_lvl+0xd8/0x12c [ 69.076299][ T7807] dump_stack+0x1c/0x28 [ 69.076304][ T7807] should_fail_ex+0x41c/0x594 [ 69.076311][ T7807] should_fail_alloc_page+0xec/0x10c [ 69.076319][ T7807] prepare_alloc_pages+0x1d8/0x538 [ 69.076324][ T7807] __alloc_frozen_pages_noprof+0x134/0x318 [ 69.076330][ T7807] alloc_pages_mpol+0x1e4/0x460 [ 69.076335][ T7807] folio_alloc_mpol_noprof+0x4c/0x24c [ 69.076340][ T7807] shmem_alloc_and_add_folio+0x32c/0x10c4 [ 69.076346][ T7807] shmem_get_folio_gfp+0x4d4/0x159c [ 69.076351][ T7807] shmem_write_begin+0x160/0x490 [ 69.076355][ T7807] generic_perform_write+0x244/0x7bc [ 69.076361][ T7807] shmem_file_write_iter+0x10c/0x134 [ 69.076366][ T7807] vfs_write+0x540/0xa3c [ 69.076371][ T7807] ksys_write+0x120/0x210 [ 69.076376][ T7807] __arm64_sys_write+0x7c/0x90 [ 69.076382][ T7807] invoke_syscall+0x98/0x254 [ 69.076387][ T7807] el0_svc_common+0xe8/0x23c [ 69.076392][ T7807] do_el0_svc+0x48/0x58 [ 69.076397][ T7807] el0_svc+0x5c/0x26c [ 69.076404][ T7807] el0t_64_sync_handler+0x84/0x12c [ 69.076410][ T7807] el0t_64_sync+0x198/0x19c [ 69.139124][ T7790] netlink: 12 bytes leftover after parsing attributes in process `syz.2.256'. [ 69.139163][ T7790] netlink: 'syz.2.256': attribute type 1 has an invalid length. [ 69.177040][ T6576] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 69.772822][ T24] cfg80211: failed to load regulatory.db [ 69.820729][ T7824] veth1_to_bridge: entered promiscuous mode [ 69.820783][ T7824] macsec1: entered promiscuous mode [ 69.821256][ T7824] macsec1: entered allmulticast mode [ 69.821461][ T7824] veth1_to_bridge: entered allmulticast mode [ 69.850320][ T7824] veth1_to_bridge: left allmulticast mode [ 69.853145][ T7824] veth1_to_bridge: left promiscuous mode [ 69.961712][ T7830] syz.3.253: attempt to access beyond end of device [ 69.961712][ T7830] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 69.967451][ T7827] F2FS-fs (loop3): inject no more block in inc_valid_block_count of f2fs_map_blocks+0xbf0/0x3204 [ 70.016526][ T7826] Injecting memory failure for pfn 0x13ba26 at process virtual address 0x20001000 [ 70.089379][ T7826] Memory failure: 0x13ba26: clean LRU page still referenced by 1024 users [ 70.092437][ T7826] Memory failure: 0x13ba26: recovery action for clean LRU page: Failed [ 70.727682][ T7850] loop0: detected capacity change from 0 to 1024 [ 70.733377][ T7850] EXT4-fs: Ignoring removed bh option [ 70.737949][ T7850] EXT4-fs: Ignoring removed nobh option [ 70.739062][ T7850] EXT4-fs: inline encryption not supported [ 70.763424][ T7850] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.769532][ T7854] netlink: 8 bytes leftover after parsing attributes in process `syz.1.272'. [ 70.837443][ T7850] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4215: comm syz.0.271: Allocating blocks 497-513 which overlap fs metadata [ 70.848156][ T7855] loop2: detected capacity change from 0 to 32768 [ 70.854241][ T7855] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.270 (7855) [ 70.857545][ T7855] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 70.857597][ T7855] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 70.864132][ T7850] EXT4-fs (loop0): pa 00000000ddcaa6e3: logic 16, phys. 129, len 24 [ 70.864168][ T7850] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 1 [ 70.904676][ T6567] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.960707][ T7855] BTRFS info (device loop2): enabling ssd optimizations [ 70.960732][ T7855] BTRFS info (device loop2): turning on async discard [ 70.960754][ T7855] BTRFS info (device loop2): enabling free space tree [ 70.974312][ T7875] netlink: 28 bytes leftover after parsing attributes in process `syz.0.274'. [ 70.974359][ T7875] netlink: 28 bytes leftover after parsing attributes in process `syz.0.274'. [ 70.980944][ T7870] loop1: detected capacity change from 0 to 4096 [ 71.016088][ T7875] erspan0: entered promiscuous mode [ 71.017554][ T7875] gretap0: entered promiscuous mode [ 71.021628][ T7875] debugfs: 'hsr1' already exists in 'hsr' [ 71.024842][ T7875] Cannot create hsr debugfs directory [ 71.073439][ T7877] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 71.209522][ T7887] FAULT_INJECTION: forcing a failure. [ 71.209522][ T7887] name failslab, interval 1, probability 0, space 0, times 0 [ 71.211742][ T7887] CPU: 0 UID: 0 PID: 7887 Comm: syz.1.279 Not tainted syzkaller #0 PREEMPT [ 71.211758][ T7887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 71.211763][ T7887] Call trace: [ 71.211767][ T7887] show_stack+0x2c/0x3c (C) [ 71.211783][ T7887] __dump_stack+0x30/0x40 [ 71.211790][ T7887] dump_stack_lvl+0xd8/0x12c [ 71.211796][ T7887] dump_stack+0x1c/0x28 [ 71.211801][ T7887] should_fail_ex+0x41c/0x594 [ 71.211808][ T7887] should_failslab+0xc0/0x128 [ 71.211816][ T7887] kmem_cache_alloc_lru_noprof+0x94/0x684 [ 71.211821][ T7887] __d_alloc+0x50/0x690 [ 71.211827][ T7887] d_alloc_pseudo+0x2c/0xd8 [ 71.211832][ T7887] alloc_file_pseudo+0xd0/0x1f4 [ 71.211839][ T7887] __shmem_file_setup+0x254/0x2c4 [ 71.211844][ T7887] shmem_file_setup+0x40/0x54 [ 71.211848][ T7887] __arm64_sys_memfd_create+0x36c/0x814 [ 71.211855][ T7887] invoke_syscall+0x98/0x254 [ 71.211861][ T7887] el0_svc_common+0xe8/0x23c [ 71.211866][ T7887] do_el0_svc+0x48/0x58 [ 71.211871][ T7887] el0_svc+0x5c/0x26c [ 71.211878][ T7887] el0t_64_sync_handler+0x84/0x12c [ 71.211884][ T7887] el0t_64_sync+0x198/0x19c [ 71.296438][ T7882] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.277 (7882) [ 71.302726][ T7890] EXT4-fs: Ignoring removed orlov option [ 71.302786][ T7882] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 71.303028][ T7882] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm [ 71.303398][ T7890] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 71.319394][ T7890] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.414647][ T7882] BTRFS info (device loop0): rebuilding free space tree [ 71.652955][ T7882] BTRFS info (device loop0): disabling free space tree [ 71.653018][ T7882] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 71.653030][ T7882] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 71.664651][ T7882] BTRFS info (device loop0): setting nodatasum [ 71.665361][ T7882] BTRFS info (device loop0): setting nodatacow [ 71.665388][ T7882] BTRFS info (device loop0): turning off barriers [ 71.665401][ T7882] BTRFS info (device loop0): turning on async discard [ 71.665409][ T7882] BTRFS info (device loop0): force clearing of disk cache [ 71.760722][ T7911] EXT4-fs: Ignoring removed orlov option [ 71.760776][ T7911] EXT4-fs: Ignoring removed orlov option [ 71.810960][ T7911] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.825070][ T6576] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 72.360525][ T6571] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.440304][ T7926] netlink: 8 bytes leftover after parsing attributes in process `syz.1.283'. [ 72.540516][ T6137] kworker/u8:16: attempt to access beyond end of device [ 72.540516][ T6137] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 72.541103][ T6137] CPU: 1 UID: 0 PID: 6137 Comm: kworker/u8:16 Not tainted syzkaller #0 PREEMPT [ 72.541114][ T6137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 72.541119][ T6137] Workqueue: writeback wb_workfn (flush-7:3) [ 72.541148][ T6137] Call trace: [ 72.541151][ T6137] show_stack+0x2c/0x3c (C) [ 72.541167][ T6137] __dump_stack+0x30/0x40 [ 72.541175][ T6137] dump_stack_lvl+0xd8/0x12c [ 72.541181][ T6137] dump_stack+0x1c/0x28 [ 72.541186][ T6137] f2fs_handle_critical_error+0x34c/0x4b8 [ 72.541195][ T6137] f2fs_stop_checkpoint+0x5c/0x70 [ 72.541201][ T6137] f2fs_write_end_io+0x770/0xa78 [ 72.541207][ T6137] bio_endio+0x8d4/0x910 [ 72.541213][ T6137] submit_bio_noacct+0xd44/0x186c [ 72.541219][ T6137] submit_bio+0x3b4/0x550 [ 72.541224][ T6137] f2fs_submit_write_bio+0x124/0x324 [ 72.541229][ T6137] __submit_merged_bio+0x224/0x6d4 [ 72.541233][ T6137] __submit_merged_write_cond+0x250/0x4ac [ 72.541238][ T6137] f2fs_write_data_pages+0x1dd4/0x2878 [ 72.541243][ T6137] do_writepages+0x270/0x468 [ 72.541250][ T6137] __writeback_single_inode+0x144/0x16b8 [ 72.541257][ T6137] writeback_sb_inodes+0x73c/0x16b4 [ 72.541265][ T6137] wb_writeback+0x3b4/0xd70 [ 72.541271][ T6137] wb_workfn+0x320/0xdc0 [ 72.541277][ T6137] process_one_work+0x7c0/0x1558 [ 72.541284][ T6137] worker_thread+0x958/0xed8 [ 72.541290][ T6137] kthread+0x5fc/0x75c [ 72.541296][ T6137] ret_from_fork+0x10/0x20 [ 72.542807][ T6137] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 72.596165][ T6568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.664002][ T7939] set_capacity_and_notify: 3 callbacks suppressed [ 72.668697][ T7939] loop4: detected capacity change from 0 to 512 [ 72.669223][ T7939] EXT4-fs: Invalid want_extra_isize 23 [ 72.678943][ T7941] netlink: 8 bytes leftover after parsing attributes in process `syz.3.286'. [ 72.679862][ T7941] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.680745][ T7941] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.728439][ T6567] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 73.190284][ T7973] loop8: detected capacity change from 0 to 8 [ 73.191497][ T7973] Dev loop8: unable to read RDB block 8 [ 73.191631][ T7973] loop8: unable to read partition table [ 73.191794][ T7973] loop8: partition table beyond EOD, truncated [ 73.191818][ T7973] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 73.256337][ T7980] syzkaller0: entered promiscuous mode [ 73.256372][ T7980] syzkaller0: entered allmulticast mode [ 73.272497][ T7983] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.302'. [ 73.376710][ T7994] netlink: 4 bytes leftover after parsing attributes in process `syz.4.308'. [ 73.376823][ T7994] openvswitch: netlink: Tunnel attr 0 has unexpected len 3 expected 8 [ 73.409679][ T7999] netlink: 184 bytes leftover after parsing attributes in process `syz.3.310'. [ 73.411846][ T8001] netlink: 40 bytes leftover after parsing attributes in process `syz.2.311'. [ 73.494495][ T8010] syzkaller0: entered promiscuous mode [ 73.495785][ T8010] syzkaller0: entered allmulticast mode [ 73.695232][ T8032] netlink: 20 bytes leftover after parsing attributes in process `syz.2.325'. [ 73.841329][ T8047] veth0: entered promiscuous mode [ 73.918412][ T8049] netlink: 'syz.4.332': attribute type 4 has an invalid length. [ 73.929216][ T8049] netlink: 'syz.4.332': attribute type 4 has an invalid length. [ 73.966862][ T8054] syzkaller0: entered promiscuous mode [ 73.966895][ T8054] syzkaller0: entered allmulticast mode [ 74.052510][ T8069] syzkaller0: entered promiscuous mode [ 74.052546][ T8069] syzkaller0: entered allmulticast mode [ 74.375894][ T8113] netlink: 'syz.0.357': attribute type 25 has an invalid length. [ 74.385316][ T41] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 74.388118][ T41] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 74.388168][ T41] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 74.388191][ T41] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 74.392867][ T8113] netlink: 'syz.0.357': attribute type 25 has an invalid length. [ 74.431939][ T41] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 74.433620][ T41] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 74.433726][ T41] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 74.433743][ T41] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 75.152555][ T8168] syzkaller0: entered promiscuous mode [ 75.153691][ T8168] syzkaller0: entered allmulticast mode [ 75.157819][ T8168] 0: reclassify loop, rule prio 0, protocol 800 [ 75.504467][ T8187] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.527435][ T8192] netlink: 'syz.3.387': attribute type 13 has an invalid length. [ 75.700319][ T8226] openvswitch: netlink: Unknown nsh attribute 0 [ 75.833063][ T8245] syzkaller0: entered promiscuous mode [ 75.834384][ T8245] syzkaller0: entered allmulticast mode [ 75.838058][ T8247] syzkaller0: entered promiscuous mode [ 75.838096][ T8247] syzkaller0: entered allmulticast mode [ 75.849680][ T8247] tipc: Enabled bearer , priority 0 [ 75.868853][ T8246] tipc: Resetting bearer [ 75.881981][ T8246] tipc: Disabling bearer [ 75.910457][ T8255] __nla_validate_parse: 10 callbacks suppressed [ 75.910744][ T8255] netlink: 12 bytes leftover after parsing attributes in process `syz.1.414'. [ 75.929686][ T8257] netlink: 8 bytes leftover after parsing attributes in process `syz.1.415'. [ 75.929712][ T8257] netlink: 8 bytes leftover after parsing attributes in process `syz.1.415'. [ 76.008318][ T8267] syzkaller0: entered promiscuous mode [ 76.009410][ T8267] syzkaller0: entered allmulticast mode [ 76.058586][ T8274] SET target dimension over the limit! [ 76.111863][ T8281] 8021q: adding VLAN 0 to HW filter on device bond1 [ 76.189833][ T8294] warning: `syz.2.429' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 76.222249][ T8281] infiniband syz0: set active [ 76.223758][ T8281] infiniband syz0: added bond0 [ 76.231637][ T8296] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input3 [ 76.260346][ T8299] syzkaller0: entered promiscuous mode [ 76.262085][ T8281] RDS/IB: syz0: added [ 76.263924][ T8281] smc: adding ib device syz0 with port count 1 [ 76.265378][ T8281] smc: ib device syz0 port 1 has no pnetid [ 76.268105][ T8299] syzkaller0: entered allmulticast mode [ 76.336285][ T8306] syzkaller0: entered promiscuous mode [ 76.336321][ T8306] syzkaller0: entered allmulticast mode [ 76.376718][ T8308] netlink: 12 bytes leftover after parsing attributes in process `syz.4.435'. [ 76.404872][ T6574] Bluetooth: hci4: command tx timeout [ 76.424656][ T6574] block nbd0: Receive control failed (result -32) [ 76.646573][ T8324] netlink: 48 bytes leftover after parsing attributes in process `syz.4.442'. [ 76.707263][ T8330] syzkaller0: entered promiscuous mode [ 76.707289][ T8330] syzkaller0: entered allmulticast mode [ 76.934032][ T8356] tipc: Enabling of bearer rejected, failed to enable media [ 76.980100][ T8364] syzkaller0: entered promiscuous mode [ 76.980140][ T8364] syzkaller0: entered allmulticast mode [ 76.993189][ T8373] netlink: 'syz.2.468': attribute type 25 has an invalid length. [ 76.993221][ T8373] netlink: 4 bytes leftover after parsing attributes in process `syz.2.468'. [ 77.092821][ T8379] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 77.093016][ T8379] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 77.168843][ T8391] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 77.169046][ T8391] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 77.224000][ T8395] tipc: Enabling of bearer rejected, failed to enable media [ 77.271755][ T8403] netlink: 592 bytes leftover after parsing attributes in process `syz.4.480'. [ 77.303240][ T8408] netlink: 'syz.4.482': attribute type 25 has an invalid length. [ 77.303268][ T8408] netlink: 4 bytes leftover after parsing attributes in process `syz.4.482'. [ 77.345575][ T8414] syzkaller0: entered promiscuous mode [ 77.346549][ T8414] syzkaller0: entered allmulticast mode [ 77.430601][ T8424] tipc: Enabling of bearer rejected, failed to enable media [ 77.542774][ T8434] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 77.545726][ T8434] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 77.563738][ T8436] netlink: 'syz.2.495': attribute type 25 has an invalid length. [ 77.563764][ T8436] netlink: 4 bytes leftover after parsing attributes in process `syz.2.495'. [ 77.668855][ T8449] syzkaller0: entered promiscuous mode [ 77.668889][ T8449] syzkaller0: entered allmulticast mode [ 77.674009][ T8450] syzkaller0: entered promiscuous mode [ 77.675073][ T8450] syzkaller0: entered allmulticast mode [ 77.926891][ T8464] loop3: detected capacity change from 0 to 32768 [ 77.937989][ T8464] (syz.3.508,8464,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 77.940430][ T8464] (syz.3.508,8464,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 77.956933][ T8464] (syz.3.508,8464,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 77.959373][ T8464] (syz.3.508,8464,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 77.961860][ T8464] JBD2: Ignoring recovery information on journal [ 77.972252][ T8464] (syz.3.508,8464,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 77.973249][ T8464] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 77.979489][ T8464] (syz.3.508,8464,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 77.985817][ T8464] (syz.3.508,8464,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC. [ 78.040941][ T6572] ocfs2: Unmounting device (7,3) on (node local) [ 78.144017][ T8485] syzkaller0: entered promiscuous mode [ 78.146365][ T8485] syzkaller0: entered allmulticast mode [ 78.306024][ T8499] loop4: detected capacity change from 0 to 40427 [ 78.306428][ T8499] f2fs: Bad value for 'fsync_mode' [ 78.547753][ T8511] sch_tbf: burst 0 is lower than device macvtap0 mtu (1514) ! [ 81.516262][ T8546] tmpfs: Bad value for 'mpol' [ 81.541549][ T8554] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 81.552252][ T8554] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 81.599109][ T8560] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 81.599248][ T8560] Cannot find set identified by id 0 to match [ 81.662367][ T6574] Bluetooth: hci4: link tx timeout [ 81.663916][ T6574] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 81.710057][ T8574] netlink: 8 bytes leftover after parsing attributes in process `syz.1.551'. [ 81.784582][ T8588] process 'syz.1.559' launched './file2' with NULL argv: empty string added [ 81.891556][ T8604] xt_hashlimit: size too large, truncated to 1048576 [ 81.921461][ T8607] netlink: 8 bytes leftover after parsing attributes in process `syz.1.567'. [ 81.921500][ T8607] netlink: 24 bytes leftover after parsing attributes in process `syz.1.567'. [ 81.999916][ T8621] loop1: detected capacity change from 0 to 1024 [ 82.017251][ T8621] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 82.118019][ T8624] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 82.165925][ T6573] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 82.165968][ T6573] Bluetooth: hci3: Injecting HCI hardware error event [ 82.166747][ T6577] Bluetooth: hci3: hardware error 0x00 [ 82.271082][ T8640] netlink: 8 bytes leftover after parsing attributes in process `syz.4.579'. [ 82.273033][ T8640] netlink: 24 bytes leftover after parsing attributes in process `syz.4.579'. [ 82.328170][ T8644] netlink: 44 bytes leftover after parsing attributes in process `syz.4.581'. [ 82.390977][ T8648] netlink: 44 bytes leftover after parsing attributes in process `syz.4.583'. [ 82.768079][ T8657] loop0: detected capacity change from 0 to 128 [ 82.797579][ T8657] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 82.820664][ T6567] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 82.889405][ T6571] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 82.981598][ T8670] netlink: 8 bytes leftover after parsing attributes in process `syz.0.591'. [ 82.981627][ T8670] netlink: 24 bytes leftover after parsing attributes in process `syz.0.591'. [ 83.112784][ T8684] syzkaller0: entered promiscuous mode [ 83.113835][ T8684] syzkaller0: entered allmulticast mode [ 83.122700][ T8684] tipc: Enabled bearer , priority 0 [ 83.124683][ T8683] tipc: Resetting bearer [ 83.136766][ T8683] tipc: Disabling bearer [ 83.193276][ T8694] syzkaller0: entered promiscuous mode [ 83.193316][ T8694] syzkaller0: entered allmulticast mode [ 83.229134][ T6573] Bluetooth: hci3: unexpected cc 0x2031 length: 9 > 1 [ 83.229175][ T6573] Bluetooth: hci3: unexpected event for opcode 0x2031 [ 83.298083][ T8706] Bluetooth: MGMT ver 1.23 [ 83.298140][ T8706] Bluetooth: hci0: unsupported parameter 255 [ 83.298158][ T8706] Bluetooth: hci0: invalid length 0, exp 2 for type 0 [ 83.351765][ T8712] syzkaller0: entered promiscuous mode [ 83.352834][ T8712] syzkaller0: entered allmulticast mode [ 83.474215][ T8725] loop0: detected capacity change from 0 to 64 [ 83.490295][ T8728] loop4: detected capacity change from 0 to 2048 [ 83.493239][ T8729] loop2: detected capacity change from 0 to 128 [ 83.533049][ T8728] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.541230][ T8735] netlink: 8 bytes leftover after parsing attributes in process `syz.2.620'. [ 83.557002][ T6568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.559531][ T8737] syzkaller0: entered promiscuous mode [ 83.559638][ T8737] syzkaller0: entered allmulticast mode [ 83.694883][ T53] Bluetooth: hci4: command 0x0406 tx timeout [ 83.708177][ T8745] loop0: detected capacity change from 0 to 40427 [ 83.709452][ T8745] F2FS-fs (loop0): Fix alignment : internally, start(4096) end(16896) block(12288) [ 83.711412][ T8745] F2FS-fs (loop0): invalid crc value [ 83.719952][ T8745] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 83.721641][ T8745] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 83.734675][ T8745] F2FS-fs (loop0): Try to recover all the superblocks, ret: 0 [ 83.751343][ T8750] f2fs_ckpt-7:0: attempt to access beyond end of device [ 83.751343][ T8750] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 83.754347][ T8750] CPU: 0 UID: 0 PID: 8750 Comm: f2fs_ckpt-7:0 Not tainted syzkaller #0 PREEMPT [ 83.754375][ T8750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 83.754386][ T8750] Call trace: [ 83.754391][ T8750] show_stack+0x2c/0x3c (C) [ 83.754411][ T8750] __dump_stack+0x30/0x40 [ 83.754422][ T8750] dump_stack_lvl+0xd8/0x12c [ 83.754428][ T8750] dump_stack+0x1c/0x28 [ 83.754433][ T8750] f2fs_handle_critical_error+0x34c/0x4b8 [ 83.754443][ T8750] f2fs_stop_checkpoint+0x5c/0x70 [ 83.754450][ T8750] f2fs_write_end_io+0x770/0xa78 [ 83.754456][ T8750] bio_endio+0x8d4/0x910 [ 83.754464][ T8750] submit_bio_noacct+0xd44/0x186c [ 83.754470][ T8750] submit_bio+0x3b4/0x550 [ 83.754476][ T8750] f2fs_submit_write_bio+0x124/0x324 [ 83.754481][ T8750] __submit_merged_bio+0x224/0x6d4 [ 83.754485][ T8750] __submit_merged_write_cond+0x250/0x4ac [ 83.754490][ T8750] f2fs_write_data_pages+0x1dd4/0x2878 [ 83.754495][ T8750] do_writepages+0x270/0x468 [ 83.754503][ T8750] filemap_fdatawrite+0x14c/0x1f4 [ 83.754510][ T8750] f2fs_sync_dirty_inodes+0x2a0/0x788 [ 83.754517][ T8750] f2fs_write_checkpoint+0x708/0x1c28 [ 83.754523][ T8750] __checkpoint_and_complete_reqs+0xf4/0x3d4 [ 83.754530][ T8750] issue_checkpoint_thread+0xcc/0x240 [ 83.754536][ T8750] kthread+0x5fc/0x75c [ 83.754543][ T8750] ret_from_fork+0x10/0x20 [ 83.779567][ T8750] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 83.845640][ T8760] syzkaller0: entered promiscuous mode [ 83.846705][ T8760] syzkaller0: entered allmulticast mode [ 83.978951][ T8770] loop2: detected capacity change from 0 to 128 [ 83.980682][ T8770] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 83.984258][ T8770] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 84.009540][ T8772] loop4: detected capacity change from 0 to 512 [ 84.013100][ T8772] msdos: Unknown parameter 'ts' [ 84.041718][ T8772] loop4: detected capacity change from 0 to 8192 [ 84.138563][ T8779] syzkaller0: entered promiscuous mode [ 84.139831][ T8779] syzkaller0: entered allmulticast mode [ 84.404885][ T6577] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 84.469802][ T8790] syzkaller0: entered promiscuous mode [ 84.469837][ T8790] syzkaller0: entered allmulticast mode [ 84.604702][ T8804] loop1: detected capacity change from 0 to 16 [ 84.620138][ T8804] erofs (device loop1): mounted with root inode @ nid 36. [ 84.668359][ T8814] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 84.668542][ T8814] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 84.711837][ T8816] syzkaller0: entered promiscuous mode [ 84.711867][ T8816] syzkaller0: entered allmulticast mode [ 84.749135][ T8818] syzkaller0: entered promiscuous mode [ 84.749163][ T8818] syzkaller0: entered allmulticast mode [ 84.751761][ T8818] tipc: Enabled bearer , priority 0 [ 84.753089][ T8817] tipc: Resetting bearer [ 84.761866][ T8817] tipc: Disabling bearer [ 84.844979][ T6576] FAT-fs (loop2): error, invalid access to FAT (entry 0xffff0000) [ 84.845020][ T6576] FAT-fs (loop2): Filesystem has been set read-only [ 84.847041][ T6576] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 84.851943][ T8822] loop0: detected capacity change from 0 to 128 [ 84.868625][ T8824] syzkaller0: entered promiscuous mode [ 84.868664][ T8824] syzkaller0: entered allmulticast mode [ 84.875476][ T8822] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 84.904062][ T6567] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 85.043542][ T8842] syzkaller0: entered promiscuous mode [ 85.044576][ T8842] syzkaller0: entered allmulticast mode [ 85.049212][ T8842] tipc: Enabled bearer , priority 0 [ 85.055166][ T8841] tipc: Resetting bearer [ 85.082816][ T8846] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 85.086899][ T8841] tipc: Disabling bearer [ 85.090766][ T8846] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 85.101117][ T8848] syzkaller0: entered promiscuous mode [ 85.102097][ T8848] syzkaller0: entered allmulticast mode [ 85.203942][ T8853] loop3: detected capacity change from 0 to 2048 [ 85.208497][ T8853] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 85.241743][ T8856] FAT-fs (loop0): Directory bread(block 64) failed [ 85.242980][ T8856] FAT-fs (loop0): Directory bread(block 65) failed [ 85.244138][ T8856] FAT-fs (loop0): Directory bread(block 66) failed [ 85.246686][ T8856] FAT-fs (loop0): Directory bread(block 67) failed [ 85.247928][ T8856] FAT-fs (loop0): Directory bread(block 68) failed [ 85.248983][ T8856] FAT-fs (loop0): Directory bread(block 69) failed [ 85.250020][ T8856] FAT-fs (loop0): Directory bread(block 70) failed [ 85.251073][ T8856] FAT-fs (loop0): Directory bread(block 71) failed [ 85.252208][ T8856] FAT-fs (loop0): Directory bread(block 72) failed [ 85.253270][ T8856] FAT-fs (loop0): Directory bread(block 73) failed [ 85.330121][ T8860] binder: BINDER_SET_CONTEXT_MGR already set [ 85.330161][ T8860] binder: 8859:8860 ioctl 4018620d 200002c0 returned -16 [ 85.330417][ T8860] binder: 8859:8860 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 85.330434][ T8860] binder: 8860 RLIMIT_NICE not set [ 86.311973][ T8868] binder: 8859:8868 got transaction to invalid handle, 1 [ 86.312100][ T8868] binder: 8859:8868 cannot find target node [ 86.312332][ T8868] binder: 8859:8868 transaction call to 0:0 failed 3/29201/-22, code 0 size 0-0 line 3232 [ 86.342089][ T8838] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 86.342216][ T8838] block device autoloading is deprecated and will be removed. [ 86.356006][ T8869] syzkaller0: entered promiscuous mode [ 86.540257][ T8869] syzkaller0: entered allmulticast mode [ 86.544853][ T26] binder: undelivered TRANSACTION_ERROR: 29201 [ 86.621966][ T8876] exfat: Deprecated parameter 'utf8' [ 86.627701][ T8876] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 86.708029][ T8881] syzkaller0: entered promiscuous mode [ 86.709169][ T8881] syzkaller0: entered allmulticast mode [ 86.803030][ T8883] syzkaller0: entered promiscuous mode [ 86.804007][ T8883] syzkaller0: entered allmulticast mode [ 86.815279][ T8883] tipc: Enabled bearer , priority 0 [ 86.819762][ T8877] tipc: Resetting bearer [ 86.832541][ T8877] tipc: Disabling bearer [ 87.003260][ T8898] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 87.027130][ T8886] xt_CT: No such helper "netbios-ns" [ 87.138371][ T8898] netlink: 8 bytes leftover after parsing attributes in process `syz.2.687'. [ 87.176647][ T8910] random: crng reseeded on system resumption [ 87.185052][ T26] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 87.227746][ T8915] syzkaller0: entered promiscuous mode [ 87.227776][ T8915] syzkaller0: entered allmulticast mode [ 87.316700][ T8922] syzkaller0: entered promiscuous mode [ 87.318913][ T8922] syzkaller0: entered allmulticast mode [ 87.360337][ T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 87.362976][ T26] usb 1-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 87.365339][ T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.371429][ T26] usb 1-1: config 0 descriptor?? [ 87.378612][ T8896] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 87.415204][ T8925] syzkaller0: entered promiscuous mode [ 87.416317][ T8925] syzkaller0: entered allmulticast mode [ 87.421014][ T8925] tipc: Enabled bearer , priority 0 [ 87.425174][ T8924] tipc: Resetting bearer [ 87.435160][ T8924] tipc: Disabling bearer [ 87.521417][ T8934] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 87.523350][ T8934] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 87.634395][ T8947] syzkaller0: entered promiscuous mode [ 87.634435][ T8947] syzkaller0: entered allmulticast mode [ 87.699409][ T8949] syzkaller0: entered promiscuous mode [ 87.699435][ T8949] syzkaller0: entered allmulticast mode [ 87.936287][ T8896] F2FS-fs (loop0): build fault injection rate: 174 [ 87.936940][ T8973] syzkaller0: entered promiscuous mode [ 87.936952][ T8973] syzkaller0: entered allmulticast mode [ 87.938456][ T8896] F2FS-fs (loop0): build fault injection type: 0x3bfe8c [ 87.941249][ T8896] F2FS-fs (loop0): invalid crc value [ 87.961512][ T8896] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 87.963758][ T8896] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 88.045758][ T26] hid-picolcd 0003:04D8:F002.0001: No report with id 0xf3 found [ 88.048647][ T26] hid-picolcd 0003:04D8:F002.0001: No report with id 0xf4 found [ 88.059380][ T8986] SQUASHFS error: Unable to read directory block [631:72] [ 88.087356][ T8990] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 88.130192][ T8994] netlink: 'syz.4.728': attribute type 9 has an invalid length. [ 88.265397][ T6623] usb 1-1: USB disconnect, device number 2 [ 88.337420][ T9014] syzkaller0: entered promiscuous mode [ 88.337450][ T9014] syzkaller0: entered allmulticast mode [ 88.434050][ T9017] exfat: Deprecated parameter 'utf8' [ 88.435205][ T9017] exfat: Deprecated parameter 'namecase' [ 88.436301][ T9017] exfat: Deprecated parameter 'namecase' [ 88.440204][ T9017] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d) [ 88.450847][ T9017] overlay: ./file0 is not a directory [ 88.484307][ T9019] set_capacity_and_notify: 7 callbacks suppressed [ 88.484352][ T9019] loop1: detected capacity change from 0 to 4096 [ 88.531991][ T9023] netlink: 4 bytes leftover after parsing attributes in process `syz.1.741'. [ 88.539606][ T5637] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 88.539738][ T5637] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 88.539757][ T5637] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 88.539772][ T5637] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 88.540170][ T9023] netlink: 4 bytes leftover after parsing attributes in process `syz.1.741'. [ 88.604104][ T9027] team0 (unregistering): left promiscuous mode [ 88.605657][ T9027] team_slave_0: left promiscuous mode [ 88.605853][ T9027] team_slave_1: left promiscuous mode [ 88.612155][ T9027] team0 (unregistering): Port device team_slave_0 removed [ 88.615955][ T9027] team0 (unregistering): Port device team_slave_1 removed [ 88.658403][ T9029] syzkaller0: entered promiscuous mode [ 88.658436][ T9029] syzkaller0: entered allmulticast mode [ 88.797957][ T6567] syz-executor: attempt to access beyond end of device [ 88.797957][ T6567] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 88.810876][ T6567] CPU: 1 UID: 0 PID: 6567 Comm: syz-executor Not tainted syzkaller #0 PREEMPT [ 88.810913][ T6567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 88.810924][ T6567] Call trace: [ 88.810927][ T6567] show_stack+0x2c/0x3c (C) [ 88.810947][ T6567] __dump_stack+0x30/0x40 [ 88.810955][ T6567] dump_stack_lvl+0xd8/0x12c [ 88.810961][ T6567] dump_stack+0x1c/0x28 [ 88.810966][ T6567] f2fs_handle_critical_error+0x34c/0x4b8 [ 88.810975][ T6567] f2fs_stop_checkpoint+0x5c/0x70 [ 88.810982][ T6567] f2fs_write_end_io+0x770/0xa78 [ 88.810987][ T6567] bio_endio+0x8d4/0x910 [ 88.810994][ T6567] submit_bio_noacct+0xd44/0x186c [ 88.811000][ T6567] submit_bio+0x3b4/0x550 [ 88.811005][ T6567] f2fs_submit_write_bio+0x124/0x324 [ 88.811009][ T6567] __submit_merged_bio+0x224/0x6d4 [ 88.811014][ T6567] __submit_merged_write_cond+0x250/0x4ac [ 88.811019][ T6567] f2fs_write_data_pages+0x1dd4/0x2878 [ 88.811024][ T6567] do_writepages+0x270/0x468 [ 88.811031][ T6567] filemap_fdatawrite+0x14c/0x1f4 [ 88.811038][ T6567] f2fs_sync_dirty_inodes+0x2a0/0x788 [ 88.811044][ T6567] f2fs_write_checkpoint+0x708/0x1c28 [ 88.811050][ T6567] kill_f2fs_super+0x230/0x580 [ 88.811055][ T6567] deactivate_locked_super+0xc4/0x12c [ 88.811062][ T6567] deactivate_super+0xe0/0x100 [ 88.811069][ T6567] cleanup_mnt+0x31c/0x3ac [ 88.811075][ T6567] __cleanup_mnt+0x20/0x30 [ 88.811085][ T6567] task_work_run+0x1dc/0x260 [ 88.811093][ T6567] exit_to_user_mode_loop+0x10c/0x18c [ 88.811099][ T6567] el0_svc+0x17c/0x26c [ 88.811107][ T6567] el0t_64_sync_handler+0x84/0x12c [ 88.811113][ T6567] el0t_64_sync+0x198/0x19c [ 88.836604][ T6567] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 89.333123][ T9052] syzkaller0: entered promiscuous mode [ 89.333167][ T9052] syzkaller0: entered allmulticast mode [ 89.490797][ T9074] tipc: Enabled bearer , priority 0 [ 89.503368][ T9073] tipc: Disabling bearer [ 89.532167][ T9083] team_slave_1: Caught tx_queue_len zero misconfig [ 89.550409][ T9086] syzkaller0: entered promiscuous mode [ 89.550447][ T9086] syzkaller0: entered allmulticast mode [ 89.664834][ T10] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 89.816454][ T10] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 89.816488][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.822045][ T10] usb 1-1: config 0 descriptor?? [ 89.830813][ T10] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 90.132813][ T9088] netlink: 'syz.3.760': attribute type 21 has an invalid length. [ 90.132851][ T9088] netlink: 4 bytes leftover after parsing attributes in process `syz.3.760'. [ 90.136544][ T9088] netlink: 'syz.3.760': attribute type 21 has an invalid length. [ 90.136577][ T9088] netlink: 4 bytes leftover after parsing attributes in process `syz.3.760'. [ 90.148253][ T41] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 90.148588][ T41] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 90.148617][ T41] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 90.148631][ T41] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 90.741527][ T9118] syzkaller0: entered promiscuous mode [ 90.742584][ T9118] syzkaller0: entered allmulticast mode [ 90.847340][ T10] usb 1-1: USB disconnect, device number 3 [ 90.924097][ T9151] syzkaller0: entered promiscuous mode [ 90.925888][ T9151] syzkaller0: entered allmulticast mode [ 91.539652][ T9175] syzkaller0: entered promiscuous mode [ 91.539686][ T9175] syzkaller0: entered allmulticast mode [ 91.848922][ T9199] loop4: detected capacity change from 0 to 1024 [ 91.856994][ T9199] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none. [ 91.862204][ T9199] EXT4-fs (loop4): Online resizing not supported with bigalloc [ 91.888902][ T6568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 92.239246][ T9208] tipc: Started in network mode [ 92.239285][ T9208] tipc: Node identity 86dc1a6a4778, cluster identity 4711 [ 92.239339][ T9208] tipc: Enabled bearer , priority 0 [ 92.259432][ T9190] tipc: Disabling bearer [ 92.350890][ T9224] netlink: 8 bytes leftover after parsing attributes in process `syz.3.792'. [ 92.352395][ T9224] netlink: 'syz.3.792': attribute type 25 has an invalid length. [ 92.353742][ T9224] netlink: 4 bytes leftover after parsing attributes in process `syz.3.792'. [ 92.416761][ T9224] netlink: 8 bytes leftover after parsing attributes in process `syz.3.792'. [ 92.416813][ T9224] netlink: 'syz.3.792': attribute type 25 has an invalid length. [ 92.416824][ T9224] netlink: 4 bytes leftover after parsing attributes in process `syz.3.792'. [ 92.442758][ T9236] loop4: detected capacity change from 0 to 64 [ 92.546777][ T9243] syzkaller0: entered promiscuous mode [ 92.547960][ T9243] syzkaller0: entered allmulticast mode [ 92.555668][ T9245] tipc: Enabled bearer , priority 0 [ 92.559334][ T9244] tipc: Disabling bearer [ 92.623276][ T9253] loop3: detected capacity change from 0 to 1764 [ 92.629680][ T9253] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 92.629861][ T9253] isofs_fill_super: get root inode failed [ 92.685397][ T9257] loop0: detected capacity change from 0 to 8192 [ 92.944355][ T9286] tipc: Enabled bearer , priority 0 [ 92.951233][ T9285] tipc: Disabling bearer [ 92.960282][ T9289] netlink: 'syz.1.817': attribute type 10 has an invalid length. [ 92.970210][ T9289] netlink: 4 bytes leftover after parsing attributes in process `syz.1.817'. [ 93.028520][ T9296] netlink: 156 bytes leftover after parsing attributes in process `syz.4.819'. [ 93.032631][ T9296] netlink: 12 bytes leftover after parsing attributes in process `syz.4.819'. [ 93.073680][ T9301] loop0: detected capacity change from 0 to 512 [ 93.110236][ T9301] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.134500][ T9306] netlink: 8 bytes leftover after parsing attributes in process `syz.4.822'. [ 93.137930][ T9306] netlink: 24 bytes leftover after parsing attributes in process `syz.4.822'. [ 93.151898][ T9301] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #15: comm syz.0.820: corrupted xattr block 32: bad e_name length [ 93.160455][ T9301] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #15: comm syz.0.820: corrupted xattr block 32: bad e_name length [ 93.164136][ T9301] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #15: comm syz.0.820: corrupted xattr block 32: bad e_name length [ 93.175442][ T9301] EXT4-fs error (device loop0): ext4_xattr_block_find:1878: inode #15: comm syz.0.820: corrupted xattr block 32: bad e_name length [ 93.197011][ T6567] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.296410][ T9325] tipc: Enabled bearer , priority 0 [ 93.298810][ T9324] tipc: Disabling bearer [ 93.328531][ T9332] netlink: 12 bytes leftover after parsing attributes in process `syz.4.832'. [ 93.354063][ T9336] trusted_key: syz.4.833 sent an empty control message without MSG_MORE. [ 93.393556][ T9341] loop4: detected capacity change from 0 to 512 [ 93.405439][ T9341] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.837: inode has both inline data and extents flags [ 93.406762][ T9341] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.837: couldn't read orphan inode 15 (err -117) [ 93.407285][ T9341] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.421404][ T6568] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.523717][ T2353] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 93.558986][ T9363] tipc: Enabled bearer , priority 0 [ 93.562496][ T9362] tipc: Disabling bearer [ 93.696924][ T2353] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 93.696955][ T2353] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 93.697208][ T2353] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 93.697225][ T2353] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.699594][ T2353] usb 1-1: config 0 descriptor?? [ 93.840816][ T9399] tipc: Enabled bearer , priority 0 [ 93.843262][ T9398] tipc: Disabling bearer [ 94.112262][ T2353] cp2112 0003:10C4:EA90.0002: unknown main item tag 0x0 [ 94.116908][ T2353] cp2112 0003:10C4:EA90.0002: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0 [ 94.303379][ T9430] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 94.305548][ T9430] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 94.310878][ T2353] cp2112 0003:10C4:EA90.0002: Part Number: 0x82 Device Version: 0xFE [ 94.528416][ T9432] tipc: Enabling of bearer rejected, failed to enable media [ 94.556541][ T9440] netlink: 'syz.4.876': attribute type 25 has an invalid length. [ 94.615972][ T9440] netlink: 'syz.4.876': attribute type 25 has an invalid length. [ 94.776919][ T9456] loop4: detected capacity change from 0 to 32768 [ 94.777611][ T2353] cp2112 0003:10C4:EA90.0002: error setting SMBus config [ 94.779460][ T2353] cp2112 0003:10C4:EA90.0002: probe with driver cp2112 failed with error -71 [ 94.780948][ T2353] usb 1-1: USB disconnect, device number 4 [ 94.808131][ T9456] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 94.819226][ T9456] JBD2: Ignoring recovery information on journal [ 94.835777][ T9456] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 94.849275][ T9464] loop3: detected capacity change from 0 to 256 [ 94.871347][ T9456] [ 94.871746][ T9456] ====================================================== [ 94.872813][ T9456] WARNING: possible circular locking dependency detected [ 94.873836][ T9456] syzkaller #0 Not tainted [ 94.874422][ T9456] ------------------------------------------------------ [ 94.875411][ T9456] syz.4.879/9456 is trying to acquire lock: [ 94.876194][ T9456] ffff0000f6b8ce38 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_xattr_get+0xe8/0x220 [ 94.877575][ T9456] [ 94.877575][ T9456] but task is already holding lock: [ 94.878632][ T9456] ffff0000dd22dce8 (&journal->j_trans_barrier){.+.+}-{4:4}, at: ocfs2_start_trans+0x35c/0x6b0 [ 94.880099][ T9456] [ 94.880099][ T9456] which lock already depends on the new lock. [ 94.880099][ T9456] [ 94.881608][ T9456] [ 94.881608][ T9456] the existing dependency chain (in reverse order) is: [ 94.882941][ T9456] [ 94.882941][ T9456] -> #3 (&journal->j_trans_barrier){.+.+}-{4:4}: [ 94.884166][ T9456] down_read+0x58/0x308 [ 94.884888][ T9456] ocfs2_start_trans+0x35c/0x6b0 [ 94.885677][ T9456] ocfs2_shutdown_local_alloc+0x1ac/0x7e4 [ 94.886621][ T9456] ocfs2_dismount_volume+0x1cc/0x8c4 [ 94.887495][ T9456] ocfs2_put_super+0xd4/0x320 [ 94.888243][ T9456] generic_shutdown_super+0x12c/0x2b8 [ 94.889085][ T9456] kill_block_super+0x44/0x90 [ 94.889852][ T9456] deactivate_locked_super+0xc4/0x12c [ 94.890680][ T9456] deactivate_super+0xe0/0x100 [ 94.891468][ T9456] cleanup_mnt+0x31c/0x3ac [ 94.892180][ T9456] __cleanup_mnt+0x20/0x30 [ 94.892871][ T9456] task_work_run+0x1dc/0x260 [ 94.893594][ T9456] exit_to_user_mode_loop+0x10c/0x18c [ 94.894395][ T9456] el0_svc+0x17c/0x26c [ 94.895030][ T9456] el0t_64_sync_handler+0x84/0x12c [ 94.895849][ T9456] el0t_64_sync+0x198/0x19c [ 94.896609][ T9456] [ 94.896609][ T9456] -> #2 (sb_internal#5){.+.+}-{0:0}: [ 94.897752][ T9456] ocfs2_start_trans+0x1f4/0x6b0 [ 94.898518][ T9456] ocfs2_xattr_set+0xac4/0xe9c [ 94.899258][ T9456] ocfs2_set_acl+0x574/0x628 [ 94.900007][ T9456] ocfs2_iop_set_acl+0x190/0x25c [ 94.900787][ T9456] vfs_set_acl+0x704/0x96c [ 94.901530][ T9456] do_set_acl+0xe0/0x1a8 [ 94.902238][ T9456] file_setxattr+0x210/0x294 [ 94.902983][ T9456] path_setxattrat+0x2ac/0x320 [ 94.903798][ T9456] __arm64_sys_fsetxattr+0xc0/0xdc [ 94.904660][ T9456] invoke_syscall+0x98/0x254 [ 94.905401][ T9456] el0_svc_common+0xe8/0x23c [ 94.906118][ T9456] do_el0_svc+0x48/0x58 [ 94.906813][ T9456] el0_svc+0x5c/0x26c [ 94.907470][ T9456] el0t_64_sync_handler+0x84/0x12c [ 94.908265][ T9456] el0t_64_sync+0x198/0x19c [ 94.908993][ T9456] [ 94.908993][ T9456] -> #1 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}: [ 94.910580][ T9456] down_write+0x50/0xc0 [ 94.911235][ T9456] ocfs2_reserve_suballoc_bits+0x130/0x3ea0 [ 94.912139][ T9456] ocfs2_reserve_new_metadata_blocks+0x368/0x810 [ 94.913084][ T9456] ocfs2_init_xattr_set_ctxt+0x300/0x778 [ 94.913989][ T9456] ocfs2_xattr_set+0x920/0xe9c [ 94.914707][ T9456] ocfs2_set_acl+0x574/0x628 [ 94.915402][ T9456] ocfs2_iop_set_acl+0x190/0x25c [ 94.916155][ T9456] vfs_set_acl+0x704/0x96c [ 94.916835][ T9456] do_set_acl+0xe0/0x1a8 [ 94.917493][ T9456] file_setxattr+0x210/0x294 [ 94.918197][ T9456] path_setxattrat+0x2ac/0x320 [ 94.918928][ T9456] __arm64_sys_fsetxattr+0xc0/0xdc [ 94.919705][ T9456] invoke_syscall+0x98/0x254 [ 94.920484][ T9456] el0_svc_common+0xe8/0x23c [ 94.921264][ T9456] do_el0_svc+0x48/0x58 [ 94.921938][ T9456] el0_svc+0x5c/0x26c [ 94.922545][ T9456] el0t_64_sync_handler+0x84/0x12c [ 94.923319][ T9456] el0t_64_sync+0x198/0x19c [ 94.924042][ T9456] [ 94.924042][ T9456] -> #0 (&oi->ip_xattr_sem){++++}-{4:4}: [ 94.925181][ T9456] __lock_acquire+0x1774/0x30a4 [ 94.925940][ T9456] lock_acquire+0x140/0x2e0 [ 94.926687][ T9456] down_read+0x58/0x308 [ 94.927331][ T9456] ocfs2_xattr_get+0xe8/0x220 [ 94.928024][ T9456] ocfs2_xattr_security_get+0x40/0x54 [ 94.928842][ T9456] __vfs_getxattr+0x394/0x3c0 [ 94.929527][ T9456] smk_fetch+0xc4/0x150 [ 94.930146][ T9456] smack_d_instantiate+0x53c/0x7a4 [ 94.930890][ T9456] security_d_instantiate+0x100/0x204 [ 94.931705][ T9456] d_instantiate+0x5c/0xac [ 94.932396][ T9456] ocfs2_mknod+0x14fc/0x1cf0 [ 94.933144][ T9456] ocfs2_create+0x178/0x474 [ 94.933909][ T9456] path_openat+0x143c/0x3114 [ 94.934617][ T9456] do_filp_open+0x18c/0x36c [ 94.935317][ T9456] do_sys_openat2+0x11c/0x1f0 [ 94.936082][ T9456] __arm64_sys_openat+0x120/0x158 [ 94.936965][ T9456] invoke_syscall+0x98/0x254 [ 94.937717][ T9456] el0_svc_common+0xe8/0x23c [ 94.938456][ T9456] do_el0_svc+0x48/0x58 [ 94.939080][ T9456] el0_svc+0x5c/0x26c [ 94.939750][ T9456] el0t_64_sync_handler+0x84/0x12c [ 94.940546][ T9456] el0t_64_sync+0x198/0x19c [ 94.941262][ T9456] [ 94.941262][ T9456] other info that might help us debug this: [ 94.941262][ T9456] [ 94.942645][ T9456] Chain exists of: [ 94.942645][ T9456] &oi->ip_xattr_sem --> sb_internal#5 --> &journal->j_trans_barrier [ 94.942645][ T9456] [ 94.944719][ T9456] Possible unsafe locking scenario: [ 94.944719][ T9456] [ 94.945755][ T9456] CPU0 CPU1 [ 94.946468][ T9456] ---- ---- [ 94.947252][ T9456] rlock(&journal->j_trans_barrier); [ 94.947955][ T9456] lock(sb_internal#5); [ 94.948950][ T9456] lock(&journal->j_trans_barrier); [ 94.950104][ T9456] rlock(&oi->ip_xattr_sem); [ 94.950776][ T9456] [ 94.950776][ T9456] *** DEADLOCK *** [ 94.950776][ T9456] [ 94.951878][ T9456] 8 locks held by syz.4.879/9456: [ 94.952588][ T9456] #0: ffff0000c5fc0420 (sb_writers#25){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c [ 94.953913][ T9456] #1: ffff0000f6b91800 (&type->i_mutex_dir_key#18){+.+.}-{4:4}, at: path_openat+0x868/0x3114 [ 94.955444][ T9456] #2: ffff0000f6b8ed80 (&ocfs2_sysfile_lock_key[INODE_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x130/0x3ea0 [ 94.957481][ T9456] #3: ffff0000f6b95100 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x130/0x3ea0 [ 94.959565][ T9456] #4: ffff0000f6b889c0 (&ocfs2_sysfile_lock_key[LOCAL_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_local_alloc_bits+0x104/0x26a8 [ 94.961571][ T9456] #5: ffff0000c5fc0610 (sb_internal#5){.+.+}-{0:0}, at: ocfs2_mknod+0xc30/0x1cf0 [ 94.962955][ T9456] #6: ffff0000dd22dce8 (&journal->j_trans_barrier){.+.+}-{4:4}, at: ocfs2_start_trans+0x35c/0x6b0 [ 94.964631][ T9456] #7: ffff0000cb8e6950 (jbd2_handle#2){.+.+}-{0:0}, at: start_this_handle+0xe4c/0x10dc [ 94.966083][ T9456] [ 94.966083][ T9456] stack backtrace: [ 94.966929][ T9456] CPU: 1 UID: 0 PID: 9456 Comm: syz.4.879 Not tainted syzkaller #0 PREEMPT [ 94.968151][ T9456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 94.969574][ T9456] Call trace: [ 94.970070][ T9456] show_stack+0x2c/0x3c (C) [ 94.970734][ T9456] __dump_stack+0x30/0x40 [ 94.971363][ T9456] dump_stack_lvl+0xd8/0x12c [ 94.972015][ T9456] dump_stack+0x1c/0x28 [ 94.972655][ T9456] print_circular_bug+0x324/0x32c [ 94.973386][ T9456] check_noncircular+0x154/0x174 [ 94.974071][ T9456] __lock_acquire+0x1774/0x30a4 [ 94.974780][ T9456] lock_acquire+0x140/0x2e0 [ 94.975456][ T9456] down_read+0x58/0x308 [ 94.976000][ T9456] ocfs2_xattr_get+0xe8/0x220 [ 94.976625][ T9456] ocfs2_xattr_security_get+0x40/0x54 [ 94.977390][ T9456] __vfs_getxattr+0x394/0x3c0 [ 94.978062][ T9456] smk_fetch+0xc4/0x150 [ 94.978693][ T9456] smack_d_instantiate+0x53c/0x7a4 [ 94.979444][ T9456] security_d_instantiate+0x100/0x204 [ 94.980237][ T9456] d_instantiate+0x5c/0xac [ 94.980844][ T9456] ocfs2_mknod+0x14fc/0x1cf0 [ 94.981472][ T9456] ocfs2_create+0x178/0x474 [ 94.982114][ T9456] path_openat+0x143c/0x3114 [ 94.982774][ T9456] do_filp_open+0x18c/0x36c [ 94.983426][ T9456] do_sys_openat2+0x11c/0x1f0 [ 94.984123][ T9456] __arm64_sys_openat+0x120/0x158 [ 94.984885][ T9456] invoke_syscall+0x98/0x254 [ 94.985561][ T9456] el0_svc_common+0xe8/0x23c [ 94.986212][ T9456] do_el0_svc+0x48/0x58 [ 94.986843][ T9456] el0_svc+0x5c/0x26c [ 94.987421][ T9456] el0t_64_sync_handler+0x84/0x12c [ 94.988213][ T9456] el0t_64_sync+0x198/0x19c [ 95.020177][ T6568] ocfs2: Unmounting device (7,4) on (node local)