last executing test programs: 2m48.611544913s ago: executing program 1 (id=87): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2m48.299705282s ago: executing program 1 (id=88): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c00000010003904000000000000000000008000", @ANYRES32=0x0, @ANYBLOB="00000000000000003c0012800b000100697036746e6c00002c000280140003002001000000000000000000000000000114000200fc"], 0x5c}}, 0x0) 2m48.198131546s ago: executing program 1 (id=90): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000040)={[{@mblk_io_submit}, {@errors_continue}, {@noquota}, {@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@grpjquota}]}, 0x1, 0x5b7, &(0x7f0000001380)="$eJzs3U1oHNcdAPD/zGot2ZYrF1poiw+mLbhgvPqw3bo9yddSg8GHQi+tWK2F0UprtKvWEoLKdxPiQ0iCL84tOeSYkEMOIZccc80lH+eAiUUClg/Jhv2SZXnlrGTtbqz9/WC0783M7v//duY9zQwzbAAD63TtTxrx24i4mkSMbVs2FM2FpxvrbW6s5R9vrOWTqFavfZNEEhGPNtbyrfWT5uvxiFiPiN9ExMfZiLPp1kceaRXKK6vzM8ViYalZH68s3Bwvr6yeu7EwM1eYKyye/8tfL166cHFyanJ7uo+r22vZvbX1zhd3X7nz6d/v333n3VPr+ddmkpiO0eay7e04SI3vJBvTO+Zf6EawPkr6nQD7kmn281pX+nWMRabZ69upbh8chnuSHtBF1eGI6pZtRWAAJC/Q6VuDCPAyah0H1M5/W1Mvjz8eXG6cgNTibm6s5f8frfhDjWsTMVI/Nzn2bfLUmUntfPNkLxPlUFq/HRETQ0PP7v9Jc//bv4mDSJCu+uhyY0M9u/3TrfEn2ow/o61rpy+oNf5tNse/zTbxM7uMf1c7jPH9v756c9f4t4fjd23jJ1vxkzbx04j4T4fx7/3zg0u7Lau+FXEm2sdvSZ5/fXj8+o1iYaLxt22MD8+c+tvu7Y84tkv8xjXbkXoi29t/pJlT2mH73//kvd+vPyf+n/7w/O3f7vs/GhGvdhj/l4/e/sduyx7cTh7WjgL2uv2TyMb9DuP/efr0582iq4YAAAAAAAAAAHCA0vq9bEma2yqnaS7XeIb3V3EsLZbKlbPXS8uLs4173k5GNm3daTXWqCe1+mTzftxWfWpH/XymGTBztF7P5UvF2T63HQAAAAAAAAAAAAAAAAAAAH4uju94/v+7TP35/+mIqRP9zg3ogd1/8hs47PR/GFxP9/+kb3kAvef/Pwysqv4Pg0v/h8Gl/8Pg0v9hcLXt/0d7nwfQe8/0/5H+5AH0nuN/AAAAAAAAAAAAAAAAAAAAAAAAAADoiqtXrtSm6uONtXytPju0sjxf+u+52UJ5PrewnM/lS0s3c3Ol0lyxkMuXFn7q85JS6eZELC7fGq8UypXx8srqvxdKy4ut3xQtZLveIgAAAAAAAAAAAAAAAAAAAHj5jNanJM1FZBv1NM3lIk5ExMkkkus3ioWJiPhFRHyWyQ7X6pP9ThoAAAAAAAAAAAAAAAAAAAAOmfLK6vxMsVhY6l5hqBmqs3d9WelqPkN7WTki1g82jdon7vld2eYXWJ8z0vXtdbgLmQ73w4Ev9HFQAgAAAAAAAAAAAAAAAACAAfXkod9O3/FDdxMCAAAAAAAAAAAAAAAAAACAgZR+nUREbToz9sfRnUuPJJuZ+mtE/O/etddvzVQqS5O1+Q+35lfeaM6f6kf+QKda/TSNiFo/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4or6zOzxSLhaV9FoY7WKffbQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYjx8DAAD//95Mx5c=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x183042, 0x15) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x100, 0x2e0) preadv2(r0, &(0x7f0000000480)=[{&(0x7f00000002c0)=""/165, 0xa5}], 0x1, 0x4, 0x7, 0x6) 2m47.846109496s ago: executing program 1 (id=93): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000040)={[{@test_dummy_encryption}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@norecovery}]}, 0x3, 0x470, &(0x7f0000000dc0)="$eJzs3M1vG0UbAPBn13H65k0hoZSvlo9AQVQIkqYt0AMHQCBxKBISHOBoJaEqTQtqgkSrSKQcygkhJO6II/8CJ7ggxAmJK9xRpQr1QsvJaL27iZ3YTtPYcYt/P8ntM/vhmce7Y8/u2AlgaE1l/yQReyPi94iYyIutG0zl/12/tjJ349rKXBL1+tt/JY3t/r62MlduWu433lyIJA62qXfpwsUztcXFhfNFeWb57EczSxcuPnf6bO3UwqmFc0dPnDh+bPbFF44+35M8xyMtojfe++rNk1+05L8hjx6Z6rbyqXq9x9UN1l1N8cgA28H2VIrjVW30/4moNB29iXj9s7XCpwNqINA39Xq9Pt559Wod+A9LorWsy8OwKD/oy+vfdtfBL/dt9DF4V1/JL4CyvK8Xj3zNyNodg+qG69temoqId1f/+SZ7RH/uQwAAtPghG/88m412Vuayscf6+CON+5u2u7uYG5qMiHsiYl9E3BvnYn9E3BfR2PaBiHhwm/U3TZI0hpmbxz/plVtO7iZk47+Xirmt1vFfOfqLyUqjdCEvRDV5//TiwpHiNTkc1T1ZebZLHT++9tuXndY1j/+yR1Z/ORYs2nFlZE/rPvO15dqtZ9zq6qWIAyPt8k/WZgKSiHgoIg60e4J06zpOP/Pdw53WbZ1/Fz2YaKp/G/F0fvxXY0P+paT7/OTM/2Jx4chMeVZs9suvl9/qVP+O8u+B7Pj/v+35v5b/ZNI8X7u0/Tou//F5x2uaqWoRbOP8X60t10aTdxrxaLHsk9ry8vnZiNHkZN7o5uVH1/cty+X2Wf6HD7Xv//ti/ZU4GBHZSfxIRDwaEY8Vx+7xiHgiIg51yf/nV5/8YOOysTL/2+D4z2/r+K8Ho9G6JG2zTRZUzvz0fUulk+thkf+N7u9/xxvR4WLJzbz/bW5F+2Cnrx8AAADcCdKI2BtJOr0Wp+n0dP4d/v351Hfm43Pz+W8EJqOalne6Jpruh84Wl/V5+VJE5F8tKNcfi7Rx3/jrylijPD334eL8QDMHxjv0/8yflUG3Dug7P9iC4aX/w/Dq2v+ru9cOYPdt6v9d+/yevrYF2F1tPv/HBtEOYPe1G//7ez8wHDb0f9N+METc/4fhpf/D8NL/YSgtjcXWP5LvGpTPdIu7bxVMROy0hYMJonpbNKNvQaR9r2K0v6dW34LkDmzzpmBw70kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99G8AAAD//1KFzjw=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80) getdents64(r0, &(0x7f0000000400)=""/4096, 0xc00) 2m46.602025335s ago: executing program 0 (id=101): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000040)={[{@mblk_io_submit}, {@errors_continue}, {@noquota}, {@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@grpjquota}]}, 0x1, 0x5b7, &(0x7f0000001380)="$eJzs3U1oHNcdAPD/zGot2ZYrF1poiw+mLbhgvPqw3bo9yddSg8GHQi+tWK2F0UprtKvWEoLKdxPiQ0iCL84tOeSYkEMOIZccc80lH+eAiUUClg/Jhv2SZXnlrGTtbqz9/WC0783M7v//duY9zQwzbAAD63TtTxrx24i4mkSMbVs2FM2FpxvrbW6s5R9vrOWTqFavfZNEEhGPNtbyrfWT5uvxiFiPiN9ExMfZiLPp1kceaRXKK6vzM8ViYalZH68s3Bwvr6yeu7EwM1eYKyye/8tfL166cHFyanJ7uo+r22vZvbX1zhd3X7nz6d/v333n3VPr+ddmkpiO0eay7e04SI3vJBvTO+Zf6EawPkr6nQD7kmn281pX+nWMRabZ69upbh8chnuSHtBF1eGI6pZtRWAAJC/Q6VuDCPAyah0H1M5/W1Mvjz8eXG6cgNTibm6s5f8frfhDjWsTMVI/Nzn2bfLUmUntfPNkLxPlUFq/HRETQ0PP7v9Jc//bv4mDSJCu+uhyY0M9u/3TrfEn2ow/o61rpy+oNf5tNse/zTbxM7uMf1c7jPH9v756c9f4t4fjd23jJ1vxkzbx04j4T4fx7/3zg0u7Lau+FXEm2sdvSZ5/fXj8+o1iYaLxt22MD8+c+tvu7Y84tkv8xjXbkXoi29t/pJlT2mH73//kvd+vPyf+n/7w/O3f7vs/GhGvdhj/l4/e/sduyx7cTh7WjgL2uv2TyMb9DuP/efr0582iq4YAAAAAAAAAAHCA0vq9bEma2yqnaS7XeIb3V3EsLZbKlbPXS8uLs4173k5GNm3daTXWqCe1+mTzftxWfWpH/XymGTBztF7P5UvF2T63HQAAAAAAAAAAAAAAAAAAAH4uju94/v+7TP35/+mIqRP9zg3ogd1/8hs47PR/GFxP9/+kb3kAvef/Pwysqv4Pg0v/h8Gl/8Pg0v9hcLXt/0d7nwfQe8/0/5H+5AH0nuN/AAAAAAAAAAAAAAAAAAAAAAAAAADoiqtXrtSm6uONtXytPju0sjxf+u+52UJ5PrewnM/lS0s3c3Ol0lyxkMuXFn7q85JS6eZELC7fGq8UypXx8srqvxdKy4ut3xQtZLveIgAAAAAAAAAAAAAAAAAAAHj5jNanJM1FZBv1NM3lIk5ExMkkkus3ioWJiPhFRHyWyQ7X6pP9ThoAAAAAAAAAAAAAAAAAAAAOmfLK6vxMsVhY6l5hqBmqs3d9WelqPkN7WTki1g82jdon7vld2eYXWJ8z0vXtdbgLmQ73w4Ev9HFQAgAAAAAAAAAAAAAAAACAAfXkod9O3/FDdxMCAAAAAAAAAAAAAAAAAACAgZR+nUREbToz9sfRnUuPJJuZ+mtE/O/etddvzVQqS5O1+Q+35lfeaM6f6kf+QKda/TSNiFo/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4or6zOzxSLhaV9FoY7WKffbQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYjx8DAAD//95Mx5c=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x183042, 0x15) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x100, 0x2e0) preadv2(r0, &(0x7f0000000480)=[{&(0x7f00000002c0)=""/165, 0xa5}], 0x1, 0x4, 0x7, 0x6) 2m46.485973999s ago: executing program 1 (id=102): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file0\x00', 0x210000, &(0x7f0000000140)={[{@nodelalloc}, {@dioread_lock}, {@jqfmt_vfsv1}, {@abort}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x7}}, {@bh}, {@auto_da_alloc}]}, 0x1, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x3, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0, 0x0) 2m45.80179065s ago: executing program 0 (id=103): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = syz_io_uring_setup(0x34b8, &(0x7f0000000540)={0x0, 0xc3b1, 0x800, 0x1, 0x82, 0x0, 0x0}, &(0x7f0000000180)=0x0, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e21, @private=0xa010100}]}, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000040)={r6, 0x3}, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) syz_io_uring_submit(r2, r3, r4, &(0x7f0000000040)=@IORING_OP_CLOSE={0x13, 0x48, 0x0, r1}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) io_uring_enter(r1, 0x1, 0x1, 0x1, 0x0, 0x0) 2m45.546286949s ago: executing program 1 (id=106): r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x86}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x20000004) epoll_create1(0x0) ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r4, 0x6, 0x19, &(0x7f00000000c0)=0x7fff, 0x4) 2m44.415140373s ago: executing program 32 (id=106): r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x86}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x20000004) epoll_create1(0x0) ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r4, 0x6, 0x19, &(0x7f00000000c0)=0x7fff, 0x4) 2m44.373964965s ago: executing program 0 (id=109): r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0xa041, 0xd) fcntl$setlease(r0, 0x400, 0x0) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0) 2m44.21901469s ago: executing program 0 (id=110): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x14f) mount$bind(&(0x7f0000000240)='./file0/../file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x111091, 0x0) chroot(&(0x7f0000000580)='./file0/../file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000008c0)='./file0\x00', 0x0, 0x2a05004, 0x0) syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0) pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0\x00') 2m43.889951081s ago: executing program 0 (id=112): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0x5, 0x0, &(0x7f0000000140)='GPL\x00'}, 0x94) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00', 0x112}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x104}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000e5373526a01edb"], 0x1c}}, 0x4000) recvmmsg$unix(r5, &(0x7f0000002380)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f00000002c0)=""/4096, 0x1004}], 0x1}}], 0x8, 0x34000, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000240)={0x2, &(0x7f00000001c0)=[{0x20, 0xff, 0x3f, 0xfffff004}, {0x16, 0x4, 0x2, 0xfffffffe}]}) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001dc0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409eaa988dbc2fee9d313d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad0e0e2b45d14ee446b840edaa1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c50ce6a8e9f65de13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87915ed063f608dddb03a95b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0fd9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000c3d51d9a161446b4373e06a9e07f8a000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008435f39381c2a77c001caae53db7316fa6d48d032ab6831ebb813c85855c7a9ad8140a4b29422fc20d4e75c848984a2e217ec9c2833b8fa9106ee1be2c05103a36fc1126f1aa5284ba7179843b08ecadc199b9038cf6b9ee4e1f321a6a32e03bd987ddfada1f69756651b73a7ed0f7e467081193b284"], &(0x7f0000000140)='GPL\x00'}, 0x94) r6 = socket$kcm(0x2, 0x1, 0x0) sendmsg$inet(r6, 0x0, 0x20000811) ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000040)={0xffffffffffffffff, r0}) ioprio_get$pid(0x3, 0xffffffffffffffff) r7 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000180)={'wlan1\x00'}) 2m43.607447549s ago: executing program 0 (id=114): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2010480, &(0x7f00000001c0), 0x45, 0x76a, &(0x7f0000000fc0)="$eJzs3d9rW1UcAPDvTdt17aatIOh8KghaGEvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5adJla9KlW5MI+XzgNOfce9Nzvjn3nnuSe0kC6FsT6Z9MxKGI+CiJGKstTyJiqJobjDixud3t9bV8mpLY2Hjzj6S6za31tXw0PCd1oFZ4MiJ+fD/icGZ7veWV1flcsVhYqpWnKgvnp8orq0fOLeTmCnOFxWPTMzNHj79w/NjexfrXL6sHr3/82rPfnPjnvSeufvhTEifiYG1dYxx7ZSImaq/JUPoS3uXVva6sx5JeN4AHkh6aA5tHeRyKsRio5loY6WbLAIBOeTciNgCAPpM4/wNAn6l/DnBrfS1fT739RKK7brwSEfs3469f39xcM1i7Zre/eh109FZy15WRJCLG96D+iYj44ru3v0pTdOg6JEAzly5HxJnxie3jf7LtnoXdeq6NbSbuKRv/oHu+T+c/Lzab/2W25j/RZP4z3OTYfRD3P/4z1/agmpbS+d/LDfe23W6Iv2Z8oFZ6pDrnG0rOnisW0rHt0YiYjKHhtDy9Qx2TN/+92Wpd4/zvz0/e+TKtP328s0Xm2uDw3c+ZzVVyDxNzoxuXI54abBZ/stX/SYv576k263j9pQ8+b7UujT+Nt562x99ZG1cinmna/3fuaEt2vD9xqro7TNV3iia+/fWz0Vb1N/Z/mtL66+8FuiHt/9Gd4x9PGu/XLO++jp+vjP3Qat3942++/+9L3qrm99WWXcxVKkvTEfuSN7YvP3rnufVyffs0/smnmx//O+3/6XvCM23GP3j9968fPP7OSuOf3VX/7z5z9fb8QKv62+v/mWpusraknfGv3QY+zGsHAAAAAAAAAAAAAAAAAAAAAAAAAO3KRMTBSDLZrXwmk81u/ob34zGaKZbKlcNnS8uLs1H9rezxGMrUv+pyrOH7UKdr34dfLx+9p/x8RDwWEZ8Oj1TL2XypONvr4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5kCL3/9P/Tbc69YBAB2zv9cNAAC6zvkfAPrP7s7/Ix1rBwDQPd7/A0D/cf4HgP7j/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECHnTp5Mk0bf6+v5dPy7IWV5fnShSOzhfJ8dmE5n82Xls5n50qluWIhmy8ttPxHlzYfiqXS+ZlYXL44VSmUK1PlldXTC6Xlxcrpcwu5ucLpwlDXIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9pVXVudzxWJhSUZGRmYr0zhKjPRugAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4n/svAAD//9EyKso=") r0 = fanotify_init(0x8, 0x400) r1 = landlock_create_ruleset(&(0x7f00000002c0)={0x7f6e}, 0x18, 0x0) landlock_restrict_self(r1, 0x0) readv(r0, &(0x7f0000002940)=[{&(0x7f0000000300)=""/227, 0xe3}], 0x1) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') fanotify_mark(r0, 0x1, 0x8100011, r2, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r3, 0x0) 2m43.301953488s ago: executing program 33 (id=114): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2010480, &(0x7f00000001c0), 0x45, 0x76a, &(0x7f0000000fc0)="$eJzs3d9rW1UcAPDvTdt17aatIOh8KghaGEvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5adJla9KlW5MI+XzgNOfce9Nzvjn3nnuSe0kC6FsT6Z9MxKGI+CiJGKstTyJiqJobjDixud3t9bV8mpLY2Hjzj6S6za31tXw0PCd1oFZ4MiJ+fD/icGZ7veWV1flcsVhYqpWnKgvnp8orq0fOLeTmCnOFxWPTMzNHj79w/NjexfrXL6sHr3/82rPfnPjnvSeufvhTEifiYG1dYxx7ZSImaq/JUPoS3uXVva6sx5JeN4AHkh6aA5tHeRyKsRio5loY6WbLAIBOeTciNgCAPpM4/wNAn6l/DnBrfS1fT739RKK7brwSEfs3469f39xcM1i7Zre/eh109FZy15WRJCLG96D+iYj44ru3v0pTdOg6JEAzly5HxJnxie3jf7LtnoXdeq6NbSbuKRv/oHu+T+c/Lzab/2W25j/RZP4z3OTYfRD3P/4z1/agmpbS+d/LDfe23W6Iv2Z8oFZ6pDrnG0rOnisW0rHt0YiYjKHhtDy9Qx2TN/+92Wpd4/zvz0/e+TKtP328s0Xm2uDw3c+ZzVVyDxNzoxuXI54abBZ/stX/SYv576k263j9pQ8+b7UujT+Nt562x99ZG1cinmna/3fuaEt2vD9xqro7TNV3iia+/fWz0Vb1N/Z/mtL66+8FuiHt/9Gd4x9PGu/XLO++jp+vjP3Qat3942++/+9L3qrm99WWXcxVKkvTEfuSN7YvP3rnufVyffs0/smnmx//O+3/6XvCM23GP3j9968fPP7OSuOf3VX/7z5z9fb8QKv62+v/mWpusraknfGv3QY+zGsHAAAAAAAAAAAAAAAAAAAAAAAAAO3KRMTBSDLZrXwmk81u/ob34zGaKZbKlcNnS8uLs1H9rezxGMrUv+pyrOH7UKdr34dfLx+9p/x8RDwWEZ8Oj1TL2XypONvr4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5kCL3/9P/Tbc69YBAB2zv9cNAAC6zvkfAPrP7s7/Ix1rBwDQPd7/A0D/cf4HgP7j/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECHnTp5Mk0bf6+v5dPy7IWV5fnShSOzhfJ8dmE5n82Xls5n50qluWIhmy8ttPxHlzYfiqXS+ZlYXL44VSmUK1PlldXTC6Xlxcrpcwu5ucLpwlDXIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9pVXVudzxWJhSUZGRmYr0zhKjPRugAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4n/svAAD//9EyKso=") r0 = fanotify_init(0x8, 0x400) r1 = landlock_create_ruleset(&(0x7f00000002c0)={0x7f6e}, 0x18, 0x0) landlock_restrict_self(r1, 0x0) readv(r0, &(0x7f0000002940)=[{&(0x7f0000000300)=""/227, 0xe3}], 0x1) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') fanotify_mark(r0, 0x1, 0x8100011, r2, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r3, 0x0) 5.141217049s ago: executing program 5 (id=858): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xf4e) recvmsg(r0, &(0x7f0000000700)={0x0, 0x0, 0x0}, 0x102) 4.201740528s ago: executing program 5 (id=868): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) syz_clone3(&(0x7f0000000100)={0x901400, &(0x7f00000000c0), 0x0, 0x0, {0x41}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0) fcntl$setsig(0xffffffffffffffff, 0xa, 0x12) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000000404000001000000b7050000220000006a0a00fe000000008500000087000000b7000000592000009500000000000000a3028cb5af6c8f5d76781dcb7729f01726a067818b990b13bfddb7e78270010720596bb3b4d821d976f5843061cc2e3afbae82d7932d192321fa3b3042f100"/187], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94) setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, &(0x7f0000003d40), 0x4) setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10) syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000020c0), 0x101800, 0x0) ioctl$RTC_AIE_OFF(r1, 0x7002) r2 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) setsockopt$IP_VS_SO_SET_DELDEST(r2, 0x0, 0x488, &(0x7f0000000080)={{0x2b, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x1, 'sh\x00', 0x3, 0x6, 0x2d}, {@multicast2, 0x4e24, 0x2006, 0x200, 0x7, 0xc415}}, 0x44) r3 = syz_open_procfs(0x0, &(0x7f0000002380)='net/ip_mr_cache\x00') pread64(r3, &(0x7f0000000100)=""/253, 0xfd, 0x1) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x20}, 0xc) 3.993138125s ago: executing program 4 (id=871): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) getpid() sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000380)={[{@debug}, {@delalloc}, {@journal_ioprio}, {@test_dummy_encryption}, {@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@acl}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x1, 0xbb4, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnHy2zb2TXi6X27tpLpdLC+I0raTYIthKxY0LQbdCQzopIdMPkkhNmsVE/wFR14IbQS1KF3bdjYJbN1q3FhdCkdgoiGjkzEeSJjNJ2k5yYvL7wZvzvvOcOe/z5DBzzgszE8CeNZD9SSMORcT5JKJQfzyNiO5qrzeiUttvYX525Jf52ZEkFhdf/jGJJCLuz8+ONI6V1LcH6oPeiPjquST+8ebaeSenZ8aHy+XSRH18bOrS1WOT0zNPjl0avli6WLp8/OTTQyeGTg6eGmpbrb9+d+bWz/994fvKbx/9fuOndz5I4kz01WMr66hX/dgGYmDpf7JSZ0QMt+H4O0FHvZ6VdSadGzwp3eKkAABoKV1xD/evKERHLN+8FeLzr3NNDgAAAGiLxY6IRQAAAGCXS6z/AQAAYJdrfA7g/vzsSKPl+4mE7XXvbET01+pfqLdapDMq1W1vdEXE/vtJrPxaa1J72mMbiIi73576NGvR5HvIW60yFxH/bnb+k2r9/fVvQq+uP42IwTbMP7Bq/Feq/0wb5s+7fgD2pttnaxeytde/dOn+J5pc/zqbXLseRd7Xv8b938Ka+7/l+jta3P+9tMk5rn/43rVWsaz+Z249/0mjZfNn28cq6iHcm4v4T2ez+pOl+pMW9Z/f5ByFP66VWsXyrn/x/Ygj0bz+hmT93yc6NjpWLg3W/jadY+7LoY9bzZ93/dn539+i/o3O/9UHjtT6R31ePXfuZqvYxvWnP3Qnr1R73fVHXh+empo4HtGdvLj28RPr19vYp3GMrP6j/1v/9d+s/uw9oVL/P2SVz9W32fiNVXM+e+P6Z+vVn6398jz/Fx7x/L+1yTn+/8XbR1vFVq5/s5bNfzeprYUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCGNiL5I0mJEJNV+mhaLEQci4p+xPy1fmZx6YvTKa5cvZLGI/uhKR8fKpcGIKNTGSTY+Xu0vj0+sGj8VEQcj4t3Cvuq4OHKlfCHv4gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhyICL6IkmLEZFGxEIhTYvFvLMCAAAA2q4/7wQAAACALWf9DwAAALuf9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb7ODh23eSiKic3ldtme56rCvXzICtluadAJCbjrwTAHLTmXcCQG4eco3vdgF2oWSDeG/LSE/bcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg5zpy6PadJCIqp/dVW6a7Hutq+ozD25gdsJXSvBMActOxXrBz+/IAtp+XOOxdzdf4wF6SbBDvXd6n8mCkZ8tyAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDn6au2JC1GRFrtp2mxGPG3iOiPrmR0rFwajIi/R8Q3ha6ebNyTd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC03eT0zPhwuVya0NHRybeT7Iw0ap2835kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjD5PTM+HC5XJqYzDsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIG+T0zPjw+VyaWITnZsPs/OKTt41AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQnz8DAAD//9b4DfQ=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x5a042, 0x0) io_setup(0x3, &(0x7f0000000600)=0x0) io_submit(r1, 0x1, &(0x7f0000000040)=[&(0x7f0000000200)={0xf6ffffff00000000, 0x5301, 0x8, 0x1, 0x3, r0, 0x0, 0x0, 0x2000003000}]) 3.813626651s ago: executing program 2 (id=873): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xd40, 0xd2) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) close(0x3) syz_open_dev$vim2m(&(0x7f0000000040), 0xe0000000003, 0x2) mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x200000, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, 0x0, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = syz_io_uring_setup(0xf00, &(0x7f0000000140)={0x0, 0x5961, 0x10000, 0x0, 0x4e}, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r6, r7, r8, &(0x7f0000000280)=@IORING_OP_READV=@use_registered_buffer={0x1, 0xc, 0x4004, @fd_index=0x3, 0x5, 0x0, 0x0, 0x10}) io_uring_enter(r5, 0x2000, 0xfffffffd, 0x9, 0x0, 0x0) 3.741583253s ago: executing program 4 (id=874): socket(0x10, 0x803, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) pipe2$watch_queue(0x0, 0x80) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000a40), 0x401, 0x0) write$UHID_INPUT(r4, &(0x7f0000000e40)={0x8, {"ace0e6aa42f37706cd5797c96b9364b32a1a7cee34790852c1ad2e4d7cc38bea207cdbfd834f2d3eb9be7c18e7b8a73ad84142bea6df04b7927204ceba2b4b92686b639923868b0d527655fdeb4e2f5dd25231db979a6ead8a29424f9dab295fb76e14a4deb2d66d918ea82f63d9673e6ed7d1b77e1fe501b5717c645785dd4d10f018f354ad9a04840ab7e4019a118a493fd0e5e5a26f3bf6f4f5991007a07dfe5db78c41dcb7509e0a9b907b19890acc0c9e626cadec492382c2020e51ae4be2c941238af607d80c4693ec6d43753c6bf1f95981d89ec7366623e136b18de179d9a25b885e7697647b14939c224a955e39f0d063202d1dcb7d0f664d096bcc8d011fee4d2cad0f6c8a6f94ab72c9ea820c1ef9f50e4d76b7938cc924f392bedb79ef3409bbfe0615be1b6e7ee3ecfa2ebd31e5254b2c7a4d4a39eb7723f2819414765cfacc20cfb79d1fa09a4b9b3571c7a7b00c123093302789b3518e16ff8419dca882edcbbc656bab8184a64509b9c735fdbb63e7330a7b2a577db115f577f68ced730f0f871adaf6e56ea25b020ffc3d8f0103177745ce9c65614a93ad3a2ac26097c0b6077fc472513b476f4a62dd76d1d93f556ac09572ef137ea6c29c93a2b1e5f4fb44af211b49d54cd632463918c19021689a8db27aadff957287c72c011ee7a8144cb80b6e623e6737dd73e962387609fd7ba8949f865e4bfaad09ef5086e5f1443ca058f9beb3b938c9dfe5cdf0cdafa8eb3da0b7d09b986992c2ea0244348602ae2642bef15d820bcbd0cdb7d8a254357d1623d0d73416ee9396ca5dc775b2426e7b29a00d6677db10d3e18e504542560e0bf432699edea748165872e9a48418feebc7f0f446b6414019000711218a408d6994b927450f91668695c5b84ce8a2a1f28793120f24eced36bab433cc77c6a1fa1fa8b010ba34c46e739560158c106aed9acc87b391a865006b0659fb066d4131c11410fc64a627b876815583b0ace7f868c5d5c87abc14996d4b20d0caf5b1b62c8572cfb29ae6235f2d6c6f2b25eca444977b481120bcc69712e7c057e30b41aea57e69dee4353a2a76a3142d5a9b8644251ba0e756c7baa752bd34d23a67be635a080f62051b92200857e7d488b531d08c251311d4d583bb43831dd24d39144923f5a2ea6385a47228403719ec99f82ab76cfa7eab4ccc869ac0e7a3cf0eeb8b8fee16d2436911f2cfdb7df352c2997b88dedb67c82954345268f8f1fbcf92779014e8d8751db9083511cc2091554c8402380b310abf24b87aeb037863f0eb2b720b3601a58001ac17afffed467d3f1abf43fcacefa68b1623a27246204091774d1d16c9912c7edc148946c7c2d3addc4298b7426e60efed743cb86be4b76223c04287de6f340a255bbe30df52108bac11f4142ab5a9e260ee2e7087a26bba40a9f9c6dbbe5ae789f8aaa7775e62d0b3ffe1c6d9294612b1fb4fe36a981a31f833389946aaf25a5d5837b12f17e989d9ad3054e5954b54abe299794f6f1567ac7e8cba86989b0184da2b2b311e064483ac625cdac8d66e07aa9e493495942e98b116b8f42cb53c1d0d80b12cdf7066e54943a74f9b224edfe39c8b25de8f63514b247645f98b14567986eefaa021125069ee97f4a445ea71e1d766029da7781c5c364ef9c5a18a817fef9d46e7de198c39d8821112786190fd5cf255fb527171835d21a4f406fefe00c7268a440b08826c94d4570aaa2d86ee351486542b68660487a748a8f4f5b4a5c0255b0dd63ef636d06673cba5eebf582736f6814d2f345d22af49ef231c78c104bb80f1900587c85d8a6e40bfc6eee2f3b015b98f23e4c4fc466d00e1bd94067f008f519182f6cefcb3565b4360a67d2901a7e0cd160f4c7ce3eeccb8ab821851c49f3b135aff27c69ddb435f33146b9a820f3c60b4ea02154140100201e4abbfcca3cf1bd953b351fd0fbbe65c8fda4153ec949ed3c1ed58a5ac6a2e435636ca7114db1060f0765f364a1a7d4757da96583c33b56a36460cd8fa7949b812b118f1529c96d1308957b5fa469227254267926d54d269a97b50aac57b246b316c7a4f441795cdfa505ec5eacd493a5066f8b9215ad6839997546d4975c3b36297ba56a5dca0b06a9e10b8b207cdad709fa939884bf902b0016cd20cf3cd52056e57147d74c067ef7759ce9fef7a393f1a334adbc0820853a5de261c9abf9bda7729bb72e9666c667c7b3eb4cef0cf31d0bfebe447b3b4433855da238a6669bb65ae0854b76c7a270461a79998af189ab188d9670af65403f8eea25c362ae82bbe1312e0720c13b3cbc8ef6a8723b4fd348e2964bd00140c8c4d98a7011643b5c68c716ad51d7880f2423e3bf8bfd926f0b019e02943bcde7c31e6cfe61b02218206c8774278381698a2e6a1d1e85063b1fa4c86e7cb2e8346424be2af83af35a5f49372ddbbb8b2ec229f46e8c9034ecdf7a02dd37be6191fc6a3bf76e2a0b3d755f259426d27ec872e48118f5f34953afebdf34c55bd0da1ed097d53914e2c5f3df0206764853b89837ee485555d506260ad10cfe532ea4d98fdc3a5ee79390741be8fe7c90474e8793630c6c7458a108bb00f9e51cc71ed24c3e7a9c4a475f2f61bf8ba85aaea139fc8a6c87925c2e29ba48aa1e7a0d74ab3aa96bcb427d99f6d08caf8107d1c60835ce31bfc18cb1f6e29cb6f96f0d8af1135f04b45b7bb7c351d7af540f7e2093fa4f4eb62bcc1dec8335137ec2dc4fcd5310bf3a442f178b54f55f38442e4a51a0c292e192f6ebc051505d7f6633a2cd9e2f7a4d3cdfb227d9e1ca1c01fe2d4445107c90c128a77f8e02710b07ca50b92cf0a742b203a183e0b7b3d336b5c795511be3cbd3a7a4a2f91260fada36df96028c25a4872e6ae2b505a8a1e85476457e750107bb69193f2aa45f3d00d008b3449f909f086c9cbb1a4c5a59de082491383cb0cdf3fe031c06219656b629bc955c3abf47a2add4466308cb04fbc6b81a6d6cbb55634441f2b7f66f1bd36ab56e6abbc731b7f941af718194a08d6173018529a11f6f4410de949c94c006322fb879ff7a2b7d790f5dae01231dbfc6d53eec604e01b76887b6719652eaa842f38e3622e5a551d226fe71cebbdb1133126a36ec9ba0b3ef379511c5a4c48873bd2477742541745ed81cee58711ebaa2f031b436a1a58d001894ce25b1db6ccab2f6dec531e0cc1d916e862b64588316ee84acdc8c94e5110eb321e35bff912e88e6024f8d93edebd8013a7d39f47c33c0fdf01faaaaaab23e1fab13725b8a1cb89b03997d3bfb05c8627658700ab83fa232b7a31c20c3f53c16bdf78408cb6ff49edd2f9adac931635241aa5868d57e9c91266530b291065db025a7de16e5c5d588a24295d038394810f4be6cb77f9bf2fd4cb3012d06ce1f4c708e8ff7df324b02edcf7888a30fc83cc78309251754b9c32b866bfe841e81ca5ea7e64fe4ce99117d66fc88590687e965fd4ead99598ce01892ba8801800bd1471bed25d895de4d13a2b7ee2e5dd61821b156ac965e8be2e2a923f6ce3645cab99551d02c35940390c8fafd2144c36a7c7d89c1499d6ead461d7b5dbce9fa24a3a9aa2734d2d441955c06c0c40c9c53a8712ba01deb7029a89531109ad9bc296187eca0382ef16f2d7a5cd77a6cea17f1753f7449b760fdab702a3e64a2854664f75387d518e8cf335ef5ce2475892cde71dababe930555bab0fb6e727dd46c74b295229fb5149f2d4c19b7d0fbe902c5ce49c67b5c1b440db34a4149516862b543fb7d97884f478ced421989a3793998cae85df003c3733fae8d6c76a62bce5e6de9cf4ed3fa15fdeace1e9c5864f4d329acd2069cd9068e28bc6fcc9af93fefd50912185ec7e7abefd47271432f7d62ebcc6a875ba76376b4b227224f3c7aa4c6816ceec616f5e26cd4a17fdd83e3cbecb301a701648073dedab265a8fb4500cf6832044d1b94c02bc2dd2fd3e86bf35f84cb6a473d1b3e20fccabffba1be294d35b413db0fe79dddd6b57f72e69a71d2a697432850b5a5df2fd9d79301b84db3409c4efcbe3fc2dd50f64c06010b71d94fe69ec39d95abcff3eaef3328ab103a716bd9477907a53854e95a5a8f1ed9beb7116660b304bed7e6b47a1f0b94264819d3d333e71eed8aff455701b3decb354ea3bd49bb06eaa90e161ec5ba37211cd3a3cdf492a0a2da8956adea087d78b6c6cf4deb75107b2e9d5f14fa188a9ca14092a7ec258b4923f8f49904abedfe4c9c78ae1b4c149aad0ceb30909fa00be2d3ab9cd25e8522ef4d6526ea7c040dbdeb98b19899327c5e5b58bff197e28bb22c97d04022d1f7705723b8ed9261324f7cf18b912d34378ab3d45d2ba53f87d0756d51389440bde60f1b289613c36f7ff9dc029fcdf290c1d4a4ebb53da03fc3b2d2dce73bf18e90dc412eab0d7e25d7749a29bda9f45d3e2b1dd0462aa4b52c0084b9730522e1b290b7e78b96d12c4bda8f57596121ace658ffb30673e096c65eef3057cfe08f0bbf51216426fd0955cc639b4431929f07c953e7ec5828c61ecd13bca618fe65e077328ba7f298a8fbc79236c34a5d519e48fbd482468d300de96674527aa26c94e67e5afdfcde58e667cbeeb330333e8375325601776131e9ca33f0fd52d8f1dcc6868ea9ca287ae430d3af60459e23b05bb40b52b8da61f77d3a7cabae872d4a6cf7b124e66b0c38943334b946a0fab3d023beb22d82464b6195404378c9140bfd25278ca9081b544b0cb8f8ac1b05700d315a6510b889e0dcd8a21995a05f756344726f99098cf2d559d43177afc0594331fa19e00e4d9e0988d745526a20201b5ae1c8b22e0439e76adbf69e3343de8d40b38939b02e61ffee6a57310f0f739bc872a9a0f5b33d5d9207911d65bfaee586e4232c64a059f21b504983f47ffffe0559f8e7da0215f55bd74a3bb4be59cb5675a45302c32a67a0d9bfdaff85b68793465391203be71f4fc72767297a4359608d5682231672ca4affd5d21dce2dd8cc3409e03296809d777dbbf44d71fff2e55c48d0eb354e880ec84200e868ad16f99e13c0218128b6bb15e1bc29b5ca9971e1d9bf831c5ccb4c1f6a348fc4f3a879285aa02bded2c40fa09c68137620e72db5b72ca4faeeffe7df178dcefa42d5341bc6691e7675899e713b5c11febace23461a5224cbb98aa599f7136f10277d0c2f9c8b124dca8f851a048989f4d404787696f839fe799738a360375c2952f9a5e6c75ca930183df28e2859d1d0d428877db049d0b976102a8933829c068bf00431e1a1423c24f42bc8fa3de132ab0dde5b84ad9cf6029abedeec7d1d774f11a2e20c857f5e9da9befa3ad177d5dea63aa9ca3427e69ac65fa78707e63529a47ac4a4539b88e2d6559f217861258781b0a89c32b65153a45a1d86ba6a2df9327e8d4ed189e70cd0cec2129f6286a1a8eb8be490f03f6a9f3b0d908418beac38e47feea808798418b9ff5f9d73133a25fe7aafbbd2159916c50d036559f03cb775d77fefa7893bb29f4814a5a18f5606e096d490db05e3a0063a2fc2795c6bb28f582c756e5d5feccf5ee0981e12e04b2bbe4d1ec16daf6fdfd892cdad95e2092bf52f9f138e498650314f7b4ccc3684441af78fe68a1ce0d01c23c8b9474428aaf716b9d6c39edfe46bf0d342e559cdea2e11fffee045bdcb611b646e014df5ef970da2a1d6dd7d76a56d1fc0fbf49fd53c1bbca3d14e8c04163b49d0fb619718e44abff765442cdde0b4fcc7851ab0989de11903e57afe26af1315e851139ceba", 0xffffffffffffffd3}}, 0x1006) 3.665895055s ago: executing program 3 (id=875): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="02180000100000000000000000000000030006000000000002004e23000000000000000000000000080012000000000000000000000000001700000000000000000000000000000002000000000000000000000000000000fe800000000000000000000000000000030005000000000002"], 0x80}}, 0x2) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x0, 0x8a}, 0x9c) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000580)={0x77359400}, 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f00010000", 0x23) 2.636690197s ago: executing program 5 (id=876): r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f00000000c0)={@multicast1, @local}, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/mcfilter\x00') pread64(r1, &(0x7f00000000c0)=""/144, 0x90, 0x31) 2.636238908s ago: executing program 3 (id=877): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6364, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0x1, 0xb}, {0xffff, 0xfff2}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x4, 0x10, 0x6, 0x8, 0xfbee}, 0x1, 0x0, 0x3, 0x5, 0xe, 0x4, 0xd, 0x18, 0x5, 0x2, {0x6, 0x8, 0xfffffffc, 0x0, 0xffffffff, 0x5}}}}]}, 0x79}, 0x1, 0x0, 0x0, 0x240048e4}, 0x4890) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = socket$kcm(0x11, 0x3, 0x0) r5 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x0, r6, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214120600602fb96dbcf706e10500000086ddffff1144ee1611d4b8bf4a31accb", 0xfdef}], 0x1}, 0x0) 2.529427311s ago: executing program 5 (id=878): prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, 0x0) syz_emit_ethernet(0x3a, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x2, 0x3e, 0x2c, 0x66, 0x2, 0x4, 0x6, 0x0, @remote, @local, {[@generic={0x86, 0x2}]}}, {{0x4e21, 0x4e24, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10, 0x1000, 0x0, 0x5dc}}}}}}, 0x0) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000240)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0xffffffffffffff6b, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48) 2.281982058s ago: executing program 2 (id=879): sendto$packet(0xffffffffffffffff, &(0x7f0000000000)="2808000000000000000000008100314388fb", 0x12, 0x80800, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e751d"], 0x24) 2.21590612s ago: executing program 2 (id=880): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0xfc, "2af01c3d0040fbffffffffffffff00"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0x13) ioctl$TCSETS(r1, 0x5402, &(0x7f00000001c0)={0xff82, 0x0, 0x0, 0x7fff, 0xfe, "db2d618900"}) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000200)=0xa) 2.083942415s ago: executing program 4 (id=881): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@ipv6_newrule={0x58, 0x20, 0x1, 0x0, 0x0, {0xa, 0x80, 0x40, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7}, [@FIB_RULE_POLICY=@FRA_IIFNAME={0x14, 0x3, 'dvmrp1\x00'}, @FRA_DST={0x14, 0x1, @remote}, @FRA_SRC={0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}]}, 0x58}, 0x1, 0x0, 0x0, 0xc015}, 0x40000) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="00000000000000003c0012800b000100697036746e6c00002c000280140003002001000000000000000000000000000114000200fc"], 0x5c}}, 0x0) 1.461903844s ago: executing program 3 (id=882): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10) r2 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10) sendmsg$tipc(r2, &(0x7f0000000540)={&(0x7f00000001c0)=@name={0x1e, 0x2, 0x3, {{}, 0x1}}, 0x10, 0x0}, 0x10) setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88) 1.361410557s ago: executing program 5 (id=883): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000240), 0x22601, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000000)={0x2, "94c492eb0165203d36bec70800890100000000000000e1100a0000005900", 0xffffffffffffffff}) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) io_setup(0x202, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r6 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000000140)={0x1, @pix={0x3, 0x6, 0x34325241, 0x7, 0x6571, 0x6, 0x0, 0x2, 0x1, 0x3, 0x0, 0x4}}) unshare(0x2c020400) r7 = socket$kcm(0x10, 0x2, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r8, 0x0, 0x2000c010) r9 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r9, 0x1, 0x2f, &(0x7f0000000040)=0x2, 0x4) setsockopt$sock_int(r8, 0x1, 0x0, &(0x7f0000000200)=0x401, 0x4) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r10, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000100)={0x1c, 0x2, 0x3, 0x101, 0x0, 0x0, {0x4, 0x0, 0x1a}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x1e}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x2000c010) sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0) syz_mount_image$vfat(&(0x7f0000000f40), &(0x7f0000001980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f00000002c0)) openat$binfmt(0xffffffffffffff9c, 0x0, 0x42, 0x1ff) 1.332413448s ago: executing program 4 (id=884): openat$binfmt(0xffffffffffffff9c, 0x0, 0x2, 0x0) fchmodat(0xffffffffffffff9c, 0x0, 0x1ff) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x6, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x402, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x2, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000680)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000440)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @fda={0x66646185, 0x8, 0x1, 0x3a}}, &(0x7f0000000200)={0x0, 0x18, 0x38}}}], 0x0, 0x0, 0x0}) 1.2619414s ago: executing program 2 (id=885): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0xae0, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xb}, {0x4, 0xffe0}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x240408a0}, 0x4890) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0), r4) sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r6) socket$unix(0x1, 0x5, 0x0) ioctl$SIOCSIFHWADDR(r6, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 1.167456353s ago: executing program 4 (id=886): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1) syz_mount_image$fuse(0x0, &(0x7f0000000140)='./bus\x00', 0x0, 0x0, 0x1, 0x0, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r1 = fanotify_init(0xf00, 0x0) fanotify_mark(r1, 0x1, 0x10001043, r0, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) chdir(&(0x7f0000000300)='./bus\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x42, 0x58) renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./bus\x00', r2, &(0x7f00000004c0)='./file0\x00', 0x2) 1.167230343s ago: executing program 3 (id=887): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) r3 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') r4 = openat$binfmt(0xffffffffffffff9c, r3, 0x42, 0x1ff) close(r4) execveat$binfmt(0xffffffffffffff9c, r3, 0x0, 0x0, 0x100) close(0xffffffffffffffff) symlinkat(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00') 324.57408ms ago: executing program 4 (id=888): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) setrlimit(0x4, &(0x7f0000000040)={0x560b, 0x1}) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) r2 = syz_open_dev$video(&(0x7f0000000000), 0x80000000, 0x0) ioctl$VIDIOC_S_OUTPUT(r2, 0xc004562f, &(0x7f0000000200)=0x3) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x7fff, 0x2, 0x3, 0xc, 0x4}, &(0x7f00000002c0)=0x14) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x22, 0x0, &(0x7f0000000300)="3d25ab555b19c4cbd0017085080040feeda990ec7a5ebd62ef52f31310f8d48020dd", 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) r3 = syz_ublk_setup_io_uring(0x20, &(0x7f0000000340)={0x0, 0x0, 0x100, 0x1, 0x1e5}, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r4, r5, r6, &(0x7f0000000980)=@IORING_OP_RECVMSG={0xa, 0x68, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x0, 0x40002102, 0x1, {0x3}}) syz_ublk_add_dev(r3, r4, r5, r6, &(0x7f00000003c0)={0x2e, 0x5, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f0000000200)=@any_dev={0x4, 0xd74, 0x0, 0x0, 0x1000, 0x68ba, 0x0, 0x0, 0x10}}}, &(0x7f0000000440)) 134.181506ms ago: executing program 5 (id=889): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0x68000000}, 0x0) socket$kcm(0x21, 0x2, 0xa) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x33, 0x0, 0x0) sendmsg$NL80211_CMD_GET_SCAN(r1, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000380)={0x1c, r2, 0xf21, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000015}, 0x44000) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r2, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000007c0), r1) r5 = socket$kcm(0x21, 0x2, 0xa) sendmsg$kcm(r5, &(0x7f0000000080)={&(0x7f0000000100)=@rxrpc=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e21, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x9}}, 0xfcca, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x18, 0x68000000}, 0x807e) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xe}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_etf={{0x8}, {0xffffffffffffff53, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x8, 0xb, 0x2}}}}]}, 0x40}}, 0x0) 133.686396ms ago: executing program 3 (id=890): ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x29, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = fsmount(0xffffffffffffffff, 0x0, 0x80) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r0, r1, 0x16, 0x0, @void}, 0x10) socket$nl_route(0x10, 0x3, 0x0) socket$kcm(0xa, 0x3, 0x73) close(0x3) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x68, 0x30, 0xb, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0x4, 0x6, 0x6}, 0x4}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x2000a804) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c00000010003df600"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001400030064766d727009000000000000000000001800128008000100707070000c00028008000100", @ANYRES8], 0x4c}}, 0x0) 85.878067ms ago: executing program 2 (id=891): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)={0x6c, r1, 0x5, 0x70bd28, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x30, 0xe, {{{}, {}, @broadcast, @broadcast, @from_mac}, 0x0, @default, 0x821, @void, @void, @val={0x3, 0x1, 0x2}, @void, @void, @void, @val={0x25, 0x3, {0x1, 0x80, 0xa}}, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0xffffffff}]}, 0x6c}}, 0x0) 2.54316ms ago: executing program 2 (id=892): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@ipv6_newrule={0x58, 0x20, 0x1, 0x0, 0x0, {0xa, 0x80, 0x40, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7}, [@FIB_RULE_POLICY=@FRA_IIFNAME={0x14, 0x3, 'dvmrp1\x00'}, @FRA_DST={0x14, 0x1, @remote}, @FRA_SRC={0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}]}, 0x58}, 0x1, 0x0, 0x0, 0xc015}, 0x40000) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="00000000000000003c0012800b000100697036746e6c00002c000280140003002001000000000000000000000000000114000200fc"], 0x5c}}, 0x0) 0s ago: executing program 3 (id=893): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000540), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup(r1) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000280)="2e1221b23bb601c477d3df163e75963d86dd606712e9000d118db0049d90491c3248040000", 0x25}, {&(0x7f0000000080)="b00c7037e000000000af3c3c39e275", 0xf}, {&(0x7f0000000f40)="dbcaa1ec3a93", 0x6}], 0x3) kernel console output (not intermixed with test programs): 512 [ 85.948994][ T5941] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.994041][ T5945] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 86.416993][ T5947] EXT4-fs warning (device loop3): verify_group_input:151: Cannot add at group 3391 (only 1 groups) [ 86.434292][ T5785] Bluetooth: hci0: command 0x0c1a tx timeout [ 86.440571][ T5777] Bluetooth: hci1: command 0x0c1a tx timeout [ 86.472335][ T5777] Bluetooth: hci2: command 0x0c1a tx timeout [ 87.469098][ T1026] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.152768][ T5777] Bluetooth: hci3: command 0x0c1a tx timeout [ 88.445660][ T5945] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 89.233159][ T1026] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.503886][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.535633][ T5959] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 90.548388][ T5945] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 90.562666][ T5945] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 90.569220][ T5945] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 90.619171][ T5960] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 90.781648][ T5962] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 91.383330][ T5966] netlink: 'syz.0.24': attribute type 10 has an invalid length. [ 91.405389][ T5966] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.420849][ T5966] team0: Port device bond0 added [ 91.447724][ T5777] Bluetooth: hci0: command 0x0c1a tx timeout [ 92.632972][ T5785] Bluetooth: hci1: command 0x0c1a tx timeout [ 92.639084][ T5777] Bluetooth: hci2: command 0x0c1a tx timeout [ 94.316402][ T5967] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 94.327003][ T5777] Bluetooth: hci3: command 0x0c1a tx timeout [ 94.577259][ T5967] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 94.602384][ T5967] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 94.609599][ T5967] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 96.209006][ T5992] loop3: detected capacity change from 0 to 256 [ 96.427375][ T5992] FAT-fs (loop3): Unrecognized mount option "smackfsdef=vfat" or missing value [ 96.889128][ T5785] Bluetooth: hci2: command 0x0c1a tx timeout [ 96.895325][ T5785] Bluetooth: hci1: command 0x0c1a tx timeout [ 96.901398][ T5777] Bluetooth: hci0: command 0x0c1a tx timeout [ 97.024578][ T6001] random: crng reseeded on system resumption [ 98.341133][ T6000] tty tty3: ldisc open failed (-12), clearing slot 2 [ 98.654582][ T6009] loop1: detected capacity change from 0 to 512 [ 98.818731][ T6009] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.203156][ T6019] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 99.292717][ T6020] EXT4-fs warning (device loop1): verify_group_input:151: Cannot add at group 3391 (only 1 groups) [ 100.553876][ T5774] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.830379][ T6034] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 101.863002][ T6019] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 101.879705][ T6019] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 101.942023][ T6019] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 101.950522][ T6019] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 102.552393][ T5786] Bluetooth: hci3: command 0x0c1a tx timeout [ 103.619721][ T6041] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 103.633014][ T6041] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 103.646624][ T6041] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 103.658260][ T6041] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 105.288666][ T5786] Bluetooth: hci3: command 0x0c1a tx timeout [ 105.890002][ T5786] Bluetooth: hci2: command 0x0c1a tx timeout [ 105.926724][ T5786] Bluetooth: hci1: command 0x0c1a tx timeout [ 105.936778][ T5786] Bluetooth: hci0: command 0x0c1a tx timeout [ 106.369878][ T6061] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.377506][ T6061] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.591247][ T6061] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 106.631531][ T6061] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 106.769563][ T6061] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.780526][ T6061] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.795370][ T6061] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.807025][ T6061] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.919291][ T6063] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 106.942533][ T6063] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 106.954721][ T6063] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 106.970103][ T6063] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 110.173542][ T5777] Bluetooth: hci0: command 0x0c1a tx timeout [ 110.173568][ T5786] Bluetooth: hci3: command 0x0c1a tx timeout [ 110.180295][ T5777] Bluetooth: hci2: command 0x0c1a tx timeout [ 110.185739][ T5785] Bluetooth: hci1: command 0x0c1a tx timeout [ 111.708573][ T6104] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 111.740262][ T6095] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 111.775270][ T6095] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 111.781373][ T6095] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 111.852292][ T6095] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 112.953085][ T5786] Bluetooth: hci3: command 0x0c1a tx timeout [ 113.269458][ T6103] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.277161][ T6103] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.738117][ T6122] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 113.832372][ T5785] Bluetooth: hci0: command 0x0c1a tx timeout [ 113.832461][ T5786] Bluetooth: hci1: command 0x0c1a tx timeout [ 113.913551][ T5786] Bluetooth: hci2: command 0x0c1a tx timeout [ 114.267621][ T6103] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 114.453153][ T6103] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 115.059453][ T6103] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.069602][ T6103] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.081332][ T6103] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.091744][ T6103] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.849146][ T6131] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 115.870667][ T6132] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 115.964719][ T6120] bridge0: port 2(bridge_slave_1) entered disabled state [ 115.972207][ T6120] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.222482][ T6120] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 117.295359][ T6120] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 117.702983][ T6120] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 117.711942][ T6120] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 117.732965][ T6120] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 117.744813][ T6120] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 117.902464][ T6123] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 117.918836][ T6123] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 117.927614][ T6123] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 117.940471][ T6123] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 118.727168][ T6149] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 119.091724][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.162409][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.816199][ T6158] syz.3.66 uses obsolete (PF_INET,SOCK_PACKET) [ 120.002419][ T5786] Bluetooth: hci2: command 0x0c1a tx timeout [ 120.008569][ T5786] Bluetooth: hci1: command 0x0c1a tx timeout [ 120.014826][ T5786] Bluetooth: hci0: command 0x0c1a tx timeout [ 120.156895][ T6149] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 120.163531][ T6149] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 120.170103][ T6149] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 120.180092][ T6149] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 120.882446][ T5785] Bluetooth: hci3: command 0x0c1a tx timeout [ 122.309056][ T5786] Bluetooth: hci1: command 0x0c1a tx timeout [ 122.320708][ T5777] Bluetooth: hci0: command 0x0c1a tx timeout [ 122.326964][ T5785] Bluetooth: hci2: command 0x0c1a tx timeout [ 124.102755][ T6197] netlink: 8 bytes leftover after parsing attributes in process `syz.0.74'. [ 125.290445][ T5813] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 125.552299][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 126.241469][ T6217] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 126.283070][ T6223] fuse: Bad value for 'group_id' [ 126.303321][ T5813] usb 4-1: Using ep0 maxpacket: 16 [ 126.312399][ T6223] loop0: detected capacity change from 0 to 256 [ 126.379601][ T1026] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 126.390893][ T5813] usb 4-1: config index 0 descriptor too short (expected 37359, got 202) [ 126.506119][ T1026] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 126.523158][ T5813] usb 4-1: config 33 has too many interfaces: 95, using maximum allowed: 32 [ 126.652353][ T5813] usb 4-1: config 33 has an invalid descriptor of length 0, skipping remainder of the config [ 126.667567][ T5813] usb 4-1: config 33 has 1 interface, different from the descriptor's value: 95 [ 126.687240][ T5813] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 126.698314][ T5813] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 126.717467][ T5813] usb 4-1: Product: syz [ 126.736017][ T5813] usb 4-1: Manufacturer: syz [ 126.740750][ T5813] usb 4-1: SerialNumber: syz [ 127.013059][ T5813] usb 4-1: 0:2 : does not exist [ 127.022826][ T5813] usb 4-1: 5:0: failed to get current value for ch 0 (-22) [ 127.134260][ T5813] usb 4-1: USB disconnect, device number 2 [ 127.222881][ T5970] udevd[5970]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:33.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 127.494509][ T6217] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 127.500892][ T6217] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 127.507025][ T6217] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 127.513076][ T6217] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 128.226369][ T6241] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 128.236992][ T6242] binder: 6239:6242 unknown command 1074553619 [ 128.262560][ T6242] binder: 6239:6242 ioctl c0306201 200000000040 returned -22 [ 128.342427][ T5786] Bluetooth: hci3: command 0x0c1a tx timeout [ 128.343103][ T6242] binder: 6239:6242 unknown command 1074553620 [ 128.482765][ T6242] binder: 6239:6242 ioctl c0306201 200000000640 returned -22 [ 128.485552][ T6244] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 129.592362][ T5786] Bluetooth: hci2: command 0x0c1a tx timeout [ 129.598453][ T5786] Bluetooth: hci0: command 0x0c1a tx timeout [ 129.604544][ T5786] Bluetooth: hci1: command 0x0c1a tx timeout [ 129.901282][ T6248] fuse: Bad value for 'fd' [ 130.238277][ T6243] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 130.245002][ T6243] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 130.251190][ T6243] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 130.257774][ T6243] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 130.392386][ T5786] Bluetooth: hci3: command 0x0c1a tx timeout [ 130.479171][ T6255] loop1: detected capacity change from 0 to 1024 [ 130.513113][ T6255] EXT4-fs: Ignoring removed mblk_io_submit option [ 130.587837][ T6255] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 130.617018][ T6255] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 130.762196][ T5774] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 131.549473][ T6270] loop0: detected capacity change from 0 to 256 [ 131.581103][ T6270] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 131.708582][ T6274] loop1: detected capacity change from 0 to 512 [ 131.893251][ T6274] EXT4-fs (loop1): Test dummy encryption mode enabled [ 131.918433][ T6274] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 131.945091][ T6274] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 131.967694][ T6274] EXT4-fs error (device loop1): ext4_orphan_get:1430: comm syz.1.93: bad orphan inode 131083 [ 131.982986][ T6274] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 132.004836][ T6274] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 132.056699][ T6288] loop0: detected capacity change from 0 to 1024 [ 132.064111][ T6288] EXT4-fs: Ignoring removed mblk_io_submit option [ 132.352399][ T5786] Bluetooth: hci2: command 0x0c1a tx timeout [ 132.358872][ T5786] Bluetooth: hci1: command 0x0c1a tx timeout [ 132.366759][ T5786] Bluetooth: hci0: command 0x0c1a tx timeout [ 132.407664][ T6288] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 132.584462][ T6288] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 132.836916][ T5773] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 132.883888][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.890224][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.007133][ T5774] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.650954][ T6314] loop3: detected capacity change from 0 to 1024 [ 134.703017][ T6314] EXT4-fs: Ignoring removed mblk_io_submit option [ 134.773687][ T6314] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 134.802980][ T6314] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 134.890853][ T5786] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 134.900498][ T5786] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 134.939989][ T5786] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 134.949111][ T5786] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 134.958958][ T5786] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 134.967586][ T5786] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 134.979465][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 135.189122][ T5786] Bluetooth: hci2: unexpected subevent 0x1b length: 12 < 18 [ 135.498287][ T6335] syzkaller0: entered promiscuous mode [ 135.503983][ T6335] syzkaller0: entered allmulticast mode [ 135.775481][ T5777] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 135.784118][ T6324] chnl_net:caif_netlink_parms(): no params data found [ 135.784536][ T5777] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 135.800406][ T5777] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 135.811300][ T5777] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 135.821427][ T5777] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 135.828998][ T5777] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 136.126317][ T69] hsr_slave_0: left promiscuous mode [ 136.137369][ T69] hsr_slave_1: left promiscuous mode [ 136.184182][ T69] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 136.211240][ T69] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 136.219246][ T69] bridge_slave_1: left allmulticast mode [ 136.231547][ T69] bridge_slave_1: left promiscuous mode [ 136.246619][ T69] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.303168][ T69] bridge_slave_0: left allmulticast mode [ 136.315765][ T6362] loop3: detected capacity change from 0 to 1024 [ 136.322322][ T69] bridge_slave_0: left promiscuous mode [ 136.331586][ T6362] EXT4-fs: Ignoring removed mblk_io_submit option [ 136.338949][ T69] bridge0: port 1(bridge_slave_0) entered disabled state [ 136.391495][ T6365] loop2: detected capacity change from 0 to 1024 [ 136.410032][ T6362] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8802c018, mo2=0002] [ 136.419739][ T6365] EXT4-fs: Ignoring removed mblk_io_submit option [ 136.455604][ T6362] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 136.482562][ T6362] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 136.495435][ T6365] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 136.522860][ T6365] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 136.650596][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 136.726606][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 137.036606][ T5777] Bluetooth: hci1: command tx timeout [ 137.241758][ T6387] loop3: detected capacity change from 0 to 1024 [ 137.260782][ T6387] EXT4-fs: Ignoring removed mblk_io_submit option [ 137.333659][ T6387] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 137.351789][ T6387] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 137.435256][ T69] team0 (unregistering): Port device team_slave_1 removed [ 137.457163][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 137.510959][ T69] team0 (unregistering): Port device team_slave_0 removed [ 137.558389][ T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 137.597278][ T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 137.841613][ T69] bond0 (unregistering): Released all slaves [ 137.915354][ T5777] Bluetooth: hci3: command tx timeout [ 137.958752][ T6393] netlink: 28 bytes leftover after parsing attributes in process `syz.3.129'. [ 138.018076][ T6393] netlink: 28 bytes leftover after parsing attributes in process `syz.3.129'. [ 138.044050][ T6393] netlink: 28 bytes leftover after parsing attributes in process `syz.3.129'. [ 138.072350][ T6393] netlink: 28 bytes leftover after parsing attributes in process `syz.3.129'. [ 138.097126][ T6393] Zero length message leads to an empty skb [ 138.226438][ T6324] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.267436][ T6324] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.304336][ T6324] bridge_slave_0: entered allmulticast mode [ 138.322097][ T6324] bridge_slave_0: entered promiscuous mode [ 138.370711][ T6324] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.383692][ T6324] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.390998][ T6324] bridge_slave_1: entered allmulticast mode [ 138.398631][ T6324] bridge_slave_1: entered promiscuous mode [ 138.510977][ T6324] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 138.548381][ T6324] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 138.683487][ T6324] team0: Port device team_slave_0 added [ 138.704644][ T6324] team0: Port device team_slave_1 added [ 139.419149][ T5777] Bluetooth: hci1: command tx timeout [ 139.534280][ T6411] loop3: detected capacity change from 0 to 1024 [ 139.541683][ T6411] EXT4-fs: Ignoring removed mblk_io_submit option [ 139.715785][ T6411] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 139.737847][ T6324] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 139.746260][ T6324] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 139.783238][ T6324] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 139.822558][ T6411] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 139.992569][ T5777] Bluetooth: hci3: command tx timeout [ 140.491280][ T6324] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 140.512336][ T6324] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 140.588046][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 140.608796][ T6324] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 140.873513][ T6324] hsr_slave_0: entered promiscuous mode [ 140.892161][ T6324] hsr_slave_1: entered promiscuous mode [ 140.898898][ T6324] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 140.906949][ T6324] Cannot create hsr debugfs directory [ 140.937149][ T6342] chnl_net:caif_netlink_parms(): no params data found [ 141.433600][ T5777] Bluetooth: hci1: command tx timeout [ 141.580514][ T6342] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.662216][ T6342] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.708090][ T6342] bridge_slave_0: entered allmulticast mode [ 141.764678][ T6342] bridge_slave_0: entered promiscuous mode [ 142.072570][ T5777] Bluetooth: hci3: command tx timeout [ 142.088677][ T6342] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.108526][ T6342] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.129014][ T6342] bridge_slave_1: entered allmulticast mode [ 142.157466][ T6342] bridge_slave_1: entered promiscuous mode [ 142.308649][ T6342] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 142.328659][ T6342] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 142.349297][ T6458] loop2: detected capacity change from 0 to 256 [ 142.404123][ T6458] FAT-fs (loop2): Directory bread(block 64) failed [ 142.417563][ T6458] FAT-fs (loop2): Directory bread(block 65) failed [ 142.436487][ T6458] FAT-fs (loop2): Directory bread(block 66) failed [ 142.451215][ T6458] FAT-fs (loop2): Directory bread(block 67) failed [ 142.464886][ T6458] FAT-fs (loop2): Directory bread(block 68) failed [ 142.476056][ T6458] FAT-fs (loop2): Directory bread(block 69) failed [ 142.484641][ T6342] team0: Port device team_slave_0 added [ 142.489578][ T6458] FAT-fs (loop2): Directory bread(block 70) failed [ 142.510746][ T6458] FAT-fs (loop2): Directory bread(block 71) failed [ 142.525470][ T6458] FAT-fs (loop2): Directory bread(block 72) failed [ 142.545158][ T6458] FAT-fs (loop2): Directory bread(block 73) failed [ 142.548196][ T6342] team0: Port device team_slave_1 added [ 142.662701][ T6324] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 142.691305][ T6324] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 142.726800][ T6342] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 142.741364][ T6342] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 142.768982][ T6342] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 142.794665][ T6342] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 142.810510][ T6342] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 142.848469][ T6342] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 142.869151][ T6324] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 142.890241][ T6324] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 142.896803][ T6469] loop2: detected capacity change from 0 to 1024 [ 142.905924][ T6469] EXT4-fs: Ignoring removed mblk_io_submit option [ 142.966365][ T6469] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 142.978618][ T6469] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 142.998631][ T6469] EXT4-fs (loop2): shut down requested (2) [ 143.028717][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 143.215362][ T6342] hsr_slave_0: entered promiscuous mode [ 143.229193][ T6342] hsr_slave_1: entered promiscuous mode [ 143.251010][ T6342] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 143.269715][ T6342] Cannot create hsr debugfs directory [ 143.512763][ T5777] Bluetooth: hci1: command tx timeout [ 143.627406][ T6491] fuse: Bad value for 'fd' [ 143.839896][ T6499] loop2: detected capacity change from 0 to 1024 [ 143.858749][ T6499] EXT4-fs: Ignoring removed mblk_io_submit option [ 143.910394][ T6499] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 143.937153][ T6499] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 143.940491][ T6324] 8021q: adding VLAN 0 to HW filter on device bond0 [ 143.984770][ T6499] EXT4-fs (loop2): shut down requested (2) [ 144.020239][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 144.119762][ T6324] 8021q: adding VLAN 0 to HW filter on device team0 [ 144.153128][ T5777] Bluetooth: hci3: command tx timeout [ 144.196499][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.203713][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 144.225980][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.233710][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 144.260409][ T6342] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 144.311307][ T6342] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 144.355636][ T6342] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 144.440866][ T6342] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 144.443900][ T6515] loop2: detected capacity change from 0 to 2048 [ 144.517343][ T6324] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 144.554570][ T6515] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 144.692676][ T42] hsr_slave_0: left promiscuous mode [ 144.699715][ T42] hsr_slave_1: left promiscuous mode [ 144.742787][ T42] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 144.763234][ T42] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 144.771191][ T42] bridge_slave_1: left allmulticast mode [ 144.790882][ T42] bridge_slave_1: left promiscuous mode [ 144.800369][ T6526] netlink: 'syz.3.154': attribute type 29 has an invalid length. [ 144.813169][ T42] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.827951][ T42] bridge_slave_0: left allmulticast mode [ 144.834591][ T42] bridge_slave_0: left promiscuous mode [ 144.840373][ T42] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.841580][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.929642][ T6528] netlink: 604 bytes leftover after parsing attributes in process `syz.3.154'. [ 145.597740][ T42] team0 (unregistering): Port device team_slave_1 removed [ 145.959063][ T42] team0 (unregistering): Port device team_slave_0 removed [ 145.993391][ T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 146.035160][ T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 146.258663][ T42] team0 (unregistering): Port device bond0 removed [ 146.286045][ T42] bond0 (unregistering): Released all slaves [ 146.377468][ T6526] netlink: 'syz.3.154': attribute type 29 has an invalid length. [ 146.540846][ T6538] loop3: detected capacity change from 0 to 1024 [ 146.550968][ T6538] EXT4-fs: Ignoring removed mblk_io_submit option [ 146.678846][ T6342] 8021q: adding VLAN 0 to HW filter on device bond0 [ 146.719239][ T6538] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 146.784377][ T6342] 8021q: adding VLAN 0 to HW filter on device team0 [ 146.801020][ T6538] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 146.885283][ T2961] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.892503][ T2961] bridge0: port 1(bridge_slave_0) entered forwarding state [ 146.929894][ T6538] EXT4-fs (loop3): shut down requested (2) [ 147.006922][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.014108][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 147.240020][ T6549] netlink: 8 bytes leftover after parsing attributes in process `syz.2.158'. [ 147.268501][ T6324] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 147.568135][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 147.704784][ T6342] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 147.933669][ T6564] loop2: detected capacity change from 0 to 128 [ 147.946312][ T6564] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 148.057440][ T6564] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 148.155032][ T5777] Bluetooth: hci0: unexpected event for opcode 0x0403 [ 148.929289][ T6578] netlink: 'syz.3.162': attribute type 4 has an invalid length. [ 149.107901][ T6324] veth0_vlan: entered promiscuous mode [ 149.147350][ T6342] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 149.191747][ T6324] veth1_vlan: entered promiscuous mode [ 149.295631][ T6071] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 149.296908][ T6324] veth0_macvtap: entered promiscuous mode [ 149.336408][ T6071] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 149.364125][ T6324] veth1_macvtap: entered promiscuous mode [ 149.443276][ T6324] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 149.484457][ T6594] fido_id[6594]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 149.514020][ T6324] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 149.536020][ T6324] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.569030][ T6324] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.569063][ T6324] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.569101][ T6324] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.791610][ T6606] netlink: 28 bytes leftover after parsing attributes in process `syz.2.170'. [ 149.818044][ T69] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.852230][ T69] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.953005][ T2970] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.960866][ T2970] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.038924][ T6342] veth0_vlan: entered promiscuous mode [ 150.086142][ T6342] veth1_vlan: entered promiscuous mode [ 150.160975][ T6342] veth0_macvtap: entered promiscuous mode [ 150.184499][ T6342] veth1_macvtap: entered promiscuous mode [ 150.224505][ T6342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 150.262383][ T6342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.298355][ T6342] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 150.359924][ T6342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 150.366814][ T6621] loop2: detected capacity change from 0 to 512 [ 150.382444][ T6621] EXT4-fs: Ignoring removed bh option [ 150.412606][ T6342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.429712][ T6342] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 150.463746][ T6342] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.514435][ T6342] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.548128][ T6342] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.571285][ T6342] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.590889][ T6621] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 150.609588][ T6631] netlink: 8 bytes leftover after parsing attributes in process `syz.4.177'. [ 150.880695][ T6621] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 151.242672][ T6621] EXT4-fs error (device loop2): ext4_resize_begin:62: comm syz.2.174: resize_inode disabled but reserved GDT blocks non-zero [ 151.317938][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 151.326055][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 151.372407][ T6621] EXT4-fs (loop2): Remounting filesystem read-only [ 151.456137][ T6075] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 151.477994][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 151.488984][ T6639] loop3: detected capacity change from 0 to 1024 [ 151.499225][ T6075] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 151.501219][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 151.519559][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.527962][ T6639] ext4: Bad value for 'resgid' [ 151.751601][ T6642] fido_id[6642]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 151.832153][ T6649] loop3: detected capacity change from 0 to 256 [ 151.892216][ T6653] loop5: detected capacity change from 0 to 8 [ 152.024000][ T6649] FAT-fs (loop3): Directory bread(block 64) failed [ 152.055846][ T6649] FAT-fs (loop3): Directory bread(block 65) failed [ 152.075652][ T5786] Bluetooth: hci0: command 0x0c1a tx timeout [ 152.082507][ T6649] FAT-fs (loop3): Directory bread(block 66) failed [ 152.130034][ T6649] FAT-fs (loop3): Directory bread(block 67) failed [ 152.174876][ T6649] FAT-fs (loop3): Directory bread(block 68) failed [ 152.207322][ T6649] FAT-fs (loop3): Directory bread(block 69) failed [ 152.233763][ T6664] syz.5.186 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 152.269621][ T6649] FAT-fs (loop3): Directory bread(block 70) failed [ 152.276925][ T6649] FAT-fs (loop3): Directory bread(block 71) failed [ 152.287443][ T6649] FAT-fs (loop3): Directory bread(block 72) failed [ 152.294498][ T6649] FAT-fs (loop3): Directory bread(block 73) failed [ 152.460587][ T6649] syz.3.181: attempt to access beyond end of device [ 152.460587][ T6649] loop3: rw=2049, sector=1224, nr_sectors = 120 limit=256 [ 153.586559][ T6699] loop2: detected capacity change from 0 to 256 [ 153.795024][ T6699] FAT-fs (loop2): Directory bread(block 64) failed [ 153.801629][ T6699] FAT-fs (loop2): Directory bread(block 65) failed [ 153.866968][ T6699] FAT-fs (loop2): Directory bread(block 66) failed [ 153.878711][ T6706] loop5: detected capacity change from 0 to 1024 [ 153.882374][ T6699] FAT-fs (loop2): Directory bread(block 67) failed [ 153.892009][ T6699] FAT-fs (loop2): Directory bread(block 68) failed [ 153.906031][ T6706] EXT4-fs: Ignoring removed mblk_io_submit option [ 153.914309][ T6699] FAT-fs (loop2): Directory bread(block 69) failed [ 153.942362][ T6699] FAT-fs (loop2): Directory bread(block 70) failed [ 153.948939][ T6699] FAT-fs (loop2): Directory bread(block 71) failed [ 153.976881][ T6699] FAT-fs (loop2): Directory bread(block 72) failed [ 153.984619][ T6706] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 153.997157][ T6699] FAT-fs (loop2): Directory bread(block 73) failed [ 154.003223][ T6712] loop3: detected capacity change from 0 to 2048 [ 154.025452][ T6706] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 154.045486][ T6706] EXT4-fs (loop5): shut down requested (2) [ 154.053464][ T6703] syzkaller1: entered promiscuous mode [ 154.058972][ T6703] syzkaller1: entered allmulticast mode [ 154.077312][ T6712] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 154.090836][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 154.119404][ T6712] ext4 filesystem being mounted at /66/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 154.275641][ T5814] IPVS: starting estimator thread 0... [ 154.382521][ T6722] IPVS: using max 20 ests per chain, 48000 per kthread [ 154.396401][ T6712] overlayfs: failed to create directory ./bus/index (errno: 28); mounting read-only [ 154.415900][ T6712] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 154.587882][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.622954][ T6732] loop5: detected capacity change from 0 to 1024 [ 154.648316][ T6732] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 154.758857][ T6732] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 154.821513][ T6742] netlink: 8 bytes leftover after parsing attributes in process `syz.2.205'. [ 154.908977][ T6744] loop2: detected capacity change from 0 to 1024 [ 154.924521][ T6744] EXT4-fs: Ignoring removed mblk_io_submit option [ 155.030294][ T6744] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 155.107721][ T6744] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 155.134816][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.193523][ T6744] EXT4-fs (loop2): shut down requested (2) [ 155.287196][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 155.843042][ T6776] syzkaller0: entered promiscuous mode [ 155.848583][ T6776] syzkaller0: entered allmulticast mode [ 156.837728][ T6790] loop4: detected capacity change from 0 to 1024 [ 156.863569][ T6790] EXT4-fs: Ignoring removed mblk_io_submit option [ 157.231898][ T6801] tipc: Started in network mode [ 157.237171][ T6801] tipc: Node identity , cluster identity 4711 [ 157.243394][ T6801] tipc: Failed to obtain node identity [ 157.248891][ T6801] tipc: Enabling of bearer rejected, failed to enable media [ 157.289217][ T6790] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 157.369866][ T6790] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 157.471032][ T6790] EXT4-fs (loop4): shut down requested (2) [ 157.628750][ T6324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 158.434251][ T6823] loop2: detected capacity change from 0 to 7 [ 158.447880][ T6823] loop2: [ 158.451110][ T6823] loop2: partition table partially beyond EOD, truncated [ 158.618320][ T6832] process 'syz.2.230' launched './file0' with NULL argv: empty string added [ 158.891212][ T6837] loop4: detected capacity change from 0 to 1024 [ 158.928241][ T6841] loop2: detected capacity change from 0 to 512 [ 158.960853][ T6837] EXT4-fs: Ignoring removed mblk_io_submit option [ 159.006434][ T6841] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 159.062476][ T6841] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 159.070617][ T6841] System zones: 1-12 [ 159.496134][ T6841] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2855: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 159.539251][ T6837] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 159.736255][ T6837] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 159.765268][ T6841] EXT4-fs (loop2): 1 truncate cleaned up [ 159.779077][ T6841] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.909046][ T6850] loop3: detected capacity change from 0 to 512 [ 160.009896][ T6324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 160.061036][ T6850] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 160.114491][ T6850] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 160.331390][ T6861] vivid-000: disconnect [ 160.429931][ T6850] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.498550][ T6840] vivid-000: reconnect [ 162.165093][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.435226][ T6880] syzkaller0: entered promiscuous mode [ 162.440758][ T6880] syzkaller0: entered allmulticast mode [ 162.548925][ T6887] loop5: detected capacity change from 0 to 1024 [ 162.554787][ T6889] loop3: detected capacity change from 0 to 1024 [ 162.580550][ T6889] EXT4-fs: Ignoring removed mblk_io_submit option [ 162.588747][ T6887] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 162.660042][ T6889] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 162.707831][ T6887] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 162.709926][ T6889] ext4 filesystem being mounted at /78/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 162.951673][ T6076] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 162.968188][ T6905] overlayfs: failed to resolve './file0': -2 [ 162.984640][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 162.988797][ T6076] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 163.099861][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.196300][ T6913] loop3: detected capacity change from 0 to 256 [ 163.214698][ T6913] FAT-fs (loop3): Unrecognized mount option "00000000000000000000" or missing value [ 163.309815][ T6916] syzkaller0: entered promiscuous mode [ 163.329097][ T6916] syzkaller0: entered allmulticast mode [ 163.948018][ T6942] overlayfs: failed to resolve './file0': -2 [ 163.961862][ T6937] loop5: detected capacity change from 0 to 1024 [ 163.974530][ T6937] EXT4-fs: Ignoring removed nomblk_io_submit option [ 163.974881][ T6943] loop2: detected capacity change from 0 to 1024 [ 164.016680][ T6943] EXT4-fs: Ignoring removed mblk_io_submit option [ 164.042116][ T6937] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 164.060495][ T6937] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 164.141507][ T6943] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 164.168740][ T6943] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 164.303972][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 164.363778][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 164.473969][ T6958] loop3: detected capacity change from 0 to 1024 [ 164.537308][ T6958] EXT4-fs (loop3): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 164.598413][ T6958] EXT4-fs error (device loop3): ext4_map_blocks:610: inode #3: block 2: comm syz.3.265: lblock 2 mapped to illegal pblock 2 (length 1) [ 164.643411][ T6958] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 164.670474][ T6958] EXT4-fs error (device loop3): ext4_map_blocks:610: inode #3: block 48: comm syz.3.265: lblock 0 mapped to illegal pblock 48 (length 1) [ 164.727526][ T6958] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 164.753088][ T6958] EXT4-fs error (device loop3): ext4_acquire_dquot:6953: comm syz.3.265: Failed to acquire dquot type 0 [ 164.777352][ T6958] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5939: Corrupt filesystem [ 164.826770][ T6958] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.265: mark_inode_dirty error [ 164.855016][ T6958] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 164.866088][ T6979] overlayfs: failed to resolve './file0': -2 [ 164.874669][ T6958] EXT4-fs (loop3): 1 orphan inode deleted [ 164.889527][ T6958] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 164.925698][ T42] EXT4-fs error (device loop3): ext4_map_blocks:610: inode #3: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 164.983398][ T42] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 164.992003][ T42] EXT4-fs error (device loop3): ext4_release_dquot:6989: comm kworker/u4:2: Failed to release dquot type 0 [ 165.072850][ T6958] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 165.134198][ T6984] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 165.152644][ T6984] EXT4-fs error (device loop3): ext4_map_blocks:610: inode #3: block 48: comm syz.3.265: lblock 0 mapped to illegal pblock 48 (length 1) [ 165.174816][ T6986] loop4: detected capacity change from 0 to 2048 [ 165.206488][ T6984] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=-117 [ 165.233147][ T6984] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 165.276369][ T6986] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 165.305445][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.350157][ T6986] EXT4-fs (loop4): shut down requested (2) [ 165.574068][ T6324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.709751][ T7003] veth0: entered promiscuous mode [ 165.727972][ T7003] bond0: entered promiscuous mode [ 165.737371][ T7005] loop2: detected capacity change from 0 to 1024 [ 165.752560][ T7003] bond_slave_0: entered promiscuous mode [ 165.758421][ T7003] bond_slave_1: entered promiscuous mode [ 165.773350][ T7005] EXT4-fs: Ignoring removed mblk_io_submit option [ 165.811618][ T7012] loop5: detected capacity change from 0 to 128 [ 165.821257][ T7002] bond0: left promiscuous mode [ 165.836901][ T7002] bond_slave_0: left promiscuous mode [ 165.860384][ T7005] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 165.878206][ T7002] bond_slave_1: left promiscuous mode [ 165.926478][ T7002] veth0: left promiscuous mode [ 165.964198][ T7005] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 166.018611][ T7012] netlink: 'syz.5.277': attribute type 1 has an invalid length. [ 166.051558][ T7020] loop3: detected capacity change from 0 to 512 [ 166.065621][ T7012] netlink: 'syz.5.277': attribute type 2 has an invalid length. [ 166.127675][ T7020] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 166.143040][ T27] audit: type=1804 audit(1780823517.289:2): pid=7012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.277" name="/newroot/25/file0/file1" dev="loop5" ino=1048624 res=1 errno=0 [ 166.205280][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 166.220781][ T7020] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 166.263772][ T7028] overlayfs: failed to resolve './file0': -2 [ 166.436419][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.746659][ T7040] netlink: 'syz.4.281': attribute type 4 has an invalid length. [ 167.324525][ T7040] syz.4.281 (7040) used greatest stack depth: 19656 bytes left [ 167.410626][ T7043] netlink: 76 bytes leftover after parsing attributes in process `syz.3.282'. [ 167.584670][ T5814] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 167.618449][ T5814] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 167.636152][ T7050] loop4: detected capacity change from 0 to 1024 [ 167.663615][ T7050] ext4: Bad value for 'resgid' [ 167.763105][ T6718] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 167.792722][ T7058] loop2: detected capacity change from 0 to 1024 [ 167.822027][ T7058] EXT4-fs: Ignoring removed mblk_io_submit option [ 167.858447][ T7061] overlayfs: failed to resolve './file0': -2 [ 167.926867][ T7058] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 167.962521][ T7058] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 168.161448][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 168.563282][ T7086] ubi0: attaching mtd0 [ 168.570084][ T7086] ubi0: scanning is finished [ 168.652587][ T7086] ubi0: empty MTD device detected [ 169.394798][ T7086] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 169.405224][ T7086] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 169.413454][ T7086] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 169.420787][ T7086] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 169.428934][ T7086] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 169.436415][ T7086] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 169.448902][ T7086] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1180651993 [ 169.488125][ T7086] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 169.546174][ T7092] ubi0: background thread "ubi_bgt0d" started, PID 7092 [ 169.663846][ T7100] overlayfs: failed to resolve './file0': -2 [ 169.864673][ T7104] loop2: detected capacity change from 0 to 1024 [ 169.900729][ T7104] EXT4-fs: Ignoring removed mblk_io_submit option [ 169.950229][ T7109] loop3: detected capacity change from 0 to 512 [ 169.981786][ T7104] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 170.042464][ T7104] ext4 filesystem being mounted at /83/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 170.143444][ T7106] loop4: detected capacity change from 0 to 8192 [ 170.218124][ T7109] EXT4-fs error (device loop3): ext4_orphan_get:1404: inode #15: comm syz.3.303: inode has both inline data and extents flags [ 170.242231][ T7109] EXT4-fs error (device loop3): ext4_orphan_get:1409: comm syz.3.303: couldn't read orphan inode 15 (err -117) [ 170.249263][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 170.336306][ T7109] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 170.519002][ T7124] loop2: detected capacity change from 0 to 128 [ 170.537418][ T7127] tipc: Started in network mode [ 170.553359][ T7124] EXT4-fs: Ignoring removed nobh option [ 170.569429][ T7127] tipc: Node identity aaaaaaaaaa34, cluster identity 4711 [ 170.582949][ T7127] tipc: Enabled bearer , priority 30 [ 170.618474][ T7124] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 170.649642][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.694653][ T7124] ext4 filesystem being mounted at /84/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 171.125965][ T7138] No such timeout policy "syz1" [ 171.753759][ T7143] loop4: detected capacity change from 0 to 256 [ 171.864136][ T7143] FAT-fs (loop4): Directory bread(block 64) failed [ 171.921501][ T7143] FAT-fs (loop4): Directory bread(block 65) failed [ 171.966996][ T7143] FAT-fs (loop4): Directory bread(block 66) failed [ 172.008183][ T7143] FAT-fs (loop4): Directory bread(block 67) failed [ 172.050670][ T7143] FAT-fs (loop4): Directory bread(block 68) failed [ 172.098336][ T7143] FAT-fs (loop4): Directory bread(block 69) failed [ 172.157041][ T7143] FAT-fs (loop4): Directory bread(block 70) failed [ 172.198373][ T7143] FAT-fs (loop4): Directory bread(block 71) failed [ 172.240158][ T7143] FAT-fs (loop4): Directory bread(block 72) failed [ 172.284251][ T7143] FAT-fs (loop4): Directory bread(block 73) failed [ 172.513171][ T6076] tipc: Node number set to 10398378 [ 172.895722][ T5772] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 173.023827][ T7157] loop3: detected capacity change from 0 to 1024 [ 173.031253][ T7157] EXT4-fs: Ignoring removed mblk_io_submit option [ 173.272816][ T7157] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 173.323524][ T7157] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 174.215477][ T7157] EXT4-fs (loop3): shut down requested (2) [ 174.376817][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 175.142112][ T7208] loop3: detected capacity change from 0 to 512 [ 175.181253][ T7208] ext4: Unknown parameter 'fsname' [ 175.214080][ T7209] xt_addrtype: both incoming and outgoing interface limitation cannot be selected [ 175.362503][ T27] audit: type=1326 audit(1780823526.529:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7207 comm="syz.3.326" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc9d839ce59 code=0x0 [ 175.385732][ C1] vkms_vblank_simulate: vblank timer overrun [ 175.584595][ T7216] Bluetooth: MGMT ver 1.22 [ 175.758536][ T7222] loop3: detected capacity change from 0 to 1024 [ 175.781922][ T7222] EXT4-fs: Ignoring removed mblk_io_submit option [ 175.928714][ T7222] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 175.963627][ T7222] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 176.122435][ T7222] EXT4-fs (loop3): shut down requested (2) [ 176.275072][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 176.297590][ T5777] Bluetooth: hci3: unexpected cc 0x080d length: 7 > 3 [ 176.517480][ T7249] tipc: Started in network mode [ 176.539984][ T7249] tipc: Node identity 72e301244547, cluster identity 4711 [ 176.583955][ T7249] tipc: Enabled bearer , priority 0 [ 176.657408][ T7255] tipc: Disabling bearer [ 176.996393][ T7272] loop3: detected capacity change from 0 to 1024 [ 177.007780][ T7272] EXT4-fs: Ignoring removed mblk_io_submit option [ 177.053464][ T7272] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 177.102890][ T7270] netlink: 180 bytes leftover after parsing attributes in process `syz.4.345'. [ 177.112222][ T7270] openvswitch: netlink: Message has 7 unknown bytes. [ 177.131744][ T7272] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 177.186116][ T7272] EXT4-fs (loop3): shut down requested (2) [ 177.334806][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 177.394016][ T7285] loop5: detected capacity change from 0 to 1024 [ 177.414116][ T7285] EXT4-fs: Ignoring removed nomblk_io_submit option [ 177.487328][ T7285] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 177.522681][ T7285] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 177.662161][ T7298] EXT4-fs error (device loop5): ext4_map_blocks:720: inode #15: comm syz.5.350: lblock 0 mapped to illegal pblock 0 (length 5) [ 177.792873][ T7298] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 5 with error 117 [ 177.808910][ T7298] EXT4-fs (loop5): This should not happen!! Data will be lost [ 177.808910][ T7298] [ 178.545532][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 180.978776][ T7324] loop2: detected capacity change from 0 to 1024 [ 181.014670][ T7324] EXT4-fs: Ignoring removed mblk_io_submit option [ 181.099977][ T7324] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 181.123374][ T7324] ext4 filesystem being mounted at /93/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 181.283723][ T7324] EXT4-fs (loop2): shut down requested (2) [ 181.412965][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 183.118074][ T7374] loop3: detected capacity change from 0 to 1024 [ 183.186973][ T7374] EXT4-fs: Ignoring removed mblk_io_submit option [ 183.367682][ T7374] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 183.471242][ T7374] ext4 filesystem being mounted at /114/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 183.641737][ T7374] EXT4-fs (loop3): shut down requested (2) [ 183.759462][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 183.813662][ T7392] syzkaller0: entered promiscuous mode [ 183.820057][ T7392] syzkaller0: entered allmulticast mode [ 184.239003][ T7399] loop3: detected capacity change from 0 to 1024 [ 184.660069][ T7399] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 184.673243][ T7399] ext4 filesystem being mounted at /115/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 185.308861][ T7404] sch_tbf: burst 255 is lower than device syzkaller0 mtu (1514) ! [ 185.348200][ T7404] syzkaller0: entered promiscuous mode [ 185.383377][ T7404] syzkaller0: entered allmulticast mode [ 185.399383][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 185.482984][ T7404] tipc: Enabled bearer , priority 0 [ 185.509785][ T7403] tipc: Resetting bearer [ 185.560729][ T7403] tipc: Disabling bearer [ 185.963921][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 187.684043][ T7436] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 187.842544][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.850524][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.631839][ T7439] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 189.638988][ T7439] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 189.661662][ T7439] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 189.668026][ T7439] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 189.742137][ T7439] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 189.780985][ T7439] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 189.789938][ T7439] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 189.802198][ T7439] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 189.831932][ T7439] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 189.838581][ T5777] Bluetooth: hci0: command 0x0c1a tx timeout [ 190.015674][ T7467] loop2: detected capacity change from 0 to 256 [ 190.036015][ T7467] FAT-fs (loop2): "posix" option is obsolete, not supported now [ 190.634747][ T7486] loop3: detected capacity change from 0 to 128 [ 191.672640][ T5777] Bluetooth: hci1: command 0x0c1a tx timeout [ 191.678720][ T5777] Bluetooth: hci2: command 0x0c1a tx timeout [ 191.832749][ T5777] Bluetooth: hci3: command 0x0c1a tx timeout [ 191.845711][ T7503] loop5: detected capacity change from 0 to 1024 [ 191.883646][ T7503] EXT4-fs: Ignoring removed mblk_io_submit option [ 191.912619][ T5777] Bluetooth: hci0: command 0x0c1a tx timeout [ 191.944893][ T7509] loop3: detected capacity change from 0 to 512 [ 191.953396][ T7503] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 191.988915][ T5970] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 192.069094][ T7503] ext4 filesystem being mounted at /51/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 192.248777][ T7503] EXT4-fs (loop5): shut down requested (2) [ 192.643881][ T7530] loop3: detected capacity change from 0 to 128 [ 192.712803][ T7530] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 192.781019][ T7530] ext4 filesystem being mounted at /122/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 193.483766][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 193.496232][ T5775] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 193.652244][ T7551] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 193.752425][ T5777] Bluetooth: hci1: command 0x0c1a tx timeout [ 193.912813][ T5777] Bluetooth: hci3: command 0x0c1a tx timeout [ 194.320157][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.326794][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.813296][ T7573] loop4: detected capacity change from 0 to 1024 [ 194.845064][ T7573] EXT4-fs: Ignoring removed mblk_io_submit option [ 195.079127][ T7573] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 195.112504][ T7573] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 195.135633][ T7573] EXT4-fs (loop4): shut down requested (2) [ 195.818508][ T6324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 195.832854][ T5777] Bluetooth: hci1: command 0x0c1a tx timeout [ 195.996579][ T5777] Bluetooth: hci3: command 0x0c1a tx timeout [ 196.134204][ T7602] overlayfs: missing 'lowerdir' [ 197.185843][ T7619] loop5: detected capacity change from 0 to 1024 [ 197.822572][ T7619] EXT4-fs: Ignoring removed mblk_io_submit option [ 197.937900][ T7619] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 197.956536][ T7619] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 198.016247][ T7619] EXT4-fs (loop5): shut down requested (2) [ 198.100146][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 198.277269][ T7634] netlink: 104 bytes leftover after parsing attributes in process `syz.3.429'. [ 198.778627][ T7660] loop5: detected capacity change from 0 to 1024 [ 198.812646][ T7660] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 198.838280][ T7660] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 198.887185][ T7660] System zones: 0-1, 3-36 [ 198.920429][ T7660] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 199.150165][ T7670] loop4: detected capacity change from 0 to 512 [ 199.161359][ T7670] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 199.190794][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.206735][ T7670] EXT4-fs (loop4): 1 truncate cleaned up [ 199.384109][ T7670] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 200.265200][ T6324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.395229][ T7688] loop5: detected capacity change from 0 to 256 [ 201.759271][ T7712] sch_tbf: burst 0 is lower than device lo mtu (11337746) ! [ 201.992090][ T7721] binder: BINDER_SET_CONTEXT_MGR already set [ 202.032670][ T7721] binder: 7720:7721 ioctl 4018620d 200000004a80 returned -16 [ 202.120513][ T7729] netlink: 8 bytes leftover after parsing attributes in process `syz.5.452'. [ 202.660818][ T7729] mmap: syz.5.452 (7729) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 203.089194][ T7737] syzkaller1: entered promiscuous mode [ 203.147552][ T7734] loop2: detected capacity change from 0 to 2048 [ 203.203177][ T7737] syzkaller1: entered allmulticast mode [ 203.277624][ T7734] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 203.342143][ T7734] ext4 filesystem being mounted at /121/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 203.504714][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.384860][ T7752] overlayfs: missing 'lowerdir' [ 204.670988][ T7765] loop5: detected capacity change from 0 to 128 [ 204.762780][ T7765] loop9: detected capacity change from 0 to 7 [ 204.808328][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 204.817846][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 204.833662][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 204.842885][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 204.875875][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 204.885103][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 204.895988][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 204.905193][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 204.916543][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 204.925777][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 204.935282][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 204.944482][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 204.953680][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 204.962891][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 204.970826][ T7765] ldm_validate_partition_table(): Disk read failed. [ 204.982570][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 204.991755][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 205.002577][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 205.011767][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 205.020791][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 205.030007][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 205.052762][ T7765] Dev loop9: unable to read RDB block 0 [ 205.063123][ T7765] loop9: unable to read partition table [ 205.069043][ T7765] loop9: partition table beyond EOD, truncated [ 205.102365][ T7765] loop_reread_partitions: partition scan of loop9 (úùƒå¡™‰ü¾CêjÌ–ã¢P=ý?ã}X‹ºÐ œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö˜Èµ4FLQkÝŠ) failed (rc=-5) [ 205.597623][ T7787] capability: warning: `syz.5.467' uses deprecated v2 capabilities in a way that may be insecure [ 205.825655][ T5777] Bluetooth: hci3: unexpected event for opcode 0x2041 [ 205.860784][ T7796] overlayfs: missing 'lowerdir' [ 206.156746][ T5813] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 206.202521][ T7812] loop2: detected capacity change from 0 to 1024 [ 206.209918][ T5813] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 206.238153][ T7812] ext4: Bad value for 'resgid' [ 206.424798][ T7817] input: syz0 as /devices/virtual/input/input6 [ 206.454150][ T7814] fido_id[7814]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 206.925525][ T7836] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 206.943431][ T7836] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 207.252907][ T7846] loop2: detected capacity change from 0 to 256 [ 207.263228][ T7845] loop5: detected capacity change from 0 to 2048 [ 207.279046][ T7845] EXT4-fs: Ignoring removed mblk_io_submit option [ 207.303736][ T7845] EXT4-fs: Ignoring removed mblk_io_submit option [ 207.339016][ T7846] FAT-fs (loop2): Directory bread(block 64) failed [ 207.339660][ T7845] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 207.389754][ T7846] FAT-fs (loop2): Directory bread(block 65) failed [ 207.391796][ T7845] EXT4-fs error (device loop5): ext4_validate_block_bitmap:439: comm syz.5.484: bg 0: block 234: padding at end of block bitmap is not set [ 207.434107][ T7846] FAT-fs (loop2): Directory bread(block 66) failed [ 207.440677][ T7846] FAT-fs (loop2): Directory bread(block 67) failed [ 207.466551][ T7845] EXT4-fs (loop5): Remounting filesystem read-only [ 207.478424][ T7829] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.486124][ T7829] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.492625][ T7846] FAT-fs (loop2): Directory bread(block 68) failed [ 207.520264][ T7846] FAT-fs (loop2): Directory bread(block 69) failed [ 207.531718][ T7846] FAT-fs (loop2): Directory bread(block 70) failed [ 207.550286][ T7846] FAT-fs (loop2): Directory bread(block 71) failed [ 207.559583][ T7846] FAT-fs (loop2): Directory bread(block 72) failed [ 207.567906][ T7846] FAT-fs (loop2): Directory bread(block 73) failed [ 207.578888][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.898504][ T7860] loop5: detected capacity change from 0 to 1024 [ 207.903204][ T7859] loop2: detected capacity change from 0 to 512 [ 207.910245][ T7860] EXT4-fs: Ignoring removed mblk_io_submit option [ 207.960822][ T7860] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 207.986063][ T7860] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 207.992124][ T7859] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 208.027935][ T7859] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 208.110976][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 208.243070][ T7865] loop5: detected capacity change from 0 to 2048 [ 208.256498][ T7829] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 208.290231][ T7829] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 208.298564][ T7865] loop5: p1 p2 p3 p4 [ 208.298564][ T7865] p1: [ 208.314483][ T7865] loop5: p1 size 1000341504 extends beyond EOD, truncated [ 208.332080][ T7865] loop5: p2 size 458752 extends beyond EOD, truncated [ 208.341630][ T7865] loop5: p3 start 3036676096 is beyond EOD, truncated [ 208.353539][ T7865] loop5: p4 start 524288 is beyond EOD, truncated [ 208.360062][ T7865] loop5: p5 size 16779263 extends beyond EOD, truncated [ 208.585772][ T6718] udevd[6718]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory [ 208.597092][ T6600] udevd[6600]: inotify_add_watch(7, /dev/loop5p5, 10) failed: No such file or directory [ 208.607387][ T5970] udevd[5970]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 208.700207][ T7829] tipc: Resetting bearer [ 208.734460][ T7869] syz.5.491 (7869): /proc/7868/oom_adj is deprecated, please use /proc/7868/oom_score_adj instead. [ 208.900966][ T7874] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 208.913796][ T7874] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 208.944314][ T7829] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.959173][ T7829] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.968643][ T7829] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.982515][ T7829] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.243991][ T7859] netlink: 'syz.2.487': attribute type 39 has an invalid length. [ 209.358080][ T7882] netlink: 4 bytes leftover after parsing attributes in process `syz.5.495'. [ 210.245064][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.212820][ T6075] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 211.573011][ T6075] usb 4-1: not running at top speed; connect to a high speed hub [ 211.619925][ T6075] usb 4-1: config 1 interface 0 altsetting 255 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 211.882549][ T6075] usb 4-1: config 1 interface 0 altsetting 255 endpoint 0x82 has invalid maxpacket 1024, setting to 64 [ 212.556954][ T6075] usb 4-1: config 1 interface 0 altsetting 255 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 212.571194][ T6075] usb 4-1: config 1 interface 0 has no altsetting 0 [ 212.582463][ T6075] usb 4-1: language id specifier not provided by device, defaulting to English [ 212.596204][ T6075] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 212.622300][ T6075] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.683010][ T6075] usb 4-1: Product: syz [ 212.687217][ T6075] usb 4-1: SerialNumber: syz [ 212.750213][ T7886] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 212.781809][ T7886] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 212.810317][ T7904] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 212.839413][ T7886] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 212.888757][ T7904] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 213.163495][ T6075] cdc_ether: probe of 4-1:1.0 failed with error -22 [ 213.248665][ T6075] usb 4-1: USB disconnect, device number 3 [ 213.424241][ T7922] loop5: detected capacity change from 0 to 1024 [ 213.503980][ T7922] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 213.526757][ T7930] loop3: detected capacity change from 0 to 512 [ 213.593390][ T7930] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 213.656929][ T7922] EXT4-fs error (device loop5): ext4_find_dest_de:2115: inode #2: block 16: comm syz.5.507: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=2, rec_len=65535, size=1024 fake=0 [ 213.723737][ T7930] EXT4-fs (loop3): Test dummy encryption mode enabled [ 213.730942][ T7930] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 213.746567][ T7922] EXT4-fs error (device loop5): ext4_find_dest_de:2115: inode #2: block 16: comm syz.5.507: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=2, rec_len=65535, size=1024 fake=0 [ 213.917921][ T7930] EXT4-fs error (device loop3): __ext4_iget:5078: inode #15: block 1803188595: comm syz.3.509: invalid block [ 213.942101][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 213.960008][ T7930] EXT4-fs (loop3): Remounting filesystem read-only [ 213.979666][ T7930] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 214.072986][ T7948] overlayfs: missing 'lowerdir' [ 214.268943][ T7955] loop2: detected capacity change from 0 to 256 [ 214.379486][ T7955] FAT-fs (loop2): Directory bread(block 64) failed [ 214.401534][ T7930] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 214.413197][ T7955] FAT-fs (loop2): Directory bread(block 65) failed [ 214.429785][ T7955] FAT-fs (loop2): Directory bread(block 66) failed [ 214.445170][ T7930] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 214.460385][ T7955] FAT-fs (loop2): Directory bread(block 67) failed [ 214.482158][ T7955] FAT-fs (loop2): Directory bread(block 68) failed [ 214.499993][ T7955] FAT-fs (loop2): Directory bread(block 69) failed [ 214.509473][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 214.519616][ T7955] FAT-fs (loop2): Directory bread(block 70) failed [ 214.549085][ T7955] FAT-fs (loop2): Directory bread(block 71) failed [ 214.567012][ T7955] FAT-fs (loop2): Directory bread(block 72) failed [ 214.593467][ T7955] FAT-fs (loop2): Directory bread(block 73) failed [ 216.290888][ T7984] loop2: detected capacity change from 0 to 512 [ 216.469595][ T5812] IPVS: starting estimator thread 0... [ 216.495038][ T7984] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 216.503065][ T7984] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 216.511138][ T7984] System zones: 0-1, 15-15, 18-18, 34-34 [ 216.517273][ T7984] EXT4-fs (loop2): orphan cleanup on readonly fs [ 216.523785][ T7984] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0 [ 216.533397][ T7984] EXT4-fs warning (device loop2): ext4_enable_quotas:7188: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 216.548425][ T7984] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 216.556381][ T7984] EXT4-fs error (device loop2): ext4_orphan_get:1430: comm syz.2.519: bad orphan inode 16 [ 216.567615][ T7984] ext4_test_bit(bit=15, block=18) = 1 [ 216.573069][ T7984] is_bad_inode(inode)=0 [ 216.577261][ T7984] NEXT_ORPHAN(inode)=0 [ 216.581337][ T7984] max_ino=32 [ 216.585236][ T7984] i_nlink=2 [ 216.589683][ T7984] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 216.613550][ T7986] IPVS: using max 20 ests per chain, 48000 per kthread [ 216.926657][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 217.731402][ T8001] overlayfs: missing 'lowerdir' [ 217.916987][ T8008] loop5: detected capacity change from 0 to 1024 [ 217.946544][ T8008] EXT4-fs: Ignoring removed nomblk_io_submit option [ 218.128867][ T8008] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 218.194397][ T8008] ext4 filesystem being mounted at /89/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 218.312539][ T8018] Bluetooth: hci4: Frame reassembly failed (-84) [ 218.585337][ T42] Bluetooth: hci4: Frame reassembly failed (-84) [ 218.659086][ T8017] EXT4-fs error (device loop5): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 218.858808][ T8008] EXT4-fs error (device loop5): ext4_validate_block_bitmap:439: comm syz.5.525: bg 0: block 112: padding at end of block bitmap is not set [ 218.939334][ T8008] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28 [ 218.967229][ T8008] EXT4-fs (loop5): This should not happen!! Data will be lost [ 218.967229][ T8008] [ 218.982726][ T8008] EXT4-fs (loop5): Total free blocks count 0 [ 218.988850][ T8008] EXT4-fs (loop5): Free/Dirty block details [ 219.009634][ T8008] EXT4-fs (loop5): free_blocks=0 [ 219.520641][ T8008] EXT4-fs (loop5): dirty_blocks=64 [ 219.608282][ T8028] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9) [ 219.615233][ T8028] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 219.624748][ T8028] vhci_hcd vhci_hcd.0: Device attached [ 219.664821][ T8027] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(12) [ 219.671463][ T8027] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 219.679273][ T8027] vhci_hcd vhci_hcd.0: Device attached [ 219.707842][ T8028] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(11) [ 219.714484][ T8028] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 219.722494][ T8028] vhci_hcd vhci_hcd.0: Device attached [ 219.871982][ T8030] vhci_hcd: connection closed [ 219.873332][ T8032] vhci_hcd: connection closed [ 219.878587][ T8034] vhci_hcd: connection closed [ 219.910159][ T42] vhci_hcd: stop threads [ 219.974704][ T6076] usb 41-1: new low-speed USB device number 2 using vhci_hcd [ 219.990966][ T8008] EXT4-fs (loop5): Block reservation details [ 220.023510][ T42] vhci_hcd: release socket [ 220.029006][ T42] vhci_hcd: disconnect device [ 220.033906][ T8008] EXT4-fs (loop5): i_reserved_data_blocks=4 [ 220.042964][ T6076] usb 41-1: enqueue for inactive port 0 [ 220.094719][ T42] vhci_hcd: stop threads [ 220.099068][ T42] vhci_hcd: release socket [ 220.146293][ T42] vhci_hcd: disconnect device [ 220.198775][ T6076] vhci_hcd: vhci_device speed not set [ 220.245212][ T42] vhci_hcd: stop threads [ 220.319450][ T42] vhci_hcd: release socket [ 220.397907][ T5786] Bluetooth: hci4: command 0x1003 tx timeout [ 220.408576][ T42] vhci_hcd: disconnect device [ 220.466068][ T5777] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 220.657845][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 220.869283][ T8040] loop2: detected capacity change from 0 to 1024 [ 221.107390][ T8040] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 221.124095][ T8040] ext4 filesystem being mounted at /140/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 221.141992][ T8040] EXT4-fs error (device loop2): ext4_map_blocks:720: inode #15: comm syz.2.530: lblock 0 mapped to illegal pblock 0 (length 1) [ 221.165857][ T8040] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 221.185843][ T8040] EXT4-fs (loop2): This should not happen!! Data will be lost [ 221.185843][ T8040] [ 221.229320][ T8050] EXT4-fs error (device loop2): ext4_map_blocks:610: inode #15: comm syz.2.530: lblock 0 mapped to illegal pblock 0 (length 1) [ 221.343965][ T8054] xt_hashlimit: size too large, truncated to 1048576 [ 221.530273][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 221.632572][ T8062] netlink: 16 bytes leftover after parsing attributes in process `syz.4.533'. [ 221.653735][ T8062] loop4: detected capacity change from 0 to 1024 [ 221.661605][ T8062] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 221.742597][ T8062] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 221.894274][ T8070] overlayfs: missing 'lowerdir' [ 222.182650][ T8078] loop2: detected capacity change from 0 to 256 [ 222.304526][ T6324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.479542][ T8087] loop4: detected capacity change from 0 to 256 [ 222.550205][ T8087] FAT-fs (loop4): Directory bread(block 64) failed [ 222.557208][ T8087] FAT-fs (loop4): Directory bread(block 65) failed [ 222.569054][ T8087] FAT-fs (loop4): Directory bread(block 66) failed [ 222.576102][ T8087] FAT-fs (loop4): Directory bread(block 67) failed [ 222.591411][ T8087] FAT-fs (loop4): Directory bread(block 68) failed [ 222.601688][ T8087] FAT-fs (loop4): Directory bread(block 69) failed [ 222.627004][ T8087] FAT-fs (loop4): Directory bread(block 70) failed [ 222.662625][ T8087] FAT-fs (loop4): Directory bread(block 71) failed [ 222.669293][ T8087] FAT-fs (loop4): Directory bread(block 72) failed [ 222.697279][ T8087] FAT-fs (loop4): Directory bread(block 73) failed [ 223.236202][ T8105] overlayfs: missing 'workdir' [ 223.440565][ T5777] Bluetooth: hci2: unexpected event 0x03 length: 1 < 11 [ 223.692725][ T8115] netlink: 4 bytes leftover after parsing attributes in process `syz.2.543'. [ 223.869332][ T8118] netlink: 4 bytes leftover after parsing attributes in process `syz.2.543'. [ 224.497756][ T8122] loop3: detected capacity change from 0 to 256 [ 224.550908][ T8122] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 225.081237][ T8127] syzkaller0: entered promiscuous mode [ 225.101008][ T8127] syzkaller0: entered allmulticast mode [ 225.944667][ T8142] overlayfs: missing 'workdir' [ 227.528271][ T8178] (null): rxe_set_mtu: Set mtu to 1024 [ 227.537242][ T8178] wg2 speed is unknown, defaulting to 1000 [ 227.548062][ T8178] wg2 speed is unknown, defaulting to 1000 [ 227.570217][ T8178] wg2 speed is unknown, defaulting to 1000 [ 227.591207][ T8180] loop5: detected capacity change from 0 to 512 [ 227.643144][ T8180] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 227.692127][ T8180] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 227.707786][ T8180] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 227.717140][ T8180] System zones: 0-1, 15-15, 18-18, 34-34 [ 227.728244][ T8180] EXT4-fs (loop5): orphan cleanup on readonly fs [ 227.734945][ T8180] Quota error (device loop5): v2_read_header: Failed header read: expected=8 got=0 [ 227.749480][ T8180] EXT4-fs warning (device loop5): ext4_enable_quotas:7188: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 227.772758][ T8180] EXT4-fs (loop5): Cannot turn on quotas: error -22 [ 227.784987][ T8180] EXT4-fs (loop5): 1 truncate cleaned up [ 227.796166][ T8180] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 227.821791][ T8180] fscrypt (loop5, inode 16): Error -61 getting encryption context [ 228.048873][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.156016][ T8190] overlayfs: missing 'workdir' [ 228.395639][ T5777] Bluetooth: hci3: unexpected cc 0x0c56 length: 0 < 1 [ 228.402862][ T5777] Bluetooth: hci3: unexpected event for opcode 0x0c56 [ 228.607975][ T6076] wg2 speed is unknown, defaulting to 1000 [ 228.624176][ T8178] infiniband syz2: set down [ 228.629241][ T8178] infiniband syz2: added wg2 [ 228.639672][ T8178] syz2: rxe_create_cq: returned err = -12 [ 228.809810][ T8178] infiniband syz2: Couldn't create ib_mad CQ [ 229.025289][ T8178] infiniband syz2: Couldn't open port 1 [ 229.390664][ T8178] RDS/IB: syz2: added [ 229.418568][ T8178] smc: adding ib device syz2 with port count 1 [ 229.451839][ T8178] smc: ib device syz2 port 1 has pnetid [ 229.479051][ T8213] loop3: detected capacity change from 0 to 256 [ 229.479875][ T6071] wg2 speed is unknown, defaulting to 1000 [ 229.509659][ T8178] wg2 speed is unknown, defaulting to 1000 [ 229.976617][ T8230] tipc: Started in network mode [ 229.981537][ T8230] tipc: Node identity c60370444eec, cluster identity 4711 [ 230.018431][ T8230] tipc: Enabled bearer , priority 0 [ 230.027781][ T8230] syzkaller0: entered promiscuous mode [ 230.046759][ T8230] syzkaller0: entered allmulticast mode [ 230.073590][ T8178] wg2 speed is unknown, defaulting to 1000 [ 230.098382][ T8230] tipc: Resetting bearer [ 230.140705][ T8229] tipc: Resetting bearer [ 230.227889][ T8229] tipc: Disabling bearer [ 230.342503][ T8178] wg2 speed is unknown, defaulting to 1000 [ 231.807299][ T8178] wg2 speed is unknown, defaulting to 1000 [ 231.931791][ T8253] loop5: detected capacity change from 0 to 2048 [ 232.033723][ T8253] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 232.123320][ T8253] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 232.839213][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.102559][ T8271] loop3: detected capacity change from 0 to 512 [ 233.109793][ T8271] EXT4-fs: Ignoring removed bh option [ 233.296713][ T8271] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 233.985542][ T8271] EXT4-fs (loop3): 1 truncate cleaned up [ 234.000553][ T8271] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 234.276611][ T8287] overlayfs: upper fs needs to support d_type. [ 234.339668][ T8289] loop2: detected capacity change from 0 to 512 [ 234.362327][ T8286] syzkaller0: entered promiscuous mode [ 234.378023][ T8286] syzkaller0: entered allmulticast mode [ 234.490676][ T8289] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 234.647774][ T5775] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0) [ 234.680357][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.705330][ T5775] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1) [ 234.728307][ T5775] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2) [ 234.777184][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.980284][ T8299] loop2: detected capacity change from 0 to 1024 [ 234.987673][ T8299] EXT4-fs: Ignoring removed oldalloc option [ 234.993678][ T8299] EXT4-fs: Ignoring removed orlov option [ 234.999428][ T8297] loop5: detected capacity change from 0 to 512 [ 235.008410][ T5777] Bluetooth: hci2: unexpected event for opcode 0x1004 [ 235.018546][ T8302] netlink: 60 bytes leftover after parsing attributes in process `syz.4.601'. [ 235.041937][ T8297] EXT4-fs error (device loop5): ext4_orphan_get:1404: inode #15: comm syz.5.599: inode has both inline data and extents flags [ 235.108662][ T8297] EXT4-fs error (device loop5): ext4_orphan_get:1409: comm syz.5.599: couldn't read orphan inode 15 (err -117) [ 235.162530][ T8299] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a002c118, mo2=0002] [ 235.170748][ T8299] System zones: 0-1, 3-12 [ 235.209366][ T8297] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 235.223635][ T8299] EXT4-fs (loop2): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 235.309789][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 235.535514][ T8312] netlink: 4 bytes leftover after parsing attributes in process `syz.4.604'. [ 235.548854][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.822948][ T8320] netlink: 8 bytes leftover after parsing attributes in process `syz.3.607'. [ 235.923218][ T8325] netlink: 60 bytes leftover after parsing attributes in process `syz.2.610'. [ 236.716272][ T8330] loop2: detected capacity change from 0 to 512 [ 236.764244][ T8330] EXT4-fs (loop2): 1 truncate cleaned up [ 236.771173][ T8330] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 236.998956][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.287988][ T8348] loop2: detected capacity change from 0 to 256 [ 237.314691][ T8348] FAT-fs (loop2): Unrecognized mount option "shortname=wicnt" or missing value [ 237.365465][ T8353] netlink: 60 bytes leftover after parsing attributes in process `syz.4.621'. [ 238.293289][ T5777] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 239.119543][ T5777] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 239.128620][ T5777] Bluetooth: hci2: Injecting HCI hardware error event [ 239.139939][ T5777] Bluetooth: hci2: hardware error 0x00 [ 239.803516][ T8379] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 239.863717][ T8381] netlink: 60 bytes leftover after parsing attributes in process `syz.4.630'. [ 240.003894][ T8385] fuse: Bad value for 'fd' [ 240.078875][ T8388] ubi: mtd0 is already attached to ubi0 [ 240.720088][ T8398] loop3: detected capacity change from 0 to 512 [ 240.782663][ T8398] EXT4-fs (loop3): Test dummy encryption mode enabled [ 240.845087][ T8398] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e024e0ad, mo2=0002] [ 240.885482][ T8398] System zones: 1-12 [ 240.938834][ T8398] EXT4-fs (loop3): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 241.196127][ T5777] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 241.276927][ T8398] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 241.326255][ T8398] EXT4-fs error (device loop3): ext4_add_entry:2486: inode #2: comm syz.3.637: Directory hole found for htree leaf block 0 [ 241.365782][ T8398] EXT4-fs (loop3): Remounting filesystem read-only [ 241.408549][ T8410] sctp: [Deprecated]: syz.4.640 (pid 8410) Use of int in max_burst socket option deprecated. [ 241.408549][ T8410] Use struct sctp_assoc_value instead [ 241.462242][ T5775] EXT4-fs (loop3): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 241.624592][ T8414] netlink: 60 bytes leftover after parsing attributes in process `syz.3.641'. [ 242.092395][ T6071] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 242.226603][ T8428] loop4: detected capacity change from 0 to 512 [ 242.258058][ T8428] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 242.282511][ T6071] usb 6-1: Using ep0 maxpacket: 8 [ 242.292655][ T6071] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 242.306572][ T6071] usb 6-1: config 179 has no interface number 0 [ 242.322451][ T6071] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 242.345689][ T6071] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 242.358407][ T8428] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 242.408867][ T8428] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 3: comm syz.4.648: path /125/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 242.417714][ T6071] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 242.467814][ T8428] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 12: comm syz.4.648: path /125/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 242.472685][ T6071] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 242.504122][ T6071] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 242.521628][ T8428] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 13: comm syz.4.648: path /125/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 242.548184][ T6071] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 242.560676][ T8428] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 14: comm syz.4.648: path /125/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 242.581162][ T6071] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 242.595244][ T8428] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 15: comm syz.4.648: path /125/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 242.631957][ T8416] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 242.647367][ T8428] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 16: comm syz.4.648: path /125/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 242.721059][ T8428] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 17: comm syz.4.648: path /125/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 242.751350][ T8428] EXT4-fs error (device loop4): ext4_map_blocks:610: inode #2: block 18: comm syz.4.648: lblock 23 mapped to illegal pblock 18 (length 1) [ 242.773561][ T8428] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 19: comm syz.4.648: path /125/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 242.809272][ T8428] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 20: comm syz.4.648: path /125/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0 [ 243.168759][ T5814] usb 6-1: USB disconnect, device number 2 [ 243.168801][ C1] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 243.183842][ C1] dummy_hcd dummy_hcd.5: timer fired with no URBs pending? [ 243.245869][ T27] audit: type=1326 audit(1780823594.409:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8455 comm="syz.3.650" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc9d839ce59 code=0x0 [ 243.282948][ T6324] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1154: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 243.305349][ T6324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 243.582638][ T8465] netlink: 60 bytes leftover after parsing attributes in process `syz.2.654'. [ 244.293960][ T8479] loop2: detected capacity change from 0 to 128 [ 246.731084][ T8501] binder: 8500:8501 ioctl c018620c 200000003580 returned -1 [ 246.865726][ T8503] netlink: 40 bytes leftover after parsing attributes in process `syz.3.663'. [ 247.491951][ T8521] netlink: 4 bytes leftover after parsing attributes in process `syz.5.669'. [ 247.533854][ T8521] loop5: detected capacity change from 0 to 256 [ 249.201069][ T8521] FAT-fs (loop5): Directory bread(block 64) failed [ 249.209852][ T8521] FAT-fs (loop5): Directory bread(block 65) failed [ 249.234625][ T8521] FAT-fs (loop5): Directory bread(block 66) failed [ 249.243902][ T8521] FAT-fs (loop5): Directory bread(block 67) failed [ 249.261699][ T8521] FAT-fs (loop5): Directory bread(block 68) failed [ 249.269057][ T8521] FAT-fs (loop5): Directory bread(block 69) failed [ 249.292838][ T8521] FAT-fs (loop5): Directory bread(block 70) failed [ 249.300038][ T8521] FAT-fs (loop5): Directory bread(block 71) failed [ 249.324820][ T8521] FAT-fs (loop5): Directory bread(block 72) failed [ 249.333254][ T8521] FAT-fs (loop5): Directory bread(block 73) failed [ 251.334351][ T8530] netlink: 40 bytes leftover after parsing attributes in process `syz.2.676'. [ 251.387465][ T8532] loop5: detected capacity change from 0 to 1024 [ 251.415081][ T8532] EXT4-fs: Ignoring removed nomblk_io_submit option [ 251.466446][ T8532] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 251.733629][ T8532] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 251.909012][ T2961] Bluetooth: hci4: Frame reassembly failed (-84) [ 251.920281][ T2961] Bluetooth: hci4: Frame reassembly failed (-84) [ 252.028008][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 253.187492][ T8552] loop2: detected capacity change from 0 to 8192 [ 253.251979][ T8560] netlink: 40 bytes leftover after parsing attributes in process `syz.5.686'. [ 253.264092][ T8552] loop2: p1 p2 p3 p4 [ 253.272667][ T8552] loop2: partition table partially beyond EOD, truncated [ 253.289168][ T8552] loop2: p1 start 51379968 is beyond EOD, truncated [ 253.303950][ T8552] loop2: p2 start 4293394690 is beyond EOD, truncated [ 253.319080][ T8552] loop2: p3 size 100663296 extends beyond EOD, truncated [ 253.335475][ T8552] loop2: p4 size 50331648 extends beyond EOD, truncated [ 253.630886][ T5970] blk_print_req_error: 10 callbacks suppressed [ 253.630903][ T5970] I/O error, dev loop2, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 253.758236][ T8572] loop5: detected capacity change from 0 to 256 [ 253.779664][ T6600] udevd[6600]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 253.794557][ T5970] udevd[5970]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 253.816104][ T8572] FAT-fs (loop5): Directory bread(block 64) failed [ 253.835409][ T8572] FAT-fs (loop5): Directory bread(block 65) failed [ 253.842206][ T8572] FAT-fs (loop5): Directory bread(block 66) failed [ 253.851160][ T8572] FAT-fs (loop5): Directory bread(block 67) failed [ 253.861338][ T8572] FAT-fs (loop5): Directory bread(block 68) failed [ 253.871162][ T8572] FAT-fs (loop5): Directory bread(block 69) failed [ 253.880455][ T8572] FAT-fs (loop5): Directory bread(block 70) failed [ 253.889711][ T8572] FAT-fs (loop5): Directory bread(block 71) failed [ 253.896864][ T8572] FAT-fs (loop5): Directory bread(block 72) failed [ 253.903987][ T8572] FAT-fs (loop5): Directory bread(block 73) failed [ 253.912559][ T5777] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 254.265167][ T8578] loop2: detected capacity change from 0 to 512 [ 254.273240][ T8578] EXT4-fs: Invalid want_extra_isize 45 [ 254.488129][ T8578] loop2: detected capacity change from 0 to 256 [ 255.573691][ T8587] syz_tun: entered allmulticast mode [ 255.607987][ T8586] syz_tun: left allmulticast mode [ 255.765481][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.771891][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.213184][ T8594] netlink: 20 bytes leftover after parsing attributes in process `syz.3.697'. [ 256.402960][ T8601] loop4: detected capacity change from 0 to 512 [ 256.460799][ T8605] loop2: detected capacity change from 0 to 1024 [ 256.468196][ T8605] EXT4-fs: Ignoring removed oldalloc option [ 256.474381][ T8605] EXT4-fs: Ignoring removed orlov option [ 256.503942][ T8601] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 256.506819][ T8603] loop3: detected capacity change from 0 to 8192 [ 256.536346][ T8601] ext4 filesystem being mounted at /132/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 256.537834][ T8605] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a002c118, mo2=0002] [ 256.616499][ T8605] System zones: 0-1, 3-12 [ 256.631154][ T8605] EXT4-fs (loop2): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 256.654688][ T6324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.809321][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 256.809927][ T8617] loop5: detected capacity change from 0 to 128 [ 256.881068][ T8618] loop3: detected capacity change from 0 to 1024 [ 256.890098][ T8618] EXT4-fs: Ignoring removed bh option [ 256.934510][ T8618] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 256.958348][ T8617] ext4: Unknown parameter 'fsmagic' [ 257.045758][ T8618] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 257.072422][ T6718] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 257.767847][ T8617] loop5: detected capacity change from 0 to 4096 [ 257.775915][ T8617] EXT4-fs: Ignoring removed mblk_io_submit option [ 257.784283][ T8617] EXT4-fs (loop5): Test dummy encryption mode enabled [ 257.795836][ T8617] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 257.830846][ T5786] Bluetooth: hci3: unexpected event for opcode 0x2088 [ 258.021796][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.363833][ T8631] fscrypt (loop5): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 258.374929][ T8631] overlayfs: upper fs does not support tmpfile. [ 258.384228][ T8631] fscrypt (loop5): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 258.751482][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.018465][ T8650] netlink: 20 bytes leftover after parsing attributes in process `syz.5.712'. [ 259.138310][ T8654] netlink: 8 bytes leftover after parsing attributes in process `syz.5.714'. [ 259.215306][ T6075] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 259.415386][ T6075] usb 3-1: config 1 has an invalid interface number: 7 but max is 0 [ 259.425744][ T6075] usb 3-1: config 1 has no interface number 0 [ 259.431885][ T6075] usb 3-1: config 1 interface 7 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 32 [ 259.441720][ T6075] usb 3-1: config 1 interface 7 altsetting 0 endpoint 0xE has an invalid bInterval 86, changing to 10 [ 259.455755][ T6075] usb 3-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00 [ 259.465711][ T6075] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 259.483145][ T6075] usb 3-1: Product: syz [ 259.490410][ T6075] usb 3-1: Manufacturer: syz [ 259.499757][ T6075] usb 3-1: SerialNumber: syz [ 259.603277][ T8648] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 259.613067][ T6075] usb 3-1: Error in usbnet_get_endpoints (-22) [ 259.768258][ T8679] netlink: 20 bytes leftover after parsing attributes in process `syz.4.723'. [ 259.860380][ T5836] usb 3-1: USB disconnect, device number 2 [ 260.327289][ T8690] loop4: detected capacity change from 0 to 512 [ 260.366210][ T8690] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 260.420202][ T8690] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 260.469699][ T8690] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:478: comm syz.4.728: Invalid block bitmap block 0 in block_group 0 [ 260.544827][ T8690] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6655: Corrupt filesystem [ 260.602958][ T8690] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #11: comm syz.4.728: attempt to clear invalid blocks 983261 len 1 [ 260.605015][ T8701] loop5: detected capacity change from 0 to 256 [ 260.808560][ T8690] EXT4-fs error (device loop4): __ext4_get_inode_loc:4496: comm syz.4.728: Invalid inode table block 0 in block_group 0 [ 261.005264][ T8690] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5939: Corrupt filesystem [ 261.515141][ T5777] Bluetooth: hci3: command 0x0c1a tx timeout [ 261.655299][ T8690] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 261.750697][ T8690] EXT4-fs error (device loop4): __ext4_get_inode_loc:4496: comm syz.4.728: Invalid inode table block 0 in block_group 0 [ 261.776376][ T8710] netlink: 20 bytes leftover after parsing attributes in process `syz.5.734'. [ 261.916471][ T8690] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5939: Corrupt filesystem [ 261.961227][ T8690] EXT4-fs error (device loop4): ext4_truncate:4301: inode #11: comm syz.4.728: mark_inode_dirty error [ 261.978728][ T8690] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 261.988084][ T8690] EXT4-fs error (device loop4): __ext4_get_inode_loc:4496: comm syz.4.728: Invalid inode table block 0 in block_group 0 [ 262.047424][ T8690] EXT4-fs (loop4): 1 truncate cleaned up [ 262.168233][ T8690] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 262.662549][ T8723] loop2: detected capacity change from 0 to 7 [ 262.719459][ T8723] Dev loop2: unable to read RDB block 7 [ 262.745877][ T8723] loop2: unable to read partition table [ 262.782694][ T8723] loop2: partition table beyond EOD, truncated [ 262.815360][ T8723] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 264.163093][ T8720] netlink: 4 bytes leftover after parsing attributes in process `syz.2.736'. [ 264.351959][ T8720] hsr_slave_1 (unregistering): left promiscuous mode [ 264.611778][ T8739] netlink: 20 bytes leftover after parsing attributes in process `syz.3.746'. [ 264.973713][ T8746] wg2 speed is unknown, defaulting to 1000 [ 266.104080][ T8754] loop3: detected capacity change from 0 to 512 [ 266.211047][ T8754] EXT4-fs error (device loop3): ext4_get_journal_inode:5820: comm syz.3.750: inode #2147418112: comm syz.3.750: iget: illegal inode # [ 266.488473][ T8754] EXT4-fs (loop3): no journal found [ 266.722301][ T8754] EXT4-fs (loop3): can't get journal size [ 267.017884][ T8754] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 267.118385][ T8754] EXT4-fs (loop3): Errors on filesystem, clearing orphan list. [ 267.138549][ T8754] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 267.254926][ T8762] loop2: detected capacity change from 0 to 256 [ 267.403339][ T8762] FAT-fs (loop2): Directory bread(block 64) failed [ 267.427149][ T8762] FAT-fs (loop2): Directory bread(block 65) failed [ 267.449345][ T8762] FAT-fs (loop2): Directory bread(block 66) failed [ 267.463897][ T8762] FAT-fs (loop2): Directory bread(block 67) failed [ 267.470730][ T8762] FAT-fs (loop2): Directory bread(block 68) failed [ 267.480929][ T8762] FAT-fs (loop2): Directory bread(block 69) failed [ 267.488727][ T8762] FAT-fs (loop2): Directory bread(block 70) failed [ 267.496765][ T8762] FAT-fs (loop2): Directory bread(block 71) failed [ 267.506494][ T8762] FAT-fs (loop2): Directory bread(block 72) failed [ 267.513203][ T8762] FAT-fs (loop2): Directory bread(block 73) failed [ 267.592945][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.761672][ T8764] bridge_slave_0: left allmulticast mode [ 267.767476][ T8764] bridge_slave_0: left promiscuous mode [ 267.777957][ T8764] bridge0: port 1(bridge_slave_0) entered disabled state [ 267.901667][ T8764] bridge_slave_1: left allmulticast mode [ 267.931476][ T8764] bridge_slave_1: left promiscuous mode [ 267.943108][ T8764] bridge0: port 2(bridge_slave_1) entered disabled state [ 267.985642][ T8764] bond0: (slave bond_slave_0): Releasing backup interface [ 268.019845][ T8764] bond0: (slave bond_slave_1): Releasing backup interface [ 268.050661][ T8764] team0: Port device team_slave_0 removed [ 268.065201][ T8764] team0: Port device team_slave_1 removed [ 268.071395][ T8764] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 268.081261][ T8771] loop2: detected capacity change from 0 to 512 [ 268.090655][ T8764] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 268.111608][ T8766] tipc: Enabled bearer , priority 0 [ 268.163243][ T8771] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 268.169807][ T8773] netlink: 20 bytes leftover after parsing attributes in process `syz.5.756'. [ 268.187078][ T8771] EXT4-fs (loop2): can't mount with data_err=abort, fs mounted w/o journal [ 268.535458][ T8780] netlink: 8 bytes leftover after parsing attributes in process `syz.3.759'. [ 268.881971][ T6324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.933967][ T8787] loop3: detected capacity change from 0 to 512 [ 268.992430][ T8787] EXT4-fs (loop3): 1 truncate cleaned up [ 268.999391][ T8787] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 269.144315][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 269.226396][ T5814] tipc: Node number set to 933495076 [ 269.248769][ T8797] loop3: detected capacity change from 0 to 1024 [ 269.256584][ T8797] EXT4-fs: Ignoring removed bh option [ 269.284314][ T8797] EXT4-fs (loop3): stripe (9) is not aligned with cluster size (16), stripe is disabled [ 269.326405][ T8797] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 269.553484][ T5814] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 269.570192][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.769041][ T5777] Bluetooth: hci0: Opcode 0x206a failed: -110 [ 270.775539][ T5777] Bluetooth: hci0: command 0x0c1a tx timeout [ 271.209234][ T8819] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only [ 271.265686][ T8819] loop4: detected capacity change from 0 to 512 [ 271.316307][ T8819] ext4: Unknown parameter 'smackfsroot' [ 273.249322][ T8837] loop5: detected capacity change from 0 to 1024 [ 273.266634][ T8835] loop4: detected capacity change from 0 to 4096 [ 273.478314][ T8837] EXT4-fs: Ignoring removed nomblk_io_submit option [ 273.512693][ T8835] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 273.521671][ T5814] usb 3-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 273.724432][ T5814] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 273.724461][ T5814] usb 3-1: Product: syz [ 273.724477][ T5814] usb 3-1: Manufacturer: syz [ 274.243143][ T5814] usb 3-1: can't set config #1, error -71 [ 274.301172][ T5814] usb 3-1: USB disconnect, device number 3 [ 274.319172][ T8837] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 274.343757][ T8835] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.458350][ T8837] netlink: 104 bytes leftover after parsing attributes in process `syz.5.779'. [ 274.569657][ T6324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.870679][ T8865] ubi: mtd0 is already attached to ubi0 [ 275.117335][ T8869] loop3: detected capacity change from 0 to 512 [ 275.282114][ T8869] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.786: invalid indirect mapped block 11 (level 0) [ 275.303375][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.442171][ T8869] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz.3.786: attempt to clear invalid blocks 1024 len 1 [ 275.486520][ T8869] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters [ 275.511662][ T8869] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.786: invalid indirect mapped block 1819239214 (level 0) [ 275.532364][ T8869] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.786: invalid indirect mapped block 33554432 (level 2) [ 275.552403][ T8869] EXT4-fs (loop3): 1 truncate cleaned up [ 275.591239][ T8869] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 276.374111][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.655245][ T8887] loop3: detected capacity change from 0 to 128 [ 276.710585][ T8887] ext4: Unknown parameter 'fsmagic' [ 276.726767][ T8888] loop5: detected capacity change from 0 to 512 [ 277.677889][ T8888] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 277.690532][ T8888] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 277.858780][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.875514][ T8892] loop4: detected capacity change from 0 to 512 [ 278.127549][ T8892] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 278.366974][ T8892] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 278.564759][ T6324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.807622][ T8903] loop4: detected capacity change from 0 to 128 [ 278.903745][ T5970] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 281.186261][ T8935] loop5: detected capacity change from 0 to 1024 [ 281.475925][ T8935] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 281.822631][ T8935] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 281.892179][ T8935] EXT4-fs error (device loop5): ext4_map_blocks:720: inode #15: comm syz.5.808: lblock 0 mapped to illegal pblock 0 (length 6) [ 281.947510][ T8935] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117 [ 281.974993][ T8942] loop4: detected capacity change from 0 to 512 [ 281.981339][ T8935] EXT4-fs (loop5): This should not happen!! Data will be lost [ 281.981339][ T8935] [ 282.000987][ T8942] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 282.076666][ T8942] EXT4-fs (loop4): 1 truncate cleaned up [ 282.092606][ T8444] EXT4-fs error (device loop5): ext4_map_blocks:720: inode #15: block 8: comm kworker/u4:24: lblock 8 mapped to illegal pblock 8 (length 8) [ 282.093771][ T8942] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 282.145208][ T8444] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 282.158244][ T8444] EXT4-fs (loop5): This should not happen!! Data will be lost [ 282.158244][ T8444] [ 282.179563][ T6342] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 282.303377][ T6324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.359715][ T8951] loop5: detected capacity change from 0 to 128 [ 282.447232][ T8951] FAT-fs (loop5): bogus logical sector size 0 [ 282.490594][ T8951] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 282.515441][ T8951] FAT-fs (loop5): Can't find a valid FAT filesystem [ 287.770972][ T8957] netlink: 4 bytes leftover after parsing attributes in process `syz.3.815'. [ 288.262945][ T8966] netlink: 12 bytes leftover after parsing attributes in process `syz.5.817'. [ 288.670890][ T8977] loop2: detected capacity change from 0 to 512 [ 288.684974][ T8977] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 288.716760][ T8977] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 288.730606][ T8977] ext4 filesystem being mounted at /197/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 288.762643][ T8977] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 288.781561][ T8977] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 33 with error 28 [ 288.795097][ T8977] EXT4-fs (loop2): This should not happen!! Data will be lost [ 288.795097][ T8977] [ 288.805308][ T8977] EXT4-fs (loop2): Total free blocks count 0 [ 288.811312][ T8977] EXT4-fs (loop2): Free/Dirty block details [ 288.817706][ T8977] EXT4-fs (loop2): free_blocks=65280 [ 288.823199][ T8977] EXT4-fs (loop2): dirty_blocks=33 [ 288.828743][ T8977] EXT4-fs (loop2): Block reservation details [ 288.838070][ T8977] EXT4-fs (loop2): i_reserved_data_blocks=33 [ 288.865100][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.920708][ T8983] loop8: detected capacity change from 0 to 7 [ 289.106276][ T8985] loop4: detected capacity change from 0 to 256 [ 289.123457][ T8985] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 289.284161][ T8991] loop4: detected capacity change from 0 to 128 [ 289.303490][ T8991] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 289.426610][ T8452] FAT-fs (loop4): error, invalid FAT chain (i_pos 548, last_block 8) [ 289.445279][ T8452] FAT-fs (loop4): Filesystem has been set read-only [ 289.452236][ T8452] FAT-fs (loop4): error, corrupted file size (i_pos 548, 522) [ 289.666217][ T8452] FAT-fs (loop4): error, corrupted file size (i_pos 548, 522) [ 290.546859][ T9012] loop4: detected capacity change from 0 to 1024 [ 290.563287][ T9012] EXT4-fs: Ignoring removed mblk_io_submit option [ 290.587614][ T9016] netlink: 28 bytes leftover after parsing attributes in process `syz.3.834'. [ 290.611824][ T9016] netlink: 28 bytes leftover after parsing attributes in process `syz.3.834'. [ 290.612013][ T9018] loop2: detected capacity change from 0 to 256 [ 290.646502][ T9012] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 290.677464][ T9012] ext4 filesystem being mounted at /168/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 290.709610][ T9012] EXT4-fs error (device loop4): ext4_free_blocks:6694: comm syz.4.836: Freeing blocks not in datazone - block = 0, count = 16 [ 290.752547][ T9012] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.836: bg 0: block 112: padding at end of block bitmap is not set [ 290.835448][ T9012] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6655: Corrupt filesystem [ 290.927377][ T6324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 292.015640][ T9047] loop4: detected capacity change from 0 to 1024 [ 292.056892][ T9047] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 292.059298][ T9050] loop2: detected capacity change from 0 to 1024 [ 292.123626][ T9047] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 292.141375][ T9050] EXT4-fs: Ignoring removed bh option [ 292.241855][ T9056] loop3: detected capacity change from 0 to 256 [ 292.265992][ T9050] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 293.018131][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 293.174702][ T6324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 293.241803][ T9068] syzkaller1: entered promiscuous mode [ 293.264660][ T9070] loop3: detected capacity change from 0 to 128 [ 293.280141][ T9068] syzkaller1: entered allmulticast mode [ 293.536114][ T9079] EXT4-fs error (device loop4): ext4_orphan_get:1404: inode #15: comm syz.4.856: inode has both inline data and extents flags [ 293.589543][ T9079] EXT4-fs error (device loop4): ext4_orphan_get:1409: comm syz.4.856: couldn't read orphan inode 15 (err -117) [ 293.604264][ T9079] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 293.689821][ T6324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 293.805140][ T9090] set_capacity_and_notify: 1 callbacks suppressed [ 293.805156][ T9090] loop4: detected capacity change from 0 to 1024 [ 293.814874][ T9092] loop2: detected capacity change from 0 to 256 [ 293.839041][ T9092] FAT-fs (loop2): Unrecognized mount option "uid=" or missing value [ 293.842622][ T9090] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869) [ 293.860644][ T9092] netlink: 12 bytes leftover after parsing attributes in process `syz.2.861'. [ 293.868190][ T9090] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 293.951758][ T9090] EXT4-fs (loop4): invalid journal inode [ 293.970528][ T9090] EXT4-fs (loop4): can't get journal size [ 293.980530][ T9090] EXT4-fs error (device loop4): ext4_map_blocks:610: inode #3: block 17104912: comm syz.4.860: lblock 2 mapped to illegal pblock 17104912 (length 1) [ 294.011788][ T9090] EXT4-fs (loop4): failed to initialize system zone (-117) [ 294.133259][ T9090] EXT4-fs (loop4): mount failed [ 294.307675][ T9106] loop2: detected capacity change from 0 to 128 [ 294.327461][ T9106] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 294.348667][ T9106] ext4 filesystem being mounted at /214/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 294.399499][ T5772] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 294.490721][ T9111] IPVS: set_ctl: invalid protocol: 43 172.30.1.6:20003 [ 294.517609][ T9113] loop2: detected capacity change from 0 to 128 [ 294.539782][ T9113] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 294.587731][ T9113] ext4 filesystem being mounted at /215/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 294.629655][ T9113] netlink: 12 bytes leftover after parsing attributes in process `syz.2.867'. [ 294.643515][ T9113] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 294.702099][ T5772] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 296.058754][ T9136] syzkaller0: entered promiscuous mode [ 296.066373][ T9136] syzkaller0: entered allmulticast mode [ 296.352153][ T5786] Bluetooth: hci0: Malformed LE Event: 0x1d [ 297.428455][ T9158] syzkaller0: entered promiscuous mode [ 297.446417][ T9158] syzkaller0: entered allmulticast mode [ 297.524889][ T9158] tipc: Enabled bearer , priority 0 [ 297.612614][ T9158] tipc: Resetting bearer [ 297.620521][ T9157] tipc: Resetting bearer [ 298.217446][ T9157] tipc: Disabling bearer [ 298.270663][ T9165] netlink: 'syz.5.883': attribute type 10 has an invalid length. [ 298.289226][ T9165] 8021q: adding VLAN 0 to HW filter on device bond0 [ 298.300994][ T9165] team0: Port device bond0 added [ 298.589982][ T9178] netlink: 20 bytes leftover after parsing attributes in process `syz.5.889'. [ 298.607159][ C0] ------------[ cut here ]------------ [ 298.613119][ C0] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0xfff with flags 0x20 [ 298.624082][ C0] WARNING: CPU: 0 PID: 5761 at net/mac80211/rate.c:385 __rate_control_send_low+0x635/0x880 [ 298.634166][ C0] Modules linked in: [ 298.638111][ C0] CPU: 0 PID: 5761 Comm: syz-executor Not tainted syzkaller #0 [ 298.645811][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 298.655931][ C0] RIP: 0010:__rate_control_send_low+0x635/0x880 [ 298.662209][ C0] Code: 30 42 0f b6 04 28 84 c0 0f 85 e6 01 00 00 41 8b 0e 48 c7 c7 00 40 df 8b 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 cb d6 52 f7 <0f> 0b e9 78 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fa ff [ 298.681892][ C0] RSP: 0018:ffffc900000075e0 EFLAGS: 00010246 [ 298.688032][ C0] RAX: 249c267fb0e6f900 RBX: 000000000000000c RCX: ffff88802510da00 [ 298.696074][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002 [ 298.704097][ C0] RBP: 0000000000000084 R08: ffffc900000072e7 R09: 1ffff92000000e5c [ 298.712098][ C0] R10: dffffc0000000000 R11: fffff52000000e5d R12: 0000000000000020 [ 298.720134][ C0] R13: dffffc0000000000 R14: ffff88805c8bb3b8 R15: ffff8880229ddb68 [ 298.728162][ C0] FS: 000055557fae7500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 298.737160][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 298.743800][ C0] CR2: 0000555574cd1a38 CR3: 00000000789e4000 CR4: 00000000003506f0 [ 298.751830][ C0] Call Trace: [ 298.755185][ C0] [ 298.758157][ C0] rate_control_send_low+0x194/0x790 [ 298.763532][ C0] rate_control_get_rate+0x20b/0x5d0 [ 298.768868][ C0] ieee80211_beacon_get_finish+0x3a2/0x6e0 [ 298.774756][ C0] ? ieee80211_set_beacon_cntdwn+0x660/0x660 [ 298.780766][ C0] ? __local_bh_enable_ip+0x13a/0x1c0 [ 298.786214][ C0] ? _local_bh_enable+0xa0/0xa0 [ 298.791097][ C0] ieee80211_beacon_get_ap+0x15a7/0x1b20 [ 298.796811][ C0] ? ieee80211_tx_8023+0x3c0/0x3c0 [ 298.801986][ C0] ? read_lock_is_recursive+0x20/0x20 [ 298.807434][ C0] ? __ieee80211_beacon_get+0x36/0x1600 [ 298.813057][ C0] __ieee80211_beacon_get+0x10eb/0x1600 [ 298.818649][ C0] ? __ieee80211_beacon_get+0x36/0x1600 [ 298.824271][ C0] ieee80211_beacon_get_tim+0xbf/0x580 [ 298.829782][ C0] ? ieee80211_beacon_get_template_ema_list+0x90/0x90 [ 298.836603][ C0] mac80211_hwsim_beacon_tx+0x3c7/0x780 [ 298.842171][ C0] __iterate_interfaces+0x243/0x500 [ 298.847428][ C0] ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0 [ 298.853738][ C0] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 298.860951][ C0] ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0 [ 298.867250][ C0] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 298.874330][ C0] mac80211_hwsim_beacon+0xbb/0x1b0 [ 298.879559][ C0] __hrtimer_run_queues+0x520/0xc40 [ 298.884802][ C0] ? ktime_get_update_offsets_now+0x99/0x3f0 [ 298.890795][ C0] ? hw_scan_work+0xf60/0xf60 [ 298.895492][ C0] ? hrtimer_interrupt+0x9c0/0x9c0 [ 298.900595][ C0] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 298.906681][ C0] hrtimer_run_softirq+0x187/0x2b0 [ 298.911787][ C0] handle_softirqs+0x280/0x820 [ 298.916586][ C0] ? do_softirq+0xfa/0x1a0 [ 298.921019][ C0] ? do_softirq+0x1a0/0x1a0 [ 298.925562][ C0] ? tcp_recvmsg+0x214/0x860 [ 298.930170][ C0] do_softirq+0xfa/0x1a0 [ 298.934444][ C0] [ 298.937384][ C0] [ 298.940307][ C0] ? __local_bh_enable_ip+0x1c0/0x1c0 [ 298.945734][ C0] ? lockdep_hardirqs_on_prepare+0x770/0x770 [ 298.951735][ C0] ? rcu_is_watching+0x15/0xb0 [ 298.956537][ C0] __local_bh_enable_ip+0x184/0x1c0 [ 298.961755][ C0] ? _local_bh_enable+0xa0/0xa0 [ 298.966650][ C0] ? tcp_recvmsg+0x214/0x860 [ 298.971267][ C0] tcp_recvmsg+0x214/0x860 [ 298.975742][ C0] ? tcp_recv_timestamp+0x720/0x720 [ 298.980956][ C0] ? aa_sk_perm+0x83c/0x970 [ 298.985504][ C0] ? sock_rps_record_flow+0x19/0x3f0 [ 298.990818][ C0] inet_recvmsg+0x140/0x1f0 [ 298.995390][ C0] ? inet_splice_eof+0x2e0/0x2e0 [ 299.000358][ C0] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 299.005711][ C0] ? security_socket_recvmsg+0x89/0xb0 [ 299.011196][ C0] sock_read_iter+0x2d9/0x3e0 [ 299.015907][ C0] ? kernel_sock_ip_overhead+0x5a0/0x5a0 [ 299.021535][ C0] ? common_file_perm+0x198/0x1f0 [ 299.026578][ C0] vfs_read+0x46a/0x970 [ 299.030733][ C0] ? kernel_read+0x1e0/0x1e0 [ 299.035331][ C0] ? rcu_is_watching+0x15/0xb0 [ 299.040092][ C0] ? sigprocmask+0x190/0x190 [ 299.044694][ C0] ? __fdget_pos+0x1d8/0x330 [ 299.049281][ C0] ksys_read+0x150/0x260 [ 299.053547][ C0] ? vfs_write+0x990/0x990 [ 299.057992][ C0] ? lockdep_hardirqs_on+0x98/0x150 [ 299.063242][ C0] do_syscall_64+0x55/0xb0 [ 299.067672][ C0] ? clear_bhb_loop+0x40/0x90 [ 299.072373][ C0] ? clear_bhb_loop+0x40/0x90 [ 299.077126][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 299.083057][ C0] RIP: 0033:0x7f7491b57fd7 [ 299.087643][ C0] Code: 48 89 fa 4c 89 df e8 a8 56 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 299.107305][ C0] RSP: 002b:00007ffc06851ae0 EFLAGS: 00000202 ORIG_RAX: 0000000000000000 [ 299.115771][ C0] RAX: ffffffffffffffda RBX: 000055557fae7500 RCX: 00007f7491b57fd7 [ 299.123792][ C0] RDX: 0000000000000004 RSI: 00007ffc06851b3c RDI: 0000000000000003 [ 299.131780][ C0] RBP: 00007ffc06851fe0 R08: 0000000000000000 R09: 0000000000000000 [ 299.139807][ C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000004 [ 299.147820][ C0] R13: 00007ffc06851b3c R14: 00007ffc06851bd0 R15: 0000000000000000 [ 299.155872][ C0] [ 299.158897][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 299.166183][ C0] CPU: 0 PID: 5761 Comm: syz-executor Not tainted syzkaller #0 [ 299.173714][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 299.183758][ C0] Call Trace: [ 299.187026][ C0] [ 299.189858][ C0] dump_stack_lvl+0x18c/0x250 [ 299.194543][ C0] ? show_regs_print_info+0x20/0x20 [ 299.199750][ C0] ? load_image+0x420/0x420 [ 299.204265][ C0] panic+0x2dc/0x730 [ 299.208180][ C0] ? bpf_jit_dump+0xd0/0xd0 [ 299.212711][ C0] __warn+0x2e0/0x470 [ 299.216705][ C0] ? __rate_control_send_low+0x635/0x880 [ 299.222335][ C0] ? __rate_control_send_low+0x635/0x880 [ 299.227976][ C0] report_bug+0x2be/0x4f0 [ 299.232301][ C0] ? __rate_control_send_low+0x635/0x880 [ 299.237975][ C0] ? __rate_control_send_low+0x635/0x880 [ 299.243597][ C0] ? __rate_control_send_low+0x637/0x880 [ 299.249228][ C0] handle_bug+0xcf/0x120 [ 299.253473][ C0] exc_invalid_op+0x1a/0x50 [ 299.257983][ C0] asm_exc_invalid_op+0x1a/0x20 [ 299.262834][ C0] RIP: 0010:__rate_control_send_low+0x635/0x880 [ 299.269821][ C0] Code: 30 42 0f b6 04 28 84 c0 0f 85 e6 01 00 00 41 8b 0e 48 c7 c7 00 40 df 8b 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 cb d6 52 f7 <0f> 0b e9 78 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fa ff [ 299.289426][ C0] RSP: 0018:ffffc900000075e0 EFLAGS: 00010246 [ 299.295487][ C0] RAX: 249c267fb0e6f900 RBX: 000000000000000c RCX: ffff88802510da00 [ 299.303446][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002 [ 299.311405][ C0] RBP: 0000000000000084 R08: ffffc900000072e7 R09: 1ffff92000000e5c [ 299.319367][ C0] R10: dffffc0000000000 R11: fffff52000000e5d R12: 0000000000000020 [ 299.327327][ C0] R13: dffffc0000000000 R14: ffff88805c8bb3b8 R15: ffff8880229ddb68 [ 299.335310][ C0] rate_control_send_low+0x194/0x790 [ 299.340600][ C0] rate_control_get_rate+0x20b/0x5d0 [ 299.345885][ C0] ieee80211_beacon_get_finish+0x3a2/0x6e0 [ 299.351685][ C0] ? ieee80211_set_beacon_cntdwn+0x660/0x660 [ 299.357652][ C0] ? __local_bh_enable_ip+0x13a/0x1c0 [ 299.363027][ C0] ? _local_bh_enable+0xa0/0xa0 [ 299.367878][ C0] ieee80211_beacon_get_ap+0x15a7/0x1b20 [ 299.373521][ C0] ? ieee80211_tx_8023+0x3c0/0x3c0 [ 299.378649][ C0] ? read_lock_is_recursive+0x20/0x20 [ 299.384018][ C0] ? __ieee80211_beacon_get+0x36/0x1600 [ 299.389564][ C0] __ieee80211_beacon_get+0x10eb/0x1600 [ 299.395111][ C0] ? __ieee80211_beacon_get+0x36/0x1600 [ 299.400661][ C0] ieee80211_beacon_get_tim+0xbf/0x580 [ 299.406120][ C0] ? ieee80211_beacon_get_template_ema_list+0x90/0x90 [ 299.412889][ C0] mac80211_hwsim_beacon_tx+0x3c7/0x780 [ 299.418442][ C0] __iterate_interfaces+0x243/0x500 [ 299.423636][ C0] ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0 [ 299.429872][ C0] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 299.437061][ C0] ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0 [ 299.443384][ C0] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 299.450401][ C0] mac80211_hwsim_beacon+0xbb/0x1b0 [ 299.455604][ C0] __hrtimer_run_queues+0x520/0xc40 [ 299.460791][ C0] ? ktime_get_update_offsets_now+0x99/0x3f0 [ 299.466774][ C0] ? hw_scan_work+0xf60/0xf60 [ 299.471450][ C0] ? hrtimer_interrupt+0x9c0/0x9c0 [ 299.476553][ C0] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 299.482618][ C0] hrtimer_run_softirq+0x187/0x2b0 [ 299.487724][ C0] handle_softirqs+0x280/0x820 [ 299.492482][ C0] ? do_softirq+0xfa/0x1a0 [ 299.496892][ C0] ? do_softirq+0x1a0/0x1a0 [ 299.501390][ C0] ? tcp_recvmsg+0x214/0x860 [ 299.505973][ C0] do_softirq+0xfa/0x1a0 [ 299.510213][ C0] [ 299.513135][ C0] [ 299.516058][ C0] ? __local_bh_enable_ip+0x1c0/0x1c0 [ 299.521420][ C0] ? lockdep_hardirqs_on_prepare+0x770/0x770 [ 299.527396][ C0] ? rcu_is_watching+0x15/0xb0 [ 299.532156][ C0] __local_bh_enable_ip+0x184/0x1c0 [ 299.537346][ C0] ? _local_bh_enable+0xa0/0xa0 [ 299.542188][ C0] ? tcp_recvmsg+0x214/0x860 [ 299.546768][ C0] tcp_recvmsg+0x214/0x860 [ 299.551182][ C0] ? tcp_recv_timestamp+0x720/0x720 [ 299.556373][ C0] ? aa_sk_perm+0x83c/0x970 [ 299.560870][ C0] ? sock_rps_record_flow+0x19/0x3f0 [ 299.566154][ C0] inet_recvmsg+0x140/0x1f0 [ 299.570657][ C0] ? inet_splice_eof+0x2e0/0x2e0 [ 299.575592][ C0] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 299.580869][ C0] ? security_socket_recvmsg+0x89/0xb0 [ 299.586322][ C0] sock_read_iter+0x2d9/0x3e0 [ 299.590999][ C0] ? kernel_sock_ip_overhead+0x5a0/0x5a0 [ 299.596636][ C0] ? common_file_perm+0x198/0x1f0 [ 299.601660][ C0] vfs_read+0x46a/0x970 [ 299.605817][ C0] ? kernel_read+0x1e0/0x1e0 [ 299.610396][ C0] ? rcu_is_watching+0x15/0xb0 [ 299.615163][ C0] ? sigprocmask+0x190/0x190 [ 299.619748][ C0] ? __fdget_pos+0x1d8/0x330 [ 299.624332][ C0] ksys_read+0x150/0x260 [ 299.628572][ C0] ? vfs_write+0x990/0x990 [ 299.632983][ C0] ? lockdep_hardirqs_on+0x98/0x150 [ 299.638184][ C0] do_syscall_64+0x55/0xb0 [ 299.642590][ C0] ? clear_bhb_loop+0x40/0x90 [ 299.647254][ C0] ? clear_bhb_loop+0x40/0x90 [ 299.651919][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 299.657806][ C0] RIP: 0033:0x7f7491b57fd7 [ 299.662213][ C0] Code: 48 89 fa 4c 89 df e8 a8 56 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 299.681809][ C0] RSP: 002b:00007ffc06851ae0 EFLAGS: 00000202 ORIG_RAX: 0000000000000000 [ 299.690212][ C0] RAX: ffffffffffffffda RBX: 000055557fae7500 RCX: 00007f7491b57fd7 [ 299.698171][ C0] RDX: 0000000000000004 RSI: 00007ffc06851b3c RDI: 0000000000000003 [ 299.706130][ C0] RBP: 00007ffc06851fe0 R08: 0000000000000000 R09: 0000000000000000 [ 299.714092][ C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000004 [ 299.722055][ C0] R13: 00007ffc06851b3c R14: 00007ffc06851bd0 R15: 0000000000000000 [ 299.730033][ C0] [ 299.733182][ C0] Kernel Offset: disabled [ 299.737532][ C0] Rebooting in 86400 seconds..