last executing test programs: 2m18.098535843s ago: executing program 1 (id=2983): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000080)='./file2\x00', 0x4800, &(0x7f0000000100)=ANY=[], 0x1, 0x6bb, &(0x7f00000018c0)="$eJzs3c1vXFfdB/DvHY8dT9ombpq0eR5VqtVIgIhI7FgpmA0BIWSkCqGyYG0lTmNlkhbHRW6FqMPrtov+Ad1kg1ghsWITqbBgA7vukJeVkNh0g1kNujN3XjJ+m+bF45TPJ7pzzj3nnnN/93fvnbfImgD/s5bOp34/RZbOv75Rrm/dW2hu3Vu41a0nOZZkM6knqSUp/t1qtT5OriRFb5piqNzhw9XFNz75bOvTzlq9Wtrb1/YbN6TabnOoebPbNptkoiofwQPzXX3k+Ype5FeSnKtKGLvJJK3WZFo9P/nrs72esvNkp2zsNnr68AIFnpii87pZvhjXBttnkuPVjV6+D+i+8tbGEuQIjo243fA7CAAAAHjajPIZ+OR2trNRnDiEcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOALYbP/+/9FtdS69dkU3d//n6raUtWPllc+3+b3n1QcAAAAAAAAAHCIXtnOdjZyorveKtr/5/9qe+V0+/GZvJM7WclaLmQjy1nPetYyn2RmYKKpjeX19bX5EUZe2nXkpQMCPVaVjcdz3AAAAAAAAADwBfOLLPX//x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI6CIpnoFCnuDjTPpFZPMp1kqmzYTP7erT/N7o87AAAAADgEJ7eznY2c6K63ipxO8mL7O4DpvJPbWc9q1tPMSq61vxfofOqvbd1baG7dW7hVLjvn/fa/HlidPiCM9ozpfPew+57Ptrdo5HpW2y0XcjVvpZlrqbVHls5W8XRnHYrrbhlT8a3KiAm6VpXlkX9QlTu8P+Jk+xv+MqWx/xcsM+2MTPYyMlfFVmbj+e6Z2f0MDZ2dgwzvaT61XmCnh/Y0FPBD5fx4VZbH85u9cj4Ww5m4NHD1vbh/zpMv//H3P56r6kfnkEYzUZWt9mNjZyYWBjLx0iiZuNG8ffPG9Tvnn7ZM7DDXzsSZ3vpSvpcf5Xxm88OsZTU/zXLWs5LZfLddW65OfjFwe++RqSudYnK33S71E9fN+1R1hU5UrZ8nplfbY09kNT/IW7mWlbzW/ncp8/l6LudyFgfO8Jn9z3D7rq89cNf3XwFaz+2axnNfqSrl095vq3JXe3Y8KWVenx/I6+Bz7ky7b7Cln6VTB2epTMsDz41/2j+U+v9XlXIfvxw49+M3nIn5gUy8sF8muhfynebtm2s3lt8ebXenPhgY/usj9ZRaXi+nypOV7gnqXx1l3wvdvqF8lX2ne321HX1nen2dO3Vzzzt1qnoPt3OmS+2+l3btW2j3nR3o2+391sHv5gAYs+NfPT7V+Gfjb42PGr9q3Gi8Pv2dY9849vJUJv88+c363MSXai8Xf8hH+Xn/8z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDw7rz73s3lZnNlbajSarXe36Or2TqZ7NH1cJXanmGUlfoBoe6oZPYfz5QDui2t9Lq6P2f2GIM/qPJ/zyajj6p+gSedlvrjzfMYK/9ptVpVS7HHNr/7y85EPTdS6qZGvzYOqExXV3jlSKSuqtQPeadjekICDs3F9VtvX7zz7ntfW721/ObKmyu3Fy9fXpxbvPzawsXrq82Vuc7juKMEnoT+i/64IwEAAAAAAAAAAABGNdrfA+SR/pxg3McIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPN2Wzqd+P0Xm5y7Mletb9xaa5dKt97esJ6klKX6WFB8nV9JZMjMwXbHXfj5cXXzjk8+2Pu3PVS75/tUDxo1ms1oym2SiU959XPNdrcp9FfsdQtE7wjJh57qJg3H7bwAAAP//EOj9JQ==") r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r4) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x84c00, 0x0, 0x0, 0x0, &(0x7f0000000000)) socket$unix(0x1, 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0x189) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r5, 0xffffffffffffffff, 0x0) 2m16.877290503s ago: executing program 1 (id=2986): syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file1\x00', 0x8800d0, 0x0, 0x0, 0x0, 0x0) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14000000"], &(0x7f0000000000), 0x0) 2m16.651191459s ago: executing program 1 (id=2988): bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000ae000000b703000007000000850000000e000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48) close(r1) 2m15.812567004s ago: executing program 1 (id=2991): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0) mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) 2m13.944639777s ago: executing program 1 (id=2998): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0) r2 = syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000640)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x34, r2, 0x300, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x6}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x3}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xffff}]}, 0x34}, 0x1, 0x0, 0x0, 0x8800}, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000300)={&(0x7f00008a0000/0x3000)=nil, &(0x7f0000000000/0xc00000)=nil, &(0x7f00006f1000/0x3000)=nil, &(0x7f00005da000/0x3000)=nil, &(0x7f0000b43000/0x4000)=nil, &(0x7f0000581000/0x2000)=nil, &(0x7f00001d1000/0x4000)=nil, &(0x7f00007e6000/0x3000)=nil, &(0x7f00006a0000/0x4000)=nil, &(0x7f00006bd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0, r7}, 0x68) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map, r9, 0x7}, 0x10) socketpair(0x18, 0xa, 0x2, &(0x7f00000003c0)) r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffffff00000000000000000d00010075"], 0x54}, 0x1, 0x0, 0x0, 0x40}, 0x0) 2m11.892015702s ago: executing program 1 (id=3011): syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/net\x00') prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = socket$inet6_icmp(0xa, 0x2, 0x3a) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e05, 0x1, @mcast1, 0x7}, 0x1c) sendto$inet6(r3, &(0x7f00000001c0), 0x0, 0x20004840, 0x0, 0x0) recvmmsg(r3, &(0x7f0000000bc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/7, 0x7}, 0x1}], 0x40000000000025b, 0x40000002, 0x0) accept$unix(0xffffffffffffffff, 0x0, &(0x7f0000000000)) 2m11.429797652s ago: executing program 32 (id=3011): syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/net\x00') prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = socket$inet6_icmp(0xa, 0x2, 0x3a) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e05, 0x1, @mcast1, 0x7}, 0x1c) sendto$inet6(r3, &(0x7f00000001c0), 0x0, 0x20004840, 0x0, 0x0) recvmmsg(r3, &(0x7f0000000bc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/7, 0x7}, 0x1}], 0x40000000000025b, 0x40000002, 0x0) accept$unix(0xffffffffffffffff, 0x0, &(0x7f0000000000)) 1m8.174833714s ago: executing program 2 (id=3263): syz_mount_image$exfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x2, 0x1509, &(0x7f0000001c40)="$eJzs3Au0jtXWOPA511oPm8Sb5L7mmg9vclkkSS4JiSRJjiS5JSRJkoTEJrckJCH3JPeQ3EJyv99yT5IjSZKQkGT9h079nXM63+l83znn842z52+MZ+w19/vO+c5nz733+zxrjL2/7jCoSr2qleowM/xT8E8fUgEgBQD6AkAWAIgAoGTWklkBh0IGjan/3IuIf60Hpl7pDsSVJPNP22T+aZvMP22T+adtMv+0Teaftsn80zaZvxBp2dZpua6RI+0e/3v7/yD7///nyPv/f5DDRUd/vr7odR3/Gyky/7RN5p+2yfzTNpl/2ibzT9tk/v/hIoCKf+dhmX/aJvMXIi270vvPclzZ40p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPy6vtJ9CSGEEEIIIYQQ4l8npP/zKN2Va0QIIYQQQgghhBD/RggKNBiIIB2khxTIABnhKsgEV0NmyAIJuAaywrWQDa6D7JADckIuyA15IC9YIHDAEEM+yA9JuB4KwA1QEApBYSgCHopCMbgRisNNUAJuhpJwC5SCW6E0lIGyUA5ug/JwO1SAilAJ7oDKcCdUgapwF1SDu6E63AM14F6oCfdBLbgfasMfoA48AHXhQagHD0F9eBgaQENoBI2hyf8o/3noAi9AV+gGqdAdesCL0BN6QW/oA33hJegHL0N/eAUGwEAYBK/CYHgNhsDrMBSGwXB4A0bASBgFo2EMjIVx8CaMh7dgArwNE2ESTIYpMBWmwXR4B2bATJgF78JseA/mwFyYB/NhAbwPC2ERLIYPYAl8CEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+Ej2AbbYQfshF2wG/bAx7AXPoF98Cnsh8/+Oj/L388/+1f5HREQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jArJgVs2E2zI7ZMSfmxNyYG/NiXiQkZGTMh/kwiUksgAWwIBbEwlgYPXoshsWwON6EJbAElsSSWApLYWksg2WwHJbD8lgeK2AFrISVsDJWxipYBe/Cu/BurI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT2sj/WxATbARtgIm2ATbIpNsRk2wxbYAltiS2yFrbA1tsY22AbbYltsh+2wPbbHDtgBO2In7ITP4/P4Ar6A3bCy6o49sAf2xJ7YG/tgH3wJ++HL+DK+ggNwIA7CV/FVfA2H4BkcisNwOA7H8mokjsLRyGosjsNxOB7H4wScgBNxEk7CKTgVp+F0nI4zcCbOxHdxNr6H7+FcnIvzcQEuwIW4CBfjYlyCZ3EpLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAt+hB/hdtyOO3En7sbd+DF+jJ/gJzgA9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwv4bO4v6+4utG4AqEuMMiqdSqdSVIrKqDKqTCqTyqwyq4RKqKwqq8qmsqnsKrvKqXKq3Cq3yqvyKlKkWMUqn8qnkiqpCqgCqqAqqAqrwsorr4qpYqq4Kq5KqBKqpLpFlVK3qtKqjGruy6lyqrxq4SuoiqqSqqQqqztVFVVVVVXVVDVVXVVXNVQNVVPVVLXU/aq26o698QF1aTL11ECsrwZhA9VQNVKN1Wv4iGqqhmAz1Vy1UI+pYTgUW6mmvrV6UrVRo7CtelqNxmdUezUWO6jnVEfVSXVWz6suqpnv+ut2p5qCPVUv1Vv1UTPwTnVpYlXUK2qAGqgGqVfVfHxNDVGvq6FqmBqu3lAj1Eg1So1WY9RYNU69qcart9QE9baaqCapyWqKmqqmqenqHTVDzVSz1LtqtnpPzVFz1Tw1Xy1Q76uFapFarD5QS9SHaqlapparFWqlWqVWqzVqrVqn1qsNaqPapDarLWqr+khtU9vVDrVT7VK71R71sdqrPlH71Kdqv/pMHVB/VAfV5+qQ+kIdVl+qI+ordVR9rY6pb9Rx9a06oU6qU+o7dVp9r86os+qc+kGdVz+qC+ondVEFBRq10lobHel0Or1O0Rl0Rn2VBn21zqyz6IS+RmfV1+ps+jqdXefQOXUunVvn0Xm11aSdZh3rfDq/TurrdQF9gy6oC+nCuoj2uqgupm/UxfVNuoS+WZfUt+hS+lZdWpfRZXU5fZsur2/XFXRFXUnfoSvrO3UVXVXfpavpu3V1fY+uoe/VNfV9upa+X9fWf9B19AO6rn5Q19MP6fr6Yd1AN9SNdGPdRD+im+pHdTPdXLfQj+mW+nHdSj+hW+sndRv9lG6rn9bt9DO6vX5Wd9DP6Y66k+6sf9IXddBddTedqrvrHvpF3VP30r11H91Xv6T76Zd1f/2KHqAH6kH6VT1Yv6aH6Nf1UD1MD9dv6BF6pB6lR+sxeqwep9/U4/VbeoJ+W0/Uk/RkPUVP1dN0718qzfoH8t/6G/n9f371LXqr/khv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+gv9On9ff6jD6rz+of9Hl9Xl/45WsABo0y2hgTmXQmvUkxGUxGc5XJZK42mU0WkzDXmKzmWpPNXGeymxwmp8llcps8Jq+xhowzbGKTz+Q3SXO9KWBuMAVNIVPYFDHeFDXFzI3/dP7v9dfENDFNTVPTzDQzLUwL09K0NK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1Xk2pSTQ/zoulpepnepo/pa14y/Uw/09/0NwPMADPIDDKDzWAzxAwxQ81QM9wMNyPMCDPKjDJjzBgzzowz4814M8FMMBPNRDPZTDZTzVQz3Uw3M8wMM8vMMrPNbDPHzDHzzDyzwCwwC81Cs9gsNkvMErPULDPLzAqzwqwyq8was8asM+vMBrPBbDKbzFKz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWFzxBwxR81Rc8wcM8fNcXPCnDCnzClz2pw2Z8wZc86cM+fNeXPBXDAXzcVLl32RilRkIhOli9JFKVFKlDHKGGWKMkWZo8xRIkpEWaOsUbbouih7lCPKGeWKckd5olSwEUUu4iiO8kX5o2R0fVQguiEqGBWKCkdFIh8VjYpFN0bFo5uiEtHNUcnolqhUdGtUOioTlY3KRbdF5aPbowpRxahSdEdUObozqhJVje6KqkV3R9Wje6Ia0b1Rzei+qFZ0f1Q7+kNUJ3ogqhs9GNWLHorqRw9HDaKGUaOocdTkX1o/hDM5HvVdbTebarvbHvZF29P2sr1tH9vXvmT72Zdtf/uKHWAH2kH2VTvYvmaH2NftUDvMDrdv2BF2pB1lR9sxdqwdZ9+04+1bdoJ92060k+xkO8VOtdPsdPuOnWFn2ln2XTvbvmfn2Ll2np1vF9j37UK7yC62H9gl9kO71C6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9V+ZLfZ7XaH3Wl32d12j/3Y7rWf2H32U7vffmYP2D/ag/Zze8h+YQ/bL+0R+5U9ar+2x+w39rj91p6wJ+0p+509bb+3Z+xZe87+YM/bH+0F+5O9aMOli/tLb+9kyFA6SkcplEIZKSNlokyUmTJTghKUlbJSNspG2Sk75aSclJtyU17KS5cwMeWjfJSkJBWgAlSQClJhKkyePBWjYlScilMJKkElqSSVolJUmkpTWSpLt9FtdDvdThWpIt1Bd9CddCdVpapUjapRdapONagG1aSaVItqUW2qTXWoDtWlulSP6lF9qk8NqAE1okbUhJpQU2pKzagZtaAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSZ+pMXagLdaWulEqp1IN6UE/qSb2pN/WlvtSP+lF/6k8DaAANokE0mAbTEBpCQ2kYDac3aASNpFE0msbQWBpH42g8jacJNIEm0kSaTJNpKk2l6TSdZtAMmkWzaDbNpjk0h+bRPFpAC2ghLaTFtJiW0BJaSktpOS2nlbSSVtNqWktraT2tp420kTbTZtpKW2kbbaMdtIN20S7aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6QSfoFJ2i03SaztAZOkfn6Dz9SBfoJ7pIgVKcgozuKpfJXe0yuywuxWVwl+IIAC7FOV0ul9vlcXmdddldjr+IyTlX0BVyhV0R511RV8zd+Ju4tCvjyrpy7jZX3t3uKvwmrubudtXdPa6Gu9dVdXf9RVzT3edquYdcbfewq+MaurqusavnHnL13cOugWvoGrnGrqV73LVyT7jW7knXxj31m3ihW+TWunVuvdvg9rpP3Dn3gzvqvnbn3Y+uq+vm+rqXXD/3suvvXnED3MDfxMPdG26EG+lGudFujBv7m3iym+KmumluunvHzXAzfxMvcO+72W6xm+Pmunlu/s/xpZ4Wuw/cEvehW+qWueVuhVvpVrnVbs3/73WF2+Q2uy1uj/vYbXPb3Q630+1yu3+OL53HPvep2+8+c0fcV+6g+9wdcsfcYfflz/Gl8zvmvnHH3bfuhDvpTrnv3Gn3vTvjzv58/pfO/Tv3k7voggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5AlfkSnwHVw6Bq3BVvour8d1cne/hGnwv1+T7uBbfz7X5D1yHH+C6/CDX44e4Pj/MDbghN+LG3IQf4ab8KDfj5tyCH+OW/Di34ie4NT/JbfgpbstPczt+htvzs9yBn+OO3Ik78/PchV/grtyNU7k79+AXuSf34t7ch/vyS9yPX+b+/AoP4IE8iF/lwfwaD+HXeSgP4+H8Bo/gkTyKR/MYHsvj+E0ez2/xBH6bJ/IknsxTeCpP4+n8Ds/gmTyL3+XZ/B7P4bk8j+fzAn6fF/IiXswf8BL+kJfyMl7OK3glr+LVvIbX8jpezxt4I2/izbyFt/JHvI238w7eybt4N+/hj3kvf8L7+FPez5/xAf4jH+TP+RB/wYf5Sz7CX/FR/pqP8Td8nL/lE3yST/F3fJq/5zN8ls/xD3yef+QL/BNf5MAQY6xiHZs4itPF6eOUOEOcMb4qzhRfHWeOs8SJ+Jo4a3xtnC2+Ls4e54hzxrni3HGeOG9sY4pdzHEc54vzx8n4+rhAfENcMC4UF46LxD4uGheLb4yLxzfFJeKb45LxLXGp+NYYUsvED91bLr4tLh/fHleIK8aV4jviyvGdcZW4anxXXC2+O64e3xPXiO+NS8T3xbXi++Pa8R/iOvEDcd34wbhe/FBcP344bhA3jBvFjeMm8SNx0/jRuFncPG4RPxa3jB+PW8VPxK3jJ+M28VO/+3hq3D3uEb8YvxiHcI/65T4xuTC5KLk4+UFySfLD5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTm5JZkCFXTg0evvPbGRz6dT+9TfAaf0V/lM/mrfWafxSf8NT6rv9Zn89f57D6Hz+lz+dw+j8/rrSfvPPvY5/P5fdJf7wv4G3xBX8gX9kW890V9Md/YN/FNfFP/qG/mm/sW/jH/mH/cP+6f8E/4J30b/5Rv65/27fwzvr1/1j/rn/MdfSff2T/vu/gXfFffzaf6VN/D9/A9fU/f2/f2fX1f38/38/19fz/AD/CD/CA/2A/2Q/wQP9QP9cP9cD/Cj/Cj/Cg/xo/x4/w4P96P9xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD+74Gw/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/hD/sv/RH/lT/qv/bH/Df+uP/Wn/An/Sn/nT/tv/dn/Fl/zv/gz/sf/QX/k7/ogx+XeDMxPvFWYkLi7cTExKTE5MSUxNTEtMT0xDuJGYmZiVmJdxOzE+8l5iTmJuYl5icWJN5PLEwsSixOfJBYkvgwsTSxLLE8sSKxMrEqEUKebXHIF/KHZLg+FAg3hIKhUCgcigQfioZi4cZQPNwUSoSbQ8lwSygVbg2lQ5lQNjwcGoSGoVFoHJqER0LT8GhoFpqHFuGx0DI8HlqFJ0Lr8GRoE54KbcPToV14JrQPz4YO4bnQMXQKncPzoUt4IXQN3UJq6B56hBdDz9Ar9A59Qt/wUugXXg79wythQBgYBoVXw+DwWhgSXg9Dw7AwPLwRRoSRYVQYHcaEsWFceDOMD2+FCeHtMDFMCpPDlDA1TAvTwzthRpgZZoV3w+zwXpgT5oZ5YX5YEN4PC8OisDh8EJaED8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBR2Ba2hx1hZ9gVdoc94eOwN3wS9oVPw/7wWTgQ/hgOhs/DofBFOBy+DEfCV+Fo+DocC9+E4+HbcCKcDKfCd+F0+D6cCWfDufBDOB9+DBfCT+Gi/M2aEEIIIcQ/RP/O493/xufSAcCvt0Q9AODq7bkO/3XNjdn/tO6lcrdMAMCT3To88OtRuXJqauovz12qIco/FwASf1n/13gZtIDHoTU0h+J/s79eqtN5/p36yVsAMv5ZTgpcji/Xv+m/qP/IY8MXlorPZf079ecCFMx/OScDXI4v1y/xX9TP0fR3+s/w+TiAZn+Wkwkux5frF4NH4Slo/RfPFEIIIYQQQggh/qSXKtvu9+6fL92f5zaXc9LD5fj37s+FEEIIIYQQQghx5T3TqfMTj7Ru3bzdP7bAX/YF/ntZspDFf84iwy8/Ov9X+vk3La7kbyUhhBBCCCHEv8Pli/4r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF2/W/8O7ErfY5CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfb/AgAA//+wBDLo") r0 = landlock_create_ruleset(&(0x7f0000000240)={0x2775}, 0x18, 0x0) landlock_restrict_self(r0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0) 1m7.151579862s ago: executing program 2 (id=3267): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000280)={@broadcast, @multicast1, 0x0, "7ea97ddb2ac127ffa5b7216fe75ebaa2855a422a8bf8ec7caf003751804500", 0x0, 0x0, 0x4, 0xfffffffe}, 0x3c) setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000180)={@private=0xa010102, @multicast2, 0x0, "941621a61c5815f4678d8fd403f2f30229a88d74d71fd55708016d20fd419884", 0x0, 0x1}, 0x3c) setsockopt$MRT_FLUSH(r0, 0x0, 0xd4, &(0x7f00000003c0)=0xa, 0x4) 1m5.377824688s ago: executing program 2 (id=3270): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x147c40, 0x0) keyctl$clear(0x5, 0xffffffffffffffff) r1 = getpid() syz_pidfd_open(r1, 0x0) syz_usb_connect(0x6, 0x63, &(0x7f0000000540)=ANY=[@ANYBLOB="1201010240d85bc7b1131100345c010203010902510011040800070904880400f7f98a060724060000d2cf0524001c620d240f01000000000200050002090403080353ee970509050810200009090c05f6ce740000000000000f0300040609fe09050d00000402070eec32319e86e1a0923deb6449e03f9aa6603c260ad68e2734f7b91a46a2196270e99100b939d904f58158fa891b3fcf862e1984569f07805cd77cbb771e9db1f5a9cecebadd88c31afc697b826b27b31f655c746714c4cd3039a01944e8875f55cdc21a3f7edc61406450bc7ffbd7bc19490ebfe3849bf447a7751b8abf1448b511ecfa16585d2136a7aa77b4e820190d3c83d3280faf728c58154338cdac0ca5940abca16afa0e14d635a68e004e0f44649a09631639bb22e03bce46cb4d1e53bf341434574a71fb"], 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x38}}, 0x0) read$char_usb(0xffffffffffffffff, 0x0, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@newtaction={0x5c, 0x30, 0x301, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xffffffff}}]}, {0x5b}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x5c}}, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r5, 0x0, 0x2a, 0x0, 0x0) r7 = socket$phonet_pipe(0x23, 0x5, 0x2) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r8, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000840)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x28}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000) connect$phonet_pipe(r7, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x1}, 0x10) ioctl$SIOCPNENABLEPIPE(r7, 0x89ed, 0x0) ioctl$FS_IOC_SETFLAGS(r5, 0x40186f40, &(0x7f0000000440)=0x1f) 1m1.730677099s ago: executing program 2 (id=3280): syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file1\x00', 0x0, &(0x7f0000000100)={[{@noinit_itable}, {@barrier}]}, 0x1, 0x73a, &(0x7f0000000800)="$eJzs3E9rXOUaAPDnnCZtb5t7Jxfu4uJKqFih9iRN1a6EiOtCoR+ghslJCDnJhMykNjFg68KFIKgI/ulGv4EbRXBT+h0UwZ2CC0FrGheCi8iZzEx1OpOObdKR+vvBmfO875kzz/vMHF7mwLwTwD/W4+VDEjEWERciotLqTyPicDM6GnF193m3tzar21ub1SR2di7eSsrTmn3t10pa++PRPCX+HxE3RyNOvXZ33vr6xuJMUeSrrfZEY2llor6+cXphaWY+n8+XpyYnz559burZZyb3rdY3X/nkpzc+f/HLD88t/fb8radnk5hu1h1ddeyn3fdkNKa7+pcPItkQJcMeAAAAAym/5x+KiJHmt9RKHGpGAAAAwKNk58gOAAAA8MhLYtgjAAAAAA5W+3cAt7c2q+3tYf7+4McXImL8ztri7U7+keYa4oijMRoRx7aTP61MSHZPgwdy9VpE3Jjucf0nrevv/nWvXLdG+u/nRjn/TPea/9LO/BM95p+R9n8nPKD2/Ld91/x3J/+hPvPfhQFzHFk9+VXf/NciHhvplT/p5E/65H9pwPyfjn3zbb9jOx9HnIze+f+Ya4//h5iYWyjy1mPPHCc+e/XUXvUf65c/2bv+lQHr/+761Hy/uaTM/9SJvT//XvnLa+Kt1jjSiHi7tS/b73TlePLm5Ad71T/bp/57ff4fDVj/F69vfD/gUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKApjYixSNKsE6dplkUcj4j/xbG0qNUbp+Zqa8uz5bGI8RhN5xaKfDIiKrvtpGyfacZ32lNd7bMR8d+IeLfyr2Y7q9aK2WEXDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMfxiBiLJM0iIo2IXyppmmXDHhUAAACw78aHPQAAAADgwLn/BwAAgEef+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIbhw/ny57WxvbVbL9uzl9bXF2uXTs3l9MVtaq2bV2upKNl+rzRd5Vq0t3ev1ilpt5Vwsr12ZaOT1xkR9fePSUm1tuXFpYWlmPr+Ujz6UqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPirxppbkmYRkTbjNM2yiH9HxHiMJnMLRT4ZEf+JiK8ro0fK9plhDxoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9V1/fWJwpinxVIBAIOsGwZyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIahvr6xOFMU+Wp92CMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABguNIfkogot5OVJ8a6jx5Ofq009xHx8vWL712ZaTRWz5T9P3f6G++3+qeGMX4AAACgW/s+vX0fDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMKj6+sbiTFHkqwcYDLtGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/vweAAD//4rSy1s=") r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r1, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58) symlink(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1m1.355394433s ago: executing program 2 (id=3281): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r0, 0x11, 0xa, &(0x7f0000000040)=0x10000, 0x4) syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0xa00004, &(0x7f0000000100)=ANY=[@ANYBLOB='gid=ignore,iocharset=cp936\x00\x00\x00\x00\x00\x00\x00\bd=', @ANYRESDEC=0x0, @ANYBLOB="2c6e6f7672732c696f636861727365743d63703733372c6d6f64653d30303030303030303030303030303030303030303031302c646d6f64653d30303030303030303030303030303030303015303030342c6164696e6963622c7569643d666f726765742c6e6f7672732c696f636861727365743d63703933322c7569643d", @ANYRESDEC=0x0, @ANYBLOB=',\x00'], 0x1, 0xc67, &(0x7f0000001dc0)="$eJzs3U9sHNd9B/DfG5LiSm5rJk4VJ42DTVuksmK5+hdTtgp3VdNsA8iyEIq5BeBKpNSFKZIgqUY23JbppYceAhRFDzkRaIUCKRoYTRH0yLQukFx8KHLqiWhhIyh6YIsAAVoEW8zsW3FFkZYskiIlfz429d2deW/mvZnxjCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOJ3Xj13/ETaZEXfHjQGAHgoLox99fjJzZ7/AMBj69JW//8PAAAAAAAAAAAAAADsFymKeCpSzF1YSxPV947a+dbAjZvjI6ObVzuYqpp9Vfnyp3bi5KnTX35h+Ew3z7dmPqT+TvtsvD526Vz9ldnrc/NTCwtTk/XxmdaV2cmp+97CdutvdLQ6APXrb9yYvHp1oX7y+VN3rL459MHgE4eHzg4/e+yZbtnxkdHRsfUitd7y/Q/ckI6tRngciCKORYrnvvuT1IyIIrZ/LGoP99xvdLDqxNGqE+Mjo1VHplvNmcVy5cXugSgi6j2VGt1jtPm5iP6Bh9qHrTUilsrmlw0+WnZvbK4537w8PVW/2JxfbC22Zmcupk5ry/7Uo4gzKWI5IlYH797cQBTRHym+/eRaupzf+lEdhy9VA4O3bkexi328D2U76wMRy8UjcM72scEo4rVI8dN3j8SVfJ+p7jVfjHitzO9H3Crz5YhUXhinI97f5Dri0dQfRfxZef7PrqXJ6n7Qva+c/1r9KzNXZ3vKdu8rH/H5cNedYo+eDwc35MOxz+9NtSiiWd3x19KD/2YHAAAAAAAAAAAAAAAAgJ12MIr4TKR49V//oBpXHNW49CfPDv/u0C/2jhl/+h7bKcs+HxFLxf2NyT2QBwZeTBdT2uOxxB9ntSjiD/P4v2/udWMAAAAAAAAAAAAAAAAAAAA+1or4caR46b0jaTl65xRvzVyrX2penu7MCtud+7c7Z3q73W7XUycbOSdyLuVczrmSczVnFLl+zkbOiZxLOZdzruRczRl9uX7ORs6JnEs5l3Ou5FzNGf25fs5GzomcSzmXc67kXM0Z+2TuXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAx0kRRfw8UnzrG2spUkQ0IiaikyuDe906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0mIr4XqSo/17j9rL+iEjVvx1Hyl9OR+NAmZ+MxnCZL0fjXM5mlf2Nb+5B+9megVTEjyLFYO2d2yc8n/+Bzrfbl0Hcenv922f7O9nXXTn0weATh588Ozz6+ae3+pw2a8DR862ZGzfr4yOjo2M9i/vz3j/Zs2wo77fYma4TEQtvvvVGc3p6av7BP5SXwANW757Jbez9YX5I/Y9MU33YiQ/Rvy+asTd9v0NtL25O7Lry+f9+pPjN9/6t+8DvPP9r8Qudb7ef8PGzP1p//r+0cUP3+fzv31gvP//LJ8Fmz/+nepa9lH83MtAfUVu8PjdwOKK28OZbx1rXm9emrk3NnD5+/MXh4RdPHR84EFG72pqe6vm0I4cLAAAAAAAAAAAAAAAA4OFJRfx2pGj+aC3VI+JmNV5r6Ozws8ee6Yu+arzVHeO2Xx+7dK7+yuz1ufmphYWpyfr4TOvK7OTU/e6uVg33Gh8Z3ZXO3NPBXW7/wdors3Nvzreu/f7ipusP1c5dXlicb17ZfHUcjCKi0bvkaNXg8ZHRqtHTreZMVfXipoPpP7qBVMS/R4orp+vpC3lZHv+/cYR/3Hr7xdvXwtLGDe3g+P/PH1of//eJnqLlPlMq4meR4jf+/On4QtXOQ3HXMcvl/jpSHD3zuVwuDpTlum3ovFegMzKwLPvfkeLvf35n2e54yKfWy574SAf3EVCe/ycjxff+9Dvxq3nZne9/6D3/68fv0MYN7dL7Hz7Vs+zQHe8r2HbXyef/WKR4+al34teqJf/7oe//6L6x4Uin8Pr7OXbp/P9yz7KhvN9f36nOAwAAAAAAAAAAPMIGUhF/Eyl+MNqfXsjL7ufv/01u3NAu/f2vT/csm9yZ+Yru+WHbBxUAAAAA9omBVMSPI8W1xXduj6G+c/x3z/jP31of/zmSNqyt/pzvl6r3Buzkn//1Gsr7ndh+twEAAAAAAAAAAAAAAAAAAGBfSamIF/J86hPVeP7JLedTX4kUr/7nc7lcOlyW684DP1T9WrswO3Ps3PT0bC0Wm5enp+pjc80rU2XdT0WKtb/6XK5bVPOrd+eb78zxvj4X+3ykGP3bbtnOXOzduck784HX2u2IE2XZT0SK//i7O8vmqanz3NHVdk+WZf8yUnz9Hzcve3i97Kmy7HcixQ+/Xu+WPVSW7b4f9dPrZZ+/MlvswlkBAAAAAAAAAAAAAAAAAADg42YgFfEnkeK/ri/fHsuf5/8f6PlaufV2z3z/G9ys5vkfqub/3+rzg8z/X71XYGmrvQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOMpRRFvRYq5C2tpZbD83lE735q5cXN8ZHTzagdTVbOvKl/+1E6cPHX6yy8Mn+nmh9ffaZ+J18cunau/Mnt9bn5qYWFqsj4+07oyOzl131vYbv2NjlYHoH79jRuTV68u1E8+f+qO1TeHPhh84vDQ2eFnjz3TLTs+Mjo61lOmf+CB936XtMXyA1HEX0SK5777k/SDwYgitn8s7nHt7LaDVSeOVp0YHxmtOjLdas4slisvdg9EEVHvqdToHqN7nov/a7fbD6srm2hELJXNLxt8tOze2Fxzvnl5eqp+sTm/2Fpszc5cTJ3Wlv2pRxFnUsRyRKwO3r25gSjijUjx7SfX0j8NRvR1j8OXLox99fjJrdtR7GIf70PZzvpAxHJxP+eMrQxGEf8QKX767pH458GI/uj8xBcjXivz+xG3onO+U3lhnI54f5PriEdTfxTxP+X5P7uW3h0s7wfd+8r5r9W/MnN1tqds976yzedDu93+4zL37vnwMO3ze1MtivhhdcdfS//iv2sAAAAAAAAAAAAAAACAfaSIX4kUL713JFXjg2+PKW7NXKtfal6e7gzr6479646Zbrfb7XrqZCPnRM6lnMs5V3Ku5owi18/ZKLPWbk/k70s5l3Ou5FzNGX25fl81XLHdyN8nci7lXM65knM1Z/Tn+jkbOSdyLuVczrmSczVn7JOxewAAAAAAAAAAAAAAAAAAwOOlqP5J8a1vrKX2YGd+6Yno5Ir5QB97/x8AAP//Jhb4VQ==") syz_open_dev$ttys(0xc, 0x2, 0x1) sched_setscheduler(0x0, 0x1, &(0x7f0000000440)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket(0x2c, 0x4, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0xfffff, 0xffffffffffffffff) 57.90890551s ago: executing program 2 (id=3294): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, r3, 0x25, 0x0, @val=@kprobe_multi=@syms={0x1, 0x0, 0x0, 0x0, 0x8000000000000001}}, 0x30) syz_emit_ethernet(0x3a, &(0x7f0000000a00)=ANY=[], 0x0) 56.410976318s ago: executing program 33 (id=3294): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, r3, 0x25, 0x0, @val=@kprobe_multi=@syms={0x1, 0x0, 0x0, 0x0, 0x8000000000000001}}, 0x30) syz_emit_ethernet(0x3a, &(0x7f0000000a00)=ANY=[], 0x0) 14.958199056s ago: executing program 5 (id=3417): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d00000085"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000180)={0xa, 0xe}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0) r4 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) r5 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r4, 0x5) connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e20, @local}, 0x10) sendmmsg(r5, 0x0, 0x0, 0x0) 14.633863287s ago: executing program 4 (id=3418): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$sndseq(0xffffffffffffff9c, 0x0, 0x446102) dup(0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0xa, 0x7, 0x2, 0x4}, 0x50) r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r6) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00'}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) fcntl$setlease(r7, 0x400, 0x0) write$tcp_congestion(r5, 0x0, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)={@cgroup, 0xffffffffffffffff, 0x12, 0x25, 0x0}, 0x20) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@cgroup, 0xffffffffffffffff, 0x12, 0x0, 0x0, @void, @value=0x0}, 0x20) r8 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r8, &(0x7f00000032c0)=[{&(0x7f00000001c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0) sendmmsg$inet_sctp(r8, &(0x7f00000032c0)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{0x0}], 0x1, &(0x7f0000000500)=ANY=[@ANYBLOB="300000000000000084"], 0x30}], 0x1, 0x0) socket$netlink(0x10, 0x3, 0x0) 13.581409677s ago: executing program 5 (id=3421): r0 = socket$inet(0x2, 0x3, 0x4) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='xfrm0\x00', 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x1, &(0x7f00000000c0)=0x7) r4 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCEXCL(r4, 0x540c) syz_open_dev$tty20(0xc, 0x4, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setsockopt$inet_buf(r1, 0x0, 0x10, 0x0, 0x0) r7 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_XRUN(r7, 0xc0984124, 0x1000000000000) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10) sendmmsg$inet(r0, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0) 12.878917963s ago: executing program 4 (id=3422): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff}) connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r2}, 0x18) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181) syz_mount_image$fuse(0x0, &(0x7f0000000080)='./bus\x00', 0x10040d0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143202, 0xf0) pwritev2(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0) 11.191594784s ago: executing program 5 (id=3426): sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, 0x0, 0x0) r3 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x80307) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000140)={0x53, 0xfffffffffffffffb, 0x0, 0x7f, @buffer={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x4, 0x1, 0x0}) syz_genetlink_get_family_id$mptcp(&(0x7f0000001740), 0xffffffffffffffff) syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff) 10.994574377s ago: executing program 4 (id=3427): r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x81, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = socket$alg(0x26, 0x5, 0x0) accept4(r5, 0x0, 0x0, 0x800) getsockname(r5, &(0x7f0000000380)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001540)=0x80) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='nfs\x00', 0x0, &(0x7f0000000240)) futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, &(0x7f0000048000)=0x1, 0x2) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) socket(0x25, 0x5, 0x0) 10.438998283s ago: executing program 3 (id=3428): r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x81, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = socket$alg(0x26, 0x5, 0x0) accept4(r5, 0x0, 0x0, 0x800) getsockname(r5, &(0x7f0000000380)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001540)=0x80) mount(&(0x7f0000000000)=@sg0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='nfs\x00', 0x0, &(0x7f0000000240)) futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, 0x0, 0x2) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) socket(0x25, 0x5, 0x0) 10.430000474s ago: executing program 0 (id=3429): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$sndseq(0xffffffffffffff9c, 0x0, 0x446102) dup(0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0xa, 0x7, 0x2, 0x4}, 0x50) r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r6) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', 0x0}) sendmsg$BATADV_CMD_SET_HARDIF(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000006c0)={0x2c, r7, 0x1, 0xf0bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r8}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4800}, 0x20004804) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) fcntl$setlease(r9, 0x400, 0x0) write$tcp_congestion(r5, 0x0, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)={@cgroup, 0xffffffffffffffff, 0x12, 0x25, 0x0}, 0x20) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@cgroup, 0xffffffffffffffff, 0x12, 0x0, 0x0, @void, @value=0x0}, 0x20) r10 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r10, &(0x7f00000032c0)=[{&(0x7f00000001c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0) sendmmsg$inet_sctp(r10, &(0x7f00000032c0)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{0x0}], 0x1, &(0x7f0000000500)=ANY=[@ANYBLOB="300000000000000084"], 0x30}], 0x1, 0x0) socket$netlink(0x10, 0x3, 0x0) 9.088350112s ago: executing program 0 (id=3430): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$sndseq(0xffffffffffffff9c, 0x0, 0x446102) dup(0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0xa, 0x7, 0x2, 0x4}, 0x50) r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r6) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000400)) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) fcntl$setlease(r7, 0x400, 0x0) write$tcp_congestion(r5, 0x0, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)={@cgroup, 0xffffffffffffffff, 0x12, 0x25, 0x0}, 0x20) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@cgroup, 0xffffffffffffffff, 0x12, 0x0, 0x0, @void, @value=0x0}, 0x20) r8 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r8, &(0x7f00000032c0)=[{&(0x7f00000001c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0) sendmmsg$inet_sctp(r8, &(0x7f00000032c0)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{0x0}], 0x1, &(0x7f0000000500)=ANY=[@ANYBLOB="300000000000000084"], 0x30}], 0x1, 0x0) socket$netlink(0x10, 0x3, 0x0) 7.948190888s ago: executing program 0 (id=3431): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$sndseq(0xffffffffffffff9c, 0x0, 0x446102) bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0xa, 0x7, 0x2, 0x4}, 0x50) r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r6) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000400)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_HARDIF(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000006c0)={0x2c, r7, 0x1, 0xf0bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r9}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r8}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4800}, 0x20004804) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) fcntl$setlease(r10, 0x400, 0x0) write$tcp_congestion(r5, 0x0, 0x0) 7.935485268s ago: executing program 4 (id=3432): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) getpid() openat$uhid(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount$binderfs(0x0, &(0x7f00000023c0)='./binderfs\x00', &(0x7f0000002400), 0x4000, 0x0) sendmmsg$unix(r2, 0x0, 0x0, 0x40) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6) r3 = socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r4, 0x6, 0x21, 0x0, 0x0) sendmsg$nl_route_sched(r3, 0x0, 0x0) r5 = fsopen(&(0x7f0000000340)='ocfs2_dlmfs\x00', 0x0) syz_open_dev$sndmidi(&(0x7f0000000140), 0xfffffffffffffffa, 0x18000) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) 7.553517234s ago: executing program 3 (id=3433): r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x81, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$alg(0x26, 0x5, 0x0) accept4(r4, 0x0, 0x0, 0x800) getsockname(r4, &(0x7f0000000380)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001540)=0x80) mount(&(0x7f0000000000)=@sg0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='nfs\x00', 0x0, &(0x7f0000000240)) futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, &(0x7f0000048000)=0x1, 0x2) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10) r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0) socket(0x25, 0x5, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r6) 6.500592853s ago: executing program 0 (id=3434): r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x81, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$alg(0x26, 0x5, 0x0) accept4(r4, 0x0, 0x0, 0x800) getsockname(r4, &(0x7f0000000380)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001540)=0x80) mount(&(0x7f0000000000)=@sg0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='nfs\x00', 0x0, &(0x7f0000000240)) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10) r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0) socket(0x25, 0x5, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r6) 6.150010186s ago: executing program 4 (id=3435): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$sndseq(0xffffffffffffff9c, 0x0, 0x446102) dup(0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0xa, 0x7, 0x2, 0x4}, 0x50) r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r6) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000400)) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) fcntl$setlease(r7, 0x400, 0x0) write$tcp_congestion(r5, 0x0, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)={@cgroup, 0xffffffffffffffff, 0x12, 0x25, 0x0}, 0x20) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@cgroup, 0xffffffffffffffff, 0x12, 0x0, 0x0, @void, @value=0x0}, 0x20) r8 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r8, &(0x7f00000032c0)=[{&(0x7f00000001c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0) sendmmsg$inet_sctp(r8, &(0x7f00000032c0)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{0x0}], 0x1, &(0x7f0000000500)=ANY=[@ANYBLOB="300000000000000084"], 0x30}], 0x1, 0x0) socket$netlink(0x10, 0x3, 0x0) 5.16943844s ago: executing program 0 (id=3436): r0 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_XRUN(r0, 0xc0984124, 0x1000000000000) 4.441040568s ago: executing program 4 (id=3437): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket(0x400000000010, 0x3, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x22) rmdir(&(0x7f0000000080)='./cgroup/../file0\x00') r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0xc) r6 = openat$cgroup_subtree(r5, &(0x7f0000000100), 0x2, 0x0) write$cgroup_subtree(r6, &(0x7f0000000980)={[{0x2d, 'pids'}]}, 0x1f) r7 = openat(0xffffffffffffff9c, &(0x7f0000000680)='./file1\x00', 0x143041, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x1, 0x83, 0x7fff0000}]}) semctl$IPC_INFO(0x0, 0x3, 0x3, &(0x7f00000000c0)=""/77) write$UHID_INPUT(r7, &(0x7f00000021c0)={0x8, {"d093c7a9e8cc37eaf83e1340340aa5a2665a0d3428832da6fc77e1520bc983ee2dea8084b4bc01286683002339d3230996bfbc1f285426e9cbed36257db8b085b972b9bb0b3fe02690495574e22994030a73fa4c477e48edf9d58c7bf560034da548866a210f683af1c02efe3e5d2bd4fd6405bb02a5de3955322eb2f064407c1f7545596e1843ad5c9be9684ff81817d33fd9d3d526ff33292ecac87fb1a518520e91897857f40672b72fb6928eb627ebad83de041b7a2b5e811f9298b77d3a6396a67b0fc2c51f1e9f6e1c67132930d0675e38679c4e7d37623ac9f3c06561ef32cb5167b4ca24f114876d3e53d97701c5da4ff0aa68537bc0d426d25e6ace4b7affa48293649a16e1db1fb037f9afe3adf9dfb77452c697feca0ce63255c0d435c34f9f15c059288e477a3ea7448b43a273eba429bcddb6d447711af41516c13c1598dfef851a73d025b4d9281b479b3de3c675537338972f1d08c3eb7a784b61f6d3e99cd746c797abe0c19e93a4d0aa3021053088bc6e587a6c9859ebb677591d80e16000aba1be3236879ff5aedec8e68bfba46139fbbaff1003a5b7791cdc64534a879e0d3304e19990142414a919043210709b8814c95a89c441bc2f37d3053b124be8c86d37a2945cd1058f2d65e2c13a14ca328f1a5cb432498e553d990ccd9fb97b3d255f7061dea73ad4fb584760b2237988dbd74bee674c9e61f8cdfcf1c41828832456a0d99b4d12506d23d7ff3d96ddca6cbdce9866c1e548cf13f353449a5a7f33ade32fbb17422e9f3ce0ee581f51d102f76cae618c87f884872cef74cc36dc8c1b6a69d0cf342f44aac3fdbba438db3c0705b3042639ecdb63e6cc92ac3d6b77ab6f5113688ee0d359951f571642d4bea9e9b7aa458cc18e502fe5dd0659ee3f6e7bb340bc638275347845d5074acb98d8e3afef3725af209883f2cbdccbf283512fe23a97a8c1ec1729acd1937498e2c07fd6f99361ca5c2f83254178ab8c4843c898e6f015b9943d8e08e0f1843dfa9ce993f99d4d250573bf50da7ec226cd7983acac4a616295176ce1f39feca46cf027ef1283bf8ce38de1bfb8a629ec400a8edd7d1e74890e7bac000c3f43860543e83991188775e7149fe6c103b5fb69dad935ac90f1b6b02e4c5aef921792e16e77d6ef207831606b8d48a2234443e58a65aa023a0488be5ed71c99dc1fb19c61423dc73a9e80aa434e4690203e4ebc1827b5ebfed61c99d4429e41e572d46942b756846829621596a93434186f6a630624285eeed1d064013cd40e99e40fc387df96a755d224be8bcc58355a22bd9cbe8cbdd70a7fc0ec045ff8453f156221a05af2ceb410f422e2ea1248a9d93c308ea141758d3731748d508856ca3419e4c2b060f2d2a68d13b2bd7068e19c26fb2cd37132ee4b2ceeebffbbf53cb7bde0cd8a875163c37d3ffa6ab66992ac20a84d89b704379868a6e7bff130532f3db59a93531f3a4eab5d13b6bf4cf507b1bea8d8450b97a8b5dbc9d6dafa8b364516c68e0b7f3ae52f4fbcfbeb146acf3df151cf567e2af5738aa8cc406b1cac1f1b3179cdf7a09cfc56bb4f9b35c16043073d3bdd8ad98b0ca381438cdc6debaa0b8bb18d76d046a62f8d2786399b65a6824d71736dc696c89ef684025486e97162d0b485b4e6e7555890f1b0a04476702a2ef0af65dc8516cf828988fc6e355fc5a27291e310f75a24d3d0f2a483ab8c0d90f26d5b5c94e44db80242288b7e98e619464b87014fc582a4722e8eafb974876076f01c55541cc18bf89278b3ad34fedfdbc2a9579d6cc471ddcb97c02e3b0f0fafc41ff925af9468a63c4add2b8fe02724834a6601f498290d0169dbdf78817d337a4335f4e3e9ec1c97b0d032014ea73bd1e258bdad289b19b158bdb103bf99723b56e09d7b46bc9def8a000f3b2e1941e2da3db6d9016b6784e79408ec2aaa0ff6eb6b2aaa7802bc82da79486586f077ccf5124f72214367049092685485e4c05d1d6887f7d47be71718512d4614fa246194e5f8f7332c3f272599cacefcc77bb6c0b96fa6b32fad8a8dbff513d26c6cb7ea045c2f5a1dc819a83bbcf278ed575d8fba2d902f667111d81758d584bfaa7af6ec365a97f5e29f0a42a53a58d1b3c7bf7880c872bf7dfb67f61d46ef7913a88ee32eed9b7049f38b9cb3cc28188a702469230aac224fdb69027d792fee48927f7aeee6231a5b1d8169991082987681e9b263cc9ef5c43b31de254ceac20795a75c85784cf72e2e21196ec02e85ab9927560fed107b92d04920c39f1a5ddc75b07306823620b789b8d1451a72a65cc0c05d98d716d2bd86befd2e31391787be2fc10851e22b060e5f3582649dc72a3cf71d6190c6d77f1b14f03f980397d6b3d067fb82e88e1f98e450a28b8959829f006caa43d2b9e500759472565cb6c56103cae24ced02fd500d4af691751100b09daaa48793e6c87d297bce2ed6615c1d57ecaaad3dbedb623f39543d6b4d5da1fff941bd430957b2538ff78b22ad2a43b97019c53ee3e9abeb165cfacb0549953116e09c22fa36ec651c80c4c3833d5d41160ea6b53830e0ced65eda0d143b0095c1a27a65bc017564cdf09b5f481a1bf417411385127d25b121fb7aa10784928d3ad5382581f50d0ae3c2c65e9a4a1c76f2edcf1b4b8aa19e0e3fbdc4caf1441cedbde4aec501dfad3b1cab1b663e86cec2c774b78e533bb9384164251c0073dac671d983e379ae4a3018db214befc556a9751f42ca96188d4f461f367fdd9251c0f2fc9123bd39dac72be042625aee0784543f4cbee3900f6c80de80062ec71d5fa55c945389edc8da4008e0e8324317a23a36f0e86cad3d879937b5cd35d8056e05fbda84d3d586a1cd3a3663818ae0271eda8712051f2e0a50b0fac86159f043fdd8bb51b55617a2006156fa60665e4bbe1c5814722443c3ab3bf154b2a3cf53ee26ffca07f6c745ace399b88f32edcc1c396f475b0bb80908486d1310d99475e0b3d2020de41bcf67eaf4b5af1276bb2770a96f7481aabdb0ebdfe80b6e869afd9af26b27f4a4fd876fab0c5d70be0bd3e0ff0ae38248474c9e4492e82838318e65697cca8519de852c262cb2a7d0603fbed0b1129ac7b8f04760cce4171b6596859ad49be03950ef607d12f48e055742281d49ad750a20e19d869e231b4b9f5c6a120945a28e3e9dbaf508c55d8926b187879b62e8234b3eddcf0b242a617933000e6f03809d7d1f9cce8c81064001f1ed8afa1db726292c5693b90381f78b6af1936d137bb4a160ac66c0296424d38febdbb8a2c3a00e34757256abfe1102d3520321929c9f12f1829c4e720a9079002ce4da2d472f1c821831f7598e2b2e896043c7faaf9baf942af69756c94aad3a1f97bcaef9fb78c933ef3d4ae02857574a6ae05cda9e2b82746e1c464d849441b3d3224cf5ca02d79584e70df2326185389d0080475082de812d5eaddd3f79451478e7a17ba614592733abbf3fe1a5986540c6bf1c7d8a7e4fe2aae85b0a0934b2d124761bee790eb32a6e57107bc23cf1ee1e285ab126ccfd04c525f1dd131313f96545ffdbcfa2c3d6f67ba024fbff356b0049ac183c265f29bfd07ad3d69875caa58891d0e49d561bac1ed2c632fe83114833f77f51096eb9eda70a064bcab6af77fe22e7347fe1b3948847c4c92f243f64a66b9de017145da59ac2a14c39c33b6fcecf233849a74fd22778789575dbb0b7b0b3e8fc56b97bb2813ab54a09117348e728b9eb5f8ff357f0470d4785f6704d13c69cfbd91f2e50a4a92ce773b05edd049f9d4a6674c821bf15a073bb407dda18143a77e6714d1319fabe4e9bf47ff90b385058814fbef7384152202d171785ccbd4a0efe4ddce2be36fb081542d5b4486ada2e755d37ed186ff507a3261df8181a1975e9bac087de161b4ea33bfbd2a171a1fdc5108fedee5e236b787d8fc3eb5ede60fcc9f0899e4c0064b9d0e77d9b11640983862c0dd6ecdf695c334a6586c1e2bf441a68103a242a095b1bccbebd3d1760ef900ddc09f3aa62b5ddc0f5198c6185ee75ea78f2116d7651b7bfa14ccab6dbbee71f82cffb3cd44c48333fef6c4d43d41833d0d867796a83ffd5cd6fd6dd1553e9727e3478c5203b9d7f86c39bc91a97c5501dbc141a9d3260ae1310b4d4d0714c76d94eb5acff3a77d1f079a3b28fcc02c23b2b508ea09f9f1aab214830bd8f1768a6a2452947aedebc7aa8a7e7e58377e615c082ef8d3fc5d3c57ec7351342ee8a27c3e78d52528022318fe6955da2e47a7d3b9d04363a764869ede31df10a6da1cd791177a187413c7b1af1a984a9ac6e3dca2ed86880f065303f917337872f75afc87ff199c9f996a79a199be35865311468e1f5131b2d57c081743bf0736f88bf21b6e766fb4939f5196e64e45df45633cee606bd76af4305f4f45c0448c56b6519170c6cabbcb8094d6507dc3be7a6f0fca2d2d54a17edbbd0c050ea99f0c451a29f9977ed944809c5ee28e6840cd71a893ac390d7eb147da9abd049fc4a5ad86481de4ac172c5557fae95ebe4cff1119cf001e5c275e6a0c09ddbfc361bd5e9b4a4e6047c5057ca5f0a4487760ac9e9e0589032592126a3a36192467577cfd65ccdca7583b013e78c1ac30f33703f2ed0efce0103b15d26d12c31fcd16b063992db11bf763851617e285a04625880bbc8375f1295063a47b46a4a2bd368a3a77f1d4e067f977631ed89a07284641233e6c38806db9faedf117547104190534a845de9983a392670db9aea24aa33f767d63d048ba2f61cda66bb6b29f4ece14491f1527f3b06732e64d25558cd394e09b2197bc63c933a531ab26f8a6367f57ddcdc0c2f08947d747db27f95040200ff76cca9f493b9530547dd4e187791e9e10d339d796d97e02e090a30bfbee6c34cead2f72f0281131120358953d30451c00dd8c44e2ef6b4d60c0de0b01469ecad512d0f6904521ec7a13c1f9771e889fe62a678ccd0d8a7ea3f6c7c2a0cc5948beb776afdd532c4239b60eb355ba94a8ee47cee0978d5a2d7ca83bbfdff94a6318a217cb15f90e472a9aee5ea1bcaff2200f27f0ef05281e3ef9c50cea2b97d632a6eaa8dcb535cf5f9239de2610f8bd51a7416db86fed03dc5a7d2e9f5bb0d8fe78894a40f83a31354f98bf5924b0171784dde8ccdde7236cc103f14d5632aac726959d270a037b2c0d809dd8743e91789a3b345c0d33ad56db696c8f0947c5d5ed2f0285d5f55ffe8b8a2f3048dc2eab55e33a43eccaf6c74abc1ac0ccec5b7c714f11429b09dd422660e79852a4cdc64f73ea3ecba8a61772712c53b79f44e63dfad0e661cb284965cf87aa1d9bb8f4deba5fcfe4c5be3b6ca23a3a449021239263650b7e455519610b67875669ef90dc9c22c6f9b8743d1304cd0054dbae67ee662b17e5f756374a580f219d47e5ad67025f901b75b437dee365bf5e5b4e07b9125d83017f6244481e3c6457190da31f4e32d3dde3ae910bd33d053a13e5bc5e9751a8de424a16af6a3a355fbf5a06bf9470add60e5213baffdee4e1307caa9d85f7493072627a1173b127c780aa9c9c16fd969e6d2253c604b8e419a76cfdb12aa8ee46eb24c4ab4c7d75844de00bb486b2a6283d03199d3dd4d27fcf5985fbae9d69a5ba71528e0d5b599ee1256a81a932c1a9dde02a777bedcb2d434fef6dfbd7b37270ea514e6b2762c31f6d12a700fb5a3e4902f3716f1fd7ca2d8315cf6df39b65152a2c104e29a358d2a1046d6a0a4e798135f5bc6cf745e38b388cb00", 0x1000}}, 0x1006) ioctl$sock_SIOCETHTOOL(r3, 0x89ff, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000400)=@ethtool_ringparam={0x11, 0x0, 0x20040001, 0x0, 0x7, 0x0, 0x0, 0xa1}}) 4.332081905s ago: executing program 0 (id=3438): timer_settime(0x0, 0x0, 0x0, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080) sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd27, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffe0, 0xa}, {0x1, 0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x55}, 0xc010) sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0) 4.330935956s ago: executing program 3 (id=3439): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x18) socket$inet6(0xa, 0x3, 0x8000000003c) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181) syz_mount_image$fuse(0x0, &(0x7f0000000080)='./bus\x00', 0x10040d0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143202, 0xf0) 4.069448402s ago: executing program 5 (id=3440): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r3}, 0x18) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181) syz_mount_image$fuse(0x0, &(0x7f0000000080)='./bus\x00', 0x10040d0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143202, 0xf0) pwritev2(r4, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0) 2.931304918s ago: executing program 3 (id=3441): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff}) connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r2}, 0x18) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181) syz_mount_image$fuse(0x0, &(0x7f0000000080)='./bus\x00', 0x10040d0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143202, 0xf0) pwritev2(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0) 1.865263478s ago: executing program 3 (id=3442): r0 = socket(0x10, 0x803, 0x0) bind$netlink(r0, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000540), r1) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000140)={'wpan0\x00'}) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) r3 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3) write$binfmt_elf64(r3, 0x0, 0x78) r4 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, r4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x1000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r6 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) sendmmsg$inet(r6, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014) 1.824467051s ago: executing program 5 (id=3443): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) getpid() openat$uhid(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount$binderfs(0x0, &(0x7f00000023c0)='./binderfs\x00', &(0x7f0000002400), 0x4000, 0x0) sendmmsg$unix(r2, 0x0, 0x0, 0x40) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6) r3 = socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r4, 0x6, 0x21, &(0x7f0000000000)="ca02016eba2d52b5f2ac03cc9f38f9d9", 0x10) sendmsg$nl_route_sched(r3, 0x0, 0x0) r5 = fsopen(0x0, 0x0) syz_open_dev$sndmidi(&(0x7f0000000140), 0xfffffffffffffffa, 0x18000) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) 604.752951ms ago: executing program 5 (id=3444): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001880)='/sys/kernel/uevent_seqnum', 0x20000, 0x204) socket$nl_sock_diag(0x10, 0x3, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000180)={{0x2, 0x0, @loopback}, {0x1, @local}, 0x7a, {0x2, 0xffff, @empty}}) r2 = getpid() write$P9_RXATTRWALK(r0, &(0x7f0000000040)={0xf, 0x1f, 0x2}, 0xf) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="28000000140009056e290f870000000002180000", @ANYRES32=r5, @ANYBLOB="08000400ffffffff08000200ac1414"], 0x28}}, 0x0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r6, 0x0, r7, 0x0, 0xa4, 0x0) r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) r9 = accept(r8, 0x0, 0x0) syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000001240)='./file2\x00', 0x818010, &(0x7f0000000280)=ANY=[@ANYRES64=r8, @ANYBLOB="d23c17f6ec95b3b820b1161ffa233394c6007d8285b461be4d1d842e4a63ec77a08347691f71d1e4132f09405a5b81867a37a921bdbff76ef2fed6da828a5b3e9db4e0f87928c18c0380050249fbf4fde11ad16f991dcb0a664c70bb3eb8ca6eeb5940143fa9766b0595ed40395860780fe0bbc6d763c3b39f2f"], 0x1, 0x2ab, &(0x7f0000001640)="$eJzs3TFrO2UYAPDnkvzTqEOKuCiCBzo4lX9dXRqlgthJiaAOWmwLkoRCCwErGDv1Ezj6PfwILi5+A8FVcWuHysnl7pLUJrXGmIL9/aan997zvk/uKcmUJ5+9POgdHCdxfvlztFpJ1HZiJ66S2IxaVL6JRgAA/x9XWRa/Z8tkNmqrrwYAWIfi87/w0LUAAOvxwUcfv9fZ29t9P01b8WL7YthNImJwMewW652j+CL6cRhPox3XEdlEEb/z7t5uNNLcZrw2GA27eebg0x/L/Tu/Rozzt6Mdm/Pzt9PCJP/Zqro0OkdPqj/a8cL8/Df+mh+DUXSb8fqrM/VvRTt++jyOox8HkedO87/eTtO3s28vv/okPybPT2rR3RjfN5XV19QSAAAAAAAAAAAAAAAAAAAAAAAega00TYrxPeP5Pfml8fycYbd+PV7fSiuz831G1XygpNqomA+URTmiZ5TFd9V8nadpmmbljdP8RrzU8MMCAAAAAAAAAAAAAAAAAAAAkDv98qy33+8fnqwkqKYBVF/rX3afnZkrr8RZb7++eMON+581O20gr/XOm6PRiCWKr/b/J1nP5PWsqAXTYGPa3A+jCKrGrPSs598qNj3r7ae3HkLyd2e1qsZ9P7vUjKXr6f2WP8xmWUF2s6etSak3s5orehrN5+Yu/ZFl2f32efOXokfllWQ8YuN+pz8pg7kvMA9ak140q+CHRf/80V/4llH/N+83AAAAAAAAAAAAAAAAAADAYtMv/c5ZPL8ztfafFQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAazb9/f8qaEXEzSu3glGZfNc9ZdCMk9MHfokAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8An8GAAD///BqRhY=") openat(0xffffffffffffffff, &(0x7f0000000080)='./file1\x00', 0xa00, 0x30) r10 = fsopen(&(0x7f0000000100)='devpts\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r10, 0x6, 0x0, 0x0, 0x0) recvfrom$inet(r9, &(0x7f0000000000)=""/46, 0x2e, 0x40010000, &(0x7f00000000c0)={0x2, 0x4a21, @private=0xa010101}, 0x10) getpid() setns(0xffffffffffffffff, 0x24020000) 0s ago: executing program 3 (id=3445): r0 = socket(0x10, 0x803, 0x0) bind$netlink(r0, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000540), r1) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000140)={'wpan0\x00'}) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x78) r3 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, r3) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x1000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r5 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000300)="359cb6", 0x3}], 0x2, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYRES32=0x0], 0x30}], 0x1, 0x0) sendmmsg$inet(r5, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014) kernel console output (not intermixed with test programs): _slave_1) entered forwarding state [ 701.240754][T12428] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 701.455579][T12648] ufs: You didn't specify the type of your ufs filesystem [ 701.455579][T12648] [ 701.455579][T12648] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 701.455579][T12648] [ 701.455579][T12648] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 701.496138][T12648] ufs: ufstype=old is supported read-only [ 701.504270][T12648] syz.2.2303: attempt to access beyond end of device [ 701.504270][T12648] loop5: rw=0, sector=16, nr_sectors = 2 limit=0 [ 703.032407][T12428] veth0_vlan: entered promiscuous mode [ 703.131422][T12428] veth1_vlan: entered promiscuous mode [ 703.311880][T12428] veth0_macvtap: entered promiscuous mode [ 703.339630][T12428] veth1_macvtap: entered promiscuous mode [ 703.384723][T12428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 703.572666][T12428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 703.628021][T12428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 703.692212][T12428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 703.752373][T12428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 703.822191][T12428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 703.863988][T12428] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 703.999464][T12428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 704.029692][T12428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 704.055223][T12428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 704.081794][T12428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 704.106703][T12428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 704.143186][T12428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 704.172074][T12428] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 704.195917][T12675] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2309'. [ 704.350549][T12428] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 704.396267][T12428] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 704.427637][T12428] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 704.454401][T12428] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 705.752535][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 705.803197][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 705.948317][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 705.989884][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 706.077475][T12710] loop0: detected capacity change from 0 to 8 [ 706.100954][T12713] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2318'. [ 706.155162][T12710] unable to read inode lookup table [ 706.706625][T12724] tipc: Started in network mode [ 706.713236][T12724] tipc: Node identity ac14140f, cluster identity 4711 [ 706.723325][T12724] tipc: New replicast peer: 255.255.255.255 [ 706.734084][T12724] tipc: Enabled bearer , priority 10 [ 707.645477][T12734] loop1: detected capacity change from 0 to 1024 [ 707.852355][T11437] tipc: Node number set to 2886997007 [ 708.746311][T11513] hfsplus: bad catalog file entry [ 708.762905][T11513] hfsplus: b-tree write err: -5, ino 3 [ 708.979371][ T5794] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 708.998965][ T5794] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 709.018391][ T5794] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 709.035314][ T5794] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 709.047212][ T5794] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 709.057897][ T5794] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 709.298407][ T61] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 709.358300][T12753] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2329'. [ 709.451588][ T61] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 709.625303][ T61] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 709.870883][T12774] loop0: detected capacity change from 0 to 16 [ 709.892983][T12774] erofs: (device loop0): erofs_read_inode: unsupported chunk format ffff of nid 36 [ 710.508126][T12786] ufs: You didn't specify the type of your ufs filesystem [ 710.508126][T12786] [ 710.508126][T12786] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 710.508126][T12786] [ 710.508126][T12786] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 710.603442][T12786] ufs: ufstype=old is supported read-only [ 710.611944][T12786] syz.0.2333: attempt to access beyond end of device [ 710.611944][T12786] loop1: rw=0, sector=16, nr_sectors = 2 limit=0 [ 710.728255][T12765] bridge0: port 2(bridge_slave_1) entered disabled state [ 710.738786][T12765] bridge0: port 1(bridge_slave_0) entered disabled state [ 711.165460][ T5794] Bluetooth: hci1: command tx timeout [ 711.794379][T12765] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 711.894008][T12765] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 712.364034][T12809] loop0: detected capacity change from 0 to 1024 [ 712.590750][ T12] hfsplus: bad catalog file entry [ 712.603501][ T12] hfsplus: b-tree write err: -5, ino 3 [ 712.721102][T12765] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 712.732834][T12765] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 712.744010][T12765] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 712.755987][T12765] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 712.912394][ T61] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 713.282624][ T5794] Bluetooth: hci1: command tx timeout [ 713.522968][ T61] tipc: Disabling bearer [ 713.560184][ T61] tipc: Left network mode [ 713.577997][T12822] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2338'. [ 713.739833][T12751] chnl_net:caif_netlink_parms(): no params data found [ 715.036945][T12751] bridge0: port 1(bridge_slave_0) entered blocking state [ 715.056272][T12751] bridge0: port 1(bridge_slave_0) entered disabled state [ 715.072418][T12751] bridge_slave_0: entered allmulticast mode [ 715.098656][T12751] bridge_slave_0: entered promiscuous mode [ 715.203698][T12751] bridge0: port 2(bridge_slave_1) entered blocking state [ 715.222847][T12751] bridge0: port 2(bridge_slave_1) entered disabled state [ 715.260878][T12751] bridge_slave_1: entered allmulticast mode [ 715.280524][T12751] bridge_slave_1: entered promiscuous mode [ 715.322582][ T5794] Bluetooth: hci1: command tx timeout [ 715.386005][T12856] batadv_slave_0: entered promiscuous mode [ 715.459024][T12751] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 715.536194][T12855] batadv_slave_0: left promiscuous mode [ 715.596951][T12751] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 716.347746][T12751] team0: Port device team_slave_0 added [ 716.384913][T12751] team0: Port device team_slave_1 added [ 717.410917][ T5794] Bluetooth: hci1: command tx timeout [ 717.703115][ T61] hsr_slave_0: left promiscuous mode [ 717.729436][ T61] hsr_slave_1: left promiscuous mode [ 717.737212][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 717.746602][ T61] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 717.762857][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 717.782457][ T61] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 717.808417][ T61] bridge_slave_1: left allmulticast mode [ 717.815552][ T61] bridge_slave_1: left promiscuous mode [ 717.828619][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 717.858396][ T61] bridge_slave_0: left allmulticast mode [ 717.869991][T12887] xt_TCPMSS: Only works on TCP SYN packets [ 717.879401][ T61] bridge_slave_0: left promiscuous mode [ 717.907203][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 717.997261][ T61] veth1_macvtap: left promiscuous mode [ 718.004119][ T61] veth0_macvtap: left promiscuous mode [ 718.011675][ T61] veth1_vlan: left promiscuous mode [ 718.030876][ T61] veth0_vlan: left promiscuous mode [ 718.457110][T12875] loop0: detected capacity change from 0 to 40427 [ 718.552154][T12875] F2FS-fs (loop0): invalid crc value [ 718.628470][T12875] F2FS-fs (loop0): Found nat_bits in checkpoint [ 718.835498][T12875] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 718.951922][T12875] F2FS-fs (loop0): Can't flush 2 in 0 for SEGS_PER_SEC 1 != 1 [ 719.045071][T12114] syz-executor: attempt to access beyond end of device [ 719.045071][T12114] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 719.080229][T12114] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 719.829057][ T61] team0 (unregistering): Port device team_slave_1 removed [ 719.890805][ T61] team0 (unregistering): Port device team_slave_0 removed [ 719.966598][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 720.061006][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 721.115745][ T61] bond0 (unregistering): Released all slaves [ 721.271716][ T6044] IPVS: starting estimator thread 0... [ 721.279169][T12872] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2348'. [ 721.303298][T12751] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 721.318844][T12751] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 721.356354][T12751] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 721.382224][T12909] IPVS: using max 19 ests per chain, 45600 per kthread [ 721.398203][T12751] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 721.410027][T12751] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 721.488036][T12751] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 721.668069][T12751] hsr_slave_0: entered promiscuous mode [ 721.683478][T12751] hsr_slave_1: entered promiscuous mode [ 721.986326][ T61] IPVS: stop unused estimator thread 0... [ 722.132522][ T5859] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 722.357300][ T5859] usb 1-1: Using ep0 maxpacket: 16 [ 722.380430][ T5859] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 722.400705][ T5859] usb 1-1: config 0 has no interface number 0 [ 722.453228][ T5859] usb 1-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 722.477825][ T5859] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 722.523068][ T5859] usb 1-1: Product: syz [ 722.528285][ T5859] usb 1-1: Manufacturer: syz [ 722.559981][ T5859] usb 1-1: SerialNumber: syz [ 722.606395][ T5859] usb 1-1: config 0 descriptor?? [ 722.644889][ T5859] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 723.181539][T12751] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 723.243857][T12751] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 723.258894][ T5859] gspca_spca1528: reg_w err -71 [ 723.288592][T12751] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 723.302320][ T5859] spca1528: probe of 1-1:0.1 failed with error -71 [ 723.344433][T12751] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 723.362359][ T5859] usb 1-1: USB disconnect, device number 22 [ 723.649047][T12751] 8021q: adding VLAN 0 to HW filter on device bond0 [ 723.706782][T12751] 8021q: adding VLAN 0 to HW filter on device team0 [ 723.746204][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 723.754902][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 723.811323][ T2945] bridge0: port 2(bridge_slave_1) entered blocking state [ 723.820196][ T2945] bridge0: port 2(bridge_slave_1) entered forwarding state [ 724.164319][T12751] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 724.363211][T12952] xt_TCPMSS: Only works on TCP SYN packets [ 724.729015][T12751] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 725.063938][T12962] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2361'. [ 725.075252][T12962] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2361'. [ 725.635805][T12943] loop1: detected capacity change from 0 to 32768 [ 725.739417][T12751] veth0_vlan: entered promiscuous mode [ 725.783718][T12751] veth1_vlan: entered promiscuous mode [ 725.819107][T12943] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 725.936328][T12751] veth0_macvtap: entered promiscuous mode [ 725.949238][T12751] veth1_macvtap: entered promiscuous mode [ 725.974318][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 725.987939][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 726.000231][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 726.012961][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 726.031235][T12751] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 726.045444][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 726.069065][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 726.081798][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 726.099713][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 726.113855][T12943] XFS (loop1): Ending clean mount [ 726.114545][T12751] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 726.178016][T12751] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 726.209172][T12751] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 726.217951][T12943] XFS (loop1): Quotacheck needed: Please wait. [ 726.230201][T12751] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 726.275332][T12751] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 726.363199][T12943] XFS (loop1): Quotacheck: Done. [ 726.518209][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 726.560289][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 726.651766][T12428] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 726.670769][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 726.699992][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 727.180228][T12988] loop2: detected capacity change from 0 to 1024 [ 727.704759][ T12] hfsplus: bad catalog file entry [ 727.717464][ T12] hfsplus: b-tree write err: -5, ino 3 [ 728.270341][T13005] tipc: Enabling of bearer rejected, already enabled [ 731.690215][T13042] loop2: detected capacity change from 0 to 1024 [ 732.227127][T13051] loop2: detected capacity change from 0 to 1024 [ 732.568280][ T1144] hfsplus: bad catalog file entry [ 732.583505][ T1144] hfsplus: b-tree write err: -5, ino 3 [ 735.794126][T13071] loop2: detected capacity change from 0 to 32768 [ 735.955553][T13071] XFS (loop2): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 736.032233][T13109] loop0: detected capacity change from 0 to 16 [ 736.055331][T13109] erofs: (device loop0): mounted with root inode @ nid 36. [ 736.117665][ T5794] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -13 in[56, 0] out[9000] [ 736.155154][T13109] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -13 in[56, 4040] out[4096] [ 736.186925][ T28] audit: type=1800 audit(1759945170.804:652): pid=13109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2385" name="file2" dev="loop0" ino=89 res=0 errno=0 [ 736.428530][T13071] workqueue: Failed to create a rescuer kthread for wq "xfs-cil/loop2": -EINTR [ 736.478519][T13071] XFS (loop2): log mount failed [ 736.999440][T12274] I/O error, dev loop2, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 738.184919][T13135] ufs: You didn't specify the type of your ufs filesystem [ 738.184919][T13135] [ 738.184919][T13135] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 738.184919][T13135] [ 738.184919][T13135] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 738.225141][T13135] ufs: ufstype=old is supported read-only [ 738.232545][T13135] syz.2.2388: attempt to access beyond end of device [ 738.232545][T13135] loop5: rw=0, sector=16, nr_sectors = 2 limit=0 [ 742.308981][T13165] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2395'. [ 742.514383][T13165] macvlan2: entered allmulticast mode [ 742.597786][T13165] veth1_vlan: entered allmulticast mode [ 743.337956][T13181] ufs: You didn't specify the type of your ufs filesystem [ 743.337956][T13181] [ 743.337956][T13181] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 743.337956][T13181] [ 743.337956][T13181] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 743.376357][T13181] ufs: ufstype=old is supported read-only [ 743.384084][T13181] syz.3.2398: attempt to access beyond end of device [ 743.384084][T13181] loop7: rw=0, sector=16, nr_sectors = 2 limit=0 [ 743.814459][T13183] loop2: detected capacity change from 0 to 256 [ 743.825104][T13183] exfat: Deprecated parameter 'utf8' [ 743.831557][T13183] exfat: Deprecated parameter 'utf8' [ 743.922954][T13183] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d) [ 745.389455][T13191] loop2: detected capacity change from 0 to 8192 [ 746.675997][T13191] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 746.739007][T13191] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 746.751137][T13191] REISERFS (device loop2): using ordered data mode [ 746.759643][T13191] reiserfs: using flush barriers [ 746.770042][T13191] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 746.804750][T13191] REISERFS (device loop2): checking transaction log (loop2) [ 746.827909][T13205] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 746.878868][T13209] loop0: detected capacity change from 0 to 8 [ 747.015518][T13209] SQUASHFS error: Unable to read inode 0x87 [ 747.063722][T13191] REISERFS (device loop2): Using tea hash to sort names [ 747.093741][T13191] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 747.266825][ T5849] hid-generic 0002:01DB:0001.000E: item fetching failed at offset 1/2 [ 747.283609][ T5849] hid-generic: probe of 0002:01DB:0001.000E failed with error -22 [ 747.416863][T13221] loop0: detected capacity change from 0 to 64 [ 747.659751][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.672481][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.758669][T12114] hfs: request for non-existent node 131072 in B*Tree [ 750.103979][T13227] loop1: detected capacity change from 0 to 40427 [ 750.150849][T13256] loop2: detected capacity change from 0 to 64 [ 750.168600][T13227] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 750.212480][T13227] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 750.255063][T13227] F2FS-fs (loop1): invalid crc value [ 750.318742][T13227] F2FS-fs (loop1): Found nat_bits in checkpoint [ 751.312390][T13227] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 751.492479][T13227] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 752.146420][T13275] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2431'. [ 752.755412][T13287] autofs4:pid:13287:autofs_fill_super: called with bogus options [ 752.985538][T13295] loop1: detected capacity change from 0 to 1024 [ 753.271536][ T1098] hfsplus: bad catalog file entry [ 753.292632][ T1098] hfsplus: b-tree write err: -5, ino 3 [ 754.112442][ T6044] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 754.537807][ T6044] usb 2-1: too many configurations: 37, using maximum allowed: 8 [ 754.634782][T13297] loop1: detected capacity change from 0 to 164 [ 754.812277][ T6044] usb 2-1: string descriptor 0 read error: -71 [ 754.840705][ T6044] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 754.912209][ T6044] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 754.955967][ T6044] usb 2-1: can't set config #1, error -71 [ 754.987848][ T6044] usb 2-1: USB disconnect, device number 6 [ 756.436116][T13318] tipc: Started in network mode [ 756.442039][T13318] tipc: Node identity ac14140f, cluster identity 4711 [ 756.450607][T13318] tipc: New replicast peer: 255.255.255.255 [ 756.458601][T13318] tipc: Enabled bearer , priority 10 [ 758.212350][ T5849] tipc: Node number set to 2886997007 [ 758.876270][T13349] loop2: detected capacity change from 0 to 16 [ 759.112416][T13352] autofs4:pid:13352:autofs_fill_super: called with bogus options [ 759.208161][T13349] erofs: (device loop2): mounted with root inode @ nid 36. [ 759.236303][T13348] Bluetooth: MGMT ver 1.22 [ 759.573940][T13344] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2454'. [ 760.608611][T13360] loop0: detected capacity change from 0 to 40427 [ 760.821150][T13360] F2FS-fs (loop0): invalid crc value [ 760.947000][T13372] ufs: You didn't specify the type of your ufs filesystem [ 760.947000][T13372] [ 760.947000][T13372] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 760.947000][T13372] [ 760.947000][T13372] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 761.130608][T13360] F2FS-fs (loop0): Found nat_bits in checkpoint [ 761.323760][ T5794] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 761.338638][ T5794] Bluetooth: hci0: command 0x0c1a tx timeout [ 761.392623][T13372] ufs: ufstype=old is supported read-only [ 761.412908][T13372] syz.2.2459: attempt to access beyond end of device [ 761.412908][T13372] loop5: rw=0, sector=16, nr_sectors = 2 limit=0 [ 761.466846][T13360] F2FS-fs (loop0): Start checkpoint disabled! [ 761.534824][T13360] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 761.724883][T13360] syz.0.2457: attempt to access beyond end of device [ 761.724883][T13360] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 762.193903][T13385] autofs4:pid:13385:autofs_fill_super: called with bogus options [ 763.104438][ T1098] kworker/u4:7: attempt to access beyond end of device [ 763.104438][ T1098] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 763.144628][ T1098] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 763.173004][ T1098] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 763.225856][T13392] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2466'. [ 765.719127][T13419] autofs4:pid:13419:autofs_fill_super: called with bogus options [ 766.944097][T13434] loop0: detected capacity change from 0 to 16 [ 766.965903][T13434] erofs: (device loop0): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832 [ 767.166107][T13434] overlayfs: failed to resolve './file0': -2 [ 768.846922][T13447] ufs: You didn't specify the type of your ufs filesystem [ 768.846922][T13447] [ 768.846922][T13447] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 768.846922][T13447] [ 768.846922][T13447] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 768.884700][T13447] ufs: ufstype=old is supported read-only [ 768.893166][T13447] syz.2.2481: attempt to access beyond end of device [ 768.893166][T13447] loop5: rw=0, sector=16, nr_sectors = 2 limit=0 [ 770.053565][T13446] ubi: mtd0 is already attached to ubi31 [ 770.482710][T13454] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2486'. [ 774.783676][T13492] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2498'. [ 774.942673][T13496] ufs: You didn't specify the type of your ufs filesystem [ 774.942673][T13496] [ 774.942673][T13496] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 774.942673][T13496] [ 774.942673][T13496] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 774.981008][T13496] ufs: ufstype=old is supported read-only [ 774.989179][T13496] syz.0.2496: attempt to access beyond end of device [ 774.989179][T13496] loop1: rw=0, sector=16, nr_sectors = 2 limit=0 [ 779.082418][T13510] ubi: mtd0 is already attached to ubi31 [ 782.094104][T13525] loop1: detected capacity change from 0 to 16 [ 782.143878][T13525] erofs: (device loop1): mounted with root inode @ nid 36. [ 782.180735][T13528] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2511'. [ 782.195682][T13525] syz.1.2509: attempt to access beyond end of device [ 782.195682][T13525] loop1: rw=0, sector=48, nr_sectors = 16 limit=16 [ 782.294281][T13529] syz.1.2509: attempt to access beyond end of device [ 782.294281][T13529] loop1: rw=0, sector=48, nr_sectors = 16 limit=16 [ 782.343458][T13531] loop2: detected capacity change from 0 to 64 [ 782.567144][T13531] hfs: get root inode failed [ 783.652247][T13540] ubi: mtd0 is already attached to ubi31 [ 784.446046][T12116] Bluetooth: hci4: command 0x0406 tx timeout [ 785.217543][T13542] loop2: detected capacity change from 0 to 1024 [ 785.424030][T13525] syz.1.2509 (13525): drop_caches: 2 [ 785.640343][ T743] hfsplus: bad catalog file entry [ 785.655149][ T743] hfsplus: b-tree write err: -5, ino 3 [ 786.221893][T13558] autofs4:pid:13558:autofs_fill_super: called with bogus options [ 786.375515][T13557] loop1: detected capacity change from 0 to 1024 [ 786.451478][T13557] hfsplus: creator requires a 4 character value [ 786.530062][T13557] hfsplus: unable to parse mount options [ 788.186240][T13574] loop1: detected capacity change from 0 to 2048 [ 788.544438][T13574] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 790.428197][T13589] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2531'. [ 791.421455][T13595] UDF-fs: error (device loop1): udf_read_inode: (ino 1345) failed !bh [ 791.436867][T13596] UDF-fs: error (device loop1): udf_read_inode: (ino 1345) failed !bh [ 791.440291][T13598] UDF-fs: error (device loop1): udf_read_inode: (ino 1345) failed !bh [ 791.732449][ T5794] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 792.187158][T13603] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2535'. [ 792.275869][T13609] loop2: detected capacity change from 0 to 1024 [ 792.579714][T13613] loop0: detected capacity change from 0 to 512 [ 792.591307][ T12] hfsplus: bad catalog file entry [ 792.603093][T13613] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 792.605312][ T12] hfsplus: b-tree write err: -5, ino 3 [ 793.554451][T13613] EXT4-fs (loop0): failed to open journal device unknown-block(0,0) -6 [ 793.607036][T13621] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2541'. [ 793.711866][T13613] loop0: detected capacity change from 0 to 1024 [ 793.821627][T12274] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 794.212730][T13633] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2544'. [ 794.223686][T13633] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2544'. [ 794.422646][T12775] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 794.785275][T12775] usb 2-1: too many configurations: 37, using maximum allowed: 8 [ 794.944910][T12775] usb 2-1: string descriptor 0 read error: -71 [ 794.966956][T12775] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 794.981485][T12775] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 794.999669][T12775] usb 2-1: can't set config #1, error -71 [ 795.034795][T12775] usb 2-1: USB disconnect, device number 7 [ 795.049227][T13639] xt_TCPMSS: Only works on TCP SYN packets [ 795.102965][T13638] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2547'. [ 797.275541][T13659] ubi: mtd0 is already attached to ubi31 [ 798.524939][T13673] ufs: You didn't specify the type of your ufs filesystem [ 798.524939][T13673] [ 798.524939][T13673] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 798.524939][T13673] [ 798.524939][T13673] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 798.565253][T13673] ufs: ufstype=old is supported read-only [ 798.573564][T13673] syz.1.2558: attempt to access beyond end of device [ 798.573564][T13673] loop3: rw=0, sector=16, nr_sectors = 2 limit=0 [ 799.312565][T13678] xt_TCPMSS: Only works on TCP SYN packets [ 799.909742][T13687] loop2: detected capacity change from 0 to 512 [ 800.145381][T13687] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.2563: bad orphan inode 11862016 [ 800.164345][T13687] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 800.179688][T13687] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 800.257252][T13696] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2564'. [ 800.268288][T13696] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2564'. [ 801.057258][T12751] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 801.504237][T13711] loop0: detected capacity change from 0 to 512 [ 801.540833][T13711] EXT4-fs (loop0): orphan cleanup on readonly fs [ 801.549626][T13711] EXT4-fs error (device loop0): ext4_quota_enable:7131: inode #15: comm syz.0.2571: iget: bad i_size value: 360287970189639690 [ 801.629112][T13714] ufs: You didn't specify the type of your ufs filesystem [ 801.629112][T13714] [ 801.629112][T13714] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 801.629112][T13714] [ 801.629112][T13714] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 801.666804][T13714] ufs: ufstype=old is supported read-only [ 801.674829][T13714] syz.1.2569: attempt to access beyond end of device [ 801.674829][T13714] loop3: rw=0, sector=16, nr_sectors = 2 limit=0 [ 801.746512][T13711] EXT4-fs error (device loop0): ext4_quota_enable:7134: comm syz.0.2571: Bad quota inode: 15, type: 2 [ 801.810732][T13711] EXT4-fs warning (device loop0): ext4_enable_quotas:7175: Failed to enable quota tracking (type=2, err=-117, ino=15). Please run e2fsck to fix. [ 801.836754][T13711] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 801.871732][T13711] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 802.238354][T13711] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 802.298699][T13711] EXT4-fs warning (device loop0): read_mmp_block:115: Error -117 while reading MMP block 2 [ 802.445225][T12114] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 802.728255][T13718] loop0: detected capacity change from 0 to 1024 [ 802.743004][T13718] ext4: Unknown parameter 'euid' [ 802.875363][T13720] xt_TCPMSS: Only works on TCP SYN packets [ 803.133672][T13722] snd_dummy snd_dummy.0: control 3:129:3:syz0:5 is already present [ 804.359730][T13740] overlayfs: failed to resolve './file0': -2 [ 805.502706][T13745] ufs: You didn't specify the type of your ufs filesystem [ 805.502706][T13745] [ 805.502706][T13745] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 805.502706][T13745] [ 805.502706][T13745] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 805.540552][T13745] ufs: ufstype=old is supported read-only [ 805.549260][T13745] syz.2.2581: attempt to access beyond end of device [ 805.549260][T13745] loop5: rw=0, sector=16, nr_sectors = 2 limit=0 [ 806.149377][T13754] loop1: detected capacity change from 0 to 128 [ 806.171836][T13754] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 806.229556][T13750] loop0: detected capacity change from 0 to 4096 [ 806.265963][T13750] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 806.296064][T13750] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 806.327718][T13750] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 806.380295][T13750] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 806.424981][T13750] ntfs3: loop0: try to read out of volume at offset 0x3fffffc1c00 [ 806.449941][T13750] ntfs3: loop0: try to read out of volume at offset 0x3fffffc2c00 [ 806.483741][T13750] ntfs3: loop0: try to read out of volume at offset 0x3fffffc4c00 [ 806.503097][T13750] ntfs3: loop0: try to read out of volume at offset 0x3fffffc8c00 [ 806.520523][T13750] ntfs3: loop0: try to read out of volume at offset 0x3fffffd0c00 [ 806.530746][T13750] ntfs3: loop0: try to read out of volume at offset 0x3fffffe0c00 [ 806.840070][T13764] loop1: detected capacity change from 0 to 2048 [ 806.936987][T13764] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 807.022667][T13764] UDF-fs: error (device loop1): udf_read_inode: (ino 1345) failed !bh [ 807.128709][T13772] xt_TCPMSS: Only works on TCP SYN packets [ 807.139194][T13771] loop0: detected capacity change from 0 to 1024 [ 807.406369][ T12] hfsplus: bad catalog file entry [ 807.452277][ T12] hfsplus: b-tree write err: -5, ino 3 [ 808.579971][T13795] loop2: detected capacity change from 0 to 512 [ 808.622511][T13795] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 808.835500][T13795] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6 [ 809.087476][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.100060][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.128404][T13795] loop2: detected capacity change from 0 to 1024 [ 809.595518][T13805] loop2: detected capacity change from 0 to 1024 [ 809.677844][T13807] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2606'. [ 809.870637][ T743] hfsplus: bad catalog file entry [ 809.882442][ T743] hfsplus: b-tree write err: -5, ino 3 [ 809.901422][T13811] loop1: detected capacity change from 0 to 16 [ 809.931727][T13810] fuse: Bad value for 'fd' [ 809.958252][T13811] erofs: (device loop1): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832 [ 810.040131][T13811] overlayfs: failed to resolve './file0': -2 [ 810.048369][T12281] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 810.184492][T13802] loop0: detected capacity change from 0 to 32768 [ 810.275652][T13802] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 810.417377][T13802] XFS (loop0): Ending clean mount [ 810.461603][T13802] XFS (loop0): Quotacheck needed: Please wait. [ 810.529753][T13833] loop1: detected capacity change from 0 to 512 [ 810.596258][T13802] XFS (loop0): Quotacheck: Done. [ 810.602264][T13833] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 810.846776][T13833] EXT4-fs (loop1): failed to open journal device unknown-block(0,0) -6 [ 810.958462][T13843] xt_TCPMSS: Only works on TCP SYN packets [ 810.965959][T13842] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2616'. [ 810.990708][T13833] loop1: detected capacity change from 0 to 1024 [ 811.148175][T12114] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 811.252773][T13845] fuse: Bad value for 'fd' [ 811.819149][T13855] loop0: detected capacity change from 0 to 1024 [ 812.867198][ T743] hfsplus: bad catalog file entry [ 812.898705][ T743] hfsplus: b-tree write err: -5, ino 3 [ 813.334374][T13851] loop1: detected capacity change from 0 to 32768 [ 813.441180][T13851] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop1 scanned by syz.1.2620 (13851) [ 813.572682][T13863] loop2: detected capacity change from 0 to 512 [ 813.689100][T13863] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 813.804465][T13863] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 813.955505][T13863] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 814.004731][T13863] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 33 with error 28 [ 814.020571][T13863] EXT4-fs (loop2): This should not happen!! Data will be lost [ 814.020571][T13863] [ 814.065276][T13863] EXT4-fs (loop2): Total free blocks count 0 [ 814.090790][T13851] BTRFS info (device loop1): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 814.092252][T13863] EXT4-fs (loop2): Free/Dirty block details [ 814.126050][T13863] EXT4-fs (loop2): free_blocks=65280 [ 814.132569][T13851] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 814.137679][T13863] EXT4-fs (loop2): dirty_blocks=33 [ 814.167584][T13863] EXT4-fs (loop2): Block reservation details [ 814.172637][T13851] BTRFS error (device loop1): unrecognized thread_pool value 0x0010000000000006 [ 814.181530][T13863] EXT4-fs (loop2): i_reserved_data_blocks=33 [ 814.206960][T13871] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2627'. [ 814.221300][T13851] BTRFS error (device loop1): open_ctree failed: -34 [ 814.319433][T12751] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 815.376214][T13892] autofs4:pid:13892:autofs_fill_super: called with bogus options [ 815.813546][T13898] loop0: detected capacity change from 0 to 8 [ 815.972186][T12775] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 816.136714][T13902] loop0: detected capacity change from 0 to 1024 [ 816.195039][T12775] usb 2-1: too many configurations: 37, using maximum allowed: 8 [ 816.293337][T12775] usb 2-1: string descriptor 0 read error: -71 [ 816.321652][T12775] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 816.353189][ T1144] hfsplus: bad catalog file entry [ 816.363828][T12775] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 816.377063][ T1144] hfsplus: b-tree write err: -5, ino 3 [ 816.392736][T12775] usb 2-1: can't set config #1, error -71 [ 816.411805][T12775] usb 2-1: USB disconnect, device number 8 [ 819.477719][T13930] loop1: detected capacity change from 0 to 32768 [ 819.530090][T13930] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 819.587859][T13952] autofs4:pid:13952:autofs_fill_super: called with bogus options [ 819.824987][T13930] XFS (loop1): Ending clean mount [ 819.888325][T13930] XFS (loop1): Quotacheck needed: Please wait. [ 820.042635][T13930] XFS (loop1): Quotacheck: Done. [ 820.252313][T12428] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 821.904310][T13981] loop1: detected capacity change from 0 to 512 [ 821.927234][T13981] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 822.131111][T13981] EXT4-fs (loop1): failed to open journal device unknown-block(0,0) -6 [ 822.219825][T13981] loop1: detected capacity change from 0 to 1024 [ 822.300518][T12274] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 823.996482][T14004] loop2: detected capacity change from 0 to 2048 [ 824.078594][T14004] NILFS (loop2): invalid segment: Inconsistency found [ 824.161860][T14004] NILFS (loop2): trying rollback from an earlier position [ 824.173011][T14008] loop0: detected capacity change from 0 to 2048 [ 824.259191][T14004] NILFS (loop2): recovery complete [ 824.267208][T14008] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 824.477111][T14017] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 824.631616][T14021] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2676'. [ 824.643791][T14021] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2676'. [ 824.679469][T14021] ubi: mtd0 is already attached to ubi31 [ 825.326787][T14023] overlayfs: failed to resolve './cgroup': -2 [ 825.409334][T14004] overlayfs: upper fs does not support tmpfile. [ 825.442165][T14004] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 825.467742][T14004] overlayfs: failed to set xattr on upper [ 825.486800][T14004] overlayfs: ...falling back to redirect_dir=nofollow. [ 825.515790][T14004] overlayfs: ...falling back to index=off. [ 825.546642][T14004] overlayfs: ...falling back to uuid=null. [ 826.017100][T14030] xt_TCPMSS: Only works on TCP SYN packets [ 826.883440][T14048] fuse: Bad value for 'fd' [ 827.021944][T14050] loop0: detected capacity change from 0 to 16 [ 827.047389][T14050] erofs: (device loop0): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832 [ 828.373117][T14056] xt_TCPMSS: Only works on TCP SYN packets [ 828.705087][T14069] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2697'. [ 829.510996][T14073] fuse: Bad value for 'fd' [ 829.756786][T14085] loop1: detected capacity change from 0 to 16 [ 829.786086][T14085] erofs: (device loop1): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832 [ 829.873421][T12274] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 830.056354][T14093] loop1: detected capacity change from 0 to 1024 [ 830.065592][T14093] EXT4-fs: Ignoring removed oldalloc option [ 830.077904][T14093] EXT4-fs: Ignoring removed bh option [ 830.088890][T14093] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 830.125950][T14093] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 830.173545][T12775] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 830.220480][T14093] EXT4-fs error (device loop1): __ext4_get_inode_loc:4483: comm syz.1.2707: Invalid inode table block 0 in block_group 0 [ 830.245761][T14093] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 830.258196][T14093] EXT4-fs error (device loop1): ext4_dirty_inode:6106: inode #15: comm syz.1.2707: mark_inode_dirty error [ 830.274437][T14093] EXT4-fs error (device loop1): __ext4_get_inode_loc:4483: comm syz.1.2707: Invalid inode table block 0 in block_group 0 [ 830.293074][T14093] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 830.306042][T14093] EXT4-fs error (device loop1): ext4_dirty_inode:6106: inode #15: comm syz.1.2707: mark_inode_dirty error [ 830.321939][T14093] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:478: comm syz.1.2707: Invalid block bitmap block 0 in block_group 0 [ 830.338726][T14093] EXT4-fs error (device loop1): __ext4_get_inode_loc:4483: comm syz.1.2707: Invalid inode table block 0 in block_group 0 [ 830.354769][T14093] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 830.362436][T12775] usb 1-1: device descriptor read/64, error -71 [ 830.369446][T14093] EXT4-fs error (device loop1): ext4_dirty_inode:6106: inode #15: comm syz.1.2707: mark_inode_dirty error [ 830.540765][ T1144] EXT4-fs (loop1): failed to convert unwritten extents to written extents -- potential data loss! (inode 15, error -117) [ 830.576936][T12428] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 830.872157][T12775] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 830.921599][T14108] fuse: Bad value for 'fd' [ 831.149337][T14104] xt_TCPMSS: Only works on TCP SYN packets [ 831.252228][T12775] usb 1-1: device descriptor read/64, error -71 [ 831.290835][T14118] loop1: detected capacity change from 0 to 16 [ 831.310603][T14118] erofs: (device loop1): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832 [ 831.373235][T12775] usb usb1-port1: attempt power cycle [ 831.642302][ T5794] Bluetooth: hci1: command 0x0406 tx timeout [ 831.812384][T12775] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 832.046099][T12775] usb 1-1: device descriptor read/8, error -71 [ 837.069757][T14148] loop1: detected capacity change from 0 to 32768 [ 837.115896][T14148] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop1 scanned by syz.1.2726 (14148) [ 837.214538][T14148] BTRFS info (device loop1): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 837.269328][T14148] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 837.302205][T14148] BTRFS info (device loop1): enabling auto defrag [ 837.309999][T14148] BTRFS info (device loop1): force clearing of disk cache [ 837.361549][T14148] BTRFS info (device loop1): enabling disk space caching [ 837.370624][T12116] Bluetooth: hci4: unexpected subevent 0x0e length: 30 > 15 [ 837.402271][T14148] BTRFS info (device loop1): max_inline at 0 [ 837.409642][T14148] BTRFS info (device loop1): disk space caching is enabled [ 838.028388][T14148] BTRFS info (device loop1): enabling ssd optimizations [ 838.202322][T14148] BTRFS info (device loop1): auto enabling async discard [ 838.492124][T14148] BTRFS info (device loop1): rebuilding free space tree [ 838.989984][T14148] BTRFS info (device loop1): disabling free space tree [ 839.009697][T14148] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 839.175348][T14148] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 839.193750][ T5794] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 839.207365][ T5794] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 839.218281][ T5794] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 839.233371][ T5794] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 839.260265][ T5794] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 839.269357][ T5794] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 840.245901][T12428] BTRFS info (device loop1): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 840.491940][T14201] loop2: detected capacity change from 0 to 1024 [ 840.686360][T14192] chnl_net:caif_netlink_parms(): no params data found [ 840.843726][ T743] hfsplus: bad catalog file entry [ 840.849931][ T743] hfsplus: b-tree write err: -5, ino 3 [ 841.146182][T14206] loop0: detected capacity change from 0 to 512 [ 841.158914][T14192] bridge0: port 1(bridge_slave_0) entered blocking state [ 841.180539][T14206] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 841.191364][T14192] bridge0: port 1(bridge_slave_0) entered disabled state [ 841.222389][T14192] bridge_slave_0: entered allmulticast mode [ 841.238557][T14192] bridge_slave_0: entered promiscuous mode [ 841.275038][T14192] bridge0: port 2(bridge_slave_1) entered blocking state [ 841.325544][T14192] bridge0: port 2(bridge_slave_1) entered disabled state [ 841.338762][T14192] bridge_slave_1: entered allmulticast mode [ 841.349556][T14192] bridge_slave_1: entered promiscuous mode [ 841.393628][T14206] EXT4-fs (loop0): failed to open journal device unknown-block(0,0) -6 [ 841.409742][T14192] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 841.431887][T14192] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 841.542879][T14206] loop0: detected capacity change from 0 to 1024 [ 841.561088][T14192] team0: Port device team_slave_0 added [ 841.573263][ T5794] Bluetooth: hci2: command tx timeout [ 841.596086][T14134] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 841.600565][T14192] team0: Port device team_slave_1 added [ 841.633331][T14220] loop1: detected capacity change from 0 to 4096 [ 841.723812][T14192] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 841.754298][T14192] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 841.793163][T14192] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 841.807977][T14220] ntfs3: loop1: ino=3, ntfs_set_state failed, -22. [ 841.832303][T14222] loop0: detected capacity change from 0 to 512 [ 841.840048][T14220] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 841.845808][T14192] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 841.858194][T14192] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 841.957852][T14192] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 841.972620][T14222] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 842.022606][T14222] ext4 filesystem being mounted at /125/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 842.289589][ T12] ntfs3: loop1: ino=3, ntfs3_write_inode failed, -22. [ 842.333286][T14222] fuse: Unknown parameter 'qOÛPgroup00000000000000000000' [ 842.351587][T12428] ntfs3: loop1: ino=3, ntfs_set_state failed, -22. [ 842.367911][T12428] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 842.410563][T12428] ntfs3: loop1: ino=3, ntfs_set_state failed, -22. [ 842.439418][T14192] hsr_slave_0: entered promiscuous mode [ 842.447736][ T743] ntfs3: loop1: ino=3, ntfs3_write_inode failed, -22. [ 842.512970][T14192] hsr_slave_1: entered promiscuous mode [ 842.544193][T14222] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 842.558803][T14192] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 842.581728][T14192] Cannot create hsr debugfs directory [ 842.919719][T14240] loop2: detected capacity change from 0 to 2048 [ 842.961291][T14240] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 843.483817][T14192] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 843.610986][T14192] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 843.642314][ T5794] Bluetooth: hci2: command tx timeout [ 843.890904][T14192] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 844.044543][T14192] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 844.494214][T14192] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 844.511026][T14192] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 844.524792][T14192] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 844.540090][T14192] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 844.710958][T14192] 8021q: adding VLAN 0 to HW filter on device bond0 [ 844.765242][T14192] 8021q: adding VLAN 0 to HW filter on device team0 [ 844.787761][ T743] bridge0: port 1(bridge_slave_0) entered blocking state [ 844.796515][ T743] bridge0: port 1(bridge_slave_0) entered forwarding state [ 844.832994][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 844.841636][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 845.720102][T14288] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2764'. [ 845.722690][ T5794] Bluetooth: hci2: command tx timeout [ 845.732673][T14288] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2764'. [ 846.008918][T14192] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 846.130237][T14192] veth0_vlan: entered promiscuous mode [ 846.164184][T14192] veth1_vlan: entered promiscuous mode [ 846.246118][T14192] veth0_macvtap: entered promiscuous mode [ 846.265995][T14192] veth1_macvtap: entered promiscuous mode [ 846.301475][T14192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 846.318452][T14192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 846.335719][T14192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 846.355610][T14192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 846.370471][T14192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 846.383804][T14192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 846.398097][T14192] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 846.425293][T14192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 846.446336][T14192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 846.462335][T14192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 846.481620][T14192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 846.503532][T14192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 846.520488][T14192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 846.544630][T14192] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 846.565731][T14192] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 846.577303][T14192] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 846.590540][T14192] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 846.602437][T14192] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 846.782460][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 846.808089][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 846.878917][T14308] binder: 14307:14308 ioctl c0306201 0 returned -14 [ 846.880996][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 846.900807][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 847.049631][T14312] loop3: detected capacity change from 0 to 256 [ 847.320624][T14312] FAT-fs (loop3): codepage cp252 not found [ 847.812159][ T5794] Bluetooth: hci2: command tx timeout [ 848.972243][T14336] binder: 14335:14336 ioctl c0306201 0 returned -14 [ 849.125716][T14344] loop3: detected capacity change from 0 to 2048 [ 849.717047][T14350] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2786'. [ 849.728267][T14350] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2786'. [ 849.813877][T14352] netlink: 'syz.1.2785': attribute type 4 has an invalid length. [ 850.185241][T14357] loop3: detected capacity change from 0 to 32768 [ 850.196948][T14357] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.2788 (14357) [ 850.225505][T14357] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 850.237992][T14357] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 850.248866][T14357] BTRFS info (device loop3): setting nodatacow, compression disabled [ 850.258637][T14357] BTRFS info (device loop3): turning on flush-on-commit [ 850.267502][T14357] BTRFS info (device loop3): enabling auto defrag [ 850.275741][T14357] BTRFS info (device loop3): trying to use backup root at mount time [ 850.286369][T14357] BTRFS info (device loop3): max_inline at 0 [ 850.293872][T14357] BTRFS info (device loop3): using free space tree [ 850.568691][T11513] BTRFS warning (device loop3): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 850.587230][T14357] BTRFS error (device loop3): failed to load root extent [ 850.595868][T14357] BTRFS warning (device loop3): try to load backup roots slot 1 [ 850.608145][ T1144] BTRFS warning (device loop3): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 850.624636][T14357] BTRFS warning (device loop3): couldn't read tree root [ 850.633259][T14357] BTRFS warning (device loop3): try to load backup roots slot 2 [ 850.684676][ T1144] BTRFS error (device loop3): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 850.748274][T14357] BTRFS warning (device loop3): couldn't read tree root [ 850.756883][T14357] BTRFS warning (device loop3): try to load backup roots slot 3 [ 850.840114][T14357] BTRFS info (device loop3): enabling ssd optimizations [ 850.849302][T14357] BTRFS info (device loop3): auto enabling async discard [ 850.862655][T14357] BTRFS info (device loop3): rebuilding free space tree [ 850.906146][T14357] BTRFS info (device loop3): checking UUID tree [ 851.319268][T14192] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 851.665049][T14388] loop2: detected capacity change from 0 to 1024 [ 851.960473][T14391] loop3: detected capacity change from 0 to 512 [ 851.981416][T14391] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 852.101538][ T1144] hfsplus: bad catalog file entry [ 852.116175][ T1144] hfsplus: b-tree write err: -5, ino 3 [ 852.135573][T14391] EXT4-fs (loop3): failed to open journal device unknown-block(0,0) -6 [ 852.248118][T14391] loop3: detected capacity change from 0 to 1024 [ 852.601955][T14397] ufs: You didn't specify the type of your ufs filesystem [ 852.601955][T14397] [ 852.601955][T14397] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 852.601955][T14397] [ 852.601955][T14397] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 852.641315][T14397] ufs: ufstype=old is supported read-only [ 852.651729][T14397] syz.2.2795: attempt to access beyond end of device [ 852.651729][T14397] loop5: rw=0, sector=16, nr_sectors = 2 limit=0 [ 855.877940][T14431] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2805'. [ 855.889036][T14431] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2805'. [ 856.428519][T14438] ufs: You didn't specify the type of your ufs filesystem [ 856.428519][T14438] [ 856.428519][T14438] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 856.428519][T14438] [ 856.428519][T14438] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 856.467107][T14438] ufs: ufstype=old is supported read-only [ 856.475181][T14438] syz.2.2807: attempt to access beyond end of device [ 856.475181][T14438] loop5: rw=0, sector=16, nr_sectors = 2 limit=0 [ 857.301444][T14446] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2813'. [ 860.798855][T14462] loop2: detected capacity change from 0 to 32768 [ 861.078561][T14462] XFS (loop2): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 861.475976][T14462] XFS (loop2): Ending clean mount [ 862.759137][T14496] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2825'. [ 862.770736][T14496] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2825'. [ 862.927437][T12751] XFS (loop2): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 863.039961][T14500] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2828'. [ 864.120893][T14504] loop1: detected capacity change from 0 to 32768 [ 864.412588][T14504] XFS (loop1): Mounting V5 filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb in no-recovery mode. Filesystem will be inconsistent. [ 864.525739][ T5849] XFS (loop1): Metadata CRC error detected at xfs_agf_read_verify+0x191/0x250, xfs_agf block 0x1 [ 864.598026][ T5849] XFS (loop1): Unmount and run xfs_repair [ 864.632373][ T5849] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 864.657840][ T5849] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 10 00 XAGF............ [ 864.680254][ T5849] 00000010: 00 00 00 01 00 00 00 02 00 00 00 00 00 00 00 01 ................ [ 864.728899][ T5849] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04 ................ [ 864.791760][ T5849] 00000030: 00 00 00 04 00 00 0b a2 00 00 0b a0 00 00 00 00 ................ [ 864.867840][ T5849] 00000040: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 864.918874][ T5849] 00000050: 00 00 00 00 00 00 00 01 00 00 00 05 00 00 00 01 ................ [ 865.173899][ T5849] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 865.189672][ T5849] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 865.228210][T14504] XFS (loop1): metadata I/O error in "xfs_read_agf+0x27e/0x590" at daddr 0x1 len 1 error 74 [ 867.449656][T14543] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2838'. [ 867.516106][T14545] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2839'. [ 867.652779][T14547] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2840'. [ 867.693198][T14549] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2841'. [ 867.719217][T14547] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2840'. [ 867.736607][T14549] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 867.746296][T14549] IPv6: NLM_F_CREATE should be set when creating new route [ 867.777364][T14549] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 867.786350][T14549] IPv6: NLM_F_CREATE should be set when creating new route [ 868.241057][T14558] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2843'. [ 868.252126][T14558] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2843'. [ 868.271595][T14555] loop1: detected capacity change from 0 to 8192 [ 868.311168][T14555] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 868.367812][T14555] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2844'. [ 868.474196][T14556] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2844'. [ 868.604923][T14556] loop1: detected capacity change from 8192 to 0 [ 868.624170][ C0] I/O error, dev loop1, sector 7928 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 868.636381][ T61] loop: Write error at byte offset 9223372036854792703, length 512. [ 868.663713][ C0] I/O error, dev loop1, sector 33 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 868.675254][ C0] Buffer I/O error on dev loop1, logical block 33, lost sync page write [ 868.685572][T14555] syz.1.2844: attempt to access beyond end of device [ 868.685572][T14555] loop1: rw=1, sector=1, nr_sectors = 1 limit=0 [ 868.715084][T14555] Buffer I/O error on dev loop1, logical block 1, lost sync page write [ 868.775970][T14555] syz.1.2844: attempt to access beyond end of device [ 868.775970][T14555] loop1: rw=0, sector=65, nr_sectors = 1 limit=0 [ 868.815804][T14555] FAT-fs (loop1): unable to read inode block for updating (i_pos 1050) [ 868.826666][T14555] syz.1.2844: attempt to access beyond end of device [ 868.826666][T14555] loop1: rw=2049, sector=85, nr_sectors = 1 limit=0 [ 868.845154][T14555] Buffer I/O error on dev loop1, logical block 85, lost async page write [ 868.856191][T14555] syz.1.2844: attempt to access beyond end of device [ 868.856191][T14555] loop1: rw=2049, sector=97, nr_sectors = 1 limit=0 [ 868.873979][T14555] Buffer I/O error on dev loop1, logical block 97, lost async page write [ 868.964101][T14555] syz.1.2844: attempt to access beyond end of device [ 868.964101][T14555] loop1: rw=2049, sector=98, nr_sectors = 1 limit=0 [ 869.009094][T14555] Buffer I/O error on dev loop1, logical block 98, lost async page write [ 869.039315][T14555] syz.1.2844: attempt to access beyond end of device [ 869.039315][T14555] loop1: rw=2049, sector=99, nr_sectors = 1 limit=0 [ 869.080895][T14555] Buffer I/O error on dev loop1, logical block 99, lost async page write [ 869.105562][T14555] syz.1.2844: attempt to access beyond end of device [ 869.105562][T14555] loop1: rw=2049, sector=100, nr_sectors = 1 limit=0 [ 869.123800][T14555] Buffer I/O error on dev loop1, logical block 100, lost async page write [ 869.134887][T14555] syz.1.2844: attempt to access beyond end of device [ 869.134887][T14555] loop1: rw=2049, sector=101, nr_sectors = 1 limit=0 [ 869.151048][T14555] Buffer I/O error on dev loop1, logical block 101, lost async page write [ 869.162132][T14555] syz.1.2844: attempt to access beyond end of device [ 869.162132][T14555] loop1: rw=2049, sector=102, nr_sectors = 1 limit=0 [ 869.178497][T14555] Buffer I/O error on dev loop1, logical block 102, lost async page write [ 869.342664][T14555] syz.1.2844: attempt to access beyond end of device [ 869.342664][T14555] loop1: rw=2049, sector=103, nr_sectors = 1 limit=0 [ 869.473880][T14555] Buffer I/O error on dev loop1, logical block 103, lost async page write [ 870.528505][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.537455][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.752142][T14581] loop3: detected capacity change from 0 to 512 [ 870.762757][T14581] EXT4-fs: Ignoring removed oldalloc option [ 870.828962][T14581] EXT4-fs (loop3): 1 truncate cleaned up [ 870.838067][T14581] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 872.020828][T14192] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 872.043303][T14592] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2855'. [ 872.267617][T14600] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2856'. [ 873.413417][ T743] FAT-fs (loop1): unable to read inode block for updating (i_pos 1050) [ 874.597821][T14623] ufs: You didn't specify the type of your ufs filesystem [ 874.597821][T14623] [ 874.597821][T14623] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 874.597821][T14623] [ 874.597821][T14623] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 874.637674][T14623] ufs: ufstype=old is supported read-only [ 874.646318][T14623] bio_check_eod: 2 callbacks suppressed [ 874.646355][T14623] syz.1.2862: attempt to access beyond end of device [ 874.646355][T14623] loop3: rw=0, sector=16, nr_sectors = 2 limit=0 [ 875.449215][ T5849] hid-generic 00A0:0008:800003.000F: unknown main item tag 0x0 [ 875.482216][ T5849] hid-generic 00A0:0008:800003.000F: unknown main item tag 0x0 [ 875.491682][ T5849] hid-generic 00A0:0008:800003.000F: unknown main item tag 0x0 [ 875.532142][ T5849] hid-generic 00A0:0008:800003.000F: unknown main item tag 0x0 [ 875.552145][ T5849] hid-generic 00A0:0008:800003.000F: unknown main item tag 0x0 [ 875.572292][ T5849] hid-generic 00A0:0008:800003.000F: unknown main item tag 0x0 [ 875.581695][ T5849] hid-generic 00A0:0008:800003.000F: unknown main item tag 0x0 [ 875.601134][ T5849] hid-generic 00A0:0008:800003.000F: unknown main item tag 0x0 [ 875.627443][ T5849] hid-generic 00A0:0008:800003.000F: unknown main item tag 0x0 [ 875.643384][ T5849] hid-generic 00A0:0008:800003.000F: unknown main item tag 0x0 [ 875.882157][ T5849] hid-generic 00A0:0008:800003.000F: unknown main item tag 0x0 [ 875.892912][ T5849] hid-generic 00A0:0008:800003.000F: unknown main item tag 0x0 [ 875.910891][ T5849] hid-generic 00A0:0008:800003.000F: hidraw0: HID v0.05 Device [syz1] on syz0 [ 876.504333][T14630] loop3: detected capacity change from 0 to 8192 [ 876.550500][T14639] fuse: Bad value for 'group_id' [ 876.574078][T14634] fido_id[14634]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 876.629348][T14630] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 876.704496][T14630] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2867'. [ 876.878274][T14643] netlink: 'syz.3.2867': attribute type 1 has an invalid length. [ 877.073974][T14643] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2867'. [ 880.332477][T14689] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2885'. [ 880.343327][T14689] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2885'. [ 881.013326][T14700] tmpfs: Unknown parameter '" ' [ 881.314948][T14710] loop2: detected capacity change from 0 to 1024 [ 881.390495][ T28] audit: type=1800 audit(1759945316.014:653): pid=14710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2894" name="file2" dev="loop2" ino=21 res=0 errno=0 [ 883.491215][T14734] loop2: detected capacity change from 0 to 1024 [ 885.125580][T11517] hfsplus: bad catalog file entry [ 885.131811][T11517] hfsplus: b-tree write err: -5, ino 3 [ 890.244375][T14832] autofs4:pid:14832:autofs_fill_super: called with bogus options [ 892.461648][T14853] loop2: detected capacity change from 0 to 8 [ 892.524536][T14853] SQUASHFS error: lzo decompression failed, data probably corrupt [ 892.573210][T14853] SQUASHFS error: Failed to read block 0x91: -5 [ 892.581987][T14853] SQUASHFS error: Unable to read metadata cache entry [8f] [ 892.592651][T14853] SQUASHFS error: Unable to read inode 0x11f [ 892.915062][T14867] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2945'. [ 892.926241][T14867] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2945'. [ 894.158956][T14886] loop2: detected capacity change from 0 to 2048 [ 894.181798][T14886] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 894.204985][T14886] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 896.834374][T14911] xt_TCPMSS: Only works on TCP SYN packets [ 898.693692][T14941] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2965'. [ 898.704718][T14941] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2965'. [ 898.717118][T14941] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2965'. [ 898.882203][T12801] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 899.992131][T12801] usb 2-1: Using ep0 maxpacket: 32 [ 900.011263][T12801] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 900.062326][T12801] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 900.102190][T12801] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 900.132093][T12801] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 900.165706][T12801] usb 2-1: config 0 descriptor?? [ 900.191286][T12801] hub 2-1:0.0: USB hub found [ 900.400263][T12801] hub 2-1:0.0: 1 port detected [ 900.842595][T12801] hub 2-1:0.0: hub_hub_status failed (err = -71) [ 900.979584][T12801] hub 2-1:0.0: config failed, can't get hub status (err -71) [ 901.050156][T12801] usbhid 2-1:0.0: can't add hid device: -71 [ 901.082369][T12801] usbhid: probe of 2-1:0.0 failed with error -71 [ 901.183984][T12801] usb 2-1: USB disconnect, device number 9 [ 901.745290][T14975] xt_TCPMSS: Only works on TCP SYN packets [ 902.946532][T14990] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2980'. [ 903.291185][T14991] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 904.768857][T15013] trusted_key: encrypted_key: insufficient parameters specified [ 906.061787][T15027] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2993'. [ 907.478804][T15040] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2999'. [ 907.889015][T12428] syz-executor: attempt to access beyond end of device [ 907.889015][T12428] loop1: rw=0, sector=65, nr_sectors = 1 limit=0 [ 907.970874][T12428] FAT-fs (loop1): unable to read inode block for updating (i_pos 1050) [ 907.996014][T12428] syz-executor: attempt to access beyond end of device [ 907.996014][T12428] loop1: rw=0, sector=65, nr_sectors = 1 limit=0 [ 908.013313][T12428] FAT-fs (loop1): unable to read inode block for updating (i_pos 1050) [ 908.023779][T12428] FAT-fs (loop1): Failed to update on disk inode for unused fallocated blocks, inode could be corrupted. Please run fsck [ 908.099910][T15049] trusted_key: encrypted_key: insufficient parameters specified [ 909.702458][ T5849] usb 4-1: new high-speed USB device number 51 using dummy_hcd [ 909.953844][ T5849] usb 4-1: config 220 has an invalid interface number: 76 but max is 2 [ 909.998166][ T5849] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 910.026746][ T5849] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 910.060532][ T5849] usb 4-1: config 220 has no interface number 2 [ 910.088887][ T5849] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 910.142112][ T5849] usb 4-1: config 220 interface 0 has no altsetting 0 [ 910.178430][ T5849] usb 4-1: config 220 interface 76 has no altsetting 0 [ 910.210889][ T5849] usb 4-1: config 220 interface 1 has no altsetting 0 [ 910.245496][ T5849] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 910.270662][ T1098] tipc: Disabling bearer [ 910.272239][ T5849] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 910.303472][ T1098] tipc: Left network mode [ 910.327493][ T5849] usb 4-1: Product: syz [ 910.347343][ T5849] usb 4-1: Manufacturer: syz [ 910.379968][ T5849] usb 4-1: SerialNumber: syz [ 910.639799][ T5849] usb 4-1: selecting invalid altsetting 0 [ 910.673609][ T5849] usb 4-1: Found UVC 7.01 device syz (8086:0b07) [ 910.681315][ T5849] usb 4-1: No valid video chain found. [ 910.751130][ T5849] usb 4-1: selecting invalid altsetting 0 [ 910.788043][ T5849] usbtest: probe of 4-1:220.1 failed with error -22 [ 910.799133][T12116] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 910.816162][T12116] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 910.832148][T12116] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 910.841250][ T5849] usb 4-1: USB disconnect, device number 51 [ 910.853641][T12116] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 910.872933][T12116] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 910.881954][T12116] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 912.930255][T12116] Bluetooth: hci0: command tx timeout [ 913.068029][T15114] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3021'. [ 913.312254][T15118] bridge_slave_0: left allmulticast mode [ 913.319386][T15118] bridge_slave_0: left promiscuous mode [ 913.353008][T15118] bridge0: port 1(bridge_slave_0) entered disabled state [ 913.429522][T15118] bridge_slave_1: left allmulticast mode [ 913.462319][T15118] bridge_slave_1: left promiscuous mode [ 913.469513][T15118] bridge0: port 2(bridge_slave_1) entered disabled state [ 913.486348][T15118] bond0: (slave bond_slave_0): Releasing backup interface [ 913.525940][T15118] bond0: (slave bond_slave_1): Releasing backup interface [ 913.604299][T15118] team0: Port device team_slave_0 removed [ 913.641128][T15118] team0: Port device team_slave_1 removed [ 913.661008][T15118] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 913.679265][T15118] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 913.691147][T15118] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 913.703339][T15118] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 913.767698][T15122] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3023'. [ 914.070385][ T1098] hsr_slave_0: left promiscuous mode [ 914.105391][ T1098] hsr_slave_1: left promiscuous mode [ 914.147463][ T1098] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 914.259751][ T1098] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 914.294760][ T1098] bridge_slave_1: left allmulticast mode [ 914.301724][ T1098] bridge_slave_1: left promiscuous mode [ 914.314166][ T1098] bridge0: port 2(bridge_slave_1) entered disabled state [ 914.329340][ T1098] bridge_slave_0: left allmulticast mode [ 914.340328][ T1098] bridge_slave_0: left promiscuous mode [ 914.354438][ T1098] bridge0: port 1(bridge_slave_0) entered disabled state [ 914.592550][ T6044] usb 4-1: new high-speed USB device number 52 using dummy_hcd [ 914.802464][ T6044] usb 4-1: Using ep0 maxpacket: 32 [ 914.903324][ T6044] usb 4-1: unable to get BOS descriptor or descriptor too short [ 915.108698][T12116] Bluetooth: hci0: command tx timeout [ 915.132579][ T6044] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 65535, setting to 64 [ 915.296855][ T6044] usb 4-1: New USB device found, idVendor=0123, idProduct=0001, bcdDevice=4a.f6 [ 915.318770][ T6044] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 915.329765][ T6044] usb 4-1: Product: syz [ 915.335302][ T6044] usb 4-1: Manufacturer: syz [ 915.341050][ T6044] usb 4-1: SerialNumber: syz [ 915.350391][ T6044] usb 4-1: config 0 descriptor?? [ 915.581211][ T6044] usbtouchscreen: probe of 4-1:0.0 failed with error -71 [ 915.596011][ T6044] usb 4-1: USB disconnect, device number 52 [ 915.937091][T15165] loop2: detected capacity change from 0 to 512 [ 916.026814][T15165] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 916.074419][T15165] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 916.123444][ T28] audit: type=1800 audit(1759945350.744:654): pid=15165 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3032" name="file1" dev="loop2" ino=19 res=0 errno=0 [ 916.175080][T12751] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 916.395851][ T1098] team0 (unregistering): Port device team_slave_1 removed [ 916.510988][ T1098] team0 (unregistering): Port device team_slave_0 removed [ 916.601056][ T1098] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 917.162272][T12116] Bluetooth: hci0: command tx timeout [ 917.485700][ T1098] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 918.030698][T15179] loop2: detected capacity change from 0 to 8 [ 918.465365][ T1098] bond0 (unregistering): Released all slaves [ 918.606250][T15078] chnl_net:caif_netlink_parms(): no params data found [ 919.332937][T12116] Bluetooth: hci0: command tx timeout [ 919.886016][T15209] loop2: detected capacity change from 0 to 1024 [ 919.983142][T15209] EXT4-fs: Ignoring removed mblk_io_submit option [ 920.022291][T15209] EXT4-fs: Ignoring removed oldalloc option [ 920.029514][T15209] EXT4-fs: Ignoring removed nomblk_io_submit option [ 920.073091][T15209] EXT4-fs (loop2): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 920.073568][T15078] bridge0: port 1(bridge_slave_0) entered blocking state [ 920.168925][T15209] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 920.182231][T15078] bridge0: port 1(bridge_slave_0) entered disabled state [ 920.242327][T15078] bridge_slave_0: entered allmulticast mode [ 920.272860][ T28] audit: type=1800 audit(1759945354.894:655): pid=15209 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3039" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 920.310042][T15078] bridge_slave_0: entered promiscuous mode [ 920.406917][T15078] bridge0: port 2(bridge_slave_1) entered blocking state [ 920.412065][ T28] audit: type=1800 audit(1759945354.934:656): pid=15209 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3039" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 920.449994][T15078] bridge0: port 2(bridge_slave_1) entered disabled state [ 920.478652][T15078] bridge_slave_1: entered allmulticast mode [ 920.509226][T15078] bridge_slave_1: entered promiscuous mode [ 920.759380][T12751] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 922.532369][T15078] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 922.575973][T15078] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 922.850595][ T1098] IPVS: stop unused estimator thread 0... [ 922.875548][T15078] team0: Port device team_slave_0 added [ 922.913638][T15078] team0: Port device team_slave_1 added [ 924.131322][T15078] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 924.131366][T15078] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 924.131390][T15078] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 924.136744][T15078] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 924.136765][T15078] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 924.136792][T15078] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 924.282423][T15078] hsr_slave_0: entered promiscuous mode [ 924.389149][T15078] hsr_slave_1: entered promiscuous mode [ 924.402620][T15078] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 924.402730][T15078] Cannot create hsr debugfs directory [ 925.269469][T15078] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 925.359640][T15078] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 925.491900][T15078] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 925.546625][T15078] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 925.929345][T15078] 8021q: adding VLAN 0 to HW filter on device bond0 [ 926.003160][T15078] 8021q: adding VLAN 0 to HW filter on device team0 [ 926.049540][T11513] bridge0: port 1(bridge_slave_0) entered blocking state [ 926.058247][T11513] bridge0: port 1(bridge_slave_0) entered forwarding state [ 926.077795][T11513] bridge0: port 2(bridge_slave_1) entered blocking state [ 926.086635][T11513] bridge0: port 2(bridge_slave_1) entered forwarding state [ 926.905338][T15078] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 927.137808][T15323] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3069'. [ 927.871535][T15337] loop2: detected capacity change from 0 to 2048 [ 928.098520][T15337] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 929.338208][T15078] veth0_vlan: entered promiscuous mode [ 929.401612][T15078] veth1_vlan: entered promiscuous mode [ 929.671006][T15078] veth0_macvtap: entered promiscuous mode [ 929.698239][T15078] veth1_macvtap: entered promiscuous mode [ 929.764195][T15078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 929.781064][T15078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.800195][T15078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 929.816152][T15078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.829071][T15078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 929.845648][T15078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 929.886515][T15078] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 929.947621][T15078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 929.991343][T15078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 930.032171][T15078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 930.057478][T15078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 930.081721][T15078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 930.095448][T15078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 930.125750][T15078] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 930.157310][T15364] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3077'. [ 930.192160][T15078] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 930.232282][T15078] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 930.255498][T15078] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 930.268131][T15078] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 930.976778][T12451] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 931.016378][T12451] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 931.083612][T12451] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 931.131311][T12451] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 931.646569][T15380] fuse: Bad value for 'fd' [ 931.722701][T15383] autofs4:pid:15383:autofs_fill_super: called with bogus options [ 931.981313][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 932.002308][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.494069][T15401] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3087'. [ 933.439006][T15423] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3094'. [ 934.036947][T15440] netlink: 'syz.4.3101': attribute type 13 has an invalid length. [ 934.103163][T15440] gretap0: refused to change device tx_queue_len [ 934.133000][T15440] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 934.214085][T15449] syzkaller0: entered promiscuous mode [ 934.220770][T15449] syzkaller0: entered allmulticast mode [ 935.966293][T15475] loop2: detected capacity change from 0 to 1024 [ 935.981789][T15475] EXT4-fs: Ignoring removed nomblk_io_submit option [ 936.016272][T15475] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 936.128391][T15475] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 936.287714][T12751] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 936.543482][T15490] loop4: detected capacity change from 0 to 128 [ 936.595344][T15490] EXT4-fs: Ignoring removed nomblk_io_submit option [ 936.612682][T15490] EXT4-fs: Ignoring removed nomblk_io_submit option [ 936.772245][T15490] EXT4-fs (loop4): Test dummy encryption mode enabled [ 936.825316][T15490] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 936.847621][T15493] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3116'. [ 936.928680][T15490] ext4 filesystem being mounted at /7/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 937.295044][T15490] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 938.237843][T15078] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 938.840771][T15531] ufs: You didn't specify the type of your ufs filesystem [ 938.840771][T15531] [ 938.840771][T15531] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 938.840771][T15531] [ 938.840771][T15531] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 938.879388][T15531] ufs: ufstype=old is supported read-only [ 938.888069][T15531] syz.3.3124: attempt to access beyond end of device [ 938.888069][T15531] loop7: rw=0, sector=16, nr_sectors = 2 limit=0 [ 939.656032][T15533] loop4: detected capacity change from 0 to 2048 [ 940.359764][T14160] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 942.050346][T15574] syz_tun: entered allmulticast mode [ 942.604320][ T5859] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 943.608603][ T5859] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 196, using maximum allowed: 30 [ 943.630443][ T5859] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 943.651860][ T5859] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 196 [ 943.682244][ T5859] usb 5-1: New USB device found, idVendor=054c, idProduct=042f, bcdDevice= 0.00 [ 943.693477][ T5859] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 943.718850][ T5859] usb 5-1: config 0 descriptor?? [ 944.167195][T15608] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3147'. [ 944.206624][T15608] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3147'. [ 944.370548][ T5859] sony 0003:054C:042F.0010: unknown main item tag 0x0 [ 944.379342][ T5859] sony 0003:054C:042F.0010: unknown main item tag 0x5 [ 944.395984][ T5859] sony 0003:054C:042F.0010: hidraw0: USB HID v10.01 Device [HID 054c:042f] on usb-dummy_hcd.4-1/input0 [ 944.508780][ T5859] sony 0003:054C:042F.0010: failed to claim input [ 945.047816][T15614] netlink: 'syz.2.3149': attribute type 1 has an invalid length. [ 945.157789][ T5859] usb 5-1: USB disconnect, device number 2 [ 945.270439][T15612] fido_id[15612]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 945.926245][T15625] autofs4:pid:15625:autofs_fill_super: called with bogus options [ 946.959220][T15636] loop2: detected capacity change from 0 to 256 [ 947.062682][T14160] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 948.222235][ T6044] usb 3-1: new full-speed USB device number 18 using dummy_hcd [ 948.422319][ T6044] usb 3-1: device descriptor read/64, error -71 [ 948.699644][T15656] Bluetooth: MGMT ver 1.22 [ 948.722383][ T6044] usb 3-1: new full-speed USB device number 19 using dummy_hcd [ 948.912899][ T6044] usb 3-1: device descriptor read/64, error -71 [ 949.042613][ T6044] usb usb3-port1: attempt power cycle [ 949.222458][T12801] usb 4-1: new high-speed USB device number 53 using dummy_hcd [ 949.536961][T15670] loop4: detected capacity change from 0 to 256 [ 949.617251][T15671] autofs4:pid:15671:autofs_fill_super: called with bogus options [ 950.124326][ T6044] usb 3-1: new full-speed USB device number 20 using dummy_hcd [ 950.178970][T12801] usb 4-1: Using ep0 maxpacket: 16 [ 950.213254][T12801] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 950.213289][T12801] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 950.213313][T12801] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 950.213367][T12801] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 950.213392][T12801] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 950.216663][T12801] usb 4-1: config 0 descriptor?? [ 950.254891][T15675] fuse: Invalid rootmode [ 950.372077][ T6044] usb 3-1: device not accepting address 20, error -71 [ 950.677216][T12801] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0 [ 950.729302][T12801] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0 [ 950.744061][T12801] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0 [ 950.756705][T12801] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0 [ 950.767722][T12801] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0 [ 950.778329][T12801] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0 [ 950.788774][T12801] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0 [ 950.814670][T12801] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0 [ 950.824770][T12801] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0 [ 950.842856][T12801] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0 [ 950.851812][T12801] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0 [ 950.868214][T15692] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3170'. [ 950.886565][T12801] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0 [ 950.899542][T12801] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0 [ 950.919841][T15692] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3170'. [ 950.951038][T12801] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0011/input/input6 [ 950.972157][T15695] ubi: mtd0 is already attached to ubi31 [ 951.071066][T12801] microsoft 0003:045E:07DA.0011: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 951.201580][T12801] usb 4-1: USB disconnect, device number 53 [ 952.177267][T15711] autofs4:pid:15711:autofs_fill_super: called with bogus options [ 952.806035][T15717] fuse: Invalid rootmode [ 952.902393][ T6044] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 953.132195][ T6044] usb 5-1: Using ep0 maxpacket: 32 [ 953.157587][ T6044] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10 [ 953.202170][ T6044] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024 [ 953.242758][ T6044] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 953.290749][ T6044] usb 5-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 953.312157][ T6044] usb 5-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 953.332889][ T6044] usb 5-1: Product: syz [ 953.337979][ T6044] usb 5-1: Manufacturer: syz [ 953.354207][ T6044] usb 5-1: SerialNumber: syz [ 953.410667][ T6044] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input7 [ 953.756625][ C1] appletouch 5-1:1.0: atp_complete: usb_submit_urb failed with result -19 [ 953.782107][ T6044] usb 5-1: USB disconnect, device number 3 [ 953.855170][ T6044] appletouch 5-1:1.0: input: appletouch disconnected [ 954.890276][T15759] loop4: detected capacity change from 0 to 256 [ 954.899934][T15759] exfat: Deprecated parameter 'namecase' [ 954.935258][T15759] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 955.007739][T15761] autofs4:pid:15761:autofs_fill_super: called with bogus options [ 955.995869][T15785] loop4: detected capacity change from 0 to 512 [ 956.070007][T15785] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 956.092682][T15785] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 956.265181][T15785] EXT4-fs error (device loop4): ext4_validate_inode_bitmap:106: comm syz.4.3192: Corrupt inode bitmap - block_group = 0, inode_bitmap = 18 [ 956.670083][T15078] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 956.826282][T15809] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3194'. [ 956.863099][T15809] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3194'. [ 956.933210][T15805] ubi: mtd0 is already attached to ubi31 [ 957.064138][T15813] autofs4:pid:15813:autofs_fill_super: called with bogus options [ 957.850627][T15833] loop2: detected capacity change from 0 to 512 [ 957.874637][T15833] EXT4-fs: Ignoring removed oldalloc option [ 957.902980][T15833] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 958.008249][T15833] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.3203: Parent and EA inode have the same ino 15 [ 958.077856][T15833] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 958.116321][T15833] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.3203: Parent and EA inode have the same ino 15 [ 958.159238][T15833] EXT4-fs (loop2): 1 orphan inode deleted [ 958.169134][T15833] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 958.338763][T12751] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 959.182209][ T786] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 959.357588][T15882] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3215'. [ 959.382126][ T786] usb 5-1: Using ep0 maxpacket: 16 [ 959.402660][ T786] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 959.467109][ T786] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 959.499133][ T786] usb 5-1: config 0 interface 0 has no altsetting 0 [ 959.514968][ T786] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 959.543719][ T786] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 959.592419][ T786] usb 5-1: config 0 descriptor?? [ 961.048459][ T786] usb 5-1: USB disconnect, device number 4 [ 962.813594][T15927] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3226'. [ 962.870170][T15927] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3226'. [ 962.937802][T15927] ubi: mtd0 is already attached to ubi31 [ 963.812194][ T6036] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 963.940765][T15956] loop2: detected capacity change from 0 to 2048 [ 963.990033][T15956] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 964.022215][ T6036] usb 5-1: Using ep0 maxpacket: 16 [ 964.057175][ T6036] usb 5-1: config 0 has an invalid interface number: 29 but max is 0 [ 964.090739][ T6036] usb 5-1: config 0 has no interface number 0 [ 964.130562][ T6036] usb 5-1: config 0 interface 29 altsetting 0 bulk endpoint 0xA has invalid maxpacket 16 [ 964.208913][ T6036] usb 5-1: New USB device found, idVendor=050d, idProduct=2102, bcdDevice=70.d0 [ 964.287924][ T6036] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 964.970890][ T6036] usb 5-1: Product: syz [ 964.976328][ T6036] usb 5-1: Manufacturer: syz [ 964.981880][ T6036] usb 5-1: SerialNumber: syz [ 965.018681][ T6036] usb 5-1: config 0 descriptor?? [ 965.068692][T15945] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 965.506079][ T6044] usb 5-1: USB disconnect, device number 5 [ 967.234337][T15993] fuse: Unknown parameter 'use00000000000000000000' [ 968.323378][ T786] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 968.516425][ T786] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 968.562167][ T786] usb 5-1: New USB device found, idVendor=056a, idProduct=00c6, bcdDevice= 0.00 [ 968.610184][ T786] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 968.638306][ T786] usb 5-1: config 0 descriptor?? [ 969.145623][ T786] wacom 0003:056A:00C6.0013: hidraw0: USB HID v0.00 Device [HID 056a:00c6] on usb-dummy_hcd.4-1/input0 [ 969.219962][T16027] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3250'. [ 969.267736][T16027] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3250'. [ 969.406643][T11289] usb 5-1: USB disconnect, device number 6 [ 969.666230][T16032] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3251'. [ 969.678142][T16032] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3251'. [ 969.692534][T16032] ubi: mtd0 is already attached to ubi31 [ 970.635892][T16040] futex_wake_op: syz.4.3255 tries to shift op by 32; fix this program [ 973.104518][T16062] loop2: detected capacity change from 0 to 256 [ 973.181089][T16063] ufs: You didn't specify the type of your ufs filesystem [ 973.181089][T16063] [ 973.181089][T16063] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 973.181089][T16063] [ 973.181089][T16063] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 973.218260][T16063] ufs: ufstype=old is supported read-only [ 973.226513][T16063] syz.3.3260: attempt to access beyond end of device [ 973.226513][T16063] loop7: rw=0, sector=16, nr_sectors = 2 limit=0 [ 973.373846][T16062] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 973.698894][T16062] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 973.788835][T16062] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 974.166112][T16069] input: syz1 as /devices/virtual/input/input12 [ 974.303706][T16069] input: failed to attach handler leds to device input12, error: -6 [ 977.496281][T16095] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3270'. [ 977.507422][T16095] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3270'. [ 977.521750][T16095] ubi: mtd0 is already attached to ubi31 [ 978.680130][T16104] loop4: detected capacity change from 0 to 16 [ 978.692303][T16104] erofs: (device loop4): mounted with root inode @ nid 36. [ 978.993093][T16109] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3273'. [ 979.004053][T16109] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3273'. [ 979.018574][T16109] ubi: mtd0 is already attached to ubi31 [ 979.680139][T16117] loop2: detected capacity change from 0 to 2048 [ 979.745973][T16117] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 979.761876][T16117] ext4 filesystem being mounted at /246/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 979.822105][T11289] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 979.868420][T16117] EXT4-fs error (device loop2): ext4_validate_inode_bitmap:106: comm syz.2.3280: Corrupt inode bitmap - block_group = 0, inode_bitmap = 3 [ 979.915843][T12751] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D. [ 979.948465][T12751] EXT4-fs error (device loop2): ext4_readdir:223: inode #11: comm syz-executor: path /246/file1/lost+found: directory fails checksum at offset 0 [ 979.977543][T12751] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D. [ 979.998087][T12751] EXT4-fs error (device loop2): ext4_readdir:223: inode #11: comm syz-executor: path /246/file1/lost+found: directory fails checksum at offset 4096 [ 980.018912][T12751] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D. [ 980.038592][T12751] EXT4-fs error (device loop2): ext4_readdir:223: inode #11: comm syz-executor: path /246/file1/lost+found: directory fails checksum at offset 8192 [ 980.059188][T12751] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D. [ 980.061219][T11289] usb 5-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config [ 980.090524][T11289] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 980.093262][T12751] EXT4-fs error (device loop2): ext4_readdir:223: inode #11: comm syz-executor: path /246/file1/lost+found: directory fails checksum at offset 12288 [ 980.120955][T11289] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 980.131681][T12751] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D. [ 980.131835][T12751] EXT4-fs error (device loop2): ext4_empty_dir:3139: inode #11: comm syz-executor: Directory block failed checksum [ 980.140107][T12751] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D. [ 980.151839][T11289] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 980.180545][T12751] EXT4-fs error (device loop2): ext4_readdir:223: inode #11: comm syz-executor: path /246/file1/lost+found: directory fails checksum at offset 0 [ 980.187010][T11289] usb 5-1: SerialNumber: syz [ 980.201084][T12751] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D. [ 980.238116][T12751] EXT4-fs error (device loop2): ext4_readdir:223: inode #11: comm syz-executor: path /246/file1/lost+found: directory fails checksum at offset 4096 [ 980.256900][T12751] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D. [ 980.277434][T12751] EXT4-fs error (device loop2): ext4_readdir:223: inode #11: comm syz-executor: path /246/file1/lost+found: directory fails checksum at offset 8192 [ 980.297158][T12751] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D. [ 980.316206][T12751] EXT4-fs error (device loop2): ext4_readdir:223: inode #11: comm syz-executor: path /246/file1/lost+found: directory fails checksum at offset 12288 [ 980.337400][T12751] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D. [ 980.465031][T11289] usb 5-1: 0:2 : does not exist [ 980.550429][T11289] usb 5-1: USB disconnect, device number 7 [ 980.609093][T14134] udevd[14134]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 981.859738][ T1098] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 982.105340][ T1098] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 982.408793][ T1098] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 982.592821][ T1098] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 983.058349][T16150] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3288'. [ 983.070237][T16150] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3288'. [ 983.086325][T16150] ubi: mtd0 is already attached to ubi31 [ 983.194722][T12751] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 986.716094][ T5794] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 986.738902][ T5794] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 986.750112][ T5794] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 986.793655][ T5794] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 986.805663][ T5794] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 986.816825][ T5794] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 987.022819][T16188] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3296'. [ 987.034083][T16188] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3296'. [ 987.405059][ T1098] hsr_slave_0: left promiscuous mode [ 987.430149][ T1098] hsr_slave_1: left promiscuous mode [ 987.441452][ T1098] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 987.468549][ T1098] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 987.523244][ T1098] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 987.542593][ T1098] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 987.569347][ T1098] bridge_slave_1: left allmulticast mode [ 987.608524][ T1098] bridge_slave_1: left promiscuous mode [ 987.635741][ T1098] bridge0: port 2(bridge_slave_1) entered disabled state [ 987.736969][ T1098] bridge_slave_0: left allmulticast mode [ 987.767933][ T1098] bridge_slave_0: left promiscuous mode [ 987.784285][T16204] loop4: detected capacity change from 0 to 512 [ 987.801461][ T1098] bridge0: port 1(bridge_slave_0) entered disabled state [ 987.858222][T16204] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 987.936798][T16204] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 987.950371][ T1098] veth1_macvtap: left promiscuous mode [ 987.975448][ T1098] veth0_macvtap: left promiscuous mode [ 988.004983][ T1098] veth1_vlan: left promiscuous mode [ 988.028092][ T1098] veth0_vlan: left promiscuous mode [ 988.078592][T16204] EXT4-fs error (device loop4): ext4_validate_block_bitmap:430: comm syz.4.3302: bg 0: block 104: invalid block bitmap [ 988.110138][T16204] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 988.160969][T16204] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.3302: invalid indirect mapped block 1 (level 1) [ 988.195904][T16204] EXT4-fs (loop4): 1 truncate cleaned up [ 988.221768][T16204] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 988.376224][ T28] audit: type=1800 audit(1759945424.006:657): pid=16204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3302" name="file1" dev="loop4" ino=18 res=0 errno=0 [ 988.917521][T16218] ufs: You didn't specify the type of your ufs filesystem [ 988.917521][T16218] [ 988.917521][T16218] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 988.917521][T16218] [ 988.917521][T16218] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 988.955836][T16218] ufs: ufstype=old is supported read-only [ 988.964127][T16218] syz.3.3303: attempt to access beyond end of device [ 988.964127][T16218] loop7: rw=0, sector=16, nr_sectors = 2 limit=0 [ 989.034268][ T5794] Bluetooth: hci1: command tx timeout [ 990.937506][T15078] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 991.082319][ T5794] Bluetooth: hci1: command tx timeout [ 991.212393][ T28] audit: type=1326 audit(1759945426.836:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16228 comm="syz.4.3307" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe28058eec9 code=0x0 [ 991.891769][ T1098] team0 (unregistering): Port device team_slave_1 removed [ 991.998607][ T1098] team0 (unregistering): Port device team_slave_0 removed [ 992.139536][ T1098] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 992.243629][ T1098] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 993.167906][ T5794] Bluetooth: hci1: command tx timeout [ 993.424663][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.442291][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.478065][T16251] ubi: mtd0 is already attached to ubi31 [ 995.125895][ T1098] bond0 (unregistering): Released all slaves [ 995.244314][ T5794] Bluetooth: hci1: command tx timeout [ 995.294677][T16234] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3309'. [ 995.310541][T16250] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3312'. [ 995.321788][T16250] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3312'. [ 995.722286][T16267] raw_sendmsg: syz.0.3317 forgot to set AF_INET. Fix it! [ 995.825030][T16272] loop4: detected capacity change from 0 to 256 [ 995.986691][T16272] FAT-fs (loop4): Directory bread(block 64) failed [ 996.046644][T16272] FAT-fs (loop4): Directory bread(block 65) failed [ 996.060150][T16183] chnl_net:caif_netlink_parms(): no params data found [ 996.082159][T16272] FAT-fs (loop4): Directory bread(block 66) failed [ 996.124271][T16272] FAT-fs (loop4): Directory bread(block 67) failed [ 996.151537][T16272] FAT-fs (loop4): Directory bread(block 68) failed [ 996.182204][T16272] FAT-fs (loop4): Directory bread(block 69) failed [ 996.226364][T16272] FAT-fs (loop4): Directory bread(block 70) failed [ 996.241944][T16272] FAT-fs (loop4): Directory bread(block 71) failed [ 996.250516][T16272] FAT-fs (loop4): Directory bread(block 72) failed [ 996.265633][T16272] FAT-fs (loop4): Directory bread(block 73) failed [ 997.444091][T16183] bridge0: port 1(bridge_slave_0) entered blocking state [ 997.475103][T16183] bridge0: port 1(bridge_slave_0) entered disabled state [ 997.503602][T16183] bridge_slave_0: entered allmulticast mode [ 997.521755][T16183] bridge_slave_0: entered promiscuous mode [ 997.548386][T16297] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3323'. [ 997.637804][T16183] bridge0: port 2(bridge_slave_1) entered blocking state [ 997.657797][T16183] bridge0: port 2(bridge_slave_1) entered disabled state [ 997.667119][T16183] bridge_slave_1: entered allmulticast mode [ 997.703944][T16183] bridge_slave_1: entered promiscuous mode [ 997.876849][T16183] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 997.907230][T16306] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3327'. [ 997.932405][T16183] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 998.041255][T16308] fuse: Unknown parameter 'grou00000000000000000000' [ 998.083423][T16183] team0: Port device team_slave_0 added [ 998.126568][T16183] team0: Port device team_slave_1 added [ 998.299154][T16183] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 998.333816][T16183] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 998.407021][T16183] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 998.411361][T16313] ubi: mtd0 is already attached to ubi31 [ 998.456086][T16312] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3325'. [ 998.481178][T16312] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3325'. [ 998.493711][T16183] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 998.502304][T16183] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 999.064994][T16183] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 999.455763][T16183] hsr_slave_0: entered promiscuous mode [ 999.495828][T16183] hsr_slave_1: entered promiscuous mode [ 1001.495058][T16342] fuse: Unknown parameter 'grou00000000000000000000' [ 1001.773070][T16183] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1001.809543][T16183] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1001.850700][T16183] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1001.887439][T16183] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1002.330282][T16183] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1003.190404][T16183] 8021q: adding VLAN 0 to HW filter on device team0 [ 1003.285044][ T743] bridge0: port 1(bridge_slave_0) entered blocking state [ 1003.293862][ T743] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1003.383577][ T743] bridge0: port 2(bridge_slave_1) entered blocking state [ 1003.392334][ T743] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1003.428152][T16375] fuse: Unknown parameter 'group_i00000000000000000000' [ 1003.481172][T16378] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1003.994504][T16397] loop4: detected capacity change from 0 to 16 [ 1004.023884][T16397] erofs: (device loop4): mounted with root inode @ nid 36. [ 1004.123955][T16183] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1004.726047][T16412] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3350'. [ 1004.754121][T16412] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3350'. [ 1004.784422][ T6044] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 1005.136874][ T6044] usb 5-1: not running at top speed; connect to a high speed hub [ 1005.429846][ T6044] usb 5-1: config 9 has an invalid interface number: 139 but max is 0 [ 1005.462663][ T6044] usb 5-1: config 9 has no interface number 0 [ 1005.470485][ T6044] usb 5-1: config 9 interface 139 has no altsetting 0 [ 1005.562407][ T6044] usb 5-1: New USB device found, idVendor=12d1, idProduct=5437, bcdDevice=7b.f0 [ 1005.641694][ T6044] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1005.674045][ T6044] usb 5-1: Product: syz [ 1005.679119][ T6044] usb 5-1: Manufacturer: syz [ 1005.680935][T16420] fuse: Unknown parameter 'group_i00000000000000000000' [ 1005.713563][ T6044] usb 5-1: SerialNumber: syz [ 1005.756526][T16183] veth0_vlan: entered promiscuous mode [ 1005.818113][T16183] veth1_vlan: entered promiscuous mode [ 1005.961148][T16183] veth0_macvtap: entered promiscuous mode [ 1006.006658][T16403] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3352'. [ 1006.033731][T16403] bridge_slave_1: left allmulticast mode [ 1006.040598][T16403] bridge_slave_1: left promiscuous mode [ 1006.079888][T16403] bridge0: port 2(bridge_slave_1) entered disabled state [ 1006.111853][T16403] bridge_slave_0: left allmulticast mode [ 1006.126901][T16403] bridge_slave_0: left promiscuous mode [ 1006.134160][T16403] bridge0: port 1(bridge_slave_0) entered disabled state [ 1006.261783][T16183] veth1_macvtap: entered promiscuous mode [ 1006.315859][T16183] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1006.352161][T16183] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1006.382229][T16183] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1006.412132][T16183] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1006.431442][T16183] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1006.445308][T16183] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1006.468747][ T6044] qmi_wwan: probe of 5-1:9.139 failed with error -22 [ 1006.471632][T16183] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1006.505486][ T6044] usb 5-1: USB disconnect, device number 8 [ 1006.550330][T16183] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1006.567912][T16183] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1006.580477][T16183] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1006.593722][T16183] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1006.606963][T16183] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1006.619828][T16183] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1006.634099][T16183] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1006.650151][T16183] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1006.660983][T16183] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1006.671724][T16183] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1006.682727][T16183] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1006.824199][T11517] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1006.841269][T11517] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1006.895754][ T743] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1006.918204][ T743] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1007.415852][T16443] loop5: detected capacity change from 0 to 16 [ 1007.451584][T16443] erofs: (device loop5): mounted with root inode @ nid 36. [ 1007.493110][ T23] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 1007.706532][T16450] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1007.708450][ T23] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 1007.764916][ T23] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1007.786506][ T23] usb 5-1: Product: syz [ 1007.805606][ T23] usb 5-1: Manufacturer: syz [ 1007.811459][ T23] usb 5-1: SerialNumber: syz [ 1007.833816][ T23] usb 5-1: config 0 descriptor?? [ 1007.854001][ T23] ch341 5-1:0.0: ch341-uart converter detected [ 1008.192819][ T23] usb 5-1: failed to receive control message: -121 [ 1008.203233][ T23] ch341-uart: probe of ttyUSB0 failed with error -121 [ 1008.926294][T16464] fuse: Unknown parameter 'group_i00000000000000000000' [ 1009.414725][T16473] loop5: detected capacity change from 0 to 2048 [ 1009.506763][T16473] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1009.559028][T16473] EXT4-fs error (device loop5): ext4_find_extent:936: inode #2: comm syz.5.3366: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 1009.743979][T16473] EXT4-fs (loop5): Remounting filesystem read-only [ 1009.928506][T16183] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1010.359903][ T6045] usb 5-1: USB disconnect, device number 9 [ 1010.441271][ T6045] ch341 5-1:0.0: device disconnected [ 1010.982322][T12116] Bluetooth: hci2: command 0x0406 tx timeout [ 1011.183788][T16503] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1011.403502][T16511] fuse: Unknown parameter 'group_id00000000000000000000' [ 1011.520852][T16516] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3369'. [ 1011.562603][T16516] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3369'. [ 1011.661110][T16516] ubi: mtd0 is already attached to ubi31 [ 1015.052782][T16551] fuse: Unknown parameter 'group_id00000000000000000000' [ 1015.421454][T16565] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1015.734219][T16573] xt_TCPMSS: Only works on TCP SYN packets [ 1015.742811][T16571] loop4: detected capacity change from 0 to 128 [ 1015.833819][T16571] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 1016.118308][T16571] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1017.513504][T16590] fuse: Unknown parameter 'group_id00000000000000000000' [ 1019.412669][T11517] tipc: Disabling bearer [ 1019.421011][T11517] tipc: Left network mode [ 1019.514645][T16621] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3401'. [ 1019.525863][T16621] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3401'. [ 1019.555153][T16621] ubi: mtd0 is already attached to ubi31 [ 1021.417429][T16634] loop5: detected capacity change from 0 to 256 [ 1021.459087][T16634] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1021.497817][T16634] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 1021.532247][T16634] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 1024.465158][T16665] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3413'. [ 1024.476295][T16665] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3413'. [ 1029.455981][T16717] ubi: mtd0 is already attached to ubi31 [ 1029.547958][T16716] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3423'. [ 1029.560063][T16716] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3423'. [ 1030.026128][T16725] overlayfs: failed to clone upperpath [ 1034.934559][T11517] hsr_slave_0: left promiscuous mode [ 1035.455972][T11517] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1035.752145][T11517] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1035.764292][T11517] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1035.774461][T11517] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1035.792367][T11517] bridge_slave_1: left allmulticast mode [ 1035.799713][T11517] bridge_slave_1: left promiscuous mode [ 1035.857300][T11517] bridge0: port 2(bridge_slave_1) entered disabled state [ 1036.103132][T11517] bridge_slave_0: left allmulticast mode [ 1036.129452][T11517] bridge_slave_0: left promiscuous mode [ 1036.285143][T11517] bridge0: port 1(bridge_slave_0) entered disabled state [ 1036.772571][T12116] Bluetooth: hci0: command 0x0406 tx timeout [ 1036.935669][T11517] veth1_macvtap: left promiscuous mode [ 1036.953121][T11517] veth0_macvtap: left promiscuous mode [ 1037.064983][T11517] veth1_vlan: left promiscuous mode [ 1037.139215][T11517] veth0_vlan: left promiscuous mode [ 1038.604217][T11517] pim6reg (unregistering): left allmulticast mode [ 1039.855632][T11517] team0 (unregistering): Port device team_slave_1 removed [ 1041.208295][T11517] team0 (unregistering): Port device team_slave_0 removed [ 1041.322864][T11517] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1041.531929][T11517] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1054.862655][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.870634][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 1173.012084][ C0] ------------[ cut here ]------------ [ 1173.020377][ C0] WARNING: CPU: 0 PID: 16820 at kernel/rcu/tree_stall.h:1001 rcu_check_gp_start_stall+0x2dc/0x460 [ 1173.033810][ C0] Modules linked in: [ 1173.038945][ C0] CPU: 0 PID: 16820 Comm: syz.5.3444 Not tainted syzkaller #0 [ 1173.048368][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1173.061667][ C0] RIP: 0010:rcu_check_gp_start_stall+0x2dc/0x460 [ 1173.070401][ C0] Code: ff ff ff 48 c7 c7 a0 04 ef 96 be 04 00 00 00 e8 4a b9 6c 00 48 89 df b8 01 00 00 00 87 05 7c d9 7e 15 85 c0 0f 85 19 ff ff ff <0f> 0b 48 81 ff 80 51 d3 8c 74 47 48 c7 c0 1c b8 4a 8e 48 c1 e8 03 [ 1173.095728][ C0] RSP: 0018:ffffc90000007bb8 EFLAGS: 00010046 [ 1173.103128][ C0] RAX: 0000000000000000 RBX: ffffffff8cd35180 RCX: ffffffff81702b16 [ 1173.112783][ C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8cd35180 [ 1173.122358][ C0] RBP: ffffc90000007e30 R08: 0000000000000003 R09: 0000000000000004 [ 1173.131956][ C0] R10: dffffc0000000000 R11: fffffbfff2dde094 R12: 0000000000002904 [ 1173.141551][ C0] R13: 1ffff110171c7a22 R14: 0000000000000a02 R15: dffffc0000000000 [ 1173.151200][ C0] FS: 0000555586f5a500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 1173.161960][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1173.170308][ C0] CR2: 000020000006b000 CR3: 000000007f41e000 CR4: 00000000003506f0 [ 1173.180566][ C0] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000083 [ 1173.190164][ C0] DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 1173.200279][ C0] Call Trace: [ 1173.204213][ C0] [ 1173.207618][ C0] rcu_core+0x612/0x1720 [ 1173.212713][ C0] ? lock_chain_count+0x20/0x20 [ 1173.218542][ C0] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 1173.225062][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1173.231317][ C0] ? lockdep_hardirqs_on+0x98/0x150 [ 1173.237711][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 1173.243950][ C0] ? __run_timers+0x781/0x7d0 [ 1173.249560][ C0] ? __run_timers+0x74e/0x7d0 [ 1173.255483][ C0] ? detach_timer+0x2b0/0x2b0 [ 1173.261125][ C0] ? detach_timer+0x2b0/0x2b0 [ 1173.266770][ C0] ? lock_chain_count+0x20/0x20 [ 1173.272904][ C0] handle_softirqs+0x280/0x820 [ 1173.278666][ C0] ? __irq_exit_rcu+0xc7/0x190 [ 1173.284602][ C0] ? do_softirq+0x180/0x180 [ 1173.290013][ C0] __irq_exit_rcu+0xc7/0x190 [ 1173.295536][ C0] ? irq_exit_rcu+0x20/0x20 [ 1173.300943][ C0] irq_exit_rcu+0x9/0x20 [ 1173.306367][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 1173.313217][ C0] [ 1173.316747][ C0] [ 1173.320282][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1173.327762][ C0] RIP: 0010:fpu__alloc_mathframe+0x61/0x130 [ 1173.335195][ C0] Code: 4c 89 e0 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 e7 e8 03 83 ab 00 4d 8b 24 24 49 83 c4 04 4c 89 e0 48 c1 e8 03 42 0f b6 04 28 <84> c0 0f 85 81 00 00 00 45 8b 24 24 0f 1f 44 00 00 e8 29 2b 54 00 [ 1173.359650][ C0] RSP: 0018:ffffc9000ba7fac8 EFLAGS: 00000a07 [ 1173.367051][ C0] RAX: 0000000000000000 RBX: ffffc9000ba7fb80 RCX: ffff8880226f9e00 [ 1173.376641][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ffc28926668 [ 1173.386240][ C0] RBP: 0000000000000000 R08: ffff8880226fb36f R09: 1ffff110044df66d [ 1173.395912][ C0] R10: dffffc0000000000 R11: ffffed10044df66e R12: ffff8880226fb784 [ 1173.405523][ C0] R13: dffffc0000000000 R14: 00007ffc28926668 R15: ffffc9000ba7fba0 [ 1173.415227][ C0] ? fpu__alloc_mathframe+0x28/0x130 [ 1173.421702][ C0] get_sigframe+0x4c1/0x7c0 [ 1173.427166][ C0] ? load_gs_index+0x190/0x190 [ 1173.433038][ C0] ? lockdep_hardirqs_on+0x98/0x150 [ 1173.439555][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1173.446959][ C0] x64_setup_rt_frame+0x158/0xcd0 [ 1173.453022][ C0] ? _raw_spin_unlock_irq+0x29/0x50 [ 1173.459417][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 1173.465806][ C0] ? get_signal+0x11a0/0x1400 [ 1173.471519][ C0] ? sigaltstack_size_valid+0x1e0/0x1e0 [ 1173.478282][ C0] arch_do_signal_or_restart+0x3e5/0x780 [ 1173.485293][ C0] ? get_sigframe_size+0x20/0x20 [ 1173.491268][ C0] ? exit_to_user_mode_loop+0x3b/0x110 [ 1173.497976][ C0] exit_to_user_mode_loop+0x70/0x110 [ 1173.504352][ C0] exit_to_user_mode_prepare+0xf6/0x180 [ 1173.511342][ C0] syscall_exit_to_user_mode+0x1a/0x50 [ 1173.518263][ C0] do_syscall_64+0x61/0xb0 [ 1173.523698][ C0] ? clear_bhb_loop+0x40/0x90 [ 1173.529343][ C0] ? clear_bhb_loop+0x40/0x90 [ 1173.535269][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1173.542461][ C0] RIP: 0033:0x7f881338eec9 [ 1173.548039][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1173.572008][ C0] RSP: 002b:00007ffc289266e8 EFLAGS: 00000246 [ 1173.579326][ C0] RAX: fffffffffffffffc RBX: 00000000000fe36e RCX: 00007f881338eec9 [ 1173.589199][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f88135e618c [ 1173.599007][ C0] RBP: 0000000000000032 R08: 0000000000745d1e R09: 0000000f289269df [ 1173.608716][ C0] R10: 00007ffc289267e0 R11: 0000000000000246 R12: 00007f88135e618c [ 1173.619126][ C0] R13: 00007ffc289267e0 R14: 00000000000fe3a0 R15: 00007ffc28926800 [ 1173.628733][ C0] [ 1173.632491][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1173.641235][ C0] CPU: 0 PID: 16820 Comm: syz.5.3444 Not tainted syzkaller #0 [ 1173.650200][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1173.662400][ C0] Call Trace: [ 1173.666366][ C0] [ 1173.669880][ C0] dump_stack_lvl+0x16c/0x230 [ 1173.675691][ C0] ? show_regs_print_info+0x20/0x20 [ 1173.682140][ C0] ? load_image+0x3b0/0x3b0 [ 1173.687603][ C0] panic+0x2c0/0x710 [ 1173.692295][ C0] ? bpf_jit_dump+0xd0/0xd0 [ 1173.697815][ C0] __warn+0x2e0/0x470 [ 1173.702588][ C0] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 1173.709478][ C0] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 1173.716481][ C0] report_bug+0x2be/0x4f0 [ 1173.721870][ C0] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 1173.728932][ C0] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 1173.735925][ C0] ? rcu_check_gp_start_stall+0x2de/0x460 [ 1173.743068][ C0] handle_bug+0xcf/0x120 [ 1173.748233][ C0] exc_invalid_op+0x1a/0x50 [ 1173.753755][ C0] asm_exc_invalid_op+0x1a/0x20 [ 1173.759724][ C0] RIP: 0010:rcu_check_gp_start_stall+0x2dc/0x460 [ 1173.767451][ C0] Code: ff ff ff 48 c7 c7 a0 04 ef 96 be 04 00 00 00 e8 4a b9 6c 00 48 89 df b8 01 00 00 00 87 05 7c d9 7e 15 85 c0 0f 85 19 ff ff ff <0f> 0b 48 81 ff 80 51 d3 8c 74 47 48 c7 c0 1c b8 4a 8e 48 c1 e8 03 [ 1173.791205][ C0] RSP: 0018:ffffc90000007bb8 EFLAGS: 00010046 [ 1173.798492][ C0] RAX: 0000000000000000 RBX: ffffffff8cd35180 RCX: ffffffff81702b16 [ 1173.808198][ C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8cd35180 [ 1173.817856][ C0] RBP: ffffc90000007e30 R08: 0000000000000003 R09: 0000000000000004 [ 1173.827552][ C0] R10: dffffc0000000000 R11: fffffbfff2dde094 R12: 0000000000002904 [ 1173.837443][ C0] R13: 1ffff110171c7a22 R14: 0000000000000a02 R15: dffffc0000000000 [ 1173.847117][ C0] ? rcu_check_gp_start_stall+0x2c6/0x460 [ 1173.854013][ C0] ? rcu_check_gp_start_stall+0x2c6/0x460 [ 1173.860908][ C0] rcu_core+0x612/0x1720 [ 1173.866021][ C0] ? lock_chain_count+0x20/0x20 [ 1173.872306][ C0] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 1173.878787][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1173.885146][ C0] ? lockdep_hardirqs_on+0x98/0x150 [ 1173.891416][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 1173.897651][ C0] ? __run_timers+0x781/0x7d0 [ 1173.903270][ C0] ? __run_timers+0x74e/0x7d0 [ 1173.909034][ C0] ? detach_timer+0x2b0/0x2b0 [ 1173.916763][ C0] ? detach_timer+0x2b0/0x2b0 [ 1173.922603][ C0] ? lock_chain_count+0x20/0x20 [ 1173.928444][ C0] handle_softirqs+0x280/0x820 [ 1173.934400][ C0] ? __irq_exit_rcu+0xc7/0x190 [ 1173.940169][ C0] ? do_softirq+0x180/0x180 [ 1173.945708][ C0] __irq_exit_rcu+0xc7/0x190 [ 1173.951250][ C0] ? irq_exit_rcu+0x20/0x20 [ 1173.956689][ C0] irq_exit_rcu+0x9/0x20 [ 1173.961780][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 1173.968857][ C0] [ 1173.972386][ C0] [ 1173.975970][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1173.983273][ C0] RIP: 0010:fpu__alloc_mathframe+0x61/0x130 [ 1173.990365][ C0] Code: 4c 89 e0 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 e7 e8 03 83 ab 00 4d 8b 24 24 49 83 c4 04 4c 89 e0 48 c1 e8 03 42 0f b6 04 28 <84> c0 0f 85 81 00 00 00 45 8b 24 24 0f 1f 44 00 00 e8 29 2b 54 00 [ 1174.014004][ C0] RSP: 0018:ffffc9000ba7fac8 EFLAGS: 00000a07 [ 1174.021956][ C0] RAX: 0000000000000000 RBX: ffffc9000ba7fb80 RCX: ffff8880226f9e00 [ 1174.031773][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ffc28926668 [ 1174.041385][ C0] RBP: 0000000000000000 R08: ffff8880226fb36f R09: 1ffff110044df66d [ 1174.051120][ C0] R10: dffffc0000000000 R11: ffffed10044df66e R12: ffff8880226fb784 [ 1174.060720][ C0] R13: dffffc0000000000 R14: 00007ffc28926668 R15: ffffc9000ba7fba0 [ 1174.070415][ C0] ? fpu__alloc_mathframe+0x28/0x130 [ 1174.077028][ C0] get_sigframe+0x4c1/0x7c0 [ 1174.082470][ C0] ? load_gs_index+0x190/0x190 [ 1174.088246][ C0] ? lockdep_hardirqs_on+0x98/0x150 [ 1174.094565][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1174.102283][ C0] x64_setup_rt_frame+0x158/0xcd0 [ 1174.108444][ C0] ? _raw_spin_unlock_irq+0x29/0x50 [ 1174.114703][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 1174.121387][ C0] ? get_signal+0x11a0/0x1400 [ 1174.127239][ C0] ? sigaltstack_size_valid+0x1e0/0x1e0 [ 1174.134059][ C0] arch_do_signal_or_restart+0x3e5/0x780 [ 1174.140983][ C0] ? get_sigframe_size+0x20/0x20 [ 1174.146994][ C0] ? exit_to_user_mode_loop+0x3b/0x110 [ 1174.153603][ C0] exit_to_user_mode_loop+0x70/0x110 [ 1174.160092][ C0] exit_to_user_mode_prepare+0xf6/0x180 [ 1174.166909][ C0] syscall_exit_to_user_mode+0x1a/0x50 [ 1174.173499][ C0] do_syscall_64+0x61/0xb0 [ 1174.178936][ C0] ? clear_bhb_loop+0x40/0x90 [ 1174.184664][ C0] ? clear_bhb_loop+0x40/0x90 [ 1174.190309][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1174.197394][ C0] RIP: 0033:0x7f881338eec9 [ 1174.202736][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1174.227270][ C0] RSP: 002b:00007ffc289266e8 EFLAGS: 00000246 [ 1174.234779][ C0] RAX: fffffffffffffffc RBX: 00000000000fe36e RCX: 00007f881338eec9 [ 1174.244357][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f88135e618c [ 1174.253929][ C0] RBP: 0000000000000032 R08: 0000000000745d1e R09: 0000000f289269df [ 1174.264431][ C0] R10: 00007ffc289267e0 R11: 0000000000000246 R12: 00007f88135e618c [ 1174.274047][ C0] R13: 00007ffc289267e0 R14: 00000000000fe3a0 R15: 00007ffc28926800 [ 1174.283672][ C0] [ 1174.287690][ C0] Kernel Offset: disabled [ 1174.293663][ C0] Rebooting in 86400 seconds..