last executing test programs: 7.442799619s ago: executing program 3 (id=536): bpf$PROG_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000580)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d) syz_emit_ethernet(0x36, &(0x7f0000000740)=ANY=[], 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000040000181100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') r5 = inotify_init1(0x0) fcntl$setown(r5, 0x8, 0xffffffffffffffff) 5.994754252s ago: executing program 0 (id=547): r0 = syz_usb_connect$hid(0x0, 0x49, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r8) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r9, @ANYBLOB="01000000010000001c0012000c0001006272696467"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}}}]}, 0x78}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000012c0)=@newtfilter={0xc9c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0xc6c, 0x2, [@TCA_BASIC_POLICE={0xc68, 0x4, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x4cbe, 0x80000000, 0x10001, 0x4, 0x1, 0x10001, 0xb9, 0x5, 0x0, 0xb, 0x0, 0x5, 0x800, 0x3, 0xd0c8, 0x2, 0xfffffff8, 0x80000001, 0x6, 0x1, 0x9f72, 0xffffffff, 0x6e7c, 0x3, 0xfffffffc, 0x0, 0x1, 0x4, 0x1, 0x4, 0x200, 0x9, 0x7, 0x9, 0x7, 0xe9d, 0x8, 0x6, 0x9, 0x1f, 0x1, 0xffffffc5, 0x80, 0x40, 0x0, 0x10000, 0x3ff, 0x1ff, 0x6, 0x3, 0x2, 0x80, 0x0, 0x6, 0x22, 0x400, 0x5, 0x200, 0x4, 0xfffffff9, 0x2, 0x8000, 0x14, 0x1, 0x1, 0x7fffffff, 0x0, 0x9, 0x8, 0xfdec, 0xe0, 0x5, 0x200, 0x2, 0x8, 0x6, 0x9, 0x5, 0x8, 0x2, 0xd9, 0xfffffff8, 0x1f, 0x401, 0x3, 0x6a89, 0x4, 0x7fffffff, 0xffffff18, 0x3, 0x4, 0x200, 0x8, 0x1, 0x7, 0x2000, 0x9, 0x0, 0x5, 0x100, 0x9, 0x6, 0x1ff, 0x3, 0x4, 0xffffff1c, 0x3, 0xfff, 0xffff, 0x0, 0x3, 0xddd2, 0x80000000, 0xff, 0x5, 0x9167, 0x2, 0x0, 0x0, 0x0, 0x8, 0x1f, 0x7, 0x8000, 0x7f, 0x1, 0x9, 0x6, 0xfffff001, 0x7, 0x7bc, 0x80, 0x1, 0x80, 0x8, 0x8, 0x0, 0x101, 0x7ff, 0x4, 0x0, 0xf59, 0x3, 0x7, 0x1, 0x7e30, 0x5a, 0xd55, 0x7fffffff, 0x3, 0x7, 0x6, 0x39, 0x80000000, 0x5c88, 0x1000, 0x2, 0x3, 0x20, 0x6, 0x178, 0x5, 0x1, 0x7, 0x100, 0xe4, 0x0, 0x3ff, 0x6, 0x6, 0xfffff7ac, 0x3, 0x7bf4d43, 0x22d4, 0x4c3, 0x7fffffff, 0x10001, 0xf4, 0x800, 0x80, 0x7, 0x9d1, 0xdb, 0x9b0, 0x7, 0x4, 0xffffffff, 0x1, 0x5b7, 0x7, 0x6, 0x7f, 0x1, 0x8, 0x0, 0x7, 0x100, 0x7fff, 0x0, 0xffff, 0xffffffff, 0xfffff0e3, 0x4, 0x40, 0x453, 0x80000001, 0x1, 0x1ff, 0x4, 0xa303, 0x3, 0x9, 0xd471, 0x0, 0xff, 0x8, 0x80000000, 0xdae9, 0x6d0, 0x7c000000, 0x2, 0x9, 0x3ff, 0x7ffffff7, 0xffff, 0x3, 0x29, 0x7fffffff, 0x1dbc, 0x8, 0x5c07, 0x24bd, 0x6, 0x9, 0x8, 0x4, 0x3020, 0x6, 0x4, 0x2, 0x8, 0x0, 0x5, 0x3b50548b, 0x3, 0x8, 0x9, 0x1, 0x9, 0x5, 0x7, 0x3, 0xda6b, 0x4, 0x80000001, 0x3]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xfff}, @TCA_POLICE_RESULT={0x8, 0x5, 0x8}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8000, 0x4b, 0x0, 0x0, 0x8, 0xce32, 0x5, 0x3, 0x6, 0x4, 0x7, 0x3, 0x823, 0x3, 0x900, 0x5, 0x0, 0x9, 0x43cec422, 0x2, 0x2, 0x401, 0x100, 0x9, 0x0, 0x60000, 0x7, 0x4, 0x1ff, 0x1c1b, 0x77c, 0x6, 0x1, 0x0, 0x3, 0x13b0, 0x40, 0x9, 0xb2, 0x9, 0x5, 0xffffffff, 0x8, 0x200, 0xffffff00, 0x1, 0xffff, 0x1, 0x6c0, 0x40, 0x800, 0x8, 0x101, 0x3, 0x2, 0x8, 0x8000, 0xffff0000, 0x8, 0x5, 0x9f26, 0x8, 0x8, 0x21, 0x1, 0x8, 0x1, 0x8, 0x3, 0xffffdac2, 0x8, 0x0, 0x0, 0x9, 0x0, 0x7fffffff, 0x4, 0x401, 0xffffffff, 0x7fffffff, 0x1f, 0xb2, 0x3, 0xefa1, 0xffffff5e, 0x40000000, 0x8000, 0xffff, 0xaa14, 0x9, 0x7, 0x865, 0x9, 0x5, 0xf1c, 0x3f, 0xffffffff, 0x800, 0x1ff, 0x7, 0x5, 0x40, 0x5a59, 0x7, 0x7fff, 0x71, 0x2, 0x2, 0x5, 0x101, 0x214c, 0x3f, 0x25, 0x1, 0x7d5, 0xff, 0x9, 0x7f, 0xfffffff8, 0xfffffffc, 0x80000000, 0x1, 0x74b, 0x80, 0x2b09, 0x70fb, 0x1f, 0x7, 0x1a836288, 0x8000, 0x0, 0x319cbc86, 0x3, 0x1, 0xd8, 0xfcf, 0x0, 0x4, 0x1ff, 0x3, 0x0, 0x9, 0x5, 0x80, 0x7f, 0xbedf, 0x8000, 0x4d, 0x4e, 0xb6c1, 0x1ff, 0xffff, 0xf47, 0x6fc5, 0x7fffffff, 0xbe, 0x100, 0x5, 0x3, 0xffff, 0x7fffffff, 0x80, 0x9, 0x400, 0x6, 0x10000, 0xffffffff, 0xffff, 0x401, 0x1, 0x1, 0xb41, 0x6, 0x4, 0x7, 0xfff, 0x5, 0x3, 0x1, 0x7fff, 0x1, 0x715, 0x9, 0x9, 0xf20d, 0x23, 0x400, 0xdd, 0x6, 0x10000, 0x1, 0x401, 0x345, 0x3, 0x1, 0x400, 0x7, 0x7ff, 0x2, 0xfffffeff, 0x2, 0x7, 0x65, 0x8, 0x7fffffff, 0x400, 0x4, 0x5, 0x1000, 0xffffff7f, 0x8, 0x9, 0xe07, 0x8001, 0x200, 0x1, 0xff, 0x5, 0x531bda26, 0x9, 0x0, 0x5, 0x0, 0x3f, 0x3471, 0x20, 0x7, 0x0, 0x400, 0x1000, 0x4, 0x5, 0xfffffffb, 0x80000001, 0x9, 0x57, 0xffffffff, 0xff, 0x3ff, 0x7f, 0xd87, 0x5, 0x80000000, 0x691, 0x0, 0x7fff, 0x0, 0x3, 0x9, 0x1, 0x3, 0x4c00, 0x40, 0xfffffff7, 0x0, 0x7]}, @TCA_POLICE_RATE={0x404, 0x2, [0x5, 0x9, 0x81, 0xaf, 0x6, 0x7fffffff, 0xd5, 0x5, 0x1, 0x1, 0x59f, 0x2, 0x4, 0x10001, 0x0, 0x5, 0x4, 0x80000000, 0x5, 0x6, 0xffff, 0x6, 0x5, 0x8000, 0xf2, 0x7ff, 0x6, 0x2, 0x8, 0x3, 0x3c5, 0xffffff81, 0x7, 0x80000001, 0x3ff, 0x3, 0x4, 0x4, 0x80000001, 0xb87, 0x10000, 0x10000, 0x9, 0xe2, 0x7, 0x4a7b827c, 0x1, 0x401, 0x7a6, 0x6, 0x0, 0x5, 0x0, 0x5, 0x7, 0x6, 0x2745, 0x1, 0xffffffff, 0x7, 0x5, 0xffff, 0x69, 0x5, 0x7fff, 0xffffffff, 0x2, 0x5, 0x0, 0x9, 0x100, 0x0, 0x81, 0x1ff, 0xe2, 0x6, 0x3, 0x6, 0x1, 0x5, 0x0, 0x4, 0xa8, 0x6, 0x5f8, 0x0, 0x5, 0x6, 0xff, 0x9, 0x800, 0x9, 0x40, 0x0, 0x6, 0x3f, 0x10000, 0x9, 0xb16, 0x400, 0xffffffff, 0x7, 0x8, 0x4, 0x1, 0x9, 0x9, 0xfffffffe, 0x3, 0x2, 0x6, 0xffffffff, 0x10001, 0x3, 0x5, 0xfffffffd, 0x400, 0x8, 0x40, 0x2, 0x27b3, 0x3, 0x6, 0x4a99, 0x200, 0x10001, 0x7, 0x3ff, 0x101, 0x52fe, 0x1, 0x800, 0x4, 0xf957, 0x9, 0x8000, 0x1, 0x401, 0x7, 0x200, 0x1000, 0x9, 0x8, 0x0, 0x99, 0x1, 0x3ff, 0x2, 0x9, 0xa2, 0x0, 0x7fff, 0x80, 0x0, 0x6, 0x1, 0x9, 0x10001, 0x6, 0x8, 0x101, 0x87d9, 0x2, 0x420, 0x3, 0x7fff, 0xfffff4a7, 0x5, 0x3, 0x80, 0x5, 0x9, 0x4, 0x2, 0x80, 0x7fffffff, 0x7fff, 0x4, 0x7, 0xffff7fff, 0x4, 0x6, 0x3, 0x8, 0x1, 0x3, 0x0, 0x7f, 0x6, 0x8, 0x3, 0x4, 0x69d, 0x0, 0x8, 0x80000001, 0x3, 0x80, 0x1, 0x81, 0x0, 0x3f, 0x0, 0x1, 0x10001, 0x4, 0x9, 0x3, 0x3f, 0xf507, 0x1, 0xfffffffc, 0x6, 0x4, 0x101, 0x96e, 0x1, 0x6ff1, 0x10000, 0x4, 0x1, 0x0, 0x8, 0x5, 0x0, 0x100, 0x6, 0x20, 0x100, 0x3, 0x5, 0x5, 0x1ff, 0x8c6, 0x0, 0x0, 0x7, 0x5, 0x8, 0x0, 0x4, 0x6, 0x10000, 0x101, 0x4, 0x7fff, 0x1, 0x80000001, 0x1, 0x6d, 0x1ff, 0x1, 0x41122446, 0x8, 0x8, 0x94]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x7, 0x5693, 0x3, 0x2, {0x2, 0x1, 0xe8, 0xdb65, 0x40, 0x8}, {0x6, 0x2, 0x4, 0x1, 0x3, 0x9}, 0x195, 0x6, 0x20}}, @TCA_POLICE_RESULT={0x8}]}]}}]}, 0xc9c}}, 0x0) 5.276361072s ago: executing program 3 (id=549): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=@base={0x12, 0x2, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x1, 0x3, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0xffff7fff}}, &(0x7f0000000440)='GPL\x00', 0x8000, 0x0, &(0x7f0000000500), 0x41000, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000840)={0x2, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1, &(0x7f0000000a80), &(0x7f0000000ac0)=[{0x5, 0x2, 0xe, 0x9}], 0x10, 0x4, @void, @value}, 0x94) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40)) ioctl$SIOCSIFHWADDR(r0, 0x8943, &(0x7f0000002280)={'veth1_to_team\x00'}) 5.106032997s ago: executing program 3 (id=551): bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r0, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100"}) bpf$PROG_LOAD(0x5, 0x0, 0x0) 5.016058192s ago: executing program 3 (id=552): syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa10812, &(0x7f0000000580)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0, @ANYBLOB=',umask=00000000000000000000004,gid=', @ANYRESHEX=0x0, @ANYBLOB=',namecase=1,iocharset=iso8859-15,utf8,umask=00000000000000000177777,namecase=1,utf8,gid=', @ANYRESHEX=0x0, @ANYBLOB=',errors=continue,umask=00000000000000000005454,dmask=00000000000000000000011,euid=', @ANYRESDEC, @ANYBLOB=',uid>', @ANYRESDEC, @ANYBLOB="2c7375626a5f747970653d696f636861727365742c7375626a5f747970653d2c99708160e42db27072726f72733d636f6e74696e75652c726f6f74636f6e746578743d73797361646d5f752c7375626a5f757365723dc5b09b45c8a2fec720b73428c62e2e2c7375626a5f726f6c653d666f", @ANYRESDEC=0x0, @ANYBLOB=',\x00'], 0x21, 0x14ff, &(0x7f0000003f40)="$eJzs3AvUjdXWOPA511oPL0k7yX3NNR92vFgkSS5JckmS5EiSW0KSJElI7rckJCH3JPeQ3EJyv99yT5IkSRISkqz/0On7dE7n+/ed7zvfMMZ552+MZ7xr7mfP9cy15zve53n2O/b+tv3gynWrVKjNzPC/gn/90Q0AUgCgHwBcBwARAJTIUiLL5f0ZNHb73x1E/Gs9NO1qVyCuJul/2ib9T9uk/2mb9D9tk/6nbdL/tE36n7ZJ/4VIy7ZNz3m9bGl3k/f/0zI5//8bOVJkzJcbitzY4Z9Ikf6nbdL/tE36n7ZJ/9M26X/aJv1P26T/aZv0X4i07H/+3rH87+DfYbvav39CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIdKG8+EKAwD/Mb7adQkhhBBCCCGEEOJfJ6S/2hUIIYQQQgghhBDi/x6CAg0GIkgH6SEFMkBGuAYywbWQGa6DBFwPWeAGyAo3QjbIDjkgJ+SC3JAHLBA4YIghL+SDJNwE+aEApEJBKASFwUMRKAo3QzG4BYrDrVACboOScDuUgtJQBsrCHVAO7oTycBdUgLuhIlSCylAF7oGqcC9Ug/ugOtwPNeABqAkPQi34C9SGh6AOPAx14RGoB49CfWgADaERNP4f5b8IneEl6AJdoRt0hx7QE3pBb+gDfaEfvAz9IeW312YQDIbXYAi8DkPhDRgGw2EEvAkjYRSMhjEwFsbBeHgLJsDbMBHegUkwGabAVJgG02EGvAszYRbMhvdgDrwPc2EezIcFsBA+gEWwGJbAh7AUPoJlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW3wMWyHHbATdsFu2AN74RPYB5/CfvgMDsDn/2T+ub/L74CAgAoVGjSYDtNhCqZgRsyImTATZsbMmMAEZsEsmBWzYjbMViAH5sBcmAvzYB4kJGRkzIt5MYlJzI/5MRVTsRAWQo8ei2JRLIa3YHEsjiWwBJbEklgKS2NpLItlsRyWw/JYHitgBayIFbEyVsZ78B68F6thNayO1bEG1sCaWBNrYS2sjbWxDtbBulgX62E9rI/1sSE2xMbYGJtgE2yKTbE5NscW2AJbYktsha2wNbbGNtgG22JbbIftsD22xw7YETvii/givoQvYVesqLpjD+yBvbAX9sG+2Bdfxv74Cr6Cr+JAHISD8TV8DV/HoXgWh+FwHIEjsJwahaNxDLIah+NxPE7ACTgRJ+IknIyTcSpOw+k4A2fgTJyFs/A9nIPv4/s4D+fhAlyIC3ERLsYluASX4jlchstxBa7EVbgaV+FaXIdrcQNuxA24GTfjVtyKH+PHuAN34C7chXvQAOAn+Cl+igPxAB7Ag3gQD+EhPIyH8QgewaN4FI/hMTyOx/EEnsCTeApP4yk8g2fwLJ7D83geL+AFvIjP5/q6zp6C6weCuswoo9KpdCpFpaiMKqPKpDKpzCqzSqiEyqKyqKwqq8qmsqkcKofKpXKpPCqPIkWKVazyqrwqqZIqv8qvUlWqKqQKKa+8KqqKqmKqmCquiqsS6jZVUt2uSqnSqpkvq8qqcqq5L6/uUhVUBVVRVVKVVRVVRVVVVVU1VU1VV9VVDVVD1VQPqlqqO/bBh9TlztRVg7CeGoz1VQPVUDVSr+Njqokaik1VM9VcPaGG4zBsqZr4Vupp1VqNxjbqWTUGn1Pt1Dhsr15QHVRH1Um9qDqrpr6L6qomYXfVQ03FXqq36qP6qplYSV3uWGX1qhqoBqnB6jW1AF9XQ9UbapgarkaoN9VINUqNVmPUWDVOjVdvqQnqbTVRvaMmqclqipqqpqnpaoZ6V81Us9Rs9Z6ao95Xc9U8NV8tUAvVB2qRWqyWqA/VUvWRWqaWqxVqpVqlVqs1aq1ap9arDWqj2qQ2qy1qq9qmPlbb1Q61U+1Su9UetVd9ovapT9V+9Zk6oD5XB9UX6pD6Uh1WX6kj6mt1VH2jjqlv1XH1nTqhvlcn1Sl1Wv2gzqgf1Vl1Tp1XP6kL6md1Uf2iLqmgQKNWWmujI51Op9cpOoPOqK/RmfS1OrO+Tif09TqLvkFn1TfqbDq7zqFz6lw6t86jrSbtNOtY59X5dFLfpPPrAjpVF9SFdGHtdRFdVN+si+lbdHF9qy6hb9Ml9e26lC6ty+iy+g5dTt+py+u7dAV9t66oK+nKuoq+R1fV9+pq+j5dXd+va+gHdE39oK6l/6Jr64d0Hf2wrqsf0fX0o7q+bqAb6ka6sX5MN9GP66a6mW6un9At9JO6pX5Kt9JP69b6Gd1GP6vb6ud0O/28bq9f0B10R91J/6Iv6aC76K66m+6ue+ieupfurfvovrqffln316/oAfpVPVAP0oP1a3qIfl0P1W/oYXq4HqHf1CP1KD1aj9Fj9Tg9Xr+lJ+i39UT9jp6kJ+speqqepqfrPr/NNPu/kf/2P8gf8OvRt+pt+mO9Xe/QO/UuvVvv0Xv1Xr1P79P79X59QB/QB/VBfUgf0of1YX1EH9FH9VF9TB/Tx/VxfUKf0Cf1Kf2T/kGf0T/qs/qcPqd/0hf0BX3xt9cADBpltDEmMulMepNiMpiM5hqTyVxrMpvrTMJcb7KYG0xWc6PJZrKbHCanyWVymzzGGjLOsIlNXpPPJM1N+NtJ0xQyhY03RUxRc/M/k2/ymwIm1RT8m/w/q6+xaWyamCamqWlqmpvmpoVpYVqalqaVaWVam9amjWlj2pq2pp1pZ9qb9qaD6WA6mU6ms+lsupguppvpZnqYnqaX6W36mL6mn3nZ9Df9zQAzwAw0A81gM9gMMUPMUDPUDDPDzAgzwow0I81oM9qMNWPNeDPeTDATzEQz0Uwyk8wUM8VMM9PMDDPDzDQzzWwz28wxc8xcM9fMN/PNQrPQLDKLzBKzxCw1S80ys9wsNyvNSrParDZrzVqz3qw3G81Gs9lsNsvSbzPbzHaz3ew0O81us9vsNXvNPrPP7Df7zQFzwBw0B80hc8gcNofNEXPEHDVHzTFzzBw3x80Jc8KcNCfNaXPanDFnzFlz1pw3580Fc8FcNBfNJXPp8mVfpCIVmchE6aJ0UUqUEmWMMkaZokxR5ihzlIgSUZYoS5Q1ujHKFmWPckQ5o1xR7ihPZCOKXMRRHOWN8kXJ6KYof1QgSo0KRoWiwpGPikRFo5ujYtEtUfHo1qhEdFtUMro9KhWVjspEZaM7onLRnVH56K6oQnR3VDGqFFWOqkT3RFWje6Nq0X1R9ej+qEb0QFQzejCqFf0lqh09FNWJHo7qRo9E9aJHo/pRg6hh1Chq/C+dP4Sz2R/3XWxX2812tz1sT9vL9rZ9bF/bz75s+9tX7AD7qh1oB9nB9jU7xL5uh9o37DA73I6wb9qRdpQdbcfYsXacHW/fshPs23aifcdOspPtFDvVTrPT7Qz7rp1pZ9nZ9j07x75v59p5dr5dYBfaD+wiu9gusR/apfYju8wutyvsSrvKrrZr7Fq7zq63G+xGu8lutlvsVrvNfmy32x12p91ld9s9dq/9xO6zn9r99jN7wH5uD9ov7CH7pT1sv7JH7Nf2qP3GHrPf2uP2O3vCfm9P2lP2tP3BnrE/2rP2nD1vf7IX7M/2ov3FXrLh8sX95dM7GTKUjtJRCqVQRspImSgTZabMlKAEZaEslJWyUjbKRjkoB+WiXJSH8tBlTEx5KS8lKUn5KT+lUioVokLkyVNRKkrFqBgVp+JUgkpQSSpJpagUlaEydAfdQXfSnXQX3UV3091UiSpRFapCVakqVaNqVJ2qUw2qQTWpJtWiWlSbalMdqkN1qS7Vo3pUn+pTQ2pIjakxNaEm1JSaUnNqTi2oBbWkltSKWlFrak1tqA21pbbUjtpRe2pPHagDdaJO1Jk6UxfqQt2oG/WgHtSLelEf6kP9qB/1p/40gAbQQBpIg2kwDaEhNJSG0jAaTiPoTRpJo2g0jaGxNI7G03iaQBNoIk2kSTSJptAUmkbTaAbNoJk0k2bTbJpDc2guzaX5NJ8W0kJaRItoCS2hpbSUltEyWkEraBWtojW0htbROtpAG2gTbaIttIW20TbaTttpJ+2k3bSb9tJe2kf7aD/tpwN0gA7SQTpEh+gwHaYjdISO0lE6RsfoOB2nE3SCTtJJOk2n6QydobN0ls7TebpAP9NF+oUuUaAUl8FldNe4TO5al9ld5/4+zuFyulwut8vjrMvmsv9NTM65VFfQFXKFnXdFXFF3s0u9fEv1u7iUK+3KuLLuDlfO3enK/yGu6u511dx9rrq731Vx9/xNXMM94Gq6R1wt96ir7Rq4Oq6Rq+secfXco66+a+AaukauhXvStXRPuVbuadfaPfOHeJFb7Na59W6D2+j2uU/defeTO+a+dRfcz66L6+r6uZddf/eKG+BedQPdoD/EI9ybbqQb5Ua7MW6sG/eHeIqb6qa56W6Ge9fNdLP+EC90H7g5bomb6+a5+W7Br/Hlmpa4D91S95Fb5pa7FW6lW+VWuzVu7X/WutJtdlvcVrfXfeK2ux1up9vldrs9v8aX17HffeYOuM/dUfeNO+S+dIfdcXfEff1rfHl9x9137oT73p10p9xp94M74350Z925X9d/ee0/uF/cJRccMLJizYYjTsfpOYUzcEa+hjPxtZyZr+MEX89Z+AbOyjdyNs7OOTgn5+LcnIctEztmjjkv5+Mk38T5uQCnckEuxIXZcxEuyjdzMb6Fi/OtXIJv45J8O5fi0lyGy/IdXI7v5PJ8F1fgu7kiV+LKXIXv4ap8L1fj+7g63881+AGuyQ9yLf4L1+aHuA4/zHX5Ea7Hj3J9bsANuRE35se4CT/OTbkZN+cnuAU/yS35KW7FT3Nrfobb8LPclp/jdvw8t+cXuAN35E78Infml7gLd+Vu3J17cE/uxb25D/flfvwy9+dXeAC/ygN5EA/m13gIv85D+Q0exsN5BL/JI3kUj+YxPJbH8Xh+iyfw2zyR3+FJPJmn8FSextN5Br/LM3kWz+b3eA6/z3N5Hs/nBbyQP+BFvJiX8Ie8lD/iZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+Vt/DFv5x28k3fxbt7De/kT3sef8n7+jA/w53yQv+BD/CUf5q/4CH/NR/kbPsbf8nH+jk/w93yST/Fp/oHP8I98ls/xef6JL/DPfJF/4UscGGKMVaxjE0dxujh9nBJniDPG18SZ4mvjzPF1cSK+Ps4S3xBnjW+Ms8XZ4xxxzjhXnDvOE9uYYhdzHMd543xxMr4pzh8XiFPjgnGhuHDs4yJx0fjmuFh8S1w8vjUuEd8Wl4xvj0vFpeNH7i8b3xGXi++My8d3xRXiu+OKcaW4clwlvieuGt8bV4vvi6vH98fF4wfimvGDMfz2eZU68cNx3fiRuF78aFw/bhA3jBvFjePH4ibx43HTuFncPH4ibhE/GbeMn4pbxU/HreNn/nR/t7h73CPuGfeMQ7hPz08uSC5MfpBclFycXJL8MLk0+VFyWXJ5ckVyZXJVcnVyTXJtcl1yfXJDcmNyU3JzcktyazKEKunBo1dee+Mjn86n9yk+g8/or/GZ/LU+s7/OJ/z1Pou/wWf1N/psPrvP4XP6XD63z+OtJ+88+9jn9fl80t/k8/sCPtUX9IV8Ye99EV/UN/KNfWPfxD/um/pmvrl/wj/hn/RP+qf8U/5p39o/49v4Z31b/5xv55/3z/sXfAff0XfyL/rO/iXfxXf13Xw338P38L18L9/H9/H9fD/f3/f3A/wAP9AP9IP9YD/ED/FD/VA/zA/zI/wIP9KP9KP9aD/Wj/Xj/Xg/wU/wE/1EP8lP8lP8FD/NT/Mz/Aw/08/0s/1sPyd1jp/r5/r5fr5f6Bf6RX6RX+KX+KV+qV/ml/kVfoVf5Vf5NX6NX+fX+Q1+g9/kN/ktfovf5rf57X673+l3+t1+t9/r9/p9fp/f7/f7A/6AP+gP+kP+kD/sv/JH/Nf+qP/GH/Pf+uP+O3/Cf+9P+lP+tP/Bn/E/+rP+nD/vf/IX/M/+ov/FX/LBj0+8lZiQeDsxMfFOYlJicmJKYmpiWmJ6Ykbi3cTMxKzE7MR7iTmJ9xNzE/MS8xMLEgsTHyQWJRYnliQ+TCxNfJRYllieWJFYmViVWJ0IIff2OOQN+UIy3BTyhwIhNRQMhULh4EORUDTcHIqFW0LxcGsoEW4LJcPtoVQoHcqER0P90CA0DI1C4/BYaBIeD01Ds9A8PBFahCdDy/BUaBWeDq3DM6FNeDa0Dc+FduH50D68EDqEjqFTeDF0Di+FLqFr6Ba6hx6hZ+gVeoc+oW/oF14O/cMrYUB4NQwMg8Lg8FoYEl4PQ8MbYVgYHkaEN8PIMCqMDmPC2DAujA9vhQnh7TAxvBMmhclhSpgapoXpYUZ4N8wMs8Ls8F6YE94Pc8O8MD8sCAvDB2FRWByWhA/D0vBRWBaWhxVhZVgVVoc1YW1YF9aHDWFj2BQ2hy1ha9gWPg7bw46wM+wKu8OesDd8EvaFT8P+8Fk4ED4PB8MX4VD4MhwOX4Uj4etwNHwTjoVvw/HwXTgRvg8nw6lwOvwQzoQfw9lwLpwPP4UL4edwMfwSLsln1oQQQggh/lt6/sn+7v/gMQMA6rdxDwC4dkfOI7/frwFgU7a/jnurXC0SAPB01/YP/cdWsWK3bt1+e+4yDVG+eQCQ+LsD/BYvh+bwJLSCZlDsH9bXW3W8wH8yf/I2gIy/y0mBK/GV+b/4L+Z/7IkRi0rG57P8f+afB5Ca70pOBrgSL4fml1cDzaD4fzF/9iZ/Un+GL8cDNP1dTia4El+pvyg8Ds9Aq795phBCCCGEEEII8Ve9VZm2f3b/fPn+PJe5kpMersR/dn8uhBBCCCGEEEKIq++5jp2eeqxVq2ZtZSADGcjgPwdX+y+TEEIIIYQQ4l/tykX/lccyXM2ChBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKINOh3X/qVAQD+T75O7GqvUQghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhLja/l8AAAD//+hQN/Q=") r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00\v\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r7, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x800, 0x4) bind$inet(r7, &(0x7f0000000300)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000000)='batadv_slave_1\x00', 0x10) sendmmsg$inet(r7, &(0x7f0000003b00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000180)}], 0x1}}], 0x1, 0x16da) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 3.352430616s ago: executing program 1 (id=558): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x0, 0x0}, 0x10) 3.172106262s ago: executing program 1 (id=559): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@broadcast, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0) 3.171909155s ago: executing program 2 (id=560): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000e00)=ANY=[@ANYBLOB="1800000000000000000000000000000018018000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000feffffffb70300000000000085000000100000009500000000006a19f30f70e4"], &(0x7f0000000040)='syzkaller\x00', 0xd, 0xfe7, &(0x7f0000001e00)=""/4071, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 2.623698485s ago: executing program 1 (id=561): socket$packet(0x11, 0x3, 0x300) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) r0 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r3, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, r6}}, 0x20}}, 0x0) 2.62331604s ago: executing program 0 (id=562): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000cc0)=@raw={'raw\x00', 0x8, 0x3, 0x4e8, 0x360, 0x11, 0x148, 0x0, 0x0, 0x450, 0x2a8, 0x2a8, 0x450, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x360, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x80}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xc0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@ttl={{0x28}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x548) 2.62319357s ago: executing program 2 (id=563): r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x400000001ffffffd) r1 = socket$inet6(0xa, 0x6, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000000dc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1400000000000000290000000b000000000000d2dbefb05ab9"], 0x30}}], 0x1, 0x20000000) 2.542799057s ago: executing program 2 (id=564): bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6ea1893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb951368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) ptrace$getsig(0x4202, r0, 0x81, &(0x7f0000000380)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) mkdirat(0xffffffffffffff9c, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) r6 = dup3(r5, r4, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r6, 0xc0046209, 0x0) r7 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000c80)={'lo\x00'}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r8 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r8, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10) sendmsg$tipc(r8, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)}], 0x1}, 0x0) 2.465331301s ago: executing program 0 (id=565): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00'], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000fd00000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xf47, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280)={r0}, 0xc) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f00000004c0)={{{@in=@rand_addr=0x64010102, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4e24, 0x8, 0x4e20, 0x1ff, 0xa, 0x20, 0x0, 0x87}, {0x4be, 0x7, 0x0, 0x805, 0xe, 0x31cef282, 0x80, 0x70000000000}, {0x0, 0x7, 0x1de, 0x5}, 0x443e0a1a, 0x6e6bb0, 0x2, 0x1, 0x3, 0x1}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x9, 0x33}, 0xa, @in6=@ipv4={'\x00', '\xff\xff', @local}, 0x3507, 0x4, 0x0, 0x80, 0x8, 0x8, 0x80000000}}, 0xe8) syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=") r6 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mkdirat(r6, 0x0, 0x0) renameat2(r6, &(0x7f0000000380)='./file0\x00', r6, &(0x7f0000000200)='./bus\x00', 0x0) 2.46331628s ago: executing program 4 (id=566): r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140), 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 1.104412593s ago: executing program 4 (id=567): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00') r1 = socket$unix(0x1, 0x5, 0x0) bind$unix(r1, &(0x7f0000000000)=@abs={0x1}, 0x3) r2 = socket$unix(0x1, 0x5, 0x0) bind$unix(r2, &(0x7f00000005c0)=@abs={0x1}, 0x6e) pread64(r0, &(0x7f0000000480)=""/177, 0xb1, 0x500) 1.048992972s ago: executing program 2 (id=568): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) syz_open_procfs(0x0, &(0x7f0000000080)='net/kcm\x00') 1.043509137s ago: executing program 3 (id=569): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10e, &(0x7f0000000280)={[{@errors_remount}, {@nodelalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@block_validity}, {@quota}]}, 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP") socket(0x10, 0x803, 0x0) rseq(0x0, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2810000, &(0x7f0000000380)={[{@user_xattr}, {@noquota}, {@barrier_val={'barrier', 0x3d, 0x2}}, {}, {@block_validity}, {@dioread_nolock}, {@noquota}, {@errors_continue}, {@delalloc}, {@user_xattr}, {@quota}]}, 0x4, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x8004587d, &(0x7f0000000080)) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = open_tree(0xffffffffffffff9c, 0x0, 0x89901) mount_setattr(r1, 0x0, 0x0, 0x0, 0x0) mkdirat$cgroup(r1, 0x0, 0x1ff) ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, 0x0) migrate_pages(0x0, 0x6, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) listxattr(&(0x7f0000000a00)='./file1\x00', 0x0, 0x0) 988.091136ms ago: executing program 4 (id=570): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x17}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, 0x0, 0x24, 0x0, @val=@tcx={@void, @value}}, 0x40) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) ioctl$MON_IOCG_STATS(0xffffffffffffffff, 0xc0109207, 0x0) mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0) 404.417074ms ago: executing program 1 (id=571): socket(0x5, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001900)=ANY=[@ANYBLOB="61104d00000000006113380000000000bfa00000000000000700000008ffffffd50301001874004095000600000000006916000000000000bf67000000000000360607000fff07201706000020190000160300000ee60060bf050000000000007b650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f17540faf80250aa20c669a5e12814cb1cea5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000400c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10fd7ed6735154beb4000000000000000000000000004000bc00f6746a9709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c1d926a0f6a5480a55c22fe3a5ac00000000000000000000000500002000000000fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e14d90deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b06ff7f0000000000007f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089e0b1c23c0f3cdad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631d22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0af1cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c29984864961a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000000000000000000000000000000000001386866b311bd144bc32e059658c9f8342c90c1ade31b78072841b8b5a943d62a44cea6b050c42e3c205fad6a23fb43c93da0f49d911877265e6ee443e37397ecf89021e7f579e8d3a74c12b52938d91e9de07fc8eeeb9505f4a9c26266bf5449484ccc1317c747664e9f7478f8200000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 350.801213ms ago: executing program 2 (id=572): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="2c0000003b0009000000000000000000010000001800048038000000fe8000000000000000000000000000aa0c85fb5ae4c46d9092ecb5c0214d96fbed71b47f5a5f1b706ba626aaf9d5879b83140e4da0a9dbec5d919c0c5d32ac65356c042fc732ce1565d58b88e8c3346be83e73de27b8e8235845461f3ddd317d82c9db5413000000000000000000000000000000538db944eda9f757a8390617acc09eae967d331ceba9947e36d4c430e9d9e19625b299b870f55cf53718cba34a49a5b1994fc52c0420b407e065e9cea7b172298291b38d3c88ec453d2bdb7783726c4d97eaf198b6ef9fb6ae8083d833dba8acb0914c2dbe0f46d095bfd51ad3fdbf1bae889539dc3c171df03e59d1c9285418168e776761d9d55bbc3702a7d7f6485767e288562af11d46f601ebb86fd89f05aa7bf04e754bd2791e63ff74"], 0x2c}}, 0x0) 296.131512ms ago: executing program 4 (id=573): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_user\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 289.865088ms ago: executing program 2 (id=574): bpf$PROG_LOAD(0x5, 0x0, 0x0) clock_gettime(0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000001, 0x5d031, 0xffffffffffffffff, 0x0) mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0) 257.186951ms ago: executing program 0 (id=575): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000f00)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@fwd={0x0, 0x0, 0x0, 0x12}]}}, 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) 152.080574ms ago: executing program 0 (id=576): r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip6_flowlabel\x00') read(r0, &(0x7f0000000140)=""/56, 0x38) pread64(r0, &(0x7f0000000040)=""/91, 0x5b, 0x8af9) 151.789581ms ago: executing program 1 (id=577): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000100)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) setregid(0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x22001, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x800) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) timerfd_gettime(0xffffffffffffffff, 0x0) ioctl$TUNATTACHFILTER(r0, 0x401054d5, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) bind$can_j1939(0xffffffffffffffff, 0x0, 0x0) setgroups(0x0, 0x0) 151.712674ms ago: executing program 4 (id=578): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000000)={0x1, 0x0, 0x14, 0x7, 0x0, 0x0}) 98.014283ms ago: executing program 3 (id=579): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x3, &(0x7f0000001cc0)=""/4096, &(0x7f00000002c0)=0x1000) 76.169ms ago: executing program 1 (id=580): r0 = socket(0x11, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', 0x0}) bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4) sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="0201"], 0xdd12}], 0x1}, 0x0) 120.573µs ago: executing program 4 (id=581): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, 0x0, 0x0) sendmsg$key(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="021200"], 0x10}}, 0x0) 0s ago: executing program 0 (id=582): syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000440), &(0x7f0000000500)=0x8) bind$netlink(0xffffffffffffffff, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0) kernel console output (not intermixed with test programs): s an active interface with an up link [ 118.616845][ T8071] FAULT_INJECTION: forcing a failure. [ 118.616845][ T8071] name failslab, interval 1, probability 0, space 0, times 0 [ 118.619739][ T8071] CPU: 1 UID: 0 PID: 8071 Comm: syz.4.259 Not tainted 6.11.0-rc5-syzkaller-gdf54f4a16f82 #0 [ 118.621780][ T8071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 118.623756][ T8071] Call trace: [ 118.624377][ T8071] dump_backtrace+0x1b8/0x1e4 [ 118.625369][ T8071] show_stack+0x2c/0x3c [ 118.626334][ T8071] dump_stack_lvl+0xe4/0x150 [ 118.627319][ T8071] dump_stack+0x1c/0x28 [ 118.628213][ T8071] should_fail_ex+0x3b0/0x50c [ 118.629232][ T8071] should_failslab+0xc8/0x130 [ 118.630259][ T8071] kmem_cache_alloc_noprof+0x84/0x350 [ 118.631499][ T8071] __anon_vma_prepare+0xc4/0x400 [ 118.632604][ T8071] handle_pte_fault+0x497c/0x56f4 [ 118.633762][ T8071] handle_mm_fault+0xe38/0x1460 [ 118.634901][ T8071] do_page_fault+0x38c/0xb1c [ 118.635854][ T8071] do_translation_fault+0xc4/0x114 [ 118.636924][ T8071] do_mem_abort+0x74/0x200 [ 118.637904][ T8071] el0_da+0x60/0x178 [ 118.638771][ T8071] el0t_64_sync_handler+0xcc/0xfc [ 118.640124][ T8071] el0t_64_sync+0x190/0x194 [ 118.687166][ T8071] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 118.691728][ T8071] loop4: detected capacity change from 0 to 512 [ 118.721886][ T7918] team0: Port device team_slave_0 added [ 118.750163][ T7918] team0: Port device team_slave_1 added [ 118.886165][ T7918] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 118.887717][ T7918] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 118.892827][ T7918] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 118.926013][ T7918] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 118.927432][ T7918] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 118.932624][ T7918] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 119.115666][ T8068] loop2: detected capacity change from 0 to 32768 [ 119.186237][ T7918] hsr_slave_0: entered promiscuous mode [ 119.239929][ T7918] hsr_slave_1: entered promiscuous mode [ 119.326151][ T7918] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 119.341155][ T7918] Cannot create hsr debugfs directory [ 119.376923][ T5963] Bluetooth: hci0: command tx timeout [ 119.856661][ T8068] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 119.928877][ T8068] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 119.930595][ T8068] bcachefs (loop2): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.12: rebalance_work_acct_fix [ 119.930595][ T8068] running recovery passes: check_allocations [ 120.011939][ T8068] invalid bkey u64s 11 type alloc_v4 0:127:0 len 0 ver 0: [ 120.011957][ T8068] gen 0 oldest_gen 0 data_type sb [ 120.011965][ T8068] journal_seq 1 [ 120.011972][ T8068] need_discard 1 [ 120.011979][ T8068] need_inc_gen 1 [ 120.011987][ T8068] dirty_sectors 256 [ 120.011994][ T8068] stripe_sectors 0 [ 120.012001][ T8068] cached_sectors 0 [ 120.012008][ T8068] stripe 17327 [ 120.012015][ T8068] stripe_redundancy 0 [ 120.012022][ T8068] io_time[READ] 1 [ 120.012030][ T8068] io_time[WRITE] 1 [ 120.012036][ T8068] fragmentation 0 [ 120.012044][ T8068] bp_start 8 [ 120.012051][ T8068] [ 120.012057][ T8068] invalid data type (got 1 should be 7): delete?, fixing [ 120.069228][ T8068] bcachefs (loop2): accounting_read... done [ 120.070626][ T8068] bcachefs (loop2): alloc_read... done [ 120.071776][ T8068] bcachefs (loop2): stripes_read... done [ 120.083422][ T8068] bcachefs (loop2): snapshots_read... done [ 120.084798][ T8068] bcachefs (loop2): check_allocations... [ 120.169901][ T8068] bcachefs (loop2): pointer to nonexistent bucket 65536:31 [ 120.172438][ T8068] bcachefs (loop2): bch2_gc_mark_key(): error EIO [ 120.173675][ T8068] bcachefs (loop2): bch2_gc_btree(): error EIO [ 120.184730][ T8068] btree node read error for alloc, fixing [ 120.185992][ T8068] bcachefs (loop2): running explicit recovery pass check_topology (1), currently at check_allocations (7) [ 120.188363][ T8068] bcachefs (loop2): bch2_gc_btrees(): error restart_recovery [ 120.189816][ T8068] bcachefs (loop2): bch2_check_allocations(): error restart_recovery [ 120.191398][ T8068] bcachefs (loop2): check_topology... done [ 120.192517][ T8068] bcachefs (loop2): accounting_read... done [ 120.193716][ T8068] bcachefs (loop2): alloc_read... done [ 120.207802][ T8068] bcachefs (loop2): stripes_read... done [ 120.219356][ T8068] bcachefs (loop2): snapshots_read... done [ 120.220672][ T8068] bcachefs (loop2): check_allocations... [ 120.221371][ T8068] bcachefs (loop2): pointer to nonexistent bucket 65536:31 [ 120.223935][ T8068] bcachefs (loop2): bch2_gc_mark_key(): error EIO [ 120.246504][ T8068] bcachefs (loop2): bch2_gc_btree(): error EIO [ 120.247871][ T8068] btree node read error for alloc, fixing [ 120.249280][ T8068] bucket 0:34 data type user ptr gen 0 missing in alloc btree [ 120.249293][ T8068] while marking u64s 7 type extent 4099:8:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 8 offset 0 nonce 0 csum none 0:0 compress incompressible ptr: 0:34:0 gen 0, fixing [ 120.260788][ T8068] btree ptr not marked in member info btree allocated bitmap [ 120.260805][ T8068] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 120.354360][ T8114] input: syz0 as /devices/virtual/input/input5 [ 120.850835][ T8068] btree ptr not marked in member info btree allocated bitmap [ 120.850853][ T8068] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 120.925323][ T8068] bucket 0:31 data type btree ptr gen 0 missing in alloc btree [ 120.925341][ T8068] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0, fixing [ 120.938544][ T8068] btree ptr not marked in member info btree allocated bitmap [ 120.938560][ T8068] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 120.958829][ T8068] btree ptr not marked in member info btree allocated bitmap [ 120.958846][ T8068] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing [ 121.095039][ T8068] btree ptr not marked in member info btree allocated bitmap [ 121.095057][ T8068] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 121.101267][ T8068] bucket 0:37 data type btree ptr gen 0 missing in alloc btree [ 121.101283][ T8068] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing [ 121.109201][ T8068] bucket 0:42 data type btree ptr gen 0 missing in alloc btree [ 121.109216][ T8068] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing [ 121.120874][ T8068] bucket 0:26 gen 0 has wrong data_type: got btree, should be need_discard, fixing [ 121.122716][ T8068] bucket 0:26 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 121.135442][ T8068] bucket 0:31 gen 0 has wrong data_type: got free, should be btree, fixing [ 121.137514][ T8068] bucket 0:31 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 121.139652][ T8068] bucket 0:34 gen 0 has wrong data_type: got free, should be user, fixing [ 121.141331][ T8068] bucket 0:34 gen 0 data type user has wrong dirty_sectors: got 0, should be 16, fixing [ 121.143227][ T8068] bucket 0:34 gen 0 data type user has wrong fragmentation_lru: got 0, should be 134217728, fixing [ 121.164913][ T8068] bucket 0:37 gen 0 has wrong data_type: got free, should be btree, fixing [ 121.166761][ T8068] bucket 0:37 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 121.168962][ T8068] bucket 0:42 gen 0 has wrong data_type: got free, should be btree, fixing [ 121.170680][ T8068] bucket 0:42 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 121.173591][ T8068] bucket 0:127 gen 0 has wrong data_type: got free, should be sb, fixing [ 121.197570][ T8068] bucket 0:127 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 121.242340][ T8068] done [ 121.244016][ T8068] bcachefs (loop2): going read-write [ 121.256064][ T8068] bcachefs (loop2): journal_replay... done [ 121.310085][ T8068] bcachefs (loop2): resume_logged_ops... done [ 121.311380][ T8068] bcachefs (loop2): delete_dead_inodes... done [ 121.317520][ T8068] bcachefs (loop2): done starting filesystem [ 121.546899][ T8124] loop4: detected capacity change from 0 to 32768 [ 121.564322][ T8070] loop3: detected capacity change from 0 to 131072 [ 121.576616][ T8070] F2FS-fs (loop3): invalid crc value [ 121.588497][ T8070] F2FS-fs (loop3): Found nat_bits in checkpoint [ 121.677005][ T6667] bcachefs (loop2): shutting down [ 121.678211][ T6667] bcachefs (loop2): going read-only [ 121.683720][ T6667] bcachefs (loop2): finished waiting for writes to stop [ 121.720278][ T8124] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): filesystem UUID already open [ 121.729898][ T8124] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 121.755773][ T6667] bcachefs (loop2): flushing journal and stopping allocators, journal seq 20 [ 121.762794][ T6667] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 21 [ 121.776574][ T6667] bcachefs (loop2): shutdown complete, journal seq 22 [ 121.778543][ T6667] bcachefs (loop2): done going read-only, filesystem not clean [ 121.810246][ T6667] bcachefs (loop2): shutdown complete [ 121.821749][ T8124] bcachefs: bch2_fs_get_tree() error: EINVAL [ 122.960810][ T7918] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 122.966249][ T7918] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 122.985869][ T7918] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 123.013424][ T7918] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 123.169521][ T7918] 8021q: adding VLAN 0 to HW filter on device bond0 [ 123.192089][ T7918] 8021q: adding VLAN 0 to HW filter on device team0 [ 123.195802][ T8182] loop1: detected capacity change from 0 to 2048 [ 123.213531][ T535] bridge0: port 1(bridge_slave_0) entered blocking state [ 123.215035][ T535] bridge0: port 1(bridge_slave_0) entered forwarding state [ 123.235777][ T7300] bridge0: port 2(bridge_slave_1) entered blocking state [ 123.237259][ T7300] bridge0: port 2(bridge_slave_1) entered forwarding state [ 123.379912][ T8192] FAULT_INJECTION: forcing a failure. [ 123.379912][ T8192] name failslab, interval 1, probability 0, space 0, times 0 [ 123.382574][ T8192] CPU: 1 UID: 0 PID: 8192 Comm: syz.1.277 Not tainted 6.11.0-rc5-syzkaller-gdf54f4a16f82 #0 [ 123.384589][ T8192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 123.386688][ T8192] Call trace: [ 123.387409][ T8192] dump_backtrace+0x1b8/0x1e4 [ 123.388407][ T8192] show_stack+0x2c/0x3c [ 123.389349][ T8192] dump_stack_lvl+0xe4/0x150 [ 123.390232][ T8192] dump_stack+0x1c/0x28 [ 123.391178][ T8192] should_fail_ex+0x3b0/0x50c [ 123.392247][ T8192] should_failslab+0xc8/0x130 [ 123.393294][ T8192] kmem_cache_alloc_noprof+0x84/0x350 [ 123.394471][ T8192] pte_alloc_one_noprof+0x78/0x2f4 [ 123.395415][ T8192] handle_pte_fault+0x46f4/0x56f4 [ 123.396574][ T8192] handle_mm_fault+0xe38/0x1460 [ 123.397573][ T8192] do_page_fault+0x38c/0xb1c [ 123.398573][ T8192] do_translation_fault+0xc4/0x114 [ 123.399663][ T8192] do_mem_abort+0x74/0x200 [ 123.400666][ T8192] el0_da+0x60/0x178 [ 123.401517][ T8192] el0t_64_sync_handler+0xcc/0xfc [ 123.402682][ T8192] el0t_64_sync+0x190/0x194 [ 123.495840][ T8192] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 123.498069][ T8192] loop1: detected capacity change from 0 to 2 [ 123.499634][ T8192] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 123.527256][ T7918] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 123.532031][ T8199] loop4: detected capacity change from 0 to 512 [ 123.686317][ T7918] veth0_vlan: entered promiscuous mode [ 123.690553][ T7918] veth1_vlan: entered promiscuous mode [ 123.756935][ T7918] veth0_macvtap: entered promiscuous mode [ 123.773896][ T7918] veth1_macvtap: entered promiscuous mode [ 123.867731][ T8215] input: syz0 as /devices/virtual/input/input6 [ 124.397138][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 124.405794][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.412029][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 124.417530][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.421766][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 124.427274][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.432908][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 124.440991][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.443995][ T7918] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 124.454405][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 124.457190][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.459063][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 124.461180][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.463112][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 124.476535][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.488456][ T7918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 124.498821][ T7918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.502850][ T7918] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 124.527149][ T7918] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.529020][ T7918] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.530747][ T7918] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.542770][ T7918] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.701856][ T8207] loop4: detected capacity change from 0 to 32768 [ 124.759354][ T535] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.761048][ T535] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.766282][ T8225] loop3: detected capacity change from 0 to 4096 [ 124.797878][ T7300] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.799593][ T7300] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.838103][ T8204] loop1: detected capacity change from 0 to 40427 [ 124.884461][ T8207] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 124.906798][ T8204] F2FS-fs (loop1): invalid crc value [ 124.912449][ T8225] overlayfs: upper fs does not support tmpfile. [ 124.914919][ T8207] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 124.916512][ T8207] bcachefs (loop4): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.12: rebalance_work_acct_fix [ 124.916512][ T8207] running recovery passes: check_allocations [ 124.936372][ T8225] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 124.953489][ T8204] F2FS-fs (loop1): Found nat_bits in checkpoint [ 124.976823][ T8207] invalid bkey u64s 11 type alloc_v4 0:127:0 len 0 ver 0: [ 124.976840][ T8207] gen 0 oldest_gen 0 data_type sb [ 124.976849][ T8207] journal_seq 1 [ 124.976856][ T8207] need_discard 1 [ 124.976863][ T8207] need_inc_gen 1 [ 124.976870][ T8207] dirty_sectors 256 [ 124.976877][ T8207] stripe_sectors 0 [ 124.976884][ T8207] cached_sectors 0 [ 124.976892][ T8207] stripe 17327 [ 124.976899][ T8207] stripe_redundancy 0 [ 124.976906][ T8207] io_time[READ] 1 [ 124.976913][ T8207] io_time[WRITE] 1 [ 124.976920][ T8207] fragmentation 0 [ 124.976927][ T8207] bp_start 8 [ 124.976934][ T8207] [ 124.976941][ T8207] invalid data type (got 1 should be 7): delete?, fixing [ 125.012791][ T8204] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 125.041082][ T8207] bcachefs (loop4): accounting_read... done [ 125.042557][ T8207] bcachefs (loop4): alloc_read... done [ 125.043964][ T6395] ntfs3: loop3: failed to convert "0000" to cp949 [ 125.043994][ T8207] bcachefs (loop4): stripes_read... done [ 125.047740][ T8207] bcachefs (loop4): snapshots_read... done [ 125.052683][ T8207] bcachefs (loop4): check_allocations... [ 125.097233][ T8220] loop2: detected capacity change from 0 to 32768 [ 125.135457][ T6395] ntfs3: loop3: failed to convert name for inode 1e. [ 125.145585][ T8207] bcachefs (loop4): pointer to nonexistent bucket 65536:31 [ 125.149004][ T8207] bcachefs (loop4): bch2_gc_mark_key(): error EIO [ 125.150427][ T8207] bcachefs (loop4): bch2_gc_btree(): error EIO [ 125.152071][ T8207] btree node read error for alloc, fixing [ 125.153274][ T8207] bcachefs (loop4): running explicit recovery pass check_topology (1), currently at check_allocations (7) [ 125.169293][ T8207] bcachefs (loop4): bch2_gc_btrees(): error restart_recovery [ 125.170858][ T8207] bcachefs (loop4): bch2_check_allocations(): error restart_recovery [ 125.172508][ T8207] bcachefs (loop4): check_topology... done [ 125.173738][ T8207] bcachefs (loop4): accounting_read... done [ 125.188560][ T8207] bcachefs (loop4): alloc_read... done [ 125.189753][ T8207] bcachefs (loop4): stripes_read... done [ 125.190965][ T8207] bcachefs (loop4): snapshots_read... done [ 125.197791][ T8207] bcachefs (loop4): check_allocations... [ 125.199103][ T8207] bcachefs (loop4): pointer to nonexistent bucket 65536:31 [ 125.202710][ T8259] loop0: detected capacity change from 0 to 128 [ 125.205736][ T8207] bcachefs (loop4): bch2_gc_mark_key(): error EIO [ 125.207204][ T8207] bcachefs (loop4): bch2_gc_btree(): error EIO [ 125.212795][ T8207] btree node read error for alloc, fixing [ 125.214314][ T8207] bucket 0:34 data type user ptr gen 0 missing in alloc btree [ 125.214328][ T8207] while marking u64s 7 type extent 4099:8:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 8 offset 0 nonce 0 csum none 0:0 compress incompressible ptr: 0:34:0 gen 0, fixing [ 125.230028][ T8255] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 125.230078][ T8255] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 125.244912][ T8255] vhci_hcd vhci_hcd.0: Device attached [ 125.294043][ T8266] syz.1.280: attempt to access beyond end of device [ 125.294043][ T8266] loop1: rw=2049, sector=77824, nr_sectors = 544 limit=40427 [ 125.300982][ T8266] syz.1.280: attempt to access beyond end of device [ 125.300982][ T8266] loop1: rw=2049, sector=77824, nr_sectors = 544 limit=40427 [ 125.328583][ T8259] FAT-fs (loop0): FAT read failed (blocknr 234) [ 125.338377][ T8207] btree ptr not marked in member info btree allocated bitmap [ 125.338393][ T8207] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 125.355445][ T8220] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 125.392595][ T8207] btree ptr not marked in member info btree allocated bitmap [ 125.392611][ T8207] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 125.403629][ T7486] kworker/u8:14: attempt to access beyond end of device [ 125.403629][ T7486] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 125.420674][ T7486] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 125.445025][ T8207] bucket 0:31 data type btree ptr gen 0 missing in alloc btree [ 125.445042][ T8207] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0, fixing [ 125.452439][ T8258] vhci_hcd: cannot find a urb of seqnum 4278190080 max seqnum 0 [ 125.462081][ T137] vhci_hcd: stop threads [ 125.462138][ T137] vhci_hcd: release socket [ 125.462189][ T137] vhci_hcd: disconnect device [ 125.555231][ T8207] btree ptr not marked in member info btree allocated bitmap [ 125.555249][ T8207] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 125.582216][ T8207] btree ptr not marked in member info btree allocated bitmap [ 125.582233][ T8207] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing [ 125.614360][ T8207] btree ptr not marked in member info btree allocated bitmap [ 125.614377][ T8207] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 125.618084][ T8220] XFS (loop2): Ending clean mount [ 125.619204][ T8220] XFS (loop2): Quotacheck needed: Please wait. [ 125.650782][ T8207] bucket 0:37 data type btree ptr gen 0 missing in alloc btree [ 125.650798][ T8207] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing [ 125.655472][ T8207] bucket 0:42 data type btree ptr gen 0 missing in alloc btree [ 125.655485][ T8207] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing [ 125.660917][ T8207] bucket 0:26 gen 0 has wrong data_type: got btree, should be need_discard, fixing [ 125.663314][ T8207] bucket 0:26 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 125.675063][ T8207] bucket 0:31 gen 0 has wrong data_type: got free, should be btree, fixing [ 125.676735][ T8207] bucket 0:31 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 125.678674][ T8207] bucket 0:34 gen 0 has wrong data_type: got free, should be user, fixing [ 125.680356][ T8207] bucket 0:34 gen 0 data type user has wrong dirty_sectors: got 0, should be 16, fixing [ 125.682240][ T8207] bucket 0:34 gen 0 data type user has wrong fragmentation_lru: got 0, should be 134217728, fixing [ 125.684492][ T8207] bucket 0:37 gen 0 has wrong data_type: got free, should be btree, fixing [ 125.690608][ T8220] XFS (loop2): Quotacheck: Done. [ 125.714824][ T8207] bucket 0:37 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 125.723264][ T8207] bucket 0:42 gen 0 has wrong data_type: got free, should be btree, fixing [ 125.736360][ T8207] bucket 0:42 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 125.748529][ T8207] bucket 0:127 gen 0 has wrong data_type: got free, should be sb, fixing [ 125.758492][ T8207] bucket 0:127 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 125.818982][ T5207] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.819854][ T8207] done [ 125.822772][ T8207] bcachefs (loop4): going read-write [ 125.843203][ T5963] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 125.843506][ T8207] bcachefs (loop4): journal_replay... [ 125.850554][ T5963] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 125.859855][ T5963] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 125.863405][ T5963] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 125.869087][ T5963] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 125.870940][ T5963] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 125.940506][ T2333] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.941960][ T2333] ieee802154 phy1 wpan1: encryption failed: -22 [ 125.967485][ T8207] done [ 125.982082][ T8207] bcachefs (loop4): resume_logged_ops... done [ 125.983338][ T8207] bcachefs (loop4): delete_dead_inodes... done [ 125.999381][ T8207] bcachefs (loop4): done starting filesystem [ 126.184759][ T5207] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.316416][ T5207] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.376810][ T7214] bcachefs (loop4): shutting down [ 126.377928][ T7214] bcachefs (loop4): going read-only [ 126.384789][ T7214] bcachefs (loop4): finished waiting for writes to stop [ 126.412776][ T7214] bcachefs (loop4): flushing journal and stopping allocators, journal seq 20 [ 126.416934][ T7214] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 21 [ 126.434252][ T7214] bcachefs (loop4): shutdown complete, journal seq 22 [ 126.436279][ T7214] bcachefs (loop4): done going read-only, filesystem not clean [ 126.472428][ T5207] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.498961][ T7214] bcachefs (loop4): shutdown complete [ 126.761537][ T8277] chnl_net:caif_netlink_parms(): no params data found [ 126.869448][ T8332] input: syz0 as /devices/virtual/input/input7 [ 127.532520][ T8277] bridge0: port 1(bridge_slave_0) entered blocking state [ 127.534060][ T8277] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.557943][ T8277] bridge_slave_0: entered allmulticast mode [ 127.565129][ T8277] bridge_slave_0: entered promiscuous mode [ 127.597725][ T8277] bridge0: port 2(bridge_slave_1) entered blocking state [ 127.599246][ T8277] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.600747][ T8277] bridge_slave_1: entered allmulticast mode [ 127.602582][ T8277] bridge_slave_1: entered promiscuous mode [ 127.782453][ T5207] bridge_slave_1: left allmulticast mode [ 127.783695][ T5207] bridge_slave_1: left promiscuous mode [ 127.792564][ T5207] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.813627][ T5207] bridge_slave_0: left allmulticast mode [ 127.815263][ T5207] bridge_slave_0: left promiscuous mode [ 127.816444][ T5207] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.934747][ T5963] Bluetooth: hci1: command tx timeout [ 128.104958][ T6667] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 128.329029][ T8351] loop0: detected capacity change from 0 to 32768 [ 128.390762][ T8358] loop4: detected capacity change from 0 to 40427 [ 128.393678][ T8358] F2FS-fs (loop4): invalid crc value [ 128.397721][ T8358] F2FS-fs (loop4): Found nat_bits in checkpoint [ 128.409256][ T8358] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 128.552280][ T8358] syz.4.297: attempt to access beyond end of device [ 128.552280][ T8358] loop4: rw=2049, sector=77824, nr_sectors = 544 limit=40427 [ 128.558809][ T8358] syz.4.297: attempt to access beyond end of device [ 128.558809][ T8358] loop4: rw=2049, sector=77824, nr_sectors = 544 limit=40427 [ 128.653763][ T7214] syz-executor: attempt to access beyond end of device [ 128.653763][ T7214] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 128.658554][ T7214] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 128.928271][ T8351] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 128.944558][ T8351] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 128.951607][ T8351] bcachefs (loop0): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.12: rebalance_work_acct_fix [ 128.951607][ T8351] running recovery passes: check_allocations [ 128.963702][ T8351] invalid bkey u64s 11 type alloc_v4 0:127:0 len 0 ver 0: [ 128.963718][ T8351] gen 0 oldest_gen 0 data_type sb [ 128.963726][ T8351] journal_seq 1 [ 128.963733][ T8351] need_discard 1 [ 128.963741][ T8351] need_inc_gen 1 [ 128.963748][ T8351] dirty_sectors 256 [ 128.963755][ T8351] stripe_sectors 0 [ 128.963762][ T8351] cached_sectors 0 [ 128.963769][ T8351] stripe 17327 [ 128.963777][ T8351] stripe_redundancy 0 [ 128.963784][ T8351] io_time[READ] 1 [ 128.963791][ T8351] io_time[WRITE] 1 [ 128.963798][ T8351] fragmentation 0 [ 128.963805][ T8351] bp_start 8 [ 128.963812][ T8351] [ 128.963819][ T8351] invalid data type (got 1 should be 7): delete?, shutting down [ 128.998979][ T8351] bcachefs (loop0): inconsistency detected - emergency read only at journal seq 10 [ 129.007440][ T8351] bcachefs (loop0): accounting_read... done [ 129.011039][ T8351] bcachefs (loop0): alloc_read... done [ 129.013242][ T8351] bcachefs (loop0): stripes_read... done [ 129.015331][ T8351] bcachefs (loop0): snapshots_read... done [ 129.017673][ T8351] bcachefs (loop0): check_allocations... [ 129.148716][ T8351] bcachefs (loop0): pointer to nonexistent bucket 65536:31 [ 129.152909][ T8351] bcachefs (loop0): bch2_gc_mark_key(): error EIO [ 129.154382][ T8351] bcachefs (loop0): bch2_gc_btree(): error EIO [ 129.156206][ T8351] btree node read error for alloc, shutting down [ 129.164557][ T8351] bcachefs (loop0): bch2_gc_btrees(): error fsck_errors_not_fixed [ 129.166403][ T8351] bcachefs (loop0): bch2_check_allocations(): error fsck_errors_not_fixed [ 129.168109][ T8351] bcachefs (loop0): bch2_fs_recovery(): error fsck_errors_not_fixed [ 129.169642][ T8351] bcachefs (loop0): bch2_fs_start(): error starting filesystem fsck_errors_not_fixed [ 129.172883][ T8351] bcachefs (loop0): shutting down [ 129.183088][ T8351] bcachefs (loop0): shutdown complete [ 129.438872][ T8351] bcachefs: bch2_fs_get_tree() error: fsck_errors_not_fixed [ 129.534764][ T6446] IPVS: starting estimator thread 0... [ 129.634927][ T8408] IPVS: using max 27 ests per chain, 64800 per kthread [ 129.794533][ T8410] loop0: detected capacity change from 0 to 32768 [ 129.899749][ T8410] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 129.903435][ T8410] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 129.905502][ T8410] bcachefs (loop0): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.12: rebalance_work_acct_fix [ 129.905502][ T8410] running recovery passes: check_allocations [ 129.934006][ T8410] invalid bkey u64s 11 type alloc_v4 0:127:0 len 0 ver 0: [ 129.934022][ T8410] gen 0 oldest_gen 0 data_type sb [ 129.934030][ T8410] journal_seq 1 [ 129.934038][ T8410] need_discard 1 [ 129.934045][ T8410] need_inc_gen 1 [ 129.934052][ T8410] dirty_sectors 256 [ 129.934059][ T8410] stripe_sectors 0 [ 129.934066][ T8410] cached_sectors 0 [ 129.934074][ T8410] stripe 17327 [ 129.934081][ T8410] stripe_redundancy 0 [ 129.934088][ T8410] io_time[READ] 1 [ 129.934101][ T8410] io_time[WRITE] 1 [ 129.934109][ T8410] fragmentation 0 [ 129.934116][ T8410] bp_start 8 [ 129.934123][ T8410] [ 129.934130][ T8410] invalid data type (got 1 should be 7): delete?, fixing [ 129.965379][ T8410] bcachefs (loop0): accounting_read... done [ 129.966621][ T8410] bcachefs (loop0): alloc_read... done [ 129.967809][ T8410] bcachefs (loop0): stripes_read... done [ 129.968984][ T8410] bcachefs (loop0): snapshots_read... done [ 129.970225][ T8410] bcachefs (loop0): check_allocations... [ 129.995533][ T8410] bcachefs (loop0): pointer to nonexistent bucket 65536:31 [ 129.998344][ T8410] bcachefs (loop0): bch2_gc_mark_key(): error EIO [ 129.999625][ T8410] bcachefs (loop0): bch2_gc_btree(): error EIO [ 130.001270][ T8410] btree node read error for alloc, fixing [ 130.002513][ T8410] bcachefs (loop0): running explicit recovery pass check_topology (1), currently at check_allocations (7) [ 130.005300][ T8410] bcachefs (loop0): bch2_gc_btrees(): error restart_recovery [ 130.006959][ T8410] bcachefs (loop0): bch2_check_allocations(): error restart_recovery [ 130.008927][ T8410] bcachefs (loop0): check_topology... done [ 130.010679][ T8410] bcachefs (loop0): accounting_read... done [ 130.012074][ T8410] bcachefs (loop0): alloc_read... done [ 130.013418][ T8410] bcachefs (loop0): stripes_read... done [ 130.014873][ T5963] Bluetooth: hci1: command tx timeout [ 130.025591][ T8410] bcachefs (loop0): snapshots_read... done [ 130.027150][ T8410] bcachefs (loop0): check_allocations... [ 130.027879][ T8410] bcachefs (loop0): pointer to nonexistent bucket 65536:31 [ 130.030673][ T8410] bcachefs (loop0): bch2_gc_mark_key(): error EIO [ 130.031985][ T8410] bcachefs (loop0): bch2_gc_btree(): error EIO [ 130.033216][ T8410] btree node read error for alloc, fixing [ 130.036386][ T8410] bucket 0:34 data type user ptr gen 0 missing in alloc btree [ 130.036402][ T8410] while marking u64s 7 type extent 4099:8:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 8 offset 0 nonce 0 csum none 0:0 compress incompressible ptr: 0:34:0 gen 0, fixing [ 130.043136][ T8410] btree ptr not marked in member info btree allocated bitmap [ 130.043151][ T8410] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 130.059790][ T8410] btree ptr not marked in member info btree allocated bitmap [ 130.059807][ T8410] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 130.065397][ T8412] loop4: detected capacity change from 0 to 32768 [ 130.068378][ T8410] bucket 0:31 data type btree ptr gen 0 missing in alloc btree [ 130.068392][ T8410] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0, fixing [ 130.073726][ T8410] btree ptr not marked in member info btree allocated bitmap [ 130.073740][ T8410] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 130.087442][ T8410] btree ptr not marked in member info btree allocated bitmap [ 130.087458][ T8410] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing [ 130.092913][ T8410] btree ptr not marked in member info btree allocated bitmap [ 130.092931][ T8410] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 130.099257][ T8410] bucket 0:37 data type btree ptr gen 0 missing in alloc btree [ 130.099272][ T8410] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing [ 130.104409][ T8410] bucket 0:42 data type btree ptr gen 0 missing in alloc btree [ 130.104422][ T8410] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing [ 130.110698][ T8410] bucket 0:26 gen 0 has wrong data_type: got btree, should be need_discard, fixing [ 130.112608][ T8410] bucket 0:26 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 130.115421][ T8410] bucket 0:31 gen 0 has wrong data_type: got free, should be btree, fixing [ 130.117473][ T8410] bucket 0:31 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 130.119639][ T8410] bucket 0:34 gen 0 has wrong data_type: got free, should be user, fixing [ 130.121477][ T8410] bucket 0:34 gen 0 data type user has wrong dirty_sectors: got 0, should be 16, fixing [ 130.123472][ T8410] bucket 0:34 gen 0 data type user has wrong fragmentation_lru: got 0, should be 134217728, fixing [ 130.126251][ T8410] bucket 0:37 gen 0 has wrong data_type: got free, should be btree, fixing [ 130.128277][ T8410] bucket 0:37 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 130.130448][ T8410] bucket 0:42 gen 0 has wrong data_type: got free, should be btree, fixing [ 130.132170][ T8410] bucket 0:42 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 130.135776][ T8410] bucket 0:127 gen 0 has wrong data_type: got free, should be sb, fixing [ 130.137963][ T8410] bucket 0:127 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 130.140889][ T8410] done [ 130.142763][ T8410] bcachefs (loop0): going read-write [ 130.145660][ T8410] bcachefs (loop0): journal_replay... [ 130.164910][ T8412] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): filesystem UUID already open [ 130.168343][ T8412] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 130.203989][ T8410] done [ 130.206547][ T8410] bcachefs (loop0): resume_logged_ops... done [ 130.207927][ T8410] bcachefs (loop0): delete_dead_inodes... done [ 130.215035][ T8412] bcachefs: bch2_fs_get_tree() error: EINVAL [ 130.231836][ T8410] bcachefs (loop0): done starting filesystem [ 130.838307][ T5207] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 130.874196][ T5207] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 130.987167][ T5207] bond0 (unregistering): Released all slaves [ 130.993475][ T7918] bcachefs (loop0): shutting down [ 130.996830][ T7918] bcachefs (loop0): going read-only [ 130.997238][ T8341] netlink: 8 bytes leftover after parsing attributes in process `syz.1.293'. [ 130.998068][ T7918] bcachefs (loop0): finished waiting for writes to stop [ 130.999821][ T8341] netlink: 4 bytes leftover after parsing attributes in process `syz.1.293'. [ 131.005076][ T8277] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 131.015527][ T8277] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 131.137661][ T7918] bcachefs (loop0): flushing journal and stopping allocators, journal seq 21 [ 131.238278][ T7918] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 22 [ 131.337737][ T7918] bcachefs (loop0): shutdown complete, journal seq 23 [ 131.420308][ T7918] bcachefs (loop0): done going read-only, filesystem not clean [ 131.753130][ T8445] loop1: detected capacity change from 0 to 256 [ 131.758142][ T7918] bcachefs (loop0): shutdown complete [ 131.784413][ T8277] team0: Port device team_slave_0 added [ 132.070526][ T8277] team0: Port device team_slave_1 added [ 132.095673][ T5963] Bluetooth: hci1: command tx timeout [ 132.317870][ T8277] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 132.323785][ T8277] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 132.344746][ T8277] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 132.386947][ T8453] loop4: detected capacity change from 0 to 32768 [ 132.490628][ T8465] FAULT_INJECTION: forcing a failure. [ 132.490628][ T8465] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 132.493280][ T8465] CPU: 1 UID: 0 PID: 8465 Comm: syz.1.310 Not tainted 6.11.0-rc5-syzkaller-gdf54f4a16f82 #0 [ 132.495381][ T8465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 132.497616][ T8465] Call trace: [ 132.498318][ T8465] dump_backtrace+0x1b8/0x1e4 [ 132.499587][ T8465] show_stack+0x2c/0x3c [ 132.500664][ T8465] dump_stack_lvl+0xe4/0x150 [ 132.501594][ T8465] dump_stack+0x1c/0x28 [ 132.502518][ T8465] should_fail_ex+0x3b0/0x50c [ 132.503627][ T8465] should_fail+0x14/0x24 [ 132.504600][ T8465] should_fail_usercopy+0x20/0x30 [ 132.505644][ T8465] copy_msghdr_from_user+0xb8/0x59c [ 132.506718][ T8465] __sys_sendmmsg+0x2e0/0x7e0 [ 132.507688][ T8465] __arm64_sys_sendmmsg+0xa0/0xbc [ 132.508783][ T8465] invoke_syscall+0x98/0x2b8 [ 132.509751][ T8465] el0_svc_common+0x130/0x23c [ 132.510814][ T8465] do_el0_svc+0x48/0x58 [ 132.511745][ T8465] el0_svc+0x54/0x168 [ 132.512559][ T8465] el0t_64_sync_handler+0x84/0xfc [ 132.513610][ T8465] el0t_64_sync+0x190/0x194 [ 132.649555][ T8453] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 132.652974][ T8453] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 132.664755][ T8453] bcachefs (loop4): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.12: rebalance_work_acct_fix [ 132.664755][ T8453] running recovery passes: check_allocations [ 132.698855][ T8453] invalid bkey u64s 11 type alloc_v4 0:127:0 len 0 ver 0: [ 132.698873][ T8453] gen 0 oldest_gen 0 data_type sb [ 132.698881][ T8453] journal_seq 1 [ 132.698889][ T8453] need_discard 1 [ 132.698896][ T8453] need_inc_gen 1 [ 132.698903][ T8453] dirty_sectors 256 [ 132.698910][ T8453] stripe_sectors 0 [ 132.698918][ T8453] cached_sectors 0 [ 132.698925][ T8453] stripe 17327 [ 132.698932][ T8453] stripe_redundancy 0 [ 132.698939][ T8453] io_time[READ] 1 [ 132.698947][ T8453] io_time[WRITE] 1 [ 132.698954][ T8453] fragmentation 0 [ 132.698961][ T8453] bp_start 8 [ 132.698968][ T8453] [ 132.698975][ T8453] invalid data type (got 1 should be 7): delete?, fixing [ 132.710775][ T8456] loop2: detected capacity change from 0 to 40427 [ 132.711649][ T8456] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 132.711686][ T8456] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 132.754006][ T8456] F2FS-fs (loop2): invalid crc value [ 132.770149][ T8453] bcachefs (loop4): accounting_read... done [ 132.771395][ T8453] bcachefs (loop4): alloc_read... done [ 132.772472][ T8453] bcachefs (loop4): stripes_read... done [ 132.773602][ T8453] bcachefs (loop4): snapshots_read... done [ 132.777774][ T8453] bcachefs (loop4): check_allocations... [ 132.778827][ T8456] F2FS-fs (loop2): Found nat_bits in checkpoint [ 132.825759][ T8453] bcachefs (loop4): pointer to nonexistent bucket 65536:31 [ 132.827644][ T8453] bcachefs (loop4): bch2_gc_mark_key(): error EIO [ 132.828936][ T8453] bcachefs (loop4): bch2_gc_btree(): error EIO [ 132.846782][ T8453] btree node read error for alloc, fixing [ 132.848056][ T8453] bcachefs (loop4): running explicit recovery pass check_topology (1), currently at check_allocations (7) [ 132.854128][ T8456] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 132.857662][ T8277] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 132.859163][ T8277] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 132.863375][ T8456] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 132.866343][ T8453] bcachefs (loop4): bch2_gc_btrees(): error restart_recovery [ 132.867946][ T8453] bcachefs (loop4): bch2_check_allocations(): error restart_recovery [ 132.869477][ T8453] bcachefs (loop4): check_topology... done [ 132.870607][ T8453] bcachefs (loop4): accounting_read... done [ 132.871880][ T8453] bcachefs (loop4): alloc_read... done [ 132.873015][ T8453] bcachefs (loop4): stripes_read... done [ 132.874146][ T8453] bcachefs (loop4): snapshots_read... done [ 132.885515][ T8453] bcachefs (loop4): check_allocations... [ 132.886305][ T8453] bcachefs (loop4): pointer to nonexistent bucket 65536:31 [ 132.888926][ T8453] bcachefs (loop4): bch2_gc_mark_key(): error EIO [ 132.890246][ T8453] bcachefs (loop4): bch2_gc_btree(): error EIO [ 132.891535][ T8453] btree node read error for alloc, fixing [ 132.892902][ T8453] bucket 0:34 data type user ptr gen 0 missing in alloc btree [ 132.892914][ T8453] while marking u64s 7 type extent 4099:8:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 8 offset 0 nonce 0 csum none 0:0 compress incompressible ptr: 0:34:0 gen 0, fixing [ 132.898704][ T8277] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 132.922558][ T8453] btree ptr not marked in member info btree allocated bitmap [ 132.922574][ T8453] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 133.021115][ T8453] btree ptr not marked in member info btree allocated bitmap [ 133.021134][ T8453] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 133.118734][ T8453] bucket 0:31 data type btree ptr gen 0 missing in alloc btree [ 133.118752][ T8453] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0, fixing [ 133.123402][ T8453] btree ptr not marked in member info btree allocated bitmap [ 133.123417][ T8453] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 133.459282][ T8453] btree ptr not marked in member info btree allocated bitmap [ 133.459365][ T8453] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing [ 133.649003][ T8453] btree ptr not marked in member info btree allocated bitmap [ 133.649020][ T8453] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 133.684768][ T5207] hsr_slave_0: left promiscuous mode [ 133.702545][ T8453] bucket 0:37 data type btree ptr gen 0 missing in alloc btree [ 133.702562][ T8453] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing [ 133.715122][ T8453] bucket 0:42 data type btree ptr gen 0 missing in alloc btree [ 133.715137][ T8453] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing [ 133.744421][ T2147] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 133.745073][ T2147] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 133.752632][ T8453] bucket 0:26 gen 0 has wrong data_type: got btree, should be need_discard, fixing [ 133.754469][ T8453] bucket 0:26 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 133.757052][ T5207] hsr_slave_1: left promiscuous mode [ 133.766205][ T8453] bucket 0:31 gen 0 has wrong data_type: got free, should be btree, fixing [ 133.767933][ T8453] bucket 0:31 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 133.770013][ T8453] bucket 0:34 gen 0 has wrong data_type: got free, should be user, fixing [ 133.771719][ T8453] bucket 0:34 gen 0 data type user has wrong dirty_sectors: got 0, should be 16, fixing [ 133.773673][ T8453] bucket 0:34 gen 0 data type user has wrong fragmentation_lru: got 0, should be 134217728, fixing [ 133.784237][ T8453] bucket 0:37 gen 0 has wrong data_type: got free, should be btree, fixing [ 133.788799][ T8453] bucket 0:37 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 133.790971][ T8453] bucket 0:42 gen 0 has wrong data_type: got free, should be btree, fixing [ 133.792692][ T8453] bucket 0:42 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 133.799906][ T8453] bucket 0:127 gen 0 has wrong data_type: got free, should be sb, fixing [ 133.801599][ T8453] bucket 0:127 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 133.804291][ T8453] done [ 133.816712][ T8453] bcachefs (loop4): going read-write [ 133.822479][ T8453] bcachefs (loop4): journal_replay... [ 133.826230][ T5207] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 133.829121][ T5207] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 133.835179][ T5207] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 133.836810][ T5207] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 133.874334][ T8453] done [ 133.881447][ T8453] bcachefs (loop4): resume_logged_ops... done [ 133.882795][ T8453] bcachefs (loop4): delete_dead_inodes... done [ 133.901699][ T5207] veth1_macvtap: left promiscuous mode [ 133.902915][ T5207] veth0_macvtap: left promiscuous mode [ 133.904143][ T5207] veth1_vlan: left promiscuous mode [ 133.911005][ T8453] bcachefs (loop4): done starting filesystem [ 133.920177][ T5207] veth0_vlan: left promiscuous mode [ 134.052577][ T8492] loop0: detected capacity change from 0 to 32768 [ 134.219105][ T5963] Bluetooth: hci1: command tx timeout [ 134.398110][ T8492] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): filesystem UUID already open [ 134.400126][ T8492] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 134.618711][ T7214] bcachefs (loop4): shutting down [ 134.619819][ T7214] bcachefs (loop4): going read-only [ 134.621963][ T7214] bcachefs (loop4): finished waiting for writes to stop [ 134.651920][ T8492] bcachefs: bch2_fs_get_tree() error: EINVAL [ 134.708270][ T7214] bcachefs (loop4): flushing journal and stopping allocators, journal seq 18 [ 134.713908][ T7214] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 19 [ 134.721845][ T7214] bcachefs (loop4): shutdown complete, journal seq 20 [ 134.723832][ T7214] bcachefs (loop4): done going read-only, filesystem not clean [ 134.853196][ T7214] bcachefs (loop4): shutdown complete [ 134.919490][ T8501] loop2: detected capacity change from 0 to 40427 [ 134.927436][ T8501] F2FS-fs (loop2): invalid crc value [ 134.959419][ T8501] F2FS-fs (loop2): Found nat_bits in checkpoint [ 134.972136][ T8501] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 135.261657][ T8518] syz.2.314: attempt to access beyond end of device [ 135.261657][ T8518] loop2: rw=2049, sector=77824, nr_sectors = 544 limit=40427 [ 135.285292][ T8518] syz.2.314: attempt to access beyond end of device [ 135.285292][ T8518] loop2: rw=2049, sector=77824, nr_sectors = 544 limit=40427 [ 135.621736][ T8516] loop0: detected capacity change from 0 to 40427 [ 135.623533][ T6667] syz-executor: attempt to access beyond end of device [ 135.623533][ T6667] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 135.630880][ T6667] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 135.648873][ T8516] F2FS-fs (loop0): invalid crc value [ 135.672453][ T8516] F2FS-fs (loop0): Found nat_bits in checkpoint [ 135.714576][ T8516] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 136.003604][ T8524] loop4: detected capacity change from 0 to 32768 [ 136.138152][ T8524] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 136.141551][ T8524] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 136.143277][ T8524] bcachefs (loop4): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.12: rebalance_work_acct_fix [ 136.143277][ T8524] running recovery passes: check_allocations [ 136.151235][ T8524] invalid bkey u64s 11 type alloc_v4 0:127:0 len 0 ver 0: [ 136.151250][ T8524] gen 0 oldest_gen 0 data_type sb [ 136.151258][ T8524] journal_seq 1 [ 136.151265][ T8524] need_discard 1 [ 136.151278][ T8524] need_inc_gen 1 [ 136.151285][ T8524] dirty_sectors 256 [ 136.151292][ T8524] stripe_sectors 0 [ 136.151299][ T8524] cached_sectors 0 [ 136.151306][ T8524] stripe 17327 [ 136.151313][ T8524] stripe_redundancy 0 [ 136.151320][ T8524] io_time[READ] 1 [ 136.151327][ T8524] io_time[WRITE] 1 [ 136.151335][ T8524] fragmentation 0 [ 136.151342][ T8524] bp_start 8 [ 136.151349][ T8524] [ 136.151355][ T8524] invalid data type (got 1 should be 7): delete?, fixing [ 136.173089][ T8524] bcachefs (loop4): accounting_read... done [ 136.182223][ T8524] bcachefs (loop4): alloc_read... done [ 136.183622][ T8524] bcachefs (loop4): stripes_read... done [ 136.204653][ T8524] bcachefs (loop4): snapshots_read... done [ 136.206018][ T8524] bcachefs (loop4): check_allocations... [ 136.245452][ T8524] bcachefs (loop4): pointer to nonexistent bucket 65536:31 [ 136.248034][ T8524] bcachefs (loop4): bch2_gc_mark_key(): error EIO [ 136.249316][ T8524] bcachefs (loop4): bch2_gc_btree(): error EIO [ 136.250602][ T8524] btree node read error for alloc, fixing [ 136.259379][ T8526] loop2: detected capacity change from 0 to 40427 [ 136.261552][ T8524] bcachefs (loop4): running explicit recovery pass check_topology (1), currently at check_allocations (7) [ 136.263804][ T8524] bcachefs (loop4): bch2_gc_btrees(): error restart_recovery [ 136.265844][ T8524] bcachefs (loop4): bch2_check_allocations(): error restart_recovery [ 136.267491][ T8524] bcachefs (loop4): check_topology... done [ 136.268777][ T8524] bcachefs (loop4): accounting_read... done [ 136.270021][ T8524] bcachefs (loop4): alloc_read... done [ 136.271114][ T8524] bcachefs (loop4): stripes_read... done [ 136.272388][ T8524] bcachefs (loop4): snapshots_read... done [ 136.273680][ T8524] bcachefs (loop4): check_allocations... [ 136.274388][ T8524] bcachefs (loop4): pointer to nonexistent bucket 65536:31 [ 136.278005][ T8524] bcachefs (loop4): bch2_gc_mark_key(): error EIO [ 136.279331][ T8524] bcachefs (loop4): bch2_gc_btree(): error EIO [ 136.280592][ T8524] btree node read error for alloc, fixing [ 136.282016][ T8524] bucket 0:34 data type user ptr gen 0 missing in alloc btree [ 136.282029][ T8524] while marking u64s 7 type extent 4099:8:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 8 offset 0 nonce 0 csum none 0:0 compress incompressible ptr: 0:34:0 gen 0, fixing [ 136.290861][ T8526] F2FS-fs (loop2): invalid crc value [ 136.294304][ T8524] btree ptr not marked in member info btree allocated bitmap [ 136.294319][ T8524] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 136.299975][ T8526] F2FS-fs (loop2): Found nat_bits in checkpoint [ 136.310321][ T8524] btree ptr not marked in member info btree allocated bitmap [ 136.310336][ T8524] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 136.316130][ T8524] bucket 0:31 data type btree ptr gen 0 missing in alloc btree [ 136.316144][ T8524] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0, fixing [ 136.321335][ T8524] btree ptr not marked in member info btree allocated bitmap [ 136.321349][ T8524] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 136.330989][ T8524] btree ptr not marked in member info btree allocated bitmap [ 136.331004][ T8524] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing [ 136.335801][ T8526] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 136.341704][ T8524] btree ptr not marked in member info btree allocated bitmap [ 136.341719][ T8524] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 136.347533][ T8524] bucket 0:37 data type btree ptr gen 0 missing in alloc btree [ 136.347547][ T8524] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing [ 136.352773][ T8524] bucket 0:42 data type btree ptr gen 0 missing in alloc btree [ 136.352786][ T8524] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing [ 136.365213][ T8524] bucket 0:26 gen 0 has wrong data_type: got btree, should be need_discard, fixing [ 136.367208][ T8524] bucket 0:26 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 136.369451][ T8524] bucket 0:31 gen 0 has wrong data_type: got free, should be btree, fixing [ 136.371171][ T8524] bucket 0:31 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 136.385326][ T8524] bucket 0:34 gen 0 has wrong data_type: got free, should be user, fixing [ 136.387075][ T8524] bucket 0:34 gen 0 data type user has wrong dirty_sectors: got 0, should be 16, fixing [ 136.389023][ T8524] bucket 0:34 gen 0 data type user has wrong fragmentation_lru: got 0, should be 134217728, fixing [ 136.391315][ T8524] bucket 0:37 gen 0 has wrong data_type: got free, should be btree, fixing [ 136.393038][ T8524] bucket 0:37 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 136.424192][ T8524] bucket 0:42 gen 0 has wrong data_type: got free, should be btree, fixing [ 136.427213][ T8524] bucket 0:42 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 136.430188][ T8524] bucket 0:127 gen 0 has wrong data_type: got free, should be sb, fixing [ 136.431866][ T8524] bucket 0:127 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 136.434490][ T8524] done [ 136.446093][ T8524] bcachefs (loop4): going read-write [ 136.455449][ T8524] bcachefs (loop4): journal_replay... done [ 136.511336][ T8524] bcachefs (loop4): resume_logged_ops... done [ 136.512555][ T8524] bcachefs (loop4): delete_dead_inodes... done [ 136.531399][ T8524] bcachefs (loop4): done starting filesystem [ 136.585151][ T8536] syz.0.316: attempt to access beyond end of device [ 136.585151][ T8536] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 136.770976][ T7918] syz-executor: attempt to access beyond end of device [ 136.770976][ T7918] loop0: rw=2051, sector=36912, nr_sectors = 8152 limit=40427 [ 136.774035][ T7918] syz-executor: attempt to access beyond end of device [ 136.774035][ T7918] loop0: rw=2051, sector=45096, nr_sectors = 85976 limit=40427 [ 136.785376][ T7918] F2FS-fs (loop0): Issue discard(4614, 4614, 1019) failed, ret: -5 [ 136.791267][ T7918] F2FS-fs (loop0): Issue discard(5637, 5637, 10747) failed, ret: -5 [ 136.891345][ T7214] bcachefs (loop4): shutting down [ 136.892429][ T7214] bcachefs (loop4): going read-only [ 136.893455][ T7214] bcachefs (loop4): finished waiting for writes to stop [ 136.959921][ T7214] bcachefs (loop4): flushing journal and stopping allocators, journal seq 21 [ 136.965227][ T7214] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 23 [ 136.968997][ T7214] bcachefs (loop4): shutdown complete, journal seq 24 [ 136.969523][ T7214] bcachefs (loop4): done going read-only, filesystem not clean [ 136.986417][ T7214] bcachefs (loop4): shutdown complete [ 137.136249][ T8545] syz.2.317: attempt to access beyond end of device [ 137.136249][ T8545] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 137.369713][ T6667] syz-executor: attempt to access beyond end of device [ 137.369713][ T6667] loop2: rw=2051, sector=36912, nr_sectors = 8152 limit=40427 [ 137.373062][ T6667] syz-executor: attempt to access beyond end of device [ 137.373062][ T6667] loop2: rw=2051, sector=45096, nr_sectors = 85976 limit=40427 [ 137.380255][ T6667] F2FS-fs (loop2): Issue discard(4614, 4614, 1019) failed, ret: -5 [ 137.387454][ T6667] F2FS-fs (loop2): Issue discard(5637, 5637, 10747) failed, ret: -5 [ 137.478464][ T5207] team0 (unregistering): Port device team_slave_1 removed [ 137.585982][ T8559] input: syz0 as /devices/virtual/input/input8 [ 138.185981][ T5207] team0 (unregistering): Port device team_slave_0 removed [ 138.355302][ T8563] loop2: detected capacity change from 0 to 40427 [ 138.366243][ T8563] F2FS-fs (loop2): invalid crc value [ 138.384894][ T8563] F2FS-fs (loop2): Found nat_bits in checkpoint [ 138.409582][ T8563] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 138.726789][ T8573] syz.2.323: attempt to access beyond end of device [ 138.726789][ T8573] loop2: rw=2049, sector=77824, nr_sectors = 544 limit=40427 [ 139.032039][ T8571] loop4: detected capacity change from 0 to 32768 [ 139.122477][ T8571] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 139.150025][ T8571] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 139.151713][ T8571] bcachefs (loop4): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.12: rebalance_work_acct_fix [ 139.151713][ T8571] running recovery passes: check_allocations [ 139.163520][ T6667] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 139.167422][ T8571] invalid bkey u64s 11 type alloc_v4 0:127:0 len 0 ver 0: [ 139.167437][ T8571] gen 0 oldest_gen 0 data_type sb [ 139.167446][ T8571] journal_seq 1 [ 139.167453][ T8571] need_discard 1 [ 139.167460][ T8571] need_inc_gen 1 [ 139.167467][ T8571] dirty_sectors 256 [ 139.167474][ T8571] stripe_sectors 0 [ 139.167481][ T8571] cached_sectors 0 [ 139.167488][ T8571] stripe 17327 [ 139.167496][ T8571] stripe_redundancy 0 [ 139.167503][ T8571] io_time[READ] 1 [ 139.167510][ T8571] io_time[WRITE] 1 [ 139.167517][ T8571] fragmentation 0 [ 139.167524][ T8571] bp_start 8 [ 139.167531][ T8571] [ 139.167537][ T8571] invalid data type (got 1 should be 7): delete?, fixing [ 139.192310][ T8571] bcachefs (loop4): accounting_read... done [ 139.193566][ T8571] bcachefs (loop4): alloc_read... done [ 139.197705][ T8571] bcachefs (loop4): stripes_read... done [ 139.198876][ T8571] bcachefs (loop4): snapshots_read... done [ 139.200080][ T8571] bcachefs (loop4): check_allocations... [ 139.216120][ T8571] bcachefs (loop4): pointer to nonexistent bucket 65536:31 [ 139.218685][ T8571] bcachefs (loop4): bch2_gc_mark_key(): error EIO [ 139.219981][ T8571] bcachefs (loop4): bch2_gc_btree(): error EIO [ 139.221252][ T8571] btree node read error for alloc, fixing [ 139.222433][ T8571] bcachefs (loop4): running explicit recovery pass check_topology (1), currently at check_allocations (7) [ 139.225296][ T8571] bcachefs (loop4): bch2_gc_btrees(): error restart_recovery [ 139.226857][ T8571] bcachefs (loop4): bch2_check_allocations(): error restart_recovery [ 139.228612][ T8571] bcachefs (loop4): check_topology... done [ 139.229916][ T8571] bcachefs (loop4): accounting_read... done [ 139.231173][ T8571] bcachefs (loop4): alloc_read... done [ 139.232369][ T8571] bcachefs (loop4): stripes_read... done [ 139.233552][ T8571] bcachefs (loop4): snapshots_read... done [ 139.235138][ T8571] bcachefs (loop4): check_allocations... [ 139.235831][ T8571] bcachefs (loop4): pointer to nonexistent bucket 65536:31 [ 139.238590][ T8571] bcachefs (loop4): bch2_gc_mark_key(): error EIO [ 139.239925][ T8571] bcachefs (loop4): bch2_gc_btree(): error EIO [ 139.241247][ T8571] btree node read error for alloc, fixing [ 139.242632][ T8571] bucket 0:34 data type user ptr gen 0 missing in alloc btree [ 139.242644][ T8571] while marking u64s 7 type extent 4099:8:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 8 offset 0 nonce 0 csum none 0:0 compress incompressible ptr: 0:34:0 gen 0, fixing [ 139.248650][ T8571] btree ptr not marked in member info btree allocated bitmap [ 139.248663][ T8571] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 139.257539][ T8571] btree ptr not marked in member info btree allocated bitmap [ 139.257554][ T8571] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 139.269818][ T8571] bucket 0:31 data type btree ptr gen 0 missing in alloc btree [ 139.269833][ T8571] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0, fixing [ 139.289152][ T8571] btree ptr not marked in member info btree allocated bitmap [ 139.289168][ T8571] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 139.301074][ T8571] btree ptr not marked in member info btree allocated bitmap [ 139.301091][ T8571] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing [ 139.311230][ T8571] btree ptr not marked in member info btree allocated bitmap [ 139.311247][ T8571] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 139.317739][ T8571] bucket 0:37 data type btree ptr gen 0 missing in alloc btree [ 139.317753][ T8571] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing [ 139.323124][ T8571] bucket 0:42 data type btree ptr gen 0 missing in alloc btree [ 139.323138][ T8571] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing [ 139.332599][ T8571] bucket 0:26 gen 0 has wrong data_type: got btree, should be need_discard, fixing [ 139.334845][ T8571] bucket 0:26 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 139.337065][ T8571] bucket 0:31 gen 0 has wrong data_type: got free, should be btree, fixing [ 139.338900][ T8571] bucket 0:31 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 139.341043][ T8571] bucket 0:34 gen 0 has wrong data_type: got free, should be user, fixing [ 139.343670][ T8571] bucket 0:34 gen 0 data type user has wrong dirty_sectors: got 0, should be 16, fixing [ 139.360620][ T8571] bucket 0:34 gen 0 data type user has wrong fragmentation_lru: got 0, should be 134217728, fixing [ 139.362968][ T8571] bucket 0:37 gen 0 has wrong data_type: got free, should be btree, fixing [ 139.369835][ T8571] bucket 0:37 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 139.372151][ T8571] bucket 0:42 gen 0 has wrong data_type: got free, should be btree, fixing [ 139.374171][ T8571] bucket 0:42 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 139.379546][ T8571] bucket 0:127 gen 0 has wrong data_type: got free, should be sb, fixing [ 139.382085][ T8571] bucket 0:127 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 139.391365][ T8571] done [ 139.393047][ T8571] bcachefs (loop4): going read-write [ 139.395125][ T8571] bcachefs (loop4): journal_replay... done [ 139.459185][ T8571] bcachefs (loop4): resume_logged_ops... done [ 139.460488][ T8571] bcachefs (loop4): delete_dead_inodes... done [ 139.463710][ T8571] bcachefs (loop4): done starting filesystem [ 140.251582][ T7214] bcachefs (loop4): shutting down [ 140.252640][ T7214] bcachefs (loop4): going read-only [ 140.255303][ T7214] bcachefs (loop4): finished waiting for writes to stop [ 140.289173][ T7214] bcachefs (loop4): flushing journal and stopping allocators, journal seq 23 [ 140.299772][ T7214] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 25 [ 140.302529][ T7214] bcachefs (loop4): shutdown complete, journal seq 26 [ 140.305373][ T7214] bcachefs (loop4): done going read-only, filesystem not clean [ 140.325177][ T7214] bcachefs (loop4): shutdown complete [ 140.578602][ T8592] loop2: detected capacity change from 0 to 40427 [ 140.587796][ T8592] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 140.589483][ T8592] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 140.591685][ T8592] F2FS-fs (loop2): Unrecognized mount option "" or missing value [ 140.896018][ T8594] loop4: detected capacity change from 0 to 40427 [ 140.905868][ T8594] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 140.907464][ T8594] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 140.910115][ T8594] F2FS-fs (loop4): invalid crc value [ 140.931626][ T8594] F2FS-fs (loop4): Found nat_bits in checkpoint [ 140.973880][ T8594] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 140.975560][ T8594] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 140.992028][ T8595] loop2: detected capacity change from 0 to 32768 [ 141.041390][ T8595] input: syz1 as /devices/virtual/input/input9 [ 141.525257][ T137] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 141.528125][ T137] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 141.956747][ T8607] loop4: detected capacity change from 0 to 32768 [ 141.957796][ T8603] loop2: detected capacity change from 0 to 40427 [ 141.962278][ T8603] F2FS-fs (loop2): invalid crc value [ 141.965707][ T8603] F2FS-fs (loop2): Found nat_bits in checkpoint [ 141.994316][ T8603] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 142.029699][ T8607] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 142.040278][ T8607] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 142.042014][ T8607] bcachefs (loop4): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.12: rebalance_work_acct_fix [ 142.042014][ T8607] running recovery passes: check_allocations [ 142.070451][ T8607] invalid bkey u64s 11 type alloc_v4 0:127:0 len 0 ver 0: [ 142.070468][ T8607] gen 0 oldest_gen 0 data_type sb [ 142.070476][ T8607] journal_seq 1 [ 142.070483][ T8607] need_discard 1 [ 142.070490][ T8607] need_inc_gen 1 [ 142.070498][ T8607] dirty_sectors 256 [ 142.070505][ T8607] stripe_sectors 0 [ 142.070512][ T8607] cached_sectors 0 [ 142.070519][ T8607] stripe 17327 [ 142.070526][ T8607] stripe_redundancy 0 [ 142.070533][ T8607] io_time[READ] 1 [ 142.070540][ T8607] io_time[WRITE] 1 [ 142.070547][ T8607] fragmentation 0 [ 142.070554][ T8607] bp_start 8 [ 142.070561][ T8607] [ 142.070567][ T8607] invalid data type (got 1 should be 7): delete?, fixing [ 142.086585][ T8277] hsr_slave_0: entered promiscuous mode [ 142.115434][ T8277] hsr_slave_1: entered promiscuous mode [ 142.117353][ T8607] bcachefs (loop4): accounting_read... done [ 142.118616][ T8607] bcachefs (loop4): alloc_read... done [ 142.119761][ T8607] bcachefs (loop4): stripes_read... done [ 142.120968][ T8607] bcachefs (loop4): snapshots_read... done [ 142.122302][ T8607] bcachefs (loop4): check_allocations... [ 142.167428][ T8607] bcachefs (loop4): pointer to nonexistent bucket 65536:31 [ 142.174296][ T8277] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 142.181164][ T8277] Cannot create hsr debugfs directory [ 142.182910][ T8607] bcachefs (loop4): bch2_gc_mark_key(): error EIO [ 142.184296][ T8607] bcachefs (loop4): bch2_gc_btree(): error EIO [ 142.190496][ T8607] btree node read error for alloc, fixing [ 142.191615][ T8607] bcachefs (loop4): running explicit recovery pass check_topology (1), currently at check_allocations (7) [ 142.197486][ T8607] bcachefs (loop4): bch2_gc_btrees(): error restart_recovery [ 142.198980][ T8607] bcachefs (loop4): bch2_check_allocations(): error restart_recovery [ 142.200535][ T8607] bcachefs (loop4): check_topology... done [ 142.201792][ T8607] bcachefs (loop4): accounting_read... done [ 142.203148][ T8607] bcachefs (loop4): alloc_read... done [ 142.207129][ T8607] bcachefs (loop4): stripes_read... done [ 142.208676][ T8607] bcachefs (loop4): snapshots_read... done [ 142.209877][ T8607] bcachefs (loop4): check_allocations... [ 142.210583][ T8607] bcachefs (loop4): pointer to nonexistent bucket 65536:31 [ 142.213170][ T8607] bcachefs (loop4): bch2_gc_mark_key(): error EIO [ 142.214396][ T8607] bcachefs (loop4): bch2_gc_btree(): error EIO [ 142.219082][ T8607] btree node read error for alloc, fixing [ 142.220595][ T8607] bucket 0:34 data type user ptr gen 0 missing in alloc btree [ 142.220609][ T8607] while marking u64s 7 type extent 4099:8:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 8 offset 0 nonce 0 csum none 0:0 compress incompressible ptr: 0:34:0 gen 0, fixing [ 142.235317][ T8607] btree ptr not marked in member info btree allocated bitmap [ 142.235332][ T8607] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 142.260710][ T8607] btree ptr not marked in member info btree allocated bitmap [ 142.260728][ T8607] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 142.266472][ T8607] bucket 0:31 data type btree ptr gen 0 missing in alloc btree [ 142.266487][ T8607] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0, fixing [ 142.271664][ T8607] btree ptr not marked in member info btree allocated bitmap [ 142.271677][ T8607] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 142.327108][ T8607] btree ptr not marked in member info btree allocated bitmap [ 142.327126][ T8607] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing [ 142.436934][ T8630] input: syz0 as /devices/virtual/input/input10 [ 142.777909][ T8607] btree ptr not marked in member info btree allocated bitmap [ 142.778055][ T8607] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 142.995081][ T8607] bucket 0:37 data type btree ptr gen 0 missing in alloc btree [ 142.995113][ T8607] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing [ 142.999911][ T8607] bucket 0:42 data type btree ptr gen 0 missing in alloc btree [ 142.999925][ T8607] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing [ 143.018423][ T8607] bucket 0:26 gen 0 has wrong data_type: got btree, should be need_discard, fixing [ 143.020345][ T8607] bucket 0:26 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 143.032504][ T8607] bucket 0:31 gen 0 has wrong data_type: got free, should be btree, fixing [ 143.034294][ T8607] bucket 0:31 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 143.039480][ T8607] bucket 0:34 gen 0 has wrong data_type: got free, should be user, fixing [ 143.041362][ T8607] bucket 0:34 gen 0 data type user has wrong dirty_sectors: got 0, should be 16, fixing [ 143.043522][ T8607] bucket 0:34 gen 0 data type user has wrong fragmentation_lru: got 0, should be 134217728, fixing [ 143.055862][ T8607] bucket 0:37 gen 0 has wrong data_type: got free, should be btree, fixing [ 143.057728][ T8607] bucket 0:37 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 143.072625][ T8607] bucket 0:42 gen 0 has wrong data_type: got free, should be btree, fixing [ 143.074318][ T8607] bucket 0:42 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 143.085754][ T8607] bucket 0:127 gen 0 has wrong data_type: got free, should be sb, fixing [ 143.087526][ T8607] bucket 0:127 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 143.125402][ T8607] done [ 143.127732][ T8607] bcachefs (loop4): going read-write [ 143.195829][ T8607] bcachefs (loop4): journal_replay... [ 143.253141][ T8627] loop1: detected capacity change from 0 to 32768 [ 143.415516][ T8607] done [ 143.418661][ T8607] bcachefs (loop4): resume_logged_ops... done [ 143.420000][ T8607] bcachefs (loop4): delete_dead_inodes... done [ 143.439717][ T8627] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): filesystem UUID already open [ 143.441744][ T8627] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 143.680950][ T8607] bcachefs (loop4): done starting filesystem [ 144.121740][ T8627] bcachefs: bch2_fs_get_tree() error: EINVAL [ 144.164898][ T8659] FAULT_INJECTION: forcing a failure. [ 144.164898][ T8659] name failslab, interval 1, probability 0, space 0, times 0 [ 144.167451][ T8659] CPU: 0 UID: 0 PID: 8659 Comm: syz.0.337 Not tainted 6.11.0-rc5-syzkaller-gdf54f4a16f82 #0 [ 144.169491][ T8659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 144.171474][ T8659] Call trace: [ 144.172158][ T8659] dump_backtrace+0x1b8/0x1e4 [ 144.173148][ T8659] show_stack+0x2c/0x3c [ 144.174033][ T8659] dump_stack_lvl+0xe4/0x150 [ 144.175019][ T8659] dump_stack+0x1c/0x28 [ 144.175948][ T8659] should_fail_ex+0x3b0/0x50c [ 144.176906][ T8659] should_failslab+0xc8/0x130 [ 144.177931][ T8659] kmem_cache_alloc_noprof+0x84/0x350 [ 144.179126][ T8659] __anon_vma_prepare+0xc4/0x400 [ 144.180161][ T8659] handle_pte_fault+0x497c/0x56f4 [ 144.181254][ T8659] handle_mm_fault+0xe38/0x1460 [ 144.182415][ T8659] do_page_fault+0x38c/0xb1c [ 144.183504][ T8659] do_translation_fault+0xc4/0x114 [ 144.184637][ T8659] do_mem_abort+0x74/0x200 [ 144.185644][ T8659] el0_da+0x60/0x178 [ 144.186477][ T8659] el0t_64_sync_handler+0xcc/0xfc [ 144.187663][ T8659] el0t_64_sync+0x190/0x194 [ 144.237710][ T8659] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 144.272728][ T8659] loop0: detected capacity change from 0 to 2 [ 144.274339][ T8659] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 144.386594][ T8663] tc_dump_action: action bad kind [ 144.396505][ T8663] validate_nla: 34 callbacks suppressed [ 144.396520][ T8663] netlink: 'syz.0.338': attribute type 3 has an invalid length. [ 144.404840][ T8663] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.338'. [ 144.511236][ T8277] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 144.565162][ T8277] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 144.592228][ T8277] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 144.613924][ T8277] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 144.651438][ T6667] bio_check_eod: 2 callbacks suppressed [ 144.651454][ T6667] syz-executor: attempt to access beyond end of device [ 144.651454][ T6667] loop2: rw=2051, sector=36912, nr_sectors = 8152 limit=40427 [ 144.667430][ T6667] syz-executor: attempt to access beyond end of device [ 144.667430][ T6667] loop2: rw=2051, sector=45096, nr_sectors = 85976 limit=40427 [ 144.673434][ T6667] F2FS-fs (loop2): Issue discard(4614, 4614, 1019) failed, ret: -5 [ 144.698127][ T6667] F2FS-fs (loop2): Issue discard(5637, 5637, 10747) failed, ret: -5 [ 144.722515][ T8277] 8021q: adding VLAN 0 to HW filter on device bond0 [ 144.749694][ T8277] 8021q: adding VLAN 0 to HW filter on device team0 [ 144.754157][ T137] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.755699][ T137] bridge0: port 1(bridge_slave_0) entered forwarding state [ 144.815278][ T5207] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.816786][ T5207] bridge0: port 2(bridge_slave_1) entered forwarding state [ 144.892408][ T8680] FAULT_INJECTION: forcing a failure. [ 144.892408][ T8680] name failslab, interval 1, probability 0, space 0, times 0 [ 144.897471][ T8680] CPU: 1 UID: 0 PID: 8680 Comm: syz.2.339 Not tainted 6.11.0-rc5-syzkaller-gdf54f4a16f82 #0 [ 144.899603][ T8680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 144.901690][ T8680] Call trace: [ 144.902509][ T8680] dump_backtrace+0x1b8/0x1e4 [ 144.903491][ T8680] show_stack+0x2c/0x3c [ 144.904376][ T8680] dump_stack_lvl+0xe4/0x150 [ 144.905323][ T8680] dump_stack+0x1c/0x28 [ 144.906192][ T8680] should_fail_ex+0x3b0/0x50c [ 144.907246][ T8680] should_failslab+0xc8/0x130 [ 144.908276][ T8680] kmem_cache_alloc_noprof+0x84/0x350 [ 144.909455][ T8680] __anon_vma_prepare+0xc4/0x400 [ 144.910498][ T8680] handle_pte_fault+0x497c/0x56f4 [ 144.911562][ T8680] handle_mm_fault+0xe38/0x1460 [ 144.912623][ T8680] do_page_fault+0x38c/0xb1c [ 144.913548][ T8680] do_translation_fault+0xc4/0x114 [ 144.914685][ T8680] do_mem_abort+0x74/0x200 [ 144.915622][ T8680] el0_da+0x60/0x178 [ 144.916539][ T8680] el0t_64_sync_handler+0xcc/0xfc [ 144.917652][ T8680] el0t_64_sync+0x190/0x194 [ 144.918669][ C1] vkms_vblank_simulate: vblank timer overrun [ 144.953954][ T8680] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 145.043404][ T8663] loop0: detected capacity change from 0 to 32768 [ 145.045763][ T8663] XFS: noikeep mount option is deprecated. [ 145.053150][ T8277] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 145.108851][ T8663] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 145.130679][ T8277] veth0_vlan: entered promiscuous mode [ 145.151283][ T8680] loop2: detected capacity change from 0 to 8192 [ 145.162250][ T8277] veth1_vlan: entered promiscuous mode [ 145.218377][ T8663] XFS (loop0): Ending clean mount [ 145.221980][ T8663] XFS (loop0): Quotacheck needed: Please wait. [ 145.261501][ T8277] veth0_macvtap: entered promiscuous mode [ 145.264460][ T8277] veth1_macvtap: entered promiscuous mode [ 145.343687][ T8663] XFS (loop0): Quotacheck: Done. [ 145.345660][ T8277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 145.347715][ T8277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.349675][ T8277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 145.351762][ T8277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.353689][ T8277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 145.404702][ T8277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.406746][ T8277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 145.408817][ T8277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.411707][ T8277] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 145.449675][ T8277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.451760][ T8277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.453701][ T8277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.473915][ T8277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.482181][ T8277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.484395][ T8277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.501893][ T8277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.503996][ T8277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.511031][ T8277] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 145.528340][ T8277] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.532331][ T8277] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.534164][ T8277] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.542112][ T8277] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.560765][ T7918] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 145.614415][ T7214] bcachefs (loop4): shutting down [ 145.624543][ T535] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 145.630140][ T7214] bcachefs (loop4): going read-only [ 145.631251][ T7214] bcachefs (loop4): finished waiting for writes to stop [ 145.632018][ T535] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 145.662346][ T535] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 145.664175][ T535] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 145.678485][ T7214] bcachefs (loop4): flushing journal and stopping allocators, journal seq 23 [ 145.681866][ T7214] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 24 [ 145.687768][ T7214] bcachefs (loop4): shutdown complete, journal seq 25 [ 145.689763][ T7214] bcachefs (loop4): done going read-only, filesystem not clean [ 145.713915][ T7214] bcachefs (loop4): shutdown complete [ 146.916691][ T8722] loop1: detected capacity change from 0 to 512 [ 149.035637][ T8736] loop0: detected capacity change from 0 to 2048 [ 149.043897][ T8736] nilfs2: Unknown parameter '^^km^厌DO6+P6ZHNGSeܭ]LO2X")ĨMэVɥ;h^3#W־ˈΏkPuX77*^kNf̛K4pc m8' [ 149.181637][ T8741] loop2: detected capacity change from 0 to 256 [ 149.187584][ T8741] vfat: Unknown parameter 'iocharsete' [ 149.300963][ T8736] mmap: syz.0.342 (8736) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 149.592676][ T8748] loop4: detected capacity change from 0 to 4096 [ 149.622994][ T8738] loop3: detected capacity change from 0 to 32768 [ 149.704003][ T8748] overlayfs: upper fs does not support tmpfile. [ 149.710057][ T8748] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 149.754966][ T8738] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 149.761700][ T8738] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 149.765577][ T8738] bcachefs (loop3): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.12: rebalance_work_acct_fix [ 149.765577][ T8738] running recovery passes: check_allocations [ 149.806635][ T8746] loop2: detected capacity change from 0 to 32768 [ 149.903293][ T7214] ntfs3: loop4: failed to convert "0000" to cp949 [ 149.908724][ T8738] invalid bkey u64s 11 type alloc_v4 0:127:0 len 0 ver 0: [ 149.908741][ T8738] gen 0 oldest_gen 0 data_type sb [ 149.908749][ T8738] journal_seq 1 [ 149.908756][ T8738] need_discard 1 [ 149.908763][ T8738] need_inc_gen 1 [ 149.908770][ T8738] dirty_sectors 256 [ 149.908777][ T8738] stripe_sectors 0 [ 149.908784][ T8738] cached_sectors 0 [ 149.908792][ T8738] stripe 17327 [ 149.908799][ T8738] stripe_redundancy 0 [ 149.908806][ T8738] io_time[READ] 1 [ 149.908813][ T8738] io_time[WRITE] 1 [ 149.908820][ T8738] fragmentation 0 [ 149.908827][ T8738] bp_start 8 [ 149.908834][ T8738] [ 149.908840][ T8738] invalid data type (got 1 should be 7): delete?, fixing [ 149.912032][ T7214] ntfs3: loop4: failed to convert name for inode 1e. [ 149.930273][ T8738] bcachefs (loop3): accounting_read... done [ 149.931667][ T8738] bcachefs (loop3): alloc_read... done [ 149.932831][ T8738] bcachefs (loop3): stripes_read... done [ 149.934029][ T8738] bcachefs (loop3): snapshots_read... done [ 149.943749][ T8746] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): filesystem UUID already open [ 149.946865][ T8738] bcachefs (loop3): check_allocations... [ 149.951885][ T8746] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 149.995813][ T8738] bcachefs (loop3): pointer to nonexistent bucket 65536:31 [ 149.997279][ T8738] bcachefs (loop3): bch2_gc_mark_key(): error EIO [ 149.998468][ T8738] bcachefs (loop3): bch2_gc_btree(): error EIO [ 149.999721][ T8738] btree node read error for alloc, fixing [ 150.000950][ T8738] bcachefs (loop3): running explicit recovery pass check_topology (1), currently at check_allocations (7) [ 150.003147][ T8738] bcachefs (loop3): bch2_gc_btrees(): error restart_recovery [ 150.044357][ T8738] bcachefs (loop3): bch2_check_allocations(): error restart_recovery [ 150.055671][ T8738] bcachefs (loop3): check_topology... done [ 150.056837][ T8738] bcachefs (loop3): accounting_read... done [ 150.058150][ T8738] bcachefs (loop3): alloc_read... done [ 150.059350][ T8738] bcachefs (loop3): stripes_read... done [ 150.060573][ T8738] bcachefs (loop3): snapshots_read... done [ 150.061778][ T8738] bcachefs (loop3): check_allocations... [ 150.062494][ T8738] bcachefs (loop3): pointer to nonexistent bucket 65536:31 [ 150.074327][ T8746] bcachefs: bch2_fs_get_tree() error: EINVAL [ 150.102741][ T8738] bcachefs (loop3): bch2_gc_mark_key(): error EIO [ 150.104490][ T8738] bcachefs (loop3): bch2_gc_btree(): error EIO [ 150.109332][ T8738] btree node read error for alloc, fixing [ 150.110818][ T8738] bucket 0:34 data type user ptr gen 0 missing in alloc btree [ 150.110830][ T8738] while marking u64s 7 type extent 4099:8:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 8 offset 0 nonce 0 csum none 0:0 compress incompressible ptr: 0:34:0 gen 0, fixing [ 150.155859][ T8738] btree ptr not marked in member info btree allocated bitmap [ 150.155876][ T8738] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 150.170537][ T8738] btree ptr not marked in member info btree allocated bitmap [ 150.170552][ T8738] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 150.177889][ T8738] bucket 0:31 data type btree ptr gen 0 missing in alloc btree [ 150.177903][ T8738] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0, fixing [ 150.182821][ T8738] btree ptr not marked in member info btree allocated bitmap [ 150.182834][ T8738] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 150.225669][ T8738] btree ptr not marked in member info btree allocated bitmap [ 150.225687][ T8738] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing [ 150.242230][ T8738] btree ptr not marked in member info btree allocated bitmap [ 150.242246][ T8738] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 150.267654][ T8738] bucket 0:37 data type btree ptr gen 0 missing in alloc btree [ 150.267673][ T8738] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing [ 150.295137][ T8738] bucket 0:42 data type btree ptr gen 0 missing in alloc btree [ 150.295153][ T8738] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing [ 150.300266][ T8738] bucket 0:26 gen 0 has wrong data_type: got btree, should be need_discard, fixing [ 150.302149][ T8738] bucket 0:26 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 150.325391][ T8738] bucket 0:31 gen 0 has wrong data_type: got free, should be btree, fixing [ 150.327076][ T8738] bucket 0:31 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 150.329137][ T8738] bucket 0:34 gen 0 has wrong data_type: got free, should be user, fixing [ 150.346897][ T8738] bucket 0:34 gen 0 data type user has wrong dirty_sectors: got 0, should be 16, fixing [ 150.348944][ T8738] bucket 0:34 gen 0 data type user has wrong fragmentation_lru: got 0, should be 134217728, fixing [ 150.351239][ T8738] bucket 0:37 gen 0 has wrong data_type: got free, should be btree, fixing [ 150.352942][ T8738] bucket 0:37 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 150.364888][ T8738] bucket 0:42 gen 0 has wrong data_type: got free, should be btree, fixing [ 150.366729][ T8738] bucket 0:42 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 150.380042][ T8738] bucket 0:127 gen 0 has wrong data_type: got free, should be sb, fixing [ 150.381898][ T8738] bucket 0:127 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 150.384516][ T8738] done [ 150.400245][ T8738] bcachefs (loop3): going read-write [ 150.418417][ T8738] bcachefs (loop3): journal_replay... done [ 150.558797][ T8738] bcachefs (loop3): resume_logged_ops... done [ 150.560065][ T8738] bcachefs (loop3): delete_dead_inodes... done [ 150.563049][ T8738] bcachefs (loop3): done starting filesystem [ 150.635811][ T8763] loop1: detected capacity change from 0 to 40427 [ 150.674853][ T8763] F2FS-fs (loop1): invalid crc value [ 150.687841][ T8763] F2FS-fs (loop1): Found nat_bits in checkpoint [ 150.729087][ T8763] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 150.774900][ T8763] syz.1.354: attempt to access beyond end of device [ 150.774900][ T8763] loop1: rw=2049, sector=77824, nr_sectors = 544 limit=40427 [ 150.783202][ T8763] syz.1.354: attempt to access beyond end of device [ 150.783202][ T8763] loop1: rw=2049, sector=77824, nr_sectors = 544 limit=40427 [ 150.805013][ T6401] syz-executor: attempt to access beyond end of device [ 150.805013][ T6401] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 150.807850][ T6401] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 150.909596][ T53] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 150.932335][ T53] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 150.952978][ T53] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 150.968395][ T535] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.973324][ T53] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 150.995582][ T53] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 150.997330][ T53] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 151.238276][ T535] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.369111][ T535] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.648232][ T535] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.938190][ T8779] chnl_net:caif_netlink_parms(): no params data found [ 152.044181][ T8816] loop1: detected capacity change from 0 to 4096 [ 152.057720][ T535] bridge_slave_1: left allmulticast mode [ 152.058894][ T535] bridge_slave_1: left promiscuous mode [ 152.060122][ T535] bridge0: port 2(bridge_slave_1) entered disabled state [ 152.068220][ T8815] loop2: detected capacity change from 0 to 4096 [ 152.086067][ T535] bridge_slave_0: left allmulticast mode [ 152.087287][ T535] bridge_slave_0: left promiscuous mode [ 152.088626][ T535] bridge0: port 1(bridge_slave_0) entered disabled state [ 152.107649][ T8816] NILFS (loop1): invalid segment: Checksum error in segment payload [ 152.133845][ T8816] NILFS (loop1): trying rollback from an earlier position [ 152.176693][ T8816] NILFS (loop1): recovery complete [ 152.198147][ T8817] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 152.222926][ T8277] bcachefs (loop3): shutting down [ 152.224332][ T8277] bcachefs (loop3): going read-only [ 152.227805][ T8277] bcachefs (loop3): finished waiting for writes to stop [ 152.284127][ T8277] bcachefs (loop3): flushing journal and stopping allocators, journal seq 20 [ 152.302455][ T8277] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 21 [ 152.338544][ T8277] bcachefs (loop3): shutdown complete, journal seq 22 [ 152.340425][ T8277] bcachefs (loop3): done going read-only, filesystem not clean [ 152.371649][ T8821] loop1: detected capacity change from 0 to 256 [ 152.374280][ T8812] loop0: detected capacity change from 0 to 32768 [ 152.378520][ T8277] bcachefs (loop3): shutdown complete [ 152.384972][ T8812] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.365 (8812) [ 152.400056][ T8812] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 152.402177][ T8812] BTRFS info (device loop0): using sha256 (sha256-ce) checksum algorithm [ 152.418758][ T8812] BTRFS info (device loop0): using free-space-tree [ 152.437010][ T8821] FAT-fs (loop1): error, corrupted directory (invalid entries) [ 152.571425][ T8835] loop1: detected capacity change from 0 to 164 [ 152.586820][ T8835] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 152.618190][ T8835] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 152.786252][ T8844] loop2: detected capacity change from 0 to 1024 [ 152.791275][ T8844] EXT4-fs: Ignoring removed orlov option [ 152.792543][ T8844] EXT4-fs: Ignoring removed nomblk_io_submit option [ 152.885617][ T8844] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84fc018, mo2=0002] [ 152.887756][ T8844] System zones: 0-1, 3-36 [ 152.908583][ T8844] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 152.933992][ T8844] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.371: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 153.068082][ T6398] Bluetooth: hci4: command tx timeout [ 153.113836][ T7918] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 153.322705][ T6667] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.341785][ T8850] loop3: detected capacity change from 0 to 256 [ 153.344267][ T8850] exfat: Deprecated parameter 'utf8' [ 153.363075][ T8850] exfat: Deprecated parameter 'utf8' [ 153.395720][ T8850] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 153.671676][ T8874] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 153.688420][ T8876] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 153.694980][ T8874] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 153.724912][ T8876] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 154.278929][ T8882] binder: 8881:8882 tried to acquire reference to desc 0, got 1 instead [ 154.281248][ T8882] binder: 8881:8882 got reply transaction with bad transaction stack, transaction 7 has target 8881:0 [ 154.283646][ T8882] binder: 8881:8882 transaction reply to 0:0 failed 8/29201/-71, size 0-0 line 3060 [ 154.287877][ T6447] binder: release 8881:8882 transaction 7 out, still active [ 154.290696][ T6447] binder: undelivered TRANSACTION_COMPLETE [ 154.292516][ T6447] binder: undelivered TRANSACTION_ERROR: 29201 [ 154.302583][ T6447] binder: send failed reply for transaction 7, target dead [ 154.418296][ T535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 154.458732][ T535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 154.497043][ T535] bond0 (unregistering): Released all slaves [ 154.509010][ T8848] IPv6: NLM_F_CREATE should be specified when creating new route [ 154.510663][ T8848] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 154.512484][ T8848] IPv6: NLM_F_CREATE should be set when creating new route [ 154.514089][ T8848] IPv6: NLM_F_CREATE should be set when creating new route [ 154.516343][ T8878] netlink: 8 bytes leftover after parsing attributes in process `syz.2.385'. [ 154.608332][ T8779] bridge0: port 1(bridge_slave_0) entered blocking state [ 154.609802][ T8779] bridge0: port 1(bridge_slave_0) entered disabled state [ 154.611290][ T8779] bridge_slave_0: entered allmulticast mode [ 154.624831][ T8779] bridge_slave_0: entered promiscuous mode [ 154.631875][ T8779] bridge0: port 2(bridge_slave_1) entered blocking state [ 154.636207][ T8779] bridge0: port 2(bridge_slave_1) entered disabled state [ 154.637942][ T8779] bridge_slave_1: entered allmulticast mode [ 154.640493][ T8779] bridge_slave_1: entered promiscuous mode [ 155.134865][ T6398] Bluetooth: hci4: command tx timeout [ 155.187198][ T8779] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 155.225794][ T8779] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 155.572909][ T8940] loop2: detected capacity change from 0 to 512 [ 155.585579][ T8940] EXT4-fs (loop2): blocks per group (71) and clusters per group (20800) inconsistent [ 155.603111][ T8940] loop2: detected capacity change from 0 to 1024 [ 155.604805][ T8940] EXT4-fs: Ignoring removed oldalloc option [ 155.606444][ T8940] ext4: Unknown parameter 'euid' [ 155.616560][ T8944] loop0: detected capacity change from 0 to 512 [ 155.630116][ T8779] team0: Port device team_slave_0 added [ 155.638264][ T8779] team0: Port device team_slave_1 added [ 155.642337][ T8944] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 155.647673][ T8944] EXT4-fs (loop0): blocks per group (71) and clusters per group (32768) inconsistent [ 155.693175][ T8779] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 155.701289][ T8779] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.716177][ T8779] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 155.735030][ T8779] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 155.736445][ T8779] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.780528][ T8779] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 156.633075][ T535] hsr_slave_0: left promiscuous mode [ 156.694979][ T535] hsr_slave_1: left promiscuous mode [ 156.727464][ T30] audit: type=1326 audit(156.710:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8969 comm="syz.2.413" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa274a6e8 code=0x7ffc0000 [ 156.740463][ T30] audit: type=1326 audit(156.710:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8969 comm="syz.2.413" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffa274a6e8 code=0x7ffc0000 [ 156.749360][ T30] audit: type=1326 audit(156.710:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8969 comm="syz.2.413" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa274a6e8 code=0x7ffc0000 [ 156.753873][ T30] audit: type=1326 audit(156.710:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8969 comm="syz.2.413" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa274a6e8 code=0x7ffc0000 [ 156.773647][ T30] audit: type=1326 audit(156.710:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8969 comm="syz.2.413" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffffa274a6e8 code=0x7ffc0000 [ 156.804859][ T535] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 156.806557][ T535] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 156.808930][ T535] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 156.812754][ T535] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 156.853775][ T535] veth1_macvtap: left promiscuous mode [ 156.859666][ T535] veth0_macvtap: left promiscuous mode [ 156.862016][ T535] veth1_vlan: left promiscuous mode [ 156.863297][ T535] veth0_vlan: left promiscuous mode [ 157.214754][ T6398] Bluetooth: hci4: command tx timeout [ 157.323032][ T9003] netlink: 8 bytes leftover after parsing attributes in process `syz.3.425'. [ 157.330037][ T9003] netlink: 24 bytes leftover after parsing attributes in process `syz.3.425'. [ 158.740393][ T535] team0 (unregistering): Port device team_slave_1 removed [ 158.959320][ T535] team0 (unregistering): Port device team_slave_0 removed [ 159.304718][ T6398] Bluetooth: hci4: command tx timeout [ 161.301072][ T8779] hsr_slave_0: entered promiscuous mode [ 161.324979][ T8779] hsr_slave_1: entered promiscuous mode [ 161.375761][ T8779] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 161.377329][ T8779] Cannot create hsr debugfs directory [ 161.575676][ T9043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 161.590586][ T9043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 162.400742][ T9122] loop2: detected capacity change from 0 to 64 [ 162.775936][ T8779] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 162.787954][ T9118] loop0: detected capacity change from 0 to 32768 [ 162.790812][ T8779] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 162.804300][ T8779] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 162.826274][ T9118] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.462 (9118) [ 162.855998][ T9124] loop3: detected capacity change from 0 to 32768 [ 162.869537][ T9118] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 162.871715][ T9118] BTRFS info (device loop0): using sha256 (sha256-ce) checksum algorithm [ 162.873462][ T9118] BTRFS info (device loop0): using free-space-tree [ 162.875044][ T9124] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.465 (9124) [ 162.879154][ T9124] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 162.881403][ T9124] BTRFS info (device loop3): using sha256 (sha256-ce) checksum algorithm [ 162.883786][ T9124] BTRFS info (device loop3): using free-space-tree [ 162.897474][ T9121] loop1: detected capacity change from 0 to 32768 [ 162.968169][ T9121] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 163.002807][ T8779] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 163.206446][ T8277] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 163.219351][ T9121] XFS (loop1): Ending clean mount [ 163.221547][ T9121] XFS (loop1): Quotacheck needed: Please wait. [ 163.282406][ T7486] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared) [ 163.284719][ T9121] XFS (loop1): Quotacheck: Done. [ 163.364156][ T7918] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 163.372656][ T6401] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 163.459325][ T9200] loop3: detected capacity change from 0 to 4096 [ 163.475203][ T9200] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 163.601827][ T53] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 163.614850][ T53] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 163.618400][ T53] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 163.621489][ T53] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 163.633500][ T53] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 163.638469][ T53] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 163.754258][ T535] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.828586][ T8779] 8021q: adding VLAN 0 to HW filter on device bond0 [ 163.927838][ T535] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.982029][ T9206] loop0: detected capacity change from 0 to 32768 [ 163.991085][ T9206] XFS: ikeep mount option is deprecated. [ 164.002605][ T9206] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 164.048701][ T9206] XFS (loop0): Ending clean mount [ 164.051762][ T9206] XFS (loop0): Quotacheck needed: Please wait. [ 164.056972][ T535] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.073599][ T8779] 8021q: adding VLAN 0 to HW filter on device team0 [ 164.092940][ T9215] loop1: detected capacity change from 0 to 32768 [ 164.104897][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 164.106489][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 164.112394][ T9206] XFS (loop0): Quotacheck: Done. [ 164.145981][ T9215] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 164.189432][ T7918] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 164.196424][ T535] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.217502][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 164.218926][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 164.226161][ T9220] loop3: detected capacity change from 0 to 32768 [ 164.228534][ T9215] XFS (loop1): Ending clean mount [ 164.294427][ T6401] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 164.302049][ T9220] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 164.350594][ T9248] netlink: 'syz.0.475': attribute type 10 has an invalid length. [ 164.352273][ T9248] netlink: 40 bytes leftover after parsing attributes in process `syz.0.475'. [ 164.368954][ T9248] bridge0: port 3(batadv0) entered blocking state [ 164.370488][ T9248] bridge0: port 3(batadv0) entered disabled state [ 164.371845][ T9248] batadv0: entered allmulticast mode [ 164.373494][ T9248] batadv0: entered promiscuous mode [ 164.401951][ T9248] bridge0: port 3(batadv0) entered blocking state [ 164.403635][ T9248] bridge0: port 3(batadv0) entered forwarding state [ 164.436938][ T9253] loop1: detected capacity change from 0 to 256 [ 164.443510][ T9220] XFS (loop3): Ending clean mount [ 164.448748][ T9207] chnl_net:caif_netlink_parms(): no params data found [ 164.464504][ T9220] XFS (loop3): Quotacheck needed: Please wait. [ 164.488832][ T9253] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 164.541339][ T9220] XFS (loop3): Quotacheck: Done. [ 164.560125][ T9220] XFS (loop3): User initiated shutdown received. [ 164.563787][ T9255] loop0: detected capacity change from 0 to 4096 [ 164.567258][ T9220] XFS (loop3): Log I/O Error (0x6) detected at xfs_fs_goingdown+0xe0/0x15c (fs/xfs/xfs_fsops.c:457). Shutting down filesystem. [ 164.585405][ T9220] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 164.641357][ T8277] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 164.664079][ T7477] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 164.667065][ T7477] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 164.693014][ T535] bridge_slave_1: left allmulticast mode [ 164.694184][ T535] bridge_slave_1: left promiscuous mode [ 164.703587][ T535] bridge0: port 2(bridge_slave_1) entered disabled state [ 164.734402][ T535] bridge_slave_0: left allmulticast mode [ 164.735856][ T535] bridge_slave_0: left promiscuous mode [ 164.737082][ T535] bridge0: port 1(bridge_slave_0) entered disabled state [ 165.011368][ T9282] loop3: detected capacity change from 0 to 1764 [ 165.060637][ T9282] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 165.183569][ T9268] loop1: detected capacity change from 0 to 32768 [ 165.245545][ T9268] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 165.358921][ T9268] XFS (loop1): Ending clean mount [ 165.363986][ T9268] XFS (loop1): Quotacheck needed: Please wait. [ 165.412511][ T9268] XFS (loop1): Quotacheck: Done. [ 165.441929][ T6401] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 165.694738][ T6398] Bluetooth: hci2: command tx timeout [ 166.397221][ T535] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 166.437585][ T535] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 166.487381][ T535] bond0 (unregistering): Released all slaves [ 166.536186][ T9207] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.537658][ T9207] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.539179][ T9207] bridge_slave_0: entered allmulticast mode [ 166.541009][ T9207] bridge_slave_0: entered promiscuous mode [ 166.562201][ T8779] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 166.586399][ T9207] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.587979][ T9207] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.589554][ T9207] bridge_slave_1: entered allmulticast mode [ 166.591247][ T9207] bridge_slave_1: entered promiscuous mode [ 166.660710][ T9207] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 166.683685][ T9207] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 166.951392][ T9326] pim6reg1: entered promiscuous mode [ 166.952645][ T9326] pim6reg1: entered allmulticast mode [ 167.583551][ T9207] team0: Port device team_slave_0 added [ 167.587030][ T9207] team0: Port device team_slave_1 added [ 167.803024][ T6398] Bluetooth: hci2: command tx timeout [ 167.834112][ T8779] veth0_vlan: entered promiscuous mode [ 167.843563][ T8779] veth1_vlan: entered promiscuous mode [ 167.870962][ T8779] veth0_macvtap: entered promiscuous mode [ 167.883166][ T9207] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 167.888874][ T9207] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.894751][ T9207] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 167.898546][ T9207] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 167.900111][ T9207] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.906576][ T9207] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 168.568235][ T535] hsr_slave_0: left promiscuous mode [ 168.604719][ T535] hsr_slave_1: left promiscuous mode [ 168.674981][ T535] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 168.676539][ T535] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 168.685645][ T535] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 168.687223][ T535] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 168.705351][ T535] veth1_macvtap: left promiscuous mode [ 168.706599][ T535] veth0_macvtap: left promiscuous mode [ 168.707775][ T535] veth1_vlan: left promiscuous mode [ 168.709032][ T535] veth0_vlan: left promiscuous mode [ 169.854798][ T6398] Bluetooth: hci2: command tx timeout [ 170.568808][ T535] team0 (unregistering): Port device team_slave_1 removed [ 170.749603][ T535] team0 (unregistering): Port device team_slave_0 removed [ 171.945024][ T6398] Bluetooth: hci2: command tx timeout [ 173.259520][ T8779] veth1_macvtap: entered promiscuous mode [ 173.577904][ T9207] hsr_slave_0: entered promiscuous mode [ 173.862566][ T9207] hsr_slave_1: entered promiscuous mode [ 174.027403][ T9207] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 174.069156][ T9207] Cannot create hsr debugfs directory [ 174.291577][ T8779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.294271][ T8779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.300549][ T8779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.302979][ T8779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.309494][ T8779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.311912][ T8779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.316549][ T8779] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 174.614235][ T8779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.893074][ T8779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.938952][ T8779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.991819][ T8779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.060704][ T8779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 175.145373][ T8779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.179678][ T8779] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 175.212305][ T8779] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.225968][ T8779] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.227695][ T8779] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.229480][ T8779] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.355913][ T9400] loop1: detected capacity change from 0 to 512 [ 175.358878][ T9400] EXT4-fs (loop1): blocks per group (95) and clusters per group (32768) inconsistent [ 175.560591][ T9444] loop3: detected capacity change from 0 to 256 [ 175.562386][ T9444] exfat: Deprecated parameter 'namecase' [ 175.563579][ T9444] exfat: Deprecated parameter 'utf8' [ 175.568242][ T9444] exfat: Deprecated parameter 'namecase' [ 175.569704][ T9444] exfat: Deprecated parameter 'utf8' [ 175.591256][ T9444] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d) [ 176.315557][ T44] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 176.322942][ T44] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 176.378380][ T7300] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 176.388816][ T7300] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 177.136983][ T9459] loop1: detected capacity change from 0 to 16 [ 177.138708][ T9459] erofs: Unknown parameter 't5;} 7_cN"Lam)p'6~' [ 178.843750][ T9496] netlink: 16 bytes leftover after parsing attributes in process `syz.4.530'. [ 178.846769][ T9496] netlink: 56 bytes leftover after parsing attributes in process `syz.4.530'. [ 179.482540][ T9207] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 179.491480][ T9207] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 179.512669][ T9207] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 179.573116][ T9207] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 179.737835][ T9207] 8021q: adding VLAN 0 to HW filter on device bond0 [ 180.559523][ T9207] 8021q: adding VLAN 0 to HW filter on device team0 [ 180.628374][ T7486] bridge0: port 1(bridge_slave_0) entered blocking state [ 180.629963][ T7486] bridge0: port 1(bridge_slave_0) entered forwarding state [ 180.659831][ T7486] bridge0: port 2(bridge_slave_1) entered blocking state [ 180.661325][ T7486] bridge0: port 2(bridge_slave_1) entered forwarding state [ 180.985497][ T9207] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.042681][ T9207] veth0_vlan: entered promiscuous mode [ 181.073193][ T9207] veth1_vlan: entered promiscuous mode [ 181.124301][ T9207] veth0_macvtap: entered promiscuous mode [ 181.220254][ T9207] veth1_macvtap: entered promiscuous mode [ 181.827243][ T9207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 181.834974][ T9207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.837335][ T9207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 181.845799][ T9207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.854495][ T9207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 181.874707][ T9207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.876703][ T9207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 181.883302][ T9207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.887935][ T9207] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 181.900447][ T9207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 181.902548][ T9207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.917024][ T9207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 181.919221][ T9207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.921318][ T9207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 181.923407][ T9207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.937187][ T9207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 181.939263][ T9207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.962621][ T9207] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 182.109985][ T9207] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.111987][ T9207] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.180834][ T9207] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.226940][ T9207] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.456310][ T9575] netlink: 4 bytes leftover after parsing attributes in process `syz.0.547'. [ 182.800492][ T535] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 182.812981][ T535] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 182.847099][ T137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 182.853016][ T137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 182.986865][ T9600] loop3: detected capacity change from 0 to 256 [ 182.992285][ T9601] loop2: detected capacity change from 0 to 64 [ 182.995200][ T9600] exfat: Deprecated parameter 'namecase' [ 182.998667][ T9600] exfat: Deprecated parameter 'utf8' [ 183.001082][ T9600] exfat: Deprecated parameter 'namecase' [ 183.005374][ T9600] exfat: Deprecated parameter 'utf8' [ 183.043592][ T9600] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d) [ 184.904117][ T9632] netlink: 16 bytes leftover after parsing attributes in process `syz.4.556'. [ 184.906287][ T9632] netlink: 56 bytes leftover after parsing attributes in process `syz.4.556'. [ 186.185917][ T9652] binder: 9642:9652 ioctl c0046209 0 returned -22 [ 186.941735][ T9661] loop3: detected capacity change from 0 to 512 [ 187.440747][ T9662] loop0: detected capacity change from 0 to 8192 [ 187.445747][ T9662] vfat: Unknown parameter '' [ 187.503272][ T2333] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.523960][ T2333] ieee802154 phy1 wpan1: encryption failed: -22 [ 187.526825][ T9661] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 187.562407][ T9661] EXT4-fs (loop3): 1 orphan inode deleted [ 187.564914][ T9661] EXT4-fs (loop3): 1 truncate cleaned up [ 187.568209][ T9661] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 187.599549][ T9661] EXT4-fs (loop3): shut down requested (0) [ 187.682581][ T9677] EXT4-fs error (device loop3): ext4_lookup:1811: inode #15: comm syz.3.569: iget: bad extra_isize 46 (inode size 256) [ 187.696360][ T9677] EXT4-fs (loop3): Remounting filesystem read-only [ 187.804733][ T30] audit: type=1326 audit(187.780:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9689 comm="syz.1.577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8ab4a6e8 code=0x7ffc0000 [ 187.809030][ T30] audit: type=1326 audit(187.780:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9689 comm="syz.1.577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8ab4a6e8 code=0x7ffc0000 [ 187.813186][ T30] audit: type=1326 audit(187.790:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9689 comm="syz.1.577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8ab4a6e8 code=0x7ffc0000 [ 187.840926][ T8277] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.851505][ T30] audit: type=1326 audit(187.790:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9689 comm="syz.1.577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8ab4a6e8 code=0x7ffc0000 [ 187.874580][ T30] audit: type=1326 audit(187.790:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9689 comm="syz.1.577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8ab4a6e8 code=0x7ffc0000 [ 187.879127][ T30] audit: type=1326 audit(187.790:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9689 comm="syz.1.577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8ab4a6e8 code=0x7ffc0000 [ 187.883394][ T30] audit: type=1326 audit(187.790:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9689 comm="syz.1.577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8ab4a6e8 code=0x7ffc0000 [ 187.916630][ T30] audit: type=1326 audit(187.790:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9689 comm="syz.1.577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8ab4a6e8 code=0x7ffc0000 [ 187.941095][ T1753] ------------[ cut here ]------------ [ 187.942653][ T1753] WARNING: CPU: 0 PID: 1753 at kernel/rcu/sync.c:177 rcu_sync_dtor+0xd8/0x178 [ 187.944544][ T1753] Modules linked in: [ 187.945365][ T1753] CPU: 0 UID: 0 PID: 1753 Comm: kworker/0:2 Not tainted 6.11.0-rc5-syzkaller-gdf54f4a16f82 #0 [ 187.947654][ T1753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 187.949789][ T1753] Workqueue: events destroy_super_work [ 187.951047][ T1753] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 187.952826][ T1753] pc : rcu_sync_dtor+0xd8/0x178 [ 187.953897][ T1753] lr : percpu_free_rwsem+0x48/0x88 [ 187.954941][ T1753] sp : ffff80009d0c7a70 [ 187.955913][ T1753] x29: ffff80009d0c7a70 x28: ffff700013a18f80 x27: ffff0000cb5cba18 [ 187.957727][ T1753] x26: 1fffe00018210001 x25: ffff0000c1080000 x24: dfff800000000000 [ 187.959621][ T1753] x23: 00000000000001cb x22: 1fffe00019a1946a x21: dfff800000000000 [ 187.961526][ T1753] x20: ffff0000cd0ca350 x19: ffff0000cd0ca350 x18: dfff800000000000 [ 187.963401][ T1753] x17: 0000000000000000 x16: ffff80008301a844 x15: 0000000000000001 [ 187.965098][ T1753] x14: 1ffff00011eb2c64 x13: 0000000000000000 x12: 0000000000000000 [ 187.966966][ T1753] x11: ffff700011eb2c65 x10: 0000000000000003 x9 : 0000000000000003 [ 187.968803][ T1753] x8 : 0000000000000002 x7 : 0000000000000000 x6 : 000000000000003f [ 187.970713][ T1753] x5 : 0000000000000040 x4 : 0000000000000001 x3 : ffff800080b79668 [ 187.972550][ T1753] x2 : 0000000000000001 x1 : ffff80008b9ab900 x0 : ffff0000cd0ca350 [ 187.974311][ T1753] Call trace: [ 187.975022][ T1753] rcu_sync_dtor+0xd8/0x178 [ 187.976028][ T1753] percpu_free_rwsem+0x48/0x88 [ 187.977138][ T1753] destroy_super_work+0xec/0x154 [ 187.978179][ T1753] process_one_work+0x79c/0x15b8 [ 187.979268][ T1753] worker_thread+0x978/0xec4 [ 187.980326][ T1753] kthread+0x288/0x310 [ 187.981277][ T1753] ret_from_fork+0x10/0x20 [ 187.982254][ T1753] irq event stamp: 559068 [ 187.983257][ T1753] hardirqs last enabled at (559067): [] kasan_quarantine_put+0x1a0/0x1c8 [ 187.985666][ T1753] hardirqs last disabled at (559068): [] el1_dbg+0x24/0x80 [ 187.987559][ T1753] softirqs last enabled at (559060): [] wg_packet_encrypt_worker+0x10a4/0x1134 [ 187.989863][ T1753] softirqs last disabled at (559058): [] wg_packet_encrypt_worker+0xe5c/0x1134 [ 187.992201][ T1753] ---[ end trace 0000000000000000 ]--- [ 188.001461][ T30] audit: type=1326 audit(187.790:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9689 comm="syz.1.577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=143 compat=0 ip=0xffff8ab4a6e8 code=0x7ffc0000 [ 188.016884][ T30] audit: type=1326 audit(187.790:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9689 comm="syz.1.577" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8ab4a6e8 code=0x7ffc0000 [ 188.029457][ T1753] ------------[ cut here ]------------ [ 188.030976][ T1753] WARNING: CPU: 0 PID: 1753 at kernel/rcu/sync.c:180 rcu_sync_dtor+0xe0/0x178 [ 188.032749][ T1753] Modules linked in: [ 188.033528][ T1753] CPU: 0 UID: 0 PID: 1753 Comm: kworker/0:2 Tainted: G W 6.11.0-rc5-syzkaller-gdf54f4a16f82 #0 [ 188.035895][ T1753] Tainted: [W]=WARN [ 188.036657][ T1753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 188.038620][ T1753] Workqueue: events destroy_super_work [ 188.039728][ T1753] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 188.041252][ T1753] pc : rcu_sync_dtor+0xe0/0x178 [ 188.042280][ T1753] lr : rcu_sync_dtor+0x58/0x178 [ 188.043312][ T1753] sp : ffff80009d0c7a70 [ 188.044188][ T1753] x29: ffff80009d0c7a70 x28: ffff700013a18f80 x27: ffff0000cb5cba18 [ 188.045878][ T1753] x26: 1fffe00018210001 x25: ffff0000c1080000 x24: dfff800000000000 [ 188.047520][ T1753] x23: 00000000000001cb x22: 1fffe00019a1946a x21: dfff800000000000 [ 188.049211][ T1753] x20: ffff0000cd0ca358 x19: ffff0000cd0ca350 x18: dfff800000000000 [ 188.050956][ T1753] x17: 0000000000000000 x16: ffff80008035e93c x15: ffff700013a18f34 [ 188.052757][ T1753] x14: 1ffff00013a18f34 x13: 0000000000000004 x12: ffffffffffffffff [ 188.054422][ T1753] x11: ffff700013a18f34 x10: 1ffff00013a18f34 x9 : 0000000000000000 [ 188.056112][ T1753] x8 : 0000000000000001 x7 : ffff8000803d9e28 x6 : 0000000000000000 [ 188.057845][ T1753] x5 : 0000000000000001 x4 : 0000000000000001 x3 : ffff80008035ea64 [ 188.059597][ T1753] x2 : 0000000000000001 x1 : 0000000000000000 x0 : 0000000000000001 [ 188.061276][ T1753] Call trace: [ 188.062007][ T1753] rcu_sync_dtor+0xe0/0x178 [ 188.063088][ T1753] percpu_free_rwsem+0x48/0x88 [ 188.064044][ T1753] destroy_super_work+0xec/0x154 [ 188.065072][ T1753] process_one_work+0x79c/0x15b8 [ 188.066150][ T1753] worker_thread+0x978/0xec4 [ 188.067138][ T1753] kthread+0x288/0x310 [ 188.067968][ T1753] ret_from_fork+0x10/0x20 [ 188.068870][ T1753] irq event stamp: 559168 [ 188.069721][ T1753] hardirqs last enabled at (559167): [] exit_to_kernel_mode+0xdc/0x10c [ 188.071791][ T1753] hardirqs last disabled at (559168): [] _raw_spin_lock_irq+0x28/0x70 [ 188.073761][ T1753] softirqs last enabled at (559162): [] handle_softirqs+0xa3c/0xbfc [ 188.075739][ T1753] softirqs last disabled at (559071): [] __do_softirq+0x14/0x20 [ 188.077663][ T1753] ---[ end trace 0000000000000000 ]--- [ 188.149330][ T1753] ------------[ cut here ]------------ [ 188.150593][ T1753] WARNING: CPU: 0 PID: 1753 at kernel/rcu/sync.c:188 rcu_sync_dtor+0x108/0x178 [ 188.152483][ T1753] Modules linked in: [ 188.153257][ T1753] CPU: 0 UID: 0 PID: 1753 Comm: kworker/0:2 Tainted: G W 6.11.0-rc5-syzkaller-gdf54f4a16f82 #0 [ 188.155761][ T1753] Tainted: [W]=WARN [ 188.156588][ T1753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 188.158682][ T1753] Workqueue: events destroy_super_work [ 188.159827][ T1753] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 188.161610][ T1753] pc : rcu_sync_dtor+0x108/0x178 [ 188.162641][ T1753] lr : rcu_sync_dtor+0xb0/0x178 [ 188.163661][ T1753] sp : ffff80009d0c7a70 [ 188.164727][ T1753] x29: ffff80009d0c7a70 x28: ffff700013a18f80 x27: ffff0000cb5cba18 [ 188.166644][ T1753] x26: 1fffe00018210001 x25: ffff0000c1080000 x24: dfff800000000000 [ 188.168565][ T1753] x23: 0000000000000002 x22: 1fffe00019a1946a x21: dfff800000000000 [ 188.170379][ T1753] x20: ffff0000cd0ca358 x19: ffff0000cd0ca350 x18: 1fffe00036799fe6 [ 188.172164][ T1753] x17: ffff80008f50d000 x16: ffff800080a86680 x15: 0000000000000001 [ 188.173778][ T1753] x14: 1ffff00013a18f28 x13: 0000000000000000 x12: 0000000000000000 [ 188.175461][ T1753] x11: ffff700013a18f29 x10: 1ffff00013a18f28 x9 : 8b114d43774b6900 [ 188.177401][ T1753] x8 : 0000000000000002 x7 : ffff80008b3d4348 x6 : 0000000000000000 [ 188.179257][ T1753] x5 : 0000000000000001 x4 : 0000000000000001 x3 : ffff80008b3d4698 [ 188.181099][ T1753] x2 : 0000000000000001 x1 : 0000000000000008 x0 : 0000000000000001 [ 188.183031][ T1753] Call trace: [ 188.183762][ T1753] rcu_sync_dtor+0x108/0x178 [ 188.184798][ T1753] percpu_free_rwsem+0x48/0x88 [ 188.185917][ T1753] destroy_super_work+0xec/0x154 [ 188.186969][ T1753] process_one_work+0x79c/0x15b8 [ 188.188034][ T1753] worker_thread+0x978/0xec4 [ 188.189033][ T1753] kthread+0x288/0x310 [ 188.189888][ T1753] ret_from_fork+0x10/0x20 [ 188.191055][ T1753] irq event stamp: 559378 [ 188.191964][ T1753] hardirqs last enabled at (559377): [] _raw_spin_unlock_irq+0x30/0x80 [ 188.194178][ T1753] hardirqs last disabled at (559378): [] el1_dbg+0x24/0x80 [ 188.196031][ T1753] softirqs last enabled at (559350): [] handle_softirqs+0xa3c/0xbfc [ 188.198082][ T1753] softirqs last disabled at (559171): [] __do_softirq+0x14/0x20 [ 188.199974][ T1753] ---[ end trace 0000000000000000 ]---