last executing test programs: 11m22.611184921s ago: executing program 32 (id=135): unshare(0x2a020400) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x83, 0x2, 0x3, 0x7f, 0xa9, 0x4d, 0x6, 0x5f, 0x9, 0x15, 0xffff2d37, 0xff7fff01, 0x6, 0x5, 0x7, 0x5, 0x8006, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0x10, 0x5, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x20003, 0x8, 0x4c74, 0x10000, 0x242, 0x3, 0xe, 0x4, 0x80008071, 0x7, 0x17, 0x1, 0x85, 0x5, 0x3e, 0x18e, 0x5, 0x6, 0x454f, 0x6, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x6, 0x5, 0x8000, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432f6, 0xc8, 0xf1, 0xe, 0x2bf, 0x6c7, 0xa, 0xfffffffc, 0x3, 0x2, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x66abcbd2, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x9, 0x6, 0x1, 0xff, 0x5, 0xfffff575, 0x5f31, 0xd, 0x9, 0x381, 0x4, 0xb, 0x4, 0x9, 0x8, 0x5, 0x6, 0x1, 0x6, 0x1, 0xfe000000, 0x8, 0x2, 0x4, 0x9, 0x13, 0x3, 0x4000009, 0x6, 0x4000000, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x4, 0x408, 0x4, 0x5, 0xfffffffd, 0x100, 0x4, 0x5, 0x5, 0x8002, 0x0, 0x9, 0xb, 0x4, 0x45, 0x5, 0x0, 0x9, 0x5, 0x8, 0x86, 0x3, 0x303c, 0xfffffffa, 0xb, 0x1, 0x2, 0x2, 0x400003, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x4, 0xa9, 0x5, 0x0, 0xaca, 0xbf, 0x2, 0x80, 0x7ff, 0x12b, 0x1, 0xc921, 0xa, 0xffffffff, 0x5, 0x2, 0x120000, 0x807ff, 0x2006, 0x80a2ed, 0x1, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x1938, 0x6, 0x6, 0x0, 0xb9, 0xce4, 0x1ff, 0x6, 0x57, 0x5, 0x3, 0x2, 0x10000, 0x4, 0x7fff, 0x4000, 0xa620, 0x1, 0x5, 0xffff, 0x2000002, 0x14c, 0x60a7, 0x6, 0x7, 0xffffffff, 0x80000000, 0x5, 0x5, 0xc8, 0x1, 0xfffff000, 0xffff, 0x3, 0x7e, 0x100, 0x9622, 0x7, 0xaf, 0x20000008, 0x3, 0x226, 0x2, 0x5, 0x0, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x530e, 0x6c1b, 0x0, 0x4, 0xf5, 0x803, 0x1, 0x200, 0xfffffffa, 0xfff]}, 0x45c) close(0xffffffffffffffff) syz_open_dev$mouse(&(0x7f0000000180), 0x0, 0x2) r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01) r1 = userfaultfd(0x80801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) write$char_usb(r0, &(0x7f0000000040)="e2", 0x918) ppoll(&(0x7f00000000c0)=[{}, {0xffffffffffffffff, 0x300}], 0x20000000000000dc, 0x0, 0x0, 0x0) 10m48.22745568s ago: executing program 33 (id=253): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x8, &(0x7f00000000c0)={[{@lazytime}, {@errors_remount}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ") r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r1 = open(&(0x7f0000000340)='./file1\x00', 0x14b27e, 0x46) write$tun(r1, &(0x7f0000000200)=ANY=[], 0x8) fallocate(r1, 0x0, 0x9, 0x41001f3) fallocate(r1, 0x8, 0x0, 0x10000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0) pwrite64(r2, &(0x7f0000000600)='#&\t\a&', 0x5, 0x4fecd) 10m31.578767127s ago: executing program 34 (id=357): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r1) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, '\x00\x00'}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[], 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 9m49.123995656s ago: executing program 35 (id=683): bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x30, 0x0, @val=@uprobe_multi={0x0, &(0x7f0000000300)}}, 0x40) setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) close(0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x7, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10104}, [@IFLA_IFNAME={0x14, 0x3, 'vlan0\x00'}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x3c}}, 0x0) 9m19.38938461s ago: executing program 36 (id=881): r0 = socket$inet6(0xa, 0x5, 0x0) close(0x3) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r1, 0x84, 0x80, &(0x7f0000000000)="1400000009000000", 0x8) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000d10ffc)=0x200, 0x4) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x1, 0x10000, @dev={0xfe, 0x80, '\x00', 0x1e}, 0x6}, 0x1c) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000004c0)=[@in6={0xa, 0x0, 0x0, @local, 0x1}], 0x1c) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e21, 0x1, @loopback, 0xffff}, 0x1c) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f00000003c0)=[@in6={0xa, 0x0, 0xfffffffc, @local}], 0x1c) 8m47.050142864s ago: executing program 37 (id=1084): r0 = bpf$MAP_CREATE(0x0, &(0x7f000000a180)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x22d3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r4}, &(0x7f0000000280), &(0x7f0000000240)=r1}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4) sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) 8m43.751807897s ago: executing program 38 (id=1095): r0 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r1, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(r0, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) r4 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newlink={0x6c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x4}, @IFLA_VLAN_EGRESS_QOS={0x4}, @IFLA_VLAN_EGRESS_QOS={0x10, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7, 0x2}}]}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0x12}}]}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x6c}, 0x1, 0x0, 0x0, 0x600}, 0x0) 8m22.964635253s ago: executing program 0 (id=1207): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002c00)=ANY=[@ANYBLOB="bf16000000000000b70700000900f0ff4070000000000000500000000000000095000000000000002ba728041598d6fbd30cb599e8c73d24a3aa81d36bb3019c13bd23212fb56fa54f26fb0b71d0e6adfefc41d86bd917487960717142fa9ea4318123741c0a0e168c1886d0d4d94f2f4e345c652ebc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc8ce974a22a550d6fd70800c86ae3b3e05df3ceb9fc474c2a100c788b277beee1cbf9b0a4def23d410f6296b32a8343881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee6f867ddd58211d6ececb0cd2b6d357b8580218ce740068725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f5888b2c81f96a810b946855c9fc52ac17cbc97a616811a4c2dc3470009b966abaf41939aeca3e7b00c2e9d5db7a34fe2a29ac88c360a878a2b9ab9440c1961e80477166f3f847e855cdddc941d996d61ea0ce23b37e9d21c849d1e1e53087a3b109012e3a3ecbd219265048bf5c72b7ba2806b73323301b4bc94d0e4afde44867d71049a7c89bc615e215571ac910d80a58b5169576ff9906c34d2342806960b6bcb00000000000000000000000000113ee640b9ed1e04a0bfb125204d30990361bf45ef45277a167cd2c2e6ce9138143aa5ea7ee6f7c6d8b00437e070b004c5aa90766538b4fe45a16f14b270904d36eaa87508ac6d46639b3971ac6a88dc531fcc5ffc6b76b334795d88156336a9a452a9022485bb572dacb7aa25f748bc75918a16d9d5ae21004cd799ac4951beb2c6c9b5baf60081b86cc2e31c49f4ea055fb3639036c95c69b1ae60e685d486dbd1d5e7d0daacd73acfc80b9c9c92"], &(0x7f0000000140)='GPL\x00'}, 0x48) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]}) close_range(r1, 0xffffffffffffffff, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0xfffffffffffffe3d}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg(r2, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x40000002) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r4 = socket$netlink(0x10, 0x3, 0x9) setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000017c0)=r0, 0x4) 8m22.867084026s ago: executing program 0 (id=1208): syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x3000cd0, &(0x7f0000000000)=ANY=[@ANYRES64=0x0, @ANYRES16, @ANYRESHEX], 0x1, 0x1514, &(0x7f00000002c0)="$eJzs3Au0TuXWOPA5n+dZbNp4k9zXfObiTS4PSRJKkkslSUJyT0iSJEkSm9ySkIRcd5J7yD3ttN3vl9yTdo4kSUJCwvMfW/V3Ouf09Z3b54yz52+MNTzzXWvOdy5zvO+71hqDb7oMrd6wRpV6zAz/CP3rAn/+IwkAEgBgAADkuPQyQtmcZXOm78+iMekfehPxb1J/+pXuQFxJMv+MTeafscn8MzaZf8Ym88/YZP4Zm8w/Y5P5C5Ghzcx3tWwZd/t3P/8PAOT5/7+T+meS5fc/Q8Df2yHz/2+j/66jZf4Zm8w/Y5P5Z2wy/4zn8i1YcEX7EFeefP4zNpm/EBnav/yZ8vqzV/qZtmx/xyaEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQvwfOOsvMwDw6/r3M1ok/l/2J4QQQgghhBBCiH+ef+9KdyCEEEIIIYQQQoh/PwQFGgwEkAkyQwJkgaxwFSRCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFS69Z7rboTLcAVXgTqgK1aA61IC74G64B2rCvVAL7oPacD/UgQegLjwI9aA+NICHoCE8DI2gMTSBptAMmkOLP8hPzvG38l+A7vAi9ICekAS9oDe8BH2gL/SD/jAAXoaB8AoMgldhMAyBofAaDIPXYTi8ASNgJIyCN2E0jIGxMA7GwwRIhrdgIrwNk+Cdh7PBFJgK02A6zICZ8C7MgtkwB96DuTAP5kNyloWwCBbD+7AEPoAU+BCWwkeQCstgOayAlbAKVsMaWAvrYD1sgI2wCTbDFtgKH8M22A47YCfsgt2wBz6BvfAp7IPPIA0//zvzz/w2H7oiIKBChQYNZsJMmIAJmBWzYiImYnbMjjGMYU7MibkwF+bG3JgX82IS5seCWBAJCRkZC2EhjGMci2ARLIpFsTgWR4cOS2EpLI0XvPdlsCyWxXJYDstjBayAt+KtWAkrYWWsjFWwClbFqlgdq+NdeBfegzWxJtbCWlgba2MdrIN1sS7Ww3rYABtgQ2yIjbARNsEm2AybYQtsgS2xJbbCVtgG22BbbIvtsB22x/bYATtgR+yInbATdsbO2AW7YFd8Hp/HF/AFfBFfxJ5YVfXC3tgb+2Af7If9sT++jAPxFXwFX8XBOASH4mv4Gr6Ow/E0jsCROApHYSU1BsfiOGQ1AZMxGTPDRJyEk3AyTsEpOA2n4wyciTNxFs7G2fgezsV5OA8X4AJchItxMS7BDzAFU3ApnsFUXIbLcQWuxFW4EtfgWlyD63EDrsdNuAm34Bb8GD/G7bgdd+JO3I278RP8BD/FT3EwpmEa7sf9eAAP4EE8iIfwEB7Gw3gEj+BRPIrH8BgexxN4Ek/gKTyFp/EMngWAc3gOz+N5vIgX0z/8Kp1RRmVSmVSCSlBZVVaVqBJVdpVdxVRM5VQ5VS6VS+VWuVVelVflV/lVQVVQkSLFKlKFVCEVV3FVRBVRRVVRVVwVV045VUqVUqVVaVVGlVFl1c2qnLpFlVcVVGt3q7pVVVJtXGV1h6qiqqiqqpqqrmqoGulfC6qmqqlqqVqqtqqt6qgHVF3VC/thfZU+mYZqCDZSQ7GJaqqaqebqdXxEtVTDsZVqrdqox9RIHIHtVEvXXj2pOqix2FE9rcbhM6qzmoBd1HOqq3pedVMvqO6qleuheqrJ2Ev1VtOwj+qr+qn+ahZWU+kTq65eVS9kHqKGqtfUInxdDVdvqBFqpBql3lSj1Rg1Vo1T49UElazeUhPV22qSekdNVlPUVDVNTVcz1Ez1rpqlZqs56j01V83ToBaohWqRWqzeV0vUBypFfaiWqo9UqlqmlqsVaqVapVarNWqtWqfWqw1qo9qkNqstaqv6WG1T29UOtVPtUrvVHvWJ2qs+VfvUZypNfa72qz+pA+oLdVB9qQ6pr9Rh9bU6or5RR9W36pj6Th1XJ9RJ9b06pX5Qp9UZdVb9qM6pn9R5dUFdVF6BRq201kYHOpPOrBN0Fp1VX6UTdTadXefQMX21zqmv0bn0tTq3zqPzmnw6vy6gC+pQk7aadaQL6cI6rq/TRfT1uqgupovrEtrpkrqUvkGX1jfqMvomXVbfrMvpW3R5XUFX9KBv05X07bqyvkNX0Xfqqrqarq5r6Lv03foeXVPfq2vp+3Rtfb+uox/QdfWDup6urxvoh3RD/bBupBvrJrqpbqab6xb6Ed1SP6pb6da6jX5Mt9WP63b6Cd1eP6k76Kd0R/207qSf0Z31s7qLfk531c/rbvqCvqi97qF76iTdS/fWL+k+uq/up/vrAfplPVC/ogfpV/VgPUQP1a/pYfp1PVy/oUfokXqUflOP1mP0WD1Oj9cTdLJ+S0/Ub+tJ+h09WU/RU/U0PV3P0P1+qTTnf5H/9t/IH3Tp3bforfpjvU1v1zv0Tr1L79Z79B69V+/V+/Q+nabT9H69Xx/QB/RBfVAf0of0YX1YH9FH9FF9VB/Tx/RxfUL/qL/Xp/QP+rQ+o8/oH/U5fU6f/+XvAAwaZbQxJjCZTGaTYLKYrOYqk2iymewmh4mZq01Oc43JZa41uU0ek9fkM/lNAVPQhIaMNWwiU8gUNnFznSlirjdFTTFT3JQwzpQ0pcwN/3T+H/XXwrQwLU1L08q0Mm1MG9PWtDXtTDvT3rQ3HUwH09F0NJ1MJ9PZdDZdTBfT1XQ13Uw30910Nz1MD5Nkkkxv85LpY/qafqa/GWBeNgPNQDPIDDKDzWAz1Aw1w8wwM9wMNyPMCDPKjDKjzWgz1ow14814k+xzmIlmoplkJpnJZrKZOiCHmW6mm5lmppllZpk5Zo6Za+aa+Wa+WWgWmsVmsVlilpgUk2KWmqUm1Swzy8wKs8KsMqvMGrPGrDPrzAazwWwym0yq2Wq2mm1mm9lhdphdZpfZY/aYvWav2Wf2mTSTZvab/eaAOWAOmoPmkDlkDpvD5og5Yo6ao+aYOWaOm+PmpDlpTplT5rQ5bc6as+acOWfOm/PmormYftkXqEAFJjBBpiBTkBAkBFmDrEFikBhkD7IHsSAW5AxyBrmCa4PcQZ4gb5AvyB8UCAoGYUCBDTiIgkJB4SAeXBcUCa4PigbFguJBicAFJYNSwQ1B6eDGoExwU1A2uDkoF9wSlA8qBBWDW4PbgkrB7UHl4I6gSnBnUDWoFlQPagR3BXcH9wQ1g3uDWsF9Qe3g/qBO8EBQN3gwqBfUDxoEDwUNg4eDRkHjoEnQNGgWNA9a/Evre386z6OuR9gzTAp7hb3Dl8I+Yd+wX9g/HBC+HA4MXwkHha+Gg8Mh4dDwtXBY+Ho4PHwjHBGODEeFb4ajwzHh2HBcOD6cECaHb4UTw7fDSeE74eRwSjg1mBZOD2eEM8N3w1nh7HBO+F44N5wXzg8XhAvDRSH+fEkMKeGH4dLwozA1XBYuD1eEK8NV4epwTbg2XBeuDzeEG8NNZQf+fGi4Ldwe7gh3hrvC3eGe8JNwb/hpuC/8LEwLPw/3h38KD4RfhAfDL8ND4Vfh4fDr8Ej4TXg0/DY8Fn4XHg9PhCfD78NT4Q/h6fBMeDb8MTwX/hSeDy+EF0OffnGf/vNOhgxlokyUQAmUlbJSIiVSdspOMYpRTspJuSgX5abclJfyUn7KTwWpIKVjYipEhShOcSpCRagoFaXiVJwcOSpFpag0laYyVIbKUlkqR+WoPJWnilSRbqPb6Ha6ne6gO+hOupOqUTWqQTXobrqbalJNqkW1qDbVpjpUh+pSXapH9agBNaCG1JAaUSNqQk2oGTWjFtSCWlJLakWtqA21obbUltpRO2pP7akDdaCO1JE6USfqTJ2pC3WhrtSVulE36k7dqQf1oCRKot7Um/pQH+pH/WgADaCBNJAG0SAaTINpKA2lYTSMhtNwGkEjaRS9SaNpDI2lcTSeJlAyJdNEmkiTaBJNpsk0labSdJpOM2kmzaJZNIfm0FyaS/NpPi2khbSYFtMSWkIplEJLaSmlUiotp+W0klbSalpNa2ktraf1tJE20mbaTFtpK22jbbSDdtAu2kV7aA/tpb20j/ZRGqXRftpPB+gAHaSDdIgO0WE6TEfoCB2lo3SMjtFxOk4n6SSdolN0mk7TWTpL5+gnOk8X6CJ5SrBZbFZ7lU202Wx2m8P+ZZzX5rP5bQFb0IY2t83zm5istUVtMVvclrDOlrSl7A1/FZe3FWxFe6u9zVayt9vKtrzNAn8e323vsTXtvbaWvc/WsHf9Jq5t77d17MO2rm1s69mmtoFtbhvah20j29g2sU1tM9vctrWP23b2CdvePpnQwT7157FNj5fYD+xau86utxvsXvupPWt/tEfsN/ac/cn2sD3tAPuyHWhfsYPsq3awHfLbGMCOsm/a0XaMHWvH2fF2wl/FU+00O93OsDPtu3aWnf1X8WL7vp1rU+x8u8AutIsuxek9pdgP7VL7kU21y+xyu8KutKvsarvm//e6wm6ym+0Wu8d+YrfZ7XaH3Wl32d2X4vTz2Gc/s2n2c3vYfm0P2C/sQXvUHrJfXYrTz++o/dYes9/Z4/aEPWm/t6fsD/a0PXPp/NPP/Xt7wV603gIjK9ZsOOBMnJkTOAtn5as4kbNxds7BMb6ac/I1nIuv5dych/NyPs7PBbggh0xsmTniQlyY43wdF+HruSgX4+Jcgh2X5FJ8A5fmG7kM38Rl+WYux7dwea7AFflWvo0r8e1cme/gKnwnV+VqXJ1r8F18N9/DNflersX3cW2+n+vwA1yXH+R6XJ8b8EPckB/mRtyYm3BTbsbNuQU/wi35UW7FrbkNP8Zt+XFux09we36SO/BT3JGf5k78DHfmZ7kLP8dd+Xnuxi9wd36Re3BPTuJe3Jtf4j7cl/txfx7AL/NAfoUH8as8mIfwUH6Nh/HrPJzf4BE8kkfxmzyax/BYHsfjeQIn81s8kd/mSfwOT+YpPJWn8XSewTP5XZ7Fs3kOv8dzeR7P5wW8kBfxYn6fl/AHnMIf8lL+iFN5GS/nFbySV/FqXsNreR2v5w28kTfxZt7CW/lj3sbbeQfv5F28m/fwJ7yXP+V9/Bmn8ee8n//EB/gLPshf8iH+ig/z13yEv+Gj/C0f4+/4OJ/gk/w9n+If+DSf4bP8I5/jn/g8X+CL7BkijFSkIxMFUaYoc5QQZYmyRldFiVG2KHuUI4pFV0c5o2uiXNG1Ue4oT5Q3yhfljwpEBaMwoshGHEVRoahwFI+ui4pE10dFo2JR8ahE5KKSUanohqh0dGNUJropKhvdHJWLbonKRxWiitGt0W1Rpej2qHJ0R1QlujOqGlWLqkc1oruiu6N7oprRvVGt6L6oTHR/VCd6IKobPRjVi+pHDaKHoobRw1GjqHHUJGoaNYuaRy2iR6KW0aNRq6h11CZ6LGobPR61i56I2kdPRh2ipy7vLxb8/Gv6F/uTol6R/uUJ2b16YXxRfHH8/fiS+AfxlPiH8aXxj+Kp8WXx5fEV8ZXxVfHV8TXxtfF18fXxDfGN8U3xzfEtce9rZAaH6TfCYFzgMrnMLsFlcVndVS7RZXPZXQ4Xc1e7nO4al8td63K7PC6vy+fyuwKuoAsdOevYRa6QK+zi7jpXxF3virpirrgr4Zwr6Uq55q6Fa+FaukddK9fatXGPucfc4+5x90TCL427ju5p18k94zq7Z92z7jnX1T3vurkXXHf3ouvherokl+R6u96uj+vj+rl+boAb4Aa6gW6QG+QGu8FuqBvqhrlhbrgb7ka4EW6UG+VGu9FurBvrxrvxLtklu4luopvkJrnJbrKb6qa66W66m+lmullulpvj5ri5bq6b7+a7hW6hW+wWuyVuiUtxKW6pW+pSXapb7pa7lW6lW+1Wu7VurVvv1ruNbqPb7Da7rW6r2+a2uR1uh9vldrk9bo/b6/a6fW6fS3Npbr/b7w64A+6g+9Idcl+5w+5rd8R94466b90x95077k64k87rU+4Hd9qdcWfdj+6c+8mddxfcReddcuyt2MTY27FJsXdik2NTYlNj02LTYzNiM2PvxmbFZsfmxN6LzY3Ni82PLYgtjC2KLY69H1sS+yCWEvswtjT2USw1tiy2PLYitjK2KuZ9gW2RL+QL+7i/zhfx1/uivpgv7kt450v6Uv4GX9rf6Mv4m3xZf7Mv52/x5X0FX9E39k18U9/MN/ct/CO+pX/Ut/KtfRv/mG/rH/ft/BO+vX/Sd/BP+Y7+ad/JP+M7+2d9F//cvF+m7Lv7F30P39Mn+V6+t3/J9/F9fT/f3w/wL/uB/hU/yL/qB/shfqh/zQ/zr/vh/g0/wo/0o/ybfrQf48f6cX68n+CT/Vt+on/bT/Lv+Ml+ip/qp/npfoaf6d/1s/xsP8e/5+f6eX6+X+AX+kV+sX/fL/Ef+BT/oV/qP/Kpfplf7lf4lX6VX+3X+LV+nV/vN/iNfpPf7Lf4rf5jv81v9zv8Tr/L7/Z7/Cd+r//U7/Of+TT/ud/v/+QP+C/8Qf+lP+S/8of91/6I/8Yf9d/6Y/47f9yf8Cf99/6U/8Gf9mf8Wf+jP+d/8uf9BX/xf/w3a0IIIYQQ4lf6D/b3+huvKQAY9su6NwBk257v0F/W3Jj753VftbdDDACe7Nml/q9b/fpJSUm/HJuqISi8AABil/MzweV4GbSBx6E9tIbSf7O/vqripeu+/6l+/GaArABZfs1Jvz36Nb5c/8bfqd/4ff7d+st+rr8AoGjhyznphX+NL9cv8zv1d7f9/fqX+s/yRTJAqz/LSYTL8eX6peBReAra/+ZIIYQQQgghhBDiZ33Vua5/cP956f48v/lt3q/xH92f/4HK/2z/QgghhBBCCCGE+GPPPN/tiUfat2/d6b95kfk/o43/gAUCwH9AG7L4z19c6W8mIYQQQgghxL/a5Yv+K92JEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRcf3j/0OY+l8ffKXPUQghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhLjS/l8AAAD//6k8VlA=") ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000040)={'\x00', 0x7, 0x8, 0x6, 0x100000000, 0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x80000000) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r5, 0xc058534b, &(0x7f0000000040)={0x0, 0xdb6, 0x9, 0xa2f, 0x8001, 0x7}) kcmp$KCMP_EPOLL_TFD(r0, 0xffffffffffffffff, 0x7, r1, &(0x7f0000000140)={r2, r4, 0x1ff}) 8m22.489019738s ago: executing program 0 (id=1211): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r2 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r3, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, &(0x7f0000000440)={r4, 0x0, 0x0, 0x0, 0x0, [0x0], [0x0, 0x3, 0x2], [0x0, 0x0, 0x3], [0x4000000, 0xc, 0x0, 0x4]}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000080)={r5, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r6}) close_range(r0, 0xffffffffffffffff, 0x0) 8m21.963630904s ago: executing program 0 (id=1216): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000280)={[{@dioread_lock}, {@resgid}]}, 0x6, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==") creat(&(0x7f0000000100)='./bus\x00', 0x1fb978507dcbbbd6) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]}) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x8800, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 8m20.82691863s ago: executing program 0 (id=1224): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x42, 0x8) close(0x3) r1 = socket(0x2, 0x80805, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84) sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30, 0x180}], 0x1, 0x0) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000080)={r4}, &(0x7f0000000000)=0x8) 8m19.909077778s ago: executing program 0 (id=1228): r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x8) r1 = accept4(r0, 0x0, 0x0, 0x0) close(r1) socket$inet_sctp(0x2, 0x5, 0x84) r2 = socket(0x2, 0x805, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @rand_addr=0x64010102}]}, &(0x7f00000007c0)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000000)={r3, 0x81}, 0x8) 8m19.313688626s ago: executing program 39 (id=1228): r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x8) r1 = accept4(r0, 0x0, 0x0, 0x0) close(r1) socket$inet_sctp(0x2, 0x5, 0x84) r2 = socket(0x2, 0x805, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @rand_addr=0x64010102}]}, &(0x7f00000007c0)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000000)={r3, 0x81}, 0x8) 7m40.135155043s ago: executing program 5 (id=1493): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000340)={0x1d, r1, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) sendmmsg$sock(r0, &(0x7f0000007480)=[{{0x0, 0x0, &(0x7f00000051c0)=[{&(0x7f0000004fc0)="14733f9daa4e98c0c2", 0x9}], 0x1}}], 0x1, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) setsockopt$SO_J1939_FILTER(r0, 0x6b, 0x1, &(0x7f0000000380)=[{0x2, 0x0, {0x1, 0xff, 0x2}, {0x1}, 0xfe, 0xff}, {0x2, 0x0, {0x2, 0x0, 0x3}, {0x2, 0x0, 0x4}, 0x1}], 0x40) sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newtfilter={0x24, 0x11, 0x1, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x74, r4, {0xb, 0xfff2}, {0xfff1, 0x9}, {0x2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x2004012}, 0x20000050) 7m39.016984098s ago: executing program 5 (id=1503): signalfd4(0xffffffffffffffff, &(0x7f0000000340)={[0xfffffffffffffffd]}, 0x8, 0x800) r0 = syz_ublk_setup_io_uring(0x1d, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x40000000, 0x158}, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0, &(0x7f0000000140)=0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.swap.current\x00', 0x275a, 0x0) syz_ublk_add_dev(r0, r1, r2, r3, &(0x7f0000000200)={0x2e, 0x0, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f0000000440)=@new_dev={0x4, 0x3c9, 0x0, 0x0, 0x1000, 0xffffffff, 0x0, 0x0, 0x40}}}, &(0x7f0000000300)=0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r7 = dup(r6) syz_usb_control_io$lan78xx(0xffffffffffffffff, 0x0, &(0x7f0000000540)={0x34, 0x0, 0x0, &(0x7f0000000440)={0x0, 0x8, 0x1, 0x6}, 0x0, 0x0, 0x0}) socket$netlink(0x10, 0x3, 0x0) syz_ublk_setup_queues(r7, r5, &(0x7f0000000180)={0x0, 0xa9c, 0x1000, 0x1, 0x257, 0x0, r4}, &(0x7f0000000800)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0x822002, 0x400, 0x1000000, 0x4}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x0, 0x4080, 0x4, 0x146, 0x0, r0}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x1f70, 0x80, 0x0, 0x2}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x0, 0x80, 0x1, 0x384}}], 0x1, &(0x7f0000001000)={0x2e, 0x24, 0x0, r4, 0xc0107520, 0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, '\x00', {0xfffd, 0x5, 0x0, 0x0}}, 0x0) 7m37.432781168s ago: executing program 5 (id=1518): socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x4004000) recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) close_range(r4, 0xffffffffffffffff, 0x2) dup3(r0, r4, 0x80000) 7m37.201179825s ago: executing program 5 (id=1519): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f00000001c0)='./file1\x00') r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x100) setpgid(r0, r0) setpgid(0x0, r0) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x1) 7m36.766867078s ago: executing program 5 (id=1521): socket$inet6_sctp(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a800000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x2, 0x4, 0x6, 0x6}, 0x50) r0 = syz_io_uring_setup(0x259a, &(0x7f0000000000)={0x0, 0xa54c, 0x800, 0x1, 0x153}, &(0x7f0000000080)=0x0, &(0x7f00000000c0)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, r3, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x6000, @fd_index=0x6, 0x5, 0x0, 0x61, 0xb}) io_uring_enter(r0, 0x42be, 0xafb2, 0x8, 0x0, 0x0) r4 = syz_ublk_setup_io_uring(0x220, &(0x7f0000000340)={0x0, 0xb0e3, 0x100, 0x3, 0x350}, &(0x7f0000000000)=0x0, &(0x7f00000000c0)=0x0, &(0x7f0000000180)=0x0) syz_io_uring_submit(r5, r6, r7, &(0x7f0000000980)=@IORING_OP_WRITEV={0x2, 0x2, 0x6000, @fd_index=0x7, 0x7a8, 0x0, 0x0, 0x0, 0x1, {0x2}}) syz_ublk_add_dev(r4, r5, r6, r7, &(0x7f00000003c0)={0x2e, 0x0, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x1, 0x9, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f0000000300)=@any_dev={0x4, 0xd73, 0x0, 0x0, 0x1000, 0xf, 0x0, 0x0, 0x10}}}, 0x0) 7m36.07704032s ago: executing program 5 (id=1525): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x124) r1 = fanotify_init(0x1, 0x1000) fanotify_mark(r1, 0x141, 0x40001029, r0, 0x0) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) fcntl$setstatus(r2, 0x4, 0x42000) r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0) ftruncate(r4, 0x2000009) sendfile(r3, r4, 0x0, 0x7ffff000) 7m35.41405115s ago: executing program 40 (id=1525): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x124) r1 = fanotify_init(0x1, 0x1000) fanotify_mark(r1, 0x141, 0x40001029, r0, 0x0) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) fcntl$setstatus(r2, 0x4, 0x42000) r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0) ftruncate(r4, 0x2000009) sendfile(r3, r4, 0x0, 0x7ffff000) 4m36.284825056s ago: executing program 3 (id=2529): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=ANY=[@ANYBLOB="0a000000d2cf00003d36000002"], 0x48) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000380)={r3, &(0x7f0000001940), 0x0}, 0x20) 4m34.247632629s ago: executing program 3 (id=2533): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x100, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="30000000fdd74b000000000014000500fe2f7f4c048ee6"], 0x30}}, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0) keyctl$join(0x1, &(0x7f0000000100)={'syz', 0x2}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 4m33.441428975s ago: executing program 3 (id=2536): r0 = fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000004c0)='j\x95\'\x8aC\x16\xca\\', &(0x7f0000000c40)='\xe6usek\v\xf6u%\x9b\x00\x00\xad\xeb\x00\x00\x00\x00\x01\x80\x00\x00\xcf\x9b\x9f\b\xb6\xfe\xc8\xda~-\xf5S>\xb8\x86\xfc\x9cVR\x82\x9a\xbdp\xbd\x83w\xf9Z\xd2\xcb\xcdF\xd0#N7\x17\xfc\x1e\xf1\x97\xffxi\xe0KE}]\x8e\xca\xe3+\xc8\x98\x03\x91\x88(\bn\x7f\x0e\x85\xa5\xb4\n?_\xc9\xef\xe0Q\xdb\xb6\xa5\x81t\x06\xda\x95\x935\xf1\x18\xac\x00\xf0\xff\xff\xbd\xb5\xa1\x06\xfd\x01\x00\x00\x00\x0f\xf8\xe3\x8a\x1f\x9c\xf3\xc5\x1f\xf9\xbf[\xd13\xb3\xd3j\r6\x7f', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000140)='{:\'@-\x00', &(0x7f0000000180)='%*.\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000003c0)='\x00', &(0x7f0000000400)='(!\xef(.(\\-]\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b80)='\xe0\"\xef\xb1\xea\xe6\x9c\xe6\xc8M\xdb\x86\xb3\x8b\xbe\xd5\xbdB\x92\xa0\x19-+a\x13qQ\xd5f39hSr\xafbB\xe2\xe8\xcd\x1bf\x18\x7f\xf27E#\"\xab\x99\xec\x88\x8d\xd8C\x0f\x95\xff\xfeG\xf9t\xb1 \xcc\xc5\xbb\x88\xb6\xd2\xf2Jwq\xf8oG0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x80, 0x1000000, 0x8, 0x1}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x4207, 0x4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', 0x0}) sendto$packet(r4, &(0x7f00000002c0)="05031412d3fc140000004788031c09102c28", 0xfdef, 0x4, &(0x7f0000000140)={0x11, 0x88a8, r5, 0x1, 0x0, 0x6, @multicast}, 0x14) 4m28.729025391s ago: executing program 3 (id=2554): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x2a05404, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x2a05404, 0x0) umount2(&(0x7f0000000040)='.\x00', 0x2) 4m13.099927296s ago: executing program 41 (id=2554): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x2a05404, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x2a05404, 0x0) umount2(&(0x7f0000000040)='.\x00', 0x2) 3m59.017031274s ago: executing program 2 (id=2654): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x77, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) syz_open_pts(0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x406, r0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200047fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf64(r1, &(0x7f0000000f80)=ANY=[], 0x540) syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902"], 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r1) shutdown(r0, 0x1) 3m56.375956836s ago: executing program 2 (id=2662): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) close(0x3) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) close(r0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_int(r2, 0x29, 0x4e, &(0x7f0000000040)=0x2, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f00000005c0)=[@in6={0xa, 0x4e23, 0x0, @remote, 0x3}], 0x1c) sendmmsg$inet6(r2, &(0x7f0000001d80)=[{{&(0x7f00000003c0)={0xa, 0x4e20, 0x9, @local, 0x9}, 0x1c, &(0x7f0000001c00)=[{&(0x7f0000001740)='p', 0x1}], 0x1}}], 0x1, 0x5dc) setsockopt(r1, 0x84, 0x80, &(0x7f0000000000)="1400000009000000", 0x8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00', 0x6}, 0x1c) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @ipv4={'\x00', '\xff\xff', @broadcast}}], 0x1c) 3m54.96859284s ago: executing program 2 (id=2665): openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) keyctl$restrict_keyring(0xa, 0x0, &(0x7f0000000300)='asymmetric\x00', 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r2 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, r2) keyctl$KEYCTL_MOVE(0x1e, r2, r2, r3, 0x0) 3m54.716998137s ago: executing program 2 (id=2678): syz_mount_image$exfat(&(0x7f00000041c0), &(0x7f0000000000)='./file0\x00', 0x810c90, &(0x7f0000000140)=ANY=[@ANYRES64=0x0, @ANYRESHEX=0x0, @ANYRES16=0x0], 0x1, 0x1520, &(0x7f0000000440)="$eJzs3AucTtX6OPDnWWvtMSbpbZLLsNZ6Nm9yWSZJIklySZIkSXJLSJrkSEJiyC1pSJLkMiSXISSXaUwa9/tdEpKkSZKQ3JL1/wh/p1Pndzq/0zl+nzPP9/PZn1nPu/ez9trv8+733Xu9M/Ntl6E1G9eq1pCI4F+C538kA0AsAAwEgKsAIACA8vHl48+tzy0x+V/bCftzPZh2uUfALieuf87G9c/ZuP45G9c/Z+P652xc/5yN65+zcf0Zy8k2Tit0NS85d+H5/5yMP///i2SXGfPl6jLXdgWI+aMpXP+cjev/Xyv4Ixtx/XM2rn9OFXu5B8D+D+DzPyfI9XfXcP1zNq4/YznZv3+OWbnLPcf9Py0QydnfgVzu1x9jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsZzhpL9EAcDF9uUeF2OMMcYYY4wxxv48PtflHgFjjDHGGGOMMcb+/RAESFAQQAzkgljIDXEgAOBKyAtXQQSuhni4BvLBtZAfCkBBKAQJUBiKgAYDFghCKArFIArXQXG4HkpASSgFpcFBGUiEG6As3Ajl4CYoDzdDBbgFKkIluBUqw21QBW6HqnAHVIM7oTrUgJpQC+6C2nA31IF7oC7cC/XgPqgP90MDeAAawoPQCB6CxvAwNIFHoCk0g+bQAlr+r/Kfhx7wAvSEXpAMvaEPvAh9oR/0hwEwEF6CQfAyDIZXIAWGwFB4FYbBazAcXocR8AaMhDdhFLwFo2EMjIVxkArjYQK8DRPhHZgEk2EKTIU0mAbT4V2YATNhFrwHs+F9mANzYR7Mh3T4ADJgAWTCh7AQPoIsWASLYQkshWWwHFbASlgFq2ENrIV1sB42wEbYBJthC2yFj2EbfALb4VPYATthF3wGu+HzfzL/xN/kd0VAQIECFSqMwRiMxViMwzjMg3kwL+bFCEYwHuMxH+bD/JgfC2JBTMAELIJF0KBByk1YFItiFKNYHItjCSyBpbAUOnSYiIlYFm/EclgOy2N5rIAVsCJWwkpYGStjFayCVbEqVsNqWB2rY02siXfhXdgb62AdrIt1sR7Wuzg9hQ2xITbCRtgYG2MTbIJNsSk2x+bYEltiK2yFrbE1tsW22A7bYXtsj0mYhB2wA3bEjtgJO2Fn7IxdsAt2xW7YLfv5XIAv4AvYC6uL3tgH+2BfTMnVHwfgAHwJB+HL+DK+gik4BIfiq/gqvobD8TiOwDdwJI7EKuItHI1jkMQ4TMVUnIATcCJOxEk4GSfjVEzDaTgdp+MMnIkz8T2cje/j+zgX5+J8TMd0zMAFmImZuBBPYBYuwsW4BJfiMlyKK3AlrsDVuAZX4zpchxtwA27CTbgFL56sCgA/xZ24E1NwN+7GPbgH9+Je3If7MBuzcT/uxwMW8CAexEN4CA/jETyKR/AYHsPjeAJPYr8LXT2b8HWjT0quSgFxjhJKxIgYEStiRZyIE3lEHpFX5BURERHxIl7kE/lEfpFfFBQFRYJIEEVEEWGEESTCGAAQUREVxUVxUUKUEKVEKeGEE4kiUZQVZUU5UU6UFzeLCuIWUVFUEm1cZVFZVBFtXVVxh6gmqonqooaoKWqJWqK2qC3qiDqirqgr6ol6or64XzQQvbE/PijOVaaxGIJNxFBsKpoJeeFIWonh2Fq0EW3F4+INHIHtRSuXJJ4SHcRo7Cj+IsbgM6KzGIddxHOiq+gmuovnRQ/R2vUUvcQk7C36iKnYV/QT/cUAMQNriPdwdu6a4hWRIoaIoeJVMR9fE8PF62JEbxAjxZtilHhLjBZjxFgxTqSK8WKCeFtMFO+ISWKymCKmijQxTUwX74oZYqaYJd4Ts8X7Yo6YK+aJ+SJdfCAyxAKRKT4UC8VHIkssEovFErFULBPLxQqRG1aJ1WKNWCvWifVig9goNonNYovYKj4W28QnYrv4VOwQO8Uu8ZnYLT4Xe8QXYq/4UuwTX4ls8bXYL74RB8S34qD4ThwS34vD4og4Kn4Qx8SP4rg4IU6KU+K0+EmcET+Ls8ILkCiFlFLJQMbIXDJW5pZx8gqZRwYXnt2rZby8RuaT18r8soAsKAvJBFlYFpFaGmklyVAWlcVkVF4ni8vrZQlZUpaSpaWTZWSivEGWlTfKcvImWV7eLCvIW2RFWUneKivL22QVebuEyPl9VJc1ZE1ZS94lk+FuWUfeI+vKe2U9eZ+sL++XDeQDsqF8UDaSD8nG8mHZRD4im8pmsrlsIVvKR2Ur+ZhsLdvItvJx2U4+IdvLJ2WSfEp2kP7CS+QZ2Vk+K7vI52RX2U12lz/Ls9LLnrKXhN4g+8gXZV/ZT/aXA+RA+ZIcJF+Wg+UrMkUOkUPlq3KYfE0Ol6/LEfINOVK+KUfJt+RoOUaOleNkqhwvJ8i35UT5jpwkJ8spcqpMk9Nk/ws9zZLyH+a//Tv5g3/Z+wa5UW6Sm+UWuVV+LLfJT+R2uV3ukDvkLrlL7pa75R65R+6Ve+U+uU9myzvkfrlfHpAH5EF5UB6Sh+RheUSekj/IY/JHeVyekCfkKXlanpZnLjwHoFAJJZVSgYpRuVSsyq3i1BUqj7pS5VVXqYi6WsWra1Q+da3KrwqogqqQSlCFVRGllVFWkQpVUVVMRdV1F9+jVClVWjlVRiWqG/6ZfFVcXa9KqJK/yr84vuS/M76WqqVqpVqp1qq1aqvaqnaqnWqv2qsklaQ6qA6qo+qoOqlOqrPqrLqoLqqr6qq6q+6qh+qheqqeKlklqz7qRdVX9VP91QA1UL2kBqlBarAarFJUihqqhqphapgaroarEWqEGqlGqlFqlBqtRquxaqxKValqgpqgJqqJapKapKaoKSpNpanparqaoWaoWWqWmq1mqzlqjpqn5ql0la4yVIbKVJlqoVqostQitUgtUUvUMrVMrVAr1Cq1Sq1Ra9Q6tU5lqY1qo9qsNqutaqvaprap7Wq72qF2qF1ql9qtdqs9ao/aq/aqfWqfylbZar/arw6oA+qgOqgOqUPqsDqsjqqj6pg6po6r4+qkOqlOq9PqjDqjzqqz5y77AhGIQAUqiAligtggNogL4oI8QZ4gb5A3iASRID6ID/IF1wb5gwJBwaBQkBAUDooEOjCBDcSFokeD64LiwfVBiaBkUCooHbigTJAY3BCUDW4MygU3BeWDm4MKwS1BxaBScGtQObgtqBLcHlQN7giqBXcG1YMaQc2gVnBXUDu4O6gT3BPUDe4N6gX3BfWD+4MGwQNBw+DBoFHwUNA4eDhoEjwSNA2aBc2DFkHLP7V/748XeMz11L10su6t++gXdV/dT/fXA/RA/ZIepF/Wg/UrOkUP0UP1q3qYfk0P16/rEfoNPVK/qUfpt/RoPUaP1eN0qh6vJ+i39UT9jp6kJ+speqpO09P0dP2unqFn6ln6PT1bv6/n6Ll6np6v0/UHOkMv0Jn6Q71Qf6Sz9CK9WC/RS/UyvVyv0Cv1Kr1ar9Fr9Tq9Xm/QG/UmvVlv0Vv1x3qb/kRv15/qHXqn3qU/07v153qP/kLv1V/qfforna2/1vv1N/qA/lYf1N/pQ/p7fVgf0Uf1D/qY/lEf1yf0SX1Kn9Y/6TP6Z31W+3MX9+c+3o0yysSYGBNrYk2ciTN5TB6T1+Q1ERMx8Sbe5DP5TH6T3xQ0BU2CSTBFTBFzDhkyRU1REzVRU9wUNyVMCVPKlDLOOJNoEk1ZU9aUM+VMeVPeVDAVTEVT0dxqbjW3mdvM7eZ2c4e5w9xp7jQ1TA1Ty9QytU1tU8fUMXVNXVPP1DP1TX3TwDQwDU1D08g0Mo1NY9PENDFNTVPT3DQ3LU1L08q0Mq1Na9PWtDXtTDvT3rQ3SSbJdDAdTEfT0XQynUxn09l0MV1MV9PVdDfdTQ/Tw/Q0PU2ySTZ9TB/T1/Q1/U1/M9AMNIPMIDPYDDYpJsUMNUPNMDPMDDfDzQjzhhl57kLVvGVGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXkm3aSbDJNhMk2mWWgWmiyTZRabxWapWWqWm+VmpVlpVpvVZi2sNevNerPRbDSbzWaz1Ww128w2s91sNzvMDrPL7DK7zW6zx+wxe81es8/sM9km2+w3+80Bc8AcNAfNIXPIHDaHzVFz1Bwzx8xxc9ycNCfNaVPgwuelN7E2t42zV9g89kqb115l/zYuaAvZBFvYFrHa5rcFfhUba20JW9KWsqWts2Vsor3hN3FFW8neaivb22wVe7ut+pu4tr3b1rH32Lr2XlvL3vWruJ69z9a3D9sGiAC2mW1kW9jG9mHbxD5im9pmtrltYdvZJ2x7+6RNsk/ZDvbp38QZdoFdaVfZ1XaN3WF32pP2lD1gv7Wn7U+2p+1lB9qX7CD7sh1sX7Epdshv4pH2TTvKvmVH2zF2rB33m3iKnWrT7DQ73b5rZ9iZv4nT7Qd2ts20c+xcO8/O/yXOsGgz7Yd2of3IZtkAFtsldqldZpfbFf9/rEvsOrvebrDb7ad2s91it9qP7baLF8J2p91lP7O77ed2v/3G7rVf2n32oM22X/8Snzu+g/Y7e8h+bw/bI/ao/cEesz+qi9nnjv0H+7M9a70FQgKSpCigGMpFsZSb4ugKykNXUl66iiJ0NcXTNZSPrqX8VIAKUiFKoMJUhDQZskQUUlEqRlG6ji4OrxSVJkdlKJFuoLJ0I5Wjm6g83UwV6BaqSJVyX9iMbqeqdAdVozupOtWgmlSL7qLadDfVoXuoLt1L9eg+qk/3UwN6gBrSg9SIHqLG9DA1oUeoKTWj5tSCWtKj1Ioeo9bUhtrS49SOnqD29CQl0VPUgZ6mjvQX6kTPUGd6lrrQc9SVulF3ep560AvUk3pRMvWmPvQi9aV+1J8G0EB6iQbRyzSYXqEUGkJD6VUaRq/RcHqdRtAbNJLepFH0Fo2mMTSWxlEqjacJ9DZNpHdoEk2mKTSV0mgaTad3aQbNpFn0Hs2m92kOzaV5NJ/S6QPKoAWUSR/SQvqIsmgRLaYltJSW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6mbfQJbadPaQftpF30Ge2mz2kPfUF76UvaR19RNn1N++kbOkDf0kH6zvei7+kwHaGj9AMdox/pOJ2gk3SKTtNPdIZ+prPkCUIMRShDFQZhTJgrjA1zh3HhFWGe8Mowb3hVGAmvDuPDa8J84bVh/rBAWDAsFCaEhcMioQ5NaEMKw7BoWCyMhteFxcPrwxJhybBUWDp0YZkwMbwhLBveGJYLbwrLhzeHFcJbwophpfDheyuHt4VVwtvDquEdYbXwzrB6WCOsGdYK7wprh3eHdcJ7wrrhvWG58L6wfnh/2CB8IGwYPhg2Ch8KG4cPh03CR8KmYbOwedgibBk+GrYKHwtbh23CtuHjYbvwibB9+GSYFD4Vdgif/mX9fQv+/vrksHfYJ3wxfDH0/h45Lzo/mh79IJoRXRDNjH4YXRj9KJoVXRRdHF0SXRpdFl0eXRFdGV0VXR1dE10bXRddH90Q9b5WLnDohJNOucDFuFwu1uV2ce4Kl8dd6fK6q1zEXe3i3TUun7vW5XcFXEFXyCW4wq6I084468iFrqgr5qLuOlfcXe9KuJKulCvtnCvjEl0L19K1dK3cY661a+Pausfd4+4J94R70j3pnnId3NOuo/uL6+SecZ3ds+5Z95zr6rq57u5518ONz3v+ZEt2fVwf19f1df1dfzfQDXSD3CA32A12KS7FDXVD3TA3zA13w90IN8KNdCPd3QpgtBvtxrqxLtWluglugpvoJrpJbpKb4qa4NJfmprvpboab4arMPL+XOW6Om+fmuXSX7jLcuWvGTLfQLXRZLsstdovdUrfULXfL3Uq30q12q91at9atd+vdRrfRbXab3Va31W1z29x2t93t8Fed79TtdnvcHrfX7XX73Fcu233t9rtv3AH3rTvovnOH3PfusDvijrof3DH3ozvuTriT7pQ77X5yZ9zP7qzzLjUyPjIh8nZkYuSdyKTI5MiUyNRIWmRaZHrk3ciMyMzIrMh7kdmR9yNzInMj8yLzI+mRDyIZkQWRzMiHkYWRjyJZkUWRxZElkaWRZRHvC28OfVFfzEf9db64v96X8CV9KV/aO1/GJ/obfFl/oy/nb/Ll/c2+gr/FV/SV/K3+Ed/UN/PNfQvf0j/qW/nHfGvfxrf1j/t2/gnf3j/pk/xTvoN/2nf0f/Gd/DO+s3/Wd/HP+a6+m+/un/c9/Au+p+/lk31v38e/6Pv6fr6/H+AH+pf8IP+yH+xf8Sl+iB/qX/XD/Gt+uH/dj/Bv+JExb/pRF2+RYZxP9eP9BP+2n+jf8ZP8ZD/FT/Vpfpqf7t/1M/xMP8u/52f79/0cP9fP8/N9uv/AZ/gFPtN/6Bf6j3yWX3RxUtkv9yv8Sr/Kr/Zr/Fq/zq/3G/xGv8lv9lv8Vv+x3+Y/8dv9p36H3+l3+c/8bv+53+O/8Hv9l36f/8pn+6/9fv+NP+C/9Qf9d/6Q/94f9kf8Uf+DP+Z/9Mf9CX/Sn/Kn/U/+jP/Zn+W/WWOMMcYY+0PGX2qKX685P53f+3dyxF9t3AcArtxSKPuv15+7olyb/3y7n0hoFwGAp3p1efDiUr16cnLyhW2zJATF5gJc/CbonBi4FC+CtvAEJEEbKPu74+8nup2mf9B/9GaAuL/KiYVL8aX+vwDA5N/p/9HHR2ZUCE/G/w/9zwUoUexSTm64FC+Ctr/Mr7SBcn9n/AVa/YPx5/4yFaD1X+XkgUvxpfEnwmPwNCT9akvGGGOMMcYYY+y8fuLWThfvPy/+xufv3Z8nqEs5ueBS/I/uzxljjDHGGGOMMXb5PdOt+5OPJiW16fTPN6r+r7L+cKMJ/Lt65sbvNrwHuPiIAoB/sUOAcw35nzyKTf+RfaVcOHX+dtXSUz6A/xul/DMal/mNiTHGGGOMMfanu3TR/+vH1eUaEGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlgP9J/6d2OU+RsYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+xy+38BAAD//3lG9tE=") creat(&(0x7f00000004c0)='./bus\x00', 0x20) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x80) chroot(0x0) write$bt_hci(r1, &(0x7f0000000bc0)=ANY=[], 0xa) chdir(&(0x7f0000000240)='./file0\x00') sendfile(r1, r0, 0x0, 0x40001) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) sched_setscheduler(0x0, 0x1, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x380407b, 0x0, 0x1, 0x0, &(0x7f0000000040)) 3m52.724835099s ago: executing program 2 (id=2670): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x7, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x800}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00'}, 0x94) 3m52.307440793s ago: executing program 2 (id=2674): socket$nl_generic(0x10, 0x3, 0x10) socket$netlink(0x10, 0x3, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) r0 = socket$packet(0x11, 0x3, 0x300) epoll_create(0xd) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_udp(0xa, 0x2, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) socket$inet6_sctp(0xa, 0x801, 0x84) r2 = creat(&(0x7f0000000140)='./file0\x00', 0x18a) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000001200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3", @ANYRES8=r2, @ANYRES64=r0], 0x0) 3m51.855787237s ago: executing program 42 (id=2674): socket$nl_generic(0x10, 0x3, 0x10) socket$netlink(0x10, 0x3, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) r0 = socket$packet(0x11, 0x3, 0x300) epoll_create(0xd) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_udp(0xa, 0x2, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) socket$inet6_sctp(0xa, 0x801, 0x84) r2 = creat(&(0x7f0000000140)='./file0\x00', 0x18a) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000001200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3", @ANYRES8=r2, @ANYRES64=r0], 0x0) 1m45.465560013s ago: executing program 1 (id=3059): r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) socket$can_raw(0x1d, 0x3, 0x1) unshare(0x400) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x3, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x3, 0x0, 0x809, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000180)='syzkaller\x00', 0x1, 0x99, &(0x7f0000000240)=""/153}, 0x94) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r3, &(0x7f0000000180)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r4, 0x10e, 0x2, &(0x7f0000000140)=0x2, 0x4) write$cgroup_subtree(r2, &(0x7f00000000c0)={[{0x2d, 'cpu'}, {0x2b, 'pids'}]}, 0xb) 1m40.352256172s ago: executing program 1 (id=3073): syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xffffeffffffffffe) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) getgroups(0x0, &(0x7f00000000c0)) setsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000180)={r0, 0xee01}, 0xc) 1m39.295002395s ago: executing program 1 (id=3076): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c) listen(r0, 0xfffffffc) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001280)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="110200000000000000000100000030000180060005004e21000014000400000000000000000000000000000000010800060001000000060001000a"], 0x44}}, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004404}, 0x80) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x28, r6, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x10) 1m39.209144028s ago: executing program 1 (id=3077): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) setpriority(0x2, 0x0, 0x8) 1m37.435078193s ago: executing program 1 (id=3084): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) close(0x3) r2 = socket(0x2, 0x80805, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000800)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x20, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4}], 0x1, 0x4001) shutdown(r3, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x7a, &(0x7f0000000340)={r4, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84) sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30, 0x180}], 0x1, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000001540)=@assoc_value={r5, 0x2}, 0x8) 1m36.680978946s ago: executing program 1 (id=3090): openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x9c5c2000) capset(0x0, &(0x7f00000003c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) r2 = add_key(&(0x7f0000000080)='cifs.idmap\x00', &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$revoke(0x3, r2) 1m21.42475525s ago: executing program 43 (id=3090): openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x9c5c2000) capset(0x0, &(0x7f00000003c0)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) r2 = add_key(&(0x7f0000000080)='cifs.idmap\x00', &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$revoke(0x3, r2) 18.98143824s ago: executing program 7 (id=3285): openat(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/cgroup.procs\x00', 0xe02, 0x1c0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r0 = epoll_create1(0x0) epoll_pwait2(r0, &(0x7f0000000040)=[{}], 0x1, 0x0, 0x0, 0x0) epoll_pwait2(r0, &(0x7f0000000200)=[{}], 0x1, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x0) get_mempolicy(0x0, 0x0, 0x4, &(0x7f0000745000/0x3000)=nil, 0x3) 16.854541507s ago: executing program 7 (id=3294): r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) dup2(r0, 0xffffffffffffffff) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x140) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './cgroup'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x1000) chdir(&(0x7f00000001c0)='./bus\x00') creat(&(0x7f0000000240)='./file1\x00', 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000080)="c2f742b15efaf3b42f712a35930152325cffed3ae8c8d3f31bb0bb166b3f05bf170f31099dce058c3b100048ac18b2fc7aa421fd3a2c974e4c1b2bdf6b0aeac7847f79edc9442b4ee34666d67e1df6eee3f2a0a14d709922dab3de0a02ec83c0626199dc3294c00e84cb42a354b87b933644b3c6bd27e24c21af58f878a2b0826eb434c405061aa1", 0x88}], 0x1) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x10, &(0x7f0000000100)={[{@dioread_lock}]}, 0x5, 0x7eb, &(0x7f00000008c0)="$eJzs3ctrW9kZAPDvyvKjTlK7UGjSlaHQGoLlOnWTFrpI6aIUGgi06yZCVkxq2QqWHGJjSEMpdFNoQxeFdpN12mZ2s53HduZfmNkMw5CQmXHCJMxi8HD1iGVbcuREljPx7wfXPuc+dM53H+ce+R6uAziyJtIfmYhTEfH3JGKsMT+JiMFaKhtxvr7ek431Qjolsbn5u8+S2jqPN9YL0bJNjI7GsUbmZES885eI05nd5VZW1xbypVJxuZGfri5em66srk1dXczPF+eLS2dnZmfPnPvpueHexfrF+2vHH/zj1z/6//kv//y9e397N4nzcbyxrDWOl9Ws8kRM1PdJDKa7cJtf9aqwV0Ry2BXghaSX5kD9Ko9TMZaNoe63zR5kxQCAA3MzIjYBgCMmcf8HgCOm+XeAxxvrhXTavHm4f4/ot4e/jIiRevzN55v1JdnGM7uR2nPQ0cfJtucdSUSM96D8iYj4z5t/+G86RY+fQwLs5U+3IuLy+ESz/d9qf5JdYxbquh+Q8eNmYo/BARM78to/6J+30v7Pz7b6f1vXX+ZZ/yfa9H+G21y7L2Iito842X39Z+73oJiO0v7fLwa3xrY9aYm/YXygkTtR6/MNJleulopp2/btiJiMweE0P9P+42vDyyYfffVo29yWiFv7f5/f/uPdtPz099YamfvZHU3uXL6a70XsqYe3Ir6fbRd/8uz4Jx36vxe7LOM3P//rvzstS+NP421O2+M/+FFlm3cifhjt429K9hqfeHa6djpMN0+KNt746F+jncpvPf7plJZf/y5wovfBtpEe/9G94x9PWsdrVvZfxnt3xt7utKxz/E27zv+0Ovmh5Pe1TPNSupGvVpdnIoaS3+6ef2Zr42a+uX4a/+QP2l//e53/6XfCy13Gn33w6f+eG39zxq74G0a6LGyf0vjn9nX82ybSr8IdFuVL954sDHQqv7vjP5smBiYbc7pp/zrWNF8qDbWs88I7DgAAAAAAAAAAAAAAAAAAAAAAAAD2IVN7SWmSyT1LZzK5XNT+h/d3YzRTKleqp6+UV5bm6i8zHY/B4YiovepyrOV9qDON9+E382d25H8SEd+JiH8Of6uWzxXKpbnDDh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGo51+P//qU+G67+fHmoNAYADMfLcNR4V+1IRAKBvnn//j4jhg68HANA/Xd3/AYDXivs/ABw9I5nDrgEA0G8jEdnDrgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACvtYsXLqTT5tON9UKan7u+urJQvj41V6ws5BZXCrlCeflabr5cni8Vc4XyYsumH7T7vFK5fG02llZuTFeLlep0ZXXt0mJ5Zal66epifr54qTjYt8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoHuV1bWFfKlUXG4k7o5GbJ/Tp8RAo0K9/OSp4/2Ooh+JzbH6nnpV6tPzxMjOOR9PfXhyr61u7zqNJV46cZitEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA3x9cBAAD//35gGBo=") syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0, 0x0, 0x0) renameat2(0xffffffffffffff9c, &(0x7f00000007c0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000680)='./file1\x00', 0x2) socket$netlink(0x10, 0x3, 0xf) 14.995415244s ago: executing program 7 (id=3302): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x80, 0x0, 0x0) ioctl$FS_IOC_MEASURE_VERITY(0xffffffffffffffff, 0xc0046686, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000140)={0x10020}) socket$igmp(0x2, 0x3, 0x2) sendmsg$NL80211_CMD_START_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4001}, 0x15) r0 = syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000100)='./file0\x00', 0x2a00005, &(0x7f0000000340)=ANY=[], 0x0, 0x2c6, &(0x7f0000000840)="$eJzs3c9KK1ccB/Bv7s2/ezcR2lXpYqBQupKrbxCKBWmgYAnUrgxVaTEiRBDaRXXXd+nj9DH6ArVQSKkTY2JTreh1NH4+EOZHznxnzklCJglnJjsfHx7sHh3vb3/we9rtIvXkLH8myau8zsS0SGppZtZZAIDnZmtr0K26D7xfo1F30EjS+ldLv1FJhwAAAAAAAAAAALi3hfP/z5OVmfn/tcnylfn/ALAUzP9ffqNRd/B28vltXv/XSjoEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkOR8PO6Mb7hV3T8A4OHd5/j/x7j0eL0FAB7C/PG/dpb4/g8Ay+587lhfi9//AWD5fb397ZfdXm9jqyjayeEvJ/2Tfrks27v7+SHD7OVdOvkrGU+V9Rf13sa74sJKdg5PJ/nTk9ZkB5f5tXSysiC/2dtYK/PFXL7fyNvZ/a+nkw8X59cX5pv57JOZ/Go6+e27HGWY3fyTvcr/vFYUn3/Vu5ZvXawHAAAAAAAAAAAAAAAAAAAAj2G1mJo/f7//umxf/a/2JI3JRm66PsDm9PoA186vr+ejeqVDBwAAAAAAAAAAAAAAAAAAgCfj+MefDgbD4d5IcXPxaWtRU23+njcP+6hePklVj/1uRTu3rfPmf26wmScwnGdfjDvlq+iO8YrekAAAAAAAAAAAAAAAAAAA4AW7Ouk3aVbdGQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoyNX//9+5+Ob7chO3rlz1GAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICX4e8AAAD//+TX3yY=") connect$unix(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='shortad,partition=00000000000000000005,noadinicb,uid=', @ANYRESDEC=0x0, @ANYBLOB=',gid=', @ANYRESDEC=0x0, @ANYBLOB=',volume=0000000000000006,\x00\x00\x00\x00\x00'], 0x1, 0x489, &(0x7f0000000580)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO") symlink(0x0, 0x0) rename(0x0, 0x0) fstatfs(r0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x240, 0x0) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e0a0f0d04"], 0xd) 12.277747078s ago: executing program 7 (id=3313): r0 = epoll_create1(0x80000) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040)={0xa0000004}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, 0x0) unshare(0x2c020400) r4 = socket$inet6(0xa, 0x2, 0x0) syz_open_dev$video4linux(0x0, 0x1000000, 0x2000) poll(&(0x7f0000000140)=[{r3, 0x8}, {r2, 0x2cfc08c20dafc34e}, {r4, 0xa8}, {r0, 0xf102}], 0x4, 0x8000007) syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2) 11.27982915s ago: executing program 6 (id=3316): ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x104, 0x4, 0x3d0, 0x100, 0x0, 0x0, 0x2e8, 0x2e8, 0x2e8, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local={0x2, 0x80, 0xc2, 0x7}}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bridge0\x00', 'veth1_vlan\x00'}, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}, {{@arp={@multicast2, @loopback, 0x0, 0x0, 0x0, 0x0, {@mac}, {@mac=@random="065dcf9efb68"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'ip6gretap0\x00', 'vlan0\x00'}, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xe0}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x420) r0 = socket(0x1e, 0x4, 0x0) bind$tipc(r0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x12) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$unix(0x1, 0x5, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) sendmsg$IPSET_CMD_SWAP(r0, 0x0, 0x40024) 10.467141755s ago: executing program 9 (id=3318): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x18, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x30000000}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x50, 0x6000000}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfff0}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x20}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0xf1}, {0x7, 0x1, 0x2, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x3, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 10.461476966s ago: executing program 4 (id=3319): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000200)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8) fsopen(0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) syz_usb_disconnect(0xffffffffffffffff) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) 7.936261864s ago: executing program 9 (id=3320): unlink(0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha256)\x00'}, 0x58) bind$packet(0xffffffffffffffff, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r1) r2 = openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0) lseek(r2, 0x0, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) setxattr$system_posix_acl(0x0, &(0x7f0000000040)='system.posix_acl_access\x00', 0x0, 0x0, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)='./file0\x00') 7.751690179s ago: executing program 9 (id=3321): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_io_uring_complete(0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 7.751317819s ago: executing program 4 (id=3322): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000600)='./file0\x00', 0x0, &(0x7f0000000640), 0x1, 0x5ba, &(0x7f0000000c40)="$eJzs3V+IXFcdB/Dfnd1Nm2Rr0tiorbFZDbWB0J3NZhMSEbHEatWkVhQfSiEs2eluyOzOmt1AdyrY4ktREMEXEYSKfbAiGshLpdT2ocUXBaX+oVJj8A+IULRSEEEdOXdmtmNz0xR3sxdzPx+4u+ece3fOmR2+c+/M/RdAZY2lH1nEaEScj4ht3ep/LzDW/dU+cG4uTVl0Op/6S5YvN3Pg3Fx/0f7fbU0/hiOuj4gdR7PYM3Jpv0sr7dPTzWbjTK9eX55frC+ttO84NT8925htLBw8PHVk8tDU4an1e64TP9my84+33XPx8ef+/s9v/OrQ99J4R3vzBp/HehmLsd7/ZCRuHGgfziI+tt6dlWSo+1LHbQNt2XCJA+JN63R2fDe9fm+NiD15/rfFUHRfvBefuv9v2+IXd5c9RuDq6fQVz36lA1yzavk2cFYbj4huuVYbH+9uw98UW2rN1tLyvgdaZxdmutvK22Ok9sCpZmOi91lhe4xkqb4/L79Wn3xd/UBEvg386NDmvD5+stWc2eg3OyA3GnHh/GdPbtr6uvz/aaibf+DalfL/8+effCaVXx0qezTARkr5/86r8x8P+YfKkX+oLvmH6pJ/qC75h+qSf6gu+Yfqkn+oLvmH6pJ/qK5+/u89fjzuPX78d+3e+e8LrdlTp+cWj0xOjM+fPTl+snVmcXy21ZrNz9iZv/LjNlutxf2TcfbB+nJjabm+tNI+Md86u7B8Ij+v/0Sj4FIAQAk+sLNz1427n30xi4iH37c5n5JNvfmyCte2TieLss9BBsrhoz9Ul0u1QXX5jA9kV5h//eVmNNd/LMDGqJU9AKA0t99s/x9Ule//obp8/w/VZRsf8P0/VI/v/6G6Ri9z/68bBu7dNRERb4mIHw+NXNe/1xfw/2s04sKFb32mvnofbgUFBYXVQtnvUMDV9lroyx4JUJaZA+fm+tNG9fn07Eb1BBR5+c7uQUAp9+3e1J0zvLpvYCSvPbLufb/0aMRY/OA3j+2dG0pT9N6H1r0joNDDKdbvKFr/Z/m+ge295XZ0F4ubImJnRLwtIt6+xr6/9smU/+cbg23yDxvnzeb/5oi4NSJuiYh3RsSuiHjXGvv+2fmU/19uHmyTf6iGzz1X9giAsnz0ybJHAJTlPscYQGV9+6GyRwCU5anvlz0CoCxffqHsEUC1PXtnREwU7f+r5fv7+0Z61wW8rnctgM0RsSUitvbOIbyhd47gtoF9hldy4hMRY3HrDwfb7P+DjdM//q99yfF/tdXj/4YiYvca+nj6/aNfKmqf3pXy//hD/eP/0pT67x8LCFxdLz8ScUth/rPVawNmkXIa8e7/sY+xz198oqj9hXvS4478VP6hHJ1vRrw3ivPfl0r15fnF+tJK+478Pt6zjYWDh6eOTB6aOjxVzy8RUu9fKKTAsb++sq+o/aXJlP+vH5R/KEda/2+5TP4Ht//fs4Y+jn71i/cVtY/+PuV/1zNvnP/anzdln87r/fsSPDi9vHxmf8Sm7Nil7ZNrGChc4/oZ6Wco5X/vnuLP/zt6f5PW/0cj4kNpeyEi/hUR/46IuyLiwxHxkYi4+w36/MrtsxeL2n/7RMr/Y6et/6EcKf8zV1j/p9//WEMf+/b+6AtF7R/cnfI//us/HLt/OE3yDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALD+llbap6ebzcaZq1go+zkCAAAAAABAVfwnAAD//9GlNWE=") r1 = syz_open_procfs(0x0, &(0x7f0000000140)='mountinfo\x00') r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x1}) poll(&(0x7f0000000980)=[{r2, 0xb51c}], 0x1, 0x5) sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="b8000000190001000000000000000100e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="08001d0000000000100000000000000002000000010000000000000000000000ff0f001e0000000073b4ffffffffffffffffffffffff0ed66cf8000000000000000000001000000000000000000000200200ff0000000000fffffffffffffffffeffffff000000000000000300000000"], 0xb8}}, 0x4004) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2, 0xfffffffffffffffb}, {0x0, 0x40000000000000, 0x200000000000000}, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x4000015}, 0x2c000010) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="c40000001b000100feffffff00004000e00000020000000000000000000000000000000020"], 0xc4}, 0x1, 0x0, 0x0, 0x40100}, 0x2c000010) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) fremovexattr(r5, &(0x7f0000000040)=@random={'security.', 'cgroup2\x00'}) readlink(0x0, &(0x7f0000000240)=""/119, 0x77) 7.687033272s ago: executing program 6 (id=3323): setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x290, 0x130, 0x111, 0x4b4, 0x130, 0xd4feffff, 0x270, 0x20a, 0x278, 0x270, 0x278, 0x3, 0x0, {[{{@ipv6={@private2, @remote, [0xffffffff, 0xff000000], [0x0, 0x0, 0x0, 0xffffff00], 'dvmrp0\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x0, 0xa8, 0xd0}, @common=@inet=@TCPMSS={0x28}}, {{@uncond, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x8ba4, 0x0, 0x80000001, '\x00', {0x10000}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000200), 0xffffffc1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_int(r1, 0x29, 0x2, &(0x7f0000004240)=0xc3, 0x4) recvmmsg(r1, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000001, &(0x7f0000000300)={0xa, 0x4e20, 0x5, @mcast1}, 0x1c) preadv2(0xffffffffffffffff, 0x0, 0x0, 0x3, 0x88a, 0xb) r2 = openat(0xffffffffffffff9c, 0x0, 0x42842, 0x0) unlink(0x0) openat(0xffffffffffffff9c, 0x0, 0x143042, 0x2a0) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, 0x0) 6.76516877s ago: executing program 9 (id=3325): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a, 0x2}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) mmap$fb(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x13, r2, 0xd8000) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000440)="97713b46fbaa2b1044f2d408ffca802db4d770eb9874f493e0ef367e4bde497c403b450c72ff2417d079bb892435a1e107fa5c0ecd207d9e6f2a209bf148e6bc56955cb53347d1499097488fcad724a1"}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000600)=[@reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0) 6.611817445s ago: executing program 6 (id=3326): semctl$IPC_STAT(0x0, 0x0, 0x2, 0x0) getdents64(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xb7, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x90}, [@ldst={0x6, 0x0, 0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x47}, 0x48) 6.611221845s ago: executing program 8 (id=3327): r0 = syz_mount_image$exfat(&(0x7f00000041c0), &(0x7f0000000000)='./file0\x00', 0x810c90, &(0x7f0000000140)=ANY=[@ANYBLOB='iocharset=maciceland,utf8,errors=continue,utf8,uid=', @ANYRESHEX=0x0, @ANYRES16=0x0], 0x1, 0x1520, &(0x7f0000000440)="$eJzs3AucTtX6OPDnWWvtMSbpbZLLsNZ6Nm9yWSZJIklySZIkSXJLSJrkSEJiyC1pSJLkMiSXISSXaUwa9/tdEpKkSZKQ3JL1/wh/p1Pndzq/0zl+nzPP9/PZn1nPu/ez9trv8+733Xu9M/Ntl6E1G9eq1pCI4F+C538kA0AsAAwEgKsAIACA8vHl48+tzy0x+V/bCftzPZh2uUfALieuf87G9c/ZuP45G9c/Z+P652xc/5yN65+zcf0Zy8k2Tit0NS85d+H5/5yMP///i2SXGfPl6jLXdgWI+aMpXP+cjev/Xyv4Ixtx/XM2rn9OFXu5B8D+D+DzPyfI9XfXcP1zNq4/YznZv3+OWbnLPcf9Py0QydnfgVzu1x9jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsZzhpL9EAcDF9uUeF2OMMcYYY4wxxv48PtflHgFjjDHGGGOMMcb+/RAESFAQQAzkgljIDXEgAOBKyAtXQQSuhni4BvLBtZAfCkBBKAQJUBiKgAYDFghCKArFIArXQXG4HkpASSgFpcFBGUiEG6As3Ajl4CYoDzdDBbgFKkIluBUqw21QBW6HqnAHVIM7oTrUgJpQC+6C2nA31IF7oC7cC/XgPqgP90MDeAAawoPQCB6CxvAwNIFHoCk0g+bQAlr+r/Kfhx7wAvSEXpAMvaEPvAh9oR/0hwEwEF6CQfAyDIZXIAWGwFB4FYbBazAcXocR8AaMhDdhFLwFo2EMjIVxkArjYQK8DRPhHZgEk2EKTIU0mAbT4V2YATNhFrwHs+F9mANzYR7Mh3T4ADJgAWTCh7AQPoIsWASLYQkshWWwHFbASlgFq2ENrIV1sB42wEbYBJthC2yFj2EbfALb4VPYATthF3wGu+HzfzL/xN/kd0VAQIECFSqMwRiMxViMwzjMg3kwL+bFCEYwHuMxH+bD/JgfC2JBTMAELIJF0KBByk1YFItiFKNYHItjCSyBpbAUOnSYiIlYFm/EclgOy2N5rIAVsCJWwkpYGStjFayCVbEqVsNqWB2rY02siXfhXdgb62AdrIt1sR7Wuzg9hQ2xITbCRtgYG2MTbIJNsSk2x+bYEltiK2yFrbE1tsW22A7bYXtsj0mYhB2wA3bEjtgJO2Fn7IxdsAt2xW7YLfv5XIAv4AvYC6uL3tgH+2BfTMnVHwfgAHwJB+HL+DK+gik4BIfiq/gqvobD8TiOwDdwJI7EKuItHI1jkMQ4TMVUnIATcCJOxEk4GSfjVEzDaTgdp+MMnIkz8T2cje/j+zgX5+J8TMd0zMAFmImZuBBPYBYuwsW4BJfiMlyKK3AlrsDVuAZX4zpchxtwA27CTbgFL56sCgA/xZ24E1NwN+7GPbgH9+Je3If7MBuzcT/uxwMW8CAexEN4CA/jETyKR/AYHsPjeAJPYr8LXT2b8HWjT0quSgFxjhJKxIgYEStiRZyIE3lEHpFX5BURERHxIl7kE/lEfpFfFBQFRYJIEEVEEWGEESTCGAAQUREVxUVxUUKUEKVEKeGEE4kiUZQVZUU5UU6UFzeLCuIWUVFUEm1cZVFZVBFtXVVxh6gmqonqooaoKWqJWqK2qC3qiDqirqgr6ol6or64XzQQvbE/PijOVaaxGIJNxFBsKpoJeeFIWonh2Fq0EW3F4+INHIHtRSuXJJ4SHcRo7Cj+IsbgM6KzGIddxHOiq+gmuovnRQ/R2vUUvcQk7C36iKnYV/QT/cUAMQNriPdwdu6a4hWRIoaIoeJVMR9fE8PF62JEbxAjxZtilHhLjBZjxFgxTqSK8WKCeFtMFO+ISWKymCKmijQxTUwX74oZYqaYJd4Ts8X7Yo6YK+aJ+SJdfCAyxAKRKT4UC8VHIkssEovFErFULBPLxQqRG1aJ1WKNWCvWifVig9goNonNYovYKj4W28QnYrv4VOwQO8Uu8ZnYLT4Xe8QXYq/4UuwTX4ls8bXYL74RB8S34qD4ThwS34vD4og4Kn4Qx8SP4rg4IU6KU+K0+EmcET+Ls8ILkCiFlFLJQMbIXDJW5pZx8gqZRwYXnt2rZby8RuaT18r8soAsKAvJBFlYFpFaGmklyVAWlcVkVF4ni8vrZQlZUpaSpaWTZWSivEGWlTfKcvImWV7eLCvIW2RFWUneKivL22QVebuEyPl9VJc1ZE1ZS94lk+FuWUfeI+vKe2U9eZ+sL++XDeQDsqF8UDaSD8nG8mHZRD4im8pmsrlsIVvKR2Ur+ZhsLdvItvJx2U4+IdvLJ2WSfEp2kP7CS+QZ2Vk+K7vI52RX2U12lz/Ls9LLnrKXhN4g+8gXZV/ZT/aXA+RA+ZIcJF+Wg+UrMkUOkUPlq3KYfE0Ol6/LEfINOVK+KUfJt+RoOUaOleNkqhwvJ8i35UT5jpwkJ8spcqpMk9Nk/ws9zZLyH+a//Tv5g3/Z+wa5UW6Sm+UWuVV+LLfJT+R2uV3ukDvkLrlL7pa75R65R+6Ve+U+uU9myzvkfrlfHpAH5EF5UB6Sh+RheUSekj/IY/JHeVyekCfkKXlanpZnLjwHoFAJJZVSgYpRuVSsyq3i1BUqj7pS5VVXqYi6WsWra1Q+da3KrwqogqqQSlCFVRGllVFWkQpVUVVMRdV1F9+jVClVWjlVRiWqG/6ZfFVcXa9KqJK/yr84vuS/M76WqqVqpVqp1qq1aqvaqnaqnWqv2qsklaQ6qA6qo+qoOqlOqrPqrLqoLqqr6qq6q+6qh+qheqqeKlklqz7qRdVX9VP91QA1UL2kBqlBarAarFJUihqqhqphapgaroarEWqEGqlGqlFqlBqtRquxaqxKValqgpqgJqqJapKapKaoKSpNpanparqaoWaoWWqWmq1mqzlqjpqn5ql0la4yVIbKVJlqoVqostQitUgtUUvUMrVMrVAr1Cq1Sq1Ra9Q6tU5lqY1qo9qsNqutaqvaprap7Wq72qF2qF1ql9qtdqs9ao/aq/aqfWqfylbZar/arw6oA+qgOqgOqUPqsDqsjqqj6pg6po6r4+qkOqlOq9PqjDqjzqqz5y77AhGIQAUqiAligtggNogL4oI8QZ4gb5A3iASRID6ID/IF1wb5gwJBwaBQkBAUDooEOjCBDcSFokeD64LiwfVBiaBkUCooHbigTJAY3BCUDW4MygU3BeWDm4MKwS1BxaBScGtQObgtqBLcHlQN7giqBXcG1YMaQc2gVnBXUDu4O6gT3BPUDe4N6gX3BfWD+4MGwQNBw+DBoFHwUNA4eDhoEjwSNA2aBc2DFkHLP7V/748XeMz11L10su6t++gXdV/dT/fXA/RA/ZIepF/Wg/UrOkUP0UP1q3qYfk0P16/rEfoNPVK/qUfpt/RoPUaP1eN0qh6vJ+i39UT9jp6kJ+speqpO09P0dP2unqFn6ln6PT1bv6/n6Ll6np6v0/UHOkMv0Jn6Q71Qf6Sz9CK9WC/RS/UyvVyv0Cv1Kr1ar9Fr9Tq9Xm/QG/UmvVlv0Vv1x3qb/kRv15/qHXqn3qU/07v153qP/kLv1V/qfforna2/1vv1N/qA/lYf1N/pQ/p7fVgf0Uf1D/qY/lEf1yf0SX1Kn9Y/6TP6Z31W+3MX9+c+3o0yysSYGBNrYk2ciTN5TB6T1+Q1ERMx8Sbe5DP5TH6T3xQ0BU2CSTBFTBFzDhkyRU1REzVRU9wUNyVMCVPKlDLOOJNoEk1ZU9aUM+VMeVPeVDAVTEVT0dxqbjW3mdvM7eZ2c4e5w9xp7jQ1TA1Ty9QytU1tU8fUMXVNXVPP1DP1TX3TwDQwDU1D08g0Mo1NY9PENDFNTVPT3DQ3LU1L08q0Mq1Na9PWtDXtTDvT3rQ3SSbJdDAdTEfT0XQynUxn09l0MV1MV9PVdDfdTQ/Tw/Q0PU2ySTZ9TB/T1/Q1/U1/M9AMNIPMIDPYDDYpJsUMNUPNMDPMDDfDzQjzhhl57kLVvGVGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXkm3aSbDJNhMk2mWWgWmiyTZRabxWapWWqWm+VmpVlpVpvVZi2sNevNerPRbDSbzWaz1Ww128w2s91sNzvMDrPL7DK7zW6zx+wxe81es8/sM9km2+w3+80Bc8AcNAfNIXPIHDaHzVFz1Bwzx8xxc9ycNCfNaVPgwuelN7E2t42zV9g89kqb115l/zYuaAvZBFvYFrHa5rcFfhUba20JW9KWsqWts2Vsor3hN3FFW8neaivb22wVe7ut+pu4tr3b1rH32Lr2XlvL3vWruJ69z9a3D9sGiAC2mW1kW9jG9mHbxD5im9pmtrltYdvZJ2x7+6RNsk/ZDvbp38QZdoFdaVfZ1XaN3WF32pP2lD1gv7Wn7U+2p+1lB9qX7CD7sh1sX7Epdshv4pH2TTvKvmVH2zF2rB33m3iKnWrT7DQ73b5rZ9iZv4nT7Qd2ts20c+xcO8/O/yXOsGgz7Yd2of3IZtkAFtsldqldZpfbFf9/rEvsOrvebrDb7ad2s91it9qP7baLF8J2p91lP7O77ed2v/3G7rVf2n32oM22X/8Snzu+g/Y7e8h+bw/bI/ao/cEesz+qi9nnjv0H+7M9a70FQgKSpCigGMpFsZSb4ugKykNXUl66iiJ0NcXTNZSPrqX8VIAKUiFKoMJUhDQZskQUUlEqRlG6ji4OrxSVJkdlKJFuoLJ0I5Wjm6g83UwV6BaqSJVyX9iMbqeqdAdVozupOtWgmlSL7qLadDfVoXuoLt1L9eg+qk/3UwN6gBrSg9SIHqLG9DA1oUeoKTWj5tSCWtKj1Ioeo9bUhtrS49SOnqD29CQl0VPUgZ6mjvQX6kTPUGd6lrrQc9SVulF3ep560AvUk3pRMvWmPvQi9aV+1J8G0EB6iQbRyzSYXqEUGkJD6VUaRq/RcHqdRtAbNJLepFH0Fo2mMTSWxlEqjacJ9DZNpHdoEk2mKTSV0mgaTad3aQbNpFn0Hs2m92kOzaV5NJ/S6QPKoAWUSR/SQvqIsmgRLaYltJSW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6mbfQJbadPaQftpF30Ge2mz2kPfUF76UvaR19RNn1N++kbOkDf0kH6zvei7+kwHaGj9AMdox/pOJ2gk3SKTtNPdIZ+prPkCUIMRShDFQZhTJgrjA1zh3HhFWGe8Mowb3hVGAmvDuPDa8J84bVh/rBAWDAsFCaEhcMioQ5NaEMKw7BoWCyMhteFxcPrwxJhybBUWDp0YZkwMbwhLBveGJYLbwrLhzeHFcJbwophpfDheyuHt4VVwtvDquEdYbXwzrB6WCOsGdYK7wprh3eHdcJ7wrrhvWG58L6wfnh/2CB8IGwYPhg2Ch8KG4cPh03CR8KmYbOwedgibBk+GrYKHwtbh23CtuHjYbvwibB9+GSYFD4Vdgif/mX9fQv+/vrksHfYJ3wxfDH0/h45Lzo/mh79IJoRXRDNjH4YXRj9KJoVXRRdHF0SXRpdFl0eXRFdGV0VXR1dE10bXRddH90Q9b5WLnDohJNOucDFuFwu1uV2ce4Kl8dd6fK6q1zEXe3i3TUun7vW5XcFXEFXyCW4wq6I084468iFrqgr5qLuOlfcXe9KuJKulCvtnCvjEl0L19K1dK3cY661a+Pausfd4+4J94R70j3pnnId3NOuo/uL6+SecZ3ds+5Z95zr6rq57u5518ONz3v+ZEt2fVwf19f1df1dfzfQDXSD3CA32A12KS7FDXVD3TA3zA13w90IN8KNdCPd3QpgtBvtxrqxLtWluglugpvoJrpJbpKb4qa4NJfmprvpboab4arMPL+XOW6Om+fmuXSX7jLcuWvGTLfQLXRZLsstdovdUrfULXfL3Uq30q12q91at9atd+vdRrfRbXab3Va31W1z29x2t93t8Fed79TtdnvcHrfX7XX73Fcu233t9rtv3AH3rTvovnOH3PfusDvijrof3DH3ozvuTriT7pQ77X5yZ9zP7qzzLjUyPjIh8nZkYuSdyKTI5MiUyNRIWmRaZHrk3ciMyMzIrMh7kdmR9yNzInMj8yLzI+mRDyIZkQWRzMiHkYWRjyJZkUWRxZElkaWRZRHvC28OfVFfzEf9db64v96X8CV9KV/aO1/GJ/obfFl/oy/nb/Ll/c2+gr/FV/SV/K3+Ed/UN/PNfQvf0j/qW/nHfGvfxrf1j/t2/gnf3j/pk/xTvoN/2nf0f/Gd/DO+s3/Wd/HP+a6+m+/un/c9/Au+p+/lk31v38e/6Pv6fr6/H+AH+pf8IP+yH+xf8Sl+iB/qX/XD/Gt+uH/dj/Bv+JExb/pRF2+RYZxP9eP9BP+2n+jf8ZP8ZD/FT/Vpfpqf7t/1M/xMP8u/52f79/0cP9fP8/N9uv/AZ/gFPtN/6Bf6j3yWX3RxUtkv9yv8Sr/Kr/Zr/Fq/zq/3G/xGv8lv9lv8Vv+x3+Y/8dv9p36H3+l3+c/8bv+53+O/8Hv9l36f/8pn+6/9fv+NP+C/9Qf9d/6Q/94f9kf8Uf+DP+Z/9Mf9CX/Sn/Kn/U/+jP/Zn+W/WWOMMcYY+0PGX2qKX685P53f+3dyxF9t3AcArtxSKPuv15+7olyb/3y7n0hoFwGAp3p1efDiUr16cnLyhW2zJATF5gJc/CbonBi4FC+CtvAEJEEbKPu74+8nup2mf9B/9GaAuL/KiYVL8aX+vwDA5N/p/9HHR2ZUCE/G/w/9zwUoUexSTm64FC+Ctr/Mr7SBcn9n/AVa/YPx5/4yFaD1X+XkgUvxpfEnwmPwNCT9akvGGGOMMcYYY+y8fuLWThfvPy/+xufv3Z8nqEs5ueBS/I/uzxljjDHGGGOMMXb5PdOt+5OPJiW16fTPN6r+r7L+cKMJ/Lt65sbvNrwHuPiIAoB/sUOAcw35nzyKTf+RfaVcOHX+dtXSUz6A/xul/DMal/mNiTHGGGOMMfanu3TR/+vH1eUaEGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlgP9J/6d2OU+RsYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+xy+38BAAD//3lG9tE=") syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x27) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000240)={'#! ', './file2'}, 0xb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r2, 0x0, 0x0) mknodat$loop(r0, 0x0, 0x2, 0x1) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x109980, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4) prctl$PR_MCE_KILL(0x23, 0x8, 0x7fffffffeffe) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r5, 0x4188aea7, &(0x7f00000015c0)={0xf, 0x0, [{0x2, 0x0, 0x41}, {0x3, 0x0, 0xae}, {0x4, 0x0, 0x331c}, {0x9, 0x0, 0x80}, {0x1, 0x0, 0x2c}, {0x4bae, 0x0, 0x4}, {0xfffffffb, 0x0, 0x7}, {0x80, 0x0, 0x6}, {0xa, 0x0, 0x3d}, {0xd6, 0x0, 0x8}, {0x4, 0x0, 0xffffffffffffffff}, {0x3, 0x0, 0x5}, {0x9, 0x0, 0x1}, {0xa26f, 0x0, 0xfffffffffffff801}, {0x4, 0x0, 0x3}, {0x40, 0x0, 0x10f4}]}) 6.529166017s ago: executing program 4 (id=3328): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x1}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r1 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000000180)=0xffffffffffffffff) fcntl$setsig(r2, 0xa, 0x12) ppoll(&(0x7f0000000100)=[{r3}], 0x1, 0x0, &(0x7f0000000080)={[0x8001a0efffffff]}, 0x8) dup2(r2, r3) fcntl$setown(r3, 0x8, r1) tkill(r1, 0x13) 6.227487637s ago: executing program 9 (id=3329): r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @dev={0xac, 0x14, 0x14, 0xf}}, 0xc) r1 = socket$inet_udp(0x2, 0x2, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000004200)={0x2020}, 0x2020) bind$inet(r1, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f) connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x300) setsockopt$inet_int(r1, 0x0, 0x17, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000001c00)={{{@in6=@local}}, {{@in=@multicast2}, 0x0, @in=@multicast1}}, &(0x7f0000001a80)=0xe8) madvise(&(0x7f0000000000/0x4000)=nil, 0xffffffffdfffffff, 0x1) unshare(0x6020400) socket$igmp6(0xa, 0x3, 0x2) r2 = open(0x0, 0x0, 0x112) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r2, 0xc080661a, 0x0) 5.533255468s ago: executing program 6 (id=3330): openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x244c82, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) syz_mount_image$squashfs(&(0x7f0000000400), &(0x7f0000000200)='./file0\x00', 0x4000000, &(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES16=0x0], 0x0, 0x197, &(0x7f0000000240)="$eJzs0bFrFEEUx/Hvm5nb2xQxnohFBHOgeO6h5G6DFlaHlUIWLGwEDz0uawxulHOvMCHBs5CARPMvaCFaiqCViIJ1sBAsNDbpJFcEC7GQk92bE/wbMp/mx3vLPmbe3Eg7aRH4s7vSpkFOs49PCAaYkmFPqWG+sfUPmxvD4Jyt122+sDmZLi3fbCVJfKd8tkzpvwbws1wswb9W2uOQYkxoIF92V9otuRYxaLCo5iJKs1QfoZt0gsdMmnEOXkUzqKxzQdGRyixMTHd9ptOl5VMLi635eD6+FYYzZ+5Rq53Ozp/EtddI8FAUT1gliChGjAWrFJo82DSDCXvXLS3VPl6TjU194ujJPirYYYDwvtKn+M14qEscx7/CyFN0nvsVhusLSVw7j1xUr6RuPptfBYXf09pv307m1i4r+e09b8iOL/VtCpU6YbXOTLYaDvCBtS16o7Hb35mSt9naRns1+beXtjrMEZ553G11uz4efJT7EPYgLMF4Pk5FHMsemHf2Hxt8FRzHcRzHcRzHcZw9428AAAD//8JRXD8=") r5 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) recvmmsg(r5, &(0x7f0000004400)=[{{0x0, 0x0, 0x0}, 0x1000}], 0x1, 0x2, 0x0) readv(r5, &(0x7f0000000080), 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}, 0x1, 0x0, 0x0, 0x400c000}, 0x0) sendmsg$NL80211_CMD_JOIN_OCB(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='\'\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010025bd7000ffdbdf256c00000008000300", @ANYRES32=r1, @ANYBLOB="080026006c0900000800270001"], 0x2c}, 0x1, 0x0, 0x0, 0x4000004}, 0x44010) 5.446295541s ago: executing program 8 (id=3331): openat$udambuf(0xffffffffffffff9c, 0x0, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x104}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = mq_open(&(0x7f0000000000)='!selinu\xff\x7f\x00\x00inux\x00T\x8b\xb5\xf3\xcb\xdd\xe3\xbf2\x86\x01\x84\xdd\x8a\x8f_l\xa1L\xb1\xef\xb2\xc9\xf7+C\xb2\x8e9\xb8\xec\x1a\xe5\xaeq\x8fZ\xff\xbcY+\xaf0<\xa3\xb8\"Zm\x1c\x18\x11\x93\xb5z \xc2\x8b\xa9\xc5\x9es\t\xfe\x002\xa0-\xaf\xcdP\x9f\xe5Iv\xce*\xa8\xa3\x14i\x05\x8f\x9b\x1eB\x9f\x9d#E\x19\xdc\xfe\xc7\xeb\xb5\xcd\xc8\xe2U\xce\x00\x00', 0x6e93ebbbcc0884f2, 0x2c, &(0x7f0000000300)={0x0, 0x1, 0x3}) mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0) mq_timedreceive(r3, &(0x7f0000000340)=""/200, 0xc8, 0xffc99a3b00000000, 0x0) 4.412589563s ago: executing program 8 (id=3332): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setuid(0xee00) prlimit64(0x0, 0x6, &(0x7f0000000040), 0x0) r3 = syz_io_uring_setup(0x48ce, &(0x7f0000000140)={0x0, 0xd353, 0x3000, 0x2, 0x19a}, &(0x7f0000000040)=0x0, &(0x7f0000000200)=0x0, &(0x7f0000000000)=0x0) syz_ublk_add_dev(r3, r4, r5, r6, &(0x7f0000000340)={0x2e, 0x4d, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f0000000440)=@any_dev={0x3, 0x3b7, 0x0, 0x0, 0x1000, 0x7, 0xffffffffffffffff}}}, &(0x7f00000003c0)) 4.375388524s ago: executing program 6 (id=3333): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) sched_setparam(0x0, 0x0) socket$inet(0x2, 0x2, 0x1) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000016c0)=@newsa={0xf0, 0x10, 0x1, 0xfff7fffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in=@local, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc, 0x40}, 0x70bd2a, 0x3504, 0x2, 0x1, 0x0, 0x20}}, 0xf0}, 0x1, 0x0, 0x0, 0x8801}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x21891d, &(0x7f0000000500)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800000}}, {@noblock_validity}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@resgid}, {@noinit_itable}, {@quota}, {@noauto_da_alloc}, {@sysvgroups}, {@resgid, 0x32}]}, 0x1, 0x4e8, &(0x7f0000000f40)="$eJzs3d9rW9cdAPDvla0sP5zZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYX/AYIxtsKc99aXQP6BQ8ieUQqB9L21pKW3SPhTaRkVXUuI4ku0QWUqtzweOde659+p7joSO7rn3+CqAvnUmIs5GxKNqtXo+IoYb5ZlGis16qm338MGdmVpKolq9/kkSkdTLapuNbXnOY43dDkfEH38X8Zfk2bjl9Y3F6WKxsNpYzleWVvLl9Y0LC0vT84X5wvLk5MTlqStTl6bGO9LOoYi4+psP/v2PV3579Y2f3Xr3xkdjf00a5RFP2tFp9aZn09eiaTAiVvcjWI8Mpi0EAODboHmc/+OIOB/DMZAezQEAAAAHSfWXQ/FVElEFAAAADqxMOgc2yeQa8wCGIpPJ5epzeL8fRzPFUrny07nS2vJsfa7sSGQzcwvFwnhjrvBIZJPa8kSaf7J8cdvyZESciIh/DR9Jl3MzpeJsr09+AAAAQJ84tm38//lwffy/xZc9qxwAAADQOSM7rTzUvXoAAAAA+2fH8T8AAABwIBj/AwAAwIH2+2vXaqna/P3r2Zvra4ulmxdmC+XF3NLaTG6mtLqSmy+V5tN79i3t9nzFUmnl57G8djtfKZQr+fL6xo2l0tpy5cbCUz+BDQAAAHTRiR/deyeJiM1fHElT+I9/6BuDz7Px+/tXD6D7BnpdAaBnnuv7HzhQsr2uANBzyS7r207eebPzdQEAAPbH6A9aX/8f2PXcwGamS1UE9onzf9C/XP+H/uX6P/SvbAyEgTz0t91uAfri1/+r1eeqEAAA0HFDaUoyuYj0PMBQZDK5XMTxdEyQTeYWioXxiPhuRLw9nP1ObXki3TPZdc4wAAAAAAAAAAAAAAAAAAAAAAAAAFBXrSZRBQAAAA60iMyHSXo3/4jR4XND288PHEq+GE4fI+LW/67/5/Z0pbI6USv/9HF55b+N8ou9OIMBAAAAbNccpzfH8QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQSQ8f3Jlppm7G/fjXETHSKv5gHE4fD0c2Io5+lsTglv2SiBjoQPzNuxFxslX8pFatGGnUolX8Iz2Of6wD8aGf3av1P79q9fnLxJn0sfXn73LaQ7249v1f5nH/N9Aifq3s+B5jnLr/Wr5t/LsRpwZb9z/N+Emb/ufsHuP/+U8bG+3WVf8fMdry+yd5Kla+srSSL69vXFhYmp4vzBeWJycnLk9dmbo0NZ6fWygWGn9bxvjnD19/tFP7j7aJP7JL+8/tsf1f37/94Hv1bPbx7smT+GNnW7//J9vEzzTe/5808rX1o838Zj2/1elX3zq9U/tn27R/t/d/bI/tP/+Hv7+3x00BgC4or28sTheLhdW+zrzQq1E7LHopWvHSZWoHpMXa6/qS1OeZzN/24ZlrR+a9blcnMj3tlgAAgH3w7BgYAAAAAAAAAAAAAAAAAAAA6LZu3E4suy3mZvq3E3fPBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADonG8CAAD//+y20KM=") sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000dc0)={0x18, 0x38, 0x107, 0x70bd2d, 0x259fdbfe, {0x5, 0x7c}, [@nested={0x4, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x4048011}, 0x8010) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid\x00') r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r2, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="18000000000301"], 0x18}, 0x1, 0x0, 0x0, 0x20008001}, 0x4000080) syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x300800b, &(0x7f0000000200)={[{@minixdf}, {@delalloc}, {@journal_async_commit}, {@debug}, {@dioread_nolock}, {@jqfmt_vfsold}, {@nogrpid}, {@noauto_da_alloc}]}, 0x1, 0x60b, &(0x7f0000000bc0)="$eJzs3c9vVVUeAPDvfX0tLWWmhUxmhlkMTSYTSGYotMCETFzA1hCC0bhxY6UFkQINrdEiCSXBjYlxY4yJKxfiX6ESXbhxpStN3LgyJEQNSxKfue/d275X7iv05y3czyd5ffeecw/nXPq+79x3es59AVTWSPqjFrE3ImaSiKFkYTGvHlnmSOu4+79dP5s+kmg0nv8liSRLy49PsufBrHB/RHz7ZRJ7fvj6oXpn569dnJienrqa7R+auzRzaHb+2sELlybOT52fujz+v/Hjx44eOz52eE3ndaMg7dSt194Yeuf0S5989CAZ+/TH00mciGezA9vPY6OMxEjz/yR5KKcvjm90ZSXpyV4nPW1pSb3EBrEq+e+vNyL+FkPRE0u/vKF4+7lSGwdsqkYS0QAqKhH/UFH5dUD+2X755+BaKVclwFa4d7I1APBw/NdbY4PR3xwb2Hk/ifZhnSQi1jYy12lXRHzz1enFMbLNGIcDii3cjIi/F8V/0oz/4eiP4Wb81zriP70uOJM919dxnbB8qFj8w9ZpxX//ivEfXeL/5bb4f2WN9Y8sbb460BH/A2s9JQAAAAAAAKisOycj4r9Ff/+vLc7/iYL5P4MRcWID6h9Ztp/Xv7SerHa3S9HrG1A9VNq9kxHPFM7/reWzeoZ7sq0/NecD9CbnLgxMHY6IP0fEgejdce7C9NTYCnUcfHfPh93yRlrz/27lj7T+9HnpiNrd+o7OMpMTcxPrPW8g4t7NiH8Uzv9NFvv/pKD/T98PZh6zjj3/vn2mW96j4x/YLI2PI/YX9v9Ld61IVr4/x6G0/89+Ftbxz7fe+7xb/e3x35xonO0/qt1uMQHrl/b/O1eO/+Gk/X49s6uv48h8vdEtb63X/33JC80hgr4s7c2JubmrYxF9yameNLUjfXz1bYanUR4Pebyk8X/gXyuP/xVd/w9ExMKyfzv5tXNNce6vvw/+1K09rv+hPGn8T66q/y/ayI5dWEz5LCvbPGb89vAX3ep/vP7/aLOvP5ClGP+Dlg/yMO3rTC+I1HpR1la3FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeBrWI2BVJbXRxu1YbHY0YjIi/xM7a9JXZuf+cu/L65ck0r/n9/7X8m36HWvtJ/v3/w23748v2j0TE7oh4v2eguT969sr0ZNknDwAAAAAAAAAAAAAAAAAAANvEYJf1/6mfe8puHbDp6mU3AChNQfx/V0Y7gK2n/4fqEv9QXeIfqkv8Q3WJf6gu8Q/VJf6husQ/AAAAAAA8VXbvu/N9EhEL/x9oPlJ9WV5vqS0DNlut7AYApXGLH6guU3+gunrX9B7QaDQam9IcoARJ66m/W35hRtJWck1mzq6jMAAAAAAAAAAAAABUzv691v9DVa1v/f8D64DgCWb9P1RXvvZ33+qKdV0nCDw5fMYH4hEr+bt3+OtZ/w8AAAAAAAAAAAAArMbs/LWLE9PTU1dtvLg9mrGVG41G40b6Ktgu7XnCN/Kp8NulPcs28rV+j1eqvPckAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg0x8BAAD//6pwIQ8=") 4.245965108s ago: executing program 4 (id=3334): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) r0 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) socket$kcm(0x10, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x402) socket$inet_tcp(0x2, 0x1, 0x0) pselect6(0x40, &(0x7f0000000180)={0x6, 0x0, 0x1fd, 0x7d, 0xfffffffffffffffd, 0x7f, 0x104, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xae07, 0x9, 0x4, 0x15, 0x80000006, 0x8}, 0x0, 0x0) 3.5668684s ago: executing program 9 (id=3335): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x5, 0x8006}, 0x4) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6, 0x9, 0x0, 0x10001}]}, 0x10) syz_emit_ethernet(0x3e, &(0x7f0000001200)={@local, @broadcast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "b81923", 0x8, 0x0, 0x0, @local, @rand_addr=' \x01\x00', {[@dstopts={0x84}]}}}}}, 0x0) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000940)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x4e1e2563543d84f9}, @TCA_TBF_PBURST={0x8, 0x7, 0x1fc0}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0xffbf}, {0x0, 0x0, 0x0, 0x8, 0x2, 0x3}, 0x0, 0x81}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xcb59372f370e8465}]}}]}, 0x78}}, 0x4000080) openat$kvm(0xffffffffffffff9c, 0x0, 0x83, 0x0) 3.421045844s ago: executing program 8 (id=3336): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_io_uring_complete(0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2.504638773s ago: executing program 6 (id=3337): syz_mount_image$hfsplus(&(0x7f0000000240), &(0x7f0000000c40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2018018, &(0x7f0000000500)=ANY=[], 0x5, 0x6b5, &(0x7f0000001540)="$eJzs3c9vHGf9B/D3rNeOnW+Ur9MmbYSKiBKpgCISJ1YK4YJBCOVQoaocOFuJ01jZOJXtVm6FwAUEJyQO/QMKksWFExL3oHAuJ3r1sRISl4iD1YvRzM6u1951bCf+lfJ6RbPzzDzPPPOZzz4z493NagP8z7p1Oc1HKXLr8ptL5fLqymRrdWXyRF3dSlKWG0mzPUsxlxSPk6myvmivL+fpnff5ePbm2589Wf28vdRMz3aNp203wIC2y/WUC0mG6nm/4d3uYlN/t5Oc6msystu+Og2nOg+XOgtw1Nb7LO9l872ct8Ax07k7Fe37Zp/x5GSS0frvgNRXh8bhRXgw9nSVAwAAgBfUpw+POgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB48dS//1/UU6Oe50KKzu//j3TW1eUX2qOjDgAAAAAAAAAA9sHX1rKWpZzuLK8X1Wf+F6uFs/liPfm/vJeFzGQ+V7KU6SxmMfO5lmS8p6ORpenFxflr3S1Lg7e8PnDL64d1xAAAAAAAAADwpfTL3Nr4/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI6DIhlqz6rpbKc8nkYz7bqRst1y8o9O+QVRDFr56PDjAAAAgOcy+gzb/P9a1rKU053l9aJ6zf9K9Xp5NO9lLouZzWJamcmd+jV0+aq/sboy2VpdmXxQTv39fv/fewqj6rF+f2Hwns9XLcZyN7PVmiu5XQVzJ41qy9L5TjyD4/qojKn4Xm2XkTXrtJY7+/127yLsi72+FTFeBpd0MzJRx1Zm40w7A0X1Rk2yNRM7PjvNrXtKI8PdPV1Lo/vOz9kDyPnJel4ez28ONOd71c1EI1UmrveMvld6spCcSt9Z8fW//vmn91pz9+/dXbh8fA6pqzFw7dDWFWO9W2yMicmeTLz69DFxzDPR3GP7iSoT57rLt/Kj/CSXcyFvZT6zeT/TWcxM1uv66Xo8l4/jT8/U1Kalt3aKZKQeoe3nbDcxXcgPq9J0Llbbns5sijzMnczkjerf9VzLt3MjN3Kz5xk+t23c1bFVZ31j61nfeab/NjD4S9+oC+UA++3GQJt62hH3jc591r72l3k905PX9qh/0m31p2++39y4Cm9k6aVOdoYHdv4s18bmV+pCuY9fbXvWHoXxKkvDa/9MuneJTnQvtzPRrO5F/eP8D9W5sdCauz9/b/rdbfpf3rL8ej0vh9XKV3cR4HD34YCV4+WljNZXkjM9V8mJqu7l7lXmzKa76kj9iUu7rtFXd66qK4rOmfrjbc/UkfpvuP6erld1rw6sm6zqzvfUbfp7Kw/Typ1DyB8Az2k8J0fG/jX26dgnY78euzf25ugPTnznxGsjGf778HebE0OvN14r/pJP8vON1/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCzW/jgw/vTrdbM/OBCY/uqHQo79bylUNQ/6PNM+zqGhdEkm9YMlysOPYyxrWH0FdZ/kRx6fjo/Iji4ze/KQjO76XBqpzYf7T3CL05sF9iXsjCUwQPgiC9MwIG7uvjg3asLH3z4rdkH0+/MvDMzN3zjxs2JmzfemLx6d7Y1M9F+POoogYOwcdM/6kgAAAAAAAAAAACA3Rr0xYCLp3b60siuvuPhfxYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA++LW5TQfpci1iSsT5fLqymSrnDrljZbNJI1GUvwsKR4nU2lPGe/prsgfH2d9wH4+nr359mdPVj/f6KvZbp806vlzWK6nXEgyVM/3q7/bz91f8Z/OEZYJu9RJHBy1/wYAAP//cjv1OA==") mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) bind$alg(0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) socket$nl_route(0x10, 0x3, 0x0) sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x40, 0x0, 0x0) setsockopt$packet_int(r0, 0x107, 0x8, 0x0, 0x0) recvmmsg(r0, 0x0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x40800) openat(0xffffffffffffff9c, 0x0, 0x343102, 0x1) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x824851, 0x0, 0x1, 0x0, &(0x7f0000000d40)) socket$nl_netfilter(0x10, 0x3, 0xc) link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 2.435964544s ago: executing program 4 (id=3338): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x2}, &(0x7f00000002c0)="f5", 0x30, 0xfffffffffffffffe) syz_open_dev$loop(&(0x7f0000000180), 0x75d, 0x2480) r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r3, r4, r3}, &(0x7f00000000c0)=""/83, 0x53, 0x0) 1.725078327s ago: executing program 7 (id=3339): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0) close(r2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$unix(r3, &(0x7f0000001140)={0x0, 0x2, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x0, 0x808e}, 0x40000100) write$cgroup_devices(r2, &(0x7f0000000400)=ANY=[], 0xfffffeff) 1.521887813s ago: executing program 8 (id=3340): memfd_create(&(0x7f0000000000)='%]/\x00', 0x2) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xa2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8) sendfile(r0, r0, 0x0, 0x200000) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) pipe2(0x0, 0x84800) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x2219, 0x7721, 0x16, 0x0, 0x0) 691.640019ms ago: executing program 4 (id=3341): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=ANY=[@ANYBLOB="0a000000d2cf00003d36000002"], 0x48) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000380)={r3, &(0x7f0000001940), 0x0}, 0x20) 224.854463ms ago: executing program 7 (id=3342): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000100)={0x5152, 0x0, 0x0, 0x0, 0x132, 0x3}) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000071114200000000008510000002000000850000000500000095000d00000000009500a50000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r4, 0x0, 0x0}, 0x10) 0s ago: executing program 8 (id=3343): socket$packet(0x11, 0x2, 0x300) socket(0x10, 0x803, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$inet6(0xa, 0x80001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x2, 0x79, 0x10, 0x28}, [@ldst={0x6, 0x3, 0x0, 0x0, 0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$nl_rdma(0x10, 0x3, 0x14) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000000714010000000000000000000800", @ANYRES32=r1], 0x30}}, 0x94) kernel console output (not intermixed with test programs): z1 is full, maxelem 65536 reached [ 363.558407][T10783] Process accounting resumed [ 363.983753][T10812] x_tables: arp_tables: NFQUEUE target: not valid for this family [ 364.046298][ T4281] Bluetooth: hci1: command 0x0c1a tx timeout [ 364.367242][ T4281] Bluetooth: hci4: command 0x0c1a tx timeout [ 364.536447][ T4281] Bluetooth: hci2: command 0x0c1a tx timeout [ 365.812452][T10837] 9pnet: p9_errstr2errno: server reported unknown error 184467440737 [ 366.135649][ T4281] Bluetooth: hci1: command 0x0406 tx timeout [ 366.445630][ T4281] Bluetooth: hci4: command 0x0406 tx timeout [ 366.615443][ T4281] Bluetooth: hci2: command 0x0406 tx timeout [ 366.956338][T10877] device syz_tun left promiscuous mode [ 366.974968][T10877] bridge0: port 3(syz_tun) entered disabled state [ 367.103567][T10877] device vlan2 left promiscuous mode [ 367.150379][T10877] device ip6gretap0 left promiscuous mode [ 367.183950][T10877] bridge0: port 2(vlan2) entered disabled state [ 367.238787][T10877] device bridge_slave_0 left promiscuous mode [ 367.268287][T10877] bridge0: port 1(bridge_slave_0) entered disabled state [ 368.228288][T10892] loop6: detected capacity change from 0 to 512 [ 368.302762][T10880] device macvlan2 entered promiscuous mode [ 368.348636][T10880] device bond3 entered promiscuous mode [ 368.386244][T10880] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 368.400294][T10880] device bond3 left promiscuous mode [ 368.932617][T10915] batman_adv: batadv0: Interface deactivated: dummy0 [ 368.955774][T10915] batman_adv: batadv0: Removing interface: dummy0 [ 368.973283][T10915] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready [ 369.030081][T10915] bond0: (slave bond_slave_0): Releasing backup interface [ 369.076434][T10915] bond0: (slave bond_slave_1): Releasing backup interface [ 369.106821][T10915] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 369.149850][T10915] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 369.192817][T10915] bond3: (slave vti0): Releasing backup interface [ 369.231375][T10915] device vti0 left promiscuous mode [ 369.572288][T10938] bridge0: port 2(bridge_slave_1) entered disabled state [ 369.579746][T10938] bridge0: port 1(bridge_slave_0) entered disabled state [ 369.620002][T10938] device bridge_slave_1 left promiscuous mode [ 369.637333][T10938] bridge0: port 2(bridge_slave_1) entered disabled state [ 369.650484][T10938] device bridge_slave_0 left promiscuous mode [ 369.671128][T10938] bridge0: port 1(bridge_slave_0) entered disabled state [ 369.672636][T10940] binder: 10939:10940 ioctl c0306201 200000000480 returned -14 [ 370.074773][T10957] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1787'. [ 370.583799][T10975] netlink: 'syz.2.1794': attribute type 1 has an invalid length. [ 370.612989][T10973] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1793'. [ 370.710988][T10975] 8021q: adding VLAN 0 to HW filter on device bond4 [ 370.855957][T10986] bond4: (slave ip6gretap1): making interface the new active one [ 370.891580][T10986] bond4: (slave ip6gretap1): Enslaving as an active interface with an up link [ 371.090092][T11001] loop2: detected capacity change from 0 to 512 [ 371.134806][T11001] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 371.203116][T11001] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal [ 371.309723][T11008] lo speed is unknown, defaulting to 1000 [ 371.345166][T11008] lo speed is unknown, defaulting to 1000 [ 371.382431][T11008] lo speed is unknown, defaulting to 1000 [ 371.762030][T10291] lo speed is unknown, defaulting to 1000 [ 371.768213][T11008] infiniband sz1: set active [ 371.773577][T11008] infiniband sz1: added lo [ 371.840903][T11008] RDS/IB: sz1: added [ 371.848222][T11008] smc: adding ib device sz1 with port count 1 [ 371.854707][T11008] smc: ib device sz1 port 1 has pnetid [ 371.866154][T10291] lo speed is unknown, defaulting to 1000 [ 371.899287][T11014] lo speed is unknown, defaulting to 1000 [ 372.228183][T11008] lo speed is unknown, defaulting to 1000 [ 372.632751][T11008] lo speed is unknown, defaulting to 1000 [ 372.842869][T11052] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1817'. [ 372.996550][T11008] lo speed is unknown, defaulting to 1000 [ 373.306276][T11063] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1821'. [ 373.369835][T11008] lo speed is unknown, defaulting to 1000 [ 373.545159][T11069] netlink: 180 bytes leftover after parsing attributes in process `syz.2.1823'. [ 373.736074][T11008] lo speed is unknown, defaulting to 1000 [ 373.883920][T11082] device ip6gre2 entered promiscuous mode [ 373.933556][T11086] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 373.949964][ T127] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 373.980219][ T127] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 374.012840][T10291] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 374.193829][T11008] lo speed is unknown, defaulting to 1000 [ 374.460244][T10291] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 374.508450][T10291] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 376.382817][T11146] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 376.391854][T11146] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 376.400800][T11146] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 376.409866][T11146] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 376.455169][T11146] netdevsim netdevsim8 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 376.464318][T11146] netdevsim netdevsim8 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 376.473513][T11146] netdevsim netdevsim8 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 376.482489][T11146] netdevsim netdevsim8 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 376.504228][T11152] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 376.627442][T11148] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 376.713069][T11148] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 376.742821][T11148] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 376.798275][T11148] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 377.018785][T11150] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 377.027720][T11150] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 377.036538][T11150] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 377.045258][T11150] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 377.139107][T11150] netdevsim netdevsim8 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 377.148166][T11150] netdevsim netdevsim8 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 377.157192][T11150] netdevsim netdevsim8 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 377.166837][T11150] netdevsim netdevsim8 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 378.285715][ C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 378.917708][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.924127][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.501153][T11222] lo speed is unknown, defaulting to 1000 [ 380.125332][T11231] netlink: 11 bytes leftover after parsing attributes in process `syz.2.1863'. [ 380.684824][T11245] lo speed is unknown, defaulting to 1000 [ 381.592997][T11280] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 381.650308][T11280] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 381.682898][T11280] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 381.710433][T11280] bond0: (slave bond_slave_0): Releasing backup interface [ 381.801737][T11280] bond0: (slave bond_slave_1): Releasing backup interface [ 381.938791][T11280] team0: Port device team_slave_0 removed [ 381.988407][T11280] team0: Port device team_slave_1 removed [ 382.044073][T11281] team0: Mode changed to "activebackup" [ 382.103040][ T4281] Bluetooth: hci1: unexpected event for opcode 0x0c14 [ 383.709571][ T27] audit: type=1326 audit(1781149616.514:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11326 comm="syz.3.1884" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5559ce59 code=0x7ffc0000 [ 383.805781][ T27] audit: type=1326 audit(1781149616.514:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11326 comm="syz.3.1884" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5559ce59 code=0x7ffc0000 [ 383.939923][ T27] audit: type=1326 audit(1781149616.514:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11326 comm="syz.3.1884" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5559ce59 code=0x7ffc0000 [ 384.070046][ T27] audit: type=1326 audit(1781149616.514:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11326 comm="syz.3.1884" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f3d5559ce59 code=0x7ffc0000 [ 384.182730][ T27] audit: type=1326 audit(1781149616.514:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11326 comm="syz.3.1884" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5559ce59 code=0x7ffc0000 [ 384.309279][ T27] audit: type=1326 audit(1781149616.514:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11326 comm="syz.3.1884" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5559ce59 code=0x7ffc0000 [ 384.457827][ T27] audit: type=1326 audit(1781149616.514:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11326 comm="syz.3.1884" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5559ce59 code=0x7ffc0000 [ 384.914385][ T27] audit: type=1326 audit(1781149616.514:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11326 comm="syz.3.1884" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5559ce59 code=0x7ffc0000 [ 384.943570][T11345] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1886'. [ 385.059471][ T27] audit: type=1326 audit(1781149616.514:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11326 comm="syz.3.1884" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f3d5559ce59 code=0x7ffc0000 [ 385.145626][ T27] audit: type=1326 audit(1781149616.514:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11326 comm="syz.3.1884" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d5559ce59 code=0x7ffc0000 [ 385.176129][T11345] netlink: 32 bytes leftover after parsing attributes in process `syz.8.1886'. [ 385.220086][T11345] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1886'. [ 385.265963][T11345] netlink: 32 bytes leftover after parsing attributes in process `syz.8.1886'. [ 385.589536][T11351] lo speed is unknown, defaulting to 1000 [ 385.645546][ T4291] Bluetooth: hci4: command 0x0406 tx timeout [ 387.405523][ C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 387.420110][T11401] lo speed is unknown, defaulting to 1000 [ 388.086829][T11422] device syz_tun entered promiscuous mode [ 389.887712][T11443] lo speed is unknown, defaulting to 1000 [ 391.166524][T11485] netlink: 'syz.2.1926': attribute type 1 has an invalid length. [ 391.238850][T11485] 8021q: adding VLAN 0 to HW filter on device bond5 [ 391.275539][T11486] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 391.283425][T11489] bond5: up delay (35976) is not a multiple of miimon (100), value rounded to 35900 ms [ 391.651721][T11496] loop2: detected capacity change from 0 to 256 [ 391.725168][T11496] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 392.170635][T11505] pit: kvm: requested 134933 ns i8254 timer period limited to 200000 ns [ 392.196344][T11518] overlayfs: failed to clone upperpath [ 392.248568][T11505] pit: kvm: requested 129066 ns i8254 timer period limited to 200000 ns [ 392.289087][T11505] pit: kvm: requested 25980 ns i8254 timer period limited to 200000 ns [ 392.301040][T11521] overlayfs: failed to clone upperpath [ 392.316534][T11505] pit: kvm: requested 177676 ns i8254 timer period limited to 200000 ns [ 392.350653][T11505] pit: kvm: requested 189409 ns i8254 timer period limited to 200000 ns [ 392.384688][T11505] pit: kvm: requested 181866 ns i8254 timer period limited to 200000 ns [ 392.407135][T11505] pit: kvm: requested 189409 ns i8254 timer period limited to 200000 ns [ 392.428887][T11505] pit: kvm: requested 170133 ns i8254 timer period limited to 200000 ns [ 392.452305][T11505] pit: kvm: requested 9219 ns i8254 timer period limited to 200000 ns [ 392.536502][T11505] pit: kvm: requested 45257 ns i8254 timer period limited to 200000 ns [ 393.004670][T11523] lo speed is unknown, defaulting to 1000 [ 393.616947][T11543] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1940'. [ 394.958596][T11592] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1950'. [ 395.027963][T11593] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1950'. [ 396.906156][ T4601] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 397.112145][ T4601] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 397.134663][ T4601] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 397.258055][ T4601] usb 3-1: config 0 descriptor?? [ 397.940863][ T4281] Bluetooth: hci1: Invalid handle: 0xff00 > 0x0eff [ 398.393016][T11670] overlayfs: failed to clone upperpath [ 398.709924][T11599] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 398.719056][T11599] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 398.728069][T11599] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 398.737206][T11599] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 398.877139][ T4601] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00 [ 398.885113][T11656] lo speed is unknown, defaulting to 1000 [ 398.905026][ T4601] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 398.931052][ T4601] [drm:udl_init] *ERROR* Selecting channel failed [ 398.997603][ T4601] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2 [ 399.013719][ T4601] [drm] Initialized udl on minor 2 [ 399.045365][ T4601] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 399.074799][ T4601] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 399.117362][ T4601] usb 3-1: USB disconnect, device number 2 [ 399.150091][ T4594] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed [ 399.184979][ T4594] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed [ 399.220680][ T4594] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 399.701438][T11697] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1973'. [ 400.498384][T11719] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1981'. [ 400.524064][T11719] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1981'. [ 400.541361][T11721] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 400.984833][ T27] kauditd_printk_skb: 64 callbacks suppressed [ 400.984908][ T27] audit: type=1804 audit(1781149633.784:399): pid=11736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1995" name="bus" dev="ramfs" ino=62585 res=1 errno=0 [ 401.065672][ T27] audit: type=1804 audit(1781149633.824:400): pid=11736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1995" name="bus" dev="ramfs" ino=62585 res=1 errno=0 [ 401.755869][T11753] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1987'. [ 401.765006][T11753] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1987'. [ 401.778239][T11753] device syz_tun entered promiscuous mode [ 401.785014][T11753] device syz_tun left promiscuous mode [ 403.726161][T11777] tipc: Failed to remove unknown binding: 66,0,0/0:4167376714/4167376716 [ 403.734771][T11777] tipc: Failed to remove unknown binding: 66,0,0/0:4167376714/4167376715 [ 403.827617][T11777] tipc: Failed to remove unknown binding: 66,0,0/0:4167376714/4167376716 [ 403.865445][T11777] tipc: Failed to remove unknown binding: 66,0,0/0:4167376714/4167376715 [ 406.001810][ C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 408.613878][T11846] x_tables: ip_tables: osf match: only valid for protocol 6 [ 410.313253][T11869] overlayfs: failed to clone upperpath [ 410.526444][T11877] netlink: 'syz.8.2029': attribute type 4 has an invalid length. [ 410.543148][T11877] netlink: 'syz.8.2029': attribute type 4 has an invalid length. [ 410.801415][T11891] netlink: 'syz.2.2032': attribute type 1 has an invalid length. [ 410.868211][T11891] 8021q: adding VLAN 0 to HW filter on device bond6 [ 410.946591][T11894] device macvlan4 entered promiscuous mode [ 411.003810][T11894] device bond6 entered promiscuous mode [ 411.011195][T11894] 8021q: adding VLAN 0 to HW filter on device macvlan4 [ 411.024603][T11894] team0: Port device macvlan4 added [ 412.448674][T11929] overlayfs: failed to clone upperpath [ 414.312263][T11972] netlink: 'syz.2.2050': attribute type 1 has an invalid length. [ 414.517433][T11972] 8021q: adding VLAN 0 to HW filter on device bond7 [ 415.649120][T11998] loop2: detected capacity change from 0 to 512 [ 415.937726][T11998] EXT4-fs: Ignoring removed i_version option [ 415.943782][T11998] EXT4-fs: Ignoring removed oldalloc option [ 416.048458][T11998] EXT4-fs (loop2): Test dummy encryption mode enabled [ 416.099230][T12003] 9pnet_fd: Insufficient options for proto=fd [ 416.107723][T11998] EXT4-fs (loop2): 1 truncate cleaned up [ 416.120326][T11998] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 416.409101][T11998] EXT4-fs error (device loop2): ext4_ind_map_blocks:604: inode #13: comm syz.2.2056: Can't allocate blocks for non-extent mapped inodes with bigalloc [ 416.456146][T11998] EXT4-fs error (device loop2): ext4_free_branches:1043: inode #13: block 234881024: comm syz.2.2056: Read failure [ 416.599758][ T8258] EXT4-fs (loop2): unmounting filesystem. [ 417.809904][T12027] syz.3.2065 sent an empty control message without MSG_MORE. [ 417.985790][T12045] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2071'. [ 418.016480][T12045] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2071'. [ 418.077008][T12045] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2071'. [ 418.757941][ T4291] Bluetooth: hci4: unexpected event for opcode 0x042d [ 419.529475][T12083] loop2: detected capacity change from 0 to 512 [ 419.559995][T12083] EXT4-fs: Ignoring removed nobh option [ 419.568583][T12083] EXT4-fs: Ignoring removed orlov option [ 419.626362][T12083] EXT4-fs error (device loop2): __ext4_iget:5102: inode #11: block 1: comm syz.2.2081: invalid block [ 419.686149][T12083] EXT4-fs error (device loop2): ext4_orphan_get:1410: comm syz.2.2081: couldn't read orphan inode 11 (err -117) [ 419.728252][T12083] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 419.806942][T12083] EXT4-fs error (device loop2): ext4_add_entry:2486: inode #2: comm syz.2.2081: Directory hole found for htree leaf block 0 [ 419.996532][ T8258] EXT4-fs (loop2): unmounting filesystem. [ 420.008373][T12101] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2088'. [ 420.252719][T12107] Bluetooth: MGMT ver 1.22 [ 423.110083][T12152] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2098'. [ 423.399294][T12164] netlink: 'syz.2.2103': attribute type 1 has an invalid length. [ 423.580877][T12168] bond8: (slave veth3): Enslaving as an active interface with a down link [ 423.627395][T12164] bond8: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 424.075778][T12196] loop2: detected capacity change from 0 to 512 [ 424.127545][T12196] EXT4-fs (loop2): orphan cleanup on readonly fs [ 424.164545][T12196] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz.2.2114: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 48132(4), depth 0(0) [ 424.362786][T12196] EXT4-fs error (device loop2): ext4_orphan_get:1410: comm syz.2.2114: couldn't read orphan inode 13 (err -117) [ 424.459247][T12196] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 425.283855][ T8258] EXT4-fs (loop2): unmounting filesystem. [ 425.742293][T12230] tmpfs: Bad value for 'nr_inodes' [ 426.464231][ T27] audit: type=1800 audit(1781149659.264:401): pid=12225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2121" name="bus" dev="ramfs" ino=63774 res=0 errno=0 [ 427.171752][T12263] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2126'. [ 428.115531][T12280] loop2: detected capacity change from 0 to 256 [ 428.348224][T12286] delete_channel: no stack [ 428.355543][T12286] delete_channel: no stack [ 429.029276][T12288] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2136'. [ 429.310638][T12288] team0: Port device team_slave_0 removed [ 429.357199][T12300] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2140'. [ 430.061929][T12339] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2150'. [ 430.862158][T12373] dns_resolver: Unsupported server list version (55) [ 433.079050][ T4291] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 434.077307][T12441] kvm: pic: non byte read [ 434.082294][T12441] kvm: pic: non byte read [ 434.106068][T12441] kvm: pic: single mode not supported [ 434.106571][T12441] kvm: pic: level sensitive irq not supported [ 434.128243][T12441] kvm: pic: level sensitive irq not supported [ 434.156578][T12441] kvm: pic: single mode not supported [ 434.179845][T12441] kvm: pic: single mode not supported [ 434.206510][T12441] kvm: pic: single mode not supported [ 434.211923][T12441] kvm: pic: level sensitive irq not supported [ 437.567756][T12524] tipc: New replicast peer: 255.255.255.255 [ 437.608656][T12524] tipc: Enabled bearer , priority 10 [ 437.831541][T12533] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2201'. [ 437.901123][T12531] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2200'. [ 437.912648][T12531] bond0: option arp_all_targets: invalid value (18446744073491447808) [ 437.922690][T12540] bond1: (slave dummy0): Removing an active aggregator [ 438.012746][T12540] bond1: (slave dummy0): Releasing backup interface [ 438.224501][T12540] bridge4: port 1(dummy0) entered blocking state [ 438.372282][T12540] bridge4: port 1(dummy0) entered disabled state [ 438.619226][T12540] device dummy0 entered promiscuous mode [ 438.688294][T12533] netlink: 'syz.8.2201': attribute type 10 has an invalid length. [ 438.705504][T12533] netlink: 40 bytes leftover after parsing attributes in process `syz.8.2201'. [ 438.758121][T12533] bridge4: port 1(dummy0) entered blocking state [ 438.764563][T12533] bridge4: port 1(dummy0) entered forwarding state [ 438.826081][T12533] bridge4: port 1(dummy0) entered disabled state [ 439.474247][T12581] loop2: detected capacity change from 0 to 2048 [ 439.588377][T12581] loop2: p1 < > p4 [ 439.588377][T12581] p4: [ 439.630266][T12581] loop2: p4 size 722688 extends beyond EOD, truncated [ 439.667141][T12581] loop2: p6 start 262464109 is beyond EOD, truncated [ 439.697598][T12581] loop2: p7 size 2304 extends beyond EOD, truncated [ 439.890412][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.897015][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.581101][T12624] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2226'. [ 442.427721][T12634] overlayfs: failed to clone upperpath [ 442.509651][T12637] overlayfs: './file0' not a directory [ 443.014157][T12651] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2231'. [ 443.725703][ C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 444.097751][T12660] netlink: 92 bytes leftover after parsing attributes in process `syz.6.2231'. [ 444.129278][T12660] HTB: quantum of class 8014000C is small. Consider r2q change. [ 450.019855][T12750] loop2: detected capacity change from 0 to 8 [ 450.087730][T12750] SQUASHFS error: Failed to read block 0x62: -5 [ 450.118710][T12750] squashfs image failed sanity check [ 451.413912][T12802] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2267'. [ 453.051805][T12814] netlink: 'syz.6.2271': attribute type 1 has an invalid length. [ 453.085563][T12814] netlink: 'syz.6.2271': attribute type 2 has an invalid length. [ 454.109390][T12837] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2279'. [ 454.124434][T12838] loop2: detected capacity change from 0 to 512 [ 454.234943][T12838] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 454.503664][ T8258] EXT4-fs (loop2): unmounting filesystem. [ 456.852946][T12913] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2293'. [ 457.325501][ T4291] Bluetooth: hci2: command 0x0406 tx timeout [ 457.394963][T12926] overlayfs: failed to clone upperpath [ 459.965597][T12963] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2305'. [ 460.025268][T12966] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2307'. [ 460.114668][T12963] netlink: 92 bytes leftover after parsing attributes in process `syz.1.2305'. [ 460.166369][T12963] HTB: quantum of class 8015000C is small. Consider r2q change. [ 460.402244][T12979] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2311'. [ 461.878903][T12988] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2312'. [ 463.178994][T13030] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2322'. [ 463.258024][T13030] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2322'. [ 463.307206][T13030] HTB: quantum of class 8016000C is small. Consider r2q change. [ 464.046727][T13041] netlink: 'syz.3.2325': attribute type 4 has an invalid length. [ 464.167820][T13044] netlink: 'syz.3.2325': attribute type 4 has an invalid length. [ 464.821870][T13043] loop2: detected capacity change from 0 to 131072 [ 464.906255][T13043] F2FS-fs (loop2): Found nat_bits in checkpoint [ 464.958451][T13043] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 465.079384][ T27] audit: type=1804 audit(1781149697.884:402): pid=13043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.2324" name="/newroot/229/file1/bus" dev="loop2" ino=10 res=1 errno=0 [ 467.938224][T13124] sch_tbf: burst 19872 is lower than device lo mtu (11337746) ! [ 470.627999][T13172] netlink: 'syz.3.2355': attribute type 1 has an invalid length. [ 470.636799][T13174] x_tables: ip_tables: osf match: only valid for protocol 6 [ 470.694143][T13172] netlink: 'syz.3.2355': attribute type 2 has an invalid length. [ 474.514091][T13226] x_tables: ip_tables: osf match: only valid for protocol 6 [ 475.896282][ T27] audit: type=1326 audit(1781149708.704:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13255 comm="syz.1.2380" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa69799ce59 code=0x7ffc0000 [ 475.955875][ T27] audit: type=1326 audit(1781149708.704:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13255 comm="syz.1.2380" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa69799ce59 code=0x7ffc0000 [ 476.417795][ T27] audit: type=1326 audit(1781149708.704:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13255 comm="syz.1.2380" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa69799ce59 code=0x7ffc0000 [ 476.773474][ T27] audit: type=1326 audit(1781149708.704:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13255 comm="syz.1.2380" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7fa69799ce59 code=0x7ffc0000 [ 476.831920][ T27] audit: type=1326 audit(1781149708.704:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13255 comm="syz.1.2380" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa69799ce59 code=0x7ffc0000 [ 476.965443][ T27] audit: type=1326 audit(1781149708.704:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13255 comm="syz.1.2380" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa69799ce59 code=0x7ffc0000 [ 477.050853][ T27] audit: type=1326 audit(1781149708.704:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13255 comm="syz.1.2380" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa69799ce59 code=0x7ffc0000 [ 477.128669][ T27] audit: type=1326 audit(1781149708.704:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13255 comm="syz.1.2380" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fa69799ce59 code=0x7ffc0000 [ 477.246315][ T27] audit: type=1326 audit(1781149708.704:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13255 comm="syz.1.2380" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa69799ce59 code=0x7ffc0000 [ 477.421280][ T27] audit: type=1326 audit(1781149708.704:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13255 comm="syz.1.2380" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa69799ce59 code=0x7ffc0000 [ 479.181198][T13312] tipc: Failed to remove unknown binding: 66,0,0/0:491976143/491976145 [ 479.220597][T13312] tipc: Failed to remove unknown binding: 66,0,0/0:491976143/491976144 [ 479.256927][T13318] tipc: Failed to remove unknown binding: 66,0,0/0:491976143/491976145 [ 479.283237][T13318] tipc: Failed to remove unknown binding: 66,0,0/0:491976143/491976144 [ 481.975745][T13353] netlink: 'syz.6.2397': attribute type 4 has an invalid length. [ 482.007150][T13353] netlink: 'syz.6.2397': attribute type 4 has an invalid length. [ 482.252615][T13361] device syzkaller0 entered promiscuous mode [ 482.321618][T13362] Invalid option length (1040762) for dns_resolver key [ 482.770442][T13361] tipc: Started in network mode [ 482.798219][T13361] tipc: Node identity 3e290d84b2e8, cluster identity 4711 [ 482.904587][T13361] tipc: Enabled bearer , priority 0 [ 482.954806][T13360] tipc: Resetting bearer [ 483.068022][T13360] tipc: Disabling bearer [ 484.334278][T13389] netlink: 212884 bytes leftover after parsing attributes in process `syz.3.2405'. [ 485.121094][T13402] syz.1.2409 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 488.635096][T13455] xt_recent: hitcount (33554435) is larger than allowed maximum (255) [ 495.207803][T13539] autofs4:pid:13539:autofs_fill_super: called with bogus options [ 497.395686][T13566] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2458'. [ 498.356097][T13575] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2469'. [ 498.403781][T13575] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2469'. [ 498.526490][T13575] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2469'. [ 498.538446][T13575] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2469'. [ 498.547931][T13575] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2469'. [ 498.610753][T13575] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2469'. [ 500.073537][T13594] loop2: detected capacity change from 0 to 128 [ 501.007936][T13599] overlayfs: missing 'lowerdir' [ 501.330100][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.336647][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 503.516868][T13623] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2471'. [ 503.721787][T13652] netlink: 'syz.8.2478': attribute type 11 has an invalid length. [ 504.043417][T13661] tipc: Enabling of bearer rejected, failed to enable media [ 504.462881][T13668] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 506.985503][T13721] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2493'. [ 507.239182][ T27] kauditd_printk_skb: 35 callbacks suppressed [ 507.239209][ T27] audit: type=1326 audit(1781149740.044:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13727 comm="syz.8.2497" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7fc00000 [ 507.904874][ T27] audit: type=1326 audit(1781149740.084:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13727 comm="syz.8.2497" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fc51379ce59 code=0x7fc00000 [ 509.506880][T13770] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2505'. [ 509.560121][ T27] audit: type=1800 audit(1781149742.364:450): pid=13749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2501" name="bus" dev="ramfs" ino=66420 res=0 errno=0 [ 509.694457][T13780] tipc: Enabling of bearer rejected, failed to enable media [ 509.714662][T13779] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2506'. [ 510.165671][T13801] capability: warning: `syz.3.2515' uses 32-bit capabilities (legacy support in use) [ 510.184465][T13803] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2516'. [ 510.247164][T13808] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2516'. [ 510.365689][T13803] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2516'. [ 510.432660][T13803] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2516'. [ 511.107498][T13803] netlink: 2 bytes leftover after parsing attributes in process `syz.6.2516'. [ 511.126166][T13803] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2516'. [ 511.686482][ T27] audit: type=1326 audit(1781149744.464:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13830 comm="syz.6.2522" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2eead9ce59 code=0x0 [ 512.065679][T13838] loop2: detected capacity change from 0 to 256 [ 512.150581][T13838] FAT-fs (loop2): Directory bread(block 64) failed [ 512.157410][T13838] FAT-fs (loop2): Directory bread(block 65) failed [ 512.164399][T13838] FAT-fs (loop2): Directory bread(block 66) failed [ 512.171152][T13838] FAT-fs (loop2): Directory bread(block 67) failed [ 512.178085][T13838] FAT-fs (loop2): Directory bread(block 68) failed [ 512.184797][T13838] FAT-fs (loop2): Directory bread(block 69) failed [ 512.191845][T13838] FAT-fs (loop2): Directory bread(block 70) failed [ 512.198640][T13838] FAT-fs (loop2): Directory bread(block 71) failed [ 512.205615][T13838] FAT-fs (loop2): Directory bread(block 72) failed [ 512.212283][T13838] FAT-fs (loop2): Directory bread(block 73) failed [ 512.249387][T13838] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 512.981726][T13848] netlink: 'syz.2.2525': attribute type 11 has an invalid length. [ 513.081495][T13828] xt_CONNSECMARK: invalid mode: 0 [ 516.415323][T13887] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 521.805491][ C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 521.918214][T13985] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2558'. [ 521.987312][T13985] bridge5: port 1(veth7) entered blocking state [ 522.002200][T13985] bridge5: port 1(veth7) entered disabled state [ 522.026723][T13985] device veth7 entered promiscuous mode [ 522.068706][T13991] bridge5: port 2(veth0_to_bond) entered blocking state [ 522.082343][T13991] bridge5: port 2(veth0_to_bond) entered disabled state [ 522.106145][T13991] device veth0_to_bond entered promiscuous mode [ 526.583898][ T27] audit: type=1326 audit(1781149759.384:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14067 comm="syz.2.2578" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e9af9ce59 code=0x7ffc0000 [ 526.641271][ T27] audit: type=1326 audit(1781149759.384:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14067 comm="syz.2.2578" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e9af9ce59 code=0x7ffc0000 [ 526.686576][ T27] audit: type=1326 audit(1781149759.424:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14067 comm="syz.2.2578" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7f2e9af9ce59 code=0x7ffc0000 [ 526.744704][ T27] audit: type=1326 audit(1781149759.424:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14067 comm="syz.2.2578" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e9af9ce59 code=0x7ffc0000 [ 526.790334][T14072] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2579'. [ 526.805509][T14072] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2579'. [ 526.822612][ T27] audit: type=1326 audit(1781149759.424:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14067 comm="syz.2.2578" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e9af9ce59 code=0x7ffc0000 [ 526.844735][T14072] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 526.855805][T14072] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 526.864523][T14072] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 526.873471][T14072] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 526.884892][T14076] loop2: detected capacity change from 0 to 256 [ 526.893922][ T27] audit: type=1326 audit(1781149759.434:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14067 comm="syz.2.2578" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f2e9af9ce59 code=0x7ffc0000 [ 526.945103][ T27] audit: type=1326 audit(1781149759.434:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14067 comm="syz.2.2578" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e9af9ce59 code=0x7ffc0000 [ 526.972201][ T27] audit: type=1326 audit(1781149759.434:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14067 comm="syz.2.2578" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e9af9ce59 code=0x7ffc0000 [ 526.997583][ T27] audit: type=1326 audit(1781149759.434:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14067 comm="syz.2.2578" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f2e9af9ce59 code=0x7ffc0000 [ 527.022934][ T27] audit: type=1326 audit(1781149759.434:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14067 comm="syz.2.2578" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e9af9ce59 code=0x7ffc0000 [ 527.049694][T14072] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2579'. [ 527.059165][T14072] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2579'. [ 527.085405][T14076] FAT-fs (loop2): Directory bread(block 64) failed [ 527.103420][T14076] FAT-fs (loop2): Directory bread(block 65) failed [ 527.118502][T14076] FAT-fs (loop2): Directory bread(block 66) failed [ 527.133012][T14076] FAT-fs (loop2): Directory bread(block 67) failed [ 527.150485][T14076] FAT-fs (loop2): Directory bread(block 68) failed [ 527.175313][T14076] FAT-fs (loop2): Directory bread(block 69) failed [ 527.195274][T14076] FAT-fs (loop2): Directory bread(block 70) failed [ 527.208987][T14076] FAT-fs (loop2): Directory bread(block 71) failed [ 527.223656][T14076] FAT-fs (loop2): Directory bread(block 72) failed [ 527.239800][T14076] FAT-fs (loop2): Directory bread(block 73) failed [ 529.894358][T14127] Process accounting resumed [ 530.678493][T14152] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2593'. [ 537.903958][ T4281] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 537.917130][ T4281] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 537.926817][ T4281] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 538.133761][ T4281] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 538.142800][ T4281] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 538.150903][ T4281] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 539.744761][T14202] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 539.754205][T14202] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 539.763517][T14202] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 539.773026][T14202] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 539.967544][T14202] device bond6 left promiscuous mode [ 539.973112][T14202] device macvlan4 left promiscuous mode [ 540.170130][T14259] netlink: 'syz.8.2614': attribute type 4 has an invalid length. [ 540.205763][ T4281] Bluetooth: hci5: command 0x0409 tx timeout [ 540.352913][T14261] tipc: Enabling of bearer rejected, failed to enable media [ 540.387197][T14237] lo speed is unknown, defaulting to 1000 [ 540.826372][T10291] Process accounting resumed [ 542.305560][ T4281] Bluetooth: hci5: command 0x041b tx timeout [ 543.129562][T14237] chnl_net:caif_netlink_parms(): no params data found [ 543.869396][T14237] bridge0: port 1(bridge_slave_0) entered blocking state [ 543.886115][T14237] bridge0: port 1(bridge_slave_0) entered disabled state [ 543.900621][T14237] device bridge_slave_0 entered promiscuous mode [ 543.926101][T14237] bridge0: port 2(bridge_slave_1) entered blocking state [ 543.933610][T14237] bridge0: port 2(bridge_slave_1) entered disabled state [ 544.005057][T14237] device bridge_slave_1 entered promiscuous mode [ 544.387768][ T4291] Bluetooth: hci5: command 0x040f tx timeout [ 544.904617][T14237] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 544.930539][T14377] loop2: detected capacity change from 0 to 1024 [ 545.476854][T14237] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 545.593369][T14237] team0: Port device team_slave_0 added [ 545.601672][T14237] team0: Port device team_slave_1 added [ 545.622629][T14237] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 545.629685][T14237] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 545.660220][T14237] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 545.735142][T14376] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2630'. [ 545.749505][T14237] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 545.767379][T14237] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 545.797690][T14376] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2630'. [ 545.905233][ T9947] hfsplus: bad catalog file entry [ 545.912586][T14237] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 545.923704][ T9947] hfsplus: b-tree write err: -5, ino 3 [ 546.643910][ T4291] Bluetooth: hci5: command 0x0419 tx timeout [ 546.674457][T14395] xt_CONNSECMARK: invalid mode: 0 [ 546.749639][T14237] device hsr_slave_0 entered promiscuous mode [ 546.792716][T14237] device hsr_slave_1 entered promiscuous mode [ 546.800349][T14237] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 546.813506][T14237] Cannot create hsr debugfs directory [ 546.891633][T14398] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2638'. [ 546.903830][T14398] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2638'. [ 546.940505][T14398] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 546.949469][T14398] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 546.958244][T14398] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 546.966996][T14398] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 547.106348][T14398] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2638'. [ 547.115411][T14398] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2638'. [ 547.555194][T14413] netlink: 'syz.1.2643': attribute type 13 has an invalid length. [ 547.599042][T14413] infiniband sz1: set active [ 547.634326][T14413] infiniband sz1: set active [ 548.455728][ T4595] lo speed is unknown, defaulting to 1000 [ 548.463003][ T4601] lo speed is unknown, defaulting to 1000 [ 551.242965][T14467] 9pnet: p9_errstr2errno: server reported unknown error 'I$۷= [ 551.435620][ T4322] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 551.677431][ T4322] usb 3-1: config 0 has no interfaces? [ 551.688176][ T4322] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 551.744285][ T4322] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 551.987014][ T4322] usb 3-1: Product: syz [ 552.062316][ T4322] usb 3-1: Manufacturer: syz [ 552.140399][ T4322] usb 3-1: SerialNumber: syz [ 552.330344][ T4322] usb 3-1: config 0 descriptor?? [ 552.580699][ T4322] usb 3-1: USB disconnect, device number 3 [ 552.668696][T14237] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 552.702619][T14237] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 552.733727][T14237] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 552.747587][T14237] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 552.889235][T14237] 8021q: adding VLAN 0 to HW filter on device bond0 [ 552.926026][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 552.934500][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 552.949773][T14237] 8021q: adding VLAN 0 to HW filter on device team0 [ 552.968928][ T9947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 552.986037][ T9947] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 553.004790][ T9947] bridge0: port 1(bridge_slave_0) entered blocking state [ 553.011966][ T9947] bridge0: port 1(bridge_slave_0) entered forwarding state [ 553.041531][ T9947] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 553.061056][ T9947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 553.076081][ T9947] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 553.094854][ T9947] bridge0: port 2(bridge_slave_1) entered blocking state [ 553.102070][ T9947] bridge0: port 2(bridge_slave_1) entered forwarding state [ 553.138771][ T9947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 553.188085][ T9947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 553.207188][ T9947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 553.254507][ T9947] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 553.290168][ T9947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 553.317474][ T9947] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 553.343609][ T9947] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 553.362840][T14237] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 553.397785][T14237] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 553.428662][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 553.442368][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 553.467169][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 553.507972][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 553.540122][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 555.008103][ T9947] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 555.016296][T14532] loop2: detected capacity change from 0 to 256 [ 555.231729][ T9947] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 555.372330][T14532] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 555.589264][T14237] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 556.787532][ T8258] exFAT-fs (loop2): error, invalid access to FAT (entry 0x00000005) bogus content (0x4fc9b72c) [ 556.802339][ T8258] exFAT-fs (loop2): Filesystem has been set read-only [ 556.811879][ T8258] exFAT-fs (loop2): error, invalid access to FAT (entry 0x00000005) bogus content (0x4fc9b72c) [ 557.061656][T14552] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 557.348567][ T8058] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 557.505267][ T8058] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 557.612755][ T8058] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 557.773998][ T8058] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 558.796959][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 558.816543][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 558.910029][T14237] device veth0_vlan entered promiscuous mode [ 558.920237][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 558.930279][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 559.001048][T14237] device veth1_vlan entered promiscuous mode [ 559.016380][T14586] device bridge_slave_0 left promiscuous mode [ 559.022659][T14586] bridge0: port 1(bridge_slave_0) entered disabled state [ 559.041699][T14586] device bridge_slave_1 left promiscuous mode [ 559.048371][T14586] bridge0: port 2(bridge_slave_1) entered disabled state [ 559.058150][T14586] device veth0_to_bond left promiscuous mode [ 559.064310][T14586] bridge5: port 2(veth0_to_bond) entered disabled state [ 559.075322][T14586] bond0: (slave bond_slave_0): Releasing backup interface [ 559.086251][T14586] bond0: (slave bond_slave_1): Releasing backup interface [ 559.098109][T14586] team0: Port device team_slave_1 removed [ 559.104163][T14586] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 559.112635][T14586] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 559.123083][T14586] bond1: (slave veth3): Releasing backup interface [ 559.134082][T14586] device vlan2 left promiscuous mode [ 559.139842][T14586] device ip6gretap0 left promiscuous mode [ 559.145929][T14586] bridge0: port 3(vlan2) entered disabled state [ 559.165252][T14586] bond2: (slave geneve2): Releasing active interface [ 559.176463][T14586] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 559.185527][T14586] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 559.194432][T14586] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 559.203426][T14586] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 559.228405][T14586] bond3: (slave ip6gretap1): Releasing active interface [ 559.262922][T14586] bond4: (slave bond5): Releasing backup interface [ 559.269703][T14586] bond4: (slave bond5): the permanent HWaddr of slave - d6:7c:69:ea:b3:a5 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts [ 559.287010][T14586] bond4: (slave gretap1): making interface the new active one [ 559.337881][T14586] bond4: (slave gretap1): Releasing backup interface [ 559.350310][T14586] device veth7 left promiscuous mode [ 559.355854][T14586] bridge5: port 1(veth7) entered disabled state [ 559.374250][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 559.387829][ T4291] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 559.399484][ T4291] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 559.407934][ T4291] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 559.410109][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 559.434715][ T4283] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 559.443073][ T4283] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 559.453792][ T4283] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 559.485600][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 559.540256][T14588] team0: Mode changed to "loadbalance" [ 559.580185][T14586] syz.8.2682 (14586) used greatest stack depth: 17112 bytes left [ 559.690104][ T8058] tipc: Left network mode [ 559.709560][ T9947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 559.729836][ T9947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 559.760480][T14592] lo speed is unknown, defaulting to 1000 [ 559.763113][T14237] device veth0_macvtap entered promiscuous mode [ 559.943085][ T8058] bond4: (slave ip6gretap1): Releasing active interface [ 560.161208][T14237] device veth1_macvtap entered promiscuous mode [ 561.081821][ T7518] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 561.096761][ T7518] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 561.134600][T14237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 561.155714][T14237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 561.174537][T14237] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 561.537547][ T4281] Bluetooth: hci0: command 0x0409 tx timeout [ 561.567483][T10464] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 561.613710][T10464] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 561.914478][T14237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 561.925491][T14237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 561.954930][T14237] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 562.109977][ T4567] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 562.137023][ T4567] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 562.210433][T14237] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 562.225431][T14237] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 562.234210][T14237] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 562.255424][T14237] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 562.641623][ T4567] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 562.753601][ T4567] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 562.771977][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.782300][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.852143][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 563.296797][ T9951] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 563.367456][ T9951] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 563.387039][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 563.568123][ T4281] Bluetooth: hci0: command 0x041b tx timeout [ 563.852009][T14592] chnl_net:caif_netlink_parms(): no params data found [ 564.806311][T14592] bridge0: port 1(bridge_slave_0) entered blocking state [ 564.821352][T14592] bridge0: port 1(bridge_slave_0) entered disabled state [ 564.863423][T14592] device bridge_slave_0 entered promiscuous mode [ 564.957127][T14592] bridge0: port 2(bridge_slave_1) entered blocking state [ 564.964303][T14592] bridge0: port 2(bridge_slave_1) entered disabled state [ 565.002291][T14592] device bridge_slave_1 entered promiscuous mode [ 565.094599][T14592] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 565.151354][T14592] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 565.261723][ T8058] device hsr_slave_0 left promiscuous mode [ 565.271979][ T8058] device hsr_slave_1 left promiscuous mode [ 565.645586][ T4281] Bluetooth: hci0: command 0x040f tx timeout [ 565.659859][ T8058] bond8 (unregistering): (slave veth3): Releasing active interface [ 565.683875][ T8058] bond8 (unregistering): Released all slaves [ 566.186413][ T8058] bond7 (unregistering): Released all slaves [ 566.249259][ T8058] team0 (unregistering): Port device macvlan4 removed [ 566.476458][ T8058] bond6 (unregistering): Released all slaves [ 566.703957][ T8058] bond5 (unregistering): Released all slaves [ 567.415234][ T8058] bond4 (unregistering): Released all slaves [ 567.452101][ T8058] bond3 (unregistering): Released all slaves [ 567.649387][ T8058] bond2 (unregistering): Released all slaves [ 567.660442][ T8058] bond1 (unregistering): Released all slaves [ 567.725723][ T4281] Bluetooth: hci0: command 0x0419 tx timeout [ 568.601529][T14720] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2710'. [ 568.636379][T14720] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2710'. [ 568.924987][ T8058] team0 (unregistering): Port device team_slave_1 removed [ 568.983611][ T8058] team0 (unregistering): Port device team_slave_0 removed [ 569.036531][ T8058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 569.092233][ T8058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 569.495268][ T8058] bond0 (unregistering): Released all slaves [ 569.522651][T14592] team0: Port device team_slave_0 added [ 569.532772][T14592] team0: Port device team_slave_1 added [ 569.552178][T14697] device team0 entered promiscuous mode [ 569.559959][T14697] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 569.577931][T14697] bond0: (slave macvlan2): Enslaving as an active interface with an up link [ 569.604283][T14699] bridge0: port 1(vlan3) entered blocking state [ 569.636984][T14699] bridge0: port 1(vlan3) entered disabled state [ 569.644561][T14699] device vlan3 entered promiscuous mode [ 569.662980][T14699] device bond0 entered promiscuous mode [ 569.676206][T14699] device macvlan2 entered promiscuous mode [ 569.718282][T14722] netlink: 112 bytes leftover after parsing attributes in process `syz.4.2711'. [ 569.751855][T14592] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 569.760109][T14592] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 569.802894][T14592] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 569.866020][T14592] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 569.873016][T14592] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 569.929077][T14592] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 570.070476][T14731] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2713'. [ 570.998437][T14592] device hsr_slave_0 entered promiscuous mode [ 571.076172][T14592] device hsr_slave_1 entered promiscuous mode [ 571.092672][T14592] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 571.136120][T14592] Cannot create hsr debugfs directory [ 577.743158][T14592] netdevsim netdevsim7 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 577.969434][T14592] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 578.335785][T14773] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2721'. [ 578.420397][T14776] bond1: (slave ip_vti0): The slave device specified does not support setting the MAC address [ 578.566437][T14776] bond1: (slave ip_vti0): Error -95 calling set_mac_address [ 578.742558][T14791] loop4: detected capacity change from 0 to 2048 [ 578.812885][T14592] netdevsim netdevsim7 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 578.853912][T14592] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 578.897125][T14797] loop2: detected capacity change from 0 to 7 [ 578.936407][T14791] loop4: p1 p2 p3 [ 578.936407][T14791] p1: [ 578.969632][T14791] loop4: p1 size 16779263 extends beyond EOD, truncated [ 578.999455][T14797] loop2: [ 579.017080][T14797] loop2: partition table partially beyond EOD, truncated [ 579.054657][T14791] loop4: p2 size 458752 extends beyond EOD, truncated [ 579.091484][T14791] loop4: p3 start 3036741376 is beyond EOD, truncated [ 579.136651][T14592] netdevsim netdevsim7 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 579.177922][T14592] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 579.713531][T14592] netdevsim netdevsim7 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 579.771517][T14592] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 579.787362][T14786] udevd[14786]: inotify_add_watch(7, /dev/loop4p5, 10) failed: No such file or directory [ 579.788680][T14804] udevd[14804]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 579.820397][T14803] udevd[14803]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 579.890594][T14804] udevd[14804]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 579.896359][T14786] udevd[14786]: inotify_add_watch(7, /dev/loop4p5, 10) failed: No such file or directory [ 579.924610][T14803] udevd[14803]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 580.234708][T14592] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 580.274402][T14592] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 580.319002][T14592] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 580.354285][T14592] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 580.613662][T14834] loop4: detected capacity change from 0 to 1024 [ 580.635703][T14592] 8021q: adding VLAN 0 to HW filter on device bond0 [ 580.662400][T14592] 8021q: adding VLAN 0 to HW filter on device team0 [ 580.673275][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 580.681759][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 580.689969][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 580.707098][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 580.738619][ T6146] bridge0: port 1(bridge_slave_0) entered blocking state [ 580.745808][ T6146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 580.814448][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 580.841563][T14834] hfsplus: xattr searching failed [ 580.851669][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 580.876895][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 580.930325][ T6146] bridge0: port 2(bridge_slave_1) entered blocking state [ 580.937512][ T6146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 580.995925][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 581.006736][T14834] hfsplus: xattr searching failed [ 581.052078][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 581.081516][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 581.115172][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 581.136866][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 581.163510][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 581.193287][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 581.202753][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 581.231573][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 581.240954][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 581.270003][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 581.294231][T14592] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 581.694402][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 581.703636][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 581.724633][T14592] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 582.363727][T14888] netlink: 'syz.1.2746': attribute type 4 has an invalid length. [ 583.072874][T14888] infiniband sz1: set down [ 583.097220][T14892] netlink: 'syz.1.2746': attribute type 4 has an invalid length. [ 583.128714][T14892] infiniband sz1: set active [ 583.140983][T14888] netlink: 'syz.1.2746': attribute type 4 has an invalid length. [ 583.149020][ T4322] lo speed is unknown, defaulting to 1000 [ 583.267427][T14888] infiniband sz1: set down [ 583.315287][ T4319] lo speed is unknown, defaulting to 1000 [ 584.055735][T10288] lo speed is unknown, defaulting to 1000 [ 584.087658][T14725] lo speed is unknown, defaulting to 1000 [ 584.151899][ T4264] lo speed is unknown, defaulting to 1000 [ 584.357276][T14912] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2741'. [ 584.405600][T14913] loop4: detected capacity change from 0 to 1024 [ 584.422791][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 584.448373][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 585.195692][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 585.224140][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 585.286350][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 585.311837][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 585.349079][T14592] device veth0_vlan entered promiscuous mode [ 585.391590][T14592] device veth1_vlan entered promiscuous mode [ 585.417340][ T7514] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 585.546534][ T7514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 585.583519][ T7514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 585.643159][T14938] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2747'. [ 585.659521][T14592] device veth0_macvtap entered promiscuous mode [ 585.710198][T14592] device veth1_macvtap entered promiscuous mode [ 585.809556][T14592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 585.883852][T14592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.941719][T14592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 586.007249][T14592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 586.074949][T14592] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 586.126264][ T8058] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 586.162179][ T8058] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 586.205828][ T8058] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 586.260477][ T8058] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 586.396772][T14592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 586.407374][T14592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 586.417290][T14592] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 586.435346][T14592] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 586.462503][T14592] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 586.479423][T14592] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 586.492858][T14592] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 586.506822][T14592] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 586.531313][T14592] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 586.561620][ T8058] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 586.576273][ T8058] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 586.731214][ T9947] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 586.756688][ T9947] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 586.764849][T10819] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 586.821061][T10819] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 586.829849][T10819] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 586.838007][ T7516] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 587.980550][T14972] device syzkaller0 entered promiscuous mode [ 592.168627][T15024] netlink: 'syz.6.2763': attribute type 4 has an invalid length. [ 592.229608][T15016] loop4: detected capacity change from 0 to 8192 [ 592.233001][T15024] netlink: 'syz.6.2763': attribute type 4 has an invalid length. [ 592.310601][T15016] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 592.387371][T15016] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 592.449887][T15016] REISERFS (device loop4): using ordered data mode [ 592.496752][T15016] reiserfs: using flush barriers [ 592.526622][T15016] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 592.604217][T15016] REISERFS (device loop4): checking transaction log (loop4) [ 593.683758][T15016] REISERFS (device loop4): Using tea hash to sort names [ 593.708297][T15016] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 595.862241][T15059] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2772'. [ 598.284234][T15095] x_tables: duplicate underflow at hook 2 [ 601.089794][T15111] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2787'. [ 601.412807][T15118] SET target dimension over the limit! [ 602.237382][T15126] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2792'. [ 604.972735][T15155] device syzkaller0 entered promiscuous mode [ 606.182104][ T27] kauditd_printk_skb: 21 callbacks suppressed [ 606.182119][ T27] audit: type=1326 audit(1781149838.984:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15172 comm="syz.8.2802" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 606.285051][ T27] audit: type=1326 audit(1781149838.984:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15172 comm="syz.8.2802" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 606.329448][ T27] audit: type=1326 audit(1781149838.984:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15172 comm="syz.8.2802" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 606.379706][ T27] audit: type=1326 audit(1781149838.984:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15172 comm="syz.8.2802" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 606.459868][ T27] audit: type=1326 audit(1781149838.994:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15172 comm="syz.8.2802" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=199 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 606.511374][ T27] audit: type=1326 audit(1781149838.994:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15172 comm="syz.8.2802" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 606.630645][ T27] audit: type=1326 audit(1781149838.994:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15172 comm="syz.8.2802" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 606.691012][ T27] audit: type=1326 audit(1781149839.004:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15172 comm="syz.8.2802" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 606.726091][ T27] audit: type=1326 audit(1781149839.004:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15172 comm="syz.8.2802" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 606.756215][ T27] audit: type=1326 audit(1781149839.004:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15172 comm="syz.8.2802" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 609.366292][T15220] loop4: detected capacity change from 0 to 256 [ 609.434250][T15220] FAT-fs (loop4): Directory bread(block 64) failed [ 609.595037][T15220] FAT-fs (loop4): Directory bread(block 65) failed [ 609.612987][T15220] FAT-fs (loop4): Directory bread(block 66) failed [ 609.644214][T15220] FAT-fs (loop4): Directory bread(block 67) failed [ 609.674974][T15220] FAT-fs (loop4): Directory bread(block 68) failed [ 610.043078][T15220] FAT-fs (loop4): Directory bread(block 69) failed [ 610.077342][T15220] FAT-fs (loop4): Directory bread(block 70) failed [ 610.105824][T15220] FAT-fs (loop4): Directory bread(block 71) failed [ 610.150881][T15220] FAT-fs (loop4): Directory bread(block 72) failed [ 610.202209][T15220] FAT-fs (loop4): Directory bread(block 73) failed [ 611.612042][T15253] loop4: detected capacity change from 0 to 512 [ 611.778932][T15253] EXT4-fs (loop4): external journal device major/minor numbers have changed [ 612.222489][T15253] block device autoloading is deprecated and will be removed. [ 612.274234][T15253] EXT4-fs (loop4): external journal has bad superblock [ 612.332529][T15258] netlink: 1319 bytes leftover after parsing attributes in process `syz.7.2822'. [ 617.780382][T15326] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2835'. [ 618.186701][T15338] netlink: 'syz.4.2841': attribute type 3 has an invalid length. [ 618.194610][T15338] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2841'. [ 622.145617][T15391] netlink: 'syz.8.2854': attribute type 1 has an invalid length. [ 623.189802][T15391] device bond6 entered promiscuous mode [ 623.198048][T15391] 8021q: adding VLAN 0 to HW filter on device bond6 [ 623.725958][T15391] bond6: (slave bridge6): making interface the new active one [ 623.733494][T15391] device bridge6 entered promiscuous mode [ 623.866029][T15391] bond6: (slave bridge6): Enslaving as an active interface with an up link [ 624.313936][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.323526][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.682016][ T9951] IPv6: ADDRCONF(NETDEV_CHANGE): bond6: link becomes ready [ 624.845653][T15426] netlink: 1319 bytes leftover after parsing attributes in process `syz.4.2863'. [ 626.382019][T15451] netlink: 188 bytes leftover after parsing attributes in process `syz.6.2868'. [ 629.458961][T15493] loop7: detected capacity change from 0 to 164 [ 629.470886][T15492] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2875'. [ 629.539176][T15493] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 629.609311][T15492] bond7: (slave bridge7): Enslaving as an active interface with an up link [ 629.662632][T15496] device macvlan0 entered promiscuous mode [ 629.691518][T15496] device bond7 entered promiscuous mode [ 629.725824][T15496] device bridge7 entered promiscuous mode [ 629.731939][T15502] loop4: detected capacity change from 0 to 512 [ 629.746786][T15496] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 629.784398][T15496] device bond7 left promiscuous mode [ 629.804388][T15496] device bridge7 left promiscuous mode [ 629.820119][T15502] EXT4-fs (loop4): Test dummy encryption mode enabled [ 629.940536][T15502] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 629.971749][T15502] EXT4-fs error (device loop4): ext4_orphan_get:1431: comm syz.4.2878: bad orphan inode 131083 [ 629.984991][T15502] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 631.462753][T15515] loop7: detected capacity change from 0 to 512 [ 631.563095][T15515] EXT4-fs (loop7): external journal device major/minor numbers have changed [ 631.577666][T15520] fscrypt (loop4): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 631.660671][T15515] EXT4-fs (loop7): external journal has bad superblock [ 631.996762][T14237] EXT4-fs (loop4): unmounting filesystem. [ 634.712613][T15572] netlink: 'syz.7.2890': attribute type 2 has an invalid length. [ 634.724162][T15572] netlink: 132 bytes leftover after parsing attributes in process `syz.7.2890'. [ 639.651418][T15650] netlink: 'syz.6.2912': attribute type 1 has an invalid length. [ 640.412845][T15659] netlink: 'syz.4.2916': attribute type 2 has an invalid length. [ 640.872493][ T27] kauditd_printk_skb: 44 callbacks suppressed [ 640.872510][ T27] audit: type=1326 audit(1781149873.664:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15654 comm="syz.1.2915" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa69799ce59 code=0x0 [ 643.656370][T15683] tty tty35: ldisc open failed (-12), clearing slot 34 [ 644.024150][T15707] loop7: detected capacity change from 0 to 512 [ 644.247696][T15707] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 644.714281][T15707] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c019, mo2=0002] [ 644.757431][T15707] System zones: 1-12 [ 645.037250][T15707] EXT4-fs warning (device loop7): ext4_xattr_inode_get:492: inode #11: comm syz.7.2930: ea_inode file size=0 entry size=6 [ 645.219385][T15707] EXT4-fs error (device loop7): ext4_xattr_inode_iget:401: inode #11: comm syz.7.2930: iget: bad extra_isize 90 (inode size 256) [ 645.305825][T15707] EXT4-fs error (device loop7): ext4_xattr_inode_iget:406: comm syz.7.2930: error while reading EA inode 11 err=-117 [ 645.338870][T15707] EXT4-fs (loop7): 1 orphan inode deleted [ 645.344659][T15707] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 645.512055][T14592] EXT4-fs (loop7): unmounting filesystem. [ 647.580181][T15768] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2943'. [ 650.727951][T15795] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2952'. [ 650.782403][ T27] audit: type=1326 audit(1781149883.584:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15799 comm="syz.6.2953" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2eead9ce59 code=0x0 [ 650.986480][ T27] audit: type=1326 audit(1781149883.794:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15799 comm="syz.6.2953" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2eead9ce59 code=0x0 [ 652.496285][T15827] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 652.496285][T15827] The task syz.6.2960 (15827) triggered the difference, watch for misbehavior. [ 653.934110][T15843] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2965'. [ 653.975602][T15843] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2965'. [ 653.992590][T15843] device bond0 entered promiscuous mode [ 654.002393][T15843] device bond_slave_0 entered promiscuous mode [ 654.008941][T15843] device bond_slave_1 entered promiscuous mode [ 654.017012][T15843] device bond0 left promiscuous mode [ 654.022488][T15843] device bond_slave_0 left promiscuous mode [ 654.049403][T15843] device bond_slave_1 left promiscuous mode [ 654.070387][T15847] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2968'. [ 654.088876][T15847] device vlan2 entered promiscuous mode [ 654.099334][T15847] device ip6gretap0 entered promiscuous mode [ 656.031525][T15872] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2973'. [ 656.681433][T15872] bond0: (slave bond_slave_0): Releasing backup interface [ 658.030788][T15900] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 659.749100][ T27] audit: type=1326 audit(1781149892.554:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15914 comm="syz.4.2984" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff400f9ce59 code=0x7ffc0000 [ 659.959342][ T27] audit: type=1326 audit(1781149892.644:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15914 comm="syz.4.2984" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff400f9ce59 code=0x7ffc0000 [ 660.148902][ T27] audit: type=1326 audit(1781149892.674:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15914 comm="syz.4.2984" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7ff400f9ce59 code=0x7ffc0000 [ 660.402339][ T27] audit: type=1326 audit(1781149892.674:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15914 comm="syz.4.2984" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff400f9ce59 code=0x7ffc0000 [ 661.006020][ T27] audit: type=1326 audit(1781149892.704:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15914 comm="syz.4.2984" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff400f9ce59 code=0x7ffc0000 [ 661.104734][T15929] loop4: detected capacity change from 0 to 128 [ 661.138440][T15929] ext4: Unknown parameter 'uid>00000000000000000000' [ 661.202999][T14803] udevd[14803]: incorrect ext4 checksum on /dev/loop4 [ 661.226092][ T27] audit: type=1326 audit(1781149892.704:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15914 comm="syz.4.2984" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7ff400f9ce59 code=0x7ffc0000 [ 661.315079][ T27] audit: type=1326 audit(1781149892.704:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15914 comm="syz.4.2984" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff400f9ce59 code=0x7ffc0000 [ 661.411501][ T27] audit: type=1326 audit(1781149892.704:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15914 comm="syz.4.2984" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff400f9ce59 code=0x7ffc0000 [ 661.505813][ T27] audit: type=1326 audit(1781149892.704:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15914 comm="syz.4.2984" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7ff400f9ce59 code=0x7ffc0000 [ 661.591001][ T27] audit: type=1326 audit(1781149892.704:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15914 comm="syz.4.2984" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff400f9ce59 code=0x7ffc0000 [ 661.994712][T15956] IPVS: set_ctl: invalid protocol: 92 127.0.0.1:20003 [ 662.125560][ T4281] Bluetooth: hci5: command 0x0406 tx timeout [ 662.440489][T15967] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 662.695120][T15967] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 663.867753][ C1] hrtimer: interrupt took 485631 ns [ 664.648801][T15998] netlink: 'syz.4.3007': attribute type 1 has an invalid length. [ 664.830826][T16003] device veth0_virt_wifi entered promiscuous mode [ 670.285477][ C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 670.563256][T16060] loop7: detected capacity change from 0 to 512 [ 670.585582][ T9951] tipc: Disabling bearer [ 670.601950][ T9951] tipc: Left network mode [ 671.394804][T16060] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 671.414303][T16060] ext4 filesystem being mounted at /48/file3 supports timestamps until 2038-01-19 (0x7fffffff) [ 671.503799][T16060] EXT4-fs (loop7): shut down requested (1) [ 671.780810][T16060] EXT4-fs (loop7): re-mounted. Quota mode: writeback. [ 671.932138][T14592] EXT4-fs (loop7): unmounting filesystem. [ 682.695413][ T4283] Bluetooth: hci0: command 0x0406 tx timeout [ 682.956488][T16223] "syz.8.3056" (16223) uses obsolete ecb(arc4) skcipher [ 683.871501][ T9951] device hsr_slave_0 left promiscuous mode [ 683.937477][ T9951] device hsr_slave_1 left promiscuous mode [ 685.550753][ T9951] bond3 (unregistering): Released all slaves [ 685.652057][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.658415][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.781439][ T9951] bond2 (unregistering): Released all slaves [ 686.255145][T16263] netlink: 180 bytes leftover after parsing attributes in process `syz.8.3063'. [ 687.119689][T16271] loop4: detected capacity change from 0 to 128 [ 687.150811][T16271] EXT4-fs: Ignoring removed nobh option [ 687.230371][T16271] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 687.302618][T16271] ext4 filesystem being mounted at /68/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 687.354199][ T9951] bond1 (unregistering): Released all slaves [ 687.541358][T16286] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3070'. [ 689.129661][ T9951] bond0 (unregistering): Released all slaves [ 689.190792][T16271] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3067'. [ 689.201245][T16283] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3067'. [ 689.221916][T16283] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3067'. [ 689.239222][T16282] netlink: 'syz.8.3070': attribute type 30 has an invalid length. [ 689.254058][T16285] netlink: 'syz.6.3071': attribute type 1 has an invalid length. [ 689.296039][T14237] EXT4-fs (loop4): unmounting filesystem. [ 689.358402][T16285] 8021q: adding VLAN 0 to HW filter on device bond2 [ 690.101936][T16287] 8021q: adding VLAN 0 to HW filter on device bond2 [ 690.109946][T16287] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address [ 690.127005][T16287] bond2: (slave vxcan3): Error -95 calling set_mac_address [ 690.240046][T16288] device gretap1 entered promiscuous mode [ 690.263034][T16288] bond2: (slave gretap1): making interface the new active one [ 690.291913][T16307] MPTCP: kernel_bind error, err=-99 [ 690.294927][T16288] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 690.330609][T16292] batman_adv: batadv0: Adding interface: dummy0 [ 690.389225][T16308] 9pnet_virtio: no channels available for device 127.0.0.1 [ 690.701533][T16292] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 690.829611][T16292] batman_adv: batadv0: Interface activated: dummy0 [ 690.938102][T16293] batadv0: mtu less than device minimum [ 690.962633][T16293] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 690.974795][T16293] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 690.987075][T16293] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 690.999291][T16293] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 691.011505][T16293] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 691.023579][T16293] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 691.035852][T16293] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 691.048317][T16293] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 691.060371][T16293] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 691.429967][T16321] sctp: [Deprecated]: syz.6.3080 (pid 16321) Use of struct sctp_assoc_value in delayed_ack socket option. [ 691.429967][T16321] Use struct sctp_sack_info instead [ 693.191184][T16353] x_tables: ip_tables: icmp.0 match: invalid size 8 (kernel) != (user) 56 [ 693.966833][T16364] netlink: 'syz.7.3091': attribute type 1 has an invalid length. [ 694.941194][T16364] 8021q: adding VLAN 0 to HW filter on device bond1 [ 695.250389][T16365] 8021q: adding VLAN 0 to HW filter on device bond1 [ 695.286336][T16365] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 695.334207][T16365] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 695.479068][T16369] device gretap1 entered promiscuous mode [ 695.488506][T16369] bond1: (slave gretap1): making interface the new active one [ 695.728632][T16369] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 696.005898][ T4283] Bluetooth: hci5: Invalid connection link type handle 0x00c8 [ 696.221065][T16401] loop4: detected capacity change from 0 to 1024 [ 697.352650][ T7933] hfsplus: b-tree write err: -5, ino 25 [ 697.365635][ T7933] hfsplus: b-tree write err: -5, ino 4 [ 697.383404][ T7933] hfsplus: b-tree write err: -5, ino 2 [ 699.230798][T16412] overlayfs: failed to resolve './file0': -2 [ 700.119670][T16436] xt_nat: multiple ranges no longer supported [ 701.411387][T16444] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 702.300334][T16456] 8021q: adding VLAN 0 to HW filter on device bond8 [ 702.422241][T16459] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 702.456250][T16459] bond8: (slave macvlan0): making interface the new active one [ 702.486943][T16459] bond8: (slave macvlan0): Enslaving as an active interface with an up link [ 702.520477][T16462] netlink: 'syz.4.3115': attribute type 1 has an invalid length. [ 703.429051][T16462] 8021q: adding VLAN 0 to HW filter on device bond1 [ 703.537145][ T4572] IPv6: ADDRCONF(NETDEV_CHANGE): bond8: link becomes ready [ 703.705142][T16464] 8021q: adding VLAN 0 to HW filter on device bond1 [ 703.770834][T16464] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 704.271415][T16464] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 704.388421][T16466] device gretap1 entered promiscuous mode [ 704.415053][T16466] bond1: (slave gretap1): making interface the new active one [ 704.469326][T16466] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 704.498218][T16481] netlink: 'syz.6.3118': attribute type 1 has an invalid length. [ 704.565378][T16481] 8021q: adding VLAN 0 to HW filter on device bond3 [ 704.609713][T16485] device macvlan2 entered promiscuous mode [ 704.624497][T16485] device bond3 entered promiscuous mode [ 704.630987][T16485] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 704.644346][T16485] device bond3 left promiscuous mode [ 705.707518][T16497] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3121'. [ 705.796868][T16497] bridge2: port 1(erspan0) entered blocking state [ 705.823729][T16497] bridge2: port 1(erspan0) entered disabled state [ 705.849803][T16497] device erspan0 entered promiscuous mode [ 708.281196][T16533] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3130'. [ 708.489448][T16538] lo speed is unknown, defaulting to 1000 [ 710.341907][T16554] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3134'. [ 710.605050][ T4281] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 710.616754][ T4281] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 710.625064][ T4281] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 710.632874][ T4281] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 710.641889][ T4281] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 710.650052][ T4281] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 710.781156][T16557] lo speed is unknown, defaulting to 1000 [ 711.242476][T16572] netlink: 'syz.8.3135': attribute type 1 has an invalid length. [ 711.281487][T16573] loop4: detected capacity change from 0 to 128 [ 711.891763][T16573] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 711.977110][T16573] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 712.009543][ T27] kauditd_printk_skb: 85 callbacks suppressed [ 712.009556][ T27] audit: type=1800 audit(1781149944.814:635): pid=16573 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3137" name="file1" dev="loop4" ino=94 res=0 errno=0 [ 712.122611][T16572] 8021q: adding VLAN 0 to HW filter on device bond9 [ 712.253588][T16577] 8021q: adding VLAN 0 to HW filter on device bond9 [ 712.289394][T16577] bond9: (slave vxcan1): The slave device specified does not support setting the MAC address [ 712.366776][T16577] bond9: (slave vxcan1): Error -95 calling set_mac_address [ 712.579464][T16581] device gretap2 entered promiscuous mode [ 712.608997][T16581] bond9: (slave gretap2): making interface the new active one [ 712.660070][T16597] xt_CT: You must specify a L4 protocol and not use inversions on it [ 712.767082][ T4283] Bluetooth: hci4: command 0x0409 tx timeout [ 713.446639][T16581] bond9: (slave gretap2): Enslaving as an active interface with an up link [ 713.470760][T16567] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 713.602783][T16582] sch_tbf: burst 6281 is lower than device lo mtu (65550) ! [ 713.993799][T16557] chnl_net:caif_netlink_parms(): no params data found [ 714.054541][T16610] loop4: detected capacity change from 0 to 2048 [ 714.271401][T16557] bridge0: port 1(bridge_slave_0) entered blocking state [ 714.278712][T16557] bridge0: port 1(bridge_slave_0) entered disabled state [ 714.288035][T16557] device bridge_slave_0 entered promiscuous mode [ 714.296609][T16557] bridge0: port 2(bridge_slave_1) entered blocking state [ 714.303810][T16557] bridge0: port 2(bridge_slave_1) entered disabled state [ 714.397182][T16557] device bridge_slave_1 entered promiscuous mode [ 714.434172][T16622] loop7: detected capacity change from 0 to 2048 [ 714.845363][ T4291] Bluetooth: hci4: command 0x041b tx timeout [ 714.925696][T16557] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 715.094477][T16557] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 716.141030][T16557] team0: Port device team_slave_0 added [ 716.394384][T16557] team0: Port device team_slave_1 added [ 716.512958][T16557] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 717.265008][ T4291] Bluetooth: hci4: command 0x040f tx timeout [ 717.455635][T16557] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 717.482401][T16557] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 717.821457][T16557] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 717.940288][T16557] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 718.571057][T16557] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 719.626755][ T4291] Bluetooth: hci4: command 0x0419 tx timeout [ 719.974339][T16557] device hsr_slave_0 entered promiscuous mode [ 720.003228][T16557] device hsr_slave_1 entered promiscuous mode [ 720.036986][T16557] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 720.211040][T16557] Cannot create hsr debugfs directory [ 721.071521][T16689] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3161'. [ 721.132782][T16691] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000000009 [ 721.204181][T16687] device dummy0 left promiscuous mode [ 721.576649][T16687] netdevsim netdevsim8 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 721.585888][T16687] netdevsim netdevsim8 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 721.594835][T16687] netdevsim netdevsim8 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 721.603804][T16687] netdevsim netdevsim8 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 721.772482][T16687] device bond6 left promiscuous mode [ 721.783987][T16687] device bridge6 left promiscuous mode [ 721.923537][T16687] device gretap2 left promiscuous mode [ 721.950222][T16698] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 721.987231][T16698] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 721.994686][T16698] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 722.033909][T16698] device bridge_slave_0 left promiscuous mode [ 722.048543][T16698] bridge0: port 1(bridge_slave_0) entered disabled state [ 722.069215][T16698] device bridge_slave_1 left promiscuous mode [ 722.086402][T16698] bridge0: port 2(bridge_slave_1) entered disabled state [ 722.121232][T16698] bond0: (slave bond_slave_1): Releasing backup interface [ 722.262480][T16698] team0: Port device team_slave_0 removed [ 722.349002][T16698] team0: Port device team_slave_1 removed [ 722.355805][T16698] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 722.649835][T16698] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 722.709222][T16698] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 722.717011][T16698] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 722.843594][T16698] bond1: (slave gretap1): Releasing active interface [ 722.998896][T16702] netlink: 'syz.4.3164': attribute type 10 has an invalid length. [ 723.069423][T16702] 8021q: adding VLAN 0 to HW filter on device bond0 [ 723.108797][T16702] team0: Port device bond0 added [ 723.176850][T16707] device syzkaller0 entered promiscuous mode [ 726.472408][T16755] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 726.585751][T16755] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 731.237918][T16557] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 731.252359][T16557] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 731.262094][T16557] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 731.278191][T16557] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 731.344668][T16557] 8021q: adding VLAN 0 to HW filter on device bond0 [ 731.358991][ T9962] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 731.370258][ T9962] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 731.384290][T16557] 8021q: adding VLAN 0 to HW filter on device team0 [ 731.399194][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 731.409225][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 731.422698][ T7933] bridge0: port 1(bridge_slave_0) entered blocking state [ 731.429875][ T7933] bridge0: port 1(bridge_slave_0) entered forwarding state [ 731.461281][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 731.476031][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 731.484742][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 731.494902][ T7933] bridge0: port 2(bridge_slave_1) entered blocking state [ 731.502068][ T7933] bridge0: port 2(bridge_slave_1) entered forwarding state [ 731.517225][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 731.526619][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 731.535587][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 731.547938][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 731.567134][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 731.575299][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 731.584592][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 731.593691][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 731.604699][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 731.613847][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 731.622751][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 731.635684][T16557] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 731.934564][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 731.942475][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 731.956434][T16557] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 732.346548][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 732.355204][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 732.382940][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 732.393501][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 732.402616][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 732.411237][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 732.429294][T16557] device veth0_vlan entered promiscuous mode [ 732.447223][T16557] device veth1_vlan entered promiscuous mode [ 732.472635][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 732.486123][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 732.494226][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 732.503720][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 732.514803][T16557] device veth0_macvtap entered promiscuous mode [ 732.538624][T16557] device veth1_macvtap entered promiscuous mode [ 732.560841][T16557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 732.571566][T16557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 732.587101][T16557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 732.601199][T16557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 732.614900][T16557] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 732.623700][ T7932] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 732.634642][ T7932] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 732.644011][ T7932] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 732.652962][ T7932] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 732.664573][T16557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 732.676111][T16557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 732.687007][T16557] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 732.705169][T16557] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 732.721446][T16557] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 732.732876][ T7932] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 732.742610][ T7932] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 732.754010][T16557] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 732.773203][T16557] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 732.782492][T16557] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 732.796421][T16557] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 732.893570][ T9962] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 732.907269][ T9962] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 732.918805][ T7932] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 732.950357][ T7932] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 732.963197][ T7932] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 732.970795][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 733.123299][T16859] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3128'. [ 733.399200][T16873] netlink: 'syz.9.3185': attribute type 1 has an invalid length. [ 733.490321][T16876] device gretap1 entered promiscuous mode [ 734.405907][ T4291] Bluetooth: hci0: Invalid connection link type handle 0x00c8 [ 734.435563][T16883] loop7: detected capacity change from 0 to 1024 [ 734.630346][ T9962] hfsplus: b-tree write err: -5, ino 25 [ 734.649479][ T9962] hfsplus: b-tree write err: -5, ino 4 [ 734.655084][ T9962] hfsplus: b-tree write err: -5, ino 2 [ 734.675854][T16895] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3189'. [ 734.745409][ T4595] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 734.945654][ T4595] usb 5-1: Using ep0 maxpacket: 16 [ 734.952739][ T4595] usb 5-1: config 0 has an invalid descriptor of length 64, skipping remainder of the config [ 735.022945][T16905] device syzkaller0 entered promiscuous mode [ 735.067635][ T4595] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 735.121840][ T4595] usb 5-1: New USB device found, idVendor=28bd, idProduct=0055, bcdDevice= 0.00 [ 735.214450][ T4595] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 735.348241][ T4595] usb 5-1: config 0 descriptor?? [ 738.275224][T16949] IPv6: Can't replace route, no match found [ 739.378044][ T4595] usb 5-1: USB disconnect, device number 3 [ 740.573703][T16976] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3211'. [ 740.666831][T16980] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3213'. [ 740.834605][T16988] loop4: detected capacity change from 0 to 8 [ 740.950614][T16980] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 740.961573][T16980] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready [ 740.977251][T16980] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 740.989580][T16988] SQUASHFS error: lzo decompression failed, data probably corrupt [ 740.999211][T16980] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 741.230243][T16988] SQUASHFS error: Failed to read block 0x91: -5 [ 741.354319][T16988] SQUASHFS error: Unable to read metadata cache entry [8f] [ 741.783950][T16988] SQUASHFS error: Unable to read inode 0x11f [ 742.195467][T16998] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3216'. [ 742.241318][T17001] lo speed is unknown, defaulting to 1000 [ 742.256837][T17004] netlink: 3 bytes leftover after parsing attributes in process `syz.4.3215'. [ 743.645530][T17025] bridge0: port 3(erspan0) entered blocking state [ 743.796610][T17025] bridge0: port 3(erspan0) entered disabled state [ 743.847165][T17025] device erspan0 entered promiscuous mode [ 743.981830][T17031] mmap: syz.8.3223 (17031) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 746.175149][T17025] bridge0: port 3(erspan0) entered blocking state [ 746.181816][T17025] bridge0: port 3(erspan0) entered forwarding state [ 746.218189][T17026] device erspan0 left promiscuous mode [ 746.224420][T17026] bridge0: port 3(erspan0) entered disabled state [ 747.116214][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.123103][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.626358][T17057] raw_sendmsg: syz.8.3231 forgot to set AF_INET. Fix it! [ 748.052887][T17072] xt_TCPMSS: Only works on TCP SYN packets [ 748.461580][T17076] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3234'. [ 750.154213][T17088] bridge0: port 1(macvlan2) entered blocking state [ 750.174408][T17088] bridge0: port 1(macvlan2) entered disabled state [ 750.257282][T17088] bridge0: port 1(macvlan2) entered blocking state [ 750.263913][T17088] bridge0: port 1(macvlan2) entered forwarding state [ 750.433268][ T27] audit: type=1326 audit(1781149983.235:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 750.654838][ T27] audit: type=1326 audit(1781149983.265:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 750.693038][ T27] audit: type=1326 audit(1781149983.265:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 752.235288][ T27] audit: type=1326 audit(1781149983.265:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 754.225322][ T27] audit: type=1326 audit(1781149983.265:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 754.348106][ T27] audit: type=1326 audit(1781149983.265:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 754.475633][ T27] audit: type=1326 audit(1781149983.265:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 754.500405][ T27] audit: type=1326 audit(1781149983.275:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 754.537701][ T27] audit: type=1326 audit(1781149983.275:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 755.315409][ T27] audit: type=1326 audit(1781149983.275:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 755.369237][T17133] overlayfs: failed to clone upperpath [ 755.529957][ T27] audit: type=1326 audit(1781149983.275:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 755.555539][ T27] audit: type=1326 audit(1781149983.275:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 755.579857][ T27] audit: type=1326 audit(1781149983.275:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 756.326443][ T27] audit: type=1326 audit(1781149983.275:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 756.873014][ T27] audit: type=1326 audit(1781149983.275:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 756.897591][ T27] audit: type=1326 audit(1781149983.275:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 756.922101][ T27] audit: type=1326 audit(1781149983.275:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 756.946601][ T27] audit: type=1326 audit(1781149983.275:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 756.971232][ T27] audit: type=1326 audit(1781149983.275:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 756.997249][ T27] audit: type=1326 audit(1781149983.275:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17094 comm="syz.8.3240" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc51379ce59 code=0x7ffc0000 [ 757.261308][T17154] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3255'. [ 758.330565][T17161] loop7: detected capacity change from 0 to 32768 [ 758.376859][T17161] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 758.385680][T17161] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 758.429910][T17161] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 758.450447][ T127] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 758.494057][ T127] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 758.918178][ T127] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 424ms [ 758.931775][ T127] gfs2: fsid=syz:syz.0: jid=0: Done [ 758.940580][T17161] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 759.063635][T17161] gfs2: fsid=syz:syz.0: found 1 quota changes [ 759.087285][T17175] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error [ 759.087285][T17175] inode = 11 2339 [ 759.087285][T17175] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 413 [ 759.197825][T17175] gfs2: fsid=syz:syz.0: G: s:EX n:2/923 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1 [ 759.272465][T17175] gfs2: fsid=syz:syz.0: H: s:EX f:H e:0 p:17175 [gfs2_quotad] gfs2_quota_sync+0x32c/0x700 [ 759.283313][T17175] gfs2: fsid=syz:syz.0: I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0 [ 759.291708][T17175] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 759.323114][T17175] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 759.395939][T17175] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 759.652901][T17175] gfs2: fsid=syz:syz.0: File system withdrawn [ 759.715347][T17175] CPU: 1 PID: 17175 Comm: gfs2_quotad Not tainted syzkaller #0 [ 759.722959][T17175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 759.733046][T17175] Call Trace: [ 759.736414][T17175] [ 759.739401][T17175] dump_stack_lvl+0x188/0x24e [ 759.744169][T17175] ? kobject_uevent_env+0x35f/0x8a0 [ 759.749456][T17175] ? show_regs_print_info+0x12/0x12 [ 759.754673][T17175] ? load_image+0x400/0x400 [ 759.759218][T17175] ? kobject_uevent_env+0x35f/0x8a0 [ 759.764507][T17175] gfs2_withdraw+0xde6/0x15d0 [ 759.769265][T17175] ? gfs2_lm+0x240/0x240 [ 759.773540][T17175] ? gfs2_consist_inode_i+0xf1/0x110 [ 759.778849][T17175] gfs2_inode_refresh+0xc2a/0x1140 [ 759.784030][T17175] ? gfs2_inode_metasync+0xf0/0xf0 [ 759.789168][T17175] ? gfs2_glock_nq+0xcf0/0x14e0 [ 759.794053][T17175] gfs2_instantiate+0x15e/0x210 [ 759.798924][T17175] gfs2_glock_wait+0x1d0/0x2a0 [ 759.803715][T17175] do_sync+0x4bf/0xc40 [ 759.807812][T17175] ? gfs2_quota_sync+0x32c/0x700 [ 759.812778][T17175] ? slot_put+0x1e0/0x1e0 [ 759.817140][T17175] ? __lock_acquire+0x7d10/0x7d10 [ 759.822265][T17175] ? do_raw_spin_lock+0x128/0x2f0 [ 759.827325][T17175] ? gfs2_quota_sync+0x32c/0x700 [ 759.832290][T17175] ? do_raw_spin_unlock+0x11d/0x230 [ 759.837513][T17175] gfs2_quota_sync+0x32c/0x700 [ 759.842324][T17175] gfs2_quotad+0x420/0x680 [ 759.846784][T17175] ? gfs2_wake_up_statfs+0xc0/0xc0 [ 759.851947][T17175] ? _raw_spin_unlock_irqrestore+0x82/0x120 [ 759.857964][T17175] ? wake_bit_function+0x200/0x200 [ 759.863108][T17175] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 759.869036][T17175] ? __kthread_parkme+0x162/0x1c0 [ 759.874169][T17175] kthread+0x29d/0x330 [ 759.878260][T17175] ? gfs2_wake_up_statfs+0xc0/0xc0 [ 759.883398][T17175] ? kthread_blkcg+0xd0/0xd0 [ 759.888010][T17175] ret_from_fork+0x1f/0x30 [ 759.892546][T17175] [ 760.018428][T14592] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485 [ 760.052377][T17189] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3263'. [ 760.105495][T14592] CPU: 0 PID: 14592 Comm: syz-executor Not tainted syzkaller #0 [ 760.113202][T14592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 760.123319][T14592] Call Trace: [ 760.126620][T14592] [ 760.129577][T14592] dump_stack_lvl+0x188/0x24e [ 760.134286][T14592] ? gfs2_assert_warn_i+0xc3/0x2c0 [ 760.139431][T14592] ? show_regs_print_info+0x12/0x12 [ 760.144659][T14592] ? load_image+0x400/0x400 [ 760.149204][T14592] ? do_raw_spin_unlock+0x11d/0x230 [ 760.154440][T14592] gfs2_assert_warn_i+0x18f/0x2c0 [ 760.159509][T14592] gfs2_quota_cleanup+0x4b4/0x6a0 [ 760.164580][T14592] gfs2_put_super+0x22f/0x8c0 [ 760.169313][T14592] ? gfs2_evict_inode+0x11d0/0x11d0 [ 760.174546][T14592] generic_shutdown_super+0x130/0x340 [ 760.180031][T14592] kill_block_super+0x7c/0xe0 [ 760.184743][T14592] deactivate_locked_super+0x93/0xf0 [ 760.190055][T14592] cleanup_mnt+0x42c/0x4b0 [ 760.194538][T14592] ? lockdep_hardirqs_on+0x94/0x140 [ 760.199774][T14592] task_work_run+0x1d0/0x260 [ 760.204396][T14592] ? task_work_cancel+0x220/0x220 [ 760.209457][T14592] ? exit_to_user_mode_loop+0x3b/0x110 [ 760.215026][T14592] exit_to_user_mode_loop+0xe6/0x110 [ 760.220348][T14592] exit_to_user_mode_prepare+0xee/0x180 [ 760.225929][T14592] syscall_exit_to_user_mode+0x16/0x40 [ 760.231423][T14592] do_syscall_64+0x58/0xa0 [ 760.235864][T14592] ? clear_bhb_loop+0x60/0xb0 [ 760.240586][T14592] ? clear_bhb_loop+0x60/0xb0 [ 760.245316][T14592] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 760.251276][T14592] RIP: 0033:0x7fa3d5d9e097 [ 760.255751][T14592] Code: a2 c7 05 5c 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 760.275460][T14592] RSP: 002b:00007fffc9336bb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 760.283971][T14592] RAX: 0000000000000000 RBX: 00007fa3d5e321ca RCX: 00007fa3d5d9e097 [ 760.291975][T14592] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffc9336c70 [ 760.299964][T14592] RBP: 00007fffc9336c70 R08: 00007fffc9337c70 R09: 00000000ffffffff [ 760.307949][T14592] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffc9337d00 [ 760.315930][T14592] R13: 00007fa3d5e321ca R14: 00000000000b96e9 R15: 00007fffc9337d40 [ 760.323923][T14592] [ 760.368482][T17192] lo speed is unknown, defaulting to 1000 [ 761.512631][T17198] lo speed is unknown, defaulting to 1000 [ 766.628836][T17226] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3271'. [ 768.555569][T17241] loop4: detected capacity change from 0 to 512 [ 768.563980][T17242] Bluetooth: MGMT ver 1.22 [ 768.647596][T17241] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 768.660133][T17245] loop7: detected capacity change from 0 to 128 [ 768.741456][T17245] FAT-fs (loop7): Unrecognized mount option "" or missing value [ 768.814288][T17241] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.3275: invalid indirect mapped block 9 (level 0) [ 768.952303][T17241] EXT4-fs (loop4): 1 truncate cleaned up [ 769.030217][T17241] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 769.654302][T14237] EXT4-fs (loop4): unmounting filesystem. [ 769.668855][T17261] loop7: detected capacity change from 0 to 1024 [ 769.779773][T17261] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 769.930651][T17272] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3281'. [ 770.132220][T17278] lo speed is unknown, defaulting to 1000 [ 771.055302][ T4600] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 771.245411][ T4600] usb 10-1: Using ep0 maxpacket: 16 [ 771.253060][ T4600] usb 10-1: too many configurations: 98, using maximum allowed: 8 [ 771.357436][ T4600] usb 10-1: config 6 has no interfaces? [ 771.438328][ T4600] usb 10-1: config 6 has no interfaces? [ 771.486770][ T4600] usb 10-1: config 6 has no interfaces? [ 771.515433][ T4600] usb 10-1: config 6 has no interfaces? [ 771.538415][ T4600] usb 10-1: config 6 has no interfaces? [ 771.578996][ T4600] usb 10-1: config 6 has no interfaces? [ 771.606121][ T4600] usb 10-1: config 6 has no interfaces? [ 771.636019][ T4600] usb 10-1: config 6 has no interfaces? [ 771.659299][T17290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 771.707791][T17290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.778013][T17290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 771.841618][T17290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.892188][T17290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 771.945185][T17290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.981320][T17312] xt_CT: You must specify a L4 protocol and not use inversions on it [ 771.997135][T17290] device batadv_slave_1 entered promiscuous mode [ 772.069568][ T4600] usb 10-1: string descriptor 0 read error: -71 [ 772.108530][ T4600] usb 10-1: New USB device found, idVendor=09c0, idProduct=0200, bcdDevice=58.3c [ 772.145528][ T4600] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=154 [ 772.201310][ T4600] usb 10-1: rejected 8 configurations due to insufficient available bus power [ 772.233933][ T4600] usb 10-1: no configuration chosen from 8 choices [ 772.259717][ T4600] usb 10-1: USB disconnect, device number 2 [ 772.617138][T17322] tipc: Started in network mode [ 772.622131][T17322] tipc: Node identity ac1414aa, cluster identity 4711 [ 772.672095][T17322] tipc: Enabled bearer , priority 10 [ 773.471442][T17337] dns_resolver: Unsupported content type (8) [ 773.571650][T17331] loop7: detected capacity change from 0 to 2048 [ 773.677673][T17331] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 773.694742][T17331] EXT4-fs (loop7): unmounting filesystem. [ 773.805365][ T4596] tipc: Node number set to 2886997162 [ 775.442263][T17373] netlink: 'syz.8.3306': attribute type 1 has an invalid length. [ 775.457030][T17373] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3306'. [ 776.294766][T17371] loop7: detected capacity change from 0 to 512 [ 776.707422][T17371] FAT-fs (loop7): FAT read failed (blocknr 128) [ 777.371440][T17394] device syzkaller0 entered promiscuous mode [ 777.393440][T17393] loop4: detected capacity change from 0 to 2048 [ 777.495552][T17393] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 777.538367][T17393] EXT4-fs (loop4): unmounting filesystem. [ 781.633333][T17424] tipc: Enabling of bearer rejected, failed to enable media [ 781.900923][T17441] loop4: detected capacity change from 0 to 512 [ 781.962769][T17441] EXT4-fs warning (device loop4): ext4_multi_mount_protect:324: fsck is running on the filesystem [ 782.694811][T17441] EXT4-fs warning (device loop4): ext4_multi_mount_protect:324: MMP failure info: last update time: 1756377978, last update node: nogikhp920.muc.corp.google.com, last update device: loop12 [ 782.800019][T17441] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3322'. [ 784.406007][T17478] netlink: 3 bytes leftover after parsing attributes in process `syz.6.3330'. [ 787.085767][T17497] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3335'. [ 790.156758][T17175] ================================================================== [ 790.164875][T17175] BUG: KASAN: use-after-free in __lock_acquire+0x106/0x7d10 [ 790.172261][T17175] Read of size 8 at addr ffff88802f7e0bb0 by task gfs2_quotad/17175 [ 790.180307][T17175] [ 790.182702][T17175] CPU: 0 PID: 17175 Comm: gfs2_quotad Not tainted syzkaller #0 [ 790.190271][T17175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 790.200350][T17175] Call Trace: [ 790.203649][T17175] [ 790.206597][T17175] dump_stack_lvl+0x188/0x24e [ 790.211307][T17175] ? __lock_acquire+0x7d10/0x7d10 [ 790.216378][T17175] ? show_regs_print_info+0x12/0x12 [ 790.221598][T17175] ? load_image+0x400/0x400 [ 790.226135][T17175] ? _raw_spin_lock_irqsave+0xbc/0x100 [ 790.231619][T17175] ? __virt_addr_valid+0x188/0x540 [ 790.236825][T17175] ? __virt_addr_valid+0x465/0x540 [ 790.241969][T17175] ? __lock_acquire+0x106/0x7d10 [ 790.246945][T17175] print_report+0xa8/0x210 [ 790.251391][T17175] kasan_report+0x10b/0x140 [ 790.255970][T17175] ? __lock_acquire+0x106/0x7d10 [ 790.260941][T17175] __lock_acquire+0x106/0x7d10 [ 790.265737][T17175] ? verify_lock_unused+0x140/0x140 [ 790.270961][T17175] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 790.276972][T17175] ? lock_chain_count+0x20/0x20 [ 790.281867][T17175] ? __free_object+0x218/0xa70 [ 790.286705][T17175] ? lockdep_hardirqs_on+0x94/0x140 [ 790.291931][T17175] ? verify_lock_unused+0x140/0x140 [ 790.297166][T17175] ? alloc_object+0x640/0x640 [ 790.301881][T17175] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 790.307908][T17175] ? lock_chain_count+0x20/0x20 [ 790.312785][T17175] lock_acquire+0x1bb/0x4a0 [ 790.317303][T17175] ? finish_wait+0xb8/0x1d0 [ 790.321836][T17175] ? timer_delete_sync+0x20/0x20 [ 790.326792][T17175] ? __mod_timer+0x91e/0xd00 [ 790.331404][T17175] ? read_lock_is_recursive+0x10/0x10 [ 790.336788][T17175] _raw_spin_lock_irqsave+0xb0/0x100 [ 790.342101][T17175] ? finish_wait+0xb8/0x1d0 [ 790.346645][T17175] ? _raw_spin_lock+0x40/0x40 [ 790.351335][T17175] ? update_process_times+0x1b0/0x1b0 [ 790.356724][T17175] finish_wait+0xb8/0x1d0 [ 790.361091][T17175] gfs2_quotad+0x4f3/0x680 [ 790.365555][T17175] ? gfs2_wake_up_statfs+0xc0/0xc0 [ 790.370676][T17175] ? _raw_spin_unlock_irqrestore+0x82/0x120 [ 790.376580][T17175] ? wake_bit_function+0x200/0x200 [ 790.381701][T17175] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 790.387605][T17175] ? __kthread_parkme+0x162/0x1c0 [ 790.392646][T17175] kthread+0x29d/0x330 [ 790.396720][T17175] ? gfs2_wake_up_statfs+0xc0/0xc0 [ 790.401849][T17175] ? kthread_blkcg+0xd0/0xd0 [ 790.406447][T17175] ret_from_fork+0x1f/0x30 [ 790.410894][T17175] [ 790.413926][T17175] [ 790.416253][T17175] Allocated by task 17464: [ 790.420724][T17175] kasan_set_track+0x4b/0x70 [ 790.425329][T17175] __kasan_kmalloc+0x8e/0xa0 [ 790.429941][T17175] __kmalloc_node+0xb0/0x240 [ 790.434593][T17175] kvmalloc_node+0x6c/0x180 [ 790.439109][T17175] bpf_check+0x1b7/0x10db0 [ 790.443557][T17175] bpf_prog_load+0x101a/0x1560 [ 790.448355][T17175] __sys_bpf+0x5b8/0x780 [ 790.452607][T17175] __x64_sys_bpf+0x78/0x90 [ 790.457036][T17175] do_syscall_64+0x4c/0xa0 [ 790.461473][T17175] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 790.467384][T17175] [ 790.469708][T17175] Freed by task 17464: [ 790.473770][T17175] kasan_set_track+0x4b/0x70 [ 790.478371][T17175] kasan_save_free_info+0x2d/0x50 [ 790.483404][T17175] ____kasan_slab_free+0x126/0x1e0 [ 790.488523][T17175] slab_free_freelist_hook+0x131/0x1a0 [ 790.493989][T17175] __kmem_cache_free+0xb6/0x1f0 [ 790.498845][T17175] bpf_check+0x9ed1/0x10db0 [ 790.503359][T17175] bpf_prog_load+0x101a/0x1560 [ 790.508172][T17175] __sys_bpf+0x5b8/0x780 [ 790.512425][T17175] __x64_sys_bpf+0x78/0x90 [ 790.516851][T17175] do_syscall_64+0x4c/0xa0 [ 790.521539][T17175] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 790.527453][T17175] [ 790.529782][T17175] The buggy address belongs to the object at ffff88802f7e0000 [ 790.529782][T17175] which belongs to the cache kmalloc-8k of size 8192 [ 790.543911][T17175] The buggy address is located 2992 bytes inside of [ 790.543911][T17175] 8192-byte region [ffff88802f7e0000, ffff88802f7e2000) [ 790.557535][T17175] [ 790.559877][T17175] The buggy address belongs to the physical page: [ 790.566338][T17175] page:ffffea0000bdf800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2f7e0 [ 790.576492][T17175] head:ffffea0000bdf800 order:3 compound_mapcount:0 compound_pincount:0 [ 790.584822][T17175] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 790.592825][T17175] raw: 00fff00000010200 ffffea00014e8e00 dead000000000002 ffff888017442280 [ 790.601413][T17175] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 790.610005][T17175] page dumped because: kasan: bad access detected [ 790.616426][T17175] page_owner tracks the page as allocated [ 790.622145][T17175] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 17161, tgid 17159 (syz.7.3260), ts 758340429273, free_ts 758030061416 [ 790.645111][T17175] post_alloc_hook+0x173/0x1a0 [ 790.649938][T17175] get_page_from_freelist+0x1a1e/0x1ab0 [ 790.655498][T17175] __alloc_pages+0x1ec/0x4f0 [ 790.660102][T17175] alloc_slab_page+0x5d/0x160 [ 790.664796][T17175] new_slab+0x87/0x2c0 [ 790.668872][T17175] ___slab_alloc+0xbc6/0x1240 [ 790.673553][T17175] __kmem_cache_alloc_node+0x1a0/0x260 [ 790.679018][T17175] kmalloc_trace+0x26/0xe0 [ 790.683448][T17175] gfs2_fill_super+0x134/0x1fb0 [ 790.688313][T17175] get_tree_bdev+0x3f1/0x610 [ 790.692907][T17175] gfs2_get_tree+0x4d/0x1e0 [ 790.697420][T17175] vfs_get_tree+0x88/0x270 [ 790.701854][T17175] do_new_mount+0x24a/0xa40 [ 790.706373][T17175] __se_sys_mount+0x2e3/0x3d0 [ 790.711054][T17175] do_syscall_64+0x4c/0xa0 [ 790.715477][T17175] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 790.721385][T17175] page last free stack trace: [ 790.726055][T17175] free_unref_page_prepare+0x8b4/0x9a0 [ 790.731530][T17175] free_unref_page+0x2e/0x3f0 [ 790.736220][T17175] qlist_free_all+0x76/0xe0 [ 790.740792][T17175] kasan_quarantine_reduce+0x144/0x160 [ 790.746256][T17175] __kasan_slab_alloc+0x1e/0x80 [ 790.751125][T17175] slab_post_alloc_hook+0x4b/0x480 [ 790.756252][T17175] kmem_cache_alloc+0x123/0x2f0 [ 790.761118][T17175] ptlock_alloc+0x1c/0x60 [ 790.765506][T17175] pte_alloc_one+0xc0/0x310 [ 790.770018][T17175] __pte_alloc+0x21/0x150 [ 790.774354][T17175] handle_mm_fault+0x3634/0x3ee0 [ 790.779292][T17175] do_user_addr_fault+0x51f/0xb10 [ 790.784325][T17175] exc_page_fault+0x60/0x100 [ 790.788923][T17175] asm_exc_page_fault+0x22/0x30 [ 790.793790][T17175] [ 790.796118][T17175] Memory state around the buggy address: [ 790.801757][T17175] ffff88802f7e0a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 790.809825][T17175] ffff88802f7e0b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 790.817971][T17175] >ffff88802f7e0b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 790.826036][T17175] ^ [ 790.831667][T17175] ffff88802f7e0c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 790.839750][T17175] ffff88802f7e0c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 790.847830][T17175] ================================================================== [ 790.855916][T17175] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 790.863119][T17175] CPU: 0 PID: 17175 Comm: gfs2_quotad Not tainted syzkaller #0 [ 790.870674][T17175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 790.880748][T17175] Call Trace: [ 790.884036][T17175] [ 790.886983][T17175] dump_stack_lvl+0x188/0x24e [ 790.891677][T17175] ? memcpy+0x3c/0x60 [ 790.895678][T17175] ? show_regs_print_info+0x12/0x12 [ 790.900901][T17175] ? load_image+0x400/0x400 [ 790.905420][T17175] panic+0x2e5/0x730 [ 790.909343][T17175] ? __lock_acquire+0x7d10/0x7d10 [ 790.914382][T17175] ? bpf_jit_dump+0xd0/0xd0 [ 790.918894][T17175] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 790.924799][T17175] ? _raw_spin_unlock+0x40/0x40 [ 790.929657][T17175] check_panic_on_warn+0x80/0xa0 [ 790.934663][T17175] ? __lock_acquire+0x106/0x7d10 [ 790.939610][T17175] end_report+0x66/0x110 [ 790.943867][T17175] kasan_report+0x118/0x140 [ 790.948381][T17175] ? __lock_acquire+0x106/0x7d10 [ 790.953333][T17175] __lock_acquire+0x106/0x7d10 [ 790.958112][T17175] ? verify_lock_unused+0x140/0x140 [ 790.963354][T17175] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 790.969347][T17175] ? lock_chain_count+0x20/0x20 [ 790.974220][T17175] ? __free_object+0x218/0xa70 [ 790.979103][T17175] ? lockdep_hardirqs_on+0x94/0x140 [ 790.984329][T17175] ? verify_lock_unused+0x140/0x140 [ 790.989543][T17175] ? alloc_object+0x640/0x640 [ 790.994230][T17175] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 791.000222][T17175] ? lock_chain_count+0x20/0x20 [ 791.005085][T17175] lock_acquire+0x1bb/0x4a0 [ 791.009598][T17175] ? finish_wait+0xb8/0x1d0 [ 791.014114][T17175] ? timer_delete_sync+0x20/0x20 [ 791.019061][T17175] ? __mod_timer+0x91e/0xd00 [ 791.023662][T17175] ? read_lock_is_recursive+0x10/0x10 [ 791.029052][T17175] _raw_spin_lock_irqsave+0xb0/0x100 [ 791.034349][T17175] ? finish_wait+0xb8/0x1d0 [ 791.038861][T17175] ? _raw_spin_lock+0x40/0x40 [ 791.043546][T17175] ? update_process_times+0x1b0/0x1b0 [ 791.048925][T17175] finish_wait+0xb8/0x1d0 [ 791.053267][T17175] gfs2_quotad+0x4f3/0x680 [ 791.057702][T17175] ? gfs2_wake_up_statfs+0xc0/0xc0 [ 791.062832][T17175] ? _raw_spin_unlock_irqrestore+0x82/0x120 [ 791.068753][T17175] ? wake_bit_function+0x200/0x200 [ 791.073892][T17175] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 791.079802][T17175] ? __kthread_parkme+0x162/0x1c0 [ 791.084845][T17175] kthread+0x29d/0x330 [ 791.088921][T17175] ? gfs2_wake_up_statfs+0xc0/0xc0 [ 791.094054][T17175] ? kthread_blkcg+0xd0/0xd0 [ 791.098663][T17175] ret_from_fork+0x1f/0x30 [ 791.103099][T17175] [ 791.106680][T17175] Kernel Offset: disabled [ 791.111008][T17175] Rebooting in 86400 seconds..